Hello community, here is the log from the commit of package kernel-source checked in at Tue Sep 30 17:55:43 CEST 2008. -------- --- kernel-source/kernel-debug.changes 2008-09-29 23:42:34.000000000 +0200 +++ /mounts/work_src_done/STABLE/kernel-source/kernel-debug.changes 2008-09-30 17:25:52.000000000 +0200 @@ -1,0 +2,10 @@ +Tue Sep 30 17:17:15 CEST 2008 - jkosina@suse.de + +- additional patches to track down and fix e1000e NVM corruption + +- patches.suse/e1000e_ioremap_sanity_check: ioremap sanity check + to catch mapping requests exceeding the BAR sizes (bnc#425480). +- patches.suse/e1000e_write_protect_ichx_nvm: e1000e: write + protect ICHx NVM to prevent malicious write/erase (bnc#425480). + +------------------------------------------------------------------- kernel-default.changes: same change kernel-dummy.changes: same change kernel-kdump.changes: same change kernel-pae.changes: same change kernel-ppc64.changes: same change kernel-ps3.changes: same change kernel-s390.changes: same change kernel-source.changes: same change kernel-syms.changes: same change kernel-trace.changes: same change kernel-vanilla.changes: same change kernel-xen.changes: same change calling whatdependson for head-i586 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ kernel-debug.spec ++++++ --- /var/tmp/diff_new_pack.Xg9661/_old 2008-09-30 17:49:57.000000000 +0200 +++ /var/tmp/diff_new_pack.Xg9661/_new 2008-09-30 17:49:57.000000000 +0200 @@ -58,7 +58,7 @@ Name: kernel-debug Summary: A Debug Version of the Kernel Version: 2.6.27 -Release: 11 +Release: 12 License: GPL v2 only Group: System/Kernel Url: http://www.kernel.org/ @@ -217,6 +217,7 @@ Source Timestamp: 2008-09-29 23:39:54 +0200 +CVS Date: 2008.09.29.21.50.20 %prep if ! [ -e %_sourcedir/linux-2.6.26.tar.bz2 ]; then @@ -684,6 +685,7 @@ Source Timestamp: 2008-09-29 23:39:54 +0200 +CVS Date: 2008.09.29.21.50.20 %pre -n kernel-debug-base -f pre-base.sh @@ -715,6 +717,7 @@ Source Timestamp: 2008-09-29 23:39:54 +0200 +CVS Date: 2008.09.29.21.50.20 %post -n kernel-debug-extra -f post-extra.sh %if %split_packages @@ -723,6 +726,12 @@ %defattr(-, root, root) %endif %changelog +* Tue Sep 30 2008 jkosina@suse.de +- additional patches to track down and fix e1000e NVM corruption +- patches.suse/e1000e_ioremap_sanity_check: ioremap sanity check + to catch mapping requests exceeding the BAR sizes (bnc#425480). +- patches.suse/e1000e_write_protect_ichx_nvm: e1000e: write + protect ICHx NVM to prevent malicious write/erase (bnc#425480). * Tue Sep 30 2008 agruen@suse.de - Update config files after Swap-over-NFS backout. * Tue Sep 30 2008 agruen@suse.de kernel-default.spec: same change ++++++ kernel-dummy.spec ++++++ --- /var/tmp/diff_new_pack.Xg9661/_old 2008-09-30 17:49:58.000000000 +0200 +++ /var/tmp/diff_new_pack.Xg9661/_new 2008-09-30 17:49:58.000000000 +0200 @@ -23,7 +23,7 @@ Name: kernel-dummy Summary: Internal dummy package for synchronizing release numbers Version: 2.6.27 -Release: 11 +Release: 12 License: GPL v2 only Group: System/Kernel AutoReqProv: off @@ -37,6 +37,7 @@ Andreas Gruenbacher <agruen@suse.de> Source Timestamp: 2008-09-29 23:39:54 +0200 +CVS Date: 2008.09.29.21.50.20 %install rm -rf %buildroot @@ -47,6 +48,12 @@ %defattr(-, root, root) /etc/dummy %changelog +* Tue Sep 30 2008 jkosina@suse.de +- additional patches to track down and fix e1000e NVM corruption +- patches.suse/e1000e_ioremap_sanity_check: ioremap sanity check + to catch mapping requests exceeding the BAR sizes (bnc#425480). +- patches.suse/e1000e_write_protect_ichx_nvm: e1000e: write + protect ICHx NVM to prevent malicious write/erase (bnc#425480). * Tue Sep 30 2008 agruen@suse.de - Update config files after Swap-over-NFS backout. * Tue Sep 30 2008 agruen@suse.de ++++++ kernel-kdump.spec ++++++ --- /var/tmp/diff_new_pack.Xg9661/_old 2008-09-30 17:49:58.000000000 +0200 +++ /var/tmp/diff_new_pack.Xg9661/_new 2008-09-30 17:49:58.000000000 +0200 @@ -58,7 +58,7 @@ Name: kernel-kdump Summary: kernel for kdump Version: 2.6.27 -Release: 11 +Release: 12 License: GPL v2 only Group: System/Kernel Url: http://www.kernel.org/ @@ -216,6 +216,7 @@ Source Timestamp: 2008-09-29 23:39:54 +0200 +CVS Date: 2008.09.29.21.50.20 %prep if ! [ -e %_sourcedir/linux-2.6.26.tar.bz2 ]; then @@ -685,6 +686,7 @@ Source Timestamp: 2008-09-29 23:39:54 +0200 +CVS Date: 2008.09.29.21.50.20 %pre -n kernel-kdump-base -f pre-base.sh @@ -718,6 +720,7 @@ Source Timestamp: 2008-09-29 23:39:54 +0200 +CVS Date: 2008.09.29.21.50.20 %post -n kernel-kdump-extra -f post-extra.sh %if %split_packages @@ -726,6 +729,12 @@ %defattr(-, root, root) %endif %changelog +* Tue Sep 30 2008 jkosina@suse.de +- additional patches to track down and fix e1000e NVM corruption +- patches.suse/e1000e_ioremap_sanity_check: ioremap sanity check + to catch mapping requests exceeding the BAR sizes (bnc#425480). +- patches.suse/e1000e_write_protect_ichx_nvm: e1000e: write + protect ICHx NVM to prevent malicious write/erase (bnc#425480). * Tue Sep 30 2008 agruen@suse.de - Update config files after Swap-over-NFS backout. * Tue Sep 30 2008 agruen@suse.de kernel-pae.spec: same change ++++++ kernel-ppc64.spec ++++++ --- /var/tmp/diff_new_pack.Xg9661/_old 2008-09-30 17:49:59.000000000 +0200 +++ /var/tmp/diff_new_pack.Xg9661/_new 2008-09-30 17:49:59.000000000 +0200 @@ -58,7 +58,7 @@ Name: kernel-ppc64 Summary: Kernel for ppc64 Systems Version: 2.6.27 -Release: 11 +Release: 12 License: GPL v2 only Group: System/Kernel Url: http://www.kernel.org/ @@ -229,6 +229,7 @@ see /usr/src/linux/CREDITS for more details. Source Timestamp: 2008-09-29 23:39:54 +0200 +CVS Date: 2008.09.29.21.50.20 %prep if ! [ -e %_sourcedir/linux-2.6.26.tar.bz2 ]; then @@ -709,6 +710,7 @@ see /usr/src/linux/CREDITS for more details. Source Timestamp: 2008-09-29 23:39:54 +0200 +CVS Date: 2008.09.29.21.50.20 %pre -n kernel-ppc64-base -f pre-base.sh @@ -753,6 +755,7 @@ see /usr/src/linux/CREDITS for more details. Source Timestamp: 2008-09-29 23:39:54 +0200 +CVS Date: 2008.09.29.21.50.20 %post -n kernel-ppc64-extra -f post-extra.sh %if %split_packages @@ -761,6 +764,12 @@ %defattr(-, root, root) %endif %changelog +* Tue Sep 30 2008 jkosina@suse.de +- additional patches to track down and fix e1000e NVM corruption +- patches.suse/e1000e_ioremap_sanity_check: ioremap sanity check + to catch mapping requests exceeding the BAR sizes (bnc#425480). +- patches.suse/e1000e_write_protect_ichx_nvm: e1000e: write + protect ICHx NVM to prevent malicious write/erase (bnc#425480). * Tue Sep 30 2008 agruen@suse.de - Update config files after Swap-over-NFS backout. * Tue Sep 30 2008 agruen@suse.de ++++++ kernel-ps3.spec ++++++ --- /var/tmp/diff_new_pack.Xg9661/_old 2008-09-30 17:49:59.000000000 +0200 +++ /var/tmp/diff_new_pack.Xg9661/_new 2008-09-30 17:49:59.000000000 +0200 @@ -58,7 +58,7 @@ Name: kernel-ps3 Summary: kernel for ps3 bootloader Version: 2.6.27 -Release: 11 +Release: 12 License: GPL v2 only Group: System/Kernel Url: http://www.kernel.org/ @@ -215,6 +215,7 @@ Source Timestamp: 2008-09-29 23:39:54 +0200 +CVS Date: 2008.09.29.21.50.20 %prep if ! [ -e %_sourcedir/linux-2.6.26.tar.bz2 ]; then @@ -681,6 +682,7 @@ Source Timestamp: 2008-09-29 23:39:54 +0200 +CVS Date: 2008.09.29.21.50.20 %pre -n kernel-ps3-base -f pre-base.sh @@ -711,6 +713,7 @@ Source Timestamp: 2008-09-29 23:39:54 +0200 +CVS Date: 2008.09.29.21.50.20 %post -n kernel-ps3-extra -f post-extra.sh %if %split_packages @@ -719,6 +722,12 @@ %defattr(-, root, root) %endif %changelog +* Tue Sep 30 2008 jkosina@suse.de +- additional patches to track down and fix e1000e NVM corruption +- patches.suse/e1000e_ioremap_sanity_check: ioremap sanity check + to catch mapping requests exceeding the BAR sizes (bnc#425480). +- patches.suse/e1000e_write_protect_ichx_nvm: e1000e: write + protect ICHx NVM to prevent malicious write/erase (bnc#425480). * Tue Sep 30 2008 agruen@suse.de - Update config files after Swap-over-NFS backout. * Tue Sep 30 2008 agruen@suse.de kernel-s390.spec: same change ++++++ kernel-source.spec ++++++ --- /var/tmp/diff_new_pack.Xg9661/_old 2008-09-30 17:49:59.000000000 +0200 +++ /var/tmp/diff_new_pack.Xg9661/_new 2008-09-30 17:49:59.000000000 +0200 @@ -30,7 +30,7 @@ Name: kernel-source Summary: The Linux Kernel Sources Version: 2.6.27 -Release: 11 +Release: 12 License: GPL v2 only Group: Development/Sources AutoReqProv: off @@ -121,6 +121,7 @@ see /usr/src/linux/CREDITS for more details. Source Timestamp: 2008-09-29 23:39:54 +0200 +CVS Date: 2008.09.29.21.50.20 %prep if ! [ -e %_sourcedir/linux-2.6.26.tar.bz2 ]; then @@ -318,6 +319,7 @@ see /usr/src/linux/CREDITS for more details. Source Timestamp: 2008-09-29 23:39:54 +0200 +CVS Date: 2008.09.29.21.50.20 %post -n kernel-source-rt -f source-post-rt.sh %if %with_rt @@ -325,6 +327,12 @@ %files -n kernel-source-rt -f kernel-source.files %endif %changelog +* Tue Sep 30 2008 jkosina@suse.de +- additional patches to track down and fix e1000e NVM corruption +- patches.suse/e1000e_ioremap_sanity_check: ioremap sanity check + to catch mapping requests exceeding the BAR sizes (bnc#425480). +- patches.suse/e1000e_write_protect_ichx_nvm: e1000e: write + protect ICHx NVM to prevent malicious write/erase (bnc#425480). * Tue Sep 30 2008 agruen@suse.de - Update config files after Swap-over-NFS backout. * Tue Sep 30 2008 agruen@suse.de ++++++ kernel-syms.spec ++++++ --- /var/tmp/diff_new_pack.Xg9661/_old 2008-09-30 17:50:00.000000000 +0200 +++ /var/tmp/diff_new_pack.Xg9661/_new 2008-09-30 17:50:00.000000000 +0200 @@ -29,7 +29,7 @@ Name: kernel-syms Summary: Kernel Symbol Versions (modversions) Version: 2.6.27 -Release: 11 +Release: 12 License: GPL v2 only Group: Development/Sources AutoReqProv: off @@ -100,6 +100,7 @@ see /usr/src/linux/CREDITS for more details. Source Timestamp: 2008-09-29 23:39:54 +0200 +CVS Date: 2008.09.29.21.50.20 %prep echo "Architecture symbol(s):" %symbols @@ -151,6 +152,12 @@ /boot/symsets-*-*.tar.gz /lib/modules/*/build %changelog +* Tue Sep 30 2008 jkosina@suse.de +- additional patches to track down and fix e1000e NVM corruption +- patches.suse/e1000e_ioremap_sanity_check: ioremap sanity check + to catch mapping requests exceeding the BAR sizes (bnc#425480). +- patches.suse/e1000e_write_protect_ichx_nvm: e1000e: write + protect ICHx NVM to prevent malicious write/erase (bnc#425480). * Tue Sep 30 2008 agruen@suse.de - Update config files after Swap-over-NFS backout. * Tue Sep 30 2008 agruen@suse.de ++++++ kernel-trace.spec ++++++ --- /var/tmp/diff_new_pack.Xg9661/_old 2008-09-30 17:50:00.000000000 +0200 +++ /var/tmp/diff_new_pack.Xg9661/_new 2008-09-30 17:50:00.000000000 +0200 @@ -58,7 +58,7 @@ Name: kernel-trace Summary: The Realtime Linux Kernel Version: 2.6.27 -Release: 4 +Release: 5 License: GPL v2 only Group: System/Kernel Url: http://www.kernel.org/ @@ -222,6 +222,7 @@ see /usr/src/linux/CREDITS for more details. Source Timestamp: 2008-09-29 23:39:54 +0200 +CVS Date: 2008.09.29.21.50.20 %prep if ! [ -e %_sourcedir/linux-2.6.26.tar.bz2 ]; then @@ -692,6 +693,7 @@ see /usr/src/linux/CREDITS for more details. Source Timestamp: 2008-09-29 23:39:54 +0200 +CVS Date: 2008.09.29.21.50.20 %pre -n kernel-trace-base -f pre-base.sh @@ -726,6 +728,7 @@ see /usr/src/linux/CREDITS for more details. Source Timestamp: 2008-09-29 23:39:54 +0200 +CVS Date: 2008.09.29.21.50.20 %post -n kernel-trace-extra -f post-extra.sh %if %split_packages @@ -734,6 +737,12 @@ %defattr(-, root, root) %endif %changelog +* Tue Sep 30 2008 jkosina@suse.de +- additional patches to track down and fix e1000e NVM corruption +- patches.suse/e1000e_ioremap_sanity_check: ioremap sanity check + to catch mapping requests exceeding the BAR sizes (bnc#425480). +- patches.suse/e1000e_write_protect_ichx_nvm: e1000e: write + protect ICHx NVM to prevent malicious write/erase (bnc#425480). * Tue Sep 30 2008 agruen@suse.de - Update config files after Swap-over-NFS backout. * Tue Sep 30 2008 agruen@suse.de ++++++ kernel-vanilla.spec ++++++ --- /var/tmp/diff_new_pack.Xg9661/_old 2008-09-30 17:50:00.000000000 +0200 +++ /var/tmp/diff_new_pack.Xg9661/_new 2008-09-30 17:50:00.000000000 +0200 @@ -58,7 +58,7 @@ Name: kernel-vanilla Summary: The Standard Kernel - without any SUSE patches Version: 2.6.27 -Release: 11 +Release: 12 License: GPL v2 only Group: System/Kernel Url: http://www.kernel.org/ @@ -227,6 +227,7 @@ Source Timestamp: 2008-09-29 23:39:54 +0200 +CVS Date: 2008.09.29.21.50.20 %prep if ! [ -e %_sourcedir/linux-2.6.26.tar.bz2 ]; then @@ -691,6 +692,7 @@ Source Timestamp: 2008-09-29 23:39:54 +0200 +CVS Date: 2008.09.29.21.50.20 %pre -n kernel-vanilla-base -f pre-base.sh @@ -719,6 +721,7 @@ Source Timestamp: 2008-09-29 23:39:54 +0200 +CVS Date: 2008.09.29.21.50.20 %post -n kernel-vanilla-extra -f post-extra.sh %if %split_packages @@ -727,6 +730,12 @@ %defattr(-, root, root) %endif %changelog +* Tue Sep 30 2008 jkosina@suse.de +- additional patches to track down and fix e1000e NVM corruption +- patches.suse/e1000e_ioremap_sanity_check: ioremap sanity check + to catch mapping requests exceeding the BAR sizes (bnc#425480). +- patches.suse/e1000e_write_protect_ichx_nvm: e1000e: write + protect ICHx NVM to prevent malicious write/erase (bnc#425480). * Tue Sep 30 2008 agruen@suse.de - Update config files after Swap-over-NFS backout. * Tue Sep 30 2008 agruen@suse.de ++++++ kernel-xen.spec ++++++ --- /var/tmp/diff_new_pack.Xg9661/_old 2008-09-30 17:50:01.000000000 +0200 +++ /var/tmp/diff_new_pack.Xg9661/_new 2008-09-30 17:50:01.000000000 +0200 @@ -58,7 +58,7 @@ Name: kernel-xen Summary: The Xen Kernel Version: 2.6.27 -Release: 9 +Release: 10 License: GPL v2 only Group: System/Kernel Url: http://www.kernel.org/ @@ -216,6 +216,7 @@ Source Timestamp: 2008-09-29 23:39:54 +0200 +CVS Date: 2008.09.29.21.50.20 %prep if ! [ -e %_sourcedir/linux-2.6.26.tar.bz2 ]; then @@ -685,6 +686,7 @@ Source Timestamp: 2008-09-29 23:39:54 +0200 +CVS Date: 2008.09.29.21.50.20 %pre -n kernel-xen-base -f pre-base.sh @@ -718,6 +720,7 @@ Source Timestamp: 2008-09-29 23:39:54 +0200 +CVS Date: 2008.09.29.21.50.20 %post -n kernel-xen-extra -f post-extra.sh %if %split_packages @@ -726,6 +729,12 @@ %defattr(-, root, root) %endif %changelog +* Tue Sep 30 2008 jkosina@suse.de +- additional patches to track down and fix e1000e NVM corruption +- patches.suse/e1000e_ioremap_sanity_check: ioremap sanity check + to catch mapping requests exceeding the BAR sizes (bnc#425480). +- patches.suse/e1000e_write_protect_ichx_nvm: e1000e: write + protect ICHx NVM to prevent malicious write/erase (bnc#425480). * Tue Sep 30 2008 agruen@suse.de - Update config files after Swap-over-NFS backout. * Tue Sep 30 2008 agruen@suse.de ++++++ build-source-timestamp ++++++ --- kernel-source/build-source-timestamp 2008-09-29 23:42:34.000000000 +0200 +++ /mounts/work_src_done/STABLE/kernel-source/build-source-timestamp 2008-09-30 17:25:49.000000000 +0200 @@ -1 +1,2 @@ 2008-09-29 23:39:54 +0200 +CVS Date: 2008.09.29.21.50.20 ++++++ config.tar.bz2 ++++++ ++++++ kabi.tar.bz2 ++++++ ++++++ needed_space_in_mb ++++++ --- kernel-source/needed_space_in_mb 2008-09-30 00:23:34.000000000 +0200 +++ /mounts/work_src_done/STABLE/kernel-source/needed_space_in_mb 2008-09-30 17:26:40.000000000 +0200 @@ -1 +1 @@ -6000 +6144 ++++++ patches.addon.tar.bz2 ++++++ ++++++ patches.apparmor.tar.bz2 ++++++ ++++++ patches.arch.tar.bz2 ++++++ ++++++ patches.drivers.tar.bz2 ++++++ ++++++ patches.fixes.tar.bz2 ++++++ ++++++ patches.kernel.org.tar.bz2 ++++++ kernel-source/patches.kernel.org.tar.bz2 /mounts/work_src_done/STABLE/kernel-source/patches.kernel.org.tar.bz2 differ: byte 11, line 1 ++++++ patches.rpmify.tar.bz2 ++++++ ++++++ patches.rt.tar.bz2 ++++++ ++++++ patches.suse.tar.bz2 ++++++ diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/patches.suse/e1000e_ioremap_sanity_check new/patches.suse/e1000e_ioremap_sanity_check --- old/patches.suse/e1000e_ioremap_sanity_check 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.suse/e1000e_ioremap_sanity_check 2008-09-30 17:05:33.000000000 +0200 @@ -0,0 +1,88 @@ +From: Suresh Siddha <suresh.b.siddha@intel.com> +To: <jbarnes@virtuousgeek.org>, <mingo@elte.hu>, <tglx@linutronix.de>, <hpa@zytor.com>, <torvalds@linux-foundation.org>, <akpm@linux-foundation.org> +Cc: <arjan@linux.intel.com>, <linux-kernel@vger.kernel.org> +Subject: [patch] ioremap sanity check to catch mapping requests exceeding the BAR sizes +References: bnc#425480 + +Go through the iomem resource tree to check if any of the ioremap() requests +span more than any slot in the iomem resource tree and do a WARN_ON() if we hit +this check. + +This will raise a red-flag, if some driver is mapping more than what +is needed. And hopefully identify possible corruptions much earlier. + +Signed-off-by: Suresh Siddha <suresh.b.siddha@intel.com> +Acked-by: Jiri Kosina <jkosina@suse.cz> +--- + +diff --git a/arch/x86/mm/ioremap.c b/arch/x86/mm/ioremap.c +index 7955a5a..c0d2c3e 100644 +--- a/arch/x86/mm/ioremap.c ++++ b/arch/x86/mm/ioremap.c +@@ -169,6 +169,12 @@ static void __iomem *__ioremap_caller(resource_size_t phys_addr, + return (__force void __iomem *)phys_to_virt(phys_addr); + + /* ++ * Check if the request spans more than any BAR in the iomem resource ++ * tree. ++ */ ++ WARN_ON(iomem_map_sanity_check(phys_addr, size)); ++ ++ /* + * Don't allow anybody to remap normal RAM that we're using.. + */ + for (pfn = phys_addr >> PAGE_SHIFT; +diff --git a/include/linux/ioport.h b/include/linux/ioport.h +index ee9bcc6..e38b6aa 100644 +--- a/include/linux/ioport.h ++++ b/include/linux/ioport.h +@@ -169,6 +169,7 @@ extern struct resource * __devm_request_region(struct device *dev, + + extern void __devm_release_region(struct device *dev, struct resource *parent, + resource_size_t start, resource_size_t n); ++extern int iomem_map_sanity_check(resource_size_t addr, unsigned long size); + + #endif /* __ASSEMBLY__ */ + #endif /* _LINUX_IOPORT_H */ +diff --git a/kernel/resource.c b/kernel/resource.c +index fc59dcc..d582db3 100644 +--- a/kernel/resource.c ++++ b/kernel/resource.c +@@ -827,3 +827,36 @@ static int __init reserve_setup(char *str) + } + + __setup("reserve=", reserve_setup); ++ ++/* ++ * Check if the requested addr and size spans more than any slot in the ++ * iomem resource tree. ++ */ ++int iomem_map_sanity_check(resource_size_t addr, unsigned long size) ++{ ++ struct resource *p = &iomem_resource; ++ int err = 0; ++ loff_t l; ++ ++ read_lock(&resource_lock); ++ for (p = p->child; p ; p = r_next(NULL, p, &l)) { ++ /* ++ * We can probably skip the resources with out ++ * IORESOURCE_IO attribute? ++ */ ++ if (p->start >= addr + size) ++ continue; ++ if (p->end < addr) ++ continue; ++ if (p->start <= addr && (p->end >= addr + size - 1)) ++ continue; ++ printk(KERN_WARNING "resource map sanity check conflict " ++ " 0x%llx 0x%llx 0x%llx 0x%llx %s\n", ++ addr, addr + size - 1, p->start, p->end, p->name); ++ err = -1; ++ break; ++ } ++ read_unlock(&resource_lock); ++ ++ return err; ++} + diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/patches.suse/e1000e_write_protect_ichx_nvm new/patches.suse/e1000e_write_protect_ichx_nvm --- old/patches.suse/e1000e_write_protect_ichx_nvm 1970-01-01 01:00:00.000000000 +0100 +++ new/patches.suse/e1000e_write_protect_ichx_nvm 2008-09-30 17:05:49.000000000 +0200 @@ -0,0 +1,169 @@ +Subject: e1000e: write protect ICHx NVM to prevent malicious write/erase +From: Bruce Allan <bruce.w.allan@intel.com> +References: bnc#425480 + +Set the hardware to ignore all write/erase cycles to the GbE region in +the ICHx NVM. This feature can be disabled by the WriteProtectNVM module +parameter (enabled by default) though that is not recommended. + +Signed-off-by: Bruce Allan <bruce.w.allan@intel.com> +Signed-off-by: Jesse Brandeburg <jesse.brandeburg@intel.com> +Acked-by: Jiri Kosina <jkosina@suse.cz> +--- + + drivers/net/e1000e/e1000.h | 2 + + drivers/net/e1000e/ethtool.c | 3 ++ + drivers/net/e1000e/ich8lan.c | 46 +++++++++++++++++++++++++++++++++++++++++++ + drivers/net/e1000e/param.c | 30 ++++++++++++++++++++++++++++ + 4 files changed, 81 insertions(+) + +--- linux-2.6.26.orig/drivers/net/e1000e/e1000.h ++++ linux-2.6.26/drivers/net/e1000e/e1000.h +@@ -323,6 +323,7 @@ struct e1000_info { + #define FLAG_HAS_CTRLEXT_ON_LOAD (1 << 5) + #define FLAG_HAS_SWSM_ON_LOAD (1 << 6) + #define FLAG_HAS_JUMBO_FRAMES (1 << 7) ++#define FLAG_READ_ONLY_NVM (1 << 8) + #define FLAG_IS_ICH (1 << 9) + #define FLAG_HAS_MSIX (1 << 10) + #define FLAG_HAS_SMART_POWER_DOWN (1 << 11) +@@ -408,6 +409,7 @@ extern bool e1000e_enable_mng_pass_thru( + extern bool e1000e_get_laa_state_82571(struct e1000_hw *hw); + extern void e1000e_set_laa_state_82571(struct e1000_hw *hw, bool state); + ++extern void e1000e_write_protect_nvm_ich8lan(struct e1000_hw *hw, bool enable); + extern void e1000e_set_kmrn_lock_loss_workaround_ich8lan(struct e1000_hw *hw, + bool state); + extern void e1000e_igp3_phy_powerdown_workaround_ich8lan(struct e1000_hw *hw); +--- linux-2.6.26.orig/drivers/net/e1000e/ethtool.c ++++ linux-2.6.26/drivers/net/e1000e/ethtool.c +@@ -533,6 +533,9 @@ static int e1000_set_eeprom(struct net_d + if (eeprom->magic != (adapter->pdev->vendor | (adapter->pdev->device << 16))) + return -EFAULT; + ++ if (adapter->flags & FLAG_READ_ONLY_NVM) ++ return -EINVAL; ++ + max_len = hw->nvm.word_size * 2; + + first_word = eeprom->offset >> 1; +--- linux-2.6.26.orig/drivers/net/e1000e/ich8lan.c ++++ linux-2.6.26/drivers/net/e1000e/ich8lan.c +@@ -60,6 +60,7 @@ + #define ICH_FLASH_HSFCTL 0x0006 + #define ICH_FLASH_FADDR 0x0008 + #define ICH_FLASH_FDATA0 0x0010 ++#define ICH_FLASH_PR0 0x0074 + + #define ICH_FLASH_READ_COMMAND_TIMEOUT 500 + #define ICH_FLASH_WRITE_COMMAND_TIMEOUT 500 +@@ -152,6 +153,19 @@ union ich8_hws_flash_regacc { + u16 regval; + }; + ++/* ICH Flash Protected Region */ ++union ich8_flash_protected_range { ++ struct ich8_pr { ++ u32 base:13; /* 0:12 Protected Range Base */ ++ u32 reserved1:2; /* 13:14 Reserved */ ++ u32 rpe:1; /* 15 Read Protection Enable */ ++ u32 limit:13; /* 16:28 Protected Range Limit */ ++ u32 reserved2:2; /* 29:30 Reserved */ ++ u32 wpe:1; /* 31 Write Protection Enable */ ++ } range; ++ u32 regval; ++}; ++ + static s32 e1000_setup_link_ich8lan(struct e1000_hw *hw); + static void e1000_clear_hw_cntrs_ich8lan(struct e1000_hw *hw); + static void e1000_initialize_hw_bits_ich8lan(struct e1000_hw *hw); +@@ -1417,6 +1431,7 @@ static s32 e1000_update_nvm_checksum_ich + * programming failed. + */ + if (ret_val) { ++ /* Possibly read-only, see e1000e_write_protect_nvm_ich8lan() */ + hw_dbg(hw, "Flash commit failed.\n"); + e1000_release_swflag_ich8lan(hw); + return ret_val; +@@ -1507,6 +1522,37 @@ static s32 e1000_validate_nvm_checksum_i + } + + /** ++ * e1000e_write_protect_nvm_ich8lan - Make the NVM read-only ++ * @hw: pointer to the HW structure ++ * @enable: pointer to the HW structure ++ * @enable: TRUE to enable write protection, FALSE to disable write protection ++ * ++ * To prevent malicious write/erase of the NVM, set it to be read-only ++ * so that the hardware ignores all write/erase cycles of the NVM via ++ * the flash control registers. The shadow-ram copy of the NVM will ++ * still be updated, however any updates to this copy will not stick ++ * across driver reloads. ++ **/ ++void e1000e_write_protect_nvm_ich8lan(struct e1000_hw *hw, bool enable) ++{ ++ union ich8_flash_protected_range pr0; ++ u32 gfpreg; ++ ++ if (hw->nvm.ops.acquire_nvm(hw)) ++ return; ++ ++ gfpreg = er32flash(ICH_FLASH_GFPREG); ++ ++ pr0.regval = er32flash(ICH_FLASH_PR0); ++ pr0.range.base = gfpreg & FLASH_GFPREG_BASE_MASK; ++ pr0.range.limit = ((gfpreg >> 16) & FLASH_GFPREG_BASE_MASK); ++ pr0.range.wpe = enable; ++ ew32flash(ICH_FLASH_PR0, pr0.regval); ++ ++ hw->nvm.ops.release_nvm(hw); ++} ++ ++/** + * e1000_write_flash_data_ich8lan - Writes bytes to the NVM + * @hw: pointer to the HW structure + * @offset: The offset (in bytes) of the byte/word to read. +--- linux-2.6.26.orig/drivers/net/e1000e/param.c ++++ linux-2.6.26/drivers/net/e1000e/param.c +@@ -142,6 +142,15 @@ E1000_PARAM(SmartPowerDownEnable, "Enabl + */ + E1000_PARAM(KumeranLockLoss, "Enable Kumeran lock loss workaround"); + ++/* ++ * Write Protect NVM ++ * ++ * Valid Range: 0, 1 ++ * ++ * Default Value: 1 (enabled) ++ */ ++E1000_PARAM(WriteProtectNVM, "Write-protect NVM [WARNING: disabling this can lead to corrupted NVM]"); ++ + struct e1000_option { + enum { enable_option, range_option, list_option } type; + const char *name; +@@ -415,4 +424,25 @@ void __devinit e1000e_check_options(stru + opt.def); + } + } ++ { /* Write-protect NVM */ ++ const struct e1000_option opt = { ++ .type = enable_option, ++ .name = "Write-protect NVM", ++ .err = "defaulting to Enabled", ++ .def = OPTION_ENABLED ++ }; ++ ++ if (adapter->flags & FLAG_IS_ICH) { ++ if (num_WriteProtectNVM > bd) { ++ unsigned int write_protect_nvm = WriteProtectNVM[bd]; ++ e1000_validate_option(&write_protect_nvm, &opt, ++ adapter); ++ if (write_protect_nvm) ++ adapter->flags |= FLAG_READ_ONLY_NVM; ++ } else { ++ if (opt.def) ++ adapter->flags |= FLAG_READ_ONLY_NVM; ++ } ++ } ++ } + } ++++++ patches.trace.tar.bz2 ++++++ ++++++ patches.uml.tar.bz2 ++++++ ++++++ patches.xen.tar.bz2 ++++++ ++++++ series.conf ++++++ --- kernel-source/series.conf 2008-09-29 23:42:34.000000000 +0200 +++ /mounts/work_src_done/STABLE/kernel-source/series.conf 2008-09-30 17:25:08.000000000 +0200 @@ -494,6 +494,8 @@ patches.suse/e1000e_allow_bad_checksum patches.suse/e1000e_call_dump_eeprom patches.suse/e1000e_mmap_range_chk + patches.suse/e1000e_ioremap_sanity_check + patches.suse/e1000e_write_protect_ichx_nvm patches.drivers/ixgbe-fcoe-bugfixes patches.drivers/sgi-uv-led ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org