Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Linux 2.4.37.3

3 views
Skip to first unread message

Willy Tarreau

unread,
Jul 19, 2009, 7:49:36 PM7/19/09
to linux-...@vger.kernel.org

Linux 2.4.37.3 has just been released.

The main fixes are the addition of '-fno-delete-null-pointer-checks'
to gcc CFLAGS to prevent it from removing important checks and opening
security issues, and fixes to the r8169 driver in relation with
CVE-2009-1389. The rest are minor fixes for br2684, vlan and usb.

The addition of the gcc flag already revealed that it was previously
hiding a possible null dereference in journal.c (which is apparently
not the case, and 2.6 has removed the test). The rest of the code
needs to be compared with/without the option in order to track possible
dereference bugs hidden by default. The addition of this option will
not make the code more nor less stable, it just reduces the risk that
a bug normally causing an oops or panic would be maliciously exploited
to gain privileges.

The second major issue concerns the r8169 driver. Approximately one
month ago was revealed an issue with this driver, causing kernel
panics and possibly more if too large frames were sent to the chip
(CVE-2009-1389). 2.4 was not affected by the bug, but showed the
same symptoms. It turned out that there were multiple issues with
the setting of RX descriptors after reuse, and some recent 2.6
fixes allowing automatic recovery were missing. So after two long
days trying to figure out why that damn chip insisted in writing
more bytes than allowed (and crashing my box), I could spot and
fix the issues.

If there are 2.4 users with this cheap NIC, I strongly suggest that
they upgrade, especially if they're used to encounter freezes or
lack of network connectivity once in a while ; for others, well, do
not buy that NIC.

Last, while reviewing gcc flags, I might have found a solution to
make gcc 4.2 produce correct code on 2.4. There's nothing certain
yet, I still have to run a lot of tests. Volunteers are welcome,
as usual.

The patch and changelog will appear soon at the following locations:
ftp://ftp.kernel.org/pub/linux/kernel/v2.4/
ftp://ftp.kernel.org/pub/linux/kernel/v2.4/patch-2.4.37.3.bz2
ftp://ftp.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.37.3

Git repository:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-2.4.37.y.git
http://www.kernel.org/pub/scm/linux/kernel/git/stable/linux-2.4.37.y.git

Git repository through the gitweb interface:
http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.4.37.y.git

Willy
--

Summary of changes from v2.4.37.2 to v2.4.37.3
============================================

Arne Redlich (2):
vlan: Slab memleak fix
br2684: allocation out of atomic context

Eugene Teo (1):
Add '-fno-delete-null-pointer-checks' to gcc CFLAGS

Frank Seidel (1):
br2684: fix double freeing skb

Mario Witkowski (1):
usb: pr_debug ehci structure bug

Rudolf Svanda (1):
usb: Add support for Teac HD-35PU

Willy Tarreau (7):
r8169: fix erroneous receive packet size settings
r8169: reject fragmented frames to prevent panics with large frames
r8169: avoid rx descriptors leak when receiving erroneous frames
r8169: reset the chip on receive fifo overflows
r8169: rate-limit the messages displayed in interrupt context
lib: export memcmp for external modules to build with gcc 3.4
Change VERSION to 2.4.37.3

se...@us.ibm.com (1):
agp: remove uid comparison as security check

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majo...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Michael Tokarev

unread,
Jul 20, 2009, 3:48:14 AM7/20/09
to w...@1wt.eu, linux-...@vger.kernel.org
Willy Tarreau wrote:
> Linux 2.4.37.3 has just been released.
[]
> The second major issue concerns the r8169 driver. Approximately one
> month ago was revealed an issue with this driver, causing kernel
> panics and possibly more if too large frames were sent to the chip
> (CVE-2009-1389). 2.4 was not affected by the bug, but showed the
> same symptoms. It turned out that there were multiple issues with
> the setting of RX descriptors after reuse, and some recent 2.6
> fixes allowing automatic recovery were missing. So after two long
> days trying to figure out why that damn chip insisted in writing
> more bytes than allowed (and crashing my box), I could spot and
> fix the issues.
>
> If there are 2.4 users with this cheap NIC, I strongly suggest that
> they upgrade, especially if they're used to encounter freezes or
> lack of network connectivity once in a while ; for others, well, do
> not buy that NIC.

The thing is that this very nic is used on-board on vast majority of
mainboards, at least in cheap- to mid-range price, for amd and intel
processors. Also many notebooks use this chip series. Several months
ago I were shopping for a mainboard with certain characteristics (I
needed 3 PCI ports and a way to plug some monitor, and support for 4
ECC DIMMs and recent Phenom processors) - it was difficult to find such
a combination alone, without additional constrains for !r8169 chip
(I finally bought Asus M3A-H/HDMI mobo with atl1 NIC, just by a chance).

/mjt

Willy Tarreau

unread,
Jul 20, 2009, 5:31:50 AM7/20/09
to Michael Tokarev, linux-...@vger.kernel.org

Yes I know that too. It took me some time to try to find a mainboard
without this chip. Gigabyte puts it everywhere, which is the *only*
reason I avoid their mainboards, which I find nice and reliable otherwise.
It's not acceptable to have such a crap on a $200 mainboard, that's not
the proper way to kill costs, as it costs one PCIe slot for the end user
to have decent network connectivity.

Fortunately we don't find it in servers, but it's often seen on low-end
embedded mainboards which have upgraded from 10/100 (8139) to 1000 (8169).

Willy

0 new messages