Re: [PATCH] man/man2/setns.2: clarify type of nsfs fd required

Next message: kernel test robot: "Re: [PATCH 14/14] greybus: cpc: add CPC SDIO host driver"
Previous message: Chuck Lever: "Re: [PATCH RFC 0/6] nfsd: allow for a dynamically-sized threadpool"
In reply to: Alyssa Ross: "Re: [PATCH] man/man2/setns.2: clarify type of nsfs fd required"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Alejandro Colomar

Date: Sat Dec 13 2025 - 14:37:41 EST

Hi Alyssa, Christian, Al,

On Sat, Dec 13, 2025 at 07:59:04PM +0100, Alyssa Ross wrote:
> Alejandro Colomar <alx@xxxxxxxxxx> writes:
>
> > Hi Alyssa,
> >
> > On Sat, Dec 13, 2025 at 06:58:53PM +0100, Alyssa Ross wrote:
> >> I was surprised to discover than an O_PATH file descriptor was
> >> insufficient.
> >
> > How did you discover it? Could you please link to relevant information
> > (or kernel sources)?
>
> By trying it!
>
> Presumably it's the fd_empty() check at the beginning of the syscall
> implementation in nsproxy.c.

Hmm, thanks! I don't see any documentation about this, neither in the
kernel Documentation/, nor in the commit messages that introduced this
code. Christian, Al, would you mind checking if this is intended? If
so, it would be useful to document why O_PATH is not accepted. Is it
a security problem?

> >> Since the mode of nsfs files is always 0444, tell
> >> callers to always a file descriptor opened for reading.
> >
> > Missing 'use'?
>
> Yes. Feel free to add it.

Thanks!

Cheers,
Alex

--
<https://www.alejandro-colomar.es>

Attachment: signature.asc
Description: PGP signature