Mailinglist Archive: opensuse-commit (1828 mails)
| < Previous | Next > |
commit kernel-source
- From: root@xxxxxxxxxxxxxxx (h_root)
- Date: Tue, 30 Sep 2008 17:55:43 +0200
- Message-id: <20080930155543.D9B4367816D@xxxxxxxxxxxxxxx>
Hello community,
here is the log from the commit of package kernel-source
checked in at Tue Sep 30 17:55:43 CEST 2008.
--------
--- kernel-source/kernel-debug.changes 2008-09-29 23:42:34.000000000 +0200
+++ /mounts/work_src_done/STABLE/kernel-source/kernel-debug.changes
2008-09-30 17:25:52.000000000 +0200
@@ -1,0 +2,10 @@
+Tue Sep 30 17:17:15 CEST 2008 - jkosina@xxxxxxx
+
+- additional patches to track down and fix e1000e NVM corruption
+
+- patches.suse/e1000e_ioremap_sanity_check: ioremap sanity check
+ to catch mapping requests exceeding the BAR sizes (bnc#425480).
+- patches.suse/e1000e_write_protect_ichx_nvm: e1000e: write
+ protect ICHx NVM to prevent malicious write/erase (bnc#425480).
+
+-------------------------------------------------------------------
kernel-default.changes: same change
kernel-dummy.changes: same change
kernel-kdump.changes: same change
kernel-pae.changes: same change
kernel-ppc64.changes: same change
kernel-ps3.changes: same change
kernel-s390.changes: same change
kernel-source.changes: same change
kernel-syms.changes: same change
kernel-trace.changes: same change
kernel-vanilla.changes: same change
kernel-xen.changes: same change
calling whatdependson for head-i586
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ kernel-debug.spec ++++++
--- /var/tmp/diff_new_pack.Xg9661/_old 2008-09-30 17:49:57.000000000 +0200
+++ /var/tmp/diff_new_pack.Xg9661/_new 2008-09-30 17:49:57.000000000 +0200
@@ -58,7 +58,7 @@
Name: kernel-debug
Summary: A Debug Version of the Kernel
Version: 2.6.27
-Release: 11
+Release: 12
License: GPL v2 only
Group: System/Kernel
Url: http://www.kernel.org/
@@ -217,6 +217,7 @@
Source Timestamp: 2008-09-29 23:39:54 +0200
+CVS Date: 2008.09.29.21.50.20
%prep
if ! [ -e %_sourcedir/linux-2.6.26.tar.bz2 ]; then
@@ -684,6 +685,7 @@
Source Timestamp: 2008-09-29 23:39:54 +0200
+CVS Date: 2008.09.29.21.50.20
%pre -n kernel-debug-base -f pre-base.sh
@@ -715,6 +717,7 @@
Source Timestamp: 2008-09-29 23:39:54 +0200
+CVS Date: 2008.09.29.21.50.20
%post -n kernel-debug-extra -f post-extra.sh
%if %split_packages
@@ -723,6 +726,12 @@
%defattr(-, root, root)
%endif
%changelog
+* Tue Sep 30 2008 jkosina@xxxxxxx
+- additional patches to track down and fix e1000e NVM corruption
+- patches.suse/e1000e_ioremap_sanity_check: ioremap sanity check
+ to catch mapping requests exceeding the BAR sizes (bnc#425480).
+- patches.suse/e1000e_write_protect_ichx_nvm: e1000e: write
+ protect ICHx NVM to prevent malicious write/erase (bnc#425480).
* Tue Sep 30 2008 agruen@xxxxxxx
- Update config files after Swap-over-NFS backout.
* Tue Sep 30 2008 agruen@xxxxxxx
kernel-default.spec: same change
++++++ kernel-dummy.spec ++++++
--- /var/tmp/diff_new_pack.Xg9661/_old 2008-09-30 17:49:58.000000000 +0200
+++ /var/tmp/diff_new_pack.Xg9661/_new 2008-09-30 17:49:58.000000000 +0200
@@ -23,7 +23,7 @@
Name: kernel-dummy
Summary: Internal dummy package for synchronizing release numbers
Version: 2.6.27
-Release: 11
+Release: 12
License: GPL v2 only
Group: System/Kernel
AutoReqProv: off
@@ -37,6 +37,7 @@
Andreas Gruenbacher <agruen@xxxxxxx>
Source Timestamp: 2008-09-29 23:39:54 +0200
+CVS Date: 2008.09.29.21.50.20
%install
rm -rf %buildroot
@@ -47,6 +48,12 @@
%defattr(-, root, root)
/etc/dummy
%changelog
+* Tue Sep 30 2008 jkosina@xxxxxxx
+- additional patches to track down and fix e1000e NVM corruption
+- patches.suse/e1000e_ioremap_sanity_check: ioremap sanity check
+ to catch mapping requests exceeding the BAR sizes (bnc#425480).
