From 5039f524722d90613bb5fc18038e88743dace86f Mon Sep 17 00:00:00 2001
From: Steve Muir <smuir@cs.princeton.edu>
Date: Fri, 7 Jan 2005 21:13:59 +0000
Subject: [PATCH] Incorporate vserver 1.9.3 changes to check_kill_permission
 (eliminates call to vx_check in group_send_sig_info)

---
 kernel/signal.c | 22 +++++++++++++++-------
 1 file changed, 15 insertions(+), 7 deletions(-)

diff --git a/kernel/signal.c b/kernel/signal.c
index b3574b096..e4282d2de 100644
--- a/kernel/signal.c
+++ b/kernel/signal.c
@@ -603,17 +603,28 @@ static int check_kill_permission(int sig, struct siginfo *info,
 				 struct task_struct *t)
 {
 	int error = -EINVAL;
+	int user;
+
 	if (sig < 0 || sig > _NSIG)
 		return error;
+
+	user = (!info ||
+		(info != SEND_SIG_PRIV &&
+		 info != SEND_SIG_FORCED &&
+		 SI_FROMUSER(info)));
+
 	error = -EPERM;
-	if ((!info || ((unsigned long)info != 1 &&
-			(unsigned long)info != 2 && SI_FROMUSER(info)))
-	    && ((sig != SIGCONT) ||
-		(current->signal->session != t->signal->session))
+	if (user && (sig != SIGCONT ||
+		     current->signal->session != t->signal->session)
 	    && (current->euid ^ t->suid) && (current->euid ^ t->uid)
 	    && (current->uid ^ t->suid) && (current->uid ^ t->uid)
 	    && !capable(CAP_KILL))
 		return error;
+
+	error = -ESRCH;
+	if (user && !vx_check(vx_task_xid(t), VX_ADMIN|VX_IDENT))
+		return error;
+
 	return security_task_kill(t, info, sig);
 }
 
@@ -1055,9 +1066,6 @@ int group_send_sig_info(int sig, struct siginfo *info, struct task_struct *p)
 	unsigned long flags;
 	int ret;
 
-	if (!vx_check(vx_task_xid(p), VX_ADMIN|VX_WATCH|VX_IDENT))
-		return -ESRCH;
-
 	ret = check_kill_permission(sig, info, p);
 	if (!ret && sig && p->sighand) {
 		spin_lock_irqsave(&p->sighand->siglock, flags);
-- 
2.47.0