file metadata via fs API
Karel Zak
kzak at redhat.com
Thu Aug 13 08:52:52 UTC 2020
On Wed, Aug 12, 2020 at 02:43:32PM +0200, Miklos Szeredi wrote:
> On Wed, Aug 12, 2020 at 1:28 PM Karel Zak <kzak at redhat.com> wrote:
>
> > The proposal is based on paths and open(), how do you plan to deal
> > with mount IDs? David's fsinfo() allows to ask for mount info by mount
> > ID and it works well with mount notification where you get the ID. The
> > collaboration with notification interface is critical for our use-cases.
>
> One would use the notification to keep an up to date set of attributes
> for each watched mount, right?
>
> That presumably means the mount ID <-> mount path mapping already
> exists, which means it's just possible to use the open(mount_path,
> O_PATH) to obtain the base fd.
The notification also reports new mount nodes, so we have no mount ID
<-> mount path mapping in userspace yet.
The another problem is that open(path) cannot be used if you have multiple
filesystems on the same mount point -- in this case (at least in theory)
you can get ID for by-path inaccessible filesystem.
> A new syscall that returns an fd pointing to the root of the mount
> might be the best solution:
>
> int open_mount(int root_fd, u64 mntid, int flags);
Yes, something like this is necessary. You do not want to depend
on paths if you want to read information about mountpoints.
Karel
--
Karel Zak <kzak at redhat.com>
http://karelzak.blogspot.com
More information about the Linux-security-module-archive
mailing list