> On Jul 25, 2025, at 1:35 AM, Mickaël Salaün <mic@xxxxxxxxxxx> wrote: [...] >>> >>> Do my questions above make any sense? Or maybe I totally >>> misunderstood something? >> >> Hi Neil, >> >> Did my questions/comments above make sense? I am hoping we can >> agree on some design soon. >> >> Christian and Mickaël, >> >> Could you please also share your thoughts on this? >> >> Current requirements from BPF side is straightforward: we just >> need a mechanism to “walk up one level and hold reference”. So >> most of the requirement comes from LandLock side. > > Have you thought about how to handle disconnected directories? In the case of open-coded path iterator, the iterator will return a special value for disconnected roots and disconnected directories. Then the BPF program need to handle them based on the policy. Thanks, Song
