From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-io0-f195.google.com ([209.85.223.195]:42509 "EHLO mail-io0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728929AbeGRUdZ (ORCPT ); Wed, 18 Jul 2018 16:33:25 -0400 MIME-Version: 1.0 References: <20180712155337.GU30522@ZenIV.linux.org.uk> <20180718025636.GA26175@ZenIV.linux.org.uk> <20180718132955.2bf185b7@canb.auug.org.au> <20180718124340.GS30522@ZenIV.linux.org.uk> <20180718181252.GU30522@ZenIV.linux.org.uk> <20180718194637.GV30522@ZenIV.linux.org.uk> In-Reply-To: <20180718194637.GV30522@ZenIV.linux.org.uk> From: Linus Torvalds Date: Wed, 18 Jul 2018 12:53:48 -0700 Message-ID: Subject: Re: [RFC] call_with_creds() To: Al Viro Cc: Miklos Szeredi , Stephen Rothwell , linux-fsdevel , Linux Kernel Mailing List Content-Type: text/plain; charset="UTF-8" Sender: linux-fsdevel-owner@vger.kernel.org List-ID: On Wed, Jul 18, 2018 at 12:46 PM Al Viro wrote: > > Huh? Nevermind ->write(), what about open()? What about open? At open time, file->f_cred is the same as current_cred(). So yes, open uses current cred. What's the problem? Now, if you then use a tasklet or some other thread to do the open, then obviously that is no longer true. But then the problem is that you're doing the open() itself in the wrong context, and that has nothing to do with any general issue, and everything to do with "you changed to another context without pulling all the context data with you - you're buggy". Doing some kind of "call_with_creds()" isn't the solultion - it's just part of the whole thing (what about user accounting etc? If you switch to another thread to do the work, you have way more issues than just creds). Linus