[Inrepid] SRU: Update kernel to Linux 2.6.27.18

Andy Whitcroft apw at canonical.com
Thu Feb 19 10:19:50 UTC 2009 

On Wed, Feb 18, 2009 at 09:01:03AM +0100, Stefan Bader wrote:
> SRU justification:
> 
> Impact: Several bug fixes and updates to get in sync with upstream stable. This 
> update features one vmware fix that we were asked to pick up on the kerne-team 
> mailing list, replaces one patch that was carried as SAUCE patch, as well as a 
> few fixes to previous stable releases.
> 
> Fix:
>   * Fix page writeback thinko, causing Berkeley DB slowdown
simple, performance issue for write out, this could be the trigger for
the io performance issues we have been seeing

>   * iwlwifi: scan correct setting of valid rx_chains
simple, intel wireless specific

>   * kernel-doc: fix syscall wrapper processing
safe, does not touch kernel source

>   * lockd: fix regression in lockd's handling of blocked locks
simple, NFS lockd fix

>   * nbd: fix I/O hang on disconnected nbds
simple, network block devices, prevents hands on lost connections

>   * parport: parport_serial, don't bind netmos ibm 0299
simple, hardware (IBM:0x0299) specific quirk

>   * powerpc: Fix swapcontext system for VSX + old ucontext size
significant, rewrite of swapcontext handling, PORTS/powerpc kernel only

> 1 * powerpc/fsl-booke: Fix mapping functions to use phys_addr_t(1)
simple, type change only, PORTS/powerpc kernel only, ABI BUMP

>   * syscall define: fix uml compile bug
simple, affects syscall function definitions, if it boots it works

>   * w1: w1 temp calculation overflow fix
simple, hardware sensor specific

>   * write-back: fix nr_to_write counter
>   * writeback: fix break condition
medium, together ensure integrity write back writes sufficient pages,
data integrity issue

> 2 * x86, vmi: put a missing paravirt_release_pmd in pgd_dtor(2)
simple, page table page handling fix, virtual machine specific

>   * zd1211rw: adding 0ace:0xa211 as a ZD1211 device
simple, hardware (0ace:a211) specific quirk

>   * zd1211rw: treat MAXIM_NEW_RF(0x08) as UW2453_RF(0x09) for TP-Link WN322/422G
simple, hardware (MAXIM_NEW_RF) specific quirk

>   * sctp: Fix crc32c calculations on big-endian arhes.
simple, fixes CRC32C calculation, big-endian arches only, PORTS only

>   * sctp: Correctly start rtx timer on new packet transmissions.
>   * sctp: Properly timestamp outgoing data chunks for rtx purposes
simple, together shorten and fix retry timers on SCTP packets, SCTP only

>   * drivers/net/skfp: if !capable(CAP_NET_ADMIN): inverted logic
simple, FDDI device specific

>   * ipv4: fix infinite retry loop in IP-Config
simple, fixes configuration infinite loop

>   * ipv6: Disallow rediculious flowlabel option sizes.
simple, limits IPv6 options to 64k, IPv6 specific

>   * ipv6: Copy cork options in ip6_append_data
simple, IPv6 specific

>   * net: 4 bytes kernel memory disclosure in SO_BSDCOMPAT gsopt try #2
simple, potential data leak to userspace

>   * net: packet socket packet_lookup_frame fix
simple, packet loss on AF_PACKET sockets

>   * sky2: fix hard hang with netconsoling and iface going up
simple, network console specific

>   * sungem: Soft lockup in sungem on Netra AC200 when switching interface up
simple, hardware (sungem) specific

>   * tun: Add some missing TUN compat ioctl translations.
simple, adds 32bit compatibility ioctls

>   * tun: Fix unicast filter overflow
simple, ensures match overflow still works

>   * udp: Fix UDP short packet false positive
simple, fixes currently incorrectly dropped UDP packages, not
triggerable by most net devices

>   * udp: increments sk_drops in __udp_queue_rcv_skb()
simple, udp error accounting fix

>   * virtio_net: Fix MAX_PACKET_LEN to support 802.1Q VLANs
simple, buffer sizing issue for KVM etc

>   * net: Fix frag_list handling in skb_seq_read
>   * net: Fix OOPS in skb_seq_read().
medium, together fix fragment handling

>   * packet: Avoid lock_sock in mmap handler
medium, locking change to avoid deadlock in AF_PACKET mmap handler

>   * tcp: splice as many packets as possible at once
simple, network performance improvement, splice users only

>   * tcp: Fix length tcp_splice_data_recv passes to skb_splice_bits.
simple, duplicated data error with urgent data, splice users only

>   * sparc: Enable syscall wrappers for 64-bit (CVE-2009-0029)
>   * sparc64: Annotate sparc64 specific syscalls with SYSCALL_DEFINEx()
simple, switch to SYSCALL() for sparc64, PORTS only, ABI BUMP

>   * netfilter: fix tuple inversion for Node information request
simple, netfilter matching fix

>   * netfilter: xt_sctp: sctp chunk mapping doesn't work
simple, using incorrect buffer

>   * bluetooth hid: enable quirk handling for Apple Wireless Keyboards in 2.6.27
>     * Revert "UBUNTU: SAUCE: Add back in lost commit for Apple BT Wireless
>       Keyboard"
simple, hardware specific quirks, does change the quirk slightly needs
testing

+       { 0x05ac, 0x022c, HID_QUIRK_APPLE_NUMLOCK_EMULATION | HID_QUIRK_APPLE_HAS_FN },
-       { 0x05ac, 0x022c, HID_QUIRK_APPLE_HAS_FN },

>   * HID: adjust report descriptor fixup for MS 1028 receiver
medium, well tested both in jaunty and by testers on bug #281993.

>   * libata: fix EH device failure handling
simple, SATA handling fixes

>   * ide/libata: fix ata_id_is_cfa() (take 4)
simple, fixes detection of some modern compact flash cards, CF card
specific

>   * x86: fixup config space size of CPU functions for AMD family 11h
simple, hardware specific for AMD 11h CPUs

>   * mac80211: fix a buffer overrun in station debug code
simple, fixes debug only buffer overrun, potential for data leak to
userspace without this

>   * ALSA: mtpav - Fix initial value for input hwport
simple, avoid oops on early receive, midi port specific

>   * net: Fix data corruption when splicing from sockets.
major, prevents possible data leak to network

>   * Linux 2.6.27.18
simple

> (1) Would bump the ABI for ports(powerpc)
> (2) This patch was requested on the kernel-team mailing list

I think this one is an ABI bumper for PORTS(sparc64):

    * sparc64: Annotate sparc64 specific syscalls with SYSCALL_DEFINEx()

I suspect all three of these couple be seen as potential security
issues as they prevent leakage from kernel to userspace/network:

    * net: 4 bytes kernel memory disclosure in SO_BSDCOMPAT gsopt try #2
    * mac80211: fix a buffer overrun in station debug code
    * net: Fix data corruption when splicing from sockets.

Overall they all look sensible and reasonable.

ACK

-apw

More information about the kernel-team mailing list