From: Greg Kroah-Hartman Date: Wed, 15 Feb 2012 17:39:59 +0000 (-0800) Subject: 3.0-stable patches X-Git-Tag: v3.0.22~6 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=5504ee3859e009c2608138ebf508cbf5f047222f;p=thirdparty%2Fkernel%2Fstable-queue.git 3.0-stable patches added patches: slub-fix-a-possible-memleak-in-__slab_alloc.patch xen-pvhvm-do-not-remap-pirqs-onto-evtchns-if-xen_have_vector_callback.patch --- diff --git a/queue-3.0/series b/queue-3.0/series index 2fcdd74b963..02a830883f0 100644 --- a/queue-3.0/series +++ b/queue-3.0/series @@ -11,3 +11,5 @@ hwmon-f75375s-fix-automatic-pwm-mode-setting-for-f75373-f75375.patch crypto-sha512-use-binary-and-instead-of-modulus.patch crypto-sha512-avoid-stack-bloat-on-i386.patch alsa-intel8x0-fix-default-inaudible-sound-on-gateway-m520.patch +xen-pvhvm-do-not-remap-pirqs-onto-evtchns-if-xen_have_vector_callback.patch +slub-fix-a-possible-memleak-in-__slab_alloc.patch diff --git a/queue-3.0/slub-fix-a-possible-memleak-in-__slab_alloc.patch b/queue-3.0/slub-fix-a-possible-memleak-in-__slab_alloc.patch new file mode 100644 index 00000000000..afd7dfb37c2 --- /dev/null +++ b/queue-3.0/slub-fix-a-possible-memleak-in-__slab_alloc.patch @@ -0,0 +1,53 @@ +From 73736e0387ba0e6d2b703407b4d26168d31516a7 Mon Sep 17 00:00:00 2001 +From: Eric Dumazet +Date: Tue, 13 Dec 2011 04:57:06 +0100 +Subject: slub: fix a possible memleak in __slab_alloc() + +From: Eric Dumazet + +commit 73736e0387ba0e6d2b703407b4d26168d31516a7 upstream. + +Zhihua Che reported a possible memleak in slub allocator on +CONFIG_PREEMPT=y builds. + +It is possible current thread migrates right before disabling irqs in +__slab_alloc(). We must check again c->freelist, and perform a normal +allocation instead of scratching c->freelist. + +Many thanks to Zhihua Che for spotting this bug, introduced in 2.6.39 + +V2: Its also possible an IRQ freed one (or several) object(s) and +populated c->freelist, so its not a CONFIG_PREEMPT only problem. + +Reported-by: Zhihua Che +Signed-off-by: Eric Dumazet +Acked-by: Christoph Lameter +Signed-off-by: Pekka Enberg +Signed-off-by: Greg Kroah-Hartman + +--- + mm/slub.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +--- a/mm/slub.c ++++ b/mm/slub.c +@@ -1818,6 +1818,11 @@ static void *__slab_alloc(struct kmem_ca + if (unlikely(!node_match(c, node))) + goto another_slab; + ++ /* must check again c->freelist in case of cpu migration or IRQ */ ++ object = c->freelist; ++ if (object) ++ goto update_freelist; ++ + stat(s, ALLOC_REFILL); + + load_freelist: +@@ -1827,6 +1832,7 @@ load_freelist: + if (kmem_cache_debug(s)) + goto debug; + ++update_freelist: + c->freelist = get_freepointer(s, object); + page->inuse = page->objects; + page->freelist = NULL; diff --git a/queue-3.0/xen-pvhvm-do-not-remap-pirqs-onto-evtchns-if-xen_have_vector_callback.patch b/queue-3.0/xen-pvhvm-do-not-remap-pirqs-onto-evtchns-if-xen_have_vector_callback.patch new file mode 100644 index 00000000000..9a209764c36 --- /dev/null +++ b/queue-3.0/xen-pvhvm-do-not-remap-pirqs-onto-evtchns-if-xen_have_vector_callback.patch @@ -0,0 +1,28 @@ +From 207d543f472c1ac9552df79838dc807cbcaa9740 Mon Sep 17 00:00:00 2001 +From: Stefano Stabellini +Date: Mon, 30 Jan 2012 14:31:46 +0000 +Subject: xen pvhvm: do not remap pirqs onto evtchns if !xen_have_vector_callback + +From: Stefano Stabellini + +commit 207d543f472c1ac9552df79838dc807cbcaa9740 upstream. + +Signed-off-by: Stefano Stabellini +Signed-off-by: Konrad Rzeszutek Wilk +Signed-off-by: Greg Kroah-Hartman + +--- + arch/x86/pci/xen.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/arch/x86/pci/xen.c ++++ b/arch/x86/pci/xen.c +@@ -308,7 +308,7 @@ int __init pci_xen_init(void) + + int __init pci_xen_hvm_init(void) + { +- if (!xen_feature(XENFEAT_hvm_pirqs)) ++ if (!xen_have_vector_callback || !xen_feature(XENFEAT_hvm_pirqs)) + return 0; + + #ifdef CONFIG_ACPI