[glibc] 03/05: debian/patches/any/cvs-hwcap-AT_SECURE.diff: patch backported from upstream to disable HWCAP for AT_SECURE programs.

To: debian-glibc@lists.debian.org
Subject: [glibc] 03/05: debian/patches/any/cvs-hwcap-AT_SECURE.diff: patch backported from upstream to disable HWCAP for AT_SECURE programs.
From: Aurelien Jarno <aurel32@moszumanska.debian.org>
Date: Mon, 19 Jun 2017 15:36:15 +0000
Message-id: <[🔎] E1dMyit-00037Z-As@moszumanska.debian.org>
Reply-to: Aurelien Jarno <aurelien@aurel32.net>
In-reply-to: <[🔎] 20170619153611.4539.94363@moszumanska.debian.org>
References: <[🔎] 20170619153611.4539.94363@moszumanska.debian.org>

This is an automated email from the git hooks/post-receive script.

aurel32 pushed a commit to branch sid
in repository glibc.

commit a287698d49b9a4d96b8cfa957e40a038cb1fdbc7
Author: Aurelien Jarno <aurelien@aurel32.net>
Date:   Sun Jun 18 16:27:39 2017 +0200

    debian/patches/any/cvs-hwcap-AT_SECURE.diff: patch backported from upstream to disable HWCAP for AT_SECURE programs.
---
 debian/changelog                            |  2 ++
 debian/patches/any/cvs-hwcap-AT_SECURE.diff | 28 ++++++++++++++++++++++++++++
 debian/patches/series                       |  1 +
 3 files changed, 31 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index f68af7e..d651dce 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -22,6 +22,8 @@ glibc (2.24-12) UNRELEASED; urgency=medium
     (CVE-2017-1000366).
   * debian/patches/any/cvs-vectorized-strcspn-guards.diff: patch backported
     from upstream to allow usage of strcspn in ld.so.
+  * debian/patches/any/cvs-hwcap-AT_SECURE.diff: patch backported from
+    upstream to disable HWCAP for AT_SECURE programs.
 
   [ John Paul Adrian Glaubitz ]
   * debian/sysdeps/sh3.mk: copy from sh4.mk.  Closes: #851867.
diff --git a/debian/patches/any/cvs-hwcap-AT_SECURE.diff b/debian/patches/any/cvs-hwcap-AT_SECURE.diff
new file mode 100644
index 0000000..451fed6
--- /dev/null
+++ b/debian/patches/any/cvs-hwcap-AT_SECURE.diff
@@ -0,0 +1,28 @@
+2017-03-07  Siddhesh Poyarekar  <siddhesh@sourceware.org>
+
+	[BZ #21209]
+	* elf/rtld.c (process_envvars): Ignore LD_HWCAP_MASK for
+	AT_SECURE processes.
+
+--- a/elf/rtld.c
++++ b/elf/rtld.c
+@@ -2404,7 +2404,8 @@ process_envvars (enum mode *modep)
+ 
+ 	case 10:
+ 	  /* Mask for the important hardware capabilities.  */
+-	  if (memcmp (envline, "HWCAP_MASK", 10) == 0)
++	  if (!__libc_enable_secure
++	      && memcmp (envline, "HWCAP_MASK", 10) == 0)
+ 	    GLRO(dl_hwcap_mask) = __strtoul_internal (&envline[11], NULL,
+ 						      0, 0);
+ 	  break;
+--- a/sysdeps/generic/unsecvars.h
++++ b/sysdeps/generic/unsecvars.h
+@@ -16,6 +16,7 @@
+   "LD_DEBUG\0"								      \
+   "LD_DEBUG_OUTPUT\0"							      \
+   "LD_DYNAMIC_WEAK\0"							      \
++  "LD_HWCAP_MASK\0"							      \
+   "LD_LIBRARY_PATH\0"							      \
+   "LD_ORIGIN_PATH\0"							      \
+   "LD_PRELOAD\0"							      \
diff --git a/debian/patches/series b/debian/patches/series
index fdcced4..2aee2be 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -223,3 +223,4 @@ any/local-CVE-2017-1000366-rtld-LD_LIBRARY_PATH.diff
 any/local-CVE-2017-1000366-rtld-LD_PRELOAD.diff
 any/local-CVE-2017-1000366-rtld-LD_AUDIT.diff
 any/cvs-vectorized-strcspn-guards.diff
+any/cvs-hwcap-AT_SECURE.diff

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-glibc/glibc.git

Reply to:

References:
- [glibc] branch sid updated (0262e90 -> c4f106a)
  - From: Aurelien Jarno <aurel32@moszumanska.debian.org>

Prev by Date: [glibc] 02/05: debian/patches/any/cvs-vectorized-strcspn-guards.diff: patch backported from upstream to allow usage of strcspn in ld.so.
Next by Date: [glibc] 05/05: releasing package glibc version 2.24-12
Previous by thread: [glibc] 02/05: debian/patches/any/cvs-vectorized-strcspn-guards.diff: patch backported from upstream to allow usage of strcspn in ld.so.
Next by thread: [glibc] 05/05: releasing package glibc version 2.24-12
Index(es):
- Date
- Thread