On Sat, 13 Apr 2024 at 08:16, Christian Brauner <brauner@xxxxxxxxxx> wrote: > > I think it should be ok to allow AT_EMPTY_PATH with NULL because > userspace can detect whether the kernel allows that by passing > AT_EMPTY_PATH with a NULL path argument and they would get an error back > that would tell them that this kernel doesn't support NULL paths. Yeah, it should return -1 / EFAULT on older kernels. > I'd like to try a patch for this next week. It's a good opportunity to > get into some of the more gritty details of this area. > > From a rough first glance most AT_EMPTY_PATH users should be covered by > adapting getname_flags() accordingly. > > Imho, this could likely be done by introducing a single struct filename > null_filename. It's probably better to try to special-case it entirely. See commit 9013c51c630a ("vfs: mostly undo glibc turning 'fstat()' into 'fstatat(AT_EMPTY_PATH)'") and the numbers in there in particular. That still leaves performance on the table exactly because it has to do that extra "get_user()" to check for an empty path, but it avoids not only the pathname allocation, but also the setup for the pathname walk. If we had a NULL case there, I'd expect that fstatat() and fstat() would perform the same (modulo a couple of instructions). Of course, the performance of get_user() will vary depending on microarchitecture. If you don't have SMAP, it's cheap. It's the STAC/CLAC that is most of the cost, and the exact cost of those will then depend on implementations - they *could* be much faster than they are. Linus