rpms/kernel/F-7 linux-2.6-aacraid-ioctl-security.patch, NONE, 1.1 linux-2.6-sky2-restore-workarounds.patch, NONE, 1.1 kernel-2.6.spec, 1.3272, 1.3273
Chuck Ebbert (cebbert)
fedora-extras-commits at redhat.com
Wed Jul 11 20:06:53 UTC 2007
- Previous message: rpms/mysql-proxy/FC-6 mysql-proxy.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Next message: rpms/hulahop/OLPC-2 .cvsignore, 1.3, 1.4 hulahop.spec, 1.3, 1.4 sources, 1.3, 1.4
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: cebbert
Update of /cvs/pkgs/rpms/kernel/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv15247
Modified Files:
kernel-2.6.spec
Added Files:
linux-2.6-aacraid-ioctl-security.patch
linux-2.6-sky2-restore-workarounds.patch
Log Message:
* Wed Jul 11 2007 Chuck Ebbert <cebbert at redhat.com>
- sky2: re-enable lost interrupt workarounds
- aacraid: ioctl handler needs permission check
linux-2.6-aacraid-ioctl-security.patch:
--- NEW FILE linux-2.6-aacraid-ioctl-security.patch ---
Are the shortlogs useful - yes .. they catch what appear to be mistakes
Specifically: What happened to the aacraid ioctl security fix ? Did someone decide it
wasn't needed or did it get lost somewhere on the way ?
While this looks scary the only obvious exploit cases are where the user can
open a device level file on an AACraid. Very few people put scanners or CD
devices on one so the actual impact is probably minimal.
Alan
--
Signed-off-by: Alan Cox <alan at redhat.com>
--- a/drivers/scsi/aacraid/linit.c 2007-07-09 10:51:55.653223304 +0100
+++ b/drivers/scsi/aacraid/linit.c 2007-07-09 10:51:55.653223304 +0100
@@ -453,6 +453,8 @@
static int aac_ioctl(struct scsi_device *sdev, int cmd, void __user * arg)
{
struct aac_dev *dev = (struct aac_dev *)sdev->host->hostdata;
+ if (!capable(CAP_SYS_RAWIO))
+ return -EPERM;
return aac_do_ioctl(dev, cmd, arg);
}
@@ -645,6 +647,8 @@
static int aac_compat_ioctl(struct scsi_device *sdev, int cmd, void __user *arg)
{
struct aac_dev *dev = (struct aac_dev *)sdev->host->hostdata;
+ if (!capable(CAP_SYS_RAWIO))
+ return -EPERM;
return aac_compat_do_ioctl(dev, cmd, (unsigned long)arg);
}
linux-2.6-sky2-restore-workarounds.patch:
--- NEW FILE linux-2.6-sky2-restore-workarounds.patch ---
Sky2 will hang under load due to lost IRQ. It is reproducible fastest on
Yukon EC chips, but others may have same problem.
This patch restores a couple of workarounds from 2.6.16 that reduce
the likely hood of failure. It is not possible to prove this is sufficient
to stop hangs.
* restart transmit moderation timer in case it expires during IRQ routine
* default to having 10 HZ watchdog timer.
At this point it more important not to hang than to worry about the
power cost. If possible please put in 2.6.22.
Signed-off-by: Stephen Hemminger <shemminger at linux-foundation.org>
--- a/drivers/net/sky2.c 2007-07-05 22:41:48.000000000 -0700
+++ b/drivers/net/sky2.c 2007-07-05 22:42:46.000000000 -0700
@@ -96,7 +96,7 @@ static int disable_msi = 0;
module_param(disable_msi, int, 0);
MODULE_PARM_DESC(disable_msi, "Disable Message Signaled Interrupt (MSI)");
-static int idle_timeout = 0;
+static int idle_timeout = 100;
module_param(idle_timeout, int, 0);
MODULE_PARM_DESC(idle_timeout, "Watchdog timer for lost interrupts (ms)");
@@ -2490,6 +2490,13 @@ static int sky2_poll(struct net_device *
work_done = sky2_status_intr(hw, work_limit);
if (work_done < work_limit) {
+ /* Bug/Errata workaround?
+ * Need to kick the TX irq moderation timer.
+ */
+ if (sky2_read8(hw, STAT_TX_TIMER_CTRL) == TIM_START) {
+ sky2_write8(hw, STAT_TX_TIMER_CTRL, TIM_STOP);
+ sky2_write8(hw, STAT_TX_TIMER_CTRL, TIM_START);
+ }
netif_rx_complete(dev0);
/* end of interrupt, re-enables also acts as I/O synchronization */
Index: kernel-2.6.spec
===================================================================
RCS file: /cvs/pkgs/rpms/kernel/F-7/kernel-2.6.spec,v
retrieving revision 1.3272
retrieving revision 1.3273
diff -u -r1.3272 -r1.3273
--- kernel-2.6.spec 11 Jul 2007 19:47:36 -0000 1.3272
+++ kernel-2.6.spec 11 Jul 2007 20:06:21 -0000 1.3273
@@ -538,6 +538,7 @@
Patch350: linux-2.6-devmem.patch
Patch370: linux-2.6-crash-driver.patch
Patch400: linux-2.6-scsi-cpqarray-set-master.patch
+Patch401: linux-2.6-aacraid-ioctl-security.patch
Patch420: linux-2.6-squashfs.patch
Patch430: linux-2.6-net-silence-noisy-printks.patch
Patch440: linux-2.6-sha_alignment.patch
@@ -560,6 +561,7 @@
Patch682: linux-2.6-rtl8187.patch
Patch690: linux-2.6-e1000-ich9.patch
Patch710: linux-2.6-bcm43xx-pci-neuter.patch
+Patch711: linux-2.6-sky2-restore-workarounds.patch
#Patch780: linux-2.6-clockevents-fix-resume-logic.patch
Patch790: linux-2.6-acpi-dock-oops.patch
Patch800: linux-2.6-wakeups-hdaps.patch
@@ -1111,6 +1113,8 @@
#
# fix cpqarray pci enable
ApplyPatch linux-2.6-scsi-cpqarray-set-master.patch
+# aacraid: ioctl handler needs permission check
+ApplyPatch linux-2.6-aacraid-ioctl-security.patch
# Filesystem patches.
# Squashfs
@@ -1170,6 +1174,9 @@
ApplyPatch linux-2.6-e1000-ich9.patch
# avoid bcm3xx vs bcm43xx-mac80211 PCI ID conflicts
ApplyPatch linux-2.6-bcm43xx-pci-neuter.patch
+# sky2: restore lost interrupt workarounds
+# maintainer wanted this in 2.6.22
+ApplyPatch linux-2.6-sky2-restore-workarounds.patch
# ACPI patches
# Fix ACPI dock oops (#238054)
@@ -2100,6 +2107,10 @@
%endif
%changelog
+* Wed Jul 11 2007 Chuck Ebbert <cebbert at redhat.com>
+- sky2: re-enable lost interrupt workarounds
+- aacraid: ioctl handler needs permission check
+
* Wed Jul 11 2007 Dave Jones <davej at redhat.com>
- NFS: Add the mount option "nosharecache"
- Previous message: rpms/mysql-proxy/FC-6 mysql-proxy.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Next message: rpms/hulahop/OLPC-2 .cvsignore, 1.3, 1.4 hulahop.spec, 1.3, 1.4 sources, 1.3, 1.4
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the scm-commits
mailing list