rpms
/
kernel
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Linux 3.1.8 (Fedora 2.6.41.8)

This commit is contained in:
Josh Boyer 2012-01-06 21:40:42 -05:00
parent 0456a2e199
commit dba7dc5d3e
5 changed files with 6 additions and 357 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
iwlwifi-allow-to-switch-to-HT40-if-not-associated.patch
View File

@ -1,38 +0,0 @@
My previous patch
34a5b4b6af104cf18eb50748509528b9bdbc4036 iwlwifi: do not re-configure
HT40 after associated
Fix the case of HT40 after association on specified AP, but it break the
association for some APs and cause not able to establish connection.
We need to address HT40 before and after addociation.
CC: stable@vger.kernel.org #3.0+
Reported-by: Andrej Gelenberg <andrej.gelenberg@udo.edu>
Signed-off-by: Wey-Yi Guy <wey-yi.w.guy@intel.com>
Tested-by: Andrej Gelenberg <andrej.gelenberg@udo.edu>
---
drivers/net/wireless/iwlwifi/iwl-agn-rxon.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/net/wireless/iwlwifi/iwl-agn-rxon.c b/drivers/net/wireless/iwlwifi/iwl-agn-rxon.c
index a7a6def..5c7c17c 100644
--- a/drivers/net/wireless/iwlwifi/iwl-agn-rxon.c
+++ b/drivers/net/wireless/iwlwifi/iwl-agn-rxon.c
@@ -606,8 +606,8 @@ int iwlagn_mac_config(struct ieee80211_hw *hw, u32 changed)
if (ctx->ht.enabled) {
/* if HT40 is used, it should not change
* after associated except channel switch */
- if (iwl_is_associated_ctx(ctx) &&
- !ctx->ht.is_40mhz)
+ if (!ctx->ht.is_40mhz ||
+ !iwl_is_associated_ctx(ctx))
iwlagn_config_ht40(conf, ctx);
} else
ctx->ht.is_40mhz = false;
--
1.7.0.4
--
To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html

22
kernel.spec
View File

@ -42,7 +42,7 @@ Summary: The Linux kernel
# When changing real_sublevel below, reset this by hand to 1
# (or to 0 and then use rpmdev-bumpspec).
#
%global baserelease 2
%global baserelease 1
%global fedora_build %{baserelease}
# real_sublevel is the 3.x kernel version we're starting with
@ -51,7 +51,7 @@ Summary: The Linux kernel
%define fake_sublevel %(echo $((40 + %{real_sublevel})))
# Do we have a -stable update to apply?
%define stable_update 7
%define stable_update 8
# Is it a -stable RC?
%define stable_rc 0
# Set rpm version accordingly
@ -688,8 +688,6 @@ Patch21031: benet-remove-bogus-unlikely-on-vlan-check.patch
Patch21040: x86-code-dump-fix-truncation.patch
Patch21070: oom-fix-integer-overflow-of-points.patch
#rhbz 728607
Patch21060: elantech.patch
@ -718,9 +716,6 @@ Patch21045: nfs-client-freezer.patch
#rhbz 590880
Patch21046: alps.patch
#rhbz 767173
Patch21047: iwlwifi-allow-to-switch-to-HT40-if-not-associated.patch
#rhbz 741117
Patch21048: b44-Use-dev_kfree_skb_irq-in-b44_tx.patch
@ -736,8 +731,6 @@ Patch21056: KVM-fix-device-assignment-permissions.patch
#rhbz 770233
Patch21065: Bluetooth-Add-support-for-BCM20702A0.patch
Patch22000: route-cache-garbage-collector.patch
%endif
BuildRoot: %{_tmppath}/kernel-%{KVERREL}-root
@ -1319,9 +1312,6 @@ ApplyPatch benet-remove-bogus-unlikely-on-vlan-check.patch
#rhbz 736815
ApplyPatch x86-code-dump-fix-truncation.patch
#rhbz 750402
ApplyPatch oom-fix-integer-overflow-of-points.patch
#rhbz 728607
ApplyPatch elantech.patch
@ -1351,17 +1341,12 @@ ApplyPatch nfs-client-freezer.patch
#rhbz 590880
ApplyPatch alps.patch
#rhbz 767173
ApplyPatch iwlwifi-allow-to-switch-to-HT40-if-not-associated.patch
#rhbz 741117
ApplyPatch b44-Use-dev_kfree_skb_irq-in-b44_tx.patch
#rhbz 771006
ApplyPatch thp-reduce-khugepaged-freezing-latency.patch
ApplyPatch route-cache-garbage-collector.patch
#rhbz 770102
ApplyPatch KVM-x86-Prevent-starting-PIT-timers-in-the-absence-of.patch
@ -2018,6 +2003,9 @@ fi
# and build.
%changelog
* Fri Jan 06 2012 Josh Boyer <jwboyer@redhat.com> 2.6.41.8-1
- Linux 3.1.8
* Wed Jan 04 2012 Josh Boyer <jwboyer@redhat.com>
- CVE-2011-4347 kvm: device assignment DoS (rhbz 770096)

