[kernel] r15129 - in dists/lenny-security/linux-2.6/debian: . patches/bugfix/all patches/series
Dann Frazier
dannf at alioth.debian.org
Fri Feb 5 03:47:35 UTC 2010
Author: dannf
Date: Fri Feb 5 03:47:33 2010
New Revision: 15129
Log:
connector: Delete buggy notification code. (CVE-2010-0410)
Added:
dists/lenny-security/linux-2.6/debian/patches/bugfix/all/connector-delete-buggy-notification-code.patch
- copied, changed from r15128, dists/trunk/linux-2.6/debian/patches/bugfix/all/connector-delete-buggy-notification-code.patch
Modified:
dists/lenny-security/linux-2.6/debian/changelog
dists/lenny-security/linux-2.6/debian/patches/series/21lenny3
Modified: dists/lenny-security/linux-2.6/debian/changelog
==============================================================================
--- dists/lenny-security/linux-2.6/debian/changelog Fri Feb 5 03:30:28 2010 (r15128)
+++ dists/lenny-security/linux-2.6/debian/changelog Fri Feb 5 03:47:33 2010 (r15129)
@@ -2,6 +2,7 @@
* Additional fixes for CVE-2010-0307
* KVM: PIT: control word is write-only (CVE-2010-0309)
+ * connector: Delete buggy notification code. (CVE-2010-0410)
-- dann frazier <dannf at debian.org> Thu, 04 Feb 2010 17:43:31 -0700
Copied and modified: dists/lenny-security/linux-2.6/debian/patches/bugfix/all/connector-delete-buggy-notification-code.patch (from r15128, dists/trunk/linux-2.6/debian/patches/bugfix/all/connector-delete-buggy-notification-code.patch)
==============================================================================
--- dists/trunk/linux-2.6/debian/patches/bugfix/all/connector-delete-buggy-notification-code.patch Fri Feb 5 03:30:28 2010 (r15128, copy source)
+++ dists/lenny-security/linux-2.6/debian/patches/bugfix/all/connector-delete-buggy-notification-code.patch Fri Feb 5 03:47:33 2010 (r15129)
@@ -38,10 +38,13 @@
include/linux/connector.h | 32 -------
2 files changed, 207 deletions(-)
---- a/drivers/connector/connector.c
-+++ b/drivers/connector/connector.c
+Adjusted to apply to Debian's 2.6.26 by dann frazier <dannf at debian.org>
+
+diff -urpN linux-source-2.6.26.orig/drivers/connector/connector.c linux-source-2.6.26/drivers/connector/connector.c
+--- linux-source-2.6.26.orig/drivers/connector/connector.c 2008-07-13 15:51:29.000000000 -0600
++++ linux-source-2.6.26/drivers/connector/connector.c 2010-02-04 20:33:57.000000000 -0700
@@ -36,17 +36,6 @@ MODULE_LICENSE("GPL");
- MODULE_AUTHOR("Evgeniy Polyakov <zbr at ioremap.net>");
+ MODULE_AUTHOR("Evgeniy Polyakov <johnpol at 2ka.mipt.ru>");
MODULE_DESCRIPTION("Generic userspace <-> kernelspace connector.");
-static u32 cn_idx = CN_IDX_CONNECTOR;
@@ -58,7 +61,7 @@
static struct cn_dev cdev;
static int cn_already_initialized;
-@@ -210,54 +199,6 @@ static void cn_rx_skb(struct sk_buff *__
+@@ -215,54 +204,6 @@ static void cn_rx_skb(struct sk_buff *__
}
/*
@@ -84,7 +87,7 @@
-
- req = (struct cn_notify_req *)ctl->data;
- for (i = 0; i < ctl->idx_notify_num; ++i, ++req) {
-- if (id->idx >= req->first &&
+- if (id->idx >= req->first &&
- id->idx < req->first + req->range) {
- idx_found = 1;
- break;
@@ -92,7 +95,7 @@
- }
-
- for (i = 0; i < ctl->val_notify_num; ++i, ++req) {
-- if (id->val >= req->first &&
+- if (id->val >= req->first &&
- id->val < req->first + req->range) {
- val_found = 1;
- break;
@@ -113,7 +116,7 @@
* Callback add routing - adds callback with given ID and name.
* If there is registered callback with the same ID it will not be added.
*
-@@ -276,8 +217,6 @@ int cn_add_callback(struct cb_id *id, ch
+@@ -280,8 +221,6 @@ int cn_add_callback(struct cb_id *id, ch
if (err)
return err;
@@ -122,7 +125,7 @@
return 0;
}
EXPORT_SYMBOL_GPL(cn_add_callback);
-@@ -295,111 +234,9 @@ void cn_del_callback(struct cb_id *id)
+@@ -299,112 +238,9 @@ void cn_del_callback(struct cb_id *id)
struct cn_dev *dev = &cdev;
cn_queue_del_callback(dev->cbdev, id);
@@ -177,8 +180,9 @@
- *
- * Used for notification of a request's processing.
- */
--static void cn_callback(struct cn_msg *msg, struct netlink_skb_parms *nsp)
+-static void cn_callback(void *data)
-{
+- struct cn_msg *msg = data;
- struct cn_ctl_msg *ctl;
- struct cn_ctl_entry *ent;
- u32 size;
@@ -234,7 +238,7 @@
static int cn_proc_show(struct seq_file *m, void *v)
{
struct cn_queue_dev *dev = cdev.cbdev;
-@@ -437,11 +274,8 @@ static const struct file_operations cn_f
+@@ -442,11 +278,8 @@ static const struct file_operations cn_f
static int __devinit cn_init(void)
{
struct cn_dev *dev = &cdev;
@@ -246,8 +250,8 @@
dev->nls = netlink_kernel_create(&init_net, NETLINK_CONNECTOR,
CN_NETLINK_USERS + 0xf,
-@@ -457,14 +291,6 @@ static int __devinit cn_init(void)
-
+@@ -462,14 +295,6 @@ static int __devinit cn_init(void)
+
cn_already_initialized = 1;
- err = cn_add_callback(&dev->id, "connector", &cn_callback);
@@ -261,7 +265,7 @@
proc_net_fops_create(&init_net, "connector", S_IRUGO, &cn_file_ops);
return 0;
-@@ -478,7 +304,6 @@ static void __devexit cn_fini(void)
+@@ -483,7 +308,6 @@ static void __devexit cn_fini(void)
proc_net_remove(&init_net, "connector");
@@ -269,11 +273,12 @@
cn_queue_free_dev(dev->cbdev);
netlink_kernel_release(dev->nls);
}
---- a/include/linux/connector.h
-+++ b/include/linux/connector.h
+diff -urpN linux-source-2.6.26.orig/include/linux/connector.h linux-source-2.6.26/include/linux/connector.h
+--- linux-source-2.6.26.orig/include/linux/connector.h 2008-07-13 15:51:29.000000000 -0600
++++ linux-source-2.6.26/include/linux/connector.h 2010-02-04 20:31:20.000000000 -0700
@@ -24,9 +24,6 @@
- #include <linux/types.h>
+ #include <asm/types.h>
-#define CN_IDX_CONNECTOR 0xffffffff
-#define CN_VAL_CONNECTOR 0xffffffff
@@ -281,7 +286,7 @@
/*
* Process Events connector unique ids -- used for message routing
*/
-@@ -73,30 +70,6 @@ struct cn_msg {
+@@ -68,30 +65,6 @@ struct cn_msg {
__u8 data[0];
};
@@ -312,7 +317,7 @@
#ifdef __KERNEL__
#include <asm/atomic.h>
-@@ -149,11 +122,6 @@ struct cn_callback_entry {
+@@ -141,11 +114,6 @@ struct cn_callback_entry {
u32 seq, group;
};
Modified: dists/lenny-security/linux-2.6/debian/patches/series/21lenny3
==============================================================================
--- dists/lenny-security/linux-2.6/debian/patches/series/21lenny3 Fri Feb 5 03:30:28 2010 (r15128)
+++ dists/lenny-security/linux-2.6/debian/patches/series/21lenny3 Fri Feb 5 03:47:33 2010 (r15129)
@@ -2,3 +2,4 @@
+ bugfix/powerpc/powerpc-tif_abi_pending-bit-removal.patch
+ bugfix/sparc/sparc-tif_abi_pending-bit-removal.patch
+ bugfix/x86/kvm-pit-control-word-is-write-only.patch
++ bugfix/all/connector-delete-buggy-notification-code.patch
More information about the Kernel-svn-changes
mailing list