[kernel] r9610 - in dists/sid/linux-2.6/debian: . patches/bugfix patches/series

Maximilian Attems maks at alioth.debian.org
Mon Oct 8 21:22:40 UTC 2007 

Author: maks
Date: Mon Oct  8 21:22:40 2007
New Revision: 9610

Log:
add stable 2.6.22.7


Added:
   dists/sid/linux-2.6/debian/patches/bugfix/2.6.22.7
Modified:
   dists/sid/linux-2.6/debian/changelog
   dists/sid/linux-2.6/debian/patches/series/5

Modified: dists/sid/linux-2.6/debian/changelog
==============================================================================
--- dists/sid/linux-2.6/debian/changelog	(original)
+++ dists/sid/linux-2.6/debian/changelog	Mon Oct  8 21:22:40 2007
@@ -29,6 +29,8 @@
     - IPV6: Fix kernel panic while send SCTP data with IP fragments
     - i386: fix lazy mode vmalloc synchronization for paravirt
   * Set abi to 3.
+  * Add stable release 2.6.22.7: CVE-2007-4573:
+    - x86_64: Zero extend all registers after ptrace in 32bit entry path.
 
   [ Martin Michlmayr ]
   * [mips] Add a fix so qemu NE2000 will work again.
@@ -49,7 +51,7 @@
   [ dann frazier ]
   * [ia64] Enable cciss module
 
- -- maximilian attems <maks at debian.org>  Mon, 08 Oct 2007 23:14:30 +0200
+ -- maximilian attems <maks at debian.org>  Mon, 08 Oct 2007 23:20:03 +0200
 
 linux-2.6 (2.6.22-4) unstable; urgency=low
 

Added: dists/sid/linux-2.6/debian/patches/bugfix/2.6.22.7
==============================================================================
--- (empty file)
+++ dists/sid/linux-2.6/debian/patches/bugfix/2.6.22.7	Mon Oct  8 21:22:40 2007
@@ -0,0 +1,65 @@
+diff --git a/arch/x86_64/ia32/ia32entry.S b/arch/x86_64/ia32/ia32entry.S
+index 47565c3..0bc623a 100644
+--- a/arch/x86_64/ia32/ia32entry.S
++++ b/arch/x86_64/ia32/ia32entry.S
+@@ -38,6 +38,18 @@
+ 	movq	%rax,R8(%rsp)
+ 	.endm
+ 
++	.macro LOAD_ARGS32 offset
++	movl \offset(%rsp),%r11d
++	movl \offset+8(%rsp),%r10d
++	movl \offset+16(%rsp),%r9d
++	movl \offset+24(%rsp),%r8d
++	movl \offset+40(%rsp),%ecx
++	movl \offset+48(%rsp),%edx
++	movl \offset+56(%rsp),%esi
++	movl \offset+64(%rsp),%edi
++	movl \offset+72(%rsp),%eax
++	.endm
++	
+ 	.macro CFI_STARTPROC32 simple
+ 	CFI_STARTPROC	\simple
+ 	CFI_UNDEFINED	r8
+@@ -152,7 +164,7 @@ sysenter_tracesys:
+ 	movq	$-ENOSYS,RAX(%rsp)	/* really needed? */
+ 	movq	%rsp,%rdi        /* &pt_regs -> arg1 */
+ 	call	syscall_trace_enter
+-	LOAD_ARGS ARGOFFSET  /* reload args from stack in case ptrace changed it */
++	LOAD_ARGS32 ARGOFFSET  /* reload args from stack in case ptrace changed it */
+ 	RESTORE_REST
+ 	movl	%ebp, %ebp
+ 	/* no need to do an access_ok check here because rbp has been
+@@ -255,7 +267,7 @@ cstar_tracesys:
+ 	movq $-ENOSYS,RAX(%rsp)	/* really needed? */
+ 	movq %rsp,%rdi        /* &pt_regs -> arg1 */
+ 	call syscall_trace_enter
+-	LOAD_ARGS ARGOFFSET  /* reload args from stack in case ptrace changed it */
++	LOAD_ARGS32 ARGOFFSET  /* reload args from stack in case ptrace changed it */
+ 	RESTORE_REST
+ 	movl RSP-ARGOFFSET(%rsp), %r8d
+ 	/* no need to do an access_ok check here because r8 has been
+@@ -333,7 +345,7 @@ ia32_tracesys:
+ 	movq $-ENOSYS,RAX(%rsp)	/* really needed? */
+ 	movq %rsp,%rdi        /* &pt_regs -> arg1 */
+ 	call syscall_trace_enter
+-	LOAD_ARGS ARGOFFSET  /* reload args from stack in case ptrace changed it */
++	LOAD_ARGS32 ARGOFFSET  /* reload args from stack in case ptrace changed it */
+ 	RESTORE_REST
+ 	jmp ia32_do_syscall
+ END(ia32_syscall)
+diff --git a/arch/x86_64/kernel/ptrace.c b/arch/x86_64/kernel/ptrace.c
+index 9409117..8d89d8c 100644
+--- a/arch/x86_64/kernel/ptrace.c
++++ b/arch/x86_64/kernel/ptrace.c
+@@ -223,10 +223,6 @@ static int putreg(struct task_struct *child,
+ {
+ 	unsigned long tmp; 
+ 	
+-	/* Some code in the 64bit emulation may not be 64bit clean.
+-	   Don't take any chances. */
+-	if (test_tsk_thread_flag(child, TIF_IA32))
+-		value &= 0xffffffff;
+ 	switch (regno) {
+ 		case offsetof(struct user_regs_struct,fs):
+ 			if (value && (value & 3) != 3)

Modified: dists/sid/linux-2.6/debian/patches/series/5
==============================================================================
--- dists/sid/linux-2.6/debian/patches/series/5	(original)
+++ dists/sid/linux-2.6/debian/patches/series/5	Mon Oct  8 21:22:40 2007
@@ -2,3 +2,4 @@
 + bugfix/mips/i8259-disable-method.patch
 + bugfix/mips/fix-build-elf64.patch
 + bugfix/2.6.22.6
++ bugfix/2.6.22.7

More information about the Kernel-svn-changes mailing list