Downloads

Software Update: Linux Kernel 2.6.11.10

By admin
Spread the love

Kernel.org has released version 2.6.11.10 of the Linux Kernel. It seems that the developers are already quite used to the new version numbering. Three changes have been made as you can read in the changelog below:

[PATCH] Fix root hole in pktcdvd

ioctl_by_bdev may only be used INSIDE the kernel. If the “arg” argument refers to memory that is accessed by put_user/get_user in the ioctl function, the memory needs to be in the kernel address space (that’s the set_fs(KERNEL_DS) doing in the ioctl_by_bdev). This works on i386 because even with set_fs(KERNEL_DS) the user space memory is still accessible with put_user/get_user. That is not true for s390. In short the ioctl implementation of the pktcdvd device driver is horribly broken.

Signed-off-by: Peter Osterlund
Signed-off-by: Andrew Morton
Signed-off-by: Greg Kroah-Hartman

[PATCH] Fix root hole in raw device

[Patch] Fix raw device ioctl pass through

Raw character devices are supposed to pass ioctls through to the block devices they are bound to. Unfortunately, they are using the wrong function for this: ioctl_by_bdev(), instead of blkdev_ioctl().

ioctl_by_bdev() performs a set_fs(KERNEL_DS) before calling the ioctl, redirecting the user-space buffer access to the kernel address space. This is, needless to say, a bad thing.

This was noticed first on s390, where raw IO was non-functioning. The s390 driver config does not actually allow raw IO to be enabled, which was the first part of the problem. Secondly, the s390 kernel address space is distinct from user, causing legal raw ioctls to fail. I’ve reproduced this on a kernel built with 4G:4G split on x86, which fails in the same way (-EFAULT if the address does not exist kernel-side; returns success without actually populating the user buffer if it does.)

The patch below fixes both the config and address-space problems. It’s based closely on a patch by Jan Glauber , which has been tested on s390 at IBM. I’ve tested it on x86 4G:4G (split address space) and x86_64 (common address space).

Kernel-address-space access has been assigned CAN-2005-1264.

Signed off by: Stephen Tweedie
Signed-off-by: Dave Jones
Signed-off-by: Greg Kroah-Hartman

Version number 2.6.11.10
Operating systems Linux
Website kernel.org
Download
License type GPL
You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

EU Council determines position on security requirements for digital products

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

Logitech acquires stream controller maker Loupedeck

News

Anticheat FaceIT gets Linux version, enables Steam Deck support

News

Rumor: EU starts investigation into Microsoft for including Teams with Office