[kernel] r12557 - in dists/sid/linux-2.6/debian: . patches/bugfix patches/series

Sat Jan 10 01:08:20 UTC 2009

Author: dannf
Date: Sat Jan 10 01:08:19 2009
New Revision: 12557

Log:
Set a minimum timeout for SG_IO requests (CVE-2008-5700)

Added:
   dists/sid/linux-2.6/debian/patches/bugfix/enforce-minimum-SG_IO-timeout.patch
Modified:
   dists/sid/linux-2.6/debian/changelog
   dists/sid/linux-2.6/debian/patches/series/13

Modified: dists/sid/linux-2.6/debian/changelog
==============================================================================

--- dists/sid/linux-2.6/debian/changelog	(original)
+++ dists/sid/linux-2.6/debian/changelog	Sat Jan 10 01:08:19 2009
@@ -9,6 +9,7 @@
   * [ia64] Add RTC class driver for EFI
   * [hppa] Fix system crash while unwinding a userspace process
     (CVE-2008-5395)
+  * Set a minimum timeout for SG_IO requests (CVE-2008-5700)
 
   [ Bastian Blank ]
   * Fix multicast in atl1e driver. (closes: #509097)
@@ -37,7 +38,7 @@
     - Add missing calls to plat_unmap_dma_mem.
     - Only write c0_framemask on CPUs which have this register.
 
- -- dann frazier <dannf at debian.org>  Fri, 09 Jan 2009 17:59:23 -0700
+ -- dann frazier <dannf at debian.org>  Fri, 09 Jan 2009 18:06:44 -0700
 
 linux-2.6 (2.6.26-12) unstable; urgency=high
 

Added: dists/sid/linux-2.6/debian/patches/bugfix/enforce-minimum-SG_IO-timeout.patch
==============================================================================
--- (empty file)
+++ dists/sid/linux-2.6/debian/patches/bugfix/enforce-minimum-SG_IO-timeout.patch	Sat Jan 10 01:08:19 2009
@@ -0,0 +1,59 @@
+commit f2f1fa78a155524b849edf359e42a3001ea652c0
+Author: Linus Torvalds <torvalds at linux-foundation.org>
+Date:   Fri Dec 5 14:49:18 2008 -0800
+
+    Enforce a minimum SG_IO timeout
+    
+    There's no point in having too short SG_IO timeouts, since if the
+    command does end up timing out, we'll end up through the reset sequence
+    that is several seconds long in order to abort the command that timed
+    out.
+    
+    As a result, shorter timeouts than a few seconds simply do not make
+    sense, as the recovery would be longer than the timeout itself.
+    
+    Add a BLK_MIN_SG_TIMEOUT to match the existign BLK_DEFAULT_SG_TIMEOUT.
+    
+    Suggested-by: Alan Cox <alan at lxorguk.ukuu.org.uk>
+    Acked-by: Tejun Heo <tj at kernel.org>
+    Acked-by: Jens Axboe <jens.axboe at oracle.com>
+    Cc: Jeff Garzik <jeff at garzik.org>
+    Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
+
+Adjusted to apply to Debian's 2.6.26 by dann frazier <dannf at hp.com>
+
+diff -urpN linux-source-2.6.26.orig/block/bsg.c linux-source-2.6.26/block/bsg.c
+--- linux-source-2.6.26.orig/block/bsg.c	2009-01-08 16:43:12.000000000 -0700
++++ linux-source-2.6.26/block/bsg.c	2009-01-09 18:03:55.000000000 -0700
+@@ -201,6 +201,8 @@ static int blk_fill_sgv4_hdr_rq(struct r
+ 		rq->timeout = q->sg_timeout;
+ 	if (!rq->timeout)
+ 		rq->timeout = BLK_DEFAULT_SG_TIMEOUT;
++	if (rq->timeout < BLK_MIN_SG_TIMEOUT)
++		rq->timeout = BLK_MIN_SG_TIMEOUT;
+ 
+ 	return 0;
+ }
+diff -urpN linux-source-2.6.26.orig/block/scsi_ioctl.c linux-source-2.6.26/block/scsi_ioctl.c
+--- linux-source-2.6.26.orig/block/scsi_ioctl.c	2009-01-08 16:43:12.000000000 -0700
++++ linux-source-2.6.26/block/scsi_ioctl.c	2009-01-09 18:03:55.000000000 -0700
+@@ -232,6 +232,8 @@ static int blk_fill_sghdr_rq(struct requ
+ 		rq->timeout = q->sg_timeout;
+ 	if (!rq->timeout)
+ 		rq->timeout = BLK_DEFAULT_SG_TIMEOUT;
++	if (rq->timeout < BLK_MIN_SG_TIMEOUT)
++		rq->timeout = BLK_MIN_SG_TIMEOUT;
+ 
+ 	return 0;
+ }
+diff -urpN linux-source-2.6.26.orig/include/linux/blkdev.h linux-source-2.6.26/include/linux/blkdev.h
+--- linux-source-2.6.26.orig/include/linux/blkdev.h	2008-07-13 15:51:29.000000000 -0600
++++ linux-source-2.6.26/include/linux/blkdev.h	2009-01-09 18:03:55.000000000 -0700
+@@ -585,6 +585,7 @@ extern unsigned long blk_max_low_pfn, bl
+  * default timeout for SG_IO if none specified
+  */
+ #define BLK_DEFAULT_SG_TIMEOUT	(60 * HZ)
++#define BLK_MIN_SG_TIMEOUT	(7 * HZ)
+ 
+ #ifdef CONFIG_BOUNCE
+ extern int init_emergency_isa_pool(void);

Modified: dists/sid/linux-2.6/debian/patches/series/13
==============================================================================
--- dists/sid/linux-2.6/debian/patches/series/13	(original)
+++ dists/sid/linux-2.6/debian/patches/series/13	Sat Jan 10 01:08:19 2009
@@ -20,3 +20,4 @@
 + bugfix/mips/write-c0_framemask-only-when-supported.patch
 + bugfix/ia64/add-efi-rtc-class-driver.patch
 + bugfix/parisc/userspace-unwind-crash.patch
++ bugfix/enforce-minimum-SG_IO-timeout.patch

