33cc69a...
by
Richard Guy Briggs <email address hidden>
audit: fix netlink portid naming and types
Normally, netlink ports use the PID of the userspace process as the port ID.
If the PID is already in use by a port, the kernel will allocate another port
ID to avoid conflict. Re-name all references to netlink ports from pid to
portid to reflect this reality and avoid confusion with actual PIDs. Ports
use the __u32 type, so re-type all portids accordingly.
(This patch is very similar to ebiederman's 5deadd69)
userns: Allow PR_CAPBSET_DROP in a user namespace.
As the capabilites and capability bounding set are per user namespace
properties it is safe to allow changing them with just CAP_SETPCAP
permission in the user namespace.
Commit 08518549722f0c992a9e4be71a0777f37147e9d2 made it so kern_path() via
getname_kernel() may do a GFP_KERNEL based allocation which is causing the
"sleep from invalid context" lockdep warning. Rework The apparmor mount
code to move kern_path() calls outside of the get_buffers()/put_buffers()
RCU read_lock block.
Cherry picked from git://kernel.ubuntu.com/jj/ubuntu-xenial.git commit
6f8d315516c62da86bec7a5e897d3eef356b5351.
Signed-off-by: John Johansen <email address hidden>
Signed-off-by: Andy Whitcroft <email address hidden>
Signed-off-by: Tim Gardner <email address hidden>