summaryrefslogtreecommitdiffstats
path: root/security/tomoyo
diff options
context:
space:
mode:
authorAlexey Gladkov <gladkov.alexey@gmail.com>2020-04-23 22:03:10 +0200
committerEric W. Biederman <ebiederm@xmission.com>2020-04-24 16:38:30 -0500
commitc59f415a7cb6e1e1e1cdbd6ee370b050e95f6b21 (patch)
tree79e9113bc0cdb5e48f8f4f6ab2163ad2ebae82c1 /security/tomoyo
parent6ade99ec6175ab2b54c227521e181e1c3c2bfc8a (diff)
downloadlinux-stable-c59f415a7cb6e1e1e1cdbd6ee370b050e95f6b21.tar.gz
linux-stable-c59f415a7cb6e1e1e1cdbd6ee370b050e95f6b21.tar.bz2
linux-stable-c59f415a7cb6e1e1e1cdbd6ee370b050e95f6b21.zip
Use proc_pid_ns() to get pid_namespace from the proc superblock
To get pid_namespace from the procfs superblock should be used a special helper. This will avoid errors when s_fs_info will change the type. Link: https://lore.kernel.org/lkml/20200423200316.164518-3-gladkov.alexey@gmail.com/ Link: https://lore.kernel.org/lkml/20200423112858.95820-1-gladkov.alexey@gmail.com/ Link: https://lore.kernel.org/lkml/06B50A1C-406F-4057-BFA8-3A7729EA7469@lca.pw/ Signed-off-by: Alexey Gladkov <gladkov.alexey@gmail.com> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Diffstat (limited to 'security/tomoyo')
-rw-r--r--security/tomoyo/realpath.c4
1 files changed, 3 insertions, 1 deletions
diff --git a/security/tomoyo/realpath.c b/security/tomoyo/realpath.c
index bf38fc1b59b2..08b096e2f7e3 100644
--- a/security/tomoyo/realpath.c
+++ b/security/tomoyo/realpath.c
@@ -7,6 +7,7 @@
#include "common.h"
#include <linux/magic.h>
+#include <linux/proc_fs.h>
/**
* tomoyo_encode2 - Encode binary string to ascii string.
@@ -161,9 +162,10 @@ static char *tomoyo_get_local_path(struct dentry *dentry, char * const buffer,
if (sb->s_magic == PROC_SUPER_MAGIC && *pos == '/') {
char *ep;
const pid_t pid = (pid_t) simple_strtoul(pos + 1, &ep, 10);
+ struct pid_namespace *proc_pidns = proc_pid_ns(d_inode(dentry));
if (*ep == '/' && pid && pid ==
- task_tgid_nr_ns(current, sb->s_fs_info)) {
+ task_tgid_nr_ns(current, proc_pidns)) {
pos = ep - 5;
if (pos < buffer)
goto out;