evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_oneplus_msm8998/include
History
Jan Kara 49b60d4aa9 BACKPORT: posix_acl: Clear SGID bit when setting file permissions 
(cherry pick from commit 073931017b49d9458aa351605b43a7e34598caef)

When file permissions are modified via chmod(2) and the user is not in
the owning group or capable of CAP_FSETID, the setgid bit is cleared in
inode_change_ok().  Setting a POSIX ACL via setxattr(2) sets the file
permissions as well as the new ACL, but doesn't clear the setgid bit in
a similar way; this allows to bypass the check in chmod(2).  Fix that.

NB: We did not resolve the ACL leak in this CL, require additional
    upstream fix.

References: CVE-2016-7097
Reviewed-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
Bug: 32458736
Change-Id: I19591ad452cc825ac282b3cfd2daaa72aa9a1ac1
2017-02-07 15:21:07 +00:00
..
acpi Merge branch 'acpi-pci' 2015-11-07 01:30:10 +01:00
asm-generic UPSTREAM: vmlinux.lds.h: allow arch specific handling of ro_after_init data section 2016-09-23 10:04:42 -07:00
clocksource
crypto Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2015-11-05 15:32:38 -08:00
drm drm/nouveau: Fix pre-nv50 pageflip events (v4) 2015-12-04 13:49:38 +10:00
dt-bindings ARM: DT updates for v4.4 2015-11-10 15:06:26 -08:00
keys KEYS: Merge the type-specific data with the payload data 2015-10-21 15:18:36 +01:00
kvm KVM: arm/arm64: arch_timer: Preserve physical dist. active state on LR.active 2015-11-24 18:07:40 +01:00
linux BACKPORT: posix_acl: Clear SGID bit when setting file permissions 2017-02-07 15:21:07 +00:00
math-emu
media [media] v4l2: add support for SDR transmitter 2015-10-20 15:40:50 -02:00
memory
misc
net net: inet: Support UID-based routing in IP protocols. 2016-12-20 01:25:22 +09:00
pcmcia
ras
rdma IB/mad: Require CM send method for everything except ClassPortInfo 2015-12-08 12:19:11 -05:00
rxrpc
scsi Merge branch 'mkp-fixes' into fixes 2015-12-03 09:32:33 -08:00
soc ARM: SoC driver updates for v4.4 2015-11-10 15:00:03 -08:00
sound Merge remote-tracking branch 'asoc/fix/dapm' into asoc-linus 2016-01-05 23:07:32 +00:00
target target: Fix race for SCF_COMPARE_AND_WRITE_POST checking 2015-11-28 19:33:15 -08:00
trace ANDROID: trace: net: use %pK for kernel pointers 2016-12-20 23:08:06 +00:00
uapi BACKPORT: hw_breakpoint: Allow watchpoint of length 3,5,6 and 7 2017-02-03 17:40:41 +00:00
video video: adf: fbdev: add stubs for kernels without ADF_FBDEV 2016-02-16 13:53:22 -08:00
xen xen: Add RING_COPY_REQUEST() 2015-12-18 10:00:17 -05:00
Kbuild