Update to 4.16.4
This commit is contained in:
parent
f4dbf1aa82
commit
98017b2bd7
|
@ -1,9 +1,12 @@
|
||||||
linux (4.16.3-1) UNRELEASED; urgency=medium
|
linux (4.16.4-1) UNRELEASED; urgency=medium
|
||||||
|
|
||||||
* New upstream stable update:
|
* New upstream stable update:
|
||||||
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.1
|
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.1
|
||||||
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.2
|
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.2
|
||||||
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.3
|
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.3
|
||||||
|
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.4
|
||||||
|
- ext4: limit xattr size to INT_MAX (CVE-2018-1095)
|
||||||
|
- random: fix crng_ready() test (CVE-2018-1108)
|
||||||
|
|
||||||
[ Ben Hutchings ]
|
[ Ben Hutchings ]
|
||||||
* aufs: gen-patch: Fix Subject generation to skip SPDX-License-Identifier
|
* aufs: gen-patch: Fix Subject generation to skip SPDX-License-Identifier
|
||||||
|
|
|
@ -1,46 +0,0 @@
|
||||||
From: Theodore Ts'o <tytso@mit.edu>
|
|
||||||
Date: Thu, 29 Mar 2018 22:10:31 -0400
|
|
||||||
Subject: ext4: always initialize the crc32c checksum driver
|
|
||||||
Origin: https://git.kernel.org/linus/a45403b51582a87872927a3e0fc0a389c26867f1
|
|
||||||
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2018-1094
|
|
||||||
|
|
||||||
The extended attribute code now uses the crc32c checksum for hashing
|
|
||||||
purposes, so we should just always always initialize it. We also want
|
|
||||||
to prevent NULL pointer dereferences if one of the metadata checksum
|
|
||||||
features is enabled after the file sytsem is originally mounted.
|
|
||||||
|
|
||||||
This issue has been assigned CVE-2018-1094.
|
|
||||||
|
|
||||||
https://bugzilla.kernel.org/show_bug.cgi?id=199183
|
|
||||||
https://bugzilla.redhat.com/show_bug.cgi?id=1560788
|
|
||||||
|
|
||||||
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
|
|
||||||
Cc: stable@vger.kernel.org
|
|
||||||
---
|
|
||||||
fs/ext4/super.c | 15 ++++++---------
|
|
||||||
1 file changed, 6 insertions(+), 9 deletions(-)
|
|
||||||
|
|
||||||
--- a/fs/ext4/super.c
|
|
||||||
+++ b/fs/ext4/super.c
|
|
||||||
@@ -3489,15 +3489,12 @@ static int ext4_fill_super(struct super_
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Load the checksum driver */
|
|
||||||
- if (ext4_has_feature_metadata_csum(sb) ||
|
|
||||||
- ext4_has_feature_ea_inode(sb)) {
|
|
||||||
- sbi->s_chksum_driver = crypto_alloc_shash("crc32c", 0, 0);
|
|
||||||
- if (IS_ERR(sbi->s_chksum_driver)) {
|
|
||||||
- ext4_msg(sb, KERN_ERR, "Cannot load crc32c driver.");
|
|
||||||
- ret = PTR_ERR(sbi->s_chksum_driver);
|
|
||||||
- sbi->s_chksum_driver = NULL;
|
|
||||||
- goto failed_mount;
|
|
||||||
- }
|
|
||||||
+ sbi->s_chksum_driver = crypto_alloc_shash("crc32c", 0, 0);
|
|
||||||
+ if (IS_ERR(sbi->s_chksum_driver)) {
|
|
||||||
+ ext4_msg(sb, KERN_ERR, "Cannot load crc32c driver.");
|
|
||||||
+ ret = PTR_ERR(sbi->s_chksum_driver);
|
|
||||||
+ sbi->s_chksum_driver = NULL;
|
|
||||||
+ goto failed_mount;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Check superblock checksum */
|
|
|
@ -1,40 +0,0 @@
|
||||||
From: Theodore Ts'o <tytso@mit.edu>
|
|
||||||
Date: Thu, 29 Mar 2018 21:56:09 -0400
|
|
||||||
Subject: ext4: fail ext4_iget for root directory if unallocated
|
|
||||||
Origin: https://git.kernel.org/linus/8e4b5eae5decd9dfe5a4ee369c22028f90ab4c44
|
|
||||||
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2018-1092
|
|
||||||
|
|
||||||
If the root directory has an i_links_count of zero, then when the file
|
|
||||||
system is mounted, then when ext4_fill_super() notices the problem and
|
|
||||||
tries to call iput() the root directory in the error return path,
|
|
||||||
ext4_evict_inode() will try to free the inode on disk, before all of
|
|
||||||
the file system structures are set up, and this will result in an OOPS
|
|
||||||
caused by a NULL pointer dereference.
|
|
||||||
|
|
||||||
This issue has been assigned CVE-2018-1092.
|
|
||||||
|
|
||||||
https://bugzilla.kernel.org/show_bug.cgi?id=199179
|
|
||||||
https://bugzilla.redhat.com/show_bug.cgi?id=1560777
|
|
||||||
|
|
||||||
Reported-by: Wen Xu <wen.xu@gatech.edu>
|
|
||||||
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
|
|
||||||
Cc: stable@vger.kernel.org
|
|
||||||
---
|
|
||||||
fs/ext4/inode.c | 6 ++++++
|
|
||||||
1 file changed, 6 insertions(+)
|
|
||||||
|
|
||||||
--- a/fs/ext4/inode.c
|
|
||||||
+++ b/fs/ext4/inode.c
|
|
||||||
@@ -4745,6 +4745,12 @@ struct inode *ext4_iget(struct super_blo
|
|
||||||
goto bad_inode;
|
|
||||||
raw_inode = ext4_raw_inode(&iloc);
|
|
||||||
|
|
||||||
+ if ((ino == EXT4_ROOT_INO) && (raw_inode->i_links_count == 0)) {
|
|
||||||
+ EXT4_ERROR_INODE(inode, "root inode unallocated");
|
|
||||||
+ ret = -EFSCORRUPTED;
|
|
||||||
+ goto bad_inode;
|
|
||||||
+ }
|
|
||||||
+
|
|
||||||
if (EXT4_INODE_SIZE(inode->i_sb) > EXT4_GOOD_OLD_INODE_SIZE) {
|
|
||||||
ei->i_extra_isize = le16_to_cpu(raw_inode->i_extra_isize);
|
|
||||||
if (EXT4_GOOD_OLD_INODE_SIZE + ei->i_extra_isize >
|
|
|
@ -1,43 +0,0 @@
|
||||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/arch/arm64/boot/dts/amlogic/meson-gxbb-odroidc2.dts?h=next-20180309&id=c04ffa71ff491220cac28f55237c9aad379a8656
|
|
||||||
From c04ffa71ff491220cac28f55237c9aad379a8656 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Jerome Brunet <jbrunet@baylibre.com>
|
|
||||||
Date: Fri, 2 Mar 2018 14:44:36 +0100
|
|
||||||
Subject: [PATCH] ARM64: dts: meson: reduce odroid-c2 eMMC maximum rate
|
|
||||||
|
|
||||||
Different modules maybe installed by the user on the eMMC connector
|
|
||||||
of the odroid-c2. While the red modules are working without an issue,
|
|
||||||
it seems some black modules (apparently Samsung based) are having
|
|
||||||
issue at 200MHz
|
|
||||||
|
|
||||||
While the tuning algorithm introduced in v4.14 enables high speed modes
|
|
||||||
on every other tested designs, it seems a problem remains for this
|
|
||||||
particular combination of board and eMMC module.
|
|
||||||
|
|
||||||
Lowering the maximum frequency of the eMMC on this board until we can
|
|
||||||
figure out a better solution.
|
|
||||||
|
|
||||||
Fixes: d341ca88eead ("mmc: meson-gx: rework tuning function")
|
|
||||||
Suggested-by: Ellie Reeves <ellierevves@gmail.com>
|
|
||||||
Signed-off-by: Jerome Brunet <jbrunet@baylibre.com>
|
|
||||||
Cc: stable@vger.kernel.org
|
|
||||||
Signed-off-by: Kevin Hilman <khilman@baylibre.com>
|
|
||||||
---
|
|
||||||
arch/arm64/boot/dts/amlogic/meson-gxbb-odroidc2.dts | 2 +-
|
|
||||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/arch/arm64/boot/dts/amlogic/meson-gxbb-odroidc2.dts b/arch/arm64/boot/dts/amlogic/meson-gxbb-odroidc2.dts
|
|
||||||
index 0bc0f65e4f37..54954b314a45 100644
|
|
||||||
--- a/arch/arm64/boot/dts/amlogic/meson-gxbb-odroidc2.dts
|
|
||||||
+++ b/arch/arm64/boot/dts/amlogic/meson-gxbb-odroidc2.dts
|
|
||||||
@@ -274,7 +274,7 @@
|
|
||||||
pinctrl-names = "default", "clk-gate";
|
|
||||||
|
|
||||||
bus-width = <8>;
|
|
||||||
- max-frequency = <200000000>;
|
|
||||||
+ max-frequency = <100000000>;
|
|
||||||
non-removable;
|
|
||||||
disable-wp;
|
|
||||||
cap-mmc-highspeed;
|
|
||||||
--
|
|
||||||
2.11.0
|
|
||||||
|
|
|
@ -139,9 +139,7 @@ features/all/lockdown/arm64-add-kernel-config-option-to-lock-down-when.patch
|
||||||
|
|
||||||
# Security fixes
|
# Security fixes
|
||||||
debian/i386-686-pae-pci-set-pci-nobios-by-default.patch
|
debian/i386-686-pae-pci-set-pci-nobios-by-default.patch
|
||||||
bugfix/all/ext4-fail-ext4_iget-for-root-directory-if-unallocate.patch
|
|
||||||
bugfix/all/ext4-add-validity-checks-for-bitmap-block-numbers.patch
|
bugfix/all/ext4-add-validity-checks-for-bitmap-block-numbers.patch
|
||||||
bugfix/all/ext4-always-initialize-the-crc32c-checksum-driver.patch
|
|
||||||
|
|
||||||
# Fix exported symbol versions
|
# Fix exported symbol versions
|
||||||
bugfix/all/module-disable-matching-missing-version-crc.patch
|
bugfix/all/module-disable-matching-missing-version-crc.patch
|
||||||
|
@ -157,7 +155,6 @@ bugfix/all/tools-build-remove-bpf-run-time-check-at-build-time.patch
|
||||||
bugfix/all/cpupower-bump-soname-version.patch
|
bugfix/all/cpupower-bump-soname-version.patch
|
||||||
bugfix/all/cpupower-fix-checks-for-cpu-existence.patch
|
bugfix/all/cpupower-fix-checks-for-cpu-existence.patch
|
||||||
bugfix/all/lockdep-stub-nmi-watchdog-reset.patch
|
bugfix/all/lockdep-stub-nmi-watchdog-reset.patch
|
||||||
bugfix/arm64/ARM64-dts-meson-reduce-odroid-c2-eMMC-maximum-rate.patch
|
|
||||||
|
|
||||||
# wireless: Disable regulatory.db direct loading (until we sort out signing)
|
# wireless: Disable regulatory.db direct loading (until we sort out signing)
|
||||||
debian/wireless-disable-regulatory.db-direct-loading.patch
|
debian/wireless-disable-regulatory.db-direct-loading.patch
|
||||||
|
|
Loading…
Reference in New Issue