Re: [PATCH 04/13] staging: gasket: core: allow root access based on user namespace

From: Dmitry Torokhov
Date: Mon Jul 30 2018 - 13:57:07 EST

Next message: Kalle Valo: "Re: [PATCH] ath6kl: remove redundant variables netlen, orig_buf, orig_len, dropped and stats"
Previous message: Tim Chen: "Re: [PATCH v2] x86/bugs: protect against userspace-userspace spectreRSB"
In reply to: Todd Poynor: "[PATCH 04/13] staging: gasket: core: allow root access based on user namespace"
Next in thread: Todd Poynor: "Re: [PATCH 04/13] staging: gasket: core: allow root access based on user namespace"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Todd,

On Sun, Jul 29, 2018 at 12:37 PM Todd Poynor <toddpoynor@xxxxxxxxx> wrote:
> @@ -1064,7 +1067,8 @@ static int gasket_open(struct inode *inode, struct file *filp)
> char task_name[TASK_COMM_LEN];
> struct gasket_cdev_info *dev_info =
> container_of(inode->i_cdev, struct gasket_cdev_info, cdev);
> - int is_root = capable(CAP_SYS_ADMIN);
> + struct pid_namespace *pid_ns = task_active_pid_ns(current);
> + int is_root = ns_capable(pid_ns->user_ns, CAP_SYS_ADMIN);

ns_capable() returns bool, why did you make is_root an integer?

Thanks,
Dmitry

Next message: Kalle Valo: "Re: [PATCH] ath6kl: remove redundant variables netlen, orig_buf, orig_len, dropped and stats"
Previous message: Tim Chen: "Re: [PATCH v2] x86/bugs: protect against userspace-userspace spectreRSB"
In reply to: Todd Poynor: "[PATCH 04/13] staging: gasket: core: allow root access based on user namespace"
Next in thread: Todd Poynor: "Re: [PATCH 04/13] staging: gasket: core: allow root access based on user namespace"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]