| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 15 Jan 2018 13:33:47 +0100
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: linux-kernel@...r.kernel.org
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
torvalds@...ux-foundation.org, akpm@...ux-foundation.org,
linux@...ck-us.net, shuahkh@....samsung.com, patches@...nelci.org,
ben.hutchings@...ethink.co.uk, lkft-triage@...ts.linaro.org,
stable@...r.kernel.org
Subject: [PATCH 4.14 000/118] 4.14.14-stable review
This is the start of the stable review cycle for the 4.14.14 release.
There are 118 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Wed Jan 17 12:33:32 UTC 2018.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.14.14-rc1.gz
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.14.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Linux 4.14.14-rc1
Thomas Gleixner <tglx@...utronix.de>
x86/retpoline: Remove compile time warning
Peter Zijlstra <peterz@...radead.org>
x86,perf: Disable intel_bts when PTI
W. Trevor King <wking@...mily.us>
security/Kconfig: Correct the Documentation reference for PTI
Thomas Gleixner <tglx@...utronix.de>
x86/pti: Fix !PCID and sanitize defines
Andy Lutomirski <luto@...nel.org>
selftests/x86: Add test_vsyscall
David Woodhouse <dwmw@...zon.co.uk>
x86/retpoline: Fill return stack buffer on vmexit
Andi Kleen <ak@...ux.intel.com>
x86/retpoline/irq32: Convert assembler indirect jumps
David Woodhouse <dwmw@...zon.co.uk>
x86/retpoline/checksum32: Convert assembler indirect jumps
David Woodhouse <dwmw@...zon.co.uk>
x86/retpoline/xen: Convert Xen hypercall indirect jumps
David Woodhouse <dwmw@...zon.co.uk>
x86/retpoline/hyperv: Convert assembler indirect jumps
David Woodhouse <dwmw@...zon.co.uk>
x86/retpoline/ftrace: Convert ftrace assembler indirect jumps
David Woodhouse <dwmw@...zon.co.uk>
x86/retpoline/entry: Convert entry assembler indirect jumps
David Woodhouse <dwmw@...zon.co.uk>
x86/retpoline/crypto: Convert crypto assembler indirect jumps
David Woodhouse <dwmw@...zon.co.uk>
x86/spectre: Add boot time option to select Spectre v2 mitigation
David Woodhouse <dwmw@...zon.co.uk>
x86/retpoline: Add initial retpoline support
Josh Poimboeuf <jpoimboe@...hat.com>
objtool: Allow alternatives to be ignored
Josh Poimboeuf <jpoimboe@...hat.com>
objtool: Detect jumps to retpoline thunks
Dave Hansen <dave.hansen@...ux.intel.com>
x86/pti: Make unpoison of pgd for trusted boot work for real
Borislav Petkov <bp@...e.de>
x86/alternatives: Fix optimize_nops() checking
David Woodhouse <dwmw@...zon.co.uk>
sysfs/cpu: Fix typos in vulnerability documentation
Tom Lendacky <thomas.lendacky@....com>
x86/cpu/AMD: Use LFENCE_RDTSC in preference to MFENCE_RDTSC
Tom Lendacky <thomas.lendacky@....com>
x86/cpu/AMD: Make LFENCE a serializing instruction
Jike Song <albcamus@...il.com>
x86/mm/pti: Remove dead logic in pti_user_pagetable_walk*()
Dave Hansen <dave.hansen@...ux.intel.com>
x86/tboot: Unbreak tboot with PTI enabled
Thomas Gleixner <tglx@...utronix.de>
x86/cpu: Implement CPU vulnerabilites sysfs functions
Thomas Gleixner <tglx@...utronix.de>
sysfs/cpu: Add vulnerability folder
David Woodhouse <dwmw@...zon.co.uk>
x86/cpufeatures: Add X86_BUG_SPECTRE_V[12]
Dave Hansen <dave.hansen@...ux.intel.com>
x86/Documentation: Add PTI description
Jiri Kosina <jkosina@...e.cz>
x86/pti: Unbreak EFI old_memmap
Benjamin Poirier <bpoirier@...e.com>
e1000e: Fix e1000_check_for_copper_link_ich8lan return value.
John Johansen <john.johansen@...onical.com>
apparmor: fix ptrace label match when matching stacked labels
Kirill A. Shutemov <kirill.shutemov@...ux.intel.com>
kdump: write correct address of mem_section into vmcoreinfo
Hans de Goede <hdegoede@...hat.com>
mux: core: fix double get_device()
Icenowy Zheng <icenowy@...c.io>
uas: ignore UAS for Norelsys NS1068(X) chips
Ben Seri <ben@...is.com>
Bluetooth: Prevent stack info leak from the EFS element.
Viktor Slavkovic <viktors@...gle.com>
staging: android: ashmem: fix a race condition in ASHMEM_SET_SIZE ioctl
Shuah Khan <shuah@...nel.org>
usbip: vudc_tx: fix v_send_ret_submit() vulnerability to null xfer buffer
Shuah Khan <shuah@...nel.org>
usbip: fix vudc_rx: harden CMD_SUBMIT path to handle malicious input
Shuah Khan <shuah@...nel.org>
usbip: remove kernel addresses from usb device and urb debug msgs
Alan Stern <stern@...land.harvard.edu>
USB: UDC core: fix double-free in usb_add_gadget_udc_release
Pete Zaitcev <zaitcev@...hat.com>
USB: fix usbmon BUG trigger
Stefan Agner <stefan@...er.ch>
usb: misc: usb3503: make sure reset is low for at least 100us
Christian Holl <cyborgx1@...il.com>
USB: serial: cp210x: add new device ID ELV ALC 8xxx
Diego Elio Pettenò <flameeyes@...meeyes.eu>
USB: serial: cp210x: add IDs for LifeScan OneTouch Verio IQ
Daniel Borkmann <daniel@...earbox.net>
bpf: arsh is not supported in 32 bit alu thus reject it
Daniel Borkmann <daniel@...earbox.net>
bpf, array: fix overflow in max_entries and undefined behavior in index_mask
Alexei Starovoitov <ast@...nel.org>
bpf: prevent out-of-bounds speculation
Ville Syrjälä <ville.syrjala@...ux.intel.com>
drm/i915: Fix init_clock_gating for resume
Ville Syrjälä <ville.syrjala@...ux.intel.com>
drm/i915: Move init_clock_gating() back to where it was
Kenneth Graunke <kenneth@...tecape.org>
drm/i915: Whitelist SLICE_COMMON_ECO_CHICKEN1 on Geminilake.
Zhi Wang <zhi.a.wang@...el.com>
drm/i915/gvt: Clear the shadow page table entry after post-sync
Dan Carpenter <dan.carpenter@...cle.com>
drm/vmwgfx: Potential off by one in vmw_view_add()
Thomas Hellstrom <thellstrom@...are.com>
drm/vmwgfx: Don't cache framebuffer maps
David Gibson <david@...son.dropbear.id.au>
KVM: PPC: Book3S HV: Always flush TLB in kvmppc_alloc_reset_hpt()
Serhii Popovych <spopovyc@...hat.com>
KVM: PPC: Book3S HV: Fix use after free in case of multiple resize requests
Serhii Popovych <spopovyc@...hat.com>
KVM: PPC: Book3S HV: Drop prepare_done from struct kvm_resize_hpt
Alexey Kardashevskiy <aik@...abs.ru>
KVM: PPC: Book3S PR: Fix WIMG handling under pHyp
Andrew Honig <ahonig@...gle.com>
KVM: x86: Add memory barrier on vmcs field lookup
Jia Zhang <qianyue.zj@...baba-inc.com>
x86/microcode/intel: Extend BDW late-loading with a revision check
Emmanuel Grumbach <emmanuel.grumbach@...el.com>
iwlwifi: pcie: fix DMA memory mapping / unmapping
Ilya Dryomov <idryomov@...il.com>
rbd: set max_segments to USHRT_MAX
Florian Margaine <florian@...tform.sh>
rbd: reacquire lock should update lock owner client id
Masaharu Hayakawa <masaharu.hayakawa.ry@...esas.com>
mmc: renesas_sdhi: Add MODULE_LICENSE
Eric Biggers <ebiggers@...gle.com>
crypto: algapi - fix NULL dereference in crypto_remove_spawns()
Mathieu Desnoyers <mathieu.desnoyers@...icios.com>
membarrier: Disable preemption when calling smp_call_function_many()
David S. Miller <davem@...emloft.net>
Revert "Revert "xfrm: Fix stack-out-of-bounds read in xfrm_state_find.""
