Re: [PATCH bpf-next] selftests/bpf: don't call fsopen() as privileged user

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Tue, Jul 01, 2025 at 08:31:23PM +0200, Matteo Croce wrote:
> From: Matteo Croce <teknoraver@xxxxxxxx>
> 
> In the BPF token example, the fsopen() syscall is called as privileged
> user. This is unneeded because fsopen() can be called also as
> unprivileged user from the user namespace.
> As the `fs_fd` file descriptor which was sent back and fort is still the
> same, keep it open instead of cloning and closing it twice via SCM_RIGHTS.
> 
> cfr. https://github.com/systemd/systemd/pull/36134
> 
> Signed-off-by: Matteo Croce <teknoraver@xxxxxxxx>
> ---

Thanks!
Acked-by: Christian Brauner <brauner@xxxxxxxxxx>
[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [NTFS 3]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [NTFS 3]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux