- Linux-stable-mirror - lists.linaro.org

by Greg KH

I'm announcing the release of the 4.9.92 kernel. All users of the 4.9 kernel series must upgrade. The updated 4.9.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.9.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 - drivers/net/ethernet/arc/emac_rockchip.c | 6 +++- drivers/net/ethernet/broadcom/bcmsysport.c | 33 +++++++++++--------------- drivers/net/ethernet/broadcom/bcmsysport.h | 2 - drivers/net/ethernet/freescale/fec_main.c | 2 + drivers/net/ethernet/hisilicon/hns/hns_enet.c | 22 +++++++---------- drivers/net/ethernet/hisilicon/hns/hns_enet.h | 6 ++-- drivers/net/ethernet/ti/cpsw.c | 3 +- drivers/net/ppp/ppp_generic.c | 26 +++++++++++--------- drivers/net/team/team.c | 4 +-- drivers/s390/net/qeth_core_main.c | 21 +++++++++++----- drivers/s390/net/qeth_l2_main.c | 2 - drivers/s390/net/qeth_l3_main.c | 2 - drivers/scsi/sg.c | 5 ++- drivers/soc/fsl/qbman/qman.c | 28 +++------------------- include/linux/cgroup-defs.h | 4 +-- include/linux/rhashtable.h | 4 ++- include/net/sch_generic.h | 19 ++++++++++++++ kernel/irq/manage.c | 4 --- lib/rhashtable.c | 4 ++- net/core/dev.c | 22 +++++++++++------ net/core/skbuff.c | 2 - net/dccp/proto.c | 5 +++ net/ieee802154/6lowpan/core.c | 12 ++++++--- net/ipv4/inet_fragment.c | 3 ++ net/ipv4/ip_sockglue.c | 6 +++- net/ipv6/ndisc.c | 3 +- net/iucv/af_iucv.c | 4 ++- net/kcm/kcmsock.c | 33 ++++++++++++++++++-------- net/l2tp/l2tp_core.c | 8 ++++-- net/netlink/genetlink.c | 2 - net/sched/act_tunnel_key.c | 1 net/sched/sch_netem.c | 2 - 33 files changed, 180 insertions(+), 122 deletions(-) Alexey Kodanev (2): sch_netem: fix skb leak in netem_enqueue() dccp: check sk for closed state in dccp_sendmsg() Arkadi Sharshevsky (1): team: Fix double free in error path Arvind Yadav (1): net/iucv: Free memory obtained by kzalloc Christophe JAILLET (1): net: ethernet: arc: Fix a potential memory leak if an optional regulator is deferred David Ahern (1): net: Only honor ifindex in IP_PKTINFO if non-0 Eric Dumazet (3): ieee802154: 6lowpan: fix possible NULL deref in lowpan_device_event() net: use skb_to_full_sk() in skb_update_prio() l2tp: do not accept arbitrary sockets Florian Fainelli (2): net: fec: Fix unbalanced PM runtime calls net: systemport: Rewrite __bcm_sysport_tx_reclaim() Greg Kroah-Hartman (2): Revert "genirq: Use irqd_get_trigger_type to compare the trigger type for shared IRQs" Linux 4.9.92 Guillaume Nault (1): ppp: avoid loop in xmit recursion detection code Johannes Thumshirn (1): scsi: sg: don't return bogus Sg_requests Julian Wiedmann (4): s390/qeth: free netdevice when removing a card s390/qeth: when thread completes, wake up all waiters s390/qeth: lock read device while queueing next buffer s390/qeth: on channel error, reject further cmd requests Kirill Tkhai (1): net: Fix hlist corruptions in inet_evict_bucket() Lorenzo Bianconi (1): ipv6: fix access to non-linear packet in ndisc_fill_redirect_hdr_option() Madalin Bucur (1): soc/fsl/qbman: fix issue in qman_delete_cgr_safe() Nicolas Dichtel (1): netlink: avoid a double skb free in genlmsg_mcast() Paul Blakey (1): rhashtable: Fix rhlist duplicates insertion Roman Mashak (1): net sched actions: return explicit error when tunnel_key mode is not specified SZ Lin (林上智) (1): net: ethernet: ti: cpsw: add check for in-band mode setting with RGMII PHY interface Tom Herbert (1): kcm: lock lower socket in kcm_attach Vinicius Costa Gomes (1): skbuff: Fix not waking applications when errors are enqueued Yunsheng Lin (1): net: hns: Fix a skb used after free bug

7 years, 3 months

1
1
0 0

Linux 4.14.32

by Greg KH

I'm announcing the release of the 4.14.32 kernel. All users of the 4.14 kernel series must upgrade. The updated 4.14.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.14.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 drivers/net/ethernet/arc/emac_rockchip.c | 6 drivers/net/ethernet/broadcom/bcmsysport.c | 33 +-- drivers/net/ethernet/broadcom/bcmsysport.h | 2 drivers/net/ethernet/freescale/dpaa/dpaa_eth.c | 8 drivers/net/ethernet/freescale/fec_main.c | 2 drivers/net/ethernet/mellanox/mlxsw/spectrum_buffers.c | 12 - drivers/net/ethernet/qlogic/qed/qed_iwarp.c | 15 + drivers/net/ethernet/qlogic/qede/qede_main.c | 4 drivers/net/ethernet/ti/cpsw.c | 3 drivers/net/macvlan.c | 2 drivers/net/phy/phy.c | 173 ++++++++--------- drivers/net/phy/phy_device.c | 15 + drivers/net/ppp/ppp_generic.c | 26 +- drivers/net/team/team.c | 4 drivers/s390/net/qeth_core_main.c | 21 +- drivers/s390/net/qeth_l2_main.c | 2 drivers/s390/net/qeth_l3_main.c | 2 drivers/soc/fsl/qbman/qman.c | 28 -- fs/sysfs/symlink.c | 1 include/linux/cgroup-defs.h | 4 include/linux/phy.h | 1 include/linux/rhashtable.h | 4 include/net/sch_generic.h | 19 + include/net/tcp.h | 11 - lib/rhashtable.c | 4 net/core/dev.c | 22 +- net/core/devlink.c | 16 - net/core/skbuff.c | 2 net/dccp/proto.c | 5 net/ieee802154/6lowpan/core.c | 12 - net/ipv4/inet_fragment.c | 3 net/ipv4/ip_sockglue.c | 6 net/ipv4/tcp.c | 1 net/ipv4/tcp_timer.c | 1 net/ipv6/datagram.c | 21 +- net/ipv6/ndisc.c | 3 net/ipv6/seg6_iptunnel.c | 7 net/iucv/af_iucv.c | 4 net/kcm/kcmsock.c | 33 ++- net/l2tp/l2tp_core.c | 8 net/netlink/genetlink.c | 2 net/sched/act_tunnel_key.c | 1 net/sched/sch_netem.c | 2 44 files changed, 319 insertions(+), 234 deletions(-) Alexey Kodanev (2): sch_netem: fix skb leak in netem_enqueue() dccp: check sk for closed state in dccp_sendmsg() Arkadi Sharshevsky (2): devlink: Remove redundant free on error path team: Fix double free in error path Arvind Yadav (1): net/iucv: Free memory obtained by kzalloc Brad Mouring (1): net: phy: Tell caller result of phy_change() Camelia Groza (3): dpaa_eth: remove duplicate initialization dpaa_eth: increment the RX dropped counter when needed dpaa_eth: remove duplicate increment of the tx_errors counter Christophe JAILLET (1): net: ethernet: arc: Fix a potential memory leak if an optional regulator is deferred David Ahern (1): net: Only honor ifindex in IP_PKTINFO if non-0 David Lebrun (2): ipv6: sr: fix NULL pointer dereference when setting encap source address ipv6: sr: fix scheduling in RCU when creating seg6 lwtunnel state Eric Dumazet (3): ieee802154: 6lowpan: fix possible NULL deref in lowpan_device_event() net: use skb_to_full_sk() in skb_update_prio() l2tp: do not accept arbitrary sockets Florian Fainelli (2): net: fec: Fix unbalanced PM runtime calls net: systemport: Rewrite __bcm_sysport_tx_reclaim() Greg Kroah-Hartman (1): Linux 4.14.32 Grygorii Strashko (2): sysfs: symlink: export sysfs_create_link_nowarn() net: phy: relax error checking when creating sysfs link netdev->phydev Guillaume Nault (1): ppp: avoid loop in xmit recursion detection code Ido Schimmel (1): mlxsw: spectrum_buffers: Set a minimum quota for CPU port traffic Julian Wiedmann (4): s390/qeth: free netdevice when removing a card s390/qeth: when thread completes, wake up all waiters s390/qeth: lock read device while queueing next buffer s390/qeth: on channel error, reject further cmd requests Kirill Tkhai (1): net: Fix hlist corruptions in inet_evict_bucket() Lorenzo Bianconi (1): ipv6: fix access to non-linear packet in ndisc_fill_redirect_hdr_option() Madalin Bucur (2): soc/fsl/qbman: fix issue in qman_delete_cgr_safe() dpaa_eth: fix error in dpaa_remove() Michal Kalderon (2): qed: Fix non TCP packets should be dropped on iWARP ll2 connection qede: Fix qedr link update Nicolas Dichtel (1): netlink: avoid a double skb free in genlmsg_mcast() Paolo Abeni (1): net: ipv6: keep sk status consistent after datagram connect failure Paul Blakey (1): rhashtable: Fix rhlist duplicates insertion Roman Mashak (1): net sched actions: return explicit error when tunnel_key mode is not specified SZ Lin (林上智) (1): net: ethernet: ti: cpsw: add check for in-band mode setting with RGMII PHY interface Shannon Nelson (1): macvlan: filter out unsupported feature flags Soheil Hassas Yeganeh (2): tcp: reset sk_send_head in tcp_write_queue_purge tcp: purge write queue upon aborting the connection Stefano Brivio (1): ipv6: old_dport should be a __be16 in __ip6_datagram_connect() Tom Herbert (1): kcm: lock lower socket in kcm_attach Vinicius Costa Gomes (1): skbuff: Fix not waking applications when errors are enqueued

