lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20260114-blamabel-hanfernte-ea1345885b46@brauner>
Date: Wed, 14 Jan 2026 16:26:03 +0100
From: Christian Brauner <brauner@...nel.org>
To: Jeff Layton <jlayton@...nel.org>
Cc: Christoph Hellwig <hch@...radead.org>, 
	Amir Goldstein <amir73il@...il.com>, Chuck Lever <chuck.lever@...cle.com>, Jan Kara <jack@...e.cz>, 
	Luis de Bethencourt <luisbg@...nel.org>, Salah Triki <salah.triki@...il.com>, 
	Nicolas Pitre <nico@...xnic.net>, Anders Larsen <al@...rsen.net>, 
	Alexander Viro <viro@...iv.linux.org.uk>, David Sterba <dsterba@...e.com>, Chris Mason <clm@...com>, 
	Gao Xiang <xiang@...nel.org>, Chao Yu <chao@...nel.org>, Yue Hu <zbestahu@...il.com>, 
	Jeffle Xu <jefflexu@...ux.alibaba.com>, Sandeep Dhavale <dhavale@...gle.com>, 
	Hongbo Li <lihongbo22@...wei.com>, Chunhai Guo <guochunhai@...o.com>, Jan Kara <jack@...e.com>, 
	Theodore Ts'o <tytso@....edu>, Andreas Dilger <adilger.kernel@...ger.ca>, 
	Jaegeuk Kim <jaegeuk@...nel.org>, OGAWA Hirofumi <hirofumi@...l.parknet.co.jp>, 
	David Woodhouse <dwmw2@...radead.org>, Richard Weinberger <richard@....at>, 
	Dave Kleikamp <shaggy@...nel.org>, Ryusuke Konishi <konishi.ryusuke@...il.com>, 
	Viacheslav Dubeyko <slava@...eyko.com>, Konstantin Komarov <almaz.alexandrovich@...agon-software.com>, 
	Mark Fasheh <mark@...heh.com>, Joel Becker <jlbec@...lplan.org>, 
	Joseph Qi <joseph.qi@...ux.alibaba.com>, Mike Marshall <hubcap@...ibond.com>, 
	Martin Brandenburg <martin@...ibond.com>, Miklos Szeredi <miklos@...redi.hu>, 
	Phillip Lougher <phillip@...ashfs.org.uk>, Carlos Maiolino <cem@...nel.org>, 
	Hugh Dickins <hughd@...gle.com>, Baolin Wang <baolin.wang@...ux.alibaba.com>, 
	Andrew Morton <akpm@...ux-foundation.org>, Namjae Jeon <linkinjeon@...nel.org>, 
	Sungjong Seo <sj1557.seo@...sung.com>, Yuezhang Mo <yuezhang.mo@...y.com>, 
	Alexander Aring <alex.aring@...il.com>, Andreas Gruenbacher <agruenba@...hat.com>, 
	Jonathan Corbet <corbet@....net>, "Matthew Wilcox (Oracle)" <willy@...radead.org>, 
	Eric Van Hensbergen <ericvh@...nel.org>, Latchesar Ionkov <lucho@...kov.net>, 
	Dominique Martinet <asmadeus@...ewreck.org>, Christian Schoenebeck <linux_oss@...debyte.com>, 
	Xiubo Li <xiubli@...hat.com>, Ilya Dryomov <idryomov@...il.com>, 
	Trond Myklebust <trondmy@...nel.org>, Anna Schumaker <anna@...nel.org>, 
	Steve French <sfrench@...ba.org>, Paulo Alcantara <pc@...guebit.org>, 
	Ronnie Sahlberg <ronniesahlberg@...il.com>, Shyam Prasad N <sprasad@...rosoft.com>, 
	Tom Talpey <tom@...pey.com>, Bharath SM <bharathsm@...rosoft.com>, 
	Hans de Goede <hansg@...nel.org>, linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org, 
	linux-btrfs@...r.kernel.org, linux-erofs@...ts.ozlabs.org, linux-ext4@...r.kernel.org, 
	linux-f2fs-devel@...ts.sourceforge.net, linux-mtd@...ts.infradead.org, 
	jfs-discussion@...ts.sourceforge.net, linux-nilfs@...r.kernel.org, ntfs3@...ts.linux.dev, 
	ocfs2-devel@...ts.linux.dev, devel@...ts.orangefs.org, linux-unionfs@...r.kernel.org, 
	linux-xfs@...r.kernel.org, linux-mm@...ck.org, gfs2@...ts.linux.dev, 
	linux-doc@...r.kernel.org, v9fs@...ts.linux.dev, ceph-devel@...r.kernel.org, 
	linux-nfs@...r.kernel.org, linux-cifs@...r.kernel.org, samba-technical@...ts.samba.org
Subject: Re: [PATCH 00/24] vfs: require filesystems to explicitly opt-in to
 lease support

On Wed, Jan 14, 2026 at 08:41:16AM -0500, Jeff Layton wrote:
> On Wed, 2026-01-14 at 05:06 -0800, Christoph Hellwig wrote:
> > On Wed, Jan 14, 2026 at 10:34:04AM +0100, Amir Goldstein wrote:
> > > On Wed, Jan 14, 2026 at 7:28 AM Christoph Hellwig <hch@...radead.org> wrote:
> > > > 
> > > > On Tue, Jan 13, 2026 at 12:06:42PM -0500, Jeff Layton wrote:
> > > > > Fair point, but it's not that hard to conceive of a situation where
> > > > > someone inadvertantly exports cgroupfs or some similar filesystem:
> > > > 
> > > > Sure.  But how is this worse than accidentally exporting private data
> > > > or any other misconfiguration?
> > > > 
> > > 
> > > My POV is that it is less about security (as your question implies), and
> > > more about correctness.
> > 
> > I was just replying to Jeff.
> > 
> > > The special thing about NFS export, as opposed to, say, ksmbd, is
> > > open by file handle, IOW, the export_operations.
> > > 
> > > I perceive this as a very strange and undesired situation when NFS
> > > file handles do not behave as persistent file handles.
> > 
> > That is not just very strange, but actually broken (discounting the
> > obscure volatile file handles features not implemented in Linux NFS
> > and NFSD).  And the export ops always worked under the assumption
> > that these file handles are indeed persistent.  If they're not we
> > do have a problem.
> > 
> > > 
> > > cgroupfs, pidfs, nsfs, all gained open_by_handle_at() capability for
> > > a known reason, which was NOT NFS export.
> > > 
> > > If the author of open_by_handle_at() support (i.e. brauner) does not
> > > wish to imply that those fs should be exported to NFS, why object?
> > 
> > Because "want to export" is a stupid category.
> > 
> > OTOH "NFS exporting doesn't actually properly work because someone
> > overloaded export_ops with different semantics" is a valid category.
> > 
> 
> cgroupfs definitely doesn't behave as expected when exported via NFS.
> The files aren't readable, at least. I'd also be surprised if the
> filehandles were stable across a reboot, which is sort of necessary for

They aren't and it's not desirable.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