From 5c45c98cc81f4a5c156c57ea279ba30223e43a77 Mon Sep 17 00:00:00 2001
From: Robert Buchholz <rbu@gentoo.org>
Date: Sat, 8 Sep 2007 18:40:57 +0000
Subject: Patch rename

svn path=/patches/; revision=42
---
 trunk/2.6.18/00000_README                       |  10 +-
 trunk/2.6.18/30026_cifs-fix-sign-settings.patch | 179 ++++++++++++++++++++++++
 trunk/2.6.18/30029_cifs-fix-sign-settings.patch | 179 ------------------------
 3 files changed, 184 insertions(+), 184 deletions(-)
 create mode 100644 trunk/2.6.18/30026_cifs-fix-sign-settings.patch
 delete mode 100644 trunk/2.6.18/30029_cifs-fix-sign-settings.patch

diff --git a/trunk/2.6.18/00000_README b/trunk/2.6.18/00000_README
index 905c7e4..9480e73 100644
--- a/trunk/2.6.18/00000_README
+++ b/trunk/2.6.18/00000_README
@@ -141,6 +141,11 @@ Patches
     and check for out of bounds condition in index provided by userspace
     See CVE-2007-2172
 
+30026_cifs-fix-sign-settings.patch
+    [SECURITY] Fix overriding the server to force signing on caused by
+    checking the wrong gloal variable.
+    See CVE-2007-3843
+
 30027_cpuset_tasks-underflow.patch
     [SECURITY] Fix integer underflow in /dev/cpuset/tasks which could allow
     local attackers to read sensitive kernel memory if the cpuset filesystem
@@ -152,11 +157,6 @@ Patches
     generator
     See CVE-2007-3105
 
-30029_cifs-fix-sign-settings.patch
-    [SECURITY] Fix overriding the server to force signing on caused by
-    checking the wrong gloal variable.
-    See CVE-2007-3843
-
 30030_aacraid-ioctl-perm-check.patch
     [SECURITY] Require admin capabilities to issue ioctls to aacraid devices
     See CVE-2007-4308
diff --git a/trunk/2.6.18/30026_cifs-fix-sign-settings.patch b/trunk/2.6.18/30026_cifs-fix-sign-settings.patch
new file mode 100644
index 0000000..11f8021
--- /dev/null
+++ b/trunk/2.6.18/30026_cifs-fix-sign-settings.patch
@@ -0,0 +1,179 @@
+From: Steve French <sfrench@us.ibm.com>
+Date: Thu, 28 Jun 2007 18:41:42 +0000 (+0000)
+Subject: [CIFS] Fix sign mount option and sign proc config setting
+X-Git-Tag: v2.6.23-rc1~478^2~20
+X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=762e5ab77c803c819e45d054518a98efb70b0f60
+
+[CIFS] Fix sign mount option and sign proc config setting
+
+We were checking the wrong (old) global variable to determine
+whether to override server and force signing on the SMB
+connection.
+
+Acked-by: Dave Kleikamp <shaggy@austin.ibm.com>
+Signed-off-by: Steve French <sfrench@us.ibm.com>
+---
+
+Backported to Debian's 2.6.18 by dann frazier <dannf@debian.org>
+
+diff -urpN linux-source-2.6.18.orig/fs/cifs/cifs_debug.c linux-source-2.6.18/fs/cifs/cifs_debug.c
+--- linux-source-2.6.18.orig/fs/cifs/cifs_debug.c	2006-09-19 21:42:06.000000000 -0600
++++ linux-source-2.6.18/fs/cifs/cifs_debug.c	2007-08-27 23:12:40.666200121 -0600
+@@ -895,90 +895,14 @@ security_flags_write(struct file *file, 
+ 	}
+ 	/* flags look ok - update the global security flags for cifs module */
+ 	extended_security = flags;
++	if (extended_security & CIFSSEC_MUST_SIGN) {
++		/* requiring signing implies signing is allowed */
++		extended_security |= CIFSSEC_MAY_SIGN;
++		cFYI(1, ("packet signing now required"));
++	} else if ((extended_security & CIFSSEC_MAY_SIGN) == 0) {
