[PATCH 01/14] VFS: Add additional RESOLVE_* flags [ver #18]
Linus Torvalds
torvalds at linux-foundation.org
Tue Mar 10 01:14:00 UTC 2020
On Mon, Mar 9, 2020 at 5:56 PM Aleksa Sarai <cyphar at cyphar.com> wrote:
>
> On 2020-03-09, David Howells <dhowells at redhat.com> wrote:
> > This is necessary for fsinfo() to use RESOLVE_* flags instead of AT_* flags
> > if the latter are to be considered deprecated for new system calls.
> >
> > Also make openat2() handle RESOLVE_NO_TRAILING_SYMLINKS.
No, please let's not do this.
We have O_NOFOLLOW, and we can't get rid of it.
So adding RESOLVE_NO_TRAILING_SYMLINKS isn't a cleanup. It's just
extra complexity for absolutely zero gain.
> After thinking about what Christian said some more, I reckon we
> shouldn't support both O_NOFOLLOW and RESOLVE_NO_TRAILING_SYMLINKS. But
> that means we'll need to cherry-pick this patch and get it into mainline
> before v5.6.
No.
It simply means that we shouldn't have RESOLVE_NO_TRAILING_SYMLINKS at all.
Adding that flag is a mistake. It causes problems like this, where
subtlenly people say "what if both flags are set".
Just don't do it.
There's no way in hell we can ever get rid of O_NOFOLLOW anyway, since
people will continue to use plain open() and openat().
So adding RESOLVE_NO_TRAILING_SYMLINKS is entirely redundant.
Don't deprecate the old flags that are going to always stay around,
don't add stupid new flags that add no value.
It's that easy.
Linus
More information about the Linux-security-module-archive
mailing list