summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEric W. Biederman <ebiederm@xmission.com>2012-04-23 17:06:34 -0700
committerEric W. Biederman <ebiederm@xmission.com>2012-08-23 22:54:18 -0700
commitc9235f4872e810d43bf1b19b92cdbe0ec282bada (patch)
tree7b83bddcae65527ea9f2995f523866483ea6a678
parentbc45dae323112f2365d7ca307571781163d1bc04 (diff)
userns: Make credential debugging user namespace safe.
Cc: David Howells <dhowells@redhat.com> Acked-by: Serge Hallyn <serge.hallyn@canonical.com> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
-rw-r--r--init/Kconfig1
-rw-r--r--kernel/cred.c10
2 files changed, 8 insertions, 3 deletions
diff --git a/init/Kconfig b/init/Kconfig
index 448b701b172..fdabc5160cd 100644
--- a/init/Kconfig
+++ b/init/Kconfig
@@ -936,7 +936,6 @@ config UIDGID_CONVERTED
depends on FS_POSIX_ACL = n
depends on QUOTA = n
depends on QUOTACTL = n
- depends on DEBUG_CREDENTIALS = n
depends on BSD_PROCESS_ACCT = n
depends on DRM = n
depends on PROC_EVENTS = n
diff --git a/kernel/cred.c b/kernel/cred.c
index de728ac50d8..48cea3da6d0 100644
--- a/kernel/cred.c
+++ b/kernel/cred.c
@@ -799,9 +799,15 @@ static void dump_invalid_creds(const struct cred *cred, const char *label,
atomic_read(&cred->usage),
read_cred_subscribers(cred));
printk(KERN_ERR "CRED: ->*uid = { %d,%d,%d,%d }\n",
- cred->uid, cred->euid, cred->suid, cred->fsuid);
+ from_kuid_munged(&init_user_ns, cred->uid),
+ from_kuid_munged(&init_user_ns, cred->euid),
+ from_kuid_munged(&init_user_ns, cred->suid),
+ from_kuid_munged(&init_user_ns, cred->fsuid));
printk(KERN_ERR "CRED: ->*gid = { %d,%d,%d,%d }\n",
- cred->gid, cred->egid, cred->sgid, cred->fsgid);
+ from_kgid_munged(&init_user_ns, cred->gid),
+ from_kgid_munged(&init_user_ns, cred->egid),
+ from_kgid_munged(&init_user_ns, cred->sgid),
+ from_kgid_munged(&init_user_ns, cred->fsgid));
#ifdef CONFIG_SECURITY
printk(KERN_ERR "CRED: ->security is %p\n", cred->security);
if ((unsigned long) cred->security >= PAGE_SIZE &&