Re: [PATCH v3 1/2] fs: make do_mkdirat() take struct filename

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Mar 30, 2021 at 2:17 PM Christian Brauner
<christian.brauner@xxxxxxxxxx> wrote:
> The only thing that is a bit unpleasant here is that this change
> breaks the consistency between the creation helpers:
>
> do_mkdirat()
> do_symlinkat()
> do_linkat()
> do_mknodat()
>
> All but of them currently take
> const char __user *pathname
> and call
> user_path_create()
> with that do_mkdirat() change that's no longer true. One of the major
> benefits over the recent years in this code is naming and type consistency.
> And since it's just matter of time until io_uring will also gain support
> for do_{symlinkat,linkat,mknodat} I would think switching all of them to
> take a struct filename
> and then have all do_* helpers call getname() might just be nicer in the
> long run.

So, I've finally got some time to look into this. do_mknodat() and
do_symlinkat() are easy. But do_linkat() is more complicated, I could use some
hints as to what's the reasonable way to implement the change.

The problem is linkat() requires CAP_DAC_READ_SEARCH capability if AT_EMPTY_PATH
flag is passed. Right now do_linkat checks the capability before calling
getname_flags (essentially). If do_linkat is changed to accept struct filename
then there is no bulletproof way to force CAP_DAC_READ_SEARCH presence (e.g. if
for whatever reason AT_EMPTY_PATH is not in flags passed to do_linkat). Also, it
means that the caller is responsible to process AT_EMPTY_PATH in the first
place, which means logic duplication.

Any ideas what's the best way to approach this?

Thanks.

-- 
Dmitry Kadashev



[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]


  Powered by Linux