On Sat, Apr 28, 2018 at 11:23:58PM -0500, Eric W. Biederman wrote:
>
> > + /* fix credentials */
> > + if (owning_user_ns != &init_user_ns) {
> > + struct netlink_skb_parms *parms = &NETLINK_CB(skb);
> > + kuid_t root_uid;
> > + kgid_t root_gid;
> > +
> > + /* fix uid */
> > + root_uid = make_kuid(owning_user_ns, 0);
> > + if (!uid_valid(root_uid))
> > + root_uid = GLOBAL_ROOT_UID;
> > + parms->creds.uid = root_uid;
> > +
> > + /* fix gid */
> > + root_gid = make_kgid(owning_user_ns, 0);
> > + if (!gid_valid(root_gid))
> > + root_gid = GLOBAL_ROOT_GID;
> > + parms->creds.gid = root_gid;
>
> One last nit:
Will add non-functional change and make it a v5 in a few.
Thanks!
Christian
>
> You can only make the assignment if the uid is valid.
> Leaving it GLBOAL_ROOT_UID if the composed uid is invalid.
> AKA
>
> /* fix uid */
> root_uid = make_kuid(owning_user_ns, 0);
> if (uid_valid(root_uid))
> parms->creds.uid = root_uid;
>
> /* fix gid */
> root_gid = make_kgid(owning_user_ns, 0);
> if (gid_valid(root_gid))
> params->creds.gid = root_gid;
>
>
> One line shorter and I think a little clearer. I suspect
> it even results in better code.
>
> Eric
