On 24.03.21 17:44, Dr. David Alan Gilbert wrote:
* Stefan Hajnoczi ([email protected]) wrote:
On Thu, Mar 18, 2021 at 06:09:58PM +0100, Max Reitz wrote:
[...]
Final minor question that doesn’t really fit in fully elsewhere: When
generating a MAC over a file handle, should the mount ID be included?
I’m worried that this might definitely break persistency, but I think we
should include some FS ID. Maybe the kernel should query the FS UUID
for this MAC calculation, and use that instead of the mount ID?
This is a good point. If the file handle is not tied to a particular
file system mount then an application can stash a well-known file handle
(e.g. /) from one mount it has full access to and then use open a file
on a mount that it does not have full directory treeaccess to (e.g. a
bind mount/sub-tree?).
I'd be surprised if the mount-id was the same between two hosts.
True, and it’s also not persistent between reboots, that’s why I
proposed for the kernel to query the FS UUID for the MAC calculation.
Max
_______________________________________________
Virtio-fs mailing list
[email protected]
https://listman.redhat.com/mailman/listinfo/virtio-fs
