aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Documentation/filesystems/Locking4
-rw-r--r--Documentation/sysctl/fs.txt42
-rw-r--r--arch/powerpc/platforms/cell/spufs/inode.c77
-rw-r--r--arch/powerpc/platforms/cell/spufs/syscalls.c2
-rw-r--r--drivers/base/devtmpfs.c9
-rw-r--r--drivers/net/wireless/brcm80211/brcmfmac/dhd_linux.c2
-rw-r--r--drivers/staging/bcm/Misc.c31
-rw-r--r--drivers/staging/gdm72xx/sdio_boot.c7
-rw-r--r--drivers/staging/gdm72xx/usb_boot.c22
-rw-r--r--drivers/target/target_core_file.c32
-rw-r--r--drivers/usb/gadget/storage_common.c12
-rw-r--r--drivers/usb/gadget/u_uac1.c6
-rw-r--r--drivers/video/fb_defio.c2
-rw-r--r--fs/9p/vfs_file.c3
-rw-r--r--fs/btrfs/disk-io.c3
-rw-r--r--fs/btrfs/file.c3
-rw-r--r--fs/btrfs/inode.c6
-rw-r--r--fs/btrfs/ioctl.c15
-rw-r--r--fs/btrfs/transaction.c7
-rw-r--r--fs/buffer.c28
-rw-r--r--fs/ceph/addr.c3
-rw-r--r--fs/ecryptfs/inode.c30
-rw-r--r--fs/exec.c19
-rw-r--r--fs/ext2/inode.c5
-rw-r--r--fs/ext2/super.c33
-rw-r--r--fs/ext4/inode.c15
-rw-r--r--fs/ext4/mmp.c6
-rw-r--r--fs/ext4/super.c31
-rw-r--r--fs/fat/file.c15
-rw-r--r--fs/file_table.c4
-rw-r--r--fs/fuse/file.c4
-rw-r--r--fs/gfs2/file.c18
-rw-r--r--fs/gfs2/trans.c4
-rw-r--r--fs/inode.c12
-rw-r--r--fs/internal.h4
-rw-r--r--fs/lockd/clntproc.c14
-rw-r--r--fs/lockd/svc4proc.c1
-rw-r--r--fs/lockd/svclock.c1
-rw-r--r--fs/lockd/svcproc.c1
-rw-r--r--fs/namei.c313
-rw-r--r--fs/namespace.c97
-rw-r--r--fs/nfsd/nfs4recover.c9
-rw-r--r--fs/nfsd/nfsfh.c1
-rw-r--r--fs/nfsd/nfsproc.c9
-rw-r--r--fs/nfsd/vfs.c79
-rw-r--r--fs/nfsd/vfs.h11
-rw-r--r--fs/nilfs2/file.c18
-rw-r--r--fs/nilfs2/ioctl.c2
-rw-r--r--fs/nilfs2/segment.c5
-rw-r--r--fs/ntfs/file.c3
-rw-r--r--fs/ocfs2/file.c11
-rw-r--r--fs/ocfs2/ioctl.c14
-rw-r--r--fs/ocfs2/journal.c7
-rw-r--r--fs/ocfs2/mmap.c2
-rw-r--r--fs/ocfs2/refcounttree.c11
-rw-r--r--fs/open.c15
-rw-r--r--fs/pipe.c75
-rw-r--r--fs/splice.c3
-rw-r--r--fs/super.c252
-rw-r--r--fs/sysfs/bin.c2
-rw-r--r--fs/xfs/xfs_aops.c18
-rw-r--r--fs/xfs/xfs_file.c10
-rw-r--r--fs/xfs/xfs_ioctl.c55
-rw-r--r--fs/xfs/xfs_ioctl32.c12
-rw-r--r--fs/xfs/xfs_iomap.c4
-rw-r--r--fs/xfs/xfs_mount.c2
-rw-r--r--fs/xfs/xfs_mount.h3
-rw-r--r--fs/xfs/xfs_sync.c2
-rw-r--r--fs/xfs/xfs_trans.c17
-rw-r--r--fs/xfs/xfs_trans.h2
-rw-r--r--include/linux/audit.h4
-rw-r--r--include/linux/fs.h154
-rw-r--r--include/linux/mm.h1
-rw-r--r--include/linux/namei.h1
-rw-r--r--include/linux/nfsd/nfsfh.h1
-rw-r--r--include/linux/pipe_fs_i.h2
-rw-r--r--kernel/audit.c21
-rw-r--r--kernel/sysctl.c18
-rw-r--r--lib/percpu_counter.c14
-rw-r--r--mm/filemap.c31
-rw-r--r--mm/filemap_xip.c6
-rw-r--r--mm/memory.c14
-rw-r--r--net/unix/af_unix.c93
-rw-r--r--sound/sound_firmware.c8
84 files changed, 1326 insertions, 639 deletions
</
diff --git a/Documentation/filesystems/Locking b/Documentation/filesystems/Locking
index 7f647e17830c..0f103e39b4f6 100644
--- a/Documentation/filesystems/Locking
+++ b/Documentation/filesystems/Locking
@@ -138,8 +138,8 @@ evict_inode:
138put_super: write 138put_super: write
139write_super: read 139write_super: read
140sync_fs: read 140sync_fs: read
141freeze_fs: read 141freeze_fs: write
142unfreeze_fs: read 142unfreeze_fs: write
143statfs: maybe(read) (see below) 143statfs: maybe(read) (see below)
144remount_fs: write 144remount_fs: write
145umount_begin: no 145umount_begin: no
diff --git a/Documentation/sysctl/fs.txt b/Documentation/sysctl/fs.txt
index 8c235b6e4246..88152f214f48 100644
--- a/Documentation/sysctl/fs.txt
+++ b/Documentation/sysctl/fs.txt
@@ -32,6 +32,8 @@ Currently, these files are in /proc/sys/fs:
32- nr_open 32- nr_open
33- overflowuid 33- overflowuid
34- overflowgid 34- overflowgid
35- protected_hardlinks
36- protected_symlinks
35- suid_dumpable 37- suid_dumpable
36- super-max 38- super-max
37- super-nr 39- super-nr
@@ -157,6 +159,46 @@ The default is 65534.
157 159
158============================================================== 160==============================================================
159 161
162protected_hardlinks:
163
164A long-standing class of security issues is the hardlink-based
165time-of-check-time-of-use race, most commonly seen in world-writable
166directories like /tmp. The common method of exploitation of this flaw
167is to cross privilege boundaries when following a given hardlink (i.e. a
168root process follows a hardlink created by another user). Additionally,
169on systems without separated partitions, this stops unauthorized users
170from "pinning" vulnerable setuid/setgid files against being upgraded by
171the administrator, or linking to special files.
172
173When set to "0", hardlink creation behavior is unrestricted.
174
175When set to "1" hardlinks cannot be created by users if they do not
176already own the source file, or do not have read/write access to it.
177
178This protection is based on the restrictions in Openwall and grsecurity.
179
180==============================================================
181
182protected_symlinks:
183
184A long-standing class of security issues is the symlink-based
185time-of-check-time-of-use race, most commonly seen in world-writable
186directories like /tmp. The common method of exploitation of this flaw
187is to cross privilege boundaries when following a given symlink (i.e. a
188root process follows a symlink belonging to another user). For a likely
189incomplete list of hundreds of examples across the years, please see:
190http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=/tmp
191
192When set to "0", symlink following behavior is unrestricted.
193
194When set to "1" symlinks are permitted to be followed only when outside
195a sticky world-writable directory, or when the uid of the symlink and
196follower match, or when the directory owner matches the symlink's owner.
197
198This protection is based on the restrictions in Openwall and grsecurity.
199
200==============================================================