mirror of
https://github.com/Fishwaldo/Star64_linux.git
synced 2025-06-22 22:51:37 +00:00
userns: Store uid and gid values in struct cred with kuid_t and kgid_t types
cred.h and a few trivial users of struct cred are changed. The rest of the users of struct cred are left for other patches as there are too many changes to make in one go and leave the change reviewable. If the user namespace is disabled and CONFIG_UIDGID_STRICT_TYPE_CHECKS are disabled the code will contiue to compile and behave correctly. Acked-by: Serge Hallyn <serge.hallyn@canonical.com> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
This commit is contained in:
Eric W. Biederman
parent
ae2975bc34
commit
078de5f706
10 changed files with 59 additions and 62 deletions
|
|
@ -49,6 +49,14 @@ struct cred init_cred = {
|
|||
.subscribers = ATOMIC_INIT(2),
|
||||
.magic = CRED_MAGIC,
|
||||
#endif
|
||||
.uid = GLOBAL_ROOT_UID,
|
||||
.gid = GLOBAL_ROOT_GID,
|
||||
.suid = GLOBAL_ROOT_UID,
|
||||
.sgid = GLOBAL_ROOT_GID,
|
||||
.euid = GLOBAL_ROOT_UID,
|
||||
.egid = GLOBAL_ROOT_GID,
|
||||
.fsuid = GLOBAL_ROOT_UID,
|
||||
.fsgid = GLOBAL_ROOT_GID,
|
||||
.securebits = SECUREBITS_DEFAULT,
|
||||
.cap_inheritable = CAP_EMPTY_SET,
|
||||
.cap_permitted = CAP_FULL_SET,
|
||||
|
|
@ -488,10 +496,10 @@ int commit_creds(struct cred *new)
|
|||
get_cred(new); /* we will require a ref for the subj creds too */
|
||||
|
||||
/* dumpability changes */
|
||||
if (old->euid != new->euid ||
|
||||
old->egid != new->egid ||
|
||||
old->fsuid != new->fsuid ||
|
||||
old->fsgid != new->fsgid ||
|
||||
if (!uid_eq(old->euid, new->euid) ||
|
||||
!gid_eq(old->egid, new->egid) ||
|
||||
!uid_eq(old->fsuid, new->fsuid) ||
|
||||
!gid_eq(old->fsgid, new->fsgid) ||
|
||||
!cap_issubset(new->cap_permitted, old->cap_permitted)) {
|
||||
if (task->mm)
|
||||
set_dumpable(task->mm, suid_dumpable);
|
||||
|
|
@ -500,9 +508,9 @@ int commit_creds(struct cred *new)
|
|||
}
|
||||
|
||||
/* alter the thread keyring */
|
||||
if (new->fsuid != old->fsuid)
|
||||
if (!uid_eq(new->fsuid, old->fsuid))
|
||||
key_fsuid_changed(task);
|
||||
if (new->fsgid != old->fsgid)
|
||||
if (!gid_eq(new->fsgid, old->fsgid))
|
||||
key_fsgid_changed(task);
|
||||
|
||||
/* do it
|
||||
|
|
@ -519,16 +527,16 @@ int commit_creds(struct cred *new)
|
|||
alter_cred_subscribers(old, -2);
|
||||
|
||||
/* send notifications */
|
||||
if (new->uid != old->uid ||
|
||||
new->euid != old->euid ||
|
||||
new->suid != old->suid ||
|
||||
new->fsuid != old->fsuid)
|
||||
if (!uid_eq(new->uid, old->uid) ||
|
||||
!uid_eq(new->euid, old->euid) ||
|
||||
!uid_eq(new->suid, old->suid) ||
|
||||
!uid_eq(new->fsuid, old->fsuid))
|
||||
proc_id_connector(task, PROC_EVENT_UID);
|
||||
|
||||
if (new->gid != old->gid ||
|
||||
new->egid != old->egid ||
|
||||
new->sgid != old->sgid ||
|
||||
new->fsgid != old->fsgid)
|
||||
if (!gid_eq(new->gid, old->gid) ||
|
||||
!gid_eq(new->egid, old->egid) ||
|
||||
!gid_eq(new->sgid, old->sgid) ||
|
||||
!gid_eq(new->fsgid, old->fsgid))
|
||||
proc_id_connector(task, PROC_EVENT_GID);
|
||||
|
||||
/* release the old obj and subj refs both */
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue