wok-current rev 15676
linux: add CVE-2013-2929 fix (again)
author | Pascal Bellard <pascal.bellard@slitaz.org> |
---|---|
date | Thu Dec 19 11:33:46 2013 +0000 (2013-12-19) |
parents | e012a20e6db4 |
children | b1e8582f0aaa |
files | linux/stuff/linux-CVE-2013-2929.u |
line diff
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 1.2 +++ b/linux/stuff/linux-CVE-2013-2929.u Thu Dec 19 11:33:46 2013 +0000 1.3 @@ -0,0 +1,47 @@ 1.4 +https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=4004afd5f51ad0a86be405522b1ecf28ba66f4e5 1.5 +--- linux-3.2.53/arch/ia64/include/asm/processor.h 1.6 ++++ linux-3.2.53/arch/ia64/include/asm/processor.h 1.7 +@@ -320,7 +320,7 @@ 1.8 + regs->loadrs = 0; \ 1.9 + regs->r8 = get_dumpable(current->mm); /* set "don't zap registers" flag */ \ 1.10 + regs->r12 = new_sp - 16; /* allocate 16 byte scratch area */ \ 1.11 +- if (unlikely(!get_dumpable(current->mm))) { \ 1.12 ++ if (unlikely(get_dumpable(current->mm) != SUID_DUMP_USER)) { \ 1.13 + /* \ 1.14 + * Zap scratch regs to avoid leaking bits between processes with different \ 1.15 + * uid/privileges. \ 1.16 +--- linux-3.2.53/include/linux/binfmts.h 1.17 ++++ linux-3.2.53/include/linux/binfmts.h 1.18 +@@ -112,9 +112,6 @@ 1.19 + extern void would_dump(struct linux_binprm *, struct file *); 1.20 + 1.21 + extern int suid_dumpable; 1.22 +-#define SUID_DUMP_DISABLE 0 /* No setuid dumping */ 1.23 +-#define SUID_DUMP_USER 1 /* Dump as user of process */ 1.24 +-#define SUID_DUMP_ROOT 2 /* Dump as root */ 1.25 + 1.26 + /* Stack area protections */ 1.27 + #define EXSTACK_DEFAULT 0 /* Whatever the arch defaults to */ 1.28 +--- linux-3.2.53/include/linux/sched.h 1.29 ++++ linux-3.2.53/include/linux/sched.h 1.30 +@@ -402,6 +402,9 @@ 1.31 + 1.32 + extern void set_dumpable(struct mm_struct *mm, int value); 1.33 + extern int get_dumpable(struct mm_struct *mm); 1.34 ++#define SUID_DUMP_DISABLE 0 /* No setuid dumping */ 1.35 ++#define SUID_DUMP_USER 1 /* Dump as user of process */ 1.36 ++#define SUID_DUMP_ROOT 2 /* Dump as root */ 1.37 + 1.38 + /* mm flags */ 1.39 + /* dumpable bits */ 1.40 +--- linux-3.2.53/kernel/ptrace.c 1.41 ++++ linux-3.2.53/kernel/ptrace.c 1.42 +@@ -246,7 +246,7 @@ 1.43 + smp_rmb(); 1.44 + if (task->mm) 1.45 + dumpable = get_dumpable(task->mm); 1.46 +- if (!dumpable && !task_ns_capable(task, CAP_SYS_PTRACE)) 1.47 ++ if (dumpable != SUID_DUMP_USER && !task_ns_capable(task, CAP_SYS_PTRACE)) 1.48 + return -EPERM; 1.49 + 1.50 + return security_ptrace_access_check(task, mode);