- Linux 2.6.32.18
- Backport nouveau noaccel fix for nva3+ cards from f13. - ext4-fix-freeze-deadlock-under-io.patch: Fix deadlock caused by patch in 2.6.32.17 (0036-ext4-don-t-return-to-userspace-after-freezing-the-fs.patch)
This commit is contained in:
parent
c2055fabb7
commit
be1655172b
|
@ -1,47 +0,0 @@
|
|||
From: Chuck Ebbert <cebbert@redhat.com>
|
||||
|
||||
CIFS: Fix DNS resolver build
|
||||
|
||||
In file included from fs/cifs/dns_resolve.c:29:
|
||||
fs/cifs/dns_resolve.h:27: error: expected '=', ',', ';', 'asm' or '__attribute__' before 'cifs_init_dns_resolver'
|
||||
|
||||
Just remove the __init and __exit attributes from the init and exit
|
||||
functions. __exit was removed upstream in 51c20fcced5badee0e2021c6c89f44aa3cbd72aa
|
||||
anyway, and there's no point trying to save every byte by fixing
|
||||
this properly.
|
||||
|
||||
Signed-Off-By: Chuck Ebbert <cebbert@redhat.com>
|
||||
|
||||
--- a/fs/cifs/dns_resolve.c
|
||||
+++ b/fs/cifs/dns_resolve.c
|
||||
@@ -176,7 +176,7 @@ out:
|
||||
return rc;
|
||||
}
|
||||
|
||||
-int __init cifs_init_dns_resolver(void)
|
||||
+int cifs_init_dns_resolver(void)
|
||||
{
|
||||
struct cred *cred;
|
||||
struct key *keyring;
|
||||
@@ -226,7 +226,7 @@ failed_put_cred:
|
||||
return ret;
|
||||
}
|
||||
|
||||
-void __exit cifs_exit_dns_resolver(void)
|
||||
+void cifs_exit_dns_resolver(void)
|
||||
{
|
||||
key_revoke(dns_resolver_cache->thread_keyring);
|
||||
unregister_key_type(&key_type_dns_resolver);
|
||||
--- a/fs/cifs/dns_resolve.h
|
||||
+++ b/fs/cifs/dns_resolve.h
|
||||
@@ -24,8 +24,8 @@
|
||||
#define _DNS_RESOLVE_H
|
||||
|
||||
#ifdef __KERNEL__
|
||||
-extern int __init cifs_init_dns_resolver(void);
|
||||
-extern void __exit cifs_exit_dns_resolver(void);
|
||||
+extern int cifs_init_dns_resolver(void);
|
||||
+extern void cifs_exit_dns_resolver(void);
|
||||
extern int dns_resolve_server_name_to_ip(const char *unc, char **ip_addr);
|
||||
#endif /* KERNEL */
|
||||
|
|
@ -0,0 +1,49 @@
|
|||
From: Eric Sandeen <sandeen@sandeen.net>
|
||||
Date: Sun, 1 Aug 2010 21:33:29 +0000 (-0400)
|
||||
Subject: ext4: fix freeze deadlock under IO
|
||||
X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=437f88cc031ffe7f37f3e705367f4fe1f4be8b0f
|
||||
|
||||
ext4: fix freeze deadlock under IO
|
||||
|
||||
Commit 6b0310fbf087ad6 caused a regression resulting in deadlocks
|
||||
when freezing a filesystem which had active IO; the vfs_check_frozen
|
||||
level (SB_FREEZE_WRITE) did not let the freeze-related IO syncing
|
||||
through. Duh.
|
||||
|
||||
Changing the test to FREEZE_TRANS should let the normal freeze
|
||||
syncing get through the fs, but still block any transactions from
|
||||
starting once the fs is completely frozen.
|
||||
|
||||
I tested this by running fsstress in the background while periodically
|
||||
snapshotting the fs and running fsck on the result. I ran into
|
||||
occasional deadlocks, but different ones. I think this is a
|
||||
fine fix for the problem at hand, and the other deadlocky things
|
||||
will need more investigation.
|
||||
|
||||
Reported-by: Phillip Susi <psusi@cfl.rr.com>
|
||||
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
|
||||
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
|
||||
---
|
||||
|
||||
diff --git a/fs/ext4/super.c b/fs/ext4/super.c
|
||||
index e046eba..282a270 100644
|
||||
--- a/fs/ext4/super.c
|
||||
+++ b/fs/ext4/super.c
|
||||
@@ -241,7 +241,7 @@ handle_t *ext4_journal_start_sb(struct super_block *sb, int nblocks)
|
||||
if (sb->s_flags & MS_RDONLY)
|
||||
return ERR_PTR(-EROFS);
|
||||
|
||||
- vfs_check_frozen(sb, SB_FREEZE_WRITE);
|
||||
+ vfs_check_frozen(sb, SB_FREEZE_TRANS);
|
||||
/* Special case here: if the journal has aborted behind our
|
||||
* backs (eg. EIO in the commit thread), then we still need to
|
||||
* take the FS itself readonly cleanly. */
|
||||
@@ -3608,7 +3608,7 @@ int ext4_force_commit(struct super_block *sb)
|
||||
|
||||
journal = EXT4_SB(sb)->s_journal;
|
||||
if (journal) {
|
||||
- vfs_check_frozen(sb, SB_FREEZE_WRITE);
|
||||
+ vfs_check_frozen(sb, SB_FREEZE_TRANS);
|
||||
ret = ext4_journal_force_commit(journal);
|
||||
}
|
||||
|
18
kernel.spec
18
kernel.spec
|
@ -61,7 +61,7 @@ Summary: The Linux kernel
|
|||
# Do we have a -stable update to apply?
|
||||
%define stable_update 18
|
||||
# Is it a -stable RC?
|
||||
%define stable_rc 1
|
||||
%define stable_rc 0
|
||||
# Set rpm version accordingly
|
||||
%if 0%{?stable_update}
|
||||
%define stablerev .%{stable_update}
|
||||
|
@ -840,8 +840,7 @@ Patch14040: crypto-testmgr-add-null-test-for-aesni.patch
|
|||
Patch14050: crypto-add-async-hash-testing.patch
|
||||
|
||||
Patch14110: ext4-make-sure-the-move_ext-ioctl-can-t-overwrite-append-only-files.patch
|
||||
Patch14115: xfs-prevent-swapext-from-operating-on-write-only-files.patch
|
||||
Patch14120: cifs-fix-dns-resolver.patch
|
||||
Patch14120: ext4-fix-freeze-deadlock-under-io.patch
|
||||
|
||||
# Red Hat Bugzilla #610911
|
||||
Patch14130: kvm-mmu-fix-conflict-access-permissions-in-direct-sp.patch
|
||||
|
@ -1561,11 +1560,8 @@ ApplyPatch crypto-add-async-hash-testing.patch
|
|||
|
||||
# CVE-2010-2066
|
||||
ApplyPatch ext4-make-sure-the-move_ext-ioctl-can-t-overwrite-append-only-files.patch
|
||||
# CVE-2010-2266
|
||||
#ApplyPatch xfs-prevent-swapext-from-operating-on-write-only-files.patch
|
||||
|
||||
# fix DNS resolver build, broken in 2.6.32.17
|
||||
#ApplyPatch cifs-fix-dns-resolver.patch
|
||||
# Fix deadlock caused by patch in 2.6.32.17
|
||||
ApplyPatch ext4-fix-freeze-deadlock-under-io.patch
|
||||
|
||||
ApplyPatch kvm-mmu-fix-conflict-access-permissions-in-direct-sp.patch
|
||||
|
||||
|
@ -2223,8 +2219,12 @@ fi
|
|||
%kernel_variant_files -k vmlinux %{with_kdump} kdump
|
||||
|
||||
%changelog
|
||||
* Tue Aug 10 2010 Chuck Ebbert <cebbert@redhat.com> 159
|
||||
* Tue Aug 10 2010 Chuck Ebbert <cebbert@redhat.com> 2.6.32.18-159
|
||||
- Linux 2.6.32.18
|
||||
- Backport nouveau noaccel fix for nva3+ cards from f13.
