[PATCH v3 1/4] add unique mount ID
Miklos Szeredi
miklos at szeredi.hu
Thu Oct 5 15:52:15 UTC 2023
On Thu, 28 Sept 2023 at 15:03, Miklos Szeredi <mszeredi at redhat.com> wrote:
>
> If a mount is released then its mnt_id can immediately be reused. This is
> bad news for user interfaces that want to uniquely identify a mount.
>
> Implementing a unique mount ID is trivial (use a 64bit counter).
> Unfortunately userspace assumes 32bit size and would overflow after the
> counter reaches 2^32.
>
> Introduce a new 64bit ID alongside the old one. Initialize the counter to
> 2^32, this guarantees that the old and new IDs are never mixed up.
It occurred to me that it might make sense to make this counter
per-namespace. That would allow more separation between namespaces,
like preventing the observation of mount creations in other
namespaces.
Does a global number make any sense?
Thanks,
Miklos
More information about the Linux-security-module-archive
mailing list