main/linux-virt-grsec: upgrade to 3.10.44

author: Natanael Copa <ncopa@alpinelinux.org> 2014-06-25 13:32:56 +0000
committer: Natanael Copa <ncopa@alpinelinux.org> 2014-06-25 13:32:56 +0000
commit: dc708dfe6724712912939aab4e1c5437fcb8fd91 (patch)
tree: 613c394fdd95b8a8f7db94038a19bc719326de3a
parent: a8f96819323eb839b46cbf0395c6d36d760cb4cd (diff)
download: aports-dc708dfe6724712912939aab4e1c5437fcb8fd91.tar.bz2
aports-dc708dfe6724712912939aab4e1c5437fcb8fd91.tar.xz
2 files changed, 77 insertions, 73 deletions
diff --git a/main/linux-virt-grsec/APKBUILD b/main/linux-virt-grsec/APKBUILD
index 9cadce32d7..879c5f4528 100644
--- a/main/linux-virt-grsec/APKBUILD
+++ b/main/linux-virt-grsec/APKBUILD
@@ -3,7 +3,7 @@
 
 _flavor=virt-grsec
 pkgname=linux-${_flavor}
-pkgver=3.10.43
+pkgver=3.10.44
 case $pkgver in
 *.*.*)	_kernver=${pkgver%.*};;
 *.*)	_kernver=${pkgver};;
@@ -154,8 +154,8 @@ dev() {
 }
 
 md5sums="4f25cd5bec5f8d5a7d935b3f2ccb8481  linux-3.10.tar.xz
-3395365459b5a907a0425f260bc60e10  patch-3.10.43.xz
-157ad1fb61302669afff96bdff14eebb  grsecurity-2.9.1-3.10.43-unofficial.patch
+775e8b7a3d0890bff5952eb9e7c42cd8  patch-3.10.44.xz
+f1e906ad953a274e1d4cab130310cd0d  grsecurity-2.9.1-3.10.44-unofficial.patch
 a16f11b12381efb3bec79b9bfb329836  0001-net-inform-NETDEV_CHANGE-callbacks-which-flags-were-.patch
 656ae7b10dd2f18dbfa1011041d08d60  0002-arp-flush-arp-cache-on-IFF_NOARP-change.patch
 aa454ffb96428586447775c21449e284  0003-ipv4-properly-refresh-rtable-entries-on-pmtu-redirec.patch
@@ -168,8 +168,8 @@ b3c0153d53e508e03d73b94d15b24a96  sysctl_lxc.patch
 539c848d541c1656851fe865018273df  kernelconfig.x86
 82cd965fc82651f2e6b35e75c17d8031  kernelconfig.x86_64"
 sha256sums="df27fa92d27a9c410bfe6c4a89f141638500d7eadcca5cce578954efc2ad3544  linux-3.10.tar.xz
-3d2f5d06ef28985f691d0aaa457d066f0d9c4e2c02acc5cfe6bdacd42180d839  patch-3.10.43.xz
-7a25c79bd80b2157a88ba176b3a837151f5eeb25b2a6a841c8ab6ecb4cf9fb3d  grsecurity-2.9.1-3.10.43-unofficial.patch
+86086660ac02cb5d6dd4ace3593e5e185fd3c04a8de4bd5cf7adb70e28be8d8b  patch-3.10.44.xz
+7cd9a1b7dae8360d90a86dc60703609612ee3c070bb1592c7fcba1fc4d58362b  grsecurity-2.9.1-3.10.44-unofficial.patch
 6af3757ac36a6cd3cda7b0a71b08143726383b19261294a569ad7f4042c72df3  0001-net-inform-NETDEV_CHANGE-callbacks-which-flags-were-.patch
 dc8e82108615657f1fb9d641efd42255a5761c06edde1b00a41ae0d314d548f0  0002-arp-flush-arp-cache-on-IFF_NOARP-change.patch
 0985caa0f3ee8ed0959aeaa4214f5f8057ae8e61d50dcae39194912d31e14892  0003-ipv4-properly-refresh-rtable-entries-on-pmtu-redirec.patch
@@ -182,8 +182,8 @@ fc613ac466610b866b721c41836fd5bfb2d4b75bceb67972dc6369d7f62ff47e  0006-ipv4-use-
 997d4c8a5a2b911047d26fe1bf8ee8d5cd3b7133e6abdc07b7deacd0b3eb2330  kernelconfig.x86
 7845194551137fbc3b69a75249696bc843bb7fe7f4a4e6b0582c0ca0856caa64  kernelconfig.x86_64"
 sha512sums="5fb109fcbd59bf3dffc911b853894f0a84afa75151368f783a1252c5ff60c7a1504de216c0012be446df983e2dea400ad8eeed3ce04f24dc61d0ef76c174dc35  linux-3.10.tar.xz
-e4449c1bb88fcd92aec56882ba21fed2da40b9512996a50916123043507e3223aed0586bc43f15b1c73af9d1e18183637136d2e26a0d60bafb4ead1786d8f0d9  patch-3.10.43.xz
-0b5b5368b4dcf64502700c6b96af35694b0cfa86688dd944ad43edfe9630717a176f0b60b3b2e9b04ad6b5cc062363f7a36e55ccd92831194539e45fdb848017  grsecurity-2.9.1-3.10.43-unofficial.patch
+0ff596c562c76be03cdac321307294925b2978e9f991e133bab54386cee8a9a2069300d3eec3a1512ed621e0acdaf89769e3f24c21e3954785a5655d425c9107  patch-3.10.44.xz
+d0c65b05b4c6f846b5347e64a5eff857427b25aa5e17ec7c74659573fc547dbcf2a2b9868a0183b8b317a8d20bd443fbe3b4f8e9dba67b402c2f0dd161cbaefe  grsecurity-2.9.1-3.10.44-unofficial.patch
 81e78593288e8b0fd2c03ea9fc1450323887707f087e911f172450a122bc9b591ee83394836789730d951aeec13d0b75a64e1c05f04364abf8f80d883ddc4a02  0001-net-inform-NETDEV_CHANGE-callbacks-which-flags-were-.patch
 51ecb15b669f6a82940a13a38939116e003bf5dfd24496771c8279e907b72adcc63d607f0340a2940d757e12ddadb7d45c7af78ae311d284935a6296dbcac00c  0002-arp-flush-arp-cache-on-IFF_NOARP-change.patch
 57d0a8bd35d19cf657ded58efe24517d2252aec6984040713ba173a34edb5887ececaa2985076bc6a149eaa57639fd98a042c1c2d226ed4ad8dd5ed0e230717e  0003-ipv4-properly-refresh-rtable-entries-on-pmtu-redirec.patch
diff --git a/main/linux-virt-grsec/grsecurity-2.9.1-3.10.43-unofficial.patch b/main/linux-virt-grsec/grsecurity-2.9.1-3.10.44-unofficial.patch
index dadf7b7bb4..39c0e4ec66 100644
--- a/main/linux-virt-grsec/grsecurity-2.9.1-3.10.43-unofficial.patch
+++ b/main/linux-virt-grsec/grsecurity-2.9.1-3.10.44-unofficial.patch
@@ -281,7 +281,7 @@ index 1311a48..f233324 100644
  
  	pcd.		[PARIDE]
 diff --git a/Makefile b/Makefile
-index 9cf5138..b85cc95 100644
+index e55476c..36e2242 100644
 --- a/Makefile
 +++ b/Makefile
 @@ -241,8 +241,9 @@ CONFIG_SHELL := $(shell if [ -x "$$BASH" ]; then echo $$BASH; \
@@ -43535,7 +43535,7 @@ index 0b74189..818358f 100644
 +} __do_const;
  #endif /* _DW_MMC_H_ */
 diff --git a/drivers/mmc/host/sdhci-s3c.c b/drivers/mmc/host/sdhci-s3c.c
-index c6f6246..60760a8 100644
+index c6f6246a4..60760a8 100644
 --- a/drivers/mmc/host/sdhci-s3c.c
 +++ b/drivers/mmc/host/sdhci-s3c.c
 @@ -664,9 +664,11 @@ static int sdhci_s3c_probe(struct platform_device *pdev)
@@ -52578,7 +52578,7 @@ index ebd06fd..41c850d 100644
  	kiocb->ki_nbytes = ret;
  	return 0;
 diff --git a/fs/attr.c b/fs/attr.c
-index 8dd5825..a90e189 100644
+index 66fa625..aeb65ff 100644
 --- a/fs/attr.c
 +++ b/fs/attr.c
 @@ -102,6 +102,7 @@ int inode_newsize_ok(const struct inode *inode, loff_t offset)
@@ -57733,7 +57733,7 @@ index 4e5f332..3cb6350 100644
  static int can_do_hugetlb_shm(void)
  {
 diff --git a/fs/inode.c b/fs/inode.c
-index 00d5fc3..98ce7d7 100644
+index 1b300a0..105e7c4 100644
 --- a/fs/inode.c
 +++ b/fs/inode.c
 @@ -878,8 +878,8 @@ unsigned int get_next_ino(void)
@@ -57873,10 +57873,10 @@ index 0274c95..3b9f6e5 100644
  
