APPLIED: [Xenial SRU] Xenial update to 4.4.114 stable release
Kleber Souza
kleber.souza at canonical.com
Tue Mar 13 09:42:08 UTC 2018
On 03/09/18 16:21, Stefan Bader wrote:
> Deliberately skipping "Revert "module: Add retpoline tag to VERMAGIC""
> because we decided we actually are fine with flagging things that way.
>
> Skipping because already applied:
> * Slow system response time due to a monitor bug (bug 1606147)
> - x86/cpu/intel: Introduce macros for Intel family numbers
> * CVE-2017-1000364
> - mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack
> * CVE-2017-17448
> - netfilter: nfnetlink_cthelper: Add missing permission checks
> * CVE-2017-17450
> - netfilter: xt_osf: Add missing permission checks
>
> We backported the following set for (bug 16407868):
> * netfilter: x_tables: pass xt_counters struct instead of packet
> counter
> * netfilter: x_tables: pass xt_counters struct to counter allocator
> * netfilter: x_tables: pack percpu counter allocations
> this caused the following stable patch to be not needed in Xenial:
> * netfilter: fix IS_ERR_VALUE usage
>
> Special care should be used when looking at "x86/retpoline: Fill RSB on
> context switch for affected CPUs". This uses a cpufeature bit which was
> used initially by the Spectre v2 Intel patches. So in order to apply it
> I did move the SPEC_CTRL bit definition out of the way.
>
> -Stefan
>
> --
>
> The following changes since commit fdf2a7bfb332c7f3e54da19e4161db4ac448bf20:
>
> Linux 4.4.113 (2018-03-09 08:52:15 +0100)
>
> are available in the git repository at:
>
> git://git.launchpad.net/~smb/+git/linux-xenial stable-4.4
>
> for you to fetch changes up to 9126c8a3ac8a35006fa8c03e6672a1282095840b:
>
> Linux 4.4.114 (2018-03-09 15:46:48 +0100)
>
> ----------------------------------------------------------------
> Aaron Ma (1):
> Input: trackpoint - force 3 buttons if 0 button is reported
>
> Alexey Kodanev (1):
> dccp: don't restart ccid2_hc_tx_rto_expire() if sk in closed state
>
> Andrew Goodbody (1):
> usb: usbip: Fix possible deadlocks reported by lockdep
>
> Andy Lutomirski (1):
> x86/asm/32: Make sync_core() handle missing CPUID on all 32-bit kernels
>
> Ben Hutchings (4):
> x86/microcode/intel: Fix BDW late-loading revision check
> vsyscall: Fix permissions for emulate mode with KAISER/PTI
> ipv6: Fix getsockopt() for sockets with default IPV6_AUTOFLOWLABEL
> nfsd: auth: Fix gid sorting when rootsquash enabled
>
> Craig Gallek (1):
> tcp: __tcp_hdrlen() helper
>
> Dan Streetman (1):
> net: tcp: close sock if net namespace is exiting
>
> Daniel Bristot de Oliveira (1):
> sched/deadline: Use the revised wakeup rule for suspending constrained dl tasks
>
> David Woodhouse (1):
> x86/retpoline: Fill RSB on context switch for affected CPUs
>
> Doug Berger (1):
> cma: fix calculation of aligned offset
>
> Eric Biggers (1):
> PM / sleep: declare __tracedata symbols as char[] rather than char
>
> Eric Dumazet (3):
> ipv6: ip6_make_skb() needs to clear cork.base.dst
> net: qdisc_pkt_len_init() should be more robust
> flow_dissector: properly cap thoff field
>
> Felix Fietkau (1):
> net: igmp: fix source address check for IGMPv3 reports
>
> Florian Westphal (2):
> netfilter: x_tables: speed up jump target validation
> netfilter: restart search if moved to other chain
>
> Francois Romieu (1):
> r8169: fix memory corruption on retrieval of hardware statistics.
