diff options
author | David Howells <dhowells@redhat.com> | 2008-11-14 10:38:41 +1100 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2008-11-14 10:38:41 +1100 |
commit | b0fafa816ece0080771355de6158b4dfa8531a95 (patch) | |
tree | c26b6a2acde2692ab5018752d04c91aca34962c1 | |
parent | 350b4da71f8326b9319ada7b701f2bce2e1285b7 (diff) | |
download | linux-3.10-b0fafa816ece0080771355de6158b4dfa8531a95.tar.gz linux-3.10-b0fafa816ece0080771355de6158b4dfa8531a95.tar.bz2 linux-3.10-b0fafa816ece0080771355de6158b4dfa8531a95.zip |
CRED: Wrap task credential accesses in the block loopback driver
Wrap access to task credentials so that they can be separated more easily from
the task_struct during the introduction of COW creds.
Change most current->(|e|s|fs)[ug]id to current_(|e|s|fs)[ug]id().
Change some task->e?[ug]id to task_e?[ug]id(). In some places it makes more
sense to use RCU directly rather than a convenient wrapper; these will be
addressed by later patches.
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: James Morris <jmorris@namei.org>
Acked-by: Serge Hallyn <serue@us.ibm.com>
Cc: Jens Axboe <axboe@kernel.dk>
Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r-- | drivers/block/loop.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/drivers/block/loop.c b/drivers/block/loop.c index 5c4ee70d5cf..fb06ed65921 100644 --- a/drivers/block/loop.c +++ b/drivers/block/loop.c @@ -936,8 +936,10 @@ loop_set_status(struct loop_device *lo, const struct loop_info64 *info) { int err; struct loop_func_table *xfer; + uid_t uid = current_uid(); - if (lo->lo_encrypt_key_size && lo->lo_key_owner != current->uid && + if (lo->lo_encrypt_key_size && + lo->lo_key_owner != uid && !capable(CAP_SYS_ADMIN)) return -EPERM; if (lo->lo_state != Lo_bound) @@ -992,7 +994,7 @@ loop_set_status(struct loop_device *lo, const struct loop_info64 *info) if (info->lo_encrypt_key_size) { memcpy(lo->lo_encrypt_key, info->lo_encrypt_key, info->lo_encrypt_key_size); - lo->lo_key_owner = current->uid; + lo->lo_key_owner = uid; } return 0; |