lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20151026190201.GB6293@charon>
Date:	Mon, 26 Oct 2015 19:02:01 +0000
From:	Luis Henriques <luis.henriques@...onical.com>
To:	linux-kernel@...r.kernel.org, stable@...r.kernel.org,
	kernel-team@...ts.ubuntu.com
Subject: Re: [3.16.y-ckt stable] Linux 3.16.7-ckt19 stable review

On Mon, Oct 26, 2015 at 01:41:42PM +0000, Luis Henriques wrote:
> This is the start of the review cycle for the Linux 3.16.7-ckt19 stable kernel.
> 
> This version contains 104 new patches, summarized below.  The new patches are
> posted as replies to this message and also available in this git branch:
>

I am adding 3 additional patches for this 3.16 stable kernel release,
that fix CVE-2015-7872:

911b79cde95c KEYS: Don't permit request_key() to construct a new keyring
f05819df10d7 KEYS: Fix crash when attempt to garbage collect an uninstantiated keyring
94c4554ba07a KEYS: Fix race between key destruction and finding a keyring by name

Cheers,
--
Luís


> http://kernel.ubuntu.com/git/ubuntu/linux.git/log/?h=linux-3.16.y-review
> 
> git://kernel.ubuntu.com/ubuntu/linux.git  linux-3.16.y-review
> 
> The review period for version 3.16.7-ckt19 will be open for the next three days.
> To report a problem, please reply to the relevant follow-up patch message.
> 
> For more information about the Linux 3.16.y-ckt extended stable kernel version,
> see https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable .
> 
>  -Luis
> 
> --
>  arch/arm/Kconfig                           |   1 -
>  arch/arm/Makefile                          |   8 ++
>  arch/arm/boot/dts/omap3-beagle.dts         |   2 +-
>  arch/arm/boot/dts/omap5-uevm.dts           |   4 +-
>  arch/arm/kernel/signal.c                   |  15 ++--
>  arch/arm/kvm/interrupts_head.S             |   6 +-
>  arch/arm/mach-orion5x/include/mach/irqs.h  |  64 +++++++--------
>  arch/arm/mach-orion5x/irq.c                |   4 +-
>  arch/arm64/Kconfig                         |  16 ++++
>  arch/arm64/Makefile                        |   4 +
>  arch/arm64/kernel/head.S                   |   5 ++
>  arch/arm64/kernel/module.c                 |   2 +
>  arch/arm64/kernel/signal32.c               |  47 ++++++++---
>  arch/arm64/kvm/hyp.S                       |   5 +-
>  arch/m68k/include/asm/linkage.h            |  30 +++++++
>  arch/mips/kernel/cps-vec.S                 |  12 +--
>  arch/mips/mm/dma-default.c                 |   2 +-
>  arch/powerpc/boot/Makefile                 |   3 +
>  arch/powerpc/mm/hugepage-hash64.c          |   3 +-
>  arch/x86/include/uapi/asm/msr-index.h      |   1 +
>  arch/x86/kernel/apic/apic.c                |   7 ++
>  arch/x86/kernel/entry_64.S                 |  16 +++-
>  arch/x86/kernel/paravirt.c                 |  16 +++-
>  arch/x86/kernel/tsc.c                      |  17 ++--
>  arch/x86/kvm/svm.c                         |   2 +-
>  arch/x86/kvm/x86.c                         |   2 +
>  arch/x86/mm/init_64.c                      |   2 +-
>  arch/x86/platform/efi/efi.c                |  67 +++++++++++++++-
>  drivers/block/zram/zcomp.c                 |  12 +--
>  drivers/cpufreq/intel_pstate.c             |  10 +--
>  drivers/dma/dw/core.c                      |   4 +-
>  drivers/gpu/drm/i915/intel_bios.c          |  12 ++-
>  drivers/gpu/drm/qxl/qxl_display.c          |  14 ++--
>  drivers/gpu/drm/radeon/atombios_encoders.c |   8 +-
>  drivers/gpu/drm/vmwgfx/vmwgfx_drv.h        |   6 +-
>  drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c    |   6 +-
>  drivers/gpu/drm/vmwgfx/vmwgfx_overlay.c    |   2 +-
>  drivers/gpu/drm/vmwgfx/vmwgfx_resource.c   |  29 +++++--
>  drivers/gpu/drm/vmwgfx/vmwgfx_shader.c     |   2 +-
>  drivers/gpu/drm/vmwgfx/vmwgfx_surface.c    |  12 ++-
>  drivers/hwmon/nct6775.c                    |  16 ++--
>  drivers/infiniband/ulp/isert/ib_isert.c    |   9 ++-
>  drivers/mtd/ubi/io.c                       |   5 ++
>  drivers/mtd/ubi/vtbl.c                     |   1 +
>  drivers/mtd/ubi/wl.c                       |   1 +
>  drivers/net/ethernet/marvell/mvneta.c      |   4 +-
>  drivers/net/ppp/pppoe.c                    |   1 -
>  drivers/net/usb/asix_devices.c             |  16 +---
>  drivers/net/vxlan.c                        |  10 +--
>  drivers/net/xen-netfront.c                 |   3 +-
>  drivers/pci/access.c                       |  27 +------
>  drivers/pci/quirks.c                       |  20 ++++-
>  drivers/platform/x86/hp-wmi.c              |  35 +++++---
>  drivers/spi/spi-pxa2xx.c                   |   4 +
>  drivers/spi/spi-xtensa-xtfpga.c            |   4 +-
>  drivers/spi/spi.c                          |   3 +-
>  drivers/staging/android/ion/ion.c          |   6 +-
>  drivers/usb/chipidea/udc.c                 |  84 +++++++++----------
>  drivers/usb/core/config.c                  |   5 +-
>  drivers/usb/host/ehci-fsl.c                |  13 +++
>  drivers/usb/host/ehci-hub.c                |   7 ++
>  drivers/usb/host/ehci.h                    |  12 +++
>  drivers/usb/host/fsl-mph-dr-of.c           |  10 +++
>  drivers/usb/host/xhci-mem.c                |  23 +++---
>  drivers/usb/host/xhci-ring.c               |  13 ++-
>  drivers/usb/host/xhci.c                    |   9 +--
>  drivers/usb/serial/option.c                |  24 ++++++
>  drivers/usb/serial/whiteheat.c             |  31 ++++++++
>  fs/btrfs/extent_io.c                       |  65 +++++++++++++--
>  fs/btrfs/inode.c                           |   3 +-
>  fs/cifs/cifsencrypt.c                      |  53 +++++++++++-
>  fs/cifs/ioctl.c                            |   6 ++
>  fs/cifs/smb2ops.c                          |   8 +-
>  fs/coredump.c                              |  38 +++++++--
>  fs/dcache.c                                |   7 ++
>  fs/jbd2/checkpoint.c                       |  39 +++++++--
>  fs/jbd2/commit.c                           |   2 +-
>  fs/jbd2/journal.c                          |  11 ++-
>  fs/namei.c                                 |  31 +++++++-
>  fs/ocfs2/dlm/dlmmaster.c                   |   9 ++-
>  fs/ocfs2/dlm/dlmrecovery.c                 |   8 +-
>  include/linux/fsl_devices.h                |   2 +
>  include/linux/jbd2.h                       |   3 +-
>  include/linux/skbuff.h                     |   5 +-
>  include/net/af_unix.h                      |   6 +-
>  include/net/sock.h                         |   8 ++
>  ipc/msg.c                                  |  14 ++--
>  ipc/sem.c                                  |  15 ++--
>  ipc/shm.c                                  |  12 +--
>  ipc/util.c                                 |   8 +-
>  kernel/irq/proc.c                          |  19 ++++-
>  kernel/time/clocksource.c                  |   2 +-
>  mm/hugetlb.c                               |   8 ++
>  mm/slab.c                                  |  13 ++-
>  net/core/datagram.c                        |   6 +-
>  net/core/ethtool.c                         |   2 +-
>  net/core/fib_rules.c                       |   2 +-
>  net/core/skbuff.c                          |   9 ++-
>  net/ipv4/tcp_input.c                       |   2 +-
>  net/ipv4/udp.c                             |   2 +-
>  net/ipv6/raw.c                             |   2 +-
>  net/ipv6/udp.c                             |   3 +-
>  net/l2tp/l2tp_core.c                       |  11 ++-
>  net/netfilter/nft_compat.c                 |  24 ++++--
>  net/netlink/af_netlink.c                   |  34 +++++---
>  net/openvswitch/flow_table.c               |   3 +-
>  net/sctp/sm_sideeffect.c                   |   2 +-
>  net/unix/af_unix.c                         |  16 +++-
>  sound/arm/Kconfig                          |  15 ++--
>  sound/soc/pxa/Kconfig                      |   2 -
>  sound/soc/pxa/pxa2xx-ac97.c                |   4 +-
>  tools/lib/traceevent/event-parse.c         |  23 +++++-
>  tools/perf/util/header.c                   |   4 +-
>  tools/perf/util/symbol-elf.c               |  35 +++-----
>  virt/kvm/eventfd.c                         | 124 +++++++++++++++++------------
>  virt/kvm/kvm_main.c                        |  19 ++++-
>  116 files changed, 1164 insertions(+), 451 deletions(-)
> 
> Aaron Conole (2):
>       af_unix: Convert the unix_sk macro to an inline function for type safety
>       af_unix: return data from multiple SKBs on recv() with MSG_PEEK flag
> 
> Adrian Hunter (1):
>       perf tools: Fix copying of /proc/kcore
> 
> Alex Williamson (2):
>       PCI: Fix devfn for VPD access through function 0
>       PCI: Use function 0 VPD for identical functions, regular VPD for others
> 
> Alexander Couzens (1):
>       l2tp: protect tunnel->del_work by ref_count
> 
> Andreas Schwab (1):
>       m68k: Define asmlinkage_protect
> 
> Andrey Vagin (1):
>       net/unix: fix logic about sk_peek_offset
> 
> Andy Lutomirski (2):
>       x86/paravirt: Replace the paravirt nop with a bona fide empty function
>       x86/nmi/64: Fix a paravirt stack-clobbering bug in the NMI code
> 
> Andy Shevchenko (1):
>       dmaengine: dw: properly read DWC_PARAMS register
> 
> Aneesh Kumar K.V (1):
>       powerpc/mm: Recompute hash value after a failed update
> 
> Arad, Ronen (1):
>       netlink: Trim skb to alloc size to avoid MSG_TRUNC
> 
> Ard Biesheuvel (1):
>       ARM: 8429/1: disable GCC SRA optimization
> 
> Arnaldo Carvalho de Melo (1):
>       perf header: Fixup reading of HEADER_NRCPUS feature
> 
> Ben Hutchings (1):
>       genirq: Fix race in register_irq_proc()
> 
> Benjamin Herrenschmidt (1):
>       powerpc/boot: Specify ABI v2 when building an LE boot wrapper
> 
> Carl Frederik Werner (1):
>       ARM: dts: omap3-beagle: make i2c3, ddc and tfp410 gpio work again
> 
> Charles Keepax (1):
>       asix: Do full reset during ax88772_bind
> 
> Chas Williams (1):
>       net/xen-netfront: only napi_synchronize() if running
> 
> Dave Airlie (1):
>       drm/qxl: only report first monitor as connected if we have no state
> 
> David Woodhouse (1):
>       x86/platform: Fix Geode LX timekeeping in the generic x86 build
> 
> Dirk Müller (1):
>       Use WARN_ON_ONCE for missing X86_FEATURE_NRIPS
> 
> Eric Dumazet (1):
>       net: add pfmemalloc check in sk_add_backlog()
> 
> Eric W. Biederman (2):
>       dcache: Handle escaped paths in prepend_path
>       vfs: Test for and handle paths that are unreachable from their mnt_root
> 
> Fabiano Fidêncio (1):
>       drm/qxl: recreate the primary surface when the bo is not primary
> 
> Filipe Manana (1):
>       Btrfs: fix read corruption of compressed and shared extents
> 
> Grazvydas Ignotas (1):
>       ARM: dts: omap5-uevm.dts: fix i2c5 pinctrl offsets
> 
> Guenter Roeck (2):
>       hwmon: (nct6775) Swap STEP_UP_TIME and STEP_DOWN_TIME registers for most chips
>       spi: Fix documentation of spi_alloc_master()
> 
> Guillaume Nault (1):
>       ppp: don't override sk->sk_state in pppoe_flush_dev()
> 
> James Hogan (1):
>       MIPS: dma-default: Fix 32-bit fall back to GFP_DMA
> 
> Jan Kara (1):
>       jbd2: avoid infinite loop when destroying aborted journal
> 
> Jani Nikula (1):
>       drm/i915/bios: handle MIPI Sequence Block v3+ gracefully
> 
> Jann Horn (2):
>       CIFS: fix type confusion in copy offload ioctl
>       fs: if a coredump already exists, unlink and recreate with O_EXCL
> 
> Jason Wang (4):
>       kvm: don't try to register to KVM_FAST_MMIO_BUS for non mmio eventfd
>       kvm: factor out core eventfd assign/deassign logic
>       kvm: fix double free for fast mmio eventfd
>       kvm: fix zero length mmio searching
> 
> Jeff Mahoney (1):
>       btrfs: skip waiting on ordered range for special files
> 
> Jenny Derzhavetz (1):
>       iser-target: remove command with state ISTATE_REMOVE
> 
> Jiri Benc (1):
>       vxlan: set needed headroom correctly
> 
> Joe Perches (1):
>       ethtool: Use kcalloc instead of kmalloc for ethtool_get_strings
> 
> Johan Hovold (1):
>       USB: whiteheat: fix potential null-deref at probe
> 
> John Stultz (1):
>       clocksource: Fix abs() usage w/ 64bit values
> 
> Joonsoo Kim (1):
>       mm/slab: fix unexpected index mapping result of kmalloc_size(INDEX_NODE+1)
> 
> Joseph Qi (1):
>       ocfs2/dlm: fix deadlock when dispatch assert master
> 
> Julia Lawall (1):
>       xhci-mem: Use setup_timer
> 
> Kapileshwar Singh (1):
>       tools lib traceevent: Fix string handling in heterogeneous arch environments
> 
> Konstantin Khlebnikov (1):
>       ovs: do not allocate memory from offline numa node
> 
> Kyle Evans (1):
>       hp-wmi: limit hotkey enable
> 
> Linus Torvalds (1):
>       Initialize msg/shm IPC objects before doing ipc_addid()
> 
> Liu.Zhao (1):
>       USB: option: add ZTE PIDs
> 
> Luis Henriques (2):
>       zram: fix possible use after free in zcomp_create()
>       Revert "ARM: orion5x: fix legacy orion5x IRQ numbers"
> 
> Manfred Spraul (1):
>       ipc/sem.c: fully initialize sem_array before making it visible
> 
> Marc Zyngier (2):
>       arm64: KVM: Disable virtual timer even if the guest is not using it
>       arm: KVM: Disable virtual timer even if the guest is not using it
> 
> Mathias Krause (1):
>       hp-wmi: Add missing __init annotations to initialization code
> 
> Mathias Nyman (4):
>       usb: Use the USB_SS_MULT() macro to get the burst multiplier.
