[PATCH v3 1/4] add unique mount ID

Miklos Szeredi miklos at szeredi.hu
Thu Oct 5 15:52:15 UTC 2023


On Thu, 28 Sept 2023 at 15:03, Miklos Szeredi <mszeredi at redhat.com> wrote:
>
> If a mount is released then its mnt_id can immediately be reused.  This is
> bad news for user interfaces that want to uniquely identify a mount.
>
> Implementing a unique mount ID is trivial (use a 64bit counter).
> Unfortunately userspace assumes 32bit size and would overflow after the
> counter reaches 2^32.
>
> Introduce a new 64bit ID alongside the old one.  Initialize the counter to
> 2^32, this guarantees that the old and new IDs are never mixed up.

It occurred to me that it might make sense to make this counter
per-namespace.  That would allow more separation between namespaces,
like preventing the observation of mount creations in other
namespaces.

Does a global number make any sense?

Thanks,
Miklos



More information about the Linux-security-module-archive mailing list