diff options
| author |   James Morris <james.l.morris@oracle.com> | 2014-07-19 17:40:49 +1000 |
|---|---|---|
| committer | James Morris <james.l.morris@oracle.com> | 2014-07-19 17:40:49 +1000 |
| commit | fd33c43677a7965624b46352a686a7c1e72ae4aa (patch) | |
| tree | 10c2b8bfa4635b50d4cccd9c9453a9020a01e1a9 /fs | |
| parent | Merge branch 'next' of git://git.infradead.org/users/pcmoore/selinux into next (diff) | |
| parent | seccomp: implement SECCOMP_FILTER_FLAG_TSYNC (diff) | |
| download | linux-dev-fd33c43677a7965624b46352a686a7c1e72ae4aa.tar.xz linux-dev-fd33c43677a7965624b46352a686a7c1e72ae4aa.zip | |
Merge tag 'seccomp-3.17' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux into next
Diffstat (limited to 'fs')
| -rw-r--r-- | fs/exec.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/fs/exec.c b/fs/exec.c index a3d33fe592d6..ab1f1200ce5d 100644 --- a/fs/exec.c +++ b/fs/exec.c @@ -1216,7 +1216,7 @@ EXPORT_SYMBOL(install_exec_creds); /* * determine how safe it is to execute the proposed program * - the caller must hold ->cred_guard_mutex to protect against - * PTRACE_ATTACH + * PTRACE_ATTACH or seccomp thread-sync */ static void check_unsafe_exec(struct linux_binprm *bprm) { @@ -1234,7 +1234,7 @@ static void check_unsafe_exec(struct linux_binprm *bprm) * This isn't strictly necessary, but it makes it harder for LSMs to * mess up. */ - if (current->no_new_privs) + if (task_no_new_privs(current)) bprm->unsafe |= LSM_UNSAFE_NO_NEW_PRIVS; t = p; @@ -1272,7 +1272,7 @@ int prepare_binprm(struct linux_binprm *bprm) bprm->cred->egid = current_egid(); if (!(bprm->file->f_path.mnt->mnt_flags & MNT_NOSUID) && - !current->no_new_privs && + !task_no_new_privs(current) && kuid_has_mapping(bprm->cred->user_ns, inode->i_uid) && kgid_has_mapping(bprm->cred->user_ns, inode->i_gid)) { /* Set-uid? */ |