diff options
Diffstat (limited to 'debian/patches/protected_payload.patch')
| -rw-r--r-- | debian/patches/protected_payload.patch | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/debian/patches/protected_payload.patch b/debian/patches/protected_payload.patch index 50dd791..d5a89c0 100644 --- a/debian/patches/protected_payload.patch +++ b/debian/patches/protected_payload.patch @@ -494,3 +494,28 @@ index 13572a1..057278b 100644 + ip_unlock(port); + return KERN_SUCCESS; +} +commit 34d7379f599edfc2c7046e08f1a884bbf2866eb5 +Author: Justus Winter <4winter@informatik.uni-hamburg.de> +Date: Wed Nov 27 14:42:55 2013 +0100 + + XXX fix the size of ipc_port structs + + I do not know why this is happening, but w/o this, some kernel + pointers leak into the ip_protected_payload field. So it looks like + sizeof(struct ipc_tree_entry) is wrong here, not sure why + though. Maybe the global header is imported? But the compiler flags + should prevent this... + +diff --git a/ipc/ipc_init.c b/ipc/ipc_init.c +index debda47..7627b4e 100644 +--- a/ipc/ipc_init.c ++++ b/ipc/ipc_init.c +@@ -80,7 +80,7 @@ ipc_bootstrap(void) + sizeof(struct ipc_tree_entry), 0, NULL, NULL, NULL, 0); + + kmem_cache_init(&ipc_object_caches[IOT_PORT], "ipc_port", +- sizeof(struct ipc_port), 0, NULL, NULL, NULL, 0); ++ sizeof(struct ipc_port)+4, 0, NULL, NULL, NULL, 0); + + kmem_cache_init(&ipc_object_caches[IOT_PORT_SET], "ipc_pset", + sizeof(struct ipc_pset), 0, NULL, NULL, NULL, 0); |