Hello community,
here is the log from the commit of package kernel-source for openSUSE:Factory
checked in at 2016-02-17 10:23:15
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/kernel-source (Old)
and /work/SRC/openSUSE:Factory/.kernel-source.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "kernel-source"
Changes:
--------
--- /work/SRC/openSUSE:Factory/kernel-source/kernel-debug.changes
2016-02-01 19:55:22.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.kernel-source.new/kernel-debug.changes
2016-02-17 10:23:16.000000000 +0100
@@ -1,0 +2,72 @@
+Mon Feb 15 12:03:27 CET 2016 - ti...@suse.de
+
+- ALSA: usb-audio: avoid freeing umidi object twice
+ (CVE-2016-2384,bsc#966693).
+- commit 6398c2d
+
+-------------------------------------------------------------------
+Thu Feb 11 09:46:23 CET 2016 - jsl...@suse.cz
+
+- rpm/kernel-obs-build.spec.in: do not limit TasksMax
+ We run with build as PID 1 (boo#965564).
+- commit 39b708b
+
+-------------------------------------------------------------------
+Wed Feb 10 10:19:40 CET 2016 - mma...@suse.com
+
+- rpm/kernel-binary.spec.in: Adapt certificate handling for changes in v4.3
+- commit 589be33
+
+-------------------------------------------------------------------
+Tue Feb 2 17:31:39 CET 2016 - ti...@suse.de
+
+- Revert "xfs: clear PF_NOFREEZE for xfsaild kthread"
+ (boo#962250).
+- commit ddc5d70
+
+-------------------------------------------------------------------
+Mon Feb 1 23:16:05 CET 2016 - dmuel...@suse.com
+
+- Disable CMOS RTC
+ This Motorola compatible RTC doesn't exist on ARMv7, and triggers
+ an non-root triggerable immediate panic on the system when being
+ accessed, so we better don't include it.
+- commit 2b16688
+
+-------------------------------------------------------------------
+Mon Feb 1 16:44:17 CET 2016 - jsl...@suse.cz
+
+- drm/i915: Pin the ifbdev for the info->system_base GGTT mmapping
+ (bnc#962866).
+- drm/i915: Fix failure paths around initial fbdev allocation
+ (bnc#962866).
+- drm/i915: Fix double unref in intelfb_alloc failure path
+ (bnc#962866).
+- commit 283b562
+
+-------------------------------------------------------------------
+Mon Feb 1 09:26:44 CET 2016 - jsl...@suse.cz
+
+- Refresh
+ patches.fixes/0001-tty-Fix-unsafe-ldisc-reference-via-ioctl-TIOCGETD.patch.
+- Refresh
+ patches.fixes/0002-n_tty-Fix-unsafe-reference-to-other-ldisc.patch.
+ Upstream status.
+- commit ce7756a
+
+-------------------------------------------------------------------
+Mon Feb 1 09:15:22 CET 2016 - jsl...@suse.cz
+
+- Linux 4.4.1 (boo#960710 bnc#962075 CVE-2016-0728).
+- Delete
+ patches.drivers/ALSA-hda-Flush-the-pending-probe-work-at-remove.
+- Delete patches.fixes/keys-fix-leak.patch.
+- commit b969f5d
+
+-------------------------------------------------------------------
+Sun Jan 31 22:31:35 CET 2016 - ti...@suse.de
+
+- sd: Optimal I/O size is in bytes, not sectors (boo#961263).
+- commit 2198765
+
+-------------------------------------------------------------------
@@ -18,0 +91,15 @@
+
+-------------------------------------------------------------------
+Tue Jan 26 12:46:26 CET 2016 - jsl...@suse.cz
+
+- n_tty: Fix unsafe reference to "other" ldisc (bnc#961500
+ CVE-2016-0723).
+- tty: Fix unsafe ldisc reference via ioctl(TIOCGETD) (bnc#961500
+ CVE-2016-0723).
+- commit 4ca6fa4
+
+-------------------------------------------------------------------
+Tue Jan 26 10:39:45 CET 2016 - mma...@suse.com
+
+- rpm/kernel-spec-macros: Do not modify the release string in PTFs (bsc#963449)
+- commit dc2b096
kernel-default.changes: same change
kernel-docs.changes: same change
kernel-lpae.changes: same change
kernel-obs-build.changes: same change
kernel-obs-qa.changes: same change
kernel-pae.changes: same change
kernel-source.changes: same change
kernel-syms.changes: same change
kernel-vanilla.changes: same change
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ kernel-debug.spec ++++++
--- /var/tmp/diff_new_pack.zz1aLr/_old 2016-02-17 10:23:20.000000000 +0100
+++ /var/tmp/diff_new_pack.zz1aLr/_new 2016-02-17 10:23:20.000000000 +0100
@@ -20,7 +20,7 @@
# needssslcertforbuild
%define srcversion 4.4
-%define patchversion 4.4.0
+%define patchversion 4.4.1
%define variant %{nil}
%define vanilla_only 0
@@ -46,7 +46,7 @@
# Define some CONFIG variables as rpm macros as well. (rpm cannot handle
# defining them all at once.)
-%define config_vars CONFIG_MODULES CONFIG_MODULE_SIG CONFIG_KMSG_IDS
CONFIG_SPLIT_PACKAGE CONFIG_SUSE_KERNEL_SUPPORTED CONFIG_EFI_STUB
+%define config_vars CONFIG_MODULES CONFIG_MODULE_SIG CONFIG_MODULE_SIG_KEY
CONFIG_KMSG_IDS CONFIG_SPLIT_PACKAGE CONFIG_SUSE_KERNEL_SUPPORTED
CONFIG_EFI_STUB
%{expand:%(eval "$(test -n "%cpu_arch_flavor" && tar -xjf
%_sourcedir/config.tar.bz2 --to-stdout config/%cpu_arch_flavor)"; for config in
%config_vars; do echo "%%global $config ${!config:-n}"; done)}
%define split_base (%CONFIG_SPLIT_PACKAGE == "y")
%define split_extra (%CONFIG_SPLIT_PACKAGE == "y" &&
%CONFIG_SUSE_KERNEL_SUPPORTED == "y")
@@ -61,9 +61,9 @@
Summary: A Debug Version of the Kernel
License: GPL-2.0
Group: System/Kernel
-Version: 4.4.0
+Version: 4.4.1
%if 0%{?is_kotd}
-Release: <RELEASE>.g9f68b90
+Release: <RELEASE>.g6398c2d
%else
Release: 0
%endif
@@ -481,31 +481,27 @@
%_sourcedir/modversions --unpack . < $_
fi
-# copy optional module signing files:
-# *.x509, *.crt
-# - certificates with pubkeys used to verify module and firmware signatures
-# at runtime. *.crt files assumed to be in the PEM format.
-# signing_key.priv
-# - unencrypted private key used to sign modules and firmware during build
-# x509.genkey
-# - openssl req config to generate a new signing_key.{x509,priv} pair for the
-# build
-for f in %_sourcedir/*.x509 %_sourcedir/{signing_key.priv,x509.genkey}; do
- if test -e "$f"; then
- cp "$f" .
- fi
-done
+# copy module signing certificate(s)
+found_sigkey=false
for f in %_sourcedir/*.crt; do
if ! test -e "$f"; then
continue
fi
- out=${f##*/}
- out=${out%.crt}.x509
- openssl x509 -inform PEM -in "$f" -outform DER -out "$out"
+ if test "${f##*/}" = %CONFIG_MODULE_SIG_KEY; then
+ found_sigkey=true
+ cp "$f" .
