Commit cc3c6eb2 authored by Lorenzo "Palinuro" Faletra's avatar Lorenzo "Palinuro" Faletra
Browse files

Import Debian changes 4.9.30-1parrot30

linux (4.9.30-1parrot30) testing; urgency=medium

  * Import new upstream release.

linux (4.9.30-1) unstable; urgency=medium

  * New upstream stable update:
    https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.26
    - [arm64] Revert "mmc: sdhci-msm: Enable few quirks"
    - ping: implement proper locking
    - [sparc64] kern_addr_valid regression
    - [sparc64] Fix kernel panic due to erroneous #ifdef surrounding
      pmd_write()
    - net: neigh: guard against NULL solicit() method
    - net: phy: handle state correctly in phy_stop_machine
    - bpf: improve verifier packet range checks
    - net/mlx5: Avoid dereferencing uninitialized pointer
    - l2tp: hold tunnel socket when handling control frames in l2tp_ip
      and l2tp_ip6
    - l2tp: purge socket queues in the .destruct() callback
    - net/packet: fix overflow in check for tp_frame_nr
    - net/packet: fix overflow in check for tp_reserve
    - l2tp: take reference on sessions being dumped
    - l2tp: fix PPP pseudo-wire auto-loading
    - net: ipv4: fix multipath RTM_GETROUTE behavior when iif is given
    - sctp: listen on the sock only when it's state is listening or
      closed
    - tcp: clear saved_syn in tcp_disconnect()
    - ipv6: Fix idev->addr_list corruption
    - net-timestamp: avoid use-after-free in ip_recv_error
    - net: vrf: Fix setting NLM_F_EXCL flag when adding l3mdev rule
    - dp83640: don't recieve time stamps twice
    - gso: Validate assumption of frag_list segementation
    - net: ipv6: RTF_PCPU should not be settable from userspace
    - netpoll: Check for skb->queue_mapping
    - ip6mr: fix notification device destruction
    - net/mlx5: Fix driver load bad flow when having fw
      initializing timeout
    - net/mlx5e: Fix small packet threshold
    - net/mlx5e: Fix ETHTOOL_GRXCLSRLALL handling
    - macvlan: Fix device ref leak when purging bc_queue
    - net: ipv6: regenerate host route if moved to gc list
    - net: phy: fix auto-negotiation stall due to unavailable interrupt
    - ipv6: check skb->protocol before lookup for nexthop
    - tcp: memset ca_priv data to 0 properly
    - ipv6: check raw payload size correctly in ioctl
    - ALSA: oxfw: fix regression to handle Stanton SCS.1m/1d
    - ALSA: firewire-lib: fix inappropriate assignment between
      signed/unsigned type
    - ALSA: seq: Don't break snd_use_lock_sync() loop by timeout
    - [mips*] KGDB: Use kernel context for sleeping threads
    - [mips*] Avoid BUG warning in arch_check_elf
    - p9_client_readdir() fix
    - [x86] ASoC: intel: Fix PM and non-atomic crash in bytcr drivers
    - Input: i8042 - add Clevo P650RS to the i8042 reset list
    - nfsd: check for oversized NFSv2/v3 arguments
    - nfsd4: minor NFSv2/v3 write decoding cleanup
    - nfsd: stricter decoding of write-like NFSv2/v3 ops
    - ceph: fix recursion between ceph_set_acl() and __ceph_setattr()
    - macsec: avoid heap overflow in skb_to_sgvec
    - net: can: usb: gs_usb: Fix buffer on stack
    - [x86] ftrace: Fix triple fault with graph tracing and suspend-to-ram
    https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.27
    - timerfd: Protect the might cancel mechanism proper
    - Handle mismatched open calls
    - [x86] tpm_tis: use default timeout value if chip reports it as zero
    - scsi: storvsc: Workaround for virtual DVD SCSI version
    - [powerpc, x86] hwmon: (it87) Avoid registering the same chip on both SIO
      addresses
    - 8250_pci: Fix potential use-after-free in error path
    - ceph: try getting buffer capability for readahead/fadvise
    - cpu/hotplug: Serialize callback invocations proper
    - dm ioctl: prevent stack leak in dm ioctl call
    https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.28
    - 9p: fix a potential acl leak
    - hwmon: (it87) Fix pwm4 detection for IT8620 and IT8628
    - [x86] tpm: fix RC value check in tpm2_seal_trusted
    - [x86] tmp: use pdev for parent device in tpm_chip_alloc
    - cpupower: Fix turbo frequency reporting for pre-Sandy Bridge cores
    - [powerpc*] mm: Fixup wrong LPCR_VRMASD value
    - [powerpc*] powernv: Fix opal_exit tracepoint opcode
    - [powerpc*] Correctly disable latent entropy GCC plugin on
      prom_init.o
    - [x86] perf/x86/intel/pt: Add format strings for PTWRITE and power
      event tracing
    - [arm64] dts: r8a7795: Mark EthernetAVB device node disabled
    - [arm64] dts: qcom: Fix ipq board clock rates
    - [arm64] Improve detection of user/non-user mappings in
      set_pte(_at)
    - [armhf] OMAP5 / DRA7: Fix HYP mode boot for thumb2 build
    - [armhf] dts: sun7i: lamobo-r1: Fix CPU port RGMII settings
    - mwifiex: debugfs: Fix (sometimes) off-by-1 SSID print
    - mwifiex: remove redundant dma padding in AMSDU
