Received: by 2002:a05:6a10:7420:0:0:0:0 with SMTP id hk32csp567920pxb; Tue, 15 Feb 2022 22:20:24 -0800 (PST) X-Google-Smtp-Source: ABdhPJwllegZNba5RjfkhKguhoAZ3FIT0ITEcL1Y2ccO5VrhTkpWpExC/3ibs2sugVLsApmkDRpQ X-Received: by 2002:a17:90b:4d0b:b0:1b9:cfb1:9cb5 with SMTP id mw11-20020a17090b4d0b00b001b9cfb19cb5mr89033pjb.124.1644992424669; Tue, 15 Feb 2022 22:20:24 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1644992424; cv=none; d=google.com; s=arc-20160816; b=csQTb6hWXEOm9CTpscDWSfwFbtXwc4TlmK9c3mIq0kzqXsXZ3h6wnf2FG6xk43qF1a QoosaFIk3UDhd83ysAglkhTx+bMFIeEHQmF0OfEPRUlN/z16ibfbE9Hu6Ys3eh2M8OjE l6pWZ49qL2fg96C9TQMN2ZJVetrRd46QVvHDBKoR7ssSD+Kt3AH6yjfLegobTrNyT9xq JlEX1FYiO/6Im41fKpw1pn5/Uvxk0CLmpXkW2g66JJghT9XihjvnLZU+HgelsIDM1xOJ OenhdJi00JfMthAAdsD9lG1lrisYprcD8NwVo7KKz+1pJZuL4c0P+jaqeaH0oGB200DK QaoA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-transfer-encoding :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=BHEbbqhZ9bplcn2cVncV8XJfPQy+VWY5Bk3UorYJFo0=; b=epDqnTsFn0nHHbqUMp9hld3V6VNih/CV40p7+8iGo2MZnA77bZMi6Vkn1KMI+VZY3Y 5yO0ywx+Re8ry2ZX1EZUNzntiUUlPIjz9XUEYU3vUy/7W/v+c6IBE5n+pRdyhnW3CRki 8uZ5OeRh8orPEWfv8Pt/MdPuYT2eEARkzvOEMcBGlxmtbDL1uTSrQmKUBh2GTlg60LQ0 csvwnqMXnPG4L02oepgYBP7eTdNFfn7U0c8CV1qVm7LIEeyUnBkvsSJupx1C3EhDVs0D mG3C7welawKYasRFayekPWiHQPphFR9gZZH7xGlApz8CW7sfWCNb9vMvNmxzJVpsPh1V e06w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.com header.s=susede1 header.b=qrFWcd3R; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=NONE dis=NONE) header.from=suse.com Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [23.128.96.19]) by mx.google.com with ESMTPS id z5si16504115plk.433.2022.02.15.22.20.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 15 Feb 2022 22:20:24 -0800 (PST) Received-SPF: softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) client-ip=23.128.96.19; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.com header.s=susede1 header.b=qrFWcd3R; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=NONE dis=NONE) header.from=suse.com Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id ED68919BFBA; Tue, 15 Feb 2022 22:18:24 -0800 (PST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236961AbiBOLLp (ORCPT + 99 others); Tue, 15 Feb 2022 06:11:45 -0500 Received: from mxb-00190b01.gslb.pphosted.com ([23.128.96.19]:34632 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236996AbiBOLKp (ORCPT ); Tue, 15 Feb 2022 06:10:45 -0500 Received: from smtp-out1.suse.de (smtp-out1.suse.de [195.135.220.28]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 61F06107D0B; Tue, 15 Feb 2022 03:10:36 -0800 (PST) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id 1902E210F9; Tue, 15 Feb 2022 11:10:35 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.com; s=susede1; t=1644923435; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=BHEbbqhZ9bplcn2cVncV8XJfPQy+VWY5Bk3UorYJFo0=; b=qrFWcd3RhhUPupOQfdAdVOyPq2GQWXMnWMXmrKG/1QayZTBWHsyX/u4aj0zTYGJPe3q6gJ EQKeBFYUBk78gsNJ8rGjz0rOBA98bNg/NTuwZxDfB9EK255gdauWR3J2dwHbUYf7H9cfVs J3T2mcwGnD4q+3IUVS9rdJYc0PXqaVc= Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id E5B3A13C40; Tue, 15 Feb 2022 11:10:34 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id fa0nNyqKC2LgNAAAMHmgww (envelope-from ); Tue, 15 Feb 2022 11:10:34 +0000 Date: Tue, 15 Feb 2022 12:10:33 +0100 From: Michal =?iso-8859-1?Q?Koutn=FD?= To: "Eric W. Biederman" Cc: linux-kernel@vger.kernel.org, Alexey Gladkov , Kees Cook , Shuah Khan , Christian Brauner , Solar Designer , Ran Xiaokai , containers@lists.linux-foundation.org, stable@vger.kernel.org Subject: Re: [PATCH 2/8] ucounts: Fix set_cred_ucounts Message-ID: <20220215111033.GG21589@blackbody.suse.cz> References: <87o83e2mbu.fsf@email.froward.int.ebiederm.org> <20220211021324.4116773-2-ebiederm@xmission.com> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20220211021324.4116773-2-ebiederm@xmission.com> User-Agent: Mutt/1.10.1 (2018-07-13) X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Feb 10, 2022 at 08:13:18PM -0600, "Eric W. Biederman" wrote: > diff --git a/kernel/cred.c b/kernel/cred.c > index 473d17c431f3..933155c96922 100644 > --- a/kernel/cred.c > +++ b/kernel/cred.c > @@ -665,21 +665,16 @@ EXPORT_SYMBOL(cred_fscmp); > > int set_cred_ucounts(struct cred *new) > { > - struct task_struct *task = current; > - const struct cred *old = task->real_cred; > struct ucounts *new_ucounts, *old_ucounts = new->ucounts; > > - if (new->user == old->user && new->user_ns == old->user_ns) > - return 0; > - > /* > * This optimization is needed because alloc_ucounts() uses locks > * for table lookups. > */ > - if (old_ucounts->ns == new->user_ns && uid_eq(old_ucounts->uid, new->euid)) > + if (old_ucounts->ns == new->user_ns && uid_eq(old_ucounts->uid, new->uid)) > return 0; > > - if (!(new_ucounts = alloc_ucounts(new->user_ns, new->euid))) > + if (!(new_ucounts = alloc_ucounts(new->user_ns, new->uid))) > return -EAGAIN; > > new->ucounts = new_ucounts; Reviewed-by: Michal Koutn?