[kernel] r12590 - in dists/sid/linux-2.6/debian: . patches/bugfix/all/CVE-2009-0029 patches/features/all/openvz patches/features/all/vserver patches/features/all/xen patches/series

Dann Frazier dannf at alioth.debian.org
Wed Jan 21 21:27:49 UTC 2009 

Author: dannf
Date: Wed Jan 21 21:27:47 2009
New Revision: 12590

Log:
merge in CVE-2009-0029 patches

Added:
   dists/sid/linux-2.6/debian/patches/bugfix/all/CVE-2009-0029/
      - copied from r12589, /people/dannf/sid+CVE-2009-0029/debian/patches/bugfix/all/CVE-2009-0029/
Modified:
   dists/sid/linux-2.6/debian/changelog
   dists/sid/linux-2.6/debian/patches/features/all/openvz/openvz.patch
   dists/sid/linux-2.6/debian/patches/features/all/vserver/vs2.3.0.35.patch
   dists/sid/linux-2.6/debian/patches/features/all/xen/suse-20080808143035.patch
   dists/sid/linux-2.6/debian/patches/series/14

Modified: dists/sid/linux-2.6/debian/changelog
==============================================================================
--- dists/sid/linux-2.6/debian/changelog	(original)
+++ dists/sid/linux-2.6/debian/changelog	Wed Jan 21 21:27:47 2009
@@ -5,8 +5,10 @@
 
   [ dann frazier ]
   * sctp: fix memory overflow (CVE-2009-0065)
+  * Fix sign-extend ABI issue w/ system calls on various 64-bit architectures
+    (CVE-2009-0029)
 
- -- dann frazier <dannf at debian.org>  Sat, 10 Jan 2009 16:06:04 -0700
+ -- dann frazier <dannf at debian.org>  Mon, 19 Jan 2009 13:11:06 -0700
 
 linux-2.6 (2.6.26-13) unstable; urgency=high
 

Modified: dists/sid/linux-2.6/debian/patches/features/all/openvz/openvz.patch
==============================================================================
--- dists/sid/linux-2.6/debian/patches/features/all/openvz/openvz.patch	(original)
+++ dists/sid/linux-2.6/debian/patches/features/all/openvz/openvz.patch	Wed Jan 21 21:27:47 2009
@@ -8027,7 +8027,7 @@
  }
 +EXPORT_SYMBOL_GPL(sys_dup2);
  
- asmlinkage long sys_dup(unsigned int fildes)
+ SYSCALL_DEFINE1(dup, unsigned int, fildes)
  {
 @@ -199,6 +200,9 @@ static int setfl(int fd, struct file * filp, unsigned long arg)
  	struct inode * inode = filp->f_path.dentry->d_inode;
@@ -9024,8 +9024,8 @@
  }
 +EXPORT_SYMBOL(sys_inotify_init);
  
- asmlinkage long sys_inotify_add_watch(int fd, const char __user *path, u32 mask)
- {
+ SYSCALL_DEFINE3(inotify_add_watch, int, fd, const char __user *, path,
+ 		u32, mask)
 @@ -673,7 +635,7 @@ asmlinkage long sys_inotify_add_watch(int fd, const char __user *path, u32 mask)
  	mutex_lock(&dev->up_mutex);
  	ret = inotify_find_update_watch(dev->ih, inode, mask);
@@ -9967,14 +9967,14 @@
  	if (!error && copy_to_user(buf, &tmp, sizeof(tmp)))
  		error = -EFAULT;
  	fput(file);
-@@ -701,6 +725,7 @@ out_release:
+@@ -719,6 +743,7 @@ out_release:
  out:
  	return error;
  }
 +EXPORT_SYMBOL_GPL(sys_chown);
  
- asmlinkage long sys_fchownat(int dfd, const char __user *filename, uid_t user,
- 			     gid_t group, int flag)
+ SYSCALL_DEFINE5(fchownat, int, dfd, const char __user *, filename, uid_t, user,
+ 		gid_t, group, int, flag)
 @@ -939,6 +964,7 @@ struct file *nameidata_to_filp(struct nameidata *nd, int flags)
  	return filp;
  }
@@ -9993,14 +9993,14 @@
  	error = -ENFILE;
  	f = get_empty_filp();
  	if (f == NULL) {
-@@ -1115,6 +1144,7 @@ asmlinkage long sys_open(const char __user *filename, int flags, int mode)
+@@ -1132,6 +1161,7 @@ SYSCALL_DEFINE3(open, const char __user 
  	asmlinkage_protect(3, ret, filename, flags, mode);
  	return ret;
  }
 +EXPORT_SYMBOL_GPL(sys_open);
  
- asmlinkage long sys_openat(int dfd, const char __user *filename, int flags,
- 			   int mode)
+ SYSCALL_DEFINE4(openat, int, dfd, const char __user *, filename, int, flags,
+ 		int, mode)
 diff --git a/fs/partitions/check.c b/fs/partitions/check.c
 index 6149e4b..c904faa 100644
 --- a/fs/partitions/check.c
@@ -11579,7 +11579,7 @@
  const struct file_operations generic_ro_fops = {
  	.llseek		= generic_file_llseek,
  	.read		= do_sync_read,
-@@ -350,6 +352,29 @@ static inline void file_pos_write(struct file *file, loff_t pos)
+@@ -350,6 +352,29 @@ static inline void file_pos_write(struct
  	file->f_pos = pos;
  }
  
@@ -11606,7 +11606,7 @@
 +}
 +
 +
- asmlinkage ssize_t sys_read(unsigned int fd, char __user * buf, size_t count)
+ SYSCALL_DEFINE3(read, unsigned int, fd, char __user *, buf, size_t, count)
  {
  	struct file *file;
 @@ -362,6 +387,8 @@ asmlinkage ssize_t sys_read(unsigned int fd, char __user * buf, size_t count)
@@ -11744,14 +11744,14 @@
  {
  	struct pollfd __user *ufds = (struct pollfd __user*)restart_block->arg0;
  	int nfds = restart_block->arg1;
-@@ -726,6 +729,7 @@ static long do_restart_poll(struct restart_block *restart_block)
+@@ -727,6 +730,7 @@ static long do_restart_poll(struct resta
  	}
  	return ret;
  }
 +EXPORT_SYMBOL_GPL(do_restart_poll);
  
- asmlinkage long sys_poll(struct pollfd __user *ufds, unsigned int nfds,
- 			long timeout_msecs)
+ SYSCALL_DEFINE3(poll, struct pollfd __user *, ufds, unsigned int, nfds,
+ 		long, timeout_msecs)
 diff --git a/fs/seq_file.c b/fs/seq_file.c
 index 3f54dbd..4d8b86a 100644
 --- a/fs/seq_file.c
@@ -12255,7 +12255,7 @@
  }
 +EXPORT_SYMBOL(user_get_super);
  
- asmlinkage long sys_ustat(unsigned dev, struct ustat __user * ubuf)
+ SYSCALL_DEFINE2(ustat, unsigned, dev, struct ustat __user *, ubuf)
  {
 +	dev_t kdev;
          struct super_block *s;
@@ -12336,7 +12336,7 @@
  
 @@ -38,7 +40,14 @@ static void do_sync(unsigned long wait)
  
- asmlinkage long sys_sync(void)
+ SYSCALL_DEFINE0(sync)
  {
 +	struct user_beancounter *ub;
 +
@@ -62468,7 +62468,7 @@
  {
  	struct user_struct *new_user;
  
-@@ -868,8 +985,27 @@ asmlinkage long sys_setfsgid(gid_t gid)
+@@ -869,8 +986,27 @@ SYSCALL_DEFINE1(setfsgid, gid_t, gid)
  	return old_fsgid;
  }
  
@@ -62487,7 +62487,7 @@
 +}
 +#endif
 +
- asmlinkage long sys_times(struct tms __user * tbuf)
+ SYSCALL_DEFINE1(times, struct tms __user *, tbuf)
  {
 +#ifdef CONFIG_VE
 +	struct timespec now;
@@ -67379,13 +67379,13 @@
  }
  
  static int do_mlock(unsigned long start, size_t len, int on)
-@@ -157,6 +173,7 @@ asmlinkage long sys_mlock(unsigned long start, size_t len)
+@@ -155,6 +171,7 @@ SYSCALL_DEFINE2(mlock, unsigned long, st
  	up_write(&current->mm->mmap_sem);
  	return error;
  }
 +EXPORT_SYMBOL_GPL(sys_mlock);
  
- asmlinkage long sys_munlock(unsigned long start, size_t len)
+ SYSCALL_DEFINE2(munlock, unsigned long, start, size_t, len)
  {
 @@ -169,6 +186,7 @@ asmlinkage long sys_munlock(unsigned long start, size_t len)
  	up_write(&current->mm->mmap_sem);

