From 459ac3044b516af698d7342431bdbcf784fdf7a4 Mon Sep 17 00:00:00 2001 From: Ricardo Branco Date: Sun, 26 Apr 2026 18:44:39 +0200 Subject: [PATCH] namei: Preserve ABI root for absolute symlinks before fallback D40479 changed namei() so that an absolute symlink target encountered during an ABI-root lookup restarts from the native root. This helps the native fallback case, but it also makes successful lookups inside an ABI root escape that root while following absolute symlinks. Only switch absolute symlink lookup to the native root after namei() is already in the restarted/native fallback pass. Do not mark the lookup as restarted merely because an absolute symlink was encountered while still resolving inside the ABI root. This preserves the intended native fallback behavior while keeping absolute symlinks within a successfully resolved ABI-root path in the ABI namespace. Signed-off-by: Ricardo Branco PR: 289739 Reviewed by: kib Fixes: cea7c564c70a ("namei: Reset the lookup to ...") Pull-Request: https://github.com/freebsd/freebsd-src/pull/2166 --- sys/kern/vfs_lookup.c | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/sys/kern/vfs_lookup.c b/sys/kern/vfs_lookup.c index 39c7da803de..c1363c0104d 100644 --- a/sys/kern/vfs_lookup.c +++ b/sys/kern/vfs_lookup.c @@ -778,13 +778,17 @@ namei(struct nameidata *ndp) cnp->cn_nameptr = cnp->cn_pnbuf; if (*(cnp->cn_nameptr) == '/') { /* - * Reset the lookup to start from the real root without - * origin path name reloading. + * For ABI-root lookups, preserve the ABI root while + * following absolute symlinks during the first lookup. + * + * Only force the real root after the ABI lookup has + * already failed and namei() has restarted in the + * native namespace. Otherwise absolute symlinks inside + * /compat/linux, including the ELF interpreter symlink, + * incorrectly escape to the native root (PR 289739). */ - if (__predict_false(ndp->ni_rootdir != pwd->pwd_rdir)) { - cnp->cn_flags |= ISRESTARTED; + if ((cnp->cn_flags & ISRESTARTED) != 0) ndp->ni_rootdir = pwd->pwd_rdir; - } vrele(dp); error = namei_handle_root(ndp, &dp); if (error != 0)