lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20230807-gepinselt-begeistern-89bf404c2c12@brauner>
Date:   Mon, 7 Aug 2023 15:40:12 +0200
From:   Christian Brauner <brauner@...nel.org>
To:     Alexander Mikhalitsyn <aleksandr.mikhalitsyn@...onical.com>
Cc:     xiubli@...hat.com, stgraber@...ntu.com,
        linux-fsdevel@...r.kernel.org, Ilya Dryomov <idryomov@...il.com>,
        Jeff Layton <jlayton@...nel.org>, ceph-devel@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH v10 00/12] ceph: support idmapped mounts

On Mon, Aug 07, 2023 at 03:26:14PM +0200, Alexander Mikhalitsyn wrote:
> Dear friends,
> 
> This patchset was originally developed by Christian Brauner but I'll continue
> to push it forward. Christian allowed me to do that :)
> 
> This feature is already actively used/tested with LXD/LXC project.
> 
> Git tree (based on https://github.com/ceph/ceph-client.git testing):
> v10: https://github.com/mihalicyn/linux/commits/fs.idmapped.ceph.v10
> current: https://github.com/mihalicyn/linux/tree/fs.idmapped.ceph
> 
> In the version 3 I've changed only two commits:
> - fs: export mnt_idmap_get/mnt_idmap_put
> - ceph: allow idmapped setattr inode op
> and added a new one:
> - ceph: pass idmap to __ceph_setattr
> 
> In the version 4 I've reworked the ("ceph: stash idmapping in mdsc request")
> commit. Now we take idmap refcounter just in place where req->r_mnt_idmap
> is filled. It's more safer approach and prevents possible refcounter underflow
> on error paths where __register_request wasn't called but ceph_mdsc_release_request is
> called.
> 
> Changelog for version 5:
> - a few commits were squashed into one (as suggested by Xiubo Li)
> - started passing an idmapping everywhere (if possible), so a caller
> UID/GID-s will be mapped almost everywhere (as suggested by Xiubo Li)
> 
> Changelog for version 6:
> - rebased on top of testing branch
> - passed an idmapping in a few places (readdir, ceph_netfs_issue_op_inline)
> 
> Changelog for version 7:
> - rebased on top of testing branch
> - this thing now requires a new cephfs protocol extension CEPHFS_FEATURE_HAS_OWNER_UIDGID
> https://github.com/ceph/ceph/pull/52575
> 
> Changelog for version 8:
> - rebased on top of testing branch
> - added enable_unsafe_idmap module parameter to make idmapped mounts
> work with old MDS server versions
> - properly handled case when old MDS used with new kernel client
> 
> Changelog for version 9:
> - added "struct_len" field in struct ceph_mds_request_head as requested by Xiubo Li
> 
> Changelog for version 10:
> - fill struct_len field properly (use cpu_to_le32)
> - add extra checks IS_CEPH_MDS_OP_NEWINODE(..) as requested by Xiubo to match
>   userspace client behavior
> - do not set req->r_mnt_idmap for MKSNAP operation
> - atomic_open: set req->r_mnt_idmap only for CEPH_MDS_OP_CREATE as userspace client does

I won't RVB my own patches so I only added RVBs for the ones you
specifically added. So fwiw, I'm done reviewing.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