> Given the fact that (a) its only a very minor change and (b) as soon as > we have a solution to what we really want to do: > > - inode/file operation: > - Do lookup via VFS > - Get GFS2 glock > - Do perm check via VFS > - Do actual operation > - Drop GFS2 glock Well, fuse/nfs already do something similar, except they have their actual permission checking in the server, as opposed to the vfs. They basically do: ->permission() does nothing ->foo_operation() does everything, including permission checking The reality is a bit more complicated, and both nfs and fuse do sometimes check permissions in ->permission() but most of the cases, when they know that the permission will be checked later anyway they just omit it. Of course this would mean, that for example the LSM security checks are not done within the gfs locked region. Does that matter? Miklos -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html