r4401 - in dists/sid/linux-2.6/debian: . patches-debian
patches-debian/series
Simon Horman
horms at costa.debian.org
Tue Oct 11 10:10:28 UTC 2005
Author: horms
Date: 2005-10-11 10:10:26 +0000 (Tue, 11 Oct 2005)
New Revision: 4401
Added:
dists/sid/linux-2.6/debian/patches-debian/drm-module_param-permissions-fix.patch
dists/sid/linux-2.6/debian/patches-debian/fix-sparc64-fpu-register-corruption.patch
dists/sid/linux-2.6/debian/patches-debian/ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.patch
dists/sid/linux-2.6/debian/patches-debian/orinoco-info-leak.patch
dists/sid/linux-2.6/debian/patches-debian/plug-names_cache-memleak.patch
dists/sid/linux-2.6/debian/patches-debian/series/2.6.12-11
Modified:
dists/sid/linux-2.6/debian/changelog
Log:
* Added 2.6.13.4
- ieee1394/sbp2: fixes for hot-unplug and module unloading
ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.patch
- orinoco: Information leakage due to incorrect padding
orinoco-info-leak.patch
- Fix drm 'debug' sysfs permissions
drm-module_param-permissions-fix.patch
- [SPARC64]: Fix userland FPU state corruption.
fix-sparc64-fpu-register-corruption.patch
- Avoid 'names_cache' memory leak with CONFIG_AUDITSYSCALL
plug-names_cache-memleak.patch
Modified: dists/sid/linux-2.6/debian/changelog
===================================================================
--- dists/sid/linux-2.6/debian/changelog 2005-10-11 06:31:48 UTC (rev 4400)
+++ dists/sid/linux-2.6/debian/changelog 2005-10-11 10:10:26 UTC (rev 4401)
@@ -7,6 +7,17 @@
[ Simon Horman ]
* mempolicy fix in 2.6.12-3 from upstream's 2.6.12.5 is CAN-2005-3053
* lost-fput-in-32bit-ioctl-on-x86-64.patch in 2.6.12-7 is CAN-2005-3044
+ * Added 2.6.13.4
+ - ieee1394/sbp2: fixes for hot-unplug and module unloading
+ ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.patch
+ - orinoco: Information leakage due to incorrect padding
+ orinoco-info-leak.patch
+ - Fix drm 'debug' sysfs permissions
+ drm-module_param-permissions-fix.patch
+ - [SPARC64]: Fix userland FPU state corruption.
+ fix-sparc64-fpu-register-corruption.patch
+ - Avoid 'names_cache' memory leak with CONFIG_AUDITSYSCALL
+ plug-names_cache-memleak.patch
[ Frederik Schüler ]
* deactivate FB_RIVA on all architectures. (closes: #333067)
@@ -16,7 +27,7 @@
* [hppa] Oops. Fix linux-headers not including asm-parisc by adding
headers_dirs = parisc to Makefile.inc.
- -- Frederik Schüler <fschueler at gmx.net> Mon, 10 Oct 2005 21:22:40 +0200
+ -- Simon Horman <horms at debian.org> Tue, 11 Oct 2005 19:00:51 +0900
linux-2.6 (2.6.12-10) unstable; urgency=high
Added: dists/sid/linux-2.6/debian/patches-debian/drm-module_param-permissions-fix.patch
===================================================================
--- dists/sid/linux-2.6/debian/patches-debian/drm-module_param-permissions-fix.patch 2005-10-11 06:31:48 UTC (rev 4400)
+++ dists/sid/linux-2.6/debian/patches-debian/drm-module_param-permissions-fix.patch 2005-10-11 10:10:26 UTC (rev 4401)
@@ -0,0 +1,32 @@
+From stable-bounces at linux.kernel.org Wed Oct 5 13:47:18 2005
+Date: Thu, 6 Oct 2005 06:46:50 +1000
+From: Dave Airlie <airlied at gmail.com>
+To: stable at linux.kernel.org
+Subject: [PATCH] Fix drm 'debug' sysfs permissions
+Reply-To: Dave Airlie <airlied at gmail.com>
+
+From: Dave Jones <davej at redhat.com>
+
+Please consider for next 2.6.13, it is a minor security issue allowing
+users to turn on drm debugging when they shouldn't...
+
+This fell through the cracks. Until Josh pointed me at
+http://bugs.gentoo.org/show_bug.cgi?id=107893
+
+Signed-off-by: Chris Wright <chrisw at osdl.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
+---
+ drivers/char/drm/drm_stub.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- linux-2.6.13.y.orig/drivers/char/drm/drm_stub.c
++++ linux-2.6.13.y/drivers/char/drm/drm_stub.c
+@@ -47,7 +47,7 @@ MODULE_PARM_DESC(cards_limit, "Maximum n
+ MODULE_PARM_DESC(debug, "Enable debug output");
+
+ module_param_named(cards_limit, drm_cards_limit, int, 0444);
+-module_param_named(debug, drm_debug, int, 0666);
++module_param_named(debug, drm_debug, int, 0600);
+
+ drm_head_t **drm_heads;
+ struct drm_sysfs_class *drm_class;
Added: dists/sid/linux-2.6/debian/patches-debian/fix-sparc64-fpu-register-corruption.patch
===================================================================
--- dists/sid/linux-2.6/debian/patches-debian/fix-sparc64-fpu-register-corruption.patch 2005-10-11 06:31:48 UTC (rev 4400)
+++ dists/sid/linux-2.6/debian/patches-debian/fix-sparc64-fpu-register-corruption.patch 2005-10-11 10:10:26 UTC (rev 4401)
@@ -0,0 +1,220 @@
+From stable-bounces at linux.kernel.org Fri Oct 7 13:41:25 2005
+Date: Fri, 07 Oct 2005 13:41:17 -0700 (PDT)
+To: stable at kernel.org
+From: "David S. Miller" <davem at davemloft.net>
+Cc:
+Subject: [SPARC64]: Fix userland FPU state corruption.
+
+We need to use stricter memory barriers around the block
+load and store instructions we use to save and restore the
+FPU register file.
+
+Signed-off-by: David S. Miller <davem at davemloft.net>
+Signed-off-by: Chris Wright <chrisw at osdl.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
+---
+ arch/sparc64/kernel/entry.S | 39 +++++++++++++++++++++------------------
+ arch/sparc64/kernel/rtrap.S | 7 ++++---
+ arch/sparc64/lib/VISsave.S | 8 +++++---
+ 3 files changed, 30 insertions(+), 24 deletions(-)
+
+Backported to Debian's 2.6.12 by Horms
+
+--- from-0001/arch/sparc64/kernel/entry.S
++++ to-work/arch/sparc64/kernel/entry.S 2005-10-11 18:35:00.000000000 +0900
+@@ -188,7 +188,7 @@ vmalloc_addr:
+ /* This is trivial with the new code... */
+ .globl do_fpdis
+ do_fpdis:
+- sethi %hi(TSTATE_PEF), %g4 ! IEU0
++ sethi %hi(TSTATE_PEF), %g4
+ rdpr %tstate, %g5
+ andcc %g5, %g4, %g0
+ be,pt %xcc, 1f
+@@ -205,18 +205,18 @@ do_fpdis:
+ add %g0, %g0, %g0
+ ba,a,pt %xcc, rtrap_clr_l6
+
+-1: ldub [%g6 + TI_FPSAVED], %g5 ! Load Group
+- wr %g0, FPRS_FEF, %fprs ! LSU Group+4bubbles
+- andcc %g5, FPRS_FEF, %g0 ! IEU1 Group
+- be,a,pt %icc, 1f ! CTI
+- clr %g7 ! IEU0
+- ldx [%g6 + TI_GSR], %g7 ! Load Group
+-1: andcc %g5, FPRS_DL, %g0 ! IEU1
+- bne,pn %icc, 2f ! CTI
+- fzero %f0 ! FPA
+- andcc %g5, FPRS_DU, %g0 ! IEU1 Group
+- bne,pn %icc, 1f ! CTI
+- fzero %f2 ! FPA
++1: ldub [%g6 + TI_FPSAVED], %g5
++ wr %g0, FPRS_FEF, %fprs
++ andcc %g5, FPRS_FEF, %g0
++ be,a,pt %icc, 1f
++ clr %g7
++ ldx [%g6 + TI_GSR], %g7
++1: andcc %g5, FPRS_DL, %g0
++ bne,pn %icc, 2f
++ fzero %f0
++ andcc %g5, FPRS_DU, %g0
++ bne,pn %icc, 1f
++ fzero %f2
+ faddd %f0, %f2, %f4
+ fmuld %f0, %f2, %f6
+ faddd %f0, %f2, %f8
+@@ -259,8 +259,10 @@ cplus_fptrap_insn_1:
+ add %g6, TI_FPREGS + 0xc0, %g2
+ faddd %f0, %f2, %f8
+ fmuld %f0, %f2, %f10
+- ldda [%g1] ASI_BLK_S, %f32 ! grrr, where is ASI_BLK_NUCLEUS 8-(
++ membar #Sync
++ ldda [%g1] ASI_BLK_S, %f32
+ ldda [%g2] ASI_BLK_S, %f48
++ membar #Sync
+ faddd %f0, %f2, %f12
+ fmuld %f0, %f2, %f14
+ faddd %f0, %f2, %f16
+@@ -287,8 +289,10 @@ cplus_fptrap_insn_2:
+ add %g6, TI_FPREGS + 0x40, %g2
+ faddd %f32, %f34, %f36
+ fmuld %f32, %f34, %f38
+- ldda [%g1] ASI_BLK_S, %f0 ! grrr, where is ASI_BLK_NUCLEUS 8-(
++ membar #Sync
++ ldda [%g1] ASI_BLK_S, %f0
+ ldda [%g2] ASI_BLK_S, %f16
++ membar #Sync
+ faddd %f32, %f34, %f40
+ fmuld %f32, %f34, %f42
+ faddd %f32, %f34, %f44
+@@ -302,7 +306,6 @@ cplus_fptrap_insn_2:
+ faddd %f32, %f34, %f60
+ fmuld %f32, %f34, %f62
+ ba,pt %xcc, fpdis_exit
+- membar #Sync
+ 3: mov SECONDARY_CONTEXT, %g3
+ add %g6, TI_FPREGS, %g1
+ ldxa [%g3] ASI_DMMU, %g5
+@@ -311,7 +314,8 @@ cplus_fptrap_insn_3:
+ stxa %g2, [%g3] ASI_DMMU
+ membar #Sync
+ mov 0x40, %g2
+- ldda [%g1] ASI_BLK_S, %f0 ! grrr, where is ASI_BLK_NUCLEUS 8-(
++ membar #Sync
++ ldda [%g1] ASI_BLK_S, %f0
+ ldda [%g1 + %g2] ASI_BLK_S, %f16
+ add %g1, 0x80, %g1
+ ldda [%g1] ASI_BLK_S, %f32
+--- /dev/null
++++ to-work/arch/sparc64/kernel/entry.S.rej 2005-10-11 18:30:54.000000000 +0900
+@@ -0,0 +1,32 @@
++***************
++*** 271,277 ****
++ fmuld %f0, %f2, %f26
++ faddd %f0, %f2, %f28
++ fmuld %f0, %f2, %f30
++- membar #Sync
++ b,pt %xcc, fpdis_exit
++ nop
++ 2: andcc %g5, FPRS_DU, %g0
++--- 273,278 ----
++ fmuld %f0, %f2, %f26
++ faddd %f0, %f2, %f28
++ fmuld %f0, %f2, %f30
++ b,pt %xcc, fpdis_exit
++ nop
++ 2: andcc %g5, FPRS_DU, %g0
++***************
++*** 301,307 ****
++ fmuld %f32, %f34, %f58
++ faddd %f32, %f34, %f60
++ fmuld %f32, %f34, %f62
++- membar #Sync
++ ba,pt %xcc, fpdis_exit
++ nop
++ 3: mov SECONDARY_CONTEXT, %g3
++--- 304,309 ----
++ fmuld %f32, %f34, %f58
++ faddd %f32, %f34, %f60
++ fmuld %f32, %f34, %f62
++ ba,pt %xcc, fpdis_exit
++ nop
++ 3: mov SECONDARY_CONTEXT, %g3
+--- from-0001/arch/sparc64/kernel/rtrap.S
++++ to-work/arch/sparc64/kernel/rtrap.S 2005-10-11 18:30:54.000000000 +0900
+@@ -310,32 +310,33 @@ kern_fpucheck: ldub [%g6 + TI_FPDEPTH]
+ wr %g1, FPRS_FEF, %fprs
+ ldx [%o1 + %o5], %g1
+ add %g6, TI_XFSR, %o1
+- membar #StoreLoad | #LoadLoad
+ sll %o0, 8, %o2
+ add %g6, TI_FPREGS, %o3
+ brz,pn %l6, 1f
+ add %g6, TI_FPREGS+0x40, %o4
+
++ membar #Sync
+ ldda [%o3 + %o2] ASI_BLK_P, %f0
+ ldda [%o4 + %o2] ASI_BLK_P, %f16
++ membar #Sync
+ 1: andcc %l2, FPRS_DU, %g0
+ be,pn %icc, 1f
+ wr %g1, 0, %gsr
+ add %o2, 0x80, %o2
++ membar #Sync
+ ldda [%o3 + %o2] ASI_BLK_P, %f32
+ ldda [%o4 + %o2] ASI_BLK_P, %f48
+-
+ 1: membar #Sync
+ ldx [%o1 + %o5], %fsr
+ 2: stb %l5, [%g6 + TI_FPDEPTH]
+ ba,pt %xcc, rt_continue
+ nop
+ 5: wr %g0, FPRS_FEF, %fprs
+- membar #StoreLoad | #LoadLoad
+ sll %o0, 8, %o2
+
+ add %g6, TI_FPREGS+0x80, %o3
+ add %g6, TI_FPREGS+0xc0, %o4
++ membar #Sync
+ ldda [%o3 + %o2] ASI_BLK_P, %f32
+ ldda [%o4 + %o2] ASI_BLK_P, %f48
+ membar #Sync
+--- from-0001/arch/sparc64/lib/VISsave.S
++++ to-work/arch/sparc64/lib/VISsave.S 2005-10-11 18:30:54.000000000 +0900
+@@ -59,15 +59,17 @@ vis1: ldub [%g6 + TI_FPSAVED], %g3
+ be,pn %icc, 9b
+ add %g6, TI_FPREGS, %g2
+ andcc %o5, FPRS_DL, %g0
+- membar #StoreStore | #LoadStore
+
+ be,pn %icc, 4f
+ add %g6, TI_FPREGS+0x40, %g3
++ membar #Sync
+ stda %f0, [%g2 + %g1] ASI_BLK_P
+ stda %f16, [%g3 + %g1] ASI_BLK_P
++ membar #Sync
+ andcc %o5, FPRS_DU, %g0
+ be,pn %icc, 5f
+ 4: add %g1, 128, %g1
++ membar #Sync
+ stda %f32, [%g2 + %g1] ASI_BLK_P
+
+ stda %f48, [%g3 + %g1] ASI_BLK_P
+@@ -83,7 +85,7 @@ vis1: ldub [%g6 + TI_FPSAVED], %g3
+ sll %g1, 5, %g1
+ add %g6, TI_FPREGS+0xc0, %g3
+ wr %g0, FPRS_FEF, %fprs
+- membar #StoreStore | #LoadStore
++ membar #Sync
+ stda %f32, [%g2 + %g1] ASI_BLK_P
+ stda %f48, [%g3 + %g1] ASI_BLK_P
+ membar #Sync
+@@ -121,8 +123,8 @@ VISenterhalf:
+ be,pn %icc, 4f
+ add %g6, TI_FPREGS, %g2
+
+- membar #StoreStore | #LoadStore
+ add %g6, TI_FPREGS+0x40, %g3
++ membar #Sync
+ stda %f0, [%g2 + %g1] ASI_BLK_P
+ stda %f16, [%g3 + %g1] ASI_BLK_P
+ membar #Sync
Added: dists/sid/linux-2.6/debian/patches-debian/ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.patch
===================================================================
--- dists/sid/linux-2.6/debian/patches-debian/ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.patch 2005-10-11 06:31:48 UTC (rev 4400)
+++ dists/sid/linux-2.6/debian/patches-debian/ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.patch 2005-10-11 10:10:26 UTC (rev 4401)
@@ -0,0 +1,130 @@
+From stable-bounces at linux.kernel.org Sat Oct 1 10:58:10 2005
+Date: Sat, 1 Oct 2005 19:57:47 +0200 (CEST)
+From: Stefan Richter <stefanr at s5r6.in-berlin.de>
+Subject: [PATCH] ieee1394/sbp2: fixes for hot-unplug and module unloading
+To: stable at kernel.org
+Cc: chrisw at osdl.org, bcollins at debian.org, greg at kroah.com
+
+Fixes for reference counting problems, deadlocks, and delays when SBP-2 devices
+are unplugged or unbound from sbp2, or when unloading of sbp2/ ohci1394/ pcilynx
+is attempted.
+
+Most often reported symptoms were hotplugs remaining undetected once a FireWire
+disk was unplugged since the knodemgrd kernel thread went to uninterruptible
+sleep, and "modprobe -r sbp2" being unable to complete because still being in
+use.
+
+Patch is equivalent to commit abd559b1052e28d8b9c28aabde241f18fa89090b in
+2.6.14-rc3 plus a fix which is necessary together with 2.6.13's scsi core API
+(linux1394.org commit r1308 by Ben Collins).
+
+Signed-off-by: Stefan Richter <stefanr at s5r6.in-berlin.de>
+Cc: Ben Collins <bcollins at debian.org>
+Signed-off-by: Chris Wright <chrisw at osdl.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
+---
+ drivers/ieee1394/sbp2.c | 38 +++++++++++++++++++++++++++++++++++---
+ 1 file changed, 35 insertions(+), 3 deletions(-)
+
+--- linux-2.6.13.y.orig/drivers/ieee1394/sbp2.c
++++ linux-2.6.13.y/drivers/ieee1394/sbp2.c
+@@ -596,6 +596,11 @@ static void sbp2util_mark_command_comple
+ spin_unlock_irqrestore(&scsi_id->sbp2_command_orb_lock, flags);
+ }
+
++static inline int sbp2util_node_is_available(struct scsi_id_instance_data *scsi_id)
++{
++ return scsi_id && scsi_id->ne && !scsi_id->ne->in_limbo;
++}
++
+
+
+ /*********************************************
+@@ -631,11 +636,23 @@ static int sbp2_remove(struct device *de
+ {
+ struct unit_directory *ud;
+ struct scsi_id_instance_data *scsi_id;
++ struct scsi_device *sdev;
+
+ SBP2_DEBUG("sbp2_remove");
+
+ ud = container_of(dev, struct unit_directory, device);
+ scsi_id = ud->device.driver_data;
++ if (!scsi_id)
++ return 0;
++
++ /* Trigger shutdown functions in scsi's highlevel. */
++ if (scsi_id->scsi_host)
++ scsi_unblock_requests(scsi_id->scsi_host);
++ sdev = scsi_id->sdev;
++ if (sdev) {
++ scsi_id->sdev = NULL;
++ scsi_remove_device(sdev);
++ }
+
+ sbp2_logout_device(scsi_id);
+ sbp2_remove_device(scsi_id);
+@@ -944,6 +961,7 @@ alloc_fail:
+ SBP2_ERR("scsi_add_device failed");
+ return PTR_ERR(sdev);
+ }
++ scsi_device_put(sdev);
+
+ return 0;
+ }
+@@ -2480,7 +2498,7 @@ static int sbp2scsi_queuecommand(struct
+ * If scsi_id is null, it means there is no device in this slot,
+ * so we should return selection timeout.
