diff options
author | Mauro Carvalho Chehab <mchehab@redhat.com> | 2013-04-30 09:00:33 -0300 |
---|---|---|
committer | Mauro Carvalho Chehab <mchehab@redhat.com> | 2013-04-30 09:00:33 -0300 |
commit | aad797c89903d570c17f6affc770eb98afd74e62 (patch) | |
tree | bddefd4242b0efba1068b5260f831c2697ba4037 /net/core/scm.c | |
parent | c95789ecd5a979fd718ae09763df3fa50dd97a91 (diff) | |
parent | c1be5a5b1b355d40e6cf79cc979eb66dafa24ad1 (diff) |
Merge tag 'v3.9' into v4l_for_linus
Linux 3.9
* tag 'v3.9': (1099 commits)
Linux 3.9
vm: add no-mmu vm_iomap_memory() stub
efivars: only check for duplicates on the registered list
TTY: fix atime/mtime regression
aio: fix possible invalid memory access when DEBUG is enabled
parisc: use spin_lock_irqsave/spin_unlock_irqrestore for PTE updates
parisc: disable -mlong-calls compiler option for kernel modules
parisc: uaccess: fix compiler warnings caused by __put_user casting
parisc: Change kunmap macro to static inline function
parisc: Provide __ucmpdi2 to resolve undefined references in 32 bit builds.
sparc64: Fix missing put_cpu_var() in tlb_batch_add_one() when not batching.
Revert "gpio: pxa: set initcall level to module init"
efi: Check EFI revision in setup_efi_vars
x86, efi: Fix a build warning
Revert "MIPS: page.h: Provide more readable definition for PAGE_MASK."
kernel/hz.bc: ignore.
Linux 3.9-rc8
events: Protect access via task_subsys_state_check()
net: fix incorrect credentials passing
x86, microcode: Verify the family before dispatching microcode patching
...
Diffstat (limited to 'net/core/scm.c')
-rw-r--r-- | net/core/scm.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/net/core/scm.c b/net/core/scm.c index 905dcc6ad1e3..2dc6cdaaae8a 100644 --- a/net/core/scm.c +++ b/net/core/scm.c @@ -24,6 +24,7 @@ #include <linux/interrupt.h> #include <linux/netdevice.h> #include <linux/security.h> +#include <linux/pid_namespace.h> #include <linux/pid.h> #include <linux/nsproxy.h> #include <linux/slab.h> @@ -52,7 +53,8 @@ static __inline__ int scm_check_creds(struct ucred *creds) if (!uid_valid(uid) || !gid_valid(gid)) return -EINVAL; - if ((creds->pid == task_tgid_vnr(current) || nsown_capable(CAP_SYS_ADMIN)) && + if ((creds->pid == task_tgid_vnr(current) || + ns_capable(current->nsproxy->pid_ns->user_ns, CAP_SYS_ADMIN)) && ((uid_eq(uid, cred->uid) || uid_eq(uid, cred->euid) || uid_eq(uid, cred->suid)) || nsown_capable(CAP_SETUID)) && ((gid_eq(gid, cred->gid) || gid_eq(gid, cred->egid) || |