Commit 3263245de48344ad7bdd0e7256bf1606d2592f88

Authored by Serge E. Hallyn
Committed by Linus Torvalds
1 parent 8409cca705

userns: make has_capability* into real functions

So we can let type safety keep things sane, and as a bonus we can remove
the declaration of init_user_ns in capability.h.

Signed-off-by: Serge E. Hallyn <serge.hallyn@canonical.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Daniel Lezcano <daniel.lezcano@free.fr>
Cc: David Howells <dhowells@redhat.com>
Cc: James Morris <jmorris@namei.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

Showing 2 changed files with 58 additions and 30 deletions Side-by-side Diff

include/linux/capability.h
... ... @@ -371,8 +371,6 @@
371 371 struct dentry;
372 372 struct user_namespace;
373 373  
374   -extern struct user_namespace init_user_ns;
375   -
376 374 struct user_namespace *current_user_ns(void);
377 375  
378 376 extern const kernel_cap_t __cap_empty_set;
... ... @@ -541,34 +539,10 @@
541 539 cap_intersect(permitted, __cap_nfsd_set));
542 540 }
543 541  
544   -/**
545   - * has_capability - Determine if a task has a superior capability available
546   - * @t: The task in question
547   - * @cap: The capability to be tested for
548   - *
549   - * Return true if the specified task has the given superior capability
550   - * currently in effect, false if not.
551   - *
552   - * Note that this does not set PF_SUPERPRIV on the task.
553   - */
554   -#define has_capability(t, cap) (security_real_capable((t), &init_user_ns, (cap)) == 0)
555   -
556   -#define has_ns_capability(t, ns, cap) (security_real_capable((t), (ns), (cap)) == 0)
557   -
558   -/**
559   - * has_capability_noaudit - Determine if a task has a superior capability available (unaudited)
560   - * @t: The task in question
561   - * @cap: The capability to be tested for
562   - *
563   - * Return true if the specified task has the given superior capability
564   - * currently in effect, false if not, but don't write an audit message for the
565   - * check.
566   - *
567   - * Note that this does not set PF_SUPERPRIV on the task.
568   - */
569   -#define has_capability_noaudit(t, cap) \
570   - (security_real_capable_noaudit((t), &init_user_ns, (cap)) == 0)
571   -
  542 +extern bool has_capability(struct task_struct *t, int cap);
  543 +extern bool has_ns_capability(struct task_struct *t,
  544 + struct user_namespace *ns, int cap);
  545 +extern bool has_capability_noaudit(struct task_struct *t, int cap);
572 546 extern bool capable(int cap);
573 547 extern bool ns_capable(struct user_namespace *ns, int cap);
574 548 extern bool task_ns_capable(struct task_struct *t, int cap);
... ... @@ -291,6 +291,60 @@
291 291 }
292 292  
293 293 /**
  294 + * has_capability - Does a task have a capability in init_user_ns
  295 + * @t: The task in question
  296 + * @cap: The capability to be tested for
  297 + *
  298 + * Return true if the specified task has the given superior capability
  299 + * currently in effect to the initial user namespace, false if not.
  300 + *
  301 + * Note that this does not set PF_SUPERPRIV on the task.
  302 + */
  303 +bool has_capability(struct task_struct *t, int cap)
  304 +{
  305 + int ret = security_real_capable(t, &init_user_ns, cap);
  306 +
  307 + return (ret == 0);
  308 +}
  309 +
  310 +/**
  311 + * has_capability - Does a task have a capability in a specific user ns
  312 + * @t: The task in question
  313 + * @ns: target user namespace
  314 + * @cap: The capability to be tested for
  315 + *
  316 + * Return true if the specified task has the given superior capability
  317 + * currently in effect to the specified user namespace, false if not.
  318 + *
  319 + * Note that this does not set PF_SUPERPRIV on the task.
  320 + */
  321 +bool has_ns_capability(struct task_struct *t,
  322 + struct user_namespace *ns, int cap)
  323 +{
  324 + int ret = security_real_capable(t, ns, cap);
  325 +
  326 + return (ret == 0);
  327 +}
  328 +
  329 +/**
  330 + * has_capability_noaudit - Does a task have a capability (unaudited)
  331 + * @t: The task in question
  332 + * @cap: The capability to be tested for
  333 + *
  334 + * Return true if the specified task has the given superior capability
  335 + * currently in effect to init_user_ns, false if not. Don't write an
  336 + * audit message for the check.
  337 + *
  338 + * Note that this does not set PF_SUPERPRIV on the task.
  339 + */
  340 +bool has_capability_noaudit(struct task_struct *t, int cap)
  341 +{
  342 + int ret = security_real_capable_noaudit(t, &init_user_ns, cap);
  343 +
  344 + return (ret == 0);
  345 +}
  346 +
  347 +/**
294 348 * capable - Determine if the current task has a superior capability in effect
295 349 * @cap: The capability to be tested for
296 350 *