diff options
| author | Arnd Bergmann <arnd@arndb.de> | 2013-04-08 19:30:48 +0200 |
|---|---|---|
| committer | Arnd Bergmann <arnd@arndb.de> | 2013-04-08 19:30:48 +0200 |
| commit | dc2d3db8137fba0f62d7517e1bea8a47f69fcbc4 (patch) | |
| tree | aee802680d09fe7c1288138cbfc0db17702e8075 /kernel/user_namespace.c | |
| parent | 8355ae69afca3b6bcb7b68712f30223455caebda (diff) | |
| parent | 7f585bbfc54fec9dcf387fd2edb2d6f4908badf8 (diff) | |
| download | olio-linux-3.10-dc2d3db8137fba0f62d7517e1bea8a47f69fcbc4.tar.xz olio-linux-3.10-dc2d3db8137fba0f62d7517e1bea8a47f69fcbc4.zip | |
Merge tag 'omap-for-v3.10/timer-signed' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap into next/drivers
From Tony Lindgren <tony@atomide.com>:
Clean-up for omap2+ timers from Jon Hunter <jon-hunter@ti.com>:
This series consists mainly of clean-ups for clockevents and
clocksource timers on OMAP2+ devices. The most significant change
in functionality comes from the 5th patch which is changing the
selection of the clocksource timer for OMAP3 and AM335x devices
when gptimers are used for clocksource.
Note that this series depends on 7185684 (ARM: OMAP: use
consistent error checking) in RMK's tree and 960cba6 (ARM:
OMAP5: timer: Update the clocksource name as per clock data)
in omap-for-v3.10/fixes-non-critical. So this branch is based
on a merge of 7185684 and omap-for-v3.10/fixes-non-critical
to avoid non-trivial merge conflicts.
* tag 'omap-for-v3.10/timer-signed' of git://git.kernel.org/pub/scm/linux/kernel/git/tmlind/linux-omap:
ARM: OMAP4+: Fix sparse warning in system timers
ARM: OMAP2+: Store ID of system timers in timer structure
ARM: OMAP3: Update clocksource timer selection
ARM: OMAP2+: Simplify system timers definitions
ARM: OMAP2+: Simplify system timer clock definitions
ARM: OMAP2+: Remove hard-coded test on timer ID
ARM: OMAP2+: Display correct system timer name
ARM: OMAP2+: fix typo "CONFIG_BRIDGE_DVFS"
ARM: OMAP1: remove "config MACH_OMAP_HTCWIZARD"
ARM: OMAP: dpll: enable bypass clock only when attempting dpll bypass
ARM: OMAP2+: powerdomain: avoid testing whether an unsigned char is less than 0
ARM: OMAP2+: hwmod: Remove unused _HWMOD_WAKEUP_ENABLED flag
ARM: OMAP2+: am335x: Change the wdt1 func clk src to per_32k clk
ARM: OMAP2+: AM33xx: hwmod: Add missing sysc definition to wdt1 entry
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Diffstat (limited to 'kernel/user_namespace.c')
| -rw-r--r-- | kernel/user_namespace.c | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c index b14f4d34204..a54f26f82eb 100644 --- a/kernel/user_namespace.c +++ b/kernel/user_namespace.c @@ -61,6 +61,15 @@ int create_user_ns(struct cred *new) kgid_t group = new->egid; int ret; + /* + * Verify that we can not violate the policy of which files + * may be accessed that is specified by the root directory, + * by verifing that the root directory is at the root of the + * mount namespace which allows all files to be accessed. + */ + if (current_chrooted()) + return -EPERM; + /* The creator needs a mapping in the parent user namespace * or else we won't be able to reasonably tell userspace who * created a user_namespace. @@ -87,6 +96,8 @@ int create_user_ns(struct cred *new) set_cred_user_ns(new, ns); + update_mnt_policy(ns); + return 0; } |