Michal Koutný mkoutny@suse.com writes:
On Thu, Feb 10, 2022 at 08:13:17PM -0600, "Eric W. Biederman" ebiederm@xmission.com wrote:
This can be fixed either by fixing the test or by moving the increment to be before the test. Fix it my moving copy_creds which contains the increment before is_ucounts_overlimit.
This is simpler than my approach and I find it correct too.
Both the test in fork and the test in set_user were semantically changed when the code moved to ucounts. The change of the test in fork was bad because it was before the increment.
The test in set_user was wrong and the change to ucounts fixed it. So this fix is only restore the old behavior in one lcatio not two.
Whom should be the task accounted to in the case of set*uid? (The change to ucounts made the check against the pre-switch user's ucounts.)
It needs to be post-switch in the case of set*id().
I have that fixed in the next version of my patchset.
kernel/fork.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-)
Reviewed-by: Michal Koutný mkoutny@suse.com