From: Nigel Cunningham <nigel-MhVfhJ0qHmuWn91e4EydUaxOck334EZe@public.gmane.org>
To: Miklos Szeredi <miklos-sUDqSbJrdHQHWmgEVkV9KA@public.gmane.org>
Cc: pavel-+ZI9xUNit7I@public.gmane.org,
akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org,
hch-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org,
serue-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org,
viro-rfM+Q5joDG/XmaaqVzeoHQ@public.gmane.org,
ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org,
kzak-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org,
linux-fsdevel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
containers-qjLDD68F18O7TbgM5vRIOg@public.gmane.org,
util-linux-ng-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
Subject: Re: [patch 7/9] unprivileged mounts: allow unprivileged fuse mounts
Date: Wed, 09 Jan 2008 20:29:24 +1100 [thread overview]
Message-ID: <478493F4.2040602@nigel.suspend2.net> (raw)
In-Reply-To: <E1JCWax-0005Ck-Kg-8f8m9JG5TPIdUIPVzhDTVZP2KDSNp7ea@public.gmane.org>
Hi.
Miklos Szeredi wrote:
>>>> On Tue 2008-01-08 12:35:09, Miklos Szeredi wrote:
>>>>> From: Miklos Szeredi <mszeredi-AlSwsSmVLrQ@public.gmane.org>
>>>>>
>>>>> Use FS_SAFE for "fuse" fs type, but not for "fuseblk".
>>>>>
>>>>> FUSE was designed from the beginning to be safe for unprivileged users. This
>>>>> has also been verified in practice over many years. In addition unprivileged
>>>> Eh? So 'kill -9 no longer works' and 'suspend no longer works' is not
>>>> considered important enough to even mention?
>>> No. Because in practice they don't seem to matter. Also because
>>> there's no way in which fuse could be done differently to address
>>> these issues.
>> Could you clarify, please? I hope I'm getting the wrong end of the stick
>> - it sounds to me like you and Pavel are saying that this patch breaks
>> suspending to ram (and hibernating?) but you want to push it anyway
>> because you haven't been able to produce an instance, don't think
>> suspending or hibernating matter and couldn't fix fuse anyway?
>
> This patch has nothing to do with suspend or hibernate. What this
> patchset does, is help get rid of fusermount, a suid-root mount
> helper. It also opens up new possibilities, which are not fuse
> related.
That's what I thought. So what was Pavel talking about with "kill -9 no
longer works" and "suspend no longer works" above? I couldn't understand
it from the context.
> Fuse has bad interactions with the freezer, theoretically. In
> practice, I remember just one bug report (that sparked off this whole
> "do we need freezer, or don't we" flamefest), that actually got fixed
> fairly quickly, ...maybe. Rafael probably remembers better.
I think they just gave up and considered it unsolvable. I'm not sure it is.
>>> The 'kill -9' thing is basically due to VFS level locking not being
>>> interruptible. It could be changed, but I'm not sure it's worth it.
>>>
>>> For the suspend issue, there are also no easy solutions.
>> What are the non-easy solutions?
>
> The ability to freeze tasks in uninterruptible sleep, or more
> generally at any preempt point (except when drivers are poking
> hardware).
Couldn't some sort of scheduler based solution deal with the
uninterruptible sleeping case?
> I know this doesn't play well with userspace hibernate, and I don't
> think it can be resolved without going the kexec way.
I can see the desirability of kexec when it comes to avoiding the
freezer, but comes with its own problems too - having the original
context usable is handy, not having to set aside a large amount of space
for a second kernel is also desirable and there are still greater issues
of transferring information backwards and forwards between the two kernels.
Regards,
Nigel
WARNING: multiple messages have this Message-ID (diff)
From: Nigel Cunningham <nigel@nigel.suspend2.net>
To: Miklos Szeredi <miklos@szeredi.hu>
Cc: pavel@ucw.cz, akpm@linux-foundation.org, hch@infradead.org,
serue@us.ibm.com, viro@ftp.linux.org.uk, ebiederm@xmission.com,
kzak@redhat.com, linux-fsdevel@vger.kernel.org,
linux-kernel@vger.kernel.org, containers@lists.osdl.org,
util-linux-ng@vger.kernel.org
Subject: Re: [patch 7/9] unprivileged mounts: allow unprivileged fuse mounts
Date: Wed, 09 Jan 2008 20:29:24 +1100 [thread overview]
Message-ID: <478493F4.2040602@nigel.suspend2.net> (raw)
In-Reply-To: <E1JCWax-0005Ck-Kg@pomaz-ex.szeredi.hu>
Hi.
Miklos Szeredi wrote:
>>>> On Tue 2008-01-08 12:35:09, Miklos Szeredi wrote:
>>>>> From: Miklos Szeredi <mszeredi@suse.cz>
>>>>>
>>>>> Use FS_SAFE for "fuse" fs type, but not for "fuseblk".
>>>>>
>>>>> FUSE was designed from the beginning to be safe for unprivileged users. This
>>>>> has also been verified in practice over many years. In addition unprivileged
>>>> Eh? So 'kill -9 no longer works' and 'suspend no longer works' is not
>>>> considered important enough to even mention?
>>> No. Because in practice they don't seem to matter. Also because
>>> there's no way in which fuse could be done differently to address
>>> these issues.
>> Could you clarify, please? I hope I'm getting the wrong end of the stick
>> - it sounds to me like you and Pavel are saying that this patch breaks
>> suspending to ram (and hibernating?) but you want to push it anyway
>> because you haven't been able to produce an instance, don't think
>> suspending or hibernating matter and couldn't fix fuse anyway?
>
> This patch has nothing to do with suspend or hibernate. What this
> patchset does, is help get rid of fusermount, a suid-root mount
> helper. It also opens up new possibilities, which are not fuse
> related.
That's what I thought. So what was Pavel talking about with "kill -9 no
longer works" and "suspend no longer works" above? I couldn't understand
it from the context.
> Fuse has bad interactions with the freezer, theoretically. In
> practice, I remember just one bug report (that sparked off this whole
> "do we need freezer, or don't we" flamefest), that actually got fixed
> fairly quickly, ...maybe. Rafael probably remembers better.
I think they just gave up and considered it unsolvable. I'm not sure it is.
>>> The 'kill -9' thing is basically due to VFS level locking not being
>>> interruptible. It could be changed, but I'm not sure it's worth it.
>>>
>>> For the suspend issue, there are also no easy solutions.
>> What are the non-easy solutions?
>
> The ability to freeze tasks in uninterruptible sleep, or more
> generally at any preempt point (except when drivers are poking
> hardware).
Couldn't some sort of scheduler based solution deal with the
uninterruptible sleeping case?
> I know this doesn't play well with userspace hibernate, and I don't
> think it can be resolved without going the kexec way.
I can see the desirability of kexec when it comes to avoiding the
freezer, but comes with its own problems too - having the original
context usable is handy, not having to set aside a large amount of space
for a second kernel is also desirable and there are still greater issues
of transferring information backwards and forwards between the two kernels.
Regards,
Nigel
next prev parent reply other threads:[~2008-01-09 9:29 UTC|newest]
Thread overview: 93+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-01-08 11:35 [patch 0/9] mount ownership and unprivileged mount syscall (v6) Miklos Szeredi
2008-01-08 11:35 ` [patch 1/9] unprivileged mounts: add user mounts to the kernel Miklos Szeredi
2008-01-08 21:34 ` Pavel Machek
[not found] ` <20080108113619.213519920-sUDqSbJrdHQHWmgEVkV9KA@public.gmane.org>
2008-01-08 21:47 ` Pavel Machek
2008-01-08 21:47 ` Pavel Machek
2008-01-14 21:46 ` Serge E. Hallyn
2008-01-08 11:35 ` [patch 2/9] unprivileged mounts: allow unprivileged umount Miklos Szeredi
[not found] ` <20080108113620.664824939-sUDqSbJrdHQHWmgEVkV9KA@public.gmane.org>
2008-01-14 21:48 ` Serge E. Hallyn
2008-01-14 21:48 ` Serge E. Hallyn
2008-01-08 11:35 ` [patch 3/9] unprivileged mounts: account user mounts Miklos Szeredi
[not found] ` <20080108113623.446872155-sUDqSbJrdHQHWmgEVkV9KA@public.gmane.org>
2008-01-08 18:18 ` Dave Hansen
2008-01-08 18:18 ` Dave Hansen
2008-01-08 19:18 ` Miklos Szeredi
2008-01-08 19:18 ` Miklos Szeredi
2008-01-14 21:53 ` Serge E. Hallyn
2008-01-08 11:35 ` [patch 4/9] unprivileged mounts: propagate error values from clone_mnt Miklos Szeredi
[not found] ` <20080108113624.898035951-sUDqSbJrdHQHWmgEVkV9KA@public.gmane.org>
2008-01-14 22:23 ` Serge E. Hallyn
2008-01-14 22:23 ` Serge E. Hallyn
2008-01-15 10:15 ` Miklos Szeredi
2008-01-15 10:15 ` Miklos Szeredi
2008-01-08 11:35 ` [patch 5/9] unprivileged mounts: allow unprivileged bind mounts Miklos Szeredi
2008-01-08 18:12 ` Dave Hansen
2008-01-08 19:08 ` Miklos Szeredi
[not found] ` <E1JCJoQ-0003g9-Nk-8f8m9JG5TPIdUIPVzhDTVZP2KDSNp7ea@public.gmane.org>
2008-01-08 19:15 ` Dave Hansen
2008-01-08 19:15 ` Dave Hansen
2008-01-08 20:44 ` Szabolcs Szakacsits
2008-01-08 20:44 ` Szabolcs Szakacsits
2008-01-09 12:45 ` Jan Engelhardt
2008-01-09 12:45 ` Jan Engelhardt
[not found] ` <Pine.LNX.4.64.0801091340270.29244-vVwEwcwQeYFPkBl3ERsXe1l1cybopEuJUBSOeVevoDU@public.gmane.org>
2008-01-09 13:26 ` Karel Zak
2008-01-09 13:26 ` Karel Zak
2008-01-09 13:32 ` Miklos Szeredi
2008-01-08 18:26 ` Dave Hansen
2008-01-08 19:21 ` Miklos Szeredi
2008-01-08 19:21 ` Miklos Szeredi
[not found] ` <20080108113626.895583537-sUDqSbJrdHQHWmgEVkV9KA@public.gmane.org>
2008-01-10 4:47 ` Serge E. Hallyn
2008-01-10 4:47 ` Serge E. Hallyn
2008-01-14 22:42 ` Serge E. Hallyn
2008-01-08 11:35 ` [patch 6/9] unprivileged mounts: allow unprivileged mounts Miklos Szeredi
2008-01-08 11:35 ` Miklos Szeredi
2008-01-09 11:11 ` Karel Zak
[not found] ` <20080109111120.GI3926-CxBs/XhZ2BtHjqfyn1fVYA@public.gmane.org>
2008-01-09 12:41 ` Miklos Szeredi
2008-01-09 12:41 ` Miklos Szeredi
2008-01-14 22:58 ` Serge E. Hallyn
2008-01-08 11:35 ` [patch 7/9] unprivileged mounts: allow unprivileged fuse mounts Miklos Szeredi
2008-01-08 21:46 ` Pavel Machek
[not found] ` <20080108214625.GE5050-+ZI9xUNit7I@public.gmane.org>
2008-01-08 22:42 ` Miklos Szeredi
2008-01-08 22:42 ` Miklos Szeredi
2008-01-08 22:58 ` Pavel Machek
2008-01-09 9:11 ` Miklos Szeredi
2008-01-09 11:33 ` Pavel Machek
2008-01-09 13:16 ` Miklos Szeredi
2008-01-09 13:35 ` Pavel Machek
2008-01-09 13:48 ` Miklos Szeredi
