user namespace: usb: make usb urbs user namespace aware (v2)
Add to the dev_state and alloc_async structures the user namespace corresponding to the uid and euid. Pass these to kill_pid_info_as_uid(), which can then implement a proper, user-namespace-aware uid check. Changelog: Sep 20: Per Oleg's suggestion: Instead of caching and passing user namespace, uid, and euid each separately, pass a struct cred. Sep 26: Address Alan Stern's comments: don't define a struct cred at usbdev_open(), and take and put a cred at async_completed() to ensure it lasts for the duration of kill_pid_info_as_cred(). Signed-off-by: Serge Hallyn <serge.hallyn@canonical.com> Cc: Oleg Nesterov <oleg@redhat.com> Cc: "Eric W. Biederman" <ebiederm@xmission.com> Cc: Tejun Heo <tj@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
This commit is contained in:
Serge Hallyn
Greg Kroah-Hartman
parent
edb2b255a0
commit
d178bc3a70
3 changed files with 31 additions and 26 deletions
|
|
@ -1344,13 +1344,24 @@ int kill_proc_info(int sig, struct siginfo *info, pid_t pid)
|
|||
return error;
|
||||
}
|
||||
|
||||
static int kill_as_cred_perm(const struct cred *cred,
|
||||
struct task_struct *target)
|
||||
{
|
||||
const struct cred *pcred = __task_cred(target);
|
||||
if (cred->user_ns != pcred->user_ns)
|
||||
return 0;
|
||||
if (cred->euid != pcred->suid && cred->euid != pcred->uid &&
|
||||
cred->uid != pcred->suid && cred->uid != pcred->uid)
|
||||
return 0;
|
||||
return 1;
|
||||
}
|
||||
|
||||
/* like kill_pid_info(), but doesn't use uid/euid of "current" */
|
||||
int kill_pid_info_as_uid(int sig, struct siginfo *info, struct pid *pid,
|
||||
uid_t uid, uid_t euid, u32 secid)
|
||||
int kill_pid_info_as_cred(int sig, struct siginfo *info, struct pid *pid,
|
||||
const struct cred *cred, u32 secid)
|
||||
{
|
||||
int ret = -EINVAL;
|
||||
struct task_struct *p;
|
||||
const struct cred *pcred;
|
||||
unsigned long flags;
|
||||
|
||||
if (!valid_signal(sig))
|
||||
|
|
@ -1362,10 +1373,7 @@ int kill_pid_info_as_uid(int sig, struct siginfo *info, struct pid *pid,
|
|||
ret = -ESRCH;
|
||||
goto out_unlock;
|
||||
}
|
||||
pcred = __task_cred(p);
|
||||
if (si_fromuser(info) &&
|
||||
euid != pcred->suid && euid != pcred->uid &&
|
||||
uid != pcred->suid && uid != pcred->uid) {
|
||||
if (si_fromuser(info) && !kill_as_cred_perm(cred, p)) {
|
||||
ret = -EPERM;
|
||||
goto out_unlock;
|
||||
}
|
||||
|
|
@ -1384,7 +1392,7 @@ out_unlock:
|
|||
rcu_read_unlock();
|
||||
return ret;
|
||||
}
|
||||
EXPORT_SYMBOL_GPL(kill_pid_info_as_uid);
|
||||
EXPORT_SYMBOL_GPL(kill_pid_info_as_cred);
|
||||
|
||||
/*
|
||||
* kill_something_info() interprets pid in interesting ways just like kill(2).
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue