[kernel] r17736 - in dists/squeeze/linux-2.6/debian: . patches/features/all/openvz patches/series

Maximilian Attems maks at alioth.debian.org
Tue Jun 28 09:17:58 UTC 2011


Author: maks
Date: Tue Jun 28 09:17:56 2011
New Revision: 17736

Log:
add openvz bugfix

not landed in openvz git yet, taken from:
http://bugzilla.openvz.org/show_bug.cgi?id=1866

Added:
   dists/squeeze/linux-2.6/debian/patches/features/all/openvz/ptrace_dont_allow_process_without_memory_map_v2.patch
   dists/squeeze/linux-2.6/debian/patches/series/36-extra
      - copied, changed from r17724, dists/squeeze/linux-2.6/debian/patches/series/35-extra
Deleted:
   dists/squeeze/linux-2.6/debian/patches/series/35-extra
Modified:
   dists/squeeze/linux-2.6/debian/changelog

Modified: dists/squeeze/linux-2.6/debian/changelog
==============================================================================
--- dists/squeeze/linux-2.6/debian/changelog	Tue Jun 28 07:40:48 2011	(r17735)
+++ dists/squeeze/linux-2.6/debian/changelog	Tue Jun 28 09:17:56 2011	(r17736)
@@ -3,6 +3,7 @@
   [ maximilian attems ]
   * Add drm change from 2.6.32.41+drm33.18:
     - drm/radeon/kms: fix bad shift in atom iio table parser
+  * [opvenz] ptrace: Don't allow to trace a process without memory map.
 
  -- maximilian attems <maks at debian.org>  Sat, 25 Jun 2011 10:22:27 +0200
 

Added: dists/squeeze/linux-2.6/debian/patches/features/all/openvz/ptrace_dont_allow_process_without_memory_map_v2.patch
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ dists/squeeze/linux-2.6/debian/patches/features/all/openvz/ptrace_dont_allow_process_without_memory_map_v2.patch	Tue Jun 28 09:17:56 2011	(r17736)
@@ -0,0 +1,43 @@
+Date: Sun, 15 May 2011 08:47 -0400
+From: Cyrill Gorcunov <gorcunov at openvz.org>
+Subject: ptrace: Don't allow to trace a process without memory map v2
+
+There is a chance the user start tracing process which
+has no memory map yet because of being a child process
+which moves to VE environment at creation time.
+
+A typical example is to start VE via vzctl with --wait argument
+trace vzctl child process while it's in waiting state. The
+result is NULL dereference and kernel panic.
+
+Fix it by declining to trace such processes.
+
+http://bugzilla.openvz.org/show_bug.cgi?id=1866
+
+v2: Pavel spotted task->mm access without task_lock
+    guardian. Fixed.
+
+Signed-off-by: Cyrill Gorcunov <gorcunov at openvz.org>
+---
+ kernel/ptrace.c |    7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+Index: linux-2.6-ovz/kernel/ptrace.c
+===================================================================
+--- linux-2.6-ovz.orig/kernel/ptrace.c
++++ linux-2.6-ovz/kernel/ptrace.c
+@@ -198,8 +198,13 @@ int ptrace_attach(struct task_struct *ta
+ 	task_unlock(task);
+ 	if (retval)
+ 		goto unlock_creds;
++
+ 	retval = -EACCES;
+-	if (task->mm->vps_dumpable == 2)
++	task_lock(task);
++	if (task->mm && task->mm->vps_dumpable != 2)
++		retval = 0;
++	task_unlock(task);
++	if (retval)
+ 		goto unlock_creds;
+ 
+ 	write_lock_irq(&tasklist_lock);

Copied and modified: dists/squeeze/linux-2.6/debian/patches/series/36-extra (from r17724, dists/squeeze/linux-2.6/debian/patches/series/35-extra)
==============================================================================
--- dists/squeeze/linux-2.6/debian/patches/series/35-extra	Sat Jun 25 08:45:35 2011	(r17724, copy source)
+++ dists/squeeze/linux-2.6/debian/patches/series/36-extra	Tue Jun 28 09:17:56 2011	(r17736)
@@ -5,6 +5,7 @@
 + features/all/openvz/0003-VE-shutdown-environment-only-if-VE-pid-ns-is-destroy.patch featureset=openvz
 + features/all/openvz/0004-net-decriment-unix_nr_socks-if-ub_other_sock_charge-.patch featureset=openvz
 + features/all/openvz/0005-ve-Fix-d_path-return-code-when-no-buffer-given.patch featureset=openvz
++ features/all/openvz/ptrace_dont_allow_process_without_memory_map_v2.patch featureset=openvz
 
 + debian/revert-sched-changes-in-2.6.32.29.patch featureset=vserver
 + features/all/vserver/vs2.3.0.36.29.6.patch featureset=vserver



More information about the Kernel-svn-changes mailing list