aboutsummaryrefslogtreecommitdiffstats
path: root/net/ipv4
diff options
context:
space:
mode:
authorEric W. Biederman <ebiederm@xmission.com>2011-11-14 18:56:38 -0500
committerEric W. Biederman <ebiederm@xmission.com>2012-05-03 06:27:21 -0400
commitae2975bc3476243b45a1e2344236d7920c268f38 (patch)
treee4b2a8472f6047734b6e7e2bdc994375b2790323 /net/ipv4
parent22d917d80e842829d0ca0a561967d728eb1d6303 (diff)
userns: Convert group_info values from gid_t to kgid_t.
As a first step to converting struct cred to be all kuid_t and kgid_t values convert the group values stored in group_info to always be kgid_t values. Unless user namespaces are used this change should have no effect. Acked-by: Serge Hallyn <serge.hallyn@canonical.com> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Diffstat (limited to 'net/ipv4')
-rw-r--r--net/ipv4/ping.c11
1 files changed, 8 insertions, 3 deletions
diff --git a/net/ipv4/ping.c b/net/ipv4/ping.c
index 50009c787bcd..9d3044ff45b9 100644
--- a/net/ipv4/ping.c
+++ b/net/ipv4/ping.c
@@ -205,17 +205,22 @@ static int ping_init_sock(struct sock *sk)
205 gid_t range[2]; 205 gid_t range[2];
206 struct group_info *group_info = get_current_groups(); 206 struct group_info *group_info = get_current_groups();
207 int i, j, count = group_info->ngroups; 207 int i, j, count = group_info->ngroups;
208 kgid_t low, high;
208 209
209 inet_get_ping_group_range_net(net, range, range+1); 210 inet_get_ping_group_range_net(net, range, range+1);
211 low = make_kgid(&init_user_ns, range[0]);
212 high = make_kgid(&init_user_ns, range[1]);
213 if (!gid_valid(low) || !gid_valid(high) || gid_lt(high, low))
214 return -EACCES;
215
210 if (range[0] <= group && group <= range[1]) 216 if (range[0] <= group && group <= range[1])
211 return 0; 217 return 0;
212 218
213 for (i = 0; i < group_info->nblocks; i++) { 219 for (i = 0; i < group_info->nblocks; i++) {
214 int cp_count = min_t(int, NGROUPS_PER_BLOCK, count); 220 int cp_count = min_t(int, NGROUPS_PER_BLOCK, count);
215
216 for (j = 0; j < cp_count; j++) { 221 for (j = 0; j < cp_count; j++) {
217 group = group_info->blocks[i][j]; 222 kgid_t gid = group_info->blocks[i][j];
218 if (range[0] <= group && group <= range[1]) 223 if (gid_lte(low, gid) && gid_lte(gid, high))
219 return 0; 224 return 0;
220 } 225 }
221 226