[kernel/f15] merge 3.0.3rc1 patches. (contains fix for CVE-2011-2905)

Dave Jones davej at fedoraproject.org
Tue Aug 16 03:56:21 UTC 2011 

commit 9fe2f4befc252efd51e9b3e8b3e99e77485bbe25
Author: Dave Jones <davej at redhat.com>
Date:   Mon Aug 15 23:55:31 2011 -0400

    merge 3.0.3rc1 patches.
    (contains fix for CVE-2011-2905)

 .gitignore                 |    1 +
 CVE-2011-2905.patch        |  116 --------------------------------------------
 kernel.spec                |   31 +++++-------
 perf-check-ownership.patch |   62 +++++++++++++++++++++++
 sources                    |    1 +
 5 files changed, 76 insertions(+), 135 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 6652bab..03eb9bf 100644
--- a/.gitignore
+++ b/.gitignore
@@ -5,3 +5,4 @@ clog
 kernel-2.6.*/
 kernel-3.*/
 /patch-3.0.2-rc1.gz
+/patch-3.0.3-rc1.gz
diff --git a/kernel.spec b/kernel.spec
index 78e624d..859eeb9 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -51,7 +51,7 @@ Summary: The Linux kernel
 # For non-released -rc kernels, this will be prepended with "0.", so
 # for example a 3 here will become 0.3
 #
-%global baserelease 1
+%global baserelease 0
 %global fedora_build %{baserelease}
 
 # base_sublevel is the kernel version we're starting with and patching
@@ -64,7 +64,7 @@ Summary: The Linux kernel
 %if 0%{?released_kernel}
 
 # Do we have a -stable update to apply?
-%define stable_update 2
+%define stable_update 3
 # Is it a -stable RC?
 %define stable_rc 0
 # Set rpm version accordingly
@@ -582,6 +582,7 @@ Source1000: config-local
 
 Patch00: patch-3.0.bz2
 Patch01: patch-3.0.2.bz2
+Patch02: patch-3.0.3-rc1.gz
 
 # we also need compile fixes for -vanilla
 Patch04: linux-2.6-compile-fixes.patch
@@ -594,10 +595,10 @@ Patch05: linux-2.6-makefile-after_link.patch
 # revert upstream patches we get via other methods
 Patch09: linux-2.6-upstream-reverts.patch
 
-Patch10: CVE-2011-2905.patch
-
 # Standalone patches
 
+Patch100: perf-check-ownership.patch
+
 Patch150: linux-2.6.29-sparc-IOC_TYPECHECK.patch
 
 Patch160: linux-2.6-32bit-mmap-exec-randomization.patch
@@ -1099,6 +1100,7 @@ done
 # Update vanilla to the latest upstream. (2.6.39 -> 3.0)
 ApplyPatch patch-3.0.bz2
 ApplyPatch patch-3.0.2.bz2
+ApplyPatch patch-3.0.3-rc1.gz
 
 ApplyPatch linux-2.6-makefile-after_link.patch
 
@@ -1112,20 +1114,8 @@ ApplyOptionalPatch linux-2.6-compile-fixes.patch
 # revert patches from upstream that conflict or that we get via other means
 ApplyOptionalPatch linux-2.6-upstream-reverts.patch -R
 
-# CVE fixes
-ApplyPatch CVE-2011-2905.patch
-
 
-# Architecture patches
-# x86(-64)
-
-#
-# Intel IOMMU
-#
-
-#
-# PowerPC
-#
+ApplyPatch perf-check-ownership.patch
 
 #
 # SPARC64
@@ -1892,8 +1882,11 @@ fi
 # and build.
 
 %changelog
-* Mon Aug 15 2011 Dave Jones <davej at redhat.com> 2.6.40.2-1
-- 3.0.2
+* Mon Aug 15 2011 Dave Jones <davej at redhat.com> 2.6.40.3-0
+- Apply patches from 3.0.3-rc1
+
+* Mon Aug 15 2011 Dave Jones <davej at redhat.com>
+- Apply patches from 3.0.2
 
 * Mon Aug 15 2011 Dave Jones <davej at redhat.com>
 - CVE-2011-2905 perf tools may parse user-controlled config file. (rhbz 729809)
diff --git a/perf-check-ownership.patch b/perf-check-ownership.patch
new file mode 100644
index 0000000..93ed660
--- /dev/null
+++ b/perf-check-ownership.patch
@@ -0,0 +1,62 @@
+commit 069e3725dd9be3b759a98e8c80ac5fc38b392b23
+Author: Arnaldo Carvalho de Melo <acme at redhat.com>
+Date:   Tue Aug 9 12:42:13 2011 -0300
+
+    perf tools: Check $HOME/.perfconfig ownership
+    
+    Just like we do already for perf.data files.
+    
+    Requested-by: Ingo Molnar <mingo at elte.hu>
+    Cc: Ben Hutchings <ben at decadent.org.uk>
+    Cc: Christian Ohm <chr.ohm at gmx.net>
+    Cc: David Ahern <dsahern at gmail.com>
+    Cc: Frederic Weisbecker <fweisbec at gmail.com>
+    Cc: Jonathan Nieder <jrnieder at gmail.com>
+    Cc: Mike Galbraith <efault at gmx.de>
+    Cc: Paul Mackerras <paulus at samba.org>
+    Cc: Peter Zijlstra <peterz at infradead.org>
+    Cc: Stephane Eranian <eranian at google.com>
+    Link: http://lkml.kernel.org/n/tip-qgokmxsmvppwpc5404qhyk7e@git.kernel.org
+    Signed-off-by: Arnaldo Carvalho de Melo <acme at redhat.com>
+
+diff --git a/tools/perf/util/config.c b/tools/perf/util/config.c
+index 6c86eca..fe02903 100644
+--- a/tools/perf/util/config.c
++++ b/tools/perf/util/config.c
+@@ -413,13 +413,32 @@ int perf_config(config_fn_t fn, void *data)
+ 	home = getenv("HOME");
+ 	if (perf_config_global() && home) {
+ 		char *user_config = strdup(mkpath("%s/.perfconfig", home));
+-		if (!access(user_config, R_OK)) {
+-			ret += perf_config_from_file(fn, user_config, data);
+-			found += 1;
++		struct stat st;
++
++		if (user_config == NULL) {
++			warning("Not enough memory to process %s/.perfconfig, "
++				"ignoring it.", home);
++			goto out;
++		}
++
++		if (stat(user_config, &st) < 0)
++			goto out_free;
++
++		if (st.st_uid && (st.st_uid != geteuid())) {
++			warning("File %s not owned by current user or root, "
++				"ignoring it.", user_config);
++			goto out_free;
+ 		}
++
++		if (!st.st_size)
++			goto out_free;
++
++		ret += perf_config_from_file(fn, user_config, data);
++		found += 1;
++out_free:
+ 		free(user_config);
+ 	}
+-
++out:
+ 	if (found == 0)
+ 		return -1;
+ 	return ret;
diff --git a/sources b/sources
index 95e1e24..4ed2072 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,4 @@
 1aab7a741abe08d42e8eccf20de61e05  linux-2.6.39.tar.bz2
 df5790b51f218fc5e5463162b26afbfc  patch-3.0.bz2
 f5743283e6075282cebfbde62e65240b  patch-3.0.2.bz2
+23b4aad2d34ea209f62b199e67a88240  patch-3.0.3-rc1.gz

More information about the scm-commits mailing list