    - mwifiex: Avoid skipping WEP key deletion for AP
    - iwlwifi: fix MODULE_FIRMWARE for 6030
    - iwlwifi: mvm: don't restart HW if suspend fails with unified image
    - iwlwifi: mvm: overwrite skb info later
    - iwlwifi: pcie: don't increment / decrement a bool
    - iwlwifi: pcie: trans: Remove unused 'shift_param'
    - iwlwifi: pcie: fix the set of DMA memory mask
    - iwlwifi: mvm: fix reorder timer re-arming
    - iwlwifi: mvm: Use aux queue for offchannel frames in dqa
    - iwlwifi: mvm/pcie: adjust A-MSDU tx_cmd length in PCIe
    - iwlwifi: mvm: fix pending frame counter calculation
    - iwlwifi: mvm: fix references to first_agg_queue in DQA mode
    - iwlwifi: mvm: synchronize firmware DMA paging memory
    - iwlwifi: mvm: writing zero bytes to debugfs causes a crash
    - [x86] ioapic: Restore IO-APIC irq_chip retrigger callback
    - [amd64] x86/pci-calgary: Fix iommu_free() comparison of unsigned
      expression >= 0
    - [x86] kprobes/x86: Fix kernel panic when certain exception-
      handling addresses are probed
    - [x86] platform/intel-mid: Correct MSI IRQ line for watchdog device
    - [x86] KVM: nVMX: initialize PML fields in vmcs02
    - [x86] KVM: nVMX: do not leak PML full vmexit to L1
    - [arm64, armhf] usb: dwc2: host: use msleep() for long delay
    - [armhf] usb: host: ehci-exynos: Decrese node refcount on
      exynos_ehci_get_phy() error paths
    - [armhf] usb: host: ohci-exynos: Decrese node refcount on
      exynos_ehci_get_phy() error paths
    - [arm64, armhf] usb: chipidea: Only read/write OTGSC from one place
    - [arm64, armhf] usb: chipidea: Handle extcon events properly
    - USB: serial: keyspan_pda: fix receive sanity checks
    - USB: serial: digi_acceleport: fix incomplete rx sanity check
    - USB: serial: ssu100: fix control-message error handling
    - USB: serial: io_edgeport: fix epic-descriptor handling
    - USB: serial: ti_usb_3410_5052: fix control-message error handling
    - USB: serial: ark3116: fix open error handling
    - USB: serial: ftdi_sio: fix latency-timer error handling
    - USB: serial: quatech2: fix control-message error handling
    - USB: serial: mct_u232: fix modem-status error handling
    - USB: serial: io_edgeport: fix descriptor error handling
    - [armhf] clk: rockchip: add "," to
      mux_pll_src_apll_dpll_gpll_usb480m_p on rk3036
    - phy: qcom-usb-hs: Add depends on EXTCON
    - scsi: qla2xxx: Fix crash in qla2xxx_eh_abort on bad ptr
    - scsi: mac_scsi: Fix MAC_SCSI=m option when SCSI=m
    - scsi: smartpqi: fix time handling
    - [mips*] R2-on-R6 MULTU/MADDU/MSUBU emulation bugfix
    - brcmfmac: Ensure pointer correctly set if skb data location
      changes
    - brcmfmac: Make skb header writable before use
    - [x86] staging/lustre/llite: move root_squash from sysfs to debugfs
    - [x86] staging: wlan-ng: add missing byte order conversion
    - ALSA: hda - Fix deadlock of controller device lock at unbinding
    - [sparc64] fix fault handling in NGbzero.S and GENbzero.S
    - macsec: dynamically allocate space for sglist
    - tcp: do not underestimate skb->truesize in tcp_trim_head()
    - bpf: enhance verifier to understand stack pointer arithmetic
    - [arm64] bpf: fix jit branch offset related to ldimm64
    - tcp: fix wraparound issue in tcp_lp
    - net: ipv6: Do not duplicate DAD on link up
    - net: usb: qmi_wwan: add Telit ME910 support
    - tcp: do not inherit fastopen_req from parent
    - ipv4, ipv6: ensure raw socket message is big enough to hold
      an IP header
    - rtnetlink: NUL-terminate IFLA_PHYS_PORT_NAME string
    - ipv6: initialize route null entry in addrconf_init()
    - ipv6: reorder ip6_route_dev_notifier after ipv6_dev_notf
    - bnxt_en: allocate enough space for ->ntp_fltr_bmap
    - bpf: don't let ldimm64 leak map addresses on unprivileged
      (CVE-2017-9150)
    - f2fs: sanity check segment count
    - xen: Revert commits da72ff5bfcb0 and 72a9b186292d
    - [arm64, armhf] wlcore: Pass win_size taken from
      ieee80211_sta to FW
    - [arm64, armhf] wlcore: Add RX_BA_WIN_SIZE_CHANGE_EVENT event
    - drm/ttm: fix use-after-free races in vm fault handling
    - block: get rid of blk_integrity_revalidate()
    https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.29
    - [x86] xen: adjust early dom0 p2m handling to xen hypervisor behavior
    - target: Fix compare_and_write_callback handling for non GOOD status
    - target/fileio: Fix zero-length READ and WRITE handling
    - iscsi-target: Set session_fall_back_to_erl0 when forcing reinstatement
    - usb: xhci: bInterval quirk for TI TUSB73x0
    - usb: host: xhci: print correct command ring address
    - USB: Proper handling of Race Condition when two USB class drivers try to
      call init_usb_class simultaneously
    - USB: Revert "cdc-wdm: fix "out-of-sync" due to missing notifications"
    - [x86] staging: vt6656: use off stack for in buffer USB transfers.
    - [x86] staging: vt6656: use off stack for out buffer USB transfers.
    - [x86] staging: comedi: jr3_pci: fix possible null pointer dereference
    - [x86] staging: comedi: jr3_pci: cope with jiffies wraparound
    - usb: misc: add missing continue in switch
    - usb: gadget: legacy gadgets are optional
    - usb: Make sure usb/phy/of gets built-in
    - usb: hub: Fix error loop seen after hub communication errors
    - usb: hub: Do not attempt to autosuspend disconnected devices
    - [x86] boot: Fix BSS corruption/overwrite bug in early x86 kernel startup
    - [amd64] pmem: Fix cache flushing for iovec write < 8 bytes
    - [x86] perf: Fix Broadwell-EP DRAM RAPL events
    - [x86] KVM: fix user triggerable warning in kvm_apic_accept_events()
    - [armhf,arm64] KVM: fix races in kvm_psci_vcpu_on
    - [arm64] KVM: Fix decoding of Rt/Rt2 when trapping AArch32 CP accesses
    - block: fix blk_integrity_register to use template's interval_exp if not 0
    - crypto: algif_aead - Require setkey before accept(2)
    - [x86] crypto: ccp - Use only the relevant interrupt bits
    - [x86] crypto: ccp - Disable interrupts early on unload
    - [x86] crypto: ccp - Change ISR handler method for a v3 CCP
    - [x86] crypto: ccp - Change ISR handler method for a v5 CCP
    - dm era: save spacemap metadata root after the pre-commit
    - dm rq: check blk_mq_register_dev() return value in
      dm_mq_init_request_queue()
    - dm thin: fix a memory leak when passing discard bio down
    - vfio/type1: Remove locked page accounting workqueue
    - iov_iter: don't revert iov buffer if csum error
    - IB/core: Fix sysfs registration error flow
    - IB/core: For multicast functions, verify that LIDs are multicast LIDs
    - IB/IPoIB: ibX: failed to create mcg debug file
    - IB/mlx4: Fix ib device initialization error flow
    - IB/mlx4: Reduce SRIOV multicast cleanup warning message to debug level
    - IB/hfi1: Prevent kernel QP post send hard lockups
    - perf auxtrace: Fix no_size logic in addr_filter__resolve_kernel_syms()
    - ext4: evict inline data when writing to memory map
    - fs/xattr.c: zero out memory copied to userspace in getxattr
    - ceph: fix memory leak in __ceph_setxattr()
    - fs/block_dev: always invalidate cleancache in invalidate_bdev()
    - mm: prevent potential recursive reclaim due to clearing PF_MEMALLOC
    - Fix match_prepath()
    - Set unicode flag on cifs echo request to avoid Mac error
    - SMB3: Work around mount failure when using SMB3 dialect to Macs
    - CIFS: fix mapping of SFM_SPACE and SFM_PERIOD
    - cifs: fix leak in FSCTL_ENUM_SNAPS response handling
    - cifs: fix CIFS_ENUMERATE_SNAPSHOTS oops
    - CIFS: fix oplock break deadlocks
    - cifs: fix CIFS_IOC_GET_MNT_INFO oops
    - CIFS: add misssing SFM mapping for doublequote
    - padata: free correct variable
    - device-dax: fix cdev leak
    - fscrypt: fix context consistency check when key(s) unavailable
    - [armhf] serial: samsung: Use right device for DMA-mapping calls
    - [armhf] serial: omap: fix runtime-pm handling on unbind
    - [armhf] serial: omap: suspend device on probe errors
    - tty: pty: Fix ldisc flush after userspace become aware of the data already
    - Bluetooth: Fix user channel for 32bit userspace on 64bit kernel
    - Bluetooth: hci_bcm: add missing tty-device sanity check
    - Bluetooth: hci_intel: add missing tty-device sanity check
    - ipmi: Fix kernel panic at ipmi_ssif_thread()
    - libnvdimm, region: fix flush hint detection crash
    - libnvdimm, pmem: fix a NULL pointer BUG in nd_pmem_notify
    - libnvdimm, pfn: fix 'npfns' vs section alignment
    - [powerpc*/*64*] pstore: Fix flags to enable dumps on powerpc
    - pstore: Shut down worker when unregistering
    https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.30
    - usb: misc: legousbtower: Fix buffers on stack
    - usb: misc: legousbtower: Fix memory leak
    - USB: ene_usb6250: fix DMA to the stack
    - watchdog: pcwd_usb: fix NULL-deref at probe
    - char: lp: fix possible integer overflow in lp_setup() (CVE-2017-1000363)
    - USB: core: replace %p with %pK
    - tpm_tis_core: Choose appropriate timeout for reading burstcount
    - ALSA: hda: Fix cpu lockup when stopping the cmd dmas
    - [armhf] tegra: paz00: Mark panel regulator as enabled on boot
    - fanotify: don't expose EOPENSTALE to userspace
    - tpm_tis_spi: Use single function to transfer data
    - tpm_tis_spi: Abort transfer when too many wait states are signaled
    - tpm_tis_spi: Check correct byte for wait state indicator
    - tpm_tis_spi: Remove limitation of transfers to MAX_SPI_FRAMESIZE bytes
    - tpm_tis_spi: Add small delay after last transfer
    - tpm: msleep() delays - replace with usleep_range() in i2c nuvoton driver
    - tpm: add sleep only for retry in i2c_nuvoton_write_status()
    - tpm_crb: check for bad response size
    - mlx5: Fix mlx5_ib_map_mr_sg mr length
    - infiniband: call ipv6 route lookup via the stub interface
    - dm btree: fix for dm_btree_find_lowest_key()
    - dm raid: select the Kconfig option CONFIG_MD_RAID0
    - dm bufio: avoid a possible ABBA deadlock
    - dm bufio: check new buffer allocation watermark every 30 seconds
    - dm mpath: split and rename activate_path() to prepare for its expanded use
    - dm cache metadata: fail operations if fail_io mode has been established
    - dm bufio: make the parameter "retain_bytes" unsigned long
    - dm thin metadata: call precommit before saving the roots
    - dm space map disk: fix some book keeping in the disk space map
    - md: update slab_cache before releasing new stripes when stripes resizing
    - md: MD_CLOSING needs to be cleared after called md_set_readonly or
      do_md_stop
    - rtlwifi: rtl8821ae: setup 8812ae RFE according to device type
    - mwifiex: MAC randomization should not be persistent
    - mwifiex: pcie: fix cmd_buf use-after-free in remove/reset
    - ima: accept previously set IMA_NEW_FILE
    - [x86] KVM: Fix load damaged SSEx MXCSR register
    - [x86] KVM: Fix potential preemption when get the current kvmclock
      timestamp
    - [x86] KVM: Fix read out-of-bounds vulnerability in kvm pio emulation
    - [i386] fix 32-bit case of __get_user_asm_u64()
    - [armhf] regulator: rk808: Fix RK818 LDO2
    - [s390x] kdump: Add final note
    - [s390x] cputime: fix incorrect system time
    - ath9k_htc: Add support of AirTies 1eda:2315 AR9271 device
    - ath9k_htc: fix NULL-deref at probe
    - [x86] drm/amdgpu: Make display watermark calculations more accurate
    - [x86] drm/amdgpu: Avoid overflows/divide-by-zero in latency_watermark
      calculations.
    - [x86] drm/amdgpu: Add missing lb_vblank_lead_lines setup to DCE-6 path.
