[kernel] r9497 - in dists/etch/linux-2.6/debian: . patches/bugfix patches/series

[Dann Frazier]

Author: dannf
Date: Tue Sep 11 05:35:58 2007
New Revision: 9497

Log:
fix a minor DoS issue having to do with spurious interrupt accounting

Added:
   dists/etch/linux-2.6/debian/patches/bugfix/clear-spurious-irq.patch
Modified:
   dists/etch/linux-2.6/debian/changelog
   dists/etch/linux-2.6/debian/patches/series/14

Modified: dists/etch/linux-2.6/debian/changelog
==============================================================================
--- dists/etch/linux-2.6/debian/changelog	(original)
+++ dists/etch/linux-2.6/debian/changelog	Tue Sep 11 05:35:58 2007
@@ -7,16 +7,23 @@
   * Add pci ids for Intel ICH9 controllers, see #435877
   * [hppa] remove misuse of global_ack_eiem, fixing a race condition that
     resulted in frequent lockups on SMP systems. See: #435878
+
+  [ Frederik Schüler ]
+  * Add support for 3ware 9650SE controllers. (closes: #402562)
+
+  [ dann frazier ]
   * bugfix/reset-pdeathsig-on-suid-upstream.patch
     Update fix for CVE-2007-3848 with the patch accepted upstream
   * Fix ipv6 rfc conformance issue introduced in 2.6.18.dfsg.1-13 by the
     fix for CVE-2007-2242. Thanks to Brian Haley for the patch.
     (closes: #440127)
-
-  [ Frederik Schüler ]
-  * Add support for 3ware 9650SE controllers. (closes: #402562)
-
- -- dann frazier <dannf at debian.org>  Mon, 10 Sep 2007 23:22:24 -0600
+  * Fix a minor denial of service issue that allows local users to disable
+    an interrupt by causing an interrupt handler to be quickly inserted/removed.
+    This has only been shown to happen with certain serial devices so can only
+    be triggered by a user who already has additional priveleges (dialout
+    group). (closes: #404815)
+  
+ -- dann frazier <dannf at debian.org>  Mon, 10 Sep 2007 23:28:17 -0600
 
 linux-2.6 (2.6.18.dfsg.1-13etch2) stable-security; urgency=high
 

Added: dists/etch/linux-2.6/debian/patches/bugfix/clear-spurious-irq.patch
==============================================================================
--- (empty file)
+++ dists/etch/linux-2.6/debian/patches/bugfix/clear-spurious-irq.patch	Tue Sep 11 05:35:58 2007
@@ -0,0 +1,34 @@
+From: Linus Torvalds <torvalds at woody.linux-foundation.org>
+Date: Tue, 23 Jan 2007 22:16:31 +0000 (-0800)
+Subject: Clear spurious irq stat information when adding irq handler
+X-Git-Tag: v2.6.20-rc6~15
+X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=8528b0f1de1101c6002036fd53638fb21111d0ea
+
+Clear spurious irq stat information when adding irq handler
+
+Any newly added irq handler may obviously make any old spurious irq
+status invalid, since the new handler may well be the thing that is
+supposed to handle any interrupts that came in.
+
+So just clear the statistics when adding handlers.
+
+Pointed-out-by: Alan Cox <alan at lxorguk.ukuu.org.uk>
+Acked-by: Thomas Gleixner <tglx at linutronix.de>
+Acked-by: Ingo Molnar <mingo at elte.hu>
+Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
+---
+
+diff --git a/kernel/irq/manage.c b/kernel/irq/manage.c
+index b385878..8b961ad 100644
+--- a/kernel/irq/manage.c
++++ b/kernel/irq/manage.c
+@@ -315,6 +315,9 @@ int setup_irq(unsigned int irq, struct irqaction *new)
+ 			/* Undo nested disables: */
+ 			desc->depth = 1;
+ 	}
++	/* Reset broken irq detection when installing new handler */
++	desc->irq_count = 0;
++	desc->irqs_unhandled = 0;
+ 	spin_unlock_irqrestore(&desc->lock, flags);
+ 
+ 	new->irq = irq;

Modified: dists/etch/linux-2.6/debian/patches/series/14
==============================================================================
--- dists/etch/linux-2.6/debian/patches/series/14	(original)
+++ dists/etch/linux-2.6/debian/patches/series/14	Tue Sep 11 05:35:58 2007
@@ -12,3 +12,4 @@
 - bugfix/reset-pdeathsig-on-suid.patch
 + bugfix/reset-pdeathsig-on-suid-upstream.patch
 + bugfix/ipv6-disallow-RH0-by-default-2.patch
++ bugfix/clear-spurious-irq.patch