mirros/rockchip-kernel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fdc6a41bef7b7e3bcbe7183abc4afdae7f3bf643
rockchip-kernel/fs
History
Andy Lutomirski 94702e5561 UPSTREAM: fs,userns: Change inode_capable to capable_wrt_inode_uidgid 
The kernel has no concept of capabilities with respect to inodes; inodes
exist independently of namespaces.  For example, inode_capable(inode,
CAP_LINUX_IMMUTABLE) would be nonsense.

This patch changes inode_capable to check for uid and gid mappings and
renames it to capable_wrt_inode_uidgid, which should make it more
obvious what it does.

Fixes CVE-2014-4014.

Cc: Theodore Ts'o <tytso@mit.edu>
Cc: Serge Hallyn <serge.hallyn@ubuntu.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Dave Chinner <david@fromorbit.com>
Cc: stable@vger.kernel.org
Signed-off-by: Andy Lutomirski <luto@amacapital.net>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

BUG=chromium:427055
TEST=kernel compiles and boots

(cherry picked from commit 23adbe12ef)
Signed-off-by: Stephen Barber <smbarber@chromium.org>

Change-Id: Iff4e262160fe3b05783bff1c8cf08825792c97d7
Reviewed-on: https://chromium-review.googlesource.com/235422
Trybot-Ready: Stephen Barber <smbarber@chromium.org>
Tested-by: Stephen Barber <smbarber@chromium.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Commit-Queue: Stephen Barber <smbarber@chromium.org>
2014-12-13 01:17:25 +00:00
..
9p
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2014-01-28 08:38:04 -08:00
adfs
adfs: delayed freeing of sbi
2013-10-24 23:43:27 -04:00
affs
affs: use ->kill_sb() to simplify ->put_super() and failure exits of ->mount()
2014-01-25 03:13:01 -05:00
afs
afs: proc cells and rootcell are writeable
2014-02-01 10:59:39 -08:00
autofs4
autofs: fix symlinks aren't checked for expiry
2014-01-23 16:36:59 -08:00
befs
befs: iget_locked() doesn't return an ERR_PTR
2014-01-25 03:14:38 -05:00
bfs
truncate: drop 'oldsize' truncate_pagecache() parameter
2013-09-12 15:38:02 -07:00
btrfs
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mason/linux-btrfs
2014-02-16 11:05:27 -08:00
cachefiles
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2013-11-13 15:34:18 +09:00
ceph
ceph: fix __dcache_readdir()
2014-02-17 12:37:13 -08:00
cifs
cifs: mask off top byte in get_rfc1002_length()
2014-02-28 14:01:14 -06:00
coda
coda_revalidate_inode(): switch to passing inode...
2013-11-09 00:16:21 -05:00
configfs
configfs: fix race between dentry put and lookup
2013-11-21 16:42:27 -08:00
cramfs
cramfs: take headers to fs/cramfs
2014-01-25 03:13:02 -05:00
debugfs
UPSTREAM: treewide: Fix typo in Documentation/DocBook
2014-11-04 07:03:32 +00:00
devpts
devpts: plug the memory leak in kill_sb
2013-11-13 12:09:36 +09:00
dlm
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next
2014-01-25 11:17:34 -08:00
ecryptfs
ecryptfs: fix failure handling in ->readlink()
2014-01-25 03:13:00 -05:00
efivarfs
consolidate simple ->d_delete() instances
2013-11-15 22:04:17 -05:00
efs
efs: get rid of ->put_super()
2014-01-25 03:13:02 -05:00
exofs
exofs: Print less in r4w
2014-01-23 18:54:14 +02:00
exportfs
exportfs: fix quadratic behavior in filehandle lookup
2013-11-09 00:16:38 -05:00
ext2
