Date: Thursday, May 8, 2014 @ 04:17:31 Author: thestinger Revision: 110822
upgpkg: linux-grsec 3.14.3.201405071928-1 Modified: linux-grsec/trunk/PKGBUILD linux-grsec/trunk/config linux-grsec/trunk/config.x86_64 Deleted: linux-grsec/trunk/0007-x86-efi-Correct-EFI-boot-stub-use-of-code32_start.patch linux-grsec/trunk/0008-futex-avoid-race-between-requeue-and-wake.patch linux-grsec/trunk/0009-iwlwifi-mvm-rs-fix-search-cycle-rules.patch --------------------------------------------------------------+ 0007-x86-efi-Correct-EFI-boot-stub-use-of-code32_start.patch | 110 -------- 0008-futex-avoid-race-between-requeue-and-wake.patch | 94 ------- 0009-iwlwifi-mvm-rs-fix-search-cycle-rules.patch | 125 ---------- PKGBUILD | 53 +--- config | 2 config.x86_64 | 2 6 files changed, 25 insertions(+), 361 deletions(-) Deleted: 0007-x86-efi-Correct-EFI-boot-stub-use-of-code32_start.patch =================================================================== --- 0007-x86-efi-Correct-EFI-boot-stub-use-of-code32_start.patch 2014-05-07 23:03:49 UTC (rev 110821) +++ 0007-x86-efi-Correct-EFI-boot-stub-use-of-code32_start.patch 2014-05-08 02:17:31 UTC (rev 110822) @@ -1,110 +0,0 @@ -From 720a9dbf61c88bd57d6f8198ed8ccb2bd4a6abd8 Mon Sep 17 00:00:00 2001 -From: Matt Fleming <m...@console-pimps.org> -Date: Wed, 9 Apr 2014 10:33:49 +0200 -Subject: [PATCH 07/10] x86/efi: Correct EFI boot stub use of code32_start -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -code32_start should point at the start of the protected mode code, and -*not* at the beginning of the bzImage. This is much easier to do in -assembly so document that callers of make_boot_params() need to fill out -code32_start. - -The fallout from this bug is that we would end up relocating the image -but copying the image at some offset, resulting in what appeared to be -memory corruption. - -Reported-by: Thomas Bächler <tho...@archlinux.org> -Signed-off-by: Matt Fleming <matt.flem...@intel.com> ---- - arch/x86/boot/compressed/eboot.c | 5 +++-- - arch/x86/boot/compressed/head_32.S | 14 ++++++++------ - arch/x86/boot/compressed/head_64.S | 9 +++------ - 3 files changed, 14 insertions(+), 14 deletions(-) - -diff --git a/arch/x86/boot/compressed/eboot.c b/arch/x86/boot/compressed/eboot.c -index a7677ba..78cbb2d 100644 ---- a/arch/x86/boot/compressed/eboot.c -+++ b/arch/x86/boot/compressed/eboot.c -@@ -425,6 +425,9 @@ void setup_graphics(struct boot_params *boot_params) - * Because the x86 boot code expects to be passed a boot_params we - * need to create one ourselves (usually the bootloader would create - * one for us). -+ * -+ * The caller is responsible for filling out ->code32_start in the -+ * returned boot_params. - */ - struct boot_params *make_boot_params(void *handle, efi_system_table_t *_table) - { -@@ -483,8 +486,6 @@ struct boot_params *make_boot_params(void *handle, efi_system_table_t *_table) - hdr->vid_mode = 0xffff; - hdr->boot_flag = 0xAA55; - -- hdr->code32_start = (__u64)(unsigned long)image->image_base; -- - hdr->type_of_loader = 0x21; - - /* Convert unicode cmdline to ascii */ -diff --git a/arch/x86/boot/compressed/head_32.S b/arch/x86/boot/compressed/head_32.S -index 9116aac..f45ab7a 100644 ---- a/arch/x86/boot/compressed/head_32.S -+++ b/arch/x86/boot/compressed/head_32.S -@@ -50,6 +50,13 @@ ENTRY(efi_pe_entry) - pushl %eax - pushl %esi - pushl %ecx -+ -+ call reloc -+reloc: -+ popl %ecx -+ subl reloc, %ecx -+ movl %ecx, BP_code32_start(%eax) -+ - sub $0x4, %esp - - ENTRY(efi_stub_entry) -@@ -63,12 +70,7 @@ ENTRY(efi_stub_entry) - hlt - jmp 1b - 2: -- call 3f --3: -- popl %eax -- subl $3b, %eax -- subl BP_pref_address(%esi), %eax -- add BP_code32_start(%esi), %eax -+ movl BP_code32_start(%esi), %eax - leal preferred_addr(%eax), %eax - jmp *%eax - -diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S -index c5c1ae0..b10fa66 100644 ---- a/arch/x86/boot/compressed/head_64.S -+++ b/arch/x86/boot/compressed/head_64.S -@@ -217,6 +217,8 @@ ENTRY(efi_pe_entry) - cmpq $0,%rax - je 1f - mov %rax, %rdx -+ leaq startup_32(%rip), %rax -+ movl %eax, BP_code32_start(%rdx) - popq %rsi - popq %rdi - -@@ -230,12 +232,7 @@ ENTRY(efi_stub_entry) - hlt - jmp 1b - 2: -- call 3f --3: -- popq %rax -- subq $3b, %rax -- subq BP_pref_address(%rsi), %rax -- add BP_code32_start(%esi), %eax -+ movl BP_code32_start(%esi), %eax - leaq preferred_addr(%rax), %rax - jmp *%rax - --- -1.9.2 - Deleted: 0008-futex-avoid-race-between-requeue-and-wake.patch =================================================================== --- 0008-futex-avoid-race-between-requeue-and-wake.patch 2014-05-07 23:03:49 UTC (rev 110821) +++ 0008-futex-avoid-race-between-requeue-and-wake.patch 2014-05-08 02:17:31 UTC (rev 110822) @@ -1,94 +0,0 @@ -From aafcd8f8692fb9e389608c1efad2e57c0bbb9362 Mon Sep 17 00:00:00 2001 -From: Linus Torvalds <torva...@linux-foundation.org> -Date: Tue, 8 Apr 2014 15:30:07 -0700 -Subject: [PATCH 08/10] futex: avoid race between requeue and wake - -commit 69cd9eba38867a493a043bb13eb9b33cad5f1a9a upstream. - -Jan Stancek reported: - "pthread_cond_broadcast/4-1.c testcase from openposix testsuite (LTP) - occasionally fails, because some threads fail to wake up. - - Testcase creates 5 threads, which are all waiting on same condition. - Main thread then calls pthread_cond_broadcast() without holding mutex, - which calls: - - futex(uaddr1, FUTEX_CMP_REQUEUE_PRIVATE, 1, 2147483647, uaddr2, ..) - - This immediately wakes up single thread A, which unlocks mutex and - tries to wake up another thread: - - futex(uaddr2, FUTEX_WAKE_PRIVATE, 1) - - If thread A manages to call futex_wake() before any waiters are - requeued for uaddr2, no other thread is woken up" - -The ordering constraints for the hash bucket waiter counting are that -the waiter counts have to be incremented _before_ getting the spinlock -(because the spinlock acts as part of the memory barrier), but the -"requeue" operation didn't honor those rules, and nobody had even -thought about that case. - -This fairly simple patch just increments the waiter count for the target -hash bucket (hb2) when requeing a futex before taking the locks. It -then decrements them again after releasing the lock - the code that -actually moves the futex(es) between hash buckets will do the additional -required waiter count housekeeping. - -Reported-and-tested-by: Jan Stancek <jstan...@redhat.com> -Acked-by: Davidlohr Bueso <davidl...@hp.com> -Cc: Peter Zijlstra <pet...@infradead.org> -Cc: Thomas Gleixner <t...@linutronix.de> -Signed-off-by: Linus Torvalds <torva...@linux-foundation.org> -Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org> ---- - kernel/futex.c | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/kernel/futex.c b/kernel/futex.c -index 08ec814..16b1f2c 100644 ---- a/kernel/futex.c -+++ b/kernel/futex.c -@@ -1450,6 +1450,7 @@ retry: - hb2 = hash_futex(&key2); - - retry_private: -+ hb_waiters_inc(hb2); - double_lock_hb(hb1, hb2); - - if (likely(cmpval != NULL)) { -@@ -1459,6 +1460,7 @@ retry_private: - - if (unlikely(ret)) { - double_unlock_hb(hb1, hb2); -+ hb_waiters_dec(hb2); - - ret = get_user(curval, uaddr1); - if (ret) -@@ -1508,6 +1510,7 @@ retry_private: - break; - case -EFAULT: - double_unlock_hb(hb1, hb2); -+ hb_waiters_dec(hb2); - put_futex_key(&key2); - put_futex_key(&key1); - ret = fault_in_user_writeable(uaddr2); -@@ -1517,6 +1520,7 @@ retry_private: - case -EAGAIN: - /* The owner was exiting, try again. */ - double_unlock_hb(hb1, hb2); -+ hb_waiters_dec(hb2); - put_futex_key(&key2); - put_futex_key(&key1); - cond_resched(); -@@ -1592,6 +1596,7 @@ retry_private: - - out_unlock: - double_unlock_hb(hb1, hb2); -+ hb_waiters_dec(hb2); - - /* - * drop_futex_key_refs() must be called outside the spinlocks. During --- -1.9.2 - Deleted: 0009-iwlwifi-mvm-rs-fix-search-cycle-rules.patch =================================================================== --- 0009-iwlwifi-mvm-rs-fix-search-cycle-rules.patch 2014-05-07 23:03:49 UTC (rev 110821) +++ 0009-iwlwifi-mvm-rs-fix-search-cycle-rules.patch 2014-05-08 02:17:31 UTC (rev 110822) @@ -1,125 +0,0 @@ -From 06af061dd673d749d5516bea41e2becb034e00b8 Mon Sep 17 00:00:00 2001 -From: Eyal Shapira <e...@wizery.com> -Date: Sun, 16 Mar 2014 05:23:21 +0200 -Subject: [PATCH 09/10] iwlwifi: mvm: rs: fix search cycle rules - -commit 8930b05090acd321b1fc7c642528c697cb105c42 upstream. - -We should explore all possible columns when searching to be -as resilient as possible to changing conditions. This fixes -for example a scenario where even after a sudden creation of -rssi difference between the 2 antennas we would keep doing MIMO -at a low rate instead of switching to SISO at a higher rate using -the better antenna which was the optimal configuration. - -Signed-off-by: Eyal Shapira <eyalx.shap...@intel.com> -Signed-off-by: Emmanuel Grumbach <emmanuel.grumb...@intel.com> -Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org> ---- - drivers/net/wireless/iwlwifi/mvm/rs.c | 36 +++++++++++++++++------------------ - 1 file changed, 18 insertions(+), 18 deletions(-) - -diff --git a/drivers/net/wireless/iwlwifi/mvm/rs.c b/drivers/net/wireless/iwlwifi/mvm/rs.c -index 6abf74e..5bc8715 100644 ---- a/drivers/net/wireless/iwlwifi/mvm/rs.c -+++ b/drivers/net/wireless/iwlwifi/mvm/rs.c -@@ -211,9 +211,9 @@ static const struct rs_tx_column rs_tx_columns[] = { - .next_columns = { - RS_COLUMN_LEGACY_ANT_B, - RS_COLUMN_SISO_ANT_A, -+ RS_COLUMN_SISO_ANT_B, - RS_COLUMN_MIMO2, -- RS_COLUMN_INVALID, -- RS_COLUMN_INVALID, -+ RS_COLUMN_MIMO2_SGI, - }, - }, - [RS_COLUMN_LEGACY_ANT_B] = { -@@ -221,10 +221,10 @@ static const struct rs_tx_column rs_tx_columns[] = { - .ant = ANT_B, - .next_columns = { - RS_COLUMN_LEGACY_ANT_A, -+ RS_COLUMN_SISO_ANT_A, - RS_COLUMN_SISO_ANT_B, - RS_COLUMN_MIMO2, -- RS_COLUMN_INVALID, -- RS_COLUMN_INVALID, -+ RS_COLUMN_MIMO2_SGI, - }, - }, - [RS_COLUMN_SISO_ANT_A] = { -@@ -234,8 +234,8 @@ static const struct rs_tx_column rs_tx_columns[] = { - RS_COLUMN_SISO_ANT_B, - RS_COLUMN_MIMO2, - RS_COLUMN_SISO_ANT_A_SGI, -- RS_COLUMN_INVALID, -- RS_COLUMN_INVALID, -+ RS_COLUMN_SISO_ANT_B_SGI, -+ RS_COLUMN_MIMO2_SGI, - }, - .checks = { - rs_siso_allow, -@@ -248,8 +248,8 @@ static const struct rs_tx_column rs_tx_columns[] = { - RS_COLUMN_SISO_ANT_A, - RS_COLUMN_MIMO2, - RS_COLUMN_SISO_ANT_B_SGI, -- RS_COLUMN_INVALID, -- RS_COLUMN_INVALID, -+ RS_COLUMN_SISO_ANT_A_SGI, -+ RS_COLUMN_MIMO2_SGI, - }, - .checks = { - rs_siso_allow, -@@ -263,8 +263,8 @@ static const struct rs_tx_column rs_tx_columns[] = { - RS_COLUMN_SISO_ANT_B_SGI, - RS_COLUMN_MIMO2_SGI, - RS_COLUMN_SISO_ANT_A, -- RS_COLUMN_INVALID, -- RS_COLUMN_INVALID, -+ RS_COLUMN_SISO_ANT_B, -+ RS_COLUMN_MIMO2, - }, - .checks = { - rs_siso_allow, -@@ -279,8 +279,8 @@ static const struct rs_tx_column rs_tx_columns[] = { - RS_COLUMN_SISO_ANT_A_SGI, - RS_COLUMN_MIMO2_SGI, - RS_COLUMN_SISO_ANT_B, -- RS_COLUMN_INVALID, -- RS_COLUMN_INVALID, -+ RS_COLUMN_SISO_ANT_A, -+ RS_COLUMN_MIMO2, - }, - .checks = { - rs_siso_allow, -@@ -292,10 +292,10 @@ static const struct rs_tx_column rs_tx_columns[] = { - .ant = ANT_AB, - .next_columns = { - RS_COLUMN_SISO_ANT_A, -+ RS_COLUMN_SISO_ANT_B, -+ RS_COLUMN_SISO_ANT_A_SGI, -+ RS_COLUMN_SISO_ANT_B_SGI, - RS_COLUMN_MIMO2_SGI, -- RS_COLUMN_INVALID, -- RS_COLUMN_INVALID, -- RS_COLUMN_INVALID, - }, - .checks = { - rs_mimo_allow, -@@ -307,10 +307,10 @@ static const struct rs_tx_column rs_tx_columns[] = { - .sgi = true, - .next_columns = { - RS_COLUMN_SISO_ANT_A_SGI, -+ RS_COLUMN_SISO_ANT_B_SGI, -+ RS_COLUMN_SISO_ANT_A, -+ RS_COLUMN_SISO_ANT_B, - RS_COLUMN_MIMO2, -- RS_COLUMN_INVALID, -- RS_COLUMN_INVALID, -- RS_COLUMN_INVALID, - }, - .checks = { - rs_mimo_allow, --- -1.9.2 - Modified: PKGBUILD =================================================================== --- PKGBUILD 2014-05-07 23:03:49 UTC (rev 110821) +++ PKGBUILD 2014-05-08 02:17:31 UTC (rev 110822) @@ -6,9 +6,9 @@ pkgbase=linux-grsec _srcname=linux-3.14 -_pkgver=3.14.2 +_pkgver=3.14.3 _grsecver=3.0 -_timestamp=201405051841 +_timestamp=201405071928 _grsec_patch="grsecurity-$_grsecver-$_pkgver-$_timestamp.patch" pkgver=$_pkgver.$_timestamp pkgrel=1 @@ -32,7 +32,6 @@ '0004-fs-Don-t-return-0-from-get_anon_bdev.patch' '0005-Revert-Bluetooth-Enable-autosuspend-for-Intel-Blueto.patch' '0006-genksyms-fix-typeof-handling.patch' - '0007-x86-efi-Correct-EFI-boot-stub-use-of-code32_start.patch' '0010-iwlwifi-mvm-delay-enabling-smart-FIFO-until-after-be.patch' '0011-kernfs-fix-removed-error-check.patch' '0012-fix-saa7134.patch' @@ -41,28 +40,27 @@ '0015-fix-xsdt-validation.patch' sysctl.conf ) -md5sums=('b621207b3f6ecbb67db18b13258f8ea8' - 'f2239bf772d1b6e1c26cb03f6e056959' - '886c74ae6a77a7c380f14226fc5f4058' - 'SKIP' - 'bdc21c0e7072b0ce9a0f80140c8f759b' - 'e2ed1a476239147e7e09900bc6e5a3bc' - '2f4e8da2611ce693f5f77806a0ffb858' - '98beb36f9b8cf16e58de2483ea9985e3' - '6839ddec74a5300beff1709a81b0e4f3' - '706549e8a05f33f7fc697f28c0ca71d2' - 'd23fc66be93ebce698bd7da844789de1' - 'b240cc8ebb4b5d74e94b4c72d033f726' - 'a89d593774ccb955eb8368d3bc87ce26' - '16a161979f846b049e90daea907c35dd' - '00727251b0d337a25d3ca392218afdf4' - '353b553d69da810ef954618aca60e1e2' - 'b3f98eba6322463ed6644784c56893be' - '4f547d79fa1b2bb855dc2996be2a515e' - '21d25aef69f9da33c6087b7ffd97783e' - 'de37a66f5ebcccbc13208515ccc081cb' - '278417ab07b6f5fe8e3e0ed656f35f3e' - '7a052645280da78a98bfe8cf805ddab5') +sha256sums=('61558aa490855f42b6340d1a1596be47454909629327c49a5e4e10268065dffa' + 'a26a25739c50d639174698ae498530205b55e5a2b11f8c33ab92a8581bc83fbd' + 'ca5bd99e3ee12836e2442c096fa2af7fdf9f75f750a471a0c0e981b08abdd330' + 'SKIP' + '0e6a04892aa95405a146b00da583d324dd1513edcd5164edec74132b05b8c791' + '0303b94b397339e545370750dd6e0f6bfc1d5ef45801d9acf5ef7510753b01c9' + 'ca7e718375b3790888756cc0a64a7500cd57dddb9bf7e10a0df22c860d91f74d' + 'faced4eb4c47c4eb1a9ee8a5bf8a7c4b49d6b4d78efbe426e410730e6267d182' + '6d72e14552df59e6310f16c176806c408355951724cd5b48a47bf01591b8be02' + '52dec83a8805a8642d74d764494acda863e0aa23e3d249e80d4b457e20a3fd29' + '65d58f63215ee3c5f9c4fc6bce36fc5311a6c7dbdbe1ad29de40647b47ff9c0d' + '1e1ae0f31f722e80da083ecada1f1be57f9ddad133941820c4483b0240e494c1' + '3fffb01cf97a5a7ab9601cb277d2468c0fb1e1cceba4225915f3ffae3a5694ec' + 'cf2e7a2d00787f754028e7459688c2755a406e632ce48b60952fa4ff7ed6f4b7' + 'c0af4622f75c89fef62183e18b7d49998228d4eaa906c6accaf4aa4ff0134f85' + '04f44bf5c181d6dc31905937c1bdccb0f5aecaad3a579e99b302502b9cbe0f7a' + '79359454c9d8446eb55add2b1cdbf8332bd67dafb01fefb5b1ca090225f64d18' + 'f2a5e22c1ba6e9b8a32a7bd4a5327ee95538aa10edcee3cd12578f8ff49bf6be' + 'ff9df6746d7cbfe858d5b4bce932951c26414a7635cb5c26cd8d5c97df36a2a1' + '384dd13fd4248fd6809da8c6ae29ced55d4a5cacc33ac2ae7522093ec0fb26d4' + 'a37823f0cdf3f318ec3f486f6e4035a7a8f887522d3a563d4dfe155f143ba24f') _kernelname=${pkgbase#linux} @@ -100,11 +98,6 @@ # http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dc53324060f324e8af6867f57bf4891c13c6ef18 patch -p1 -i "${srcdir}/0006-genksyms-fix-typeof-handling.patch" - # Fix the use of code32_start in the EFI boot stub - # http://permalink.gmane.org/gmane.linux.kernel/1679881 - # https://git.kernel.org/cgit/linux/kernel/git/mfleming/efi.git/commit/?h=urgent&id=7e8213c1f3acc064aef37813a39f13cbfe7c3ce7 - patch -p1 -i "${srcdir}/0007-x86-efi-Correct-EFI-boot-stub-use-of-code32_start.patch" - # https://git.kernel.org/cgit/linux/kernel/git/iwlwifi/iwlwifi-fixes.git/commit/?id=12f853a89e29f50b17698e17e73c328a35f1498d # FS#39815 patch -p1 -i "${srcdir}/0010-iwlwifi-mvm-delay-enabling-smart-FIFO-until-after-be.patch" Modified: config =================================================================== --- config 2014-05-07 23:03:49 UTC (rev 110821) +++ config 2014-05-08 02:17:31 UTC (rev 110822) @@ -1666,7 +1666,7 @@ # CONFIG_BLK_DEV_UMEM is not set # CONFIG_BLK_DEV_COW_COMMON is not set CONFIG_BLK_DEV_LOOP=m -CONFIG_BLK_DEV_LOOP_MIN_COUNT=8 +CONFIG_BLK_DEV_LOOP_MIN_COUNT=0 CONFIG_BLK_DEV_CRYPTOLOOP=m CONFIG_BLK_DEV_DRBD=m # CONFIG_DRBD_FAULT_INJECTION is not set Modified: config.x86_64 =================================================================== --- config.x86_64 2014-05-07 23:03:49 UTC (rev 110821) +++ config.x86_64 2014-05-08 02:17:31 UTC (rev 110822) @@ -1631,7 +1631,7 @@ # CONFIG_BLK_DEV_UMEM is not set # CONFIG_BLK_DEV_COW_COMMON is not set CONFIG_BLK_DEV_LOOP=m -CONFIG_BLK_DEV_LOOP_MIN_COUNT=8 +CONFIG_BLK_DEV_LOOP_MIN_COUNT=0 CONFIG_BLK_DEV_CRYPTOLOOP=m CONFIG_BLK_DEV_DRBD=m # CONFIG_DRBD_FAULT_INJECTION is not set