dbp/linamh
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add win4lin

Browse Source
This commit is contained in:
Mario Fetka
2022-11-19 21:49:12 +01:00
parent 1bf994041f
commit dcd0ea6843
77 changed files with 3687 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
sys-kernel/win4lin-sources/files/digest-win4lin-sources-2.4.26-r6 Normal file
View File

@@ -0,0 +1,4 @@
MD5 88d7aefa03c92739cb70298a0b486e2c linux-2.4.26.tar.bz2 30772389
MD5 32e4cda45fa0f090dffa157bc4504a4e mki-adapter.patch 181483
MD5 e9bc95992e489a3f54aabef100e13fcf Kernel-Win4Lin3-2.4.26.patch 23600
MD5 8f8f2412aacf9a01b5549bf2a9a3bff8 linux-2.4.26-CAN-2004-0415.patch 90145

4
sys-kernel/win4lin-sources/files/digest-win4lin-sources-2.6.7-r6 Normal file
View File

@@ -0,0 +1,4 @@
MD5 a74671ea68b0e3c609e8785ed8497c14 linux-2.6.7.tar.bz2 35092228
MD5 45347c8bd1a1c791e9a12d1e09162f33 mki-adapter26_1_3_6.patch 127032
MD5 e5b7ca075f0281509442913cbd09ca26 Kernel-Win4Lin3-2.6.7.patch 26620
MD5 52996b643afbd6ed9ba38b9483c2cac3 linux-2.6.7-CAN-2004-0415.patch 112612

11
sys-kernel/win4lin-sources/files/win4lin-sources-2.4.26.CAN-2004-0394.patch Normal file
View File

@@ -0,0 +1,11 @@
--- linux-2.4.22-oM3-orig/kernel/panic.c Tue Mar 30 15:37:18 2004
+++ linux-2.4.22-oM3-mod/kernel/panic.c Mon May 17 18:44:01 2004
@@ -51,7 +51,7 @@
bust_spinlocks(1);
va_start(args, fmt);
- vsprintf(buf, fmt, args);
+ vsnprintf(buf, sizeof(buf), fmt, args);
va_end(args);
printk(KERN_EMERG "Kernel panic: %s\n",buf);
if (in_interrupt())

655
sys-kernel/win4lin-sources/files/win4lin-sources-2.4.26.CAN-2004-0495.patch Normal file
View File

@@ -0,0 +1,655 @@
--- linux/net/decnet/dn_dev.c.bak Wed Jun 16 14:42:24 2004
+++ linux/net/decnet/dn_dev.c Wed Jun 16 14:42:34 2004
@@ -1070,31 +1070,39 @@ int dnet_gifconf(struct net_device *dev,
{
struct dn_dev *dn_db = (struct dn_dev *)dev->dn_ptr;
struct dn_ifaddr *ifa;
- struct ifreq *ifr = (struct ifreq *)buf;
+ char buffer[DN_IFREQ_SIZE];
+ struct ifreq *ifr = (struct ifreq *)buffer;
+ struct sockaddr_dn *addr = (struct sockaddr_dn *)&ifr->ifr_addr;
int done = 0;
if ((dn_db == NULL) || ((ifa = dn_db->ifa_list) == NULL))
return 0;
for(; ifa; ifa = ifa->ifa_next) {
- if (!ifr) {
+ if (!buf) {
done += sizeof(DN_IFREQ_SIZE);
continue;
}
if (len < DN_IFREQ_SIZE)
return done;
- memset(ifr, 0, DN_IFREQ_SIZE);
+ memset(buffer, 0, DN_IFREQ_SIZE);
if (ifa->ifa_label)
strcpy(ifr->ifr_name, ifa->ifa_label);
else
strcpy(ifr->ifr_name, dev->name);
- (*(struct sockaddr_dn *) &ifr->ifr_addr).sdn_family = AF_DECnet;
- (*(struct sockaddr_dn *) &ifr->ifr_addr).sdn_add.a_len = 2;
- (*(dn_address *)(*(struct sockaddr_dn *) &ifr->ifr_addr).sdn_add.a_addr) = ifa->ifa_local;
+ addr->sdn_family = AF_DECnet;
+ addr->sdn_add.a_len = 2;
+ memcpy(addr->sdn_add.a_addr, &ifa->ifa_local,
+ sizeof(dn_address));
- ifr = (struct ifreq *)((char *)ifr + DN_IFREQ_SIZE);
+ if (copy_to_user(buf, buffer, DN_IFREQ_SIZE)) {
+ done = -EFAULT;
+ break;
+ }
+
+ buf += DN_IFREQ_SIZE;
len -= DN_IFREQ_SIZE;
done += DN_IFREQ_SIZE;
}
--- linux-2.4.21/drivers/net/wireless/airo.c 2003-06-13 15:51:35.000000000 +0100
+++ linux-2.4.21/drivers/net/wireless/airo.c.plasmaroo 2004-06-24 11:09:08.260352168 +0100
@@ -3012,19 +3012,22 @@
size_t len,
loff_t *offset )
{
- int i;
- int pos;
+ loff_t pos = *offset;
struct proc_data *priv = (struct proc_data*)file->private_data;
- if( !priv->rbuffer ) return -EINVAL;
+ if (!priv->rbuffer)
+ return -EINVAL;
- pos = *offset;
- for( i = 0; i+pos < priv->readlen && i < len; i++ ) {
- if (put_user( priv->rbuffer[i+pos], buffer+i ))
- return -EFAULT;
- }
- *offset += i;
- return i;
+ if (pos < 0)
+ return -EINVAL;
+ if (pos >= priv->readlen)
+ return 0;
+ if (len > priv->readlen - pos)
+ len = priv->readlen - pos;
+ if (copy_to_user(buffer, priv->rbuffer + pos, len))
+ return -EFAULT;
+ *offset = pos + len;
+ return len;
}
/*
@@ -3036,24 +3039,24 @@
size_t len,
loff_t *offset )
{
- int i;
- int pos;
+ loff_t pos = *offset;
struct proc_data *priv = (struct proc_data*)file->private_data;
- if ( !priv->wbuffer ) {
+ if (!priv->wbuffer)
return -EINVAL;
- }
-
- pos = *offset;
- for( i = 0; i + pos < priv->maxwritelen &&
- i < len; i++ ) {
- if (get_user( priv->wbuffer[i+pos], buffer + i ))
- return -EFAULT;
- }
- if ( i+pos > priv->writelen ) priv->writelen = i+file->f_pos;
- *offset += i;
- return i;
+ if (pos < 0)
+ return -EINVAL;
+ if (pos >= priv->maxwritelen)
+ return 0;
+ if (len > priv->maxwritelen - pos)
+ len = priv->maxwritelen - pos;
+ if (copy_from_user(priv->wbuffer + pos, buffer, len))
+ return -EFAULT;
+ if (pos + len > priv->writelen)
+ priv->writelen = pos + len;
+ *offset = pos + len;
+ return len;
}
static int proc_status_open( struct inode *inode, struct file *file ) {
--- linux/drivers/sound/mpu401.c.bak Wed Jun 16 14:42:24 2004
+++ linux/drivers/sound/mpu401.c Wed Jun 16 14:42:34 2004
@@ -1493,14 +1493,16 @@ static unsigned long mpu_timer_get_time(
static int mpu_timer_ioctl(int dev, unsigned int command, caddr_t arg)
{
int midi_dev = sound_timer_devs[dev]->devlink;
+ int *p = (int *)arg;
switch (command)
{
case SNDCTL_TMR_SOURCE:
{
int parm;
-
- parm = *(int *) arg;
+
+ if (get_user(parm, p))
+ return -EFAULT;
parm &= timer_caps;
if (parm != 0)
@@ -1512,7 +1514,9 @@ static int mpu_timer_ioctl(int dev, unsi
else if (timer_mode & TMR_MODE_SMPTE)
mpu_cmd(midi_dev, 0x3d, 0); /* Use SMPTE sync */
}
- return (*(int *) arg = timer_mode);
+ if (put_user(timer_mode, p))
+ return -EFAULT;
+ return timer_mode;
}
break;
@@ -1537,10 +1541,13 @@ static int mpu_timer_ioctl(int dev, unsi
{
int val;
- val = *(int *) arg;
+ if (get_user(val, p))
+ return -EFAULT;
if (val)
set_timebase(midi_dev, val);
- return (*(int *) arg = curr_timebase);
+ if (put_user(curr_timebase, p))
+ return -EFAULT;
+ return curr_timebase;
}
break;
@@ -1549,7 +1556,8 @@ static int mpu_timer_ioctl(int dev, unsi
int val;
int ret;
- val = *(int *) arg;
+ if (get_user(val, p))
+ return -EFAULT;
if (val)
{
@@ -1564,7 +1572,9 @@ static int mpu_timer_ioctl(int dev, unsi
}
curr_tempo = val;
}
- return (*(int *) arg = curr_tempo);
+ if (put_user(curr_tempo, p))
+ return -EFAULT;
+ return curr_tempo;
}
break;
@@ -1572,18 +1582,25 @@ static int mpu_timer_ioctl(int dev, unsi
{
int val;
- val = *(int *) arg;
+ if (get_user(val, p))
+ return -EFAULT;
if (val != 0) /* Can't change */
return -EINVAL;
- return (*(int *) arg = ((curr_tempo * curr_timebase) + 30) / 60);
+ val = (curr_tempo * curr_timebase + 30) / 60;
+ if (put_user(val, p))
+ return -EFAULT;
+ return val;
}
break;
case SNDCTL_SEQ_GETTIME:
- return (*(int *) arg = curr_ticks);
+ if (put_user(curr_ticks, p))
+ return -EFAULT;
+ return curr_ticks;
case SNDCTL_TMR_METRONOME:
- metronome_mode = *(int *) arg;
+ if (get_user(metronome_mode, p))
+ return -EFAULT;
setup_metronome(midi_dev);
return 0;
--- linux/drivers/sound/msnd.c.bak Wed Jun 16 14:42:24 2004
+++ linux/drivers/sound/msnd.c Wed Jun 16 14:42:34 2004
@@ -155,13 +155,10 @@ void msnd_fifo_make_empty(msnd_fifo *f)
f->len = f->tail = f->head = 0;
}
-int msnd_fifo_write(msnd_fifo *f, const char *buf, size_t len, int user)
+int msnd_fifo_write(msnd_fifo *f, const char *buf, size_t len)
{
int count = 0;
- if (f->len == f->n)
- return 0;
-
while ((count < len) && (f->len != f->n)) {
int nwritten;
@@ -177,11 +174,7 @@ int msnd_fifo_write(msnd_fifo *f, const
nwritten = len - count;
}
- if (user) {
- if (copy_from_user(f->data + f->tail, buf, nwritten))
- return -EFAULT;
- } else
- isa_memcpy_fromio(f->data + f->tail, (unsigned long) buf, nwritten);
+ isa_memcpy_fromio(f->data + f->tail, (unsigned long) buf, nwritten);
count += nwritten;
buf += nwritten;
@@ -193,13 +186,10 @@ int msnd_fifo_write(msnd_fifo *f, const
return count;
}
-int msnd_fifo_read(msnd_fifo *f, char *buf, size_t len, int user)
+int msnd_fifo_read(msnd_fifo *f, char *buf, size_t len)
{
int count = 0;
- if (f->len == 0)
- return f->len;
-
while ((count < len) && (f->len > 0)) {
int nread;
@@ -215,11 +205,7 @@ int msnd_fifo_read(msnd_fifo *f, char *b
nread = len - count;
}
- if (user) {
- if (copy_to_user(buf, f->data + f->head, nread))
- return -EFAULT;
- } else
- isa_memcpy_toio((unsigned long) buf, f->data + f->head, nread);
+ isa_memcpy_toio((unsigned long) buf, f->data + f->head, nread);
count += nread;
buf += nread;
--- linux/drivers/sound/msnd.h.bak Wed Jun 16 14:42:24 2004
+++ linux/drivers/sound/msnd.h Wed Jun 16 14:42:34 2004
@@ -266,8 +266,8 @@ void msnd_fifo_init(msnd_fifo *f);
void msnd_fifo_free(msnd_fifo *f);
int msnd_fifo_alloc(msnd_fifo *f, size_t n);
void msnd_fifo_make_empty(msnd_fifo *f);
-int msnd_fifo_write(msnd_fifo *f, const char *buf, size_t len, int user);
-int msnd_fifo_read(msnd_fifo *f, char *buf, size_t len, int user);
+int msnd_fifo_write(msnd_fifo *f, const char *buf, size_t len);
+int msnd_fifo_read(msnd_fifo *f, char *buf, size_t len);
int msnd_wait_TXDE(multisound_dev_t *dev);
int msnd_wait_HC0(multisound_dev_t *dev);
--- linux/drivers/sound/msnd_pinnacle.c.bak Wed Jun 16 14:42:24 2004
+++ linux/drivers/sound/msnd_pinnacle.c Wed Jun 16 14:42:34 2004
@@ -804,7 +804,7 @@ static int dev_release(struct inode *ino
static __inline__ int pack_DARQ_to_DARF(register int bank)
{
- register int size, n, timeout = 3;
+ register int size, timeout = 3;
register WORD wTmp;
LPDAQD DAQD;
@@ -825,13 +825,10 @@ static __inline__ int pack_DARQ_to_DARF(
/* Read data from the head (unprotected bank 1 access okay
since this is only called inside an interrupt) */
outb(HPBLKSEL_1, dev.io + HP_BLKS);
- if ((n = msnd_fifo_write(
+ msnd_fifo_write(
&dev.DARF,
(char *)(dev.base + bank * DAR_BUFF_SIZE),
- size, 0)) <= 0) {
- outb(HPBLKSEL_0, dev.io + HP_BLKS);
- return n;
- }
+ size);
outb(HPBLKSEL_0, dev.io + HP_BLKS);
return 1;
@@ -853,21 +850,16 @@ static __inline__ int pack_DAPF_to_DAPQ(
if (protect) {
/* Critical section: protect fifo in non-interrupt */
spin_lock_irqsave(&dev.lock, flags);
- if ((n = msnd_fifo_read(
+ n = msnd_fifo_read(
&dev.DAPF,
(char *)(dev.base + bank_num * DAP_BUFF_SIZE),
- DAP_BUFF_SIZE, 0)) < 0) {
- spin_unlock_irqrestore(&dev.lock, flags);
- return n;
- }
+ DAP_BUFF_SIZE);
spin_unlock_irqrestore(&dev.lock, flags);
} else {
- if ((n = msnd_fifo_read(
+ n = msnd_fifo_read(
&dev.DAPF,
(char *)(dev.base + bank_num * DAP_BUFF_SIZE),
- DAP_BUFF_SIZE, 0)) < 0) {
- return n;
- }
+ DAP_BUFF_SIZE);
}
if (!n)
break;
@@ -894,30 +886,43 @@ static __inline__ int pack_DAPF_to_DAPQ(
static int dsp_read(char *buf, size_t len)
{
int count = len;
+ char *page = (char *)__get_free_page(PAGE_SIZE);
+
+ if (!page)
+ return -ENOMEM;
while (count > 0) {
- int n;
+ int n, k;
unsigned long flags;
+ k = PAGE_SIZE;
+ if (k > count)
+ k = count;
+
/* Critical section: protect fifo in non-interrupt */
spin_lock_irqsave(&dev.lock, flags);
- if ((n = msnd_fifo_read(&dev.DARF, buf, count, 1)) < 0) {
- printk(KERN_WARNING LOGNAME ": FIFO read error\n");
- spin_unlock_irqrestore(&dev.lock, flags);
- return n;
- }
+ n = msnd_fifo_read(&dev.DARF, page, k);
spin_unlock_irqrestore(&dev.lock, flags);
+ if (copy_to_user(buf, page, n)) {
+ free_page((unsigned long)page);
+ return -EFAULT;
+ }
buf += n;
count -= n;
+ if (n == k && count)
+ continue;
+
if (!test_bit(F_READING, &dev.flags) && dev.mode & FMODE_READ) {
dev.last_recbank = -1;
if (chk_send_dsp_cmd(&dev, HDEX_RECORD_START) == 0)
set_bit(F_READING, &dev.flags);
}
- if (dev.rec_ndelay)
+ if (dev.rec_ndelay) {
+ free_page((unsigned long)page);
return count == len ? -EAGAIN : len - count;
+ }
if (count > 0) {
set_bit(F_READBLOCK, &dev.flags);
@@ -926,41 +931,57 @@ static int dsp_read(char *buf, size_t le
get_rec_delay_jiffies(DAR_BUFF_SIZE)))
clear_bit(F_READING, &dev.flags);
clear_bit(F_READBLOCK, &dev.flags);
- if (signal_pending(current))
+ if (signal_pending(current)) {
+ free_page((unsigned long)page);
return -EINTR;
+ }
}
}
-
+ free_page((unsigned long)page);
return len - count;
}
static int dsp_write(const char *buf, size_t len)
{
int count = len;
+ char *page = (char *)__get_free_page(GFP_KERNEL);
+
+ if (!page)
+ return -ENOMEM;
while (count > 0) {
- int n;
+ int n, k;
unsigned long flags;
+ k = PAGE_SIZE;
+ if (k > count)
+ k = count;
+
+ if (copy_from_user(page, buf, k)) {
+ free_page((unsigned long)page);
+ return -EFAULT;
+ }
+
/* Critical section: protect fifo in non-interrupt */
spin_lock_irqsave(&dev.lock, flags);
- if ((n = msnd_fifo_write(&dev.DAPF, buf, count, 1)) < 0) {
- printk(KERN_WARNING LOGNAME ": FIFO write error\n");
- spin_unlock_irqrestore(&dev.lock, flags);
- return n;
- }
+ n = msnd_fifo_write(&dev.DAPF, page, k);
spin_unlock_irqrestore(&dev.lock, flags);
buf += n;
count -= n;
+ if (count && n == k)
+ continue;
+
if (!test_bit(F_WRITING, &dev.flags) && (dev.mode & FMODE_WRITE)) {
dev.last_playbank = -1;
if (pack_DAPF_to_DAPQ(1) > 0)
set_bit(F_WRITING, &dev.flags);
}
- if (dev.play_ndelay)
+ if (dev.play_ndelay) {
+ free_page((unsigned long)page);
return count == len ? -EAGAIN : len - count;
+ }
if (count > 0) {
set_bit(F_WRITEBLOCK, &dev.flags);
@@ -968,11 +989,14 @@ static int dsp_write(const char *buf, si
&dev.writeblock,
get_play_delay_jiffies(DAP_BUFF_SIZE));
clear_bit(F_WRITEBLOCK, &dev.flags);
- if (signal_pending(current))
+ if (signal_pending(current)) {
+ free_page((unsigned long)page);
return -EINTR;
+ }
}
}
+ free_page((unsigned long)page);
return len - count;
}
--- linux/drivers/sound/pss.c.bak Wed Jun 16 14:42:24 2004
+++ linux/drivers/sound/pss.c Wed Jun 16 14:42:34 2004
@@ -450,20 +450,36 @@ static void pss_mixer_reset(pss_confdata
}
}
-static void arg_to_volume_mono(unsigned int volume, int *aleft)
+static int set_volume_mono(caddr_t p, int *aleft)
{
int left;
+ unsigned volume;
+ if (get_user(volume, (unsigned *)p))
+ return -EFAULT;
- left = volume & 0x00ff;
+ left = volume & 0xff;
if (left > 100)
left = 100;
*aleft = left;
+ return 0;
}
-static void arg_to_volume_stereo(unsigned int volume, int *aleft, int *aright)
+static int set_volume_stereo(caddr_t p, int *aleft, int *aright)
{
- arg_to_volume_mono(volume, aleft);
- arg_to_volume_mono(volume >> 8, aright);
+ int left, right;
+ unsigned volume;
+ if (get_user(volume, (unsigned *)p))
+ return -EFAULT;
+
+ left = volume & 0xff;
+ if (left > 100)
+ left = 100;
+ right = (volume >> 8) & 0xff;
+ if (right > 100)
+ right = 100;
+ *aleft = left;
+ *aright = right;
+ return 0;
}
static int ret_vol_mono(int left)
@@ -510,33 +526,38 @@ static int pss_mixer_ioctl (int dev, uns
return call_ad_mixer(devc, cmd, arg);
else
{
- if (*(int *)arg != 0)
+ int v;
+ if (get_user(v, (int *)arg))
+ return -EFAULT;
+ if (v != 0)
return -EINVAL;
return 0;
}
case SOUND_MIXER_VOLUME:
- arg_to_volume_stereo(*(unsigned int *)arg, &devc->mixer.volume_l,
- &devc->mixer.volume_r);
+ if (set_volume_stereo(arg,
+ &devc->mixer.volume_l,
+ &devc->mixer.volume_r))
+ return -EFAULT;
set_master_volume(devc, devc->mixer.volume_l,
devc->mixer.volume_r);
return ret_vol_stereo(devc->mixer.volume_l,
devc->mixer.volume_r);
case SOUND_MIXER_BASS:
- arg_to_volume_mono(*(unsigned int *)arg,
- &devc->mixer.bass);
+ if (set_volume_mono(arg, &devc->mixer.bass))
+ return -EFAULT;
set_bass(devc, devc->mixer.bass);
return ret_vol_mono(devc->mixer.bass);
case SOUND_MIXER_TREBLE:
- arg_to_volume_mono(*(unsigned int *)arg,
- &devc->mixer.treble);
+ if (set_volume_mono(arg, &devc->mixer.treble))
+ return -EFAULT;
set_treble(devc, devc->mixer.treble);
return ret_vol_mono(devc->mixer.treble);
case SOUND_MIXER_SYNTH:
- arg_to_volume_mono(*(unsigned int *)arg,
- &devc->mixer.synth);
+ if (set_volume_mono(arg, &devc->mixer.synth))
+ return -EFAULT;
set_synth_volume(devc, devc->mixer.synth);
return ret_vol_mono(devc->mixer.synth);
@@ -546,54 +567,67 @@ static int pss_mixer_ioctl (int dev, uns
}
else
{
+ int val, and_mask = 0, or_mask = 0;
/*
* Return parameters
*/
switch (cmdf)
{
-
case SOUND_MIXER_DEVMASK:
if (call_ad_mixer(devc, cmd, arg) == -EINVAL)
- *(int *)arg = 0; /* no mixer devices */
- return (*(int *)arg |= SOUND_MASK_VOLUME | SOUND_MASK_BASS | SOUND_MASK_TREBLE | SOUND_MASK_SYNTH);
+ break;
+ and_mask = ~0;
+ or_mask = SOUND_MASK_VOLUME | SOUND_MASK_BASS | SOUND_MASK_TREBLE | SOUND_MASK_SYNTH;
+ break;
case SOUND_MIXER_STEREODEVS:
if (call_ad_mixer(devc, cmd, arg) == -EINVAL)
- *(int *)arg = 0; /* no stereo devices */
- return (*(int *)arg |= SOUND_MASK_VOLUME);
+ break;
+ and_mask = ~0;
+ or_mask = SOUND_MASK_VOLUME;
+ break;
case SOUND_MIXER_RECMASK:
if (devc->ad_mixer_dev != NO_WSS_MIXER)
return call_ad_mixer(devc, cmd, arg);
- else
- return (*(int *)arg = 0); /* no record devices */
+ break;
case SOUND_MIXER_CAPS:
if (devc->ad_mixer_dev != NO_WSS_MIXER)
return call_ad_mixer(devc, cmd, arg);
- else
- return (*(int *)arg = SOUND_CAP_EXCL_INPUT);
+ or_mask = SOUND_CAP_EXCL_INPUT;
+ break;
case SOUND_MIXER_RECSRC:
if (devc->ad_mixer_dev != NO_WSS_MIXER)
return call_ad_mixer(devc, cmd, arg);
- else
- return (*(int *)arg = 0); /* no record source */
+ break;
case SOUND_MIXER_VOLUME:
- return (*(int *)arg = ret_vol_stereo(devc->mixer.volume_l, devc->mixer.volume_r));
+ or_mask = ret_vol_stereo(devc->mixer.volume_l, devc->mixer.volume_r);
+ break;
case SOUND_MIXER_BASS:
- return (*(int *)arg = ret_vol_mono(devc->mixer.bass));
+ or_mask = ret_vol_mono(devc->mixer.bass);
+ break;
case SOUND_MIXER_TREBLE:
- return (*(int *)arg = ret_vol_mono(devc->mixer.treble));
+ or_mask = ret_vol_mono(devc->mixer.treble);
+ break;
case SOUND_MIXER_SYNTH:
- return (*(int *)arg = ret_vol_mono(devc->mixer.synth));
+ or_mask = ret_vol_mono(devc->mixer.synth);
+ break;
default:
return -EINVAL;
}
+ if (get_user(val, (int *)arg))
+ return -EFAULT;
+ val &= and_mask;
+ val |= or_mask;
+ if (put_user(val, (int *)arg))
+ return -EFAULT;
+ return val;
}
}

12
sys-kernel/win4lin-sources/files/win4lin-sources-2.4.26.CAN-2004-0535.patch Normal file
View File

@@ -0,0 +1,12 @@
--- drivers/net/e1000/e1000_ethtool.c 2003-06-13 15:51:34.000000000 +0100
+++ drivers/net/e1000/e1000_ethtool.c.plasmaroo 2004-06-24 11:23:32.524963976 +0100
@@ -468,6 +468,9 @@
if(copy_from_user(&regs, addr, sizeof(regs)))
return -EFAULT;
+ memset(regs_buff, 0, sizeof(regs_buff));
+ if (regs.len > E1000_REGS_LEN)
+ regs.len = E1000_REGS_LEN;
e1000_ethtool_gregs(adapter, &regs, regs_buff);
if(copy_to_user(addr, &regs, sizeof(regs)))
return -EFAULT;

83
sys-kernel/win4lin-sources/files/win4lin-sources-2.4.26.CAN-2004-0685.patch Normal file
View File

@@ -0,0 +1,83 @@
# This is a BitKeeper generated diff -Nru style patch.
#
# ChangeSet
# 2004/07/26 19:14:16-03:00 mjc@redhat.com
# [PATCH] USB: more sparse fixes
#
# Back in October 2003 Arnaldo commited some fixes prior to 2.6 for some leaking info to userspace in the
# usb drivers:
# http://linux.bkbits.net:8080/linux-2.6/cset@3f986b35LyBKc-OxB8G6k22oOjgYTQ
#
# The corresponding changes have not been commited to 2.4, or included in
# the previous sparse fixes.
#
# drivers/usb/audio.c
# 2004/07/15 08:46:52-03:00 mjc@redhat.com +4 -0
# USB: more sparse fixes
#
# drivers/usb/brlvger.c
# 2004/07/15 08:47:27-03:00 mjc@redhat.com +1 -0
# USB: more sparse fixes
#
# drivers/usb/serial/io_edgeport.c
# 2004/07/15 08:48:06-03:00 mjc@redhat.com +1 -0
# USB: more sparse fixes
#
# drivers/usb/vicam.c
# 2004/07/15 08:47:13-03:00 mjc@redhat.com +1 -0
# USB: more sparse fixes
#
diff -Nru a/drivers/usb/audio.c b/drivers/usb/audio.c
--- a/drivers/usb/audio.c 2004-08-08 07:41:30 -07:00
+++ b/drivers/usb/audio.c 2004-08-08 07:41:30 -07:00
@@ -2141,6 +2141,8 @@
if (cmd == SOUND_MIXER_INFO) {
mixer_info info;
+
+ memset(&info, 0, sizeof(info));
strncpy(info.id, "USB_AUDIO", sizeof(info.id));
strncpy(info.name, "USB Audio Class Driver", sizeof(info.name));
info.modify_counter = ms->modcnt;
@@ -2150,6 +2152,8 @@
}
if (cmd == SOUND_OLD_MIXER_INFO) {
_old_mixer_info info;
+
+ memset(&info, 0, sizeof(info));
strncpy(info.id, "USB_AUDIO", sizeof(info.id));
strncpy(info.name, "USB Audio Class Driver", sizeof(info.name));
if (copy_to_user((void *)arg, &info, sizeof(info)))
diff -Nru a/drivers/usb/brlvger.c b/drivers/usb/brlvger.c
--- a/drivers/usb/brlvger.c 2004-08-08 07:41:30 -07:00
+++ b/drivers/usb/brlvger.c 2004-08-08 07:41:30 -07:00
@@ -743,6 +743,7 @@
case BRLVGER_GET_INFO: {
struct brlvger_info vi;
+ memset(&vi, 0, sizeof(vi));
strncpy(vi.driver_version, DRIVER_VERSION,
sizeof(vi.driver_version));
vi.driver_version[sizeof(vi.driver_version)-1] = 0;
diff -Nru a/drivers/usb/serial/io_edgeport.c b/drivers/usb/serial/io_edgeport.c
--- a/drivers/usb/serial/io_edgeport.c 2004-08-08 07:41:30 -07:00
+++ b/drivers/usb/serial/io_edgeport.c 2004-08-08 07:41:30 -07:00
@@ -1913,6 +1913,7 @@
case TIOCGICOUNT:
cnow = edge_port->icount;
+ memset(&icount, 0, sizeof(icount));
icount.cts = cnow.cts;
icount.dsr = cnow.dsr;
icount.rng = cnow.rng;
diff -Nru a/drivers/usb/vicam.c b/drivers/usb/vicam.c
--- a/drivers/usb/vicam.c 2004-08-08 07:41:30 -07:00
+++ b/drivers/usb/vicam.c 2004-08-08 07:41:30 -07:00
@@ -481,6 +481,7 @@
struct video_capability b;
DBG("VIDIOCGCAP\n");
+ memset(&b, 0, sizeof(b));
strcpy(b.name, "ViCam-based Camera");
b.type = VID_TYPE_CAPTURE;
b.channels = 1;

11
sys-kernel/win4lin-sources/files/win4lin-sources-2.4.26.FPULockup-53804.patch Normal file
View File

@@ -0,0 +1,11 @@
--- linux-2.4/include/asm-i386/i387.h 2004-06-13 20:06:05.044881328 +0100
+++ linux-2.4/include/asm-i386/i387.h 2004-06-13 20:25:42.836829736 +0100
@@ -34,7 +34,7 @@
#define clear_fpu( tsk ) do { \
if ( tsk->flags & PF_USEDFPU ) { \
- asm volatile("fwait"); \
+ asm volatile("fnclex ; fwait"); \
tsk->flags &= ~PF_USEDFPU; \
stts(); \
} \

11
sys-kernel/win4lin-sources/files/win4lin-sources-2.4.26.cmdlineLeak.patch Normal file
View File

@@ -0,0 +1,11 @@
--- linux-2.4/fs/proc/base.c 2004-04-15 07:09:32.000000000 +0100
+++ linux-2.4/fs/proc/base.c.plasmaroo 2004-08-09 23:30:43.869195800 +0100
@@ -187,7 +187,7 @@ static int proc_pid_cmdline(struct task_
if (mm)
atomic_inc(&mm->mm_users);
task_unlock(task);
- if (mm) {
+ if (mm && mm->arg_end) {
int len = mm->arg_end - mm->arg_start;
if (len > PAGE_SIZE)
len = PAGE_SIZE;

24
sys-kernel/win4lin-sources/files/win4lin-sources-2.6.6.FPULockup-53804.patch Normal file
View File

@@ -0,0 +1,24 @@
diff -Nru a/include/asm-i386/i387.h b/include/asm-i386/i387.h
--- a/include/asm-i386/i387.h 2004-05-06 12:26:10 -07:00
+++ b/include/asm-i386/i387.h 2004-06-12 19:12:23 -07:00
@@ -51,7 +51,7 @@
#define __clear_fpu( tsk ) \
do { \
if ((tsk)->thread_info->status & TS_USEDFPU) { \
- asm volatile("fwait"); \
+ asm volatile("fnclex ; fwait"); \
(tsk)->thread_info->status &= ~TS_USEDFPU; \
stts(); \
} \
diff -Nru a/include/asm-x86_64/i387.h b/include/asm-x86_64/i387.h
--- a/include/asm-x86_64/i387.h 2004-06-13 20:43:56.742530792 +0100
+++ a/include/asm-x86_64/i387.h 2004-06-13 20:42:59.200278544 +0100
@@ -46,7 +46,7 @@
#define clear_fpu(tsk) do { \
if ((tsk)->thread_info->status & TS_USEDFPU) { \
- asm volatile("fwait"); \
+ asm volatile("fnclex; fwait"); \
(tsk)->thread_info->status &= ~TS_USEDFPU; \
stts(); \
} \

46
sys-kernel/win4lin-sources/files/win4lin-sources-2.6.CAN-2004-0596.patch Normal file
View File

@@ -0,0 +1,46 @@
--- 1.13/drivers/net/eql.c 2004-07-21 03:13:40 -07:00
+++ 1.14/drivers/net/eql.c 2004-07-21 03:13:40 -07:00
@@ -495,6 +495,8 @@
return -EFAULT;
slave_dev = dev_get_by_name(sc.slave_name);
+ if (!slave_dev)
+ return -ENODEV;
ret = -EINVAL;
@@ -527,11 +529,13 @@
if (copy_from_user(&sc, scp, sizeof (slave_config_t)))
return -EFAULT;
- eql = dev->priv;
slave_dev = dev_get_by_name(sc.slave_name);
+ if (!slave_dev)
+ return -ENODEV;
ret = -EINVAL;
+ eql = dev->priv;
spin_lock_bh(&eql->queue.lock);
if (eql_is_slave(slave_dev)) {
slave = __eql_find_slave_dev(&eql->queue, slave_dev);
--- 1.14/drivers/net/eql.c 2004-07-21 03:13:33 -07:00
+++ 1.15/drivers/net/eql.c 2004-07-21 03:13:33 -07:00
@@ -499,6 +499,8 @@
return -ENODEV;
ret = -EINVAL;
+ if (!slave_dev)
+ return ret;
spin_lock_bh(&eql->queue.lock);
if (eql_is_slave(slave_dev)) {
@@ -534,6 +536,8 @@
return -ENODEV;
ret = -EINVAL;
+ if (!slave_dev)
+ return ret;
eql = dev->priv;
spin_lock_bh(&eql->queue.lock);

43
sys-kernel/win4lin-sources/files/win4lin-sources-2.6.CAN-2004-0816.patch Normal file
View File

@@ -0,0 +1,43 @@
Subject: Prevent ICMP crash in netfilter logging
From: Olaf Kirch <okir@suse.de>
References: 46016
This patch fixes a remotely triggerable crash in the netfilter code
when looking at ICMP unreachables. It dies when trying to copy
BIGNUM bytes...
Index: linux-2.6.5/net/ipv4/netfilter/ipt_LOG.c
===================================================================
--- linux-2.6.5.orig/net/ipv4/netfilter/ipt_LOG.c 2004-02-19 11:36:37.000000000 +0100
+++ linux-2.6.5/net/ipv4/netfilter/ipt_LOG.c 2004-09-24 15:48:54.000000000 +0200
@@ -71,7 +71,7 @@
printk("FRAG:%u ", ntohs(iph.frag_off) & IP_OFFSET);
if ((info->logflags & IPT_LOG_IPOPT)
- && iph.ihl * 4 != sizeof(struct iphdr)) {
+ && iph.ihl * 4 > sizeof(struct iphdr)) {
unsigned char opt[4 * 15 - sizeof(struct iphdr)];
unsigned int i, optsize;
@@ -138,7 +138,7 @@
printk("URGP=%u ", ntohs(tcph.urg_ptr));
if ((info->logflags & IPT_LOG_TCPOPT)
- && tcph.doff * 4 != sizeof(struct tcphdr)) {
+ && tcph.doff * 4 > sizeof(struct tcphdr)) {
unsigned char opt[4 * 15 - sizeof(struct tcphdr)];
unsigned int i, optsize;
Index: linux-2.6.5/net/ipv6/netfilter/ip6t_LOG.c
===================================================================
--- linux-2.6.5.orig/net/ipv6/netfilter/ip6t_LOG.c 2004-09-24 15:47:00.000000000 +0200
+++ linux-2.6.5/net/ipv6/netfilter/ip6t_LOG.c 2004-09-24 15:48:35.000000000 +0200
@@ -188,7 +188,7 @@
printk("URGP=%u ", ntohs(tcph->urg_ptr));
if ((info->logflags & IP6T_LOG_TCPOPT)
- && tcph->doff * 4 != sizeof(struct tcphdr)) {
+ && tcph->doff * 4 > sizeof(struct tcphdr)) {
unsigned int i;
/* Max length: 127 "OPT (" 15*4*2chars ") " */

11
sys-kernel/win4lin-sources/files/win4lin-sources-2.6.IPTables-RDoS.patch Normal file
View File

@@ -0,0 +1,11 @@
--- net/ipv4/netfilter/ip_tables.c.orig 2004-04-04 05:36:47.000000000 +0200
+++ net/ipv4/netfilter/ip_tables.c 2004-06-24 21:24:26.000000000 +0200
@@ -1461,7 +1461,7 @@
int *hotdrop)
{
/* tcp.doff is only 4 bits, ie. max 15 * 4 bytes */
- char opt[60 - sizeof(struct tcphdr)];
+ u_int8_t opt[60 - sizeof(struct tcphdr)];
unsigned int i;
duprintf("tcp_match: finding option\n");

49
sys-kernel/win4lin-sources/files/win4lin-sources-2.6.ProcPerms.patch Normal file
View File

@@ -0,0 +1,49 @@
# This is a BitKeeper generated diff -Nru style patch.
#
# ChangeSet
# 2004/07/02 18:48:26-07:00 chrisw@osdl.org
# [PATCH] check attr updates in /proc
#
# Any proc entry with default proc_file_inode_operations allow unauthorized
# attribute updates. This is very dangerous for proc entries that rely
# solely on file permissions for open/read/write.
#
# Signed-off-by: Chris Wright <chrisw@osdl.org>
# Signed-off-by: Linus Torvalds <torvalds@osdl.org>
#
# fs/proc/generic.c
# 2004/07/02 15:47:55-07:00 chrisw@osdl.org +14 -7
# check attr updates in /proc
#
diff -Nru a/fs/proc/generic.c b/fs/proc/generic.c
--- a/fs/proc/generic.c 2004-07-08 17:03:20 -07:00
+++ b/fs/proc/generic.c 2004-07-08 17:03:20 -07:00
@@ -231,14 +231,21 @@
static int proc_notify_change(struct dentry *dentry, struct iattr *iattr)
{
struct inode *inode = dentry->d_inode;
- int error = inode_setattr(inode, iattr);
- if (!error) {
- struct proc_dir_entry *de = PDE(inode);
- de->uid = inode->i_uid;
- de->gid = inode->i_gid;
- de->mode = inode->i_mode;
- }
+ struct proc_dir_entry *de = PDE(inode);
+ int error;
+ error = inode_change_ok(inode, iattr);
+ if (error)
+ goto out;
+
+ error = inode_setattr(inode, iattr);
+ if (error)
+ goto out;
+
+ de->uid = inode->i_uid;
+ de->gid = inode->i_gid;
+ de->mode = inode->i_mode;
+out:
return error;
}

12
sys-kernel/win4lin-sources/files/win4lin-sources-2.6.cmdlineLeak.patch Normal file
View File

@@ -0,0 +1,12 @@
--- linux-2.6.7/fs/proc/base.c~ 2004-08-05 10:35:04.411443536 +0200
+++ linux-2.6.7/fs/proc/base.c 2004-08-05 10:35:04.412443384 +0200
@@ -330,6 +330,9 @@
if (!mm)
goto out;
+ if (!mm->arg_end)
+ goto out;
+
len = mm->arg_end - mm->arg_start;
if (len > PAGE_SIZE)

26
sys-kernel/win4lin-sources/files/win4lin-sources.CAN-2004-0497.patch Normal file
View File

@@ -0,0 +1,26 @@
# This is a BitKeeper generated diff -Nru style patch.
#
# ChangeSet
# 2004/07/02 20:55:04-07:00 chrisw@osdl.org
# [PATCH] chown permission check fix for ATTR_GID
#
# SuSE discovered this problem with chown and ATTR_GID. Make sure user
# is authorized to change the group, CAN-2004-0497.
#
# fs/attr.c
# 2004/07/02 09:07:32-07:00 chrisw@osdl.org +2 -1
# chown permission check fix for ATTR_GID
#
diff -Nru a/fs/attr.c b/fs/attr.c
--- a/fs/attr.c 2004-07-08 16:35:57 -07:00
+++ b/fs/attr.c 2004-07-08 16:35:57 -07:00
@@ -35,7 +35,8 @@
/* Make sure caller can chgrp. */
if ((ia_valid & ATTR_GID) &&
- (!in_group_p(attr->ia_gid) && attr->ia_gid != inode->i_gid) &&
+ (current->fsuid != inode->i_uid ||
+ (!in_group_p(attr->ia_gid) && attr->ia_gid != inode->i_gid)) &&
!capable(CAP_CHOWN))
goto error;