r2518 - in trunk/kernel/source/kernel-source-2.6.9-2.6.9/debian: . patches patches/series

Joshua Kwan joshk@costa.debian.org
Fri, 18 Feb 2005 00:22:06 +0100 

Author: joshk
Date: 2005-02-18 00:22:05 +0100 (Fri, 18 Feb 2005)
New Revision: 2518

Added:
   trunk/kernel/source/kernel-source-2.6.9-2.6.9/debian/patches/025-track_dummy_capability.dpatch
   trunk/kernel/source/kernel-source-2.6.9-2.6.9/debian/patches/027-track_dummy_capability-2.dpatch
Modified:
   trunk/kernel/source/kernel-source-2.6.9-2.6.9/debian/changelog
   trunk/kernel/source/kernel-source-2.6.9-2.6.9/debian/patches/series/2.6.9-6
Log:
2.6.9 as well

Modified: trunk/kernel/source/kernel-source-2.6.9-2.6.9/debian/changelog
===================================================================
--- trunk/kernel/source/kernel-source-2.6.9-2.6.9/debian/changelog	2005-02-17 23:18:15 UTC (rev 2517)
+++ trunk/kernel/source/kernel-source-2.6.9-2.6.9/debian/changelog	2005-02-17 23:22:05 UTC (rev 2518)
@@ -36,8 +36,14 @@
     closes: #295627 (Joshua Kwan)
 
   * proc-cmdline-mmput-leak.dpatch: [CAN-2004-1058] fix race that could             allow user processes to read environment data from processes in the             middle of spawning. (Joshua Kwan)
+  
+  * 025-track_dummy_capability.dpatch, 027-track_dummy_capability.dpatch:
+    [CAN-2004-1337] The dummy capabilities module wasn't keeping track of
+    processes capabilities; so, when a capabilities module was loaded,
+    all untracked processes would magically be given root capabilities.
+    Backport from 2.6.10's kernel-source. (Joshua Kwan)
 
- -- Joshua Kwan <joshk@triplehelix.org>  Wed, 16 Feb 2005 17:50:54 -0800
+ -- Joshua Kwan <joshk@triplehelix.org>  Thu, 17 Feb 2005 15:21:40 -0800
 
 kernel-source-2.6.9 (2.6.9-5) unstable; urgency=low
 

Added: trunk/kernel/source/kernel-source-2.6.9-2.6.9/debian/patches/025-track_dummy_capability.dpatch
===================================================================
--- trunk/kernel/source/kernel-source-2.6.9-2.6.9/debian/patches/025-track_dummy_capability.dpatch	2005-02-17 23:18:15 UTC (rev 2517)
+++ trunk/kernel/source/kernel-source-2.6.9-2.6.9/debian/patches/025-track_dummy_capability.dpatch	2005-02-17 23:22:05 UTC (rev 2518)
@@ -0,0 +1,61 @@
+#! /bin/sh -e
+## <PATCHNAME>.dpatch by <PATCH_AUTHOR@EMAI>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Description: [PATCH] track capabilities in default dummy security module code
+## DP: Patch author: chrisw@osdl.org
+## DP: Upstream status: backported
+
+. $(dirname $0)/DPATCH
+
+@DPATCH@
+# This is a BitKeeper generated diff -Nru style patch.
+#
+# ChangeSet
+#   2005/01/04 13:54:13-08:00 chrisw@osdl.org 
+#   [PATCH] track capabilities in default dummy security module code
+#   
+#   Switch dummy logic around to set cap_* bits during exec and set*uid based
+#   on basic uid check.  Then check cap_* bits during capable() (rather than
+#   doing basic uid check).  This ensures that capability bits are properly
+#   initialized in case the capability module is later loaded.
+#   
+#   Signed-off-by: Chris Wright <chrisw@osdl.org>
+#   Signed-off-by: Linus Torvalds <torvalds@osdl.org>
+# 
+# security/dummy.c
+#   2005/01/04 13:14:10-08:00 chrisw@osdl.org +3 -4
+#   track capabilities in default dummy security module code
+# 
+diff -Nru a/security/dummy.c b/security/dummy.c
+--- a/security/dummy.c	2005-01-04 20:00:14 -08:00
++++ b/security/dummy.c	2005-01-04 20:00:14 -08:00
+@@ -74,11 +74,8 @@
+ 
+ static int dummy_capable (struct task_struct *tsk, int cap)
+ {
+-	if (cap_is_fs_cap (cap) ? tsk->fsuid == 0 : tsk->euid == 0)
+-		/* capability granted */
++	if (cap_raised (tsk->cap_effective, cap))
+ 		return 0;
+-
+-	/* capability denied */
+ 	return -EPERM;
+ }
+ 
+@@ -183,6 +180,7 @@
+ 
+ static void dummy_bprm_free_security (struct linux_binprm *bprm)
+ {
++	dummy_capget(current, &current->cap_effective, &current->cap_inheritable, &current->cap_permitted);
+ 	return;
+ }
+ 
+@@ -558,6 +556,7 @@
+ 
+ static int dummy_task_post_setuid (uid_t id0, uid_t id1, uid_t id2, int flags)
+ {
++	dummy_capget(current, &current->cap_effective, &current->cap_inheritable, &current->cap_permitted);
+ 	return 0;
+ }
+ 

