diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2014-06-25 13:32:56 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2014-06-25 13:32:56 +0000 |
commit | dc708dfe6724712912939aab4e1c5437fcb8fd91 (patch) | |
tree | 613c394fdd95b8a8f7db94038a19bc719326de3a | |
parent | a8f96819323eb839b46cbf0395c6d36d760cb4cd (diff) | |
download | alpine_aports-dc708dfe6724712912939aab4e1c5437fcb8fd91.tar.bz2 alpine_aports-dc708dfe6724712912939aab4e1c5437fcb8fd91.tar.xz alpine_aports-dc708dfe6724712912939aab4e1c5437fcb8fd91.zip |
main/linux-virt-grsec: upgrade to 3.10.44
-rw-r--r-- | main/linux-virt-grsec/APKBUILD | 14 | ||||
-rw-r--r-- | main/linux-virt-grsec/grsecurity-2.9.1-3.10.44-unofficial.patch (renamed from main/linux-virt-grsec/grsecurity-2.9.1-3.10.43-unofficial.patch) | 136 |
2 files changed, 77 insertions, 73 deletions
diff --git a/main/linux-virt-grsec/APKBUILD b/main/linux-virt-grsec/APKBUILD index 9cadce32d7..879c5f4528 100644 --- a/main/linux-virt-grsec/APKBUILD +++ b/main/linux-virt-grsec/APKBUILD | |||
@@ -3,7 +3,7 @@ | |||
3 | 3 | ||
4 | _flavor=virt-grsec | 4 | _flavor=virt-grsec |
5 | pkgname=linux-${_flavor} | 5 | pkgname=linux-${_flavor} |
6 | pkgver=3.10.43 | 6 | pkgver=3.10.44 |
7 | case $pkgver in | 7 | case $pkgver in |
8 | *.*.*) _kernver=${pkgver%.*};; | 8 | *.*.*) _kernver=${pkgver%.*};; |
9 | *.*) _kernver=${pkgver};; | 9 | *.*) _kernver=${pkgver};; |
@@ -154,8 +154,8 @@ dev() { | |||
154 | } | 154 | } |
155 | 155 | ||
156 | md5sums="4f25cd5bec5f8d5a7d935b3f2ccb8481 linux-3.10.tar.xz | 156 | md5sums="4f25cd5bec5f8d5a7d935b3f2ccb8481 linux-3.10.tar.xz |
157 | 3395365459b5a907a0425f260bc60e10 patch-3.10.43.xz | 157 | 775e8b7a3d0890bff5952eb9e7c42cd8 patch-3.10.44.xz |
158 | 157ad1fb61302669afff96bdff14eebb grsecurity-2.9.1-3.10.43-unofficial.patch | 158 | f1e906ad953a274e1d4cab130310cd0d grsecurity-2.9.1-3.10.44-unofficial.patch |
159 | a16f11b12381efb3bec79b9bfb329836 0001-net-inform-NETDEV_CHANGE-callbacks-which-flags-were-.patch | 159 | a16f11b12381efb3bec79b9bfb329836 0001-net-inform-NETDEV_CHANGE-callbacks-which-flags-were-.patch |
160 | 656ae7b10dd2f18dbfa1011041d08d60 0002-arp-flush-arp-cache-on-IFF_NOARP-change.patch | 160 | 656ae7b10dd2f18dbfa1011041d08d60 0002-arp-flush-arp-cache-on-IFF_NOARP-change.patch |
161 | aa454ffb96428586447775c21449e284 0003-ipv4-properly-refresh-rtable-entries-on-pmtu-redirec.patch | 161 | aa454ffb96428586447775c21449e284 0003-ipv4-properly-refresh-rtable-entries-on-pmtu-redirec.patch |
@@ -168,8 +168,8 @@ b3c0153d53e508e03d73b94d15b24a96 sysctl_lxc.patch | |||
168 | 539c848d541c1656851fe865018273df kernelconfig.x86 | 168 | 539c848d541c1656851fe865018273df kernelconfig.x86 |
169 | 82cd965fc82651f2e6b35e75c17d8031 kernelconfig.x86_64" | 169 | 82cd965fc82651f2e6b35e75c17d8031 kernelconfig.x86_64" |
170 | sha256sums="df27fa92d27a9c410bfe6c4a89f141638500d7eadcca5cce578954efc2ad3544 linux-3.10.tar.xz | 170 | sha256sums="df27fa92d27a9c410bfe6c4a89f141638500d7eadcca5cce578954efc2ad3544 linux-3.10.tar.xz |
171 | 3d2f5d06ef28985f691d0aaa457d066f0d9c4e2c02acc5cfe6bdacd42180d839 patch-3.10.43.xz | 171 | 86086660ac02cb5d6dd4ace3593e5e185fd3c04a8de4bd5cf7adb70e28be8d8b patch-3.10.44.xz |
172 | 7a25c79bd80b2157a88ba176b3a837151f5eeb25b2a6a841c8ab6ecb4cf9fb3d grsecurity-2.9.1-3.10.43-unofficial.patch | 172 | 7cd9a1b7dae8360d90a86dc60703609612ee3c070bb1592c7fcba1fc4d58362b grsecurity-2.9.1-3.10.44-unofficial.patch |
173 | 6af3757ac36a6cd3cda7b0a71b08143726383b19261294a569ad7f4042c72df3 0001-net-inform-NETDEV_CHANGE-callbacks-which-flags-were-.patch | 173 | 6af3757ac36a6cd3cda7b0a71b08143726383b19261294a569ad7f4042c72df3 0001-net-inform-NETDEV_CHANGE-callbacks-which-flags-were-.patch |
174 | dc8e82108615657f1fb9d641efd42255a5761c06edde1b00a41ae0d314d548f0 0002-arp-flush-arp-cache-on-IFF_NOARP-change.patch | 174 | dc8e82108615657f1fb9d641efd42255a5761c06edde1b00a41ae0d314d548f0 0002-arp-flush-arp-cache-on-IFF_NOARP-change.patch |
175 | 0985caa0f3ee8ed0959aeaa4214f5f8057ae8e61d50dcae39194912d31e14892 0003-ipv4-properly-refresh-rtable-entries-on-pmtu-redirec.patch | 175 | 0985caa0f3ee8ed0959aeaa4214f5f8057ae8e61d50dcae39194912d31e14892 0003-ipv4-properly-refresh-rtable-entries-on-pmtu-redirec.patch |
@@ -182,8 +182,8 @@ fc613ac466610b866b721c41836fd5bfb2d4b75bceb67972dc6369d7f62ff47e 0006-ipv4-use- | |||
182 | 997d4c8a5a2b911047d26fe1bf8ee8d5cd3b7133e6abdc07b7deacd0b3eb2330 kernelconfig.x86 | 182 | 997d4c8a5a2b911047d26fe1bf8ee8d5cd3b7133e6abdc07b7deacd0b3eb2330 kernelconfig.x86 |
183 | 7845194551137fbc3b69a75249696bc843bb7fe7f4a4e6b0582c0ca0856caa64 kernelconfig.x86_64" | 183 | 7845194551137fbc3b69a75249696bc843bb7fe7f4a4e6b0582c0ca0856caa64 kernelconfig.x86_64" |
184 | sha512sums="5fb109fcbd59bf3dffc911b853894f0a84afa75151368f783a1252c5ff60c7a1504de216c0012be446df983e2dea400ad8eeed3ce04f24dc61d0ef76c174dc35 linux-3.10.tar.xz | 184 | sha512sums="5fb109fcbd59bf3dffc911b853894f0a84afa75151368f783a1252c5ff60c7a1504de216c0012be446df983e2dea400ad8eeed3ce04f24dc61d0ef76c174dc35 linux-3.10.tar.xz |
