Received: by 2002:a5b:505:0:0:0:0:0 with SMTP id o5csp4520217ybp;
        Mon, 7 Oct 2019 09:37:51 -0700 (PDT)
X-Google-Smtp-Source: APXvYqyOZWbuuKzaoAt7b7DaLeI62FxHopOkhh9UNhZAtTEk+mudITLLQ7789syD0hOYTTBzqg+4
X-Received: by 2002:a17:907:20c1:: with SMTP id qq1mr24452828ejb.87.1570466270863;
        Mon, 07 Oct 2019 09:37:50 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1570466270; cv=none;
        d=google.com; s=arc-20160816;
        b=SjhvbwAVXiHrJztTnuGTCZlGSaFXVVlxp6JXy58AcQXpUV172+Ituq5nGvhIJxdLbZ
         yDPvKfU+RgcG8WMl5zXAqB9Qc0Q/I1nLdUlbK7yHqK98FtpAh2XMJgZVGffb5gzuIjPc
         WHB0i0H/E3ysaOColjCxXfvcxDj6BSNOAvI0vfsXhfAY2per00YcBejpYtf0DhYPGYKV
         ep8c+B0D4dbWAHhSuxSoHFX6d9u/EfM+IFxeMJiQX7mc5W3ORwjiAGeUPfJM1ZXvRfyM
         pomaP8Jo1j0E6KI/M/ET0qCpuG2HvZKXdRKnHVIfwjdDnOE08S7A2gbD7r87VmJNTt4h
         fd3Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature;
        bh=M/g+TIxP8SKNK08vLgY7W9iyDhVKXTg+mETBQIQmONM=;
        b=eDrjRwzOt+FO30y2eA6AQiOXqRmqQUKLsH0ru65oCfduceL/pxv0lw6T1a+J3fSQ32
         aX+MgSz0hgCcfLWcIfqq/4cJFTRmTxLc8sIsRVIxl2OnAO5e9c7tTMYxxp1SAN9LHkEu
         8/zSXWAjLljYVoMrEMEccgoIKXjMPNf20XkuVKwyBzt7uoo50JkJ7vJn0xFadd5yVUyA
         lGvBP+H4kSfKOi0MWArE60tbfDICnDu+q1C4mpzA3rMsSoEUHZCt7sUubqEKBuJREOn2
         6eYloAvTn2b8YXPOOBCTxy1UjKFNCnpxn3Li/pZThp7EpcVu/SMLpTGEez2gBSkSsO4N
         SPqw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=iYigjaBz;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id ci21si7417676ejb.320.2019.10.07.09.37.27;
        Mon, 07 Oct 2019 09:37:50 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=iYigjaBz;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728588AbfJGQhI (ORCPT <rfc822;carmate383@gmail.com>
        + 99 others); Mon, 7 Oct 2019 12:37:08 -0400
Received: from mail-oi1-f194.google.com ([209.85.167.194]:47046 "EHLO
        mail-oi1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1728474AbfJGQhI (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 7 Oct 2019 12:37:08 -0400
Received: by mail-oi1-f194.google.com with SMTP id k25so12190574oiw.13
        for <linux-kernel@vger.kernel.org>; Mon, 07 Oct 2019 09:37:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=M/g+TIxP8SKNK08vLgY7W9iyDhVKXTg+mETBQIQmONM=;
        b=iYigjaBz68RW2Bfcgp0fWz6OYG118ciQXbBGXfJhyah1zWW9HRBSERHlefrRDVzDS0
         6EKOP9bHv9wNAkSDU1yxaWcA4ueQ4XYHxEaPwmiycXashgdG/gFXU2UkJp+lsX1IFFmp
         q+I6gtr0azcLMCJi6zWIm8q3RUDuiZnb2sKlifzfZdfoeIrodFZLckMjcl6mCvajS7km
         p5X6XDqcqWX+J/oi7bmVjMKIy9zapHhxfuH7GV2HAKDNmx6TKYZgruQTG+BBqU6iCM0M
         F2CnsYGbPfpTaXjr1rP5SoMQfTt8nxtzsIhk7Ocz7T1vxsr2NG+d0gT4IVMKHO6oH8wV
         K/cw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=M/g+TIxP8SKNK08vLgY7W9iyDhVKXTg+mETBQIQmONM=;
        b=V8h726O7kFb1un+tBi3znaIfboC9GCrOunpA9PApplZymKJha5nEhxpKxEdtfu9x32
         ks3/QnEF7k3nJqzb0JBzGb9qhO8nZlG6DrRCveWU8iO1tqTrDHZubHBAhb5OmrD/1I1N
         f7CbL11rPq4Ncuh6D3oGd4Y8KfVo5aY8Q1teWLnnHZpQctrgf/4vbMmSI6WqcwlQbkXa
         Mc4FquvJ/Xe+80V5CaQMdFGppd8xdCIwo3e/c7y+X1fIwtVDZE5aYZSuJjbxugTGqzOO
         fZec3/ITemleKK2QMkhHoWXhvYlzmq8BnOabsi//ObMEZI7dFnjlthmIzZ4tJS8rmsmg
         63Cw==
X-Gm-Message-State: APjAAAWa7CmWHiypEqMHANrUmen083Q+kuYTqsHJ18H7iBqZgKKPv6OB
        gxmQxY6n/+zwxNLkXwOkXowVaPKNrqTWogQw8Lz49A==
X-Received: by 2002:aca:b506:: with SMTP id e6mr142694oif.39.1570466227052;
 Mon, 07 Oct 2019 09:37:07 -0700 (PDT)
MIME-Version: 1.0
References: <20191003145542.17490-1-cyphar@cyphar.com> <20191003145542.17490-2-cyphar@cyphar.com>
In-Reply-To: <20191003145542.17490-2-cyphar@cyphar.com>
From:   Jann Horn <jannh@google.com>
Date:   Mon, 7 Oct 2019 18:36:40 +0200
Message-ID: <CAG48ez2LuOGAXgKftZKfDKxhdb6xcBTdoK468-HXdcpxCW4r4w@mail.gmail.com>
Subject: Re: [PATCH RFC 1/3] symlink.7: document magic-links more completely
To:     Aleksa Sarai <cyphar@cyphar.com>
Cc:     Al Viro <viro@zeniv.linux.org.uk>,
        Michael Kerrisk <mtk.manpages@gmail.com>,
        Christian Brauner <christian@brauner.io>,
        Aleksa Sarai <asarai@suse.de>,
        linux-man <linux-man@vger.kernel.org>,
        Linux API <linux-api@vger.kernel.org>,
        kernel list <linux-kernel@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, Oct 3, 2019 at 4:56 PM Aleksa Sarai <cyphar@cyphar.com> wrote:
> Traditionally, magic-links have not been a well-understood topic in
> Linux. Given the new changes in their semantics (related to the link
> mode of trailing magic-links), it seems like a good opportunity to shine
> more light on magic-links and their semantics.
[...]
> +++ b/man7/symlink.7
> @@ -84,6 +84,25 @@ as they are implemented on Linux and other systems,
>  are outlined here.
>  It is important that site-local applications also conform to these rules,
>  so that the user interface can be as consistent as possible.
> +.SS Magic-links
> +There is a special class of symlink-like objects known as "magic-links" which

I think names like that normally aren't hypenated in english, and
instead of "magic-links", it'd be "magic links"? Just like how you
wouldn't write "symbolic-link", but "symbolic link". But this is
bikeshedding, and if you disagree, feel free to ignore this comment.

> +can be found in certain pseudo-filesystems such as
> +.BR proc (5)
> +(examples include
> +.IR /proc/[pid]/exe " and " /proc/[pid]/fd/* .)
> +Unlike normal symlinks, magic-links are not resolved through

nit: AFAICS symlinks are always referred to as "symbolic links"
throughout the manpages.

> +pathname-expansion, but instead act as direct references to the kernel's own
> +representation of a file handle. As such, these magic-links allow users to
> +access files which cannot be referenced with normal paths (such as unlinked
> +files still referenced by a running program.)

Could maybe add "and files in different mount namespaces" as another
example here; at least for me, that's the main usecases for
/proc/*/root.

[...]
> +However, magic-links do not follow this rule. They can have a non-0777 mode,
> +which is used for permission checks when the final
> +component of an
> +.BR open (2)'s

Maybe leave out the "open" part, since the same restriction has to
also apply to other syscalls operating on files, like truncate() and
so on?

> +path is a magic-link (see
> +.BR path_resolution (7).)