On Sat, May 31, 2025 at 6:51 AM Tingmao Wang <m@xxxxxxxxxx> wrote:
[...]
> I'm not sure if the original behavior was intentional, but since this
> technically counts as a functional changes, just pointing this out.
Thanks for pointing it out! I think it is possible to keep current
behavior. Or we can change the behavior and state that clearly
in the commit log. Mickaël, WDYT?
>
> Also I'm slightly worried about the performance overhead of doing
> path_connected for every hop in the iteration (but ultimately it's
> Mickaël's call). At least for Landlock, I think if we want to block all
Maybe we need a flag to path_parent (or path_walk_parent) so
that we only check for path_connected when necessary.
Thanks,
Song
> access to disconnected files, as long as we eventually realize we have
> been disconnected (by doing the "if dentry == path.mnt" check once when we
> reach root), and in that case deny access, we should be good.
>
>
> > @@ -918,12 +915,15 @@ static bool is_access_to_paths_allowed(
> > allowed_parent1 = true;
> > allowed_parent2 = true;
> > }
> > + goto walk_done;
> > + case PATH_PARENT_SAME_MOUNT:
> > break;
> > + default:
> > + WARN_ON_ONCE(1);
> > + goto walk_done;
> > }
> > - parent_dentry = dget_parent(walker_path.dentry);
> > - dput(walker_path.dentry);
> > - walker_path.dentry = parent_dentry;
> > }
> > +walk_done:
> > path_put(&walker_path);
> >
> > if (!allowed_parent1) {
>
