Re: [RFC] automount based devfs replacement

From: Richard Gooch (
Date: Wed Apr 26 2000 - 00:49:14 EST

Alexander Viro writes:
> On Mon, 17 Apr 2000, Richard Gooch wrote:
> > What an appallingly bad idea. So instead of one filesystem, we now
> > have dozens?!? Talk about kernel bloat! So what exactly is the point
> > of this exercise? What problems are you solving? And if you are
> > solving any real technical problems, why can't that be done with
> > devfs+devfsd?
> Mutilated Cthulhu on the Enola Gay!

What does this mean?

> Richard. Try to realize it. Your multiple-mount code is
> BROKEN. Please, stop repeating "it's OK, I see no problems" - the
> latter is probably true, but the former is profoundly false.

I'm not denying there are problems. I've acknowledged the races.

> Just how many times should it be repeated before it will sink in?

Well, if you think I'm missing your point, try rephrasing it. That's
worked for me when I'm explaining things to people and they didn't
understand what I meant. I've found that different people think
differently, and one approach for explaining doesn't work for all.

> Having. Multiple. Detries. For. One. Writable. Directory. Is. Broken.
> Having multiple inodes for such directory is absolutely broken.
> Mounting devfs several times gives you exactly that. Ergo, it is
> broken.

It's broken if there isn't appropriate locking. But are you saying
that no amount of locking can fix the races? If so, please take the
time to clearly explain why not.

> There is no way to share _part_ of the tree. So if you have one tree
> you either not share it at all (see above) or you need to mount on
> all-or-nothing basis.

Impossible? Even with appropriate locking? Why?

> Sigh... _How_ can you be so thick? That stuff had been explained
> several times during the last month. Privately, on l-k, in other
> places... It had been told to you before - many times, actually. All
> you answer is "None of the people who use devfs had security/DoS
> problems because of devfs". If you really believe that it's a valid
> attitude - you have no business working with any security-related
> code. If you don't - wake up and try to realize what the problem
> is. You ought to know better than that.

But that *isn't* my attitude. Just because I've said no problems have
been reported by users, doesn't mean I deny the possibilty. I've
publicly acknowledged the races, multiple times, and said I will fix

I don't know why you think I have this attitude since I've tried to
clarify it more than once. If there's something not clear to you about
the above paragraph, please let me know and I'll try to rephrase it.



To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
Please read the FAQ at

This archive was generated by hypermail 2b29 : Sun Apr 30 2000 - 21:00:10 EST