From: Serge E. Hallyn <serue at us.ibm.com> Subject: [PATCH 1/3] uidns: improve name of tsk_mnt_same_uid The helper compares uidns, not uid, so change the name to tsk_mnt_same_uidns. Also comment the behavior above the helper. Signed-off-by: Serge E. Hallyn <serue at us.ibm.com> --- fs/namei.c | 4 ++-- include/linux/sched.h | 9 ++++++++- 2 files changed, 10 insertions(+), 3 deletions(-) diff --git a/fs/namei.c b/fs/namei.c index ab59efe..6c207f1 100644 --- a/fs/namei.c +++ b/fs/namei.c @@ -246,7 +246,7 @@ int permission(struct inode *inode, int return -EACCES; } - if (nd && !task_mnt_same_uid(current, nd->mnt)) + if (nd && !task_mnt_same_uidns(current, nd->mnt)) return -EACCES; /* @@ -435,7 +435,7 @@ static int exec_permission_lite(struct i { umode_t mode = inode->i_mode; - if (!task_mnt_same_uid(current, nd->mnt)) + if (!task_mnt_same_uidns(current, nd->mnt)) return -EACCES; if (inode->i_op && inode->i_op->permission) return -EAGAIN; diff --git a/include/linux/sched.h b/include/linux/sched.h index cd31763..a4b5c77 100644 --- a/include/linux/sched.h +++ b/include/linux/sched.h @@ -1591,7 +1591,14 @@ extern int cond_resched(void); extern int cond_resched_lock(spinlock_t * lock); extern int cond_resched_softirq(void); -static inline int task_mnt_same_uid(struct task_struct *tsk, +/* + * Check whether a task and a vfsmnt belong to the same uidns. + * Since the initial namespace is exempt from these checks, + * return 1 if so. Also return 1 if the vfsmnt is exempt from + * such checking. Otherwise, if the uid namespaces are different, + * return 0. + */ +static inline int task_mnt_same_uidns(struct task_struct *tsk, struct vfsmount *mnt) { if (tsk->nsproxy == init_task.nsproxy) -- 1.4.1