  	lock_flocks();
 diff --git a/fs/namei.c b/fs/namei.c
-index 1211ee5..0e8539c 100644
+index 6ac16a3..de9c550 100644
 --- a/fs/namei.c
 +++ b/fs/namei.c
-@@ -319,16 +319,32 @@ int generic_permission(struct inode *inode, int mask)
+@@ -319,17 +319,34 @@ int generic_permission(struct inode *inode, int mask)
  	if (ret != -EACCES)
  		return ret;
  
@@ -57888,14 +57888,16 @@ index 1211ee5..0e8539c 100644
 +
  	if (S_ISDIR(inode->i_mode)) {
  		/* DACs are overridable for directories */
--		if (inode_capable(inode, CAP_DAC_OVERRIDE))
+-		if (capable_wrt_inode_uidgid(inode, CAP_DAC_OVERRIDE))
 -			return 0;
  		if (!(mask & MAY_WRITE))
--			if (inode_capable(inode, CAP_DAC_READ_SEARCH))
-+			if (inode_capable_nolog(inode, CAP_DAC_OVERRIDE) ||
-+			    inode_capable(inode, CAP_DAC_READ_SEARCH))
+-			if (capable_wrt_inode_uidgid(inode,
++			if (capable_wrt_inode_uidgid_nolog(inode,
++				CAP_DAC_OVERRIDE) ||
++			    capable_wrt_inode_uidgid(inode,
+ 						     CAP_DAC_READ_SEARCH))
  				return 0;
-+		if (inode_capable(inode, CAP_DAC_OVERRIDE))
++		if (capable_wrt_inode_uidgid(inode, CAP_DAC_OVERRIDE))
 +			return 0;
  		return -EACCES;
  	}
@@ -57904,16 +57906,16 @@ index 1211ee5..0e8539c 100644
 +	 */
 +	mask &= MAY_READ | MAY_WRITE | MAY_EXEC;
 +	if (mask == MAY_READ)
-+		if (inode_capable_nolog(inode, CAP_DAC_OVERRIDE) ||
-+		    inode_capable(inode, CAP_DAC_READ_SEARCH))
++		if (capable_wrt_inode_uidgid_nolog(inode, CAP_DAC_OVERRIDE) ||
++		    capable_wrt_inode_uidgid(inode, CAP_DAC_READ_SEARCH))
 +			return 0;
 +
 +	/*
  	 * Read/write DACs are always overridable.
  	 * Executable DACs are overridable when there is
  	 * at least one exec bit set.
-@@ -337,14 +353,6 @@ int generic_permission(struct inode *inode, int mask)
- 		if (inode_capable(inode, CAP_DAC_OVERRIDE))
+@@ -338,14 +355,6 @@ int generic_permission(struct inode *inode, int mask)
+ 		if (capable_wrt_inode_uidgid(inode, CAP_DAC_OVERRIDE))
  			return 0;
  
 -	/*
@@ -57921,13 +57923,13 @@ index 1211ee5..0e8539c 100644
 -	 */
 -	mask &= MAY_READ | MAY_WRITE | MAY_EXEC;
 -	if (mask == MAY_READ)
--		if (inode_capable(inode, CAP_DAC_READ_SEARCH))
+-		if (capable_wrt_inode_uidgid(inode, CAP_DAC_READ_SEARCH))
 -			return 0;
 -
  	return -EACCES;
  }
  
-@@ -820,7 +828,7 @@ follow_link(struct path *link, struct nameidata *nd, void **p)
+@@ -821,7 +830,7 @@ follow_link(struct path *link, struct nameidata *nd, void **p)
  {
  	struct dentry *dentry = link->dentry;
  	int error;
@@ -57936,7 +57938,7 @@ index 1211ee5..0e8539c 100644
  
  	BUG_ON(nd->flags & LOOKUP_RCU);
  
-@@ -841,6 +849,12 @@ follow_link(struct path *link, struct nameidata *nd, void **p)
+@@ -842,6 +851,12 @@ follow_link(struct path *link, struct nameidata *nd, void **p)
  	if (error)
  		goto out_put_nd_path;
  
@@ -57949,7 +57951,7 @@ index 1211ee5..0e8539c 100644
  	nd->last_type = LAST_BIND;
  	*p = dentry->d_inode->i_op->follow_link(dentry, nd);
  	error = PTR_ERR(*p);
-@@ -1588,6 +1602,8 @@ static inline int nested_symlink(struct path *path, struct nameidata *nd)
+@@ -1589,6 +1604,8 @@ static inline int nested_symlink(struct path *path, struct nameidata *nd)
  		if (res)
  			break;
  		res = walk_component(nd, path, LOOKUP_FOLLOW);
@@ -57958,7 +57960,7 @@ index 1211ee5..0e8539c 100644
  		put_link(nd, &link, cookie);
  	} while (res > 0);
  
-@@ -1686,7 +1702,7 @@ EXPORT_SYMBOL(full_name_hash);
+@@ -1687,7 +1704,7 @@ EXPORT_SYMBOL(full_name_hash);
  static inline unsigned long hash_name(const char *name, unsigned int *hashp)
  {
  	unsigned long a, b, adata, bdata, mask, hash, len;
@@ -57967,7 +57969,7 @@ index 1211ee5..0e8539c 100644
  
  	hash = a = 0;
  	len = -sizeof(unsigned long);
-@@ -1968,6 +1984,8 @@ static int path_lookupat(int dfd, const char *name,
+@@ -1969,6 +1986,8 @@ static int path_lookupat(int dfd, const char *name,
  			if (err)
  				break;
  			err = lookup_last(nd, &path);
@@ -57976,7 +57978,7 @@ index 1211ee5..0e8539c 100644
  			put_link(nd, &link, cookie);
  		}
  	}
-@@ -1975,6 +1993,13 @@ static int path_lookupat(int dfd, const char *name,
+@@ -1976,6 +1995,13 @@ static int path_lookupat(int dfd, const char *name,
  	if (!err)
  		err = complete_walk(nd);
  
@@ -57990,7 +57992,7 @@ index 1211ee5..0e8539c 100644
  	if (!err && nd->flags & LOOKUP_DIRECTORY) {
  		if (!can_lookup(nd->inode)) {
  			path_put(&nd->path);
-@@ -2002,8 +2027,15 @@ static int filename_lookup(int dfd, struct filename *name,
+@@ -2003,8 +2029,15 @@ static int filename_lookup(int dfd, struct filename *name,
  		retval = path_lookupat(dfd, name->name,
  						flags | LOOKUP_REVAL, nd);
  
@@ -58007,7 +58009,7 @@ index 1211ee5..0e8539c 100644
  	return retval;
  }
  
-@@ -2382,6 +2414,13 @@ static int may_open(struct path *path, int acc_mode, int flag)
+@@ -2383,6 +2416,13 @@ static int may_open(struct path *path, int acc_mode, int flag)
  	if (flag & O_NOATIME && !inode_owner_or_capable(inode))
  		return -EPERM;
  
@@ -58021,7 +58023,7 @@ index 1211ee5..0e8539c 100644
  	return 0;
  }
  
-@@ -2603,7 +2642,7 @@ looked_up:
+@@ -2604,7 +2644,7 @@ looked_up:
   * cleared otherwise prior to returning.
   */
  static int lookup_open(struct nameidata *nd, struct path *path,
@@ -58030,7 +58032,7 @@ index 1211ee5..0e8539c 100644
  			const struct open_flags *op,
  			bool got_write, int *opened)
  {
-@@ -2638,6 +2677,17 @@ static int lookup_open(struct nameidata *nd, struct path *path,
+@@ -2639,6 +2679,17 @@ static int lookup_open(struct nameidata *nd, struct path *path,
  	/* Negative dentry, just create the file */
  	if (!dentry->d_inode && (op->open_flag & O_CREAT)) {
  		umode_t mode = op->mode;
@@ -58048,7 +58050,7 @@ index 1211ee5..0e8539c 100644
  		if (!IS_POSIXACL(dir->d_inode))
  			mode &= ~current_umask();
  		/*
-@@ -2659,6 +2709,8 @@ static int lookup_open(struct nameidata *nd, struct path *path,
+@@ -2660,6 +2711,8 @@ static int lookup_open(struct nameidata *nd, struct path *path,
  				   nd->flags & LOOKUP_EXCL);
  		if (error)
  			goto out_dput;
@@ -58057,7 +58059,7 @@ index 1211ee5..0e8539c 100644
  	}
  out_no_open:
  	path->dentry = dentry;
-@@ -2673,7 +2725,7 @@ out_dput:
+@@ -2674,7 +2727,7 @@ out_dput:
  /*
   * Handle the last step of open()
   */
@@ -58066,7 +58068,7 @@ index 1211ee5..0e8539c 100644
  		   struct file *file, const struct open_flags *op,
  		   int *opened, struct filename *name)
  {
-@@ -2702,16 +2754,32 @@ static int do_last(struct nameidata *nd, struct path *path,
+@@ -2703,16 +2756,32 @@ static int do_last(struct nameidata *nd, struct path *path,
  		error = complete_walk(nd);
  		if (error)
  			return error;
@@ -58099,7 +58101,7 @@ index 1211ee5..0e8539c 100644
  		audit_inode(name, dir, 0);
  		goto finish_open;
  	}
-@@ -2760,7 +2828,7 @@ retry_lookup:
+@@ -2761,7 +2830,7 @@ retry_lookup:
  		 */
  	}
  	mutex_lock(&dir->d_inode->i_mutex);
@@ -58108,7 +58110,7 @@ index 1211ee5..0e8539c 100644
  	mutex_unlock(&dir->d_inode->i_mutex);
  
  	if (error <= 0) {
-@@ -2784,11 +2852,28 @@ retry_lookup:
+@@ -2785,11 +2854,28 @@ retry_lookup:
  		goto finish_open_created;
  	}
  
@@ -58138,7 +58140,7 @@ index 1211ee5..0e8539c 100644
  
  	/*
  	 * If atomic_open() acquired write access it is dropped now due to
-@@ -2829,6 +2914,11 @@ finish_lookup:
+@@ -2830,6 +2916,11 @@ finish_lookup:
  			}
  		}
  		BUG_ON(inode != path->dentry->d_inode);
@@ -58150,7 +58152,7 @@ index 1211ee5..0e8539c 100644
  		return 1;
  	}
  
-@@ -2838,7 +2928,6 @@ finish_lookup:
+@@ -2839,7 +2930,6 @@ finish_lookup:
  		save_parent.dentry = nd->path.dentry;
  		save_parent.mnt = mntget(path->mnt);
  		nd->path.dentry = path->dentry;
@@ -58158,7 +58160,7 @@ index 1211ee5..0e8539c 100644
  	}
  	nd->inode = inode;
  	/* Why this, you ask?  _Now_ we might have grown LOOKUP_JUMPED... */
-@@ -2847,6 +2936,16 @@ finish_lookup:
+@@ -2848,6 +2938,16 @@ finish_lookup:
  		path_put(&save_parent);
  		return error;
  	}
@@ -58175,7 +58177,7 @@ index 1211ee5..0e8539c 100644
  	error = -EISDIR;
  	if ((open_flag & O_CREAT) && S_ISDIR(nd->inode->i_mode))
  		goto out;
-@@ -2945,7 +3044,7 @@ static struct file *path_openat(int dfd, struct filename *pathname,
+@@ -2946,7 +3046,7 @@ static struct file *path_openat(int dfd, struct filename *pathname,
  	if (unlikely(error))
  		goto out;
  
@@ -58184,7 +58186,7 @@ index 1211ee5..0e8539c 100644
  	while (unlikely(error > 0)) { /* trailing symlink */
  		struct path link = path;
  		void *cookie;
-@@ -2963,7 +3062,7 @@ static struct file *path_openat(int dfd, struct filename *pathname,
+@@ -2964,7 +3064,7 @@ static struct file *path_openat(int dfd, struct filename *pathname,
  		error = follow_link(&link, nd, &cookie);
  		if (unlikely(error))
  			break;
@@ -58193,7 +58195,7 @@ index 1211ee5..0e8539c 100644
  		put_link(nd, &link, cookie);
  	}
  out:
-@@ -3063,8 +3162,12 @@ struct dentry *kern_path_create(int dfd, const char *pathname,
+@@ -3064,8 +3164,12 @@ struct dentry *kern_path_create(int dfd, const char *pathname,
  		goto unlock;
  
  	error = -EEXIST;
@@ -58207,7 +58209,7 @@ index 1211ee5..0e8539c 100644
  	/*
  	 * Special case - lookup gave negative, but... we had foo/bar/
  	 * From the vfs_mknod() POV we just have a negative dentry -
-@@ -3116,6 +3219,20 @@ struct dentry *user_path_create(int dfd, const char __user *pathname,
+@@ -3117,6 +3221,20 @@ struct dentry *user_path_create(int dfd, const char __user *pathname,
  }
  EXPORT_SYMBOL(user_path_create);
  
@@ -58228,7 +58230,7 @@ index 1211ee5..0e8539c 100644
  int vfs_mknod(struct inode *dir, struct dentry *dentry, umode_t mode, dev_t dev)
  {
  	int error = may_create(dir, dentry);
-@@ -3178,6 +3295,17 @@ retry:
+@@ -3179,6 +3297,17 @@ retry:
  
  	if (!IS_POSIXACL(path.dentry->d_inode))
  		mode &= ~current_umask();
@@ -58246,7 +58248,7 @@ index 1211ee5..0e8539c 100644
  	error = security_path_mknod(&path, dentry, mode, dev);
  	if (error)
  		goto out;
-@@ -3194,6 +3322,8 @@ retry:
+@@ -3195,6 +3324,8 @@ retry:
  			break;
  	}
  out:
@@ -58255,7 +58257,7 @@ index 1211ee5..0e8539c 100644
  	done_path_create(&path, dentry);
  	if (retry_estale(error, lookup_flags)) {
  		lookup_flags |= LOOKUP_REVAL;
-@@ -3246,9 +3376,16 @@ retry:
+@@ -3247,9 +3378,16 @@ retry:
  
  	if (!IS_POSIXACL(path.dentry->d_inode))
  		mode &= ~current_umask();
@@ -58272,7 +58274,7 @@ index 1211ee5..0e8539c 100644
  	done_path_create(&path, dentry);
  	if (retry_estale(error, lookup_flags)) {
  		lookup_flags |= LOOKUP_REVAL;
-@@ -3329,6 +3466,8 @@ static long do_rmdir(int dfd, const char __user *pathname)
+@@ -3330,6 +3468,8 @@ static long do_rmdir(int dfd, const char __user *pathname)
  	struct filename *name;
  	struct dentry *dentry;
  	struct nameidata nd;
@@ -58281,7 +58283,7 @@ index 1211ee5..0e8539c 100644
  	unsigned int lookup_flags = 0;
  retry:
  	name = user_path_parent(dfd, pathname, &nd, lookup_flags);
-@@ -3361,10 +3500,21 @@ retry:
+@@ -3362,10 +3502,21 @@ retry:
  		error = -ENOENT;
  		goto exit3;
  	}
@@ -58303,7 +58305,7 @@ index 1211ee5..0e8539c 100644
  exit3:
  	dput(dentry);
  exit2:
-@@ -3430,6 +3580,8 @@ static long do_unlinkat(int dfd, const char __user *pathname)
+@@ -3431,6 +3582,8 @@ static long do_unlinkat(int dfd, const char __user *pathname)
  	struct dentry *dentry;
  	struct nameidata nd;
  	struct inode *inode = NULL;
@@ -58312,7 +58314,7 @@ index 1211ee5..0e8539c 100644
  	unsigned int lookup_flags = 0;
  retry:
  	name = user_path_parent(dfd, pathname, &nd, lookup_flags);
-@@ -3456,10 +3608,22 @@ retry:
+@@ -3457,10 +3610,22 @@ retry:
  		if (!inode)
  			goto slashes;
  		ihold(inode);
@@ -58335,7 +58337,7 @@ index 1211ee5..0e8539c 100644
  exit2:
  		dput(dentry);
  	}
-@@ -3537,9 +3701,17 @@ retry:
+@@ -3538,9 +3703,17 @@ retry:
  	if (IS_ERR(dentry))
  		goto out_putname;
  
