mirror of
https://github.com/rd-stuffs/msm-4.14.git
synced 2025-02-20 11:45:48 +08:00
3514 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Isaac J. Manjarres
|
2f44069aee |
Merge remote-tracking branch 'remotes/origin/tmp-3f8d191' into msm-4.14
* remotes/origin/tmp-3f8d191:
Linux 4.14.38
ACPI / video: Only default only_lcd to true on Win8-ready _desktops_
s390/uprobes: implement arch_uretprobe_is_alive()
s390/dasd: fix IO error for newly defined devices
s390/cio: update chpid descriptor after resource accessibility event
tracing: Fix missing tab for hwlat_detector print format
block/swim: Fix IO error at end of medium
block/swim: Fix array bounds check
block/swim: Select appropriate drive on device open
block/swim: Rename macros to avoid inconsistent inverted logic
block/swim: Remove extra put_disk() call from error path
block/swim: Don't log an error message for an invalid ioctl
block/swim: Check drive type
m68k/mac: Don't remap SWIM MMIO region
fsnotify: Fix fsnotify_mark_connector race
cdrom: information leak in cdrom_ioctl_media_changed()
scsi: mptsas: Disable WRITE SAME
commoncap: Handle memory allocation failure.
Revert "mm/hmm: fix header file if/else/endif maze"
arm64: dts: rockchip: remove vdd_log from rk3399-puma
microblaze: Setup dependencies for ASM optimized lib functions
s390: correct module section names for expoline code revert
s390: correct nospec auto detection init order
s390: add sysfs attributes for spectre
s390: report spectre mitigation via syslog
s390: add automatic detection of the spectre defense
s390: move nobp parameter functions to nospec-branch.c
s390/entry.S: fix spurious zeroing of r0
s390: do not bypass BPENTER for interrupt system calls
s390: Replace IS_ENABLED(EXPOLINE_*) with IS_ENABLED(CONFIG_EXPOLINE_*)
KVM: s390: force bp isolation for VSIE
s390: introduce execute-trampolines for branches
s390: run user space and KVM guests with modified branch prediction
s390: add options to change branch prediction behaviour for the kernel
s390/alternative: use a copy of the facility bit mask
s390: add optimized array_index_mask_nospec
s390: scrub registers on kernel entry and KVM exit
KVM: s390: wire up bpb feature
s390: enable CPU alternatives unconditionally
s390: introduce CPU alternatives
virtio_net: fix adding vids on big-endian
virtio_net: split out ctrl buffer
net: ethernet: ti: cpsw: fix tx vlan priority mapping
llc: fix NULL pointer deref for SOCK_ZAPPED
llc: hold llc_sap before release_sock()
net: sched: ife: check on metadata length
net: sched: ife: handle malformed tlv length
tcp: clear tp->packets_out when purging write queue
net: sched: ife: signal not finding metaid
strparser: Fix incorrect strp->need_bytes value.
amd-xgbe: Only use the SFP supported transceiver signals
strparser: Do not call mod_delayed_work with a timeout of LONG_MAX
amd-xgbe: Improve KR auto-negotiation and training
sctp: do not check port in sctp_inet6_cmp_addr
amd-xgbe: Add pre/post auto-negotiation phy hooks
vlan: Fix reading memory beyond skb->tail in skb_vlan_tagged_multi
pppoe: check sockaddr length in pppoe_connect()
tipc: add policy for TIPC_NLA_NET_ADDR
packet: fix bitfield update race
team: fix netconsole setup over team
net/smc: fix shutdown in state SMC_LISTEN
team: avoid adding twice the same option to the event list
net: fix deadlock while clearing neighbor proxy table
tcp: md5: reject TCP_MD5SIG or TCP_MD5SIG_EXT on established sockets
net: af_packet: fix race in PACKET_{R|T}X_RING
tcp: don't read out-of-bounds opsize
llc: delete timers synchronously in llc_sk_free()
net: validate attribute sizes in neigh_dump_table()
l2tp: check sockaddr length in pppol2tp_connect()
KEYS: DNS: limit the length of option strings
ipv6: sr: fix NULL pointer dereference in seg6_do_srh_encap()- v4 pkts
ipv6: add RTA_TABLE and RTA_PREFSRC to rtm_ipv6_policy
bonding: do not set slave_dev npinfo before slave_enable_netpoll in bond_enslave
Revert "ath10k: send (re)assoc peer command when NSS changed"
tpm: add retry logic
tpm: tpm-interface: fix tpm_transmit/_cmd kdoc
tpm: cmd_ready command can be issued only after granting locality
i40e: Fix attach VF to VM issue
drm: bridge: dw-hdmi: Fix overflow workaround for Amlogic Meson GX SoCs
Revert "pinctrl: intel: Initialize GPIO properly when used through irqchip"
ANDROID: staging: lustre: fix filler function type
ANDROID: fs: gfs2: fix filler function type
ANDROID: fs: exofs: fix filler function type
ANDROID: fs: afs: fix filler function type
ANDROID: fs: nfs: fix filler function type
ANDROID: fs: fuse: fix filler function type mismatch
ANDROID: mm: fix filler function type mismatch
ANDROID: media-device: fix ioctl function types
ANDROID: v4l2-ioctl: fix function types for IOCTL_INFO_STD
ANDROID: arch/arm64/crypto: fix CFI in SHA CE
ANDROID: arm64: kvm: disable CFI
ANDROID: arm64: mark kpti_install_ng_mappings as __nocfi
ANDROID: arm64: disable CFI for cpu_replace_ttbr1
ANDROID: kallsyms: strip the .cfi postfix from symbols with CONFIG_CFI_CLANG
ANDROID: add support for clang Control Flow Integrity (CFI)
ANDROID: HACK: init: ensure initcall ordering with LTO
ANDROID: drivers/misc: disable LTO for lkdtm_rodata.o
ANDROID: arm64: vdso: disable LTO
FROMLIST: arm64: select ARCH_SUPPORTS_LTO_CLANG
FROMLIST: arm64: disable RANDOMIZE_MODULE_REGION_FULL with LTO_CLANG
ANDROID: arm64: disable ARM64_ERRATUM_843419 for clang LTO
ANDROID: arm64: pass code model to LLVMgold
FROMLIST: arm64: make mrs_s and msr_s macros work with LTO
FROMLIST: efi/libstub: disable LTO
FROMLIST: scripts/mod: disable LTO for empty.c
FROMLIST: kbuild: fix dynamic ftrace with clang LTO
FROMLIST: kbuild: add support for clang LTO
FROMLIST: arm64: fix -m for GNU gold
FROMLIST: arm64: add a workaround for GNU gold with ARM64_MODULE_PLTS
FROMLIST: arm64: explicitly pass --no-fix-cortex-a53-843419 to GNU gold
FROMLIST: kbuild: add __ld-ifversion and linker-specific macros
FROMLIST: kbuild: add ld-name macro
FROMLIST: arm64: keep .altinstructions and .altinstr_replacement
ANDROID: arm64: fix LD_DEAD_CODE_DATA_ELIMINATION
FROMLIST: kbuild: fix LD_DEAD_CODE_DATA_ELIMINATION
FROMLIST: kbuild: add __cc-ifversion and compiler-specific variants
UPSTREAM: console: Drop added "static" for newport_con
UPSTREAM: tracing: always define trace_{irq,preempt}_{enable_disable}
Conflicts:
Makefile
Change-Id: Ied1a215e68f428eff9c1911491a4e364ffd1f679
Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org>
|
||
Greg Kroah-Hartman
|
3f8d1912e9 |
This is the 4.14.38 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlrlkV4ACgkQONu9yGCS
aT4+4RAAvG+qVTliLyVoSNznoj5vTjhZ4ew60N5yPOsll+g/lDIU91NGG6eXT1aS
HYcOjxrMzby3ubXwUrShBR8syzarAM9Q1WJgCfA7UmwGVr+kVa7Uv8LZ4SXtykZM
6L+hj4/BHeETH1OAkIkjADN3/as5gd1cbxmFuNnzoGCGVmpVdze757XDeh1KrkQN
xdiRnrhCAvy5FeBlPY8/vVuPzRnTAKi5UWH0mDKWh3v1ba31I3BSVIuXz81HnNPB
Yb3g/DRLAQeE7I54m4OjB9bWSM8Ei7SaARsHk/g1Bigs4QWEFOECPCEgfTNnBeu7
RYk9uYPznoqXb6YIUH2sq0lbem+Lj4Nku1YpkCBT9EUMHSmtbTXEQAzXNanNcag3
g5zBAP7+fVtK3K28uyQtwv+/jTBrwP6uWnZK1sAoOgrngOlBYe+/A9/1o+MKUE4K
ljIWh68AuFfLTWZtJtRMZq4g8J5GmhL3M5TarpakSKfMlHfTEY5bW4n+05ta87Cq
qgLLWnzZEzwTiiHxYp06hr0kpuzQ798LWP573Iz+6JkZYoSgvFXK0JnVwpDN1H+K
xv220wFi2vd0Y4HwaUcy9PdDOG8ROp8YoVWzpskLNyEVv1jPVc4jiOvwEiaJHFFO
KHHooLJjBEZxTrS0ok+coQqufao6kBsnlJzAJ3gQsKBnyGRg7H4=
=8nAH
-----END PGP SIGNATURE-----
Merge 4.14.38 into android-4.14
Changes in 4.14.38
Revert "pinctrl: intel: Initialize GPIO properly when used through irqchip"
drm: bridge: dw-hdmi: Fix overflow workaround for Amlogic Meson GX SoCs
i40e: Fix attach VF to VM issue
tpm: cmd_ready command can be issued only after granting locality
tpm: tpm-interface: fix tpm_transmit/_cmd kdoc
tpm: add retry logic
Revert "ath10k: send (re)assoc peer command when NSS changed"
bonding: do not set slave_dev npinfo before slave_enable_netpoll in bond_enslave
ipv6: add RTA_TABLE and RTA_PREFSRC to rtm_ipv6_policy
ipv6: sr: fix NULL pointer dereference in seg6_do_srh_encap()- v4 pkts
KEYS: DNS: limit the length of option strings
l2tp: check sockaddr length in pppol2tp_connect()
net: validate attribute sizes in neigh_dump_table()
llc: delete timers synchronously in llc_sk_free()
tcp: don't read out-of-bounds opsize
net: af_packet: fix race in PACKET_{R|T}X_RING
tcp: md5: reject TCP_MD5SIG or TCP_MD5SIG_EXT on established sockets
net: fix deadlock while clearing neighbor proxy table
team: avoid adding twice the same option to the event list
net/smc: fix shutdown in state SMC_LISTEN
team: fix netconsole setup over team
packet: fix bitfield update race
tipc: add policy for TIPC_NLA_NET_ADDR
pppoe: check sockaddr length in pppoe_connect()
vlan: Fix reading memory beyond skb->tail in skb_vlan_tagged_multi
amd-xgbe: Add pre/post auto-negotiation phy hooks
sctp: do not check port in sctp_inet6_cmp_addr
amd-xgbe: Improve KR auto-negotiation and training
strparser: Do not call mod_delayed_work with a timeout of LONG_MAX
amd-xgbe: Only use the SFP supported transceiver signals
strparser: Fix incorrect strp->need_bytes value.
net: sched: ife: signal not finding metaid
tcp: clear tp->packets_out when purging write queue
net: sched: ife: handle malformed tlv length
net: sched: ife: check on metadata length
llc: hold llc_sap before release_sock()
llc: fix NULL pointer deref for SOCK_ZAPPED
net: ethernet: ti: cpsw: fix tx vlan priority mapping
virtio_net: split out ctrl buffer
virtio_net: fix adding vids on big-endian
s390: introduce CPU alternatives
s390: enable CPU alternatives unconditionally
KVM: s390: wire up bpb feature
s390: scrub registers on kernel entry and KVM exit
s390: add optimized array_index_mask_nospec
s390/alternative: use a copy of the facility bit mask
s390: add options to change branch prediction behaviour for the kernel
s390: run user space and KVM guests with modified branch prediction
s390: introduce execute-trampolines for branches
KVM: s390: force bp isolation for VSIE
s390: Replace IS_ENABLED(EXPOLINE_*) with IS_ENABLED(CONFIG_EXPOLINE_*)
s390: do not bypass BPENTER for interrupt system calls
s390/entry.S: fix spurious zeroing of r0
s390: move nobp parameter functions to nospec-branch.c
s390: add automatic detection of the spectre defense
s390: report spectre mitigation via syslog
s390: add sysfs attributes for spectre
s390: correct nospec auto detection init order
s390: correct module section names for expoline code revert
microblaze: Setup dependencies for ASM optimized lib functions
arm64: dts: rockchip: remove vdd_log from rk3399-puma
Revert "mm/hmm: fix header file if/else/endif maze"
commoncap: Handle memory allocation failure.
scsi: mptsas: Disable WRITE SAME
cdrom: information leak in cdrom_ioctl_media_changed()
fsnotify: Fix fsnotify_mark_connector race
m68k/mac: Don't remap SWIM MMIO region
block/swim: Check drive type
block/swim: Don't log an error message for an invalid ioctl
block/swim: Remove extra put_disk() call from error path
block/swim: Rename macros to avoid inconsistent inverted logic
block/swim: Select appropriate drive on device open
block/swim: Fix array bounds check
block/swim: Fix IO error at end of medium
tracing: Fix missing tab for hwlat_detector print format
s390/cio: update chpid descriptor after resource accessibility event
s390/dasd: fix IO error for newly defined devices
s390/uprobes: implement arch_uretprobe_is_alive()
ACPI / video: Only default only_lcd to true on Win8-ready _desktops_
Linux 4.14.38
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
Tetsuo Handa
|
77df079be9 |
commoncap: Handle memory allocation failure.
commit 1f5781725dcbb026438e77091c91a94f678c3522 upstream. syzbot is reporting NULL pointer dereference at xattr_getsecurity() [1], for cap_inode_getsecurity() is returning sizeof(struct vfs_cap_data) when memory allocation failed. Return -ENOMEM if memory allocation failed. [1] https://syzkaller.appspot.com/bug?id=a55ba438506fe68649a5f50d2d82d56b365e0107 Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Fixes: 8db6c34f1dbc8e06 ("Introduce v3 namespaced file capabilities") Reported-by: syzbot <syzbot+9369930ca44f29e60e2d@syzkaller.appspotmail.com> Cc: stable <stable@vger.kernel.org> # 4.14+ Acked-by: Serge E. Hallyn <serge@hallyn.com> Acked-by: James Morris <james.morris@microsoft.com> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Isaac J. Manjarres
|
4f5d011e6d |
Merge remote-tracking branch 'remotes/origin/tmp-bb60f28' into msm-4.14
* remotes/origin/tmp-bb60f28:
Linux 4.14.37
mac80211_hwsim: fix use-after-free bug in hwsim_exit_net
Revert "KVM: X86: Fix SMRAM accessing even if VM is shutdown"
RDMA/mlx5: Fix NULL dereference while accessing XRC_TGT QPs
perf: Return proper values for user stack errors
perf: Fix sample_max_stack maximum check
netfilter: x_tables: limit allocation requests for blob rule heads
netfilter: compat: reject huge allocation requests
netfilter: compat: prepare xt_compat_init_offsets to return errors
netfilter: x_tables: add counters allocation wrapper
netfilter: x_tables: cap allocations at 512 mbyte
alarmtimer: Init nanosleep alarm timer on stack
RDMA/core: Reduce poll batch for direct cq polling
irqchip/gic-v3: Change pr_debug message to pr_devel
cpumask: Make for_each_cpu_wrap() available on UP as well
irqchip/gic-v3: Ignore disabled ITS nodes
perf test: Fix test trace+probe_libc_inet_pton.sh for s390x
powerpc/powernv: IMC fix out of bounds memory access at shutdown
locking/qspinlock: Ensure node->count is updated before initialising node
x86/platform/UV: Fix GAM Range Table entries less than 1GB
powerpc/mm/hash64: Zero PGD pages on allocation
vfs/proc/kcore, x86/mm/kcore: Fix SMAP fault when dumping vsyscall user page
PM / wakeirq: Fix unbalanced IRQ enable for wakeirq
ACPI / EC: Restore polling during noirq suspend/resume phases
bpf: fix rlimit in reuseport net selftest
net: stmmac: discard disabled flags in interrupt status register
SUNRPC: Don't call __UDPX_INC_STATS() from a preemptible context
KVM: PPC: Book3S HV: Fix handling of secondary HPTEG in HPT resizing code
tools/libbpf: handle issues with bpf ELF objects containing .eh_frames
net: Extra '_get' in declaration of arch_get_platform_mac_address
svcrdma: Fix Read chunk round-up
rxrpc: Don't put crypto buffers on the stack
selftests/ftrace: Add some missing glob checks
cpufreq: intel_pstate: Enable HWP during system resume on CPU0
bcache: return attach error when no cache set exist
bcache: fix for data collapse after re-attaching an attached device
bcache: fix for allocator and register thread race
bcache: properly set task state in bch_writeback_thread()
cifs: silence compiler warnings showing up with gcc-8.0.0
PM / domains: Fix up domain-idle-states OF parsing
proc: fix /proc/*/map_files lookup
arm64: spinlock: Fix theoretical trylock() A-B-A with LSE atomics
RDS: IB: Fix null pointer issue
bpf: sockmap, fix leaking maps with attached but not detached progs
xen/grant-table: Use put_page instead of free_page
xen-netfront: Fix race between device setup and open
perf evsel: Fix period/freq terms setup
MIPS: Generic: Support GIC in EIC mode
perf record: Fix period option handling
MIPS: TXx9: use IS_BUILTIN() for CONFIG_LEDS_CLASS
bpf: fix selftests/bpf test_kmod.sh failure when CONFIG_BPF_JIT_ALWAYS_ON=y
ACPI / scan: Use acpi_bus_get_status() to initialize ACPI_TYPE_DEVICE devs
ACPI / bus: Do not call _STA on battery devices with unmet dependencies
ACPI: processor_perflib: Do not send _PPC change notification if not ready
firmware: dmi_scan: Fix handling of empty DMI strings
x86/dumpstack: Avoid uninitlized variable
x86/power: Fix swsusp_arch_resume prototype
netfilter: ipv6: nf_defrag: Kill frag queue on RFC2460 failure
s390/eadm: fix CONFIG_BLOCK include dependency
drm/nouveau/pmu/fuc: don't use movw directly anymore
IB/core: Map iWarp AH type to undefined in rdma_ah_find_type
IB/ipoib: Fix for potential no-carrier state
IB/hfi1: Fix for potential refcount leak in hfi1_open_file()
IB/hfi1: Re-order IRQ cleanup to address driver cleanup race
blk-mq: fix discard merge with scheduler attached
openvswitch: Remove padding from packet before L3+ conntrack processing
mm/fadvise: discard partial page if endbyte is also EOF
mm: pin address_space before dereferencing it while isolating an LRU page
mm: thp: use down_read_trylock() in khugepaged to avoid long block
sparc64: update pmdp_invalidate() to return old pmd value
asm-generic: provide generic_pmdp_establish()
mm/mempolicy: add nodes_empty check in SYSC_migrate_pages
mm/mempolicy: fix the check of nodemask from user
ocfs2: return error when we attempt to access a dirty bh in jbd2
ocfs2/acl: use 'ip_xattr_sem' to protect getting extended attribute
ocfs2: return -EROFS to mount.ocfs2 if inode block is invalid
fs/dax.c: release PMD lock even when there is no PMD support in DAX
x86/kvm/vmx: do not use vm-exit instruction length for fast MMIO when running nested
kvm: Map PFN-type memory regions as writable (if possible)
tcp_nv: fix potential integer overflow in tcpnv_acked
netfilter: x_tables: fix pointer leaks to userspace
x86/hyperv: Check for required priviliges in hyperv_init()
gianfar: prevent integer wrapping in the rx handler
ntb_transport: Fix bug with max_mw_size parameter
RDMA/mlx5: Avoid memory leak in case of XRCD dealloc failure
powerpc/numa: Ensure nodes initialized for hotplug
powerpc/numa: Use ibm,max-associativity-domains to discover possible nodes
samples/bpf: Partially fixes the bpf.o build
i40e: fix reported mask for ntuple filters
i40e: program fragmented IPv4 filter input set
ixgbe: don't set RXDCTL.RLPML for 82599
jffs2: Fix use-after-free bug in jffs2_iget()'s error handling path
RDMA/uverbs: Use an unambiguous errno for method not supported
crypto: artpec6 - remove select on non-existing CRYPTO_SHA384
device property: Define type of PROPERTY_ENRTY_*() macros
tty: serial: exar: Relocate sleep wake-up handling
x86/hyperv: Stop suppressing X86_FEATURE_PCID
fm10k: fix "failed to kill vid" message for VF
igb: Clear TXSTMP when ptp_tx_work() is timeout
igb: Allow to remove administratively set MAC on VFs
ASoC: rockchip: Use dummy_dai for rt5514 dsp dailink
blk-mq-debugfs: don't allow write on attributes with seq_operations set
KVM: s390: vsie: use READ_ONCE to access some SCB fields
platform/x86: thinkpad_acpi: suppress warning about palm detection
i40evf: ignore link up if not running
i40evf: Don't schedule reset_task when device is being removed
bpf: test_maps: cleanup sockmaps when test ends
block: Set BIO_TRACE_COMPLETION on new bio during split
nfp: fix error return code in nfp_pci_probe()
HID: roccat: prevent an out of bounds read in kovaplus_profile_activated()
Input: stmfts - set IRQ_NOAUTOEN to the irq flag
scsi: fas216: fix sense buffer initialization
scsi: devinfo: fix format of the device list
f2fs: avoid hungtask when GC encrypted block if io_bits is set
RDMA/cma: Check existence of netdevice during port validation
Btrfs: raid56: fix race between merge_bio and rbio_orig_end_io
Btrfs: fix unexpected EEXIST from btrfs_get_extent
btrfs: fail mount when sb flag is not in BTRFS_SUPER_FLAG_SUPP
Btrfs: fix scrub to repair raid6 corruption
btrfs: Fix out of bounds access in btrfs_search_slot
Btrfs: set plug for fsync
ipmi/powernv: Fix error return code in ipmi_powernv_probe()
mac80211_hwsim: fix possible memory leak in hwsim_new_radio_nl()
kconfig: Fix expr_free() E_NOT leak
kconfig: Fix automatic menu creation mem leak
kconfig: Don't leak main menus during parsing
watchdog: sp5100_tco: Fix watchdog disable bit
PCI: Add dummy pci_irqd_intx_xlate() for CONFIG_PCI=n build
MIPS: Fix clean of vmlinuz.{32,ecoff,bin,srec}
nfs: Do not convert nfs_idmap_cache_timeout to jiffies
IB/cq: Don't force IB_POLL_DIRECT poll context for ib_process_cq_direct
spi: a3700: Clear DATA_OUT when performing a read
net: stmmac: dwmac-meson8b: propagate rate changes to the parent clock
net: stmmac: dwmac-meson8b: fix setting the RGMII TX clock on Meson8b
ubifs: Fix uninitialized variable in search_dh_cookie()
blk-mq: turn WARN_ON in __blk_mq_run_hw_queue into printk
dm mpath: return DM_MAPIO_REQUEUE on blk-mq rq allocation failure
dm thin: fix documentation relative to low water mark threshold
iommu/vt-d: Use domain instead of cache fetching
powerpc: System reset avoid interleaving oops using die synchronisation
iommu/exynos: Don't unconditionally steal bus ops
perf record: Fix failed memory allocation for get_cpuid_str
tools lib traceevent: Fix get_field_str() for dynamic strings
perf callchain: Fix attr.sample_max_stack setting
tools lib traceevent: Simplify pointer print logic and fix %pF
perf unwind: Do not look just at the global callchain_param.record_mode
scsi: qla2xxx: Fix warning in qla2x00_async_iocb_timeout()
i40iw: Zero-out consumer key on allocate stag for FMR
i40iw: Free IEQ resources
Input: synaptics - reset the ABS_X/Y fuzz after initializing MT axes
libbpf: Makefile set specified permission mode
Input: psmouse - fix Synaptics detection when protocol is disabled
PCI: Add function 1 DMA alias quirk for Marvell 9128
selftest: ftrace: Fix to pick text symbols for kprobes
xprtrdma: Fix backchannel allocation of extra rpcrdma_reps
platform/x86: dell-laptop: Filter out spurious keyboard backlight change events
KVM: s390: use created_vcpus in more places
tracing/hrtimer: Fix tracing bugs by taking all clock bases and modes into account
netfilter: ipv6: nf_defrag: Pass on packets to stack per RFC2460
KVM: PPC: Book3S HV: Enable migration of decrementer register
RDMA/core: Clarify rdma_ah_find_type
kvm: x86: fix KVM_XEN_HVM_CONFIG ioctl
ASoC: au1x: Fix timeout tests in au1xac97c_ac97_read()
ALSA: hda - Use IS_REACHABLE() for dependency on input
ACPI / LPSS: Do not instiate platform_dev for devs without MMIO resources
NFSv4: always set NFS_LOCK_LOST when a lock is lost.
x86/tsc: Allow TSC calibration without PIT
firewire-ohci: work around oversized DMA reads on JMicron controllers
usb: musb: Fix external abort in musb_remove on omap2430
usb: musb: call pm_runtime_{get,put}_sync before reading vbus registers
usb: musb: fix enumeration after resume
drm/i915/bxt, glk: Increase PCODE timeouts during CDCLK freq changing
drm/i915: Fix LSPCON TMDS output buffer enabling from low-power state
drm/i915: Do no use kfree() to free a kmem_cache_alloc() return value
drm/i915/audio: Fix audio detection issue on GLK
drm/i915/gvt: throw error on unhandled vfio ioctls
drm/vc4: Fix memory leak during BO teardown
x86/tsc: Prevent 32bit truncation in calc_hpet_ref()
clocksource/imx-tpm: Correct -ETIME return condition check
x86/acpi: Prevent X2APIC id 0xffffffff from being accounted
btrfs: fix unaligned access in readdir
cifs: do not allow creating sockets except with SMB1 posix exensions
UPSTREAM: module: Do not paper over type mismatches in module_param_call()
UPSTREAM: treewide: Fix function prototypes for module_param_call()
UPSTREAM: module: Prepare to convert all module_param_call() prototypes
UPSTREAM: kbuild: add clang-version.sh
UPSTREAM: console: Expand dummy functions for CFI
UPSTREAM: console: SisUSB2VGA: Drop dummy con_font_get()
ANDROID: sdcardfs: Set s_root to NULL after putting
ANDROID: sdcardfs: d_make_root calls iput
ANDROID: sdcardfs: Check for private data earlier
ANDROID: sched: Remove duplicate const specifier
Conflicts:
kernel/sched/sched.h
Change in module_param_call() definition requires alignment in:
drivers/hwtracing/coresight/coresight-event.c
drivers/power/reset/msm-poweroff.c
Change-Id: I0114d2226301af0b1775b37d79db5529653b135d
Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org>
|
||
Kees Cook
|
549b203743 |
UPSTREAM: treewide: Fix function prototypes for module_param_call()
Several function prototypes for the set/get functions defined by
module_param_call() have a slightly wrong argument types. This fixes
those in an effort to clean up the calls when running under type-enforced
compiler instrumentation for CFI. This is the result of running the
following semantic patch:
@match_module_param_call_function@
declarer name module_param_call;
identifier _name, _set_func, _get_func;
expression _arg, _mode;
@@
module_param_call(_name, _set_func, _get_func, _arg, _mode);
@fix_set_prototype
depends on match_module_param_call_function@
identifier match_module_param_call_function._set_func;
identifier _val, _param;
type _val_type, _param_type;
@@
int _set_func(
-_val_type _val
+const char * _val
,
-_param_type _param
+const struct kernel_param * _param
) { ... }
@fix_get_prototype
depends on match_module_param_call_function@
identifier match_module_param_call_function._get_func;
identifier _val, _param;
type _val_type, _param_type;
@@
int _get_func(
-_val_type _val
+char * _val
,
-_param_type _param
+const struct kernel_param * _param
) { ... }
Two additional by-hand changes are included for places where the above
Coccinelle script didn't notice them:
drivers/platform/x86/thinkpad_acpi.c
fs/lockd/svc.c
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Jessica Yu <jeyu@kernel.org>
Bug: 67506682
Change-Id: I2c9c0ee8ed28065e63270a52c155e5e7d2791295
(cherry picked from commit e4dca7b7aa08b22893c45485d222b5807c1375ae)
Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
|
||
Blagovest Kolenichev
|
bce6a97741 |
Merge android-4.14.35 (07e1389) into msm-4.14
* refs/heads/tmp-07e1389 Linux 4.14.35 nfsd: fix incorrect umasks hugetlbfs: fix bug in pgoff overflow checking xen: xenbus_dev_frontend: Fix XS_TRANSACTION_END handling ovl: fix lookup with middle layer opaque dir and absolute path redirects blk-mq: don't keep offline CPUs mapped to hctx 0 lib: fix stall in __bitmap_parselist() f2fs: fix heap mode to reset it back sunrpc: remove incorrect HMAC request initialization ath9k: Protect queue draining by rcu_read_lock() hwmon: (ina2xx) Fix access to uninitialized mutex x86/mce/AMD: Get address from already initialized block x86/mce/AMD, EDAC/mce_amd: Enumerate Reserved SMCA bank type x86/mce/AMD: Pass the bank number to smca_get_bank_type() x86/MCE: Report only DRAM ECC as memory errors on AMD systems rtl8187: Fix NULL pointer dereference in priv->conf_mutex Bluetooth: hci_bcm: Treat Interrupt ACPI resources as always being active-low Bluetooth: Fix connection if directed advertising and privacy is used getname_kernel() needs to make sure that ->name != ->iname in long case get_user_pages_fast(): return -EFAULT on access_ok failure s390/ipl: ensure loadparm valid flag is set s390/qdio: don't merge ERROR output buffers s390/qdio: don't retry EQBS after CCQ 96 nfit: fix region registration vs block-data-window ranges block/loop: fix deadlock after loop_set_status apparmor: fix resource audit messages when auditing peer apparmor: fix display of .ns_name for containers apparmor: fix logging of the existence test for signals scsi: qla2xxx: Fix small memory leak in qla2x00_probe_one on probe failure x86/MCE/AMD: Define a function to get SMCA bank type radeon: hide pointless #warning when compile testing perf/core: Fix use-after-free in uprobe_perf_close() perf intel-pt: Fix timestamp following overflow perf intel-pt: Fix error recovery from missing TIP packet perf intel-pt: Fix sync_switch perf intel-pt: Fix overlap detection to identify consecutive buffers correctly KVM: PPC: Book3S HV: trace_tlbie must not be called in realmode PCI: hv: Serialize the present and eject work items Drivers: hv: vmbus: do not mark HV_PCIE as perf_device parisc: Fix HPMC handler by increasing size to multiple of 16 bytes parisc: Fix out of array access in match_pci_device() media: v4l: vsp1: Fix header display list status check in continuous mode media: v4l2-compat-ioctl32: don't oops on overlay lan78xx: Correctly indicate invalid OTP vhost: Fix vhost_copy_to_user() vhost: fix vhost_vq_access_ok() log check slip: Check if rstate is initialized before uncompressing rds: MP-RDS may use an invalid c_path cdc_ether: flag the Cinterion AHS8 modem by gemalto as WWAN netfilter: ipset: Missing nfnl_lock()/nfnl_unlock() is added to ip_set_net_exit() ANDROID: Add build server config for cuttlefish. ANDROID: Add defconfig for cuttlefish. FROMLIST: staging: Android: Add 'vsoc' driver for cuttlefish. ANDROID: cpufreq: Add time_in_state to /proc/uid directories ANDROID: proc: Add /proc/uid directory ANDROID: cpufreq: times: track per-uid time in state ANDROID: cpufreq: track per-task time in state f2fs/fscrypt: updates to v4.17-rc1 Change-Id: I0fdc9762e63ff9a9abb25e6adea0c723e517a2a6 Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org> Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org> |
||
|
Greg Kroah-Hartman
|
07e1389288 |
This is the 4.14.35 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlrYPacACgkQONu9yGCS aT7Q4A//Q+1ytBiWunPksqjKyIUN10wvvic7KMUsXWoO0V0IamiuTQBcwfDdn9w7 ilIrPkMfW48r0gpLYyrmhQ/u6VDOaTRdAz5t9veStsr3p58e40uzhoCBqlOGaQYO yCa7YZ1AWKAHkgfeLUevRd1oHq7eQ6BgtIzB6XBzxO8WhKa4EU6GuxvrbGdn1YNR tCkfHkwyp0OoPt8mbxw46A7+40nrGSWqp+ubFFrr2I0xd4gJJ1Xadj5DTxAf2uQS H0wbUqYHOoT94eB6QfwM/uBYQQV6QYFRItQsMb4zZM9/9uTjWug25PXCXvaR/Hsg ek2WPtHxW62suiHDi2vt+GqrlswD4vQ0FJvLBGSmyzpLuVE8281Jm0C23KFI+4lR gcXrtrdYNnKc5OSc0f7qqg66amBQJ14diLPxmfWMhou/3cCsn9bRnU7GIimnrD/Z fzlDi3fQcgpbiC38FnfLXy8spcYNwiul3YNgVSS0B8pjLNmq3RFiYrBF3GR4y7dZ bcNer1QhmNT1grutUXmTPdXI0BGXWjNTT6kxzNqv70YE56mQgXNXIljGZ3LptXMn nCHkKyGEQlTxR5lsiZ4nmcwvdAdcCMfMfNpMftrmp8tBzMGgcGyIqwhhNnkommon Q5sV5ND1qAd+OdWLP42bqMIN84khxynACzYNBN/ukrWHglcWEoo= =2Q90 -----END PGP SIGNATURE----- Merge 4.14.35 into android-4.14 Changes in 4.14.35 netfilter: ipset: Missing nfnl_lock()/nfnl_unlock() is added to ip_set_net_exit() cdc_ether: flag the Cinterion AHS8 modem by gemalto as WWAN rds: MP-RDS may use an invalid c_path slip: Check if rstate is initialized before uncompressing vhost: fix vhost_vq_access_ok() log check vhost: Fix vhost_copy_to_user() lan78xx: Correctly indicate invalid OTP media: v4l2-compat-ioctl32: don't oops on overlay media: v4l: vsp1: Fix header display list status check in continuous mode parisc: Fix out of array access in match_pci_device() parisc: Fix HPMC handler by increasing size to multiple of 16 bytes Drivers: hv: vmbus: do not mark HV_PCIE as perf_device PCI: hv: Serialize the present and eject work items KVM: PPC: Book3S HV: trace_tlbie must not be called in realmode perf intel-pt: Fix overlap detection to identify consecutive buffers correctly perf intel-pt: Fix sync_switch perf intel-pt: Fix error recovery from missing TIP packet perf intel-pt: Fix timestamp following overflow perf/core: Fix use-after-free in uprobe_perf_close() radeon: hide pointless #warning when compile testing x86/MCE/AMD: Define a function to get SMCA bank type scsi: qla2xxx: Fix small memory leak in qla2x00_probe_one on probe failure apparmor: fix logging of the existence test for signals apparmor: fix display of .ns_name for containers apparmor: fix resource audit messages when auditing peer block/loop: fix deadlock after loop_set_status nfit: fix region registration vs block-data-window ranges s390/qdio: don't retry EQBS after CCQ 96 s390/qdio: don't merge ERROR output buffers s390/ipl: ensure loadparm valid flag is set get_user_pages_fast(): return -EFAULT on access_ok failure getname_kernel() needs to make sure that ->name != ->iname in long case Bluetooth: Fix connection if directed advertising and privacy is used Bluetooth: hci_bcm: Treat Interrupt ACPI resources as always being active-low rtl8187: Fix NULL pointer dereference in priv->conf_mutex x86/MCE: Report only DRAM ECC as memory errors on AMD systems x86/mce/AMD: Pass the bank number to smca_get_bank_type() x86/mce/AMD, EDAC/mce_amd: Enumerate Reserved SMCA bank type x86/mce/AMD: Get address from already initialized block hwmon: (ina2xx) Fix access to uninitialized mutex ath9k: Protect queue draining by rcu_read_lock() sunrpc: remove incorrect HMAC request initialization f2fs: fix heap mode to reset it back lib: fix stall in __bitmap_parselist() blk-mq: don't keep offline CPUs mapped to hctx 0 ovl: fix lookup with middle layer opaque dir and absolute path redirects xen: xenbus_dev_frontend: Fix XS_TRANSACTION_END handling hugetlbfs: fix bug in pgoff overflow checking nfsd: fix incorrect umasks Linux 4.14.35 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
John Johansen
|
54b990ede4 |
apparmor: fix resource audit messages when auditing peer
commit b5beb07ad32ab533027aa988d96a44965ec116f7 upstream.
Resource auditing is using the peer field which is not available
when the rlim data struct is used, because it is a different element
of the same union. Accessing peer during resource auditing could
cause garbage log entries or even oops the kernel.
Move the rlim data block into the same struct as the peer field
so they can be used together.
CC: <stable@vger.kernel.org>
Fixes: 86b92cb782b3 ("apparmor: move resource checks to using labels")
Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
John Johansen
|
a0358f6052 |
apparmor: fix display of .ns_name for containers
commit 040d9e2bce0a5b321c402b79ee43a8e8d2fd3b06 upstream. The .ns_name should not be virtualized by the current ns view. It needs to report the ns base name as that is being used during startup as part of determining apparmor policy namespace support. BugLink: http://bugs.launchpad.net/bugs/1746463 Fixes: d9f02d9c237aa ("apparmor: fix display of ns name") Cc: Stable <stable@vger.kernel.org> Reported-by: Serge Hallyn <serge@hallyn.com> Tested-by: Serge Hallyn <serge@hallyn.com> Signed-off-by: John Johansen <john.johansen@canonical.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
John Johansen
|
1d0d8beb35 |
apparmor: fix logging of the existence test for signals
commit 98cf5bbff413eadf1b9cb195a7b80cc61c72a50e upstream.
The existence test is not being properly logged as the signal mapping
maps it to the last entry in the named signal table. This is done
to help catch bugs by making the 0 mapped signal value invalid so
that we can catch the signal value not being filled in.
When fixing the off-by-one comparision logic the reporting of the
existence test was broken, because the logic behind the mapped named
table was hidden. Fix this by adding a define for the name lookup
and using it.
Cc: Stable <stable@vger.kernel.org>
Fixes: f7dc4c9a855a1 ("apparmor: fix off-by-one comparison on MAXMAPPED_SIG")
Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Isaac J. Manjarres
|
805d13413a |
Merge remote-tracking branch 'remotes/origin/tmp-a45ab56' into msm-4.14
* remotes/origin/tmp-a45ab56: Linux 4.14.30 RDMA/vmw_pvrdma: Fix usage of user response structures in ABI file kbuild: fix linker feature test macros when cross compiling with Clang RDMA/ucma: Don't allow join attempts for unsupported AF family RDMA/ucma: Fix access to non-initialized CM_ID object clk: migrate the count of orphaned clocks at init RDMA/core: Do not use invalid destination in determining port reuse serial: 8250_pci: Don't fail on multiport card class IB/mlx5: Fix out-of-bounds read in create_raw_packet_qp_rq IB/mlx5: Fix integer overflows in mlx5_ib_create_srq scsi: mpt3sas: wait for and flush running commands on shutdown/unload scsi: mpt3sas: fix oops in error handlers after shutdown/unload dmaengine: ti-dma-crossbar: Fix event mapping for TPCC_EVT_MUX_60_63 crypto: artpec6 - set correct iv size for gcm(aes) clk: si5351: Rename internal plls to avoid name collisions clk: axi-clkgen: Correctly handle nocount bit in recalc_rate() clk: Don't touch hardware when reparenting during registration clk: at91: pmc: Wait for clocks when resuming nfsd4: permit layoutget of executable-only files ARM: dts: aspeed-evb: Add unit name to memory node RDMA/ocrdma: Fix permissions for OCRDMA_RESET_STATS scsi: lpfc: Fix issues connecting with nvme initiator scsi: lpfc: Fix SCSI LUN discovery when SCSI and NVME enabled soc: qcom: smsm: fix child-node lookup ip_gre: fix potential memory leak in erspan_rcv ip_gre: fix error path when erspan_rcv failed ip6_vti: adjust vti mtu according to mtu of lower device iommu/vt-d: clean up pr_irq if request_threaded_irq fails pinctrl: rockchip: enable clock when reading pin direction register pinctrl: Really force states during suspend/resume media: davinci: fix a debug printk PCI: rcar: Handle rcar_pcie_parse_request_of_pci_ranges() failures PCI: endpoint: Fix find_first_zero_bit() usage PCI: designware-ep: Fix ->get_msi() to check MSI_EN bit coresight: Fix disabling of CoreSight TPIU pty: cancel pty slave port buf's work in tty_release drm/omap: DMM: Check for DMM readiness after successful transaction commit mmc: sdhci-xenon: wait 5ms after set 1.8V signal enable omapdrm: panel: fix compatible vendor string for td028ttec1 vgacon: Set VGA struct resource types iser-target: avoid reinitializing rdma contexts for isert commands IB/umem: Fix use of npages/nmap fields RDMA/cma: Use correct size when writing netlink stats IB/ipoib: Avoid memory leak if the SA returns a different DGID rtc: ac100: Fix multiple race conditions media: s5p-mfc: Fix lock contention - request_firmware() once sfp: fix non-detection of PHY sfp: fix EEPROM reading in the case of non-SFF8472 SFPs net: phy: meson-gxl: check phy_write return value /dev/mem: Add bounce buffer for copy-out mmc: block: fix logical error to avoid memory leak mmc: avoid removing non-removable hosts during suspend drm/tilcdc: ensure nonatomic iowrite64 is not used dmaengine: zynqmp_dma: Fix race condition in the probe platform/chrome: Use proper protocol transfer function watchdog: Fix kref imbalance seen if handle_boot_enabled=0 watchdog: Fix potential kref imbalance when opening watchdog cros_ec: fix nul-termination for firmware build info serial: 8250_dw: Disable clock on error tty: goldfish: Enable 'earlycon' only if built-in qmi_wwan: set FLAG_SEND_ZLP to avoid network initiated disconnect media: [RESEND] media: dvb-frontends: Add delay to Si2168 restart ath10k: handling qos at STA side based on AP WMM enable/disable media: bt8xx: Fix err 'bt878_probe()' rtlwifi: always initialize variables given to RT_TRACE() rtlwifi: rtl_pci: Fix the bug when inactiveps is enabled. spi: sh-msiof: Avoid writing to registers from spi_master.setup() hv_netvsc: Fix the TX/RX buffer default sizes hv_netvsc: Fix the receive buffer size limit RDMA/iwpm: Fix uninitialized error code in iwpm_send_mapinfo() drm/msm: fix leak in failed get_pages media: c8sectpfe: fix potential NULL pointer dereference in c8sectpfe_timer_interrupt cpufreq: longhaul: Revert transition_delay_us to 200 ms Bluetooth: btqcomsmd: Fix skb double free corruption Bluetooth: hci_qca: Avoid setup failure on missing rampatch staging: android: ashmem: Fix possible deadlock in ashmem_ioctl scsi: megaraid_sas: Do not use 32-bit atomic request descriptor for Ventura controllers FROMLIST: crypto: arm64/speck - add NEON-accelerated implementation of Speck-XTS BACKPORT: kbuild: fix linker feature test macros when cross compiling with Clang Conflicts: drivers/clk/clk.c drivers/gpu/drm/msm/msm_gem.c Change-Id: Ia2b16feb38555f4f7ba11aef07d6e601b2e41fdc Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org> |
||
|
Greg Kroah-Hartman
|
a45ab563a4 |
This is the 4.14.30 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlq2IfoACgkQONu9yGCS aT5mvw//Vqj0kVcbbIVWlafFnsRS7+u4VggHOLBmunW/GATBqXFeqFa/naJ3GB2H Ji91CkHUaR/8hohgMndd4GIJFxOYEf9zMzWxyza5pjcgBzwFHywd3n2cgnNzwPgE xHv3HbLXT4MjHbtk6Zf3vVb+khcLikWtXbdBoO+K+sJWcITA31GuQSFuICXAeiTu K5yvGA/Y3dUMm1dN2fzV3ZuEZ8vuHVMVmzUHg+RlHVfLEVVkCOL2JupO+8S060Px 0heMcRaWTceyyAQ66xJ1hYo1Ia9qK0jTlohvYmRP1lguR6KTw0O8rBhJlUsmrPo0 17xohxgYbpwjs+g3cVas4Jf2bzlPa+PjYk6ZIkci/7tvZilF5HscZIJRwstgFjSY CM7TGk6bpadVT6rSzC2pUGdyPOElPAUYJZTinhRoSQWQL0A4HH4YFM0Wf6qVD1w+ KtESJR9VG8AKnp+w4HLwCpua/2zRCHANgpdItRKSO/hEnShP1CAsi60l9pHJI/e7 myOpE4OoJZSJMO26MoFsO3LWAlleGwUKGp/Lh/Gz/ANpks8HUnSGCVH1I+sWKfY1 nHL6tGFga8T5f3nAgJT2e8RNMkNI7AzYM8s0ygVy/JZ6qgtPtzHsSW5DRFYt+fy/ tqP0m+26e5TjYSKO4oaPmFfWEWjCzWYfXg4sk4d9dZZA+41r0B0= =pK0E -----END PGP SIGNATURE----- Merge 4.14.30 into android-4.14 Changes in 4.14.30 scsi: megaraid_sas: Do not use 32-bit atomic request descriptor for Ventura controllers staging: android: ashmem: Fix possible deadlock in ashmem_ioctl Bluetooth: hci_qca: Avoid setup failure on missing rampatch Bluetooth: btqcomsmd: Fix skb double free corruption cpufreq: longhaul: Revert transition_delay_us to 200 ms media: c8sectpfe: fix potential NULL pointer dereference in c8sectpfe_timer_interrupt drm/msm: fix leak in failed get_pages RDMA/iwpm: Fix uninitialized error code in iwpm_send_mapinfo() hv_netvsc: Fix the receive buffer size limit hv_netvsc: Fix the TX/RX buffer default sizes spi: sh-msiof: Avoid writing to registers from spi_master.setup() rtlwifi: rtl_pci: Fix the bug when inactiveps is enabled. rtlwifi: always initialize variables given to RT_TRACE() media: bt8xx: Fix err 'bt878_probe()' ath10k: handling qos at STA side based on AP WMM enable/disable media: [RESEND] media: dvb-frontends: Add delay to Si2168 restart qmi_wwan: set FLAG_SEND_ZLP to avoid network initiated disconnect tty: goldfish: Enable 'earlycon' only if built-in serial: 8250_dw: Disable clock on error cros_ec: fix nul-termination for firmware build info watchdog: Fix potential kref imbalance when opening watchdog watchdog: Fix kref imbalance seen if handle_boot_enabled=0 platform/chrome: Use proper protocol transfer function dmaengine: zynqmp_dma: Fix race condition in the probe drm/tilcdc: ensure nonatomic iowrite64 is not used mmc: avoid removing non-removable hosts during suspend mmc: block: fix logical error to avoid memory leak /dev/mem: Add bounce buffer for copy-out net: phy: meson-gxl: check phy_write return value sfp: fix EEPROM reading in the case of non-SFF8472 SFPs sfp: fix non-detection of PHY media: s5p-mfc: Fix lock contention - request_firmware() once rtc: ac100: Fix multiple race conditions IB/ipoib: Avoid memory leak if the SA returns a different DGID RDMA/cma: Use correct size when writing netlink stats IB/umem: Fix use of npages/nmap fields iser-target: avoid reinitializing rdma contexts for isert commands vgacon: Set VGA struct resource types omapdrm: panel: fix compatible vendor string for td028ttec1 mmc: sdhci-xenon: wait 5ms after set 1.8V signal enable drm/omap: DMM: Check for DMM readiness after successful transaction commit pty: cancel pty slave port buf's work in tty_release coresight: Fix disabling of CoreSight TPIU PCI: designware-ep: Fix ->get_msi() to check MSI_EN bit PCI: endpoint: Fix find_first_zero_bit() usage PCI: rcar: Handle rcar_pcie_parse_request_of_pci_ranges() failures media: davinci: fix a debug printk pinctrl: Really force states during suspend/resume pinctrl: rockchip: enable clock when reading pin direction register iommu/vt-d: clean up pr_irq if request_threaded_irq fails ip6_vti: adjust vti mtu according to mtu of lower device ip_gre: fix error path when erspan_rcv failed ip_gre: fix potential memory leak in erspan_rcv soc: qcom: smsm: fix child-node lookup scsi: lpfc: Fix SCSI LUN discovery when SCSI and NVME enabled scsi: lpfc: Fix issues connecting with nvme initiator RDMA/ocrdma: Fix permissions for OCRDMA_RESET_STATS ARM: dts: aspeed-evb: Add unit name to memory node nfsd4: permit layoutget of executable-only files clk: at91: pmc: Wait for clocks when resuming clk: Don't touch hardware when reparenting during registration clk: axi-clkgen: Correctly handle nocount bit in recalc_rate() clk: si5351: Rename internal plls to avoid name collisions crypto: artpec6 - set correct iv size for gcm(aes) dmaengine: ti-dma-crossbar: Fix event mapping for TPCC_EVT_MUX_60_63 scsi: mpt3sas: fix oops in error handlers after shutdown/unload scsi: mpt3sas: wait for and flush running commands on shutdown/unload IB/mlx5: Fix integer overflows in mlx5_ib_create_srq IB/mlx5: Fix out-of-bounds read in create_raw_packet_qp_rq serial: 8250_pci: Don't fail on multiport card class RDMA/core: Do not use invalid destination in determining port reuse clk: migrate the count of orphaned clocks at init RDMA/ucma: Fix access to non-initialized CM_ID object RDMA/ucma: Don't allow join attempts for unsupported AF family kbuild: fix linker feature test macros when cross compiling with Clang RDMA/vmw_pvrdma: Fix usage of user response structures in ABI file Linux 4.14.30 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Kees Cook
|
ea60e54b22 |
/dev/mem: Add bounce buffer for copy-out
[ Upstream commit 22ec1a2aea73b9dfe340dff7945bd85af4cc6280 ]
As done for /proc/kcore in
commit df04abfd181a ("fs/proc/kcore.c: Add bounce buffer for ktext data")
this adds a bounce buffer when reading memory via /dev/mem. This
is needed to allow kernel text memory to be read out when built with
CONFIG_HARDENED_USERCOPY (which refuses to read out kernel text) and
without CONFIG_STRICT_DEVMEM (which would have refused to read any RAM
contents at all).
Since this build configuration isn't common (most systems with
CONFIG_HARDENED_USERCOPY also have CONFIG_STRICT_DEVMEM), this also tries
to inform Kconfig about the recommended settings.
This patch is modified from Brad Spengler/PaX Team's changes to /dev/mem
code in the last public patch of grsecurity/PaX based on my understanding
of the code. Changes or omissions from the original code are mine and
don't reflect the original grsecurity/PaX code.
Reported-by: Michael Holzheu <holzheu@linux.vnet.ibm.com>
Fixes: f5509cc18daa ("mm: Hardened usercopy")
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Blagovest Kolenichev
|
24b2e60f51 |
Merge android-4.14.29 (45c8dbe) into msm-4.14
* refs/heads/tmp-45c8dbe
Linux 4.14.29
usb: dwc3: Fix GDBGFIFOSPACE_TYPE values
USB: gadget: udc: Add missing platform_device_put() on error in bdc_pci_probe()
scsi: qla2xxx: Fix crashes in qla2x00_probe_one on probe failure
scsi: qla2xxx: Fix logo flag for qlt_free_session_done()
scsi: qla2xxx: Fix NULL pointer access for fcport structure
scsi: qla2xxx: Fix smatch warning in qla25xx_delete_{rsp|req}_que
btrfs: Fix memory barriers usage with device stats counters
btrfs: remove spurious WARN_ON(ref->count < 0) in find_parent_nodes
btrfs: Fix use-after-free when cleaning up fs_devs with a single stale device
btrfs: alloc_chunk: fix DUP stripe size handling
btrfs: add missing initialization in btrfs_check_shared
btrfs: Fix NULL pointer exception in find_bio_stripe
irqchip/gic-v3-its: Ensure nr_ites >= nr_lpis
RDMAVT: Fix synchronization around percpu_ref
fs/aio: Use RCU accessors for kioctx_table->table[]
fs/aio: Add explicit RCU grace period when freeing kioctx
lock_parent() needs to recheck if dentry got __dentry_kill'ed under it
KVM: arm/arm64: vgic: Don't populate multiple LRs with the same vintid
kvm: arm/arm64: vgic-v3: Tighten synchronization for guests using v2 on v3
KVM: arm/arm64: Reduce verbosity of KVM init log
fs: Teach path_connected to handle nfs filesystems with multiple roots.
drm/amdgpu/dce: Don't turn off DP sink when disconnected
drm/radeon: fix prime teardown order
drm/amdgpu: fix prime teardown order
drm/nouveau/bl: Fix oops on driver unbind
ALSA: seq: Clear client entry before deleting else at closing
ALSA: seq: Fix possible UAF in snd_seq_check_queue()
ALSA: hda - Revert power_save option default value
ALSA: pcm: Fix UAF in snd_pcm_oss_get_formats()
parisc: Handle case where flush_cache_range is called with no context
x86/mm: Fix vmalloc_fault to use pXd_large
KVM: x86: Fix device passthrough when SME is active
x86/speculation: Remove Skylake C2 from Speculation Control microcode blacklist
x86/speculation, objtool: Annotate indirect calls/jumps for objtool on 32-bit kernels
x86/vm86/32: Fix POPF emulation
selftests/x86/entry_from_vm86: Add test cases for POPF
selftests/x86: Add tests for the STR and SLDT instructions
selftests/x86: Add tests for User-Mode Instruction Prevention
selftests/x86/entry_from_vm86: Exit with 1 if we fail
x86/cpufeatures: Add Intel PCONFIG cpufeature
x86/cpufeatures: Add Intel Total Memory Encryption cpufeature
ANDROID: arm-smccc: fix clang build
staging: android: ashmem: Fix possible deadlock in ashmem_ioctl
Linux 4.14.28
drm/i915/glk: Disable Guc and HuC on GLK
dmaengine: qcom_hidma: check pending interrupts
IB/mlx5: revisit -Wmaybe-uninitialized warning
ima: relax requiring a file signature for new files with zero length
locking/locktorture: Fix num reader/writer corner cases
rcutorture/configinit: Fix build directory error message
ipvlan: add L2 check for packets arriving via virtual devices
Fix misannotated out-of-line _copy_to_user()
mmc: mmc_test: Ensure command queue is disabled for testing
ASoC: nuc900: Fix a loop timeout test
crypto: caam/qi - use correct print specifier for size_t
mac80211: remove BUG() when interface type is invalid
mac80211_hwsim: enforce PS_MANUAL_POLL to be set after PS_ENABLED
agp/intel: Flush all chipset writes after updating the GGTT
arm64: dts: renesas: salvator-common: Add EthernetAVB PHY reset
powerpc/64: Don't trace irqs-off at interrupt return to soft-disabled context
powerpc/modules: Don't try to restore r2 after a sibling call
drm/amdkfd: Fix memory leaks in kfd topology
veth: set peer GSO values
net: sched: drop qdisc_reset from dev_graft_qdisc
virtio_net: Disable interrupts if napi_complete_done rescheduled napi
media: davinci: vpif_capture: add NULL check on devm_kzalloc return value
media: cpia2: Fix a couple off by one bugs
dm raid: fix raid set size revalidation
media: vsp1: Prevent suspending and resuming DRM pipelines
scsi: dh: add new rdac devices
scsi: devinfo: apply to HP XP the same flags as Hitachi VSP
scsi: core: scsi_get_device_flags_keyed(): Always return device flags
bnxt_en: Don't print "Link speed -1 no longer supported" messages.
spi: sun6i: disable/unprepare clocks on remove
tools/usbip: fixes build with musl libc toolchain
ath10k: fix invalid STS_CAP_OFFSET_MASK
mwifiex: cfg80211: do not change virtual interface during scan processing
clk: qcom: msm8916: fix mnd_width for codec_digcodec
drm/amdgpu:fix virtual dce bug
iwlwifi: mvm: avoid dumping assert log when device is stopped
perf annotate: Fix objdump comment parsing for Intel mov dissassembly
perf annotate: Fix unnecessary memory allocation for s390x
pinctrl: sh-pfc: r8a7795-es1: Fix MOD_SEL1 bit[25:24] to 0x3 when using STP_ISEN_1_D
pinctrl: sh-pfc: r8a7791: Add can_clk function
drm/sun4i: Fix format mask in DE2 driver
pwm: stmpe: Fix wrong register offset for hwpwm=2 case
scsi: ses: don't ask for diagnostic pages repeatedly during probe
drm/amdgpu:fix random missing of FLR NOTIFY
cpufreq: Fix governor module removal race
ath10k: update tdls teardown state to target
iio: health: max30102: Add power enable parameter to get_temp function
iio: adc: ina2xx: Shift bus voltage register to mask flag bits
drm/etnaviv: make THERMAL selectable
power: supply: ab8500_charger: Bail out in case of error in 'ab8500_charger_init_hw_registers()'
power: supply: ab8500_charger: Fix an error handling path
leds: pm8058: Silence pointer to integer size warning
xfrm: Fix xfrm_replay_overflow_offload_esn
userns: Don't fail follow_automount based on s_user_ns
mtd: nand: ifc: update bufnum mask for ver >= 2.0.0
ARM: dts: omap3-n900: Fix the audio CODEC's reset pin
ARM: dts: am335x-pepper: Fix the audio CODEC's reset pin
net: thunderx: Set max queue count taking XDP_TX into account
mtd: nand: fix interpretation of NAND_CMD_NONE in nand_command[_lp]()
net: xfrm: allow clearing socket xfrm policies.
rtc: brcmstb-waketimer: fix error handling in brcmstb_waketmr_probe()
net: ieee802154: adf7242: Fix bug if defined DEBUG
test_firmware: fix setting old custom fw path back on exit
crypto: cavium - fix memory leak on info
crypto: ecc - Fix NULL pointer deref. on no default_rng
sched: Stop resched_cpu() from sending IPIs to offline CPUs
sched: Stop switched_to_rt() from sending IPIs to offline CPUs
USB: ledtrig-usbport: fix of-node leak
typec: tcpm: fusb302: Resolve out of order messaging events
staging: rtl8822be: fix missing null check on dev_alloc_skb return
drm/amdgpu: fix get_max_engine_clock_in_mhz
ARM: dts: exynos: Correct Trats2 panel reset line
clk: meson: gxbb: fix wrong clock for SARADC/SANA
ARM: dts: koelsch: Move cec_clock to root node
iwlwifi: mvm: rs: don't override the rate history in the search cycle
HID: elo: clear BTN_LEFT mapping
HID: multitouch: Only look at non touch fields in first packet of a frame
video/hdmi: Allow "empty" HDMI infoframes
dma-buf/fence: Fix lock inversion within dma-fence-array
drm/edid: set ELD connector type in drm_edid_to_eld()
Revert "btrfs: use proper endianness accessors for super_copy"
dm mpath: fix passing integrity data
earlycon: add reg-offset to physical address before mapping
serial: core: mark port as initialized in autoconfig
serial: 8250_pci: Add Brainboxes UC-260 4 port serial device
usb: dwc3: Fix lock-up on ID change during system suspend/resume
usb: gadget: f_fs: Fix use-after-free in ffs_fs_kill_sb()
usb: usbmon: Read text within supplied buffer size
usb: quirks: add control message delay for 1b1c:1b20
usbip: vudc: fix null pointer dereference on udc->lock
USB: storage: Add JMicron bridge 152d:2567 to unusual_devs.h
staging: android: ashmem: Fix lockdep issue during llseek
staging: comedi: fix comedi_nsamples_left.
uas: fix comparison for error code
tty/serial: atmel: add new version check for usart
serial: sh-sci: prevent lockup on full TTY buffers
xhci: fix endpoint context tracer output
xhci: Fix front USB ports on ASUS PRIME B350M-A
usb: host: xhci-rcar: add support for r8a77965
ASoC: rt5651: Fix regcache sync errors on resume
ASoC: wm_adsp: For TLV controls only register TLV get/set
ASoC: sgtl5000: Fix suspend/resume
ASoC: sun4i-i2s: Fix RX slot number of SUN8I
x86: Treat R_X86_64_PLT32 as R_X86_64_PC32
net: phy: Restore phy_resume() locking assumption
net: phy: fix resume handling
ANDROID: sdcardfs: fix lock issue on 32 bit/SMP architectures
Change-Id: Ida88909c333e059adf42a8794c3b92b1d15252f7
Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org>
Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org>
|
||
|
Greg Kroah-Hartman
|
267c6efd76 |
This is the 4.14.28 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlqvagEACgkQONu9yGCS aT6OIxAAmZR4SyE7pWG9IwDzRcWhkPqknnKyM9SsfZ4m9TjiTRDZudUuJHy9LYko L1uCqQqd2cb88DkkY7aoThlZUNQmRKxbqlm1KGFnxYTIWpqmwC0Cod47P1gPdfu8 eCHFTskA3LzhWKtKISIYAstfgiiSMPDcaK+AoMFSgNHJPIRzK1ixMbPqd+NskBBn jkSAWgc3z7GazyPgX9mnR8jh6hrPBARgDgCUUlc5kG4xBQMJD5u00Z2u6hgPgGeH AjmB/LGWepZC/e+XbJGZlu2J/gOREkqpGmIgBlhLMZKFaa1uGb6do6vDpUwQsfHY NutaJ5sKuDRRk72jWNvYLxXetV+X8yMR/NcbUwN7NLe9tKQRQKQicscYSnSma5p+ /9kusRfbDuDgx6dSDf8qtfL4N01suUpZadfHRYJWTnmsR718ybc05LYegcve6m3n c1VL8oAVB9SHLWEEirqDfBIsDPwwUt2D+3Qa2BK7aLFdWJD8DAwBB+vuYOscvPMQ 4R4YG3Tt2jxlbdYSNnnF2/Y8RvJvYSH9TCz2ZxjTYjO1di+ildnF2KP2ncXnfU6s 2i5c/5efb5FRQUN3x2EiGK9adRhHc6D2vheOMOMGIFJX/hI4fDNuQyX9676hliMc +BRom5CU7712BVeR70+XuO9K9M1UDeqUGK0tgWFc8xI9LdrnfVc= =85d3 -----END PGP SIGNATURE----- Merge 4.14.28 into android-4.14 Changes in 4.14.28 net: phy: fix resume handling net: phy: Restore phy_resume() locking assumption x86: Treat R_X86_64_PLT32 as R_X86_64_PC32 ASoC: sun4i-i2s: Fix RX slot number of SUN8I ASoC: sgtl5000: Fix suspend/resume ASoC: wm_adsp: For TLV controls only register TLV get/set ASoC: rt5651: Fix regcache sync errors on resume usb: host: xhci-rcar: add support for r8a77965 xhci: Fix front USB ports on ASUS PRIME B350M-A xhci: fix endpoint context tracer output serial: sh-sci: prevent lockup on full TTY buffers tty/serial: atmel: add new version check for usart uas: fix comparison for error code staging: comedi: fix comedi_nsamples_left. staging: android: ashmem: Fix lockdep issue during llseek USB: storage: Add JMicron bridge 152d:2567 to unusual_devs.h usbip: vudc: fix null pointer dereference on udc->lock usb: quirks: add control message delay for 1b1c:1b20 usb: usbmon: Read text within supplied buffer size usb: gadget: f_fs: Fix use-after-free in ffs_fs_kill_sb() usb: dwc3: Fix lock-up on ID change during system suspend/resume serial: 8250_pci: Add Brainboxes UC-260 4 port serial device serial: core: mark port as initialized in autoconfig earlycon: add reg-offset to physical address before mapping dm mpath: fix passing integrity data Revert "btrfs: use proper endianness accessors for super_copy" drm/edid: set ELD connector type in drm_edid_to_eld() dma-buf/fence: Fix lock inversion within dma-fence-array video/hdmi: Allow "empty" HDMI infoframes HID: multitouch: Only look at non touch fields in first packet of a frame HID: elo: clear BTN_LEFT mapping iwlwifi: mvm: rs: don't override the rate history in the search cycle ARM: dts: koelsch: Move cec_clock to root node clk: meson: gxbb: fix wrong clock for SARADC/SANA ARM: dts: exynos: Correct Trats2 panel reset line drm/amdgpu: fix get_max_engine_clock_in_mhz staging: rtl8822be: fix missing null check on dev_alloc_skb return typec: tcpm: fusb302: Resolve out of order messaging events USB: ledtrig-usbport: fix of-node leak sched: Stop switched_to_rt() from sending IPIs to offline CPUs sched: Stop resched_cpu() from sending IPIs to offline CPUs crypto: ecc - Fix NULL pointer deref. on no default_rng crypto: cavium - fix memory leak on info test_firmware: fix setting old custom fw path back on exit net: ieee802154: adf7242: Fix bug if defined DEBUG rtc: brcmstb-waketimer: fix error handling in brcmstb_waketmr_probe() net: xfrm: allow clearing socket xfrm policies. mtd: nand: fix interpretation of NAND_CMD_NONE in nand_command[_lp]() net: thunderx: Set max queue count taking XDP_TX into account ARM: dts: am335x-pepper: Fix the audio CODEC's reset pin ARM: dts: omap3-n900: Fix the audio CODEC's reset pin mtd: nand: ifc: update bufnum mask for ver >= 2.0.0 userns: Don't fail follow_automount based on s_user_ns xfrm: Fix xfrm_replay_overflow_offload_esn leds: pm8058: Silence pointer to integer size warning power: supply: ab8500_charger: Fix an error handling path power: supply: ab8500_charger: Bail out in case of error in 'ab8500_charger_init_hw_registers()' drm/etnaviv: make THERMAL selectable iio: adc: ina2xx: Shift bus voltage register to mask flag bits iio: health: max30102: Add power enable parameter to get_temp function ath10k: update tdls teardown state to target cpufreq: Fix governor module removal race drm/amdgpu:fix random missing of FLR NOTIFY scsi: ses: don't ask for diagnostic pages repeatedly during probe pwm: stmpe: Fix wrong register offset for hwpwm=2 case drm/sun4i: Fix format mask in DE2 driver pinctrl: sh-pfc: r8a7791: Add can_clk function pinctrl: sh-pfc: r8a7795-es1: Fix MOD_SEL1 bit[25:24] to 0x3 when using STP_ISEN_1_D perf annotate: Fix unnecessary memory allocation for s390x perf annotate: Fix objdump comment parsing for Intel mov dissassembly iwlwifi: mvm: avoid dumping assert log when device is stopped drm/amdgpu:fix virtual dce bug clk: qcom: msm8916: fix mnd_width for codec_digcodec mwifiex: cfg80211: do not change virtual interface during scan processing ath10k: fix invalid STS_CAP_OFFSET_MASK tools/usbip: fixes build with musl libc toolchain spi: sun6i: disable/unprepare clocks on remove bnxt_en: Don't print "Link speed -1 no longer supported" messages. scsi: core: scsi_get_device_flags_keyed(): Always return device flags scsi: devinfo: apply to HP XP the same flags as Hitachi VSP scsi: dh: add new rdac devices media: vsp1: Prevent suspending and resuming DRM pipelines dm raid: fix raid set size revalidation media: cpia2: Fix a couple off by one bugs media: davinci: vpif_capture: add NULL check on devm_kzalloc return value virtio_net: Disable interrupts if napi_complete_done rescheduled napi net: sched: drop qdisc_reset from dev_graft_qdisc veth: set peer GSO values drm/amdkfd: Fix memory leaks in kfd topology powerpc/modules: Don't try to restore r2 after a sibling call powerpc/64: Don't trace irqs-off at interrupt return to soft-disabled context arm64: dts: renesas: salvator-common: Add EthernetAVB PHY reset agp/intel: Flush all chipset writes after updating the GGTT mac80211_hwsim: enforce PS_MANUAL_POLL to be set after PS_ENABLED mac80211: remove BUG() when interface type is invalid crypto: caam/qi - use correct print specifier for size_t ASoC: nuc900: Fix a loop timeout test mmc: mmc_test: Ensure command queue is disabled for testing Fix misannotated out-of-line _copy_to_user() ipvlan: add L2 check for packets arriving via virtual devices rcutorture/configinit: Fix build directory error message locking/locktorture: Fix num reader/writer corner cases ima: relax requiring a file signature for new files with zero length IB/mlx5: revisit -Wmaybe-uninitialized warning dmaengine: qcom_hidma: check pending interrupts drm/i915/glk: Disable Guc and HuC on GLK Linux 4.14.28 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
Mimi Zohar
|
fd6170bf43 |
ima: relax requiring a file signature for new files with zero length
[ Upstream commit b7e27bc1d42e8e0cc58b602b529c25cd0071b336 ] Custom policies can require file signatures based on LSM labels. These files are normally created and only afterwards labeled, requiring them to be signed. Instead of requiring file signatures based on LSM labels, entire filesystems could require file signatures. In this case, we need the ability of writing new files without requiring file signatures. The definition of a "new" file was originally defined as any file with a length of zero. Subsequent patches redefined a "new" file to be based on the FILE_CREATE open flag. By combining the open flag with a file size of zero, this patch relaxes the file signature requirement. Fixes: 1ac202e978e1 ima: accept previously set IMA_NEW_FILE Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com> Signed-off-by: Sasha Levin <alexander.levin@microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Isaac J. Manjarres
|
9636a4ea18 |
Merge remote-tracking branch 'remotes/origin/tmp-af3b8e6' into msm-4.14
* remotes/origin/tmp-af3b8e6:
Linux 4.14.22
vmalloc: fix __GFP_HIGHMEM usage for vmalloc_32 on 32b systems
mei: me: add cannon point device ids for 4th device
mei: me: add cannon point device ids
crypto: s5p-sss - Fix kernel Oops in AES-ECB mode
drm/i915: fix intel_backlight_device_register declaration
crypto: talitos - fix Kernel Oops on hashing an empty file
hippi: Fix a Fix a possible sleep-in-atomic bug in rr_close
powerpc/perf/imc: Fix nest-imc cpuhotplug callback failure
PCI: rcar: Fix use-after-free in probe error path
xen: XEN_ACPI_PROCESSOR is Dom0-only
platform/x86: dell-laptop: Fix keyboard max lighting for Dell Latitude E6410
x86/mm/kmmio: Fix mmiotrace for page unaligned addresses
mm/early_ioremap: Fix boot hang with earlyprintk=efi,keep
usb: dwc3: of-simple: fix missing clk_disable_unprepare
usb: dwc3: gadget: Wait longer for controller to end command processing
dmaengine: jz4740: disable/unprepare clk if probe fails
drm/vc4: Release fence after signalling
ASoC: rsnd: ssi: fix race condition in rsnd_ssi_pointer_update
drm/armada: fix leak of crtc structure
xfrm: Fix stack-out-of-bounds with misconfigured transport mode policies.
IB/mlx4: Fix RSS hash fields restrictions
spi: sun4i: disable clocks in the remove function
ASoC: rockchip: disable clock on error
staging: ccree: Uninitialized return in ssi_ahash_import()
clk: fix a panic error caused by accessing NULL pointer
netfilter: xt_bpf: add overflow checks
xfrm: Fix xfrm_input() to verify state is valid when (encap_type < 0)
dmaengine: at_hdmac: fix potential NULL pointer dereference in atc_prep_dma_interleaved
dmaengine: ioat: Fix error handling path
scsi: bfa: fix type conversion warning
scsi: bfa: fix access to bfad_im_port_s
scsi: lpfc: Use after free in lpfc_rq_buf_free()
gianfar: Disable EEE autoneg by default
509: fix printing uninitialized stack memory when OID is empty
net: dsa: mv88e6xxx: Unregister MDIO bus on error path
net: dsa: mv88e6xxx: Fix interrupt masking on removal
net: ethernet: arc: fix error handling in emac_rockchip_probe
virtio_net: fix return value check in receive_mergeable()
brcmfmac: Avoid build error with make W=1
btrfs: Fix possible off-by-one in btrfs_search_path_in_tree
Btrfs: disable FUA if mounted with nobarrier
btrfs: Fix quota reservation leak on preallocated files
locking/lockdep: Fix possible NULL deref
net: qualcomm: rmnet: Fix leak on transmit failure
KVM: VMX: fix page leak in hardware_setup()
VSOCK: fix outdated sk_state value in hvs_release()
net_sched: red: Avoid illegal values
net_sched: red: Avoid devision by zero
gianfar: fix a flooded alignment reports because of padding issue.
nfp: fix port stats for mac representors
ARM: dts: Fix elm interrupt compiler warning
s390/dasd: prevent prefix I/O error
s390/virtio: add BSD license to virtio-ccw
PM / runtime: Fix handling of suppliers with disabled runtime PM
powerpc/perf: Fix oops when grouping different pmu events
m68k: add missing SOFTIRQENTRY_TEXT linker section
ipvlan: Add the skb->mark as flow4's member to lookup route
bnxt_en: Need to unconditionally shut down RoCE in bnxt_shutdown
scripts/kernel-doc: Don't fail with status != 0 if error encountered with -none
iio: fix kernel-doc build errors
iio: proximity: sx9500: Assign interrupt from GpioIo()
md/raid1/10: add missed blk plug
phylink: ensure we take the link down when phylink_stop() is called
sfp: fix RX_LOS signal handling
sctp: only update outstanding_bytes for transmitted queue when doing prsctp_prune
md/raid5: correct degraded calculation in raid5_error
IB/core: Init subsys if compiled to vmlinuz-core
RDMA/cma: Make sure that PSN is not over max allowed
i40iw: Correct ARP index mask
i40iw: Do not free sqbuf when event is I40IW_TIMER_TYPE_CLOSE
i40iw: Allocate a sdbuf per CQP WQE
KVM: arm/arm64: Fix spinlock acquisition in vgic_set_owner
meson-gx-socinfo: Fix package id parsing
IB/hfi1: Initialize bth1 in 16B rc ack builder
pinctrl: sunxi: Fix A64 UART mux value
pinctrl: sunxi: Fix A80 interrupt pin bank
gpio: davinci: Assign first bank regs for unbanked case
gpio: 74x164: Fix crash during .remove()
net: mvpp2: allocate zeroed tx descriptors
media: ov13858: Select V4L2_FWNODE
media: s5k6aa: describe some function parameters
trace/xdp: fix compile warning: 'struct bpf_map' declared inside parameter list
kvm: arm: don't treat unavailable HYP mode as an error
pinctrl: denverton: Fix UART2 RTS pin mode
perf test: Fix test 21 for s390x
perf bench numa: Fixup discontiguous/sparse numa nodes
perf top: Fix window dimensions change handling
perf: Fix header.size for namespace events
perf test shell: Fix check open filename arg using 'perf trace' on s390x
perf annotate: Do not truncate instruction names at 6 chars
perf help: Fix a bug during strstart() conversion
perf record: Fix -c/-F options for cpu event aliases
ARM: dts: am437x-cm-t43: Correct the dmas property of spi0
ARM: dts: am4372: Correct the interrupts_properties of McASP
ARM: dts: logicpd-somlv: Fix wl127x pinmux
ARM: dts: logicpd-som-lv: Fix gpmc addresses for NAND and enet
ARM: dts: Fix omap4 hang with GPS connected to USB by using wakeupgen
ARM: AM33xx: PRM: Remove am33xx_pwrdm_read_prev_pwrst function
ARM: OMAP2+: Fix SRAM virt to phys translation for save_secure_ram_context
serdev: fix receive_buf return value when no callback
usb: build drivers/usb/common/ when USB_SUPPORT is set
usbip: keep usbip_device sockfd state in sync with tcp_socket
staging: iio: ad5933: switch buffer mode to software
staging: iio: adc: ad7192: fix external frequency setting
staging: fsl-mc: fix build testing on x86
binder: replace "%p" with "%pK"
binder: check for binder_thread allocation failure in binder_poll()
staging: android: ashmem: Fix a race condition in pin ioctls
ANDROID: binder: synchronize_rcu() when using POLLFREE.
ANDROID: binder: remove WARN() for redundant txn error
dn_getsockoptdecnet: move nf_{get/set}sockopt outside sock lock
arm64: dts: add #cooling-cells to CPU nodes
ARM: 8743/1: bL_switcher: add MODULE_LICENSE tag
video: fbdev/mmp: add MODULE_LICENSE
ASoC: ux500: add MODULE_LICENSE tag
net_sched: gen_estimator: fix lockdep splat
net: avoid skb_warn_bad_offload on IS_ERR
rds: tcp: atomically purge entries from rds_tcp_conn_list during netns delete
rds: tcp: correctly sequence cleanup on netns deletion.
netfilter: xt_RATEEST: acquire xt_rateest_mutex for hash insert
netfilter: xt_cgroup: initialize info->priv in cgroup_mt_check_v1()
netfilter: on sockopt() acquire sock lock only in the required scope
netfilter: ipt_CLUSTERIP: fix out-of-bounds accesses in clusterip_tg_check()
netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_{match|target}
netfilter: x_tables: fix int overflow in xt_alloc_table_info()
kcov: detect double association with a single task
KVM: x86: fix escape of guest dr6 to the host
blk_rq_map_user_iov: fix error override
staging: android: ion: Switch from WARN to pr_warn
staging: android: ion: Add __GFP_NOWARN for system contig heap
crypto: x86/twofish-3way - Fix %rbp usage
media: pvrusb2: properly check endpoint types
selinux: skip bounded transition processing if the policy isn't loaded
selinux: ensure the context is NUL terminated in security_context_to_sid_core()
ptr_ring: try vmalloc() when kmalloc() fails
ptr_ring: fail early if queue occupies more than KMALLOC_MAX_SIZE
ALSA: bcd2000: Add a sanity check for invalid EPs
ALSA: caiaq: Add a sanity check for invalid EPs
ALSA: line6: Add a sanity check for invalid EPs
drm: Require __GFP_NOFAIL for the legacy drm_modeset_lock_all
dnotify: Handle errors from fsnotify_add_mark_locked() in fcntl_dirnotify()
blktrace: fix unlocked registration of tracepoints
sctp: set frag_point in sctp_setsockopt_maxseg correctly
xfrm: check id proto in validate_tmpl()
xfrm: Fix stack-out-of-bounds read on socket policy lookup.
RDMA/netlink: Fix general protection fault
KVM/x86: Check input paging mode when cs.l is set
mm,vmscan: Make unregister_shrinker() no-op if register_shrinker() failed.
xfrm: skip policies marked as dead while rehashing
xfrm: fix rcu usage in xfrm_get_type_offload
xfrm: don't call xfrm_policy_cache_flush while holding spinlock
esp: Fix GRO when the headers not fully in the linear part of the skb.
mac80211_hwsim: validate number of different channels
cfg80211: check dev_set_name() return value
bpf: mark dst unknown on inconsistent {s, u}bounds adjustments
kcm: Only allow TCP sockets to be attached to a KCM mux
kcm: Check if sk_user_data already set in kcm_attach
vhost: use mutex_lock_nested() in vhost_dev_lock_vqs()
usb: core: Add a helper function to check the validity of EP type in URB
ANDROID: sdcardfs: Hold i_mutex for i_size_write
FROMGIT: crypto: speck - add test vectors for Speck64-XTS
FROMGIT: crypto: speck - add test vectors for Speck128-XTS
FROMGIT: crypto: arm/speck - add NEON-accelerated implementation of Speck-XTS
FROMGIT: crypto: speck - export common helpers
FROMGIT: crypto: speck - add support for the Speck block cipher
f2fs: updates on v4.16-rc1
Conflicts:
drivers/net/ethernet/qualcomm/rmnet/rmnet_handlers.c
Change-Id: I420172cd4438ce010645ceb00a71c4e3f03596d8
Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org>
|
||
|
Greg Kroah-Hartman
|
af3b8e683e |
This is the 4.14.22 stable release
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlqSiwYACgkQONu9yGCS
aT5Z0w//dVBMZvvT1H0J9SzFlyhiGf2UfX1WA5LVPXF/wPVnmAnbVu6R4XosII4T
xqqRPGmwkPaShl+xj775Hqhq/+lGBOT3Hnt7YGLN5Izu8z473mC5VGtYEfRzuUGi
al98aR8jE0TFCX/Jf8hI/JI7ll+oArNaLSMsIz1N2Vb2uE9z+9d2Wis0tfhFyASG
E3WqCDPyq4G4tvUqNhWuDJ587e+KCKyyRbX4XXdKHsidx3deoGvuq3aRypX3FLbA
L6Ee6mmDzCvdwjzL/cVX9xFaOwhYUglz6q55bxOPzLYe7PAu+NL8qou0c+wbuqeG
5COu/jYnsnHyCr3jL2AgkLiKeXcv7i9yEMknndcl/QX7uNv3VHaa+iTHXQOHL01+
xg05SjWHZuK+5WOQ3qCBEUE1Xl9s/snrbe4SSjb496MfFa4XAi93HLa8qVYZvKBS
PziRgXHKrwdUyVHaXlukK+XrxKrkX9MAnFcdCoMAqmAk0IiquhWOi1Rg4wNwqwSd
e3kDnhAIeII7RLE04iaCNVrEE4edFco58TNkxb25MYnaLB1fdZnPL6P4JeYYBKbi
hVdzHYQLHW6hcu+/wO9M94WQlcTV2c4qjXTBmpFTQD8MiUi01FxprlEzq8Z7tsEr
ZsUWlhzWGe0OAJI4ifpxRPF2hiMKaFMKKAKEGGDyAzHj8pSizbs=
=d6BQ
-----END PGP SIGNATURE-----
Merge 4.14.22 into android-4.14
Changes in 4.14.22
usb: core: Add a helper function to check the validity of EP type in URB
vhost: use mutex_lock_nested() in vhost_dev_lock_vqs()
kcm: Check if sk_user_data already set in kcm_attach
kcm: Only allow TCP sockets to be attached to a KCM mux
bpf: mark dst unknown on inconsistent {s, u}bounds adjustments
cfg80211: check dev_set_name() return value
mac80211_hwsim: validate number of different channels
esp: Fix GRO when the headers not fully in the linear part of the skb.
xfrm: don't call xfrm_policy_cache_flush while holding spinlock
xfrm: fix rcu usage in xfrm_get_type_offload
xfrm: skip policies marked as dead while rehashing
mm,vmscan: Make unregister_shrinker() no-op if register_shrinker() failed.
KVM/x86: Check input paging mode when cs.l is set
RDMA/netlink: Fix general protection fault
xfrm: Fix stack-out-of-bounds read on socket policy lookup.
xfrm: check id proto in validate_tmpl()
sctp: set frag_point in sctp_setsockopt_maxseg correctly
blktrace: fix unlocked registration of tracepoints
dnotify: Handle errors from fsnotify_add_mark_locked() in fcntl_dirnotify()
drm: Require __GFP_NOFAIL for the legacy drm_modeset_lock_all
ALSA: line6: Add a sanity check for invalid EPs
ALSA: caiaq: Add a sanity check for invalid EPs
ALSA: bcd2000: Add a sanity check for invalid EPs
ptr_ring: fail early if queue occupies more than KMALLOC_MAX_SIZE
ptr_ring: try vmalloc() when kmalloc() fails
selinux: ensure the context is NUL terminated in security_context_to_sid_core()
selinux: skip bounded transition processing if the policy isn't loaded
media: pvrusb2: properly check endpoint types
crypto: x86/twofish-3way - Fix %rbp usage
staging: android: ion: Add __GFP_NOWARN for system contig heap
staging: android: ion: Switch from WARN to pr_warn
blk_rq_map_user_iov: fix error override
KVM: x86: fix escape of guest dr6 to the host
kcov: detect double association with a single task
netfilter: x_tables: fix int overflow in xt_alloc_table_info()
netfilter: x_tables: avoid out-of-bounds reads in xt_request_find_{match|target}
netfilter: ipt_CLUSTERIP: fix out-of-bounds accesses in clusterip_tg_check()
netfilter: on sockopt() acquire sock lock only in the required scope
netfilter: xt_cgroup: initialize info->priv in cgroup_mt_check_v1()
netfilter: xt_RATEEST: acquire xt_rateest_mutex for hash insert
rds: tcp: correctly sequence cleanup on netns deletion.
rds: tcp: atomically purge entries from rds_tcp_conn_list during netns delete
net: avoid skb_warn_bad_offload on IS_ERR
net_sched: gen_estimator: fix lockdep splat
ASoC: ux500: add MODULE_LICENSE tag
video: fbdev/mmp: add MODULE_LICENSE
ARM: 8743/1: bL_switcher: add MODULE_LICENSE tag
arm64: dts: add #cooling-cells to CPU nodes
dn_getsockoptdecnet: move nf_{get/set}sockopt outside sock lock
ANDROID: binder: remove WARN() for redundant txn error
ANDROID: binder: synchronize_rcu() when using POLLFREE.
staging: android: ashmem: Fix a race condition in pin ioctls
binder: check for binder_thread allocation failure in binder_poll()
binder: replace "%p" with "%pK"
staging: fsl-mc: fix build testing on x86
staging: iio: adc: ad7192: fix external frequency setting
staging: iio: ad5933: switch buffer mode to software
usbip: keep usbip_device sockfd state in sync with tcp_socket
usb: build drivers/usb/common/ when USB_SUPPORT is set
serdev: fix receive_buf return value when no callback
ARM: OMAP2+: Fix SRAM virt to phys translation for save_secure_ram_context
ARM: AM33xx: PRM: Remove am33xx_pwrdm_read_prev_pwrst function
ARM: dts: Fix omap4 hang with GPS connected to USB by using wakeupgen
ARM: dts: logicpd-som-lv: Fix gpmc addresses for NAND and enet
ARM: dts: logicpd-somlv: Fix wl127x pinmux
ARM: dts: am4372: Correct the interrupts_properties of McASP
ARM: dts: am437x-cm-t43: Correct the dmas property of spi0
perf record: Fix -c/-F options for cpu event aliases
perf help: Fix a bug during strstart() conversion
perf annotate: Do not truncate instruction names at 6 chars
perf test shell: Fix check open filename arg using 'perf trace' on s390x
perf: Fix header.size for namespace events
perf top: Fix window dimensions change handling
perf bench numa: Fixup discontiguous/sparse numa nodes
perf test: Fix test 21 for s390x
pinctrl: denverton: Fix UART2 RTS pin mode
kvm: arm: don't treat unavailable HYP mode as an error
trace/xdp: fix compile warning: 'struct bpf_map' declared inside parameter list
media: s5k6aa: describe some function parameters
media: ov13858: Select V4L2_FWNODE
net: mvpp2: allocate zeroed tx descriptors
gpio: 74x164: Fix crash during .remove()
gpio: davinci: Assign first bank regs for unbanked case
pinctrl: sunxi: Fix A80 interrupt pin bank
pinctrl: sunxi: Fix A64 UART mux value
IB/hfi1: Initialize bth1 in 16B rc ack builder
meson-gx-socinfo: Fix package id parsing
KVM: arm/arm64: Fix spinlock acquisition in vgic_set_owner
i40iw: Allocate a sdbuf per CQP WQE
i40iw: Do not free sqbuf when event is I40IW_TIMER_TYPE_CLOSE
i40iw: Correct ARP index mask
RDMA/cma: Make sure that PSN is not over max allowed
IB/core: Init subsys if compiled to vmlinuz-core
md/raid5: correct degraded calculation in raid5_error
sctp: only update outstanding_bytes for transmitted queue when doing prsctp_prune
sfp: fix RX_LOS signal handling
phylink: ensure we take the link down when phylink_stop() is called
md/raid1/10: add missed blk plug
iio: proximity: sx9500: Assign interrupt from GpioIo()
iio: fix kernel-doc build errors
scripts/kernel-doc: Don't fail with status != 0 if error encountered with -none
bnxt_en: Need to unconditionally shut down RoCE in bnxt_shutdown
ipvlan: Add the skb->mark as flow4's member to lookup route
m68k: add missing SOFTIRQENTRY_TEXT linker section
powerpc/perf: Fix oops when grouping different pmu events
PM / runtime: Fix handling of suppliers with disabled runtime PM
s390/virtio: add BSD license to virtio-ccw
s390/dasd: prevent prefix I/O error
ARM: dts: Fix elm interrupt compiler warning
nfp: fix port stats for mac representors
gianfar: fix a flooded alignment reports because of padding issue.
net_sched: red: Avoid devision by zero
net_sched: red: Avoid illegal values
VSOCK: fix outdated sk_state value in hvs_release()
KVM: VMX: fix page leak in hardware_setup()
net: qualcomm: rmnet: Fix leak on transmit failure
locking/lockdep: Fix possible NULL deref
btrfs: Fix quota reservation leak on preallocated files
Btrfs: disable FUA if mounted with nobarrier
btrfs: Fix possible off-by-one in btrfs_search_path_in_tree
brcmfmac: Avoid build error with make W=1
virtio_net: fix return value check in receive_mergeable()
net: ethernet: arc: fix error handling in emac_rockchip_probe
net: dsa: mv88e6xxx: Fix interrupt masking on removal
net: dsa: mv88e6xxx: Unregister MDIO bus on error path
509: fix printing uninitialized stack memory when OID is empty
gianfar: Disable EEE autoneg by default
scsi: lpfc: Use after free in lpfc_rq_buf_free()
scsi: bfa: fix access to bfad_im_port_s
scsi: bfa: fix type conversion warning
dmaengine: ioat: Fix error handling path
dmaengine: at_hdmac: fix potential NULL pointer dereference in atc_prep_dma_interleaved
xfrm: Fix xfrm_input() to verify state is valid when (encap_type < 0)
netfilter: xt_bpf: add overflow checks
clk: fix a panic error caused by accessing NULL pointer
staging: ccree: Uninitialized return in ssi_ahash_import()
ASoC: rockchip: disable clock on error
spi: sun4i: disable clocks in the remove function
IB/mlx4: Fix RSS hash fields restrictions
xfrm: Fix stack-out-of-bounds with misconfigured transport mode policies.
drm/armada: fix leak of crtc structure
ASoC: rsnd: ssi: fix race condition in rsnd_ssi_pointer_update
drm/vc4: Release fence after signalling
dmaengine: jz4740: disable/unprepare clk if probe fails
usb: dwc3: gadget: Wait longer for controller to end command processing
usb: dwc3: of-simple: fix missing clk_disable_unprepare
mm/early_ioremap: Fix boot hang with earlyprintk=efi,keep
x86/mm/kmmio: Fix mmiotrace for page unaligned addresses
platform/x86: dell-laptop: Fix keyboard max lighting for Dell Latitude E6410
xen: XEN_ACPI_PROCESSOR is Dom0-only
PCI: rcar: Fix use-after-free in probe error path
powerpc/perf/imc: Fix nest-imc cpuhotplug callback failure
hippi: Fix a Fix a possible sleep-in-atomic bug in rr_close
crypto: talitos - fix Kernel Oops on hashing an empty file
drm/i915: fix intel_backlight_device_register declaration
crypto: s5p-sss - Fix kernel Oops in AES-ECB mode
mei: me: add cannon point device ids
mei: me: add cannon point device ids for 4th device
vmalloc: fix __GFP_HIGHMEM usage for vmalloc_32 on 32b systems
Linux 4.14.22
Signed-off-by: Greg Kroah-Hartman <gregkh@google.com>
|
||
Paul Moore
|
ca181454e7 |
selinux: skip bounded transition processing if the policy isn't loaded
commit 4b14752ec4e0d87126e636384cf37c8dd9df157c upstream. We can't do anything reasonable in security_bounded_transition() if we don't have a policy loaded, and in fact we could run into problems with some of the code inside expecting a policy. Fix these problems like we do many others in security/selinux/ss/services.c by checking to see if the policy is loaded (ss_initialized) and returning quickly if it isn't. Reported-by: syzbot <syzkaller-bugs@googlegroups.com> Signed-off-by: Paul Moore <paul@paul-moore.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Reviewed-by: James Morris <james.l.morris@oracle.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Paul Moore
|
116df867db |
selinux: ensure the context is NUL terminated in security_context_to_sid_core()
commit ef28df55ac27e1e5cd122e19fa311d886d47a756 upstream. The syzbot/syzkaller automated tests found a problem in security_context_to_sid_core() during early boot (before we load the SELinux policy) where we could potentially feed context strings without NUL terminators into the strcmp() function. We already guard against this during normal operation (after the SELinux policy has been loaded) by making a copy of the context strings and explicitly adding a NUL terminator to the end. The patch extends this protection to the early boot case (no loaded policy) by moving the context copy earlier in security_context_to_sid_core(). Reported-by: syzbot <syzkaller@googlegroups.com> Signed-off-by: Paul Moore <paul@paul-moore.com> Reviewed-By: William Roberts <william.c.roberts@intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Isaac J. Manjarres
|
3d13954930 |
Merge remote-tracking branch 'remotes/origin/tmp-faeb94c' into msm-4.14
* remotes/origin/tmp-faeb94c: Linux 4.14.17 x86/efi: Clarify that reset attack mitigation needs appropriate userspace Input: synaptics-rmi4 - do not delete interrupt memory too early Input: synaptics-rmi4 - unmask F03 interrupts when port is opened test_firmware: fix missing unlock on error in config_num_requests_store() iio: chemical: ccs811: Fix output of IIO_CONCENTRATION channels iio: adc: stm32: fix scan of multiple channels with DMA spi: imx: do not access registers while clocks disabled serial: imx: Only wakeup via RTSDEN bit if the system has RTS/CTS serial: 8250_uniphier: fix error return code in uniphier_uart_probe() serial: 8250_of: fix return code when probe function fails to get reset mei: me: allow runtime pm for platform with D0i3 android: binder: use VM_ALLOC to get vm area ANDROID: binder: remove waitqueue when thread exits. usb/gadget: Fix "high bandwidth" check in usb_gadget_ep_match_desc() usb: uas: unconditionally bring back host after reset usb: f_fs: Prevent gadget unbind if it is already unbound USB: serial: simple: add Motorola Tetra driver usbip: list: don't list devices attached to vhci_hcd usbip: prevent bind loops on devices attached to vhci_hcd USB: serial: io_edgeport: fix possible sleep-in-atomic CDC-ACM: apply quirk for card reader USB: cdc-acm: Do not log urb submission errors on disconnect USB: serial: pl2303: new device id for Chilitag usb: option: Add support for FS040U modem tty: fix data race between tty_init_dev and flush of buf staging: ccree: fix fips event irq handling build staging: ccree: NULLify backup_info when unused staging: lustre: separate a connection destroy from free struct kib_conn KVM: x86: emulate #UD while in guest mode drm/vc4: Move IRQ enable to PM path staging: rtl8188eu: Fix incorrect response to SIOCGIWESSID usb: gadget: don't dereference g until after it has been null checked x86/xen: Support early interrupts in xen pv guests media: usbtv: add a new usbid ARM: dts: NSP: Fix PPI interrupt types ARM: dts: NSP: Disable AHCI controller for HR NSP boards iwlwifi: fix access to prph when transport is stopped iwlwifi: mvm: fix the TX queue hang timeout for MONITOR vif type scsi: ufs: ufshcd: fix potential NULL pointer dereference in ufshcd_config_vreg scsi: aacraid: Prevent crash in case of free interrupt during scsi EH path perf/core: Fix memory leak triggered by perf --namespace xfs: Properly retry failed dquot items in case of error during buffer writeback xfs: ubsan fixes drm/omap: displays: panel-dpi: add backlight dependency drm/omap: Fix error handling path in 'omap_dmm_probe()' drm/bridge: tc358767: fix 1-lane behavior drm/bridge: tc358767: fix AUXDATAn registers access drm/bridge: tc358767: fix timing calculations drm/bridge: tc358767: fix DP0_MISC register set drm/bridge: tc358767: filter out too high modes drm/bridge: tc358767: do no fail on hi-res displays drm/bridge: Fix lvds-encoder since the panel_bridge rework. kmemleak: add scheduling point to kmemleak_scan() scripts/faddr2line: extend usage on generic arch SUNRPC: Allow connect to return EHOSTUNREACH quota: Check for register_shrinker() failure. net: ethernet: xilinx: Mark XILINX_LL_TEMAC broken on 64-bit drm/amdgpu: don't try to move pinned BOs xfs: fortify xfs_alloc_buftarg error handling nvme-pci: fix NULL pointer dereference in nvme_free_host_mem() Btrfs: incremental send, fix wrong unlink path after renaming file bnxt_en: Fix an error handling path in 'bnxt_get_module_eeprom()' net: phy: marvell10g: fix the PHY id mask net: mvpp2: fix the txq_init error path quota: propagate error from __dquot_initialize hwmon: (pmbus) Use 64bit math for DIRECT format values lockd: fix "list_add double add" caused by legacy signal interface race of lockd inetaddr notifiers vs nlmsvc_rqst change nfsd: check for use of the closed special stateid grace: replace BUG_ON by WARN_ONCE in exit_net hook nfsd: Ensure we check stateid validity in the seqid operation checks nfsd: CLOSE SHOULD return the invalid special stateid for NFSv4.x (x>0) auxdisplay: img-ascii-lcd: Only build on archs that have IOMEM xen-netfront: remove warning when unloading module i2c: i2c-boardinfo: fix memory leaks on devinfo xfs: log recovery should replay deferred ops in order xfs: always free inline data before resetting inode fork during ifree KVM: Let KVM_SET_SIGNAL_MASK work as advertised Btrfs: fix list_add corruption and soft lockups in fsync KVM: VMX: Fix rflags cache during vCPU reset KVM: X86: Fix softlockup when get the current kvmclock reiserfs: remove unneeded i_version bump sctp: set sender next_tsn for the old result with ctsn_ack_point plus 1 sctp: avoid flushing unsent queue when doing asoc reset sctp: only allow the asoc reset when the asoc outq is empty btrfs: fix deadlock when writing out space cache mac80211: fix the update of path metric for RANN frame mac80211: use QoS NDP for AP probing drm/rockchip: dw-mipi-dsi: fix possible un-balanced runtime PM enable openvswitch: fix the incorrect flow action alloc size nvme-rdma: don't complete requests before a send work request has completed uapi: fix linux/kfd_ioctl.h userspace compilation errors drm/amdkfd: Fix SDMA oversubsription handling drm/amdkfd: Fix SDMA ring buffer size calculation drm/amdgpu: Fix SDMA load/unload sequence on HWS disabled mode bcache: check return value of register_shrinker rxrpc: Fix service endpoint expiry rxrpc: Provide a different lockdep key for call->user_mutex for kernel calls rxrpc: The mutex lock returned by rxrpc_accept_call() needs releasing s390: fix alloc_pgste check in init_new_context again null_blk: fix dev->badblocks leak cpufreq: Add Loongson machine dependencies ACPI / bus: Leave modalias empty for devices which are not present s390/zcrypt: Fix wrong comparison leading to strange load balancing s390/topology: fix compile error in file arch/s390/kernel/smp.c nvmet-fc: correct ref counting error when deferred rcv used nvme-pci: avoid hmb desc array idx out-of-bound when hmmaxd set. nvme-pci: disable APST on Samsung SSD 960 EVO + ASUS PRIME B350M-A nvme-loop: check if queue is ready in queue_rq nvme-fc: check if queue is ready in queue_rq nvme-fabrics: introduce init command check for a queue that is not alive KVM: nVMX: Fix vmx_check_nested_events() return value in case an event was reinjected to L2 KVM: x86: ioapic: Preserve read-only values in the redirection table KVM: x86: ioapic: Clear Remote IRR when entry is switched to edge-triggered KVM: x86: ioapic: Fix level-triggered EOI and IOAPIC reconfigure race KVM: x86: fix em_fxstor() sleeping while in atomic KVM: nVMX: Fix mmu context after VMLAUNCH/VMRESUME failure KVM: X86: Fix operand/address-size during instruction decoding KVM: x86: Don't re-execute instruction when not passing CR2 value KVM: x86: emulator: Return to user-mode on L1 CPL=0 emulation failure KVM: nVMX/nSVM: Don't intercept #UD when running L2 cpupower : Fix cpupower working when cpu0 is offline cpupowerutils: bench - Fix cpu online check Btrfs: bail out gracefully rather than BUG_ON btrfs: Fix transaction abort during failure in btrfs_rm_dev_item drm/vc4: Account for interrupts in flight VFS: Handle lazytime in do_mount() scsi: aacraid: Fix hang in kdump scsi: aacraid: Fix udev inquiry race condition ima/policy: fix parsing of fsuuid igb: Free IRQs when device is hotplugged mtd: nand: denali_pci: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE gpio: ath79: add missing MODULE_DESCRIPTION/LICENSE gpio: iop: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE power: reset: zx-reboot: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE HID: wacom: Fix reporting of touch toggle (WACOM_HID_WD_MUTE_DEVICE) events HID: wacom: EKR: ensure devres groups at higher indexes are released crypto: af_alg - whitelist mask and type crypto: sha3-generic - fixes for alignment and big endian operation crypto: inside-secure - avoid unmapping DMA memory that was not mapped crypto: inside-secure - fix hash when length is a multiple of a block crypto: aesni - Fix out-of-bounds access of the AAD buffer in generic-gcm-aesni crypto: aesni - Fix out-of-bounds access of the data buffer in generic-gcm-aesni crypto: aesni - add wrapper for generic gcm(aes) crypto: aesni - Use GCM IV size constant crypto: gcm - add GCM IV size constant crypto: aesni - fix typo in generic_gcmaes_decrypt crypto: aesni - handle zero length dst buffer crypto: ecdh - fix typo in KPP dependency of CRYPTO_ECDH ALSA: hda - Reduce the suspend time consumption for ALC256 gpio: Fix kernel stack leak to userspace gpio: stmpe: i2c transfer are forbiden in atomic context tools/gpio: Fix build error with musl libc KVM: x86: Fix CPUID function for word 6 (80000001_ECX) loop: fix concurrent lo_open/lo_release futex: Fix OWNER_DEAD fixup ANDROID: sdcardfs: Protect set_top ANDROID: fsnotify: Notify lower fs of open Revert "ANDROID: sdcardfs: notify lower file of opens" ANDROID: sdcardfs: Use lower getattr times/size ANDROID: Remove duplicate security fix Change-Id: Icd6d668734e40a73e87cce6c5d467f74cff3e5ae Signed-off-by: Isaac J. Manjarres <isaacm@codeaurora.org> |
||
|
Greg Kroah-Hartman
|
faeb94c01f |
This is the 4.14.17 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlp15cgACgkQONu9yGCS aT7HLRAAvNpaT9FzyWLq2w88ZY/I0jBAQeREPbdPVma/FWUPwgTwazkvPto7x3ys 11jmujbg5XDhZjlwAyJ1sGUVQrMoP2/2o069MCUz237z0ruDLpEWrbGWDoK3TjNz 84w0nuDydBpgUg5YZl9qAdaoBCsngQHa6RtN0ISHIYlSOW5F2X+LClH037bGihzx gPSL3vqjKbjMLJ+FRr4M4IFrSbhIcZAbWgU+K2g/yZ1ox+jN21dGlf2zuqCnKxNM ifqpzFu1xTJtm24Jd0S6+hQXJs4CEBsTR+4KFxIREUQFLIMEK/8DGJGNHLEKlNRv Ug6FTliLU/GPJm5ZY3a13zjvvW4+Nz5CDH8u1V0WUjgwdblUR6QOttw/fBwjJkEQ rmK+e4vOyyG0rvii3SbiMW2Keo8c2A+Q4wMJT4JbO/NdH73q+VfxgQWKfwdrlovw 1Eq15zo1MPapKAc3ELxloKyDSJQ+pFM6jtBZBAkTkGnXvBvyVZ7quqMBByxnOhS/ cQULbgVlUcOF2zZDKClyo9R/kwS6iMfHPp6IuLaBmkgL81PG8hnuxZehBj3ElC2l uQblPTrOkqiowyvZJZ4VaiSkTczuijqtgXNAqKGXkvqdhb4fQIwQSV77JoC/7BAd SbBSMJ2T86+U7rhP8y1EDCU9GPQia3yW4FQGXEDA8Jq9Tak0PMg= =83+R -----END PGP SIGNATURE----- Merge 4.14.17 into android-4.14 Changes in 4.14.17 futex: Fix OWNER_DEAD fixup loop: fix concurrent lo_open/lo_release KVM: x86: Fix CPUID function for word 6 (80000001_ECX) tools/gpio: Fix build error with musl libc gpio: stmpe: i2c transfer are forbiden in atomic context gpio: Fix kernel stack leak to userspace ALSA: hda - Reduce the suspend time consumption for ALC256 crypto: ecdh - fix typo in KPP dependency of CRYPTO_ECDH crypto: aesni - handle zero length dst buffer crypto: aesni - fix typo in generic_gcmaes_decrypt crypto: gcm - add GCM IV size constant crypto: aesni - Use GCM IV size constant crypto: aesni - add wrapper for generic gcm(aes) crypto: aesni - Fix out-of-bounds access of the data buffer in generic-gcm-aesni crypto: aesni - Fix out-of-bounds access of the AAD buffer in generic-gcm-aesni crypto: inside-secure - fix hash when length is a multiple of a block crypto: inside-secure - avoid unmapping DMA memory that was not mapped crypto: sha3-generic - fixes for alignment and big endian operation crypto: af_alg - whitelist mask and type HID: wacom: EKR: ensure devres groups at higher indexes are released HID: wacom: Fix reporting of touch toggle (WACOM_HID_WD_MUTE_DEVICE) events power: reset: zx-reboot: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE gpio: iop: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE gpio: ath79: add missing MODULE_DESCRIPTION/LICENSE mtd: nand: denali_pci: add missing MODULE_DESCRIPTION/AUTHOR/LICENSE igb: Free IRQs when device is hotplugged ima/policy: fix parsing of fsuuid scsi: aacraid: Fix udev inquiry race condition scsi: aacraid: Fix hang in kdump VFS: Handle lazytime in do_mount() drm/vc4: Account for interrupts in flight btrfs: Fix transaction abort during failure in btrfs_rm_dev_item Btrfs: bail out gracefully rather than BUG_ON cpupowerutils: bench - Fix cpu online check cpupower : Fix cpupower working when cpu0 is offline KVM: nVMX/nSVM: Don't intercept #UD when running L2 KVM: x86: emulator: Return to user-mode on L1 CPL=0 emulation failure KVM: x86: Don't re-execute instruction when not passing CR2 value KVM: X86: Fix operand/address-size during instruction decoding KVM: nVMX: Fix mmu context after VMLAUNCH/VMRESUME failure KVM: x86: fix em_fxstor() sleeping while in atomic KVM: x86: ioapic: Fix level-triggered EOI and IOAPIC reconfigure race KVM: x86: ioapic: Clear Remote IRR when entry is switched to edge-triggered KVM: x86: ioapic: Preserve read-only values in the redirection table KVM: nVMX: Fix vmx_check_nested_events() return value in case an event was reinjected to L2 nvme-fabrics: introduce init command check for a queue that is not alive nvme-fc: check if queue is ready in queue_rq nvme-loop: check if queue is ready in queue_rq nvme-pci: disable APST on Samsung SSD 960 EVO + ASUS PRIME B350M-A nvme-pci: avoid hmb desc array idx out-of-bound when hmmaxd set. nvmet-fc: correct ref counting error when deferred rcv used s390/topology: fix compile error in file arch/s390/kernel/smp.c s390/zcrypt: Fix wrong comparison leading to strange load balancing ACPI / bus: Leave modalias empty for devices which are not present cpufreq: Add Loongson machine dependencies null_blk: fix dev->badblocks leak s390: fix alloc_pgste check in init_new_context again rxrpc: The mutex lock returned by rxrpc_accept_call() needs releasing rxrpc: Provide a different lockdep key for call->user_mutex for kernel calls rxrpc: Fix service endpoint expiry bcache: check return value of register_shrinker drm/amdgpu: Fix SDMA load/unload sequence on HWS disabled mode drm/amdkfd: Fix SDMA ring buffer size calculation drm/amdkfd: Fix SDMA oversubsription handling uapi: fix linux/kfd_ioctl.h userspace compilation errors nvme-rdma: don't complete requests before a send work request has completed openvswitch: fix the incorrect flow action alloc size drm/rockchip: dw-mipi-dsi: fix possible un-balanced runtime PM enable mac80211: use QoS NDP for AP probing mac80211: fix the update of path metric for RANN frame btrfs: fix deadlock when writing out space cache sctp: only allow the asoc reset when the asoc outq is empty sctp: avoid flushing unsent queue when doing asoc reset sctp: set sender next_tsn for the old result with ctsn_ack_point plus 1 reiserfs: remove unneeded i_version bump KVM: X86: Fix softlockup when get the current kvmclock KVM: VMX: Fix rflags cache during vCPU reset Btrfs: fix list_add corruption and soft lockups in fsync KVM: Let KVM_SET_SIGNAL_MASK work as advertised xfs: always free inline data before resetting inode fork during ifree xfs: log recovery should replay deferred ops in order i2c: i2c-boardinfo: fix memory leaks on devinfo xen-netfront: remove warning when unloading module auxdisplay: img-ascii-lcd: Only build on archs that have IOMEM nfsd: CLOSE SHOULD return the invalid special stateid for NFSv4.x (x>0) nfsd: Ensure we check stateid validity in the seqid operation checks grace: replace BUG_ON by WARN_ONCE in exit_net hook nfsd: check for use of the closed special stateid race of lockd inetaddr notifiers vs nlmsvc_rqst change lockd: fix "list_add double add" caused by legacy signal interface hwmon: (pmbus) Use 64bit math for DIRECT format values quota: propagate error from __dquot_initialize net: mvpp2: fix the txq_init error path net: phy: marvell10g: fix the PHY id mask bnxt_en: Fix an error handling path in 'bnxt_get_module_eeprom()' Btrfs: incremental send, fix wrong unlink path after renaming file nvme-pci: fix NULL pointer dereference in nvme_free_host_mem() xfs: fortify xfs_alloc_buftarg error handling drm/amdgpu: don't try to move pinned BOs net: ethernet: xilinx: Mark XILINX_LL_TEMAC broken on 64-bit quota: Check for register_shrinker() failure. SUNRPC: Allow connect to return EHOSTUNREACH scripts/faddr2line: extend usage on generic arch kmemleak: add scheduling point to kmemleak_scan() drm/bridge: Fix lvds-encoder since the panel_bridge rework. drm/bridge: tc358767: do no fail on hi-res displays drm/bridge: tc358767: filter out too high modes drm/bridge: tc358767: fix DP0_MISC register set drm/bridge: tc358767: fix timing calculations drm/bridge: tc358767: fix AUXDATAn registers access drm/bridge: tc358767: fix 1-lane behavior drm/omap: Fix error handling path in 'omap_dmm_probe()' drm/omap: displays: panel-dpi: add backlight dependency xfs: ubsan fixes xfs: Properly retry failed dquot items in case of error during buffer writeback perf/core: Fix memory leak triggered by perf --namespace scsi: aacraid: Prevent crash in case of free interrupt during scsi EH path scsi: ufs: ufshcd: fix potential NULL pointer dereference in ufshcd_config_vreg iwlwifi: mvm: fix the TX queue hang timeout for MONITOR vif type iwlwifi: fix access to prph when transport is stopped ARM: dts: NSP: Disable AHCI controller for HR NSP boards ARM: dts: NSP: Fix PPI interrupt types media: usbtv: add a new usbid x86/xen: Support early interrupts in xen pv guests usb: gadget: don't dereference g until after it has been null checked staging: rtl8188eu: Fix incorrect response to SIOCGIWESSID drm/vc4: Move IRQ enable to PM path KVM: x86: emulate #UD while in guest mode staging: lustre: separate a connection destroy from free struct kib_conn staging: ccree: NULLify backup_info when unused staging: ccree: fix fips event irq handling build tty: fix data race between tty_init_dev and flush of buf usb: option: Add support for FS040U modem USB: serial: pl2303: new device id for Chilitag USB: cdc-acm: Do not log urb submission errors on disconnect CDC-ACM: apply quirk for card reader USB: serial: io_edgeport: fix possible sleep-in-atomic usbip: prevent bind loops on devices attached to vhci_hcd usbip: list: don't list devices attached to vhci_hcd USB: serial: simple: add Motorola Tetra driver usb: f_fs: Prevent gadget unbind if it is already unbound usb: uas: unconditionally bring back host after reset usb/gadget: Fix "high bandwidth" check in usb_gadget_ep_match_desc() ANDROID: binder: remove waitqueue when thread exits. android: binder: use VM_ALLOC to get vm area mei: me: allow runtime pm for platform with D0i3 serial: 8250_of: fix return code when probe function fails to get reset serial: 8250_uniphier: fix error return code in uniphier_uart_probe() serial: imx: Only wakeup via RTSDEN bit if the system has RTS/CTS spi: imx: do not access registers while clocks disabled iio: adc: stm32: fix scan of multiple channels with DMA iio: chemical: ccs811: Fix output of IIO_CONCENTRATION channels test_firmware: fix missing unlock on error in config_num_requests_store() Input: synaptics-rmi4 - unmask F03 interrupts when port is opened Input: synaptics-rmi4 - do not delete interrupt memory too early x86/efi: Clarify that reset attack mitigation needs appropriate userspace Linux 4.14.17 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
Mike Rapoport
|
516868c59d |
ima/policy: fix parsing of fsuuid
commit 36447456e1cca853188505f2a964dbbeacfc7a7a upstream.
The switch to uuid_t invereted the logic of verfication that &entry->fsuuid
is zero during parsing of "fsuuid=" rule. Instead of making sure the
&entry->fsuuid field is not attempted to be overwritten, we bail out for
perfectly correct rule.
Fixes: 787d8c530af7 ("ima/policy: switch to use uuid_t")
Signed-off-by: Mike Rapoport <rppt@linux.vnet.ibm.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Daniel Rosenberg
|
5bc34f8a38 |
ANDROID: export security_path_chown
Signed-off-by: Daniel Rosenberg <drosen@google.com> BUG: 35142419 Change-Id: I05a9430a3c1bc624e019055175ad377290b4e774 |
||
|
Daniel Rosenberg
|
571be17396 |
ANDROID: vfs: Add permission2 for filesystems with per mount permissions
This allows filesystems to use their mount private data to influence the permssions they return in permission2. It has been separated into a new call to avoid disrupting current permission users. Change-Id: I9d416e3b8b6eca84ef3e336bd2af89ddd51df6ca Signed-off-by: Daniel Rosenberg <drosen@google.com> |
||
|
Blagovest Kolenichev
|
ce969c4e6a |
Merge android-4.14.14 (9b68347) into msm-4.14
* refs/heads/tmp-9b68347 Linux 4.14.14 x86/retpoline: Remove compile time warning x86,perf: Disable intel_bts when PTI security/Kconfig: Correct the Documentation reference for PTI x86/pti: Fix !PCID and sanitize defines selftests/x86: Add test_vsyscall x86/retpoline: Fill return stack buffer on vmexit x86/retpoline/irq32: Convert assembler indirect jumps x86/retpoline/checksum32: Convert assembler indirect jumps x86/retpoline/xen: Convert Xen hypercall indirect jumps x86/retpoline/hyperv: Convert assembler indirect jumps x86/retpoline/ftrace: Convert ftrace assembler indirect jumps x86/retpoline/entry: Convert entry assembler indirect jumps x86/retpoline/crypto: Convert crypto assembler indirect jumps x86/spectre: Add boot time option to select Spectre v2 mitigation x86/retpoline: Add initial retpoline support objtool: Allow alternatives to be ignored objtool: Detect jumps to retpoline thunks x86/pti: Make unpoison of pgd for trusted boot work for real x86/alternatives: Fix optimize_nops() checking sysfs/cpu: Fix typos in vulnerability documentation x86/cpu/AMD: Use LFENCE_RDTSC in preference to MFENCE_RDTSC x86/cpu/AMD: Make LFENCE a serializing instruction x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*() x86/tboot: Unbreak tboot with PTI enabled x86/cpu: Implement CPU vulnerabilites sysfs functions sysfs/cpu: Add vulnerability folder x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] x86/Documentation: Add PTI description x86/pti: Unbreak EFI old_memmap e1000e: Fix e1000_check_for_copper_link_ich8lan return value. apparmor: fix ptrace label match when matching stacked labels kdump: write correct address of mem_section into vmcoreinfo mux: core: fix double get_device() uas: ignore UAS for Norelsys NS1068(X) chips Bluetooth: Prevent stack info leak from the EFS element. staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null xfer buffer usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious input usbip: remove kernel addresses from usb device and urb debug msgs USB: UDC core: fix double-free in usb_add_gadget_udc_release USB: fix usbmon BUG trigger usb: misc: usb3503: make sure reset is low for at least 100us USB: serial: cp210x: add new device ID ELV ALC 8xxx USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ bpf: arsh is not supported in 32 bit alu thus reject it bpf, array: fix overflow in max_entries and undefined behavior in index_mask bpf: prevent out-of-bounds speculation drm/i915: Fix init_clock_gating for resume drm/i915: Move init_clock_gating() back to where it was drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake. drm/i915/gvt: Clear the shadow page table entry after post-sync drm/vmwgfx: Potential off by one in vmw_view_add() drm/vmwgfx: Don't cache framebuffer maps KVM: PPC: Book3S HV: Always flush TLB in kvmppc_alloc_reset_hpt() KVM: PPC: Book3S HV: Fix use after free in case of multiple resize requests KVM: PPC: Book3S HV: Drop prepare_done from struct kvm_resize_hpt KVM: PPC: Book3S PR: Fix WIMG handling under pHyp KVM: x86: Add memory barrier on vmcs field lookup x86/microcode/intel: Extend BDW late-loading with a revision check iwlwifi: pcie: fix DMA memory mapping / unmapping rbd: set max_segments to USHRT_MAX rbd: reacquire lock should update lock owner client id mmc: renesas_sdhi: Add MODULE_LICENSE crypto: algapi - fix NULL dereference in crypto_remove_spawns() membarrier: Disable preemption when calling smp_call_function_many() sfp: fix sfp-bus oops when removing socket/upstream mlxsw: spectrum: Relax sanity checks during enslavement ipv6: sr: fix TLVs not being copied using setsockopt net/sched: Fix update of lastuse in act modules implementing stats_update mlxsw: spectrum_router: Fix NULL pointer deref ethtool: do not print warning for applications using legacy API ipv6: fix possible mem leaks in ipv6_make_skb() sh_eth: fix SH7757 GEther initialization net: stmmac: enable EEE in MII, GMII or RGMII only sh_eth: fix TSU resource handling sctp: fix the handling of ICMP Frag Needed for too small MTUs sctp: do not retransmit upon FragNeeded if PMTU discovery is disabled net: fec: free/restore resource in related probe error pathes net: fec: defer probe if regulator is not ready net: fec: restore dev_id in the cases of probe error RDS: null pointer dereference in rds_atomic_free_op RDS: Heap OOB write in rds_message_alloc_sgs() phylink: ensure we report link down when LOS asserted net: core: fix module type in sock_diag_bind ip6_tunnel: disable dst caching if tunnel is dual-stack 8021q: fix a memory leak for VLAN 0 device x86/acpi: Reduce code duplication in mp_override_legacy_irq() ALSA: aloop: Fix racy hw constraints adjustment ALSA: aloop: Fix inconsistent format due to incomplete rule ALSA: aloop: Release cable upon open error path ALSA: pcm: Allow aborting mutex lock at OSS read/write loops ALSA: pcm: Abort properly at pending signal in OSS read/write loops ALSA: pcm: Add missing error checks in OSS emulation plugin builder ALSA: pcm: Workaround for weird PulseAudio behavior on rewind error ALSA: pcm: Remove incorrect snd_BUG_ON() usages x86/acpi: Handle SCI interrupts above legacy space gracefully iw_cxgb4: when flushing, complete all wrs in a chain iw_cxgb4: reflect the original WR opcode in drain cqes iw_cxgb4: only clear the ARMED bit if a notification is needed iw_cxgb4: atomically flush the qp iw_cxgb4: only call the cq comp_handler when the cq is armed platform/x86: wmi: Call acpi_wmi_init() later kvm: vmx: Scrub hardware GPRs at VM-exit cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset accesses MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA MIPS: Consistently handle buffer counter with PTRACE_SETREGSET MIPS: Guard against any partial write attempt with PTRACE_SETREGSET MIPS: Factor out NT_PRFPREG regset access helpers MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the ABI of the task IB/srpt: Fix ACL lookup during login IB/srpt: Disable RDMA access by the initiator can: gs_usb: fix return value of the "set_bittiming" callback can: vxcan: improve handling of missing peer name attribute KVM: Fix stack-out-of-bounds read in write_mmio dm bufio: fix shrinker scans when (nr_to_scan < retain_target) Revert "ANDROID: fs: ext4: Add support for FIDTRIM, a best-effort ioctl for deep discard trim" fscrypt: updates on 4.15-rc4 ANDROID: uid_sys_stats: fix the comment ANDROID: Squashfs: lz4_wrapper: Remove unused variable ANDROID: Squashfs: optimize reading uncompressed data ANDROID: Squashfs: implement .readpages() ANDROID: Squashfs: replace buffer_head with BIO ANDROID: Squashfs: refactor page_actor ANDROID: Squashfs: remove the FILE_CACHE option Revert "ANDROID: Squashfs: refactor page_actor" Revert "ANDROID: Squashfs: replace buffer_head with BIO" Revert "ANDROID: Squashfs: implement .readpages()" Revert "ANDROID: Squashfs: optimize reading uncompressed data" Change-Id: Ie71e308f60efe7338e483b2851fd4459a99ce6f6 Signed-off-by: Blagovest Kolenichev <bkolenichev@codeaurora.org> Signed-off-by: Runmin Wang <runminw@codeaurora.org> |
||
|
Greg Kroah-Hartman
|
9b68347c35 |
This is the 4.14.14 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlpfDSoACgkQONu9yGCS aT563hAAhqP/PoKahVzW1NiRRuLHLtLJTQZt5urQUTppfUOOHDXPt5CqyrtnJQEX LZjGnMTNonsMM4XLI7WhqF+UfPImjwghYBn9pG+0dAoa/C5unPD8qp8NHkH7BFhU w+5VJtteKYJ6OKpPD5p5pd4oYzMki3j+t20/yf8QXFzrYtG/gtEOCTrpJmBE0E6g 0m+fSvoq0wR6HTgqPE9We2fHU4yCYCzAZLhfqZlTeIf4wlFXZOheD/9GnwgeAlqx M8ak06gA0Z33xg55ZYk/eYg+rW2gzc1zdS7mSxSwKXJLSftfz5AGruy6m3xurRdJ KBzQ7oSNbzvBlR+hFmaM9RD0YIAl5+N+g1/5P5ugdWl5JHYoFBXinq8irkZfD72b 6iqtJ1BJ53iQbw5xi1wLSaK1WcRulFx/EY4euC2GjezxsMLvuAwMOCqwownl5xaz k2NkGu9qQh/ELZWW6kIw1EvVCk9cjt+8fd+ELUQyahXOD3fpzeeNVRPj70aM0AHS kqkvi6MiHxV+Y+CV/horE3NZbgu7r6FrIG1OOi/w7LnQb0Yk0fLMHoD8cUBbjUY2 xu7JtYPoCreh1Hgo427CkvC8W6oCKREtoMbFCwPtSVQcXtfrN5Risge/OqE0X9GD jFIvW6p6HWhzEpA7afpXk45q58tBnNujvmACGTl93QrTz7in71I= =k2ZH -----END PGP SIGNATURE----- Merge 4.14.14 into android-4.14 Changes in 4.14.14 dm bufio: fix shrinker scans when (nr_to_scan < retain_target) KVM: Fix stack-out-of-bounds read in write_mmio can: vxcan: improve handling of missing peer name attribute can: gs_usb: fix return value of the "set_bittiming" callback IB/srpt: Disable RDMA access by the initiator IB/srpt: Fix ACL lookup during login MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the ABI of the task MIPS: Factor out NT_PRFPREG regset access helpers MIPS: Guard against any partial write attempt with PTRACE_SETREGSET MIPS: Consistently handle buffer counter with PTRACE_SETREGSET MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset accesses cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC kvm: vmx: Scrub hardware GPRs at VM-exit platform/x86: wmi: Call acpi_wmi_init() later iw_cxgb4: only call the cq comp_handler when the cq is armed iw_cxgb4: atomically flush the qp iw_cxgb4: only clear the ARMED bit if a notification is needed iw_cxgb4: reflect the original WR opcode in drain cqes iw_cxgb4: when flushing, complete all wrs in a chain x86/acpi: Handle SCI interrupts above legacy space gracefully ALSA: pcm: Remove incorrect snd_BUG_ON() usages ALSA: pcm: Workaround for weird PulseAudio behavior on rewind error ALSA: pcm: Add missing error checks in OSS emulation plugin builder ALSA: pcm: Abort properly at pending signal in OSS read/write loops ALSA: pcm: Allow aborting mutex lock at OSS read/write loops ALSA: aloop: Release cable upon open error path ALSA: aloop: Fix inconsistent format due to incomplete rule ALSA: aloop: Fix racy hw constraints adjustment x86/acpi: Reduce code duplication in mp_override_legacy_irq() 8021q: fix a memory leak for VLAN 0 device ip6_tunnel: disable dst caching if tunnel is dual-stack net: core: fix module type in sock_diag_bind phylink: ensure we report link down when LOS asserted RDS: Heap OOB write in rds_message_alloc_sgs() RDS: null pointer dereference in rds_atomic_free_op net: fec: restore dev_id in the cases of probe error net: fec: defer probe if regulator is not ready net: fec: free/restore resource in related probe error pathes sctp: do not retransmit upon FragNeeded if PMTU discovery is disabled sctp: fix the handling of ICMP Frag Needed for too small MTUs sh_eth: fix TSU resource handling net: stmmac: enable EEE in MII, GMII or RGMII only sh_eth: fix SH7757 GEther initialization ipv6: fix possible mem leaks in ipv6_make_skb() ethtool: do not print warning for applications using legacy API mlxsw: spectrum_router: Fix NULL pointer deref net/sched: Fix update of lastuse in act modules implementing stats_update ipv6: sr: fix TLVs not being copied using setsockopt mlxsw: spectrum: Relax sanity checks during enslavement sfp: fix sfp-bus oops when removing socket/upstream membarrier: Disable preemption when calling smp_call_function_many() crypto: algapi - fix NULL dereference in crypto_remove_spawns() mmc: renesas_sdhi: Add MODULE_LICENSE rbd: reacquire lock should update lock owner client id rbd: set max_segments to USHRT_MAX iwlwifi: pcie: fix DMA memory mapping / unmapping x86/microcode/intel: Extend BDW late-loading with a revision check KVM: x86: Add memory barrier on vmcs field lookup KVM: PPC: Book3S PR: Fix WIMG handling under pHyp KVM: PPC: Book3S HV: Drop prepare_done from struct kvm_resize_hpt KVM: PPC: Book3S HV: Fix use after free in case of multiple resize requests KVM: PPC: Book3S HV: Always flush TLB in kvmppc_alloc_reset_hpt() drm/vmwgfx: Don't cache framebuffer maps drm/vmwgfx: Potential off by one in vmw_view_add() drm/i915/gvt: Clear the shadow page table entry after post-sync drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake. drm/i915: Move init_clock_gating() back to where it was drm/i915: Fix init_clock_gating for resume bpf: prevent out-of-bounds speculation bpf, array: fix overflow in max_entries and undefined behavior in index_mask bpf: arsh is not supported in 32 bit alu thus reject it USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ USB: serial: cp210x: add new device ID ELV ALC 8xxx usb: misc: usb3503: make sure reset is low for at least 100us USB: fix usbmon BUG trigger USB: UDC core: fix double-free in usb_add_gadget_udc_release usbip: remove kernel addresses from usb device and urb debug msgs usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious input usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null xfer buffer staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl Bluetooth: Prevent stack info leak from the EFS element. uas: ignore UAS for Norelsys NS1068(X) chips mux: core: fix double get_device() kdump: write correct address of mem_section into vmcoreinfo apparmor: fix ptrace label match when matching stacked labels e1000e: Fix e1000_check_for_copper_link_ich8lan return value. x86/pti: Unbreak EFI old_memmap x86/Documentation: Add PTI description x86/cpufeatures: Add X86_BUG_SPECTRE_V[12] sysfs/cpu: Add vulnerability folder x86/cpu: Implement CPU vulnerabilites sysfs functions x86/tboot: Unbreak tboot with PTI enabled x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*() x86/cpu/AMD: Make LFENCE a serializing instruction x86/cpu/AMD: Use LFENCE_RDTSC in preference to MFENCE_RDTSC sysfs/cpu: Fix typos in vulnerability documentation x86/alternatives: Fix optimize_nops() checking x86/pti: Make unpoison of pgd for trusted boot work for real objtool: Detect jumps to retpoline thunks objtool: Allow alternatives to be ignored x86/retpoline: Add initial retpoline support x86/spectre: Add boot time option to select Spectre v2 mitigation x86/retpoline/crypto: Convert crypto assembler indirect jumps x86/retpoline/entry: Convert entry assembler indirect jumps x86/retpoline/ftrace: Convert ftrace assembler indirect jumps x86/retpoline/hyperv: Convert assembler indirect jumps x86/retpoline/xen: Convert Xen hypercall indirect jumps x86/retpoline/checksum32: Convert assembler indirect jumps x86/retpoline/irq32: Convert assembler indirect jumps x86/retpoline: Fill return stack buffer on vmexit selftests/x86: Add test_vsyscall x86/pti: Fix !PCID and sanitize defines security/Kconfig: Correct the Documentation reference for PTI x86,perf: Disable intel_bts when PTI x86/retpoline: Remove compile time warning Linux 4.14.14 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
W. Trevor King
|
c3e7fc9654 |
security/Kconfig: Correct the Documentation reference for PTI
commit a237f762681e2a394ca67f21df2feb2b76a3609b upstream.
When the config option for PTI was added a reference to documentation was
added as well. But the documentation did not exist at that point. The final
documentation has a different file name.
Fix it up to point to the proper file.
Fixes: 385ce0ea ("x86/mm/pti: Add Kconfig")
Signed-off-by: W. Trevor King <wking@tremily.us>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: linux-mm@kvack.org
Cc: linux-security-module@vger.kernel.org
Cc: James Morris <james.l.morris@oracle.com>
Cc: "Serge E. Hallyn" <serge@hallyn.com>
Cc: stable@vger.kernel.org
Link: https://lkml.kernel.org/r/3009cc8ccbddcd897ec1e0cb6dda524929de0d14.1515799398.git.wking@tremily.us
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
John Johansen
|
233363fd02 |
apparmor: fix ptrace label match when matching stacked labels
commit 0dda0b3fb255048a221f736c8a2a24c674da8bf3 upstream.
Given a label with a profile stack of
A//&B or A//&C ...
A ptrace rule should be able to specify a generic trace pattern with
a rule like
ptrace trace A//&**,
however this is failing because while the correct label match routine
is called, it is being done post label decomposition so it is always
being done against a profile instead of the stacked label.
To fix this refactor the cross check to pass the full peer label in to
the label_match.
Fixes: 290f458a4f16 ("apparmor: allow ptrace checks to be finer grained than just capability")
Reported-by: Matthew Garrett <mjg59@google.com>
Tested-by: Matthew Garrett <mjg59@google.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
Runmin Wang
|
5682ea9f33 |
Merge remote-tracking branch 'remotes/origin/tmp-9189141' into msm-4.14
* remotes/origin/tmp-9189141: Linux 4.14.13 KVM: s390: prevent buffer overrun on memory hotplug during migration KVM: s390: fix cmma migration for multiple memory slots mtd: nand: pxa3xx: Fix READOOB implementation parisc: qemu idle sleep support parisc: Fix alignment of pa_tlb_lock in assembly on 32-bit SMP kernel apparmor: fix regression in mount mediation when feature set is pinned x86/microcode/AMD: Add support for fam17h microcode loading Input: elantech - add new icbody type 15 powerpc/mm: Fix SEGV on mapped region to return SEGV_ACCERR ARC: uaccess: dont use "l" gcc inline asm constraint modifier iommu/arm-smmu-v3: Cope with duplicated Stream IDs iommu/arm-smmu-v3: Don't free page table ops twice kernel/signal.c: remove the no longer needed SIGNAL_UNKILLABLE check in complete_signal() kernel/signal.c: protect the SIGNAL_UNKILLABLE tasks from !sig_kernel_only() signals kernel/signal.c: protect the traced SIGNAL_UNKILLABLE tasks from SIGKILL x86 / CPU: Always show current CPU frequency in /proc/cpuinfo x86 / CPU: Avoid unnecessary IPIs in arch_freq_get_on_cpu() fscache: Fix the default for fscache_maybe_release_page() sunxi-rsb: Include OF based modalias in device uevent drm/i915: Apply Display WA #1183 on skl, kbl, and cfl drm/i915: Disable DC states around GMBUS on GLK crypto: chelsio - select CRYPTO_GF128MUL crypto: pcrypt - fix freeing pcrypt instances crypto: chacha20poly1305 - validate the digest size crypto: n2 - cure use after free efi/capsule-loader: Reinstate virtual capsule mapping btrfs: fix refcount_t usage when deleting btrfs_delayed_nodes userfaultfd: clear the vma->vm_userfaultfd_ctx if UFFD_EVENT_FORK fails mm/sparse.c: wrong allocation for mem_section mm/mprotect: add a cond_resched() inside change_pmd_range() kernel/acct.c: fix the acct->needcheck check in check_free_space() x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN x86/alternatives: Add missing '\n' at end of ALTERNATIVE inline asm x86/tlb: Drop the _GPL from the cpu_tlbstate export x86/events/intel/ds: Use the proper cache flush method for mapping ds buffers x86/kaslr: Fix the vaddr_end mess x86/mm: Map cpu_entry_area at the same place on 4/5 level x86/mm: Set MODULES_END to 0xffffffffff000000 ANDROID: netfilter: xt_qtaguid: Fix 4.14 compilation ANDROID: Squashfs: optimize reading uncompressed data ANDROID: Squashfs: implement .readpages() ANDROID: Squashfs: replace buffer_head with BIO ANDROID: Squashfs: refactor page_actor ANDROID: usb: f_fs: Prevent gadget unbind if it is already unbound Linux 4.14.12 rtc: m41t80: remove unneeded checks from m41t80_sqw_set_rate rtc: m41t80: avoid i2c read in m41t80_sqw_is_prepared rtc: m41t80: avoid i2c read in m41t80_sqw_recalc_rate rtc: m41t80: fix m41t80_sqw_round_rate return value rtc: m41t80: m41t80_sqw_set_rate should return 0 on success Revert "xfrm: Fix stack-out-of-bounds read in xfrm_state_find." x86/process: Define cpu_tss_rw in same section as declaration x86/pti: Switch to kernel CR3 at early in entry_SYSCALL_compat() x86/dumpstack: Print registers for first stack frame x86/dumpstack: Fix partial register dumps x86/pti: Make sure the user/kernel PTEs match x86/cpu, x86/pti: Do not enable PTI on AMD processors capabilities: fix buffer overread on very short xattr exec: Weaken dumpability for secureexec Linux 4.14.11 tty: fix tty_ldisc_receive_buf() documentation n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD) x86/ldt: Make LDT pgtable free conditional x86/ldt: Plug memory leak in error path x86/espfix/64: Fix espfix double-fault handling on 5-level systems x86-32: Fix kexec with stack canary (CONFIG_CC_STACKPROTECTOR) x86/mm: Remove preempt_disable/enable() from __native_flush_tlb() x86/smpboot: Remove stale TLB flush invocations nohz: Prevent a timer interrupt storm in tick_nohz_stop_sched_tick() staging: android: ion: Fix dma direction for dma_sync_sg_for_cpu/device drivers: base: cacheinfo: fix cache type for non-architected system cache phy: tegra: fix device-tree node lookups binder: fix proc->files use-after-free timers: Reinitialize per cpu bases on hotplug timers: Invoke timer_start_debug() where it makes sense timers: Use deferrable base independent of base::nohz_active usb: xhci: Add XHCI_TRUST_TX_LENGTH for Renesas uPD720201 USB: Fix off by one in type-specific length check of BOS SSP capability usb: add RESET_RESUME for ELSA MicroLink 56K usb: Add device quirk for Logitech HD Pro Webcam C925e USB: serial: option: adding support for YUGA CLM920-NC5 USB: serial: option: add support for Telit ME910 PID 0x1101 USB: serial: qcserial: add Sierra Wireless EM7565 USB: serial: ftdi_sio: add id for Airbus DS P8GR USB: chipidea: msm: fix ulpi-node lookup usbip: vhci: stop printing kernel pointer addresses in messages usbip: stub: stop printing kernel pointer addresses in messages usbip: prevent leaking socket pointer address in messages usbip: fix usbip bind writing random string after command in match_busid sparc64: repair calling incorrect hweight function from stubs skbuff: in skb_copy_ubufs unclone before releasing zerocopy skbuff: skb_copy_ubufs must release uarg even without user frags skbuff: orphan frags before zerocopy clone Revert "mlx5: move affinity hints assignments to generic code" ipv6: set all.accept_dad to 0 by default ipv4: fib: Fix metrics match when deleting a route phylink: ensure AN is enabled phylink: ensure the PHY interface mode is appropriately set bnxt_en: Fix sources of spurious netpoll warnings net: sched: fix static key imbalance in case of ingress/clsact_init error vxlan: restore dev->mtu setting based on lower device net/mlx5: FPGA, return -EINVAL if size is zero tcp: refresh tcp_mstamp from timers callbacks ipv6: Honor specified parameters in fibmatch lookup net: phy: marvell: Limit 88m1101 autoneg errata to 88E1145 as well. tcp: fix potential underestimation on rcv_rtt mlxsw: spectrum: Disable MAC learning for ovs port tipc: fix hanging poll() for stream sockets sctp: make sure stream nums can match optlen in sctp_setsockopt_reset_streams s390/qeth: fix error handling in checksum cmd callback net: dsa: bcm_sf2: Clear IDDQ_GLOBAL_PWR bit for PHY sfc: pass valid pointers from efx_enqueue_unwind openvswitch: Fix pop_vlan action for double tagged frames net/mlx5: Fix error flow in CREATE_QP command net/mlx5e: Prevent possible races in VXLAN control flow net/mlx5e: Add refcount to VXLAN structure net/mlx5e: Fix features check of IPv6 traffic net/mlx5e: Fix possible deadlock of VXLAN lock net/mlx5: Fix rate limit packet pacing naming and struct tcp: invalidate rate samples during SACK reneging sock: free skb in skb_complete_tx_timestamp on error net: phy: micrel: ksz9031: reconfigure autoneg after phy autoneg workaround net: Fix double free and memory corruption in get_net_ns_by_id() net: bridge: fix early call to br_stp_change_bridge_id and plug newlink leaks ipv4: Fix use-after-free when flushing FIB tables ip6_gre: fix device features for ioctl setup adding missing rcu_read_unlock in ipxip6_rcv sctp: Replace use of sockets_allocated with specified macro. net: mvmdio: disable/unprepare clocks in EPROBE_DEFER case net: ipv4: fix for a race condition in raw_sendmsg s390/qeth: update takeover IPs after configuration change s390/qeth: lock IP table while applying takeover changes s390/qeth: don't apply takeover changes to RXIP s390/qeth: apply takeover changes when mode is toggled tcp_bbr: reset long-term bandwidth sampling on loss recovery undo tcp_bbr: reset full pipe detection on loss recovery undo tg3: Fix rx hang on MTU change with 5717/5719 tcp md5sig: Use skb's saddr when replying to an incoming segment tcp_bbr: record "full bw reached" decision in new full_bw_reached bit RDS: Check cmsg_len before dereferencing CMSG_DATA ptr_ring: add barriers net: reevalulate autoflowlabel setting after sysctl setting net: qmi_wwan: add Sierra EM7565 1199:9091 netlink: Add netns check on taps net: igmp: Use correct source address on IGMPv3 reports net: fec: unmap the xmit buffer that are not transferred by DMA ipv6: mcast: better catch silly mtu values ipv4: igmp: guard against silly MTU values kbuild: add '-fno-stack-check' to kernel build options block: don't let passthrough IO go into .make_request_fn() block: fix blk_rq_append_bio cpufreq: schedutil: Use idle_calls counter of the remote CPU ALSA: hda - Fix missing COEF init for ALC225/295/299 ALSA: hda - fix headset mic detection issue on a Dell machine ALSA: hda - change the location for one mic on a Lenovo machine ALSA: hda - Add MIC_NO_PRESENCE fixup for 2 HP machines ALSA: hda: Drop useless WARN_ON() IB/core: Verify that QP is security enabled in create and destroy IB/uverbs: Fix command checking as part of ib_uverbs_ex_modify_qp() IB/mlx5: Serialize access to the VMA list IB/hfi: Only read capability registers if the capability exists gpio: fix "gpio-line-names" property retrieval ASoC: tlv320aic31xx: Fix GPIO1 register definition ASoC: twl4030: fix child-node lookup ASoC: fsl_ssi: AC'97 ops need regmap, clock and cleaning up on failure ASoC: da7218: fix fix child-node lookup ASoC: wm_adsp: Fix validation of firmware and coeff lengths ASoC: codecs: msm8916-wcd: Fix supported formats iw_cxgb4: Only validate the MSN for successful completions ring-buffer: Do no reuse reader page if still in use ring-buffer: Mask out the info bits when returning buffer page length x86/ldt: Make the LDT mapping RO x86/mm/dump_pagetables: Allow dumping current pagetables x86/mm/dump_pagetables: Check user space page table for WX pages x86/mm/dump_pagetables: Add page table directory to the debugfs VFS hierarchy x86/mm/pti: Add Kconfig x86/dumpstack: Indicate in Oops whether PTI is configured and enabled x86/mm: Clarify the whole ASID/kernel PCID/user PCID naming x86/mm: Use INVPCID for __native_flush_tlb_single() x86/mm: Optimize RESTORE_CR3 x86/mm: Use/Fix PCID to optimize user/kernel switches x86/mm: Abstract switching CR3 x86/mm: Allow flushing for future ASID switches x86/pti: Map the vsyscall page if needed x86/pti: Put the LDT in its own PGD if PTI is on x86/mm/64: Make a full PGD-entry size hole in the memory map x86/events/intel/ds: Map debug buffers in cpu_entry_area x86/cpu_entry_area: Add debugstore entries to cpu_entry_area x86/mm/pti: Map ESPFIX into user space x86/mm/pti: Share entry text PMD x86/entry: Align entry text section to PMD boundary x86/mm/pti: Share cpu_entry_area with user space page tables x86/mm/pti: Force entry through trampoline when PTI active x86/mm/pti: Add functions to clone kernel PMDs x86/mm/pti: Populate user PGD x86/mm/pti: Allocate a separate user PGD x86/mm/pti: Allow NX poison to be set in p4d/pgd x86/mm/pti: Add mapping helper functions x86/pti: Add the pti= cmdline option and documentation x86/mm/pti: Add infrastructure for page table isolation x86/mm/pti: Prepare the x86/entry assembly code for entry/exit CR3 switching x86/mm/pti: Disable global pages if PAGE_TABLE_ISOLATION=y x86/cpufeatures: Add X86_BUG_CPU_INSECURE tracing: Fix crash when it fails to alloc ring buffer tracing: Fix possible double free on failure of allocating trace buffer tracing: Remove extra zeroing out of the ring buffer page Conflicts: drivers/staging/android/ion/ion.c kernel/time/timer.c Change-Id: Ia5b16c96ab44e640e2f10ab535c4c672b670cbdc Signed-off-by: Runmin Wang <runminw@codeaurora.org> |
||
|
Greg Kroah-Hartman
|
918914133e |
This is the 4.14.13 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlpVz2IACgkQONu9yGCS aT5ruQ//e+yZXvviuuvH1GoPEPIBXNLIZRe1wRbkput3B299ECktxXfvquP/a8UK NcUM2G4TlrZ6o0qYjvYEpKpXmvXUBIhloNfX5bGTNFa5fAeQ4Zlx06EVBydtfteW gYn17aLZrnAPsr0g2A6BvPEtjkZQ4olzbcjQMlgmvCN0C4FH4eldEjC//wr7O00w yn+W5pL8b3QSjfuyHyp607BJni26bIZJtZGTmuyzRlfljaTxM1LDjCJNACp3Y8hP oR+5cxnlaOr7grtAbdBjAN3oLeH/JxEKP5Ec+4KTolYp/qfoRBaA7AEQhpUKgRuh rez1hJ5vGWBim4edARmkc27Fvos91TmKFRe+oH0LU8pA6FbcHQ3cAJGAWSSRfxwS 5UAPRgXruGGh+jyx+2MK8+UuhRrCBxalmSIoo/EuVEaAdLiZRua1rgO8JegoAAZD YAMZnY0aSFcncCOPO1JZEHi07py1LU3JMk6vAh53KVyePaEJXy6JzRPoXJep2a7f kRzPzNHYUH3cfR1oOv7Cuf+UEXSc5FvDjlzPXkDVBbK/7qVJaYRmVIz5evXbEXmy CQMQfivl5WvT3amPj/PSreWh0khXfENa3VZrTJdTqbq8gytlxwgz7JXSxNSipNUJ A2eg13rOVnT9knVfw8Kefozwtc+I56KMJ/F0VuzaJcsIvCs6+Q8= =dywX -----END PGP SIGNATURE----- Merge 4.14.13 into android-4.14 Changes in 4.14.13 x86/mm: Set MODULES_END to 0xffffffffff000000 x86/mm: Map cpu_entry_area at the same place on 4/5 level x86/kaslr: Fix the vaddr_end mess x86/events/intel/ds: Use the proper cache flush method for mapping ds buffers x86/tlb: Drop the _GPL from the cpu_tlbstate export x86/alternatives: Add missing '\n' at end of ALTERNATIVE inline asm x86/pti: Rename BUG_CPU_INSECURE to BUG_CPU_MELTDOWN kernel/acct.c: fix the acct->needcheck check in check_free_space() mm/mprotect: add a cond_resched() inside change_pmd_range() mm/sparse.c: wrong allocation for mem_section userfaultfd: clear the vma->vm_userfaultfd_ctx if UFFD_EVENT_FORK fails btrfs: fix refcount_t usage when deleting btrfs_delayed_nodes efi/capsule-loader: Reinstate virtual capsule mapping crypto: n2 - cure use after free crypto: chacha20poly1305 - validate the digest size crypto: pcrypt - fix freeing pcrypt instances crypto: chelsio - select CRYPTO_GF128MUL drm/i915: Disable DC states around GMBUS on GLK drm/i915: Apply Display WA #1183 on skl, kbl, and cfl sunxi-rsb: Include OF based modalias in device uevent fscache: Fix the default for fscache_maybe_release_page() x86 / CPU: Avoid unnecessary IPIs in arch_freq_get_on_cpu() x86 / CPU: Always show current CPU frequency in /proc/cpuinfo kernel/signal.c: protect the traced SIGNAL_UNKILLABLE tasks from SIGKILL kernel/signal.c: protect the SIGNAL_UNKILLABLE tasks from !sig_kernel_only() signals kernel/signal.c: remove the no longer needed SIGNAL_UNKILLABLE check in complete_signal() iommu/arm-smmu-v3: Don't free page table ops twice iommu/arm-smmu-v3: Cope with duplicated Stream IDs ARC: uaccess: dont use "l" gcc inline asm constraint modifier powerpc/mm: Fix SEGV on mapped region to return SEGV_ACCERR Input: elantech - add new icbody type 15 x86/microcode/AMD: Add support for fam17h microcode loading apparmor: fix regression in mount mediation when feature set is pinned parisc: Fix alignment of pa_tlb_lock in assembly on 32-bit SMP kernel parisc: qemu idle sleep support mtd: nand: pxa3xx: Fix READOOB implementation KVM: s390: fix cmma migration for multiple memory slots KVM: s390: prevent buffer overrun on memory hotplug during migration Linux 4.14.13 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
John Johansen
|
f5edee88ad |
apparmor: fix regression in mount mediation when feature set is pinned
commit 5b9f57cf47b87f07210875d6a24776b4496b818d upstream. When the mount code was refactored for Labels it was not correctly updated to check whether policy supported mediation of the mount class. This causes a regression when the kernel feature set is reported as supporting mount and policy is pinned to a feature set that does not support mount mediation. BugLink: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882697#41 Fixes: 2ea3ffb7782a ("apparmor: add mount mediation") Reported-by: Fabian Grünbichler <f.gruenbichler@proxmox.com> Signed-off-by: John Johansen <john.johansen@canonical.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Runmin Wang
|
39d3607980 |
Merge remote-tracking branch 'remotes/origin/tmp-ad490df' into msm-4.14
* remotes/origin/tmp-ad490df:
ANDROID: binder: Remove obsolete proc waitqueue.
f2fs: updates on 4.15-rc1
ANDROID: arch_topology: fix build for !CONFIG_CPU_FREQ
ANDROID: ARM64: Tweak defconfig Android EAS features
ANDROID: ARM64: Tweak defconfig for EAS platforms
ANDROID: DEBUG: accumulate debug output and dump all at the end of energy_diff
ANDROID: sched/fair: prevent meaningless active migration
ANDROID: sched/fair: Fall back to slow path wakeup placement if needed
ANDROID: DEBUG: Temporarily disable lockdep asserting on update_task_ravg
ANDROID: sched: Introduce Window Assisted Load Tracking (WALT)
ANDROID: Add find_best_target to minimise energy calculation overhead
ANDROID: Combined EAS Load Balance Tweaks
ANDROID: sched/fair: re-factor energy_diff to use a single (extensible) energy_env
ANDROID: sched/fair: consider task utilization in group_norm/max_util()
ANDROID: refactor select_task_rq_fair et al to be cleaner
ANDROID: sched: fair: Bypass energy-aware wakeup for prefer-idle tasks
ANDROID: sched: Move energy-aware decision into a helper function
ANDROID: sched/fair: Try to estimate possible idle states.
ANDROID: trace/sched: Add tracepoint for sched_overutilized events
ANDROID: sched: fair/tune: Add schedtune with cgroups interface
ANDROID: sched: EAS: take cstate into account when selecting idle core
ANDROID: sched: Unconditionally honor sync flag for energy-aware wakeups
ANDROID: sched: Add KConfig option to set ENERGY_AWARE sched feature on
ANDROID: cpufreq: schedutil: add up/down frequency transition rate limits
ANDROID: sched: Add per-cpu max capacity to sched_group_capacity
ANDROID: sched: cpufreq: use PELT rt_rq as estimate of required RT CPU capacity
ANDROID: trace/sched: add tracepoint for rt_rq PELT signal
FROMLIST: sched/rt: add utilization tracking
FROMLIST: sched/fair: Use wake_q length as a hint for wake_wide
FROMLIST: sched/fair: Update blocked load from newly idle balance
FROMLIST: sched: force update of blocked load of idle cpus
UPSTREAM: sched/fair: Sync task util before slow-path wakeup
UPSTREAM: sched/fair: Fix usage of find_idlest_group() when the local group is idlest
UPSTREAM: sched/fair: Fix usage of find_idlest_group() when no groups are allowed
UPSTREAM: sched/fair: Fix find_idlest_group() when local group is not allowed
UPSTREAM: sched/fair: Remove unnecessary comparison with -1
UPSTREAM: sched/fair: Move select_task_rq_fair() slow-path into its own function
UPSTREAM: sched/fair: Force balancing on NOHZ balance if local group has capacity
ANDROID: sched/events: Introduce task_group load tracking trace event
ANDROID: sched/events: Introduce sched_entity load tracking trace event
ANDROID: sched/events: Introduce cfs_rq load tracking trace event
ANDROID: sched/autogroup: Define autogroup_path() for !CONFIG_SCHED_DEBUG
ANDROID: sched/debug: Add energy procfs interface
ANDROID: arm: Support for extracting EAS energy costs from DT
ANDROID: arm64: Support for extracting EAS energy costs from DT
ANDROID: arm: Add Energy Model to dtb for TC2
ANDROID: hisilicon: Add energy model data to hisilicon 6220 dtb
ANDROID: arm64: Add Energy Model to dtb for Juno-r0 and Juno-r2
ANDROID: Documentation: DT bindings for energy model cost data required by EAS
ANDROID: arm64, dts: add hikey cpu capacity-dmips-mhz information
ANDROID: drivers base/arch_topology: Detect SD_SHARE_CAP_STATES flag
ANDROID: drivers base/arch_topology: enforce SCHED_CAPACITY_SCALE as highest CPU capacity
ANDROID: drivers base/arch_topology: fold two pr_debug()'s into one
ANDROID: sched: Per-Sched-domain over utilization
ANDROID: sched: Disable energy-unfriendly nohz kicks
ANDROID: sched: Consider a not over-utilized energy-aware system as balanced
ANDROID: sched/fair: Energy-aware wake-up task placement
ANDROID: sched: Add over-utilization/tipping point indicator
ANDROID: sched/fair: Add energy_diff dead-zone margin
ANDROID: sched: Determine the current sched_group idle-state
ANDROID: sched, cpuidle: Track cpuidle state index in the scheduler
ANDROID: sched: Estimate energy impact of scheduling decisions
ANDROID: sched: Extend sched_group_energy to test load-balancing decisions
ANDROID: initramfs: call free_initrd() when skipping init
FROMLIST: net: xfrm: allow clearing socket xfrm policies.
FROMLIST: binder: fix proc->files use-after-free
UPSTREAM: arm64: vdso: fix clock_getres for 4GiB-aligned res
UPSTREAM: security: bpf: replace include of linux/bpf.h with forward declarations
BACKPORT: selinux: bpf: Add addtional check for bpf object file receive
UPSTREAM: selinux: bpf: Add selinux check for eBPF syscall operations
BACKPORT: security: bpf: Add LSM hooks for bpf object related syscall
BACKPORT: bpf: Add file mode configuration into bpf maps
UPSTREAM: arm64: Avoid aligning normal memory pointers in __memcpy_{to,from}io
UPSTREAM: android: binder: Change binder_shrinker to static
UPSTREAM: f2fs: expose some sectors to user in inline data or dentry case
UPSTREAM: tracing: Add support for preempt and irq enable/disable events
UPSTREAM: tracing: Prepare to add preempt and irq trace events
BACKPORT: android: binder: Remove unused vma argument
ANDROID: Revert "arm64: move ELF_ET_DYN_BASE to 4GB / 4MB"
ANDROID: Revert "arm: move ELF_ET_DYN_BASE to 4MB"
ANDROID: memory_state_time: fix undefined behavior with missing DT properties
ANDROID: memory_state_time: Implement memory_state_time, used by qcom,cpubw
ANDROID: uid_sys_stats: log task io with a debug flag
ANDROID: uid_sys_stats: check previous uid_entry before call find_or_register_uid
ANDROID: uid_sys_stats: Kconfig: add depends for UID_SYS_STATS
ANDROID: uid_sys_stats: defer io stats calulation for dead tasks
ANDROID: uid_sys_stats: fix access of task_uid(task)
ANDROID: uid_sys_stats: reduce update_io_stats overhead
ANDROID: uid_sys_stats: change to use rt_mutex
ANDROID: uid_sys_stats: account for fsync syscalls
ANDROID: uid_sys_stats: fix negative write bytes.
ANDROID: uid_sys_stats: allow writing same state
ANDROID: uid_sys_stats: rename uid_cputime.c to uid_sys_stats.c
ANDROID: uid_cputime: add per-uid IO usage accounting
ANDROID: uid_cputime: Check for the range while removing range of UIDs.
ANDROID: uid_cputime: Iterates over all the threads instead of processes.
ANDROID: uid_cputime: fix cputime overflow
ANDROID: uid_cputime: Adds accounting for the cputimes per uid.
CHROMIUM: usb: gadget: f_accessory: add .raw_request callback
CHROMIUM: usb: gadget: f_audio_source: add .free_func callback
ANDROID: usb: gadget: f_midi: set fi->f to NULL when free f_midi function
ANDROID: usb: gadget: f_midi: create F_midi device
ANDROID: usb: gadget: f_accessory: assign no-op request complete callbacks
ANDROID: usb: gadget: f_accessory: Fix for UsbAccessory clean unbind.
ANDROID: usb: gadget: f_accessory: fix false disconnect due to a signal sent to the reading process
ANDROID: usb: gadget: f_accessory: Move gadget functions code
ANDROID: usb: gadget: f_accessory: Migrate to USB_FUNCTION API
ANDROID: usb: gadget: f_audio_source: disable the CPU C-states upon playback
ANDROID: usb: gadget: f_audio_source: Move gadget functions code
ANDROID: usb: gadget: f_audio_source: Move to USB_FUNCTION API
ANDROID: usb: gadget: composite: Do not disconnect unregistered dev
ANDROID: usb: gadget: configfs: fix null ptr in android_disconnect
ANDROID: usb: gadget: configfs: Add device attribute to determine gadget state
ANDROID: usb: gadget: configfs: Add "state" attribute to android_device
ANDROID: usb: gadget: configfs: Add function devices to the parent
ANDROID: usb: gadget: configfs: Add Uevent to notify userspace
ANDROID: usb: gadget: configfs: Add usb_function ptr to fi struct
ANDROID: usb: gadget: f_audio_source: Fixed USB Audio Class Interface Descriptor
ANDROID: usb: gadget: f_audio_source: change max ISO packet size
ANDROID: usb: gadget: f_audio_source: New gadget driver for audio output
ANDROID: usb: gadget: f_accessory: check for accessory device before disconnecting HIDs
ANDROID: usb: gadget: f_accessory: Enabled Zero Length Packet (ZLP) for acc_write
ANDROID: usb: gadget: f_accessory: move userspace interface to uapi
ANDROID: usb: gadget: f_accessory: Add support for HID input devices
ANDROID: usb: gadget: f_accessory: Add ACCESSORY_SET_AUDIO_MODE control request and ioctl
ANDROID: usb: gadget: f_accessory: Add Android Accessory function
ANDROID: usb: phy: Dual role sysfs class definition
ANDROID: usb: otg-wakelock: Remove wakelock.h dependencies
ANDROID: usb: otg-wakelock: Temporarily grab wakelock on charger and disconnect events
ANDROID: usb: otg-wakelock: Take wakelock when VBUS present
ANDROID: trace: net: use %pK for kernel pointers
ANDROID: trace: power: add trace_clock_set_parent
ANDROID: trace: cpufreq: Add tracing for min/max cpufreq
ANDROID: trace: gpu: add gpu trace events
ANDROID: trace: sched: add sched blocked tracepoint which dumps out context of sleep.
ANDROID: trace: add non-hierarchical function_graph option
ANDROID: security,perf: Allow further restriction of perf_event_open
ANDROID: rtc-palmas: correct for bcd year
ANDROID: power: wakeup: align wakeup_sources format
ANDROID: power: wakeup: Add the guard condition for len in pm_get_active_wakeup_sources
ANDROID: power: wakeup: Add last wake up source logging for suspend abort reason.
ANDROID: power: wakeup_reason: fix suspend time reporting
ANDROID: power: wakeup_reason: Report suspend times from last_suspend_time
ANDROID: power: wakeup_reason: Add check_wakeup_reason() to verify wakeup source irq
ANDROID: power: wakeup_reason: Adds functionality to log the last suspend abort reason.
ANDROID: power: wakeup_reason: Avoids bogus error messages for the suspend aborts.
ANDROID: power: wakeup_reason: Add guard condition for maximum wakeup reasons
ANDROID: power: wakeup_reason: add an API to log wakeup reasons
ANDROID: power: power_supply: Add property CHARGE_COUNTER_EXT and 64-bit precision properties
ANDROID: power: power_supply: add POWER_SUPPLY_PROP_CHARGE_ENABLED
ANDROID: power: power_supply: add POWER_SUPPLY_PROP_USB_OTG
ANDROID: power: power_supply: Add custom property for USB High Current mode
ANDROID: arm64: copy CONFIG_CMDLINE_EXTEND from ARM
ANDROID: of: Support CONFIG_CMDLINE_EXTEND config option
ANDROID: NFC: st21nfca: Fix memory OOB and leak issues in connectivity events handler
ANDROID: NFC: Fix possible memory corruption when handling SHDLC I-Frame commands
ANDROID: nfc: fdp: Fix possible buffer overflow in WCS4000 NFC driver
ANDROID: NFC: st21nfca: Fix out of bounds kernel access when handling ATR_REQ
ANDROID: netfilter: xt_IDLETIMER: Use fullsock when querying uid
ANDROID: netfilter: xt_IDLETIMER: Fix use after free condition during work
ANDROID: netfilter: xt_IDLETIMER: Adds the uid field in the msg
ANDROID: netfilter: xt_IDLETIMER: time-stamp and suspend/resume handling.
ANDROID: netfilter: xt_IDLETIMER: Add new netlink msg type
ANDROID: netfilter: xt_qtaguid: Use sk_uid to replace uid get from socket file
ANDROID: netfilter: xt_qtaguid: fix handling for cases where tunnels are used.
ANDROID: netfilter: xt_qtaguid: handle properly request sockets
ANDROID: netfilter: xt_qtaguid: Add untag hacks to inet_release function
ANDROID: netfilter: xt_qtaguid: don't check if embedded arrays are NULL
ANDROID: netfilter: xt_qtaguid: fix the deadlock when enable DDEBUG
ANDROID: netfilter: xt_qtaguid: Don't show empty tag stats for unprivileged uids
ANDROID: netfilter: xt_qtaguid: Fix panic caused by processing non-full socket.
ANDROID: netfilter: xt_qtaguid: Fix panic caused by synack processing
ANDROID: netfilter: xt_qtaguid: fix a race condition in if_tag_stat_update
ANDROID: netfilter: xt_qtaguid: xt_socket: build fixes
ANDROID: netfilter: xt_socket/nf_socket: fix refcount underflow and crash
ANDROID: netfilter: xt_qtaguid: Use sk_callback_lock read locks before reading sk->sk_socket
ANDROID: netfilter: xt_qtaguid/xt_socket: Build fixups
ANDROID: netfilter: xt_qtaguid: Fix boot panic
ANDROID: netfilter: xt_qtaguid: fix bad tcp_time_wait sock handling
ANDROID: netfilter: xt_qtaguid: 3.10 fixes
ANDROID: netfilter: xt_qtaguid: rate limit some of the printks
ANDROID: netfilter: xt_qtaguid: Allow tracking loopback
ANDROID: netfilter: xt_qtaguid: extend iface stat to report protocols
ANDROID: netfilter: xt_qtaguid: remove AID_* dependency for access control
ANDROID: netfilter: xt_qtaguid: Don't BUG_ON if create_if_tag_stat fails
ANDROID: netfilter: xt_qtaguid: fix error exit that would keep a spinlock.
ANDROID: netfilter: xt_qtaguid: report only uid tags to non-privileged processes
ANDROID: netfilter: xt_qtaguid: start tracking iface rx/tx at low level
ANDROID: netfilter: xt_qtaguid: fix ipv6 protocol lookup
ANDROID: netfilter: xt_qtaguid: add qtaguid matching module
ANDROID: netfilter: xt_quota2: fixup the quota2, and enable.
ANDROID: netfilter: xt_quota2: adding the original quota2 from xtables-addons
ANDROID: net: xfrm: check dir value of xfrm_userpolicy_id
ANDROID: net: xfrm: make PF_KEY SHA256 use RFC-compliant truncation.
ANDROID: net: wireless: wlcore: Disable filtering in AP role
ANDROID: net: wireless: Decrease scan entry expiration to avoid stall results
ANDROID: net: rfkill: Introduce CONFIG_RFKILL_PM and use instead of CONFIG_PM to power down
ANDROID: net: ipv6: autoconf routes into per-device tables
ANDROID: net: ipv6: fix crash caused by ipv6_find_hdr()
ANDROID: net: ipv4: tcp: add a sysctl to config the tcp_default_init_rwnd
ANDROID: net: ipv4: sysfs_net_ipv4: Add sysfs-based knobs for controlling TCP window size
ANDROID: net: ip-sysctl: Document tcp_fwmark_accept
ANDROID: net: paranoid: commoncap: Begin to warn users of implicit PARANOID_NETWORK capability grants
ANDROID: net: paranoid: security: Add proper checks for Android specific capability checks
ANDROID: net: paranoid: Only NET_ADMIN is allowed to fully control TUN interfaces.
ANDROID: net: paranoid: Replace AID_NET_RAW checks with capable(CAP_NET_RAW).
ANDROID: net: paranoid: security: Add AID_NET_RAW and AID_NET_ADMIN capability check in cap_capable().
ANDROID: net: Paranoid network.
ANDROID: mmc: core: export emmc revision
ANDROID: mmc: core: move to a SCHED_FIFO thread
ANDROID: mmc: core: Add "ignore mmc pm notify" functionality
ANDROID: mmc: sdio: Add concept of an 'embedded' SDIO device.
ANDROID: mmc: sd: Add retries in re-detection
ANDROID: mmc: sd: When resuming, try a little harder to init the card
ANDROID: mmc: sd: Add new CONFIG_MMC_PARANOID_SD_INIT for enabling retries during SD detection
ANDROID: mm: add a field to store names for private anonymous memory
ANDROID: HACK: arm64: use -mno-implicit-float instead of -mgeneral-regs-only
ANDROID: Kbuild, LLVMLinux: allow overriding clang target triple
CHROMIUM: arm64: Disable asm-operand-width warning for clang
CHROMIUM: kbuild: clang: Disable the 'duplicate-decl-specifier' warning
ANDROID: kbuild: Makefile.clean: make Kbuild and Makefile optional
ANDROID: kbuild: make it possible to specify the module output dir
ANDROID: input: goldfish_events: no extra EV_SYN; register goldfish
ANDROID: input: keychord: Fix for a memory leak in keychord.
ANDROID: input: keychord: Fix races in keychord_write.
ANDROID: input: keychord: Fix a slab out-of-bounds read.
ANDROID: input: keychord: log when keychord triggered
ANDROID: input: keyreset: switch to orderly_reboot
ANDROID: input: keyreset: Made keyreset more robust
ANDROID: input: keyreset: Changed keyreset to act as a wrapper for keycombo.
ANDROID: input: keycombo: add keycombo, a general key combo driver.
ANDROID: input: keychord: Add keychord driver
ANDROID: input: keyreset: Add keyreset driver.
ANDROID: input: gpio_matrix: Remove wakelock.h dependencies
ANDROID: input: gpio_input: convert from wakelocks to wakeup sources
ANDROID: input: gpio_event: remove early suspend
ANDROID: input: Generic GPIO Input devices
ANDROID: initramfs: Add skip_initramfs command line option
ANDROID: build: add build server configs for goldfish
ANDROID: goldfish: add ranchu defconfigs
ANDROID: goldfish_sync_timeline: Rename fence to dma_fence
ANDROID: goldfish_sync: 32 max cmds to save stack
ANDROID: goldfish_sync: Fix sync_file_obj is NULL but dereferenced problem
ANDROID: goldfish_sync: Isolate single module to fix compilation
ANDROID: goldfish_sync: upgrade to new fence sync api
ANDROID: goldfish_sync: Add goldfish sync driver
ANDROID: goldfish_audio: Clear audio read buffer status after each read
ANDROID: goldfish_audio: Enable ACPI-based enumeration for goldfish audio
ANDROID: goldfishfb: Set pixclock = 0
ANDROID: goldfishfb: Enable ACPI-based enumeration for goldfish framebuffer
ANDROID: goldfishfb: add devicetree bindings
ANDROID: fs: Fix for in kernel emergency remount when loop mounts are used
ANDROID: fs: Refactor FS readpage/write tracepoints.
ANDROID: fs: FS tracepoints to track IO.
ANDROID: fs: sched: add a counter to track fsync
ANDROID: fs: epoll: use freezable blocking call
ANDROID: fs: ext4: Add support for FIDTRIM, a best-effort ioctl for deep discard trim
ANDROID: fs: fuse: Freeze client on suspend when request sent to userspace
ANDROID: fs: pstore: ram: Add ramoops_console_write_buf api
ANDROID: fs: block_dump: Don't display inode changes if block_dump < 2
ANDROID: dm: verity: add minimum prefetch size
ANDROID: dm: android-verity: mark dev as rw for linear target
ANDROID: dm: android-verity: allow disable dm-verity for Treble VTS
ANDROID: dm: android-verity: fix table_make_digest() error handling
ANDROID: dm: android-verity: rebase for 4.9
ANDROID: dm: android-verity: Remove fec_header location constraint
ANDROID: dm: android-verity: adopt changes made to dm callbacks
ANDROID: dm: android-verity: pack the fec_header structure
ANDROID: dm: android-verity: Verify header before fetching table
ANDROID: dm: android-verity: allow adb disable-verity only in userdebug
ANDROID: dm: android-verity: mount as linear target if eng build
ANDROID: dm: android-verity: use default verity public key
ANDROID: dm: android-verity: fix signature verification flag
ANDROID: dm: android-verity: use name_to_dev_t
ANDROID: dm: android-verity: Mounting root as linear device when verity disabled
ANDROID: dm: android-verity: Add android verity target
ANDROID: dm: do_mounts_dm: Update init/do_mounts_dm.c to the latest ChromiumOS version.
ANDROID: dm: do_mounts_dm: fix dm_substitute_devices()
ANDROID: dm: do_mounts_dm: Rebase on top of 4.9
CHROMIUM: dm: boot time specification of dm=
ANDROID: dm: verity-fec: add sysfs attribute fec/corrected
CHROMIUM: dma-buf: dma-fence: fix warning when releasing active sync point
CHROMIUM: cgroups: relax permissions on moving tasks between cgroups
ANDROID: cpuset: Make cpusets restore on hotplug
ANDROID: cpu: send KOBJ_ONLINE event when enabling cpus
ANDROID: cpuidle: governor: menu: don't use loadavg
ANDROID: binder: clarify deferred thread work.
ANDROID: binder: show high watermark of alloc->pages.
ANDROID: binder: Add thread->process_todo flag.
ANDROID: binder: fix node sched policy calculation
ANDROID: binder: init desired_prio.sched_policy before use it
ANDROID: binder: fix transaction leak.
ANDROID: binder: Add tracing for binder priority inheritance.
ANDROID: binder: don't check prio permissions on restore.
ANDROID: binder: add RT inheritance flag to node.
ANDROID: binder: improve priority inheritance.
ANDROID: binder: add min sched_policy to node.
ANDROID: binder: add support for RT prio inheritance.
ANDROID: ashmem: Shrink directly through shmem_fallocate
ANDROID: ashmem: Add shmem_set_file to mm/shmem.c
ANDROID: fiq_debugger: Remove wakelock.h dependencies
ANDROID: fiq_debugger: Add fiq_debugger.disable option
ANDROID: fiq_debugger: Add option to apply uart overlay by FIQ_DEBUGGER_UART_OVERLAY
ANDROID: fiq_debugger: Add fiq_watchdog_triggered api
ANDROID: fiq_debugger: Call fiq_debugger_printf through a function pointer from cpu specific code
ANDROID: fiq_debugger: add ARM64 support
ANDROID: fiq_debugger: split arm support into fiq_debugger_arm.c
ANDROID: fiq_debugger: use pt_regs for registers
ANDROID: fiq_debugger: allow compiling without CONFIG_FIQ_GLUE
ANDROID: fiq_debugger: rename debug->fiq_debugger
ANDROID: fiq_debugger: move into drivers/staging/android/fiq_debugger/
ANDROID: kdb: support new lines without carriage returns
ANDROID: ARM: fiq_debugger: Update tty code for 3.9
ANDROID: ARM: fiq_debugger: lock between tty and console writes
ANDROID: ARM: fiq_debugger: add process context reboot command
ANDROID: ARM: fiq_debugger: fix multiple consoles and make it a preferred console
ANDROID: ARM: kgdb: ignore breakpoint instructions from user mode
ANDROID: ARM: fiq_debugger: add support for kgdb
ANDROID: ARM: fiq_debugger: add debug_putc
ANDROID: ARM: fiq_debugger: add support for reboot commands
ANDROID: ARM: fiq_debugger: Add generic fiq serial debugger
ANDROID: ARM: fiq_glue: Add custom fiq return handler api.
ANDROID: ARM: fiq_glue: Add fiq_glue
ANDROID: arm64: pass return address to dma_common_contiguous_remap
ANDROID: arm64: check for upper PAGE_SHIFT bits in pfn_valid()
ANDROID: arm: mm: Optionally flush entire dcache from v6_dma_flush_range
ANDROID: arm: decompressor: Flush tlb before swiching domain 0 to client mode
ANDROID: arm: fault: assume no context when IRQs are disabled during data abort.
ANDROID: arm: add option to flush console before reboot
ANDROID: arm64: process: dump memory around registers when displaying regs
ANDROID: arm: process: Add display of memory around registers when displaying regs.
ANDROID: arm64: Allow to choose appended kernel image
ANDROID: arm64: add option to build Image-dtb
ANDROID: arm64: add option to build Image.gz/dtb combo
ANDROID: arm: convert build of appended dtb zImage to list of dtbs
ANDROID: arm: add config option to build zImage/dtb combo
ANDROID: arm: Fix dtb list when DTB_IMAGE_NAMES is empty
ANDROID: arch: force -fno-pic
ANDROID: add script to fetch android kernel config fragments
ANDROID: sched: Calculate energy consumption of sched_group
ANDROID: sched: Highest energy aware balancing sched_domain level pointer
ANDROID: sched: Relocated cpu_util() and change return type
ANDROID: sched: EAS & 'single cpu per cluster'/cpu hotplug interoperability
ANDROID: sched: Introduce SD_SHARE_CAP_STATES sched_domain flag
ANDROID: sched: Initialize energy data structures
ANDROID: sched: Introduce energy data structures
ANDROID: sched: Make energy awareness a sched feature
ANDROID: sched: Documentation for scheduler energy cost model
ANDROID: arm64: Enable dynamic sched_domain flag setting
ANDROID: arm: Enable dynamic sched_domain flag setting
ANDROID: drivers/base/arch_topology: Dynamic sched_domain flag detection
ANDROID: sched/fair: Avoid unnecessary balancing of asymmetric capacity groups
ANDROID: sched: Consider misfit tasks when load-balancing
ANDROID: sched: Add group_misfit_task load-balance type
ANDROID: arm64: wire cpu-invariant accounting support up to the task scheduler
ANDROID: arm64: wire frequency-invariant accounting support up to the task scheduler
ANDROID: arm: wire cpu-invariant accounting support up to the task scheduler
ANDROID: arm: wire frequency-invariant accounting support up to the task scheduler
ANDROID: drivers base/arch_topology: allow inlining cpu-invariant accounting support
ANDROID: drivers base/arch_topology: provide frequency-invariant accounting support
ANDROID: cpufreq: dt: invoke frequency-invariance setter function
ANDROID: cpufreq: arm_big_little: invoke frequency-invariance setter function
ANDROID: cpufreq: provide default frequency-invariance setter function
ANDROID: drivers base/arch_topology: free cpumask cpus_to_visit
ANDROID: sched: Enable idle balance to pull single task towards cpu with higher capacity
ANDROID: sched: Prevent unnecessary active balance of single task in sched group
Conflicts:
Documentation/admin-guide/kernel-parameters.txt
Makefile
arch/arm/configs/ranchu_defconfig
arch/arm64/Kconfig
arch/arm64/Makefile
arch/arm64/boot/Makefile
arch/arm64/configs/ranchu64_defconfig
arch/arm64/kernel/io.c
arch/arm64/kernel/process.c
arch/arm64/mm/dma-mapping.c
arch/x86/configs/i386_ranchu_defconfig
arch/x86/configs/x86_64_ranchu_defconfig
drivers/android/binder.c
drivers/dma-buf/sw_sync.c
drivers/md/Kconfig
drivers/md/dm-android-verity.c
drivers/md/dm-android-verity.h
drivers/md/dm-linear.c
drivers/mmc/core/Kconfig
drivers/mmc/core/mmc.c
drivers/power/supply/power_supply_sysfs.c
drivers/staging/android/fiq_debugger/fiq_debugger.c
drivers/staging/android/fiq_debugger/fiq_debugger_arm64.c
drivers/usb/gadget/Kconfig
drivers/usb/gadget/function/Makefile
include/linux/power_supply.h
init/initramfs.c
kernel/power/suspend.c
kernel/sched/sched.h
net/netfilter/xt_qtaguid.c
arch/arm/kernel/topology.c
arch/arm64/boot/dts/hisilicon/hi6220.dtsi
arch/arm64/kernel/topology.c
drivers/base/arch_topology.c
kernel/sched/fair.c
kernel/sched/features.h
kernel/sched/sched.h
kernel/sched/topology.c
Change-Id: Ib242448f01dae40bff6a4da72aa4619c44663e76
Signed-off-by: Runmin Wang <runminw@codeaurora.org>
|
||
|
Greg Kroah-Hartman
|
81e7d45894 |
This is the 4.14.12 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlpPkFsACgkQONu9yGCS aT69nQ/9Hiz0+pNIaYXVqFIJdY0mDIsbzInW5me5/8o4iZVFSicRuT4Jh6jA4jPx jUBhdRPiscCJ0+K/k+NjPPFVibdBKkp/l6J6yv5ufpVuQdzGrVV+l99qFCdAkxU4 mfpa9VzXD72l//NQNeg+Ik6cR6wKpQJBQnWHy/gSMdaaqRsRbVs1O6DMUixZHXLh jA7omw1OU/B4/EDwQHpZo4pdVcfVonRtvYmxh5e3eTYgZUX87bjBrWOepBDApGnZ GEXUWGniKyrLyrtz6LP3RyavkwpNDdEcWn5nmymUC/7mhJKF9T0AJ+gx0lMXGwfF Bf5sgF3Mxob1mQhLdtX4Gon2FvjK6DTVNydEPEmst2APHQfcxqihkQNyfCKmFKT3 ZDkESf4vET2hL5tM1i/fBV6iZfZwA13EcfeefkWrA2elKYUx/XIRrtJf8BRKE7R8 S64PfK7PR33ceaLITPPUUaGtfhwxLS+zgHoVT+PY5zErAmiFVTAgjE5qB7BtHSxv +Q0esOP9HBxLO1Vjfos9k63weIJ1Ye60+AUzfb8yo5dHFMaY05SwXqUGG/PoMLP+ DCXggTTpEoeNUC0CY7C22NjISgMS6AcA05CN5kKrkTz3tBVhgkLUGIxXY/8gXkim FUkIKHFP6ecif1q7VcC581gk47Y4ZMFFwPCjc/W/EyBfAdEdDcc= =Y7Wx -----END PGP SIGNATURE----- Merge 4.14.12 into android-4.14 Changes in 4.14.12 exec: Weaken dumpability for secureexec capabilities: fix buffer overread on very short xattr x86/cpu, x86/pti: Do not enable PTI on AMD processors x86/pti: Make sure the user/kernel PTEs match x86/dumpstack: Fix partial register dumps x86/dumpstack: Print registers for first stack frame x86/pti: Switch to kernel CR3 at early in entry_SYSCALL_compat() x86/process: Define cpu_tss_rw in same section as declaration Revert "xfrm: Fix stack-out-of-bounds read in xfrm_state_find." rtc: m41t80: m41t80_sqw_set_rate should return 0 on success rtc: m41t80: fix m41t80_sqw_round_rate return value rtc: m41t80: avoid i2c read in m41t80_sqw_recalc_rate rtc: m41t80: avoid i2c read in m41t80_sqw_is_prepared rtc: m41t80: remove unneeded checks from m41t80_sqw_set_rate Linux 4.14.12 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
Eric Biggers
|
df4373c513 |
capabilities: fix buffer overread on very short xattr
commit dc32b5c3e6e2ef29cef76d9ce1b92d394446150e upstream.
If userspace attempted to set a "security.capability" xattr shorter than
4 bytes (e.g. 'setfattr -n security.capability -v x file'), then
cap_convert_nscap() read past the end of the buffer containing the xattr
value because it accessed the ->magic_etc field without verifying that
the xattr value is long enough to contain that field.
Fix it by validating the xattr value size first.
This bug was found using syzkaller with KASAN. The KASAN report was as
follows (cleaned up slightly):
BUG: KASAN: slab-out-of-bounds in cap_convert_nscap+0x514/0x630 security/commoncap.c:498
Read of size 4 at addr ffff88002d8741c0 by task syz-executor1/2852
CPU: 0 PID: 2852 Comm: syz-executor1 Not tainted 4.15.0-rc6-00200-gcc0aac99d977 #253
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.0-20171110_100015-anatol 04/01/2014
Call Trace:
__dump_stack lib/dump_stack.c:17 [inline]
dump_stack+0xe3/0x195 lib/dump_stack.c:53
print_address_description+0x73/0x260 mm/kasan/report.c:252
kasan_report_error mm/kasan/report.c:351 [inline]
kasan_report+0x235/0x350 mm/kasan/report.c:409
cap_convert_nscap+0x514/0x630 security/commoncap.c:498
setxattr+0x2bd/0x350 fs/xattr.c:446
path_setxattr+0x168/0x1b0 fs/xattr.c:472
SYSC_setxattr fs/xattr.c:487 [inline]
SyS_setxattr+0x36/0x50 fs/xattr.c:483
entry_SYSCALL_64_fastpath+0x18/0x85
Fixes: 8db6c34f1dbc ("Introduce v3 namespaced file capabilities")
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Serge Hallyn <serge@hallyn.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||
|
Greg Kroah-Hartman
|
51caa5cc80 |
This is the 4.14.11 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlpL3gcACgkQONu9yGCS aT5Mtg//ZLHXxfOvt7JDOBw1iWR/ysgrS/8p2ora3zjGUCtsYSkGqRmRrAj9CiFD ihbb8pGvdDu4JzOVJxIbT6hLBcK93RqeYVlK4qm5G3ja4ddik3Y9Ue0JkjqWbBDD 4BNGdixwlOEA5EhCBsZTESFDReox9sg4eUcw5X2bDKoo3in3ZSWVtzmGw6lqgSj3 c7HkScjc2aqp8rs1hKwkwfjfhF3uT7qqOmcNopoTJmwyoritC8bcRtAukqKP+eQR vXp15vApC0IpBwU7iChAAl165looT9PjRMvPOwkORkBnWf7H1Y2weOk2hE4LF1yy 2zdM3b1qqEsjpKi1N8Pin70RyNxjTr8OOhEBdIwl/FrJ02lKsCxKXig0UsFL0Skj lfQWyyg5qkkK4TK/F36f6RrqatN74O3nuPGcRG+vldHcP/sangKF09/+a3pDW0oZ Kvi7HLSscZsuSD1VMIzf/+9PgrR5gSmlpe8G/3SHsShxfO2P21WUkOX1nmpciAd2 VFm6BvPmmW6Rm/GKkf1vl/a/X9HtrQeCkmsYVlSxGLJ6smnoXLzkNHcqb8Jhnoh8 xKgdrUXqp0Om10hLty2dNzwoaSOKo93eq2fxlftT5lKazxBYAVUZg4tW5LppYZeK kKBTycrFxxt9UFJ8NP9zMPIsleuOeItWzMnNExncVHlxdu+fjbQ= =EJtN -----END PGP SIGNATURE----- Merge 4.14.11 into android-4.14 Changes in 4.14.11 tracing: Remove extra zeroing out of the ring buffer page tracing: Fix possible double free on failure of allocating trace buffer tracing: Fix crash when it fails to alloc ring buffer x86/cpufeatures: Add X86_BUG_CPU_INSECURE x86/mm/pti: Disable global pages if PAGE_TABLE_ISOLATION=y x86/mm/pti: Prepare the x86/entry assembly code for entry/exit CR3 switching x86/mm/pti: Add infrastructure for page table isolation x86/pti: Add the pti= cmdline option and documentation x86/mm/pti: Add mapping helper functions x86/mm/pti: Allow NX poison to be set in p4d/pgd x86/mm/pti: Allocate a separate user PGD x86/mm/pti: Populate user PGD x86/mm/pti: Add functions to clone kernel PMDs x86/mm/pti: Force entry through trampoline when PTI active x86/mm/pti: Share cpu_entry_area with user space page tables x86/entry: Align entry text section to PMD boundary x86/mm/pti: Share entry text PMD x86/mm/pti: Map ESPFIX into user space x86/cpu_entry_area: Add debugstore entries to cpu_entry_area x86/events/intel/ds: Map debug buffers in cpu_entry_area x86/mm/64: Make a full PGD-entry size hole in the memory map x86/pti: Put the LDT in its own PGD if PTI is on x86/pti: Map the vsyscall page if needed x86/mm: Allow flushing for future ASID switches x86/mm: Abstract switching CR3 x86/mm: Use/Fix PCID to optimize user/kernel switches x86/mm: Optimize RESTORE_CR3 x86/mm: Use INVPCID for __native_flush_tlb_single() x86/mm: Clarify the whole ASID/kernel PCID/user PCID naming x86/dumpstack: Indicate in Oops whether PTI is configured and enabled x86/mm/pti: Add Kconfig x86/mm/dump_pagetables: Add page table directory to the debugfs VFS hierarchy x86/mm/dump_pagetables: Check user space page table for WX pages x86/mm/dump_pagetables: Allow dumping current pagetables x86/ldt: Make the LDT mapping RO ring-buffer: Mask out the info bits when returning buffer page length ring-buffer: Do no reuse reader page if still in use iw_cxgb4: Only validate the MSN for successful completions ASoC: codecs: msm8916-wcd: Fix supported formats ASoC: wm_adsp: Fix validation of firmware and coeff lengths ASoC: da7218: fix fix child-node lookup ASoC: fsl_ssi: AC'97 ops need regmap, clock and cleaning up on failure ASoC: twl4030: fix child-node lookup ASoC: tlv320aic31xx: Fix GPIO1 register definition gpio: fix "gpio-line-names" property retrieval IB/hfi: Only read capability registers if the capability exists IB/mlx5: Serialize access to the VMA list IB/uverbs: Fix command checking as part of ib_uverbs_ex_modify_qp() IB/core: Verify that QP is security enabled in create and destroy ALSA: hda: Drop useless WARN_ON() ALSA: hda - Add MIC_NO_PRESENCE fixup for 2 HP machines ALSA: hda - change the location for one mic on a Lenovo machine ALSA: hda - fix headset mic detection issue on a Dell machine ALSA: hda - Fix missing COEF init for ALC225/295/299 cpufreq: schedutil: Use idle_calls counter of the remote CPU block: fix blk_rq_append_bio block: don't let passthrough IO go into .make_request_fn() kbuild: add '-fno-stack-check' to kernel build options ipv4: igmp: guard against silly MTU values ipv6: mcast: better catch silly mtu values net: fec: unmap the xmit buffer that are not transferred by DMA net: igmp: Use correct source address on IGMPv3 reports netlink: Add netns check on taps net: qmi_wwan: add Sierra EM7565 1199:9091 net: reevalulate autoflowlabel setting after sysctl setting ptr_ring: add barriers RDS: Check cmsg_len before dereferencing CMSG_DATA tcp_bbr: record "full bw reached" decision in new full_bw_reached bit tcp md5sig: Use skb's saddr when replying to an incoming segment tg3: Fix rx hang on MTU change with 5717/5719 tcp_bbr: reset full pipe detection on loss recovery undo tcp_bbr: reset long-term bandwidth sampling on loss recovery undo s390/qeth: apply takeover changes when mode is toggled s390/qeth: don't apply takeover changes to RXIP s390/qeth: lock IP table while applying takeover changes s390/qeth: update takeover IPs after configuration change net: ipv4: fix for a race condition in raw_sendmsg net: mvmdio: disable/unprepare clocks in EPROBE_DEFER case sctp: Replace use of sockets_allocated with specified macro. adding missing rcu_read_unlock in ipxip6_rcv ip6_gre: fix device features for ioctl setup ipv4: Fix use-after-free when flushing FIB tables net: bridge: fix early call to br_stp_change_bridge_id and plug newlink leaks net: Fix double free and memory corruption in get_net_ns_by_id() net: phy: micrel: ksz9031: reconfigure autoneg after phy autoneg workaround sock: free skb in skb_complete_tx_timestamp on error tcp: invalidate rate samples during SACK reneging net/mlx5: Fix rate limit packet pacing naming and struct net/mlx5e: Fix possible deadlock of VXLAN lock net/mlx5e: Fix features check of IPv6 traffic net/mlx5e: Add refcount to VXLAN structure net/mlx5e: Prevent possible races in VXLAN control flow net/mlx5: Fix error flow in CREATE_QP command openvswitch: Fix pop_vlan action for double tagged frames sfc: pass valid pointers from efx_enqueue_unwind net: dsa: bcm_sf2: Clear IDDQ_GLOBAL_PWR bit for PHY s390/qeth: fix error handling in checksum cmd callback sctp: make sure stream nums can match optlen in sctp_setsockopt_reset_streams tipc: fix hanging poll() for stream sockets mlxsw: spectrum: Disable MAC learning for ovs port tcp: fix potential underestimation on rcv_rtt net: phy: marvell: Limit 88m1101 autoneg errata to 88E1145 as well. ipv6: Honor specified parameters in fibmatch lookup tcp: refresh tcp_mstamp from timers callbacks net/mlx5: FPGA, return -EINVAL if size is zero vxlan: restore dev->mtu setting based on lower device net: sched: fix static key imbalance in case of ingress/clsact_init error bnxt_en: Fix sources of spurious netpoll warnings phylink: ensure the PHY interface mode is appropriately set phylink: ensure AN is enabled ipv4: fib: Fix metrics match when deleting a route ipv6: set all.accept_dad to 0 by default Revert "mlx5: move affinity hints assignments to generic code" skbuff: orphan frags before zerocopy clone skbuff: skb_copy_ubufs must release uarg even without user frags skbuff: in skb_copy_ubufs unclone before releasing zerocopy sparc64: repair calling incorrect hweight function from stubs usbip: fix usbip bind writing random string after command in match_busid usbip: prevent leaking socket pointer address in messages usbip: stub: stop printing kernel pointer addresses in messages usbip: vhci: stop printing kernel pointer addresses in messages USB: chipidea: msm: fix ulpi-node lookup USB: serial: ftdi_sio: add id for Airbus DS P8GR USB: serial: qcserial: add Sierra Wireless EM7565 USB: serial: option: add support for Telit ME910 PID 0x1101 USB: serial: option: adding support for YUGA CLM920-NC5 usb: Add device quirk for Logitech HD Pro Webcam C925e usb: add RESET_RESUME for ELSA MicroLink 56K USB: Fix off by one in type-specific length check of BOS SSP capability usb: xhci: Add XHCI_TRUST_TX_LENGTH for Renesas uPD720201 timers: Use deferrable base independent of base::nohz_active timers: Invoke timer_start_debug() where it makes sense timers: Reinitialize per cpu bases on hotplug binder: fix proc->files use-after-free phy: tegra: fix device-tree node lookups drivers: base: cacheinfo: fix cache type for non-architected system cache staging: android: ion: Fix dma direction for dma_sync_sg_for_cpu/device nohz: Prevent a timer interrupt storm in tick_nohz_stop_sched_tick() x86/smpboot: Remove stale TLB flush invocations x86/mm: Remove preempt_disable/enable() from __native_flush_tlb() x86-32: Fix kexec with stack canary (CONFIG_CC_STACKPROTECTOR) x86/espfix/64: Fix espfix double-fault handling on 5-level systems x86/ldt: Plug memory leak in error path x86/ldt: Make LDT pgtable free conditional n_tty: fix EXTPROC vs ICANON interaction with TIOCINQ (aka FIONREAD) tty: fix tty_ldisc_receive_buf() documentation Linux 4.14.11 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Greg Kroah-Hartman
|
20f3b53781 |
This is the 4.14.6 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAloyPAUACgkQONu9yGCS aT4/Zw/8CECy8ywQzB3ezK1K0PmzPfiko2nyf0Gn7UQDz6mYooIvI9yjliGeQqGk VlOP0kAGhJrUTHupfq5XZW3jrg5PZ4TFvR/4PkmuAZh9OdtPOW5XA6kw6EytSdyL GlYc67m67y2T06I6txjW+gloUdAWHMUf0UCjK8PpYHjbosY4VdRtfMiofojyFHLe 8fmfCvj2zt5Asm/nZbLgrnLrSdtvdj2XdTgNZ7Rtkdv0ae+a0/o+BcxQoF4YwLid 2lnklkQagg8ArdrZJep520PEjAyAQC7fU52y9jnv5MCye9QBKyCymQv3Lv/oXmwF F6BmZaGgmuEZQ8E5OsvmUxDpkU4VHzQEtbuq6KpwFMWIBzws4vAo4+JE3Al2JMtl GXzbxOk7vdmrKwX9HO7LMm32jJUcHDprbX6qH3Deg8H5F0vCYt9+GsLjj4+hYV52 ZepqEjir7PwBiBHcQwYiTrZyB9msGVZN7g9aYdWT/QFAqWMpcxb5aS6kIre/fsLs zMCvURFh9RTjOxdNn7ZxO2QF/EwfwL3Z6rlkiXIV/of7QRks+xWIK8FDZbPngCKq OUvjmFzyNQfMQtBnkY7OsdgfyP5lDsGSLT1YrWXz3KYT+akaFY16MUzOUE8Cstnj 5PPzL3vdYv/7nzS2iGdtuht5He35nOlAr9gWZbjTVY9dGESXq/A= =qUfs -----END PGP SIGNATURE----- Merge 4.14.6 into android-4.14 Changes in 4.14.6 usb: gadget: udc: renesas_usb3: fix number of the pipes usb: gadget: core: Fix ->udc_set_speed() speed handling serdev: ttyport: add missing receive_buf sanity checks serdev: ttyport: fix NULL-deref on hangup serdev: ttyport: fix tty locking in close usb: f_fs: Force Reserved1=1 in OS_DESC_EXT_COMPAT can: mcba_usb: fix device disconnect bug can: peak/pci: fix potential bug when probe() fails can: flexcan: fix VF610 state transition issue can: ti_hecc: Fix napi poll return value for repoll can: kvaser_usb: free buf in error paths can: kvaser_usb: Fix comparison bug in kvaser_usb_read_bulk_callback() can: kvaser_usb: ratelimit errors if incomplete messages are received can: kvaser_usb: cancel urb on -EPIPE and -EPROTO can: mcba_usb: cancel urb on -EPROTO can: ems_usb: cancel urb on -EPIPE and -EPROTO can: esd_usb2: cancel urb on -EPIPE and -EPROTO can: usb_8dev: cancel urb on -EPIPE and -EPROTO can: peak/pcie_fd: fix potential bug in restarting tx queue virtio: release virtio index when fail to device_register iio: stm32: fix adc/trigger link error iio: health: max30102: Temperature should be in milli Celsius iio: adc: cpcap: fix incorrect validation iio: adc: meson-saradc: fix the bit_idx of the adc_en clock iio: adc: meson-saradc: initialize the bandgap correctly on older SoCs iio: adc: meson-saradc: Meson8 and Meson8b do not have REG11 and REG13 pinctrl: armada-37xx: Fix direction_output() callback behavior Drivers: hv: vmbus: Fix a rescind issue hv: kvp: Avoid reading past allocated blocks from KVP file firmware: cleanup FIRMWARE_IN_KERNEL message firmware: vpd: Destroy vpd sections in remove function firmware: vpd: Tie firmware kobject to device lifetime firmware: vpd: Fix platform driver and device registration/unregistration isa: Prevent NULL dereference in isa_bus driver callbacks scsi: dma-mapping: always provide dma_get_cache_alignment scsi: use dma_get_cache_alignment() as minimum DMA alignment scsi: libsas: align sata_device's rps_resp on a cacheline efi: Move some sysfs files to be read-only by root efi/esrt: Use memunmap() instead of kfree() to free the remapping ASN.1: fix out-of-bounds read when parsing indefinite length item ASN.1: check for error from ASN1_OP_END__ACT actions KEYS: add missing permission check for request_key() destination KEYS: reject NULL restriction string when type is specified X.509: reject invalid BIT STRING for subjectPublicKey X.509: fix comparisons of ->pkey_algo x86/idt: Load idt early in start_secondary x86/PCI: Make broadcom_postcore_init() check acpi_disabled KVM: x86: fix APIC page invalidation btrfs: fix missing error return in btrfs_drop_snapshot btrfs: handle errors while updating refcounts in update_ref_for_cow ALSA: hda/realtek - New codec support for ALC257 ALSA: pcm: prevent UAF in snd_pcm_info ALSA: seq: Remove spurious WARN_ON() at timer check ALSA: usb-audio: Fix out-of-bound error ALSA: usb-audio: Add check return value for usb_string() iommu/vt-d: Fix scatterlist offset handling smp/hotplug: Move step CPUHP_AP_SMPCFD_DYING to the correct place s390: always save and restore all registers on context switch s390/mm: fix off-by-one bug in 5-level page table handling s390: fix compat system call table KVM: s390: Fix skey emulation permission check Revert "powerpc: Do not call ppc_md.panic in fadump panic notifier" powerpc/64s: Initialize ISAv3 MMU registers before setting partition table iwlwifi: mvm: mark MIC stripped MPDUs iwlwifi: mvm: don't use transmit queue hang detection when it is not possible iwlwifi: mvm: flush queue before deleting ROC iwlwifi: add new cards for 9260 and 22000 series iwlwifi: mvm: fix packet injection iwlwifi: mvm: enable RX offloading with TKIP and WEP brcmfmac: change driver unbind order of the sdio function devices kdb: Fix handling of kallsyms_symbol_next() return value md/r5cache: move mddev_lock() out of r5c_journal_mode_set() drm/bridge: analogix dp: Fix runtime PM state in get_modes() callback drm/exynos: gem: Drop NONCONTIG flag for buffers allocated without IOMMU drm/i915: Fix vblank timestamp/frame counter jumps on gen2 media: dvb: i2c transfers over usb cannot be done from stack media: rc: sir_ir: detect presence of port media: rc: partial revert of "media: rc: per-protocol repeat period" arm64: KVM: fix VTTBR_BADDR_MASK BUG_ON off-by-one arm: KVM: Fix VTTBR_BADDR_MASK BUG_ON off-by-one KVM: VMX: remove I/O port 0x80 bypass on Intel hosts KVM: arm/arm64: Fix broken GICH_ELRSR big endian conversion KVM: arm/arm64: vgic-irqfd: Fix MSI entry allocation KVM: arm/arm64: vgic: Preserve the revious read from the pending table KVM: arm/arm64: vgic-its: Check result of allocation before use arm64: fpsimd: Prevent registers leaking from dead tasks arm64: SW PAN: Point saved ttbr0 at the zero page when switching to init_mm arm64: SW PAN: Update saved ttbr0 value on enter_lazy_tlb Revert "ARM: dts: imx53: add srtc node" bus: arm-cci: Fix use of smp_processor_id() in preemptible context bus: arm-ccn: Check memory allocation failure bus: arm-ccn: Fix use of smp_processor_id() in preemptible context bus: arm-ccn: fix module unloading Error: Removing state 147 which has instances left. IB/core: Avoid unnecessary return value check IB/core: Only enforce security for InfiniBand crypto: talitos - fix AEAD test failures crypto: talitos - fix memory corruption on SEC2 crypto: talitos - fix setkey to check key weakness crypto: talitos - fix AEAD for sha224 on non sha224 capable chips crypto: talitos - fix use of sg_link_tbl_len crypto: talitos - fix ctr-aes-talitos ARM: BUG if jumping to usermode address in kernel mode ARM: avoid faulting on qemu irqchip/qcom: Fix u32 comparison with value less than zero net/smc: use sk_rcvbuf as start for rmb creation kbuild: pkg: use --transform option to prefix paths in tar coccinelle: fix parallel build with CHECK=scripts/coccicheck powerpc/perf: Fix pmu_count to count only nest imc pmus apparmor: fix leak of null profile name if profile allocation fails x86/mpx/selftests: Fix up weird arrays mac80211_hwsim: Fix memory leak in hwsim_new_radio_nl() gre6: use log_ecn_error module parameter in ip6_tnl_rcv() route: also update fnhe_genid when updating a route cache route: update fnhe_expires for redirect when the fnhe exists rsi: fix memory leak on buf and usb_reg_buf drivers/rapidio/devices/rio_mport_cdev.c: fix resource leak in error handling path in 'rio_dma_transfer()' pipe: match pipe_max_size data type with procfs lib/genalloc.c: make the avail variable an atomic_long_t dynamic-debug-howto: fix optional/omitted ending line number to be LARGE instead of 0 NFS: Fix a typo in nfs_rename() sunrpc: Fix rpc_task_begin trace point nfp: inherit the max_mtu from the PF netdev nfp: fix flower offload metadata flag usage xfs: fix forgotten rcu read unlock when skipping inode reclaim dt-bindings: usb: fix reg-property port-number range block: wake up all tasks blocked in get_request() sparc64/mm: set fields in deferred pages zsmalloc: calling zs_map_object() from irq is a bug slub: fix sysfs duplicate filename creation when slub_debug=O sctp: do not free asoc when it is already dead in sctp_sendmsg sctp: use the right sk after waking up from wait_buf sleep fcntl: don't leak fd reference when fixup_compat_flock fails geneve: fix fill_info when link down bpf: fix lockdep splat clk: stm32h7: fix test of clock config clk: sunxi-ng: a83t: Fix i2c buses bits clk: qcom: common: fix legacy board-clock registration clk: uniphier: fix DAPLL2 clock rate of Pro5 clk: hi3660: fix incorrect uart3 clock freqency mailbox: mailbox-test: don't rely on rx_buffer content to signal data ready kbuild: rpm-pkg: fix jobserver unavailable warning atm: horizon: Fix irq release error jump_label: Invoke jump_label_test() via early_initcall() tls: Use kzalloc for aead_request allocation xfrm: Copy policy family in clone_policy f2fs: fix to clear FI_NO_PREALLOC bnxt_re: changing the ip address shouldn't affect new connections IB/mlx4: Increase maximal message size under UD QP IB/mlx5: Assign send CQ and recv CQ of UMR QP afs: Fix total-length calculation for multiple-page send afs: Connect up the CB.ProbeUuid Linux 4.14.6 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Greg Kroah-Hartman
|
0730eb4486 |
This is the 4.14.5 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlotK00ACgkQONu9yGCS aT4VoxAAxVKwGkMDtfw0TKTXOCkF3XSrq6H8+JEpsq94wvQAUzao1wAp/jptEO78 OWpnxqoMrjfCHmo/qOaK3RzyzfGbYOI/vcXtMe+00vF8JTrJf6BxiPeZglz/0GFq 5H3Uyk+7yIMMcyl8MfB5HAcmc53DcOESDEXaMmi2Cibsetn/ubZDrStoTQMza+/q tLIyT2gqMDaUGFexB2bFQGVlBTC7KfXQu3k3DzO7LqkJ+lgL4vWd64mX/PwhjfCL ZnlAlILKZEx+3xmMhCrzm1BLShdgSf+Uyetu1fuozog3guJsV+4gL7NBB4F/kW/l peb737yniAeAxWqB8X9woqHTPLzsFHBYVKK8hlmXy8l2753sCVm762b7ZorM94vU Muavxs1CU5Pl/t9EIERomfJpbNswR6345jV6tWNhjLL9pvzLKU+c4cMvxNwgy7ny bvHqbnnxXOU2Aztjp2HLo83e3UJwkc3vucsIzTJKrEQRUj4j5vdP9WJ4PQPUc1F3 EkddgswICc5BZuDBhBkc+zdrjU8uf93V84z51DsZxkD/jj+SWDjgDJyME2UBFqff KGEHYXnDTJYRxfTcvUOB5/6XDFsQQLvxRKO3sWrDg7T8k1T3HFRjseYbhTo0Kv4n aZ/HHjvTDaSf7Z+wZx0ySy8rxiZcSE2c6J72Qxmadf123YUgLEI= =kRA1 -----END PGP SIGNATURE----- Merge 4.14.5 into android-4.14 Changes in 4.14.5 drm/fsl-dcu: avoid disabling pixel clock twice on suspend drm/fsl-dcu: enable IRQ before drm_atomic_helper_resume() drm/amdgpu: Use unsigned ring indices in amdgpu_queue_mgr_map s390/runtime instrumentation: simplify task exit handling usbip: fix usbip attach to find a port that matches the requested speed usbip: Fix USB device hang due to wrong enabling of scatter-gather uas: Always apply US_FL_NO_ATA_1X quirk to Seagate devices usb: quirks: Add no-lpm quirk for KY-688 USB 3.1 Type-C Hub serial: 8250_pci: Add Amazon PCI serial device ID ANDROID: binder: fix transaction leak. USB: serial: option: add Quectel BG96 id USB: serial: usb_debug: add new USB device id serial: 8250_early: Only set divisor if valid clk & baud MIPS: Add custom serial.h with BASE_BAUD override for generic kernel ima: fix hash algorithm initialization s390: vfio-ccw: Do not attempt to free no-op, test and tic cda. PM / Domains: Fix genpd to deal with drivers returning 1 from ->prepare() s390/pci: do not require AIS facility selftests/x86/ldt_get: Add a few additional tests for limits selftests/x86/ldt_gdt: Robustify against set_thread_area() and LAR oddities staging: greybus: loopback: Fix iteration count on async path m68k: fix ColdFire node shift size calculation serial: 8250_fintek: Fix rs485 disablement on invalid ioctl() staging: rtl8822be: fix wrong dma unmap len staging: rtl8188eu: avoid a null dereference on pmlmepriv spi: sh-msiof: Fix DMA transfer size check spi: spi-axi: fix potential use-after-free after deregistration mmc: tmio: check mmc_regulator_get_supply return value mmc: sdhci-msm: fix issue with power irq hwmon: (pmbus/core) Prevent unintentional setting of page to 0xFF perf/core: Fix __perf_read_group_add() locking usb: phy: tahvo: fix error handling in tahvo_usb_probe() PCI: dra7xx: Create functional dependency between PCIe and PHY x86/intel_rdt: Initialize bitmask of shareable resource if CDP enabled x86/intel_rdt: Fix potential deadlock during resctrl mount serial: 8250: Preserve DLD[7:4] for PORT_XR17V35X kprobes: Use synchronize_rcu_tasks() for optprobe with CONFIG_PREEMPT=y x86/entry: Use SYSCALL_DEFINE() macros for sys_modify_ldt() clocksource/drivers/arm_arch_timer: Validate CNTFRQ after enabling frame dt-bindings: timer: renesas, cmt: Fix SoC-specific compatible values EDAC, sb_edac: Fix missing break in switch usb: mtu3: fix error return code in ssusb_gadget_init() staging: fsl-dpaa2/eth: Account for Rx FD buffers on error path staging: rtl8822be: Keep array subscript no lower than zero ARM: cpuidle: Correct driver unregistration if init fails usb: xhci: Return error when host is dead in xhci_disable_slot() sysrq : fix Show Regs call trace on ARM serial: sh-sci: suppress warning for ports without dma channels usbip: tools: Install all headers needed for libusbip development serial: imx: Update cached mctrl value when changing RTS staging: fsl-mc/dpio: Fix incorrect comparison perf test attr: Fix ignored test case result perf test attr: Fix python error on empty result kprobes/x86: Disable preemption in ftrace-based jprobes locking/refcounts, x86/asm: Use unique .text section for refcount exceptions s390/ptrace: fix guarded storage regset handling tools include: Do not use poison with C++ perf tools: Fix leaking rec_argv in error cases mm, x86/mm: Fix performance regression in get_user_pages_fast() iio: adc: ti-ads1015: add 10% to conversion wait time iio: multiplexer: add NULL check on devm_kzalloc() and devm_kmemdup() return values locking/refcounts, x86/asm: Enable CONFIG_ARCH_HAS_REFCOUNT powerpc/jprobes: Disable preemption when triggered through ftrace powerpc/kprobes: Disable preemption before invoking probe handler for optprobes dma-buf/sw_sync: force signal all unsignaled fences on dying timeline staging: ccree: fix leak of import() after init() usb: hub: Cycle HUB power when initialization fails USB: ulpi: fix bus-node lookup xhci: Don't show incorrect WARN message about events for empty rings usb: xhci: fix panic in xhci_free_virt_devices_depth_first USB: core: Add type-specific length check of BOS descriptors USB: usbfs: Filter flags passed in from user space usb: host: fix incorrect updating of offset locking/refcounts: Do not force refcount_t usage as GPL-only export Linux 4.14.5 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Greg Kroah-Hartman
|
c5c36272cd |
This is the 4.14.4 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAlomdF8ACgkQONu9yGCS aT668xAAtbsoX6y/g11RT5/DsBoeIYgvNTzfcU3dGJC2/1rEx+pBOLFkGVNcK7nR wXD/DUFHWQRSsynke+gP8mjmWsRxwmoo0bv04eZ3Xdf8GGAVKIJQjUXV5jXOCPtw fMWshZkQlM11aus/bxEW0H7vqBK4DBLoYJ7H21i5SKkWubyUmDV6rX0So1w6sKYo RSvVG1MTkLjRSrSStgBKTBMoOdj6PfCKcQRmaqjPNZRP2+uqD+8NuUlbMZijxuYw U3lhXv8czRt0NSyA3pc9ucFR6DwAvc6VgVRvLec1+XzKHlvmCgBo9Tmsq5DcfT1B 9owFlS53yzyEMk8o7FYznX5rDd32MBIejjAgpCKyXxurkv58NiwSs6VJIzHcNHJK 2xc1nmZH8wIrUaYo7ecq6e7hN+TMvPK9wWyhsKauiofaJUY4c7pI2Qb37ddNPxpE 11j3Vb0OlqxK3rAc+ElDmTe6GZ3rd2hLZU6nyPIqIWOrwgXf2zlB5X9ytZzR4gMi rZrzDyKNO3lRNhteb5qzGzT6bH5wMvDZUp6DhviSBd4FVSXfTT53AEDoYgk9OLE2 rhaMVTu4zgRQi7AvM1PRyiVisQHwnXQUU6pGiXDWltFJMz9uPvHmMT8iZlCODePG 3x/Hj4ZAXHARNKkDQCwvPz3zWffwugRdXzMiPN1oyDzxgzQuC/c= =bxe4 -----END PGP SIGNATURE----- Merge 4.14.4 into android-4.14 Changes in 4.14.4 platform/x86: hp-wmi: Fix tablet mode detection for convertibles mm, memory_hotplug: do not back off draining pcp free pages from kworker context mm, oom_reaper: gather each vma to prevent leaking TLB entry mm, thp: Do not make page table dirty unconditionally in touch_p[mu]d() mm/cma: fix alloc_contig_range ret code/potential leak mm: fix device-dax pud write-faults triggered by get_user_pages() mm, hugetlbfs: introduce ->split() to vm_operations_struct device-dax: implement ->split() to catch invalid munmap attempts mm: introduce get_user_pages_longterm mm: fail get_vaddr_frames() for filesystem-dax mappings v4l2: disable filesystem-dax mapping support IB/core: disable memory registration of filesystem-dax vmas exec: avoid RLIMIT_STACK races with prlimit() mm/madvise.c: fix madvise() infinite loop under special circumstances mm: migrate: fix an incorrect call of prep_transhuge_page() mm, memcg: fix mem_cgroup_swapout() for THPs fs/fat/inode.c: fix sb_rdonly() change autofs: revert "autofs: take more care to not update last_used on path walk" autofs: revert "autofs: fix AT_NO_AUTOMOUNT not being honored" mm/hugetlb: fix NULL-pointer dereference on 5-level paging machine btrfs: clear space cache inode generation always nfsd: Fix stateid races between OPEN and CLOSE nfsd: Fix another OPEN stateid race nfsd: fix panic in posix_unblock_lock called from nfs4_laundromat crypto: algif_aead - skip SGL entries with NULL page crypto: af_alg - remove locking in async callback crypto: skcipher - Fix skcipher_walk_aead_common lockd: lost rollback of set_grace_period() in lockd_down_net() s390: revert ELF_ET_DYN_BASE base changes drm: omapdrm: Fix DPI on platforms using the DSI VDDS omapdrm: hdmi4: Correct the SoC revision matching apparmor: fix oops in audit_signal_cb hook arm64: module-plts: factor out PLT generation code for ftrace arm64: ftrace: emit ftrace-mod.o contents through code powerpc/powernv: Fix kexec crashes caused by tlbie tracing powerpc/kexec: Fix kexec/kdump in P9 guest kernels KVM: x86: pvclock: Handle first-time write to pvclock-page contains random junk KVM: x86: Exit to user-mode on #UD intercept when emulator requires KVM: x86: inject exceptions produced by x86_decode_insn KVM: lapic: Split out x2apic ldr calculation KVM: lapic: Fixup LDR on load in x2apic mmc: sdhci: Avoid swiotlb buffer being full mmc: block: Fix missing blk_put_request() mmc: block: Check return value of blk_get_request() mmc: core: Do not leave the block driver in a suspended state mmc: block: Ensure that debugfs files are removed mmc: core: prepend 0x to pre_eol_info entry in sysfs mmc: core: prepend 0x to OCR entry in sysfs ACPI / EC: Fix regression related to PM ops support in ECDT device eeprom: at24: fix reading from 24MAC402/24MAC602 eeprom: at24: correctly set the size for at24mac402 eeprom: at24: check at24_read/write arguments i2c: i801: Fix Failed to allocate irq -2147483648 error cxl: Check if vphb exists before iterating over AFU devices bcache: Fix building error on MIPS bcache: only permit to recovery read error when cache device is clean bcache: recover data from backing when data is clean hwmon: (jc42) optionally try to disable the SMBUS timeout nvme-pci: add quirk for delay before CHK RDY for WDC SN200 Revert "drm/radeon: dont switch vt on suspend" drm/amdgpu: potential uninitialized variable in amdgpu_vce_ring_parse_cs() drm/amdgpu: Potential uninitialized variable in amdgpu_vm_update_directories() drm/amdgpu: correct reference clock value on vega10 drm/amdgpu: fix error handling in amdgpu_bo_do_create drm/amdgpu: Properly allocate VM invalidate eng v2 drm/amdgpu: Remove check which is not valid for certain VBIOS drm/ttm: fix ttm_bo_cleanup_refs_or_queue once more dma-buf: make reservation_object_copy_fences rcu save drm/amdgpu: reserve root PD while releasing it drm/ttm: Always and only destroy bo->ttm_resv in ttm_bo_release_list drm/vblank: Fix flip event vblank count drm/vblank: Tune drm_crtc_accurate_vblank_count() WARN down to a debug drm/tilcdc: Precalculate total frametime in tilcdc_crtc_set_mode() drm/radeon: fix atombios on big endian drm/panel: simple: Add missing panel_simple_unprepare() calls drm/hisilicon: Ensure LDI regs are properly configured. drm/ttm: once more fix ttm_buffer_object_transfer drm/amd/pp: fix typecast error in powerplay. drm/fb_helper: Disable all crtc's when initial setup fails. drm/fsl-dcu: Don't set connector DPMS property drm/edid: Don't send non-zero YQ in AVI infoframe for HDMI 1.x sinks drm/amdgpu: move UVD/VCE and VCN structure out from union drm/amdgpu: Set adev->vcn.irq.num_types for VCN include/linux/compiler-clang.h: handle randomizable anonymous structs IB/core: Do not warn on lid conversions for OPA IB/hfi1: Do not warn on lid conversions for OPA e1000e: fix the use of magic numbers for buffer overrun issue md: forbid a RAID5 from having both a bitmap and a journal. drm/i915: Fix false-positive assert_rpm_wakelock_held in i915_pmic_bus_access_notifier v2 drm/i915: Re-register PMIC bus access notifier on runtime resume drm/i915/fbdev: Serialise early hotplug events with async fbdev config drm/i915/gvt: Correct ADDR_4K/2M/1G_MASK definition drm/i915: Don't try indexed reads to alternate slave addresses drm/i915: Prevent zero length "index" write Revert "x86/entry/64: Add missing irqflags tracing to native_load_gs_index()" Linux 4.14.4 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
|
Greg Kroah-Hartman
|
fbbc906cb4 |
This is the 4.14.2 stable release
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEZH8oZUiU471FcZm+ONu9yGCSaT4FAloXzCIACgkQONu9yGCS aT4PjRAAv+4V+QToo6x0P/xo0B6Bwkary9XdiZd+ae9kaJ9SD+AExtvAXaBN2zEC Imm+D9a9Z73LmbsYI4e6ASJ6h1bbo0jEGeUOCRWImigxawfLvPjJtPPXC4j+LaTJ YxNCES40SeogeiA+gHKg0RXHdg08xGuBMncBZHG+yXom2bJ9b7Y5AQzy0H08L6Yq dixKoBci6kM65NaYEbaquVOUkYUvUazBdpe+pVnRzMh5WrY9V+iV1MuEt7PcQApQ ar9Y+4Tlgvpf4v5a4TEmk1v98RhAbQd2meY0mVzrDUX/TFldndxpZaTahK25oGDv BbS04ToyIrxp3Oyi8EzlLOiK477iZNUXkHquLx7xUC8meJkxPHFE3gk/QYtuCEKC YAA1Y6VXJ4VGJPzabcuoX9Do7PcxTtqr0eD6unAj6v1pmDx60svHOpm6AF2gpMdN HlEitjLoSK6mcun0rwvjCSkAnn5rTevxEsTeJEoaRC+4qySQpwfgPImzN/KJ/FGB eff/Mlx28t0/Y4GA+08UGkwhEMnwomIcSOxAvkDmDb0OU+lUKMgIepiSSpc/XkI5 4oFgeVSSKelYeEAKWhEi6q2z8ytqY2tDStFFiM/Azi32RwXdXqs2WwnQkAIVBVoU 2EUMWg8BFRirix/XUoegmKOoWHQdEzPDcCwka0nKTvBOkJHBrco= =/dos -----END PGP SIGNATURE----- Merge 4.14.2 into android-4.14 Changes in 4.14.2 bio: ensure __bio_clone_fast copies bi_partno af_netlink: ensure that NLMSG_DONE never fails in dumps vxlan: fix the issue that neigh proxy blocks all icmpv6 packets net: cdc_ncm: GetNtbFormat endian fix fealnx: Fix building error on MIPS net/sctp: Always set scope_id in sctp_inet6_skb_msgname ima: do not update security.ima if appraisal status is not INTEGRITY_PASS serial: omap: Fix EFR write on RTS deassertion serial: 8250_fintek: Fix finding base_port with activated SuperIO tpm-dev-common: Reject too short writes rcu: Fix up pending cbs check in rcu_prepare_for_idle mm/pagewalk.c: report holes in hugetlb ranges ocfs2: fix cluster hang after a node dies ocfs2: should wait dio before inode lock in ocfs2_setattr() ipmi: fix unsigned long underflow mm/page_alloc.c: broken deferred calculation mm/page_ext.c: check if page_ext is not prepared coda: fix 'kernel memory exposure attempt' in fsync ipmi: Prefer ACPI system interfaces over SMBIOS ones Linux 4.14.2 Signed-off-by: Greg Kroah-Hartman <gregkh@google.com> |
||
Dave Hansen
|
3dfd9fd8d8 |
x86/mm/pti: Add Kconfig
commit 385ce0ea4c078517fa51c261882c4e72fba53005 upstream. Finally allow CONFIG_PAGE_TABLE_ISOLATION to be enabled. PARAVIRT generally requires that the kernel not manage its own page tables. It also means that the hypervisor and kernel must agree wholeheartedly about what format the page tables are in and what they contain. PAGE_TABLE_ISOLATION, unfortunately, changes the rules and they can not be used together. I've seen conflicting feedback from maintainers lately about whether they want the Kconfig magic to go first or last in a patch series. It's going last here because the partially-applied series leads to kernels that can not boot in a bunch of cases. I did a run through the entire series with CONFIG_PAGE_TABLE_ISOLATION=y to look for build errors, though. [ tglx: Removed SMP and !PARAVIRT dependencies as they not longer exist ] Signed-off-by: Dave Hansen <dave.hansen@linux.intel.com> Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Cc: Andy Lutomirski <luto@kernel.org> Cc: Boris Ostrovsky <boris.ostrovsky@oracle.com> Cc: Borislav Petkov <bp@alien8.de> Cc: Brian Gerst <brgerst@gmail.com> Cc: David Laight <David.Laight@aculab.com> Cc: Denys Vlasenko <dvlasenk@redhat.com> Cc: Eduardo Valentin <eduval@amazon.com> Cc: Greg KH <gregkh@linuxfoundation.org> Cc: H. Peter Anvin <hpa@zytor.com> Cc: Josh Poimboeuf <jpoimboe@redhat.com> Cc: Juergen Gross <jgross@suse.com> Cc: Linus Torvalds <torvalds@linux-foundation.org> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Will Deacon <will.deacon@arm.com> Cc: aliguori@amazon.com Cc: daniel.gruss@iaik.tugraz.at Cc: hughd@google.com Cc: keescook@google.com Cc: linux-mm@kvack.org Signed-off-by: Ingo Molnar <mingo@kernel.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
||
|
Runmin Wang
|
b716d1c640 |
Merge remote-tracking branch 'remotes/origin/tmp-3afae84' into msm-4.14
* remotes/origin/tmp-3afae84: Linux 4.14.7 dvb_frontend: don't use-after-free the frontend struct media: dvb-core: always call invoke_release() in fe_free() x86/intel_rdt: Fix potential deadlock during resctrl unmount RDMA/cxgb4: Annotate r2 and stag as __be32 md: free unused memory after bitmap resize dm raid: fix panic when attempting to force a raid to sync audit: ensure that 'audit=1' actually enables audit for PID 1 audit: Allow auditd to set pid to 0 to end auditing nvmet-rdma: update queue list during ib_device removal blk-mq: Avoid that request queue removal can trigger list corruption ide: ide-atapi: fix compile error with defining macro DEBUG ipvlan: fix ipv6 outbound device powerpc/powernv/idle: Round up latency and residency values kbuild: do not call cc-option before KBUILD_CFLAGS initialization KVM: arm/arm64: vgic-its: Preserve the revious read from the pending table fix kcm_clone() fcntl: don't cap l_start and l_end values for F_GETLK64 in compat syscall usb: gadget: ffs: Forbid usb_ep_alloc_request from sleeping ipmi: Stop timers before cleaning up the module sctp: use right member as the param of list_for_each_entry cls_bpf: don't decrement net's refcount when offload fails net: openvswitch: datapath: fix data type in queue_gso_packets net: accept UFO datagrams from tuntap and packet tun: fix rcu_read_lock imbalance in tun_build_skb net: ipv6: Fixup device for anycast routes during copy tun: free skb in early errors tcp: when scheduling TLP, time of RTO should account for current ACK tap: free skb if flags error net: sched: cbq: create block for q->link.block tcp: use current time in tcp_rcv_space_adjust() tipc: call tipc_rcv() only if bearer is up in tipc_udp_recv() tcp: use IPCB instead of TCP_SKB_CB in inet_exact_dif_match() s390/qeth: fix GSO throughput regression s390/qeth: fix thinko in IPv4 multicast address tracking s390/qeth: build max size GSO skbs on L2 devices tcp/dccp: block bh before arming time_wait timer stmmac: reset last TSO segment size after device open net: remove hlist_nulls_add_tail_rcu() usbnet: fix alignment for frames with no ethernet header tcp: remove buggy call to tcp_v6_restore_cb() net/packet: fix a race in packet_bind() and packet_notifier() packet: fix crash in fanout_demux_rollover() tcp: add tcp_v4_fill_cb()/tcp_v4_restore_cb() sit: update frag_off info rds: Fix NULL pointer dereference in __rds_rdma_map vhost: fix skb leak in handle_rx() tipc: fix memory leak in tipc_accept_from_sock() s390/qeth: fix early exit from error path net: realtek: r8169: implement set_link_ksettings() net: thunderx: Fix TCP/UDP checksum offload for IPv4 pkts net: thunderx: Fix TCP/UDP checksum offload for IPv6 pkts net: qmi_wwan: add Quectel BG96 2c7c:0296 Linux 4.14.6 afs: Connect up the CB.ProbeUuid afs: Fix total-length calculation for multiple-page send IB/mlx5: Assign send CQ and recv CQ of UMR QP IB/mlx4: Increase maximal message size under UD QP bnxt_re: changing the ip address shouldn't affect new connections f2fs: fix to clear FI_NO_PREALLOC xfrm: Copy policy family in clone_policy tls: Use kzalloc for aead_request allocation jump_label: Invoke jump_label_test() via early_initcall() atm: horizon: Fix irq release error kbuild: rpm-pkg: fix jobserver unavailable warning mailbox: mailbox-test: don't rely on rx_buffer content to signal data ready clk: hi3660: fix incorrect uart3 clock freqency clk: uniphier: fix DAPLL2 clock rate of Pro5 clk: qcom: common: fix legacy board-clock registration clk: sunxi-ng: a83t: Fix i2c buses bits clk: stm32h7: fix test of clock config bpf: fix lockdep splat geneve: fix fill_info when link down fcntl: don't leak fd reference when fixup_compat_flock fails sctp: use the right sk after waking up from wait_buf sleep sctp: do not free asoc when it is already dead in sctp_sendmsg slub: fix sysfs duplicate filename creation when slub_debug=O zsmalloc: calling zs_map_object() from irq is a bug sparc64/mm: set fields in deferred pages block: wake up all tasks blocked in get_request() dt-bindings: usb: fix reg-property port-number range xfs: fix forgotten rcu read unlock when skipping inode reclaim nfp: fix flower offload metadata flag usage nfp: inherit the max_mtu from the PF netdev sunrpc: Fix rpc_task_begin trace point NFS: Fix a typo in nfs_rename() dynamic-debug-howto: fix optional/omitted ending line number to be LARGE instead of 0 lib/genalloc.c: make the avail variable an atomic_long_t pipe: match pipe_max_size data type with procfs drivers/rapidio/devices/rio_mport_cdev.c: fix resource leak in error handling path in 'rio_dma_transfer()' rsi: fix memory leak on buf and usb_reg_buf route: update fnhe_expires for redirect when the fnhe exists route: also update fnhe_genid when updating a route cache gre6: use log_ecn_error module parameter in ip6_tnl_rcv() mac80211_hwsim: Fix memory leak in hwsim_new_radio_nl() x86/mpx/selftests: Fix up weird arrays apparmor: fix leak of null profile name if profile allocation fails powerpc/perf: Fix pmu_count to count only nest imc pmus coccinelle: fix parallel build with CHECK=scripts/coccicheck kbuild: pkg: use --transform option to prefix paths in tar net/smc: use sk_rcvbuf as start for rmb creation irqchip/qcom: Fix u32 comparison with value less than zero ARM: avoid faulting on qemu ARM: BUG if jumping to usermode address in kernel mode crypto: talitos - fix ctr-aes-talitos crypto: talitos - fix use of sg_link_tbl_len crypto: talitos - fix AEAD for sha224 on non sha224 capable chips crypto: talitos - fix setkey to check key weakness crypto: talitos - fix memory corruption on SEC2 crypto: talitos - fix AEAD test failures IB/core: Only enforce security for InfiniBand IB/core: Avoid unnecessary return value check bus: arm-ccn: fix module unloading Error: Removing state 147 which has instances left. bus: arm-ccn: Fix use of smp_processor_id() in preemptible context bus: arm-ccn: Check memory allocation failure bus: arm-cci: Fix use of smp_processor_id() in preemptible context Revert "ARM: dts: imx53: add srtc node" arm64: SW PAN: Update saved ttbr0 value on enter_lazy_tlb arm64: SW PAN: Point saved ttbr0 at the zero page when switching to init_mm arm64: fpsimd: Prevent registers leaking from dead tasks KVM: arm/arm64: vgic-its: Check result of allocation before use KVM: arm/arm64: vgic: Preserve the revious read from the pending table KVM: arm/arm64: vgic-irqfd: Fix MSI entry allocation KVM: arm/arm64: Fix broken GICH_ELRSR big endian conversion KVM: VMX: remove I/O port 0x80 bypass on Intel hosts arm: KVM: Fix VTTBR_BADDR_MASK BUG_ON off-by-one arm64: KVM: fix VTTBR_BADDR_MASK BUG_ON off-by-one media: rc: partial revert of "media: rc: per-protocol repeat period" media: rc: sir_ir: detect presence of port media: dvb: i2c transfers over usb cannot be done from stack drm/i915: Fix vblank timestamp/frame counter jumps on gen2 drm/exynos: gem: Drop NONCONTIG flag for buffers allocated without IOMMU drm/bridge: analogix dp: Fix runtime PM state in get_modes() callback md/r5cache: move mddev_lock() out of r5c_journal_mode_set() kdb: Fix handling of kallsyms_symbol_next() return value brcmfmac: change driver unbind order of the sdio function devices iwlwifi: mvm: enable RX offloading with TKIP and WEP iwlwifi: mvm: fix packet injection iwlwifi: add new cards for 9260 and 22000 series iwlwifi: mvm: flush queue before deleting ROC iwlwifi: mvm: don't use transmit queue hang detection when it is not possible iwlwifi: mvm: mark MIC stripped MPDUs powerpc/64s: Initialize ISAv3 MMU registers before setting partition table Revert "powerpc: Do not call ppc_md.panic in fadump panic notifier" KVM: s390: Fix skey emulation permission check s390: fix compat system call table s390/mm: fix off-by-one bug in 5-level page table handling s390: always save and restore all registers on context switch smp/hotplug: Move step CPUHP_AP_SMPCFD_DYING to the correct place iommu/vt-d: Fix scatterlist offset handling ALSA: usb-audio: Add check return value for usb_string() ALSA: usb-audio: Fix out-of-bound error ALSA: seq: Remove spurious WARN_ON() at timer check ALSA: pcm: prevent UAF in snd_pcm_info ALSA: hda/realtek - New codec support for ALC257 btrfs: handle errors while updating refcounts in update_ref_for_cow btrfs: fix missing error return in btrfs_drop_snapshot KVM: x86: fix APIC page invalidation x86/PCI: Make broadcom_postcore_init() check acpi_disabled x86/idt: Load idt early in start_secondary X.509: fix comparisons of ->pkey_algo X.509: reject invalid BIT STRING for subjectPublicKey KEYS: reject NULL restriction string when type is specified KEYS: add missing permission check for request_key() destination ASN.1: check for error from ASN1_OP_END__ACT actions ASN.1: fix out-of-bounds read when parsing indefinite length item efi/esrt: Use memunmap() instead of kfree() to free the remapping efi: Move some sysfs files to be read-only by root scsi: libsas: align sata_device's rps_resp on a cacheline scsi: use dma_get_cache_alignment() as minimum DMA alignment scsi: dma-mapping: always provide dma_get_cache_alignment isa: Prevent NULL dereference in isa_bus driver callbacks firmware: vpd: Fix platform driver and device registration/unregistration firmware: vpd: Tie firmware kobject to device lifetime firmware: vpd: Destroy vpd sections in remove function firmware: cleanup FIRMWARE_IN_KERNEL message hv: kvp: Avoid reading past allocated blocks from KVP file Drivers: hv: vmbus: Fix a rescind issue pinctrl: armada-37xx: Fix direction_output() callback behavior iio: adc: meson-saradc: Meson8 and Meson8b do not have REG11 and REG13 iio: adc: meson-saradc: initialize the bandgap correctly on older SoCs iio: adc: meson-saradc: fix the bit_idx of the adc_en clock iio: adc: cpcap: fix incorrect validation iio: health: max30102: Temperature should be in milli Celsius iio: stm32: fix adc/trigger link error virtio: release virtio index when fail to device_register can: peak/pcie_fd: fix potential bug in restarting tx queue can: usb_8dev: cancel urb on -EPIPE and -EPROTO can: esd_usb2: cancel urb on -EPIPE and -EPROTO can: ems_usb: cancel urb on -EPIPE and -EPROTO can: mcba_usb: cancel urb on -EPROTO can: kvaser_usb: cancel urb on -EPIPE and -EPROTO can: kvaser_usb: ratelimit errors if incomplete messages are received can: kvaser_usb: Fix comparison bug in kvaser_usb_read_bulk_callback() can: kvaser_usb: free buf in error paths can: ti_hecc: Fix napi poll return value for repoll can: flexcan: fix VF610 state transition issue can: peak/pci: fix potential bug when probe() fails can: mcba_usb: fix device disconnect bug usb: f_fs: Force Reserved1=1 in OS_DESC_EXT_COMPAT serdev: ttyport: fix tty locking in close serdev: ttyport: fix NULL-deref on hangup serdev: ttyport: add missing receive_buf sanity checks usb: gadget: core: Fix ->udc_set_speed() speed handling usb: gadget: udc: renesas_usb3: fix number of the pipes Change-Id: I47977dc6948f8e5edbcd21770a63242e86adcb3b Signed-off-by: Runmin Wang <runminw@codeaurora.org> |
||
Chenbo Feng
|
02afae7216 |
BACKPORT: selinux: bpf: Add addtional check for bpf object file receive
Introduce a bpf object related check when sending and receiving files through unix domain socket as well as binder. It checks if the receiving process have privilege to read/write the bpf map or use the bpf program. This check is necessary because the bpf maps and programs are using a anonymous inode as their shared inode so the normal way of checking the files and sockets when passing between processes cannot work properly on eBPF object. This check only works when the BPF_SYSCALL is configured. Signed-off-by: Chenbo Feng <fengc@google.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Reviewed-by: James Morris <james.l.morris@oracle.com> Signed-off-by: David S. Miller <davem@davemloft.net> Bug: 30950746 Change-Id: I5b2cf4ccb4eab7eda91ddd7091d6aa3e7ed9f2cd (cherry picked from commit f66e448cfda021b0bcd884f26709796fe19c7cc1) Signed-off-by: Amit Pundir <amit.pundir@linaro.org> |
||
|
Chenbo Feng
|
80c0b729b6 |
UPSTREAM: selinux: bpf: Add selinux check for eBPF syscall operations
Implement the actual checks introduced to eBPF related syscalls. This implementation use the security field inside bpf object to store a sid that identify the bpf object. And when processes try to access the object, selinux will check if processes have the right privileges. The creation of eBPF object are also checked at the general bpf check hook and new cmd introduced to eBPF domain can also be checked there. Signed-off-by: Chenbo Feng <fengc@google.com> Acked-by: Alexei Starovoitov <ast@kernel.org> Reviewed-by: James Morris <james.l.morris@oracle.com> Signed-off-by: David S. Miller <davem@davemloft.net> Bug: 30950746 Change-Id: Ifb0cdd4b7d470223b143646b339ba511ac77c156 (cherry picked from commit ec27c3568a34c7fe5fcf4ac0a354eda77687f7eb) Signed-off-by: Amit Pundir <amit.pundir@linaro.org> |
||
|
Chenbo Feng
|
3479b1366c |
BACKPORT: security: bpf: Add LSM hooks for bpf object related syscall
Introduce several LSM hooks for the syscalls that will allow the userspace to access to eBPF object such as eBPF programs and eBPF maps. The security check is aimed to enforce a per object security protection for eBPF object so only processes with the right priviliges can read/write to a specific map or use a specific eBPF program. Besides that, a general security hook is added before the multiplexer of bpf syscall to check the cmd and the attribute used for the command. The actual security module can decide which command need to be checked and how the cmd should be checked. Signed-off-by: Chenbo Feng <fengc@google.com> Acked-by: James Morris <james.l.morris@oracle.com> Signed-off-by: David S. Miller <davem@davemloft.net> Bug: 30950746 Change-Id: Ieb3ac74392f531735fc7c949b83346a5f587a77b (cherry picked from commit afdb09c720b62b8090584c11151d856df330e57d) Signed-off-by: Amit Pundir <amit.pundir@linaro.org> |
||
Jeff Vander Stoep
|
eb4b335d8a |
ANDROID: security,perf: Allow further restriction of perf_event_open
When kernel.perf_event_open is set to 3 (or greater), disallow all access to performance events by users without CAP_SYS_ADMIN. Add a Kconfig symbol CONFIG_SECURITY_PERF_EVENTS_RESTRICT that makes this value the default. This is based on a similar feature in grsecurity (CONFIG_GRKERNSEC_PERF_HARDEN). This version doesn't include making the variable read-only. It also allows enabling further restriction at run-time regardless of whether the default is changed. https://lkml.org/lkml/2016/1/11/587 Signed-off-by: Ben Hutchings <ben@decadent.org.uk> Bug: 29054680 Change-Id: Iff5bff4fc1042e85866df9faa01bce8d04335ab8 |
||
John Stultz
|
2b02b4ab89 |
ANDROID: net: paranoid: commoncap: Begin to warn users of implicit PARANOID_NETWORK capability grants
CAP_NET_ADMIN and CAP_NET_RAW are implicity granted to the "special" Android groups net_admin and net_raw. This is a byproduct of the init system not being able to specify capabilities back in the day, but has now been resolved and .rc files can explictly specify the capabilities to be granted to a service. Thus, we should start to remove this implict capability grant, and the first step is to warn when a process doesn't have explicit capablity but is a member of the implicitly granted group, when that capability is checked. This will allow for the PARANOID_NETWORK checks in commoncap.c to be totally removed in a future kernel. Change-Id: I6dac90e23608b6dba14a8f2049ba29ae56cb7ae4 Signed-off-by: John Stultz <john.stultz@linaro.org> |
||
Tushar Behera
|
f1c8e6f39c |
ANDROID: net: paranoid: security: Add proper checks for Android specific capability checks
Commit b641072 ("security: Add AID_NET_RAW and AID_NET_ADMIN capability
check in cap_capable().") introduces additional checks for AID_NET_xxx
macros. Since the header file including those macros are conditionally
included, the checks should also be conditionally executed.
Change-Id: Iaec5208d5b95a46b1ac3f2db8449c661e803fa5b
Signed-off-by: Tushar Behera <tushar.behera@linaro.org>
Signed-off-by: Andrey Konovalov <andrey.konovalov@linaro.org>
|
||
Chia-chi Yeh
|
36ac63e701 |
ANDROID: net: paranoid: security: Add AID_NET_RAW and AID_NET_ADMIN capability check in cap_capable().
Signed-off-by: Chia-chi Yeh <chiachi@android.com> |
||
|
John Johansen
|
897088926c |
apparmor: fix leak of null profile name if profile allocation fails
[ Upstream commit 4633307e5ed6128975595df43f796a10c41d11c1 ]
Fixes: d07881d2edb0 ("apparmor: move new_null_profile to after profile lookup fns()")
Reported-by: Seth Arnold <seth.arnold@canonical.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Sasha Levin <alexander.levin@verizon.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|