diff options
| author | David Howells <dhowells@redhat.com> | 2008-11-13 18:39:12 -0500 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2008-11-13 18:39:12 -0500 |
| commit | 76aac0e9a17742e60d408be1a706e9aaad370891 (patch) | |
| tree | e873a000d9c96209726e0958e311f005c13b2ed5 /kernel/cgroup.c | |
| parent | b103c59883f1ec6e4d548b25054608cb5724453c (diff) | |
CRED: Wrap task credential accesses in the core kernel
Wrap access to task credentials so that they can be separated more easily from
the task_struct during the introduction of COW creds.
Change most current->(|e|s|fs)[ug]id to current_(|e|s|fs)[ug]id().
Change some task->e?[ug]id to task_e?[ug]id(). In some places it makes more
sense to use RCU directly rather than a convenient wrapper; these will be
addressed by later patches.
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: James Morris <jmorris@namei.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: linux-audit@redhat.com
Cc: containers@lists.linux-foundation.org
Cc: linux-mm@kvack.org
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'kernel/cgroup.c')
| -rw-r--r-- | kernel/cgroup.c | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/kernel/cgroup.c b/kernel/cgroup.c index 35eebd5510c2..78f9b310c4f3 100644 --- a/kernel/cgroup.c +++ b/kernel/cgroup.c | |||
| @@ -571,8 +571,8 @@ static struct inode *cgroup_new_inode(mode_t mode, struct super_block *sb) | |||
| 571 | 571 | ||
| 572 | if (inode) { | 572 | if (inode) { |
| 573 | inode->i_mode = mode; | 573 | inode->i_mode = mode; |
| 574 | inode->i_uid = current->fsuid; | 574 | inode->i_uid = current_fsuid(); |
| 575 | inode->i_gid = current->fsgid; | 575 | inode->i_gid = current_fsgid(); |
| 576 | inode->i_blocks = 0; | 576 | inode->i_blocks = 0; |
| 577 | inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME; | 577 | inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME; |
| 578 | inode->i_mapping->backing_dev_info = &cgroup_backing_dev_info; | 578 | inode->i_mapping->backing_dev_info = &cgroup_backing_dev_info; |
| @@ -1279,6 +1279,7 @@ int cgroup_attach_task(struct cgroup *cgrp, struct task_struct *tsk) | |||
| 1279 | static int attach_task_by_pid(struct cgroup *cgrp, u64 pid) | 1279 | static int attach_task_by_pid(struct cgroup *cgrp, u64 pid) |
| 1280 | { | 1280 | { |
| 1281 | struct task_struct *tsk; | 1281 | struct task_struct *tsk; |
| 1282 | uid_t euid; | ||
| 1282 | int ret; | 1283 | int ret; |
| 1283 | 1284 | ||
| 1284 | if (pid) { | 1285 | if (pid) { |
| @@ -1291,8 +1292,8 @@ static int attach_task_by_pid(struct cgroup *cgrp, u64 pid) | |||
| 1291 | get_task_struct(tsk); | 1292 | get_task_struct(tsk); |
| 1292 | rcu_read_unlock(); | 1293 | rcu_read_unlock(); |
| 1293 | 1294 | ||
| 1294 | if ((current->euid) && (current->euid != tsk->uid) | 1295 | euid = current_euid(); |
| 1295 | && (current->euid != tsk->suid)) { | 1296 | if (euid && euid != tsk->uid && euid != tsk->suid) { |
| 1296 | put_task_struct(tsk); | 1297 | put_task_struct(tsk); |
| 1297 | return -EACCES; | 1298 | return -EACCES; |
| 1298 | } | 1299 | } |