diff -rc2P linux-2.4.17ctx-6/Makefile linux-2.4.17ctx-7/Makefile
*** linux-2.4.17ctx-6/Makefile Tue Jan 29 22:54:52 2002
--- linux-2.4.17ctx-7/Makefile Tue Jan 29 23:13:09 2002
***************
*** 2,6 ****
PATCHLEVEL = 4
SUBLEVEL = 17
! EXTRAVERSION =ctx-6
KERNELRELEASE=$(VERSION).$(PATCHLEVEL).$(SUBLEVEL)$(EXTRAVERSION)
--- 2,6 ----
PATCHLEVEL = 4
SUBLEVEL = 17
! EXTRAVERSION =ctx-7
KERNELRELEASE=$(VERSION).$(PATCHLEVEL).$(SUBLEVEL)$(EXTRAVERSION)
diff -rc2P linux-2.4.17ctx-6/fs/devpts/root.c linux-2.4.17ctx-7/fs/devpts/root.c
*** linux-2.4.17ctx-6/fs/devpts/root.c Sun Jan 27 00:34:20 2002
--- linux-2.4.17ctx-7/fs/devpts/root.c Wed Feb 6 12:10:10 2002
***************
*** 68,72 ****
struct inode *inode = sbi->inodes[ptynr];
if ( inode != NULL
! && inode->u.devpts_i.s_context == current->s_context ) {
genptsname(numbuf, ptynr);
if ( filldir(dirent, numbuf, strlen(numbuf), nr, nr, DT_CHR) < 0 )
--- 68,73 ----
struct inode *inode = sbi->inodes[ptynr];
if ( inode != NULL
! && (current->s_context == 1
! || inode->u.devpts_i.s_context == current->s_context)) {
genptsname(numbuf, ptynr);
if ( filldir(dirent, numbuf, strlen(numbuf), nr, nr, DT_CHR) < 0 )
diff -rc2P linux-2.4.17ctx-6/fs/namei.c linux-2.4.17ctx-7/fs/namei.c
*** linux-2.4.17ctx-6/fs/namei.c Wed Jan 23 22:41:06 2002
--- linux-2.4.17ctx-7/fs/namei.c Mon Feb 4 15:22:04 2002
***************
*** 158,162 ****
you fix the "escape from chroot" bug.
*/
! if ((mode & 0777) == 0 && current->s_context != 0) return -EACCES;
if (mask & MAY_WRITE) {
/*
--- 158,164 ----
you fix the "escape from chroot" bug.
*/
! if ((mode & 0777) == 0
! && S_ISDIR(mode)
! && current->s_context != 0) return -EACCES;
if (mask & MAY_WRITE) {
/*
diff -rc2P linux-2.4.17ctx-6/fs/proc/array.c linux-2.4.17ctx-7/fs/proc/array.c
*** linux-2.4.17ctx-6/fs/proc/array.c Sun Jan 27 15:23:51 2002
--- linux-2.4.17ctx-7/fs/proc/array.c Wed Feb 6 12:33:49 2002
***************
*** 151,155 ****
read_lock(&tasklist_lock);
ppid = p->p_opptr->pid;
! if (current->s_info != NULL
&& current->s_info->initpid == ppid) ppid = 1;
buffer += sprintf(buffer,
--- 151,156 ----
read_lock(&tasklist_lock);
ppid = p->p_opptr->pid;
! if (ppid != 0
! && current->s_info != NULL
&& current->s_info->initpid == ppid) ppid = 1;
buffer += sprintf(buffer,
diff -rc2P linux-2.4.17ctx-6/fs/proc/base.c linux-2.4.17ctx-7/fs/proc/base.c
*** linux-2.4.17ctx-6/fs/proc/base.c Sun Jan 27 15:01:44 2002
--- linux-2.4.17ctx-7/fs/proc/base.c Wed Feb 6 12:02:23 2002
***************
*** 970,973 ****
--- 970,974 ----
&& current->s_context != 1
&& task->s_context != current->s_context){
+ free_task_struct(task);
goto out;
}
diff -rc2P linux-2.4.17ctx-6/kernel/timer.c linux-2.4.17ctx-7/kernel/timer.c
*** linux-2.4.17ctx-6/kernel/timer.c Sun Jan 27 14:49:24 2002
--- linux-2.4.17ctx-7/kernel/timer.c Wed Feb 6 12:16:30 2002
***************
*** 776,780 ****
break;
}
! if (current->s_info != NULL
&& current->s_info->initpid == pid){
/* We are faking process 1 for this security context */
--- 776,781 ----
break;
}
! if (pid != 0
! && current->s_info != NULL
&& current->s_info->initpid == pid){
/* We are faking process 1 for this security context */
diff -rc2P linux-2.4.17ctx-6/net/ipv4/devinet.c linux-2.4.17ctx-7/net/ipv4/devinet.c
*** linux-2.4.17ctx-6/net/ipv4/devinet.c Thu Jan 24 12:06:09 2002
--- linux-2.4.17ctx-7/net/ipv4/devinet.c Thu Jan 31 14:37:27 2002
***************
*** 560,563 ****
--- 560,564 ----
}
if (ifa != NULL
+ && current->s_context != 0
&& current->ipv4root != 0
&& current->ipv4root != ifa->ifa_local){
***************
*** 698,702 ****
for ( ; ifa; ifa = ifa->ifa_next) {
// We do not show other IP devices to vservers
! if (current->ipv4root != 0
&& current->ipv4root != ifa->ifa_local) continue;
if (!buf) {
--- 699,704 ----
for ( ; ifa; ifa = ifa->ifa_next) {
// We do not show other IP devices to vservers
! if (current->s_context != 0
! && current->ipv4root != 0
&& current->ipv4root != ifa->ifa_local) continue;
if (!buf) {
