r1992 - in trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian: . patches patches/series

Dann Frazier dannf@haydn.debian.org
Mon, 13 Dec 2004 20:29:27 -0700 

Author: dannf
Date: 2004-12-13 20:29:10 -0700 (Mon, 13 Dec 2004)
New Revision: 1992

Added:
   trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/113-unix-serialization.diff
   trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-7
Modified:
   trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
Log:
Start work on 2.4.27-7; Add unix serialization security patch

Modified: trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog
===================================================================
--- trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog	2004-12-13 14:22:28 UTC (rev 1991)
+++ trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/changelog	2004-12-14 03:29:10 UTC (rev 1992)
@@ -1,3 +1,10 @@
+kernel-source-2.4.27 (2.4.27-7) UNRELEASED; urgency=low
+
+  * Security: Add missing serialization to unix_dgram_recvmsg() which otherwise
+    could lead to elevated previleges (CAN-2004-1068) (dann frazier)
+
+ -- dann frazier <dannf@debian.org>  Mon, 13 Dec 2004 20:24:20 -0700
+
 kernel-source-2.4.27 (2.4.27-6) unstable; urgency=low
 
   * Split out many monolithic diffs into smaller diffs for easy submission

Added: trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/113-unix-serialization.diff
===================================================================
--- trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/113-unix-serialization.diff	2004-12-13 14:22:28 UTC (rev 1991)
+++ trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/113-unix-serialization.diff	2004-12-14 03:29:10 UTC (rev 1992)
@@ -0,0 +1,37 @@
+# This is a BitKeeper generated diff -Nru style patch.
+#
+# ChangeSet
+#   2004/11/15 14:06:05-08:00 davem@nuts.davemloft.net 
+#   [AF_UNIX]: Serialize dgram read using semaphore just like stream.
+#   
+#   Signed-off-by: David S. Miller <davem@davemloft.net>
+# 
+# net/unix/af_unix.c
+#   2004/11/15 14:05:55-08:00 davem@nuts.davemloft.net +5 -1
+#   [AF_UNIX]: Serialize dgram read using semaphore just like stream.
+# 
+diff -Nru a/net/unix/af_unix.c b/net/unix/af_unix.c
+--- a/net/unix/af_unix.c	2004-12-13 19:12:05 -08:00
++++ b/net/unix/af_unix.c	2004-12-13 19:12:05 -08:00
+@@ -1403,9 +1403,11 @@
+ 
+ 	msg->msg_namelen = 0;
+ 
++	down(&sk->protinfo.af_unix.readsem);
++
+ 	skb = skb_recv_datagram(sk, flags, noblock, &err);
+ 	if (!skb)
+-		goto out;
++		goto out_unlock;
+ 
+ 	wake_up_interruptible(&sk->protinfo.af_unix.peer_wait);
+ 
+@@ -1449,6 +1451,8 @@
+ 
+ out_free:
+ 	skb_free_datagram(sk,skb);
++out_unlock:
++	up(&sk->protinfo.af_unix.readsem);
+ out:
+ 	return err;
+ }

Added: trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-7
===================================================================
--- trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-7	2004-12-13 14:22:28 UTC (rev 1991)
+++ trunk/kernel-2.4/source/kernel-source-2.4.27-2.4.27/debian/patches/series/2.4.27-7	2004-12-14 03:29:10 UTC (rev 1992)
@@ -0,0 +1 @@
++ 113-unix-serialization.diff