From: "Serge E. Hallyn" <serge@hallyn.com>
To: Paul Moore <paul@paul-moore.com>
Cc: cem@kernel.org, linux-fsdevel@vger.kernel.org, jack@suze.cz,
djwong@kernel.org, hch@lst.de, serge@hallyn.com,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org, linux-xfs@vger.kernel.org
Subject: Re: [RFC PATCH 1/4] capabily: Add new capable_noaudit
Date: Fri, 26 Jun 2026 12:46:34 -0500 [thread overview]
Message-ID: <aj66+o90iNkPfRJ8@mail.hallyn.com> (raw)
In-Reply-To: <CAHC9VhQNURc=d4AOVDF-z29fjLasCiLf120Y-N3txEBccpkfSA@mail.gmail.com>
On Fri, Jun 26, 2026 at 11:31:06AM -0400, Paul Moore wrote:
> On Fri, Jun 26, 2026 at 7:49 AM <cem@kernel.org> wrote:
> >
> > From: Carlos Maiolino <cem@kernel.org>
> >
> > In some situations (quota enforcement bypass in this case) we'd like to
> > check for a specific capability without triggering spurious audit
> > messages from security modules like selinux.
> >
> > Add a new helper so we don't need to use ns_capable_noaudit() directly.
> >
> > Signed-off-by: Carlos Maiolino <cmaiolino@redhat.com>
> > ---
> > include/linux/capability.h | 5 +++++
> > kernel/capability.c | 17 +++++++++++++++++
> > 2 files changed, 22 insertions(+)
>
> This is Serge's call, not mine, but FWIW, I somewhat prefer to see
> code use the ns_capable_XXX() variants directly as I like to think it
> means some thought went into ensuring the capability check is being
> done in the right namespace. Yes, we all know that capable() just
> uses the init namespace, but I like to think that having to type that
> out in the parameter list might be a good double check ;)
Hm, yeah, on he one hand it seems like a nice shortcut, but I still
see people confusing what 'capable' really does, so standardizing on
ns_capable_noaudit(&init_user_ns, x) might be worthwhile.
(and then patch 3 can go)
next prev parent reply other threads:[~2026-06-26 17:54 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-26 11:45 [RFC PATCH 0/4] Introduce capable_noaudit cem
2026-06-26 11:45 ` [RFC PATCH 1/4] capabily: Add new capable_noaudit cem
2026-06-26 15:16 ` Darrick J. Wong
2026-06-26 15:31 ` Paul Moore
2026-06-26 17:46 ` Serge E. Hallyn [this message]
2026-06-29 12:29 ` Christoph Hellwig
2026-06-29 13:49 ` Serge E. Hallyn
2026-07-02 7:53 ` Carlos Maiolino
2026-06-26 11:45 ` [RFC PATCH 2/4] quota: Don't issue audit messages on quota enforcing cem
2026-06-26 15:18 ` Darrick J. Wong
2026-06-29 12:30 ` Christoph Hellwig
2026-06-26 11:45 ` [RFC PATCH 3/4] xfs: replace ns_capable_noaudit() cem
2026-06-26 15:19 ` Darrick J. Wong
2026-06-29 12:30 ` Christoph Hellwig
2026-06-29 12:30 ` Christoph Hellwig
2026-06-26 11:45 ` [RFC PATCH 4/4] capability: unexport has_capability_noaudit cem
2026-06-26 15:20 ` Darrick J. Wong
2026-06-29 12:31 ` Christoph Hellwig
2026-06-29 12:31 ` Christoph Hellwig
2026-07-02 7:41 ` [RFC PATCH 0/4] Introduce capable_noaudit Christian Brauner
2026-07-02 8:35 ` Carlos Maiolino
2026-07-02 13:47 ` Christian Brauner
2026-07-02 14:51 ` Carlos Maiolino
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aj66+o90iNkPfRJ8@mail.hallyn.com \
--to=serge@hallyn.com \
--cc=cem@kernel.org \
--cc=djwong@kernel.org \
--cc=hch@lst.de \
--cc=jack@suze.cz \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=linux-xfs@vger.kernel.org \
--cc=paul@paul-moore.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.