| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20251104-hebamme-sinnieren-a30735196a26@brauner> Date: Tue, 4 Nov 2025 12:40:36 +0100 From: Christian Brauner <brauner@...nel.org> To: Linus Torvalds <torvalds@...ux-foundation.org> Cc: linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org, linux-aio@...ck.org, linux-unionfs@...r.kernel.org, linux-erofs@...ts.ozlabs.org, linux-nfs@...r.kernel.org, linux-cifs@...r.kernel.org, samba-technical@...ts.samba.org, cgroups@...r.kernel.org, netdev@...r.kernel.org Subject: Re: [PATCH 14/16] act: use credential guards in acct_write_process() On Tue, Nov 04, 2025 at 08:04:28AM +0900, Linus Torvalds wrote: > On Mon, 3 Nov 2025 at 20:27, Christian Brauner <brauner@...nel.org> wrote: > > > > /* Perform file operations on behalf of whoever enabled accounting */ > > - cred = override_creds(file->f_cred); > > - > > + with_creds(file->f_cred); > > I'd almost prefer if we *only* did "scoped_with_creds()" and didn't > have this version at all. > > Most of the cases want that anyway, and the couple of plain > "with_creds()" cases look like they would only be cleaned up by making > the cred scoping more explicit. > > What do you think? Yeah, good idea. I reworked it all so now we're only left with: scoped_with_creds() scoped_with_kernel_creds() It increases the indentation for about 3 cases but otherwise is safer. It's all in: https://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs.git/log/?h=kernel-6.19.cred
Powered by blists - more mailing lists