iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/fs
History
Andy Lutomirski 23adbe12ef fs,userns: Change inode_capable to capable_wrt_inode_uidgid 
The kernel has no concept of capabilities with respect to inodes; inodes
exist independently of namespaces.  For example, inode_capable(inode,
CAP_LINUX_IMMUTABLE) would be nonsense.

This patch changes inode_capable to check for uid and gid mappings and
renames it to capable_wrt_inode_uidgid, which should make it more
obvious what it does.

Fixes CVE-2014-4014.

Cc: Theodore Ts'o <tytso@mit.edu>
Cc: Serge Hallyn <serge.hallyn@ubuntu.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Dave Chinner <david@fromorbit.com>
Cc: stable@vger.kernel.org
Signed-off-by: Andy Lutomirski <luto@amacapital.net>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2014-06-10 13:57:22 -07:00
..
9p
9p fixes for the 3.16 merge window
2014-06-08 14:35:19 -07:00
adfs
fs/adfs/super.c: add __init to init_inodecache()
2014-04-07 16:36:08 -07:00
affs
fs/affs: pr_debug cleanup
2014-06-06 16:08:13 -07:00
afs
File locking related changes for v3.16
2014-06-04 08:12:50 -07:00
autofs4
fs/autofs4/dev-ioctl.c: add __init to autofs_dev_ioctl_init
2014-06-04 16:54:21 -07:00
befs
fs/befs: kernel-doc fixes
2014-06-06 16:08:09 -07:00
bfs
fs/bfs/inode.c: add __init to init_inodecache()
2014-04-07 16:36:08 -07:00
btrfs
Merge branch 'next' (accumulated 3.16 merge window patches) into master
2014-06-08 11:31:16 -07:00
cachefiles
fs/cachefiles: replace kerror by pr_err
2014-06-06 16:08:14 -07:00
ceph
fs/ceph/debugfs.c: replace seq_printf by seq_puts
2014-06-06 16:08:06 -07:00
cifs
Merge branch 'for-next' of git://git.samba.org/sfrench/cifs-2.6
2014-06-09 19:08:43 -07:00
coda
coda: convert use of typedef ctl_table to struct ctl_table
2014-06-06 16:08:16 -07:00
configfs
fs/configfs: use pr_fmt
2014-06-04 16:53:53 -07:00
cramfs
Major changes for 3.14 include support for the newly added ZERO_RANGE
2014-04-04 15:39:39 -07:00
debugfs
Major changes for 3.14 include support for the newly added ZERO_RANGE
2014-04-04 15:39:39 -07:00
devpts
fs/devpts/inode.c: convert printk to pr_foo()
2014-06-06 16:08:14 -07:00
dlm
fs/dlm/debug_fs.c: replace seq_printf by seq_puts
2014-06-06 16:08:18 -07:00
ecryptfs
Merge branch 'cross-rename' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs
2014-04-04 14:03:05 -07:00
efivarfs
fs/efivarfs/super.c: use static const for dentry_operations
2014-06-04 16:54:14 -07:00
efs
fs/efs: convert printk(KERN_DEBUG to pr_debug
2014-06-04 16:54:21 -07:00
exofs
ore: Support for raid 6
2014-05-22 14:48:15 +03:00
exportfs
fs/exportfs/expfs.c: kernel-doc warning fixes
2014-06-04 16:54:14 -07:00
ext2
Merge branch 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs
2014-04-07 17:59:17 -07:00
ext3
Merge branch 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs
2014-04-07 17:59:17 -07:00
ext4
Clean ups and miscellaneous bug fixes, in particular for the new
2014-06-08 13:03:35 -07:00
f2fs
f2fs updates for v3.16
2014-06-09 19:11:44 -07:00
fat
fs/fat/inode.c: clean up string initializations (char[] instead of char *)
2014-06-06 16:08:11 -07:00
freevxfs
Major changes for 3.14 include support for the newly added ZERO_RANGE
2014-04-04 15:39:39 -07:00
fscache
fscache: convert use of typedef ctl_table to struct ctl_table
2014-06-06 16:08:16 -07:00
fuse
mm: non-atomically mark page accessed during page cache allocation where possible
2014-06-04 16:54:10 -07:00
gfs2
mm: non-atomically mark page accessed during page cache allocation where possible
2014-06-04 16:54:10 -07:00
hfs
Major changes for 3.14 include support for the newly added ZERO_RANGE
2014-04-04 15:39:39 -07:00
hfsplus
hfsplus: fix compiler warning on PowerPC
2014-06-06 16:08:10 -07:00
hostfs
mm + fs: store shadow entries in page cache
2014-04-03 16:21:01 -07:00
hpfs
fs/hpfs: increase pr_warn level
2014-06-06 16:08:10 -07:00
hppfs
hugetlbfs
fs/hugetlbfs/inode.c: remove null test before kfree
2014-06-04 16:54:11 -07:00
isofs
Merge branch 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs
2014-04-07 17:59:17 -07:00
jbd
jbd: Revise KERN_EMERG error messages
2013-12-04 12:27:46 +01:00
jbd2
arch: Mass conversion of smp_mb__*()
2014-04-18 14:20:48 +02:00
jffs2
signals: jffs2: fix the wrong usage of disallow_signal()
2014-06-06 16:08:11 -07:00
jfs
fs/jfs/super.c: convert simple_str to kstr
2014-06-03 14:14:00 -05:00
kernfs
kernfs: move the last knowledge of sysfs out from kernfs
2014-06-03 08:11:18 -07:00
lockd
Merge branch 'for-3.16' of git://linux-nfs.org/~bfields/linux
2014-06-10 11:50:57 -07:00
logfs
mm + fs: store shadow entries in page cache
2014-04-03 16:21:01 -07:00
minix
Major changes for 3.14 include support for the newly added ZERO_RANGE
2014-04-04 15:39:39 -07:00
ncpfs
fs/ncpfs/getopt.c: replace simple_strtoul by kstrtoul
2014-06-04 16:54:21 -07:00
nfs
Merge branch 'for-3.16' of git://linux-nfs.org/~bfields/linux
2014-06-10 11:50:57 -07:00
nfs_common
nfsd
nfsd4: fix FREE_STATEID lockowner leak
2014-06-09 17:13:54 -04:00
nilfs2
mm: implement ->map_pages for page cache
2014-04-07 16:35:53 -07:00
nls
nls: have register_nls() set ->owner
2014-01-25 03:14:05 -05:00
notify
inotify: convert use of typedef ctl_table to struct ctl_table
2014-06-06 16:08:16 -07:00
ntfs
ntfs: convert use of typedef ctl_table to struct ctl_table
2014-06-06 16:08:16 -07:00
ocfs2
fs/buffer.c: remove block_write_full_page_endio()
2014-06-04 16:54:02 -07:00
omfs
mm + fs: store shadow entries in page cache
2014-04-03 16:21:01 -07:00
openpromfs
fs: push sync_filesystem() down to the file system's remount_fs()
2014-03-13 10:14:33 -04:00
proc
Merge branch 'next' (accumulated 3.16 merge window patches) into master
2014-06-08 11:31:16 -07:00
pstore
fs/pstore: logging clean-up
2014-06-06 16:08:13 -07:00
qnx4
fs: push sync_filesystem() down to the file system's remount_fs()
2014-03-13 10:14:33 -04:00
qnx6
fs: push sync_filesystem() down to the file system's remount_fs()
2014-03-13 10:14:33 -04:00
quota
Merge branch 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs
2014-04-07 17:59:17 -07:00
ramfs
fs/ramfs: move ramfs_aops to inode.c
2014-01-23 16:36:58 -08:00
reiserfs
fs/reiserfs/stree.c: remove obsolete __constant
2014-06-06 16:08:17 -07:00
romfs
fs: push sync_filesystem() down to the file system's remount_fs()
2014-03-13 10:14:33 -04:00
squashfs
fs/squashfs/squashfs.h: replace pr_warning by pr_warn
2014-06-04 16:53:52 -07:00
sysfs
kernfs: move the last knowledge of sysfs out from kernfs
2014-06-03 08:11:18 -07:00
sysv
Major changes for 3.14 include support for the newly added ZERO_RANGE
2014-04-04 15:39:39 -07:00
ubifs
This pull request contains several UBIFS fixes. One of them fixes a race
2014-06-10 08:55:46 -07:00
udf
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2014-04-12 14:49:50 -07:00
ufs
ufs: sb mutex merge + mutex_destroy
2014-06-06 16:08:18 -07:00
xfs
fs,userns: Change inode_capable to capable_wrt_inode_uidgid
2014-06-10 13:57:22 -07:00
aio.c
aio: fix potential leak in aio_run_iocb().
