Update to 3.12.2
svn path=/dists/trunk/linux/; revision=20837
This commit is contained in:
parent
4192f35808
commit
684107ea81
|
@ -1,7 +1,10 @@
|
||||||
linux (3.12.1-1~exp1) UNRELEASED; urgency=low
|
linux (3.12.2-1~exp1) UNRELEASED; urgency=low
|
||||||
|
|
||||||
* New upstream stable update:
|
* New upstream stable update:
|
||||||
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.1
|
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.1
|
||||||
|
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.2
|
||||||
|
- libertas: potential oops in debugfs (CVE-2013-6378)
|
||||||
|
- exec/ptrace: fix get_dumpable() incorrect tests (CVE-2013-2929)
|
||||||
|
|
||||||
[ Ben Hutchings ]
|
[ Ben Hutchings ]
|
||||||
* [rt] Update to 3.12.0-rt2 and reenable
|
* [rt] Update to 3.12.0-rt2 and reenable
|
||||||
|
|
|
@ -1,44 +0,0 @@
|
||||||
From: Neil Horman <nhorman@tuxdriver.com>
|
|
||||||
Date: Tue, 17 Sep 2013 08:33:11 -0400
|
|
||||||
Subject: crypto: ansi_cprng - Fix off by one error in non-block size request
|
|
||||||
Origin: https://git.kernel.org/cgit/linux/kernel/git/herbert/cryptodev-2.6.git/commit?id=714b33d15130cbb5ab426456d4e3de842d6c5b8a
|
|
||||||
|
|
||||||
Stephan Mueller reported to me recently a error in random number generation in
|
|
||||||
the ansi cprng. If several small requests are made that are less than the
|
|
||||||
instances block size, the remainder for loop code doesn't increment
|
|
||||||
rand_data_valid in the last iteration, meaning that the last bytes in the
|
|
||||||
rand_data buffer gets reused on the subsequent smaller-than-a-block request for
|
|
||||||
random data.
|
|
||||||
|
|
||||||
The fix is pretty easy, just re-code the for loop to make sure that
|
|
||||||
rand_data_valid gets incremented appropriately
|
|
||||||
|
|
||||||
Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
|
|
||||||
Reported-by: Stephan Mueller <stephan.mueller@atsec.com>
|
|
||||||
CC: Stephan Mueller <stephan.mueller@atsec.com>
|
|
||||||
CC: Petr Matousek <pmatouse@redhat.com>
|
|
||||||
CC: Herbert Xu <herbert@gondor.apana.org.au>
|
|
||||||
CC: "David S. Miller" <davem@davemloft.net>
|
|
||||||
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
|
|
||||||
---
|
|
||||||
crypto/ansi_cprng.c | 4 ++--
|
|
||||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/crypto/ansi_cprng.c b/crypto/ansi_cprng.c
|
|
||||||
index c0bb377..666f196 100644
|
|
||||||
--- a/crypto/ansi_cprng.c
|
|
||||||
+++ b/crypto/ansi_cprng.c
|
|
||||||
@@ -230,11 +230,11 @@ remainder:
|
|
||||||
*/
|
|
||||||
if (byte_count < DEFAULT_BLK_SZ) {
|
|
||||||
empty_rbuf:
|
|
||||||
- for (; ctx->rand_data_valid < DEFAULT_BLK_SZ;
|
|
||||||
- ctx->rand_data_valid++) {
|
|
||||||
+ while (ctx->rand_data_valid < DEFAULT_BLK_SZ) {
|
|
||||||
*ptr = ctx->rand_data[ctx->rand_data_valid];
|
|
||||||
ptr++;
|
|
||||||
byte_count--;
|
|
||||||
+ ctx->rand_data_valid++;
|
|
||||||
if (byte_count == 0)
|
|
||||||
goto done;
|
|
||||||
}
|
|
|
@ -58,7 +58,7 @@ upstream submission.
|
||||||
snprintf(fw_name, sizeof(fw_name), "amd-ucode/microcode_amd_fam%.2xh.bin", c->x86);
|
snprintf(fw_name, sizeof(fw_name), "amd-ucode/microcode_amd_fam%.2xh.bin", c->x86);
|
||||||
|
|
||||||
- if (request_firmware(&fw, (const char *)fw_name, device)) {
|
- if (request_firmware(&fw, (const char *)fw_name, device)) {
|
||||||
- pr_err("failed to load file %s\n", fw_name);
|
- pr_debug("failed to load file %s\n", fw_name);
|
||||||
+ if (request_firmware(&fw, (const char *)fw_name, device))
|
+ if (request_firmware(&fw, (const char *)fw_name, device))
|
||||||
goto out;
|
goto out;
|
||||||
- }
|
- }
|
||||||
|
|
|
@ -1,42 +0,0 @@
|
||||||
From: Steven Rostedt <rostedt@goodmis.org>
|
|
||||||
Date: Tue, 5 Nov 2013 12:51:11 -0500
|
|
||||||
Subject: perf/ftrace: Fix paranoid level for enabling function tracer
|
|
||||||
Origin: https://git.kernel.org/cgit/linux/kernel/git/rostedt/linux-trace.git/commit?id=d1356abac98cce8e7765186f8093da1442d74d1d
|
|
||||||
|
|
||||||
The current default perf paranoid level is "1" which has
|
|
||||||
"perf_paranoid_kernel()" return false, and giving any operations that
|
|
||||||
use it, access to normal users. Unfortunately, this includes function
|
|
||||||
tracing and normal users should not be allowed to enable function
|
|
||||||
tracing by default.
|
|
||||||
|
|
||||||
The proper level is defined at "-1" (full perf access), which
|
|
||||||
"perf_paranoid_tracepoint_raw()" will only give access to. Use that
|
|
||||||
check instead for enabling function tracing.
|
|
||||||
|
|
||||||
Reported-by: Dave Jones <davej@redhat.com>
|
|
||||||
Reported-by: Vince Weaver <vincent.weaver@maine.edu>
|
|
||||||
Cc: Peter Zijlstra <peterz@infradead.org>
|
|
||||||
Cc: Ingo Molnar <mingo@kernel.org>
|
|
||||||
Cc: Jiri Olsa <jolsa@redhat.com>
|
|
||||||
Cc: Frederic Weisbecker <fweisbec@gmail.com>
|
|
||||||
Cc: stable@vger.kernel.org # 3.4+
|
|
||||||
CVE: CVE-2013-2930
|
|
||||||
Fixes: ced39002f5ea ("ftrace, perf: Add support to use function tracepoint in perf")
|
|
||||||
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
|
|
||||||
---
|
|
||||||
kernel/trace/trace_event_perf.c | 2 +-
|
|
||||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/kernel/trace/trace_event_perf.c b/kernel/trace/trace_event_perf.c
|
|
||||||
index 80c36bc..78e27e3 100644
|
|
||||||
--- a/kernel/trace/trace_event_perf.c
|
|
||||||
+++ b/kernel/trace/trace_event_perf.c
|
|
||||||
@@ -26,7 +26,7 @@ static int perf_trace_event_perm(struct ftrace_event_call *tp_event,
|
|
||||||
{
|
|
||||||
/* The ftrace function trace is allowed only for root. */
|
|
||||||
if (ftrace_event_is_function(tp_event) &&
|
|
||||||
- perf_paranoid_kernel() && !capable(CAP_SYS_ADMIN))
|
|
||||||
+ perf_paranoid_tracepoint_raw() && !capable(CAP_SYS_ADMIN))
|
|
||||||
return -EPERM;
|
|
||||||
|
|
||||||
/* No tracing, just counting, so no obvious leak */
|
|
|
@ -70,10 +70,8 @@ features/all/efi-autoload-efivars.patch
|
||||||
# m68k Kconfig bugfix
|
# m68k Kconfig bugfix
|
||||||
bugfix/m68k/ethernat-kconfig.patch
|
bugfix/m68k/ethernat-kconfig.patch
|
||||||
|
|
||||||
bugfix/all/crypto-ansi_cprng-Fix-off-by-one-error-in-non-block-.patch
|
|
||||||
features/all/mvsas-Recognise-device-subsystem-9485-9485-as-88SE94.patch
|
features/all/mvsas-Recognise-device-subsystem-9485-9485-as-88SE94.patch
|
||||||
bugfix/all/kbuild-use-nostdinc-in-compile-tests.patch
|
bugfix/all/kbuild-use-nostdinc-in-compile-tests.patch
|
||||||
debian/add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by-default.patch
|
debian/add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by-default.patch
|
||||||
bugfix/all/UAPI-include-asm-byteorder.h-in-linux-raid-md_p.h.patch
|
bugfix/all/UAPI-include-asm-byteorder.h-in-linux-raid-md_p.h.patch
|
||||||
bugfix/all/perf-ftrace-Fix-paranoid-level-for-enabling-function.patch
|
|
||||||
bugfix/all/HID-uhid-fix-leak-for-64-32-UHID_CREATE.mbox
|
bugfix/all/HID-uhid-fix-leak-for-64-32-UHID_CREATE.mbox
|
||||||
|
|
Loading…
Reference in New Issue