[Debian] Re: debian's openvz & CVE-2010-0307
Ola Lundqvist
ola at inguza.com
Tue Feb 9 14:45:53 EST 2010
Hi Dann
What was TIF_ABI_PENDING defined to earlier?
I assume this is not a problem, however Vitaliy knows this
in much more details so I want him to look at this as well.
Best regards,
// Ola
On Tue, Feb 09, 2010 at 12:28:25PM -0700, dann frazier wrote:
> hey Vitaliy/Ola,
> The fixes for CVE-2010-0307 remove the TIF_ABI_PENDING bit from
> arch-specific code. Since this #define no longer exists, our openvz
> patch needs to be updated to not reference it.
>
> It looks as though openvz only references to clear all arch-specific
> flags, so I prepared the following fix. Please let me know if you see
> any problem with it.
>
> This applies after the following list of commits:
> - 221af7f87 ("Split 'flush_old_exec' into two functions")
> - 05d43ed8a ("x86: get rid of the insane TIF_ABI_PENDING bit")
> - 7ab02af42 ("Fix 'flush_old_exec()/setup_new_exec()' split")
> - 94f28da84 ("powerpc: TIF_ABI_PENDING bit removal")
>
> diff -urpN a/kernel/cpt/cpt_process.c b/kernel/cpt/cpt_process.c
> --- a/kernel/cpt/cpt_process.c 2010-02-09 12:02:40.000000000 -0700
> +++ b/kernel/cpt/cpt_process.c 2010-02-09 12:13:10.000000000 -0700
> @@ -941,7 +941,7 @@ static int dump_one_process(cpt_object_t
> v->cpt_64bit = 0;
> #ifdef CONFIG_X86_64
> /* Clear x86_64 specific flags */
> - v->cpt_thrflags &= ~(_TIF_FORK|_TIF_ABI_PENDING|_TIF_IA32);
> + v->cpt_thrflags &= ~(_TIF_FORK|_TIF_IA32);
> if (!(task_thread_info(tsk)->flags & _TIF_IA32)) {
> ctx->tasks64++;
> v->cpt_64bit = 1;
>
--
--- Inguza Technology AB --- MSc in Information Technology ----
/ ola at inguza.com Annebergsslingan 37 \
| opal at debian.org 654 65 KARLSTAD |
| http://inguza.com/ Mobile: +46 (0)70-332 1551 |
\ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 /
---------------------------------------------------------------
More information about the Debian
mailing list