diff --git a/debian/changelog b/debian/changelog index 48956e236..355147201 100644 --- a/debian/changelog +++ b/debian/changelog @@ -9,6 +9,48 @@ linux-2.6 (2.6.16-99experimental.1) UNRELEASED; urgency=low -- maximilian attems Tue, 18 Apr 2006 02:09:27 +0200 +linux-2.6 (2.6.16-11) UNRELEASED; urgency=low + + * Update vserver patch to 2.0.2-rc18. + - Limit ccaps to root inside a guest + + -- Bastian Blank Fri, 28 Apr 2006 16:08:01 +0200 + +linux-2.6 (2.6.16-10) unstable; urgency=low + + [ Norbert Tretkowski ] + * [alpha] Added backport of for_each_possible_cpu() to fix alpha build. + (closes: #364206) + * Add stable release 2.6.16.10: + - IPC: access to unmapped vmalloc area in grow_ary() + - Add more prevent_tail_call() + - alim15x3: ULI M-1573 south Bridge support + - apm: fix Armada laptops again + - fbdev: Fix return error of fb_write + - Fix file lookup without ref + - m41t00: fix bitmasks when writing to chip + - Open IPMI BT overflow + - x86: be careful about tailcall breakage for sys_open[at] too + - x86: don't allow tail-calls in sys_ftruncate[64]() + - IPV6: XFRM: Fix decoding session with preceding extension header(s). + - IPV6: XFRM: Don't use old copy of pointer after pskb_may_pull(). + - IPV6: Ensure to have hop-by-hop options in our header of &sk_buff. + - selinux: Fix MLS compatibility off-by-one bug + - PPC: fix oops in alsa powermac driver + - MTD_NAND_SHARPSL and MTD_NAND_NANDSIM should be tristate's + - i2c-i801: Fix resume when PEC is used + - Fix hotplug race during device registration + - Fix truesize underflow + - efficeon-agp: Add missing memory mask + - 3ware 9000 disable local irqs during kmap_atomic + - 3ware: kmap_atomic() fix + + [ maximilian attems ] + * Add stable release 2.6.16.11: + - Don't allow a backslash in a path component (CVE-2006-1863) + + -- Bastian Blank Tue, 25 Apr 2006 13:56:19 +0200 + linux-2.6 (2.6.16-9) unstable; urgency=low [ maximilian attems ] diff --git a/debian/patches/2.6.16.10 b/debian/patches/2.6.16.10 new file mode 100644 index 000000000..f679f9e3f --- /dev/null +++ b/debian/patches/2.6.16.10 @@ -0,0 +1,676 @@ +diff --git a/arch/i386/kernel/apm.c b/arch/i386/kernel/apm.c +index 05312a8..558d2d2 100644 +--- a/arch/i386/kernel/apm.c ++++ b/arch/i386/kernel/apm.c +@@ -1081,7 +1081,7 @@ static int apm_console_blank(int blank) + break; + } + +- if (error == APM_NOT_ENGAGED && state != APM_STATE_READY) { ++ if (error == APM_NOT_ENGAGED) { + static int tried; + int eng_error; + if (tried++ == 0) { +diff --git a/drivers/char/agp/efficeon-agp.c b/drivers/char/agp/efficeon-agp.c +index e7aea77..40dfc29 100644 +--- a/drivers/char/agp/efficeon-agp.c ++++ b/drivers/char/agp/efficeon-agp.c +@@ -64,6 +64,12 @@ static struct gatt_mask efficeon_generic + {.mask = 0x00000001, .type = 0} + }; + ++/* This function does the same thing as mask_memory() for this chipset... */ ++static inline unsigned long efficeon_mask_memory(unsigned long addr) ++{ ++ return addr | 0x00000001; ++} ++ + static struct aper_size_info_lvl2 efficeon_generic_sizes[4] = + { + {256, 65536, 0}, +@@ -251,7 +257,7 @@ static int efficeon_insert_memory(struct + last_page = NULL; + for (i = 0; i < count; i++) { + int index = pg_start + i; +- unsigned long insert = mem->memory[i]; ++ unsigned long insert = efficeon_mask_memory(mem->memory[i]); + + page = (unsigned int *) efficeon_private.l1_table[index >> 10]; + +diff --git a/drivers/char/ipmi/ipmi_bt_sm.c b/drivers/char/ipmi/ipmi_bt_sm.c +index 58dcdee..0030cd8 100644 +--- a/drivers/char/ipmi/ipmi_bt_sm.c ++++ b/drivers/char/ipmi/ipmi_bt_sm.c +@@ -165,7 +165,7 @@ static int bt_start_transaction(struct s + { + unsigned int i; + +- if ((size < 2) || (size > IPMI_MAX_MSG_LENGTH)) ++ if ((size < 2) || (size > (IPMI_MAX_MSG_LENGTH - 2))) + return -1; + + if ((bt->state != BT_STATE_IDLE) && (bt->state != BT_STATE_HOSED)) +diff --git a/drivers/char/tty_io.c b/drivers/char/tty_io.c +index 53d3d06..edaee70 100644 +--- a/drivers/char/tty_io.c ++++ b/drivers/char/tty_io.c +@@ -2706,7 +2706,11 @@ #else + } + task_lock(p); + if (p->files) { +- rcu_read_lock(); ++ /* ++ * We don't take a ref to the file, so we must ++ * hold ->file_lock instead. ++ */ ++ spin_lock(&p->files->file_lock); + fdt = files_fdtable(p->files); + for (i=0; i < fdt->max_fds; i++) { + filp = fcheck_files(p->files, i); +@@ -2721,7 +2725,7 @@ #else + break; + } + } +- rcu_read_unlock(); ++ spin_unlock(&p->files->file_lock); + } + task_unlock(p); + } while_each_task_pid(session, PIDTYPE_SID, p); +diff --git a/drivers/i2c/busses/i2c-i801.c b/drivers/i2c/busses/i2c-i801.c +index 8e0f315..dfca749 100644 +--- a/drivers/i2c/busses/i2c-i801.c ++++ b/drivers/i2c/busses/i2c-i801.c +@@ -478,6 +478,11 @@ static s32 i801_access(struct i2c_adapte + ret = i801_transaction(); + } + ++ /* Some BIOSes don't like it when PEC is enabled at reboot or resume ++ time, so we forcibly disable it after every transaction. */ ++ if (hwpec) ++ outb_p(0, SMBAUXCTL); ++ + if(block) + return ret; + if(ret) +diff --git a/drivers/i2c/chips/m41t00.c b/drivers/i2c/chips/m41t00.c +index 2dc3d48..2836fb3 100644 +--- a/drivers/i2c/chips/m41t00.c ++++ b/drivers/i2c/chips/m41t00.c +@@ -129,13 +129,13 @@ m41t00_set_tlet(ulong arg) + if ((i2c_smbus_write_byte_data(save_client, 0, tm.tm_sec & 0x7f) < 0) + || (i2c_smbus_write_byte_data(save_client, 1, tm.tm_min & 0x7f) + < 0) +- || (i2c_smbus_write_byte_data(save_client, 2, tm.tm_hour & 0x7f) ++ || (i2c_smbus_write_byte_data(save_client, 2, tm.tm_hour & 0x3f) + < 0) +- || (i2c_smbus_write_byte_data(save_client, 4, tm.tm_mday & 0x7f) ++ || (i2c_smbus_write_byte_data(save_client, 4, tm.tm_mday & 0x3f) + < 0) +- || (i2c_smbus_write_byte_data(save_client, 5, tm.tm_mon & 0x7f) ++ || (i2c_smbus_write_byte_data(save_client, 5, tm.tm_mon & 0x1f) + < 0) +- || (i2c_smbus_write_byte_data(save_client, 6, tm.tm_year & 0x7f) ++ || (i2c_smbus_write_byte_data(save_client, 6, tm.tm_year & 0xff) + < 0)) + + dev_warn(&save_client->dev,"m41t00: can't write to rtc chip\n"); +diff --git a/drivers/ide/pci/alim15x3.c b/drivers/ide/pci/alim15x3.c +index cf84350..8b24b4f 100644 +--- a/drivers/ide/pci/alim15x3.c ++++ b/drivers/ide/pci/alim15x3.c +@@ -731,6 +731,8 @@ static unsigned int __devinit ata66_ali1 + + if(m5229_revision <= 0x20) + tmpbyte = (tmpbyte & (~0x02)) | 0x01; ++ else if (m5229_revision == 0xc7) ++ tmpbyte |= 0x03; + else + tmpbyte |= 0x01; + +diff --git a/drivers/macintosh/therm_adt746x.c b/drivers/macintosh/therm_adt746x.c +index 5ebfd1d..5282fec 100644 +--- a/drivers/macintosh/therm_adt746x.c ++++ b/drivers/macintosh/therm_adt746x.c +@@ -627,8 +627,8 @@ thermostat_init(void) + if(therm_type == ADT7460) + device_create_file(&of_dev->dev, &dev_attr_sensor2_fan_speed); + +-#ifndef CONFIG_I2C_KEYWEST +- request_module("i2c-keywest"); ++#ifndef CONFIG_I2C_POWERMAC ++ request_module("i2c-powermac"); + #endif + + return i2c_add_driver(&thermostat_driver); +diff --git a/drivers/mtd/nand/Kconfig b/drivers/mtd/nand/Kconfig +index 1fc4c13..cfe288a 100644 +--- a/drivers/mtd/nand/Kconfig ++++ b/drivers/mtd/nand/Kconfig +@@ -178,17 +178,16 @@ config MTD_NAND_DISKONCHIP_BBTWRITE + Even if you leave this disabled, you can enable BBT writes at module + load time (assuming you build diskonchip as a module) with the module + parameter "inftl_bbt_write=1". +- +- config MTD_NAND_SHARPSL +- bool "Support for NAND Flash on Sharp SL Series (C7xx + others)" +- depends on MTD_NAND && ARCH_PXA +- +- config MTD_NAND_NANDSIM +- bool "Support for NAND Flash Simulator" +- depends on MTD_NAND && MTD_PARTITIONS + ++config MTD_NAND_SHARPSL ++ tristate "Support for NAND Flash on Sharp SL Series (C7xx + others)" ++ depends on MTD_NAND && ARCH_PXA ++ ++config MTD_NAND_NANDSIM ++ tristate "Support for NAND Flash Simulator" ++ depends on MTD_NAND && MTD_PARTITIONS + help + The simulator may simulate verious NAND flash chips for the + MTD nand layer. +- ++ + endmenu +diff --git a/drivers/scsi/3w-9xxx.c b/drivers/scsi/3w-9xxx.c +index d9152d0..9132549 100644 +--- a/drivers/scsi/3w-9xxx.c ++++ b/drivers/scsi/3w-9xxx.c +@@ -85,7 +85,7 @@ #include + #include "3w-9xxx.h" + + /* Globals */ +-#define TW_DRIVER_VERSION "2.26.02.005" ++#define TW_DRIVER_VERSION "2.26.02.007" + static TW_Device_Extension *twa_device_extension_list[TW_MAX_SLOT]; + static unsigned int twa_device_extension_count; + static int twa_major = -1; +@@ -1944,9 +1944,13 @@ static void twa_scsiop_execute_scsi_comp + } + if (tw_dev->srb[request_id]->use_sg == 1) { + struct scatterlist *sg = (struct scatterlist *)tw_dev->srb[request_id]->request_buffer; +- char *buf = kmap_atomic(sg->page, KM_IRQ0) + sg->offset; ++ char *buf; ++ unsigned long flags = 0; ++ local_irq_save(flags); ++ buf = kmap_atomic(sg->page, KM_IRQ0) + sg->offset; + memcpy(buf, tw_dev->generic_buffer_virt[request_id], sg->length); + kunmap_atomic(buf - sg->offset, KM_IRQ0); ++ local_irq_restore(flags); + } + } + } /* End twa_scsiop_execute_scsi_complete() */ +diff --git a/drivers/scsi/3w-xxxx.c b/drivers/scsi/3w-xxxx.c +index 25f678d..e8e41e6 100644 +--- a/drivers/scsi/3w-xxxx.c ++++ b/drivers/scsi/3w-xxxx.c +@@ -1508,10 +1508,12 @@ static void tw_transfer_internal(TW_Devi + struct scsi_cmnd *cmd = tw_dev->srb[request_id]; + void *buf; + unsigned int transfer_len; ++ unsigned long flags = 0; + + if (cmd->use_sg) { + struct scatterlist *sg = + (struct scatterlist *)cmd->request_buffer; ++ local_irq_save(flags); + buf = kmap_atomic(sg->page, KM_IRQ0) + sg->offset; + transfer_len = min(sg->length, len); + } else { +@@ -1526,6 +1528,7 @@ static void tw_transfer_internal(TW_Devi + + sg = (struct scatterlist *)cmd->request_buffer; + kunmap_atomic(buf - sg->offset, KM_IRQ0); ++ local_irq_restore(flags); + } + } + +diff --git a/drivers/video/fbmem.c b/drivers/video/fbmem.c +index 996c7b5..b3094ae 100644 +--- a/drivers/video/fbmem.c ++++ b/drivers/video/fbmem.c +@@ -669,13 +669,19 @@ fb_write(struct file *file, const char _ + total_size = info->fix.smem_len; + + if (p > total_size) +- return 0; ++ return -EFBIG; + +- if (count >= total_size) ++ if (count > total_size) { ++ err = -EFBIG; + count = total_size; ++ } ++ ++ if (count + p > total_size) { ++ if (!err) ++ err = -ENOSPC; + +- if (count + p > total_size) + count = total_size - p; ++ } + + buffer = kmalloc((count > PAGE_SIZE) ? PAGE_SIZE : count, + GFP_KERNEL); +@@ -717,7 +723,7 @@ fb_write(struct file *file, const char _ + + kfree(buffer); + +- return (err) ? err : cnt; ++ return (cnt) ? cnt : err; + } + + #ifdef CONFIG_KMOD +diff --git a/fs/locks.c b/fs/locks.c +index 909eab8..e75ac39 100644 +--- a/fs/locks.c ++++ b/fs/locks.c +@@ -2212,7 +2212,12 @@ void steal_locks(fl_owner_t from) + + lock_kernel(); + j = 0; +- rcu_read_lock(); ++ ++ /* ++ * We are not taking a ref to the file structures, so ++ * we need to acquire ->file_lock. ++ */ ++ spin_lock(&files->file_lock); + fdt = files_fdtable(files); + for (;;) { + unsigned long set; +@@ -2230,7 +2235,7 @@ void steal_locks(fl_owner_t from) + set >>= 1; + } + } +- rcu_read_unlock(); ++ spin_unlock(&files->file_lock); + unlock_kernel(); + } + EXPORT_SYMBOL(steal_locks); +diff --git a/fs/open.c b/fs/open.c +index 70e0230..f697914 100644 +--- a/fs/open.c ++++ b/fs/open.c +@@ -330,7 +330,10 @@ out: + + asmlinkage long sys_ftruncate(unsigned int fd, unsigned long length) + { +- return do_sys_ftruncate(fd, length, 1); ++ long ret = do_sys_ftruncate(fd, length, 1); ++ /* avoid REGPARM breakage on x86: */ ++ prevent_tail_call(ret); ++ return ret; + } + + /* LFS versions of truncate are only needed on 32 bit machines */ +@@ -342,7 +345,10 @@ asmlinkage long sys_truncate64(const cha + + asmlinkage long sys_ftruncate64(unsigned int fd, loff_t length) + { +- return do_sys_ftruncate(fd, length, 0); ++ long ret = do_sys_ftruncate(fd, length, 0); ++ /* avoid REGPARM breakage on x86: */ ++ prevent_tail_call(ret); ++ return ret; + } + #endif + +@@ -1083,20 +1089,30 @@ long do_sys_open(int dfd, const char __u + + asmlinkage long sys_open(const char __user *filename, int flags, int mode) + { ++ long ret; ++ + if (force_o_largefile()) + flags |= O_LARGEFILE; + +- return do_sys_open(AT_FDCWD, filename, flags, mode); ++ ret = do_sys_open(AT_FDCWD, filename, flags, mode); ++ /* avoid REGPARM breakage on x86: */ ++ prevent_tail_call(ret); ++ return ret; + } + EXPORT_SYMBOL_GPL(sys_open); + + asmlinkage long sys_openat(int dfd, const char __user *filename, int flags, + int mode) + { ++ long ret; ++ + if (force_o_largefile()) + flags |= O_LARGEFILE; + +- return do_sys_open(dfd, filename, flags, mode); ++ ret = do_sys_open(dfd, filename, flags, mode); ++ /* avoid REGPARM breakage on x86: */ ++ prevent_tail_call(ret); ++ return ret; + } + EXPORT_SYMBOL_GPL(sys_openat); + +diff --git a/fs/proc/base.c b/fs/proc/base.c +index 20feb75..c192cb2 100644 +--- a/fs/proc/base.c ++++ b/fs/proc/base.c +@@ -294,16 +294,20 @@ static int proc_fd_link(struct inode *in + + files = get_files_struct(task); + if (files) { +- rcu_read_lock(); ++ /* ++ * We are not taking a ref to the file structure, so we must ++ * hold ->file_lock. ++ */ ++ spin_lock(&files->file_lock); + file = fcheck_files(files, fd); + if (file) { + *mnt = mntget(file->f_vfsmnt); + *dentry = dget(file->f_dentry); +- rcu_read_unlock(); ++ spin_unlock(&files->file_lock); + put_files_struct(files); + return 0; + } +- rcu_read_unlock(); ++ spin_unlock(&files->file_lock); + put_files_struct(files); + } + return -ENOENT; +@@ -1485,7 +1489,12 @@ static struct dentry *proc_lookupfd(stru + if (!files) + goto out_unlock; + inode->i_mode = S_IFLNK; +- rcu_read_lock(); ++ ++ /* ++ * We are not taking a ref to the file structure, so we must ++ * hold ->file_lock. ++ */ ++ spin_lock(&files->file_lock); + file = fcheck_files(files, fd); + if (!file) + goto out_unlock2; +@@ -1493,7 +1502,7 @@ static struct dentry *proc_lookupfd(stru + inode->i_mode |= S_IRUSR | S_IXUSR; + if (file->f_mode & 2) + inode->i_mode |= S_IWUSR | S_IXUSR; +- rcu_read_unlock(); ++ spin_unlock(&files->file_lock); + put_files_struct(files); + inode->i_op = &proc_pid_link_inode_operations; + inode->i_size = 64; +@@ -1503,7 +1512,7 @@ static struct dentry *proc_lookupfd(stru + return NULL; + + out_unlock2: +- rcu_read_unlock(); ++ spin_unlock(&files->file_lock); + put_files_struct(files); + out_unlock: + iput(inode); +diff --git a/ipc/util.c b/ipc/util.c +index 8626219..303b058 100644 +--- a/ipc/util.c ++++ b/ipc/util.c +@@ -182,8 +182,7 @@ static int grow_ary(struct ipc_ids* ids, + if(new == NULL) + return size; + new->size = newsize; +- memcpy(new->p, ids->entries->p, sizeof(struct kern_ipc_perm *)*size + +- sizeof(struct ipc_id_ary)); ++ memcpy(new->p, ids->entries->p, sizeof(struct kern_ipc_perm *)*size); + for(i=size;ip[i] = NULL; + } +diff --git a/kernel/uid16.c b/kernel/uid16.c +index aa25605..187e2a4 100644 +--- a/kernel/uid16.c ++++ b/kernel/uid16.c +@@ -20,43 +20,67 @@ #include + + asmlinkage long sys_chown16(const char __user * filename, old_uid_t user, old_gid_t group) + { +- return sys_chown(filename, low2highuid(user), low2highgid(group)); ++ long ret = sys_chown(filename, low2highuid(user), low2highgid(group)); ++ /* avoid REGPARM breakage on x86: */ ++ prevent_tail_call(ret); ++ return ret; + } + + asmlinkage long sys_lchown16(const char __user * filename, old_uid_t user, old_gid_t group) + { +- return sys_lchown(filename, low2highuid(user), low2highgid(group)); ++ long ret = sys_lchown(filename, low2highuid(user), low2highgid(group)); ++ /* avoid REGPARM breakage on x86: */ ++ prevent_tail_call(ret); ++ return ret; + } + + asmlinkage long sys_fchown16(unsigned int fd, old_uid_t user, old_gid_t group) + { +- return sys_fchown(fd, low2highuid(user), low2highgid(group)); ++ long ret = sys_fchown(fd, low2highuid(user), low2highgid(group)); ++ /* avoid REGPARM breakage on x86: */ ++ prevent_tail_call(ret); ++ return ret; + } + + asmlinkage long sys_setregid16(old_gid_t rgid, old_gid_t egid) + { +- return sys_setregid(low2highgid(rgid), low2highgid(egid)); ++ long ret = sys_setregid(low2highgid(rgid), low2highgid(egid)); ++ /* avoid REGPARM breakage on x86: */ ++ prevent_tail_call(ret); ++ return ret; + } + + asmlinkage long sys_setgid16(old_gid_t gid) + { +- return sys_setgid(low2highgid(gid)); ++ long ret = sys_setgid(low2highgid(gid)); ++ /* avoid REGPARM breakage on x86: */ ++ prevent_tail_call(ret); ++ return ret; + } + + asmlinkage long sys_setreuid16(old_uid_t ruid, old_uid_t euid) + { +- return sys_setreuid(low2highuid(ruid), low2highuid(euid)); ++ long ret = sys_setreuid(low2highuid(ruid), low2highuid(euid)); ++ /* avoid REGPARM breakage on x86: */ ++ prevent_tail_call(ret); ++ return ret; + } + + asmlinkage long sys_setuid16(old_uid_t uid) + { +- return sys_setuid(low2highuid(uid)); ++ long ret = sys_setuid(low2highuid(uid)); ++ /* avoid REGPARM breakage on x86: */ ++ prevent_tail_call(ret); ++ return ret; + } + + asmlinkage long sys_setresuid16(old_uid_t ruid, old_uid_t euid, old_uid_t suid) + { +- return sys_setresuid(low2highuid(ruid), low2highuid(euid), +- low2highuid(suid)); ++ long ret = sys_setresuid(low2highuid(ruid), low2highuid(euid), ++ low2highuid(suid)); ++ /* avoid REGPARM breakage on x86: */ ++ prevent_tail_call(ret); ++ return ret; + } + + asmlinkage long sys_getresuid16(old_uid_t __user *ruid, old_uid_t __user *euid, old_uid_t __user *suid) +@@ -72,8 +96,11 @@ asmlinkage long sys_getresuid16(old_uid_ + + asmlinkage long sys_setresgid16(old_gid_t rgid, old_gid_t egid, old_gid_t sgid) + { +- return sys_setresgid(low2highgid(rgid), low2highgid(egid), +- low2highgid(sgid)); ++ long ret = sys_setresgid(low2highgid(rgid), low2highgid(egid), ++ low2highgid(sgid)); ++ /* avoid REGPARM breakage on x86: */ ++ prevent_tail_call(ret); ++ return ret; + } + + asmlinkage long sys_getresgid16(old_gid_t __user *rgid, old_gid_t __user *egid, old_gid_t __user *sgid) +@@ -89,12 +116,18 @@ asmlinkage long sys_getresgid16(old_gid_ + + asmlinkage long sys_setfsuid16(old_uid_t uid) + { +- return sys_setfsuid(low2highuid(uid)); ++ long ret = sys_setfsuid(low2highuid(uid)); ++ /* avoid REGPARM breakage on x86: */ ++ prevent_tail_call(ret); ++ return ret; + } + + asmlinkage long sys_setfsgid16(old_gid_t gid) + { +- return sys_setfsgid(low2highgid(gid)); ++ long ret = sys_setfsgid(low2highgid(gid)); ++ /* avoid REGPARM breakage on x86: */ ++ prevent_tail_call(ret); ++ return ret; + } + + static int groups16_to_user(old_gid_t __user *grouplist, +diff --git a/net/core/dev.c b/net/core/dev.c +index 2afb0de..12a214c 100644 +--- a/net/core/dev.c ++++ b/net/core/dev.c +@@ -2932,11 +2932,11 @@ void netdev_run_todo(void) + + switch(dev->reg_state) { + case NETREG_REGISTERING: ++ dev->reg_state = NETREG_REGISTERED; + err = netdev_register_sysfs(dev); + if (err) + printk(KERN_ERR "%s: failed sysfs registration (%d)\n", + dev->name, err); +- dev->reg_state = NETREG_REGISTERED; + break; + + case NETREG_UNREGISTERING: +diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c +index 9f498a6..310f2e6 100644 +--- a/net/ipv4/tcp_output.c ++++ b/net/ipv4/tcp_output.c +@@ -537,7 +537,9 @@ int tcp_fragment(struct sock *sk, struct + buff = sk_stream_alloc_skb(sk, nsize, GFP_ATOMIC); + if (buff == NULL) + return -ENOMEM; /* We'll just try again later. */ +- sk_charge_skb(sk, buff); ++ ++ buff->truesize = skb->len - len; ++ skb->truesize -= buff->truesize; + + /* Correct the sequence numbers. */ + TCP_SKB_CB(buff)->seq = TCP_SKB_CB(skb)->seq + len; +diff --git a/net/ipv6/exthdrs.c b/net/ipv6/exthdrs.c +index 2a1e7e4..d88cab7 100644 +--- a/net/ipv6/exthdrs.c ++++ b/net/ipv6/exthdrs.c +@@ -489,6 +489,18 @@ int ipv6_parse_hopopts(struct sk_buff *s + { + struct inet6_skb_parm *opt = IP6CB(skb); + ++ /* ++ * skb->nh.raw is equal to skb->data, and ++ * skb->h.raw - skb->nh.raw is always equal to ++ * sizeof(struct ipv6hdr) by definition of ++ * hop-by-hop options. ++ */ ++ if (!pskb_may_pull(skb, sizeof(struct ipv6hdr) + 8) || ++ !pskb_may_pull(skb, sizeof(struct ipv6hdr) + ((skb->h.raw[1] + 1) << 3))) { ++ kfree_skb(skb); ++ return -1; ++ } ++ + opt->hop = sizeof(struct ipv6hdr); + if (ip6_parse_tlv(tlvprochopopt_lst, skb)) { + skb->h.raw += (skb->h.raw[1]+1)<<3; +diff --git a/net/ipv6/xfrm6_policy.c b/net/ipv6/xfrm6_policy.c +index 91cce8b..88c840f 100644 +--- a/net/ipv6/xfrm6_policy.c ++++ b/net/ipv6/xfrm6_policy.c +@@ -191,16 +191,18 @@ error: + static inline void + _decode_session6(struct sk_buff *skb, struct flowi *fl) + { +- u16 offset = sizeof(struct ipv6hdr); ++ u16 offset = skb->h.raw - skb->nh.raw; + struct ipv6hdr *hdr = skb->nh.ipv6h; +- struct ipv6_opt_hdr *exthdr = (struct ipv6_opt_hdr*)(skb->nh.raw + offset); +- u8 nexthdr = skb->nh.ipv6h->nexthdr; ++ struct ipv6_opt_hdr *exthdr; ++ u8 nexthdr = skb->nh.raw[IP6CB(skb)->nhoff]; + + memset(fl, 0, sizeof(struct flowi)); + ipv6_addr_copy(&fl->fl6_dst, &hdr->daddr); + ipv6_addr_copy(&fl->fl6_src, &hdr->saddr); + + while (pskb_may_pull(skb, skb->nh.raw + offset + 1 - skb->data)) { ++ exthdr = (struct ipv6_opt_hdr*)(skb->nh.raw + offset); ++ + switch (nexthdr) { + case NEXTHDR_ROUTING: + case NEXTHDR_HOP: +diff --git a/security/selinux/ss/mls.c b/security/selinux/ss/mls.c +index 640d0bf..84047f6 100644 +--- a/security/selinux/ss/mls.c ++++ b/security/selinux/ss/mls.c +@@ -264,7 +264,7 @@ int mls_context_to_sid(char oldc, + + if (!selinux_mls_enabled) { + if (def_sid != SECSID_NULL && oldc) +- *scontext += strlen(*scontext); ++ *scontext += strlen(*scontext)+1; + return 0; + } + +diff --git a/sound/oss/dmasound/tas_common.c b/sound/oss/dmasound/tas_common.c +index 8131599..882ae98 100644 +--- a/sound/oss/dmasound/tas_common.c ++++ b/sound/oss/dmasound/tas_common.c +@@ -195,8 +195,8 @@ tas_init(int driver_id, const char *driv + + printk(KERN_INFO "tas driver [%s])\n", driver_name); + +-#ifndef CONFIG_I2C_KEYWEST +- request_module("i2c-keywest"); ++#ifndef CONFIG_I2C_POWERMAC ++ request_module("i2c-powermac"); + #endif + tas_node = find_devices("deq"); + if (tas_node == NULL) +diff --git a/sound/ppc/daca.c b/sound/ppc/daca.c +index 08cde51..b96cd94 100644 +--- a/sound/ppc/daca.c ++++ b/sound/ppc/daca.c +@@ -256,7 +256,7 @@ int __init snd_pmac_daca_init(struct snd + + #ifdef CONFIG_KMOD + if (current->fs->root) +- request_module("i2c-keywest"); ++ request_module("i2c-powermac"); + #endif /* CONFIG_KMOD */ + + mix = kmalloc(sizeof(*mix), GFP_KERNEL); +diff --git a/sound/ppc/tumbler.c b/sound/ppc/tumbler.c +index 838fc11..39d4cde 100644 +--- a/sound/ppc/tumbler.c ++++ b/sound/ppc/tumbler.c +@@ -1314,7 +1314,7 @@ int __init snd_pmac_tumbler_init(struct + + #ifdef CONFIG_KMOD + if (current->fs->root) +- request_module("i2c-keywest"); ++ request_module("i2c-powermac"); + #endif /* CONFIG_KMOD */ + + mix = kmalloc(sizeof(*mix), GFP_KERNEL); diff --git a/debian/patches/2.6.16.11 b/debian/patches/2.6.16.11 new file mode 100644 index 000000000..9ec0051d0 --- /dev/null +++ b/debian/patches/2.6.16.11 @@ -0,0 +1,25 @@ +diff --git a/fs/cifs/dir.c b/fs/cifs/dir.c +index fed55e3..5e562bc 100644 +--- a/fs/cifs/dir.c ++++ b/fs/cifs/dir.c +@@ -441,6 +441,20 @@ cifs_lookup(struct inode *parent_dir_ino + cifs_sb = CIFS_SB(parent_dir_inode->i_sb); + pTcon = cifs_sb->tcon; + ++ /* ++ * Don't allow the separator character in a path component. ++ * The VFS will not allow "/", but "\" is allowed by posix. ++ */ ++ if (!(cifs_sb->mnt_cifs_flags & CIFS_MOUNT_POSIX_PATHS)) { ++ int i; ++ for (i = 0; i < direntry->d_name.len; i++) ++ if (direntry->d_name.name[i] == '\\') { ++ cFYI(1, ("Invalid file name")); ++ FreeXid(xid); ++ return ERR_PTR(-EINVAL); ++ } ++ } ++ + /* can not grab the rename sem here since it would + deadlock in the cases (beginning of sys_rename itself) + in which we already have the sb rename sem */ diff --git a/debian/patches/alpha-build-fix.patch b/debian/patches/alpha-build-fix.patch new file mode 100644 index 000000000..a633d3376 --- /dev/null +++ b/debian/patches/alpha-build-fix.patch @@ -0,0 +1,22 @@ +From: Andrew Morton + +Backport for_each_possible_cpu() into 2.6.16. Fixes the alpha build, and any +future occurrences. + + +Signed-off-by: Andrew Morton +--- + + include/linux/cpumask.h | 1 + + 1 files changed, 1 insertion(+) + +--- a/include/linux/cpumask.h 2006-04-24 19:28:56.000000000 +0200 ++++ b/include/linux/cpumask.h 2006-04-24 19:29:21.000000000 +0200 +@@ -408,6 +408,7 @@ + }) + + #define for_each_cpu(cpu) for_each_cpu_mask((cpu), cpu_possible_map) ++#define for_each_possible_cpu(cpu) for_each_cpu_mask((cpu), cpu_possible_map) + #define for_each_online_cpu(cpu) for_each_cpu_mask((cpu), cpu_online_map) + #define for_each_present_cpu(cpu) for_each_cpu_mask((cpu), cpu_present_map) + diff --git a/debian/patches/series/10 b/debian/patches/series/10 new file mode 100644 index 000000000..656a136e7 --- /dev/null +++ b/debian/patches/series/10 @@ -0,0 +1,3 @@ ++ alpha-build-fix.patch ++ 2.6.16.10 ++ 2.6.16.11 diff --git a/debian/patches/series/11-extra b/debian/patches/series/11-extra new file mode 100644 index 000000000..74a272487 --- /dev/null +++ b/debian/patches/series/11-extra @@ -0,0 +1 @@ ++ vserver-vs2.0.2-rc18-update.patch *_vserver diff --git a/debian/patches/vserver-vs2.0.2-rc18-update.patch b/debian/patches/vserver-vs2.0.2-rc18-update.patch new file mode 100644 index 000000000..cdd9420eb --- /dev/null +++ b/debian/patches/vserver-vs2.0.2-rc18-update.patch @@ -0,0 +1,349 @@ +diff -u linux-2.6.16.8-vs2.0.2-rc17/fs/namespace.c linux-2.6.16.11-vs2.0.2-rc18/fs/namespace.c +--- linux-2.6.16.8-vs2.0.2-rc17/fs/namespace.c 2006-03-20 17:34:49 +0100 ++++ linux-2.6.16.11-vs2.0.2-rc18/fs/namespace.c 2006-04-28 01:59:36 +0200 +@@ -676,7 +676,7 @@ + goto dput_and_out; + + retval = -EPERM; +- if (!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_SECURE_MOUNT)) ++ if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_MOUNT)) + goto dput_and_out; + + retval = do_umount(nd.mnt, flags); +@@ -700,9 +700,7 @@ + + static int mount_is_safe(struct nameidata *nd) + { +- if (capable(CAP_SYS_ADMIN)) +- return 0; +- if (vx_ccaps(VXC_SECURE_MOUNT)) ++ if (vx_capable(CAP_SYS_ADMIN, VXC_SECURE_MOUNT)) + return 0; + return -EPERM; + #ifdef notyet +@@ -996,7 +994,7 @@ + int err; + struct super_block *sb = nd->mnt->mnt_sb; + +- if (!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_SECURE_REMOUNT)) ++ if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_REMOUNT)) + return -EPERM; + + if (!check_mnt(nd->mnt)) +@@ -1030,7 +1028,7 @@ + struct nameidata old_nd, parent_nd; + struct vfsmount *p; + int err = 0; +- if (!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_SECURE_MOUNT)) ++ if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_MOUNT)) + return -EPERM; + if (!old_name || !*old_name) + return -EINVAL; +@@ -1110,7 +1108,7 @@ + return -EINVAL; + + /* we need capabilities... */ +- if (!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_SECURE_MOUNT)) ++ if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_MOUNT)) + return -EPERM; + + mnt = do_kern_mount(type, flags, name, data); +@@ -1502,7 +1500,7 @@ + if (!(flags & CLONE_NEWNS)) + return 0; + +- if (!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_SECURE_MOUNT)) { ++ if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_MOUNT)) { + err = -EPERM; + goto out; + } +diff -u linux-2.6.16.8-vs2.0.2-rc17/fs/quota.c linux-2.6.16.11-vs2.0.2-rc18/fs/quota.c +--- linux-2.6.16.8-vs2.0.2-rc17/fs/quota.c 2006-03-20 17:34:49 +0100 ++++ linux-2.6.16.11-vs2.0.2-rc18/fs/quota.c 2006-04-28 01:59:36 +0200 +@@ -84,11 +84,11 @@ + if (cmd == Q_GETQUOTA) { + if (((type == USRQUOTA && current->euid != id) || + (type == GRPQUOTA && !in_egroup_p(id))) && +- !capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_QUOTA_CTL)) ++ !vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL)) + return -EPERM; + } + else if (cmd != Q_GETFMT && cmd != Q_SYNC && cmd != Q_GETINFO) +- if (!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_QUOTA_CTL)) ++ if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL)) + return -EPERM; + + return 0; +@@ -135,10 +135,10 @@ + if (cmd == Q_XGETQUOTA) { + if (((type == XQM_USRQUOTA && current->euid != id) || + (type == XQM_GRPQUOTA && !in_egroup_p(id))) && +- !capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_QUOTA_CTL)) ++ !vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL)) + return -EPERM; + } else if (cmd != Q_XGETQSTAT && cmd != Q_XQUOTASYNC) { +- if (!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_QUOTA_CTL)) ++ if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL)) + return -EPERM; + } + +diff -u linux-2.6.16.8-vs2.0.2-rc17/fs/super.c linux-2.6.16.11-vs2.0.2-rc18/fs/super.c +--- linux-2.6.16.8-vs2.0.2-rc17/fs/super.c 2006-03-20 17:34:49 +0100 ++++ linux-2.6.16.11-vs2.0.2-rc18/fs/super.c 2006-04-28 01:59:36 +0200 +@@ -815,7 +815,7 @@ + + sb = ERR_PTR(-EPERM); + if ((type->fs_flags & FS_BINARY_MOUNTDATA) && +- !capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_BINARY_MOUNT)) ++ !vx_capable(CAP_SYS_ADMIN, VXC_BINARY_MOUNT)) + goto out; + + sb = ERR_PTR(-ENOMEM); +diff -u linux-2.6.16.8-vs2.0.2-rc17/fs/xfs/quota/xfs_qm_syscalls.c linux-2.6.16.11-vs2.0.2-rc18/fs/xfs/quota/xfs_qm_syscalls.c +--- linux-2.6.16.8-vs2.0.2-rc17/fs/xfs/quota/xfs_qm_syscalls.c 2006-03-20 17:34:49 +0100 ++++ linux-2.6.16.11-vs2.0.2-rc18/fs/xfs/quota/xfs_qm_syscalls.c 2006-04-28 01:59:36 +0200 +@@ -215,7 +215,7 @@ + xfs_qoff_logitem_t *qoffstart; + int nculprits; + +- if (!force && !capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_QUOTA_CTL)) ++ if (!force && !vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL)) + return XFS_ERROR(EPERM); + /* + * No file system can have quotas enabled on disk but not in core. +@@ -384,7 +384,7 @@ + int error; + xfs_inode_t *qip; + +- if (!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_QUOTA_CTL)) ++ if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL)) + return XFS_ERROR(EPERM); + error = 0; + if (!XFS_SB_VERSION_HASQUOTA(&mp->m_sb) || flags == 0) { +@@ -429,7 +429,7 @@ + uint accflags; + __int64_t sbflags; + +- if (!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_QUOTA_CTL)) ++ if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL)) + return XFS_ERROR(EPERM); + + flags &= (XFS_ALL_QUOTA_ACCT | XFS_ALL_QUOTA_ENFD); +@@ -600,7 +600,7 @@ + int error; + xfs_qcnt_t hard, soft; + +- if (!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_QUOTA_CTL)) ++ if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL)) + return XFS_ERROR(EPERM); + + if ((newlim->d_fieldmask & +diff -u linux-2.6.16.8-vs2.0.2-rc17/include/linux/vs_base.h linux-2.6.16.11-vs2.0.2-rc18/include/linux/vs_base.h +--- linux-2.6.16.8-vs2.0.2-rc17/include/linux/vs_base.h 2006-03-20 17:34:50 +0100 ++++ linux-2.6.16.11-vs2.0.2-rc18/include/linux/vs_base.h 2006-04-28 02:00:37 +0200 +@@ -97,6 +97,9 @@ + (current->vx_info && \ + (current->vx_info->vx_initpid == (n))) + ++#define vx_capable(b,c) (capable(b) || \ ++ ((current->euid == 0) && vx_ccaps(c))) ++ + + #else + #warning duplicate inclusion +diff -u linux-2.6.16.8-vs2.0.2-rc17/include/net/route.h linux-2.6.16.11-vs2.0.2-rc18/include/net/route.h +--- linux-2.6.16.8-vs2.0.2-rc17/include/net/route.h 2006-03-20 17:34:50 +0100 ++++ linux-2.6.16.11-vs2.0.2-rc18/include/net/route.h 2006-04-26 19:12:32 +0200 +@@ -229,6 +229,8 @@ + return err; + if (fl.fl4_dst == IPI_LOOPBACK && !vx_check(0, VX_ADMIN)) + fl.fl4_dst = nx_info->ipv4[0]; ++ if (fl.fl4_src == IPI_LOOPBACK && !vx_check(0, VX_ADMIN)) ++ fl.fl4_src = nx_info->ipv4[0]; + } + if (!fl.fl4_dst || !fl.fl4_src) { + err = __ip_route_output_key(rp, &fl); +diff -u linux-2.6.16.8-vs2.0.2-rc17/kernel/sys.c linux-2.6.16.11-vs2.0.2-rc18/kernel/sys.c +--- linux-2.6.16.8-vs2.0.2-rc17/kernel/sys.c 2006-04-18 02:12:08 +0200 ++++ linux-2.6.16.11-vs2.0.2-rc18/kernel/sys.c 2006-04-28 01:59:36 +0200 +@@ -1547,7 +1547,7 @@ + int errno; + char tmp[__NEW_UTS_LEN]; + +- if (!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_SET_UTSNAME)) ++ if (!vx_capable(CAP_SYS_ADMIN, VXC_SET_UTSNAME)) + return -EPERM; + if (len < 0 || len > __NEW_UTS_LEN) + return -EINVAL; +@@ -1596,7 +1596,7 @@ + int errno; + char tmp[__NEW_UTS_LEN]; + +- if (!capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_SET_UTSNAME)) ++ if (!vx_capable(CAP_SYS_ADMIN, VXC_SET_UTSNAME)) + return -EPERM; + if (len < 0 || len > __NEW_UTS_LEN) + return -EINVAL; +@@ -1664,7 +1664,7 @@ + return -EINVAL; + old_rlim = current->signal->rlim + resource; + if ((new_rlim.rlim_max > old_rlim->rlim_max) && +- !capable(CAP_SYS_RESOURCE) && !vx_ccaps(VXC_SET_RLIMIT)) ++ !vx_capable(CAP_SYS_RESOURCE, VXC_SET_RLIMIT)) + return -EPERM; + if (resource == RLIMIT_NOFILE && new_rlim.rlim_max > NR_OPEN) + return -EPERM; +diff -u linux-2.6.16.8-vs2.0.2-rc17/kernel/vserver/legacy.c linux-2.6.16.11-vs2.0.2-rc18/kernel/vserver/legacy.c +--- linux-2.6.16.8-vs2.0.2-rc17/kernel/vserver/legacy.c 2006-03-20 17:34:50 +0100 ++++ linux-2.6.16.11-vs2.0.2-rc18/kernel/vserver/legacy.c 2006-04-28 03:18:07 +0200 +@@ -31,6 +31,7 @@ + if (!init) + return -ESRCH; + ++ vxi->vx_flags &= ~VXF_STATE_INIT; + return vx_set_init(vxi, init); + } + +@@ -88,7 +89,7 @@ + vx_info_flags(new_vxi, VX_INFO_PRIVATE, 0)) + goto out_put; + +- new_vxi->vx_flags &= ~(VXF_STATE_SETUP|VXF_STATE_INIT); ++ new_vxi->vx_flags &= ~VXF_STATE_SETUP; + + ret = vx_migrate_task(current, new_vxi); + if (ret == 0) { +@@ -102,6 +103,9 @@ + if (vc_data.flags & VX_INFO_NPROC) + new_vxi->limit.rlim[RLIMIT_NPROC] = + current->signal->rlim[RLIMIT_NPROC].rlim_max; ++ ++ /* tweak some defaults for legacy */ ++ new_vxi->vx_flags |= (VXF_HIDE_NETIF|VXF_INFO_INIT); + ret = new_vxi->vx_id; + } + out_put: +diff -u linux-2.6.16.8-vs2.0.2-rc17/kernel/vserver/sched.c linux-2.6.16.11-vs2.0.2-rc18/kernel/vserver/sched.c +--- linux-2.6.16.8-vs2.0.2-rc17/kernel/vserver/sched.c 2006-03-24 16:50:48 +0100 ++++ linux-2.6.16.11-vs2.0.2-rc18/kernel/vserver/sched.c 2006-04-28 01:39:59 +0200 +@@ -117,7 +117,7 @@ + vavavoom = 0; + + vxi->sched.vavavoom = vavavoom; +- return vavavoom; ++ return vavavoom + vxi->sched.priority_bias; + } + + +diff -u linux-2.6.16.8-vs2.0.2-rc17/net/ipv4/devinet.c linux-2.6.16.11-vs2.0.2-rc18/net/ipv4/devinet.c +--- linux-2.6.16.8-vs2.0.2-rc17/net/ipv4/devinet.c 2006-04-17 20:56:32 +0200 ++++ linux-2.6.16.11-vs2.0.2-rc18/net/ipv4/devinet.c 2006-04-26 19:09:22 +0200 +@@ -607,6 +607,9 @@ + *colon = ':'; + + if ((in_dev = __in_dev_get_rtnl(dev)) != NULL) { ++ struct nx_info *nxi = current->nx_info; ++ int hide_netif = vx_flags(VXF_HIDE_NETIF, 0); ++ + if (tryaddrmatch) { + /* Matthias Andree */ + /* compare label and address (4.4BSD style) */ +@@ -615,6 +618,8 @@ + This is checked above. */ + for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL; + ifap = &ifa->ifa_next) { ++ if (hide_netif && !ifa_in_nx_info(ifa, nxi)) ++ continue; + if (!strcmp(ifr.ifr_name, ifa->ifa_label) && + sin_orig.sin_addr.s_addr == + ifa->ifa_address) { +@@ -627,18 +632,18 @@ + comparing just the label */ + if (!ifa) { + for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL; +- ifap = &ifa->ifa_next) ++ ifap = &ifa->ifa_next) { ++ if (hide_netif && !ifa_in_nx_info(ifa, nxi)) ++ continue; + if (!strcmp(ifr.ifr_name, ifa->ifa_label)) + break; ++ } + } + } + + ret = -EADDRNOTAVAIL; + if (!ifa && cmd != SIOCSIFADDR && cmd != SIOCSIFFLAGS) + goto done; +- if (vx_flags(VXF_HIDE_NETIF, 0) && +- !ifa_in_nx_info(ifa, current->nx_info)) +- goto done; + + switch(cmd) { + case SIOCGIFADDR: /* Get interface address */ +diff -u linux-2.6.16.8-vs2.0.2-rc17/net/ipv4/udp.c linux-2.6.16.11-vs2.0.2-rc18/net/ipv4/udp.c +--- linux-2.6.16.8-vs2.0.2-rc17/net/ipv4/udp.c 2006-03-20 17:34:50 +0100 ++++ linux-2.6.16.11-vs2.0.2-rc18/net/ipv4/udp.c 2006-04-26 19:08:56 +0200 +@@ -216,16 +216,6 @@ + write_unlock_bh(&udp_hash_lock); + } + +-static inline int udp_in_list(struct nx_info *nx_info, u32 addr) +-{ +- int n = nx_info->nbipv4; +- int i; +- +- for (i=0; iipv4[i] == addr) +- return 1; +- return 0; +-} + + /* UDP is nearly always wildcards out the wazoo, it makes no sense to try + * harder than this. -DaveM +@@ -248,7 +238,7 @@ + continue; + score+=2; + } else if (sk->sk_nx_info) { +- if (udp_in_list(sk->sk_nx_info, daddr)) ++ if (addr_in_nx_info(sk->sk_nx_info, daddr)) + score+=2; + else + continue; +diff -u linux-2.6.16.8-vs2.0.2-rc17/security/commoncap.c linux-2.6.16.11-vs2.0.2-rc18/security/commoncap.c +--- linux-2.6.16.8-vs2.0.2-rc17/security/commoncap.c 2006-03-20 17:34:50 +0100 ++++ linux-2.6.16.11-vs2.0.2-rc18/security/commoncap.c 2006-04-28 01:59:36 +0200 +@@ -313,7 +313,7 @@ + int cap_syslog (int type) + { + if ((type != 3 && type != 10) && +- !capable(CAP_SYS_ADMIN) && !vx_ccaps(VXC_SYSLOG)) ++ !vx_capable(CAP_SYS_ADMIN, VXC_SYSLOG)) + return -EPERM; + return 0; + } +diff -u linux-2.6.16.8-vs2.0.2-rc17/security/security.c linux-2.6.16.11-vs2.0.2-rc18/security/security.c +--- linux-2.6.16.8-vs2.0.2-rc17/security/security.c 2006-03-20 17:34:50 +0100 ++++ linux-2.6.16.11-vs2.0.2-rc18/security/security.c 2006-04-28 01:59:36 +0200 +@@ -200,22 +200,8 @@ + +-int vx_capable(int cap, int ccap) +-{ +- if (security_ops->capable(current, cap)) { +- /* capability denied */ +- return 0; +- } +- if (!vx_ccaps(ccap)) +- return 0; +- +- /* capability granted */ +- current->flags |= PF_SUPERPRIV; +- return 1; +-} + + EXPORT_SYMBOL_GPL(register_security); + EXPORT_SYMBOL_GPL(unregister_security); + EXPORT_SYMBOL_GPL(mod_reg_security); + EXPORT_SYMBOL_GPL(mod_unreg_security); + EXPORT_SYMBOL(capable); +-EXPORT_SYMBOL(vx_capable); + EXPORT_SYMBOL(security_ops);