r2517 - in trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian: . patches patches/series

Joshua Kwan joshk@costa.debian.org
Fri, 18 Feb 2005 00:18:16 +0100 

Author: joshk
Date: 2005-02-18 00:18:15 +0100 (Fri, 18 Feb 2005)
New Revision: 2517

Added:
   trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/025-track_dummy_capability.dpatch
   trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/027-track_dummy_capability-2.dpatch
Modified:
   trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
   trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-14
Log:
add root cap priv esclation hole fix from 2.6.10

Modified: trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
===================================================================
--- trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog	2005-02-17 23:12:56 UTC (rev 2516)
+++ trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog	2005-02-17 23:18:15 UTC (rev 2517)
@@ -34,12 +34,18 @@
   * au88x0-use-short-name.dpatch: Use CARD_SHORT_NAME in au88x0.c to allow
     card-specific driver names (CARD_SHORT_NAME is redefined by each driver.)
     (Joshua Kwan)
-  
+
   * proc-cmdline-mmput-leak.dpatch: [CAN-2004-1058] fix race that could
     allow user processes to read environment data from processes in the
     middle of spawning. (Joshua Kwan)
+  
+  * 025-track_dummy_capability.dpatch, 027-track_dummy_capability.dpatch:
+    [CAN-2004-1337] The dummy capabilities module wasn't keeping track of
+    processes capabilities; so, when a capabilities module was loaded,
+    all untracked processes would magically be given root capabilities.
+    Backport from 2.6.10's kernel-source. (Joshua Kwan)
 
- -- Joshua Kwan <joshk@triplehelix.org>  Thu, 17 Feb 2005 12:27:56 -0800
+ -- Joshua Kwan <joshk@triplehelix.org>  Thu, 17 Feb 2005 15:15:00 -0800
 
 kernel-source-2.6.8 (2.6.8-13) unstable; urgency=high
 

Added: trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/025-track_dummy_capability.dpatch
===================================================================
--- trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/025-track_dummy_capability.dpatch	2005-02-17 23:12:56 UTC (rev 2516)
+++ trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/025-track_dummy_capability.dpatch	2005-02-17 23:18:15 UTC (rev 2517)
@@ -0,0 +1,61 @@
+#! /bin/sh -e
+## <PATCHNAME>.dpatch by <PATCH_AUTHOR@EMAI>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Description: [PATCH] track capabilities in default dummy security module code
+## DP: Patch author: chrisw@osdl.org
+## DP: Upstream status: backported
+
+. $(dirname $0)/DPATCH
+
+@DPATCH@
+# This is a BitKeeper generated diff -Nru style patch.
+#
+# ChangeSet
+#   2005/01/04 13:54:13-08:00 chrisw@osdl.org 
+#   [PATCH] track capabilities in default dummy security module code
+#   
+#   Switch dummy logic around to set cap_* bits during exec and set*uid based
+#   on basic uid check.  Then check cap_* bits during capable() (rather than
+#   doing basic uid check).  This ensures that capability bits are properly
+#   initialized in case the capability module is later loaded.
+#   
+#   Signed-off-by: Chris Wright <chrisw@osdl.org>
+#   Signed-off-by: Linus Torvalds <torvalds@osdl.org>
+# 
+# security/dummy.c
+#   2005/01/04 13:14:10-08:00 chrisw@osdl.org +3 -4
+#   track capabilities in default dummy security module code
+# 
+diff -Nru a/security/dummy.c b/security/dummy.c
+--- a/security/dummy.c	2005-01-04 20:00:14 -08:00
++++ b/security/dummy.c	2005-01-04 20:00:14 -08:00
+@@ -74,11 +74,8 @@
+ 
+ static int dummy_capable (struct task_struct *tsk, int cap)
+ {
+-	if (cap_is_fs_cap (cap) ? tsk->fsuid == 0 : tsk->euid == 0)
+-		/* capability granted */
++	if (cap_raised (tsk->cap_effective, cap))
+ 		return 0;
+-
+-	/* capability denied */
+ 	return -EPERM;
+ }
+ 
+@@ -183,6 +180,7 @@
+ 
+ static void dummy_bprm_free_security (struct linux_binprm *bprm)
+ {
++	dummy_capget(current, &current->cap_effective, &current->cap_inheritable, &current->cap_permitted);
+ 	return;
+ }
+ 
+@@ -558,6 +556,7 @@
+ 
+ static int dummy_task_post_setuid (uid_t id0, uid_t id1, uid_t id2, int flags)
+ {
++	dummy_capget(current, &current->cap_effective, &current->cap_inheritable, &current->cap_permitted);
+ 	return 0;
+ }
+ 

Added: trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/027-track_dummy_capability-2.dpatch
===================================================================
--- trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/027-track_dummy_capability-2.dpatch	2005-02-17 23:12:56 UTC (rev 2516)
+++ trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/027-track_dummy_capability-2.dpatch	2005-02-17 23:18:15 UTC (rev 2517)
@@ -0,0 +1,50 @@
+#! /bin/sh -e
+## <PATCHNAME>.dpatch by <PATCH_AUTHOR@EMAI>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Description: [PATCH] fix up dummy security module code merge
+## DP: Patch author: chrisw@osdl.org
+## DP: Upstream status: backported
+
+. $(dirname $0)/DPATCH
+
+@DPATCH@
+# This is a BitKeeper generated diff -Nru style patch.
+#
+# ChangeSet
+#   2005/01/04 15:59:03-08:00 chrisw@osdl.org 
+#   [PATCH] fix up dummy security module code merge
+#   
+#   OK, somehow I managed to botch this one.  It happens to work fine, but I
+#   should have been more careful with forward porting this 1+ year old patch.
+#   The exec-time calc should go in bprm_apply_creds, not bprm_free_security.
+#   
+#   Thanks to Stephen for spotting my mistake.
+#   
+#   Signed-off-by: Chris Wright <chrisw@osdl.org>
+#   Signed-off-by: Linus Torvalds <torvalds@osdl.org>
+# 
+# security/dummy.c
+#   2005/01/04 14:45:31-08:00 chrisw@osdl.org +2 -1
+#   fix up dummy security module code merge
+# 
+diff -Nru a/security/dummy.c b/security/dummy.c
+--- a/security/dummy.c	2005-01-04 20:05:02 -08:00
++++ b/security/dummy.c	2005-01-04 20:05:02 -08:00
+@@ -180,7 +180,6 @@
+ 
+ static void dummy_bprm_free_security (struct linux_binprm *bprm)
+ {
+-	dummy_capget(current, &current->cap_effective, &current->cap_inheritable, &current->cap_permitted);
+ 	return;
+ }
+ 
+@@ -197,6 +196,8 @@
+ 
+ 	current->suid = current->euid = current->fsuid = bprm->e_uid;
+ 	current->sgid = current->egid = current->fsgid = bprm->e_gid;
++
++	dummy_capget(current, &current->cap_effective, &current->cap_inheritable, &current->cap_permitted);
+ }
+ 
+ static int dummy_bprm_set_security (struct linux_binprm *bprm)

Modified: trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-14
===================================================================
--- trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-14	2005-02-17 23:12:56 UTC (rev 2516)
+++ trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-14	2005-02-17 23:18:15 UTC (rev 2517)
@@ -9,3 +9,5 @@
 + sparc64-nis-killer.dpatch
 + au88x0-use-short-name.dpatch
 + proc-cmdline-mmput-leak.dpatch 
++ 025-track_dummy_capability.dpatch
++ 027-track_dummy_capability-2.dpatch