file metadata via fs API (was: [GIT PULL] Filesystem Information)
David Howells
dhowells at redhat.com
Wed Aug 12 13:33:13 UTC 2020
Miklos Szeredi <miklos at szeredi.hu> wrote:
> You said yourself, that what's really needed is e.g. consistent
> snapshot of a complete mount tree topology. And to get the complete
> topology FSINFO_ATTR_MOUNT_TOPOLOGY and FSINFO_ATTR_MOUNT_CHILDREN are
> needed for *each* individual mount.
That's not entirely true.
FSINFO_ATTR_MOUNT_ALL can be used instead of FSINFO_ATTR_MOUNT_CHILDREN if you
want to scan an entire subtree in one go. It returns the same record type.
The result from ALL/CHILDREN includes sufficient information to build the
tree. That only requires the parent ID. All the rest of the information
TOPOLOGY exposes is to do with propagation.
Now, granted, I didn't include all of the topology info in the records
returned by ALL/CHILDREN because I don't expect it to change very often. But
you can check the event counter supplied with each record to see if it might
have changed - and then call TOPOLOGY on the ones that changed.
If it simplifies life, I could add the propagation info into ALL/CHILDREN so
that you only need to call ALL to scan everything. It requires larger
buffers, however.
> Adding a few generic binary interfaces is okay. Adding many
> specialized binary interfaces is a PITA.
Text interfaces are also a PITA, especially when you may get multiple pieces
of information returned in one buffer and especially when you throw in
character escaping. Of course, we can do it - and we do do it all over - but
that doesn't make it efficient.
David
More information about the Linux-security-module-archive
mailing list