@@ -58353,7 +58355,7 @@ index 1211ee5..0e8539c 100644
  	done_path_create(&path, dentry);
  	if (retry_estale(error, lookup_flags)) {
  		lookup_flags |= LOOKUP_REVAL;
-@@ -3613,6 +3785,7 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname,
+@@ -3614,6 +3787,7 @@ SYSCALL_DEFINE5(linkat, int, olddfd, const char __user *, oldname,
  {
  	struct dentry *new_dentry;
  	struct path old_path, new_path;
@@ -58361,7 +58363,7 @@ index 1211ee5..0e8539c 100644
  	int how = 0;
  	int error;
  
-@@ -3636,7 +3809,7 @@ retry:
+@@ -3637,7 +3811,7 @@ retry:
  	if (error)
  		return error;
  
@@ -58370,7 +58372,7 @@ index 1211ee5..0e8539c 100644
  					(how & LOOKUP_REVAL));
  	error = PTR_ERR(new_dentry);
  	if (IS_ERR(new_dentry))
-@@ -3648,11 +3821,28 @@ retry:
+@@ -3649,11 +3823,28 @@ retry:
  	error = may_linkat(&old_path);
  	if (unlikely(error))
  		goto out_dput;
@@ -58399,7 +58401,7 @@ index 1211ee5..0e8539c 100644
  	done_path_create(&new_path, new_dentry);
  	if (retry_estale(error, how)) {
  		path_put(&old_path);
-@@ -3899,12 +4089,21 @@ retry:
+@@ -3900,12 +4091,21 @@ retry:
  	if (new_dentry == trap)
  		goto exit5;
  
@@ -58421,7 +58423,7 @@ index 1211ee5..0e8539c 100644
  exit5:
  	dput(new_dentry);
  exit4:
-@@ -3936,6 +4135,8 @@ SYSCALL_DEFINE2(rename, const char __user *, oldname, const char __user *, newna
+@@ -3937,6 +4137,8 @@ SYSCALL_DEFINE2(rename, const char __user *, oldname, const char __user *, newna
  
  int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const char *link)
  {
@@ -58430,7 +58432,7 @@ index 1211ee5..0e8539c 100644
  	int len;
  
  	len = PTR_ERR(link);
-@@ -3945,7 +4146,14 @@ int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const c
+@@ -3946,7 +4148,14 @@ int vfs_readlink(struct dentry *dentry, char __user *buffer, int buflen, const c
  	len = strlen(link);
  	if (len > (unsigned) buflen)
  		len = buflen;
@@ -73103,16 +73105,16 @@ index 4c57065..4307975 100644
  #define ____cacheline_aligned __attribute__((__aligned__(SMP_CACHE_BYTES)))
  #endif
 diff --git a/include/linux/capability.h b/include/linux/capability.h
-index d9a4f7f4..19f77d6 100644
+index 15f9092..d52b825 100644
 --- a/include/linux/capability.h
 +++ b/include/linux/capability.h
 @@ -213,8 +213,13 @@ extern bool ns_capable(struct user_namespace *ns, int cap);
  extern bool nsown_capable(int cap);
- extern bool inode_capable(const struct inode *inode, int cap);
+ extern bool capable_wrt_inode_uidgid(const struct inode *inode, int cap);
  extern bool file_ns_capable(const struct file *file, struct user_namespace *ns, int cap);
 +extern bool capable_nolog(int cap);
 +extern bool ns_capable_nolog(struct user_namespace *ns, int cap);
-+extern bool inode_capable_nolog(const struct inode *inode, int cap);
++extern bool capable_wrt_inode_uidgid_nolog(const struct inode *inode, int cap);
  
  /* audit system wants to get cap info from files as well */
  extern int get_vfs_caps_from_disk(const struct dentry *dentry, struct cpu_vfs_cap_data *cpu_caps);
@@ -78594,7 +78596,7 @@ index 37a3bbd..55a4241 100644
  extern int llc_sap_action_unitdata_ind(struct llc_sap *sap,
  				       struct sk_buff *skb);
 diff --git a/include/net/llc_s_st.h b/include/net/llc_s_st.h
-index 567c681..cd73ac0 100644
+index 567c681..cd73ac02 100644
 --- a/include/net/llc_s_st.h
 +++ b/include/net/llc_s_st.h
 @@ -20,7 +20,7 @@ struct llc_sap_state_trans {
@@ -80281,10 +80283,10 @@ index 6bd4a90..0ee9eff 100644
  			f->val = 0;
  		}
 diff --git a/kernel/auditsc.c b/kernel/auditsc.c
-index 9845cb3..3ec9369 100644
+index 03a3af8..7139042 100644
 --- a/kernel/auditsc.c
 +++ b/kernel/auditsc.c
-@@ -1962,7 +1962,7 @@ int auditsc_get_stamp(struct audit_context *ctx,
+@@ -1971,7 +1971,7 @@ int auditsc_get_stamp(struct audit_context *ctx,
  }
  
  /* global counter which is incremented every time something logs in */
@@ -80293,7 +80295,7 @@ index 9845cb3..3ec9369 100644
  
  /**
   * audit_set_loginuid - set current task's audit_context loginuid
-@@ -1986,7 +1986,7 @@ int audit_set_loginuid(kuid_t loginuid)
+@@ -1995,7 +1995,7 @@ int audit_set_loginuid(kuid_t loginuid)
  		return -EPERM;
  #endif  /* CONFIG_AUDIT_LOGINUID_IMMUTABLE */
  
@@ -80303,7 +80305,7 @@ index 9845cb3..3ec9369 100644
  		struct audit_buffer *ab;
  
 diff --git a/kernel/capability.c b/kernel/capability.c
-index f6c2ce5..982c0f9 100644
+index d52eecc..b59d93d 100644
 --- a/kernel/capability.c
 +++ b/kernel/capability.c
 @@ -202,6 +202,9 @@ SYSCALL_DEFINE2(capget, cap_user_header_t, header, cap_user_data_t, dataptr)
@@ -80387,17 +80389,19 @@ index f6c2ce5..982c0f9 100644
  /**
   * nsown_capable - Check superior capability to one's own user_ns
   * @cap: The capability in question
-@@ -464,3 +489,10 @@ bool inode_capable(const struct inode *inode, int cap)
- 
- 	return ns_capable(ns, cap) && kuid_has_mapping(ns, inode->i_uid);
+@@ -460,3 +485,12 @@ bool capable_wrt_inode_uidgid(const struct inode *inode, int cap)
+ 	return ns_capable(ns, cap) && kuid_has_mapping(ns, inode->i_uid) &&
+ 		kgid_has_mapping(ns, inode->i_gid);
  }
 +
-+bool inode_capable_nolog(const struct inode *inode, int cap)
++bool capable_wrt_inode_uidgid_nolog(const struct inode *inode, int cap)
 +{
 +	struct user_namespace *ns = current_user_ns();
 +
-+	return ns_capable_nolog(ns, cap) && kuid_has_mapping(ns, inode->i_uid);
++	return ns_capable_nolog(ns, cap) && kuid_has_mapping(ns, inode->i_uid) &&
++		kgid_has_mapping(ns, inode->i_gid);
 +}
++EXPORT_SYMBOL(capable_wrt_inode_uidgid_nolog);
 diff --git a/kernel/cgroup.c b/kernel/cgroup.c
 index d0def7f..ff3a63e 100644
 --- a/kernel/cgroup.c
@@ -111698,7 +111702,7 @@ index b0f164b..63c9f7d 100644
  endif
  
 diff --git a/tools/perf/util/include/asm/alternative-asm.h b/tools/perf/util/include/asm/alternative-asm.h
-index 6789d78..4afd019e 100644
+index 6789d788..4afd019e 100644
 --- a/tools/perf/util/include/asm/alternative-asm.h
 +++ b/tools/perf/util/include/asm/alternative-asm.h
 @@ -5,4 +5,7 @@
author	Natanael Copa <ncopa@alpinelinux.org>	2014-06-25 13:32:56 +0000
committer	Natanael Copa <ncopa@alpinelinux.org>	2014-06-25 13:32:56 +0000
commit	dc708dfe6724712912939aab4e1c5437fcb8fd91 (patch)
tree	613c394fdd95b8a8f7db94038a19bc719326de3a
parent	a8f96819323eb839b46cbf0395c6d36d760cb4cd (diff)
download	aports-dc708dfe6724712912939aab4e1c5437fcb8fd91.tar.bz2 aports-dc708dfe6724712912939aab4e1c5437fcb8fd91.tar.xz