Received: by 2002:a05:6a10:6744:0:0:0:0 with SMTP id w4csp2248959pxu; Fri, 9 Oct 2020 11:35:47 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzYacykxCeVu1phwvke4J10Xfihd8RXFv/rVz0OJ/P0qoNl6CMK81UKIuPx8YqkQmSqWOw3 X-Received: by 2002:a17:906:190b:: with SMTP id a11mr15522975eje.260.1602268547399; Fri, 09 Oct 2020 11:35:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1602268547; cv=none; d=google.com; s=arc-20160816; b=Wf5hEXWI5ls90t7wEdK/afjCZW51ng3rNSo1T6ciQmsYy+2tpWxFiy/+zJCMThn4D2 CwKaQi5ZxV1Lfnkc7JfK5w+9OHw96cXuM2v4vE/ajBXaX0/lo3NzGGwHz9ypH4Am8Di/ 5R/Yk83ViXNv2o3x3DODZcchEbELLm7vv6OogT/4KAUYhleS/Xg/OvB2XWPWQTwB7Tff hk8u6ETQMhDeznkjUlgb88XgpKSzs6ttb9Mld/IvsTtcFZfarXVbG2uDObKpgoZ2kQaq Hbq2voeMpB0TwjDaZwsg31vvIuWLYaGEzULzQy9GcTjlZKbFSCUgKXCs1KonrMD+3qxm 6u7Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=BKV/WAxlehJ+ctWX3RDREKVqlfPVuFpk2LugInku2ks=; b=RUyW9FuWeEWuoQSzNOlV26375PeYZu5/KKsfYZ4833BbbXOrSMjiT52wiMMm/mvUa9 sE6CWW6RNDetm4b11rrVvhsgnxelQvQeY7Zjm5uiD9JdLqoi1q/XCxzBZk4BU4qZKPDY Borz1rzhpE7J8Eu0qjmEZ4EgiRk9cgNja/p641yKIh7jz9ToI5/KFoJbbpe38MvdYdeT HQO9AKdO74ChnCgFDPZ3212UKCoEM/um5d7pLoCkH1aSyjz0aeFb5JMp5ni6z3Qhx/KD zNRN5Fk5pH0mlDqBVsnaUgWwCSZP0ZrAQ90FD7zmFX218YfWYHjVIXSHdurifrq4Prg9 JR9A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id cx21si6717869edb.82.2020.10.09.11.35.24; Fri, 09 Oct 2020 11:35:47 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2388231AbgJILuX (ORCPT + 99 others); Fri, 9 Oct 2020 07:50:23 -0400 Received: from youngberry.canonical.com ([91.189.89.112]:56783 "EHLO youngberry.canonical.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1732480AbgJILuX (ORCPT ); Fri, 9 Oct 2020 07:50:23 -0400 Received: from ip5f5af0a0.dynamic.kabel-deutschland.de ([95.90.240.160] helo=wittgenstein) by youngberry.canonical.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.86_2) (envelope-from ) id 1kQquc-000710-Sn; Fri, 09 Oct 2020 11:50:14 +0000 Date: Fri, 9 Oct 2020 13:50:14 +0200 From: Christian Brauner To: Aleksa Sarai Cc: Alexander Viro , Shuah Khan , containers@lists.linux-foundation.org, linux-kernel@vger.kernel.org, stable@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-fsdevel@vger.kernel.org Subject: Re: [PATCH] openat2: reject RESOLVE_BENEATH|RESOLVE_IN_ROOT Message-ID: <20201009115014.ft7kjyejhqvommnv@wittgenstein> References: <20201007103608.17349-1-cyphar@cyphar.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20201007103608.17349-1-cyphar@cyphar.com> Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Oct 07, 2020 at 09:36:08PM +1100, Aleksa Sarai wrote: > This was an oversight in the original implementation, as it makes no > sense to specify both scoping flags to the same openat2(2) invocation > (before this patch, the result of such an invocation was equivalent to > RESOLVE_IN_ROOT being ignored). > > This is a userspace-visible ABI change, but the only user of openat2(2) > at the moment is LXC which doesn't specify both flags and so no > userspace programs will break as a result. Indeed! > > Fixes: fddb5d430ad9 ("open: introduce openat2(2) syscall") > Signed-off-by: Aleksa Sarai > Acked-by: Christian Brauner > Cc: # v5.6+ > --- Thanks! This is a good fix imho. Christian