Skip to content

C
criu
Commit bd1451f7 authored by Ruslan Kuprieiev's avatar Ruslan Kuprieiev Committed by Pavel Emelyanov
Browse files
Options

security: rename check_ids to check_uids and drop crid argument, v3 

Currently check_ids is used to check uids only. So lets rename it
and drop crid argument, as we can use cr_uid directly.
Signed-off-by: 's avatarRuslan Kuprieiev <kupruser@gmail.com>
Signed-off-by: 's avatarPavel Emelyanov <xemul@parallels.com>
parent 2b268c6c
Hide whitespace changes
Inline Side-by-side
Showing with 6 additions and 6 deletions
security.c
View file @ bd1451f7
...@@ -58,14 +58,14 @@ int restrict_uid(unsigned int uid, unsigned int gid) ...@@ -58,14 +58,14 @@ int restrict_uid(unsigned int uid, unsigned int gid)
return 0; return 0;
} }
static bool check_ids(unsigned int crid, unsigned int rid, unsigned int eid, unsigned int sid) static bool check_uids(unsigned int rid, unsigned int eid, unsigned int sid)
{ {
if (crid == 0) if (cr_uid == 0)
return true; return true;
if (crid == rid && crid == eid && crid == sid) if (cr_uid == rid && cr_uid == eid && cr_uid == sid)
return true; return true;
pr_err("UID/GID mismatch %u != (%u,%u,%u)\n", crid, rid, eid, sid); pr_err("UID mismatch %u != (%u,%u,%u)\n", cr_uid, rid, eid, sid);
return false; return false;
} }
...@@ -148,14 +148,14 @@ static bool check_caps(u32 *inh, u32 *eff, u32 *prm) ...@@ -148,14 +148,14 @@ static bool check_caps(u32 *inh, u32 *eff, u32 *prm)
bool may_dump(struct proc_status_creds *creds) bool may_dump(struct proc_status_creds *creds)
{ {
return check_ids(cr_uid, creds->uids[0], creds->uids[1], creds->uids[2]) && return check_uids(creds->uids[0], creds->uids[1], creds->uids[2]) &&
check_gids(creds->gids[0], creds->gids[1], creds->gids[2]) && check_gids(creds->gids[0], creds->gids[1], creds->gids[2]) &&
check_caps(creds->cap_inh, creds->cap_eff, creds->cap_prm); check_caps(creds->cap_inh, creds->cap_eff, creds->cap_prm);
} }
bool may_restore(CredsEntry *creds) bool may_restore(CredsEntry *creds)
{ {
return check_ids(cr_uid, creds->uid, creds->euid, creds->suid) && return check_uids(creds->uid, creds->euid, creds->suid) &&
check_gids(creds->gid, creds->egid, creds->sgid) && check_gids(creds->gid, creds->egid, creds->sgid) &&
check_groups(creds->groups, creds->n_groups) && check_groups(creds->groups, creds->n_groups) &&
check_caps(creds->cap_inh, creds->cap_eff, creds->cap_prm); check_caps(creds->cap_inh, creds->cap_eff, creds->cap_prm);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment