Bug 630564

Summary: kernel: additional stack guard patches [rhel-4.9]
Product: Red Hat Enterprise Linux 4 Reporter: Eugene Teo (Security Response) <eteo>
Component: kernelAssignee: Johannes Weiner <jweiner>
Status: CLOSED ERRATA QA Contact: Petr Beňas <pbenas>
Severity: high Docs Contact:
Priority: high    
Version: 4.9CC: dhoward, eteo, jmarchan, jolsa, lwang, lwoodman, pbenas, plyons, pstehlik, qcai, vgoyal
Target Milestone: rcKeywords: ZStream
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 630562 Environment:
Last Closed: 2011-02-16 15:52:58 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 630562    
Bug Blocks: 630563, 632514, 632515    
Attachments:
Description Flags
Backport of upstream patch
none
modified reproducer none

Description Eugene Teo (Security Response) 2010-09-06 08:32:27 UTC 
+++ This bug was initially created as a clone of Bug #630562 +++

Description of problem:
Please backport:
  mm: make the mlock() stack guard page checks stricter
  7798330ac8114c731cfab83e634c6ecedaa233d7

  guard page for stacks that grow upwards
  8ca3eb08097f6839b2206e2242db4179aee3cfb3
Comment 2 Eugene Teo (Security Response) 2010-09-06 08:37:17 UTC 
>   guard page for stacks that grow upwards
>   8ca3eb08097f6839b2206e2242db4179aee3cfb3

  testcase: http://lkml.org/lkml/2010/8/24/326
  https://patchwork.kernel.org/patch/127431/
Comment 4 Jerome Marchand 2010-09-06 16:06:45 UTC 
Created attachment 443322 [details]
Backport of upstream patch
Comment 5 Jerome Marchand 2010-09-06 18:49:25 UTC 
Created attachment 443353 [details]
modified reproducer

I changed the mapping address to resolve EINVAL error of mmap
Comment 11 Vivek Goyal 2010-09-16 17:53:12 UTC 
Committed in 89.35.EL . RPMS are available at http://people.redhat.com/vgoyal/rhel4/
Comment 15 Petr Beňas 2010-11-30 16:42:49 UTC 
Probably wrong fixed-in-version. Reproduced in 89.EL, 89.30.EL and verified in 89.35.EL but also unexpectedly in 89.34.EL.
Comment 21 errata-xmlrpc 2011-02-16 15:52:58 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2011-0263.html