userns: Convert group_info values from gid_t to kgid_t.

As a first step to converting struct cred to be all kuid_t and kgid_t values convert the group values stored in group_info to always be kgid_t values. Unless user namespaces are used this change should have no effect. Acked-by: Serge Hallyn <serge.hallyn@canonical.com> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
author: Eric W. Biederman <ebiederm@xmission.com> 2011-11-14 18:56:38 -0500
committer: Eric W. Biederman <ebiederm@xmission.com> 2012-05-03 06:27:21 -0400
commit: ae2975bc3476243b45a1e2344236d7920c268f38 (patch)
tree: e4b2a8472f6047734b6e7e2bdc994375b2790323 /kernel/uid16.c
parent: 22d917d80e842829d0ca0a561967d728eb1d6303 (diff)
1 files changed, 12 insertions, 2 deletions
diff --git a/kernel/uid16.c b/kernel/uid16.c
index 51c6e89e8619..e530bc34c4cf 100644
--- a/kernel/uid16.c
+++ b/kernel/uid16.c
@@ -134,11 +134,14 @@ SYSCALL_DEFINE1(setfsgid16, old_gid_t, gid)
 static int groups16_to_user(old_gid_t __user *grouplist,
    struct group_info *group_info)
 {
+        struct user_namespace *user_ns = current_user_ns();
        int i;
        old_gid_t group;
+        kgid_t kgid;
        for (i = 0; i < group_info->ngroups; i++) {
-                group = high2lowgid(GROUP_AT(group_info, i));
+                kgid = GROUP_AT(group_info, i);
+                group = high2lowgid(from_kgid_munged(user_ns, kgid));
                if (put_user(group, grouplist+i))
                        return -EFAULT;
        }
@@ -149,13 +152,20 @@ static int groups16_to_user(old_gid_t __user *grouplist,
 static int groups16_from_user(struct group_info *group_info,
    old_gid_t __user *grouplist)
 {
+        struct user_namespace *user_ns = current_user_ns();
        int i;
        old_gid_t group;
+        kgid_t kgid;
        for (i = 0; i < group_info->ngroups; i++) {
                if (get_user(group, grouplist+i))
                        return  -EFAULT;
-                GROUP_AT(group_info, i) = low2highgid(group);
+                kgid = make_kgid(user_ns, low2highgid(group));
+                if (!gid_valid(kgid))
+                        return -EINVAL;
+                GROUP_AT(group_info, i) = kgid;
        }
        return 0;
author	Eric W. Biederman <ebiederm@xmission.com>	2011-11-14 18:56:38 -0500
committer	Eric W. Biederman <ebiederm@xmission.com>	2012-05-03 06:27:21 -0400
commit	ae2975bc3476243b45a1e2344236d7920c268f38 (patch)
tree	e4b2a8472f6047734b6e7e2bdc994375b2790323 /kernel/uid16.c
parent	22d917d80e842829d0ca0a561967d728eb1d6303 (diff)

diff --git a/kernel/uid16.c b/kernel/uid16.c index 51c6e89e8619..e530bc34c4cf 100644 --- a/kernel/uid16.c +++ b/kernel/uid16.c
@@ -134,11 +134,14 @@ SYSCALL_DEFINE1(setfsgid16, old_gid_t, gid)
134	static int groups16_to_user(old_gid_t __user *grouplist,	134	static int groups16_to_user(old_gid_t __user *grouplist,
135	struct group_info *group_info)	135	struct group_info *group_info)
136	{	136	{
		137	struct user_namespace *user_ns = current_user_ns();
137	int i;	138	int i;
138	old_gid_t group;	139	old_gid_t group;
		140	kgid_t kgid;
139		141
140	for (i = 0; i < group_info->ngroups; i++) {	142	for (i = 0; i < group_info->ngroups; i++) {
141	group = high2lowgid(GROUP_AT(group_info, i));	143	kgid = GROUP_AT(group_info, i);
		144	group = high2lowgid(from_kgid_munged(user_ns, kgid));
142	if (put_user(group, grouplist+i))	145	if (put_user(group, grouplist+i))
143	return -EFAULT;	146	return -EFAULT;
144	}	147	}
@@ -149,13 +152,20 @@ static int groups16_to_user(old_gid_t __user *grouplist,
149	static int groups16_from_user(struct group_info *group_info,	152	static int groups16_from_user(struct group_info *group_info,
150	old_gid_t __user *grouplist)	153	old_gid_t __user *grouplist)
151	{	154	{
		155	struct user_namespace *user_ns = current_user_ns();
152	int i;	156	int i;
153	old_gid_t group;	157	old_gid_t group;
		158	kgid_t kgid;
154		159
155	for (i = 0; i < group_info->ngroups; i++) {	160	for (i = 0; i < group_info->ngroups; i++) {
156	if (get_user(group, grouplist+i))	161	if (get_user(group, grouplist+i))
157	return -EFAULT;	162	return -EFAULT;
158	GROUP_AT(group_info, i) = low2highgid(group);	163
		164	kgid = make_kgid(user_ns, low2highgid(group));
		165	if (!gid_valid(kgid))
		166	return -EINVAL;
		167
		168	GROUP_AT(group_info, i) = kgid;
159	}	169	}
160		170
161	return 0;	171	return 0;