cvs-hwcap-AT_SECURE.diff: patch backported from upstream to disable HWCAP for AT_SECURE programs.

Aurelien Jarno Mon, 19 Jun 2017 08:36:27 -0700

This is an automated email from the git hooks/post-receive script.

aurel32 pushed a commit to branch jessie
in repository glibc.


commit 882242b7f34b95b05462006e71fa729074bc05ef
Author: Aurelien Jarno <aurel...@aurel32.net>
Date:   Sat Jun 17 00:51:33 2017 +0200

    debian/patches/any/cvs-hwcap-AT_SECURE.diff: patch backported from upstream 
to disable HWCAP for AT_SECURE programs.
---
 debian/changelog                            |  2 ++
 debian/patches/any/cvs-hwcap-AT_SECURE.diff | 28 ++++++++++++++++++++++++++++
 debian/patches/series                       |  1 +
 3 files changed, 31 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index bbb1223..b0a6052 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -5,6 +5,8 @@ glibc (2.19-18+deb8u10) jessie-security; urgency=medium
     debian/patches/any/local-CVE-2017-1000366-rtld-LD_PRELOAD.diff: add
     patches to protect the dynamic linker against stack clashes
     (CVE-2017-1000366).
+  * debian/patches/any/cvs-hwcap-AT_SECURE.diff: patch backported from
+    upstream to disable HWCAP for AT_SECURE programs.
 
  -- Aurelien Jarno <aure...@debian.org>  Fri, 16 Jun 2017 23:13:21 +0200
 
diff --git a/debian/patches/any/cvs-hwcap-AT_SECURE.diff 
b/debian/patches/any/cvs-hwcap-AT_SECURE.diff
new file mode 100644
index 0000000..451fed6
--- /dev/null
+++ b/debian/patches/any/cvs-hwcap-AT_SECURE.diff
@@ -0,0 +1,28 @@
+2017-03-07  Siddhesh Poyarekar  <siddh...@sourceware.org>
+
+       [BZ #21209]
+       * elf/rtld.c (process_envvars): Ignore LD_HWCAP_MASK for
+       AT_SECURE processes.
+
+--- a/elf/rtld.c
++++ b/elf/rtld.c
+@@ -2404,7 +2404,8 @@ process_envvars (enum mode *modep)
+ 
+       case 10:
+         /* Mask for the important hardware capabilities.  */
+-        if (memcmp (envline, "HWCAP_MASK", 10) == 0)
++        if (!__libc_enable_secure
++            && memcmp (envline, "HWCAP_MASK", 10) == 0)
+           GLRO(dl_hwcap_mask) = __strtoul_internal (&envline[11], NULL,
+                                                     0, 0);
+         break;
+--- a/sysdeps/generic/unsecvars.h
++++ b/sysdeps/generic/unsecvars.h
+@@ -16,6 +16,7 @@
+   "LD_DEBUG\0"                                                                
      \
+   "LD_DEBUG_OUTPUT\0"                                                       \
+   "LD_DYNAMIC_WEAK\0"                                                       \
++  "LD_HWCAP_MASK\0"                                                         \
+   "LD_LIBRARY_PATH\0"                                                       \
+   "LD_ORIGIN_PATH\0"                                                        \
+   "LD_PRELOAD\0"                                                            \
diff --git a/debian/patches/series b/debian/patches/series
index ade96a1..d32c1dc 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -277,3 +277,4 @@ any/cvs-hesiod-resolver.diff
 any/local-CVE-2017-1000366-rtld-LD_LIBRARY_PATH.diff
 any/local-CVE-2017-1000366-rtld-LD_PRELOAD.diff
 any/local-CVE-2017-1000366-rtld-LD_AUDIT.diff
+any/cvs-hwcap-AT_SECURE.diff

-- 
Alioth's /usr/local/bin/git-commit-notice on 
/srv/git.debian.org/git/pkg-glibc/glibc.git

[glibc] 02/02: debian/patches/any/cvs-hwcap-AT_SECURE.diff: patch backported from upstream to disable HWCAP for AT_SECURE programs.

Reply via email to