From: James Morris Date: Fri, 4 May 2012 02:46:40 +0000 (+1000) Subject: Merge tag 'v3.4-rc5' into next X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=898bfc1d46bd76f8ea2a0fbd239dd2073efe2aa3;p=GitHub%2Fmoto-9609%2Fandroid_kernel_motorola_exynos9610.git Merge tag 'v3.4-rc5' into next Linux 3.4-rc5 Merge to pull in prerequisite change for Smack: 86812bb0de1a3758dc6c7aa01a763158a7c0638a Requested by Casey. --- 898bfc1d46bd76f8ea2a0fbd239dd2073efe2aa3 diff --cc include/asm-generic/siginfo.h index af5d0350f84c,5e5e3865f1ed..8ed67779fc09 --- a/include/asm-generic/siginfo.h +++ b/include/asm-generic/siginfo.h @@@ -90,18 -98,9 +98,18 @@@ typedef struct siginfo __ARCH_SI_BAND_T _band; /* POLL_IN, POLL_OUT, POLL_MSG */ int _fd; } _sigpoll; + + /* SIGSYS */ + struct { + void __user *_call_addr; /* calling user insn */ + int _syscall; /* triggering system call number */ + unsigned int _arch; /* AUDIT_ARCH_* of syscall */ + } _sigsys; } _sifields; - } siginfo_t; + } __ARCH_SI_ATTRIBUTES siginfo_t; +/* If the arch shares siginfo, then it has SIGSYS. */ +#define __ARCH_SIGSYS #endif /* diff --cc security/commoncap.c index edd3918fac02,71a166a05975..f80d11609391 --- a/security/commoncap.c +++ b/security/commoncap.c @@@ -505,10 -506,13 +506,15 @@@ int cap_bprm_set_creds(struct linux_bin } skip: + /* if we have fs caps, clear dangerous personality flags */ + if (!cap_issubset(new->cap_permitted, old->cap_permitted)) + bprm->per_clear |= PER_CLEAR_ON_SETID; + + /* Don't let someone trace a set[ug]id/setpcap binary with the revised - * credentials unless they have the appropriate permit + * credentials unless they have the appropriate permit. + * + * In addition, if NO_NEW_PRIVS, then ensure we get no new privs. */ if ((new->euid != old->uid || new->egid != old->gid ||