From 52f993b8e89487ec9ee15a7fb4979e0f09a45b27 Mon Sep 17 00:00:00 2001 From: Yunhong Jiang Date: Wed, 8 Mar 2017 23:13:28 -0800 Subject: Upgrade to 4.4.50-rt62 The current kernel is based on rt kernel v4.4.6-rt14. We will upgrade it to 4.4.50-rt62. The command to achieve it is: a) Clone a git repo from git://git.kernel.org/pub/scm/linux/kernel/git/rt/linux-stable-rt.git b) Get the diff between this two changesets: git diff 640eca2901f3435e616157b11379d3223a44b391 705619beeea1b0b48219a683fd1a901a86fdaf5e where the two commits are: [yjiang5@jnakajim-build linux-stable-rt]$ git show --oneline --name-only 640eca2901f3435e616157b11379d3223a44b391 640eca2901f3 v4.4.6-rt14 localversion-rt [yjiang5@jnakajim-build linux-stable-rt]$ git show --oneline --name-only 705619beeea1b0b48219a683fd1a901a86fdaf5e 705619beeea1 Linux 4.4.50-rt62 localversion-rt c) One patch has been backported thus revert the patch before applying. filterdiff -p1 -x scripts/package/Makefile ~/tmp/v4.4.6-rt14-4.4.50-rt62.diff |patch -p1 --dry-run Upstream status: backport Change-Id: I244d57a32f6066e5a5b9915f9fbf99e7bbca6e01 Signed-off-by: Yunhong Jiang --- kernel/security/apparmor/apparmorfs.c | 1 + kernel/security/apparmor/domain.c | 6 ++++-- kernel/security/integrity/ima/ima_api.c | 2 +- kernel/security/integrity/ima/ima_appraise.c | 4 ++-- kernel/security/keys/key.c | 2 +- kernel/security/keys/proc.c | 2 +- kernel/security/selinux/hooks.c | 2 +- 7 files changed, 11 insertions(+), 8 deletions(-) (limited to 'kernel/security') diff --git a/kernel/security/apparmor/apparmorfs.c b/kernel/security/apparmor/apparmorfs.c index ad4fa49ad..9068369f8 100644 --- a/kernel/security/apparmor/apparmorfs.c +++ b/kernel/security/apparmor/apparmorfs.c @@ -331,6 +331,7 @@ static int aa_fs_seq_hash_show(struct seq_file *seq, void *v) seq_printf(seq, "%.2x", profile->hash[i]); seq_puts(seq, "\n"); } + aa_put_profile(profile); return 0; } diff --git a/kernel/security/apparmor/domain.c b/kernel/security/apparmor/domain.c index dc0027b28..53426a6ee 100644 --- a/kernel/security/apparmor/domain.c +++ b/kernel/security/apparmor/domain.c @@ -623,8 +623,8 @@ int aa_change_hat(const char *hats[], int count, u64 token, bool permtest) /* released below */ cred = get_current_cred(); cxt = cred_cxt(cred); - profile = aa_cred_profile(cred); - previous_profile = cxt->previous; + profile = aa_get_newest_profile(aa_cred_profile(cred)); + previous_profile = aa_get_newest_profile(cxt->previous); if (unconfined(profile)) { info = "unconfined"; @@ -720,6 +720,8 @@ audit: out: aa_put_profile(hat); kfree(name); + aa_put_profile(profile); + aa_put_profile(previous_profile); put_cred(cred); return error; diff --git a/kernel/security/integrity/ima/ima_api.c b/kernel/security/integrity/ima/ima_api.c index 1d950fbb2..2d1fe3478 100644 --- a/kernel/security/integrity/ima/ima_api.c +++ b/kernel/security/integrity/ima/ima_api.c @@ -202,7 +202,7 @@ int ima_collect_measurement(struct integrity_iint_cache *iint, } hash; if (xattr_value) - *xattr_len = ima_read_xattr(file->f_path.dentry, xattr_value); + *xattr_len = ima_read_xattr(file_dentry(file), xattr_value); if (!(iint->flags & IMA_COLLECTED)) { u64 i_version = file_inode(file)->i_version; diff --git a/kernel/security/integrity/ima/ima_appraise.c b/kernel/security/integrity/ima/ima_appraise.c index 1873b5536..ed5a9c110 100644 --- a/kernel/security/integrity/ima/ima_appraise.c +++ b/kernel/security/integrity/ima/ima_appraise.c @@ -189,7 +189,7 @@ int ima_appraise_measurement(int func, struct integrity_iint_cache *iint, { static const char op[] = "appraise_data"; char *cause = "unknown"; - struct dentry *dentry = file->f_path.dentry; + struct dentry *dentry = file_dentry(file); struct inode *inode = d_backing_inode(dentry); enum integrity_status status = INTEGRITY_UNKNOWN; int rc = xattr_len, hash_start = 0; @@ -289,7 +289,7 @@ out: */ void ima_update_xattr(struct integrity_iint_cache *iint, struct file *file) { - struct dentry *dentry = file->f_path.dentry; + struct dentry *dentry = file_dentry(file); int rc = 0; /* do not collect and update hash for digital signatures */ diff --git a/kernel/security/keys/key.c b/kernel/security/keys/key.c index ab7997ded..534808915 100644 --- a/kernel/security/keys/key.c +++ b/kernel/security/keys/key.c @@ -578,7 +578,7 @@ int key_reject_and_link(struct key *key, mutex_unlock(&key_construction_mutex); - if (keyring) + if (keyring && link_ret == 0) __key_link_end(keyring, &key->index_key, edit); /* wake up anyone waiting for a key to be constructed */ diff --git a/kernel/security/keys/proc.c b/kernel/security/keys/proc.c index f0611a636..b9f531c9e 100644 --- a/kernel/security/keys/proc.c +++ b/kernel/security/keys/proc.c @@ -181,7 +181,7 @@ static int proc_keys_show(struct seq_file *m, void *v) struct timespec now; unsigned long timo; key_ref_t key_ref, skey_ref; - char xbuf[12]; + char xbuf[16]; int rc; struct keyring_search_context ctx = { diff --git a/kernel/security/selinux/hooks.c b/kernel/security/selinux/hooks.c index d0cfaa9f1..4b56c3b6c 100644 --- a/kernel/security/selinux/hooks.c +++ b/kernel/security/selinux/hooks.c @@ -5640,7 +5640,7 @@ static int selinux_setprocattr(struct task_struct *p, return error; /* Obtain a SID for the context, if one was specified. */ - if (size && str[1] && str[1] != '\n') { + if (size && str[0] && str[0] != '\n') { if (str[size-1] == '\n') { str[size-1] = 0; size--; -- cgit 1.2.3-korg