185 | e4449c1bb88fcd92aec56882ba21fed2da40b9512996a50916123043507e3223aed0586bc43f15b1c73af9d1e18183637136d2e26a0d60bafb4ead1786d8f0d9 patch-3.10.43.xz | 185 | 0ff596c562c76be03cdac321307294925b2978e9f991e133bab54386cee8a9a2069300d3eec3a1512ed621e0acdaf89769e3f24c21e3954785a5655d425c9107 patch-3.10.44.xz |
186 | 0b5b5368b4dcf64502700c6b96af35694b0cfa86688dd944ad43edfe9630717a176f0b60b3b2e9b04ad6b5cc062363f7a36e55ccd92831194539e45fdb848017 grsecurity-2.9.1-3.10.43-unofficial.patch | 186 | d0c65b05b4c6f846b5347e64a5eff857427b25aa5e17ec7c74659573fc547dbcf2a2b9868a0183b8b317a8d20bd443fbe3b4f8e9dba67b402c2f0dd161cbaefe grsecurity-2.9.1-3.10.44-unofficial.patch |
187 | 81e78593288e8b0fd2c03ea9fc1450323887707f087e911f172450a122bc9b591ee83394836789730d951aeec13d0b75a64e1c05f04364abf8f80d883ddc4a02 0001-net-inform-NETDEV_CHANGE-callbacks-which-flags-were-.patch | 187 | 81e78593288e8b0fd2c03ea9fc1450323887707f087e911f172450a122bc9b591ee83394836789730d951aeec13d0b75a64e1c05f04364abf8f80d883ddc4a02 0001-net-inform-NETDEV_CHANGE-callbacks-which-flags-were-.patch |
188 | 51ecb15b669f6a82940a13a38939116e003bf5dfd24496771c8279e907b72adcc63d607f0340a2940d757e12ddadb7d45c7af78ae311d284935a6296dbcac00c 0002-arp-flush-arp-cache-on-IFF_NOARP-change.patch | 188 | 51ecb15b669f6a82940a13a38939116e003bf5dfd24496771c8279e907b72adcc63d607f0340a2940d757e12ddadb7d45c7af78ae311d284935a6296dbcac00c 0002-arp-flush-arp-cache-on-IFF_NOARP-change.patch |
189 | 57d0a8bd35d19cf657ded58efe24517d2252aec6984040713ba173a34edb5887ececaa2985076bc6a149eaa57639fd98a042c1c2d226ed4ad8dd5ed0e230717e 0003-ipv4-properly-refresh-rtable-entries-on-pmtu-redirec.patch | 189 | 57d0a8bd35d19cf657ded58efe24517d2252aec6984040713ba173a34edb5887ececaa2985076bc6a149eaa57639fd98a042c1c2d226ed4ad8dd5ed0e230717e 0003-ipv4-properly-refresh-rtable-entries-on-pmtu-redirec.patch |
diff --git a/main/linux-virt-grsec/grsecurity-2.9.1-3.10.43-unofficial.patch b/main/linux-virt-grsec/grsecurity-2.9.1-3.10.44-unofficial.patch index dadf7b7bb4..39c0e4ec66 100644 --- a/main/linux-virt-grsec/grsecurity-2.9.1-3.10.43-unofficial.patch +++ b/main/linux-virt-grsec/grsecurity-2.9.1-3.10.44-unofficial.patch | |||
@@ -281,7 +281,7 @@ index 1311a48..f233324 100644 | |||
281 | 281 | ||
282 | pcd. [PARIDE] | 282 | pcd. [PARIDE] |
283 | diff --git a/Makefile b/Makefile | 283 | diff --git a/Makefile b/Makefile |
284 | index 9cf5138..b85cc95 100644 | 284 | index e55476c..36e2242 100644 |
285 | --- a/Makefile | 285 | --- a/Makefile |
286 | +++ b/Makefile | 286 | +++ b/Makefile |
287 | @@ -241,8 +241,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ | 287 | @@ -241,8 +241,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \ |
@@ -43535,7 +43535,7 @@ index 0b74189..818358f 100644 | |||
43535 | +} __do_const; | 43535 | +} __do_const; |
43536 | #endif /* _DW_MMC_H_ */ | 43536 | #endif /* _DW_MMC_H_ */ |
43537 | diff --git a/drivers/mmc/host/sdhci-s3c.c b/drivers/mmc/host/sdhci-s3c.c | 43537 | diff --git a/drivers/mmc/host/sdhci-s3c.c b/drivers/mmc/host/sdhci-s3c.c |
43538 | index c6f6246..60760a8 100644 | 43538 | index c6f6246a4..60760a8 100644 |
43539 | --- a/drivers/mmc/host/sdhci-s3c.c | 43539 | --- a/drivers/mmc/host/sdhci-s3c.c |
43540 | +++ b/drivers/mmc/host/sdhci-s3c.c | 43540 | +++ b/drivers/mmc/host/sdhci-s3c.c |
43541 | @@ -664,9 +664,11 @@ static int sdhci_s3c_probe(struct platform_device *pdev) | 43541 | @@ -664,9 +664,11 @@ static int sdhci_s3c_probe(struct platform_device *pdev) |
@@ -52578,7 +52578,7 @@ index ebd06fd..41c850d 100644 | |||
52578 | kiocb->ki_nbytes = ret; | 52578 | kiocb->ki_nbytes = ret; |
52579 | return 0; | 52579 | return 0; |
52580 | diff --git a/fs/attr.c b/fs/attr.c | 52580 | diff --git a/fs/attr.c b/fs/attr.c |
52581 | index 8dd5825..a90e189 100644 | 52581 | index 66fa625..aeb65ff 100644 |
52582 | --- a/fs/attr.c | 52582 | --- a/fs/attr.c |
52583 | +++ b/fs/attr.c | 52583 | +++ b/fs/attr.c |
52584 | @@ -102,6 +102,7 @@ int inode_newsize_ok(const struct inode *inode, loff_t offset) | 52584 | @@ -102,6 +102,7 @@ int inode_newsize_ok(const struct inode *inode, loff_t offset) |
@@ -57733,7 +57733,7 @@ index 4e5f332..3cb6350 100644 | |||
57733 | static int can_do_hugetlb_shm(void) | 57733 | static int can_do_hugetlb_shm(void) |
57734 | { | 57734 | { |
57735 | diff --git a/fs/inode.c b/fs/inode.c | 57735 | diff --git a/fs/inode.c b/fs/inode.c |
57736 | index 00d5fc3..98ce7d7 100644 | 57736 | index 1b300a0..105e7c4 100644 |
57737 | --- a/fs/inode.c | 57737 | --- a/fs/inode.c |
57738 | +++ b/fs/inode.c | 57738 | +++ b/fs/inode.c |
57739 | @@ -878,8 +878,8 @@ unsigned int get_next_ino(void) | 57739 | @@ -878,8 +878,8 @@ unsigned int get_next_ino(void) |
@@ -57873,10 +57873,10 @@ index 0274c95..3b9f6e5 100644 | |||
57873 | 57873 | ||
57874 | lock_flocks(); | 57874 | lock_flocks(); |
57875 | diff --git a/fs/namei.c b/fs/namei.c | 57875 | diff --git a/fs/namei.c b/fs/namei.c |
57876 | index 1211ee5..0e8539c 100644 | 57876 | index 6ac16a3..de9c550 100644 |
57877 | --- a/fs/namei.c | 57877 | --- a/fs/namei.c |
57878 | +++ b/fs/namei.c | 57878 | +++ b/fs/namei.c |
57879 | @@ -319,16 +319,32 @@ int generic_permission(struct inode *inode, int mask) | 57879 | @@ -319,17 +319,34 @@ int generic_permission(struct inode *inode, int mask) |
57880 | if (ret != -EACCES) | 57880 | if (ret != -EACCES) |
57881 | return ret; | 57881 | return ret; |
57882 | 57882 | ||
@@ -57888,14 +57888,16 @@ index 1211ee5..0e8539c 100644 | |||
57888 | + | 57888 | + |
57889 | if (S_ISDIR(inode->i_mode)) { | 57889 | if (S_ISDIR(inode->i_mode)) { |
57890 | /* DACs are overridable for directories */ | 57890 | /* DACs are overridable for directories */ |
57891 | - if (inode_capable(inode, CAP_DAC_OVERRIDE)) | 57891 | - if (capable_wrt_inode_uidgid(inode, CAP_DAC_OVERRIDE)) |
57892 | - return 0; | 57892 | - return 0; |
57893 | if (!(mask & MAY_WRITE)) | 57893 | if (!(mask & MAY_WRITE)) |
57894 | - if (inode_capable(inode, CAP_DAC_READ_SEARCH)) | 57894 | - if (capable_wrt_inode_uidgid(inode, |
57895 | + if (inode_capable_nolog(inode, CAP_DAC_OVERRIDE) || | 57895 | + if (capable_wrt_inode_uidgid_nolog(inode, |
57896 | + inode_capable(inode, CAP_DAC_READ_SEARCH)) | 57896 | + CAP_DAC_OVERRIDE) || |
57897 | + capable_wrt_inode_uidgid(inode, | ||
57898 | CAP_DAC_READ_SEARCH)) | ||
57897 | return 0; | 57899 | return 0; |
57898 | + if (inode_capable(inode, CAP_DAC_OVERRIDE)) | 57900 | + if (capable_wrt_inode_uidgid(inode, CAP_DAC_OVERRIDE)) |
57899 | + return 0; | 57901 | + return 0; |
57900 | return -EACCES; | 57902 | return -EACCES; |
57901 | } | 57903 | } |
@@ -57904,16 +57906,16 @@ index 1211ee5..0e8539c 100644 | |||
57904 | + */ | 57906 | + */ |
57905 | + mask &= MAY_READ | MAY_WRITE | MAY_EXEC; | 57907 | + mask &= MAY_READ | MAY_WRITE | MAY_EXEC; |
57906 | + if (mask == MAY_READ) | 57908 | + if (mask == MAY_READ) |
57907 | + if (inode_capable_nolog(inode, CAP_DAC_OVERRIDE) || | 57909 | + if (capable_wrt_inode_uidgid_nolog(inode, CAP_DAC_OVERRIDE) || |
57908 | + inode_capable(inode, CAP_DAC_READ_SEARCH)) | 57910 | + capable_wrt_inode_uidgid(inode, CAP_DAC_READ_SEARCH)) |
57909 | + return 0; | 57911 | + return 0; |
57910 | + | 57912 | + |
57911 | + /* | 57913 | + /* |
57912 | * Read/write DACs are always overridable. | 57914 | * Read/write DACs are always overridable. |
57913 | * Executable DACs are overridable when there is | 57915 | * Executable DACs are overridable when there is |
57914 | * at least one exec bit set. | 57916 | * at least one exec bit set. |
57915 | @@ -337,14 +353,6 @@ int generic_permission(struct inode *inode, int mask) | 57917 | @@ -338,14 +355,6 @@ int generic_permission(struct inode *inode, int mask) |
57916 | if (inode_capable(inode, CAP_DAC_OVERRIDE)) | 57918 | if (capable_wrt_inode_uidgid(inode, CAP_DAC_OVERRIDE)) |
57917 | return 0; | 57919 | return 0; |
57918 | 57920 | ||
57919 | - /* | 57921 | - /* |
@@ -57921,13 +57923,13 @@ index 1211ee5..0e8539c 100644 | |||
57921 | - */ | 57923 | - */ |
57922 | - mask &= MAY_READ | MAY_WRITE | MAY_EXEC; | 57924 | - mask &= MAY_READ | MAY_WRITE | MAY_EXEC; |
57923 | - if (mask == MAY_READ) | 57925 | - if (mask == MAY_READ) |
57924 | - if (inode_capable(inode, CAP_DAC_READ_SEARCH)) | 57926 | - if (capable_wrt_inode_uidgid(inode, CAP_DAC_READ_SEARCH)) |
57925 | - return 0; | 57927 | - return 0; |
57926 | - | 57928 | - |
57927 | return -EACCES; | 57929 | return -EACCES; |
57928 | } | 57930 | } |
57929 | 57931 | ||
57930 | @@ -820,7 +828,7 @@ follow_link(struct path *link, struct nameidata *nd, void **p) | 57932 | @@ -821,7 +830,7 @@ follow_link(struct path *link, struct nameidata *nd, void **p) |
57931 | { | 57933 | { |
57932 | struct dentry *dentry = link->dentry; | 57934 | struct dentry *dentry = link->dentry; |
57933 | int error; | 57935 | int error; |
@@ -57936,7 +57938,7 @@ index 1211ee5..0e8539c 100644 | |||
57936 | 57938 | ||
57937 | BUG_ON(nd->flags & LOOKUP_RCU); | 57939 | BUG_ON(nd->flags & LOOKUP_RCU); |
57938 | 57940 | ||
57939 | @@ -841,6 +849,12 @@ follow_link(struct path *link, struct nameidata *nd, void **p) | 57941 | @@ -842,6 +851,12 @@ follow_link(struct path *link, struct nameidata *nd, void **p) |
57940 | if (error) | 57942 | if (error) |
57941 | goto out_put_nd_path; | 57943 | goto out_put_nd_path; |
57942 | 57944 | ||
@@ -57949,7 +57951,7 @@ index 1211ee5..0e8539c 100644 | |||
57949 | nd->last_type = LAST_BIND; | 57951 | nd->last_type = LAST_BIND; |
57950 | *p = dentry->d_inode->i_op->follow_link(dentry, nd); | 57952 | *p = dentry->d_inode->i_op->follow_link(dentry, nd); |
57951 | error = PTR_ERR(*p); | 57953 | error = PTR_ERR(*p); |
57952 | @@ -1588,6 +1602,8 @@ static inline int nested_symlink(struct path *path, struct nameidata *nd) | 57954 | @@ -1589,6 +1604,8 @@ static inline int nested_symlink(struct path *path, struct nameidata *nd) |
57953 | if (res) | 57955 | if (res) |
57954 | break; | 57956 | break; |
57955 | res = walk_component(nd, path, LOOKUP_FOLLOW); | 57957 | res = walk_component(nd, path, LOOKUP_FOLLOW); |
@@ -57958,7 +57960,7 @@ index 1211ee5..0e8539c 100644 | |||
57958 | put_link(nd, &link, cookie); | 57960 | put_link(nd, &link, cookie); |
57959 | } while (res > 0); | 57961 | } while (res > 0); |
57960 | 57962 | ||
57961 | @@ -1686,7 +1702,7 @@ EXPORT_SYMBOL(full_name_hash); | 57963 | @@ -1687,7 +1704,7 @@ EXPORT_SYMBOL(full_name_hash); |
57962 | static inline unsigned long hash_name(const char *name, unsigned int *hashp) | 57964 | static inline unsigned long hash_name(const char *name, unsigned int *hashp) |
57963 | { | 57965 | { |
57964 | unsigned long a, b, adata, bdata, mask, hash, len; | 57966 | unsigned long a, b, adata, bdata, mask, hash, len; |
@@ -57967,7 +57969,7 @@ index 1211ee5..0e8539c 100644 | |||
57967 | 57969 | ||
57968 | hash = a = 0; | 57970 | hash = a = 0; |
57969 | len = -sizeof(unsigned long); | 57971 | len = -sizeof(unsigned long); |
57970 | @@ -1968,6 +1984,8 @@ static int path_lookupat(int dfd, const char *name, | 57972 | @@ -1969,6 +1986,8 @@ static int path_lookupat(int dfd, const char *name, |
57971 | if (err) | 57973 | if (err) |
57972 | break; | 57974 | break; |
57973 | err = lookup_last(nd, &path); | 57975 | err = lookup_last(nd, &path); |
@@ -57976,7 +57978,7 @@ index 1211ee5..0e8539c 100644 | |||
57976 | put_link(nd, &link, cookie); | 57978 | put_link(nd, &link, cookie); |
57977 | } | 57979 | } |
57978 | } | 57980 | } |
57979 | @@ -1975,6 +1993,13 @@ static int path_lookupat(int dfd, const char *name, | 57981 | @@ -1976,6 +1995,13 @@ static int path_lookupat(int dfd, const char *name, |
57980 | if (!err) | 57982 | if (!err) |
57981 | err = complete_walk(nd); | 57983 | err = complete_walk(nd); |
57982 | 57984 | ||
@@ -57990,7 +57992,7 @@ index 1211ee5..0e8539c 100644 | |||
57990 | if (!err && nd->flags & LOOKUP_DIRECTORY) { | 57992 | if (!err && nd->flags & LOOKUP_DIRECTORY) { |
57991 | if (!can_lookup(nd->inode)) { | 57993 | if (!can_lookup(nd->inode)) { |
57992 | path_put(&nd->path); | 57994 | path_put(&nd->path); |
57993 | @@ -2002,8 +2027,15 @@ static int filename_lookup(int dfd, struct filename *name, | 57995 | @@ -2003,8 +2029,15 @@ static int filename_lookup(int dfd, struct filename *name, |
57994 | retval = path_lookupat(dfd, name->name, | 57996 | retval = path_lookupat(dfd, name->name, |
57995 | flags | LOOKUP_REVAL, nd); | 57997 | flags | LOOKUP_REVAL, nd); |
57996 | 57998 | ||
@@ -58007,7 +58009,7 @@ index 1211ee5..0e8539c 100644 | |||
58007 | return retval; | 58009 | return retval; |
58008 | } | 58010 | } |
58009 | 58011 | ||
58010 | @@ -2382,6 +2414,13 @@ static int may_open(struct path *path, int acc_mode, int flag) | 58012 | @@ -2383,6 +2416,13 @@ static int may_open(struct path *path, int acc_mode, int flag) |
58011 | if (flag & O_NOATIME && !inode_owner_or_capable(inode)) | 58013 | if (flag & O_NOATIME && !inode_owner_or_capable(inode)) |
58012 | return -EPERM; | 58014 | return -EPERM; |
58013 | 58015 | ||
@@ -58021,7 +58023,7 @@ index 1211ee5..0e8539c 100644 | |||
58021 | return 0; | 58023 | return 0; |
58022 | } | 58024 | } |
58023 | 58025 | ||
58024 | @@ -2603,7 +2642,7 @@ looked_up: | 58026 | @@ -2604,7 +2644,7 @@ looked_up: |
58025 | * cleared otherwise prior to returning. | 58027 | * cleared otherwise prior to returning. |
58026 | */ | 58028 | */ |
58027 | static int lookup_open(struct nameidata *nd, struct path *path, | 58029 | static int lookup_open(struct nameidata *nd, struct path *path, |
@@ -58030,7 +58032,7 @@ index 1211ee5..0e8539c 100644 | |||
58030 | const struct open_flags *op, | 58032 | const struct open_flags *op, |
58031 | bool got_write, int *opened) | 58033 | bool got_write, int *opened) |
58032 | { | 58034 | { |
58033 | @@ -2638,6 +2677,17 @@ static int lookup_open(struct nameidata *nd, struct path *path, | 58035 | @@ -2639,6 +2679,17 @@ static int lookup_open(struct nameidata *nd, struct path *path, |
58034 | /* Negative dentry, just create the file */ | 58036 | /* Negative dentry, just create the file */ |
58035 | if (!dentry->d_inode && (op->open_flag & O_CREAT)) { | 58037 | if (!dentry->d_inode && (op->open_flag & O_CREAT)) { |
58036 | umode_t mode = op->mode; | 58038 | umode_t mode = op->mode; |
@@ -58048,7 +58050,7 @@ index 1211ee5..0e8539c 100644 | |||
58048 | if (!IS_POSIXACL(dir->d_inode)) | 58050 | if (!IS_POSIXACL(dir->d_inode)) |
58049 | mode &= ~current_umask(); | 58051 | mode &= ~current_umask(); |
58050 | /* | 58052 | /* |
58051 | @@ -2659,6 +2709,8 @@ static int lookup_open(struct nameidata *nd, struct path *path, | 58053 | @@ -2660,6 +2711,8 @@ static int lookup_open(struct nameidata *nd, struct path *path, |
58052 | nd->flags & LOOKUP_EXCL); | 58054 | nd->flags & LOOKUP_EXCL); |
58053 | if (error) | 58055 | if (error) |
58054 | goto out_dput; | 58056 | goto out_dput; |
@@ -58057,7 +58059,7 @@ index 1211ee5..0e8539c 100644 | |||
58057 | } | 58059 | } |
58058 | out_no_open: | 58060 | out_no_open: |
58059 | path->dentry = dentry; | 58061 | path->dentry = dentry; |
58060 | @@ -2673,7 +2725,7 @@ out_dput: | 58062 | @@ -2674,7 +2727,7 @@ out_dput: |
58061 | /* | 58063 | /* |
58062 | * Handle the last step of open() | 58064 | * Handle the last step of open() |
58063 | */ | 58065 | */ |
@@ -58066,7 +58068,7 @@ index 1211ee5..0e8539c 100644 | |||
58066 | struct file *file, const struct open_flags *op, | 58068 | struct file *file, const struct open_flags *op, |
58067 | int *opened, struct filename *name) | 58069 | int *opened, struct filename *name) |
58068 | { | 58070 | { |
58069 | @@ -2702,16 +2754,32 @@ static int do_last(struct nameidata *nd, struct path *path, | 58071 | @@ -2703,16 +2756,32 @@ static int do_last(struct nameidata *nd, struct path *path, |
58070 | error = complete_walk(nd); | 58072 | error = complete_walk(nd); |
58071 | if (error) | 58073 | if (error) |
58072 | return error; | 58074 | return error; |
@@ -58099,7 +58101,7 @@ index 1211ee5..0e8539c 100644 | |||
58099 | audit_inode(name, dir, 0); | 58101 | audit_inode(name, dir, 0); |
58100 | goto finish_open; | 58102 | goto finish_open; |
58101 | } | 58103 | } |
58102 | @@ -2760,7 +2828,7 @@ retry_lookup: | 58104 | @@ -2761,7 +2830,7 @@ retry_lookup: |
58103 | */ | 58105 | */ |
58104 | } | 58106 | } |
58105 | mutex_lock(&dir->d_inode->i_mutex); | 58107 | mutex_lock(&dir->d_inode->i_mutex); |
@@ -58108,7 +58110,7 @@ index 1211ee5..0e8539c 100644 | |||
58108 | mutex_unlock(&dir->d_inode->i_mutex); | 58110 | mutex_unlock(&dir->d_inode->i_mutex); |
58109 | 58111 | ||
58110 | if (error <= 0) { | 58112 | if (error <= 0) { |
58111 | @@ -2784,11 +2852,28 @@ retry_lookup: | 58113 | @@ -2785,11 +2854,28 @@ retry_lookup: |
58112 | goto finish_open_created; | 58114 | goto finish_open_created; |
58113 | } | 58115 | } |
58114 | 58116 | ||
@@ -58138,7 +58140,7 @@ index 1211ee5..0e8539c 100644 | |||
58138 | 58140 | ||
58139 | /* | 58141 | /* |
58140 | * If atomic_open() acquired write access it is dropped now due to | 58142 | * If atomic_open() acquired write access it is dropped now due to |
58141 | @@ -2829,6 +2914,11 @@ finish_lookup: | 58143 | @@ -2830,6 +2916,11 @@ finish_lookup: |
58142 | } | 58144 | } |
58143 | } | 58145 | } |
58144 | BUG_ON(inode != path->dentry->d_inode); | 58146 | BUG_ON(inode != path->dentry->d_inode); |
@@ -58150,7 +58152,7 @@ index 1211ee5..0e8539c 100644 | |||
58150 | return 1; | 58152 | return 1; |
58151 | } | 58153 | } |
58152 | 58154 | ||
58153 | @@ -2838,7 +2928,6 @@ finish_lookup: | 58155 | @@ -2839,7 +2930,6 @@ finish_lookup: |
58154 | save_parent.dentry = nd->path.dentry; | 58156 | save_parent.dentry = nd->path.dentry; |
58155 | save_parent.mnt = mntget(path->mnt); | 58157 | save_parent.mnt = mntget(path->mnt); |
58156 | nd->path.dentry = path->dentry; | 58158 | nd->path.dentry = path->dentry; |
@@ -58158,7 +58160,7 @@ index 1211ee5..0e8539c 100644 | |||
58158 | } | 58160 | } |
58159 | nd->inode = inode; | 58161 | nd->inode = inode; |
58160 | /* Why this, you ask? _Now_ we might have grown LOOKUP_JUMPED... */ | 58162 | /* Why this, you ask? _Now_ we might have grown LOOKUP_JUMPED... */ |
58161 | @@ -2847,6 +2936,16 @@ finish_lookup: | 58163 | @@ -2848,6 +2938,16 @@ finish_lookup: |
58162 | path_put(&save_parent); | 58164 | path_put(&save_parent); |
58163 | return error; | 58165 | return error; |
58164 | } | 58166 | } |
@@ -58175,7 +58177,7 @@ index 1211ee5..0e8539c 100644 | |||
58175 | error = -EISDIR; | 58177 | error = -EISDIR; |
58176 | if ((open_flag & O_CREAT) && S_ISDIR(nd->inode->i_mode)) | 58178 | if ((open_flag & O_CREAT) && S_ISDIR(nd->inode->i_mode)) |
58177 | goto out; | 58179 | goto out; |
58178 | @@ -2945,7 +3044,7 @@ static struct file *path_openat(int dfd, struct filename *pathname, | 58180 | @@ -2946,7 +3046,7 @@ static struct file *path_openat(int dfd, struct filename *pathname, |
58179 | if (unlikely(error)) | 58181 | if (unlikely(error)) |
58180 | goto out; | 58182 | goto out; |
58181 | 58183 | ||
@@ -58184,7 +58186,7 @@ index 1211ee5..0e8539c 100644 | |||
58184 | while (unlikely(error > 0)) { /* trailing symlink */ | 58186 | while (unlikely(error > 0)) { /* trailing symlink */ |
58185 | struct path link = path; | 58187 | struct path link = path; |
58186 | void *cookie; | 58188 | void *cookie; |
58187 | @@ -2963,7 +3062,7 @@ static struct file *path_openat(int dfd, struct filename *pathname, | 58189 | @@ -2964,7 +3064,7 @@ static struct file *path_openat(int dfd, struct filename *pathname, |
58188 | error = follow_link(&link, nd, &cookie); | 58190 | error = follow_link(&link, nd, &cookie); |
58189 | if (unlikely(error)) | 58191 | if (unlikely(error)) |
58190 | break; | 58192 | break; |
@@ -58193,7 +58195,7 @@ index 1211ee5..0e8539c 100644 | |||
58193 | put_link(nd, &link, cookie); | 58195 | put_link(nd, &link, cookie); |
58194 | } | 58196 | } |
58195 | out: | 58197 | out: |
58196 | @@ -3063,8 +3162,12 @@ struct dentry *kern_path_create(int dfd, const char *pathname, | 58198 | @@ -3064,8 +3164,12 @@ struct dentry *kern_path_create(int dfd, const char *pathname, |
58197 | goto unlock; | 58199 | goto unlock; |
58198 | 58200 | ||
58199 | error = -EEXIST; | 58201 | error = -EEXIST; |
@@ -58207,7 +58209,7 @@ index 1211ee5..0e8539c 100644 | |||
58207 | /* | 58209 | /* |
58208 | * Special case - lookup gave negative, but... we had foo/bar/ | 58210 | * Special case - lookup gave negative, but... we had foo/bar/ |
58209 | * From the vfs_mknod() POV we just have a negative dentry - | 58211 | * From the vfs_mknod() POV we just have a negative dentry - |
58210 | @@ -3116,6 +3219,20 @@ struct dentry *user_path_create(int dfd, const char __user *pathname, | 58212 | @@ -3117,6 +3221,20 @@ struct dentry *user_path_create(int dfd, const char __user *pathname, |
58211 | } | 58213 | } |
58212 | EXPORT_SYMBOL(user_path_create); | 58214 | EXPORT_SYMBOL(user_path_create); |
58213 | 58215 | ||
@@ -58228,7 +58230,7 @@ index 1211ee5..0e8539c 100644 | |||
58228 | int vfs_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev) | 58230 | int vfs_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev) |
58229 | { | 58231 | { |
58230 | int error = may_create(dir, dentry); | 58232 | int error = may_create(dir, dentry); |
58231 | @@ -3178,6 +3295,17 @@ retry: | 58233 | @@ -3179,6 +3297,17 @@ retry: |
58232 | 58234 | ||
58233 | if (!IS_POSIXACL(path.dentry->d_inode)) | 58235 | if (!IS_POSIXACL(path.dentry->d_inode)) |
58234 | mode &= ~current_umask(); | 58236 | mode &= ~current_umask(); |
@@ -58246,7 +58248,7 @@ index 1211ee5..0e8539c 100644 | |||
58246 | error = security_path_mknod(&path, dentry, mode, dev); | 58248 | error = security_path_mknod(&path, dentry, mode, dev); |
58247 | if (error) | 58249 | if (error) |
58248 | goto out; | 58250 | goto out; |
58249 | @@ -3194,6 +3322,8 @@ retry: | 58251 | @@ -3195,6 +3324,8 @@ retry: |
58250 | break; | 58252 | break; |
58251 | } | 58253 | } |
58252 | out: | 58254 | out: |
@@ -58255,7 +58257,7 @@ index 1211ee5..0e8539c 100644 | |||
58255 | done_path_create(&path, dentry); | 58257 | done_path_create(&path, dentry); |
58256 | if (retry_estale(error, lookup_flags)) { | 58258 | if (retry_estale(error, lookup_flags)) { |
58257 | lookup_flags |= LOOKUP_REVAL; | 58259 | lookup_flags |= LOOKUP_REVAL; |
58258 | @@ -3246,9 +3376,16 @@ retry: | 58260 | @@ -3247,9 +3378,16 @@ retry: |
58259 | 58261 | ||
58260 | if (!IS_POSIXACL(path.dentry->d_inode)) | 58262 | if (!IS_POSIXACL(path.dentry->d_inode)) |
58261 | mode &= ~current_umask(); | 58263 | mode &= ~current_umask(); |
@@ -58272,7 +58274,7 @@ index 1211ee5..0e8539c 100644 | |||
58272 | done_path_create(&path, dentry); | 58274 | done_path_create(&path, dentry); |
58273 | if (retry_estale(error, lookup_flags)) { | 58275 | if (retry_estale(error, lookup_flags)) { |
58274 | lookup_flags |= LOOKUP_REVAL; | 58276 | lookup_flags |= LOOKUP_REVAL; |
58275 | @@ -3329,6 +3466,8 @@ static long do_rmdir(int dfd, const char __user *pathname) | 58277 | @@ -3330,6 +3468,8 @@ static long do_rmdir(int dfd, const char __user *pathname) |
58276 | struct filename *name; | 58278 | struct filename *name; |
58277 | struct dentry *dentry; | 58279 | struct dentry *dentry; |
58278 | struct nameidata nd; | 58280 | struct nameidata nd; |
@@ -58281,7 +58283,7 @@ index 1211ee5..0e8539c 100644 | |||
58281 | unsigned int lookup_flags = 0; | 58283 | unsigned int lookup_flags = 0; |
58282 | retry: | 58284 | retry: |
58283 | name = user_path_parent(dfd, pathname, &nd, lookup_flags); | 58285 | name = user_path_parent(dfd, pathname, &nd, lookup_flags); |
58284 | @@ -3361,10 +3500,21 @@ retry: | 58286 | @@ -3362,10 +3502,21 @@ retry: |
58285 | error = -ENOENT; | 58287 | error = -ENOENT; |
58286 | goto exit3; | 58288 | goto exit3; |
58287 | } | 58289 | } |
@@ -58303,7 +58305,7 @@ index 1211ee5..0e8539c 100644 | |||
58303 | exit3: | 58305 | exit3: |
58304 | dput(dentry); | 58306 | dput(dentry); |
58305 | exit2: | 58307 | exit2: |
58306 | @@ -3430,6 +3580,8 @@ static long do_unlinkat(int dfd, const char __user *pathname) | 58308 | @@ -3431,6 +3582,8 @@ static long do_unlinkat(int dfd, const char __user *pathname) |
58307 | struct dentry *dentry; | 58309 | struct dentry *dentry; |
58308 | struct nameidata nd; | 58310 | struct nameidata nd; |
58309 | struct inode *inode = NULL; | 58311 | struct inode *inode = NULL; |
@@ -58312,7 +58314,7 @@ index 1211ee5..0e8539c 100644 | |||
58312 | unsigned int lookup_flags = 0; | 58314 | unsigned int lookup_flags = 0; |
58313 | retry: | 58315 | retry: |
58314 | name = user_path_parent(dfd, pathname, &nd, lookup_flags); | 58316 | name = user_path_parent(dfd, pathname, &nd, lookup_flags); |
58315 | @@ -3456,10 +3608,22 @@ retry: | 58317 | @@ -3457,10 +3610,22 @@ retry: |
58316 | if (!inode) | 58318 | if (!inode) |
58317 | goto slashes; | 58319 | goto slashes; |
58318 | ihold(inode); | 58320 | ihold(inode); |
@@ -58335,7 +58337,7 @@ index 1211ee5..0e8539c 100644 | |||
58335 | exit2: | 58337 | exit2: |
58336 | dput(dentry); | 58338 | dput(dentry); |
58337 | } | 58339 | } |
58338 | @@ -3537,9 +3701,17 @@ retry: | 58340 | @@ -3538,9 +3703,17 @@ retry: |
58339 | if (IS_ERR(dentry)) | 58341 | if (IS_ERR(dentry)) |
58340 | goto out_putname; | 58342 | goto out_putname; |
58341 | 58343 | ||
@@ -58353,7 +58355,7 @@ index 1211ee5..0e8539c 100644 | |||
58353 | done_path_create(&path, dentry); | 58355 | done_path_create(&path, dentry); |
58354 | if (retry_estale(error, lookup_flags)) { | 58356 | if (retry_estale(error, lookup_flags)) { |
58355 | lookup_flags |= LOOKUP_REVAL; | 58357 | lookup_flags |= LOOKUP_REVAL; |
58356 | @@ -3613,6 +3785,7 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname, | 58358 | @@ -3614,6 +3787,7 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname, |
58357 | { | 58359 | { |
58358 | struct dentry *new_dentry; | 58360 | struct dentry *new_dentry; |
58359 | struct path old_path, new_path; | 58361 | struct path old_path, new_path; |
@@ -58361,7 +58363,7 @@ index 1211ee5..0e8539c 100644 | |||
58361 | int how = 0; | 58363 | int how = 0; |
58362 | int error; | 58364 | int error; |
58363 | 58365 | ||
58364 | @@ -3636,7 +3809,7 @@ retry: | 58366 | @@ -3637,7 +3811,7 @@ retry: |
58365 | if (error) | 58367 | if (error) |
58366 | return error; | 58368 | return error; |
58367 | 58369 | ||
@@ -58370,7 +58372,7 @@ index 1211ee5..0e8539c 100644 | |||
58370 | (how & LOOKUP_REVAL)); | 58372 | (how & LOOKUP_REVAL)); |
58371 | error = PTR_ERR(new_dentry); | 58373 | error = PTR_ERR(new_dentry); |
58372 | if (IS_ERR(new_dentry)) | 58374 | if (IS_ERR(new_dentry)) |
58373 | @@ -3648,11 +3821,28 @@ retry: | 58375 | @@ -3649,11 +3823,28 @@ retry: |
58374 | error = may_linkat(&old_path); | 58376 | error = may_linkat(&old_path); |
58375 | if (unlikely(error)) | 58377 | if (unlikely(error)) |
58376 | goto out_dput; | 58378 | goto out_dput; |
@@ -58399,7 +58401,7 @@ index 1211ee5..0e8539c 100644 | |||
58399 | done_path_create(&new_path, new_dentry); | 58401 | done_path_create(&new_path, new_dentry); |
58400 | if (retry_estale(error, how)) { | 58402 | if (retry_estale(error, how)) { |
58401 | path_put(&old_path); | 58403 | path_put(&old_path); |
58402 | @@ -3899,12 +4089,21 @@ retry: | 58404 | @@ -3900,12 +4091,21 @@ retry: |
58403 | if (new_dentry == trap) | 58405 | if (new_dentry == trap) |
58404 | goto exit5; | 58406 | goto exit5; |
58405 | 58407 | ||
@@ -58421,7 +58423,7 @@ index 1211ee5..0e8539c 100644 | |||
58421 | exit5: | 58423 | exit5: |
58422 | dput(new_dentry); | 58424 | dput(new_dentry); |
58423 | exit4: | 58425 | exit4: |
58424 | @@ -3936,6 +4135,8 @@ SYSCALL_DEFINE2(rename, const char __user *, oldname, const char __user *, newna | 58426 | @@ -3937,6 +4137,8 @@ SYSCALL_DEFINE2(rename, const char __user *, oldname, const char __user *, newna |
58425 | 58427 | ||
58426 | int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const char *link) | 58428 | int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const char *link) |
58427 | { | 58429 | { |
@@ -58430,7 +58432,7 @@ index 1211ee5..0e8539c 100644 | |||
58430 | int len; | 58432 | int len; |
58431 | 58433 | ||
58432 | len = PTR_ERR(link); | 58434 | len = PTR_ERR(link); |
58433 | @@ -3945,7 +4146,14 @@ int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const c | 58435 | @@ -3946,7 +4148,14 @@ int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const c |
58434 | len = strlen(link); | 58436 | len = strlen(link); |
58435 | if (len > (unsigned) buflen) | 58437 | if (len > (unsigned) buflen) |
58436 | len = buflen; | 58438 | len = buflen; |
@@ -73103,16 +73105,16 @@ index 4c57065..4307975 100644 | |||
73103 | #define ____cacheline_aligned __attribute__((__aligned__(SMP_CACHE_BYTES))) | 73105 | #define ____cacheline_aligned __attribute__((__aligned__(SMP_CACHE_BYTES))) |
73104 | #endif | 73106 | #endif |
73105 | diff --git a/include/linux/capability.h b/include/linux/capability.h | 73107 | diff --git a/include/linux/capability.h b/include/linux/capability.h |
73106 | index d9a4f7f4..19f77d6 100644 | 73108 | index 15f9092..d52b825 100644 |
73107 | --- a/include/linux/capability.h | 73109 | --- a/include/linux/capability.h |
73108 | +++ b/include/linux/capability.h | 73110 | +++ b/include/linux/capability.h |
73109 | @@ -213,8 +213,13 @@ extern bool ns_capable(struct user_namespace *ns, int cap); | 73111 | @@ -213,8 +213,13 @@ extern bool ns_capable(struct user_namespace *ns, int cap); |
73110 | extern bool nsown_capable(int cap); | 73112 | extern bool nsown_capable(int cap); |
73111 | extern bool inode_capable(const struct inode *inode, int cap); | 73113 | extern bool capable_wrt_inode_uidgid(const struct inode *inode, int cap); |
73112 | extern bool file_ns_capable(const struct file *file, struct user_namespace *ns, int cap); | 73114 | extern bool file_ns_capable(const struct file *file, struct user_namespace *ns, int cap); |
73113 | +extern bool capable_nolog(int cap); | 73115 | +extern bool capable_nolog(int cap); |
73114 | +extern bool ns_capable_nolog(struct user_namespace *ns, int cap); | 73116 | +extern bool ns_capable_nolog(struct user_namespace *ns, int cap); |
73115 | +extern bool inode_capable_nolog(const struct inode *inode, int cap); | 73117 | +extern bool capable_wrt_inode_uidgid_nolog(const struct inode *inode, int cap); |
73116 | 73118 | ||
73117 | /* audit system wants to get cap info from files as well */ | 73119 | /* audit system wants to get cap info from files as well */ |
73118 | extern int get_vfs_caps_from_disk(const struct dentry *dentry, struct cpu_vfs_cap_data *cpu_caps); | 73120 | extern int get_vfs_caps_from_disk(const struct dentry *dentry, struct cpu_vfs_cap_data *cpu_caps); |
@@ -78594,7 +78596,7 @@ index 37a3bbd..55a4241 100644 | |||
78594 | extern int llc_sap_action_unitdata_ind(struct llc_sap *sap, | 78596 | extern int llc_sap_action_unitdata_ind(struct llc_sap *sap, |
78595 | struct sk_buff *skb); | 78597 | struct sk_buff *skb); |
78596 | diff --git a/include/net/llc_s_st.h b/include/net/llc_s_st.h | 78598 | diff --git a/include/net/llc_s_st.h b/include/net/llc_s_st.h |
78597 | index 567c681..cd73ac0 100644 | 78599 | index 567c681..cd73ac02 100644 |
78598 | --- a/include/net/llc_s_st.h | 78600 | --- a/include/net/llc_s_st.h |
78599 | +++ b/include/net/llc_s_st.h | 78601 | +++ b/include/net/llc_s_st.h |
78600 | @@ -20,7 +20,7 @@ struct llc_sap_state_trans { | 78602 | @@ -20,7 +20,7 @@ struct llc_sap_state_trans { |
@@ -80281,10 +80283,10 @@ index 6bd4a90..0ee9eff 100644 | |||
80281 | f->val = 0; | 80283 | f->val = 0; |
80282 | } | 80284 | } |
80283 | diff --git a/kernel/auditsc.c b/kernel/auditsc.c | 80285 | diff --git a/kernel/auditsc.c b/kernel/auditsc.c |
80284 | index 9845cb3..3ec9369 100644 | 80286 | index 03a3af8..7139042 100644 |
80285 | --- a/kernel/auditsc.c | 80287 | --- a/kernel/auditsc.c |
80286 | +++ b/kernel/auditsc.c | 80288 | +++ b/kernel/auditsc.c |
80287 | @@ -1962,7 +1962,7 @@ int auditsc_get_stamp(struct audit_context *ctx, | 80289 | @@ -1971,7 +1971,7 @@ int auditsc_get_stamp(struct audit_context *ctx, |
80288 | } | 80290 | } |
80289 | 80291 | ||
80290 | /* global counter which is incremented every time something logs in */ | 80292 | /* global counter which is incremented every time something logs in */ |
@@ -80293,7 +80295,7 @@ index 9845cb3..3ec9369 100644 | |||
80293 | 80295 | ||
80294 | /** | 80296 | /** |
80295 | * audit_set_loginuid - set current task's audit_context loginuid | 80297 | * audit_set_loginuid - set current task's audit_context loginuid |
80296 | @@ -1986,7 +1986,7 @@ int audit_set_loginuid(kuid_t loginuid) | 80298 | @@ -1995,7 +1995,7 @@ int audit_set_loginuid(kuid_t loginuid) |
80297 | return -EPERM; | 80299 | return -EPERM; |
80298 | #endif /* CONFIG_AUDIT_LOGINUID_IMMUTABLE */ | 80300 | #endif /* CONFIG_AUDIT_LOGINUID_IMMUTABLE */ |
80299 | 80301 | ||
@@ -80303,7 +80305,7 @@ index 9845cb3..3ec9369 100644 | |||
80303 | struct audit_buffer *ab; | 80305 | struct audit_buffer *ab; |
80304 | 80306 | ||
80305 | diff --git a/kernel/capability.c b/kernel/capability.c | 80307 | diff --git a/kernel/capability.c b/kernel/capability.c |
80306 | index f6c2ce5..982c0f9 100644 | 80308 | index d52eecc..b59d93d 100644 |
80307 | --- a/kernel/capability.c | 80309 | --- a/kernel/capability.c |
80308 | +++ b/kernel/capability.c | 80310 | +++ b/kernel/capability.c |
80309 | @@ -202,6 +202,9 @@ SYSCALL_DEFINE2(capget, cap_user_header_t, header, cap_user_data_t, dataptr) | 80311 | @@ -202,6 +202,9 @@ SYSCALL_DEFINE2(capget, cap_user_header_t, header, cap_user_data_t, dataptr) |
@@ -80387,17 +80389,19 @@ index f6c2ce5..982c0f9 100644 | |||
80387 | /** | 80389 | /** |
80388 | * nsown_capable - Check superior capability to one's own user_ns | 80390 | * nsown_capable - Check superior capability to one's own user_ns |
80389 | * @cap: The capability in question | 80391 | * @cap: The capability in question |
80390 | @@ -464,3 +489,10 @@ bool inode_capable(const struct inode *inode, int cap) | 80392 | @@ -460,3 +485,12 @@ bool capable_wrt_inode_uidgid(const struct inode *inode, int cap) |
80391 | 80393 | return ns_capable(ns, cap) && kuid_has_mapping(ns, inode->i_uid) && | |
80392 | return ns_capable(ns, cap) && kuid_has_mapping(ns, inode->i_uid); | 80394 | kgid_has_mapping(ns, inode->i_gid); |
80393 | } | 80395 | } |
80394 | + | 80396 | + |
80395 | +bool inode_capable_nolog(const struct inode *inode, int cap) | 80397 | +bool capable_wrt_inode_uidgid_nolog(const struct inode *inode, int cap) |
80396 | +{ | 80398 | +{ |
80397 | + struct user_namespace *ns = current_user_ns(); | 80399 | + struct user_namespace *ns = current_user_ns(); |
80398 | + | 80400 | + |
80399 | + return ns_capable_nolog(ns, cap) && kuid_has_mapping(ns, inode->i_uid); | 80401 | + return ns_capable_nolog(ns, cap) && kuid_has_mapping(ns, inode->i_uid) && |
80402 | + kgid_has_mapping(ns, inode->i_gid); | ||
80400 | +} | 80403 | +} |
80404 | +EXPORT_SYMBOL(capable_wrt_inode_uidgid_nolog); | ||
80401 | diff --git a/kernel/cgroup.c b/kernel/cgroup.c | 80405 | diff --git a/kernel/cgroup.c b/kernel/cgroup.c |
80402 | index d0def7f..ff3a63e 100644 | 80406 | index d0def7f..ff3a63e 100644 |
80403 | --- a/kernel/cgroup.c | 80407 | --- a/kernel/cgroup.c |
@@ -111698,7 +111702,7 @@ index b0f164b..63c9f7d 100644 | |||
111698 | endif | 111702 | endif |
111699 | 111703 | ||
111700 | diff --git a/tools/perf/util/include/asm/alternative-asm.h b/tools/perf/util/include/asm/alternative-asm.h | 111704 | diff --git a/tools/perf/util/include/asm/alternative-asm.h b/tools/perf/util/include/asm/alternative-asm.h |
111701 | index 6789d78..4afd019e 100644 | 111705 | index 6789d788..4afd019e 100644 |
111702 | --- a/tools/perf/util/include/asm/alternative-asm.h | 111706 | --- a/tools/perf/util/include/asm/alternative-asm.h |
111703 | +++ b/tools/perf/util/include/asm/alternative-asm.h | 111707 | +++ b/tools/perf/util/include/asm/alternative-asm.h |
111704 | @@ -5,4 +5,7 @@ | 111708 | @@ -5,4 +5,7 @@ |