--- /dev/null
+From linux-kernel-owner+chrisw=40osdl.org-S261374AbVGLL7s@vger.kernel.org Tue Jul 12 05:04:39 2005
+Date: Tue, 12 Jul 2005 13:58:27 +0200
+From: Patrick McHardy <kaber@trash.net>
+To: Daniel Drake <dsd@gentoo.org>
+CC: linux-kernel@vger.kernel.org, netfilter-devel@lists.netfilter.org
+Subject: [PATCH] [NETFILTER]: revert nf_reset change
+
+[NETFILTER]: Revert nf_reset change
+
+Revert the nf_reset change that caused so much trouble, drop conntrack
+references manually before packets are queued to packet sockets.
+
+Adapted for 2.6.12 by Daniel Drake <dsd@gentoo.org>
+
+Signed-off-by: Phil Oester <kernel@linuxace.com>
+Signed-off-by: Patrick McHardy <kaber@trash.net>
+Signed-off-by: Chris Wright <chrisw@osdl.org>
+---
+
+--- linux-2.6.12/net/ipv4/ip_output.c_orig 2005-07-12 13:42:56.000000000 +0100
++++ linux-2.6.12/net/ipv4/ip_output.c 2005-07-12 13:46:03.000000000 +0100
+@@ -111,7 +111,6 @@ static int ip_dev_loopback_xmit(struct s
+ #ifdef CONFIG_NETFILTER_DEBUG
+ nf_debug_ip_loopback_xmit(newskb);
+ #endif
+- nf_reset(newskb);
+ netif_rx(newskb);
+ return 0;
+ }
+@@ -196,8 +195,6 @@ static inline int ip_finish_output2(stru
+ nf_debug_ip_finish_output2(skb);
+ #endif /*CONFIG_NETFILTER_DEBUG*/
+
+- nf_reset(skb);
+-
+ if (hh) {
+ int hh_alen;
+
+--- linux-2.6.12/net/ipv4/netfilter/ip_conntrack_standalone.c_orig 2005-07-12 13:43:16.000000000 +0100
++++ linux-2.6.12/net/ipv4/netfilter/ip_conntrack_standalone.c 2005-07-12 13:47:44.000000000 +0100
+@@ -432,6 +432,13 @@ static unsigned int ip_conntrack_defrag(
+ const struct net_device *out,
+ int (*okfn)(struct sk_buff *))
+ {
++#if !defined(CONFIG_IP_NF_NAT) && !defined(CONFIG_IP_NF_NAT_MODULE)
++ /* Previously seen (loopback)? Ignore. Do this before
++ fragment check. */
++ if ((*pskb)->nfct)
++ return NF_ACCEPT;
++#endif
++
+ /* Gather fragments. */
+ if ((*pskb)->nh.iph->frag_off & htons(IP_MF|IP_OFFSET)) {
+ *pskb = ip_ct_gather_frags(*pskb,
+--- linux-2.6.12/net/packet/af_packet.c_orig 2005-07-12 13:47:38.000000000 +0100
++++ linux-2.6.12/net/packet/af_packet.c 2005-07-12 13:47:44.000000000 +0100
+@@ -274,6 +274,9 @@ static int packet_rcv_spkt(struct sk_buf
+ dst_release(skb->dst);
+ skb->dst = NULL;
+
++ /* drop conntrack reference */
++ nf_reset(skb);
++
+ spkt = (struct sockaddr_pkt*)skb->cb;
+
+ skb_push(skb, skb->data-skb->mac.raw);
+@@ -517,6 +520,9 @@ static int packet_rcv(struct sk_buff *sk
+ dst_release(skb->dst);
+ skb->dst = NULL;
+
++ /* drop conntrack reference */
++ nf_reset(skb);
++
+ spin_lock(&sk->sk_receive_queue.lock);
+ po->stats.tp_packets++;
+ __skb_queue_tail(&sk->sk_receive_queue, skb);
-netfilter-connection-tracking.patch
unregister_chrdev_region-semaphore-fix.patch
trivial-v4l-cx88-video-hue-offset-fix.patch
ppc32-stop-misusing-ntps-time_offset-value.patch
acpi-pci-irq-fix-fix.patch
smp-fix-for-6pack.patch
shaper-driver-lock-fix.patch
+x86_64-TASK_SIZE-fix.patch
+tty_ldisc_ref-null-check.patch
+uml-fix-tt-mode.patch
+netfilter-conntrack-fix-fix.patch
--- /dev/null
+From stable-bounces@linux.kernel.org Wed Jun 29 18:12:57 2005
+To: stable@kernel.org
+From: akpm@osdl.org
+Date: Wed, 29 Jun 2005 18:12:05 -0700
+Cc: akpm@osdl.org, kambarov@berkeley.edu, alan@lxorguk.ukuu.org.uk,
+ zkambarov@coverity.com
+Subject: [patch] coverity: tty_ldisc_ref return null check
+
+From: KAMBAROV, ZAUR <kambarov@berkeley.edu>
+
+We add a check of the return value of tty_ldisc_ref(), which
+is checked 7 out of 8 times, e.g.:
+
+149 ld = tty_ldisc_ref(tty);
+150 if (ld != NULL) {
+151 if (ld->set_termios)
+152 (ld->set_termios)(tty, &old_termios);
+153 tty_ldisc_deref(ld);
+154 }
+
+This defect was found automatically by Coverity Prevent, a static analysis
+tool.
