Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp1073127imm; Wed, 18 Jul 2018 16:15:51 -0700 (PDT) X-Google-Smtp-Source: AAOMgpcJI28qLjBQTxGZow+CwWVF8PMDlKmrnPJY+ohycWDa9pLPwYRu+Ty78XJlETAbU9d9PZY9 X-Received: by 2002:a63:b43:: with SMTP id a3-v6mr7510264pgl.50.1531955751005; Wed, 18 Jul 2018 16:15:51 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1531955750; cv=none; d=google.com; s=arc-20160816; b=HBMw1/3ScazrX5SBJIYKfuX0xVMUdXgT0ylocTDw5RsQLLniGNgLNKwT+VFv7kTCps 7JEbTjYSztKWJAg1Odo7i5LZWZw0FQ+TdXvTbtt09IzpmgOd6XfTE7BkLL1c2WBth/rJ AjtqFVxO1+ln0J+3pY5A8PG+N21/lCPYqDfnBLbCuTdtoLUQ2NZmgMIV4guFBuLOVxql X2IhASAoOzeGGwimiREo8WWQ/yDgGyqEGXmTOS7O7h29DORUKBiYsxpjcOjyfvICJcLP fH7fqB9NyUopTKi2NCzRXnHue3Rv+KSZX00A44otnMxkINR+7Xm5MBCBEAKOf+KMg8Fz nWSg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature :arc-authentication-results; bh=Kvc+RjayhfwVtxtOtRYYL3aCt9CTr+SKqvY1kns2YWw=; b=Mlrh81+/94O3u/JJwk0TgnalcIbIEYh4pEVPi8qVJyWoC72/W6he2LB6DM/3VvqtVj ZvbYq/ByUi5jNUMU4d6HPzOyMGciPDoP2d4lchD1aU4sNY968Zr1RAC/st4ziJEuRiaP 9P31HyN+1hPqyycChYG+jagLmYN+VNVH+OpcBib62/w6KZHu5Pn+DoMrvCaOcIUfNfvI AGw0ZME/HVDFYRGAMCkmcH9DMrp7rXND/kzUgUuJfglvy6YpIYJYW156tyOVSYYA/PlH C7hHFKzAvDujWXFngBqOw1VHwKHA4fndYWiJJT4TjsNtWMr4P/hX9ZmKlkyz6QQq03GU dMog== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=ID3mbr1a; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n10-v6si3993283plp.328.2018.07.18.16.15.36; Wed, 18 Jul 2018 16:15:50 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linux-foundation.org header.s=google header.b=ID3mbr1a; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730860AbeGRXyH (ORCPT + 99 others); Wed, 18 Jul 2018 19:54:07 -0400 Received: from mail-it0-f65.google.com ([209.85.214.65]:36661 "EHLO mail-it0-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726998AbeGRXyG (ORCPT ); Wed, 18 Jul 2018 19:54:06 -0400 Received: by mail-it0-f65.google.com with SMTP id j185-v6so6775107ite.1; Wed, 18 Jul 2018 16:13:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Kvc+RjayhfwVtxtOtRYYL3aCt9CTr+SKqvY1kns2YWw=; b=ID3mbr1abJ1UrmSemuwSnUwmBd0cooTdA15Y0fH/VzdA7Lf5eg9AHGEI24/C0tOAAf kL+k9rptNF4H7wlEDFvHsbZK07ZpLM5kAnf8L2pU8QmXec5w3b+rwGVKURM+mLTtZA8t Y9AjYZvmp0pn6bnI5nf8MTUfY6rJoAR5gSK3w= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Kvc+RjayhfwVtxtOtRYYL3aCt9CTr+SKqvY1kns2YWw=; b=ucfUP1QcNag93bUmmW8Zxyh2czMgeYFO7mqeRHnPCzVCssjNb3u4+UcM8IPywvQ/oG 3NTax5kKcwxbC9jM7QWxQQbDeyOuFxQONrTojS2JFtcsxcdj0Oi9xGblVr8Kt42VNglR bmoydwVr/IPmzly1MkGB03b/0EryLsLzD83gDNa3Ui0PcH0kMeuyVIYrqrgcTe8E+Yqt OnNR8Naqud0hmniDCfpi327Hip6tKrcoLXkqdIH4wWw+TNHTYRRlFPY1NgvHRxHNPqFM 88GWwzitVnyzSNdYPxgJuIggMkrdvrh07xW/oEykuSDrg5Q4CqzpvVKuEikeA221oM5O gexQ== X-Gm-Message-State: AOUpUlFTG8ZUJeYAEUapESMPX4K7ZDJTIu/KTbjV7p28mSp8b6ojW97w l3kcbIATG5WAqsERIU5GLrbmpuT/nzn+zEciL2sAzNKx X-Received: by 2002:a24:94f:: with SMTP id 76-v6mr3657097itm.113.1531955636277; Wed, 18 Jul 2018 16:13:56 -0700 (PDT) MIME-Version: 1.0 References: <20180711161540.GS30522@ZenIV.linux.org.uk> <20180712124326.GA19272@ZenIV.linux.org.uk> <20180712155337.GU30522@ZenIV.linux.org.uk> <20180718025636.GA26175@ZenIV.linux.org.uk> <20180718132955.2bf185b7@canb.auug.org.au> <20180718124340.GS30522@ZenIV.linux.org.uk> <20180718181252.GU30522@ZenIV.linux.org.uk> <15659.1531949324@warthog.procyon.org.uk> In-Reply-To: <15659.1531949324@warthog.procyon.org.uk> From: Linus Torvalds Date: Wed, 18 Jul 2018 16:13:45 -0700 Message-ID: Subject: Re: [RFC] call_with_creds() To: David Howells Cc: Al Viro , Miklos Szeredi , Stephen Rothwell , linux-fsdevel , Linux Kernel Mailing List Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Jul 18, 2018 at 2:28 PM David Howells wrote: > > Are network filesystems allowed to use f_cred at I/O time to determine the > authentication/encryption parameters to commune with the server? Absolutely. file->f_cred is very much "what was my ID at open time". Of course, you may well have reasons why you actually want to cache the key itself (and hide it in private_data or similar rather than look it up, but if looking it up by uid is ok, then file->f_cred is ok. And if you check permissions at IO time (again using file->f_cred), that's ok from a kernel perspective, but it's not really POSIX-compliant. But obviously a lot of netrwork filesystems aren't posix-compliant anyway. Linus