[kernel] r9593 - in dists/etch-security/linux-2.6/debian: . patches/bugfix patches/series
Bastian Blank
waldi at alioth.debian.org
Tue Oct 2 08:53:13 UTC 2007
Author: waldi
Date: Tue Oct 2 08:53:12 2007
New Revision: 9593
Log:
* debian/changelog: Update.
* debian/patches/bugfix/amd64-zero-extend-32bit-ptrace-xen.patch:
Adopt for xen changes.
* debian/patches/series/13etch4-extra: Add.
Added:
dists/etch-security/linux-2.6/debian/patches/bugfix/amd64-zero-extend-32bit-ptrace-xen.patch
- copied, changed from r9545, /dists/etch-security/linux-2.6/debian/patches/bugfix/amd64-zero-extend-32bit-ptrace.patch
dists/etch-security/linux-2.6/debian/patches/series/13etch4-extra
Modified:
dists/etch-security/linux-2.6/debian/changelog
Modified: dists/etch-security/linux-2.6/debian/changelog
==============================================================================
--- dists/etch-security/linux-2.6/debian/changelog (original)
+++ dists/etch-security/linux-2.6/debian/changelog Tue Oct 2 08:53:12 2007
@@ -1,3 +1,12 @@
+linux-2.6 (2.6.18.dfsg.1-13etch4) UNRELEASED; urgency=low
+
+ * bugfix/amd64-zero-extend-32bit-ptrace-xen.patch
+ [SECURITY] Zero extend all registers after ptrace in 32-bit entry path
+ in the Xen kernels.
+ See CVE-2007-4573
+
+ -- Bastian Blank <waldi at debian.org> Tue, 02 Oct 2007 10:44:28 +0200
+
linux-2.6 (2.6.18.dfsg.1-13etch3) stable-security; urgency=high
* bugfix/ptrace-handle-bogus-selector.patch,
Copied: dists/etch-security/linux-2.6/debian/patches/bugfix/amd64-zero-extend-32bit-ptrace-xen.patch (from r9545, /dists/etch-security/linux-2.6/debian/patches/bugfix/amd64-zero-extend-32bit-ptrace.patch)
==============================================================================
--- /dists/etch-security/linux-2.6/debian/patches/bugfix/amd64-zero-extend-32bit-ptrace.patch (original)
+++ dists/etch-security/linux-2.6/debian/patches/bugfix/amd64-zero-extend-32bit-ptrace-xen.patch Tue Oct 2 08:53:12 2007
@@ -1,34 +1,10 @@
-From: Andi Kleen <ak at suse.de>
-Date: Fri, 21 Sep 2007 14:16:18 +0000 (+0200)
-Subject: x86_64: Zero extend all registers after ptrace in 32bit entry path.
-X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=176df2457ef6207156ca1a40991c54ca01fef567
+Adjusted to apply to Debian's 2.6.18 Xen
-x86_64: Zero extend all registers after ptrace in 32bit entry path.
-
-Strictly it's only needed for eax.
-
-It actually does a little more than strictly needed -- the other registers
-are already zero extended.
-
-Also remove the now unnecessary and non functional compat task check
-in ptrace.
-
-This is CVE-2007-4573
-
-Found by Wojciech Purczynski
-
-Signed-off-by: Andi Kleen <ak at suse.de>
-Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
----
-
-Adjusted to apply to Debian's 2.6.18 by dann frazier <dannf at debian.org>
-
-diff -urpN linux-source-2.6.18.orig/arch/x86_64/ia32/ia32entry.S linux-source-2.6.18/arch/x86_64/ia32/ia32entry.S
---- linux-source-2.6.18.orig/arch/x86_64/ia32/ia32entry.S 2006-09-19 21:42:06.000000000 -0600
-+++ linux-source-2.6.18/arch/x86_64/ia32/ia32entry.S 2007-09-25 00:10:16.089100799 -0600
+--- linux-source-2.6.18.orig/arch/x86_64/ia32/ia32entry-xen.S 2006-09-19 21:42:06.000000000 -0600
++++ linux-source-2.6.18/arch/x86_64/ia32/ia32entry-xen.S 2007-09-25 00:10:16.089100799 -0600
@@ -38,6 +38,18 @@
- movq %rax,R8(%rsp)
- .endm
+ #define __sti sti
+ #endif
+ .macro LOAD_ARGS32 offset
+ movl \offset(%rsp),%r11d
@@ -72,17 +48,3 @@
RESTORE_REST
jmp ia32_do_syscall
END(ia32_syscall)
-diff -urpN linux-source-2.6.18.orig/arch/x86_64/kernel/ptrace.c linux-source-2.6.18/arch/x86_64/kernel/ptrace.c
---- linux-source-2.6.18.orig/arch/x86_64/kernel/ptrace.c 2006-09-19 21:42:06.000000000 -0600
-+++ linux-source-2.6.18/arch/x86_64/kernel/ptrace.c 2007-09-25 00:10:16.089100799 -0600
-@@ -223,10 +223,6 @@ static int putreg(struct task_struct *ch
- {
- unsigned long tmp;
-
-- /* Some code in the 64bit emulation may not be 64bit clean.
-- Don't take any chances. */
-- if (test_tsk_thread_flag(child, TIF_IA32))
-- value &= 0xffffffff;
- switch (regno) {
- case offsetof(struct user_regs_struct,fs):
- if (value && (value & 3) != 3)
Added: dists/etch-security/linux-2.6/debian/patches/series/13etch4-extra
==============================================================================
--- (empty file)
+++ dists/etch-security/linux-2.6/debian/patches/series/13etch4-extra Tue Oct 2 08:53:12 2007
@@ -0,0 +1 @@
++ bugfix/amd64-zero-extend-32bit-ptrace-xen.patch *_xen *_xen-vserver
More information about the Kernel-svn-changes
mailing list