On 6/11/25 23:02, Song Liu wrote:
> This helper walks an input path to its parent. Logic are added to handle
> walking across mount tree.
>
> This will be used by landlock, and BPF LSM.
>
> Suggested-by: Neil Brown <neil@xxxxxxxxxx>
> Signed-off-by: Song Liu <song@xxxxxxxxxx>
> ---
> fs/namei.c | 99 +++++++++++++++++++++++++++++++++++++------
> include/linux/namei.h | 2 +
> 2 files changed, 87 insertions(+), 14 deletions(-)
>
> diff --git a/fs/namei.c b/fs/namei.c
> index 4bb889fc980b..bc65361c5d13 100644
> --- a/fs/namei.c
> +++ b/fs/namei.c
> @@ -2048,36 +2048,107 @@ static struct dentry *follow_dotdot_rcu(struct nameidata *nd)
> return nd->path.dentry;
> }
>
> -static struct dentry *follow_dotdot(struct nameidata *nd)
> +/**
> + * __path_walk_parent - Find the parent of the given struct path
> + * @path - The struct path to start from
> + * @root - A struct path which serves as a boundary not to be crosses.
> + * - If @root is zero'ed, walk all the way to global root.
> + * @flags - Some LOOKUP_ flags.
> + *
> + * Find and return the dentry for the parent of the given path
> + * (mount/dentry). If the given path is the root of a mounted tree, it
> + * is first updated to the mount point on which that tree is mounted.
> + *
> + * If %LOOKUP_NO_XDEV is given, then *after* the path is updated to a new
> + * mount, the error EXDEV is returned.
> + *
> + * If no parent can be found, either because the tree is not mounted or
> + * because the @path matches the @root, then @path->dentry is returned
> + * unless @flags contains %LOOKUP_BENEATH, in which case -EXDEV is returned.
> + *
> + * Returns: either an ERR_PTR() or the chosen parent which will have had
> + * the refcount incremented.
> + */
> +static struct dentry *__path_walk_parent(struct path *path, const struct path *root, int flags)
> {
> struct dentry *parent;
>
> - if (path_equal(&nd->path, &nd->root))
> + if (path_equal(path, root))
> goto in_root;
> - if (unlikely(nd->path.dentry == nd->path.mnt->mnt_root)) {
> - struct path path;
> + if (unlikely(path->dentry == path->mnt->mnt_root)) {
> + struct path new_path;
>
> - if (!choose_mountpoint(real_mount(nd->path.mnt),
> - &nd->root, &path))
> + if (!choose_mountpoint(real_mount(path->mnt),
> + root, &new_path))
> goto in_root;
> - path_put(&nd->path);
> - nd->path = path;
> - nd->inode = path.dentry->d_inode;
> - if (unlikely(nd->flags & LOOKUP_NO_XDEV))
> + path_put(path);
> + *path = new_path;
> + if (unlikely(flags & LOOKUP_NO_XDEV))
> return ERR_PTR(-EXDEV);
> }
> /* rare case of legitimate dget_parent()... */
> - parent = dget_parent(nd->path.dentry);
> - if (unlikely(!path_connected(nd->path.mnt, parent))) {
> + parent = dget_parent(path->dentry);
> + if (unlikely(!path_connected(path->mnt, parent))) {
This is checking path_connected here but also in follow_dotdot,
path_connected is checked again. Is this check meant to be here? It will
also change the landlock behaviour right?
(For some reason patch 2 rejects when I tried to apply it on v6.16-rc1, so
I haven't actually tested this patch to see if this is really an issue)
> dput(parent);
> return ERR_PTR(-ENOENT);
> }
> return parent;
>
> in_root:
> - if (unlikely(nd->flags & LOOKUP_BENEATH))
> + if (unlikely(flags & LOOKUP_BENEATH))
> return ERR_PTR(-EXDEV);
> - return dget(nd->path.dentry);
> + return dget(path->dentry);
> +}
> +
> +/**
> + * path_walk_parent - Walk to the parent of path
> + * @path: input and output path.
> + * @root: root of the path walk, do not go beyond this root. If @root is
> + * zero'ed, walk all the way to real root.
> + *
> + * Given a path, find the parent path. Replace @path with the parent path.
> + * If we were already at the real root or a disconnected root, @path is
> + * released and zero'ed.
> + *
> + * Returns:
> + * true - if @path is updated to its parent.
> + * false - if @path is already the root (real root or @root).
> + */
> +bool path_walk_parent(struct path *path, const struct path *root)
> +{
> + struct dentry *parent;
> +
> + parent = __path_walk_parent(path, root, LOOKUP_BENEATH);
> +
> + if (IS_ERR(parent))
> + goto false_out;
> +
> + if (parent == path->dentry) {
> + dput(parent);
> + goto false_out;
> + }
> + dput(path->dentry);
> + path->dentry = parent;
> + return true;
> +
> +false_out:
> + path_put(path);
> + memset(path, 0, sizeof(*path));
> + return false;
> +}
> +
> +static struct dentry *follow_dotdot(struct nameidata *nd)
> +{
> + struct dentry *parent = __path_walk_parent(&nd->path, &nd->root, nd->flags);
> +
> + if (IS_ERR(parent))
> + return parent;
> + if (unlikely(!path_connected(nd->path.mnt, parent))) {
> + dput(parent);
> + return ERR_PTR(-ENOENT);
> + }
> + nd->inode = nd->path.dentry->d_inode;
> + return parent;
> }
>
> static const char *handle_dots(struct nameidata *nd, int type)
> diff --git a/include/linux/namei.h b/include/linux/namei.h
> index 5d085428e471..cba5373ecf86 100644
> --- a/include/linux/namei.h
> +++ b/include/linux/namei.h
> @@ -85,6 +85,8 @@ extern int follow_down_one(struct path *);
> extern int follow_down(struct path *path, unsigned int flags);
> extern int follow_up(struct path *);
>
> +bool path_walk_parent(struct path *path, const struct path *root);
> +
> extern struct dentry *lock_rename(struct dentry *, struct dentry *);
> extern struct dentry *lock_rename_child(struct dentry *, struct dentry *);
> extern void unlock_rename(struct dentry *, struct dentry *);
