Difference between revisions of "Download/kernel/rhel4/023stab044.11/changes"

From OpenVZ Virtuozzo Containers Wiki
Jump to: navigation, search
(created (still not finished))
 
(fixed; added "lj-cut")
Line 8: Line 8:
 
* +<code>CONFIG_MD_RAID6=y</code>
 
* +<code>CONFIG_MD_RAID6=y</code>
  
 +
<includeonly>[[{{PAGENAME}}/changes#Patches|{{Long changelog message}}]]</includeonly><noinclude>
 
=== Patches ===
 
=== Patches ===
 
<dl>
 
<dl>
 
<dt>diff-ms-security-x8664-rax-check-20070919
 
<dt>diff-ms-security-x8664-rax-check-20070919
<dd><pre class="simple">
+
<dd>
    x86_64: Zero extend all registers after ptrace in 32bit entry path.
+
x86_64: Zero extend all registers after ptrace in 32bit entry path.
  
    Strictly it's only needed for eax.
+
<pre class="simple">
 +
Strictly it's only needed for eax.
  
    It actually does a little more than strictly needed -- the other registers
+
It actually does a little more than strictly needed -- the other registers
    are already zero extended.
+
are already zero extended.
  
    Also remove the now unnecessary and non functional compat task check
+
Also remove the now unnecessary and non functional compat task check
    in ptrace.
+
in ptrace.
  
    This is CVE-2007-4573
+
This is CVE-2007-4573
  
    Found by Wojciech Purczynski
+
Found by Wojciech Purczynski
  
    Signed-off-by: Andi Kleen <ak@suse.de>
+
Signed-off-by: Andi Kleen &lt;ak@suse.de&gt;
    Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+
Signed-off-by: Linus Torvalds &lt;torvalds@linux-foundation.org&gt;
 +
</pre>
 +
 
 +
X-Git-Url: [http://git.kernel.org/gitweb.cgi?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=176df2457ef6207156ca1a40991c54ca01fef567 176df2457ef6207156ca1a40991c54ca01fef567]
  
    X-Git-Url: 176df2457ef6207156ca1a40991c54ca01fef567
 
</pre>
 
  
 
<dt>linux-2.6.9-arcmsr-1.20.0X.14.devel.patch
 
<dt>linux-2.6.9-arcmsr-1.20.0X.14.devel.patch
<dd><pre>
+
<dd>
Areca driver was provided to Thomas Krenn AG by Areca people.
+
Areca driver was provided to Thomas Krenn AG by Areca people.<br/>
 
https://helpdesk.swsoft.com/index.html?q=351134
 
https://helpdesk.swsoft.com/index.html?q=351134
  
 +
<pre class="simple">
 +
https://helpdesk.swsoft.com/index.html?q=351134
 
Requested by Thomas Krenn AG due to memory leak caused by Areca command line
 
Requested by Thomas Krenn AG due to memory leak caused by Areca command line
 
utility (about 7 MB per execution of the CLI according to Thomas Krenn AG).
 
utility (about 7 MB per execution of the CLI according to Thomas Krenn AG).
 
Declared to fix the memory leak problem.
 
Declared to fix the memory leak problem.
 +
</pre>
  
Bug #87569
+
Bug #87569.
 +
 
 +
<pre class="simple">
 
P.S. the issue with ARCMSR_MAX_XFER_SECTORS[_B] fixed (see the bug).
 
P.S. the issue with ARCMSR_MAX_XFER_SECTORS[_B] fixed (see the bug).
 
</pre>
 
</pre>
 +
  
 
<dt>linux-2.6.9-r8169-2.2LK-NAPI-ms-2.6.22.patch
 
<dt>linux-2.6.9-r8169-2.2LK-NAPI-ms-2.6.22.patch
<dd><pre>
+
<dd>
 
Patch prepared by Kostja (khorenko@):
 
Patch prepared by Kostja (khorenko@):
 +
<br/>
 
r8169 driver updated upto version 2.2LK-NAPI.
 
r8169 driver updated upto version 2.2LK-NAPI.
  
