From: Greg Kroah-Hartman Date: Thu, 15 Oct 2009 21:14:39 +0000 (-0700) Subject: another .31 patch X-Git-Tag: v2.6.27.38~5 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=2ef88e740ba3003a004486eabb7524e2611ef542;p=thirdparty%2Fkernel%2Fstable-queue.git another .31 patch --- diff --git a/queue-2.6.31/bsdacct-switch-credentials-for-writing-to-the-accounting-file.patch b/queue-2.6.31/bsdacct-switch-credentials-for-writing-to-the-accounting-file.patch new file mode 100644 index 00000000000..c0a2576a898 --- /dev/null +++ b/queue-2.6.31/bsdacct-switch-credentials-for-writing-to-the-accounting-file.patch @@ -0,0 +1,63 @@ +From d8e180dcd5bbbab9cd3ff2e779efcf70692ef541 Mon Sep 17 00:00:00 2001 +From: Michal Schmidt +Date: Thu, 20 Aug 2009 14:39:52 -0700 +Subject: bsdacct: switch credentials for writing to the accounting file + +From: Michal Schmidt + +commit d8e180dcd5bbbab9cd3ff2e779efcf70692ef541 upstream. + +When process accounting is enabled, every exiting process writes a log to +the account file. In addition, every once in a while one of the exiting +processes checks whether there's enough free space for the log. + +SELinux policy may or may not allow the exiting process to stat the fs. +So unsuspecting processes start generating AVC denials just because +someone enabled process accounting. + +For these filesystem operations, the exiting process's credentials should +be temporarily switched to that of the process which enabled accounting, +because it's really that process which wanted to have the accounting +information logged. + +Signed-off-by: Michal Schmidt +Acked-by: David Howells +Acked-by: Serge Hallyn +Signed-off-by: Andrew Morton +Signed-off-by: James Morris +Signed-off-by: Greg Kroah-Hartman + +--- + kernel/acct.c | 8 +++++++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +--- a/kernel/acct.c ++++ b/kernel/acct.c +@@ -491,13 +491,17 @@ static void do_acct_process(struct bsd_a + u64 run_time; + struct timespec uptime; + struct tty_struct *tty; ++ const struct cred *orig_cred; ++ ++ /* Perform file operations on behalf of whoever enabled accounting */ ++ orig_cred = override_creds(file->f_cred); + + /* + * First check to see if there is enough free_space to continue + * the process accounting system. + */ + if (!check_free_space(acct, file)) +- return; ++ goto out; + + /* + * Fill the accounting struct with the needed info as recorded +@@ -578,6 +582,8 @@ static void do_acct_process(struct bsd_a + sizeof(acct_t), &file->f_pos); + current->signal->rlim[RLIMIT_FSIZE].rlim_cur = flim; + set_fs(fs); ++out: ++ revert_creds(orig_cred); + } + + /** diff --git a/queue-2.6.31/series b/queue-2.6.31/series index 9bf1f2e4509..40a59b3371e 100644 --- a/queue-2.6.31/series +++ b/queue-2.6.31/series @@ -38,3 +38,4 @@ maintainers-fix-riku-voipio-s-address.patch macintosh-don-t-assume-i2c-device-probing-always-succeeds.patch i2c-hide-probe-errors-caused-by-acpi-resource-conflicts.patch alsa-don-t-assume-i2c-device-probing-always-succeeds.patch +bsdacct-switch-credentials-for-writing-to-the-accounting-file.patch