ext2/3/4: use generic posix ACL infrastructure
2014-01-25 23:58:19 -05:00
ext3
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2014-01-28 08:38:04 -08:00
ext4
ext4: atomically set inode->i_flags in ext4_set_inode_flags()
2014-03-30 17:02:06 -07:00
f2fs
Merge branch 'for-3.14/core' of git://git.kernel.dk/linux-block
2014-01-30 11:19:05 -08:00
fat
fat: rcu-delay unloading nls and freeing sbi
2013-10-24 23:43:28 -04:00
freevxfs
fscache
FS-Cache: Handle removal of unadded object to the fscache_object_list rb tree
2014-02-17 13:47:35 -08:00
fuse
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2014-01-28 08:38:04 -08:00
gfs2
Merge branch 'for-3.14/core' of git://git.kernel.dk/linux-block
2014-01-30 11:19:05 -08:00
hfs
fs/hfs/btree.h: remove duplicate defines
2013-11-13 12:09:32 +09:00
hfsplus
UPSTREAM: hfsplus: fix compiler warning on PowerPC
2014-07-23 00:21:24 +00:00
hostfs
um: hostfs: make functions static
2014-01-26 11:51:09 +01:00
hpfs
hpfs: optimize quad buffer loading
2014-02-02 16:24:07 -08:00
hppfs
clean up scary strncpy(dst, src, strlen(src)) uses
2013-07-03 16:07:41 -07:00
hugetlbfs
cope with potentially long ->d_dname() output for shmem/hugetlb
2013-08-24 12:10:17 -04:00
isofs
isofs: don't pass dentry to isofs_hash{i,}_common()
2013-10-24 23:34:59 -04:00
jbd
jbd: Revise KERN_EMERG error messages
2013-12-04 12:27:46 +01:00
jbd2
jbd2: fix use after free in jbd2_journal_start_reserved()
2014-02-17 20:33:01 -05:00
jffs2
Merge tag 'for-linus-20140127' of git://git.infradead.org/linux-mtd
2014-01-28 18:56:37 -08:00
jfs
jfs: set i_ctime when setting ACL
2014-02-13 15:56:05 -06:00
kernfs
sysfs: fix namespace refcnt leak
2014-02-25 07:37:52 -08:00
lockd
lockd: send correct lock when granting a delayed lock.
2014-02-13 14:55:02 -05:00
logfs
Merge branch 'for-3.14/core' of git://git.kernel.dk/linux-block
2014-01-30 11:19:05 -08:00
minix
fs/minix: Drop dependency on H8300
2013-09-16 18:20:25 -07:00
ncpfs
ncpfs: rcu-delay unload_nls() and freeing ncp_server
2013-10-24 23:43:28 -04:00
nfs
Merge tag 'nfs-for-3.14-5' of git://git.linux-nfs.org/projects/trondmy/linux-nfs
2014-03-09 19:17:39 -07:00
nfs_common
nfsd
nfsd: fix lost nfserrno() call in nfsd_setattr()
2014-02-18 12:25:57 -05:00
nilfs2
Merge branch 'for-3.14/core' of git://git.kernel.dk/linux-block
2014-01-30 11:19:05 -08:00
nls
nls: have register_nls() set ->owner
2014-01-25 03:14:05 -05:00
notify
fsnotify: Allocate overflow events with proper type
2014-02-25 11:18:06 +01:00
ntfs
fix O_SYNC|O_APPEND syncing the wrong range on write()
2014-02-09 15:18:09 -05:00
ocfs2
ocfs2: check if cluster name exists before deref
2014-03-28 13:56:58 -07:00
omfs
truncate: drop 'oldsize' truncate_pagecache() parameter
2013-09-12 15:38:02 -07:00
openpromfs
proc
CHROMIUM: procfs: fix leak in totmaps_release()
2014-05-07 17:26:31 -07:00
pstore
CHROMIUM: pstore: Use memcpy_toio instead of memcpy
2014-11-13 21:59:59 +00:00
qnx4
qnx4: clean qnx4_fill_super() up
2014-01-25 03:13:03 -05:00
qnx6
quota
quota: Fix race between dqput() and dquot_scan_active()
2014-02-20 21:57:04 +01:00
ramfs
fs/ramfs: move ramfs_aops to inode.c
2014-01-23 16:36:58 -08:00
reiserfs
reiserfs: fix utterly brain-damaged indentation.
