.24 patches

diff --git a/queue-2.6.24/bonding-fix-null-pointer-deref-in-startup-processing.patch b/queue-2.6.24/bonding-fix-null-pointer-deref-in-startup-processing.patch
new file mode 100644 (file)
index 0000000..5b9f16a
--- /dev/null
+++ b/queue-2.6.24/bonding-fix-null-pointer-deref-in-startup-processing.patch
@@ -0,0 +1,51 @@
+From stable-bounces@linux.kernel.org Fri Feb 15 10:01:30 2008
+From: Jay Vosburgh <fubar@us.ibm.com>
+Date: Fri, 15 Feb 2008 10:00:41 -0800
+Subject: bonding: fix NULL pointer deref in startup processing
+To: stable@kernel.org
+Message-ID: <26347.1203098441@death>
+
+
+From: Jay Vosburgh <fubar@us.ibm.com>
+
+patch 4fe4763cd8cacd81d892193efb48b99c99c15323 in mainline.
+
+       Fix the "are we creating a duplicate" check to not compare
+the name if the name is NULL (meaning that the system should select
+a name).  Bug reported by Benny Amorsen <benny+usenet@amorsen.dk>.
+
+Signed-off-by: Jay Vosburgh <fubar@us.ibm.com>
+Signed-off-by: Jeff Garzik <jeff@garzik.org>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ drivers/net/bonding/bond_main.c |   16 +++++++++-------
+ 1 file changed, 9 insertions(+), 7 deletions(-)
+
+--- a/drivers/net/bonding/bond_main.c
++++ b/drivers/net/bonding/bond_main.c
+@@ -4883,14 +4883,16 @@ int bond_create(char *name, struct bond_
+       down_write(&bonding_rwsem);
+ 
+       /* Check to see if the bond already exists. */
+-      list_for_each_entry_safe(bond, nxt, &bond_dev_list, bond_list)
+-              if (strnicmp(bond->dev->name, name, IFNAMSIZ) == 0) {
+-                      printk(KERN_ERR DRV_NAME
++      if (name) {
++              list_for_each_entry_safe(bond, nxt, &bond_dev_list, bond_list)
++                      if (strnicmp(bond->dev->name, name, IFNAMSIZ) == 0) {
++                              printk(KERN_ERR DRV_NAME
+                              ": cannot add bond %s; it already exists\n",
+-                             name);
+-                      res = -EPERM;
+-                      goto out_rtnl;
+-              }
++                                     name);
++                              res = -EPERM;
++                              goto out_rtnl;
++                      }
++      }
+ 
+       bond_dev = alloc_netdev(sizeof(struct bonding), name ? name : "",
+                               ether_setup);

diff --git a/queue-2.6.24/series b/queue-2.6.24/series
index e5f8f965c204b0dd611dc77800cdb3af48f24792..d4adc2bb80ea26a3ea359dec45f5ab03e89bc5cc 100644 (file)
--- a/queue-2.6.24/series
+++ b/queue-2.6.24/series
@@ -34,3 +34,5 @@ scsi-gdth-scan-for-scsi-devices.patch
 kbuild-allow-fstack-protector-to-take-effect.patch
 pcmcia-fix-station-address-detection-in-smc.patch
 powerpc-revert-chrp_pci_fixup_vt8231_ata-devinit-to-fix-libata-on-pegasos.patch
+bonding-fix-null-pointer-deref-in-startup-processing.patch
+x86_64-cpa-fix-cache-attribute-inconsistency-bug.patch

diff --git a/queue-2.6.24/x86_64-cpa-fix-cache-attribute-inconsistency-bug.patch b/queue-2.6.24/x86_64-cpa-fix-cache-attribute-inconsistency-bug.patch
new file mode 100644 (file)
index 0000000..ac39dfd
--- /dev/null
+++ b/queue-2.6.24/x86_64-cpa-fix-cache-attribute-inconsistency-bug.patch
@@ -0,0 +1,61 @@
+From linux-kernel-owner+greg=40kroah.com-S1761610AbYBOUA1@vger.kernel.org Fri Feb 15 12:00:56 2008
+From: Ingo Molnar <mingo@elte.hu>
+Date: Fri, 15 Feb 2008 20:59:33 +0100
+Subject: x86_64: CPA, fix cache attribute inconsistency bug
+To: stable@kernel.org
+Cc: linux-kernel@vger.kernel.org, Thomas Gleixner <tglx@linutronix.de>, Andi Kleen <andi@firstfloor.org>
+Message-ID: <20080215195933.GC15432@elte.hu>
+Content-Disposition: inline
+
+From: Ingo Molnar <mingo@elte.hu>
+
+(no matching git id as the upstream code is rewritten)
+
+fix CPA cache attribute bug in v2.6.24. When phys_base is nonzero (when 
+CONFIG_RELOCATABLE=y) then change_page_attr_addr() miscalculates the 
+secondary alias address by -14 MB (depending on the configured offset).
+
+The default 64-bit kernels of Fedora and Ubuntu are affected:
+
+   $ grep RELOCA /boot/config-2.6.23.9-85.fc8
+     CONFIG_RELOCATABLE=y
+
+   $ grep RELOC /boot/config-2.6.22-14-generic
+     CONFIG_RELOCATABLE=y
+
+and probably on many other distros as well.
+
+the bug affects all pages in the first 40 MB of physical RAM that
+are allocated by some subsystem that does ioremap_nocache() on them:
+
+       if (__pa(address) < KERNEL_TEXT_SIZE) {
+
+Hence we might leave page table entries with inconsistent cache
+attributes around (pages mapped at both UnCacheable and Write-Back),
+and we can also set the wrong kernel text pages to UnCacheable.
+
+the effects of this bug can be random slowdowns and other misbehavior.
+If for example AGP allocates its aperture pages into the first 40 MB
+of physical RAM, then the -14 MB bug might mark random kernel texto
+pages as uncacheable, slowing down a random portion of the 64-bit
+kernel until the AGP driver is unloaded.
+
+Signed-off-by: Ingo Molnar <mingo@elte.hu>
+Acked-by: Thomas Gleixner <tglx@linutronix.de>
+Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
+
+---
+ arch/x86/mm/pageattr_64.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/arch/x86/mm/pageattr_64.c
++++ b/arch/x86/mm/pageattr_64.c
+@@ -207,7 +207,7 @@ int change_page_attr_addr(unsigned long 
+               if (__pa(address) < KERNEL_TEXT_SIZE) {
+                       unsigned long addr2;
+                       pgprot_t prot2;
+-                      addr2 = __START_KERNEL_map + __pa(address);
++                      addr2 = __START_KERNEL_map + __pa(address) - phys_base;
+                       /* Make sure the kernel mappings stay executable */
+                       prot2 = pte_pgprot(pte_mkexec(pfn_pte(0, prot)));
+                       err = __change_page_attr(addr2, pfn, prot2,