diff options
| -rw-r--r-- | include/linux/utsname.h | 6 | ||||
| -rw-r--r-- | kernel/nsproxy.c | 7 | ||||
| -rw-r--r-- | kernel/sys.c | 2 | ||||
| -rw-r--r-- | kernel/utsname.c | 12 |
4 files changed, 12 insertions, 15 deletions
diff --git a/include/linux/utsname.h b/include/linux/utsname.h index 2c3c0f543705..4e5b0213fdc1 100644 --- a/include/linux/utsname.h +++ b/include/linux/utsname.h | |||
| @@ -54,7 +54,7 @@ static inline void get_uts_ns(struct uts_namespace *ns) | |||
| 54 | } | 54 | } |
| 55 | 55 | ||
| 56 | extern struct uts_namespace *copy_utsname(unsigned long flags, | 56 | extern struct uts_namespace *copy_utsname(unsigned long flags, |
| 57 | struct uts_namespace *ns); | 57 | struct task_struct *tsk); |
| 58 | extern void free_uts_ns(struct kref *kref); | 58 | extern void free_uts_ns(struct kref *kref); |
| 59 | 59 | ||
| 60 | static inline void put_uts_ns(struct uts_namespace *ns) | 60 | static inline void put_uts_ns(struct uts_namespace *ns) |
| @@ -71,12 +71,12 @@ static inline void put_uts_ns(struct uts_namespace *ns) | |||
| 71 | } | 71 | } |
| 72 | 72 | ||
| 73 | static inline struct uts_namespace *copy_utsname(unsigned long flags, | 73 | static inline struct uts_namespace *copy_utsname(unsigned long flags, |
| 74 | struct uts_namespace *ns) | 74 | struct task_struct *tsk) |
| 75 | { | 75 | { |
| 76 | if (flags & CLONE_NEWUTS) | 76 | if (flags & CLONE_NEWUTS) |
| 77 | return ERR_PTR(-EINVAL); | 77 | return ERR_PTR(-EINVAL); |
| 78 | 78 | ||
| 79 | return ns; | 79 | return tsk->nsproxy->uts_ns; |
| 80 | } | 80 | } |
| 81 | #endif | 81 | #endif |
| 82 | 82 | ||
diff --git a/kernel/nsproxy.c b/kernel/nsproxy.c index 034dc2ed13ac..b97fc9d04ddf 100644 --- a/kernel/nsproxy.c +++ b/kernel/nsproxy.c | |||
| @@ -69,16 +69,11 @@ static struct nsproxy *create_new_namespaces(unsigned long flags, | |||
| 69 | goto out_ns; | 69 | goto out_ns; |
| 70 | } | 70 | } |
| 71 | 71 | ||
| 72 | new_nsp->uts_ns = copy_utsname(flags, tsk->nsproxy->uts_ns); | 72 | new_nsp->uts_ns = copy_utsname(flags, tsk); |
| 73 | if (IS_ERR(new_nsp->uts_ns)) { | 73 | if (IS_ERR(new_nsp->uts_ns)) { |
| 74 | err = PTR_ERR(new_nsp->uts_ns); | 74 | err = PTR_ERR(new_nsp->uts_ns); |
| 75 | goto out_uts; | 75 | goto out_uts; |
| 76 | } | 76 | } |
| 77 | if (new_nsp->uts_ns != tsk->nsproxy->uts_ns) { | ||
| 78 | put_user_ns(new_nsp->uts_ns->user_ns); | ||
| 79 | new_nsp->uts_ns->user_ns = task_cred_xxx(tsk, user)->user_ns; | ||
| 80 | get_user_ns(new_nsp->uts_ns->user_ns); | ||
| 81 | } | ||
| 82 | 77 | ||
| 83 | new_nsp->ipc_ns = copy_ipcs(flags, tsk->nsproxy->ipc_ns); | 78 | new_nsp->ipc_ns = copy_ipcs(flags, tsk->nsproxy->ipc_ns); |
| 84 | if (IS_ERR(new_nsp->ipc_ns)) { | 79 | if (IS_ERR(new_nsp->ipc_ns)) { |
diff --git a/kernel/sys.c b/kernel/sys.c index 1ad48b3b9068..5761c53e19e3 100644 --- a/kernel/sys.c +++ b/kernel/sys.c | |||
| @@ -1181,7 +1181,7 @@ SYSCALL_DEFINE2(sethostname, char __user *, name, int, len) | |||