+ else
+ cat "$f" >>keyring.crt
+ fi
done
-# Convince kernel/Makefile not to generate a new keypair
-touch x509.genkey
-touch signing_key.x509
+if ! $found_sigkey; then
+ echo "warning: %CONFIG_MODULE_SIG_KEY not found"
+ # Let certs/Makefile generate a keypair
+ ../scripts/config --set-str CONFIG_MODULE_SIG_KEY "certs/signing_key.pem"
+fi
+if test -s keyring.crt; then
+ ../scripts/config --set-str SYSTEM_TRUSTED_KEYS_FILENAME "keyring.crt"
+fi
MAKE_ARGS="$MAKE_ARGS %{?_smp_mflags}"
kernel-default.spec: same change
++++++ kernel-docs.spec ++++++
--- /var/tmp/diff_new_pack.zz1aLr/_old 2016-02-17 10:23:20.000000000 +0100
+++ /var/tmp/diff_new_pack.zz1aLr/_new 2016-02-17 10:23:20.000000000 +0100
@@ -16,7 +16,7 @@
#
-%define patchversion 4.4.0
+%define patchversion 4.4.1
%define variant %{nil}
%include %_sourcedir/kernel-spec-macros
@@ -27,9 +27,9 @@
Summary: Kernel Documentation (man pages)
License: GPL-2.0
Group: Documentation/Man
-Version: 4.4.0
+Version: 4.4.1
%if 0%{?is_kotd}
-Release: <RELEASE>.g9f68b90
+Release: <RELEASE>.g6398c2d
%else
Release: 0
%endif
++++++ kernel-lpae.spec ++++++
--- /var/tmp/diff_new_pack.zz1aLr/_old 2016-02-17 10:23:20.000000000 +0100
+++ /var/tmp/diff_new_pack.zz1aLr/_new 2016-02-17 10:23:20.000000000 +0100
@@ -20,7 +20,7 @@
# needssslcertforbuild
%define srcversion 4.4
-%define patchversion 4.4.0
+%define patchversion 4.4.1
%define variant %{nil}
%define vanilla_only 0
@@ -46,7 +46,7 @@
# Define some CONFIG variables as rpm macros as well. (rpm cannot handle
# defining them all at once.)
-%define config_vars CONFIG_MODULES CONFIG_MODULE_SIG CONFIG_KMSG_IDS
CONFIG_SPLIT_PACKAGE CONFIG_SUSE_KERNEL_SUPPORTED CONFIG_EFI_STUB
+%define config_vars CONFIG_MODULES CONFIG_MODULE_SIG CONFIG_MODULE_SIG_KEY
CONFIG_KMSG_IDS CONFIG_SPLIT_PACKAGE CONFIG_SUSE_KERNEL_SUPPORTED
CONFIG_EFI_STUB
%{expand:%(eval "$(test -n "%cpu_arch_flavor" && tar -xjf
%_sourcedir/config.tar.bz2 --to-stdout config/%cpu_arch_flavor)"; for config in
%config_vars; do echo "%%global $config ${!config:-n}"; done)}
%define split_base (%CONFIG_SPLIT_PACKAGE == "y")
%define split_extra (%CONFIG_SPLIT_PACKAGE == "y" &&
%CONFIG_SUSE_KERNEL_SUPPORTED == "y")
@@ -61,9 +61,9 @@
Summary: Kernel for LPAE enabled systems
License: GPL-2.0
Group: System/Kernel
-Version: 4.4.0
+Version: 4.4.1
%if 0%{?is_kotd}
-Release: <RELEASE>.g9f68b90
+Release: <RELEASE>.g6398c2d
%else
Release: 0
%endif
@@ -475,31 +475,27 @@
%_sourcedir/modversions --unpack . < $_
fi
-# copy optional module signing files:
-# *.x509, *.crt
-# - certificates with pubkeys used to verify module and firmware signatures
-# at runtime. *.crt files assumed to be in the PEM format.
-# signing_key.priv
-# - unencrypted private key used to sign modules and firmware during build
-# x509.genkey
-# - openssl req config to generate a new signing_key.{x509,priv} pair for the
-# build
-for f in %_sourcedir/*.x509 %_sourcedir/{signing_key.priv,x509.genkey}; do
- if test -e "$f"; then
- cp "$f" .
- fi
-done
+# copy module signing certificate(s)
+found_sigkey=false
for f in %_sourcedir/*.crt; do
if ! test -e "$f"; then
continue
fi
- out=${f##*/}
- out=${out%.crt}.x509
- openssl x509 -inform PEM -in "$f" -outform DER -out "$out"
+ if test "${f##*/}" = %CONFIG_MODULE_SIG_KEY; then
+ found_sigkey=true
+ cp "$f" .
+ else
+ cat "$f" >>keyring.crt
+ fi
done
-# Convince kernel/Makefile not to generate a new keypair
-touch x509.genkey
-touch signing_key.x509
+if ! $found_sigkey; then
+ echo "warning: %CONFIG_MODULE_SIG_KEY not found"
+ # Let certs/Makefile generate a keypair
+ ../scripts/config --set-str CONFIG_MODULE_SIG_KEY "certs/signing_key.pem"
+fi
+if test -s keyring.crt; then
+ ../scripts/config --set-str SYSTEM_TRUSTED_KEYS_FILENAME "keyring.crt"
+fi
MAKE_ARGS="$MAKE_ARGS %{?_smp_mflags}"
++++++ kernel-obs-build.spec ++++++
--- /var/tmp/diff_new_pack.zz1aLr/_old 2016-02-17 10:23:20.000000000 +0100
+++ /var/tmp/diff_new_pack.zz1aLr/_new 2016-02-17 10:23:20.000000000 +0100
@@ -19,7 +19,7 @@
#!BuildIgnore: post-build-checks
-%define patchversion 4.4.0
+%define patchversion 4.4.1
%define variant %{nil}
%include %_sourcedir/kernel-spec-macros
@@ -51,9 +51,9 @@
Summary: package kernel and initrd for OBS VM builds
License: GPL-2.0
Group: SLES
-Version: 4.4.0
+Version: 4.4.1
%if 0%{?is_kotd}
-Release: <RELEASE>.g9f68b90
+Release: <RELEASE>.g6398c2d
%else
Release: 0
%endif
@@ -96,6 +96,10 @@
modprobe binfmt_misc
EOF
chmod a+rx /usr/lib/dracut/modules.d/80obs/setup_obs.sh
+# Configure systemd in kernel-obs-build's initrd not to limit TasksMax,
+# we run with build as PID 1 (boo#965564)
+echo "DefaultTasksMax=infinity" >> /etc/systemd/system.conf
+echo "DefaultTasksAccounting=no" >> /etc/systemd/system.conf
# a longer list to have them also available for qemu cross builds where x86_64
kernel runs in eg. arm env.
# this list of modules where available on build workers of build.opensuse.org,
so we stay compatible.
++++++ kernel-obs-qa.spec ++++++
--- /var/tmp/diff_new_pack.zz1aLr/_old 2016-02-17 10:23:20.000000000 +0100
+++ /var/tmp/diff_new_pack.zz1aLr/_new 2016-02-17 10:23:20.000000000 +0100
@@ -17,7 +17,7 @@
# needsrootforbuild
-%define patchversion 4.4.0
+%define patchversion 4.4.1
%define variant %{nil}
%include %_sourcedir/kernel-spec-macros
@@ -36,9 +36,9 @@
Summary: Basic QA tests for the kernel
License: GPL-2.0
Group: SLES
-Version: 4.4.0
+Version: 4.4.1
%if 0%{?is_kotd}
-Release: <RELEASE>.g9f68b90
+Release: <RELEASE>.g6398c2d
%else
Release: 0
%endif
++++++ kernel-pae.spec ++++++
--- /var/tmp/diff_new_pack.zz1aLr/_old 2016-02-17 10:23:20.000000000 +0100
+++ /var/tmp/diff_new_pack.zz1aLr/_new 2016-02-17 10:23:20.000000000 +0100
@@ -20,7 +20,7 @@
# needssslcertforbuild
%define srcversion 4.4
-%define patchversion 4.4.0
+%define patchversion 4.4.1
%define variant %{nil}
%define vanilla_only 0
@@ -46,7 +46,7 @@
# Define some CONFIG variables as rpm macros as well. (rpm cannot handle
# defining them all at once.)
-%define config_vars CONFIG_MODULES CONFIG_MODULE_SIG CONFIG_KMSG_IDS
CONFIG_SPLIT_PACKAGE CONFIG_SUSE_KERNEL_SUPPORTED CONFIG_EFI_STUB
+%define config_vars CONFIG_MODULES CONFIG_MODULE_SIG CONFIG_MODULE_SIG_KEY
CONFIG_KMSG_IDS CONFIG_SPLIT_PACKAGE CONFIG_SUSE_KERNEL_SUPPORTED
CONFIG_EFI_STUB
%{expand:%(eval "$(test -n "%cpu_arch_flavor" && tar -xjf
%_sourcedir/config.tar.bz2 --to-stdout config/%cpu_arch_flavor)"; for config in
%config_vars; do echo "%%global $config ${!config:-n}"; done)}
%define split_base (%CONFIG_SPLIT_PACKAGE == "y")
%define split_extra (%CONFIG_SPLIT_PACKAGE == "y" &&
%CONFIG_SUSE_KERNEL_SUPPORTED == "y")
@@ -61,9 +61,9 @@
Summary: Kernel with PAE Support
License: GPL-2.0
Group: System/Kernel
-Version: 4.4.0
+Version: 4.4.1
%if 0%{?is_kotd}
-Release: <RELEASE>.g9f68b90
+Release: <RELEASE>.g6398c2d
%else
Release: 0
%endif
@@ -501,31 +501,27 @@
%_sourcedir/modversions --unpack . < $_
fi
-# copy optional module signing files:
-# *.x509, *.crt
-# - certificates with pubkeys used to verify module and firmware signatures
-# at runtime. *.crt files assumed to be in the PEM format.
-# signing_key.priv
-# - unencrypted private key used to sign modules and firmware during build
-# x509.genkey
-# - openssl req config to generate a new signing_key.{x509,priv} pair for the
-# build
-for f in %_sourcedir/*.x509 %_sourcedir/{signing_key.priv,x509.genkey}; do
- if test -e "$f"; then
- cp "$f" .
- fi
-done
+# copy module signing certificate(s)
+found_sigkey=false
for f in %_sourcedir/*.crt; do
if ! test -e "$f"; then
continue
fi
- out=${f##*/}
- out=${out%.crt}.x509
- openssl x509 -inform PEM -in "$f" -outform DER -out "$out"
+ if test "${f##*/}" = %CONFIG_MODULE_SIG_KEY; then
+ found_sigkey=true
+ cp "$f" .
+ else
+ cat "$f" >>keyring.crt
+ fi
done
-# Convince kernel/Makefile not to generate a new keypair
-touch x509.genkey
-touch signing_key.x509
+if ! $found_sigkey; then
+ echo "warning: %CONFIG_MODULE_SIG_KEY not found"
+ # Let certs/Makefile generate a keypair
+ ../scripts/config --set-str CONFIG_MODULE_SIG_KEY "certs/signing_key.pem"
+fi
+if test -s keyring.crt; then
+ ../scripts/config --set-str SYSTEM_TRUSTED_KEYS_FILENAME "keyring.crt"
+fi
MAKE_ARGS="$MAKE_ARGS %{?_smp_mflags}"
++++++ kernel-source.spec ++++++
--- /var/tmp/diff_new_pack.zz1aLr/_old 2016-02-17 10:23:21.000000000 +0100
+++ /var/tmp/diff_new_pack.zz1aLr/_new 2016-02-17 10:23:21.000000000 +0100
@@ -18,7 +18,7 @@
%define srcversion 4.4
-%define patchversion 4.4.0
+%define patchversion 4.4.1
%define variant %{nil}
%define vanilla_only 0
@@ -30,9 +30,9 @@
Summary: The Linux Kernel Sources
License: GPL-2.0
Group: Development/Sources
-Version: 4.4.0
+Version: 4.4.1
%if 0%{?is_kotd}
-Release: <RELEASE>.g9f68b90
+Release: <RELEASE>.g6398c2d
%else
Release: 0
%endif
++++++ kernel-syms.spec ++++++
--- /var/tmp/diff_new_pack.zz1aLr/_old 2016-02-17 10:23:21.000000000 +0100
+++ /var/tmp/diff_new_pack.zz1aLr/_new 2016-02-17 10:23:21.000000000 +0100
@@ -24,10 +24,10 @@
Summary: Kernel Symbol Versions (modversions)
License: GPL-2.0
Group: Development/Sources
-Version: 4.4.0
+Version: 4.4.1
%if %using_buildservice
%if 0%{?is_kotd}
-Release: <RELEASE>.g9f68b90
+Release: <RELEASE>.g6398c2d
%else
Release: 0
%endif
++++++ kernel-vanilla.spec ++++++
--- /var/tmp/diff_new_pack.zz1aLr/_old 2016-02-17 10:23:21.000000000 +0100
+++ /var/tmp/diff_new_pack.zz1aLr/_new 2016-02-17 10:23:21.000000000 +0100
@@ -20,7 +20,7 @@
# needssslcertforbuild
%define srcversion 4.4
-%define patchversion 4.4.0
+%define patchversion 4.4.1
%define variant %{nil}
%define vanilla_only 0
@@ -46,7 +46,7 @@
# Define some CONFIG variables as rpm macros as well. (rpm cannot handle
# defining them all at once.)
-%define config_vars CONFIG_MODULES CONFIG_MODULE_SIG CONFIG_KMSG_IDS
CONFIG_SPLIT_PACKAGE CONFIG_SUSE_KERNEL_SUPPORTED CONFIG_EFI_STUB
+%define config_vars CONFIG_MODULES CONFIG_MODULE_SIG CONFIG_MODULE_SIG_KEY
CONFIG_KMSG_IDS CONFIG_SPLIT_PACKAGE CONFIG_SUSE_KERNEL_SUPPORTED
CONFIG_EFI_STUB
%{expand:%(eval "$(test -n "%cpu_arch_flavor" && tar -xjf
%_sourcedir/config.tar.bz2 --to-stdout config/%cpu_arch_flavor)"; for config in
%config_vars; do echo "%%global $config ${!config:-n}"; done)}
%define split_base (%CONFIG_SPLIT_PACKAGE == "y")
%define split_extra (%CONFIG_SPLIT_PACKAGE == "y" &&
%CONFIG_SUSE_KERNEL_SUPPORTED == "y")
@@ -61,9 +61,9 @@
Summary: The Standard Kernel - without any SUSE patches
License: GPL-2.0
Group: System/Kernel
-Version: 4.4.0
+Version: 4.4.1
%if 0%{?is_kotd}
-Release: <RELEASE>.g9f68b90
+Release: <RELEASE>.g6398c2d
%else
Release: 0
%endif
@@ -474,31 +474,27 @@
%_sourcedir/modversions --unpack . < $_
fi
-# copy optional module signing files:
-# *.x509, *.crt
-# - certificates with pubkeys used to verify module and firmware signatures
-# at runtime. *.crt files assumed to be in the PEM format.
-# signing_key.priv
-# - unencrypted private key used to sign modules and firmware during build
-# x509.genkey
-# - openssl req config to generate a new signing_key.{x509,priv} pair for the
-# build
-for f in %_sourcedir/*.x509 %_sourcedir/{signing_key.priv,x509.genkey}; do
- if test -e "$f"; then
- cp "$f" .
- fi
-done
+# copy module signing certificate(s)
+found_sigkey=false
for f in %_sourcedir/*.crt; do
if ! test -e "$f"; then
continue
fi
- out=${f##*/}
- out=${out%.crt}.x509
- openssl x509 -inform PEM -in "$f" -outform DER -out "$out"
+ if test "${f##*/}" = %CONFIG_MODULE_SIG_KEY; then
+ found_sigkey=true
+ cp "$f" .
+ else
+ cat "$f" >>keyring.crt
+ fi
done
-# Convince kernel/Makefile not to generate a new keypair
-touch x509.genkey
-touch signing_key.x509
+if ! $found_sigkey; then
+ echo "warning: %CONFIG_MODULE_SIG_KEY not found"
+ # Let certs/Makefile generate a keypair
+ ../scripts/config --set-str CONFIG_MODULE_SIG_KEY "certs/signing_key.pem"
+fi
+if test -s keyring.crt; then
+ ../scripts/config --set-str SYSTEM_TRUSTED_KEYS_FILENAME "keyring.crt"
+fi
MAKE_ARGS="$MAKE_ARGS %{?_smp_mflags}"
++++++ config.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/armv7hl/default new/config/armv7hl/default
--- old/config/armv7hl/default 2016-01-27 18:30:19.000000000 +0100
+++ new/config/armv7hl/default 2016-02-04 18:43:46.000000000 +0100
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/arm 4.4.0 Kernel Configuration
+# Linux/arm 4.4.1 Kernel Configuration
#
CONFIG_ARM=y
CONFIG_ARM_HAS_SG_CHAIN=y
@@ -3618,7 +3618,6 @@
CONFIG_HW_RANDOM_TPM=m
CONFIG_HW_RANDOM_MSM=m
CONFIG_HW_RANDOM_ST=m
-CONFIG_NVRAM=y
CONFIG_R3964=m
# CONFIG_APPLICOM is not set
CONFIG_RAW_DRIVER=m
@@ -6628,7 +6627,7 @@
#
# Platform RTC drivers
#
-CONFIG_RTC_DRV_CMOS=y
+# CONFIG_RTC_DRV_CMOS is not set
# CONFIG_RTC_DRV_DS1286 is not set
# CONFIG_RTC_DRV_DS1511 is not set
# CONFIG_RTC_DRV_DS1553 is not set
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/armv7hl/lpae new/config/armv7hl/lpae
--- old/config/armv7hl/lpae 2016-01-27 18:30:19.000000000 +0100
+++ new/config/armv7hl/lpae 2016-02-04 18:43:46.000000000 +0100
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/arm 4.4.0 Kernel Configuration
+# Linux/arm 4.4.1 Kernel Configuration
#
CONFIG_ARM=y
CONFIG_ARM_HAS_SG_CHAIN=y
@@ -3486,7 +3486,6 @@
CONFIG_HW_RANDOM_EXYNOS=m
CONFIG_HW_RANDOM_TPM=m
CONFIG_HW_RANDOM_MSM=m
-CONFIG_NVRAM=y
CONFIG_R3964=m
# CONFIG_APPLICOM is not set
CONFIG_RAW_DRIVER=m
@@ -6300,7 +6299,7 @@
#
# Platform RTC drivers
#
-CONFIG_RTC_DRV_CMOS=y
+# CONFIG_RTC_DRV_CMOS is not set
# CONFIG_RTC_DRV_DS1286 is not set
# CONFIG_RTC_DRV_DS1511 is not set
# CONFIG_RTC_DRV_DS1553 is not set
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/config/armv7hl/vanilla new/config/armv7hl/vanilla
--- old/config/armv7hl/vanilla 2016-01-27 18:30:19.000000000 +0100
+++ new/config/armv7hl/vanilla 2016-02-04 18:43:46.000000000 +0100
@@ -3614,7 +3614,6 @@
CONFIG_HW_RANDOM_TPM=m
CONFIG_HW_RANDOM_MSM=m
CONFIG_HW_RANDOM_ST=m
-CONFIG_NVRAM=y
CONFIG_R3964=m
# CONFIG_APPLICOM is not set
CONFIG_RAW_DRIVER=m
@@ -6622,7 +6621,7 @@
#
# Platform RTC drivers
#
-CONFIG_RTC_DRV_CMOS=y
+# CONFIG_RTC_DRV_CMOS is not set
# CONFIG_RTC_DRV_DS1286 is not set
# CONFIG_RTC_DRV_DS1511 is not set
# CONFIG_RTC_DRV_DS1553 is not set
++++++ kernel-binary.spec.in ++++++
--- /var/tmp/diff_new_pack.zz1aLr/_old 2016-02-17 10:23:21.000000000 +0100
+++ /var/tmp/diff_new_pack.zz1aLr/_new 2016-02-17 10:23:21.000000000 +0100
@@ -46,7 +46,7 @@
# Define some CONFIG variables as rpm macros as well. (rpm cannot handle
# defining them all at once.)
-%define config_vars CONFIG_MODULES CONFIG_MODULE_SIG CONFIG_KMSG_IDS
CONFIG_SPLIT_PACKAGE CONFIG_SUSE_KERNEL_SUPPORTED CONFIG_EFI_STUB
+%define config_vars CONFIG_MODULES CONFIG_MODULE_SIG CONFIG_MODULE_SIG_KEY
CONFIG_KMSG_IDS CONFIG_SPLIT_PACKAGE CONFIG_SUSE_KERNEL_SUPPORTED
CONFIG_EFI_STUB
%{expand:%(eval "$(test -n "%cpu_arch_flavor" && tar -xjf
%_sourcedir/config.tar.bz2 --to-stdout config/%cpu_arch_flavor)"; for config in
%config_vars; do echo "%%global $config ${!config:-n}"; done)}
%define split_base (%CONFIG_SPLIT_PACKAGE == "y")
%define split_extra (%CONFIG_SPLIT_PACKAGE == "y" &&
%CONFIG_SUSE_KERNEL_SUPPORTED == "y")
@@ -350,31 +350,27 @@
%_sourcedir/modversions --unpack . < $_
fi
-# copy optional module signing files:
-# *.x509, *.crt
-# - certificates with pubkeys used to verify module and firmware signatures
-# at runtime. *.crt files assumed to be in the PEM format.
-# signing_key.priv
-# - unencrypted private key used to sign modules and firmware during build
-# x509.genkey
-# - openssl req config to generate a new signing_key.{x509,priv} pair for the
-# build
-for f in %_sourcedir/*.x509 %_sourcedir/{signing_key.priv,x509.genkey}; do
- if test -e "$f"; then
- cp "$f" .
- fi
-done
+# copy module signing certificate(s)
+found_sigkey=false
for f in %_sourcedir/*.crt; do
if ! test -e "$f"; then
continue
fi
- out=${f##*/}
- out=${out%.crt}.x509
- openssl x509 -inform PEM -in "$f" -outform DER -out "$out"
+ if test "${f##*/}" = %CONFIG_MODULE_SIG_KEY; then
+ found_sigkey=true
+ cp "$f" .
+ else
+ cat "$f" >>keyring.crt
+ fi
done
-# Convince kernel/Makefile not to generate a new keypair
-touch x509.genkey
-touch signing_key.x509
+if ! $found_sigkey; then
+ echo "warning: %CONFIG_MODULE_SIG_KEY not found"
+ # Let certs/Makefile generate a keypair
+ ../scripts/config --set-str CONFIG_MODULE_SIG_KEY "certs/signing_key.pem"
+fi
+if test -s keyring.crt; then
+ ../scripts/config --set-str SYSTEM_TRUSTED_KEYS_FILENAME "keyring.crt"
+fi
MAKE_ARGS="$MAKE_ARGS %{?_smp_mflags}"
++++++ kernel-obs-build.spec.in ++++++
--- /var/tmp/diff_new_pack.zz1aLr/_old 2016-02-17 10:23:21.000000000 +0100
+++ /var/tmp/diff_new_pack.zz1aLr/_new 2016-02-17 10:23:21.000000000 +0100
@@ -96,6 +96,10 @@
modprobe binfmt_misc
EOF
chmod a+rx /usr/lib/dracut/modules.d/80obs/setup_obs.sh
+# Configure systemd in kernel-obs-build's initrd not to limit TasksMax,
+# we run with build as PID 1 (boo#965564)
+echo "DefaultTasksMax=infinity" >> /etc/systemd/system.conf
+echo "DefaultTasksAccounting=no" >> /etc/systemd/system.conf
# a longer list to have them also available for qemu cross builds where x86_64
kernel runs in eg. arm env.
# this list of modules where available on build workers of build.opensuse.org,
so we stay compatible.
++++++ kernel-spec-macros ++++++
--- /var/tmp/diff_new_pack.zz1aLr/_old 2016-02-17 10:23:21.000000000 +0100
+++ /var/tmp/diff_new_pack.zz1aLr/_new 2016-02-17 10:23:21.000000000 +0100
@@ -10,9 +10,11 @@
# generated by the build service. If the release string has a non-digit
# suffix, we keep that suffix and strip the rightmost digit component.
# This is used in KOTD builds: 2.1.g1234567 -> 2.g1234567
+# In PTF projects, there is no rebuild counter, so we leave the release
+# string intact.
%define source_rel %release
%define obsolete_rebuilds() %nil
-%if %using_buildservice
+%if %using_buildservice && ! 0%{?is_ptf}
%define source_rel %(echo %release | sed -r
's/\\.[0-9]+($|\\.[^.]*[^.0-9][^.]*$)/\\1/')
# If the rebuild counter is > 1, obsolete all previous rebuilds (boo#867595)
%define obsolete_rebuilds() %( %{verbose:set -x} \
++++++ patches.drivers.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.drivers/ALSA-hda-Flush-the-pending-probe-work-at-remove
new/patches.drivers/ALSA-hda-Flush-the-pending-probe-work-at-remove
--- old/patches.drivers/ALSA-hda-Flush-the-pending-probe-work-at-remove
2016-01-20 17:43:09.000000000 +0100
+++ new/patches.drivers/ALSA-hda-Flush-the-pending-probe-work-at-remove
1970-01-01 01:00:00.000000000 +0100
@@ -1,46 +0,0 @@
-From 991f86d7ae4e1f8c15806e62f97af519e3cdd860 Mon Sep 17 00:00:00 2001
-From: Takashi Iwai <ti...@suse.de>
-Date: Wed, 20 Jan 2016 17:19:02 +0100
-Subject: [PATCH] ALSA: hda - Flush the pending probe work at remove
-Patch-mainline: Queued in subsystem maintainer repository
-Git-commit: 991f86d7ae4e1f8c15806e62f97af519e3cdd860
-Git-repo: git://git.kernel.org/pub/scm/linux/kernel/git/tiwai/sound.git
-References: boo#960710
-
-As HD-audio driver does deferred probe internally via workqueue, the
-driver might go into the mixed state doing both probe and remove when
-the module gets unloaded during the probe work. This eventually
-triggers an Oops, unsurprisingly.
-
-For avoiding this race, we just need to flush the pending probe work
-explicitly before actually starting the resource release.
-
-Bugzilla: https://bugzilla.opensuse.org/show_bug.cgi?id=960710
-Cc: <sta...@vger.kernel.org> # v3.17+
-Signed-off-by: Takashi Iwai <ti...@suse.de>
-
----
- sound/pci/hda/hda_intel.c | 10 +++++++++-
- 1 file changed, 9 insertions(+), 1 deletion(-)
-
---- a/sound/pci/hda/hda_intel.c
-+++ b/sound/pci/hda/hda_intel.c
-@@ -2126,9 +2126,17 @@ i915_power_fail:
- static void azx_remove(struct pci_dev *pci)
- {
- struct snd_card *card = pci_get_drvdata(pci);
-+ struct azx *chip;
-+ struct hda_intel *hda;
-+
-+ if (card) {
-+ /* flush the pending probing work */
-+ chip = card->private_data;
-+ hda = container_of(chip, struct hda_intel, chip);
-+ flush_work(&hda->probe_work);
-
-- if (card)
- snd_card_free(card);
-+ }
- }
-
- static void azx_shutdown(struct pci_dev *pci)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.drivers/ALSA-usb-audio-avoid-freeing-umidi-object-twice
new/patches.drivers/ALSA-usb-audio-avoid-freeing-umidi-object-twice
--- old/patches.drivers/ALSA-usb-audio-avoid-freeing-umidi-object-twice
1970-01-01 01:00:00.000000000 +0100
+++ new/patches.drivers/ALSA-usb-audio-avoid-freeing-umidi-object-twice
2016-02-15 12:03:27.000000000 +0100
@@ -0,0 +1,33 @@
+From 07d86ca93db7e5cdf4743564d98292042ec21af7 Mon Sep 17 00:00:00 2001
+From: Andrey Konovalov <andreyk...@gmail.com>
+Date: Sat, 13 Feb 2016 11:08:06 +0300
+Subject: [PATCH] ALSA: usb-audio: avoid freeing umidi object twice
+Git-commit: 07d86ca93db7e5cdf4743564d98292042ec21af7
+Patch-mainline: 4.5-rc4
+References: CVE-2016-2384,bsc#966693
+
+The 'umidi' object will be free'd on the error path by snd_usbmidi_free()
+when tearing down the rawmidi interface. So we shouldn't try to free it
+in snd_usbmidi_create() after having registered the rawmidi interface.
+
+Found by KASAN.
+
+Signed-off-by: Andrey Konovalov <andreyk...@gmail.com>
+Acked-by: Clemens Ladisch <clem...@ladisch.de>
+Cc: <sta...@vger.kernel.org>
+Signed-off-by: Takashi Iwai <ti...@suse.de>
+
+---
+ sound/usb/midi.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+--- a/sound/usb/midi.c
++++ b/sound/usb/midi.c
+@@ -2454,7 +2454,6 @@ int snd_usbmidi_create(struct snd_card *
+ else
+ err = snd_usbmidi_create_endpoints(umidi, endpoints);
+ if (err < 0) {
+- snd_usbmidi_free(umidi);
+ return err;
+ }
+
++++++ patches.fixes.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.fixes/0001-drm-i915-Fix-double-unref-in-intelfb_alloc-failure-p.patch
new/patches.fixes/0001-drm-i915-Fix-double-unref-in-intelfb_alloc-failure-p.patch
---
old/patches.fixes/0001-drm-i915-Fix-double-unref-in-intelfb_alloc-failure-p.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.fixes/0001-drm-i915-Fix-double-unref-in-intelfb_alloc-failure-p.patch
2016-02-02 17:31:39.000000000 +0100
@@ -0,0 +1,51 @@
+From: Lukas Wunner <lu...@wunner.de>
+Date: Thu, 22 Oct 2015 13:37:18 +0200
+Subject: drm/i915: Fix double unref in intelfb_alloc failure path
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+Git-commit: ca40ba855c9e3f19f2715fd8a1ced5128359d3d9
+Patch-mainline: v4.5-rc1
+References: bnc#962866
+
+In intelfb_alloc(), if the call to intel_pin_and_fence_fb_obj() fails,
+the bo is unrefed twice: By drm_framebuffer_remove() and once more by
+drm_gem_object_unreference(). Fix it.
+
+Reported-by: Ville Syrjälä <ville.syrj...@linux.intel.com>
+Signed-off-by: Lukas Wunner <lu...@wunner.de>
+Reviewed-by: Daniel Vetter <daniel.vet...@ffwll.ch>
+Link:
http://patchwork.freedesktop.org/patch/msgid/cd7b33330621a350b0159ec5e098297b139cfaf7.1446892879.git.lu...@wunner.de
+Signed-off-by: Jani Nikula <jani.nik...@intel.com>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ drivers/gpu/drm/i915/intel_fbdev.c | 5 ++---
+ 1 file changed, 2 insertions(+), 3 deletions(-)
+
+diff --git a/drivers/gpu/drm/i915/intel_fbdev.c
b/drivers/gpu/drm/i915/intel_fbdev.c
+index 4fd5fdfef6bd..ec82b51dde3d 100644
+--- a/drivers/gpu/drm/i915/intel_fbdev.c
++++ b/drivers/gpu/drm/i915/intel_fbdev.c
+@@ -156,8 +156,9 @@ static int intelfb_alloc(struct drm_fb_helper *helper,
+
+ fb = __intel_framebuffer_create(dev, &mode_cmd, obj);
+ if (IS_ERR(fb)) {
++ drm_gem_object_unreference(&obj->base);
+ ret = PTR_ERR(fb);
+- goto out_unref;
++ goto out;
+ }
+
+ /* Flush everything out, we'll be doing GTT only from now on */
+@@ -173,8 +174,6 @@ static int intelfb_alloc(struct drm_fb_helper *helper,
+
+ out_fb:
+ drm_framebuffer_remove(fb);
+-out_unref:
+- drm_gem_object_unreference(&obj->base);
+ out:
+ return ret;
+ }
+--
+2.7.0
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.fixes/0001-tty-Fix-unsafe-ldisc-reference-via-ioctl-TIOCGETD.patch
new/patches.fixes/0001-tty-Fix-unsafe-ldisc-reference-via-ioctl-TIOCGETD.patch
---
old/patches.fixes/0001-tty-Fix-unsafe-ldisc-reference-via-ioctl-TIOCGETD.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.fixes/0001-tty-Fix-unsafe-ldisc-reference-via-ioctl-TIOCGETD.patch
2016-02-02 17:31:39.000000000 +0100
@@ -0,0 +1,66 @@
+From: Peter Hurley <pe...@hurleysoftware.com>
+Date: Sun, 10 Jan 2016 22:40:55 -0800
+Subject: tty: Fix unsafe ldisc reference via ioctl(TIOCGETD)
+Patch-mainline: v4.5-rc2
+Git-commit: 5c17c861a357e9458001f021a7afa7aab9937439
+References: bnc#961500 CVE-2016-0723
+
+ioctl(TIOCGETD) retrieves the line discipline id directly from the
+ldisc because the line discipline id (c_line) in termios is untrustworthy;
+userspace may have set termios via ioctl(TCSETS*) without actually
+changing the line discipline via ioctl(TIOCSETD).
+
+However, directly accessing the current ldisc via tty->ldisc is
+unsafe; the ldisc ptr dereferenced may be stale if the line discipline
+is changing via ioctl(TIOCSETD) or hangup.
+
+Wait for the line discipline reference (just like read() or write())
+to retrieve the "current" line discipline id.
+
+Cc: <sta...@vger.kernel.org>
+Signed-off-by: Peter Hurley <pe...@hurleysoftware.com>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ drivers/tty/tty_io.c | 24 +++++++++++++++++++++++-
+ 1 file changed, 23 insertions(+), 1 deletion(-)
+
+--- a/drivers/tty/tty_io.c
++++ b/drivers/tty/tty_io.c
+@@ -2653,6 +2653,28 @@ static int tiocsetd(struct tty_struct *t
+ }
+
+ /**
++ * tiocgetd - get line discipline
++ * @tty: tty device
++ * @p: pointer to user data
++ *
++ * Retrieves the line discipline id directly from the ldisc.
++ *
++ * Locking: waits for ldisc reference (in case the line discipline
++ * is changing or the tty is being hungup)
++ */
++
++static int tiocgetd(struct tty_struct *tty, int __user *p)
++{
++ struct tty_ldisc *ld;
++ int ret;
++
++ ld = tty_ldisc_ref_wait(tty);
++ ret = put_user(ld->ops->num, p);
++ tty_ldisc_deref(ld);
++ return ret;
++}
++
++/**
+ * send_break - performed time break
+ * @tty: device to break on
+ * @duration: timeout in mS
+@@ -2878,7 +2900,7 @@ long tty_ioctl(struct file *file, unsign
+ case TIOCGSID:
+ return tiocgsid(tty, real_tty, p);
+ case TIOCGETD:
+- return put_user(tty->ldisc->ops->num, (int __user *)p);
++ return tiocgetd(tty, p);
+ case TIOCSETD:
+ return tiocsetd(tty, p);
+ case TIOCVHANGUP:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.fixes/0002-drm-i915-Fix-failure-paths-around-initial-fbdev-allo.patch
new/patches.fixes/0002-drm-i915-Fix-failure-paths-around-initial-fbdev-allo.patch
---
old/patches.fixes/0002-drm-i915-Fix-failure-paths-around-initial-fbdev-allo.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.fixes/0002-drm-i915-Fix-failure-paths-around-initial-fbdev-allo.patch
2016-02-02 17:31:39.000000000 +0100
@@ -0,0 +1,149 @@
+From: Tvrtko Ursulin <tvrtko.ursu...@intel.com>
+Date: Tue, 30 Jun 2015 10:06:27 +0100
+Subject: drm/i915: Fix failure paths around initial fbdev allocation
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+Git-commit: 51f1385b90c1ad30896bd62b1ff97aa4edb1a163
+Patch-mainline: v4.5-rc1
+References: bnc#962866
+
+We had two failure modes here:
+
+1.
+Deadlock in intelfb_alloc failure path where it calls
+drm_framebuffer_remove, which grabs the struct mutex and intelfb_create
+(caller of intelfb_alloc) was already holding it.
+
+2.
+Deadlock in intelfb_create failure path where it calls
+drm_framebuffer_unreference, which grabs the struct mutex and
+intelfb_create was already holding it.
+
+[Daniel Vetter on why struct_mutex needs to be locked in the second half
+of intelfb_create: "The vma [for the fbdev] is pinned, the problem is
+that we re-lookup it a few times, which is racy. We should instead track
+the vma directly, but oh well we don't."]
+
+v2:
+ * Reformat commit msg to 72 chars. (Lukas Wunner)
+ * Add third failure mode. (Lukas Wunner)
+
+v5:
+ * Rebase on drm-intel-nightly 2015y-09m-01d-09h-06m-08s UTC,
+ rephrase commit message. (Jani Nicula)
+
+v6:
+ * In intelfb_alloc, if __intel_framebuffer_create failed,
+ fb will be an ERR_PTR, thus not null. So in the failure
+ path we need to check for IS_ERR_OR_NULL to avoid calling
+ drm_framebuffer_remove on the ERR_PTR. (Lukas Wunner)
+ * Since this is init code a drm_framebuffer_unreference should
+ be all we need. drm_framebuffer_remove is for framebuffers
+ that userspace has created - and is getting somewhat
+ defeatured. (Daniel Vetter)
+
+v7:
+ * Clarify why struct_mutex needs to be locked in the second half
+ of intelfb_create. (Daniel Vetter)
+
+Fixes: 60a5ca015ffd ("drm/i915: Add locking around
+ framebuffer_references--")
+Reported-by: Lukas Wunner <lu...@wunner.de>
+Signed-off-by: Tvrtko Ursulin <tvrtko.ursu...@intel.com>
+[Lukas: Create v3 + v4 + v5 + v6 + v7 based on Tvrtko's v2]
+Signed-off-by: Lukas Wunner <lu...@wunner.de>
+Cc: Chris Wilson <ch...@chris-wilson.co.uk>
+Cc: Ville Syrjälä <ville.syrj...@linux.intel.com>
+Reviewed-by: Daniel Vetter <daniel.vet...@ffwll.ch>
+Link:
http://patchwork.freedesktop.org/patch/msgid/47d4e88c91b3bf0f7a280cabec54c8c8cf0cf6f2.1446892879.git.lu...@wunner.de
+Signed-off-by: Jani Nikula <jani.nik...@intel.com>
+
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ drivers/gpu/drm/i915/intel_fbdev.c | 20 ++++++++++++--------
+ 1 file changed, 12 insertions(+), 8 deletions(-)
+
+diff --git a/drivers/gpu/drm/i915/intel_fbdev.c
b/drivers/gpu/drm/i915/intel_fbdev.c
+index ec82b51dde3d..12597b532e0e 100644
+--- a/drivers/gpu/drm/i915/intel_fbdev.c
++++ b/drivers/gpu/drm/i915/intel_fbdev.c
+@@ -119,7 +119,7 @@ static int intelfb_alloc(struct drm_fb_helper *helper,
+ {
+ struct intel_fbdev *ifbdev =
+ container_of(helper, struct intel_fbdev, helper);
+- struct drm_framebuffer *fb;
++ struct drm_framebuffer *fb = NULL;
+ struct drm_device *dev = helper->dev;
+ struct drm_i915_private *dev_priv = to_i915(dev);
+ struct drm_mode_fb_cmd2 mode_cmd = {};
+@@ -138,6 +138,8 @@ static int intelfb_alloc(struct drm_fb_helper *helper,
+ mode_cmd.pixel_format = drm_mode_legacy_fb_format(sizes->surface_bpp,
+ sizes->surface_depth);
+
++ mutex_lock(&dev->struct_mutex);
++
+ size = mode_cmd.pitches[0] * mode_cmd.height;
+ size = PAGE_ALIGN(size);
+
+@@ -165,16 +167,19 @@ static int intelfb_alloc(struct drm_fb_helper *helper,
+ ret = intel_pin_and_fence_fb_obj(NULL, fb, NULL, NULL, NULL);
+ if (ret) {
+ DRM_ERROR("failed to pin obj: %d\n", ret);
+- goto out_fb;
++ goto out;
+ }
+
++ mutex_unlock(&dev->struct_mutex);
++
+ ifbdev->fb = to_intel_framebuffer(fb);
+
+ return 0;
+
+-out_fb:
+- drm_framebuffer_remove(fb);
+ out:
++ mutex_unlock(&dev->struct_mutex);
++ if (!IS_ERR_OR_NULL(fb))
++ drm_framebuffer_unreference(fb);
+ return ret;
+ }
+
+@@ -192,8 +197,6 @@ static int intelfb_create(struct drm_fb_helper *helper,
+ int size, ret;
+ bool prealloc = false;
+
+- mutex_lock(&dev->struct_mutex);
+-
+ if (intel_fb &&
+ (sizes->fb_width > intel_fb->base.width ||
+ sizes->fb_height > intel_fb->base.height)) {
+@@ -208,7 +211,7 @@ static int intelfb_create(struct drm_fb_helper *helper,
+ DRM_DEBUG_KMS("no BIOS fb, allocating a new one\n");
+ ret = intelfb_alloc(helper, sizes);
+ if (ret)
+- goto out_unlock;
++ return ret;
+ intel_fb = ifbdev->fb;
+ } else {
+ DRM_DEBUG_KMS("re-using BIOS fb\n");
+@@ -220,6 +223,8 @@ static int intelfb_create(struct drm_fb_helper *helper,
+ obj = intel_fb->obj;
+ size = obj->base.size;
+
++ mutex_lock(&dev->struct_mutex);
++
+ info = drm_fb_helper_alloc_fbi(helper);
+ if (IS_ERR(info)) {
+ ret = PTR_ERR(info);
+@@ -281,7 +286,6 @@ out_destroy_fbi:
+ out_unpin:
+ i915_gem_object_ggtt_unpin(obj);
+ drm_gem_object_unreference(&obj->base);
+-out_unlock:
+ mutex_unlock(&dev->struct_mutex);
+ return ret;
+ }
+--
+2.7.0
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.fixes/0002-n_tty-Fix-unsafe-reference-to-other-ldisc.patch
new/patches.fixes/0002-n_tty-Fix-unsafe-reference-to-other-ldisc.patch
--- old/patches.fixes/0002-n_tty-Fix-unsafe-reference-to-other-ldisc.patch
1970-01-01 01:00:00.000000000 +0100
+++ new/patches.fixes/0002-n_tty-Fix-unsafe-reference-to-other-ldisc.patch
2016-02-02 17:31:39.000000000 +0100
@@ -0,0 +1,42 @@
+From: Peter Hurley <pe...@hurleysoftware.com>
+Date: Sun, 10 Jan 2016 22:40:56 -0800
+Subject: n_tty: Fix unsafe reference to "other" ldisc
+Patch-mainline: v4.5-rc2
+Git-commit: 6d27a63caad3f13e96cf065d2d96828c2006be6b
+References: bnc#961500
+
+Although n_tty_check_unthrottle() has a valid ldisc reference (since
+the tty core gets the ldisc ref in tty_read() before calling the line
+discipline read() method), it does not have a valid ldisc reference to
+the "other" pty of a pty pair. Since getting an ldisc reference for
+tty->link essentially open-codes tty_wakeup(), just replace with the
+equivalent tty_wakeup().
+
+Cc: <sta...@vger.kernel.org>
+Signed-off-by: Peter Hurley <pe...@hurleysoftware.com>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ drivers/tty/n_tty.c | 7 ++-----
+ 1 file changed, 2 insertions(+), 5 deletions(-)
+
+--- a/drivers/tty/n_tty.c
++++ b/drivers/tty/n_tty.c
+@@ -258,16 +258,13 @@ static void n_tty_check_throttle(struct
+
+ static void n_tty_check_unthrottle(struct tty_struct *tty)
+ {
+- if (tty->driver->type == TTY_DRIVER_TYPE_PTY &&
+- tty->link->ldisc->ops->write_wakeup == n_tty_write_wakeup) {
++ if (tty->driver->type == TTY_DRIVER_TYPE_PTY) {
+ if (chars_in_buffer(tty) > TTY_THRESHOLD_UNTHROTTLE)
+ return;
+ if (!tty->count)
+ return;
+ n_tty_kick_worker(tty);
+- n_tty_write_wakeup(tty->link);
+- if (waitqueue_active(&tty->link->write_wait))
+- wake_up_interruptible_poll(&tty->link->write_wait,
POLLOUT);
++ tty_wakeup(tty->link);
+ return;
+ }
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.fixes/0003-drm-i915-Pin-the-ifbdev-for-the-info-system_base-GGT.patch
new/patches.fixes/0003-drm-i915-Pin-the-ifbdev-for-the-info-system_base-GGT.patch
---
old/patches.fixes/0003-drm-i915-Pin-the-ifbdev-for-the-info-system_base-GGT.patch
1970-01-01 01:00:00.000000000 +0100
+++
new/patches.fixes/0003-drm-i915-Pin-the-ifbdev-for-the-info-system_base-GGT.patch
2016-02-02 17:31:39.000000000 +0100
@@ -0,0 +1,100 @@
+From: Chris Wilson <ch...@chris-wilson.co.uk>
+Date: Fri, 4 Dec 2015 16:05:26 +0000
+Subject: drm/i915: Pin the ifbdev for the info->system_base GGTT mmapping
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+Git-commit: 0c82312f3f15538f4e6ceda2a82caee8fbac4501
+Patch-mainline: v4.5-rc1
+References: bnc#962866
+
+A long time ago (before 3.14) we relied on a permanent pinning of the
+ifbdev to lock the fb in place inside the GGTT. However, the
+introduction of stealing the BIOS framebuffer and reusing its address in
+the GGTT for the fbdev has muddied waters and we use an inherited fb.
+However, the inherited fb is only pinned whilst it is active and we no
+longer have an explicit pin for the info->system_base mmapping used by
+the fbdev. The result is that after some aperture pressure the fbdev may
+be evicted, but we continue to write the fbcon into the same GGTT
+address - overwriting anything else that may be put into that offset.
+The effect is most pronounced across suspend/resume as
+intel_fbdev_set_suspend() does a full clear over the whole scanout.
+
+v2: Only unpin the intel_fb is we allocate it. If we inherit the fb from
+the BIOS, we do not own the pinned vma (except for the reference we add
+in this patch for our access via info->screen_base).
+
+v3: Finish balancing the vma pinning for the normal !preallocated case.
+
+v4: Try to simplify the pinning even further.
+v5: Leak the VMA (cleaned up by object-free) to avoid complicated error paths.
+
+Signed-off-by: Chris Wilson <ch...@chris-wilson.co.uk>
+Cc: "Goel, Akash" <akash.g...@intel.com>
+Cc: Daniel Vetter <daniel.vet...@ffwll.ch>
+Cc: Jesse Barnes <jbar...@virtuousgeek.org>
+Cc: Lukas Wunner <lu...@wunner.de>
+Cc: drm-intel-fi...@lists.freedesktop.org
+Link:
http://patchwork.freedesktop.org/patch/msgid/1449245126-26158-1-git-send-email-ch...@chris-wilson.co.uk
+Tested-by: Ville Syrjälä <ville.syrj...@linux.intel.com>
+Signed-off-by: Daniel Vetter <daniel.vet...@ffwll.ch>
+Signed-off-by: Jiri Slaby <jsl...@suse.cz>
+---
+ drivers/gpu/drm/i915/intel_fbdev.c | 20 +++++++++++++-------
+ 1 file changed, 13 insertions(+), 7 deletions(-)
+
+diff --git a/drivers/gpu/drm/i915/intel_fbdev.c
b/drivers/gpu/drm/i915/intel_fbdev.c
+index 12597b532e0e..0722acc1599e 100644
+--- a/drivers/gpu/drm/i915/intel_fbdev.c
++++ b/drivers/gpu/drm/i915/intel_fbdev.c
+@@ -163,13 +163,6 @@ static int intelfb_alloc(struct drm_fb_helper *helper,
+ goto out;
+ }
+
+- /* Flush everything out, we'll be doing GTT only from now on */
+- ret = intel_pin_and_fence_fb_obj(NULL, fb, NULL, NULL, NULL);
+- if (ret) {
+- DRM_ERROR("failed to pin obj: %d\n", ret);
+- goto out;
+- }
+-
+ mutex_unlock(&dev->struct_mutex);
+
+ ifbdev->fb = to_intel_framebuffer(fb);
+@@ -225,6 +218,14 @@ static int intelfb_create(struct drm_fb_helper *helper,
+
+ mutex_lock(&dev->struct_mutex);
+
++ /* Pin the GGTT vma for our access via info->screen_base.
++ * This also validates that any existing fb inherited from the
++ * BIOS is suitable for own access.
++ */
++ ret = intel_pin_and_fence_fb_obj(NULL, &ifbdev->fb->base, NULL, NULL,
NULL);
++ if (ret)
++ goto out_unlock;
++
+ info = drm_fb_helper_alloc_fbi(helper);
+ if (IS_ERR(info)) {
+ ret = PTR_ERR(info);
+@@ -286,6 +287,7 @@ out_destroy_fbi:
+ out_unpin:
+ i915_gem_object_ggtt_unpin(obj);
+ drm_gem_object_unreference(&obj->base);
++out_unlock:
+ mutex_unlock(&dev->struct_mutex);
+ return ret;
+ }
+@@ -523,6 +525,10 @@ static const struct drm_fb_helper_funcs
intel_fb_helper_funcs = {
+ static void intel_fbdev_destroy(struct drm_device *dev,
+ struct intel_fbdev *ifbdev)
+ {
++ /* We rely on the object-free to release the VMA pinning for
++ * the info->screen_base mmaping. Leaking the VMA is simpler than
++ * trying to rectify all the possible error paths leading here.
++ */
+
+ drm_fb_helper_unregister_fbi(&ifbdev->helper);
+ drm_fb_helper_release_fbi(&ifbdev->helper);
+--
+2.7.0
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.fixes/Revert-xfs-clear-PF_NOFREEZE-for-xfsaild-kthread
new/patches.fixes/Revert-xfs-clear-PF_NOFREEZE-for-xfsaild-kthread
--- old/patches.fixes/Revert-xfs-clear-PF_NOFREEZE-for-xfsaild-kthread
1970-01-01 01:00:00.000000000 +0100
+++ new/patches.fixes/Revert-xfs-clear-PF_NOFREEZE-for-xfsaild-kthread
2016-02-02 17:31:39.000000000 +0100
@@ -0,0 +1,38 @@
+From 3e85286e75224fa3f08bdad20e78c8327742634e Mon Sep 17 00:00:00 2001
+From: Dave Chinner <da...@fromorbit.com>
+Date: Tue, 19 Jan 2016 08:21:46 +1100
+Subject: [PATCH] Revert "xfs: clear PF_NOFREEZE for xfsaild kthread"
+Git-commit: 3e85286e75224fa3f08bdad20e78c8327742634e
+Patch-mainline: 4.5-rc1
+References: boo#962250
+
+This reverts commit 24ba16bb3d499c49974669cd8429c3e4138ab102 as it
+prevents machines from suspending. This regression occurs when the
+xfsaild is idle on entry to suspend, and so there s no activity to
+wake it from it's idle sleep and hence see that it is supposed to
+freeze. Hence the freezer times out waiting for it and suspend is
+cancelled.
+
+There is no obvious fix for this short of freezing the filesystem
+properly, so revert this change for now.
+
+Cc: <sta...@vger.kernel.org> # 4.4
+Signed-off-by: Dave Chinner <da...@fromorbit.com>
+Acked-by: Jiri Kosina <jkos...@suse.cz>
+Reviewed-by: Brian Foster <bfos...@redhat.com>
+Acked-by: Takashi Iwai <ti...@suse.de>
+
+---
+ fs/xfs/xfs_trans_ail.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+--- a/fs/xfs/xfs_trans_ail.c
++++ b/fs/xfs/xfs_trans_ail.c
+@@ -497,7 +497,6 @@ xfsaild(
+ long tout = 0; /* milliseconds */
+
+ current->flags |= PF_MEMALLOC;
+- set_freezable();
+
+ while (!kthread_should_stop()) {
+ if (tout && tout <= 20)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/patches.fixes/keys-fix-leak.patch
new/patches.fixes/keys-fix-leak.patch
--- old/patches.fixes/keys-fix-leak.patch 2016-01-28 09:15:06.000000000
+0100
+++ new/patches.fixes/keys-fix-leak.patch 1970-01-01 01:00:00.000000000
+0100
@@ -1,78 +0,0 @@
-commit 5c65d8a9989a89901b87ad13a06011a9a0e3d828
-Author: Yevgeny Pats <yevg...@perception-point.io>
-From: Yevgeny Pats <yevg...@perception-point.io>
-Date: Mon Jan 11 12:05:28 2016 +0000
-Subject: [PATCH] KEYS: Fix Use-after-free vulnerability in keyring facility
-
-Patch-mainline: Not yet, waiting merge to upstream
-References: bnc#962075, CVE-2016-0728
-
- KEYS: Fix keyring ref leak in join_session_keyring()
-
- If a thread is asked to join as a session keyring the keyring that's
already
- set as its session, we leak a keyring reference.
-
- This can be tested with the following program:
-
- #include <stddef.h>
- #include <stdio.h>
- #include <sys/types.h>
- #include <keyutils.h>
-
- int main(int argc, const char *argv[])
- {
- int i = 0;
- key_serial_t serial;
-
- serial = keyctl(KEYCTL_JOIN_SESSION_KEYRING,
- "leaked-keyring");
- if (serial < 0) {
- perror("keyctl");
- return -1;
- }
-
- if (keyctl(KEYCTL_SETPERM, serial,
- KEY_POS_ALL | KEY_USR_ALL) < 0) {
- perror("keyctl");
- return -1;
- }
-
- for (i = 0; i < 100; i++) {
- serial = keyctl(KEYCTL_JOIN_SESSION_KEYRING,
- "leaked-keyring");
- if (serial < 0) {
- perror("keyctl");
- return -1;
- }
- }
-
- return 0;
- }
-
- If, after the program has run, there something like the following line in
- /proc/keys:
-
- 3f3d898f I--Q--- 100 perm 3f3f0000 0 0 keyring leaked-keyring:
empty
-
- with a usage count of 100 * the number of times the program has been run,
- then the kernel is malfunctioning. If leaked-keyring has zero usages or
- has been garbage collected, then the problem is fixed.
-
-Reported-by: Yevgeny Pats <yevg...@perception-point.io>
-Signed-off-by: David Howells <dhowe...@redhat.com>
-Acked-by: Lee, Chun-Yi <j...@suse.com>
-
----
- security/keys/process_keys.c | 1 +
- 1 file changed, 1 insertion(+)
-
---- a/security/keys/process_keys.c
-+++ b/security/keys/process_keys.c
-@@ -794,6 +794,7 @@ long join_session_keyring(const char *na
- ret = PTR_ERR(keyring);
- goto error2;
- } else if (keyring == new->session_keyring) {
-+ key_put(keyring);
- ret = 0;
- goto error2;
- }
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.fixes/sd-Optimal-I-O-size-is-in-bytes-not-sectors
new/patches.fixes/sd-Optimal-I-O-size-is-in-bytes-not-sectors
--- old/patches.fixes/sd-Optimal-I-O-size-is-in-bytes-not-sectors
1970-01-01 01:00:00.000000000 +0100
+++ new/patches.fixes/sd-Optimal-I-O-size-is-in-bytes-not-sectors
2016-02-02 17:31:39.000000000 +0100
@@ -0,0 +1,37 @@
+From d0eb20a863ba7dc1d3f4b841639671f134560be2 Mon Sep 17 00:00:00 2001
+From: "Martin K. Petersen" <martin.peter...@oracle.com>
+Date: Wed, 20 Jan 2016 11:01:23 -0500
+Subject: [PATCH] sd: Optimal I/O size is in bytes, not sectors
+Git-commit: d0eb20a863ba7dc1d3f4b841639671f134560be2
+Patch-mainline: 4.5-rc2
+References: boo#961263
+
+Commit ca369d51b3e1 ("block/sd: Fix device-imposed transfer length
+limits") accidentally switched optimal I/O size reporting from bytes to
+block layer sectors.
+
+Signed-off-by: Martin K. Petersen <martin.peter...@oracle.com>
+Reported-by: Christian Borntraeger <borntrae...@de.ibm.com>
+Tested-by: Christian Borntraeger <borntrae...@de.ibm.com>
+Fixes: ca369d51b3e1649be4a72addd6d6a168cfb3f537
+Cc: sta...@vger.kernel.org # 4.4+
+Reviewed-by: James E.J. Bottomley <james.bottom...@hansenpartnership.com>
+Reviewed-by: Ewan D. Milne <emi...@redhat.com>
+Reviewed-by: Matthew R. Ochs <mro...@linux.vnet.ibm.com>
+Acked-by: Takashi Iwai <ti...@suse.de>
+
+---
+ drivers/scsi/sd.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/drivers/scsi/sd.c
++++ b/drivers/scsi/sd.c
+@@ -2892,7 +2892,7 @@ static int sd_revalidate_disk(struct gen
+ sdkp->opt_xfer_blocks <= SD_DEF_XFER_BLOCKS &&
+ sdkp->opt_xfer_blocks * sdp->sector_size >= PAGE_CACHE_SIZE)
+ rw_max = q->limits.io_opt =
+- logical_to_sectors(sdp, sdkp->opt_xfer_blocks);
++ sdkp->opt_xfer_blocks * sdp->sector_size;
+ else
+ rw_max = BLK_DEF_MAX_SECTORS;
+
++++++ patches.kernel.org.tar.bz2 ++++++
++++ 2620 lines of diff (skipped)
++++++ series.conf ++++++
--- /var/tmp/diff_new_pack.zz1aLr/_old 2016-02-17 10:23:22.000000000 +0100
+++ /var/tmp/diff_new_pack.zz1aLr/_new 2016-02-17 10:23:22.000000000 +0100
@@ -27,6 +27,7 @@
# DO NOT MODIFY THEM!
# Send separate patches upstream if you find a problem...
########################################################
+ patches.kernel.org/patch-4.4.1
########################################################
# Build fixes that apply to the vanilla kernel too.
@@ -267,6 +268,7 @@
########################################################
# xfs
########################################################
+ patches.fixes/Revert-xfs-clear-PF_NOFREEZE-for-xfsaild-kthread
########################################################
# other filesystem stuff
@@ -328,12 +330,16 @@
patches.drivers/bcache-fix-writeback-thread-incomplete-stripes-starvation.patch
patches.fixes/scsi-ignore-errors-from-scsi_dh_add_device
+ patches.fixes/sd-Optimal-I-O-size-is-in-bytes-not-sectors
########################################################
# DRM/Video
########################################################
patches.drivers/drm-i915-shut-up-gen8-SDE-irq-dmesg-noise
patches.fixes/drm-radeon-Update-radeon_get_vblank_counter_kms.patch
+
patches.fixes/0001-drm-i915-Fix-double-unref-in-intelfb_alloc-failure-p.patch
+
patches.fixes/0002-drm-i915-Fix-failure-paths-around-initial-fbdev-allo.patch
+
patches.fixes/0003-drm-i915-Pin-the-ifbdev-for-the-info-system_base-GGT.patch
########################################################
# video4linux
@@ -384,11 +390,13 @@
##########################################################
# Sound
##########################################################
- patches.drivers/ALSA-hda-Flush-the-pending-probe-work-at-remove
+ patches.drivers/ALSA-usb-audio-avoid-freeing-umidi-object-twice
########################################################
# Char / serial
########################################################
+
patches.fixes/0001-tty-Fix-unsafe-ldisc-reference-via-ioctl-TIOCGETD.patch
+ patches.fixes/0002-n_tty-Fix-unsafe-reference-to-other-ldisc.patch
########################################################
# Other driver fixes
@@ -430,7 +438,6 @@
##########################################################
# CVE-2016-0728: kernel: Use-after-free vulnerability in keyring
facility
- patches.fixes/keys-fix-leak.patch
##########################################################
# Audit
++++++ source-timestamp ++++++
--- /var/tmp/diff_new_pack.zz1aLr/_old 2016-02-17 10:23:22.000000000 +0100
+++ /var/tmp/diff_new_pack.zz1aLr/_new 2016-02-17 10:23:22.000000000 +0100
@@ -1,3 +1,3 @@
-2016-01-28 09:15:06 +0100
-GIT Revision: 9f68b909e79a8520cee723b728fec80e33eaef6b
+2016-02-15 12:03:27 +0100
+GIT Revision: 6398c2df356e9052b52ba35e636955cf7a7154d9
GIT Branch: stable
