From: Johannes Berg <johannes@sipsolutions.net>
To: "Marko Petrović" <petrovicmarko2006@gmail.com>,
linux-um@lists.infradead.org
Cc: richard@nod.at, anton.ivanov@cambridgegreys.com
Subject: Re: [PATCH v3 2/2] hostfs: store permissions in extended attributes
Date: Tue, 18 Apr 2023 10:31:37 +0200 [thread overview]
Message-ID: <9811ef569aac8a2f2ff5a9f2d1039b5d041f6377.camel@sipsolutions.net> (raw)
In-Reply-To: <CRYCSOJIMYCY.3UJQ3W04LGKK7@laptop-fedora>
Hi,
On Sun, 2023-04-16 at 19:24 +0200, Marko Petrović wrote:
>
> I have written the third version of the patch. Thank you for all of your
> recommendations.
>
> While writing the third patch version, I noticed that there was a
> serious limitation of the code in second patch, namely the whole
> xattrperm feature was available only and only as boot time flag so it
> could not be used when hostfs was built as module since modules don't
> have hostfs_args() function.
>
> To overcome that issue, I have changed the content of
> struct super_block -> s_fs_info to point to a struct hostfs_fs_info
> containing the string that was previously there (to be used by old
> functions) and the per-mountpoint use_xattr flag.
> This allows easy extending of mount options in the future and thus
> providing more flexibility to userspace to configure the filesystem.
> For example, hostfs_attr, acl and noacl could be the mount options added
> for POSIX ACLs and extended attributes in the future and if there is a
> desire for that, append could become a mount option now too.
>
> Regarding xattrperm as the kernel boot parameter, I left it available and
> it defines the default behavior when mounting the filesystem (when
> neither xattrperm nor noxattrperm is specified in mount options).
It seems that _maybe_, similar to the 'hostfs' kernel argument, there
should be a way to contain the set of options?
What do I mean by that? I mean that today, the inside of the virtual
machine (for lack of a better word) can only mount outside folders that
are contained in the folder indicated by the 'hostfs' argument.
Similarly, perhaps the "outside administrator" should be able to
indicate that xattr permissions _must_ be used, or _must not_ be used?
Which would imply a new kernel argument that can be configured to "force
use", "force don't use" and "don't care", with perhaps even for backward
compatibility the default being "force don't use"?
Not sure. Anton? Richard? Any opinions?
johannes
_______________________________________________
linux-um mailing list
linux-um@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-um
next prev parent reply other threads:[~2023-04-18 8:31 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-04-13 22:30 Document new xattrperm flag Marko Petrović
2023-04-13 22:30 ` [PATCH 1/2] " Marko Petrović
2023-04-14 7:17 ` Johannes Berg
2023-04-13 22:30 ` [PATCH 2/2] hostfs: store permissions in extended attributes Marko Petrović
2023-04-14 2:33 ` [PATCH v2 " Marko Petrović
2023-04-14 7:40 ` Johannes Berg
2023-04-14 17:19 ` Marko Petrović
2023-04-18 8:26 ` Johannes Berg
2023-04-25 16:10 ` Marko Petrović
2023-04-14 10:54 ` Richard Weinberger
2023-04-14 17:52 ` Marko Petrović
2023-04-14 17:59 ` Richard Weinberger
2023-04-15 16:48 ` [PATCH v3 " Marko Petrović
2023-04-16 17:24 ` Marko Petrović
2023-04-18 8:31 ` Johannes Berg [this message]
2023-04-25 16:35 ` Marko Petrović
2023-04-25 17:11 ` Johannes Berg
2023-08-28 19:48 ` Richard Weinberger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=9811ef569aac8a2f2ff5a9f2d1039b5d041f6377.camel@sipsolutions.net \
--to=johannes@sipsolutions.net \
--cc=anton.ivanov@cambridgegreys.com \
--cc=linux-um@lists.infradead.org \
--cc=petrovicmarko2006@gmail.com \
--cc=richard@nod.at \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox