rpms/kernel/devel linux-2.6.27-drm-i915-fix-ioctl-security.patch, NONE, 1.1 kernel.spec, 1.1060, 1.1061

Chuck Ebbert cebbert at fedoraproject.org
Fri Oct 17 17:45:09 UTC 2008 

Author: cebbert

Update of /cvs/pkgs/rpms/kernel/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv20498

Modified Files:
	kernel.spec 
Added Files:
	linux-2.6.27-drm-i915-fix-ioctl-security.patch 
Log Message:
DRM: fix ioctl security issue (CVE-2008-3831).

linux-2.6.27-drm-i915-fix-ioctl-security.patch:

--- NEW FILE linux-2.6.27-drm-i915-fix-ioctl-security.patch ---
CVE-2008-3831


Index: linux-2.6.27.noarch/drivers/gpu/drm/i915/i915_dma.c
===================================================================
--- linux-2.6.27.noarch.orig/drivers/gpu/drm/i915/i915_dma.c
+++ linux-2.6.27.noarch/drivers/gpu/drm/i915/i915_dma.c
@@ -832,7 +832,7 @@ struct drm_ioctl_desc i915_ioctls[] = {
 	DRM_IOCTL_DEF(DRM_I915_SET_VBLANK_PIPE,  i915_vblank_pipe_set, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY ),
 	DRM_IOCTL_DEF(DRM_I915_GET_VBLANK_PIPE,  i915_vblank_pipe_get, DRM_AUTH ),
 	DRM_IOCTL_DEF(DRM_I915_VBLANK_SWAP, i915_vblank_swap, DRM_AUTH),
-	DRM_IOCTL_DEF(DRM_I915_HWS_ADDR, i915_set_status_page, DRM_AUTH),
+	DRM_IOCTL_DEF(DRM_I915_HWS_ADDR, i915_set_status_page, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY),
 	DRM_IOCTL_DEF(DRM_I915_GEM_INIT, i915_gem_init_ioctl, DRM_AUTH|DRM_MASTER|DRM_ROOT_ONLY),
 	DRM_IOCTL_DEF(DRM_I915_GEM_EXECBUFFER, i915_gem_execbuffer, DRM_AUTH),
 	DRM_IOCTL_DEF(DRM_I915_GEM_PIN, i915_gem_pin_ioctl, DRM_AUTH|DRM_ROOT_ONLY),


Index: kernel.spec
===================================================================
RCS file: /cvs/pkgs/rpms/kernel/devel/kernel.spec,v
retrieving revision 1.1060
retrieving revision 1.1061
diff -u -r1.1060 -r1.1061
--- kernel.spec	17 Oct 2008 13:48:50 -0000	1.1060
+++ kernel.spec	17 Oct 2008 17:44:39 -0000	1.1061
@@ -642,6 +642,7 @@
 Patch1811: drm-modesetting-radeon.patch
 Patch1812: drm-modesetting-i915.patch
 Patch1813: drm-nouveau.patch
+Patch1814: linux-2.6.27-drm-i915-fix-ioctl-security.patch
 
 # kludge to make ich9 e1000 work
 Patch2000: linux-2.6-e1000-ich9.patch
@@ -1233,6 +1234,7 @@
 ApplyPatch drm-modesetting-radeon.patch
 ApplyPatch drm-modesetting-i915.patch
 ApplyPatch drm-nouveau.patch
+ApplyPatch linux-2.6.27-drm-i915-fix-ioctl-security.patch
 
 # linux1394 git patches
 ApplyPatch linux-2.6-firewire-git-update.patch
@@ -1831,10 +1833,13 @@
 %kernel_variant_files -k vmlinux %{with_kdump} kdump
 
 %changelog
-* Fri Oct 17 2008 Adam Jackson <ajax at redhat.com> 2.6.27.2-23.rc1
+* Fri Oct 17 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.27.2-25.rc1
+- DRM: fix ioctl security issue (CVE-2008-3831).
+
+* Fri Oct 17 2008 Adam Jackson <ajax at redhat.com> 2.6.27.2-24.rc1
 - Fix suspend on newer Vaios
 
-* Thu Oct 16 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.27.2-22.rc1
+* Thu Oct 16 2008 Chuck Ebbert <cebbert at redhat.com> 2.6.27.2-23.rc1
 - Linux 2.6.27.2-rc1
   Dropped patches:
     linux-2.6-x86-improve-up-kernel-when-cpu-hotplug-and-smp.patch

More information about the scm-commits mailing list