Re: [vserver] CVE-2016-10229: MSG_PEEK - URGENT patch needed

From: Corey Wright <undefined_at_pobox.com>
Date: Thu 18 May 2017 - 23:41:58 BST
Message-Id: <20170518174158.bcc938f78db336c93204844e@pobox.com>

On Thu, 18 May 2017 21:42:57 +0100
Ben Green <ben@bristolwireless.net> wrote:

> Quoting Ben Green <ben@bristolwireless.net>:
>
> > I'm compiling 3.18.53-vs2.3.7.5 now.
> >
> > My scripts take care of [2] automatically, so I dropped in at no
> > errors other than offsets.
> >
> > Cheers,
> > Ben
>
> 3.18.53-vs2.3.7.5 is now in the repositories.
>
> I'm also trying to build 4.1.39, but there's errors (build log attached).

based upon my initial investigation, it appears that the problem is
that patch-4.1.36-37.xz did:

-int inode_change_ok(const struct inode *inode, struct iattr *attr)
+int setattr_prepare(struct dentry *dentry, struct iattr *attr)

see
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git/commit/?h=linux-4.1.y&id=cb8e1eef351b640cfdb1a753ef44494fbf59186d
for details.

the linux-vserver patch needs to be modified to use setattr_prepare()
instead of inode_change_ok() and pass it dentry instead of inode
(which is readily available being passed into __vc_set_iattr()).

corey

--
undefined@pobox.com
> Cheers,
> Ben
Received on Thu May 18 23:41:47 2017
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Thu 18 May 2017 - 23:41:47 BST by hypermail 2.1.8