From 5c45c98cc81f4a5c156c57ea279ba30223e43a77 Mon Sep 17 00:00:00 2001 From: Robert Buchholz Date: Sat, 8 Sep 2007 18:40:57 +0000 Subject: Patch rename svn path=/patches/; revision=42 --- trunk/2.6.18/00000_README | 10 +- trunk/2.6.18/30026_cifs-fix-sign-settings.patch | 179 ++++++++++++++++++++++++ trunk/2.6.18/30029_cifs-fix-sign-settings.patch | 179 ------------------------ 3 files changed, 184 insertions(+), 184 deletions(-) create mode 100644 trunk/2.6.18/30026_cifs-fix-sign-settings.patch delete mode 100644 trunk/2.6.18/30029_cifs-fix-sign-settings.patch diff --git a/trunk/2.6.18/00000_README b/trunk/2.6.18/00000_README index 905c7e4..9480e73 100644 --- a/trunk/2.6.18/00000_README +++ b/trunk/2.6.18/00000_README @@ -141,6 +141,11 @@ Patches and check for out of bounds condition in index provided by userspace See CVE-2007-2172 +30026_cifs-fix-sign-settings.patch + [SECURITY] Fix overriding the server to force signing on caused by + checking the wrong gloal variable. + See CVE-2007-3843 + 30027_cpuset_tasks-underflow.patch [SECURITY] Fix integer underflow in /dev/cpuset/tasks which could allow local attackers to read sensitive kernel memory if the cpuset filesystem @@ -152,11 +157,6 @@ Patches generator See CVE-2007-3105 -30029_cifs-fix-sign-settings.patch - [SECURITY] Fix overriding the server to force signing on caused by - checking the wrong gloal variable. - See CVE-2007-3843 - 30030_aacraid-ioctl-perm-check.patch [SECURITY] Require admin capabilities to issue ioctls to aacraid devices See CVE-2007-4308 diff --git a/trunk/2.6.18/30026_cifs-fix-sign-settings.patch b/trunk/2.6.18/30026_cifs-fix-sign-settings.patch new file mode 100644 index 0000000..11f8021 --- /dev/null +++ b/trunk/2.6.18/30026_cifs-fix-sign-settings.patch @@ -0,0 +1,179 @@ +From: Steve French +Date: Thu, 28 Jun 2007 18:41:42 +0000 (+0000) +Subject: [CIFS] Fix sign mount option and sign proc config setting +X-Git-Tag: v2.6.23-rc1~478^2~20 +X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=762e5ab77c803c819e45d054518a98efb70b0f60 + +[CIFS] Fix sign mount option and sign proc config setting + +We were checking the wrong (old) global variable to determine +whether to override server and force signing on the SMB +connection. + +Acked-by: Dave Kleikamp +Signed-off-by: Steve French +--- + +Backported to Debian's 2.6.18 by dann frazier + +diff -urpN linux-source-2.6.18.orig/fs/cifs/cifs_debug.c linux-source-2.6.18/fs/cifs/cifs_debug.c +--- linux-source-2.6.18.orig/fs/cifs/cifs_debug.c 2006-09-19 21:42:06.000000000 -0600 ++++ linux-source-2.6.18/fs/cifs/cifs_debug.c 2007-08-27 23:12:40.666200121 -0600 +@@ -895,90 +895,14 @@ security_flags_write(struct file *file, + } + /* flags look ok - update the global security flags for cifs module */ + extended_security = flags; ++ if (extended_security & CIFSSEC_MUST_SIGN) { ++ /* requiring signing implies signing is allowed */ ++ extended_security |= CIFSSEC_MAY_SIGN; ++ cFYI(1, ("packet signing now required")); ++ } else if ((extended_security & CIFSSEC_MAY_SIGN) == 0) { ++ cFYI(1, ("packet signing disabled")); ++ } ++ /* BB should we turn on MAY flags for other MUST options? */ + return count; + } +- +-/* static int +-ntlmv2_enabled_read(char *page, char **start, off_t off, +- int count, int *eof, void *data) +-{ +- int len; +- +- len = sprintf(page, "%d\n", ntlmv2_support); +- +- len -= off; +- *start = page + off; +- +- if (len > count) +- len = count; +- else +- *eof = 1; +- +- if (len < 0) +- len = 0; +- +- return len; +-} +-static int +-ntlmv2_enabled_write(struct file *file, const char __user *buffer, +- unsigned long count, void *data) +-{ +- char c; +- int rc; +- +- rc = get_user(c, buffer); +- if (rc) +- return rc; +- if (c == '0' || c == 'n' || c == 'N') +- ntlmv2_support = 0; +- else if (c == '1' || c == 'y' || c == 'Y') +- ntlmv2_support = 1; +- else if (c == '2') +- ntlmv2_support = 2; +- +- return count; +-} +- +-static int +-packet_signing_enabled_read(char *page, char **start, off_t off, +- int count, int *eof, void *data) +-{ +- int len; +- +- len = sprintf(page, "%d\n", sign_CIFS_PDUs); +- +- len -= off; +- *start = page + off; +- +- if (len > count) +- len = count; +- else +- *eof = 1; +- +- if (len < 0) +- len = 0; +- +- return len; +-} +-static int +-packet_signing_enabled_write(struct file *file, const char __user *buffer, +- unsigned long count, void *data) +-{ +- char c; +- int rc; +- +- rc = get_user(c, buffer); +- if (rc) +- return rc; +- if (c == '0' || c == 'n' || c == 'N') +- sign_CIFS_PDUs = 0; +- else if (c == '1' || c == 'y' || c == 'Y') +- sign_CIFS_PDUs = 1; +- else if (c == '2') +- sign_CIFS_PDUs = 2; +- +- return count; +-} */ +- +- + #endif +diff -urpN linux-source-2.6.18.orig/fs/cifs/cifssmb.c linux-source-2.6.18/fs/cifs/cifssmb.c +--- linux-source-2.6.18.orig/fs/cifs/cifssmb.c 2006-09-19 21:42:06.000000000 -0600 ++++ linux-source-2.6.18/fs/cifs/cifssmb.c 2007-08-27 23:12:40.678200384 -0600 +@@ -411,11 +411,11 @@ CIFSSMBNegotiate(unsigned int xid, struc + + /* if any of auth flags (ie not sign or seal) are overriden use them */ + if(ses->overrideSecFlg & (~(CIFSSEC_MUST_SIGN | CIFSSEC_MUST_SEAL))) +- secFlags = ses->overrideSecFlg; ++ secFlags = ses->overrideSecFlg; /* BB FIXME fix sign flags? */ + else /* if override flags set only sign/seal OR them with global auth */ + secFlags = extended_security | ses->overrideSecFlg; + +- cFYI(1,("secFlags 0x%x",secFlags)); ++ cFYI(1, ("secFlags 0x%x", secFlags)); + + pSMB->hdr.Mid = GetNextMid(server); + pSMB->hdr.Flags2 |= SMBFLG2_UNICODE; +@@ -582,22 +582,32 @@ CIFSSMBNegotiate(unsigned int xid, struc + #ifdef CONFIG_CIFS_WEAK_PW_HASH + signing_check: + #endif +- if(sign_CIFS_PDUs == FALSE) { ++ if ((secFlags & CIFSSEC_MAY_SIGN) == 0) { ++ /* MUST_SIGN already includes the MAY_SIGN FLAG ++ so if this is zero it means that signing is disabled */ ++ cFYI(1, ("Signing disabled")); + if(server->secMode & SECMODE_SIGN_REQUIRED) +- cERROR(1,("Server requires " +- "/proc/fs/cifs/PacketSigningEnabled to be on")); ++ cERROR(1, ("Server requires " ++ "/proc/fs/cifs/PacketSigningEnabled " ++ "to be on")); + server->secMode &= + ~(SECMODE_SIGN_ENABLED | SECMODE_SIGN_REQUIRED); +- } else if(sign_CIFS_PDUs == 1) { ++ } else if ((secFlags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) { ++ /* signing required */ ++ cFYI(1, ("Must sign - segFlags 0x%x", secFlags)); ++ if ((server->secMode & ++ (SECMODE_SIGN_ENABLED | SECMODE_SIGN_REQUIRED)) == 0) { ++ cERROR(1, ++ ("signing required but server lacks support")); ++ } else ++ server->secMode |= SECMODE_SIGN_REQUIRED; ++ } else { ++ /* signing optional ie CIFSSEC_MAY_SIGN */ + if((server->secMode & SECMODE_SIGN_REQUIRED) == 0) + server->secMode &= + ~(SECMODE_SIGN_ENABLED | SECMODE_SIGN_REQUIRED); +- } else if(sign_CIFS_PDUs == 2) { +- if((server->secMode & +- (SECMODE_SIGN_ENABLED | SECMODE_SIGN_REQUIRED)) == 0) { +- cERROR(1,("signing required but server lacks support")); +- } + } ++ + neg_err_exit: + cifs_buf_release(pSMB); + diff --git a/trunk/2.6.18/30029_cifs-fix-sign-settings.patch b/trunk/2.6.18/30029_cifs-fix-sign-settings.patch deleted file mode 100644 index 11f8021..0000000 --- a/trunk/2.6.18/30029_cifs-fix-sign-settings.patch +++ /dev/null @@ -1,179 +0,0 @@ -From: Steve French -Date: Thu, 28 Jun 2007 18:41:42 +0000 (+0000) -Subject: [CIFS] Fix sign mount option and sign proc config setting -X-Git-Tag: v2.6.23-rc1~478^2~20 -X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=762e5ab77c803c819e45d054518a98efb70b0f60 - -[CIFS] Fix sign mount option and sign proc config setting - -We were checking the wrong (old) global variable to determine -whether to override server and force signing on the SMB -connection. - -Acked-by: Dave Kleikamp -Signed-off-by: Steve French ---- - -Backported to Debian's 2.6.18 by dann frazier - -diff -urpN linux-source-2.6.18.orig/fs/cifs/cifs_debug.c linux-source-2.6.18/fs/cifs/cifs_debug.c ---- linux-source-2.6.18.orig/fs/cifs/cifs_debug.c 2006-09-19 21:42:06.000000000 -0600 -+++ linux-source-2.6.18/fs/cifs/cifs_debug.c 2007-08-27 23:12:40.666200121 -0600 -@@ -895,90 +895,14 @@ security_flags_write(struct file *file, - } - /* flags look ok - update the global security flags for cifs module */ - extended_security = flags; -+ if (extended_security & CIFSSEC_MUST_SIGN) { -+ /* requiring signing implies signing is allowed */ -+ extended_security |= CIFSSEC_MAY_SIGN; -+ cFYI(1, ("packet signing now required")); -+ } else if ((extended_security & CIFSSEC_MAY_SIGN) == 0) { -+ cFYI(1, ("packet signing disabled")); -+ } -+ /* BB should we turn on MAY flags for other MUST options? */ - return count; - } -- --/* static int --ntlmv2_enabled_read(char *page, char **start, off_t off, -- int count, int *eof, void *data) --{ -- int len; -- -- len = sprintf(page, "%d\n", ntlmv2_support); -- -- len -= off; -- *start = page + off; -- -- if (len > count) -- len = count; -- else -- *eof = 1; -- -- if (len < 0) -- len = 0; -- -- return len; --} --static int --ntlmv2_enabled_write(struct file *file, const char __user *buffer, -- unsigned long count, void *data) --{ -- char c; -- int rc; -- -- rc = get_user(c, buffer); -- if (rc) -- return rc; -- if (c == '0' || c == 'n' || c == 'N') -- ntlmv2_support = 0; -- else if (c == '1' || c == 'y' || c == 'Y') -- ntlmv2_support = 1; -- else if (c == '2') -- ntlmv2_support = 2; -- -- return