On 12/4/23 12:22 PM, Jeff Moyer wrote: > Jens Axboe <axboe@xxxxxxxxx> writes: > >> On 12/4/23 11:40 AM, Jeff Moyer wrote: >>> Finally, as Jens mentioned, I would expect dropping priviliges to, you >>> know, drop privileges. I don't think a commit message is going to be >>> enough documentation for a change like this. >> >> Only thing I can think of here is to cache the state in >> task->io_uring->something, and then ensure those are invalidated >> whenever caps change. > > I looked through the capable() code, and there is no way that I could > find to be notified of changes. Right, what I meant is that you'd need to add an io_uring_cap_change() or something that gets called, and that iterates the rings associated with that task and clears the flag. Ugly... -- Jens Axboe
