Jens Axboe <axboe@xxxxxxxxx> writes: > On 12/4/23 11:40 AM, Jeff Moyer wrote: >> Finally, as Jens mentioned, I would expect dropping priviliges to, you >> know, drop privileges. I don't think a commit message is going to be >> enough documentation for a change like this. > > Only thing I can think of here is to cache the state in > task->io_uring->something, and then ensure those are invalidated > whenever caps change. I looked through the capable() code, and there is no way that I could find to be notified of changes. > It's one of those cases where that's probably only done once, but we > do need to be able to catch it. Not convinced that caching it at ring > creation is sane enough, even if it is kind of like opening devices > before privs are dropped where you could not otherwise re-open them > later on. Agreed. -Jeff
