Re: [PATCH v2] vfs: add support for empty path to openat2(2)

Next message: Chen Wang: "Re: [RFC v1 00/18] PCI: Enable async probe by default"
Previous message: Sean Christopherson: "Re: [PATCH v9 03/22] KVM: VMX: Disable FRED if FRED consistency checks fail"
In reply to: Christian Brauner: "Re: [PATCH v2] vfs: add support for empty path to openat2(2)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Jori Koolstra

Date: Wed Mar 04 2026 - 19:27:03 EST

> Op 04-03-2026 15:03 CET schreef Christian Brauner <brauner@xxxxxxxxxx>:
>
> I forgot to mention this cautionary little nugget in the last review...
>
> The legacy open(2)/openat(2) codepaths currently aren't able to deal
> with flag values in the upper 32-bit of a u64 flag parameter.
>
> Basically, by adding OPENAT2_EMPTY_PATH into VALID_OPEN_FLAGS that's now
> a u64. That has fun consequences:
>
> inline struct open_how build_open_how(int flags, umode_t mode)
> {
> struct open_how how = {
> .flags = flags & VALID_OPEN_FLAGS,
>
> This will now cause bits 32 to 63 to be raised and how.flags ends up
> with OPENAT2_EMPTY_PATH by pure chance.
>

Ah, shoot! In my head I read flags as an array of bits, and it didn't occur to
me that it can be sign extended when you do flags & VALID_OPEN_FLAGS if bit 31 in
flags is set. So it should be enough to cast (unsigned int)flags? Or what would
be appropriate? Is there a particular reason that flags are mostly signed? Or is
that legacy of the definition of syscalls like open(2)?

Thanks,
Jori.