diff options
| -rw-r--r-- | fs/open.c | 2 | ||||
| -rw-r--r-- | include/linux/security.h | 6 | ||||
| -rw-r--r-- | security/apparmor/lsm.c | 2 | ||||
| -rw-r--r-- | security/capability.c | 2 | ||||
| -rw-r--r-- | security/security.c | 2 | ||||
| -rw-r--r-- | security/tomoyo/tomoyo.c | 12 |
6 files changed, 14 insertions, 12 deletions
| @@ -534,7 +534,7 @@ static int chown_common(struct path *path, uid_t user, gid_t group) | |||
| 534 | newattrs.ia_valid |= | 534 | newattrs.ia_valid |= |
| 535 | ATTR_KILL_SUID | ATTR_KILL_SGID | ATTR_KILL_PRIV; | 535 | ATTR_KILL_SUID | ATTR_KILL_SGID | ATTR_KILL_PRIV; |
| 536 | mutex_lock(&inode->i_mutex); | 536 | mutex_lock(&inode->i_mutex); |
| 537 | error = security_path_chown(path, user, group); | 537 | error = security_path_chown(path, uid, gid); |
| 538 | if (!error) | 538 | if (!error) |
| 539 | error = notify_change(path->dentry, &newattrs); | 539 | error = notify_change(path->dentry, &newattrs); |
| 540 | mutex_unlock(&inode->i_mutex); | 540 | mutex_unlock(&inode->i_mutex); |
diff --git a/include/linux/security.h b/include/linux/security.h index 4e5a73cdbbef..ebb92cb1fa28 100644 --- a/include/linux/security.h +++ b/include/linux/security.h | |||
| @@ -1437,7 +1437,7 @@ struct security_operations { | |||
| 1437 | int (*path_rename) (struct path *old_dir, struct dentry *old_dentry, | 1437 | int (*path_rename) (struct path *old_dir, struct dentry *old_dentry, |
| 1438 | struct path *new_dir, struct dentry *new_dentry); | 1438 | struct path *new_dir, struct dentry *new_dentry); |
| 1439 | int (*path_chmod) (struct path *path, umode_t mode); | 1439 | int (*path_chmod) (struct path *path, umode_t mode); |
| 1440 | int (*path_chown) (struct path *path, uid_t uid, gid_t gid); | 1440 | int (*path_chown) (struct path *path, kuid_t uid, kgid_t gid); |
| 1441 | int (*path_chroot) (struct path *path); | 1441 | int (*path_chroot) (struct path *path); |
| 1442 | #endif | 1442 | #endif |
| 1443 | 1443 | ||
| @@ -2832,7 +2832,7 @@ int security_path_link(struct dentry *old_dentry, struct path *new_dir, | |||
| 2832 | int security_path_rename(struct path *old_dir, struct dentry *old_dentry, | 2832 | int security_path_rename(struct path *old_dir, struct dentry *old_dentry, |
| 2833 | struct path *new_dir, struct dentry *new_dentry); | 2833 | struct path *new_dir, struct dentry *new_dentry); |
| 2834 | int security_path_chmod(struct path *path, umode_t mode); | 2834 | int security_path_chmod(struct path *path, umode_t mode); |
| 2835 | int security_path_chown(struct path *path, uid_t uid, gid_t gid); | 2835 | int security_path_chown(struct path *path, kuid_t uid, kgid_t gid); |
| 2836 | int security_path_chroot(struct path *path); | 2836 | int security_path_chroot(struct path *path); |
| 2837 | #else /* CONFIG_SECURITY_PATH */ | 2837 | #else /* CONFIG_SECURITY_PATH */ |
| 2838 | static inline int security_path_unlink(struct path *dir, struct dentry *dentry) | 2838 | static inline int security_path_unlink(struct path *dir, struct dentry *dentry) |
| @@ -2888,7 +2888,7 @@ static inline int security_path_chmod(struct path *path, umode_t mode) | |||
| 2888 | return 0; | 2888 | return 0; |
| 2889 | } | 2889 | } |
| 2890 | 2890 | ||
| 2891 | static inline int security_path_chown(struct path *path, uid_t uid, gid_t gid) | 2891 | static inline int security_path_chown(struct path *path, kuid_t uid, kgid_t gid) |
| 2892 | { | 2892 | { |
| 2893 | return 0; | 2893 | return 0; |
| 2894 | } | 2894 | } |
diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c index 8ea39aabe948..8c2a7f6b35e2 100644 --- a/security/apparmor/lsm.c +++ b/security/apparmor/lsm.c | |||
| @@ -352,7 +352,7 @@ static int apparmor_path_chmod(struct path *path, umode_t mode) | |||
| 352 | return common_perm_mnt_dentry(OP_CHMOD, path->mnt, path->dentry, AA_MAY_CHMOD); | 352 | return common_perm_mnt_dentry(OP_CHMOD, path->mnt, path->dentry, AA_MAY_CHMOD); |
| 353 | } | 353 | } |
| 354 | 354 | ||
| 355 | static int apparmor_path_chown(struct path *path, uid_t uid, gid_t gid) | 355 | static int apparmor_path_chown(struct path *path, kuid_t uid, kgid_t gid) |
| 356 | { | 356 | { |
| 357 | struct path_cond cond = { path->dentry->d_inode->i_uid, | 357 | struct path_cond cond = { path->dentry->d_inode->i_uid, |
| 358 | path->dentry->d_inode->i_mode | 358 | path->dentry->d_inode->i_mode |
diff --git a/security/capability.c b/security/capability.c index 61095df8b89a..a40aac677c72 100644 --- a/security/capability.c +++ b/security/capability.c | |||
| @@ -284,7 +284,7 @@ static int cap_path_chmod(struct path *path, umode_t mode) | |||
| 284 | return 0; | 284 | return 0; |
| 285 | } | 285 | } |
| 286 | 286 | ||
| 287 | static int cap_path_chown(struct path *path, uid_t uid, gid_t gid) | 287 | static int cap_path_chown(struct path *path, kuid_t uid, kgid_t gid) |
| 288 | { | 288 | { |
| 289 | return 0; | 289 | return 0; |
| 290 | } | 290 | } |
diff --git a/security/security.c b/security/security.c index 860aeb349cb3..f9a2f2ef2454 100644 --- a/security/security.c +++ b/security/security.c | |||
| @@ -434,7 +434,7 @@ int security_path_chmod(struct path *path, umode_t mode) | |||
| 434 | return security_ops->path_chmod(path, mode); | 434 | return security_ops->path_chmod(path, mode); |
| 435 | } | 435 | } |
| 436 | 436 | ||
| 437 | int security_path_chown(struct path *path, uid_t uid, gid_t gid) | 437 | int security_path_chown(struct path *path, kuid_t uid, kgid_t gid) |
| 438 | { | 438 | { |
| 439 | if (unlikely(IS_PRIVATE(path->dentry->d_inode))) | 439 | if (unlikely(IS_PRIVATE(path->dentry->d_inode))) |
| 440 | return 0; | 440 | return 0; |
diff --git a/security/tomoyo/tomoyo.c b/security/tomoyo/tomoyo.c index c2d04a50f76a..d88eb3a046ed 100644 --- a/security/tomoyo/tomoyo.c +++ b/security/tomoyo/tomoyo.c | |||
| @@ -373,13 +373,15 @@ static int tomoyo_path_chmod(struct path *path, umode_t mode) | |||
| 373 | * | 373 | * |
| 374 | * Returns 0 on success, negative value otherwise. | 374 | * Returns 0 on success, negative value otherwise. |
| 375 | */ | 375 | */ |
| 376 | static int tomoyo_path_chown(struct path *path, uid_t uid, gid_t gid) | 376 | static int tomoyo_path_chown(struct path *path, kuid_t uid, kgid_t gid) |
| 377 | { | 377 | { |
| 378 | int error = 0; | 378 | int error = 0; |
| 379 | if (uid != (uid_t) -1) | 379 | if (uid_valid(uid)) |
| 380 | error = tomoyo_path_number_perm(TOMOYO_TYPE_CHOWN, path, uid); | 380 | error = tomoyo_path_number_perm(TOMOYO_TYPE_CHOWN, path, |
| 381 | if (!error && gid != (gid_t) -1) | 381 | from_kuid(&init_user_ns, uid)); |
| 382 | error = tomoyo_path_number_perm(TOMOYO_TYPE_CHGRP, path, gid); | 382 | if (!error && gid_valid(gid)) |
| 383 | error = tomoyo_path_number_perm(TOMOYO_TYPE_CHGRP, path, | ||
| 384 | from_kgid(&init_user_ns, gid)); | ||
| 383 | return error; | 385 | return error; |
| 384 | } | 386 | } |
| 385 | 387 | ||