From mboxrd@z Thu Jan 1 00:00:00 1970 From: Greg Kroah-Hartman Subject: Re: [CFT][PATCH 00/10] Making new mounts of proc and sysfs as safe as bind mounts (take 2) Date: Thu, 4 Jun 2015 14:19:58 +0900 Message-ID: <20150604051958.GA21049@kroah.com> References: <20150528140839.GD28842@ubuntumail> <87lhg8pwvz.fsf@x220.int.ebiederm.org> <87fv6gikfn.fsf@x220.int.ebiederm.org> <87fv6g80g7.fsf@x220.int.ebiederm.org> <87k2vkebri.fsf@x220.int.ebiederm.org> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: Content-Disposition: inline In-Reply-To: <87k2vkebri.fsf-JOvCrm2gF+uungPnsOpG7nhyD016LWXt@public.gmane.org> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: containers-bounces-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org Errors-To: containers-bounces-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org To: "Eric W. Biederman" Cc: Seth Forshee , Linux API , Linux Containers , Serge Hallyn , Andy Lutomirski , Kenton Varda , Michael Kerrisk-manpages , Richard Weinberger , Linux FS Devel , Tejun Heo List-Id: containers.vger.kernel.org On Wed, Jun 03, 2015 at 04:13:21PM -0500, Eric W. Biederman wrote: > Andy Lutomirski writes: > > > One option would be to break the nosuid, nodev, and noexec parts into > > their own patch and then avoid tagging that patch for -stable if at > > all possible. It would be nice to avoid another -stable ABI break if > > at all possible. > > So I don't think we actually have anything that could be called an ABI > break in the whole mess, but it is definitely a behavioral change that > is a regression for lxc and libvirt-lxc that prevents them from starting. > > nodev does not actually matter because of the implicit silliness that > is being added right now. > > We do want those programs fixed and after those programs are fixed we > can safely begin failing mount when those attributes are being cleared > in a fresh mount. > > So it looks to me like the best thing to do is to print a warning > whenever lxc or libvirt-lxc gets it wrong, which should ensure the > authors are sufficiently pestered that in a kernel release or 3 we can > begin enforcing those attributes. Especially as the discussion on the > fix for those applications has already begun. "pestering" never works, look at some of the SCSI drivers for examples of how a distro will just patch out the "warning this driver is using an old api and needs to be fixed" messages. You can't break stuff like this, people will get upset :( greg k-h