From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Tue, 20 Aug 2013 15:27:47 +0000 (-0700)
Subject: remove queue-3.4/genetlink-fix-family-dump-race.patch
X-Git-Tag: v3.4.59~1
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=11cf512a968f9a6649d3e8088e8fc4751cb0da0c;p=thirdparty%2Fkernel%2Fstable-queue.git

remove queue-3.4/genetlink-fix-family-dump-race.patch
---

diff --git a/queue-3.4/genetlink-fix-family-dump-race.patch b/queue-3.4/genetlink-fix-family-dump-race.patch
deleted file mode 100644
index e5bb356b775..00000000000
--- a/queue-3.4/genetlink-fix-family-dump-race.patch
+++ /dev/null
@@ -1,54 +0,0 @@
-From 58ad436fcf49810aa006016107f494c9ac9013db Mon Sep 17 00:00:00 2001
-From: Johannes Berg <johannes.berg@intel.com>
-Date: Tue, 13 Aug 2013 09:04:05 +0200
-Subject: genetlink: fix family dump race
-
-From: Johannes Berg <johannes.berg@intel.com>
-
-commit 58ad436fcf49810aa006016107f494c9ac9013db upstream.
-
-When dumping generic netlink families, only the first dump call
-is locked with genl_lock(), which protects the list of families,
-and thus subsequent calls can access the data without locking,
-racing against family addition/removal. This can cause a crash.
-Fix it - the locking needs to be conditional because the first
-time around it's already locked.
-
-A similar bug was reported to me on an old kernel (3.4.47) but
-the exact scenario that happened there is no longer possible,
-on those kernels the first round wasn't locked either. Looking
-at the current code I found the race described above, which had
-also existed on the old kernel.
-
-Reported-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
-Signed-off-by: Johannes Berg <johannes.berg@intel.com>
-Signed-off-by: David S. Miller <davem@davemloft.net>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
-
----
- net/netlink/genetlink.c |    7 +++++++
- 1 file changed, 7 insertions(+)
-
---- a/net/netlink/genetlink.c
-+++ b/net/netlink/genetlink.c
-@@ -744,6 +744,10 @@ static int ctrl_dumpfamily(struct sk_buf
- 	struct net *net = sock_net(skb->sk);
- 	int chains_to_skip = cb->args[0];
- 	int fams_to_skip = cb->args[1];
-+	bool need_locking = chains_to_skip || fams_to_skip;
-+
-+	if (need_locking)
-+		genl_lock();
- 
- 	for (i = chains_to_skip; i < GENL_FAM_TAB_SIZE; i++) {
- 		n = 0;
-@@ -765,6 +769,9 @@ errout:
- 	cb->args[0] = i;
- 	cb->args[1] = n;
- 
-+	if (need_locking)
-+		genl_unlock();
-+
- 	return skb->len;
- }
- 
diff --git a/queue-3.4/series b/queue-3.4/series
index 39ff1ebd971..8290f9ec571 100644
--- a/queue-3.4/series
+++ b/queue-3.4/series
@@ -23,7 +23,6 @@ af_key-initialize-satype-in-key_notify_policy_flush.patch
 iwl4965-set-power-mode-early.patch
 iwl4965-reset-firmware-after-rfkill-off.patch
 can-pcan_usb-fix-wrong-memcpy-bytes-length.patch
-genetlink-fix-family-dump-race.patch
 usb-add-two-quirky-touchscreen.patch
 usb-mos7720-fix-broken-control-requests.patch
 xtensa-fix-linker-script-transformation-for-.text.unlikely.patch