debian-packaging
/
linux
8
0
Fork 0
Code Releases Activity

Update to 3.12.2 

svn path=/dists/trunk/linux/; revision=20837
This commit is contained in:
Ben Hutchings 2013-12-02 04:39:02 +00:00
parent 4192f35808
commit 684107ea81
5 changed files with 5 additions and 90 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
debian/changelog vendored
View File

@ -1,7 +1,10 @@
linux (3.12.1-1~exp1) UNRELEASED; urgency=low
linux (3.12.2-1~exp1) UNRELEASED; urgency=low
* New upstream stable update:
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.1
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.2
- libertas: potential oops in debugfs (CVE-2013-6378)
- exec/ptrace: fix get_dumpable() incorrect tests (CVE-2013-2929)
[ Ben Hutchings ]
* [rt] Update to 3.12.0-rt2 and reenable

44
debian/patches/bugfix/all/crypto-ansi_cprng-Fix-off-by-one-error-in-non-block-.patch vendored
View File

@ -1,44 +0,0 @@
From: Neil Horman <nhorman@tuxdriver.com>
Date: Tue, 17 Sep 2013 08:33:11 -0400
Subject: crypto: ansi_cprng - Fix off by one error in non-block size request
Origin: https://git.kernel.org/cgit/linux/kernel/git/herbert/cryptodev-2.6.git/commit?id=714b33d15130cbb5ab426456d4e3de842d6c5b8a
Stephan Mueller reported to me recently a error in random number generation in
the ansi cprng. If several small requests are made that are less than the
instances block size, the remainder for loop code doesn't increment
rand_data_valid in the last iteration, meaning that the last bytes in the
rand_data buffer gets reused on the subsequent smaller-than-a-block request for
random data.
The fix is pretty easy, just re-code the for loop to make sure that
rand_data_valid gets incremented appropriately
Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
Reported-by: Stephan Mueller <stephan.mueller@atsec.com>
CC: Stephan Mueller <stephan.mueller@atsec.com>
CC: Petr Matousek <pmatouse@redhat.com>
CC: Herbert Xu <herbert@gondor.apana.org.au>
CC: "David S. Miller" <davem@davemloft.net>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
---
crypto/ansi_cprng.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/crypto/ansi_cprng.c b/crypto/ansi_cprng.c
index c0bb377..666f196 100644
--- a/crypto/ansi_cprng.c
+++ b/crypto/ansi_cprng.c
@@ -230,11 +230,11 @@ remainder:
*/
if (byte_count < DEFAULT_BLK_SZ) {
empty_rbuf:
- for (; ctx->rand_data_valid < DEFAULT_BLK_SZ;
- ctx->rand_data_valid++) {
+ while (ctx->rand_data_valid < DEFAULT_BLK_SZ) {
*ptr = ctx->rand_data[ctx->rand_data_valid];
ptr++;
byte_count--;
+ ctx->rand_data_valid++;
if (byte_count == 0)
goto done;
}

2
debian/patches/bugfix/all/firmware-remove-redundant-log-messages-from-drivers.patch vendored
View File

@ -58,7 +58,7 @@ upstream submission.
snprintf(fw_name, sizeof(fw_name), "amd-ucode/microcode_amd_fam%.2xh.bin", c->x86);
- if (request_firmware(&fw, (const char *)fw_name, device)) {
- pr_err("failed to load file %s\n", fw_name);
- pr_debug("failed to load file %s\n", fw_name);
+ if (request_firmware(&fw, (const char *)fw_name, device))
goto out;
- }

42
debian/patches/bugfix/all/perf-ftrace-Fix-paranoid-level-for-enabling-function.patch vendored
View File

@ -1,42 +0,0 @@
From: Steven Rostedt <rostedt@goodmis.org>
Date: Tue, 5 Nov 2013 12:51:11 -0500
Subject: perf/ftrace: Fix paranoid level for enabling function tracer
Origin: https://git.kernel.org/cgit/linux/kernel/git/rostedt/linux-trace.git/commit?id=d1356abac98cce8e7765186f8093da1442d74d1d
The current default perf paranoid level is "1" which has
"perf_paranoid_kernel()" return false, and giving any operations that
use it, access to normal users. Unfortunately, this includes function
tracing and normal users should not be allowed to enable function
tracing by default.
The proper level is defined at "-1" (full perf access), which
"perf_paranoid_tracepoint_raw()" will only give access to. Use that
check instead for enabling function tracing.
Reported-by: Dave Jones <davej@redhat.com>
Reported-by: Vince Weaver <vincent.weaver@maine.edu>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Jiri Olsa <jolsa@redhat.com>
Cc: Frederic Weisbecker <fweisbec@gmail.com>
Cc: stable@vger.kernel.org # 3.4+
CVE: CVE-2013-2930
Fixes: ced39002f5ea ("ftrace, perf: Add support to use function tracepoint in perf")
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
---
kernel/trace/trace_event_perf.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/trace/trace_event_perf.c b/kernel/trace/trace_event_perf.c
index 80c36bc..78e27e3 100644
--- a/kernel/trace/trace_event_perf.c
+++ b/kernel/trace/trace_event_perf.c
@@ -26,7 +26,7 @@ static int perf_trace_event_perm(struct ftrace_event_call *tp_event,
{
/* The ftrace function trace is allowed only for root. */
if (ftrace_event_is_function(tp_event) &&
- perf_paranoid_kernel() && !capable(CAP_SYS_ADMIN))
+ perf_paranoid_tracepoint_raw() && !capable(CAP_SYS_ADMIN))
return -EPERM;
/* No tracing, just counting, so no obvious leak */

2
debian/patches/series vendored
View File

@ -70,10 +70,8 @@ features/all/efi-autoload-efivars.patch
# m68k Kconfig bugfix
bugfix/m68k/ethernat-kconfig.patch
bugfix/all/crypto-ansi_cprng-Fix-off-by-one-error-in-non-block-.patch
features/all/mvsas-Recognise-device-subsystem-9485-9485-as-88SE94.patch
bugfix/all/kbuild-use-nostdinc-in-compile-tests.patch
debian/add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by-default.patch
bugfix/all/UAPI-include-asm-byteorder.h-in-linux-raid-md_p.h.patch
bugfix/all/perf-ftrace-Fix-paranoid-level-for-enabling-function.patch
bugfix/all/HID-uhid-fix-leak-for-64-32-UHID_CREATE.mbox