debian-packaging
/
linux
8
0
Fork 0
Code Releases Activity

Update to 4.7.5

This commit is contained in:
Ben Hutchings 2016-09-25 01:33:08 +01:00
parent 1f0935b411
commit bdec0fe8f0
6 changed files with 199 additions and 174 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

137
debian/changelog vendored
View File

@ -1,9 +1,144 @@
linux (4.7.4-3) UNRELEASED; urgency=medium
linux (4.7.5-1) UNRELEASED; urgency=medium
* New upstream stable update:
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.5
- [armhf] clocksource/drivers/sun4i: Clear interrupts after stopping timer
in probe function
- fscrypto: require write access to mount to set encryption policy
- [arm64] drm/msm: protect against faults from copy_from_user() in submit
ioctl
- bpf: fix method of PTR_TO_PACKET reg id generation
- ipv4: panic in leaf_walk_rcu due to stale node pointer
- vti: flush x-netns xfrm cache when vti interface is removed
- bpf: fix write helpers with regards to non-linear parts
- net/irda: handle iriap_register_lsap() allocation failure
- net/sctp: always initialise sctp_ht_iter::start_fail
- net: ipv6: Do not keep IPv6 addresses when IPv6 is disabled
- tipc: fix NULL pointer dereference in shutdown()
- net/mlx5: Fix pci error recovery flow
- net/mlx5: Added missing check of msg length in verifying its signature
- net/mlx5e: Use correct flow dissector key on flower offloading
- net sched: fix encoding to use real length
- udp: fix poll() issue with zero sized packets
- tcp: properly scale window in tcp_v[46]_reqsk_send_ack()
- sctp: fix overrun in sctp_diag_dump_one()
- tun: fix transmit timestamp support
- [armhf] net: dsa: bcm_sf2: Fix race condition while unmasking interrupts
- Revert "phy: IRQ cannot be shared"
- net: smc91x: fix SMC accesses
- bridge: re-introduce 'fix parsing of MLDv2 reports'
- bonding: Fix bonding crash
- Revert "af_unix: Fix splice-bind deadlock"
- af_unix: split 'u->readlock' into two: 'iolock' and 'bindlock'
- ipv6: release dst in ping_v6_sendmsg
- [arm64] bnxt_en: Fix TX push operation on ARM64.
- ipv6: addrconf: fix dev refcont leak when DAD failed
- tcp: fastopen: avoid negative sk_forward_alloc
- net/mlx5e: Fix parsing of vlan packets when updating lro header
- tcp: cwnd does not increase in TCP YeAH
- [powerpc*] tm: do not use r13 for tabort_syscall
- [powerpc*] powernv : Drop reference added by kset_find_obj()
- [powerpc*] sysdev: cpm: fix gpio save_regs functions
- [powerpc*] mm: Don't alias user region to other regions below PAGE_OFFSET
- [powerpc*] powernv: Fix corrupted PE allocation bitmap on releasing PE
- kernfs: don't depend on d_find_any_alias() when generating notifications
- pNFS/flexfiles: Fix an Oopsable condition when connection to the DS fails
- pNFS: The client must not do I/O to the DS if it's lease has expired
- NFSv4.1: Fix Oopsable condition in server callback races
- NFSv4.x: Fix a refcount leak in nfs_callback_up_net
- nfsd: Close race between nfsd4_release_lockowner and nfsd4_lock
- pNFS: Ensure LAYOUTGET and LAYOUTRETURN are properly serialised
- NFSv4.1: Fix the CREATE_SESSION slot number accounting
- kexec: fix double-free when failing to relocate the purgatory
- mm, mempolicy: task->mempolicy must be NULL before dropping final
reference
- ahci: disable correct irq for dummy ports
- audit: fix exe_file access in audit_exe_compare
- dm flakey: fix reads to be issued if drop_writes configured
- IB/hfi1,IB/qib: Fix qp_stats sleep with rcu read lock held
- IB/uverbs: Fix race between uverbs_close and remove_one
- IB/hfi1: Reset QSFP on every run through channel tuning
- [amd64] mm: fix cache mode of dax pmd mappings
- [x86] paravirt: Do not trace _paravirt_ident_*() functions
- [x86] AMD: Apply erratum 665 on machines without a BIOS fix
- [s390x] KVM: don't use current->thread.fpu.* when accessing registers
- [armhf,arm64] kvm-arm: Unmap shadow pagetables properly
- [x86] kvm: correctly reset dest_map->vector when restoring LAPIC state
- iio: sw-trigger: Fix config group initialization
- [armhf] iio: adc: rockchip_saradc: reset saradc controller before
programming it
- [armhf] iio: adc: ti_am335x_adc: Protect FIFO1 from concurrent access
- [armhf] iio: adc: ti_am335x_adc: Increase timeout value waiting for ADC
sample
- iio:ti-ads1015: fix a wrong pointer definition.
- [x86] iio: accel: bmc150: reset chip at init time
- iio: fix pressure data output unit in hid-sensor-attributes
- iio:core: fix IIO_VAL_FRACTIONAL sign handling
- iio: ensure ret is initialized to zero before entering do loop
- serial: 8250_mid: fix divide error bug if baud rate is 0
- serial: 8250: added acces i/o products quad and octal serial cards
- [armhf,arm64] usb: chipidea: udc: fix NULL ptr dereference in
isr_setup_status_phase
- USB: change bInterval default to 10 ms
- devpts: return NULL pts 'priv' entry for non-devpts nodes
- cpuset: make sure new tasks conform to the current config of the cpuset
- [armhf] dts: rockchip: add reset node for the exist saradc SoCs
- [armhf] imx6: add missing BM_CLPCR_BYP_MMDC_CH0_LPM_HS setting for imx6ul
- [armhf] imx6: add missing BM_CLPCR_BYPASS_PMIC_READY setting for imx6sx
- [armel] kirkwood: ib62x0: fix size of u-boot environment partition
- [armhf] OMAP3: hwmod data: Add sysc information for DSI
- [armel] dts: kirkwood: Fix PCIe label on OpenRD
- [armhf] dts: imx6qdl: Fix SPDIF regression
- [armhf] dts: armada-388-clearfog: number LAN ports properly
- dm log writes: fix check of kthread_run() return value
- dm crypt: fix free of bad values after tfm allocation failure
- dm log writes: move IO accounting earlier to fix error path
- dm crypt: fix error with too large bios
- [armhf] pinctrl: sunxi: fix uart1 CTS/RTS pins at PG on A23/A33
- [armhf] memory: omap-gpmc: allow probe of child nodes to fail
- [arm64] spinlocks: implement smp_mb__before_spinlock() as smp_mb()
- crypto: cryptd - initialize child shash_desc on import
- Btrfs: remove root_log_ctx from ctx list before btrfs_sync_log returns
- fuse: direct-io: don't dirty ITER_BVEC pages
- xhci: fix null pointer dereference in stop command timeout function
- brcmfmac: avoid potential stack overflow in brcmf_cfg80211_start_ap()
- md-cluster: make md-cluster also can work when compiled into kernel
- ath9k: fix using sta->drv_priv before initializing it
- ath9k: bring back direction setting in ath9k_{start_stop}
- [x86] perf/intel: Fix PEBSv3 record drain
- [x86] perf/intel/cqm: Check cqm/mbm enabled state in event init
- [x86] perf/amd: Make HW_CACHE_REFERENCES and HW_CACHE_MISSES measure L2
- [x86] perf/intel/pt: Fix an off-by-one in address filter configuration
- [x86] perf/intel/pt: Fix kernel address filter's offset validation
- [x86] perf/intel/pt: Do validate the size of a kernel address filter
- Revert "wext: Fix 32 bit iwpriv compatibility issue with 64 bit Kernel"
- sched/core: Fix a race between try_to_wake_up() and a woken up task
- ipv6: Don't unset flowi6_proto in ipxip6_tnl_xmit()
- efi: Make for_each_efi_memory_desc_in_map() cope with running on Xen
- efi/libstub: Allocate headspace in efi_get_memory_map()
- efi/libstub: Introduce ExitBootServices helper
- efi/libstub: Use efi_exit_boot_services() in FDT
- [x86] efi: Use efi_exit_boot_services()
- [powerpc,powerpcspe] Fix csum_partial_copy_generic()
- [powerpc,powerpcspe] Fix again csum_partial_copy_generic()
- [x86] drm/i915: Ignore OpRegion panel type except on select machines
- [x86] drm: Only use compat ioctl for addfb2 on X86/IA64
- svcauth_gss: Revert 64c59a3726f2 ("Remove unnecessary allocation")
- genirq: Provide irq_gc_{lock_irqsave,unlock_irqrestore}() helpers
- fix iov_iter_fault_in_readable()
- [x86] fix minor infoleak in get_user_ex()
- [s390x] get_user() should zero on failure
- asm-generic: make get_user() clear the destination on errors
- asm-generic: make copy_from_user() zero the destination properly
- [alpha,hppa,mips*,powerpc,powerpcspe,sh4] make copy_from_user() zero the
destination properly
[ Ben Hutchings ]
* [hppa,mips*,powerpc*] linux-image: Strip debug symbols from vmlinux
(really closes: #837588)
* [hppa] tracing: Re-enable FTRACE
* [powerpc,powerpcspe,ppc64] linux-image: Suppress automatic dbgsym packages
* uaccess,uio: Fix ABI changes in 4.7.5
-- Ben Hutchings <ben@decadent.org.uk> Fri, 23 Sep 2016 00:50:40 +0100

121
debian/patches/bugfix/all/mm-oom-prevent-premature-oom-killer-invocation-for-h.patch vendored
View File

@ -1,121 +0,0 @@
From: Michal Hocko <mhocko@suse.com>
Date: Thu, 1 Sep 2016 16:14:41 -0700
Subject: mm, oom: prevent premature OOM killer invocation for high order
request
Origin: https://git.kernel.org/linus/6b4e3181d7bd5ca5ab6f45929e4a5ffa7ab4ab7f
There have been several reports about pre-mature OOM killer invocation
in 4.7 kernel when order-2 allocation request (for the kernel stack)
invoked OOM killer even during basic workloads (light IO or even kernel
compile on some filesystems). In all reported cases the memory is
fragmented and there are no order-2+ pages available. There is usually
a large amount of slab memory (usually dentries/inodes) and further
debugging has shown that there are way too many unmovable blocks which
are skipped during the compaction. Multiple reporters have confirmed
that the current linux-next which includes [1] and [2] helped and OOMs
are not reproducible anymore.
A simpler fix for the late rc and stable is to simply ignore the
compaction feedback and retry as long as there is a reclaim progress and
we are not getting OOM for order-0 pages. We already do that for
CONFING_COMPACTION=n so let's reuse the same code when compaction is
enabled as well.
[1] http://lkml.kernel.org/r/20160810091226.6709-1-vbabka@suse.cz
[2] http://lkml.kernel.org/r/f7a9ea9d-bb88-bfd6-e340-3a933559305a@suse.cz
Fixes: 0a0337e0d1d1 ("mm, oom: rework oom detection")
Link: http://lkml.kernel.org/r/20160823074339.GB23577@dhcp22.suse.cz
Signed-off-by: Michal Hocko <mhocko@suse.com>
Tested-by: Olaf Hering <olaf@aepfle.de>
Tested-by: Ralf-Peter Rohbeck <Ralf-Peter.Rohbeck@quantum.com>
Cc: Markus Trippelsdorf <markus@trippelsdorf.de>
Cc: Arkadiusz Miskiewicz <a.miskiewicz@gmail.com>
Cc: Ralf-Peter Rohbeck <Ralf-Peter.Rohbeck@quantum.com>
Cc: Jiri Slaby <jslaby@suse.com>
Cc: Vlastimil Babka <vbabka@suse.cz>
Cc: Joonsoo Kim <js1304@gmail.com>
Cc: Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>
Cc: David Rientjes <rientjes@google.com>
Cc: <stable@vger.kernel.org> [4.7.x]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
[bwh: Backported to 4.7: should_compact_retry() takes a parameter of type
enum migrate_node * instead of enum compact_priority *]
---
mm/page_alloc.c | 51 ++-------------------------------------------------
1 file changed, 2 insertions(+), 49 deletions(-)
--- a/mm/page_alloc.c
+++ b/mm/page_alloc.c
@@ -3254,53 +3254,6 @@ __alloc_pages_direct_compact(gfp_t gfp_m
return NULL;
}
-static inline bool
-should_compact_retry(struct alloc_context *ac, int order, int alloc_flags,
- enum compact_result compact_result, enum migrate_mode *migrate_mode,
- int compaction_retries)
-{
- int max_retries = MAX_COMPACT_RETRIES;
-
- if (!order)
- return false;
-
- /*
- * compaction considers all the zone as desperately out of memory
- * so it doesn't really make much sense to retry except when the
- * failure could be caused by weak migration mode.
- */
- if (compaction_failed(compact_result)) {
- if (*migrate_mode == MIGRATE_ASYNC) {
- *migrate_mode = MIGRATE_SYNC_LIGHT;
- return true;
- }
- return false;
- }
-
- /*
- * make sure the compaction wasn't deferred or didn't bail out early
- * due to locks contention before we declare that we should give up.
- * But do not retry if the given zonelist is not suitable for
- * compaction.
- */
- if (compaction_withdrawn(compact_result))
- return compaction_zonelist_suitable(ac, order, alloc_flags);
-
- /*
- * !costly requests are much more important than __GFP_REPEAT
- * costly ones because they are de facto nofail and invoke OOM
- * killer to move on while costly can fail and users are ready
- * to cope with that. 1/4 retries is rather arbitrary but we
- * would need much more detailed feedback from compaction to
- * make a better decision.
- */
- if (order > PAGE_ALLOC_COSTLY_ORDER)
- max_retries /= 4;
- if (compaction_retries <= max_retries)
- return true;
-
- return false;
-}
#else
static inline struct page *
__alloc_pages_direct_compact(gfp_t gfp_mask, unsigned int order,
@@ -3311,6 +3264,8 @@ __alloc_pages_direct_compact(gfp_t gfp_m
return NULL;
}
+#endif /* CONFIG_COMPACTION */
+
static inline bool
should_compact_retry(struct alloc_context *ac, unsigned int order, int alloc_flags,
enum compact_result compact_result,
@@ -3337,7 +3292,6 @@ should_compact_retry(struct alloc_contex
}
return false;
}
-#endif /* CONFIG_COMPACTION */
/* Perform direct synchronous page reclaim */
static int

50
debian/patches/bugfix/all/tcp-fix-use-after-free-in-tcp_xmit_retransmit_queue.patch vendored
View File

@ -1,50 +0,0 @@
From: Eric Dumazet <edumazet@google.com>
Date: Wed, 17 Aug 2016 05:56:26 -0700
Subject: tcp: fix use after free in tcp_xmit_retransmit_queue()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Origin: https://git.kernel.org/cgit/linux/kernel/git/davem/net.git/commit?id=bb1fceca22492109be12640d49f5ea5a544c6bb4
When tcp_sendmsg() allocates a fresh and empty skb, it puts it at the
tail of the write queue using tcp_add_write_queue_tail()
Then it attempts to copy user data into this fresh skb.
If the copy fails, we undo the work and remove the fresh skb.
Unfortunately, this undo lacks the change done to tp->highest_sack and
we can leave a dangling pointer (to a freed skb)
Later, tcp_xmit_retransmit_queue() can dereference this pointer and
access freed memory. For regular kernels where memory is not unmapped,
this might cause SACK bugs because tcp_highest_sack_seq() is buggy,
returning garbage instead of tp->snd_nxt, but with various debug
features like CONFIG_DEBUG_PAGEALLOC, this can crash the kernel.
This bug was found by Marco Grassi thanks to syzkaller.
Fixes: 6859d49475d4 ("[TCP]: Abstract tp->highest_sack accessing & point to next skb")
Reported-by: Marco Grassi <marco.gra@gmail.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi>
Cc: Yuchung Cheng <ycheng@google.com>
Cc: Neal Cardwell <ncardwell@google.com>
Acked-by: Neal Cardwell <ncardwell@google.com>
Reviewed-by: Cong Wang <xiyou.wangcong@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
---
include/net/tcp.h | 2 ++
1 file changed, 2 insertions(+)
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -1522,6 +1522,8 @@ static inline void tcp_check_send_head(s
{
if (sk->sk_send_head == skb_unlinked)
sk->sk_send_head = NULL;
+ if (tcp_sk(sk)->highest_sack == skb_unlinked)
+ tcp_sk(sk)->highest_sack = NULL;
}
static inline void tcp_init_send_head(struct sock *sk)

33
debian/patches/debian/uaccess-avoid-abi-change-in-4.7.5.patch vendored Normal file
View File

@ -0,0 +1,33 @@
From: Ben Hutchings <ben@decadent.org.uk>
Date: Sun, 25 Sep 2016 01:36:13 +0100
Subject: uaccess: Avoid ABI change in 4.7.5
Forwarded: not-needed
Hide the new #include's from genksyms. I'm not sure whether they'll
change symbol versions but it's a possibility.
---
--- a/arch/mips/include/asm/uaccess.h
+++ b/arch/mips/include/asm/uaccess.h
@@ -14,7 +14,9 @@
#include <linux/kernel.h>
#include <linux/errno.h>
#include <linux/thread_info.h>
+#ifndef __GENKSYMS__
#include <linux/string.h>
+#endif
#include <asm/asm-eva.h>
/*
--- a/arch/parisc/include/asm/uaccess.h
+++ b/arch/parisc/include/asm/uaccess.h
@@ -10,7 +10,9 @@
#include <asm-generic/uaccess-unaligned.h>
#include <linux/bug.h>
+#ifndef __GENKSYMS__
#include <linux/string.h>
+#endif
#define VERIFY_READ 0
#define VERIFY_WRITE 1

28
debian/patches/debian/uio-fix-abi-change-in-4.7.5.patch vendored Normal file
View File

@ -0,0 +1,28 @@
From: Ben Hutchings <ben@decadent.org.uk>
Date: Sun, 25 Sep 2016 01:42:34 +0100
Subject: uio: Fix ABI change in 4.7.5
Forwarded: not-needed
iov_iter_fault_in_readable() and
iov_iter_fault_in_multipages_readable() are now equivalent, with the
latter name defined as a macro. Restore it as a real function too for
ABI compatibility.
---
--- a/lib/iov_iter.c
+++ b/lib/iov_iter.c
@@ -301,6 +301,14 @@ done:
return wanted - bytes;
}
+/* bwh: Retained for ABI compatibility */
+#undef iov_iter_fault_in_multipages_readable
+int iov_iter_fault_in_multipages_readable(struct iov_iter *i, size_t bytes)
+{
+ return iov_iter_fault_in_readable(i, bytes);
+}
+EXPORT_SYMBOL(iov_iter_fault_in_multipages_readable);
+
/*
* Fault in one or more iovecs of the given iov_iter, to a maximum length of
* bytes. For each iovec, fault in each page that constitutes the iovec.

4
debian/patches/series vendored
View File

@ -74,7 +74,6 @@ bugfix/all/kbuild-use-nostdinc-in-compile-tests.patch
bugfix/all/disable-some-marvell-phys.patch
bugfix/all/fs-add-module_softdep-declarations-for-hard-coded-cr.patch
bugfix/all/kbuild-do-not-use-hyphen-in-exported-variable-name.patch
bugfix/all/mm-oom-prevent-premature-oom-killer-invocation-for-h.patch
# Miscellaneous features
@ -111,11 +110,12 @@ features/all/securelevel/arm64-add-kernel-config-option-to-set-securelevel-wh.pa
# Security fixes
bugfix/all/ptrace-being-capable-wrt-a-process-requires-mapped-uids-gids.patch
debian/i386-686-pae-pci-set-pci-nobios-by-default.patch
bugfix/all/tcp-fix-use-after-free-in-tcp_xmit_retransmit_queue.patch
# ABI maintenance
debian/i8042-revert-abi-break-in-4.7.3.patch
debian/revert-arm64-define-at_vector_size_arch-for-arch_dlinfo.patch
debian/uaccess-avoid-abi-change-in-4.7.5.patch
debian/uio-fix-abi-change-in-4.7.5.patch
# Tools bug fixes
bugfix/all/usbip-document-tcp-wrappers.patch