Re: [patch 00/13] devtmpfs patches

[Greg KH]

On Wed, May 13, 2009 at 03:43:28PM -0700, Eric W. Biederman wrote:
> Kay Sievers <kay.sievers@xxxxxxxx> writes:
> 
> > On Wed, 2009-05-13 at 10:35 -0400, Stephen Smalley wrote:
> >> > Maybe we could do the same credential swap in sysfs, and get rid of:
> >> > /**
> >> >  * lookup_one_noperm - bad hack for sysfs
> >> > 
> >> > Seems a bit odd to have a vfs function for a single filesystem, called
> >> > from a single location, and annotated as "do not use". Christoph added
> >> > the comment a while ago, so adding him to Cc:.
> >> 
> >> Yes, that makes sense to me as well - we didn't have the credentials
> >> infrastructure in place at the time that lookup_one_noperm was
> >> introduced, but switching the credentials around a normal lookup_one_len
> >> call should work now.
> >
> > Something like this? It seems to work fine here, but I did not test it with SELinux.
> 
> That just masks the problem not fixes it.
> 
> The problem is that sysfs attempts to keep the dcache in lock-step with
> the sysfs_dentries.
> 
> The VFS model is lazy coherency and bringing things in sync on access.
> This is important to avoid locking problems.

So how would you propose to resolve this?

thanks,

greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/