rpms/kernel-xen/devel linux-2.6-net-fix-iptables.patch, NONE, 1.1.2.1 linux-2.6-net-slab-corruption.patch, NONE, 1.1.2.1 kernel-xen.spec, 1.33, 1.33.2.1
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Wed Feb 1 22:21:17 UTC 2006
Author: sct
Update of /cvs/dist/rpms/kernel-xen/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv855
Modified Files:
Tag: private-sct-2_6_15-1_33_FC5-branch
kernel-xen.spec
Added Files:
Tag: private-sct-2_6_15-1_33_FC5-branch
linux-2.6-net-fix-iptables.patch
linux-2.6-net-slab-corruption.patch
Log Message:
Subject: [PATCH] two must-have networking fixes.
From: davej <davej>
linux-2.6-net-fix-iptables.patch:
x_tables.h | 16 +++++++++++++++-
1 files changed, 15 insertions(+), 1 deletion(-)
--- NEW FILE linux-2.6-net-fix-iptables.patch ---
[NETFILTER] x_tables: Fix XT_ALIGN() macro on [at least] ppc32
To keep backwards compatibility with old iptables userspace programs,
the new XT_ALIGN macro always has to return the same value as IPT_ALIGN,
IP6T_ALIGN or ARPT_ALIGN in previous kernels.
However, in those kernels the macro was defined in dependency to the
respective layer3 specifi data structures, which we can no longer do with
x_tables.
The fix is an ugly kludge, but it has been tested to solve the problem. Yet
another reason to move away from the current {ip,ip6,arp,eb}tables like
data structures.
Signed-off-by: Harald Welte <laforge at netfilter.org>
---
commit 470faeb379560fe877b685ca69be6a7e4f0e91ed
tree 5732ecd9bcab28469805752514e5c57ba26189a1
parent 44718bbfa186d58477163418d37df173aa2dd079
author Harald Welte <laforge at netfilter.org> Fri, 20 Jan 2006 01:44:24 +0100
committer Harald Welte <laforge at netfilter.org> Fri, 20 Jan 2006 01:44:24 +0100
include/linux/netfilter/x_tables.h | 15 ++++++++++++++-
1 files changed, 14 insertions(+), 1 deletions(-)
diff --git a/include/linux/netfilter/x_tables.h b/include/linux/netfilter/x_tables.h
index 472f048..65f9cd8 100644
--- a/include/linux/netfilter/x_tables.h
+++ b/include/linux/netfilter/x_tables.h
@@ -19,8 +19,22 @@ struct xt_get_revision
/* For standard target */
#define XT_RETURN (-NF_REPEAT - 1)
-#define XT_ALIGN(s) (((s) + (__alignof__(u_int64_t)-1)) & ~(__alignof__(u_int64_t)-1))
+/* this is a dummy structure to find out the alignment requirement for a struct
+ * containing all the fundamental data types that are used in ipt_entry, ip6t_entry
+ * and arpt_entry. This sucks, and it is a hack. It will be my personal pleasure
+ * to remove it -HW */
+struct _xt_align
+{
+ u_int8_t u8;
+ u_int16_t u16;
+ u_int32_t u32;
+ u_int64_t u64;
+};
+
+#define XT_ALIGN(s) (((s) + (__alignof__(struct _xt_align)-1)) \
+ & ~(__alignof__(struct _xt_align)-1))
+
/* Standard return verdict, or do jump. */
#define XT_STANDARD_TARGET ""
/* Error verdict. */
linux-2.6-net-slab-corruption.patch:
skbuff.c | 8 +++++---
1 files changed, 5 insertions(+), 3 deletions(-)
--- NEW FILE linux-2.6-net-slab-corruption.patch ---
diff --git a/net/core/skbuff.c b/net/core/skbuff.c
--- a/net/core/skbuff.c
+++ b/net/core/skbuff.c
@@ -135,13 +135,15 @@ void skb_under_panic(struct sk_buff *skb
struct sk_buff *__alloc_skb(unsigned int size, gfp_t gfp_mask,
int fclone)
{
+ kmem_cache_t *cache;
struct skb_shared_info *shinfo;
struct sk_buff *skb;
u8 *data;
+ cache = fclone ? skbuff_fclone_cache : skbuff_head_cache;
+
/* Get the HEAD */
- skb = kmem_cache_alloc(fclone ? skbuff_fclone_cache : skbuff_head_cache,
- gfp_mask & ~__GFP_DMA);
+ skb = kmem_cache_alloc(cache, gfp_mask & ~__GFP_DMA);
if (!skb)
goto out;
@@ -180,7 +182,7 @@ struct sk_buff *__alloc_skb(unsigned int
out:
return skb;
nodata:
- kmem_cache_free(skbuff_head_cache, skb);
+ kmem_cache_free(cache, skb);
skb = NULL;
goto out;
}
Index: kernel-xen.spec
===================================================================
RCS file: /cvs/dist/rpms/kernel-xen/devel/kernel-xen.spec,v
retrieving revision 1.33
retrieving revision 1.33.2.1
diff -u -r1.33 -r1.33.2.1
--- kernel-xen.spec 28 Jan 2006 00:13:50 -0000 1.33
+++ kernel-xen.spec 1 Feb 2006 22:21:14 -0000 1.33.2.1
@@ -362,6 +362,8 @@
Patch1830: linux-2.6-w1-hush-debug.patch
Patch1840: linux-2.6-x86-hp-reboot.patch
Patch1850: linux-2.6-mv643xx-compile-fix.patch
+Patch1860: linux-2.6-net-fix-iptables.patch
+Patch1870: linux-2.6-net-slab-corruption.patch
# Warn about usage of various obsolete functionality that may go away.
Patch1900: linux-2.6-obsolete-idescsi-warning.patch
@@ -839,6 +841,11 @@
%patch1840 -p1
# Fix compilation for MV643xx Ethernet
%patch1850 -p1
+# Make iptables work again
+%patch1860 -p1
+# Fix netlayer slab corruption
+%patch1870 -p1
+
# Warn about obsolete functionality usage.
%patch1900 -p1
%patch1901 -p1
@@ -1381,6 +1388,10 @@
* Thu Jan 26 2006 Juan Quintela <quintela at redhat.com>
- "don't edit patches by hand" release.
+* Thu Jan 26 2006 Dave Jones <davej at redhat.com>
+- Fix slab corruption in network layer.
+- Make iptables work again.
+
* Wed Jan 25 2006 Juan Quintela <quintela at redhat.com>
- merge with rawhide kernel 1.1869.
More information about the fedora-cvs-commits
mailing list