* Vivek Goyal: >> The usual >> recommendation for emulating it is to use openat with O_PATH, and then >> use getxattr on the virtual /proc/self/fd path. This needs an >> additional system call (openat, getxattr, close instead of fchdir, >> getxattr), > > openat(O_PATH) + getxattr(/proc/self/fd) + close() sounds reasonable > too. Not sure why did we not take that path. May be due to that extra > syscall or something else.
Thanks. >> but it avoids the unshare(CLONE_FS) call behind libc's back. > > Hmm.., did not know that libc does not like threads calling > unshare(CLONE_FS). Not sure why that is a problem. Here's a corner case: We plan to add chroot detection to NSS module loading (so that we do not load NSS modules after chroot), as a form of security hardening. If the application calls unshare(CLONE_FS) and then chroot, which NSS modules are loaded depends on which threads call NSS functions. One could argue that chdir/chroot are problematic, not unshare(CLONE_FS). 8-) > BTW, we need separate umask per thread as well. During file creation > we might be switching to umask provide in fuse protocol message > and then switch back. Given multiple therads might be doing this > creation in parallel, so we ofcourse need this to be per thread > property. That's a good point. That's not something that can be worked around with *at functions. > So if your patches for pthread_create() with per thread filesystem > attributes finally goes upstream, I guess we should be able to > make use of it and drop unshare(CLONE_FS). Thank you for the feedback. Florian
