diff --git a/local/patches/kernel/P27-capability-bitmask.patch b/local/patches/kernel/P27-capability-bitmask.patch index e456abed16..0612955318 100644 --- a/local/patches/kernel/P27-capability-bitmask.patch +++ b/local/patches/kernel/P27-capability-bitmask.patch @@ -1,5 +1,5 @@ diff --git a/src/context/context.rs b/src/context/context.rs -index 6d723f4..a0825ac 100644 +index 6d723f4..836ce25 100644 --- a/src/context/context.rs +++ b/src/context/context.rs @@ -153,0 +154,3 @@ pub struct Context { @@ -13,7 +13,10 @@ index 6d723f4..a0825ac 100644 + } +} + -@@ -485,0 +495 @@ impl Context { +@@ -210,0 +220,2 @@ impl Context { ++ caps: 0, ++ +@@ -485,0 +497 @@ impl Context { + caps: self.caps, diff --git a/src/scheme/acpi.rs b/src/scheme/acpi.rs index 5d73469..7e1558a 100644 diff --git a/local/patches/userutils/P6-login-privilege-drop.patch b/local/patches/userutils/P6-login-privilege-drop.patch index 70906c4576..fa4ccc31de 100644 --- a/local/patches/userutils/P6-login-privilege-drop.patch +++ b/local/patches/userutils/P6-login-privilege-drop.patch @@ -1,14 +1,14 @@ diff --git a/src/bin/login.rs b/src/bin/login.rs -index 022fb47..a2807b2 100644 +index 022fb47..6e1fda6 100644 --- a/src/bin/login.rs +++ b/src/bin/login.rs -@@ -13,0 +14,3 @@ use userutils::spawn_shell; +@@ -8,0 +9,3 @@ use std::str; +#[cfg(target_os = "redox")] +use redox_rt::sys::{posix_setresugid, Resugid}; + @@ -38 +41 @@ const MOTD_FILE: &'static str = "/etc/motd"; -const DEFAULT_SCHEMES: [&'static str; 26] = [ -+const DEFAULT_SCHEMES: [&'static str; 29] = [ ++const DEFAULT_SCHEMES: [&'static str; 28] = [ @@ -65 +68,2 @@ const DEFAULT_SCHEMES: [&'static str; 26] = [ - // Display schemes + // Display schemes (DRM/KMS path for GPU drivers) @@ -19,14 +19,14 @@ index 022fb47..a2807b2 100644 @@ -92,0 +99,17 @@ pub fn apply_login_schemes( +#[cfg(target_os = "redox")] +fn drop_privileges(user: &User) -> Result<()> { -+ posix_setresugid(&Resugid { -+ ruid: Some(user.uid), -+ euid: Some(user.uid), -+ suid: Some(user.uid), -+ rgid: Some(user.gid), -+ egid: Some(user.gid), -+ sgid: Some(user.gid), -+ }) ++ Ok(posix_setresugid(&Resugid { ++ ruid: Some(user.uid as u32), ++ euid: Some(user.uid as u32), ++ suid: Some(user.uid as u32), ++ rgid: Some(user.gid as u32), ++ egid: Some(user.gid as u32), ++ sgid: Some(user.gid as u32), ++ })?) +} + +#[cfg(not(target_os = "redox"))] @@ -34,10 +34,9 @@ index 022fb47..a2807b2 100644 + Ok(()) +} + -@@ -177,0 +201,2 @@ pub fn main() { -+ +@@ -177,0 +201 @@ pub fn main() { + drop_privileges(user).unwrap_or_exit(1); -@@ -200,0 +226,10 @@ pub fn main() { +@@ -200,0 +225,9 @@ pub fn main() { + let before_ns_fd = + apply_login_schemes(user, &DEFAULT_SCHEMES).unwrap_or_exit(1); + @@ -46,11 +45,9 @@ index 022fb47..a2807b2 100644 + syscall::F_SETFD, + syscall::O_CLOEXEC, + ); -+ + drop_privileges(user).unwrap_or_exit(1); -@@ -201,0 +237,5 @@ pub fn main() { +@@ -201,0 +235,4 @@ pub fn main() { + let _ = syscall::fcntl(before_ns_fd.raw(), syscall::F_SETFD, 0); + let _ = libredox::call::close( -+ libredox::call::setns(before_ns_fd.into_raw()) -+ .unwrap_or_exit(1), ++ libredox::call::setns(before_ns_fd.into_raw()).unwrap_or_exit(1), + );