driver core: handle user namespaces properly with the uid/gid devtmpfs change

Now that devtmpfs is caring about uid/gid, we need to use the correct internal types so users who have USER_NS enabled will have things work properly for them. Thanks to Eric for pointing this out, and the patch review. Reported-by: N Eric W. Biederman <ebiederm@xmission.com> Cc: Kay Sievers <kay@vrfy.org> Cc: Ming Lei <ming.lei@canonical.com> Signed-off-by: N Greg Kroah-Hartman <gregkh@linuxfoundation.org>

driver core: handle user namespaces properly with the uid/gid devtmpfs change
Now that devtmpfs is caring about uid/gid, we need to use the correct internal types so users who have USER_NS enabled will have things work properly for them. Thanks to Eric for pointing this out, and the patch review. Reported-by: N Eric W. Biederman <ebiederm@xmission.com> Cc: Kay Sievers <kay@vrfy.org> Cc: Ming Lei <ming.lei@canonical.com> Signed-off-by: N Greg Kroah-Hartman <gregkh@linuxfoundation.org>
4e4098a3 · Greg Kroah-Hartman · d81c8d19 · 4e4098a3 · 4e4098a3 · 4e4098a3
5 changed file
--- a/block/genhd.c
+++ b/block/genhd.c
@@ -1112,7 +1112,7 @@ struct class block_class = {
 };
 static char *block_devnode(struct device *dev, umode_t *mode,
-			   uid_t *uid, gid_t *gid)
+			   kuid_t *uid, kgid_t *gid)
 {
 	struct gendisk *disk = dev_to_disk(dev);

--- a/drivers/base/core.c
+++ b/drivers/base/core.c
@@ -283,8 +283,8 @@ static int dev_uevent(struct kset *kset, struct kobject *kobj,
 		const char *tmp;
 		const char *name;
 		umode_t mode = 0;
-		uid_t uid = 0;
+		kuid_t uid = GLOBAL_ROOT_UID;
-		gid_t gid = 0;
+		kgid_t gid = GLOBAL_ROOT_GID;
 		add_uevent_var(env, "MAJOR=%u", MAJOR(dev->devt));
 		add_uevent_var(env, "MINOR=%u", MINOR(dev->devt));
@@ -293,10 +293,10 @@ static int dev_uevent(struct kset *kset, struct kobject *kobj,
 			add_uevent_var(env, "DEVNAME=%s", name);
 			if (mode)
 				add_uevent_var(env, "DEVMODE=%#o", mode & 0777);
-			if (uid)
+			if (!uid_eq(uid, GLOBAL_ROOT_UID))
-				add_uevent_var(env, "DEVUID=%u", uid);
+				add_uevent_var(env, "DEVUID=%u", from_kuid(&init_user_ns, uid));
-			if (gid)
+			if (!gid_eq(gid, GLOBAL_ROOT_GID))
-				add_uevent_var(env, "DEVGID=%u", gid);
+				add_uevent_var(env, "DEVGID=%u", from_kgid(&init_user_ns, gid));
 			kfree(tmp);
 		}
 	}
@@ -1297,7 +1297,7 @@ static struct device *next_device(struct klist_iter *i)
 * freed by the caller.
 */
 const char *device_get_devnode(struct device *dev,
-			       umode_t *mode, uid_t *uid, gid_t *gid,
+			       umode_t *mode, kuid_t *uid, kgid_t *gid,
 			       const char **tmp)
 {
 	char *s;

--- a/drivers/base/devtmpfs.c
+++ b/drivers/base/devtmpfs.c
@@ -42,8 +42,8 @@ static struct req {
 	int err;
 	const char *name;
 	umode_t mode;	/* 0 => delete */
-	uid_t uid;
+	kuid_t uid;
-	gid_t gid;
+	kgid_t gid;
 	struct device *dev;
 } *requests;
@@ -88,8 +88,8 @@ int devtmpfs_create_node(struct device *dev)
 		return 0;
 	req.mode = 0;
-	req.uid = 0;
+	req.uid = GLOBAL_ROOT_UID;
-	req.gid = 0;
+	req.gid = GLOBAL_ROOT_GID;
 	req.name = device_get_devnode(dev, &req.mode, &req.uid, &req.gid, &tmp);
 	if (!req.name)
 		return -ENOMEM;
@@ -192,8 +192,8 @@ static int create_path(const char *nodepath)
 	return err;
 }
-static int handle_create(const char *nodename, umode_t mode, uid_t uid,
+static int handle_create(const char *nodename, umode_t mode, kuid_t uid,
-			 gid_t gid, struct device *dev)
+			 kgid_t gid, struct device *dev)
 {
 	struct dentry *dentry;
 	struct path path;
@@ -212,8 +212,8 @@ static int handle_create(const char *nodename, umode_t mode, uid_t uid,
 		struct iattr newattrs;
 		newattrs.ia_mode = mode;
-		newattrs.ia_uid = KUIDT_INIT(uid);
+		newattrs.ia_uid = uid;
-		newattrs.ia_gid = KGIDT_INIT(gid);
+		newattrs.ia_gid = gid;
 		newattrs.ia_valid = ATTR_MODE|ATTR_UID|ATTR_GID;
 		mutex_lock(&dentry->d_inode->i_mutex);
 		notify_change(dentry, &newattrs);
@@ -364,7 +364,7 @@ int devtmpfs_mount(const char *mntdir)
 static DECLARE_COMPLETION(setup_done);
-static int handle(const char *name, umode_t mode, uid_t uid, gid_t gid,
+static int handle(const char *name, umode_t mode, kuid_t uid, kgid_t gid,
 		  struct device *dev)
 {
 	if (mode)

--- a/drivers/usb/core/usb.c
+++ b/drivers/usb/core/usb.c
@@ -318,7 +318,7 @@ static const struct dev_pm_ops usb_device_pm_ops = {
 static char *usb_devnode(struct device *dev,
-			 umode_t *mode, uid_t *uid, gid_t *gid)
+			 umode_t *mode, kuid_t *uid, kgid_t *gid)
 {
 	struct usb_device *usb_dev;

--- a/include/linux/device.h
+++ b/include/linux/device.h
@@ -467,7 +467,7 @@ struct device_type {
 	const struct attribute_group **groups;
 	int (*uevent)(struct device *dev, struct kobj_uevent_env *env);
 	char *(*devnode)(struct device *dev, umode_t *mode,
-			 uid_t *uid, gid_t *gid);
+			 kuid_t *uid, kgid_t *gid);
 	void (*release)(struct device *dev);
 	const struct dev_pm_ops *pm;
@@ -845,7 +845,7 @@ extern int device_rename(struct device *dev, const char *new_name);
 extern int device_move(struct device *dev, struct device *new_parent,
 		       enum dpm_order dpm_order);
 extern const char *device_get_devnode(struct device *dev,
-				      umode_t *mode, uid_t *uid, gid_t *gid,
+				      umode_t *mode, kuid_t *uid, kgid_t *gid,
 				      const char **tmp);
 extern void *dev_get_drvdata(const struct device *dev);
 extern int dev_set_drvdata(struct device *dev, void *data);