On Tue, Dec 22, 2020 at 11:33:58AM -0600, Eric W. Biederman wrote: > I do wonder though if perhaps we should create a is_user_cred helper to > detect the difference between the creds of kernel threads and the thread > of ordinary userspace. Which would handle io_uring that copy creds > around and check them at a later time more cleanly.
I don't think we should as no one has a business to check this difference. If there is a case where the creds are not correct for all access decisions we need to fix that rather than adding hacks.