From: Theodore Tso <tytso@mit.edu>
To: Chris Mason <chris.mason@oracle.com>,
Stephen Smalley <sds@tycho.nsa.gov>,
James Morris <jmorris@namei.org>,
lsm <linux-security-module@vger.kernel.org>,
linux-fsdevel@vger.kernel.org
Subject: Re: New reflink(2) syscall
Date: Tue, 5 May 2009 13:34:23 -0400 [thread overview]
Message-ID: <20090505173423.GH17486@mit.edu> (raw)
In-Reply-To: <20090505171331.GG7835@mail.oracle.com>
On Tue, May 05, 2009 at 10:13:31AM -0700, Joel Becker wrote:
> On Tue, May 05, 2009 at 12:56:58PM -0400, Chris Mason wrote:
> > On Tue, 2009-05-05 at 09:47 -0700, Joel Becker wrote:
> > > Because then you have to change the entire security structure,
> > > and you aren't a snapshot anymore.
> >
> > I won't argue with the security part, but the snapshot part could just
> > as easily be defined by the data and not the inode.
>
> In ZFS/btrfs/WAFL/disk array snaps, if you go back to a snap
> does the selinux context or acls or equivalent appear different? I don't
> think so, and I expect people would be really upset if they had to know
> all the restorecon/acl-fu to get it right.
OK, now I understand; sorry, I didn't realize that when you said
"snapshot", what you were really talking about was a way to implement
WAFL-style snapshots, where reflink was a low-level operation that
would be used to implement that particular use case. Hmm, maybe the
answer is that we implement reflinkat(2) with flags that indicate
whether this is supposed to be more like a hard link (i.e., acl and
ownership should be preserved) or more a like a copy (i.e., acl is
inherited from the new containing directory's directory creation acl,
uid/guid are set using the standard rules for creating new inodes).
Both use cases are equally valid, and I imagine there would be
interest in using reflinks both for snapshots and as a very
lightweight copy operation by commands like /bin/cp.
- Ted
next prev parent reply other threads:[~2009-05-05 17:34 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <alpine.LRH.2.00.0905041655220.21713@tundra.namei.org>
[not found] ` <1241443016.3023.51.camel@localhost.localdomain>
2009-05-04 15:35 ` New reflink(2) syscall James Morris
2009-05-04 16:59 ` Stephen Smalley
2009-05-04 17:49 ` Joel Becker
2009-05-05 18:00 ` Joel Becker
2009-05-05 18:41 ` Stephen Smalley
2009-05-05 19:15 ` Joel Becker
2009-05-05 19:14 ` Stephen Smalley
2009-05-05 19:33 ` Joel Becker
2009-05-05 22:15 ` James Morris
2009-05-05 22:31 ` Joel Becker
2009-05-06 11:23 ` Stephen Smalley
[not found] ` <20090504163514.GB31249@mail.oracle.com>
[not found] ` <1241458669.3023.203.camel@localhost.localdomain>
2009-05-04 18:08 ` Joel Becker
2009-05-04 19:30 ` Stephen Smalley
2009-05-04 21:03 ` Joel Becker
2009-05-04 21:30 ` Joel Becker
2009-05-05 11:44 ` Stephen Smalley
2009-05-05 16:46 ` Joel Becker
2009-05-04 23:13 ` Theodore Tso
2009-05-05 16:47 ` Joel Becker
2009-05-05 16:56 ` Chris Mason
2009-05-05 17:13 ` Joel Becker
2009-05-05 17:34 ` Theodore Tso [this message]
2009-05-05 17:44 ` Stephen Smalley
2009-05-05 17:56 ` Joel Becker
2009-05-05 18:21 ` Theodore Tso
2009-05-06 4:27 ` Casey Schaufler
2009-05-06 4:42 ` Jamie Lokier
2009-05-06 5:38 ` Casey Schaufler
2009-05-06 7:12 ` Theodore Tso
2009-05-05 22:45 ` Jamie Lokier
2009-05-06 4:08 ` Casey Schaufler
2009-05-06 4:28 ` Jamie Lokier
2009-05-06 11:25 ` Stephen Smalley
2009-05-05 17:36 ` Chris Mason
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090505173423.GH17486@mit.edu \
--to=tytso@mit.edu \
--cc=chris.mason@oracle.com \
--cc=jmorris@namei.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=sds@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).