* [PATCH] security/commoncap: Use current_user_ns()
@ 2020-08-24 12:49 Denis Efremov
0 siblings, 0 replies; only message in thread
From: Denis Efremov @ 2020-08-24 12:49 UTC (permalink / raw)
Cc: Denis Efremov, Serge Hallyn, James Morris, linux-security-module,
linux-kernel
Modify cap_inh_is_capped(), cap_task_prctl() to use current_user_ns().
Signed-off-by: Denis Efremov <efremov@linux.com>
---
security/commoncap.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/security/commoncap.c b/security/commoncap.c
index 59bf3c1674c8..82a61f77c07c 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -220,7 +220,7 @@ static inline int cap_inh_is_capped(void)
/* they are so limited unless the current task has the CAP_SETPCAP
* capability
*/
- if (cap_capable(current_cred(), current_cred()->user_ns,
+ if (cap_capable(current_cred(), current_user_ns(),
CAP_SETPCAP, CAP_OPT_NONE) == 0)
return 0;
return 1;
@@ -1206,7 +1206,7 @@ int cap_task_prctl(int option, unsigned long arg2, unsigned long arg3,
|| ((old->securebits & SECURE_ALL_LOCKS & ~arg2)) /*[2]*/
|| (arg2 & ~(SECURE_ALL_LOCKS | SECURE_ALL_BITS)) /*[3]*/
|| (cap_capable(current_cred(),
- current_cred()->user_ns,
+ current_user_ns(),
CAP_SETPCAP,
CAP_OPT_NONE) != 0) /*[4]*/
/*
--
2.26.2
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2020-08-24 12:50 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-08-24 12:49 [PATCH] security/commoncap: Use current_user_ns() Denis Efremov
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox