Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp4240482imm; Mon, 30 Jul 2018 10:59:02 -0700 (PDT) X-Google-Smtp-Source: AAOMgpfrc7KsT2FNGgiPK2yQRtJ2CoAEdFqWi2w4A1z080GFSLEoa/AFAV9iu7kW3qDnF4JBo8ID X-Received: by 2002:a63:6a45:: with SMTP id f66-v6mr16965906pgc.81.1532973542817; Mon, 30 Jul 2018 10:59:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1532973542; cv=none; d=google.com; s=arc-20160816; b=kkaR3BWkCkeCJ4Rz6n4pxxmBBM5hbTNNOMSEMFoMPfI+KJYS5d1ZKQFQrVKI0JnrwY 0Ib+Zy58ty7W/Q/i7BwGoGBACiEMExn0eVhchV64gm96v5oWbKwrv0su2SMEL4ZFxKDC yOy+mRM2jshy/kPaSzjg2DQiWku9ascWp0InGMsHSMXPo+uGbvN+SFN0IfZeMrleM/6L Iu+SpfPI5/VEZp5kR8v054MSFU5HgKNr5C6A6Gx+LI98obRavwBzkGrpCI+vuwbNMOOK kzPivdcl6e1J61Bf6LedHSMk3ZeElCGcIjrGlmzB03UVKi6ReN+FDK9jhywaCQNX+xMl PgCQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature :arc-authentication-results; bh=dFxQXp3UPeQj+uHoFvEPUzjheaVeUEGzDq5QlhBNtUI=; b=jNX6xQPIs8FGP93PRrDhWnI4/pKKRi04CPIP7v7HQAJ1Cl4oneRS7DPYk1g5EX9l4p Yea8GnAkG/mllXBRpjKMbvAZJk9vbYBHROJm8m2l0rFqTGVKsnDuxTQESCuO1fSQF6Yz 8KU2yakQb6cXtMb9Gx2uwkZA/3KzyU+Bk24W4Dh63rfk0SE3rXYeJxhfY1lPEBXZSmD5 Q6NPl5lMcdJyypduYh8cTdTaFKqI2+zXL27Tec3hy/rJ5ojzvAi5TPP+8I01HVb0hvwi D7tAWSo6m1d7a+cf8wht92AITer1NZ16muG2Go8RBh3Vj60WplV0a+ebQn91oECFQcyw hvrQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=CoYnAPgF; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id a9-v6si11733394pgj.224.2018.07.30.10.58.48; Mon, 30 Jul 2018 10:59:02 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=CoYnAPgF; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732121AbeG3TdJ (ORCPT + 99 others); Mon, 30 Jul 2018 15:33:09 -0400 Received: from mail-ed1-f65.google.com ([209.85.208.65]:42078 "EHLO mail-ed1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729561AbeG3TdJ (ORCPT ); Mon, 30 Jul 2018 15:33:09 -0400 Received: by mail-ed1-f65.google.com with SMTP id r4-v6so4491410edp.9 for ; Mon, 30 Jul 2018 10:57:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=dFxQXp3UPeQj+uHoFvEPUzjheaVeUEGzDq5QlhBNtUI=; b=CoYnAPgFqoS+2IE27iHI2Ic9T6AjsNQt4GQ6ZVCyQBbKZREf/fgdEtNvdm8G73u2dh 9tnjb7BKohTLTOyFOm4QfoGITlJfniA1No0zL1Qk+K+37ZH4XSjvCnADDCHZ0dkzfobC un7tuQZEyR72hpn6dQng2qezUeDntqC52c11c= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=dFxQXp3UPeQj+uHoFvEPUzjheaVeUEGzDq5QlhBNtUI=; b=ArRxPTZLO9qx5Rp6BsyAa8Grb9ArxD7i1CJpHGMLtnzuOEhe4bEPWzn4WoXV3Oagmm RYaX6dxQNHDx6xXa8BJUkX+Wn0L1F4c2EAiiWPFLqEmVEtHZ/Bz3FSgKco1w9mw17UPo uGzJMXzVwqe9VjuIkBvl+d3OS9GYvhebXDQC8gXLhWeIkrHWfMATrWp6BnwRR8cVkO5D GLSmHaOl93bJAMh9ZKjZ1Ou34Xpk4sPAxVCFViMR1IQPqXW1hSQiTWY51qSVtkibKr66 feMBQozeO5RUL966seBg4psjqF09oo/fWeOw1gQmuBR0Pasvrub/qY4H5ZHtYwZ1I/9S 7suw== X-Gm-Message-State: AOUpUlHEw84W2FLquSjUEWzRrtWLUS5AIFMNFnDi3Y7BsHYt+2metGQ8 1aWjK4LvF3tqWo5bvpRHlADW9QWMHA0= X-Received: by 2002:a50:8103:: with SMTP id 3-v6mr9081555edc.131.1532973420827; Mon, 30 Jul 2018 10:57:00 -0700 (PDT) Received: from mail-wm0-f48.google.com (mail-wm0-f48.google.com. [74.125.82.48]) by smtp.gmail.com with ESMTPSA id n64-v6sm2697167edc.49.2018.07.30.10.56.59 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 30 Jul 2018 10:56:59 -0700 (PDT) Received: by mail-wm0-f48.google.com with SMTP id s12-v6so314882wmc.0 for ; Mon, 30 Jul 2018 10:56:59 -0700 (PDT) X-Received: by 2002:a1c:9bc5:: with SMTP id d188-v6mr200627wme.33.1532973419064; Mon, 30 Jul 2018 10:56:59 -0700 (PDT) MIME-Version: 1.0 References: <20180729193646.201721-1-toddpoynor@gmail.com> <20180729193646.201721-5-toddpoynor@gmail.com> In-Reply-To: <20180729193646.201721-5-toddpoynor@gmail.com> From: Dmitry Torokhov Date: Mon, 30 Jul 2018 10:56:46 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH 04/13] staging: gasket: core: allow root access based on user namespace To: toddpoynor@gmail.com Cc: rspringer@google.com, jnjoseph@google.com, benchan@chromium.org, Greg Kroah-Hartman , devel@driverdev.osuosl.org, lkml , toddpoynor@google.com Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Todd, On Sun, Jul 29, 2018 at 12:37 PM Todd Poynor wrote: > @@ -1064,7 +1067,8 @@ static int gasket_open(struct inode *inode, struct file *filp) > char task_name[TASK_COMM_LEN]; > struct gasket_cdev_info *dev_info = > container_of(inode->i_cdev, struct gasket_cdev_info, cdev); > - int is_root = capable(CAP_SYS_ADMIN); > + struct pid_namespace *pid_ns = task_active_pid_ns(current); > + int is_root = ns_capable(pid_ns->user_ns, CAP_SYS_ADMIN); ns_capable() returns bool, why did you make is_root an integer? Thanks, Dmitry