Re: [PATCH v2 0/3] virtiofsd: Add options to enable/disable posix acl

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 0/3] virtiofsd: Add options to enable/disable posix acl

From:	Miklos Szeredi
Subject:	Re: [PATCH v2 0/3] virtiofsd: Add options to enable/disable posix acl
Date:	Fri, 19 Feb 2021 16:55:06 +0100

On Fri, Feb 19, 2021 at 3:34 PM Vivek Goyal <vgoyal@redhat.com> wrote:
>
> On Fri, Feb 19, 2021 at 11:50:54AM +0000, Luis Henriques wrote:
> > Vivek Goyal <vgoyal@redhat.com> writes:
> >
> > > Hi,
> > >
> > > This is V2 of the patches. Changes since v1 are.
> > >
> > > - Rebased on top of latest master.
> > > - Took care of Miklos's comments to block acl xattrs if user
> > >   explicitly disabled posix acl.
> > >
> > > Luis Henriques reported that fstest generic/099 fails with virtiofs.
> > > Little debugging showed that we don't enable acl support. So this
> > > patch series provides option to enable/disable posix acl support. By
> > > default it is disabled.
> > >
> > > I have run blogbench and pjdfstests with posix acl enabled and
> > > things work fine.
> > >
> > > Luis, can you please apply these patches, and run virtiofsd with
> > > "-o posix_acl" and see if it fixes the failure you are seeing. I
> > > ran the steps you provided manually and it fixes the issue for
> > > me.
> >
> > Sorry for the delay.  I've finally tested these patches and they indeed
> > fix the problem I reported.  My only question about this fix is why is
> > this option not enabled by default, since this is the documented behavior
> > in acl(5) and umask(2)?  In fact, why is this an option at all?
>
> You mean why to not enable acl by default?
>
> I am concerned about performance drop this can lead to because extra
> GETXATTR(system.posix_acl_*) messages which will trigger if acls are enabled.
> And not all users might require these. That's why I preferred to not enable
> acl by default. Those who need it can enable it explicitly.
>
> Another example is xattr support. Due to performance concerns, we don't
> enable xattrs by default either.

Actually generic xattr is much worse, since there's no caching for
them currently, as opposed to posix acls, which are cached both when
positive and negative.

If we enable ACL by default in case xattrs are enabled, we should be
safe, I think.  Having an option to disable acls still makes sense,
but it's an optional plus.

Thanks,
Miklos

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH v2 0/3] virtiofsd: Add options to enable/disable posix acl, Vivek Goyal, 2021/02/17
- [PATCH v2 2/3] virtiofsd: Add umask to seccom allow list, Vivek Goyal, 2021/02/17
- [PATCH v2 1/3] virtiofsd: Add an option to enable/disable posix acls, Vivek Goyal, 2021/02/17
  - Re: [PATCH v2 1/3] virtiofsd: Add an option to enable/disable posix acls, Vivek Goyal, 2021/02/18
  - Re: [PATCH v2.1 1/3] virtiofsd: Add an option to enable/disable posix acls, Vivek Goyal, 2021/02/18
- [PATCH v2 3/3] virtiofsd: Change umask if posix acls are enabled, Vivek Goyal, 2021/02/17
- Re: [PATCH v2 0/3] virtiofsd: Add options to enable/disable posix acl, Luis Henriques, 2021/02/19
  - Re: [PATCH v2 0/3] virtiofsd: Add options to enable/disable posix acl, Vivek Goyal, 2021/02/19
    - Re: [PATCH v2 0/3] virtiofsd: Add options to enable/disable posix acl, Miklos Szeredi <=
    - Re: [PATCH v2 0/3] virtiofsd: Add options to enable/disable posix acl, Luis Henriques, 2021/02/19
    - Re: [PATCH v2 0/3] virtiofsd: Add options to enable/disable posix acl, Vivek Goyal, 2021/02/22
  - Re: [PATCH v2 0/3] virtiofsd: Add options to enable/disable posix acl, Luis Henriques, 2021/02/23

Prev by Date: Re: [PATCH v1 6/6] tests/acceptance: allow a "graceful" failing for virtio-gpu test
Next by Date: Re: [PATCH 3/3] iotests/283: Check that finalize drops backup-top
Previous by thread: Re: [PATCH v2 0/3] virtiofsd: Add options to enable/disable posix acl
Next by thread: Re: [PATCH v2 0/3] virtiofsd: Add options to enable/disable posix acl
Index(es):
- Date
- Thread