Re: [PATCH v4 1/2] vfs: add O_EMPTYPATH to openat(2)/openat2(2)

Next message: Sakari Ailus: "Re: [PATCH] media: atomisp: coding style: Move trailing statements to next line"
Previous message: Alexander Stein: "[PATCH 1/1] clk: bulk: Use dev_err_probe() helper in of_clk_bulk_get()"
In reply to: Jori Koolstra: "[PATCH v4 1/2] vfs: add O_EMPTYPATH to openat(2)/openat2(2)"
Next in thread: Aleksa Sarai: "Re: [PATCH v4 1/2] vfs: add O_EMPTYPATH to openat(2)/openat2(2)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Christian Brauner

Date: Wed Apr 22 2026 - 08:56:13 EST

On Sun, Apr 19, 2026 at 03:17:49PM +0200, Jori Koolstra wrote:
> To get an operable version of an O_PATH file descriptor, it is possible
> to use openat(fd, ".", O_DIRECTORY) for directories, but other files
> currently require going through open("/proc/<pid>/fd/<nr>"), which
> depends on a functioning procfs.
>
> This patch adds the O_EMPTYPATH flag to openat(2)/openat2(2). If passed,
> LOOKUP_EMPTY is set at path resolution time.
>
> Note: This implies that you cannot rely anymore on disabling procfs from
> being mounted (e.g. inside a container without procfs mounted and with
> CAP_SYS_ADMIN dropped) to prevent O_PATH fds from being re-opened
> read-write.

That's the only thing that really always gave me pause about this.

So I think we should try it anyway but I want to prepare you for the not
so unlikely possibility that we will have to revert this because some
userspace program relies on the legacy behavior.