On Thu, May 13, 2021 at 02:45:39PM +0700, Dmitry Kadashev wrote:
> On Thu, Apr 15, 2021 at 9:09 PM Christian Brauner
> <christian.brauner@xxxxxxxxxx> wrote:
> > Hm, I get your point but if you e.g. look at fs/exec.c we already do
> > have that problem today:
> >
> > SYSCALL_DEFINE5(execveat,
> > int, fd, const char __user *, filename,
> > const char __user *const __user *, argv,
> > const char __user *const __user *, envp,
> > int, flags)
> > {
> > int lookup_flags = (flags & AT_EMPTY_PATH) ? LOOKUP_EMPTY : 0;
> >
> > return do_execveat(fd,
> > getname_flags(filename, lookup_flags, NULL),
> > argv, envp, flags);
> > }
> >
> > The new simple flag helper would simplify things because right now it
> > pretends that it cares about multiple flags where it actually just cares
> > about whether or not empty pathnames are allowed and it forces callers
> > to translate between flags too.
>
> Hi Christian,
>
> Sorry for the long silence, I got overwhelmed by the primary job and life
> stuff. I've finally carved out some time to work on this. I left out the
No problem at all! Yeah, I can relate. :)
> "make getname_flags accept a single boolean instead of flags" bit to
> make the change smaller. If you think it's something that definitely
> should be in this patch set then let me know, I'll put it back in. I'm
> still somewhat concerned about the separation of the capability check
> and the actual logic to get the name, but I guess I'll just post what I
> have and collect comments.
Sounds good!
Christian
