On Fri, May 8, 2026 at 5:20 PM Christoph Hellwig <[email protected]> wrote:
> On Tue, May 05, 2026 at 11:56:15PM +0800, Gao Xiang wrote:
> > Similar to commit 905eeb2b7c33 ("erofs: impersonate the opener's
> > credentials when accessing backing file"), rw_verify_area() needs
> > the same too.
>
> Two things here:
>
> - rw_verify_area is a helper for use inside the VFS and file system
> read/write method implementation. Erofs as a user of the VFS should
> not use it at all.
> - using the opener credentials when accessing the backing file seems
> wrong. The entity accessing it is the file system, so it should
> have system or mounter credentials, not that of someone causing
> metadata / fs data access. And this applies to all access by
> a file system backed by a backing file.
>
I think there's probably some confusion of terminology here. buf->file is
opened with the mounter's credentials, so we are impersonating the mounter
here. Perhaps the commit message could describe that more clearly. Same for
the previous patches mentioned.
