CRED: Wrap current->cred and a few other accessors

Wrap current->cred and a few other accessors to hide their actual
implementation.

Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: James Morris <jmorris@namei.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>

1 files changed, 5 insertions, 3 deletions

diff --git a/drivers/net/tun.c b/drivers/net/tun.c
index b14e2025e221..55dc70c6b4db 100644
--- a/drivers/net/tun.c
+++ b/drivers/net/tun.c
@@ -702,6 +702,7 @@ static int tun_set_iff(struct net *net, struct file *file, struct ifreq *ifr)
         struct tun_net *tn;
         struct tun_struct *tun;
         struct net_device *dev;
+        const struct cred *cred = current_cred();
         int err;
 
         tn = net_generic(net, tun_net_id);
@@ -712,11 +713,12 @@ static int tun_set_iff(struct net *net, struct file *file, struct ifreq *ifr)
 
                 /* Check permissions */
                 if (((tun->owner != -1 &&
-                      current_euid() != tun->owner) ||
+                      cred->euid != tun->owner) ||
                      (tun->group != -1 &&
-                      current_egid() != tun->group)) &&
-                     !capable(CAP_NET_ADMIN))
+                      cred->egid != tun->group)) &&
+                    !capable(CAP_NET_ADMIN)) {
                         return -EPERM;
+                }
         }
         else if (__dev_get_by_name(net, ifr->ifr_name))
                 return -EINVAL;