Mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/ https://git.shady.money/linux/atom?h=v2.6.30 2009-05-26T23:46:48Z 2009-05-26T23:46:48Z Herton Ronaldo Krzesinski herton@mandriva.com.br 2009-05-26T03:15:53Z urn:sha1:b1338d199dda6681d9af0297928af0a7eb9cba7b cap_bprm_set_creds() has to be called from security_bprm_set_creds(). TOMOYO forgot to call cap_bprm_set_creds() from tomoyo_bprm_set_creds() and suid executables were not being working. Make sure we call cap_bprm_set_creds() with TOMOYO, to set credentials properly inside tomoyo_bprm_set_creds(). Signed-off-by: Herton Ronaldo Krzesinski <herton@mandriva.com.br> Acked-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org> 2009-05-09T14:49:42Z Al Viro viro@zeniv.linux.org.uk 2009-04-03T01:17:03Z urn:sha1:e24977d45f45d1675e050dc1a0aaf4bfc4ca9866 ... use kern_path() where possible [folded a fix from rdd] Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> 2009-05-04T22:31:03Z Stephen Smalley sds@tycho.nsa.gov 2009-05-04T19:43:18Z urn:sha1:65c90bca0dba56f60dc4ce2a529140c3cc440f22 The CRED patch incorrectly converted the SELinux send_sigiotask hook to use the current task SID rather than the target task SID in its permission check, yielding the wrong permission check. This fixes the hook function. Detected by the ltp selinux testsuite and confirmed to correct the test failure. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org> 2009-04-18T02:58:25Z Etienne Basset etienne.basset@numericable.fr 2009-04-16T21:58:42Z urn:sha1:defc433ba3bc587826bb467ce0e63452deafa65d the following patch moves checks for SMACK xattr validity from smack_inode_post_setxattr (which cannot return an error to the user) to smack_inode_setxattr (which can return an error). Signed-off-by: Etienne Basset <etienne.basset@numericable.fr> Acked-by: Casey Schaufler <casey@schaufler-ca.com> Signed-off-by: James Morris <jmorris@namei.org> 2009-04-13T23:15:02Z Tetsuo Handa penguin-kernel@I-love.SAKURA.ne.jp 2009-04-08T13:31:28Z urn:sha1:39826a1e17c1957bd7b5cd7815b83940e5e3a230 Signed-off-by: Kentaro Takeda <takedakn@nttdata.co.jp> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: Toshiharu Harada <haradats@nttdata.co.jp> Signed-off-by: James Morris <jmorris@namei.org> 2009-04-09T17:41:19Z David Howells dhowells@redhat.com 2009-04-09T16:14:05Z urn:sha1:34574dd10b6d0697b86703388d6d6af9cbf4bb48 When request_key() is called, without there being any standard process keyrings on which to fall back if a destination keyring is not specified, an oops is liable to occur when construct_alloc_key() calls down_write() on dest_keyring's semaphore. Due to function inlining this may be seen as an oops in down_write() as called from request_key_and_link(). This situation crops up during boot, where request_key() is called from within the kernel (such as in CIFS mounts) where nobody is actually logged in, and so PAM has not had a chance to create a session keyring and user keyrings to act as the fallback. To fix this, make construct_alloc_key() not attempt to cache a key if there is no fallback key if no destination keyring is given specifically. Signed-off-by: David Howells <dhowells@redhat.com> Tested-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 2009-04-08T23:12:03Z Serge E. Hallyn serue@us.ibm.com 2009-04-08T21:55:58Z urn:sha1:5bf37ec3e0f5eb79f23e024a7fbc8f3557c087f0 One-liner: capsh --print is broken without this patch. In certain cases, cap_prctl returns error > 0 for success. However, the 'no_change' label was always setting error to 0. As a result, for example, 'prctl(CAP_BSET_READ, N)' would always return 0. It should return 1 if a process has N in its bounding set (as by default it does). I'm keeping the no_change label even though it's now functionally the same as 'error'. Signed-off-by: Serge Hallyn <serue@us.ibm.com> Acked-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <jmorris@namei.org> 2009-04-07T06:08:56Z Tetsuo Handa penguin-kernel@I-love.SAKURA.ne.jp 2009-04-06T11:49:14Z urn:sha1:a0558fc3491c0494feb8472cf6c0119e43fd9484 Since TOMOYO's policy management tools does not use the "undelete domain" command, we decided to remove that command. Signed-off-by: Kentaro Takeda <takedakn@nttdata.co.jp> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: Toshiharu Harada <haradats@nttdata.co.jp> Signed-off-by: James Morris <jmorris@namei.org> 2009-04-03T15:42:40Z David Howells dhowells@redhat.com 2009-04-03T15:42:40Z urn:sha1:800a964787faef3509d194fa33268628c3d1daa9 Export a number of functions for CacheFiles's use. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: Steve Dickson <steved@redhat.com> Acked-by: Trond Myklebust <Trond.Myklebust@netapp.com> Acked-by: Rik van Riel <riel@redhat.com> Acked-by: Al Viro <viro@zeniv.linux.org.uk> Tested-by: Daire Byrne <Daire.Byrne@framestore.com> 2009-04-03T04:09:10Z Linus Torvalds torvalds@linux-foundation.org 2009-04-03T04:09:10Z urn:sha1:8fe74cf053de7ad2124a894996f84fa890a81093 * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6: Remove two unneeded exports and make two symbols static in fs/mpage.c Cleanup after commit 585d3bc06f4ca57f975a5a1f698f65a45ea66225 Trim includes of fdtable.h Don't crap into descriptor table in binfmt_som Trim includes in binfmt_elf Don't mess with descriptor table in load_elf_binary() Get rid of indirect include of fs_struct.h New helper - current_umask() check_unsafe_exec() doesn't care about signal handlers sharing New locking/refcounting for fs_struct Take fs_struct handling to new file (fs/fs_struct.c) Get rid of bumping fs_struct refcount in pivot_root(2) Kill unsharing fs_struct in __set_personality()