diff --git a/debian/changelog b/debian/changelog index ae62917b6..aaa98ceaf 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,5 +1,8 @@ -linux (4.15~rc5-1~exp2) UNRELEASED; urgency=medium +linux (4.15~rc8-1~exp1) UNRELEASED; urgency=medium + * New upstream release candidate + + [ Ben Hutchings ] * [arm64] Update "add kernel config option to lock down when in Secure Boot mode" for 4.15 * efi: Enable LOCK_DOWN_IN_EFI_SECURE_BOOT, replacing diff --git a/debian/patches/bugfix/all/bluetooth-prevent-stack-info-leak-from-the-efs-element.patch b/debian/patches/bugfix/all/bluetooth-prevent-stack-info-leak-from-the-efs-element.patch deleted file mode 100644 index 308204888..000000000 --- a/debian/patches/bugfix/all/bluetooth-prevent-stack-info-leak-from-the-efs-element.patch +++ /dev/null @@ -1,48 +0,0 @@ -From: Ben Seri -Date: Mon, 04 Dec 2017 14:13:25 +0000 -Subject: bluetooth: Prevent stack info leak from the EFS element. -Origin: http://www.openwall.com/lists/oss-security/2017/12/06/3 -Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2017-1000410 - -Signed-off-by: Ben Seri ---- ---- a/net/bluetooth/l2cap_core.c -+++ b/net/bluetooth/l2cap_core.c -@@ -3363,9 +3363,10 @@ static int l2cap_parse_conf_req(struct l - break; - - case L2CAP_CONF_EFS: -- remote_efs = 1; -- if (olen == sizeof(efs)) -+ if (olen == sizeof(efs)) { -+ remote_efs = 1; - memcpy(&efs, (void *) val, olen); -+ } - break; - - case L2CAP_CONF_EWS: -@@ -3584,16 +3585,17 @@ static int l2cap_parse_conf_rsp(struct l - break; - - case L2CAP_CONF_EFS: -- if (olen == sizeof(efs)) -+ if (olen == sizeof(efs)) { - memcpy(&efs, (void *)val, olen); - -- if (chan->local_stype != L2CAP_SERV_NOTRAFIC && -- efs.stype != L2CAP_SERV_NOTRAFIC && -- efs.stype != chan->local_stype) -- return -ECONNREFUSED; -+ if (chan->local_stype != L2CAP_SERV_NOTRAFIC && -+ efs.stype != L2CAP_SERV_NOTRAFIC && -+ efs.stype != chan->local_stype) -+ return -ECONNREFUSED; - -- l2cap_add_conf_opt(&ptr, L2CAP_CONF_EFS, sizeof(efs), -- (unsigned long) &efs, endptr - ptr); -+ l2cap_add_conf_opt(&ptr, L2CAP_CONF_EFS, sizeof(efs), -+ (unsigned long) &efs, endptr - ptr); -+ } - break; - - case L2CAP_CONF_FCS: diff --git a/debian/patches/bugfix/all/e1000e-fix-e1000_check_for_copper_link_ich8lan-return-value.patch b/debian/patches/bugfix/all/e1000e-fix-e1000_check_for_copper_link_ich8lan-return-value.patch deleted file mode 100644 index bedfd0282..000000000 --- a/debian/patches/bugfix/all/e1000e-fix-e1000_check_for_copper_link_ich8lan-return-value.patch +++ /dev/null @@ -1,60 +0,0 @@ -From: Benjamin Poirier -Date: Mon, 11 Dec 2017 16:26:40 +0900 -Subject: e1000e: Fix e1000_check_for_copper_link_ich8lan return value. -Origin: https://marc.info/?l=linux-kernel&m=151297726823919&w=2 -Bug: https://bugzilla.kernel.org/show_bug.cgi?id=198047 -Bug-Debian: https://bugs.debian.org/885348 - -e1000e_check_for_copper_link() and e1000_check_for_copper_link_ich8lan() -are the two functions that may be assigned to mac.ops.check_for_link when -phy.media_type == e1000_media_type_copper. Commit 19110cfbb34d ("e1000e: -Separate signaling for link check/link up") changed the meaning of the -return value of check_for_link for copper media but only adjusted the first -function. This patch adjusts the second function likewise. - -Reported-by: Christian Hesse -Reported-by: Gabriel C -Link: https://bugzilla.kernel.org/show_bug.cgi?id=198047 -Fixes: 19110cfbb34d ("e1000e: Separate signaling for link check/link up") -Tested-by: Christian Hesse -Signed-off-by: Benjamin Poirier ---- - drivers/net/ethernet/intel/e1000e/ich8lan.c | 11 ++++++++--- - 1 file changed, 8 insertions(+), 3 deletions(-) - ---- a/drivers/net/ethernet/intel/e1000e/ich8lan.c -+++ b/drivers/net/ethernet/intel/e1000e/ich8lan.c -@@ -1367,6 +1367,9 @@ out: - * Checks to see of the link status of the hardware has changed. If a - * change in link status has been detected, then we read the PHY registers - * to get the current speed/duplex if link exists. -+ * -+ * Returns a negative error code (-E1000_ERR_*) or 0 (link down) or 1 (link -+ * up). - **/ - static s32 e1000_check_for_copper_link_ich8lan(struct e1000_hw *hw) - { -@@ -1382,7 +1385,7 @@ static s32 e1000_check_for_copper_link_i - * Change or Rx Sequence Error interrupt. - */ - if (!mac->get_link_status) -- return 0; -+ return 1; - - /* First we want to see if the MII Status Register reports - * link. If so, then we want to get the current speed/duplex -@@ -1613,10 +1616,12 @@ static s32 e1000_check_for_copper_link_i - * different link partner. - */ - ret_val = e1000e_config_fc_after_link_up(hw); -- if (ret_val) -+ if (ret_val) { - e_dbg("Error configuring flow control\n"); -+ return ret_val; -+ } - -- return ret_val; -+ return 1; - } - - static s32 e1000_get_variants_ich8lan(struct e1000_adapter *adapter) diff --git a/debian/patches/bugfix/all/x86-tlb-Drop-the-_GPL-from-the-cpu_tlbstate-export.patch b/debian/patches/bugfix/all/x86-tlb-Drop-the-_GPL-from-the-cpu_tlbstate-export.patch deleted file mode 100644 index aca954b32..000000000 --- a/debian/patches/bugfix/all/x86-tlb-Drop-the-_GPL-from-the-cpu_tlbstate-export.patch +++ /dev/null @@ -1,44 +0,0 @@ -From: Thomas Gleixner -Date: Thu, 4 Jan 2018 22:19:04 +0100 -Subject: x86/tlb: Drop the _GPL from the cpu_tlbstate export -Origin: https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=1e5476815fd7f98b888e01a0f9522b63085f96c9 - -The recent changes for PTI touch cpu_tlbstate from various tlb_flush -inlines. cpu_tlbstate is exported as GPL symbol, so this causes a -regression when building out of tree drivers for certain graphics cards. - -Aside of that the export was wrong since it was introduced as it should -have been EXPORT_PER_CPU_SYMBOL_GPL(). - -Use the correct PER_CPU export and drop the _GPL to restore the previous -state which allows users to utilize the cards they payed for. - -As always I'm really thrilled to make this kind of change to support the -#friends (or however the hot hashtag of today is spelled) from that closet -sauce graphics corp. - -Fixes: 1e02ce4cccdc ("x86: Store a per-cpu shadow copy of CR4") -Fixes: 6fd166aae78c ("x86/mm: Use/Fix PCID to optimize user/kernel switches") -Reported-by: Kees Cook -Signed-off-by: Thomas Gleixner -Cc: Greg Kroah-Hartman -Cc: Peter Zijlstra -Cc: Andy Lutomirski -Cc: stable@vger.kernel.org ---- - arch/x86/mm/init.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/arch/x86/mm/init.c b/arch/x86/mm/init.c -index 80259ad..6b462a4 100644 ---- a/arch/x86/mm/init.c -+++ b/arch/x86/mm/init.c -@@ -870,7 +870,7 @@ __visible DEFINE_PER_CPU_SHARED_ALIGNED(struct tlb_state, cpu_tlbstate) = { - .next_asid = 1, - .cr4 = ~0UL, /* fail hard if we screw up cr4 shadow initialization */ - }; --EXPORT_SYMBOL_GPL(cpu_tlbstate); -+EXPORT_PER_CPU_SYMBOL(cpu_tlbstate); - - void update_cache_mode_entry(unsigned entry, enum page_cache_mode cache) - { diff --git a/debian/patches/series b/debian/patches/series index f11dc7739..40fd671f8 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -77,9 +77,7 @@ bugfix/all/disable-some-marvell-phys.patch bugfix/all/fs-add-module_softdep-declarations-for-hard-coded-cr.patch bugfix/all/partially-revert-usb-kconfig-using-select-for-usb_co.patch bugfix/all/kbuild-include-addtree-remove-quotes-before-matching-path.patch -bugfix/all/e1000e-fix-e1000_check_for_copper_link_ich8lan-return-value.patch debian/revert-scsi-libsas-allow-async-aborts.patch -bugfix/all/x86-tlb-Drop-the-_GPL-from-the-cpu_tlbstate-export.patch # Miscellaneous features @@ -123,7 +121,6 @@ debian/i386-686-pae-pci-set-pci-nobios-by-default.patch bugfix/all/media-dvb-usb-v2-lmedm04-Improve-logic-checking-of-w.patch bugfix/all/media-dvb-usb-v2-lmedm04-move-ts2020-attach-to-dm04_.patch bugfix/all/media-hdpvr-fix-an-error-handling-path-in-hdpvr_prob.patch -bugfix/all/bluetooth-prevent-stack-info-leak-from-the-efs-element.patch # Fix exported symbol versions bugfix/all/module-disable-matching-missing-version-crc.patch