]> git.ipfire.org Git - thirdparty/kernel/stable-queue.git/commitdiff
projects / thirdparty / kernel / stable-queue.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d220f12)
5.10-stable patches
authorGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Mon, 8 Mar 2021 11:26:38 +0000 (12:26 +0100)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Mon, 8 Mar 2021 11:26:38 +0000 (12:26 +0100)
added patches:
tomoyo-recognize-kernel-threads-correctly.patch

queue-5.10/series patch | blob | blame | history
queue-5.10/tomoyo-recognize-kernel-threads-correctly.patch [new file with mode: 0644] patch | blob

diff --git a/queue-5.10/series b/queue-5.10/series
index 01659cc9ea4392bb9ab381ece360237ee8aab259..f14d9e86a07c0187fd0d08d944760eb90c223af8 100644 (file)
--- a/queue-5.10/series
+++ b/queue-5.10/series
@@ -38,3 +38,4 @@ rsxx-return-efault-if-copy_to_user-fails.patch
 iommu-vt-d-fix-status-code-for-allocate-free-pasid-c.patch
 revert-arm64-dts-amlogic-add-missing-ethernet-reset-id.patch
 of-unittest-fix-build-on-architectures-without-config_of_address.patch
+tomoyo-recognize-kernel-threads-correctly.patch
diff --git a/queue-5.10/tomoyo-recognize-kernel-threads-correctly.patch b/queue-5.10/tomoyo-recognize-kernel-threads-correctly.patch
new file mode 100644 (file)
index 0000000..975c894
--- /dev/null
+++ b/queue-5.10/tomoyo-recognize-kernel-threads-correctly.patch
@@ -0,0 +1,34 @@
+From 9c83465f3245c2faa82ffeb7016f40f02bfaa0ad Mon Sep 17 00:00:00 2001
+From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
+Date: Mon, 1 Feb 2021 11:53:05 +0900
+Subject: tomoyo: recognize kernel threads correctly
+
+From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
+
+commit 9c83465f3245c2faa82ffeb7016f40f02bfaa0ad upstream.
+
+Commit db68ce10c4f0a27c ("new helper: uaccess_kernel()") replaced
+segment_eq(get_fs(), KERNEL_DS) with uaccess_kernel(). But the correct
+method for tomoyo to check whether current is a kernel thread in order
+to assume that kernel threads are privileged for socket operations was
+(current->flags & PF_KTHREAD). Now that uaccess_kernel() became 0 on x86,
+tomoyo has to fix this problem. Do like commit 942cb357ae7d9249 ("Smack:
+Handle io_uring kernel thread privileges") does.
+
+Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ security/tomoyo/network.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/security/tomoyo/network.c
++++ b/security/tomoyo/network.c
+@@ -613,7 +613,7 @@ static int tomoyo_check_unix_address(str
+ static bool tomoyo_kernel_service(void)
+ {
+       /* Nothing to do if I am a kernel service. */
+-      return uaccess_kernel();
++      return (current->flags & (PF_KTHREAD | PF_IO_WORKER)) == PF_KTHREAD;
+ }
+ /**
Mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git