Re: [systemd-devel] [PATCH] metadata: use the subjective cred of current

Mon, 03 Mar 2014 12:25:59 -0800 

On 03/02/2014 10:11 PM, Djalal Harouni wrote:
> In kdbus_meta_append_*() we want to get the subjective context, so
> instead of using __task_cred() which reference the objective cred,
> use current_cred() to access the subjective cred.
> 
> Signed-off-by: Djalal Harouni <tix...@opendz.org>
> ---
> Compile tested and make check

Looks correct. Applied, thanks!


Daniel

>  metadata.c | 14 ++------------
>  1 file changed, 2 insertions(+), 12 deletions(-)
> 
> diff --git a/metadata.c b/metadata.c
> index df05b43..75fc819 100644
> --- a/metadata.c
> +++ b/metadata.c
> @@ -292,21 +292,18 @@ static int kdbus_meta_append_cmdline(struct kdbus_meta 
> *meta)
>  
>  static int kdbus_meta_append_caps(struct kdbus_meta *meta)
>  {
> -     const struct cred *cred;
>       struct caps {
>               u32 cap[_KERNEL_CAPABILITY_U32S];
>       } cap[4];
>       unsigned int i;
> +     const struct cred *cred = current_cred();
>  
> -     rcu_read_lock();
> -     cred = __task_cred(current);
>       for (i = 0; i < _KERNEL_CAPABILITY_U32S; i++) {
>               cap[0].cap[i] = cred->cap_inheritable.cap[i];
>               cap[1].cap[i] = cred->cap_permitted.cap[i];
>               cap[2].cap[i] = cred->cap_effective.cap[i];
>               cap[3].cap[i] = cred->cap_bset.cap[i];
>       }
> -     rcu_read_unlock();
>  
>       /* clear unused bits */
>       for (i = 0; i < 4; i++)
> @@ -341,15 +338,8 @@ static int kdbus_meta_append_cgroup(struct kdbus_meta 
> *meta)
>  static int kdbus_meta_append_audit(struct kdbus_meta *meta)
>  {
>       struct kdbus_audit audit;
> -     const struct cred *cred;
> -     uid_t uid;
>  
> -     rcu_read_lock();
> -     cred = __task_cred(current);
> -     uid = from_kuid(cred->user_ns, audit_get_loginuid(current));
> -     rcu_read_unlock();
> -
> -     audit.loginuid = uid;
> +     audit.loginuid = from_kuid(current_user_ns(), 
> audit_get_loginuid(current));
>       audit.sessionid = audit_get_sessionid(current);
>  
>       return kdbus_meta_append_data(meta, KDBUS_ITEM_AUDIT,
> 

_______________________________________________
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Reply via email to