Update to 4.16.4
This commit is contained in:
Ben Hutchings
parent
f4dbf1aa82
commit
98017b2bd7
|
|
@ -1,9 +1,12 @@
|
|||
linux (4.16.3-1) UNRELEASED; urgency=medium
|
||||
linux (4.16.4-1) UNRELEASED; urgency=medium
|
||||
|
||||
* New upstream stable update:
|
||||
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.1
|
||||
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.2
|
||||
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.3
|
||||
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.4
|
||||
- ext4: limit xattr size to INT_MAX (CVE-2018-1095)
|
||||
- random: fix crng_ready() test (CVE-2018-1108)
|
||||
|
||||
[ Ben Hutchings ]
|
||||
* aufs: gen-patch: Fix Subject generation to skip SPDX-License-Identifier
|
||||
|
|
|
|||
|
|
@ -1,46 +0,0 @@
|
|||
From: Theodore Ts'o <tytso@mit.edu>
|
||||
Date: Thu, 29 Mar 2018 22:10:31 -0400
|
||||
Subject: ext4: always initialize the crc32c checksum driver
|
||||
Origin: https://git.kernel.org/linus/a45403b51582a87872927a3e0fc0a389c26867f1
|
||||
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2018-1094
|
||||
|
||||
The extended attribute code now uses the crc32c checksum for hashing
|
||||
purposes, so we should just always always initialize it. We also want
|
||||
to prevent NULL pointer dereferences if one of the metadata checksum
|
||||
features is enabled after the file sytsem is originally mounted.
|
||||
|
||||
This issue has been assigned CVE-2018-1094.
|
||||
|
||||
https://bugzilla.kernel.org/show_bug.cgi?id=199183
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=1560788
|
||||
|
||||
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
|
||||
Cc: stable@vger.kernel.org
|
||||
---
|
||||
fs/ext4/super.c | 15 ++++++---------
|
||||
1 file changed, 6 insertions(+), 9 deletions(-)
|
||||
|
||||
--- a/fs/ext4/super.c
|
||||
+++ b/fs/ext4/super.c
|
||||
@@ -3489,15 +3489,12 @@ static int ext4_fill_super(struct super_
|
||||
}
|
||||
|
||||
/* Load the checksum driver */
|
||||
- if (ext4_has_feature_metadata_csum(sb) ||
|
||||
- ext4_has_feature_ea_inode(sb)) {
|
||||
- sbi->s_chksum_driver = crypto_alloc_shash("crc32c", 0, 0);
|
||||
- if (IS_ERR(sbi->s_chksum_driver)) {
|
||||
- ext4_msg(sb, KERN_ERR, "Cannot load crc32c driver.");
|
||||
- ret = PTR_ERR(sbi->s_chksum_driver);
|
||||
- sbi->s_chksum_driver = NULL;
|
||||
- goto failed_mount;
|
||||
- }
|
||||
+ sbi->s_chksum_driver = crypto_alloc_shash("crc32c", 0, 0);
|
||||
+ if (IS_ERR(sbi->s_chksum_driver)) {
|
||||
+ ext4_msg(sb, KERN_ERR, "Cannot load crc32c driver.");
|
||||
+ ret = PTR_ERR(sbi->s_chksum_driver);
|
||||
+ sbi->s_chksum_driver = NULL;
|
||||
+ goto failed_mount;
|
||||
}
|
||||
|
||||
/* Check superblock checksum */
|
||||
|
|
@ -1,40 +0,0 @@
|
|||
From: Theodore Ts'o <tytso@mit.edu>
|
||||
Date: Thu, 29 Mar 2018 21:56:09 -0400
|
||||
Subject: ext4: fail ext4_iget for root directory if unallocated
|
||||
Origin: https://git.kernel.org/linus/8e4b5eae5decd9dfe5a4ee369c22028f90ab4c44
|
||||
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2018-1092
|
||||
|
||||
If the root directory has an i_links_count of zero, then when the file
|
||||
system is mounted, then when ext4_fill_super() notices the problem and
|
||||
tries to call iput() the root directory in the error return path,
|
||||
ext4_evict_inode() will try to free the inode on disk, before all of
|
||||
the file system structures are set up, and this will result in an OOPS
|
||||
caused by a NULL pointer dereference.
|
||||
|
||||
This issue has been assigned CVE-2018-1092.
