Home Esplora Aiuto
Registrati Accedi
phyus
/
linux-vybrid_public
8
0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Sfoglia il codice sorgente

userns: Convert cgroup permission checks to use uid_eq

Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Eric W. Biederman 13 anni fa
parent
8751e03958
commit
14a590c3f9
2 ha cambiato i file con 3 aggiunte e 4 eliminazioni
Visualizzazione separata Mostra Diff Stats
  1. 0 1
      init/Kconfig
  2. 3 3
      kernel/cgroup.c

+ 0 - 1
init/Kconfig
Vedi File 

@@ -865,7 +865,6 @@ config UIDGID_CONVERTED
 
 
 	# List of kernel pieces that need user namespace work
 
 	# Features
 
-	depends on CGROUPS = n
 
 	depends on MIGRATION = n
 
 	depends on NUMA = n
 
 	depends on SYSVIPC = n

+ 3 - 3
kernel/cgroup.c
Vedi File 

@@ -2160,9 +2160,9 @@ retry_find_task:
 
 		 * only need to check permissions on one of them.
 
 		 */
 
 		tcred = __task_cred(tsk);
 
-		if (cred->euid &&
 
-		    cred->euid != tcred->uid &&
 
-		    cred->euid != tcred->suid) {
 
+		if (!uid_eq(cred->euid, GLOBAL_ROOT_UID) &&
 
+		    !uid_eq(cred->euid, tcred->uid) &&
 
+		    !uid_eq(cred->euid, tcred->suid)) {
 
 			rcu_read_unlock();
 
 			ret = -EACCES;
 
 			goto out_unlock_cgroup;