2014-02-17 13:46:33 -08:00
romfs
romfs: fix returm err while getting inode in fill_super
2014-01-23 16:37:04 -08:00
squashfs
Squashfs: fix failure to unlock pages on decompress error
2013-11-24 01:02:50 +00:00
sysfs
sysfs: fix namespace refcnt leak
2014-02-25 07:37:52 -08:00
sysv
sysv: Add forgotten superblock lock init for v7 fs
2013-09-29 22:02:02 -04:00
ubifs
UPSTREAM: UBIFS: Remove bogus assert
2014-12-12 01:05:31 +00:00
udf
udf: Fix data corruption on file type conversion
2014-02-20 21:56:00 +01:00
ufs
truncate: drop 'oldsize' truncate_pagecache() parameter
2013-09-12 15:38:02 -07:00
xfs
UPSTREAM: fs,userns: Change inode_capable to capable_wrt_inode_uidgid
2014-12-13 01:17:25 +00:00
aio.c
Merge git://git.kvack.org/~bcrl/aio-next
2013-12-22 11:03:49 -08:00
anon_inodes.c
vfs: Allocate anon_inode_inode in anon_inode_init()
2014-03-27 09:52:54 -07:00
attr.c
UPSTREAM: fs,userns: Change inode_capable to capable_wrt_inode_uidgid
2014-12-13 01:17:25 +00:00
bad_inode.c
binfmt_aout.c
dump_skip(): dump_seek() replacement taking coredump_params
2013-11-09 00:16:26 -05:00
binfmt_elf_fdpic.c
elf{,_fdpic} coredump: get rid of pointless if (siginfo->si_signo)
2013-11-09 00:16:30 -05:00
binfmt_elf.c
fs: binfmt_elf: remove unused defines INTERPRETER_NONE and INTERPRETER_ELF
2014-01-23 16:36:58 -08:00
binfmt_em86.c
file->f_op is never NULL...
2013-10-24 23:34:54 -04:00
binfmt_flat.c
binfmt_misc.c
binfmt_script.c
binfmt_som.c
bio-integrity.c
bio-integrity: Drop bio_integrity_verify BUG_ON in post bip->bip_iter world
2014-02-21 15:56:36 -08:00
bio.c
CHROMIUM: fs: bio: check bs null in error path
2014-05-07 17:06:04 -07:00
block_dev.c
Merge tag 'writeback-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/wfg/linux
2013-09-13 23:06:40 -04:00
buffer.c
UPSTREAM: treewide: Fix typo in Documentation/DocBook
2014-11-04 07:03:32 +00:00
char_dev.c
Merge branch 'for-3.13/core' of git://git.kernel.dk/linux-block
2013-11-14 12:08:14 +09:00
compat_binfmt_elf.c
UPSTREAM: binfmt_elf: add ELF_HWCAP2 to compat auxv entries
2014-06-18 01:22:57 +00:00
compat_ioctl.c
Bluetooth: update stack to bluetooth-next/for-upstream
2014-10-21 22:45:14 +00:00
compat.c
coredump.c
coredump: make __get_dumpable/get_dumpable inline, kill fs/coredump.h
2014-01-23 16:37:01 -08:00
dcache.c
UPSTREAM: drm: add pseudo filesystem for shared inodes
2014-08-07 04:37:15 +00:00
dcookies.c
fs/compat: fix lookup_dcookie() parameter handling
2014-01-29 16:22:40 -08:00
direct-io.c
block: Abstract out bvec iterator
2013-11-23 22:33:47 -08:00
drop_caches.c
shrinker: add node awareness
2013-09-10 18:56:31 -04:00
eventfd.c
eventfd_ctx_fdget(): use fdget() instead of fget()
2014-01-25 03:13:04 -05:00
eventpoll.c
epoll: do not take the nested ep->mtx on EPOLL_CTL_DEL
2014-01-02 14:40:30 -08:00
exec.c
UPSTREAM: seccomp: implement SECCOMP_FILTER_FLAG_TSYNC
2014-09-29 23:19:35 +00:00
fcntl.c
file->f_op is never NULL...
