On Oct 01, 2008 17:20 -0400, Theodore Ts'o wrote: > On Wed, Oct 01, 2008 at 02:45:45PM -0400, Christoph Hellwig wrote: > > On Tue, Sep 30, 2008 at 05:40:54PM -0700, Andreas Dilger wrote: > > > Instead of implementing an EXT4_IOC_FIEMAP_INO ioctl, what we had implemented > > > is an EXT4_IOC_WRAPPER, which takes as arguments the inode number and the > > > ioctl command + original ioctl data. This allows inode ioctls to be called > > > against the filesystem root for arbitrary inodes, and doesn't require new > > > implementation for each ioctl: > > > > Or just provide more generic open by handle functionality. Shouldn't be > > too much of a problem to do it in the VFS by reusing the exportfs code. > > > > A while back I had implemented an "open by inode" patch for a friend > who needed it for their startup. I never posted it because (a) even > though it was only optionally enabled via a mount option, if you allow > non-root users to access it, it blows a whole through traditional unix > permissions semantics (i.e., a mode 700 directory no longer protects > files underneath that directory), and (b) I was sure that Al Viro > would consider the hacks that I needed to make it work to be far too > ugly to live. :-) We've been using that patch for a long time now in Lustre, but will soon be replacing it with code that calls fh_to_dentry() and just craft fake fh to have the filesystem open the inode. That avoids all kinds of hacks in place internally. Definitely the __iopen__ directory should only be allowed for root... Cheers, Andreas -- Andreas Dilger Sr. Staff Engineer, Lustre Group Sun Microsystems of Canada, Inc. -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
