Re: [PATCH v15 4/9] namei: LOOKUP_BENEATH: O_BENEATH-like scoped resolution
From: Aleksa Sarai
Date: Wed Nov 13 2019 - 23:58:23 EST
On 2019-11-13, Aleksa Sarai <cyphar@xxxxxxxxxx> wrote:
> On 2019-11-13, Al Viro <viro@xxxxxxxxxxxxxxxxxx> wrote:
> > Minor nit here - I'd split "move the conditional call of set_root()
> > into nd_jump_root()" into a separate patch before that one. Makes
> > for fewer distractions in this one. I'd probably fold "and be
> > ready for errors other than -ECHILD" into the same preliminary
> > patch.
>
> Will do.
>
> > > + /* Not currently safe for scoped-lookups. */
> > > + if (unlikely(nd->flags & LOOKUP_IS_SCOPED))
> > > + return ERR_PTR(-EXDEV);
> >
> > Also a candidate for doing in nd_jump_link()...
> >
> > > @@ -1373,8 +1403,11 @@ static int follow_dotdot_rcu(struct nameidata *nd)
> > > struct inode *inode = nd->inode;
> > >
> > > while (1) {
> > > - if (path_equal(&nd->path, &nd->root))
> > > + if (path_equal(&nd->path, &nd->root)) {
> > > + if (unlikely(nd->flags & LOOKUP_BENEATH))
> > > + return -EXDEV;
> >
> > Umm... Are you sure it's not -ECHILD?
>
> It wouldn't hurt to be -ECHILD -- though it's not clear to me how likely
> a success would be in REF-walk if the parent components didn't already
> trigger an unlazy_walk() in RCU-walk.
>
> I guess that also means LOOKUP_NO_XDEV should trigger -ECHILD in
> follow_dotdot_rcu()?
Scratch the last question -- AFAICS we don't need to do that for
LOOKUP_NO_XDEV because we check against mount_lock so it's very unlikely
that -ECHILD will have any benefit.
--
Aleksa Sarai
Senior Software Engineer (Containers)
SUSE Linux GmbH
<https://www.cyphar.com/>
Attachment:
signature.asc
Description: PGP signature