[systemd-devel] [PATCH] metadata: use the subjective cred of current
Djalal Harouni
tixxdz at opendz.org
Sun Mar 2 13:11:05 PST 2014
In kdbus_meta_append_*() we want to get the subjective context, so
instead of using __task_cred() which reference the objective cred,
use current_cred() to access the subjective cred.
Signed-off-by: Djalal Harouni <tixxdz at opendz.org>
---
Compile tested and make check
metadata.c | 14 ++------------
1 file changed, 2 insertions(+), 12 deletions(-)
diff --git a/metadata.c b/metadata.c
index df05b43..75fc819 100644
--- a/metadata.c
+++ b/metadata.c
@@ -292,21 +292,18 @@ static int kdbus_meta_append_cmdline(struct kdbus_meta *meta)
static int kdbus_meta_append_caps(struct kdbus_meta *meta)
{
- const struct cred *cred;
struct caps {
u32 cap[_KERNEL_CAPABILITY_U32S];
} cap[4];
unsigned int i;
+ const struct cred *cred = current_cred();
- rcu_read_lock();
- cred = __task_cred(current);
for (i = 0; i < _KERNEL_CAPABILITY_U32S; i++) {
cap[0].cap[i] = cred->cap_inheritable.cap[i];
cap[1].cap[i] = cred->cap_permitted.cap[i];
cap[2].cap[i] = cred->cap_effective.cap[i];
cap[3].cap[i] = cred->cap_bset.cap[i];
}
- rcu_read_unlock();
/* clear unused bits */
for (i = 0; i < 4; i++)
@@ -341,15 +338,8 @@ static int kdbus_meta_append_cgroup(struct kdbus_meta *meta)
static int kdbus_meta_append_audit(struct kdbus_meta *meta)
{
struct kdbus_audit audit;
- const struct cred *cred;
- uid_t uid;
- rcu_read_lock();
- cred = __task_cred(current);
- uid = from_kuid(cred->user_ns, audit_get_loginuid(current));
- rcu_read_unlock();
-
- audit.loginuid = uid;
+ audit.loginuid = from_kuid(current_user_ns(), audit_get_loginuid(current));
audit.sessionid = audit_get_sessionid(current);
return kdbus_meta_append_data(meta, KDBUS_ITEM_AUDIT,
--
1.8.5.3
More information about the systemd-devel
mailing list