+- patches.suse/e1000e_write_protect_ichx_nvm: e1000e: write
+ protect ICHx NVM to prevent malicious write/erase (bnc#425480).
* Tue Sep 30 2008 agruen@xxxxxxx
- Update config files after Swap-over-NFS backout.
* Tue Sep 30 2008 agruen@xxxxxxx
++++++ kernel-kdump.spec ++++++
--- /var/tmp/diff_new_pack.Xg9661/_old 2008-09-30 17:49:58.000000000 +0200
+++ /var/tmp/diff_new_pack.Xg9661/_new 2008-09-30 17:49:58.000000000 +0200
@@ -58,7 +58,7 @@
Name: kernel-kdump
Summary: kernel for kdump
Version: 2.6.27
-Release: 11
+Release: 12
License: GPL v2 only
Group: System/Kernel
Url: http://www.kernel.org/
@@ -216,6 +216,7 @@
Source Timestamp: 2008-09-29 23:39:54 +0200
+CVS Date: 2008.09.29.21.50.20
%prep
if ! [ -e %_sourcedir/linux-2.6.26.tar.bz2 ]; then
@@ -685,6 +686,7 @@
Source Timestamp: 2008-09-29 23:39:54 +0200
+CVS Date: 2008.09.29.21.50.20
%pre -n kernel-kdump-base -f pre-base.sh
@@ -718,6 +720,7 @@
Source Timestamp: 2008-09-29 23:39:54 +0200
+CVS Date: 2008.09.29.21.50.20
%post -n kernel-kdump-extra -f post-extra.sh
%if %split_packages
@@ -726,6 +729,12 @@
%defattr(-, root, root)
%endif
%changelog
+* Tue Sep 30 2008 jkosina@xxxxxxx
+- additional patches to track down and fix e1000e NVM corruption
+- patches.suse/e1000e_ioremap_sanity_check: ioremap sanity check
+ to catch mapping requests exceeding the BAR sizes (bnc#425480).
+- patches.suse/e1000e_write_protect_ichx_nvm: e1000e: write
+ protect ICHx NVM to prevent malicious write/erase (bnc#425480).
* Tue Sep 30 2008 agruen@xxxxxxx
- Update config files after Swap-over-NFS backout.
* Tue Sep 30 2008 agruen@xxxxxxx
kernel-pae.spec: same change
++++++ kernel-ppc64.spec ++++++
--- /var/tmp/diff_new_pack.Xg9661/_old 2008-09-30 17:49:59.000000000 +0200
+++ /var/tmp/diff_new_pack.Xg9661/_new 2008-09-30 17:49:59.000000000 +0200
@@ -58,7 +58,7 @@
Name: kernel-ppc64
Summary: Kernel for ppc64 Systems
Version: 2.6.27
-Release: 11
+Release: 12
License: GPL v2 only
Group: System/Kernel
Url: http://www.kernel.org/
@@ -229,6 +229,7 @@
see /usr/src/linux/CREDITS for more details.
Source Timestamp: 2008-09-29 23:39:54 +0200
+CVS Date: 2008.09.29.21.50.20
%prep
if ! [ -e %_sourcedir/linux-2.6.26.tar.bz2 ]; then
@@ -709,6 +710,7 @@
see /usr/src/linux/CREDITS for more details.
Source Timestamp: 2008-09-29 23:39:54 +0200
+CVS Date: 2008.09.29.21.50.20
%pre -n kernel-ppc64-base -f pre-base.sh
@@ -753,6 +755,7 @@
see /usr/src/linux/CREDITS for more details.
Source Timestamp: 2008-09-29 23:39:54 +0200
+CVS Date: 2008.09.29.21.50.20
%post -n kernel-ppc64-extra -f post-extra.sh
%if %split_packages
@@ -761,6 +764,12 @@
%defattr(-, root, root)
%endif
%changelog
+* Tue Sep 30 2008 jkosina@xxxxxxx
+- additional patches to track down and fix e1000e NVM corruption
+- patches.suse/e1000e_ioremap_sanity_check: ioremap sanity check
+ to catch mapping requests exceeding the BAR sizes (bnc#425480).
+- patches.suse/e1000e_write_protect_ichx_nvm: e1000e: write
+ protect ICHx NVM to prevent malicious write/erase (bnc#425480).
* Tue Sep 30 2008 agruen@xxxxxxx
- Update config files after Swap-over-NFS backout.
* Tue Sep 30 2008 agruen@xxxxxxx
++++++ kernel-ps3.spec ++++++
--- /var/tmp/diff_new_pack.Xg9661/_old 2008-09-30 17:49:59.000000000 +0200
+++ /var/tmp/diff_new_pack.Xg9661/_new 2008-09-30 17:49:59.000000000 +0200
@@ -58,7 +58,7 @@
Name: kernel-ps3
Summary: kernel for ps3 bootloader
Version: 2.6.27
-Release: 11
+Release: 12
License: GPL v2 only
Group: System/Kernel
Url: http://www.kernel.org/
@@ -215,6 +215,7 @@
Source Timestamp: 2008-09-29 23:39:54 +0200
+CVS Date: 2008.09.29.21.50.20
%prep
if ! [ -e %_sourcedir/linux-2.6.26.tar.bz2 ]; then
@@ -681,6 +682,7 @@
Source Timestamp: 2008-09-29 23:39:54 +0200
+CVS Date: 2008.09.29.21.50.20
%pre -n kernel-ps3-base -f pre-base.sh
@@ -711,6 +713,7 @@
Source Timestamp: 2008-09-29 23:39:54 +0200
+CVS Date: 2008.09.29.21.50.20
%post -n kernel-ps3-extra -f post-extra.sh
%if %split_packages
@@ -719,6 +722,12 @@
%defattr(-, root, root)
%endif
%changelog
+* Tue Sep 30 2008 jkosina@xxxxxxx
+- additional patches to track down and fix e1000e NVM corruption
+- patches.suse/e1000e_ioremap_sanity_check: ioremap sanity check
+ to catch mapping requests exceeding the BAR sizes (bnc#425480).
+- patches.suse/e1000e_write_protect_ichx_nvm: e1000e: write
+ protect ICHx NVM to prevent malicious write/erase (bnc#425480).
* Tue Sep 30 2008 agruen@xxxxxxx
- Update config files after Swap-over-NFS backout.
* Tue Sep 30 2008 agruen@xxxxxxx
kernel-s390.spec: same change
++++++ kernel-source.spec ++++++
--- /var/tmp/diff_new_pack.Xg9661/_old 2008-09-30 17:49:59.000000000 +0200
+++ /var/tmp/diff_new_pack.Xg9661/_new 2008-09-30 17:49:59.000000000 +0200
@@ -30,7 +30,7 @@
Name: kernel-source
Summary: The Linux Kernel Sources
Version: 2.6.27
-Release: 11
+Release: 12
License: GPL v2 only
Group: Development/Sources
AutoReqProv: off
@@ -121,6 +121,7 @@
see /usr/src/linux/CREDITS for more details.
Source Timestamp: 2008-09-29 23:39:54 +0200
+CVS Date: 2008.09.29.21.50.20
%prep
if ! [ -e %_sourcedir/linux-2.6.26.tar.bz2 ]; then
@@ -318,6 +319,7 @@
see /usr/src/linux/CREDITS for more details.
Source Timestamp: 2008-09-29 23:39:54 +0200
+CVS Date: 2008.09.29.21.50.20
%post -n kernel-source-rt -f source-post-rt.sh
%if %with_rt
@@ -325,6 +327,12 @@
%files -n kernel-source-rt -f kernel-source.files
%endif
%changelog
+* Tue Sep 30 2008 jkosina@xxxxxxx
+- additional patches to track down and fix e1000e NVM corruption
+- patches.suse/e1000e_ioremap_sanity_check: ioremap sanity check
+ to catch mapping requests exceeding the BAR sizes (bnc#425480).
+- patches.suse/e1000e_write_protect_ichx_nvm: e1000e: write
+ protect ICHx NVM to prevent malicious write/erase (bnc#425480).
* Tue Sep 30 2008 agruen@xxxxxxx
- Update config files after Swap-over-NFS backout.
* Tue Sep 30 2008 agruen@xxxxxxx
++++++ kernel-syms.spec ++++++
--- /var/tmp/diff_new_pack.Xg9661/_old 2008-09-30 17:50:00.000000000 +0200
+++ /var/tmp/diff_new_pack.Xg9661/_new 2008-09-30 17:50:00.000000000 +0200
@@ -29,7 +29,7 @@
Name: kernel-syms
Summary: Kernel Symbol Versions (modversions)
Version: 2.6.27
-Release: 11
+Release: 12
License: GPL v2 only
Group: Development/Sources
AutoReqProv: off
@@ -100,6 +100,7 @@
see /usr/src/linux/CREDITS for more details.
Source Timestamp: 2008-09-29 23:39:54 +0200
+CVS Date: 2008.09.29.21.50.20
%prep
echo "Architecture symbol(s):" %symbols
@@ -151,6 +152,12 @@
/boot/symsets-*-*.tar.gz
/lib/modules/*/build
%changelog
+* Tue Sep 30 2008 jkosina@xxxxxxx
+- additional patches to track down and fix e1000e NVM corruption
+- patches.suse/e1000e_ioremap_sanity_check: ioremap sanity check
+ to catch mapping requests exceeding the BAR sizes (bnc#425480).
+- patches.suse/e1000e_write_protect_ichx_nvm: e1000e: write
+ protect ICHx NVM to prevent malicious write/erase (bnc#425480).
* Tue Sep 30 2008 agruen@xxxxxxx
- Update config files after Swap-over-NFS backout.
* Tue Sep 30 2008 agruen@xxxxxxx
++++++ kernel-trace.spec ++++++
--- /var/tmp/diff_new_pack.Xg9661/_old 2008-09-30 17:50:00.000000000 +0200
+++ /var/tmp/diff_new_pack.Xg9661/_new 2008-09-30 17:50:00.000000000 +0200
@@ -58,7 +58,7 @@
Name: kernel-trace
Summary: The Realtime Linux Kernel
Version: 2.6.27
-Release: 4
+Release: 5
License: GPL v2 only
Group: System/Kernel
Url: http://www.kernel.org/
@@ -222,6 +222,7 @@
see /usr/src/linux/CREDITS for more details.
Source Timestamp: 2008-09-29 23:39:54 +0200
+CVS Date: 2008.09.29.21.50.20
%prep
if ! [ -e %_sourcedir/linux-2.6.26.tar.bz2 ]; then
@@ -692,6 +693,7 @@
see /usr/src/linux/CREDITS for more details.
Source Timestamp: 2008-09-29 23:39:54 +0200
+CVS Date: 2008.09.29.21.50.20
%pre -n kernel-trace-base -f pre-base.sh
@@ -726,6 +728,7 @@
see /usr/src/linux/CREDITS for more details.
Source Timestamp: 2008-09-29 23:39:54 +0200
+CVS Date: 2008.09.29.21.50.20
%post -n kernel-trace-extra -f post-extra.sh
%if %split_packages
@@ -734,6 +737,12 @@
%defattr(-, root, root)
%endif
%changelog
+* Tue Sep 30 2008 jkosina@xxxxxxx
+- additional patches to track down and fix e1000e NVM corruption
+- patches.suse/e1000e_ioremap_sanity_check: ioremap sanity check
+ to catch mapping requests exceeding the BAR sizes (bnc#425480).
+- patches.suse/e1000e_write_protect_ichx_nvm: e1000e: write
+ protect ICHx NVM to prevent malicious write/erase (bnc#425480).
* Tue Sep 30 2008 agruen@xxxxxxx
- Update config files after Swap-over-NFS backout.
* Tue Sep 30 2008 agruen@xxxxxxx
++++++ kernel-vanilla.spec ++++++
--- /var/tmp/diff_new_pack.Xg9661/_old 2008-09-30 17:50:00.000000000 +0200
+++ /var/tmp/diff_new_pack.Xg9661/_new 2008-09-30 17:50:00.000000000 +0200
@@ -58,7 +58,7 @@
Name: kernel-vanilla
Summary: The Standard Kernel - without any SUSE patches
Version: 2.6.27
-Release: 11
+Release: 12
License: GPL v2 only
Group: System/Kernel
Url: http://www.kernel.org/
@@ -227,6 +227,7 @@
Source Timestamp: 2008-09-29 23:39:54 +0200
+CVS Date: 2008.09.29.21.50.20
%prep
if ! [ -e %_sourcedir/linux-2.6.26.tar.bz2 ]; then
@@ -691,6 +692,7 @@
Source Timestamp: 2008-09-29 23:39:54 +0200
+CVS Date: 2008.09.29.21.50.20
%pre -n kernel-vanilla-base -f pre-base.sh
@@ -719,6 +721,7 @@
Source Timestamp: 2008-09-29 23:39:54 +0200
+CVS Date: 2008.09.29.21.50.20
%post -n kernel-vanilla-extra -f post-extra.sh
%if %split_packages
@@ -727,6 +730,12 @@
%defattr(-, root, root)
%endif
%changelog
+* Tue Sep 30 2008 jkosina@xxxxxxx
+- additional patches to track down and fix e1000e NVM corruption
+- patches.suse/e1000e_ioremap_sanity_check: ioremap sanity check
+ to catch mapping requests exceeding the BAR sizes (bnc#425480).
