diff options
| author | Eric W. Biederman <ebiederm@xmission.com> | 2011-11-14 18:56:38 -0500 |
|---|---|---|
| committer | Eric W. Biederman <ebiederm@xmission.com> | 2012-05-03 06:27:21 -0400 |
| commit | ae2975bc3476243b45a1e2344236d7920c268f38 (patch) | |
| tree | e4b2a8472f6047734b6e7e2bdc994375b2790323 /fs | |
| parent | 22d917d80e842829d0ca0a561967d728eb1d6303 (diff) | |
userns: Convert group_info values from gid_t to kgid_t.
As a first step to converting struct cred to be all kuid_t and kgid_t
values convert the group values stored in group_info to always be
kgid_t values. Unless user namespaces are used this change should
have no effect.
Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Diffstat (limited to 'fs')
| -rw-r--r-- | fs/nfsd/auth.c | 5 | ||||
| -rw-r--r-- | fs/proc/array.c | 5 |
2 files changed, 7 insertions, 3 deletions
diff --git a/fs/nfsd/auth.c b/fs/nfsd/auth.c index 79717a40dab..204438cc914 100644 --- a/fs/nfsd/auth.c +++ b/fs/nfsd/auth.c | |||
| @@ -1,6 +1,7 @@ | |||
| 1 | /* Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de> */ | 1 | /* Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de> */ |
| 2 | 2 | ||
| 3 | #include <linux/sched.h> | 3 | #include <linux/sched.h> |
| 4 | #include <linux/user_namespace.h> | ||
| 4 | #include "nfsd.h" | 5 | #include "nfsd.h" |
| 5 | #include "auth.h" | 6 | #include "auth.h" |
| 6 | 7 | ||
| @@ -56,8 +57,8 @@ int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp) | |||
| 56 | goto oom; | 57 | goto oom; |
| 57 | 58 | ||
| 58 | for (i = 0; i < rqgi->ngroups; i++) { | 59 | for (i = 0; i < rqgi->ngroups; i++) { |
| 59 | if (!GROUP_AT(rqgi, i)) | 60 | if (gid_eq(GLOBAL_ROOT_GID, GROUP_AT(rqgi, i))) |
| 60 | GROUP_AT(gi, i) = exp->ex_anon_gid; | 61 | GROUP_AT(gi, i) = make_kgid(&init_user_ns, exp->ex_anon_gid); |
| 61 | else | 62 | else |
| 62 | GROUP_AT(gi, i) = GROUP_AT(rqgi, i); | 63 | GROUP_AT(gi, i) = GROUP_AT(rqgi, i); |
| 63 | } | 64 | } |
diff --git a/fs/proc/array.c b/fs/proc/array.c index f9bd395b347..36a0a9192ec 100644 --- a/fs/proc/array.c +++ b/fs/proc/array.c | |||
| @@ -81,6 +81,7 @@ | |||
| 81 | #include <linux/pid_namespace.h> | 81 | #include <linux/pid_namespace.h> |
| 82 | #include <linux/ptrace.h> | 82 | #include <linux/ptrace.h> |
| 83 | #include <linux/tracehook.h> | 83 | #include <linux/tracehook.h> |
| 84 | #include <linux/user_namespace.h> | ||
| 84 | 85 | ||
| 85 | #include <asm/pgtable.h> | 86 | #include <asm/pgtable.h> |
| 86 | #include <asm/processor.h> | 87 | #include <asm/processor.h> |
| @@ -161,6 +162,7 @@ static inline const char *get_task_state(struct task_struct *tsk) | |||
| 161 | static inline void task_state(struct seq_file *m, struct pid_namespace *ns, | 162 | static inline void task_state(struct seq_file *m, struct pid_namespace *ns, |
| 162 | struct pid *pid, struct task_struct *p) | 163 | struct pid *pid, struct task_struct *p) |
| 163 | { | 164 | { |
| 165 | struct user_namespace *user_ns = current_user_ns(); | ||
| 164 | struct group_info *group_info; | 166 | struct group_info *group_info; |
| 165 | int g; | 167 | int g; |
| 166 | struct fdtable *fdt = NULL; | 168 | struct fdtable *fdt = NULL; |
| @@ -205,7 +207,8 @@ static inline void task_state(struct seq_file *m, struct pid_namespace *ns, | |||
| 205 | task_unlock(p); | 207 | task_unlock(p); |
| 206 | 208 | ||
| 207 | for (g = 0; g < min(group_info->ngroups, NGROUPS_SMALL); g++) | 209 | for (g = 0; g < min(group_info->ngroups, NGROUPS_SMALL); g++) |
| 208 | seq_printf(m, "%d ", GROUP_AT(group_info, g)); | 210 | seq_printf(m, "%d ", |
| 211 | from_kgid_munged(user_ns, GROUP_AT(group_info, g))); | ||
| 209 | put_cred(cred); | 212 | put_cred(cred); |
| 210 | 213 | ||
| 211 | seq_putc(m, '\n'); | 214 | seq_putc(m, '\n'); |