[kernel] r13031 - in dists/lenny-security/linux-2.6/debian: . patches/bugfix/all/CVE-2009-0029 patches/series
Dann Frazier
dannf at alioth.debian.org
Sun Mar 8 20:05:46 UTC 2009
Author: dannf
Date: Sun Mar 8 20:05:44 2009
New Revision: 13031
Log:
Additional mips fixes for CVE-2009-0029.
Added:
dists/lenny-security/linux-2.6/debian/patches/bugfix/all/CVE-2009-0029/mips-enable-syscall-wrappers.patch
dists/lenny-security/linux-2.6/debian/patches/bugfix/all/CVE-2009-0029/mips-rename-sys_pipe.patch
dists/lenny-security/linux-2.6/debian/patches/series/13lenny2
Modified:
dists/lenny-security/linux-2.6/debian/changelog
Modified: dists/lenny-security/linux-2.6/debian/changelog
==============================================================================
--- dists/lenny-security/linux-2.6/debian/changelog (original)
+++ dists/lenny-security/linux-2.6/debian/changelog Sun Mar 8 20:05:44 2009
@@ -1,3 +1,9 @@
+linux-2.6 (2.6.26-13lenny2) UNRELEASED; urgency=high
+
+ * Additional mips fixes for CVE-2009-0029.
+
+ -- dann frazier <dannf at debian.org> Sun, 08 Mar 2009 13:29:00 -0600
+
linux-2.6 (2.6.26-13lenny1) stable-security; urgency=high
[ dann frazier ]
Added: dists/lenny-security/linux-2.6/debian/patches/bugfix/all/CVE-2009-0029/mips-enable-syscall-wrappers.patch
==============================================================================
--- (empty file)
+++ dists/lenny-security/linux-2.6/debian/patches/bugfix/all/CVE-2009-0029/mips-enable-syscall-wrappers.patch Sun Mar 8 20:05:44 2009
@@ -0,0 +1,650 @@
+commit dbda6ac0897603f6c6dfadbbc37f9882177ec7ac
+Author: Ralf Baechle <ralf at linux-mips.org>
+Date: Sun Feb 8 16:00:26 2009 +0000
+
+ MIPS: CVE-2009-0029: Enable syscall wrappers.
+
+ Thanks to David Daney helping with debugging and testing.
+
+ Signed-off-by: Ralf Baechle <ralf at linux-mips.org>
+ Signed-off-by: David Daney <ddaney at caviumnetworks.com>
+
+Backported to Debian's 2.6.26 by dann frazier <dannf at debian.org>
+
+diff -urpN a/arch/mips/Kconfig b/arch/mips/Kconfig
+--- a/arch/mips/Kconfig 2008-07-13 15:51:29.000000000 -0600
++++ b/arch/mips/Kconfig 2009-03-08 13:16:31.000000000 -0600
+@@ -1385,6 +1385,7 @@ config 32BIT
+ config 64BIT
+ bool "64-bit kernel"
+ depends on CPU_SUPPORTS_64BIT_KERNEL && SYS_SUPPORTS_64BIT_KERNEL
++ select HAVE_SYSCALL_WRAPPERS
+ help
+ Select this option if you want to build a 64-bit kernel.
+
+diff -urpN a/arch/mips/kernel/linux32.c b/arch/mips/kernel/linux32.c
+--- a/arch/mips/kernel/linux32.c 2008-07-13 15:51:29.000000000 -0600
++++ b/arch/mips/kernel/linux32.c 2009-03-08 13:18:00.000000000 -0600
+@@ -33,6 +33,7 @@
+ #include <linux/module.h>
+ #include <linux/binfmts.h>
+ #include <linux/security.h>
++#include <linux/syscalls.h>
+ #include <linux/compat.h>
+ #include <linux/vfs.h>
+ #include <linux/ipc.h>
+@@ -99,9 +100,9 @@ int cp_compat_stat(struct kstat *stat, s
+ return copy_to_user(statbuf, &tmp, sizeof(tmp)) ? -EFAULT : 0;
+ }
+
+-asmlinkage unsigned long
+-sys32_mmap2(unsigned long addr, unsigned long len, unsigned long prot,
+- unsigned long flags, unsigned long fd, unsigned long pgoff)
++SYSCALL_DEFINE6(32_mmap2, unsigned long, addr, unsigned long, len,
++ unsigned long, prot, unsigned long, flags, unsigned long, fd,
++ unsigned long, pgoff)
+ {
+ struct file * file = NULL;
+ unsigned long error;
+@@ -174,14 +175,14 @@ struct rlimit32 {
+ int rlim_max;
+ };
+
+-asmlinkage long sys32_truncate64(const char __user * path,
+- unsigned long __dummy, int a2, int a3)
++SYSCALL_DEFINE4(32_truncate64, const char __user *, path,
++ unsigned long, __dummy, unsigned long, a2, unsigned long, a3)
+ {
+ return sys_truncate(path, merge_64(a2, a3));
+ }
+
+-asmlinkage long sys32_ftruncate64(unsigned int fd, unsigned long __dummy,
+- int a2, int a3)
++SYSCALL_DEFINE4(32_ftruncate64, unsigned long, fd, unsigned long, __dummy,
++ unsigned long, a2, unsigned long, a3)
+ {
+ return sys_ftruncate(fd, merge_64(a2, a3));
+ }
+@@ -252,9 +253,9 @@ sys32_settimeofday(struct compat_timeval
+ return do_sys_settimeofday(tv ? &kts : NULL, tz ? &ktz : NULL);
+ }
+
+-asmlinkage int sys32_llseek(unsigned int fd, unsigned int offset_high,
+- unsigned int offset_low, loff_t __user * result,
+- unsigned int origin)
++SYSCALL_DEFINE5(32_llseek, unsigned long, fd, unsigned long, offset_high,
++ unsigned long, offset_low, loff_t __user *, result,
++ unsigned long, origin)
+ {
+ return sys_llseek(fd, offset_high, offset_low, result, origin);
+ }
+@@ -263,20 +264,20 @@ asmlinkage int sys32_llseek(unsigned int
+ lseek back to original location. They fail just like lseek does on
+ non-seekable files. */
+
+-asmlinkage ssize_t sys32_pread(unsigned int fd, char __user * buf,
+- size_t count, u32 unused, u64 a4, u64 a5)
++SYSCALL_DEFINE6(32_pread, unsigned long, fd, char __user *, buf, size_t, count,
++ unsigned long, unused, unsigned long, a4, unsigned long, a5)
+ {
+ return sys_pread64(fd, buf, count, merge_64(a4, a5));
+ }
+
+-asmlinkage ssize_t sys32_pwrite(unsigned int fd, const char __user * buf,
+- size_t count, u32 unused, u64 a4, u64 a5)
++SYSCALL_DEFINE6(32_pwrite, unsigned int, fd, const char __user *, buf,
++ size_t, count, u32, unused, u64, a4, u64, a5)
+ {
+ return sys_pwrite64(fd, buf, count, merge_64(a4, a5));
+ }
+
+-asmlinkage int sys32_sched_rr_get_interval(compat_pid_t pid,
+- struct compat_timespec __user *interval)
++SYSCALL_DEFINE2(32_sched_rr_get_interval, compat_pid_t, pid,
++ struct compat_timespec __user *, interval)
+ {
+ struct timespec t;
+ int ret;
+@@ -293,8 +294,8 @@ asmlinkage int sys32_sched_rr_get_interv
+
+ #ifdef CONFIG_SYSVIPC
+
+-asmlinkage long
+-sys32_ipc(u32 call, int first, int second, int third, u32 ptr, u32 fifth)
++SYSCALL_DEFINE6(32_ipc, u32, call, long, first, long, second, long, third,
++ unsigned long, ptr, unsigned long, fifth)
+ {
+ int version, err;
+
+@@ -352,8 +353,8 @@ sys32_ipc(u32 call, int first, int secon
+
+ #else
+
+-asmlinkage long
+-sys32_ipc(u32 call, int first, int second, int third, u32 ptr, u32 fifth)
++SYSCALL_DEFINE6(32_ipc, u32, call, int, first, int, second, int, third,
++ u32, ptr, u32 fifth)
+ {
+ return -ENOSYS;
+ }
+@@ -361,7 +362,7 @@ sys32_ipc(u32 call, int first, int secon
+ #endif /* CONFIG_SYSVIPC */
+
+ #ifdef CONFIG_MIPS32_N32
+-asmlinkage long sysn32_semctl(int semid, int semnum, int cmd, u32 arg)
++SYSCALL_DEFINE4(n32_semctl, int, semid, int, semnum, int, cmd, u32, arg)
+ {
+ /* compat_sys_semctl expects a pointer to union semun */
+ u32 __user *uptr = compat_alloc_user_space(sizeof(u32));
