Re: [PATCH] posix acls: Move namespace conversion into filesystem / xattr handlers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, May 24, 2016 at 5:41 PM, Djalal Harouni <tixxdz@xxxxxxxxx> wrote:
> On Mon, May 23, 2016 at 03:09:49PM +0200, Andreas Gruenbacher wrote:
>> Currently, getxattr() and setxattr() check for the xattr names
>> "system.posix_acl_{access,default}" and perform in-place UID / GID
>> namespace mappings in the xattr values. Filesystems then again check for
>> the same xattr names to handle those attributes, almost always using the
>> standard posix_acl_{access,default}_xattr_handler handlers.  This is
>> unnecessary overhead; move the namespace conversion into the xattr
>> handlers instead.
>
> Please, are you sure that the changes in posix_acl_xattr_get() and
> posix_acl_xattr_set() are safe ? you are reading into current user
> namespace, from a first view this is not safe unless I'm missing
> something... they should map into init_user_ns...

Yes, moving the namespace conversion from the VFS into those functions
so that we don't have to check for those attributes and parse them
twice is exactly the point of this patch.

> Please Cc the user namespace maintainers before. Thank you!

Eric, Andy, anyone else?

Thanks,
Andreas
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [Samba]     [Device Mapper]     [CEPH Development]
  Powered by Linux