diff options
| author | Linus Torvalds <torvalds@g5.osdl.org> | 2006-03-25 12:24:53 -0500 |
|---|---|---|
| committer | Linus Torvalds <torvalds@g5.osdl.org> | 2006-03-25 12:24:53 -0500 |
| commit | 1b9a3917366028cc451a98dd22e3bcd537d4e5c1 (patch) | |
| tree | d911058720e0a9aeeaf9f407ccdc6fbf4047f47d /ipc/sem.c | |
| parent | 3661f00e2097676847deb01add1a0918044bd816 (diff) | |
| parent | 71e1c784b24a026a490b3de01541fc5ee14ebc09 (diff) | |
Merge branch 'audit.b3' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current
* 'audit.b3' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/audit-current: (22 commits)
[PATCH] fix audit_init failure path
[PATCH] EXPORT_SYMBOL patch for audit_log, audit_log_start, audit_log_end and audit_format
[PATCH] sem2mutex: audit_netlink_sem
[PATCH] simplify audit_free() locking
[PATCH] Fix audit operators
[PATCH] promiscuous mode
[PATCH] Add tty to syscall audit records
[PATCH] add/remove rule update
[PATCH] audit string fields interface + consumer
[PATCH] SE Linux audit events
[PATCH] Minor cosmetic cleanups to the code moved into auditfilter.c
[PATCH] Fix audit record filtering with !CONFIG_AUDITSYSCALL
[PATCH] Fix IA64 success/failure indication in syscall auditing.
[PATCH] Miscellaneous bug and warning fixes
[PATCH] Capture selinux subject/object context information.
[PATCH] Exclude messages by message type
[PATCH] Collect more inode information during syscall processing.
[PATCH] Pass dentry, not just name, in fsnotify creation hooks.
[PATCH] Define new range of userspace messages.
[PATCH] Filter rule comparators
...
Fixed trivial conflict in security/selinux/hooks.c
Diffstat (limited to 'ipc/sem.c')
| -rw-r--r-- | ipc/sem.c | 5 |
1 files changed, 2 insertions, 3 deletions
| @@ -809,8 +809,6 @@ static int semctl_down(int semid, int semnum, int cmd, int version, union semun | |||
| 809 | if(cmd == IPC_SET) { | 809 | if(cmd == IPC_SET) { |
| 810 | if(copy_semid_from_user (&setbuf, arg.buf, version)) | 810 | if(copy_semid_from_user (&setbuf, arg.buf, version)) |
| 811 | return -EFAULT; | 811 | return -EFAULT; |
| 812 | if ((err = audit_ipc_perms(0, setbuf.uid, setbuf.gid, setbuf.mode))) | ||
| 813 | return err; | ||
| 814 | } | 812 | } |
| 815 | sma = sem_lock(semid); | 813 | sma = sem_lock(semid); |
| 816 | if(sma==NULL) | 814 | if(sma==NULL) |
| @@ -821,7 +819,6 @@ static int semctl_down(int semid, int semnum, int cmd, int version, union semun | |||
| 821 | goto out_unlock; | 819 | goto out_unlock; |
| 822 | } | 820 | } |
| 823 | ipcp = &sma->sem_perm; | 821 | ipcp = &sma->sem_perm; |
| 824 | |||
| 825 | if (current->euid != ipcp->cuid && | 822 | if (current->euid != ipcp->cuid && |
| 826 | current->euid != ipcp->uid && !capable(CAP_SYS_ADMIN)) { | 823 | current->euid != ipcp->uid && !capable(CAP_SYS_ADMIN)) { |
| 827 | err=-EPERM; | 824 | err=-EPERM; |
| @@ -838,6 +835,8 @@ static int semctl_down(int semid, int semnum, int cmd, int version, union semun | |||
| 838 | err = 0; | 835 | err = 0; |
| 839 | break; | 836 | break; |
| 840 | case IPC_SET: | 837 | case IPC_SET: |
| 838 | if ((err = audit_ipc_perms(0, setbuf.uid, setbuf.gid, setbuf.mode, ipcp))) | ||
| 839 | goto out_unlock; | ||
| 841 | ipcp->uid = setbuf.uid; | 840 | ipcp->uid = setbuf.uid; |
| 842 | ipcp->gid = setbuf.gid; | 841 | ipcp->gid = setbuf.gid; |
| 843 | ipcp->mode = (ipcp->mode & ~S_IRWXUGO) | 842 | ipcp->mode = (ipcp->mode & ~S_IRWXUGO) |