From 5a1d3e0c9e6920134971fea4bd8370c94df7bc89 Mon Sep 17 00:00:00 2001
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Thu, 2 Apr 2020 08:18:40 +0200
Subject: [PATCH] Update to 4.19.112

Drop "wimax: i2400: fix memory leak"

Drop "wimax: i2400: Fix memory leak in i2400m_op_rfkill_sw_toggle"

Cleanup debian/changelog file
---
 debian/changelog                              | 32 +++++++++++++++-
 ...y-leak-in-i2400m_op_rfkill_sw_toggle.patch | 37 -------------------
 .../all/wimax-i2400-fix-memory-leak.patch     | 27 --------------
 debian/patches/series                         |  2 -
 4 files changed, 31 insertions(+), 67 deletions(-)
 delete mode 100644 debian/patches/bugfix/all/wimax-i2400-fix-memory-leak-in-i2400m_op_rfkill_sw_toggle.patch
 delete mode 100644 debian/patches/bugfix/all/wimax-i2400-fix-memory-leak.patch

diff --git a/debian/changelog b/debian/changelog
index 4c17d6bc1..b05fda7a7 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,4 +1,4 @@
-linux (4.19.111-1) UNRELEASED; urgency=medium
+linux (4.19.112-1) UNRELEASED; urgency=medium
 
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.99
@@ -1375,6 +1375,36 @@ linux (4.19.111-1) UNRELEASED; urgency=medium
     - net/smc: cancel event worker during device removal
     - efi: Add a sanity check to efivar_store_raw()
     - batman-adv: Avoid free/alloc race when handling OGM2 buffer
+    https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.112
+    - [x86] perf/amd/uncore: Replace manual sampling check with
+      CAP_NO_INTERRUPT flag
+    - [armhf] mmc: sdhci-omap: Add platform specific reset callback
+    - [armhf] mmc: sdhci-omap: Workaround errata regarding SDR104/HS200 tuning
+      failures (i929)
+    - ACPI: watchdog: Allow disabling WDAT at boot
+    - HID: apple: Add support for recent firmware on Magic Keyboards
+    - HID: i2c-hid: add Trekstor Surfbook E11B to descriptor override
+    - cfg80211: check reg_rule for NULL in handle_channel_custom()
+    - scsi: libfc: free response frame from GPN_ID
+    - net: usb: qmi_wwan: restore mtu min/max values after raw_ip switch
+    - mac80211: rx: avoid RCU list traversal under mutex
+    - signal: avoid double atomic counter increments for user accounting
+    - slip: not call free_netdev before rtnl_unlock in slip_open
+    - [x86,arm64] hinic: fix a irq affinity bug
+    - [x86,arm64] hinic: fix a bug of setting hw_ioctxt
+    - sfc: fix timestamp reconstruction at 16-bit rollover points
+    - jbd2: fix data races at struct journal_head
+    - [armhf] mmc: sdhci-omap: Don't finish_mrq() on a command error during
+      tuning
+    - [armhf] mmc: sdhci-omap: Fix Tuning procedure for temperatures < -20C
+    - driver core: Remove the link if there is no driver with AUTO flag
+    - driver core: Fix adding device links to probing suppliers
+    - driver core: Make driver core own stateful device links
+    - driver core: Add device link flag DL_FLAG_AUTOPROBE_CONSUMER
+    - driver core: Remove device link creation limitation
+    - driver core: Fix creation of device links with PM-runtime flags
+    - mm: slub: add missing TID bump in kmem_cache_alloc_bulk()
+    - efi: Fix debugobjects warning on 'efi_rts_work'
 
   [ Salvatore Bonaccorso ]
   * Refresh "Revert "objtool: Fix CONFIG_STACK_VALIDATION=y warning for
diff --git a/debian/patches/bugfix/all/wimax-i2400-fix-memory-leak-in-i2400m_op_rfkill_sw_toggle.patch b/debian/patches/bugfix/all/wimax-i2400-fix-memory-leak-in-i2400m_op_rfkill_sw_toggle.patch
deleted file mode 100644
index e679b4237..000000000
--- a/debian/patches/bugfix/all/wimax-i2400-fix-memory-leak-in-i2400m_op_rfkill_sw_toggle.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-From: Navid Emamdoost <navid.emamdoost@gmail.com>
-Date: Fri, 25 Oct 2019 23:53:30 -0500
-Subject: wimax: i2400: Fix memory leak in i2400m_op_rfkill_sw_toggle
-Origin: https://git.kernel.org/linus/6f3ef5c25cc762687a7341c18cbea5af54461407
-Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2019-19051
-
-In the implementation of i2400m_op_rfkill_sw_toggle() the allocated
-buffer for cmd should be released before returning. The
-documentation for i2400m_msg_to_dev() says when it returns the buffer
-can be reused. Meaning cmd should be released in either case. Move
-kfree(cmd) before return to be reached by all execution paths.
-
-Fixes: 2507e6ab7a9a ("wimax: i2400: fix memory leak")
-Signed-off-by: Navid Emamdoost <navid.emamdoost@gmail.com>
-Signed-off-by: David S. Miller <davem@davemloft.net>
-Signed-off-by: Ben Hutchings <ben.hutchings@codethink.co.uk>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- drivers/net/wimax/i2400m/op-rfkill.c |    2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
---- a/drivers/net/wimax/i2400m/op-rfkill.c
-+++ b/drivers/net/wimax/i2400m/op-rfkill.c
-@@ -142,12 +142,12 @@ int i2400m_op_rfkill_sw_toggle(struct wi
- 			"%d\n", result);
- 	result = 0;
- error_cmd:
--	kfree(cmd);
- 	kfree_skb(ack_skb);
- error_msg_to_dev:
- error_alloc:
- 	d_fnend(4, dev, "(wimax_dev %p state %d) = %d\n",
- 		wimax_dev, state, result);
-+	kfree(cmd);
- 	return result;
- }
- 
diff --git a/debian/patches/bugfix/all/wimax-i2400-fix-memory-leak.patch b/debian/patches/bugfix/all/wimax-i2400-fix-memory-leak.patch
deleted file mode 100644
index d80e17e05..000000000
--- a/debian/patches/bugfix/all/wimax-i2400-fix-memory-leak.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From: Navid Emamdoost <navid.emamdoost@gmail.com>
-Date: Tue, 10 Sep 2019 18:01:40 -0500
-Subject: wimax: i2400: fix memory leak
-Origin: https://git.kernel.org/linus/2507e6ab7a9a440773be476141a255934468c5ef
-Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2019-19051
-
-In i2400m_op_rfkill_sw_toggle cmd buffer should be released along with
-skb response.
-
-Signed-off-by: Navid Emamdoost <navid.emamdoost@gmail.com>
-Signed-off-by: David S. Miller <davem@davemloft.net>
-Signed-off-by: Ben Hutchings <ben.hutchings@codethink.co.uk>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- drivers/net/wimax/i2400m/op-rfkill.c |    1 +
- 1 file changed, 1 insertion(+)
-
---- a/drivers/net/wimax/i2400m/op-rfkill.c
-+++ b/drivers/net/wimax/i2400m/op-rfkill.c
-@@ -142,6 +142,7 @@ int i2400m_op_rfkill_sw_toggle(struct wi
- 			"%d\n", result);
- 	result = 0;
- error_cmd:
-+	kfree(cmd);
- 	kfree_skb(ack_skb);
- error_msg_to_dev:
- error_alloc:
diff --git a/debian/patches/series b/debian/patches/series
index 3cb1bcd64..9f8ec9bc3 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -294,7 +294,5 @@ features/arm/staging-vc04_services-Use-correct-cache-line-size.patch
 # Security fixes
 debian/i386-686-pae-pci-set-pci-nobios-by-default.patch
 debian/ntfs-mark-it-as-broken.patch
-bugfix/all/wimax-i2400-fix-memory-leak.patch
-bugfix/all/wimax-i2400-fix-memory-leak-in-i2400m_op_rfkill_sw_toggle.patch
 
 # ABI maintenance