From 68b6e328193a6281c93bf4d51ba67a9108eee664 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Sat, 9 Sep 2017 14:15:20 +0200 Subject: [PATCH] Update to 4.12.11 --- debian/changelog | 30 +++++++++- ...-policy-check-policy-direction-value.patch | 40 ------------- ...support-for-__sane_userspace_types__.patch | 56 ------------------- debian/patches/series | 2 - 4 files changed, 29 insertions(+), 99 deletions(-) delete mode 100644 debian/patches/bugfix/all/xfrm-policy-check-policy-direction-value.patch delete mode 100644 debian/patches/bugfix/alpha/alpha-uapi-add-support-for-__sane_userspace_types__.patch diff --git a/debian/changelog b/debian/changelog index 2fb563c96..947535d10 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -linux (4.12.10-1) UNRELEASED; urgency=medium +linux (4.12.11-1) UNRELEASED; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.7 @@ -195,6 +195,34 @@ linux (4.12.10-1) UNRELEASED; urgency=medium - Clarify (and fix) MAX_LFS_FILESIZE macros - ACPI: EC: Fix regression related to wrong ECDT initialization order - [powerpc*] mm: Ensure cpumask update is ordered + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.11 + - [arm64] mm: abort uaccess retries upon fatal signal + - [x86] io: Add "memory" clobber to insb/insw/insl/outsb/outsw/outsl + - [mips*] irqchip: mips-gic: SYNC after enabling GIC region + - Input: synaptics - fix device info appearing different on reconnect + - Input: xpad - fix PowerA init quirk for some gamepad models + - crypto: chacha20 - fix handling of chunked input + - [x86] i2c: ismt: Don't duplicate the receive length for block reads + - [x86] i2c: ismt: Return EMSGSIZE for block reads with bogus length + - crypto: algif_skcipher - only call put_page on referenced and used pages + - mm, uprobes: fix multiple free of ->uprobes_state.xol_area + - mm, madvise: ensure poisoned pages are removed from per-cpu lists + - ceph: fix readpage from fscache + - cpumask: fix spurious cpumask_of_node() on non-NUMA multi-node configs + - cpuset: Fix incorrect memory_pressure control file mapping + - CIFS: Fix maximum SMB2 header size + - CIFS: remove endian related sparse warning + - dm mpath: do not lock up a CPU with requeuing activity + - [x86] drm/vmwgfx: Fix F26 Wayland screen update issue + - [arm64, armhf] wl1251: add a missing spin_lock_init() + - [arm64] mmc: sdhci-xenon: add set_power callback + - lib/mpi: kunmap after finishing accessing buffer + - xfrm: policy: check policy direction value + - drm/ttm: Fix accounting error when fail to get pages for pool + - nvme: fix the definition of the doorbell buffer config support bit + - drm/nouveau/i2c/gf119-: add support for address-only transactions + - epoll: fix race between ep_poll_callback(POLLFREE) and + ep_free()/ep_remove() [ Ben Hutchings ] * [alpha] udeb: Add i2c-modules (fixes FTBFS) diff --git a/debian/patches/bugfix/all/xfrm-policy-check-policy-direction-value.patch b/debian/patches/bugfix/all/xfrm-policy-check-policy-direction-value.patch deleted file mode 100644 index 42dedccea..000000000 --- a/debian/patches/bugfix/all/xfrm-policy-check-policy-direction-value.patch +++ /dev/null @@ -1,40 +0,0 @@ -From: Vladis Dronov -Date: Wed, 2 Aug 2017 19:50:14 +0200 -Subject: xfrm: policy: check policy direction value -Origin: https://git.kernel.org/linus/7bab09631c2a303f87a7eb7e3d69e888673b9b7e -Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-11600 - -The 'dir' parameter in xfrm_migrate() is a user-controlled byte which is used -as an array index. This can lead to an out-of-bound access, kernel lockup and -DoS. Add a check for the 'dir' value. - -This fixes CVE-2017-11600. - -References: https://bugzilla.redhat.com/show_bug.cgi?id=1474928 -Fixes: 80c9abaabf42 ("[XFRM]: Extension for dynamic update of endpoint address(es)") -Cc: # v2.6.21-rc1 -Reported-by: "bo Zhang" -Signed-off-by: Vladis Dronov -Signed-off-by: Steffen Klassert ---- - net/xfrm/xfrm_policy.c | 6 ++++++ - 1 file changed, 6 insertions(+) - ---- a/net/xfrm/xfrm_policy.c -+++ b/net/xfrm/xfrm_policy.c -@@ -3301,9 +3301,15 @@ int xfrm_migrate(const struct xfrm_selec - struct xfrm_state *x_new[XFRM_MAX_DEPTH]; - struct xfrm_migrate *mp; - -+ /* Stage 0 - sanity checks */ - if ((err = xfrm_migrate_check(m, num_migrate)) < 0) - goto out; - -+ if (dir >= XFRM_POLICY_MAX) { -+ err = -EINVAL; -+ goto out; -+ } -+ - /* Stage 1 - find policy */ - if ((pol = xfrm_migrate_policy_find(sel, dir, type, net)) == NULL) { - err = -ENOENT; diff --git a/debian/patches/bugfix/alpha/alpha-uapi-add-support-for-__sane_userspace_types__.patch b/debian/patches/bugfix/alpha/alpha-uapi-add-support-for-__sane_userspace_types__.patch deleted file mode 100644 index 3d6a877bf..000000000 --- a/debian/patches/bugfix/alpha/alpha-uapi-add-support-for-__sane_userspace_types__.patch +++ /dev/null @@ -1,56 +0,0 @@ -From: Ben Hutchings -Date: Tue, 29 Sep 2015 02:55:06 +0100 -Subject: [PATCH] alpha: uapi: Add support for __SANE_USERSPACE_TYPES__ -Forwarded: http://mid.gmane.org/1443659755.2730.14.camel@decadent.org.uk - -This fixes compiler errors in perf such as: - -tests/attr.c: In function 'store_event': -tests/attr.c:66:27: error: format '%llu' expects argument of type 'long long unsigned int', but argument 6 has type '__u64 {aka long unsigned int}' [-Werror=format=] - snprintf(path, PATH_MAX, "%s/event-%d-%llu-%d", dir, - ^ - -Signed-off-by: Ben Hutchings -Tested-by: Michael Cree -Cc: stable@vger.kernel.org ---- - arch/alpha/include/asm/types.h | 2 +- - arch/alpha/include/uapi/asm/types.h | 12 +++++++++++- - 2 files changed, 12 insertions(+), 2 deletions(-) - -# diff --git a/arch/alpha/include/asm/types.h b/arch/alpha/include/asm/types.h -# index 4cb4b6d..0bc66e1 100644 -# --- a/arch/alpha/include/asm/types.h -# +++ b/arch/alpha/include/asm/types.h -# @@ -1,6 +1,6 @@ -# #ifndef _ALPHA_TYPES_H -# #define _ALPHA_TYPES_H -# -# -#include -# +#include -# -# #endif /* _ALPHA_TYPES_H */ -diff --git a/arch/alpha/include/uapi/asm/types.h b/arch/alpha/include/uapi/asm/types.h -index 9fd3cd4..8d1024d 100644 ---- a/arch/alpha/include/uapi/asm/types.h -+++ b/arch/alpha/include/uapi/asm/types.h -@@ -9,8 +9,18 @@ - * need to be careful to avoid a name clashes. - */ - --#ifndef __KERNEL__ -+/* -+ * This is here because we used to use l64 for alpha -+ * and we don't want to impact user mode with our change to ll64 -+ * in the kernel. -+ * -+ * However, some user programs are fine with this. They can -+ * flag __SANE_USERSPACE_TYPES__ to get int-ll64.h here. -+ */ -+#if !defined(__SANE_USERSPACE_TYPES__) && !defined(__KERNEL__) - #include -+#else -+#include - #endif - - #endif /* _UAPI_ALPHA_TYPES_H */ diff --git a/debian/patches/series b/debian/patches/series index ac0a47483..2adbf115f 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -122,7 +122,6 @@ features/all/lockdown/arm64-add-kernel-config-option-to-lock-down-when.patch # Security fixes debian/i386-686-pae-pci-set-pci-nobios-by-default.patch -bugfix/all/xfrm-policy-check-policy-direction-value.patch # Fix exported symbol versions bugfix/alpha/alpha-restore-symbol-versions-for-symbols-exported-f.patch @@ -137,7 +136,6 @@ bugfix/all/tools-perf-man-date.patch bugfix/all/tools-perf-remove-shebangs.patch bugfix/all/tools-lib-traceevent-use-ldflags.patch bugfix/x86/revert-perf-build-fix-libunwind-feature-detection-on.patch -bugfix/alpha/alpha-uapi-add-support-for-__sane_userspace_types__.patch bugfix/all/tools-build-remove-bpf-run-time-check-at-build-time.patch bugfix/all/cpupower-bump-soname-version.patch bugfix/all/cpupower-fix-checks-for-cpu-existence.patch