[kernel] r17113 - in dists/squeeze/linux-2.6/debian: . patches/debian patches/series

Ben Hutchings benh at alioth.debian.org
Fri Mar 25 02:49:56 UTC 2011 

Author: benh
Date: Fri Mar 25 02:49:54 2011
New Revision: 17113

Log:
Defer netdev module loading changes

Added:
   dists/squeeze/linux-2.6/debian/patches/debian/revert-netdev-module-loading-changes.patch
Modified:
   dists/squeeze/linux-2.6/debian/changelog
   dists/squeeze/linux-2.6/debian/patches/series/32

Modified: dists/squeeze/linux-2.6/debian/changelog
==============================================================================
--- dists/squeeze/linux-2.6/debian/changelog	Thu Mar 24 15:05:57 2011	(r17112)
+++ dists/squeeze/linux-2.6/debian/changelog	Fri Mar 25 02:49:54 2011	(r17113)
@@ -12,9 +12,7 @@
     - nfsd: Fix wrong index used in NFSv4 session creation
     - comedi/jr3_pci: Don't ioremap too much space. Check result.
       (Closes: #618309)
-    - net: Don't allow CAP_NET_ADMIN to load non-netdev kernel modules
-      (CVE-2011-1019)
-    - ip_gre,ipip,ip6ip6: Enable loading using netdev module alias
+    - Defer netdev module loading changes
   * Revert "drm/i915: Add pipe A force quirk for some laptops"
     (Closes: #618665; reopens: #608148)
   * scsi: Re-enable SCSI_PROC_FS (/proc/scsi directory) (Closes: #618258)

Added: dists/squeeze/linux-2.6/debian/patches/debian/revert-netdev-module-loading-changes.patch
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ dists/squeeze/linux-2.6/debian/patches/debian/revert-netdev-module-loading-changes.patch	Fri Mar 25 02:49:54 2011	(r17113)
@@ -0,0 +1,89 @@
+From: Ben Hutchings <ben at decadent.org.uk>
+Subject: [PATCH] Revert netdev module loading changes
+
+These changes in 2.6.32.33 can cause regressions, and are still under
+active discussion upstream.
+
+diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h
+index c27a182..ec12f8c2 100644
+--- a/include/linux/netdevice.h
++++ b/include/linux/netdevice.h
+@@ -2015,10 +2015,6 @@ static inline u32 dev_ethtool_get_flags(struct net_device *dev)
+ 		return 0;
+ 	return dev->ethtool_ops->get_flags(dev);
+ }
+-
+-#define MODULE_ALIAS_NETDEV(device) \
+-	MODULE_ALIAS("netdev-" device)
+-
+ #endif /* __KERNEL__ */
+ 
+ #endif	/* _LINUX_NETDEVICE_H */
+diff --git a/net/core/dev.c b/net/core/dev.c
+index 49e3782..fd4c1e7 100644
+--- a/net/core/dev.c
++++ b/net/core/dev.c
+@@ -1037,21 +1037,13 @@ EXPORT_SYMBOL(netdev_bonding_change);
+ void dev_load(struct net *net, const char *name)
+ {
+ 	struct net_device *dev;
+-	int no_module;
+ 
+ 	read_lock(&dev_base_lock);
+ 	dev = __dev_get_by_name(net, name);
+ 	read_unlock(&dev_base_lock);
+ 
+-	no_module = !dev;
+-	if (no_module && capable(CAP_NET_ADMIN))
+-		no_module = request_module("netdev-%s", name);
+-	if (no_module && capable(CAP_SYS_MODULE)) {
+-		if (!request_module("%s", name))
+-			pr_err("Loading kernel module for a network device "
+-"with CAP_SYS_MODULE (deprecated).  Use CAP_NET_ADMIN and alias netdev-%s "
+-"instead\n", name);
+-	}
++	if (!dev && capable(CAP_NET_ADMIN))
++		request_module("%s", name);
+ }
+ EXPORT_SYMBOL(dev_load);
+ 
+diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c
+index cfab9e4..1433338 100644
+--- a/net/ipv4/ip_gre.c
++++ b/net/ipv4/ip_gre.c
+@@ -1708,4 +1708,3 @@ module_exit(ipgre_fini);
+ MODULE_LICENSE("GPL");
+ MODULE_ALIAS_RTNL_LINK("gre");
+ MODULE_ALIAS_RTNL_LINK("gretap");
+-MODULE_ALIAS_NETDEV("gre0");
+diff --git a/net/ipv4/ipip.c b/net/ipv4/ipip.c
+index f37df1a..ae40ed1 100644
+--- a/net/ipv4/ipip.c
++++ b/net/ipv4/ipip.c
+@@ -853,4 +853,3 @@ static void __exit ipip_fini(void)
+ module_init(ipip_init);
+ module_exit(ipip_fini);
+ MODULE_LICENSE("GPL");
+-MODULE_ALIAS_NETDEV("tunl0");
+diff --git a/net/ipv6/ip6_tunnel.c b/net/ipv6/ip6_tunnel.c
+index 9a95c82..c595bbe 100644
+--- a/net/ipv6/ip6_tunnel.c
++++ b/net/ipv6/ip6_tunnel.c
+@@ -56,7 +56,6 @@
+ MODULE_AUTHOR("Ville Nuorvala");
+ MODULE_DESCRIPTION("IPv6 tunneling device");
+ MODULE_LICENSE("GPL");
+-MODULE_ALIAS_NETDEV("ip6tnl0");
+ 
+ #define IPV6_TLV_TEL_DST_SIZE 8
+ 
+diff --git a/net/ipv6/sit.c b/net/ipv6/sit.c
+index de2ffef..dbd19a7 100644
+--- a/net/ipv6/sit.c
++++ b/net/ipv6/sit.c
+@@ -1101,4 +1101,4 @@ static int __init sit_init(void)
+ module_init(sit_init);
+ module_exit(sit_cleanup);
+ MODULE_LICENSE("GPL");
+-MODULE_ALIAS_NETDEV("sit0");
++MODULE_ALIAS("sit0");

Modified: dists/squeeze/linux-2.6/debian/patches/series/32
==============================================================================
--- dists/squeeze/linux-2.6/debian/patches/series/32	Thu Mar 24 15:05:57 2011	(r17112)
+++ dists/squeeze/linux-2.6/debian/patches/series/32	Fri Mar 25 02:49:54 2011	(r17113)
@@ -2,6 +2,7 @@
 + features/x86/vmw_pvscsi-SCSI-driver-for-VMware-s-virtual-HBA.patch
 + features/x86/vmw_pvscsi-fix-signedness-warning-with-newer-compile.patch
 + bugfix/all/stable/2.6.32.33.patch
++ debian/revert-netdev-module-loading-changes.patch
 - bugfix/x86/drm-i915-add-pipe-A-force-quirks-to-i915-driver.patch
 + bugfix/all/r8169-Fix-up-backport-of-r8169-keep-firmware-in-memo.patch
 + bugfix/all/fix-corrupted-osf-partition-parsing.patch

More information about the Kernel-svn-changes mailing list