[RFC PATCH] getting misc stats/attributes via xattr API
Christian Brauner
brauner at kernel.org
Tue May 10 15:30:50 UTC 2022
On Tue, May 10, 2022 at 04:41:35PM +0200, Miklos Szeredi wrote:
> On Tue, 10 May 2022 at 16:19, Christian Brauner <brauner at kernel.org> wrote:
>
> > Fwiw, turning this around: unifying semantically distinct interfaces
> > because of syntactical similarities is bad. Moving them into a
> > syntactically equivalent system call that expresses the difference in
> > semantics in its name is good.
>
> You are ignoring the arguments against fragmentation.
No, I'm not ignoring it and really wasn't trying to. What I tried to say
by this, is that the inverse of the argument against fragmentation is
simply equally worth supporting. Meaning the argument against
fragmentation isn't stronger than the argument against aggressive
unification.
(Fwiw, I think that basing the argument on syntactical similarities is
problematic. Stretching this argument for a second, all multiplexers are
almost by necessity syntactically similar (e.g. ptrace() and seccomp())
but we don't use that as an argument to make them a single system call.)
>
> You are also ignoring the fact that semantically the current xattr
> interface is already fragmented. Grep for "strncmp(name, XATTR_" in
> fs/xattr.c.
>
> We don't have getsecurityxattr(), getuserxattr(), gettrustedxattr()
> and getsystemxattr(). It would be crazy. Adding getfsxattr() would
> be equally crazy. getxattr() pretty much describes the semantics of
> all of these things.
getxattr() describes the syntax of all of these things and barely that.
It describes the method of retrieval. And the method of retrieval is
super generic to the point where strings _or binary data_ can be
returned (e.g. POSIX ACLs or fscaps) depending on the xattr namespace.
But wight now, everything we currently get from getxattr() is attributes
associated with inodes.
So getsecurityxattr(), getuserxattr(), gettrustedxattr() etc. would
arguably be fragmentation because all of these things are associated
with inodes.
But now we're in the process of extending the *xattr() calls to operate
on mounts and filesystems so an additional getfsattr() (or another name)
is not fragmentation imho. And I definitely don't think this would
qualify as "crazy".
More information about the Linux-security-module-archive
mailing list