 +
<pre class="simple">
 +
r8169 driver updated upto version 2.2LK-NAPI.
 
Requested by Padberg-IT (web4.hm).
 
Requested by Padberg-IT (web4.hm).
 
Sources are backported from mainstream 2.6.22 kernel.
 
Sources are backported from mainstream 2.6.22 kernel.
 
</pre>
 
</pre>
 +
  
 
<dt>diff-simfs-stat64-20070622
 
<dt>diff-simfs-stat64-20070622
<dd><pre>
+
<dd>
Patch from Vasily (vtaras@):
+
Patch from Vasily (vtaras@):<br/>
 
[PATCH][2.6.9] simfs: add stat64 hook
 
[PATCH][2.6.9] simfs: add stat64 hook
  
 +
<pre class="simple">
 
Initial problem: per-user/group disk quota in VE doesn't work, if you
 
Initial problem: per-user/group disk quota in VE doesn't work, if you
 
use 2.6.9-based kernel.
 
use 2.6.9-based kernel.
Line 73: Line 87:
 
approach as in vfs_getstat/sim_getsat.
 
approach as in vfs_getstat/sim_getsat.
 
</pre>
 
</pre>
: {{bug|632}}
+
 
 +
{{bug|632}}
 +
 
 
</dl>
 
</dl>
 +
</noinclude>

Revision as of 07:21, 20 March 2008

Changes

  • Major x86_64 security fix (CVE-2007-4573)
  • areca and r8169 driver updates
  • Rebased to RHEL4-55.0.2.EL

Configs

Same as 023stab044.4, plus:

  • +CONFIG_MD_RAID6=y


Patches

diff-ms-security-x8664-rax-check-20070919
x86_64: Zero extend all registers after ptrace in 32bit entry path.
Strictly it's only needed for eax.

It actually does a little more than strictly needed -- the other registers
are already zero extended.

Also remove the now unnecessary and non functional compat task check
in ptrace.

This is CVE-2007-4573

Found by Wojciech Purczynski

Signed-off-by: Andi Kleen <ak@suse.de>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

X-Git-Url: 176df2457ef6207156ca1a40991c54ca01fef567


linux-2.6.9-arcmsr-1.20.0X.14.devel.patch
Areca driver was provided to Thomas Krenn AG by Areca people.
https://helpdesk.swsoft.com/index.html?q=351134

https://helpdesk.swsoft.com/index.html?q=351134
Requested by Thomas Krenn AG due to memory leak caused by Areca command line
utility (about 7 MB per execution of the CLI according to Thomas Krenn AG).
Declared to fix the memory leak problem.

Bug #87569.

P.S. the issue with ARCMSR_MAX_XFER_SECTORS[_B] fixed (see the bug).


linux-2.6.9-r8169-2.2LK-NAPI-ms-2.6.22.patch
Patch prepared by Kostja (khorenko@):
r8169 driver updated upto version 2.2LK-NAPI.

r8169 driver updated upto version 2.2LK-NAPI.
Requested by Padberg-IT (web4.hm).
Sources are backported from mainstream 2.6.22 kernel.


diff-simfs-stat64-20070622
Patch from Vasily (vtaras@):
[PATCH][2.6.9] simfs: add stat64 hook

Initial problem: per-user/group disk quota in VE doesn't work, if you
use 2.6.9-based kernel.

The thing is that during `vzctl start`, vzctl gives the required
permission to the appropriate device. If simfs is used, the device
should be an anon device.
But stat() system call on any simfs inode (this syscall is used by vzctl
to obtain major/minor number of device) returns major/minor of
_underlying_  device. Consequently vzctl gives the permission to
underlying device! Note, it is a potential security hole.

The patch adds hook to vfs_getstat64 and creates sim_getstat64: the same
approach as in vfs_getstat/sim_getsat.

OpenVZ Bug #632