On Thu, Jul 27, 2023 at 01:13:37PM -0400, dalias@xxxxxxxx wrote: > On Thu, Jul 27, 2023 at 07:02:53PM +0200, Christian Brauner wrote: > > On Thu, Jul 27, 2023 at 06:28:53PM +0200, Andreas Schwab wrote: > > > On Jul 27 2023, David Laight wrote: > > > > > > > From: Aleksa Sarai > > > >> Sent: 25 July 2023 17:36 > > > > ... > > > >> We almost certainly want to support AT_EMPTY_PATH at the same time. > > > >> Otherwise userspace will still need to go through /proc when trying to > > > >> chmod a file handle they have. > > > > > > > > That can't be allowed. > > > > > > IIUC, fchmodat2(fd, "", m, AT_EMPTY_PATH) is equivalent to fchmod(fd, > > > m). With that, new architectures only need to implement the fchmodat2 > > > syscall to cover all chmod variants. > > > > There's a difference though as fchmod() doesn't work with O_PATH file > > descriptors while AT_EMPTY_PATH does. Similar to how fchown() doesn't > > work with O_PATH file descriptors. > > > > However, we do allow AT_EMPTY_PATH with fchownat() so there's no reason > > to not allow it for fchmodat2(). > > > > But it's a bit of a shame that O_PATH looks less and less like O_PATH. > > It came from can-do-barely-anything to can-do-quite-a-lot-of-things over > > the years. > > > > In any case, AT_EMPTY_PATH for fchmodat2() can be an additional patch on > > top. > > From a standpoint of implementing O_SEARCH/O_EXEC using it, I don't > see any reason fchown/fchmod should not work on O_PATH file > descriptors. And indeed when you have procfs available to emulate them > via procfs, it already does. So I don't see this as unwanted I'm really not talking about the fact that proc is a giant loophole for basically everyhing related to O_PATH and reopening fds. I'm saying that both fchmod() and fchown() don't work on O_PATH fds. They explicitly reject them. AT_EMPTY_PATH and therefore O_PATH for fchmodat2() is fine given that we do it for fchownat() already.
