git.openpandora.org / pandora-kernel.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | compact (merge: efacf4c b1be7dd)
Merge branch 'stable-3.2' into pandora-3.2
authorGrazvydas Ignotas <notasas@gmail.com>
Wed, 25 Apr 2012 22:07:00 +0000 (01:07 +0300)
committerGrazvydas Ignotas <notasas@gmail.com>
Wed, 25 Apr 2012 22:07:00 +0000 (01:07 +0300)
Conflicts:
arch/arm/mm/proc-v7.S

1  2 
arch/arm/mm/proc-v7.S patch | diff1 | diff2 | blob | history
security/commoncap.c patch | diff1 | diff2 | blob | history

diff --combined arch/arm/mm/proc-v7.S
index 2dcafbe,785365e..290b34f
--- 1/arch/arm/mm/proc-v7.S
--- 2/arch/arm/mm/proc-v7.S
+++ b/arch/arm/mm/proc-v7.S
@@@ -382,12 -382,18 +382,24 @@@ __v7_setup
        mcr     p15, 0, r5, c10, c2, 0          @ write PRRR
        mcr     p15, 0, r6, c10, c2, 1          @ write NMRR
  #endif
 +
 +#ifdef CONFIG_USER_PMON
 +      mov     r0, #1
 +      mcr     p15, 0, r0, c9, c14, 0
 +#endif
 +
+ #ifndef CONFIG_ARM_THUMBEE
+       mrc     p15, 0, r0, c0, c1, 0           @ read ID_PFR0 for ThumbEE
+       and     r0, r0, #(0xf << 12)            @ ThumbEE enabled field
+       teq     r0, #(1 << 12)                  @ check if ThumbEE is present
+       bne     1f
+       mov     r5, #0
+       mcr     p14, 6, r5, c1, c0, 0           @ Initialize TEEHBR to 0
+       mrc     p14, 6, r0, c0, c0, 0           @ load TEECR
+       orr     r0, r0, #1                      @ set the 1st bit in order to
+       mcr     p14, 6, r0, c0, c0, 0           @ stop userspace TEEHBR access
+ 1:
+ #endif
        adr     r5, v7_crval
        ldmia   r5, {r5, r6}
  #ifdef CONFIG_CPU_ENDIAN_BE8
diff --combined security/commoncap.c
index 611fd70,12440ee..f90d82f
--- 1/security/commoncap.c
--- 2/security/commoncap.c
+++ b/security/commoncap.c
@@@ -28,6 -28,7 +28,7 @@@
  #include <linux/prctl.h>
  #include <linux/securebits.h>
  #include <linux/user_namespace.h>
+ #include <linux/personality.h>
  
  /*
   * If a non-root user executes a setuid-root binary in
@@@ -514,6 -515,11 +515,11 @@@ int cap_bprm_set_creds(struct linux_bin
        }
  skip:
  
+       /* if we have fs caps, clear dangerous personality flags */
+       if (!cap_issubset(new->cap_permitted, old->cap_permitted))
+               bprm->per_clear |= PER_CLEAR_ON_SETID;
        /* Don't let someone trace a set[ug]id/setpcap binary with the revised
         * credentials unless they have the appropriate permit
         */
@@@ -975,4 -981,3 +981,4 @@@ int cap_file_mmap(struct file *file, un
        }
        return ret;
  }
 +EXPORT_SYMBOL(cap_file_mmap);
Pandora Kernel Repository