Russell King <rmk+kernel@...linux.org.uk>
sfp: fix sfp-bus oops when removing socket/upstream
Ido Schimmel <idosch@...lanox.com>
mlxsw: spectrum: Relax sanity checks during enslavement
Mathieu Xhonneux <m.xhonneux@...il.com>
ipv6: sr: fix TLVs not being copied using setsockopt
Roi Dayan <roid@...lanox.com>
net/sched: Fix update of lastuse in act modules implementing stats_update
Ido Schimmel <idosch@...lanox.com>
mlxsw: spectrum_router: Fix NULL pointer deref
Stephen Hemminger <stephen@...workplumber.org>
ethtool: do not print warning for applications using legacy API
Eric Dumazet <edumazet@...gle.com>
ipv6: fix possible mem leaks in ipv6_make_skb()
Sergei Shtylyov <sergei.shtylyov@...entembedded.com>
sh_eth: fix SH7757 GEther initialization
Jerome Brunet <jbrunet@...libre.com>
net: stmmac: enable EEE in MII, GMII or RGMII only
Sergei Shtylyov <sergei.shtylyov@...entembedded.com>
sh_eth: fix TSU resource handling
Marcelo Ricardo Leitner <marcelo.leitner@...il.com>
sctp: fix the handling of ICMP Frag Needed for too small MTUs
Marcelo Ricardo Leitner <marcelo.leitner@...il.com>
sctp: do not retransmit upon FragNeeded if PMTU discovery is disabled
Fugang Duan <fugang.duan@....com>
net: fec: free/restore resource in related probe error pathes
Fugang Duan <fugang.duan@....com>
net: fec: defer probe if regulator is not ready
Fugang Duan <fugang.duan@....com>
net: fec: restore dev_id in the cases of probe error
Mohamed Ghannam <simo.ghannam@...il.com>
RDS: null pointer dereference in rds_atomic_free_op
Mohamed Ghannam <simo.ghannam@...il.com>
RDS: Heap OOB write in rds_message_alloc_sgs()
Russell King <rmk+kernel@...linux.org.uk>
phylink: ensure we report link down when LOS asserted
Andrii Vladyka <tulup@...l.ru>
net: core: fix module type in sock_diag_bind
Eli Cooper <elicooper@....com>
ip6_tunnel: disable dst caching if tunnel is dual-stack
Cong Wang <xiyou.wangcong@...il.com>
8021q: fix a memory leak for VLAN 0 device
Vikas C Sajjan <vikas.cha.sajjan@....com>
x86/acpi: Reduce code duplication in mp_override_legacy_irq()
Takashi Iwai <tiwai@...e.de>
ALSA: aloop: Fix racy hw constraints adjustment
Takashi Iwai <tiwai@...e.de>
ALSA: aloop: Fix inconsistent format due to incomplete rule
Takashi Iwai <tiwai@...e.de>
ALSA: aloop: Release cable upon open error path
Takashi Iwai <tiwai@...e.de>
ALSA: pcm: Allow aborting mutex lock at OSS read/write loops
Takashi Iwai <tiwai@...e.de>
ALSA: pcm: Abort properly at pending signal in OSS read/write loops
Takashi Iwai <tiwai@...e.de>
ALSA: pcm: Add missing error checks in OSS emulation plugin builder
Takashi Iwai <tiwai@...e.de>
ALSA: pcm: Workaround for weird PulseAudio behavior on rewind error
Takashi Iwai <tiwai@...e.de>
ALSA: pcm: Remove incorrect snd_BUG_ON() usages
Vikas C Sajjan <vikas.cha.sajjan@....com>
x86/acpi: Handle SCI interrupts above legacy space gracefully
Steve Wise <swise@...ngridcomputing.com>
iw_cxgb4: when flushing, complete all wrs in a chain
Steve Wise <swise@...ngridcomputing.com>
iw_cxgb4: reflect the original WR opcode in drain cqes
Steve Wise <swise@...ngridcomputing.com>
iw_cxgb4: only clear the ARMED bit if a notification is needed
Steve Wise <swise@...ngridcomputing.com>
iw_cxgb4: atomically flush the qp
Steve Wise <swise@...ngridcomputing.com>
iw_cxgb4: only call the cq comp_handler when the cq is armed
Rafael J. Wysocki <rafael.j.wysocki@...el.com>
platform/x86: wmi: Call acpi_wmi_init() later
Jim Mattson <jmattson@...gle.com>
kvm: vmx: Scrub hardware GPRs at VM-exit
Tejun Heo <tj@...nel.org>
cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC
Maciej W. Rozycki <macro@...s.com>
MIPS: Disallow outsized PTRACE_SETREGSET NT_PRFPREG regset accesses
Maciej W. Rozycki <macro@...s.com>
MIPS: Also verify sizeof `elf_fpreg_t' with PTRACE_SETREGSET
Maciej W. Rozycki <macro@...s.com>
MIPS: Fix an FCSR access API regression with NT_PRFPREG and MSA
Maciej W. Rozycki <macro@...s.com>
MIPS: Consistently handle buffer counter with PTRACE_SETREGSET
Maciej W. Rozycki <macro@...s.com>
MIPS: Guard against any partial write attempt with PTRACE_SETREGSET
Maciej W. Rozycki <macro@...s.com>
MIPS: Factor out NT_PRFPREG regset access helpers
Maciej W. Rozycki <macro@...s.com>
MIPS: Validate PR_SET_FP_MODE prctl(2) requests against the ABI of the task
Bart Van Assche <bart.vanassche@....com>
IB/srpt: Fix ACL lookup during login
Bart Van Assche <bart.vanassche@....com>
IB/srpt: Disable RDMA access by the initiator
Wolfgang Grandegger <wg@...ndegger.com>
can: gs_usb: fix return value of the "set_bittiming" callback
Oliver Hartkopp <socketcan@...tkopp.net>
can: vxcan: improve handling of missing peer name attribute
Wanpeng Li <wanpeng.li@...mail.com>
KVM: Fix stack-out-of-bounds read in write_mmio
Suren Baghdasaryan <surenb@...gle.com>
dm bufio: fix shrinker scans when (nr_to_scan < retain_target)
-------------
Diffstat:
Documentation/ABI/testing/sysfs-devices-system-cpu | 16 +
Documentation/admin-guide/kernel-parameters.txt | 49 +-
Documentation/x86/pti.txt | 186 ++++++++
Makefile | 4 +-
arch/mips/kernel/process.c | 12 +
arch/mips/kernel/ptrace.c | 147 ++++--
arch/powerpc/kvm/book3s_64_mmu.c | 1 +
arch/powerpc/kvm/book3s_64_mmu_hv.c | 90 ++--
arch/powerpc/kvm/book3s_pr.c | 2 +
arch/x86/Kconfig | 14 +
arch/x86/Makefile | 8 +
arch/x86/crypto/aesni-intel_asm.S | 5 +-
arch/x86/crypto/camellia-aesni-avx-asm_64.S | 3 +-
arch/x86/crypto/camellia-aesni-avx2-asm_64.S | 3 +-
arch/x86/crypto/crc32c-pcl-intel-asm_64.S | 3 +-
arch/x86/entry/calling.h | 36 +-
arch/x86/entry/entry_32.S | 5 +-
arch/x86/entry/entry_64.S | 12 +-
arch/x86/events/intel/bts.c | 18 +
arch/x86/include/asm/asm-prototypes.h | 25 ++
arch/x86/include/asm/cpufeatures.h | 4 +
arch/x86/include/asm/mshyperv.h | 18 +-
arch/x86/include/asm/msr-index.h | 3 +
arch/x86/include/asm/nospec-branch.h | 214 +++++++++
arch/x86/include/asm/processor-flags.h | 2 +-
arch/x86/include/asm/tlbflush.h | 6 +-
arch/x86/include/asm/xen/hypercall.h | 5 +-
arch/x86/kernel/acpi/boot.c | 61 ++-
arch/x86/kernel/alternative.c | 7 +-
arch/x86/kernel/cpu/amd.c | 28 +-
arch/x86/kernel/cpu/bugs.c | 185 ++++++++
arch/x86/kernel/cpu/common.c | 3 +
arch/x86/kernel/cpu/microcode/intel.c | 13 +-
arch/x86/kernel/ftrace_32.S | 6 +-
arch/x86/kernel/ftrace_64.S | 8 +-
arch/x86/kernel/irq_32.c | 9 +-
arch/x86/kernel/tboot.c | 11 +
arch/x86/kvm/svm.c | 23 +
arch/x86/kvm/vmx.c | 30 +-
arch/x86/kvm/x86.c | 8 +-
arch/x86/lib/Makefile | 1 +
arch/x86/lib/checksum_32.S | 7 +-
arch/x86/lib/retpoline.S | 48 ++
arch/x86/mm/pti.c | 32 +-
arch/x86/platform/efi/efi_64.c | 2 +
