linux-toradex.git/usr, branch v2.6.34.15 Linux kernel for Apalis and Colibri modules gen_init_cpio: avoid stack overflow when expanding 2014-02-10T21:11:04+00:00 Kees Cook keescook@chromium.org 2012-10-25T20:38:14+00:00 cbc6371912c8071719487089ef6c50aacf4b7542 commit 20f1de659b77364d55d4e7fad2ef657e7730323f upstream. Fix possible overflow of the buffer used for expanding environment variables when building file list. In the extremely unlikely case of an attacker having control over the environment variables visible to gen_init_cpio, control over the contents of the file gen_init_cpio parses, and gen_init_cpio was built without compiler hardening, the attacker can gain arbitrary execution control via a stack buffer overflow. $ cat usr/crash.list file foo ${BIG}${BIG}${BIG}${BIG}${BIG}${BIG} 0755 0 0 $ BIG=$(perl -e 'print "A" x 4096;') ./usr/gen_init_cpio usr/crash.list *** buffer overflow detected ***: ./usr/gen_init_cpio terminated This also replaces the space-indenting with tabs. Patch based on existing fix extracted from grsecurity. Signed-off-by: Kees Cook <keescook@chromium.org> Cc: Michal Marek <mmarek@suse.cz> Cc: Brad Spengler <spender@grsecurity.net> Cc: PaX Team <pageexec@freemail.hu> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com> 
commit 20f1de659b77364d55d4e7fad2ef657e7730323f upstream.

Fix possible overflow of the buffer used for expanding environment
variables when building file list.

In the extremely unlikely case of an attacker having control over the
environment variables visible to gen_init_cpio, control over the
contents of the file gen_init_cpio parses, and gen_init_cpio was built
without compiler hardening, the attacker can gain arbitrary execution
control via a stack buffer overflow.

  $ cat usr/crash.list
  file foo ${BIG}${BIG}${BIG}${BIG}${BIG}${BIG} 0755 0 0
  $ BIG=$(perl -e 'print "A" x 4096;') ./usr/gen_init_cpio usr/crash.list
  *** buffer overflow detected ***: ./usr/gen_init_cpio terminated

This also replaces the space-indenting with tabs.

Patch based on existing fix extracted from grsecurity.

Signed-off-by: Kees Cook <keescook@chromium.org>
Cc: Michal Marek <mmarek@suse.cz>
Cc: Brad Spengler <spender@grsecurity.net>
Cc: PaX Team <pageexec@freemail.hu>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Add LZO compression support for initramfs and old-style initrd 2010-01-11T17:34:05+00:00 Albin Tonnerre albin.tonnerre@free-electrons.com 2010-01-08T22:42:46+00:00 cacb246f8db2b9eba89d44a0f0dd4f6ed93bc113 Signed-off-by: Albin Tonnerre <albin.tonnerre@free-electrons.com> Tested-by: Wu Zhangjin <wuzhangjin@gmail.com> Acked-by: "H. Peter Anvin" <hpa@zytor.com> Cc: Ingo Molnar <mingo@elte.hu> Cc: Thomas Gleixner <tglx@linutronix.de> Tested-by: Russell King <rmk@arm.linux.org.uk> Acked-by: Russell King <rmk@arm.linux.org.uk> Cc: Ralf Baechle <ralf@linux-mips.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 
Signed-off-by: Albin Tonnerre <albin.tonnerre@free-electrons.com>
Tested-by: Wu Zhangjin <wuzhangjin@gmail.com>
Acked-by: "H. Peter Anvin" <hpa@zytor.com>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Thomas Gleixner <tglx@linutronix.de>
Tested-by: Russell King <rmk@arm.linux.org.uk>
Acked-by: Russell King <rmk@arm.linux.org.uk>
Cc: Ralf Baechle <ralf@linux-mips.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
gen_init_cpio: fixed fwrite warning 2009-12-12T12:08:17+00:00 Mike Frysinger vapier@gentoo.org 2009-12-09T11:55:19+00:00 6d87fea4dd7152df4a4605a3846c3bf10f869e0c On compilers with security warnings enabled by default, we get: usr/gen_init_cpio.c: In function ‘cpio_mkfile’: usr/gen_init_cpio.c:357: warning: ignoring return value of ‘fwrite’, declared with attribute warn_unused_result So check the return value and handle errors accordingly. Signed-off-by: Mike Frysinger <vapier@gentoo.org> Signed-off-by: Michal Marek <mmarek@suse.cz> 
On compilers with security warnings enabled by default, we get:

usr/gen_init_cpio.c: In function ‘cpio_mkfile’:
usr/gen_init_cpio.c:357: warning: ignoring return value of ‘fwrite’,
                                  declared with attribute warn_unused_result

So check the return value and handle errors accordingly.

Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Signed-off-by: Michal Marek <mmarek@suse.cz>
Merge git://git.kernel.org/pub/scm/linux/kernel/git/sam/kbuild-next 2009-09-23T22:37:02+00:00 Linus Torvalds torvalds@linux-foundation.org 2009-09-23T22:37:02+00:00 c37efa932598de5e30330a1414e34d9e082e0d9e * git://git.kernel.org/pub/scm/linux/kernel/git/sam/kbuild-next: (30 commits) Use macros for .data.page_aligned section. Use macros for .bss.page_aligned section. Use new __init_task_data macro in arch init_task.c files. kbuild: Don't define ALIGN and ENTRY when preprocessing linker scripts. arm, cris, mips, sparc, powerpc, um, xtensa: fix build with bash 4.0 kbuild: add static to prototypes kbuild: fail build if recordmcount.pl fails kbuild: set -fconserve-stack option for gcc 4.5 kbuild: echo the record_mcount command gconfig: disable "typeahead find" search in treeviews kbuild: fix cc1 options check to ensure we do not use -fPIC when compiling checkincludes.pl: add option to remove duplicates in place markup_oops: use modinfo to avoid confusion with underscored module names checkincludes.pl: provide usage helper checkincludes.pl: close file as soon as we're done with it ctags: usability fix kernel hacking: move STRIP_ASM_SYMS from General gitignore usr/initramfs_data.cpio.bz2 and usr/initramfs_data.cpio.lzma kbuild: Check if linker supports the -X option kbuild: introduce ld-option ... Fix trivial conflict in scripts/basic/fixdep.c 
* git://git.kernel.org/pub/scm/linux/kernel/git/sam/kbuild-next: (30 commits)
  Use macros for .data.page_aligned section.
  Use macros for .bss.page_aligned section.
  Use new __init_task_data macro in arch init_task.c files.
  kbuild: Don't define ALIGN and ENTRY when preprocessing linker scripts.
  arm, cris, mips, sparc, powerpc, um, xtensa: fix build with bash 4.0
  kbuild: add static to prototypes
  kbuild: fail build if recordmcount.pl fails
  kbuild: set -fconserve-stack option for gcc 4.5
  kbuild: echo the record_mcount command
  gconfig: disable "typeahead find" search in treeviews
  kbuild: fix cc1 options check to ensure we do not use -fPIC when compiling
  checkincludes.pl: add option to remove duplicates in place
  markup_oops: use modinfo to avoid confusion with underscored module names
  checkincludes.pl: provide usage helper
  checkincludes.pl: close file as soon as we're done with it
  ctags: usability fix
  kernel hacking: move STRIP_ASM_SYMS from General
  gitignore usr/initramfs_data.cpio.bz2 and usr/initramfs_data.cpio.lzma
  kbuild: Check if linker supports the -X option
  kbuild: introduce ld-option
  ...

Fix trivial conflict in scripts/basic/fixdep.c
Fix all -Wmissing-prototypes warnings in x86 defconfig 2009-09-23T14:39:28+00:00 Trevor Keith tsrk@tsrk.net 2009-09-22T23:43:38+00:00 5c725138437837291db5c25f4a076ee852e806e3 Signed-off-by: Trevor Keith <tsrk@tsrk.net> Cc: Sam Ravnborg <sam@ravnborg.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> 
Signed-off-by: Trevor Keith <tsrk@tsrk.net>
Cc: Sam Ravnborg <sam@ravnborg.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
gitignore usr/initramfs_data.cpio.bz2 and usr/initramfs_data.cpio.lzma 2009-09-20T10:27:42+00:00 Jaswinder Singh Rajput jaswinder@kernel.org 2009-09-18T19:49:21+00:00 78074cfc6e5054d736a2adb144c0e0dcc301c14a usr/initramfs_data.cpio.bz2 and usr/initramfs_data.cpio.lzma are binary files should be ignored Signed-off-by: Jaswinder Singh Rajput <jaswinderrajput@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Sam Ravnborg <sam@ravnborg.org> 
usr/initramfs_data.cpio.bz2 and usr/initramfs_data.cpio.lzma are binary
files should be ignored

Signed-off-by: Jaswinder Singh Rajput <jaswinderrajput@gmail.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Sam Ravnborg <sam@ravnborg.org>
kbuild: correct initramfs compression comment 2009-09-20T10:27:41+00:00 Robert P. J. Day rpjday@crashcourse.ca 2009-07-05T13:46:19+00:00 0bc9f9e63c0aa9c60ee309039d8f52708145ea4b Fix the Makefile comment since bzip2 is now supported. Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca> Signed-off-by: Sam Ravnborg <sam@ravnborg.org> 
Fix the Makefile comment since bzip2 is now supported.

Signed-off-by: Robert P. J. Day <rpjday@crashcourse.ca>
Signed-off-by: Sam Ravnborg <sam@ravnborg.org>
bzip2/lzma: quiet Kconfig warning for INITRAMFS_COMPRESSION_NONE 2009-04-01T06:51:56+00:00 H. Peter Anvin hpa@zytor.com 2009-03-31T19:24:17+00:00 1359096eacb1971be67eead8bf9b582864d92a30 Impact: quiet Kconfig warning It appears that Kconfig simply has no way to provide defaults for entries that exist inside a conditionalized choice block. Fortunately, it turns out we don't actually ever use CONFIG_INITRAMFS_COMPRESSION_NONE, so we can just drop it for everything outside the choice block. Signed-off-by: H. Peter Anvin <hpa@zytor.com> 
Impact: quiet Kconfig warning

It appears that Kconfig simply has no way to provide defaults for
entries that exist inside a conditionalized choice block.
Fortunately, it turns out we don't actually ever use
CONFIG_INITRAMFS_COMPRESSION_NONE, so we can just drop it for
everything outside the choice block.

Signed-off-by: H. Peter Anvin <hpa@zytor.com>
bzip2/lzma: don't ask for compression mode for the default initramfs 2009-03-29T00:27:15+00:00 H. Peter Anvin hpa@zytor.com 2009-03-29T00:24:03+00:00 40297927575a50b1d0d308d735c445924d33fba6 Impact: Kconfig noise reduction, documentation The default initramfs is so small that it makes no sense to worry about the additional memory taken by not double-compressing it. Therefore, don't bug the user with it. Also, improve the description of the option, which was downright incorrect. Signed-off-by: H. Peter Anvin <hpa@zytor.com> 
Impact: Kconfig noise reduction, documentation

The default initramfs is so small that it makes no sense to worry
about the additional memory taken by not double-compressing it.
Therefore, don't bug the user with it.

Also, improve the description of the option, which was downright
incorrect.

Signed-off-by: H. Peter Anvin <hpa@zytor.com>
bzip2/lzma: consistently capitalize LZMA in Kconfig 2009-03-28T23:10:59+00:00 H. Peter Anvin hpa@zytor.com 2009-03-28T23:10:59+00:00 55d1d26f23383163a256d0de2aaf2b8fca83e611 Impact: message formatting Consistently spell LZMA in all capitals, since it (unlike gzip or bzip2) is an acronym. Signed-off-by: H. Peter Anvin <hpa@zytor.com> 
Impact: message formatting

Consistently spell LZMA in all capitals, since it (unlike gzip or
bzip2) is an acronym.

Signed-off-by: H. Peter Anvin <hpa@zytor.com>