android_kernel_oneplus_msm8998/security at 52f6c8da89b93b98a1dfc5008018012dc3ffd508 - evie/android_kernel_oneplus_msm8998 - Gay Catgirls Forgejo: gay catgirls having sex

evie/android_kernel_oneplus_msm8998

History

Eric Biggers 52f6c8da89 KEYS: restrict /proc/keys by credentials at open time commit 4aa68e07d845562561f5e73c04aa521376e95252 upstream. When checking for permission to view keys whilst reading from /proc/keys, we should use the credentials with which the /proc/keys file was opened. This is because, in a classic type of exploit, it can be possible to bypass checks for the current credentials by passing the file descriptor to a suid program. Following commit 34dbbcdbf633 ("Make file credentials available to the seqfile interfaces") we can finally fix it. So let's do it. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Zubin Mithra <zsm@chromium.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2019-03-23 08:44:29 +01:00
..
apparmor	apparmor: Make path_max parameter readonly	2018-03-22 09:23:24 +01:00
integrity	ima: fix showing large 'violations' or 'runtime_measurements_count'	2018-11-21 09:27:35 +01:00
keys	KEYS: restrict /proc/keys by credentials at open time	2019-03-23 08:44:29 +01:00
selinux	selinux: fix GPF on invalid policy	2019-01-26 09:42:51 +01:00
smack	smack: fix access permissions for keyring	2019-02-20 10:13:07 +01:00
tomoyo	mm: replace get_user_pages() write/force parameters with gup_flags	2018-12-17 21:55:16 +01:00
yama	Yama: Check for pid death before checking ancestry	2019-01-26 09:42:50 +01:00
commoncap.c
device_cgroup.c
inode.c
Kconfig	KPTI: Rename to PAGE_TABLE_ISOLATION	2018-01-05 15:44:26 +01:00
lsm_audit.c
Makefile
min_addr.c
security.c	LSM: Check for NULL cred-security on free	2019-01-26 09:42:50 +01:00