Eric Lee / smarc-fsl-linux-kernel

09 May, 2007

1 commit

30 Sep, 2006

1 commit

  • f400e198b   [PATCH] pidspace: is_init() ... Browse Code »

    This is an updated version of Eric Biederman's is_init() patch.
    (http://lkml.org/lkml/2006/2/6/280). It applies cleanly to 2.6.18-rc3 and
    replaces a few more instances of ->pid == 1 with is_init().

    Further, is_init() checks pid and thus removes dependency on Eric's other
    patches for now.

    Eric's original description:

    There are a lot of places in the kernel where we test for init
    because we give it special properties. Most significantly init
    must not die. This results in code all over the kernel test
    ->pid == 1.

    Introduce is_init to capture this case.

    With multiple pid spaces for all of the cases affected we are
    looking for only the first process on the system, not some other
    process that has pid == 1.

    Signed-off-by: Eric W. Biederman
    Signed-off-by: Sukadev Bhattiprolu
    Cc: Dave Hansen
    Cc: Serge Hallyn
    Cc: Cedric Le Goater
    Cc:
    Acked-by: Paul Mackerras
    Signed-off-by: Andrew Morton
    Signed-off-by: Linus Torvalds

    Sukadev Bhattiprolu
     

01 Jul, 2006

1 commit

30 Jun, 2006

1 commit

  • c7bdb545d   [NETLINK]: Encapsulate eff_cap usage within security framework. ... Browse Code »

    This patch encapsulates the usage of eff_cap (in netlink_skb_params) within
    the security framework by extending security_netlink_recv to include a required
    capability parameter and converting all direct usage of eff_caps outside
    of the lsm modules to use the interface. It also updates the SELinux
    implementation of the security_netlink_send and security_netlink_recv
    hooks to take advantage of the sid in the netlink_skb_params struct.
    This also enables SELinux to perform auditing of netlink capability checks.
    Please apply, for 2.6.18 if possible.

    Signed-off-by: Darrel Goeddel
    Signed-off-by: Stephen Smalley
    Acked-by: James Morris
    Signed-off-by: David S. Miller

    Darrel Goeddel
     

26 Mar, 2006

1 commit

  • d4eb82c78   [PATCH] make cap_ptrace enforce PTRACE_TRACME checks ... Browse Code »

    PTRACE_TRACEME doesn't have proper capabilities validation when parent is
    less privileged than child. Issue pointed out by Ram Gupta
    .

    Note: I haven't identified a strong security issue, and it's a small ABI
    change that could break apps that rely on existing behaviour (which allows
    parent that is less privileged than child to ptrace when child does
    PTRACE_TRACEME).

    Signed-off-by: Chris Wright
    Cc: Ram Gupta
    Signed-off-by: Andrew Morton
    Signed-off-by: Linus Torvalds

    Chris Wright
     

12 Jan, 2006

1 commit

  • c59ede7b7   [PATCH] move capable() to capability.h ... Browse Code »

    - Move capable() from sched.h to capability.h;

    - Use where capable() is used
    (in include/, block/, ipc/, kernel/, a few drivers/,
    mm/, security/, & sound/;
    many more drivers/ to go)

    Signed-off-by: Randy Dunlap
    Signed-off-by: Andrew Morton
    Signed-off-by: Linus Torvalds

    Randy.Dunlap
     

24 Jun, 2005

1 commit

  • d6e711448   [PATCH] setuid core dump ... Browse Code »

    Add a new `suid_dumpable' sysctl:

    This value can be used to query and set the core dump mode for setuid
    or otherwise protected/tainted binaries. The modes are

    0 - (default) - traditional behaviour. Any process which has changed
    privilege levels or is execute only will not be dumped

    1 - (debug) - all processes dump core when possible. The core dump is
    owned by the current user and no security is applied. This is intended
    for system debugging situations only. Ptrace is unchecked.

    2 - (suidsafe) - any binary which normally would not be dumped is dumped
    readable by root only. This allows the end user to remove such a dump but
    not access it directly. For security reasons core dumps in this mode will
    not overwrite one another or other files. This mode is appropriate when
    adminstrators are attempting to debug problems in a normal environment.

    (akpm:

    > > +EXPORT_SYMBOL(suid_dumpable);
    >
    > EXPORT_SYMBOL_GPL?

    No problem to me.

    > > if (current->euid == current->uid && current->egid == current->gid)
    > > current->mm->dumpable = 1;
    >
    > Should this be SUID_DUMP_USER?

    Actually the feedback I had from last time was that the SUID_ defines
    should go because its clearer to follow the numbers. They can go
    everywhere (and there are lots of places where dumpable is tested/used
    as a bool in untouched code)

    > Maybe this should be renamed to `dump_policy' or something. Doing that
    > would help us catch any code which isn't using the #defines, too.

    Fair comment. The patch was designed to be easy to maintain for Red Hat
    rather than for merging. Changing that field would create a gigantic
    diff because it is used all over the place.

    )

    Signed-off-by: Alan Cox
    Signed-off-by: Andrew Morton
    Signed-off-by: Linus Torvalds

    Alan Cox
     

17 Apr, 2005

1 commit

  • 1da177e4c   Linux-2.6.12-rc2 ... Browse Code »

    Initial git repository build. I'm not bothering with the full history,
    even though we have it. We can create a separate "historical" git
    archive of that later if we want to, and in the meantime it's about
    3.2GB when imported into git - space that would just make the early
    git days unnecessarily complicated, when we don't have a lot of good
    infrastructure for it.

    Let it rip!

    Linus Torvalds