[not found] ` <E1JCbIb-0005rA-5O-8f8m9JG5TPIdUIPVzhDTVZP2KDSNp7ea@public.gmane.org>
2008-01-09 14:00 ` Pavel Machek
2008-01-09 14:00 ` Pavel Machek
2008-01-09 14:14 ` Miklos Szeredi
2008-01-08 23:56 ` Nigel Cunningham
[not found] ` <47840DAC.5000108-MhVfhJ0qHmuWn91e4EydUaxOck334EZe@public.gmane.org>
2008-01-09 8:47 ` Miklos Szeredi
2008-01-09 8:47 ` Miklos Szeredi
[not found] ` <E1JCWax-0005Ck-Kg-8f8m9JG5TPIdUIPVzhDTVZP2KDSNp7ea@public.gmane.org>
2008-01-09 9:29 ` Nigel Cunningham [this message]
2008-01-09 9:29 ` Nigel Cunningham
2008-01-09 11:12 ` Pavel Machek
2008-01-09 9:19 ` Szabolcs Szakacsits
2008-01-09 9:19 ` Szabolcs Szakacsits
[not found] ` <20080108113630.861045063-sUDqSbJrdHQHWmgEVkV9KA@public.gmane.org>
2008-01-14 23:24 ` Serge E. Hallyn
2008-01-14 23:24 ` Serge E. Hallyn
2008-01-15 10:29 ` Miklos Szeredi
2008-01-15 10:29 ` Miklos Szeredi
[not found] ` <E1JEj3N-0000vj-QA-8f8m9JG5TPIdUIPVzhDTVZP2KDSNp7ea@public.gmane.org>
2008-01-15 13:35 ` Serge E. Hallyn
2008-01-15 13:35 ` Serge E. Hallyn
2008-01-08 11:35 ` [patch 8/9] unprivileged mounts: propagation: inherit owner from parent Miklos Szeredi
[not found] ` <20080108113632.895453887-sUDqSbJrdHQHWmgEVkV9KA@public.gmane.org>
2008-01-14 23:13 ` Serge E. Hallyn
2008-01-14 23:13 ` Serge E. Hallyn
2008-01-15 10:39 ` Miklos Szeredi
2008-01-15 10:39 ` Miklos Szeredi
[not found] ` <E1JEjCG-0000wz-BS-8f8m9JG5TPIdUIPVzhDTVZP2KDSNp7ea@public.gmane.org>
2008-01-15 14:21 ` Serge E. Hallyn
2008-01-15 14:21 ` Serge E. Hallyn
2008-01-15 14:37 ` Miklos Szeredi
2008-01-15 14:37 ` Miklos Szeredi
[not found] ` <E1JEmv3-0001RN-6J-8f8m9JG5TPIdUIPVzhDTVZP2KDSNp7ea@public.gmane.org>
2008-01-15 14:59 ` Serge E. Hallyn
2008-01-15 14:59 ` Serge E. Hallyn
2008-01-08 11:35 ` [patch 9/9] unprivileged mounts: add "no submounts" flag Miklos Szeredi
[not found] ` <20080108113634.382855604-sUDqSbJrdHQHWmgEVkV9KA@public.gmane.org>
2008-01-14 23:39 ` Serge E. Hallyn
2008-01-14 23:39 ` Serge E. Hallyn
2008-01-15 10:41 ` Miklos Szeredi
2008-01-15 10:41 ` Miklos Szeredi
2008-01-15 10:53 ` A. C. Censi
[not found] ` <643ea2b10801150253i735d7342q73bf01f864d6167c-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2008-01-15 10:58 ` Miklos Szeredi
2008-01-15 10:58 ` Miklos Szeredi
2008-01-15 13:47 ` Serge E. Hallyn
2008-01-16 9:43 ` Miklos Szeredi
2008-01-16 9:43 ` Miklos Szeredi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=478493F4.2040602@nigel.suspend2.net \
--to=nigel-mhvfhj0qhmuwn91e4eyduaxock334eze@public.gmane.org \
--cc=akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org \
--cc=containers-qjLDD68F18O7TbgM5vRIOg@public.gmane.org \
--cc=ebiederm-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org \
--cc=hch-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org \
--cc=kzak-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=linux-fsdevel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=miklos-sUDqSbJrdHQHWmgEVkV9KA@public.gmane.org \
--cc=pavel-+ZI9xUNit7I@public.gmane.org \
--cc=serue-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org \
--cc=util-linux-ng-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=viro-rfM+Q5joDG/XmaaqVzeoHQ@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.