From patchwork Mon Dec 12 14:19:54 2011 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Bader X-Patchwork-Id: 130754 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from chlorine.canonical.com (chlorine.canonical.com [91.189.94.204]) by ozlabs.org (Postfix) with ESMTP id 387C11007D4 for ; Tue, 13 Dec 2011 01:20:09 +1100 (EST) Received: from localhost ([127.0.0.1] helo=chlorine.canonical.com) by chlorine.canonical.com with esmtp (Exim 4.71) (envelope-from ) id 1Ra6jW-0007ZB-2v; Mon, 12 Dec 2011 14:19:58 +0000 Received: from youngberry.canonical.com ([91.189.89.112]) by chlorine.canonical.com with esmtp (Exim 4.71) (envelope-from ) id 1Ra6jT-0007Z6-An for kernel-team@lists.ubuntu.com; Mon, 12 Dec 2011 14:19:55 +0000 Received: from p5b2e5ebb.dip.t-dialin.net ([91.46.94.187] helo=[192.168.2.5]) by youngberry.canonical.com with esmtpsa (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1Ra6jT-0003Ix-7r; Mon, 12 Dec 2011 14:19:55 +0000 Message-ID: <4EE60D8A.6080803@canonical.com> Date: Mon, 12 Dec 2011 15:19:54 +0100 From: Stefan Bader User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:8.0) Gecko/20111124 Thunderbird/8.0 MIME-Version: 1.0 To: Tim Gardner Subject: Re: APPLIED: [CVE-2011-1576] core: Fix memory leak/corruption on VLAN GRO_DROP References: <1316440807-9603-1-git-send-email-stefan.bader@canonical.com> <4E774DEA.6000604@canonical.com> <4EDF9873.6090605@canonical.com> <4EE60AA6.1090504@canonical.com> In-Reply-To: <4EE60AA6.1090504@canonical.com> X-Enigmail-Version: 1.4a1pre Cc: kernel-team@lists.ubuntu.com X-BeenThere: kernel-team@lists.ubuntu.com X-Mailman-Version: 2.1.13 Precedence: list List-Id: Kernel team discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: kernel-team-bounces@lists.ubuntu.com Errors-To: kernel-team-bounces@lists.ubuntu.com On 12.12.2011 15:07, Tim Gardner wrote: > On 12/07/2011 09:46 AM, Stefan Bader wrote: >> On 19.09.2011 16:12, Tim Gardner wrote: >>> On 09/19/2011 08:00 AM, Stefan Bader wrote: >>>> introduced by (2.6.30): >>>> 5d0d9be8ef456afc6c3fb5f8aad06ef19b704b05 >>>> gro: Move common completion code into helpers >>>> >>>> fixed upstream by (2.6.37): >>>> 3701e51382a026cba10c60b03efabe534fba4ca4 >>>> vlan: Centralize handling of hardware acceleration. >>>> >>>> The upstream fix avoids the problem by re-arranging some helper functions. >>>> This minimal fix was picked from the RedHat source package. It matches the >>>> way that the vlan code handled the cases before the merge. >>>> >>>> Natty and Oneiric have the upstream fix. Hardy does not even handle GRO. >>>> So only fixes for Lucid and Maverick are required. The two versions for >>>> lucid/fsl-imx51 and the rest only differ by a bit of sourrounding code. >>>> >>> >>> >> Benjamin Poirier from SUSE had been looking at this one, too. And we had brief >> discussion. While the simple fix we took from RedHat will likely work, it is not >> really restoring a previous behavior as I had been thinking. This alternate >> approach is now queued in 2.6.32.y and when that hits, we could revert the other >> patch. And we likely would then want to do the same for all the combinations of >> other places where the same patch has been added. >> >> -Stefan > > So, you're kind of confusing me about which patches get reverted in what > release. Perhaps you could send pull requests for each release that demonstrate > exactly how you'd like each release to look. > > rtg The following changes since commit b6b7ef7ca0aa2ed75478ab2257544271aca245a4: KEYS: Fix a NULL pointer deref in the user-defined key type, CVE-2011-4110 (2011-12-06 13:22:15 -0700) are available in the git repository at: git://kernel.ubuntu.com/smb/ubuntu-maverick.git CVE-2011-1576 Benjamin Poirier (1): gro: reset vlan_tci on reuse Stefan Bader (1): Revert "core: Fix memory leak/corruption on VLAN GRO_DROP, CVE-2011-1576" net/core/dev.c | 4 +--- 1 files changed, 1 insertions(+), 3 deletions(-)