Skip to content
Snippets Groups Projects
Commit b6922faa authored by Nick Pelly's avatar Nick Pelly
Browse files

android_paranoid_network: Use in_egroup_p to check gid's. 

groups_search is not exported from sys.c which causes problems for module
builds. in_egroup_p is exported and is just what we need.
parent fc20ff51
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
net/bluetooth/af_bluetooth.c
+ 2
4
View file @ b6922faa
...@@ -141,14 +141,12 @@ static void bt_reclassify_sock_lock(struct socket *sock, int proto) ...@@ -141,14 +141,12 @@ static void bt_reclassify_sock_lock(struct socket *sock, int proto)
#ifdef CONFIG_ANDROID_PARANOID_NETWORK #ifdef CONFIG_ANDROID_PARANOID_NETWORK
static inline int current_has_bt_admin(void) static inline int current_has_bt_admin(void)
{ {
return (!current->euid || current->egid == AID_NET_BT_ADMIN || return (!current->euid || in_egroup_p(AID_NET_BT_ADMIN));
groups_search(current->group_info, AID_NET_BT_ADMIN));
} }
static inline int current_has_bt(void) static inline int current_has_bt(void)
{ {
return (current_has_bt_admin() || current->egid == AID_NET_BT || return (current_has_bt_admin() || in_egroup_p(AID_NET_BT));
groups_search(current->group_info, AID_NET_BT));
} }
# else # else
static inline int current_has_bt_admin(void) static inline int current_has_bt_admin(void)
......
net/ipv4/af_inet.c
+ 3
7
View file @ b6922faa
...@@ -250,16 +250,12 @@ EXPORT_SYMBOL(build_ehash_secret); ...@@ -250,16 +250,12 @@ EXPORT_SYMBOL(build_ehash_secret);
#ifdef CONFIG_ANDROID_PARANOID_NETWORK #ifdef CONFIG_ANDROID_PARANOID_NETWORK
static inline int current_has_network(void) static inline int current_has_network(void)
{ {
return (!current->euid || return (!current->euid || in_egroup_p(AID_INET) ||
current->egid == AID_INET || in_egroup_p(AID_NET_RAW));
current->egid == AID_NET_RAW ||
groups_search(current->group_info, AID_INET) ||
groups_search(current->group_info, AID_NET_RAW));
} }
static inline int current_has_cap(int cap) static inline int current_has_cap(int cap)
{ {
if (cap == CAP_NET_RAW && (current->egid == AID_NET_RAW || if (cap == CAP_NET_RAW && in_egroup_p(AID_NET_RAW))
groups_search(current->group_info, AID_NET_RAW)))
return 1; return 1;
return capable(cap); return capable(cap);
} }
......
net/ipv6/af_inet6.c
+ 1
2
View file @ b6922faa
...@@ -86,8 +86,7 @@ static __inline__ struct ipv6_pinfo *inet6_sk_generic(struct sock *sk) ...@@ -86,8 +86,7 @@ static __inline__ struct ipv6_pinfo *inet6_sk_generic(struct sock *sk)
#ifdef CONFIG_ANDROID_PARANOID_NETWORK #ifdef CONFIG_ANDROID_PARANOID_NETWORK
static inline int current_has_network(void) static inline int current_has_network(void)
{ {
return (!current->uid || current->gid == AID_INET || return (!current->euid || in_egroup_p(AID_INET));
groups_search(current->group_info, AID_INET));
} }
# else # else
static inline int current_has_network(void) static inline int current_has_network(void)
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment