Linux Kernel https://git.stealer.net/cgit.cgi/user/sven/linux.git/atom?h=v3.6.9 2012-05-03T10:28:41Z 2012-05-03T10:28:41Z Eric W. Biederman ebiederm@xmission.com 2012-02-08T02:51:01Z urn:sha1:a29c33f4e506e1dae7e0985b6328046535becbf8 Convert setregid, setgid, setreuid, setuid, setresuid, getresuid, setresgid, getresgid, setfsuid, setfsgid, getuid, geteuid, getgid, getegid, waitpid, waitid, wait4. Convert userspace uids and gids into kuids and kgids before being placed on struct cred. Convert struct cred kuids and kgids into userspace uids and gids when returning them. Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> 2012-05-03T10:27:21Z Eric W. Biederman ebiederm@xmission.com 2011-11-14T23:56:38Z urn:sha1:ae2975bc3476243b45a1e2344236d7920c268f38 As a first step to converting struct cred to be all kuid_t and kgid_t values convert the group values stored in group_info to always be kgid_t values. Unless user namespaces are used this change should have no effect. Acked-by: Serge Hallyn <serge.hallyn@canonical.com> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> 2011-03-24T02:47:08Z Serge E. Hallyn serge@hallyn.com 2011-03-23T23:43:24Z urn:sha1:b0e77598f87107001a00b8a4ece9c95e4254ccc4 CAP_IPC_OWNER and CAP_IPC_LOCK can be checked against current_user_ns(), because the resource comes from current's own ipc namespace. setuid/setgid are to uids in own namespace, so again checks can be against current_user_ns(). Changelog: Jan 11: Use task_ns_capable() in place of sched_capable(). Jan 11: Use nsown_capable() as suggested by Bastian Blank. Jan 11: Clarify (hopefully) some logic in futex and sched.c Feb 15: use ns_capable for ipc, not nsown_capable Feb 23: let copy_ipcs handle setting ipc_ns->user_ns Feb 23: pass ns down rather than taking it from current [akpm@linux-foundation.org: coding-style fixes] Signed-off-by: Serge E. Hallyn <serge.hallyn@canonical.com> Acked-by: "Eric W. Biederman" <ebiederm@xmission.com> Acked-by: Daniel Lezcano <daniel.lezcano@free.fr> Acked-by: David Howells <dhowells@redhat.com> Cc: James Morris <jmorris@namei.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 2009-09-24T01:13:10Z Alexey Dobriyan adobriyan@gmail.com 2009-09-24T00:22:25Z urn:sha1:2bcd57ab61e7cabed626226a3771617981c11ce1 * remove asm/atomic.h inclusion from linux/utsname.h -- not needed after kref conversion * remove linux/utsname.h inclusion from files which do not need it NOTE: it looks like fs/binfmt_elf.c do not need utsname.h, however due to some personality stuff it _is_ needed -- cowardly leave ELF-related headers and files alone. Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 2009-01-14T13:15:26Z Heiko Carstens heiko.carstens@de.ibm.com 2009-01-14T13:14:21Z urn:sha1:003d7ab479168132a2b2c6700fe682b08f08ab0c Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com> 2009-01-14T13:15:25Z Heiko Carstens heiko.carstens@de.ibm.com 2009-01-14T13:14:20Z urn:sha1:a6b42e83f249aad723589b2bdf6d1dfb2b0997c8 Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com> 2009-01-14T13:15:25Z Heiko Carstens heiko.carstens@de.ibm.com 2009-01-14T13:14:19Z urn:sha1:ca013e945b1ba5828b151ee646946f1297b67a4c Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com> 2008-11-13T23:39:18Z David Howells dhowells@redhat.com 2008-11-13T23:39:18Z urn:sha1:86a264abe542cfececb4df129bc45a0338d8cdb9 Wrap current->cred and a few other accessors to hide their actual implementation. Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: James Morris <jmorris@namei.org> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org> 2008-11-13T23:39:16Z David Howells dhowells@redhat.com 2008-11-13T23:39:16Z urn:sha1:b6dff3ec5e116e3af6f537d4caedcad6b9e5082a Separate the task security context from task_struct. At this point, the security data is temporarily embedded in the task_struct with two pointers pointing to it. Note that the Alpha arch is altered as it refers to (E)UID and (E)GID in entry.S via asm-offsets. With comment fixes Signed-off-by: Marc Dionne <marc.c.dionne@gmail.com> Signed-off-by: David Howells <dhowells@redhat.com> Acked-by: James Morris <jmorris@namei.org> Acked-by: Serge Hallyn <serue@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org> 2008-04-11T00:28:26Z Roland McGrath roland@redhat.com 2008-04-10T22:37:38Z urn:sha1:54a015104136974262afa4b8ddd943ea70dec8a2 The prevent_tail_call() macro works around the problem of the compiler clobbering argument words on the stack, which for asmlinkage functions is the caller's (user's) struct pt_regs. The tail/sibling-call optimization is not the only way that the compiler can decide to use stack argument words as scratch space, which we have to prevent. Other optimizations can do it too. Until we have new compiler support to make "asmlinkage" binding on the compiler's own use of the stack argument frame, we have work around all the manifestations of this issue that crop up. More cases seem to be prevented by also keeping the incoming argument variables live at the end of the function. This makes their original stack slots attractive places to leave those variables, so the compiler tends not clobber them for something else. It's still no guarantee, but it handles some observed cases that prevent_tail_call() did not. Signed-off-by: Roland McGrath <roland@redhat.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>