userns: Disassociate user_struct from the user_namespace.

[linux-3.10.git] / kernel / sys.c

diff --git a/kernel/sys.c b/kernel/sys.c
index 82d8714bbedecb8bb3c0063c33fdd271ed1f2462..f0c43b4b6657eeb0ddc11b93fc3795f110e84f73 100644 (file)
--- a/kernel/sys.c
+++ b/kernel/sys.c
@@ -93,10 +93,8 @@
 int overflowuid = DEFAULT_OVERFLOWUID;
 int overflowgid = DEFAULT_OVERFLOWGID;
 
-#ifdef CONFIG_UID16
 EXPORT_SYMBOL(overflowuid);
 EXPORT_SYMBOL(overflowgid);
-#endif
 
 /*
  * the same as above, but for filesystems which can only store a 16-bit
@@ -177,6 +175,8 @@ SYSCALL_DEFINE3(setpriority, int, which, int, who, int, niceval)
        const struct cred *cred = current_cred();
        int error = -EINVAL;
        struct pid *pgrp;
+       kuid_t cred_uid;
+       kuid_t uid;
 
        if (which > PRIO_USER || which < PRIO_PROCESS)
                goto out;
@@ -209,18 +209,22 @@ SYSCALL_DEFINE3(setpriority, int, which, int, who, int, niceval)
                        } while_each_pid_thread(pgrp, PIDTYPE_PGID, p);
                        break;
                case PRIO_USER:
+                       cred_uid = make_kuid(cred->user_ns, cred->uid);
+                       uid = make_kuid(cred->user_ns, who);
                        user = cred->user;
                        if (!who)
-                               who = cred->uid;
-                       else if ((who != cred->uid) &&
-                                !(user = find_user(who)))
+                               uid = cred_uid;
+                       else if (!uid_eq(uid, cred_uid) &&
+                                !(user = find_user(uid)))
                                goto out_unlock;        /* No processes for this user */
 
                        do_each_thread(g, p) {
-                               if (__task_cred(p)->uid == who)
+                               const struct cred *tcred = __task_cred(p);
+                               kuid_t tcred_uid = make_kuid(tcred->user_ns, tcred->uid);
+                               if (uid_eq(tcred_uid, uid))
                                        error = set_one_prio(p, niceval, error);
                        } while_each_thread(g, p);
-                       if (who != cred->uid)
+                       if (!uid_eq(uid, cred_uid))
                                free_uid(user);         /* For find_user() */
                        break;
        }
@@ -244,6 +248,8 @@ SYSCALL_DEFINE2(getpriority, int, which, int, who)
        const struct cred *cred = current_cred();
        long niceval, retval = -ESRCH;
        struct pid *pgrp;
+       kuid_t cred_uid;
+       kuid_t uid;
 
        if (which > PRIO_USER || which < PRIO_PROCESS)
                return -EINVAL;
@@ -274,21 +280,25 @@ SYSCALL_DEFINE2(getpriority, int, which, int, who)
                        } while_each_pid_thread(pgrp, PIDTYPE_PGID, p);
                        break;
                case PRIO_USER:
+                       cred_uid = make_kuid(cred->user_ns, cred->uid);
+                       uid = make_kuid(cred->user_ns, who);
                        user = cred->user;
                        if (!who)
-                               who = cred->uid;
-                       else if ((who != cred->uid) &&
-                                !(user = find_user(who)))
+                               uid = cred_uid;
+                       else if (!uid_eq(uid, cred_uid) &&
+                                !(user = find_user(uid)))
                                goto out_unlock;        /* No processes for this user */
 
                        do_each_thread(g, p) {
-                               if (__task_cred(p)->uid == who) {
+                               const struct cred *tcred = __task_cred(p);
+                               kuid_t tcred_uid = make_kuid(tcred->user_ns, tcred->uid);
+                               if (uid_eq(tcred_uid, uid)) {
                                        niceval = 20 - task_nice(p);
                                        if (niceval > retval)
                                                retval = niceval;
                                }
                        } while_each_thread(g, p);
-                       if (who != cred->uid)
+                       if (!uid_eq(uid, cred_uid))
                                free_uid(user);         /* for find_user() */
                        break;
        }
@@ -631,7 +641,7 @@ static int set_user(struct cred *new)
 {
        struct user_struct *new_user;
 
-       new_user = alloc_uid(current_user_ns(), new->uid);
+       new_user = alloc_uid(make_kuid(new->user_ns, new->uid));
        if (!new_user)
                return -EAGAIN;