OpenVZ Forum: Devel » [RFC] [PATCH 0/4] uid

Home » Mailing lists » Devel » [RFC] [PATCH 0/4] uid_ns: introduction

Show: Today's Messages :: Show Polls :: Message Navigator
E-mail to friend

[RFC] [PATCH 2/4] uid_ns: replace inode->fsuid checks under fs/ [message #16732 is a reply to message #16730]

Tue, 07 November 2006 04:19

serue
Messages: 750
Registered: February 2006

Senior Member

Replace inode->fsuid in fs/*.c with inode_task_same_uid(), which
will later be used to compare uid namespaces.

Signed-off-by: Serge E. Hallyn <serue@us.ibm.com>

---

 fs/attr.c        |   10 ++++++----
 fs/fcntl.c       |    3 ++-
 fs/generic_acl.c |    2 +-
 fs/locks.c       |    4 ++--
 fs/posix_acl.c   |    2 +-
 fs/utimes.c      |    4 ++--
 6 files changed, 14 insertions(+), 11 deletions(-)

54f0e4ce61c74cc7419988fbbadd0a3c54e21893
diff --git a/fs/attr.c b/fs/attr.c
index 97de946..b913555 100644
--- a/fs/attr.c
+++ b/fs/attr.c
@@ -30,20 +30,21 @@ int inode_change_ok(struct inode *inode,
 
 	/* Make sure a caller can chown. */
 	if ((ia_valid & ATTR_UID) &&
-	    (current->fsuid != inode->i_uid ||
+	    (!inode_task_same_uid(inode, current) ||
 	     attr->ia_uid != inode->i_uid) && !capable(CAP_CHOWN))
 		goto error;
 
 	/* Make sure caller can chgrp. */
 	if ((ia_valid & ATTR_GID) &&
-	    (current->fsuid != inode->i_uid ||
+	    (!inode_task_same_uid(inode, current) ||
 	    (!in_group_p(attr->ia_gid) && attr->ia_gid != inode->i_gid)) &&
 	    !capable(CAP_CHOWN))
 		goto error;
 
 	/* Make sure a caller can chmod. */
 	if (ia_valid & ATTR_MODE) {
-		if ((current->fsuid != inode->i_uid) && !capable(CAP_FOWNER))
+		if (!inode_task_same_uid(inode, current) &&
+					!capable(CAP_FOWNER))
 			goto error;
 		/* Also check the setgid bit! */
 		if (!in_group_p((ia_valid & ATTR_GID) ? attr->ia_gid :
@@ -53,7 +54,8 @@ int inode_change_ok(struct inode *inode,
 
 	/* Check for setting the inode time. */
 	if (ia_valid & (ATTR_MTIME_SET | ATTR_ATIME_SET)) {
-		if (current->fsuid != inode->i_uid && !capable(CAP_FOWNER))
+		if (!inode_task_same_uid(inode, current) &&
+					!capable(CAP_FOWNER))
 			goto error;
 	}
 fine:
diff --git a/fs/fcntl.c b/fs/fcntl.c
index 8ba82c9..b1ed443 100644
--- a/fs/fcntl.c
+++ b/fs/fcntl.c
@@ -215,7 +215,8 @@ static int setfl(int fd, struct file * f
 
 	/* O_NOATIME can only be set by the owner or superuser */
 	if ((arg & O_NOATIME) && !(filp->f_flags & O_NOATIME))
-		if (current->fsuid != inode->i_uid && !capable(CAP_FOWNER))
+		if (!inode_task_same_uid(inode, current) &&
+					!capable(CAP_FOWNER))
 			return -EPERM;
 
 	/* required for strict SunOS emulation */
diff --git a/fs/generic_acl.c b/fs/generic_acl.c
index 9ccb789..a6402a9 100644
--- a/fs/generic_acl.c
+++ b/fs/generic_acl.c
@@ -78,7 +78,7 @@ generic_acl_set(struct inode *inode, str
 
 	if (S_ISLNK(inode->i_mode))
 		return -EOPNOTSUPP;
-	if (current->fsuid != inode->i_uid && !capable(CAP_FOWNER))
+	if (inode_task_same_uid(inode, current) && !capable(CAP_FOWNER))
 		return -EPERM;
 	if (value) {
 		acl = posix_acl_from_xattr(value, size);
diff --git a/fs/locks.c b/fs/locks.c
index e0b6a80..f5c4787 100644
--- a/fs/locks.c
+++ b/fs/locks.c
@@ -1452,7 +1452,7 @@ int setlease(struct file *filp, long arg
 	struct inode *inode = dentry->d_inode;
 	int error;
 
-	if ((current->fsuid != inode->i_uid) && !capable(CAP_LEASE))
+	if (inode_task_same_uid(inode, current) && !capable(CAP_LEASE))
 		return -EACCES;
 	if (!S_ISREG(inode->i_mode))
 		return -EINVAL;
@@ -1486,7 +1486,7 @@ int fcntl_setlease(unsigned int fd, stru
 	struct inode *inode = dentry->d_inode;
 	int error;
 
