raspi/linux
1
0
Fork 1
mirror of https://github.com/raspberrypi/linux.git synced 2026-01-03 08:14:12 +00:00
Code Issues Projects Releases Wiki Activity
Files
85ee5c00b97ec355d09e65ad70196e890b3e1c8c
linux/fs
History
Andy Lutomirski 2246a472bc fs,userns: Change inode_capable to capable_wrt_inode_uidgid 
commit 23adbe12ef upstream.

The kernel has no concept of capabilities with respect to inodes; inodes
exist independently of namespaces.  For example, inode_capable(inode,
CAP_LINUX_IMMUTABLE) would be nonsense.

This patch changes inode_capable to check for uid and gid mappings and
renames it to capable_wrt_inode_uidgid, which should make it more
obvious what it does.

Fixes CVE-2014-4014.

Cc: Theodore Ts'o <tytso@mit.edu>
Cc: Serge Hallyn <serge.hallyn@ubuntu.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Dave Chinner <david@fromorbit.com>
Signed-off-by: Andy Lutomirski <luto@amacapital.net>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Jiri Slaby <jslaby@suse.cz>
2014-06-20 17:34:15 +02:00
..
9p
9p: don't forget to destroy inode cache if fscache registration fails
2013-09-17 22:31:01 -04:00
adfs
truncate: drop 'oldsize' truncate_pagecache() parameter
2013-09-12 15:38:02 -07:00
affs
truncate: drop 'oldsize' truncate_pagecache() parameter
2013-09-12 15:38:02 -07:00
afs
afs: dget_parent() can't return a negative dentry
2013-09-29 22:02:24 -04:00
autofs4
autofs: fix lockref lookup
2014-06-09 15:53:27 +02:00
befs
[readdir] convert befs
2013-06-29 12:56:55 +04:00
bfs
truncate: drop 'oldsize' truncate_pagecache() parameter
2013-09-12 15:38:02 -07:00
btrfs
btrfs: fix defrag 32-bit integer overflow
2014-06-20 17:33:46 +02:00
cachefiles
CacheFiles: Don't try to dump the index key if the cookie has been cleared
2013-09-20 15:15:43 -07:00
ceph
ceph: Avoid data inconsistency due to d-cache aliasing in readpage()
2014-01-09 12:25:11 -08:00
cifs
cifs: Wait for writebacks to complete before attempting write.
2014-05-29 11:38:12 +02:00
coda
helper for reading ->d_count
2013-07-05 18:59:33 +04:00
configfs
configfs: fix race between dentry put and lookup
2013-11-29 11:28:12 -08:00
cramfs
[readdir] convert f2fs
2013-06-29 12:56:46 +04:00
debugfs
debugfs: debugfs_remove_recursive() must not rely on list_empty(d_subdirs)
2013-07-31 12:16:31 -04:00
devpts
devpts: plug the memory leak in kill_sb
2013-12-04 11:05:10 -08:00
dlm
dlm: Avoid that dlm_release_lockspace() incorrectly returns -EBUSY
2014-05-05 15:21:59 +02:00
ecryptfs
eCryptfs: fix 32 bit corruption issue
2013-10-24 12:36:30 -07:00
efivarfs
efivarfs: we can use simple_lookup() now
2013-07-14 17:48:35 +04:00
efs
efs: iget_locked() doesn't return an ERR_PTR()
2013-08-24 12:10:22 -04:00
exofs
ore: Fix wrong math in allocation of per device BIO
2014-02-13 13:50:14 -08:00
exportfs
exportfs: fix 32-bit nfsd handling of 64-bit inode numbers
2013-12-20 07:49:06 -08:00
ext2
ext2: Fix oops in ext2_get_block() called from ext2_quota_write()
2014-01-09 12:25:13 -08:00
ext3
ext[34]: fix double put in tmpfile
2013-10-15 12:14:06 -04:00
ext4
ext4: use i_size_read in ext4_unaligned_aio()
2014-05-15 09:55:44 +02:00
f2fs
f2fs: optimize gc for better performance
2013-09-05 13:50:32 +09:00
fat
truncate: drop 'oldsize' truncate_pagecache() parameter
2013-09-12 15:38:02 -07:00
freevxfs
[readdir] convert freevxfs
2013-06-29 12:56:53 +04:00
fscache
FS-Cache: Handle removal of unadded object to the fscache_object_list rb tree
2014-04-03 10:32:20 +02:00
fuse
fuse: fix pipe_buf_operations
2014-02-13 13:50:10 -08:00
gfs2
GFS2: Increase i_writecount during gfs2_setattr_chown
2014-01-25 08:49:28 -08:00
hfs
truncate: drop 'oldsize' truncate_pagecache() parameter
2013-09-12 15:38:02 -07:00
hfsplus
truncate: drop 'oldsize' truncate_pagecache() parameter
2013-09-12 15:38:02 -07:00
hostfs
um: hostfs: Fix writeback
2013-09-07 10:38:29 +02:00
hpfs
hpfs: remember free space
2014-02-06 11:22:21 -08:00
hppfs
clean up scary strncpy(dst, src, strlen(src)) uses
2013-07-03 16:07:41 -07:00
hugetlbfs
cope with potentially long ->d_dname() output for shmem/hugetlb
2013-08-24 12:10:17 -04:00
isofs
isofs: Refuse RW mount of the filesystem instead of making it RO
2013-07-31 22:14:50 +02:00
jbd
jbd: use a single printk for jbd_debug()
2013-08-09 10:49:00 +02:00
jbd2
jbd2: fix use after free in jbd2_journal_start_reserved()
2014-03-05 17:13:41 +01:00
jffs2
jffs2: remove from wait queue after schedule()
2014-05-05 14:24:44 +02:00
jfs
Merge tag 'jfs-3.12' of git://github.com/kleikamp/linux-shaggy
2013-10-22 09:01:11 +01:00
lockd
lockd: ensure we tear down any live sockets when socket creation fails during lockd_up
2014-05-15 09:56:16 +02:00
logfs
Merge tag 'ext4_for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4
2013-07-02 09:39:34 -07:00
minix
truncate: drop 'oldsize' truncate_pagecache() parameter
2013-09-12 15:38:02 -07:00
ncpfs
ncpfs: fix error return code in ncp_parse_options()
2013-07-09 10:33:25 -07:00
nfs
NFSv4: Fix a use-after-free problem in open()
2014-05-15 09:55:05 +02:00
nfs_common
nfs_common: Update the translation between nfsv3 acls linux posix acls
2013-02-13 06:15:14 -08:00
nfsd
nfsd4: remove lockowner when removing lock stateid
2014-06-09 15:53:34 +02:00
nilfs2
nilfs2: fix segctor bug that causes file system corruption
2014-01-25 08:49:29 -08:00
nls
notify
compat: fix sys_fanotify_mark
2014-02-13 13:50:13 -08:00
ntfs
truncate: drop 'oldsize' truncate_pagecache() parameter
2013-09-12 15:38:02 -07:00
ocfs2
ocfs2: fix panic on kfree(xattr->name)
2014-05-15 09:55:40 +02:00
omfs
truncate: drop 'oldsize' truncate_pagecache() parameter
2013-09-12 15:38:02 -07:00
openpromfs
[readdir] convert openpromfs
2013-06-29 12:56:32 +04:00
proc
mm: close PageTail race
2014-04-03 10:32:30 +02:00
pstore
pstore: Remove the messages related to compression failure
2013-09-16 09:28:29 -07:00
qnx4
[readdir] convert qnx4
2013-06-29 12:56:38 +04:00
qnx6
[readdir] convert qnx6
2013-06-29 12:56:39 +04:00
quota
quota: Fix race between dqput() and dquot_scan_active()
2014-03-05 17:13:53 +01:00
ramfs
initmpfs: move rootfs code from fs/ramfs/ to init/
2013-09-11 15:59:37 -07:00
reiserfs
reiserfs: fix race in readdir
2014-05-15 09:55:20 +02:00
romfs
[readdir] convert romfs
2013-06-29 12:56:29 +04:00
squashfs
Squashfs: add corruption check for type in squashfs_readdir()
2013-09-06 04:57:54 +01:00
sysfs
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2013-09-07 14:36:57 -07:00
sysv
sysv: Add forgotten superblock lock init for v7 fs
2013-09-29 22:02:02 -04:00
ubifs
Merge tag 'upstream-3.12-rc1' of git://git.infradead.org/linux-ubifs
2013-09-16 15:36:55 -04:00
udf
udf: Fortify LVID loading
2013-09-24 11:23:33 +02:00
ufs
truncate: drop 'oldsize' truncate_pagecache() parameter
2013-09-12 15:38:02 -07:00
xfs
fs,userns: Change inode_capable to capable_wrt_inode_uidgid
2014-06-20 17:34:15 +02:00
aio.c
aio: fix potential leak in aio_run_iocb().
2014-06-06 11:40:23 +02:00
anon_inodes.c
take anon inode allocation to libfs.c
2013-12-08 07:29:16 -08:00
attr.c
fs,userns: Change inode_capable to capable_wrt_inode_uidgid
2014-06-20 17:34:15 +02:00
bad_inode.c
[readdir] ->readdir() is gone
2013-06-29 12:57:04 +04:00
binfmt_aout.c
mm: remove free_area_cache
2013-07-10 18:11:34 -07:00
binfmt_elf_fdpic.c
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/benh/powerpc
2013-05-02 10:16:16 -07:00
binfmt_elf.c
fs/binfmt_elf.c: prevent a coredump with a large vm_map_count from Oopsing
2013-09-30 14:31:01 -07:00
binfmt_em86.c
binfmt_flat.c
new helper: read_code()
2013-04-29 15:40:23 -04:00
binfmt_misc.c
binfmt_misc: reuse string_unescape_inplace()
2013-04-30 17:04:03 -07:00
binfmt_script.c
binfmt_som.c
bio-integrity.c
bio-integrity: Fix bio_integrity_verify segment start bug
2014-03-24 09:45:06 +01:00
bio.c
block: Fix bio_copy_data()
2013-09-24 14:41:42 -07:00
block_dev.c
Merge tag 'writeback-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/wfg/linux
2013-09-13 23:06:40 -04:00
buffer.c
mm: __set_page_dirty uses spin_lock_irqsave instead of spin_lock_irq
2014-02-20 11:08:01 -08:00
char_dev.c
compat_binfmt_elf.c
compat_ioctl.c
compat.c: LOOP_CLR_FD is taken care of in loop.c itself...
2013-06-29 12:46:44 +04:00
compat.c
[readdir] constify ->actor
2013-06-29 12:57:05 +04:00
coredump.c
coredump: fix va_list corruption
2014-06-06 11:40:21 +02:00
coredump.h
dcache.c
__dentry_path() fixes
2014-05-05 11:20:53 +02:00
dcookies.c
fs/compat: fix lookup_dcookie() parameter handling
2014-02-13 13:50:14 -08:00
direct-io.c
direct-io: Use return from cmpxchg to decide of assignment happened
2013-09-09 10:47:42 -07:00
drop_caches.c
shrinker: add node awareness
2013-09-10 18:56:31 -04:00
eventfd.c
eventpoll.c
epoll: do not take the nested ep->mtx on EPOLL_CTL_DEL
2014-03-12 13:25:42 +01:00
exec.c
metag: Reduce maximum stack size to 256MB
2014-06-09 15:53:41 +02:00
fcntl.c
vfs: add missing check for __O_TMPFILE in fcntl_init()
2013-08-05 18:25:32 +04:00
fhandle.c
file_table.c
don't bother with {get,put}_write_access() on non-regular files
2014-05-29 11:38:11 +02:00
file.c
fs/file.c:fdtable: avoid triggering OOMs from alloc_fdmem
2014-02-22 13:32:24 -08:00
filesystems.c
fs: Limit sys_mount to only request filesystem modules.
2013-03-03 19:36:31 -08:00
fs_struct.c
constify path_get/path_put and fs_struct.c stuff
2013-03-01 23:51:07 -05:00
fs-writeback.c
bdi: avoid oops on device removal
2014-05-05 13:36:28 +02:00
generic_acl.c
inode.c
fs,userns: Change inode_capable to capable_wrt_inode_uidgid
2014-06-20 17:34:15 +02:00
internal.h
fs: convert inode and dentry shrinking to be node aware
2013-09-10 18:56:31 -04:00
ioctl.c
new helper: file_inode(file)
2013-02-22 23:31:31 -05:00
ioprio.c
Kconfig
efivarfs: Move to fs/efivarfs
2013-04-17 13:25:09 +01:00
Kconfig.binfmt
fs: make binfmt support for #! scripts modular and removable
2013-04-30 17:04:04 -07:00
libfs.c
take anon inode allocation to libfs.c
2013-12-08 07:29:16 -08:00
locks.c
locks: allow __break_lease to sleep even when break_time is 0
2014-05-15 09:56:06 +02:00
Makefile
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2013-05-01 17:51:54 -07:00
mbcache.c
fs: convert fs shrinkers to new scan/count API
2013-09-10 18:56:31 -04:00
mount.h
vfs: Is mounted should be testing mnt_ns for NULL or error.
2014-02-06 11:22:19 -08:00
mpage.c
namei.c
fs,userns: Change inode_capable to capable_wrt_inode_uidgid
2014-06-20 17:34:15 +02:00
namespace.c
vfs: Fix a regression in mounting proc
2014-01-25 08:49:28 -08:00
no-block.c
open.c
don't bother with {get,put}_write_access() on non-regular files
2014-05-29 11:38:11 +02:00
pipe.c
vfs: fix subtle use-after-free of pipe_inode_info
2013-12-11 22:37:53 -08:00
pnode.c
vfs: Fix invalid ida_remove() call
2013-05-31 15:16:33 -04:00
pnode.h
vfs: Don't copy mount bind mounts of /proc/<pid>/ns/mnt between namespaces
2013-08-26 18:42:15 -07:00
posix_acl.c
posix_acl: handle NULL ACL in posix_acl_equiv_mode
2014-06-09 15:53:13 +02:00
proc_namespace.c
read_write.c
fs/compat: fix parameter handling for compat readv/writev syscalls
2014-02-13 13:50:14 -08:00
readdir.c
[readdir] constify ->actor
2013-06-29 12:57:05 +04:00
select.c
Revert "select: use freezable blocking call"
2013-10-30 15:28:35 +01:00
seq_file.c
seq_file: always update file->f_pos in seq_lseek()
2013-10-25 10:46:40 -04:00
signalfd.c
switch signalfd{,4}() to COMPAT_SYSCALL_DEFINE
2013-03-03 22:58:46 -05:00
splice.c
fuse: fix pipe_buf_operations
2014-02-13 13:50:10 -08:00
stack.c
stat.c
vfs: split out vfs_getattr_nosec
2013-12-20 07:49:06 -08:00
statfs.c
vfs: allow O_PATH file descriptors for fstatfs()
2013-10-12 13:12:31 -07:00
super.c
fs: Don't return 0 from get_anon_bdev
2014-05-29 11:38:24 +02:00
sync.c
teach SYSCALL_DEFINE<n> how to deal with long long/unsigned long long
2013-03-03 22:46:22 -05:00
timerfd.c
timerfd: Add alarm timers
2013-05-29 12:57:34 -07:00
utimes.c
xattr_acl.c
xattr.c