diff options
Diffstat (limited to 'meta/recipes-core/glibc/glibc/CVE-2015-8777.patch')
-rw-r--r-- | meta/recipes-core/glibc/glibc/CVE-2015-8777.patch | 123 |
1 files changed, 0 insertions, 123 deletions
diff --git a/meta/recipes-core/glibc/glibc/CVE-2015-8777.patch b/meta/recipes-core/glibc/glibc/CVE-2015-8777.patch deleted file mode 100644 index eeab72d650..0000000000 --- a/meta/recipes-core/glibc/glibc/CVE-2015-8777.patch +++ /dev/null @@ -1,123 +0,0 @@ -From a014cecd82b71b70a6a843e250e06b541ad524f7 Mon Sep 17 00:00:00 2001 -From: Florian Weimer <fweimer@redhat.com> -Date: Thu, 15 Oct 2015 09:23:07 +0200 -Subject: [PATCH] Always enable pointer guard [BZ #18928] - -Honoring the LD_POINTER_GUARD environment variable in AT_SECURE mode -has security implications. This commit enables pointer guard -unconditionally, and the environment variable is now ignored. - - [BZ #18928] - * sysdeps/generic/ldsodefs.h (struct rtld_global_ro): Remove - _dl_pointer_guard member. - * elf/rtld.c (_rtld_global_ro): Remove _dl_pointer_guard - initializer. - (security_init): Always set up pointer guard. - (process_envvars): Do not process LD_POINTER_GUARD. - -Upstream-Status: Backport -CVE: CVE-2015-8777 -[Yocto # 8980] - -https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=a014cecd82b71b70a6a843e250e06b541ad524f7 - -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - ChangeLog | 10 ++++++++++ - NEWS | 13 ++++++++----- - elf/rtld.c | 15 ++++----------- - sysdeps/generic/ldsodefs.h | 3 --- - 4 files changed, 22 insertions(+), 19 deletions(-) - -Index: git/ChangeLog -=================================================================== ---- git.orig/ChangeLog -+++ git/ChangeLog -@@ -1,3 +1,14 @@ -+2015-10-15 Florian Weimer <fweimer@redhat.com> -+ -+ [BZ #18928] -+ * sysdeps/generic/ldsodefs.h (struct rtld_global_ro): Remove -+ _dl_pointer_guard member. -+ * elf/rtld.c (_rtld_global_ro): Remove _dl_pointer_guard -+ initializer. -+ (security_init): Always set up pointer guard. -+ (process_envvars): Do not process LD_POINTER_GUARD. -+ -+ - 2015-08-10 Maxim Ostapenko <m.ostapenko@partner.samsung.com> - - [BZ #18778] -Index: git/NEWS -=================================================================== ---- git.orig/NEWS -+++ git/NEWS -@@ -34,7 +34,10 @@ Version 2.22 - 18533, 18534, 18536, 18539, 18540, 18542, 18544, 18545, 18546, 18547, - 18549, 18553, 18557, 18558, 18569, 18583, 18585, 18586, 18592, 18593, - 18594, 18602, 18612, 18613, 18619, 18633, 18635, 18641, 18643, 18648, -- 18657, 18676, 18694, 18696. -+ 18657, 18676, 18694, 18696, 18928. -+ -+* The LD_POINTER_GUARD environment variable can no longer be used to -+ disable the pointer guard feature. It is always enabled. - - * Cache information can be queried via sysconf() function on s390 e.g. with - _SC_LEVEL1_ICACHE_SIZE as argument. -Index: git/elf/rtld.c -=================================================================== ---- git.orig/elf/rtld.c -+++ git/elf/rtld.c -@@ -163,7 +163,6 @@ struct rtld_global_ro _rtld_global_ro at - ._dl_hwcap_mask = HWCAP_IMPORTANT, - ._dl_lazy = 1, - ._dl_fpu_control = _FPU_DEFAULT, -- ._dl_pointer_guard = 1, - ._dl_pagesize = EXEC_PAGESIZE, - ._dl_inhibit_cache = 0, - -@@ -710,15 +709,12 @@ security_init (void) - #endif - - /* Set up the pointer guard as well, if necessary. */ -- if (GLRO(dl_pointer_guard)) -- { -- uintptr_t pointer_chk_guard = _dl_setup_pointer_guard (_dl_random, -- stack_chk_guard); -+ uintptr_t pointer_chk_guard -+ = _dl_setup_pointer_guard (_dl_random, stack_chk_guard); - #ifdef THREAD_SET_POINTER_GUARD -- THREAD_SET_POINTER_GUARD (pointer_chk_guard); -+ THREAD_SET_POINTER_GUARD (pointer_chk_guard); - #endif -- __pointer_chk_guard_local = pointer_chk_guard; -- } -+ __pointer_chk_guard_local = pointer_chk_guard; - - /* We do not need the _dl_random value anymore. The less - information we leave behind, the better, so clear the -@@ -2478,9 +2474,6 @@ process_envvars (enum mode *modep) - GLRO(dl_use_load_bias) = envline[14] == '1' ? -1 : 0; - break; - } -- -- if (memcmp (envline, "POINTER_GUARD", 13) == 0) -- GLRO(dl_pointer_guard) = envline[14] != '0'; - break; - - case 14: -Index: git/sysdeps/generic/ldsodefs.h -=================================================================== ---- git.orig/sysdeps/generic/ldsodefs.h -+++ git/sysdeps/generic/ldsodefs.h -@@ -600,9 +600,6 @@ struct rtld_global_ro - /* List of auditing interfaces. */ - struct audit_ifaces *_dl_audit; - unsigned int _dl_naudit; -- -- /* 0 if internal pointer values should not be guarded, 1 if they should. */ -- EXTERN int _dl_pointer_guard; - }; - # define __rtld_global_attribute__ - # if IS_IN (rtld) |