| scm.c (27eb2c4b3d3e13f376a359e293c212a2e9407af5) | scm.c (d661684cf6820331feae71146c35da83d794467e) |
|---|---|
| 1/* scm.c - Socket level control messages processing. 2 * 3 * Author: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru> 4 * Alignment and value checking mods by Craig Metz 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License 8 * as published by the Free Software Foundation; either version --- 40 unchanged lines hidden (view full) --- 49 const struct cred *cred = current_cred(); 50 kuid_t uid = make_kuid(cred->user_ns, creds->uid); 51 kgid_t gid = make_kgid(cred->user_ns, creds->gid); 52 53 if (!uid_valid(uid) || !gid_valid(gid)) 54 return -EINVAL; 55 56 if ((creds->pid == task_tgid_vnr(current) || | 1/* scm.c - Socket level control messages processing. 2 * 3 * Author: Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru> 4 * Alignment and value checking mods by Craig Metz 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License 8 * as published by the Free Software Foundation; either version --- 40 unchanged lines hidden (view full) --- 49 const struct cred *cred = current_cred(); 50 kuid_t uid = make_kuid(cred->user_ns, creds->uid); 51 kgid_t gid = make_kgid(cred->user_ns, creds->gid); 52 53 if (!uid_valid(uid) || !gid_valid(gid)) 54 return -EINVAL; 55 56 if ((creds->pid == task_tgid_vnr(current) || |
| 57 ns_capable(current->nsproxy->pid_ns->user_ns, CAP_SYS_ADMIN)) && | 57 ns_capable(task_active_pid_ns(current)->user_ns, CAP_SYS_ADMIN)) && |
| 58 ((uid_eq(uid, cred->uid) || uid_eq(uid, cred->euid) || 59 uid_eq(uid, cred->suid)) || nsown_capable(CAP_SETUID)) && 60 ((gid_eq(gid, cred->gid) || gid_eq(gid, cred->egid) || 61 gid_eq(gid, cred->sgid)) || nsown_capable(CAP_SETGID))) { 62 return 0; 63 } 64 return -EPERM; 65} --- 276 unchanged lines hidden --- | 58 ((uid_eq(uid, cred->uid) || uid_eq(uid, cred->euid) || 59 uid_eq(uid, cred->suid)) || nsown_capable(CAP_SETUID)) && 60 ((gid_eq(gid, cred->gid) || gid_eq(gid, cred->egid) || 61 gid_eq(gid, cred->sgid)) || nsown_capable(CAP_SETGID))) { 62 return 0; 63 } 64 return -EPERM; 65} --- 276 unchanged lines hidden --- |