r1899 - in trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian: . patches patches/series
Bastian Blank
waldi@haydn.debian.org
Wed, 24 Nov 2004 14:20:36 -0700
Author: waldi
Date: 2004-11-24 14:19:58 -0700 (Wed, 24 Nov 2004)
New Revision: 1899
Added:
trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/s390-build-sclp-fix.dpatch
trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/s390-export-copy_in_user.dpatch
Modified:
trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/s390-sacf-fix.dpatch
trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-10
Log:
* s390: Export copy_in_user.
* s390: Fix sclp build.
Modified: trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
===================================================================
--- trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog 2004-11-24 21:12:25 UTC (rev 1898)
+++ trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog 2004-11-24 21:19:58 UTC (rev 1899)
@@ -9,10 +9,16 @@
* Make sparc32-initrd-memcpy.dpatch just the diff, not the mail message
that came with it. (Joshua Kwan)
- * [SECURITY] Fix s390 local root exploit (CAN-2004-0887) (Andres Salomon).
+ * [SECURITY] s390: Fix for local root exploit: Force user process back to
+ home space mode in space switch event exception handler. (CAN-2004-0887)
+ (Bastian Blank)
- -- Joshua Kwan <joshk@triplehelix.org> Wed, 24 Nov 2004 11:58:57 -0800
+ * s390: Export copy_in_user. (Bastian Blank)
+ * s390: Fix sclp build. (Bastian Blank)
+
+ -- Bastian Blank <waldi@debian.org> Wed, 24 Nov 2004 20:20:55 +0100
+
kernel-source-2.6.8 (2.6.8-9) unstable; urgency=high
* [SECURITY] Fix problems in binfmt_elf and binfmt_aout loaders; see
Added: trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/s390-build-sclp-fix.dpatch
===================================================================
--- trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/s390-build-sclp-fix.dpatch 2004-11-24 21:12:25 UTC (rev 1898)
+++ trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/s390-build-sclp-fix.dpatch 2004-11-24 21:19:58 UTC (rev 1899)
@@ -0,0 +1,35 @@
+#! /bin/sh -e
+## <PATCHNAME>.dpatch by <PATCH_AUTHOR@EMAI>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Description: Fix sclp build
+## DP: Patch author: Bastian Blank <waldi@debian.org>
+## DP: Upstream status: accepted
+
+. $(dirname $0)/DPATCH
+
+@DPATCH@
+diff -ur linux-2.6.9-rc3.orig/drivers/s390/char/sclp_tty.c linux-2.6.9-rc3/drivers/s390/char/sclp_tty.c
+--- linux-2.6.9-rc3.orig/drivers/s390/char/sclp_tty.c 2004-10-03 20:37:30.000000000 +0000
++++ linux-2.6.9-rc3/drivers/s390/char/sclp_tty.c 2004-10-03 18:16:39.000000000 +0000
+@@ -277,7 +277,7 @@
+ wake_up(&sclp_tty_waitq);
+ /* check if the tty needs a wake up call */
+ if (sclp_tty != NULL) {
+- tty_wakeup(tty);
++ tty_wakeup(sclp_tty);
+ }
+ }
+
+diff -ur linux-2.6.9-rc3.orig/drivers/s390/char/sclp_vt220.c linux-2.6.9-rc3/drivers/s390/char/sclp_vt220.c
+--- linux-2.6.9-rc3.orig/drivers/s390/char/sclp_vt220.c 2004-10-03 20:37:30.000000000 +0000
++++ linux-2.6.9-rc3/drivers/s390/char/sclp_vt220.c 2004-10-03 18:17:52.000000000 +0000
+@@ -139,7 +139,7 @@
+ wake_up(&sclp_vt220_waitq);
+ /* Check if the tty needs a wake up call */
+ if (sclp_vt220_tty != NULL) {
+- tty_wakeup(tty);
++ tty_wakeup(sclp_vt220_tty);
+ }
+ }
+
Added: trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/s390-export-copy_in_user.dpatch
===================================================================
--- trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/s390-export-copy_in_user.dpatch 2004-11-24 21:12:25 UTC (rev 1898)
+++ trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/s390-export-copy_in_user.dpatch 2004-11-24 21:19:58 UTC (rev 1899)
@@ -0,0 +1,21 @@
+#! /bin/sh -e
