Re: [RFC PATCH 3/3] add listmnt(2) syscall

From: Miklos Szeredi
Date: Sun Sep 17 2023 - 10:36:04 EST

Next message: Josua Mayer: "Re: [PATCH v5 1/4] arm64: dts: lx2160a: describe the SerDes block #2"
Previous message: Andreas Kemnade: "Re: [RFC PATCH] drm: omapdrm: dsi: add refsel also for omap4"
In reply to: Matthew House: "Re: [RFC PATCH 3/3] add listmnt(2) syscall"
Next in thread: Christian Brauner: "Re: [RFC PATCH 3/3] add listmnt(2) syscall"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Sep 17, 2023 at 2:54 AM Matthew House <mattlloydhouse@xxxxxxxxx> wrote:

> > + list_for_each_entry(r, &m->mnt_mounts, mnt_child) {
> > + if (!capable(CAP_SYS_ADMIN) &&
> > + !is_path_reachable(r, r->mnt.mnt_root, root))
> > + continue;
>
> I'm not an expert on the kernel API, but to my eyes, it looks a bit weird
> to silently include or exclude unreachable mounts from the list based on
> the result of a capability check. I'd normally expect a more explicit
> design, where (e.g.) the caller would set a flag to request unreachable
> mounts, then get an -EPERM back if it didn't have the capability, as
> opposed to this design, where the meaning of the output ("all mounts" vs.
> "all reachable mounts") changes implicitly depending on the caller. Is
> there any precedent for a design like this, where inaccessible results
> are silently omitted from a returned list?

Good point. That issue was nagging at the back of my mind. Having an
explicit flag nicely solves the issue.

Thanks,
Miklos

Next message: Josua Mayer: "Re: [PATCH v5 1/4] arm64: dts: lx2160a: describe the SerDes block #2"
Previous message: Andreas Kemnade: "Re: [RFC PATCH] drm: omapdrm: dsi: add refsel also for omap4"
In reply to: Matthew House: "Re: [RFC PATCH 3/3] add listmnt(2) syscall"
Next in thread: Christian Brauner: "Re: [RFC PATCH 3/3] add listmnt(2) syscall"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]