diff options
author | Eric W. Biederman <ebiederm@xmission.com> | 2017-01-02 22:23:11 +0100 |
---|---|---|
committer | Eric W. Biederman <ebiederm@xmission.com> | 2017-01-24 00:03:09 +0100 |
commit | 68eb94f16227336a5773b83ecfa8290f1d6b78ce (patch) | |
tree | 2dfcf480bbfce233747c6d7d40a120850f1256a2 /fs/proc/internal.h | |
parent | exec: Remove LSM_UNSAFE_PTRACE_CAP (diff) | |
download | linux-68eb94f16227336a5773b83ecfa8290f1d6b78ce.tar.xz linux-68eb94f16227336a5773b83ecfa8290f1d6b78ce.zip |
proc: Better ownership of files for non-dumpable tasks in user namespaces
Instead of making the files owned by the GLOBAL_ROOT_USER. Make
non-dumpable files whose mm has always lived in a user namespace owned
by the user namespace root. This allows the container root to have
things work as expected in a container.
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Diffstat (limited to '')
-rw-r--r-- | fs/proc/internal.h | 16 |
1 files changed, 2 insertions, 14 deletions
diff --git a/fs/proc/internal.h b/fs/proc/internal.h index 2de5194ba378..e2c3c461fa20 100644 --- a/fs/proc/internal.h +++ b/fs/proc/internal.h @@ -97,20 +97,8 @@ static inline struct task_struct *get_proc_task(struct inode *inode) return get_pid_task(proc_pid(inode), PIDTYPE_PID); } -static inline int task_dumpable(struct task_struct *task) -{ - int dumpable = 0; - struct mm_struct *mm; - - task_lock(task); - mm = task->mm; - if (mm) - dumpable = get_dumpable(mm); - task_unlock(task); - if (dumpable == SUID_DUMP_USER) - return 1; - return 0; -} +void task_dump_owner(struct task_struct *task, mode_t mode, + kuid_t *ruid, kgid_t *rgid); static inline unsigned name_to_int(const struct qstr *qstr) { |