Documentation: security/credentials.rst: explain need to sort group_list

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

This patch updates the documentation with the observations that led
to commit bdcf0a423ea1 ("kernel: make groups_sort calling a
responsibility group_info allocators") and the new behaviour required.
Specifically that groups_sort() should be called on a new group_list
before set_groups() or set_current_groups() is called.

Signed-off-by: NeilBrown <neilb@suse.com>
[jc: use proper :c:func: references]
Signed-off-by: Jonathan Corbet <corbet@lwn.net>

authored by

NeilBrown and committed by

Jonathan Corbet 8 years ago 0b345d72 536ec304

1 changed file

expand all

Documentation

security

credentials.rst

Documentation/security/credentials.rst

··· 451 451 are available for this purpose as current_cred() will return the current set 452 452 still at this point. 453 453 454 + When replacing the group list, the new list must be sorted before it 455 + is added to the credential, as a binary search is used to test for 456 + membership. In practice, this means :c:func:`groups_sort` should be 457 + called before :c:func:`set_groups` or :c:func:`set_current_groups`. 458 + :c:func:`groups_sort)` must not be called on a ``struct group_list`` which 459 + is shared as it may permute elements as part of the sorting process 460 + even if the array is already sorted. 454 461 455 462 When the credential set is ready, it should be committed to the current process 456 463 by calling::