CRED: Wrap task credential accesses in the core kernel
Wrap access to task credentials so that they can be separated more easily from
the task_struct during the introduction of COW creds.
Change most current->(|e|s|fs)[ug]id to current_(|e|s|fs)[ug]id().
Change some task->e?[ug]id to task_e?[ug]id(). In some places it makes more
sense to use RCU directly rather than a convenient wrapper; these will be
addressed by later patches.
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: James Morris <jmorris@namei.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: linux-audit@redhat.com
Cc: containers@lists.linux-foundation.org
Cc: linux-mm@kvack.org
Signed-off-by: James Morris <jmorris@namei.org>
diff --git a/kernel/ptrace.c b/kernel/ptrace.c
index 1e68e4c..937f6b5 100644
--- a/kernel/ptrace.c
+++ b/kernel/ptrace.c
@@ -123,16 +123,19 @@
* because setting up the necessary parent/child relationship
* or halting the specified task is impossible.
*/
+ uid_t uid;
+ gid_t gid;
int dumpable = 0;
/* Don't let security modules deny introspection */
if (task == current)
return 0;
- if (((current->uid != task->euid) ||
- (current->uid != task->suid) ||
- (current->uid != task->uid) ||
- (current->gid != task->egid) ||
- (current->gid != task->sgid) ||
- (current->gid != task->gid)) && !capable(CAP_SYS_PTRACE))
+ current_uid_gid(&uid, &gid);
+ if ((uid != task->euid ||
+ uid != task->suid ||
+ uid != task->uid ||
+ gid != task->egid ||
+ gid != task->sgid ||
+ gid != task->gid) && !capable(CAP_SYS_PTRACE))
return -EPERM;
smp_rmb();
if (task->mm)