diff options
Diffstat (limited to 'debian/patches')
3 files changed, 0 insertions, 99 deletions
diff --git a/debian/patches/bugfix/all/net_sched-let-qdisc_put-accept-null-pointer.patch b/debian/patches/bugfix/all/net_sched-let-qdisc_put-accept-null-pointer.patch deleted file mode 100644 index 3f259ac4c..000000000 --- a/debian/patches/bugfix/all/net_sched-let-qdisc_put-accept-null-pointer.patch +++ /dev/null @@ -1,50 +0,0 @@ -From: Diederik de Haas <didi.debian@cknow.org> -Date: Wed, 22 Jun 2022 11:44:05 +0200 -Subject: net_sched: let qdisc_put() accept NULL pointer -Bug-Debian: https://bugs.debian.org/1013299 - -In commit 92833e8b5db6c209e9311ac8c6a44d3bf1856659 titled -"net: sched: rename qdisc_destroy() to qdisc_put()" part of the -functionality of qdisc_destroy() was moved into a (for linux-4.19.y) -new function qdisk_put(), and the previous calls to qdisc_destroy() -were changed to qdisk_put(). -This made it similar to f.e. 5.10.y and current master. - -There was one part of qdisc_destroy() not moved over to qdisc_put() and -that was the check for a NULL value, causing oopses. -(See upstream commit: 6efb971ba8edfbd80b666f29de12882852f095ae) -This patch fixes that. - -Fixes: 92833e8b5db6c209e9311ac8c6a44d3bf1856659 -Reported-by: Thorsten Glaser <tg@mirbsd.de> -Link: https://bugs.debian.org/1013299 ---- - net/sched/sch_generic.c | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -diff --git a/net/sched/sch_generic.c b/net/sched/sch_generic.c -index 7c1b1eff84f4..cad2586c3473 100644 ---- a/net/sched/sch_generic.c -+++ b/net/sched/sch_generic.c -@@ -970,8 +970,6 @@ static void qdisc_destroy(struct Qdisc *qdisc) - const struct Qdisc_ops *ops; - struct sk_buff *skb, *tmp; - -- if (!qdisc) -- return; - ops = qdisc->ops; - - #ifdef CONFIG_NET_SCHED -@@ -1003,6 +1001,9 @@ static void qdisc_destroy(struct Qdisc *qdisc) - - void qdisc_put(struct Qdisc *qdisc) - { -+ if (!qdisc) -+ return; -+ - if (qdisc->flags & TCQ_F_BUILTIN || - !refcount_dec_and_test(&qdisc->refcnt)) - return; --- -2.36.1 - diff --git a/debian/patches/bugfix/all/swiotlb-skip-swiotlb_bounce-when-orig_addr-is-zero.patch b/debian/patches/bugfix/all/swiotlb-skip-swiotlb_bounce-when-orig_addr-is-zero.patch deleted file mode 100644 index df77ca0b2..000000000 --- a/debian/patches/bugfix/all/swiotlb-skip-swiotlb_bounce-when-orig_addr-is-zero.patch +++ /dev/null @@ -1,47 +0,0 @@ -From: Liu Shixin <liushixin2@huawei.com> -Date: Thu, 30 Jun 2022 19:33:31 +0800 -Subject: swiotlb: skip swiotlb_bounce when orig_addr is zero -Origin: https://lore.kernel.org/stable/20220630113331.1544886-1-liushixin2@huawei.com/ - -After patch ddbd89deb7d3 ("swiotlb: fix info leak with DMA_FROM_DEVICE"), -swiotlb_bounce will be called in swiotlb_tbl_map_single unconditionally. -This requires that the physical address must be valid, which is not always -true on stable-4.19 or earlier version. -On stable-4.19, swiotlb_alloc_buffer will call swiotlb_tbl_map_single with -orig_addr equal to zero, which cause such a panic: - -Unable to handle kernel paging request at virtual address ffffb77a40000000 -... -pc : __memcpy+0x100/0x180 -lr : swiotlb_bounce+0x74/0x88 -... -Call trace: - __memcpy+0x100/0x180 - swiotlb_tbl_map_single+0x2c8/0x338 - swiotlb_alloc+0xb4/0x198 - __dma_alloc+0x84/0x1d8 - ... - -On stable-4.9 and stable-4.14, swiotlb_alloc_coherent wille call map_single -with orig_addr equal to zero, which can cause same panic. - -Fix this by skipping swiotlb_bounce when orig_addr is zero. - -Fixes: ddbd89deb7d3 ("swiotlb: fix info leak with DMA_FROM_DEVICE") -Signed-off-by: Liu Shixin <liushixin2@huawei.com> ---- - kernel/dma/swiotlb.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - ---- a/kernel/dma/swiotlb.c -+++ b/kernel/dma/swiotlb.c -@@ -594,7 +594,8 @@ found: - * unconditional bounce may prevent leaking swiotlb content (i.e. - * kernel memory) to user-space. - */ -- swiotlb_bounce(orig_addr, tlb_addr, size, DMA_TO_DEVICE); -+ if (orig_addr) -+ swiotlb_bounce(orig_addr, tlb_addr, size, DMA_TO_DEVICE); - return tlb_addr; - } - diff --git a/debian/patches/series b/debian/patches/series index 9563bf8b8..62c6dfe2b 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -106,8 +106,6 @@ bugfix/all/USB-drop-HDC_LOCAL_MEM-flag.patch bugfix/all/usb-dont-create-dma-pools-for-HCD.patch bugfix/all/usb-add-a-hcd_uses_dma-helper.patch bugfix/all/usb-hcd-Fix-a-NULL-vs-IS_ERR-bug-in-usb_hcd_setup_lo.patch -bugfix/all/net_sched-let-qdisc_put-accept-null-pointer.patch -bugfix/all/swiotlb-skip-swiotlb_bounce-when-orig_addr-is-zero.patch # Miscellaneous features features/all/e1000e-Add-support-for-Comet-Lake.patch |