On Mon, May 27, 2024 at 01:18:23AM +0100, Al Viro wrote: > On Mon, May 27, 2024 at 07:51:39AM +0800, Ian Kent wrote: > > > Indeed, that's what I found when I had a quick look. > > > > > > Maybe a dentry (since that's part of the subject of the path walk and inode > > is readily > > > > accessible) flag could be used since there's opportunity to set it in vfs > > callbacks that > > > > are done as a matter of course. > > You might recheck ->d_seq after fetching ->get_link there; with XFS > ->get_link() unconditionlly failing in RCU mode that would prevent > this particular problem. But it would obviously have to be done > in pick_link() itself (and I refuse to touch that area in 5.4 - > carrying those changes across the e.g. 5.6 changes in pathwalk > machinery is too much). > Ian sent a patch along those lines a couple years or so ago: https://lore.kernel.org/linux-fsdevel/164180589176.86426.501271559065590169.stgit@xxxxxxxxxxxxxxxxx/ I'm still not quite sure why we didn't merge this, at least as a bandaid fix for the symlink variant of this particular problem..? Brian > And it's really just the tip of the iceberg - e.g. I'd expect a massive > headache in ACL-related part of permission checks, etc. >
