main/linux-grsec: fix gre+xfrm+gso crashes

fixes #1925 (cherry picked from commit 55bed09ef364d3268dad8a067181f00a0e0c8789)
author: Natanael Copa <ncopa@alpinelinux.org> 2013-05-23 06:45:11 +0000
committer: Natanael Copa <ncopa@alpinelinux.org> 2013-06-03 13:59:40 +0000
commit: 9c577e498442db707d92db0b6733a4f6bff21cae (patch)
tree: 9e82c74e7e1f1e216a15659136c0f261d4dcca0d
parent: f29d6acbeed4be719f013fc9b0900f7c0c4388af (diff)
download: alpine_aports-9c577e498442db707d92db0b6733a4f6bff21cae.tar.bz2
alpine_aports-9c577e498442db707d92db0b6733a4f6bff21cae.tar.xz
alpine_aports-9c577e498442db707d92db0b6733a4f6bff21cae.zip
2 files changed, 49 insertions, 1 deletions
diff --git a/main/linux-grsec/APKBUILD b/main/linux-grsec/APKBUILD
index dda2694820..215678fa53 100644
--- a/main/linux-grsec/APKBUILD
+++ b/main/linux-grsec/APKBUILD
@@ -7,7 +7,7 @@ case $pkgver in
 *.*.*)  _kernver=${pkgver%.*};;
 *.*)    _kernver=${pkgver};;
 esac
-pkgrel=0
+pkgrel=1
 pkgdesc="Linux kernel with grsecurity"
 url=http://grsecurity.net
 depends="mkinitfs linux-firmware"
@@ -21,6 +21,7 @@ source="http://ftp.kernel.org/pub/linux/kernel/v3.x/linux-$_kernver.tar.xz
        v2-net-next-arp-flush-arp-cache-on-IFF_NOARP-change.patch
        leds-leds-gpio-reserve-gpio-before-using-it.patch
+        ipsec-xfrm-properly-handle-invalid-states-as-an-error.patch
        kernelconfig.x86
        kernelconfig.x86_64
@@ -149,6 +150,7 @@ md5sums="4348c9b6b2eb3144d601e87c19d5d909  linux-3.9.tar.xz
 e881cf0db639205660f237ceea58f708  grsecurity-2.9.1-3.9.3-201305201732.patch
 699e92148cc9a55b6fc4d7d81e476717  v2-net-next-arp-flush-arp-cache-on-IFF_NOARP-change.patch
 83db7136608d8101ae130728539dc376  leds-leds-gpio-reserve-gpio-before-using-it.patch
+ac9a50bdbe91ba6e5205e83f7e734ff5  ipsec-xfrm-properly-handle-invalid-states-as-an-error.patch
 fd6fd35309c0e8c1f05cb725df958f22  kernelconfig.x86
 fd61ff58d25155997c0d6f73e7ca7a7d  kernelconfig.x86_64"
 sha256sums="60bc3e64ee5dc778de2cd7cd7640abf518a4c9d4f31b8ed624e16fad53f54541  linux-3.9.tar.xz
@@ -156,6 +158,7 @@ sha256sums="60bc3e64ee5dc778de2cd7cd7640abf518a4c9d4f31b8ed624e16fad53f54541  li
 c1b4310085ff07200131dc841a0a22f84a7f166c3b25464e27dd2694584bc72c  grsecurity-2.9.1-3.9.3-201305201732.patch
 8e2f41605937eecd47cefe62daefd372dbf1e63cf956ab3ced3213ac2b508ee3  v2-net-next-arp-flush-arp-cache-on-IFF_NOARP-change.patch
 13676bc5610a8d03e788ac76734babd1338b023bb39559452ee54652b046e6f4  leds-leds-gpio-reserve-gpio-before-using-it.patch
+ab0dcb52342990ad05af5ce21acd1e95fb65cc7e76ec98e45c7ece7433bc9f23  ipsec-xfrm-properly-handle-invalid-states-as-an-error.patch
 b44c6671b344ddae1da94e6c051a0e708af8609c1f2ff40d962301ed5023c83a  kernelconfig.x86
 7a6700a6db89f8c2c7f8cce7d77f4ddb3fcad889d72c709c2833af795ef1bc79  kernelconfig.x86_64"
 sha512sums="77fa521f42380409f8ab400c26f7b00e225cb075ef40834bb263325cfdcc3e65aef8511ec2fc2b50bbf4f50e226fb5ab07d7a479aaf09162adbbf318325d0790  linux-3.9.tar.xz
@@ -163,5 +166,6 @@ ae2bca3f0d274281d7ae88bb835d129a036350dfd3e9e941d7a0175194b2cbccffb5f8b5a20e5a74
 d6aa751d1fac8c4d758f9479bc6b08f70d8725c6c74b63446def044f42260a8beb1f540ae4473ec57f42538513d3ccb42de41c8cc721b9b85d8cfbaef7ab85d5  grsecurity-2.9.1-3.9.3-201305201732.patch
 772c847cd74b12ed22266042c0902d8a3cf09c897b6e1c01148dfcd2f01aed331f292e82c34bb718090dc0898e1ef364196272bff885a32378f7fbc8bfc06a9b  v2-net-next-arp-flush-arp-cache-on-IFF_NOARP-change.patch
 10d2cf4fb308d1bc8cb5b9df3f9a6d7b9cef453244673bcbe66bd9b64af410a498e203d4dfa51f53461362ad981736eadc46537616b2c0514f57f4d8864c830d  leds-leds-gpio-reserve-gpio-before-using-it.patch
+769291e92f2f5ae5375d98b80bf8790b089c87437f1660cf8d5e9d45d7221280b6824bcb1d2564cbe12310a88df48443c56ecc9ce5468858829088221aa80327  ipsec-xfrm-properly-handle-invalid-states-as-an-error.patch
 2516c47145f53cfa5624a9a8839b3590fd16a980aa4c8c48af4db025960d33abe855a5c698ee701a0d3704a96a9a3f93cd6c3cc8c9b8fdf73f230c15ad2f7611  kernelconfig.x86
 0a3739e5e1fe29fcce8c686d8ac223316467a2efaaa18cb3d1abf6c7a66dc86be12c26755dff1aef6d0f5a028ce4f6dfc5664ab42b484046949f401f3b9198f9  kernelconfig.x86_64"
diff --git a/main/linux-grsec/ipsec-xfrm-properly-handle-invalid-states-as-an-error.patch b/main/linux-grsec/ipsec-xfrm-properly-handle-invalid-states-as-an-error.patch
new file mode 100644
index 0000000000..7cb0dade7c
--- /dev/null
+++ b/main/linux-grsec/ipsec-xfrm-properly-handle-invalid-states-as-an-error.patch
@@ -0,0 +1,44 @@
+From patchwork Wed May 22 11:40:47 2013
+Content-Type: text/plain; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+Subject: [ipsec] xfrm: properly handle invalid states as an error
+Date: Wed, 22 May 2013 01:40:47 -0000
+From: =?utf-8?q?Timo_Ter=C3=A4s?= <timo.teras@iki.fi>
+X-Patchwork-Id: 245594
+Message-Id: <1369222847-8542-1-git-send-email-timo.teras@iki.fi>
+To: netdev@vger.kernel.org
+Cc: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>,
+ Li RongQing <roy.qing.li@gmail.com>,
+ Steffen Klassert <steffen.klassert@secunet.com>
+The error exit path needs err explicitly set. Otherwise it
+returns success and the only caller, xfrm_output_resume(),
+would oops in skb_dst(skb)->ops derefence as skb_dst(skb) is
+NULL.
+Bug introduced in commit bb65a9cb (xfrm: removes a superfluous
+check and add a statistic).
+Signed-off-by: Timo Teräs <timo.teras@iki.fi>
+Cc: Li RongQing <roy.qing.li@gmail.com>
+Cc: Steffen Klassert <steffen.klassert@secunet.com>
+---
+Should go also to 3.9-stable.
+ net/xfrm/xfrm_output.c | 1 +
+ 1 file changed, 1 insertion(+)
+diff --git a/net/xfrm/xfrm_output.c b/net/xfrm/xfrm_output.c
+index bcfda89..0cf003d 100644
+--- a/net/xfrm/xfrm_output.c
+++ b/net/xfrm/xfrm_output.c
+@@ -64,6 +64,7 @@ static int xfrm_output_one(struct sk_buff *skb, int err)
+ 
+                if (unlikely(x->km.state != XFRM_STATE_VALID)) {
+                        XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTSTATEINVALID);
+                       err = -EINVAL;
+                        goto error;
+                }
+
author	Natanael Copa <ncopa@alpinelinux.org>	2013-05-23 06:45:11 +0000
committer	Natanael Copa <ncopa@alpinelinux.org>	2013-06-03 13:59:40 +0000
commit	9c577e498442db707d92db0b6733a4f6bff21cae (patch)
tree	9e82c74e7e1f1e216a15659136c0f261d4dcca0d
parent	f29d6acbeed4be719f013fc9b0900f7c0c4388af (diff)
download	alpine_aports-9c577e498442db707d92db0b6733a4f6bff21cae.tar.bz2 alpine_aports-9c577e498442db707d92db0b6733a4f6bff21cae.tar.xz alpine_aports-9c577e498442db707d92db0b6733a4f6bff21cae.zip

diff --git a/main/linux-grsec/APKBUILD b/main/linux-grsec/APKBUILD index dda2694820..215678fa53 100644 --- a/main/linux-grsec/APKBUILD +++ b/main/linux-grsec/APKBUILD
@@ -7,7 +7,7 @@ case $pkgver in
7	..) _kernver=${pkgver%.};;	7	..) _kernver=${pkgver%.};;
8	.) _kernver=${pkgver};;	8	.) _kernver=${pkgver};;
9	esac	9	esac
10	pkgrel=0	10	pkgrel=1
11	pkgdesc="Linux kernel with grsecurity"	11	pkgdesc="Linux kernel with grsecurity"
12	url=http://grsecurity.net	12	url=http://grsecurity.net
13	depends="mkinitfs linux-firmware"	13	depends="mkinitfs linux-firmware"
@@ -21,6 +21,7 @@ source="http://ftp.kernel.org/pub/linux/kernel/v3.x/linux-$_kernver.tar.xz
21		21
22	v2-net-next-arp-flush-arp-cache-on-IFF_NOARP-change.patch	22	v2-net-next-arp-flush-arp-cache-on-IFF_NOARP-change.patch
23	leds-leds-gpio-reserve-gpio-before-using-it.patch	23	leds-leds-gpio-reserve-gpio-before-using-it.patch
		24	ipsec-xfrm-properly-handle-invalid-states-as-an-error.patch
24		25
25	kernelconfig.x86	26	kernelconfig.x86
26	kernelconfig.x86_64	27	kernelconfig.x86_64
@@ -149,6 +150,7 @@ md5sums="4348c9b6b2eb3144d601e87c19d5d909 linux-3.9.tar.xz
149	e881cf0db639205660f237ceea58f708 grsecurity-2.9.1-3.9.3-201305201732.patch	150	e881cf0db639205660f237ceea58f708 grsecurity-2.9.1-3.9.3-201305201732.patch
150	699e92148cc9a55b6fc4d7d81e476717 v2-net-next-arp-flush-arp-cache-on-IFF_NOARP-change.patch	151	699e92148cc9a55b6fc4d7d81e476717 v2-net-next-arp-flush-arp-cache-on-IFF_NOARP-change.patch
151	83db7136608d8101ae130728539dc376 leds-leds-gpio-reserve-gpio-before-using-it.patch	152	83db7136608d8101ae130728539dc376 leds-leds-gpio-reserve-gpio-before-using-it.patch
		153	ac9a50bdbe91ba6e5205e83f7e734ff5 ipsec-xfrm-properly-handle-invalid-states-as-an-error.patch
152	fd6fd35309c0e8c1f05cb725df958f22 kernelconfig.x86	154	fd6fd35309c0e8c1f05cb725df958f22 kernelconfig.x86
153	fd61ff58d25155997c0d6f73e7ca7a7d kernelconfig.x86_64"	155	fd61ff58d25155997c0d6f73e7ca7a7d kernelconfig.x86_64"
154	sha256sums="60bc3e64ee5dc778de2cd7cd7640abf518a4c9d4f31b8ed624e16fad53f54541 linux-3.9.tar.xz	156	sha256sums="60bc3e64ee5dc778de2cd7cd7640abf518a4c9d4f31b8ed624e16fad53f54541 linux-3.9.tar.xz
@@ -156,6 +158,7 @@ sha256sums="60bc3e64ee5dc778de2cd7cd7640abf518a4c9d4f31b8ed624e16fad53f54541 li
156	c1b4310085ff07200131dc841a0a22f84a7f166c3b25464e27dd2694584bc72c grsecurity-2.9.1-3.9.3-201305201732.patch	158	c1b4310085ff07200131dc841a0a22f84a7f166c3b25464e27dd2694584bc72c grsecurity-2.9.1-3.9.3-201305201732.patch
157	8e2f41605937eecd47cefe62daefd372dbf1e63cf956ab3ced3213ac2b508ee3 v2-net-next-arp-flush-arp-cache-on-IFF_NOARP-change.patch	159	8e2f41605937eecd47cefe62daefd372dbf1e63cf956ab3ced3213ac2b508ee3 v2-net-next-arp-flush-arp-cache-on-IFF_NOARP-change.patch
158	13676bc5610a8d03e788ac76734babd1338b023bb39559452ee54652b046e6f4 leds-leds-gpio-reserve-gpio-before-using-it.patch	160	13676bc5610a8d03e788ac76734babd1338b023bb39559452ee54652b046e6f4 leds-leds-gpio-reserve-gpio-before-using-it.patch
		161	ab0dcb52342990ad05af5ce21acd1e95fb65cc7e76ec98e45c7ece7433bc9f23 ipsec-xfrm-properly-handle-invalid-states-as-an-error.patch
159	b44c6671b344ddae1da94e6c051a0e708af8609c1f2ff40d962301ed5023c83a kernelconfig.x86	162	b44c6671b344ddae1da94e6c051a0e708af8609c1f2ff40d962301ed5023c83a kernelconfig.x86
160	7a6700a6db89f8c2c7f8cce7d77f4ddb3fcad889d72c709c2833af795ef1bc79 kernelconfig.x86_64"	163	7a6700a6db89f8c2c7f8cce7d77f4ddb3fcad889d72c709c2833af795ef1bc79 kernelconfig.x86_64"
161	sha512sums="77fa521f42380409f8ab400c26f7b00e225cb075ef40834bb263325cfdcc3e65aef8511ec2fc2b50bbf4f50e226fb5ab07d7a479aaf09162adbbf318325d0790 linux-3.9.tar.xz	164	sha512sums="77fa521f42380409f8ab400c26f7b00e225cb075ef40834bb263325cfdcc3e65aef8511ec2fc2b50bbf4f50e226fb5ab07d7a479aaf09162adbbf318325d0790 linux-3.9.tar.xz
@@ -163,5 +166,6 @@ ae2bca3f0d274281d7ae88bb835d129a036350dfd3e9e941d7a0175194b2cbccffb5f8b5a20e5a74
163	d6aa751d1fac8c4d758f9479bc6b08f70d8725c6c74b63446def044f42260a8beb1f540ae4473ec57f42538513d3ccb42de41c8cc721b9b85d8cfbaef7ab85d5 grsecurity-2.9.1-3.9.3-201305201732.patch	166	d6aa751d1fac8c4d758f9479bc6b08f70d8725c6c74b63446def044f42260a8beb1f540ae4473ec57f42538513d3ccb42de41c8cc721b9b85d8cfbaef7ab85d5 grsecurity-2.9.1-3.9.3-201305201732.patch
164	772c847cd74b12ed22266042c0902d8a3cf09c897b6e1c01148dfcd2f01aed331f292e82c34bb718090dc0898e1ef364196272bff885a32378f7fbc8bfc06a9b v2-net-next-arp-flush-arp-cache-on-IFF_NOARP-change.patch	167	772c847cd74b12ed22266042c0902d8a3cf09c897b6e1c01148dfcd2f01aed331f292e82c34bb718090dc0898e1ef364196272bff885a32378f7fbc8bfc06a9b v2-net-next-arp-flush-arp-cache-on-IFF_NOARP-change.patch
165	10d2cf4fb308d1bc8cb5b9df3f9a6d7b9cef453244673bcbe66bd9b64af410a498e203d4dfa51f53461362ad981736eadc46537616b2c0514f57f4d8864c830d leds-leds-gpio-reserve-gpio-before-using-it.patch	168	10d2cf4fb308d1bc8cb5b9df3f9a6d7b9cef453244673bcbe66bd9b64af410a498e203d4dfa51f53461362ad981736eadc46537616b2c0514f57f4d8864c830d leds-leds-gpio-reserve-gpio-before-using-it.patch
		169	769291e92f2f5ae5375d98b80bf8790b089c87437f1660cf8d5e9d45d7221280b6824bcb1d2564cbe12310a88df48443c56ecc9ce5468858829088221aa80327 ipsec-xfrm-properly-handle-invalid-states-as-an-error.patch
166	2516c47145f53cfa5624a9a8839b3590fd16a980aa4c8c48af4db025960d33abe855a5c698ee701a0d3704a96a9a3f93cd6c3cc8c9b8fdf73f230c15ad2f7611 kernelconfig.x86	170	2516c47145f53cfa5624a9a8839b3590fd16a980aa4c8c48af4db025960d33abe855a5c698ee701a0d3704a96a9a3f93cd6c3cc8c9b8fdf73f230c15ad2f7611 kernelconfig.x86
167	0a3739e5e1fe29fcce8c686d8ac223316467a2efaaa18cb3d1abf6c7a66dc86be12c26755dff1aef6d0f5a028ce4f6dfc5664ab42b484046949f401f3b9198f9 kernelconfig.x86_64"	171	0a3739e5e1fe29fcce8c686d8ac223316467a2efaaa18cb3d1abf6c7a66dc86be12c26755dff1aef6d0f5a028ce4f6dfc5664ab42b484046949f401f3b9198f9 kernelconfig.x86_64"


diff --git a/main/linux-grsec/ipsec-xfrm-properly-handle-invalid-states-as-an-error.patch b/main/linux-grsec/ipsec-xfrm-properly-handle-invalid-states-as-an-error.patch new file mode 100644 index 0000000000..7cb0dade7c --- /dev/null +++ b/main/linux-grsec/ipsec-xfrm-properly-handle-invalid-states-as-an-error.patch
@@ -0,0 +1,44 @@
		1	From patchwork Wed May 22 11:40:47 2013
		2	Content-Type: text/plain; charset="utf-8"
		3	MIME-Version: 1.0
		4	Content-Transfer-Encoding: 8bit
		5	Subject: [ipsec] xfrm: properly handle invalid states as an error
		6	Date: Wed, 22 May 2013 01:40:47 -0000
		7	From: =?utf-8?q?Timo_Ter=C3=A4s?= <timo.teras@iki.fi>
		8	X-Patchwork-Id: 245594
		9	Message-Id: <1369222847-8542-1-git-send-email-timo.teras@iki.fi>
		10	To: netdev@vger.kernel.org
		11	Cc: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>,
		12	Li RongQing <roy.qing.li@gmail.com>,
		13	Steffen Klassert <steffen.klassert@secunet.com>
		14
		15	The error exit path needs err explicitly set. Otherwise it
		16	returns success and the only caller, xfrm_output_resume(),
		17	would oops in skb_dst(skb)->ops derefence as skb_dst(skb) is
		18	NULL.
		19
		20	Bug introduced in commit bb65a9cb (xfrm: removes a superfluous
		21	check and add a statistic).
		22
		23	Signed-off-by: Timo Teräs <timo.teras@iki.fi>
		24	Cc: Li RongQing <roy.qing.li@gmail.com>
		25	Cc: Steffen Klassert <steffen.klassert@secunet.com>
		26
		27	---
		28	Should go also to 3.9-stable.
		29
		30	net/xfrm/xfrm_output.c \| 1 +
		31	1 file changed, 1 insertion(+)
		32
		33	diff --git a/net/xfrm/xfrm_output.c b/net/xfrm/xfrm_output.c
		34	index bcfda89..0cf003d 100644
		35	--- a/net/xfrm/xfrm_output.c
		36	+++ b/net/xfrm/xfrm_output.c
		37	@@ -64,6 +64,7 @@ static int xfrm_output_one(struct sk_buff *skb, int err)
		38
		39	if (unlikely(x->km.state != XFRM_STATE_VALID)) {
		40	XFRM_INC_STATS(net, LINUX_MIB_XFRMOUTSTATEINVALID);
		41	+ err = -EINVAL;
		42	goto error;
		43	}
		44