On 08/22/2014 06:04 PM, Miklos Szeredi wrote:
On Thu, Aug 21, 2014 at 6:09 PM, Maxim Patlasov <mpatla...@parallels.com> wrote:
The patch enables the feature by passing 'true' to fuse_file_put in
fuse_release_common.
Previously, this was safe only in special cases when we sure that
multi-threaded userspace won't deadlock if we'll synchronously send
FUSE_RELEASE in the context of read-ahead or write-back callback. Now, it's
always safe because callbacks don't send requests to userspace anymore.
But we do want to make this privileged, as there are unlikely but
possible DoS scenarios with a sync release.
The latest patch of the set implements DISABLE_SYNC_RELEASE mount
option. We can instrument fusermount to use the option by default for
unprivileged mounts (allowing system administrator to configure it like
"user_allow_other"). Do you have a better way to implement DoS
protection in mind?
Thanks,
Maxim
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
