From: Eric W. Biederman <ebiederm@xmission.com>
Date: Mon, 12 Mar 2012 22:48:24 +0000 (-0700)
Subject: userns: Convert the move_pages, and migrate_pages permission checks to use uid_eq
X-Git-Tag: v3.5-rc1~107^2~2
X-Git-Url: http://pileus.org/git/?a=commitdiff_plain;h=b38a86eb196d9402299919456fe3f28e490c76fa;p=~andy%2Flinux

userns: Convert the move_pages, and migrate_pages permission checks to use uid_eq

Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
---

diff --git a/init/Kconfig b/init/Kconfig
index d24cc75caf6..b5dff4d1e1d 100644
--- a/init/Kconfig
+++ b/init/Kconfig
@@ -865,8 +865,6 @@ config UIDGID_CONVERTED
 
 	# List of kernel pieces that need user namespace work
 	# Features
-	depends on MIGRATION = n
-	depends on NUMA = n
 	depends on SYSVIPC = n
 	depends on IMA = n
 	depends on EVM = n
diff --git a/mm/mempolicy.c b/mm/mempolicy.c
index cfb6c867875..7b44fc8ec99 100644
--- a/mm/mempolicy.c
+++ b/mm/mempolicy.c
@@ -1334,8 +1334,8 @@ SYSCALL_DEFINE4(migrate_pages, pid_t, pid, unsigned long, maxnode,
 	 * userid as the target process.
 	 */
 	tcred = __task_cred(task);
-	if (cred->euid != tcred->suid && cred->euid != tcred->uid &&
-	    cred->uid  != tcred->suid && cred->uid  != tcred->uid &&
+	if (!uid_eq(cred->euid, tcred->suid) && !uid_eq(cred->euid, tcred->uid) &&
+	    !uid_eq(cred->uid,  tcred->suid) && !uid_eq(cred->uid,  tcred->uid) &&
 	    !capable(CAP_SYS_NICE)) {
 		rcu_read_unlock();
 		err = -EPERM;
diff --git a/mm/migrate.c b/mm/migrate.c
index 51c08a0c6f6..1cf5252c3b9 100644
--- a/mm/migrate.c
+++ b/mm/migrate.c
@@ -1371,8 +1371,8 @@ SYSCALL_DEFINE6(move_pages, pid_t, pid, unsigned long, nr_pages,
 	 * userid as the target process.
 	 */
 	tcred = __task_cred(task);
-	if (cred->euid != tcred->suid && cred->euid != tcred->uid &&
-	    cred->uid  != tcred->suid && cred->uid  != tcred->uid &&
+	if (!uid_eq(cred->euid, tcred->suid) && !uid_eq(cred->euid, tcred->uid) &&
+	    !uid_eq(cred->uid,  tcred->suid) && !uid_eq(cred->uid,  tcred->uid) &&
 	    !capable(CAP_SYS_NICE)) {
 		rcu_read_unlock();
 		err = -EPERM;