| 1181 | int errno; | 1181 | int errno; |
| 1182 | char tmp[__NEW_UTS_LEN]; | 1182 | char tmp[__NEW_UTS_LEN]; |
| 1183 | 1183 | ||
| 1184 | if (!capable(CAP_SYS_ADMIN)) | 1184 | if (!ns_capable(current->nsproxy->uts_ns->user_ns, CAP_SYS_ADMIN)) |
| 1185 | return -EPERM; | 1185 | return -EPERM; |
| 1186 | if (len < 0 || len > __NEW_UTS_LEN) | 1186 | if (len < 0 || len > __NEW_UTS_LEN) |
| 1187 | return -EINVAL; | 1187 | return -EINVAL; |
diff --git a/kernel/utsname.c b/kernel/utsname.c index a7b3a8d1ad24..44646179eaba 100644 --- a/kernel/utsname.c +++ b/kernel/utsname.c | |||
| @@ -31,7 +31,8 @@ static struct uts_namespace *create_uts_ns(void) | |||
| 31 | * @old_ns: namespace to clone | 31 | * @old_ns: namespace to clone |
| 32 | * Return NULL on error (failure to kmalloc), new ns otherwise | 32 | * Return NULL on error (failure to kmalloc), new ns otherwise |
| 33 | */ | 33 | */ |
| 34 | static struct uts_namespace *clone_uts_ns(struct uts_namespace *old_ns) | 34 | static struct uts_namespace *clone_uts_ns(struct task_struct *tsk, |
| 35 | struct uts_namespace *old_ns) | ||
| 35 | { | 36 | { |
| 36 | struct uts_namespace *ns; | 37 | struct uts_namespace *ns; |
| 37 | 38 | ||
| @@ -41,8 +42,7 @@ static struct uts_namespace *clone_uts_ns(struct uts_namespace *old_ns) | |||
| 41 | 42 | ||
| 42 | down_read(&uts_sem); | 43 | down_read(&uts_sem); |
| 43 | memcpy(&ns->name, &old_ns->name, sizeof(ns->name)); | 44 | memcpy(&ns->name, &old_ns->name, sizeof(ns->name)); |
| 44 | ns->user_ns = old_ns->user_ns; | 45 | ns->user_ns = get_user_ns(task_cred_xxx(tsk, user)->user_ns); |
| 45 | get_user_ns(ns->user_ns); | ||
| 46 | up_read(&uts_sem); | 46 | up_read(&uts_sem); |
| 47 | return ns; | 47 | return ns; |
| 48 | } | 48 | } |
| @@ -53,8 +53,10 @@ static struct uts_namespace *clone_uts_ns(struct uts_namespace *old_ns) | |||
| 53 | * utsname of this process won't be seen by parent, and vice | 53 | * utsname of this process won't be seen by parent, and vice |
| 54 | * versa. | 54 | * versa. |
| 55 | */ | 55 | */ |
| 56 | struct uts_namespace *copy_utsname(unsigned long flags, struct uts_namespace *old_ns) | 56 | struct uts_namespace *copy_utsname(unsigned long flags, |
| 57 | struct task_struct *tsk) | ||
| 57 | { | 58 | { |
| 59 | struct uts_namespace *old_ns = tsk->nsproxy->uts_ns; | ||
| 58 | struct uts_namespace *new_ns; | 60 | struct uts_namespace *new_ns; |
| 59 | 61 | ||
| 60 | BUG_ON(!old_ns); | 62 | BUG_ON(!old_ns); |
| @@ -63,7 +65,7 @@ struct uts_namespace *copy_utsname(unsigned long flags, struct uts_namespace *ol | |||
| 63 | if (!(flags & CLONE_NEWUTS)) | 65 | if (!(flags & CLONE_NEWUTS)) |
| 64 | return old_ns; | 66 | return old_ns; |
| 65 | 67 | ||
| 66 | new_ns = clone_uts_ns(old_ns); | 68 | new_ns = clone_uts_ns(tsk, old_ns); |
| 67 | 69 | ||
| 68 | put_uts_ns(old_ns); | 70 | put_uts_ns(old_ns); |
| 69 | return new_ns; | 71 | return new_ns; |