userns: Convert group_info values from gid_t to kgid_t.

static int groups16_to_user(u16 __user *grouplist, struct group_info *group_info)

{

	struct user_namespace *user_ns = current_user_ns();

	int i;

	u16 group;

	kgid_t kgid;

	for (i = 0; i < group_info->ngroups; i++) {

		group = (u16)GROUP_AT(group_info, i);

		kgid = GROUP_AT(group_info, i);

		group = (u16)from_kgid_munged(user_ns, kgid);

		if (put_user(group, grouplist+i))

			return -EFAULT;

	}

static int groups16_from_user(struct group_info *group_info, u16 __user *grouplist)

{

	struct user_namespace *user_ns = current_user_ns();

	int i;

	u16 group;

	kgid_t kgid;

	for (i = 0; i < group_info->ngroups; i++) {

		if (get_user(group, grouplist+i))

			return  -EFAULT;

		GROUP_AT(group_info, i) = (gid_t)group;

		kgid = make_kgid(user_ns, (gid_t)group);

		if (!gid_valid(kgid))

			return -EINVAL;

		GROUP_AT(group_info, i) = kgid;

	}

	return 0;

/* Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de> */

#include <linux/sched.h>

#include <linux/user_namespace.h>

#include "nfsd.h"

#include "auth.h"

			goto oom;

		for (i = 0; i < rqgi->ngroups; i++) {

			if (!GROUP_AT(rqgi, i))

				GROUP_AT(gi, i) = exp->ex_anon_gid;

			if (gid_eq(GLOBAL_ROOT_GID, GROUP_AT(rqgi, i)))

				GROUP_AT(gi, i) = make_kgid(&init_user_ns, exp->ex_anon_gid);

			else

				GROUP_AT(gi, i) = GROUP_AT(rqgi, i);

		}

#include <linux/pid_namespace.h>

#include <linux/ptrace.h>

#include <linux/tracehook.h>

#include <linux/user_namespace.h>

#include <asm/pgtable.h>

#include <asm/processor.h>

static inline void task_state(struct seq_file *m, struct pid_namespace *ns,

				struct pid *pid, struct task_struct *p)

{

	struct user_namespace *user_ns = current_user_ns();

	struct group_info *group_info;

	int g;

	struct fdtable *fdt = NULL;

	task_unlock(p);

	for (g = 0; g < min(group_info->ngroups, NGROUPS_SMALL); g++)

		seq_printf(m, "%d ", GROUP_AT(group_info, g));

		seq_printf(m, "%d ",

			   from_kgid_munged(user_ns, GROUP_AT(group_info, g)));

	put_cred(cred);

	seq_putc(m, '\n');

#include <linux/key.h>

#include <linux/selinux.h>

#include <linux/atomic.h>

#include <linux/uidgid.h>

struct user_struct;

struct cred;

 * COW Supplementary groups list

 */

#define NGROUPS_SMALL		32

#define NGROUPS_PER_BLOCK	((unsigned int)(PAGE_SIZE / sizeof(gid_t)))

#define NGROUPS_PER_BLOCK	((unsigned int)(PAGE_SIZE / sizeof(kgid_t)))

struct group_info {

	atomic_t	usage;

	int		ngroups;

	int		nblocks;

	gid_t		small_block[NGROUPS_SMALL];

	gid_t		*blocks[0];

	kgid_t		small_block[NGROUPS_SMALL];

	kgid_t		*blocks[0];

};

/**

extern void groups_free(struct group_info *);

extern int set_current_groups(struct group_info *);

extern int set_groups(struct cred *, struct group_info *);

extern int groups_search(const struct group_info *, gid_t);

extern int groups_search(const struct group_info *, kgid_t);

/* access the groups "array" with this macro */

#define GROUP_AT(gi, i) \

		group_info->blocks[0] = group_info->small_block;

	else {

		for (i = 0; i < nblocks; i++) {

			gid_t *b;

			kgid_t *b;

			b = (void *)__get_free_page(GFP_USER);

			if (!b)

				goto out_undo_partial_alloc;

static int groups_to_user(gid_t __user *grouplist,

			  const struct group_info *group_info)

{

	struct user_namespace *user_ns = current_user_ns();

	int i;

	unsigned int count = group_info->ngroups;

	for (i = 0; i < group_info->nblocks; i++) {

		unsigned int cp_count = min(NGROUPS_PER_BLOCK, count);

		unsigned int len = cp_count * sizeof(*grouplist);

		if (copy_to_user(grouplist, group_info->blocks[i], len))

	for (i = 0; i < count; i++) {

		gid_t gid;

		gid = from_kgid_munged(user_ns, GROUP_AT(group_info, i));

		if (put_user(gid, grouplist+i))

			return -EFAULT;

		grouplist += NGROUPS_PER_BLOCK;

		count -= cp_count;

	}

	return 0;

}

static int groups_from_user(struct group_info *group_info,

    gid_t __user *grouplist)

{

	struct user_namespace *user_ns = current_user_ns();

	int i;

	unsigned int count = group_info->ngroups;

	for (i = 0; i < group_info->nblocks; i++) {

		unsigned int cp_count = min(NGROUPS_PER_BLOCK, count);

		unsigned int len = cp_count * sizeof(*grouplist);

		if (copy_from_user(group_info->blocks[i], grouplist, len))

	for (i = 0; i < count; i++) {

		gid_t gid;

		kgid_t kgid;

		if (get_user(gid, grouplist+i))

			return -EFAULT;

		grouplist += NGROUPS_PER_BLOCK;

		count -= cp_count;

		kgid = make_kgid(user_ns, gid);

		if (!gid_valid(kgid))

			return -EINVAL;

		GROUP_AT(group_info, i) = kgid;

	}

	return 0;

}

		for (base = 0; base < max; base++) {

			int left = base;

			int right = left + stride;

			gid_t tmp = GROUP_AT(group_info, right);

			kgid_t tmp = GROUP_AT(group_info, right);

			while (left >= 0 && GROUP_AT(group_info, left) > tmp) {

			while (left >= 0 && gid_gt(GROUP_AT(group_info, left), tmp)) {

				GROUP_AT(group_info, right) =

				    GROUP_AT(group_info, left);

				right = left;

}

/* a simple bsearch */

int groups_search(const struct group_info *group_info, gid_t grp)

int groups_search(const struct group_info *group_info, kgid_t grp)

{

	unsigned int left, right;

	right = group_info->ngroups;

	while (left < right) {

		unsigned int mid = (left+right)/2;

		if (grp > GROUP_AT(group_info, mid))

		if (gid_gt(grp, GROUP_AT(group_info, mid)))

			left = mid + 1;

		else if (grp < GROUP_AT(group_info, mid))

		else if (gid_lt(grp, GROUP_AT(group_info, mid)))

			right = mid;

		else

			return 1;

	int retval = 1;

	if (grp != cred->fsgid)

		retval = groups_search(cred->group_info, grp);

		retval = groups_search(cred->group_info,

				       make_kgid(cred->user_ns, grp));

	return retval;

}

	int retval = 1;

	if (grp != cred->egid)

		retval = groups_search(cred->group_info, grp);

		retval = groups_search(cred->group_info,

				       make_kgid(cred->user_ns, grp));

	return retval;

}