series

Bastian Blank Tue, 02 Oct 2007 02:10:53 -0700

Author: waldi
Date: Tue Oct  2 09:10:49 2007
New Revision: 9594

Log:
* debian/changelog: Update.
* debian/patches/bugfix/don-t-leak-nt-bit-into-next-task-xen.patch:
  Adopt to Xen changes.
* debian/patches/series/13etch4-extra: Update.



Added:
   
dists/etch-security/linux-2.6/debian/patches/bugfix/don-t-leak-nt-bit-into-next-task-xen.patch
      - copied, changed from r8367, 
/dists/etch-security/linux-2.6/debian/patches/bugfix/don-t-leak-nt-bit-into-next-task.patch
Modified:
   dists/etch-security/linux-2.6/debian/changelog
   dists/etch-security/linux-2.6/debian/patches/series/13etch4-extra

Modified: dists/etch-security/linux-2.6/debian/changelog
==============================================================================
--- dists/etch-security/linux-2.6/debian/changelog      (original)
+++ dists/etch-security/linux-2.6/debian/changelog      Tue Oct  2 09:10:49 2007
@@ -2,10 +2,13 @@
 
   * bugfix/amd64-zero-extend-32bit-ptrace-xen.patch
     [SECURITY] Zero extend all registers after ptrace in 32-bit entry path
-    in the Xen kernels.
+    (Xen).
     See CVE-2007-4573
+  * bugfix/don-t-leak-nt-bit-into-next-task-xen.patch
+    [SECURITY] Don't leak NT bit into next task (Xen).
+    See CVE-2006-5755
 
- -- Bastian Blank <[EMAIL PROTECTED]>  Tue, 02 Oct 2007 10:44:28 +0200
+ -- Bastian Blank <[EMAIL PROTECTED]>  Tue, 02 Oct 2007 11:09:12 +0200
 
 linux-2.6 (2.6.18.dfsg.1-13etch3) stable-security; urgency=high
 

Copied: 
dists/etch-security/linux-2.6/debian/patches/bugfix/don-t-leak-nt-bit-into-next-task-xen.patch
 (from r8367, 
/dists/etch-security/linux-2.6/debian/patches/bugfix/don-t-leak-nt-bit-into-next-task.patch)
==============================================================================
--- 
/dists/etch-security/linux-2.6/debian/patches/bugfix/don-t-leak-nt-bit-into-next-task.patch
 (original)
+++ 
dists/etch-security/linux-2.6/debian/patches/bugfix/don-t-leak-nt-bit-into-next-task-xen.patch
      Tue Oct  2 09:10:49 2007
@@ -1,29 +1,6 @@
-From 658fdbef66e5e9be79b457edc2cbbb3add840aa9 Mon Sep 17 00:00:00 2001
-From: Chuck Ebbert <[EMAIL PROTECTED]>
-To: linux-stable <[EMAIL PROTECTED]>
-Message-ID: <[EMAIL PROTECTED]>
-Date: Tue, 26 Sep 2006 10:52:41 +0200
-Subject: Don't leak NT bit into next task
 
-From: Andi Kleen <[EMAIL PROTECTED]>
-
-SYSENTER can cause a NT to be set which might cause crashes on the IRET
-in the next task.
-
-Following similar i386 patch from Linus.
-
-Signed-off-by: Andi Kleen <[EMAIL PROTECTED]>
-[backport from Chuck Ebbert]
-Signed-off-by: Chuck Ebbert <[EMAIL PROTECTED]>
-Signed-off-by: Chris Wright <[EMAIL PROTECTED]>
----
- arch/x86_64/kernel/entry.S   |    4 ++++
- arch/x86_64/kernel/setup64.c |    4 ++++
- include/asm-x86_64/system.h  |    5 +++--
- 3 files changed, 11 insertions(+), 2 deletions(-)
-
---- linux-2.6.18.6.orig/arch/x86_64/kernel/entry.S
-+++ linux-2.6.18.6/arch/x86_64/kernel/entry.S
+--- linux-2.6.18.6.orig/arch/x86_64/kernel/entry-xen.S
++++ linux-2.6.18.6/arch/x86_64/kernel/entry-xen.S
 @@ -146,6 +146,10 @@
  /* rdi:       prev */ 
  ENTRY(ret_from_fork)
@@ -35,8 +12,8 @@
        call schedule_tail
        GET_THREAD_INFO(%rcx)
        testl $(_TIF_SYSCALL_TRACE|_TIF_SYSCALL_AUDIT),threadinfo_flags(%rcx)
---- linux-2.6.18.6.orig/arch/x86_64/kernel/setup64.c
-+++ linux-2.6.18.6/arch/x86_64/kernel/setup64.c
+--- linux-2.6.18.6.orig/arch/x86_64/kernel/setup64-xen.c
++++ linux-2.6.18.6/arch/x86_64/kernel/setup64-xen.c
 @@ -178,6 +178,8 @@ void __cpuinit check_efer(void)
          }       
  }
@@ -53,21 +30,3 @@
 +
 +      raw_local_save_flags(kernel_eflags);
  }
---- linux-2.6.18.6.orig/include/asm-x86_64/system.h
-+++ linux-2.6.18.6/include/asm-x86_64/system.h
-@@ -14,12 +14,13 @@
- #define __RESTORE(reg,offset) "movq (14-" #offset ")*8(%%rsp),%%" #reg "\n\t"
- 
- /* frame pointer must be last for get_wchan */
--#define SAVE_CONTEXT    "pushq %%rbp ; movq %%rsi,%%rbp\n\t"
--#define RESTORE_CONTEXT "movq %%rbp,%%rsi ; popq %%rbp\n\t"
-+#define SAVE_CONTEXT    "pushf ; pushq %%rbp ; movq %%rsi,%%rbp\n\t"
-+#define RESTORE_CONTEXT "movq %%rbp,%%rsi ; popq %%rbp ; popf\t"
- 
- #define __EXTRA_CLOBBER  \
-       ,"rcx","rbx","rdx","r8","r9","r10","r11","r12","r13","r14","r15"
- 
-+/* Save restore flags to clear handle leaking NT */
- #define switch_to(prev,next,last) \
-       asm volatile(SAVE_CONTEXT                                               
    \
-                    "movq %%rsp,%P[threadrsp](%[prev])\n\t" /* save RSP */     
  \

Modified: dists/etch-security/linux-2.6/debian/patches/series/13etch4-extra
==============================================================================
--- dists/etch-security/linux-2.6/debian/patches/series/13etch4-extra   
(original)
+++ dists/etch-security/linux-2.6/debian/patches/series/13etch4-extra   Tue Oct 
 2 09:10:49 2007
@@ -1 +1,2 @@
 + bugfix/amd64-zero-extend-32bit-ptrace-xen.patch *_xen *_xen-vserver
++ bugfix/don-t-leak-nt-bit-into-next-task-xen.patch *_xen *_xen-vserver

_______________________________________________
Kernel-svn-changes mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/kernel-svn-changes

[kernel] r9594 - in dists/etch-security/linux-2.6/debian: . patches/bugfix patches/series

Reply via email to