[glibc] 03/05: debian/patches/any/cvs-hwcap-AT_SECURE.diff: patch backported from upstream to disable HWCAP for AT_SECURE programs.
This is an automated email from the git hooks/post-receive script.
aurel32 pushed a commit to branch sid
in repository glibc.
commit a287698d49b9a4d96b8cfa957e40a038cb1fdbc7
Author: Aurelien Jarno <aurelien@aurel32.net>
Date: Sun Jun 18 16:27:39 2017 +0200
debian/patches/any/cvs-hwcap-AT_SECURE.diff: patch backported from upstream to disable HWCAP for AT_SECURE programs.
---
debian/changelog | 2 ++
debian/patches/any/cvs-hwcap-AT_SECURE.diff | 28 ++++++++++++++++++++++++++++
debian/patches/series | 1 +
3 files changed, 31 insertions(+)
diff --git a/debian/changelog b/debian/changelog
index f68af7e..d651dce 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -22,6 +22,8 @@ glibc (2.24-12) UNRELEASED; urgency=medium
(CVE-2017-1000366).
* debian/patches/any/cvs-vectorized-strcspn-guards.diff: patch backported
from upstream to allow usage of strcspn in ld.so.
+ * debian/patches/any/cvs-hwcap-AT_SECURE.diff: patch backported from
+ upstream to disable HWCAP for AT_SECURE programs.
[ John Paul Adrian Glaubitz ]
* debian/sysdeps/sh3.mk: copy from sh4.mk. Closes: #851867.
diff --git a/debian/patches/any/cvs-hwcap-AT_SECURE.diff b/debian/patches/any/cvs-hwcap-AT_SECURE.diff
new file mode 100644
index 0000000..451fed6
--- /dev/null
+++ b/debian/patches/any/cvs-hwcap-AT_SECURE.diff
@@ -0,0 +1,28 @@
+2017-03-07 Siddhesh Poyarekar <siddhesh@sourceware.org>
+
+ [BZ #21209]
+ * elf/rtld.c (process_envvars): Ignore LD_HWCAP_MASK for
+ AT_SECURE processes.
+
+--- a/elf/rtld.c
++++ b/elf/rtld.c
+@@ -2404,7 +2404,8 @@ process_envvars (enum mode *modep)
+
+ case 10:
+ /* Mask for the important hardware capabilities. */
+- if (memcmp (envline, "HWCAP_MASK", 10) == 0)
++ if (!__libc_enable_secure
++ && memcmp (envline, "HWCAP_MASK", 10) == 0)
+ GLRO(dl_hwcap_mask) = __strtoul_internal (&envline[11], NULL,
+ 0, 0);
+ break;
+--- a/sysdeps/generic/unsecvars.h
++++ b/sysdeps/generic/unsecvars.h
+@@ -16,6 +16,7 @@
+ "LD_DEBUG\0" \
+ "LD_DEBUG_OUTPUT\0" \
+ "LD_DYNAMIC_WEAK\0" \
++ "LD_HWCAP_MASK\0" \
+ "LD_LIBRARY_PATH\0" \
+ "LD_ORIGIN_PATH\0" \
+ "LD_PRELOAD\0" \
diff --git a/debian/patches/series b/debian/patches/series
index fdcced4..2aee2be 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -223,3 +223,4 @@ any/local-CVE-2017-1000366-rtld-LD_LIBRARY_PATH.diff
any/local-CVE-2017-1000366-rtld-LD_PRELOAD.diff
any/local-CVE-2017-1000366-rtld-LD_AUDIT.diff
any/cvs-vectorized-strcspn-guards.diff
+any/cvs-hwcap-AT_SECURE.diff
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-glibc/glibc.git
Reply to: