rpms/kernel/F-7 linux-2.6-cifs-typo-in-cifs_reconnect-fix.patch, NONE, 1.1 kernel-2.6.spec, 1.3369, 1.3370 linux-2.6-cifs-fix-bad-handling-of-EAGAIN.patch, 1.1, 1.2 linux-2.6-cifs-fix-incomplete-rcv.patch, 1.1, 1.2

Wed Oct 31 00:56:37 UTC 2007

Author: cebbert

Update of /cvs/pkgs/rpms/kernel/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv9683

Modified Files:
	kernel-2.6.spec 
	linux-2.6-cifs-fix-bad-handling-of-EAGAIN.patch 
	linux-2.6-cifs-fix-incomplete-rcv.patch 
Added Files:
	linux-2.6-cifs-typo-in-cifs_reconnect-fix.patch 
Log Message:
add missing cifs patch


linux-2.6-cifs-typo-in-cifs_reconnect-fix.patch:

--- NEW FILE linux-2.6-cifs-typo-in-cifs_reconnect-fix.patch ---
Gitweb:     http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=638b250766272fcaaa0f7ed2776f58f4ac701914
Commit:     638b250766272fcaaa0f7ed2776f58f4ac701914
Parent:     a8cd925f74c3b1b6d1192f9e75f9d12cc2ab148a
Author:     Steve French <sfrench at us.ibm.com>
AuthorDate: Sat Sep 15 02:35:51 2007 +0000
Committer:  Steve French <sfrench at us.ibm.com>
CommitDate: Sat Sep 15 02:35:51 2007 +0000

    [CIFS] typo in earlier cifs_reconnect fix
    
    Signed-off-by: Steve French <sfrench at us.ibm.com>
---
 fs/cifs/connect.c |    1 -
 1 files changed, 0 insertions(+), 1 deletions(-)

diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index f58fef5..a83684d 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -439,7 +439,6 @@ incomplete_rcv:
 			cFYI(1, ("less than four bytes received (%d bytes)",
 			      length));
 			pdu_length -= length;
-			cifs_reconnect(server);
 			msleep(1);
 			goto incomplete_rcv;
 		}


Index: kernel-2.6.spec
===================================================================
RCS file: /cvs/pkgs/rpms/kernel/F-7/kernel-2.6.spec,v
retrieving revision 1.3369
retrieving revision 1.3370
diff -u -r1.3369 -r1.3370
--- kernel-2.6.spec	31 Oct 2007 00:38:45 -0000	1.3369
+++ kernel-2.6.spec	31 Oct 2007 00:56:02 -0000	1.3370
@@ -561,9 +561,10 @@
 Patch404: linux-2.6-scsi-mpt-vmware-fix.patch
 
 Patch420: linux-2.6-squashfs.patch
-Patch421: linux-2.6-gfs-locking-exports.patch
-Patch422: linux-2.6-cifs-fix-incomplete-rcv.patch
-Patch423: linux-2.6-cifs-fix-bad-handling-of-EAGAIN.patch
+Patch422: linux-2.6-gfs-locking-exports.patch
+Patch424: linux-2.6-cifs-fix-incomplete-rcv.patch
+Patch426: linux-2.6-cifs-typo-in-cifs_reconnect-fix.patch
+Patch428: linux-2.6-cifs-fix-bad-handling-of-EAGAIN.patch
 
 Patch430: linux-2.6-net-silence-noisy-printks.patch
 
@@ -1207,6 +1208,7 @@
 # CIFS
 # fix incomplete rcv and handling of EAGAIN
 ApplyPatch linux-2.6-cifs-fix-incomplete-rcv.patch
+ApplyPatch linux-2.6-cifs-typo-in-cifs_reconnect-fix.patch
 ApplyPatch linux-2.6-cifs-fix-bad-handling-of-EAGAIN.patch
 
 # Networking

linux-2.6-cifs-fix-bad-handling-of-EAGAIN.patch:

Index: linux-2.6-cifs-fix-bad-handling-of-EAGAIN.patch
===================================================================
RCS file: /cvs/pkgs/rpms/kernel/F-7/linux-2.6-cifs-fix-bad-handling-of-EAGAIN.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- linux-2.6-cifs-fix-bad-handling-of-EAGAIN.patch	29 Oct 2007 23:57:05 -0000	1.1
+++ linux-2.6-cifs-fix-bad-handling-of-EAGAIN.patch	31 Oct 2007 00:56:02 -0000	1.2
@@ -1,32 +1,38 @@
-From c18c732ec6bf372aa959ca6534cbfc32e464defd Mon Sep 17 00:00:00 2001
-From: Steve French <sfrench at us.ibm.com>
-Date: Wed, 17 Oct 2007 18:01:11 +0000
-Subject: [PATCH] [CIFS] fix bad handling of EAGAIN error on kernel_recvmsg in cifs_demultiplex_thread
-
-When kernel_recvmsg returns -EAGAIN or -ERESTARTSYS, then
-cifs_demultiplex_thread sleeps for a bit and then tries the read again.
-When it does this, it's not zeroing out the length and that throws off
-the value of total_read. Fix it to zero out the length.
-
-Can cause memory corruption:
-If kernel_recvmsg returns an error and total_read is a large enough
-value, then we'll end up going through the loop again. total_read will
-be a bogus value, as will (pdu_length-total_read). When this happens we
-end up calling kernel_recvmsg with a bogus value (possibly larger than
-the current iov_len).
-
-At that point, memcpy_toiovec can overrun iov. It will start walking
-up the stack, casting other things that are there to struct iovecs
-(since it assumes that it's been passed an array of them). Any pointer
-on the stack at an address above the kvec is a candidate for corruption
-here.
-
-Many thanks to Ulrich Obergfell for pointing this out.
-
-Signed-off-by: Jeff Layton <jlayton at redhat.com>
-Signed-off-by: Steve French <sfrench at us.ibm.com>
-[cebbert: removed CHANGES patch]
+Gitweb:     http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=c18c732ec6bf372aa959ca6534cbfc32e464defd
+Commit:     c18c732ec6bf372aa959ca6534cbfc32e464defd
+Parent:     adddd49ddf4ce5a5997f0695b194587290ea72e9
+Author:     Steve French <sfrench at us.ibm.com>
+AuthorDate: Wed Oct 17 18:01:11 2007 +0000
+Committer:  Steve French <sfrench at us.ibm.com>
+CommitDate: Wed Oct 17 18:01:11 2007 +0000
+
+    [CIFS] fix bad handling of EAGAIN error on kernel_recvmsg in cifs_demultiplex_thread
+    
+    When kernel_recvmsg returns -EAGAIN or -ERESTARTSYS, then
+    cifs_demultiplex_thread sleeps for a bit and then tries the read again.
+    When it does this, it's not zeroing out the length and that throws off
+    the value of total_read. Fix it to zero out the length.
+    
+    Can cause memory corruption:
+    If kernel_recvmsg returns an error and total_read is a large enough
+    value, then we'll end up going through the loop again. total_read will
+    be a bogus value, as will (pdu_length-total_read). When this happens we
+    end up calling kernel_recvmsg with a bogus value (possibly larger than
+    the current iov_len).
+    
+    At that point, memcpy_toiovec can overrun iov. It will start walking
+    up the stack, casting other things that are there to struct iovecs
+    (since it assumes that it's been passed an array of them). Any pointer
+    on the stack at an address above the kvec is a candidate for corruption
+    here.
+    
+    Many thanks to Ulrich Obergfell for pointing this out.
+    
+    Signed-off-by: Jeff Layton <jlayton at redhat.com>
+    Signed-off-by: Steve French <sfrench at us.ibm.com>
+    [cebbert at redhat.com: removed CHANGES patch]
 ---
+ fs/cifs/CHANGES   |    3 ++-
  fs/cifs/connect.c |    6 +++++-
  2 files changed, 7 insertions(+), 2 deletions(-)
 
@@ -54,6 +60,3 @@
  				continue;
  			} else if (length <= 0) {
  				cERROR(1, ("Received no data, expecting %d",
--- 
-1.5.3.3
-

linux-2.6-cifs-fix-incomplete-rcv.patch:

Index: linux-2.6-cifs-fix-incomplete-rcv.patch
===================================================================
RCS file: /cvs/pkgs/rpms/kernel/F-7/linux-2.6-cifs-fix-incomplete-rcv.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- linux-2.6-cifs-fix-incomplete-rcv.patch	30 Oct 2007 14:24:41 -0000	1.1
+++ linux-2.6-cifs-fix-incomplete-rcv.patch	31 Oct 2007 00:56:02 -0000	1.2
@@ -1,28 +1,33 @@
-
-# HG changeset patch
-# User Steve French <sfrench at us.ibm.com>
-# Date 1188508411 0
-# Node ID 28a3163b078167de5419aa942d516a23ac1e7d5b
-# Parent 1742bac9b5a02269c427ff82982c6fedbc85c01e
-[CIFS] fix for incorrect session reconnects
-
-cifs reconnect could end up happening incorrectly due to
-the small initial tcp recvmsg response. When the socket
-was within three bytes of being full and the recvmsg
-returned only 1 to 3 bytes of the initial 4 byte
-read of the RFC1001 length field. Fortunately this
-seems to be less common on more current kernels, but
-this fixes it so cifs tries to retrieve all 4 bytes
-of the initial tcp read.
-
-Signed-off-by: Shirish Pargoankar <shirishp at us.ibm.com>
-Signed-off-by: Steve French <sfrench at us.ibm.com>
-
-committer: Steve French <sfrench at us.ibm.com>
-
---- a/fs/cifs/connect.c	Thu Aug 30 20:18:41 2007 +0000
-+++ b/fs/cifs/connect.c	Thu Aug 30 21:13:31 2007 +0000
-@@ -400,9 +400,11 @@ cifs_demultiplex_thread(struct TCP_Serve
+Gitweb:     http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=f01d5e14e764b14b6bf5512678523d009254b209
+Commit:     f01d5e14e764b14b6bf5512678523d009254b209
+Parent:     8594c15ad226227aaf178b7cf57f2e7291684dd4
+Author:     Steve French <sfrench at us.ibm.com>
+AuthorDate: Thu Aug 30 21:13:31 2007 +0000
+Committer:  Steve French <sfrench at us.ibm.com>
+CommitDate: Thu Aug 30 21:13:31 2007 +0000
+
+    [CIFS] fix for incorrect session reconnects
+    
+    cifs reconnect could end up happening incorrectly due to
+    the small initial tcp recvmsg response. When the socket
+    was within three bytes of being full and the recvmsg
+    returned only 1 to 3 bytes of the initial 4 byte
+    read of the RFC1001 length field. Fortunately this
+    seems to be less common on more current kernels, but
+    this fixes it so cifs tries to retrieve all 4 bytes
+    of the initial tcp read.
+    
+    Signed-off-by: Shirish Pargoankar <shirishp at us.ibm.com>
+    Signed-off-by: Steve French <sfrench at us.ibm.com>
+---
+ fs/cifs/connect.c |   13 +++++++------
+ 1 files changed, 7 insertions(+), 6 deletions(-)
+
+diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
+index 4af3588..8af993f 100644
+--- a/fs/cifs/connect.c
++++ b/fs/cifs/connect.c
+@@ -400,9 +400,11 @@ cifs_demultiplex_thread(struct TCP_Server_Info *server)
  		iov.iov_len = 4;
  		smb_msg.msg_control = NULL;
  		smb_msg.msg_controllen = 0;
@@ -35,7 +40,7 @@
  
  		if ( kthread_should_stop() ) {
  			break;
-@@ -437,13 +439,12 @@ cifs_demultiplex_thread(struct TCP_Serve
+@@ -437,13 +439,12 @@ cifs_demultiplex_thread(struct TCP_Server_Info *server)
  			wake_up(&server->response_q);
  			continue;
  		} else if (length < 4) {
@@ -53,4 +58,3 @@
  		}
  
  		/* The right amount was read from socket - 4 bytes */
-


