add nfs bugfix and add signed off for other patches

diff --git a/queue-2.6.16/missed-error-checking-for-intent-s-filp-in-open_namei.patch b/queue-2.6.16/missed-error-checking-for-intent-s-filp-in-open_namei.patch
new file mode 100644 (file)
index 0000000..e84eeb7
--- /dev/null
+++ b/queue-2.6.16/missed-error-checking-for-intent-s-filp-in-open_namei.patch
@@ -0,0 +1,53 @@
+From nobody Mon Sep 17 00:00:00 2001
+From: Oleg Drokin <green@linuxhacker.ru>
+Date: Sat, 25 Mar 2006 03:06:54 -0800
+Subject: [PATCH] Missed error checking for intent's filp in open_namei().
+
+It seems there is error check missing in open_namei for errors returned
+through intent.open.file (from lookup_instantiate_filp).
+
+If there is plain open performed, then such a check done inside
+__path_lookup_intent_open called from path_lookup_open(), but when the open
+is performed with O_CREAT flag set, then __path_lookup_intent_open is only
+called with LOOKUP_PARENT set where no file opening can occur yet.
+
+Later on lookup_hash is called where exact opening might take place and
+intent.open.file may be filled.  If it is filled with error value of some
+sort, then we get kernel attempting to dereference this error value as
+address (and corresponding oops) in nameidata_to_filp() called from
+filp_open().
+
+While this is relatively simple to workaround in ->lookup() method by just
+checking lookup_instantiate_filp() return value and returning error as
+needed, this is not so easy in ->d_revalidate(), where we can only return
+"yes, dentry is valid" or "no, dentry is invalid, perform full lookup
+again", and just returning 0 on error would cause extra lookup (with
+potential extra costly RPCs).
+
+So in short, I believe that there should be no difference in error handling
+for opening a file and creating a file in open_namei() and propose this
+simple patch as a solution.
+
+Signed-off-by: Andrew Morton <akpm@osdl.org>
+Signed-off-by: Linus Torvalds <torvalds@osdl.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ fs/namei.c |    6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- linux-2.6.16.20.orig/fs/namei.c
++++ linux-2.6.16.20/fs/namei.c
+@@ -1628,6 +1628,12 @@ do_last:
+               goto exit;
+       }
+ 
++      if (IS_ERR(nd->intent.open.file)) {
++              mutex_unlock(&dir->d_inode->i_mutex);
++              error = PTR_ERR(nd->intent.open.file);
++              goto exit_dput;
++      }
++
+       /* Negative dentry, just create the file */
+       if (!path.dentry->d_inode) {
+               if (!IS_POSIXACL(dir->d_inode))

diff --git a/queue-2.6.16/series b/queue-2.6.16/series
index e722024a5ff0e4d83721400263f7277719a36eb0..6a88389349331b501124f2fc4a64dec463104e9c 100644 (file)
--- a/queue-2.6.16/series
+++ b/queue-2.6.16/series
@@ -2,3 +2,4 @@ usb-whiteheat-fix-firmware-spurious-errors.patch
 sparc64-fix-d-cache-corruption-in-mremap.patch
 sparc64-respect-gfp_t-argument-to-dma_alloc_coherent.patch
 sparc64-fix-missing-fold-at-end-of-checksums.patch
+missed-error-checking-for-intent-s-filp-in-open_namei.patch

diff --git a/queue-2.6.16/sparc64-fix-d-cache-corruption-in-mremap.patch b/queue-2.6.16/sparc64-fix-d-cache-corruption-in-mremap.patch
index 7be4d58be5ca1a1f05e462c7407dfb7717ae5b13..4736c325b4e1dffedbdc764881d1053a8b7a5d89 100644 (file)
--- a/queue-2.6.16/sparc64-fix-d-cache-corruption-in-mremap.patch
+++ b/queue-2.6.16/sparc64-fix-d-cache-corruption-in-mremap.patch
@@ -19,6 +19,7 @@ files on sparc64 boxes.
 
 Signed-off-by: David S. Miller <davem@davemloft.net>
 Signed-off-by: Chris Wright <chrisw@sous-sol.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 ---
 
  include/asm-generic/pgtable.h |   11 +----------

diff --git a/queue-2.6.16/sparc64-fix-missing-fold-at-end-of-checksums.patch b/queue-2.6.16/sparc64-fix-missing-fold-at-end-of-checksums.patch
index a539dba0404ca47e87dc09982b3ef345cc1e0c35..f5ed435d9203e1efd08000aa9e93dc44da2712c8 100644 (file)
--- a/queue-2.6.16/sparc64-fix-missing-fold-at-end-of-checksums.patch
+++ b/queue-2.6.16/sparc64-fix-missing-fold-at-end-of-checksums.patch
@@ -16,6 +16,7 @@ Richard Braun and Samuel Thibault.
 
 Signed-off-by: David S. Miller <davem@davemloft.net>
 Signed-off-by: Chris Wright <chrisw@sous-sol.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 ---
 
  arch/sparc64/lib/checksum.S  |    5 +++--

diff --git a/queue-2.6.16/sparc64-respect-gfp_t-argument-to-dma_alloc_coherent.patch b/queue-2.6.16/sparc64-respect-gfp_t-argument-to-dma_alloc_coherent.patch
index 73a9d6e9137aa359a970fc83da46164c63b2bb64..0c1811a43380ae64fa199685a5d70177cb87f1e3 100644 (file)
--- a/queue-2.6.16/sparc64-respect-gfp_t-argument-to-dma_alloc_coherent.patch
+++ b/queue-2.6.16/sparc64-respect-gfp_t-argument-to-dma_alloc_coherent.patch
@@ -21,6 +21,7 @@ This is a disk eater when sound is used, so it's pretty critical.
 
 Signed-off-by: David S. Miller <davem@davemloft.net>
 Signed-off-by: Chris Wright <chrisw@sous-sol.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
 ---
 
  arch/sparc64/kernel/pci_iommu.c     |    4 -

diff --git a/queue-2.6.16/usb-whiteheat-fix-firmware-spurious-errors.patch b/queue-2.6.16/usb-whiteheat-fix-firmware-spurious-errors.patch
index 90aed9df233607bc601cac8e20b01af082660fd3..143125c32b3fe5ebb2dad0df60d374372990a041 100644 (file)
--- a/queue-2.6.16/usb-whiteheat-fix-firmware-spurious-errors.patch
+++ b/queue-2.6.16/usb-whiteheat-fix-firmware-spurious-errors.patch
@@ -15,8 +15,8 @@ Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
  drivers/usb/serial/whiteheat.c |    4 ++--
  1 file changed, 2 insertions(+), 2 deletions(-)
 
---- gregkh-2.6.orig/drivers/usb/serial/whiteheat.c
-+++ gregkh-2.6/drivers/usb/serial/whiteheat.c
+--- linux-2.6.16.20.orig/drivers/usb/serial/whiteheat.c
++++ linux-2.6.16.20/drivers/usb/serial/whiteheat.c
 @@ -388,7 +388,7 @@ static int whiteheat_attach (struct usb_
        if (ret) {
                err("%s: Couldn't send command [%d]", serial->type->description, ret);