100
oom-fix-integer-overflow-of-points.patch
View File

@ -1,100 +0,0 @@
Delivered-To: jwboyer@gmail.com
Received: by 10.220.45.11 with SMTP id c11cs62970vcf;
Mon, 31 Oct 2011 08:56:49 -0700 (PDT)
Received: by 10.101.15.19 with SMTP id s19mr2706064ani.103.1320076596057;
Mon, 31 Oct 2011 08:56:36 -0700 (PDT)
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
by mx.google.com with ESMTP id x8si7676575ani.27.2011.10.31.08.56.32;
Mon, 31 Oct 2011 08:56:36 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mail=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
id S934545Ab1JaP4X (ORCPT <rfc822;mel.lkml@gmail.com> + 99 others);
Mon, 31 Oct 2011 11:56:23 -0400
Received: from mx1.redhat.com ([209.132.183.28]:23653 "EHLO mx1.redhat.com"
rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
id S934538Ab1JaP4X (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
Mon, 31 Oct 2011 11:56:23 -0400
Received: from int-mx09.intmail.prod.int.phx2.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.22])
by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id p9VFuHOO027543
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK);
Mon, 31 Oct 2011 11:56:18 -0400
Received: from dhcp-26-164.brq.redhat.com (dhcp-26-164.brq.redhat.com [10.34.26.164])
by int-mx09.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id p9VFuEK3018476;
Mon, 31 Oct 2011 11:56:15 -0400
From: Frantisek Hrbata <fhrbata@redhat.com>
To: rientjes@google.com
Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org,
akpm@linux-foundation.org, kosaki.motohiro@jp.fujitsu.com,
oleg@redhat.com, minchan.kim@gmail.com, stable@kernel.org,
eteo@redhat.com, pmatouse@redhat.com
Subject: [PATCH v2] oom: fix integer overflow of points in oom_badness
Date: Mon, 31 Oct 2011 16:56:09 +0100
Message-Id: <1320076569-23872-1-git-send-email-fhrbata@redhat.com>
In-Reply-To: <1320048865-13175-1-git-send-email-fhrbata@redhat.com>
References: <1320048865-13175-1-git-send-email-fhrbata@redhat.com>
X-Scanned-By: MIMEDefang 2.68 on 10.5.11.22
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
An integer overflow will happen on 64bit archs if task's sum of rss, swapents
and nr_ptes exceeds (2^31)/1000 value. This was introduced by commit
f755a04 oom: use pte pages in OOM score
where the oom score computation was divided into several steps and it's no
longer computed as one expression in unsigned long(rss, swapents, nr_pte are
unsigned long), where the result value assigned to points(int) is in
range(1..1000). So there could be an int overflow while computing
176 points *= 1000;
and points may have negative value. Meaning the oom score for a mem hog task
will be one.
196 if (points <= 0)
197 return 1;
For example:
[ 3366] 0 3366 35390480 24303939 5 0 0 oom01
Out of memory: Kill process 3366 (oom01) score 1 or sacrifice child
Here the oom1 process consumes more than 24303939(rss)*4096~=92GB physical
memory, but it's oom score is one.
In this situation the mem hog task is skipped and oom killer kills another and
most probably innocent task with oom score greater than one.
The points variable should be of type long instead of int to prevent the int
overflow.
Signed-off-by: Frantisek Hrbata <fhrbata@redhat.com>
---
mm/oom_kill.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/mm/oom_kill.c b/mm/oom_kill.c
index 626303b..e9a1785 100644
--- a/mm/oom_kill.c
+++ b/mm/oom_kill.c
@@ -162,7 +162,7 @@ static bool oom_unkillable_task(struct task_struct *p,
unsigned int oom_badness(struct task_struct *p, struct mem_cgroup *mem,
const nodemask_t *nodemask, unsigned long totalpages)
{
- int points;
+ long points;
if (oom_unkillable_task(p, mem, nodemask))
return 0;
--
1.7.6.4
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