++		cFYI(1, ("packet signing disabled"));
++	}
++	/* BB should we turn on MAY flags for other MUST options? */
+ 	return count;
+ }
+-
+-/* static int
+-ntlmv2_enabled_read(char *page, char **start, off_t off,
+-		       int count, int *eof, void *data)
+-{
+-	int len;
+-
+-	len = sprintf(page, "%d\n", ntlmv2_support);
+-
+-	len -= off;
+-	*start = page + off;
+-
+-	if (len > count)
+-		len = count;
+-	else
+-		*eof = 1;
+-
+-	if (len < 0)
+-		len = 0;
+-
+-	return len;
+-}
+-static int
+-ntlmv2_enabled_write(struct file *file, const char __user *buffer,
+-			unsigned long count, void *data)
+-{
+-	char c;
+-	int rc;
+-
+-	rc = get_user(c, buffer);
+-	if (rc)
+-		return rc;
+-	if (c == '0' || c == 'n' || c == 'N')
+-		ntlmv2_support = 0;
+-	else if (c == '1' || c == 'y' || c == 'Y')
+-		ntlmv2_support = 1;
+-	else if (c == '2')
+-		ntlmv2_support = 2;
+-
+-	return count;
+-}
+-
+-static int
+-packet_signing_enabled_read(char *page, char **start, off_t off,
+-		       int count, int *eof, void *data)
+-{
+-	int len;
+-
+-	len = sprintf(page, "%d\n", sign_CIFS_PDUs);
+-
+-	len -= off;
+-	*start = page + off;
+-
+-	if (len > count)
+-		len = count;
+-	else
+-		*eof = 1;
+-
+-	if (len < 0)
+-		len = 0;
+-
+-	return len;
+-}
+-static int
+-packet_signing_enabled_write(struct file *file, const char __user *buffer,
+-			unsigned long count, void *data)
+-{
+-	char c;
+-	int rc;
+-
+-	rc = get_user(c, buffer);
+-	if (rc)
+-		return rc;
+-	if (c == '0' || c == 'n' || c == 'N')
+-		sign_CIFS_PDUs = 0;
+-	else if (c == '1' || c == 'y' || c == 'Y')
+-		sign_CIFS_PDUs = 1;
+-	else if (c == '2')
+-		sign_CIFS_PDUs = 2;
+-
+-	return count;
+-} */
+-
+-
+ #endif
+diff -urpN linux-source-2.6.18.orig/fs/cifs/cifssmb.c linux-source-2.6.18/fs/cifs/cifssmb.c
+--- linux-source-2.6.18.orig/fs/cifs/cifssmb.c	2006-09-19 21:42:06.000000000 -0600
++++ linux-source-2.6.18/fs/cifs/cifssmb.c	2007-08-27 23:12:40.678200384 -0600
+@@ -411,11 +411,11 @@ CIFSSMBNegotiate(unsigned int xid, struc
+ 
+ 	/* if any of auth flags (ie not sign or seal) are overriden use them */
+ 	if(ses->overrideSecFlg & (~(CIFSSEC_MUST_SIGN | CIFSSEC_MUST_SEAL)))
+-		secFlags = ses->overrideSecFlg;
++		secFlags = ses->overrideSecFlg;  /* BB FIXME fix sign flags? */
+ 	else /* if override flags set only sign/seal OR them with global auth */
+ 		secFlags = extended_security | ses->overrideSecFlg;
+ 
+-	cFYI(1,("secFlags 0x%x",secFlags));
++	cFYI(1, ("secFlags 0x%x", secFlags));
+ 
+ 	pSMB->hdr.Mid = GetNextMid(server);
+ 	pSMB->hdr.Flags2 |= SMBFLG2_UNICODE;
+@@ -582,22 +582,32 @@ CIFSSMBNegotiate(unsigned int xid, struc
+ #ifdef CONFIG_CIFS_WEAK_PW_HASH
+ signing_check:
+ #endif
+-	if(sign_CIFS_PDUs == FALSE) {        
++	if ((secFlags & CIFSSEC_MAY_SIGN) == 0) {
++		/* MUST_SIGN already includes the MAY_SIGN FLAG
++		   so if this is zero it means that signing is disabled */
++		cFYI(1, ("Signing disabled"));
+ 		if(server->secMode & SECMODE_SIGN_REQUIRED)
+-			cERROR(1,("Server requires "
+-				 "/proc/fs/cifs/PacketSigningEnabled to be on"));
++			cERROR(1, ("Server requires "
++				   "/proc/fs/cifs/PacketSigningEnabled "
++				   "to be on"));
+ 		server->secMode &= 
+ 			~(SECMODE_SIGN_ENABLED | SECMODE_SIGN_REQUIRED);
+-	} else if(sign_CIFS_PDUs == 1) {
