---

Home Developer

Linux kernel 2.2.11 released

By

From the Kernel 2.2.11
release notes:

Platforms:Alpha, Sparc, X86

Introduction
Linux 2.2.11 is the latest major update to the Linux kernel tree.
It fixes security holes in the kernel so should seriously be
considered as an important update for all Linux 2.2 systems. The
out of the box tree supports the Alpha the Sparc and X86 platforms.
PowerPC and MIPS are mostly merged but you should obtain the
platform specific tree. It is hoped MIPS and PowerPC will soon be
fully merged. ARM and M680x0 users should get their platform
specific tree.

Binary Compatibility
Linux 2.2.11 changes internal system structures. You should
therefore rebuild third party kernel modules such as pcmcia-cs when
upgrading from older kernels to this one.

Security Notes
If you have local users on the machine there are no workarounds for
some of the fixed bugs. If you are concerned only with remotely
exploitable bugs then the only concern is the firewall bug. This
can be worked around by

  1. Applying just the patch to net/ipv4/ip_fw.c or
  2. Building a kernel with CONFIG_ALWAYS_DEFRAGMENT. This is the
    recommended configuration for a firewall except where there are
    multiple ingres paths. Using this option also screens clients
    behind the firewall from fragment attacks.

It is possible the socket binding bug can be exploited remotely
by requesting the right things from a server. We are not aware of
any ways to do this.

Architecture Updates

Alpha
Extensive updates to the Alpha platform support have been
merged from the Alpha maintainers. Significant changes have been
made to the maths emulation support.
i386
Support is now available for machines with 2Gig of RAM.
The interrupt handling has been modified for better SMP
performance. An SMP race when freeing an interrupt has been
cured.
The interrupt return path has been optimised for modern CPU’s with
a hardware call stack.
ioremap now allows mapping to the top of memory.
Mips
Most of the mips port has been merged with the main tree. The
work is not totally complete.
PowerPC
Some changes have been merged.
Sparc
The master kernel should now be up to date with the Sparc
tree.
A problem with the Sun4m SMP has been fixed.
Sparc64 support for TV capture cards has been added.
A race condition on core dumping has been fixed.

Core Updates

Coloured Zero Page
The kernel core supports a colouring of zero pages. Currently
only the MIPS port uses this facility.
Fork
Fork set the processor id to NO_PROC_ID. This could cause
crashes.
Kupdated
The update task now runs in kernel space instead of user
space.
Memory allocation
The memory allocator has been updated so that it tries a lot
harder to keep ISA DMA memory pools available.
PCI bus
If the machine ran out of memory during boot up scanning of the
PCI bus it would crash.
Request Length Limit
The block device layer can now do merging of non
memory-contiguous requests for some drivers and can also limit the
number of segments per merge.
Signal Handling
Queued RT signals had atomicity problems that could eventually
cause them to stop working.
Swapping
An off by one error that could cause system deadlocks when you
ran out of memory has been fixed.

Driver Updates

BTTV TV capture
The capture driver now supports the ultrasparc platform. The
LifeView FlyKit card is now supported.
Cadet Radio Driver
A bug has been fixed which could cause RDS data
corruption.
CDROM driver
A procfs handling bug where the cdrom layer could hand back
more data than was requested has been fixed.
Compaq SMART2
The Compaq SMART2 now has a Linux driver.
Cyclades multiport serial
Interrupt mode is supported on the Cyclom-Z>br>Several
minor bugs were fixed.
Gemtek Radio
The I/O address for the onboard GemTek card is now
recognized.
IDE CDROM
Several small bugs have been fixed.
IDE Floppy
The ZIP disk corruption problem should be dead.
IDE Tape
An SMP race condition has been fixed. A case where it used
memory after freeing it has been fixed.
ISDN4Linux
Significant updates have been made to the ISDN layer in the
kernel. Several more cards are now supported.
Multitech ISI series multiport adapters
Support has been added for the PCI bus ISI cards.
Mylex DAC-960
The DAC-960 raid controller card is now supported by
Linux.
Network Block Device
The network block device mis-set the size of larger network
block devices (those over about 2Gig).
Parallel Port
ECP Parallel ports are now dropped into a PS/2 like mode.
Radiotrack 2
This driver previously only worked as a module. It now works
compiled into the kernel.
Sound Layer
The DMAsound driver has several small bug fixes.
Allocation bugs were fixed on the ES1370/ES1371 and SonicVibes
drivers.
The S/PDIF output is now supported on newer ES1371 chips.
A configuration bug on the Opti C924 has been fixed.
The OPL3/SA2 driver has been improved.
ES1869+ ESS chips should now play at the right speed.
3DSE enable/disable is supported by OSS.
The joystick on the trix card is now runtime configurable.
Specialix SX/SI multiport
These cards are now supported by a new specialix serial
driver.
Quick Cam
A memory allocation bug that could cause crashes in both the
quickcam drivers has been fixed.
Serial
A bug that prevent shared interrupt mode working on the PC
serial driver has been fixed.
TGAfb
A frame buffer for the DECChip 21030 frame buffers. These are
found in many of the Alpha based machines.
VGA Frame Buffer Console
Linux 2.2.11 adds a native EGA/VGA 16 colour console to the
frame buffer console support. This is primarily aimed at GUI
installers but can be used for other things too.

File System Updates

CODA
Coda now supports pipe devices. Several other
cleanups/changes.
EFS
SGI EFS is now supported read only.
Ext2fs
“Too large” error andling errors on very large files have been
fixed.
The immutability rules have been updated.
FAT
FAT now caches by starting cluster.
FAT knows FAT32 is really only 28bit.
Now generates inode numbers differently.
FIBMAP
The FIBMAP ioctl now requires RAWIO capability.
ISOfs
A case where the ISO fs could crash the machine when it ran out
of memory has been resolved.
Lockd
A list mishandling bug in the lock daemon has been fixed.
2.0.x compatible ‘local only’ locking is supported.
Loop Device
The loopback driver for mounting file systems onto files now
checks the underlying layer supportd bmap().
Nextstep CD-ROM supported
The UFS file system can now handle NextStep CD-ROM format.
NCP fs
A null pointer crash case has been fixed.
NFS client
A stale handle case has been fixed.
Pipes
A technical violation of the SuSv2 specification when preading
0 bytes from a pipe has been fixed.
Procfs
The kernel memory image now reports the correct offset for its
base.
A memory handling bug has been fixed.
QNX fs
A crash when bad blocks are read has been fixed.
Quota
A whole pile of races, especially SMP races, in the Quota
subsystem have been fixed.
UFS
Crashes when a block cannot be read have been cured.
Ultrix Partition Tables
Ultrix partition tables are now supported. This is needed for
the MIPS port in particular.

Miscellaneous Updates

ChangeLog
The Changelog has been updated to reflect newer tools.

Network Updates

Alteon AceNIC
The driver now recognizes the Farallon PN9000SX and the SGI
variants of the board.
Appletalk
Now allows larger net ranges as 2.0 did. Fixed a crash on route
changes.
ARCnet
Several cases where an out of memory could crash the machine
have been fixed. The irq probe delay has been increased to resolve
a problem on some SMP boxes using ARCnet cards.
Arlan
The ISA bus Arlan radio interfaces are now supported.
Bridge
The bridge layer handled BPDU time values wrongly.
Comtrol Hostess SV-11
A case where a DMA channel could be freed twice has been
cured.
COSA
The COSA driver has several bugs fixed including a firmware bug
workaround and a deadlock bugfix.
CS89x0
Underrun handling on the DMA was faulty. This update should fix
it.
DEPCA
Bridging did not work with the DEPCA driver due to an error in
the packet length computation.
General Instruments Surfboard 1000
A driver supporting the internal SB1000 ISA card has been added
to the kernel. For more information see http://home.adelphia.net/~siglercm/sb1000.html.
IBM ‘Olympic’ PCI token ring adapters
Support has been added for most of the IBM PCI token ring
adapters. The Lanstreamer is not yet supported however.
IP layer
Fixed routing bug, socket hashing bug, crash with MTU below 68
bytes.
An IGMP protocol handling error has been fixed.
IP version 6
The firewall code could oops if it ran out of memory.
IPX
IPX packet routing could oops if the machine ran out of
memory.
Lance
The Lance driver could oops if there was no memory free.
Masquerade
Masquerading made a poor choice of hashes for some
operations.
The IRC masquerade did not understand the extended DCC
commands.
Multicast Routing
PIM2 checksumming was incorrect and broke with old peers.
NE2000/PCI Driver
This now supports the PowerPC and also the differently broken
Holtek chips.
NetROM
The NetROM layer could oops during loading if it ran out of
memory.
Packet Schedulers
Several bugs were fixed in the packet scheduling.
PCNet 32
Now supports the 79cc973/5 chips.
Some PCI scanning changes have been made.
A bug with manual MII selection has been fixed.
Realtek 8129/8139
This driver has been updated.
ROSE
The ROSE layer could oops during loading if it ran out of
memory.
Sealevel Systems 4021
A driver for this Z85230 based card has been added.
Seeq 8005
This driver may now be built as a module.
SiS900
An experimental driver for this new chipset is now
included.
sk_mca
Minor MCA bus fixes
Synchronous PPP
A bug where the synchronous PPP driver would drop connections
under high load due to keepalive lossage has been fixed.
TCP Protocol
Fixed a race condition with two writers and partial writes.
Update workarounds for bugs in the PAWS protocol (RFC1323)
Fix crash in socket binding.
Tulip Driver
A fix for a race where the Tulip driver would hang has been
added.
VIA Rhine
This driver has been updated.
Wavelan
The frequency handling for the wavelan has been updated for the
newer modem revision.
YAM FPGA Radio Modem
This is now supported under Linux in 1200 and 9600 baud
mode.
Yellowfin
The yellowfin driver has been updated to correctly handle non
x86 platforms.
Z85230
Several non fatal bugs in the Z85230 synchronous driver have
been fixed.

SCSI Updates
The general SCSI layer has been updated to fix a couple of read
only reuses of freed memory and to fix oopses when loading modules
and running out of memory. A problem where the scsi error thread
stopped initrd unloading has also been fixed.

AHA152x
Driver is now SMP safe. Abominable responsiveness under heavy
load should also be cured.
AHA154x
Supports loadtime options as a module for configuration.
Supports AHA1542CFP geometry translation modes.
AIC7xxx
Updated to fix various reported bugs.
AMI Megaraid
Fixed a bug with manager control commands causing false SCSI
layer errors.
Increased SCSI command timeouts.
ATP870U
This driver is now SMP safe.
Constants
The SCSI layer will now name SCSI 2 commands in verbose error
reports.
EATA
The driver will set a device to master mode if need be.
EATA-DMA
This driver is now SMP safe.
IDE SCSI
When scsi generic was used the IDE SCSI layer could get
confused.
IDE SCSI generic transform couldn’t be disabled once enabled.
IN2000
The assembly part of this did not compile with the latest
compilers.
Initio SCSI
On non X86 platforms some delays were incorrect by a factor of
ten.
NCR 53c8xx
Fix misdetection of 53C875E and other minor fixes.
NCR 53C9x
Driver is now SMP safe.
QlogicFC
Now supports the isp2200 card.
Qlogic ISP
Geometry handling corrected for larger than 8Gig disks.
Symbios 53c416
This driver is now SMP safe.
Symbios 53c8xx
Fix misdetection of the 53C875E. Added support for the 53C895A.
Updated scripts.

Security Updates

AX.25
The AX.25 layer had a bug allowing arbitrary scribbling into
kernel space by an application. The area hit is hard to control so
the exploit is probably limited, but still dangerous.
Capabilities
There is now a bounding capability set that can only be
increased by process 1. This provides securelevel equivalence.
Firewall
A carefully constructed packet sequence could rewrite the port
numbers on a packet potentially allowing frames that should be
screened through the firewall.
Mremap
Mremap called zap_page_range with incorrect arguments. A large
realloc() under glibc could do all sorts of nasty things.
Sysrq
It is now possible to build a kernel with debugging sysrq
support and enable/disable the option at runtime.
TCP
Some unusual patterns of socket binding could cause a crash. A
user could deliberately trigger this. Now fixed.
/dev/port
The RawIO capability is now required to open /dev/port,
/dev/mem and /dev/kmem.

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis

Must Read

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Our Brands

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.