+- patches.suse/e1000e_write_protect_ichx_nvm: e1000e: write
+ protect ICHx NVM to prevent malicious write/erase (bnc#425480).
* Tue Sep 30 2008 agruen@xxxxxxx
- Update config files after Swap-over-NFS backout.
* Tue Sep 30 2008 agruen@xxxxxxx
++++++ kernel-xen.spec ++++++
--- /var/tmp/diff_new_pack.Xg9661/_old 2008-09-30 17:50:01.000000000 +0200
+++ /var/tmp/diff_new_pack.Xg9661/_new 2008-09-30 17:50:01.000000000 +0200
@@ -58,7 +58,7 @@
Name: kernel-xen
Summary: The Xen Kernel
Version: 2.6.27
-Release: 9
+Release: 10
License: GPL v2 only
Group: System/Kernel
Url: http://www.kernel.org/
@@ -216,6 +216,7 @@
Source Timestamp: 2008-09-29 23:39:54 +0200
+CVS Date: 2008.09.29.21.50.20
%prep
if ! [ -e %_sourcedir/linux-2.6.26.tar.bz2 ]; then
@@ -685,6 +686,7 @@
Source Timestamp: 2008-09-29 23:39:54 +0200
+CVS Date: 2008.09.29.21.50.20
%pre -n kernel-xen-base -f pre-base.sh
@@ -718,6 +720,7 @@
Source Timestamp: 2008-09-29 23:39:54 +0200
+CVS Date: 2008.09.29.21.50.20
%post -n kernel-xen-extra -f post-extra.sh
%if %split_packages
@@ -726,6 +729,12 @@
%defattr(-, root, root)
%endif
%changelog
+* Tue Sep 30 2008 jkosina@xxxxxxx
+- additional patches to track down and fix e1000e NVM corruption
+- patches.suse/e1000e_ioremap_sanity_check: ioremap sanity check
+ to catch mapping requests exceeding the BAR sizes (bnc#425480).
+- patches.suse/e1000e_write_protect_ichx_nvm: e1000e: write
+ protect ICHx NVM to prevent malicious write/erase (bnc#425480).
* Tue Sep 30 2008 agruen@xxxxxxx
- Update config files after Swap-over-NFS backout.
* Tue Sep 30 2008 agruen@xxxxxxx
++++++ build-source-timestamp ++++++
--- kernel-source/build-source-timestamp 2008-09-29 23:42:34.000000000
+0200
+++ /mounts/work_src_done/STABLE/kernel-source/build-source-timestamp
2008-09-30 17:25:49.000000000 +0200
@@ -1 +1,2 @@
2008-09-29 23:39:54 +0200
+CVS Date: 2008.09.29.21.50.20
++++++ config.tar.bz2 ++++++
++++++ kabi.tar.bz2 ++++++
++++++ needed_space_in_mb ++++++
--- kernel-source/needed_space_in_mb 2008-09-30 00:23:34.000000000 +0200
+++ /mounts/work_src_done/STABLE/kernel-source/needed_space_in_mb
2008-09-30 17:26:40.000000000 +0200
@@ -1 +1 @@
-6000
+6144
++++++ patches.addon.tar.bz2 ++++++
++++++ patches.apparmor.tar.bz2 ++++++
++++++ patches.arch.tar.bz2 ++++++
++++++ patches.drivers.tar.bz2 ++++++
++++++ patches.fixes.tar.bz2 ++++++
++++++ patches.kernel.org.tar.bz2 ++++++
kernel-source/patches.kernel.org.tar.bz2
/mounts/work_src_done/STABLE/kernel-source/patches.kernel.org.tar.bz2 differ:
byte 11, line 1
++++++ patches.rpmify.tar.bz2 ++++++
++++++ patches.rt.tar.bz2 ++++++
++++++ patches.suse.tar.bz2 ++++++
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn
--exclude=.svnignore old/patches.suse/e1000e_ioremap_sanity_check
new/patches.suse/e1000e_ioremap_sanity_check
--- old/patches.suse/e1000e_ioremap_sanity_check 1970-01-01
01:00:00.000000000 +0100
+++ new/patches.suse/e1000e_ioremap_sanity_check 2008-09-30
17:05:33.000000000 +0200
@@ -0,0 +1,88 @@
+From: Suresh Siddha <suresh.b.siddha@xxxxxxxxx>
+To: <jbarnes@xxxxxxxxxxxxxxxx>, <mingo@xxxxxxx>, <tglx@xxxxxxxxxxxxx>,
<hpa@xxxxxxxxx>, <torvalds@xxxxxxxxxxxxxxxxxxxx>, <akpm@xxxxxxxxxxxxxxxxxxxx>
+Cc: <arjan@xxxxxxxxxxxxxxx>, <linux-kernel@xxxxxxxxxxxxxxx>
+Subject: [patch] ioremap sanity check to catch mapping requests exceeding the
BAR sizes
+References: bnc#425480
+
+Go through the iomem resource tree to check if any of the ioremap() requests
+span more than any slot in the iomem resource tree and do a WARN_ON() if we hit
+this check.
+
+This will raise a red-flag, if some driver is mapping more than what
+is needed. And hopefully identify possible corruptions much earlier.
+
+Signed-off-by: Suresh Siddha <suresh.b.siddha@xxxxxxxxx>
+Acked-by: Jiri Kosina <jkosina@xxxxxxx>
+---
+
+diff --git a/arch/x86/mm/ioremap.c b/arch/x86/mm/ioremap.c
+index 7955a5a..c0d2c3e 100644
+--- a/arch/x86/mm/ioremap.c
++++ b/arch/x86/mm/ioremap.c
+@@ -169,6 +169,12 @@ static void __iomem *__ioremap_caller(resource_size_t
phys_addr,
+ return (__force void __iomem *)phys_to_virt(phys_addr);
+
+ /*
++ * Check if the request spans more than any BAR in the iomem resource
++ * tree.
++ */
++ WARN_ON(iomem_map_sanity_check(phys_addr, size));
++
++ /*
+ * Don't allow anybody to remap normal RAM that we're using..
+ */
+ for (pfn = phys_addr >> PAGE_SHIFT;
+diff --git a/include/linux/ioport.h b/include/linux/ioport.h
+index ee9bcc6..e38b6aa 100644
+--- a/include/linux/ioport.h
++++ b/include/linux/ioport.h
+@@ -169,6 +169,7 @@ extern struct resource * __devm_request_region(struct
device *dev,
+
+ extern void __devm_release_region(struct device *dev, struct resource *parent,
+ resource_size_t start, resource_size_t n);
++extern int iomem_map_sanity_check(resource_size_t addr, unsigned long size);
+
+ #endif /* __ASSEMBLY__ */
+ #endif /* _LINUX_IOPORT_H */
+diff --git a/kernel/resource.c b/kernel/resource.c
+index fc59dcc..d582db3 100644
+--- a/kernel/resource.c
++++ b/kernel/resource.c
+@@ -827,3 +827,36 @@ static int __init reserve_setup(char *str)
+ }
+
+ __setup("reserve=", reserve_setup);
++
++/*
++ * Check if the requested addr and size spans more than any slot in the
++ * iomem resource tree.
++ */
++int iomem_map_sanity_check(resource_size_t addr, unsigned long size)
++{
++ struct resource *p = &iomem_resource;
++ int err = 0;
++ loff_t l;
++
++ read_lock(&resource_lock);
++ for (p = p->child; p ; p = r_next(NULL, p, &l)) {
++ /*
++ * We can probably skip the resources with out
++ * IORESOURCE_IO attribute?
++ */
++ if (p->start >= addr + size)
++ continue;
++ if (p->end < addr)
++ continue;
++ if (p->start <= addr && (p->end >= addr + size - 1))
++ continue;
++ printk(KERN_WARNING "resource map sanity check conflict "
++ " 0x%llx 0x%llx 0x%llx 0x%llx %s\n",
++ addr, addr + size - 1, p->start, p->end, p->name);
++ err = -1;
++ break;
++ }
++ read_unlock(&resource_lock);
++
++ return err;
++}
+
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn
--exclude=.svnignore old/patches.suse/e1000e_write_protect_ichx_nvm
new/patches.suse/e1000e_write_protect_ichx_nvm
--- old/patches.suse/e1000e_write_protect_ichx_nvm 1970-01-01
01:00:00.000000000 +0100
+++ new/patches.suse/e1000e_write_protect_ichx_nvm 2008-09-30
17:05:49.000000000 +0200
@@ -0,0 +1,169 @@
+Subject: e1000e: write protect ICHx NVM to prevent malicious write/erase
+From: Bruce Allan <bruce.w.allan@xxxxxxxxx>
+References: bnc#425480
+
+Set the hardware to ignore all write/erase cycles to the GbE region in
+the ICHx NVM. This feature can be disabled by the WriteProtectNVM module
+parameter (enabled by default) though that is not recommended.
