Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/sys-kernel/ck-sources/files/ck-sources-2.6.9.shmLocking.patch
diff options
context:
space:
mode:
Diffstat (limited to 'sys-kernel/ck-sources/files/ck-sources-2.6.9.shmLocking.patch')
-rw-r--r--sys-kernel/ck-sources/files/ck-sources-2.6.9.shmLocking.patch56
1 files changed, 56 insertions, 0 deletions
diff --git a/sys-kernel/ck-sources/files/ck-sources-2.6.9.shmLocking.patch b/sys-kernel/ck-sources/files/ck-sources-2.6.9.shmLocking.patch
new file mode 100644
index 000000000000..dba7c9ca796f
--- /dev/null
+++ b/sys-kernel/ck-sources/files/ck-sources-2.6.9.shmLocking.patch
@@ -0,0 +1,56 @@
+# This is a BitKeeper generated diff -Nru style patch.
+#
+# ChangeSet
+# 2004/12/13 08:30:17-08:00 hugh@veritas.com
+# [PATCH] shmctl SHM_LOCK perms
+#
+# Michael Kerrisk has observed that at present any process can SHM_LOCK any
+# shm segment of size within process RLIMIT_MEMLOCK, despite having no
+# permissions on the segment: surprising, though not obviously evil. And any
+# process can SHM_UNLOCK any shm segment, despite no permissions on it: that
+# is surely wrong.
+#
+# Unless CAP_IPC_LOCK, restrict both SHM_LOCK and SHM_UNLOCK to when the
+# process euid matches the shm owner or creator: that seems the least
+# surprising behaviour, which could be relaxed if a need appears later.
+#
+# Signed-off-by: Hugh Dickins <hugh@veritas.com>
+# Signed-off-by: Andrew Morton <akpm@osdl.org>
+# Signed-off-by: Linus Torvalds <torvalds@osdl.org>
+#
+# ipc/shm.c
+# 2004/12/13 02:47:27-08:00 hugh@veritas.com +10 -5
+# shmctl SHM_LOCK perms
+#
+diff -Nru a/ipc/shm.c b/ipc/shm.c
+--- a/ipc/shm.c 2004-12-20 10:32:59 -08:00
++++ b/ipc/shm.c 2004-12-20 10:32:59 -08:00
+@@ -511,11 +511,6 @@
+ case SHM_LOCK:
+ case SHM_UNLOCK:
+ {
+- /* Allow superuser to lock segment in memory */
+- if (!can_do_mlock() && cmd == SHM_LOCK) {
+- err = -EPERM;
+- goto out;
+- }
+ shp = shm_lock(shmid);
+ if(shp==NULL) {
+ err = -EINVAL;
+@@ -524,6 +519,16 @@
+ err = shm_checkid(shp,shmid);
+ if(err)
+ goto out_unlock;
++
++ if (!capable(CAP_IPC_LOCK)) {
++ err = -EPERM;
++ if (current->euid != shp->shm_perm.uid &&
++ current->euid != shp->shm_perm.cuid)
++ goto out_unlock;
++ if (cmd == SHM_LOCK &&
++ !current->signal->rlim[RLIMIT_MEMLOCK].rlim_cur)
++ goto out_unlock;
++ }
+
+ err = security_shm_shmctl(shp, cmd);
+ if (err)