+@@ -370,13 +371,14 @@ asmlinkage long sysn32_semctl(int semid,
+ return compat_sys_semctl(semid, semnum, cmd, uptr);
+ }
+
+-asmlinkage long sysn32_msgsnd(int msqid, u32 msgp, unsigned msgsz, int msgflg)
++SYSCALL_DEFINE4(n32_msgsnd, int, msqid, u32, msgp, unsigned int, msgsz,
++ int, msgflg)
+ {
+ return compat_sys_msgsnd(msqid, msgsz, msgflg, compat_ptr(msgp));
+ }
+
+-asmlinkage long sysn32_msgrcv(int msqid, u32 msgp, size_t msgsz, int msgtyp,
+- int msgflg)
++SYSCALL_DEFINE5(n32_msgrcv, int, msqid, u32, msgp, size_t, msgsz,
++ int, msgtyp, int, msgflg)
+ {
+ return compat_sys_msgrcv(msqid, msgsz, msgtyp, msgflg, IPC_64,
+ compat_ptr(msgp));
+@@ -396,7 +398,7 @@ struct sysctl_args32
+
+ #ifdef CONFIG_SYSCTL_SYSCALL
+
+-asmlinkage long sys32_sysctl(struct sysctl_args32 __user *args)
++SYSCALL_DEFINE1(32_sysctl, struct sysctl_args32 __user *, args)
+ {
+ struct sysctl_args32 tmp;
+ int error;
+@@ -435,9 +437,16 @@ asmlinkage long sys32_sysctl(struct sysc
+ return error;
+ }
+
++#else
++
++SYSCALL_DEFINE1(32_sysctl, struct sysctl_args32 __user *, args)
++{
++ return -ENOSYS;
++}
++
+ #endif /* CONFIG_SYSCTL_SYSCALL */
+
+-asmlinkage long sys32_newuname(struct new_utsname __user * name)
++SYSCALL_DEFINE1(32_newuname, struct new_utsname __user *, name)
+ {
+ int ret = 0;
+
+@@ -453,7 +462,7 @@ asmlinkage long sys32_newuname(struct ne
+ return ret;
+ }
+
+-asmlinkage int sys32_personality(unsigned long personality)
++SYSCALL_DEFINE1(32_personality, unsigned long, personality)
+ {
+ int ret;
+ personality &= 0xffffffff;
+@@ -476,7 +485,7 @@ struct ustat32 {
+
+ extern asmlinkage long sys_ustat(dev_t dev, struct ustat __user * ubuf);
+
+-asmlinkage int sys32_ustat(dev_t dev, struct ustat32 __user * ubuf32)
++SYSCALL_DEFINE2(32_ustat, dev_t, dev, struct ustat32 __user *, ubuf32)
+ {
+ int err;
+ struct ustat tmp;
+@@ -500,8 +509,8 @@ out:
+ return err;
+ }
+
+-asmlinkage int sys32_sendfile(int out_fd, int in_fd, compat_off_t __user *offset,
+- s32 count)
++SYSCALL_DEFINE4(32_sendfile, long, out_fd, long, in_fd,
++ compat_off_t __user *, offset, s32, count)
+ {
+ mm_segment_t old_fs = get_fs();
+ int ret;
+diff -urpN a/arch/mips/kernel/scall32-o32.S b/arch/mips/kernel/scall32-o32.S
+--- a/arch/mips/kernel/scall32-o32.S 2009-03-03 22:15:28.000000000 -0700
++++ b/arch/mips/kernel/scall32-o32.S 2009-03-08 13:16:31.000000000 -0600
+@@ -414,7 +414,7 @@ einval: li v0, -EINVAL
+ sys sys_swapon 2
+ sys sys_reboot 3
+ sys sys_old_readdir 3
+- sys old_mmap 6 /* 4090 */
++ sys sys_mips_mmap 6 /* 4090 */
+ sys sys_munmap 2
+ sys sys_truncate 2
+ sys sys_ftruncate 2
+@@ -534,7 +534,7 @@ einval: li v0, -EINVAL
+ sys sys_sendfile 4
+ sys sys_ni_syscall 0
+ sys sys_ni_syscall 0
+- sys sys_mmap2 6 /* 4210 */
++ sys sys_mips_mmap2 6 /* 4210 */
+ sys sys_truncate64 4
+ sys sys_ftruncate64 4
+ sys sys_stat64 2
+diff -urpN a/arch/mips/kernel/scall64-64.S b/arch/mips/kernel/scall64-64.S
+--- a/arch/mips/kernel/scall64-64.S 2008-07-13 15:51:29.000000000 -0600
++++ b/arch/mips/kernel/scall64-64.S 2009-03-08 13:16:31.000000000 -0600
+@@ -207,7 +207,7 @@ sys_call_table:
+ PTR sys_newlstat
+ PTR sys_poll
+ PTR sys_lseek
+- PTR old_mmap
++ PTR sys_mips_mmap
+ PTR sys_mprotect /* 5010 */
+ PTR sys_munmap
+ PTR sys_brk
+diff -urpN a/arch/mips/kernel/scall64-n32.S b/arch/mips/kernel/scall64-n32.S
+--- a/arch/mips/kernel/scall64-n32.S 2009-03-08 13:13:09.000000000 -0600
++++ b/arch/mips/kernel/scall64-n32.S 2009-03-08 13:16:31.000000000 -0600
+@@ -129,12 +129,12 @@ EXPORT(sysn32_call_table)
+ PTR sys_newlstat
+ PTR sys_poll
+ PTR sys_lseek
+- PTR old_mmap
++ PTR sys_mips_mmap
+ PTR sys_mprotect /* 6010 */
+ PTR sys_munmap
+ PTR sys_brk
+- PTR sys32_rt_sigaction
+- PTR sys32_rt_sigprocmask
++ PTR sys_32_rt_sigaction
++ PTR sys_32_rt_sigprocmask
+ PTR compat_sys_ioctl /* 6015 */
+ PTR sys_pread64
+ PTR sys_pwrite64
+@@ -159,7 +159,7 @@ EXPORT(sysn32_call_table)
+ PTR compat_sys_setitimer
+ PTR sys_alarm
+ PTR sys_getpid
+- PTR sys32_sendfile
++ PTR sys_32_sendfile
+ PTR sys_socket /* 6040 */
+ PTR sys_connect
+ PTR sys_accept
+@@ -181,14 +181,14 @@ EXPORT(sysn32_call_table)
+ PTR sys_exit
+ PTR compat_sys_wait4
+ PTR sys_kill /* 6060 */
+- PTR sys32_newuname
++ PTR sys_32_newuname
+ PTR sys_semget
+ PTR sys_semop
+- PTR sysn32_semctl
++ PTR sys_n32_semctl
+ PTR sys_shmdt /* 6065 */
+ PTR sys_msgget
+- PTR sysn32_msgsnd
+- PTR sysn32_msgrcv
++ PTR sys_n32_msgsnd
++ PTR sys_n32_msgrcv
+ PTR compat_sys_msgctl
+ PTR compat_sys_fcntl /* 6070 */
+ PTR sys_flock
+@@ -245,15 +245,15 @@ EXPORT(sysn32_call_table)
+ PTR sys_getsid
+ PTR sys_capget
+ PTR sys_capset
+- PTR sys32_rt_sigpending /* 6125 */
++ PTR sys_32_rt_sigpending /* 6125 */
+ PTR compat_sys_rt_sigtimedwait
+- PTR sys32_rt_sigqueueinfo
++ PTR sys_32_rt_sigqueueinfo
+ PTR sysn32_rt_sigsuspend
+ PTR sys32_sigaltstack
+ PTR compat_sys_utime /* 6130 */
+ PTR sys_mknod
+- PTR sys32_personality
+- PTR sys32_ustat
++ PTR sys_32_personality
++ PTR sys_32_ustat
+ PTR compat_sys_statfs
+ PTR compat_sys_fstatfs /* 6135 */
+ PTR sys_sysfs
+@@ -265,14 +265,14 @@ EXPORT(sysn32_call_table)
+ PTR sys_sched_getscheduler
+ PTR sys_sched_get_priority_max
+ PTR sys_sched_get_priority_min
+- PTR sys32_sched_rr_get_interval /* 6145 */
++ PTR sys_32_sched_rr_get_interval /* 6145 */
+ PTR sys_mlock
+ PTR sys_munlock
+ PTR sys_mlockall
+ PTR sys_munlockall
+ PTR sys_vhangup /* 6150 */
+ PTR sys_pivot_root
+- PTR sys32_sysctl
++ PTR sys_32_sysctl
+ PTR sys_prctl
+ PTR compat_sys_adjtimex
+ PTR compat_sys_setrlimit /* 6155 */
+diff -urpN a/arch/mips/kernel/scall64-o32.S b/arch/mips/kernel/scall64-o32.S
+--- a/arch/mips/kernel/scall64-o32.S 2009-03-08 13:15:39.000000000 -0600
++++ b/arch/mips/kernel/scall64-o32.S 2009-03-08 13:16:31.000000000 -0600
+@@ -265,12 +265,12 @@ sys_call_table:
+ PTR sys_olduname
+ PTR sys_umask /* 4060 */
+ PTR sys_chroot
+- PTR sys32_ustat
++ PTR sys_32_ustat
+ PTR sys_dup2
+ PTR sys_getppid
+ PTR sys_getpgrp /* 4065 */
+ PTR sys_setsid
+- PTR sys32_sigaction
++ PTR sys_32_sigaction
+ PTR sys_sgetmask
+ PTR sys_ssetmask
+ PTR sys_setreuid /* 4070 */
+@@ -293,7 +293,7 @@ sys_call_table:
+ PTR sys_swapon
+ PTR sys_reboot
+ PTR compat_sys_old_readdir
+- PTR old_mmap /* 4090 */
++ PTR sys_mips_mmap /* 4090 */
+ PTR sys_munmap
+ PTR sys_truncate
+ PTR sys_ftruncate
+@@ -320,12 +320,12 @@ sys_call_table:
+ PTR compat_sys_wait4
+ PTR sys_swapoff /* 4115 */
+ PTR compat_sys_sysinfo
+- PTR sys32_ipc
++ PTR sys_32_ipc
+ PTR sys_fsync
+ PTR sys32_sigreturn
+ PTR sys32_clone /* 4120 */
+ PTR sys_setdomainname
+- PTR sys32_newuname
++ PTR sys_32_newuname
+ PTR sys_ni_syscall /* sys_modify_ldt */
+ PTR compat_sys_adjtimex
+ PTR sys_mprotect /* 4125 */
+@@ -339,11 +339,11 @@ sys_call_table:
+ PTR sys_fchdir
+ PTR sys_bdflush
+ PTR sys_sysfs /* 4135 */
+- PTR sys32_personality
++ PTR sys_32_personality
+ PTR sys_ni_syscall /* for afs_syscall */
+ PTR sys_setfsuid
+ PTR sys_setfsgid
+- PTR sys32_llseek /* 4140 */
++ PTR sys_32_llseek /* 4140 */
+ PTR compat_sys_getdents
+ PTR compat_sys_select
+ PTR sys_flock
+@@ -356,7 +356,7 @@ sys_call_table:
+ PTR sys_ni_syscall /* 4150 */
+ PTR sys_getsid
+ PTR sys_fdatasync
+- PTR sys32_sysctl
++ PTR sys_32_sysctl
+ PTR sys_mlock
+ PTR sys_munlock /* 4155 */
+ PTR sys_mlockall
+@@ -368,7 +368,7 @@ sys_call_table:
+ PTR sys_sched_yield
+ PTR sys_sched_get_priority_max
+ PTR sys_sched_get_priority_min
+- PTR sys32_sched_rr_get_interval /* 4165 */
++ PTR sys_32_sched_rr_get_interval /* 4165 */
+ PTR compat_sys_nanosleep
+ PTR sys_mremap
+ PTR sys_accept
+@@ -397,25 +397,25 @@ sys_call_table:
+ PTR sys_getresgid
+ PTR sys_prctl
+ PTR sys32_rt_sigreturn
+- PTR sys32_rt_sigaction
+- PTR sys32_rt_sigprocmask /* 4195 */
+- PTR sys32_rt_sigpending
++ PTR sys_32_rt_sigaction
++ PTR sys_32_rt_sigprocmask /* 4195 */
++ PTR sys_32_rt_sigpending
+ PTR compat_sys_rt_sigtimedwait
+- PTR sys32_rt_sigqueueinfo
++ PTR sys_32_rt_sigqueueinfo
+ PTR sys32_rt_sigsuspend
+- PTR sys32_pread /* 4200 */
+- PTR sys32_pwrite
++ PTR sys_32_pread /* 4200 */
++ PTR sys_32_pwrite
+ PTR sys_chown
+ PTR sys_getcwd
+ PTR sys_capget
+ PTR sys_capset /* 4205 */
+ PTR sys32_sigaltstack
+- PTR sys32_sendfile
++ PTR sys_32_sendfile
+ PTR sys_ni_syscall
+ PTR sys_ni_syscall
+- PTR sys32_mmap2 /* 4210 */
+- PTR sys32_truncate64
+- PTR sys32_ftruncate64
++ PTR sys_mips_mmap2 /* 4210 */
++ PTR sys_32_truncate64
++ PTR sys_32_ftruncate64
+ PTR sys_newstat
+ PTR sys_newlstat
+ PTR sys_newfstat /* 4215 */
+@@ -481,7 +481,7 @@ sys_call_table:
+ PTR compat_sys_mq_notify /* 4275 */
+ PTR compat_sys_mq_getsetattr
+ PTR sys_ni_syscall /* sys_vserver */
+- PTR sys32_waitid
++ PTR sys_32_waitid
+ PTR sys_ni_syscall /* available, was setaltroot */
+ PTR sys_add_key /* 4280 */
+ PTR sys_request_key
+diff -urpN a/arch/mips/kernel/signal32.c b/arch/mips/kernel/signal32.c
+--- a/arch/mips/kernel/signal32.c 2008-07-13 15:51:29.000000000 -0600
++++ b/arch/mips/kernel/signal32.c 2009-03-08 13:16:31.000000000 -0600
+@@ -349,8 +349,8 @@ asmlinkage int sys32_rt_sigsuspend(nabi_
+ return -ERESTARTNOHAND;
+ }
+
+-asmlinkage int sys32_sigaction(int sig, const struct sigaction32 __user *act,
+- struct sigaction32 __user *oact)
++SYSCALL_DEFINE3(32_sigaction, long, sig, const struct sigaction32 __user *, act,
++ struct sigaction32 __user *, oact)
+ {
+ struct k_sigaction new_ka, old_ka;
+ int ret;
+@@ -692,9 +692,9 @@ struct mips_abi mips_abi_32 = {
+ .restart = __NR_O32_restart_syscall
+ };
+
+-asmlinkage int sys32_rt_sigaction(int sig, const struct sigaction32 __user *act,
+- struct sigaction32 __user *oact,
+- unsigned int sigsetsize)
++SYSCALL_DEFINE4(32_rt_sigaction, int, sig,
++ const struct sigaction32 __user *, act,
++ struct sigaction32 __user *, oact, unsigned int, sigsetsize)
+ {
