From patchwork Tue Mar 15 12:09:00 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
X-Patchwork-Id: 8587591
Return-Path: <selinux-bounces@tycho.nsa.gov>
X-Original-To: patchwork-selinux@patchwork.kernel.org
Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org
Received: from mail.kernel.org (mail.kernel.org [198.145.29.136])
	by patchwork1.web.kernel.org (Postfix) with ESMTP id AE51E9F6E1
	for <patchwork-selinux@patchwork.kernel.org>;
	Tue, 15 Mar 2016 12:29:43 +0000 (UTC)
Received: from mail.kernel.org (localhost [127.0.0.1])
	by mail.kernel.org (Postfix) with ESMTP id 1FC2C2027D
	for <patchwork-selinux@patchwork.kernel.org>;
	Tue, 15 Mar 2016 12:29:43 +0000 (UTC)
Received: from emvm-gh1-uea08.nsa.gov (emvm-gh1-uea08.nsa.gov [63.239.67.9])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPS id A6B802021B
	for <patchwork-selinux@patchwork.kernel.org>;
	Tue, 15 Mar 2016 12:29:41 +0000 (UTC)
X-TM-IMSS-Message-ID: <9d5680be00104037@nsa.gov>
Received: from tarius.tycho.ncsc.mil ([144.51.242.1]) by nsa.gov
	([10.208.42.193]) with ESMTP (TREND IMSS SMTP Service 7.1) id
	9d5680be00104037 ; Tue, 15 Mar 2016 08:27:45 -0400
Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40])
	by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u2FCQRTi001898;
	Tue, 15 Mar 2016 08:26:57 -0400
Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil
	[144.51.242.1])
	by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id
	u2FCAmUo266548 for <selinux@prometheus.infosec.tycho.ncsc.mil>;
	Tue, 15 Mar 2016 08:10:48 -0400
Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250])
	by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u2FCAlE4030360
	for <selinux@tycho.nsa.gov>; Tue, 15 Mar 2016 08:10:48 -0400
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: 
 A1D4DgBt+udW/xno1sNeGQEBAQESAQGELgEluECEDYYNAoIDAQEBAQEBZYRpAQEEJ1IQGThXBgESiCm9BSqGGo03BY4qiSWOA48BAkSOO2KBNoIyOS6KYwEBAQ
X-IPAS-Result: 
 A1D4DgBt+udW/xno1sNeGQEBAQESAQGELgEluECEDYYNAoIDAQEBAQEBZYRpAQEEJ1IQGThXBgESiCm9BSqGGo03BY4qiSWOA48BAkSOO2KBNoIyOS6KYwEBAQ
X-IronPort-AV: E=Sophos;i="5.24,339,1454994000"; d="scan'208";a="5291650"
Received: from emvm-gh1-uea08.nsa.gov ([10.208.42.193])
	by goalie.tycho.ncsc.mil with ESMTP; 15 Mar 2016 08:10:45 -0400
X-TM-IMSS-Message-ID: <9d46abe200103a8a@nsa.gov>
Received: from relay.sw.ru (mailhub.sw.ru [195.214.232.25]) by nsa.gov
	([10.208.42.193]) with ESMTP (TREND IMSS SMTP Service 7.1;
	TLSv1/SSLv3 DHE-RSA-AES256-SHA (256/256)) id 9d46abe200103a8a ;
	Tue, 15 Mar 2016 08:10:27 -0400
Received: from dhcp-10-30-28-101.sw.ru ([10.30.16.121])
	by relay.sw.ru (8.13.4/8.13.4) with ESMTP id u2FC92u5021475;
	Tue, 15 Mar 2016 15:09:03 +0300 (MSK)
From: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
To: Andy Lutomirski <luto@amacapital.net>,
	Seth Forshee <seth.forshee@canonical.com>,
	"Eric W. Biederman" <ebiederm@xmission.com>, <devel@openvz.org>
Subject: [PATCH] fs: remove excess check for in_userns
Date: Tue, 15 Mar 2016 15:09:00 +0300
Message-Id: <1458043740-14229-1-git-send-email-ptikhomirov@virtuozzo.com>
X-Mailer: git-send-email 1.9.3
In-Reply-To: <1451930639-94331-4-git-send-email-seth.forshee@canonical.com>
References: <1451930639-94331-4-git-send-email-seth.forshee@canonical.com>
X-TM-AS-MML: disable
X-Mailman-Approved-At: Tue, 15 Mar 2016 08:26:27 -0400
X-BeenThere: selinux@tycho.nsa.gov
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: "Security-Enhanced Linux \(SELinux\) mailing list"
	<selinux.tycho.nsa.gov>
List-Post: <mailto:selinux@tycho.nsa.gov>
List-Help: <mailto:selinux-request@tycho.nsa.gov?subject=help>
Cc: Serge Hallyn <serge.hallyn@canonical.com>,
	linux-security-module@vger.kernel.org, linux-mtd@lists.infradead.org,
	Alexander Viro <viro@zeniv.linux.org.uk>, selinux@tycho.nsa.gov,
	linux-fsdevel@vger.kernel.org,
	Konstantin Khorenko <khorenko@virtuozzo.com>,
	Pavel Tikhomirov <ptikhomirov@virtuozzo.com>,
	Pavel Emelyanov <xemul@virtuozzo.com>
MIME-Version: 1.0
Errors-To: selinux-bounces@tycho.nsa.gov
Sender: "Selinux" <selinux-bounces@tycho.nsa.gov>
X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI,
	RP_MATCHES_RCVD,
	UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

If in_userns returns false mnt_may_suid also returns false, and we
will reach second(removed) if-check only in case it does not trigger,
so remove it.

Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
---
 security/commoncap.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/security/commoncap.c b/security/commoncap.c
index ca0c04ae..82f930c 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -445,8 +445,6 @@ static int get_file_caps(struct linux_binprm *bprm, bool *effective, bool *has_c
 
 	if (!mnt_may_suid(bprm->file->f_path.mnt))
 		return 0;
-	if (!in_userns(current_user_ns(), bprm->file->f_path.mnt->mnt_sb->s_user_ns))
-		return 0;
 
 	dentry = dget(bprm->file->f_dentry);