From 289e557a5dce45e2fb4dcd903b8d09897ae9e8ae Mon Sep 17 00:00:00 2001 From: Justin M. Forbes Date: Feb 01 2016 19:38:33 +0000 Subject: linux v4.5-rc2 --- diff --git a/KEYS-only-apply-KEY_FLAG_KEEP-to-a-key-if-a-parent.patch b/KEYS-only-apply-KEY_FLAG_KEEP-to-a-key-if-a-parent.patch deleted file mode 100644 index 7292229..0000000 --- a/KEYS-only-apply-KEY_FLAG_KEEP-to-a-key-if-a-parent.patch +++ /dev/null @@ -1,51 +0,0 @@ -From 7707055082a7005ad94ba81e5240644db8c0324a -From: David Howells -Date: Tue Jan 26 16:28:17 2016 +0000 -Subject: [PATCH] KEYS: Only apply KEY_FLAG_KEEP to a key if a parent keyring has it set - - KEY_FLAG_KEEP should only be applied to a key if the keyring it is being - linked into has KEY_FLAG_KEEP set. - - To this end, partially revert the following patch: - - commit 1d6d167c2efcfe9539d9cffb1a1be9c92e39c2c0 - Author: Mimi Zohar - Date: Thu Jan 7 07:46:36 2016 -0500 - KEYS: refcount bug fix - - to undo the change that made it unconditional (Mimi got it right the first - time). - - Without undoing this change, it becomes impossible to delete, revoke or - invalidate keys added to keyrings through __key_instantiate_and_link() - where the keyring has itself been linked to. To test this, run the - following command sequence: - - keyctl newring foo @s - keyctl add user a a %:foo - keyctl unlink %user:a %:foo - keyctl clear %:foo - - With the commit mentioned above the third and fourth commands fail with - EPERM when they should succeed. - - Reported-by: Stephen Gallager - Signed-off-by: David Howells - cc: Mimi Zohar - cc: keyrings@vger.kernel.org - cc: stable@vger.kernel.org - -diff --git a/security/keys/key.c b/security/keys/key.c -index 07a87311055c..09ef276c4bdc 100644 ---- a/security/keys/key.c -+++ b/security/keys/key.c -@@ -430,7 +430,8 @@ static int __key_instantiate_and_link(struct key *key, - - /* and link it into the destination keyring */ - if (keyring) { -- set_bit(KEY_FLAG_KEEP, &key->flags); -+ if (test_bit(KEY_FLAG_KEEP, &keyring->flags)) -+ set_bit(KEY_FLAG_KEEP, &key->flags); - - __key_link(key, _edit); - } diff --git a/config-generic b/config-generic index 2830de7..7dd2710 100644 --- a/config-generic +++ b/config-generic @@ -1825,13 +1825,13 @@ CONFIG_B43_PCMCIA=y CONFIG_B43_SDIO=y CONFIG_B43_BCMA=y CONFIG_B43_BCMA_PIO=y -CONFIG_B43_DEBUG=y +# CONFIG_B43_DEBUG is not set CONFIG_B43_PHY_LP=y CONFIG_B43_PHY_N=y CONFIG_B43_PHY_HT=y CONFIG_B43_PHY_G=y CONFIG_B43LEGACY=m -CONFIG_B43LEGACY_DEBUG=y +# CONFIG_B43LEGACY_DEBUG is not set CONFIG_B43LEGACY_DMA=y CONFIG_B43LEGACY_PIO=y CONFIG_B43LEGACY_DMA_AND_PIO_MODE=y @@ -5125,7 +5125,7 @@ CONFIG_PM_DEBUG=y # CONFIG_DPM_WATCHDOG is not set # revisit this in debug CONFIG_PM_TRACE=y CONFIG_PM_TRACE_RTC=y -CONFIG_PM_TEST_SUSPEND=y +# CONFIG_PM_TEST_SUSPEND is not set # CONFIG_PM_OPP is not set # CONFIG_PM_AUTOSLEEP is not set # CONFIG_PM_WAKELOCKS is not set diff --git a/config-nodebug b/config-nodebug index 3a2eee3..c173637 100644 --- a/config-nodebug +++ b/config-nodebug @@ -2,101 +2,101 @@ CONFIG_SND_VERBOSE_PRINTK=y CONFIG_SND_DEBUG=y CONFIG_SND_PCM_XRUN_DEBUG=y -CONFIG_DEBUG_ATOMIC_SLEEP=y - -CONFIG_DEBUG_MUTEXES=y -CONFIG_DEBUG_RT_MUTEXES=y -CONFIG_DEBUG_LOCK_ALLOC=y -CONFIG_LOCK_TORTURE_TEST=m -CONFIG_PROVE_LOCKING=y -CONFIG_DEBUG_SPINLOCK=y -CONFIG_PROVE_RCU=y +# CONFIG_DEBUG_ATOMIC_SLEEP is not set + +# CONFIG_DEBUG_MUTEXES is not set +# CONFIG_DEBUG_RT_MUTEXES is not set +# CONFIG_DEBUG_LOCK_ALLOC is not set +# CONFIG_LOCK_TORTURE_TEST is not set +# CONFIG_PROVE_LOCKING is not set +# CONFIG_DEBUG_SPINLOCK is not set +# CONFIG_PROVE_RCU is not set # CONFIG_PROVE_RCU_REPEATEDLY is not set -CONFIG_DEBUG_PER_CPU_MAPS=y +# CONFIG_DEBUG_PER_CPU_MAPS is not set CONFIG_CPUMASK_OFFSTACK=y -CONFIG_CPU_NOTIFIER_ERROR_INJECT=m +# CONFIG_CPU_NOTIFIER_ERROR_INJECT is not set -CONFIG_FAULT_INJECTION=y -CONFIG_FAILSLAB=y -CONFIG_FAIL_PAGE_ALLOC=y -CONFIG_FAIL_MAKE_REQUEST=y -CONFIG_FAULT_INJECTION_DEBUG_FS=y -CONFIG_FAULT_INJECTION_STACKTRACE_FILTER=y -CONFIG_FAIL_IO_TIMEOUT=y -CONFIG_FAIL_MMC_REQUEST=y +# CONFIG_FAULT_INJECTION is not set +# CONFIG_FAILSLAB is not set +# CONFIG_FAIL_PAGE_ALLOC is not set +# CONFIG_FAIL_MAKE_REQUEST is not set +# CONFIG_FAULT_INJECTION_DEBUG_FS is not set +# CONFIG_FAULT_INJECTION_STACKTRACE_FILTER is not set +# CONFIG_FAIL_IO_TIMEOUT is not set +# CONFIG_FAIL_MMC_REQUEST is not set -CONFIG_LOCK_STAT=y +# CONFIG_LOCK_STAT is not set -CONFIG_DEBUG_STACK_USAGE=y +# CONFIG_DEBUG_STACK_USAGE is not set -CONFIG_ACPI_DEBUG=y +# CONFIG_ACPI_DEBUG is not set # CONFIG_ACPI_DEBUGGER is not set -CONFIG_DEBUG_SG=y -CONFIG_DEBUG_PI_LIST=y +# CONFIG_DEBUG_SG is not set +# CONFIG_DEBUG_PI_LIST is not set # CONFIG_PAGE_EXTENSION is not set # CONFIG_PAGE_OWNER is not set # CONFIG_DEBUG_PAGEALLOC is not set -CONFIG_DEBUG_OBJECTS=y +# CONFIG_DEBUG_OBJECTS is not set # CONFIG_DEBUG_OBJECTS_SELFTEST is not set -CONFIG_DEBUG_OBJECTS_FREE=y -CONFIG_DEBUG_OBJECTS_TIMERS=y -CONFIG_DEBUG_OBJECTS_RCU_HEAD=y +# CONFIG_DEBUG_OBJECTS_FREE is not set +# CONFIG_DEBUG_OBJECTS_TIMERS is not set +# CONFIG_DEBUG_OBJECTS_RCU_HEAD is not set CONFIG_DEBUG_OBJECTS_ENABLE_DEFAULT=1 CONFIG_X86_PTDUMP=y -CONFIG_ARM64_PTDUMP=y -CONFIG_EFI_PGT_DUMP=y +# CONFIG_ARM64_PTDUMP is not set +# CONFIG_EFI_PGT_DUMP is not set -CONFIG_CAN_DEBUG_DEVICES=y +# CONFIG_CAN_DEBUG_DEVICES is not set -CONFIG_MODULE_FORCE_UNLOAD=y +# CONFIG_MODULE_FORCE_UNLOAD is not set -CONFIG_DEBUG_NOTIFIERS=y +# CONFIG_DEBUG_NOTIFIERS is not set -CONFIG_DMA_API_DEBUG=y +# CONFIG_DMA_API_DEBUG is not set -CONFIG_MMIOTRACE=y +# CONFIG_MMIOTRACE is not set -CONFIG_DEBUG_CREDENTIALS=y +# CONFIG_DEBUG_CREDENTIALS is not set # off in both production debug and nodebug builds, # on in rawhide nodebug builds -CONFIG_DEBUG_FORCE_WEAK_PER_CPU=y +# CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set -CONFIG_EXT4_DEBUG=y +# CONFIG_EXT4_DEBUG is not set # CONFIG_XFS_WARN is not set -CONFIG_DEBUG_PERF_USE_VMALLOC=y +# CONFIG_DEBUG_PERF_USE_VMALLOC is not set -CONFIG_JBD2_DEBUG=y +# CONFIG_JBD2_DEBUG is not set -CONFIG_NFSD_FAULT_INJECTION=y +# CONFIG_NFSD_FAULT_INJECTION is not set -CONFIG_DEBUG_BLK_CGROUP=y +# CONFIG_DEBUG_BLK_CGROUP is not set -CONFIG_DRBD_FAULT_INJECTION=y +# CONFIG_DRBD_FAULT_INJECTION is not set -CONFIG_ATH_DEBUG=y -CONFIG_CARL9170_DEBUGFS=y -CONFIG_IWLWIFI_DEVICE_TRACING=y +# CONFIG_ATH_DEBUG is not set +# CONFIG_CARL9170_DEBUGFS is not set +# CONFIG_IWLWIFI_DEVICE_TRACING is not set # CONFIG_RTLWIFI_DEBUG is not set -CONFIG_DEBUG_OBJECTS_WORK=y +# CONFIG_DEBUG_OBJECTS_WORK is not set -CONFIG_DMADEVICES_DEBUG=y +# CONFIG_DMADEVICES_DEBUG is not set # CONFIG_DMADEVICES_VDEBUG is not set CONFIG_PM_ADVANCED_DEBUG=y -CONFIG_CEPH_LIB_PRETTYDEBUG=y -CONFIG_QUOTA_DEBUG=y +# CONFIG_CEPH_LIB_PRETTYDEBUG is not set +# CONFIG_QUOTA_DEBUG is not set CONFIG_KGDB_KDB=y @@ -104,19 +104,19 @@ CONFIG_KDB_DEFAULT_ENABLE=0x0 CONFIG_KDB_KEYBOARD=y CONFIG_KDB_CONTINUE_CATASTROPHIC=0 -CONFIG_DEBUG_OBJECTS_PERCPU_COUNTER=y +# CONFIG_DEBUG_OBJECTS_PERCPU_COUNTER is not set # CONFIG_PERCPU_TEST is not set -CONFIG_TEST_LIST_SORT=y +# CONFIG_TEST_LIST_SORT is not set # CONFIG_TEST_STRING_HELPERS is not set -CONFIG_DETECT_HUNG_TASK=y +# CONFIG_DETECT_HUNG_TASK is not set CONFIG_DEFAULT_HUNG_TASK_TIMEOUT=120 # CONFIG_BOOTPARAM_HUNG_TASK_PANIC is not set -CONFIG_WQ_WATCHDOG=y +# CONFIG_WQ_WATCHDOG is not set -CONFIG_X86_BOOTPARAM_MEMORY_CORRUPTION_CHECK=y +# CONFIG_X86_BOOTPARAM_MEMORY_CORRUPTION_CHECK is not set -CONFIG_DEBUG_KMEMLEAK=y +# CONFIG_DEBUG_KMEMLEAK is not set CONFIG_DEBUG_KMEMLEAK_EARLY_LOG_SIZE=1024 # CONFIG_DEBUG_KMEMLEAK_TEST is not set CONFIG_DEBUG_KMEMLEAK_DEFAULT_OFF=y @@ -127,4 +127,4 @@ CONFIG_DEBUG_KMEMLEAK_DEFAULT_OFF=y # CONFIG_SPI_DEBUG is not set -CONFIG_X86_DEBUG_STATIC_CPU_HAS=y +# CONFIG_X86_DEBUG_STATIC_CPU_HAS is not set diff --git a/config-x86-generic b/config-x86-generic index 595c03e..f54836a 100644 --- a/config-x86-generic +++ b/config-x86-generic @@ -377,7 +377,7 @@ CONFIG_SP5100_TCO=m # CONFIG_MEMTEST is not set # CONFIG_DEBUG_TLBFLUSH is not set -CONFIG_MAXSMP=y +# CONFIG_MAXSMP is not set CONFIG_HP_ILO=m @@ -529,6 +529,7 @@ CONFIG_X86_INTEL_LPSS=y CONFIG_IDMA64=m # CONFIG_X86_AMD_PLATFORM_DEVICE is not set +# CONFIG_X86_INTEL_MID is not set # CONFIG_MFD_INTEL_QUARK_I2C_GPIO is not set CONFIG_MFD_INTEL_LPSS_ACPI=m diff --git a/gitrev b/gitrev index 2b44e2e..66f5d05 100644 --- a/gitrev +++ b/gitrev @@ -1 +1 @@ -26cd83670f2f5a3d5b5514a1f7d96567cdb9558b +36f90b0a2ddd60823fe193a85e60ff1906c2a9b3 diff --git a/kernel.spec b/kernel.spec index 6ac8596..9a06cdc 100644 --- a/kernel.spec +++ b/kernel.spec @@ -65,9 +65,9 @@ Summary: The Linux kernel # The next upstream release sublevel (base_sublevel+1) %define upstream_sublevel %(echo $((%{base_sublevel} + 1))) # The rc snapshot level -%define rcrev 1 +%define rcrev 2 # The git snapshot level -%define gitrev 2 +%define gitrev 0 # Set rpm version accordingly %define rpmversion 4.%{upstream_sublevel}.0 %endif @@ -122,7 +122,7 @@ Summary: The Linux kernel # Set debugbuildsenabled to 1 for production (build separate debug kernels) # and 0 for rawhide (all kernels are debug kernels). # See also 'make debug' and 'make release'. -%define debugbuildsenabled 0 +%define debugbuildsenabled 1 # Want to build a vanilla kernel build without any non-upstream patches? %define with_vanilla %{?_with_vanilla: 1} %{?!_with_vanilla: 0} @@ -590,12 +590,6 @@ Patch571: ideapad-laptop-Add-Lenovo-ideapad-Y700-17ISK-to-no_h.patch #rhbz 1295646 Patch621: drm-udl-Use-unlocked-gem-unreferencing.patch -#CVE-2015-7566 rhbz 1296466 1297517 -Patch623: usb-serial-visor-fix-crash-on-detecting-device-witho.patch - -#CVE-2016-0723 rhbz 1296253 1300224 -Patch637: tty-Fix-unsafe-ldisc-reference-via-ioctl-TIOCGETD.patch - #rhbz 1279653 Patch638: rtlwifi-rtl8821ae-Fix-5G-failure-when-EEPROM-is-inco.patch @@ -605,9 +599,6 @@ Patch640: PNP-Add-Haswell-ULT-to-Intel-MCH-size-workaround.patch #Required for some persistent memory options Patch641: disable-CONFIG_EXPERT-for-ZONE_DMA.patch -#rhbz 1301099 -Patch642: KEYS-only-apply-KEY_FLAG_KEEP-to-a-key-if-a-parent.patch - #rhbz 1302037 Patch644: wext-fix-message-delay-ordering.patch Patch645: cfg80211-wext-fix-message-ordering.patch @@ -2060,6 +2051,10 @@ fi # # %changelog +* Mon Feb 01 2016 Justin M. Forbes - 4.5.0-0.rc1.git0.1 +- Disable debugging options. +- Linux v4.5-rc2 + * Fri Jan 29 2016 Josh Boyer - Backport HID sony patch to fix some gamepads (rhbz 1255235) diff --git a/sources b/sources index 9b22193..8a9bb38 100644 --- a/sources +++ b/sources @@ -1,4 +1,3 @@ 9a78fa2eb6c68ca5a40ed5af08142599 linux-4.4.tar.xz dcbc8fe378a676d5d0dd208cf524e144 perf-man-4.4.tar.gz -be93ac61332d8fc365c5fd4e41797f5c patch-4.5-rc1.xz -436a38fbe087d4fc73ebe7bab6275040 patch-4.5-rc1-git2.xz +54449bfbdc10d5cce559d2d7fb5689ac patch-4.5-rc2.xz diff --git a/tty-Fix-unsafe-ldisc-reference-via-ioctl-TIOCGETD.patch b/tty-Fix-unsafe-ldisc-reference-via-ioctl-TIOCGETD.patch deleted file mode 100644 index d169105..0000000 --- a/tty-Fix-unsafe-ldisc-reference-via-ioctl-TIOCGETD.patch +++ /dev/null @@ -1,68 +0,0 @@ -From 938f50fc744cb49892bd42c8f56bdfa63e82a27d Mon Sep 17 00:00:00 2001 -From: Peter Hurley -Date: Sun, 10 Jan 2016 22:40:55 -0800 -Subject: [PATCH] tty: Fix unsafe ldisc reference via ioctl(TIOCGETD) - -ioctl(TIOCGETD) retrieves the line discipline id directly from the -ldisc because the line discipline id (c_line) in termios is untrustworthy; -userspace may have set termios via ioctl(TCSETS*) without actually -changing the line discipline via ioctl(TIOCSETD). - -However, directly accessing the current ldisc via tty->ldisc is -unsafe; the ldisc ptr dereferenced may be stale if the line discipline -is changing via ioctl(TIOCSETD) or hangup. - -Wait for the line discipline reference (just like read() or write()) -to retrieve the "current" line discipline id. - -Cc: -Signed-off-by: Peter Hurley ---- - drivers/tty/tty_io.c | 24 +++++++++++++++++++++++- - 1 file changed, 23 insertions(+), 1 deletion(-) - -diff --git a/drivers/tty/tty_io.c b/drivers/tty/tty_io.c -index f435977de740..bd4027e36910 100644 ---- a/drivers/tty/tty_io.c -+++ b/drivers/tty/tty_io.c -@@ -2654,6 +2654,28 @@ static int tiocsetd(struct tty_struct *tty, int __user *p) - } - - /** -+ * tiocgetd - get line discipline -+ * @tty: tty device -+ * @p: pointer to user data -+ * -+ * Retrieves the line discipline id directly from the ldisc. -+ * -+ * Locking: waits for ldisc reference (in case the line discipline -+ * is changing or the tty is being hungup) -+ */ -+ -+static int tiocgetd(struct tty_struct *tty, int __user *p) -+{ -+ struct tty_ldisc *ld; -+ int ret; -+ -+ ld = tty_ldisc_ref_wait(tty); -+ ret = put_user(ld->ops->num, p); -+ tty_ldisc_deref(ld); -+ return ret; -+} -+ -+/** - * send_break - performed time break - * @tty: device to break on - * @duration: timeout in mS -@@ -2879,7 +2901,7 @@ long tty_ioctl(struct file *file, unsigned int cmd, unsigned long arg) - case TIOCGSID: - return tiocgsid(tty, real_tty, p); - case TIOCGETD: -- return put_user(tty->ldisc->ops->num, (int __user *)p); -+ return tiocgetd(tty, p); - case TIOCSETD: - return tiocsetd(tty, p); - case TIOCVHANGUP: --- -2.5.0 - diff --git a/usb-serial-visor-fix-crash-on-detecting-device-witho.patch b/usb-serial-visor-fix-crash-on-detecting-device-witho.patch deleted file mode 100644 index ddd4fc5..0000000 --- a/usb-serial-visor-fix-crash-on-detecting-device-witho.patch +++ /dev/null @@ -1,36 +0,0 @@ -From b2476fe4c16be5c2b7ee950e50677cfaa9ab9bae Mon Sep 17 00:00:00 2001 -From: Vladis Dronov -Date: Tue, 12 Jan 2016 14:10:50 -0500 -Subject: [PATCH] usb: serial: visor: fix crash on detecting device without - write_urbs - -The visor driver crashes in clie_5_attach() when a specially crafted USB -device without bulk-out endpoint is detected. This fix adds a check that -the device has proper configuration expected by the driver. - -Reported-by: Ralf Spenneberg -Signed-off-by: Vladis Dronov ---- - drivers/usb/serial/visor.c | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -diff --git a/drivers/usb/serial/visor.c b/drivers/usb/serial/visor.c -index 60afb39eb73c..bbc90c059002 100644 ---- a/drivers/usb/serial/visor.c -+++ b/drivers/usb/serial/visor.c -@@ -597,8 +597,10 @@ static int clie_5_attach(struct usb_serial *serial) - */ - - /* some sanity check */ -- if (serial->num_ports < 2) -- return -1; -+ if (serial->num_bulk_out < 2) { -+ dev_err(&serial->interface->dev, "missing bulk out endpoints\n"); -+ return -ENODEV; -+ } - - /* port 0 now uses the modified endpoint Address */ - port = serial->port[0]; --- -2.5.0 -