From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Thu, 9 May 2019 18:04:00 +0000 (+0200)
Subject: 3.18-stable patches
X-Git-Tag: v4.9.175~8
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=c512829347d5f869146cd1f47865e2d2ee14fc8c;p=thirdparty%2Fkernel%2Fstable-queue.git

3.18-stable patches

added patches:
	timer-debug-change-proc-timer_stats-from-0644-to-0600.patch
---

diff --git a/queue-3.18/series b/queue-3.18/series
index 4b0ff198ad9..b3ab7b87b9a 100644
--- a/queue-3.18/series
+++ b/queue-3.18/series
@@ -60,3 +60,4 @@ genirq-prevent-use-after-free-and-work-list-corrupti.patch
 scsi-qla2xxx-fix-incorrect-region-size-setting-in-optrom-sysfs-routines.patch
 bluetooth-hidp-fix-buffer-overflow.patch
 bluetooth-align-minimum-encryption-key-size-for-le-and-br-edr-connections.patch
+timer-debug-change-proc-timer_stats-from-0644-to-0600.patch
diff --git a/queue-3.18/timer-debug-change-proc-timer_stats-from-0644-to-0600.patch b/queue-3.18/timer-debug-change-proc-timer_stats-from-0644-to-0600.patch
new file mode 100644
index 00000000000..020c7be6ccc
--- /dev/null
+++ b/queue-3.18/timer-debug-change-proc-timer_stats-from-0644-to-0600.patch
@@ -0,0 +1,38 @@
+From ben@decadent.org.uk  Thu May  9 19:42:50 2019
+From: Ben Hutchings <ben@decadent.org.uk>
+Date: Tue, 7 May 2019 20:04:04 +0100
+Subject: timer/debug: Change /proc/timer_stats from 0644 to 0600
+To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>, Sasha Levin <sashal@kernel.org>
+Cc: stable@vger.kernel.org
+Message-ID: <20190507190404.ub43rr4iuvqfkbsq@decadent.org.uk>
+Content-Disposition: inline
+
+From: Ben Hutchings <ben@decadent.org.uk>
+
+The timer_stats facility should filter and translate PIDs if opened
+from a non-initial PID namespace, to avoid leaking information about
+the wider system.  It should also not show kernel virtual addresses.
+Unfortunately it has now been removed upstream (as redundant)
+instead of being fixed.
+
+For stable, fix the leak by restricting access to root only.  A
+similar change was already made for the /proc/timer_list file.
+
+Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ kernel/time/timer_stats.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/kernel/time/timer_stats.c
++++ b/kernel/time/timer_stats.c
+@@ -417,7 +417,7 @@ static int __init init_tstats_procfs(voi
+ {
+ 	struct proc_dir_entry *pe;
+ 
+-	pe = proc_create("timer_stats", 0644, NULL, &tstats_fops);
++	pe = proc_create("timer_stats", 0600, NULL, &tstats_fops);
+ 	if (!pe)
+ 		return -ENOMEM;
+ 	return 0;