On 03/24/2014 07:58 PM, Jeff Mahoney wrote: > The BTRFS_IOC_SNAP_CREATE_V2 ioctl is limited by requiring that a file > descriptor be passed in order to create the snapshot. This means that > snapshots may only be created of trees that are available in the mounted > namespace. We have a need to create snapshots from subvolumes outside > of the namespace. This is already possible by mounting the numbered > subvolume by ID on a separate mount point, creating the snapshot, and > unmounting it. That's a tedious and unnecessary process since the ioctl > can be extended so easily. > > This patch adds a new BTRFS_SUBVOL_CREATE_SUBVOLID flag that instructs > the ioctl to use the fd argument (which is now a union) as a subvolume > id instead. The subvolume ID is used to look up the root and instantiate > the inode so proper permission checking takes place.
Can you please make this root only? The file handle makes sure the admin hasn't intentionally hidden the subvol from the user, and this bypasses those permission checks. -chris -- To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
