aboutsummaryrefslogtreecommitdiff
path: root/kernel
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2012-01-03 12:25:15 -0500
committerEric Paris <eparis@redhat.com>2012-01-05 18:52:59 -0500
commitf1c84dae0ecc51aa35c81f19a0ebcd6c0921ddcb (patch)
tree59d729bb7806e42a13f0ec1657c90b717c314002 /kernel
parentd2a7009f0bb03fa22ad08dd25472efa0568126b9 (diff)
capabilities: remove task_ns_* functions
task_ in the front of a function, in the security subsystem anyway, means to me at least, that we are operating with that task as the subject of the security decision. In this case what it means is that we are using current as the subject but we use the task to get the right namespace. Who in the world would ever realize that's what task_ns_capability means just by the name? This patch eliminates the task_ns functions entirely and uses the has_ns_capability function instead. This means we explicitly open code the ns in question in the caller. I think it makes the caller a LOT more clear what is going on. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Serge E. Hallyn <serge.hallyn@canonical.com>
Diffstat (limited to 'kernel')
-rw-r--r--kernel/capability.c14
-rw-r--r--kernel/ptrace.c4
-rw-r--r--kernel/sched.c2
3 files changed, 3 insertions, 17 deletions
diff --git a/kernel/capability.c b/kernel/capability.c
index 47626446c39..74fb3b60304 100644
--- a/kernel/capability.c
+++ b/kernel/capability.c
@@ -409,20 +409,6 @@ bool capable(int cap)
EXPORT_SYMBOL(capable);
/**
- * task_ns_capable - Determine whether current task has a superior
- * capability targeted at a specific task's user namespace.
- * @t: The task whose user namespace is targeted.
- * @cap: The capability in question.
- *
- * Return true if it does, false otherwise.
- */
-bool task_ns_capable(struct task_struct *t, int cap)
-{
- return ns_capable(task_cred_xxx(t, user)->user_ns, cap);
-}
-EXPORT_SYMBOL(task_ns_capable);
-
-/**
* nsown_capable - Check superior capability to one's own user_ns
* @cap: The capability in question
*
diff --git a/kernel/ptrace.c b/kernel/ptrace.c
index a70d2a5d8c7..210bbf045ee 100644
--- a/kernel/ptrace.c
+++ b/kernel/ptrace.c
@@ -196,7 +196,7 @@ ok:
smp_rmb();
if (task->mm)
dumpable = get_dumpable(task->mm);
- if (!dumpable && !task_ns_capable(task, CAP_SYS_PTRACE))
+ if (!dumpable && !ns_capable(task_user_ns(task), CAP_SYS_PTRACE))
return -EPERM;
return security_ptrace_access_check(task, mode);
@@ -266,7 +266,7 @@ static int ptrace_attach(struct task_struct *task, long request,
task->ptrace = PT_PTRACED;
if (seize)
task->ptrace |= PT_SEIZED;
- if (task_ns_capable(task, CAP_SYS_PTRACE))
+ if (ns_capable(task_user_ns(task), CAP_SYS_PTRACE))
task->ptrace |= PT_PTRACE_CAP;
__ptrace_link(task, current);
diff --git a/kernel/sched.c b/kernel/sched.c
index b50b0f0c9aa..5670028a9c1 100644
--- a/kernel/sched.c
+++ b/kernel/sched.c
@@ -5409,7 +5409,7 @@ long sched_setaffinity(pid_t pid, const struct cpumask *in_mask)
goto out_free_cpus_allowed;
}
retval = -EPERM;
- if (!check_same_owner(p) && !task_ns_capable(p, CAP_SYS_NICE))
+ if (!check_same_owner(p) && !ns_capable(task_user_ns(p), CAP_SYS_NICE))
goto out_unlock;
retval = security_task_setscheduler(p);