++	} else if ((secFlags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) {
++		/* signing required */
++		cFYI(1, ("Must sign - segFlags 0x%x", secFlags));
++		if ((server->secMode &
++			(SECMODE_SIGN_ENABLED | SECMODE_SIGN_REQUIRED)) == 0) {
++			cERROR(1,
++				("signing required but server lacks support"));
++		} else
++			server->secMode |= SECMODE_SIGN_REQUIRED;
++	} else {
++		/* signing optional ie CIFSSEC_MAY_SIGN */
+ 		if((server->secMode & SECMODE_SIGN_REQUIRED) == 0)
+ 			server->secMode &= 
+ 				~(SECMODE_SIGN_ENABLED | SECMODE_SIGN_REQUIRED);
+-	} else if(sign_CIFS_PDUs == 2) {
+-		if((server->secMode & 
+-			(SECMODE_SIGN_ENABLED | SECMODE_SIGN_REQUIRED)) == 0) {
+-			cERROR(1,("signing required but server lacks support"));
+-		}
+ 	}
++	
+ neg_err_exit:	
+ 	cifs_buf_release(pSMB);
+ 
diff --git a/trunk/2.6.18/30029_cifs-fix-sign-settings.patch b/trunk/2.6.18/30029_cifs-fix-sign-settings.patch
deleted file mode 100644
index 11f8021..0000000
--- a/trunk/2.6.18/30029_cifs-fix-sign-settings.patch
+++ /dev/null
@@ -1,179 +0,0 @@
-From: Steve French <sfrench@us.ibm.com>
-Date: Thu, 28 Jun 2007 18:41:42 +0000 (+0000)
-Subject: [CIFS] Fix sign mount option and sign proc config setting
-X-Git-Tag: v2.6.23-rc1~478^2~20
-X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=762e5ab77c803c819e45d054518a98efb70b0f60
-
-[CIFS] Fix sign mount option and sign proc config setting
-
-We were checking the wrong (old) global variable to determine
-whether to override server and force signing on the SMB
-connection.
-
-Acked-by: Dave Kleikamp <shaggy@austin.ibm.com>
-Signed-off-by: Steve French <sfrench@us.ibm.com>
----
-
-Backported to Debian's 2.6.18 by dann frazier <dannf@debian.org>
-
-diff -urpN linux-source-2.6.18.orig/fs/cifs/cifs_debug.c linux-source-2.6.18/fs/cifs/cifs_debug.c
---- linux-source-2.6.18.orig/fs/cifs/cifs_debug.c	2006-09-19 21:42:06.000000000 -0600
-+++ linux-source-2.6.18/fs/cifs/cifs_debug.c	2007-08-27 23:12:40.666200121 -0600
-@@ -895,90 +895,14 @@ security_flags_write(struct file *file, 
- 	}
- 	/* flags look ok - update the global security flags for cifs module */
- 	extended_security = flags;
-+	if (extended_security & CIFSSEC_MUST_SIGN) {
-+		/* requiring signing implies signing is allowed */
-+		extended_security |= CIFSSEC_MAY_SIGN;
-+		cFYI(1, ("packet signing now required"));
-+	} else if ((extended_security & CIFSSEC_MAY_SIGN) == 0) {
-+		cFYI(1, ("packet signing disabled"));
-+	}
-+	/* BB should we turn on MAY flags for other MUST options? */
- 	return count;
- }
--
--/* static int
--ntlmv2_enabled_read(char *page, char **start, off_t off,
--		       int count, int *eof, void *data)
--{
--	int len;
--
--	len = sprintf(page, "%d\n", ntlmv2_support);
--
--	len -= off;
--	*start = page + off;
--
--	if (len > count)
--		len = count;
--	else
--		*eof = 1;
--
--	if (len < 0)
--		len = 0;
--
--	return len;
--}
--static int
--ntlmv2_enabled_write(struct file *file, const char __user *buffer,
--			unsigned long count, void *data)
--{
--	char c;
--	int rc;
--
--	rc = get_user(c, buffer);
--	if (rc)
--		return rc;
--	if (c == '0' || c == 'n' || c == 'N')
--		ntlmv2_support = 0;
--	else if (c == '1' || c == 'y' || c == 'Y')
--		ntlmv2_support = 1;
--	else if (c == '2')