+
+(akpm: presumably `ld' is never NULL. Oh well)
+
+Signed-off-by: Zaur Kambarov <zkambarov@coverity.com>
+Acked-by: Alan Cox <alan@lxorguk.ukuu.org.uk>
+Signed-off-by: Andrew Morton <akpm@osdl.org>
+Signed-off-by: Chris Wright <chrisw@osdl.org>
+---
+
+ drivers/char/tty_ioctl.c | 4 ++--
+ 1 files changed, 2 insertions(+), 2 deletions(-)
+
+diff -puN drivers/char/tty_ioctl.c~coverity-tty_ldisc_ref-return-null-check drivers/char/tty_ioctl.c
+--- stable/drivers/char/tty_ioctl.c~coverity-tty_ldisc_ref-return-null-check 2005-06-29 18:11:16.000000000 -0700
++++ stable-akpm/drivers/char/tty_ioctl.c 2005-06-29 18:11:16.000000000 -0700
+@@ -476,11 +476,11 @@ int n_tty_ioctl(struct tty_struct * tty,
+ ld = tty_ldisc_ref(tty);
+ switch (arg) {
+ case TCIFLUSH:
+- if (ld->flush_buffer)
++ if (ld && ld->flush_buffer)
+ ld->flush_buffer(tty);
+ break;
+ case TCIOFLUSH:
+- if (ld->flush_buffer)
++ if (ld && ld->flush_buffer)
+ ld->flush_buffer(tty);
+ /* fall through */
+ case TCOFLUSH:
+_
--- /dev/null
+From stable-bounces@linux.kernel.org Tue Jul 12 10:21:54 2005
+To: stable@kernel.org
+From: blaisorblade@yahoo.it
+Date: Tue, 12 Jul 2005 19:28:37 +0200
+Cc: jdike@addtoit.com, blaisorblade@yahoo.it, linux-kernel@vger.kernel.org,
+ user-mode-linux-devel@lists.sourceforge.net
+Subject: [patch] uml: fix TT mode by reverting "use fork instead of clone"
+
+From: Jeff Dike <jdike@addtoit.com>, Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
+
+Revert the following patch, because of miscompilation problems in different
+environments leading to UML not working *at all* in TT mode; it was merged
+lately in 2.6 development cycle, a little after being written, and has caused
+problems to lots of people; I know it's a bit too long, but it shouldn't have
+been merged in first place, so I still apply for inclusion in the -stable
+tree. Anyone using this feature currently is either using some older kernel
+(some reports even used 2.6.12-rc4-mm2) or using this patch, as included in my
+-bs patchset.
+
+For now there's not yet a fix for this patch, so for now the best thing is to
+drop it (which was widely reported to give a working kernel).
+
+"Convert the boot-time host ptrace testing from clone to fork. They were
+essentially doing fork anyway. This cleans up the code a bit, and makes
+valgrind a bit happier about grinding it."
+
+URL:
+http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=98fdffccea6cc3fe9dba32c0fcc310bcb5d71529
+
+Signed-off-by: Jeff Dike <jdike@addtoit.com>
+Signed-off-by: Paolo 'Blaisorblade' Giarrusso <blaisorblade@yahoo.it>
+Signed-off-by: Chris Wright <chrisw@osdl.org>
+---
+
+ vanilla-linux-2.6.12-paolo/arch/um/kernel/process.c | 48 ++++++++++++--------
+ 1 files changed, 29 insertions(+), 19 deletions(-)
+
+diff -puN arch/um/kernel/process.c~uml-revert-fork-instead-of-clone arch/um/kernel/process.c
+--- vanilla-linux-2.6.12/arch/um/kernel/process.c~uml-revert-fork-instead-of-clone 2005-07-12 18:22:03.000000000 +0200
++++ vanilla-linux-2.6.12-paolo/arch/um/kernel/process.c 2005-07-12 18:22:03.000000000 +0200
+@@ -130,7 +130,7 @@ int start_fork_tramp(void *thread_arg, u
+ return(arg.pid);
+ }
+
+-static int ptrace_child(void)
++static int ptrace_child(void *arg)
+ {
+ int ret;
+ int pid = os_getpid(), ppid = getppid();
+@@ -159,16 +159,20 @@ static int ptrace_child(void)
+ _exit(ret);
+ }
+
+-static int start_ptraced_child(void)
++static int start_ptraced_child(void **stack_out)
+ {
++ void *stack;
++ unsigned long sp;
+ int pid, n, status;
+
+- pid = fork();
+- if(pid == 0)
+- ptrace_child();
+-
++ stack = mmap(NULL, PAGE_SIZE, PROT_READ | PROT_WRITE | PROT_EXEC,
++ MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
++ if(stack == MAP_FAILED)
++ panic("check_ptrace : mmap failed, errno = %d", errno);
++ sp = (unsigned long) stack + PAGE_SIZE - sizeof(void *);
++ pid = clone(ptrace_child, (void *) sp, SIGCHLD, NULL);
+ if(pid < 0)
+- panic("check_ptrace : fork failed, errno = %d", errno);
++ panic("check_ptrace : clone failed, errno = %d", errno);
+ CATCH_EINTR(n = waitpid(pid, &status, WUNTRACED));
+ if(n < 0)
+ panic("check_ptrace : wait failed, errno = %d", errno);
+@@ -176,6 +180,7 @@ static int start_ptraced_child(void)
+ panic("check_ptrace : expected SIGSTOP, got status = %d",
+ status);
+
++ *stack_out = stack;
+ return(pid);
+ }
+
+@@ -183,12 +188,12 @@ static int start_ptraced_child(void)
+ * just avoid using sysemu, not panic, but only if SYSEMU features are broken.
+ * So only for SYSEMU features we test mustpanic, while normal host features
+ * must work anyway!*/
+-static int stop_ptraced_child(int pid, int exitcode, int mustexit)
++static int stop_ptraced_child(int pid, void *stack, int exitcode, int mustpanic)
+ {
+ int status, n, ret = 0;
+
+ if(ptrace(PTRACE_CONT, pid, 0, 0) < 0)
+- panic("stop_ptraced_child : ptrace failed, errno = %d", errno);
++ panic("check_ptrace : ptrace failed, errno = %d", errno);
+ CATCH_EINTR(n = waitpid(pid, &status, 0));
+ if(!WIFEXITED(status) || (WEXITSTATUS(status) != exitcode)) {
+ int exit_with = WEXITSTATUS(status);
+@@ -199,13 +204,15 @@ static int stop_ptraced_child(int pid, i
+ printk("check_ptrace : child exited with exitcode %d, while "
+ "expecting %d; status 0x%x", exit_with,
+ exitcode, status);
+- if (mustexit)
++ if (mustpanic)
+ panic("\n");
+ else
+ printk("\n");
+ ret = -1;
+ }
+
++ if(munmap(stack, PAGE_SIZE) < 0)
++ panic("check_ptrace : munmap failed, errno = %d", errno);
+ return ret;
+ }
+
+@@ -227,11 +234,12 @@ __uml_setup("nosysemu", nosysemu_cmd_par
+
+ static void __init check_sysemu(void)
+ {
++ void *stack;
+ int pid, syscall, n, status, count=0;
+
+ printk("Checking syscall emulation patch for ptrace...");
+ sysemu_supported = 0;
+- pid = start_ptraced_child();
++ pid = start_ptraced_child(&stack);
+
+ if(ptrace(PTRACE_SYSEMU, pid, 0, 0) < 0)
+ goto fail;
+@@ -249,7 +257,7 @@ static void __init check_sysemu(void)
+ panic("check_sysemu : failed to modify system "
+ "call return, errno = %d", errno);
+
+- if (stop_ptraced_child(pid, 0, 0) < 0)
++ if (stop_ptraced_child(pid, stack, 0, 0) < 0)
+ goto fail_stopped;
+
+ sysemu_supported = 1;
+@@ -257,7 +265,7 @@ static void __init check_sysemu(void)
+ set_using_sysemu(!force_sysemu_disabled);
+
+ printk("Checking advanced syscall emulation patch for ptrace...");
+- pid = start_ptraced_child();
++ pid = start_ptraced_child(&stack);
+ while(1){
+ count++;
+ if(ptrace(PTRACE_SYSEMU_SINGLESTEP, pid, 0, 0) < 0)
+@@ -282,7 +290,7 @@ static void __init check_sysemu(void)
+ break;
+ }
+ }
+- if (stop_ptraced_child(pid, 0, 0) < 0)
++ if (stop_ptraced_child(pid, stack, 0, 0) < 0)
+ goto fail_stopped;
+
+ sysemu_supported = 2;
+@@ -293,17 +301,18 @@ static void __init check_sysemu(void)
+ return;
+
+ fail:
+- stop_ptraced_child(pid, 1, 0);
++ stop_ptraced_child(pid, stack, 1, 0);
+ fail_stopped:
+ printk("missing\n");
+ }
+
+ void __init check_ptrace(void)
+ {
++ void *stack;
+ int pid, syscall, n, status;
+
+ printk("Checking that ptrace can change system call numbers...");
+- pid = start_ptraced_child();
++ pid = start_ptraced_child(&stack);
+
+ if (ptrace(PTRACE_OLDSETOPTIONS, pid, 0, (void *)PTRACE_O_TRACESYSGOOD) < 0)
+ panic("check_ptrace: PTRACE_SETOPTIONS failed, errno = %d", errno);
+@@ -330,7 +339,7 @@ void __init check_ptrace(void)
+ break;
+ }
+ }
+- stop_ptraced_child(pid, 0, 1);
++ stop_ptraced_child(pid, stack, 0, 1);
+ printk("OK\n");
+ check_sysemu();
+ }
+@@ -362,10 +371,11 @@ void forward_pending_sigio(int target)
+ static inline int check_skas3_ptrace_support(void)
+ {
+ struct ptrace_faultinfo fi;
++ void *stack;
+ int pid, n, ret = 1;
+
+ printf("Checking for the skas3 patch in the host...");
+- pid = start_ptraced_child();
++ pid = start_ptraced_child(&stack);
+
+ n = ptrace(PTRACE_FAULTINFO, pid, 0, &fi);
+ if (n < 0) {
+@@ -380,7 +390,7 @@ static inline int check_skas3_ptrace_sup
+ }
+
+ init_registers(pid);
+- stop_ptraced_child(pid, 1, 1);
++ stop_ptraced_child(pid, stack, 1, 1);
+
+ return(ret);
+ }
+_
--- /dev/null
+From stable-bounces@linux.kernel.org Wed Jun 29 18:12:49 2005
+To: stable@kernel.org
+From: akpm@osdl.org
+Date: Wed, 29 Jun 2005 18:12:01 -0700
+Cc: akpm@osdl.org, ak@muc.de, nanhai.zou@intel.com, suresh.b.siddha@intel.com
+Subject: [patch x86_64: TASK_SIZE fixes for compatibility mode processes
+
+From: Suresh Siddha <suresh.b.siddha@intel.com>
+
+Appended patch will setup compatibility mode TASK_SIZE properly. This will
+fix atleast three known bugs that can be encountered while running
+compatibility mode apps.
+
+a) A malicious 32bit app can have an elf section at 0xffffe000. During
+ exec of this app, we will have a memory leak as insert_vm_struct() is
+ not checking for return value in syscall32_setup_pages() and thus not
+ freeing the vma allocated for the vsyscall page. And instead of exec
+ failing (as it has addresses > TASK_SIZE), we were allowing it to
+ succeed previously.
