forked from ~ljy/RK356X_SDK_RELEASE
blame | history | patch | commit | commitdiff
hc
2024-01-05 071106ecf68c401173c58808b1cf5f68cc50d390 
 kernel/security/keys/keyctl.c
....@@ -980,14 +980,19 @@
980980 	ret = -EACCES;
981981 	down_write(&key->sem);
982982 
983
-	if (!capable(CAP_SYS_ADMIN)) {
983
+	{
984
+		bool is_privileged_op = false;
985
+
984986 		/* only the sysadmin can chown a key to some other UID */
985987 		if (user != (uid_t) -1 && !uid_eq(key->uid, uid))
986
-			goto error_put;
988
+			is_privileged_op = true;
987989 
988990 		/* only the sysadmin can set the key's GID to a group other
989991 		 * than one of those that the current process subscribes to */
990992 		if (group != (gid_t) -1 && !gid_eq(gid, key->gid) && !in_group_p(gid))
993
+			is_privileged_op = true;
994
+
995
+		if (is_privileged_op && !capable(CAP_SYS_ADMIN))
991996 			goto error_put;
992997 	}
993998 
....@@ -1088,7 +1093,7 @@
10881093 	down_write(&key->sem);
10891094 
10901095 	/* if we're not the sysadmin, we can only change a key that we own */
1091
-	if (capable(CAP_SYS_ADMIN) || uid_eq(key->uid, current_fsuid())) {
1096
+	if (uid_eq(key->uid, current_fsuid()) || capable(CAP_SYS_ADMIN)) {
10921097 		key->perm = perm;
10931098 		notify_key(key, NOTIFY_KEY_SETATTR, 0);
10941099 		ret = 0;