debian's openvz & CVE-2010-0307

To: Ola Lundqvist <ola@inguza.com>, Vitaliy Gusev <vgusev@openvz.org>
Cc: debian-kernel@lists.debian.org
Subject: debian's openvz & CVE-2010-0307
From: dann frazier <dannf@debian.org>
Date: Tue, 9 Feb 2010 12:28:25 -0700
Message-id: <20100209192825.GA25240@lackof.org>

hey Vitaliy/Ola,
 The fixes for CVE-2010-0307 remove the TIF_ABI_PENDING bit from
arch-specific code. Since this #define no longer exists, our openvz
patch needs to be updated to not reference it.

It looks as though openvz only references to clear all arch-specific
flags, so I prepared the following fix. Please let me know if you see
any problem with it.

This applies after the following list of commits:
 - 221af7f87 ("Split 'flush_old_exec' into two functions")
 - 05d43ed8a ("x86: get rid of the insane TIF_ABI_PENDING bit")
 - 7ab02af42 ("Fix 'flush_old_exec()/setup_new_exec()' split")
 - 94f28da84 ("powerpc: TIF_ABI_PENDING bit removal")

diff -urpN a/kernel/cpt/cpt_process.c b/kernel/cpt/cpt_process.c
--- a/kernel/cpt/cpt_process.c	2010-02-09 12:02:40.000000000 -0700
+++ b/kernel/cpt/cpt_process.c	2010-02-09 12:13:10.000000000 -0700
@@ -941,7 +941,7 @@ static int dump_one_process(cpt_object_t
 	v->cpt_64bit = 0;
 #ifdef CONFIG_X86_64
 	/* Clear x86_64 specific flags */
-	v->cpt_thrflags &= ~(_TIF_FORK|_TIF_ABI_PENDING|_TIF_IA32);
+	v->cpt_thrflags &= ~(_TIF_FORK|_TIF_IA32);
 	if (!(task_thread_info(tsk)->flags & _TIF_IA32)) {
 		ctx->tasks64++;
 		v->cpt_64bit = 1;

Reply to:

Follow-Ups:
- Re: debian's openvz & CVE-2010-0307
  - From: Ola Lundqvist <ola@inguza.com>
- Re: debian's openvz & CVE-2010-0307
  - From: Vitaliy Gusev <vgusev@openvz.org>

Prev by Date: Processed: found 569012 in 2.6.30-8
Next by Date: Re: debian's openvz & CVE-2010-0307
Previous by thread: Processed: found 569012 in 2.6.30-8
Next by thread: Re: debian's openvz & CVE-2010-0307
Index(es):
- Date
- Thread