Fix #81106 patch for 2.4; bug #82479.

Package-Manager: portage-2.0.51.16
author: Tim Yamin <plasmaroo@gentoo.org> 2005-02-18 19:56:31 +0000
committer: Tim Yamin <plasmaroo@gentoo.org> 2005-02-18 19:56:31 +0000
commit: fd752915f7cfcfe0800ca864193692b3d2b967c1 (patch)
tree: 079402a6b340368f15b142a418d1f84ce6191ef5
parent: Version bump. (diff)
download: historical-fd752915f7cfcfe0800ca864193692b3d2b967c1.tar.gz
historical-fd752915f7cfcfe0800ca864193692b3d2b967c1.tar.bz2
historical-fd752915f7cfcfe0800ca864193692b3d2b967c1.zip
7 files changed, 151 insertions, 7 deletions
diff --git a/sys-kernel/ck-sources/ChangeLog b/sys-kernel/ck-sources/ChangeLog
index bf0b2a5531cf..193310053b94 100644
--- a/sys-kernel/ck-sources/ChangeLog
+++ b/sys-kernel/ck-sources/ChangeLog
@@ -1,6 +1,10 @@
 # ChangeLog for sys-kernel/ck-sources
 # Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ck-sources/ChangeLog,v 1.86 2005/02/16 20:40:20 plasmaroo Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ck-sources/ChangeLog,v 1.87 2005/02/18 19:55:15 plasmaroo Exp $
+
+  18 Feb 2005; <plasmaroo@gentoo.org> ck-sources-2.4.28-r3.ebuild,
+  +files/ck-sources-2.4.28.81106.patch:
+  Fix #81106 patch for 2.4; bug #82479.
 
 *ck-sources-2.4.28-r3 (15 Feb 2005)
 
diff --git a/sys-kernel/ck-sources/ck-sources-2.4.28-r3.ebuild b/sys-kernel/ck-sources/ck-sources-2.4.28-r3.ebuild
index 42b88941f47b..192a925bfbae 100644
--- a/sys-kernel/ck-sources/ck-sources-2.4.28-r3.ebuild
+++ b/sys-kernel/ck-sources/ck-sources-2.4.28-r3.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2005 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ck-sources/ck-sources-2.4.28-r3.ebuild,v 1.1 2005/02/15 21:50:55 plasmaroo Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/ck-sources/ck-sources-2.4.28-r3.ebuild,v 1.2 2005/02/18 19:55:15 plasmaroo Exp $
 
 ETYPE="sources"
 
@@ -27,7 +27,7 @@ UNIPATCH_LIST="${DISTDIR}/patch-${PV}-lck${CKV}.bz2
 	${FILESDIR}/${P}.77666.patch
 	${FILESDIR}/${P}.78362.patch
 	${FILESDIR}/${P}.78363.patch
-	${FILESDIR}/${PN}-81106.patch"
+	${FILESDIR}/${P}.81106.patch"
 
 DESCRIPTION="Full sources for the Stock Linux kernel Con Kolivas's high performance patchset"
 HOMEPAGE="http://members.optusnet.com.au/ckolivas/kernel/"
diff --git a/sys-kernel/ck-sources/files/ck-sources-2.4.28.81106.patch b/sys-kernel/ck-sources/files/ck-sources-2.4.28.81106.patch
new file mode 100644
index 000000000000..2cc0ab84ebb8
--- /dev/null
+++ b/sys-kernel/ck-sources/files/ck-sources-2.4.28.81106.patch
@@ -0,0 +1,83 @@
+# ChangeSet
+#   2005/01/25 10:10:51+00:00 aia21@cantab.net 
+#   NTFS: Add printk rate limiting for ntfs_warning() and ntfs_error() when
+#         compiled without debug.  This avoids a possible denial of service
+#         attack.  Thanks to Carl-Daniel Hailfinger from SuSE for pointing this
+#         out.
+# 
+# <plasmaroo>: printk_ratelimit() backported from 2.6.
+#
+diff -Nru a/fs/ntfs/debug.c b/fs/ntfs/debug.c
+--- a/fs/ntfs/debug.c	2005-02-15 12:38:26 -08:00
++++ b/fs/ntfs/debug.c	2005-02-15 12:38:26 -08:00
+@@ -25,6 +25,48 @@
+ #endif
+ 
+ #include "debug.h"
++#include <linux/sched.h>
++
++/* minimum time in jiffies between messages */
++int printk_ratelimit_jiffies = 5*HZ;
++
++/* number of messages we send before ratelimiting */
++int printk_ratelimit_burst = 10;
++
++/*
++ * printk rate limiting, lifted from the networking subsystem.
++ *
++ * This enforces a rate limit: not more than one kernel message
++ * every printk_ratelimit_jiffies to make a denial-of-service
++ * attack impossible.
++ */
++int printk_ratelimit(void)
++{
++	static spinlock_t ratelimit_lock = SPIN_LOCK_UNLOCKED;
++	static unsigned long toks = 10*5*HZ;
++	static unsigned long last_msg;
++	static int missed;
++	unsigned long flags;
++	unsigned long now = jiffies;
++
++	spin_lock_irqsave(&ratelimit_lock, flags);
++	toks += now - last_msg;
++	last_msg = now;
++	if (toks > (printk_ratelimit_burst * printk_ratelimit_jiffies))
++		toks = printk_ratelimit_burst * printk_ratelimit_jiffies;
++	if (toks >= printk_ratelimit_jiffies) {
++		int lost = missed;
++		missed = 0;
++		toks -= printk_ratelimit_jiffies;
++		spin_unlock_irqrestore(&ratelimit_lock, flags);
++		if (lost)
++			printk(KERN_WARNING "printk: %d messages suppressed.\n", lost);
++		return 1;
++	}
++	missed++;
++	spin_unlock_irqrestore(&ratelimit_lock, flags);
++	return 0;
++}
+ 
+ /*
+  * A static buffer to hold the error string being displayed and a spinlock
+@@ -53,6 +53,10 @@
+ 	va_list args;
+ 	int flen = 0;
+ 
++#ifndef DEBUG
++	if (!printk_ratelimit())
++		return;
++#endif
+ 	if (function)
+ 		flen = strlen(function);
+ 	spin_lock(&err_buf_lock);
+@@ -93,6 +97,10 @@
+ 	va_list args;
+ 	int flen = 0;
+ 
++#ifndef DEBUG
++	if (!printk_ratelimit())
++		return;
++#endif
+ 	if (function)
+ 		flen = strlen(function);
+ 	spin_lock(&err_buf_lock);
diff --git a/sys-kernel/gentoo-sources/ChangeLog b/sys-kernel/gentoo-sources/ChangeLog
index c226a65029ca..a86b82f72101 100644
--- a/sys-kernel/gentoo-sources/ChangeLog
+++ b/sys-kernel/gentoo-sources/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for sys-kernel/gentoo-sources
 # Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/gentoo-sources/ChangeLog,v 1.109 2005/02/17 18:12:51 plasmaroo Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/gentoo-sources/ChangeLog,v 1.110 2005/02/18 19:56:31 plasmaroo Exp $
+
+*gentoo-sources-2.4.28-r7 (18 Feb 2005)
+
+  18 Feb 2005; <plasmaroo@gentoo.org> -gentoo-sources-2.4.28-r6.ebuild,
+  +gentoo-sources-2.4.28-r7.ebuild, files/gentoo-sources-2.4.81106.patch:
+  Fix #81106 patch for 2.4; bug #82479.
 
 *gentoo-sources-2.4.20-r32 (17 Feb 2005)
 
diff --git a/sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.28-r6 b/sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.28-r7
index f231f9c88076..f231f9c88076 100644
--- a/sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.28-r6
+++ b/sys-kernel/gentoo-sources/files/digest-gentoo-sources-2.4.28-r7
diff --git a/sys-kernel/gentoo-sources/files/gentoo-sources-2.4.81106.patch b/sys-kernel/gentoo-sources/files/gentoo-sources-2.4.81106.patch
index 44abcbca1ac0..2cc0ab84ebb8 100644
--- a/sys-kernel/gentoo-sources/files/gentoo-sources-2.4.81106.patch
+++ b/sys-kernel/gentoo-sources/files/gentoo-sources-2.4.81106.patch
@@ -5,9 +5,60 @@
 #         attack.  Thanks to Carl-Daniel Hailfinger from SuSE for pointing this
 #         out.
 # 
+# <plasmaroo>: printk_ratelimit() backported from 2.6.
+#
 diff -Nru a/fs/ntfs/debug.c b/fs/ntfs/debug.c
 --- a/fs/ntfs/debug.c	2005-02-15 12:38:26 -08:00
 +++ b/fs/ntfs/debug.c	2005-02-15 12:38:26 -08:00
+@@ -25,6 +25,48 @@
+ #endif
+ 
+ #include "debug.h"
++#include <linux/sched.h>
++
++/* minimum time in jiffies between messages */
++int printk_ratelimit_jiffies = 5*HZ;
++
++/* number of messages we send before ratelimiting */
++int printk_ratelimit_burst = 10;
++
++/*
++ * printk rate limiting, lifted from the networking subsystem.
++ *
++ * This enforces a rate limit: not more than one kernel message
++ * every printk_ratelimit_jiffies to make a denial-of-service
++ * attack impossible.
++ */
++int printk_ratelimit(void)
++{
++	static spinlock_t ratelimit_lock = SPIN_LOCK_UNLOCKED;
++	static unsigned long toks = 10*5*HZ;
++	static unsigned long last_msg;
++	static int missed;
++	unsigned long flags;
++	unsigned long now = jiffies;
++
++	spin_lock_irqsave(&ratelimit_lock, flags);
++	toks += now - last_msg;
++	last_msg = now;
++	if (toks > (printk_ratelimit_burst * printk_ratelimit_jiffies))
++		toks = printk_ratelimit_burst * printk_ratelimit_jiffies;
++	if (toks >= printk_ratelimit_jiffies) {
++		int lost = missed;
++		missed = 0;
++		toks -= printk_ratelimit_jiffies;
++		spin_unlock_irqrestore(&ratelimit_lock, flags);
++		if (lost)
++			printk(KERN_WARNING "printk: %d messages suppressed.\n", lost);
++		return 1;
++	}
++	missed++;
++	spin_unlock_irqrestore(&ratelimit_lock, flags);
++	return 0;
++}
+ 
+ /*
+  * A static buffer to hold the error string being displayed and a spinlock
 @@ -53,6 +53,10 @@
  	va_list args;
  	int flen = 0;
diff --git a/sys-kernel/gentoo-sources/gentoo-sources-2.4.28-r6.ebuild b/sys-kernel/gentoo-sources/gentoo-sources-2.4.28-r7.ebuild
index cc86be50c41e..041126cf4ff5 100644
--- a/sys-kernel/gentoo-sources/gentoo-sources-2.4.28-r6.ebuild
+++ b/sys-kernel/gentoo-sources/gentoo-sources-2.4.28-r7.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2005 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/sys-kernel/gentoo-sources/gentoo-sources-2.4.28-r6.ebuild,v 1.1 2005/02/17 18:12:52 plasmaroo Exp $
+# $Header: /var/cvsroot/gentoo-x86/sys-kernel/gentoo-sources/gentoo-sources-2.4.28-r7.ebuild,v 1.1 2005/02/18 19:56:31 plasmaroo Exp $
 
 ETYPE="sources"
 inherit kernel-2
@@ -10,7 +10,7 @@ KEYWORDS="x86 -ppc"
 IUSE=''
 
 UNIPATCH_STRICTORDER='Y'
-UNIPATCH_LIST="${DISTDIR}/${PF/r6/r4}.tar.bz2
+UNIPATCH_LIST="${DISTDIR}/${PF/r7/r4}.tar.bz2
 	${DISTDIR}/ck-sources-${PV}-CAN-2004-0814.patch
 	${FILESDIR}/${PN}-2.4.cmdlineLeak.patch
 	${FILESDIR}/${PN}-2.4.vma.patch
@@ -27,5 +27,5 @@ UNIPATCH_LIST="${DISTDIR}/${PF/r6/r4}.tar.bz2
 	${FILESDIR}/${P}.arpFix.patch"
 
 DESCRIPTION="Full sources including the Gentoo patchset for the ${KV_MAJOR}.${KV_MINOR} kernel tree"
-SRC_URI="${KERNEL_URI} http://dev.gentoo.org/~plasmaroo/patches/kernel/gentoo-sources/${PF/r6/r4}.tar.bz2
+SRC_URI="${KERNEL_URI} http://dev.gentoo.org/~plasmaroo/patches/kernel/gentoo-sources/${PF/r7/r4}.tar.bz2
 	 http://dev.gentoo.org/~plasmaroo/patches/kernel/misc/security/ck-sources-${PV}-CAN-2004-0814.patch"
author	Tim Yamin <plasmaroo@gentoo.org>	2005-02-18 19:56:31 +0000
committer	Tim Yamin <plasmaroo@gentoo.org>	2005-02-18 19:56:31 +0000
commit	fd752915f7cfcfe0800ca864193692b3d2b967c1 (patch)
tree	079402a6b340368f15b142a418d1f84ce6191ef5
parent	Version bump. (diff)
download	historical-fd752915f7cfcfe0800ca864193692b3d2b967c1.tar.gz historical-fd752915f7cfcfe0800ca864193692b3d2b967c1.tar.bz2 historical-fd752915f7cfcfe0800ca864193692b3d2b967c1.zip