On Wed, 29 Nov 2023 at 10:53, Christian Brauner <brauner@xxxxxxxxxx> wrote: > > On Tue, 28 Nov 2023 17:03:31 +0100, Miklos Szeredi wrote: > > This came out from me thinking about the best libc API. It contains a few > > changes that simplify and (I think) improve the interface. > > > > Tree: > > > > git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs.git#vfs.mount > > > > [...] > > Afaict, all changes as discussed. Thanks. I folded the fixes into the > main commit. Links to the patches that were folded are in the commit > message and explained in there as well. The final commit is now rather > small and easy to read. Looks good, thanks for folding the patches. > * Remove explicit LISTMOUNT_UNREACHABLE flag (cf. [1]). That > functionality can simply be made available by checking for required > privileges. If the caller is sufficiently privileged then list mounts > that can't be reached from the current root. If the caller isn't skip > mounts that can't be reached from the current root. This also makes > permission checking consistent with statmount() (cf. [3]). Skipping mounts based on privileges was what the initial version did. That inconsistency was the reason for introducing LISTMOUNT_UNREACHABLE. The final version doesn't skip mounts based on privileges, either all submounts are listed or the request is rejected with -EPERM. For the case when some submounts are inside root and some are outside useing LSMT_ROOT should be sufficient. LSMT_ROOT won't fail due to insufficient privileges, since by definition it lists only mounts that are below root. Thanks, Miklos
