Re: [PATCH 04/13] staging: gasket: core: allow root access based on user namespace

From: Todd Poynor
Date: Mon Jul 30 2018 - 14:02:40 EST

Next message: Andrew Lunn: "Re: [PATCH v2 6/7] net: phy: Add support to configure clock in Broadcom iProc mdio mux"
Previous message: Roman Gushchin: "[PATCH 1/3] mm: introduce mem_cgroup_put() helper"
In reply to: Dmitry Torokhov: "Re: [PATCH 04/13] staging: gasket: core: allow root access based on user namespace"
Next in thread: Todd Poynor: "[PATCH 05/13] staging: gasket: apex: simplify comments for static functions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Dmitry,
On Mon, Jul 30, 2018 at 10:57 AM Dmitry Torokhov <dtor@xxxxxxxxxxxx> wrote:
>
> Hi Todd,
>
> On Sun, Jul 29, 2018 at 12:37 PM Todd Poynor <toddpoynor@xxxxxxxxx> wrote:
> > @@ -1064,7 +1067,8 @@ static int gasket_open(struct inode *inode, struct file *filp)
> > char task_name[TASK_COMM_LEN];
> > struct gasket_cdev_info *dev_info =
> > container_of(inode->i_cdev, struct gasket_cdev_info, cdev);
> > - int is_root = capable(CAP_SYS_ADMIN);
> > + struct pid_namespace *pid_ns = task_active_pid_ns(current);
> > + int is_root = ns_capable(pid_ns->user_ns, CAP_SYS_ADMIN);
>
> ns_capable() returns bool, why did you make is_root an integer?

Gaah, I forgot to change the type of the existing var. Will fix, thanks -- Todd

>
> Thanks,
> Dmitry

Next message: Andrew Lunn: "Re: [PATCH v2 6/7] net: phy: Add support to configure clock in Broadcom iProc mdio mux"
Previous message: Roman Gushchin: "[PATCH 1/3] mm: introduce mem_cgroup_put() helper"
In reply to: Dmitry Torokhov: "Re: [PATCH 04/13] staging: gasket: core: allow root access based on user namespace"
Next in thread: Todd Poynor: "[PATCH 05/13] staging: gasket: apex: simplify comments for static functions"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]