lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <CA+55aFw02+-sX7z4MW4ecor6YcBEDHJcmyai85Kpc0FuyCnTRw@mail.gmail.com>
Date:   Sun, 3 Sep 2017 14:47:05 -0700
From:   Linus Torvalds <torvalds@...ux-foundation.org>
To:     Linux Kernel Mailing List <linux-kernel@...r.kernel.org>
Subject: Linux 4.13

So last week was actually somewhat eventful, but not enough to push me
to delay 4.13.

Most of the changes since rc7 are actually networking fixes, the bulk
of them to various drivers. With apologies to the authors of said
patches, they don't look all that interesting (which is definitely
exactly what you want just before a release).  Details in the appended
shortlog.

Note that the shortlog below is obviously only since rc7 - the _full_
4.13 log is much too big to post and nobody sane would read it.  So if
you're interested in all the rest of it, get the git tree and limit
the logs to the files you are interested in if you crave details.

No, the excitement was largely in the mmu notification layer, where we
had a fairly last-minute regression and some discussion about the
problem. Lots of kudos to Jérôme Glisse for jumping on it, and
implementing the fix.

What's nice to see is that the regression pointed out a nasty and not
very well documented (or thought out) part of the mmu notifiers, and
the fix not only fixed the problem, but did so by cleaning up and
documenting what the right behavior should be, and furthermore did so
by getting rid of the problematic notifier and actually removing
almost two hundred lines in the process.

I love seeing those kinds of fixes. Better, smaller, code.

The other excitement this week was purely personal, consisting of
seven hours of pure agony due to a kidney stone. I'm all good, but it
sure _felt_ a lot longer than seven hours, and I don't even want to
imagine what it is for people that have had the experience drag out
for longer. Ugh.

Anyway, on to actual 4.13 issues.

While we've had lots of changes all over (4.13 was not particularly
big, but even a "solidly average" release is not exactly small), one
very _small_ change merits some extra attention, because it's one of
those very rare changes where we change behavior due to security
issues, and where people may need to be aware of that behavior change
when upgrading.

This time it's not really a kernel security issue, but a generic
protocol security issue.

The change in question is simply changing the default cifs behavior:
instead of defaulting to SMB 1.0 (which you really should not use:
just google for "stop using SMB1" or similar), the default cifs mount
now defaults to a rather more modern SMB 3.0.

Now, because you shouldn't have been using SMB1 anyway, this shouldn't
affect anybody. But guess what? It almost certainly does affect some
people, because they blithely continued using SMB1 without really
thinking about it.

And you certainly _can_ continue to use SMB1, but due to the default
change, now you need to be *aware* of it. You may need to add an
explicit "vers=1.0" to your mount options in /etc/fstab or similar if
you *really* want SMB1.

But if the new default of 3.0 doesn't work (because you still use a
pterodactyl as a windshield wiper), before you go all the way back to
the bad old days and use that "vers=1.0", you might want to try
"vers=2.1". Because let's face it, SMB1 is just bad, bad, bad.

Anyway, most people won't notice at all. And the ones that do notice
can check their current situation (just look at the output of "mount"
and see if you have any cifs things there), and you really should
update from the default even if you are *not* upgrading kernels.

Ok, enough about that. It was literally a two-liner change top
defaults - out of the million or so lines of the full 4.13 patch
changing real code.

