rpms/kernel/devel kernel-2.6.spec, 1.2752, 1.2753 linux-2.6-utrace.patch, 1.28, 1.29
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Tue Oct 10 04:22:12 UTC 2006
Author: roland
Update of /cvs/dist/rpms/kernel/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv16223
Modified Files:
kernel-2.6.spec linux-2.6-utrace.patch
Log Message:
Fix ptrace to disallow tracing kernel threads. (#210012)
Index: kernel-2.6.spec
===================================================================
RCS file: /cvs/dist/rpms/kernel/devel/kernel-2.6.spec,v
retrieving revision 1.2752
retrieving revision 1.2753
diff -u -r1.2752 -r1.2753
--- kernel-2.6.spec 10 Oct 2006 04:18:41 -0000 1.2752
+++ kernel-2.6.spec 10 Oct 2006 04:22:09 -0000 1.2753
@@ -2001,6 +2001,9 @@
%endif
%changelog
+* Mon Oct 9 2006 Roland McGrath <roland at redhat.com>
+- Fix ptrace to disallow tracing kernel threads. (#210012)
+
* Mon Oct 9 2006 Dave Jones <davej at redhat.com>
- Fix some warnings in tux/squashfs due to 64bit nfs inodes.
- NFS lockdep fix.
linux-2.6-utrace.patch:
Documentation/utrace.txt | 455 ++++++++
arch/alpha/kernel/asm-offsets.c | 2
arch/alpha/kernel/entry.S | 4
arch/arm/kernel/ptrace.c | 36
arch/arm26/kernel/ptrace.c | 32
arch/frv/kernel/ptrace.c | 15
arch/i386/kernel/entry.S | 7
arch/i386/kernel/i387.c | 143 +-
arch/i386/kernel/process.c | 3
arch/i386/kernel/ptrace.c | 863 +++++++++-------
arch/i386/kernel/signal.c | 39
arch/i386/kernel/vm86.c | 7
arch/ia64/ia32/ia32_entry.S | 2
arch/ia64/ia32/sys_ia32.c | 23
arch/ia64/kernel/asm-offsets.c | 2
arch/ia64/kernel/fsys.S | 16
arch/ia64/kernel/mca.c | 2
arch/ia64/kernel/ptrace.c | 1670 +++++++++++++++-----------------
arch/ia64/kernel/signal.c | 4
arch/mips/kernel/ptrace.c | 21
arch/mips/kernel/sysirix.c | 2
arch/powerpc/kernel/Makefile | 4
arch/powerpc/kernel/asm-offsets.c | 2
arch/powerpc/kernel/process.c | 5
arch/powerpc/kernel/ptrace-common.h | 161 ---
arch/powerpc/kernel/ptrace.c | 959 ++++++++++--------
arch/powerpc/kernel/ptrace32.c | 436 --------
arch/powerpc/kernel/signal_32.c | 56 +
arch/powerpc/kernel/signal_64.c | 4
arch/powerpc/kernel/sys_ppc32.c | 5
arch/powerpc/lib/sstep.c | 3
arch/powerpc/platforms/cell/spufs/run.c | 2
arch/ppc/kernel/asm-offsets.c | 2
arch/s390/kernel/Makefile | 2
arch/s390/kernel/compat_linux.c | 3
arch/s390/kernel/compat_signal.c | 5
arch/s390/kernel/process.c | 3
arch/s390/kernel/ptrace.c | 651 +++++++++++-
arch/s390/kernel/signal.c | 4
arch/s390/kernel/traps.c | 6
arch/sparc64/kernel/Makefile | 2
arch/sparc64/kernel/binfmt_aout32.c | 2
arch/sparc64/kernel/entry.S | 6
arch/sparc64/kernel/process.c | 3
arch/sparc64/kernel/ptrace.c | 1221 ++++++++++++-----------
arch/sparc64/kernel/signal.c | 2
arch/sparc64/kernel/signal32.c | 2
arch/sparc64/kernel/sys_sparc32.c | 3
arch/sparc64/kernel/systbls.S | 4
arch/x86_64/ia32/fpu32.c | 92 +
arch/x86_64/ia32/ia32_aout.c | 6
arch/x86_64/ia32/ia32_signal.c | 8
arch/x86_64/ia32/ia32entry.S | 2
arch/x86_64/ia32/ptrace32.c | 715 +++++++++----
arch/x86_64/ia32/sys_ia32.c | 5
arch/x86_64/kernel/process.c | 5
arch/x86_64/kernel/ptrace.c | 648 +++++++-----
arch/x86_64/kernel/signal.c | 30
arch/x86_64/kernel/traps.c | 8
arch/x86_64/mm/fault.c | 4
drivers/connector/cn_proc.c | 4
fs/binfmt_aout.c | 6
fs/binfmt_elf.c | 6
fs/binfmt_elf_fdpic.c | 7
fs/binfmt_flat.c | 3
fs/binfmt_som.c | 2
fs/exec.c | 11
fs/proc/array.c | 14
fs/proc/base.c | 17
include/asm-i386/i387.h | 13
include/asm-i386/signal.h | 4
include/asm-i386/thread_info.h | 7
include/asm-i386/tracehook.h | 49
include/asm-ia64/elf.h | 24
include/asm-ia64/tracehook.h | 81 +
include/asm-powerpc/tracehook.h | 80 +
include/asm-s390/tracehook.h | 53 +
include/asm-sparc64/tracehook.h | 44
include/asm-x86_64/fpu32.h | 3
include/asm-x86_64/thread_info.h | 2
include/asm-x86_64/tracehook.h | 54 +
include/linux/init_task.h | 3
include/linux/ptrace.h | 224 +++-
include/linux/sched.h | 25
include/linux/tracehook.h | 707 +++++++++++++
include/linux/utrace.h | 484 +++++++++
init/Kconfig | 29
kernel/Makefile | 1
kernel/exit.c | 254 +---
kernel/fork.c | 62 -
kernel/ptrace.c | 1632 ++++++++++++++++++++++++-------
kernel/signal.c | 211 ----
kernel/sys.c | 2
kernel/timer.c | 4
kernel/utrace.c | 1590 ++++++++++++++++++++++++++++++
security/selinux/hooks.c | 54 -
security/selinux/include/objsec.h | 1
97 files changed, 9630 insertions(+), 4566 deletions(-)
Index: linux-2.6-utrace.patch
===================================================================
RCS file: /cvs/dist/rpms/kernel/devel/linux-2.6-utrace.patch,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -r1.28 -r1.29
--- linux-2.6-utrace.patch 4 Oct 2006 02:56:44 -0000 1.28
+++ linux-2.6-utrace.patch 10 Oct 2006 04:22:09 -0000 1.29
@@ -89,14 +89,14 @@
kernel/Makefile | 1
kernel/exit.c | 254 +----
kernel/fork.c | 62 -
- kernel/ptrace.c | 1630 ++++++++++++++++++++++++------
+ kernel/ptrace.c | 1632 ++++++++++++++++++++++++------
kernel/signal.c | 211 +---
kernel/sys.c | 2
kernel/timer.c | 4
kernel/utrace.c | 1590 ++++++++++++++++++++++++++++++
security/selinux/hooks.c | 54 +
security/selinux/include/objsec.h | 1
- 98 files changed, 9628 insertions(+), 4566 deletions(-)
+ 98 files changed, 9630 insertions(+), 4566 deletions(-)
create mode 100644 Documentation/utrace.txt
delete arch/powerpc/kernel/ptrace-common.h
delete arch/powerpc/kernel/ptrace32.c
@@ -5540,7 +5540,7 @@
/*
* Access another process' address space.
* Source/target buffer must be kernel space,
-@@ -295,249 +125,1369 @@ int access_process_vm(struct task_struct
+@@ -295,249 +125,1371 @@ int access_process_vm(struct task_struct
return buf - old_buf;
}
@@ -5782,6 +5782,8 @@
+ goto bad;
+ if (task->tgid == current->tgid)
+ goto bad;
++ if (!task->mm) /* kernel threads */
++ goto bad;
- if (data & PTRACE_O_TRACEEXEC)
- child->ptrace |= PT_TRACE_EXEC;
@@ -6018,14 +6020,14 @@
+ else
+ ret = (*regset->set)(target, regset, pos, regset->size,
+ NULL, data);
- }
++ }
+ else {
+ if (!access_ok(VERIFY_WRITE, data, regset->size))
+ ret = -EIO;
+ else
+ ret = (*regset->get)(target, regset, pos, regset->size,
+ NULL, data);
-+ }
+ }
+
+ return ret;
+}
@@ -6297,7 +6299,7 @@
+ state->u.live.options = data;
+ ptrace_update(child, engine, UTRACE_ACTION_QUIESCE);
+ ret = 0;
-+ break;
+ break;
+ }
+
+ return ret;
@@ -6345,7 +6347,7 @@
+ if (copied != sizeof(tmp))
+ break;
+ ret = put_user(tmp, (unsigned long __user *) data);
- break;
++ break;
+ }
+
+ case PTRACE_POKETEXT: /* write the word at location addr. */
More information about the fedora-cvs-commits
mailing list