Re: [PATCH] proc_sysctl: Fix up ->is_seen() handling

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Al Viro <viro@zeniv.linux.org.uk>
To: NeilBrown <neil@brown.name>
Cc: Kees Cook <kees@kernel.org>,
	Joel Granados <joel.granados@kernel.org>,
	linux-fsdevel@vger.kernel.org,
	LKML <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH] proc_sysctl: Fix up ->is_seen() handling
Date: Fri, 13 Jun 2025 03:01:11 +0100	[thread overview]
Message-ID: <20250613020111.GE1647736@ZenIV> (raw)
In-Reply-To: <20250613015421.GD1647736@ZenIV>

On Fri, Jun 13, 2025 at 02:54:21AM +0100, Al Viro wrote:
> On Fri, Jun 13, 2025 at 10:37:58AM +1000, NeilBrown wrote:
> > 
> > Some sysctl tables can provide an is_seen() function which reports if
> > the sysctl should be visible to the current process.  This is currently
> > used to cause d_compare to fail for invisible sysctls.
> > 
> > This technique might have worked in 2.6.26 when it was implemented, but
> > it cannot work now.  In particular if ->d_compare always fails for a
> > particular name, then d_alloc_parallel() will always create a new dentry
> > and pass it to lookup() resulting in a new inode for every lookup.  I
> > tested this by changing sysctl_is_seen() to always return 0.  When
> > all sysctls were still visible and repeated lookups (ls -li) reported
> > different inode numbers.
> 
> What do you mean, "name"?

The whole fucking point of that thing is that /proc/sys/net contents for
processes in different netns is not the same.  And such processes should
not screw each other into the ground by doing lookups in that area.

Yes, it means multiple children of the same dentry having the same name
*and* staying hashed at the same time.

next prev parent reply	other threads:[~2025-06-13  2:01 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-06-13  0:37 [PATCH] proc_sysctl: Fix up ->is_seen() handling NeilBrown
2025-06-13  1:54 ` Al Viro
2025-06-13  2:01   ` Al Viro [this message]
2025-06-13  2:18     ` NeilBrown
2025-06-13  2:37     ` NeilBrown
2025-06-13  2:41       ` Al Viro
2025-06-13  3:14         ` Al Viro
2025-06-16  8:37 ` [LTP] " kernel test robot
2025-06-16  8:37   ` kernel test robot

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20250613020111.GE1647736@ZenIV \
    --to=viro@zeniv.linux.org.uk \
    --cc=joel.granados@kernel.org \
    --cc=kees@kernel.org \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=neil@brown.name \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.