Go get the new kernel,

                Linus



---

Adrian Hunter (1):
      mmc: block: Fix block status codes

Aleksander Morgado (1):
      cdc_ncm: flag the u-blox TOBY-L4 as wwan

Alexey Brodkin (1):
      ARCv2: SMP: Mask only private-per-core IRQ lines on boot at core intc

Andrew Jeffery (1):
      net: ftgmac100: Fix oops in probe on failure to find associated PHY

Annie Li (1):
      xen-blkback: stop blkback thread of every queue in xen_blkif_disconnect

Anthony Martin (1):
      Input: synaptics - fix device info appearing different on reconnect

Antoine Tenart (1):
      net: mvpp2: fix the mac address used when using PPv2.2

Ard Biesheuvel (2):
      crypto: chacha20 - fix handling of chunked input
      crypto: testmgr - add chunked test cases for chacha20

Arnd Bergmann (1):
      qlge: avoid memcpy buffer overflow

Bart Van Assche (4):
      dm: fix the second dec_pending() argument in __split_and_process_bio()
      dm mpath: retry BLK_STS_RESOURCE errors
      dm: fix printk() rate limiting code
      dm mpath: do not lock up a CPU with requeuing activity

Ben Hutchings (1):
      alpha: uapi: Add support for __SANE_USERSPACE_TYPES__

Benjamin Poirier (1):
      packet: Don't write vnet header beyond end of buffer

Bob Peterson (1):
      tipc: Fix tipc_sk_reinit handling of -EAGAIN

Brian King (1):
      scsi: ipr: Set no_report_opcodes for RAID arrays

Cameron Gutman (1):
      Input: xpad - fix PowerA init quirk for some gamepad models

Changpeng Liu (1):
      nvme: fix the definition of the doorbell buffer config support bit

Christoph Hellwig (3):
      libata: quirk read log on no-name M.2 SSD
      libata: check for trusted computing in IDENTIFY DEVICE data
      nvme-pci: use dma memory for the host memory buffer descriptors

Christophe JAILLET (2):
      sata: ahci-da850: Fix some error handling paths in 'ahci_da850_probe()'
      scsi: qedf: Fix a potential NULL pointer dereference

Christophe Jaillet (1):
      net: sxgbe: check memory allocation failure

Cong Wang (1):
      wl1251: add a missing spin_lock_init()

Dan Carpenter (3):
      scsi: sg: off by one in sg_ioctl()
      x86/ldt: Fix off by one in get_segment_base()
      nfp: double free on error in probe

Dan Williams (1):
      libnvdimm: clean up command definitions

Daniel Borkmann (1):
      bpf: fix map value attribute for hash of maps

Dave Kleikamp (1):
      jfs should use MAX_LFS_FILESIZE when calculating s_maxbytes

Eran Ben Elisha (1):
      net/mlx5e: Fix dangling page pointer on DMA mapping error

Eric Biggers (1):
      mm, uprobes: fix multiple free of ->uprobes_state.xol_area

Eric Dumazet (5):
      udp: on peeking bad csum, drop packets even if not at head
      net: dsa: use consume_skb()
      virtio_net: be drop monitor friendly
      net_sched: fix a refcount_t issue with noop_qdisc
      kcm: do not attach PF_KCM sockets to avoid deadlock

Florian Fainelli (14):
      net/hsr: Check skb_put_padto() return value
      net: phy: Deal with unbound PHY driver in phy_attached_print()
      fsl/man: Inherit parent device and of_node
      net: core: Specify skb_pad()/skb_put_padto() SKB freeing
      net: dsa: skb_put_padto() already frees nskb
      um: Fix check for _xstate for older hosts
      net: systemport: Be drop monitor friendly
      net: bcmgenet: Be drop monitor friendly
      net: systemport: Free DMA coherent descriptors on errors
      r8169: Do not increment tx_dropped in TX ring cleaning
      r8169: Be drop monitor friendly
      net: dsa: Don't dereference dst->cpu_dp->netdev
      net: dsa: bcm_sf2: Fix number of CFP entries for BCM7278
      Revert "net: phy: Correctly process PHY_HALTED in phy_stop_machine()"

Guenter Roeck (1):
      alpha: Define ioremap_wc

Guillaume Nault (6):
      l2tp: initialise session's refcount before making it reachable
      l2tp: hold tunnel while looking up sessions in l2tp_netlink
      l2tp: hold tunnel while processing genl delete command
      l2tp: hold tunnel while handling genl tunnel updates
      l2tp: hold tunnel while handling genl TUNNEL_GET commands
      l2tp: hold tunnel used while creating sessions with netlink

Hans de Goede (1):
      i2c: designware: Round down ACPI provided clk to nearest supported clk

Helge Deller (1):
      fs/select: Fix memory corruption in compat_get_fd_set()

Huy Nguyen (4):
      net/mlx5e: Check for qos capability in dcbnl_initialize
      net/mlx5e: Fix DCB_CAP_ATTR_DCBX capability for DCBNL getcap.
      net/mlx5: Skip mlx5_unload_one if mlx5_load_one fails
      net/mlx5: Remove the flag MLX5_INTERFACE_STATE_SHUTDOWN

Ido Schimmel (2):
      mlxsw: spectrum: Forbid linking to devices that have uppers
      bridge: switchdev: Clear forward mark when transmitting packet

Igor Russkikh (1):
      net:ethernet:aquantia: Fix for multicast filter handling.

Inbar Karmy (1):
      net/mlx5e: Don't override user RSS upon set channels

Jakub Kicinski (4):
      nfp: don't hold PF lock while enabling SR-IOV
      nfp: make sure representors are destroyed before their lower netdev
      nfp: avoid buffer leak when representor is missing
      nfp: TX time stamp packets before HW doorbell is rung

James Cowgill (1):
      MIPS: Remove pt_regs adjustments in indirect syscall handler

James Hogan (2):
      MIPS: seccomp: Fix indirect syscall args
      irqchip: mips-gic: SYNC after enabling GIC region

Jan H. Schönherr (2):
      x86/boot: Provide more slack space during decompression
      x86/boot: Prevent faulty bootparams.screeninfo from causing harm

Jason J. Herne (1):
      vfio: ccw: fix bad ptr math for TIC cda translation

Jesper Dangaard Brouer (1):
      net: missing call of trace_napi_poll in busy_poll_stop

Jiri Pirko (2):
      net: sched: fix use after free when tcf_chain_destroy is called
multiple times
      net: sched: don't do tcf_chain_flush from tcf_chain_destroy

Joe Stringer (1):
      include/linux/compiler.h: don't perform compiletime_assert with -O0

John Stultz (1):
      time: Fix ktime_get_raw() incorrect base accumulation

Jérôme Glisse (13):
      dax: update to new mmu_notifier semantic
      mm/rmap: update to new mmu_notifier semantic v2
      powerpc/powernv: update to new mmu_notifier semantic
      drm/amdgpu: update to new mmu_notifier semantic
      IB/umem: update to new mmu_notifier semantic
      IB/hfi1: update to new mmu_notifier semantic
      iommu/amd: update to new mmu_notifier semantic
      iommu/intel: update to new mmu_notifier semantic
      misc/mic/scif: update to new mmu_notifier semantic
      sgi-gru: update to new mmu_notifier semantic
      xen/gntdev: update to new mmu_notifier semantic
      KVM: update to new mmu_notifier semantic v2
      mm/mmu_notifier: kill invalidate_page

Koichiro Den (1):
      xfrm: fix null pointer dereference on state and tmpl sort

Krzysztof Kozlowski (1):
      c6x: defconfig: Cleanup from old Kconfig options

Linus Torvalds (3):
      page waitqueue: always add new entries at the end
      Revert "rmap: do not call mmu_notifier_invalidate_page() under ptl"
      Linux 4.13

Lorenzo Colitti (1):
      net: xfrm: don't double-hold dst when sk_policy in use.

