46 lines
1.2 KiB
Diff
46 lines
1.2 KiB
Diff
From: Ben Hutchings <ben@decadent.org.uk>
|
|
Date: Thu, 15 Jan 2015 23:16:35 +0000
|
|
Subject: userns: Fix ABI change in 3.16.7-ckt4
|
|
Forwarded: not-needed
|
|
|
|
The fix for CVE-2014-8989 added a new member to struct user_namespace.
|
|
This is always allocated, and the new member is always used, in
|
|
non-modular code. Move it to the end of the structure and hide it
|
|
from genksyms.
|
|
|
|
Also hide the new #include in kernel/groups.c.
|
|
|
|
---
|
|
--- a/include/linux/user_namespace.h
|
|
+++ b/include/linux/user_namespace.h
|
|
@@ -31,13 +31,16 @@ struct user_namespace {
|
|
kuid_t owner;
|
|
kgid_t group;
|
|
unsigned int proc_inum;
|
|
- unsigned long flags;
|
|
|
|
/* Register of per-UID persistent keyrings for this namespace */
|
|
#ifdef CONFIG_PERSISTENT_KEYRINGS
|
|
struct key *persistent_keyring_register;
|
|
struct rw_semaphore persistent_keyring_register_sem;
|
|
#endif
|
|
+
|
|
+#ifndef __GENKSYMS__
|
|
+ unsigned long flags;
|
|
+#endif
|
|
};
|
|
|
|
extern struct user_namespace init_user_ns;
|
|
--- a/kernel/groups.c
|
|
+++ b/kernel/groups.c
|
|
@@ -6,7 +6,9 @@
|
|
#include <linux/slab.h>
|
|
#include <linux/security.h>
|
|
#include <linux/syscalls.h>
|
|
+#ifndef __GENKSYMS__
|
|
#include <linux/user_namespace.h>
|
|
+#endif
|
|
#include <asm/uaccess.h>
|
|
|
|
/* init to 2 - one for init_task, one to ensure it is never freed */
|