r2995 - in trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian: . patches patches/series
Simon Horman
horms@costa.debian.org
Fri, 22 Apr 2005 06:54:31 +0000
Author: horms
Date: 2005-04-22 06:54:30 +0000 (Fri, 22 Apr 2005)
New Revision: 2995
Added:
trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/net-ipv4-icmp-quench.dpatch
Modified:
trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16
Log:
[CAN-2004-0790] Just silently ignore ICMP Source Quench messages. (See: #305655)
Modified: trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
===================================================================
--- trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog 2005-04-22 06:44:05 UTC (rev 2994)
+++ trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog 2005-04-22 06:54:30 UTC (rev 2995)
@@ -120,9 +120,17 @@
by using interupd disabling spin locks.
(Simon Horman)
- * fs-jdb-slow-leak.dpatch
+ * fs-jdb-slow-leak.dpatch:
Fix longstanding jdb commit leak - since 2.6.6. (Maximilian Attems)
+ * sparc64-sigpoll-2.6.8.dpatch:
+ Separate __SI_FAULT and __SI_POLL branches in copy_siginfo_to_user32()
+ to resolve fcntl() bug. (Jurij Smakov, Simon Horman) (closes: #272683)
+
+ * net-ipv4-icmp-quench.diff:
+ [CAN-2004-0790] Just silently ignore ICMP Source Quench messages.
+ (Simon Horman) (See: #305655)
+
-- Simon Horman <horms@debian.org> Wed, 13 Apr 2005 17:23:38 +0900
kernel-source-2.6.8 (2.6.8-15) unstable; urgency=high
Added: trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/net-ipv4-icmp-quench.dpatch
===================================================================
--- trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/net-ipv4-icmp-quench.dpatch 2005-04-22 06:44:05 UTC (rev 2994)
+++ trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/net-ipv4-icmp-quench.dpatch 2005-04-22 06:54:30 UTC (rev 2995)
@@ -0,0 +1,51 @@
+# origin: davem (BitKeeper)
+# cset: 1.1881 (2.6) key=41462282hi9sRgvNyJ2_Lp24_X477Q
+# URL: http://linux.bkbits.net:8080/linux-2.6/cset@41462282hi9sRgvNyJ2_Lp24_X477Q
+# inclusion: upstream
+# descrition: [TCP]: Just silently ignore ICMP Source Quench messages.
+# revision date: Fri, 22 Apr 2005 15:32:09 +0900
+#
+# S rset: ChangeSet|1.1880..1.1881
+# I rset: net/ipv4/tcp_ipv4.c|1.97..1.98
+#
+# Key:
+# S: Skipped ChangeSet file only
+# O: Original Followed by Updated
+# U: Updated Included with updated range of versions
+# I: Included Included verbatim
+# E: Excluded Excluded on request from user
+# D: Deleted Manually deleted by subsequent user edit
+# R: Revised Manually revised by subsequent user edit
+#
+#
+# This is a BitKeeper generated diff -Nru style patch.
+#
+# ChangeSet
+# 2004/09/13 15:43:14-07:00 davem@nuts.davemloft.net
+# [TCP]: Just silently ignore ICMP Source Quench messages.
+#
+# Recommended by draft-gont-tcpm-icmp-attacks-01.txt
+#
+# Signed-off-by: David S. Miller <davem@davemloft.net>
+#
+# net/ipv4/tcp_ipv4.c
+# 2004/09/13 15:42:33-07:00 davem@nuts.davemloft.net +1 -5
+# [TCP]: Just silently ignore ICMP Source Quench messages.
+#
+#
+===== net/ipv4/tcp_ipv4.c 1.97 vs 1.98 =====
+--- 1.97/net/ipv4/tcp_ipv4.c 2004-09-08 02:00:51 +09:00
++++ 1.98/net/ipv4/tcp_ipv4.c 2004-09-14 07:42:33 +09:00
+@@ -1033,11 +1033,7 @@ void tcp_v4_err(struct sk_buff *skb, u32
+
+ switch (type) {
+ case ICMP_SOURCE_QUENCH:
+- /* This is deprecated, but if someone generated it,
+- * we have no reasons to ignore it.
+- */
+- if (!sock_owned_by_user(sk))
+- tcp_enter_cwr(tp);
++ /* Just silently ignore these. */
+ goto out;
+ case ICMP_PARAMETERPROB:
+ err = EPROTO;
Modified: trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16
===================================================================
--- trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16 2005-04-22 06:44:05 UTC (rev 2994)
+++ trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-16 2005-04-22 06:54:30 UTC (rev 2995)
@@ -28,3 +28,4 @@
+ lib-rwsem-spinlock.dpatch
+ sparc64-sigpoll-2.6.8.dpatch
+ fs-jdb-slow-leak.dpatch
++ net-ipv4-icmp-quench.dpatch