Re: r-o bind in nfsd

From: Al Viro
Date: Fri Mar 21 2008 - 11:55:13 EST

Next message: Badari Pulavarty: "Re: [PATCH 1/5] generic __remove_pages() support"
Previous message: Andi Kleen: "Re: iommu: it could use some documentation"
In reply to: Miklos Szeredi: "r-o bind in nfsd"
Next in thread: Miklos Szeredi: "Re: r-o bind in nfsd"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Mar 21, 2008 at 03:59:44PM +0100, Miklos Szeredi wrote:
> Why is it that in fs/nfsd/vfs.c only vfs_mknod() and vfs_rename() are
> surrounded by mnt_want_write/mnt_drop_write, and not the other
> operations (vfs_create, vfs_mkdir, vfs_symlink, ...)?
>
> I noticed this while looking at the AppArmor patches, which need to
> pass the vfsmount down to the security module. And I'm wondering, why
> can't mnt_want_write() and mnt_drop_write() be done _inside_ vfs_foo()?
>
> I know there are a few cases, where filesystems call vfs_foo()
> internally, where the vfsmount isn't available, but I think the proper
> solution is just to fix those places, and not recurse back into the
> VFS (which is AFAICS in all those cases totally unnecessary anyway).
> This would make everybody happy, no?

Apparmor can go play with itself. The proper fix is to lift the LSM nonsense
into callers and leave vfs_...() alone; vfsmounts should *not* be passed
there at all, with the exception of vfs_follow_link() which gets the full
nameidata.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Badari Pulavarty: "Re: [PATCH 1/5] generic __remove_pages() support"
Previous message: Andi Kleen: "Re: iommu: it could use some documentation"
In reply to: Miklos Szeredi: "r-o bind in nfsd"
Next in thread: Miklos Szeredi: "Re: r-o bind in nfsd"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]