+## <PATCHNAME>.dpatch by <PATCH_AUTHOR@EMAI>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Description: Export copy_in_user
+## DP: Patch author: Bastian Blank <waldi@debian.org>
+## DP: Upstream status: accepted
+
+. $(dirname $0)/DPATCH
+
+@DPATCH@
+--- a/arch/s390/kernel/s390_ksyms.c 2004-08-14 05:37:15.000000000 +0000
++++ b/arch/s390/kernel/s390_ksyms.c 2004-09-01 16:21:14.000000000 +0000
+@@ -29,6 +29,7 @@
+ EXPORT_SYMBOL_NOVERS(_sb_findmap);
+ EXPORT_SYMBOL_NOVERS(__copy_from_user_asm);
+ EXPORT_SYMBOL_NOVERS(__copy_to_user_asm);
++EXPORT_SYMBOL_NOVERS(__copy_in_user_asm);
+ EXPORT_SYMBOL_NOVERS(__clear_user_asm);
+ EXPORT_SYMBOL_NOVERS(__strncpy_from_user_asm);
+ EXPORT_SYMBOL_NOVERS(__strnlen_user_asm);
Modified: trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/s390-sacf-fix.dpatch
===================================================================
--- trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/s390-sacf-fix.dpatch 2004-11-24 21:12:25 UTC (rev 1898)
+++ trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/s390-sacf-fix.dpatch 2004-11-24 21:19:58 UTC (rev 1899)
@@ -2,50 +2,34 @@
## <PATCHNAME>.dpatch by <PATCH_AUTHOR@EMAI>
##
## All lines beginning with `## DP:' are a description of the patch.
-## DP: Description: s390: sacf local root exploit (CAN-2004-0887)
-## DP: Patch author: Martin Schwidefsky <schwidefsky@de.ibm.com>; backported to 2.6.8 by Andres Salomon
+## DP: Description: s390: Force user process back to home space mode in space switch event exception handler.
+## DP: Reference: CAN-2004-0887
+## DP: Patch author: Martin Schwidefsky <schwidefsky@de.ibm.com>
## DP: Upstream status: backport
. $(dirname $0)/DPATCH
@DPATCH@
-# This is a BitKeeper generated diff -Nru style patch.
-#
-# ChangeSet
-# 2004/10/25 18:09:17-07:00 schwidefsky@de.ibm.com
-# [PATCH] s390: sacf local root exploit (CAN-2004-0887)
-#
-# s390 core changes:
-# - Force user process back to home space mode in space switch event
-# exception handler.
-#
-# Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
-# Signed-off-by: Andrew Morton <akpm@osdl.org>
-# Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-#
-# arch/s390/kernel/traps.c
-# 2004/10/25 13:18:42-07:00 schwidefsky@de.ibm.com +16 -1
-# s390: sacf local root exploit (CAN-2004-0887)
-#
---- a/arch/s390/kernel/traps.c 2004-11-24 15:17:52.000000000 -0500
-+++ b/arch/s390/kernel/traps.c 2004-11-24 15:20:31.000000000 -0500
+diff -urN linux-2.6/arch/s390/kernel/traps.c linux-2.6-patched/arch/s390/kernel/traps.c
+--- linux-2.6/arch/s390/kernel/traps.c 2004-10-22 13:51:45.000000000 +0200
++++ linux-2.6-patched/arch/s390/kernel/traps.c 2004-10-22 13:52:04.000000000 +0200
@@ -591,6 +591,20 @@
}
}
+asmlinkage void space_switch_exception(struct pt_regs * regs, long int_code)
+{
-+ siginfo_t info;
++ siginfo_t info;
+
+ /* Set user psw back to home space mode. */
+ if (regs->psw.mask & PSW_MASK_PSTATE)
+ regs->psw.mask |= PSW_ASC_HOME;
+ /* Send SIGILL. */
-+ info.si_signo = SIGILL;
-+ info.si_errno = 0;
-+ info.si_code = ILL_PRVOPC;
-+ info.si_addr = get_check_address(regs);
-+ do_trap(int_code, SIGILL, "space switch event", regs, &info);
++ info.si_signo = SIGILL;
++ info.si_errno = 0;
++ info.si_code = ILL_PRVOPC;
++ info.si_addr = get_check_address(regs);
++ do_trap(int_code, SIGILL, "space switch event", regs, &info);
+}
Modified: trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-10
===================================================================
--- trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-10 2004-11-24 21:12:25 UTC (rev 1898)
+++ trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-10 2004-11-24 21:19:58 UTC (rev 1899)
@@ -1,3 +1,5 @@
+ aic7xxx-delay_h-update.dpatch
+ tty-locking-fixes9.dpatch
+ s390-sacf-fix.dpatch
++ s390-export-copy_in_user.dpatch
++ s390-build-sclp-fix.dpatch