[PATCH bpf-next 3/4] bpf: Introduce path iterator

[Song Liu]

Hi Al and Jan,

Thanks for your review!

On Thu, May 29, 2025 at 4:58 AM Jan Kara <jack at suse.cz> wrote:
>
> On Wed 28-05-25 23:37:24, Al Viro wrote:
> > On Wed, May 28, 2025 at 03:26:22PM -0700, Song Liu wrote:
> > > Introduce a path iterator, which reliably walk a struct path.
> >
> > No, it does not.  If you have no external warranty that mount
> > *and* dentry trees are stable, it's not reliable at all.
>
> I agree that advertising this as "reliable walk" is misleading. It is
> realiable in the sense that it will not dereference freed memory, leak
> references etc. As you say it is also reliable in the sense that without
> external modifications to dentry & mount tree, it will crawl the path to
> root. But in presence of external modifications the only reliability it
> offers is "it will not crash". E.g. malicious parallel modifications can
> arbitrarily prolong the duration of the walk.

How about we describe this as:

Introduce a path iterator, which safely (no crash) walks a struct path.
Without malicious parallel modifications, the walk is guaranteed to
terminate. The sequence of dentries maybe surprising in presence
of parallel directory or mount tree modifications and the iteration may
not ever finish in face of parallel malicious directory tree manipulations.

Current version of path iterator only supports walking towards the root,
with helper path_parent. But the path iterator API can be extended
to cover other use cases.

Thanks,
Song