diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2011-02-24 12:08:25 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2011-02-24 12:09:38 +0000 |
commit | 861edbec9d76e7d353adf08abdd8d8edf324569b (patch) | |
tree | 0e0a922124a696a5f502436a50e6f14af0866a13 | |
parent | 66f762db133ac258abede380dd5303d7aa173fa1 (diff) | |
download | alpine_aports-861edbec9d76e7d353adf08abdd8d8edf324569b.tar.bz2 alpine_aports-861edbec9d76e7d353adf08abdd8d8edf324569b.tar.xz alpine_aports-861edbec9d76e7d353adf08abdd8d8edf324569b.zip |
main/linux-grsec: backported xfrm: avoid possible oopse in xfrm_alloc_dst
-rw-r--r-- | main/linux-grsec/0001-xfrm-avoid-possible-oopse-in-xfrm_alloc_dst.patch | 37 | ||||
-rw-r--r-- | main/linux-grsec/APKBUILD | 4 |
2 files changed, 40 insertions, 1 deletions
diff --git a/main/linux-grsec/0001-xfrm-avoid-possible-oopse-in-xfrm_alloc_dst.patch b/main/linux-grsec/0001-xfrm-avoid-possible-oopse-in-xfrm_alloc_dst.patch new file mode 100644 index 0000000000..ae4a972eec --- /dev/null +++ b/main/linux-grsec/0001-xfrm-avoid-possible-oopse-in-xfrm_alloc_dst.patch | |||
@@ -0,0 +1,37 @@ | |||
1 | From 0b150932197b185ad5816932912e648116c7a96a Mon Sep 17 00:00:00 2001 | ||
2 | From: Hiroaki SHIMODA <shimoda.hiroaki@gmail.com> | ||
3 | Date: Thu, 10 Feb 2011 23:08:33 -0800 | ||
4 | Subject: [PATCH] xfrm: avoid possible oopse in xfrm_alloc_dst | ||
5 | |||
6 | Commit 80c802f3073e84 (xfrm: cache bundles instead of policies for | ||
7 | outgoing flows) introduced possible oopse when dst_alloc returns NULL. | ||
8 | |||
9 | Signed-off-by: Hiroaki SHIMODA <shimoda.hiroaki@gmail.com> | ||
10 | Signed-off-by: David S. Miller <davem@davemloft.net> | ||
11 | --- | ||
12 | net/xfrm/xfrm_policy.c | 7 +++++-- | ||
13 | 1 files changed, 5 insertions(+), 2 deletions(-) | ||
14 | |||
15 | diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c | ||
16 | index 8b3ef40..6459588 100644 | ||
17 | --- a/net/xfrm/xfrm_policy.c | ||
18 | +++ b/net/xfrm/xfrm_policy.c | ||
19 | @@ -1340,10 +1340,13 @@ static inline struct xfrm_dst *xfrm_alloc_dst(struct net *net, int family) | ||
20 | default: | ||
21 | BUG(); | ||
22 | } | ||
23 | - xdst = dst_alloc(dst_ops) ?: ERR_PTR(-ENOBUFS); | ||
24 | + xdst = dst_alloc(dst_ops); | ||
25 | xfrm_policy_put_afinfo(afinfo); | ||
26 | |||
27 | - xdst->flo.ops = &xfrm_bundle_fc_ops; | ||
28 | + if (likely(xdst)) | ||
29 | + xdst->flo.ops = &xfrm_bundle_fc_ops; | ||
30 | + else | ||
31 | + xdst = ERR_PTR(-ENOBUFS); | ||
32 | |||
33 | return xdst; | ||
34 | } | ||
35 | -- | ||
36 | 1.7.4.1 | ||
37 | |||
diff --git a/main/linux-grsec/APKBUILD b/main/linux-grsec/APKBUILD index b4403df641..439c53ae82 100644 --- a/main/linux-grsec/APKBUILD +++ b/main/linux-grsec/APKBUILD | |||
@@ -4,7 +4,7 @@ _flavor=grsec | |||
4 | pkgname=linux-${_flavor} | 4 | pkgname=linux-${_flavor} |
5 | pkgver=2.6.35.11 | 5 | pkgver=2.6.35.11 |
6 | _kernver=2.6.35 | 6 | _kernver=2.6.35 |
7 | pkgrel=0 | 7 | pkgrel=1 |
8 | pkgdesc="Linux kernel with grsecurity" | 8 | pkgdesc="Linux kernel with grsecurity" |
9 | url=http://grsecurity.net | 9 | url=http://grsecurity.net |
10 | arch="all" | 10 | arch="all" |
@@ -18,6 +18,7 @@ source="ftp://ftp.kernel.org/pub/linux/kernel/v2.6/linux-$_kernver.tar.bz2 | |||
18 | grsecurity-2.2.0-$pkgver-unofficial.patch | 18 | grsecurity-2.2.0-$pkgver-unofficial.patch |
19 | 0001-xfrm-use-gre-key-as-flow-upper-protocol-info.patch | 19 | 0001-xfrm-use-gre-key-as-flow-upper-protocol-info.patch |
20 | xfrm-fix-gre-key-endianess.patch | 20 | xfrm-fix-gre-key-endianess.patch |
21 | 0001-xfrm-avoid-possible-oopse-in-xfrm_alloc_dst.patch | ||
21 | 0004-arp-flush-arp-cache-on-device-change.patch | 22 | 0004-arp-flush-arp-cache-on-device-change.patch |
22 | r8169-add-gro-support.patch | 23 | r8169-add-gro-support.patch |
23 | 24 | ||
@@ -151,6 +152,7 @@ md5sums="091abeb4684ce03d1d936851618687b6 linux-2.6.35.tar.bz2 | |||
151 | a3b572360778b04f99ff9c7854d5d60a grsecurity-2.2.0-2.6.35.11-unofficial.patch | 152 | a3b572360778b04f99ff9c7854d5d60a grsecurity-2.2.0-2.6.35.11-unofficial.patch |
152 | eed5bd98c0a3b976891c897763eceff5 0001-xfrm-use-gre-key-as-flow-upper-protocol-info.patch | 153 | eed5bd98c0a3b976891c897763eceff5 0001-xfrm-use-gre-key-as-flow-upper-protocol-info.patch |
153 | ea7a7eb2775b71ae5ef24d029a4905bd xfrm-fix-gre-key-endianess.patch | 154 | ea7a7eb2775b71ae5ef24d029a4905bd xfrm-fix-gre-key-endianess.patch |
155 | 9e26287fff1293001605a66a3c384c45 0001-xfrm-avoid-possible-oopse-in-xfrm_alloc_dst.patch | ||
154 | 776adeeb5272093574f8836c5037dd7d 0004-arp-flush-arp-cache-on-device-change.patch | 156 | 776adeeb5272093574f8836c5037dd7d 0004-arp-flush-arp-cache-on-device-change.patch |
155 | 139b39da44ecb577275be53d7d365949 r8169-add-gro-support.patch | 157 | 139b39da44ecb577275be53d7d365949 r8169-add-gro-support.patch |
156 | 648d8b477248f233c318a3b7a961febf 0001-Staging-hv-fix-sleeping-while-atomic-issue.patch | 158 | 648d8b477248f233c318a3b7a961febf 0001-Staging-hv-fix-sleeping-while-atomic-issue.patch |