debian-packaging
/
linux
8
0
Fork 0
Code Releases Activity

Merge /dists/sid/linux-2.6. 

svn path=/dists/trunk/linux-2.6/; revision=6484
This commit is contained in:
Bastian Blank 2006-04-28 19:52:22 +00:00
parent 88d24d016a
commit a5016c3250
7 changed files with 1118 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
debian/changelog vendored
View File

@ -9,6 +9,48 @@ linux-2.6 (2.6.16-99experimental.1) UNRELEASED; urgency=low
-- maximilian attems <maks@sternwelten.at> Tue, 18 Apr 2006 02:09:27 +0200
linux-2.6 (2.6.16-11) UNRELEASED; urgency=low
* Update vserver patch to 2.0.2-rc18.
- Limit ccaps to root inside a guest
-- Bastian Blank <waldi@debian.org> Fri, 28 Apr 2006 16:08:01 +0200
linux-2.6 (2.6.16-10) unstable; urgency=low
[ Norbert Tretkowski ]
* [alpha] Added backport of for_each_possible_cpu() to fix alpha build.
(closes: #364206)
* Add stable release 2.6.16.10:
- IPC: access to unmapped vmalloc area in grow_ary()
- Add more prevent_tail_call()
- alim15x3: ULI M-1573 south Bridge support
- apm: fix Armada laptops again
- fbdev: Fix return error of fb_write
- Fix file lookup without ref
- m41t00: fix bitmasks when writing to chip
- Open IPMI BT overflow
- x86: be careful about tailcall breakage for sys_open[at] too
- x86: don't allow tail-calls in sys_ftruncate[64]()
- IPV6: XFRM: Fix decoding session with preceding extension header(s).
- IPV6: XFRM: Don't use old copy of pointer after pskb_may_pull().
- IPV6: Ensure to have hop-by-hop options in our header of &sk_buff.
- selinux: Fix MLS compatibility off-by-one bug
- PPC: fix oops in alsa powermac driver
- MTD_NAND_SHARPSL and MTD_NAND_NANDSIM should be tristate's
- i2c-i801: Fix resume when PEC is used
- Fix hotplug race during device registration
- Fix truesize underflow
- efficeon-agp: Add missing memory mask
- 3ware 9000 disable local irqs during kmap_atomic
- 3ware: kmap_atomic() fix
[ maximilian attems ]
* Add stable release 2.6.16.11:
- Don't allow a backslash in a path component (CVE-2006-1863)
-- Bastian Blank <waldi@debian.org> Tue, 25 Apr 2006 13:56:19 +0200
linux-2.6 (2.6.16-9) unstable; urgency=low
[ maximilian attems ]

676
debian/patches/2.6.16.10 vendored Normal file
View File

@ -0,0 +1,676 @@
diff --git a/arch/i386/kernel/apm.c b/arch/i386/kernel/apm.c
index 05312a8..558d2d2 100644
--- a/arch/i386/kernel/apm.c
+++ b/arch/i386/kernel/apm.c
@@ -1081,7 +1081,7 @@ static int apm_console_blank(int blank)
break;
}
- if (error == APM_NOT_ENGAGED && state != APM_STATE_READY) {
+ if (error == APM_NOT_ENGAGED) {
static int tried;
int eng_error;
if (tried++ == 0) {
diff --git a/drivers/char/agp/efficeon-agp.c b/drivers/char/agp/efficeon-agp.c
index e7aea77..40dfc29 100644
--- a/drivers/char/agp/efficeon-agp.c
+++ b/drivers/char/agp/efficeon-agp.c
@@ -64,6 +64,12 @@ static struct gatt_mask efficeon_generic
{.mask = 0x00000001, .type = 0}
};
+/* This function does the same thing as mask_memory() for this chipset... */
+static inline unsigned long efficeon_mask_memory(unsigned long addr)
+{
+ return addr | 0x00000001;
+}
+
static struct aper_size_info_lvl2 efficeon_generic_sizes[4] =
{
{256, 65536, 0},
@@ -251,7 +257,7 @@ static int efficeon_insert_memory(struct
last_page = NULL;
for (i = 0; i < count; i++) {
int index = pg_start + i;
- unsigned long insert = mem->memory[i];
+ unsigned long insert = efficeon_mask_memory(mem->memory[i]);
page = (unsigned int *) efficeon_private.l1_table[index >> 10];
diff --git a/drivers/char/ipmi/ipmi_bt_sm.c b/drivers/char/ipmi/ipmi_bt_sm.c
index 58dcdee..0030cd8 100644
--- a/drivers/char/ipmi/ipmi_bt_sm.c
+++ b/drivers/char/ipmi/ipmi_bt_sm.c
@@ -165,7 +165,7 @@ static int bt_start_transaction(struct s
{
unsigned int i;
- if ((size < 2) || (size > IPMI_MAX_MSG_LENGTH))
+ if ((size < 2) || (size > (IPMI_MAX_MSG_LENGTH - 2)))
return -1;
if ((bt->state != BT_STATE_IDLE) && (bt->state != BT_STATE_HOSED))
diff --git a/drivers/char/tty_io.c b/drivers/char/tty_io.c
index 53d3d06..edaee70 100644
--- a/drivers/char/tty_io.c
+++ b/drivers/char/tty_io.c
@@ -2706,7 +2706,11 @@ #else
}
task_lock(p);
if (p->files) {
- rcu_read_lock();
+ /*
+ * We don't take a ref to the file, so we must
+ * hold ->file_lock instead.
+ */
+ spin_lock(&p->files->file_lock);
fdt = files_fdtable(p->files);
for (i=0; i < fdt->max_fds; i++) {
filp = fcheck_files(p->files, i);
@@ -2721,7 +2725,7 @@ #else
break;
}
}
- rcu_read_unlock();
+ spin_unlock(&p->files->file_lock);
}
task_unlock(p);
} while_each_task_pid(session, PIDTYPE_SID, p);
diff --git a/drivers/i2c/busses/i2c-i801.c b/drivers/i2c/busses/i2c-i801.c
index 8e0f315..dfca749 100644
--- a/drivers/i2c/busses/i2c-i801.c
+++ b/drivers/i2c/busses/i2c-i801.c
@@ -478,6 +478,11 @@ static s32 i801_access(struct i2c_adapte
ret = i801_transaction();
}
+ /* Some BIOSes don't like it when PEC is enabled at reboot or resume
+ time, so we forcibly disable it after every transaction. */
+ if (hwpec)
+ outb_p(0, SMBAUXCTL);
+
if(block)
return ret;
if(ret)
diff --git a/drivers/i2c/chips/m41t00.c b/drivers/i2c/chips/m41t00.c
index 2dc3d48..2836fb3 100644
--- a/drivers/i2c/chips/m41t00.c
+++ b/drivers/i2c/chips/m41t00.c
@@ -129,13 +129,13 @@ m41t00_set_tlet(ulong arg)
if ((i2c_smbus_write_byte_data(save_client, 0, tm.tm_sec & 0x7f) < 0)
|| (i2c_smbus_write_byte_data(save_client, 1, tm.tm_min & 0x7f)
< 0)
- || (i2c_smbus_write_byte_data(save_client, 2, tm.tm_hour & 0x7f)
+ || (i2c_smbus_write_byte_data(save_client, 2, tm.tm_hour & 0x3f)
< 0)
- || (i2c_smbus_write_byte_data(save_client, 4, tm.tm_mday & 0x7f)
+ || (i2c_smbus_write_byte_data(save_client, 4, tm.tm_mday & 0x3f)
< 0)
- || (i2c_smbus_write_byte_data(save_client, 5, tm.tm_mon & 0x7f)
+ || (i2c_smbus_write_byte_data(save_client, 5, tm.tm_mon & 0x1f)
< 0)
- || (i2c_smbus_write_byte_data(save_client, 6, tm.tm_year & 0x7f)
+ || (i2c_smbus_write_byte_data(save_client, 6, tm.tm_year & 0xff)
< 0))
dev_warn(&save_client->dev,"m41t00: can't write to rtc chip\n");
diff --git a/drivers/ide/pci/alim15x3.c b/drivers/ide/pci/alim15x3.c
index cf84350..8b24b4f 100644
--- a/drivers/ide/pci/alim15x3.c
+++ b/drivers/ide/pci/alim15x3.c
@@ -731,6 +731,8 @@ static unsigned int __devinit ata66_ali1
if(m5229_revision <= 0x20)
tmpbyte = (tmpbyte & (~0x02)) | 0x01;
+ else if (m5229_revision == 0xc7)
+ tmpbyte |= 0x03;
else
tmpbyte |= 0x01;
diff --git a/drivers/macintosh/therm_adt746x.c b/drivers/macintosh/therm_adt746x.c
index 5ebfd1d..5282fec 100644
--- a/drivers/macintosh/therm_adt746x.c
+++ b/drivers/macintosh/therm_adt746x.c
@@ -627,8 +627,8 @@ thermostat_init(void)
if(therm_type == ADT7460)
device_create_file(&of_dev->dev, &dev_attr_sensor2_fan_speed);
-#ifndef CONFIG_I2C_KEYWEST
- request_module("i2c-keywest");
+#ifndef CONFIG_I2C_POWERMAC
+ request_module("i2c-powermac");
#endif
return i2c_add_driver(&thermostat_driver);
diff --git a/drivers/mtd/nand/Kconfig b/drivers/mtd/nand/Kconfig
index 1fc4c13..cfe288a 100644
--- a/drivers/mtd/nand/Kconfig
+++ b/drivers/mtd/nand/Kconfig
@@ -178,17 +178,16 @@ config MTD_NAND_DISKONCHIP_BBTWRITE
Even if you leave this disabled, you can enable BBT writes at module
load time (assuming you build diskonchip as a module) with the module
parameter "inftl_bbt_write=1".
-
- config MTD_NAND_SHARPSL
- bool "Support for NAND Flash on Sharp SL Series (C7xx + others)"
- depends on MTD_NAND && ARCH_PXA
-
- config MTD_NAND_NANDSIM
- bool "Support for NAND Flash Simulator"
- depends on MTD_NAND && MTD_PARTITIONS
+config MTD_NAND_SHARPSL
+ tristate "Support for NAND Flash on Sharp SL Series (C7xx + others)"
+ depends on MTD_NAND && ARCH_PXA
+
+config MTD_NAND_NANDSIM
+ tristate "Support for NAND Flash Simulator"
+ depends on MTD_NAND && MTD_PARTITIONS
help
The simulator may simulate verious NAND flash chips for the
MTD nand layer.
-
+
endmenu
diff --git a/drivers/scsi/3w-9xxx.c b/drivers/scsi/3w-9xxx.c
index d9152d0..9132549 100644
--- a/drivers/scsi/3w-9xxx.c
+++ b/drivers/scsi/3w-9xxx.c
@@ -85,7 +85,7 @@ #include <scsi/scsi_cmnd.h>
#include "3w-9xxx.h"
/* Globals */
-#define TW_DRIVER_VERSION "2.26.02.005"
+#define TW_DRIVER_VERSION "2.26.02.007"
static TW_Device_Extension *twa_device_extension_list[TW_MAX_SLOT];
static unsigned int twa_device_extension_count;
static int twa_major = -1;
@@ -1944,9 +1944,13 @@ static void twa_scsiop_execute_scsi_comp
}
if (tw_dev->srb[request_id]->use_sg == 1) {
struct scatterlist *sg = (struct scatterlist *)tw_dev->srb[request_id]->request_buffer;
- char *buf = kmap_atomic(sg->page, KM_IRQ0) + sg->offset;
+ char *buf;
+ unsigned long flags = 0;
+ local_irq_save(flags);
+ buf = kmap_atomic(sg->page, KM_IRQ0) + sg->offset;
memcpy(buf, tw_dev->generic_buffer_virt[request_id], sg->length);
kunmap_atomic(buf - sg->offset, KM_IRQ0);
+ local_irq_restore(flags);
}
}
} /* End twa_scsiop_execute_scsi_complete() */
diff --git a/drivers/scsi/3w-xxxx.c b/drivers/scsi/3w-xxxx.c
index 25f678d..e8e41e6 100644
--- a/drivers/scsi/3w-xxxx.c
+++ b/drivers/scsi/3w-xxxx.c
@@ -1508,10 +1508,12 @@ static void tw_transfer_internal(TW_Devi
struct scsi_cmnd *cmd = tw_dev->srb[request_id];
void *buf;
unsigned int transfer_len;
+ unsigned long flags = 0;
if (cmd->use_sg) {
struct scatterlist *sg =
(struct scatterlist *)cmd->request_buffer;
+ local_irq_save(flags);
buf = kmap_atomic(sg->page, KM_IRQ0) + sg->offset;
transfer_len = min(sg->length, len);
} else {
@@ -1526,6 +1528,7 @@ static void tw_transfer_internal(TW_Devi
sg = (struct scatterlist *)cmd->request_buffer;
kunmap_atomic(buf - sg->offset, KM_IRQ0);
+ local_irq_restore(flags);
}
}
diff --git a/drivers/video/fbmem.c b/drivers/video/fbmem.c
index 996c7b5..b3094ae 100644
--- a/drivers/video/fbmem.c
+++ b/drivers/video/fbmem.c
@@ -669,13 +669,19 @@ fb_write(struct file *file, const char _
total_size = info->fix.smem_len;
if (p > total_size)
- return 0;
+ return -EFBIG;
- if (count >= total_size)
+ if (count > total_size) {
+ err = -EFBIG;
count = total_size;
+ }
+
+ if (count + p > total_size) {
+ if (!err)
+ err = -ENOSPC;
- if (count + p > total_size)
count = total_size - p;
+ }
buffer = kmalloc((count > PAGE_SIZE) ? PAGE_SIZE : count,
GFP_KERNEL);
@@ -717,7 +723,7 @@ fb_write(struct file *file, const char _
kfree(buffer);
- return (err) ? err : cnt;
+ return (cnt) ? cnt : err;
}
#ifdef CONFIG_KMOD
diff --git a/fs/locks.c b/fs/locks.c
index 909eab8..e75ac39 100644
--- a/fs/locks.c
+++ b/fs/locks.c
@@ -2212,7 +2212,12 @@ void steal_locks(fl_owner_t from)
lock_kernel();
j = 0;
- rcu_read_lock();
+
+ /*
+ * We are not taking a ref to the file structures, so
+ * we need to acquire ->file_lock.
+ */
+ spin_lock(&files->file_lock);
fdt = files_fdtable(files);
for (;;) {
unsigned long set;
@@ -2230,7 +2235,7 @@ void steal_locks(fl_owner_t from)
set >>= 1;
}
}
- rcu_read_unlock();
+ spin_unlock(&files->file_lock);
unlock_kernel();
}
EXPORT_SYMBOL(steal_locks);
diff --git a/fs/open.c b/fs/open.c
index 70e0230..f697914 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -330,7 +330,10 @@ out:
asmlinkage long sys_ftruncate(unsigned int fd, unsigned long length)
{
- return do_sys_ftruncate(fd, length, 1);
+ long ret = do_sys_ftruncate(fd, length, 1);
+ /* avoid REGPARM breakage on x86: */
+ prevent_tail_call(ret);
+ return ret;
}
/* LFS versions of truncate are only needed on 32 bit machines */
@@ -342,7 +345,10 @@ asmlinkage long sys_truncate64(const cha
asmlinkage long sys_ftruncate64(unsigned int fd, loff_t length)
{
- return do_sys_ftruncate(fd, length, 0);
+ long ret = do_sys_ftruncate(fd, length, 0);
+ /* avoid REGPARM breakage on x86: */
+ prevent_tail_call(ret);
+ return ret;
}
#endif
@@ -1083,20 +1089,30 @@ long do_sys_open(int dfd, const char __u
asmlinkage long sys_open(const char __user *filename, int flags, int mode)
{
+ long ret;
+
if (force_o_largefile())
flags |= O_LARGEFILE;
- return do_sys_open(AT_FDCWD, filename, flags, mode);
+ ret = do_sys_open(AT_FDCWD, filename, flags, mode);
+ /* avoid REGPARM breakage on x86: */
+ prevent_tail_call(ret);
+ return ret;
}
EXPORT_SYMBOL_GPL(sys_open);
asmlinkage long sys_openat(int dfd, const char __user *filename, int flags,
int mode)
{
+ long ret;
+
if (force_o_largefile())
flags |= O_LARGEFILE;
- return do_sys_open(dfd, filename, flags, mode);
+ ret = do_sys_open(dfd, filename, flags, mode);
+ /* avoid REGPARM breakage on x86: */
+ prevent_tail_call(ret);
+ return ret;
}
EXPORT_SYMBOL_GPL(sys_openat);
diff --git a/fs/proc/base.c b/fs/proc/base.c
index 20feb75..c192cb2 100644
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -294,16 +294,20 @@ static int proc_fd_link(struct inode *in
files = get_files_struct(task);
if (files) {
- rcu_read_lock();
+ /*
+ * We are not taking a ref to the file structure, so we must
+ * hold ->file_lock.
+ */
+ spin_lock(&files->file_lock);
file = fcheck_files(files, fd);
if (file) {
*mnt = mntget(file->f_vfsmnt);
*dentry = dget(file->f_dentry);
- rcu_read_unlock();
+ spin_unlock(&files->file_lock);
put_files_struct(files);
return 0;
}
- rcu_read_unlock();
+ spin_unlock(&files->file_lock);
put_files_struct(files);
}
return -ENOENT;
@@ -1485,7 +1489,12 @@ static struct dentry *proc_lookupfd(stru
if (!files)
goto out_unlock;
inode->i_mode = S_IFLNK;
- rcu_read_lock();
+
+ /*
+ * We are not taking a ref to the file structure, so we must
+ * hold ->file_lock.
+ */
+ spin_lock(&files->file_lock);
file = fcheck_files(files, fd);
if (!file)
goto out_unlock2;
@@ -1493,7 +1502,7 @@ static struct dentry *proc_lookupfd(stru
inode->i_mode |= S_IRUSR | S_IXUSR;
if (file->f_mode & 2)
inode->i_mode |= S_IWUSR | S_IXUSR;
- rcu_read_unlock();
+ spin_unlock(&files->file_lock);
put_files_struct(files);
inode->i_op = &proc_pid_link_inode_operations;
inode->i_size = 64;
@@ -1503,7 +1512,7 @@ static struct dentry *proc_lookupfd(stru
return NULL;
out_unlock2:
- rcu_read_unlock();
+ spin_unlock(&files->file_lock);
put_files_struct(files);
out_unlock:
iput(inode);
diff --git a/ipc/util.c b/ipc/util.c
index 8626219..303b058 100644
--- a/ipc/util.c
+++ b/ipc/util.c
@@ -182,8 +182,7 @@ static int grow_ary(struct ipc_ids* ids,
if(new == NULL)
return size;
new->size = newsize;
- memcpy(new->p, ids->entries->p, sizeof(struct kern_ipc_perm *)*size +
- sizeof(struct ipc_id_ary));
+ memcpy(new->p, ids->entries->p, sizeof(struct kern_ipc_perm *)*size);
for(i=size;i<newsize;i++) {
new->p[i] = NULL;
}
diff --git a/kernel/uid16.c b/kernel/uid16.c
index aa25605..187e2a4 100644
--- a/kernel/uid16.c
+++ b/kernel/uid16.c
@@ -20,43 +20,67 @@ #include <asm/uaccess.h>
asmlinkage long sys_chown16(const char __user * filename, old_uid_t user, old_gid_t group)
{
- return sys_chown(filename, low2highuid(user), low2highgid(group));
+ long ret = sys_chown(filename, low2highuid(user), low2highgid(group));
+ /* avoid REGPARM breakage on x86: */
+ prevent_tail_call(ret);
+ return ret;
}
asmlinkage long sys_lchown16(const char __user * filename, old_uid_t user, old_gid_t group)
{
- return sys_lchown(filename, low2highuid(user), low2highgid(group));
+ long ret = sys_lchown(filename, low2highuid(user), low2highgid(group));
+ /* avoid REGPARM breakage on x86: */
+ prevent_tail_call(ret);
+ return ret;
}
asmlinkage long sys_fchown16(unsigned int fd, old_uid_t user, old_gid_t group)
{
- return sys_fchown(fd, low2highuid(user), low2highgid(group));
+ long ret = sys_fchown(fd, low2highuid(user), low2highgid(group));
+ /* avoid REGPARM breakage on x86: */
+ prevent_tail_call(ret);
+ return ret;
}
asmlinkage long sys_setregid16(old_gid_t rgid, old_gid_t egid)
{
- return sys_setregid(low2highgid(rgid), low2highgid(egid));
+ long ret = sys_setregid(low2highgid(rgid), low2highgid(egid));
+ /* avoid REGPARM breakage on x86: */
+ prevent_tail_call(ret);
+ return ret;
}
asmlinkage long sys_setgid16(old_gid_t gid)
{
- return sys_setgid(low2highgid(gid));
+ long ret = sys_setgid(low2highgid(gid));
+ /* avoid REGPARM breakage on x86: */
+ prevent_tail_call(ret);
+ return ret;
}
asmlinkage long sys_setreuid16(old_uid_t ruid, old_uid_t euid)
{
- return sys_setreuid(low2highuid(ruid), low2highuid(euid));
+ long ret = sys_setreuid(low2highuid(ruid), low2highuid(euid));
+ /* avoid REGPARM breakage on x86: */
+ prevent_tail_call(ret);
+ return ret;
}
asmlinkage long sys_setuid16(old_uid_t uid)
{
- return sys_setuid(low2highuid(uid));
+ long ret = sys_setuid(low2highuid(uid));
+ /* avoid REGPARM breakage on x86: */
+ prevent_tail_call(ret);
+ return ret;
}
asmlinkage long sys_setresuid16(old_uid_t ruid, old_uid_t euid, old_uid_t suid)
{
- return sys_setresuid(low2highuid(ruid), low2highuid(euid),
- low2highuid(suid));
+ long ret = sys_setresuid(low2highuid(ruid), low2highuid(euid),
+ low2highuid(suid));
+ /* avoid REGPARM breakage on x86: */
+ prevent_tail_call(ret);
+ return ret;
}
asmlinkage long sys_getresuid16(old_uid_t __user *ruid, old_uid_t __user *euid, old_uid_t __user *suid)
@@ -72,8 +96,11 @@ asmlinkage long sys_getresuid16(old_uid_
asmlinkage long sys_setresgid16(old_gid_t rgid, old_gid_t egid, old_gid_t sgid)
{
- return sys_setresgid(low2highgid(rgid), low2highgid(egid),
- low2highgid(sgid));
+ long ret = sys_setresgid(low2highgid(rgid), low2highgid(egid),
+ low2highgid(sgid));
+ /* avoid REGPARM breakage on x86: */
+ prevent_tail_call(ret);
+ return ret;
}
asmlinkage long sys_getresgid16(old_gid_t __user *rgid, old_gid_t __user *egid, old_gid_t __user *sgid)
@@ -89,12 +116,18 @@ asmlinkage long sys_getresgid16(old_gid_
asmlinkage long sys_setfsuid16(old_uid_t uid)
{
- return sys_setfsuid(low2highuid(uid));
+ long ret = sys_setfsuid(low2highuid(uid));
+ /* avoid REGPARM breakage on x86: */
+ prevent_tail_call(ret);
+ return ret;
}
asmlinkage long sys_setfsgid16(old_gid_t gid)
{
- return sys_setfsgid(low2highgid(gid));
+ long ret = sys_setfsgid(low2highgid(gid));
+ /* avoid REGPARM breakage on x86: */
+ prevent_tail_call(ret);
+ return ret;
}
static int groups16_to_user(old_gid_t __user *grouplist,
diff --git a/net/core/dev.c b/net/core/dev.c
index 2afb0de..12a214c 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -2932,11 +2932,11 @@ void netdev_run_todo(void)
switch(dev->reg_state) {
case NETREG_REGISTERING:
+ dev->reg_state = NETREG_REGISTERED;
err = netdev_register_sysfs(dev);
if (err)
printk(KERN_ERR "%s: failed sysfs registration (%d)\n",
dev->name, err);
- dev->reg_state = NETREG_REGISTERED;
break;
case NETREG_UNREGISTERING:
diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c
index 9f498a6..310f2e6 100644
--- a/net/ipv4/tcp_output.c
+++ b/net/ipv4/tcp_output.c
@@ -537,7 +537,9 @@ int tcp_fragment(struct sock *sk, struct
buff = sk_stream_alloc_skb(sk, nsize, GFP_ATOMIC);
if (buff == NULL)
return -ENOMEM; /* We'll just try again later. */
- sk_charge_skb(sk, buff);
+
+ buff->truesize = skb->len - len;
+ skb->truesize -= buff->truesize;
/* Correct the sequence numbers. */
TCP_SKB_CB(buff)->seq = TCP_SKB_CB(skb)->seq + len;
diff --git a/net/ipv6/exthdrs.c b/net/ipv6/exthdrs.c
index 2a1e7e4..d88cab7 100644
--- a/net/ipv6/exthdrs.c
+++ b/net/ipv6/exthdrs.c
@@ -489,6 +489,18 @@ int ipv6_parse_hopopts(struct sk_buff *s
{
struct inet6_skb_parm *opt = IP6CB(skb);
+ /*
+ * skb->nh.raw is equal to skb->data, and
+ * skb->h.raw - skb->nh.raw is always equal to
+ * sizeof(struct ipv6hdr) by definition of
+ * hop-by-hop options.
+ */
+ if (!pskb_may_pull(skb, sizeof(struct ipv6hdr) + 8) ||
+ !pskb_may_pull(skb, sizeof(struct ipv6hdr) + ((skb->h.raw[1] + 1) << 3))) {
+ kfree_skb(skb);
+ return -1;
+ }
+
opt->hop = sizeof(struct ipv6hdr);
if (ip6_parse_tlv(tlvprochopopt_lst, skb)) {
skb->h.raw += (skb->h.raw[1]+1)<<3;
diff --git a/net/ipv6/xfrm6_policy.c b/net/ipv6/xfrm6_policy.c
index 91cce8b..88c840f 100644
--- a/net/ipv6/xfrm6_policy.c
+++ b/net/ipv6/xfrm6_policy.c
@@ -191,16 +191,18 @@ error:
static inline void
_decode_session6(struct sk_buff *skb, struct flowi *fl)
{
- u16 offset = sizeof(struct ipv6hdr);
+ u16 offset = skb->h.raw - skb->nh.raw;
struct ipv6hdr *hdr = skb->nh.ipv6h;
- struct ipv6_opt_hdr *exthdr = (struct ipv6_opt_hdr*)(skb->nh.raw + offset);
- u8 nexthdr = skb->nh.ipv6h->nexthdr;
+ struct ipv6_opt_hdr *exthdr;
+ u8 nexthdr = skb->nh.raw[IP6CB(skb)->nhoff];
memset(fl, 0, sizeof(struct flowi));
ipv6_addr_copy(&fl->fl6_dst, &hdr->daddr);
ipv6_addr_copy(&fl->fl6_src, &hdr->saddr);
while (pskb_may_pull(skb, skb->nh.raw + offset + 1 - skb->data)) {
+ exthdr = (struct ipv6_opt_hdr*)(skb->nh.raw + offset);
+
switch (nexthdr) {
case NEXTHDR_ROUTING:
case NEXTHDR_HOP:
diff --git a/security/selinux/ss/mls.c b/security/selinux/ss/mls.c
index 640d0bf..84047f6 100644
--- a/security/selinux/ss/mls.c
+++ b/security/selinux/ss/mls.c
@@ -264,7 +264,7 @@ int mls_context_to_sid(char oldc,
if (!selinux_mls_enabled) {
if (def_sid != SECSID_NULL && oldc)
- *scontext += strlen(*scontext);
+ *scontext += strlen(*scontext)+1;
return 0;
}
diff --git a/sound/oss/dmasound/tas_common.c b/sound/oss/dmasound/tas_common.c
index 8131599..882ae98 100644
--- a/sound/oss/dmasound/tas_common.c
+++ b/sound/oss/dmasound/tas_common.c
@@ -195,8 +195,8 @@ tas_init(int driver_id, const char *driv
printk(KERN_INFO "tas driver [%s])\n", driver_name);
-#ifndef CONFIG_I2C_KEYWEST
- request_module("i2c-keywest");
+#ifndef CONFIG_I2C_POWERMAC
+ request_module("i2c-powermac");
#endif
tas_node = find_devices("deq");
if (tas_node == NULL)
diff --git a/sound/ppc/daca.c b/sound/ppc/daca.c
index 08cde51..b96cd94 100644
--- a/sound/ppc/daca.c
+++ b/sound/ppc/daca.c
@@ -256,7 +256,7 @@ int __init snd_pmac_daca_init(struct snd
#ifdef CONFIG_KMOD
if (current->fs->root)
- request_module("i2c-keywest");
+ request_module("i2c-powermac");
#endif /* CONFIG_KMOD */
mix = kmalloc(sizeof(*mix), GFP_KERNEL);
diff --git a/sound/ppc/tumbler.c b/sound/ppc/tumbler.c
index 838fc11..39d4cde 100644
--- a/sound/ppc/tumbler.c
+++ b/sound/ppc/tumbler.c
@@ -1314,7 +1314,7 @@ int __init snd_pmac_tumbler_init(struct
#ifdef CONFIG_KMOD
if (current->fs->root)
- request_module("i2c-keywest");
+ request_module("i2c-powermac");
#endif /* CONFIG_KMOD */
mix = kmalloc(sizeof(*mix), GFP_KERNEL);

25
debian/patches/2.6.16.11 vendored Normal file
View File

@ -0,0 +1,25 @@
diff --git a/fs/cifs/dir.c b/fs/cifs/dir.c
index fed55e3..5e562bc 100644
--- a/fs/cifs/dir.c
+++ b/fs/cifs/dir.c
@@ -441,6 +441,20 @@ cifs_lookup(struct inode *parent_dir_ino
cifs_sb = CIFS_SB(parent_dir_inode->i_sb);
pTcon = cifs_sb->tcon;
+ /*
+ * Don't allow the separator character in a path component.
+ * The VFS will not allow "/", but "\" is allowed by posix.
+ */
+ if (!(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_POSIX_PATHS)) {
+ int i;
+ for (i = 0; i < direntry->d_name.len; i++)
+ if (direntry->d_name.name[i] == '\\') {
+ cFYI(1, ("Invalid file name"));
+ FreeXid(xid);
+ return ERR_PTR(-EINVAL);
+ }
+ }
+
/* can not grab the rename sem here since it would
deadlock in the cases (beginning of sys_rename itself)
in which we already have the sb rename sem */

22
debian/patches/alpha-build-fix.patch vendored Normal file
View File

@ -0,0 +1,22 @@
From: Andrew Morton <akpm@osdl.org>
Backport for_each_possible_cpu() into 2.6.16. Fixes the alpha build, and any
future occurrences.
Signed-off-by: Andrew Morton <akpm@osdl.org>
---
include/linux/cpumask.h | 1 +
1 files changed, 1 insertion(+)
--- a/include/linux/cpumask.h 2006-04-24 19:28:56.000000000 +0200
+++ b/include/linux/cpumask.h 2006-04-24 19:29:21.000000000 +0200
@@ -408,6 +408,7 @@
})
#define for_each_cpu(cpu) for_each_cpu_mask((cpu), cpu_possible_map)
+#define for_each_possible_cpu(cpu) for_each_cpu_mask((cpu), cpu_possible_map)
#define for_each_online_cpu(cpu) for_each_cpu_mask((cpu), cpu_online_map)
#define for_each_present_cpu(cpu) for_each_cpu_mask((cpu), cpu_present_map)

3
debian/patches/series/10 vendored Normal file
View File

@ -0,0 +1,3 @@
+ alpha-build-fix.patch
+ 2.6.16.10
+ 2.6.16.11

1
debian/patches/series/11-extra vendored Normal file
View File

@ -0,0 +1 @@
+ vserver-vs2.0.2-rc18-update.patch *_vserver

349
debian/patches/vserver-vs2.0.2-rc18-update.patch vendored Normal file
View File

@ -0,0 +1,349 @@
diff -u linux-2.6.16.8-vs2.0.2-rc17/fs/namespace.c linux-2.6.16.11-vs2.0.2-rc18/fs/namespace.c
--- linux-2.6.16.8-vs2.0.2-rc17/fs/namespace.c 2006-03-20 17:34:49 +0100
+++ linux-2.6.16.11-vs2.0.2-rc18/fs/namespace.c 2006-04-28 01:59:36 +0200
@@ -676,7 +676,7 @@
goto dput_and_out;
retval = -EPERM;
- if (!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_SECURE_MOUNT))
+ if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_MOUNT))
goto dput_and_out;
retval = do_umount(nd.mnt, flags);
@@ -700,9 +700,7 @@
static int mount_is_safe(struct nameidata *nd)
{
- if (capable(CAP_SYS_ADMIN))
- return 0;
- if (vx_ccaps(VXC_SECURE_MOUNT))
+ if (vx_capable(CAP_SYS_ADMIN, VXC_SECURE_MOUNT))
return 0;
return -EPERM;
#ifdef notyet
@@ -996,7 +994,7 @@
int err;
struct super_block *sb = nd->mnt->mnt_sb;
- if (!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_SECURE_REMOUNT))
+ if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_REMOUNT))
return -EPERM;
if (!check_mnt(nd->mnt))
@@ -1030,7 +1028,7 @@
struct nameidata old_nd, parent_nd;
struct vfsmount *p;
int err = 0;
- if (!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_SECURE_MOUNT))
+ if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_MOUNT))
return -EPERM;
if (!old_name || !*old_name)
return -EINVAL;
@@ -1110,7 +1108,7 @@
return -EINVAL;
/* we need capabilities... */
- if (!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_SECURE_MOUNT))
+ if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_MOUNT))
return -EPERM;
mnt = do_kern_mount(type, flags, name, data);
@@ -1502,7 +1500,7 @@
if (!(flags & CLONE_NEWNS))
return 0;
- if (!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_SECURE_MOUNT)) {
+ if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_MOUNT)) {
err = -EPERM;
goto out;
}
diff -u linux-2.6.16.8-vs2.0.2-rc17/fs/quota.c linux-2.6.16.11-vs2.0.2-rc18/fs/quota.c
--- linux-2.6.16.8-vs2.0.2-rc17/fs/quota.c 2006-03-20 17:34:49 +0100
+++ linux-2.6.16.11-vs2.0.2-rc18/fs/quota.c 2006-04-28 01:59:36 +0200
@@ -84,11 +84,11 @@
if (cmd == Q_GETQUOTA) {
if (((type == USRQUOTA && current->euid != id) ||
(type == GRPQUOTA && !in_egroup_p(id))) &&
- !capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_QUOTA_CTL))
+ !vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL))
return -EPERM;
}
else if (cmd != Q_GETFMT && cmd != Q_SYNC && cmd != Q_GETINFO)
- if (!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_QUOTA_CTL))
+ if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL))
return -EPERM;
return 0;
@@ -135,10 +135,10 @@
if (cmd == Q_XGETQUOTA) {
if (((type == XQM_USRQUOTA && current->euid != id) ||
(type == XQM_GRPQUOTA && !in_egroup_p(id))) &&
- !capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_QUOTA_CTL))
+ !vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL))
return -EPERM;
} else if (cmd != Q_XGETQSTAT && cmd != Q_XQUOTASYNC) {
- if (!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_QUOTA_CTL))
+ if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL))
return -EPERM;
}
diff -u linux-2.6.16.8-vs2.0.2-rc17/fs/super.c linux-2.6.16.11-vs2.0.2-rc18/fs/super.c
--- linux-2.6.16.8-vs2.0.2-rc17/fs/super.c 2006-03-20 17:34:49 +0100
+++ linux-2.6.16.11-vs2.0.2-rc18/fs/super.c 2006-04-28 01:59:36 +0200
@@ -815,7 +815,7 @@
sb = ERR_PTR(-EPERM);
if ((type->fs_flags & FS_BINARY_MOUNTDATA) &&
- !capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_BINARY_MOUNT))
+ !vx_capable(CAP_SYS_ADMIN, VXC_BINARY_MOUNT))
goto out;
sb = ERR_PTR(-ENOMEM);
diff -u linux-2.6.16.8-vs2.0.2-rc17/fs/xfs/quota/xfs_qm_syscalls.c linux-2.6.16.11-vs2.0.2-rc18/fs/xfs/quota/xfs_qm_syscalls.c
--- linux-2.6.16.8-vs2.0.2-rc17/fs/xfs/quota/xfs_qm_syscalls.c 2006-03-20 17:34:49 +0100
+++ linux-2.6.16.11-vs2.0.2-rc18/fs/xfs/quota/xfs_qm_syscalls.c 2006-04-28 01:59:36 +0200
@@ -215,7 +215,7 @@
xfs_qoff_logitem_t *qoffstart;
int nculprits;
- if (!force && !capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_QUOTA_CTL))
+ if (!force && !vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL))
return XFS_ERROR(EPERM);
/*
* No file system can have quotas enabled on disk but not in core.
@@ -384,7 +384,7 @@
int error;
xfs_inode_t *qip;
- if (!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_QUOTA_CTL))
+ if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL))
return XFS_ERROR(EPERM);
error = 0;
if (!XFS_SB_VERSION_HASQUOTA(&mp->m_sb) || flags == 0) {
@@ -429,7 +429,7 @@
uint accflags;
__int64_t sbflags;
- if (!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_QUOTA_CTL))
+ if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL))
return XFS_ERROR(EPERM);
flags &= (XFS_ALL_QUOTA_ACCT | XFS_ALL_QUOTA_ENFD);
@@ -600,7 +600,7 @@
int error;
xfs_qcnt_t hard, soft;
- if (!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_QUOTA_CTL))
+ if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL))
return XFS_ERROR(EPERM);
if ((newlim->d_fieldmask &
diff -u linux-2.6.16.8-vs2.0.2-rc17/include/linux/vs_base.h linux-2.6.16.11-vs2.0.2-rc18/include/linux/vs_base.h
--- linux-2.6.16.8-vs2.0.2-rc17/include/linux/vs_base.h 2006-03-20 17:34:50 +0100
+++ linux-2.6.16.11-vs2.0.2-rc18/include/linux/vs_base.h 2006-04-28 02:00:37 +0200
@@ -97,6 +97,9 @@
(current->vx_info && \
(current->vx_info->vx_initpid == (n)))
+#define vx_capable(b,c) (capable(b) || \
+ ((current->euid == 0) && vx_ccaps(c)))
+
#else
#warning duplicate inclusion
diff -u linux-2.6.16.8-vs2.0.2-rc17/include/net/route.h linux-2.6.16.11-vs2.0.2-rc18/include/net/route.h
--- linux-2.6.16.8-vs2.0.2-rc17/include/net/route.h 2006-03-20 17:34:50 +0100
+++ linux-2.6.16.11-vs2.0.2-rc18/include/net/route.h 2006-04-26 19:12:32 +0200
@@ -229,6 +229,8 @@
return err;
if (fl.fl4_dst == IPI_LOOPBACK && !vx_check(0, VX_ADMIN))
fl.fl4_dst = nx_info->ipv4[0];
+ if (fl.fl4_src == IPI_LOOPBACK && !vx_check(0, VX_ADMIN))
+ fl.fl4_src = nx_info->ipv4[0];
}
if (!fl.fl4_dst || !fl.fl4_src) {
err = __ip_route_output_key(rp, &fl);
diff -u linux-2.6.16.8-vs2.0.2-rc17/kernel/sys.c linux-2.6.16.11-vs2.0.2-rc18/kernel/sys.c
--- linux-2.6.16.8-vs2.0.2-rc17/kernel/sys.c 2006-04-18 02:12:08 +0200
+++ linux-2.6.16.11-vs2.0.2-rc18/kernel/sys.c 2006-04-28 01:59:36 +0200
@@ -1547,7 +1547,7 @@
int errno;
char tmp[__NEW_UTS_LEN];
- if (!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_SET_UTSNAME))
+ if (!vx_capable(CAP_SYS_ADMIN, VXC_SET_UTSNAME))
return -EPERM;
if (len < 0 || len > __NEW_UTS_LEN)
return -EINVAL;
@@ -1596,7 +1596,7 @@
int errno;
char tmp[__NEW_UTS_LEN];
- if (!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_SET_UTSNAME))
+ if (!vx_capable(CAP_SYS_ADMIN, VXC_SET_UTSNAME))
return -EPERM;
if (len < 0 || len > __NEW_UTS_LEN)
return -EINVAL;
@@ -1664,7 +1664,7 @@
return -EINVAL;
old_rlim = current->signal->rlim + resource;
if ((new_rlim.rlim_max > old_rlim->rlim_max) &&
- !capable(CAP_SYS_RESOURCE) && !vx_ccaps(VXC_SET_RLIMIT))
+ !vx_capable(CAP_SYS_RESOURCE, VXC_SET_RLIMIT))
return -EPERM;
if (resource == RLIMIT_NOFILE && new_rlim.rlim_max > NR_OPEN)
return -EPERM;
diff -u linux-2.6.16.8-vs2.0.2-rc17/kernel/vserver/legacy.c linux-2.6.16.11-vs2.0.2-rc18/kernel/vserver/legacy.c
--- linux-2.6.16.8-vs2.0.2-rc17/kernel/vserver/legacy.c 2006-03-20 17:34:50 +0100
+++ linux-2.6.16.11-vs2.0.2-rc18/kernel/vserver/legacy.c 2006-04-28 03:18:07 +0200
@@ -31,6 +31,7 @@
if (!init)
return -ESRCH;
+ vxi->vx_flags &= ~VXF_STATE_INIT;
return vx_set_init(vxi, init);
}
@@ -88,7 +89,7 @@
vx_info_flags(new_vxi, VX_INFO_PRIVATE, 0))
goto out_put;
- new_vxi->vx_flags &= ~(VXF_STATE_SETUP|VXF_STATE_INIT);
+ new_vxi->vx_flags &= ~VXF_STATE_SETUP;
ret = vx_migrate_task(current, new_vxi);
if (ret == 0) {
@@ -102,6 +103,9 @@
if (vc_data.flags & VX_INFO_NPROC)
new_vxi->limit.rlim[RLIMIT_NPROC] =
current->signal->rlim[RLIMIT_NPROC].rlim_max;
+
+ /* tweak some defaults for legacy */
+ new_vxi->vx_flags |= (VXF_HIDE_NETIF|VXF_INFO_INIT);
ret = new_vxi->vx_id;
}
out_put:
diff -u linux-2.6.16.8-vs2.0.2-rc17/kernel/vserver/sched.c linux-2.6.16.11-vs2.0.2-rc18/kernel/vserver/sched.c
--- linux-2.6.16.8-vs2.0.2-rc17/kernel/vserver/sched.c 2006-03-24 16:50:48 +0100
+++ linux-2.6.16.11-vs2.0.2-rc18/kernel/vserver/sched.c 2006-04-28 01:39:59 +0200
@@ -117,7 +117,7 @@
vavavoom = 0;
vxi->sched.vavavoom = vavavoom;
- return vavavoom;
+ return vavavoom + vxi->sched.priority_bias;
}
diff -u linux-2.6.16.8-vs2.0.2-rc17/net/ipv4/devinet.c linux-2.6.16.11-vs2.0.2-rc18/net/ipv4/devinet.c
--- linux-2.6.16.8-vs2.0.2-rc17/net/ipv4/devinet.c 2006-04-17 20:56:32 +0200
+++ linux-2.6.16.11-vs2.0.2-rc18/net/ipv4/devinet.c 2006-04-26 19:09:22 +0200
@@ -607,6 +607,9 @@
*colon = ':';
if ((in_dev = __in_dev_get_rtnl(dev)) != NULL) {
+ struct nx_info *nxi = current->nx_info;
+ int hide_netif = vx_flags(VXF_HIDE_NETIF, 0);
+
if (tryaddrmatch) {
/* Matthias Andree */
/* compare label and address (4.4BSD style) */
@@ -615,6 +618,8 @@
This is checked above. */
for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
ifap = &ifa->ifa_next) {
+ if (hide_netif && !ifa_in_nx_info(ifa, nxi))
+ continue;
if (!strcmp(ifr.ifr_name, ifa->ifa_label) &&
sin_orig.sin_addr.s_addr ==
ifa->ifa_address) {
@@ -627,18 +632,18 @@
comparing just the label */
if (!ifa) {
for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
- ifap = &ifa->ifa_next)
+ ifap = &ifa->ifa_next) {
+ if (hide_netif && !ifa_in_nx_info(ifa, nxi))
+ continue;
if (!strcmp(ifr.ifr_name, ifa->ifa_label))
break;
+ }
}
}
ret = -EADDRNOTAVAIL;
if (!ifa && cmd != SIOCSIFADDR && cmd != SIOCSIFFLAGS)
goto done;
- if (vx_flags(VXF_HIDE_NETIF, 0) &&
- !ifa_in_nx_info(ifa, current->nx_info))
- goto done;
switch(cmd) {
case SIOCGIFADDR: /* Get interface address */
diff -u linux-2.6.16.8-vs2.0.2-rc17/net/ipv4/udp.c linux-2.6.16.11-vs2.0.2-rc18/net/ipv4/udp.c
--- linux-2.6.16.8-vs2.0.2-rc17/net/ipv4/udp.c 2006-03-20 17:34:50 +0100
+++ linux-2.6.16.11-vs2.0.2-rc18/net/ipv4/udp.c 2006-04-26 19:08:56 +0200
@@ -216,16 +216,6 @@
write_unlock_bh(&udp_hash_lock);
}
-static inline int udp_in_list(struct nx_info *nx_info, u32 addr)
-{
- int n = nx_info->nbipv4;
- int i;
-
- for (i=0; i<n; i++)
- if (nx_info->ipv4[i] == addr)
- return 1;
- return 0;
-}
/* UDP is nearly always wildcards out the wazoo, it makes no sense to try
* harder than this. -DaveM
@@ -248,7 +238,7 @@
continue;
score+=2;
} else if (sk->sk_nx_info) {
- if (udp_in_list(sk->sk_nx_info, daddr))
+ if (addr_in_nx_info(sk->sk_nx_info, daddr))
score+=2;
else
continue;
diff -u linux-2.6.16.8-vs2.0.2-rc17/security/commoncap.c linux-2.6.16.11-vs2.0.2-rc18/security/commoncap.c
--- linux-2.6.16.8-vs2.0.2-rc17/security/commoncap.c 2006-03-20 17:34:50 +0100
+++ linux-2.6.16.11-vs2.0.2-rc18/security/commoncap.c 2006-04-28 01:59:36 +0200
@@ -313,7 +313,7 @@
int cap_syslog (int type)
{
if ((type != 3 && type != 10) &&
- !capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_SYSLOG))
+ !vx_capable(CAP_SYS_ADMIN, VXC_SYSLOG))
return -EPERM;
return 0;
}
diff -u linux-2.6.16.8-vs2.0.2-rc17/security/security.c linux-2.6.16.11-vs2.0.2-rc18/security/security.c
--- linux-2.6.16.8-vs2.0.2-rc17/security/security.c 2006-03-20 17:34:50 +0100
+++ linux-2.6.16.11-vs2.0.2-rc18/security/security.c 2006-04-28 01:59:36 +0200
@@ -200,22 +200,8 @@
-int vx_capable(int cap, int ccap)
-{
- if (security_ops->capable(current, cap)) {
- /* capability denied */
- return 0;
- }
- if (!vx_ccaps(ccap))
- return 0;
-
- /* capability granted */
- current->flags |= PF_SUPERPRIV;
- return 1;
-}
EXPORT_SYMBOL_GPL(register_security);
EXPORT_SYMBOL_GPL(unregister_security);
EXPORT_SYMBOL_GPL(mod_reg_security);
EXPORT_SYMBOL_GPL(mod_unreg_security);
EXPORT_SYMBOL(capable);
-EXPORT_SYMBOL(vx_capable);
EXPORT_SYMBOL(security_ops);