diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2011-02-24 12:08:25 +0000 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2011-02-24 12:09:38 +0000 |
| commit | 861edbec9d76e7d353adf08abdd8d8edf324569b (patch) | |
| tree | 0e0a922124a696a5f502436a50e6f14af0866a13 | |
| parent | 66f762db133ac258abede380dd5303d7aa173fa1 (diff) | |
| download | aports-861edbec9d76e7d353adf08abdd8d8edf324569b.tar.bz2 aports-861edbec9d76e7d353adf08abdd8d8edf324569b.tar.xz | |
main/linux-grsec: backported xfrm: avoid possible oopse in xfrm_alloc_dst
| -rw-r--r-- | main/linux-grsec/0001-xfrm-avoid-possible-oopse-in-xfrm_alloc_dst.patch | 37 | ||||
| -rw-r--r-- | main/linux-grsec/APKBUILD | 4 |
2 files changed, 40 insertions, 1 deletions
diff --git a/main/linux-grsec/0001-xfrm-avoid-possible-oopse-in-xfrm_alloc_dst.patch b/main/linux-grsec/0001-xfrm-avoid-possible-oopse-in-xfrm_alloc_dst.patch new file mode 100644 index 0000000000..ae4a972eec --- /dev/null +++ b/main/linux-grsec/0001-xfrm-avoid-possible-oopse-in-xfrm_alloc_dst.patch @@ -0,0 +1,37 @@ +From 0b150932197b185ad5816932912e648116c7a96a Mon Sep 17 00:00:00 2001 +From: Hiroaki SHIMODA <shimoda.hiroaki@gmail.com> +Date: Thu, 10 Feb 2011 23:08:33 -0800 +Subject: [PATCH] xfrm: avoid possible oopse in xfrm_alloc_dst + +Commit 80c802f3073e84 (xfrm: cache bundles instead of policies for +outgoing flows) introduced possible oopse when dst_alloc returns NULL. + +Signed-off-by: Hiroaki SHIMODA <shimoda.hiroaki@gmail.com> +Signed-off-by: David S. Miller <davem@davemloft.net> +--- + net/xfrm/xfrm_policy.c | 7 +++++-- + 1 files changed, 5 insertions(+), 2 deletions(-) + +diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c +index 8b3ef40..6459588 100644 +--- a/net/xfrm/xfrm_policy.c ++++ b/net/xfrm/xfrm_policy.c +@@ -1340,10 +1340,13 @@ static inline struct xfrm_dst *xfrm_alloc_dst(struct net *net, int family) + default: + BUG(); + } +- xdst = dst_alloc(dst_ops) ?: ERR_PTR(-ENOBUFS); ++ xdst = dst_alloc(dst_ops); + xfrm_policy_put_afinfo(afinfo); + +- xdst->flo.ops = &xfrm_bundle_fc_ops; ++ if (likely(xdst)) ++ xdst->flo.ops = &xfrm_bundle_fc_ops; ++ else ++ xdst = ERR_PTR(-ENOBUFS); + + return xdst; + } +-- +1.7.4.1 + diff --git a/main/linux-grsec/APKBUILD b/main/linux-grsec/APKBUILD index b4403df641..439c53ae82 100644 --- a/main/linux-grsec/APKBUILD +++ b/main/linux-grsec/APKBUILD @@ -4,7 +4,7 @@ _flavor=grsec pkgname=linux-${_flavor} pkgver=2.6.35.11 _kernver=2.6.35 -pkgrel=0 +pkgrel=1 pkgdesc="Linux kernel with grsecurity" url=http://grsecurity.net arch="all" @@ -18,6 +18,7 @@ source="ftp://ftp.kernel.org/pub/linux/kernel/v2.6/linux-$_kernver.tar.bz2 grsecurity-2.2.0-$pkgver-unofficial.patch 0001-xfrm-use-gre-key-as-flow-upper-protocol-info.patch xfrm-fix-gre-key-endianess.patch + 0001-xfrm-avoid-possible-oopse-in-xfrm_alloc_dst.patch 0004-arp-flush-arp-cache-on-device-change.patch r8169-add-gro-support.patch @@ -151,6 +152,7 @@ md5sums="091abeb4684ce03d1d936851618687b6 linux-2.6.35.tar.bz2 a3b572360778b04f99ff9c7854d5d60a grsecurity-2.2.0-2.6.35.11-unofficial.patch eed5bd98c0a3b976891c897763eceff5 0001-xfrm-use-gre-key-as-flow-upper-protocol-info.patch ea7a7eb2775b71ae5ef24d029a4905bd xfrm-fix-gre-key-endianess.patch +9e26287fff1293001605a66a3c384c45 0001-xfrm-avoid-possible-oopse-in-xfrm_alloc_dst.patch 776adeeb5272093574f8836c5037dd7d 0004-arp-flush-arp-cache-on-device-change.patch 139b39da44ecb577275be53d7d365949 r8169-add-gro-support.patch 648d8b477248f233c318a3b7a961febf 0001-Staging-hv-fix-sleeping-while-atomic-issue.patch |