[kernel] r12572 - in dists/etch-security/linux-2.6/debian: . patches/bugfix/all patches/series
Dann Frazier
dannf at alioth.debian.org
Wed Jan 14 05:19:33 UTC 2009
Author: dannf
Date: Wed Jan 14 05:19:32 2009
New Revision: 12572
Log:
* nfs: Fix fcntl/close race
- bugfix/all/nfs-remove-buggy-lock-if-signalled-case.patch
See CVE-2008-4307
Added:
dists/etch-security/linux-2.6/debian/patches/bugfix/all/nfs-remove-buggy-lock-if-signalled-case.patch
Modified:
dists/etch-security/linux-2.6/debian/changelog
dists/etch-security/linux-2.6/debian/patches/series/23etch2
Modified: dists/etch-security/linux-2.6/debian/changelog
==============================================================================
--- dists/etch-security/linux-2.6/debian/changelog (original)
+++ dists/etch-security/linux-2.6/debian/changelog Wed Jan 14 05:19:32 2009
@@ -3,8 +3,11 @@
* Fix buffer underflow in the ib700wdt watchdog driver:
- bugfix/all/watchdog-ib700wdt-buffer_underflow.patch
See CVE-2008-5702
+ * nfs: Fix fcntl/close race
+ - bugfix/all/nfs-remove-buggy-lock-if-signalled-case.patch
+ See CVE-2008-4307
- -- dann frazier <dannf at debian.org> Thu, 25 Dec 2008 14:47:31 -0700
+ -- dann frazier <dannf at debian.org> Tue, 13 Jan 2009 22:14:02 -0700
linux-2.6 (2.6.18.dfsg.1-23etch1) stable-security; urgency=high
Added: dists/etch-security/linux-2.6/debian/patches/bugfix/all/nfs-remove-buggy-lock-if-signalled-case.patch
==============================================================================
--- (empty file)
+++ dists/etch-security/linux-2.6/debian/patches/bugfix/all/nfs-remove-buggy-lock-if-signalled-case.patch Wed Jan 14 05:19:32 2009
@@ -0,0 +1,36 @@
+commit c4d7c402b788b73dc24f1e54a57f89d3dc5eb7bc
+Author: Trond Myklebust <Trond.Myklebust at netapp.com>
+Date: Tue Apr 1 20:26:52 2008 -0400
+
+ NFS: Remove the buggy lock-if-signalled case from do_setlk()
+
+ Both NLM and NFSv4 should be able to clean up adequately in the case where
+ the user interrupts the RPC call...
+
+ Signed-off-by: Trond Myklebust <Trond.Myklebust at netapp.com>
+
+Adjusted to apply to Debian's 2.6.18 by dann frazier <dannf at debian.org>
+
+diff -urpN linux-source-2.6.18.orig/fs/nfs/file.c linux-source-2.6.18/fs/nfs/file.c
+--- linux-source-2.6.18.orig/fs/nfs/file.c 2006-09-19 21:42:06.000000000 -0600
++++ linux-source-2.6.18/fs/nfs/file.c 2009-01-13 22:10:12.000000000 -0700
+@@ -471,17 +471,9 @@ static int do_setlk(struct file *filp, i
+
+ lock_kernel();
+ /* Use local locking if mounted with "-onolock" */
+- if (!(NFS_SERVER(inode)->flags & NFS_MOUNT_NONLM)) {
++ if (!(NFS_SERVER(inode)->flags & NFS_MOUNT_NONLM))
+ status = NFS_PROTO(inode)->lock(filp, cmd, fl);
+- /* If we were signalled we still need to ensure that
+- * we clean up any state on the server. We therefore
+- * record the lock call as having succeeded in order to
+- * ensure that locks_remove_posix() cleans it out when
+- * the process exits.
+- */
+- if (status == -EINTR || status == -ERESTARTSYS)
+- do_vfs_lock(filp, fl);
+- } else
++ else
+ status = do_vfs_lock(filp, fl);
+ unlock_kernel();
+ if (status < 0)
Modified: dists/etch-security/linux-2.6/debian/patches/series/23etch2
==============================================================================
--- dists/etch-security/linux-2.6/debian/patches/series/23etch2 (original)
+++ dists/etch-security/linux-2.6/debian/patches/series/23etch2 Wed Jan 14 05:19:32 2009
@@ -1 +1,2 @@
+ bugfix/all/watchdog-ib700wdt-buffer_underflow.patch
++ bugfix/all/nfs-remove-buggy-lock-if-signalled-case.patch
More information about the Kernel-svn-changes
mailing list