Re: [RFC] vfs: cleanup of permission()

From: Trond Myklebust
Date: Wed Mar 01 2006 - 21:24:00 EST

Next message: Trond Myklebust: "Re: Linux 2.6.15.5 - NFS client broken"
Previous message: Otavio Salvador: "Re: ALSA HDA Intel stoped to work in 2.6.16-*"
In reply to: Sam Vilain: "Re: [RFC] vfs: cleanup of permission()"
Next in thread: Sam Vilain: "Re: [RFC] vfs: cleanup of permission()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 2006-03-02 at 14:35 +1300, Sam Vilain wrote:
> Trond Myklebust wrote:
> >>the second part is actually a hack to help nfs and fuse
> >>to get the 'required' information until there is a proper
> >>interface (at the vfs not inode level) to pass relevant
> >>information (probably dentry/vfsmount/flags)
> > The nameidata _IS_ the vfs structure for storing path context
> > information. You seem to be suggesting we need yet another one. Why?
>
> Because you can't make a nameidata without a lookup, and file based
> operations don't do a lookup. However you still have the vfsmnt and
> inode hanging off the file struct.

Which is fine by NFS, at least. We don't care about performing
permissions checks in those cases anyway, so a NULL nameidata is OK. The
only cases where we currently need to take action in ->permission() are

1) path walks (checking MAY_EXEC on the directory)
2) open() (on NFSv2/v3 only)
3) access()

In the future we can/should probably eliminate (2) by making an
atomic_open() for NFSv2/v3, so that we can correctly set the credential
that was used for the open() permissions check in the struct file.

> Either that or we make a dummy nameidata structure for this situation,
> possibly a filehandle relative lookup as used by openat() et al.
>
> >>>Secondly, an intent is _not_ a permissions mask by any stretch of the
> >>>imagination.
> >>see above
> >>>IOW: at the very least make that intent flag a separate parameter.
> >>IMHO it would be good to remove them completely form the
> >>current permission() checks.
> > Vetoed!
> > Redundant RPC calls have performance costs to the client, the server and
> > the network. That intent information is there in order to allow the
> > filesystem to figure out whether or not it needs to do the permissions
> > check, or if that check is already being done by other operations.
> > Removing the intents are therefore not an option.
>
> OK, so we either make it an extra parameter or 'properly' stack them
> into a single word. Do you have any preferences either way there?

An extra parameter should suffice for (1) and (2).

Cheers,
Trond

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Trond Myklebust: "Re: Linux 2.6.15.5 - NFS client broken"
Previous message: Otavio Salvador: "Re: ALSA HDA Intel stoped to work in 2.6.16-*"
In reply to: Sam Vilain: "Re: [RFC] vfs: cleanup of permission()"
Next in thread: Sam Vilain: "Re: [RFC] vfs: cleanup of permission()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]