rlimits: security, add task_struct to setrlimit

Add task_struct to task_setrlimit of security_operations to be able to set rlimit of task other than current. Signed-off-by: Jiri Slaby <jirislaby@gmail.com> Acked-by: Eric Paris <eparis@redhat.com> Acked-by: James Morris <jmorris@namei.org>
author: Jiri Slaby <jirislaby@gmail.com> 2009-08-26 12:41:16 -0400
committer: Jiri Slaby <jirislaby@gmail.com> 2010-07-16 03:48:45 -0400
commit: 8fd00b4d7014b00448eb33cf0590815304769798 (patch)
tree: f97cc5b4401dd038e539dae7ad66066383012866 /security
parent: 2f7989efd4398d92b8adffce2e07dd043a0895fe (diff)
3 files changed, 9 insertions, 6 deletions
diff --git a/security/capability.c b/security/capability.c
index 8168e3ecd5bf..7e468263f2de 100644
--- a/security/capability.c
+++ b/security/capability.c
@@ -412,7 +412,8 @@ static int cap_task_getioprio(struct task_struct *p)
        return 0;
 }
-static int cap_task_setrlimit(unsigned int resource, struct rlimit *new_rlim)
+static int cap_task_setrlimit(struct task_struct *p, unsigned int resource,
+                struct rlimit *new_rlim)
 {
        return 0;
 }
diff --git a/security/security.c b/security/security.c
index 351942a4ca0e..aa510609a955 100644
--- a/security/security.c
+++ b/security/security.c
@@ -769,9 +769,10 @@ int security_task_getioprio(struct task_struct *p)
        return security_ops->task_getioprio(p);
 }
-int security_task_setrlimit(unsigned int resource, struct rlimit *new_rlim)
+int security_task_setrlimit(struct task_struct *p, unsigned int resource,
+                struct rlimit *new_rlim)
 {
-        return security_ops->task_setrlimit(resource, new_rlim);
+        return security_ops->task_setrlimit(p, resource, new_rlim);
 }
 int security_task_setscheduler(struct task_struct *p,
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 5c9f25ba1c95..e3ce6b4127cc 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -3371,16 +3371,17 @@ static int selinux_task_getioprio(struct task_struct *p)
        return current_has_perm(p, PROCESS__GETSCHED);
 }
-static int selinux_task_setrlimit(unsigned int resource, struct rlimit *new_rlim)
+static int selinux_task_setrlimit(struct task_struct *p, unsigned int resource,
+                struct rlimit *new_rlim)
 {
-        struct rlimit *old_rlim = current->signal->rlim + resource;
+        struct rlimit *old_rlim = p->signal->rlim + resource;
        /* Control the ability to change the hard limit (whether
           lowering or raising it), so that the hard limit can
           later be used as a safe reset point for the soft limit
           upon context transitions.  See selinux_bprm_committing_creds. */
        if (old_rlim->rlim_max != new_rlim->rlim_max)
-                return current_has_perm(current, PROCESS__SETRLIMIT);
+                return current_has_perm(p, PROCESS__SETRLIMIT);
        return 0;
 }
author	Jiri Slaby <jirislaby@gmail.com>	2009-08-26 12:41:16 -0400
committer	Jiri Slaby <jirislaby@gmail.com>	2010-07-16 03:48:45 -0400
commit	8fd00b4d7014b00448eb33cf0590815304769798 (patch)
tree	f97cc5b4401dd038e539dae7ad66066383012866 /security
parent	2f7989efd4398d92b8adffce2e07dd043a0895fe (diff)