On Thu, Jul 13, 2023 at 02:00:42PM +0200, Christoph Hellwig wrote:
On Wed, Jul 12, 2023 at 08:58:49PM +0200, Christian Brauner wrote:
(1) Filesystems that don't implement a i_op->setattr() for symlinks.
Such filesystems may or may not know that without i_op->setattr() defined, notify_change() falls back to simple_setattr() causing the inode's mode in the inode cache to be changed.Btw, I think this fallback is pretty harmful. At some point we should probably start auditing all instances and wire the ones up that should be using simple_setattr (probably mostly just in-memory file systems) and refuse attribute changes if .setattr is NULL.
Yes, I agree. For example, it is an issue or at least a potential source for bugs for procfs files. If they don't have a i_op->setattr() handler they still get simple_setattr() which means that they accept ATTR_MODE changes which they were explicitly stopped from doing in 2006 in commit 6d76fa58b050 ("Don't allow chmod() on the /proc/<pid>/ files").