Modified: dists/sid/linux-2.6/debian/patches/features/all/vserver/vs2.3.0.35.patch
==============================================================================
--- dists/sid/linux-2.6/debian/patches/features/all/vserver/vs2.3.0.35.patch	(original)
+++ dists/sid/linux-2.6/debian/patches/features/all/vserver/vs2.3.0.35.patch	Wed Jan 21 21:27:47 2009
@@ -756,7 +756,7 @@
  SYSCALL(sys_clock_nanosleep,sys_clock_nanosleep,sys32_clock_nanosleep_wrapper)
 -NI_SYSCALL							/* reserved for vserver */
 +SYSCALL(sys_vserver,sys_vserver,sys32_vserver)
- SYSCALL(s390_fadvise64_64,sys_ni_syscall,sys32_fadvise64_64_wrapper)
+ SYSCALL(sys_s390_fadvise64_64,sys_ni_syscall,sys32_fadvise64_64_wrapper)
  SYSCALL(sys_statfs64,sys_statfs64,compat_sys_statfs64_wrapper)
  SYSCALL(sys_fstatfs64,sys_fstatfs64,compat_sys_fstatfs64_wrapper)
 --- a/arch/s390/mm/fault.c	2008-07-14 17:22:29.000000000 -0400
@@ -16984,16 +16984,16 @@
  
  /**
   * sys_getpid - return the thread group id of the current process
-@@ -1123,10 +1121,23 @@ asmlinkage long sys_getppid(void)
+@@ -1123,10 +1121,23 @@ SYSCALL_DEFINE0(getppid)
  	rcu_read_lock();
  	pid = task_tgid_vnr(current->real_parent);
  	rcu_read_unlock();
 +	return vx_map_pid(pid);
 +}
++
++#ifdef __alpha__
  
 -	return pid;
-+#ifdef __alpha__
-+
 +/*
 + * The Alpha uses getxpid, getxuid, and getxgid instead.
 + */
@@ -17006,7 +17006,7 @@
  
 +#else /* _alpha_ */
 +
- asmlinkage long sys_getuid(void)
+ SYSCALL_DEFINE0(getuid)
  {
  	/* Only we change this so SMP safe */
 @@ -1297,6 +1308,8 @@ int do_sysinfo(struct sysinfo *info)
@@ -25825,9 +25825,9 @@
  out:
  	return ret;
  }
-@@ -134,7 +135,7 @@ static int do_mlock(unsigned long start,
+@@ -132,7 +133,7 @@ static int do_mlock(unsigned long start,
  
- asmlinkage long sys_mlock(unsigned long start, size_t len)
+ SYSCALL_DEFINE2(mlock, unsigned long, start, size_t, len)
  {
 -	unsigned long locked;
 +	unsigned long locked, grow;

Modified: dists/sid/linux-2.6/debian/patches/features/all/xen/suse-20080808143035.patch
==============================================================================
--- dists/sid/linux-2.6/debian/patches/features/all/xen/suse-20080808143035.patch	(original)
+++ dists/sid/linux-2.6/debian/patches/features/all/xen/suse-20080808143035.patch	Wed Jan 21 21:27:47 2009
@@ -96759,7 +96759,7 @@
  /* sys_io_setup:
   *	Create an aio_context capable of receiving at least nr_events.
   *	ctxp must not point to an aio_context that already exists, and
-@@ -1259,18 +1348,30 @@ static void io_destroy(struct kioctx *ioctx)
+@@ -1259,18 +1348,30 @@ static void io_destroy(struct kioctx *io
   *	resources are available.  May fail with -EFAULT if an invalid
   *	pointer is passed for ctxp.  Will fail with -ENOSYS if not
   *	implemented.
@@ -96769,7 +96769,7 @@
 + *	This keeps the system call compatible, since a non-zero value
 + *	was not allowed so far.
   */
- asmlinkage long sys_io_setup(unsigned nr_events, aio_context_t __user *ctxp)
+ SYSCALL_DEFINE2(io_setup, unsigned, nr_events, aio_context_t __user *, ctxp)
  {
  	struct kioctx *ioctx = NULL;
  	unsigned long ctx;