+
+b) With a 32bit app, hugetlb_get_unmapped_area/arch_get_unmapped_area
+ may return addresses beyond 32bits, ultimately causing corruption
+ because of wrap-around and resulting in SEGFAULT, instead of returning
+ ENOMEM.
+
+c) 32bit app doing this below mmap will now fail.
+
+ mmap((void *)(0xFFFFE000UL), 0x10000UL, PROT_READ|PROT_WRITE,
+ MAP_FIXED|MAP_PRIVATE|MAP_ANON, 0, 0);
+
+Signed-off-by: Zou Nan hai <nanhai.zou@intel.com>
+Signed-off-by: Suresh Siddha <suresh.b.siddha@intel.com>
+Cc: Andi Kleen <ak@muc.de>
+Signed-off-by: Andrew Morton <akpm@osdl.org>
+Signed-off-by: Chris Wright <chrisw@osdl.org>
+---
+
+ arch/x86_64/ia32/ia32_binfmt.c | 5 +----
+ arch/x86_64/kernel/process.c | 4 ++--
+ arch/x86_64/kernel/ptrace.c | 17 ++++++++++-------
+ arch/x86_64/kernel/sys_x86_64.c | 14 ++++----------
+ arch/x86_64/mm/fault.c | 2 +-
+ include/asm-x86_64/a.out.h | 2 +-
+ include/asm-x86_64/processor.h | 11 ++++++-----
+ 7 files changed, 25 insertions(+), 30 deletions(-)
+
+diff -puN arch/x86_64/ia32/ia32_binfmt.c~x86_64-task_size-fixes-for-compatibility-mode-processes arch/x86_64/ia32/ia32_binfmt.c
+--- stable/arch/x86_64/ia32/ia32_binfmt.c~x86_64-task_size-fixes-for-compatibility-mode-processes 2005-06-29 18:11:13.000000000 -0700
++++ stable-akpm/arch/x86_64/ia32/ia32_binfmt.c 2005-06-29 18:11:13.000000000 -0700
+@@ -46,7 +46,7 @@ struct elf_phdr;
+
+ #define IA32_EMULATOR 1
+
+-#define ELF_ET_DYN_BASE (TASK_UNMAPPED_32 + 0x1000000)
++#define ELF_ET_DYN_BASE (TASK_UNMAPPED_BASE + 0x1000000)
+
+ #undef ELF_ARCH
+ #define ELF_ARCH EM_386
+@@ -307,9 +307,6 @@ MODULE_AUTHOR("Eric Youngdale, Andi Klee
+
+ #define elf_addr_t __u32
+
+-#undef TASK_SIZE
+-#define TASK_SIZE 0xffffffff
+-
+ static void elf32_init(struct pt_regs *);
+
+ #define ARCH_HAS_SETUP_ADDITIONAL_PAGES 1
+diff -puN arch/x86_64/kernel/process.c~x86_64-task_size-fixes-for-compatibility-mode-processes arch/x86_64/kernel/process.c
+--- stable/arch/x86_64/kernel/process.c~x86_64-task_size-fixes-for-compatibility-mode-processes 2005-06-29 18:11:13.000000000 -0700
++++ stable-akpm/arch/x86_64/kernel/process.c 2005-06-29 18:11:13.000000000 -0700
+@@ -656,7 +656,7 @@ long do_arch_prctl(struct task_struct *t
+
+ switch (code) {
+ case ARCH_SET_GS:
+- if (addr >= TASK_SIZE)
++ if (addr >= TASK_SIZE_OF(task))
+ return -EPERM;
+ cpu = get_cpu();
+ /* handle small bases via the GDT because that's faster to
+@@ -682,7 +682,7 @@ long do_arch_prctl(struct task_struct *t
+ case ARCH_SET_FS:
+ /* Not strictly needed for fs, but do it for symmetry
+ with gs */
+- if (addr >= TASK_SIZE)
++ if (addr >= TASK_SIZE_OF(task))
+ return -EPERM;
+ cpu = get_cpu();
+ /* handle small bases via the GDT because that's faster to
+diff -puN arch/x86_64/kernel/ptrace.c~x86_64-task_size-fixes-for-compatibility-mode-processes arch/x86_64/kernel/ptrace.c
+--- stable/arch/x86_64/kernel/ptrace.c~x86_64-task_size-fixes-for-compatibility-mode-processes 2005-06-29 18:11:13.000000000 -0700
++++ stable-akpm/arch/x86_64/kernel/ptrace.c 2005-06-29 18:11:13.000000000 -0700
+@@ -257,12 +257,12 @@ static int putreg(struct task_struct *ch
+ value &= 0xffff;
+ return 0;
+ case offsetof(struct user_regs_struct,fs_base):
+- if (value >= TASK_SIZE)
++ if (value >= TASK_SIZE_OF(child))
+ return -EIO;
+ child->thread.fs = value;
+ return 0;
+ case offsetof(struct user_regs_struct,gs_base):
+- if (value >= TASK_SIZE)
++ if (value >= TASK_SIZE_OF(child))
+ return -EIO;
+ child->thread.gs = value;
+ return 0;
+@@ -279,7 +279,7 @@ static int putreg(struct task_struct *ch
+ break;
+ case offsetof(struct user_regs_struct, rip):
+ /* Check if the new RIP address is canonical */
+- if (value >= TASK_SIZE)
++ if (value >= TASK_SIZE_OF(child))
+ return -EIO;
+ break;
+ }
+@@ -419,6 +419,8 @@ asmlinkage long sys_ptrace(long request,
+ break;
+
+ case PTRACE_POKEUSR: /* write the word at location addr in the USER area */
++ {
++ int dsize = test_tsk_thread_flag(child, TIF_IA32) ? 3 : 7;
+ ret = -EIO;
+ if ((addr & 7) ||
+ addr > sizeof(struct user) - 7)
+@@ -430,22 +432,22 @@ asmlinkage long sys_ptrace(long request,
+ break;
+ /* Disallows to set a breakpoint into the vsyscall */
+ case offsetof(struct user, u_debugreg[0]):
+- if (data >= TASK_SIZE-7) break;
++ if (data >= TASK_SIZE_OF(child) - dsize) break;
+ child->thread.debugreg0 = data;
+ ret = 0;
+ break;
+ case offsetof(struct user, u_debugreg[1]):
+- if (data >= TASK_SIZE-7) break;
++ if (data >= TASK_SIZE_OF(child) - dsize) break;
+ child->thread.debugreg1 = data;
+ ret = 0;
+ break;
+ case offsetof(struct user, u_debugreg[2]):
+- if (data >= TASK_SIZE-7) break;
++ if (data >= TASK_SIZE_OF(child) - dsize) break;
+ child->thread.debugreg2 = data;
+ ret = 0;
+ break;
+ case offsetof(struct user, u_debugreg[3]):
+- if (data >= TASK_SIZE-7) break;
++ if (data >= TASK_SIZE_OF(child) - dsize) break;
+ child->thread.debugreg3 = data;
+ ret = 0;
+ break;
+@@ -469,6 +471,7 @@ asmlinkage long sys_ptrace(long request,
+ break;
+ }
+ break;
++ }
+ case PTRACE_SYSCALL: /* continue and stop at next (return from) syscall */
+ case PTRACE_CONT: /* restart after signal. */
+
+diff -puN arch/x86_64/kernel/sys_x86_64.c~x86_64-task_size-fixes-for-compatibility-mode-processes arch/x86_64/kernel/sys_x86_64.c
+--- stable/arch/x86_64/kernel/sys_x86_64.c~x86_64-task_size-fixes-for-compatibility-mode-processes 2005-06-29 18:11:13.000000000 -0700
++++ stable-akpm/arch/x86_64/kernel/sys_x86_64.c 2005-06-29 18:11:13.000000000 -0700
+@@ -68,13 +68,7 @@ out:
+ static void find_start_end(unsigned long flags, unsigned long *begin,
+ unsigned long *end)
+ {
+-#ifdef CONFIG_IA32_EMULATION
+- if (test_thread_flag(TIF_IA32)) {
+- *begin = TASK_UNMAPPED_32;
+- *end = IA32_PAGE_OFFSET;
+- } else
+-#endif
+- if (flags & MAP_32BIT) {
++ if (!test_thread_flag(TIF_IA32) && (flags & MAP_32BIT)) {
+ /* This is usually used needed to map code in small
+ model, so it needs to be in the first 31bit. Limit
+ it to that. This means we need to move the
+@@ -84,10 +78,10 @@ static void find_start_end(unsigned long
+ of playground for now. -AK */
+ *begin = 0x40000000;
+ *end = 0x80000000;
+- } else {
+- *begin = TASK_UNMAPPED_64;
++ } else {
++ *begin = TASK_UNMAPPED_BASE;
+ *end = TASK_SIZE;
+- }
++ }
+ }
+
+ unsigned long
+diff -puN arch/x86_64/mm/fault.c~x86_64-task_size-fixes-for-compatibility-mode-processes arch/x86_64/mm/fault.c
+--- stable/arch/x86_64/mm/fault.c~x86_64-task_size-fixes-for-compatibility-mode-processes 2005-06-29 18:11:13.000000000 -0700
++++ stable-akpm/arch/x86_64/mm/fault.c 2005-06-29 18:11:13.000000000 -0700
+@@ -350,7 +350,7 @@ asmlinkage void do_page_fault(struct pt_
+ * (error_code & 4) == 0, and that the fault was not a
+ * protection error (error_code & 1) == 0.
+ */
+- if (unlikely(address >= TASK_SIZE)) {
++ if (unlikely(address >= TASK_SIZE64)) {
+ if (!(error_code & 5) &&
+ ((address >= VMALLOC_START && address < VMALLOC_END) ||
+ (address >= MODULES_VADDR && address < MODULES_END))) {
+diff -puN include/asm-x86_64/a.out.h~x86_64-task_size-fixes-for-compatibility-mode-processes include/asm-x86_64/a.out.h
+--- stable/include/asm-x86_64/a.out.h~x86_64-task_size-fixes-for-compatibility-mode-processes 2005-06-29 18:11:13.000000000 -0700
++++ stable-akpm/include/asm-x86_64/a.out.h 2005-06-29 18:11:13.000000000 -0700
+@@ -21,7 +21,7 @@ struct exec
+
+ #ifdef __KERNEL__
+ #include <linux/thread_info.h>
+-#define STACK_TOP (test_thread_flag(TIF_IA32) ? IA32_PAGE_OFFSET : TASK_SIZE)
++#define STACK_TOP TASK_SIZE
+ #endif
+
+ #endif /* __A_OUT_GNU_H__ */
+diff -puN include/asm-x86_64/processor.h~x86_64-task_size-fixes-for-compatibility-mode-processes include/asm-x86_64/processor.h
+--- stable/include/asm-x86_64/processor.h~x86_64-task_size-fixes-for-compatibility-mode-processes 2005-06-29 18:11:13.000000000 -0700
++++ stable-akpm/include/asm-x86_64/processor.h 2005-06-29 18:11:13.000000000 -0700
+@@ -160,16 +160,17 @@ static inline void clear_in_cr4 (unsigne
+ /*
+ * User space process size. 47bits minus one guard page.
+ */
+-#define TASK_SIZE (0x800000000000UL - 4096)
++#define TASK_SIZE64 (0x800000000000UL - 4096)
+
+ /* This decides where the kernel will search for a free chunk of vm
+ * space during mmap's.
+ */
+ #define IA32_PAGE_OFFSET ((current->personality & ADDR_LIMIT_3GB) ? 0xc0000000 : 0xFFFFe000)
+-#define TASK_UNMAPPED_32 PAGE_ALIGN(IA32_PAGE_OFFSET/3)
+-#define TASK_UNMAPPED_64 PAGE_ALIGN(TASK_SIZE/3)
+-#define TASK_UNMAPPED_BASE \
+- (test_thread_flag(TIF_IA32) ? TASK_UNMAPPED_32 : TASK_UNMAPPED_64)
++
++#define TASK_SIZE (test_thread_flag(TIF_IA32) ? IA32_PAGE_OFFSET : TASK_SIZE64)
++#define TASK_SIZE_OF(child) ((test_tsk_thread_flag(child, TIF_IA32)) ? IA32_PAGE_OFFSET : TASK_SIZE64)
++
++#define TASK_UNMAPPED_BASE PAGE_ALIGN(TASK_SIZE/3)
+
+ /*
+ * Size of io_bitmap.
+_
projects / thirdparty / kernel / stable-queue.git / commitdiff
