Next try. Changes to the individual patches are mostly documented in their commit messages. Added/removed patches: - Added "proc: fix timerslack_ns handling" - Removed "ptrace: warn on ptrace_may_access without proper locking" (because of some reverted changes in the "proc: lock properly [...]" patch) Jann Horn (8): exec: introduce cred_guard_light exec: add privunit to task_struct proc: use open()-time creds for ptrace checks futex: don't leak robust_list pointer proc: lock properly in ptrace_may_access callers fs/proc: fix attr access check proc: fix timerslack_ns handling Documentation: add security/ptrace_checks.txt Documentation/security/ptrace_checks.txt | 243 +++++++++++++++++++++++++++++++ arch/mips/kernel/mips-mt-fpaff.c | 4 +- fs/exec.c | 33 ++++- fs/proc/array.c | 10 +- fs/proc/base.c | 220 +++++++++++++++++++++------- fs/proc/internal.h | 14 ++ fs/proc/namespaces.c | 21 ++- include/linux/init_task.h | 1 + include/linux/lsm_hooks.h | 17 ++- include/linux/ptrace.h | 5 + include/linux/sched.h | 28 +++- include/linux/security.h | 23 +-- kernel/cpuset.c | 2 +- kernel/fork.c | 2 + kernel/futex.c | 30 ++-- kernel/futex_compat.c | 30 ++-- kernel/ptrace.c | 51 +++++-- kernel/sched/core.c | 14 +- security/apparmor/include/ipc.h | 2 +- security/apparmor/ipc.c | 4 +- security/apparmor/lsm.c | 14 +- security/commoncap.c | 24 +-- security/security.c | 13 +- security/selinux/hooks.c | 35 +++-- security/smack/smack_lsm.c | 27 +++- security/yama/yama_lsm.c | 9 +- 26 files changed, 718 insertions(+), 158 deletions(-) create mode 100644 Documentation/security/ptrace_checks.txt -- 2.1.4 -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
