projects / platform / adaptation / renesas_rcar / renesas_kernel.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
fs,userns: Change inode_capable to capable_wrt_inode_uidgid
[platform/adaptation/renesas_rcar/renesas_kernel.git] / fs / inode.c
diff --git a/fs/inode.c b/fs/inode.c
index 4bcdad3..e846a32 100644 (file)
--- a/fs/inode.c
+++ b/fs/inode.c
@@ -1840,14 +1840,18 @@ EXPORT_SYMBOL(inode_init_owner);
  * inode_owner_or_capable - check current task permissions to inode
  * @inode: inode being checked
  *
- * Return true if current either has CAP_FOWNER to the inode, or
- * owns the file.
+ * Return true if current either has CAP_FOWNER in a namespace with the
+ * inode owner uid mapped, or owns the file.
  */
 bool inode_owner_or_capable(const struct inode *inode)
 {
+       struct user_namespace *ns;
+
        if (uid_eq(current_fsuid(), inode->i_uid))
                return true;
-       if (inode_capable(inode, CAP_FOWNER))
+
+       ns = current_user_ns();
+       if (ns_capable(ns, CAP_FOWNER) && kuid_has_mapping(ns, inode->i_uid))
                return true;
        return false;
 }
Domain: System / Uncategorized;