- 17 Feb, 2011 24 commits
-
-
Alan Stern authored
commit d199c96d upstream. If anyone comes across a high-speed hub that (by mistake or by design) claims to have no Transaction Translators, plugging a full- or low-speed device into it will cause the USB stack to crash. This patch (as1446) prevents the problem by ignoring such devices, since the kernel has no way to communicate with them. Signed-off-by:
Alan Stern <stern@rowland.harvard.edu> Tested-by:
Perry Neben <neben@vmware.com> Signed-off-by:
Greg Kroah-Hartman <gregkh@suse.de>
-
Michael Williamson authored
commit 28fe2eb0 upstream. Add the USB Vendor ID and Product ID for a Acton Research Corp. spectrograph device with a FTDI chip for serial I/O. Signed-off-by:
Michael H Williamson <michael.h.williamson@gmail.com> Signed-off-by:
-
Arvid Ephraim Picciani authored
commit 721d92fc upstream. This adds the N8 to the list of devices in cdc-acm, in order to get the secondary ACM device exposed. In the spirit of: http://kerneltrap.org/mailarchive/linux-usb/2010/9/4/6264554Signed-off-by:
Arvid Ephraim Picciani <arvid.picciani@nokia.com> Signed-off-by:
-
Jean-Christophe PLAGNIOL-VILLARD authored
commit 6ec2f46c upstream. on ST Micro Connect Lite we have 4 port Part A and B for the JTAG Port C Uart Port D for PIO Signed-off-by:
Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com> Signed-off-by:
-
Nick Holloway authored
commit c25f6b15 upstream. This device suffers from the off-by-one error when reporting the capacity, so add entry with US_FL_FIX_CAPACITY. Signed-off-by:
Nick Holloway <Nick.Holloway@pyrites.org.uk> Signed-off-by:
-
Ionut Nicu authored
commit b14de385 upstream. If usb_deregister() is called after usb_serial_deregister() when the device is plugged in, the following Oops occurs: [ 95.337377] BUG: unable to handle kernel NULL pointer dereference at 00000010 [ 95.338236] IP: [<c0776b2d>] klist_put+0x12/0x62 [ 95.338356] *pdpt = 000000003001a001 *pde = 0000000000000000 [ 95.338356] Oops: 0000 [#1] SMP [ 95.340499] last sysfs file: /sys/devices/pci0000:00/0000:00:1d.2/usb8/idVendor [ 95.340499] Modules linked in: ti_usb_3410_5052(-) usbserial cpufreq_ondemand acpi_cpufreq mperf iptable_nat nf_nat iptable_mangle ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 ip6table_filter ip6_tables ipv6 uinput arc4 ecb iwlagn iwlcore mac80211 cfg80211 microcode pcspkr acer_wmi joydev wmi sky2 [last unloaded: scsi_wait_scan] [ 95.341908] [ 95.341908] Pid: 1532, comm: modprobe Not tainted 2.6.37-rc7+ #6 Eiger /Aspire 5930 [ 95.341908] EIP: 0060:[<c0776b2d>] EFLAGS: 00010246 CPU: 0 [ 95.341908] EIP is at klist_put+0x12/0x62 [ 95.341908] EAX: 00000000 EBX: eedc0c84 ECX: c09c21b4 EDX: 00000001 [ 95.341908] ESI: 00000000 EDI: efaa0c1c EBP: f214fe2c ESP: f214fe1c [ 95.341908] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 [ 95.341908] Process modprobe (pid: 1532, ti=f214e000 task=efaaf080 task.ti=f214e000) [ 95.341908] Stack: [ 95.341908] f214fe24 eedc0c84 efaaf080 efaa0c1c f214fe34 c0776ba8 f214fe5c c0776c76 [ 95.341908] c09c21b4 c09c21b4 eedc0c84 efaaf080 00000000 c0634398 eafe2d1c f7b515f0 [ 95.341908] f214fe6c c0631b5c eafe2d50 eafe2d1c f214fe7c c0631ba2 eafe2d1c eafe2c00 [ 95.341908] Call Trace: [ 95.341908] [<c0776ba8>] ? klist_del+0xd/0xf [ 95.341908] [<c0776c76>] ? klist_remove+0x48/0x74 [ 95.341908] [<c0634398>] ? devres_release_all+0x49/0x51 [ 95.341908] [<c0631b5c>] ? __device_release_driver+0x7b/0xa4 [ 95.341908] [<c0631ba2>] ? device_release_driver+0x1d/0x28 [ 95.341908] [<c06317c4>] ? bus_remove_device+0x92/0xa1 [ 95.341908] [<c062f3d8>] ? device_del+0xf9/0x13e [ 95.341908] [<f7b06146>] ? usb_serial_disconnect+0xd9/0x116 [usbserial] [ 95.341908] [<c0681e3f>] ? usb_disable_interface+0x32/0x40 [ 95.341908] [<c0683972>] ? usb_unbind_interface+0x48/0xfd [ 95.341908] [<c0631b43>] ? __device_release_driver+0x62/0xa4 [ 95.341908] [<c06320b9>] ? driver_detach+0x62/0x81 [ 95.341908] [<c0631a41>] ? bus_remove_driver+0x8f/0xae [ 95.341908] [<c063214c>] ? driver_unregister+0x50/0x57 [ 95.341908] [<c0682f95>] ? usb_deregister+0x77/0x84 [ 95.341908] [<f7b505b6>] ? ti_exit+0x26/0x28 [ti_usb_3410_5052] [ 95.341908] [<c046a307>] ? sys_delete_module+0x181/0x1de [ 95.341908] [<c04e2727>] ? path_put+0x1a/0x1d [ 95.341908] [<c047f4c5>] ? audit_syscall_entry+0x116/0x138 [ 95.341908] [<c04094df>] ? sysenter_do_call+0x12/0x28 [ 95.341908] Code: 00 83 7d f0 00 74 09 85 f6 74 05 89 f0 ff 55 f0 8b 43 04 5a 5b 5e 5f 5d c3 55 89 e5 57 56 53 89 c3 83 ec 04 8b 30 83 e6 fe 89 f0 <8b> 7e 10 88 55 f0 e8 47 26 01 00 8a 55 f0 84 d2 74 17 f6 03 01 [ 95.341908] EIP: [<c0776b2d>] klist_put+0x12/0x62 SS:ESP 0068:f214fe1c [ 95.341908] CR2: 0000000000000010 [ 95.342357] ---[ end trace 8124d00ad871ad18 ]--- Signed-off-by:
Ionut Nicu <ionut.nicu@mindbit.ro> Signed-off-by:
-
Bjørn Mork authored
commit 271c1150 upstream. The major and minor number saved in the product_info structure were copied from the address instead of the data, causing an inconsistency in the reported versions during firmware loading: usb 4-1: firmware: requesting edgeport/down.fw /usr/src/linux/drivers/usb/serial/io_edgeport.c: downloading firmware version (930) 1.16.4 [..] /usr/src/linux/drivers/usb/serial/io_edgeport.c: edge_startup - time 3 4328191260 /usr/src/linux/drivers/usb/serial/io_edgeport.c: FirmwareMajorVersion 0.0.4 This can cause some confusion whether firmware loaded successfully or not. Signed-off-by:
Bjørn Mork <bjorn@mork.no> Signed-off-by:
-
Alan Stern authored
commit ad84e4a9 upstream. This patch (as1442) fixes a bug in g_printer: Module parameters should not be marked "__initdata" if they are accessible in sysfs (i.e., if the mode value in the module_param() macro is nonzero). Otherwise attempts to access the parameters will cause addressing violations. Character-string module parameters must not be marked "__initdata" if the module can be unloaded, because the kernel needs to access the parameter variable at unload time in order to free the dynamically-allocated string. Signed-off-by:
-
Alan Stern authored
commit f75593ce upstream. This patch (as1440) fixes a bug in ehci-hcd. ehci->periodic_size is used to compute the size in a dma_alloc_coherent() call, but then it gets changed later on. As a result, the corresponding call to dma_free_coherent() passes a different size from the original allocation. Fix the problem by adjusting ehci->periodic_size before carrying out any of the memory allocations. Signed-off-by:
Larry Finger <Larry.Finger@lwfinger.net> CC: David Brownell <david-b@pacbell.net> Signed-off-by:
-
Alex He authored
commit baab93af upstream. AMD Hudson also needs the same ASPM quirk as SB800 Signed-off-by:
Alex He <alex.he@amd.com> Signed-off-by:
-
Nicolaus Colberg authored
commit aa52b3a9 upstream. /drivers/usb/serial/option.c: Adding support for Cinterion's HC25, HC28, HC28J, EU3-E, EU3-P and PH8 by correcting/adding Cinterion's and Siemens' Vendor IDs as well as Product IDs and USB_DEVICE tuples Signed-off-by:
Nicolaus Colberg <nicolaus.colberg@cinterion.com> Signed-off-by:
-
Pieter Maes authored
commit a9d61bc4 upstream. I found the original patch on the db0fhn repeater wiki (couldn't find the email of the origial author) I guess it was never commited. I updated and added some Icom HAM-radio devices to the ftdi driver. Added extra comments to make clear what devices it are. Signed-off-by:
Pieter Maes <maescool@gmail.com> Signed-off-by:
-
Alan Stern authored
commit 3ea3c9b5 upstream. This patch (as1444) adds an unusual_devs entry for an MP3 player from Coby electronics. The device has two nasty bugs. Signed-off-by:
Jasper Mackenzie <scarletpimpernal@hotmail.com> Signed-off-by:
-
Alan Stern authored
commit 12f68c48 upstream. This patch (as1438) adds an unusual_devs entry for the MagicPixel FW_Omega2 chip, used in the CamSport Evo camera. The firmware incorrectly reports a vendor-specific bDeviceClass. Signed-off-by:
-
Richard Schütz authored
USB: usb-storage: unusual_devs update for TrekStor DataStation maxi g.u external hard drive enclosure commit 7e1e7bd9 upstream. The TrekStor DataStation maxi g.u external hard drive enclosure uses a JMicron USB to SATA chip which needs the US_FL_IGNORE_RESIDUE flag to work properly. Signed-off-by:
Richard Schütz <r.schtz@t-online.de> Signed-off-by:
-
Richard Schütz authored
commit cae41118 upstream. New device ID added for unusual Cypress ATACB device. Signed-off-by:
-
Craig Shelley authored
commit 9926c0df upstream. Device ID removed 0x10C4/0x8149 for West Mountain Radio Computerized Battery Analyzer. This device is actually based on a SiLabs C8051Fxxx, see http://www.etheus.net/SiUSBXp_Linux_Driver for further info. Signed-off-by:
Craig Shelley <craig@microtron.org.uk> Signed-off-by:
-
Craig Shelley authored
commit faea63f7 upstream. Device Ids added for IRZ Automation Teleport SG-10 GSM/GPRS Modem and DekTec DTA Plus VHF/UHF Booster/Attenuator. Signed-off-by:
-
Libor Pechacek authored
commit d14fc1a7 upstream. Alan's commit 335f8514 introduced .carrier_raised function in several drivers. That also means tty_port_block_til_ready can now suspend the process trying to open the serial port when Carrier Detect is low and put it into tty_port.open_wait queue. We need to wake up the process when Carrier Detect goes high and trigger TTY hangup when CD goes low. Some of the devices do not report modem status line changes, or at least we don't understand the status message, so for those we remove .carrier_raised again. Signed-off-by:
Libor Pechacek <lpechacek@suse.cz> Signed-off-by:
-
Jean Delvare authored
commit f790674d upstream. Functions set_fan_min() and set_fan_div() assume that the fan_div values have already been read from the register. The driver currently doesn't initialize them at load time, they are only set when function via686a_update_device() is called. This means that set_fan_min() and set_fan_div() misbehave if, for example, "sensors -s" is called before any monitoring application (e.g. "sensors") is has been run. Fix the problem by always initializing the fan_div values at device bind time. Signed-off-by:
Jean Delvare <khali@linux-fr.org> Acked-by:
Guenter Roeck <guenter.roeck@ericsson.com> Signed-off-by:
-
Karsten Wiese authored
commit cdce2db7 upstream. Fix missing NULL checks in usb_stream_hwdep_poll() and usb_stream_hwdep_ioctl(). Wake up poll waiters before returning from usb_stream_hwdep_ioctl(). Signed-off-by:
Karsten Wiese <fzu@wemgehoertderstaat.de> Signed-off-by:
Takashi Iwai <tiwai@suse.de> Signed-off-by:
-
Greg Kroah-Hartman authored
commit 9c4cf6d9 upstream. This patch adds the device id for the windy31 USB device to the rt73usb driver. Thanks to Ralf Flaxa for reporting this and providing testing and a sample device. Reported-by:
Ralf Flaxa <rf@suse.de> Tested-by:
Ivo van Doorn <IvDoorn@gmail.com> Signed-off-by:
John W. Linville <linville@tuxdriver.com>
-
Alex He authored
commit 05570297 upstream. When ASPM PM Feature is enabled on UMI link, devices that use ISOC stream of data transfer may be exposed to longer latency causing less than optimal per- formance of the device. The longer latencies are normal and are due to link wake time coming out of low power state which happens frequently to save power when the link is not active. The following code will make exception for certain features of ASPM to be by passed and keep the logic normal state only when the ISOC device is connected and active. This change will allow the device to run at optimal performance yet minimize the impact on overall power savings. Signed-off-by:
David Brownell <dbrownell@users.sourceforge.net> Signed-off-by:
-
Márton Németh authored
commit 7571f089 upstream. In the vhci_urb_dequeue() function the TCP connection is checked twice. Each time when the TCP connection is closed the URB is unlinked and given back. Remove the second attempt of unlinking and giving back of the URB completely. This patch fixes the bug described at https://bugzilla.kernel.org/show_bug.cgi?id=24872 . Signed-off-by:
Márton Németh <nm127@freemail.hu> Signed-off-by:
-
- 07 Jan, 2011 16 commits
-
-
Greg Kroah-Hartman authored
-
Oleg Nesterov authored
commit e0a70217 upstream. posix-cpu-timers.c correctly assumes that the dying process does posix_cpu_timers_exit_group() and removes all !CPUCLOCK_PERTHREAD timers from signal->cpu_timers list. But, it also assumes that timer->it.cpu.task is always the group leader, and thus the dead ->task means the dead thread group. This is obviously not true after de_thread() changes the leader. After that almost every posix_cpu_timer_ method has problems. It is not simple to fix this bug correctly. First of all, I think that timer->it.cpu should use struct pid instead of task_struct. Also, the locking should be reworked completely. In particular, tasklist_lock should not be used at all. This all needs a lot of nontrivial and hard-to-test changes. Change __exit_signal() to do posix_cpu_timers_exit_group() when the old leader dies during exec. This is not the fix, just the temporary hack to hide the problem for 2.6.37 and stable. IOW, this is obviously wrong but this is what we currently have anyway: cpu timers do not work after mt exec. In theory this change adds another race. The exiting leader can detach the timers which were attached to the new leader. However, the window between de_thread() and release_task() is small, we can pretend that sys_timer_create() was called before de_thread(). Signed-off-by:
Oleg Nesterov <oleg@redhat.com> Signed-off-by:
Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by:
-
Vlad Yasevich authored
commit 50b5d6ad upstream. ICMP protocol unreachable handling completely disregarded the fact that the user may have locked the socket. It proceeded to destroy the association, even though the user may have held the lock and had a ref on the association. This resulted in the following: Attempt to release alive inet socket f6afcc00 ========================= [ BUG: held lock freed! ] ------------------------- somenu/2672 is freeing memory f6afcc00-f6afcfff, with a lock still held there! (sk_lock-AF_INET){+.+.+.}, at: [<c122098a>] sctp_connect+0x13/0x4c 1 lock held by somenu/2672: #0: (sk_lock-AF_INET){+.+.+.}, at: [<c122098a>] sctp_connect+0x13/0x4c stack backtrace: Pid: 2672, comm: somenu Not tainted 2.6.32-telco #55 Call Trace: [<c1232266>] ? printk+0xf/0x11 [<c1038553>] debug_check_no_locks_freed+0xce/0xff [<c10620b4>] kmem_cache_free+0x21/0x66 [<c1185f25>] __sk_free+0x9d/0xab [<c1185f9c>] sk_free+0x1c/0x1e [<c1216e38>] sctp_association_put+0x32/0x89 [<c1220865>] __sctp_connect+0x36d/0x3f4 [<c122098a>] ? sctp_connect+0x13/0x4c [<c102d073>] ? autoremove_wake_function+0x0/0x33 [<c12209a8>] sctp_connect+0x31/0x4c [<c11d1e80>] inet_dgram_connect+0x4b/0x55 [<c11834fa>] sys_connect+0x54/0x71 [<c103a3a2>] ? lock_release_non_nested+0x88/0x239 [<c1054026>] ? might_fault+0x42/0x7c [<c1054026>] ? might_fault+0x42/0x7c [<c11847ab>] sys_socketcall+0x6d/0x178 [<c10da994>] ? trace_hardirqs_on_thunk+0xc/0x10 [<c1002959>] syscall_call+0x7/0xb This was because the sctp_wait_for_connect() would aqcure the socket lock and then proceed to release the last reference count on the association, thus cause the fully destruction path to finish freeing the socket. The simplest solution is to start a very short timer in case the socket is owned by user. When the timer expires, we can do some verification and be able to do the release properly. Signed-off-by:
Vlad Yasevich <vladislav.yasevich@hp.com> Signed-off-by:
David S. Miller <davem@davemloft.net> Signed-off-by:
-
Martin K. Petersen authored
commit e692cb66 upstream. When stacking devices, a request_queue is not always available. This forced us to have a no_cluster flag in the queue_limits that could be used as a carrier until the request_queue had been set up for a metadevice. There were several problems with that approach. First of all it was up to the stacking device to remember to set queue flag after stacking had completed. Also, the queue flag and the queue limits had to be kept in sync at all times. We got that wrong, which could lead to us issuing commands that went beyond the max scatterlist limit set by the driver. The proper fix is to avoid having two flags for tracking the same thing. We deprecate QUEUE_FLAG_CLUSTER and use the queue limit directly in the block layer merging functions. The queue_limit 'no_cluster' is turned into 'cluster' to avoid double negatives and to ease stacking. Clustering defaults to being enabled as before. The queue flag logic is removed from the stacking function, and explicitly setting the cluster flag is no longer necessary in DM and MD. Reported-by:
Ed Lin <ed.lin@promise.com> Signed-off-by:
Martin K. Petersen <martin.petersen@oracle.com> Acked-by:
Mike Snitzer <snitzer@redhat.com> Signed-off-by:
Jens Axboe <jaxboe@fusionio.com> Signed-off-by:
-
Daniel T Chen authored
commit e03fa055 upstream. Sjoerd Simons reports that, without using position_fix=1, recording experiences overruns. Work around that by applying the LPIB quirk for his hardware. Reported-and-tested-by:
Sjoerd Simons <sjoerd@debian.org> Signed-off-by:
Daniel T Chen <crimsun@ubuntu.com> Signed-off-by:
-
Daniel T Chen authored
commit 9919c761 upstream. BugLink: https://launchpad.net/bugs/530346 The OR has verified that position_fix=1 is necessary to work around errors on his machine. Reported-by: Tom Louwrier Signed-off-by:
-
Mimi Zohar authored
commit 867c2026 upstream. If security_filter_rule_init() doesn't return a rule, then not everything is as fine as the return code implies. This bug only occurs when the LSM (eg. SELinux) is disabled at runtime. Adding an empty LSM rule causes ima_match_rules() to always succeed, ignoring any remaining rules. default IMA TCB policy: # PROC_SUPER_MAGIC dont_measure fsmagic=0x9fa0 # SYSFS_MAGIC dont_measure fsmagic=0x62656572 # DEBUGFS_MAGIC dont_measure fsmagic=0x64626720 # TMPFS_MAGIC dont_measure fsmagic=0x01021994 # SECURITYFS_MAGIC dont_measure fsmagic=0x73636673 < LSM specific rule > dont_measure obj_type=var_log_t measure func=BPRM_CHECK measure func=FILE_MMAP mask=MAY_EXEC measure func=FILE_CHECK mask=MAY_READ uid=0 Thus without the patch, with the boot parameters 'tcb selinux=0', adding the above 'dont_measure obj_type=var_log_t' rule to the default IMA TCB measurement policy, would result in nothing being measured. The patch prevents the default TCB policy from being replaced. Signed-off-by:
Mimi Zohar <zohar@us.ibm.com> Cc: James Morris <jmorris@namei.org> Acked-by:
Serge Hallyn <serge.hallyn@canonical.com> Cc: David Safford <safford@watson.ibm.com> Signed-off-by:
Andrew Morton <akpm@linux-foundation.org> Signed-off-by:
-
Saeed Bishara authored
commit 8333f65e upstream. use mv_xor_slot_cleanup() instead of __mv_xor_slot_cleanup() as the former function aquires the spin lock that needed to protect the drivers data. Signed-off-by:
Saeed Bishara <saeed@marvell.com> Signed-off-by:
Dan Williams <dan.j.williams@intel.com> Signed-off-by:
-
Dan Rosenberg authored
commit d81a12bc upstream. The load_mixer_volumes() function, which can be triggered by unprivileged users via the SOUND_MIXER_SETLEVELS ioctl, is vulnerable to a buffer overflow. Because the provided "name" argument isn't guaranteed to be NULL terminated at the expected 32 bytes, it's possible to overflow past the end of the last element in the mixer_vols array. Further exploitation can result in an arbitrary kernel write (via subsequent calls to load_mixer_volumes()) leading to privilege escalation, or arbitrary kernel reads via get_mixer_levels(). In addition, the strcmp() may leak bytes beyond the mixer_vols array. Signed-off-by:
Dan Rosenberg <drosenberg@vsecurity.com> Signed-off-by:
-
Eduardo Costa authored
commit 56e6417b upstream. This USB ID is for the WUBI-100GW 802.11g Wireless LAN USB Device that uses p54usb. Signed-off-by:
Eduardo Costa <ecosta.tmp@gmail.com> Signed-off-by:
-
Christian Lamparter authored
commit 16cad7fb upstream. This patch adds five more USBIDs to the table. Source: http://www.linuxant.com/pipermail/driverloader/2005q3/002307.html http://wireless.kernel.org/en/users/Drivers/p54/devices (by M. Davis) Signed-off-by:
Christian Lamparter <chunkeey@googlemail.com> Signed-off-by:
-
Vitaly Kuznetsov authored
commit d73a9b30 upstream. Add an unusual_devs entry for the Samsung YP-CP3 MP4 player. User was getting the following errors in dmesg: usb 2-6: reset high speed USB device using ehci_hcd and address 2 usb 2-6: reset high speed USB device using ehci_hcd and address 2 usb 2-6: reset high speed USB device using ehci_hcd and address 2 usb 2-6: USB disconnect, address 2 sd 3:0:0:0: [sdb] Assuming drive cache: write through sdb:<2>ldm_validate_partition_table(): Disk read failed. Dev sdb: unable to read RDB block 0 unable to read partition table Signed-off-by:
Vitaly Kuznetsov <vitty@altlinux.ru> Acked-by:
-
Florian Faber authored
commit 5363cdc3 upstream. Add FTDI PID to identify D.O.Tec devices correctly. Signed-off-by:
Florian Faber <faberman@linuxproaudio.org> Signed-off-by:
-
Thomas Sailer authored
commit ecc1624a upstream. Fabio Battaglia report that he has another cable that works with this driver, so this patch adds its vendor/product ID. Signed-off-by:
Thomas Sailer <t.sailer@alumni.ethz.ch> Signed-off-by:
-
Tavis Ormandy authored
commit 462e635e upstream. The install_special_mapping routine (used, for example, to setup the vdso) skips the security check before insert_vm_struct, allowing a local attacker to bypass the mmap_min_addr security restriction by limiting the available pages for special mappings. bprm_mm_init() also skips the check, and although I don't think this can be used to bypass any restrictions, I don't see any reason not to have the security check. $ uname -m x86_64 $ cat /proc/sys/vm/mmap_min_addr 65536 $ cat install_special_mapping.s section .bss resb BSS_SIZE section .text global _start _start: mov eax, __NR_pause int 0x80 $ nasm -D__NR_pause=29 -DBSS_SIZE=0xfffed000 -f elf -o install_special_mapping.o install_special_mapping.s $ ld -m elf_i386 -Ttext=0x10000 -Tbss=0x11000 -o install_special_mapping install_special_mapping.o $ ./install_special_mapping & [1] 14303 $ cat /proc/14303/maps 0000f000-00010000 r-xp 00000000 00:00 0 [vdso] 00010000-00011000 r-xp 00001000 00:19 2453665 /home/taviso/install_special_mapping 00011000-ffffe000 rwxp 00000000 00:00 0 [stack] It's worth noting that Red Hat are shipping with mmap_min_addr set to 4096. Signed-off-by:
Tavis Ormandy <taviso@google.com> Acked-by:
Kees Cook <kees@ubuntu.com> Acked-by:
Robert Swiecki <swiecki@google.com> [ Changed to not drop the error code - akpm ] Reviewed-by:
James Morris <jmorris@namei.org> Signed-off-by:
-
Krishna Kumar authored
commit 068a2de5 upstream. Non-GSO code drops dst entry for performance reasons, but the same is missing for GSO code. Drop dst while cache-hot for GSO case too. Signed-off-by:
Krishna Kumar <krkumar2@in.ibm.com> Acked-by:
Eric Dumazet <eric.dumazet@gmail.com> Signed-off-by:
Andrey Vagin <avagin@openvz.org> Signed-off-by:
-