crypto/algapi.c | 12 +
drivers/base/Kconfig | 3 +
drivers/base/cpu.c | 48 ++
drivers/block/rbd.c | 18 +-
drivers/gpu/drm/i915/gvt/gtt.c | 5 +-
drivers/gpu/drm/i915/i915_drv.c | 1 +
drivers/gpu/drm/i915/i915_reg.h | 2 +
drivers/gpu/drm/i915/intel_display.c | 14 +-
drivers/gpu/drm/i915/intel_engine_cs.c | 5 +
drivers/gpu/drm/i915/intel_pm.c | 44 +-
drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c | 2 +
drivers/gpu/drm/vmwgfx/vmwgfx_kms.c | 6 -
drivers/gpu/drm/vmwgfx/vmwgfx_kms.h | 2 +-
drivers/gpu/drm/vmwgfx/vmwgfx_stdu.c | 41 +-
drivers/infiniband/hw/cxgb4/cq.c | 7 +-
drivers/infiniband/hw/cxgb4/ev.c | 8 +-
drivers/infiniband/hw/cxgb4/iw_cxgb4.h | 2 -
drivers/infiniband/hw/cxgb4/qp.c | 119 +++--
drivers/infiniband/hw/cxgb4/t4.h | 6 +
drivers/infiniband/ulp/srpt/ib_srpt.c | 5 +-
drivers/md/dm-bufio.c | 8 +-
drivers/mmc/host/renesas_sdhi_core.c | 3 +
drivers/mux/core.c | 4 +-
drivers/net/can/usb/gs_usb.c | 2 +-
drivers/net/can/vxcan.c | 2 +-
drivers/net/ethernet/freescale/fec_main.c | 7 +-
drivers/net/ethernet/intel/e1000e/ich8lan.c | 11 +-
drivers/net/ethernet/mellanox/mlxsw/spectrum.c | 11 +-
drivers/net/ethernet/mellanox/mlxsw/spectrum.h | 2 +
.../net/ethernet/mellanox/mlxsw/spectrum_router.c | 2 +-
.../ethernet/mellanox/mlxsw/spectrum_switchdev.c | 6 +
drivers/net/ethernet/renesas/sh_eth.c | 29 +-
drivers/net/ethernet/stmicro/stmmac/stmmac_main.c | 6 +
drivers/net/phy/phylink.c | 3 +-
drivers/net/phy/sfp-bus.c | 6 +-
drivers/net/wireless/intel/iwlwifi/pcie/internal.h | 10 +-
drivers/net/wireless/intel/iwlwifi/pcie/tx-gen2.c | 11 +-
drivers/net/wireless/intel/iwlwifi/pcie/tx.c | 8 +-
drivers/platform/x86/wmi.c | 2 +-
drivers/staging/android/ashmem.c | 2 +
drivers/usb/gadget/udc/core.c | 28 +-
drivers/usb/misc/usb3503.c | 2 +
drivers/usb/mon/mon_bin.c | 8 +-
drivers/usb/serial/cp210x.c | 2 +
drivers/usb/storage/unusual_uas.h | 7 +
drivers/usb/usbip/usbip_common.c | 17 +-
drivers/usb/usbip/vudc_rx.c | 19 +
drivers/usb/usbip/vudc_tx.c | 11 +-
include/linux/bpf.h | 2 +
include/linux/cpu.h | 7 +
include/linux/crash_core.h | 2 +
include/linux/sh_eth.h | 1 -
include/net/sctp/structs.h | 2 +-
include/trace/events/kvm.h | 7 +-
kernel/bpf/arraymap.c | 61 ++-
kernel/bpf/verifier.c | 41 ++
kernel/cgroup/cgroup.c | 14 +-
kernel/crash_core.c | 2 +-
kernel/sched/membarrier.c | 2 +
net/8021q/vlan.c | 7 +-
net/bluetooth/l2cap_core.c | 20 +-
net/core/ethtool.c | 15 +-
net/core/sock_diag.c | 2 +-
net/ipv6/exthdrs.c | 9 +
net/ipv6/ip6_output.c | 5 +-
net/ipv6/ip6_tunnel.c | 9 +-
net/rds/rdma.c | 4 +
net/sched/act_gact.c | 2 +-
net/sched/act_mirred.c | 2 +-
net/sctp/input.c | 28 +-
net/sctp/transport.c | 29 +-
net/xfrm/xfrm_policy.c | 29 +-
security/Kconfig | 2 +-
security/apparmor/include/perms.h | 3 +
security/apparmor/ipc.c | 53 ++-
sound/core/oss/pcm_oss.c | 41 +-
sound/core/oss/pcm_plugin.c | 14 +-
sound/core/pcm_lib.c | 4 +-
sound/core/pcm_native.c | 9 +-
sound/drivers/aloop.c | 98 ++--
tools/objtool/check.c | 69 ++-
tools/objtool/check.h | 2 +-
tools/testing/selftests/bpf/test_verifier.c | 40 ++
tools/testing/selftests/x86/Makefile | 2 +-
tools/testing/selftests/x86/test_vsyscall.c | 500 +++++++++++++++++++++
virt/kvm/arm/mmio.c | 6 +-
131 files changed, 2536 insertions(+), 561 deletions(-)
Powered by blists - more mailing lists