Re: [PATCH] task: delete task_euid()

[Alex Shi]

On 2026/2/19 20:14, Alice Ryhl wrote:
> task_euid() is a very weird operation. You can see how weird it is by
> grepping for task_euid() - binder is its only user. task_euid() obtains
> the objective effective UID - it looks at the credentials of the task
> for purposes of acting on it as an object, but then accesses the
> effective UID (which the credentials.7 man page describes as "[...] used
> by the kernel to determine the permissions that the process will have
> when accessing shared resources [...]").
>
> Since usage in Binder has now been removed, get rid of the resulting
> dead code.
>
> Changes to the zh_CN translation was carried out with the help of
> Gemini and Google Translate.
>
> Suggested-by: Jann Horn<jannh@xxxxxxxxxx>
> Signed-off-by: Alice Ryhl<aliceryhl@xxxxxxxxxx>
> ---
> Depends on these two changes:
> https://lore.kernel.org/all/20260212-rust-uid-v1-1-deff4214c766@xxxxxxxxxx/
> https://lore.kernel.org/all/20260213-binder-uid- 
> v1-0-7b795ae05523@xxxxxxxxxx/
> ---
>   Documentation/security/credentials.rst                    |  6 ++----
>   Documentation/translations/zh_CN/security/credentials.rst |  6 ++----
>   include/linux/cred.h                                      |  1 -
>   rust/helpers/task.c                                       |  5 -----
>   rust/kernel/task.rs                                       | 10 ----------
>   5 files changed, 4 insertions(+), 24 deletions(-)
>
> diff --git a/Documentation/security/credentials.rst b/Documentation/security/credentials.rst
> index d0191c8b8060edb7b272402c019cff941ec22743..81d3b5737d85bde9b77bff94dfb93ed8037b2302 100644
> --- a/Documentation/security/credentials.rst
> +++ b/Documentation/security/credentials.rst
> @@ -393,16 +393,14 @@ the credentials so obtained when they're finished with.
>      The result of ``__task_cred()`` should not be passed directly to
>      ``get_cred()`` as this may race with ``commit_cred()``.
>   
> -There are a couple of convenience functions to access bits of another task's
> -credentials, hiding the RCU magic from the caller::
> +There is a convenience function to access bits of another task's credentials,
> +hiding the RCU magic from the caller::
>   
>   	uid_t task_uid(task)		Task's real UID
> -	uid_t task_euid(task)		Task's effective UID
>   
>   If the caller is holding the RCU read lock at the time anyway, then::
>   
>   	__task_cred(task)->uid
> -	__task_cred(task)->euid
>   
>   should be used instead.  Similarly, if multiple aspects of a task's credentials
>   need to be accessed, RCU read lock should be used, ``__task_cred()`` called,
> diff --git a/Documentation/translations/zh_CN/security/credentials.rst b/Documentation/translations/zh_CN/security/credentials.rst
> index 88fcd9152ffe91d79fc10bfc7b2a37d301b4938a..f0b2efec342438b81be415dc513622c961bb7e59 100644
> --- a/Documentation/translations/zh_CN/security/credentials.rst
> +++ b/Documentation/translations/zh_CN/security/credentials.rst
> @@ -337,15 +337,13 @@ const指针上操作，因此不需要进行类型转换，但需要临时放弃
>      ``__task_cred()`` 的结果不应直接传递给 ``get_cred()`` ，
>      因为这可能与 ``commit_cred()`` 发生竞争条件。
>   
> -还有一些方便的函数可以访问另一个任务凭据的特定部分，将RCU操作对调用方隐藏起来::
> +有一个方便的函数可用于访问另一个任务凭据的特定部分，从而对调用方隐藏RCU机制::

LGTM.

>   
>   	uid_t task_uid(task)		Task's real UID
> -	uid_t task_euid(task)		Task's effective UID
>   
> -如果调用方在此时已经持有RCU读锁，则应使用::
> +如果调用方在此时已经持有RCU读锁，则应改为使用::

Please keep the old version. the new one is a bit ambiguous.

Thanks
Alex