Novell is now a part of Micro Focus

Security update for Linux kernel

Knowledgebase

(Last modified: 26JUN2006)


solutions Security update for Linux kernel SuSE Linux Maintenance Web (90b32cd6ba927af1187c6f14ce48f7c7)

Applies to

Package: kernel-s390x
kernel-source
kernel-syms
Product(s): SUSE CORE 9 for IBM zSeries 64bit
Patch: patch-11079
Release: 20060626
Obsoletes: d315ac40f92dc38783162cde676a7b10

Indications

Everyone using the Linux Kernel should update.

Contraindications

None.

Problem description

This kernel update fixes the following security problems and the following non security bugs:
  • Unexport shrink_dcache_anon (unexported upstream on 19 Oct 2004) [#136310]
  • Don't dirty the inode if it is being freed in xfs_iunpin [#179117]
  • fusion driver might hang during error recovery [#173914]
  • fusion driver: Oops when device is taken offline under I/O [#172910]
  • fusion driver: Restore queue_depth control from before SP3 [#172910]
  • Fix IO restart on BLKPREP_DEFER [#173489]
  • Kill request on invalid sgtable mapping [#173489]
  • Fix blk_recalc_rq_segments[#] (173489)
Fixes for i586:
  • Fix oops in cifs_unlink [#173177]
  • CIFS kernel module deadlock when renaming/moving files [#173178]
Fixes for S/390:
  • mark tape_3590 as supported
Additional Infos for kernel (s390 specific)
Patchcluster 34
  • Problem-ID: 21445 - dasd: Fixed open_count usage.
  • Problem-ID: 22299 - cio: Setting devices online does not fail as expected.
  • Problem-ID: 22300 - cio: Deadlocks during machine checks.
  • Problem-ID: 22169 - kernel: iucv message limit for smsg
  • Problem-ID: 22170 - kernel: spin lock retry performance.
  • Problem-ID: 21974 - kernel: strnlen_user() may return wrong values.
  • Problem-ID: 22497 - kernel: make cmm related proc entries world readable.
  • Problem-ID: 23074 - kernel: Missing error check on signal frame setup.
  • Problem-ID: 22098 - net:ctc: The former experimental and untested tty feature of the ctc network driver shows some problems. As this feature is not known to be used it is removed now.
  • Problem-ID: 22637 - qeth: qethconf not adding IPv4 addresses.
  • Problem-ID: 22956 - qeth: tx_bytes and rx_bytes counter are not set properly.
  • Problem-ID: 22965 - qeth: setting of attribute "route6" to "primary_router" works only once.
  • Problem-ID: 22991 - qeth: /proc/qeth_perf reports negative times.
  • Problem-ID: 22772 - z90crypt: Analysis revealed unreachable code.
  • Problem-ID: 22773 - z90crypt: Analysis revealed a possible memory overlay.
Patchcluster 35
  • Problem-ID: 23146 - cio: Enable interrupts on error path.
  • Problem-ID: 23146 - cio: I/O failing after CHPID is offline despite remaining CHPIDs.
  • Problem-ID: 23355 - kernel: Signal handling bug.
  • Problem-ID: 23074 - kernel: Bug in setup_rt_frame().
  • Problem-ID: 22969 - net: initcall order.
  • Problem-ID: 22223 - qdio: I/O stall with zfcp in low-memory situation.
  • Problem-ID: 23195 - qeth: Race condition possible during device recovery.
  • Problem-ID: 23458 - qeth: System crash during data transmission.
Patchcluster 36
  • This patch provides the GPL version of 3590 tape device driver discipline
Patchcluster 37
  • Problem-ID: 22671 - kernel: software watchdog crashes.
  • Problem-ID: 17213 - lcs: Unpredictable results after cable pull/plug-in.
spin_retry Kernel parameter
With this update an additional kernel-command line parameter is provided. The default value is 0 for this parameter. Setting this parameter to 1000 has shown for most workloads on a linux runnig under z/VM that the number of DIAG 44 calls is significant reduced.
To set the parameter please add the following to the kernel command line:
spin_retry=1000
For further description of the named Problem IDs, please look at
http://www-128.ibm.com/developerworks/linux/linux390/april2004_recommended.html

Solution

Please install the updates provided at the location noted below.

Installation notes

This update is provided as an RPM package that can easily be installed onto a running system by using this command:
rpm -Fvh kernel-s390x.rpm kernel-source.rpm kernel-syms.rpm zipl
When rebooting the Linux on zSeries z/VM guests, please ensure that you have installed the PTFs for APAR VM63742:
  • z/VM 4.4: UM31426
  • z/VM 5.1: UM31428
Otherwise re-boot under z/VM will not work anymore.
Finally, reboot the system with
shutdown -r now
to load the new kernel (replace "now" with the appropriate amount of time to allow local users to cleanly log out, for example "+5" for five minutes.)

links to download packages

Download Source Packages

Download the source code of the patches for maintained products.


Disclaimer

The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.

Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.

© Micro Focus