[PATCH] security/commoncap: Use current_user_ns()
Denis Efremov
efremov at linux.com
Mon Aug 24 12:49:39 UTC 2020
Modify cap_inh_is_capped(), cap_task_prctl() to use current_user_ns().
Signed-off-by: Denis Efremov <efremov at linux.com>
---
security/commoncap.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/security/commoncap.c b/security/commoncap.c
index 59bf3c1674c8..82a61f77c07c 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -220,7 +220,7 @@ static inline int cap_inh_is_capped(void)
/* they are so limited unless the current task has the CAP_SETPCAP
* capability
*/
- if (cap_capable(current_cred(), current_cred()->user_ns,
+ if (cap_capable(current_cred(), current_user_ns(),
CAP_SETPCAP, CAP_OPT_NONE) == 0)
return 0;
return 1;
@@ -1206,7 +1206,7 @@ int cap_task_prctl(int option, unsigned long arg2, unsigned long arg3,
|| ((old->securebits & SECURE_ALL_LOCKS & ~arg2)) /*[2]*/
|| (arg2 & ~(SECURE_ALL_LOCKS | SECURE_ALL_BITS)) /*[3]*/
|| (cap_capable(current_cred(),
- current_cred()->user_ns,
+ current_user_ns(),
CAP_SETPCAP,
CAP_OPT_NONE) != 0) /*[4]*/
/*
--
2.26.2
More information about the Linux-security-module-archive
mailing list