Hello community,
here is the log from the commit of package kernel-source for openSUSE:Factory
checked in at 2018-04-16 12:44:15
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/kernel-source (Old)
and /work/SRC/openSUSE:Factory/.kernel-source.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "kernel-source"
Mon Apr 16 12:44:15 2018 rev:420 rq:595988 version:4.16.2
Changes:
--------
--- /work/SRC/openSUSE:Factory/kernel-source/dtb-aarch64.changes
2018-04-11 13:48:46.179492413 +0200
+++ /work/SRC/openSUSE:Factory/.kernel-source.new/dtb-aarch64.changes
2018-04-16 12:44:23.999129656 +0200
@@ -1,0 +2,56 @@
+Thu Apr 12 14:50:41 CEST 2018 - jsl...@suse.cz
+
+- Linux 4.16.2 (bnc#1012628).
+- nfp: use full 40 bits of the NSP buffer address (bnc#1012628).
+- net_sched: fix a missing idr_remove() in u32_delete_key()
+ (bnc#1012628).
+- vti6: better validate user provided tunnel names (bnc#1012628).
+- ip6_tunnel: better validate user provided tunnel names
+ (bnc#1012628).
+- ip6_gre: better validate user provided tunnel names
+ (bnc#1012628).
+- ipv6: sit: better validate user provided tunnel names
+ (bnc#1012628).
+- ip_tunnel: better validate user provided tunnel names
+ (bnc#1012628).
+- net: fool proof dev_valid_name() (bnc#1012628).
+- vlan: also check phy_driver ts_info for vlan's real device
+ (bnc#1012628).
+- sky2: Increase D3 delay to sky2 stops working after suspend
+ (bnc#1012628).
+- sctp: sctp_sockaddr_af must check minimal addr length for
+ AF_INET6 (bnc#1012628).
+- sctp: do not leak kernel memory to user space (bnc#1012628).
+- pptp: remove a buggy dst release in pptp_connect()
+ (bnc#1012628).
+- net/sched: fix NULL dereference in the error path of
+ tcf_bpf_init() (bnc#1012628).
+- net/ipv6: Increment OUTxxx counters after netfilter hook
+ (bnc#1012628).
+- net: dsa: Discard frames from unused ports (bnc#1012628).
+- arp: fix arp_filter on l3slave devices (bnc#1012628).
+- sparc64: Oracle DAX driver depends on SPARC64 (bnc#1012628).
+- commit 8ea896b
+
+-------------------------------------------------------------------
+Wed Apr 11 11:59:12 CEST 2018 - jsl...@suse.cz
+
+- Update config files.
+ s390x/vanilla fails to build without this.
+- commit e8d83e8
+
+-------------------------------------------------------------------
+Tue Apr 10 20:01:19 CEST 2018 - ti...@suse.de
+
+- swiotlb: Fix unexpected swiotlb_alloc_coherent() failures
+ (bsc#1088658, bsc#1088902).
+- commit 096b538
+
+-------------------------------------------------------------------
+Mon Apr 9 12:28:40 CEST 2018 - ti...@suse.de
+
+- media: v4l2-core: fix size of devnode_nums[] bitarray
+ (bsc#1088640).
+- commit 6fcb3b5
+
+-------------------------------------------------------------------
@@ -60,0 +117,6 @@
+
+-------------------------------------------------------------------
+Thu Apr 5 00:15:45 CEST 2018 - rgold...@suse.com
+
+- apparmor: Check all profiles attached to the label (bsc#1085996).
+- commit b249c9e
dtb-armv6l.changes: same change
dtb-armv7l.changes: same change
kernel-64kb.changes: same change
kernel-debug.changes: same change
kernel-default.changes: same change
kernel-docs.changes: same change
kernel-kvmsmall.changes: same change
kernel-lpae.changes: same change
kernel-obs-build.changes: same change
kernel-obs-qa.changes: same change
kernel-pae.changes: same change
kernel-source.changes: same change
kernel-syms.changes: same change
kernel-syzkaller.changes: same change
kernel-vanilla.changes: same change
kernel-zfcpdump.changes: same change
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ dtb-aarch64.spec ++++++
--- /var/tmp/diff_new_pack.1MxGCr/_old 2018-04-16 12:45:10.045454255 +0200
+++ /var/tmp/diff_new_pack.1MxGCr/_new 2018-04-16 12:45:10.049454110 +0200
@@ -17,7 +17,7 @@
%define srcversion 4.16
-%define patchversion 4.16.1
+%define patchversion 4.16.2
%define variant %{nil}
%include %_sourcedir/kernel-spec-macros
@@ -29,9 +29,9 @@
%(chmod +x
%_sourcedir/{guards,apply-patches,check-for-config-changes,group-source-files.pl,split-modules,modversions,kabi.pl,mkspec,compute-PATCHVERSION.sh,arch-symbols,log.sh,try-disable-staging-driver,compress-vmlinux.sh,mkspec-dtb,check-module-license})
Name: dtb-aarch64
-Version: 4.16.1
+Version: 4.16.2
%if 0%{?is_kotd}
-Release: <RELEASE>.gfc6541a
+Release: <RELEASE>.g7b2d22b
%else
Release: 0
%endif
dtb-armv6l.spec: same change
dtb-armv7l.spec: same change
++++++ kernel-64kb.spec ++++++
--- /var/tmp/diff_new_pack.1MxGCr/_old 2018-04-16 12:45:10.121451490 +0200
+++ /var/tmp/diff_new_pack.1MxGCr/_new 2018-04-16 12:45:10.125451344 +0200
@@ -18,7 +18,7 @@
%define srcversion 4.16
-%define patchversion 4.16.1
+%define patchversion 4.16.2
%define variant %{nil}
%define vanilla_only 0
@@ -58,9 +58,9 @@
Summary: Kernel with 64kb PAGE_SIZE
License: GPL-2.0
Group: System/Kernel
-Version: 4.16.1
+Version: 4.16.2
%if 0%{?is_kotd}
-Release: <RELEASE>.gfc6541a
+Release: <RELEASE>.g7b2d22b
%else
Release: 0
%endif
@@ -164,10 +164,10 @@
Conflicts: libc.so.6()(64bit)
%endif
Provides: kernel = %version-%source_rel
-Provides: kernel-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
-Provides: kernel-%build_flavor-base-srchash =
fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides: kernel-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
+Provides: kernel-%build_flavor-base-srchash =
7b2d22b118d1ce275f762e1458e957a45ff84018
# END COMMON DEPS
-Provides: %name-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides: %name-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
%obsolete_rebuilds %name
Source0:
http://www.kernel.org/pub/linux/kernel/v4.x/linux-%srcversion.tar.xz
Source2: source-post.sh
@@ -1055,8 +1055,8 @@
Conflicts: libc.so.6()(64bit)
%endif
Provides: kernel = %version-%source_rel
-Provides: kernel-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
-Provides: kernel-%build_flavor-base-srchash =
fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides: kernel-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
+Provides: kernel-%build_flavor-base-srchash =
7b2d22b118d1ce275f762e1458e957a45ff84018
%obsolete_rebuilds %name-base
%ifarch %ix86
++++++ kernel-debug.spec ++++++
--- /var/tmp/diff_new_pack.1MxGCr/_old 2018-04-16 12:45:10.149450471 +0200
+++ /var/tmp/diff_new_pack.1MxGCr/_new 2018-04-16 12:45:10.153450326 +0200
@@ -18,7 +18,7 @@
%define srcversion 4.16
-%define patchversion 4.16.1
+%define patchversion 4.16.2
%define variant %{nil}
%define vanilla_only 0
@@ -58,9 +58,9 @@
Summary: A Debug Version of the Kernel
License: GPL-2.0
Group: System/Kernel
-Version: 4.16.1
+Version: 4.16.2
%if 0%{?is_kotd}
-Release: <RELEASE>.gfc6541a
+Release: <RELEASE>.g7b2d22b
%else
Release: 0
%endif
@@ -164,10 +164,10 @@
Conflicts: libc.so.6()(64bit)
%endif
Provides: kernel = %version-%source_rel
-Provides: kernel-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
-Provides: kernel-%build_flavor-base-srchash =
fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides: kernel-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
+Provides: kernel-%build_flavor-base-srchash =
7b2d22b118d1ce275f762e1458e957a45ff84018
# END COMMON DEPS
-Provides: %name-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides: %name-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
%ifarch ppc64
Provides: kernel-kdump = 2.6.28
Obsoletes: kernel-kdump <= 2.6.28
@@ -1061,8 +1061,8 @@
Conflicts: libc.so.6()(64bit)
%endif
Provides: kernel = %version-%source_rel
-Provides: kernel-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
-Provides: kernel-%build_flavor-base-srchash =
fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides: kernel-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
+Provides: kernel-%build_flavor-base-srchash =
7b2d22b118d1ce275f762e1458e957a45ff84018
%ifarch ppc64
Provides: kernel-kdump-base = 2.6.28
++++++ kernel-default.spec ++++++
--- /var/tmp/diff_new_pack.1MxGCr/_old 2018-04-16 12:45:10.173449598 +0200
+++ /var/tmp/diff_new_pack.1MxGCr/_new 2018-04-16 12:45:10.177449453 +0200
@@ -18,7 +18,7 @@
%define srcversion 4.16
-%define patchversion 4.16.1
+%define patchversion 4.16.2
%define variant %{nil}
%define vanilla_only 0
@@ -58,9 +58,9 @@
Summary: The Standard Kernel
License: GPL-2.0
Group: System/Kernel
-Version: 4.16.1
+Version: 4.16.2
%if 0%{?is_kotd}
-Release: <RELEASE>.gfc6541a
+Release: <RELEASE>.g7b2d22b
%else
Release: 0
%endif
@@ -164,10 +164,10 @@
Conflicts: libc.so.6()(64bit)
%endif
Provides: kernel = %version-%source_rel
-Provides: kernel-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
-Provides: kernel-%build_flavor-base-srchash =
fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides: kernel-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
+Provides: kernel-%build_flavor-base-srchash =
7b2d22b118d1ce275f762e1458e957a45ff84018
# END COMMON DEPS
-Provides: %name-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides: %name-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
%ifarch %ix86
Provides: kernel-smp = 2.6.17
Obsoletes: kernel-smp <= 2.6.17
@@ -1104,8 +1104,8 @@
Conflicts: libc.so.6()(64bit)
%endif
Provides: kernel = %version-%source_rel
-Provides: kernel-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
-Provides: kernel-%build_flavor-base-srchash =
fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides: kernel-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
+Provides: kernel-%build_flavor-base-srchash =
7b2d22b118d1ce275f762e1458e957a45ff84018
%ifarch %ix86
Provides: kernel-trace-base = 3.13
++++++ kernel-docs.spec ++++++
--- /var/tmp/diff_new_pack.1MxGCr/_old 2018-04-16 12:45:10.193448871 +0200
+++ /var/tmp/diff_new_pack.1MxGCr/_new 2018-04-16 12:45:10.197448725 +0200
@@ -17,7 +17,7 @@
%define srcversion 4.16
-%define patchversion 4.16.1
+%define patchversion 4.16.2
%define variant %{nil}
%include %_sourcedir/kernel-spec-macros
@@ -31,9 +31,9 @@
Summary: Kernel Documentation
License: GPL-2.0
Group: Documentation/Man
-Version: 4.16.1
+Version: 4.16.2
%if 0%{?is_kotd}
-Release: <RELEASE>.gfc6541a
+Release: <RELEASE>.g7b2d22b
%else
Release: 0
%endif
@@ -63,7 +63,7 @@
%endif
Url: http://www.kernel.org/
Provides: %name = %version-%source_rel
-Provides: %name-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides: %name-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
BuildArch: noarch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Source0:
http://www.kernel.org/pub/linux/kernel/v4.x/linux-%srcversion.tar.xz
++++++ kernel-kvmsmall.spec ++++++
--- /var/tmp/diff_new_pack.1MxGCr/_old 2018-04-16 12:45:10.217447998 +0200
+++ /var/tmp/diff_new_pack.1MxGCr/_new 2018-04-16 12:45:10.221447852 +0200
@@ -18,7 +18,7 @@
%define srcversion 4.16
-%define patchversion 4.16.1
+%define patchversion 4.16.2
%define variant %{nil}
%define vanilla_only 0
@@ -58,9 +58,9 @@
Summary: The Small Developer Kernel for KVM
License: GPL-2.0
Group: System/Kernel
-Version: 4.16.1
+Version: 4.16.2
%if 0%{?is_kotd}
-Release: <RELEASE>.gfc6541a
+Release: <RELEASE>.g7b2d22b
%else
Release: 0
%endif
@@ -164,10 +164,10 @@
Conflicts: libc.so.6()(64bit)
%endif
Provides: kernel = %version-%source_rel
-Provides: kernel-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
-Provides: kernel-%build_flavor-base-srchash =
fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides: kernel-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
+Provides: kernel-%build_flavor-base-srchash =
7b2d22b118d1ce275f762e1458e957a45ff84018
# END COMMON DEPS
-Provides: %name-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides: %name-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
%obsolete_rebuilds %name
Source0:
http://www.kernel.org/pub/linux/kernel/v4.x/linux-%srcversion.tar.xz
Source2: source-post.sh
@@ -1059,8 +1059,8 @@
Conflicts: libc.so.6()(64bit)
%endif
Provides: kernel = %version-%source_rel
-Provides: kernel-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
-Provides: kernel-%build_flavor-base-srchash =
fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides: kernel-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
+Provides: kernel-%build_flavor-base-srchash =
7b2d22b118d1ce275f762e1458e957a45ff84018
%obsolete_rebuilds %name-base
%ifarch %ix86
kernel-lpae.spec: same change
++++++ kernel-obs-build.spec ++++++
--- /var/tmp/diff_new_pack.1MxGCr/_old 2018-04-16 12:45:10.269446105 +0200
+++ /var/tmp/diff_new_pack.1MxGCr/_new 2018-04-16 12:45:10.269446105 +0200
@@ -19,7 +19,7 @@
#!BuildIgnore: post-build-checks
-%define patchversion 4.16.1
+%define patchversion 4.16.2
%define variant %{nil}
%define vanilla_only 0
@@ -45,7 +45,7 @@
%endif
%endif
%endif
-BuildRequires: kernel%kernel_flavor-srchash =
fc6541a4887903de7c2dceaf9e6a75023a494f13
+BuildRequires: kernel%kernel_flavor-srchash =
7b2d22b118d1ce275f762e1458e957a45ff84018
%if 0%{?rhel_version}
BuildRequires: kernel
@@ -64,9 +64,9 @@
Summary: package kernel and initrd for OBS VM builds
License: GPL-2.0
Group: SLES
-Version: 4.16.1
+Version: 4.16.2
%if 0%{?is_kotd}
-Release: <RELEASE>.gfc6541a
+Release: <RELEASE>.g7b2d22b
%else
Release: 0
%endif
++++++ kernel-obs-qa.spec ++++++
--- /var/tmp/diff_new_pack.1MxGCr/_old 2018-04-16 12:45:10.293445232 +0200
+++ /var/tmp/diff_new_pack.1MxGCr/_new 2018-04-16 12:45:10.313444505 +0200
@@ -17,7 +17,7 @@
# needsrootforbuild
-%define patchversion 4.16.1
+%define patchversion 4.16.2
%define variant %{nil}
%include %_sourcedir/kernel-spec-macros
@@ -36,9 +36,9 @@
Summary: Basic QA tests for the kernel
License: GPL-2.0
Group: SLES
-Version: 4.16.1
+Version: 4.16.2
%if 0%{?is_kotd}
-Release: <RELEASE>.gfc6541a
+Release: <RELEASE>.g7b2d22b
%else
Release: 0
%endif
++++++ kernel-pae.spec ++++++
--- /var/tmp/diff_new_pack.1MxGCr/_old 2018-04-16 12:45:10.333443777 +0200
+++ /var/tmp/diff_new_pack.1MxGCr/_new 2018-04-16 12:45:10.337443632 +0200
@@ -18,7 +18,7 @@
%define srcversion 4.16
-%define patchversion 4.16.1
+%define patchversion 4.16.2
%define variant %{nil}
%define vanilla_only 0
@@ -58,9 +58,9 @@
Summary: Kernel with PAE Support
License: GPL-2.0
Group: System/Kernel
-Version: 4.16.1
+Version: 4.16.2
%if 0%{?is_kotd}
-Release: <RELEASE>.gfc6541a
+Release: <RELEASE>.g7b2d22b
%else
Release: 0
%endif
@@ -164,10 +164,10 @@
Conflicts: libc.so.6()(64bit)
%endif
Provides: kernel = %version-%source_rel
-Provides: kernel-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
-Provides: kernel-%build_flavor-base-srchash =
fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides: kernel-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
+Provides: kernel-%build_flavor-base-srchash =
7b2d22b118d1ce275f762e1458e957a45ff84018
# END COMMON DEPS
-Provides: %name-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides: %name-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
%ifarch %ix86
Provides: kernel-bigsmp = 2.6.17
Obsoletes: kernel-bigsmp <= 2.6.17
@@ -1081,8 +1081,8 @@
Conflicts: libc.so.6()(64bit)
%endif
Provides: kernel = %version-%source_rel
-Provides: kernel-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
-Provides: kernel-%build_flavor-base-srchash =
fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides: kernel-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
+Provides: kernel-%build_flavor-base-srchash =
7b2d22b118d1ce275f762e1458e957a45ff84018
%ifarch %ix86
Provides: kernel-vmi-base = 2.6.38
++++++ kernel-source.spec ++++++
--- /var/tmp/diff_new_pack.1MxGCr/_old 2018-04-16 12:45:10.357442904 +0200
+++ /var/tmp/diff_new_pack.1MxGCr/_new 2018-04-16 12:45:10.361442758 +0200
@@ -18,7 +18,7 @@
%define srcversion 4.16
-%define patchversion 4.16.1
+%define patchversion 4.16.2
%define variant %{nil}
%define vanilla_only 0
@@ -30,9 +30,9 @@
Summary: The Linux Kernel Sources
License: GPL-2.0
Group: Development/Sources
-Version: 4.16.1
+Version: 4.16.2
%if 0%{?is_kotd}
-Release: <RELEASE>.gfc6541a
+Release: <RELEASE>.g7b2d22b
%else
Release: 0
%endif
@@ -43,7 +43,7 @@
BuildRequires: sed
Requires(post): coreutils sed
Provides: %name = %version-%source_rel
-Provides: %name-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides: %name-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
Provides: linux
Provides: multiversion(kernel)
Source0:
http://www.kernel.org/pub/linux/kernel/v4.x/linux-%srcversion.tar.xz
++++++ kernel-syms.spec ++++++
--- /var/tmp/diff_new_pack.1MxGCr/_old 2018-04-16 12:45:10.389441739 +0200
+++ /var/tmp/diff_new_pack.1MxGCr/_new 2018-04-16 12:45:10.389441739 +0200
@@ -24,10 +24,10 @@
Summary: Kernel Symbol Versions (modversions)
License: GPL-2.0
Group: Development/Sources
-Version: 4.16.1
+Version: 4.16.2
%if %using_buildservice
%if 0%{?is_kotd}
-Release: <RELEASE>.gfc6541a
+Release: <RELEASE>.g7b2d22b
%else
Release: 0
%endif
@@ -55,7 +55,7 @@
%endif
Requires: pesign-obs-integration
Provides: %name = %version-%source_rel
-Provides: %name-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides: %name-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
Provides: multiversion(kernel)
Source: README.KSYMS
Requires: kernel-devel%variant = %version-%source_rel
++++++ kernel-syzkaller.spec ++++++
--- /var/tmp/diff_new_pack.1MxGCr/_old 2018-04-16 12:45:10.409441012 +0200
+++ /var/tmp/diff_new_pack.1MxGCr/_new 2018-04-16 12:45:10.413440866 +0200
@@ -18,7 +18,7 @@
%define srcversion 4.16
-%define patchversion 4.16.1
+%define patchversion 4.16.2
%define variant %{nil}
%define vanilla_only 0
@@ -58,9 +58,9 @@
Summary: Kernel used for fuzzing by syzkaller
License: GPL-2.0
Group: System/Kernel
-Version: 4.16.1
+Version: 4.16.2
%if 0%{?is_kotd}
-Release: <RELEASE>.gfc6541a
+Release: <RELEASE>.g7b2d22b
%else
Release: 0
%endif
@@ -164,10 +164,10 @@
Conflicts: libc.so.6()(64bit)
%endif
Provides: kernel = %version-%source_rel
-Provides: kernel-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
-Provides: kernel-%build_flavor-base-srchash =
fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides: kernel-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
+Provides: kernel-%build_flavor-base-srchash =
7b2d22b118d1ce275f762e1458e957a45ff84018
# END COMMON DEPS
-Provides: %name-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides: %name-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
%obsolete_rebuilds %name
Source0:
http://www.kernel.org/pub/linux/kernel/v4.x/linux-%srcversion.tar.xz
Source2: source-post.sh
@@ -1054,8 +1054,8 @@
Conflicts: libc.so.6()(64bit)
%endif
Provides: kernel = %version-%source_rel
-Provides: kernel-srchash = fc6541a4887903de7c2dceaf9e6a75023a494f13
-Provides: kernel-%build_flavor-base-srchash =
fc6541a4887903de7c2dceaf9e6a75023a494f13
+Provides: kernel-srchash = 7b2d22b118d1ce275f762e1458e957a45ff84018
+Provides: kernel-%build_flavor-base-srchash =
7b2d22b118d1ce275f762e1458e957a45ff84018
%obsolete_rebuilds %name-base
%ifarch %ix86
kernel-vanilla.spec: same change
kernel-zfcpdump.spec: same change
++++++ config.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/s390x/vanilla new/config/s390x/vanilla
--- old/config/s390x/vanilla 2018-04-06 10:08:04.000000000 +0200
+++ new/config/s390x/vanilla 2018-04-11 11:59:12.000000000 +0200
@@ -2,10 +2,11 @@
# CONFIG_IP6_NF_MATCH_SRH is not set
# CONFIG_LIRC is not set
CONFIG_LOCALVERSION="-vanilla"
+# CONFIG_MODULE_SIG is not set
# CONFIG_NF_FLOW_TABLE is not set
CONFIG_REFCOUNT_FULL=y
# CONFIG_RUNTIME_TESTING_MENU is not set
# CONFIG_SENSORS_W83773G is not set
# CONFIG_SOUNDWIRE is not set
+# CONFIG_SYSTEM_DATA_VERIFICATION is not set
CONFIG_MODULES=y
-# CONFIG_MODULE_SIG is not set
++++++ patches.kernel.org.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/4.16.2-001-sparc64-Oracle-DAX-driver-depends-on-SPARC64.patch
new/patches.kernel.org/4.16.2-001-sparc64-Oracle-DAX-driver-depends-on-SPARC64.patch
---
old/patches.kernel.org/4.16.2-001-sparc64-Oracle-DAX-driver-depends-on-SPARC64.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/4.16.2-001-sparc64-Oracle-DAX-driver-depends-on-SPARC64.patch
2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,50 @@
+From: Guenter Roeck <li...@roeck-us.net>
+Date: Mon, 26 Feb 2018 15:21:18 -0800
+Subject: [PATCH] sparc64: Oracle DAX driver depends on SPARC64
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: 9c548bb5823dfcf7a16c6e65976d84d9581208c9
+
+commit 9c548bb5823dfcf7a16c6e65976d84d9581208c9 upstream.
+
+sparc:allmodconfig fails to build as follows.
+
+ERROR: "mdesc_release" [drivers/sbus/char/oradax.ko] undefined!
+ERROR: "sun4v_hvapi_register" [drivers/sbus/char/oradax.ko] undefined!
+ERROR: "mdesc_get_property" [drivers/sbus/char/oradax.ko] undefined!
+ERROR: "mdesc_node_by_name" [drivers/sbus/char/oradax.ko] undefined!
+ERROR: "mdesc_grab" [drivers/sbus/char/oradax.ko] undefined!
+ERROR: "sun4v_ccb_info" [drivers/sbus/char/oradax.ko] undefined!
+ERROR: "sun4v_ccb_submit" [drivers/sbus/char/oradax.ko] undefined!
+ERROR: "sun4v_ccb_kill" [drivers/sbus/char/oradax.ko] undefined!
+
+The symbols are only available with SPARC64 builds, thus the driver
+depends on it.
+
+Fixes: dd0273284c74 ("sparc64: Oracle DAX driver")
+Cc: Kees Cook <keesc...@chromium.org>
+Signed-off-by: Guenter Roeck <li...@roeck-us.net>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ drivers/sbus/char/Kconfig | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/drivers/sbus/char/Kconfig b/drivers/sbus/char/Kconfig
+index a785aa7660c3..bf3c5f735614 100644
+--- a/drivers/sbus/char/Kconfig
++++ b/drivers/sbus/char/Kconfig
+@@ -72,7 +72,8 @@ config DISPLAY7SEG
+
+ config ORACLE_DAX
+ tristate "Oracle Data Analytics Accelerator"
+- default m if SPARC64
++ depends on SPARC64
++ default m
+ help
+ Driver for Oracle Data Analytics Accelerator, which is
+ a coprocessor that performs database operations in hardware.
+--
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/4.16.2-002-arp-fix-arp_filter-on-l3slave-devices.patch
new/patches.kernel.org/4.16.2-002-arp-fix-arp_filter-on-l3slave-devices.patch
---
old/patches.kernel.org/4.16.2-002-arp-fix-arp_filter-on-l3slave-devices.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/4.16.2-002-arp-fix-arp_filter-on-l3slave-devices.patch
2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,46 @@
+From: Miguel Fadon Perlines <mfa...@teldat.com>
+Date: Thu, 5 Apr 2018 10:25:38 +0200
+Subject: [PATCH] arp: fix arp_filter on l3slave devices
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: 58b35f27689b5eb514fc293c332966c226b1b6e4
+
+[ Upstream commit 58b35f27689b5eb514fc293c332966c226b1b6e4 ]
+
+arp_filter performs an ip_route_output search for arp source address and
+checks if output device is the same where the arp request was received,
+if it is not, the arp request is not answered.
+
+This route lookup is always done on main route table so l3slave devices
+never find the proper route and arp is not answered.
+
+Passing l3mdev_master_ifindex_rcu(dev) return value as oif fixes the
+lookup for l3slave devices while maintaining same behavior for non
+l3slave devices as this function returns 0 in that case.
+
+Fixes: 613d09b30f8b ("net: Use VRF device index for lookups on TX")
+Signed-off-by: Miguel Fadon Perlines <mfa...@teldat.com>
+Acked-by: David Ahern <d...@cumulusnetworks.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ net/ipv4/arp.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/net/ipv4/arp.c b/net/ipv4/arp.c
+index f28f06c91ead..7333db17c581 100644
+--- a/net/ipv4/arp.c
++++ b/net/ipv4/arp.c
+@@ -437,7 +437,7 @@ static int arp_filter(__be32 sip, __be32 tip, struct
net_device *dev)
+ /*unsigned long now; */
+ struct net *net = dev_net(dev);
+
+- rt = ip_route_output(net, sip, tip, 0, 0);
++ rt = ip_route_output(net, sip, tip, 0, l3mdev_master_ifindex_rcu(dev));
+ if (IS_ERR(rt))
+ return 1;
+ if (rt->dst.dev != dev) {
+--
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/4.16.2-003-net-dsa-Discard-frames-from-unused-ports.patch
new/patches.kernel.org/4.16.2-003-net-dsa-Discard-frames-from-unused-ports.patch
---
old/patches.kernel.org/4.16.2-003-net-dsa-Discard-frames-from-unused-ports.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/4.16.2-003-net-dsa-Discard-frames-from-unused-ports.patch
2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,54 @@
+From: Andrew Lunn <and...@lunn.ch>
+Date: Sat, 7 Apr 2018 20:37:40 +0200
+Subject: [PATCH] net: dsa: Discard frames from unused ports
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: fc5f33768cca7144f8d793205b229d46740d183b
+
+[ Upstream commit fc5f33768cca7144f8d793205b229d46740d183b ]
+
+The Marvell switches under some conditions will pass a frame to the
+host with the port being the CPU port. Such frames are invalid, and
+should be dropped. Not dropping them can result in a crash when
+incrementing the receive statistics for an invalid port.
+
+Reported-by: Chris Healy <cphe...@gmail.com>
+Fixes: 91da11f870f0 ("net: Distributed Switch Architecture protocol support")
+Signed-off-by: Andrew Lunn <and...@lunn.ch>
+Reviewed-by: Florian Fainelli <f.faine...@gmail.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ net/dsa/dsa_priv.h | 8 +++++++-
+ 1 file changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/net/dsa/dsa_priv.h b/net/dsa/dsa_priv.h
+index 70de7895e5b8..053731473c99 100644
+--- a/net/dsa/dsa_priv.h
++++ b/net/dsa/dsa_priv.h
+@@ -126,6 +126,7 @@ static inline struct net_device
*dsa_master_find_slave(struct net_device *dev,
+ struct dsa_port *cpu_dp = dev->dsa_ptr;
+ struct dsa_switch_tree *dst = cpu_dp->dst;
+ struct dsa_switch *ds;
++ struct dsa_port *slave_port;
+
+ if (device < 0 || device >= DSA_MAX_SWITCHES)
+ return NULL;
+@@ -137,7 +138,12 @@ static inline struct net_device
*dsa_master_find_slave(struct net_device *dev,
+ if (port < 0 || port >= ds->num_ports)
+ return NULL;
+
+- return ds->ports[port].slave;
++ slave_port = &ds->ports[port];
++
++ if (unlikely(slave_port->type != DSA_PORT_TYPE_USER))
++ return NULL;
++
++ return slave_port->slave;
+ }
+
+ /* port.c */
+--
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/4.16.2-004-net-ipv6-Increment-OUTxxx-counters-after-netfi.patch
new/patches.kernel.org/4.16.2-004-net-ipv6-Increment-OUTxxx-counters-after-netfi.patch
---
old/patches.kernel.org/4.16.2-004-net-ipv6-Increment-OUTxxx-counters-after-netfi.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/4.16.2-004-net-ipv6-Increment-OUTxxx-counters-after-netfi.patch
2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,53 @@
+From: Jeff Barnhill <0xeff...@gmail.com>
+Date: Thu, 5 Apr 2018 21:29:47 +0000
+Subject: [PATCH] net/ipv6: Increment OUTxxx counters after netfilter hook
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: 71a1c915238c970cd9bdd5bf158b1279d6b6d55b
+
+[ Upstream commit 71a1c915238c970cd9bdd5bf158b1279d6b6d55b ]
+
+At the end of ip6_forward(), IPSTATS_MIB_OUTFORWDATAGRAMS and
+IPSTATS_MIB_OUTOCTETS are incremented immediately before the NF_HOOK call
+for NFPROTO_IPV6 / NF_INET_FORWARD. As a result, these counters get
+incremented regardless of whether or not the netfilter hook allows the
+packet to continue being processed. This change increments the counters
+in ip6_forward_finish() so that it will not happen if the netfilter hook
+chooses to terminate the packet, which is similar to how IPv4 works.
+
+Signed-off-by: Jeff Barnhill <0xeff...@gmail.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ net/ipv6/ip6_output.c | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/net/ipv6/ip6_output.c b/net/ipv6/ip6_output.c
+index 5cb18c8ba9b2..4065ae0c32a0 100644
+--- a/net/ipv6/ip6_output.c
++++ b/net/ipv6/ip6_output.c
+@@ -375,6 +375,11 @@ static int ip6_forward_proxy_check(struct sk_buff *skb)
+ static inline int ip6_forward_finish(struct net *net, struct sock *sk,
+ struct sk_buff *skb)
+ {
++ struct dst_entry *dst = skb_dst(skb);
++
++ __IP6_INC_STATS(net, ip6_dst_idev(dst), IPSTATS_MIB_OUTFORWDATAGRAMS);
++ __IP6_ADD_STATS(net, ip6_dst_idev(dst), IPSTATS_MIB_OUTOCTETS,
skb->len);
++
+ return dst_output(net, sk, skb);
+ }
+
+@@ -569,8 +574,6 @@ int ip6_forward(struct sk_buff *skb)
+
+ hdr->hop_limit--;
+
+- __IP6_INC_STATS(net, ip6_dst_idev(dst), IPSTATS_MIB_OUTFORWDATAGRAMS);
+- __IP6_ADD_STATS(net, ip6_dst_idev(dst), IPSTATS_MIB_OUTOCTETS,
skb->len);
+ return NF_HOOK(NFPROTO_IPV6, NF_INET_FORWARD,
+ net, NULL, skb, skb->dev, dst->dev,
+ ip6_forward_finish);
+--
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/4.16.2-005-net-sched-fix-NULL-dereference-in-the-error-pa.patch
new/patches.kernel.org/4.16.2-005-net-sched-fix-NULL-dereference-in-the-error-pa.patch
---
old/patches.kernel.org/4.16.2-005-net-sched-fix-NULL-dereference-in-the-error-pa.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/4.16.2-005-net-sched-fix-NULL-dereference-in-the-error-pa.patch
2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,106 @@
+From: Davide Caratti <dcara...@redhat.com>
+Date: Fri, 6 Apr 2018 01:19:37 +0200
+Subject: [PATCH] net/sched: fix NULL dereference in the error path of
+ tcf_bpf_init()
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: 3239534a79ee6f20cffd974173a1e62e0730e8ac
+
+[ Upstream commit 3239534a79ee6f20cffd974173a1e62e0730e8ac ]
+
+when tcf_bpf_init_from_ops() fails (e.g. because of program having invalid
+number of instructions), tcf_bpf_cfg_cleanup() calls bpf_prog_put(NULL) or
+bpf_prog_destroy(NULL). Unless CONFIG_BPF_SYSCALL is unset, this causes
+the following error:
+
+ BUG: unable to handle kernel NULL pointer dereference at 0000000000000020
+ PGD 800000007345a067 P4D 800000007345a067 PUD 340e1067 PMD 0
+ Oops: 0000 [#1] SMP PTI
+ Modules linked in: act_bpf(E) ip6table_filter ip6_tables iptable_filter
binfmt_misc ext4 mbcache jbd2 crct10dif_pclmul crc32_pclmul ghash_clmulni_intel
snd_hda_codec_generic pcbc snd_hda_intel snd_hda_codec snd_hda_core snd_hwdep
snd_seq snd_seq_device snd_pcm aesni_intel crypto_simd glue_helper cryptd
joydev snd_timer snd virtio_balloon pcspkr soundcore i2c_piix4 nfsd auth_rpcgss
nfs_acl lockd grace sunrpc ip_tables xfs libcrc32c ata_generic pata_acpi qxl
drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops ttm virtio_blk drm
virtio_net virtio_console i2c_core crc32c_intel serio_raw virtio_pci ata_piix
libata virtio_ring floppy virtio dm_mirror dm_region_hash dm_log dm_mod [last
unloaded: act_bpf]
+ CPU: 3 PID: 5654 Comm: tc Tainted: G E 4.16.0.bpf_test+ #408
+ Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
+ RIP: 0010:__bpf_prog_put+0xc/0xc0
+ RSP: 0018:ffff9594003ef728 EFLAGS: 00010202
+ RAX: 0000000000000000 RBX: ffff9594003ef758 RCX: 0000000000000024
+ RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
+ RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000044
+ R10: 0000000000000220 R11: ffff8a7ab9f17131 R12: 0000000000000000
+ R13: ffff8a7ab7c3c8e0 R14: 0000000000000001 R15: ffff8a7ab88f1054
+ FS: 00007fcb2f17c740(0000) GS:ffff8a7abfd80000(0000) knlGS:0000000000000000
+ CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
+ CR2: 0000000000000020 CR3: 000000007c888006 CR4: 00000000001606e0
+ Call Trace:
+ tcf_bpf_cfg_cleanup+0x2f/0x40 [act_bpf]
+ tcf_bpf_cleanup+0x4c/0x70 [act_bpf]
+ __tcf_idr_release+0x79/0x140
+ tcf_bpf_init+0x125/0x330 [act_bpf]
+ tcf_action_init_1+0x2cc/0x430
+ ? get_page_from_freelist+0x3f0/0x11b0
+ tcf_action_init+0xd3/0x1b0
+ tc_ctl_action+0x18b/0x240
+ rtnetlink_rcv_msg+0x29c/0x310
+ ? _cond_resched+0x15/0x30
+ ? __kmalloc_node_track_caller+0x1b9/0x270
+ ? rtnl_calcit.isra.29+0x100/0x100
+ netlink_rcv_skb+0xd2/0x110
+ netlink_unicast+0x17c/0x230
+ netlink_sendmsg+0x2cd/0x3c0
+ sock_sendmsg+0x30/0x40
+ ___sys_sendmsg+0x27a/0x290
+ ? mem_cgroup_commit_charge+0x80/0x130
+ ? page_add_new_anon_rmap+0x73/0xc0
+ ? do_anonymous_page+0x2a2/0x560
+ ? __handle_mm_fault+0xc75/0xe20
+ __sys_sendmsg+0x58/0xa0
+ do_syscall_64+0x6e/0x1a0
+ entry_SYSCALL_64_after_hwframe+0x3d/0xa2
+ RIP: 0033:0x7fcb2e58eba0
+ RSP: 002b:00007ffc93c496c8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
+ RAX: ffffffffffffffda RBX: 00007ffc93c497f0 RCX: 00007fcb2e58eba0
+ RDX: 0000000000000000 RSI: 00007ffc93c49740 RDI: 0000000000000003
+ RBP: 000000005ac6a646 R08: 0000000000000002 R09: 0000000000000000
+ R10: 00007ffc93c49120 R11: 0000000000000246 R12: 0000000000000000
+ R13: 00007ffc93c49804 R14: 0000000000000001 R15: 000000000066afa0
+ Code: 5f 00 48 8b 43 20 48 c7 c7 70 2f 7c b8 c7 40 10 00 00 00 00 5b e9 a5 8b
61 00 0f 1f 44 00 00 0f 1f 44 00 00 41 54 55 48 89 fd 53 <48> 8b 47 20 f0 ff 08
74 05 5b 5d 41 5c c3 41 89 f4 0f 1f 44 00
+ RIP: __bpf_prog_put+0xc/0xc0 RSP: ffff9594003ef728
+ CR2: 0000000000000020
+
+Fix it in tcf_bpf_cfg_cleanup(), ensuring that bpf_prog_{put,destroy}(f)
+is called only when f is not NULL.
+
+Fixes: bbc09e7842a5 ("net/sched: fix idr leak on the error path of
tcf_bpf_init()")
+Reported-by: Lucas Bates <luc...@mojatatu.com>
+Signed-off-by: Davide Caratti <dcara...@redhat.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ net/sched/act_bpf.c | 12 ++++++++----
+ 1 file changed, 8 insertions(+), 4 deletions(-)
+
+diff --git a/net/sched/act_bpf.c b/net/sched/act_bpf.c
+index 9d2cabf1dc7e..f3eee5326307 100644
+--- a/net/sched/act_bpf.c
++++ b/net/sched/act_bpf.c
+@@ -248,10 +248,14 @@ static int tcf_bpf_init_from_efd(struct nlattr **tb,
struct tcf_bpf_cfg *cfg)
+
+ static void tcf_bpf_cfg_cleanup(const struct tcf_bpf_cfg *cfg)
+ {
+- if (cfg->is_ebpf)
+- bpf_prog_put(cfg->filter);
+- else
+- bpf_prog_destroy(cfg->filter);
++ struct bpf_prog *filter = cfg->filter;
++
++ if (filter) {
++ if (cfg->is_ebpf)
++ bpf_prog_put(filter);
++ else
++ bpf_prog_destroy(filter);
++ }
+
+ kfree(cfg->bpf_ops);
+ kfree(cfg->bpf_name);
+--
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/4.16.2-006-pptp-remove-a-buggy-dst-release-in-pptp_connec.patch
new/patches.kernel.org/4.16.2-006-pptp-remove-a-buggy-dst-release-in-pptp_connec.patch
---
old/patches.kernel.org/4.16.2-006-pptp-remove-a-buggy-dst-release-in-pptp_connec.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/4.16.2-006-pptp-remove-a-buggy-dst-release-in-pptp_connec.patch
2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,120 @@
+From: Eric Dumazet <eduma...@google.com>
+Date: Mon, 2 Apr 2018 18:48:37 -0700
+Subject: [PATCH] pptp: remove a buggy dst release in pptp_connect()
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: bfacfb457b36911a10140b8cb3ce76a74883ac5a
+
+[ Upstream commit bfacfb457b36911a10140b8cb3ce76a74883ac5a ]
+
+Once dst has been cached in socket via sk_setup_caps(),
+it is illegal to call ip_rt_put() (or dst_release()),
+since sk_setup_caps() did not change dst refcount.
+
+We can still dereference it since we hold socket lock.
+
+Caugth by syzbot :
+
+BUG: KASAN: use-after-free in atomic_dec_return
include/asm-generic/atomic-instrumented.h:198 [inline]
+BUG: KASAN: use-after-free in dst_release+0x27/0xa0 net/core/dst.c:185
+Write of size 4 at addr ffff8801c54dc040 by task syz-executor4/20088
+
+CPU: 1 PID: 20088 Comm: syz-executor4 Not tainted 4.16.0+ #376
+Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google
01/01/2011
+Call Trace:
+ __dump_stack lib/dump_stack.c:17 [inline]
+ dump_stack+0x1a7/0x27d lib/dump_stack.c:53
+ print_address_description+0x73/0x250 mm/kasan/report.c:256
+ kasan_report_error mm/kasan/report.c:354 [inline]
+ kasan_report+0x23c/0x360 mm/kasan/report.c:412
+ check_memory_region_inline mm/kasan/kasan.c:260 [inline]
+ check_memory_region+0x137/0x190 mm/kasan/kasan.c:267
+ kasan_check_write+0x14/0x20 mm/kasan/kasan.c:278
+ atomic_dec_return include/asm-generic/atomic-instrumented.h:198 [inline]
+ dst_release+0x27/0xa0 net/core/dst.c:185
+ sk_dst_set include/net/sock.h:1812 [inline]
+ sk_dst_reset include/net/sock.h:1824 [inline]
+ sock_setbindtodevice net/core/sock.c:610 [inline]
+ sock_setsockopt+0x431/0x1b20 net/core/sock.c:707
+ SYSC_setsockopt net/socket.c:1845 [inline]
+ SyS_setsockopt+0x2ff/0x360 net/socket.c:1828
+ do_syscall_64+0x281/0x940 arch/x86/entry/common.c:287
+ entry_SYSCALL_64_after_hwframe+0x42/0xb7
+RIP: 0033:0x4552d9
+RSP: 002b:00007f4878126c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
+RAX: ffffffffffffffda RBX: 00007f48781276d4 RCX: 00000000004552d9
+RDX: 0000000000000019 RSI: 0000000000000001 RDI: 0000000000000013
+RBP: 000000000072bea0 R08: 0000000000000010 R09: 0000000000000000
+R10: 00000000200010c0 R11: 0000000000000246 R12: 00000000ffffffff
+R13: 0000000000000526 R14: 00000000006fac30 R15: 0000000000000000
+
+Allocated by task 20088:
+ save_stack+0x43/0xd0 mm/kasan/kasan.c:447
+ set_track mm/kasan/kasan.c:459 [inline]
+ kasan_kmalloc+0xad/0xe0 mm/kasan/kasan.c:552
+ kasan_slab_alloc+0x12/0x20 mm/kasan/kasan.c:489
+ kmem_cache_alloc+0x12e/0x760 mm/slab.c:3542
+ dst_alloc+0x11f/0x1a0 net/core/dst.c:104
+ rt_dst_alloc+0xe9/0x540 net/ipv4/route.c:1520
+ __mkroute_output net/ipv4/route.c:2265 [inline]
+ ip_route_output_key_hash_rcu+0xa49/0x2c60 net/ipv4/route.c:2493
+ ip_route_output_key_hash+0x20b/0x370 net/ipv4/route.c:2322
+ __ip_route_output_key include/net/route.h:126 [inline]
+ ip_route_output_flow+0x26/0xa0 net/ipv4/route.c:2577
+ ip_route_output_ports include/net/route.h:163 [inline]
+ pptp_connect+0xa84/0x1170 drivers/net/ppp/pptp.c:453
+ SYSC_connect+0x213/0x4a0 net/socket.c:1639
+ SyS_connect+0x24/0x30 net/socket.c:1620
+ do_syscall_64+0x281/0x940 arch/x86/entry/common.c:287
+ entry_SYSCALL_64_after_hwframe+0x42/0xb7
+
+Freed by task 20082:
+ save_stack+0x43/0xd0 mm/kasan/kasan.c:447
+ set_track mm/kasan/kasan.c:459 [inline]
+ __kasan_slab_free+0x11a/0x170 mm/kasan/kasan.c:520
+ kasan_slab_free+0xe/0x10 mm/kasan/kasan.c:527
+ __cache_free mm/slab.c:3486 [inline]
+ kmem_cache_free+0x83/0x2a0 mm/slab.c:3744
+ dst_destroy+0x266/0x380 net/core/dst.c:140
+ dst_destroy_rcu+0x16/0x20 net/core/dst.c:153
+ __rcu_reclaim kernel/rcu/rcu.h:178 [inline]
+ rcu_do_batch kernel/rcu/tree.c:2675 [inline]
+ invoke_rcu_callbacks kernel/rcu/tree.c:2930 [inline]
+ __rcu_process_callbacks kernel/rcu/tree.c:2897 [inline]
+ rcu_process_callbacks+0xd6c/0x17b0 kernel/rcu/tree.c:2914
+ __do_softirq+0x2d7/0xb85 kernel/softirq.c:285
+
+The buggy address belongs to the object at ffff8801c54dc000
+ which belongs to the cache ip_dst_cache of size 168
+The buggy address is located 64 bytes inside of
+ 168-byte region [ffff8801c54dc000, ffff8801c54dc0a8)
+The buggy address belongs to the page:
+page:ffffea0007153700 count:1 mapcount:0 mapping:ffff8801c54dc000 index:0x0
+flags: 0x2fffc0000000100(slab)
+raw: 02fffc0000000100 ffff8801c54dc000 0000000000000000 0000000100000010
+raw: ffffea0006b34b20 ffffea0006b6c1e0 ffff8801d674a1c0 0000000000000000
+page dumped because: kasan: bad access detected
+
+Signed-off-by: Eric Dumazet <eduma...@google.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ drivers/net/ppp/pptp.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/drivers/net/ppp/pptp.c b/drivers/net/ppp/pptp.c
+index 6dde9a0cfe76..9b70a3af678e 100644
+--- a/drivers/net/ppp/pptp.c
++++ b/drivers/net/ppp/pptp.c
+@@ -464,7 +464,6 @@ static int pptp_connect(struct socket *sock, struct
sockaddr *uservaddr,
+ po->chan.mtu = dst_mtu(&rt->dst);
+ if (!po->chan.mtu)
+ po->chan.mtu = PPP_MRU;
+- ip_rt_put(rt);
+ po->chan.mtu -= PPTP_HEADER_OVERHEAD;
+
+ po->chan.hdrlen = 2 + sizeof(struct pptp_gre_header);
+--
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/4.16.2-007-sctp-do-not-leak-kernel-memory-to-user-space.patch
new/patches.kernel.org/4.16.2-007-sctp-do-not-leak-kernel-memory-to-user-space.patch
---
old/patches.kernel.org/4.16.2-007-sctp-do-not-leak-kernel-memory-to-user-space.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/4.16.2-007-sctp-do-not-leak-kernel-memory-to-user-space.patch
2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,100 @@
+From: Eric Dumazet <eduma...@google.com>
+Date: Sat, 7 Apr 2018 17:15:22 -0700
+Subject: [PATCH] sctp: do not leak kernel memory to user space
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: 6780db244d6b1537d139dea0ec8aad10cf9e4adb
+
+[ Upstream commit 6780db244d6b1537d139dea0ec8aad10cf9e4adb ]
+
+syzbot produced a nice report [1]
+
+Issue here is that a recvmmsg() managed to leak 8 bytes of kernel memory
+to user space, because sin_zero (padding field) was not properly cleared.
+
+[1]
+BUG: KMSAN: uninit-value in copy_to_user include/linux/uaccess.h:184 [inline]
+BUG: KMSAN: uninit-value in move_addr_to_user+0x32e/0x530 net/socket.c:227
+CPU: 1 PID: 3586 Comm: syzkaller481044 Not tainted 4.16.0+ #82
+Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google
01/01/2011
+Call Trace:
+ __dump_stack lib/dump_stack.c:17 [inline]
+ dump_stack+0x185/0x1d0 lib/dump_stack.c:53
+ kmsan_report+0x142/0x240 mm/kmsan/kmsan.c:1067
+ kmsan_internal_check_memory+0x164/0x1d0 mm/kmsan/kmsan.c:1176
+ kmsan_copy_to_user+0x69/0x160 mm/kmsan/kmsan.c:1199
+ copy_to_user include/linux/uaccess.h:184 [inline]
+ move_addr_to_user+0x32e/0x530 net/socket.c:227
+ ___sys_recvmsg+0x4e2/0x810 net/socket.c:2211
+ __sys_recvmmsg+0x54e/0xdb0 net/socket.c:2313
+ SYSC_recvmmsg+0x29b/0x3e0 net/socket.c:2394
+ SyS_recvmmsg+0x76/0xa0 net/socket.c:2378
+ do_syscall_64+0x309/0x430 arch/x86/entry/common.c:287
+ entry_SYSCALL_64_after_hwframe+0x3d/0xa2
+RIP: 0033:0x4401c9
+RSP: 002b:00007ffc56f73098 EFLAGS: 00000217 ORIG_RAX: 000000000000012b
+RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 00000000004401c9
+RDX: 0000000000000001 RSI: 0000000020003ac0 RDI: 0000000000000003
+RBP: 00000000006ca018 R08: 0000000020003bc0 R09: 0000000000000010
+R10: 0000000000000000 R11: 0000000000000217 R12: 0000000000401af0
+R13: 0000000000401b80 R14: 0000000000000000 R15: 0000000000000000
+
+Local variable description: ----addr@___sys_recvmsg
+Variable was created at:
+ ___sys_recvmsg+0xd5/0x810 net/socket.c:2172
+ __sys_recvmmsg+0x54e/0xdb0 net/socket.c:2313
+
+Bytes 8-15 of 16 are uninitialized
+
+==================================================================
+Kernel panic - not syncing: panic_on_warn set ...
+
+CPU: 1 PID: 3586 Comm: syzkaller481044 Tainted: G B 4.16.0+ #82
+Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google
01/01/2011
+Call Trace:
+ __dump_stack lib/dump_stack.c:17 [inline]
+ dump_stack+0x185/0x1d0 lib/dump_stack.c:53
+ panic+0x39d/0x940 kernel/panic.c:183
+ kmsan_report+0x238/0x240 mm/kmsan/kmsan.c:1083
+ kmsan_internal_check_memory+0x164/0x1d0 mm/kmsan/kmsan.c:1176
+ kmsan_copy_to_user+0x69/0x160 mm/kmsan/kmsan.c:1199
+ copy_to_user include/linux/uaccess.h:184 [inline]
+ move_addr_to_user+0x32e/0x530 net/socket.c:227
+ ___sys_recvmsg+0x4e2/0x810 net/socket.c:2211
+ __sys_recvmmsg+0x54e/0xdb0 net/socket.c:2313
+ SYSC_recvmmsg+0x29b/0x3e0 net/socket.c:2394
+ SyS_recvmmsg+0x76/0xa0 net/socket.c:2378
+ do_syscall_64+0x309/0x430 arch/x86/entry/common.c:287
+ entry_SYSCALL_64_after_hwframe+0x3d/0xa2
+
+Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
+Signed-off-by: Eric Dumazet <eduma...@google.com>
+Cc: Vlad Yasevich <vyasev...@gmail.com>
+Cc: Neil Horman <nhor...@tuxdriver.com>
+Reported-by: syzbot <syzkal...@googlegroups.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ net/sctp/ipv6.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/net/sctp/ipv6.c b/net/sctp/ipv6.c
+index e35d4f73d2df..f6d3d0c1e133 100644
+--- a/net/sctp/ipv6.c
++++ b/net/sctp/ipv6.c
+@@ -728,8 +728,10 @@ static int sctp_v6_addr_to_user(struct sctp_sock *sp,
union sctp_addr *addr)
+ sctp_v6_map_v4(addr);
+ }
+
+- if (addr->sa.sa_family == AF_INET)
++ if (addr->sa.sa_family == AF_INET) {
++ memset(addr->v4.sin_zero, 0, sizeof(addr->v4.sin_zero));
+ return sizeof(struct sockaddr_in);
++ }
+ return sizeof(struct sockaddr_in6);
+ }
+
+--
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/4.16.2-008-sctp-sctp_sockaddr_af-must-check-minimal-addr-.patch
new/patches.kernel.org/4.16.2-008-sctp-sctp_sockaddr_af-must-check-minimal-addr-.patch
---
old/patches.kernel.org/4.16.2-008-sctp-sctp_sockaddr_af-must-check-minimal-addr-.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/4.16.2-008-sctp-sctp_sockaddr_af-must-check-minimal-addr-.patch
2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,82 @@
+From: Eric Dumazet <eduma...@google.com>
+Date: Sun, 8 Apr 2018 07:52:08 -0700
+Subject: [PATCH] sctp: sctp_sockaddr_af must check minimal addr length for
+ AF_INET6
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: 81e98370293afcb58340ce8bd71af7b97f925c26
+
+[ Upstream commit 81e98370293afcb58340ce8bd71af7b97f925c26 ]
+
+Check must happen before call to ipv6_addr_v4mapped()
+
+syzbot report was :
+
+BUG: KMSAN: uninit-value in sctp_sockaddr_af net/sctp/socket.c:359 [inline]
+BUG: KMSAN: uninit-value in sctp_do_bind+0x60f/0xdc0 net/sctp/socket.c:384
+CPU: 0 PID: 3576 Comm: syzkaller968804 Not tainted 4.16.0+ #82
+Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google
01/01/2011
+Call Trace:
+ __dump_stack lib/dump_stack.c:17 [inline]
+ dump_stack+0x185/0x1d0 lib/dump_stack.c:53
+ kmsan_report+0x142/0x240 mm/kmsan/kmsan.c:1067
+ __msan_warning_32+0x6c/0xb0 mm/kmsan/kmsan_instr.c:676
+ sctp_sockaddr_af net/sctp/socket.c:359 [inline]
+ sctp_do_bind+0x60f/0xdc0 net/sctp/socket.c:384
+ sctp_bind+0x149/0x190 net/sctp/socket.c:332
+ inet6_bind+0x1fd/0x1820 net/ipv6/af_inet6.c:293
+ SYSC_bind+0x3f2/0x4b0 net/socket.c:1474
+ SyS_bind+0x54/0x80 net/socket.c:1460
+ do_syscall_64+0x309/0x430 arch/x86/entry/common.c:287
+ entry_SYSCALL_64_after_hwframe+0x3d/0xa2
+RIP: 0033:0x43fd49
+RSP: 002b:00007ffe99df3d28 EFLAGS: 00000213 ORIG_RAX: 0000000000000031
+RAX: ffffffffffffffda RBX: 00000000004002c8 RCX: 000000000043fd49
+RDX: 0000000000000010 RSI: 0000000020000000 RDI: 0000000000000003
+RBP: 00000000006ca018 R08: 00000000004002c8 R09: 00000000004002c8
+R10: 00000000004002c8 R11: 0000000000000213 R12: 0000000000401670
+R13: 0000000000401700 R14: 0000000000000000 R15: 0000000000000000
+
+Local variable description: ----address@SYSC_bind
+Variable was created at:
+ SYSC_bind+0x6f/0x4b0 net/socket.c:1461
+ SyS_bind+0x54/0x80 net/socket.c:1460
+
+Signed-off-by: Eric Dumazet <eduma...@google.com>
+Cc: Vlad Yasevich <vyasev...@gmail.com>
+Cc: Neil Horman <nhor...@tuxdriver.com>
+Reported-by: syzbot <syzkal...@googlegroups.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ net/sctp/socket.c | 13 ++++++++-----
+ 1 file changed, 8 insertions(+), 5 deletions(-)
+
+diff --git a/net/sctp/socket.c b/net/sctp/socket.c
+index bf271f8c2dc9..7160c2e9b768 100644
+--- a/net/sctp/socket.c
++++ b/net/sctp/socket.c
+@@ -354,11 +354,14 @@ static struct sctp_af *sctp_sockaddr_af(struct sctp_sock
*opt,
+ if (!opt->pf->af_supported(addr->sa.sa_family, opt))
+ return NULL;
+
+- /* V4 mapped address are really of AF_INET family */
+- if (addr->sa.sa_family == AF_INET6 &&
+- ipv6_addr_v4mapped(&addr->v6.sin6_addr) &&
+- !opt->pf->af_supported(AF_INET, opt))
+- return NULL;
++ if (addr->sa.sa_family == AF_INET6) {
++ if (len < SIN6_LEN_RFC2133)
++ return NULL;
++ /* V4 mapped address are really of AF_INET family */
++ if (ipv6_addr_v4mapped(&addr->v6.sin6_addr) &&
++ !opt->pf->af_supported(AF_INET, opt))
++ return NULL;
++ }
+
+ /* If we get this far, af is valid. */
+ af = sctp_get_af_specific(addr->sa.sa_family);
+--
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/4.16.2-009-sky2-Increase-D3-delay-to-sky2-stops-working-a.patch
new/patches.kernel.org/4.16.2-009-sky2-Increase-D3-delay-to-sky2-stops-working-a.patch
---
old/patches.kernel.org/4.16.2-009-sky2-Increase-D3-delay-to-sky2-stops-working-a.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/4.16.2-009-sky2-Increase-D3-delay-to-sky2-stops-working-a.patch
2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,41 @@
+From: Kai-Heng Feng <kai.heng.f...@canonical.com>
+Date: Sat, 31 Mar 2018 23:42:03 +0800
+Subject: [PATCH] sky2: Increase D3 delay to sky2 stops working after suspend
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: afb133637071be6deeb8b3d0e55593ffbf63c527
+
+[ Upstream commit afb133637071be6deeb8b3d0e55593ffbf63c527 ]
+
+The sky2 ethernet stops working after system resume from suspend:
+[ 582.852065] sky2 0000:04:00.0: Refused to change power state, currently in D3
+
+The current 150ms delay is not enough, change it to 200ms can solve the
+issue.
+
+BugLink: https://bugs.launchpad.net/bugs/1758507
+Cc: Stable <sta...@vger.kernel.org>
+Signed-off-by: Kai-Heng Feng <kai.heng.f...@canonical.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ drivers/net/ethernet/marvell/sky2.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/drivers/net/ethernet/marvell/sky2.c
b/drivers/net/ethernet/marvell/sky2.c
+index 9fe85300e7b6..5754116a6a4d 100644
+--- a/drivers/net/ethernet/marvell/sky2.c
++++ b/drivers/net/ethernet/marvell/sky2.c
+@@ -5087,7 +5087,7 @@ static int sky2_probe(struct pci_dev *pdev, const struct
pci_device_id *ent)
+ INIT_WORK(&hw->restart_work, sky2_restart);
+
+ pci_set_drvdata(pdev, hw);
+- pdev->d3_delay = 150;
++ pdev->d3_delay = 200;
+
+ return 0;
+
+--
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/4.16.2-010-vlan-also-check-phy_driver-ts_info-for-vlan-s-.patch
new/patches.kernel.org/4.16.2-010-vlan-also-check-phy_driver-ts_info-for-vlan-s-.patch
---
old/patches.kernel.org/4.16.2-010-vlan-also-check-phy_driver-ts_info-for-vlan-s-.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/4.16.2-010-vlan-also-check-phy_driver-ts_info-for-vlan-s-.patch
2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,50 @@
+From: Hangbin Liu <liuhang...@gmail.com>
+Date: Fri, 30 Mar 2018 09:44:00 +0800
+Subject: [PATCH] vlan: also check phy_driver ts_info for vlan's real device
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: ec1d8ccb07deaf30fd0508af6755364ac47dc08d
+
+[ Upstream commit ec1d8ccb07deaf30fd0508af6755364ac47dc08d ]
+
+Just like function ethtool_get_ts_info(), we should also consider the
+phy_driver ts_info call back. For example, driver dp83640.
+
+Fixes: 37dd9255b2f6 ("vlan: Pass ethtool get_ts_info queries to real device.")
+Acked-by: Richard Cochran <richardcoch...@gmail.com>
+Signed-off-by: Hangbin Liu <liuhang...@gmail.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ net/8021q/vlan_dev.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/net/8021q/vlan_dev.c b/net/8021q/vlan_dev.c
+index f7e83f6d2e64..236452ebbd9e 100644
+--- a/net/8021q/vlan_dev.c
++++ b/net/8021q/vlan_dev.c
+@@ -29,6 +29,7 @@
+ #include <linux/net_tstamp.h>
+ #include <linux/etherdevice.h>
+ #include <linux/ethtool.h>
++#include <linux/phy.h>
+ #include <net/arp.h>
+ #include <net/switchdev.h>
+
+@@ -665,8 +666,11 @@ static int vlan_ethtool_get_ts_info(struct net_device
*dev,
+ {
+ const struct vlan_dev_priv *vlan = vlan_dev_priv(dev);
+ const struct ethtool_ops *ops = vlan->real_dev->ethtool_ops;
++ struct phy_device *phydev = vlan->real_dev->phydev;
+
+- if (ops->get_ts_info) {
++ if (phydev && phydev->drv && phydev->drv->ts_info) {
++ return phydev->drv->ts_info(phydev, info);
++ } else if (ops->get_ts_info) {
+ return ops->get_ts_info(vlan->real_dev, info);
+ } else {
+ info->so_timestamping = SOF_TIMESTAMPING_RX_SOFTWARE |
+--
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/4.16.2-011-net-fool-proof-dev_valid_name.patch
new/patches.kernel.org/4.16.2-011-net-fool-proof-dev_valid_name.patch
--- old/patches.kernel.org/4.16.2-011-net-fool-proof-dev_valid_name.patch
1970-01-01 01:00:00.000000000 +0100
+++ new/patches.kernel.org/4.16.2-011-net-fool-proof-dev_valid_name.patch
2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,37 @@
+From: Eric Dumazet <eduma...@google.com>
+Date: Thu, 5 Apr 2018 06:39:26 -0700
+Subject: [PATCH] net: fool proof dev_valid_name()
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: a9d48205d0aedda021fc3728972a9e9934c2b9de
+
+[ Upstream commit a9d48205d0aedda021fc3728972a9e9934c2b9de ]
+
+We want to use dev_valid_name() to validate tunnel names,
+so better use strnlen(name, IFNAMSIZ) than strlen(name) to make
+sure to not upset KASAN.
