userns: Convert cgroup permission checks to use uid_eq

Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
This commit is contained in:
Eric W. Biederman 2012-03-12 15:44:39 -07:00
parent 8751e03958
commit 14a590c3f9
2 changed files with 3 additions and 4 deletions

View file

@ -865,7 +865,6 @@ config UIDGID_CONVERTED
# List of kernel pieces that need user namespace work
# Features
depends on CGROUPS = n
depends on MIGRATION = n
depends on NUMA = n
depends on SYSVIPC = n

View file

@ -2160,9 +2160,9 @@ static int attach_task_by_pid(struct cgroup *cgrp, u64 pid, bool threadgroup)
* only need to check permissions on one of them.
*/
tcred = __task_cred(tsk);
if (cred->euid &&
cred->euid != tcred->uid &&
cred->euid != tcred->suid) {
if (!uid_eq(cred->euid, GLOBAL_ROOT_UID) &&
!uid_eq(cred->euid, tcred->uid) &&
!uid_eq(cred->euid, tcred->suid)) {
rcu_read_unlock();
ret = -EACCES;
goto out_unlock_cgroup;