Luca Coelho (1):
      iwlwifi: pcie: move rx workqueue initialization to iwl_trans_pcie_alloc()

Lucas Stach (1):
      ASoC: simple_card_utils: fix fallback when "label" property isn't present

Maciej Purski (1):
      drm/bridge/sii8620: Fix memory corruption

Martin Schwidefsky (2):
      s390/mm: fork vs. 5 level page tabel
      s390/mm: fix BUG_ON in crst_table_upgrade

Mathias Krause (4):
      xfrm_user: fix info leak in copy_user_offload()
      xfrm_user: fix info leak in xfrm_notify_sa()
      xfrm_user: fix info leak in build_expire()
      xfrm_user: fix info leak in build_aevent()

Matt Turner (2):
      alpha: Fix build error without CONFIG_VGA_HOSE.
      alpha: Fix section mismatches

Max Gurtovoy (1):
      nvme-rdma: default MR page size to 4k

Maxime Ripard (4):
      dt-bindings: net: Revert sun8i dwmac binding
      arm64: dts: allwinner: Revert EMAC changes
      arm: dts: sunxi: Revert EMAC changes
      net: stmmac: sun8i: Remove the compatibles

Mel Gorman (1):
      mm, madvise: ensure poisoned pages are removed from per-cpu lists

Meng Xu (1):
      perf/core: Fix potential double-fetch bug

Michael Chan (3):
      bnxt_en: Fix .ndo_setup_tc() to include XDP rings.
      bnxt_en: Free MSIX vectors when unregistering the device from bnxt_re.
      bnxt_en: Do not setup MAC address in bnxt_hwrm_func_qcaps().

Michael Cree (1):
      alpha: support R_ALPHA_REFLONG relocations for module loading

Moshe Shemesh (1):
      net/mlx5e: Fix inline header size for small packets

Nikolay Aleksandrov (9):
      sch_htb: fix crash on init failure
      sch_multiq: fix double free on init failure
      sch_hhf: fix null pointer dereference on init failure
      sch_hfsc: fix null pointer deref and double free on init failure
      sch_cbq: fix null pointer dereferences on init failure
      sch_fq_codel: avoid double free on init failure
      sch_netem: avoid null pointer deref on init failure
      sch_sfq: fix null pointer dereference on init failure
      sch_tbf: fix two null pointer dereferences on init failure

Noa Osherovich (1):
      net/mlx5: Fix arm SRQ command for ISSI version 0

Nogah Frankel (1):
      mlxsw: spectrum_switchdev: Fix mrouter flag update

Oleg Nesterov (1):
      epoll: fix race between ep_poll_callback(POLLFREE) and
ep_free()/ep_remove()

Pablo Neira Ayuso (1):
      netfilter: nft_compat: check extension hook mask only if set

Paolo Abeni (1):
      udp6: set rx_dst_cookie on rx_dst updates

Parthasarathy Bhuvaragan (5):
      tipc: remove subscription references only for pending timers
      tipc: perform skb_linearize() before parsing the inner header
      tipc: reassign pointers after skb reallocation / linearization
      tipc: context imbalance at node read unlock
      tipc: permit bond slave as bearer

Paul Blakey (1):
      net/mlx5e: Properly resolve TC offloaded ipv6 vxlan tunnel source address

Pavel Belous (5):
      net:ethernet:aquantia: Extra spinlocks removed.
      net:ethernet:aquantia: Fix for number of RSS queues.
      net:ethernet:aquantia: Workaround for HW checksum bug.
      net:ethernet:aquantia: Fix for incorrect speed index.
      net:ethernet:aquantia: Show info message if bad firmware version detected.

Pavel Shilovsky (1):
      CIFS: Fix maximum SMB2 header size

Pieter Jansen van Vuuren (3):
      nfp: fix unchecked flow dissector use
      nfp: fix supported key layers calculation
      nfp: remove incorrect mask check for vlan matching

Quan Nguyen (1):
      drivers: net: xgene: Correct probe sequence handling

Richard Henderson (3):
      alpha: Update for new syscalls
      alpha: Package string routines together
      alpha: Fix typo in ev6-copy_user.S

Rob Herring (1):
      c6x: Convert to using %pOF instead of full_name

Roopa Prabhu (1):
      bridge: check for null fdb->dst before notifying switchdev drivers

Russell King (1):
      scripts/dtc: fix '%zx' warning

Sabrina Dubroca (3):
      netfilter: ipt_CLUSTERIP: fix use-after-free of proc entry
      macsec: add genl family module alias
      tcp: fix refcnt leak with ebpf congestion control

Sekhar Nori (1):
      net: ti: cpsw-common: dont print error if ti_cm_get_macid() fails

Shahar Klein (1):
      net/mlx5: E-Switch, Unload the representors in the correct order

Shaohua Li (1):
      kernel/kthread.c: kthread_worker: don't hog the cpu

Sinclair Yeh (1):
      drm/vmwgfx: Fix F26 Wayland screen update issue

Stefano Brivio (3):
      ipv6: accept 64k - 1 packet length in ip6_find_1stfragopt()
      sctp: Avoid out-of-bounds reads from address storage
      cxgb4: Fix stack out-of-bounds read due to wrong size to t4_record_mbox()

Steffen Klassert (5):
      esp: Fix memleaks on error paths.
      esp: Fix error handling on layer 2 xmit.
      esp: Fix locking on page fragment allocation
      esp: Fix skb tailroom calculation
      ipv6: Fix may be used uninitialized warning in rt6_check

Stephan Gatzka (1):
      net: stmmac: socfgpa: Ensure emac bit set in sys manager for
MII/GMII/SGMII.

Stephan Mueller (2):
      lib/mpi: kunmap after finishing accessing buffer
      crypto: algif_skcipher - only call put_page on referenced and used pages

Stephen Douthit (2):
      i2c: ismt: Don't duplicate the receive length for block reads
      i2c: ismt: Return EMSGSIZE for block reads with bogus length

Steve French (2):
      CIFS: remove endian related sparse warning
      Fix warning messages when mounting to older servers

Taehee Yoo (1):
      netfilter: x_tables: Fix use-after-free in ipt_do_table.

Takashi Iwai (2):
      ASoC: rt5670: Fix GPIO headset detection regression
      ALSA: pcm: Fix power lock unbalance via OSS emulation

Tal Gilboa (1):
      net/mlx5e: Fix CQ moderation mode not set properly

Tejun Heo (2):
      cpumask: fix spurious cpumask_of_node() on non-NUMA multi-node configs
      Revert "libata: quirk read log on no-name M.2 SSD"

Tetsuo Handa (1):
      mm,page_alloc: don't call __node_reclaim() with oom_lock held.

Thomas Petazzoni (1):
      arm64: dts: marvell: fix number of GPIOs in Armada AP806 description

Vladis Dronov (1):
      xfrm: policy: check policy direction value

Waiman Long (1):
      cpuset: Fix incorrect memory_pressure control file mapping

Wei Wang (2):
      ipv6: add rcu grace period before freeing fib6_node
      ipv6: fix sparse warning on rt6i_node

Xin Long (3):
      netfilter: check for seqadj ext existence before adding it in
nf_nat_setup_info
      ipv6: set dst.obsolete when a cached route has expired
      ipv6: do not set sk_destruct in IPV6_ADDRFORM sockopt

Yan, Zheng (1):
      ceph: fix readpage from fscache

Ying Xue (1):
      tipc: fix a race condition of releasing subscriber object

Yossi Kuperman (1):
      udp: fix secpath leak

Yuchung Cheng (1):
      bpf: fix bpf_setsockopts return value

Zhou Chengming (1):
      perf/ftrace: Fix double traces of perf on ftrace:function

Zhoujie Wu (1):
      mmc: sdhci-xenon: add set_power callback

andy zhou (1):
      netfilter: nf_tables: Fix nft limit burst handling

stephen hemminger (1):
      netvsc: fix deadlock betwen link status and removal

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