2013-10-24 23:34:54 -04:00
fhandle.c
file_table.c
vfs: atomic f_pos accesses as per POSIX
2014-03-10 11:44:41 -04:00
file.c
vfs: Don't let __fdget_pos() get FMODE_PATH files
2014-03-23 00:03:12 -04:00
filesystems.c
fs_struct.c
seqcount: Add lockdep functionality to seqcount/seqlock structures
2013-11-06 12:40:26 +01:00
fs-writeback.c
CHROMIUM: backing_dev: Fix hung task on sync
2014-05-07 17:26:27 -07:00
inode.c
UPSTREAM: fs,userns: Change inode_capable to capable_wrt_inode_uidgid
2014-12-13 01:17:25 +00:00
internal.h
get rid of s_files and files_lock
2013-11-09 00:16:20 -05:00
ioctl.c
file->f_op is never NULL...
2013-10-24 23:34:54 -04:00
ioprio.c
Kconfig
fs: remove generic_acl
2014-01-26 08:26:40 -05:00
Kconfig.binfmt
libfs.c
consolidate simple ->d_delete() instances
2013-11-15 22:04:17 -05:00
locks.c
locks: missing unlock on error in generic_add_lease()
2013-11-13 07:30:53 -05:00
Makefile
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2014-01-28 08:38:04 -08:00
mbcache.c
fs: convert fs shrinkers to new scan/count API
2013-09-10 18:56:31 -04:00
mount.h
switch mnt_hash to hlist
2014-03-30 19:18:51 -04:00
mpage.c
block: Abstract out bvec iterator
2013-11-23 22:33:47 -08:00
namei.c
UPSTREAM: fs,userns: Change inode_capable to capable_wrt_inode_uidgid
2014-12-13 01:17:25 +00:00
namespace.c
UPSTREAM: mnt: Correct permission checks in do_remount
2014-12-13 01:14:21 +00:00
no-block.c
open.c
UBUNTU: SAUCE: trace: add trace events for open(), exec() and uselib()
2014-05-07 16:28:45 -07:00
pipe.c
fs/pipe.c: skip file_update_time on frozen fs
2014-01-23 16:37:00 -08:00
pnode.c
switch mnt_hash to hlist
2014-03-30 19:18:51 -04:00
pnode.h
switch mnt_hash to hlist
2014-03-30 19:18:51 -04:00
posix_acl.c
fs: get_acl() must be allowed to return EOPNOTSUPP
2014-02-03 17:12:37 -05:00
proc_namespace.c
fs/proc_namespace.c: simplify testing nsp and nsp->mnt_ns
2014-01-23 16:37:02 -08:00
read_write.c
vfs: atomic f_pos access in llseek()
2014-03-23 00:03:12 -04:00
readdir.c
file->f_op is never NULL...
2013-10-24 23:34:54 -04:00
select.c
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2013-11-13 15:34:18 +09:00
seq_file.c
seq_file: always clear m->count when we free m->buf
2013-11-18 19:07:53 -08:00
signalfd.c
splice.c
fuse: fix pipe_buf_operations
2014-01-22 19:36:57 +01:00
stack.c
stat.c
vfs: split out vfs_getattr_nosec
2013-11-09 00:16:31 -05:00
statfs.c
vfs: allow O_PATH file descriptors for fstatfs()
2013-10-12 13:12:31 -07:00
super.c
fs/super.c: sync ro remount after blocking writers
2014-01-31 14:29:36 -05:00
sync.c
Revert "writeback: do not sync data dirtied after sync start"
2014-02-22 02:02:28 +01:00
timerfd.c
utimes.c
locks: break delegations on any attribute modification
2013-11-09 00:16:44 -05:00
xattr.c