+
+Signed-off-by: Bruce Allan <bruce.w.allan@xxxxxxxxx>
+Signed-off-by: Jesse Brandeburg <jesse.brandeburg@xxxxxxxxx>
+Acked-by: Jiri Kosina <jkosina@xxxxxxx>
+---
+
+ drivers/net/e1000e/e1000.h | 2 +
+ drivers/net/e1000e/ethtool.c | 3 ++
+ drivers/net/e1000e/ich8lan.c | 46
+++++++++++++++++++++++++++++++++++++++++++
+ drivers/net/e1000e/param.c | 30 ++++++++++++++++++++++++++++
+ 4 files changed, 81 insertions(+)
+
+--- linux-2.6.26.orig/drivers/net/e1000e/e1000.h
++++ linux-2.6.26/drivers/net/e1000e/e1000.h
+@@ -323,6 +323,7 @@ struct e1000_info {
+ #define FLAG_HAS_CTRLEXT_ON_LOAD (1 << 5)
+ #define FLAG_HAS_SWSM_ON_LOAD (1 << 6)
+ #define FLAG_HAS_JUMBO_FRAMES (1 << 7)
++#define FLAG_READ_ONLY_NVM (1 << 8)
+ #define FLAG_IS_ICH (1 << 9)
+ #define FLAG_HAS_MSIX (1 << 10)
+ #define FLAG_HAS_SMART_POWER_DOWN (1 << 11)
+@@ -408,6 +409,7 @@ extern bool e1000e_enable_mng_pass_thru(
+ extern bool e1000e_get_laa_state_82571(struct e1000_hw *hw);
+ extern void e1000e_set_laa_state_82571(struct e1000_hw *hw, bool state);
+
++extern void e1000e_write_protect_nvm_ich8lan(struct e1000_hw *hw, bool
enable);
+ extern void e1000e_set_kmrn_lock_loss_workaround_ich8lan(struct e1000_hw *hw,
+ bool state);
+ extern void e1000e_igp3_phy_powerdown_workaround_ich8lan(struct e1000_hw *hw);
+--- linux-2.6.26.orig/drivers/net/e1000e/ethtool.c
++++ linux-2.6.26/drivers/net/e1000e/ethtool.c
+@@ -533,6 +533,9 @@ static int e1000_set_eeprom(struct net_d
+ if (eeprom->magic != (adapter->pdev->vendor | (adapter->pdev->device <<
16)))
+ return -EFAULT;
+
++ if (adapter->flags & FLAG_READ_ONLY_NVM)
++ return -EINVAL;
++
+ max_len = hw->nvm.word_size * 2;
+
+ first_word = eeprom->offset >> 1;
+--- linux-2.6.26.orig/drivers/net/e1000e/ich8lan.c
++++ linux-2.6.26/drivers/net/e1000e/ich8lan.c
+@@ -60,6 +60,7 @@
+ #define ICH_FLASH_HSFCTL 0x0006
+ #define ICH_FLASH_FADDR 0x0008
+ #define ICH_FLASH_FDATA0 0x0010
++#define ICH_FLASH_PR0 0x0074
+
+ #define ICH_FLASH_READ_COMMAND_TIMEOUT 500
+ #define ICH_FLASH_WRITE_COMMAND_TIMEOUT 500
+@@ -152,6 +153,19 @@ union ich8_hws_flash_regacc {
+ u16 regval;
+ };
+
++/* ICH Flash Protected Region */
++union ich8_flash_protected_range {
++ struct ich8_pr {
++ u32 base:13; /* 0:12 Protected Range Base */
++ u32 reserved1:2; /* 13:14 Reserved */
++ u32 rpe:1; /* 15 Read Protection Enable */
++ u32 limit:13; /* 16:28 Protected Range Limit */
++ u32 reserved2:2; /* 29:30 Reserved */
++ u32 wpe:1; /* 31 Write Protection Enable */
++ } range;
++ u32 regval;
++};
++
+ static s32 e1000_setup_link_ich8lan(struct e1000_hw *hw);
+ static void e1000_clear_hw_cntrs_ich8lan(struct e1000_hw *hw);
+ static void e1000_initialize_hw_bits_ich8lan(struct e1000_hw *hw);
+@@ -1417,6 +1431,7 @@ static s32 e1000_update_nvm_checksum_ich
+ * programming failed.
+ */
+ if (ret_val) {
++ /* Possibly read-only, see e1000e_write_protect_nvm_ich8lan() */
+ hw_dbg(hw, "Flash commit failed.\n");
+ e1000_release_swflag_ich8lan(hw);
+ return ret_val;
+@@ -1507,6 +1522,37 @@ static s32 e1000_validate_nvm_checksum_i
+ }
+
+ /**
++ * e1000e_write_protect_nvm_ich8lan - Make the NVM read-only
++ * @hw: pointer to the HW structure
++ * @enable: pointer to the HW structure
++ * @enable: TRUE to enable write protection, FALSE to disable write
protection
++ *
++ * To prevent malicious write/erase of the NVM, set it to be read-only
++ * so that the hardware ignores all write/erase cycles of the NVM via
++ * the flash control registers. The shadow-ram copy of the NVM will
++ * still be updated, however any updates to this copy will not stick
++ * across driver reloads.
++ **/
++void e1000e_write_protect_nvm_ich8lan(struct e1000_hw *hw, bool enable)
++{
++ union ich8_flash_protected_range pr0;
++ u32 gfpreg;
++
++ if (hw->nvm.ops.acquire_nvm(hw))
++ return;
++
++ gfpreg = er32flash(ICH_FLASH_GFPREG);
++
++ pr0.regval = er32flash(ICH_FLASH_PR0);
++ pr0.range.base = gfpreg & FLASH_GFPREG_BASE_MASK;
++ pr0.range.limit = ((gfpreg >> 16) & FLASH_GFPREG_BASE_MASK);
++ pr0.range.wpe = enable;
++ ew32flash(ICH_FLASH_PR0, pr0.regval);
++
++ hw->nvm.ops.release_nvm(hw);
++}
++
++/**
+ * e1000_write_flash_data_ich8lan - Writes bytes to the NVM
+ * @hw: pointer to the HW structure
+ * @offset: The offset (in bytes) of the byte/word to read.
+--- linux-2.6.26.orig/drivers/net/e1000e/param.c
++++ linux-2.6.26/drivers/net/e1000e/param.c
+@@ -142,6 +142,15 @@ E1000_PARAM(SmartPowerDownEnable, "Enabl
+ */
+ E1000_PARAM(KumeranLockLoss, "Enable Kumeran lock loss workaround");
+
++/*
++ * Write Protect NVM
++ *
++ * Valid Range: 0, 1
++ *
++ * Default Value: 1 (enabled)
++ */
++E1000_PARAM(WriteProtectNVM, "Write-protect NVM [WARNING: disabling this can
lead to corrupted NVM]");
++
+ struct e1000_option {
+ enum { enable_option, range_option, list_option } type;
+ const char *name;
+@@ -415,4 +424,25 @@ void __devinit e1000e_check_options(stru
+ opt.def);
+ }
+ }
++ { /* Write-protect NVM */
++ const struct e1000_option opt = {
++ .type = enable_option,
++ .name = "Write-protect NVM",
++ .err = "defaulting to Enabled",
++ .def = OPTION_ENABLED
++ };
++
++ if (adapter->flags & FLAG_IS_ICH) {
++ if (num_WriteProtectNVM > bd) {
++ unsigned int write_protect_nvm =
WriteProtectNVM[bd];
++ e1000_validate_option(&write_protect_nvm, &opt,
++ adapter);
++ if (write_protect_nvm)
++ adapter->flags |= FLAG_READ_ONLY_NVM;
++ } else {
++ if (opt.def)
++ adapter->flags |= FLAG_READ_ONLY_NVM;
++ }
++ }
++ }
+ }
++++++ patches.trace.tar.bz2 ++++++
++++++ patches.uml.tar.bz2 ++++++
++++++ patches.xen.tar.bz2 ++++++
++++++ series.conf ++++++
--- kernel-source/series.conf 2008-09-29 23:42:34.000000000 +0200
+++ /mounts/work_src_done/STABLE/kernel-source/series.conf 2008-09-30
17:25:08.000000000 +0200
@@ -494,6 +494,8 @@
patches.suse/e1000e_allow_bad_checksum
patches.suse/e1000e_call_dump_eeprom
patches.suse/e1000e_mmap_range_chk
+ patches.suse/e1000e_ioremap_sanity_check
+ patches.suse/e1000e_write_protect_ichx_nvm
patches.drivers/ixgbe-fcoe-bugfixes
patches.drivers/sgi-uv-led
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-commit+help@xxxxxxxxxxxx
| < Previous | Next > |