On 2025-08-17, Askar Safin <safinaskar@xxxxxxxxxxxx> wrote: > openat2 had a bug: if we pass RESOLVE_NO_XDEV, then openat2 > doesn't traverse through automounts, but may still trigger them. > See this link for full bug report with reproducer: > https://lore.kernel.org/linux-fsdevel/20250817075252.4137628-1-safinaskar@xxxxxxxxxxxx/ > > This patchset fixes the bug. > > RESOLVE_NO_XDEV logic hopefully becomes more clear: > now we immediately fail when we cross mountpoints. > > I think this patchset should get to -fixes and stable trees. You need to add Cc: <stable@xxxxxxxxxxxxxxx> # v5.2+ (along with a Fixes: ... tag) for each commit you would like to be backported. > I split everything to very small commits to make > everything as bisectable as possible. I would merge the first three patches -- adding and removing code like that is a little unnecessary. I also don't think you need those patches to be backported, right? (Especially since they are touching stuff that Al has reworked a few times since openat2 was merged back in Linux 5.2.) I only think the last one needs to be in stable. > Minimal testing was performed. I tested that my original > reproducer doesn't reproduce anymore. And I did boot-test > with localmodconfig in qemu > > I'm not very attached to this patchset. I. e. I will not be offended > if someone else will submit different fix for this bug. > > Askar Safin (4): > vfs: fs/namei.c: move cross-device check to traverse_mounts > vfs: fs/namei.c: remove LOOKUP_NO_XDEV check from handle_mounts > vfs: fs/namei.c: move cross-device check to __traverse_mounts This is a minor nit, but could you use something like "namei: ..." (or "fs: namei: ...") as a prefix for commit subjects? If you merge them all, something like: namei: move LOOKUP_NO_XDEV checks to __traverse_mounts would be fine. > vfs: fs/namei.c: if RESOLVE_NO_XDEV passed to openat2, don't *trigger* > automounts and this one should read a bit clearer with openat2: don't trigger automounts with RESOLVE_NO_XDEV or if you prefer namei: don't trigger automounts with LOOKUP_NO_XDEV > fs/namei.c | 29 +++++++++++++++++++++++------ > 1 file changed, 23 insertions(+), 6 deletions(-) -- Aleksa Sarai Senior Software Engineer (Containers) SUSE Linux GmbH https://www.cyphar.com/
Attachment:
signature.asc
Description: PGP signature
