From: Alice Ryhl <aliceryhl@google.com>
To: Alex Shi <seakeel@gmail.com>
Cc: "Paul Moore" <paul@paul-moore.com>,
"Serge Hallyn" <sergeh@kernel.org>,
"Jonathan Corbet" <corbet@lwn.net>,
"Greg Kroah-Hartman" <gregkh@linuxfoundation.org>,
"Shuah Khan" <skhan@linuxfoundation.org>,
"Alex Shi" <alexs@kernel.org>,
"Yanteng Si" <si.yanteng@linux.dev>,
"Dongliang Mu" <dzm91@hust.edu.cn>,
"Miguel Ojeda" <ojeda@kernel.org>,
"Boqun Feng" <boqun@kernel.org>, "Gary Guo" <gary@garyguo.net>,
"Björn Roy Baron" <bjorn3_gh@protonmail.com>,
"Benno Lossin" <lossin@kernel.org>,
"Andreas Hindborg" <a.hindborg@kernel.org>,
"Trevor Gross" <tmgross@umich.edu>,
"Danilo Krummrich" <dakr@kernel.org>,
linux-security-module@vger.kernel.org, linux-doc@vger.kernel.org,
linux-kernel@vger.kernel.org, rust-for-linux@vger.kernel.org,
"Jann Horn" <jannh@google.com>
Subject: Re: [PATCH] task: delete task_euid()
Date: Thu, 19 Feb 2026 14:35:10 +0000 [thread overview]
Message-ID: <aZcfnqkGcFb2k_hT@google.com> (raw)
In-Reply-To: <c2b65a8f-b0cc-4bba-8ef9-7a079314d52d@gmail.com>
On Thu, Feb 19, 2026 at 10:27:01PM +0800, Alex Shi wrote:
>
>
> On 2026/2/19 20:14, Alice Ryhl wrote:
> > task_euid() is a very weird operation. You can see how weird it is by
> > grepping for task_euid() - binder is its only user. task_euid() obtains
> > the objective effective UID - it looks at the credentials of the task
> > for purposes of acting on it as an object, but then accesses the
> > effective UID (which the credentials.7 man page describes as "[...] used
> > by the kernel to determine the permissions that the process will have
> > when accessing shared resources [...]").
> >
> > Since usage in Binder has now been removed, get rid of the resulting
> > dead code.
> >
> > Changes to the zh_CN translation was carried out with the help of
> > Gemini and Google Translate.
> > diff --git a/Documentation/translations/zh_CN/security/credentials.rst b/Documentation/translations/zh_CN/security/credentials.rst
> > index 88fcd9152ffe91d79fc10bfc7b2a37d301b4938a..f0b2efec342438b81be415dc513622c961bb7e59 100644
> > --- a/Documentation/translations/zh_CN/security/credentials.rst
> > +++ b/Documentation/translations/zh_CN/security/credentials.rst
> > @@ -337,15 +337,13 @@ const指针上操作,因此不需要进行类型转换,但需要临时放弃
> > ``__task_cred()`` 的结果不应直接传递给 ``get_cred()`` ,
> > 因为这可能与 ``commit_cred()`` 发生竞争条件。
> > -还有一些方便的函数可以访问另一个任务凭据的特定部分,将RCU操作对调用方隐藏起来::
> > +有一个方便的函数可用于访问另一个任务凭据的特定部分,从而对调用方隐藏RCU机制::
>
> LGTM.
>
> > uid_t task_uid(task) Task's real UID
> > - uid_t task_euid(task) Task's effective UID
> > -如果调用方在此时已经持有RCU读锁,则应使用::
> > +如果调用方在此时已经持有RCU读锁,则应改为使用::
>
> Please keep the old version. the new one is a bit ambiguous.
Thanks for checking!
Alice
next prev parent reply other threads:[~2026-02-19 14:35 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-02-19 12:14 [PATCH] task: delete task_euid() Alice Ryhl
2026-02-19 14:27 ` Alex Shi
2026-02-19 14:35 ` Alice Ryhl [this message]
2026-02-19 14:43 ` Gary Guo
2026-02-20 10:43 ` Alice Ryhl
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aZcfnqkGcFb2k_hT@google.com \
--to=aliceryhl@google.com \
--cc=a.hindborg@kernel.org \
--cc=alexs@kernel.org \
--cc=bjorn3_gh@protonmail.com \
--cc=boqun@kernel.org \
--cc=corbet@lwn.net \
--cc=dakr@kernel.org \
--cc=dzm91@hust.edu.cn \
--cc=gary@garyguo.net \
--cc=gregkh@linuxfoundation.org \
--cc=jannh@google.com \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=lossin@kernel.org \
--cc=ojeda@kernel.org \
--cc=paul@paul-moore.com \
--cc=rust-for-linux@vger.kernel.org \
--cc=seakeel@gmail.com \
--cc=sergeh@kernel.org \
--cc=si.yanteng@linux.dev \
--cc=skhan@linuxfoundation.org \
--cc=tmgross@umich.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.