Fix dentry hash collisions that prevented boot with selinux enabled (rhbz 805371)

fix-dentry-hash.patch

@@ -0,0 +1,113 @@
+From davej  Thu Mar 22 16:38:38 2012
+Return-Path: linux-kernel-owner@vger.kernel.org
+X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on
+	gelk.kernelslacker.org
+X-Spam-Level: 
+X-Spam-Status: No, score=-1.2 required=5.0 tests=KB_DATE_CONTAINS_TAB,
+	RCVD_IN_DNSWL_HI,T_RP_MATCHES_RCVD,UNPARSEABLE_RELAY autolearn=unavailable
+	version=3.3.2
+Received: from mail.corp.redhat.com [10.5.5.51]
+	by gelk.kernelslacker.org with IMAP (fetchmail-6.3.21)
+	for <davej@localhost> (single-drop); Thu, 22 Mar 2012 16:38:38 -0400 (EDT)
+Received: from zmta02.collab.prod.int.phx2.redhat.com (LHLO
+ zmta02.collab.prod.int.phx2.redhat.com) (10.5.5.32) by
+ zmail11.collab.prod.int.phx2.redhat.com with LMTP; Thu, 22 Mar 2012
+ 16:37:12 -0400 (EDT)
+Received: from localhost (localhost.localdomain [127.0.0.1])
+	by zmta02.collab.prod.int.phx2.redhat.com (Postfix) with ESMTP id BE4B31280F5;
+	Thu, 22 Mar 2012 16:37:12 -0400 (EDT)
+X-Quarantine-ID: <rVyHUDnYJs0w>
+Received: from zmta02.collab.prod.int.phx2.redhat.com ([127.0.0.1])
+	by localhost (zmta02.collab.prod.int.phx2.redhat.com [127.0.0.1]) (amavisd-new, port 10024)
+	with ESMTP id rVyHUDnYJs0w; Thu, 22 Mar 2012 16:37:12 -0400 (EDT)
+Received: from int-mx11.intmail.prod.int.phx2.redhat.com (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.24])
+	by zmta02.collab.prod.int.phx2.redhat.com (Postfix) with ESMTP id 34CCC1280EF;
+	Thu, 22 Mar 2012 16:37:12 -0400 (EDT)
+Received: from mx1.redhat.com (ext-mx14.extmail.prod.ext.phx2.redhat.com [10.5.110.19])
+	by int-mx11.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id q2MKbBbO012811;
+	Thu, 22 Mar 2012 16:37:11 -0400
+Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
+	by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id q2MIJPCS018091;
+	Thu, 22 Mar 2012 16:37:10 -0400
+Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
+	id S1759738Ab2CVUhD (ORCPT <rfc822;agordeev@redhat.com> + 54 others);
+	Thu, 22 Mar 2012 16:37:03 -0400
+Received: from zeniv.linux.org.uk ([195.92.253.2]:35901 "EHLO
+	ZenIV.linux.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
+	with ESMTP id S1758619Ab2CVUg7 (ORCPT
+	<rfc822;linux-kernel@vger.kernel.org>);
+	Thu, 22 Mar 2012 16:36:59 -0400
+Received: from viro by ZenIV.linux.org.uk with local (Exim 4.76 #1 (Red Hat Linux))
+	id 1SAokk-0008Fi-MR; Thu, 22 Mar 2012 20:36:58 +0000
+Date:	Thu, 22 Mar 2012 20:36:58 +0000
+From: Al Viro <viro@ZenIV.linux.org.uk>
+To: Linus Torvalds <torvalds@linux-foundation.org>
+Cc: linux-kernel@vger.kernel.org, xen-devel@lists.xensource.com,
+        Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
+Subject: Re: Regression introduced by
+ bfcfaa77bdf0f775263e906015982a608df01c76 (vfs: use 'unsigned long' accesses
+ for dcache name comparison and hashing)
+Message-ID: <20120322203658.GC6589@ZenIV.linux.org.uk>
+References: <20120322183845.GA17264@phenom.dumpdata.com>
+ <20120322200918.GZ6589@ZenIV.linux.org.uk>
+ <20120322202445.GB6589@ZenIV.linux.org.uk>
+MIME-Version: 1.0
+Content-Type: text/plain; charset=us-ascii
+Content-Disposition: inline
+In-Reply-To: <20120322202445.GB6589@ZenIV.linux.org.uk>
+User-Agent: Mutt/1.5.21 (2010-09-15)
+Sender: linux-kernel-owner@vger.kernel.org
+Precedence: bulk
+List-ID: <linux-kernel.vger.kernel.org>
+X-Mailing-List:	linux-kernel@vger.kernel.org
+X-RedHat-Spam-Score: -5.01  (RCVD_IN_DNSWL_HI,T_RP_MATCHES_RCVD)
+X-Scanned-By: MIMEDefang 2.68 on 10.5.11.24
+X-Scanned-By: MIMEDefang 2.68 on 10.5.110.19
+Status: RO
+Content-Length: 1440
+Lines: 43
+
+On Thu, Mar 22, 2012 at 08:24:45PM +0000, Al Viro wrote:
+> 
+> OK, full_name_hash()/hash_name() definitely have a mismatch and it's on the
+> names of length 8*n: trivial experiment shows that we have
+> name hash_name full_name_hash
+> a 61 61
+> ab 6261 6261
+> abc 636261 636261
+> abcd 64636261 64636261
+> abcdabc 64c6c4c2 64c6c4c2
+> abcdabcd efcead5 c8c6c4c2
+> abcdabcd9 efceb0e efceb0e
+> 
+> Linus, which way do you prefer to shift it?  Should hash_name() change to
+> match full_name_hash() or should it be the other way round?
+> 
+> What happens is that you get multiplication by 9 and adding 0 in the former,
+> after having added the last full word.  In the latter we add the last full
+> word, see that there's nothing left and bugger off.
+
+Guys, could you check if this fixes it?
+
+diff --git a/fs/namei.c b/fs/namei.c
+index 13e6a1f..7451d6f8 100644
+--- a/fs/namei.c
++++ b/fs/namei.c
+@@ -1439,10 +1439,10 @@ unsigned int full_name_hash(const unsigned char *name, unsigned int len)
+ 
+ 	for (;;) {
+ 		a = *(unsigned long *)name;
+-		hash *= 9;
+ 		if (len < sizeof(unsigned long))
+ 			break;
+ 		hash += a;
++		hash *= 9;
+ 		name += sizeof(unsigned long);
+ 		len -= sizeof(unsigned long);
+ 		if (!len)
+--
+To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
+the body of a message to majordomo@vger.kernel.org
+More majordomo info at  http://vger.kernel.org/majordomo-info.html
+Please read the FAQ at  http://www.tux.org/lkml/
+

kernel.spec

@@ -766,6 +766,8 @@ Patch21400: unhandled-irqs-switch-to-polling.patch
 
 Patch22000: weird-root-dentry-name-debug.patch
 
+Patch23000: fix-dentry-hash.patch
+
 %endif
 
 BuildRoot: %{_tmppath}/kernel-%{KVERREL}-root
@@ -1473,6 +1475,8 @@ ApplyPatch unhandled-irqs-switch-to-polling.patch
 
 ApplyPatch weird-root-dentry-name-debug.patch
 
+ApplyPatch fix-dentry-hash.patch
+
 #rhbz 803809 CVE-2012-1179
 ApplyPatch mm-thp-fix-pmd_bad-triggering.patch
 
@@ -2332,6 +2336,9 @@ fi
 #                 ||----w |
 #                 ||     ||
 %changelog
+* Thu Mar 22 2012 Dave Jones <davej@redhat.com>
+- Fix dentry hash collisions that prevented boot with selinux enabled (rhbz 805371)
+
 * Thu Mar 22 2012 Dave Jones <davej@redhat.com> 3.4.0-0.rc0.git1.1
 - Linux v3.3-4074-g5375871