diff options
| author | Thomas Gleixner <tglx@linutronix.de> | 2015-01-12 10:51:13 +0100 |
|---|---|---|
| committer | Thomas Gleixner <tglx@linutronix.de> | 2015-01-12 10:51:13 +0100 |
| commit | 2f5eaf66e580f64032b365a00157b6b58c266b37 (patch) | |
| tree | 7852017c864f0eb3833782e2a017952bd8531458 /kernel/groups.c | |
| parent | c291ee622165cb2c8d4e7af63fffd499354a23be (diff) | |
| parent | 91d1179212161f220938198b742c328ad38fd0a3 (diff) | |
Merge tag 'irqchip-urgent-3.19' of git://git.infradead.org/users/jcooper/linux into irq/urgent
irqchip urgent fixes for v3.19 from Jason Cooper
- mtk-sysirq: Fix error handling
- hip04: Fix cpu map for 16bit value
- gic-v3-its: Clear a warning regarding decimal constants
- omap-intc: Fix legacy DMA regression
- atmel-aic-common: Retain priority when changing type
Diffstat (limited to 'kernel/groups.c')
| -rw-r--r-- | kernel/groups.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/kernel/groups.c b/kernel/groups.c index 451698f86cf..664411f171b 100644 --- a/kernel/groups.c +++ b/kernel/groups.c @@ -6,6 +6,7 @@ #include <linux/slab.h> #include <linux/security.h> #include <linux/syscalls.h> +#include <linux/user_namespace.h> #include <asm/uaccess.h> /* init to 2 - one for init_task, one to ensure it is never freed */ @@ -213,6 +214,14 @@ out: return i; } +bool may_setgroups(void) +{ + struct user_namespace *user_ns = current_user_ns(); + + return ns_capable(user_ns, CAP_SETGID) && + userns_may_setgroups(user_ns); +} + /* * SMP: Our groups are copy-on-write. We can set them safely * without another task interfering. @@ -223,7 +232,7 @@ SYSCALL_DEFINE2(setgroups, int, gidsetsize, gid_t __user *, grouplist) struct group_info *group_info; int retval; - if (!ns_capable(current_user_ns(), CAP_SETGID)) + if (!may_setgroups()) return -EPERM; if ((unsigned)gidsetsize > NGROUPS_MAX) return -EINVAL; |