Received: by 10.223.185.116 with SMTP id b49csp3584799wrg; Tue, 13 Feb 2018 04:41:20 -0800 (PST) X-Google-Smtp-Source: AH8x226AhDxrWi+hpUtzFiKpmgszhvkgYg4bx5Mw0i4bZLSeY9DvNMreEHald21JOlG/7PZmZFAL X-Received: by 2002:a17:902:aa45:: with SMTP id c5-v6mr1012886plr.93.1518525680509; Tue, 13 Feb 2018 04:41:20 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518525680; cv=none; d=google.com; s=arc-20160816; b=obPvn+L8BY8h/UKSPjDbvEp5rSwyWQTTNCOk7ntcLdDTtbRoEbqXqwPqC94Cf6tOM/ 1MaIwS23ahyxHmLst9usxavOLoPZ5KQSg7wCD0xoS+j/G8QEMUEePqpbVMhYRjQ7tf/s S9TXnjzSSoyJwSR0yVm4C3SfaEY97GbJzTyU/1iJtZj71Hk7H5cCTp7yH9R3IkNs7T+K KHlihV0JUUN/lSWdxRlLdmbLEMBp8DC+rTBgi58THzBsFxyG4JAKOqLDSVJ6M7K3HTEN Eo7vgGh1Fs0Fx/ExwvvoV1prC3WSZOySy0lnZdmDUFGa6NI1K7Va5Q65ZO5tyNbYmyeq 5x+g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:arc-authentication-results; bh=gsE4ut8mJVgd9ieSaarhFYBcqvIigiUm/J3HwIl9cOY=; b=uo7cqyGbWktV4o5WLhNzmikRtWaazSMY3DdSRy9fL5b9DeWUWD+4TJinDH17HREyju xNizPX3cv64EU4T91m2X44K1BMXay5abeat5QwXPMsxT1agt42paIDNoBcs3incV93CE 3qMyuPoLyW4WerWB/p3xax6uRKlstrokdXMTNEavNlICAQQmC7WhBjEXgIb+UNwsvUXG i5kvU/L5PrFKfTlK6iguBbGAkbo2wAGweZaoT7eaLkGqtiZh7On3xFqeD5f7cQdwYPpX xMEVKuY70iUN616YYz8ReOq0XLFqiooU1dtrkHMmSEfQZWRIveEu28vcnGIWdmtcX2UF l5Pg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c1-v6si5522960pld.427.2018.02.13.04.41.05; Tue, 13 Feb 2018 04:41:20 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S935091AbeBMMkU (ORCPT + 99 others); Tue, 13 Feb 2018 07:40:20 -0500 Received: from mout.gmx.net ([212.227.15.15]:45337 "EHLO mout.gmx.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S934971AbeBMMkT (ORCPT ); Tue, 13 Feb 2018 07:40:19 -0500 Received: from [192.168.2.106] ([84.184.25.114]) by mail.gmx.com (mrgmx003 [212.227.17.190]) with ESMTPSA (Nemesis) id 0MI4yc-1eoJhv0Jyw-003rw0; Tue, 13 Feb 2018 13:40:17 +0100 Subject: Re: [PATCH] p9caps: add Plan9 capability devices To: "Serge E. Hallyn" Cc: linux-kernel@vger.kernel.org References: <40d4c871-a16a-7b8f-2d4a-422a5a490693@infradead.org> <20180211215028.16210-1-metux@gmx.de> <20180211215028.16210-2-metux@gmx.de> <20180213071655.GA11240@mail.hallyn.com> From: "Enrico Weigelt, metux IT consult" Message-ID: <3a99edaf-0365-ec7e-4d2f-1e21dea007ac@gmx.de> Date: Tue, 13 Feb 2018 12:40:14 +0000 User-Agent: Mozilla/5.0 (X11; Linux i686; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 MIME-Version: 1.0 In-Reply-To: <20180213071655.GA11240@mail.hallyn.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Provags-ID: V03:K0:zNvjCF9aLLdH6t/5bXpfZWxTp75qTgA61zjmU9vTW+KBavj3UOk P4kFQWLPHBljf9E/+6xEQpuxr8jsD6YIwRJ3o1dTvHhkZLn7s4T/TRz933fbRWvdCBA9XWG BJnUtpzaivalyVtdtRniviCa98fgS0OvnKWYrtIaWjRPP2Q6+9xJSWOOR+D+lpqX7L2K5cj pLvKjRm1u8X62k+EfGfCg== X-UI-Out-Filterresults: notjunk:1;V01:K0:2dYDACkJaeM=:hIGvIc85AqWjjBZ4nyr7cv iXA7L9dvHO3RDn6ASy7LpLQyehCF6DErKH/HQDPJ/4Gm2xo9fGQQJQrM9e1umJteSUWFrFLWb OW8EW0FFsMDDJlNbLYeJQNySWoXHYPEYGrkI+8t7GH3yFycGwHxLjTtzfXcFLC5GFpHItcEI9 w4uyaykQLIet4GBZrjkbHZMuC08K8FDeMA8C/URTrkjH/P91rSkplA+TWaQZCP3BKH+qm9lkg 3n42UHcC8zfPKVCAOEVMu9ux0FQcKCRElMvNc/uHMTWIGzf17EcaApaTnLlOHNhXiA01aTP6B NTBmkkBMnLl1TyHy3nv50Yd0O5aaThkB8b9Ni7me+C1ERuYD21KHKYZF10RCsE7B2NmNdj8W2 0ik9qnmEORGRP7B1LrKT/Jfiiuikb4kWDaVzQVoKENc/Bo022nlpD7TrmUPiEDKhw6eBRYZsV qBrOhfX9gQnI3cg21IQTjdO1Q4ouDcyshYtkNC43fCAd8tHjgtp2Adf/Xinw88P0ejNz7qu4q BxIysdWwpUq2xexKaCzGLmBaDAQHJpeNcNNjuyj2HM5Q4QfaVI4AK/X27LbPosGSCOACUygm7 vP5M3FCu7AKwKrs7LCK3vp8pzK9m4ohIdsMKwvKsHkZnY+7XP5cykOp7sEAkIbJwWDQy2Lqni TY33qAJM3xDbE8S9iUuWa8jWg2YmiZZEaC/x0uDk5hxRtuw42EQnv64eJMtz6b2PQi9hItx99 NYZ4yAakjZZ/goz9t9lHJihoF6sG0zTxYbC0N72QU/U1XSn39wcQJDVisYj1hc0HsPt6qqHBS kSDqMa95VHmutj/m72+r+oIedJOwzsdxwhMr8qMZs65eFqMWBk= Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 13.02.2018 07:16, Serge E. Hallyn wrote: >> + /* make sure only one instance per namespace can be opened */ > > ... at a time yeah, right. > might be better to keep this state in the user_ns itself, would > avoid kzalloc below. thought about, but hesitated to touch user_ns. might not be the best idea when having p9caps as module (OTOH, doesn't need to be a module) the whole thing might become a bit more complex when introducing plan9-like unprivileged mount operations. haven't sorted out how to do that yet. > Would it be worth doing any privilege checking here? Which ones should I check ? --mtx