+ */
+- if (!scsi_id) {
++ if (!sbp2util_node_is_available(scsi_id)) {
+ SCpnt->result = DID_NO_CONNECT << 16;
+ done (SCpnt);
+ return 0;
+@@ -2683,6 +2701,18 @@ static void sbp2scsi_complete_command(st
+ }
+
+
++static int sbp2scsi_slave_alloc(struct scsi_device *sdev)
++{
++ ((struct scsi_id_instance_data *)sdev->host->hostdata[0])->sdev = sdev;
++ return 0;
++}
++
++static void sbp2scsi_slave_destroy(struct scsi_device *sdev)
++{
++ ((struct scsi_id_instance_data *)sdev->host->hostdata[0])->sdev = NULL;
++ return;
++}
++
+ static int sbp2scsi_slave_configure (struct scsi_device *sdev)
+ {
+ blk_queue_dma_alignment(sdev->request_queue, (512 - 1));
+@@ -2705,7 +2735,7 @@ static int sbp2scsi_abort(struct scsi_cm
+ SBP2_ERR("aborting sbp2 command");
+ scsi_print_command(SCpnt);
+
+- if (scsi_id) {
++ if (sbp2util_node_is_available(scsi_id)) {
+
+ /*
+ * Right now, just return any matching command structures
+@@ -2749,7 +2779,7 @@ static int __sbp2scsi_reset(struct scsi_
+
+ SBP2_ERR("reset requested");
+
+- if (scsi_id) {
++ if (sbp2util_node_is_available(scsi_id)) {
+ SBP2_ERR("Generating sbp2 fetch agent reset");
+ sbp2_agent_reset(scsi_id, 0);
+ }
+@@ -2817,7 +2847,9 @@ static struct scsi_host_template scsi_dr
+ .eh_device_reset_handler = sbp2scsi_reset,
+ .eh_bus_reset_handler = sbp2scsi_reset,
+ .eh_host_reset_handler = sbp2scsi_reset,
++ .slave_alloc = sbp2scsi_slave_alloc,
+ .slave_configure = sbp2scsi_slave_configure,
++ .slave_destroy = sbp2scsi_slave_destroy,
+ .this_id = -1,
+ .sg_tablesize = SG_ALL,
+ .use_clustering = ENABLE_CLUSTERING,
Added: dists/sid/linux-2.6/debian/patches-debian/orinoco-info-leak.patch
===================================================================
--- dists/sid/linux-2.6/debian/patches-debian/orinoco-info-leak.patch 2005-10-11 06:31:48 UTC (rev 4400)
+++ dists/sid/linux-2.6/debian/patches-debian/orinoco-info-leak.patch 2005-10-11 10:10:26 UTC (rev 4401)
@@ -0,0 +1,50 @@
+From stable-bounces at linux.kernel.org Tue Oct 4 20:36:20 2005
+Date: Tue, 04 Oct 2005 21:33:10 -0400
+From: Pavel Roskin <proski at gnu.org>
+To: orinoco-devel <orinoco-devel at lists.sourceforge.net>, NetDev <netdev at vger.kernel.org>
+Cc: Meder Kydyraliev <meder at o0o.nu>
+Subject: [PATCH] orinoco: Information leakage due to incorrect padding
+
+The orinoco driver can send uninitialized data exposing random pieces of
+the system memory. This happens because data is not padded with zeroes
+when its length needs to be increased.
