[hardy, lucid, lucid/fsl-imx51, maverick, maverick/ti-omap4, natty, natty/ti-omap4, oneiric, oneiric/ti-omap4 CVE 1/1] Make TASKSTATS require root access

[Andy Whitcroft]

From: Linus Torvalds <torvalds at linux-foundation.org>

Ok, this isn't optimal, since it means that 'iotop' needs admin
capabilities, and we may have to work on this some more.  But at the
same time it is very much not acceptable to let anybody just read
anybody elses IO statistics quite at this level.

Use of the GENL_ADMIN_PERM suggested by Johannes Berg as an alternative
to checking the capabilities by hand.

Reported-by: Vasiliy Kulikov <segoon at openwall.com>
Cc: Johannes Berg <johannes.berg at intel.com>
Acked-by: Balbir Singh <bsingharora at gmail.com>
Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>

(cherry picked from commit 1a51410abe7d0ee4b1d112780f46df87d3621043)
CVE-2011-2494
BugLink: http://bugs.launchpad.net/bugs/866021
Signed-off-by: Andy Whitcroft <apw at canonical.com>
---
 kernel/taskstats.c |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/kernel/taskstats.c b/kernel/taskstats.c
index 99e20d1..c9abf5b 100644
--- a/kernel/taskstats.c
+++ b/kernel/taskstats.c
@@ -583,6 +583,7 @@ static struct genl_ops taskstats_ops = {
 	.cmd		= TASKSTATS_CMD_GET,
 	.doit		= taskstats_user_cmd,
 	.policy		= taskstats_cmd_get_policy,
+	.flags		= GENL_ADMIN_PERM,
 };
 
 static struct genl_ops cgroupstats_ops = {
-- 
1.7.4.1