diff options
| author | Serge E. Hallyn <serge@hallyn.com> | 2011-03-23 19:43:24 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2011-03-23 22:47:08 -0400 |
| commit | b0e77598f87107001a00b8a4ece9c95e4254ccc4 (patch) | |
| tree | 2738276570e4faa7c92a64521c192f04dca93801 /ipc/msg.c | |
| parent | b515498f5bb5f38fc0e390b4ff7d00b6077de127 (diff) | |
userns: user namespaces: convert several capable() calls
CAP_IPC_OWNER and CAP_IPC_LOCK can be checked against current_user_ns(),
because the resource comes from current's own ipc namespace.
setuid/setgid are to uids in own namespace, so again checks can be against
current_user_ns().
Changelog:
Jan 11: Use task_ns_capable() in place of sched_capable().
Jan 11: Use nsown_capable() as suggested by Bastian Blank.
Jan 11: Clarify (hopefully) some logic in futex and sched.c
Feb 15: use ns_capable for ipc, not nsown_capable
Feb 23: let copy_ipcs handle setting ipc_ns->user_ns
Feb 23: pass ns down rather than taking it from current
[akpm@linux-foundation.org: coding-style fixes]
Signed-off-by: Serge E. Hallyn <serge.hallyn@canonical.com>
Acked-by: "Eric W. Biederman" <ebiederm@xmission.com>
Acked-by: Daniel Lezcano <daniel.lezcano@free.fr>
Acked-by: David Howells <dhowells@redhat.com>
Cc: James Morris <jmorris@namei.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'ipc/msg.c')
| -rw-r--r-- | ipc/msg.c | 8 |
1 files changed, 4 insertions, 4 deletions
| @@ -421,7 +421,7 @@ static int msgctl_down(struct ipc_namespace *ns, int msqid, int cmd, | |||
| 421 | return -EFAULT; | 421 | return -EFAULT; |
| 422 | } | 422 | } |
| 423 | 423 | ||
| 424 | ipcp = ipcctl_pre_down(&msg_ids(ns), msqid, cmd, | 424 | ipcp = ipcctl_pre_down(ns, &msg_ids(ns), msqid, cmd, |
| 425 | &msqid64.msg_perm, msqid64.msg_qbytes); | 425 | &msqid64.msg_perm, msqid64.msg_qbytes); |
| 426 | if (IS_ERR(ipcp)) | 426 | if (IS_ERR(ipcp)) |
| 427 | return PTR_ERR(ipcp); | 427 | return PTR_ERR(ipcp); |
| @@ -539,7 +539,7 @@ SYSCALL_DEFINE3(msgctl, int, msqid, int, cmd, struct msqid_ds __user *, buf) | |||
| 539 | success_return = 0; | 539 | success_return = 0; |
| 540 | } | 540 | } |
| 541 | err = -EACCES; | 541 | err = -EACCES; |
| 542 | if (ipcperms(&msq->q_perm, S_IRUGO)) | 542 | if (ipcperms(ns, &msq->q_perm, S_IRUGO)) |
| 543 | goto out_unlock; | 543 | goto out_unlock; |
| 544 | 544 | ||
| 545 | err = security_msg_queue_msgctl(msq, cmd); | 545 | err = security_msg_queue_msgctl(msq, cmd); |
| @@ -664,7 +664,7 @@ long do_msgsnd(int msqid, long mtype, void __user *mtext, | |||
| 664 | struct msg_sender s; | 664 | struct msg_sender s; |
| 665 | 665 | ||
| 666 | err = -EACCES; | 666 | err = -EACCES; |
| 667 | if (ipcperms(&msq->q_perm, S_IWUGO)) | 667 | if (ipcperms(ns, &msq->q_perm, S_IWUGO)) |
| 668 | goto out_unlock_free; | 668 | goto out_unlock_free; |
| 669 | 669 | ||
| 670 | err = security_msg_queue_msgsnd(msq, msg, msgflg); | 670 | err = security_msg_queue_msgsnd(msq, msg, msgflg); |
| @@ -774,7 +774,7 @@ long do_msgrcv(int msqid, long *pmtype, void __user *mtext, | |||
| 774 | struct list_head *tmp; | 774 | struct list_head *tmp; |
| 775 | 775 | ||
| 776 | msg = ERR_PTR(-EACCES); | 776 | msg = ERR_PTR(-EACCES); |
| 777 | if (ipcperms(&msq->q_perm, S_IRUGO)) | 777 | if (ipcperms(ns, &msq->q_perm, S_IRUGO)) |
| 778 | goto out_unlock; | 778 | goto out_unlock; |
| 779 | 779 | ||
| 780 | msg = ERR_PTR(-EAGAIN); | 780 | msg = ERR_PTR(-EAGAIN); |