[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#631465: Changes from longterm

Package: linux-2.6
Version: 2.6.32-35

66e6986 ftrace: Only update the function code on write to filter files

Appears to fix a local denial-of-service.  The files are world-readable
and the bug allows readers to cause performance degradation.

b2300b3 kmemleak: Do not return a pointer to an object that kmemleak did not get

Fixes possible memory corruption; could be a local denial-of-service as
the file is world-readable.

1c6d087 CPU hotplug, re-create sysfs directory and symlinks

Keeps cpufreq userland interface working in some cases where one CPU
core is taken offline.  The bug doesn't appear to affect physical
hotplugging and I don't know what it would affect.

301808c Fix memory leak in cpufreq_stat

Fixes small memory leak when any CPU goes offline.  This affects suspend
on SMP systems, as suspend takes all but one CPU offline.

c3bf529 powerpc/kexec: Fix memory corruption from unallocated slaves

Fixes yet another regression of this feature in longterm (specifically

24fb3f4 powerpc/oprofile: Handle events that raise an exception without overflowing

Fixes potential crash (?) on POWER7 system.

5b2745d block: rescan partitions on invalidated devices on -ENOMEDIA too

Fixes automatic removal of partitions after device removal, for some
devices.  Doesn't look like more than an annoyance, but maybe I'm
missing something.

5e4c1db block: add proper state guards to __elv_next_request

I think this fixes a race condition on device removal which would lead
to a crash.

d9296ae mtd: mtdconcat: fix NAND OOB write

Feature didn't work at all for NAND devices.  This possibly counts as
hardware support.

45b0dfa x86, 64-bit: Fix copy_[to/from]_user() checks for the userspace address limit

Fixes EFAULT error return for valid buffer.  I doubt this affects real
programs, but the fix is trivial.

d23b7b6 ext3: Fix fs corruption when make_indexed_dir() fails

Fixes potential data loss in (I think) disk-full or low-memory situation.

538e7bf jbd: Fix forever sleeping process in do_get_write_access()

Fixes potential hang.

cdc57f8 jbd: fix fsync() tid wraparound bug

Fixes crash (BUG); appears to be local denial-of-service.

5252bdb ext4: release page cache in ext4_mb_load_buddy error path

Fairly straightforward fix but I don't know what the impact of the bug

4efd0b0 Fix Ultrastor asm snippet

I think this change is redundant with the use of 'asm volatile', but it
doesn't do any harm.

9407375 x86, amd: Do not enable ARAT feature on AMD processors below family 0x12

Fixes regression in that would cause hang when idle on some
processor models.  I correctly predicted the regression in the original
change, and deferred it.  The original change and subsequent fixes
including this one are included in 2.6.32-35.

03710bb x86, amd: Use _safe() msr access for GartTlbWlk disable code

Fixes regression in that causes immediate crash in KVM guests
on AMD family 10h processors; possibly only on SMP guests.

This regression has already made its way into 2.6.32-34squeeze1 but so
far I don't think we've had any bug reports.

6fa3d71 rcu: Fix unpaired rcu_irq_enter() from locking selftests

Only effects custom kernels with this debug option.

353be24 staging: usbip: fix wrong endian conversion

No functional change.

8bdae89 Fix for buffer overflow in ldm_frag_add not sufficient

CVE-2011-2182.  Already cherry-picked in 2.6.32-35.

ff3af58 seqlock: Don't smp_rmb in seqlock reader spin loop

Fixes hang on some powerpc systems.

ce9f8da ALSA: HDA: Use one dmic only for Dell Studio 1558

Hides non-functional mixer control on this model.

01b242a ASoC: Ensure output PGA is enabled for line outputs in wm_hubs
c4d634f ASoC: Add some missing volume update bit sets for wm_hubs devices

Driver is not enabled in Debian packages.

864fce8 mm/page_alloc.c: prevent unending loop in __alloc_pages_slowpath()

Fixes hang; apparently affects machines with lots of memory and high
memory pressure.

d93bd2d PCI: allow matching of prefetchable resources to non-prefetchable windows

This makes the matching more consistent (it already was allowed!) and
avoids some possibly alarming error messages about address conflicts.
The commit message doesn't explain much; see

2a140e3 loop: limit 'max_part' module param to DISK_MAX_PARTS
1569390 brd: limit 'max_part' module param to DISK_MAX_PARTS
6091e05 nbd: limit module parameters to a sane value

Fixes kernel oops on out-of-range module parameter.

e4eb3c8 loop: handle on-demand devices correctly
33a5ae1 brd: handle on-demand devices correctly

Fixes combination of on-demand feature with partitions on these devices.
Current behaviour could result in data loss.

56344ef USB: CP210x Add 4 Device IDs for AC-Services Devices
e658945 USB: moto_modem: Add USB identifier for the Motorola VE240.
15b8466 USB: serial: ftdi_sio: adding support for TavIR STK500
5b7dafb USB: cdc-acm: Adding second ACM channel support for Nokia E7 and C7
68fdcd2 USB: serial: add another 4N-GALAXY.DE PID to ftdi_sio driver
773b988 p54usb: add zoom 4410 usbid

Hardware enablement; trivial.

f8ef28d USB: gamin_gps: Fix for data transfer problems in native mode

Fixes data loss (sort of).

fae4005 usb/gadget: at91sam9g20 fix end point max packet size
24bf807 usb: gadget: rndis: don't test against req->length

Subsystem is not enabled in Debian packages.

4779c5e xhci: Fix full speed bInterval encoding.
e103cc4 USB: xhci - fix interval calculation for FS isoc endpoints

Fix regressions in which broke some full speed (12 Mbps)
devices on some XHCI controllers.

a53267c OHCI: fix regression caused by nVidia shutdown workaround

Fixes regression in which results in USB devices being powered
after system shutdown.  (The earlier change was needed to fix the same
behaviour for a different set of Nvidia OHCIs!)

ee4a3a8 eCryptfs: Allow 2 scatterlist entries for encrypted filenames

Fixes unreliable filename lookup (userspace gets ENOMEM and kernel logs
errors).  Not sure how the failure would occur.

b5914de UBIFS: fix a rare memory leak in ro to rw remounting path

Summary is clear enough.

c8b6153 i8k: Avoid lahf in 64-bit code

Fixes crash in this driver on early x86-64 CPUs.

af73c7b cpuidle: menu: fixed wrapping timers at 4.294 seconds

Fixes overflow in sleep timer calculation when able to sleep for a long
time.  Unlikely to be relevant to Debian systems, but looks safe enough.

a4401a6 dm table: reject devices without request fns

Fixes crash (oops) on attempt to set up some invalid dm configurations.

9e9c1e7 atm: expose ATM device index in sysfs

Needed to distinguish ATM adapters; probably counts as hardware enablement.

62a5c72 SUNRPC: Deal with the lack of a SYN_SENT sk->sk_state_change callback...

Fixes incrementing of connection cookies.  It looks like multiple
connections to the same service, or multiple connection states, do not
get properly distinguished.  Not sure what the ultimate impact of this

41524e9 PCI: Add quirk for setting valid class for TI816X Endpoint

Fixes PCI resource setup for this non-compliant device.  Hardware

35fd0fd xen mmu: fix a race window causing leave_mm BUG()

Summary is clear enough.

0a4f14e netfilter: nf_conntrack_reasm: properly handle packets fragmented into a single fragment

Fixes a bug that prevents some IPv6 connections being tracked.  This
presumably can result in those connections being blocked in some
firewall configurations.

3c08ee4 fix memory leak in scsi_report_lun_scan

Summary is clear enough.

6e3a404 fix refcounting bug in scsi_get_host_dev

No idea what the impact of this bug is.

8b75b31 fix duplicate removal on error path in scsi_sysfs_add_sdev

Presumably fixes a crash in the error case, which I think would only
occur in a low-memory situation.

439aa7d UBIFS: fix shrinker object count reports

Fixes alarming log message.

8d9ba4b UBIFS: fix memory leak on error path

Summary is clear enough.

d1e0c2e block: export blk_{get,put}_queue()

Prerequisite for next fix.

8354a9e Fix oops caused by queue refcounting failure

Fix oops in some cases where userland attempts I/O on SCSI device that
has been removed.

263b8d5 mm: fix ENOSPC returned by handle_mm_fault()

Fixes incorrect error return values; don't know what the impact is.

2d3b027 PCI: Set PCIE maxpayload for card during hotplug insertion

Fixes DMA configuration for hotplugged cards in some situations.

946ea1c nl80211: fix check for valid SSID size in scan operations

Fixes heap buffer overflow.  Exploitable by users with CAP_NET_ADMIN.

eef1d4d lockdep: Fix lock_is_held() on recursion

Only affects custom kernels with this debugging feature on.

75013df fat: Fix corrupt inode flags when remove ATTR_SYS flag

Summary is clear enough.

d11e39e xen: off by one errors in multicalls.c

Don't know what the impact of this is.

c3280ce x86/amd-iommu: Fix 3 possible endless loops

Summary is clear enough.

5fe935a USB: core: Tolerate protocol stall during hub and port status read

Fixes compatibility with some hubs.  Hardware enablement?

fdb1e4e ALSA: hda: Fix quirk for Dell Inspiron 910

Fixes very low speaker volume on this model.  Hardware enablement?

e9a60e2 oprofile, dcookies: Fix possible circular locking dependency

Fixes potential hang.

21dfd57 CPUFREQ: Remove cpufreq_stats sysfs entries on module unload.

Fixes crash after unloading this module and accessing the orphaned files.

58d1604 md: check ->hot_remove_disk when removing disk

Fixes crash on invalid attempt to remove disk from e.g. linear array.

6f4976a md/raid5: fix raid5_set_bi_hw_segments

Obvious fix though I don't know what the likely impact of the bug is.

c0877c4 md/raid5: fix FUA request handling in ops_run_io()

Should have no effect, as md does not support FUA requests at all in
2.6.32.y.  This was even commented as suitable for 2.6.37+!

26b6b31 ata: use pci_dev->revision
ef83f5d pata_cmd64x: fix PIO setup
554bd15 pata_cmd64x: cmd648_bmdma_stop() fix
3950dcf pata_cmd64x: remove unused definitions

Preparation for following fix.

255e15a pata_cm64x: fix boot crash on parisc

Closes: #622997, #622745

bfbf76d ACPI: use _HID when supplied by root-level devices

I think this fixes ACPI device matching on some systems.  Hardware

7eae68f xfs: properly account for reclaimed inodes

It sounds like this fixes potentially severe performance degradation.

651f1d2 exec: delay address limit change until point of no return

Fixes fallback through init search path in some failure cases.  Not an
issue for Debian systems, so far as I can see.  The address limit is, of
course, critical to security, so we may wish to defer this just in case
it has a regression.

e49b7ca netfilter: IPv6: initialize TOS field in REJECT target module

Fixes random TOS/DSCP values produced by many IPv6 firewalls.  Bug could
result in these packets being wrongly prioritised or dropped.

b698075 netfilter: IPv6: fix DSCP mangle code

Fixes masking of IPv6 TOS/DSCP values where they're intentionally
modified.  Bug could result in these packets being wrongly prioritised
or dropped.

f9f0932 xen: events: do not unmask event channels on resume
8ff753b genirq: Add IRQF_FORCE_RESUME
652c98b xen: Use IRQF_FORCE_RESUME

Fixes crash (BUG) on resume under Xen.

a6d553a time: Compensate for rounding on odd-frequency clocksources

Fixes high rate of system time skew (example given is 127 ppm, or 11
seconds per day) on some systems.

2a96ae7 Revert "iwlagn: Support new 5000 microcode."

Fixes regression in for this driver and device.  The driver
would not work with this device if the new microcode was available (in
Debian, firmware-iwlwifi version 0.29 or later).


Ben Hutchings
I'm always amazed by the number of people who take up solipsism because
they heard someone else explain it. - E*Borg on alt.fan.pratchett

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: