public inbox for linux-btrfs@vger.kernel.org
 help / color / mirror / Atom feed
From: Mark Harmstone <mark@harmstone.com>
To: Qu Wenruo <quwenruo.btrfs@gmx.com>, Boris Burkov <boris@bur.io>
Cc: linux-btrfs@vger.kernel.org
Subject: Re: [PATCH] btrfs: add BTRFS_IOC_GET_CSUMS ioctl
Date: Wed, 8 Apr 2026 14:22:05 +0100	[thread overview]
Message-ID: <4050e342-88fb-4b0f-b00c-0dcf154c2ad8@harmstone.com> (raw)
In-Reply-To: <2a47c0b6-4a40-4b19-9832-5ab6fcba0f9b@gmx.com>

On 07/04/2026 11.39 pm, Qu Wenruo wrote:
> 
> 
> 在 2026/4/8 07:43, Boris Burkov 写道:
> [...]
>>>> We absolutely can't give non-root users csums to arbitrary data, that's
>>>> definitely a security breach.
>>>
>>> If getting csums for random logical is a security breach, I do not 
>>> think the
>>> new GET_CSUM ioctl is any better.
>>>
>>
>> Isn't it better because you have to use a file we do permissions 
>> checks on?
>>
>> So it's not an arbitrary logical, it's a logical used by a file you have
>> access to? That might still be insecure against some attack, though, what
>> do I know.
> 
> OK, that makes sense now. Although I'm still not a huge fan just to 
> combine two different tree search operations into one, just to fulfill 
> the privilege check requirement.

The privilege check is important, we are running non-root mkfs to create 
(I think) VM images. And doing two tree searches is still massively 
quicker than userspace reading the data from disk and calculating the 
csums manually.

Plus there's other potential uses for this ioctl in the future: 
something rsync-like, for instance, or for deduplication.

      reply	other threads:[~2026-04-08 13:22 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-03-20 12:50 [PATCH] btrfs: add BTRFS_IOC_GET_CSUMS ioctl Mark Harmstone
2026-03-20 13:03 ` Mark Harmstone
2026-03-20 22:18 ` Qu Wenruo
2026-03-25  7:34   ` Qu Wenruo
2026-03-25 14:43     ` Mark Harmstone
2026-03-25 21:04       ` Qu Wenruo
2026-04-02 17:05         ` Mark Harmstone
2026-04-02 21:46           ` Qu Wenruo
2026-04-03 22:44             ` Boris Burkov
2026-04-03 23:00               ` Qu Wenruo
2026-04-07 18:13                 ` Mark Harmstone
2026-04-07 21:52                   ` Qu Wenruo
2026-04-07 22:13                     ` Boris Burkov
2026-04-07 22:39                       ` Qu Wenruo
2026-04-08 13:22                         ` Mark Harmstone [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4050e342-88fb-4b0f-b00c-0dcf154c2ad8@harmstone.com \
    --to=mark@harmstone.com \
    --cc=boris@bur.io \
    --cc=linux-btrfs@vger.kernel.org \
    --cc=quwenruo.btrfs@gmx.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox