[Midnightbsd-cvs] src [7427] stable/0.7/sys: MidnightBSD 0.7.3.

laffer1 at midnightbsd.org laffer1 at midnightbsd.org
Thu Jan 14 19:06:30 EST 2016 

Revision: 7427
          http://svnweb.midnightbsd.org/src/?rev=7427
Author:   laffer1
Date:     2016-01-14 19:06:28 -0500 (Thu, 14 Jan 2016)
Log Message:
-----------
MidnightBSD 0.7.3. Fix two issues with linuxolator

Modified Paths:
--------------
    stable/0.7/UPDATING
    stable/0.7/sys/amd64/linux32/linux32_proto.h
    stable/0.7/sys/amd64/linux32/linux32_systrace_args.c
    stable/0.7/sys/amd64/linux32/syscalls.master
    stable/0.7/sys/compat/linux/linux_futex.c
    stable/0.7/sys/compat/linux/linux_misc.c
    stable/0.7/sys/conf/newvers.sh
    stable/0.7/sys/i386/linux/syscalls.master
    stable/0.7/sys/kern/kern_prot.c
    stable/0.7/sys/sys/ucred.h

Property Changed:
----------------
    stable/0.7/
    stable/0.7/sys/compat/linux/linux_emul.c
    stable/0.7/sys/compat/linux/linux_emul.h
    stable/0.7/sys/compat/linux/linux_file.h
    stable/0.7/sys/compat/linux/linux_fork.c
    stable/0.7/sys/compat/linux/linux_futex.c
    stable/0.7/sys/compat/linux/linux_misc.c

Index: stable/0.7
===================================================================
--- stable/0.7	2016-01-15 00:03:41 UTC (rev 7426)
+++ stable/0.7	2016-01-15 00:06:28 UTC (rev 7427)

Property changes on: stable/0.7
___________________________________________________________________
Modified: svn:mergeinfo
## -1 +1 ##
-/trunk:7416,7419,7421
\ No newline at end of property
+/trunk:7416,7419,7421,7425
\ No newline at end of property
Modified: stable/0.7/UPDATING
===================================================================
--- stable/0.7/UPDATING	2016-01-15 00:03:41 UTC (rev 7426)
+++ stable/0.7/UPDATING	2016-01-15 00:06:28 UTC (rev 7427)
@@ -1,6 +1,17 @@
 Updating Information for MidnightBSD users.
 
 20160114:
+	0.7.3 RELEASE
+	
+	linuxolator
+
+	A programming error in the Linux compatibility layer setgroups(2) system
+	call can lead to an unexpected results, such as overwriting random kernel
+	memory contents.
+
+	A programming error in the handling of Linux futex robust lists may result
+	in incorrect memory locations being accessed.
+
 	0.7.2 RELEASE
 	Fix a security issue with bsnmpd configuration file installation.
 

Modified: stable/0.7/sys/amd64/linux32/linux32_proto.h
===================================================================
--- stable/0.7/sys/amd64/linux32/linux32_proto.h	2016-01-15 00:03:41 UTC (rev 7426)
+++ stable/0.7/sys/amd64/linux32/linux32_proto.h	2016-01-15 00:06:28 UTC (rev 7427)
@@ -986,7 +986,7 @@
 };
 struct linux_get_robust_list_args {
 	char pid_l_[PADL_(l_int)]; l_int pid; char pid_r_[PADR_(l_int)];
-	char head_l_[PADL_(struct linux_robust_list_head *)]; struct linux_robust_list_head * head; char head_r_[PADR_(struct linux_robust_list_head *)];
+	char head_l_[PADL_(struct linux_robust_list_head **)]; struct linux_robust_list_head ** head; char head_r_[PADR_(struct linux_robust_list_head **)];
 	char len_l_[PADL_(l_size_t *)]; l_size_t * len; char len_r_[PADR_(l_size_t *)];
 };
 struct linux_splice_args {

Modified: stable/0.7/sys/amd64/linux32/linux32_systrace_args.c
===================================================================
--- stable/0.7/sys/amd64/linux32/linux32_systrace_args.c	2016-01-15 00:03:41 UTC (rev 7426)
+++ stable/0.7/sys/amd64/linux32/linux32_systrace_args.c	2016-01-15 00:06:28 UTC (rev 7427)
@@ -2074,7 +2074,7 @@
 	case 312: {
 		struct linux_get_robust_list_args *p = params;
 		iarg[0] = p->pid; /* l_int */
-		uarg[1] = (intptr_t) p->head; /* struct linux_robust_list_head * */
+		uarg[1] = (intptr_t) p->head; /* struct linux_robust_list_head ** */
 		uarg[2] = (intptr_t) p->len; /* l_size_t * */
 		*n_args = 3;
 		break;
@@ -5299,7 +5299,7 @@
 			p = "l_int";
 			break;
 		case 1:
-			p = "struct linux_robust_list_head *";
+			p = "struct linux_robust_list_head **";
 			break;
 		case 2:
 			p = "l_size_t *";

Modified: stable/0.7/sys/amd64/linux32/syscalls.master
===================================================================
--- stable/0.7/sys/amd64/linux32/syscalls.master	2016-01-15 00:03:41 UTC (rev 7426)
+++ stable/0.7/sys/amd64/linux32/syscalls.master	2016-01-15 00:06:28 UTC (rev 7427)
@@ -510,8 +510,8 @@
 ; linux 2.6.17:
 311	AUE_NULL	STD	{ int linux_set_robust_list(struct linux_robust_list_head *head, \
 					l_size_t len); }
-312	AUE_NULL	STD	{ int linux_get_robust_list(l_int pid, struct linux_robust_list_head *head, \
-					l_size_t *len); }
+312	AUE_NULL	STD	{ int linux_get_robust_list(l_int pid, \
+				    struct linux_robust_list_head **head, l_size_t *len); }
 313	AUE_NULL	STD	{ int linux_splice(void); }
 314	AUE_NULL	STD	{ int linux_sync_file_range(void); }
 315	AUE_NULL	STD	{ int linux_tee(void); }

Index: stable/0.7/sys/compat/linux/linux_emul.c
===================================================================
--- stable/0.7/sys/compat/linux/linux_emul.c	2016-01-15 00:03:41 UTC (rev 7426)
+++ stable/0.7/sys/compat/linux/linux_emul.c	2016-01-15 00:06:28 UTC (rev 7427)

Property changes on: stable/0.7/sys/compat/linux/linux_emul.c
___________________________________________________________________
Deleted: cvs2svn:cvs-rev
## -1 +0,0 ##
-1.4
\ No newline at end of property
Index: stable/0.7/sys/compat/linux/linux_emul.h
===================================================================
--- stable/0.7/sys/compat/linux/linux_emul.h	2016-01-15 00:03:41 UTC (rev 7426)
+++ stable/0.7/sys/compat/linux/linux_emul.h	2016-01-15 00:06:28 UTC (rev 7427)

Property changes on: stable/0.7/sys/compat/linux/linux_emul.h
___________________________________________________________________
Deleted: cvs2svn:cvs-rev
## -1 +0,0 ##
-1.4
\ No newline at end of property
Index: stable/0.7/sys/compat/linux/linux_file.h
===================================================================
--- stable/0.7/sys/compat/linux/linux_file.h	2016-01-15 00:03:41 UTC (rev 7426)
+++ stable/0.7/sys/compat/linux/linux_file.h	2016-01-15 00:06:28 UTC (rev 7427)

Property changes on: stable/0.7/sys/compat/linux/linux_file.h
___________________________________________________________________
Deleted: cvs2svn:cvs-rev
## -1 +0,0 ##
-1.2
\ No newline at end of property
Index: stable/0.7/sys/compat/linux/linux_fork.c
===================================================================
--- stable/0.7/sys/compat/linux/linux_fork.c	2016-01-15 00:03:41 UTC (rev 7426)
+++ stable/0.7/sys/compat/linux/linux_fork.c	2016-01-15 00:06:28 UTC (rev 7427)

Property changes on: stable/0.7/sys/compat/linux/linux_fork.c
___________________________________________________________________
Deleted: cvs2svn:cvs-rev
## -1 +0,0 ##
-1.2
\ No newline at end of property
Modified: stable/0.7/sys/compat/linux/linux_futex.c
===================================================================
--- stable/0.7/sys/compat/linux/linux_futex.c	2016-01-15 00:03:41 UTC (rev 7426)
+++ stable/0.7/sys/compat/linux/linux_futex.c	2016-01-15 00:06:28 UTC (rev 7427)
@@ -783,7 +783,7 @@
 	if (error)
 		return (EFAULT);
 
-	error = copyout(head, args->head, sizeof(struct linux_robust_list_head));
+	error = copyout(&head, args->head, sizeof(head));
 
 	return (error);
 }


Property changes on: stable/0.7/sys/compat/linux/linux_futex.c
___________________________________________________________________
Deleted: cvs2svn:cvs-rev
## -1 +0,0 ##
-1.9
\ No newline at end of property
Modified: stable/0.7/sys/compat/linux/linux_misc.c
===================================================================
--- stable/0.7/sys/compat/linux/linux_misc.c	2016-01-15 00:03:41 UTC (rev 7426)
+++ stable/0.7/sys/compat/linux/linux_misc.c	2016-01-15 00:06:28 UTC (rev 7427)
@@ -1095,9 +1095,11 @@
 	if (error)
 		goto out;
 	newcred = crget();
+	crextend(newcred, ngrp + 1);
 	p = td->td_proc;
 	PROC_LOCK(p);
-	oldcred = crcopysafe(p, newcred);
+	oldcred = p->p_ucred;
+	crcopy(newcred, oldcred);
 
 	/*
 	 * cr_groups[0] holds egid. Setting the whole set from


Property changes on: stable/0.7/sys/compat/linux/linux_misc.c
___________________________________________________________________
Deleted: cvs2svn:cvs-rev
## -1 +0,0 ##
-1.5
\ No newline at end of property
Modified: stable/0.7/sys/conf/newvers.sh
===================================================================
--- stable/0.7/sys/conf/newvers.sh	2016-01-15 00:03:41 UTC (rev 7426)
+++ stable/0.7/sys/conf/newvers.sh	2016-01-15 00:06:28 UTC (rev 7427)
@@ -32,7 +32,7 @@
 # $MidnightBSD$
 
 TYPE="MidnightBSD"
-REVISION="0.7.2"
+REVISION="0.7.3"
 RELEASE="${REVISION}"
 VERSION="${TYPE} ${RELEASE}"
 SYSDIR=$(dirname $0)/..

Modified: stable/0.7/sys/i386/linux/syscalls.master
===================================================================
--- stable/0.7/sys/i386/linux/syscalls.master	2016-01-15 00:03:41 UTC (rev 7426)
+++ stable/0.7/sys/i386/linux/syscalls.master	2016-01-15 00:06:28 UTC (rev 7427)
@@ -520,8 +520,8 @@
 ; linux 2.6.17:
 311	AUE_NULL	STD	{ int linux_set_robust_list(struct linux_robust_list_head *head, \
 					l_size_t len); }
-312	AUE_NULL	STD	{ int linux_get_robust_list(l_int pid, struct linux_robust_list_head **head, \
-					l_size_t *len); }
+312	AUE_NULL	STD	{ int linux_get_robust_list(l_int pid, \
+				    struct linux_robust_list_head **head, l_size_t *len); }
 313	AUE_NULL	STD	{ int linux_splice(void); }
 314	AUE_NULL	STD	{ int linux_sync_file_range(void); }
 315	AUE_NULL	STD	{ int linux_tee(void); }

Modified: stable/0.7/sys/kern/kern_prot.c
===================================================================
--- stable/0.7/sys/kern/kern_prot.c	2016-01-15 00:03:41 UTC (rev 7426)
+++ stable/0.7/sys/kern/kern_prot.c	2016-01-15 00:06:28 UTC (rev 7427)
@@ -88,7 +88,6 @@
 
 SYSCTL_NODE(_security, OID_AUTO, bsd, CTLFLAG_RW, 0, "BSD security policy");
 
-static void crextend(struct ucred *cr, int n);
 static void crsetgroups_locked(struct ucred *cr, int ngrp,
     gid_t *groups);
 
@@ -1974,7 +1973,7 @@
 /*
  * Extend the passed in credential to hold n items.
  */
-static void
+void
 crextend(struct ucred *cr, int n)
 {
 	int cnt;

Modified: stable/0.7/sys/sys/ucred.h
===================================================================
--- stable/0.7/sys/sys/ucred.h	2016-01-15 00:03:41 UTC (rev 7426)
+++ stable/0.7/sys/sys/ucred.h	2016-01-15 00:06:28 UTC (rev 7427)
@@ -104,6 +104,7 @@
 void	crcopy(struct ucred *dest, struct ucred *src);
 struct ucred	*crcopysafe(struct proc *p, struct ucred *cr);
 struct ucred	*crdup(struct ucred *cr);
+void	crextend(struct ucred *cr, int n);
 void	cred_update_thread(struct thread *td);
 void	crfree(struct ucred *cr);
 struct ucred	*crget(void);

More information about the Midnightbsd-cvs mailing list