[kernel] r9593 - in dists/etch-security/linux-2.6/debian: . patches/bugfix patches/series

Tue, 02 Oct 2007 01:53:17 -0700 

Author: waldi
Date: Tue Oct  2 08:53:12 2007
New Revision: 9593

Log:
* debian/changelog: Update.
* debian/patches/bugfix/amd64-zero-extend-32bit-ptrace-xen.patch:
  Adopt for xen changes.
* debian/patches/series/13etch4-extra: Add.


Added:
   
dists/etch-security/linux-2.6/debian/patches/bugfix/amd64-zero-extend-32bit-ptrace-xen.patch
      - copied, changed from r9545, 
/dists/etch-security/linux-2.6/debian/patches/bugfix/amd64-zero-extend-32bit-ptrace.patch
   dists/etch-security/linux-2.6/debian/patches/series/13etch4-extra
Modified:
   dists/etch-security/linux-2.6/debian/changelog

Modified: dists/etch-security/linux-2.6/debian/changelog
==============================================================================
--- dists/etch-security/linux-2.6/debian/changelog      (original)
+++ dists/etch-security/linux-2.6/debian/changelog      Tue Oct  2 08:53:12 2007
@@ -1,3 +1,12 @@
+linux-2.6 (2.6.18.dfsg.1-13etch4) UNRELEASED; urgency=low
+
+  * bugfix/amd64-zero-extend-32bit-ptrace-xen.patch
+    [SECURITY] Zero extend all registers after ptrace in 32-bit entry path
+    in the Xen kernels.
+    See CVE-2007-4573
+
+ -- Bastian Blank <[EMAIL PROTECTED]>  Tue, 02 Oct 2007 10:44:28 +0200
+
 linux-2.6 (2.6.18.dfsg.1-13etch3) stable-security; urgency=high
 
   * bugfix/ptrace-handle-bogus-selector.patch,

Copied: 
dists/etch-security/linux-2.6/debian/patches/bugfix/amd64-zero-extend-32bit-ptrace-xen.patch
 (from r9545, 
/dists/etch-security/linux-2.6/debian/patches/bugfix/amd64-zero-extend-32bit-ptrace.patch)
==============================================================================
--- 
/dists/etch-security/linux-2.6/debian/patches/bugfix/amd64-zero-extend-32bit-ptrace.patch
   (original)
+++ 
dists/etch-security/linux-2.6/debian/patches/bugfix/amd64-zero-extend-32bit-ptrace-xen.patch
        Tue Oct  2 08:53:12 2007
@@ -1,34 +1,10 @@
-From: Andi Kleen <[EMAIL PROTECTED]>
-Date: Fri, 21 Sep 2007 14:16:18 +0000 (+0200)
-Subject: x86_64: Zero extend all registers after ptrace in 32bit entry path.
-X-Git-Url: 
http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=176df2457ef6207156ca1a40991c54ca01fef567
+Adjusted to apply to Debian's 2.6.18 Xen
 
-x86_64: Zero extend all registers after ptrace in 32bit entry path.
-
-Strictly it's only needed for eax.
-
-It actually does a little more than strictly needed -- the other registers
-are already zero extended.
-
-Also remove the now unnecessary and non functional compat task check
-in ptrace.
-
-This is CVE-2007-4573
-
-Found by Wojciech Purczynski
-
-Signed-off-by: Andi Kleen <[EMAIL PROTECTED]>
-Signed-off-by: Linus Torvalds <[EMAIL PROTECTED]>
----
-
-Adjusted to apply to Debian's 2.6.18 by dann frazier <[EMAIL PROTECTED]>
-
-diff -urpN linux-source-2.6.18.orig/arch/x86_64/ia32/ia32entry.S 
linux-source-2.6.18/arch/x86_64/ia32/ia32entry.S
---- linux-source-2.6.18.orig/arch/x86_64/ia32/ia32entry.S      2006-09-19 
21:42:06.000000000 -0600
-+++ linux-source-2.6.18/arch/x86_64/ia32/ia32entry.S   2007-09-25 
00:10:16.089100799 -0600
+--- linux-source-2.6.18.orig/arch/x86_64/ia32/ia32entry-xen.S  2006-09-19 
21:42:06.000000000 -0600
++++ linux-source-2.6.18/arch/x86_64/ia32/ia32entry-xen.S       2007-09-25 
00:10:16.089100799 -0600
 @@ -38,6 +38,18 @@
-       movq    %rax,R8(%rsp)
-       .endm
+ #define __sti         sti     
+ #endif                        
  
 +      .macro LOAD_ARGS32 offset
 +      movl \offset(%rsp),%r11d
@@ -72,17 +48,3 @@
        RESTORE_REST
        jmp ia32_do_syscall
  END(ia32_syscall)
-diff -urpN linux-source-2.6.18.orig/arch/x86_64/kernel/ptrace.c 
linux-source-2.6.18/arch/x86_64/kernel/ptrace.c
---- linux-source-2.6.18.orig/arch/x86_64/kernel/ptrace.c       2006-09-19 
21:42:06.000000000 -0600
-+++ linux-source-2.6.18/arch/x86_64/kernel/ptrace.c    2007-09-25 
00:10:16.089100799 -0600
-@@ -223,10 +223,6 @@ static int putreg(struct task_struct *ch
- {
-       unsigned long tmp; 
-       
--      /* Some code in the 64bit emulation may not be 64bit clean.
--         Don't take any chances. */
--      if (test_tsk_thread_flag(child, TIF_IA32))
--              value &= 0xffffffff;
-       switch (regno) {
-               case offsetof(struct user_regs_struct,fs):
-                       if (value && (value & 3) != 3)

Added: dists/etch-security/linux-2.6/debian/patches/series/13etch4-extra
==============================================================================
--- (empty file)
+++ dists/etch-security/linux-2.6/debian/patches/series/13etch4-extra   Tue Oct 
 2 08:53:12 2007
@@ -0,0 +1 @@
++ bugfix/amd64-zero-extend-32bit-ptrace-xen.patch *_xen *_xen-vserver

_______________________________________________
Kernel-svn-changes mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/kernel-svn-changes

Reply via email to