Update to 3.14.9

Deal with the various ABI changes: * Avoid the change in ALSA * We can no longer avoid a change in sockdiag, and it doesn't seem to have any OOT users so ignore it * team driver probably doesn't have OOT users, so ignore the change svn path=/dists/sid/linux/; revision=21476
2014-06-29 02:19:32 +00:00 · 2014-06-29 02:19:32 +00:00 · 7948accb8e
parent bcff92529e
commit 7948accb8e
5 changed files with 78 additions and 43 deletions
--- a/debian/changelog
+++ b/debian/changelog
@ -1,10 +1,49 @@
-linux (3.14.8-1) UNRELEASED; urgency=medium
+linux (3.14.9-1) UNRELEASED; urgency=medium

  * New upstream stable update:
    https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.8
    - Target/iscsi,iser: Avoid accepting transport connections during stop
      stage
    - iser-target: Fix multi network portal shutdown regression
+    https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.9
+    - target: Fix NULL pointer dereference for XCOPY in target_put_sess_cmd
+      (regression in 3.14.6)
+    - iscsi-target: Reject mutual authentication with reflected CHAP_C
+    - ima: audit log files opened with O_DIRECT flag
+    - ima: introduce ima_kernel_read() (regression in 3.10)
+    - evm: prohibit userspace writing 'security.evm' HMAC value
+    - net: Use netlink_ns_capable to verify the permisions of netlink messages
+      (CVE-2014-0181)
+    - netlink: Only check file credentials for implicit destinations
+    - qlcnic: info leak in qlcnic_dcb_peer_app_info()
+    - ipv6: Fix regression caused by efe4208 in udp_v6_mcast_next()
+      (regression in 3.13)
+    - netlink: rate-limit leftover bytes warning and print process name
+    - bridge: Prevent insertion of FDB entry with disallowed vlan
+    - net: tunnels - enable module autoloading
+    - [sparc] net: filter: fix typo in sparc BPF JIT
+    - sfc: PIO:Restrict to 64bit arch and use 64-bit writes.
+      (regression in 3.13)
+    - ipv4: fix a race in ip4_datagram_release_cb()
+    - sctp: Fix sk_ack_backlog wrap-around problem
+    - udp: ipv4: do not waste time in __udp4_lib_mcast_demux_lookup
+      (regression in 3.13)
+    - USB: cdc-acm: Fix various bugs in power management
+    - USB: cdc-acm: fix I/O after failed open
+    - [x86] hv: use correct order when freeing monitor_pages
+    - ASoC: dapm: Make sure to always update the DAPM graph in _put_volsw()
+      (regression in 3.12)
+    - lzo: properly check for overruns (CVE-2014-4608)
+    - lz4: ensure length does not wrap (CVE-2014-4608)
+    - ALSA: compress: Cancel the optimization of compiler and fix the size of
+      struct for all platform.
+    - ALSA: control: Protect user controls against concurrent access
+      (CVE-2014-4652)
+    - ALSA: control: Fix replacing user controls (CVE-2014-4654, CVE-2014-4655)
+    - ALSA: control: Don't access controls outside of protected regions
+      (CVE-2014-4653)
+    - ALSA: control: Make sure that id->index does not overflow;
+      Handle numid overflow (CVE-2014-4656)

  [ Ben Hutchings ]
  * aufs: Update to aufs3.14-20140616:
--- a/debian/config/defines
+++ b/debian/config/defines
@ -18,6 +18,10 @@ ignore-changes:
 i8042_*
 ps2_*
 serio_*
+# Private to the team modules
+ module:drivers/net/team/team
+# Apparently not used OOT
+ sock_diag_put_filterinfo

 [base]
 arches:
--- a/debian/patches/debian/alsa-avoid-abi-change-for-cve-2014-4652-fix.patch
+++ b/debian/patches/debian/alsa-avoid-abi-change-for-cve-2014-4652-fix.patch
@ -0,0 +1,33 @@
+From: Ben Hutchings <ben@decadent.org.uk>
+Date: Sun, 29 Jun 2014 02:05:57 +0100
+Subject: ALSA: Avoid ABI change for CVE-2014-4652 fix
+Forwarded: not-needed
+
+Move the new member snd_card::user_ctl_lock to the end of the structure
+and hide it from genksyms.  struct snd_card is always allocated by
+snd_card_create() in sound/core/init.c and user_ctl_lock is used in
+sound/core/control.c, and these are part of the same module so they
+are sure to be consistent.
+
+--- a/include/sound/core.h
+++ b/include/sound/core.h
+@@ -121,8 +121,6 @@ struct snd_card {
+ 	int user_ctl_count;		/* count of all user controls */
+ 	struct list_head controls;	/* all controls for this card */
+ 	struct list_head ctl_files;	/* active control files */
+-	struct mutex user_ctl_lock;	/* protects user controls against
+-					   concurrent access */
+ 
+ 	struct snd_info_entry *proc_root;	/* root for soundcard specific files */
+ 	struct snd_info_entry *proc_id;	/* the card id */
+@@ -149,6 +147,10 @@ struct snd_card {
+ 	struct snd_mixer_oss *mixer_oss;
+ 	int mixer_oss_change_count;
+ #endif
+#ifndef __GENKSYMS__
+	struct mutex user_ctl_lock;	/* protects user controls against
+					   concurrent access */
+#endif
+ };
+ 
+ #ifdef CONFIG_PM
--- a/debian/patches/debian/sockdiag-avoid-abi-change-in-3.14.5.patch
+++ b/debian/patches/debian/sockdiag-avoid-abi-change-in-3.14.5.patch
@ -1,41 +0,0 @@
-From: Ben Hutchings <ben@decadent.org.uk>
-Date: Sun, 01 Jun 2014 20:38:59 +0100
-Subject: sockdiag: Avoid ABI change in 3.14.5
-Forwarded: not-needed
-
-Add the user_namespace parameter back to sock_diag_put_filterinfo(),
-but don't use it there.
-
--- a/include/linux/sock_diag.h
-+++ b/include/linux/sock_diag.h
-@@ -23,7 +23,7 @@ int sock_diag_check_cookie(void *sk, __u
- void sock_diag_save_cookie(void *sk, __u32 *cookie);
- 
- int sock_diag_put_meminfo(struct sock *sk, struct sk_buff *skb, int attr);
-int sock_diag_put_filterinfo(struct sock *sk,
-+int sock_diag_put_filterinfo(struct user_namespace *user_ns, struct sock *sk,
- 			     struct sk_buff *skb, int attrtype);
- 
- #endif
--- a/net/core/sock_diag.c
-+++ b/net/core/sock_diag.c
-@@ -49,7 +49,7 @@ int sock_diag_put_meminfo(struct sock *s
- }
- EXPORT_SYMBOL_GPL(sock_diag_put_meminfo);
- 
-int sock_diag_put_filterinfo(struct sock *sk,
-+int sock_diag_put_filterinfo(struct user_namespace *user_ns __always_unused, struct sock *sk,
- 			     struct sk_buff *skb, int attrtype)
- {
- 	struct nlattr *attr;
--- a/net/packet/diag.c
-+++ b/net/packet/diag.c
-@@ -172,7 +172,7 @@ static int sk_diag_fill(struct sock *sk,
- 		goto out_nlmsg_trim;
- 
- 	if ((req->pdiag_show & PACKET_SHOW_FILTER) &&
-	    sock_diag_put_filterinfo(sk, skb, PACKET_DIAG_FILTER))
-+	    sock_diag_put_filterinfo(user_ns, sk, skb, PACKET_DIAG_FILTER))
- 		goto out_nlmsg_trim;
- 
- 	return nlmsg_end(skb, nlh);
--- a/debian/patches/series
+++ b/debian/patches/series
@ -84,7 +84,6 @@ features/arm/ARM-sun4i-dt-Add-USB-host-bindings.patch
 debian/libata-avoid-abi-change-in-3.14.4.patch
 debian/dm-avoid-abi-change-in-3.14.4.patch
 debian/net-revert-lockdep-changes-in-3.14.5.patch
-debian/sockdiag-avoid-abi-change-in-3.14.5.patch
 debian/target-avoid-abi-change-in-3.14.5.patch
 debian/netfilter-avoid-abi-change-in-3.14.5.patch
 bugfix/mips/MIPS-Fix-branch-emulation-of-branch-likely-instructi.patch
@ -92,3 +91,4 @@ debian/drivers-base-platform-avoid-abi-change-in-3.14.6.patch
 debian/dma-avoid-abi-change-in-3.14.6.patch
 debian/vfs-avoid-abi-change-for-cve-2014-4014.patch
 bugfix/all/SCSI-Fix-spurious-request-sense-in-error-handling.patch
+debian/alsa-avoid-abi-change-for-cve-2014-4652-fix.patch