From: Casey Schaufler <casey@schaufler-ca.com>
To: James Morris <jmorris@namei.org>
Cc: Trond Myklebust <trond.myklebust@fys.uio.no>,
Peter Staubach <staubach@redhat.com>,
Tom Haynes <tdh-8AdZ+HgO7noAvxtiuMwx3w@public.gmane.org>,
"J. Bruce Fields" <bfields@fieldses.org>,
"linux-nfs@vger.kernel.org" <linux-nfs@vger.kernel.org>,
Christoph Hellwig <hch@infradead.org>,
"linux-fsdevel@vger.kernel.org" <linux-fsdevel@vger.kernel.org>,
David Patrick Quigley <dpquigl@tycho.nsa.gov>,
Tyler Hicks <tyhicks@linux.vnet.ibm.com>,
Dustin Kirkland <kirkland@canonical.com>
Subject: Re: [PATCH 0/4][RFC] NFSv3: implement extended attribute (XATTR) protocol
Date: Tue, 13 Oct 2009 21:50:01 -0700 [thread overview]
Message-ID: <4AD55879.2060207@schaufler-ca.com> (raw)
In-Reply-To: <alpine.LRH.2.00.0910141526530.5279-CK9fWmtY32x9JUWOpEiw7w@public.gmane.org>
James Morris wrote:
> On Tue, 13 Oct 2009, Casey Schaufler wrote:
>
>
>> If you wanted to you could implement a mapping scheme of your choice
>> on the server.
>>
>
> Just as long as you don't expect any defined semantics from this protocol
> -- it's purely xattr transport.
>
I agree completely. My point is that you can leave it up to the
server to deal with if it is so inclined. No networking required.
>
>> A Smack server might be happy with mapping
>> nfs.security.SMACK64 to security.SMACK64, while an HP/UX server might
>> have a function to map nfs.security.selinux into security.BellAndLaPadula
>> for its own nefarious purposes. Because you could do this strictly
>> on the server you don't have to implement a negotiation protocol,
>> although you could.
>>
>
> I think if we start looking at negotiation & interpretation, then we've
> moved beyond simple metadata transport and should be looking at extending
> NFSv4 instead (e.g. like Labeled NFS).
>
Again, I agree. The appeal to this xattr approach is that there
is no negotiation. It is just transport and storage. And for those
who question the value of the scheme, it has been in use in Irix
for -I'm not 100% sure- 10 years now.
next prev parent reply other threads:[~2009-10-14 4:50 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-09-19 15:09 [PATCH 0/4][RFC] NFSv3: implement extended attribute (XATTR) protocol James Morris
2009-09-19 15:11 ` [PATCH 1/4] NFSv3: convert client to generic xattr API James Morris
2009-09-19 15:12 ` [PATCH 2/4] NFSv3: add xattr API config option for client James Morris
2009-09-19 15:13 ` [PATCH 3/4] NFSv3: add client implementation of XATTR protocol James Morris
2009-09-19 15:14 ` [PATCH 4/4] NFSv3: add server " James Morris
[not found] ` <alpine.LRH.2.00.0909200020360.31818-CK9fWmtY32x9JUWOpEiw7w@public.gmane.org>
2009-09-19 17:30 ` [PATCH 0/4][RFC] NFSv3: implement extended attribute (XATTR) protocol Casey Schaufler
2009-09-20 5:13 ` James Morris
2009-09-22 12:47 ` Christoph Hellwig
2009-09-22 13:03 ` James Morris
[not found] ` <alpine.LRH.2.00.0909222253470.21052-CK9fWmtY32x9JUWOpEiw7w@public.gmane.org>
2009-09-22 13:07 ` Christoph Hellwig
2009-10-06 15:18 ` Peter Staubach
2009-10-09 0:39 ` James Morris
[not found] ` <alpine.LRH.2.00.0910091132130.32154-CK9fWmtY32x9JUWOpEiw7w@public.gmane.org>
2009-10-09 23:14 ` Christoph Hellwig
2009-10-12 17:50 ` Peter Staubach
2009-10-12 19:26 ` Tom Haynes
[not found] ` <CA06CB5C-6084-45AA-B185-FBDA7E3B9754-8AdZ+HgO7noAvxtiuMwx3w@public.gmane.org>
2009-10-12 19:34 ` Peter Staubach
2009-10-12 22:55 ` Trond Myklebust
[not found] ` <1255388158.3711.57.camel-rJ7iovZKK19ZJLDQqaL3InhyD016LWXt@public.gmane.org>
2009-10-12 23:08 ` J. Bruce Fields
2009-10-13 7:02 ` James Morris
[not found] ` <alpine.LRH.2.00.0910131733070.28896-CK9fWmtY32x9JUWOpEiw7w@public.gmane.org>
2009-10-13 18:27 ` Trond Myklebust
[not found] ` <1255458444.3711.113.camel-rJ7iovZKK19ZJLDQqaL3InhyD016LWXt@public.gmane.org>
2009-10-14 0:48 ` James Morris
[not found] ` <alpine.LRH.2.00.0910141134410.4671-CK9fWmtY32x9JUWOpEiw7w@public.gmane.org>
2009-10-14 2:05 ` Casey Schaufler
2009-10-14 4:30 ` James Morris
[not found] ` <alpine.LRH.2.00.0910141526530.5279-CK9fWmtY32x9JUWOpEiw7w@public.gmane.org>
2009-10-14 4:50 ` Casey Schaufler [this message]
2009-10-14 12:46 ` Peter Staubach
2009-10-14 4:56 ` Dustin Kirkland
2009-10-14 6:02 ` James Morris
2009-10-14 15:05 ` Tyler Hicks
[not found] ` <bf63d7240910080919nf1bf6d0rd94f671d0645f674@mail.gmail.com>
2009-10-08 17:21 ` J. Bruce Fields
2009-10-09 0:31 ` James Morris
2009-10-08 17:22 ` J. Bruce Fields
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4AD55879.2060207@schaufler-ca.com \
--to=casey@schaufler-ca.com \
--cc=bfields@fieldses.org \
--cc=dpquigl@tycho.nsa.gov \
--cc=hch@infradead.org \
--cc=jmorris@namei.org \
--cc=kirkland@canonical.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-nfs@vger.kernel.org \
--cc=staubach@redhat.com \
--cc=tdh-8AdZ+HgO7noAvxtiuMwx3w@public.gmane.org \
--cc=trond.myklebust@fys.uio.no \
--cc=tyhicks@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox