Bug #515623 “Do not require CAP_SYS_ADMIN for reading from /proc...” : Bugs : linux package : Ubuntu

Martin Pitt (pitti) on 2010-02-01

Changed in linux (Ubuntu):
assignee:	nobody → Kees Cook (kees)

Revision history for this message

Kees Cook (kees) wrote on 2010-02-02:

#1

0001-syslog-distinguish-between-proc-kmsg-and-syscalls.patch Edit (9.2 KiB, text/plain)

This patch implements the ability to not need CAP_SYS_ADMIN for each read on a /proc/kmsg file descriptor. (Submitted to upstream LKML.)

Changed in linux (Ubuntu):
status:	New → In Progress

Brian Murray (brian-murray) on 2010-02-04

tags:

added: patch

Kees Cook (kees) on 2010-02-05

Changed in linux (Ubuntu):
status:	In Progress → Fix Committed

Revision history for this message

Kees Cook (kees) wrote on 2010-02-05:

#2

http://kernel.ubuntu.com/git?p=ubuntu/ubuntu-lucid.git;a=commitdiff;h=04396becc9d94af761fe41afefad37c02626d62d

Revision history for this message

Launchpad Janitor (janitor) wrote on 2010-02-05:

#3

This bug was fixed in the package linux - 2.6.32-12.17

---------------
linux (2.6.32-12.17) lucid; urgency=low

[ Andy Whitcroft ]

  * restore linux-image prefix -- master
  * enforce -- we require SELINUX enabled -- master
  * enforce -- ensure APPARMOR is our default LSM -- master
  * make doc package completely optional -- master
  * make source package completely optional -- master
  * make linux-libc-dev completly optional -- master
  * convert package disable to a deps list -- master
  * allow common headers to switch from indep to arch -- master
  * convert binary package disable to a deps list -- master
  * add configuration option for a full source build tree -- master
  * add support for uImage kernels in package control scripts
  * getabis -- cleanup and parameterise repository list -- master
  * getabis -- move configuration to etc/getabi -- master
  * kernelconfig -- move configuration to etc -- master
  * rules -- make debian/debian.env master for branch name
  * set the current branch name -- master
  * pull back common debian.master files into debian -- master
  * enforcer -- make the enforcement configuration common
  * insert-changes -- correctly link to debian/rules in DROOT

[ Colin Watson ]

* future-proof ddeb handling against buildd changes

[ Eric Miao ]

* SAUCE: Make CONFIG_{OMNIBOOK, AVERATEC_5100P, PACKARDBELL_E5} depend on
X86

[ Loïc Minier ]

* Add modules.builtin.bin to prerm rm list
- LP: #516584

[ Tim Gardner ]

* [Config] Implement the amd64 preempt flavour

[ Upstream Kernel Changes ]

  * syslog: distinguish between /proc/kmsg and syscalls
    - LP: #515623
  * sfc: Fix polling for slow MCDI operations
  * sfc: Fix conditions for MDIO self-test
  * sfc: QT202x: Remove unreliable MMD check at initialisation
  * sfc: Add workspace for GMAC bug workaround to MCDI MAC_STATS buffer
  * sfc: Use fixed-size buffers for MCDI NVRAM requests
-- Andy Whitcroft <email address hidden> Fri, 05 Feb 2010 07:09:31 +0000

This bug was fixed in the package linux - 2.6.32-12.17

---------------
linux (2.6.32-12.17) lucid; urgency=low

[ Andy Whitcroft ]

* restore linux-image prefix -- master
  * enforce -- we require SELINUX enabled -- master
  * enforce -- ensure APPARMOR is our default LSM -- master
  * make doc package completely optional -- master
  * make source package completely optional -- master
  * make linux-libc-dev completly optional -- master
  * convert package disable to a deps list -- master
  * allow common headers to switch from indep to arch -- master
  * convert binary package disable to a deps list -- master
  * add configuration option for a full source build tree -- master
  * add support for uImage kernels in package control scripts
  * getabis -- cleanup and parameterise repository list -- master
  * getabis -- move configuration to etc/getabi -- master
  * kernelconfig -- move configuration to etc -- master
  * rules -- make debian/debian.env master for branch name
  * set the current branch name -- master
  * pull back common debian.master files into debian -- master
  * enforcer -- make the enforcement configuration common
  * insert-changes -- correctly link to debian/rules in DROOT

[ Colin Watson ]

* future-proof ddeb handling against buildd changes

[ Eric Miao ]

* SAUCE: Make CONFIG_{OMNIBOOK, AVERATEC_5100P, PACKARDBELL_E5} depend on
    X86

[ Loïc Minier ]

* Add modules.builtin.bin to prerm rm list
    - LP: #516584

[ Tim Gardner ]

* [Config] Implement the amd64 preempt flavour

[ Upstream Kernel Changes ]

* syslog: distinguish between /proc/kmsg and syscalls
    - LP: #515623
  * sfc: Fix polling for slow MCDI operations
  * sfc: Fix conditions for MDIO self-test
  * sfc: QT202x: Remove unreliable MMD check at initialisation
  * sfc: Add workspace for GMAC bug workaround to MCDI MAC_STATS buffer
  * sfc: Use fixed-size buffers for MCDI NVRAM requests
 -- Andy Whitcroft <apw@canonical.com>   Fri, 05 Feb 2010 07:09:31 +0000

Changed in linux (Ubuntu):
status:	Fix Committed → Fix Released

Andy Whitcroft (apw) on 2010-02-12

Changed in linux (Ubuntu):
importance:	Undecided → Medium

Andy Whitcroft (apw) on 2010-02-22

Changed in linux-fsl-imx51 (Ubuntu):
status:	New → In Progress
importance:	Undecided → Medium
assignee:	nobody → Andy Whitcroft (apw)

Revision history for this message

Andy Whitcroft (apw) wrote on 2010-02-22:

#4

Need this backported for the v2.6.31 arm branches also.

Changed in linux-fsl-imx51 (Ubuntu):
status:	In Progress → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2010-02-22:

#5

This bug was fixed in the package linux-fsl-imx51 - 2.6.31-605.7

---------------
linux-fsl-imx51 (2.6.31-605.7) lucid; urgency=low

[ Bryan Wu ]

* Add 3 missing files to prerm remove file list
- LP: #345623, #415832

[ Loïc Minier ]

* Add modules.builtin.bin to prerm rm list
- LP: #516584

[ Upstream Kernel Changes ]

  * Ubuntu: SAUCE: IMX51: Revert a BSP kernel ENGR00115370 patch which was
    changed in latest BSP
  * ENGR00119582 V4L2 capture:Fix race condition for accessing kernel
    resource
  * ENGR00119635 MX23 fix wrong state transition of enable lcd controller
  * ENGR00119578 v4l2 output: fix fb setting for display 5
  * ENGR00116787 change pmic event handling method
  * ENGR00119693 Uniform handling NFC INT bit clearance
  * ENGR00119720 IPUv3:Fix wrong UV offset set in CPMEM when idmac crops
  * ENGR00119847 [MX23_BSP] Support polled read/write for debug UART
  * ENGR00119583 MX35: Add regulators' standby control
  * ENGR00119710 MXC V4L2 output:Support YUYV and UYVY input pixel format
  * ENGR00119034 V4L2 overlay:Use DP to do CSC for preview on DPFG
  * ENGR00119899 Add FEC iomux config and PHY reset.
  * ENGR00119975 IPUv3:Inform user when IDMAC UV-offset overflows
  * ENGR00120126 mx51: add mem resources in platform device for gpu2d and
    gpu3d.
  * ENGR00120054 MX51: Increase VPU IRAM size to support decoder
  * ENGR00116049-1 [imx23] Addition of FIQ system for chip errata/bo's
  * ENGR00116049-2 [imx23] Addition of FIQ system for chip errata/bo's
  * ENGR00119976 v4l2 output: use mannual buffer select for display channel
  * ENGR00120370 v4l2 output: fix display fail for blank fb during video
    play
  * Ubuntu: SAUCE: IMX51: export symbol of ipu_clear_buffer_ready function
  * syslog: distinguish between /proc/kmsg and syscalls
    - LP: #515623
-- Andy Whitcroft <email address hidden> Mon, 22 Feb 2010 15:52:35 +0000

Changed in linux-fsl-imx51 (Ubuntu):
status:	Fix Committed → Fix Released

Ubuntu
linux package

Do not require CAP_SYS_ADMIN for reading from /proc/kmsg

Bug Description

Related branches

Other bug subscribers

Related blueprints

Patches

Remote bug watches

Affects		Status	Importance	Assigned to	Milestone
	linux (Ubuntu)	Fix Released	Medium	Kees Cook
	linux-fsl-imx51 (Ubuntu)	Fix Released	Medium	Andy Whitcroft

Ubuntulinux package

Do not require CAP_SYS_ADMIN for reading from /proc/kmsg

Bug Description

Related branches

Other bug subscribers

Related blueprints

Patches

Remote bug watches

Ubuntu
linux package