Re: [PATCH 1/2] iouring: one capable call per iouring instance

(off-list ancestor, not in this archive)
Re: [PATCH 1/2] iouring: one capable call per iouring instance · Jeff Moyer <hidden> · 2023-12-04
Re: [PATCH 1/2] iouring: one capable call per iouring instance · Jens Axboe <axboe@kernel.dk> · 2023-12-04
Re: [PATCH 1/2] iouring: one capable call per iouring instance · Keith Busch <kbusch@kernel.org> · 2023-12-04

From: Keith Busch <kbusch@kernel.org>
Date: 2023-12-04 19:37:50
Also in: io-uring, linux-nvme

On Mon, Dec 04, 2023 at 02:22:22PM -0500, Jeff Moyer wrote:

Jens Axboe [off-list ref] writes:

quoted

On 12/4/23 11:40 AM, Jeff Moyer wrote:

quoted

Finally, as Jens mentioned, I would expect dropping priviliges to, you
know, drop privileges.  I don't think a commit message is going to be
enough documentation for a change like this.

Only thing I can think of here is to cache the state in
task->io_uring->something, and then ensure those are invalidated
whenever caps change.

I looked through the capable() code, and there is no way that I could
find to be notified of changes.

Something like LSM_HOOK_INIT on 'capset', but needs to work without
CONFIG_SECURITY.

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help