diff options
| author | David Howells <dhowells@redhat.com> | 2008-11-13 18:39:16 -0500 |
|---|---|---|
| committer | James Morris <jmorris@namei.org> | 2008-11-13 18:39:16 -0500 |
| commit | b6dff3ec5e116e3af6f537d4caedcad6b9e5082a (patch) | |
| tree | 9e76f972eb7ce9b84e0146c8e4126a3f86acb428 /net | |
| parent | 15a2460ed0af7538ca8e6c610fe607a2cd9da142 (diff) | |
CRED: Separate task security context from task_struct
Separate the task security context from task_struct. At this point, the
security data is temporarily embedded in the task_struct with two pointers
pointing to it.
Note that the Alpha arch is altered as it refers to (E)UID and (E)GID in
entry.S via asm-offsets.
With comment fixes Signed-off-by: Marc Dionne <marc.c.dionne@gmail.com>
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: James Morris <jmorris@namei.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'net')
| -rw-r--r-- | net/core/scm.c | 10 | ||||
| -rw-r--r-- | net/sunrpc/auth.c | 2 |
2 files changed, 7 insertions, 5 deletions
diff --git a/net/core/scm.c b/net/core/scm.c index 4681d8f9b45b..c28ca32a7d93 100644 --- a/net/core/scm.c +++ b/net/core/scm.c | |||
| @@ -44,11 +44,13 @@ | |||
| 44 | 44 | ||
| 45 | static __inline__ int scm_check_creds(struct ucred *creds) | 45 | static __inline__ int scm_check_creds(struct ucred *creds) |
| 46 | { | 46 | { |
| 47 | struct cred *cred = current->cred; | ||
| 48 | |||
| 47 | if ((creds->pid == task_tgid_vnr(current) || capable(CAP_SYS_ADMIN)) && | 49 | if ((creds->pid == task_tgid_vnr(current) || capable(CAP_SYS_ADMIN)) && |
| 48 | ((creds->uid == current_uid() || creds->uid == current_euid() || | 50 | ((creds->uid == cred->uid || creds->uid == cred->euid || |
| 49 | creds->uid == current_suid()) || capable(CAP_SETUID)) && | 51 | creds->uid == cred->suid) || capable(CAP_SETUID)) && |
| 50 | ((creds->gid == current_gid() || creds->gid == current_egid() || | 52 | ((creds->gid == cred->gid || creds->gid == cred->egid || |
| 51 | creds->gid == current_sgid()) || capable(CAP_SETGID))) { | 53 | creds->gid == cred->sgid) || capable(CAP_SETGID))) { |
| 52 | return 0; | 54 | return 0; |
| 53 | } | 55 | } |
| 54 | return -EPERM; | 56 | return -EPERM; |
diff --git a/net/sunrpc/auth.c b/net/sunrpc/auth.c index 8fc380578807..c79543212602 100644 --- a/net/sunrpc/auth.c +++ b/net/sunrpc/auth.c | |||
| @@ -353,7 +353,7 @@ rpcauth_lookupcred(struct rpc_auth *auth, int flags) | |||
| 353 | struct auth_cred acred = { | 353 | struct auth_cred acred = { |
| 354 | .uid = current_fsuid(), | 354 | .uid = current_fsuid(), |
| 355 | .gid = current_fsgid(), | 355 | .gid = current_fsgid(), |
| 356 | .group_info = current->group_info, | 356 | .group_info = current->cred->group_info, |
| 357 | }; | 357 | }; |
| 358 | struct rpc_cred *ret; | 358 | struct rpc_cred *ret; |
| 359 | 359 | ||