diff options
author | David Howells <dhowells@redhat.com> | 2008-11-13 18:39:12 -0500 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2008-11-13 18:39:12 -0500 |
commit | 76aac0e9a17742e60d408be1a706e9aaad370891 (patch) | |
tree | e873a000d9c96209726e0958e311f005c13b2ed5 /kernel/sys.c | |
parent | b103c59883f1ec6e4d548b25054608cb5724453c (diff) |
CRED: Wrap task credential accesses in the core kernel
Wrap access to task credentials so that they can be separated more easily from
the task_struct during the introduction of COW creds.
Change most current->(|e|s|fs)[ug]id to current_(|e|s|fs)[ug]id().
Change some task->e?[ug]id to task_e?[ug]id(). In some places it makes more
sense to use RCU directly rather than a convenient wrapper; these will be
addressed by later patches.
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: James Morris <jmorris@namei.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: linux-audit@redhat.com
Cc: containers@lists.linux-foundation.org
Cc: linux-mm@kvack.org
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'kernel/sys.c')
-rw-r--r-- | kernel/sys.c | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/kernel/sys.c b/kernel/sys.c index 31deba8f7d16..ed5c29c748ac 100644 --- a/kernel/sys.c +++ b/kernel/sys.c | |||
@@ -114,10 +114,10 @@ void (*pm_power_off_prepare)(void); | |||
114 | 114 | ||
115 | static int set_one_prio(struct task_struct *p, int niceval, int error) | 115 | static int set_one_prio(struct task_struct *p, int niceval, int error) |
116 | { | 116 | { |
117 | uid_t euid = current_euid(); | ||
117 | int no_nice; | 118 | int no_nice; |
118 | 119 | ||
119 | if (p->uid != current->euid && | 120 | if (p->uid != euid && p->euid != euid && !capable(CAP_SYS_NICE)) { |
120 | p->euid != current->euid && !capable(CAP_SYS_NICE)) { | ||
121 | error = -EPERM; | 121 | error = -EPERM; |
122 | goto out; | 122 | goto out; |
123 | } | 123 | } |
@@ -176,16 +176,16 @@ asmlinkage long sys_setpriority(int which, int who, int niceval) | |||
176 | case PRIO_USER: | 176 | case PRIO_USER: |
177 | user = current->user; | 177 | user = current->user; |
178 | if (!who) | 178 | if (!who) |
179 | who = current->uid; | 179 | who = current_uid(); |
180 | else | 180 | else |
181 | if ((who != current->uid) && !(user = find_user(who))) | 181 | if (who != current_uid() && !(user = find_user(who))) |
182 | goto out_unlock; /* No processes for this user */ | 182 | goto out_unlock; /* No processes for this user */ |
183 | 183 | ||
184 | do_each_thread(g, p) | 184 | do_each_thread(g, p) |
185 | if (p->uid == who) | 185 | if (p->uid == who) |
186 | error = set_one_prio(p, niceval, error); | 186 | error = set_one_prio(p, niceval, error); |
187 | while_each_thread(g, p); | 187 | while_each_thread(g, p); |
188 | if (who != current->uid) | 188 | if (who != current_uid()) |
189 | free_uid(user); /* For find_user() */ | 189 | free_uid(user); /* For find_user() */ |
190 | break; | 190 | break; |
191 | } | 191 | } |
@@ -238,9 +238,9 @@ asmlinkage long sys_getpriority(int which, int who) | |||
238 | case PRIO_USER: | 238 | case PRIO_USER: |
239 | user = current->user; | 239 | user = current->user; |
240 | if (!who) | 240 | if (!who) |
241 | who = current->uid; | 241 | who = current_uid(); |
242 | else | 242 | else |
243 | if ((who != current->uid) && !(user = find_user(who))) | 243 | if (who != current_uid() && !(user = find_user(who))) |
244 | goto out_unlock; /* No processes for this user */ | 244 | goto out_unlock; /* No processes for this user */ |
245 | 245 | ||
246 | do_each_thread(g, p) | 246 | do_each_thread(g, p) |
@@ -250,7 +250,7 @@ asmlinkage long sys_getpriority(int which, int who) | |||
250 | retval = niceval; | 250 | retval = niceval; |
251 | } | 251 | } |
252 | while_each_thread(g, p); | 252 | while_each_thread(g, p); |
253 | if (who != current->uid) | 253 | if (who != current_uid()) |
254 | free_uid(user); /* for find_user() */ | 254 | free_uid(user); /* for find_user() */ |
255 | break; | 255 | break; |
256 | } | 256 | } |