1. 06 7月, 2005 12 次提交
  2. 29 6月, 2005 14 次提交
  3. 27 6月, 2005 5 次提交
    • P
      [IPVS]: Fix for overflows · 4da62fc7
      pageexec 提交于
      From: <pageexec@freemail.hu>
      
      $subject was fixed in 2.4 already, 2.6 needs it as well.
      
      The impact of the bugs is a kernel stack overflow and privilege escalation
      from CAP_NET_ADMIN via the IP_VS_SO_SET_STARTDAEMON/IP_VS_SO_GET_DAEMON
      ioctls.  People running with 'root=all caps' (i.e., most users) are not
      really affected (there's nothing to escalate), but SELinux and similar
      users should take it seriously if they grant CAP_NET_ADMIN to other users.
      Signed-off-by: NAndrew Morton <akpm@osdl.org>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      4da62fc7
    • D
      [NETLINK]: Fix two socket hashing bugs. · d470e3b4
      David S. Miller 提交于
      1) netlink_release() should only decrement the hash entry
         count if the socket was actually hashed.
      
         This was causing hash->entries to underflow, which
         resulting in all kinds of troubles.
      
         On 64-bit systems, this would cause the following
         conditional to erroneously trigger:
      
      	err = -ENOMEM;
      	if (BITS_PER_LONG > 32 && unlikely(hash->entries >= UINT_MAX))
      		goto err;
      
      2) netlink_autobind() needs to propagate the error return from
         netlink_insert().  Otherwise, callers will not see the error
         as they should and thus try to operate on a socket with a zero pid,
         which is very bad.
      
         However, it should not propagate -EBUSY.  If two threads race
         to autobind the socket, that is fine.  This is consistent with the
         autobind behavior in other protocols.
      
         So bug #1 above, combined with this one, resulted in hangs
         on netlink_sendmsg() calls to the rtnetlink socket.  We'd try
         to do the user sendmsg() with the socket's pid set to zero,
         later we do a socket lookup using that pid (via the value we
         stashed away in NETLINK_CB(skb).pid), but that won't give us the
         user socket, it will give us the rtnetlink socket.  So when we
         try to wake up the receive queue, we dive back into rtnetlink_rcv()
         which tries to recursively take the rtnetlink semaphore.
      
      Thanks to Jakub Jelink for providing backtraces.  Also, thanks to
      Herbert Xu for supplying debugging patches to help track this down,
      and also finding a mistake in an earlier version of this fix.
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      d470e3b4
    • R
      64053bee
    • A
      [TCP]: Let TCP_CONG_ADVANCED default to n · 60fe7403
      Adrian Bunk 提交于
      It doesn't seem to make much sense to let an "If unsure, say N." option 
      default to y.
      Signed-off-by: NAdrian Bunk <bunk@stusta.de>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      60fe7403
    • D
      [IPV4]: Fix thinko in TCP_CONG_BIC default. · 6c360767
      David S. Miller 提交于
      Since it is tristate when we offer it as a choice, we should
      definte it also as tristate when forcing it as the default.
      Otherwise kconfig warns.
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      6c360767
  4. 26 6月, 2005 1 次提交
    • C
      [PATCH] Cleanup patch for process freezing · 3e1d1d28
      Christoph Lameter 提交于
      1. Establish a simple API for process freezing defined in linux/include/sched.h:
      
         frozen(process)		Check for frozen process
         freezing(process)		Check if a process is being frozen
         freeze(process)		Tell a process to freeze (go to refrigerator)
         thaw_process(process)	Restart process
         frozen_process(process)	Process is frozen now
      
      2. Remove all references to PF_FREEZE and PF_FROZEN from all
         kernel sources except sched.h
      
      3. Fix numerous locations where try_to_freeze is manually done by a driver
      
      4. Remove the argument that is no longer necessary from two function calls.
      
      5. Some whitespace cleanup
      
      6. Clear potential race in refrigerator (provides an open window of PF_FREEZE
         cleared before setting PF_FROZEN, recalc_sigpending does not check
         PF_FROZEN).
      
      This patch does not address the problem of freeze_processes() violating the rule
      that a task may only modify its own flags by setting PF_FREEZE. This is not clean
      in an SMP environment. freeze(process) is therefore not SMP safe!
      Signed-off-by: NChristoph Lameter <christoph@lameter.com>
      Signed-off-by: NLinus Torvalds <torvalds@osdl.org>
      3e1d1d28
  5. 25 6月, 2005 4 次提交
  6. 24 6月, 2005 4 次提交