2014-05-01 08:37:43 -04:00
anon_inodes.c
vfs: Allocate anon_inode_inode in anon_inode_init()
2014-03-27 09:52:54 -07:00
attr.c
fs,userns: Change inode_capable to capable_wrt_inode_uidgid
2014-06-10 13:57:22 -07:00
bad_inode.c
binfmt_aout.c
dump_skip(): dump_seek() replacement taking coredump_params
2013-11-09 00:16:26 -05:00
binfmt_elf_fdpic.c
elf{,_fdpic} coredump: get rid of pointless if (siginfo->si_signo)
2013-11-09 00:16:30 -05:00
binfmt_elf.c
Merge branch 'x86/vdso' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip into next
2014-06-05 08:05:29 -07:00
binfmt_em86.c
binfmt_flat.c
fs/binfmt_flat.c: make old_reloc() static
2014-06-04 16:54:21 -07:00
binfmt_misc.c
binfmt_misc: add missing 'break' statement
2014-04-03 16:21:16 -07:00
binfmt_script.c
binfmt_som.c
block_dev.c
fs/block_dev.c: add bdev_read_page() and bdev_write_page()
2014-06-04 16:54:02 -07:00
buffer.c
mm: non-atomically mark page accessed during page cache allocation where possible
2014-06-04 16:54:10 -07:00
char_dev.c
Merge branch 'for-3.13/core' of git://git.kernel.dk/linux-block
2013-11-14 12:08:14 +09:00
compat_binfmt_elf.c
binfmt_elf: add ELF_HWCAP2 to compat auxv entries
2014-03-04 08:05:21 +00:00
compat_ioctl.c
fs/compat: convert to COMPAT_SYSCALL_DEFINE with changing parameter types
2014-03-06 16:30:44 +01:00
compat.c
locks: rename file-private locks to "open file description locks"
2014-04-22 08:23:58 -04:00
coredump.c
coredump: fix va_list corruption
2014-04-19 13:23:31 -07:00
dcache.c
fs: convert use of typedef ctl_table to struct ctl_table
2014-06-06 16:08:16 -07:00
dcookies.c
fs/compat: fix lookup_dcookie() parameter handling
2014-01-29 16:22:40 -08:00
direct-io.c
xfs: update for 3.15-rc1
2014-04-04 15:50:08 -07:00
drop_caches.c
fs: convert use of typedef ctl_table to struct ctl_table
2014-06-06 16:08:16 -07:00
eventfd.c
eventfd_ctx_fdget(): use fdget() instead of fget()
2014-01-25 03:13:04 -05:00
eventpoll.c
fs: convert use of typedef ctl_table to struct ctl_table
2014-06-06 16:08:16 -07:00
exec.c
metag: Reduce maximum stack size to 256MB
2014-05-15 00:00:35 +01:00
fcntl.c
locks: rename file-private locks to "open file description locks"
2014-04-22 08:23:58 -04:00
fhandle.c
file_table.c
fs: convert use of typedef ctl_table to struct ctl_table
2014-06-06 16:08:16 -07:00
file.c
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2014-04-12 14:49:50 -07:00
filesystems.c
sys_sysfs: Add CONFIG_SYSFS_SYSCALL
2014-04-03 16:21:05 -07:00
fs_struct.c
seqcount: Add lockdep functionality to seqcount/seqlock structures
2013-11-06 12:40:26 +01:00
fs-writeback.c
One of the main highlights this time, is not the patches themselves
2014-04-04 14:49:16 -07:00
inode.c
fs,userns: Change inode_capable to capable_wrt_inode_uidgid
2014-06-10 13:57:22 -07:00
internal.h
get rid of s_files and files_lock
2013-11-09 00:16:20 -05:00
ioctl.c
Kconfig
kernfs: add CONFIG_KERNFS
2014-02-07 16:08:57 -08:00
Kconfig.binfmt
libfs.c
fs/libfs.c: add generic data flush to fsync
2014-06-04 16:53:55 -07:00
locks.c
locks: add some tracepoints in the lease handling code
2014-06-02 08:09:30 -04:00
Makefile
block: move ioprio.c from fs/ to block/
2014-05-19 11:02:18 -06:00
mbcache.c
ext4: each filesystem creates and uses its own mb_cache
2014-03-18 19:24:49 -04:00
mount.h
reduce m_start() cost...
2014-04-01 23:19:09 -04:00
mpage.c
fs/block_dev.c: add bdev_read_page() and bdev_write_page()
2014-06-04 16:54:02 -07:00
namei.c
fs,userns: Change inode_capable to capable_wrt_inode_uidgid
2014-06-10 13:57:22 -07:00
namespace.c
VFS: Make delayed_free() call free_vfsmnt()
2014-04-01 23:19:18 -04:00
no-block.c
open.c
These are regression and bug fixes for ext4.
2014-04-20 20:43:47 -07:00
pipe.c
switch pipe_read() to copy_page_to_iter()
2014-04-01 23:19:22 -04:00
pnode.c
smarter propagate_mnt()
2014-04-01 23:19:08 -04:00
pnode.h
smarter propagate_mnt()
2014-04-01 23:19:08 -04:00
posix_acl.c
posix_acl: handle NULL ACL in posix_acl_equiv_mode
2014-05-06 13:58:42 -04:00
proc_namespace.c
reduce m_start() cost...
2014-04-01 23:19:09 -04:00
read_write.c
Merge branch 'compat' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux
2014-03-31 14:32:17 -07:00
readdir.c
fanotify: create FAN_ACCESS event for readdir
2014-06-04 16:53:52 -07:00
select.c
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2013-11-13 15:34:18 +09:00
seq_file.c
seq_file: always clear m->count when we free m->buf
2013-11-18 19:07:53 -08:00
signalfd.c
splice.c
vfs: fix vmplice_to_user()
2014-05-28 01:54:52 -04:00
stack.c
stat.c
vfs: split out vfs_getattr_nosec
2013-11-09 00:16:31 -05:00
statfs.c
super.c
fs/superblock: avoid locking counting inodes and dentries before reclaiming them
2014-06-04 16:54:11 -07:00
sync.c
Revert "writeback: do not sync data dirtied after sync start"
2014-02-22 02:02:28 +01:00
timerfd.c
timerfd: support CLOCK_BOOTTIME clock
2014-01-23 16:57:40 -08:00
utimes.c
locks: break delegations on any attribute modification
2013-11-09 00:16:44 -05:00
xattr.c