--		ntlmv2_support = 2;
--
--	return count;
--}
--
--static int
--packet_signing_enabled_read(char *page, char **start, off_t off,
--		       int count, int *eof, void *data)
--{
--	int len;
--
--	len = sprintf(page, "%d\n", sign_CIFS_PDUs);
--
--	len -= off;
--	*start = page + off;
--
--	if (len > count)
--		len = count;
--	else
--		*eof = 1;
--
--	if (len < 0)
--		len = 0;
--
--	return len;
--}
--static int
--packet_signing_enabled_write(struct file *file, const char __user *buffer,
--			unsigned long count, void *data)
--{
--	char c;
--	int rc;
--
--	rc = get_user(c, buffer);
--	if (rc)
--		return rc;
--	if (c == '0' || c == 'n' || c == 'N')
--		sign_CIFS_PDUs = 0;
--	else if (c == '1' || c == 'y' || c == 'Y')
--		sign_CIFS_PDUs = 1;
--	else if (c == '2')
--		sign_CIFS_PDUs = 2;
--
--	return count;
--} */
--
--
- #endif
-diff -urpN linux-source-2.6.18.orig/fs/cifs/cifssmb.c linux-source-2.6.18/fs/cifs/cifssmb.c
---- linux-source-2.6.18.orig/fs/cifs/cifssmb.c	2006-09-19 21:42:06.000000000 -0600
-+++ linux-source-2.6.18/fs/cifs/cifssmb.c	2007-08-27 23:12:40.678200384 -0600
-@@ -411,11 +411,11 @@ CIFSSMBNegotiate(unsigned int xid, struc
- 
- 	/* if any of auth flags (ie not sign or seal) are overriden use them */
- 	if(ses->overrideSecFlg & (~(CIFSSEC_MUST_SIGN | CIFSSEC_MUST_SEAL)))
--		secFlags = ses->overrideSecFlg;
-+		secFlags = ses->overrideSecFlg;  /* BB FIXME fix sign flags? */
- 	else /* if override flags set only sign/seal OR them with global auth */
- 		secFlags = extended_security | ses->overrideSecFlg;
- 
--	cFYI(1,("secFlags 0x%x",secFlags));
-+	cFYI(1, ("secFlags 0x%x", secFlags));
- 
- 	pSMB->hdr.Mid = GetNextMid(server);
- 	pSMB->hdr.Flags2 |= SMBFLG2_UNICODE;
-@@ -582,22 +582,32 @@ CIFSSMBNegotiate(unsigned int xid, struc
- #ifdef CONFIG_CIFS_WEAK_PW_HASH
- signing_check:
- #endif
--	if(sign_CIFS_PDUs == FALSE) {        
-+	if ((secFlags & CIFSSEC_MAY_SIGN) == 0) {
-+		/* MUST_SIGN already includes the MAY_SIGN FLAG
-+		   so if this is zero it means that signing is disabled */
-+		cFYI(1, ("Signing disabled"));
- 		if(server->secMode & SECMODE_SIGN_REQUIRED)
--			cERROR(1,("Server requires "
--				 "/proc/fs/cifs/PacketSigningEnabled to be on"));
-+			cERROR(1, ("Server requires "
-+				   "/proc/fs/cifs/PacketSigningEnabled "
-+				   "to be on"));
- 		server->secMode &= 
- 			~(SECMODE_SIGN_ENABLED | SECMODE_SIGN_REQUIRED);
--	} else if(sign_CIFS_PDUs == 1) {
-+	} else if ((secFlags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) {
-+		/* signing required */
-+		cFYI(1, ("Must sign - segFlags 0x%x", secFlags));
-+		if ((server->secMode &
-+			(SECMODE_SIGN_ENABLED | SECMODE_SIGN_REQUIRED)) == 0) {
-+			cERROR(1,
-+				("signing required but server lacks support"));
-+		} else
-+			server->secMode |= SECMODE_SIGN_REQUIRED;
-+	} else {
-+		/* signing optional ie CIFSSEC_MAY_SIGN */
- 		if((server->secMode & SECMODE_SIGN_REQUIRED) == 0)
- 			server->secMode &= 
- 				~(SECMODE_SIGN_ENABLED | SECMODE_SIGN_REQUIRED);
--	} else if(sign_CIFS_PDUs == 2) {
--		if((server->secMode & 
--			(SECMODE_SIGN_ENABLED | SECMODE_SIGN_REQUIRED)) == 0) {
--			cERROR(1,("signing required but server lacks support"));
--		}
- 	}
-+	
- neg_err_exit:	
- 	cifs_buf_release(pSMB);
- 
-- 
cgit v1.2.3-65-gdbad