7 years, 3 months

1
1
0 0

Linux 4.15.15

by Greg KH

I'm announcing the release of the 4.15.15 kernel. All users of the 4.15 kernel series must upgrade. The updated 4.15.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-4.15.y and can be browsed at the normal kernel.org git web browser: http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary thanks, greg k-h ------------ Makefile | 2 drivers/net/ethernet/arc/emac_rockchip.c | 6 drivers/net/ethernet/broadcom/bcmsysport.c | 33 +-- drivers/net/ethernet/broadcom/bcmsysport.h | 2 drivers/net/ethernet/freescale/dpaa/dpaa_eth.c | 8 drivers/net/ethernet/freescale/fec_main.c | 2 drivers/net/ethernet/mellanox/mlxsw/spectrum_buffers.c | 12 - drivers/net/ethernet/qlogic/qed/qed_iwarp.c | 17 + drivers/net/ethernet/qlogic/qede/qede_main.c | 4 drivers/net/ethernet/ti/cpsw.c | 3 drivers/net/macvlan.c | 2 drivers/net/phy/phy.c | 173 ++++++++--------- drivers/net/phy/phy_device.c | 15 + drivers/net/ppp/ppp_generic.c | 26 +- drivers/net/team/team.c | 4 drivers/s390/net/qeth_core_main.c | 21 +- drivers/s390/net/qeth_l2_main.c | 2 drivers/s390/net/qeth_l3_main.c | 2 drivers/soc/fsl/qbman/qman.c | 28 -- fs/sysfs/symlink.c | 1 include/linux/cgroup-defs.h | 4 include/linux/phy.h | 1 include/linux/rhashtable.h | 4 include/net/sch_generic.h | 19 + lib/rhashtable.c | 4 lib/test_rhashtable.c | 134 +++++++++++++ net/core/dev.c | 22 +- net/core/devlink.c | 16 - net/core/skbuff.c | 2 net/dccp/proto.c | 5 net/dsa/legacy.c | 2 net/ieee802154/6lowpan/core.c | 12 - net/ipv4/inet_fragment.c | 3 net/ipv4/ip_sockglue.c | 6 net/ipv4/tcp.c | 1 net/ipv4/tcp_timer.c | 1 net/ipv6/datagram.c | 21 +- net/ipv6/ndisc.c | 3 net/ipv6/route.c | 71 ++++-- net/ipv6/seg6_iptunnel.c | 7 net/iucv/af_iucv.c | 4 net/kcm/kcmsock.c | 33 ++- net/l2tp/l2tp_core.c | 8 net/netlink/genetlink.c | 2 net/openvswitch/meter.c | 12 - net/sched/act_tunnel_key.c | 1 net/sched/sch_netem.c | 2 47 files changed, 500 insertions(+), 263 deletions(-) Alexey Kodanev (2): sch_netem: fix skb leak in netem_enqueue() dccp: check sk for closed state in dccp_sendmsg() Arkadi Sharshevsky (2): devlink: Remove redundant free on error path team: Fix double free in error path Arvind Yadav (1): net/iucv: Free memory obtained by kzalloc Brad Mouring (1): net: phy: Tell caller result of phy_change() Camelia Groza (3): dpaa_eth: remove duplicate initialization dpaa_eth: increment the RX dropped counter when needed dpaa_eth: remove duplicate increment of the tx_errors counter Christophe JAILLET (1): net: ethernet: arc: Fix a potential memory leak if an optional regulator is deferred David Ahern (1): net: Only honor ifindex in IP_PKTINFO if non-0 David Lebrun (2): ipv6: sr: fix NULL pointer dereference when setting encap source address ipv6: sr: fix scheduling in RCU when creating seg6 lwtunnel state Eric Dumazet (3): ieee802154: 6lowpan: fix possible NULL deref in lowpan_device_event() net: use skb_to_full_sk() in skb_update_prio() l2tp: do not accept arbitrary sockets Florian Fainelli (3): net: dsa: Fix dsa_is_user_port() test inversion net: fec: Fix unbalanced PM runtime calls net: systemport: Rewrite __bcm_sysport_tx_reclaim() Greg Kroah-Hartman (1): Linux 4.15.15 Grygorii Strashko (2): sysfs: symlink: export sysfs_create_link_nowarn() net: phy: relax error checking when creating sysfs link netdev->phydev Guillaume Nault (1): ppp: avoid loop in xmit recursion detection code Ido Schimmel (1): mlxsw: spectrum_buffers: Set a minimum quota for CPU port traffic Julian Wiedmann (4): s390/qeth: free netdevice when removing a card s390/qeth: when thread completes, wake up all waiters s390/qeth: lock read device while queueing next buffer s390/qeth: on channel error, reject further cmd requests Kirill Tkhai (1): net: Fix hlist corruptions in inet_evict_bucket() Lorenzo Bianconi (1): ipv6: fix access to non-linear packet in ndisc_fill_redirect_hdr_option() Madalin Bucur (2): soc/fsl/qbman: fix issue in qman_delete_cgr_safe() dpaa_eth: fix error in dpaa_remove() Michal Kalderon (3): qed: Fix MPA unalign flow in case header is split across two packets. qed: Fix non TCP packets should be dropped on iWARP ll2 connection qede: Fix qedr link update Nicolas Dichtel (1): netlink: avoid a double skb free in genlmsg_mcast() Paolo Abeni (1): net: ipv6: keep sk status consistent after datagram connect failure Paul Blakey (2): rhashtable: Fix rhlist duplicates insertion test_rhashtable: add test case for rhltable with duplicate objects Roman Mashak (1): net sched actions: return explicit error when tunnel_key mode is not specified SZ Lin (林上智) (1): net: ethernet: ti: cpsw: add check for in-band mode setting with RGMII PHY interface Shannon Nelson (1): macvlan: filter out unsupported feature flags Soheil Hassas Yeganeh (1): tcp: purge write queue upon aborting the connection Stefano Brivio (2): ipv6: old_dport should be a __be16 in __ip6_datagram_connect() ipv6: Reflect MTU changes on PMTU of exceptions for MTU-less routes Tom Herbert (1): kcm: lock lower socket in kcm_attach Vinicius Costa Gomes (1): skbuff: Fix not waking applications when errors are enqueued zhangliping (1): openvswitch: meter: fix the incorrect calculation of max delta_t

