Merge commit '5bc66170dc486556a1e36fd384463536573f4b82' into x86/urgent

From Borislav Petkov <bp@amd64.org>: Below is a RAS fix which reverts the addition of a sysfs attribute which we agreed is not needed, post-factum. And this should go in now because that sysfs attribute is going to end up in 3.7 otherwise and thus exposed to userspace; removing it then would be a lot harder. This is done as a merge rather than a simple patch/cherry-pick since the baseline for this patch was not in the previous x86/urgent. Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
author: H. Peter Anvin <hpa@linux.intel.com> 2012-10-19 10:54:24 -0400
committer: H. Peter Anvin <hpa@linux.intel.com> 2012-10-19 10:55:09 -0400
commit: 4533d86270d7986e00594495dde9a109d6be27ae (patch)
tree: c2473cac653f7b98e5bd5e6475e63734be4b7644 /security/selinux/hooks.c
parent: 21c5e50e15b1abd797e62f18fd7f90b9cc004cbd (diff)
parent: 5bc66170dc486556a1e36fd384463536573f4b82 (diff)
1 files changed, 20 insertions, 55 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 6c77f63c7591..61a53367d029 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -2088,15 +2088,19 @@ static int selinux_bprm_secureexec(struct linux_binprm *bprm)
        return (atsecure || cap_bprm_secureexec(bprm));
 }
+static int match_file(const void *p, struct file *file, unsigned fd)
+{
+        return file_has_perm(p, file, file_to_av(file)) ? fd + 1 : 0;
+}
 /* Derived from fs/exec.c:flush_old_files. */
 static inline void flush_unauthorized_files(const struct cred *cred,
                                            struct files_struct *files)
 {
        struct file *file, *devnull = NULL;
        struct tty_struct *tty;
-        struct fdtable *fdt;
-        long j = -1;
        int drop_tty = 0;
+        unsigned n;
        tty = get_current_tty();
        if (tty) {
@@ -2123,58 +2127,19 @@ static inline void flush_unauthorized_files(const struct cred *cred,
                no_tty();
        /* Revalidate access to inherited open files. */
-        spin_lock(&files->file_lock);
+        n = iterate_fd(files, 0, match_file, cred);
-        for (;;) {
+        if (!n) /* none found? */
-                unsigned long set, i;
+                return;
-                int fd;
-                j++;
-                i = j * BITS_PER_LONG;
-                fdt = files_fdtable(files);
-                if (i >= fdt->max_fds)
-                        break;
-                set = fdt->open_fds[j];
-                if (!set)
-                        continue;
-                spin_unlock(&files->file_lock);
-                for ( ; set ; i++, set >>= 1) {
-                        if (set & 1) {
-                                file = fget(i);
-                                if (!file)
-                                        continue;
-                                if (file_has_perm(cred,
-                                                  file,
-                                                  file_to_av(file))) {
-                                        sys_close(i);
-                                        fd = get_unused_fd();
-                                        if (fd != i) {
-                                                if (fd >= 0)
-                                                        put_unused_fd(fd);
-                                                fput(file);
-                                                continue;
-                                        }
-                                        if (devnull) {
-                                                get_file(devnull);
-                                        } else {
-                                                devnull = dentry_open(
-                                                        &selinux_null,
-                                                        O_RDWR, cred);
-                                                if (IS_ERR(devnull)) {
-                                                        devnull = NULL;
-                                                        put_unused_fd(fd);
-                                                        fput(file);
-                                                        continue;
-                                                }
-                                        }
-                                        fd_install(fd, devnull);
-                                }
-                                fput(file);
-                        }
-                }
-                spin_lock(&files->file_lock);
-        }
+        devnull = dentry_open(&selinux_null, O_RDWR, cred);
-        spin_unlock(&files->file_lock);
+        if (IS_ERR(devnull))
+                devnull = NULL;
+        /* replace all the matching ones with this */
+        do {
+                replace_fd(n - 1, devnull, 0);
+        } while ((n = iterate_fd(files, n, match_file, cred)) != 0);
+        if (devnull)
+                fput(devnull);
 }
 /*
@@ -2483,9 +2448,9 @@ static int selinux_sb_statfs(struct dentry *dentry)
        return superblock_has_perm(cred, dentry->d_sb, FILESYSTEM__GETATTR, &ad);
 }
-static int selinux_mount(char *dev_name,
+static int selinux_mount(const char *dev_name,
                         struct path *path,
-                         char *type,
+                         const char *type,
                         unsigned long flags,
                         void *data)
 {
author	H. Peter Anvin <hpa@linux.intel.com>	2012-10-19 10:54:24 -0400
committer	H. Peter Anvin <hpa@linux.intel.com>	2012-10-19 10:55:09 -0400
commit	4533d86270d7986e00594495dde9a109d6be27ae (patch)
tree	c2473cac653f7b98e5bd5e6475e63734be4b7644 /security/selinux/hooks.c
parent	21c5e50e15b1abd797e62f18fd7f90b9cc004cbd (diff)
parent	5bc66170dc486556a1e36fd384463536573f4b82 (diff)

diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 6c77f63c7591..61a53367d029 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c
@@ -2088,15 +2088,19 @@ static int selinux_bprm_secureexec(struct linux_binprm *bprm)
2088	return (atsecure \|\| cap_bprm_secureexec(bprm));	2088	return (atsecure \|\| cap_bprm_secureexec(bprm));
2089	}	2089	}
2090		2090
		2091	static int match_file(const void p, struct file file, unsigned fd)
		2092	{
		2093	return file_has_perm(p, file, file_to_av(file)) ? fd + 1 : 0;
		2094	}
		2095
2091	/* Derived from fs/exec.c:flush_old_files. */	2096	/* Derived from fs/exec.c:flush_old_files. */
2092	static inline void flush_unauthorized_files(const struct cred *cred,	2097	static inline void flush_unauthorized_files(const struct cred *cred,
2093	struct files_struct *files)	2098	struct files_struct *files)
2094	{	2099	{
2095	struct file file, devnull = NULL;	2100	struct file file, devnull = NULL;
2096	struct tty_struct *tty;	2101	struct tty_struct *tty;
2097	struct fdtable *fdt;
2098	long j = -1;
2099	int drop_tty = 0;	2102	int drop_tty = 0;
		2103	unsigned n;
2100		2104
2101	tty = get_current_tty();	2105	tty = get_current_tty();
2102	if (tty) {	2106	if (tty) {
@@ -2123,58 +2127,19 @@ static inline void flush_unauthorized_files(const struct cred *cred,
2123	no_tty();	2127	no_tty();
2124		2128
2125	/* Revalidate access to inherited open files. */	2129	/* Revalidate access to inherited open files. */
2126	spin_lock(&files->file_lock);	2130	n = iterate_fd(files, 0, match_file, cred);
2127	for (;;) {	2131	if (!n) /* none found? */
2128	unsigned long set, i;	2132	return;
2129	int fd;
2130
2131	j++;
2132	i = j * BITS_PER_LONG;
2133	fdt = files_fdtable(files);
2134	if (i >= fdt->max_fds)
2135	break;
2136	set = fdt->open_fds[j];
2137	if (!set)
2138	continue;
2139	spin_unlock(&files->file_lock);
2140	for ( ; set ; i++, set >>= 1) {
2141	if (set & 1) {
2142	file = fget(i);
2143	if (!file)
2144	continue;
2145	if (file_has_perm(cred,
2146	file,
2147	file_to_av(file))) {
2148	sys_close(i);
2149	fd = get_unused_fd();
2150	if (fd != i) {
2151	if (fd >= 0)
2152	put_unused_fd(fd);
2153	fput(file);
2154	continue;
2155	}
2156	if (devnull) {
2157	get_file(devnull);
2158	} else {
2159	devnull = dentry_open(
2160	&selinux_null,
2161	O_RDWR, cred);
2162	if (IS_ERR(devnull)) {
2163	devnull = NULL;
2164	put_unused_fd(fd);
2165	fput(file);
2166	continue;
2167	}
2168	}
2169	fd_install(fd, devnull);
2170	}
2171	fput(file);
2172	}
2173	}
2174	spin_lock(&files->file_lock);
2175		2133
2176	}	2134	devnull = dentry_open(&selinux_null, O_RDWR, cred);
2177	spin_unlock(&files->file_lock);	2135	if (IS_ERR(devnull))
		2136	devnull = NULL;
		2137	/* replace all the matching ones with this */
		2138	do {
		2139	replace_fd(n - 1, devnull, 0);
		2140	} while ((n = iterate_fd(files, n, match_file, cred)) != 0);
		2141	if (devnull)
		2142	fput(devnull);
2178	}	2143	}
2179		2144
2180	/*	2145	/*
@@ -2483,9 +2448,9 @@ static int selinux_sb_statfs(struct dentry *dentry)
2483	return superblock_has_perm(cred, dentry->d_sb, FILESYSTEM__GETATTR, &ad);	2448	return superblock_has_perm(cred, dentry->d_sb, FILESYSTEM__GETATTR, &ad);
2484	}	2449	}
2485		2450
2486	static int selinux_mount(char *dev_name,	2451	static int selinux_mount(const char *dev_name,
2487	struct path *path,	2452	struct path *path,
2488	char *type,	2453	const char *type,
2489	unsigned long flags,	2454	unsigned long flags,
2490	void *data)	2455	void *data)
2491	{	2456	{