diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2014-06-06 19:35:10 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2014-06-06 19:35:10 -0400 |
| commit | 57d326169e878a1a37b2bccd1cf81f6809ee67b9 (patch) | |
| tree | 86ed74ae4dc2beaebce1c67b8459f1873b777d3a /kernel/seccomp.c | |
| parent | 7b215de3d0abbc4f6daf2efd19e8809af0564490 (diff) | |
| parent | 0244756edc4b98c129e92c7061d9f383708cf786 (diff) | |
Merge branch 'akpm' (patches from Andrew Morton) into next
Merge more updates from Andrew Morton:
- Most of the rest of MM.
This includes "mark remap_file_pages syscall as deprecated" but the
actual "replace remap_file_pages syscall with emulation" is held
back. I guess we'll need to work out when to pull the trigger on
that one.
- various minor cleanups to obscure filesystems
- the drivers/rtc queue
- hfsplus updates
- ufs, hpfs, fatfs, affs, reiserfs
- Documentation/
- signals
- procfs
- cpu hotplug
- lib/idr.c
- rapidio
- sysctl
- ipc updates
* emailed patches from Andrew Morton <akpm@linux-foundation.org>: (171 commits)
ufs: sb mutex merge + mutex_destroy
powerpc: update comments for generic idle conversion
cris: update comments for generic idle conversion
idle: remove cpu_idle() forward declarations
nbd: zero from and len fields in NBD_CMD_DISCONNECT.
mm: convert some level-less printks to pr_*
MAINTAINERS: adi-buildroot-devel is moderated
MAINTAINERS: add linux-api for review of API/ABI changes
mm/kmemleak-test.c: use pr_fmt for logging
fs/dlm/debug_fs.c: replace seq_printf by seq_puts
fs/dlm/lockspace.c: convert simple_str to kstr
fs/dlm/config.c: convert simple_str to kstr
mm: mark remap_file_pages() syscall as deprecated
mm: memcontrol: remove unnecessary memcg argument from soft limit functions
mm: memcontrol: clean up memcg zoneinfo lookup
mm/memblock.c: call kmemleak directly from memblock_(alloc|free)
mm/mempool.c: update the kmemleak stack trace for mempool allocations
lib/radix-tree.c: update the kmemleak stack trace for radix tree allocations
mm: introduce kmemleak_update_trace()
mm/kmemleak.c: use %u to print ->checksum
...
Diffstat (limited to 'kernel/seccomp.c')
| -rw-r--r-- | kernel/seccomp.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/kernel/seccomp.c b/kernel/seccomp.c index b35c21503a36..f6d76bebe69f 100644 --- a/kernel/seccomp.c +++ b/kernel/seccomp.c | |||
| @@ -39,7 +39,7 @@ | |||
| 39 | * is only needed for handling filters shared across tasks. | 39 | * is only needed for handling filters shared across tasks. |
| 40 | * @prev: points to a previously installed, or inherited, filter | 40 | * @prev: points to a previously installed, or inherited, filter |
| 41 | * @len: the number of instructions in the program | 41 | * @len: the number of instructions in the program |
| 42 | * @insns: the BPF program instructions to evaluate | 42 | * @insnsi: the BPF program instructions to evaluate |
| 43 | * | 43 | * |
| 44 | * seccomp_filter objects are organized in a tree linked via the @prev | 44 | * seccomp_filter objects are organized in a tree linked via the @prev |
| 45 | * pointer. For any task, it appears to be a singly-linked list starting | 45 | * pointer. For any task, it appears to be a singly-linked list starting |
| @@ -220,7 +220,7 @@ static long seccomp_attach_filter(struct sock_fprog *fprog) | |||
| 220 | return -ENOMEM; | 220 | return -ENOMEM; |
| 221 | 221 | ||
| 222 | /* | 222 | /* |
| 223 | * Installing a seccomp filter requires that the task have | 223 | * Installing a seccomp filter requires that the task has |
| 224 | * CAP_SYS_ADMIN in its namespace or be running with no_new_privs. | 224 | * CAP_SYS_ADMIN in its namespace or be running with no_new_privs. |
| 225 | * This avoids scenarios where unprivileged tasks can affect the | 225 | * This avoids scenarios where unprivileged tasks can affect the |
| 226 | * behavior of privileged children. | 226 | * behavior of privileged children. |