Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755170AbYHRQpa (ORCPT ); Mon, 18 Aug 2008 12:45:30 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1752730AbYHRQpX (ORCPT ); Mon, 18 Aug 2008 12:45:23 -0400 Received: from mx1.redhat.com ([66.187.233.31]:57498 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752724AbYHRQpW (ORCPT ); Mon, 18 Aug 2008 12:45:22 -0400 Date: Mon, 18 Aug 2008 12:43:39 -0400 From: Rik van Riel To: Alan Cox Cc: Eric Paris , Arjan van de Ven , Jan Harkes , "Press, Jonathan" , peterz@infradead.org, linux-kernel@vger.kernel.org, malware-list@lists.printk.net, hch@infradead.org, andi@firstfloor.org, viro@ZenIV.linux.org.uk Subject: Re: [malware-list] TALPA - a threat model? well sorta. Message-ID: <20080818124339.4b65b6c0@riellaptop.surriel.com> In-Reply-To: <20080818163313.72927af7@lxorguk.ukuu.org.uk> References: <1218645375.3540.71.camel@localhost.localdomain> <20080813172437.3ed90b0d@lxorguk.ukuu.org.uk> <1218646065.3540.75.camel@localhost.localdomain> <20080813173722.13c9c306@lxorguk.ukuu.org.uk> <1218646833.3540.82.camel@localhost.localdomain> <20080813205906.559d3f37@lxorguk.ukuu.org.uk> <2629CC4E1D22A64593B02C43E855530304AE4BC2@USILMS12.ca.com> <20080813173529.7069b5f1@cuia.bos.redhat.com> <20080815201622.GD31584@cs.cmu.edu> <20080815150509.20ffb91d@infradead.org> <1219015177.27389.1.camel@localhost.localdomain> <20080818163313.72927af7@lxorguk.ukuu.org.uk> Organization: Red Hat, Inc X-Mailer: Claws Mail 3.5.0 (GTK+ 2.12.11; i386-redhat-linux-gnu) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1385 Lines: 38 On Mon, 18 Aug 2008 16:33:13 +0100 Alan Cox wrote: > > I could probably buy that, but I don't know how an HSM would work. > > Would we have everything we need at open for them to fire off? > > > > /me is HSM clueless and trying to include their needs is proving a > > challenge. > > So don't bother. Its a theoretical use for the most part so we can > mangle the interface later. Think of a consumer HSM application: backup to rsync.net or Amazon S3. Instead of waiting for the whole backup to be restored, you can start using the filesystem immediately. The block-on-open hook can be used by the restore program to fetch files from the remote backup site on an as-needed basis, with a full restore going on in the background. If the block-on-open hook can be used for that (even with additional magic, like creating empty HSM inodes with a special attr to notify "the data lives elsewhere"), HSM should be good. The "data lives elsewhere" bit/xattr/whatever could also be used on directories, so not even the whole directory tree would have to be restored right on restore :) -- All rights reversed. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/