Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Commits on May 3, 2012
  1. @ebiederm

    userns: Convert setting and getting uid and gid system calls to use k…

    ebiederm authored
    …uid and kgid
    
    Convert setregid, setgid, setreuid, setuid,
    setresuid, getresuid, setresgid, getresgid, setfsuid, setfsgid,
    getuid, geteuid, getgid, getegid,
    waitpid, waitid, wait4.
    
    Convert userspace uids and gids into kuids and kgids before
    being placed on struct cred.  Convert struct cred kuids and
    kgids into userspace uids and gids when returning them.
    
    Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
  2. @ebiederm

    userns: Convert group_info values from gid_t to kgid_t.

    ebiederm authored
    As a first step to converting struct cred to be all kuid_t and kgid_t
    values convert the group values stored in group_info to always be
    kgid_t values.   Unless user namespaces are used this change should
    have no effect.
    
    Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
    Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Commits on Mar 24, 2011
  1. @hallyn

    userns: user namespaces: convert several capable() calls

    hallyn authored committed
    CAP_IPC_OWNER and CAP_IPC_LOCK can be checked against current_user_ns(),
    because the resource comes from current's own ipc namespace.
    
    setuid/setgid are to uids in own namespace, so again checks can be against
    current_user_ns().
    
    Changelog:
    	Jan 11: Use task_ns_capable() in place of sched_capable().
    	Jan 11: Use nsown_capable() as suggested by Bastian Blank.
    	Jan 11: Clarify (hopefully) some logic in futex and sched.c
    	Feb 15: use ns_capable for ipc, not nsown_capable
    	Feb 23: let copy_ipcs handle setting ipc_ns->user_ns
    	Feb 23: pass ns down rather than taking it from current
    
    [akpm@linux-foundation.org: coding-style fixes]
    Signed-off-by: Serge E. Hallyn <serge.hallyn@canonical.com>
    Acked-by: "Eric W. Biederman" <ebiederm@xmission.com>
    Acked-by: Daniel Lezcano <daniel.lezcano@free.fr>
    Acked-by: David Howells <dhowells@redhat.com>
    Cc: James Morris <jmorris@namei.org>
    Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
    Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Commits on Sep 24, 2009
  1. headers: utsname.h redux

    Alexey Dobriyan authored committed
    * remove asm/atomic.h inclusion from linux/utsname.h --
       not needed after kref conversion
     * remove linux/utsname.h inclusion from files which do not need it
    
    NOTE: it looks like fs/binfmt_elf.c do not need utsname.h, however
    due to some personality stuff it _is_ needed -- cowardly leave ELF-related
    headers and files alone.
    
    Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
    Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Commits on Jan 14, 2009
  1. [CVE-2009-0029] System call wrappers part 19

    Heiko Carstens authored
    Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
  2. [CVE-2009-0029] System call wrappers part 18

    Heiko Carstens authored
    Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
  3. [CVE-2009-0029] System call wrappers part 17

    Heiko Carstens authored
    Signed-off-by: Heiko Carstens <heiko.carstens@de.ibm.com>
Commits on Nov 13, 2008
  1. CRED: Wrap current->cred and a few other accessors

    David Howells authored James Morris committed
    Wrap current->cred and a few other accessors to hide their actual
    implementation.
    
    Signed-off-by: David Howells <dhowells@redhat.com>
    Acked-by: James Morris <jmorris@namei.org>
    Acked-by: Serge Hallyn <serue@us.ibm.com>
    Signed-off-by: James Morris <jmorris@namei.org>
  2. CRED: Separate task security context from task_struct

    David Howells authored James Morris committed
    Separate the task security context from task_struct.  At this point, the
    security data is temporarily embedded in the task_struct with two pointers
    pointing to it.
    
    Note that the Alpha arch is altered as it refers to (E)UID and (E)GID in
    entry.S via asm-offsets.
    
