Please consider for 2.6.32.y and Fedora.
-------- Forwarded Message --------
From: Linux Kernel Mailing List <linux-kernel(a)vger.kernel.org>
To: git-commits-head(a)vger.kernel.org
Subject: SECURITY: selinux, fix update_rlimit_cpu parameter
Date: Mon, 4 Jan 2010 20:59:14 GMT
Gitweb:
http://git.kernel.org/linus/17740d89785aeb4143770923d67c293849414710
Commit: 17740d89785aeb4143770923d67c293849414710
Parent: 45d28b097280a78893ce25a5d0db41e6a2717853
Author: Jiri Slaby <jirislaby(a)gmail.com>
AuthorDate: Fri Aug 28 10:47:16 2009 +0200
Committer: Jiri Slaby <jslaby(a)suse.cz>
CommitDate: Mon Jan 4 11:27:18 2010 +0100
SECURITY: selinux, fix update_rlimit_cpu parameter
Don't pass current RLIMIT_RTTIME to update_rlimit_cpu() in
selinux_bprm_committing_creds, since update_rlimit_cpu expects
RLIMIT_CPU limit.
Use proper rlim[RLIMIT_CPU].rlim_cur instead to fix that.
Signed-off-by: Jiri Slaby <jirislaby(a)gmail.com>
Acked-by: James Morris <jmorris(a)namei.org>
Cc: Stephen Smalley <sds(a)tycho.nsa.gov>
Cc: Eric Paris <eparis(a)parisplace.org>
Cc: David Howells <dhowells(a)redhat.com>
---
security/selinux/hooks.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 7a374c2..9a2ee84 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -2365,7 +2365,7 @@ static void selinux_bprm_committing_creds(struct linux_binprm
*bprm)
initrlim = init_task.signal->rlim + i;
rlim->rlim_cur = min(rlim->rlim_max, initrlim->rlim_cur);
}
- update_rlimit_cpu(rlim->rlim_cur);
+ update_rlimit_cpu(current->signal->rlim[RLIMIT_CPU].rlim_cur);
}
}
--
To unsubscribe from this list: send the line "unsubscribe git-commits-head" in
the body of a message to majordomo(a)vger.kernel.org
More majordomo info at
http://vger.kernel.org/majordomo-info.html
--
Stephen Smalley
National Security Agency