leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge tag 'yama-4.0' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux into next

Browse Source
This commit is contained in:
James Morris 2015-03-03 19:56:08 +11:00
commit 74f0414b2f
2 changed files with 5 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
security/yama/Kconfig
View File

@ -1,8 +1,6 @@
config SECURITY_YAMA config SECURITY_YAMA
bool "Yama support" bool "Yama support"
depends on SECURITY depends on SECURITY
select SECURITYFS
select SECURITY_PATH
default n default n
help help
This selects Yama, which extends DAC support with additional This selects Yama, which extends DAC support with additional

13
security/yama/yama_lsm.c
View File

@ -379,20 +379,17 @@ static struct security_operations yama_ops = {
static int yama_dointvec_minmax(struct ctl_table *table, int write, static int yama_dointvec_minmax(struct ctl_table *table, int write,
void __user *buffer, size_t *lenp, loff_t *ppos) void __user *buffer, size_t *lenp, loff_t *ppos)
{ {
int rc; struct ctl_table table_copy;
if (write && !capable(CAP_SYS_PTRACE)) if (write && !capable(CAP_SYS_PTRACE))
return -EPERM; return -EPERM;
rc = proc_dointvec_minmax(table, write, buffer, lenp, ppos);
if (rc)
return rc;
/* Lock the max value if it ever gets set. */ /* Lock the max value if it ever gets set. */
if (write && *(int *)table->data == *(int *)table->extra2) table_copy = *table;
table->extra1 = table->extra2; if (*(int *)table_copy.data == *(int *)table_copy.extra2)
table_copy.extra1 = table_copy.extra2;
return rc; return proc_dointvec_minmax(&table_copy, write, buffer, lenp, ppos);
} }
static int zero; static int zero;