+ struct k_sigaction new_sa, old_sa;
+ int ret = -EINVAL;
+@@ -736,8 +736,8 @@ out:
+ return ret;
+ }
+
+-asmlinkage int sys32_rt_sigprocmask(int how, compat_sigset_t __user *set,
+- compat_sigset_t __user *oset, unsigned int sigsetsize)
++SYSCALL_DEFINE4(32_rt_sigprocmask, int, how, compat_sigset_t __user *, set,
++ compat_sigset_t __user *, oset, unsigned int, sigsetsize)
+ {
+ sigset_t old_set, new_set;
+ int ret;
+@@ -758,8 +758,8 @@ asmlinkage int sys32_rt_sigprocmask(int
+ return ret;
+ }
+
+-asmlinkage int sys32_rt_sigpending(compat_sigset_t __user *uset,
+- unsigned int sigsetsize)
++SYSCALL_DEFINE2(32_rt_sigpending, compat_sigset_t __user *, uset,
++ unsigned int, sigsetsize)
+ {
+ int ret;
+ sigset_t set;
+@@ -775,7 +775,8 @@ asmlinkage int sys32_rt_sigpending(compa
+ return ret;
+ }
+
+-asmlinkage int sys32_rt_sigqueueinfo(int pid, int sig, compat_siginfo_t __user *uinfo)
++SYSCALL_DEFINE3(32_rt_sigqueueinfo, int, pid, int, sig,
++ compat_siginfo_t __user *, uinfo)
+ {
+ siginfo_t info;
+ int ret;
+@@ -790,10 +791,9 @@ asmlinkage int sys32_rt_sigqueueinfo(int
+ return ret;
+ }
+
+-asmlinkage long
+-sys32_waitid(int which, compat_pid_t pid,
+- compat_siginfo_t __user *uinfo, int options,
+- struct compat_rusage __user *uru)
++SYSCALL_DEFINE5(32_waitid, int, which, compat_pid_t, pid,
++ compat_siginfo_t __user *, uinfo, int, options,
++ struct compat_rusage __user *, uru)
+ {
+ siginfo_t info;
+ struct rusage ru;
+diff -urpN a/arch/mips/kernel/signal.c b/arch/mips/kernel/signal.c
+--- a/arch/mips/kernel/signal.c 2008-07-13 15:51:29.000000000 -0600
++++ b/arch/mips/kernel/signal.c 2009-03-08 13:16:31.000000000 -0600
+@@ -19,6 +19,7 @@
+ #include <linux/ptrace.h>
+ #include <linux/unistd.h>
+ #include <linux/compiler.h>
++#include <linux/syscalls.h>
+ #include <linux/uaccess.h>
+
+ #include <asm/abi.h>
+@@ -338,8 +339,8 @@ asmlinkage int sys_rt_sigsuspend(nabi_no
+ }
+
+ #ifdef CONFIG_TRAD_SIGNALS
+-asmlinkage int sys_sigaction(int sig, const struct sigaction __user *act,
+- struct sigaction __user *oact)
++SYSCALL_DEFINE3(sigaction, int, sig, const struct sigaction __user *, act,
++ struct sigaction __user *, oact)
+ {
+ struct k_sigaction new_ka, old_ka;
+ int ret;
+diff -urpN a/arch/mips/kernel/syscall.c b/arch/mips/kernel/syscall.c
+--- a/arch/mips/kernel/syscall.c 2008-07-13 15:51:29.000000000 -0600
++++ b/arch/mips/kernel/syscall.c 2009-03-08 13:16:31.000000000 -0600
+@@ -146,9 +146,9 @@ out:
+ return error;
+ }
+
+-asmlinkage unsigned long
+-old_mmap(unsigned long addr, unsigned long len, int prot,
+- int flags, int fd, off_t offset)
++SYSCALL_DEFINE6(mips_mmap, unsigned long, addr, unsigned long, len,
++ unsigned long, prot, unsigned long, flags, unsigned long,
++ fd, off_t, offset)
+ {
+ unsigned long result;
+
+@@ -162,9 +162,9 @@ out:
+ return result;
+ }
+
+-asmlinkage unsigned long
+-sys_mmap2(unsigned long addr, unsigned long len, unsigned long prot,
+- unsigned long flags, unsigned long fd, unsigned long pgoff)
++SYSCALL_DEFINE6(mips_mmap2, unsigned long, addr, unsigned long, len,
++ unsigned long, prot, unsigned long, flags, unsigned long, fd,
++ unsigned long, pgoff)
+ {
+ if (pgoff & (~PAGE_MASK >> 12))
+ return -EINVAL;
+@@ -234,7 +234,7 @@ out:
+ /*
+ * Compacrapability ...
+ */
+-asmlinkage int sys_uname(struct old_utsname __user * name)
++SYSCALL_DEFINE1(uname, struct old_utsname __user *, name)
+ {
+ if (name && !copy_to_user(name, utsname(), sizeof (*name)))
+ return 0;
+@@ -244,7 +244,7 @@ asmlinkage int sys_uname(struct old_utsn
+ /*
+ * Compacrapability ...
+ */
+-asmlinkage int sys_olduname(struct oldold_utsname __user * name)
++SYSCALL_DEFINE1(olduname, struct oldold_utsname __user *, name)
+ {
+ int error;
+
+@@ -273,7 +273,7 @@ asmlinkage int sys_olduname(struct oldol
+ return error;
+ }
+
+-asmlinkage int sys_set_thread_area(unsigned long addr)
++SYSCALL_DEFINE1(set_thread_area, unsigned long, addr)
+ {
+ struct thread_info *ti = task_thread_info(current);
+
+@@ -284,7 +284,7 @@ asmlinkage int sys_set_thread_area(unsig
+ return 0;
+ }
+
+-asmlinkage int _sys_sysmips(int cmd, long arg1, int arg2, int arg3)
++asmlinkage int _sys_sysmips(long cmd, long arg1, long arg2, long arg3)
+ {
+ switch (cmd) {
+ case MIPS_ATOMIC_SET:
+@@ -319,8 +319,8 @@ asmlinkage int _sys_sysmips(int cmd, lon
+ *
+ * This is really horribly ugly.
+ */
+-asmlinkage int sys_ipc(unsigned int call, int first, int second,
+- unsigned long third, void __user *ptr, long fifth)
++SYSCALL_DEFINE6(ipc, unsigned int, call, int, first, int, second,
++ unsigned long, third, void __user *, ptr, long, fifth)
+ {
+ int version, ret;
+
+@@ -405,7 +405,7 @@ asmlinkage int sys_ipc(unsigned int call
+ /*
+ * No implemented yet ...
+ */
+-asmlinkage int sys_cachectl(char *addr, int nbytes, int op)
++SYSCALL_DEFINE3(cachectl, char *, addr, int, nbytes, int, op)
+ {
+ return -ENOSYS;
+ }
+diff -urpN a/arch/mips/mm/cache.c b/arch/mips/mm/cache.c
+--- a/arch/mips/mm/cache.c 2008-07-13 15:51:29.000000000 -0600
++++ b/arch/mips/mm/cache.c 2009-03-08 13:16:31.000000000 -0600
+@@ -13,6 +13,7 @@
+ #include <linux/linkage.h>
+ #include <linux/module.h>
+ #include <linux/sched.h>
++#include <linux/syscalls.h>
+ #include <linux/mm.h>
+
+ #include <asm/cacheflush.h>
+@@ -57,8 +58,8 @@ EXPORT_SYMBOL(_dma_cache_wback_inv);
+ * We could optimize the case where the cache argument is not BCACHE but
+ * that seems very atypical use ...
+ */
+-asmlinkage int sys_cacheflush(unsigned long addr,
+- unsigned long bytes, unsigned int cache)
++SYSCALL_DEFINE3(cacheflush, unsigned long, addr, unsigned long, bytes,
++ unsigned int, cache)
+ {
+ if (bytes == 0)
+ return 0;
Added: dists/lenny-security/linux-2.6/debian/patches/bugfix/all/CVE-2009-0029/mips-rename-sys_pipe.patch
==============================================================================
--- (empty file)
+++ dists/lenny-security/linux-2.6/debian/patches/bugfix/all/CVE-2009-0029/mips-rename-sys_pipe.patch Sun Mar 8 20:05:44 2009
@@ -0,0 +1,77 @@
+commit 8213bbf9c1c0009872a3278aa7a83ec8f3508195
+Author: Ralf Baechle <ralf at linux-mips.org>
+Date: Sun Jul 20 13:16:46 2008 +0100
+
+ [MIPS] Rename MIPS sys_pipe syscall entry point to something MIPS-specific.
+
+ Signed-off-by: Ralf Baechle <ralf at linux-mips.org>
+
+Adjusted to apply to Debian's 2.6.26 by dann frazier <dannf at debian.org>
+
+diff -urpN a/arch/mips/kernel/scall32-o32.S b/arch/mips/kernel/scall32-o32.S
+--- a/arch/mips/kernel/scall32-o32.S 2009-03-01 22:49:19.000000000 +0000
++++ b/arch/mips/kernel/scall32-o32.S 2009-03-02 01:33:25.000000000 +0000
+@@ -366,7 +366,7 @@ einval: li v0, -EINVAL
+ sys sys_mkdir 2
+ sys sys_rmdir 1 /* 4040 */
+ sys sys_dup 1
+- sys sys_pipe 0
++ sys sysm_pipe 0
+ sys sys_times 1
+ sys sys_ni_syscall 0
+ sys sys_brk 1 /* 4045 */
+diff -urpN a/arch/mips/kernel/scall64-64.S b/arch/mips/kernel/scall64-64.S
+--- a/arch/mips/kernel/scall64-64.S 2008-07-13 21:51:29.000000000 +0000
++++ b/arch/mips/kernel/scall64-64.S 2009-03-02 01:33:25.000000000 +0000
+@@ -219,7 +219,7 @@ sys_call_table:
+ PTR sys_readv
+ PTR sys_writev
+ PTR sys_access /* 5020 */
+- PTR sys_pipe
++ PTR sysm_pipe
+ PTR sys_select
+ PTR sys_sched_yield
+ PTR sys_mremap
+diff -urpN a/arch/mips/kernel/scall64-n32.S b/arch/mips/kernel/scall64-n32.S
+--- a/arch/mips/kernel/scall64-n32.S 2009-03-01 22:49:25.000000000 +0000
++++ b/arch/mips/kernel/scall64-n32.S 2009-03-02 01:33:25.000000000 +0000
+@@ -141,7 +141,7 @@ EXPORT(sysn32_call_table)
+ PTR compat_sys_readv
+ PTR compat_sys_writev
+ PTR sys_access /* 6020 */
+- PTR sys_pipe
++ PTR sysm_pipe
+ PTR compat_sys_select
+ PTR sys_sched_yield
+ PTR sys_mremap
+diff -urpN a/arch/mips/kernel/scall64-o32.S b/arch/mips/kernel/scall64-o32.S
+--- a/arch/mips/kernel/scall64-o32.S 2009-03-01 22:49:25.000000000 +0000
++++ b/arch/mips/kernel/scall64-o32.S 2009-03-02 01:33:25.000000000 +0000
+@@ -245,7 +245,7 @@ sys_call_table:
+ PTR sys_mkdir
+ PTR sys_rmdir /* 4040 */
+ PTR sys_dup
+- PTR sys_pipe
++ PTR sysm_pipe
+ PTR compat_sys_times
+ PTR sys_ni_syscall
+ PTR sys_brk /* 4045 */
+diff -urpN a/arch/mips/kernel/syscall.c b/arch/mips/kernel/syscall.c
+--- a/arch/mips/kernel/syscall.c 2008-07-13 21:51:29.000000000 +0000
++++ b/arch/mips/kernel/syscall.c 2009-03-02 01:33:25.000000000 +0000
+@@ -40,7 +40,14 @@
+ #include <asm/sysmips.h>
+ #include <asm/uaccess.h>
+
+-asmlinkage int sys_pipe(nabi_no_regargs volatile struct pt_regs regs)
++/*
++ * For historic reasons the pipe(2) syscall on MIPS has an unusual calling
++ * convention. It returns results in registers $v0 / $v1 which means there
++ * is no need for it to do verify the validity of a userspace pointer
++ * argument. Historically that used to be expensive in Linux. These days
++ * the performance advantage is negligible.
++ */
++asmlinkage int sysm_pipe(nabi_no_regargs volatile struct pt_regs regs)
+ {
+ int fd[2];
+ int error, res;
Added: dists/lenny-security/linux-2.6/debian/patches/series/13lenny2
==============================================================================
--- (empty file)
+++ dists/lenny-security/linux-2.6/debian/patches/series/13lenny2 Sun Mar 8 20:05:44 2009
@@ -0,0 +1,4 @@
+- bugfix/all/CVE-2009-0029/mips-wire-up-o32-syscall-to-the-right-function.patch
+- bugfix/all/CVE-2009-0029/mips-finish-fixing-CVE-2009-0029.patch
++ bugfix/all/CVE-2009-0029/mips-rename-sys_pipe.patch
++ bugfix/all/CVE-2009-0029/mips-enable-syscall-wrappers.patch
More information about the Kernel-svn-changes
mailing list