diff options
| author | Eric W. Biederman <ebiederm@xmission.com> | 2012-03-03 23:21:47 -0500 |
|---|---|---|
| committer | Eric W. Biederman <ebiederm@xmission.com> | 2012-05-03 06:28:51 -0400 |
| commit | 5af662030e5db1a5560fd917250d5d688a6be586 (patch) | |
| tree | c648c0bf8afe4571cf13b098bd6e24fbce86789c /kernel/ptrace.c | |
| parent | a29c33f4e506e1dae7e0985b6328046535becbf8 (diff) | |
userns: Convert ptrace, kill, set_priority permission checks to work with kuids and kgids
Update the permission checks to use the new uid_eq and gid_eq helpers
and remove the now unnecessary user_ns equality comparison.
Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Diffstat (limited to 'kernel/ptrace.c')
| -rw-r--r-- | kernel/ptrace.c | 13 |
1 files changed, 6 insertions, 7 deletions
diff --git a/kernel/ptrace.c b/kernel/ptrace.c index 24e0a5a94824..a232bb59d93f 100644 --- a/kernel/ptrace.c +++ b/kernel/ptrace.c | |||
| @@ -198,13 +198,12 @@ int __ptrace_may_access(struct task_struct *task, unsigned int mode) | |||
| 198 | return 0; | 198 | return 0; |
| 199 | rcu_read_lock(); | 199 | rcu_read_lock(); |
| 200 | tcred = __task_cred(task); | 200 | tcred = __task_cred(task); |
| 201 | if (cred->user_ns == tcred->user_ns && | 201 | if (uid_eq(cred->uid, tcred->euid) && |
| 202 | (cred->uid == tcred->euid && | 202 | uid_eq(cred->uid, tcred->suid) && |
| 203 | cred->uid == tcred->suid && | 203 | uid_eq(cred->uid, tcred->uid) && |
| 204 | cred->uid == tcred->uid && | 204 | gid_eq(cred->gid, tcred->egid) && |
| 205 | cred->gid == tcred->egid && | 205 | gid_eq(cred->gid, tcred->sgid) && |
| 206 | cred->gid == tcred->sgid && | 206 | gid_eq(cred->gid, tcred->gid)) |
| 207 | cred->gid == tcred->gid)) | ||
| 208 | goto ok; | 207 | goto ok; |
| 209 | if (ptrace_has_cap(tcred->user_ns, mode)) | 208 | if (ptrace_has_cap(tcred->user_ns, mode)) |
| 210 | goto ok; | 209 | goto ok; |