count; --} -- --static int --packet_signing_enabled_read(char *page, char **start, off_t off, -- int count, int *eof, void *data) --{ -- int len; -- -- len = sprintf(page, "%d\n", sign_CIFS_PDUs); -- -- len -= off; -- *start = page + off; -- -- if (len > count) -- len = count; -- else -- *eof = 1; -- -- if (len < 0) -- len = 0; -- -- return len; --} --static int --packet_signing_enabled_write(struct file *file, const char __user *buffer, -- unsigned long count, void *data) --{ -- char c; -- int rc; -- -- rc = get_user(c, buffer); -- if (rc) -- return rc; -- if (c == '0' || c == 'n' || c == 'N') -- sign_CIFS_PDUs = 0; -- else if (c == '1' || c == 'y' || c == 'Y') -- sign_CIFS_PDUs = 1; -- else if (c == '2') -- sign_CIFS_PDUs = 2; -- -- return count; --} */ -- -- - #endif -diff -urpN linux-source-2.6.18.orig/fs/cifs/cifssmb.c linux-source-2.6.18/fs/cifs/cifssmb.c ---- linux-source-2.6.18.orig/fs/cifs/cifssmb.c 2006-09-19 21:42:06.000000000 -0600 -+++ linux-source-2.6.18/fs/cifs/cifssmb.c 2007-08-27 23:12:40.678200384 -0600 -@@ -411,11 +411,11 @@ CIFSSMBNegotiate(unsigned int xid, struc - - /* if any of auth flags (ie not sign or seal) are overriden use them */ - if(ses->overrideSecFlg & (~(CIFSSEC_MUST_SIGN | CIFSSEC_MUST_SEAL))) -- secFlags = ses->overrideSecFlg; -+ secFlags = ses->overrideSecFlg; /* BB FIXME fix sign flags? */ - else /* if override flags set only sign/seal OR them with global auth */ - secFlags = extended_security | ses->overrideSecFlg; - -- cFYI(1,("secFlags 0x%x",secFlags)); -+ cFYI(1, ("secFlags 0x%x", secFlags)); - - pSMB->hdr.Mid = GetNextMid(server); - pSMB->hdr.Flags2 |= SMBFLG2_UNICODE; -@@ -582,22 +582,32 @@ CIFSSMBNegotiate(unsigned int xid, struc - #ifdef CONFIG_CIFS_WEAK_PW_HASH - signing_check: - #endif -- if(sign_CIFS_PDUs == FALSE) { -+ if ((secFlags & CIFSSEC_MAY_SIGN) == 0) { -+ /* MUST_SIGN already includes the MAY_SIGN FLAG -+ so if this is zero it means that signing is disabled */ -+ cFYI(1, ("Signing disabled")); - if(server->secMode & SECMODE_SIGN_REQUIRED) -- cERROR(1,("Server requires " -- "/proc/fs/cifs/PacketSigningEnabled to be on")); -+ cERROR(1, ("Server requires " -+ "/proc/fs/cifs/PacketSigningEnabled " -+ "to be on")); - server->secMode &= - ~(SECMODE_SIGN_ENABLED | SECMODE_SIGN_REQUIRED); -- } else if(sign_CIFS_PDUs == 1) { -+ } else if ((secFlags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) { -+ /* signing required */ -+ cFYI(1, ("Must sign - segFlags 0x%x", secFlags)); -+ if ((server->secMode & -+ (SECMODE_SIGN_ENABLED | SECMODE_SIGN_REQUIRED)) == 0) { -+ cERROR(1, -+ ("signing required but server lacks support")); -+ } else -+ server->secMode |= SECMODE_SIGN_REQUIRED; -+ } else { -+ /* signing optional ie CIFSSEC_MAY_SIGN */ - if((server->secMode & SECMODE_SIGN_REQUIRED) == 0) - server->secMode &= - ~(SECMODE_SIGN_ENABLED | SECMODE_SIGN_REQUIRED); -- } else if(sign_CIFS_PDUs == 2) { -- if((server->secMode & -- (SECMODE_SIGN_ENABLED | SECMODE_SIGN_REQUIRED)) == 0) { -- cERROR(1,("signing required but server lacks support")); -- } - } -+ - neg_err_exit: - cifs_buf_release(pSMB); - -- cgit v1.2.3-65-gdbad