Author: arekm Date: Sun Dec 14 08:57:55 2008 GMT Module: SOURCES Tag: LINUX_2_6 ---- Log message: - updated (parts merged in .9)
---- Files affected: SOURCES: kernel-small_fixes.patch (1.1.2.14 -> 1.1.2.15) ---- Diffs: ================================================================ Index: SOURCES/kernel-small_fixes.patch diff -u SOURCES/kernel-small_fixes.patch:1.1.2.14 SOURCES/kernel-small_fixes.patch:1.1.2.15 --- SOURCES/kernel-small_fixes.patch:1.1.2.14 Sat Dec 13 21:18:15 2008 +++ SOURCES/kernel-small_fixes.patch Sun Dec 14 09:57:50 2008 @@ -159,108 +159,3 @@ #include "squashfs.h" -XFS: Fix hang after disallowed rename across directory quota domains - -When project quota is active and is being used for directory tree -quota control, we disallow rename outside the current directory -tree. This requires a check to be made after all the inodes -involved in the rename are locked. We fail to unlock the inodes -correctly if we disallow the rename when the target is outside the -current directory tree. This results in a hang on the next access -to the inodes involved in failed rename. - -Reported-by: Arkadiusz Miskiewicz <[email protected]> -Signed-off-by: Dave Chinner <[email protected]> ---- - fs/xfs/xfs_rename.c | 2 +- - 1 files changed, 1 insertions(+), 1 deletions(-) - -diff --git a/fs/xfs/xfs_rename.c b/fs/xfs/xfs_rename.c -index d700dac..c903130 100644 ---- a/fs/xfs/xfs_rename.c -+++ b/fs/xfs/xfs_rename.c -@@ -212,7 +212,7 @@ xfs_rename( - if (unlikely((target_dp->i_d.di_flags & XFS_DIFLAG_PROJINHERIT) && - (target_dp->i_d.di_projid != src_ip->i_d.di_projid))) { - error = XFS_ERROR(EXDEV); -- xfs_rename_unlock4(inodes, XFS_ILOCK_SHARED); -+ xfs_rename_unlock4(inodes, XFS_ILOCK_EXCL); - xfs_trans_cancel(tp, cancel_flags); - goto std_return; - } - -From 4120bf257ec59ca4381af5be565e6e1e68b542c1 Mon Sep 17 00:00:00 2001 -From: Jianjun Kong <[email protected]> -Date: Sat, 1 Nov 2008 21:37:27 -0700 -Subject: af_unix: netns: fix problem of return value - -From: Jianjun Kong <[email protected]> - -[ Upstream commit 48dcc33e5e11de0f76b65b113988dbc930d17395 ] - -fix problem of return value - -net/unix/af_unix.c: unix_net_init() -when error appears, it should return 'error', not always return 0. - -Signed-off-by: Jianjun Kong <[email protected]> -Signed-off-by: David S. Miller <[email protected]> - ---- - net/unix/af_unix.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - ---- a/net/unix/af_unix.c -+++ b/net/unix/af_unix.c -@@ -2230,7 +2230,7 @@ static int unix_net_init(struct net *net - #endif - error = 0; - out: -- return 0; -+ return error; - } - - static void unix_net_exit(struct net *net) -From 17b24b3c97498935a2ef9777370b1151dfed3f6f Mon Sep 17 00:00:00 2001 -From: Chas Williams <[email protected]> -Date: Thu, 4 Dec 2008 14:58:13 -0800 -Subject: ATM: CVE-2008-5079: duplicate listen() on socket corrupts the vcc table - -From: Chas Williams <[email protected]> - -commit 17b24b3c97498935a2ef9777370b1151dfed3f6f upstream. - -As reported by Hugo Dias that it is possible to cause a local denial -of service attack by calling the svc_listen function twice on the same -socket and reading /proc/net/atm/*vc - -Signed-off-by: Chas Williams <[email protected]> -Signed-off-by: David S. Miller <[email protected]> -Signed-off-by: Greg Kroah-Hartman <[email protected]> - ---- - net/atm/svc.c | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - ---- a/net/atm/svc.c -+++ b/net/atm/svc.c -@@ -293,7 +293,10 @@ static int svc_listen(struct socket *soc - error = -EINVAL; - goto out; - } -- vcc_insert_socket(sk); -+ if (test_bit(ATM_VF_LISTEN, &vcc->flags)) { -+ error = -EADDRINUSE; -+ goto out; -+ } - set_bit(ATM_VF_WAITING, &vcc->flags); - prepare_to_wait(sk->sk_sleep, &wait, TASK_UNINTERRUPTIBLE); - sigd_enq(vcc,as_listen,NULL,NULL,&vcc->local); -@@ -307,6 +310,7 @@ static int svc_listen(struct socket *soc - goto out; - } - set_bit(ATM_VF_LISTEN,&vcc->flags); -+ vcc_insert_socket(sk); - sk->sk_max_ack_backlog = backlog > 0 ? backlog : ATM_BACKLOG_DEFAULT; - error = -sk->sk_err; - out: ================================================================ ---- CVS-web: http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SOURCES/kernel-small_fixes.patch?r1=1.1.2.14&r2=1.1.2.15&f=u _______________________________________________ pld-cvs-commit mailing list [email protected] http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit
