Re: [PATCH] vfs: transitive upgrade restrictions for fds

Next message: Koichiro Den: "[PATCH v11 0/7] PCI: endpoint: pci-ep-msi: Add embedded doorbell fallback"
Previous message: Chen-Yu Tsai: "Re: [PATCH v6 0/7] PCI: mediatek-gen3: add power control support"
Next in thread: Greg KH: "Re: [PATCH] vfs: transitive upgrade restrictions for fds"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Christian Brauner

Date: Tue Mar 24 2026 - 04:46:29 EST

On Mon, Mar 23, 2026 at 11:00:22PM +0100, Jori Koolstra wrote:
> Add upgrade restrictions to openat2(). Extend struct open_how to allow
> setting transitive restrictions on using file descriptors to open other
> files. A use case for this feature is to block services or containers
> from re-opening/upgrading an O_PATH file descriptor through e.g.
> /proc/<pid>/fd/<nr as O_WRONLY.
>
> The idea for this features comes form the UAPI group kernel feature idea
> list [1].
>
> [1] https://github.com/uapi-group/kernel-features?tab=readme-ov-file#upgrade-masks-in-openat2
>
> Signed-off-by: Jori Koolstra <jkoolstra@xxxxxxxxx>
> ---

Aleksa has thought long about this feature so I'll let him do the first
pass review here. Historically this was a bit of a can of worms...