[PATCH v2 0/7] fs/9p: Reuse inode based on path (in addition to qid)
Christian Schoenebeck
linux_oss at crudebyte.com
Wed Sep 17 09:52:35 UTC 2025
On Wednesday, September 17, 2025 1:59:21 AM CEST Tingmao Wang wrote:
> On 9/16/25 20:22, Christian Schoenebeck wrote:
> > On Tuesday, September 16, 2025 4:01:40 PM CEST Tingmao Wang wrote:
[...]
> > I see that you are proposing an option for your proposed qid based
> > re-using of dentries. I don't think it should be on by default though,
> > considering what we already discussed (e.g. inodes recycled by ext4, but
> > also not all 9p servers handling inode collisions).
>
> Just to be clear, this approach (Landlock holding a fid reference, then
> using the qid as a key to search for rules when a Landlocked process
> accesses the previously remembered file, possibly after the file has been
> moved on the server) would only be in Landlock, and would only affect
> Landlock, not 9pfs (so not sure what you meant by "re-using of dentries").
>
> The idea behind holding a fid reference within Landlock is that, because
> we have the file open, the inode would not get recycled in ext4, and thus
> no other file will reuse the qid, until we close that reference (when the
> Landlock domain terminates, or when the 9p filesystem is unmounted)
So far I only had a glimpse on your kernel patches and had the impression that
they are changing behaviour for all users, since you are touching dentry
lookup.
> > For all open FIDs QEMU retains a descriptor to the file/directory.
> >
> > Which 9p message do you see sent to server, Trename or Trenameat?
> >
> > Does this always happen to you or just sometimes, i.e. under heavy load?
>
> Always happen, see log: (no Trename since the rename is done on the host)
[...]
> Somehow if I rename in the guest, it all works, even though it's using the
> same fid 2 (and it didn't ask QEMU to walk the new path)
Got it. Even though QEMU *should* hold a file descriptor (or a DIR* stream,
which should imply a file descriptor), there is still a path string stored at
V9fsFidState and that path being processed at some places, probably because
there are path based and FID based variants (e.g Trename vs. Trenameat). Maybe
that clashes somewhere, not sure. So I fear you would need to debug this.
/Christian
More information about the Linux-security-module-archive
mailing list