summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2008-11-14 10:38:41 +1100
committerJames Morris <jmorris@namei.org>2008-11-14 10:38:41 +1100
commitb0fafa816ece0080771355de6158b4dfa8531a95 (patch)
treec26b6a2acde2692ab5018752d04c91aca34962c1
parent350b4da71f8326b9319ada7b701f2bce2e1285b7 (diff)
downloadlinux-3.10-b0fafa816ece0080771355de6158b4dfa8531a95.tar.gz
linux-3.10-b0fafa816ece0080771355de6158b4dfa8531a95.tar.bz2
linux-3.10-b0fafa816ece0080771355de6158b4dfa8531a95.zip
CRED: Wrap task credential accesses in the block loopback driver
Wrap access to task credentials so that they can be separated more easily from the task_struct during the introduction of COW creds. Change most current->(|e|s|fs)[ug]id to current_(|e|s|fs)[ug]id(). Change some task->e?[ug]id to task_e?[ug]id(). In some places it makes more sense to use RCU directly rather than a convenient wrapper; these will be addressed by later patches. Signed-off-by: David Howells <dhowells@redhat.com> Reviewed-by: James Morris <jmorris@namei.org> Acked-by: Serge Hallyn <serue@us.ibm.com> Cc: Jens Axboe <axboe@kernel.dk> Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r--drivers/block/loop.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/drivers/block/loop.c b/drivers/block/loop.c
index 5c4ee70d5cf..fb06ed65921 100644
--- a/drivers/block/loop.c
+++ b/drivers/block/loop.c
@@ -936,8 +936,10 @@ loop_set_status(struct loop_device *lo, const struct loop_info64 *info)
{
int err;
struct loop_func_table *xfer;
+ uid_t uid = current_uid();
- if (lo->lo_encrypt_key_size && lo->lo_key_owner != current->uid &&
+ if (lo->lo_encrypt_key_size &&
+ lo->lo_key_owner != uid &&
!capable(CAP_SYS_ADMIN))
return -EPERM;
if (lo->lo_state != Lo_bound)
@@ -992,7 +994,7 @@ loop_set_status(struct loop_device *lo, const struct loop_info64 *info)
if (info->lo_encrypt_key_size) {
memcpy(lo->lo_encrypt_key, info->lo_encrypt_key,
info->lo_encrypt_key_size);
- lo->lo_key_owner = current->uid;
+ lo->lo_key_owner = uid;
}
return 0;