[PATCH 1/2] iouring: one capable call per iouring instance
Jens Axboe
axboe at kernel.dk
Mon Dec 4 10:05:00 PST 2023
On 12/4/23 10:53 AM, Keith Busch wrote:
> diff --git a/io_uring/io_uring.c b/io_uring/io_uring.c
> index 1d254f2c997de..4aa10b64f539e 100644
> --- a/io_uring/io_uring.c
> +++ b/io_uring/io_uring.c
> @@ -3980,6 +3980,7 @@ static __cold int io_uring_create(unsigned entries, struct io_uring_params *p,
> ctx->syscall_iopoll = 1;
>
> ctx->compat = in_compat_syscall();
> + ctx->sys_admin = capable(CAP_SYS_ADMIN);
> if (!ns_capable_noaudit(&init_user_ns, CAP_IPC_LOCK))
> ctx->user = get_uid(current_user());
Hmm, what happens if the app starts as eg root for initialization
purposes and drops caps after? That would have previously have caused
passthrough to fail, but now it will work. Perhaps this is fine, after
all this isn't unusual for eg opening device or doing other init special
work?
In any case, that should definitely be explicitly mentioned in the
commit message for a change like that.
--
Jens Axboe
More information about the Linux-nvme
mailing list