diff options
author | Kai Kang <kai.kang@windriver.com> | 2016-11-10 15:01:24 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2016-11-23 11:02:25 +0000 |
commit | a3c2acee40c8875e311e03bff6906e7c93c491fc (patch) | |
tree | 0089b80c6c8d7ce35c519f20ff2ff6bb1f4576a9 /meta/recipes-core/glibc | |
parent | 134a05616839d002970b2e7124ea38348d10209b (diff) | |
download | openembedded-core-a3c2acee40c8875e311e03bff6906e7c93c491fc.tar.gz openembedded-core-a3c2acee40c8875e311e03bff6906e7c93c491fc.tar.bz2 openembedded-core-a3c2acee40c8875e311e03bff6906e7c93c491fc.zip |
glibc: fix CVE-2016-6323
Backport patch to fix CVE-2016-6323 of glibc. And remove the section of
file ChangeLog which can't be applied.
Ref:
https://sourceware.org/bugzilla/show_bug.cgi?id=20435
Signed-off-by: Kai Kang <kai.kang@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Diffstat (limited to 'meta/recipes-core/glibc')
-rw-r--r-- | meta/recipes-core/glibc/glibc/0027-arm-mark-__startcontext-as-.cantunwind-bug-20435.patch | 46 | ||||
-rw-r--r-- | meta/recipes-core/glibc/glibc_2.24.bb | 1 |
2 files changed, 47 insertions, 0 deletions
diff --git a/meta/recipes-core/glibc/glibc/0027-arm-mark-__startcontext-as-.cantunwind-bug-20435.patch b/meta/recipes-core/glibc/glibc/0027-arm-mark-__startcontext-as-.cantunwind-bug-20435.patch new file mode 100644 index 0000000000..95067d37a5 --- /dev/null +++ b/meta/recipes-core/glibc/glibc/0027-arm-mark-__startcontext-as-.cantunwind-bug-20435.patch @@ -0,0 +1,46 @@ +Backport patch to fix CVE-2016-6323 for glibc. And remove the section of +ChangeLog which can't be applied. + +Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9e2ff6c] +CVE: CVE-2016-6323 +Signed-off-by: Kai Kang <kai.kang@windriver.com> +--- +From 9e2ff6c9cc54c0b4402b8d49e4abe7000fde7617 Mon Sep 17 00:00:00 2001 +From: Andreas Schwab <schwab@suse.de> +Date: Mon, 8 Aug 2016 09:29:18 +0200 +Subject: [PATCH] arm: mark __startcontext as .cantunwind (bug 20435) + +__startcontext marks the bottom of the call stack of the contexts created +by makecontext. +--- + ChangeLog | 6 ++++++ + sysdeps/unix/sysv/linux/arm/setcontext.S | 7 +++++++ + 2 files changed, 13 insertions(+) + +diff --git a/sysdeps/unix/sysv/linux/arm/setcontext.S b/sysdeps/unix/sysv/linux/arm/setcontext.S +index 603e508..d1f168f 100644 +--- a/sysdeps/unix/sysv/linux/arm/setcontext.S ++++ b/sysdeps/unix/sysv/linux/arm/setcontext.S +@@ -86,12 +86,19 @@ weak_alias(__setcontext, setcontext) + + /* Called when a makecontext() context returns. Start the + context in R4 or fall through to exit(). */ ++ /* Unwind descriptors are looked up based on PC - 2, so we have to ++ make sure to mark the instruction preceding the __startcontext ++ label as .cantunwind. */ ++ .fnstart ++ .cantunwind ++ nop + ENTRY(__startcontext) + movs r0, r4 + bne PLTJMP(__setcontext) + + @ New context was 0 - exit + b PLTJMP(HIDDEN_JUMPTARGET(exit)) ++ .fnend + END(__startcontext) + + #ifdef PIC +-- +2.10.1 + diff --git a/meta/recipes-core/glibc/glibc_2.24.bb b/meta/recipes-core/glibc/glibc_2.24.bb index f5a21b258d..475c13339a 100644 --- a/meta/recipes-core/glibc/glibc_2.24.bb +++ b/meta/recipes-core/glibc/glibc_2.24.bb @@ -37,6 +37,7 @@ SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \ file://0024-eglibc-Forward-port-cross-locale-generation-support.patch \ file://0025-Define-DUMMY_LOCALE_T-if-not-defined.patch \ file://0026-build_local_scope.patch \ + file://0027-arm-mark-__startcontext-as-.cantunwind-bug-20435.patch \ " SRC_URI += "\ |