[kernel] r14954 - in dists/trunk/linux-2.6/debian: . patches/bugfix/all patches/series

Ben Hutchings benh at alioth.debian.org
Mon Jan 18 22:59:27 UTC 2010 

Author: benh
Date: Mon Jan 18 22:59:25 2010
New Revision: 14954

Log:
SCSI/megaraid_sas: remove sysfs poll_mode_io world writeable permissions (CVE-2009-3939)

Added:
   dists/trunk/linux-2.6/debian/patches/bugfix/all/megaraid_sas-remove-poll_mode_io-world-write-perm.patch
Modified:
   dists/trunk/linux-2.6/debian/changelog
   dists/trunk/linux-2.6/debian/patches/series/6

Modified: dists/trunk/linux-2.6/debian/changelog
==============================================================================
--- dists/trunk/linux-2.6/debian/changelog	Mon Jan 18 22:50:09 2010	(r14953)
+++ dists/trunk/linux-2.6/debian/changelog	Mon Jan 18 22:59:25 2010	(r14954)
@@ -29,6 +29,8 @@
     - Fix DMA mapping for i915 driver (Closes: #558237)
       + drm: remove address mask param for drm_pci_alloc()
       + agp/intel-agp: Clear entire GTT on startup
+  * SCSI/megaraid_sas: remove sysfs poll_mode_io world writeable permissions
+    (CVE-2009-3939)
 
   [ Ian Campbell ]
   * xen: Enable up to 32G of guest memory on i386.

Added: dists/trunk/linux-2.6/debian/patches/bugfix/all/megaraid_sas-remove-poll_mode_io-world-write-perm.patch
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ dists/trunk/linux-2.6/debian/patches/bugfix/all/megaraid_sas-remove-poll_mode_io-world-write-perm.patch	Mon Jan 18 22:59:25 2010	(r14954)
@@ -0,0 +1,23 @@
+Based on:
+
+From: Bryn M. Reeves <bmr at redhat.com>
+Subject: [PATCH] [SCSI] megaraid_sas: remove sysfs poll_mode_io world writeable permissions
+
+/sys/bus/pci/drivers/megaraid_sas/poll_mode_io defaults to being
+world-writable, which seems bad (letting any user affect kernel driver
+behavior).
+
+This turns off group and user write permissions, so that on typical
+production systems only root can write to it.
+
+--- a/drivers/scsi/megaraid/megaraid_sas.c
++++ b/drivers/scsi/megaraid/megaraid_sas.c
+@@ -3451,7 +3451,7 @@
+ 	return retval;
+ }
+ 
+-static DRIVER_ATTR(poll_mode_io, S_IRUGO|S_IWUGO,
++static DRIVER_ATTR(poll_mode_io, S_IRUGO|S_IWUSR,
+ 		megasas_sysfs_show_poll_mode_io,
+ 		megasas_sysfs_set_poll_mode_io);
+ 

Modified: dists/trunk/linux-2.6/debian/patches/series/6
==============================================================================
--- dists/trunk/linux-2.6/debian/patches/series/6	Mon Jan 18 22:50:09 2010	(r14953)
+++ dists/trunk/linux-2.6/debian/patches/series/6	Mon Jan 18 22:59:25 2010	(r14954)
@@ -26,3 +26,4 @@
 - bugfix/all/ath5k-Fix-eeprom-checksum-check-for-custom-sized-eeproms.patch
 + bugfix/all/stable/2.6.32.4.patch
 + debian/mremap-fix-conflict-between-2.6.32.4-and-vserver.patch
++ bugfix/all/megaraid_sas-remove-poll_mode_io-world-write-perm.patch

More information about the Kernel-svn-changes mailing list