CRED: Wrap current->cred and a few other accessors
Wrap current->cred and a few other accessors to hide their actual
implementation.
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: James Morris <jmorris@namei.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Signed-off-by: James Morris <jmorris@namei.org>
diff --git a/drivers/net/tun.c b/drivers/net/tun.c
index b14e202..55dc70c 100644
--- a/drivers/net/tun.c
+++ b/drivers/net/tun.c
@@ -702,6 +702,7 @@
struct tun_net *tn;
struct tun_struct *tun;
struct net_device *dev;
+ const struct cred *cred = current_cred();
int err;
tn = net_generic(net, tun_net_id);
@@ -712,11 +713,12 @@
/* Check permissions */
if (((tun->owner != -1 &&
- current_euid() != tun->owner) ||
+ cred->euid != tun->owner) ||
(tun->group != -1 &&
- current_egid() != tun->group)) &&
- !capable(CAP_NET_ADMIN))
+ cred->egid != tun->group)) &&
+ !capable(CAP_NET_ADMIN)) {
return -EPERM;
+ }
}
else if (__dev_get_by_name(net, ifr->ifr_name))
return -EINVAL;