Re: [PATCH 04/13] staging: gasket: core: allow root access based on user namespace
From: Dmitry Torokhov
Date: Mon Jul 30 2018 - 13:57:07 EST
Hi Todd,
On Sun, Jul 29, 2018 at 12:37 PM Todd Poynor <toddpoynor@xxxxxxxxx> wrote:
> @@ -1064,7 +1067,8 @@ static int gasket_open(struct inode *inode, struct file *filp)
> char task_name[TASK_COMM_LEN];
> struct gasket_cdev_info *dev_info =
> container_of(inode->i_cdev, struct gasket_cdev_info, cdev);
> - int is_root = capable(CAP_SYS_ADMIN);
> + struct pid_namespace *pid_ns = task_active_pid_ns(current);
> + int is_root = ns_capable(pid_ns->user_ns, CAP_SYS_ADMIN);
ns_capable() returns bool, why did you make is_root an integer?
Thanks,
Dmitry