On Tue, Jul 10, 2018 at 3:41 PM David Howells <dhowells@xxxxxxxxxx> wrote: > > Here are a set of patches to create a filesystem context prior to setting > up a new mount, populating it with the parsed options/binary data, creating > the superblock and then effecting the mount. This is also used for remount > since much of the parsing stuff is common in many filesystems. > > This allows namespaces and other information to be conveyed through the > mount procedure. > > This also allows Miklós Szeredi's idea of doing: > > fd = fsopen("nfs"); > write(fd, "option=val", ...); > mfd = fsmount(fd, MS_NODEV); > move_mount(mfd, "", AT_FDCWD, "/mnt", MOVE_MOUNT_F_EMPTY_PATH); > > that he presented at LSF-2017 to be implemented (see the relevant patches > in the series). All your documentation (both commit logs, man-pages and in-kernel actual docs you add) only talk about "what". They don't talk about _why_. I can imagine why's. But I think that the "why" is actually way mnore important than the what. At no point did I see a "this is the current interface, and it doesn't work for xyz, so here's the new interface that allows us to do stuff". When you have a diffstat like this: 171 files changed, 7147 insertions(+), 1805 deletions(-) I sure want to see an explanation for *WHY* it adds 5000+ lines of core code. Also, I want to hear about sane security models. One of the things people really want to do is have users do their own mounts. We've had security issues in that area. Why does this improve on it, or make it even worse? And by "secuyrity models" I absolutely do not mean "here's how you can do complex smack rules for it". Linus