rpms/kernel/devel linux-2.6-selinux-strip-leading-slashes.patch, NONE, 1.1 linux-2.6-wireless-b43-reject-new-firmware.patch, NONE, 1.1 kernel.spec, 1.390, 1.391
Chuck Ebbert (cebbert)
fedora-extras-commits at redhat.com
Tue Jan 29 00:36:38 UTC 2008
Author: cebbert
Update of /cvs/pkgs/rpms/kernel/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv19463
Modified Files:
kernel.spec
Added Files:
linux-2.6-selinux-strip-leading-slashes.patch
linux-2.6-wireless-b43-reject-new-firmware.patch
Log Message:
* Mon Jan 28 2008 Chuck Ebbert <cebbert at redhat.com>
- Strip extra leading slashes in selinux filenames.
- wireless: reject too-new b43 firmware
linux-2.6-selinux-strip-leading-slashes.patch:
--- NEW FILE linux-2.6-selinux-strip-leading-slashes.patch ---
commit b1aa5301b9f88a4891061650c591fb8fe1c1d1da
Author: Stephen Smalley <sds at tycho.nsa.gov>
Date: Fri Jan 25 13:03:42 2008 -0500
selinux: fix labeling of /proc/net inodes
The proc net rewrite had a side effect on selinux, leading it to mislabel
the /proc/net inodes, thereby leading to incorrect denials. Fix
security_genfs_sid to ignore extra leading / characters in the path supplied
by selinux_proc_get_sid since we now get "//net/..." rather than "/net/...".
Signed-off-by: Stephen Smalley <sds at tycho.nsa.gov>
Signed-off-by: James Morris <jmorris at namei.org>
diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index f83b19d..4bf715d 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -1744,6 +1744,9 @@ int security_genfs_sid(const char *fstype,
struct ocontext *c;
int rc = 0, cmp = 0;
+ while (path[0] == '/' && path[1] == '/')
+ path++;
+
POLICY_RDLOCK;
for (genfs = policydb.genfs; genfs; genfs = genfs->next) {
linux-2.6-wireless-b43-reject-new-firmware.patch:
--- NEW FILE linux-2.6-wireless-b43-reject-new-firmware.patch ---
We must reject new incompatible firmware early to avoid
running into strange transmission failures.
The current development tree supports newer firmware revisions.
These revisions cause strange failures on the stable 2.6.24 kernel.
Add a check to avoid confusing users a lot.
Signed-off-by: Michael Buesch <mb at bu3sch.de>
Index: linux-2.6.24/drivers/net/wireless/b43/main.c
===================================================================
--- linux-2.6.24.orig/drivers/net/wireless/b43/main.c 2008-01-25 11:50:05.000000000 +0100
+++ linux-2.6.24/drivers/net/wireless/b43/main.c 2008-01-26 13:25:07.000000000 +0100
@@ -1800,6 +1800,13 @@ static int b43_upload_microcode(struct b
err = -EOPNOTSUPP;
goto error;
}
+ if (fwrev > 351) {
+ b43err(dev->wl, "YOUR FIRMWARE IS TOO NEW. Please downgrade your "
+ "firmware.\n");
+ b43_print_fw_helptext(dev->wl, 1);
+ err = -EOPNOTSUPP;
+ goto error;
+ }
b43dbg(dev->wl, "Loading firmware version %u.%u "
"(20%.2i-%.2i-%.2i %.2i:%.2i:%.2i)\n",
fwrev, fwpatch,
Index: kernel.spec
===================================================================
RCS file: /cvs/pkgs/rpms/kernel/devel/kernel.spec,v
retrieving revision 1.390
retrieving revision 1.391
diff -u -r1.390 -r1.391
--- kernel.spec 28 Jan 2008 23:15:42 -0000 1.390
+++ kernel.spec 29 Jan 2008 00:35:59 -0000 1.391
@@ -615,6 +615,7 @@
Patch460: linux-2.6-serial-460800.patch
Patch510: linux-2.6-silence-noise.patch
Patch570: linux-2.6-selinux-mprotect-checks.patch
+Patch571: linux-2.6-selinux-strip-leading-slashes.patch
Patch590: linux-2.6-unexport-symbols.patch
Patch610: linux-2.6-defaults-fat-utf8.patch
Patch660: linux-2.6-libata-ali-atapi-dma.patch
@@ -625,6 +626,7 @@
Patch690: linux-2.6-at76.patch
Patch691: linux-2.6-rndis_wext.patch
Patch692: linux-2.6-ath5k-use-soft-wep.patch
+Patch693: linux-2.6-wireless-b43-reject-new-firmware.patch
Patch820: linux-2.6-compile-fixes.patch
Patch1101: linux-2.6-default-mmf_dump_elf_headers.patch
Patch1102: linux-2.6-i386-vdso-install-unstripped-copies-on-disk.patch
@@ -1118,6 +1120,8 @@
# Fix the SELinux mprotect checks on executable mappings
ApplyPatch linux-2.6-selinux-mprotect-checks.patch
+# strip extra leading slashes in pathnames
+ApplyPatch linux-2.6-selinux-strip-leading-slashes.patch
# Remove kernel-internal functionality that nothing external should use.
ApplyPatch linux-2.6-unexport-symbols.patch
@@ -1145,6 +1149,9 @@
# Make ath5k use software WEP
ApplyPatch linux-2.6-ath5k-use-soft-wep.patch
+# reject too-new b43 firmware
+ApplyPatch linux-2.6-wireless-b43-reject-new-firmware.patch
+
# implement smarter atime updates support.
ApplyPatch linux-2.6-smarter-relatime.patch
@@ -1771,6 +1778,10 @@
%changelog
* Mon Jan 28 2008 Chuck Ebbert <cebbert at redhat.com>
+- Strip extra leading slashes in selinux filenames.
+- wireless: reject too-new b43 firmware
+
+* Mon Jan 28 2008 Chuck Ebbert <cebbert at redhat.com>
- Build in the CMOS RTC driver.
* Mon Jan 28 2008 Jarod Wilson <jwilson at redhat.com>
More information about the fedora-extras-commits
mailing list