android_kernel_oneplus_msm8998

History

Jan Kara 57c9cfdb61 posix_acl: Clear SGID bit when setting file permissions commit 073931017b49d9458aa351605b43a7e34598caef upstream. When file permissions are modified via chmod(2) and the user is not in the owning group or capable of CAP_FSETID, the setgid bit is cleared in inode_change_ok(). Setting a POSIX ACL via setxattr(2) sets the file permissions as well as the new ACL, but doesn't clear the setgid bit in a similar way; this allows to bypass the check in chmod(2). Fix that. References: CVE-2016-7097 Reviewed-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Jan Kara <jack@suse.cz> Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2016-10-31 04:13:58 -06:00
..
acl.c	posix_acl: Clear SGID bit when setting file permissions	2016-10-31 04:13:58 -06:00
acl.h	GFS2: Increase the max number of ACLs	2014-03-19 15:16:24 +00:00
aops.c	GFS2: merge window	2015-06-27 09:47:46 -07:00
bmap.c	gfs2: perform quota checks against allocation parameters	2015-03-18 12:46:54 -05:00
bmap.h	GFS2: Clean up journal extent mapping	2014-03-03 13:50:12 +00:00
dentry.c	VFS: normal filesystems (and lustre): d_inode() annotations	2015-04-15 15:06:57 -04:00
dir.c	GFS2: Protect freeing directory hash table with i_lock spin_lock	2015-11-04 12:05:42 -06:00
dir.h	GFS2: Make rename not save dirent location	2014-10-01 14:06:15 +01:00
export.c	VFS: normal filesystems (and lustre): d_inode() annotations	2015-04-15 15:06:57 -04:00
file.c	GFS2: merge window	2015-11-09 18:01:23 -08:00
gfs2.h
glock.c	gfs2: Remove gl_spin define	2015-10-29 12:57:48 -05:00
glock.h	gfs2: Remove gl_spin define	2015-10-29 12:57:48 -05:00
glops.c	gfs2: Remove gl_spin define	2015-10-29 12:57:48 -05:00
glops.h	GFS2: update freeze code to use freeze/thaw_super on all nodes	2014-11-17 10:36:39 +00:00
incore.h	gfs2: Remove gl_spin define	2015-10-29 12:57:48 -05:00
inode.c	GFS2: merge window	2015-06-27 09:47:46 -07:00
inode.h	GFS2: Add atomic_open support	2013-06-14 11:17:15 +01:00
Kconfig
lock_dlm.c	remove abs64()	2015-11-09 15:11:24 -08:00
log.c	GFS2: update freeze code to use freeze/thaw_super on all nodes	2014-11-17 10:36:39 +00:00
log.h	GFS2: remove transaction glock	2014-05-14 10:04:34 +01:00
lops.c	GFS2: merge window	2015-09-11 12:23:51 -07:00
lops.h	GFS2: Move log buffer lists into transaction	2014-02-24 16:54:54 +00:00
main.c	gfs2: Remove gl_spin define	2015-10-29 12:57:48 -05:00
Makefile
meta_io.c	GFS2: Move glock superblock pointer to field gl_name	2015-09-03 13:33:09 -05:00
meta_io.h	GFS2: Move glock superblock pointer to field gl_name	2015-09-03 13:33:09 -05:00
ops_fstype.c	GFS2: Set s_mode before parsing mount options	2015-09-23 08:45:43 -05:00
quota.c	GFS2: Move glock superblock pointer to field gl_name	2015-09-03 13:33:09 -05:00
quota.h	gfs2: perform quota checks against allocation parameters	2015-03-18 12:46:54 -05:00
recovery.c	GFS2: fix sprintf format specifier	2015-01-13 10:48:57 +00:00
recovery.h	GFS2: Move recovery variables to journal structure in memory	2014-03-07 09:14:48 +00:00
rgrp.c	GFS2: Fix rgrp end rounding problem for bsize < page size	2015-11-09 09:38:02 -06:00
rgrp.h	GFS2: Don't brelse rgrp buffer_heads every allocation	2015-06-19 07:40:22 -05:00
super.c	fs: create and use seq_show_option for escaping	2015-09-04 16:54:41 -07:00
super.h	GFS2: update freeze code to use freeze/thaw_super on all nodes	2014-11-17 10:36:39 +00:00
sys.c	gfs2: convert simple_str to kstr	2015-05-05 13:23:22 -05:00
sys.h
trace_gfs2.h	gfs2: Make statistics unsigned, suitable for use with do_div()	2015-09-03 13:33:32 -05:00
trans.c	gfs2: Add missing else in trans_add_meta/data	2015-10-01 12:00:59 -05:00
trans.h
util.c	GFS2: Convert gfs2_lm_withdraw to use fs_err	2014-03-07 09:39:18 +00:00
util.h	GFS2: Convert gfs2_lm_withdraw to use fs_err	2014-03-07 09:39:18 +00:00
xattr.c	xattr handlers: Pass handler to operations instead of flags	2015-11-13 20:34:32 -05:00
xattr.h