    With comment fixes Signed-off-by: Marc Dionne <marc.c.dionne@gmail.com>
    
    Signed-off-by: David Howells <dhowells@redhat.com>
    Acked-by: James Morris <jmorris@namei.org>
    Acked-by: Serge Hallyn <serue@us.ibm.com>
    Signed-off-by: James Morris <jmorris@namei.org>
Commits on Apr 11, 2008
  1. asmlinkage_protect replaces prevent_tail_call

    Roland McGrath authored committed
    The prevent_tail_call() macro works around the problem of the compiler
    clobbering argument words on the stack, which for asmlinkage functions
    is the caller's (user's) struct pt_regs.  The tail/sibling-call
    optimization is not the only way that the compiler can decide to use
    stack argument words as scratch space, which we have to prevent.
    Other optimizations can do it too.
    
    Until we have new compiler support to make "asmlinkage" binding on the
    compiler's own use of the stack argument frame, we have work around all
    the manifestations of this issue that crop up.
    
    More cases seem to be prevented by also keeping the incoming argument
    variables live at the end of the function.  This makes their original
    stack slots attractive places to leave those variables, so the compiler
    tends not clobber them for something else.  It's still no guarantee, but
    it handles some observed cases that prevent_tail_call() did not.
    
    Signed-off-by: Roland McGrath <roland@redhat.com>
    Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Commits on May 8, 2007
  1. header cleaning: don't include smp_lock.h when not used

    Randy Dunlap authored Linus Torvalds committed
    Remove includes of <linux/smp_lock.h> where it is not used/needed.
    Suggested by Al Viro.
    
    Builds cleanly on x86_64, i386, alpha, ia64, powerpc, sparc,
    sparc64, and arm (all 59 defconfigs).
    
    Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
    Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
    Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Commits on Apr 19, 2006
  1. @OGAWAHirofumi

    [PATCH] Add more prevent_tail_call()

    OGAWAHirofumi authored Linus Torvalds committed
    Those also break userland regs like following.
    
       00000000 <sys_chown16>:
          0:	0f b7 44 24 0c       	movzwl 0xc(%esp),%eax
          5:	83 ca ff             	or     $0xffffffff,%edx
          8:	0f b7 4c 24 08       	movzwl 0x8(%esp),%ecx
          d:	66 83 f8 ff          	cmp    $0xffffffff,%ax
         11:	0f 44 c2             	cmove  %edx,%eax
         14:	66 83 f9 ff          	cmp    $0xffffffff,%cx
         18:	0f 45 d1             	cmovne %ecx,%edx
         1b:	89 44 24 0c          	mov    %eax,0xc(%esp)
         1f:	89 54 24 08          	mov    %edx,0x8(%esp)
         23:	e9 fc ff ff ff       	jmp    24 <sys_chown16+0x24>
    
    where the tailcall at the end overwrites the incoming stack-frame.
    
    Signed-off-by: OGAWA Hirofumi <hirofumi@mail.parknet.co.jp>
    [ I would _really_ like to have a way to tell gcc about calling
      conventions. The "prevent_tail_call()" macro is pretty ugly ]
    Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Commits on Jan 12, 2006
  1. [PATCH] move capable() to capability.h

    Randy.Dunlap authored Linus Torvalds committed
    - Move capable() from sched.h to capability.h;
    
    - Use <linux/capability.h> where capable() is used
    	(in include/, block/, ipc/, kernel/, a few drivers/,
    	mm/, security/, & sound/;
    	many more drivers/ to go)
    
    Signed-off-by: Randy Dunlap <rdunlap@xenotime.net>
    Signed-off-by: Andrew Morton <akpm@osdl.org>
    Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Commits on Apr 16, 2005
  1. Linux-2.6.12-rc2

    Linus Torvalds authored
    Initial git repository build. I'm not bothering with the full history,
    even though we have it. We can create a separate "historical" git
    archive of that later if we want to, and in the meantime it's about
    3.2GB when imported into git - space that would just make the early
    git days unnecessarily complicated, when we don't have a lot of good
    infrastructure for it.
    
    Let it rip!
Something went wrong with that request. Please try again.