Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp241381rwd;
        Fri, 19 May 2023 19:16:43 -0700 (PDT)
X-Google-Smtp-Source: ACHHUZ60+KRr+pQefwepEUl67NADdHg2diN1MdHoa4miwulVqyt8jGM4uq03EIELP3jbKAlluDVt
X-Received: by 2002:a17:90a:f3c7:b0:249:748b:a232 with SMTP id ha7-20020a17090af3c700b00249748ba232mr3927516pjb.25.1684549002845;
        Fri, 19 May 2023 19:16:42 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1684549002; cv=none;
        d=google.com; s=arc-20160816;
        b=Jryn1+E3B6XjZkRGfpRicREaRN1LcbhqAsqoWmHXU0VgwRWXWLWGIdDotqYWzzjJBv
         4SpKHTujyuCOdgxWhcYQSlfMVspLsX0zSJDtWrogZyyOS5O0EWAMDRQbIW4XJUusHaEH
         RrxpZHeWs7CcnLjoHGg35RbCfvUtzrLa/QxyYbBzF80DaCd1T8H+qw4YL0yicYq78mJG
         P+4Z88ekliD6A+5VItfNgJ6yV02KIBy+1Gf6TdI+6sgaQ3oM8m+TD2C2n98yDnhRDvNf
         vEsOSd5Gy3tJXCVLVxyZ+xXJA4GhVsNoYDr0/Jtcha01f1PHSPLb7/ihbQdOYnXI/SUP
         0D3Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:in-reply-to:from
         :references:cc:to:subject:user-agent:mime-version:date:message-id;
        bh=w6GkQ7N4gMAySso/b/BPF+JZG3YBa+CzXXtbqdEhoI0=;
        b=PoxeFcwOg9dQCG0Uh0kd3KgVsQRyJxoC2Ny/bhpwNMjBSPdROytq4i1z2pLRvjKnNS
         ZHzrnR6XpcsxNVqaTW0Q6l8F3wunKHXLLfZL77mlG7joNMl8dl+7cM4AN/evs4bzbIWC
         hf33M0C9HPVyZEV3tsYp7NNEtFAvzTbQp+Ma7HJ574SFz46RDB5dPm9xOE2vOPv8tlwi
         bw+XJd8L8s16ewGH9+nFPfTunclsOKhgON7/bEHo0LJE73L+U13FMO2A9SBQxCVqBrNU
         KuRGSZ/KgExJmzKFNifJNylEKWt3RoGI2MLCW9SZgj3oO3FK1Y2XxlB4bt7G/LoObeb8
         so5A==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id g14-20020a17090a3c8e00b0024e1172c1d5si499732pjc.155.2023.05.19.19.16.30;
        Fri, 19 May 2023 19:16:42 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S232184AbjETCHv (ORCPT <rfc822;a225855305@gmail.com> + 99 others);
        Fri, 19 May 2023 22:07:51 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56848 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S232172AbjETCHt (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 19 May 2023 22:07:49 -0400
Received: from out30-133.freemail.mail.aliyun.com (out30-133.freemail.mail.aliyun.com [115.124.30.133])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C450D8F;
        Fri, 19 May 2023 19:07:47 -0700 (PDT)
X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R131e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018045168;MF=hsiangkao@linux.alibaba.com;NM=1;PH=DS;RN=6;SR=0;TI=SMTPD_---0Vj0SAfv_1684548461;
Received: from 192.168.3.7(mailfrom:hsiangkao@linux.alibaba.com fp:SMTPD_---0Vj0SAfv_1684548461)
          by smtp.aliyun-inc.com;
          Sat, 20 May 2023 10:07:44 +0800
Message-ID: <caa318ba-a6fb-caa9-c7e0-f1f13b5ee577@linux.alibaba.com>
Date:   Sat, 20 May 2023 10:07:40 +0800
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:102.0)
 Gecko/20100101 Thunderbird/102.10.0
Subject: Re: [Linux-cachefs] [PATCH] cachefiles: Allow the cache to be
 non-root
To:     David Howells <dhowells@redhat.com>, linux-cachefs@redhat.com
Cc:     linux-erofs@lists.ozlabs.org, linux-fsdevel@vger.kernel.org,
        Jeff Layton <jlayton@kernel.org>, linux-kernel@vger.kernel.org
References: <1853230.1684516880@warthog.procyon.org.uk>
From:   Gao Xiang <hsiangkao@linux.alibaba.com>
In-Reply-To: <1853230.1684516880@warthog.procyon.org.uk>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Spam-Status: No, score=-11.4 required=5.0 tests=BAYES_00,
        ENV_AND_HDR_SPF_MATCH,NICE_REPLY_A,RCVD_IN_DNSWL_NONE,
        RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE,
        UNPARSEABLE_RELAY,USER_IN_DEF_SPF_WL autolearn=ham autolearn_force=no
        version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org



On 2023/5/20 10:21, David Howells wrote:
>      
> Set mode 0600 on files in the cache so that cachefilesd can run as an
> unprivileged user rather than leaving the files all with 0.  Directories
> are already set to 0700.
> 
> Userspace then needs to set the uid and gid before issuing the "bind"
> command and the cache must've been chown'd to those IDs.
> 
> Signed-off-by: David Howells <dhowells@redhat.com>
> cc: David Howells <dhowells@redhat.com>
> cc: Jeff Layton <jlayton@kernel.org>
> cc: linux-cachefs@redhat.com
> cc: linux-erofs@lists.ozlabs.org
> cc: linux-fsdevel@vger.kernel.org

It seems useful on our side as well and safe:

Reviewed-by: Gao Xiang <hsiangkao@linux.alibaba.com>

Thanks,
Gao Xiang