From 4dddf9011711c035180b609ade36ad2cb5901871 Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Tue, 9 Aug 2011 05:20:21 +0200 Subject: [PATCH] kernel: update to 2.6.32.44. --- lfs/linux | 11 +- .../linux-2.6.32.43-cve_2011_1767+1768.patch | 137 ------------------ 2 files changed, 4 insertions(+), 144 deletions(-) delete mode 100644 src/patches/linux-2.6.32.43-cve_2011_1767+1768.patch diff --git a/lfs/linux b/lfs/linux index dd01d9ec27..0da4313b9a 100644 --- a/lfs/linux +++ b/lfs/linux @@ -24,8 +24,8 @@ include Config -PATCHLEVEL = .43 -VER = 2.6.32.43 +PATCHLEVEL = .44 +VER = 2.6.32.44 THISAPP = linux-$(VER) DL_FILE = $(THISAPP).tar.bz2 @@ -35,7 +35,7 @@ CFLAGS = CXXFLAGS = PROG = linux-xen -PAK_VER = 17 +PAK_VER = 18 DEPS = "" # Normal build or XEN build. @@ -68,7 +68,7 @@ patch-2.6.16-nath323-1.3.bz2 = $(URL_IPFIRE)/patch-2.6.16-nath323-1.3.bz2 reiser4-for-2.6.32.patch.bz2 = $(URL_IPFIRE)/reiser4-for-2.6.32.patch.bz2 xen-patches-2.6.32-2f.tar.bz2 = $(URL_IPFIRE)/xen-patches-2.6.32-2f.tar.bz2 -$(DL_FILE)_MD5 = d6819da012da0d9772ac79da9dce3d63 +$(DL_FILE)_MD5 = 38d43bb91fff88783f57ada146415029 netfilter-layer7-v2.22.tar.gz_MD5 = 98dff8a3d5a31885b73341633f69501f patch-2.6.16-nath323-1.3.bz2_MD5 = f926409ff703a307baf54b57ab75d138 reiser4-for-2.6.32.patch.bz2_MD5 = 3246397973d9271eb8e6d7c97c5d2d91 @@ -125,9 +125,6 @@ else cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-2.6.32-imq-test2.patch endif - # Patch CVE 2011-1767 and 1768 dos hole - cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-2.6.32.43-cve_2011_1767+1768.patch - # Not report deprecated syscall 1.23 (for kudzu) cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-2.6.25.18-not_report_sysctl_1.23.patch diff --git a/src/patches/linux-2.6.32.43-cve_2011_1767+1768.patch b/src/patches/linux-2.6.32.43-cve_2011_1767+1768.patch deleted file mode 100644 index 076cce6f81..0000000000 --- a/src/patches/linux-2.6.32.43-cve_2011_1767+1768.patch +++ /dev/null @@ -1,137 +0,0 @@ -diff -Naur linux-2.6.32.43.org/net/ipv4/ip_gre.c linux-2.6.32.43/net/ipv4/ip_gre.c ---- linux-2.6.32.43.org/net/ipv4/ip_gre.c 2011-07-13 05:29:43.000000000 +0200 -+++ linux-2.6.32.43/net/ipv4/ip_gre.c 2011-06-20 19:27:06.000000000 +0200 -@@ -1665,14 +1665,16 @@ - - printk(KERN_INFO "GRE over IPv4 tunneling driver\n"); - -- if (inet_add_protocol(&ipgre_protocol, IPPROTO_GRE) < 0) { -- printk(KERN_INFO "ipgre init: can't add protocol\n"); -- return -EAGAIN; -- } -- - err = register_pernet_gen_device(&ipgre_net_id, &ipgre_net_ops); - if (err < 0) -+ goto out; -+ -+ err = inet_add_protocol(&ipgre_protocol, IPPROTO_GRE); -+ if (err < 0) { -+ printk(KERN_INFO "ipgre init: can't add protocol\n"); -+ err = -EAGAIN; - goto gen_device_failed; -+ } - - err = rtnl_link_register(&ipgre_link_ops); - if (err < 0) -@@ -1688,9 +1690,9 @@ - tap_ops_failed: - rtnl_link_unregister(&ipgre_link_ops); - rtnl_link_failed: -- unregister_pernet_gen_device(ipgre_net_id, &ipgre_net_ops); --gen_device_failed: - inet_del_protocol(&ipgre_protocol, IPPROTO_GRE); -+gen_device_failed: -+ unregister_pernet_gen_device(ipgre_net_id, &ipgre_net_ops); - goto out; - } - -@@ -1698,9 +1700,10 @@ - { - rtnl_link_unregister(&ipgre_tap_ops); - rtnl_link_unregister(&ipgre_link_ops); -- unregister_pernet_gen_device(ipgre_net_id, &ipgre_net_ops); - if (inet_del_protocol(&ipgre_protocol, IPPROTO_GRE) < 0) - printk(KERN_INFO "ipgre close: can't remove protocol\n"); -+ -+ unregister_pernet_gen_device(ipgre_net_id, &ipgre_net_ops); - } - - module_init(ipgre_init); -diff -Naur linux-2.6.32.43.org/net/ipv4/ipip.c linux-2.6.32.43/net/ipv4/ipip.c ---- linux-2.6.32.43.org/net/ipv4/ipip.c 2011-07-13 05:29:43.000000000 +0200 -+++ linux-2.6.32.43/net/ipv4/ipip.c 2011-06-20 19:27:06.000000000 +0200 -@@ -830,15 +830,14 @@ - - printk(banner); - -- if (xfrm4_tunnel_register(&ipip_handler, AF_INET)) { -+ err = register_pernet_gen_device(&ipip_net_id, &ipip_net_ops); -+ if (err < 0) -+ return err; -+ err = xfrm4_tunnel_register(&ipip_handler, AF_INET); -+ if (err < 0) { -+ unregister_pernet_gen_device(ipip_net_id, &ipip_net_ops); - printk(KERN_INFO "ipip init: can't register tunnel\n"); -- return -EAGAIN; - } -- -- err = register_pernet_gen_device(&ipip_net_id, &ipip_net_ops); -- if (err) -- xfrm4_tunnel_deregister(&ipip_handler, AF_INET); -- - return err; - } - -diff -Naur linux-2.6.32.43.org/net/ipv6/ip6_tunnel.c linux-2.6.32.43/net/ipv6/ip6_tunnel.c ---- linux-2.6.32.43.org/net/ipv6/ip6_tunnel.c 2011-07-13 05:29:43.000000000 +0200 -+++ linux-2.6.32.43/net/ipv6/ip6_tunnel.c 2011-06-20 19:27:06.000000000 +0200 -@@ -1466,10 +1465,14 @@ - { - int err; - -+ err = register_pernet_gen_device(&ip6_tnl_net_id, &ip6_tnl_net_ops); -+ if (err < 0) -+ goto out; -+ - if (xfrm6_tunnel_register(&ip4ip6_handler, AF_INET)) { - printk(KERN_ERR "ip6_tunnel init: can't register ip4ip6\n"); - err = -EAGAIN; -- goto out; -+ goto unreg_pernet_dev; - } - - if (xfrm6_tunnel_register(&ip6ip6_handler, AF_INET6)) { -@@ -1478,14 +1481,12 @@ - goto unreg_ip4ip6; - } - -- err = register_pernet_gen_device(&ip6_tnl_net_id, &ip6_tnl_net_ops); -- if (err < 0) -- goto err_pernet; - return 0; --err_pernet: -- xfrm6_tunnel_deregister(&ip6ip6_handler, AF_INET6); -+ - unreg_ip4ip6: - xfrm6_tunnel_deregister(&ip4ip6_handler, AF_INET); -+unreg_pernet_dev: -+ unregister_pernet_gen_device(ip6_tnl_net_id, &ip6_tnl_net_ops); - out: - return err; - } -diff -Naur linux-2.6.32.43.org/net/ipv6/sit.c linux-2.6.32.43/net/ipv6/sit.c ---- linux-2.6.32.43.org/net/ipv6/sit.c 2011-07-13 05:29:43.000000000 +0200 -+++ linux-2.6.32.43/net/ipv6/sit.c 2011-06-20 19:27:06.000000000 +0200 -@@ -1086,15 +1086,17 @@ - - printk(KERN_INFO "IPv6 over IPv4 tunneling driver\n"); - -- if (xfrm4_tunnel_register(&sit_handler, AF_INET6) < 0) { -+ err = register_pernet_gen_device(&sit_net_id, &sit_net_ops); -+ if (err < 0) -+ return err; -+ -+ err = xfrm4_tunnel_register(&sit_handler, AF_INET6); -+ if (err < 0) { -+ unregister_pernet_gen_device(sit_net_id, &sit_net_ops); - printk(KERN_INFO "sit init: Can't add protocol\n"); - return -EAGAIN; - } - -- err = register_pernet_gen_device(&sit_net_id, &sit_net_ops); -- if (err < 0) -- xfrm4_tunnel_deregister(&sit_handler, AF_INET6); -- - return err; - } - -- 2.39.2