Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/806806/?format=api
{ "id": 806806, "url": "http://patchwork.ozlabs.org/api/patches/806806/?format=api", "web_url": "http://patchwork.ozlabs.org/project/netdev/patch/1503965540-30393-1-git-send-email-prakash.sangappa@oracle.com/", "project": { "id": 7, "url": "http://patchwork.ozlabs.org/api/projects/7/?format=api", "name": "Linux network development", "link_name": "netdev", "list_id": "netdev.vger.kernel.org", "list_email": "netdev@vger.kernel.org", "web_url": null, "scm_url": null, "webscm_url": null, "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<1503965540-30393-1-git-send-email-prakash.sangappa@oracle.com>", "list_archive_url": null, "date": "2017-08-29T00:12:20", "name": "[RESEND] Allow passing tid or pid in SCM_CREDENTIALS without CAP_SYS_ADMIN", "commit_ref": null, "pull_url": null, "state": "rejected", "archived": true, "hash": "d936b88a6fe808dd3f186e79d9bfde291ee704eb", "submitter": { "id": 72124, "url": "http://patchwork.ozlabs.org/api/people/72124/?format=api", "name": "Prakash Sangappa", "email": "prakash.sangappa@oracle.com" }, "delegate": { "id": 34, "url": "http://patchwork.ozlabs.org/api/users/34/?format=api", "username": "davem", "first_name": "David", "last_name": "Miller", "email": "davem@davemloft.net" }, "mbox": "http://patchwork.ozlabs.org/project/netdev/patch/1503965540-30393-1-git-send-email-prakash.sangappa@oracle.com/mbox/", "series": [ { "id": 279, "url": "http://patchwork.ozlabs.org/api/series/279/?format=api", "web_url": "http://patchwork.ozlabs.org/project/netdev/list/?series=279", "date": "2017-08-29T00:12:20", "name": "[RESEND] Allow passing tid or pid in SCM_CREDENTIALS without CAP_SYS_ADMIN", "version": 1, "mbox": "http://patchwork.ozlabs.org/series/279/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/806806/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/806806/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<netdev-owner@vger.kernel.org>", "X-Original-To": "patchwork-incoming@ozlabs.org", "Delivered-To": "patchwork-incoming@ozlabs.org", "Authentication-Results": "ozlabs.org;\n\tspf=none (mailfrom) smtp.mailfrom=vger.kernel.org\n\t(client-ip=209.132.180.67; helo=vger.kernel.org;\n\tenvelope-from=netdev-owner@vger.kernel.org;\n\treceiver=<UNKNOWN>)", "Received": [ "from vger.kernel.org (vger.kernel.org [209.132.180.67])\n\tby ozlabs.org (Postfix) with ESMTP id 3xh8Hh24P7z9s7v\n\tfor <patchwork-incoming@ozlabs.org>;\n\tTue, 29 Aug 2017 10:13:36 +1000 (AEST)", "(majordomo@vger.kernel.org) by vger.kernel.org via listexpand\n\tid S1751243AbdH2ANX (ORCPT <rfc822;patchwork-incoming@ozlabs.org>);\n\tMon, 28 Aug 2017 20:13:23 -0400", "from userp1040.oracle.com ([156.151.31.81]:17554 \"EHLO\n\tuserp1040.oracle.com\" rhost-flags-OK-OK-OK-OK) by vger.kernel.org\n\twith ESMTP id S1751194AbdH2ANW (ORCPT\n\t<rfc822;netdev@vger.kernel.org>); Mon, 28 Aug 2017 20:13:22 -0400", "from aserv0022.oracle.com (aserv0022.oracle.com [141.146.126.234])\n\tby userp1040.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2)\n\twith ESMTP id v7T0DIob007459\n\t(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256\n\tverify=OK); Tue, 29 Aug 2017 00:13:19 GMT", "from userv0122.oracle.com (userv0122.oracle.com [156.151.31.75])\n\tby aserv0022.oracle.com (8.14.4/8.14.4) with ESMTP id v7T0DHHw031744\n\t(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256\n\tverify=OK); Tue, 29 Aug 2017 00:13:17 GMT", "from abhmp0018.oracle.com (abhmp0018.oracle.com [141.146.116.24])\n\tby userv0122.oracle.com (8.14.4/8.14.4) with ESMTP id\n\tv7T0DGK7001106; Tue, 29 Aug 2017 00:13:16 GMT", "from pp-ThinkCentre-M82.us.oracle.com (/10.132.173.156)\n\tby default (Oracle Beehive Gateway v4.0)\n\twith ESMTP ; Mon, 28 Aug 2017 17:13:16 -0700" ], "From": "Prakash Sangappa <prakash.sangappa@oracle.com>", "To": "linux-kernel@vger.kernel.org, netdev@vger.kernel.org", "Cc": "davem@davemloft.net, ebiederm@xmission.com, drepper@redhat.com,\n\tprakash.sangappa@oracle.com", "Subject": "[RESEND PATCH] Allow passing tid or pid in SCM_CREDENTIALS without\n\tCAP_SYS_ADMIN", "Date": "Mon, 28 Aug 2017 17:12:20 -0700", "Message-Id": "<1503965540-30393-1-git-send-email-prakash.sangappa@oracle.com>", "X-Mailer": "git-send-email 2.7.4", "X-Source-IP": "aserv0022.oracle.com [141.146.126.234]", "Sender": "netdev-owner@vger.kernel.org", "Precedence": "bulk", "List-ID": "<netdev.vger.kernel.org>", "X-Mailing-List": "netdev@vger.kernel.org" }, "content": "Currently passing tid(gettid(2)) of a thread in struct ucred in\nSCM_CREDENTIALS message requires CAP_SYS_ADMIN capability otherwise\nit fails with EPERM error. Some applications deal with thread id\nof a thread(tid) and so it would help to allow tid in SCM_CREDENTIALS\nmessage. Basically, either tgid(pid of the process) or the tid of\nthe thread should be allowed without the need for CAP_SYS_ADMIN capability.\n\nSCM_CREDENTIALS will be used to determine the global id of a process or\na thread running inside a pid namespace.\n\nThis patch adds necessary check to accept tid in SCM_CREDENTIALS\nstruct ucred.\n\nSigned-off-by: Prakash Sangappa <prakash.sangappa@oracle.com>\n---\n net/core/scm.c | 1 +\n 1 file changed, 1 insertion(+)", "diff": "diff --git a/net/core/scm.c b/net/core/scm.c\nindex b1ff8a4..9274197 100644\n--- a/net/core/scm.c\n+++ b/net/core/scm.c\n@@ -55,6 +55,7 @@ static __inline__ int scm_check_creds(struct ucred *creds)\n \t\treturn -EINVAL;\n \n \tif ((creds->pid == task_tgid_vnr(current) ||\n+\t creds->pid == task_pid_vnr(current) ||\n \t ns_capable(task_active_pid_ns(current)->user_ns, CAP_SYS_ADMIN)) &&\n \t ((uid_eq(uid, cred->uid) || uid_eq(uid, cred->euid) ||\n \t uid_eq(uid, cred->suid)) || ns_capable(cred->user_ns, CAP_SETUID)) &&\n", "prefixes": [ "RESEND" ] }