github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-06 13:37:36 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
502c37b033
linux/kernel
History
Eric W. Biederman 1fc3444cda cgroup-v1: Require capabilities to set release_agent 
commit 24f6008564 upstream.

The cgroup release_agent is called with call_usermodehelper.  The function
call_usermodehelper starts the release_agent with a full set fo capabilities.
Therefore require capabilities when setting the release_agaent.

Reported-by: Tabitha Sable <tabitha.c.sable@gmail.com>
Tested-by: Tabitha Sable <tabitha.c.sable@gmail.com>
Fixes: 81a6a5cdd2 ("Task Control Groups: automatic userspace notification of idle cgroups")
Cc: stable@vger.kernel.org # v2.6.24+
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: Tejun Heo <tj@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-02-05 12:37:55 +01:00
..
bpf bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack() 2022-02-01 17:25:38 +01:00
cgroup cgroup-v1: Require capabilities to set release_agent 2022-02-05 12:37:55 +01:00
configs
debug
dma dma/pool: create dma atomic pool only if dma zone has managed pages 2022-01-27 10:53:44 +01:00
entry KVM: rseq: Update rseq when processing NOTIFY_RESUME on xfer to KVM guest 2021-10-06 15:55:49 +02:00
events perf: Fix perf_event_read_local() time 2022-02-01 17:25:45 +01:00
gcov
irq genirq/timings: Fix error return code in irq_timings_test_irqs() 2021-09-15 09:50:29 +02:00
kcsan
livepatch
locking kernel: delete repeated words in comments 2022-02-01 17:25:45 +01:00
power PM: wakeup: simplify the output logic of pm_show_wakelocks() 2022-02-01 17:25:39 +01:00
printk printk/console: Allow to disable console output by using console="" or console=null 2021-11-12 14:58:33 +01:00
rcu rcu: Tighten rcu_advance_cbs_nowake() checks 2022-01-29 10:26:11 +01:00
sched psi: Fix uaf issue when psi trigger is destroyed while being polled 2022-02-05 12:37:55 +01:00
time clocksource: Avoid accidental unstable marking of clocksources 2022-01-27 10:54:06 +01:00
trace tracing: Don't inc err_log entry count if entry allocation fails 2022-02-01 17:25:39 +01:00
.gitignore
acct.c
async.c
audit_fsnotify.c
audit_tree.c audit: move put_tree() to avoid trim_trees refcount underflow and UAF 2021-09-03 10:09:31 +02:00
audit_watch.c
audit.c audit: ensure userspace is penalized the same as the kernel when under pressure 2022-01-27 10:54:16 +01:00
audit.h
auditfilter.c
auditsc.c audit: fix possible null-pointer dereference in audit_filter_rules 2021-10-27 09:56:52 +02:00
backtracetest.c
bounds.c
capability.c
compat.c
configs.c
context_tracking.c
cpu_pm.c PM: cpu: Make notifier chain use a raw_spinlock_t 2021-09-15 09:50:40 +02:00
cpu.c sched/scs: Reset task stack state in bringup_cpu() 2021-12-01 09:19:08 +01:00
crash_core.c
crash_dump.c
cred.c Revert "Add a reference to ucounts for each cred" 2021-09-08 08:49:00 +02:00
delayacct.c
dma.c
exec_domain.c
exit.c
extable.c
fail_function.c
fork.c posix-cpu-timers: Clear task::posix_cputimers_work in copy_process() 2021-11-18 14:04:29 +01:00
freezer.c
futex.c
gen_kheaders.sh
groups.c
hung_task.c
iomem.c
irq_work.c
jump_label.c jump_label: Fix jump_label_text_reserved() vs __init 2021-07-20 16:05:58 +02:00
kallsyms.c
kcmp.c
Kconfig.freezer
Kconfig.hz
Kconfig.locks
Kconfig.preempt
kcov.c
kexec_core.c
kexec_elf.c
kexec_file.c
kexec_internal.h
kexec.c
kheaders.c
kmod.c
kprobes.c kprobes: Limit max data_size of the kretprobe instances 2021-12-08 09:03:20 +01:00
ksysfs.c
kthread.c kthread: Fix PF_KTHREAD vs to_kthread() race 2021-09-03 10:09:31 +02:00
latencytop.c
Makefile
module_signature.c
module_signing.c
module-internal.h
module.c
notifier.c
nsproxy.c
padata.c
panic.c
params.c
pid_namespace.c memcg: enable accounting for pids in nested pid namespaces 2021-09-18 13:40:36 +02:00
pid.c
profile.c profiling: fix shift-out-of-bounds bugs 2021-09-26 14:08:58 +02:00
ptrace.c
range.c
reboot.c
regset.c
relay.c
resource.c
rseq.c KVM: rseq: Update rseq when processing NOTIFY_RESUME on xfer to KVM guest 2021-10-06 15:55:49 +02:00
scftorture.c
scs.c
seccomp.c seccomp: Fix setting loaded filter count during TSYNC 2021-08-18 08:59:06 +02:00
signal.c signal: Remove the bogus sigkill_pending in ptrace_stop 2021-11-18 14:03:47 +01:00
smp.c
smpboot.c
smpboot.h
softirq.c
stackleak.c
stacktrace.c
static_call.c static_call: Fix unused variable warn w/o MODULE 2021-09-08 08:49:00 +02:00
stop_machine.c
sys_ni.c
sys.c prctl: allow to setup brk for et_dyn executables 2021-09-26 14:08:57 +02:00
sysctl-test.c
sysctl.c bpf: Add kconfig knob for disabling unpriv bpf by default 2022-01-05 12:40:34 +01:00
task_work.c
taskstats.c
test_kprobes.c
torture.c
tracepoint.c tracepoint: Use rcu get state and cond sync for static call updates 2021-09-03 10:09:30 +02:00
tsacct.c taskstats: Cleanup the use of task->exit_code 2022-01-27 10:54:33 +01:00
ucount.c Revert "Add a reference to ucounts for each cred" 2021-09-08 08:49:00 +02:00
uid16.c
uid16.h
umh.c
up.c
user_namespace.c Revert "Add a reference to ucounts for each cred" 2021-09-08 08:49:00 +02:00
user-return-notifier.c
user.c
usermode_driver.c
utsname_sysctl.c
utsname.c
watch_queue.c
watchdog_hld.c
watchdog.c
workqueue_internal.h
workqueue.c workqueue: Fix unbind_workers() VS wq_worker_running() race 2022-01-16 09:14:22 +01:00