projects
/
deliverable
/
linux.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
sparc: Don't leak context bits into thread->fault_address
[deliverable/linux.git]
/
fs
/
timerfd.c
diff --git
a/fs/timerfd.c
b/fs/timerfd.c
index 053818dd6c18be8f228e1c40483e50d78aa78007..9ae4abb4110b84ef286facc88e66be9d954a021d 100644
(file)
--- a/
fs/timerfd.c
+++ b/
fs/timerfd.c
@@
-390,6
+390,11
@@
SYSCALL_DEFINE2(timerfd_create, int, clockid, int, flags)
clockid != CLOCK_BOOTTIME_ALARM))
return -EINVAL;
clockid != CLOCK_BOOTTIME_ALARM))
return -EINVAL;
+ if (!capable(CAP_WAKE_ALARM) &&
+ (clockid == CLOCK_REALTIME_ALARM ||
+ clockid == CLOCK_BOOTTIME_ALARM))
+ return -EPERM;
+
ctx = kzalloc(sizeof(*ctx), GFP_KERNEL);
if (!ctx)
return -ENOMEM;
ctx = kzalloc(sizeof(*ctx), GFP_KERNEL);
if (!ctx)
return -ENOMEM;
@@
-433,6
+438,11
@@
static int do_timerfd_settime(int ufd, int flags,
return ret;
ctx = f.file->private_data;
return ret;
ctx = f.file->private_data;
+ if (!capable(CAP_WAKE_ALARM) && isalarm(ctx)) {
+ fdput(f);
+ return -EPERM;
+ }
+
timerfd_setup_cancel(ctx, flags);
/*
timerfd_setup_cancel(ctx, flags);
/*
This page took
0.024459 seconds
and
5
git commands to generate.