On Sun, Apr 6, 2025 at 9:51 PM Christian Brauner <brauner@xxxxxxxxxx> wrote: > > > Anyway, I'm finishing the patch and testing tomorrow and will send out > > with all the things I mentioned (unless I find out I'm wrong). > > Found my notes about this. I knew I had notes about this somewhere... > It isn't possible to execute anoymous inodes because you cannot open > them. That includes stuff like: > > execveat(fd_anon_inode, "", NULL, NULL, AT_EMPTY_PATH) > > Look, anonymous inodes have inode->f_op set to no_open_fops which sets > no_open() which returns ENXIO. That means any call to do_dentry_open() > which is the endpoint of the do_open_execat() will fail. There's no > chance to execute an anonymous inode. Unless a given subsystem overrides > it ofc. > > I still agree that we need to be more coherent about this and we need to > improve various semantical quirks I pointed out. But the exec problem > isn't really an issue so the patch itself still seems correct to me. Ok, that makes sense. Thanks for the explanation. -- Mateusz Guzik <mjguzik gmail.com>
