Quoting Eric W. Beiderman (ebiederm@xxxxxxxxxxxx): > From: Eric W. Biederman <ebiederm@xxxxxxxxxxxx> > > Signed-off-by: Eric W. Biederman <ebiederm@xxxxxxxxxxxx> Acked-by: Serge Hallyn <serge.hallyn@xxxxxxxxxxxxx> > --- > include/linux/cred.h | 4 ++-- > kernel/groups.c | 14 ++++++-------- > 2 files changed, 8 insertions(+), 10 deletions(-) > > diff --git a/include/linux/cred.h b/include/linux/cred.h > index fac0579..917dc5a 100644 > --- a/include/linux/cred.h > +++ b/include/linux/cred.h > @@ -73,8 +73,8 @@ extern int groups_search(const struct group_info *, kgid_t); > #define GROUP_AT(gi, i) \ > ((gi)->blocks[(i) / NGROUPS_PER_BLOCK][(i) % NGROUPS_PER_BLOCK]) > > -extern int in_group_p(gid_t); > -extern int in_egroup_p(gid_t); > +extern int in_group_p(kgid_t); > +extern int in_egroup_p(kgid_t); > > /* > * The common credentials for a thread group > diff --git a/kernel/groups.c b/kernel/groups.c > index 84156f2..6b2588d 100644 > --- a/kernel/groups.c > +++ b/kernel/groups.c > @@ -256,27 +256,25 @@ SYSCALL_DEFINE2(setgroups, int, gidsetsize, gid_t __user *, grouplist) > /* > * Check whether we're fsgid/egid or in the supplemental group.. > */ > -int in_group_p(gid_t grp) > +int in_group_p(kgid_t grp) > { > const struct cred *cred = current_cred(); > int retval = 1; > > - if (grp != cred->fsgid) > - retval = groups_search(cred->group_info, > - make_kgid(cred->user_ns, grp)); > + if (!gid_eq(grp, cred->fsgid)) > + retval = groups_search(cred->group_info, grp); > return retval; > } > > EXPORT_SYMBOL(in_group_p); > > -int in_egroup_p(gid_t grp) > +int in_egroup_p(kgid_t grp) > { > const struct cred *cred = current_cred(); > int retval = 1; > > - if (grp != cred->egid) > - retval = groups_search(cred->group_info, > - make_kgid(cred->user_ns, grp)); > + if (!gid_eq(grp, cred->egid)) > + retval = groups_search(cred->group_info, grp); > return retval; > } > > -- > 1.7.2.5 > > _______________________________________________ > Containers mailing list > Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx > https://lists.linuxfoundation.org/mailman/listinfo/containers _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/containers