From: Al Viro <viro@zeniv.linux.org.uk>
To: Miklos Szeredi <mszeredi@redhat.com>
Cc: linux-fsdevel@vger.kernel.org
Subject: Re: [PATCH 01/12] vfs: allow unprivileged whiteout creation
Date: Wed, 13 May 2020 20:12:06 +0100 [thread overview]
Message-ID: <20200513191206.GW23230@ZenIV.linux.org.uk> (raw)
In-Reply-To: <20200505095915.11275-2-mszeredi@redhat.com>
On Tue, May 05, 2020 at 11:59:04AM +0200, Miklos Szeredi wrote:
> Whiteouts, unlike real device node should not require privileges to create.
>
> The general concern with device nodes is that opening them can have side
> effects. The kernel already avoids zero major (see
> Documentation/admin-guide/devices.txt). To be on the safe side the patch
> explicitly forbids registering a char device with 0/0 number (see
> cdev_add()).
>
> This guarantees that a non-O_PATH open on a whiteout will fail with ENODEV;
> i.e. it won't have any side effect.
Humm... one question:
> int vfs_whiteout(struct inode *dir, struct dentry *dentry)
> {
> - int error = may_create(dir, dentry);
> - if (error)
> - return error;
> -
> - if (!dir->i_op->mknod)
> - return -EPERM;
> -
> - return dir->i_op->mknod(dir, dentry,
> - S_IFCHR | WHITEOUT_MODE, WHITEOUT_DEV);
> + return vfs_mknod(dir, dentry, S_IFCHR | WHITEOUT_MODE, WHITEOUT_DEV);
> }
why do we still need to export it? I mean, it looks like
a static inline fodder.
next prev parent reply other threads:[~2020-05-13 19:12 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-05 9:59 [PATCH 00/12] vfs patch queue Miklos Szeredi
2020-05-05 9:59 ` [PATCH 01/12] vfs: allow unprivileged whiteout creation Miklos Szeredi
2020-05-13 19:12 ` Al Viro [this message]
2020-05-05 9:59 ` [PATCH 02/12] aio: fix async fsync creds Miklos Szeredi
2020-05-13 10:01 ` Christoph Hellwig
2020-05-05 9:59 ` [PATCH 03/12] proc/mounts: add cursor Miklos Szeredi
2020-05-13 19:33 ` Al Viro
2020-05-05 9:59 ` [PATCH 04/12] utimensat: AT_EMPTY_PATH support Miklos Szeredi
2020-05-13 10:02 ` Christoph Hellwig
2020-05-05 9:59 ` [PATCH 05/12] f*xattr: allow O_PATH descriptors Miklos Szeredi
2020-05-13 10:04 ` Christoph Hellwig
2020-05-14 8:02 ` Miklos Szeredi
2020-05-14 13:01 ` Miklos Szeredi
2020-05-05 9:59 ` [PATCH 06/12] uapi: deprecate STATX_ALL Miklos Szeredi
2020-05-13 10:04 ` Christoph Hellwig
2020-05-05 9:59 ` [PATCH 07/12] statx: don't clear STATX_ATIME on SB_RDONLY Miklos Szeredi
2020-05-13 10:04 ` Christoph Hellwig
2020-05-05 9:59 ` [PATCH 08/12] statx: add mount ID Miklos Szeredi
2020-05-13 10:05 ` Christoph Hellwig
2020-05-05 9:59 ` [PATCH 09/12] statx: add mount_root Miklos Szeredi
2020-05-05 14:24 ` J . Bruce Fields
2020-05-13 10:05 ` Christoph Hellwig
2020-05-05 9:59 ` [PATCH 10/12] vfs: don't parse forbidden flags Miklos Szeredi
2020-05-13 10:06 ` Christoph Hellwig
2020-05-05 9:59 ` [PATCH 11/12] vfs: don't parse "posixacl" option Miklos Szeredi
2020-05-13 10:07 ` Christoph Hellwig
2020-05-05 9:59 ` [PATCH 12/12] vfs: don't parse "silent" option Miklos Szeredi
2020-05-13 10:07 ` Christoph Hellwig
2020-05-13 7:45 ` [13/12 PATCH] vfs: add faccessat2 syscall Miklos Szeredi
2020-05-13 10:09 ` Christoph Hellwig
2020-05-13 7:47 ` [PATCH 00/12] vfs patch queue Miklos Szeredi
2020-05-13 19:48 ` Al Viro
2020-05-14 11:46 ` Miklos Szeredi
2020-05-14 14:55 ` Miklos Szeredi
2020-05-14 15:10 ` Al Viro
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200513191206.GW23230@ZenIV.linux.org.uk \
--to=viro@zeniv.linux.org.uk \
--cc=linux-fsdevel@vger.kernel.org \
--cc=mszeredi@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).