summaryrefslogtreecommitdiffstats
path: root/recipes-kernel/linux
diff options
context:
space:
mode:
authorSona Sarmadi <sona.sarmadi@enea.com>2015-12-22 13:01:51 +0100
committerHuimin She <huimin.she@enea.com>2015-12-22 15:43:01 +0100
commit172827599cfe85e9df117b794ce5b935303fa96e (patch)
tree417ca65379918cf3399fbc0718a9f505fd5e4bc6 /recipes-kernel/linux
parent4b78021ae978a0639b5b4bb7c877d4a66b9b43f2 (diff)
downloadmeta-hierofalcon-172827599cfe85e9df117b794ce5b935303fa96e.tar.gz
kernel-fs_pin: CVE-2015-4178
Fixes list corruption of m_list or s_list if unused References: http://seclists.org/oss-sec/2015/q2/640 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2015-4178 Upstream patch: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/ patch/?id=11bf6b1ea65f1580477827831d05711e5b87ac7b Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Huimin She <huimin.she@enea.com>
Diffstat (limited to 'recipes-kernel/linux')
-rw-r--r--recipes-kernel/linux/linux-hierofalcon-3.19/fs_pin-CVE-2015-4178.patch47
-rw-r--r--recipes-kernel/linux/linux-hierofalcon_3.19.bb1
2 files changed, 48 insertions, 0 deletions
diff --git a/recipes-kernel/linux/linux-hierofalcon-3.19/fs_pin-CVE-2015-4178.patch b/recipes-kernel/linux/linux-hierofalcon-3.19/fs_pin-CVE-2015-4178.patch
new file mode 100644
index 0000000..34b6d0b
--- /dev/null
+++ b/recipes-kernel/linux/linux-hierofalcon-3.19/fs_pin-CVE-2015-4178.patch
@@ -0,0 +1,47 @@
1From 11bf6b1ea65f1580477827831d05711e5b87ac7b Mon Sep 17 00:00:00 2001
2From: "Eric W. Biederman" <ebiederm@xmission.com>
3Date: Thu, 2 Apr 2015 16:35:48 -0500
4Subject: fs_pin: Allow for the possibility that m_list or s_list go unused.
5
6[ Upstream commit 820f9f147dcce2602eefd9b575bbbd9ea14f0953 ]
7
8This is needed to support lazily umounting locked mounts. Because the
9entire unmounted subtree needs to stay together until there are no
10users with references to any part of the subtree.
11
12To support this guarantee that the fs_pin m_list and s_list nodes
13are initialized by initializing them in init_fs_pin allowing
14for the possibility that pin_insert_group does not touch them.
15
16Further use hlist_del_init in pin_remove so that there is
17a hlist_unhashed test before the list we attempt to update
18the previous list item.
19
20Fixes CVE-2015-4178.
21Upstream-Status: Backport
22
23Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
24Signed-off-by: Sasha Levin <sasha.levin@oracle.com>
25Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
26---
27 fs/fs_pin.c | 4 ++--
28 1 file changed, 2 insertions(+), 2 deletions(-)
29
30diff --git a/fs/fs_pin.c b/fs/fs_pin.c
31index 9368236..569bbd1 100644
32--- a/fs/fs_pin.c
33+++ b/fs/fs_pin.c
34@@ -20,8 +20,8 @@ void pin_put(struct fs_pin *p)
35 void pin_remove(struct fs_pin *pin)
36 {
37 spin_lock(&pin_lock);
38- hlist_del(&pin->m_list);
39- hlist_del(&pin->s_list);
40+ hlist_del_init(&pin->m_list);
41+ hlist_del_init(&pin->s_list);
42 spin_unlock(&pin_lock);
43 }
44
45--
46cgit v0.11.2
47
diff --git a/recipes-kernel/linux/linux-hierofalcon_3.19.bb b/recipes-kernel/linux/linux-hierofalcon_3.19.bb
index 7d0e9d2..ea80e94 100644
--- a/recipes-kernel/linux/linux-hierofalcon_3.19.bb
+++ b/recipes-kernel/linux/linux-hierofalcon_3.19.bb
@@ -21,6 +21,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto-3.19;branch="standard/qemuarm6
21 file://RDS-CVE-2015-7990-a-complete-fix-of-CVE-2015-6937.patch \ 21 file://RDS-CVE-2015-7990-a-complete-fix-of-CVE-2015-6937.patch \
22 file://fs-CVE-2015-3339.patch \ 22 file://fs-CVE-2015-3339.patch \
23 file://mnt-CVE-2015-4177.patch \ 23 file://mnt-CVE-2015-4177.patch \
24 file://fs_pin-CVE-2015-4178.patch \
24 " 25 "
25 26
26S = "${WORKDIR}/git" 27S = "${WORKDIR}/git"