Hello community,

here is the log from the commit of package kernel-source for openSUSE:Factory 
checked in at 2018-04-16 12:44:15
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/kernel-source (Old)
 and      /work/SRC/openSUSE:Factory/.kernel-source.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "kernel-source"

Mon Apr 16 12:44:15 2018 rev:420 rq:595988 version:4.16.2

Changes:
--------
--- /work/SRC/openSUSE:Factory/kernel-source/dtb-aarch64.changes        
2018-04-11 13:48:46.179492413 +0200
+++ /work/SRC/openSUSE:Factory/.kernel-source.new/dtb-aarch64.changes   
2018-04-16 12:44:23.999129656 +0200
@@ -1,0 +2,56 @@
+Thu Apr 12 14:50:41 CEST 2018 - jsl...@suse.cz
+
+- Linux 4.16.2 (bnc#1012628).
+- nfp: use full 40 bits of the NSP buffer address (bnc#1012628).
+- net_sched: fix a missing idr_remove() in u32_delete_key()
+  (bnc#1012628).
+- vti6: better validate user provided tunnel names (bnc#1012628).
+- ip6_tunnel: better validate user provided tunnel names
+  (bnc#1012628).
+- ip6_gre: better validate user provided tunnel names
+  (bnc#1012628).
+- ipv6: sit: better validate user provided tunnel names
+  (bnc#1012628).
+- ip_tunnel: better validate user provided tunnel names
+  (bnc#1012628).
+- net: fool proof dev_valid_name() (bnc#1012628).
+- vlan: also check phy_driver ts_info for vlan's real device
+  (bnc#1012628).
+- sky2: Increase D3 delay to sky2 stops working after suspend
+  (bnc#1012628).
+- sctp: sctp_sockaddr_af must check minimal addr length for
+  AF_INET6 (bnc#1012628).
+- sctp: do not leak kernel memory to user space (bnc#1012628).
+- pptp: remove a buggy dst release in pptp_connect()
+  (bnc#1012628).
+- net/sched: fix NULL dereference in the error path of
+  tcf_bpf_init() (bnc#1012628).
+- net/ipv6: Increment OUTxxx counters after netfilter hook
+  (bnc#1012628).
+- net: dsa: Discard frames from unused ports (bnc#1012628).
+- arp: fix arp_filter on l3slave devices (bnc#1012628).
+- sparc64: Oracle DAX driver depends on SPARC64 (bnc#1012628).
+- commit 8ea896b
+
+-------------------------------------------------------------------
+Wed Apr 11 11:59:12 CEST 2018 - jsl...@suse.cz
+
+- Update config files.
+  s390x/vanilla fails to build without this.
+- commit e8d83e8
+
+-------------------------------------------------------------------
+Tue Apr 10 20:01:19 CEST 2018 - ti...@suse.de
+
+- swiotlb: Fix unexpected swiotlb_alloc_coherent() failures
+  (bsc#1088658, bsc#1088902).
+- commit 096b538
+
+-------------------------------------------------------------------
+Mon Apr  9 12:28:40 CEST 2018 - ti...@suse.de
+
+- media: v4l2-core: fix size of devnode_nums[] bitarray
+  (bsc#1088640).
+- commit 6fcb3b5
+
+-------------------------------------------------------------------
@@ -60,0 +117,6 @@
+
+-------------------------------------------------------------------
+Thu Apr  5 00:15:45 CEST 2018 - rgold...@suse.com
+
+- apparmor: Check all profiles attached to the label (bsc#1085996).
+- commit b249c9e
dtb-armv6l.changes: same change
dtb-armv7l.changes: same change
kernel-64kb.changes: same change
kernel-debug.changes: same change
kernel-default.changes: same change
kernel-docs.changes: same change
kernel-kvmsmall.changes: same change
kernel-lpae.changes: same change
kernel-obs-build.changes: same change
kernel-obs-qa.changes: same change
kernel-pae.changes: same change
kernel-source.changes: same change
kernel-syms.changes: same change
kernel-syzkaller.changes: same change
kernel-vanilla.changes: same change
kernel-zfcpdump.changes: same change

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ dtb-aarch64.spec ++++++
--- /var/tmp/diff_new_pack.1MxGCr/_old  2018-04-16 12:45:10.045454255 +0200
+++ /var/tmp/diff_new_pack.1MxGCr/_new  2018-04-16 12:45:10.049454110 +0200
@@ -17,7 +17,7 @@
 
 
 %define srcversion 4.16
-%define patchversion 4.16.1
+%define patchversion 4.16.2
 %define variant %{nil}
 
 %include %_sourcedir/kernel-spec-macros
@@ -29,9 +29,9 @@
 %(chmod +x 
%_sourcedir/{guards,apply-patches,check-for-config-changes,group-source-files.pl,split-modules,modversions,kabi.pl,mkspec,compute-PATCHVERSION.sh,arch-symbols,log.sh,try-disable-staging-driver,compress-vmlinux.sh,mkspec-dtb,check-module-license})
 
 Name:           dtb-aarch64
-Version:        4.16.1
+Version:        4.16.2
 %if 0%{?is_kotd}
-Release:        <RELEASE>.gfc6541a
+Release:        <RELEASE>.g7b2d22b
 %else
 Release:        0
 %endif

dtb-armv6l.spec: same change
dtb-armv7l.spec: same change
++++++ kernel-64kb.spec ++++++
--- /var/tmp/diff_new_pack.1MxGCr/_old  2018-04-16 12:45:10.121451490 +0200
+++ /var/tmp/diff_new_pack.1MxGCr/_new  2018-04-16 12:45:10.125451344 +0200
@@ -18,7 +18,7 @@
 
 
 %define srcversion 4.16
-%define patchversion 4.16.1
+%define patchversion 4.16.2
 %define variant %{nil}
 %define vanilla_only 0
 
@@ -58,9 +58,9 @@
 Summary:        Kernel with 64kb PAGE_SIZE
 License:        GPL-2.0
 Group:          System/Kernel
-Version:        4.16.1
+Version:        4.16.2
 %if 0%{?is_kotd}
-Release:        <RELEASE>.gfc6541a
+Release:        <RELEASE>.g7b2d22b
 %else
 Release:        0
 %endif
@@ -164,10 +164,10 @@
 Conflicts:      libc.so.6()(64bit)
 %endif
 Provides:       kernel = %version-%source_rel
-Provides:       kernel-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
-Provides:       kernel-%build_flavor-base-srchash = 
fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides:       kernel-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
+Provides:       kernel-%build_flavor-base-srchash = 
7b2d22b118d1ce275f762e1458e957a45ff84018
 # END COMMON DEPS
-Provides:       %name-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides:       %name-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
 %obsolete_rebuilds %name
 Source0:        
http://www.kernel.org/pub/linux/kernel/v4.x/linux-%srcversion.tar.xz
 Source2:        source-post.sh
@@ -1055,8 +1055,8 @@
 Conflicts:      libc.so.6()(64bit)
 %endif
 Provides:       kernel = %version-%source_rel
-Provides:       kernel-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
-Provides:       kernel-%build_flavor-base-srchash = 
fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides:       kernel-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
+Provides:       kernel-%build_flavor-base-srchash = 
7b2d22b118d1ce275f762e1458e957a45ff84018
 
 %obsolete_rebuilds %name-base
 %ifarch %ix86

++++++ kernel-debug.spec ++++++
--- /var/tmp/diff_new_pack.1MxGCr/_old  2018-04-16 12:45:10.149450471 +0200
+++ /var/tmp/diff_new_pack.1MxGCr/_new  2018-04-16 12:45:10.153450326 +0200
@@ -18,7 +18,7 @@
 
 
 %define srcversion 4.16
-%define patchversion 4.16.1
+%define patchversion 4.16.2
 %define variant %{nil}
 %define vanilla_only 0
 
@@ -58,9 +58,9 @@
 Summary:        A Debug Version of the Kernel
 License:        GPL-2.0
 Group:          System/Kernel
-Version:        4.16.1
+Version:        4.16.2
 %if 0%{?is_kotd}
-Release:        <RELEASE>.gfc6541a
+Release:        <RELEASE>.g7b2d22b
 %else
 Release:        0
 %endif
@@ -164,10 +164,10 @@
 Conflicts:      libc.so.6()(64bit)
 %endif
 Provides:       kernel = %version-%source_rel
-Provides:       kernel-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
-Provides:       kernel-%build_flavor-base-srchash = 
fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides:       kernel-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
+Provides:       kernel-%build_flavor-base-srchash = 
7b2d22b118d1ce275f762e1458e957a45ff84018
 # END COMMON DEPS
-Provides:       %name-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides:       %name-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
 %ifarch ppc64
 Provides:       kernel-kdump = 2.6.28
 Obsoletes:      kernel-kdump <= 2.6.28
@@ -1061,8 +1061,8 @@
 Conflicts:      libc.so.6()(64bit)
 %endif
 Provides:       kernel = %version-%source_rel
-Provides:       kernel-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
-Provides:       kernel-%build_flavor-base-srchash = 
fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides:       kernel-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
+Provides:       kernel-%build_flavor-base-srchash = 
7b2d22b118d1ce275f762e1458e957a45ff84018
 
 %ifarch ppc64
 Provides:       kernel-kdump-base = 2.6.28

++++++ kernel-default.spec ++++++
--- /var/tmp/diff_new_pack.1MxGCr/_old  2018-04-16 12:45:10.173449598 +0200
+++ /var/tmp/diff_new_pack.1MxGCr/_new  2018-04-16 12:45:10.177449453 +0200
@@ -18,7 +18,7 @@
 
 
 %define srcversion 4.16
-%define patchversion 4.16.1
+%define patchversion 4.16.2
 %define variant %{nil}
 %define vanilla_only 0
 
@@ -58,9 +58,9 @@
 Summary:        The Standard Kernel
 License:        GPL-2.0
 Group:          System/Kernel
-Version:        4.16.1
+Version:        4.16.2
 %if 0%{?is_kotd}
-Release:        <RELEASE>.gfc6541a
+Release:        <RELEASE>.g7b2d22b
 %else
 Release:        0
 %endif
@@ -164,10 +164,10 @@
 Conflicts:      libc.so.6()(64bit)
 %endif
 Provides:       kernel = %version-%source_rel
-Provides:       kernel-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
-Provides:       kernel-%build_flavor-base-srchash = 
fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides:       kernel-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
+Provides:       kernel-%build_flavor-base-srchash = 
7b2d22b118d1ce275f762e1458e957a45ff84018
 # END COMMON DEPS
-Provides:       %name-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides:       %name-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
 %ifarch %ix86
 Provides:       kernel-smp = 2.6.17
 Obsoletes:      kernel-smp <= 2.6.17
@@ -1104,8 +1104,8 @@
 Conflicts:      libc.so.6()(64bit)
 %endif
 Provides:       kernel = %version-%source_rel
-Provides:       kernel-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
-Provides:       kernel-%build_flavor-base-srchash = 
fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides:       kernel-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
+Provides:       kernel-%build_flavor-base-srchash = 
7b2d22b118d1ce275f762e1458e957a45ff84018
 
 %ifarch %ix86
 Provides:       kernel-trace-base = 3.13

++++++ kernel-docs.spec ++++++
--- /var/tmp/diff_new_pack.1MxGCr/_old  2018-04-16 12:45:10.193448871 +0200
+++ /var/tmp/diff_new_pack.1MxGCr/_new  2018-04-16 12:45:10.197448725 +0200
@@ -17,7 +17,7 @@
 
 
 %define srcversion 4.16
-%define patchversion 4.16.1
+%define patchversion 4.16.2
 %define variant %{nil}
 
 %include %_sourcedir/kernel-spec-macros
@@ -31,9 +31,9 @@
 Summary:        Kernel Documentation
 License:        GPL-2.0
 Group:          Documentation/Man
-Version:        4.16.1
+Version:        4.16.2
 %if 0%{?is_kotd}
-Release:        <RELEASE>.gfc6541a
+Release:        <RELEASE>.g7b2d22b
 %else
 Release:        0
 %endif
@@ -63,7 +63,7 @@
 %endif
 Url:            http://www.kernel.org/
 Provides:       %name = %version-%source_rel
-Provides:       %name-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides:       %name-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
 BuildArch:      noarch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 Source0:        
http://www.kernel.org/pub/linux/kernel/v4.x/linux-%srcversion.tar.xz

++++++ kernel-kvmsmall.spec ++++++
--- /var/tmp/diff_new_pack.1MxGCr/_old  2018-04-16 12:45:10.217447998 +0200
+++ /var/tmp/diff_new_pack.1MxGCr/_new  2018-04-16 12:45:10.221447852 +0200
@@ -18,7 +18,7 @@
 
 
 %define srcversion 4.16
-%define patchversion 4.16.1
+%define patchversion 4.16.2
 %define variant %{nil}
 %define vanilla_only 0
 
@@ -58,9 +58,9 @@
 Summary:        The Small Developer Kernel for KVM
 License:        GPL-2.0
 Group:          System/Kernel
-Version:        4.16.1
+Version:        4.16.2
 %if 0%{?is_kotd}
-Release:        <RELEASE>.gfc6541a
+Release:        <RELEASE>.g7b2d22b
 %else
 Release:        0
 %endif
@@ -164,10 +164,10 @@
 Conflicts:      libc.so.6()(64bit)
 %endif
 Provides:       kernel = %version-%source_rel
-Provides:       kernel-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
-Provides:       kernel-%build_flavor-base-srchash = 
fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides:       kernel-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
+Provides:       kernel-%build_flavor-base-srchash = 
7b2d22b118d1ce275f762e1458e957a45ff84018
 # END COMMON DEPS
-Provides:       %name-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides:       %name-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
 %obsolete_rebuilds %name
 Source0:        
http://www.kernel.org/pub/linux/kernel/v4.x/linux-%srcversion.tar.xz
 Source2:        source-post.sh
@@ -1059,8 +1059,8 @@
 Conflicts:      libc.so.6()(64bit)
 %endif
 Provides:       kernel = %version-%source_rel
-Provides:       kernel-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
-Provides:       kernel-%build_flavor-base-srchash = 
fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides:       kernel-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
+Provides:       kernel-%build_flavor-base-srchash = 
7b2d22b118d1ce275f762e1458e957a45ff84018
 
 %obsolete_rebuilds %name-base
 %ifarch %ix86

kernel-lpae.spec: same change
++++++ kernel-obs-build.spec ++++++
--- /var/tmp/diff_new_pack.1MxGCr/_old  2018-04-16 12:45:10.269446105 +0200
+++ /var/tmp/diff_new_pack.1MxGCr/_new  2018-04-16 12:45:10.269446105 +0200
@@ -19,7 +19,7 @@
 
 #!BuildIgnore: post-build-checks
 
-%define patchversion 4.16.1
+%define patchversion 4.16.2
 %define variant %{nil}
 %define vanilla_only 0
 
@@ -45,7 +45,7 @@
 %endif
 %endif
 %endif
-BuildRequires:  kernel%kernel_flavor-srchash = 
fc6541a4887903de7c2dceaf9e6a75023a494f13
+BuildRequires:  kernel%kernel_flavor-srchash = 
7b2d22b118d1ce275f762e1458e957a45ff84018
 
 %if 0%{?rhel_version}
 BuildRequires:  kernel
@@ -64,9 +64,9 @@
 Summary:        package kernel and initrd for OBS VM builds
 License:        GPL-2.0
 Group:          SLES
-Version:        4.16.1
+Version:        4.16.2
 %if 0%{?is_kotd}
-Release:        <RELEASE>.gfc6541a
+Release:        <RELEASE>.g7b2d22b
 %else
 Release:        0
 %endif

++++++ kernel-obs-qa.spec ++++++
--- /var/tmp/diff_new_pack.1MxGCr/_old  2018-04-16 12:45:10.293445232 +0200
+++ /var/tmp/diff_new_pack.1MxGCr/_new  2018-04-16 12:45:10.313444505 +0200
@@ -17,7 +17,7 @@
 # needsrootforbuild
 
 
-%define patchversion 4.16.1
+%define patchversion 4.16.2
 %define variant %{nil}
 
 %include %_sourcedir/kernel-spec-macros
@@ -36,9 +36,9 @@
 Summary:        Basic QA tests for the kernel
 License:        GPL-2.0
 Group:          SLES
-Version:        4.16.1
+Version:        4.16.2
 %if 0%{?is_kotd}
-Release:        <RELEASE>.gfc6541a
+Release:        <RELEASE>.g7b2d22b
 %else
 Release:        0
 %endif

++++++ kernel-pae.spec ++++++
--- /var/tmp/diff_new_pack.1MxGCr/_old  2018-04-16 12:45:10.333443777 +0200
+++ /var/tmp/diff_new_pack.1MxGCr/_new  2018-04-16 12:45:10.337443632 +0200
@@ -18,7 +18,7 @@
 
 
 %define srcversion 4.16
-%define patchversion 4.16.1
+%define patchversion 4.16.2
 %define variant %{nil}
 %define vanilla_only 0
 
@@ -58,9 +58,9 @@
 Summary:        Kernel with PAE Support
 License:        GPL-2.0
 Group:          System/Kernel
-Version:        4.16.1
+Version:        4.16.2
 %if 0%{?is_kotd}
-Release:        <RELEASE>.gfc6541a
+Release:        <RELEASE>.g7b2d22b
 %else
 Release:        0
 %endif
@@ -164,10 +164,10 @@
 Conflicts:      libc.so.6()(64bit)
 %endif
 Provides:       kernel = %version-%source_rel
-Provides:       kernel-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
-Provides:       kernel-%build_flavor-base-srchash = 
fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides:       kernel-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
+Provides:       kernel-%build_flavor-base-srchash = 
7b2d22b118d1ce275f762e1458e957a45ff84018
 # END COMMON DEPS
-Provides:       %name-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides:       %name-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
 %ifarch %ix86
 Provides:       kernel-bigsmp = 2.6.17
 Obsoletes:      kernel-bigsmp <= 2.6.17
@@ -1081,8 +1081,8 @@
 Conflicts:      libc.so.6()(64bit)
 %endif
 Provides:       kernel = %version-%source_rel
-Provides:       kernel-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
-Provides:       kernel-%build_flavor-base-srchash = 
fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides:       kernel-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
+Provides:       kernel-%build_flavor-base-srchash = 
7b2d22b118d1ce275f762e1458e957a45ff84018
 
 %ifarch %ix86
 Provides:       kernel-vmi-base = 2.6.38

++++++ kernel-source.spec ++++++
--- /var/tmp/diff_new_pack.1MxGCr/_old  2018-04-16 12:45:10.357442904 +0200
+++ /var/tmp/diff_new_pack.1MxGCr/_new  2018-04-16 12:45:10.361442758 +0200
@@ -18,7 +18,7 @@
 
 
 %define srcversion 4.16
-%define patchversion 4.16.1
+%define patchversion 4.16.2
 %define variant %{nil}
 %define vanilla_only 0
 
@@ -30,9 +30,9 @@
 Summary:        The Linux Kernel Sources
 License:        GPL-2.0
 Group:          Development/Sources
-Version:        4.16.1
+Version:        4.16.2
 %if 0%{?is_kotd}
-Release:        <RELEASE>.gfc6541a
+Release:        <RELEASE>.g7b2d22b
 %else
 Release:        0
 %endif
@@ -43,7 +43,7 @@
 BuildRequires:  sed
 Requires(post): coreutils sed
 Provides:       %name = %version-%source_rel
-Provides:       %name-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides:       %name-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
 Provides:       linux
 Provides:       multiversion(kernel)
 Source0:        
http://www.kernel.org/pub/linux/kernel/v4.x/linux-%srcversion.tar.xz

++++++ kernel-syms.spec ++++++
--- /var/tmp/diff_new_pack.1MxGCr/_old  2018-04-16 12:45:10.389441739 +0200
+++ /var/tmp/diff_new_pack.1MxGCr/_new  2018-04-16 12:45:10.389441739 +0200
@@ -24,10 +24,10 @@
 Summary:        Kernel Symbol Versions (modversions)
 License:        GPL-2.0
 Group:          Development/Sources
-Version:        4.16.1
+Version:        4.16.2
 %if %using_buildservice
 %if 0%{?is_kotd}
-Release:        <RELEASE>.gfc6541a
+Release:        <RELEASE>.g7b2d22b
 %else
 Release:        0
 %endif
@@ -55,7 +55,7 @@
 %endif
 Requires:       pesign-obs-integration
 Provides:       %name = %version-%source_rel
-Provides:       %name-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides:       %name-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
 Provides:       multiversion(kernel)
 Source:         README.KSYMS
 Requires:       kernel-devel%variant = %version-%source_rel

++++++ kernel-syzkaller.spec ++++++
--- /var/tmp/diff_new_pack.1MxGCr/_old  2018-04-16 12:45:10.409441012 +0200
+++ /var/tmp/diff_new_pack.1MxGCr/_new  2018-04-16 12:45:10.413440866 +0200
@@ -18,7 +18,7 @@
 
 
 %define srcversion 4.16
-%define patchversion 4.16.1
+%define patchversion 4.16.2
 %define variant %{nil}
 %define vanilla_only 0
 
@@ -58,9 +58,9 @@
 Summary:        Kernel used for fuzzing by syzkaller
 License:        GPL-2.0
 Group:          System/Kernel
-Version:        4.16.1
+Version:        4.16.2
 %if 0%{?is_kotd}
-Release:        <RELEASE>.gfc6541a
+Release:        <RELEASE>.g7b2d22b
 %else
 Release:        0
 %endif
@@ -164,10 +164,10 @@
 Conflicts:      libc.so.6()(64bit)
 %endif
 Provides:       kernel = %version-%source_rel
-Provides:       kernel-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
-Provides:       kernel-%build_flavor-base-srchash = 
fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides:       kernel-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
+Provides:       kernel-%build_flavor-base-srchash = 
7b2d22b118d1ce275f762e1458e957a45ff84018
 # END COMMON DEPS
-Provides:       %name-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides:       %name-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
 %obsolete_rebuilds %name
 Source0:        
http://www.kernel.org/pub/linux/kernel/v4.x/linux-%srcversion.tar.xz
 Source2:        source-post.sh
@@ -1054,8 +1054,8 @@
 Conflicts:      libc.so.6()(64bit)
 %endif
 Provides:       kernel = %version-%source_rel
-Provides:       kernel-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
-Provides:       kernel-%build_flavor-base-srchash = 
fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides:       kernel-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
+Provides:       kernel-%build_flavor-base-srchash = 
7b2d22b118d1ce275f762e1458e957a45ff84018
 
 %obsolete_rebuilds %name-base
 %ifarch %ix86

kernel-vanilla.spec: same change
kernel-zfcpdump.spec: same change
++++++ config.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/config/s390x/vanilla new/config/s390x/vanilla
--- old/config/s390x/vanilla    2018-04-06 10:08:04.000000000 +0200
+++ new/config/s390x/vanilla    2018-04-11 11:59:12.000000000 +0200
@@ -2,10 +2,11 @@
 # CONFIG_IP6_NF_MATCH_SRH is not set
 # CONFIG_LIRC is not set
 CONFIG_LOCALVERSION="-vanilla"
+# CONFIG_MODULE_SIG is not set
 # CONFIG_NF_FLOW_TABLE is not set
 CONFIG_REFCOUNT_FULL=y
 # CONFIG_RUNTIME_TESTING_MENU is not set
 # CONFIG_SENSORS_W83773G is not set
 # CONFIG_SOUNDWIRE is not set
+# CONFIG_SYSTEM_DATA_VERIFICATION is not set
 CONFIG_MODULES=y
-# CONFIG_MODULE_SIG is not set

++++++ patches.kernel.org.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/patches.kernel.org/4.16.2-001-sparc64-Oracle-DAX-driver-depends-on-SPARC64.patch
 
new/patches.kernel.org/4.16.2-001-sparc64-Oracle-DAX-driver-depends-on-SPARC64.patch
--- 
old/patches.kernel.org/4.16.2-001-sparc64-Oracle-DAX-driver-depends-on-SPARC64.patch
        1970-01-01 01:00:00.000000000 +0100
+++ 
new/patches.kernel.org/4.16.2-001-sparc64-Oracle-DAX-driver-depends-on-SPARC64.patch
        2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,50 @@
+From: Guenter Roeck <li...@roeck-us.net>
+Date: Mon, 26 Feb 2018 15:21:18 -0800
+Subject: [PATCH] sparc64: Oracle DAX driver depends on SPARC64
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: 9c548bb5823dfcf7a16c6e65976d84d9581208c9
+
+commit 9c548bb5823dfcf7a16c6e65976d84d9581208c9 upstream.
+
+sparc:allmodconfig fails to build as follows.
+
+ERROR: "mdesc_release" [drivers/sbus/char/oradax.ko] undefined!
+ERROR: "sun4v_hvapi_register" [drivers/sbus/char/oradax.ko] undefined!
+ERROR: "mdesc_get_property" [drivers/sbus/char/oradax.ko] undefined!
+ERROR: "mdesc_node_by_name" [drivers/sbus/char/oradax.ko] undefined!
+ERROR: "mdesc_grab" [drivers/sbus/char/oradax.ko] undefined!
+ERROR: "sun4v_ccb_info" [drivers/sbus/char/oradax.ko] undefined!
+ERROR: "sun4v_ccb_submit" [drivers/sbus/char/oradax.ko] undefined!
+ERROR: "sun4v_ccb_kill" [drivers/sbus/char/oradax.ko] undefined!
+
+The symbols are only available with SPARC64 builds, thus the driver
+depends on it.
+
+Fixes: dd0273284c74 ("sparc64: Oracle DAX driver")
+Cc: Kees Cook <keesc...@chromium.org>
+Signed-off-by: Guenter Roeck <li...@roeck-us.net>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ drivers/sbus/char/Kconfig | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/drivers/sbus/char/Kconfig b/drivers/sbus/char/Kconfig
+index a785aa7660c3..bf3c5f735614 100644
+--- a/drivers/sbus/char/Kconfig
++++ b/drivers/sbus/char/Kconfig
+@@ -72,7 +72,8 @@ config DISPLAY7SEG
+ 
+ config ORACLE_DAX
+       tristate "Oracle Data Analytics Accelerator"
+-      default m if SPARC64
++      depends on SPARC64
++      default m
+       help
+        Driver for Oracle Data Analytics Accelerator, which is
+        a coprocessor that performs database operations in hardware.
+-- 
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/patches.kernel.org/4.16.2-002-arp-fix-arp_filter-on-l3slave-devices.patch 
new/patches.kernel.org/4.16.2-002-arp-fix-arp_filter-on-l3slave-devices.patch
--- 
old/patches.kernel.org/4.16.2-002-arp-fix-arp_filter-on-l3slave-devices.patch   
    1970-01-01 01:00:00.000000000 +0100
+++ 
new/patches.kernel.org/4.16.2-002-arp-fix-arp_filter-on-l3slave-devices.patch   
    2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,46 @@
+From: Miguel Fadon Perlines <mfa...@teldat.com>
+Date: Thu, 5 Apr 2018 10:25:38 +0200
+Subject: [PATCH] arp: fix arp_filter on l3slave devices
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: 58b35f27689b5eb514fc293c332966c226b1b6e4
+
+[ Upstream commit 58b35f27689b5eb514fc293c332966c226b1b6e4 ]
+
+arp_filter performs an ip_route_output search for arp source address and
+checks if output device is the same where the arp request was received,
+if it is not, the arp request is not answered.
+
+This route lookup is always done on main route table so l3slave devices
+never find the proper route and arp is not answered.
+
+Passing l3mdev_master_ifindex_rcu(dev) return value as oif fixes the
+lookup for l3slave devices while maintaining same behavior for non
+l3slave devices as this function returns 0 in that case.
+
+Fixes: 613d09b30f8b ("net: Use VRF device index for lookups on TX")
+Signed-off-by: Miguel Fadon Perlines <mfa...@teldat.com>
+Acked-by: David Ahern <d...@cumulusnetworks.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ net/ipv4/arp.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/net/ipv4/arp.c b/net/ipv4/arp.c
+index f28f06c91ead..7333db17c581 100644
+--- a/net/ipv4/arp.c
++++ b/net/ipv4/arp.c
+@@ -437,7 +437,7 @@ static int arp_filter(__be32 sip, __be32 tip, struct 
net_device *dev)
+       /*unsigned long now; */
+       struct net *net = dev_net(dev);
+ 
+-      rt = ip_route_output(net, sip, tip, 0, 0);
++      rt = ip_route_output(net, sip, tip, 0, l3mdev_master_ifindex_rcu(dev));
+       if (IS_ERR(rt))
+               return 1;
+       if (rt->dst.dev != dev) {
+-- 
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/patches.kernel.org/4.16.2-003-net-dsa-Discard-frames-from-unused-ports.patch
 
new/patches.kernel.org/4.16.2-003-net-dsa-Discard-frames-from-unused-ports.patch
--- 
old/patches.kernel.org/4.16.2-003-net-dsa-Discard-frames-from-unused-ports.patch
    1970-01-01 01:00:00.000000000 +0100
+++ 
new/patches.kernel.org/4.16.2-003-net-dsa-Discard-frames-from-unused-ports.patch
    2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,54 @@
+From: Andrew Lunn <and...@lunn.ch>
+Date: Sat, 7 Apr 2018 20:37:40 +0200
+Subject: [PATCH] net: dsa: Discard frames from unused ports
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: fc5f33768cca7144f8d793205b229d46740d183b
+
+[ Upstream commit fc5f33768cca7144f8d793205b229d46740d183b ]
+
+The Marvell switches under some conditions will pass a frame to the
+host with the port being the CPU port. Such frames are invalid, and
+should be dropped. Not dropping them can result in a crash when
+incrementing the receive statistics for an invalid port.
+
+Reported-by: Chris Healy <cphe...@gmail.com>
+Fixes: 91da11f870f0 ("net: Distributed Switch Architecture protocol support")
+Signed-off-by: Andrew Lunn <and...@lunn.ch>
+Reviewed-by: Florian Fainelli <f.faine...@gmail.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ net/dsa/dsa_priv.h | 8 +++++++-
+ 1 file changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/net/dsa/dsa_priv.h b/net/dsa/dsa_priv.h
+index 70de7895e5b8..053731473c99 100644
+--- a/net/dsa/dsa_priv.h
++++ b/net/dsa/dsa_priv.h
+@@ -126,6 +126,7 @@ static inline struct net_device 
*dsa_master_find_slave(struct net_device *dev,
+       struct dsa_port *cpu_dp = dev->dsa_ptr;
+       struct dsa_switch_tree *dst = cpu_dp->dst;
+       struct dsa_switch *ds;
++      struct dsa_port *slave_port;
+ 
+       if (device < 0 || device >= DSA_MAX_SWITCHES)
+               return NULL;
+@@ -137,7 +138,12 @@ static inline struct net_device 
*dsa_master_find_slave(struct net_device *dev,
+       if (port < 0 || port >= ds->num_ports)
+               return NULL;
+ 
+-      return ds->ports[port].slave;
++      slave_port = &ds->ports[port];
++
++      if (unlikely(slave_port->type != DSA_PORT_TYPE_USER))
++              return NULL;
++
++      return slave_port->slave;
+ }
+ 
+ /* port.c */
+-- 
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/patches.kernel.org/4.16.2-004-net-ipv6-Increment-OUTxxx-counters-after-netfi.patch
 
new/patches.kernel.org/4.16.2-004-net-ipv6-Increment-OUTxxx-counters-after-netfi.patch
--- 
old/patches.kernel.org/4.16.2-004-net-ipv6-Increment-OUTxxx-counters-after-netfi.patch
      1970-01-01 01:00:00.000000000 +0100
+++ 
new/patches.kernel.org/4.16.2-004-net-ipv6-Increment-OUTxxx-counters-after-netfi.patch
      2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,53 @@
+From: Jeff Barnhill <0xeff...@gmail.com>
+Date: Thu, 5 Apr 2018 21:29:47 +0000
+Subject: [PATCH] net/ipv6: Increment OUTxxx counters after netfilter hook
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: 71a1c915238c970cd9bdd5bf158b1279d6b6d55b
+
+[ Upstream commit 71a1c915238c970cd9bdd5bf158b1279d6b6d55b ]
+
+At the end of ip6_forward(), IPSTATS_MIB_OUTFORWDATAGRAMS and
+IPSTATS_MIB_OUTOCTETS are incremented immediately before the NF_HOOK call
+for NFPROTO_IPV6 / NF_INET_FORWARD.  As a result, these counters get
+incremented regardless of whether or not the netfilter hook allows the
+packet to continue being processed.  This change increments the counters
+in ip6_forward_finish() so that it will not happen if the netfilter hook
+chooses to terminate the packet, which is similar to how IPv4 works.
+
+Signed-off-by: Jeff Barnhill <0xeff...@gmail.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ net/ipv6/ip6_output.c | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c
+index 5cb18c8ba9b2..4065ae0c32a0 100644
+--- a/net/ipv6/ip6_output.c
++++ b/net/ipv6/ip6_output.c
+@@ -375,6 +375,11 @@ static int ip6_forward_proxy_check(struct sk_buff *skb)
+ static inline int ip6_forward_finish(struct net *net, struct sock *sk,
+                                    struct sk_buff *skb)
+ {
++      struct dst_entry *dst = skb_dst(skb);
++
++      __IP6_INC_STATS(net, ip6_dst_idev(dst), IPSTATS_MIB_OUTFORWDATAGRAMS);
++      __IP6_ADD_STATS(net, ip6_dst_idev(dst), IPSTATS_MIB_OUTOCTETS, 
skb->len);
++
+       return dst_output(net, sk, skb);
+ }
+ 
+@@ -569,8 +574,6 @@ int ip6_forward(struct sk_buff *skb)
+ 
+       hdr->hop_limit--;
+ 
+-      __IP6_INC_STATS(net, ip6_dst_idev(dst), IPSTATS_MIB_OUTFORWDATAGRAMS);
+-      __IP6_ADD_STATS(net, ip6_dst_idev(dst), IPSTATS_MIB_OUTOCTETS, 
skb->len);
+       return NF_HOOK(NFPROTO_IPV6, NF_INET_FORWARD,
+                      net, NULL, skb, skb->dev, dst->dev,
+                      ip6_forward_finish);
+-- 
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/patches.kernel.org/4.16.2-005-net-sched-fix-NULL-dereference-in-the-error-pa.patch
 
new/patches.kernel.org/4.16.2-005-net-sched-fix-NULL-dereference-in-the-error-pa.patch
--- 
old/patches.kernel.org/4.16.2-005-net-sched-fix-NULL-dereference-in-the-error-pa.patch
      1970-01-01 01:00:00.000000000 +0100
+++ 
new/patches.kernel.org/4.16.2-005-net-sched-fix-NULL-dereference-in-the-error-pa.patch
      2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,106 @@
+From: Davide Caratti <dcara...@redhat.com>
+Date: Fri, 6 Apr 2018 01:19:37 +0200
+Subject: [PATCH] net/sched: fix NULL dereference in the error path of
+ tcf_bpf_init()
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: 3239534a79ee6f20cffd974173a1e62e0730e8ac
+
+[ Upstream commit 3239534a79ee6f20cffd974173a1e62e0730e8ac ]
+
+when tcf_bpf_init_from_ops() fails (e.g. because of program having invalid
+number of instructions), tcf_bpf_cfg_cleanup() calls bpf_prog_put(NULL) or
+bpf_prog_destroy(NULL). Unless CONFIG_BPF_SYSCALL is unset, this causes
+the following error:
+
+ BUG: unable to handle kernel NULL pointer dereference at 0000000000000020
+ PGD 800000007345a067 P4D 800000007345a067 PUD 340e1067 PMD 0
+ Oops: 0000 [#1] SMP PTI
+ Modules linked in: act_bpf(E) ip6table_filter ip6_tables iptable_filter 
binfmt_misc ext4 mbcache jbd2 crct10dif_pclmul crc32_pclmul ghash_clmulni_intel 
snd_hda_codec_generic pcbc snd_hda_intel snd_hda_codec snd_hda_core snd_hwdep 
snd_seq snd_seq_device snd_pcm aesni_intel crypto_simd glue_helper cryptd 
joydev snd_timer snd virtio_balloon pcspkr soundcore i2c_piix4 nfsd auth_rpcgss 
nfs_acl lockd grace sunrpc ip_tables xfs libcrc32c ata_generic pata_acpi qxl 
drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops ttm virtio_blk drm 
virtio_net virtio_console i2c_core crc32c_intel serio_raw virtio_pci ata_piix 
libata virtio_ring floppy virtio dm_mirror dm_region_hash dm_log dm_mod [last 
unloaded: act_bpf]
+ CPU: 3 PID: 5654 Comm: tc Tainted: G            E    4.16.0.bpf_test+ #408
+ Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
+ RIP: 0010:__bpf_prog_put+0xc/0xc0
+ RSP: 0018:ffff9594003ef728 EFLAGS: 00010202
+ RAX: 0000000000000000 RBX: ffff9594003ef758 RCX: 0000000000000024
+ RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
+ RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000044
+ R10: 0000000000000220 R11: ffff8a7ab9f17131 R12: 0000000000000000
+ R13: ffff8a7ab7c3c8e0 R14: 0000000000000001 R15: ffff8a7ab88f1054
+ FS:  00007fcb2f17c740(0000) GS:ffff8a7abfd80000(0000) knlGS:0000000000000000
+ CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
+ CR2: 0000000000000020 CR3: 000000007c888006 CR4: 00000000001606e0
+ Call Trace:
+  tcf_bpf_cfg_cleanup+0x2f/0x40 [act_bpf]
+  tcf_bpf_cleanup+0x4c/0x70 [act_bpf]
+  __tcf_idr_release+0x79/0x140
+  tcf_bpf_init+0x125/0x330 [act_bpf]
+  tcf_action_init_1+0x2cc/0x430
+  ? get_page_from_freelist+0x3f0/0x11b0
+  tcf_action_init+0xd3/0x1b0
+  tc_ctl_action+0x18b/0x240
+  rtnetlink_rcv_msg+0x29c/0x310
+  ? _cond_resched+0x15/0x30
+  ? __kmalloc_node_track_caller+0x1b9/0x270
+  ? rtnl_calcit.isra.29+0x100/0x100
+  netlink_rcv_skb+0xd2/0x110
+  netlink_unicast+0x17c/0x230
+  netlink_sendmsg+0x2cd/0x3c0
+  sock_sendmsg+0x30/0x40
+  ___sys_sendmsg+0x27a/0x290
+  ? mem_cgroup_commit_charge+0x80/0x130
+  ? page_add_new_anon_rmap+0x73/0xc0
+  ? do_anonymous_page+0x2a2/0x560
+  ? __handle_mm_fault+0xc75/0xe20
+  __sys_sendmsg+0x58/0xa0
+  do_syscall_64+0x6e/0x1a0
+  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
+ RIP: 0033:0x7fcb2e58eba0
+ RSP: 002b:00007ffc93c496c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
+ RAX: ffffffffffffffda RBX: 00007ffc93c497f0 RCX: 00007fcb2e58eba0
+ RDX: 0000000000000000 RSI: 00007ffc93c49740 RDI: 0000000000000003
+ RBP: 000000005ac6a646 R08: 0000000000000002 R09: 0000000000000000
+ R10: 00007ffc93c49120 R11: 0000000000000246 R12: 0000000000000000
+ R13: 00007ffc93c49804 R14: 0000000000000001 R15: 000000000066afa0
+ Code: 5f 00 48 8b 43 20 48 c7 c7 70 2f 7c b8 c7 40 10 00 00 00 00 5b e9 a5 8b 
61 00 0f 1f 44 00 00 0f 1f 44 00 00 41 54 55 48 89 fd 53 <48> 8b 47 20 f0 ff 08 
74 05 5b 5d 41 5c c3 41 89 f4 0f 1f 44 00
+ RIP: __bpf_prog_put+0xc/0xc0 RSP: ffff9594003ef728
+ CR2: 0000000000000020
+
+Fix it in tcf_bpf_cfg_cleanup(), ensuring that bpf_prog_{put,destroy}(f)
+is called only when f is not NULL.
+
+Fixes: bbc09e7842a5 ("net/sched: fix idr leak on the error path of 
tcf_bpf_init()")
+Reported-by: Lucas Bates <luc...@mojatatu.com>
+Signed-off-by: Davide Caratti <dcara...@redhat.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ net/sched/act_bpf.c | 12 ++++++++----
+ 1 file changed, 8 insertions(+), 4 deletions(-)
+
+diff --git a/net/sched/act_bpf.c b/net/sched/act_bpf.c
+index 9d2cabf1dc7e..f3eee5326307 100644
+--- a/net/sched/act_bpf.c
++++ b/net/sched/act_bpf.c
+@@ -248,10 +248,14 @@ static int tcf_bpf_init_from_efd(struct nlattr **tb, 
struct tcf_bpf_cfg *cfg)
+ 
+ static void tcf_bpf_cfg_cleanup(const struct tcf_bpf_cfg *cfg)
+ {
+-      if (cfg->is_ebpf)
+-              bpf_prog_put(cfg->filter);
+-      else
+-              bpf_prog_destroy(cfg->filter);
++      struct bpf_prog *filter = cfg->filter;
++
++      if (filter) {
++              if (cfg->is_ebpf)
++                      bpf_prog_put(filter);
++              else
++                      bpf_prog_destroy(filter);
++      }
+ 
+       kfree(cfg->bpf_ops);
+       kfree(cfg->bpf_name);
+-- 
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/patches.kernel.org/4.16.2-006-pptp-remove-a-buggy-dst-release-in-pptp_connec.patch
 
new/patches.kernel.org/4.16.2-006-pptp-remove-a-buggy-dst-release-in-pptp_connec.patch
--- 
old/patches.kernel.org/4.16.2-006-pptp-remove-a-buggy-dst-release-in-pptp_connec.patch
      1970-01-01 01:00:00.000000000 +0100
+++ 
new/patches.kernel.org/4.16.2-006-pptp-remove-a-buggy-dst-release-in-pptp_connec.patch
      2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,120 @@
+From: Eric Dumazet <eduma...@google.com>
+Date: Mon, 2 Apr 2018 18:48:37 -0700
+Subject: [PATCH] pptp: remove a buggy dst release in pptp_connect()
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: bfacfb457b36911a10140b8cb3ce76a74883ac5a
+
+[ Upstream commit bfacfb457b36911a10140b8cb3ce76a74883ac5a ]
+
+Once dst has been cached in socket via sk_setup_caps(),
+it is illegal to call ip_rt_put() (or dst_release()),
+since sk_setup_caps() did not change dst refcount.
+
+We can still dereference it since we hold socket lock.
+
+Caugth by syzbot :
+
+BUG: KASAN: use-after-free in atomic_dec_return 
include/asm-generic/atomic-instrumented.h:198 [inline]
+BUG: KASAN: use-after-free in dst_release+0x27/0xa0 net/core/dst.c:185
+Write of size 4 at addr ffff8801c54dc040 by task syz-executor4/20088
+
+CPU: 1 PID: 20088 Comm: syz-executor4 Not tainted 4.16.0+ #376
+Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 
01/01/2011
+Call Trace:
+ __dump_stack lib/dump_stack.c:17 [inline]
+ dump_stack+0x1a7/0x27d lib/dump_stack.c:53
+ print_address_description+0x73/0x250 mm/kasan/report.c:256
+ kasan_report_error mm/kasan/report.c:354 [inline]
+ kasan_report+0x23c/0x360 mm/kasan/report.c:412
+ check_memory_region_inline mm/kasan/kasan.c:260 [inline]
+ check_memory_region+0x137/0x190 mm/kasan/kasan.c:267
+ kasan_check_write+0x14/0x20 mm/kasan/kasan.c:278
+ atomic_dec_return include/asm-generic/atomic-instrumented.h:198 [inline]
+ dst_release+0x27/0xa0 net/core/dst.c:185
+ sk_dst_set include/net/sock.h:1812 [inline]
+ sk_dst_reset include/net/sock.h:1824 [inline]
+ sock_setbindtodevice net/core/sock.c:610 [inline]
+ sock_setsockopt+0x431/0x1b20 net/core/sock.c:707
+ SYSC_setsockopt net/socket.c:1845 [inline]
+ SyS_setsockopt+0x2ff/0x360 net/socket.c:1828
+ do_syscall_64+0x281/0x940 arch/x86/entry/common.c:287
+ entry_SYSCALL_64_after_hwframe+0x42/0xb7
+RIP: 0033:0x4552d9
+RSP: 002b:00007f4878126c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
+RAX: ffffffffffffffda RBX: 00007f48781276d4 RCX: 00000000004552d9
+RDX: 0000000000000019 RSI: 0000000000000001 RDI: 0000000000000013
+RBP: 000000000072bea0 R08: 0000000000000010 R09: 0000000000000000
+R10: 00000000200010c0 R11: 0000000000000246 R12: 00000000ffffffff
+R13: 0000000000000526 R14: 00000000006fac30 R15: 0000000000000000
+
+Allocated by task 20088:
+ save_stack+0x43/0xd0 mm/kasan/kasan.c:447
+ set_track mm/kasan/kasan.c:459 [inline]
+ kasan_kmalloc+0xad/0xe0 mm/kasan/kasan.c:552
+ kasan_slab_alloc+0x12/0x20 mm/kasan/kasan.c:489
+ kmem_cache_alloc+0x12e/0x760 mm/slab.c:3542
+ dst_alloc+0x11f/0x1a0 net/core/dst.c:104
+ rt_dst_alloc+0xe9/0x540 net/ipv4/route.c:1520
+ __mkroute_output net/ipv4/route.c:2265 [inline]
+ ip_route_output_key_hash_rcu+0xa49/0x2c60 net/ipv4/route.c:2493
+ ip_route_output_key_hash+0x20b/0x370 net/ipv4/route.c:2322
+ __ip_route_output_key include/net/route.h:126 [inline]
+ ip_route_output_flow+0x26/0xa0 net/ipv4/route.c:2577
+ ip_route_output_ports include/net/route.h:163 [inline]
+ pptp_connect+0xa84/0x1170 drivers/net/ppp/pptp.c:453
+ SYSC_connect+0x213/0x4a0 net/socket.c:1639
+ SyS_connect+0x24/0x30 net/socket.c:1620
+ do_syscall_64+0x281/0x940 arch/x86/entry/common.c:287
+ entry_SYSCALL_64_after_hwframe+0x42/0xb7
+
+Freed by task 20082:
+ save_stack+0x43/0xd0 mm/kasan/kasan.c:447
+ set_track mm/kasan/kasan.c:459 [inline]
+ __kasan_slab_free+0x11a/0x170 mm/kasan/kasan.c:520
+ kasan_slab_free+0xe/0x10 mm/kasan/kasan.c:527
+ __cache_free mm/slab.c:3486 [inline]
+ kmem_cache_free+0x83/0x2a0 mm/slab.c:3744
+ dst_destroy+0x266/0x380 net/core/dst.c:140
+ dst_destroy_rcu+0x16/0x20 net/core/dst.c:153
+ __rcu_reclaim kernel/rcu/rcu.h:178 [inline]
+ rcu_do_batch kernel/rcu/tree.c:2675 [inline]
+ invoke_rcu_callbacks kernel/rcu/tree.c:2930 [inline]
+ __rcu_process_callbacks kernel/rcu/tree.c:2897 [inline]
+ rcu_process_callbacks+0xd6c/0x17b0 kernel/rcu/tree.c:2914
+ __do_softirq+0x2d7/0xb85 kernel/softirq.c:285
+
+The buggy address belongs to the object at ffff8801c54dc000
+ which belongs to the cache ip_dst_cache of size 168
+The buggy address is located 64 bytes inside of
+ 168-byte region [ffff8801c54dc000, ffff8801c54dc0a8)
+The buggy address belongs to the page:
+page:ffffea0007153700 count:1 mapcount:0 mapping:ffff8801c54dc000 index:0x0
+flags: 0x2fffc0000000100(slab)
+raw: 02fffc0000000100 ffff8801c54dc000 0000000000000000 0000000100000010
+raw: ffffea0006b34b20 ffffea0006b6c1e0 ffff8801d674a1c0 0000000000000000
+page dumped because: kasan: bad access detected
+
+Signed-off-by: Eric Dumazet <eduma...@google.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ drivers/net/ppp/pptp.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/drivers/net/ppp/pptp.c b/drivers/net/ppp/pptp.c
+index 6dde9a0cfe76..9b70a3af678e 100644
+--- a/drivers/net/ppp/pptp.c
++++ b/drivers/net/ppp/pptp.c
+@@ -464,7 +464,6 @@ static int pptp_connect(struct socket *sock, struct 
sockaddr *uservaddr,
+       po->chan.mtu = dst_mtu(&rt->dst);
+       if (!po->chan.mtu)
+               po->chan.mtu = PPP_MRU;
+-      ip_rt_put(rt);
+       po->chan.mtu -= PPTP_HEADER_OVERHEAD;
+ 
+       po->chan.hdrlen = 2 + sizeof(struct pptp_gre_header);
+-- 
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/patches.kernel.org/4.16.2-007-sctp-do-not-leak-kernel-memory-to-user-space.patch
 
new/patches.kernel.org/4.16.2-007-sctp-do-not-leak-kernel-memory-to-user-space.patch
--- 
old/patches.kernel.org/4.16.2-007-sctp-do-not-leak-kernel-memory-to-user-space.patch
        1970-01-01 01:00:00.000000000 +0100
+++ 
new/patches.kernel.org/4.16.2-007-sctp-do-not-leak-kernel-memory-to-user-space.patch
        2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,100 @@
+From: Eric Dumazet <eduma...@google.com>
+Date: Sat, 7 Apr 2018 17:15:22 -0700
+Subject: [PATCH] sctp: do not leak kernel memory to user space
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: 6780db244d6b1537d139dea0ec8aad10cf9e4adb
+
+[ Upstream commit 6780db244d6b1537d139dea0ec8aad10cf9e4adb ]
+
+syzbot produced a nice report [1]
+
+Issue here is that a recvmmsg() managed to leak 8 bytes of kernel memory
+to user space, because sin_zero (padding field) was not properly cleared.
+
+[1]
+BUG: KMSAN: uninit-value in copy_to_user include/linux/uaccess.h:184 [inline]
+BUG: KMSAN: uninit-value in move_addr_to_user+0x32e/0x530 net/socket.c:227
+CPU: 1 PID: 3586 Comm: syzkaller481044 Not tainted 4.16.0+ #82
+Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 
01/01/2011
+Call Trace:
+ __dump_stack lib/dump_stack.c:17 [inline]
+ dump_stack+0x185/0x1d0 lib/dump_stack.c:53
+ kmsan_report+0x142/0x240 mm/kmsan/kmsan.c:1067
+ kmsan_internal_check_memory+0x164/0x1d0 mm/kmsan/kmsan.c:1176
+ kmsan_copy_to_user+0x69/0x160 mm/kmsan/kmsan.c:1199
+ copy_to_user include/linux/uaccess.h:184 [inline]
+ move_addr_to_user+0x32e/0x530 net/socket.c:227
+ ___sys_recvmsg+0x4e2/0x810 net/socket.c:2211
+ __sys_recvmmsg+0x54e/0xdb0 net/socket.c:2313
+ SYSC_recvmmsg+0x29b/0x3e0 net/socket.c:2394
+ SyS_recvmmsg+0x76/0xa0 net/socket.c:2378
+ do_syscall_64+0x309/0x430 arch/x86/entry/common.c:287
+ entry_SYSCALL_64_after_hwframe+0x3d/0xa2
+RIP: 0033:0x4401c9
+RSP: 002b:00007ffc56f73098 EFLAGS: 00000217 ORIG_RAX: 000000000000012b
+RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 00000000004401c9
+RDX: 0000000000000001 RSI: 0000000020003ac0 RDI: 0000000000000003
+RBP: 00000000006ca018 R08: 0000000020003bc0 R09: 0000000000000010
+R10: 0000000000000000 R11: 0000000000000217 R12: 0000000000401af0
+R13: 0000000000401b80 R14: 0000000000000000 R15: 0000000000000000
+
+Local variable description: ----addr@___sys_recvmsg
+Variable was created at:
+ ___sys_recvmsg+0xd5/0x810 net/socket.c:2172
+ __sys_recvmmsg+0x54e/0xdb0 net/socket.c:2313
+
+Bytes 8-15 of 16 are uninitialized
+
+==================================================================
+Kernel panic - not syncing: panic_on_warn set ...
+
+CPU: 1 PID: 3586 Comm: syzkaller481044 Tainted: G    B            4.16.0+ #82
+Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 
01/01/2011
+Call Trace:
+ __dump_stack lib/dump_stack.c:17 [inline]
+ dump_stack+0x185/0x1d0 lib/dump_stack.c:53
+ panic+0x39d/0x940 kernel/panic.c:183
+ kmsan_report+0x238/0x240 mm/kmsan/kmsan.c:1083
+ kmsan_internal_check_memory+0x164/0x1d0 mm/kmsan/kmsan.c:1176
+ kmsan_copy_to_user+0x69/0x160 mm/kmsan/kmsan.c:1199
+ copy_to_user include/linux/uaccess.h:184 [inline]
+ move_addr_to_user+0x32e/0x530 net/socket.c:227
+ ___sys_recvmsg+0x4e2/0x810 net/socket.c:2211
+ __sys_recvmmsg+0x54e/0xdb0 net/socket.c:2313
+ SYSC_recvmmsg+0x29b/0x3e0 net/socket.c:2394
+ SyS_recvmmsg+0x76/0xa0 net/socket.c:2378
+ do_syscall_64+0x309/0x430 arch/x86/entry/common.c:287
+ entry_SYSCALL_64_after_hwframe+0x3d/0xa2
+
+Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
+Signed-off-by: Eric Dumazet <eduma...@google.com>
+Cc:    Vlad Yasevich <vyasev...@gmail.com>
+Cc:    Neil Horman <nhor...@tuxdriver.com>
+Reported-by: syzbot <syzkal...@googlegroups.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ net/sctp/ipv6.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c
+index e35d4f73d2df..f6d3d0c1e133 100644
+--- a/net/sctp/ipv6.c
++++ b/net/sctp/ipv6.c
+@@ -728,8 +728,10 @@ static int sctp_v6_addr_to_user(struct sctp_sock *sp, 
union sctp_addr *addr)
+                       sctp_v6_map_v4(addr);
+       }
+ 
+-      if (addr->sa.sa_family == AF_INET)
++      if (addr->sa.sa_family == AF_INET) {
++              memset(addr->v4.sin_zero, 0, sizeof(addr->v4.sin_zero));
+               return sizeof(struct sockaddr_in);
++      }
+       return sizeof(struct sockaddr_in6);
+ }
+ 
+-- 
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/patches.kernel.org/4.16.2-008-sctp-sctp_sockaddr_af-must-check-minimal-addr-.patch
 
new/patches.kernel.org/4.16.2-008-sctp-sctp_sockaddr_af-must-check-minimal-addr-.patch
--- 
old/patches.kernel.org/4.16.2-008-sctp-sctp_sockaddr_af-must-check-minimal-addr-.patch
      1970-01-01 01:00:00.000000000 +0100
+++ 
new/patches.kernel.org/4.16.2-008-sctp-sctp_sockaddr_af-must-check-minimal-addr-.patch
      2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,82 @@
+From: Eric Dumazet <eduma...@google.com>
+Date: Sun, 8 Apr 2018 07:52:08 -0700
+Subject: [PATCH] sctp: sctp_sockaddr_af must check minimal addr length for
+ AF_INET6
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: 81e98370293afcb58340ce8bd71af7b97f925c26
+
+[ Upstream commit 81e98370293afcb58340ce8bd71af7b97f925c26 ]
+
+Check must happen before call to ipv6_addr_v4mapped()
+
+syzbot report was :
+
+BUG: KMSAN: uninit-value in sctp_sockaddr_af net/sctp/socket.c:359 [inline]
+BUG: KMSAN: uninit-value in sctp_do_bind+0x60f/0xdc0 net/sctp/socket.c:384
+CPU: 0 PID: 3576 Comm: syzkaller968804 Not tainted 4.16.0+ #82
+Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 
01/01/2011
+Call Trace:
+ __dump_stack lib/dump_stack.c:17 [inline]
+ dump_stack+0x185/0x1d0 lib/dump_stack.c:53
+ kmsan_report+0x142/0x240 mm/kmsan/kmsan.c:1067
+ __msan_warning_32+0x6c/0xb0 mm/kmsan/kmsan_instr.c:676
+ sctp_sockaddr_af net/sctp/socket.c:359 [inline]
+ sctp_do_bind+0x60f/0xdc0 net/sctp/socket.c:384
+ sctp_bind+0x149/0x190 net/sctp/socket.c:332
+ inet6_bind+0x1fd/0x1820 net/ipv6/af_inet6.c:293
+ SYSC_bind+0x3f2/0x4b0 net/socket.c:1474
+ SyS_bind+0x54/0x80 net/socket.c:1460
+ do_syscall_64+0x309/0x430 arch/x86/entry/common.c:287
+ entry_SYSCALL_64_after_hwframe+0x3d/0xa2
+RIP: 0033:0x43fd49
+RSP: 002b:00007ffe99df3d28 EFLAGS: 00000213 ORIG_RAX: 0000000000000031
+RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fd49
+RDX: 0000000000000010 RSI: 0000000020000000 RDI: 0000000000000003
+RBP: 00000000006ca018 R08: 00000000004002c8 R09: 00000000004002c8
+R10: 00000000004002c8 R11: 0000000000000213 R12: 0000000000401670
+R13: 0000000000401700 R14: 0000000000000000 R15: 0000000000000000
+
+Local variable description: ----address@SYSC_bind
+Variable was created at:
+ SYSC_bind+0x6f/0x4b0 net/socket.c:1461
+ SyS_bind+0x54/0x80 net/socket.c:1460
+
+Signed-off-by: Eric Dumazet <eduma...@google.com>
+Cc: Vlad Yasevich <vyasev...@gmail.com>
+Cc: Neil Horman <nhor...@tuxdriver.com>
+Reported-by: syzbot <syzkal...@googlegroups.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ net/sctp/socket.c | 13 ++++++++-----
+ 1 file changed, 8 insertions(+), 5 deletions(-)
+
+diff --git a/net/sctp/socket.c b/net/sctp/socket.c
+index bf271f8c2dc9..7160c2e9b768 100644
+--- a/net/sctp/socket.c
++++ b/net/sctp/socket.c
+@@ -354,11 +354,14 @@ static struct sctp_af *sctp_sockaddr_af(struct sctp_sock 
*opt,
+       if (!opt->pf->af_supported(addr->sa.sa_family, opt))
+               return NULL;
+ 
+-      /* V4 mapped address are really of AF_INET family */
+-      if (addr->sa.sa_family == AF_INET6 &&
+-          ipv6_addr_v4mapped(&addr->v6.sin6_addr) &&
+-          !opt->pf->af_supported(AF_INET, opt))
+-              return NULL;
++      if (addr->sa.sa_family == AF_INET6) {
++              if (len < SIN6_LEN_RFC2133)
++                      return NULL;
++              /* V4 mapped address are really of AF_INET family */
++              if (ipv6_addr_v4mapped(&addr->v6.sin6_addr) &&
++                  !opt->pf->af_supported(AF_INET, opt))
++                      return NULL;
++      }
+ 
+       /* If we get this far, af is valid. */
+       af = sctp_get_af_specific(addr->sa.sa_family);
+-- 
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/patches.kernel.org/4.16.2-009-sky2-Increase-D3-delay-to-sky2-stops-working-a.patch
 
new/patches.kernel.org/4.16.2-009-sky2-Increase-D3-delay-to-sky2-stops-working-a.patch
--- 
old/patches.kernel.org/4.16.2-009-sky2-Increase-D3-delay-to-sky2-stops-working-a.patch
      1970-01-01 01:00:00.000000000 +0100
+++ 
new/patches.kernel.org/4.16.2-009-sky2-Increase-D3-delay-to-sky2-stops-working-a.patch
      2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,41 @@
+From: Kai-Heng Feng <kai.heng.f...@canonical.com>
+Date: Sat, 31 Mar 2018 23:42:03 +0800
+Subject: [PATCH] sky2: Increase D3 delay to sky2 stops working after suspend
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: afb133637071be6deeb8b3d0e55593ffbf63c527
+
+[ Upstream commit afb133637071be6deeb8b3d0e55593ffbf63c527 ]
+
+The sky2 ethernet stops working after system resume from suspend:
+[ 582.852065] sky2 0000:04:00.0: Refused to change power state, currently in D3
+
+The current 150ms delay is not enough, change it to 200ms can solve the
+issue.
+
+BugLink: https://bugs.launchpad.net/bugs/1758507
+Cc: Stable <sta...@vger.kernel.org>
+Signed-off-by: Kai-Heng Feng <kai.heng.f...@canonical.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ drivers/net/ethernet/marvell/sky2.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/drivers/net/ethernet/marvell/sky2.c 
b/drivers/net/ethernet/marvell/sky2.c
+index 9fe85300e7b6..5754116a6a4d 100644
+--- a/drivers/net/ethernet/marvell/sky2.c
++++ b/drivers/net/ethernet/marvell/sky2.c
+@@ -5087,7 +5087,7 @@ static int sky2_probe(struct pci_dev *pdev, const struct 
pci_device_id *ent)
+       INIT_WORK(&hw->restart_work, sky2_restart);
+ 
+       pci_set_drvdata(pdev, hw);
+-      pdev->d3_delay = 150;
++      pdev->d3_delay = 200;
+ 
+       return 0;
+ 
+-- 
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/patches.kernel.org/4.16.2-010-vlan-also-check-phy_driver-ts_info-for-vlan-s-.patch
 
new/patches.kernel.org/4.16.2-010-vlan-also-check-phy_driver-ts_info-for-vlan-s-.patch
--- 
old/patches.kernel.org/4.16.2-010-vlan-also-check-phy_driver-ts_info-for-vlan-s-.patch
      1970-01-01 01:00:00.000000000 +0100
+++ 
new/patches.kernel.org/4.16.2-010-vlan-also-check-phy_driver-ts_info-for-vlan-s-.patch
      2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,50 @@
+From: Hangbin Liu <liuhang...@gmail.com>
+Date: Fri, 30 Mar 2018 09:44:00 +0800
+Subject: [PATCH] vlan: also check phy_driver ts_info for vlan's real device
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: ec1d8ccb07deaf30fd0508af6755364ac47dc08d
+
+[ Upstream commit ec1d8ccb07deaf30fd0508af6755364ac47dc08d ]
+
+Just like function ethtool_get_ts_info(), we should also consider the
+phy_driver ts_info call back. For example, driver dp83640.
+
+Fixes: 37dd9255b2f6 ("vlan: Pass ethtool get_ts_info queries to real device.")
+Acked-by: Richard Cochran <richardcoch...@gmail.com>
+Signed-off-by: Hangbin Liu <liuhang...@gmail.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ net/8021q/vlan_dev.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/net/8021q/vlan_dev.c b/net/8021q/vlan_dev.c
+index f7e83f6d2e64..236452ebbd9e 100644
+--- a/net/8021q/vlan_dev.c
++++ b/net/8021q/vlan_dev.c
+@@ -29,6 +29,7 @@
+ #include <linux/net_tstamp.h>
+ #include <linux/etherdevice.h>
+ #include <linux/ethtool.h>
++#include <linux/phy.h>
+ #include <net/arp.h>
+ #include <net/switchdev.h>
+ 
+@@ -665,8 +666,11 @@ static int vlan_ethtool_get_ts_info(struct net_device 
*dev,
+ {
+       const struct vlan_dev_priv *vlan = vlan_dev_priv(dev);
+       const struct ethtool_ops *ops = vlan->real_dev->ethtool_ops;
++      struct phy_device *phydev = vlan->real_dev->phydev;
+ 
+-      if (ops->get_ts_info) {
++      if (phydev && phydev->drv && phydev->drv->ts_info) {
++               return phydev->drv->ts_info(phydev, info);
++      } else if (ops->get_ts_info) {
+               return ops->get_ts_info(vlan->real_dev, info);
+       } else {
+               info->so_timestamping = SOF_TIMESTAMPING_RX_SOFTWARE |
+-- 
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/patches.kernel.org/4.16.2-011-net-fool-proof-dev_valid_name.patch 
new/patches.kernel.org/4.16.2-011-net-fool-proof-dev_valid_name.patch
--- old/patches.kernel.org/4.16.2-011-net-fool-proof-dev_valid_name.patch       
1970-01-01 01:00:00.000000000 +0100
+++ new/patches.kernel.org/4.16.2-011-net-fool-proof-dev_valid_name.patch       
2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,37 @@
+From: Eric Dumazet <eduma...@google.com>
+Date: Thu, 5 Apr 2018 06:39:26 -0700
+Subject: [PATCH] net: fool proof dev_valid_name()
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: a9d48205d0aedda021fc3728972a9e9934c2b9de
+
+[ Upstream commit a9d48205d0aedda021fc3728972a9e9934c2b9de ]
+
+We want to use dev_valid_name() to validate tunnel names,
+so better use strnlen(name, IFNAMSIZ) than strlen(name) to make
+sure to not upset KASAN.
+
+Signed-off-by: Eric Dumazet <eduma...@google.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ net/core/dev.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/net/core/dev.c b/net/core/dev.c
+index ef0cc6ea5f8d..c4aa2941dbfd 100644
+--- a/net/core/dev.c
++++ b/net/core/dev.c
+@@ -1027,7 +1027,7 @@ bool dev_valid_name(const char *name)
+ {
+       if (*name == '\0')
+               return false;
+-      if (strlen(name) >= IFNAMSIZ)
++      if (strnlen(name, IFNAMSIZ) == IFNAMSIZ)
+               return false;
+       if (!strcmp(name, ".") || !strcmp(name, ".."))
+               return false;
+-- 
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/patches.kernel.org/4.16.2-012-ip_tunnel-better-validate-user-provided-tunnel.patch
 
new/patches.kernel.org/4.16.2-012-ip_tunnel-better-validate-user-provided-tunnel.patch
--- 
old/patches.kernel.org/4.16.2-012-ip_tunnel-better-validate-user-provided-tunnel.patch
      1970-01-01 01:00:00.000000000 +0100
+++ 
new/patches.kernel.org/4.16.2-012-ip_tunnel-better-validate-user-provided-tunnel.patch
      2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,83 @@
+From: Eric Dumazet <eduma...@google.com>
+Date: Thu, 5 Apr 2018 06:39:27 -0700
+Subject: [PATCH] ip_tunnel: better validate user provided tunnel names
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: 9cb726a212a82c88c98aa9f0037fd04777cd8fe5
+
+[ Upstream commit 9cb726a212a82c88c98aa9f0037fd04777cd8fe5 ]
+
+Use dev_valid_name() to make sure user does not provide illegal
+device name.
+
+syzbot caught the following bug :
+
+BUG: KASAN: stack-out-of-bounds in strlcpy include/linux/string.h:300 [inline]
+BUG: KASAN: stack-out-of-bounds in __ip_tunnel_create+0xca/0x6b0 
net/ipv4/ip_tunnel.c:257
+Write of size 20 at addr ffff8801ac79f810 by task syzkaller268107/4482
+
+CPU: 0 PID: 4482 Comm: syzkaller268107 Not tainted 4.16.0+ #1
+Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 
01/01/2011
+Call Trace:
+ __dump_stack lib/dump_stack.c:17 [inline]
+ dump_stack+0x1b9/0x29f lib/dump_stack.c:53
+ print_address_description+0x6c/0x20b mm/kasan/report.c:256
+ kasan_report_error mm/kasan/report.c:354 [inline]
+ kasan_report.cold.7+0xac/0x2f5 mm/kasan/report.c:412
+ check_memory_region_inline mm/kasan/kasan.c:260 [inline]
+ check_memory_region+0x13e/0x1b0 mm/kasan/kasan.c:267
+ memcpy+0x37/0x50 mm/kasan/kasan.c:303
+ strlcpy include/linux/string.h:300 [inline]
+ __ip_tunnel_create+0xca/0x6b0 net/ipv4/ip_tunnel.c:257
+ ip_tunnel_create net/ipv4/ip_tunnel.c:352 [inline]
+ ip_tunnel_ioctl+0x818/0xd40 net/ipv4/ip_tunnel.c:861
+ ipip_tunnel_ioctl+0x1c5/0x420 net/ipv4/ipip.c:350
+ dev_ifsioc+0x43e/0xb90 net/core/dev_ioctl.c:334
+ dev_ioctl+0x69a/0xcc0 net/core/dev_ioctl.c:525
+ sock_ioctl+0x47e/0x680 net/socket.c:1015
+ vfs_ioctl fs/ioctl.c:46 [inline]
+ file_ioctl fs/ioctl.c:500 [inline]
+ do_vfs_ioctl+0x1cf/0x1650 fs/ioctl.c:684
+ ksys_ioctl+0xa9/0xd0 fs/ioctl.c:701
+ SYSC_ioctl fs/ioctl.c:708 [inline]
+ SyS_ioctl+0x24/0x30 fs/ioctl.c:706
+ do_syscall_64+0x29e/0x9d0 arch/x86/entry/common.c:287
+ entry_SYSCALL_64_after_hwframe+0x42/0xb7
+
+Fixes: c54419321455 ("GRE: Refactor GRE tunneling code.")
+Signed-off-by: Eric Dumazet <eduma...@google.com>
+Reported-by: syzbot <syzkal...@googlegroups.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ net/ipv4/ip_tunnel.c | 11 ++++++-----
+ 1 file changed, 6 insertions(+), 5 deletions(-)
+
+diff --git a/net/ipv4/ip_tunnel.c b/net/ipv4/ip_tunnel.c
+index a7fd1c5a2a14..57478d68248d 100644
+--- a/net/ipv4/ip_tunnel.c
++++ b/net/ipv4/ip_tunnel.c
+@@ -253,13 +253,14 @@ static struct net_device *__ip_tunnel_create(struct net 
*net,
+       struct net_device *dev;
+       char name[IFNAMSIZ];
+ 
+-      if (parms->name[0])
++      err = -E2BIG;
++      if (parms->name[0]) {
++              if (!dev_valid_name(parms->name))
++                      goto failed;
+               strlcpy(name, parms->name, IFNAMSIZ);
+-      else {
+-              if (strlen(ops->kind) > (IFNAMSIZ - 3)) {
+-                      err = -E2BIG;
++      } else {
++              if (strlen(ops->kind) > (IFNAMSIZ - 3))
+                       goto failed;
+-              }
+               strlcpy(name, ops->kind, IFNAMSIZ);
+               strncat(name, "%d", 2);
+       }
+-- 
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/patches.kernel.org/4.16.2-013-ipv6-sit-better-validate-user-provided-tunnel-.patch
 
new/patches.kernel.org/4.16.2-013-ipv6-sit-better-validate-user-provided-tunnel-.patch
--- 
old/patches.kernel.org/4.16.2-013-ipv6-sit-better-validate-user-provided-tunnel-.patch
      1970-01-01 01:00:00.000000000 +0100
+++ 
new/patches.kernel.org/4.16.2-013-ipv6-sit-better-validate-user-provided-tunnel-.patch
      2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,78 @@
+From: Eric Dumazet <eduma...@google.com>
+Date: Thu, 5 Apr 2018 06:39:28 -0700
+Subject: [PATCH] ipv6: sit: better validate user provided tunnel names
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: b95211e066fc3494b7c115060b2297b4ba21f025
+
+[ Upstream commit b95211e066fc3494b7c115060b2297b4ba21f025 ]
+
+Use dev_valid_name() to make sure user does not provide illegal
+device name.
+
+syzbot caught the following bug :
+
+BUG: KASAN: stack-out-of-bounds in strlcpy include/linux/string.h:300 [inline]
+BUG: KASAN: stack-out-of-bounds in ipip6_tunnel_locate+0x63b/0xaa0 
net/ipv6/sit.c:254
+Write of size 33 at addr ffff8801b64076d8 by task syzkaller932654/4453
+
+CPU: 0 PID: 4453 Comm: syzkaller932654 Not tainted 4.16.0+ #1
+Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 
01/01/2011
+Call Trace:
+ __dump_stack lib/dump_stack.c:17 [inline]
+ dump_stack+0x1b9/0x29f lib/dump_stack.c:53
+ print_address_description+0x6c/0x20b mm/kasan/report.c:256
+ kasan_report_error mm/kasan/report.c:354 [inline]
+ kasan_report.cold.7+0xac/0x2f5 mm/kasan/report.c:412
+ check_memory_region_inline mm/kasan/kasan.c:260 [inline]
+ check_memory_region+0x13e/0x1b0 mm/kasan/kasan.c:267
+ memcpy+0x37/0x50 mm/kasan/kasan.c:303
+ strlcpy include/linux/string.h:300 [inline]
+ ipip6_tunnel_locate+0x63b/0xaa0 net/ipv6/sit.c:254
+ ipip6_tunnel_ioctl+0xe71/0x241b net/ipv6/sit.c:1221
+ dev_ifsioc+0x43e/0xb90 net/core/dev_ioctl.c:334
+ dev_ioctl+0x69a/0xcc0 net/core/dev_ioctl.c:525
+ sock_ioctl+0x47e/0x680 net/socket.c:1015
+ vfs_ioctl fs/ioctl.c:46 [inline]
+ file_ioctl fs/ioctl.c:500 [inline]
+ do_vfs_ioctl+0x1cf/0x1650 fs/ioctl.c:684
+ ksys_ioctl+0xa9/0xd0 fs/ioctl.c:701
+ SYSC_ioctl fs/ioctl.c:708 [inline]
+ SyS_ioctl+0x24/0x30 fs/ioctl.c:706
+ do_syscall_64+0x29e/0x9d0 arch/x86/entry/common.c:287
+ entry_SYSCALL_64_after_hwframe+0x42/0xb7
+
+Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
+Signed-off-by: Eric Dumazet <eduma...@google.com>
+Reported-by: syzbot <syzkal...@googlegroups.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ net/ipv6/sit.c | 8 +++++---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/net/ipv6/sit.c b/net/ipv6/sit.c
+index 0195598f7bb5..e85791854c87 100644
+--- a/net/ipv6/sit.c
++++ b/net/ipv6/sit.c
+@@ -250,11 +250,13 @@ static struct ip_tunnel *ipip6_tunnel_locate(struct net 
*net,
+       if (!create)
+               goto failed;
+ 
+-      if (parms->name[0])
++      if (parms->name[0]) {
++              if (!dev_valid_name(parms->name))
++                      goto failed;
+               strlcpy(name, parms->name, IFNAMSIZ);
+-      else
++      } else {
+               strcpy(name, "sit%d");
+-
++      }
+       dev = alloc_netdev(sizeof(*t), name, NET_NAME_UNKNOWN,
+                          ipip6_tunnel_setup);
+       if (!dev)
+-- 
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/patches.kernel.org/4.16.2-014-ip6_gre-better-validate-user-provided-tunnel-n.patch
 
new/patches.kernel.org/4.16.2-014-ip6_gre-better-validate-user-provided-tunnel-n.patch
--- 
old/patches.kernel.org/4.16.2-014-ip6_gre-better-validate-user-provided-tunnel-n.patch
      1970-01-01 01:00:00.000000000 +0100
+++ 
new/patches.kernel.org/4.16.2-014-ip6_gre-better-validate-user-provided-tunnel-n.patch
      2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,78 @@
+From: Eric Dumazet <eduma...@google.com>
+Date: Thu, 5 Apr 2018 06:39:29 -0700
+Subject: [PATCH] ip6_gre: better validate user provided tunnel names
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: 5f42df013b8bc1b6511af7a04bf93b014884ae2a
+
+[ Upstream commit 5f42df013b8bc1b6511af7a04bf93b014884ae2a ]
+
+Use dev_valid_name() to make sure user does not provide illegal
+device name.
+
+syzbot caught the following bug :
+
+BUG: KASAN: stack-out-of-bounds in strlcpy include/linux/string.h:300 [inline]
+BUG: KASAN: stack-out-of-bounds in ip6gre_tunnel_locate+0x334/0x860 
net/ipv6/ip6_gre.c:339
+Write of size 20 at addr ffff8801afb9f7b8 by task syzkaller851048/4466
+
+CPU: 1 PID: 4466 Comm: syzkaller851048 Not tainted 4.16.0+ #1
+Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 
01/01/2011
+Call Trace:
+ __dump_stack lib/dump_stack.c:17 [inline]
+ dump_stack+0x1b9/0x29f lib/dump_stack.c:53
+ print_address_description+0x6c/0x20b mm/kasan/report.c:256
+ kasan_report_error mm/kasan/report.c:354 [inline]
+ kasan_report.cold.7+0xac/0x2f5 mm/kasan/report.c:412
+ check_memory_region_inline mm/kasan/kasan.c:260 [inline]
+ check_memory_region+0x13e/0x1b0 mm/kasan/kasan.c:267
+ memcpy+0x37/0x50 mm/kasan/kasan.c:303
+ strlcpy include/linux/string.h:300 [inline]
+ ip6gre_tunnel_locate+0x334/0x860 net/ipv6/ip6_gre.c:339
+ ip6gre_tunnel_ioctl+0x69d/0x12e0 net/ipv6/ip6_gre.c:1195
+ dev_ifsioc+0x43e/0xb90 net/core/dev_ioctl.c:334
+ dev_ioctl+0x69a/0xcc0 net/core/dev_ioctl.c:525
+ sock_ioctl+0x47e/0x680 net/socket.c:1015
+ vfs_ioctl fs/ioctl.c:46 [inline]
+ file_ioctl fs/ioctl.c:500 [inline]
+ do_vfs_ioctl+0x1cf/0x1650 fs/ioctl.c:684
+ ksys_ioctl+0xa9/0xd0 fs/ioctl.c:701
+ SYSC_ioctl fs/ioctl.c:708 [inline]
+ SyS_ioctl+0x24/0x30 fs/ioctl.c:706
+ do_syscall_64+0x29e/0x9d0 arch/x86/entry/common.c:287
+ entry_SYSCALL_64_after_hwframe+0x42/0xb7
+
+Fixes: c12b395a4664 ("gre: Support GRE over IPv6")
+Signed-off-by: Eric Dumazet <eduma...@google.com>
+Reported-by: syzbot <syzkal...@googlegroups.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ net/ipv6/ip6_gre.c | 8 +++++---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/net/ipv6/ip6_gre.c b/net/ipv6/ip6_gre.c
+index 1bbd0930063e..197fcae855ca 100644
+--- a/net/ipv6/ip6_gre.c
++++ b/net/ipv6/ip6_gre.c
+@@ -335,11 +335,13 @@ static struct ip6_tnl *ip6gre_tunnel_locate(struct net 
*net,
+       if (t || !create)
+               return t;
+ 
+-      if (parms->name[0])
++      if (parms->name[0]) {
++              if (!dev_valid_name(parms->name))
++                      return NULL;
+               strlcpy(name, parms->name, IFNAMSIZ);
+-      else
++      } else {
+               strcpy(name, "ip6gre%d");
+-
++      }
+       dev = alloc_netdev(sizeof(*t), name, NET_NAME_UNKNOWN,
+                          ip6gre_tunnel_setup);
+       if (!dev)
+-- 
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/patches.kernel.org/4.16.2-015-ip6_tunnel-better-validate-user-provided-tunne.patch
 
new/patches.kernel.org/4.16.2-015-ip6_tunnel-better-validate-user-provided-tunne.patch
--- 
old/patches.kernel.org/4.16.2-015-ip6_tunnel-better-validate-user-provided-tunne.patch
      1970-01-01 01:00:00.000000000 +0100
+++ 
new/patches.kernel.org/4.16.2-015-ip6_tunnel-better-validate-user-provided-tunne.patch
      2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,49 @@
+From: Eric Dumazet <eduma...@google.com>
+Date: Thu, 5 Apr 2018 06:39:30 -0700
+Subject: [PATCH] ip6_tunnel: better validate user provided tunnel names
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: db7a65e3ab78e5b1c4b17c0870ebee35a4ee3257
+
+[ Upstream commit db7a65e3ab78e5b1c4b17c0870ebee35a4ee3257 ]
+
+Use valid_name() to make sure user does not provide illegal
+device name.
+
+Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
+Signed-off-by: Eric Dumazet <eduma...@google.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ net/ipv6/ip6_tunnel.c | 11 +++++++----
+ 1 file changed, 7 insertions(+), 4 deletions(-)
+
+diff --git a/net/ipv6/ip6_tunnel.c b/net/ipv6/ip6_tunnel.c
+index 6e0f21eed88a..179313b0926c 100644
+--- a/net/ipv6/ip6_tunnel.c
++++ b/net/ipv6/ip6_tunnel.c
+@@ -297,13 +297,16 @@ static struct ip6_tnl *ip6_tnl_create(struct net *net, 
struct __ip6_tnl_parm *p)
+       struct net_device *dev;
+       struct ip6_tnl *t;
+       char name[IFNAMSIZ];
+-      int err = -ENOMEM;
++      int err = -E2BIG;
+ 
+-      if (p->name[0])
++      if (p->name[0]) {
++              if (!dev_valid_name(p->name))
++                      goto failed;
+               strlcpy(name, p->name, IFNAMSIZ);
+-      else
++      } else {
+               sprintf(name, "ip6tnl%%d");
+-
++      }
++      err = -ENOMEM;
+       dev = alloc_netdev(sizeof(*t), name, NET_NAME_UNKNOWN,
+                          ip6_tnl_dev_setup);
+       if (!dev)
+-- 
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/patches.kernel.org/4.16.2-016-vti6-better-validate-user-provided-tunnel-name.patch
 
new/patches.kernel.org/4.16.2-016-vti6-better-validate-user-provided-tunnel-name.patch
--- 
old/patches.kernel.org/4.16.2-016-vti6-better-validate-user-provided-tunnel-name.patch
      1970-01-01 01:00:00.000000000 +0100
+++ 
new/patches.kernel.org/4.16.2-016-vti6-better-validate-user-provided-tunnel-name.patch
      2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,45 @@
+From: Eric Dumazet <eduma...@google.com>
+Date: Thu, 5 Apr 2018 06:39:31 -0700
+Subject: [PATCH] vti6: better validate user provided tunnel names
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: 537b361fbcbcc3cd6fe2bb47069fd292b9256d16
+
+[ Upstream commit 537b361fbcbcc3cd6fe2bb47069fd292b9256d16 ]
+
+Use valid_name() to make sure user does not provide illegal
+device name.
+
+Fixes: ed1efb2aefbb ("ipv6: Add support for IPsec virtual tunnel interfaces")
+Signed-off-by: Eric Dumazet <eduma...@google.com>
+Cc: Steffen Klassert <steffen.klass...@secunet.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ net/ipv6/ip6_vti.c | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/net/ipv6/ip6_vti.c b/net/ipv6/ip6_vti.c
+index ce18cd20389d..3726dc797847 100644
+--- a/net/ipv6/ip6_vti.c
++++ b/net/ipv6/ip6_vti.c
+@@ -212,10 +212,13 @@ static struct ip6_tnl *vti6_tnl_create(struct net *net, 
struct __ip6_tnl_parm *p
+       char name[IFNAMSIZ];
+       int err;
+ 
+-      if (p->name[0])
++      if (p->name[0]) {
++              if (!dev_valid_name(p->name))
++                      goto failed;
+               strlcpy(name, p->name, IFNAMSIZ);
+-      else
++      } else {
+               sprintf(name, "ip6_vti%%d");
++      }
+ 
+       dev = alloc_netdev(sizeof(*t), name, NET_NAME_UNKNOWN, vti6_dev_setup);
+       if (!dev)
+-- 
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/patches.kernel.org/4.16.2-017-net_sched-fix-a-missing-idr_remove-in-u32_dele.patch
 
new/patches.kernel.org/4.16.2-017-net_sched-fix-a-missing-idr_remove-in-u32_dele.patch
--- 
old/patches.kernel.org/4.16.2-017-net_sched-fix-a-missing-idr_remove-in-u32_dele.patch
      1970-01-01 01:00:00.000000000 +0100
+++ 
new/patches.kernel.org/4.16.2-017-net_sched-fix-a-missing-idr_remove-in-u32_dele.patch
      2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,38 @@
+From: Cong Wang <xiyou.wangc...@gmail.com>
+Date: Fri, 6 Apr 2018 17:19:41 -0700
+Subject: [PATCH] net_sched: fix a missing idr_remove() in u32_delete_key()
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: f12c643209db0626f2f54780d86bb93bfa7a9c2d
+
+[ Upstream commit f12c643209db0626f2f54780d86bb93bfa7a9c2d ]
+
+When we delete a u32 key via u32_delete_key(), we forget to
+call idr_remove() to remove its handle from IDR.
+
+Fixes: e7614370d6f0 ("net_sched: use idr to allocate u32 filter handles")
+Reported-by: Marcin Kabiesz <ad...@hostcenter.eu>
+Tested-by: Marcin Kabiesz <ad...@hostcenter.eu>
+Signed-off-by: Cong Wang <xiyou.wangc...@gmail.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ net/sched/cls_u32.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/net/sched/cls_u32.c b/net/sched/cls_u32.c
+index ed8b6a24b9e9..bac47b5d18fd 100644
+--- a/net/sched/cls_u32.c
++++ b/net/sched/cls_u32.c
+@@ -489,6 +489,7 @@ static int u32_delete_key(struct tcf_proto *tp, struct 
tc_u_knode *key)
+                               RCU_INIT_POINTER(*kp, key->next);
+ 
+                               tcf_unbind_filter(tp, &key->res);
++                              idr_remove(&ht->handle_idr, key->handle);
+                               tcf_exts_get_net(&key->exts);
+                               call_rcu(&key->rcu, u32_delete_key_freepf_rcu);
+                               return 0;
+-- 
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/patches.kernel.org/4.16.2-018-nfp-use-full-40-bits-of-the-NSP-buffer-address.patch
 
new/patches.kernel.org/4.16.2-018-nfp-use-full-40-bits-of-the-NSP-buffer-address.patch
--- 
old/patches.kernel.org/4.16.2-018-nfp-use-full-40-bits-of-the-NSP-buffer-address.patch
      1970-01-01 01:00:00.000000000 +0100
+++ 
new/patches.kernel.org/4.16.2-018-nfp-use-full-40-bits-of-the-NSP-buffer-address.patch
      2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,67 @@
+From: Dirk van der Merwe <dirk.vanderme...@netronome.com>
+Date: Tue, 3 Apr 2018 17:24:23 -0700
+Subject: [PATCH] nfp: use full 40 bits of the NSP buffer address
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: 1489bbd10e16079ce30a53d3c22a431fd47af791
+
+[ Upstream commit 1489bbd10e16079ce30a53d3c22a431fd47af791 ]
+
+The NSP default buffer is a piece of NFP memory where additional
+command data can be placed.  Its format has been copied from
+host buffer, but the PCIe selection bits do not make sense in
+this case.  If those get masked out from a NFP address - writes
+to random place in the chip memory may be issued and crash the
+device.
+
+Even in the general NSP buffer case, it doesn't make sense to have the
+PCIe selection bits there anymore. These are unused at the moment, and
+when it becomes necessary, the PCIe selection bits should rather be
+moved to another register to utilise more bits for the buffer address.
+
+This has never been an issue because the buffer used to be
+allocated in memory with less-than-38-bit-long address but that
+is about to change.
+
+Fixes: 1a64821c6af7 ("nfp: add support for service processor access")
+Signed-off-by: Dirk van der Merwe <dirk.vanderme...@netronome.com>
+Reviewed-by: Jakub Kicinski <jakub.kicin...@netronome.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ drivers/net/ethernet/netronome/nfp/nfpcore/nfp_nsp.c | 9 +++++----
+ 1 file changed, 5 insertions(+), 4 deletions(-)
+
+diff --git a/drivers/net/ethernet/netronome/nfp/nfpcore/nfp_nsp.c 
b/drivers/net/ethernet/netronome/nfp/nfpcore/nfp_nsp.c
+index 39abac678b71..99bb679a9801 100644
+--- a/drivers/net/ethernet/netronome/nfp/nfpcore/nfp_nsp.c
++++ b/drivers/net/ethernet/netronome/nfp/nfpcore/nfp_nsp.c
+@@ -71,10 +71,11 @@
+ /* CPP address to retrieve the data from */
+ #define NSP_BUFFER            0x10
+ #define   NSP_BUFFER_CPP      GENMASK_ULL(63, 40)
+-#define   NSP_BUFFER_PCIE     GENMASK_ULL(39, 38)
+-#define   NSP_BUFFER_ADDRESS  GENMASK_ULL(37, 0)
++#define   NSP_BUFFER_ADDRESS  GENMASK_ULL(39, 0)
+ 
+ #define NSP_DFLT_BUFFER               0x18
++#define   NSP_DFLT_BUFFER_CPP GENMASK_ULL(63, 40)
++#define   NSP_DFLT_BUFFER_ADDRESS     GENMASK_ULL(39, 0)
+ 
+ #define NSP_DFLT_BUFFER_CONFIG        0x20
+ #define   NSP_DFLT_BUFFER_SIZE_MB     GENMASK_ULL(7, 0)
+@@ -427,8 +428,8 @@ __nfp_nsp_command_buf(struct nfp_nsp *nsp, u16 code, u32 
option,
+       if (err < 0)
+               return err;
+ 
+-      cpp_id = FIELD_GET(NSP_BUFFER_CPP, reg) << 8;
+-      cpp_buf = FIELD_GET(NSP_BUFFER_ADDRESS, reg);
++      cpp_id = FIELD_GET(NSP_DFLT_BUFFER_CPP, reg) << 8;
++      cpp_buf = FIELD_GET(NSP_DFLT_BUFFER_ADDRESS, reg);
+ 
+       if (in_buf && in_size) {
+               err = nfp_cpp_write(cpp, cpp_id, cpp_buf, in_buf, in_size);
+-- 
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/patches.kernel.org/4.16.2-019-Linux-4.16.2.patch 
new/patches.kernel.org/4.16.2-019-Linux-4.16.2.patch
--- old/patches.kernel.org/4.16.2-019-Linux-4.16.2.patch        1970-01-01 
01:00:00.000000000 +0100
+++ new/patches.kernel.org/4.16.2-019-Linux-4.16.2.patch        2018-04-12 
14:50:53.000000000 +0200
@@ -0,0 +1,28 @@
+From: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Date: Thu, 12 Apr 2018 12:30:01 +0200
+Subject: [PATCH] Linux 4.16.2
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: 216f33936eaa006a8b4f5bb992592e34f6432fc2
+
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ Makefile | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/Makefile b/Makefile
+index 1773c718074e..f0040b05df30 100644
+--- a/Makefile
++++ b/Makefile
+@@ -1,7 +1,7 @@
+ # SPDX-License-Identifier: GPL-2.0
+ VERSION = 4
+ PATCHLEVEL = 16
+-SUBLEVEL = 1
++SUBLEVEL = 2
+ EXTRAVERSION =
+ NAME = Fearless Coyote
+ 
+-- 
+2.16.3
+

++++++ patches.suse.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/patches.suse/apparmor-check-all-net-profiles.patch 
new/patches.suse/apparmor-check-all-net-profiles.patch
--- old/patches.suse/apparmor-check-all-net-profiles.patch      1970-01-01 
01:00:00.000000000 +0100
+++ new/patches.suse/apparmor-check-all-net-profiles.patch      2018-04-12 
12:43:52.000000000 +0200
@@ -0,0 +1,97 @@
+From: Goldwyn Rodrigues <rgold...@suse.com>
+Subject: [PATCH] Check all profiles attached to the label
+Patch-mainline: Never, depends on apparmor-basic-networking-rules
+References: bsc#1085996
+
+This one fixes patches.suse/0001-AppArmor-basic-networking-rules.patch
+
+While porting apparmor net patch to the newer kernel, I missed on
+iterating over the profiles attached to the labels and used
+labels_profile(). This missed checking the rest of the profiles attached
+to the label.
+
+While we are at it, use wrapper function begin_current_label_crit_section()
+as opposed to the __begin_current_label_crit_section().
+
+Signed-off-by: Goldwyn Rodrigues <rgold...@suse.com>
+
+diff --git a/security/apparmor/include/net.h b/security/apparmor/include/net.h
+index 6710a5369380..580232f20047 100644
+--- a/security/apparmor/include/net.h
++++ b/security/apparmor/include/net.h
+@@ -32,7 +32,7 @@ struct aa_net {
+ 
+ extern struct aa_sfs_entry aa_sfs_entry_network[];
+ 
+-int aa_net_perm(const char *op, struct aa_profile *profile, u16 family,
++int aa_label_net_perm(struct aa_label *label, const char *op, u16 family,
+                      int type, int protocol, struct sock *sk);
+ int aa_revalidate_sk(const char *op, struct sock *sk);
+ 
+diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
+index e62b06241476..0007fb2eed29 100644
+--- a/security/apparmor/lsm.c
++++ b/security/apparmor/lsm.c
+@@ -745,11 +745,11 @@ static int apparmor_socket_create(int family, int type, 
int protocol, int kern)
+       if (kern)
+               return 0;
+ 
+-      label = __begin_current_label_crit_section();
++      label = begin_current_label_crit_section();
+       if (!unconfined(label))
+-              error = aa_net_perm(OP_CREATE, labels_profile(label),
++              error = aa_label_net_perm(label, OP_CREATE,
+                               family, type, protocol, NULL);
+-      __end_current_label_crit_section(label);
++      end_current_label_crit_section(label);
+       return error;
+ }
+ 
+diff --git a/security/apparmor/net.c b/security/apparmor/net.c
+index 48e66a61b9c6..95d6e3b9c71d 100644
+--- a/security/apparmor/net.c
++++ b/security/apparmor/net.c
+@@ -114,7 +114,7 @@ static int audit_net(struct aa_profile *profile, const 
char *op,
+  *
+  * Returns: %0 else error if permission denied
+  */
+-int aa_net_perm(const char *op, struct aa_profile *profile, u16 family,
++static int aa_net_perm(const char *op, struct aa_profile *profile, u16 family,
+               int type, int protocol, struct sock *sk)
+ {
+       u16 family_mask;
+@@ -137,6 +137,18 @@ int aa_net_perm(const char *op, struct aa_profile 
*profile, u16 family,
+       return audit_net(profile, op, family, type, protocol, sk, error);
+ }
+ 
++int aa_label_net_perm(struct aa_label *label, const char *op, u16 family,
++              int type, int protocol, struct sock *sk)
++{
++      struct aa_profile *profile;
++
++      if (!unconfined(label))
++              return 0;
++
++      return fn_for_each_confined(label, profile,
++                      aa_net_perm(op, profile, family, type, protocol, sk));
++}
++
+ /**
+  * aa_revalidate_sk - Revalidate access to a sock
+  * @op: operation being checked
+@@ -155,11 +167,10 @@ int aa_revalidate_sk(const char *op, struct sock *sk)
+       if (in_interrupt())
+               return 0;
+ 
+-      label = __begin_current_label_crit_section();
+-      if (!unconfined(label))
+-              error = aa_net_perm(op, labels_profile(label), sk->sk_family,
+-                              sk->sk_type, sk->sk_protocol, sk);
+-      __end_current_label_crit_section(label);
++      label = begin_current_label_crit_section();
++      error = aa_label_net_perm(label, op, sk->sk_family, sk->sk_type,
++                      sk->sk_protocol, sk);
++      end_current_label_crit_section(label);
+ 
+       return error;
+ }
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/patches.suse/media-v4l2-core-fix-size-of-devnode_nums-bitarray.patch 
new/patches.suse/media-v4l2-core-fix-size-of-devnode_nums-bitarray.patch
--- old/patches.suse/media-v4l2-core-fix-size-of-devnode_nums-bitarray.patch    
1970-01-01 01:00:00.000000000 +0100
+++ new/patches.suse/media-v4l2-core-fix-size-of-devnode_nums-bitarray.patch    
2018-04-12 12:43:52.000000000 +0200
@@ -0,0 +1,261 @@
+From a95845ba184b854106972f5d8f50354c2d272c06 Mon Sep 17 00:00:00 2001
+From: Mauro Carvalho Chehab <mche...@s-opensource.com>
+Date: Thu, 5 Apr 2018 06:51:15 -0300
+Subject: [PATCH] media: v4l2-core: fix size of devnode_nums[] bitarray
+Mime-version: 1.0
+Content-type: text/plain; charset=UTF-8
+Content-transfer-encoding: 8bit
+Git-commit: a95845ba184b854106972f5d8f50354c2d272c06
+Git-repo: git://linuxtv.org/mchehab/media-next.git
+Patch-mainline: Queued in subsystem maintainer repo
+References: bsc#1088640
+
+The size of devnode_nums[] bit array is too short to store information
+for VFL_TYPE_TOUCH. That causes it to override other memory regions.
+
+Thankfully, on recent reports, it is overriding video_device[] array,
+trigging a WARN_ON(). Yet, it just warns about the problem, but let
+the code excecuting, with generates an OOPS:
+
+[   43.177394] WARNING: CPU: 1 PID: 711 at 
drivers/media/v4l2-core/v4l2-dev.c:945 __video_register_device+0xc99/0x1090 
[videodev]
+[   43.177396] Modules linked in: hid_sensor_custom hid_sensor_als 
hid_sensor_incl_3d hid_sensor_rotation hid_sensor_magn_3d hid_sensor_accel_3d 
hid_sensor_gyro_3d hid_sensor_trigger industrialio_triggered_buffer kfifo_buf 
joydev hid_sensor_iio_common hid_rmi(+) rmi_core industrialio videobuf2_vmalloc 
videobuf2_memops videobuf2_v4l2 videobuf2_common videodev hid_multitouch media 
hid_sensor_hub binfmt_misc nls_iso8859_1 snd_hda_codec_hdmi arc4 snd_soc_skl 
snd_soc_skl_ipc snd_hda_ext_core snd_soc_sst_dsp snd_soc_sst_ipc 
snd_hda_codec_realtek snd_soc_acpi snd_hda_codec_generic snd_soc_core 
snd_compress ac97_bus snd_pcm_dmaengine snd_hda_intel snd_hda_codec intel_rapl 
snd_hda_core x86_pkg_temp_thermal snd_hwdep intel_powerclamp coretemp snd_pcm 
kvm_intel snd_seq_midi snd_seq_midi_event snd_rawmidi crct10dif_pclmul
+[   43.177426]  crc32_pclmul ghash_clmulni_intel iwlmvm pcbc mac80211 snd_seq 
aesni_intel iwlwifi aes_x86_64 snd_seq_device crypto_simd glue_helper cryptd 
snd_timer intel_cstate intel_rapl_perf input_leds serio_raw 
intel_wmi_thunderbolt snd wmi_bmof cfg80211 soundcore ideapad_laptop 
sparse_keymap idma64 virt_dma tpm_crb acpi_pad int3400_thermal acpi_thermal_rel 
intel_pch_thermal processor_thermal_device mac_hid int340x_thermal_zone mei_me 
intel_soc_dts_iosf mei intel_lpss_pci shpchp intel_lpss sch_fq_codel vfio_pci 
nfsd vfio_virqfd parport_pc ppdev auth_rpcgss nfs_acl lockd grace lp parport 
sunrpc ip_tables x_tables autofs4 hid_logitech_hidpp hid_logitech_dj 
hid_generic usbhid kvmgt vfio_mdev mdev vfio_iommu_type1 vfio kvm irqbypass 
i915 i2c_algo_bit drm_kms_helper syscopyarea sdhci_pci sysfillrect
+[   43.177466]  sysimgblt cqhci fb_sys_fops sdhci drm i2c_hid wmi hid video 
pinctrl_sunrisepoint pinctrl_intel
+[   43.177474] CPU: 1 PID: 711 Comm: systemd-udevd Not tainted 4.16.0 #1
+[   43.177475] Hardware name: LENOVO 80UE/VIUU4, BIOS 2UCN10T 10/14/2016
+[   43.177481] RIP: 0010:__video_register_device+0xc99/0x1090 [videodev]
+[   43.177482] RSP: 0000:ffffa5c5c231b420 EFLAGS: 00010202
+[   43.177484] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 
0000000000000000
+[   43.177485] RDX: ffffffffc0c44cc0 RSI: ffffffffffffffff RDI: 
ffffffffc0c44cc0
+[   43.177486] RBP: ffffa5c5c231b478 R08: ffffffffc0c96900 R09: 
ffff8eda1a51f018
+[   43.177487] R10: 0000000000000600 R11: 00000000000003b6 R12: 
0000000000000000
+[   43.177488] R13: 0000000000000005 R14: ffffffffc0c96900 R15: 
ffff8eda1d6d91c0
+[   43.177489] FS:  00007fd2d8ef2480(0000) GS:ffff8eda33480000(0000) 
knlGS:0000000000000000
+[   43.177490] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
+[   43.177491] CR2: 00007ffe0a6ad01c CR3: 0000000456ae2004 CR4: 
00000000003606e0
+[   43.177492] Call Trace:
+[   43.177498]  ? devres_add+0x5f/0x70
+[   43.177502]  rmi_f54_probe+0x437/0x470 [rmi_core]
+[   43.177505]  rmi_function_probe+0x25/0x30 [rmi_core]
+[   43.177507]  driver_probe_device+0x310/0x480
+[   43.177509]  __device_attach_driver+0x86/0x100
+[   43.177511]  ? __driver_attach+0xf0/0xf0
+[   43.177512]  bus_for_each_drv+0x6b/0xb0
+[   43.177514]  __device_attach+0xdd/0x160
+[   43.177516]  device_initial_probe+0x13/0x20
+[   43.177518]  bus_probe_device+0x95/0xa0
+[   43.177519]  device_add+0x44b/0x680
+[   43.177522]  rmi_register_function+0x62/0xd0 [rmi_core]
+[   43.177525]  rmi_create_function+0x112/0x1a0 [rmi_core]
+[   43.177527]  ? rmi_driver_clear_irq_bits+0xc0/0xc0 [rmi_core]
+[   43.177530]  rmi_scan_pdt+0xca/0x1a0 [rmi_core]
+[   43.177535]  rmi_init_functions+0x5b/0x120 [rmi_core]
+[   43.177537]  rmi_driver_probe+0x152/0x3c0 [rmi_core]
+[   43.177547]  ? sysfs_create_link+0x25/0x40
+[   43.177549]  driver_probe_device+0x310/0x480
+[   43.177551]  __device_attach_driver+0x86/0x100
+[   43.177553]  ? __driver_attach+0xf0/0xf0
+[   43.177554]  bus_for_each_drv+0x6b/0xb0
+[   43.177556]  __device_attach+0xdd/0x160
+[   43.177558]  device_initial_probe+0x13/0x20
+[   43.177560]  bus_probe_device+0x95/0xa0
+[   43.177561]  device_add+0x44b/0x680
+[   43.177564]  rmi_register_transport_device+0x84/0x100 [rmi_core]
+[   43.177568]  rmi_input_configured+0xbf/0x1a0 [hid_rmi]
+[   43.177571]  ? input_allocate_device+0xdf/0xf0
+[   43.177574]  hidinput_connect+0x4a9/0x37a0 [hid]
+[   43.177578]  hid_connect+0x326/0x3d0 [hid]
+[   43.177581]  hid_hw_start+0x42/0x70 [hid]
+[   43.177583]  rmi_probe+0x115/0x510 [hid_rmi]
+[   43.177586]  hid_device_probe+0xd3/0x150 [hid]
+[   43.177588]  ? sysfs_create_link+0x25/0x40
+[   43.177590]  driver_probe_device+0x310/0x480
+[   43.177592]  __driver_attach+0xbf/0xf0
+[   43.177593]  ? driver_probe_device+0x480/0x480
+[   43.177595]  bus_for_each_dev+0x74/0xb0
+[   43.177597]  ? kmem_cache_alloc_trace+0x1a6/0x1c0
+[   43.177599]  driver_attach+0x1e/0x20
+[   43.177600]  bus_add_driver+0x167/0x260
+[   43.177602]  ? 0xffffffffc0cbc000
+[   43.177604]  driver_register+0x60/0xe0
+[   43.177605]  ? 0xffffffffc0cbc000
+[   43.177607]  __hid_register_driver+0x63/0x70 [hid]
+[   43.177610]  rmi_driver_init+0x23/0x1000 [hid_rmi]
+[   43.177612]  do_one_initcall+0x52/0x191
+[   43.177615]  ? _cond_resched+0x19/0x40
+[   43.177617]  ? kmem_cache_alloc_trace+0xa2/0x1c0
+[   43.177619]  ? do_init_module+0x27/0x209
+[   43.177621]  do_init_module+0x5f/0x209
+[   43.177623]  load_module+0x1987/0x1f10
+[   43.177626]  ? ima_post_read_file+0x96/0xa0
+[   43.177629]  SYSC_finit_module+0xfc/0x120
+[   43.177630]  ? SYSC_finit_module+0xfc/0x120
+[   43.177632]  SyS_finit_module+0xe/0x10
+[   43.177634]  do_syscall_64+0x73/0x130
+[   43.177637]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
+[   43.177638] RIP: 0033:0x7fd2d880b839
+[   43.177639] RSP: 002b:00007ffe0a6b2368 EFLAGS: 00000246 ORIG_RAX: 
0000000000000139
+[   43.177641] RAX: ffffffffffffffda RBX: 000055cdd86542e0 RCX: 
00007fd2d880b839
+[   43.177641] RDX: 0000000000000000 RSI: 00007fd2d84ea0e5 RDI: 
0000000000000016
+[   43.177642] RBP: 00007fd2d84ea0e5 R08: 0000000000000000 R09: 
00007ffe0a6b2480
+[   43.177643] R10: 0000000000000016 R11: 0000000000000246 R12: 
0000000000000000
+[   43.177644] R13: 000055cdd8688930 R14: 0000000000020000 R15: 
000055cdd86542e0
+[   43.177645] Code: 48 c7 c7 54 b4 c3 c0 e8 96 9d ec dd e9 d4 fb ff ff 0f 0b 
41 be ea ff ff ff e9 c7 fb ff ff 0f 0b 41 be ea ff ff ff e9 ba fb ff ff <0f> 0b 
e9 d8 f4 ff ff 83 fa 01 0f 84 c4 02 00 00 48 83 78 68 00
+[   43.177675] ---[ end trace d44d9bc41477c2dd ]---
+[   43.177679] BUG: unable to handle kernel NULL pointer dereference at 
0000000000000499
+[   43.177723] IP: __video_register_device+0x1cc/0x1090 [videodev]
+[   43.177749] PGD 0 P4D 0
+[   43.177764] Oops: 0000 [#1] SMP PTI
+[   43.177780] Modules linked in: hid_sensor_custom hid_sensor_als 
hid_sensor_incl_3d hid_sensor_rotation hid_sensor_magn_3d hid_sensor_accel_3d 
hid_sensor_gyro_3d hid_sensor_trigger industrialio_triggered_buffer kfifo_buf 
joydev hid_sensor_iio_common hid_rmi(+) rmi_core industrialio videobuf2_vmalloc 
videobuf2_memops videobuf2_v4l2 videobuf2_common videodev hid_multitouch media 
hid_sensor_hub binfmt_misc nls_iso8859_1 snd_hda_codec_hdmi arc4 snd_soc_skl 
snd_soc_skl_ipc snd_hda_ext_core snd_soc_sst_dsp snd_soc_sst_ipc 
snd_hda_codec_realtek snd_soc_acpi snd_hda_codec_generic snd_soc_core 
snd_compress ac97_bus snd_pcm_dmaengine snd_hda_intel snd_hda_codec intel_rapl 
snd_hda_core x86_pkg_temp_thermal snd_hwdep intel_powerclamp coretemp snd_pcm 
kvm_intel snd_seq_midi snd_seq_midi_event snd_rawmidi crct10dif_pclmul
+[   43.178055]  crc32_pclmul ghash_clmulni_intel iwlmvm pcbc mac80211 snd_seq 
aesni_intel iwlwifi aes_x86_64 snd_seq_device crypto_simd glue_helper cryptd 
snd_timer intel_cstate intel_rapl_perf input_leds serio_raw 
intel_wmi_thunderbolt snd wmi_bmof cfg80211 soundcore ideapad_laptop 
sparse_keymap idma64 virt_dma tpm_crb acpi_pad int3400_thermal acpi_thermal_rel 
intel_pch_thermal processor_thermal_device mac_hid int340x_thermal_zone mei_me 
intel_soc_dts_iosf mei intel_lpss_pci shpchp intel_lpss sch_fq_codel vfio_pci 
nfsd vfio_virqfd parport_pc ppdev auth_rpcgss nfs_acl lockd grace lp parport 
sunrpc ip_tables x_tables autofs4 hid_logitech_hidpp hid_logitech_dj 
hid_generic usbhid kvmgt vfio_mdev mdev vfio_iommu_type1 vfio kvm irqbypass 
i915 i2c_algo_bit drm_kms_helper syscopyarea sdhci_pci sysfillrect
+[   43.178337]  sysimgblt cqhci fb_sys_fops sdhci drm i2c_hid wmi hid video 
pinctrl_sunrisepoint pinctrl_intel
+[   43.178380] CPU: 1 PID: 711 Comm: systemd-udevd Tainted: G        W        
4.16.0 #1
+[   43.178411] Hardware name: LENOVO 80UE/VIUU4, BIOS 2UCN10T 10/14/2016
+[   43.178441] RIP: 0010:__video_register_device+0x1cc/0x1090 [videodev]
+[   43.178467] RSP: 0000:ffffa5c5c231b420 EFLAGS: 00010202
+[   43.178490] RAX: ffffffffc0c44cc0 RBX: 0000000000000005 RCX: 
ffffffffc0c454c0
+[   43.178519] RDX: 0000000000000001 RSI: ffff8eda1d6d9118 RDI: 
ffffffffc0c44cc0
+[   43.178549] RBP: ffffa5c5c231b478 R08: ffffffffc0c96900 R09: 
ffff8eda1a51f018
+[   43.178579] R10: 0000000000000600 R11: 00000000000003b6 R12: 
0000000000000000
+[   43.178608] R13: 0000000000000005 R14: ffffffffc0c96900 R15: 
ffff8eda1d6d91c0
+[   43.178636] FS:  00007fd2d8ef2480(0000) GS:ffff8eda33480000(0000) 
knlGS:0000000000000000
+[   43.178669] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
+[   43.178693] CR2: 0000000000000499 CR3: 0000000456ae2004 CR4: 
00000000003606e0
+[   43.178721] Call Trace:
+[   43.178736]  ? devres_add+0x5f/0x70
+[   43.178755]  rmi_f54_probe+0x437/0x470 [rmi_core]
+[   43.178779]  rmi_function_probe+0x25/0x30 [rmi_core]
+[   43.178805]  driver_probe_device+0x310/0x480
+[   43.178828]  __device_attach_driver+0x86/0x100
+[   43.178851]  ? __driver_attach+0xf0/0xf0
+[   43.178884]  bus_for_each_drv+0x6b/0xb0
+[   43.178904]  __device_attach+0xdd/0x160
+[   43.178925]  device_initial_probe+0x13/0x20
+[   43.178948]  bus_probe_device+0x95/0xa0
+[   43.178968]  device_add+0x44b/0x680
+[   43.178987]  rmi_register_function+0x62/0xd0 [rmi_core]
+[   43.181747]  rmi_create_function+0x112/0x1a0 [rmi_core]
+[   43.184677]  ? rmi_driver_clear_irq_bits+0xc0/0xc0 [rmi_core]
+[   43.187505]  rmi_scan_pdt+0xca/0x1a0 [rmi_core]
+[   43.190171]  rmi_init_functions+0x5b/0x120 [rmi_core]
+[   43.192809]  rmi_driver_probe+0x152/0x3c0 [rmi_core]
+[   43.195403]  ? sysfs_create_link+0x25/0x40
+[   43.198253]  driver_probe_device+0x310/0x480
+[   43.201083]  __device_attach_driver+0x86/0x100
+[   43.203800]  ? __driver_attach+0xf0/0xf0
+[   43.206503]  bus_for_each_drv+0x6b/0xb0
+[   43.209291]  __device_attach+0xdd/0x160
+[   43.212207]  device_initial_probe+0x13/0x20
+[   43.215146]  bus_probe_device+0x95/0xa0
+[   43.217885]  device_add+0x44b/0x680
+[   43.220597]  rmi_register_transport_device+0x84/0x100 [rmi_core]
+[   43.223321]  rmi_input_configured+0xbf/0x1a0 [hid_rmi]
+[   43.226051]  ? input_allocate_device+0xdf/0xf0
+[   43.228814]  hidinput_connect+0x4a9/0x37a0 [hid]
+[   43.231701]  hid_connect+0x326/0x3d0 [hid]
+[   43.234548]  hid_hw_start+0x42/0x70 [hid]
+[   43.237302]  rmi_probe+0x115/0x510 [hid_rmi]
+[   43.239862]  hid_device_probe+0xd3/0x150 [hid]
+[   43.242558]  ? sysfs_create_link+0x25/0x40
+[   43.242828] audit: type=1400 audit(1522795151.600:4): apparmor="STATUS" 
operation="profile_load" profile="unconfined" 
name="/snap/core/4206/usr/lib/snapd/snap-confine" pid=1151 
comm="apparmor_parser"
+[   43.244859]  driver_probe_device+0x310/0x480
+[   43.244862]  __driver_attach+0xbf/0xf0
+[   43.246982] audit: type=1400 audit(1522795151.600:5): apparmor="STATUS" 
operation="profile_load" profile="unconfined" 
name="/snap/core/4206/usr/lib/snapd/snap-confine//mount-namespace-capture-helper"
 pid=1151 comm="apparmor_parser"
+[   43.249403]  ? driver_probe_device+0x480/0x480
+[   43.249405]  bus_for_each_dev+0x74/0xb0
+[   43.253200] audit: type=1400 audit(1522795151.600:6): apparmor="STATUS" 
operation="profile_load" profile="unconfined" 
name="/snap/core/4206/usr/lib/snapd/snap-confine//snap_update_ns" pid=1151 
comm="apparmor_parser"
+[   43.254055]  ? kmem_cache_alloc_trace+0x1a6/0x1c0
+[   43.256282] audit: type=1400 audit(1522795151.604:7): apparmor="STATUS" 
operation="profile_load" profile="unconfined" name="/sbin/dhclient" pid=1152 
comm="apparmor_parser"
+[   43.258436]  driver_attach+0x1e/0x20
+[   43.260875] audit: type=1400 audit(1522795151.604:8): apparmor="STATUS" 
operation="profile_load" profile="unconfined" 
name="/usr/lib/NetworkManager/nm-dhcp-client.action" pid=1152 
comm="apparmor_parser"
+[   43.263118]  bus_add_driver+0x167/0x260
+[   43.267676] audit: type=1400 audit(1522795151.604:9): apparmor="STATUS" 
operation="profile_load" profile="unconfined" 
name="/usr/lib/NetworkManager/nm-dhcp-helper" pid=1152 comm="apparmor_parser"
+[   43.268807]  ? 0xffffffffc0cbc000
+[   43.268812]  driver_register+0x60/0xe0
+[   43.271184] audit: type=1400 audit(1522795151.604:10): apparmor="STATUS" 
operation="profile_load" profile="unconfined" 
name="/usr/lib/connman/scripts/dhclient-script" pid=1152 comm="apparmor_parser"
+[   43.274081]  ? 0xffffffffc0cbc000
+[   43.274086]  __hid_register_driver+0x63/0x70 [hid]
+[   43.288367]  rmi_driver_init+0x23/0x1000 [hid_rmi]
+[   43.291501]  do_one_initcall+0x52/0x191
+[   43.292348] audit: type=1400 audit(1522795151.652:11): apparmor="STATUS" 
operation="profile_load" profile="unconfined" name="/usr/bin/man" pid=1242 
comm="apparmor_parser"
+[   43.294212]  ? _cond_resched+0x19/0x40
+[   43.300028]  ? kmem_cache_alloc_trace+0xa2/0x1c0
+[   43.303475]  ? do_init_module+0x27/0x209
+[   43.306842]  do_init_module+0x5f/0x209
+[   43.310269]  load_module+0x1987/0x1f10
+[   43.313704]  ? ima_post_read_file+0x96/0xa0
+[   43.317174]  SYSC_finit_module+0xfc/0x120
+[   43.320754]  ? SYSC_finit_module+0xfc/0x120
+[   43.324065]  SyS_finit_module+0xe/0x10
+[   43.327387]  do_syscall_64+0x73/0x130
+[   43.330909]  entry_SYSCALL_64_after_hwframe+0x3d/0xa2
+[   43.334305] RIP: 0033:0x7fd2d880b839
+[   43.337810] RSP: 002b:00007ffe0a6b2368 EFLAGS: 00000246 ORIG_RAX: 
0000000000000139
+[   43.341259] RAX: ffffffffffffffda RBX: 000055cdd86542e0 RCX: 
00007fd2d880b839
+[   43.344613] RDX: 0000000000000000 RSI: 00007fd2d84ea0e5 RDI: 
0000000000000016
+[   43.347962] RBP: 00007fd2d84ea0e5 R08: 0000000000000000 R09: 
00007ffe0a6b2480
+[   43.351456] R10: 0000000000000016 R11: 0000000000000246 R12: 
0000000000000000
+[   43.354845] R13: 000055cdd8688930 R14: 0000000000020000 R15: 
000055cdd86542e0
+[   43.358224] Code: c7 05 ad 12 02 00 00 00 00 00 48 8d 88 00 08 00 00 eb 09 
48 83 c0 08 48 39 c1 74 31 48 8b 10 48 85 d2 74 ef 49 8b b7 98 04 00 00 <48> 39 
b2 98 04 00 00 75 df 48 63 92 f8 04 00 00 f0 48 0f ab 15
+[   43.361764] RIP: __video_register_device+0x1cc/0x1090 [videodev] RSP: 
ffffa5c5c231b420
+[   43.365281] CR2: 0000000000000499
+
+This patch fixes the array size and changes the WARN_ON() to return an error,
+instead of letting the Kernel to proceed with registering.
+
+Cc: sta...@vger.kernel.org # For Kernel 4.16
+Fixes: 4839c58f034a ("media: v4l2-dev: convert VFL_TYPE_* into an enum")
+Reported-by: Peter Geis <pgwipe...@gmail.com>
+Reported-by: Jaak Ristioja <j...@ristioja.ee>
+Reported-by: MichaƂ Siemek <miha...@gmail.com>
+Reviewed-by: Hans Verkuil <hans.verk...@cisco.com>
+Reviewed-by: Sakari Ailus <sakari.ai...@linux.intel.com>
+Signed-off-by: Mauro Carvalho Chehab <mche...@s-opensource.com>
+Acked-by: Takashi Iwai <ti...@suse.de>
+
+---
+ drivers/media/v4l2-core/v4l2-dev.c |    8 ++++++--
+ include/media/v4l2-dev.h           |   12 ++++++------
+ 2 files changed, 12 insertions(+), 8 deletions(-)
+
+--- a/drivers/media/v4l2-core/v4l2-dev.c
++++ b/drivers/media/v4l2-core/v4l2-dev.c
+@@ -939,10 +939,14 @@ int __video_register_device(struct video
+ #endif
+       vdev->minor = i + minor_offset;
+       vdev->num = nr;
+-      devnode_set(vdev);
+ 
+       /* Should not happen since we thought this minor was free */
+-      WARN_ON(video_device[vdev->minor] != NULL);
++      if (WARN_ON(video_device[vdev->minor])) {
++              mutex_unlock(&videodev_lock);
++              printk(KERN_ERR "video_device not empty!\n");
++              return -ENFILE;
++      }
++      devnode_set(vdev);
+       vdev->index = get_index(vdev);
+       video_device[vdev->minor] = vdev;
+       mutex_unlock(&videodev_lock);
+--- a/include/media/v4l2-dev.h
++++ b/include/media/v4l2-dev.h
+@@ -33,13 +33,13 @@
+  */
+ enum vfl_devnode_type {
+       VFL_TYPE_GRABBER        = 0,
+-      VFL_TYPE_VBI            = 1,
+-      VFL_TYPE_RADIO          = 2,
+-      VFL_TYPE_SUBDEV         = 3,
+-      VFL_TYPE_SDR            = 4,
+-      VFL_TYPE_TOUCH          = 5,
++      VFL_TYPE_VBI,
++      VFL_TYPE_RADIO,
++      VFL_TYPE_SUBDEV,
++      VFL_TYPE_SDR,
++      VFL_TYPE_TOUCH,
++      VFL_TYPE_MAX /* Shall be the last one */
+ };
+-#define VFL_TYPE_MAX VFL_TYPE_TOUCH
+ 
+ /**
+  * enum  vfl_direction - Identifies if a &struct video_device corresponds
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/patches.suse/swiotlb-Fix-unexpected-swiotlb_alloc_coherent-failur.patch 
new/patches.suse/swiotlb-Fix-unexpected-swiotlb_alloc_coherent-failur.patch
--- old/patches.suse/swiotlb-Fix-unexpected-swiotlb_alloc_coherent-failur.patch 
1970-01-01 01:00:00.000000000 +0100
+++ new/patches.suse/swiotlb-Fix-unexpected-swiotlb_alloc_coherent-failur.patch 
2018-04-12 12:43:52.000000000 +0200
@@ -0,0 +1,37 @@
+From: Takashi Iwai <ti...@suse.de>
+Subject: [PATCH] swiotlb: Fix unexpected swiotlb_alloc_coherent() failures
+Date: Tue, 10 Apr 2018 19:05:13 +0200
+Message-Id: <20180410170513.22834-1-ti...@suse.de>
+Patch-mainline: Submitted, iommu ML
+References: bsc#1088658, bsc#1088902
+
+The code refactoring by commit 0176adb00406 ("swiotlb: refactor
+coherent buffer allocation") made swiotlb_alloc_buffer() almost always
+failing due to a thinko: namely, the function evaluates the
+dma_coherent_ok() call incorrectly and dealing as if it's invalid.
+This ends up with weird errors like iwlwifi probe failure or amdgpu
+screen flickering.
+
+This patch corrects the logic error.
+
+Bugzilla: https://bugzilla.suse.com/show_bug.cgi?id=1088658
+Bugzilla: https://bugzilla.suse.com/show_bug.cgi?id=1088902
+Fixes: 0176adb00406 ("swiotlb: refactor coherent buffer allocation")
+Cc: <sta...@vger.kernel.org> # v4.16+
+Signed-off-by: Takashi Iwai <ti...@suse.de>
+
+---
+ lib/swiotlb.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/lib/swiotlb.c
++++ b/lib/swiotlb.c
+@@ -732,7 +732,7 @@ swiotlb_alloc_buffer(struct device *dev,
+               goto out_warn;
+ 
+       *dma_handle = swiotlb_phys_to_dma(dev, phys_addr);
+-      if (dma_coherent_ok(dev, *dma_handle, size))
++      if (!dma_coherent_ok(dev, *dma_handle, size))
+               goto out_unmap;
+ 
+       memset(phys_to_virt(phys_addr), 0, size);

++++++ series.conf ++++++
--- /var/tmp/diff_new_pack.1MxGCr/_old  2018-04-16 12:45:11.557399244 +0200
+++ /var/tmp/diff_new_pack.1MxGCr/_new  2018-04-16 12:45:11.561399099 +0200
@@ -59,6 +59,25 @@
        patches.kernel.org/4.16.1-030-Fix-slab-name-biovec-1-21-12.patch
        
patches.kernel.org/4.16.1-031-signal-Correct-the-offset-of-si_pkey-and-si_lo.patch
        patches.kernel.org/4.16.1-032-Linux-4.16.1.patch
+       
patches.kernel.org/4.16.2-001-sparc64-Oracle-DAX-driver-depends-on-SPARC64.patch
+       
patches.kernel.org/4.16.2-002-arp-fix-arp_filter-on-l3slave-devices.patch
+       
patches.kernel.org/4.16.2-003-net-dsa-Discard-frames-from-unused-ports.patch
+       
patches.kernel.org/4.16.2-004-net-ipv6-Increment-OUTxxx-counters-after-netfi.patch
+       
patches.kernel.org/4.16.2-005-net-sched-fix-NULL-dereference-in-the-error-pa.patch
+       
patches.kernel.org/4.16.2-006-pptp-remove-a-buggy-dst-release-in-pptp_connec.patch
+       
patches.kernel.org/4.16.2-007-sctp-do-not-leak-kernel-memory-to-user-space.patch
+       
patches.kernel.org/4.16.2-008-sctp-sctp_sockaddr_af-must-check-minimal-addr-.patch
+       
patches.kernel.org/4.16.2-009-sky2-Increase-D3-delay-to-sky2-stops-working-a.patch
+       
patches.kernel.org/4.16.2-010-vlan-also-check-phy_driver-ts_info-for-vlan-s-.patch
+       patches.kernel.org/4.16.2-011-net-fool-proof-dev_valid_name.patch
+       
patches.kernel.org/4.16.2-012-ip_tunnel-better-validate-user-provided-tunnel.patch
+       
patches.kernel.org/4.16.2-013-ipv6-sit-better-validate-user-provided-tunnel-.patch
+       
patches.kernel.org/4.16.2-014-ip6_gre-better-validate-user-provided-tunnel-n.patch
+       
patches.kernel.org/4.16.2-015-ip6_tunnel-better-validate-user-provided-tunne.patch
+       
patches.kernel.org/4.16.2-016-vti6-better-validate-user-provided-tunnel-name.patch
+       
patches.kernel.org/4.16.2-017-net_sched-fix-a-missing-idr_remove-in-u32_dele.patch
+       
patches.kernel.org/4.16.2-018-nfp-use-full-40-bits-of-the-NSP-buffer-address.patch
+       patches.kernel.org/4.16.2-019-Linux-4.16.2.patch
 
        ########################################################
        # Build fixes that apply to the vanilla kernel too.
@@ -196,6 +215,8 @@
 
        patches.suse/VFS-expedite-umount.patch
 
+       patches.suse/swiotlb-Fix-unexpected-swiotlb_alloc_coherent-failur.patch
+
        ########################################################
        # IPC patches
        ########################################################
@@ -334,6 +355,7 @@
        ########################################################
        # video4linux
        ########################################################
+       patches.suse/media-v4l2-core-fix-size-of-devnode_nums-bitarray.patch
 
        ########################################################
        # Network
@@ -423,6 +445,7 @@
        patches.suse/0001-AppArmor-basic-networking-rules.patch
        
patches.suse/0002-apparmor-update-apparmor-basic-networking-rules-for-.patch
        
patches.suse/0003-apparmor-Fix-quieting-of-audit-messages-for-network-.patch
+       patches.suse/apparmor-check-all-net-profiles.patch
 
        ########################################################
        # Address space layout randomization

++++++ source-timestamp ++++++
--- /var/tmp/diff_new_pack.1MxGCr/_old  2018-04-16 12:45:11.589398080 +0200
+++ /var/tmp/diff_new_pack.1MxGCr/_new  2018-04-16 12:45:11.589398080 +0200
@@ -1,3 +1,3 @@
-2018-04-09 08:27:59 +0200
-GIT Revision: fc6541a4887903de7c2dceaf9e6a75023a494f13
+2018-04-12 14:54:16 +0200
+GIT Revision: 7b2d22b118d1ce275f762e1458e957a45ff84018
 GIT Branch: stable


Reply via email to