Ben Hutchings
parent
f1e87af382
commit
15c6a89208
|
|
@ -1,4 +1,4 @@
|
|||
linux (4.13.9-1) UNRELEASED; urgency=medium
|
||||
linux (4.13.10-1) UNRELEASED; urgency=medium
|
||||
|
||||
* New upstream stable update:
|
||||
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.5
|
||||
|
|
@ -170,7 +170,6 @@ linux (4.13.9-1) UNRELEASED; urgency=medium
|
|||
- USB: dummy-hcd: fix infinite-loop resubmission bug
|
||||
- USB: dummy-hcd: Fix erroneous synchronization change
|
||||
- USB: devio: Prevent integer overflow in proc_do_submiturb()
|
||||
- USB: devio: Don't corrupt user memory
|
||||
- USB: g_mass_storage: Fix deadlock when driver is unbound
|
||||
- USB: uas: fix bug in handling of alternate settings
|
||||
- USB: core: harden cdc_parse_cdc_header
|
||||
|
|
@ -317,6 +316,84 @@ linux (4.13.9-1) UNRELEASED; urgency=medium
|
|||
- [x86] vmbus: refactor hv_signal_on_read
|
||||
- [x86] vmbus: eliminate duplicate cached index
|
||||
- [x86] vmbus: more host signalling avoidance
|
||||
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.10
|
||||
- USB: core: fix out-of-bounds access bug in usb_get_bos_descriptor()
|
||||
- usb: hub: Allow reset retry for USB2 devices on connect bounce
|
||||
- ALSA: usb-audio: Add native DSD support for Pro-Ject Pre Box S2 Digital
|
||||
- can: gs_usb: fix busy loop if no more TX context is available
|
||||
- scsi: qla2xxx: Fix uninitialized work element
|
||||
- nbd: don't set the device size until we're connected
|
||||
- [s390x] cputime: fix guest/irq/softirq times after CPU hotplug
|
||||
- [hppa/parisc] Fix double-word compare and exchange in LWS code on 32-bit
|
||||
kernels
|
||||
- [hppa] Fix detection of nonsynchronous cr16 cycle counters
|
||||
- iio: dummy: events: Add missing break
|
||||
- [armhf] usb: musb: sunxi: Explicitly release USB PHY on exit
|
||||
- [armhf] USB: musb: fix session-bit runtime-PM quirk
|
||||
- [armhf] USB: musb: fix late external abort on suspend
|
||||
- [armhf] usb: musb: musb_cppi41: Fix the address of teardown and autoreq
|
||||
registers
|
||||
- [armhf] usb: musb: musb_cppi41: Fix cppi41_set_dma_mode() for DA8xx
|
||||
- [armhf] usb: musb: musb_cppi41: Configure the number of channels for DA8xx
|
||||
- [armhf] usb: musb: Check for host-mode using is_host_active() on reset
|
||||
interrupt
|
||||
- xhci: Identify USB 3.1 capable hosts by their port protocol capability
|
||||
- xhci: Cleanup current_cmd in xhci_cleanup_command_queue()
|
||||
- usb: xhci: Reset halted endpoint if trb is noop
|
||||
- usb: xhci: Handle error condition in xhci_stop_device()
|
||||
- can: esd_usb2: Fix can_dlc value for received RTR, frames
|
||||
- can: af_can: can_pernet_init(): add missing error handling for kzalloc
|
||||
returning NULL
|
||||
- KEYS: encrypted: fix dereference of NULL user_key_payload
|
||||
- mmc: sdhci-pci: Fix default d3_retune for Intel host controllers
|
||||
- [x86] drm/i915: Use bdw_ddi_translations_fdi for Broadwell
|
||||
- drm/nouveau/kms/nv50: fix oops during DP IRQ handling on non-MST boards
|
||||
- drm/nouveau/bsp/g92: disable by default
|
||||
- drm/nouveau/mmu: flush tlbs before deleting page tables
|
||||
- media: cec: Respond to unregistered initiators, when applicable
|
||||
- media: dvb: i2c transfers over usb cannot be done from stack
|
||||
- ALSA: seq: Enable 'use' locking in all configurations
|
||||
- ALSA: hda: Remove superfluous '-' added by printk conversion
|
||||
- ALSA: hda: Abort capability probe at invalid register read
|
||||
- [x86] i2c: ismt: Separate I2C block read from SMBus block read
|
||||
- [x86] i2c: piix4: Fix SMBus port selection for AMD Family 17h chips
|
||||
- Revert "tools/power turbostat: stop migrating, unless '-m'"
|
||||
- brcmfmac: Add check for short event packets
|
||||
- brcmsmac: make some local variables 'static const' to reduce stack size
|
||||
- [armhf] dts: sun6i: Fix endpoint IDs in second display pipeline
|
||||
- [i386] clockevents/drivers/cs5535: Improve resilience to spurious
|
||||
interrupts
|
||||
- rtlwifi: rtl8821ae: Fix connection lost problem
|
||||
- [x86] microcode/intel: Disable late loading on model 79
|
||||
- lib/digsig: fix dereference of NULL user_key_payload
|
||||
- fscrypt: fix dereference of NULL user_key_payload
|
||||
- ecryptfs: fix dereference of NULL user_key_payload
|
||||
- KEYS: Fix race between updating and finding a negative key
|
||||
(CVE-2017-15951)
|
||||
- FS-Cache: fix dereference of NULL user_key_payload
|
||||
- KEYS: don't let add_key() update an uninstantiated key (CVE-2017-15299)
|
||||
- pkcs7: Prevent NULL pointer dereference, since sinfo is not always set.
|
||||
- [arm64] dts: rockchip: correct vqmmc voltage for rk3399 platforms
|
||||
- ALSA: hda - Fix incorrect TLV callback check introduced during set_fs()
|
||||
removal
|
||||
- iomap_dio_rw: Allocate AIO completion queue before submitting dio
|
||||
- xfs: don't unconditionally clear the reflink flag on zero-block files
|
||||
- xfs: evict CoW fork extents when performing finsert/fcollapse
|
||||
- fs/xfs: Use %pS printk format for direct addresses
|
||||
- xfs: report zeroed or not correctly in xfs_zero_range()
|
||||
- xfs: update i_size after unwritten conversion in dio completion
|
||||
- xfs: perag initialization should only touch m_ag_max_usable for AG 0
|
||||
- xfs: Capture state of the right inode in xfs_iflush_done
|
||||
- xfs: always swap the cow forks when swapping extents
|
||||
- xfs: handle racy AIO in xfs_reflink_end_cow
|
||||
- xfs: Don't log uninitialised fields in inode structures
|
||||
- xfs: move more RT specific code under CONFIG_XFS_RT
|
||||
- xfs: don't change inode mode if ACL update fails
|
||||
- xfs: reinit btree pointer on attr tree inactivation walk
|
||||
- xfs: handle error if xfs_btree_get_bufs fails
|
||||
- xfs: cancel dirty pages on invalidation
|
||||
- xfs: trim writepage mapping to within eof
|
||||
- xfs: move two more RT specific functions into CONFIG_XFS_RT
|
||||
|
||||
[ Ben Hutchings ]
|
||||
* [arm64] brcmfmac: Enable BRCMFMAC_SDIO (Closes: #877911)
|
||||
|
|
@ -333,6 +410,7 @@ linux (4.13.9-1) UNRELEASED; urgency=medium
|
|||
* security: Enable DEFAULT_SECURITY_APPARMOR
|
||||
* mac80211: Avoid ABI change in 4.13.5
|
||||
* [x86] rmi4: Enable RMI4_SMB as module (Closes: #875621)
|
||||
* KEYS: Limit ABI change in 4.13.10
|
||||
|
||||
-- Ben Hutchings <ben@decadent.org.uk> Wed, 18 Oct 2017 20:03:01 +0100
|
||||
|
||||
|
|
|
|||
|
|
@ -12,6 +12,7 @@ ignore-changes:
|
|||
mm_iommu_*
|
||||
perf_*
|
||||
register_cxl_calls
|
||||
register_key_type
|
||||
unregister_cxl_calls
|
||||
*_hw_breakpoint
|
||||
module:arch/x86/kvm/*
|
||||
|
|
|
|||
|
|
@ -0,0 +1,95 @@
|
|||
From: Ben Hutchings <ben@decadent.org.uk>
|
||||
Date: Sun, 29 Oct 2017 10:30:46 +0000
|
||||
Subject: KEYS: Limit ABI change in 4.13.10
|
||||
Forwarded: not-needed
|
||||
|
||||
Commit 363b02dab09b ("KEYS: Fix race between updating and finding a
|
||||
negative key") rearranged various state members in struct key, resulting
|
||||
in an ABI change for all keys APIs.
|
||||
|
||||
Only the keys subsystem and key type implementation use this state
|
||||
information, so we can limit the ABI break to them:
|
||||
|
||||
- Renumber the other flags back to their old values
|
||||
- Hide the deletion of the reject_error field from genksyms (it was only
|
||||
used inside the keys subsystem)
|
||||
- Move the new state field to the end of the structure and hide it from
|
||||
genksyms
|
||||
- Rename the register_key_type() function, so newly built key type
|
||||
modules will only load on top of the new keys subsystem while old
|
||||
key type modules will only load on top of the old keys subsystem
|
||||
|
||||
---
|
||||
--- a/include/linux/key.h
|
||||
+++ b/include/linux/key.h
|
||||
@@ -174,7 +174,6 @@ struct key {
|
||||
* - may not match RCU dereferenced payload
|
||||
* - payload should contain own length
|
||||
*/
|
||||
- short state; /* Key state (+) or rejection error (-) */
|
||||
|
||||
#ifdef KEY_DEBUGGING
|
||||
unsigned magic;
|
||||
@@ -182,16 +181,16 @@ struct key {
|
||||
#endif
|
||||
|
||||
unsigned long flags; /* status flags (change with bitops) */
|
||||
-#define KEY_FLAG_DEAD 0 /* set if key type has been deleted */
|
||||
-#define KEY_FLAG_REVOKED 1 /* set if key had been revoked */
|
||||
-#define KEY_FLAG_IN_QUOTA 2 /* set if key consumes quota */
|
||||
-#define KEY_FLAG_USER_CONSTRUCT 3 /* set if key is being constructed in userspace */
|
||||
-#define KEY_FLAG_ROOT_CAN_CLEAR 4 /* set if key can be cleared by root without permission */
|
||||
-#define KEY_FLAG_INVALIDATED 5 /* set if key has been invalidated */
|
||||
-#define KEY_FLAG_BUILTIN 6 /* set if key is built in to the kernel */
|
||||
-#define KEY_FLAG_ROOT_CAN_INVAL 7 /* set if key can be invalidated by root without permission */
|
||||
-#define KEY_FLAG_KEEP 8 /* set if key should not be removed */
|
||||
-#define KEY_FLAG_UID_KEYRING 9 /* set if key is a user or user session keyring */
|
||||
+#define KEY_FLAG_DEAD 1 /* set if key type has been deleted */
|
||||
+#define KEY_FLAG_REVOKED 2 /* set if key had been revoked */
|
||||
+#define KEY_FLAG_IN_QUOTA 3 /* set if key consumes quota */
|
||||
+#define KEY_FLAG_USER_CONSTRUCT 4 /* set if key is being constructed in userspace */
|
||||
+#define KEY_FLAG_ROOT_CAN_CLEAR 6 /* set if key can be cleared by root without permission */
|
||||
+#define KEY_FLAG_INVALIDATED 7 /* set if key has been invalidated */
|
||||
+#define KEY_FLAG_BUILTIN 8 /* set if key is built in to the kernel */
|
||||
+#define KEY_FLAG_ROOT_CAN_INVAL 9 /* set if key can be invalidated by root without permission */
|
||||
+#define KEY_FLAG_KEEP 10 /* set if key should not be removed */
|
||||
+#define KEY_FLAG_UID_KEYRING 11 /* set if key is a user or user session keyring */
|
||||
|
||||
/* the key type and key description string
|
||||
* - the desc is used to match a key against search criteria
|
||||
@@ -217,6 +216,9 @@ struct key {
|
||||
struct list_head name_link;
|
||||
struct assoc_array keys;
|
||||
};
|
||||
+#ifdef __GENKSYMS__
|
||||
+ int reject_error;
|
||||
+#endif
|
||||
};
|
||||
|
||||
/* This is set on a keyring to restrict the addition of a link to a key
|
||||
@@ -231,6 +233,10 @@ struct key {
|
||||
* restriction.
|
||||
*/
|
||||
struct key_restriction *restrict_link;
|
||||
+
|
||||
+#ifndef __GENKSYMS__
|
||||
+ short state; /* Key state (+) or rejection error (-) */
|
||||
+#endif
|
||||
};
|
||||
|
||||
extern struct key *key_alloc(struct key_type *type,
|
||||
--- a/include/linux/key-type.h
|
||||
+++ b/include/linux/key-type.h
|
||||
@@ -162,6 +162,12 @@ struct key_type {
|
||||
|
||||
extern struct key_type key_type_keyring;
|
||||
|
||||
+/*
|
||||
+ * ABI compat: Rename register function so newly built key type modules
|
||||
+ * will require a new kernel and can then safely assume the existence of the
|
||||
+ * key::state field. Other keys users don't access it and are unaffected.
|
||||
+ */
|
||||
+#define register_key_type register_key_type_2
|
||||
extern int register_key_type(struct key_type *ktype);
|
||||
extern void unregister_key_type(struct key_type *ktype);
|
||||
|
||||
|
|
@ -135,3 +135,4 @@ debian/scsi-avoid-abi-change-in-4.13.6.patch
|
|||
debian/dax-avoid-abi-change-in-4.13.5.patch
|
||||
debian/revert-bpf-one-perf-event-close-won-t-free-bpf-program-atta.patch
|
||||
debian/mac80211-avoid-abi-change-in-4.13.5.patch
|
||||
debian/keys-limit-abi-change-in-4.13.10.patch
|
||||
|
|
|
|||
Loading…
Reference in New Issue