policy: kdbus_policy_check_own_access() returns 0 on success not true

kdbus_policy_check_own_access() returns 0 if access is granted,
otherwise a negative errno.

So fix this by returning 0. We did not hit this since callers were
checking negative values for errors.

Signed-off-by: Djalal Harouni <tixxdz@opendz.org>

diff --git a/policy.c b/policy.c
index 20188c99705da58ed2b4ddfe155a519b9f4b15b3..e7e5ed9ec77b6fdc25c87f6485d1bc1c39bb2718 100644 (file)
--- a/policy.c
+++ b/policy.c
@@ -231,7 +231,7 @@ static int kdbus_policy_check_access(const struct kdbus_policy_db_entry *e,
  * @conn:      The connection to check
  * @name:      The name to check
  *
- * Return: t0 if the connection is allowed to own the name, -EPERM otherwise
+ * Return: 0 if the connection is allowed to own the name, -EPERM otherwise
  */
 int kdbus_policy_check_own_access(struct kdbus_policy_db *db,
                                  const struct kdbus_conn *conn,
@@ -307,8 +307,17 @@ int kdbus_policy_check_talk_access(struct kdbus_policy_db *db,
        unsigned int hash = 0;
        int ret;
 
+       /*
+        * user->uid maps to a fsuid at the time of a KDBUS_CMD_HELLO
+        * cmd, if they equal allow the TALK access, otherwise we
+        * proceed and perform checks against current's cred.
+        *
+        * By using the user->uid check first we reduce the exposure to
+        * creds changes. Privileged processes should be careful about
+        * what to do with a file descriptor.
+        */
        if (uid_eq(conn_src->user->uid, conn_dst->user->uid))
-               return true;
+               return 0;
 
        /*
         * If there was a positive match for these two connections before,