Received: by 2002:ac8:71d8:0:b0:40f:fb00:664b with SMTP id i24csp191036qtp; Fri, 4 Aug 2023 08:12:04 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHnxYRypUJc0XYU44CufCNq1YUIzQiLGyaK/ugik5R4iPIfjJ8C/Hj6vkrD79MQNL9ISAwW X-Received: by 2002:a05:6a20:650:b0:12f:bb22:ad3b with SMTP id 16-20020a056a20065000b0012fbb22ad3bmr1590577pzm.62.1691161923889; Fri, 04 Aug 2023 08:12:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691161923; cv=none; d=google.com; s=arc-20160816; b=eMh+mqQWIF03Js24xllKs7F4q/cze7nocMEFq9BbJstpdOG+tEYen9kLd4ZSGeI6iC LZMwxGc7R8Rjph1SrPAXHEMjOnr6VsVyyzyRuFnQl7b4laT5oguaLIZHhRphjrA/wsMA go+0eS1HuDF/7YPe1B+SsovwxgKjGbcAmPJmKe4YJYfEy37cKX7rCx/EuuDU/YlRVVA4 nkqPyPc2GJUJwYm+KnYLuTYCtC/Xo5coyTyqDE/4tY2VN+E08YLbLQlWKmZLrCYdne63 cstvwxHQvzNtPv/YbRi2sGX9L0Yo6M8tp7ED91Kvq8cV5Lc+SZMg4sBblKUYwE7ujCS4 9wAw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-transfer-encoding :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=U41+dIrraFNkCHK9GNQnAx0ow3J5/wmi1cmcq1/kem8=; fh=/c/iz1Z0DLHkL/lWFPu1eYMRzeFNIPCmshx2KQFk7mo=; b=yqJkQLAWc1pdMl+gpLrjbOLrTOCifdS9bkh9TzbItWp1NZ4/w3Rspa47mMbNxGHx0/ Ipy5WePMMgZUXZeXz4t4IamPtzeGW/v2Es50+EbbVhVZtS+JSeoVKnVaM1pxzZlofklN odCBEhpUXfzQVSupb1LZFVJ7OPflBQBUZSL/jgcivtX3yRGRBoc6eWGYACdr40jxtWR7 aEx6VAyXIobLjnLlZlOqtSbi/Zrl84sYXAbHUSD15i8kFQjcULaf4Br7t41GX8+qgi/7 dfDKqH2xf1Ga+HGCNO/15+NF2UYFg9u8ZT0V1p2trSCJjFHb1MvJ5CIXWTprrygMh683 MF4w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b="Gn/4lcbK"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id s22-20020a63f056000000b005600a533c77si1849337pgj.182.2023.08.04.08.11.21; Fri, 04 Aug 2023 08:12:03 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b="Gn/4lcbK"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231512AbjHDOyL (ORCPT + 99 others); Fri, 4 Aug 2023 10:54:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38422 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229714AbjHDOyK (ORCPT ); Fri, 4 Aug 2023 10:54:10 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 697C6AC; Fri, 4 Aug 2023 07:54:09 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 04F356202B; Fri, 4 Aug 2023 14:54:09 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 923CDC433C7; Fri, 4 Aug 2023 14:54:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1691160848; bh=/A3qS41Wbg0RJTKLzWIKOhvA9E5C5Eirh8hdQs8lvD0=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=Gn/4lcbKDD8CK/J/jQjQifgr4sKQVpXQDkRtMiztsFC3EnM1y52AJDoCU7rO7heYX bXNm1j4dSQkKbfrV/la/TCWgiBCoPDhR/fJDI0C+5tM/d5WA5wTCxqN71ECdO8ysft tHm/2LN1RYouF4qBn3PwY2v/3mrEY6cW0HRcdxU+g1t1uqo3+m3VhMveBlVWDKcrGB 9jeWh4z2yc7AJ781ROdN6l4R7O4+dVWSJCVJSy4LU6rCTvdfDKYmx9kW0z3z1yLp/f hBXUqstV9DgRJLJc+YRbiJ4qOjcE7sJ1FgnG62Bd1AccRso7W+mq4PR+UYZWgRtCbS M7+z5GbUrI9XA== Date: Fri, 4 Aug 2023 16:54:03 +0200 From: Christian Brauner To: Alexander Mikhalitsyn Cc: xiubli@redhat.com, stgraber@ubuntu.com, linux-fsdevel@vger.kernel.org, Jeff Layton , Ilya Dryomov , ceph-devel@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v9 04/12] ceph: add enable_unsafe_idmap module parameter Message-ID: <20230804-erdtrabanten-mitunter-12aa02867edc@brauner> References: <20230804084858.126104-1-aleksandr.mikhalitsyn@canonical.com> <20230804084858.126104-5-aleksandr.mikhalitsyn@canonical.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20230804084858.126104-5-aleksandr.mikhalitsyn@canonical.com> X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Aug 04, 2023 at 10:48:50AM +0200, Alexander Mikhalitsyn wrote: > This parameter is used to decide if we allow > to perform IO on idmapped mount in case when MDS lacks > support of CEPHFS_FEATURE_HAS_OWNER_UIDGID feature. > > In this case we can't properly handle MDS permission > checks and if UID/GID-based restrictions are enabled > on the MDS side then IO requests which go through an > idmapped mount may fail with -EACCESS/-EPERM. > Fortunately, for most of users it's not a case and > everything should work fine. But we put work "unsafe" > in the module parameter name to warn users about > possible problems with this feature and encourage > update of cephfs MDS. > > Cc: Xiubo Li > Cc: Jeff Layton > Cc: Ilya Dryomov > Cc: ceph-devel@vger.kernel.org > Suggested-by: Stéphane Graber > Signed-off-by: Alexander Mikhalitsyn > --- Seems good enough, Acked-by: Christian Brauner