This allows userspace to avoid going through /proc/self/fd when dealing with all types of file descriptors for chmod(), and makes fchmodat2() a proper superset of all other chmod syscalls. The primary difference between fchmodat2(AT_EMPTY_PATH) and fchmod() is that fchmod() doesn't operate on O_PATH file descriptors by design. To quote open(2): > O_PATH (since Linux 2.6.39) > [...] > The file itself is not opened, and other file operations (e.g., > read(2), write(2), fchmod(2), fchown(2), fgetxattr(2), ioctl(2), > mmap(2)) fail with the error EBADF. However, procfs has allowed userspace to do this operation ever since the introduction of O_PATH through magic-links, so adding this feature is only an improvement for programs that have to mess around with /proc/self/fd/$n today to get this behaviour. In addition, fchownat(AT_EMPTY_PATH) has existed since the introduction of O_PATH and allows chown() operations directly on O_PATH descriptors. Signed-off-by: Aleksa Sarai <cyphar@xxxxxxxxxx> --- fs/open.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/fs/open.c b/fs/open.c index e52d78e5a333..b8883ec286f5 100644 --- a/fs/open.c +++ b/fs/open.c @@ -678,10 +678,12 @@ static int do_fchmodat(int dfd, const char __user *filename, umode_t mode, int error; unsigned int lookup_flags; - if (unlikely(flags & ~AT_SYMLINK_NOFOLLOW)) + if (unlikely(flags & ~(AT_SYMLINK_NOFOLLOW | AT_EMPTY_PATH))) return -EINVAL; lookup_flags = (flags & AT_SYMLINK_NOFOLLOW) ? 0 : LOOKUP_FOLLOW; + if (flags & AT_EMPTY_PATH) + lookup_flags |= LOOKUP_EMPTY; retry: error = user_path_at(dfd, filename, lookup_flags, &path); --- base-commit: 4859c257d295949c23f4074850a8c2ec31357abb change-id: 20230728-fchmodat2-at_empty_path-310cf40c921f Best regards, -- Aleksa Sarai <cyphar@xxxxxxxxxx>