Merge tag 'regmap-3.4' into regmap-stride

regmap: Last minute bug fix for 3.4 This is a last minute bug fix that was only just noticed since the code path that's being exercised here is one that is fairly rarely used. The changelog for the change itself is extremely clear and the code itself is obvious to inspection so should be pretty safe. Conflicts: drivers/base/regmap/regmap.c (overlap between the fix and stride code)
author: Mark Brown <broonie@opensource.wolfsonmicro.com> 2012-05-12 13:06:08 +0100
committer: Mark Brown <broonie@opensource.wolfsonmicro.com> 2012-05-12 13:06:08 +0100
commit: 25061d285747f20aafa4b50df1b0b5665fef29cd (patch)
tree: c302ac93e3476788a4671ee556a902fce2592f3a /security/commoncap.c
parent: 7a6476143270d947924f5bbbc124accb0e558bf4 (diff)
parent: 6560ffd1ccd688152393dc7c35dbdcc33140633b (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/security/commoncap.c b/security/commoncap.c
index 0cf4b53480a..71a166a0597 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -29,6 +29,7 @@
 #include <linux/securebits.h>
 #include <linux/user_namespace.h>
 #include <linux/binfmts.h>
+#include <linux/personality.h>
 
 /*
  * If a non-root user executes a setuid-root binary in
@@ -505,6 +506,11 @@ int cap_bprm_set_creds(struct linux_binprm *bprm)
 	}
 skip:
 
+	/* if we have fs caps, clear dangerous personality flags */
+	if (!cap_issubset(new->cap_permitted, old->cap_permitted))
+		bprm->per_clear |= PER_CLEAR_ON_SETID;
+
+
 	/* Don't let someone trace a set[ug]id/setpcap binary with the revised
 	 * credentials unless they have the appropriate permit
 	 */
author	Mark Brown <broonie@opensource.wolfsonmicro.com>	2012-05-12 13:06:08 +0100
committer	Mark Brown <broonie@opensource.wolfsonmicro.com>	2012-05-12 13:06:08 +0100
commit	25061d285747f20aafa4b50df1b0b5665fef29cd (patch)
tree	c302ac93e3476788a4671ee556a902fce2592f3a /security/commoncap.c
parent	7a6476143270d947924f5bbbc124accb0e558bf4 (diff)
parent	6560ffd1ccd688152393dc7c35dbdcc33140633b (diff)