Re: [RFC][PATCH] exec: Move cred computation under exec_update_lock

Next message: Sean Christopherson: "Re: [PATCH v2 00/23] Extend test coverage for nested SVM"
Previous message: Sean Christopherson: "Re: [PATCH v2 00/23] Extend test coverage for nested SVM"
In reply to: Eric W. Biederman: "[RFC][PATCH] exec: Move cred computation under exec_update_lock"
Next in thread: Bernd Edlinger: "Re: [RFC][PATCH] exec: Move cred computation under exec_update_lock"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Eric W. Biederman

Date: Thu Nov 20 2025 - 18:50:24 EST

"Eric W. Biederman" <ebiederm@xxxxxxxxxxxx> writes:

> Instead of computing the new cred before we pass the point of no
> return compute the new cred just before we use it.
>
> This allows the removal of fs_struct->in_exec and cred_guard_mutex.
>
> I am not certain why we wanted to compute the cred for the new
> executable so early. Perhaps I missed something but I did not see any
> common errors being signaled. So I don't think we loose anything by
> computing the new cred later.

I should add that the permission checks happen in open_exec,
everything that follows credential wise is just about representing in
struct cred the credentials the new executable will have.

So I am really at a loss why we have had this complicated way of
computing of computed the credentials all of these years full of
time of check to time of use problems.

Eric