Re: [RFC 1/1] shiftfs: uid/gid shifting bind mount

From: J. Bruce Fields
Date: Mon Feb 06 2017 - 20:35:18 EST


On Mon, Feb 06, 2017 at 04:10:11PM -0800, James Bottomley wrote:
> On Mon, 2017-02-06 at 16:52 -0500, J. Bruce Fields wrote:
> > On Mon, Feb 06, 2017 at 07:18:16AM -0800, James Bottomley wrote:
> > > On Mon, 2017-02-06 at 09:50 -0500, Theodore Ts'o wrote:
> > > > On Sun, Feb 05, 2017 at 10:46:23PM -0800, James Bottomley wrote:
> > > > > Yes, I know the problem. However, I believe most current linux
> > > > > filesystems no longer guarantee stable, for the lifetime of the
> > > > > file, inode numbers. The usual docker container root is
> > > > > overlayfs, which, similarly doesn't support stable inode
> > > > > numbers. I see the odd complaint about docker with overlayfs
> > > > > having unstable inode numbers, but none seems to have any
> > > > > serious repercussions.
> > > >
> > > > Um, no. Most current linux file systems *do* guarantee stable
> > > > inode numbers. For one thing, NFS would break horribly if you
> > > > didn't have stable inode numbers. Never mind applications which
> > > > depend on POSIX semantics. And you wouldn't be able to save
> > > > games in rogue or nethack, either. :-)
> > >
> > > I believe that's why we have the superblock export operations to
> > > manufacture unique filehandles in the absence of inode number
> > > stability.
> >
> > Where did you hear that?
> >
> > I'd expect an NFS client to handle non-unique filehandles
> > better than non-unique inode numbers. I believe our client will -EIO
> > on encountering an inode number change (see
> > nfs_check_inode_attributes().)
> >
> > See also https://tools.ietf.org/html/rfc5661#section-10.3.4.
>
> Could you clarify your point a bit further, please? Both the
> check_inode_attributes() code and section 10.3.4 are talking about
> fileids, which are the things that are constructed in the export_ops

No, the filehandle structure isn't discussed in the rfc at all, that's
opaque to clients, and the "fileid" you see in the export code isn't
what's discussed here.

The "fileid" here is an NFS attribute, really just the NFS protocol's
name for the inode number. The server code that returns fileid's:

if (bmval0 & FATTR4_WORD0_FILEID) {
p = xdr_reserve_space(xdr, 8);
if (!p)
goto out_resource;
p = xdr_encode_hyper(p, stat.ino);
}

The client getattr code:

stat->ino = nfs_compat_user_ino64(NFS_FILEID(inode));

--b.

> ... admittedly a lot of fileid_types are based on inode numbers, but
> several aren't. For those that aren't, I believe NFS doesn't care
> about the underlying inode number of the exported file.