From: Greg Kroah-Hartman Date: Mon, 22 Apr 2013 16:32:21 +0000 (-0700) Subject: 3.0-stable patches X-Git-Tag: v3.8.9~15 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=475c09d323b69805eab10d19188a333b9611d549;p=thirdparty%2Fkernel%2Fstable-queue.git 3.0-stable patches added patches: crypto-algif-suppress-sending-source-address-information.patch revert-sysfs-fix-race-between-readdir-and-lseek.patch --- diff --git a/queue-3.0/crypto-algif-suppress-sending-source-address-information.patch b/queue-3.0/crypto-algif-suppress-sending-source-address-information.patch new file mode 100644 index 00000000000..dc4d54e37b5 --- /dev/null +++ b/queue-3.0/crypto-algif-suppress-sending-source-address-information.patch @@ -0,0 +1,43 @@ +From 72a763d805a48ac8c0bf48fdb510e84c12de51fe Mon Sep 17 00:00:00 2001 +From: Mathias Krause +Date: Sun, 7 Apr 2013 14:05:39 +0200 +Subject: crypto: algif - suppress sending source address information in recvmsg + +From: Mathias Krause + +commit 72a763d805a48ac8c0bf48fdb510e84c12de51fe upstream. + +The current code does not set the msg_namelen member to 0 and therefore +makes net/socket.c leak the local sockaddr_storage variable to userland +-- 128 bytes of kernel stack memory. Fix that. + +Signed-off-by: Mathias Krause +Signed-off-by: Herbert Xu +Signed-off-by: Greg Kroah-Hartman + +--- + crypto/algif_hash.c | 2 ++ + crypto/algif_skcipher.c | 1 + + 2 files changed, 3 insertions(+) + +--- a/crypto/algif_hash.c ++++ b/crypto/algif_hash.c +@@ -159,6 +159,8 @@ static int hash_recvmsg(struct kiocb *un + else if (len < ds) + msg->msg_flags |= MSG_TRUNC; + ++ msg->msg_namelen = 0; ++ + lock_sock(sk); + if (ctx->more) { + ctx->more = 0; +--- a/crypto/algif_skcipher.c ++++ b/crypto/algif_skcipher.c +@@ -432,6 +432,7 @@ static int skcipher_recvmsg(struct kiocb + long copied = 0; + + lock_sock(sk); ++ msg->msg_namelen = 0; + for (iov = msg->msg_iov, iovlen = msg->msg_iovlen; iovlen > 0; + iovlen--, iov++) { + unsigned long seglen = iov->iov_len; diff --git a/queue-3.0/revert-sysfs-fix-race-between-readdir-and-lseek.patch b/queue-3.0/revert-sysfs-fix-race-between-readdir-and-lseek.patch new file mode 100644 index 00000000000..d6e4f2d4740 --- /dev/null +++ b/queue-3.0/revert-sysfs-fix-race-between-readdir-and-lseek.patch @@ -0,0 +1,54 @@ +From jkosina@suse.cz Mon Apr 22 09:30:43 2013 +From: Jiri Kosina +Date: Mon, 22 Apr 2013 15:40:15 +0200 (CEST) +Subject: Revert "sysfs: fix race between readdir and lseek" +To: stable@vger.kernel.org +Cc: linux-kernel@vger.kernel.org +Message-ID: + +From: Jiri Kosina + +This reverts commit 991f76f837bf22c5bb07261cfd86525a0a96650c in Linus' +tree which is f366c8f271888f48e15cc7c0ab70f184c220c8a4 in +linux-stable.git + +It depends on ef3d0fd27e90f ("vfs: do (nearly) lockless generic_file_llseek") +which is available only in 3.2+. + +When applied on 3.0 codebase, it causes A-A deadlock, whenever anyone does +seek() on sysfs, as both generic_file_llseek() and sysfs_dir_llseek() obtain +i_mutex. + +Signed-off-by: Jiri Kosina +Cc: Jiri Slaby +Signed-off-by: Greg Kroah-Hartman + +--- + fs/sysfs/dir.c | 14 +------------- + 1 file changed, 1 insertion(+), 13 deletions(-) + +--- a/fs/sysfs/dir.c ++++ b/fs/sysfs/dir.c +@@ -959,21 +959,9 @@ static int sysfs_readdir(struct file * f + return 0; + } + +-static loff_t sysfs_dir_llseek(struct file *file, loff_t offset, int whence) +-{ +- struct inode *inode = file->f_path.dentry->d_inode; +- loff_t ret; +- +- mutex_lock(&inode->i_mutex); +- ret = generic_file_llseek(file, offset, whence); +- mutex_unlock(&inode->i_mutex); +- +- return ret; +-} +- + const struct file_operations sysfs_dir_operations = { + .read = generic_read_dir, + .readdir = sysfs_readdir, + .release = sysfs_dir_release, +- .llseek = sysfs_dir_llseek, ++ .llseek = generic_file_llseek, + }; diff --git a/queue-3.0/series b/queue-3.0/series index 31ef644a443..524843f673a 100644 --- a/queue-3.0/series +++ b/queue-3.0/series @@ -12,3 +12,5 @@ arm-7696-1-fix-kexec-by-setting-outer_cache.inv_all-for-feroceon.patch ath9k_htc-accept-1.x-firmware-newer-than-1.3.patch sched-convert-bug_on-s-in-try_to_wake_up_local-to-warn_on_once-s.patch +crypto-algif-suppress-sending-source-address-information.patch +revert-sysfs-fix-race-between-readdir-and-lseek.patch