    - drm/nouveau/therm: remove ineffective workarounds for alarm bugs
    - drm/nouveau/tmr: ack interrupt before processing alarms
    - drm/nouveau/tmr: fix corruption of the pending list when rescheduling an
      alarm
    - drm/nouveau/tmr: avoid processing completed alarms when adding a new one
    - drm/nouveau/tmr: handle races with hw when updating the next alarm time
    - [armhf] gpio: omap: return error if requested debounce time is not
      possible
    - cdc-acm: fix possible invalid access when processing notification
    - ohci-pci: add qemu quirk
    - [powerpc*] cxl: Force context lock during EEH flow
    - [powerpc*] cxl: Route eeh events to all drivers in
      cxl_pci_error_detected()
    - proc: Fix unbalanced hard link numbers
    - of: fix sparse warning in of_pci_range_parser_one
    - of: fix "/cpus" reference leak in of_numa_parse_cpu_nodes()
    - of: fdt: add missing allocation-failure check
    - [powerpc*/*64*] ibmvscsis: Do not send aborted task response
    - [x86] IIO: bmp280-core.c: fix error in humidity calculation
    - IB/hfi1: Return an error on memory allocation failure
    - IB/hfi1: Fix a subcontext memory leak
    - pid_ns: Sleep in TASK_INTERRUPTIBLE in zap_pid_ns_processes
    - pid_ns: Fix race between setns'ed fork() and zap_pid_ns_processes()
    - USB: serial: ftdi_sio: fix setting latency for unprivileged users
    - USB: serial: ftdi_sio: add Olimex ARM-USB-TINY(H) PIDs
    - USB: chaoskey: fix Alea quirk on big-endian hosts
    - f2fs: check entire encrypted bigname when finding a dentry
    - fscrypt: avoid collisions when presenting long encrypted filenames
    - libnvdimm: fix clear length of nvdimm_forget_poison()
    - xhci: remove GFP_DMA flag from allocation
    - usb: host: xhci-plat: propagate return value of platform_get_irq()
    - xhci: apply PME_STUCK_QUIRK and MISSING_CAS quirk for Denverton
    - usb: host: xhci-mem: allocate zeroed Scratchpad Buffer
    - net: irda: irda-usb: fix firmware name on big-endian hosts
    - usbvision: fix NULL-deref at probe
    - mceusb: fix NULL-deref at probe
    - ttusb2: limit messages to buffer size
    - [armhf,arm64] usb: dwc3: gadget: Prevent losing events in event cache
    - [armhf] usb: musb: tusb6010_omap: Do not reset the other direction's
      packet size
    - [armhf] usb: musb: Fix trying to suspend while active for OTG
      configurations
    - USB: iowarrior: fix info ioctl on big-endian hosts
    - usb: serial: option: add Telit ME910 support
    - USB: serial: qcserial: add more Lenovo EM74xx device IDs
    - USB: serial: mct_u232: fix big-endian baud-rate handling
    - USB: serial: io_ti: fix div-by-zero in set_termios
    - USB: hub: fix SS hub-descriptor handling
    - USB: hub: fix non-SS hub-descriptor handling
    - ipx: call ipxitf_put() in ioctl error path (CVE-2017-7487)
    - iio: hid-sensor: Store restore poll and hysteresis on S3
    - gspca: konica: add missing endpoint sanity check
    - dib0700: fix NULL-deref at probe
    - zr364xx: enforce minimum size when reading header
    - dvb-frontends/cxd2841er: define symbol_rate_min/max in T/C fe-ops
    - digitv: limit messages to buffer size
    - dw2102: limit messages to buffer size
    - cx231xx-audio: fix init error path
    - cx231xx-audio: fix NULL-deref at probe
    - cx231xx-cards: fix NULL-deref at probe
    - [powerpc*] mm: Ensure IRQs are off in switch_mm()
    - [powerpc*] eeh: Avoid use after free in eeh_handle_special_event()
    - [powerpc*] book3s/mce: Move add_taint() later in virtual mode
    - [powerpc*] pseries: Fix of_node_put() underflow during DLPAR remove
    - [powerpc*] iommu: Do not call PageTransHuge() on tail pages
    - [powerpc*] tm: Fix FP and VMX register corruption
    - [arm64] KVM: Do not use stack-protector to compile EL2 code
    - [armhf] KVM: Do not use stack-protector to compile HYP code
    - [armhf] KVM: plug potential guest hardware debug leakage
    - [armel,armhf] 8662/1: module: split core and init PLT sections
    - [armhf] dts: imx6sx-sdb: Remove OPP override
    - [arm64] dts: hi6220: Reset the mmc hosts
    - [arm64] xchg: hazard against entire exchange variable
    - [arm64] ensure extension of smp_store_release value
    - [arm64] armv8_deprecated: ensure extension of addr
    - [arm64] uaccess: ensure extension of access_ok() addr
    - [arm64] documentation: document tagged pointer stack constraints
    - [x86] staging: rtl8192e: rtl92e_fill_tx_desc fix write to mapped out
      memory.
    - [x86] staging: rtl8192e: fix 2 byte alignment of register BSSIDR.
    - [x86] staging: rtl8192e: rtl92e_get_eeprom_size Fix read size of
      EPROM_CMD.
    - [x86] staging: rtl8192e: GetTs Fix invalid TID 7 warning.
    - [x86] iommu/vt-d: Flush the IOTLB to get rid of the initial kdump mappings
    - stackprotector: Increase the per-task stack canary's random range from 32
      bits to 64 bits on 64-bit platforms
    - uwb: fix device quirk on big-endian hosts
    - genirq: Fix chained interrupt data ordering
    - nvme: unmap CMB and remove sysfs file in reset path
    - [alpha] osf_wait4(): fix infoleak
    - tracing/kprobes: Enforce kprobes teardown after testing
    - [x86] PCI: hv: Allocate interrupt descriptors with GFP_ATOMIC
    - [x86] PCI: hv: Specify CPU_AFFINITY_ALL for MSI affinity when >= 32 CPUs
    - PCI: Fix pci_mmap_fits() for HAVE_PCI_RESOURCE_TO_USER platforms
    - PCI: Fix another sanity check bug in /proc/pci mmap
    - PCI: Only allow WC mmap on prefetchable resources
    - PCI: Freeze PME scan before suspending devices
    - [armel,armhf] mtd: nand: orion: fix clk handling
    - [armhf] mtd: nand: omap2: Fix partition creation via cmdline mtdparts
    - mtd: nand: add ooblayout for old hamming layout
    - [x86] drm/edid: Add 10 bpc quirk for LGD 764 panel in HP zBook 17 G2
    - NFSv4: Fix a hang in OPEN related to server reboot
    - NFS: Fix use after free in write error path
    - NFS: Use GFP_NOIO for two allocations in writeback
    - nfsd: fix undefined behavior in nfsd4_layout_verify
    - nfsd: encoders mustn't use unitialized values in error cases
    - drivers: char: mem: Check for address space wraparound with mmap()
    - [x86] drm/i915/gvt: Disable access to stolen memory as a guest

  [ Aurelien Jarno ]
  * [mips*/*-malta] Enable POWER_RESET and POWER_RESET_SYSCON.

  [ Uwe Kleine-König ]
  * [arm64] Enable DRM modules (Closes: #863344)
  * Ignore ABI changes in chipidea driver

  [ Ben Hutchings ]
  * Ignore ABI changes in ccp and hid-sensors
  * [mips*el/loongson-3] Revert "MIPS: Loongson-3: Select
    MIPS_L1_CACHE_SHIFT_6" to avoid ABI change
  * SUNRPC: Refactor svc_set_num_threads()
  * NFSv4: Fix callback server shutdown (CVE-2017-9059) (Closes: #862357)
  * uapi: fix linux/if.h userspace compilation errors (see #822393, #824442)
  * debian/control: Fix compiler build-dependencies for cross-building
    (Closes: #863907)
  * Add Debian package version to "hung task" log messages
  * btrfs: warn about RAID5/6 being experimental at mount time (Closes: #863290)
  * [x86] pinctrl: cherryview: Add a quirk to make Acer Chromebook keyboard
    work again (Closes: #862723)
  * [arm64] serial: pl011: add console matching function (Closes: #861898)
  * [rt] Add new GPG subkeys for Sebastian Andrzej Siewior
  * [rt] Update to 4.9.30-rt20:
    - rtmutex: Deboost before waking up the top waiter
    - sched/rtmutex/deadline: Fix a PI crash for deadline tasks
    - sched/deadline/rtmutex: Dont miss the dl_runtime/dl_period update
    - rtmutex: Clean up
    - sched/rtmutex: Refactor rt_mutex_setprio()
    - sched,tracing: Update trace_sched_pi_setprio()
    - rtmutex: Fix PI chain order integrity
    - rtmutex: Fix more prio comparisons
    - rtmutex: Plug preempt count leak in rt_mutex_futex_unlock()
    - futex: Avoid freeing an active timer
    - futex: Fix small (and harmless looking) inconsistencies
    - futex,rt_mutex: Fix rt_mutex_cleanup_proxy_lock()
    - Revert "timers: Don't wake ktimersoftd on every tick"
    - futex/rtmutex: Cure RT double blocking issue
    - random: avoid preempt_disable()ed section

  [ Salvatore Bonaccorso ]
  * tracing: Use strlcpy() instead of strcpy() in __trace_find_cmdline()
    (CVE-2017-0605)
  * dccp/tcp: do not inherit mc_list from parent (CVE-2017-8890)
  * ipv6: Prevent overrun when parsing v6 header options (CVE-2017-9074)
  * sctp: do not inherit ipv6_{mc|ac|fl}_list from parent (CVE-2017-9075)
  * ipv6/dccp: do not inherit ipv6_mc_list from parent (CVE-2017-9076,
    CVE-2017-9077)
  * crypto: skcipher - Add missing API setkey checks (CVE-2017-9211)
  * ipv6: fix out of bound writes in __ip6_append_data() (CVE-2017-9242)

  [ Cyril Brulebois ]
  * udeb: Add efivarfs to efi-modules, which can be needed to retrieve
    firmware or configuration bits from d-i. (Closes: #862555)

  [ John Paul Adrian Glaubitz ]
  * [m68k] udeb: Build loop-modules package (Closes: #862813)
parents 003df7dd ba8e2437
......@@ -11,24 +11,56 @@ in AArch64 Linux.
The kernel configures the translation tables so that translations made
via TTBR0 (i.e. userspace mappings) have the top byte (bits 63:56) of
the virtual address ignored by the translation hardware. This frees up
this byte for application use, with the following caveats:
this byte for application use.
(1) The kernel requires that all user addresses passed to EL1
are tagged with tag 0x00. This means that any syscall
parameters containing user virtual addresses *must* have
their top byte cleared before trapping to the kernel.
(2) Non-zero tags are not preserved when delivering signals.
This means that signal handlers in applications making use
of tags cannot rely on the tag information for user virtual
addresses being maintained for fields inside siginfo_t.
One exception to this rule is for signals raised in response
to watchpoint debug exceptions, where the tag information
will be preserved.
Passing tagged addresses to the kernel
--------------------------------------
(3) Special care should be taken when using tagged pointers,
since it is likely that C compilers will not hazard two
virtual addresses differing only in the upper byte.
All interpretation of userspace memory addresses by the kernel assumes
an address tag of 0x00.
This includes, but is not limited to, addresses found in:
- pointer arguments to system calls, including pointers in structures
passed to system calls,
- the stack pointer (sp), e.g. when interpreting it to deliver a
signal,
- the frame pointer (x29) and frame records, e.g. when interpreting
them to generate a backtrace or call graph.
Using non-zero address tags in any of these locations may result in an
error code being returned, a (fatal) signal being raised, or other modes
of failure.
For these reasons, passing non-zero address tags to the kernel via
system calls is forbidden, and using a non-zero address tag for sp is
strongly discouraged.
Programs maintaining a frame pointer and frame records that use non-zero
address tags may suffer impaired or inaccurate debug and profiling
visibility.
Preserving tags
---------------
Non-zero tags are not preserved when delivering signals. This means that
signal handlers in applications making use of tags cannot rely on the
tag information for user virtual addresses being maintained for fields
inside siginfo_t. One exception to this rule is for signals raised in
response to watchpoint debug exceptions, where the tag information will
be preserved.
The architecture prevents the use of a tagged PC, so the upper byte will
be set to a sign-extension of bit 55 on exception return.
Other considerations
--------------------
Special care should be taken when using tagged pointers, since it is
likely that C compilers will not hazard two virtual addresses differing
only in the upper byte.
VERSION = 4
PATCHLEVEL = 9
SUBLEVEL = 25
SUBLEVEL = 30
EXTRAVERSION =
NAME = Roaring Lionus
......
......@@ -1188,8 +1188,10 @@ SYSCALL_DEFINE4(osf_wait4, pid_t, pid, int __user *, ustatus, int, options,
if (!access_ok(VERIFY_WRITE, ur, sizeof(*ur)))
return -EFAULT;
err = 0;
err |= put_user(status, ustatus);
err = put_user(status, ustatus);
if (ret < 0)
return err ? err : ret;
err |= __put_user(r.ru_utime.tv_sec, &ur->ru_utime.tv_sec);
err |= __put_user(r.ru_utime.tv_usec, &ur->ru_utime.tv_usec);
err |= __put_user(r.ru_stime.tv_sec, &ur->ru_stime.tv_sec);
......
......@@ -17,10 +17,11 @@
#include <asm/barrier.h>
#include <asm/smp.h>
#define ATOMIC_INIT(i) { (i) }
#ifndef CONFIG_ARC_PLAT_EZNPS
#define atomic_read(v) READ_ONCE((v)->counter)
#define ATOMIC_INIT(i) { (i) }
#ifdef CONFIG_ARC_HAS_LLSC
......
......@@ -16,6 +16,7 @@
;
; Now manually save: r12, sp, fp, gp, r25
PUSH r30
PUSH r12
; Saving pt_regs->sp correctly requires some extra work due to the way
......@@ -72,6 +73,7 @@
POPAX AUX_USER_SP
1:
POP r12
POP r30
.endm
......
......@@ -84,7 +84,7 @@ struct pt_regs {
unsigned long fp;
unsigned long sp; /* user/kernel sp depending on where we came from */
unsigned long r12;
unsigned long r12, r30;
/*------- Below list auto saved by h/w -----------*/
unsigned long r0, r1, r2, r3, r4, r5, r6, r7, r8, r9, r10, r11;
......
......@@ -162,9 +162,10 @@ spi1: spi@f8008000 {
};
adc0: adc@f8018000 {
atmel,adc-vref = <3300>;
atmel,adc-channels-used = <0xfe>;
pinctrl-0 = <
&pinctrl_adc0_adtrg
&pinctrl_adc0_ad0
&pinctrl_adc0_ad1
&pinctrl_adc0_ad2
&pinctrl_adc0_ad3
......@@ -172,8 +173,6 @@ &pinctrl_adc0_ad4
&pinctrl_adc0_ad5
&pinctrl_adc0_ad6
&pinctrl_adc0_ad7
&pinctrl_adc0_ad8
&pinctrl_adc0_ad9
>;
status = "okay";
};
......
