Re: [rfc] fcntl: Add F_GETOWNER_UIDS option

From: Cyrill Gorcunov
Date: Wed Mar 28 2012 - 03:55:52 EST

Next message: Lin Ming: "Re: [PATCH v3 1/7] libata-acpi: set acpi state for SATA port"
Previous message: Gilad Ben-Yossef: "Re: [PATCH 11/32] nohz/cpuset: Don't turn off the tick if rcu needs it"
In reply to: Cyrill Gorcunov: "Re: [rfc] fcntl: Add F_GETOWNER_UIDS option"
Next in thread: Cyrill Gorcunov: "Re: [rfc] fcntl: Add F_GETOWNER_UIDS option"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Mar 28, 2012 at 12:51:02AM -0700, Eric W. Biederman wrote:
> > And we could require for a while that F_GETOWNER_UIDS should be called
> > from initial user namespace only. Then we could extend it for being
> > called from any user-namespace if such need appear. Or I miss
> > something?
>
> Yes. All that is needed in the short term to do this is a Kconfig
> dependency that limits it a kernel with user namespace support not
> built in something like: "depends !USER_NS"
>
> Or a check like:
> if (current_user_ns() != init_user_ns)
> return -EINVAL;
>
> Basically the mapping would ultimately become:
> uid = from_kuid(current_user_ns(), fown->uid);
> euid = from_kuid(current_user_ns(), fown->euid);
>
> The different types allow a compile error if you forget the translation.

OK, thanks for the hint!

Cyrill
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Lin Ming: "Re: [PATCH v3 1/7] libata-acpi: set acpi state for SATA port"
Previous message: Gilad Ben-Yossef: "Re: [PATCH 11/32] nohz/cpuset: Don't turn off the tick if rcu needs it"
In reply to: Cyrill Gorcunov: "Re: [rfc] fcntl: Add F_GETOWNER_UIDS option"
Next in thread: Cyrill Gorcunov: "Re: [rfc] fcntl: Add F_GETOWNER_UIDS option"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]