Commit c9235f48 authored by Eric W. Biederman's avatar Eric W. Biederman

userns: Make credential debugging user namespace safe.

Cc: David Howells <dhowells@redhat.com>
Acked-by: default avatarSerge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: default avatarEric W. Biederman <ebiederm@xmission.com>
parent bc45dae3
...@@ -936,7 +936,6 @@ config UIDGID_CONVERTED ...@@ -936,7 +936,6 @@ config UIDGID_CONVERTED
depends on FS_POSIX_ACL = n depends on FS_POSIX_ACL = n
depends on QUOTA = n depends on QUOTA = n
depends on QUOTACTL = n depends on QUOTACTL = n
depends on DEBUG_CREDENTIALS = n
depends on BSD_PROCESS_ACCT = n depends on BSD_PROCESS_ACCT = n
depends on DRM = n depends on DRM = n
depends on PROC_EVENTS = n depends on PROC_EVENTS = n
......
...@@ -799,9 +799,15 @@ static void dump_invalid_creds(const struct cred *cred, const char *label, ...@@ -799,9 +799,15 @@ static void dump_invalid_creds(const struct cred *cred, const char *label,
atomic_read(&cred->usage), atomic_read(&cred->usage),
read_cred_subscribers(cred)); read_cred_subscribers(cred));
printk(KERN_ERR "CRED: ->*uid = { %d,%d,%d,%d }\n", printk(KERN_ERR "CRED: ->*uid = { %d,%d,%d,%d }\n",
cred->uid, cred->euid, cred->suid, cred->fsuid); from_kuid_munged(&init_user_ns, cred->uid),
from_kuid_munged(&init_user_ns, cred->euid),
from_kuid_munged(&init_user_ns, cred->suid),
from_kuid_munged(&init_user_ns, cred->fsuid));
printk(KERN_ERR "CRED: ->*gid = { %d,%d,%d,%d }\n", printk(KERN_ERR "CRED: ->*gid = { %d,%d,%d,%d }\n",
cred->gid, cred->egid, cred->sgid, cred->fsgid); from_kgid_munged(&init_user_ns, cred->gid),
from_kgid_munged(&init_user_ns, cred->egid),
from_kgid_munged(&init_user_ns, cred->sgid),
from_kgid_munged(&init_user_ns, cred->fsgid));
#ifdef CONFIG_SECURITY #ifdef CONFIG_SECURITY
printk(KERN_ERR "CRED: ->security is %p\n", cred->security); printk(KERN_ERR "CRED: ->security is %p\n", cred->security);
if ((unsigned long) cred->security >= PAGE_SIZE && if ((unsigned long) cred->security >= PAGE_SIZE &&
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment