* [PATCH] userns: fix return value in map_write
@ 2012-10-10 3:57 Gao feng
[not found] ` <1349841475-19806-1-git-send-email-gaofeng-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org>
0 siblings, 1 reply; 3+ messages in thread
From: Gao feng @ 2012-10-10 3:57 UTC (permalink / raw)
To: ebiederm-aS9lmoZGLiVWk0Htik3J/w
Cc: containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA
If the map is already set,we should return -EINVAL.
Signed-off-by: Gao feng <gaofeng-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org>
---
kernel/user_namespace.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
index 054471d..0231f87 100644
--- a/kernel/user_namespace.c
+++ b/kernel/user_namespace.c
@@ -560,11 +560,11 @@ static ssize_t map_write(struct file *file, const char __user *buf,
*/
mutex_lock(&id_map_mutex);
- ret = -EPERM;
/* Only allow one successful write to the map */
if (map->nr_extents != 0)
goto out;
+ ret = -EPERM;
/* Require the appropriate privilege CAP_SETUID or CAP_SETGID
* over the user namespace in order to set the id mapping.
*/
--
1.7.7.6
^ permalink raw reply related [flat|nested] 3+ messages in thread[parent not found: <1349841475-19806-1-git-send-email-gaofeng-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org>]
* Re: [PATCH] userns: fix return value in map_write [not found] ` <1349841475-19806-1-git-send-email-gaofeng-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org> @ 2012-10-10 4:06 ` Eric W. Biederman [not found] ` <87ipajynr1.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org> 0 siblings, 1 reply; 3+ messages in thread From: Eric W. Biederman @ 2012-10-10 4:06 UTC (permalink / raw) To: Gao feng; +Cc: containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA Gao feng <gaofeng-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org> writes: > If the map is already set,we should return -EINVAL. What makes -EINVAL a better return code? Eric ^ permalink raw reply [flat|nested] 3+ messages in thread
[parent not found: <87ipajynr1.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>]
* Re: [PATCH] userns: fix return value in map_write [not found] ` <87ipajynr1.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org> @ 2012-10-10 4:28 ` Gao feng 0 siblings, 0 replies; 3+ messages in thread From: Gao feng @ 2012-10-10 4:28 UTC (permalink / raw) To: Eric W. Biederman; +Cc: containers-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA 于 2012年10月10日 12:06, Eric W. Biederman 写道: > Gao feng <gaofeng@cn.fujitsu.com> writes: > >> If the map is already set,we should return -EINVAL. > > What makes -EINVAL a better return code? > It shouldn't be -EPERM,this will cause user confused. The first time to write to the uid_map file is success, and the second time,kernel will return -EPERM.actually the user has right to write to the uid_map. And if you think -EPERM is better,it's not necessary to initialize the value of ret.because we set it to -EPERM after we get mutex lock id_map_mutex. _______________________________________________ Containers mailing list Containers@lists.linux-foundation.org https://lists.linuxfoundation.org/mailman/listinfo/containers ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2012-10-10 4:28 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2012-10-10 3:57 [PATCH] userns: fix return value in map_write Gao feng
[not found] ` <1349841475-19806-1-git-send-email-gaofeng-BthXqXjhjHXQFUHtdCDX3A@public.gmane.org>
2012-10-10 4:06 ` Eric W. Biederman
[not found] ` <87ipajynr1.fsf-aS9lmoZGLiVWk0Htik3J/w@public.gmane.org>
2012-10-10 4:28 ` Gao feng
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.