debian's openvz & CVE-2010-0307
hey Vitaliy/Ola,
The fixes for CVE-2010-0307 remove the TIF_ABI_PENDING bit from
arch-specific code. Since this #define no longer exists, our openvz
patch needs to be updated to not reference it.
It looks as though openvz only references to clear all arch-specific
flags, so I prepared the following fix. Please let me know if you see
any problem with it.
This applies after the following list of commits:
- 221af7f87 ("Split 'flush_old_exec' into two functions")
- 05d43ed8a ("x86: get rid of the insane TIF_ABI_PENDING bit")
- 7ab02af42 ("Fix 'flush_old_exec()/setup_new_exec()' split")
- 94f28da84 ("powerpc: TIF_ABI_PENDING bit removal")
diff -urpN a/kernel/cpt/cpt_process.c b/kernel/cpt/cpt_process.c
--- a/kernel/cpt/cpt_process.c 2010-02-09 12:02:40.000000000 -0700
+++ b/kernel/cpt/cpt_process.c 2010-02-09 12:13:10.000000000 -0700
@@ -941,7 +941,7 @@ static int dump_one_process(cpt_object_t
v->cpt_64bit = 0;
#ifdef CONFIG_X86_64
/* Clear x86_64 specific flags */
- v->cpt_thrflags &= ~(_TIF_FORK|_TIF_ABI_PENDING|_TIF_IA32);
+ v->cpt_thrflags &= ~(_TIF_FORK|_TIF_IA32);
if (!(task_thread_info(tsk)->flags & _TIF_IA32)) {
ctx->tasks64++;
v->cpt_64bit = 1;
Reply to: