From patchwork Thu Oct 5 09:49:11 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrea Righi X-Patchwork-Id: 1843843 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com (client-ip=185.125.189.65; helo=lists.ubuntu.com; envelope-from=kernel-team-bounces@lists.ubuntu.com; receiver=patchwork.ozlabs.org) Received: from lists.ubuntu.com (lists.ubuntu.com [185.125.189.65]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4S1RcK42M4z1yng for ; Thu, 5 Oct 2023 20:49:53 +1100 (AEDT) Received: from localhost ([127.0.0.1] helo=lists.ubuntu.com) by lists.ubuntu.com with esmtp (Exim 4.86_2) (envelope-from ) id 1qoKzD-0001la-2Y; Thu, 05 Oct 2023 09:49:39 +0000 Received: from smtp-relay-internal-0.internal ([10.131.114.225] helo=smtp-relay-internal-0.canonical.com) by lists.ubuntu.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1qoKyz-0001kW-7R for kernel-team@lists.ubuntu.com; Thu, 05 Oct 2023 09:49:25 +0000 Received: from mail-ed1-f72.google.com (mail-ed1-f72.google.com [209.85.208.72]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-internal-0.canonical.com (Postfix) with ESMTPS id BC1443F594 for ; Thu, 5 Oct 2023 09:49:24 +0000 (UTC) Received: by mail-ed1-f72.google.com with SMTP id 4fb4d7f45d1cf-536294c9526so608942a12.3 for ; Thu, 05 Oct 2023 02:49:24 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1696499364; x=1697104164; h=content-transfer-encoding:mime-version:message-id:date:subject:to :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=2pO7+O2cBoRGjYrFa5COoHrex9GN9xAtVpiArvXh7TY=; b=Ylrc4mr2Ed0PYZxx40LnpvCXb+c6+WT0xo4cheHXPbuWkecLiC0PkAL6lpAFYToGu0 c1WwGa50TxGRc4WgrNScDDLo1pHUh4q1RAXGNyuFvaQcljmD9NfnaXcDTgEP7q1NWPiD VX3rWsPSWRC5dRg+HIEHeM4WVnZf7t8zhYX5ccQLCbJhk+SjQOmfSMrKaf7I9Q7xxd5N Fa68yomQzc7pEpC3ZbGK0xdptX0G6QkTputcpTBgW8snLV+bexBenSpXoT3VMaoctDXJ 2mhVvCUnxzex5A9iqxajY+70G2KwVsYGDHSoOviJCZj7HrIcFIJA///T7CaJV/7pEiqk oGvg== X-Gm-Message-State: AOJu0YxqTZSeFtIsR6noqM8wkKRycJ2XDmQHC3HzPYQUSlVfozs40WFO uwbhE/IzPqQwh6+mV+qewugrC9UUauaEDvu4JCSoevBQTvLHKOkdt2diwlonvOqBxo+C9TgJGpB rUmmtsL9qjwVBSCTy5B7rRx6JVDbb031aPPpvL8Cubg8uvHeOcw== X-Received: by 2002:a05:6402:1206:b0:530:4bcd:626c with SMTP id c6-20020a056402120600b005304bcd626cmr4664608edw.23.1696499364059; Thu, 05 Oct 2023 02:49:24 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHWTczKzvJeplyNGc6vIkoiljxMJalyzmLrzZo1eMYuoyRfQb4iFyH/CrHMjMTYSf6/bVaUeQ== X-Received: by 2002:a05:6402:1206:b0:530:4bcd:626c with SMTP id c6-20020a056402120600b005304bcd626cmr4664594edw.23.1696499363648; Thu, 05 Oct 2023 02:49:23 -0700 (PDT) Received: from localhost.localdomain (host-79-19-77-113.retail.telecomitalia.it. [79.19.77.113]) by smtp.gmail.com with ESMTPSA id n10-20020a056402060a00b0053447d022f9sm823980edv.18.2023.10.05.02.49.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 05 Oct 2023 02:49:23 -0700 (PDT) From: Andrea Righi To: kernel-team@lists.ubuntu.com Subject: [SRU][M][PATCH 0/2] disable shiftfs Date: Thu, 5 Oct 2023 11:49:11 +0200 Message-Id: <20231005094913.17839-1-andrea.righi@canonical.com> X-Mailer: git-send-email 2.40.1 MIME-Version: 1.0 X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: kernel-team-bounces@lists.ubuntu.com Sender: "kernel-team" BugLink: https://bugs.launchpad.net/bugs/2038522 [Impact] Now that all the filesystems that we officially support have the idmapped mounts capability we can get rid of shiftfs. The benefit of this change is that we don't have to maintain an out-of-tree filesystem anymore and we can completely rely on upstream features. [Test case] lxd was the main user of shiftfs to compensate the lack of idmapped mounts capability of certain filesystems, such as zfs / ceph, but now in mantic also these two filesystem received the support for idmapped mounts (support for zfs was introduced in 2.2.0~rc3 and for ceph see LP: #2032959). The lxd team provided a positive feedback, testing the latest 6.5 Mantic kernel across all the supported filesystems with shiftfs disabled. [Fix] Disable shiftfs in the kernel config and enable unsafe idmapped mounts by default (default=on). [Regression potential] The support for idmapped mounts for the ceph filesystem is not applied upstream yet, so we may experience regressions in systems that are using this filesystem. Moreover disabling shiftfs may trigger failures in our testing (testing shiftfs capabilities will obviously fail) or break any other user-space application that is relying on shiftfs (however to our knowledge lxd was the only "official" user or shiftfs; for this reason we may also see potential regressions in lxd). Acked-by: Tim Gardner Acked-by: Stefan Bader