From: "Serge E. Hallyn" <serge.hallyn@canonical.com>
To: Andreas Dilger <adilger@dilger.ca>
Cc: "Andrew G. Morgan" <morgan@kernel.org>,
"Serge E. Hallyn" <serge.hallyn@canonical.com>,
Chris Mason <chris.mason@oracle.com>,
linux-fsdevel@vger.kernel.org
Subject: Re: remove_suid bangs on xattrs
Date: Thu, 2 Sep 2010 11:02:05 -0500 [thread overview]
Message-ID: <20100902160205.GA21495@hallyn.com> (raw)
In-Reply-To: <5E83F6C3-2B1E-4FBF-960C-27364528813C@dilger.ca>
Quoting Andreas Dilger (adilger@dilger.ca):
> On 2010-08-19, at 23:31, Andrew G. Morgan wrote:
> > Lots of small writes to 'any' file also tends to bang on this code.
> > I've been wondering if it might make sense to cache, in the inode,
> > that a file does *not* have any capabilities associated with it. That
> > way the kernel wouldn't need to look up the xattrs twice for the same
> > incapable file - which is, by far, the common case.
>
> That would be a blessing. I see a steady stream of
> getxattr("security.capability") requests, and being able to disable this
Do you think it would help at all to add a S_NO_POSIXCAPS
to i_flags, and set that the first time we find that
getxattr("security.capability") finds no capabilities?
I.e. are these requests frequently for the same inode, or
always for new ones?
> (possibly even in the superblock with a flag) would avoid expensive RPCs on a
> network filesystem.
Hmm, as it is, the get_vfs_caps_from_disk() does not get called
if MNT_NOSUID. But the cap_inode_need_killpriv() does, so a
quick way to reduce that # for you would be to pass the inode
to security_inode_need_killpriv (so it can get to mnt), and
have that check for MNT_NOSUID, and then you can mount your
network fs's with MNT_NOSUID... Would that help you?
-serge
next prev parent reply other threads:[~2010-09-02 16:02 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-08-16 19:38 remove_suid bangs on xattrs Chris Mason
2010-08-16 19:44 ` Chris Mason
2010-08-18 2:41 ` Serge E. Hallyn
2010-08-20 5:31 ` Andrew G. Morgan
2010-08-20 12:25 ` Serge E. Hallyn
[not found] ` <5E83F6C3-2B1E-4FBF-960C-27364528813C@dilger.ca>
2010-09-02 16:02 ` Serge E. Hallyn [this message]
2010-09-02 21:01 ` Andreas Dilger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20100902160205.GA21495@hallyn.com \
--to=serge.hallyn@canonical.com \
--cc=adilger@dilger.ca \
--cc=chris.mason@oracle.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=morgan@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.