diff options
author | Eric W. Biederman <ebiederm@xmission.com> | 2012-09-11 01:39:43 -0400 |
---|---|---|
committer | Eric W. Biederman <ebiederm@xmission.com> | 2012-09-17 21:08:54 -0400 |
commit | e1760bd5ffae8cb98cffb030ee8e631eba28f3d8 (patch) | |
tree | 4694a60b407c418bf7de4b97355dc3bd0e6c6559 /net/xfrm/xfrm_user.c | |
parent | ca57ec0f00c3f139c41bf6b0a5b9bcc95bbb2ad7 (diff) |
userns: Convert the audit loginuid to be a kuid
Always store audit loginuids in type kuid_t.
Print loginuids by converting them into uids in the appropriate user
namespace, and then printing the resulting uid.
Modify audit_get_loginuid to return a kuid_t.
Modify audit_set_loginuid to take a kuid_t.
Modify /proc/<pid>/loginuid on read to convert the loginuid into the
user namespace of the opener of the file.
Modify /proc/<pid>/loginud on write to convert the loginuid
rom the user namespace of the opener of the file.
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Eric Paris <eparis@redhat.com>
Cc: Paul Moore <paul@paul-moore.com> ?
Cc: David Miller <davem@davemloft.net>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Diffstat (limited to 'net/xfrm/xfrm_user.c')
-rw-r--r-- | net/xfrm/xfrm_user.c | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c index e75d8e47f35..9ea55db737b 100644 --- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c | |||
@@ -575,7 +575,7 @@ static int xfrm_add_sa(struct sk_buff *skb, struct nlmsghdr *nlh, | |||
575 | struct xfrm_state *x; | 575 | struct xfrm_state *x; |
576 | int err; | 576 | int err; |
577 | struct km_event c; | 577 | struct km_event c; |
578 | uid_t loginuid = audit_get_loginuid(current); | 578 | kuid_t loginuid = audit_get_loginuid(current); |
579 | u32 sessionid = audit_get_sessionid(current); | 579 | u32 sessionid = audit_get_sessionid(current); |
580 | u32 sid; | 580 | u32 sid; |
581 | 581 | ||
@@ -654,7 +654,7 @@ static int xfrm_del_sa(struct sk_buff *skb, struct nlmsghdr *nlh, | |||
654 | int err = -ESRCH; | 654 | int err = -ESRCH; |
655 | struct km_event c; | 655 | struct km_event c; |
656 | struct xfrm_usersa_id *p = nlmsg_data(nlh); | 656 | struct xfrm_usersa_id *p = nlmsg_data(nlh); |
657 | uid_t loginuid = audit_get_loginuid(current); | 657 | kuid_t loginuid = audit_get_loginuid(current); |
658 | u32 sessionid = audit_get_sessionid(current); | 658 | u32 sessionid = audit_get_sessionid(current); |
659 | u32 sid; | 659 | u32 sid; |
660 | 660 | ||
@@ -1369,7 +1369,7 @@ static int xfrm_add_policy(struct sk_buff *skb, struct nlmsghdr *nlh, | |||
1369 | struct km_event c; | 1369 | struct km_event c; |
1370 | int err; | 1370 | int err; |
1371 | int excl; | 1371 | int excl; |
1372 | uid_t loginuid = audit_get_loginuid(current); | 1372 | kuid_t loginuid = audit_get_loginuid(current); |
1373 | u32 sessionid = audit_get_sessionid(current); | 1373 | u32 sessionid = audit_get_sessionid(current); |
1374 | u32 sid; | 1374 | u32 sid; |
1375 | 1375 | ||
@@ -1624,7 +1624,7 @@ static int xfrm_get_policy(struct sk_buff *skb, struct nlmsghdr *nlh, | |||
1624 | NETLINK_CB(skb).pid); | 1624 | NETLINK_CB(skb).pid); |
1625 | } | 1625 | } |
1626 | } else { | 1626 | } else { |
1627 | uid_t loginuid = audit_get_loginuid(current); | 1627 | kuid_t loginuid = audit_get_loginuid(current); |
1628 | u32 sessionid = audit_get_sessionid(current); | 1628 | u32 sessionid = audit_get_sessionid(current); |
1629 | u32 sid; | 1629 | u32 sid; |
1630 | 1630 | ||
@@ -1918,7 +1918,7 @@ static int xfrm_add_pol_expire(struct sk_buff *skb, struct nlmsghdr *nlh, | |||
1918 | 1918 | ||
1919 | err = 0; | 1919 | err = 0; |
1920 | if (up->hard) { | 1920 | if (up->hard) { |
1921 | uid_t loginuid = audit_get_loginuid(current); | 1921 | kuid_t loginuid = audit_get_loginuid(current); |
1922 | u32 sessionid = audit_get_sessionid(current); | 1922 | u32 sessionid = audit_get_sessionid(current); |
1923 | u32 sid; | 1923 | u32 sid; |
1924 | 1924 | ||
@@ -1961,7 +1961,7 @@ static int xfrm_add_sa_expire(struct sk_buff *skb, struct nlmsghdr *nlh, | |||
1961 | km_state_expired(x, ue->hard, current->pid); | 1961 | km_state_expired(x, ue->hard, current->pid); |
1962 | 1962 | ||
1963 | if (ue->hard) { | 1963 | if (ue->hard) { |
1964 | uid_t loginuid = audit_get_loginuid(current); | 1964 | kuid_t loginuid = audit_get_loginuid(current); |
1965 | u32 sessionid = audit_get_sessionid(current); | 1965 | u32 sessionid = audit_get_sessionid(current); |
1966 | u32 sid; | 1966 | u32 sid; |
1967 | 1967 | ||