| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <m1d4h7v8jf.fsf@frodo.ebiederm.org> Date: Fri, 07 Nov 2008 07:51:32 -0800 From: ebiederm@...ssion.com (Eric W. Biederman) To: Andrew Morton <akpm@...ux-foundation.org> Cc: linux-kernel@...r.kernel.org, adobriyan@...il.com, viro@...IV.linux.org.uk, containers@...ts.osdl.org Subject: Re: [PATCH 2/7] proc: Implement support for automounts in task directories Andrew Morton <akpm@...ux-foundation.org> writes: > On Thu, 06 Nov 2008 19:51:23 -0800 ebiederm@...ssion.com (Eric W. Biederman) > wrote: > >> If we could do all of this with reference counting so that the >> mount would persist exactly until the last user of it has gone >> away without a periodic poll I would love it. But the infrastructure >> doesn't support that today, > > Well that sucks. The free-on-last-put idiom occurs in so many places > and serves us so well. I wonder what went wrong here? > I guess it has interactions with dentry and inode cache aging which > could get tricky. At least in part. If you just have the dentry you can't easily find what is mounted on it. >> and where this is at least partially >> a bug fix I would rather not have the change depend on enhancing >> the VFS. >> >> The algorithm is actually very aggressive and in practice you don't >> see any /proc/<pid>/net showing up as a mount point. > > Do you think it has failure modes? Most particularly: obscure usage > patterns which can cause memory exhaustion? I don't think we can pin anything that way that we can't pin right now. You might be able to pin more if you happen to mount something on top of /proc/<pid>/net/ but that is an unprivileged operation. >> > Obviously, that becomes clearer as one spends more time with the code, >> > but I wonder whether this has all been made as maintainble as it >> > possibly could be. >> >> Good question. >> >> In the sense of will we have to go through and futz with the code all >> of the time. The abstraction seems good. You put a mount on >> the proc_automounts list with do_add_mounts and it goes away eventually >> with all of the vfs rules maintained. >> >> In the sense of can the code be read? Perhaps it could be better. >> I expect it helps to have run the code and see /proc/net as a filesystem. >> that is magically mounted. > > 'twould be a useful contribution if you were to enshrine your > discoveries in /*these things*/. You knew I was working up to that :) Short of a big fat comment I'm not certain if there is something I can do better. Eric -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists