diff options
author | Eric W. Biederman <ebiederm@xmission.com> | 2012-03-12 15:48:24 -0700 |
---|---|---|
committer | Eric W. Biederman <ebiederm@xmission.com> | 2012-05-15 14:59:30 -0700 |
commit | b38a86eb196d9402299919456fe3f28e490c76fa (patch) | |
tree | 7e5527ceb26989c48342ab1660de117ccd159279 | |
parent | 14a590c3f987977d7b09ec926481ee0238c08eee (diff) | |
download | linux-b38a86eb196d9402299919456fe3f28e490c76fa.tar.gz linux-b38a86eb196d9402299919456fe3f28e490c76fa.tar.bz2 linux-b38a86eb196d9402299919456fe3f28e490c76fa.zip |
userns: Convert the move_pages, and migrate_pages permission checks to use uid_eq
Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
-rw-r--r-- | init/Kconfig | 2 | ||||
-rw-r--r-- | mm/mempolicy.c | 4 | ||||
-rw-r--r-- | mm/migrate.c | 4 |
3 files changed, 4 insertions, 6 deletions
diff --git a/init/Kconfig b/init/Kconfig index d24cc75caf65..b5dff4d1e1de 100644 --- a/init/Kconfig +++ b/init/Kconfig @@ -865,8 +865,6 @@ config UIDGID_CONVERTED # List of kernel pieces that need user namespace work # Features - depends on MIGRATION = n - depends on NUMA = n depends on SYSVIPC = n depends on IMA = n depends on EVM = n diff --git a/mm/mempolicy.c b/mm/mempolicy.c index cfb6c8678754..7b44fc8ec99c 100644 --- a/mm/mempolicy.c +++ b/mm/mempolicy.c @@ -1334,8 +1334,8 @@ SYSCALL_DEFINE4(migrate_pages, pid_t, pid, unsigned long, maxnode, * userid as the target process. */ tcred = __task_cred(task); - if (cred->euid != tcred->suid && cred->euid != tcred->uid && - cred->uid != tcred->suid && cred->uid != tcred->uid && + if (!uid_eq(cred->euid, tcred->suid) && !uid_eq(cred->euid, tcred->uid) && + !uid_eq(cred->uid, tcred->suid) && !uid_eq(cred->uid, tcred->uid) && !capable(CAP_SYS_NICE)) { rcu_read_unlock(); err = -EPERM; diff --git a/mm/migrate.c b/mm/migrate.c index 51c08a0c6f68..1cf5252c3b99 100644 --- a/mm/migrate.c +++ b/mm/migrate.c @@ -1371,8 +1371,8 @@ SYSCALL_DEFINE6(move_pages, pid_t, pid, unsigned long, nr_pages, * userid as the target process. */ tcred = __task_cred(task); - if (cred->euid != tcred->suid && cred->euid != tcred->uid && - cred->uid != tcred->suid && cred->uid != tcred->uid && + if (!uid_eq(cred->euid, tcred->suid) && !uid_eq(cred->euid, tcred->uid) && + !uid_eq(cred->uid, tcred->suid) && !uid_eq(cred->uid, tcred->uid) && !capable(CAP_SYS_NICE)) { rcu_read_unlock(); err = -EPERM; |