Added: trunk/kernel/source/kernel-source-2.6.9-2.6.9/debian/patches/027-track_dummy_capability-2.dpatch
===================================================================
--- trunk/kernel/source/kernel-source-2.6.9-2.6.9/debian/patches/027-track_dummy_capability-2.dpatch	2005-02-17 23:18:15 UTC (rev 2517)
+++ trunk/kernel/source/kernel-source-2.6.9-2.6.9/debian/patches/027-track_dummy_capability-2.dpatch	2005-02-17 23:22:05 UTC (rev 2518)
@@ -0,0 +1,50 @@
+#! /bin/sh -e
+## <PATCHNAME>.dpatch by <PATCH_AUTHOR@EMAI>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Description: [PATCH] fix up dummy security module code merge
+## DP: Patch author: chrisw@osdl.org
+## DP: Upstream status: backported
+
+. $(dirname $0)/DPATCH
+
+@DPATCH@
+# This is a BitKeeper generated diff -Nru style patch.
+#
+# ChangeSet
+#   2005/01/04 15:59:03-08:00 chrisw@osdl.org 
+#   [PATCH] fix up dummy security module code merge
+#   
+#   OK, somehow I managed to botch this one.  It happens to work fine, but I
+#   should have been more careful with forward porting this 1+ year old patch.
+#   The exec-time calc should go in bprm_apply_creds, not bprm_free_security.
+#   
+#   Thanks to Stephen for spotting my mistake.
+#   
+#   Signed-off-by: Chris Wright <chrisw@osdl.org>
+#   Signed-off-by: Linus Torvalds <torvalds@osdl.org>
+# 
+# security/dummy.c
+#   2005/01/04 14:45:31-08:00 chrisw@osdl.org +2 -1
+#   fix up dummy security module code merge
+# 
+diff -Nru a/security/dummy.c b/security/dummy.c
+--- a/security/dummy.c	2005-01-04 20:05:02 -08:00
++++ b/security/dummy.c	2005-01-04 20:05:02 -08:00
+@@ -180,7 +180,6 @@
+ 
+ static void dummy_bprm_free_security (struct linux_binprm *bprm)
+ {
+-	dummy_capget(current, &current->cap_effective, &current->cap_inheritable, &current->cap_permitted);
+ 	return;
+ }
+ 
+@@ -197,6 +196,8 @@
+ 
+ 	current->suid = current->euid = current->fsuid = bprm->e_uid;
+ 	current->sgid = current->egid = current->fsgid = bprm->e_gid;
++
++	dummy_capget(current, &current->cap_effective, &current->cap_inheritable, &current->cap_permitted);
+ }
+ 
+ static int dummy_bprm_set_security (struct linux_binprm *bprm)

Modified: trunk/kernel/source/kernel-source-2.6.9-2.6.9/debian/patches/series/2.6.9-6
===================================================================
--- trunk/kernel/source/kernel-source-2.6.9-2.6.9/debian/patches/series/2.6.9-6	2005-02-17 23:18:15 UTC (rev 2517)
+++ trunk/kernel/source/kernel-source-2.6.9-2.6.9/debian/patches/series/2.6.9-6	2005-02-17 23:22:05 UTC (rev 2518)
@@ -5,3 +5,5 @@
 + skb-reset-ip_summed.dpatch
 + sparc64-nis-killer.dpatch
 + proc-cmdline-mmput-leak.dpatch
++ 025-track_dummy_capability.dpatch
++ 027-track_dummy_capability-2.dpatch