[Xenial SRU] Xenial update to 4.4.114 stable release
Stefan Bader
stefan.bader at canonical.com
Fri Mar 9 15:21:25 UTC 2018
Deliberately skipping "Revert "module: Add retpoline tag to VERMAGIC""
because we decided we actually are fine with flagging things that way.
Skipping because already applied:
* Slow system response time due to a monitor bug (bug 1606147)
- x86/cpu/intel: Introduce macros for Intel family numbers
* CVE-2017-1000364
- mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack
* CVE-2017-17448
- netfilter: nfnetlink_cthelper: Add missing permission checks
* CVE-2017-17450
- netfilter: xt_osf: Add missing permission checks
We backported the following set for (bug 16407868):
* netfilter: x_tables: pass xt_counters struct instead of packet
counter
* netfilter: x_tables: pass xt_counters struct to counter allocator
* netfilter: x_tables: pack percpu counter allocations
this caused the following stable patch to be not needed in Xenial:
* netfilter: fix IS_ERR_VALUE usage
Special care should be used when looking at "x86/retpoline: Fill RSB on
context switch for affected CPUs". This uses a cpufeature bit which was
used initially by the Spectre v2 Intel patches. So in order to apply it
I did move the SPEC_CTRL bit definition out of the way.
-Stefan
--
The following changes since commit fdf2a7bfb332c7f3e54da19e4161db4ac448bf20:
Linux 4.4.113 (2018-03-09 08:52:15 +0100)
are available in the git repository at:
git://git.launchpad.net/~smb/+git/linux-xenial stable-4.4
for you to fetch changes up to 9126c8a3ac8a35006fa8c03e6672a1282095840b:
Linux 4.4.114 (2018-03-09 15:46:48 +0100)
----------------------------------------------------------------
Aaron Ma (1):
Input: trackpoint - force 3 buttons if 0 button is reported
Alexey Kodanev (1):
dccp: don't restart ccid2_hc_tx_rto_expire() if sk in closed state
Andrew Goodbody (1):
usb: usbip: Fix possible deadlocks reported by lockdep
Andy Lutomirski (1):
x86/asm/32: Make sync_core() handle missing CPUID on all 32-bit kernels
Ben Hutchings (4):
x86/microcode/intel: Fix BDW late-loading revision check
vsyscall: Fix permissions for emulate mode with KAISER/PTI
ipv6: Fix getsockopt() for sockets with default IPV6_AUTOFLOWLABEL
nfsd: auth: Fix gid sorting when rootsquash enabled
Craig Gallek (1):
tcp: __tcp_hdrlen() helper
Dan Streetman (1):
net: tcp: close sock if net namespace is exiting
Daniel Bristot de Oliveira (1):
sched/deadline: Use the revised wakeup rule for suspending constrained dl tasks
David Woodhouse (1):
x86/retpoline: Fill RSB on context switch for affected CPUs
Doug Berger (1):
cma: fix calculation of aligned offset
Eric Biggers (1):
PM / sleep: declare __tracedata symbols as char[] rather than char
Eric Dumazet (3):
ipv6: ip6_make_skb() needs to clear cork.base.dst
net: qdisc_pkt_len_init() should be more robust
flow_dissector: properly cap thoff field
Felix Fietkau (1):
net: igmp: fix source address check for IGMPv3 reports
Florian Westphal (2):
netfilter: x_tables: speed up jump target validation
netfilter: restart search if moved to other chain
Francois Romieu (1):
r8169: fix memory corruption on retrieval of hardware statistics.
Greg KH (1):
eventpoll.h: add missing epoll event masks
Greg Kroah-Hartman (1):
Linux 4.4.114
Guillaume Nault (1):
pppoe: take ->needed_headroom of lower device into account on xmit
Hongxu Jia (1):
netfilter: arp_tables: fix invoking 32bit "iptable -P INPUT ACCEPT" failed in 64bit kernel
Jan Kara (2):
ext2: Don't clear SGID when inheriting ACLs
reiserfs: Don't clear SGID when inheriting ACLs
Janakarajan Natarajan (1):
Prevent timer value 0 for MWAITX
Jeff Mahoney (2):
reiserfs: fix race in prealloc discard
reiserfs: don't preallocate blocks for extended attributes
Jia Zhang (1):
x86/microcode/intel: Extend BDW late-loading further with LLC size check
Jim Westfall (2):
net: Allow neigh contructor functions ability to modify the primary_key
ipv4: Make neigh lookup keys for loopback/point-to-point devices be INADDR_ANY
Jiri Slaby (2):
ipc: msg, make msgrcv work with LONG_MIN
fs/fcntl: f_setown, avoid undefined behaviour
Johannes Thumshirn (1):
scsi: libiscsi: fix shifting of DID_REQUEUE host byte
Jonathan Dieter (2):
usbip: Fix implicit fallthrough warning
usbip: Fix potential format overflow in userspace tools
Liping Zhang (2):
netfilter: nf_ct_expect: remove the redundant slash when policy name is empty
netfilter: nfnetlink_queue: reject verdict request from different portid
Marc Kleine-Budde (2):
can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once
can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once
Michal Hocko (1):
hwpoison, memcg: forcibly uncharge LRU pages
Mike Maloney (1):
ipv6: fix udpv6 sendmsg crash caused by too small MTU
Minghuan Lian (1):
PCI: layerscape: Fix MSG TLP drop setting
Neil Horman (1):
vmxnet3: repair memory leak
Paolo Abeni (1):
netfilter: nf_dup_ipv6: set again FLOWI_FLAG_KNOWN_NH at flowi6_flags
Pau Espin Pedrol (1):
netfilter: use fwmark_reflect in nf_send_reset
Rafael J. Wysocki (2):
ACPI / processor: Avoid reserving IO regions too early
ACPI / scan: Prefer devices without _HID/_CID for _ADR matching
Rui Wang (1):
x86/ioapic: Fix incorrect pointers in ioapic_setup_resources()
Seunghun Han (1):
ACPICA: Namespace: fix operand cache leak
Shuah Khan (4):
usbip: prevent vhci_hcd driver from leaking a socket pointer address
usbip: fix stub_rx: get_pipe() to validate endpoint number
usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input
usbip: prevent leaking socket pointer address in messages
Sudeep Holla (2):
drivers: base: cacheinfo: fix x86 with CONFIG_OF enabled
drivers: base: cacheinfo: fix boot error message when acpi is enabled
Thomas Gleixner (2):
timers: Plug locking race vs. timer migration
hrtimer: Reset hrtimer cpu base proper on CPU hotplug
Thomas Meyer (1):
um: link vmlinux with -no-pie
Ulrich Weber (1):
netfilter: nf_conntrack_sip: extend request line validation
Vegard Nossum (1):
time: Avoid undefined behaviour in ktime_add_safe()
Vlastimil Babka (2):
fs/select: add vmalloc fallback for select(2)
mm, page_alloc: fix potential false positive in __zone_watermark_ok
Xin Long (2):
sctp: do not allow the v4 socket to bind a v4mapped v6 address
sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf
Yang Shi (1):
PCI: layerscape: Add "fsl,ls2085a-pcie" compatible ID
Yuiko Oshino (1):
lan78xx: Fix failure in USB Full Speed
yangbo lu (1):
mmc: sdhci-of-esdhc: add/remove some quirks according to vendor version
Makefile | 2 +-
arch/um/Makefile | 2 +-
arch/x86/entry/vsyscall/vsyscall_64.c | 7 ++-
arch/x86/include/asm/cpufeatures.h | 3 +-
arch/x86/include/asm/processor.h | 2 +-
arch/x86/include/asm/switch_to.h | 38 ++++++++++++
arch/x86/include/asm/vsyscall.h | 1 +
arch/x86/kernel/apic/io_apic.c | 2 +-
arch/x86/kernel/cpu/bugs.c | 36 +++++++++++
arch/x86/kernel/cpu/intel_cacheinfo.c | 2 +
arch/x86/kernel/cpu/microcode/intel.c | 21 ++++++-
arch/x86/lib/delay.c | 7 +++
arch/x86/mm/kaiser.c | 2 +-
drivers/acpi/acpi_processor.c | 9 ---
drivers/acpi/acpica/nsutils.c | 23 +++----
drivers/acpi/glue.c | 12 ++--
drivers/acpi/processor_throttling.c | 9 +++
drivers/base/cacheinfo.c | 15 +++--
drivers/base/power/trace.c | 4 +-
drivers/input/mouse/trackpoint.c | 3 +
drivers/mmc/host/sdhci-of-esdhc.c | 10 +++
drivers/net/ethernet/realtek/r8169.c | 9 +--
drivers/net/ppp/pppoe.c | 11 ++--
drivers/net/usb/lan78xx.c | 1 +
drivers/net/vmxnet3/vmxnet3_drv.c | 2 +-
drivers/pci/host/pci-layerscape.c | 22 ++++---
drivers/scsi/libiscsi.c | 2 +-
drivers/usb/usbip/stub_dev.c | 3 +-
drivers/usb/usbip/stub_rx.c | 46 +++++++++++---
drivers/usb/usbip/usbip_common.c | 15 ++---
drivers/usb/usbip/usbip_common.h | 1 +
drivers/usb/usbip/usbip_event.c | 5 +-
drivers/usb/usbip/vhci_hcd.c | 90 ++++++++++++++++-----------
drivers/usb/usbip/vhci_rx.c | 30 +++++----
drivers/usb/usbip/vhci_sysfs.c | 44 ++++++++------
drivers/usb/usbip/vhci_tx.c | 14 +++--
fs/ext2/acl.c | 36 ++++++-----
fs/fcntl.c | 4 ++
fs/nfsd/auth.c | 5 +-
fs/reiserfs/bitmap.c | 14 ++++-
fs/reiserfs/xattr_acl.c | 12 ++--
fs/select.c | 14 ++++-
include/linux/cacheinfo.h | 1 +
include/linux/ktime.h | 7 +++
include/linux/netfilter/x_tables.h | 4 ++
include/linux/sched.h | 1 +
include/linux/tcp.h | 7 ++-
include/net/arp.h | 3 +
include/net/ipv6.h | 1 +
include/net/net_namespace.h | 10 +++
include/uapi/linux/eventpoll.h | 13 ++++
ipc/msg.c | 5 +-
kernel/sched/core.c | 2 +
kernel/sched/deadline.c | 98 ++++++++++++++++++++++++++----
kernel/time/hrtimer.c | 5 +-
kernel/time/timer.c | 9 ++-
mm/cma.c | 15 ++---
mm/memcontrol.c | 2 +-
mm/memory-failure.c | 7 +++
mm/page_alloc.c | 6 +-
net/can/af_can.c | 22 +++----
net/core/dev.c | 19 ++++--
net/core/flow_dissector.c | 3 +-
net/core/neighbour.c | 4 +-
net/dccp/ccids/ccid2.c | 3 +
net/ipv4/arp.c | 7 ++-
net/ipv4/igmp.c | 2 +-
net/ipv4/netfilter/arp_tables.c | 51 ++++++++--------
net/ipv4/netfilter/ip_tables.c | 45 +++++++-------
net/ipv4/netfilter/nf_reject_ipv4.c | 2 +
net/ipv4/tcp.c | 3 +
net/ipv4/tcp_timer.c | 15 +++++
net/ipv6/ip6_output.c | 9 ++-
net/ipv6/ipv6_sockglue.c | 2 +-
net/ipv6/netfilter/ip6_tables.c | 45 +++++++-------
net/ipv6/netfilter/nf_dup_ipv6.c | 1 +
net/ipv6/netfilter/nf_reject_ipv6.c | 3 +
net/netfilter/nf_conntrack_core.c | 7 +++
net/netfilter/nf_conntrack_expect.c | 2 +-
net/netfilter/nf_conntrack_sip.c | 5 +-
net/netfilter/nfnetlink_queue.c | 6 +-
net/netfilter/x_tables.c | 50 +++++++++++++++
net/sctp/socket.c | 30 ++++-----
tools/usb/usbip/libsrc/usbip_common.c | 9 ++-
tools/usb/usbip/libsrc/usbip_host_driver.c | 27 ++++++--
tools/usb/usbip/libsrc/vhci_driver.c | 8 +--
tools/usb/usbip/src/usbip.c | 2 +
87 files changed, 820 insertions(+), 348 deletions(-)
More information about the kernel-team
mailing list