aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2014-06-25 13:32:56 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2014-06-25 13:32:56 +0000
commitdc708dfe6724712912939aab4e1c5437fcb8fd91 (patch)
tree613c394fdd95b8a8f7db94038a19bc719326de3a
parenta8f96819323eb839b46cbf0395c6d36d760cb4cd (diff)
downloadalpine_aports-dc708dfe6724712912939aab4e1c5437fcb8fd91.tar.bz2
alpine_aports-dc708dfe6724712912939aab4e1c5437fcb8fd91.tar.xz
alpine_aports-dc708dfe6724712912939aab4e1c5437fcb8fd91.zip
main/linux-virt-grsec: upgrade to 3.10.44
Diffstat
-rw-r--r--main/linux-virt-grsec/APKBUILD14
-rw-r--r--main/linux-virt-grsec/grsecurity-2.9.1-3.10.44-unofficial.patch (renamed from main/linux-virt-grsec/grsecurity-2.9.1-3.10.43-unofficial.patch)136
2 files changed, 77 insertions, 73 deletions
diff --git a/main/linux-virt-grsec/APKBUILD b/main/linux-virt-grsec/APKBUILD
index 9cadce32d7..879c5f4528 100644
--- a/main/linux-virt-grsec/APKBUILD
+++ b/main/linux-virt-grsec/APKBUILD
@@ -3,7 +3,7 @@
3 3
4_flavor=virt-grsec 4_flavor=virt-grsec
5pkgname=linux-${_flavor} 5pkgname=linux-${_flavor}
6pkgver=3.10.43 6pkgver=3.10.44
7case $pkgver in 7case $pkgver in
8*.*.*) _kernver=${pkgver%.*};; 8*.*.*) _kernver=${pkgver%.*};;
9*.*) _kernver=${pkgver};; 9*.*) _kernver=${pkgver};;
@@ -154,8 +154,8 @@ dev() {
154} 154}
155 155
156md5sums="4f25cd5bec5f8d5a7d935b3f2ccb8481 linux-3.10.tar.xz 156md5sums="4f25cd5bec5f8d5a7d935b3f2ccb8481 linux-3.10.tar.xz
1573395365459b5a907a0425f260bc60e10 patch-3.10.43.xz 157775e8b7a3d0890bff5952eb9e7c42cd8 patch-3.10.44.xz
158157ad1fb61302669afff96bdff14eebb grsecurity-2.9.1-3.10.43-unofficial.patch 158f1e906ad953a274e1d4cab130310cd0d grsecurity-2.9.1-3.10.44-unofficial.patch
159a16f11b12381efb3bec79b9bfb329836 0001-net-inform-NETDEV_CHANGE-callbacks-which-flags-were-.patch 159a16f11b12381efb3bec79b9bfb329836 0001-net-inform-NETDEV_CHANGE-callbacks-which-flags-were-.patch
160656ae7b10dd2f18dbfa1011041d08d60 0002-arp-flush-arp-cache-on-IFF_NOARP-change.patch 160656ae7b10dd2f18dbfa1011041d08d60 0002-arp-flush-arp-cache-on-IFF_NOARP-change.patch
161aa454ffb96428586447775c21449e284 0003-ipv4-properly-refresh-rtable-entries-on-pmtu-redirec.patch 161aa454ffb96428586447775c21449e284 0003-ipv4-properly-refresh-rtable-entries-on-pmtu-redirec.patch
@@ -168,8 +168,8 @@ b3c0153d53e508e03d73b94d15b24a96 sysctl_lxc.patch
168539c848d541c1656851fe865018273df kernelconfig.x86 168539c848d541c1656851fe865018273df kernelconfig.x86
16982cd965fc82651f2e6b35e75c17d8031 kernelconfig.x86_64" 16982cd965fc82651f2e6b35e75c17d8031 kernelconfig.x86_64"
170sha256sums="df27fa92d27a9c410bfe6c4a89f141638500d7eadcca5cce578954efc2ad3544 linux-3.10.tar.xz 170sha256sums="df27fa92d27a9c410bfe6c4a89f141638500d7eadcca5cce578954efc2ad3544 linux-3.10.tar.xz
1713d2f5d06ef28985f691d0aaa457d066f0d9c4e2c02acc5cfe6bdacd42180d839 patch-3.10.43.xz 17186086660ac02cb5d6dd4ace3593e5e185fd3c04a8de4bd5cf7adb70e28be8d8b patch-3.10.44.xz
1727a25c79bd80b2157a88ba176b3a837151f5eeb25b2a6a841c8ab6ecb4cf9fb3d grsecurity-2.9.1-3.10.43-unofficial.patch 1727cd9a1b7dae8360d90a86dc60703609612ee3c070bb1592c7fcba1fc4d58362b grsecurity-2.9.1-3.10.44-unofficial.patch
1736af3757ac36a6cd3cda7b0a71b08143726383b19261294a569ad7f4042c72df3 0001-net-inform-NETDEV_CHANGE-callbacks-which-flags-were-.patch 1736af3757ac36a6cd3cda7b0a71b08143726383b19261294a569ad7f4042c72df3 0001-net-inform-NETDEV_CHANGE-callbacks-which-flags-were-.patch
174dc8e82108615657f1fb9d641efd42255a5761c06edde1b00a41ae0d314d548f0 0002-arp-flush-arp-cache-on-IFF_NOARP-change.patch 174dc8e82108615657f1fb9d641efd42255a5761c06edde1b00a41ae0d314d548f0 0002-arp-flush-arp-cache-on-IFF_NOARP-change.patch
1750985caa0f3ee8ed0959aeaa4214f5f8057ae8e61d50dcae39194912d31e14892 0003-ipv4-properly-refresh-rtable-entries-on-pmtu-redirec.patch 1750985caa0f3ee8ed0959aeaa4214f5f8057ae8e61d50dcae39194912d31e14892 0003-ipv4-properly-refresh-rtable-entries-on-pmtu-redirec.patch
@@ -182,8 +182,8 @@ fc613ac466610b866b721c41836fd5bfb2d4b75bceb67972dc6369d7f62ff47e 0006-ipv4-use-
182997d4c8a5a2b911047d26fe1bf8ee8d5cd3b7133e6abdc07b7deacd0b3eb2330 kernelconfig.x86 182997d4c8a5a2b911047d26fe1bf8ee8d5cd3b7133e6abdc07b7deacd0b3eb2330 kernelconfig.x86
1837845194551137fbc3b69a75249696bc843bb7fe7f4a4e6b0582c0ca0856caa64 kernelconfig.x86_64" 1837845194551137fbc3b69a75249696bc843bb7fe7f4a4e6b0582c0ca0856caa64 kernelconfig.x86_64"
184sha512sums="5fb109fcbd59bf3dffc911b853894f0a84afa75151368f783a1252c5ff60c7a1504de216c0012be446df983e2dea400ad8eeed3ce04f24dc61d0ef76c174dc35 linux-3.10.tar.xz 184sha512sums="5fb109fcbd59bf3dffc911b853894f0a84afa75151368f783a1252c5ff60c7a1504de216c0012be446df983e2dea400ad8eeed3ce04f24dc61d0ef76c174dc35 linux-3.10.tar.xz
185e4449c1bb88fcd92aec56882ba21fed2da40b9512996a50916123043507e3223aed0586bc43f15b1c73af9d1e18183637136d2e26a0d60bafb4ead1786d8f0d9 patch-3.10.43.xz 1850ff596c562c76be03cdac321307294925b2978e9f991e133bab54386cee8a9a2069300d3eec3a1512ed621e0acdaf89769e3f24c21e3954785a5655d425c9107 patch-3.10.44.xz
1860b5b5368b4dcf64502700c6b96af35694b0cfa86688dd944ad43edfe9630717a176f0b60b3b2e9b04ad6b5cc062363f7a36e55ccd92831194539e45fdb848017 grsecurity-2.9.1-3.10.43-unofficial.patch 186d0c65b05b4c6f846b5347e64a5eff857427b25aa5e17ec7c74659573fc547dbcf2a2b9868a0183b8b317a8d20bd443fbe3b4f8e9dba67b402c2f0dd161cbaefe grsecurity-2.9.1-3.10.44-unofficial.patch
18781e78593288e8b0fd2c03ea9fc1450323887707f087e911f172450a122bc9b591ee83394836789730d951aeec13d0b75a64e1c05f04364abf8f80d883ddc4a02 0001-net-inform-NETDEV_CHANGE-callbacks-which-flags-were-.patch 18781e78593288e8b0fd2c03ea9fc1450323887707f087e911f172450a122bc9b591ee83394836789730d951aeec13d0b75a64e1c05f04364abf8f80d883ddc4a02 0001-net-inform-NETDEV_CHANGE-callbacks-which-flags-were-.patch
18851ecb15b669f6a82940a13a38939116e003bf5dfd24496771c8279e907b72adcc63d607f0340a2940d757e12ddadb7d45c7af78ae311d284935a6296dbcac00c 0002-arp-flush-arp-cache-on-IFF_NOARP-change.patch 18851ecb15b669f6a82940a13a38939116e003bf5dfd24496771c8279e907b72adcc63d607f0340a2940d757e12ddadb7d45c7af78ae311d284935a6296dbcac00c 0002-arp-flush-arp-cache-on-IFF_NOARP-change.patch
18957d0a8bd35d19cf657ded58efe24517d2252aec6984040713ba173a34edb5887ececaa2985076bc6a149eaa57639fd98a042c1c2d226ed4ad8dd5ed0e230717e 0003-ipv4-properly-refresh-rtable-entries-on-pmtu-redirec.patch 18957d0a8bd35d19cf657ded58efe24517d2252aec6984040713ba173a34edb5887ececaa2985076bc6a149eaa57639fd98a042c1c2d226ed4ad8dd5ed0e230717e 0003-ipv4-properly-refresh-rtable-entries-on-pmtu-redirec.patch
diff --git a/main/linux-virt-grsec/grsecurity-2.9.1-3.10.43-unofficial.patch b/main/linux-virt-grsec/grsecurity-2.9.1-3.10.44-unofficial.patch
index dadf7b7bb4..39c0e4ec66 100644
--- a/main/linux-virt-grsec/grsecurity-2.9.1-3.10.43-unofficial.patch
+++ b/main/linux-virt-grsec/grsecurity-2.9.1-3.10.44-unofficial.patch
@@ -281,7 +281,7 @@ index 1311a48..f233324 100644
281 281
282 pcd. [PARIDE] 282 pcd. [PARIDE]
283diff --git a/Makefile b/Makefile 283diff --git a/Makefile b/Makefile
284index 9cf5138..b85cc95 100644 284index e55476c..36e2242 100644
285--- a/Makefile 285--- a/Makefile
286+++ b/Makefile 286+++ b/Makefile
287@@ -241,8 +241,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ 287@@ -241,8 +241,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \
@@ -43535,7 +43535,7 @@ index 0b74189..818358f 100644
43535+} __do_const; 43535+} __do_const;
43536 #endif /* _DW_MMC_H_ */ 43536 #endif /* _DW_MMC_H_ */
43537diff --git a/drivers/mmc/host/sdhci-s3c.c b/drivers/mmc/host/sdhci-s3c.c 43537diff --git a/drivers/mmc/host/sdhci-s3c.c b/drivers/mmc/host/sdhci-s3c.c
43538index c6f6246..60760a8 100644 43538index c6f6246a4..60760a8 100644
43539--- a/drivers/mmc/host/sdhci-s3c.c 43539--- a/drivers/mmc/host/sdhci-s3c.c
43540+++ b/drivers/mmc/host/sdhci-s3c.c 43540+++ b/drivers/mmc/host/sdhci-s3c.c
43541@@ -664,9 +664,11 @@ static int sdhci_s3c_probe(struct platform_device *pdev) 43541@@ -664,9 +664,11 @@ static int sdhci_s3c_probe(struct platform_device *pdev)
@@ -52578,7 +52578,7 @@ index ebd06fd..41c850d 100644
52578 kiocb->ki_nbytes = ret; 52578 kiocb->ki_nbytes = ret;
52579 return 0; 52579 return 0;
52580diff --git a/fs/attr.c b/fs/attr.c 52580diff --git a/fs/attr.c b/fs/attr.c
52581index 8dd5825..a90e189 100644 52581index 66fa625..aeb65ff 100644
52582--- a/fs/attr.c 52582--- a/fs/attr.c
52583+++ b/fs/attr.c 52583+++ b/fs/attr.c
52584@@ -102,6 +102,7 @@ int inode_newsize_ok(const struct inode *inode, loff_t offset) 52584@@ -102,6 +102,7 @@ int inode_newsize_ok(const struct inode *inode, loff_t offset)
@@ -57733,7 +57733,7 @@ index 4e5f332..3cb6350 100644
57733 static int can_do_hugetlb_shm(void) 57733 static int can_do_hugetlb_shm(void)
57734 { 57734 {
57735diff --git a/fs/inode.c b/fs/inode.c 57735diff --git a/fs/inode.c b/fs/inode.c
57736index 00d5fc3..98ce7d7 100644 57736index 1b300a0..105e7c4 100644
57737--- a/fs/inode.c 57737--- a/fs/inode.c
57738+++ b/fs/inode.c 57738+++ b/fs/inode.c
57739@@ -878,8 +878,8 @@ unsigned int get_next_ino(void) 57739@@ -878,8 +878,8 @@ unsigned int get_next_ino(void)
@@ -57873,10 +57873,10 @@ index 0274c95..3b9f6e5 100644
57873 57873
57874 lock_flocks(); 57874 lock_flocks();
57875diff --git a/fs/namei.c b/fs/namei.c 57875diff --git a/fs/namei.c b/fs/namei.c
57876index 1211ee5..0e8539c 100644 57876index 6ac16a3..de9c550 100644
57877--- a/fs/namei.c 57877--- a/fs/namei.c
57878+++ b/fs/namei.c 57878+++ b/fs/namei.c
57879@@ -319,16 +319,32 @@ int generic_permission(struct inode *inode, int mask) 57879@@ -319,17 +319,34 @@ int generic_permission(struct inode *inode, int mask)
57880 if (ret != -EACCES) 57880 if (ret != -EACCES)
57881 return ret; 57881 return ret;
57882 57882
@@ -57888,14 +57888,16 @@ index 1211ee5..0e8539c 100644
57888+ 57888+
57889 if (S_ISDIR(inode->i_mode)) { 57889 if (S_ISDIR(inode->i_mode)) {
57890 /* DACs are overridable for directories */ 57890 /* DACs are overridable for directories */
57891- if (inode_capable(inode, CAP_DAC_OVERRIDE)) 57891- if (capable_wrt_inode_uidgid(inode, CAP_DAC_OVERRIDE))
57892- return 0; 57892- return 0;
57893 if (!(mask & MAY_WRITE)) 57893 if (!(mask & MAY_WRITE))
57894- if (inode_capable(inode, CAP_DAC_READ_SEARCH)) 57894- if (capable_wrt_inode_uidgid(inode,
57895+ if (inode_capable_nolog(inode, CAP_DAC_OVERRIDE) || 57895+ if (capable_wrt_inode_uidgid_nolog(inode,
57896+ inode_capable(inode, CAP_DAC_READ_SEARCH)) 57896+ CAP_DAC_OVERRIDE) ||
57897+ capable_wrt_inode_uidgid(inode,
57898 CAP_DAC_READ_SEARCH))
57897 return 0; 57899 return 0;
57898+ if (inode_capable(inode, CAP_DAC_OVERRIDE)) 57900+ if (capable_wrt_inode_uidgid(inode, CAP_DAC_OVERRIDE))
57899+ return 0; 57901+ return 0;
57900 return -EACCES; 57902 return -EACCES;
57901 } 57903 }
@@ -57904,16 +57906,16 @@ index 1211ee5..0e8539c 100644
57904+ */ 57906+ */
57905+ mask &= MAY_READ | MAY_WRITE | MAY_EXEC; 57907+ mask &= MAY_READ | MAY_WRITE | MAY_EXEC;
57906+ if (mask == MAY_READ) 57908+ if (mask == MAY_READ)
57907+ if (inode_capable_nolog(inode, CAP_DAC_OVERRIDE) || 57909+ if (capable_wrt_inode_uidgid_nolog(inode, CAP_DAC_OVERRIDE) ||
57908+ inode_capable(inode, CAP_DAC_READ_SEARCH)) 57910+ capable_wrt_inode_uidgid(inode, CAP_DAC_READ_SEARCH))
57909+ return 0; 57911+ return 0;
57910+ 57912+
57911+ /* 57913+ /*
57912 * Read/write DACs are always overridable. 57914 * Read/write DACs are always overridable.
57913 * Executable DACs are overridable when there is 57915 * Executable DACs are overridable when there is
57914 * at least one exec bit set. 57916 * at least one exec bit set.
57915@@ -337,14 +353,6 @@ int generic_permission(struct inode *inode, int mask) 57917@@ -338,14 +355,6 @@ int generic_permission(struct inode *inode, int mask)
57916 if (inode_capable(inode, CAP_DAC_OVERRIDE)) 57918 if (capable_wrt_inode_uidgid(inode, CAP_DAC_OVERRIDE))
57917 return 0; 57919 return 0;
57918 57920
57919- /* 57921- /*
@@ -57921,13 +57923,13 @@ index 1211ee5..0e8539c 100644
57921- */ 57923- */
57922- mask &= MAY_READ | MAY_WRITE | MAY_EXEC; 57924- mask &= MAY_READ | MAY_WRITE | MAY_EXEC;
57923- if (mask == MAY_READ) 57925- if (mask == MAY_READ)
57924- if (inode_capable(inode, CAP_DAC_READ_SEARCH)) 57926- if (capable_wrt_inode_uidgid(inode, CAP_DAC_READ_SEARCH))
57925- return 0; 57927- return 0;
57926- 57928-
57927 return -EACCES; 57929 return -EACCES;
57928 } 57930 }
57929 57931
57930@@ -820,7 +828,7 @@ follow_link(struct path *link, struct nameidata *nd, void **p) 57932@@ -821,7 +830,7 @@ follow_link(struct path *link, struct nameidata *nd, void **p)
57931 { 57933 {
57932 struct dentry *dentry = link->dentry; 57934 struct dentry *dentry = link->dentry;
57933 int error; 57935 int error;
@@ -57936,7 +57938,7 @@ index 1211ee5..0e8539c 100644
57936 57938
57937 BUG_ON(nd->flags & LOOKUP_RCU); 57939 BUG_ON(nd->flags & LOOKUP_RCU);
57938 57940
57939@@ -841,6 +849,12 @@ follow_link(struct path *link, struct nameidata *nd, void **p) 57941@@ -842,6 +851,12 @@ follow_link(struct path *link, struct nameidata *nd, void **p)
57940 if (error) 57942 if (error)
57941 goto out_put_nd_path; 57943 goto out_put_nd_path;
57942 57944
@@ -57949,7 +57951,7 @@ index 1211ee5..0e8539c 100644
57949 nd->last_type = LAST_BIND; 57951 nd->last_type = LAST_BIND;
57950 *p = dentry->d_inode->i_op->follow_link(dentry, nd); 57952 *p = dentry->d_inode->i_op->follow_link(dentry, nd);
57951 error = PTR_ERR(*p); 57953 error = PTR_ERR(*p);
57952@@ -1588,6 +1602,8 @@ static inline int nested_symlink(struct path *path, struct nameidata *nd) 57954@@ -1589,6 +1604,8 @@ static inline int nested_symlink(struct path *path, struct nameidata *nd)
57953 if (res) 57955 if (res)
57954 break; 57956 break;
57955 res = walk_component(nd, path, LOOKUP_FOLLOW); 57957 res = walk_component(nd, path, LOOKUP_FOLLOW);
@@ -57958,7 +57960,7 @@ index 1211ee5..0e8539c 100644
57958 put_link(nd, &link, cookie); 57960 put_link(nd, &link, cookie);
57959 } while (res > 0); 57961 } while (res > 0);
57960 57962
57961@@ -1686,7 +1702,7 @@ EXPORT_SYMBOL(full_name_hash); 57963@@ -1687,7 +1704,7 @@ EXPORT_SYMBOL(full_name_hash);
57962 static inline unsigned long hash_name(const char *name, unsigned int *hashp) 57964 static inline unsigned long hash_name(const char *name, unsigned int *hashp)
57963 { 57965 {
57964 unsigned long a, b, adata, bdata, mask, hash, len; 57966 unsigned long a, b, adata, bdata, mask, hash, len;
@@ -57967,7 +57969,7 @@ index 1211ee5..0e8539c 100644
57967 57969
57968 hash = a = 0; 57970 hash = a = 0;
57969 len = -sizeof(unsigned long); 57971 len = -sizeof(unsigned long);
57970@@ -1968,6 +1984,8 @@ static int path_lookupat(int dfd, const char *name, 57972@@ -1969,6 +1986,8 @@ static int path_lookupat(int dfd, const char *name,
57971 if (err) 57973 if (err)
57972 break; 57974 break;
57973 err = lookup_last(nd, &path); 57975 err = lookup_last(nd, &path);
@@ -57976,7 +57978,7 @@ index 1211ee5..0e8539c 100644
57976 put_link(nd, &link, cookie); 57978 put_link(nd, &link, cookie);
57977 } 57979 }
57978 } 57980 }
57979@@ -1975,6 +1993,13 @@ static int path_lookupat(int dfd, const char *name, 57981@@ -1976,6 +1995,13 @@ static int path_lookupat(int dfd, const char *name,
57980 if (!err) 57982 if (!err)
57981 err = complete_walk(nd); 57983 err = complete_walk(nd);
57982 57984
@@ -57990,7 +57992,7 @@ index 1211ee5..0e8539c 100644
57990 if (!err && nd->flags & LOOKUP_DIRECTORY) { 57992 if (!err && nd->flags & LOOKUP_DIRECTORY) {
57991 if (!can_lookup(nd->inode)) { 57993 if (!can_lookup(nd->inode)) {
57992 path_put(&nd->path); 57994 path_put(&nd->path);
57993@@ -2002,8 +2027,15 @@ static int filename_lookup(int dfd, struct filename *name, 57995@@ -2003,8 +2029,15 @@ static int filename_lookup(int dfd, struct filename *name,
57994 retval = path_lookupat(dfd, name->name, 57996 retval = path_lookupat(dfd, name->name,
57995 flags | LOOKUP_REVAL, nd); 57997 flags | LOOKUP_REVAL, nd);
57996 57998
@@ -58007,7 +58009,7 @@ index 1211ee5..0e8539c 100644
58007 return retval; 58009 return retval;
58008 } 58010 }
58009 58011
58010@@ -2382,6 +2414,13 @@ static int may_open(struct path *path, int acc_mode, int flag) 58012@@ -2383,6 +2416,13 @@ static int may_open(struct path *path, int acc_mode, int flag)
58011 if (flag & O_NOATIME && !inode_owner_or_capable(inode)) 58013 if (flag & O_NOATIME && !inode_owner_or_capable(inode))
58012 return -EPERM; 58014 return -EPERM;
58013 58015
@@ -58021,7 +58023,7 @@ index 1211ee5..0e8539c 100644
58021 return 0; 58023 return 0;
58022 } 58024 }
58023 58025
58024@@ -2603,7 +2642,7 @@ looked_up: 58026@@ -2604,7 +2644,7 @@ looked_up:
58025 * cleared otherwise prior to returning. 58027 * cleared otherwise prior to returning.
58026 */ 58028 */
58027 static int lookup_open(struct nameidata *nd, struct path *path, 58029 static int lookup_open(struct nameidata *nd, struct path *path,
@@ -58030,7 +58032,7 @@ index 1211ee5..0e8539c 100644
58030 const struct open_flags *op, 58032 const struct open_flags *op,
58031 bool got_write, int *opened) 58033 bool got_write, int *opened)
58032 { 58034 {
58033@@ -2638,6 +2677,17 @@ static int lookup_open(struct nameidata *nd, struct path *path, 58035@@ -2639,6 +2679,17 @@ static int lookup_open(struct nameidata *nd, struct path *path,
58034 /* Negative dentry, just create the file */ 58036 /* Negative dentry, just create the file */
58035 if (!dentry->d_inode && (op->open_flag & O_CREAT)) { 58037 if (!dentry->d_inode && (op->open_flag & O_CREAT)) {
58036 umode_t mode = op->mode; 58038 umode_t mode = op->mode;
@@ -58048,7 +58050,7 @@ index 1211ee5..0e8539c 100644
58048 if (!IS_POSIXACL(dir->d_inode)) 58050 if (!IS_POSIXACL(dir->d_inode))
58049 mode &= ~current_umask(); 58051 mode &= ~current_umask();
58050 /* 58052 /*
58051@@ -2659,6 +2709,8 @@ static int lookup_open(struct nameidata *nd, struct path *path, 58053@@ -2660,6 +2711,8 @@ static int lookup_open(struct nameidata *nd, struct path *path,
58052 nd->flags & LOOKUP_EXCL); 58054 nd->flags & LOOKUP_EXCL);
58053 if (error) 58055 if (error)
58054 goto out_dput; 58056 goto out_dput;
@@ -58057,7 +58059,7 @@ index 1211ee5..0e8539c 100644
58057 } 58059 }
58058 out_no_open: 58060 out_no_open:
58059 path->dentry = dentry; 58061 path->dentry = dentry;
58060@@ -2673,7 +2725,7 @@ out_dput: 58062@@ -2674,7 +2727,7 @@ out_dput:
58061 /* 58063 /*
58062 * Handle the last step of open() 58064 * Handle the last step of open()
58063 */ 58065 */
@@ -58066,7 +58068,7 @@ index 1211ee5..0e8539c 100644
58066 struct file *file, const struct open_flags *op, 58068 struct file *file, const struct open_flags *op,
58067 int *opened, struct filename *name) 58069 int *opened, struct filename *name)
58068 { 58070 {
58069@@ -2702,16 +2754,32 @@ static int do_last(struct nameidata *nd, struct path *path, 58071@@ -2703,16 +2756,32 @@ static int do_last(struct nameidata *nd, struct path *path,
58070 error = complete_walk(nd); 58072 error = complete_walk(nd);
58071 if (error) 58073 if (error)
58072 return error; 58074 return error;
@@ -58099,7 +58101,7 @@ index 1211ee5..0e8539c 100644
58099 audit_inode(name, dir, 0); 58101 audit_inode(name, dir, 0);
58100 goto finish_open; 58102 goto finish_open;
58101 } 58103 }
58102@@ -2760,7 +2828,7 @@ retry_lookup: 58104@@ -2761,7 +2830,7 @@ retry_lookup:
58103 */ 58105 */
58104 } 58106 }
58105 mutex_lock(&dir->d_inode->i_mutex); 58107 mutex_lock(&dir->d_inode->i_mutex);
@@ -58108,7 +58110,7 @@ index 1211ee5..0e8539c 100644
58108 mutex_unlock(&dir->d_inode->i_mutex); 58110 mutex_unlock(&dir->d_inode->i_mutex);
58109 58111
58110 if (error <= 0) { 58112 if (error <= 0) {
58111@@ -2784,11 +2852,28 @@ retry_lookup: 58113@@ -2785,11 +2854,28 @@ retry_lookup:
58112 goto finish_open_created; 58114 goto finish_open_created;
58113 } 58115 }
58114 58116
@@ -58138,7 +58140,7 @@ index 1211ee5..0e8539c 100644
58138 58140
58139 /* 58141 /*
58140 * If atomic_open() acquired write access it is dropped now due to 58142 * If atomic_open() acquired write access it is dropped now due to
58141@@ -2829,6 +2914,11 @@ finish_lookup: 58143@@ -2830,6 +2916,11 @@ finish_lookup:
58142 } 58144 }
58143 } 58145 }
58144 BUG_ON(inode != path->dentry->d_inode); 58146 BUG_ON(inode != path->dentry->d_inode);
@@ -58150,7 +58152,7 @@ index 1211ee5..0e8539c 100644
58150 return 1; 58152 return 1;
58151 } 58153 }
58152 58154
58153@@ -2838,7 +2928,6 @@ finish_lookup: 58155@@ -2839,7 +2930,6 @@ finish_lookup:
58154 save_parent.dentry = nd->path.dentry; 58156 save_parent.dentry = nd->path.dentry;
58155 save_parent.mnt = mntget(path->mnt); 58157 save_parent.mnt = mntget(path->mnt);
58156 nd->path.dentry = path->dentry; 58158 nd->path.dentry = path->dentry;
@@ -58158,7 +58160,7 @@ index 1211ee5..0e8539c 100644
58158 } 58160 }
58159 nd->inode = inode; 58161 nd->inode = inode;
58160 /* Why this, you ask? _Now_ we might have grown LOOKUP_JUMPED... */ 58162 /* Why this, you ask? _Now_ we might have grown LOOKUP_JUMPED... */
58161@@ -2847,6 +2936,16 @@ finish_lookup: 58163@@ -2848,6 +2938,16 @@ finish_lookup:
58162 path_put(&save_parent); 58164 path_put(&save_parent);
58163 return error; 58165 return error;
58164 } 58166 }
@@ -58175,7 +58177,7 @@ index 1211ee5..0e8539c 100644
58175 error = -EISDIR; 58177 error = -EISDIR;
58176 if ((open_flag & O_CREAT) && S_ISDIR(nd->inode->i_mode)) 58178 if ((open_flag & O_CREAT) && S_ISDIR(nd->inode->i_mode))
58177 goto out; 58179 goto out;
58178@@ -2945,7 +3044,7 @@ static struct file *path_openat(int dfd, struct filename *pathname, 58180@@ -2946,7 +3046,7 @@ static struct file *path_openat(int dfd, struct filename *pathname,
58179 if (unlikely(error)) 58181 if (unlikely(error))
58180 goto out; 58182 goto out;
58181 58183
@@ -58184,7 +58186,7 @@ index 1211ee5..0e8539c 100644
58184 while (unlikely(error > 0)) { /* trailing symlink */ 58186 while (unlikely(error > 0)) { /* trailing symlink */
58185 struct path link = path; 58187 struct path link = path;
58186 void *cookie; 58188 void *cookie;
58187@@ -2963,7 +3062,7 @@ static struct file *path_openat(int dfd, struct filename *pathname, 58189@@ -2964,7 +3064,7 @@ static struct file *path_openat(int dfd, struct filename *pathname,
58188 error = follow_link(&link, nd, &cookie); 58190 error = follow_link(&link, nd, &cookie);
58189 if (unlikely(error)) 58191 if (unlikely(error))
58190 break; 58192 break;
@@ -58193,7 +58195,7 @@ index 1211ee5..0e8539c 100644
58193 put_link(nd, &link, cookie); 58195 put_link(nd, &link, cookie);
58194 } 58196 }
58195 out: 58197 out:
58196@@ -3063,8 +3162,12 @@ struct dentry *kern_path_create(int dfd, const char *pathname, 58198@@ -3064,8 +3164,12 @@ struct dentry *kern_path_create(int dfd, const char *pathname,
58197 goto unlock; 58199 goto unlock;
58198 58200
58199 error = -EEXIST; 58201 error = -EEXIST;
@@ -58207,7 +58209,7 @@ index 1211ee5..0e8539c 100644
58207 /* 58209 /*
58208 * Special case - lookup gave negative, but... we had foo/bar/ 58210 * Special case - lookup gave negative, but... we had foo/bar/
58209 * From the vfs_mknod() POV we just have a negative dentry - 58211 * From the vfs_mknod() POV we just have a negative dentry -
58210@@ -3116,6 +3219,20 @@ struct dentry *user_path_create(int dfd, const char __user *pathname, 58212@@ -3117,6 +3221,20 @@ struct dentry *user_path_create(int dfd, const char __user *pathname,
58211 } 58213 }
58212 EXPORT_SYMBOL(user_path_create); 58214 EXPORT_SYMBOL(user_path_create);
58213 58215
@@ -58228,7 +58230,7 @@ index 1211ee5..0e8539c 100644
58228 int vfs_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev) 58230 int vfs_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev)
58229 { 58231 {
58230 int error = may_create(dir, dentry); 58232 int error = may_create(dir, dentry);
58231@@ -3178,6 +3295,17 @@ retry: 58233@@ -3179,6 +3297,17 @@ retry:
58232 58234
58233 if (!IS_POSIXACL(path.dentry->d_inode)) 58235 if (!IS_POSIXACL(path.dentry->d_inode))
58234 mode &= ~current_umask(); 58236 mode &= ~current_umask();
@@ -58246,7 +58248,7 @@ index 1211ee5..0e8539c 100644
58246 error = security_path_mknod(&path, dentry, mode, dev); 58248 error = security_path_mknod(&path, dentry, mode, dev);
58247 if (error) 58249 if (error)
58248 goto out; 58250 goto out;
58249@@ -3194,6 +3322,8 @@ retry: 58251@@ -3195,6 +3324,8 @@ retry:
58250 break; 58252 break;
58251 } 58253 }
58252 out: 58254 out:
@@ -58255,7 +58257,7 @@ index 1211ee5..0e8539c 100644
58255 done_path_create(&path, dentry); 58257 done_path_create(&path, dentry);
58256 if (retry_estale(error, lookup_flags)) { 58258 if (retry_estale(error, lookup_flags)) {
58257 lookup_flags |= LOOKUP_REVAL; 58259 lookup_flags |= LOOKUP_REVAL;
58258@@ -3246,9 +3376,16 @@ retry: 58260@@ -3247,9 +3378,16 @@ retry:
58259 58261
58260 if (!IS_POSIXACL(path.dentry->d_inode)) 58262 if (!IS_POSIXACL(path.dentry->d_inode))
58261 mode &= ~current_umask(); 58263 mode &= ~current_umask();
@@ -58272,7 +58274,7 @@ index 1211ee5..0e8539c 100644
58272 done_path_create(&path, dentry); 58274 done_path_create(&path, dentry);
58273 if (retry_estale(error, lookup_flags)) { 58275 if (retry_estale(error, lookup_flags)) {
58274 lookup_flags |= LOOKUP_REVAL; 58276 lookup_flags |= LOOKUP_REVAL;
58275@@ -3329,6 +3466,8 @@ static long do_rmdir(int dfd, const char __user *pathname) 58277@@ -3330,6 +3468,8 @@ static long do_rmdir(int dfd, const char __user *pathname)
58276 struct filename *name; 58278 struct filename *name;
58277 struct dentry *dentry; 58279 struct dentry *dentry;
58278 struct nameidata nd; 58280 struct nameidata nd;
@@ -58281,7 +58283,7 @@ index 1211ee5..0e8539c 100644
58281 unsigned int lookup_flags = 0; 58283 unsigned int lookup_flags = 0;
58282 retry: 58284 retry:
58283 name = user_path_parent(dfd, pathname, &nd, lookup_flags); 58285 name = user_path_parent(dfd, pathname, &nd, lookup_flags);
58284@@ -3361,10 +3500,21 @@ retry: 58286@@ -3362,10 +3502,21 @@ retry:
58285 error = -ENOENT; 58287 error = -ENOENT;
58286 goto exit3; 58288 goto exit3;
58287 } 58289 }
@@ -58303,7 +58305,7 @@ index 1211ee5..0e8539c 100644
58303 exit3: 58305 exit3:
58304 dput(dentry); 58306 dput(dentry);
58305 exit2: 58307 exit2:
58306@@ -3430,6 +3580,8 @@ static long do_unlinkat(int dfd, const char __user *pathname) 58308@@ -3431,6 +3582,8 @@ static long do_unlinkat(int dfd, const char __user *pathname)
58307 struct dentry *dentry; 58309 struct dentry *dentry;
58308 struct nameidata nd; 58310 struct nameidata nd;
58309 struct inode *inode = NULL; 58311 struct inode *inode = NULL;
@@ -58312,7 +58314,7 @@ index 1211ee5..0e8539c 100644
58312 unsigned int lookup_flags = 0; 58314 unsigned int lookup_flags = 0;
58313 retry: 58315 retry:
58314 name = user_path_parent(dfd, pathname, &nd, lookup_flags); 58316 name = user_path_parent(dfd, pathname, &nd, lookup_flags);
58315@@ -3456,10 +3608,22 @@ retry: 58317@@ -3457,10 +3610,22 @@ retry:
58316 if (!inode) 58318 if (!inode)
58317 goto slashes; 58319 goto slashes;
58318 ihold(inode); 58320 ihold(inode);
@@ -58335,7 +58337,7 @@ index 1211ee5..0e8539c 100644
58335 exit2: 58337 exit2:
58336 dput(dentry); 58338 dput(dentry);
58337 } 58339 }
58338@@ -3537,9 +3701,17 @@ retry: 58340@@ -3538,9 +3703,17 @@ retry:
58339 if (IS_ERR(dentry)) 58341 if (IS_ERR(dentry))
58340 goto out_putname; 58342 goto out_putname;
58341 58343
@@ -58353,7 +58355,7 @@ index 1211ee5..0e8539c 100644
58353 done_path_create(&path, dentry); 58355 done_path_create(&path, dentry);
58354 if (retry_estale(error, lookup_flags)) { 58356 if (retry_estale(error, lookup_flags)) {
58355 lookup_flags |= LOOKUP_REVAL; 58357 lookup_flags |= LOOKUP_REVAL;
58356@@ -3613,6 +3785,7 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname, 58358@@ -3614,6 +3787,7 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname,
58357 { 58359 {
58358 struct dentry *new_dentry; 58360 struct dentry *new_dentry;
58359 struct path old_path, new_path; 58361 struct path old_path, new_path;
@@ -58361,7 +58363,7 @@ index 1211ee5..0e8539c 100644
58361 int how = 0; 58363 int how = 0;
58362 int error; 58364 int error;
58363 58365
58364@@ -3636,7 +3809,7 @@ retry: 58366@@ -3637,7 +3811,7 @@ retry:
58365 if (error) 58367 if (error)
58366 return error; 58368 return error;
58367 58369
@@ -58370,7 +58372,7 @@ index 1211ee5..0e8539c 100644
58370 (how & LOOKUP_REVAL)); 58372 (how & LOOKUP_REVAL));
58371 error = PTR_ERR(new_dentry); 58373 error = PTR_ERR(new_dentry);
58372 if (IS_ERR(new_dentry)) 58374 if (IS_ERR(new_dentry))
58373@@ -3648,11 +3821,28 @@ retry: 58375@@ -3649,11 +3823,28 @@ retry:
58374 error = may_linkat(&old_path); 58376 error = may_linkat(&old_path);
58375 if (unlikely(error)) 58377 if (unlikely(error))
58376 goto out_dput; 58378 goto out_dput;
@@ -58399,7 +58401,7 @@ index 1211ee5..0e8539c 100644
58399 done_path_create(&new_path, new_dentry); 58401 done_path_create(&new_path, new_dentry);
58400 if (retry_estale(error, how)) { 58402 if (retry_estale(error, how)) {
58401 path_put(&old_path); 58403 path_put(&old_path);
58402@@ -3899,12 +4089,21 @@ retry: 58404@@ -3900,12 +4091,21 @@ retry:
58403 if (new_dentry == trap) 58405 if (new_dentry == trap)
58404 goto exit5; 58406 goto exit5;
58405 58407
@@ -58421,7 +58423,7 @@ index 1211ee5..0e8539c 100644
58421 exit5: 58423 exit5:
58422 dput(new_dentry); 58424 dput(new_dentry);
58423 exit4: 58425 exit4:
58424@@ -3936,6 +4135,8 @@ SYSCALL_DEFINE2(rename, const char __user *, oldname, const char __user *, newna 58426@@ -3937,6 +4137,8 @@ SYSCALL_DEFINE2(rename, const char __user *, oldname, const char __user *, newna
58425 58427
58426 int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const char *link) 58428 int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const char *link)
58427 { 58429 {
@@ -58430,7 +58432,7 @@ index 1211ee5..0e8539c 100644
58430 int len; 58432 int len;
58431 58433
58432 len = PTR_ERR(link); 58434 len = PTR_ERR(link);
58433@@ -3945,7 +4146,14 @@ int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const c 58435@@ -3946,7 +4148,14 @@ int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const c
58434 len = strlen(link); 58436 len = strlen(link);
58435 if (len > (unsigned) buflen) 58437 if (len > (unsigned) buflen)
58436 len = buflen; 58438 len = buflen;
@@ -73103,16 +73105,16 @@ index 4c57065..4307975 100644
73103 #define ____cacheline_aligned __attribute__((__aligned__(SMP_CACHE_BYTES))) 73105 #define ____cacheline_aligned __attribute__((__aligned__(SMP_CACHE_BYTES)))
73104 #endif 73106 #endif
73105diff --git a/include/linux/capability.h b/include/linux/capability.h 73107diff --git a/include/linux/capability.h b/include/linux/capability.h
73106index d9a4f7f4..19f77d6 100644 73108index 15f9092..d52b825 100644
73107--- a/include/linux/capability.h 73109--- a/include/linux/capability.h
73108+++ b/include/linux/capability.h 73110+++ b/include/linux/capability.h
73109@@ -213,8 +213,13 @@ extern bool ns_capable(struct user_namespace *ns, int cap); 73111@@ -213,8 +213,13 @@ extern bool ns_capable(struct user_namespace *ns, int cap);
73110 extern bool nsown_capable(int cap); 73112 extern bool nsown_capable(int cap);
73111 extern bool inode_capable(const struct inode *inode, int cap); 73113 extern bool capable_wrt_inode_uidgid(const struct inode *inode, int cap);
73112 extern bool file_ns_capable(const struct file *file, struct user_namespace *ns, int cap); 73114 extern bool file_ns_capable(const struct file *file, struct user_namespace *ns, int cap);
73113+extern bool capable_nolog(int cap); 73115+extern bool capable_nolog(int cap);
73114+extern bool ns_capable_nolog(struct user_namespace *ns, int cap); 73116+extern bool ns_capable_nolog(struct user_namespace *ns, int cap);
73115+extern bool inode_capable_nolog(const struct inode *inode, int cap); 73117+extern bool capable_wrt_inode_uidgid_nolog(const struct inode *inode, int cap);
73116 73118
73117 /* audit system wants to get cap info from files as well */ 73119 /* audit system wants to get cap info from files as well */
73118 extern int get_vfs_caps_from_disk(const struct dentry *dentry, struct cpu_vfs_cap_data *cpu_caps); 73120 extern int get_vfs_caps_from_disk(const struct dentry *dentry, struct cpu_vfs_cap_data *cpu_caps);
@@ -78594,7 +78596,7 @@ index 37a3bbd..55a4241 100644
78594 extern int llc_sap_action_unitdata_ind(struct llc_sap *sap, 78596 extern int llc_sap_action_unitdata_ind(struct llc_sap *sap,
78595 struct sk_buff *skb); 78597 struct sk_buff *skb);
78596diff --git a/include/net/llc_s_st.h b/include/net/llc_s_st.h 78598diff --git a/include/net/llc_s_st.h b/include/net/llc_s_st.h
78597index 567c681..cd73ac0 100644 78599index 567c681..cd73ac02 100644
78598--- a/include/net/llc_s_st.h 78600--- a/include/net/llc_s_st.h
78599+++ b/include/net/llc_s_st.h 78601+++ b/include/net/llc_s_st.h
78600@@ -20,7 +20,7 @@ struct llc_sap_state_trans { 78602@@ -20,7 +20,7 @@ struct llc_sap_state_trans {
@@ -80281,10 +80283,10 @@ index 6bd4a90..0ee9eff 100644
80281 f->val = 0; 80283 f->val = 0;
80282 } 80284 }
80283diff --git a/kernel/auditsc.c b/kernel/auditsc.c 80285diff --git a/kernel/auditsc.c b/kernel/auditsc.c
80284index 9845cb3..3ec9369 100644 80286index 03a3af8..7139042 100644
80285--- a/kernel/auditsc.c 80287--- a/kernel/auditsc.c
80286+++ b/kernel/auditsc.c 80288+++ b/kernel/auditsc.c
80287@@ -1962,7 +1962,7 @@ int auditsc_get_stamp(struct audit_context *ctx, 80289@@ -1971,7 +1971,7 @@ int auditsc_get_stamp(struct audit_context *ctx,
80288 } 80290 }
80289 80291
80290 /* global counter which is incremented every time something logs in */ 80292 /* global counter which is incremented every time something logs in */
@@ -80293,7 +80295,7 @@ index 9845cb3..3ec9369 100644
80293 80295
80294 /** 80296 /**
80295 * audit_set_loginuid - set current task's audit_context loginuid 80297 * audit_set_loginuid - set current task's audit_context loginuid
80296@@ -1986,7 +1986,7 @@ int audit_set_loginuid(kuid_t loginuid) 80298@@ -1995,7 +1995,7 @@ int audit_set_loginuid(kuid_t loginuid)
80297 return -EPERM; 80299 return -EPERM;
80298 #endif /* CONFIG_AUDIT_LOGINUID_IMMUTABLE */ 80300 #endif /* CONFIG_AUDIT_LOGINUID_IMMUTABLE */
80299 80301
@@ -80303,7 +80305,7 @@ index 9845cb3..3ec9369 100644
80303 struct audit_buffer *ab; 80305 struct audit_buffer *ab;
80304 80306
80305diff --git a/kernel/capability.c b/kernel/capability.c 80307diff --git a/kernel/capability.c b/kernel/capability.c
80306index f6c2ce5..982c0f9 100644 80308index d52eecc..b59d93d 100644
80307--- a/kernel/capability.c 80309--- a/kernel/capability.c
80308+++ b/kernel/capability.c 80310+++ b/kernel/capability.c
80309@@ -202,6 +202,9 @@ SYSCALL_DEFINE2(capget, cap_user_header_t, header, cap_user_data_t, dataptr) 80311@@ -202,6 +202,9 @@ SYSCALL_DEFINE2(capget, cap_user_header_t, header, cap_user_data_t, dataptr)
@@ -80387,17 +80389,19 @@ index f6c2ce5..982c0f9 100644
80387 /** 80389 /**
80388 * nsown_capable - Check superior capability to one's own user_ns 80390 * nsown_capable - Check superior capability to one's own user_ns
80389 * @cap: The capability in question 80391 * @cap: The capability in question
80390@@ -464,3 +489,10 @@ bool inode_capable(const struct inode *inode, int cap) 80392@@ -460,3 +485,12 @@ bool capable_wrt_inode_uidgid(const struct inode *inode, int cap)
80391 80393 return ns_capable(ns, cap) && kuid_has_mapping(ns, inode->i_uid) &&
80392 return ns_capable(ns, cap) && kuid_has_mapping(ns, inode->i_uid); 80394 kgid_has_mapping(ns, inode->i_gid);
80393 } 80395 }
80394+ 80396+
80395+bool inode_capable_nolog(const struct inode *inode, int cap) 80397+bool capable_wrt_inode_uidgid_nolog(const struct inode *inode, int cap)
80396+{ 80398+{
80397+ struct user_namespace *ns = current_user_ns(); 80399+ struct user_namespace *ns = current_user_ns();
80398+ 80400+
80399+ return ns_capable_nolog(ns, cap) && kuid_has_mapping(ns, inode->i_uid); 80401+ return ns_capable_nolog(ns, cap) && kuid_has_mapping(ns, inode->i_uid) &&
80402+ kgid_has_mapping(ns, inode->i_gid);
80400+} 80403+}
80404+EXPORT_SYMBOL(capable_wrt_inode_uidgid_nolog);
80401diff --git a/kernel/cgroup.c b/kernel/cgroup.c 80405diff --git a/kernel/cgroup.c b/kernel/cgroup.c
80402index d0def7f..ff3a63e 100644 80406index d0def7f..ff3a63e 100644
80403--- a/kernel/cgroup.c 80407--- a/kernel/cgroup.c
@@ -111698,7 +111702,7 @@ index b0f164b..63c9f7d 100644
111698 endif 111702 endif
111699 111703
111700diff --git a/tools/perf/util/include/asm/alternative-asm.h b/tools/perf/util/include/asm/alternative-asm.h 111704diff --git a/tools/perf/util/include/asm/alternative-asm.h b/tools/perf/util/include/asm/alternative-asm.h
111701index 6789d78..4afd019e 100644 111705index 6789d788..4afd019e 100644
111702--- a/tools/perf/util/include/asm/alternative-asm.h 111706--- a/tools/perf/util/include/asm/alternative-asm.h
111703+++ b/tools/perf/util/include/asm/alternative-asm.h 111707+++ b/tools/perf/util/include/asm/alternative-asm.h
111704@@ -5,4 +5,7 @@ 111708@@ -5,4 +5,7 @@
© 2015 Mike Crute