Attachment #28088 for bug #65370

View | Details | Raw Unified | Return to bug 65370
Collapse All | Expand All




	case SHM_LOCK:
	case SHM_UNLOCK:
	{
		/* Allow superuser to lock segment in memory */
		if (!can_do_mlock() && cmd == SHM_LOCK) {
			err = -EPERM;
			goto out;
		}
		shp = shm_lock(shmid);
		if(shp==NULL) {
			err = -EINVAL;

		err = shm_checkid(shp,shmid);
		if(err)
			goto out_unlock;

		if (!capable(CAP_IPC_LOCK)) {
			err = -EPERM;
			if (current->euid != shp->shm_perm.uid &&
			    current->euid != shp->shm_perm.cuid)
				goto out_unlock;
			if (cmd == SHM_LOCK &&
			    !current->signal->rlim[RLIMIT_MEMLOCK].rlim_cur)
				goto out_unlock;
		}

		err = security_shm_shmctl(shp, cmd);
		if (err)

Return to bug 65370

Lines 511-521 Link Here

(-)a/ipc/shm.c (-5 / +10 lines)
511	case SHM_LOCK:	511	case SHM_LOCK:
512	case SHM_UNLOCK:	512	case SHM_UNLOCK:
513	{	513	{
514	/* Allow superuser to lock segment in memory */
515	if (!can_do_mlock() && cmd == SHM_LOCK) {
516	err = -EPERM;
517	goto out;
518	}
519	shp = shm_lock(shmid);	514	shp = shm_lock(shmid);
520	if(shp==NULL) {	515	if(shp==NULL) {
521	err = -EINVAL;	516	err = -EINVAL;
Lines 524-529 Link Here
524	err = shm_checkid(shp,shmid);	519	err = shm_checkid(shp,shmid);
525	if(err)	520	if(err)
526	goto out_unlock;	521	goto out_unlock;
		522
		523	if (!capable(CAP_IPC_LOCK)) {
		524	err = -EPERM;
		525	if (current->euid != shp->shm_perm.uid &&
		526	current->euid != shp->shm_perm.cuid)
		527	goto out_unlock;
		528	if (cmd == SHM_LOCK &&
		529	!current->signal->rlim[RLIMIT_MEMLOCK].rlim_cur)
		530	goto out_unlock;
		531	}
527		532
528	err = security_shm_shmctl(shp, cmd);	533	err = security_shm_shmctl(shp, cmd);
529	if (err)	534	if (err)