[kernel] r15184 - in dists/lenny-security/linux-2.6/debian: . patches/bugfix/x86 patches/features/all/xen patches/series
Dann Frazier
dannf at alioth.debian.org
Thu Feb 18 04:45:59 UTC 2010
Author: dannf
Date: Thu Feb 18 04:45:57 2010
New Revision: 15184
Log:
x86: set_personality_ia32() misses force_personality32, an additional
fix for CVE-2010-0307
Added:
dists/lenny-security/linux-2.6/debian/patches/bugfix/x86/set_personality_ia32-misses-force_personality32.patch
dists/lenny-security/linux-2.6/debian/patches/features/all/xen/set_personality_ia32-misses-force_personality32.patch
dists/lenny-security/linux-2.6/debian/patches/series/21lenny4-extra
Modified:
dists/lenny-security/linux-2.6/debian/changelog
dists/lenny-security/linux-2.6/debian/patches/series/21lenny4
Modified: dists/lenny-security/linux-2.6/debian/changelog
==============================================================================
--- dists/lenny-security/linux-2.6/debian/changelog Thu Feb 18 00:44:37 2010 (r15183)
+++ dists/lenny-security/linux-2.6/debian/changelog Thu Feb 18 04:45:57 2010 (r15184)
@@ -2,6 +2,8 @@
* futex: Handle user space corruption gracefully (CVE-2010-0622)
* mmap: cleanup compiler warnings from CVE-2010-0291 fixes
+ * x86: set_personality_ia32() misses force_personality32, an additional
+ fix for CVE-2010-0307
-- dann frazier <dannf at debian.org> Thu, 11 Feb 2010 17:14:23 -0700
Added: dists/lenny-security/linux-2.6/debian/patches/bugfix/x86/set_personality_ia32-misses-force_personality32.patch
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ dists/lenny-security/linux-2.6/debian/patches/bugfix/x86/set_personality_ia32-misses-force_personality32.patch Thu Feb 18 04:45:57 2010 (r15184)
@@ -0,0 +1,25 @@
+[Adjusted to apply to Debian's 2.6.26]
+
+commit 1252f238db48ec419f40c1bdf30fda649860eed9
+Author: Oleg Nesterov <oleg at redhat.com>
+Date: Tue Feb 16 15:02:13 2010 +0100
+
+ x86: set_personality_ia32() misses force_personality32
+
+ 05d43ed8a "x86: get rid of the insane TIF_ABI_PENDING bit" forgot about
+ force_personality32. Fix.
+
+ Signed-off-by: Oleg Nesterov <oleg at redhat.com>
+ Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
+
+diff -urpN linux-source-2.6.26.orig/arch/x86/kernel/process_64.c linux-source-2.6.26/arch/x86/kernel/process_64.c
+--- linux-source-2.6.26.orig/arch/x86/kernel/process_64.c 2010-02-10 01:11:15.000000000 -0700
++++ linux-source-2.6.26/arch/x86/kernel/process_64.c 2010-02-17 21:29:14.000000000 -0700
+@@ -728,6 +728,7 @@ void set_personality_ia32(void)
+
+ /* Make sure to be in 32bit mode */
+ set_thread_flag(TIF_IA32);
++ current->personality |= force_personality32;
+
+ /* Prepare the first "return" to user space */
+ current_thread_info()->status |= TS_COMPAT;
Added: dists/lenny-security/linux-2.6/debian/patches/features/all/xen/set_personality_ia32-misses-force_personality32.patch
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ dists/lenny-security/linux-2.6/debian/patches/features/all/xen/set_personality_ia32-misses-force_personality32.patch Thu Feb 18 04:45:57 2010 (r15184)
@@ -0,0 +1,11 @@
+diff -urpN a/arch/x86/kernel/process_64-xen.c b/arch/x86/kernel/process_64-xen.c
+--- a/arch/x86/kernel/process_64-xen.c 2010-02-17 21:42:34.000000000 -0700
++++ b/arch/x86/kernel/process_64-xen.c 2010-02-17 21:44:00.000000000 -0700
+@@ -779,6 +779,7 @@ void set_personality_ia32(void)
+
+ /* Make sure to be in 32bit mode */
+ set_thread_flag(TIF_IA32);
++ current->personality |= force_personality32;
+
+ /* Prepare the first "return" to user space */
+ current_thread_info()->status |= TS_COMPAT;
Modified: dists/lenny-security/linux-2.6/debian/patches/series/21lenny4
==============================================================================
--- dists/lenny-security/linux-2.6/debian/patches/series/21lenny4 Thu Feb 18 00:44:37 2010 (r15183)
+++ dists/lenny-security/linux-2.6/debian/patches/series/21lenny4 Thu Feb 18 04:45:57 2010 (r15184)
@@ -1,2 +1,3 @@
+ bugfix/all/futex-handle-user-space-corruption-gracefully.patch
+ bugfix/all/mm-fix-uninitialized-vars-for-find_vma_prepare-callers.patch
++ bugfix/x86/set_personality_ia32-misses-force_personality32.patch
Added: dists/lenny-security/linux-2.6/debian/patches/series/21lenny4-extra
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ dists/lenny-security/linux-2.6/debian/patches/series/21lenny4-extra Thu Feb 18 04:45:57 2010 (r15184)
@@ -0,0 +1 @@
++ features/all/xen/set_personality_ia32-misses-force_personality32.patch featureset=xen
More information about the Kernel-svn-changes
mailing list