>       xhci: give command abortion one more chance before killing xhci
>       xhci: change xhci 1.0 only restrictions to support xhci 1.1
>       xhci: init command timeout timer earlier to avoid deleting it uninitialized
> 
> Matt Fleming (1):
>       x86/efi: Fix boot crash by mapping EFI memmap entries bottom-up at runtime, instead of top-down
> 
> Max Filippov (1):
>       spi: xtensa-xtfpga: fix register endianness
> 
> Mel Gorman (1):
>       mm: hugetlbfs: skip shared VMAs when unmapping private pages to satisfy a fault
> 
> Michel Dänzer (1):
>       drm/radeon: Restore LCD backlight level on resume (>= R5xx)
> 
> Michel Stam (1):
>       asix: Don't reset PHY on if_up for ASIX 88772
> 
> Nikhil Badola (2):
>       drivers: usb :fsl: Implement Workaround for USB Erratum A007792
>       drivers: usb: fsl: Workaround for USB erratum-A005275
> 
> Pablo Neira Ayuso (1):
>       netfilter: nft_compat: skip family comparison in case of NFPROTO_UNSPEC
> 
> Paolo Bonzini (1):
>       KVM: x86: trap AMD MSRs for the TSeg base and mask
> 
> Paul Burton (3):
>       MIPS: CPS: Stop dangling delay slot from has_mt.
>       MIPS: CPS: Don't include MT code in non-MT kernels.
>       MIPS: CPS: #ifdef on CONFIG_MIPS_MT_SMP rather than CONFIG_MIPS_MT
> 
> Peter Chen (1):
>       usb: chipidea: udc: using the correct stall implementation
> 
> Peter Seiderer (1):
>       cifs: use server timestamp for ntlmv2 authentication
> 
> Prarit Bhargava (1):
>       intel_pstate: Fix overflow in busy_scaled due to long delay
> 
> Pravin B Shelar (2):
>       skbuff: Fix skb checksum flag on skb pull
>       skbuff: Fix skb checksum partial check.
> 
> Richard Weinberger (1):
>       UBI: Validate data_size
> 
> Robert Jarzmik (2):
>       ASoC: pxa: pxa2xx-ac97: fix dma requestor lines
>       ASoC: fix broken pxa SoC support
> 
> Roger Quadros (2):
>       usb: xhci: Clear XHCI_STATE_DYING on start
>       usb: xhci: Allow usb_add/remove_hcd() to be called repeatedly
> 
> Roland Dreier (1):
>       fib_rules: Fix dump_rules() not to exit early
> 
> Russell King (1):
>       ARM: fix Thumb2 signal handling when ARMv6 is enabled
> 
> Sabrina Dubroca (1):
>       net: add length argument to skb_copy_and_csum_datagram_iovec
> 
> Shaohua Li (1):
>       x86/apic: Serialize LVTT and TSC_DEADLINE writes
> 
> Shawn Lin (1):
>       staging: ion: fix corruption of ion_import_dma_buf
> 
> Simon Guinot (1):
>       net: mvneta: fix DMA buffer unmapping in mvneta_rx()
> 
> Stephen Smalley (1):
>       x86/mm: Set NX on gap between __ex_table and rodata
> 
> Steve French (1):
>       disabling oplocks/leases via module parm enable_oplocks broken for SMB3
> 
> Stratos Karafotis (1):
>       cpufreq: intel_pstate: Remove unnecessary type casting in div_s64() call
> 
> Tan, Jui Nee (1):
>       spi: spi-pxa2xx: Check status register to determine if SSSR_TINT is disabled
> 
> Thomas Hellstrom (2):
>       drm/vmwgfx: Fix up user_dmabuf refcounting
>       drm/vmwgfx: Fix kernel NULL pointer dereference on older hardware
> 
> Will Deacon (3):
>       arm64: head.S: initialise mdcr_el2 in el2_setup
>       arm64: compat: fix vfp save/restore across signal handlers in big-endian
>       arm64: errata: add module build workaround for erratum #843419
> 
> lucien (1):
>       sctp: donot reset the overall_error_count in SHUTDOWN_RECEIVE state
> 
> shengyong (1):
>       UBI: return ENOSPC if no enough space available
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