Piteball/android_kernel_google_msm
1
0
Fork 0
mirror of https://github.com/followmsi/android_kernel_google_msm.git synced 2024-11-06 23:17:41 +00:00
Code Issues Projects Releases Wiki Activity
android_kernel_google_msm/net
History
Eric Biggers 1396cfea05 net: socket: don't set sk_uid to garbage value in ->setattr() 
->setattr() was recently implemented for socket files to sync the socket
inode's uid to the new 'sk_uid' member of struct sock.  It does this by
copying over the ia_uid member of struct iattr.  However, ia_uid is
actually only valid when ATTR_UID is set in ia_valid, indicating that
the uid is being changed, e.g. by chown.  Other metadata operations such
as chmod or utimes leave ia_uid uninitialized.  Therefore, sk_uid could
be set to a "garbage" value from the stack.

Fix this by only copying the uid over when ATTR_UID is set.

[backport of net e1a3a60a2ebe991605acb14cd58e39c0545e174e]

Bug: 16355602
Change-Id: I20e53848e54282b72a388ce12bfa88da5e3e9efe
Fixes: 86741ec25462 ("net: core: Add a UID field to struct sock.")
Signed-off-by: Eric Biggers <ebiggers@google.com>
Tested-by: Lorenzo Colitti <lorenzo@google.com>
Acked-by: Lorenzo Colitti <lorenzo@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Kevin F. Haggerty <haggertk@lineageos.org>
2023-02-18 18:37:20 +01:00
..
9p 9p: forgetting to cancel request on interrupted zero-copy RPC 2015-10-22 09:20:07 +08:00
802
8021q net: Replace u64_stats_fetch_begin_bh to u64_stats_fetch_begin_irq 2020-11-30 19:26:49 +03:00
appletalk appletalk: Fix socket referencing in skb 2014-07-28 07:06:45 -07:00
atm atm: deal with setting entry before mkip was called 2016-03-21 09:17:56 +08:00
ax25 net: add validation for the socket syscall protocol argument 2016-10-29 23:12:11 +08:00
batman-adv
bluetooth Bluetooth: cmtp: cmtp_add_connection() should verify that it's dealing with l2cap socket 2018-01-13 17:14:31 +03:00
bridge net: Explicitly initialize u64_stats_sync structures for lockdep 2020-11-30 19:26:40 +03:00
caif caif: remove wrong dev_net_set() call 2015-04-14 17:33:59 +08:00
can BACKPORT: net: sock: make sock_tx_timestamp void 2023-02-18 18:32:19 +01:00
ceph crush: fix a bug in tree bucket decode 2015-10-22 09:20:07 +08:00
core net: core: Add a UID field to struct sock. 2023-02-18 18:37:04 +01:00
dcb
dccp BACKPORT: tcp: fix recv with flags MSG_WAITALL | MSG_PEEK 2023-02-18 18:36:52 +01:00
decnet net: Document dst->obsolete better. 2020-11-30 19:39:24 +03:00
dns_resolver dns_resolver: Null-terminate the right string 2014-07-28 07:06:46 -07:00
dsa
econet
ethernet
ieee802154
ipv4 BACKPORT: tcp: fix recv with flags MSG_WAITALL | MSG_PEEK 2023-02-18 18:36:52 +01:00
ipv6 BACKPORT: net: sock: make sock_tx_timestamp void 2023-02-18 18:32:19 +01:00
ipx ipx: call ipxitf_put() in ioctl error path 2018-02-16 20:15:04 -07:00
irda Merge remote-tracking branch 'stable/linux-3.4.y' into lineage-15.1 2017-12-27 17:13:15 +03:00
iucv
key xfrm: remove redundant parameter "int dir" in struct xfrm_mgr.acquire 2020-12-06 13:59:24 +03:00
l2tp Merge remote-tracking branch 'stable/linux-3.4.y' into lineage-15.1 2017-12-27 17:13:15 +03:00
lapb
llc BACKPORT: tcp: fix recv with flags MSG_WAITALL | MSG_PEEK 2023-02-18 18:36:52 +01:00
mac80211 Merge remote-tracking branch 'stable/linux-3.4.y' into lineage-15.1 2017-12-27 17:13:15 +03:00
netfilter net: Replace u64_stats_fetch_begin_bh to u64_stats_fetch_begin_irq 2020-11-30 19:26:49 +03:00
netlabel
netlink Merge remote-tracking branch 'stable/linux-3.4.y' into lineage-15.1 2017-12-27 17:13:15 +03:00
netrom
nfc
openvswitch net: Replace u64_stats_fetch_begin_bh to u64_stats_fetch_begin_irq 2020-11-30 19:26:49 +03:00
packet BACKPORT: net: sock: make sock_tx_timestamp void 2023-02-18 18:32:19 +01:00
phonet
rds RDS: fix race condition when sending a message on unbound socket 2016-03-21 09:17:54 +08:00
rfkill Merge remote-tracking branch 'stable/linux-3.4.y' into lineage-15.1 2017-12-27 17:13:15 +03:00
rose NET: ROSE: Don't dereference NULL neighbour pointer. 2015-09-18 09:20:47 +08:00
rxrpc Merge remote-tracking branch 'stable/linux-3.4.y' into lineage-15.1 2017-12-27 17:13:15 +03:00
sched Merge remote-tracking branch 'stable/linux-3.4.y' into lineage-15.1 2017-12-27 17:13:15 +03:00
sctp net: Document dst->obsolete better. 2020-11-30 19:39:24 +03:00
sunrpc vfs: make it possible to access the dentry hash/len as one 64-bit entry 2018-12-07 22:20:38 +04:00
tipc tipc: clear 'next'-pointer of message fragments before reassembly 2014-07-28 07:06:45 -07:00
unix pull mnt_want_write()/mnt_drop_write() into kern_path_create()/done_path_create() resp. 2018-12-07 22:28:48 +04:00
wanrouter
wimax
wireless cfg80211: Fix use after free when process wdev events 2020-10-25 02:37:54 -04:00
x25
xfrm xfrm: remove redundant parameter "int dir" in struct xfrm_mgr.acquire 2020-12-06 13:59:24 +03:00
activity_stats.c
compat.c Merge remote-tracking branch 'stable/linux-3.4.y' into lineage-15.1 2017-12-27 17:13:15 +03:00
Kconfig
Makefile
nonet.c
socket.c net: socket: don't set sk_uid to garbage value in ->setattr() 2023-02-18 18:37:20 +01:00
sysctl_net.c