Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 48045 Details for
Bug 77094
Kernel: grsecurity advisories (CAN-2005-{0179,0180,0504})
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
2.6 Compound Patch
linux-2.6.10-77094.patch (text/plain), 5.98 KB, created by
Tim Yamin (RETIRED)
on 2005-01-09 13:07:05 UTC
(
hide
)
Description:
2.6 Compound Patch
Filename:
MIME Type:
Creator:
Tim Yamin (RETIRED)
Created:
2005-01-09 13:07:05 UTC
Size:
5.98 KB
patch
obsolete
>diff -urNp linux-2.6.10/drivers/char/moxa.c linux-2.6.10-new/drivers/char/moxa.c >--- linux-2.6.10/drivers/char/moxa.c 2005-01-07 10:51:23 -0500 >+++ linux-2.6.10-new/drivers/char/moxa.c 2005-01-07 10:51:33 -0500 >@@ -1668,6 +1668,8 @@ int MoxaDriverIoctl(unsigned int cmd, un > return -EFAULT; > if(dltmp.cardno < 0 || dltmp.cardno >= MAX_BOARDS) > return -EINVAL; >+ if(dltmp.len < 0 || dltmp.len > sizeof(moxaBuff)) >+ return -EINVAL; > > switch(cmd) > { >@@ -2822,8 +2824,6 @@ static int moxaload320b(int cardno, unsi > void __iomem *baseAddr; > int i; > >- if(len > sizeof(moxaBuff)) >- return -EINVAL; > if(copy_from_user(moxaBuff, tmp, len)) > return -EFAULT; > baseAddr = moxaBaseAddr[cardno]; >diff -urNp linux-2.6.10/drivers/block/scsi_ioctl.c linux-2.6.10-new/drivers/block/scsi_ioctl.c >--- linux-2.6.10/drivers/block/scsi_ioctl.c 2005-01-07 10:51:24 -0500 >+++ linux-2.6.10-new/drivers/block/scsi_ioctl.c 2005-01-07 10:51:33 -0500 >@@ -339,7 +339,8 @@ static int sg_scsi_ioctl(struct file *fi > struct gendisk *bd_disk, Scsi_Ioctl_Command __user *sic) > { > struct request *rq; >- int err, in_len, out_len, bytes, opcode, cmdlen; >+ unsigned int in_len, out_len, bytes, opcode, cmdlen; >+ int err; > char *buffer = NULL, sense[SCSI_SENSE_BUFFERSIZE]; > > /* >diff -urNp linux-2.6.10/include/linux/writeback.h linux-2.6.10-new/include/linux/writeback.h >--- linux-2.6.10/include/linux/writeback.h 2005-01-07 10:51:22 -0500 >+++ linux-2.6.10-new/include/linux/writeback.h 2005-01-07 10:51:33 -0500 >@@ -86,6 +86,7 @@ static inline void wait_on_inode(struct > int wakeup_bdflush(long nr_pages); > void laptop_io_completion(void); > void laptop_sync_completion(void); >+void throttle_vm_writeout(void); > > /* These are exported to sysctl. */ > extern int dirty_background_ratio; >diff -urNp linux-2.6.10/drivers/char/random.c linux-2.6.10-new/drivers/char/random.c >--- linux-2.6.10/drivers/char/random.c 2005-01-07 10:51:23 -0500 >+++ linux-2.6.10-new/drivers/char/random.c 2005-01-07 10:51:33 -0500 >@@ -1912,7 +1912,7 @@ static int poolsize_strategy(ctl_table * > void __user *oldval, size_t __user *oldlenp, > void __user *newval, size_t newlen, void **context) > { >- int len; >+ size_t len; > > sysctl_poolsize = random_state->poolinfo.POOLBYTES; > >diff -urNp linux-2.6.10/mm/mmap.c linux-2.6.10-new/mm/mmap.c >--- linux-2.6.10/mm/mmap.c 2004-12-24 22:35:00.000000000 +0100 >+++ linux-2.6.10-new/mm/mmap.c 2004-12-27 16:37:47.000000000 +0100 >@@ -1360,6 +1360,13 @@ int expand_stack(struct vm_area_struct * > vm_unacct_memory(grow); > return -ENOMEM; > } >+ if ((vma->vm_flags & VM_LOCKED) && !capable(CAP_IPC_LOCK) && >+ ((vma->vm_mm->locked_vm + grow) << PAGE_SHIFT) > >+ current->signal->rlim[RLIMIT_MEMLOCK].rlim_cur) { >+ anon_vma_unlock(vma); >+ vm_unacct_memory(grow); >+ return -ENOMEM; >+ } > vma->vm_end = address; > vma->vm_mm->total_vm += grow; > if (vma->vm_flags & VM_LOCKED) >@@ -1422,6 +1429,13 @@ int expand_stack(struct vm_area_struct * > vm_unacct_memory(grow); > return -ENOMEM; > } >+ if ((vma->vm_flags & VM_LOCKED) && !capable(CAP_IPC_LOCK) && >+ ((vma->vm_mm->locked_vm + grow) << PAGE_SHIFT) > >+ current->signal->rlim[RLIMIT_MEMLOCK].rlim_cur) { >+ anon_vma_unlock(vma); >+ vm_unacct_memory(grow); >+ return -ENOMEM; >+ } > vma->vm_start = address; > vma->vm_pgoff -= grow; > vma->vm_mm->total_vm += grow; >diff -urNp linux-2.6.10/mm/page-writeback.c linux-2.6.10-new/mm/page-writeback.c >--- linux-2.6.10/mm/page-writeback.c 2005-01-07 10:51:24 -0500 >+++ linux-2.6.10-new/mm/page-writeback.c 2005-01-07 10:51:33 -0500 >@@ -276,6 +276,28 @@ void balance_dirty_pages_ratelimited(str > } > EXPORT_SYMBOL(balance_dirty_pages_ratelimited); > >+void throttle_vm_writeout(void) >+{ >+ struct writeback_state wbs; >+ long background_thresh; >+ long dirty_thresh; >+ >+ for ( ; ; ) { >+ get_dirty_limits(&wbs, &background_thresh, &dirty_thresh); >+ >+ /* >+ * Boost the allowable dirty threshold a bit for page >+ * allocators so they don't get DoS'ed by heavy writers >+ */ >+ dirty_thresh += dirty_thresh / 10; /* wheeee... */ >+ >+ if (wbs.nr_unstable + wbs.nr_writeback <= dirty_thresh) >+ break; >+ blk_congestion_wait(WRITE, HZ/10); >+ } >+} >+ >+ > /* > * writeback at least _min_pages, and keep writing until the amount of dirty > * memory is less than the background threshold, or until we're all clean. >diff -urNp linux-2.6.10/mm/vmscan.c linux-2.6.10-new/mm/vmscan.c >--- linux-2.6.10/mm/vmscan.c 2005-01-07 10:51:24 -0500 >+++ linux-2.6.10-new/mm/vmscan.c 2005-01-07 10:51:33 -0500 >@@ -369,14 +369,14 @@ static int shrink_list(struct list_head > > BUG_ON(PageActive(page)); > >- if (PageWriteback(page)) >- goto keep_locked; >- > sc->nr_scanned++; > /* Double the slab pressure for mapped and swapcache pages */ > if (page_mapped(page) || PageSwapCache(page)) > sc->nr_scanned++; > >+ if (PageWriteback(page)) >+ goto keep_locked; >+ > referenced = page_referenced(page, 1, sc->priority <= 0); > /* In active use or really unfreeable? Activate it. */ > if (referenced && page_mapping_inuse(page)) >@@ -825,6 +825,8 @@ shrink_zone(struct zone *zone, struct sc > break; > } > } >+ >+ throttle_vm_writeout(); > } > > /* >diff -urNp linux-2.6.10/net/ipv4/netfilter/ip_conntrack_proto_tcp.c linux-2.6.10-new/net/ipv4/netfilter/ip_conntrack_proto_tcp.c >--- linux-2.6.10/net/ipv4/netfilter/ip_conntrack_proto_tcp.c 2005-01-07 10:51:24 -0500 >+++ linux-2.6.10-new/net/ipv4/netfilter/ip_conntrack_proto_tcp.c 2005-01-07 10:51:33 -0500 >@@ -906,7 +906,8 @@ static int tcp_packet(struct ip_conntrac > if (index == TCP_RST_SET > && ((test_bit(IPS_SEEN_REPLY_BIT, &conntrack->status) > && conntrack->proto.tcp.last_index <= TCP_SYNACK_SET) >- || conntrack->proto.tcp.last_index == TCP_ACK_SET) >+ || (!test_bit(IPS_ASSURED_BIT, &conntrack->status) >+ && conntrack->proto.tcp.last_index == TCP_ACK_SET)) > && after(ntohl(th->ack_seq), > conntrack->proto.tcp.last_seq)) { > /* Ignore RST closing down invalid SYN or ACK
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=48045">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 77094
:
48020
| 48045 |
48046
|
48178
