mirror of
https://github.com/torvalds/linux.git
synced 2024-11-22 12:11:40 +00:00
acl: port to vfs{g,u}id_t
Port the few remaining pieces to vfs{g,u}id_t and associated type safe helpers. Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org>
This commit is contained in:
parent
0c5fd887d2
commit
e933c15f76
@ -361,8 +361,8 @@ posix_acl_permission(struct user_namespace *mnt_userns, struct inode *inode,
|
||||
{
|
||||
const struct posix_acl_entry *pa, *pe, *mask_obj;
|
||||
int found = 0;
|
||||
kuid_t uid;
|
||||
kgid_t gid;
|
||||
vfsuid_t vfsuid;
|
||||
vfsgid_t vfsgid;
|
||||
|
||||
want &= MAY_READ | MAY_WRITE | MAY_EXEC;
|
||||
|
||||
@ -370,28 +370,28 @@ posix_acl_permission(struct user_namespace *mnt_userns, struct inode *inode,
|
||||
switch(pa->e_tag) {
|
||||
case ACL_USER_OBJ:
|
||||
/* (May have been checked already) */
|
||||
uid = i_uid_into_mnt(mnt_userns, inode);
|
||||
if (uid_eq(uid, current_fsuid()))
|
||||
vfsuid = i_uid_into_vfsuid(mnt_userns, inode);
|
||||
if (vfsuid_eq_kuid(vfsuid, current_fsuid()))
|
||||
goto check_perm;
|
||||
break;
|
||||
case ACL_USER:
|
||||
uid = mapped_kuid_fs(mnt_userns, &init_user_ns,
|
||||
vfsuid = make_vfsuid(mnt_userns, &init_user_ns,
|
||||
pa->e_uid);
|
||||
if (uid_eq(uid, current_fsuid()))
|
||||
if (vfsuid_eq_kuid(vfsuid, current_fsuid()))
|
||||
goto mask;
|
||||
break;
|
||||
case ACL_GROUP_OBJ:
|
||||
gid = i_gid_into_mnt(mnt_userns, inode);
|
||||
if (in_group_p(gid)) {
|
||||
vfsgid = i_gid_into_vfsgid(mnt_userns, inode);
|
||||
if (vfsgid_in_group_p(vfsgid)) {
|
||||
found = 1;
|
||||
if ((pa->e_perm & want) == want)
|
||||
goto mask;
|
||||
}
|
||||
break;
|
||||
case ACL_GROUP:
|
||||
gid = mapped_kgid_fs(mnt_userns, &init_user_ns,
|
||||
vfsgid = make_vfsgid(mnt_userns, &init_user_ns,
|
||||
pa->e_gid);
|
||||
if (in_group_p(gid)) {
|
||||
if (vfsgid_in_group_p(vfsgid)) {
|
||||
found = 1;
|
||||
if ((pa->e_perm & want) == want)
|
||||
goto mask;
|
||||
@ -697,7 +697,7 @@ int posix_acl_update_mode(struct user_namespace *mnt_userns,
|
||||
return error;
|
||||
if (error == 0)
|
||||
*acl = NULL;
|
||||
if (!in_group_p(i_gid_into_mnt(mnt_userns, inode)) &&
|
||||
if (!vfsgid_in_group_p(i_gid_into_vfsgid(mnt_userns, inode)) &&
|
||||
!capable_wrt_inode_uidgid(mnt_userns, inode, CAP_FSETID))
|
||||
mode &= ~S_ISGID;
|
||||
*mode_p = mode;
|
||||
|
Loading…
Reference in New Issue
Block a user