Update to 3.8.5

svn path=/dists/trunk/linux/; revision=19953
2013-03-29 06:40:22 +00:00 · 2013-03-29 06:40:22 +00:00 · b79f46c9b9
parent 55da5d676a
commit b79f46c9b9
7 changed files with 4 additions and 325 deletions
--- a/debian/changelog
+++ b/debian/changelog
@ -1,7 +1,10 @@
-linux (3.8.4-1~experimental.1) UNRELEASED; urgency=low
+linux (3.8.5-1~experimental.1) UNRELEASED; urgency=low

  * New upstream stable update:
    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.4
+    http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.5
+
+  [ Ben Hutchings ]
  * signal: Fix use of missing sa_restorer field (build regression
    introduced by fix for CVE-2013-0914)

--- a/debian/patches/bugfix/all/efivars-Add-module-parameter-to-disable-use-as-a-pst.patch
+++ b/debian/patches/bugfix/all/efivars-Add-module-parameter-to-disable-use-as-a-pst.patch
@ -1,75 +0,0 @@
-From: Seth Forshee <seth.forshee@canonical.com>
-Date: Mon, 11 Mar 2013 16:17:50 -0500
-Subject: efivars: Add module parameter to disable use as a pstore backend
-
-commit ec0971ba5372a4dfa753f232449d23a8fd98490e upstream.
-
-We know that with some firmware implementations writing too much data to
-UEFI variables can lead to bricking machines. Recent changes attempt to
-address this issue, but for some it may still be prudent to avoid
-writing large amounts of data until the solution has been proven on a
-wide variety of hardware.
-
-Crash dumps or other data from pstore can potentially be a large data
-source. Add a pstore_module parameter to efivars to allow disabling its
-use as a backend for pstore. Also add a config option,
-CONFIG_EFI_VARS_PSTORE_DEFAULT_DISABLE, to allow setting the default
-value of this paramter to true (i.e. disabled by default).
-
-Signed-off-by: Seth Forshee <seth.forshee@canonical.com>
-Cc: Josh Boyer <jwboyer@redhat.com>
-Cc: Matthew Garrett <mjg59@srcf.ucam.org>
-Cc: Seiji Aguchi <seiji.aguchi@hds.com>
-Cc: Tony Luck <tony.luck@intel.com>
-Signed-off-by: Matt Fleming <matt.fleming@intel.com>
---
- drivers/firmware/Kconfig   |    9 +++++++++
- drivers/firmware/efivars.c |    8 +++++++-
- 2 files changed, 16 insertions(+), 1 deletion(-)
-
-diff --git a/drivers/firmware/Kconfig b/drivers/firmware/Kconfig
-index 898023d..42c759a 100644
--- a/drivers/firmware/Kconfig
-+++ b/drivers/firmware/Kconfig
-@@ -62,6 +62,15 @@ config EFI_VARS_PSTORE
- 	  will allow writing console messages, crash dumps, or anything
- 	  else supported by pstore to EFI variables.
- 
-+config EFI_VARS_PSTORE_DEFAULT_DISABLE
-+	bool "Disable using efivars as a pstore backend by default"
-+	depends on EFI_VARS_PSTORE
-+	default n
-+	help
-+	  Saying Y here will disable the use of efivars as a storage
-+	  backend for pstore by default. This setting can be overridden
-+	  using the efivars module's pstore_disable parameter.
-+
- config EFI_PCDP
- 	bool "Console device selection via EFI PCDP or HCDP table"
- 	depends on ACPI && EFI && IA64
-diff --git a/drivers/firmware/efivars.c b/drivers/firmware/efivars.c
-index 37b6f24..6607daf 100644
--- a/drivers/firmware/efivars.c
-+++ b/drivers/firmware/efivars.c
-@@ -103,6 +103,11 @@ MODULE_VERSION(EFIVARS_VERSION);
-  */
- #define GUID_LEN 36
- 
-+static bool efivars_pstore_disable =
-+	IS_ENABLED(EFI_VARS_PSTORE_DEFAULT_DISABLE);
-+
-+module_param_named(pstore_disable, efivars_pstore_disable, bool, 0644);
-+
- /*
-  * The maximum size of VariableName + Data = 1024
-  * Therefore, it's reasonable to save that much
-@@ -2009,7 +2014,8 @@ int register_efivars(struct efivars *efivars,
- 	if (error)
- 		unregister_efivars(efivars);
- 
-	efivar_pstore_register(efivars);
-+	if (!efivars_pstore_disable)
-+		efivar_pstore_register(efivars);
- 
- 	register_filesystem(&efivarfs_type);
- 
--- a/debian/patches/bugfix/all/efivars-Allow-disabling-use-as-a-pstore-backend.patch
+++ b/debian/patches/bugfix/all/efivars-Allow-disabling-use-as-a-pstore-backend.patch
@ -1,140 +0,0 @@
-From: Seth Forshee <seth.forshee@canonical.com>
-Date: Thu, 7 Mar 2013 11:40:17 -0600
-Subject: efivars: Allow disabling use as a pstore backend
-
-commit ed9dc8ce7a1c8115dba9483a9b51df8b63a2e0ef upstream.
-
-Add a new option, CONFIG_EFI_VARS_PSTORE, which can be set to N to
-avoid using efivars as a backend to pstore, as some users may want to
-compile out the code completely.
-
-Set the default to Y to maintain backwards compatability, since this
-feature has always been enabled until now.
-
-Signed-off-by: Seth Forshee <seth.forshee@canonical.com>
-Cc: Josh Boyer <jwboyer@redhat.com>
-Cc: Matthew Garrett <mjg59@srcf.ucam.org>
-Cc: Seiji Aguchi <seiji.aguchi@hds.com>
-Cc: Tony Luck <tony.luck@intel.com>
-Signed-off-by: Matt Fleming <matt.fleming@intel.com>
---
- drivers/firmware/Kconfig   |    9 +++++++
- drivers/firmware/efivars.c |   64 ++++++++++++++------------------------------
- 2 files changed, 29 insertions(+), 44 deletions(-)
-
-diff --git a/drivers/firmware/Kconfig b/drivers/firmware/Kconfig
-index 9b00072..898023d 100644
--- a/drivers/firmware/Kconfig
-+++ b/drivers/firmware/Kconfig
-@@ -53,6 +53,15 @@ config EFI_VARS
- 	  Subsequent efibootmgr releases may be found at:
- 	  <http://linux.dell.com/efibootmgr>
- 
-+config EFI_VARS_PSTORE
-+	bool "Register efivars backend for pstore"
-+	depends on EFI_VARS && PSTORE
-+	default y
-+	help
-+	  Say Y here to enable use efivars as a backend to pstore. This
-+	  will allow writing console messages, crash dumps, or anything
-+	  else supported by pstore to EFI variables.
-+
- config EFI_PCDP
- 	bool "Console device selection via EFI PCDP or HCDP table"
- 	depends on ACPI && EFI && IA64
-diff --git a/drivers/firmware/efivars.c b/drivers/firmware/efivars.c
-index fe62aa3..37b6f24 100644
--- a/drivers/firmware/efivars.c
-+++ b/drivers/firmware/efivars.c
-@@ -1309,9 +1309,7 @@ static const struct inode_operations efivarfs_dir_inode_operations = {
- 	.create = efivarfs_create,
- };
- 
-static struct pstore_info efi_pstore_info;
-
-#ifdef CONFIG_PSTORE
-+#ifdef CONFIG_EFI_VARS_PSTORE
- 
- static int efi_pstore_open(struct pstore_info *psi)
- {
-@@ -1514,38 +1512,6 @@ static int efi_pstore_erase(enum pstore_type_id type, u64 id, int count,
- 
- 	return 0;
- }
-#else
-static int efi_pstore_open(struct pstore_info *psi)
-{
-	return 0;
-}
-
-static int efi_pstore_close(struct pstore_info *psi)
-{
-	return 0;
-}
-
-static ssize_t efi_pstore_read(u64 *id, enum pstore_type_id *type, int *count,
-			       struct timespec *timespec,
-			       char **buf, struct pstore_info *psi)
-{
-	return -1;
-}
-
-static int efi_pstore_write(enum pstore_type_id type,
-		enum kmsg_dump_reason reason, u64 *id,
-		unsigned int part, int count, size_t size,
-		struct pstore_info *psi)
-{
-	return 0;
-}
-
-static int efi_pstore_erase(enum pstore_type_id type, u64 id, int count,
-			    struct timespec time, struct pstore_info *psi)
-{
-	return 0;
-}
-#endif
- 
- static struct pstore_info efi_pstore_info = {
- 	.owner		= THIS_MODULE,
-@@ -1557,6 +1523,24 @@ static struct pstore_info efi_pstore_info = {
- 	.erase		= efi_pstore_erase,
- };
- 
-+static void efivar_pstore_register(struct efivars *efivars)
-+{
-+	efivars->efi_pstore_info = efi_pstore_info;
-+	efivars->efi_pstore_info.buf = kmalloc(4096, GFP_KERNEL);
-+	if (efivars->efi_pstore_info.buf) {
-+		efivars->efi_pstore_info.bufsize = 1024;
-+		efivars->efi_pstore_info.data = efivars;
-+		spin_lock_init(&efivars->efi_pstore_info.buf_lock);
-+		pstore_register(&efivars->efi_pstore_info);
-+	}
-+}
-+#else
-+static void efivar_pstore_register(struct efivars *efivars)
-+{
-+	return;
-+}
-+#endif
-+
- static ssize_t efivar_create(struct file *filp, struct kobject *kobj,
- 			     struct bin_attribute *bin_attr,
- 			     char *buf, loff_t pos, size_t count)
-@@ -2025,15 +2009,7 @@ int register_efivars(struct efivars *efivars,
- 	if (error)
- 		unregister_efivars(efivars);
- 
-	efivars->efi_pstore_info = efi_pstore_info;
-
-	efivars->efi_pstore_info.buf = kmalloc(4096, GFP_KERNEL);
-	if (efivars->efi_pstore_info.buf) {
-		efivars->efi_pstore_info.bufsize = 1024;
-		efivars->efi_pstore_info.data = efivars;
-		spin_lock_init(&efivars->efi_pstore_info.buf_lock);
-		pstore_register(&efivars->efi_pstore_info);
-	}
-+	efivar_pstore_register(efivars);
- 
- 	register_filesystem(&efivarfs_type);
- 
--- a/debian/patches/bugfix/all/efivars-Fix-check-for-CONFIG_EFI_VARS_PSTORE_DEFAULT.patch
+++ b/debian/patches/bugfix/all/efivars-Fix-check-for-CONFIG_EFI_VARS_PSTORE_DEFAULT.patch
@ -1,24 +0,0 @@
-From: Ben Hutchings <ben@decadent.org.uk>
-Date: Fri, 22 Mar 2013 19:43:53 +0000
-Subject: efivars: Fix check for CONFIG_EFI_VARS_PSTORE_DEFAULT_DISABLE
-
-The 'CONFIG_' prefix is not implicit in IS_ENABLED().
-
-Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
-Cc: Seth Forshee <seth.forshee@canonical.com>
-Cc: <stable@vger.kernel.org>
---
- drivers/firmware/efivars.c |    2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
--- a/drivers/firmware/efivars.c
-+++ b/drivers/firmware/efivars.c
-@@ -105,7 +105,7 @@ MODULE_ALIAS("platform:efivars");
- #define GUID_LEN 36
- 
- static bool efivars_pstore_disable =
-	IS_ENABLED(EFI_VARS_PSTORE_DEFAULT_DISABLE);
-+	IS_ENABLED(CONFIG_EFI_VARS_PSTORE_DEFAULT_DISABLE);
- 
- module_param_named(pstore_disable, efivars_pstore_disable, bool, 0644);
- 
--- a/debian/patches/bugfix/all/vhost-net-fix-heads-usage-of-ubuf_info.patch
+++ b/debian/patches/bugfix/all/vhost-net-fix-heads-usage-of-ubuf_info.patch
@ -1,31 +0,0 @@
-From: "Michael S. Tsirkin" <mst@redhat.com>
-Date: Sun, 17 Mar 2013 02:46:09 +0000
-Subject: vhost/net: fix heads usage of ubuf_info
-
-commit 46aa92d1ba162b4b3d6b7102440e459d4e4ee255 upstream.
-
-ubuf info allocator uses guest controlled head as an index,
-so a malicious guest could put the same head entry in the ring twice,
-and we will get two callbacks on the same value.
-To fix use upend_idx which is guaranteed to be unique.
-
-Reported-by: Rusty Russell <rusty@rustcorp.com.au>
-Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
-Signed-off-by: David S. Miller <davem@davemloft.net>
-Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
---
- drivers/vhost/net.c |    3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
--- a/drivers/vhost/net.c
-+++ b/drivers/vhost/net.c
-@@ -339,7 +339,8 @@ static void handle_tx(struct vhost_net *
- 				msg.msg_controllen = 0;
- 				ubufs = NULL;
- 			} else {
-				struct ubuf_info *ubuf = &vq->ubuf_info[head];
-+				struct ubuf_info *ubuf;
-+				ubuf = vq->ubuf_info + vq->upend_idx;
- 
- 				vq->heads[vq->upend_idx].len =
- 					VHOST_DMA_IN_PROGRESS;
--- a/debian/patches/bugfix/x86/drm-i915-bounds-check-execbuffer-relocation-count.patch
+++ b/debian/patches/bugfix/x86/drm-i915-bounds-check-execbuffer-relocation-count.patch
@ -1,49 +0,0 @@
-From: Kees Cook <keescook@chromium.org>
-Date: Mon, 11 Mar 2013 17:31:45 -0700
-Subject: drm/i915: bounds check execbuffer relocation count
-
-commit 3118a4f652c7b12c752f3222af0447008f9b2368 upstream.
-
-It is possible to wrap the counter used to allocate the buffer for
-relocation copies. This could lead to heap writing overflows.
-
-CVE-2013-0913
-
-v3: collapse test, improve comment
-v2: move check into validate_exec_list
-
-Signed-off-by: Kees Cook <keescook@chromium.org>
-Reported-by: Pinkie Pie
-Reviewed-by: Chris Wilson <chris@chris-wilson.co.uk>
-Signed-off-by: Daniel Vetter <daniel.vetter@ffwll.ch>
-Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
---
- drivers/gpu/drm/i915/i915_gem_execbuffer.c |   11 ++++++++---
- 1 file changed, 8 insertions(+), 3 deletions(-)
-
--- a/drivers/gpu/drm/i915/i915_gem_execbuffer.c
-+++ b/drivers/gpu/drm/i915/i915_gem_execbuffer.c
-@@ -907,15 +907,20 @@ validate_exec_list(struct drm_i915_gem_e
- 		   int count)
- {
- 	int i;
-+	int relocs_total = 0;
-+	int relocs_max = INT_MAX / sizeof(struct drm_i915_gem_relocation_entry);
- 
- 	for (i = 0; i < count; i++) {
- 		char __user *ptr = (char __user *)(uintptr_t)exec[i].relocs_ptr;
- 		int length; /* limited by fault_in_pages_readable() */
- 
-		/* First check for malicious input causing overflow */
-		if (exec[i].relocation_count >
-		    INT_MAX / sizeof(struct drm_i915_gem_relocation_entry))
-+		/* First check for malicious input causing overflow in
-+		 * the worst case where we need to allocate the entire
-+		 * relocation tree as a single array.
-+		 */
-+		if (exec[i].relocation_count > relocs_max - relocs_total)
- 			return -EINVAL;
-+		relocs_total += exec[i].relocation_count;
- 
- 		length = exec[i].relocation_count *
- 			sizeof(struct drm_i915_gem_relocation_entry);
--- a/debian/patches/series
+++ b/debian/patches/series
@ -80,15 +80,10 @@ bugfix/mips/mips-add-dependencies-for-have_arch_transparent_hugepage.patch
 bugfix/all/signal-fix-use-of-missing-sa_restorer-field.patch
 bugfix/all/kernel-signal.c-use-__ARCH_HAS_SA_RESTORER-instead-o.patch
 debian/efi-autoload-efivars.patch
-bugfix/all/vhost-net-fix-heads-usage-of-ubuf_info.patch
-bugfix/all/efivars-Allow-disabling-use-as-a-pstore-backend.patch
-bugfix/all/efivars-Add-module-parameter-to-disable-use-as-a-pst.patch
-bugfix/all/efivars-Fix-check-for-CONFIG_EFI_VARS_PSTORE_DEFAULT.patch
 bugfix/all/efi_pstore-Introducing-workqueue-updating-sysfs.patch
 bugfix/all/efivars-explicitly-calculate-length-of-VariableName.patch
 bugfix/all/efivars-Handle-duplicate-names-from-get_next_variabl.patch
 debian/efivars-remove-check-for-50-full-on-write.patch
-bugfix/x86/drm-i915-bounds-check-execbuffer-relocation-count.patch
 bugfix/x86/KVM-x86-fix-for-buffer-overflow-in-handling-of-MSR_K.patch
 bugfix/x86/KVM-x86-Convert-MSR_KVM_SYSTEM_TIME-to-use-gfn_to_hv.patch
 bugfix/all/KVM-Fix-bounds-checking-in-ioapic-indirect-register-.patch