[kernel] r6406 - in dists/sid/linux-2.6/debian: . patches
patches/series
maximilian attems
maks-guest at costa.debian.org
Thu Apr 13 09:13:45 UTC 2006
Author: maks-guest
Date: Thu Apr 13 09:13:44 2006
New Revision: 6406
Added:
dists/sid/linux-2.6/debian/patches/2.6.16.5
Modified:
dists/sid/linux-2.6/debian/changelog
dists/sid/linux-2.6/debian/patches/series/7
Log:
add 2.6.16.5
Modified: dists/sid/linux-2.6/debian/changelog
==============================================================================
--- dists/sid/linux-2.6/debian/changelog (original)
+++ dists/sid/linux-2.6/debian/changelog Thu Apr 13 09:13:44 2006
@@ -12,7 +12,12 @@
* [powerpc] Transitioned mkvmlinuz support patch to the 2.6.16 ARCH=powerpc
tree. PReP is broken in 2.6.16 though.
- -- Sven Luther <luther at debian.org> Wed, 12 Apr 2006 19:46:30 +0000
+ [ maximilian attems ]
+ * Add stable release 2.6.16.5:
+ - x86_64: Clean up execve
+ - x86_64: When user could have changed RIP always force IRET (CVE-2006-0744)
+
+ -- maximilian attems <maks at sternwelten.at> Thu, 13 Apr 2006 11:05:24 +0200
linux-2.6 (2.6.16-6) unstable; urgency=medium
Added: dists/sid/linux-2.6/debian/patches/2.6.16.5
==============================================================================
--- (empty file)
+++ dists/sid/linux-2.6/debian/patches/2.6.16.5 Thu Apr 13 09:13:44 2006
@@ -0,0 +1,63 @@
+diff --git a/arch/x86_64/kernel/entry.S b/arch/x86_64/kernel/entry.S
+index 7c10e90..ab6e44d 100644
+--- a/arch/x86_64/kernel/entry.S
++++ b/arch/x86_64/kernel/entry.S
+@@ -180,6 +180,10 @@ rff_trace:
+ *
+ * XXX if we had a free scratch register we could save the RSP into the stack frame
+ * and report it properly in ps. Unfortunately we haven't.
++ *
++ * When user can change the frames always force IRET. That is because
++ * it deals with uncanonical addresses better. SYSRET has trouble
++ * with them due to bugs in both AMD and Intel CPUs.
+ */
+
+ ENTRY(system_call)
+@@ -254,7 +258,10 @@ sysret_signal:
+ xorl %esi,%esi # oldset -> arg2
+ call ptregscall_common
+ 1: movl $_TIF_NEED_RESCHED,%edi
+- jmp sysret_check
++ /* Use IRET because user could have changed frame. This
++ works because ptregscall_common has called FIXUP_TOP_OF_STACK. */
++ cli
++ jmp int_with_check
+
+ badsys:
+ movq $-ENOSYS,RAX-ARGOFFSET(%rsp)
+@@ -280,7 +287,8 @@ tracesys:
+ call syscall_trace_leave
+ RESTORE_TOP_OF_STACK %rbx
+ RESTORE_REST
+- jmp ret_from_sys_call
++ /* Use IRET because user could have changed frame */
++ jmp int_ret_from_sys_call
+ CFI_ENDPROC
+
+ /*
+@@ -408,25 +416,9 @@ ENTRY(stub_execve)
+ CFI_ADJUST_CFA_OFFSET -8
+ CFI_REGISTER rip, r11
+ SAVE_REST
+- movq %r11, %r15
+- CFI_REGISTER rip, r15
+ FIXUP_TOP_OF_STACK %r11
+ call sys_execve
+- GET_THREAD_INFO(%rcx)
+- bt $TIF_IA32,threadinfo_flags(%rcx)
+- CFI_REMEMBER_STATE
+- jc exec_32bit
+ RESTORE_TOP_OF_STACK %r11
+- movq %r15, %r11
+- CFI_REGISTER rip, r11
+- RESTORE_REST
+- pushq %r11
+- CFI_ADJUST_CFA_OFFSET 8
+- CFI_REL_OFFSET rip, 0
+- ret
+-
+-exec_32bit:
+- CFI_RESTORE_STATE
+ movq %rax,RAX(%rsp)
+ RESTORE_REST
+ jmp int_ret_from_sys_call
Modified: dists/sid/linux-2.6/debian/patches/series/7
==============================================================================
--- dists/sid/linux-2.6/debian/patches/series/7 (original)
+++ dists/sid/linux-2.6/debian/patches/series/7 Thu Apr 13 09:13:44 2006
@@ -1,4 +1,4 @@
+ 2.6.16.3
+ 2.6.16.4
+ powerpc-mkvmlinuz-support-2.patch
-
++ 2.6.16.5
More information about the Kernel-svn-changes
mailing list