Skip to content

C
criu
Commit bd1451f7 authored by Ruslan Kuprieiev's avatar Ruslan Kuprieiev Committed by Pavel Emelyanov
Browse files
Options

security: rename check_ids to check_uids and drop crid argument, v3 

Currently check_ids is used to check uids only. So lets rename it
and drop crid argument, as we can use cr_uid directly.
Signed-off-by: 's avatarRuslan Kuprieiev <kupruser@gmail.com>
Signed-off-by: 's avatarPavel Emelyanov <xemul@parallels.com>
parent 2b268c6c
Show whitespace changes
Inline Side-by-side
Showing with 6 additions and 6 deletions
security.c
View file @ bd1451f7
......@@ -58,14 +58,14 @@ int restrict_uid(unsigned int uid, unsigned int gid)
return 0;
}
static bool check_ids(unsigned int crid, unsigned int rid, unsigned int eid, unsigned int sid)
static bool check_uids(unsigned int rid, unsigned int eid, unsigned int sid)
{
if (crid == 0)
if (cr_uid == 0)
return true;
if (crid == rid && crid == eid && crid == sid)
if (cr_uid == rid && cr_uid == eid && cr_uid == sid)
return true;
pr_err("UID/GID mismatch %u != (%u,%u,%u)\n", crid, rid, eid, sid);
pr_err("UID mismatch %u != (%u,%u,%u)\n", cr_uid, rid, eid, sid);
return false;
}
......@@ -148,14 +148,14 @@ static bool check_caps(u32 *inh, u32 *eff, u32 *prm)
bool may_dump(struct proc_status_creds *creds)
{
return check_ids(cr_uid, creds->uids[0], creds->uids[1], creds->uids[2]) &&
return check_uids(creds->uids[0], creds->uids[1], creds->uids[2]) &&
check_gids(creds->gids[0], creds->gids[1], creds->gids[2]) &&
check_caps(creds->cap_inh, creds->cap_eff, creds->cap_prm);
}
bool may_restore(CredsEntry *creds)
{
return check_ids(cr_uid, creds->uid, creds->euid, creds->suid) &&
return check_uids(creds->uid, creds->euid, creds->suid) &&
check_gids(creds->gid, creds->egid, creds->sgid) &&
check_groups(creds->groups, creds->n_groups) &&
check_caps(creds->cap_inh, creds->cap_eff, creds->cap_prm);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment