diff for duplicates of <1289524045.5167.74.camel@dan> diff --git a/a/1.txt b/N1/1.txt index e308d8e..bd06079 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -10,11 +10,11 @@ index 3c95304..ba7cf7c 100644 - s, - atomic_read(&s->sk_refcnt), - 0, -- s->sk_state = TCP_LISTEN ? __SO_ACCEPTCON : 0, +- s->sk_state == TCP_LISTEN ? __SO_ACCEPTCON : 0, - s->sk_type, - s->sk_socket ? -- (s->sk_state = TCP_ESTABLISHED ? SS_CONNECTED : SS_UNCONNECTED) : -- (s->sk_state = TCP_ESTABLISHED ? SS_CONNECTING : SS_DISCONNECTING), +- (s->sk_state == TCP_ESTABLISHED ? SS_CONNECTED : SS_UNCONNECTED) : +- (s->sk_state == TCP_ESTABLISHED ? SS_CONNECTING : SS_DISCONNECTING), - sock_i_ino(s)); + /* Only expose kernel addresses to privileged readers */ + if (capable(CAP_NET_ADMIN)) @@ -22,12 +22,12 @@ index 3c95304..ba7cf7c 100644 + s, + atomic_read(&s->sk_refcnt), + 0, -+ s->sk_state = TCP_LISTEN ? __SO_ACCEPTCON : 0, ++ s->sk_state == TCP_LISTEN ? __SO_ACCEPTCON : 0, + s->sk_type, + s->sk_socket ? -+ (s->sk_state = TCP_ESTABLISHED ? ++ (s->sk_state == TCP_ESTABLISHED ? + SS_CONNECTED : SS_UNCONNECTED) : -+ (s->sk_state = TCP_ESTABLISHED ? ++ (s->sk_state == TCP_ESTABLISHED ? + SS_CONNECTING : SS_DISCONNECTING), + sock_i_ino(s)); + else @@ -35,12 +35,12 @@ index 3c95304..ba7cf7c 100644 + 0, + atomic_read(&s->sk_refcnt), + 0, -+ s->sk_state = TCP_LISTEN ? __SO_ACCEPTCON : 0, ++ s->sk_state == TCP_LISTEN ? __SO_ACCEPTCON : 0, + s->sk_type, + s->sk_socket ? -+ (s->sk_state = TCP_ESTABLISHED ? ++ (s->sk_state == TCP_ESTABLISHED ? + SS_CONNECTED : SS_UNCONNECTED) : -+ (s->sk_state = TCP_ESTABLISHED ? ++ (s->sk_state == TCP_ESTABLISHED ? + SS_CONNECTING : SS_DISCONNECTING), + sock_i_ino(s)); diff --git a/a/content_digest b/N1/content_digest index 99a0375..416518a 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -1,11 +1,11 @@ "From\0Dan Rosenberg <drosenberg@vsecurity.com>\0" "Subject\0[PATCH 10/10] Fix leaking of kernel heap addresses in net/\0" - "Date\0Fri, 12 Nov 2010 01:07:25 +0000\0" + "Date\0Thu, 11 Nov 2010 20:07:25 -0500\0" "To\0David S. Miller <davem@davemloft.net>" Oliver Hartkopp <socketcan@hartkopp.net> Alexey Kuznetsov <kuznet@ms2.inr.ac.ru> Urs Thuermann <urs.thuermann@volkswagen.de> - " Hideaki\0" + " Hideaki YOSHI\0" "\00:1\0" "b\0" "diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c\n" @@ -20,11 +20,11 @@ "-\t\t\ts,\n" "-\t\t\tatomic_read(&s->sk_refcnt),\n" "-\t\t\t0,\n" - "-\t\t\ts->sk_state = TCP_LISTEN ? __SO_ACCEPTCON : 0,\n" + "-\t\t\ts->sk_state == TCP_LISTEN ? __SO_ACCEPTCON : 0,\n" "-\t\t\ts->sk_type,\n" "-\t\t\ts->sk_socket ?\n" - "-\t\t\t(s->sk_state = TCP_ESTABLISHED ? SS_CONNECTED : SS_UNCONNECTED) :\n" - "-\t\t\t(s->sk_state = TCP_ESTABLISHED ? SS_CONNECTING : SS_DISCONNECTING),\n" + "-\t\t\t(s->sk_state == TCP_ESTABLISHED ? SS_CONNECTED : SS_UNCONNECTED) :\n" + "-\t\t\t(s->sk_state == TCP_ESTABLISHED ? SS_CONNECTING : SS_DISCONNECTING),\n" "-\t\t\tsock_i_ino(s));\n" "+\t\t/* Only expose kernel addresses to privileged readers */\n" "+\t\tif (capable(CAP_NET_ADMIN))\n" @@ -32,12 +32,12 @@ "+\t\t\t\ts,\n" "+\t\t\t\tatomic_read(&s->sk_refcnt),\n" "+\t\t\t\t0,\n" - "+\t\t\t\ts->sk_state = TCP_LISTEN ? __SO_ACCEPTCON : 0,\n" + "+\t\t\t\ts->sk_state == TCP_LISTEN ? __SO_ACCEPTCON : 0,\n" "+\t\t\t\ts->sk_type,\n" "+\t\t\t\ts->sk_socket ?\n" - "+\t\t\t\t(s->sk_state = TCP_ESTABLISHED ?\n" + "+\t\t\t\t(s->sk_state == TCP_ESTABLISHED ?\n" "+\t\t\t\tSS_CONNECTED : SS_UNCONNECTED) :\n" - "+\t\t\t\t(s->sk_state = TCP_ESTABLISHED ?\n" + "+\t\t\t\t(s->sk_state == TCP_ESTABLISHED ?\n" "+\t\t\t\tSS_CONNECTING : SS_DISCONNECTING),\n" "+\t\t\t\tsock_i_ino(s));\n" "+\t\telse\n" @@ -45,16 +45,16 @@ "+\t\t\t\t0,\n" "+\t\t\t\tatomic_read(&s->sk_refcnt),\n" "+\t\t\t\t0,\n" - "+\t\t\t\ts->sk_state = TCP_LISTEN ? __SO_ACCEPTCON : 0,\n" + "+\t\t\t\ts->sk_state == TCP_LISTEN ? __SO_ACCEPTCON : 0,\n" "+\t\t\t\ts->sk_type,\n" "+\t\t\t\ts->sk_socket ?\n" - "+\t\t\t\t(s->sk_state = TCP_ESTABLISHED ?\n" + "+\t\t\t\t(s->sk_state == TCP_ESTABLISHED ?\n" "+\t\t\t\tSS_CONNECTED : SS_UNCONNECTED) :\n" - "+\t\t\t\t(s->sk_state = TCP_ESTABLISHED ?\n" + "+\t\t\t\t(s->sk_state == TCP_ESTABLISHED ?\n" "+\t\t\t\tSS_CONNECTING : SS_DISCONNECTING),\n" "+\t\t\t\tsock_i_ino(s));\n" " \n" " \t\tif (u->addr) {\n" " \t\t\tint i, len;" -d86321b7ae387895fd847815dc9ad16283fbe1ec8cd6e6c0d6470463d2bfecea +d32574f69e58aed4523e0d8ff516e511f06ae53414f4ed2483f3e271f5665ac7
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.