aboutsummaryrefslogtreecommitdiffstats
path: root/fs/proc
diff options
context:
space:
mode:
authorEric W. Biederman <ebiederm@xmission.com>2012-02-09 11:48:21 -0500
committerEric W. Biederman <ebiederm@xmission.com>2012-05-15 17:59:28 -0400
commitdcb0f22282e680ee5202ab7574ce78beb3803a9f (patch)
treedce64929607bc1cc79b08e9c207c27792988ff39 /fs/proc
parent08cefc7ab839cf3ece44b8033968a4732eac06d8 (diff)
userns: Convert proc to use kuid/kgid where appropriate
Acked-by: Serge Hallyn <serge.hallyn@canonical.com> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Diffstat (limited to 'fs/proc')
-rw-r--r--fs/proc/array.c10
-rw-r--r--fs/proc/base.c16
-rw-r--r--fs/proc/inode.c4
-rw-r--r--fs/proc/root.c2
4 files changed, 19 insertions, 13 deletions
diff --git a/fs/proc/array.c b/fs/proc/array.c
index 36a0a9192ece..dc4c5a7b9ece 100644
--- a/fs/proc/array.c
+++ b/fs/proc/array.c
@@ -191,8 +191,14 @@ static inline void task_state(struct seq_file *m, struct pid_namespace *ns,
191 task_tgid_nr_ns(p, ns), 191 task_tgid_nr_ns(p, ns),
192 pid_nr_ns(pid, ns), 192 pid_nr_ns(pid, ns),
193 ppid, tpid, 193 ppid, tpid,
194 cred->uid, cred->euid, cred->suid, cred->fsuid, 194 from_kuid_munged(user_ns, cred->uid),
195 cred->gid, cred->egid, cred->sgid, cred->fsgid); 195 from_kuid_munged(user_ns, cred->euid),
196 from_kuid_munged(user_ns, cred->suid),
197 from_kuid_munged(user_ns, cred->fsuid),
198 from_kgid_munged(user_ns, cred->gid),
199 from_kgid_munged(user_ns, cred->egid),
200 from_kgid_munged(user_ns, cred->sgid),
201 from_kgid_munged(user_ns, cred->fsgid));
196 202
197 task_lock(p); 203 task_lock(p);
198 if (p->files) 204 if (p->files)
diff --git a/fs/proc/base.c b/fs/proc/base.c
index 2ee514c7e64a..c47904994b78 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -1562,8 +1562,8 @@ int pid_getattr(struct vfsmount *mnt, struct dentry *dentry, struct kstat *stat)
1562 generic_fillattr(inode, stat); 1562 generic_fillattr(inode, stat);
1563 1563
1564 rcu_read_lock(); 1564 rcu_read_lock();
1565 stat->uid = 0; 1565 stat->uid = GLOBAL_ROOT_UID;
1566 stat->gid = 0; 1566 stat->gid = GLOBAL_ROOT_GID;
1567 task = pid_task(proc_pid(inode), PIDTYPE_PID); 1567 task = pid_task(proc_pid(inode), PIDTYPE_PID);
1568 if (task) { 1568 if (task) {
1569 if (!has_pid_permissions(pid, task, 2)) { 1569 if (!has_pid_permissions(pid, task, 2)) {
@@ -1623,8 +1623,8 @@ int pid_revalidate(struct dentry *dentry, struct nameidata *nd)
1623 inode->i_gid = cred->egid; 1623 inode->i_gid = cred->egid;
1624 rcu_read_unlock(); 1624 rcu_read_unlock();
1625 } else { 1625 } else {
1626 inode->i_uid = 0; 1626 inode->i_uid = GLOBAL_ROOT_UID;
1627 inode->i_gid = 0; 1627 inode->i_gid = GLOBAL_ROOT_GID;
1628 } 1628 }
1629 inode->i_mode &= ~(S_ISUID | S_ISGID); 1629 inode->i_mode &= ~(S_ISUID | S_ISGID);
1630 security_task_to_inode(task, inode); 1630 security_task_to_inode(task, inode);
@@ -1811,8 +1811,8 @@ static int tid_fd_revalidate(struct dentry *dentry, struct nameidata *nd)
1811 inode->i_gid = cred->egid; 1811 inode->i_gid = cred->egid;
1812 rcu_read_unlock(); 1812 rcu_read_unlock();
1813 } else { 1813 } else {
1814 inode->i_uid = 0; 1814 inode->i_uid = GLOBAL_ROOT_UID;
1815 inode->i_gid = 0; 1815 inode->i_gid = GLOBAL_ROOT_GID;
1816 } 1816 }
1817 inode->i_mode &= ~(S_ISUID | S_ISGID); 1817 inode->i_mode &= ~(S_ISUID | S_ISGID);
1818 security_task_to_inode(task, inode); 1818 security_task_to_inode(task, inode);
@@ -2061,8 +2061,8 @@ static int map_files_d_revalidate(struct dentry *dentry, struct nameidata *nd)
2061 inode->i_gid = cred->egid; 2061 inode->i_gid = cred->egid;
2062 rcu_read_unlock(); 2062 rcu_read_unlock();
2063 } else { 2063 } else {
2064 inode->i_uid = 0; 2064 inode->i_uid = GLOBAL_ROOT_UID;
2065 inode->i_gid = 0; 2065 inode->i_gid = GLOBAL_ROOT_GID;
2066 } 2066 }
2067 security_task_to_inode(task, inode); 2067 security_task_to_inode(task, inode);
2068 status = 1; 2068 status = 1;
diff --git a/fs/proc/inode.c b/fs/proc/inode.c
index 205c92280838..554ecc54799f 100644
--- a/fs/proc/inode.c
+++ b/fs/proc/inode.c
@@ -108,8 +108,8 @@ static int proc_show_options(struct seq_file *seq, struct dentry *root)
108 struct super_block *sb = root->d_sb; 108 struct super_block *sb = root->d_sb;
109 struct pid_namespace *pid = sb->s_fs_info; 109 struct pid_namespace *pid = sb->s_fs_info;
110 110
111 if (pid->pid_gid) 111 if (!gid_eq(pid->pid_gid, GLOBAL_ROOT_GID))
112 seq_printf(seq, ",gid=%lu", (unsigned long)pid->pid_gid); 112 seq_printf(seq, ",gid=%u", from_kgid_munged(&init_user_ns, pid->pid_gid));
113 if (pid->hide_pid != 0) 113 if (pid->hide_pid != 0)
114 seq_printf(seq, ",hidepid=%u", pid->hide_pid); 114 seq_printf(seq, ",hidepid=%u", pid->hide_pid);
115 115
diff --git a/fs/proc/root.c b/fs/proc/root.c
index 46a15d8a29ca..df4e4561dbbf 100644
--- a/fs/proc/root.c
+++ b/fs/proc/root.c
@@ -67,7 +67,7 @@ static int proc_parse_options(char *options, struct pid_namespace *pid)
67 case Opt_gid: 67 case Opt_gid:
68 if (match_int(&args[0], &option)) 68 if (match_int(&args[0], &option))
69 return 0; 69 return 0;
70 pid->pid_gid = option; 70 pid->pid_gid = make_kgid(current_user_ns(), option);
71 break; 71 break;
72 case Opt_hidepid: 72 case Opt_hidepid:
73 if (match_int(&args[0], &option)) 73 if (match_int(&args[0], &option))
generated by cgit v1.2.2 (git 2.25.0) at 2025-01-07 02:43:03 -0500