SafeSetID: fix UID printed instead of GID

pr_warn message clearly says that GID should be printed,
but we have UID there. Let's fix that.

Found accidentally during the work on isolated user namespaces.

Signed-off-by: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com>
[PM: fix spelling errors in description, subject tweak]
Signed-off-by: Paul Moore <paul@paul-moore.com>

diff --git a/security/safesetid/lsm.c b/security/safesetid/lsm.c
index e806739..5be5894 100644 (file)
--- a/security/safesetid/lsm.c
+++ b/security/safesetid/lsm.c
@@ -131,7 +131,7 @@ static int safesetid_security_capable(const struct cred *cred,
                 * set*gid() (e.g. setting up userns gid mappings).
                 */
                pr_warn("Operation requires CAP_SETGID, which is not available to GID %u for operations besides approved set*gid transitions\n",
-                       __kuid_val(cred->uid));
+                       __kgid_val(cred->gid));
                return -EPERM;
        default:
                /* Error, the only capabilities were checking for is CAP_SETUID/GID */