From 1c7d6584a7811b7785ae5c1e378f14b5ba0971cf Mon Sep 17 00:00:00 2001
From: takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp>
Date: Mon, 2 Nov 2020 11:07:33 +0900
Subject: basesystem-jj recipes

---
 .../add-non-owned-item-for-safe-transitioning.patch        | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 bsp/meta-renesas/meta-rcar-gen3/recipes-core/systemd/systemd/add-non-owned-item-for-safe-transitioning.patch

(limited to 'bsp/meta-renesas/meta-rcar-gen3/recipes-core/systemd/systemd')

diff --git a/bsp/meta-renesas/meta-rcar-gen3/recipes-core/systemd/systemd/add-non-owned-item-for-safe-transitioning.patch b/bsp/meta-renesas/meta-rcar-gen3/recipes-core/systemd/systemd/add-non-owned-item-for-safe-transitioning.patch
new file mode 100644
index 00000000..631db30e
--- /dev/null
+++ b/bsp/meta-renesas/meta-rcar-gen3/recipes-core/systemd/systemd/add-non-owned-item-for-safe-transitioning.patch
@@ -0,0 +1,14 @@
+diff --git a/src/basic/fs-util.c b/src/basic/fs-util.c
+index b2ac648..553a77a 100644
+--- a/src/basic/fs-util.c
++++ b/src/basic/fs-util.c
+@@ -668,6 +668,9 @@ static bool unsafe_transition(const struct stat *a, const struct stat *b) {
+         if (a->st_uid == 0) /* Transitioning from privileged to unprivileged is always fine */
+                 return false;
+ 
++        if (b->st_uid == 65534) /* Transitioning to a non-owned is OK too */
++                return false;
++
+         return a->st_uid != b->st_uid; /* Otherwise we need to stay within the same UID */
+ }
+ 
-- 
cgit 1.2.3-korg