From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Mon, 8 Mar 2021 11:27:01 +0000 (+0100)
Subject: 5.11-stable patches
X-Git-Tag: v5.4.104~5
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=fe5b82d55fe3ca45f10c9dbe1ce63d8b2cddba69;p=thirdparty%2Fkernel%2Fstable-queue.git

5.11-stable patches

added patches:
	tomoyo-recognize-kernel-threads-correctly.patch
---

diff --git a/queue-5.11/series b/queue-5.11/series
index 5598408fd34..556015f9c69 100644
--- a/queue-5.11/series
+++ b/queue-5.11/series
@@ -40,3 +40,4 @@ iommu-tegra-smmu-fix-mc-errors-on-tegra124-nyan.patch
 iommu-don-t-use-lazy-flush-for-untrusted-device.patch
 iommu-vt-d-fix-status-code-for-allocate-free-pasid-c.patch
 btrfs-zoned-use-sector_t-for-zone-sectors.patch
+tomoyo-recognize-kernel-threads-correctly.patch
diff --git a/queue-5.11/tomoyo-recognize-kernel-threads-correctly.patch b/queue-5.11/tomoyo-recognize-kernel-threads-correctly.patch
new file mode 100644
index 00000000000..975c894ccd7
--- /dev/null
+++ b/queue-5.11/tomoyo-recognize-kernel-threads-correctly.patch
@@ -0,0 +1,34 @@
+From 9c83465f3245c2faa82ffeb7016f40f02bfaa0ad Mon Sep 17 00:00:00 2001
+From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
+Date: Mon, 1 Feb 2021 11:53:05 +0900
+Subject: tomoyo: recognize kernel threads correctly
+
+From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
+
+commit 9c83465f3245c2faa82ffeb7016f40f02bfaa0ad upstream.
+
+Commit db68ce10c4f0a27c ("new helper: uaccess_kernel()") replaced
+segment_eq(get_fs(), KERNEL_DS) with uaccess_kernel(). But the correct
+method for tomoyo to check whether current is a kernel thread in order
+to assume that kernel threads are privileged for socket operations was
+(current->flags & PF_KTHREAD). Now that uaccess_kernel() became 0 on x86,
+tomoyo has to fix this problem. Do like commit 942cb357ae7d9249 ("Smack:
+Handle io_uring kernel thread privileges") does.
+
+Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ security/tomoyo/network.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/security/tomoyo/network.c
++++ b/security/tomoyo/network.c
+@@ -613,7 +613,7 @@ static int tomoyo_check_unix_address(str
+ static bool tomoyo_kernel_service(void)
+ {
+ 	/* Nothing to do if I am a kernel service. */
+-	return uaccess_kernel();
++	return (current->flags & (PF_KTHREAD | PF_IO_WORKER)) == PF_KTHREAD;
+ }
+ 
+ /**