-	if ((current->fsuid != inode->i_uid) && !capable(CAP_LEASE))
+	if (inode_task_same_uid(inode, current) && !capable(CAP_LEASE))
 		return -EACCES;
 	if (!S_ISREG(inode->i_mode))
 		return -EINVAL;
diff --git a/fs/posix_acl.c b/fs/posix_acl.c
index aec931e..dd34bee 100644
--- a/fs/posix_acl.c
+++ b/fs/posix_acl.c
@@ -217,7 +217,7 @@ posix_acl_permission(struct inode *inode
                 switch(pa->e_tag) {
                         case ACL_USER_OBJ:
 				/* (May have been checked already) */
-                                if (inode->i_uid == current->fsuid)
+				if (inode_task_same_uid(inode, current))
                                         goto check_perm;
                                 break;
                         case ACL_USER:
diff --git a/fs/utimes.c b/fs/utimes.c
index 558f581..77ad8c9 100644
--- a/fs/utimes.c
+++ b/fs/utimes.c
@@ -61,7 +61,7 @@ asmlinkage long sys_utime(char __user * 
                 if (IS_IMMUTABLE(inode))
                         goto mnt_drop_write_and_out;
 
-		if (current->fsuid != inode->i_uid &&
+		if (!inode_task_same_uid(inode, current) &&
 		    (error = vfs_permission(&nd, MAY_WRITE)) != 0)
 			goto mnt_drop_write_and_out;
 	}
@@ -119,7 +119,7 @@ long do_utimes(int dfd, char __user *fil
                 if (IS_IMMUTABLE(inode))
 			goto mnt_drop_write_and_out;
 
-		if (current->fsuid != inode->i_uid &&
+		if (!inode_task_same_uid(inode, current) &&
 		    (error = vfs_permission(&nd, MAY_WRITE)) != 0)
 			goto mnt_drop_write_and_out;
 	}
-- 
1.1.6
_______________________________________________
Containers mailing list
Containers@lists.osdl.org
https://lists.osdl.org/mailman/listinfo/containers

Report message to a moderator

[Message index]

		[RFC] [PATCH 0/4] uid_ns: introduction By: serue on Tue, 07 November 2006 04:18
		[RFC] [PATCH 1/4] uid_ns: introduce inode uid check helper By: serue on Tue, 07 November 2006 04:19
		Re: [RFC] [PATCH 1/4] uid_ns: introduce inode uid check helper By: Cedric Le Goater on Thu, 09 November 2006 20:05
		Re: [RFC] [PATCH 1/4] uid_ns: introduce inode uid check helper By: Sam Vilain on Sun, 12 November 2006 22:43
		[RFC] [PATCH 2/4] uid_ns: replace inode->fsuid checks under fs/ By: serue on Tue, 07 November 2006 04:19
		[RFC] [PATCH 3/4] uid_ns: replace i_uid check in fs/namespace.c By: serue on Tue, 07 November 2006 04:20
		[RFC] [PATCH 4/4] uid_ns: Add filesystem uid checks By: serue on Tue, 07 November 2006 04:20
		Re: [RFC] [PATCH 0/4] uid_ns: introduction By: Herbert Poetzl on Wed, 08 November 2006 00:52
		Re: [RFC] [PATCH 0/4] uid_ns: introduction By: Trond Myklebust on Wed, 08 November 2006 17:46
		Re: [RFC] [PATCH 0/4] uid_ns: introduction By: ebiederm on Wed, 08 November 2006 20:34
		Re: [RFC] [PATCH 0/4] uid_ns: introduction By: Herbert Poetzl on Wed, 08 November 2006 21:27
		Re: [RFC] [PATCH 0/4] uid_ns: introduction By: serue on Wed, 08 November 2006 21:54
		Re: [RFC] [PATCH 0/4] uid_ns: introduction By: Herbert Poetzl on Thu, 09 November 2006 00:42
		Re: [RFC] [PATCH 0/4] uid_ns: introduction By: serue on Thu, 23 November 2006 03:09
		Re: [RFC] [PATCH 0/4] uid_ns: introduction By: ebiederm on Thu, 09 November 2006 13:26
		Re: [RFC] [PATCH 0/4] uid_ns: introduction By: serue on Thu, 09 November 2006 16:50
		Re: [RFC] [PATCH 0/4] uid_ns: introduction By: Herbert Poetzl on Thu, 09 November 2006 17:17
		Re: [RFC] [PATCH 0/4] uid_ns: introduction By: serue on Thu, 09 November 2006 17:35
		Re: [RFC] [PATCH 0/4] uid_ns: introduction By: Cedric Le Goater on Thu, 09 November 2006 20:12

Previous Topic:	Re: [v4l-dvb-maintainer] Re: Re: [PATCH/RFC] kthread API conversion for dvb_frontend and av7110
Next Topic:	Re: Re: [RFC] [PATCH 0/4] uid_ns: introduction

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

] [

]

Current Time: Tue Jul 22 01:04:30 GMT 2025

Total time taken to generate the page: 0.08928 seconds