diff options
| author | Serge E. Hallyn <serge@hallyn.com> | 2011-03-23 19:43:24 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2011-03-23 22:47:08 -0400 |
| commit | b0e77598f87107001a00b8a4ece9c95e4254ccc4 (patch) | |
| tree | 2738276570e4faa7c92a64521c192f04dca93801 /ipc/sem.c | |
| parent | b515498f5bb5f38fc0e390b4ff7d00b6077de127 (diff) | |
userns: user namespaces: convert several capable() calls
CAP_IPC_OWNER and CAP_IPC_LOCK can be checked against current_user_ns(),
because the resource comes from current's own ipc namespace.
setuid/setgid are to uids in own namespace, so again checks can be against
current_user_ns().
Changelog:
Jan 11: Use task_ns_capable() in place of sched_capable().
Jan 11: Use nsown_capable() as suggested by Bastian Blank.
Jan 11: Clarify (hopefully) some logic in futex and sched.c
Feb 15: use ns_capable for ipc, not nsown_capable
Feb 23: let copy_ipcs handle setting ipc_ns->user_ns
Feb 23: pass ns down rather than taking it from current
[akpm@linux-foundation.org: coding-style fixes]
Signed-off-by: Serge E. Hallyn <serge.hallyn@canonical.com>
Acked-by: "Eric W. Biederman" <ebiederm@xmission.com>
Acked-by: Daniel Lezcano <daniel.lezcano@free.fr>
Acked-by: David Howells <dhowells@redhat.com>
Cc: James Morris <jmorris@namei.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'ipc/sem.c')
| -rw-r--r-- | ipc/sem.c | 10 |
1 files changed, 6 insertions, 4 deletions
| @@ -817,7 +817,7 @@ static int semctl_nolock(struct ipc_namespace *ns, int semid, | |||
| 817 | } | 817 | } |
| 818 | 818 | ||
| 819 | err = -EACCES; | 819 | err = -EACCES; |
| 820 | if (ipcperms (&sma->sem_perm, S_IRUGO)) | 820 | if (ipcperms(ns, &sma->sem_perm, S_IRUGO)) |
| 821 | goto out_unlock; | 821 | goto out_unlock; |
| 822 | 822 | ||
| 823 | err = security_sem_semctl(sma, cmd); | 823 | err = security_sem_semctl(sma, cmd); |
| @@ -862,7 +862,8 @@ static int semctl_main(struct ipc_namespace *ns, int semid, int semnum, | |||
| 862 | nsems = sma->sem_nsems; | 862 | nsems = sma->sem_nsems; |
| 863 | 863 | ||
| 864 | err = -EACCES; | 864 | err = -EACCES; |
| 865 | if (ipcperms (&sma->sem_perm, (cmd==SETVAL||cmd==SETALL)?S_IWUGO:S_IRUGO)) | 865 | if (ipcperms(ns, &sma->sem_perm, |
| 866 | (cmd == SETVAL || cmd == SETALL) ? S_IWUGO : S_IRUGO)) | ||
| 866 | goto out_unlock; | 867 | goto out_unlock; |
| 867 | 868 | ||
| 868 | err = security_sem_semctl(sma, cmd); | 869 | err = security_sem_semctl(sma, cmd); |
| @@ -1047,7 +1048,8 @@ static int semctl_down(struct ipc_namespace *ns, int semid, | |||
| 1047 | return -EFAULT; | 1048 | return -EFAULT; |
| 1048 | } | 1049 | } |
| 1049 | 1050 | ||
| 1050 | ipcp = ipcctl_pre_down(&sem_ids(ns), semid, cmd, &semid64.sem_perm, 0); | 1051 | ipcp = ipcctl_pre_down(ns, &sem_ids(ns), semid, cmd, |
| 1052 | &semid64.sem_perm, 0); | ||
| 1051 | if (IS_ERR(ipcp)) | 1053 | if (IS_ERR(ipcp)) |
| 1052 | return PTR_ERR(ipcp); | 1054 | return PTR_ERR(ipcp); |
| 1053 | 1055 | ||
| @@ -1386,7 +1388,7 @@ SYSCALL_DEFINE4(semtimedop, int, semid, struct sembuf __user *, tsops, | |||
| 1386 | goto out_unlock_free; | 1388 | goto out_unlock_free; |
| 1387 | 1389 | ||
| 1388 | error = -EACCES; | 1390 | error = -EACCES; |
| 1389 | if (ipcperms(&sma->sem_perm, alter ? S_IWUGO : S_IRUGO)) | 1391 | if (ipcperms(ns, &sma->sem_perm, alter ? S_IWUGO : S_IRUGO)) |
| 1390 | goto out_unlock_free; | 1392 | goto out_unlock_free; |
| 1391 | 1393 | ||
| 1392 | error = security_sem_semop(sma, sops, nsops, alter); | 1394 | error = security_sem_semop(sma, sops, nsops, alter); |