From patchwork Thu Sep 20 01:52:04 2012 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Eric W. Biederman" X-Patchwork-Id: 1482011 Return-Path: X-Original-To: patchwork-ceph-devel@patchwork.kernel.org Delivered-To: patchwork-process-083081@patchwork1.kernel.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by patchwork1.kernel.org (Postfix) with ESMTP id 3E632400EC for ; Thu, 20 Sep 2012 01:53:02 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753506Ab2ITBwz (ORCPT ); Wed, 19 Sep 2012 21:52:55 -0400 Received: from out01.mta.xmission.com ([166.70.13.231]:49293 "EHLO out01.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751601Ab2ITBwv (ORCPT ); Wed, 19 Sep 2012 21:52:51 -0400 Received: from in02.mta.xmission.com ([166.70.13.52]) by out01.mta.xmission.com with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.76) (envelope-from ) id 1TEVwg-0005v2-Np; Wed, 19 Sep 2012 19:52:50 -0600 Received: from [98.207.153.68] (helo=eric-ThinkPad-X220.int.ebiederm.org) by in02.mta.xmission.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from ) id 1TEVwd-0000Kd-JI; Wed, 19 Sep 2012 19:52:50 -0600 From: "Eric W. Biederman" To: Cc: , Serge Hallyn , Linux Containers , linux-security-module@vger.kernel.org, Jan Kara , Dave Chinner , Al Viro , Eric Paris , David Miller , "Eric W. Biederman" , Sage Weil , ceph-devel@vger.kernel.org, David Howells , linux-afs@lists.infradead.org Date: Wed, 19 Sep 2012 18:52:04 -0700 Message-Id: <1348105949-25454-2-git-send-email-ebiederm@xmission.com> X-Mailer: git-send-email 1.7.5.4 In-Reply-To: <1348105949-25454-1-git-send-email-ebiederm@xmission.com> References: <871uhx1n71.fsf@xmission.com> <1348105949-25454-1-git-send-email-ebiederm@xmission.com> X-XM-SPF: eid=; ; ; mid=; ; ; hst=in02.mta.xmission.com; ; ; ip=98.207.153.68; ; ; frm=ebiederm@xmission.com; ; ; spf=neutral X-XM-AID: U2FsdGVkX19z123wTS4SlwGghRGXd5tytN6N5Uf8OwE= X-SA-Exim-Connect-IP: 98.207.153.68 X-SA-Exim-Mail-From: ebiederm@xmission.com X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on sa06.xmission.com X-Spam-Level: **** X-Spam-Status: No, score=4.6 required=8.0 tests=ALL_TRUSTED,BAYES_00, DCC_CHECK_NEGATIVE, T_TM2_M_HEADER_IN_MSG, T_TooManySym_01, T_TooManySym_02, T_XMDrugObfuBody_08, XMNoVowels, XMSubLong, XM_URI_RBL autolearn=disabled version=3.3.2 X-Spam-Report: * 7.0 XM_URI_RBL URI blacklisted in uri.bl.xmission.com * [URIs: infradead.org] * -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP * 1.5 XMNoVowels Alpha-numberic number with no vowels * 0.1 XMSubLong Long Subject * 0.0 T_TM2_M_HEADER_IN_MSG BODY: T_TM2_M_HEADER_IN_MSG * -3.0 BAYES_00 BODY: Bayes spam probability is 0 to 1% * [score: 0.0016] * -0.0 DCC_CHECK_NEGATIVE Not listed in DCC * [sa06 1397; Body=1 Fuz1=1 Fuz2=1] * 0.0 T_TooManySym_01 4+ unique symbols in subject * 0.0 T_XMDrugObfuBody_08 obfuscated drug references * 0.0 T_TooManySym_02 5+ unique symbols in subject X-Spam-DCC: XMission; sa06 1397; Body=1 Fuz1=1 Fuz2=1 X-Spam-Combo: ****; X-Spam-Relay-Country: Subject: [PATCH 02/27] userns: net: Call key_alloc with GLOBAL_ROOT_UID, GLOBAL_ROOT_GID instead of 0, 0 X-Spam-Flag: No X-SA-Exim-Version: 4.2.1 (built Fri, 06 Aug 2010 16:31:04 -0600) X-SA-Exim-Scanned: Yes (on in02.mta.xmission.com) Sender: ceph-devel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: ceph-devel@vger.kernel.org From: "Eric W. Biederman" In net/dns_resolver/dns_key.c and net/rxrpc/ar-key.c make them work with user namespaces enabled where key_alloc takes kuids and kgids. Pass GLOBAL_ROOT_UID and GLOBAL_ROOT_GID instead of bare 0's. Cc: Sage Weil Cc: ceph-devel@vger.kernel.org Cc: David Howells Cc: David Miller Cc: linux-afs@lists.infradead.org Acked-by: Serge Hallyn Signed-off-by: Eric W. Biederman --- init/Kconfig | 2 -- net/dns_resolver/dns_key.c | 3 ++- net/rxrpc/ar-key.c | 6 ++++-- 3 files changed, 6 insertions(+), 5 deletions(-) diff --git a/init/Kconfig b/init/Kconfig index 8dce711..fd8696b 100644 --- a/init/Kconfig +++ b/init/Kconfig @@ -938,8 +938,6 @@ config UIDGID_CONVERTED # Networking depends on NET_9P = n - depends on AF_RXRPC = n - depends on DNS_RESOLVER = n # Filesystems depends on USB_GADGETFS = n diff --git a/net/dns_resolver/dns_key.c b/net/dns_resolver/dns_key.c index d9507dd..9807945 100644 --- a/net/dns_resolver/dns_key.c +++ b/net/dns_resolver/dns_key.c @@ -259,7 +259,8 @@ static int __init init_dns_resolver(void) if (!cred) return -ENOMEM; - keyring = key_alloc(&key_type_keyring, ".dns_resolver", 0, 0, cred, + keyring = key_alloc(&key_type_keyring, ".dns_resolver", + GLOBAL_ROOT_UID, GLOBAL_ROOT_GID, cred, (KEY_POS_ALL & ~KEY_POS_SETATTR) | KEY_USR_VIEW | KEY_USR_READ, KEY_ALLOC_NOT_IN_QUOTA); diff --git a/net/rxrpc/ar-key.c b/net/rxrpc/ar-key.c index 8b1f9f4..011d238 100644 --- a/net/rxrpc/ar-key.c +++ b/net/rxrpc/ar-key.c @@ -948,7 +948,8 @@ int rxrpc_get_server_data_key(struct rxrpc_connection *conn, _enter(""); - key = key_alloc(&key_type_rxrpc, "x", 0, 0, cred, 0, + key = key_alloc(&key_type_rxrpc, "x", + GLOBAL_ROOT_UID, GLOBAL_ROOT_GID, cred, 0, KEY_ALLOC_NOT_IN_QUOTA); if (IS_ERR(key)) { _leave(" = -ENOMEM [alloc %ld]", PTR_ERR(key)); @@ -994,7 +995,8 @@ struct key *rxrpc_get_null_key(const char *keyname) struct key *key; int ret; - key = key_alloc(&key_type_rxrpc, keyname, 0, 0, cred, + key = key_alloc(&key_type_rxrpc, keyname, + GLOBAL_ROOT_UID, GLOBAL_ROOT_GID, cred, KEY_POS_SEARCH, KEY_ALLOC_NOT_IN_QUOTA); if (IS_ERR(key)) return key;