Update to 4.17.7
Refresh features/all/aufs4/aufs4-base.patch Drop bugfix/all/fix-up-non-directory-creation-in-sgid-directories.patch Cleanup debian/changelog file
This commit is contained in:
parent
a89fe586a1
commit
edbc7c3c16
|
@ -1,4 +1,75 @@
|
|||
linux (4.17.6-3) UNRELEASED; urgency=medium
|
||||
linux (4.17.7-1) UNRELEASED; urgency=medium
|
||||
|
||||
* New upstream stable update:
|
||||
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.17.7
|
||||
- bpf: reject passing modified ctx to helper functions
|
||||
- [mips*] Call dump_stack() from show_regs()
|
||||
- [mips*] Use async IPIs for arch_trigger_cpumask_backtrace()
|
||||
- [mips*] Fix ioremap() RAM check
|
||||
- [armhf] drm/etnaviv: Check for platform_device_register_simple() failure
|
||||
- [armhf] drm/etnaviv: Fix driver unregistering
|
||||
- [armhf] drm/etnaviv: bring back progress check in job timeout handler
|
||||
- ACPICA: Clear status of all events when entering S5
|
||||
- [armhf] mmc: sdhci-esdhc-imx: allow 1.8V modes without 100/200MHz
|
||||
pinctrl states
|
||||
- [armhf] mmc: dw_mmc: fix card threshold control configuration
|
||||
- [x86] ibmasm: don't write out of bounds in read handler
|
||||
- [arm64,x86] staging: rtl8723bs: Prevent an underflow in
|
||||
rtw_check_beacon_data().
|
||||
- ata: Fix ZBC_OUT command block check
|
||||
- ata: Fix ZBC_OUT all bit handling
|
||||
- [x86] mei: discard messages from not connected client during power down.
|
||||
- mtd: spi-nor: cadence-quadspi: Fix direct mode write timeouts
|
||||
- tracing/kprobe: Release kprobe print_fmt properly
|
||||
- vmw_balloon: fix inflation with batching
|
||||
- ahci: Add Intel Ice Lake LP PCI ID
|
||||
- ahci: Disable LPM on Lenovo 50 series laptops with a too old BIOS
|
||||
- [x86] thunderbolt: Notify userspace when boot_acl is changed
|
||||
- USB: serial: ch341: fix type promotion bug in ch341_control_in()
|
||||
- USB: serial: cp210x: add another USB ID for Qivicon ZigBee stick
|
||||
- USB: serial: keyspan_pda: fix modem-status error handling
|
||||
- USB: yurex: fix out-of-bounds uaccess in read handler
|
||||
- USB: serial: mos7840: fix status-register error handling
|
||||
- usb: quirks: add delay quirks for Corsair Strafe
|
||||
- xhci: xhci-mem: off by one in xhci_stream_id_to_ring()
|
||||
- mm: zero unavailable pages before memmap init
|
||||
- ALSA: hda/realtek - two more lenovo models need fixup of
|
||||
MIC_LOCATION
|
||||
- ALSA: hda - Handle pm failure during hotplug
|
||||
- mm: do not drop unused pages when userfaultd is running
|
||||
- fs/proc/task_mmu.c: fix Locked field in /proc/pid/smaps*
|
||||
- x86/purgatory: add missing FORCE to Makefile target
|
||||
- fs, elf: make sure to page align bss in load_elf_library
|
||||
- mm: do not bug_on on incorrect length in __mm_populate()
|
||||
- tracing: Reorder display of TGID to be after PID
|
||||
- kbuild: delete INSTALL_FW_PATH from kbuild documentation
|
||||
- acpi, nfit: Fix scrub idle detection
|
||||
- [arm64] neon: Fix function may_use_simd() return error status
|
||||
- tools build: fix # escaping in .cmd files for future Make
|
||||
- IB/hfi1: Fix incorrect mixing of ERR_PTR and NULL return values
|
||||
- [arm64,armhf] i2c: tegra: Fix NACK error handling
|
||||
- i2c: recovery: if possible send STOP with recovery pulses
|
||||
- iw_cxgb4: correctly enforce the max reg_mr depth
|
||||
- [x86] xen: remove global bit from __default_kernel_pte_mask for pv
|
||||
guests
|
||||
- [x86] xen: setup pv irq ops vector earlier
|
||||
- bsg: fix bogus EINVAL on non-data commands
|
||||
- [x86] uprobes/x86: Remove incorrect WARN_ON() in uprobe_init_insn()
|
||||
- netfilter: nf_queue: augment nfqa_cfg_policy
|
||||
- crypto: don't optimize keccakf()
|
||||
- netfilter: x_tables: initialise match/target check parameter
|
||||
struct
|
||||
- loop: add recursion validation to LOOP_CHANGE_FD
|
||||
- xfs: fix inobt magic number check
|
||||
- PM / hibernate: Fix oops at snapshot_write()
|
||||
- RDMA/ucm: Mark UCM interface as BROKEN
|
||||
- loop: remember whether sysfs_create_group() was done
|
||||
- [x86] kvm: vmx: Nested VM-entry prereqs for event inj.
