diff options
author | NeilBrown <neilb@suse.com> | 2018-01-02 22:01:15 +0100 |
---|---|---|
committer | Jonathan Corbet <corbet@lwn.net> | 2018-01-08 22:20:31 +0100 |
commit | 0b345d722e07d77866edffcf350449a4607026b6 (patch) | |
tree | 3fa4dca4b1d05ecaf7257a5cec4b6bd0340032e0 /Documentation/security/credentials.rst | |
parent | LICENSES: Add MPL-1.1 license (diff) | |
download | linux-0b345d722e07d77866edffcf350449a4607026b6.tar.xz linux-0b345d722e07d77866edffcf350449a4607026b6.zip |
Documentation: security/credentials.rst: explain need to sort group_list
This patch updates the documentation with the observations that led
to commit bdcf0a423ea1 ("kernel: make groups_sort calling a
responsibility group_info allocators") and the new behaviour required.
Specifically that groups_sort() should be called on a new group_list
before set_groups() or set_current_groups() is called.
Signed-off-by: NeilBrown <neilb@suse.com>
[jc: use proper :c:func: references]
Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Diffstat (limited to 'Documentation/security/credentials.rst')
-rw-r--r-- | Documentation/security/credentials.rst | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/Documentation/security/credentials.rst b/Documentation/security/credentials.rst index 66a2e24939d8..5bb7125faeee 100644 --- a/Documentation/security/credentials.rst +++ b/Documentation/security/credentials.rst @@ -451,6 +451,13 @@ checks and hooks done. Both the current and the proposed sets of credentials are available for this purpose as current_cred() will return the current set still at this point. +When replacing the group list, the new list must be sorted before it +is added to the credential, as a binary search is used to test for +membership. In practice, this means :c:func:`groups_sort` should be +called before :c:func:`set_groups` or :c:func:`set_current_groups`. +:c:func:`groups_sort)` must not be called on a ``struct group_list`` which +is shared as it may permute elements as part of the sorting process +even if the array is already sorted. When the credential set is ready, it should be committed to the current process by calling:: |