diff options
| author | Ingo Molnar <mingo@elte.hu> | 2009-03-04 05:42:31 -0500 |
|---|---|---|
| committer | Ingo Molnar <mingo@elte.hu> | 2009-03-04 05:42:31 -0500 |
| commit | 8163d88c79dca35478a2405c837733ac50ea4c39 (patch) | |
| tree | 6acae066a09b7dcbedab4a35ad62eba4ba3fd83c /kernel/sys.c | |
| parent | a1ef58f442542d8b3e3b963339fbc522c36e827c (diff) | |
| parent | fec6c6fec3e20637bee5d276fb61dd8b49a3f9cc (diff) | |
Merge commit 'v2.6.29-rc7' into perfcounters/core
Conflicts:
arch/x86/mm/iomap_32.c
Diffstat (limited to 'kernel/sys.c')
| -rw-r--r-- | kernel/sys.c | 31 |
1 files changed, 20 insertions, 11 deletions
diff --git a/kernel/sys.c b/kernel/sys.c index c5e7dec4966e..7306f9421aac 100644 --- a/kernel/sys.c +++ b/kernel/sys.c | |||
| @@ -560,7 +560,7 @@ error: | |||
| 560 | abort_creds(new); | 560 | abort_creds(new); |
| 561 | return retval; | 561 | return retval; |
| 562 | } | 562 | } |
| 563 | 563 | ||
| 564 | /* | 564 | /* |
| 565 | * change the user struct in a credentials set to match the new UID | 565 | * change the user struct in a credentials set to match the new UID |
| 566 | */ | 566 | */ |
| @@ -572,6 +572,11 @@ static int set_user(struct cred *new) | |||
| 572 | if (!new_user) | 572 | if (!new_user) |
| 573 | return -EAGAIN; | 573 | return -EAGAIN; |
| 574 | 574 | ||
| 575 | if (!task_can_switch_user(new_user, current)) { | ||
| 576 | free_uid(new_user); | ||
| 577 | return -EINVAL; | ||
| 578 | } | ||
| 579 | |||
| 575 | if (atomic_read(&new_user->processes) >= | 580 | if (atomic_read(&new_user->processes) >= |
| 576 | current->signal->rlim[RLIMIT_NPROC].rlim_cur && | 581 | current->signal->rlim[RLIMIT_NPROC].rlim_cur && |
| 577 | new_user != INIT_USER) { | 582 | new_user != INIT_USER) { |
| @@ -632,10 +637,11 @@ SYSCALL_DEFINE2(setreuid, uid_t, ruid, uid_t, euid) | |||
| 632 | goto error; | 637 | goto error; |
| 633 | } | 638 | } |
| 634 | 639 | ||
| 635 | retval = -EAGAIN; | 640 | if (new->uid != old->uid) { |
| 636 | if (new->uid != old->uid && set_user(new) < 0) | 641 | retval = set_user(new); |
| 637 | goto error; | 642 | if (retval < 0) |
| 638 | 643 | goto error; | |
| 644 | } | ||
| 639 | if (ruid != (uid_t) -1 || | 645 | if (ruid != (uid_t) -1 || |
| 640 | (euid != (uid_t) -1 && euid != old->uid)) | 646 | (euid != (uid_t) -1 && euid != old->uid)) |
| 641 | new->suid = new->euid; | 647 | new->suid = new->euid; |
| @@ -681,9 +687,10 @@ SYSCALL_DEFINE1(setuid, uid_t, uid) | |||
| 681 | retval = -EPERM; | 687 | retval = -EPERM; |
| 682 | if (capable(CAP_SETUID)) { | 688 | if (capable(CAP_SETUID)) { |
| 683 | new->suid = new->uid = uid; | 689 | new->suid = new->uid = uid; |
| 684 | if (uid != old->uid && set_user(new) < 0) { | 690 | if (uid != old->uid) { |
| 685 | retval = -EAGAIN; | 691 | retval = set_user(new); |
| 686 | goto error; | 692 | if (retval < 0) |
| 693 | goto error; | ||
| 687 | } | 694 | } |
| 688 | } else if (uid != old->uid && uid != new->suid) { | 695 | } else if (uid != old->uid && uid != new->suid) { |
| 689 | goto error; | 696 | goto error; |
| @@ -735,11 +742,13 @@ SYSCALL_DEFINE3(setresuid, uid_t, ruid, uid_t, euid, uid_t, suid) | |||
| 735 | goto error; | 742 | goto error; |
| 736 | } | 743 | } |
| 737 | 744 | ||
| 738 | retval = -EAGAIN; | ||
| 739 | if (ruid != (uid_t) -1) { | 745 | if (ruid != (uid_t) -1) { |
| 740 | new->uid = ruid; | 746 | new->uid = ruid; |
| 741 | if (ruid != old->uid && set_user(new) < 0) | 747 | if (ruid != old->uid) { |
| 742 | goto error; | 748 | retval = set_user(new); |
| 749 | if (retval < 0) | ||
| 750 | goto error; | ||
| 751 | } | ||
| 743 | } | 752 | } |
| 744 | if (euid != (uid_t) -1) | 753 | if (euid != (uid_t) -1) |
| 745 | new->euid = euid; | 754 | new->euid = euid; |