| Message ID | 20241209234316.4132786-7-krisman@suse.de (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | Launching processes with io_uring | expand |
On 12/9/24 23:43, Gabriel Krisman Bertazi wrote: > IORING_OP_EXEC runs only from a custom handler and cannot rely on > overloaded credentials. This commit adds infrastructure to allow running > operations without overloading the credentials, i.e. not enabling the > REQ_F_CREDS flag. > > Signed-off-by: Gabriel Krisman Bertazi <krisman@suse.de> > --- > io_uring/io_uring.c | 2 +- > io_uring/opdef.h | 2 ++ > 2 files changed, 3 insertions(+), 1 deletion(-) > > diff --git a/io_uring/io_uring.c b/io_uring/io_uring.c > index a19f72755eaa..0fd8709401fc 100644 > --- a/io_uring/io_uring.c > +++ b/io_uring/io_uring.c > @@ -457,7 +457,7 @@ static void io_prep_async_work(struct io_kiocb *req) > const struct io_issue_def *def = &io_issue_defs[req->opcode]; > struct io_ring_ctx *ctx = req->ctx; > > - if (!(req->flags & REQ_F_CREDS)) { > + if (!(req->flags & REQ_F_CREDS) && !def->ignore_creds) It's not the only place setting creds, see io_init_req().
diff --git a/io_uring/io_uring.c b/io_uring/io_uring.c index a19f72755eaa..0fd8709401fc 100644 --- a/io_uring/io_uring.c +++ b/io_uring/io_uring.c @@ -457,7 +457,7 @@ static void io_prep_async_work(struct io_kiocb *req) const struct io_issue_def *def = &io_issue_defs[req->opcode]; struct io_ring_ctx *ctx = req->ctx; - if (!(req->flags & REQ_F_CREDS)) { + if (!(req->flags & REQ_F_CREDS) && !def->ignore_creds) { req->flags |= REQ_F_CREDS; req->creds = get_current_cred(); } diff --git a/io_uring/opdef.h b/io_uring/opdef.h index 14456436ff74..94e9a2e3c028 100644 --- a/io_uring/opdef.h +++ b/io_uring/opdef.h @@ -27,6 +27,8 @@ struct io_issue_def { unsigned iopoll_queue : 1; /* vectored opcode, set if 1) vectored, and 2) handler needs to know */ unsigned vectored : 1; + /* io_uring must not overload credentials on async context. */ + unsigned ignore_creds : 1; /* size of async data needed, if any */ unsigned short async_size;
IORING_OP_EXEC runs only from a custom handler and cannot rely on overloaded credentials. This commit adds infrastructure to allow running operations without overloading the credentials, i.e. not enabling the REQ_F_CREDS flag. Signed-off-by: Gabriel Krisman Bertazi <krisman@suse.de> --- io_uring/io_uring.c | 2 +- io_uring/opdef.h | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-)