[RFC][PATCH 00/27] Mount writer count and read-only bind mounts (v4)

Tries to incorporate comments from Al:
http://article.gmane.org/gmane.linux.kernel/421029

Al wrote:
>  b) figuring out what (if anything) should be done with
>  propagation when we have shared subtrees... (not trivial at all)

Talked with Ram:  Shared subtrees are about having identical views
into the filesystem.  Changing the mount permissions doesn't affect
the view of the filesystem, so it should not be propagated.  

The things that probably need the heaviest review in here are the
i_nlink monitoring patch (including the inode state flag patches 03
and 06) and the new MNT_SB_WRITABLE flag (patch 05).  

---

The following series implements read-only bind mounts.  This feature
allows a read-only view into a read-write filesystem.  In the process
of doing that, it also provides infrastructure for keeping track of
the number of writers to any given mount.  In this version, if there
are writers on a superblock, the filesystem may not be remounted 
r/o.  The same goes for MS_BIND mounts, and writers on a vfsmount.

This has a number of uses.  It allows chroots to have parts of
filesystems writable.  It will be useful for containers in the future
and is intended to replace patches that vserver has had out of the
tree for several years.  It allows security enhancement by making
sure that parts of your filesystem read-only, when you don't want
to have entire new filesystems mounted, or when you want atime
selectively updated.

This set makes no attempt to keep the return codes for these
r/o bind mounts the same as for a real r/o filesystem or device.
It would require significantly more code and be quite a bit more
invasive.

Using this feature requires two steps:

	mount --bind /source /dest
	mount -o remount,ro  /dest

Signed-off-by: Dave Hansen <[email protected]>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Follow-Ups:
- Re: [RFC][PATCH 00/27] Mount writer count and read-only bind mounts (v4)
  - From: [email protected] (Ram Pai)
- [RFC][PATCH 03/27] unlink: monitor i_nlink
  - From: Dave Hansen <[email protected]>
- [RFC][PATCH 04/27] reintroduce list of vfsmounts over superblock
  - From: Dave Hansen <[email protected]>
- [RFC][PATCH 09/27] elevate writer count for chown and friends
  - From: Dave Hansen <[email protected]>
- [RFC][PATCH 08/27] increment sb writer count when nlink hits zero
  - From: Dave Hansen <[email protected]>
- [RFC][PATCH 05/27] Add vfsmount writer count
  - From: Dave Hansen <[email protected]>
- [RFC][PATCH 06/27] record when sb_writer_count elevated for inode
  - From: Dave Hansen <[email protected]>
- [RFC][PATCH 01/27] prepare for write access checks: collapse if()
  - From: Dave Hansen <[email protected]>
- [RFC][PATCH 14/27] sys_linkat(): elevate write count around vfs_link()
  - From: Dave Hansen <[email protected]>
- [RFC][PATCH 12/27] sys_symlinkat() elevate write count around vfs_symlink()
  - From: Dave Hansen <[email protected]>
- [RFC][PATCH 13/27] elevate mount count for extended attributes
  - From: Dave Hansen <[email protected]>
- [RFC][PATCH 15/27] mount_is_safe(): add comment
  - From: Dave Hansen <[email protected]>
- [RFC][PATCH 11/27] elevate write count during entire ncp_ioctl()
  - From: Dave Hansen <[email protected]>
- [RFC][PATCH 07/27] kill open files traverse on remount ro
  - From: Dave Hansen <[email protected]>
- [RFC][PATCH 25/27] elevate writer count for custom 'struct file'
  - From: Dave Hansen <[email protected]>
- [RFC][PATCH 10/27] elevate mnt writers for callers of vfs_mkdir()
  - From: Dave Hansen <[email protected]>
- [RFC][PATCH 16/27] unix_find_other() elevate write count for touch_atime()
  - From: Dave Hansen <[email protected]>
- [RFC][PATCH 26/27] Originally from: Herbert Poetzl <[email protected]>
  - From: Dave Hansen <[email protected]>
- [RFC][PATCH 22/27] sys_mknodat(): elevate write count for vfs_mknod/create()
  - From: Dave Hansen <[email protected]>
- [RFC][PATCH 21/27] elevate write count for do_sys_utime() and touch_atime()
  - From: Dave Hansen <[email protected]>
- [RFC][PATCH 20/27] elevate write count for do_utimes()
  - From: Dave Hansen <[email protected]>
- [RFC][PATCH 24/27] do_rmdir(): elevate write count
  - From: Dave Hansen <[email protected]>
- [RFC][PATCH 18/27] tricky: elevate write count files are open()ed
  - From: Dave Hansen <[email protected]>
- [RFC][PATCH 27/27] honor r/w changes at do_remount() time
  - From: Dave Hansen <[email protected]>
- [RFC][PATCH 19/27] elevate writer count for do_sys_truncate()
  - From: Dave Hansen <[email protected]>
- [RFC][PATCH 17/27] elevate write count over calls to vfs_rename()
  - From: Dave Hansen <[email protected]>
- [RFC][PATCH 23/27] elevate mnt writers for vfs_unlink() callers
  - From: Dave Hansen <[email protected]>
- [RFC][PATCH 02/27] r/o bind mount prepwork: move open_namei()'s vfs_create()
  - From: Dave Hansen <[email protected]>

Prev by Date: [RFC][PATCH 02/27] r/o bind mount prepwork: move open_namei()'s vfs_create()
Next by Date: [RFC][PATCH 23/27] elevate mnt writers for vfs_unlink() callers
Previous by thread: [PATCH 1/1] - sgiioc4: fixup use of mmio ops
Next by thread: [RFC][PATCH 02/27] r/o bind mount prepwork: move open_namei()'s vfs_create()
Index(es):
- Date
- Thread

[Index of Archives] [Kernel Newbies] [Netfilter] [Bugtraq] [Photo] [Stuff] [Gimp] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Video 4 Linux] [Linux for the blind] [Linux Resources]