control: notfixed -1 linux/4.18.20-1 control: found -1 4.19.37-6 On 2018-09-26 11:41, Steve McIntyre wrote: > On Wed, Jul 25, 2018 at 04:25:03PM +0100, Steve McIntyre wrote: > >On Mon, Jul 23, 2018 at 09:40:33PM +0200, Aurelien Jarno wrote: > >>control: affects -1 glibc > >>control: found linux/4.17.6-2 > >> > >>On 2018-07-23 21:31, Aurelien Jarno wrote: > >>> Package: src:linux > >>> Version: 4.9.110-1 > >>> Severity: normal > >>> > >>> Dear Maintainer, > >>> > >>> The arm64 kernel allows one to run aarch32 processes on an aarch64 > >>> processor (if it has support for it), using the standard 32/64-bit > >>> syscall compatibility. However this compat layer does not correctly > >>> validate the arguments of the sigaltstack syscall. > >>> > >> > >>I forgot to say that the problem is reproducible with kernel 4.17.6. > > > >Fix proposed in https://lkml.org/lkml/2018/7/25/409 > > At Will's suggestion, I've just tested that patchset locally and it > definitely fixes this problem so I've added a Tested-by: for him. >
The fix is composed of two patches, and only the first one went to the stable releases. Therefore both our oldstable and stable kernels used on the build daemons are still buggy. The following one is still missing in at least 4.9 and 4.19: | commit 24951465cbd279f60b1fdc2421b3694405bcff42 | Author: Will Deacon <[email protected]> | Date: Wed Sep 5 15:34:43 2018 +0100 | | arm64: compat: Provide definition for COMPAT_SIGMINSTKSZ | | arch/arm/ defines a SIGMINSTKSZ of 2k, so we should use the same value | for compat tasks. | | Cc: Arnd Bergmann <[email protected]> | Cc: Dominik Brodowski <[email protected]> | Cc: "Eric W. Biederman" <[email protected]> | Cc: Andrew Morton <[email protected]> | Cc: Al Viro <[email protected]> | Cc: Oleg Nesterov <[email protected]> | Reviewed-by: Dave Martin <[email protected]> | Reported-by: Steve McIntyre <[email protected]> | Tested-by: Steve McIntyre <[email protected]> | Signed-off-by: Will Deacon <[email protected]> | Signed-off-by: Catalin Marinas <[email protected]> -- Aurelien Jarno GPG: 4096R/1DDD8C9B [email protected] http://www.aurel32.net
