/generic/goldfish/+/1468545/
Signed-off-by: Jeff Vander Stoep
---
net/vmw_vsock/af_vsock.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/vmw_vsock/af_vsock.c b/net/vmw_vsock/af_vsock.c
index 9e93bc201cc0..b4d7b8aba003 100644
--- a/net/vmw_vsock/af_vsock.c
+++ b/net/vmw_vsock/af
for a safe default to be set on
production systems at build time while leaving a simple means for
developers to grant access.
Signed-off-by: Jeff Vander Stoep
---
Documentation/sysctl/kernel.txt | 3 ++-
kernel/events/core.c| 4
security/Kconfig| 9 +
3
lt on both Debian [2] and
Android [3].
[1] Making perf available to developers on Android:
https://android-review.googlesource.com/#/c/234400/
[2] Original patch by Ben Hutchings:
https://lkml.org/lkml/2016/1/11/587
[3] https://android-review.googlesource.com/#/c/234743/
Signed-off-by: Jeff Vander
Move the poison pointer offset to 0xdead, a
recognized value that is not mappable by user-space exploits.
Signed-off-by: Thierry Strudel
Signed-off-by: Jeff Vander Stoep
---
v2 removes an extra newline.
arch/arm64/Kconfig | 4
1 file changed, 4 insertions(+)
diff --git a
Move the poison pointer offset to 0xdead, a
recognized value that is not mappable by user-space exploits.
Signed-off-by: Jeff Vander Stoep
---
arch/arm64/Kconfig | 5 +
1 file changed, 5 insertions(+)
diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
index 9532f8d..c003911
selinux which produce the audit denial.
Reordering so rlimit is checked first eliminates the denial on success,
only recording a denial when the lock is unsuccessful as a result of
the denial.
Signed-off-by: Jeff Vander Stoep
---
mm/mlock.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions
Commit f01e1af445fa ("selinux: don't pass in NULL avd to avc_has_perm_noaudit")
made this pointer reassignment unnecessary. Avd should continue to reference
the stack-based copy.
Signed-off-by: Jeff Vander Stoep
---
security/selinux/avc.c | 6 ++
1 file changed, 2 insertions(
7 matches
Mail list logo