|
||||
- ext4-fix-freeze-deadlock-under-io.patch:
|
||||
Fix deadlock caused by patch in 2.6.32.17
|
||||
(0036-ext4-don-t-return-to-userspace-after-freezing-the-fs.patch)
|
||||
|
||||
* Tue Aug 10 2010 Chuck Ebbert <cebbert@redhat.com> 2.6.32.18-158.rc1
|
||||
- Bring back drm-upgrayed-fixes.patch, dropped in the
|
||||
|
|
3
sources
3
sources
|
@ -1,3 +1,2 @@
|
|||
260551284ac224c3a43c4adac7df4879 linux-2.6.32.tar.bz2
|
||||
ca9a0f5c28803e9231dc9ee5b0faa863 patch-2.6.32.17.bz2
|
||||
b77ed133c11b20925bfb231383381840 patch-2.6.32.18-rc1.bz2
|
||||
dc2f0fab4d67f96e593708ba9158052b patch-2.6.32.18.bz2
|
||||
|
|
|
@ -1,42 +0,0 @@
|
|||
From: Dan Rosenberg <dan.j.rosenberg@gmail.com>
|
||||
Date: Thu, 24 Jun 2010 02:07:47 +0000 (+1000)
|
||||
Subject: xfs: prevent swapext from operating on write-only files
|
||||
X-Git-Tag: v2.6.35-rc4~4^2~4
|
||||
X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=1817176a86352f65210139d4c794ad2d19fc6b63
|
||||
|
||||
xfs: prevent swapext from operating on write-only files
|
||||
[ cve-2010-2266 ]
|
||||
[ cebbert@redhat.com : backport to 2.6.32 ]
|
||||
|
||||
This patch prevents user "foo" from using the SWAPEXT ioctl to swap
|
||||
a write-only file owned by user "bar" into a file owned by "foo" and
|
||||
subsequently reading it. It does so by checking that the file
|
||||
descriptors passed to the ioctl are also opened for reading.
|
||||
|
||||
Signed-off-by: Dan Rosenberg <dan.j.rosenberg@gmail.com>
|
||||
Reviewed-by: Christoph Hellwig <hch@lst.de>
|
||||
---
|
||||
|
||||
diff --git a/fs/xfs/xfs_dfrag.c b/fs/xfs/xfs_dfrag.c
|
||||
index 5bba29a..7f159d2 100644
|
||||
--- a/fs/xfs/xfs_dfrag.c
|
||||
+++ b/fs/xfs/xfs_dfrag.c
|
||||
@@ -69,7 +69,9 @@ xfs_swapext(
|
||||
goto out;
|
||||
}
|
||||
|
||||
- if (!(file->f_mode & FMODE_WRITE) || (file->f_flags & O_APPEND)) {
|
||||
+ if (!(file->f_mode & FMODE_WRITE) ||
|
||||
+ !(file->f_mode & FMODE_READ) ||
|
||||
+ (file->f_flags & O_APPEND)) {
|
||||
error = XFS_ERROR(EBADF);
|
||||
goto out_put_file;
|
||||
}
|
||||
@@ -81,6 +83,7 @@ xfs_swapext(
|
||||
}
|
||||
|
||||
if (!(target_file->f_mode & FMODE_WRITE) ||
|
||||
+ !(target_file->f_mode & FMODE_READ) ||
|
||||
(target_file->f_flags & O_APPEND)) {
|
||||
error = XFS_ERROR(EBADF);
|
||||
goto out_put_target_file;
|
Loading…
Reference in New Issue