diff options
| author | Justus Winter <4winter@informatik.uni-hamburg.de> | 2014-02-21 12:20:18 +0100 |
|---|---|---|
| committer | Justus Winter <4winter@informatik.uni-hamburg.de> | 2014-02-21 12:20:18 +0100 |
| commit | c941a241a0ecffa9b8b8da0f2df8584e4c7de8bc (patch) | |
| tree | 54a249bba6c9f6d1e108e0d67941b5775652b6b6 /debian/patches/protected_payload.patch | |
| parent | e9d808169e8ed80186dfa8741a27f982feb0f593 (diff) | |
fix protected_payload.patch
Diffstat (limited to 'debian/patches/protected_payload.patch')
| -rw-r--r-- | debian/patches/protected_payload.patch | 35 |
1 files changed, 5 insertions, 30 deletions
diff --git a/debian/patches/protected_payload.patch b/debian/patches/protected_payload.patch index d5a89c0..18e314e 100644 --- a/debian/patches/protected_payload.patch +++ b/debian/patches/protected_payload.patch @@ -160,7 +160,7 @@ index f78e978..0a7297e 100644 /* * A dummy value. Mostly used to indicate that the actual value diff --git a/ipc/ipc_kmsg.c b/ipc/ipc_kmsg.c -index 0e43410..469aeb0 100644 +index 0e43410..c57ed90 100644 --- a/ipc/ipc_kmsg.c +++ b/ipc/ipc_kmsg.c @@ -1802,9 +1802,17 @@ ipc_kmsg_copyout_header(msg, space, notify) @@ -170,7 +170,7 @@ index 0e43410..469aeb0 100644 - msg->msgh_bits = (MACH_MSGH_BITS_OTHER(mbits) | - MACH_MSGH_BITS(0, MACH_MSG_TYPE_PORT_SEND)); - msg->msgh_local_port = dest_name; -+ if (dest->ip_has_protected_payload) { ++ if (! dest->ip_has_protected_payload) { + msg->msgh_bits = (MACH_MSGH_BITS_OTHER(mbits) | + MACH_MSGH_BITS(0, MACH_MSG_TYPE_PORT_SEND)); + msg->msgh_local_port = dest_name; @@ -192,7 +192,7 @@ index 0e43410..469aeb0 100644 - MACH_MSGH_BITS(MACH_MSG_TYPE_PORT_SEND_ONCE, - MACH_MSG_TYPE_PORT_SEND)); - msg->msgh_local_port = dest_name; -+ if (dest->ip_has_protected_payload) { ++ if (! dest->ip_has_protected_payload) { + msg->msgh_bits = (MACH_MSGH_BITS_OTHER(mbits) | + MACH_MSGH_BITS(MACH_MSG_TYPE_PORT_SEND_ONCE, + MACH_MSG_TYPE_PORT_SEND)); @@ -214,7 +214,7 @@ index 0e43410..469aeb0 100644 - msg->msgh_bits = (MACH_MSGH_BITS_OTHER(mbits) | - MACH_MSGH_BITS(0, MACH_MSG_TYPE_PORT_SEND_ONCE)); - msg->msgh_local_port = dest_name; -+ if (dest->ip_has_protected_payload) { ++ if (! dest->ip_has_protected_payload) { + msg->msgh_bits = (MACH_MSGH_BITS_OTHER(mbits) | + MACH_MSGH_BITS(0, + MACH_MSG_TYPE_PORT_SEND_ONCE)); @@ -236,7 +236,7 @@ index 0e43410..469aeb0 100644 - msg->msgh_bits = (MACH_MSGH_BITS_OTHER(mbits) | - MACH_MSGH_BITS(reply_type, dest_type)); - msg->msgh_local_port = dest_name; -+ if (dest->ip_has_protected_payload) { ++ if (! dest->ip_has_protected_payload) { + msg->msgh_bits = (MACH_MSGH_BITS_OTHER(mbits) | + MACH_MSGH_BITS(reply_type, dest_type)); + msg->msgh_local_port = dest_name; @@ -494,28 +494,3 @@ index 13572a1..057278b 100644 + ip_unlock(port); + return KERN_SUCCESS; +} -commit 34d7379f599edfc2c7046e08f1a884bbf2866eb5 -Author: Justus Winter <4winter@informatik.uni-hamburg.de> -Date: Wed Nov 27 14:42:55 2013 +0100 - - XXX fix the size of ipc_port structs - - I do not know why this is happening, but w/o this, some kernel - pointers leak into the ip_protected_payload field. So it looks like - sizeof(struct ipc_tree_entry) is wrong here, not sure why - though. Maybe the global header is imported? But the compiler flags - should prevent this... - -diff --git a/ipc/ipc_init.c b/ipc/ipc_init.c -index debda47..7627b4e 100644 ---- a/ipc/ipc_init.c -+++ b/ipc/ipc_init.c -@@ -80,7 +80,7 @@ ipc_bootstrap(void) - sizeof(struct ipc_tree_entry), 0, NULL, NULL, NULL, 0); - - kmem_cache_init(&ipc_object_caches[IOT_PORT], "ipc_port", -- sizeof(struct ipc_port), 0, NULL, NULL, NULL, 0); -+ sizeof(struct ipc_port)+4, 0, NULL, NULL, NULL, 0); - - kmem_cache_init(&ipc_object_caches[IOT_PORT_SET], "ipc_pset", - sizeof(struct ipc_pset), 0, NULL, NULL, NULL, 0); |