7 years, 3 months

1
1
0 0

Patch "[PATCH] Revert "genirq: Use irqd_get_trigger_type to compare the" has been added to the 4.9-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled [PATCH] Revert "genirq: Use irqd_get_trigger_type to compare the to the 4.9-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: revert-genirq-use-irqd_get_trigger_type-to-compare-the.patch and it can be found in the queue-4.9 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From 5512cca5c518c20037b10369a4725327202dd80b Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Date: Fri, 30 Mar 2018 10:53:44 +0200 Subject: [PATCH] Revert "genirq: Use irqd_get_trigger_type to compare the trigger type for shared IRQs" This reverts commit f2596a9808acfd02ce1ee389f0e1c37e64aec5f6 which is commit 382bd4de61827dbaaf5fb4fb7b1f4be4a86505e7 upstream. It causes too many problems with the stable tree, and would require too many other things to be backported, so just revert it. Reported-by: Guenter Roeck <linux(a)roeck-us.net> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: Hans de Goede <hdegoede(a)redhat.com> Cc: Marc Zyngier <marc.zyngier(a)arm.com> Cc: Thomas Gleixner <tglx(a)linutronix.de> Cc: Sasha Levin <alexander.levin(a)microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- kernel/irq/manage.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) --- a/kernel/irq/manage.c +++ b/kernel/irq/manage.c @@ -1210,10 +1210,8 @@ __setup_irq(unsigned int irq, struct irq * set the trigger type must match. Also all must * agree on ONESHOT. */ - unsigned int oldtype = irqd_get_trigger_type(&desc->irq_data); - if (!((old->flags & new->flags) & IRQF_SHARED) || - (oldtype != (new->flags & IRQF_TRIGGER_MASK)) || + ((old->flags ^ new->flags) & IRQF_TRIGGER_MASK) || ((old->flags ^ new->flags) & IRQF_ONESHOT)) goto mismatch; Patches currently in stable-queue which might be from gregkh(a)linuxfoundation.org are queue-4.9/net-fix-hlist-corruptions-in-inet_evict_bucket.patch queue-4.9/ppp-avoid-loop-in-xmit-recursion-detection-code.patch queue-4.9/ipv6-fix-access-to-non-linear-packet-in-ndisc_fill_redirect_hdr_option.patch queue-4.9/net-only-honor-ifindex-in-ip_pktinfo-if-non-0.patch queue-4.9/skbuff-fix-not-waking-applications-when-errors-are-enqueued.patch queue-4.9/rhashtable-fix-rhlist-duplicates-insertion.patch queue-4.9/kcm-lock-lower-socket-in-kcm_attach.patch queue-4.9/s390-qeth-when-thread-completes-wake-up-all-waiters.patch queue-4.9/sch_netem-fix-skb-leak-in-netem_enqueue.patch queue-4.9/s390-qeth-lock-read-device-while-queueing-next-buffer.patch queue-4.9/net-systemport-rewrite-__bcm_sysport_tx_reclaim.patch queue-4.9/revert-genirq-use-irqd_get_trigger_type-to-compare-the.patch queue-4.9/l2tp-do-not-accept-arbitrary-sockets.patch queue-4.9/netlink-avoid-a-double-skb-free-in-genlmsg_mcast.patch queue-4.9/team-fix-double-free-in-error-path.patch queue-4.9/net-use-skb_to_full_sk-in-skb_update_prio.patch queue-4.9/ieee802154-6lowpan-fix-possible-null-deref-in-lowpan_device_event.patch queue-4.9/net-hns-fix-a-skb-used-after-free-bug.patch queue-4.9/soc-fsl-qbman-fix-issue-in-qman_delete_cgr_safe.patch queue-4.9/net-iucv-free-memory-obtained-by-kzalloc.patch queue-4.9/net-ethernet-arc-fix-a-potential-memory-leak-if-an-optional-regulator-is-deferred.patch queue-4.9/s390-qeth-on-channel-error-reject-further-cmd-requests.patch queue-4.9/scsi-sg-don-t-return-bogus-sg_requests.patch queue-4.9/dccp-check-sk-for-closed-state-in-dccp_sendmsg.patch queue-4.9/net-fec-fix-unbalanced-pm-runtime-calls.patch queue-4.9/net-ethernet-ti-cpsw-add-check-for-in-band-mode-setting-with-rgmii-phy-interface.patch queue-4.9/net-sched-actions-return-explicit-error-when-tunnel_key-mode-is-not-specified.patch queue-4.9/s390-qeth-free-netdevice-when-removing-a-card.patch

7 years, 3 months

1
0
0 0

[PATCH 4.15 00/47] 4.15.15-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.15.15 release. There are 47 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sat Mar 31 17:57:05 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.15.15-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.15.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.15.15-rc1 Arkadi Sharshevsky <arkadis(a)mellanox.com> team: Fix double free in error path Vinicius Costa Gomes <vinicius.gomes(a)intel.com> skbuff: Fix not waking applications when errors are enqueued Michal Kalderon <Michal.Kalderon(a)cavium.com> qede: Fix qedr link update Florian Fainelli <f.fainelli(a)gmail.com> net: systemport: Rewrite __bcm_sysport_tx_reclaim() David Ahern <dsahern(a)gmail.com> net: Only honor ifindex in IP_PKTINFO if non-0 Nicolas Dichtel <nicolas.dichtel(a)6wind.com> netlink: avoid a double skb free in genlmsg_mcast() Arvind Yadav <arvind.yadav.cs(a)gmail.com> net/iucv: Free memory obtained by kzalloc Florian Fainelli <f.fainelli(a)gmail.com> net: fec: Fix unbalanced PM runtime calls SZ Lin (林上智) <sz.lin(a)moxa.com> net: ethernet: ti: cpsw: add check for in-band mode setting with RGMII PHY interface Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> net: ethernet: arc: Fix a potential memory leak if an optional regulator is deferred Eric Dumazet <edumazet(a)google.com> l2tp: do not accept arbitrary sockets Lorenzo Bianconi <lorenzo.bianconi(a)redhat.com> ipv6: fix access to non-linear packet in ndisc_fill_redirect_hdr_option() Alexey Kodanev <alexey.kodanev(a)oracle.com> dccp: check sk for closed state in dccp_sendmsg() Camelia Groza <camelia.groza(a)nxp.com> dpaa_eth: remove duplicate increment of the tx_errors counter Camelia Groza <camelia.groza(a)nxp.com> dpaa_eth: increment the RX dropped counter when needed Camelia Groza <camelia.groza(a)nxp.com> dpaa_eth: remove duplicate initialization Madalin Bucur <madalin.bucur(a)nxp.com> dpaa_eth: fix error in dpaa_remove() Madalin Bucur <madalin.bucur(a)nxp.com> soc/fsl/qbman: fix issue in qman_delete_cgr_safe() Julian Wiedmann <jwi(a)linux.vnet.ibm.com> s390/qeth: on channel error, reject further cmd requests Julian Wiedmann <jwi(a)linux.vnet.ibm.com> s390/qeth: lock read device while queueing next buffer Julian Wiedmann <jwi(a)linux.vnet.ibm.com> s390/qeth: when thread completes, wake up all waiters Julian Wiedmann <jwi(a)linux.vnet.ibm.com> s390/qeth: free netdevice when removing a card Kirill Tkhai <ktkhai(a)virtuozzo.com> net: Fix hlist corruptions in inet_evict_bucket() Eric Dumazet <edumazet(a)google.com> net: use skb_to_full_sk() in skb_update_prio() Eric Dumazet <edumazet(a)google.com> ieee802154: 6lowpan: fix possible NULL deref in lowpan_device_event() Alexey Kodanev <alexey.kodanev(a)oracle.com> sch_netem: fix skb leak in netem_enqueue() Tom Herbert <tom(a)quantonium.net> kcm: lock lower socket in kcm_attach Paul Blakey <paulb(a)mellanox.com> test_rhashtable: add test case for rhltable with duplicate objects Paul Blakey <paulb(a)mellanox.com> rhashtable: Fix rhlist duplicates insertion Guillaume Nault <g.nault(a)alphalink.fr> ppp: avoid loop in xmit recursion detection code Roman Mashak <mrv(a)mojatatu.com> net sched actions: return explicit error when tunnel_key mode is not specified Stefano Brivio <sbrivio(a)redhat.com> ipv6: Reflect MTU changes on PMTU of exceptions for MTU-less routes Brad Mouring <brad.mouring(a)ni.com> net: phy: Tell caller result of phy_change() Ido Schimmel <idosch(a)mellanox.com> mlxsw: spectrum_buffers: Set a minimum quota for CPU port traffic David Lebrun <dlebrun(a)google.com> ipv6: sr: fix scheduling in RCU when creating seg6 lwtunnel state David Lebrun <dlebrun(a)google.com> ipv6: sr: fix NULL pointer dereference when setting encap source address Stefano Brivio <sbrivio(a)redhat.com> ipv6: old_dport should be a __be16 in __ip6_datagram_connect() Paolo Abeni <pabeni(a)redhat.com> net: ipv6: keep sk status consistent after datagram connect failure Shannon Nelson <shannon.nelson(a)oracle.com> macvlan: filter out unsupported feature flags Arkadi Sharshevsky <arkadis(a)mellanox.com> devlink: Remove redundant free on error path Grygorii Strashko <grygorii.strashko(a)ti.com> net: phy: relax error checking when creating sysfs link netdev->phydev Grygorii Strashko <grygorii.strashko(a)ti.com> sysfs: symlink: export sysfs_create_link_nowarn() Michal Kalderon <Michal.Kalderon(a)cavium.com> qed: Fix non TCP packets should be dropped on iWARP ll2 connection Soheil Hassas Yeganeh <soheil(a)google.com> tcp: purge write queue upon aborting the connection Michal Kalderon <Michal.Kalderon(a)cavium.com> qed: Fix MPA unalign flow in case header is split across two packets. zhangliping <zhangliping02(a)baidu.com> openvswitch: meter: fix the incorrect calculation of max delta_t Florian Fainelli <f.fainelli(a)gmail.com> net: dsa: Fix dsa_is_user_port() test inversion ------------- Diffstat: Makefile | 4 +- drivers/net/ethernet/arc/emac_rockchip.c | 6 +- drivers/net/ethernet/broadcom/bcmsysport.c | 33 ++-- drivers/net/ethernet/broadcom/bcmsysport.h | 2 +- drivers/net/ethernet/freescale/dpaa/dpaa_eth.c | 8 +- drivers/net/ethernet/freescale/fec_main.c | 2 + .../net/ethernet/mellanox/mlxsw/spectrum_buffers.c | 12 +- drivers/net/ethernet/qlogic/qed/qed_iwarp.c | 17 +- drivers/net/ethernet/qlogic/qede/qede_main.c | 4 +- drivers/net/ethernet/ti/cpsw.c | 3 +- drivers/net/macvlan.c | 2 +- drivers/net/phy/phy.c | 173 ++++++++++----------- drivers/net/phy/phy_device.c | 15 +- drivers/net/ppp/ppp_generic.c | 26 ++-- drivers/net/team/team.c | 4 +- drivers/s390/net/qeth_core_main.c | 21 ++- drivers/s390/net/qeth_l2_main.c | 2 +- drivers/s390/net/qeth_l3_main.c | 2 +- drivers/soc/fsl/qbman/qman.c | 28 +--- fs/sysfs/symlink.c | 1 + include/linux/cgroup-defs.h | 4 +- include/linux/phy.h | 1 - include/linux/rhashtable.h | 4 +- include/net/sch_generic.h | 19 +++ lib/rhashtable.c | 4 +- lib/test_rhashtable.c | 134 ++++++++++++++++ net/core/dev.c | 22 ++- net/core/devlink.c | 16 +- net/core/skbuff.c | 2 +- net/dccp/proto.c | 5 + net/dsa/legacy.c | 2 +- net/ieee802154/6lowpan/core.c | 12 +- net/ipv4/inet_fragment.c | 3 + net/ipv4/ip_sockglue.c | 6 +- net/ipv4/tcp.c | 1 + net/ipv4/tcp_timer.c | 1 + net/ipv6/datagram.c | 21 ++- net/ipv6/ndisc.c | 3 +- net/ipv6/route.c | 71 +++++---- net/ipv6/seg6_iptunnel.c | 7 +- net/iucv/af_iucv.c | 4 +- net/kcm/kcmsock.c | 33 ++-- net/l2tp/l2tp_core.c | 8 +- net/netlink/genetlink.c | 2 +- net/openvswitch/meter.c | 12 +- net/sched/act_tunnel_key.c | 1 + net/sched/sch_netem.c | 2 +- 47 files changed, 501 insertions(+), 264 deletions(-)

7 years, 3 months

4
52
0 0

[PATCH 4.4 00/20] 4.4.126-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.4.126 release. There are 20 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Sat Mar 31 17:57:30 UTC 2018. Anything received after that time might be too late. The whole patch series can be found in one patch at: https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.4.126-rc… or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.4.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.4.126-rc1 Florian Fainelli <f.fainelli(a)gmail.com> net: systemport: Rewrite __bcm_sysport_tx_reclaim() Florian Fainelli <f.fainelli(a)gmail.com> net: fec: Fix unbalanced PM runtime calls Eric Dumazet <edumazet(a)google.com> ieee802154: 6lowpan: fix possible NULL deref in lowpan_device_event() Julian Wiedmann <jwi(a)linux.vnet.ibm.com> s390/qeth: on channel error, reject further cmd requests Julian Wiedmann <jwi(a)linux.vnet.ibm.com> s390/qeth: lock read device while queueing next buffer Julian Wiedmann <jwi(a)linux.vnet.ibm.com> s390/qeth: when thread completes, wake up all waiters Julian Wiedmann <jwi(a)linux.vnet.ibm.com> s390/qeth: free netdevice when removing a card Arkadi Sharshevsky <arkadis(a)mellanox.com> team: Fix double free in error path Vinicius Costa Gomes <vinicius.gomes(a)intel.com> skbuff: Fix not waking applications when errors are enqueued David Ahern <dsahern(a)gmail.com> net: Only honor ifindex in IP_PKTINFO if non-0 Nicolas Dichtel <nicolas.dichtel(a)6wind.com> netlink: avoid a double skb free in genlmsg_mcast() Arvind Yadav <arvind.yadav.cs(a)gmail.com> net/iucv: Free memory obtained by kzalloc SZ Lin (林上智) <sz.lin(a)moxa.com> net: ethernet: ti: cpsw: add check for in-band mode setting with RGMII PHY interface Christophe JAILLET <christophe.jaillet(a)wanadoo.fr> net: ethernet: arc: Fix a potential memory leak if an optional regulator is deferred Eric Dumazet <edumazet(a)google.com> l2tp: do not accept arbitrary sockets Lorenzo Bianconi <lorenzo.bianconi(a)redhat.com> ipv6: fix access to non-linear packet in ndisc_fill_redirect_hdr_option() Alexey Kodanev <alexey.kodanev(a)oracle.com> dccp: check sk for closed state in dccp_sendmsg() Kirill Tkhai <ktkhai(a)virtuozzo.com> net: Fix hlist corruptions in inet_evict_bucket() Marc Zyngier <marc.zyngier(a)arm.com> genirq: Track whether the trigger type has been set Johannes Thumshirn <jthumshirn(a)suse.de> scsi: sg: don't return bogus Sg_requests ------------- Diffstat: Makefile | 4 ++-- drivers/net/ethernet/arc/emac_rockchip.c | 6 ++++-- drivers/net/ethernet/broadcom/bcmsysport.c | 33 ++++++++++++++---------------- drivers/net/ethernet/broadcom/bcmsysport.h | 2 +- drivers/net/ethernet/freescale/fec_main.c | 2 ++ drivers/net/ethernet/ti/cpsw.c | 3 ++- drivers/net/team/team.c | 4 ++-- drivers/s390/net/qeth_core_main.c | 21 +++++++++++++------ drivers/s390/net/qeth_l2_main.c | 2 +- drivers/s390/net/qeth_l3_main.c | 2 +- drivers/scsi/sg.c | 5 +++-- include/linux/irq.h | 11 +++++++++- kernel/irq/manage.c | 13 +++++++++++- net/core/skbuff.c | 2 +- net/dccp/proto.c | 5 +++++ net/ieee802154/6lowpan/core.c | 12 +++++++---- net/ipv4/inet_fragment.c | 3 +++ net/ipv4/ip_sockglue.c | 6 ++++-- net/ipv6/ndisc.c | 3 ++- net/iucv/af_iucv.c | 4 +++- net/l2tp/l2tp_core.c | 8 ++++++-- net/netlink/genetlink.c | 2 +- 22 files changed, 103 insertions(+), 50 deletions(-)

7 years, 3 months

5
26
0 0

Status of arm64 spectre backport for v4.4.y

by Guenter Roeck

Hi Greg, Hi Alex, do you have an idea if and when the arm64 Spectre backport to v4.4.y [1] might make it into a stable release ? Thanks, Guenter --- [1] https://www.spinics.net/lists/arm-kernel/msg639767.html

7 years, 3 months

2
1
0 0

[PATCH -v2] ext4: limit xattr size to INT_MAX

by Theodore Ts'o

From: Eric Biggers <ebiggers(a)google.com> ext4 isn't validating the sizes of xattrs. This is problematic because ->e_value_size is a u32, but ext4_xattr_get() returns an int. A very large size is misinterpreted as an error code, which ext4_get_acl() translates into a bogus ERR_PTR() for which IS_ERR() returns false, causing a crash. Fix this by validating that all xattrs are <= INT_MAX bytes. Also add explicit checks in ext4_xattr_block_get() and ext4_xattr_ibody_get() just in case the xattr block is corrupted in memory. Also if the xattr block is corrupted, mark the file system as containing an error. This issue has been assigned CVE-2018-1095. https://bugzilla.kernel.org/show_bug.cgi?id=199185 https://bugzilla.redhat.com/show_bug.cgi?id=1560793 Reported-by: Wen Xu <wen.xu(a)gatech.edu> Signed-off-by: Eric Biggers <ebiggers(a)google.com> Signed-off-by: Theodore Ts'o <tytso(a)mit.edu> Cc: stable(a)vger.kernel.org --- fs/ext4/xattr.c | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c index 63656dbafdc4..d2a9b078e121 100644 --- a/fs/ext4/xattr.c +++ b/fs/ext4/xattr.c @@ -195,10 +195,14 @@ ext4_xattr_check_entries(struct ext4_xattr_entry *entry, void *end, /* Check the values */ while (!IS_LAST_ENTRY(entry)) { + u32 size = le32_to_cpu(entry->e_value_size); + + if (size > INT_MAX) + return -EFSCORRUPTED; + if (entry->e_value_size != 0 && entry->e_value_inum == 0) { u16 offs = le16_to_cpu(entry->e_value_offs); - u32 size = le32_to_cpu(entry->e_value_size); void *value; /* @@ -523,8 +527,10 @@ ext4_xattr_block_get(struct inode *inode, int name_index, const char *name, if (error) goto cleanup; size = le32_to_cpu(entry->e_value_size); + error = -ERANGE; + if (unlikely(size > INT_MAX)) + goto cleanup; if (buffer) { - error = -ERANGE; if (size > buffer_size) goto cleanup; if (entry->e_value_inum) { @@ -572,8 +578,10 @@ ext4_xattr_ibody_get(struct inode *inode, int name_index, const char *name, if (error) goto cleanup; size = le32_to_cpu(entry->e_value_size); + error = -ERANGE; + if (unlikely(size > INT_MAX)) + goto cleanup; if (buffer) { - error = -ERANGE; if (size > buffer_size) goto cleanup; if (entry->e_value_inum) { -- 2.16.1.72.g5be1f00a9a

