[linux] 02/04: Revert "ecryptfs: forbid opening files without mmap handler", redundant with upstream fixes

debian-kernel at lists.debian.org debian-kernel at lists.debian.org
Sat Dec 10 04:39:43 UTC 2016 

This is an automated email from the git hooks/post-receive script.

benh pushed a commit to branch jessie
in repository linux.

commit 403e7463a0ee61f226df7c4563ff0095970db2c6
Author: Ben Hutchings <ben at decadent.org.uk>
Date:   Fri Dec 9 21:06:20 2016 +0000

    Revert "ecryptfs: forbid opening files without mmap handler", redundant with upstream fixes
    
    ...and move the other ecryptfs fix into the 'miscellaneous bug fixes'
    section of the series.
---
 debian/changelog                                   |  2 +
 ...forbid-opening-files-without-mmap-handler.patch | 54 ----------------------
 debian/patches/series                              |  3 +-
 3 files changed, 3 insertions(+), 56 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index 6fe2202..fc7ba0a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -470,6 +470,8 @@ linux (3.16.39-1) UNRELEASED; urgency=medium
 
   [ Ben Hutchings ]
   * [x86] video: Disable X86_SYSFB, FB_SIMPLE (Closes: #822575)
+  * Revert "ecryptfs: forbid opening files without mmap handler", redundant
+    with upstream fixes
 
   [ Julien Cristau ]
   * hwrng: Add chaoskey driver, backported from 4.8 (Closes: #839616)
diff --git a/debian/patches/bugfix/all/ecryptfs-forbid-opening-files-without-mmap-handler.patch b/debian/patches/bugfix/all/ecryptfs-forbid-opening-files-without-mmap-handler.patch
deleted file mode 100644
index 4bcaa75..0000000
--- a/debian/patches/bugfix/all/ecryptfs-forbid-opening-files-without-mmap-handler.patch
+++ /dev/null
@@ -1,54 +0,0 @@
-From: Jann Horn <jannh at google.com>
-Date: Wed, 1 Jun 2016 11:55:06 +0200
-Subject: ecryptfs: forbid opening files without mmap handler
-Origin: https://git.kernel.org/linus/2f36db71009304b3f0b95afacd8eba1f9f046b87
-
-This prevents users from triggering a stack overflow through a recursive
-invocation of pagefault handling that involves mapping procfs files into
-virtual memory.
-
-Signed-off-by: Jann Horn <jannh at google.com>
-Acked-by: Tyler Hicks <tyhicks at canonical.com>
-Cc: stable at vger.kernel.org
-Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
----
- fs/ecryptfs/kthread.c | 13 +++++++++++--
- 1 file changed, 11 insertions(+), 2 deletions(-)
-
---- a/fs/ecryptfs/kthread.c
-+++ b/fs/ecryptfs/kthread.c
-@@ -25,6 +25,7 @@
- #include <linux/slab.h>
- #include <linux/wait.h>
- #include <linux/mount.h>
-+#include <linux/file.h>
- #include "ecryptfs_kernel.h"
- 
- struct ecryptfs_open_req {
-@@ -147,7 +148,7 @@ int ecryptfs_privileged_open(struct file
- 	flags |= IS_RDONLY(lower_dentry->d_inode) ? O_RDONLY : O_RDWR;
- 	(*lower_file) = dentry_open(&req.path, flags, cred);
- 	if (!IS_ERR(*lower_file))
--		goto out;
-+		goto have_file;
- 	if ((flags & O_ACCMODE) == O_RDONLY) {
- 		rc = PTR_ERR((*lower_file));
- 		goto out;
-@@ -165,8 +166,16 @@ int ecryptfs_privileged_open(struct file
- 	mutex_unlock(&ecryptfs_kthread_ctl.mux);
- 	wake_up(&ecryptfs_kthread_ctl.wait);
- 	wait_for_completion(&req.done);
--	if (IS_ERR(*lower_file))
-+	if (IS_ERR(*lower_file)) {
- 		rc = PTR_ERR(*lower_file);
-+		goto out;
-+	}
-+have_file:
-+	if ((*lower_file)->f_op->mmap == NULL) {
-+		fput(*lower_file);
-+		*lower_file = NULL;
-+		rc = -EMEDIUMTYPE;
-+	}
- out:
- 	return rc;
- }
diff --git a/debian/patches/series b/debian/patches/series
index 68a879e..e39011c 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -239,6 +239,7 @@ bugfix/all/ip_vti-ip6_vti-do-not-touch-skb-mark-on-xmit.patch
 bugfix/all/xfrm-override-skb-mark-with-tunnel-parm.i_key-in-xfr.patch
 bugfix/all/ip_vti-ip6_vti-preserve-skb-mark-after-rcv_cb-call.patch
 bugfix/all/revert-usb-hub-do-not-clear-bos-field-during-reset-d.patch
+bugfix/all/ecryptfs-fix-handling-of-directory-opening.patch
 
 # memfd_create() & kdbus backport
 features/all/kdbus/mm-allow-drivers-to-prevent-new-writable-mappings.patch
@@ -652,8 +653,6 @@ features/all/chaoskey/hwrng-chaoskey-Fix-URB-warning-due-to-timeout-on-Ale.patch
 features/all/chaoskey/chaoskey-3.16-no-hwrng-quality.patch
 
 # Security fixes
-bugfix/all/ecryptfs-fix-handling-of-directory-opening.patch
-bugfix/all/ecryptfs-forbid-opening-files-without-mmap-handler.patch
 
 # Fix ABI changes
 debian/of-fix-abi-changes.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/kernel/linux.git

More information about the Kernel-svn-changes mailing list