......@@ -55,6 +55,7 @@ memory {
gpio-restart {
compatible = "gpio-restart";
gpios = <&gpioa 15 GPIO_ACTIVE_LOW>;
open-source;
priority = <200>;
};
};
......
......@@ -55,6 +55,7 @@ memory {
gpio-restart {
compatible = "gpio-restart";
gpios = <&gpioa 15 GPIO_ACTIVE_LOW>;
open-source;
priority = <200>;
};
};
......
......@@ -55,6 +55,7 @@ memory {
gpio-restart {
compatible = "gpio-restart";
gpios = <&gpioa 31 GPIO_ACTIVE_LOW>;
open-source;
priority = <200>;
};
};
......
......@@ -55,6 +55,7 @@ memory {
gpio-restart {
compatible = "gpio-restart";
gpios = <&gpioa 15 GPIO_ACTIVE_LOW>;
open-source;
priority = <200>;
};
};
......
......@@ -55,6 +55,7 @@ memory {
gpio-restart {
compatible = "gpio-restart";
gpios = <&gpioa 15 GPIO_ACTIVE_LOW>;
open-source;
priority = <200>;
};
};
......
......@@ -55,6 +55,7 @@ memory {
gpio-restart {
compatible = "gpio-restart";
gpios = <&gpioa 15 GPIO_ACTIVE_LOW>;
open-source;
priority = <200>;
};
};
......
......@@ -55,6 +55,7 @@ memory {
gpio-restart {
compatible = "gpio-restart";
gpios = <&gpioa 15 GPIO_ACTIVE_LOW>;
open-source;
priority = <200>;
};
};
......
......@@ -12,23 +12,6 @@ / {
model = "Freescale i.MX6 SoloX SDB RevB Board";
};
&cpu0 {
operating-points = <
/* kHz uV */
996000 1250000
792000 1175000
396000 1175000
198000 1175000
>;
fsl,soc-operating-points = <
/* ARM kHz SOC uV */
996000 1250000
792000 1175000
396000 1175000
198000 1175000
>;
};
&i2c1 {
clock-frequency = <100000>;
pinctrl-names = "default";
......
......@@ -65,13 +65,13 @@ clocks {
cxo_board {
compatible = "fixed-clock";
#clock-cells = <0>;
clock-frequency = <19200000>;
clock-frequency = <25000000>;
};
pxo_board {
compatible = "fixed-clock";
#clock-cells = <0>;
clock-frequency = <27000000>;
clock-frequency = <25000000>;
};
sleep_clk: sleep_clk {
......
......@@ -167,7 +167,7 @@ port8: port@8 {
reg = <8>;
label = "cpu";
ethernet = <&gmac>;
phy-mode = "rgmii";
phy-mode = "rgmii-txid";
fixed-link {
speed = <1000>;
full-duplex;
......
......@@ -569,6 +569,7 @@ vdd_pnl_reg: regulator@1 {
regulator-name = "+3VS,vdd_pnl";
regulator-min-microvolt = <3300000>;
regulator-max-microvolt = <3300000>;
regulator-boot-on;
gpio = <&gpio TEGRA_GPIO(A, 4) GPIO_ACTIVE_HIGH>;
enable-active-high;
};
......
......@@ -31,7 +31,8 @@ void kvm_register_target_coproc_table(struct kvm_coproc_target_table *table);
int kvm_handle_cp10_id(struct kvm_vcpu *vcpu, struct kvm_run *run);
int kvm_handle_cp_0_13_access(struct kvm_vcpu *vcpu, struct kvm_run *run);
int kvm_handle_cp14_load_store(struct kvm_vcpu *vcpu, struct kvm_run *run);
int kvm_handle_cp14_access(struct kvm_vcpu *vcpu, struct kvm_run *run);
int kvm_handle_cp14_32(struct kvm_vcpu *vcpu, struct kvm_run *run);
int kvm_handle_cp14_64(struct kvm_vcpu *vcpu, struct kvm_run *run);
int kvm_handle_cp15_32(struct kvm_vcpu *vcpu, struct kvm_run *run);
int kvm_handle_cp15_64(struct kvm_vcpu *vcpu, struct kvm_run *run);
......
......@@ -18,13 +18,18 @@ enum {
};
#endif
struct mod_plt_sec {
struct elf32_shdr *plt;
int plt_count;
};
struct mod_arch_specific {
#ifdef CONFIG_ARM_UNWIND
struct unwind_table *unwind[ARM_SEC_MAX];
#endif
#ifdef CONFIG_ARM_MODULE_PLTS
struct elf32_shdr *plt;
int plt_count;
struct mod_plt_sec core;
struct mod_plt_sec init;
#endif
};
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment