From: Greg Kroah-Hartman Date: Tue, 11 Apr 2006 17:21:10 +0000 (-0700) Subject: 2.6.16.4 release X-Git-Tag: v2.6.16.4^0 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=8396789e45e60db066311fe2e40197e0b3621d99;p=thirdparty%2Fkernel%2Fstable-queue.git 2.6.16.4 release --- diff --git a/2.6.16.4/__group_complete_signal-remove-bogus-bug_on.patch b/2.6.16.4/__group_complete_signal-remove-bogus-bug_on.patch new file mode 100644 index 00000000000..8778dadb5dd --- /dev/null +++ b/2.6.16.4/__group_complete_signal-remove-bogus-bug_on.patch @@ -0,0 +1,35 @@ +From linux-kernel-owner+greg=40kroah.com-S1750849AbWDKOWT@vger.kernel.org Tue Apr 11 07:23:19 2006 +Date: Tue, 11 Apr 2006 22:18:58 +0400 +From: Oleg Nesterov +To: linux-kernel@vger.kernel.org +Cc: Roland McGrath , "Eric W. Biederman" , Ingo Molnar , "Paul E. McKenney" , Linus Torvalds , Andrew Morton +Subject: [PATCH] __group_complete_signal: remove bogus BUG_ON [CVE-2006-1523] +Message-ID: <20060411181858.GA110@oleg> +Content-Disposition: inline + +[PATCH] RCU signal handling + +made this BUG_ON() unsafe. This code runs under ->siglock, +while switch_exec_pids() takes tasklist_lock. + +Signed-off-by: Oleg Nesterov +Signed-off-by: Linus Torvalds +Signed-off-by: Greg Kroah-Hartman + +--- 2.6.16/kernel/signal.c~ 2006-02-13 21:47:19.000000000 +0300 ++++ 2.6.16/kernel/signal.c 2006-04-11 21:53:03.000000000 +0400 +@@ -975,7 +975,6 @@ __group_complete_signal(int sig, struct + if (t == NULL) + /* restart balancing at this thread */ + t = p->signal->curr_target = p; +- BUG_ON(t->tgid != p->tgid); + + while (!wants_signal(sig, t)) { + t = next_thread(t); + +- +To unsubscribe from this list: send the line "unsubscribe linux-kernel" in +the body of a message to majordomo@vger.kernel.org +More majordomo info at http://vger.kernel.org/majordomo-info.html +Please read the FAQ at http://www.tux.org/lkml/ +