[kernel] r22400 - in dists/squeeze-security/linux-2.6/debian: . patches/bugfix/x86 patches/series
Ben Hutchings
benh at moszumanska.debian.org
Tue Feb 17 22:48:24 UTC 2015
Author: benh
Date: Tue Feb 17 22:48:24 2015
New Revision: 22400
Log:
Drop fixes for x86 FPU state management and CVE-2014-9419
The FPU state fixes are apparently not important on 2.6.32 because
the bug affects use of AES-NI in an i386 kernel while in 2.6.32 AES-NI
is only used on x86_64 (amd64):
<http://article.gmane.org/gmane.linux.kernel/1257424/>
CVE-2014-9419 depends on at least some of these changes, and it is not
obvious how to minimise them. This issue allows a partial ASLR bypass
by local users, which does not seem serious enough to justify the risk
of the FPU state changes in itself:
<http://www.openwall.com/lists/oss-security/2014/12/25/1>
Deleted:
dists/squeeze-security/linux-2.6/debian/patches/bugfix/x86/0001-x86-fpu-move-most-of-__save_init_fpu-into-fpu_save_i.patch
dists/squeeze-security/linux-2.6/debian/patches/bugfix/x86/0002-x86-64-fpu-disable-preemption-when-using-ts_usedfpu.patch
dists/squeeze-security/linux-2.6/debian/patches/bugfix/x86/0003-x86-32-fpu-rewrite-fpu_save_init.patch
dists/squeeze-security/linux-2.6/debian/patches/bugfix/x86/0004-x86-fpu-merge-fpu_save_init.patch
dists/squeeze-security/linux-2.6/debian/patches/bugfix/x86/0005-x86-32-fpu-fix-fpu-exception-handling-on-non-sse-sys.patch
dists/squeeze-security/linux-2.6/debian/patches/bugfix/x86/0006-i387-math_state_restore-isn-t-called-from-asm.patch
dists/squeeze-security/linux-2.6/debian/patches/bugfix/x86/0007-i387-make-irq_fpu_usable-tests-more-robust.patch
dists/squeeze-security/linux-2.6/debian/patches/bugfix/x86/0008-i387-fix-sense-of-sanity-check.patch
dists/squeeze-security/linux-2.6/debian/patches/bugfix/x86/0009-i387-fix-x86-64-preemption-unsafe-user-stack-save-re.patch
dists/squeeze-security/linux-2.6/debian/patches/bugfix/x86/0010-i387-move-ts_usedfpu-clearing-out-of-__save_init_fpu.patch
dists/squeeze-security/linux-2.6/debian/patches/bugfix/x86/0011-i387-don-t-ever-touch-ts_usedfpu-directly-use-helper.patch
dists/squeeze-security/linux-2.6/debian/patches/bugfix/x86/0012-i387-do-not-preload-fpu-state-at-task-switch-time.patch
dists/squeeze-security/linux-2.6/debian/patches/bugfix/x86/0013-i387-move-amd-k7-k8-fpu-fxsave-fxrstor-workaround-fr.patch
dists/squeeze-security/linux-2.6/debian/patches/bugfix/x86/0014-i387-move-ts_usedfpu-flag-from-thread_info-to-task_s.patch
dists/squeeze-security/linux-2.6/debian/patches/bugfix/x86/0015-i387-re-introduce-fpu-state-preloading-at-context-sw.patch
dists/squeeze-security/linux-2.6/debian/patches/bugfix/x86/x86-fpu-avoid-abi-change-for-addition-of-has_fpu-fla.patch
dists/squeeze-security/linux-2.6/debian/patches/bugfix/x86/x86_64-switch_to-load-tls-descriptors-before-switchi.patch
Modified:
dists/squeeze-security/linux-2.6/debian/changelog
dists/squeeze-security/linux-2.6/debian/patches/series/48squeeze11
Modified: dists/squeeze-security/linux-2.6/debian/changelog
==============================================================================
--- dists/squeeze-security/linux-2.6/debian/changelog Tue Feb 17 05:25:56 2015 (r22399)
+++ dists/squeeze-security/linux-2.6/debian/changelog Tue Feb 17 22:48:24 2015 (r22400)
@@ -13,25 +13,6 @@
(CVE-2014-7822)
* net: sctp: fix slab corruption from use after free on INIT collisions
(CVE-2015-1421)
- * [x86] Backport fixes to FPU/SSE state save and restore from Linux 3.3:
- - fpu: Move most of __save_init_fpu() into fpu_save_init()
- - [amd64] fpu: Disable preemption when using TS_USEDFPU
- - [i386] fpu: Rewrite fpu_save_init()
- - fpu: Merge fpu_save_init()
- - [i386] fpu: Fix FPU exception handling on non-SSE systems
- - i387: math_state_restore() isn't called from asm
- - i387: make irq_fpu_usable() tests more robust
- - i387: fix sense of sanity check
- - i387: fix x86-64 preemption-unsafe user stack save/restore
- - i387: move TS_USEDFPU clearing out of __save_init_fpu and into callers
- - i387: don't ever touch TS_USEDFPU directly, use helper functions
- - i387: do not preload FPU state at task switch time
- - i387: move AMD K7/K8 fpu fxsave/fxrstor workaround from save to restore
- - i387: move TS_USEDFPU flag from thread_info to task_struct
- - i387: re-introduce FPU state preloading at context switch time
- * Ignore ABI change for math_state_restore(), not used out-of-tree
- * [amd64] switch_to(): Load TLS descriptors before switching DS and ES
- (CVE-2014-9419)
* ASLR: fix stack randomization on 64-bit systems (CVE-2015-1593)
-- Ben Hutchings <ben at decadent.org.uk> Wed, 28 Jan 2015 22:33:05 +0000
Modified: dists/squeeze-security/linux-2.6/debian/patches/series/48squeeze11
==============================================================================
--- dists/squeeze-security/linux-2.6/debian/patches/series/48squeeze11 Tue Feb 17 05:25:56 2015 (r22399)
+++ dists/squeeze-security/linux-2.6/debian/patches/series/48squeeze11 Tue Feb 17 22:48:24 2015 (r22400)
@@ -8,28 +8,4 @@
+ bugfix/all/splice-apply-generic-position-and-size-checks-to-eac.patch
+ bugfix/all/net-sctp-fix-slab-corruption-from-use-after-free-on-.patch
-# FPU/SSE fixes and refactoring needed to prepare for the next set
-+ bugfix/x86/0001-x86-fpu-move-most-of-__save_init_fpu-into-fpu_save_i.patch
-+ bugfix/x86/0002-x86-64-fpu-disable-preemption-when-using-ts_usedfpu.patch
-+ bugfix/x86/0003-x86-32-fpu-rewrite-fpu_save_init.patch
-+ bugfix/x86/0004-x86-fpu-merge-fpu_save_init.patch
-+ bugfix/x86/0005-x86-32-fpu-fix-fpu-exception-handling-on-non-sse-sys.patch
-
-# FPU/SSE fixes from Linux 3.3 fix possible data loss and are needed
-# before the following security fix
-+ bugfix/x86/0006-i387-math_state_restore-isn-t-called-from-asm.patch
-+ bugfix/x86/0007-i387-make-irq_fpu_usable-tests-more-robust.patch
-+ bugfix/x86/0008-i387-fix-sense-of-sanity-check.patch
-+ bugfix/x86/0009-i387-fix-x86-64-preemption-unsafe-user-stack-save-re.patch
-+ bugfix/x86/0010-i387-move-ts_usedfpu-clearing-out-of-__save_init_fpu.patch
-+ bugfix/x86/0011-i387-don-t-ever-touch-ts_usedfpu-directly-use-helper.patch
-+ bugfix/x86/0012-i387-do-not-preload-fpu-state-at-task-switch-time.patch
-+ bugfix/x86/0013-i387-move-amd-k7-k8-fpu-fxsave-fxrstor-workaround-fr.patch
-+ bugfix/x86/0014-i387-move-ts_usedfpu-flag-from-thread_info-to-task_s.patch
-+ bugfix/x86/0015-i387-re-introduce-fpu-state-preloading-at-context-sw.patch
-
-+ bugfix/x86/x86-fpu-avoid-abi-change-for-addition-of-has_fpu-fla.patch
-
-+ bugfix/x86/x86_64-switch_to-load-tls-descriptors-before-switchi.patch
-
+ bugfix/all/aslr-fix-stack-randomization-on-64-bit-systems.patch
More information about the Kernel-svn-changes
mailing list