201
route-cache-garbage-collector.patch
View File

@ -1,201 +0,0 @@
Message-ID: <1324461072.2728.19.camel@edumazet-HP-Compaq-6005-Pro-SFF-PC>
Subject: Re: Kernel-DOS error in arp mechanism =?UTF-8?Q?=E2=80=93?= no delete off incomplete arp adresses
From: Eric Dumazet <eric.dumazet@gmail.com>
To: David Miller <davem@davemloft.net>
Cc: richard.weinberger@gmail.com, gladewitz@gmx.de,
linux-kernel@vger.kernel.org, netdev@vger.kernel.org
Date: Wed, 21 Dec 2011 10:51:12 +0100
In-Reply-To: <20111221.030727.1528369698756365464.davem@davemloft.net>
References: <4EEC5286.3070408@gmx.de>
<CAFLxGvxjLCyMCPXtpm7a7RaOL4A4=bhCLPKD=FVAc8xOdx_CsQ@mail.gmail.com>
<1324453467.2610.20.camel@edumazet-laptop>
<20111221.030727.1528369698756365464.davem@davemloft.net>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
Le mercredi 21 décembre 2011 à 03:07 -0500, David Miller a écrit :
> From: Eric Dumazet <eric.dumazet@gmail.com>
> Date: Wed, 21 Dec 2011 08:44:27 +0100
>
> > David, I suggest we add back the garbage collector for current kernels,
> > we'll remove it when route cache really disappear ?
> >
> > I'll send a patch today.
>
> Yes, it's the best idea.
>
> We can actually remove it again as early as when when route neigh's
> are ref-less.
Here is the patch I successfully tested in the neighbour stress
situation. This is a stable candidate (2.6.39+)
Thanks !
[PATCH] ipv4: reintroduce route cache garbage collector
Commit 2c8cec5c10b (ipv4: Cache learned PMTU information in inetpeer)
removed IP route cache garbage collector a bit too soon, as this gc was
responsible for expired routes cleanup, releasing their neighbour
reference.
As pointed out by Robert Gladewitz, recent kernels can fill and exhaust
their neighbour cache.
Reintroduce the garbage collection, since we'll have to wait our
neighbour lookups become refcount-less to not depend on this stuff.
Reported-by: Robert Gladewitz <gladewitz@gmx.de>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
---
net/ipv4/route.c | 107 +++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 107 insertions(+)
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index 46af623..252c512 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -133,6 +134,9 @@ static int ip_rt_min_advmss __read_mostly = 256;
static int rt_chain_length_max __read_mostly = 20;
static int redirect_genid;
+static struct delayed_work expires_work;
+static unsigned long expires_ljiffies;
+
/*
* Interface to generic destination cache.
*/
@@ -830,6 +834,97 @@ static int has_noalias(const struct rtable *head, const struct rtable *rth)
return ONE;
}
+static void rt_check_expire(void)
+{
+ static unsigned int rover;
+ unsigned int i = rover, goal;
+ struct rtable *rth;
+ struct rtable __rcu **rthp;
+ unsigned long samples = 0;
+ unsigned long sum = 0, sum2 = 0;
+ unsigned long delta;
+ u64 mult;
+
+ delta = jiffies - expires_ljiffies;
+ expires_ljiffies = jiffies;
+ mult = ((u64)delta) << rt_hash_log;
+ if (ip_rt_gc_timeout > 1)
+ do_div(mult, ip_rt_gc_timeout);
+ goal = (unsigned int)mult;
+ if (goal > rt_hash_mask)
+ goal = rt_hash_mask + 1;
+ for (; goal > 0; goal--) {
+ unsigned long tmo = ip_rt_gc_timeout;
+ unsigned long length;
+
+ i = (i + 1) & rt_hash_mask;
+ rthp = &rt_hash_table[i].chain;
+
+ if (need_resched())
+ cond_resched();
+
+ samples++;
+
+ if (rcu_dereference_raw(*rthp) == NULL)
+ continue;
+ length = 0;
+ spin_lock_bh(rt_hash_lock_addr(i));
+ while ((rth = rcu_dereference_protected(*rthp,
+ lockdep_is_held(rt_hash_lock_addr(i)))) != NULL) {
+ prefetch(rth->dst.rt_next);
+ if (rt_is_expired(rth)) {
+ *rthp = rth->dst.rt_next;
+ rt_free(rth);
+ continue;
+ }
+ if (rth->dst.expires) {
+ /* Entry is expired even if it is in use */
+ if (time_before_eq(jiffies, rth->dst.expires)) {
+nofree:
+ tmo >>= 1;
+ rthp = &rth->dst.rt_next;
+ /*
+ * We only count entries on
+ * a chain with equal hash inputs once
+ * so that entries for different QOS
+ * levels, and other non-hash input
+ * attributes don't unfairly skew
+ * the length computation
+ */
+ length += has_noalias(rt_hash_table[i].chain, rth);
+ continue;
+ }
+ } else if (!rt_may_expire(rth, tmo, ip_rt_gc_timeout))
+ goto nofree;
+
+ /* Cleanup aged off entries. */
+ *rthp = rth->dst.rt_next;
+ rt_free(rth);
+ }
+ spin_unlock_bh(rt_hash_lock_addr(i));
+ sum += length;
+ sum2 += length*length;
+ }
+ if (samples) {
+ unsigned long avg = sum / samples;
+ unsigned long sd = int_sqrt(sum2 / samples - avg*avg);
+ rt_chain_length_max = max_t(unsigned long,
+ ip_rt_gc_elasticity,
+ (avg + 4*sd) >> FRACT_BITS);
+ }
+ rover = i;
+}
+
+/*
+ * rt_worker_func() is run in process context.
+ * we call rt_check_expire() to scan part of the hash table
+ */
+static void rt_worker_func(struct work_struct *work)
+{
+ rt_check_expire();
+ schedule_delayed_work(&expires_work, ip_rt_gc_interval);
+}
+
/*
* Perturbation of rt_genid by a small quantity [1..256]
* Using 8 bits of shuffling ensure we can call rt_cache_invalidate()
@@ -3179,6 +3274,13 @@ static ctl_table ipv4_route_table[] = {
.proc_handler = proc_dointvec_jiffies,
},
{
+ .procname = "gc_interval",
+ .data = &ip_rt_gc_interval,
+ .maxlen = sizeof(int),
+ .mode = 0644,
+ .proc_handler = proc_dointvec_jiffies,
+ },
+ {
.procname = "redirect_load",
.data = &ip_rt_redirect_load,
.maxlen = sizeof(int),
@@ -3388,6 +3490,11 @@ int __init ip_rt_init(void)
devinet_init();
ip_fib_init();
+ INIT_DELAYED_WORK_DEFERRABLE(&expires_work, rt_worker_func);
+ expires_ljiffies = jiffies;
+ schedule_delayed_work(&expires_work,
+ net_random() % ip_rt_gc_interval + ip_rt_gc_interval);
+
if (ip_rt_proc_init())
printk(KERN_ERR "Unable to create route proc files\n");
#ifdef CONFIG_XFRM
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

2
sources
View File

@ -1,2 +1,2 @@
8d43453f8159b2332ad410b19d86a931 linux-3.1.tar.bz2
13ea1e611a0a580138b8203e6f1353ed patch-3.1.7.bz2
54fac8e4b0b55201e012ef0337a6cc87 patch-3.1.8.bz2