> On Jul 12, 2018, at 1:23 PM, David Howells <dhowe...@redhat.com> wrote: > > Linus Torvalds <torva...@linux-foundation.org> wrote: > >> Don't play games with override_creds. It's wrong. >> >> You have to use file->f_creds - no games, no garbage. > > You missed the point. > > > My suggestion was to use override_creds() to impose the appropriate creds at > the top, be that file->f_creds or fs_context->creds (they would be the same in > any case). I think it should be a new syscall and use current’s creds. No override needed. > Btw, do we protect sysfs, debugfs, tracefs, procfs, etc. writes against > splice? Some of the things in debugfs are really icky, allowing you to muck > directly with hardware. > We try. It has been a perennial source of severe bugs. This is part of why I’d like to see splice() be an opt in. Also, it’s a major step toward getting rid of set_fs().
- Re: [PATCH 24/32] vfs: syscall: Add fsopen()... Linus Torvalds
- Re: [PATCH 24/32] vfs: syscall: Add fsopen()... Al Viro
- Re: [PATCH 24/32] vfs: syscall: Add fsopen()... Linus Torvalds
- Re: [PATCH 24/32] vfs: syscall: Add fsopen()... Al Viro
- Re: [PATCH 24/32] vfs: syscall: Add fsopen() to prepare f... Andy Lutomirski
- Re: [PATCH 24/32] vfs: syscall: Add fsopen() to prepare f... David Howells
- Re: [PATCH 24/32] vfs: syscall: Add fsopen() to prep... Andy Lutomirski
- Re: [PATCH 24/32] vfs: syscall: Add fsopen() to prep... Linus Torvalds
- Re: [PATCH 24/32] vfs: syscall: Add fsopen() to ... Linus Torvalds
- Re: [PATCH 24/32] vfs: syscall: Add fsopen() to prep... David Howells
- Re: [PATCH 24/32] vfs: syscall: Add fsopen() to ... Linus Torvalds
- Re: [PATCH 24/32] vfs: syscall: Add fsopen() to ... Theodore Y. Ts'o
- Re: [PATCH 24/32] vfs: syscall: Add fsopen() to ... David Howells
- Re: [PATCH 24/32] vfs: syscall: Add fsopen()... Andy Lutomirski
- Re: [PATCH 24/32] vfs: syscall: Add fsopen()... Jann Horn
- Re: [PATCH 24/32] vfs: syscall: Add fsopen()... Jann Horn
- Re: [PATCH 24/32] vfs: syscall: Add fsopen()... David Howells
