On Thu, May 29, 2025 at 9:57 AM Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx> wrote: [...] > > > > How about we describe this as: > > > > Introduce a path iterator, which safely (no crash) walks a struct path. > > Without malicious parallel modifications, the walk is guaranteed to > > terminate. The sequence of dentries maybe surprising in presence > > of parallel directory or mount tree modifications and the iteration may > > not ever finish in face of parallel malicious directory tree manipulations. > > Hold on. If it's really the case then is the landlock susceptible > to this type of attack already ? > landlock may infinitely loop in the kernel ? I think this only happens if the attacker can modify the mount or directory tree as fast as the walk, which is probably impossible in reality. Thanks, Song
