diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2011-05-24 16:38:19 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2011-05-24 16:38:19 -0400 |
| commit | b0ca118dbacbc6c35e15f216e25e95cca7aedf5b (patch) | |
| tree | 6c61c91ff0174c8774d4010b892ecf0bed560910 /fs/binfmt_flat.c | |
| parent | 2bb732cdb48d271ff7a910260ffb851fb4bc8a28 (diff) | |
| parent | b7b57551bbda1390959207f79f2038aa7adb72ae (diff) | |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/security-testing-2.6: (43 commits)
TOMOYO: Fix wrong domainname validation.
SELINUX: add /sys/fs/selinux mount point to put selinuxfs
CRED: Fix load_flat_shared_library() to initialise bprm correctly
SELinux: introduce path_has_perm
flex_array: allow 0 length elements
flex_arrays: allow zero length flex arrays
flex_array: flex_array_prealloc takes a number of elements, not an end
SELinux: pass last path component in may_create
SELinux: put name based create rules in a hashtable
SELinux: generic hashtab entry counter
SELinux: calculate and print hashtab stats with a generic function
SELinux: skip filename trans rules if ttype does not match parent dir
SELinux: rename filename_compute_type argument to *type instead of *con
SELinux: fix comment to state filename_compute_type takes an objname not a qstr
SMACK: smack_file_lock can use the struct path
LSM: separate LSM_AUDIT_DATA_DENTRY from LSM_AUDIT_DATA_PATH
LSM: split LSM_AUDIT_DATA_FS into _PATH and _INODE
SELINUX: Make selinux cache VFS RCU walks safe
SECURITY: Move exec_permission RCU checks into security modules
SELinux: security_read_policy should take a size_t not ssize_t
...
Diffstat (limited to 'fs/binfmt_flat.c')
| -rw-r--r-- | fs/binfmt_flat.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/fs/binfmt_flat.c b/fs/binfmt_flat.c index 397d3057d336..1bffbe0ed778 100644 --- a/fs/binfmt_flat.c +++ b/fs/binfmt_flat.c | |||
| @@ -820,6 +820,8 @@ static int load_flat_shared_library(int id, struct lib_info *libs) | |||
| 820 | int res; | 820 | int res; |
| 821 | char buf[16]; | 821 | char buf[16]; |
| 822 | 822 | ||
| 823 | memset(&bprm, 0, sizeof(bprm)); | ||
| 824 | |||
| 823 | /* Create the file name */ | 825 | /* Create the file name */ |
| 824 | sprintf(buf, "/lib/lib%d.so", id); | 826 | sprintf(buf, "/lib/lib%d.so", id); |
| 825 | 827 | ||
| @@ -835,6 +837,12 @@ static int load_flat_shared_library(int id, struct lib_info *libs) | |||
| 835 | if (!bprm.cred) | 837 | if (!bprm.cred) |
| 836 | goto out; | 838 | goto out; |
| 837 | 839 | ||
| 840 | /* We don't really care about recalculating credentials at this point | ||
| 841 | * as we're past the point of no return and are dealing with shared | ||
| 842 | * libraries. | ||
| 843 | */ | ||
| 844 | bprm.cred_prepared = 1; | ||
| 845 | |||
| 838 | res = prepare_binprm(&bprm); | 846 | res = prepare_binprm(&bprm); |
| 839 | 847 | ||
| 840 | if (!IS_ERR_VALUE(res)) | 848 | if (!IS_ERR_VALUE(res)) |