Kernel/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2025-01-16 10:17:32 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
linux-stable/kernel
History
Eric Paris 4b8a311bb1 [PATCH] arch filter lists with < or > should not be accepted 
Currently the kernel audit system represents arch's as numbers and will
gladly accept comparisons between archs using >, <, >=, <= when the only
thing that makes sense is = or !=.  I'm told that the next revision of
auditctl will do this checking but this will provide enforcement in the
kernel even for old userspace.  A simple command to show the issue would
be to run

auditctl -d entry,always -F arch>i686 -S chmod

with this patch the kernel will reject this with -EINVAL

Please comment/ack/nak as soon as possible.

-Eric

 kernel/auditfilter.c |    9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2006-10-04 08:31:16 -04:00
..
irq
[PATCH] irq: remove a extra line
2006-09-29 09:18:07 -07:00
power
[PATCH] namespaces: utsname: use init_utsname when appropriate
2006-10-02 07:57:21 -07:00
time
[PATCH] kernel/time/ntp.c: possible cleanups
2006-10-01 00:39:27 -07:00
.gitignore
gitignore: ignore more generated files
2006-01-03 11:35:26 +01:00
acct.c
[PATCH] csa: convert CONFIG tag for extended accounting routines
2006-10-01 00:39:29 -07:00
audit.c
[PATCH] selinux: rename selinux_ctxid_to_string
2006-09-26 08:48:52 -07:00
audit.h
[PATCH] audit: AUDIT_PERM support
2006-09-11 13:32:30 -04:00
auditfilter.c
[PATCH] arch filter lists with < or > should not be accepted
2006-10-04 08:31:16 -04:00
auditsc.c
[PATCH] audit/accounting: tty locking
2006-09-29 09:18:25 -07:00
capability.c
[PATCH] pidspace: is_init()
2006-09-29 09:18:12 -07:00
compat.c
[PATCH] BLOCK: Revert patch to hack around undeclared sigset_t in linux/compat.h
2006-10-02 08:03:31 -07:00
configs.c
Remove obsolete #include <linux/config.h>
2006-06-30 19:25:36 +02:00
cpu.c
[PATCH] Disable CPU hotplug during suspend
2006-09-26 08:48:59 -07:00
cpuset.c
[PATCH] r/o bind mount prepwork: inc_nlink() helper
2006-10-01 00:39:30 -07:00
delayacct.c
[PATCH] task delay accounting fixes
2006-09-01 11:39:08 -07:00
dma.c
[PATCH] kernel-doc for kernel/dma.c
2006-10-03 08:03:41 -07:00
exec_domain.c
Remove obsolete #include <linux/config.h>
2006-06-30 19:25:36 +02:00
exit.c
[PATCH] namespaces: exit_task_namespaces() invalidates nsproxy
2006-10-02 07:57:21 -07:00
extable.c
[PATCH] symbol_put_addr() locks kernel
2006-05-15 11:20:55 -07:00
fork.c
[PATCH] IPC namespace - utils
2006-10-02 07:57:22 -07:00
futex_compat.c
[PATCH] futex: Apply recent futex fixes to futex_compat
2006-08-06 08:57:49 -07:00
futex.c
[PATCH] file: modify struct fown_struct to use a struct pid
2006-10-02 07:57:14 -07:00
hrtimer.c
[PATCH] posix-timers: Fix clock_nanosleep() doesn't return the remaining time in compatibility mode
2006-09-29 09:18:15 -07:00
itimer.c
[PATCH] hrtimers: remove data field
2006-03-26 08:57:03 -08:00
kallsyms.c
[PATCH] Create kallsyms_lookup_size_offset()
2006-10-03 08:03:41 -07:00
Kconfig.hz
[PATCH] i386: Selectable Frequency of the Timer Interrupt
2005-06-23 09:45:10 -07:00
Kconfig.preempt
[PATCH] sched: voluntary kernel preemption
2005-06-25 16:24:45 -07:00
kexec.c
[PATCH] kexec warning fix
2006-09-29 09:18:15 -07:00
kfifo.c
[PATCH] memory ordering in __kfifo primitives
2006-09-29 09:18:13 -07:00
kmod.c
[PATCH] introduce kernel_execve
2006-10-02 07:57:23 -07:00
kprobes.c
[PATCH] kretprobe spinlock deadlock patch
2006-10-02 07:57:16 -07:00
ksysfs.c
Remove obsolete #include <linux/config.h>
2006-06-30 19:25:36 +02:00
kthread.c
[PATCH] remove kernel/kthread.c:kthread_stop_sem()
2006-07-14 21:53:52 -07:00
latency.c
[PATCH] maximum latency tracking infrastructure
2006-10-01 00:39:19 -07:00
lockdep_internals.h
[PATCH] lockdep: double the number of stack-trace entries
2006-09-13 07:32:14 -07:00
lockdep_proc.c
[PATCH] lockdep: procfs
2006-07-03 15:27:04 -07:00
lockdep.c
[PATCH] namespaces: utsname: use init_utsname when appropriate
2006-10-02 07:57:21 -07:00
Makefile
[PATCH] namespaces: utsname: implement utsname namespaces
2006-10-02 07:57:21 -07:00
module.c
[PATCH] Create kallsyms_lookup_size_offset()
2006-10-03 08:03:41 -07:00
mutex-debug.c
[PATCH] lockdep: prove mutex locking correctness
2006-07-03 15:27:04 -07:00
mutex-debug.h
[PATCH] lockdep: better lock debugging
2006-07-03 15:27:01 -07:00
mutex.c
[PATCH] lockdep: prove mutex locking correctness
2006-07-03 15:27:04 -07:00
mutex.h
[PATCH] lockdep: prove mutex locking correctness
2006-07-03 15:27:04 -07:00
nsproxy.c
[PATCH] nsproxy cloning error path fix
2006-10-02 07:57:22 -07:00
panic.c
[PATCH] x86: Clean up x86 NMI sysctls
2006-09-30 01:47:55 +02:00
params.c
[PATCH] module_subsys: initialize earlier
2006-09-29 09:18:08 -07:00
pid.c
[PATCH] introduce get_task_pid() to fix unsafe get_pid()
2006-10-02 07:57:25 -07:00
posix-cpu-timers.c
[PATCH] posix-timers: Fix the flags handling in posix_cpu_nsleep()
2006-09-29 09:18:15 -07:00
posix-timers.c
fix file specification in comments
2006-10-03 23:01:26 +02:00
printk.c
[PATCH] PM: make it possible to disable console suspending
2006-09-26 08:49:03 -07:00
profile.c
[PATCH] Profiling: require buffer allocation on the correct node
2006-09-26 08:48:50 -07:00
ptrace.c
[PATCH] pidspace: is_init()
2006-09-29 09:18:12 -07:00
rcupdate.c
[PATCH] rcu_do_batch: make ->qlen decrement irq safe
2006-09-13 07:32:14 -07:00
rcutorture.c
rcutorture: Fix incorrect description of default for nreaders parameter
2006-10-03 23:26:16 +02:00
relay.c
[PATCH] kernel-doc for relay interface
2006-09-29 09:18:06 -07:00
resource.c
[PATCH] kernel-doc for kernel/resource.c
2006-10-03 08:03:41 -07:00
rtmutex_common.h
[PATCH] pi-futex: futex_lock_pi/futex_unlock_pi support
2006-06-27 17:32:47 -07:00
rtmutex-debug.c
[PATCH] sched: cleanup, remove task_t, convert to struct task_struct
2006-07-03 15:27:11 -07:00
rtmutex-debug.h
[PATCH] lockdep: better lock debugging
2006-07-03 15:27:01 -07:00
rtmutex-tester.c
[PATCH] Add try_to_freeze() to rt-test kthreads
2006-07-14 21:53:53 -07:00
rtmutex.c
[PATCH] clean up and remove some extra spinlocks from rtmutex
2006-09-29 09:18:09 -07:00
rtmutex.h
[PATCH] lockdep: better lock debugging
2006-07-03 15:27:01 -07:00
rwsem.c
[PATCH] lockdep: prove rwsem locking correctness
2006-07-03 15:27:04 -07:00
sched.c
[PATCH] scheduler: NUMA aware placement of sched_group_allnodes
2006-10-03 08:04:07 -07:00
seccomp.c
Linux-2.6.12-rc2
2005-04-16 15:20:36 -07:00
signal.c
[PATCH] usb: fixup usb so it uses struct pid
2006-10-02 07:57:15 -07:00
softirq.c
[PATCH] check return value of cpu_callback
2006-09-29 09:18:14 -07:00
softlockup.c
[PATCH] check return value of cpu_callback
2006-09-29 09:18:14 -07:00
spinlock.c
[PATCH] Directed yield: cpu_relax variants for spinlocks and rw-locks
2006-10-01 00:39:21 -07:00
stacktrace.c
[PATCH] lockdep: stacktrace subsystem, core
2006-07-03 15:27:02 -07:00
stop_machine.c
[PATCH] stop_machine.c copyright
2006-09-29 09:18:24 -07:00
sys_ni.c
[PATCH] BLOCK: Make it possible to disable the block layer [try #6]
2006-09-30 20:52:31 +02:00
sys.c
[PATCH] replace cad_pid by a struct pid
2006-10-02 07:57:25 -07:00
sysctl.c
[PATCH] replace cad_pid by a struct pid
2006-10-02 07:57:25 -07:00
taskstats.c
[PATCH] csa: Extended system accounting over taskstats
2006-10-01 00:39:29 -07:00
time.c
[PATCH] NTP: Move all the NTP related code to ntp.c
2006-10-01 00:39:26 -07:00
timer.c
[PATCH] kill wall_jiffies
2006-10-01 00:39:27 -07:00
tsacct.c
[PATCH] csa accounting taskstats update
2006-10-01 00:39:29 -07:00
uid16.c
[PATCH] Add more prevent_tail_call()
2006-04-19 16:27:18 -07:00
unwind.c
[PATCH] unwind: fix unused variable warning when !CONFIG_MODULES
2006-09-29 09:18:11 -07:00
user.c
[PATCH] selinux: add hooks for key subsystem
2006-06-22 15:05:55 -07:00
utsname.c
[PATCH] namespaces: utsname: implement CLONE_NEWUTS flag
2006-10-02 07:57:22 -07:00
wait.c
[PATCH] uninline init_waitqueue_head()
2006-07-10 13:24:25 -07:00
workqueue.c
remove duplicate "until" from kernel/workqueue.c
2006-10-03 23:07:31 +02:00