>
> Greg KH (1):
> eventpoll.h: add missing epoll event masks
>
> Greg Kroah-Hartman (1):
> Linux 4.4.114
>
> Guillaume Nault (1):
> pppoe: take ->needed_headroom of lower device into account on xmit
>
> Hongxu Jia (1):
> netfilter: arp_tables: fix invoking 32bit "iptable -P INPUT ACCEPT" failed in 64bit kernel
>
> Jan Kara (2):
> ext2: Don't clear SGID when inheriting ACLs
> reiserfs: Don't clear SGID when inheriting ACLs
>
> Janakarajan Natarajan (1):
> Prevent timer value 0 for MWAITX
>
> Jeff Mahoney (2):
> reiserfs: fix race in prealloc discard
> reiserfs: don't preallocate blocks for extended attributes
>
> Jia Zhang (1):
> x86/microcode/intel: Extend BDW late-loading further with LLC size check
>
> Jim Westfall (2):
> net: Allow neigh contructor functions ability to modify the primary_key
> ipv4: Make neigh lookup keys for loopback/point-to-point devices be INADDR_ANY
>
> Jiri Slaby (2):
> ipc: msg, make msgrcv work with LONG_MIN
> fs/fcntl: f_setown, avoid undefined behaviour
>
> Johannes Thumshirn (1):
> scsi: libiscsi: fix shifting of DID_REQUEUE host byte
>
> Jonathan Dieter (2):
> usbip: Fix implicit fallthrough warning
> usbip: Fix potential format overflow in userspace tools
>
> Liping Zhang (2):
> netfilter: nf_ct_expect: remove the redundant slash when policy name is empty
> netfilter: nfnetlink_queue: reject verdict request from different portid
>
> Marc Kleine-Budde (2):
> can: af_can: can_rcv(): replace WARN_ONCE by pr_warn_once
> can: af_can: canfd_rcv(): replace WARN_ONCE by pr_warn_once
>
> Michal Hocko (1):
> hwpoison, memcg: forcibly uncharge LRU pages
>
> Mike Maloney (1):
> ipv6: fix udpv6 sendmsg crash caused by too small MTU
>
> Minghuan Lian (1):
> PCI: layerscape: Fix MSG TLP drop setting
>
> Neil Horman (1):
> vmxnet3: repair memory leak
>
> Paolo Abeni (1):
> netfilter: nf_dup_ipv6: set again FLOWI_FLAG_KNOWN_NH at flowi6_flags
>
> Pau Espin Pedrol (1):
> netfilter: use fwmark_reflect in nf_send_reset
>
> Rafael J. Wysocki (2):
> ACPI / processor: Avoid reserving IO regions too early
> ACPI / scan: Prefer devices without _HID/_CID for _ADR matching
>
> Rui Wang (1):
> x86/ioapic: Fix incorrect pointers in ioapic_setup_resources()
>
> Seunghun Han (1):
> ACPICA: Namespace: fix operand cache leak
>
> Shuah Khan (4):
> usbip: prevent vhci_hcd driver from leaking a socket pointer address
> usbip: fix stub_rx: get_pipe() to validate endpoint number
> usbip: fix stub_rx: harden CMD_SUBMIT path to handle malicious input
> usbip: prevent leaking socket pointer address in messages
>
> Sudeep Holla (2):
> drivers: base: cacheinfo: fix x86 with CONFIG_OF enabled
> drivers: base: cacheinfo: fix boot error message when acpi is enabled
>
> Thomas Gleixner (2):
> timers: Plug locking race vs. timer migration
> hrtimer: Reset hrtimer cpu base proper on CPU hotplug
>
> Thomas Meyer (1):
> um: link vmlinux with -no-pie
>
> Ulrich Weber (1):
> netfilter: nf_conntrack_sip: extend request line validation
>
> Vegard Nossum (1):
> time: Avoid undefined behaviour in ktime_add_safe()
>
> Vlastimil Babka (2):
> fs/select: add vmalloc fallback for select(2)
> mm, page_alloc: fix potential false positive in __zone_watermark_ok
>
> Xin Long (2):
> sctp: do not allow the v4 socket to bind a v4mapped v6 address
> sctp: return error if the asoc has been peeled off in sctp_wait_for_sndbuf
>
> Yang Shi (1):
> PCI: layerscape: Add "fsl,ls2085a-pcie" compatible ID
>
> Yuiko Oshino (1):
> lan78xx: Fix failure in USB Full Speed
>
> yangbo lu (1):
> mmc: sdhci-of-esdhc: add/remove some quirks according to vendor version
>
> Makefile | 2 +-
> arch/um/Makefile | 2 +-
> arch/x86/entry/vsyscall/vsyscall_64.c | 7 ++-
> arch/x86/include/asm/cpufeatures.h | 3 +-
> arch/x86/include/asm/processor.h | 2 +-
> arch/x86/include/asm/switch_to.h | 38 ++++++++++++
> arch/x86/include/asm/vsyscall.h | 1 +
> arch/x86/kernel/apic/io_apic.c | 2 +-
> arch/x86/kernel/cpu/bugs.c | 36 +++++++++++
> arch/x86/kernel/cpu/intel_cacheinfo.c | 2 +
> arch/x86/kernel/cpu/microcode/intel.c | 21 ++++++-
> arch/x86/lib/delay.c | 7 +++
> arch/x86/mm/kaiser.c | 2 +-
> drivers/acpi/acpi_processor.c | 9 ---
> drivers/acpi/acpica/nsutils.c | 23 +++----
> drivers/acpi/glue.c | 12 ++--
> drivers/acpi/processor_throttling.c | 9 +++
> drivers/base/cacheinfo.c | 15 +++--
> drivers/base/power/trace.c | 4 +-
> drivers/input/mouse/trackpoint.c | 3 +
> drivers/mmc/host/sdhci-of-esdhc.c | 10 +++
> drivers/net/ethernet/realtek/r8169.c | 9 +--
> drivers/net/ppp/pppoe.c | 11 ++--
> drivers/net/usb/lan78xx.c | 1 +
> drivers/net/vmxnet3/vmxnet3_drv.c | 2 +-
> drivers/pci/host/pci-layerscape.c | 22 ++++---
> drivers/scsi/libiscsi.c | 2 +-
> drivers/usb/usbip/stub_dev.c | 3 +-
> drivers/usb/usbip/stub_rx.c | 46 +++++++++++---
> drivers/usb/usbip/usbip_common.c | 15 ++---
> drivers/usb/usbip/usbip_common.h | 1 +
> drivers/usb/usbip/usbip_event.c | 5 +-
> drivers/usb/usbip/vhci_hcd.c | 90 ++++++++++++++++-----------
> drivers/usb/usbip/vhci_rx.c | 30 +++++----
> drivers/usb/usbip/vhci_sysfs.c | 44 ++++++++------
> drivers/usb/usbip/vhci_tx.c | 14 +++--
> fs/ext2/acl.c | 36 ++++++-----
> fs/fcntl.c | 4 ++
> fs/nfsd/auth.c | 5 +-
> fs/reiserfs/bitmap.c | 14 ++++-
> fs/reiserfs/xattr_acl.c | 12 ++--
> fs/select.c | 14 ++++-
> include/linux/cacheinfo.h | 1 +
> include/linux/ktime.h | 7 +++
> include/linux/netfilter/x_tables.h | 4 ++
> include/linux/sched.h | 1 +
> include/linux/tcp.h | 7 ++-
> include/net/arp.h | 3 +
> include/net/ipv6.h | 1 +
> include/net/net_namespace.h | 10 +++
> include/uapi/linux/eventpoll.h | 13 ++++
> ipc/msg.c | 5 +-
> kernel/sched/core.c | 2 +
> kernel/sched/deadline.c | 98 ++++++++++++++++++++++++++----
> kernel/time/hrtimer.c | 5 +-
> kernel/time/timer.c | 9 ++-
> mm/cma.c | 15 ++---
> mm/memcontrol.c | 2 +-
> mm/memory-failure.c | 7 +++
> mm/page_alloc.c | 6 +-
> net/can/af_can.c | 22 +++----
> net/core/dev.c | 19 ++++--
> net/core/flow_dissector.c | 3 +-
> net/core/neighbour.c | 4 +-
> net/dccp/ccids/ccid2.c | 3 +
> net/ipv4/arp.c | 7 ++-
> net/ipv4/igmp.c | 2 +-
> net/ipv4/netfilter/arp_tables.c | 51 ++++++++--------
> net/ipv4/netfilter/ip_tables.c | 45 +++++++-------
> net/ipv4/netfilter/nf_reject_ipv4.c | 2 +
> net/ipv4/tcp.c | 3 +
> net/ipv4/tcp_timer.c | 15 +++++
> net/ipv6/ip6_output.c | 9 ++-
> net/ipv6/ipv6_sockglue.c | 2 +-
> net/ipv6/netfilter/ip6_tables.c | 45 +++++++-------
> net/ipv6/netfilter/nf_dup_ipv6.c | 1 +
> net/ipv6/netfilter/nf_reject_ipv6.c | 3 +
> net/netfilter/nf_conntrack_core.c | 7 +++
> net/netfilter/nf_conntrack_expect.c | 2 +-
> net/netfilter/nf_conntrack_sip.c | 5 +-
> net/netfilter/nfnetlink_queue.c | 6 +-
> net/netfilter/x_tables.c | 50 +++++++++++++++
> net/sctp/socket.c | 30 ++++-----
> tools/usb/usbip/libsrc/usbip_common.c | 9 ++-
> tools/usb/usbip/libsrc/usbip_host_driver.c | 27 ++++++--
> tools/usb/usbip/libsrc/vhci_driver.c | 8 +--
> tools/usb/usbip/src/usbip.c | 2 +
> 87 files changed, 820 insertions(+), 348 deletions(-)
>
Applied to xenial/master-next branch.
Thanks,
Kleber
More information about the kernel-team
mailing list