From bc29a1558a0a296e2e5487e2371c86092f20664a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Uwe=20Kleine-K=C3=B6nig?= Date: Tue, 8 Aug 2017 09:54:35 +0200 Subject: [PATCH] Update to 4.12.5 --- debian/changelog | 234 +++++++++++++++++++++++++++++++++++++++++- debian/patches/series | 1 - 2 files changed, 232 insertions(+), 3 deletions(-) diff --git a/debian/changelog b/debian/changelog index ba914befd..d7ee81028 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -linux (4.12.3-1~exp1) UNRELEASED; urgency=medium +linux (4.12.5-1~exp1) UNRELEASED; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.3 @@ -7,6 +7,237 @@ linux (4.12.3-1~exp1) UNRELEASED; urgency=medium - [sparc64] Adding asm-prototypes.h for genksyms to generate crc - [sparc64] sed regex in Makefile.build requires line break between exported symbols + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.4 + - disable new gcc-7.1.1 warnings for now + - ir-core: fix gcc-7 warning on bool arithmetic + - s5p-jpeg: don't return a random width/height + - thermal: max77620: fix device-node reference imbalance + - thermal: cpu_cooling: Avoid accessing potentially freed structures + - ath9k: fix tx99 use after free + - ath9k: fix tx99 bus error + - ath9k: fix an invalid pointer dereference in ath9k_rng_stop() + - iwlwifi: mvm: fix the recovery flow while connecting + - NFC: fix broken device allocation + - NFC: nfcmrvl_uart: add missing tty-device sanity check + - NFC: nfcmrvl: do not use device-managed resources + - NFC: nfcmrvl: use nfc-device for firmware download + - NFC: nfcmrvl: fix firmware-management initialisation + - nfc: Ensure presence of required attributes in the activate_target handler + - nfc: Fix the sockaddr length sanitization in llcp_sock_connect + - NFC: Add sockaddr length checks before accessing sa_family in bind handlers + - perf intel-pt: Move decoder error setting into one condition + - perf intel-pt: Improve sample timestamp + - perf intel-pt: Fix missing stack clear + - perf intel-pt: Ensure IP is zero when state is INTEL_PT_STATE_NO_IP + - perf intel-pt: Fix last_ip usage + - perf intel-pt: Ensure never to set 'last_ip' when packet 'count' is zero + - perf intel-pt: Use FUP always when scanning for an IP + - perf intel-pt: Clear FUP flag on error + - Bluetooth: use constant time memory comparison for secret values + - wlcore: fix 64K page support + - pstore: Don't warn if data is uncompressed and type is not PSTORE_TYPE_DMESG + - mwifiex: fixup error cases in mwifiex_add_virtual_intf() + - Btrfs: fix invalid extent maps due to hole punching + - btrfs: Don't clear SGID when inheriting ACLs + - Btrfs: incremental send, fix invalid memory access + - igb: Explicitly select page 0 at initialization + - spi: atmel: fix corrupted data issue on SAM9 family SoCs + - ASoC: zx-i2s: flip I2S master/slave mode + - ASoC: compress: Derive substream from stream based on direction + - ASoC: atmel: tse850: fix off-by-one in the "ANA" enumeration count + - PM / Domains: Fix unsafe iteration over modified list of device links + - PM / Domains: Fix unsafe iteration over modified list of domain providers + - PM / Domains: Fix unsafe iteration over modified list of domains + - scsi: ses: do not add a device to an enclosure if enclosure_add_links() fails. + - scsi: virtio_scsi: let host do exception handling + - scsi: qla2xxx: Allow ABTS, PURX, RIDA on ATIOQ for ISP83XX/27XX + - scsi: Add STARGET_CREATED_REMOVE state to scsi_target_state + - scsi: Avoid that scsi_exit_rq() triggers a use-after-free + - iscsi-target: Add login_keys_workaround attribute for non RFC initiators + - xen/scsiback: Fix a TMR related use-after-free + - scsi: virtio_scsi: always read VPD pages for multiqueue too + - powerpc/mm/radix: Only add X for pages overlapping kernel text + - powerpc/pseries: Fix passing of pp0 in updatepp() and updateboltedpp() + - powerpc/mm/radix: Fix execute permissions for interrupt_vectors + - powerpc/64: Fix atomic64_inc_not_zero() to return an int + - powerpc: Fix emulation of mcrf in emulate_step() + - powerpc: Fix emulation of mfocrf in emulate_step() + - powerpc/asm: Mark cr0 as clobbered in mftb() + - powerpc/mm/radix: Properly clear process table entry + - powerpc/perf: Fix SDAR_MODE value for continous sampling on Power9 + - xen/x86: fix cpu hotplug + - PCI: vmd: Move SRCU cleanup after bus, child device removal + - PCI: Work around poweroff & suspend-to-RAM issue on Macbook Pro 11 + - PCI: rockchip: Use normal register bank for config accessors + - PCI/PM: Restore the status of PCI devices across hibernation + - PCI/MSI: Ignore affinity if pre/post vector count is more than min_vecs + - usb: xhci: fix spinlock recursion for USB2 test mode + - xhci: fix memleak in xhci_run() + - xhci: fix 20000ms port resume timeout + - xhci: Fix NULL pointer dereference when cleaning up streams for removed host + - xhci: Bad Ethernet performance plugged in ASM1042A host + - mxl111sf: Fix driver to use heap allocate buffers for USB messages + - usb: storage: return on error to avoid a null pointer dereference + - USB: cdc-acm: add device-id for quirky printer + - usb: renesas_usbhs: fix usbhsc_resume() for !USBHSF_RUNTIME_PWCTRL + - usb: renesas_usbhs: gadget: disable all eps when the driver stops + - HID: multitouch: do not blindly set EV_KEY or EV_ABS bits + - md: don't use flush_signals in userspace processes + - md: fix deadlock between mddev_suspend() and md_write_start() + - x86/xen: allow userspace access during hypercalls + - cx88: Fix regression in initial video standard setting + - rc-core: fix input repeat handling + - tools/testing/nvdimm: fix nfit_test buffer overflow + - libnvdimm, btt: fix btt_rw_page not returning errors + - libnvdimm: fix the clear-error check in nsio_rw_bytes + - libnvdimm: fix badblock range handling of ARS range + - ext2: Don't clear SGID when inheriting ACLs + - dm raid: stop using BUG() in __rdev_sectors() + - Raid5 should update rdev->sectors after reshape + - s390/syscalls: Fix out of bounds arguments access + - drm/amdgpu/gfx8: drop per-APU CU limits + - drm/amdgpu: fix vblank_time when displays are off + - drm/amdgpu/cgs: always set reference clock in mode_info + - drm/amd/amdgpu: Return error if initiating read out of range on vram + - drm/amdgpu: fix the memory corruption on S3 + - drm/amdgpu: Don't call amd_powerplay_destroy() if we don't have powerplay + - drm/radeon/ci: disable mclk switching for high refresh rates (v2) + - drm/radeon: Fix eDP for single-display iMac10,1 (v2) + - drm/ttm: Fix use-after-free in ttm_bo_clean_mm + - drm/etnaviv: Expose our reservation object when exporting a dmabuf. + - ipmi: use rcu lock around call to intf->handlers->sender() + - ipmi:ssif: Add missing unlock in error branch + - xfs: Don't clear SGID when inheriting ACLs + - CIFS: Reconnect expired SMB sessions + - f2fs: load inode's flag from disk + - f2fs: wake up all waiters in f2fs_submit_discard_endio + - f2fs: sanity check checkpoint segno and blkoff + - f2fs: try to freeze in gc and discard threads + - f2fs: Do not issue small discards in LFS mode + - f2fs: sanity check size of nat and sit cache + - f2fs: use spin_{,un}lock_irq{save,restore} + - f2fs: Don't clear SGID when inheriting ACLs + - serial: st-asc: Potential error pointer dereference + - serial: sh-sci: Uninitialized variables in sysfs files + - ovl: mark parent impure on ovl_link() + - ovl: fix random return value on mount + - drm/amd/powerplay: fix memory leak in cz_hwmgr backend + - drm/i915: Disable MSI for all pre-gen5 + - vfio: Fix group release deadlock + - vfio: New external user group/file match + - vfio: Remove unnecessary uses of vfio_container.group_lock + - nvme-rdma: remove race conditions from IB signalling + - ftrace: Fix uninitialized variable in match_records() + - iommu/arm-smmu: Plumb in new ACPI identifiers + - drm/i915/gvt: Fix inconsistent locks holding sequence + - drm/atomic: Add missing drm_atomic_state_clear to atomic_remove_fb + - MIPS: Fix mips_atomic_set() retry condition + - MIPS: Fix mips_atomic_set() with EVA + - MIPS: Negate error syscall return in trace + - mtd: nand: tango: Fix incorrect use of SEQIN command + - ubifs: Correctly evict xattr inodes + - ubifs: Don't leak kernel memory to the MTD + - ubifs: Don't encrypt special files on creation + - ubifs: Set double hash cookie also for RENAME_EXCHANGE + - ACPI / EC: Drop EC noirq hooks to fix a regression + - Revert "ACPI / EC: Enable event freeze mode..." to fix a regression + - x86/acpi: Prevent out of bound access caused by broken ACPI tables + - x86/ioapic: Pass the correct data to unmask_ioapic_irq() + - MIPS: Fix MIPS I ISA /proc/cpuinfo reporting + - MIPS: Save static registers before sysmips + - MIPS: Actually decode JALX in `__compute_return_epc_for_insn' + - MIPS: Fix unaligned PC interpretation in `compute_return_epc' + - MIPS: math-emu: Prevent wrong ISA mode instruction emulation + - MIPS: Send SIGILL for BPOSGE32 in `__compute_return_epc_for_insn' + - MIPS: Rename `sigill_r6' to `sigill_r2r6' in `__compute_return_epc_for_insn' + - MIPS: Send SIGILL for linked branches in `__compute_return_epc_for_insn' + - MIPS: Send SIGILL for R6 branches in `__compute_return_epc_for_insn' + - MIPS: Fix a typo: s/preset/present/ in r2-to-r6 emulation error message + - Input: i8042 - fix crash at boot time + - IB/iser: Fix connection teardown race condition + - IB/core: Namespace is mandatory input for address resolution + - sunrpc: use constant time memory comparison for mac + - net/sunrpc/xprt_sock: fix regression in connection error reporting. + - NFS: Fix initialization of nfs_page_array->npages + - PNFS fix EACCESS on commit to DS handling + - NFS: only invalidate dentrys that are clearly invalid. + - udf: Fix races with i_size changes during readpage + - udf: Fix deadlock between writeback and udf_setsize() + - target: Fix COMPARE_AND_WRITE caw_sem leak during se_cmd quiesce + - iser-target: Avoid isert_conn->cm_id dereference in isert_login_recv_done + - perf annotate: Fix broken arrow at row 0 connecting jmp instruction to its target + - perf/core: Fix scheduling regression of pinned groups + - Revert "perf/core: Drop kernel samples even though :u is specified" + - staging: rtl8188eu: add TL-WN722N v2 support + - staging: comedi: ni_mio_common: fix AO timer off-by-one regression + - staging: sm750fb: avoid conflicting vesafb + - staging: lustre: ko2iblnd: check copy_from_iter/copy_to_iter return code + - ceph: fix race in concurrent readdir + - RDMA/uverbs: Fix the check for port number + - RDMA/core: Initialize port_num in qp_attr + - drm/mst: Fix error handling during MST sideband message reception + - drm/mst: Avoid dereferencing a NULL mstb in drm_dp_mst_handle_up_req() + - drm/mst: Avoid processing partially received up/down message transactions + - drm/i915: Make DP-MST connector info work + - mlx5: Avoid that mlx5_ib_sg_to_klms() overflows the klms[] array + - hfsplus: Don't clear SGID when inheriting ACLs + - vtime, sched/cputime: Remove vtime_account_user() + - sched/cputime: Always set tsk->vtime_snap_whence after accounting vtime + - sched/cputime: Rename vtime fields + - sched/cputime: Move the vtime task fields to their own struct + - sched/cputime: Accumulate vtime on top of nsec clocksource + - sched/fair: Fix load_balance() affinity redo path + - percpu_counter: Rename __percpu_counter_add to percpu_counter_add_batch + - writeback: rework wb_[dec|inc]_stat family of functions + - kernel/fork.c: virtually mapped stacks: do not disable interrupts + - acpi/nfit: Fix memory corruption/Unregister mce decoder on failure + - vmbus: re-enable channel tasklet + - cpufreq: intel_pstate: Correct the busy calculation for KNL + - spmi: Include OF based modalias in device uevent + - reiserfs: Don't clear SGID when inheriting ACLs + - device-dax: fix sysfs duplicate warnings + - drm/imx: parallel-display: Accept drm_of_find_panel_or_bridge failure + - PM / Domains: defer dev_pm_domain_set() until genpd->attach_dev succeeds if present + - tracing: Fix kmemleak in instance_rmdir + - drm/i915/fbdev: Check for existence of ifbdev->vma before operations + - drm/i915: Hold RPM wakelock while initializing OA buffer + - drm/i915: reintroduce VLV/CHV PFI programming power domain workaround + - smp/hotplug: Move unparking of percpu threads to the control CPU + - smp/hotplug: Replace BUG_ON and react useful + - alarmtimer: don't rate limit one-shot timers + - sched/cputime: Don't use smp_processor_id() in preemptible context + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.5 + - jfs: Don't clear SGID when inheriting ACLs + - ALSA: fm801: Initialize chip after IRQ handler is registered + - ALSA: hda - Add missing NVIDIA GPU codec IDs to patch table + - ALSA: hda - Add mute led support for HP ProBook 440 G4 + - parisc: Prevent TLB speculation on flushed pages on CPUs that only support equivalent aliases + - parisc: Extend disabled preemption in copy_user_page + - parisc: Suspend lockup detectors before system halt + - powerpc/pseries: Fix of_node_put() underflow during reconfig remove + - mmc: sunxi: Keep default timing phase settings for new timing mode + - NFS: invalidate file size when taking a lock. + - NFSv4.1: Fix a race where CB_NOTIFY_LOCK fails to wake a waiter + - scripts/dtc: dtx_diff - update include dts paths to match build + - crypto: brcm - Fix SHA3-512 algorithm failure + - crypto: brcm - remove BCM_PDC_MBOX dependency in Kconfig + - crypto: authencesn - Fix digest_null crash + - KVM: PPC: Book3S HV: Enable TM before accessing TM registers + - KVM: PPC: Book3S HV: Fix host crash on changing HPT size + - dm integrity: fix inefficient allocation of journal space + - dm integrity: test for corrupted disk format during table load + - md: remove 'idx' from 'struct resync_pages' + - md/raid1: fix writebehind bio clone + - md/raid5: add thread_group worker async_tx_issue_pending_all + - drm/vmwgfx: Fix gcc-7.1.1 warning + - drm/vmwgfx: Limit max desktop dimensions to 8Kx8K + - drm/nouveau/disp/nv50-: bump max chans to 21 + - drm/nouveau/bar/gf100: fix access to upper half of BAR2 + - drm/i915: Fix scaler init during CRTC HW state readout + - isdn/i4l: fix buffer overflow + - ipmi/watchdog: fix watchdog timeout set on reboot + - dentry name snapshots + - mmc: tmio-mmc: fix bad pointer math [ Ben Hutchings ] * media: Enable USB_RAINSHADOW_CEC as module (see #868511) @@ -24,7 +255,6 @@ linux (4.12.3-1~exp1) UNRELEASED; urgency=medium linux-headers-*-common* (Closes: #869511) [ Salvatore Bonaccorso ] - * dentry name snapshots (CVE-2017-7533) * ipv6: avoid overflow of offset in ip6_find_1stfragopt (CVE-2017-7542) * media: saa7164: fix double fetch PCIe access condition (CVE-2017-8831) diff --git a/debian/patches/series b/debian/patches/series index 52ab47223..774c306b6 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -117,7 +117,6 @@ features/all/lockdown/arm64-add-kernel-config-option-to-lock-down-when.patch # Security fixes debian/i386-686-pae-pci-set-pci-nobios-by-default.patch -bugfix/all/dentry-name-snapshots.patch bugfix/all/ipv6-avoid-overflow-of-offset-in-ip6_find_1stfragopt.patch bugfix/all/media-saa7164-fix-double-fetch-PCIe-access-condition.patch