userns: Fix ABI change in 3.16.7-ckt4

The fix for CVE-2014-8989 added a new member to struct user_namespace.
This is always allocated, and the new member is always used, in
non-modular code.  Move it to the end of the structure and hide it
from genksyms.

Also hide the new #include in kernel/groups.c.

Gbp-Pq: Topic debian
Gbp-Pq: Name userns-fix-abi-change-in-3.16.7-ckt4.patch

diff --git a/include/linux/user_namespace.h b/include/linux/user_namespace.h
index e92abf9e796fa6b5205f67870e8e15d9e2c80d90..828ac220cfff557cd58e180adad81a6b9ab91157 100644 (file)
--- a/include/linux/user_namespace.h
+++ b/include/linux/user_namespace.h
@@ -31,13 +31,16 @@ struct user_namespace {
        kuid_t                  owner;
        kgid_t                  group;
        unsigned int            proc_inum;
-       unsigned long           flags;
 
        /* Register of per-UID persistent keyrings for this namespace */
 #ifdef CONFIG_PERSISTENT_KEYRINGS
        struct key              *persistent_keyring_register;
        struct rw_semaphore     persistent_keyring_register_sem;
 #endif
+
+#ifndef __GENKSYMS__
+       unsigned long           flags;
+#endif
 };
 
 extern struct user_namespace init_user_ns;

diff --git a/kernel/groups.c b/kernel/groups.c
index 664411f171b59a9cfb7a8b9c8c843ab1ea3a908b..0d65405490e34367156a89c6470447e41f34bc89 100644 (file)
--- a/kernel/groups.c
+++ b/kernel/groups.c
@@ -6,7 +6,9 @@
 #include <linux/slab.h>
 #include <linux/security.h>
 #include <linux/syscalls.h>
+#ifndef __GENKSYMS__
 #include <linux/user_namespace.h>
+#endif
 #include <asm/uaccess.h>
 
 /* init to 2 - one for init_task, one to ensure it is never freed */