[linux] 01/03: Update to 4.14.17
debian-kernel at lists.debian.org
debian-kernel at lists.debian.org
Mon Feb 5 20:27:22 UTC 2018
This is an automated email from the git hooks/post-receive script.
carnil pushed a commit to branch sid
in repository linux.
commit 0a69e0b0466f03d1734fe686cbee65932cd0ee97
Author: Salvatore Bonaccorso <carnil at debian.org>
Date: Sun Feb 4 13:33:30 2018 +0100
Update to 4.14.17
Refresh cpupower-fix-checks-for-cpu-existence.patch patch
---
debian/changelog | 152 ++++++++++++++++++++-
.../cpupower-fix-checks-for-cpu-existence.patch | 6 +-
.../loop-fix-concurrent-lo_open-lo_release.patch | 56 --------
debian/patches/series | 1 -
4 files changed, 155 insertions(+), 60 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 86ddb53..69e352a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,4 +1,4 @@
-linux (4.14.16-1) UNRELEASED; urgency=medium
+linux (4.14.17-1) UNRELEASED; urgency=medium
* New upstream stable update:
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.14
@@ -269,9 +269,157 @@ linux (4.14.16-1) UNRELEASED; urgency=medium
- [arm64] bpf: fix stack_depth tracking in combination with tail calls
- cpufreq: governor: Ensure sufficiently large sampling intervals
- nfsd: auth: Fix gid sorting when rootsquash enabled (CVE-2018-1000028)
+ https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.17
+ - futex: Fix OWNER_DEAD fixup
+ - loop: fix concurrent lo_open/lo_release (CVE-2018-5344)
+ - [x86] KVM: Fix CPUID function for word 6 (80000001_ECX)
+ - gpio: Fix kernel stack leak to userspace
+ - ALSA: hda - Reduce the suspend time consumption for ALC256
+ - crypto: ecdh - fix typo in KPP dependency of CRYPTO_ECDH
+ - [x86] crypto: aesni - handle zero length dst buffer
+ - [x86] crypto: aesni - fix typo in generic_gcmaes_decrypt
+ - crypto: gcm - add GCM IV size constant
+ - [x86] crypto: aesni - Use GCM IV size constant
+ - [x86] crypto: aesni - add wrapper for generic gcm(aes)
+ - [x86] crypto: aesni - Fix out-of-bounds access of the data buffer in
+ generic-gcm-aesni
+ - [x86] crypto: aesni - Fix out-of-bounds access of the AAD buffer in
+ generic-gcm-aesni
+ - [arm64] crypto: inside-secure - fix hash when length is a multiple of a
+ block
+ - [arm64] crypto: inside-secure - avoid unmapping DMA memory that was not
+ mapped
+ - crypto: sha3-generic - fixes for alignment and big endian operation
+ - crypto: af_alg - whitelist mask and type
+ - HID: wacom: EKR: ensure devres groups at higher indexes are released
+ - HID: wacom: Fix reporting of touch toggle (WACOM_HID_WD_MUTE_DEVICE)
+ events
+ - igb: Free IRQs when device is hotplugged
+ - ima/policy: fix parsing of fsuuid
+ - scsi: aacraid: Fix udev inquiry race condition
+ - scsi: aacraid: Fix hang in kdump
+ - VFS: Handle lazytime in do_mount()
+ - [arm64,armhf] drm/vc4: Account for interrupts in flight
+ - btrfs: Fix transaction abort during failure in btrfs_rm_dev_item
+ - Btrfs: bail out gracefully rather than BUG_ON
+ - cpupowerutils: bench - Fix cpu online check
+ - cpupower : Fix cpupower working when cpu0 is offline
+ - [x86] KVM: nVMX/nSVM: Don't intercept #UD when running L2
+ - [x86] KVM: emulator: Return to user-mode on L1 CPL=0 emulation failure
+ - [x86] KVM: Don't re-execute instruction when not passing CR2 value
+ - [x86] KVM: Fix operand/address-size during instruction decoding
+ - [x86] KVM: nVMX: Fix mmu context after VMLAUNCH/VMRESUME failure
+ - [x86] KVM: fix em_fxstor() sleeping while in atomic
+ - [x86] KVM: ioapic: Fix level-triggered EOI and IOAPIC reconfigure race
+ - [x86] KVM: ioapic: Clear Remote IRR when entry is switched to
+ edge-triggered
+ - [x86] KVM: ioapic: Preserve read-only values in the redirection table
+ - [x86] KVM: nVMX: Fix vmx_check_nested_events() return value in case an
+ event was reinjected to L2
+ - nvme-fabrics: introduce init command check for a queue that is not alive
+ - nvme-fc: check if queue is ready in queue_rq
+ - nvme-loop: check if queue is ready in queue_rq
+ - nvme-pci: disable APST on Samsung SSD 960 EVO + ASUS PRIME B350M-A
+ - nvme-pci: avoid hmb desc array idx out-of-bound when hmmaxd set.
+ - nvmet-fc: correct ref counting error when deferred rcv used
+ - [s390x] topology: fix compile error in file arch/s390/kernel/smp.c
+ - [s390x] zcrypt: Fix wrong comparison leading to strange load balancing
+ - ACPI / bus: Leave modalias empty for devices which are not present
+ - null_blk: fix dev->badblocks leak
+ - [s390x] fix alloc_pgste check in init_new_context again
+ - rxrpc: The mutex lock returned by rxrpc_accept_call() needs releasing
+ - rxrpc: Provide a different lockdep key for call->user_mutex for kernel calls
+ - rxrpc: Fix service endpoint expiry
+ - bcache: check return value of register_shrinker
+ - drm/amdgpu: Fix SDMA load/unload sequence on HWS disabled mode
+ - [x86] drm/amdkfd: Fix SDMA ring buffer size calculation
+ - [x86] drm/amdkfd: Fix SDMA oversubsription handling
+ - uapi: fix linux/kfd_ioctl.h userspace compilation errors
+ - nvme-rdma: don't complete requests before a send work request has
+ completed
+ - openvswitch: fix the incorrect flow action alloc size
+ - [armhf] drm/rockchip: dw-mipi-dsi: fix possible un-balanced runtime PM
+ enable
+ - mac80211: use QoS NDP for AP probing
+ - mac80211: fix the update of path metric for RANN frame
+ - btrfs: fix deadlock when writing out space cache
+ - sctp: only allow the asoc reset when the asoc outq is empty
+ - sctp: avoid flushing unsent queue when doing asoc reset
+ - sctp: set sender next_tsn for the old result with ctsn_ack_point plus 1
+ - reiserfs: remove unneeded i_version bump
+ - [x86] KVM: Fix softlockup when get the current kvmclock
+ - [x86] KVM: VMX: Fix rflags cache during vCPU reset
+ - Btrfs: fix list_add corruption and soft lockups in fsync
+ - KVM: Let KVM_SET_SIGNAL_MASK work as advertised
+ - xfs: always free inline data before resetting inode fork during ifree
+ - xfs: log recovery should replay deferred ops in order
+ - xen-netfront: remove warning when unloading module
+ - nfsd: CLOSE SHOULD return the invalid special stateid for NFSv4.x (x>0)
+ - nfsd: Ensure we check stateid validity in the seqid operation checks
+ - grace: replace BUG_ON by WARN_ONCE in exit_net hook
+ - nfsd: check for use of the closed special stateid
+ - race of lockd inetaddr notifiers vs nlmsvc_rqst change
+ - lockd: fix "list_add double add" caused by legacy signal interface
+ - quota: propagate error from __dquot_initialize
+ - [arm64,armhf] net: mvpp2: fix the txq_init error path
+ - [arm64] net: phy: marvell10g: fix the PHY id mask
+ - bnxt_en: Fix an error handling path in 'bnxt_get_module_eeprom()'
+ - Btrfs: incremental send, fix wrong unlink path after renaming file
+ - nvme-pci: fix NULL pointer dereference in nvme_free_host_mem()
+ - xfs: fortify xfs_alloc_buftarg error handling
+ - drm/amdgpu: don't try to move pinned BOs
+ - quota: Check for register_shrinker() failure.
+ - SUNRPC: Allow connect to return EHOSTUNREACH
+ - kmemleak: add scheduling point to kmemleak_scan()
+ - [armhf] drm/omap: Fix error handling path in 'omap_dmm_probe()'
+ - [armhf] drm/omap: displays: panel-dpi: add backlight dependency
+ - xfs: ubsan fixes
+ - xfs: Properly retry failed dquot items in case of error during buffer
+ writeback
+ - perf/core: Fix memory leak triggered by perf --namespace
+ - scsi: aacraid: Prevent crash in case of free interrupt during scsi EH
+ path
+ - scsi: ufs: ufshcd: fix potential NULL pointer dereference in
+ ufshcd_config_vreg
+ - iwlwifi: mvm: fix the TX queue hang timeout for MONITOR vif type
+ - iwlwifi: fix access to prph when transport is stopped
+ - [arm*] dts: NSP: Disable AHCI controller for HR NSP boards
+ - [arm*] ARM: dts: NSP: Fix PPI interrupt types
+ - media: usbtv: add a new usbid
+ - [x86] xen: Support early interrupts in xen pv guests
+ - usb: gadget: don't dereference g until after it has been null checked
+ - staging: rtl8188eu: Fix incorrect response to SIOCGIWESSID
+ - [arm64,armhf] drm/vc4: Move IRQ enable to PM path
+ - [x86] KVM: emulate #UD while in guest mode
+ - [x86] staging: lustre: separate a connection destroy from free struct
+ kib_conn
+ - tty: fix data race between tty_init_dev and flush of buf
+ - USB: serial: pl2303: new device id for Chilitag
+ - USB: cdc-acm: Do not log urb submission errors on disconnect
+ - CDC-ACM: apply quirk for card reader
+ - USB: serial: io_edgeport: fix possible sleep-in-atomic
+ - usbip: prevent bind loops on devices attached to vhci_hcd
+ - usbip: list: don't list devices attached to vhci_hcd
+ - USB: serial: simple: add Motorola Tetra driver
+ - usb: f_fs: Prevent gadget unbind if it is already unbound
+ - usb: uas: unconditionally bring back host after reset
+ - usb/gadget: Fix "high bandwidth" check in usb_gadget_ep_match_desc()
+ - [x86] mei: me: allow runtime pm for platform with D0i3
+ - serial: 8250_of: fix return code when probe function fails to get reset
+ - serial: 8250_uniphier: fix error return code in uniphier_uart_probe()
+ - [armhf] serial: imx: Only wakeup via RTSDEN bit if the system has
+ RTS/CTS
+ - [armhf] spi: imx: do not access registers while clocks disabled
+ - iio: adc: stm32: fix scan of multiple channels with DMA
+ - iio: chemical: ccs811: Fix output of IIO_CONCENTRATION channels
+ - test_firmware: fix missing unlock on error in
+ config_num_requests_store()
+ - Input: synaptics-rmi4 - unmask F03 interrupts when port is opened
+ - Input: synaptics-rmi4 - do not delete interrupt memory too early
+ - [x86] efi: Clarify that reset attack mitigation needs appropriate
+ userspace
[ Salvatore Bonaccorso ]
- * loop: fix concurrent lo_open/lo_release (CVE-2018-5344)
* [rt] Update to 4.14.15-rt11
* [rt] Update to 4.14.15-rt13
* crypto: ecc - Fix NULL pointer deref. on no default_rng (Closes: #886556)
diff --git a/debian/patches/bugfix/all/cpupower-fix-checks-for-cpu-existence.patch b/debian/patches/bugfix/all/cpupower-fix-checks-for-cpu-existence.patch
index be5f528..f7cbcdb 100644
--- a/debian/patches/bugfix/all/cpupower-fix-checks-for-cpu-existence.patch
+++ b/debian/patches/bugfix/all/cpupower-fix-checks-for-cpu-existence.patch
@@ -17,6 +17,10 @@ properly distinguish and report the zero and negative cases.
Fixes: ac5a181d065d ("cpupower: Add cpuidle parts into library")
Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
+[carnil: Update/Refresh patch for 4.14.17: The issue with the
+incorrect check has been fixed with upstream commit 53d1cd6b125f.
+Keep in the patch the distinction and report for the zero and
+negative cases.]
---
--- a/tools/power/cpupower/bench/system.c
+++ b/tools/power/cpupower/bench/system.c
@@ -28,7 +32,7 @@ Signed-off-by: Ben Hutchings <ben at decadent.org.uk>
dprintf("set %s as cpufreq governor\n", governor);
-- if (cpupower_is_cpu_online(cpu) != 0) {
+- if (cpupower_is_cpu_online(cpu) != 1) {
- perror("cpufreq_cpu_exists");
- fprintf(stderr, "error: cpu %u does not exist\n", cpu);
+ rc = cpupower_is_cpu_online(cpu);
diff --git a/debian/patches/bugfix/all/loop-fix-concurrent-lo_open-lo_release.patch b/debian/patches/bugfix/all/loop-fix-concurrent-lo_open-lo_release.patch
deleted file mode 100644
index a5ba39e..0000000
--- a/debian/patches/bugfix/all/loop-fix-concurrent-lo_open-lo_release.patch
+++ /dev/null
@@ -1,56 +0,0 @@
-From: Linus Torvalds <torvalds at linux-foundation.org>
-Date: Fri, 5 Jan 2018 16:26:00 -0800
-Subject: loop: fix concurrent lo_open/lo_release
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-Origin: https://git.kernel.org/linus/ae6650163c66a7eff1acd6eb8b0f752dcfa8eba5
-Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2018-5344
-
-范龙飞 reports that KASAN can report a use-after-free in __lock_acquire.
-The reason is due to insufficient serialization in lo_release(), which
-will continue to use the loop device even after it has decremented the
-lo_refcnt to zero.
-
-In the meantime, another process can come in, open the loop device
-again as it is being shut down. Confusion ensues.
-
-Reported-by: 范龙飞 <long7573 at 126.com>
-Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
-Signed-off-by: Jens Axboe <axboe at kernel.dk>
----
- drivers/block/loop.c | 10 ++++++++--
- 1 file changed, 8 insertions(+), 2 deletions(-)
-
-diff --git a/drivers/block/loop.c b/drivers/block/loop.c
-index bc8e61506968..d5fe720cf149 100644
---- a/drivers/block/loop.c
-+++ b/drivers/block/loop.c
-@@ -1581,9 +1581,8 @@ static int lo_open(struct block_device *bdev, fmode_t mode)
- return err;
- }
-
--static void lo_release(struct gendisk *disk, fmode_t mode)
-+static void __lo_release(struct loop_device *lo)
- {
-- struct loop_device *lo = disk->private_data;
- int err;
-
- if (atomic_dec_return(&lo->lo_refcnt))
-@@ -1610,6 +1609,13 @@ static void lo_release(struct gendisk *disk, fmode_t mode)
- mutex_unlock(&lo->lo_ctl_mutex);
- }
-
-+static void lo_release(struct gendisk *disk, fmode_t mode)
-+{
-+ mutex_lock(&loop_index_mutex);
-+ __lo_release(disk->private_data);
-+ mutex_unlock(&loop_index_mutex);
-+}
-+
- static const struct block_device_operations lo_fops = {
- .owner = THIS_MODULE,
- .open = lo_open,
---
-2.15.1
-
diff --git a/debian/patches/series b/debian/patches/series
index a8864c4..15a8e6a 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -122,7 +122,6 @@ bugfix/all/dccp-cve-2017-8824-use-after-free-in-dccp-code.patch
bugfix/all/media-dvb-usb-v2-lmedm04-Improve-logic-checking-of-w.patch
bugfix/all/media-dvb-usb-v2-lmedm04-move-ts2020-attach-to-dm04_.patch
bugfix/all/media-hdpvr-fix-an-error-handling-path-in-hdpvr_prob.patch
-bugfix/all/loop-fix-concurrent-lo_open-lo_release.patch
# Fix exported symbol versions
bugfix/all/module-disable-matching-missing-version-crc.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/kernel/linux.git
More information about the Kernel-svn-changes
mailing list