From: David Quigley <dpquigl@tycho.nsa.gov>
To: Christoph Hellwig <hch@infradead.org>
Cc: Phillip Hellewell <phillip@hellewell.homeip.net>,
Andrew Morton <akpm@osdl.org>,
linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org
Subject: Re: [PATCH 0/13: eCryptfs] eCryptfs Patch Set
Date: Fri, 07 Jul 2006 13:22:09 -0400 [thread overview]
Message-ID: <1152292929.3727.23.camel@moss-terrapins.epoch.ncsc.mil> (raw)
In-Reply-To: <20060707115422.GA4705@infradead.org>
On Fri, 2006-07-07 at 12:54 +0100, Christoph Hellwig wrote:
> On Sat, May 20, 2006 at 10:57:40AM +0100, Christoph Hellwig wrote:
> > I gave the code in -mm a quick look, and it still needs a lot of work.
>
> looking over the code again:
>
> > - please kill ECRYPTFS_SET_FLAG, ECRYPTFS_CLEAR_FLAG and ECRYPTFS_CHECK_FLAG
> > and just opencode them, it'll make the code a whole lot more readable
>
> these are still there..
>
> > - please make sure touch_atime goes down to ->setattr for atime updates,
> > that way you don't need all that mess in your read/write. and in -mm
> > those routines need update for vectored and aio support
>
> you don't seem to have updated the common code for this yet.
>
> > - NEVER EVER do things like copying locks_delete_block and
> > posix_lock_file_wait (as ecryptfs_posix_lock and based on a previous
> > version) to you code. It will get stale and create a maintaince nightmare.
> > talk with the subsystem maintainers on how to make the core functionality
> > accesible to you.
> > - similarly ecryptfs_setlk is totally non-acceptable. find a way with the
> > maintainer to reuse things from fcntl_setlk with a common helper
>
This is actually an interesting thing. Due to certain issues, stackable
file systems normally do not allow people to modify the lower level
files from under the mounted stackable filesystem. Ideally you want to
be able to view a stack and make changes at each level. This is possible
but not without some changes to the kernel. If we go with the statement
that you should not modify lower level files except through eCryptfs
(which seams reasonable since its an encryption file system) then this
is not needed. We do not need to pass the lock down to the lower file
system since locking the upper level file is more than adequate. If we
decide to make the changes to the kernel to allow for modifications at
each layer of a stack then we do need this.
> dito
>
> > - copying things like lock_parent, unlock_parent and unlock_dir
>
This is something that is easy to get rid of. The Unionfs and FiST teams
have actually fixed this code in the two respective projects. We have
replaced all these old locks (which weren't really correct) with the
appropriate 2.6 locking.
> still there. sorry, but there's zero changes to get things merged that
> opencode
>
> >
> > - please split all the generic stackable filesystem passthorugh routines
> > into a separated stackfs layer, in a few files in fs/stackfs/ that
> > you depend on. They'll get _GPL exported to all possible stackable
> > filesystem. They'll need their own store underlying object helpers,
> > but that can be made to work by embedding the generic stackfs data
> > as first thing in the ecryptfs object.
> >
> >
> >
>
>
> More comments:
>
> - what protects accessing d_parent in lock_parent / unlock_parent?
> - no need to cast the return value of kmem_cache_alloc, it's void *
> - any reason to use the SLAB_* flags instead of GFP_? I'm a bit surprised
> SLAB_* still exists at all..
>
> - follow_link handling is wrong. you need to call the underlying
> ->follow_link in your follow_link implementation and you need to keep
> a separate nameidata for it
>
> - please kill that ugly ecryptfs_allocated_caches hack and do normal
> goto based unwinding on failure
>
> - using iget with the lower filesystems i_ino does not work. There are
> various filesystems were i_ino does not uniqueuely identify an inode.
> You will probably need your own sequence numbers. Also please don't
> use iget in new code but always the iget_locked variant.
>
> And a more general issue with implementing stackable filesystems:
>
> I think it's probably much better to not stack ontop of a part of the
> existing namespace but rather let ecryptfs mount the underlying filesystem
> internally using vfs_kern_mount. This gets out of the way of possible
> lock order problems when doing namespace operation involving both the
> stacked and underlying filesystem aswell as allowing using a stackable
> filesystem as the root filesystem.
>
Could you actually explain this with an example? If it is what I think
you mean then we did look into this and we had some concerns with it
however I'll make sure its the same before we delve into it.
> -
> To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2006-07-07 17:23 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-05-13 3:37 [PATCH 0/13: eCryptfs] eCryptfs Patch Set Phillip Hellewell
2006-05-13 3:40 ` [PATCH 1/13: eCryptfs] fs/Makefile and fs/Kconfig Phillip Hellewell
2006-05-13 8:51 ` Jan-Benedict Glaw
2006-05-13 3:41 ` [PATCH 2/13: eCryptfs] Documentation Phillip Hellewell
2006-05-13 3:42 ` [PATCH 3/13: eCryptfs] Makefile Phillip Hellewell
2006-05-13 3:42 ` [PATCH 4/13: eCryptfs] Main module functions Phillip Hellewell
2006-05-13 3:43 ` [PATCH 5/13: eCryptfs] Header declarations Phillip Hellewell
2006-05-13 3:44 ` [PATCH 6/13: eCryptfs] Superblock operations Phillip Hellewell
2006-05-13 3:45 ` [PATCH 7/13: eCryptfs] Dentry operations Phillip Hellewell
2006-05-13 3:45 ` [PATCH 8/13: eCryptfs] File operations Phillip Hellewell
2006-05-13 3:46 ` [PATCH 9/13: eCryptfs] Inode operations Phillip Hellewell
2006-05-13 3:47 ` [PATCH 10/13: eCryptfs] Mmap operations Phillip Hellewell
2006-06-28 14:16 ` Pekka Enberg
2006-06-28 15:02 ` Michael Halcrow
2006-05-13 3:47 ` [PATCH 11/13: eCryptfs] Keystore Phillip Hellewell
2006-05-13 3:48 ` [PATCH 12/13: eCryptfs] Crypto functions Phillip Hellewell
2006-05-13 3:49 ` [PATCH 13/13: eCryptfs] Debug functions Phillip Hellewell
2006-05-13 4:21 ` [PATCH 0/13: eCryptfs] eCryptfs Patch Set Nick Piggin
2006-05-13 16:21 ` Michael Thompson
2006-05-14 2:59 ` Nick Piggin
2006-05-14 3:13 ` Andrew Morton
2006-05-14 3:26 ` Nick Piggin
2006-05-14 3:43 ` Michael Halcrow
2006-05-14 3:54 ` Greg KH
2006-05-15 10:17 ` David Howells
2006-05-15 10:59 ` Andrew Morton
2006-05-20 9:57 ` Christoph Hellwig
2006-06-01 20:47 ` Michael Halcrow
2006-07-07 10:01 ` Christoph Hellwig
2006-07-07 11:54 ` Christoph Hellwig
2006-07-07 12:23 ` Pekka Enberg
2006-07-07 17:22 ` David Quigley [this message]
2006-07-08 17:21 ` Christoph Hellwig
2006-07-08 21:22 ` Erez Zadok
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1152292929.3727.23.camel@moss-terrapins.epoch.ncsc.mil \
--to=dpquigl@tycho.nsa.gov \
--cc=akpm@osdl.org \
--cc=hch@infradead.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=phillip@hellewell.homeip.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).