|
||||
- f2fs: give message and set need_fsck given broken node id
|
||||
- f2fs: avoid bug_on on corrupted inode
|
||||
- f2fs: sanity check on sit entry
|
||||
- f2fs: sanity check for total valid node blocks
|
||||
- [armhf] dts: armada-38x: use the new thermal binding
|
||||
|
||||
* ext4: fix false negatives *and* false positives in ext4_check_descriptors()
|
||||
(Closes: #903838)
|
||||
|
|
|
@ -1,42 +0,0 @@
|
|||
From: Linus Torvalds <torvalds@linux-foundation.org>
|
||||
Date: Tue, 3 Jul 2018 17:10:19 -0700
|
||||
Subject: Fix up non-directory creation in SGID directories
|
||||
Origin: https://git.kernel.org/linus/0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7
|
||||
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2018-13405
|
||||
|
||||
sgid directories have special semantics, making newly created files in
|
||||
the directory belong to the group of the directory, and newly created
|
||||
subdirectories will also become sgid. This is historically used for
|
||||
group-shared directories.
|
||||
|
||||
But group directories writable by non-group members should not imply
|
||||
that such non-group members can magically join the group, so make sure
|
||||
to clear the sgid bit on non-directories for non-members (but remember
|
||||
that sgid without group execute means "mandatory locking", just to
|
||||
confuse things even more).
|
||||
|
||||
Reported-by: Jann Horn <jannh@google.com>
|
||||
Cc: Andy Lutomirski <luto@kernel.org>
|
||||
Cc: Al Viro <viro@zeniv.linux.org.uk>
|
||||
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
||||
---
|
||||
fs/inode.c | 6 ++++++
|
||||
1 file changed, 6 insertions(+)
|
||||
|
||||
--- a/fs/inode.c
|
||||
+++ b/fs/inode.c
|
||||
@@ -2014,8 +2014,14 @@ void inode_init_owner(struct inode *inod
|
||||
inode->i_uid = current_fsuid();
|
||||
if (dir && dir->i_mode & S_ISGID) {
|
||||
inode->i_gid = dir->i_gid;
|
||||
+
|
||||
+ /* Directories are special, and always inherit S_ISGID */
|
||||
if (S_ISDIR(mode))
|
||||
mode |= S_ISGID;
|
||||
+ else if ((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP) &&
|
||||
+ !in_group_p(inode->i_gid) &&
|
||||
+ !capable_wrt_inode_uidgid(dir, CAP_FSETID))
|
||||
+ mode &= ~S_ISGID;
|
||||
} else
|
||||
inode->i_gid = current_fsgid();
|
||||
inode->i_mode = mode;
|
|
@ -9,8 +9,6 @@ Patch headers added by debian/patches/features/all/aufs4/gen-patch
|
|||
SPDX-License-Identifier: GPL-2.0
|
||||
aufs4.x-rcN base patch
|
||||
|
||||
diff --git a/MAINTAINERS b/MAINTAINERS
|
||||
index 9c125f7..4616bbf 100644
|
||||
--- a/MAINTAINERS
|
||||
+++ b/MAINTAINERS
|
||||
@@ -2519,6 +2519,19 @@ F: include/linux/audit.h
|
||||
|
@ -33,12 +31,10 @@ index 9c125f7..4616bbf 100644
|
|||
AUXILIARY DISPLAY DRIVERS
|
||||
M: Miguel Ojeda Sandonis <miguel.ojeda.sandonis@gmail.com>
|
||||
W: http://miguelojeda.es/auxdisplay.htm
|
||||
diff --git a/drivers/block/loop.c b/drivers/block/loop.c
|
||||
index 55cf554..bc965e5 100644
|
||||
--- a/drivers/block/loop.c
|
||||
+++ b/drivers/block/loop.c
|
||||
@@ -713,6 +713,24 @@ static inline int is_loop_device(struct file *file)
|
||||
return i && S_ISBLK(i->i_mode) && MAJOR(i->i_rdev) == LOOP_MAJOR;
|
||||
@@ -737,6 +737,24 @@ static int loop_change_fd(struct loop_de
|
||||
return error;
|
||||
}
|
||||
|
||||
+/*
|
||||
|
@ -62,8 +58,6 @@ index 55cf554..bc965e5 100644
|
|||
/* loop sysfs attributes */
|
||||
|
||||
static ssize_t loop_attr_show(struct device *dev, char *page,
|
||||
diff --git a/fs/dcache.c b/fs/dcache.c
|
||||
index 2acfc69..ff338e2 100644
|
||||
--- a/fs/dcache.c
|
||||
+++ b/fs/dcache.c
|
||||
@@ -1234,7 +1234,7 @@ enum d_walk_ret {
|
||||
|
@ -75,8 +69,6 @@ index 2acfc69..ff338e2 100644
|
|||
enum d_walk_ret (*enter)(void *, struct dentry *),
|
||||
void (*finish)(void *))
|
||||
{
|
||||
diff --git a/fs/fcntl.c b/fs/fcntl.c
|
||||
index d737ff0..7550799 100644
|
||||
--- a/fs/fcntl.c
|
||||
+++ b/fs/fcntl.c
|
||||
@@ -32,7 +32,7 @@
|
||||
|
@ -88,7 +80,7 @@ index d737ff0..7550799 100644
|
|||
{
|
||||
struct inode * inode = file_inode(filp);
|
||||
int error = 0;
|
||||
@@ -63,6 +63,8 @@ static int setfl(int fd, struct file * filp, unsigned long arg)
|
||||
@@ -63,6 +63,8 @@ static int setfl(int fd, struct file * f
|
||||
|
||||
if (filp->f_op->check_flags)
|
||||
error = filp->f_op->check_flags(arg);
|
||||
|
@ -97,8 +89,6 @@ index d737ff0..7550799 100644
|
|||
if (error)
|
||||
return error;
|
||||
|
||||
diff --git a/fs/inode.c b/fs/inode.c
|
||||
index 3b55391..e0c5255 100644
|
||||
--- a/fs/inode.c
|
||||
+++ b/fs/inode.c
|
||||
@@ -1663,7 +1663,7 @@ EXPORT_SYMBOL(generic_update_time);
|
||||
|
@ -110,11 +100,9 @@ index 3b55391..e0c5255 100644
|
|||
{
|
||||
int (*update_time)(struct inode *, struct timespec *, int);
|
||||
|
||||
diff --git a/fs/namespace.c b/fs/namespace.c
|
||||
index 5f75969..61129ff 100644
|
||||
--- a/fs/namespace.c
|
||||
+++ b/fs/namespace.c
|
||||
@@ -846,6 +846,12 @@ static inline int check_mnt(struct mount *mnt)
|
||||
@@ -846,6 +846,12 @@ static inline int check_mnt(struct mount
|
||||
return mnt->mnt_ns == current->nsproxy->mnt_ns;
|
||||
}
|
||||
|
||||
|
@ -127,11 +115,9 @@ index 5f75969..61129ff 100644
|
|||
/*
|
||||
* vfsmount lock must be held for write
|
||||
*/
|
||||
diff --git a/fs/read_write.c b/fs/read_write.c
|
||||
index c4eabbf..ddd6e67 100644
|
||||
--- a/fs/read_write.c
|
||||
+++ b/fs/read_write.c
|
||||
@@ -489,6 +489,28 @@ ssize_t __vfs_write(struct file *file, const char __user *p, size_t count,
|
||||
@@ -489,6 +489,28 @@ ssize_t __vfs_write(struct file *file, c
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
|
@ -160,8 +146,6 @@ index c4eabbf..ddd6e67 100644
|
|||
ssize_t __kernel_write(struct file *file, const void *buf, size_t count, loff_t *pos)
|
||||
{
|
||||
mm_segment_t old_fs;
|
||||
diff --git a/fs/splice.c b/fs/splice.c
|
||||
index 005d09c..f617ab0 100644
|
||||
--- a/fs/splice.c
|
||||
+++ b/fs/splice.c
|
||||
@@ -837,8 +837,8 @@ EXPORT_SYMBOL(generic_splice_sendpage);
|
||||
|
@ -175,7 +159,7 @@ index 005d09c..f617ab0 100644
|
|||
{
|
||||
ssize_t (*splice_write)(struct pipe_inode_info *, struct file *,
|
||||
loff_t *, size_t, unsigned int);
|
||||
@@ -854,9 +854,9 @@ static long do_splice_from(struct pipe_inode_info *pipe, struct file *out,
|
||||
@@ -854,9 +854,9 @@ static long do_splice_from(struct pipe_i
|
||||
/*
|
||||
* Attempt to initiate a splice from a file to a pipe.
|
||||
*/
|
||||
|
@ -188,8 +172,6 @@ index 005d09c..f617ab0 100644
|
|||
{
|
||||
ssize_t (*splice_read)(struct file *, loff_t *,
|
||||
struct pipe_inode_info *, size_t, unsigned int);
|
||||
diff --git a/fs/sync.c b/fs/sync.c
|
||||
index b54e054..2860782 100644
|
||||
--- a/fs/sync.c
|
||||
+++ b/fs/sync.c
|
||||
@@ -28,7 +28,7 @@
|
||||
|
@ -201,8 +183,6 @@ index b54e054..2860782 100644
|
|||
{
|
||||
if (wait)
|
||||
sync_inodes_sb(sb);
|
||||
diff --git a/include/linux/file.h b/include/linux/file.h
|
||||
index 279720d..76e38ea 100644
|
||||
--- a/include/linux/file.h
|
||||
+++ b/include/linux/file.h
|
||||
@@ -20,6 +20,7 @@ struct dentry;
|
||||
|
@ -213,11 +193,9 @@ index 279720d..76e38ea 100644
|
|||
|
||||
static inline void fput_light(struct file *file, int fput_needed)
|
||||
{
|
||||
diff --git a/include/linux/fs.h b/include/linux/fs.h
|
||||
index 760d8da..09a2542 100644
|
||||
--- a/include/linux/fs.h
|
||||
+++ b/include/linux/fs.h
|
||||
@@ -1270,6 +1270,7 @@ extern void fasync_free(struct fasync_struct *);
|
||||
@@ -1270,6 +1270,7 @@ extern void fasync_free(struct fasync_st
|
||||
/* can be called from interrupts */
|
||||
extern void kill_fasync(struct fasync_struct **, int, int);
|
||||
|
||||
|
@ -233,7 +211,7 @@ index 760d8da..09a2542 100644
|
|||
int (*flock) (struct file *, int, struct file_lock *);
|
||||
ssize_t (*splice_write)(struct pipe_inode_info *, struct file *, loff_t *, size_t, unsigned int);
|
||||
ssize_t (*splice_read)(struct file *, loff_t *, struct pipe_inode_info *, size_t, unsigned int);
|
||||
@@ -1794,6 +1796,12 @@ ssize_t rw_copy_check_uvector(int type, const struct iovec __user * uvector,
|
||||
@@ -1794,6 +1796,12 @@ ssize_t rw_copy_check_uvector(int type,
|
||||
struct iovec *fast_pointer,
|
||||
struct iovec **ret_pointer);
|
||||
|
||||
|
@ -254,7 +232,7 @@ index 760d8da..09a2542 100644
|
|||
|
||||
/* /sys/fs */
|
||||
extern struct kobject *fs_kobj;
|
||||
@@ -2485,6 +2494,7 @@ static inline bool sb_is_blkdev_sb(struct super_block *sb)
|
||||
@@ -2485,6 +2494,7 @@ static inline bool sb_is_blkdev_sb(struc
|
||||
return false;
|
||||
}
|
||||
#endif
|
||||
|
@ -262,11 +240,9 @@ index 760d8da..09a2542 100644
|
|||
extern int sync_filesystem(struct super_block *);
|
||||
extern const struct file_operations def_blk_fops;
|
||||
extern const struct file_operations def_chr_fops;
|
||||
diff --git a/include/linux/lockdep.h b/include/linux/lockdep.h
|
||||
index 6fc77d4..27e76f0 100644
|
||||
--- a/include/linux/lockdep.h
|
||||
+++ b/include/linux/lockdep.h
|
||||
@@ -313,6 +313,8 @@ static inline int lockdep_match_key(struct lockdep_map *lock,
|
||||
@@ -313,6 +313,8 @@ static inline int lockdep_match_key(stru
|
||||
return lock->key == key;
|
||||
}
|
||||
|
||||
|
@ -283,8 +259,6 @@ index 6fc77d4..27e76f0 100644
|
|||
#define lockdep_is_held_type(l, r) (1)
|
||||
|
||||
#define lockdep_assert_held(l) do { (void)(l); } while (0)
|
||||
diff --git a/include/linux/mnt_namespace.h b/include/linux/mnt_namespace.h
|
||||
index 3594208..24f5fd1 100644
|
||||
--- a/include/linux/mnt_namespace.h
|
||||
+++ b/include/linux/mnt_namespace.h
|
||||
@@ -6,11 +6,14 @@
|
||||
|
@ -302,11 +276,9 @@ index 3594208..24f5fd1 100644
|
|||
extern const struct file_operations proc_mounts_operations;
|
||||
extern const struct file_operations proc_mountinfo_operations;
|
||||
extern const struct file_operations proc_mountstats_operations;
|
||||
diff --git a/include/linux/splice.h b/include/linux/splice.h
|
||||
index 74b4911..19789fb 100644
|
||||
--- a/include/linux/splice.h
|
||||
+++ b/include/linux/splice.h
|
||||
@@ -87,4 +87,10 @@ extern void splice_shrink_spd(struct splice_pipe_desc *);
|
||||
@@ -87,4 +87,10 @@ extern void splice_shrink_spd(struct spl
|
||||
|
||||
extern const struct pipe_buf_operations page_cache_pipe_buf_ops;
|
||||
extern const struct pipe_buf_operations default_pipe_buf_ops;
|
||||
|
@ -317,11 +289,9 @@ index 74b4911..19789fb 100644
|
|||
+ struct pipe_inode_info *pipe, size_t len,
|
||||
+ unsigned int flags);
|
||||
#endif
|
||||
diff --git a/kernel/locking/lockdep.c b/kernel/locking/lockdep.c
|
||||
index 0233863..06e0d7a 100644
|
||||
--- a/kernel/locking/lockdep.c
|
||||
+++ b/kernel/locking/lockdep.c
|
||||
@@ -140,7 +140,7 @@ static struct lock_list list_entries[MAX_LOCKDEP_ENTRIES];
|
||||
@@ -140,7 +140,7 @@ static struct lock_list list_entries[MAX
|
||||
unsigned long nr_lock_classes;
|
||||
static struct lock_class lock_classes[MAX_LOCKDEP_KEYS];
|
||||
|
||||
|
@ -330,7 +300,7 @@ index 0233863..06e0d7a 100644
|
|||
{
|
||||
if (!hlock->class_idx) {
|
||||
/*
|
||||
@@ -151,6 +151,7 @@ static inline struct lock_class *hlock_class(struct held_lock *hlock)
|
||||
@@ -151,6 +151,7 @@ static inline struct lock_class *hlock_c
|
||||
}
|
||||
return lock_classes + hlock->class_idx - 1;
|
||||
}
|
||||
|
|
|
@ -138,7 +138,6 @@ features/all/lockdown/arm64-add-kernel-config-option-to-lock-down-when.patch
|
|||
# Security fixes
|
||||
debian/i386-686-pae-pci-set-pci-nobios-by-default.patch
|
||||
bugfix/all/jfs-fix-inconsistency-between-memory-allocation-and-.patch
|
||||
bugfix/all/fix-up-non-directory-creation-in-sgid-directories.patch
|
||||
bugfix/all/ext4-fix-false-negatives-and-false-positives-in-ext4.patch
|
||||
|
||||
# Fix exported symbol versions
|
||||
|
|
Loading…
Reference in New Issue