diff options
Diffstat (limited to 'fs/ecryptfs/messaging.c')
-rw-r--r-- | fs/ecryptfs/messaging.c | 27 |
1 files changed, 14 insertions, 13 deletions
diff --git a/fs/ecryptfs/messaging.c b/fs/ecryptfs/messaging.c index c6983978a31e..6913f727624d 100644 --- a/fs/ecryptfs/messaging.c +++ b/fs/ecryptfs/messaging.c | |||
@@ -360,7 +360,8 @@ int ecryptfs_process_response(struct ecryptfs_message *msg, uid_t euid, | |||
360 | struct ecryptfs_msg_ctx *msg_ctx; | 360 | struct ecryptfs_msg_ctx *msg_ctx; |
361 | size_t msg_size; | 361 | size_t msg_size; |
362 | struct nsproxy *nsproxy; | 362 | struct nsproxy *nsproxy; |
363 | struct user_namespace *current_user_ns; | 363 | struct user_namespace *tsk_user_ns; |
364 | uid_t ctx_euid; | ||
364 | int rc; | 365 | int rc; |
365 | 366 | ||
366 | if (msg->index >= ecryptfs_message_buf_len) { | 367 | if (msg->index >= ecryptfs_message_buf_len) { |
@@ -384,9 +385,9 @@ int ecryptfs_process_response(struct ecryptfs_message *msg, uid_t euid, | |||
384 | mutex_unlock(&ecryptfs_daemon_hash_mux); | 385 | mutex_unlock(&ecryptfs_daemon_hash_mux); |
385 | goto wake_up; | 386 | goto wake_up; |
386 | } | 387 | } |
387 | current_user_ns = nsproxy->user_ns; | 388 | tsk_user_ns = __task_cred(msg_ctx->task)->user->user_ns; |
388 | rc = ecryptfs_find_daemon_by_euid(&daemon, msg_ctx->task->euid, | 389 | ctx_euid = task_euid(msg_ctx->task); |
389 | current_user_ns); | 390 | rc = ecryptfs_find_daemon_by_euid(&daemon, ctx_euid, tsk_user_ns); |
390 | rcu_read_unlock(); | 391 | rcu_read_unlock(); |
391 | mutex_unlock(&ecryptfs_daemon_hash_mux); | 392 | mutex_unlock(&ecryptfs_daemon_hash_mux); |
392 | if (rc) { | 393 | if (rc) { |
@@ -394,28 +395,28 @@ int ecryptfs_process_response(struct ecryptfs_message *msg, uid_t euid, | |||
394 | printk(KERN_WARNING "%s: User [%d] received a " | 395 | printk(KERN_WARNING "%s: User [%d] received a " |
395 | "message response from process [0x%p] but does " | 396 | "message response from process [0x%p] but does " |
396 | "not have a registered daemon\n", __func__, | 397 | "not have a registered daemon\n", __func__, |
397 | msg_ctx->task->euid, pid); | 398 | ctx_euid, pid); |
398 | goto wake_up; | 399 | goto wake_up; |
399 | } | 400 | } |
400 | if (msg_ctx->task->euid != euid) { | 401 | if (ctx_euid != euid) { |
401 | rc = -EBADMSG; | 402 | rc = -EBADMSG; |
402 | printk(KERN_WARNING "%s: Received message from user " | 403 | printk(KERN_WARNING "%s: Received message from user " |
403 | "[%d]; expected message from user [%d]\n", __func__, | 404 | "[%d]; expected message from user [%d]\n", __func__, |
404 | euid, msg_ctx->task->euid); | 405 | euid, ctx_euid); |
405 | goto unlock; | 406 | goto unlock; |
406 | } | 407 | } |
407 | if (current_user_ns != user_ns) { | 408 | if (tsk_user_ns != user_ns) { |
408 | rc = -EBADMSG; | 409 | rc = -EBADMSG; |
409 | printk(KERN_WARNING "%s: Received message from user_ns " | 410 | printk(KERN_WARNING "%s: Received message from user_ns " |
410 | "[0x%p]; expected message from user_ns [0x%p]\n", | 411 | "[0x%p]; expected message from user_ns [0x%p]\n", |
411 | __func__, user_ns, nsproxy->user_ns); | 412 | __func__, user_ns, tsk_user_ns); |
412 | goto unlock; | 413 | goto unlock; |
413 | } | 414 | } |
414 | if (daemon->pid != pid) { | 415 | if (daemon->pid != pid) { |
415 | rc = -EBADMSG; | 416 | rc = -EBADMSG; |
416 | printk(KERN_ERR "%s: User [%d] sent a message response " | 417 | printk(KERN_ERR "%s: User [%d] sent a message response " |
417 | "from an unrecognized process [0x%p]\n", | 418 | "from an unrecognized process [0x%p]\n", |
418 | __func__, msg_ctx->task->euid, pid); | 419 | __func__, ctx_euid, pid); |
419 | goto unlock; | 420 | goto unlock; |
420 | } | 421 | } |
421 | if (msg_ctx->state != ECRYPTFS_MSG_CTX_STATE_PENDING) { | 422 | if (msg_ctx->state != ECRYPTFS_MSG_CTX_STATE_PENDING) { |
@@ -464,14 +465,14 @@ ecryptfs_send_message_locked(char *data, int data_len, u8 msg_type, | |||
464 | struct ecryptfs_msg_ctx **msg_ctx) | 465 | struct ecryptfs_msg_ctx **msg_ctx) |
465 | { | 466 | { |
466 | struct ecryptfs_daemon *daemon; | 467 | struct ecryptfs_daemon *daemon; |
468 | uid_t euid = current_euid(); | ||
467 | int rc; | 469 | int rc; |
468 | 470 | ||
469 | rc = ecryptfs_find_daemon_by_euid(&daemon, current->euid, | 471 | rc = ecryptfs_find_daemon_by_euid(&daemon, euid, current_user_ns()); |
470 | current->nsproxy->user_ns); | ||
471 | if (rc || !daemon) { | 472 | if (rc || !daemon) { |
472 | rc = -ENOTCONN; | 473 | rc = -ENOTCONN; |
473 | printk(KERN_ERR "%s: User [%d] does not have a daemon " | 474 | printk(KERN_ERR "%s: User [%d] does not have a daemon " |
474 | "registered\n", __func__, current->euid); | 475 | "registered\n", __func__, euid); |
475 | goto out; | 476 | goto out; |
476 | } | 477 | } |
477 | mutex_lock(&ecryptfs_msg_ctx_lists_mux); | 478 | mutex_lock(&ecryptfs_msg_ctx_lists_mux); |