Modified: dists/sid/linux-2.6/debian/patches/series/14
==============================================================================
--- dists/sid/linux-2.6/debian/patches/series/14	(original)
+++ dists/sid/linux-2.6/debian/patches/series/14	Wed Jan 21 21:27:47 2009
@@ -1,2 +1,48 @@
 + features/all/alsa-hda-support-acer-aspire-one.patch
 + bugfix/all/sctp-avoid-memory-overflow.patch
++ bugfix/all/CVE-2009-0029/0001-Move-compat-system-call-declarations.patch
++ bugfix/all/CVE-2009-0029/0002-Convert-all-system-calls-to-return-a.patch
++ bugfix/all/CVE-2009-0029/0003-Rename-old_readdir-to-sys_old_readdi.patch
++ bugfix/all/CVE-2009-0029/0004pre1-ia64-kill-sys32_pipe.patch
++ bugfix/all/CVE-2009-0029/0004-Remove-__attribute__-weak-from-sy.patch
++ bugfix/all/CVE-2009-0029/0005-Make-sys_pselect7-static.patch
++ bugfix/all/CVE-2009-0029/0006-Make-sys_syslog-a-conditional-system.patch
++ bugfix/all/CVE-2009-0029/0007-System-call-wrapper-infrastructure.patch
++ bugfix/all/CVE-2009-0029/0008-powerpc-Enable-syscall-wrappers-for.patch
++ bugfix/all/CVE-2009-0029/0009-s390-enable-system-call-wrappers.patch
++ bugfix/all/CVE-2009-0029/0010-System-call-wrapper-special-cases.patch
++ bugfix/all/CVE-2009-0029/0011-System-call-wrappers-part-01.patch
++ bugfix/all/CVE-2009-0029/0012-System-call-wrappers-part-02.patch
++ bugfix/all/CVE-2009-0029/0013-System-call-wrappers-part-03.patch
++ bugfix/all/CVE-2009-0029/0014-System-call-wrappers-part-04.patch
++ bugfix/all/CVE-2009-0029/0015-System-call-wrappers-part-05.patch
++ bugfix/all/CVE-2009-0029/0016-System-call-wrappers-part-06.patch
++ bugfix/all/CVE-2009-0029/0017-System-call-wrappers-part-07.patch
++ bugfix/all/CVE-2009-0029/0018-System-call-wrappers-part-08.patch
++ bugfix/all/CVE-2009-0029/0019-System-call-wrappers-part-09.patch
++ bugfix/all/CVE-2009-0029/0020-System-call-wrappers-part-10.patch
++ bugfix/all/CVE-2009-0029/0021-System-call-wrappers-part-11.patch
++ bugfix/all/CVE-2009-0029/0022-System-call-wrappers-part-12.patch
++ bugfix/all/CVE-2009-0029/0023-System-call-wrappers-part-13.patch
++ bugfix/all/CVE-2009-0029/0024-System-call-wrappers-part-14.patch
++ bugfix/all/CVE-2009-0029/0025-System-call-wrappers-part-15.patch
++ bugfix/all/CVE-2009-0029/0026-System-call-wrappers-part-16.patch
++ bugfix/all/CVE-2009-0029/0027-System-call-wrappers-part-17.patch
++ bugfix/all/CVE-2009-0029/0028-System-call-wrappers-part-18.patch
++ bugfix/all/CVE-2009-0029/0029-System-call-wrappers-part-19.patch
++ bugfix/all/CVE-2009-0029/0030-System-call-wrappers-part-20.patch
++ bugfix/all/CVE-2009-0029/0031-System-call-wrappers-part-21.patch
++ bugfix/all/CVE-2009-0029/0032-System-call-wrappers-part-22.patch
++ bugfix/all/CVE-2009-0029/0033-System-call-wrappers-part-23.patch
++ bugfix/all/CVE-2009-0029/0034-System-call-wrappers-part-24.patch
++ bugfix/all/CVE-2009-0029/0035-System-call-wrappers-part-25.patch
++ bugfix/all/CVE-2009-0029/0036-System-call-wrappers-part-26.patch
++ bugfix/all/CVE-2009-0029/0037-System-call-wrappers-part-27.patch
++ bugfix/all/CVE-2009-0029/0038pre1-missing-include.patch
++ bugfix/all/CVE-2009-0029/0038-System-call-wrappers-part-28.patch
++ bugfix/all/CVE-2009-0029/0039-System-call-wrappers-part-29.patch
++ bugfix/all/CVE-2009-0029/0040-System-call-wrappers-part-30.patch
++ bugfix/all/CVE-2009-0029/0041-System-call-wrappers-part-31.patch
++ bugfix/all/CVE-2009-0029/0042-System-call-wrappers-part-32.patch
++ bugfix/all/CVE-2009-0029/0043-System-call-wrappers-part-33.patch
++ bugfix/all/CVE-2009-0029/0044-s390-specific-system-call-wrappers.patch

More information about the Kernel-svn-changes mailing list