7 years, 3 months

3
2
0 0

+ hugetlbfs-fix-bug-in-pgoff-overflow-checking.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: hugetlbfs: fix bug in pgoff overflow checking has been added to the -mm tree. Its filename is hugetlbfs-fix-bug-in-pgoff-overflow-checking.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/hugetlbfs-fix-bug-in-pgoff-overflo… and later at http://ozlabs.org/~akpm/mmotm/broken-out/hugetlbfs-fix-bug-in-pgoff-overflo… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Mike Kravetz <mike.kravetz(a)oracle.com> Subject: hugetlbfs: fix bug in pgoff overflow checking This is a fix for a regression in 32 bit kernels caused by an invalid check for pgoff overflow in hugetlbfs mmap setup. The check incorrectly specified that the size of a loff_t was the same as the size of a long. The regression prevents mapping hugetlbfs files at offsets greater than 4GB on 32 bit kernels. On 32 bit kernels conversion from a page based unsigned long can not overflow a loff_t byte offset. Therefore, skip this check if sizeof(unsigned long) != sizeof(loff_t). Link: http://lkml.kernel.org/r/20180330145402.5053-1-mike.kravetz@oracle.com Fixes: 63489f8e8211 ("hugetlbfs: check for pgoff value overflow") Reported-by: Dan Rue <dan.rue(a)linaro.org> Signed-off-by: Mike Kravetz <mike.kravetz(a)oracle.com> Cc: Michal Hocko <mhocko(a)kernel.org> Cc: Yisheng Xie <xieyisheng1(a)huawei.com> Cc: "Kirill A . Shutemov" <kirill.shutemov(a)linux.intel.com> Cc: Nic Losby <blurbdust(a)gmail.com> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- fs/hugetlbfs/inode.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff -puN fs/hugetlbfs/inode.c~hugetlbfs-fix-bug-in-pgoff-overflow-checking fs/hugetlbfs/inode.c --- a/fs/hugetlbfs/inode.c~hugetlbfs-fix-bug-in-pgoff-overflow-checking +++ a/fs/hugetlbfs/inode.c @@ -138,10 +138,14 @@ static int hugetlbfs_file_mmap(struct fi /* * page based offset in vm_pgoff could be sufficiently large to - * overflow a (l)off_t when converted to byte offset. + * overflow a loff_t when converted to byte offset. This can + * only happen on architectures where sizeof(loff_t) == + * sizeof(unsigned long). So, only check in those instances. */ - if (vma->vm_pgoff & PGOFF_LOFFT_MAX) - return -EINVAL; + if (sizeof(unsigned long) == sizeof(loff_t)) { + if (vma->vm_pgoff & PGOFF_LOFFT_MAX) + return -EINVAL; + } /* must be huge page aligned */ if (vma->vm_pgoff & (~huge_page_mask(h) >> PAGE_SHIFT)) _ Patches currently in -mm which might be from mike.kravetz(a)oracle.com are hugetlbfs-fix-bug-in-pgoff-overflow-checking.patch mm-hugetlbfs-move-hugetlbfs_i-outside-ifdef-config_hugetlbfs.patch mm-memfd-split-out-memfd-for-use-by-multiple-filesystems.patch mm-memfd-remove-memfd-code-from-shmem-files-and-use-new-memfd-files.patch mm-make-start_isolate_page_range-fail-if-already-isolated.patch

7 years, 3 months

1
0
0 0

+ mm-memblock-fix-potential-issue-in-memblock_search_pfn_nid.patch added to -mm tree

by akpm＠linux-foundation.org

The patch titled Subject: mm/memblock: fix potential issue in memblock_search_pfn_nid() has been added to the -mm tree. Its filename is mm-memblock-fix-potential-issue-in-memblock_search_pfn_nid.patch This patch should soon appear at http://ozlabs.org/~akpm/mmots/broken-out/mm-memblock-fix-potential-issue-in… and later at http://ozlabs.org/~akpm/mmotm/broken-out/mm-memblock-fix-potential-issue-in… Before you just go and hit "reply", please: a) Consider who else should be cc'ed b) Prefer to cc a suitable mailing list as well c) Ideally: find the original patch on the mailing list and do a reply-to-all to that, adding suitable additional cc's *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** The -mm tree is included into linux-next and is updated there every 3-4 working days ------------------------------------------------------ From: Wei Yang <richard.weiyang(a)gmail.com> Subject: mm/memblock: fix potential issue in memblock_search_pfn_nid() memblock_search_pfn_nid() returns the nid and the [start|end]_pfn of the memory region where pfn sits in. While the calculation of start_pfn has potential issue when the regions base is not page aligned. For example, we assume PAGE_SHIFT is 12 and base is 0x1234. Current implementation would return 1 while this is not correct. This patch fixes this by using PFN_UP(). The original commit is commit e76b63f80d93 ("memblock, numa: binary search node id") and merged in v3.12. Link: http://lkml.kernel.org/r/20180330033055.22340-1-richard.weiyang@gmail.com Fixes: e76b63f80d93 ("memblock, numa: binary search node id") Signed-off-by: Wei Yang <richard.weiyang(a)gmail.com> Cc: Michal Hocko <mhocko(a)suse.com> Cc: Yinghai Lu <yinghai(a)kernel.org> Cc: Jia He <hejianet(a)gmail.com> Cc: <stable(a)vger.kernel.org> [3.12+] Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/memblock.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff -puN mm/memblock.c~mm-memblock-fix-potential-issue-in-memblock_search_pfn_nid mm/memblock.c --- a/mm/memblock.c~mm-memblock-fix-potential-issue-in-memblock_search_pfn_nid +++ a/mm/memblock.c @@ -1646,7 +1646,7 @@ int __init_memblock memblock_search_pfn_ if (mid == -1) return -1; - *start_pfn = PFN_DOWN(type->regions[mid].base); + *start_pfn = PFN_UP(type->regions[mid].base); *end_pfn = PFN_DOWN(type->regions[mid].base + type->regions[mid].size); return type->regions[mid].nid; _ Patches currently in -mm which might be from richard.weiyang(a)gmail.com are mm-check-__highest_present_sectioin_nr-directly-in-memory_dev_init.patch mm-memblock-fix-potential-issue-in-memblock_search_pfn_nid.patch

7 years, 3 months

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror