LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
From: Andrew Morgan <morgan@kernel.org>
To: "Serge E. Hallyn" <serue@us.ibm.com>
Cc: Jiri Slaby <jirislaby@gmail.com>,
	Andrew Morton <akpm@linux-foundation.org>,
	linux-kernel@vger.kernel.org, James Morris <jmorris@namei.org>,
	Stephen Smalley <sds@tycho.nsa.gov>,
	Paul Moore <paul.moore@hp.com>
Subject: Re: prctl(0x8) -> EINVAL [Was: 2.6.25-rc3-mm1]
Date: Sun, 09 Mar 2008 09:28:47 -0700	[thread overview]
Message-ID: <47D4103F.6070409@kernel.org> (raw)
In-Reply-To: <20080305140624.GA9128@sergelap.austin.ibm.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Acked-by: Andrew G. Morgan <morgan@kernel.org>

Cheers

Andrew

Serge E. Hallyn wrote:
|
| This patch address the !CONFIG_SECURITY case, but not the case of
| using the dummy LSM.  The default these days is to have capabilities
| compiled in no matter what, but it is still possible to have
| CONFIG_SECURITY=y and CONFIG_SECURITY_CAPABILITIES=n, in which
| case prctl(0x8) will return -EINVAL.  Do we want dummy to call
| cap_prctl() as well, or are we ok with userspace getting -EINVAL
| given that there are in fact no capabilities at that point and
| the userspace code is clearly expecting them?
|
| thanks,
| -serge
|
|>From 4a66f19580489a3ac84f0a145e4585c09e65c88e Mon Sep 17 00:00:00 2001
| From: Serge E. Hallyn <serue@us.ibm.com>
| Date: Wed, 5 Mar 2008 06:02:32 -0800
| Subject: [PATCH 1/1] capabilities: use cap_task_prctl when
!CONFIG_SECURITY
|
| capabilities-implement-per-process-securebits.patch introduced
| cap_task_prctl() and moved the handling of capability-related
| prctl into it.  So when !CONFIG_SECURITY, the default
| security_task_prctl() needs to call cap_task_prctl() the way
| other default hooks call capability helpers when they exist.
|
| This fixes a slew of userspace breakages when
| CONFIG_SECURITY=n.
|
| Signed-off-by: Serge E. Hallyn <serue@us.ibm.com>
| ---
|  include/linux/security.h |    2 +-
|  1 files changed, 1 insertions(+), 1 deletions(-)
|
| diff --git a/include/linux/security.h b/include/linux/security.h
| index 83763b0..861d6da 100644
| --- a/include/linux/security.h
| +++ b/include/linux/security.h
| @@ -2228,7 +2228,7 @@ static inline int security_task_prctl (int
option, unsigned long arg2,
|  				       unsigned long arg4,
|  				       unsigned long arg5, long *rc_p)
|  {
| -	return 0;
| +	return cap_task_prctl(option, arg2, arg3, arg3, arg5, rc_p);
|  }
|
|  static inline void security_task_reparent_to_init (struct task_struct *p)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFH1BA/mwytjiwfWMwRAkQ3AJ4h7rKORHnRvoQrPh/l1psZEwsRJACePk1T
AooB76FrfRd63O2kOpPvqNU=
=rxzU
-----END PGP SIGNATURE-----

  parent reply	other threads:[~2008-03-09 16:29 UTC|newest]

Thread overview: 76+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2008-03-04  9:19 2.6.25-rc3-mm1 Andrew Morton
2008-03-04 11:59 ` 2.6.25-rc3-mm1 Cornelia Huck
2008-03-04 19:35   ` 2.6.25-rc3-mm1 Greg KH
2008-03-04 13:12 ` [BUG] 2.6.25-rc3-mm1 kernel panic while bootup on powerpc () Kamalesh Babulal
2008-03-04 14:40   ` Michael Neuling
2008-03-04 18:33     ` Andrew Morton
2008-03-05  8:23       ` Benjamin Herrenschmidt
2008-03-06  0:03       ` Benjamin Herrenschmidt
2008-03-06  0:44         ` Andrew Morton
2008-03-06  0:52           ` Benjamin Herrenschmidt
2008-03-04 18:36   ` Andrew Morton
2008-03-04 18:47     ` Pekka Enberg
2008-03-04 19:18     ` Pekka Enberg
2008-03-05  8:22   ` Benjamin Herrenschmidt
2008-03-04 16:35 ` 2.6.25-rc3-mm1 (IDE) Randy Dunlap
2008-03-06 21:14   ` Bartlomiej Zolnierkiewicz
2008-03-04 16:45 ` 2.6.25-rc3-mm1 (CCISS) Randy Dunlap
2008-03-04 17:02   ` Miller, Mike (OS Dev)
2008-03-04 17:14     ` Randy Dunlap
2008-03-04 18:14       ` Jens Axboe
2008-03-04 19:12 ` [PATCH 2.6.25-rc3-mm1] fix ext2 borkage Hugh Dickins
2008-03-04 19:20 ` [BUG] 2.6.25-rc3-mm1 kernel bug while running libhugetlbfs Kamalesh Babulal
2008-03-04 19:51   ` Andrew Morton
2008-03-04 22:01     ` Adam Litke
2008-03-05  7:52       ` Kamalesh Babulal
2008-03-04 20:24 ` 2.6.25-rc3-mm1 (wakeup) Randy Dunlap
2008-03-04 22:33   ` Rafael J. Wysocki
2008-03-05  7:40     ` Sam Ravnborg
2008-03-04 21:26 ` 2.6.25-rc3-mm1 (9p docs) Randy Dunlap
2008-03-04 21:43   ` Eric Van Hensbergen
2008-03-05  7:21 ` 2.6.25-rc3-mm1 - PROFILE_LIKELY redux Valdis.Kletnieks
2008-03-05 17:45   ` Andi Kleen
2008-03-05 18:02     ` Andrew Morton
2008-03-05 18:22       ` Andi Kleen
2008-03-05 22:26       ` Valdis.Kletnieks
2008-03-05 23:49         ` Andrew Morton
2008-03-05 19:59     ` Valdis.Kletnieks
2008-03-05 21:56       ` Andi Kleen
2008-03-05 10:51 ` prctl(0x8) -> EINVAL [Was: 2.6.25-rc3-mm1] Jiri Slaby
2008-03-05 10:59   ` Jiri Slaby
2008-03-05 14:06   ` Serge E. Hallyn
2008-03-05 15:18     ` Jiri Slaby
2008-03-09 16:28     ` Andrew Morgan [this message]
2008-03-05 13:04 ` 2.6.25-rc3-mm1 Pavel Emelyanov
2008-03-05 13:12   ` 2.6.25-rc3-mm1 (SYSFS=n breaks module engine) Pavel Emelyanov
2008-03-05 13:31   ` 2.6.25-rc3-mm1 Kay Sievers
2008-03-05 13:38     ` 2.6.25-rc3-mm1 Pavel Emelyanov
2008-03-05 13:54       ` 2.6.25-rc3-mm1 Kay Sievers
2008-03-05 14:28         ` 2.6.25-rc3-mm1 Pavel Emelyanov
2008-03-05 16:40   ` 2.6.25-rc3-mm1 Greg KH
2008-03-05 16:59     ` 2.6.25-rc3-mm1 Pavel Emelyanov
2008-03-05 17:07       ` 2.6.25-rc3-mm1 Greg KH
2008-03-05 21:34 ` 2.6.25-rc3-mm1 ppc64 boot hang Badari Pulavarty
2008-03-05 21:54   ` Andrew Morton
2008-03-05 22:35     ` Badari Pulavarty
2008-03-05 23:17     ` Stephen Rothwell
2008-03-07  3:58 ` 2.6.25-rc3-mm1 - BUG at system shutdown time Valdis.Kletnieks
2008-03-07  6:16   ` Andrew Morton
2008-03-07  7:52     ` Valdis.Kletnieks
2008-03-07  8:06       ` Thomas Gleixner
2008-03-07  8:23         ` Valdis.Kletnieks
2008-03-07  8:34           ` Thomas Gleixner
2008-03-07 19:30             ` Valdis.Kletnieks
2008-03-12  7:32   ` Andrew Morton
2008-03-13  2:19     ` Valdis.Kletnieks
2008-03-13  2:32       ` Andrew Morton
2008-03-13  3:57         ` Valdis.Kletnieks
2008-03-13  4:27           ` Andrew Morton
2008-03-14 18:50             ` Valdis.Kletnieks
2008-03-21 13:41       ` Ingo Molnar
2008-03-21 19:38         ` Valdis.Kletnieks
2008-03-21 19:58           ` Ingo Molnar
2008-03-21 20:05             ` Valdis.Kletnieks
2008-03-21 20:12               ` Ingo Molnar
2008-03-22  3:11                 ` Hoo-fscking-ray - (was " Valdis.Kletnieks
2008-03-22 12:09                   ` Ingo Molnar

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=47D4103F.6070409@kernel.org \
    --to=morgan@kernel.org \
    --cc=akpm@linux-foundation.org \
    --cc=jirislaby@gmail.com \
    --cc=jmorris@namei.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=paul.moore@hp.com \
    --cc=sds@tycho.nsa.gov \
    --cc=serue@us.ibm.com \
    --subject='Re: prctl(0x8) -> EINVAL [Was: 2.6.25-rc3-mm1]' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).