From: Kevin Hilman <khilman@linaro.org>
Date: Fri, 14 Aug 2015 16:45:22 +0000 (-0700)
Subject: Merge branch 'linux-linaro-lsk-v3.10' into linux-linaro-lsk-v3.10-android
X-Git-Tag: firefly_0821_release~3680^2~2
X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=4dddf720534a9a14fa9b048e7930dcc55b1b1e40;p=firefly-linux-kernel-4.4.55.git

Merge branch 'linux-linaro-lsk-v3.10' into linux-linaro-lsk-v3.10-android

 Conflicts:
	fs/exec.c

 Resolution summary:

    Conflict between upstream/LTS commit 9eae8ac6ab40 (fs: take
    i_mutex during prepare_binprm for set[ug]id executables) and
    android commit 9d0ff694bc22 (sched: move no_new_privs into new
    atomic flags).  Resolution: move task_no_new_privs() usage into
    new function created by upstream/LTS comit.
---

4dddf720534a9a14fa9b048e7930dcc55b1b1e40
diff --cc fs/exec.c
index cb7f31c71c6b,acbd7ac2deda..54965313c231
--- a/fs/exec.c
+++ b/fs/exec.c
@@@ -1265,6 -1265,53 +1265,53 @@@ static int check_unsafe_exec(struct lin
  	return res;
  }
  
+ static void bprm_fill_uid(struct linux_binprm *bprm)
+ {
+ 	struct inode *inode;
+ 	unsigned int mode;
+ 	kuid_t uid;
+ 	kgid_t gid;
+ 
+ 	/* clear any previous set[ug]id data from a previous binary */
+ 	bprm->cred->euid = current_euid();
+ 	bprm->cred->egid = current_egid();
+ 
+ 	if (bprm->file->f_path.mnt->mnt_flags & MNT_NOSUID)
+ 		return;
+ 
 -	if (current->no_new_privs)
++	if (task_no_new_privs(current))
+ 		return;
+ 
+ 	inode = file_inode(bprm->file);
+ 	mode = ACCESS_ONCE(inode->i_mode);
+ 	if (!(mode & (S_ISUID|S_ISGID)))
+ 		return;
+ 
+ 	/* Be careful if suid/sgid is set */
+ 	mutex_lock(&inode->i_mutex);
+ 
+ 	/* reload atomically mode/uid/gid now that lock held */
+ 	mode = inode->i_mode;
+ 	uid = inode->i_uid;
+ 	gid = inode->i_gid;
+ 	mutex_unlock(&inode->i_mutex);
+ 
+ 	/* We ignore suid/sgid if there are no mappings for them in the ns */
+ 	if (!kuid_has_mapping(bprm->cred->user_ns, uid) ||
+ 		 !kgid_has_mapping(bprm->cred->user_ns, gid))
+ 		return;
+ 
+ 	if (mode & S_ISUID) {
+ 		bprm->per_clear |= PER_CLEAR_ON_SETID;
+ 		bprm->cred->euid = uid;
+ 	}
+ 
+ 	if ((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) {
+ 		bprm->per_clear |= PER_CLEAR_ON_SETID;
+ 		bprm->cred->egid = gid;
+ 	}
+ }
+ 
  /* 
   * Fill the binprm structure from the inode. 
   * Check permissions, then read the first 128 (BINPRM_BUF_SIZE) bytes