On Thu, Jul 13, 2023 at 02:00:42PM +0200, Christoph Hellwig wrote:
> On Wed, Jul 12, 2023 at 08:58:49PM +0200, Christian Brauner wrote:
> > (1) Filesystems that don't implement a i_op->setattr() for symlinks.
> >
> > Such filesystems may or may not know that without i_op->setattr()
> > defined, notify_change() falls back to simple_setattr() causing the
> > inode's mode in the inode cache to be changed.
>
> Btw, I think this fallback is pretty harmful. At some point we should
> probably start auditing all instances and wire the ones up that should
> be using simple_setattr (probably mostly just in-memory file systems)
> and refuse attribute changes if .setattr is NULL.
Yes, I agree. For example, it is an issue or at least a potential source
for bugs for procfs files. If they don't have a i_op->setattr() handler
they still get simple_setattr() which means that they accept ATTR_MODE
changes which they were explicitly stopped from doing in 2006 in commit
6d76fa58b050 ("Don't allow chmod() on the /proc/<pid>/ files").