+
+Reported by Meder Kydyraliev <meder at o0o.nu>
+
+Signed-off-by: Pavel Roskin <proski at gnu.org>
+Signed-off-by: Chris Wright <chrisw at osdl.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
+---
+ drivers/net/wireless/orinoco.c | 14 +++++++++-----
+ 1 file changed, 9 insertions(+), 5 deletions(-)
+
+--- linux-2.6.13.y.orig/drivers/net/wireless/orinoco.c
++++ linux-2.6.13.y/drivers/net/wireless/orinoco.c
+@@ -502,9 +502,14 @@ static int orinoco_xmit(struct sk_buff *
+ return 0;
+ }
+
+- /* Length of the packet body */
+- /* FIXME: what if the skb is smaller than this? */
+- len = max_t(int,skb->len - ETH_HLEN, ETH_ZLEN - ETH_HLEN);
++ /* Check packet length, pad short packets, round up odd length */
++ len = max_t(int, ALIGN(skb->len, 2), ETH_ZLEN);
++ if (skb->len < len) {
++ skb = skb_padto(skb, len);
++ if (skb == NULL)
++ goto fail;
++ }
++ len -= ETH_HLEN;
+
+ eh = (struct ethhdr *)skb->data;
+
+@@ -556,8 +561,7 @@ static int orinoco_xmit(struct sk_buff *
+ p = skb->data;
+ }
+
+- /* Round up for odd length packets */
+- err = hermes_bap_pwrite(hw, USER_BAP, p, ALIGN(data_len, 2),
++ err = hermes_bap_pwrite(hw, USER_BAP, p, data_len,
+ txfid, data_off);
+ if (err) {
+ printk(KERN_ERR "%s: Error %d writing packet to BAP\n",
Added: dists/sid/linux-2.6/debian/patches-debian/plug-names_cache-memleak.patch
===================================================================
--- dists/sid/linux-2.6/debian/patches-debian/plug-names_cache-memleak.patch 2005-10-11 06:31:48 UTC (rev 4400)
+++ dists/sid/linux-2.6/debian/patches-debian/plug-names_cache-memleak.patch 2005-10-11 10:10:26 UTC (rev 4401)
@@ -0,0 +1,52 @@
+From: Linus Torvalds <torvalds at osdl.org>
+Date: Fri, 7 Oct 2005 04:54:21 +0000 (-0700)
+Subject: [PATCH] Avoid 'names_cache' memory leak with CONFIG_AUDITSYSCALL
+
+Avoid 'names_cache' memory leak with CONFIG_AUDITSYSCALL
+
+The nameidata "last.name" is always allocated with "__getname()", and
+should always be free'd with "__putname()".
+
+Using "putname()" without the underscores will leak memory, because the
+allocation will have been hidden from the AUDITSYSCALL code.
+
+Arguably the real bug is that the AUDITSYSCALL code is really broken,
+but in the meantime this fixes the problem people see.
+
+Reported by Robert Derr, patch by Rick Lindsley.
+
+Acked-by: Al Viro <viro at ftp.linux.org.uk>
+Signed-off-by: Linus Torvalds <torvalds at osdl.org>
+Signed-off-by: Chris Wright <chrisw at osdl.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh at suse.de>
+---
+ fs/namei.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+Backported to Debian's 2.6.12 by Horms
+
+--- from-0001/fs/namei.c
++++ to-work/fs/namei.c 2005-10-11 18:51:22.000000000 +0900
+@@ -1554,19 +1554,19 @@ do_link:
+ if (nd->last_type != LAST_NORM)
+ goto exit;
+ if (nd->last.name[nd->last.len]) {
+- putname(nd->last.name);
++ __putname(nd->last.name);
+ goto exit;
+ }
+ error = -ELOOP;
+ if (count++==32) {
+- putname(nd->last.name);
++ __putname(nd->last.name);
+ goto exit;
+ }
+ dir = nd->dentry;
+ down(&dir->d_inode->i_sem);
+ path.dentry = __lookup_hash(&nd->last, nd->dentry, nd);
+ path.mnt = nd->mnt;
+- putname(nd->last.name);
++ __putname(nd->last.name);
+ goto do_last;
+ }
+
Added: dists/sid/linux-2.6/debian/patches-debian/series/2.6.12-11
===================================================================
--- dists/sid/linux-2.6/debian/patches-debian/series/2.6.12-11 2005-10-11 06:31:48 UTC (rev 4400)
+++ dists/sid/linux-2.6/debian/patches-debian/series/2.6.12-11 2005-10-11 10:10:26 UTC (rev 4401)
@@ -0,0 +1,5 @@
++ ieee1394-sbp2-fixes-for-hot-unplug-and-module-unloading.patch
++ orinoco-info-leak.patch
++ drm-module_param-permissions-fix.patch
++ fix-sparc64-fpu-register-corruption.patch
++ plug-names_cache-memleak.patch
More information about the Kernel-svn-changes
mailing list