|
||||
|
||||
https://bugzilla.kernel.org/show_bug.cgi?id=199179
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=1560777
|
||||
|
||||
Reported-by: Wen Xu <wen.xu@gatech.edu>
|
||||
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
|
||||
Cc: stable@vger.kernel.org
|
||||
---
|
||||
fs/ext4/inode.c | 6 ++++++
|
||||
1 file changed, 6 insertions(+)
|
||||
|
||||
--- a/fs/ext4/inode.c
|
||||
+++ b/fs/ext4/inode.c
|
||||
@@ -4745,6 +4745,12 @@ struct inode *ext4_iget(struct super_blo
|
||||
goto bad_inode;
|
||||
raw_inode = ext4_raw_inode(&iloc);
|
||||
|
||||
+ if ((ino == EXT4_ROOT_INO) && (raw_inode->i_links_count == 0)) {
|
||||
+ EXT4_ERROR_INODE(inode, "root inode unallocated");
|
||||
+ ret = -EFSCORRUPTED;
|
||||
+ goto bad_inode;
|
||||
+ }
|
||||
+
|
||||
if (EXT4_INODE_SIZE(inode->i_sb) > EXT4_GOOD_OLD_INODE_SIZE) {
|
||||
ei->i_extra_isize = le16_to_cpu(raw_inode->i_extra_isize);
|
||||
if (EXT4_GOOD_OLD_INODE_SIZE + ei->i_extra_isize >
|
||||
|
|
@ -1,43 +0,0 @@
|
|||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/arch/arm64/boot/dts/amlogic/meson-gxbb-odroidc2.dts?h=next-20180309&id=c04ffa71ff491220cac28f55237c9aad379a8656
|
||||
From c04ffa71ff491220cac28f55237c9aad379a8656 Mon Sep 17 00:00:00 2001
|
||||
From: Jerome Brunet <jbrunet@baylibre.com>
|
||||
Date: Fri, 2 Mar 2018 14:44:36 +0100
|
||||
Subject: [PATCH] ARM64: dts: meson: reduce odroid-c2 eMMC maximum rate
|
||||
|
||||
Different modules maybe installed by the user on the eMMC connector
|
||||
of the odroid-c2. While the red modules are working without an issue,
|
||||
it seems some black modules (apparently Samsung based) are having
|
||||
issue at 200MHz
|
||||
|
||||
While the tuning algorithm introduced in v4.14 enables high speed modes
|
||||
on every other tested designs, it seems a problem remains for this
|
||||
particular combination of board and eMMC module.
|
||||
|
||||
Lowering the maximum frequency of the eMMC on this board until we can
|
||||
figure out a better solution.
|
||||
|
||||
Fixes: d341ca88eead ("mmc: meson-gx: rework tuning function")
|
||||
Suggested-by: Ellie Reeves <ellierevves@gmail.com>
|
||||
Signed-off-by: Jerome Brunet <jbrunet@baylibre.com>
|
||||
Cc: stable@vger.kernel.org
|
||||
Signed-off-by: Kevin Hilman <khilman@baylibre.com>
|
||||
---
|
||||
arch/arm64/boot/dts/amlogic/meson-gxbb-odroidc2.dts | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/arch/arm64/boot/dts/amlogic/meson-gxbb-odroidc2.dts b/arch/arm64/boot/dts/amlogic/meson-gxbb-odroidc2.dts
|
||||
index 0bc0f65e4f37..54954b314a45 100644
|
||||
--- a/arch/arm64/boot/dts/amlogic/meson-gxbb-odroidc2.dts
|
||||
+++ b/arch/arm64/boot/dts/amlogic/meson-gxbb-odroidc2.dts
|
||||
@@ -274,7 +274,7 @@
|
||||
pinctrl-names = "default", "clk-gate";
|
||||
|
||||
bus-width = <8>;
|
||||
- max-frequency = <200000000>;
|
||||
+ max-frequency = <100000000>;
|
||||
non-removable;
|
||||
disable-wp;
|
||||
cap-mmc-highspeed;
|
||||
--
|
||||
2.11.0
|
||||
|
||||
|
|
@ -139,9 +139,7 @@ features/all/lockdown/arm64-add-kernel-config-option-to-lock-down-when.patch
|
|||
|
||||
# Security fixes
|
||||
debian/i386-686-pae-pci-set-pci-nobios-by-default.patch
|
||||
bugfix/all/ext4-fail-ext4_iget-for-root-directory-if-unallocate.patch
|
||||
bugfix/all/ext4-add-validity-checks-for-bitmap-block-numbers.patch
|
||||
bugfix/all/ext4-always-initialize-the-crc32c-checksum-driver.patch
|
||||
|
||||
# Fix exported symbol versions
|
||||
bugfix/all/module-disable-matching-missing-version-crc.patch
|
||||
|
|
@ -157,7 +155,6 @@ bugfix/all/tools-build-remove-bpf-run-time-check-at-build-time.patch
|
|||
bugfix/all/cpupower-bump-soname-version.patch
|
||||
bugfix/all/cpupower-fix-checks-for-cpu-existence.patch
|
||||
bugfix/all/lockdep-stub-nmi-watchdog-reset.patch
|
||||
bugfix/arm64/ARM64-dts-meson-reduce-odroid-c2-eMMC-maximum-rate.patch
|
||||
|
||||
# wireless: Disable regulatory.db direct loading (until we sort out signing)
|
||||
debian/wireless-disable-regulatory.db-direct-loading.patch
|
||||
|
|
|
|||
Loading…
Reference in New Issue