r2780 - in trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches: . series

Andres Salomon dilinger-guest@costa.debian.org
Tue, 22 Mar 2005 08:25:37 +0100 

Author: dilinger-guest
Date: 2005-03-22 08:25:37 +0100 (Tue, 22 Mar 2005)
New Revision: 2780

Added:
   trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/ip6_copy_metadata_leak.dpatch
   trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/ip_copy_metadata_leak.dpatch
Modified:
   trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-15
Log:
add CAN-2005-0210 fixes


Added: trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/ip6_copy_metadata_leak.dpatch
===================================================================
--- trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/ip6_copy_metadata_leak.dpatch	2005-03-22 07:21:38 UTC (rev 2779)
+++ trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/ip6_copy_metadata_leak.dpatch	2005-03-22 07:25:37 UTC (rev 2780)
@@ -0,0 +1,42 @@
+#! /bin/sh -e
+## <PATCHNAME>.dpatch by <PATCH_AUTHOR@EMAI>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Description: [IPV6]: Fix ip6_copy_metadata potential dst leak too.
+## DP: Patch author: yoshfuji@linux-ipv6.org
+## DP: Upstream status: backport
+
+. $(dirname $0)/DPATCH
+
+@DPATCH@
+diff -Naru a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c
+--- a/net/ipv6/ip6_output.c	2005-03-21 23:21:49 -08:00
++++ b/net/ipv6/ip6_output.c	2005-03-21 23:21:49 -08:00
+@@ -463,6 +463,7 @@
+ 	to->priority = from->priority;
+ 	to->protocol = from->protocol;
+ 	to->security = from->security;
++	dst_release(to->dst);
+ 	to->dst = dst_clone(from->dst);
+ 	to->dev = from->dev;
+ 
+# This is a BitKeeper generated diff -Nru style patch.
+#
+# ChangeSet
+#   2005/01/30 20:47:06-08:00 yoshfuji@linux-ipv6.org 
+#   [IPV6]: Fix ip6_copy_metadata potential dst leak too.
+#   
+#   Same fix as per ipv4 ip_copy_metadata().
+#   
+#   Signed-off-by: Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>
+#   Signed-off-by: David S. Miller <davem@davemloft.net>
+# 
+# net/ipv6/ip6_output.c
+#   2005/01/30 20:46:45-08:00 yoshfuji@linux-ipv6.org +1 -0
+#   [IPV6]: Fix ip6_copy_metadata potential dst leak too.
+#   
+#   Same fix as per ipv4 ip_copy_metadata().
+#   
+#   Signed-off-by: Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>
+#   Signed-off-by: David S. Miller <davem@davemloft.net>
+# 

Added: trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/ip_copy_metadata_leak.dpatch
===================================================================
--- trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/ip_copy_metadata_leak.dpatch	2005-03-22 07:21:38 UTC (rev 2779)
+++ trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/ip_copy_metadata_leak.dpatch	2005-03-22 07:25:37 UTC (rev 2780)
@@ -0,0 +1,48 @@
+#! /bin/sh -e
+## <PATCHNAME>.dpatch by <PATCH_AUTHOR@EMAI>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: Description: [IPV4]: Do not leak dst entries in ip_copy_metadata().
+## DP: Patch author: kaber@trash.net
+## DP: Upstream status: backport
+
+. $(dirname $0)/DPATCH
+
+@DPATCH@
+diff -Naru a/net/ipv4/ip_output.c b/net/ipv4/ip_output.c
+--- a/net/ipv4/ip_output.c	2005-03-21 23:22:48 -08:00
++++ b/net/ipv4/ip_output.c	2005-03-21 23:22:48 -08:00
+@@ -389,6 +389,7 @@
+ 	to->priority = from->priority;
+ 	to->protocol = from->protocol;
+ 	to->security = from->security;
++	dst_release(to->dst);
+ 	to->dst = dst_clone(from->dst);
+ 	to->dev = from->dev;
+ 
+# This is a BitKeeper generated diff -Nru style patch.
+#
+# ChangeSet
+#   2005/01/30 18:24:03-08:00 kaber@trash.net 
+#   [IPV4]: Do not leak dst entries in ip_copy_metadata().
+#   
+#   Netfilter conntrack can defragment locally generated
+#   packets before they hit ip_fragment().  In this case
+#   the fragments have skb->dst set already, so we have to
+#   release that existing reference before overwriting
+#   skb->dst.
+#   
+#   Signed-off-by: David S. Miller <davem@davemloft.net>
+# 
+# net/ipv4/ip_output.c
+#   2005/01/30 18:23:28-08:00 kaber@trash.net +1 -0
+#   [IPV4]: Do not leak dst entries in ip_copy_metadata().
+#   
+#   Netfilter conntrack can defragment locally generated
+#   packets before they hit ip_fragment().  In this case
+#   the fragments have skb->dst set already, so we have to
+#   release that existing reference before overwriting
+#   skb->dst.
+#   
+#   Signed-off-by: David S. Miller <davem@davemloft.net>
+# 

Modified: trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-15
===================================================================
--- trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-15	2005-03-22 07:21:38 UTC (rev 2779)
+++ trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/series/2.6.8-15	2005-03-22 07:25:37 UTC (rev 2780)
@@ -1,3 +1,5 @@
 + radeon-race.dpatch
 + rcu-locking.dpatch
 + drivers-net-ppp_async-fix-dos.dpatch
++ ip_copy_metadata_leak.dpatch
++ ip6_copy_metadata_leak.dpatch