--- linux-2.6.16-rc1/drivers/char/random.c 2006-01-26 22:34:53 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/drivers/char/random.c 2006-01-21 18:28:03 +0100 @@ -1174,7 +1174,7 @@ static char sysctl_bootid[16]; static int proc_do_uuid(ctl_table *table, int write, struct file *filp, void __user *buffer, size_t *lenp, loff_t *ppos) { - ctl_table fake_table; + ctl_table fake_table = {0}; unsigned char buf[64], tmp_uuid[16], *uuid; uuid = table->data; --- linux-2.6.16-rc1/fs/devpts/inode.c 2006-01-26 22:35:10 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/fs/devpts/inode.c 2006-01-25 05:34:51 +0100 @@ -95,8 +127,10 @@ devpts_fill_super(struct super_block *s, inode->i_uid = inode->i_gid = 0; inode->i_mode = S_IFDIR | S_IRUGO | S_IXUGO | S_IWUSR; inode->i_op = &simple_dir_inode_operations; - inode->i_fop = &simple_dir_operations; + inode->i_fop = &devpts_dir_operations; inode->i_nlink = 2; + /* devpts is xid tagged */ + inode->i_tag = (tag_t)vx_current_xid(); devpts_root = s->s_root = d_alloc_root(inode); if (s->s_root) --- linux-2.6.16-rc1/fs/devpts/inode.c 2006-01-26 22:35:10 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/fs/devpts/inode.c 2006-01-25 05:34:51 +0100 @@ -155,6 +189,9 @@ int devpts_pty_new(struct tty_struct *tt inode->i_gid = config.setgid ? config.gid : current->fsgid; inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME; init_special_inode(inode, S_IFCHR|config.mode, device); + /* devpts is xid tagged */ + inode->i_tag = (tag_t)vx_current_xid(); + inode->i_op = &devpts_file_inode_operations; inode->u.generic_ip = tty; dentry = get_node(number); --- linux-2.6.16-rc1/fs/libfs.c 2006-01-26 22:35:12 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/fs/libfs.c 2006-01-21 18:28:04 +0100 @@ -156,6 +157,8 @@ int dcache_readdir(struct file * filp, v next = list_entry(p, struct dentry, d_u.d_child); if (d_unhashed(next) || !next->d_inode) continue; + if (filter && !filter(next)) + continue; spin_unlock(&dcache_lock); if (filldir(dirent, next->d_name.name, next->d_name.len, filp->f_pos, next->d_inode->i_ino, dt_type(next->d_inode)) < 0) --- linux-2.6.16-rc1/fs/libfs.c 2006-01-26 22:35:12 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/fs/libfs.c 2006-01-21 18:28:04 +0100 @@ -172,6 +175,18 @@ int dcache_readdir(struct file * filp, v return 0; } +int dcache_readdir(struct file * filp, void * dirent, filldir_t filldir) +{ + return do_dcache_readdir_filter(filp, dirent, filldir, NULL); +} + +int dcache_readdir_filter(struct file * filp, void * dirent, filldir_t filldir, + int (*filter)(struct dentry *)) +{ + return do_dcache_readdir_filter(filp, dirent, filldir, filter); +} + + ssize_t generic_read_dir(struct file *filp, char __user *buf, size_t siz, loff_t *ppos) { return -EISDIR; --- linux-2.6.16-rc1/fs/libfs.c 2006-01-26 22:35:12 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/fs/libfs.c 2006-01-21 18:28:04 +0100 @@ -620,6 +635,7 @@ EXPORT_SYMBOL(dcache_dir_close); EXPORT_SYMBOL(dcache_dir_lseek); EXPORT_SYMBOL(dcache_dir_open); EXPORT_SYMBOL(dcache_readdir); +EXPORT_SYMBOL(dcache_readdir_filter); EXPORT_SYMBOL(generic_read_dir); EXPORT_SYMBOL(get_sb_pseudo); EXPORT_SYMBOL(simple_commit_write); --- linux-2.6.16-rc1/fs/namei.c 2006-01-26 22:35:12 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/fs/namei.c 2006-01-25 05:34:51 +0100 @@ -737,6 +762,7 @@ static int do_lookup(struct nameidata *n { struct vfsmount *mnt = nd->mnt; struct dentry *dentry = __d_lookup(nd->dentry, name); + struct inode *inode; if (!dentry) goto need_lookup; --- linux-2.6.16-rc1/fs/namei.c 2006-01-26 22:35:12 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/fs/namei.c 2006-01-25 05:34:51 +0100 @@ -742,6 +768,17 @@ ***** goto need_lookup; if (dentry->d_op && dentry->d_op->d_revalidate) goto need_revalidate; + inode = dentry->d_inode; + if (!inode) + goto done; + if (inode->i_sb->s_magic == PROC_SUPER_MAGIC) { + struct proc_dir_entry *de = PDE(inode); + + if (de && !vx_hide_check(0, de->vx_flags)) + goto hidden; + } + if (!dx_check(inode->i_tag, DX_WATCH|DX_ADMIN|DX_HOSTID|DX_IDENT)) + goto hidden; done: path->mnt = mnt; path->dentry = dentry; --- linux-2.6.16-rc1/include/linux/fs.h 2006-01-26 22:35:19 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/include/linux/fs.h 2006-01-29 16:01:52 +0100 @@ -1690,6 +1714,7 @@ extern int dcache_dir_open(struct inode extern int dcache_dir_close(struct inode *, struct file *); extern loff_t dcache_dir_lseek(struct file *, loff_t, int); extern int dcache_readdir(struct file *, void *, filldir_t); +extern int dcache_readdir_filter(struct file *, void *, filldir_t, int (*)(struct dentry *)); extern int simple_getattr(struct vfsmount *, struct dentry *, struct kstat *); extern int simple_statfs(struct super_block *, struct kstatfs *); extern int simple_link(struct dentry *, struct inode *, struct dentry *); --- linux-2.6.16-rc1/include/linux/ipc.h 2004-08-14 12:54:46 +0200 +++ linux-2.6.16-rc1-vs2.1.0.9.4/include/linux/ipc.h 2006-01-21 18:28:03 +0100 @@ -66,6 +66,7 @@ struct kern_ipc_perm mode_t mode; unsigned long seq; void *security; + xid_t xid; }; #endif /* __KERNEL__ */ --- linux-2.6.16-rc1/include/linux/sched.h 2006-01-26 22:35:20 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/include/linux/sched.h 2006-01-29 02:45:26 +0100 @@ -66,7 +68,7 @@ ***** * List of flags we want to share for kernel threads, * if only because they are not used by them anyway. */ -#define CLONE_KERNEL (CLONE_FS | CLONE_FILES | CLONE_SIGHAND) +#define CLONE_KERNEL (CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_KTHREAD) /* * These are the constant used to fake the fixed-point load-average --- linux-2.6.16-rc1/include/linux/sched.h 2006-01-26 22:35:20 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/include/linux/sched.h 2006-01-29 02:45:26 +0100 @@ -513,9 +520,10 @@ struct user_struct { /* Hash table maintenance information */ struct list_head uidhash_list; uid_t uid; + xid_t xid; }; -extern struct user_struct *find_user(uid_t); +extern struct user_struct *find_user(xid_t, uid_t); extern struct user_struct root_user; #define INIT_USER (&root_user) --- linux-2.6.16-rc1/include/linux/sched.h 2006-01-26 22:35:20 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/include/linux/sched.h 2006-01-29 02:45:26 +0100 @@ -1028,7 +1050,7 @@ ***** extern void __set_special_pids(pid_t session, pid_t pgrp); /* per-UID process charging. */ -extern struct user_struct * alloc_uid(uid_t); +extern struct user_struct * alloc_uid(xid_t, uid_t); static inline struct user_struct *get_uid(struct user_struct *u) { atomic_inc(&u->__count); --- linux-2.6.16-rc1/ipc/msg.c 2006-01-26 22:35:32 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/ipc/msg.c 2006-01-21 18:28:03 +0100 @@ -100,6 +100,7 @@ static int newque (key_t key, int msgflg msq->q_perm.mode = (msgflg & S_IRWXUGO); msq->q_perm.key = key; + msq->q_perm.xid = vx_current_xid(); msq->q_perm.security = NULL; retval = security_msg_queue_alloc(msq); --- linux-2.6.16-rc1/ipc/msg.c 2006-01-26 22:35:32 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/ipc/msg.c 2006-01-21 18:28:03 +0100 @@ -815,6 +816,9 @@ static int sysvipc_msg_proc_show(struct { struct msg_queue *msq = it; + if (!vx_check(msq->q_perm.xid, VX_IDENT)) + return 0; + return seq_printf(s, "%10d %10d %4o %10lu %10lu %5u %5u %5u %5u %5u %5u %10lu %10lu %10lu\n", msq->q_perm.key, --- linux-2.6.16-rc1/ipc/sem.c 2006-01-26 22:35:32 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/ipc/sem.c 2006-01-21 18:28:03 +0100 @@ -75,6 +75,7 @@ #include #include #include +#include #include #include "util.h" --- linux-2.6.16-rc1/ipc/sem.c 2006-01-26 22:35:32 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/ipc/sem.c 2006-01-21 18:28:03 +0100 @@ -179,6 +180,7 @@ static int newary (key_t key, int nsems, sma->sem_perm.mode = (semflg & S_IRWXUGO); sma->sem_perm.key = key; + sma->sem_perm.xid = vx_current_xid(); sma->sem_perm.security = NULL; retval = security_sem_alloc(sma); --- linux-2.6.16-rc1/ipc/sem.c 2006-01-26 22:35:32 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/ipc/sem.c 2006-01-21 18:28:03 +0100 @@ -194,6 +196,8 @@ static int newary (key_t key, int nsems, return -ENOSPC; } used_sems += nsems; + vx_semary_inc(sma); + vx_nsems_add(sma, nsems); sma->sem_id = sem_buildid(id, sma->sem_perm.seq); sma->sem_base = (struct sem *) &sma[1]; --- linux-2.6.16-rc1/ipc/sem.c 2006-01-26 22:35:32 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/ipc/sem.c 2006-01-21 18:28:03 +0100 @@ -473,6 +477,8 @@ static void freeary (struct sem_array *s sem_unlock(sma); used_sems -= sma->sem_nsems; + vx_nsems_sub(sma, sma->sem_nsems); + vx_semary_dec(sma); size = sizeof (*sma) + sma->sem_nsems * sizeof (struct sem); security_sem_free(sma); ipc_rcu_putref(sma); --- linux-2.6.16-rc1/ipc/sem.c 2006-01-26 22:35:32 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/ipc/sem.c 2006-01-21 18:28:03 +0100 @@ -1337,6 +1343,9 @@ static int sysvipc_sem_proc_show(struct { struct sem_array *sma = it; + if (!vx_check(sma->sem_perm.xid, VX_IDENT)) + return 0; + return seq_printf(s, "%10d %10d %4o %10lu %5u %5u %5u %5u %10lu %10lu\n", sma->sem_perm.key, --- linux-2.6.16-rc1/ipc/shm.c 2006-01-26 22:35:32 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/ipc/shm.c 2006-01-21 18:28:14 +0100 @@ -894,6 +905,9 @@ static int sysvipc_shm_proc_show(struct #define SMALL_STRING "%10d %10d %4o %10u %5u %5u %5d %5u %5u %5u %5u %10lu %10lu %10lu\n" #define BIG_STRING "%10d %10d %4o %21u %5u %5u %5d %5u %5u %5u %5u %10lu %10lu %10lu\n" + if (!vx_check(shp->shm_perm.xid, VX_IDENT)) + return 0; + if (sizeof(size_t) <= sizeof(int)) format = SMALL_STRING; else --- linux-2.6.16-rc1/ipc/util.c 2006-01-26 22:35:32 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/ipc/util.c 2006-01-21 18:28:03 +0100 @@ -154,7 +154,9 @@ int ipc_findkey(struct ipc_ids* ids, key */ for (id = 0; id <= max_id; id++) { p = ids->entries->p[id]; - if(p==NULL) + if (p==NULL) + continue; + if (!vx_check(p->xid, VX_IDENT)) continue; if (key == p->key) return id; --- linux-2.6.16-rc1/ipc/util.c 2006-01-26 22:35:32 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/ipc/util.c 2006-01-21 18:28:03 +0100 @@ -468,6 +470,8 @@ int ipcperms (struct kern_ipc_perm *ipcp { /* flag will most probably be 0 or S_...UGO from */ int requested_mode, granted_mode; + if (!vx_check(ipcp->xid, VX_ADMIN|VX_IDENT)) /* maybe just VX_IDENT? */ + return -1; requested_mode = (flag >> 6) | (flag >> 3) | flag; granted_mode = ipcp->mode; if (current->euid == ipcp->cuid || current->euid == ipcp->uid) --- linux-2.6.16-rc1/kernel/fork.c 2006-01-26 22:35:32 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/kernel/fork.c 2006-01-21 18:28:17 +0100 @@ -104,6 +107,8 @@ static kmem_cache_t *mm_cachep; void free_task(struct task_struct *tsk) { free_thread_info(tsk->thread_info); + clr_vx_info(&tsk->vx_info); + clr_nx_info(&tsk->nx_info); free_task_struct(tsk); } EXPORT_SYMBOL(free_task); --- linux-2.6.16-rc1/kernel/fork.c 2006-01-26 22:35:32 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/kernel/fork.c 2006-01-21 18:28:17 +0100 @@ -875,6 +887,8 @@ static task_t *copy_process(unsigned lon { int retval; struct task_struct *p = NULL; + struct vx_info *vxi; + struct nx_info *nxi; if ((clone_flags & (CLONE_NEWNS|CLONE_FS)) == (CLONE_NEWNS|CLONE_FS)) return ERR_PTR(-EINVAL); --- linux-2.6.16-rc1/kernel/printk.c 2006-01-26 22:35:32 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/kernel/printk.c 2006-01-21 18:28:03 +0100 @@ -221,7 +223,7 @@ int do_syslog(int type, char __user *buf unsigned long i, j, limit, count; int do_clear = 0; char c; - int error = 0; + int error; error = security_syslog(type); if (error) --- linux-2.6.16-rc1/kernel/printk.c 2006-01-26 22:35:32 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/kernel/printk.c 2006-01-21 18:28:03 +0100 @@ -227,12 +229,7 @@ ***** if (error) return error; - switch (type) { - case 0: /* Close log */ - break; - case 1: /* Open log */ - break; - case 2: /* Read from log */ + if ((type >= 2) && (type <= 4)) { error = -EINVAL; if (!buf || len < 0) goto out; --- linux-2.6.16-rc1/kernel/printk.c 2006-01-26 22:35:32 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/kernel/printk.c 2006-01-21 18:28:03 +0100 @@ -243,6 +240,16 @@ int do_syslog(int type, char __user *buf error = -EFAULT; goto out; } + } + if (!vx_check(0, VX_ADMIN|VX_WATCH)) + return vx_do_syslog(type, buf, len); + + switch (type) { + case 0: /* Close log */ + break; + case 1: /* Open log */ + break; + case 2: /* Read from log */ error = wait_event_interruptible(log_wait, (log_start - log_end)); if (error) --- linux-2.6.16-rc1/kernel/printk.c 2006-01-26 22:35:32 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/kernel/printk.c 2006-01-21 18:28:03 +0100 @@ -267,16 +274,6 @@ int do_syslog(int type, char __user *buf do_clear = 1; /* FALL THRU */ case 3: /* Read last kernel messages */ - error = -EINVAL; - if (!buf || len < 0) - goto out; - error = 0; - if (!len) - goto out; - if (!access_ok(VERIFY_WRITE, buf, len)) { - error = -EFAULT; - goto out; - } count = len; if (count > log_buf_len) count = log_buf_len; --- linux-2.6.16-rc1/kernel/printk.c 2006-01-26 22:35:32 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/kernel/printk.c 2006-01-21 18:28:03 +0100 @@ -513,6 +510,7 @@ __attribute__((weak)) unsigned long long asmlinkage int printk(const char *fmt, ...) { + struct vx_info_save vxis; va_list args; int r; --- linux-2.6.16-rc1/kernel/printk.c 2006-01-26 22:35:32 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/kernel/printk.c 2006-01-21 18:28:03 +0100 @@ -517,7 +515,9 @@ ***** int r; va_start(args, fmt); + __enter_vx_admin(&vxis); r = vprintk(fmt, args); + __leave_vx_admin(&vxis); va_end(args); return r; --- linux-2.6.16-rc1/kernel/sys.c 2006-01-26 22:35:32 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/kernel/sys.c 2006-01-21 18:51:02 +0100 @@ -298,7 +305,8 @@ asmlinkage long sys_setpriority(int whic if (!who) who = current->uid; else - if ((who != current->uid) && !(user = find_user(who))) + if ((who != current->uid) && + !(user = find_user(vx_current_xid(), who))) goto out_unlock; /* No processes for this user */ do_each_thread(g, p) --- linux-2.6.16-rc1/kernel/sys.c 2006-01-26 22:35:32 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/kernel/sys.c 2006-01-21 18:51:02 +0100 @@ -356,7 +364,8 @@ asmlinkage long sys_getpriority(int whic if (!who) who = current->uid; else - if ((who != current->uid) && !(user = find_user(who))) + if ((who != current->uid) && + !(user = find_user(vx_current_xid(), who))) goto out_unlock; /* No processes for this user */ do_each_thread(g, p) --- linux-2.6.16-rc1/kernel/sys.c 2006-01-26 22:35:32 +0100 +++ linux-2.6.16-rc1-vs2.1.0.9.4/kernel/sys.c 2006-01-21 18:51:02 +0100 @@ -695,7 +709,7 @@ static int set_user(uid_t new_ruid, int { struct user_struct *new_user; - new_user = alloc_uid(new_ruid); + new_user = alloc_uid(vx_current_xid(), new_ruid); if (!new_user) return -EAGAIN; --- linux-2.6.16-rc1/kernel/user.c 2005-08-29 22:25:43 +0200 +++ linux-2.6.16-rc1-vs2.1.0.9.4/kernel/user.c 2006-01-21 18:28:03 +0100 @@ -22,8 +22,8 @@ #define UIDHASH_BITS (CONFIG_BASE_SMALL ? 3 : 8) #define UIDHASH_SZ (1 << UIDHASH_BITS) #define UIDHASH_MASK (UIDHASH_SZ - 1) -#define __uidhashfn(uid) (((uid >> UIDHASH_BITS) + uid) & UIDHASH_MASK) -#define uidhashentry(uid) (uidhash_table + __uidhashfn((uid))) +#define __uidhashfn(xid,uid) ((((uid) >> UIDHASH_BITS) + ((uid)^(xid))) & UIDHASH_MASK) +#define uidhashentry(xid,uid) (uidhash_table + __uidhashfn((xid),(uid))) static kmem_cache_t *uid_cachep; static struct list_head uidhash_table[UIDHASH_SZ]; --- linux-2.6.16-rc1/kernel/user.c 2005-08-29 22:25:43 +0200 +++ linux-2.6.16-rc1-vs2.1.0.9.4/kernel/user.c 2006-01-21 18:28:03 +0100 @@ -55,7 +55,7 @@ static inline void uid_hash_remove(struc list_del(&up->uidhash_list); } -static inline struct user_struct *uid_hash_find(uid_t uid, struct list_head *hashent) +static inline struct user_struct *uid_hash_find(xid_t xid, uid_t uid, struct list_head *hashent) { struct list_head *up; --- linux-2.6.16-rc1/kernel/user.c 2005-08-29 22:25:43 +0200 +++ linux-2.6.16-rc1-vs2.1.0.9.4/kernel/user.c 2006-01-21 18:28:03 +0100 @@ -64,7 +64,7 @@ static inline struct user_struct *uid_ha user = list_entry(up, struct user_struct, uidhash_list); - if(user->uid == uid) { + if(user->uid == uid && user->xid == xid) { atomic_inc(&user->__count); return user; } --- linux-2.6.16-rc1/kernel/user.c 2005-08-29 22:25:43 +0200 +++ linux-2.6.16-rc1-vs2.1.0.9.4/kernel/user.c 2006-01-21 18:28:03 +0100 @@ -79,7 +79,7 @@ static inline struct user_struct *uid_ha * * If the user_struct could not be found, return NULL. */ -struct user_struct *find_user(uid_t uid) +struct user_struct *find_user(xid_t xid, uid_t uid) { struct user_struct *ret; --- linux-2.6.16-rc1/kernel/user.c 2005-08-29 22:25:43 +0200 +++ linux-2.6.16-rc1-vs2.1.0.9.4/kernel/user.c 2006-01-21 18:28:03 +0100 @@ -84,7 +84,7 @@ ***** struct user_struct *ret; spin_lock(&uidhash_lock); - ret = uid_hash_find(uid, uidhashentry(uid)); + ret = uid_hash_find(xid, uid, uidhashentry(xid, uid)); spin_unlock(&uidhash_lock); return ret; } --- linux-2.6.16-rc1/kernel/user.c 2005-08-29 22:25:43 +0200 +++ linux-2.6.16-rc1-vs2.1.0.9.4/kernel/user.c 2006-01-21 18:28:03 +0100 @@ -100,9 +100,9 @@ void free_uid(struct user_struct *up) } } -struct user_struct * alloc_uid(uid_t uid) +struct user_struct * alloc_uid(xid_t xid, uid_t uid) { - struct list_head *hashent = uidhashentry(uid); + struct list_head *hashent = uidhashentry(xid, uid); struct user_struct *up; spin_lock(&uidhash_lock); --- linux-2.6.16-rc1/kernel/user.c 2005-08-29 22:25:43 +0200 +++ linux-2.6.16-rc1-vs2.1.0.9.4/kernel/user.c 2006-01-21 18:28:03 +0100 @@ -106,7 +106,7 @@ ***** struct user_struct *up; spin_lock(&uidhash_lock); - up = uid_hash_find(uid, hashent); + up = uid_hash_find(xid, uid, hashent); spin_unlock(&uidhash_lock); if (!up) { --- linux-2.6.16-rc1/kernel/user.c 2005-08-29 22:25:43 +0200 +++ linux-2.6.16-rc1-vs2.1.0.9.4/kernel/user.c 2006-01-21 18:28:03 +0100 @@ -116,6 +116,7 @@ struct user_struct * alloc_uid(uid_t uid if (!new) return NULL; new->uid = uid; + new->xid = xid; atomic_set(&new->__count, 1); atomic_set(&new->processes, 0); atomic_set(&new->files, 0); --- linux-2.6.16-rc1/kernel/user.c 2005-08-29 22:25:43 +0200 +++ linux-2.6.16-rc1-vs2.1.0.9.4/kernel/user.c 2006-01-21 18:28:03 +0100 @@ -138,7 +139,7 @@ struct user_struct * alloc_uid(uid_t uid * on adding the same user already.. */ spin_lock(&uidhash_lock); - up = uid_hash_find(uid, hashent); + up = uid_hash_find(xid, uid, hashent); if (up) { key_put(new->uid_keyring); key_put(new->session_keyring); --- linux-2.6.16-rc1/kernel/user.c 2005-08-29 22:25:43 +0200 +++ linux-2.6.16-rc1-vs2.1.0.9.4/kernel/user.c 2006-01-21 18:28:03 +0100 @@ -184,7 +185,7 @@ static int __init uid_cache_init(void) /* Insert the root user immediately (init already runs as root) */ spin_lock(&uidhash_lock); - uid_hash_insert(&root_user, uidhashentry(0)); + uid_hash_insert(&root_user, uidhashentry(0,0)); spin_unlock(&uidhash_lock); return 0;