diff options
| author | Greg Kroah-Hartman <gregkh@google.com> | 2017-08-29 14:33:50 +0200 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@google.com> | 2017-08-29 14:33:50 +0200 |
| commit | 2e8f1517cf68d8bd81b33f1585c16228dbd0d7c6 (patch) | |
| tree | 4cbca18a4c67e461de5c3e0b65ef5fdc542fa0e6 /mm | |
| parent | efc949fedd30023a30ea34586b485554932c878f (diff) | |
| parent | 982ce2aa79fbe7c961ee948857d5b5b2a0b2ddd9 (diff) | |
Merge 4.4.84 into android-4.4
Changes in 4.4.84
netfilter: nf_ct_ext: fix possible panic after nf_ct_extend_unregister
audit: Fix use after free in audit_remove_watch_rule()
parisc: pci memory bar assignment fails with 64bit kernels on dino/cujo
crypto: x86/sha1 - Fix reads beyond the number of blocks passed
Input: elan_i2c - add ELAN0608 to the ACPI table
Input: elan_i2c - Add antoher Lenovo ACPI ID for upcoming Lenovo NB
ALSA: seq: 2nd attempt at fixing race creating a queue
ALSA: usb-audio: Apply sample rate quirk to Sennheiser headset
ALSA: usb-audio: Add mute TLV for playback volumes on C-Media devices
mm/mempolicy: fix use after free when calling get_mempolicy
mm: revert x86_64 and arm64 ELF_ET_DYN_BASE base changes
xen: fix bio vec merging
x86/asm/64: Clear AC on NMI entries
irqchip/atmel-aic: Fix unbalanced of_node_put() in aic_common_irq_fixup()
irqchip/atmel-aic: Fix unbalanced refcount in aic_common_rtc_irq_fixup()
Sanitize 'move_pages()' permission checks
pids: make task_tgid_nr_ns() safe
perf/x86: Fix LBR related crashes on Intel Atom
usb: optimize acpi companion search for usb port devices
usb: qmi_wwan: add D-Link DWM-222 device ID
Linux 4.4.84
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
Diffstat (limited to 'mm')
| -rw-r--r-- | mm/mempolicy.c | 5 | ||||
| -rw-r--r-- | mm/migrate.c | 11 |
2 files changed, 3 insertions, 13 deletions
diff --git a/mm/mempolicy.c b/mm/mempolicy.c index d56142b66171..177668a9c267 100644 --- a/mm/mempolicy.c +++ b/mm/mempolicy.c @@ -895,11 +895,6 @@ static long do_get_mempolicy(int *policy, nodemask_t *nmask, *policy |= (pol->flags & MPOL_MODE_FLAGS); } - if (vma) { - up_read(¤t->mm->mmap_sem); - vma = NULL; - } - err = 0; if (nmask) { if (mpol_store_user_nodemask(pol)) { diff --git a/mm/migrate.c b/mm/migrate.c index 72c09dea6526..afedcfab60e2 100644 --- a/mm/migrate.c +++ b/mm/migrate.c @@ -38,6 +38,7 @@ #include <linux/balloon_compaction.h> #include <linux/mmu_notifier.h> #include <linux/page_idle.h> +#include <linux/ptrace.h> #include <asm/tlbflush.h> @@ -1483,7 +1484,6 @@ SYSCALL_DEFINE6(move_pages, pid_t, pid, unsigned long, nr_pages, const int __user *, nodes, int __user *, status, int, flags) { - const struct cred *cred = current_cred(), *tcred; struct task_struct *task; struct mm_struct *mm; int err; @@ -1507,14 +1507,9 @@ SYSCALL_DEFINE6(move_pages, pid_t, pid, unsigned long, nr_pages, /* * Check if this process has the right to modify the specified - * process. The right exists if the process has administrative - * capabilities, superuser privileges or the same - * userid as the target process. + * process. Use the regular "ptrace_may_access()" checks. */ - tcred = __task_cred(task); - if (!uid_eq(cred->euid, tcred->suid) && !uid_eq(cred->euid, tcred->uid) && - !uid_eq(cred->uid, tcred->suid) && !uid_eq(cred->uid, tcred->uid) && - !capable(CAP_SYS_NICE)) { + if (!ptrace_may_access(task, PTRACE_MODE_READ_REALCREDS)) { rcu_read_unlock(); err = -EPERM; goto out; |