+
+Signed-off-by: Eric Dumazet <eduma...@google.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ net/core/dev.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/net/core/dev.c b/net/core/dev.c
+index ef0cc6ea5f8d..c4aa2941dbfd 100644
+--- a/net/core/dev.c
++++ b/net/core/dev.c
+@@ -1027,7 +1027,7 @@ bool dev_valid_name(const char *name)
+ {
+ if (*name == '\0')
+ return false;
+- if (strlen(name) >= IFNAMSIZ)
++ if (strnlen(name, IFNAMSIZ) == IFNAMSIZ)
+ return false;
+ if (!strcmp(name, ".") || !strcmp(name, ".."))
+ return false;
+--
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/4.16.2-012-ip_tunnel-better-validate-user-provided-tunnel.patch
new/patches.kernel.org/4.16.2-012-ip_tunnel-better-validate-user-provided-tunnel.patch
---
old/patches.kernel.org/4.16.2-012-ip_tunnel-better-validate-user-provided-tunnel.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/4.16.2-012-ip_tunnel-better-validate-user-provided-tunnel.patch
2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,83 @@
+From: Eric Dumazet <eduma...@google.com>
+Date: Thu, 5 Apr 2018 06:39:27 -0700
+Subject: [PATCH] ip_tunnel: better validate user provided tunnel names
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: 9cb726a212a82c88c98aa9f0037fd04777cd8fe5
+
+[ Upstream commit 9cb726a212a82c88c98aa9f0037fd04777cd8fe5 ]
+
+Use dev_valid_name() to make sure user does not provide illegal
+device name.
+
+syzbot caught the following bug :
+
+BUG: KASAN: stack-out-of-bounds in strlcpy include/linux/string.h:300 [inline]
+BUG: KASAN: stack-out-of-bounds in __ip_tunnel_create+0xca/0x6b0
net/ipv4/ip_tunnel.c:257
+Write of size 20 at addr ffff8801ac79f810 by task syzkaller268107/4482
+
+CPU: 0 PID: 4482 Comm: syzkaller268107 Not tainted 4.16.0+ #1
+Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google
01/01/2011
+Call Trace:
+ __dump_stack lib/dump_stack.c:17 [inline]
+ dump_stack+0x1b9/0x29f lib/dump_stack.c:53
+ print_address_description+0x6c/0x20b mm/kasan/report.c:256
+ kasan_report_error mm/kasan/report.c:354 [inline]
+ kasan_report.cold.7+0xac/0x2f5 mm/kasan/report.c:412
+ check_memory_region_inline mm/kasan/kasan.c:260 [inline]
+ check_memory_region+0x13e/0x1b0 mm/kasan/kasan.c:267
+ memcpy+0x37/0x50 mm/kasan/kasan.c:303
+ strlcpy include/linux/string.h:300 [inline]
+ __ip_tunnel_create+0xca/0x6b0 net/ipv4/ip_tunnel.c:257
+ ip_tunnel_create net/ipv4/ip_tunnel.c:352 [inline]
+ ip_tunnel_ioctl+0x818/0xd40 net/ipv4/ip_tunnel.c:861
+ ipip_tunnel_ioctl+0x1c5/0x420 net/ipv4/ipip.c:350
+ dev_ifsioc+0x43e/0xb90 net/core/dev_ioctl.c:334
+ dev_ioctl+0x69a/0xcc0 net/core/dev_ioctl.c:525
+ sock_ioctl+0x47e/0x680 net/socket.c:1015
+ vfs_ioctl fs/ioctl.c:46 [inline]
+ file_ioctl fs/ioctl.c:500 [inline]
+ do_vfs_ioctl+0x1cf/0x1650 fs/ioctl.c:684
+ ksys_ioctl+0xa9/0xd0 fs/ioctl.c:701
+ SYSC_ioctl fs/ioctl.c:708 [inline]
+ SyS_ioctl+0x24/0x30 fs/ioctl.c:706
+ do_syscall_64+0x29e/0x9d0 arch/x86/entry/common.c:287
+ entry_SYSCALL_64_after_hwframe+0x42/0xb7
+
+Fixes: c54419321455 ("GRE: Refactor GRE tunneling code.")
+Signed-off-by: Eric Dumazet <eduma...@google.com>
+Reported-by: syzbot <syzkal...@googlegroups.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ net/ipv4/ip_tunnel.c | 11 ++++++-----
+ 1 file changed, 6 insertions(+), 5 deletions(-)
+
+diff --git a/net/ipv4/ip_tunnel.c b/net/ipv4/ip_tunnel.c
+index a7fd1c5a2a14..57478d68248d 100644
+--- a/net/ipv4/ip_tunnel.c
++++ b/net/ipv4/ip_tunnel.c
+@@ -253,13 +253,14 @@ static struct net_device *__ip_tunnel_create(struct net
*net,
+ struct net_device *dev;
+ char name[IFNAMSIZ];
+
+- if (parms->name[0])
++ err = -E2BIG;
++ if (parms->name[0]) {
++ if (!dev_valid_name(parms->name))
++ goto failed;
+ strlcpy(name, parms->name, IFNAMSIZ);
+- else {
+- if (strlen(ops->kind) > (IFNAMSIZ - 3)) {
+- err = -E2BIG;
++ } else {
++ if (strlen(ops->kind) > (IFNAMSIZ - 3))
+ goto failed;
+- }
+ strlcpy(name, ops->kind, IFNAMSIZ);
+ strncat(name, "%d", 2);
+ }
+--
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/4.16.2-013-ipv6-sit-better-validate-user-provided-tunnel-.patch
new/patches.kernel.org/4.16.2-013-ipv6-sit-better-validate-user-provided-tunnel-.patch
---
old/patches.kernel.org/4.16.2-013-ipv6-sit-better-validate-user-provided-tunnel-.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/4.16.2-013-ipv6-sit-better-validate-user-provided-tunnel-.patch
2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,78 @@
+From: Eric Dumazet <eduma...@google.com>
+Date: Thu, 5 Apr 2018 06:39:28 -0700
+Subject: [PATCH] ipv6: sit: better validate user provided tunnel names
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: b95211e066fc3494b7c115060b2297b4ba21f025
+
+[ Upstream commit b95211e066fc3494b7c115060b2297b4ba21f025 ]
+
+Use dev_valid_name() to make sure user does not provide illegal
+device name.
+
+syzbot caught the following bug :
+
+BUG: KASAN: stack-out-of-bounds in strlcpy include/linux/string.h:300 [inline]
+BUG: KASAN: stack-out-of-bounds in ipip6_tunnel_locate+0x63b/0xaa0
net/ipv6/sit.c:254
+Write of size 33 at addr ffff8801b64076d8 by task syzkaller932654/4453
+
+CPU: 0 PID: 4453 Comm: syzkaller932654 Not tainted 4.16.0+ #1
+Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google
01/01/2011
+Call Trace:
+ __dump_stack lib/dump_stack.c:17 [inline]
+ dump_stack+0x1b9/0x29f lib/dump_stack.c:53
+ print_address_description+0x6c/0x20b mm/kasan/report.c:256
+ kasan_report_error mm/kasan/report.c:354 [inline]
+ kasan_report.cold.7+0xac/0x2f5 mm/kasan/report.c:412
+ check_memory_region_inline mm/kasan/kasan.c:260 [inline]
+ check_memory_region+0x13e/0x1b0 mm/kasan/kasan.c:267
+ memcpy+0x37/0x50 mm/kasan/kasan.c:303
+ strlcpy include/linux/string.h:300 [inline]
+ ipip6_tunnel_locate+0x63b/0xaa0 net/ipv6/sit.c:254
+ ipip6_tunnel_ioctl+0xe71/0x241b net/ipv6/sit.c:1221
+ dev_ifsioc+0x43e/0xb90 net/core/dev_ioctl.c:334
+ dev_ioctl+0x69a/0xcc0 net/core/dev_ioctl.c:525
+ sock_ioctl+0x47e/0x680 net/socket.c:1015
+ vfs_ioctl fs/ioctl.c:46 [inline]
+ file_ioctl fs/ioctl.c:500 [inline]
+ do_vfs_ioctl+0x1cf/0x1650 fs/ioctl.c:684
+ ksys_ioctl+0xa9/0xd0 fs/ioctl.c:701
+ SYSC_ioctl fs/ioctl.c:708 [inline]
+ SyS_ioctl+0x24/0x30 fs/ioctl.c:706
+ do_syscall_64+0x29e/0x9d0 arch/x86/entry/common.c:287
+ entry_SYSCALL_64_after_hwframe+0x42/0xb7
+
+Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
+Signed-off-by: Eric Dumazet <eduma...@google.com>
+Reported-by: syzbot <syzkal...@googlegroups.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ net/ipv6/sit.c | 8 +++++---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/net/ipv6/sit.c b/net/ipv6/sit.c
+index 0195598f7bb5..e85791854c87 100644
+--- a/net/ipv6/sit.c
++++ b/net/ipv6/sit.c
+@@ -250,11 +250,13 @@ static struct ip_tunnel *ipip6_tunnel_locate(struct net
*net,
+ if (!create)
+ goto failed;
+
+- if (parms->name[0])
++ if (parms->name[0]) {
++ if (!dev_valid_name(parms->name))
++ goto failed;
+ strlcpy(name, parms->name, IFNAMSIZ);
+- else
++ } else {
+ strcpy(name, "sit%d");
+-
++ }
+ dev = alloc_netdev(sizeof(*t), name, NET_NAME_UNKNOWN,
+ ipip6_tunnel_setup);
+ if (!dev)
+--
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/4.16.2-014-ip6_gre-better-validate-user-provided-tunnel-n.patch
new/patches.kernel.org/4.16.2-014-ip6_gre-better-validate-user-provided-tunnel-n.patch
---
old/patches.kernel.org/4.16.2-014-ip6_gre-better-validate-user-provided-tunnel-n.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/4.16.2-014-ip6_gre-better-validate-user-provided-tunnel-n.patch
2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,78 @@
+From: Eric Dumazet <eduma...@google.com>
+Date: Thu, 5 Apr 2018 06:39:29 -0700
+Subject: [PATCH] ip6_gre: better validate user provided tunnel names
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: 5f42df013b8bc1b6511af7a04bf93b014884ae2a
+
+[ Upstream commit 5f42df013b8bc1b6511af7a04bf93b014884ae2a ]
+
+Use dev_valid_name() to make sure user does not provide illegal
+device name.
+
+syzbot caught the following bug :
+
+BUG: KASAN: stack-out-of-bounds in strlcpy include/linux/string.h:300 [inline]
+BUG: KASAN: stack-out-of-bounds in ip6gre_tunnel_locate+0x334/0x860
net/ipv6/ip6_gre.c:339
+Write of size 20 at addr ffff8801afb9f7b8 by task syzkaller851048/4466
+
+CPU: 1 PID: 4466 Comm: syzkaller851048 Not tainted 4.16.0+ #1
+Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google
01/01/2011
+Call Trace:
+ __dump_stack lib/dump_stack.c:17 [inline]
+ dump_stack+0x1b9/0x29f lib/dump_stack.c:53
+ print_address_description+0x6c/0x20b mm/kasan/report.c:256
+ kasan_report_error mm/kasan/report.c:354 [inline]
+ kasan_report.cold.7+0xac/0x2f5 mm/kasan/report.c:412
+ check_memory_region_inline mm/kasan/kasan.c:260 [inline]
+ check_memory_region+0x13e/0x1b0 mm/kasan/kasan.c:267
+ memcpy+0x37/0x50 mm/kasan/kasan.c:303
+ strlcpy include/linux/string.h:300 [inline]
+ ip6gre_tunnel_locate+0x334/0x860 net/ipv6/ip6_gre.c:339
+ ip6gre_tunnel_ioctl+0x69d/0x12e0 net/ipv6/ip6_gre.c:1195
+ dev_ifsioc+0x43e/0xb90 net/core/dev_ioctl.c:334
+ dev_ioctl+0x69a/0xcc0 net/core/dev_ioctl.c:525
+ sock_ioctl+0x47e/0x680 net/socket.c:1015
+ vfs_ioctl fs/ioctl.c:46 [inline]
+ file_ioctl fs/ioctl.c:500 [inline]
+ do_vfs_ioctl+0x1cf/0x1650 fs/ioctl.c:684
+ ksys_ioctl+0xa9/0xd0 fs/ioctl.c:701
+ SYSC_ioctl fs/ioctl.c:708 [inline]
+ SyS_ioctl+0x24/0x30 fs/ioctl.c:706
+ do_syscall_64+0x29e/0x9d0 arch/x86/entry/common.c:287
+ entry_SYSCALL_64_after_hwframe+0x42/0xb7
+
+Fixes: c12b395a4664 ("gre: Support GRE over IPv6")
+Signed-off-by: Eric Dumazet <eduma...@google.com>
+Reported-by: syzbot <syzkal...@googlegroups.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ net/ipv6/ip6_gre.c | 8 +++++---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/net/ipv6/ip6_gre.c b/net/ipv6/ip6_gre.c
+index 1bbd0930063e..197fcae855ca 100644
+--- a/net/ipv6/ip6_gre.c
++++ b/net/ipv6/ip6_gre.c
+@@ -335,11 +335,13 @@ static struct ip6_tnl *ip6gre_tunnel_locate(struct net
*net,
+ if (t || !create)
+ return t;
+
+- if (parms->name[0])
++ if (parms->name[0]) {
++ if (!dev_valid_name(parms->name))
++ return NULL;
+ strlcpy(name, parms->name, IFNAMSIZ);
+- else
++ } else {
+ strcpy(name, "ip6gre%d");
+-
++ }
+ dev = alloc_netdev(sizeof(*t), name, NET_NAME_UNKNOWN,
+ ip6gre_tunnel_setup);
+ if (!dev)
+--
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/4.16.2-015-ip6_tunnel-better-validate-user-provided-tunne.patch
new/patches.kernel.org/4.16.2-015-ip6_tunnel-better-validate-user-provided-tunne.patch
---
old/patches.kernel.org/4.16.2-015-ip6_tunnel-better-validate-user-provided-tunne.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/4.16.2-015-ip6_tunnel-better-validate-user-provided-tunne.patch
2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,49 @@
+From: Eric Dumazet <eduma...@google.com>
+Date: Thu, 5 Apr 2018 06:39:30 -0700
+Subject: [PATCH] ip6_tunnel: better validate user provided tunnel names
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: db7a65e3ab78e5b1c4b17c0870ebee35a4ee3257
+
+[ Upstream commit db7a65e3ab78e5b1c4b17c0870ebee35a4ee3257 ]
+
+Use valid_name() to make sure user does not provide illegal
+device name.
+
+Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
+Signed-off-by: Eric Dumazet <eduma...@google.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ net/ipv6/ip6_tunnel.c | 11 +++++++----
+ 1 file changed, 7 insertions(+), 4 deletions(-)
+
+diff --git a/net/ipv6/ip6_tunnel.c b/net/ipv6/ip6_tunnel.c
+index 6e0f21eed88a..179313b0926c 100644
+--- a/net/ipv6/ip6_tunnel.c
++++ b/net/ipv6/ip6_tunnel.c
+@@ -297,13 +297,16 @@ static struct ip6_tnl *ip6_tnl_create(struct net *net,
struct __ip6_tnl_parm *p)
+ struct net_device *dev;
+ struct ip6_tnl *t;
+ char name[IFNAMSIZ];
+- int err = -ENOMEM;
++ int err = -E2BIG;
+
+- if (p->name[0])
++ if (p->name[0]) {
++ if (!dev_valid_name(p->name))
++ goto failed;
+ strlcpy(name, p->name, IFNAMSIZ);
+- else
++ } else {
+ sprintf(name, "ip6tnl%%d");
+-
++ }
++ err = -ENOMEM;
+ dev = alloc_netdev(sizeof(*t), name, NET_NAME_UNKNOWN,
+ ip6_tnl_dev_setup);
+ if (!dev)
+--
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/4.16.2-016-vti6-better-validate-user-provided-tunnel-name.patch
new/patches.kernel.org/4.16.2-016-vti6-better-validate-user-provided-tunnel-name.patch
---
old/patches.kernel.org/4.16.2-016-vti6-better-validate-user-provided-tunnel-name.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/4.16.2-016-vti6-better-validate-user-provided-tunnel-name.patch
2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,45 @@
+From: Eric Dumazet <eduma...@google.com>
+Date: Thu, 5 Apr 2018 06:39:31 -0700
+Subject: [PATCH] vti6: better validate user provided tunnel names
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: 537b361fbcbcc3cd6fe2bb47069fd292b9256d16
+
+[ Upstream commit 537b361fbcbcc3cd6fe2bb47069fd292b9256d16 ]
+
+Use valid_name() to make sure user does not provide illegal
+device name.
+
+Fixes: ed1efb2aefbb ("ipv6: Add support for IPsec virtual tunnel interfaces")
+Signed-off-by: Eric Dumazet <eduma...@google.com>
+Cc: Steffen Klassert <steffen.klass...@secunet.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ net/ipv6/ip6_vti.c | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/net/ipv6/ip6_vti.c b/net/ipv6/ip6_vti.c
+index ce18cd20389d..3726dc797847 100644
+--- a/net/ipv6/ip6_vti.c
++++ b/net/ipv6/ip6_vti.c
+@@ -212,10 +212,13 @@ static struct ip6_tnl *vti6_tnl_create(struct net *net,
struct __ip6_tnl_parm *p
+ char name[IFNAMSIZ];
+ int err;
+
+- if (p->name[0])
++ if (p->name[0]) {
++ if (!dev_valid_name(p->name))
++ goto failed;
+ strlcpy(name, p->name, IFNAMSIZ);
+- else
++ } else {
+ sprintf(name, "ip6_vti%%d");
++ }
+
+ dev = alloc_netdev(sizeof(*t), name, NET_NAME_UNKNOWN, vti6_dev_setup);
+ if (!dev)
+--
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/4.16.2-017-net_sched-fix-a-missing-idr_remove-in-u32_dele.patch
new/patches.kernel.org/4.16.2-017-net_sched-fix-a-missing-idr_remove-in-u32_dele.patch
---
old/patches.kernel.org/4.16.2-017-net_sched-fix-a-missing-idr_remove-in-u32_dele.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/4.16.2-017-net_sched-fix-a-missing-idr_remove-in-u32_dele.patch
2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,38 @@
+From: Cong Wang <xiyou.wangc...@gmail.com>
+Date: Fri, 6 Apr 2018 17:19:41 -0700
+Subject: [PATCH] net_sched: fix a missing idr_remove() in u32_delete_key()
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: f12c643209db0626f2f54780d86bb93bfa7a9c2d
+
+[ Upstream commit f12c643209db0626f2f54780d86bb93bfa7a9c2d ]
+
+When we delete a u32 key via u32_delete_key(), we forget to
+call idr_remove() to remove its handle from IDR.
+
+Fixes: e7614370d6f0 ("net_sched: use idr to allocate u32 filter handles")
+Reported-by: Marcin Kabiesz <ad...@hostcenter.eu>
+Tested-by: Marcin Kabiesz <ad...@hostcenter.eu>
+Signed-off-by: Cong Wang <xiyou.wangc...@gmail.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ net/sched/cls_u32.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/net/sched/cls_u32.c b/net/sched/cls_u32.c
+index ed8b6a24b9e9..bac47b5d18fd 100644
+--- a/net/sched/cls_u32.c
++++ b/net/sched/cls_u32.c
+@@ -489,6 +489,7 @@ static int u32_delete_key(struct tcf_proto *tp, struct
tc_u_knode *key)
+ RCU_INIT_POINTER(*kp, key->next);
+
+ tcf_unbind_filter(tp, &key->res);
++ idr_remove(&ht->handle_idr, key->handle);
+ tcf_exts_get_net(&key->exts);
+ call_rcu(&key->rcu, u32_delete_key_freepf_rcu);
+ return 0;
+--
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.kernel.org/4.16.2-018-nfp-use-full-40-bits-of-the-NSP-buffer-address.patch
new/patches.kernel.org/4.16.2-018-nfp-use-full-40-bits-of-the-NSP-buffer-address.patch
---
old/patches.kernel.org/4.16.2-018-nfp-use-full-40-bits-of-the-NSP-buffer-address.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.kernel.org/4.16.2-018-nfp-use-full-40-bits-of-the-NSP-buffer-address.patch
2018-04-12 14:50:53.000000000 +0200
@@ -0,0 +1,67 @@
+From: Dirk van der Merwe <dirk.vanderme...@netronome.com>
+Date: Tue, 3 Apr 2018 17:24:23 -0700
+Subject: [PATCH] nfp: use full 40 bits of the NSP buffer address
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: 1489bbd10e16079ce30a53d3c22a431fd47af791
+
+[ Upstream commit 1489bbd10e16079ce30a53d3c22a431fd47af791 ]
+
+The NSP default buffer is a piece of NFP memory where additional
+command data can be placed. Its format has been copied from
+host buffer, but the PCIe selection bits do not make sense in
+this case. If those get masked out from a NFP address - writes
+to random place in the chip memory may be issued and crash the
+device.
+
+Even in the general NSP buffer case, it doesn't make sense to have the
+PCIe selection bits there anymore. These are unused at the moment, and
+when it becomes necessary, the PCIe selection bits should rather be
+moved to another register to utilise more bits for the buffer address.
+
+This has never been an issue because the buffer used to be
+allocated in memory with less-than-38-bit-long address but that
+is about to change.
+
+Fixes: 1a64821c6af7 ("nfp: add support for service processor access")
+Signed-off-by: Dirk van der Merwe <dirk.vanderme...@netronome.com>
+Reviewed-by: Jakub Kicinski <jakub.kicin...@netronome.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ drivers/net/ethernet/netronome/nfp/nfpcore/nfp_nsp.c | 9 +++++----
+ 1 file changed, 5 insertions(+), 4 deletions(-)
+
+diff --git a/drivers/net/ethernet/netronome/nfp/nfpcore/nfp_nsp.c
b/drivers/net/ethernet/netronome/nfp/nfpcore/nfp_nsp.c
+index 39abac678b71..99bb679a9801 100644
+--- a/drivers/net/ethernet/netronome/nfp/nfpcore/nfp_nsp.c
++++ b/drivers/net/ethernet/netronome/nfp/nfpcore/nfp_nsp.c
+@@ -71,10 +71,11 @@
+ /* CPP address to retrieve the data from */
+ #define NSP_BUFFER 0x10
+ #define NSP_BUFFER_CPP GENMASK_ULL(63, 40)
+-#define NSP_BUFFER_PCIE GENMASK_ULL(39, 38)
+-#define NSP_BUFFER_ADDRESS GENMASK_ULL(37, 0)
++#define NSP_BUFFER_ADDRESS GENMASK_ULL(39, 0)
+
+ #define NSP_DFLT_BUFFER 0x18
++#define NSP_DFLT_BUFFER_CPP GENMASK_ULL(63, 40)
++#define NSP_DFLT_BUFFER_ADDRESS GENMASK_ULL(39, 0)
+
+ #define NSP_DFLT_BUFFER_CONFIG 0x20
+ #define NSP_DFLT_BUFFER_SIZE_MB GENMASK_ULL(7, 0)
+@@ -427,8 +428,8 @@ __nfp_nsp_command_buf(struct nfp_nsp *nsp, u16 code, u32
option,
+ if (err < 0)
+ return err;
+
+- cpp_id = FIELD_GET(NSP_BUFFER_CPP, reg) << 8;
+- cpp_buf = FIELD_GET(NSP_BUFFER_ADDRESS, reg);
++ cpp_id = FIELD_GET(NSP_DFLT_BUFFER_CPP, reg) << 8;
++ cpp_buf = FIELD_GET(NSP_DFLT_BUFFER_ADDRESS, reg);
+
+ if (in_buf && in_size) {
+ err = nfp_cpp_write(cpp, cpp_id, cpp_buf, in_buf, in_size);
+--
+2.16.3
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/patches.kernel.org/4.16.2-019-Linux-4.16.2.patch
new/patches.kernel.org/4.16.2-019-Linux-4.16.2.patch
--- old/patches.kernel.org/4.16.2-019-Linux-4.16.2.patch 1970-01-01
01:00:00.000000000 +0100
+++ new/patches.kernel.org/4.16.2-019-Linux-4.16.2.patch 2018-04-12
14:50:53.000000000 +0200
@@ -0,0 +1,28 @@
+From: Greg Kroah-Hartman <gre...@linuxfoundation.org>
+Date: Thu, 12 Apr 2018 12:30:01 +0200
+Subject: [PATCH] Linux 4.16.2
+References: bnc#1012628
+Patch-mainline: 4.16.2
+Git-commit: 216f33936eaa006a8b4f5bb992592e34f6432fc2
+
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ Makefile | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/Makefile b/Makefile
+index 1773c718074e..f0040b05df30 100644
+--- a/Makefile
++++ b/Makefile
+@@ -1,7 +1,7 @@
+ # SPDX-License-Identifier: GPL-2.0
+ VERSION = 4
+ PATCHLEVEL = 16
+-SUBLEVEL = 1
++SUBLEVEL = 2
+ EXTRAVERSION =
+ NAME = Fearless Coyote
+
+--
+2.16.3
+
++++++ patches.suse.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/patches.suse/apparmor-check-all-net-profiles.patch
new/patches.suse/apparmor-check-all-net-profiles.patch
--- old/patches.suse/apparmor-check-all-net-profiles.patch 1970-01-01
01:00:00.000000000 +0100
+++ new/patches.suse/apparmor-check-all-net-profiles.patch 2018-04-12
12:43:52.000000000 +0200
@@ -0,0 +1,97 @@
+From: Goldwyn Rodrigues <rgold...@suse.com>
+Subject: [PATCH] Check all profiles attached to the label
+Patch-mainline: Never, depends on apparmor-basic-networking-rules
+References: bsc#1085996
+
+This one fixes patches.suse/0001-AppArmor-basic-networking-rules.patch
+
+While porting apparmor net patch to the newer kernel, I missed on
+iterating over the profiles attached to the labels and used
+labels_profile(). This missed checking the rest of the profiles attached
+to the label.
+
+While we are at it, use wrapper function begin_current_label_crit_section()
+as opposed to the __begin_current_label_crit_section().
+
+Signed-off-by: Goldwyn Rodrigues <rgold...@suse.com>
+
+diff --git a/security/apparmor/include/net.h b/security/apparmor/include/net.h
+index 6710a5369380..580232f20047 100644
+--- a/security/apparmor/include/net.h
++++ b/security/apparmor/include/net.h
+@@ -32,7 +32,7 @@ struct aa_net {
+
+ extern struct aa_sfs_entry aa_sfs_entry_network[];
+
+-int aa_net_perm(const char *op, struct aa_profile *profile, u16 family,
++int aa_label_net_perm(struct aa_label *label, const char *op, u16 family,
+ int type, int protocol, struct sock *sk);
+ int aa_revalidate_sk(const char *op, struct sock *sk);
+
+diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
+index e62b06241476..0007fb2eed29 100644
+--- a/security/apparmor/lsm.c
++++ b/security/apparmor/lsm.c
+@@ -745,11 +745,11 @@ static int apparmor_socket_create(int family, int type,
int protocol, int kern)
+ if (kern)
+ return 0;
+
+- label = __begin_current_label_crit_section();
++ label = begin_current_label_crit_section();
+ if (!unconfined(label))
+- error = aa_net_perm(OP_CREATE, labels_profile(label),
++ error = aa_label_net_perm(label, OP_CREATE,
+ family, type, protocol, NULL);
+- __end_current_label_crit_section(label);
++ end_current_label_crit_section(label);
+ return error;
+ }
+
+diff --git a/security/apparmor/net.c b/security/apparmor/net.c
+index 48e66a61b9c6..95d6e3b9c71d 100644
+--- a/security/apparmor/net.c
++++ b/security/apparmor/net.c
+@@ -114,7 +114,7 @@ static int audit_net(struct aa_profile *profile, const
char *op,
+ *
+ * Returns: %0 else error if permission denied
+ */
+-int aa_net_perm(const char *op, struct aa_profile *profile, u16 family,
++static int aa_net_perm(const char *op, struct aa_profile *profile, u16 family,
+ int type, int protocol, struct sock *sk)
+ {
+ u16 family_mask;
+@@ -137,6 +137,18 @@ int aa_net_perm(const char *op, struct aa_profile
*profile, u16 family,
+ return audit_net(profile, op, family, type, protocol, sk, error);
+ }
+
++int aa_label_net_perm(struct aa_label *label, const char *op, u16 family,
++ int type, int protocol, struct sock *sk)
++{
++ struct aa_profile *profile;
++
++ if (!unconfined(label))
++ return 0;
++
++ return fn_for_each_confined(label, profile,
++ aa_net_perm(op, profile, family, type, protocol, sk));
++}
++
+ /**
+ * aa_revalidate_sk - Revalidate access to a sock
+ * @op: operation being checked
+@@ -155,11 +167,10 @@ int aa_revalidate_sk(const char *op, struct sock *sk)
+ if (in_interrupt())
+ return 0;
+
+- label = __begin_current_label_crit_section();
+- if (!unconfined(label))
+- error = aa_net_perm(op, labels_profile(label), sk->sk_family,
+- sk->sk_type, sk->sk_protocol, sk);
+- __end_current_label_crit_section(label);
++ label = begin_current_label_crit_section();
++ error = aa_label_net_perm(label, op, sk->sk_family, sk->sk_type,
++ sk->sk_protocol, sk);
++ end_current_label_crit_section(label);
+
+ return error;
+ }
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.suse/media-v4l2-core-fix-size-of-devnode_nums-bitarray.patch
new/patches.suse/media-v4l2-core-fix-size-of-devnode_nums-bitarray.patch
--- old/patches.suse/media-v4l2-core-fix-size-of-devnode_nums-bitarray.patch
1970-01-01 01:00:00.000000000 +0100
+++ new/patches.suse/media-v4l2-core-fix-size-of-devnode_nums-bitarray.patch
2018-04-12 12:43:52.000000000 +0200
@@ -0,0 +1,261 @@
+From a95845ba184b854106972f5d8f50354c2d272c06 Mon Sep 17 00:00:00 2001
+From: Mauro Carvalho Chehab <mche...@s-opensource.com>
+Date: Thu, 5 Apr 2018 06:51:15 -0300
+Subject: [PATCH] media: v4l2-core: fix size of devnode_nums[] bitarray
+Mime-version: 1.0
+Content-type: text/plain; charset=UTF-8
+Content-transfer-encoding: 8bit
+Git-commit: a95845ba184b854106972f5d8f50354c2d272c06
+Git-repo: git://linuxtv.org/mchehab/media-next.git
+Patch-mainline: Queued in subsystem maintainer repo
+References: bsc#1088640
+
+The size of devnode_nums[] bit array is too short to store information
+for VFL_TYPE_TOUCH. That causes it to override other memory regions.
+
+Thankfully, on recent reports, it is overriding video_device[] array,
+trigging a WARN_ON(). Yet, it just warns about the problem, but let
+the code excecuting, with generates an OOPS:
+
+[ 43.177394] WARNING: CPU: 1 PID: 711 at
drivers/media/v4l2-core/v4l2-dev.c:945 __video_register_device+0xc99/0x1090
[videodev]
+[ 43.177396] Modules linked in: hid_sensor_custom hid_sensor_als
hid_sensor_incl_3d hid_sensor_rotation hid_sensor_magn_3d hid_sensor_accel_3d
hid_sensor_gyro_3d hid_sensor_trigger industrialio_triggered_buffer kfifo_buf
joydev hid_sensor_iio_common hid_rmi(+) rmi_core industrialio videobuf2_vmalloc
videobuf2_memops videobuf2_v4l2 videobuf2_common videodev hid_multitouch media
hid_sensor_hub binfmt_misc nls_iso8859_1 snd_hda_codec_hdmi arc4 snd_soc_skl
snd_soc_skl_ipc snd_hda_ext_core snd_soc_sst_dsp snd_soc_sst_ipc
snd_hda_codec_realtek snd_soc_acpi snd_hda_codec_generic snd_soc_core
snd_compress ac97_bus snd_pcm_dmaengine snd_hda_intel snd_hda_codec intel_rapl
snd_hda_core x86_pkg_temp_thermal snd_hwdep intel_powerclamp coretemp snd_pcm
kvm_intel snd_seq_midi snd_seq_midi_event snd_rawmidi crct10dif_pclmul
+[ 43.177426] crc32_pclmul ghash_clmulni_intel iwlmvm pcbc mac80211 snd_seq
aesni_intel iwlwifi aes_x86_64 snd_seq_device crypto_simd glue_helper cryptd
snd_timer intel_cstate intel_rapl_perf input_leds serio_raw
intel_wmi_thunderbolt snd wmi_bmof cfg80211 soundcore ideapad_laptop
sparse_keymap idma64 virt_dma tpm_crb acpi_pad int3400_thermal acpi_thermal_rel
intel_pch_thermal processor_thermal_device mac_hid int340x_thermal_zone mei_me
intel_soc_dts_iosf mei intel_lpss_pci shpchp intel_lpss sch_fq_codel vfio_pci
nfsd vfio_virqfd parport_pc ppdev auth_rpcgss nfs_acl lockd grace lp parport
sunrpc ip_tables x_tables autofs4 hid_logitech_hidpp hid_logitech_dj
hid_generic usbhid kvmgt vfio_mdev mdev vfio_iommu_type1 vfio kvm irqbypass
i915 i2c_algo_bit drm_kms_helper syscopyarea sdhci_pci sysfillrect
+[ 43.177466] sysimgblt cqhci fb_sys_fops sdhci drm i2c_hid wmi hid video
pinctrl_sunrisepoint pinctrl_intel
+[ 43.177474] CPU: 1 PID: 711 Comm: systemd-udevd Not tainted 4.16.0 #1
+[ 43.177475] Hardware name: LENOVO 80UE/VIUU4, BIOS 2UCN10T 10/14/2016
+[ 43.177481] RIP: 0010:__video_register_device+0xc99/0x1090 [videodev]
+[ 43.177482] RSP: 0000:ffffa5c5c231b420 EFLAGS: 00010202
+[ 43.177484] RAX: 0000000000000000 RBX: 0000000000000005 RCX:
0000000000000000
+[ 43.177485] RDX: ffffffffc0c44cc0 RSI: ffffffffffffffff RDI:
ffffffffc0c44cc0
+[ 43.177486] RBP: ffffa5c5c231b478 R08: ffffffffc0c96900 R09:
ffff8eda1a51f018
+[ 43.177487] R10: 0000000000000600 R11: 00000000000003b6 R12:
0000000000000000
+[ 43.177488] R13: 0000000000000005 R14: ffffffffc0c96900 R15:
ffff8eda1d6d91c0
+[ 43.177489] FS: 00007fd2d8ef2480(0000) GS:ffff8eda33480000(0000)
knlGS:0000000000000000
+[ 43.177490] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
+[ 43.177491] CR2: 00007ffe0a6ad01c CR3: 0000000456ae2004 CR4:
00000000003606e0
+[ 43.177492] Call Trace:
+[ 43.177498] ? devres_add+0x5f/0x70
+[ 43.177502] rmi_f54_probe+0x437/0x470 [rmi_core]
+[ 43.177505] rmi_function_probe+0x25/0x30 [rmi_core]
+[ 43.177507] driver_probe_device+0x310/0x480
+[ 43.177509] __device_attach_driver+0x86/0x100
+[ 43.177511] ? __driver_attach+0xf0/0xf0
+[ 43.177512] bus_for_each_drv+0x6b/0xb0
+[ 43.177514] __device_attach+0xdd/0x160
+[ 43.177516] device_initial_probe+0x13/0x20
+[ 43.177518] bus_probe_device+0x95/0xa0
+[ 43.177519] device_add+0x44b/0x680
+[ 43.177522] rmi_register_function+0x62/0xd0 [rmi_core]
+[ 43.177525] rmi_create_function+0x112/0x1a0 [rmi_core]
+[ 43.177527] ? rmi_driver_clear_irq_bits+0xc0/0xc0 [rmi_core]
+[ 43.177530] rmi_scan_pdt+0xca/0x1a0 [rmi_core]
+[ 43.177535] rmi_init_functions+0x5b/0x120 [rmi_core]
+[ 43.177537] rmi_driver_probe+0x152/0x3c0 [rmi_core]
+[ 43.177547] ? sysfs_create_link+0x25/0x40
+[ 43.177549] driver_probe_device+0x310/0x480
+[ 43.177551] __device_attach_driver+0x86/0x100
+[ 43.177553] ? __driver_attach+0xf0/0xf0
+[ 43.177554] bus_for_each_drv+0x6b/0xb0
+[ 43.177556] __device_attach+0xdd/0x160
+[ 43.177558] device_initial_probe+0x13/0x20
+[ 43.177560] bus_probe_device+0x95/0xa0
+[ 43.177561] device_add+0x44b/0x680
+[ 43.177564] rmi_register_transport_device+0x84/0x100 [rmi_core]
+[ 43.177568] rmi_input_configured+0xbf/0x1a0 [hid_rmi]
+[ 43.177571] ? input_allocate_device+0xdf/0xf0
+[ 43.177574] hidinput_connect+0x4a9/0x37a0 [hid]
+[ 43.177578] hid_connect+0x326/0x3d0 [hid]
+[ 43.177581] hid_hw_start+0x42/0x70 [hid]
+[ 43.177583] rmi_probe+0x115/0x510 [hid_rmi]
+[ 43.177586] hid_device_probe+0xd3/0x150 [hid]
+[ 43.177588] ? sysfs_create_link+0x25/0x40
+[ 43.177590] driver_probe_device+0x310/0x480
+[ 43.177592] __driver_attach+0xbf/0xf0
+[ 43.177593] ? driver_probe_device+0x480/0x480
+[ 43.177595] bus_for_each_dev+0x74/0xb0
+[ 43.177597] ? kmem_cache_alloc_trace+0x1a6/0x1c0
+[ 43.177599] driver_attach+0x1e/0x20
+[ 43.177600] bus_add_driver+0x167/0x260
+[ 43.177602] ? 0xffffffffc0cbc000
+[ 43.177604] driver_register+0x60/0xe0
+[ 43.177605] ? 0xffffffffc0cbc000
+[ 43.177607] __hid_register_driver+0x63/0x70 [hid]
+[ 43.177610] rmi_driver_init+0x23/0x1000 [hid_rmi]
+[ 43.177612] do_one_initcall+0x52/0x191
+[ 43.177615] ? _cond_resched+0x19/0x40
+[ 43.177617] ? kmem_cache_alloc_trace+0xa2/0x1c0
+[ 43.177619] ? do_init_module+0x27/0x209
+[ 43.177621] do_init_module+0x5f/0x209
+[ 43.177623] load_module+0x1987/0x1f10
+[ 43.177626] ? ima_post_read_file+0x96/0xa0
+[ 43.177629] SYSC_finit_module+0xfc/0x120
+[ 43.177630] ? SYSC_finit_module+0xfc/0x120
+[ 43.177632] SyS_finit_module+0xe/0x10
+[ 43.177634] do_syscall_64+0x73/0x130
+[ 43.177637] entry_SYSCALL_64_after_hwframe+0x3d/0xa2
+[ 43.177638] RIP: 0033:0x7fd2d880b839
+[ 43.177639] RSP: 002b:00007ffe0a6b2368 EFLAGS: 00000246 ORIG_RAX:
0000000000000139
+[ 43.177641] RAX: ffffffffffffffda RBX: 000055cdd86542e0 RCX:
00007fd2d880b839
+[ 43.177641] RDX: 0000000000000000 RSI: 00007fd2d84ea0e5 RDI:
0000000000000016
+[ 43.177642] RBP: 00007fd2d84ea0e5 R08: 0000000000000000 R09:
00007ffe0a6b2480
+[ 43.177643] R10: 0000000000000016 R11: 0000000000000246 R12:
0000000000000000
+[ 43.177644] R13: 000055cdd8688930 R14: 0000000000020000 R15:
000055cdd86542e0
+[ 43.177645] Code: 48 c7 c7 54 b4 c3 c0 e8 96 9d ec dd e9 d4 fb ff ff 0f 0b
41 be ea ff ff ff e9 c7 fb ff ff 0f 0b 41 be ea ff ff ff e9 ba fb ff ff <0f> 0b
e9 d8 f4 ff ff 83 fa 01 0f 84 c4 02 00 00 48 83 78 68 00
+[ 43.177675] ---[ end trace d44d9bc41477c2dd ]---
+[ 43.177679] BUG: unable to handle kernel NULL pointer dereference at
0000000000000499
+[ 43.177723] IP: __video_register_device+0x1cc/0x1090 [videodev]
+[ 43.177749] PGD 0 P4D 0
+[ 43.177764] Oops: 0000 [#1] SMP PTI
+[ 43.177780] Modules linked in: hid_sensor_custom hid_sensor_als
hid_sensor_incl_3d hid_sensor_rotation hid_sensor_magn_3d hid_sensor_accel_3d
hid_sensor_gyro_3d hid_sensor_trigger industrialio_triggered_buffer kfifo_buf
joydev hid_sensor_iio_common hid_rmi(+) rmi_core industrialio videobuf2_vmalloc
videobuf2_memops videobuf2_v4l2 videobuf2_common videodev hid_multitouch media
hid_sensor_hub binfmt_misc nls_iso8859_1 snd_hda_codec_hdmi arc4 snd_soc_skl
snd_soc_skl_ipc snd_hda_ext_core snd_soc_sst_dsp snd_soc_sst_ipc
snd_hda_codec_realtek snd_soc_acpi snd_hda_codec_generic snd_soc_core
snd_compress ac97_bus snd_pcm_dmaengine snd_hda_intel snd_hda_codec intel_rapl
snd_hda_core x86_pkg_temp_thermal snd_hwdep intel_powerclamp coretemp snd_pcm
kvm_intel snd_seq_midi snd_seq_midi_event snd_rawmidi crct10dif_pclmul
+[ 43.178055] crc32_pclmul ghash_clmulni_intel iwlmvm pcbc mac80211 snd_seq
aesni_intel iwlwifi aes_x86_64 snd_seq_device crypto_simd glue_helper cryptd
snd_timer intel_cstate intel_rapl_perf input_leds serio_raw
intel_wmi_thunderbolt snd wmi_bmof cfg80211 soundcore ideapad_laptop
sparse_keymap idma64 virt_dma tpm_crb acpi_pad int3400_thermal acpi_thermal_rel
intel_pch_thermal processor_thermal_device mac_hid int340x_thermal_zone mei_me
intel_soc_dts_iosf mei intel_lpss_pci shpchp intel_lpss sch_fq_codel vfio_pci
nfsd vfio_virqfd parport_pc ppdev auth_rpcgss nfs_acl lockd grace lp parport
sunrpc ip_tables x_tables autofs4 hid_logitech_hidpp hid_logitech_dj
hid_generic usbhid kvmgt vfio_mdev mdev vfio_iommu_type1 vfio kvm irqbypass
i915 i2c_algo_bit drm_kms_helper syscopyarea sdhci_pci sysfillrect
+[ 43.178337] sysimgblt cqhci fb_sys_fops sdhci drm i2c_hid wmi hid video
pinctrl_sunrisepoint pinctrl_intel
+[ 43.178380] CPU: 1 PID: 711 Comm: systemd-udevd Tainted: G W
4.16.0 #1
+[ 43.178411] Hardware name: LENOVO 80UE/VIUU4, BIOS 2UCN10T 10/14/2016
+[ 43.178441] RIP: 0010:__video_register_device+0x1cc/0x1090 [videodev]
+[ 43.178467] RSP: 0000:ffffa5c5c231b420 EFLAGS: 00010202
+[ 43.178490] RAX: ffffffffc0c44cc0 RBX: 0000000000000005 RCX:
ffffffffc0c454c0
+[ 43.178519] RDX: 0000000000000001 RSI: ffff8eda1d6d9118 RDI:
ffffffffc0c44cc0
+[ 43.178549] RBP: ffffa5c5c231b478 R08: ffffffffc0c96900 R09:
ffff8eda1a51f018
+[ 43.178579] R10: 0000000000000600 R11: 00000000000003b6 R12:
0000000000000000
+[ 43.178608] R13: 0000000000000005 R14: ffffffffc0c96900 R15:
ffff8eda1d6d91c0
+[ 43.178636] FS: 00007fd2d8ef2480(0000) GS:ffff8eda33480000(0000)
knlGS:0000000000000000
+[ 43.178669] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
+[ 43.178693] CR2: 0000000000000499 CR3: 0000000456ae2004 CR4:
00000000003606e0
+[ 43.178721] Call Trace:
+[ 43.178736] ? devres_add+0x5f/0x70
+[ 43.178755] rmi_f54_probe+0x437/0x470 [rmi_core]
+[ 43.178779] rmi_function_probe+0x25/0x30 [rmi_core]
+[ 43.178805] driver_probe_device+0x310/0x480
+[ 43.178828] __device_attach_driver+0x86/0x100
+[ 43.178851] ? __driver_attach+0xf0/0xf0
+[ 43.178884] bus_for_each_drv+0x6b/0xb0
+[ 43.178904] __device_attach+0xdd/0x160
+[ 43.178925] device_initial_probe+0x13/0x20
+[ 43.178948] bus_probe_device+0x95/0xa0
+[ 43.178968] device_add+0x44b/0x680
+[ 43.178987] rmi_register_function+0x62/0xd0 [rmi_core]
+[ 43.181747] rmi_create_function+0x112/0x1a0 [rmi_core]
+[ 43.184677] ? rmi_driver_clear_irq_bits+0xc0/0xc0 [rmi_core]
+[ 43.187505] rmi_scan_pdt+0xca/0x1a0 [rmi_core]
+[ 43.190171] rmi_init_functions+0x5b/0x120 [rmi_core]
+[ 43.192809] rmi_driver_probe+0x152/0x3c0 [rmi_core]
+[ 43.195403] ? sysfs_create_link+0x25/0x40
+[ 43.198253] driver_probe_device+0x310/0x480
+[ 43.201083] __device_attach_driver+0x86/0x100
+[ 43.203800] ? __driver_attach+0xf0/0xf0
+[ 43.206503] bus_for_each_drv+0x6b/0xb0
+[ 43.209291] __device_attach+0xdd/0x160
+[ 43.212207] device_initial_probe+0x13/0x20
+[ 43.215146] bus_probe_device+0x95/0xa0
+[ 43.217885] device_add+0x44b/0x680
+[ 43.220597] rmi_register_transport_device+0x84/0x100 [rmi_core]
+[ 43.223321] rmi_input_configured+0xbf/0x1a0 [hid_rmi]
+[ 43.226051] ? input_allocate_device+0xdf/0xf0
+[ 43.228814] hidinput_connect+0x4a9/0x37a0 [hid]
+[ 43.231701] hid_connect+0x326/0x3d0 [hid]
+[ 43.234548] hid_hw_start+0x42/0x70 [hid]
+[ 43.237302] rmi_probe+0x115/0x510 [hid_rmi]
+[ 43.239862] hid_device_probe+0xd3/0x150 [hid]
+[ 43.242558] ? sysfs_create_link+0x25/0x40
+[ 43.242828] audit: type=1400 audit(1522795151.600:4): apparmor="STATUS"
operation="profile_load" profile="unconfined"
name="/snap/core/4206/usr/lib/snapd/snap-confine" pid=1151
comm="apparmor_parser"
+[ 43.244859] driver_probe_device+0x310/0x480
+[ 43.244862] __driver_attach+0xbf/0xf0
+[ 43.246982] audit: type=1400 audit(1522795151.600:5): apparmor="STATUS"
operation="profile_load" profile="unconfined"
name="/snap/core/4206/usr/lib/snapd/snap-confine//mount-namespace-capture-helper"
pid=1151 comm="apparmor_parser"
+[ 43.249403] ? driver_probe_device+0x480/0x480
+[ 43.249405] bus_for_each_dev+0x74/0xb0
+[ 43.253200] audit: type=1400 audit(1522795151.600:6): apparmor="STATUS"
operation="profile_load" profile="unconfined"
name="/snap/core/4206/usr/lib/snapd/snap-confine//snap_update_ns" pid=1151
comm="apparmor_parser"
+[ 43.254055] ? kmem_cache_alloc_trace+0x1a6/0x1c0
+[ 43.256282] audit: type=1400 audit(1522795151.604:7): apparmor="STATUS"
operation="profile_load" profile="unconfined" name="/sbin/dhclient" pid=1152
comm="apparmor_parser"
+[ 43.258436] driver_attach+0x1e/0x20
+[ 43.260875] audit: type=1400 audit(1522795151.604:8): apparmor="STATUS"
operation="profile_load" profile="unconfined"
name="/usr/lib/NetworkManager/nm-dhcp-client.action" pid=1152
comm="apparmor_parser"
+[ 43.263118] bus_add_driver+0x167/0x260
+[ 43.267676] audit: type=1400 audit(1522795151.604:9): apparmor="STATUS"
operation="profile_load" profile="unconfined"
name="/usr/lib/NetworkManager/nm-dhcp-helper" pid=1152 comm="apparmor_parser"
+[ 43.268807] ? 0xffffffffc0cbc000
+[ 43.268812] driver_register+0x60/0xe0
+[ 43.271184] audit: type=1400 audit(1522795151.604:10): apparmor="STATUS"
operation="profile_load" profile="unconfined"
name="/usr/lib/connman/scripts/dhclient-script" pid=1152 comm="apparmor_parser"
+[ 43.274081] ? 0xffffffffc0cbc000
+[ 43.274086] __hid_register_driver+0x63/0x70 [hid]
+[ 43.288367] rmi_driver_init+0x23/0x1000 [hid_rmi]
+[ 43.291501] do_one_initcall+0x52/0x191
+[ 43.292348] audit: type=1400 audit(1522795151.652:11): apparmor="STATUS"
operation="profile_load" profile="unconfined" name="/usr/bin/man" pid=1242
comm="apparmor_parser"
+[ 43.294212] ? _cond_resched+0x19/0x40
+[ 43.300028] ? kmem_cache_alloc_trace+0xa2/0x1c0
+[ 43.303475] ? do_init_module+0x27/0x209
+[ 43.306842] do_init_module+0x5f/0x209
+[ 43.310269] load_module+0x1987/0x1f10
+[ 43.313704] ? ima_post_read_file+0x96/0xa0
+[ 43.317174] SYSC_finit_module+0xfc/0x120
+[ 43.320754] ? SYSC_finit_module+0xfc/0x120
+[ 43.324065] SyS_finit_module+0xe/0x10
+[ 43.327387] do_syscall_64+0x73/0x130
+[ 43.330909] entry_SYSCALL_64_after_hwframe+0x3d/0xa2
+[ 43.334305] RIP: 0033:0x7fd2d880b839
+[ 43.337810] RSP: 002b:00007ffe0a6b2368 EFLAGS: 00000246 ORIG_RAX:
0000000000000139
+[ 43.341259] RAX: ffffffffffffffda RBX: 000055cdd86542e0 RCX:
00007fd2d880b839
+[ 43.344613] RDX: 0000000000000000 RSI: 00007fd2d84ea0e5 RDI:
0000000000000016
+[ 43.347962] RBP: 00007fd2d84ea0e5 R08: 0000000000000000 R09:
00007ffe0a6b2480
+[ 43.351456] R10: 0000000000000016 R11: 0000000000000246 R12:
0000000000000000
+[ 43.354845] R13: 000055cdd8688930 R14: 0000000000020000 R15:
000055cdd86542e0
+[ 43.358224] Code: c7 05 ad 12 02 00 00 00 00 00 48 8d 88 00 08 00 00 eb 09
48 83 c0 08 48 39 c1 74 31 48 8b 10 48 85 d2 74 ef 49 8b b7 98 04 00 00 <48> 39
b2 98 04 00 00 75 df 48 63 92 f8 04 00 00 f0 48 0f ab 15
+[ 43.361764] RIP: __video_register_device+0x1cc/0x1090 [videodev] RSP:
ffffa5c5c231b420
+[ 43.365281] CR2: 0000000000000499
+
+This patch fixes the array size and changes the WARN_ON() to return an error,
+instead of letting the Kernel to proceed with registering.
+
+Cc: sta...@vger.kernel.org # For Kernel 4.16
+Fixes: 4839c58f034a ("media: v4l2-dev: convert VFL_TYPE_* into an enum")
+Reported-by: Peter Geis <pgwipe...@gmail.com>
+Reported-by: Jaak Ristioja <j...@ristioja.ee>
+Reported-by: MichaĆ Siemek <miha...@gmail.com>
+Reviewed-by: Hans Verkuil <hans.verk...@cisco.com>
+Reviewed-by: Sakari Ailus <sakari.ai...@linux.intel.com>
+Signed-off-by: Mauro Carvalho Chehab <mche...@s-opensource.com>
+Acked-by: Takashi Iwai <ti...@suse.de>
+
+---
+ drivers/media/v4l2-core/v4l2-dev.c | 8 ++++++--
+ include/media/v4l2-dev.h | 12 ++++++------
+ 2 files changed, 12 insertions(+), 8 deletions(-)
+
+--- a/drivers/media/v4l2-core/v4l2-dev.c
++++ b/drivers/media/v4l2-core/v4l2-dev.c
+@@ -939,10 +939,14 @@ int __video_register_device(struct video
+ #endif
+ vdev->minor = i + minor_offset;
+ vdev->num = nr;
+- devnode_set(vdev);
+
+ /* Should not happen since we thought this minor was free */
+- WARN_ON(video_device[vdev->minor] != NULL);
++ if (WARN_ON(video_device[vdev->minor])) {
++ mutex_unlock(&videodev_lock);
++ printk(KERN_ERR "video_device not empty!\n");
++ return -ENFILE;
++ }
++ devnode_set(vdev);
+ vdev->index = get_index(vdev);
+ video_device[vdev->minor] = vdev;
+ mutex_unlock(&videodev_lock);
+--- a/include/media/v4l2-dev.h
++++ b/include/media/v4l2-dev.h
+@@ -33,13 +33,13 @@
+ */
+ enum vfl_devnode_type {
+ VFL_TYPE_GRABBER = 0,
+- VFL_TYPE_VBI = 1,
+- VFL_TYPE_RADIO = 2,
+- VFL_TYPE_SUBDEV = 3,
+- VFL_TYPE_SDR = 4,
+- VFL_TYPE_TOUCH = 5,
++ VFL_TYPE_VBI,
++ VFL_TYPE_RADIO,
++ VFL_TYPE_SUBDEV,
++ VFL_TYPE_SDR,
++ VFL_TYPE_TOUCH,
++ VFL_TYPE_MAX /* Shall be the last one */
+ };
+-#define VFL_TYPE_MAX VFL_TYPE_TOUCH
+
+ /**
+ * enum vfl_direction - Identifies if a &struct video_device corresponds
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.suse/swiotlb-Fix-unexpected-swiotlb_alloc_coherent-failur.patch
new/patches.suse/swiotlb-Fix-unexpected-swiotlb_alloc_coherent-failur.patch
--- old/patches.suse/swiotlb-Fix-unexpected-swiotlb_alloc_coherent-failur.patch
1970-01-01 01:00:00.000000000 +0100
+++ new/patches.suse/swiotlb-Fix-unexpected-swiotlb_alloc_coherent-failur.patch
2018-04-12 12:43:52.000000000 +0200
@@ -0,0 +1,37 @@
+From: Takashi Iwai <ti...@suse.de>
+Subject: [PATCH] swiotlb: Fix unexpected swiotlb_alloc_coherent() failures
+Date: Tue, 10 Apr 2018 19:05:13 +0200
+Message-Id: <20180410170513.22834-1-ti...@suse.de>
+Patch-mainline: Submitted, iommu ML
+References: bsc#1088658, bsc#1088902
+
+The code refactoring by commit 0176adb00406 ("swiotlb: refactor
+coherent buffer allocation") made swiotlb_alloc_buffer() almost always
+failing due to a thinko: namely, the function evaluates the
+dma_coherent_ok() call incorrectly and dealing as if it's invalid.
+This ends up with weird errors like iwlwifi probe failure or amdgpu
+screen flickering.
+
+This patch corrects the logic error.
+
+Bugzilla: https://bugzilla.suse.com/show_bug.cgi?id=1088658
+Bugzilla: https://bugzilla.suse.com/show_bug.cgi?id=1088902
+Fixes: 0176adb00406 ("swiotlb: refactor coherent buffer allocation")
+Cc: <sta...@vger.kernel.org> # v4.16+
+Signed-off-by: Takashi Iwai <ti...@suse.de>
+
+---
+ lib/swiotlb.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/lib/swiotlb.c
++++ b/lib/swiotlb.c
+@@ -732,7 +732,7 @@ swiotlb_alloc_buffer(struct device *dev,
+ goto out_warn;
+
+ *dma_handle = swiotlb_phys_to_dma(dev, phys_addr);
+- if (dma_coherent_ok(dev, *dma_handle, size))
++ if (!dma_coherent_ok(dev, *dma_handle, size))
+ goto out_unmap;
+
+ memset(phys_to_virt(phys_addr), 0, size);
++++++ series.conf ++++++
--- /var/tmp/diff_new_pack.1MxGCr/_old 2018-04-16 12:45:11.557399244 +0200
+++ /var/tmp/diff_new_pack.1MxGCr/_new 2018-04-16 12:45:11.561399099 +0200
@@ -59,6 +59,25 @@
patches.kernel.org/4.16.1-030-Fix-slab-name-biovec-1-21-12.patch
patches.kernel.org/4.16.1-031-signal-Correct-the-offset-of-si_pkey-and-si_lo.patch
patches.kernel.org/4.16.1-032-Linux-4.16.1.patch
+
patches.kernel.org/4.16.2-001-sparc64-Oracle-DAX-driver-depends-on-SPARC64.patch
+
patches.kernel.org/4.16.2-002-arp-fix-arp_filter-on-l3slave-devices.patch
+
patches.kernel.org/4.16.2-003-net-dsa-Discard-frames-from-unused-ports.patch
+
patches.kernel.org/4.16.2-004-net-ipv6-Increment-OUTxxx-counters-after-netfi.patch
+
patches.kernel.org/4.16.2-005-net-sched-fix-NULL-dereference-in-the-error-pa.patch
+
patches.kernel.org/4.16.2-006-pptp-remove-a-buggy-dst-release-in-pptp_connec.patch
+
patches.kernel.org/4.16.2-007-sctp-do-not-leak-kernel-memory-to-user-space.patch
+
patches.kernel.org/4.16.2-008-sctp-sctp_sockaddr_af-must-check-minimal-addr-.patch
+
patches.kernel.org/4.16.2-009-sky2-Increase-D3-delay-to-sky2-stops-working-a.patch
+
patches.kernel.org/4.16.2-010-vlan-also-check-phy_driver-ts_info-for-vlan-s-.patch
+ patches.kernel.org/4.16.2-011-net-fool-proof-dev_valid_name.patch
+
patches.kernel.org/4.16.2-012-ip_tunnel-better-validate-user-provided-tunnel.patch
+
patches.kernel.org/4.16.2-013-ipv6-sit-better-validate-user-provided-tunnel-.patch
+
patches.kernel.org/4.16.2-014-ip6_gre-better-validate-user-provided-tunnel-n.patch
+
patches.kernel.org/4.16.2-015-ip6_tunnel-better-validate-user-provided-tunne.patch
+
patches.kernel.org/4.16.2-016-vti6-better-validate-user-provided-tunnel-name.patch
+
patches.kernel.org/4.16.2-017-net_sched-fix-a-missing-idr_remove-in-u32_dele.patch
+
patches.kernel.org/4.16.2-018-nfp-use-full-40-bits-of-the-NSP-buffer-address.patch
+ patches.kernel.org/4.16.2-019-Linux-4.16.2.patch
########################################################
# Build fixes that apply to the vanilla kernel too.
@@ -196,6 +215,8 @@
patches.suse/VFS-expedite-umount.patch
+ patches.suse/swiotlb-Fix-unexpected-swiotlb_alloc_coherent-failur.patch
+
########################################################
# IPC patches
########################################################
@@ -334,6 +355,7 @@
########################################################
# video4linux
########################################################
+ patches.suse/media-v4l2-core-fix-size-of-devnode_nums-bitarray.patch
########################################################
# Network
@@ -423,6 +445,7 @@
patches.suse/0001-AppArmor-basic-networking-rules.patch
patches.suse/0002-apparmor-update-apparmor-basic-networking-rules-for-.patch
patches.suse/0003-apparmor-Fix-quieting-of-audit-messages-for-network-.patch
+ patches.suse/apparmor-check-all-net-profiles.patch
########################################################
# Address space layout randomization
++++++ source-timestamp ++++++
--- /var/tmp/diff_new_pack.1MxGCr/_old 2018-04-16 12:45:11.589398080 +0200
+++ /var/tmp/diff_new_pack.1MxGCr/_new 2018-04-16 12:45:11.589398080 +0200
@@ -1,3 +1,3 @@
-2018-04-09 08:27:59 +0200
-GIT Revision: fc6541a4887903de7c2dceaf9e6a75023a494f13
+2018-04-12 14:54:16 +0200
+GIT Revision: 7b2d22b118d1ce275f762e1458e957a45ff84018
GIT Branch: stable
