Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 14a590c3 authored Mar 12, 2012 by Eric W. Biederman

userns: Convert cgroup permission checks to use uid_eq



Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>

parent 8751e039

init/Kconfig

+0 −1

Original line number	Diff line number	Diff line
		@@ -865,7 +865,6 @@ config UIDGID_CONVERTED

		# List of kernel pieces that need user namespace work
		# Features
		depends on CGROUPS = n
		depends on MIGRATION = n
		depends on NUMA = n
		depends on SYSVIPC = n

kernel/cgroup.c

+3 −3

Original line number	Diff line number	Diff line
		@@ -2160,9 +2160,9 @@ retry_find_task:
		* only need to check permissions on one of them.
		*/
		tcred = __task_cred(tsk);
		if (cred->euid &&
		cred->euid != tcred->uid &&
		cred->euid != tcred->suid) {
		if (!uid_eq(cred->euid, GLOBAL_ROOT_UID) &&
		!uid_eq(cred->euid, tcred->uid) &&
		!uid_eq(cred->euid, tcred->suid)) {
		rcu_read_unlock();
		ret = -EACCES;
		goto out_unlock_cgroup;