Re: Linux 4.9.142

[Greg KH]

diff --git a/Documentation/sysctl/fs.txt b/Documentation/sysctl/fs.txt
index 35e17f748ca7..af5859b2d0f9 100644
--- a/Documentation/sysctl/fs.txt
+++ b/Documentation/sysctl/fs.txt
@@ -34,7 +34,9 @@ Currently, these files are in /proc/sys/fs:
 - overflowgid
 - pipe-user-pages-hard
 - pipe-user-pages-soft
+- protected_fifos
 - protected_hardlinks
+- protected_regular
 - protected_symlinks
 - suid_dumpable
 - super-max
@@ -182,6 +184,24 @@ applied.
 
 ==
 
+protected_fifos:
+
+The intent of this protection is to avoid unintentional writes to
+an attacker-controlled FIFO, where a program expected to create a regular
+file.
+
+When set to "0", writing to FIFOs is unrestricted.
+
+When set to "1" don't allow O_CREAT open on FIFOs that we don't own
+in world writable sticky directories, unless they are owned by the
+owner of the directory.
+
+When set to "2" it also applies to group writable sticky directories.
+
+This protection is based on the restrictions in Openwall.
+
+==
+
 protected_hardlinks:
 
 A long-standing class of security issues is the hardlink-based
@@ -202,6 +222,22 @@ This protection is based on the restrictions in Openwall 
and grsecurity.
 
 ==
 
+protected_regular:
+
+This protection is similar to protected_fifos, but it
+avoids writes to an attacker-controlled regular file, where a program
+expected to create one.
+
+When set to "0", writing to regular files is unrestricted.
+
+When set to "1" don't allow O_CREAT open on regular files that we
+don't own in world writable sticky directories, unless they are
+owned by the owner of the directory.
+
+When set to "2" it also applies to group writable sticky directories.
+
+==
+
 protected_symlinks:
 
 A long-standing class of security issues is the symlink-based
diff --git a/MAINTAINERS b/MAINTAINERS
index 63cefa62324c..4f559f5b3a89 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -11469,6 +11469,7 @@ F:  arch/alpha/kernel/srm_env.c
 
 STABLE BRANCH
 M: Greg Kroah-Hartman 
+M: Sasha Levin 
 L: sta...@vger.kernel.org
 S: Supported
 F: Documentation/stable_kernel_rules.txt
diff --git a/Makefile b/Makefile
index 8eba73521a7f..72ed8ff90329 100644
--- a/Makefile
+++ b/Makefile
@@ -1,6 +1,6 @@
 VERSION = 4
 PATCHLEVEL = 9
-SUBLEVEL = 141
+SUBLEVEL = 142
 EXTRAVERSION =
 NAME = Roaring Lionus
 
diff --git a/arch/arm64/Makefile b/arch/arm64/Makefile
index 92110c2c6c59..ee94597773fa 100644
--- a/arch/arm64/Makefile
+++ b/arch/arm64/Makefile
@@ -10,7 +10,7 @@
 #
 # Copyright (C) 1995-2001 by Russell King
 
-LDFLAGS_vmlinux:=-p --no-undefined -X
+LDFLAGS_vmlinux:=--no-undefined -X
 CPPFLAGS_vmlinux.lds = -DTEXT_OFFSET=$(TEXT_OFFSET)
 GZFLAGS:=-9
 
diff --git a/arch/powerpc/include/asm/io.h b/arch/powerpc/include/asm/io.h
index f6fda8482f60..3b10f532c28e 100644
--- a/arch/powerpc/include/asm/io.h
+++ b/arch/powerpc/include/asm/io.h
@@ -333,19 +333,13 @@ extern void _memcpy_toio(volatile void __iomem *dest, 
const void *src,
  * their hooks, a bitfield is reserved for use by the platform near the
  * top of MMIO addresses (not PIO, those have to cope the hard way).
  *
- * This bit field is 12 bits and is at the top of the IO virtual
- * addresses PCI_IO_INDIRECT_TOKEN_MASK.
+ * The highest address in the kernel virtual space are:
  *
- * The kernel virtual space is thus:
+ *  d0003fff   # with Hash MMU
+ *  c00f   # with Radix MMU
  *
- *  0xD000 : vmalloc
- *  0xD800 : PCI PHB IO space
- *  0xD8008000 : ioremap
- *  0xDfff : end of ioremap region
- *
- * Since the top 4 bits are reserved as the region ID, we use thus
- * the next 12 bits and keep 4 bits available for the future if the
- * virtual address space is ever to be extended.
+ * The top 4 bits are reserved as the region ID on hash, leaving us 8 bits
+ * that can be used for the field.
  *
  * The direct IO mapping operations will then mask off those bits
  * before doing the actual access, though that only happen when
@@ -357,8 +351,8 @@ extern void _memcpy_toio(volatile void __iomem *dest, const 
void *src,
  */
 
 #ifdef CONFIG_PPC_INDIRECT_MMIO
-#define PCI_IO_IND_TOKEN_MASK  0x0ffful
-#define PCI_IO_IND_TOKEN_SHIFT 48
+#define PCI_IO_IND_TOKEN_SHIFT 52
+#define PCI_IO_IND_TOKEN_MASK  (0xfful << PCI_IO_IND_TOKEN_SHIFT)
 #define PCI_FIX_ADDR(addr) \
((PCI_IO_ADDR)(((unsigned long)(addr)) & ~PCI_IO_IND_TOKEN_MASK))
 #define PCI_GET_ADDR_TOKEN(addr)   \
diff --git a/arch/powerpc/kvm/trace.h b/arch/powerpc/kvm/trace.h
index 2e0e67ef3544..e8cedf32345a 100644
--- a/arch/powerpc/kvm/trace.h
+++ b/arch/powerpc/kvm/trace.h
@@

Linux 4.9.142

[Greg KH]

 net/ieee802154/6lowpan/6lowpan_i.h  |4 
 net/ieee802154/6lowpan/reassembly.c |   14 
 net/llc/af_llc.c|   11 
 net/sctp/associola.c|   10 
 net/sunrpc/auth_generic.c   |8 
 security/integrity/evm/evm.h|2 
 security/integrity/evm/evm_crypto.c |   87 +-
 security/integrity/evm/evm_main.c   |   29 
 security/integrity/iint.c   |3 
 security/integrity/ima/ima_api.c|   67 +
 security/integrity/ima/ima_appraise.c   |   31 
 security/integrity/ima/ima_crypto.c |   10 
 security/integrity/ima/ima_main.c   |   77 +
 security/integrity/integrity.h  |   18 
 security/selinux/ss/policydb.c  |2 
 tools/power/cpupower/bench/Makefile |2 
 tools/power/cpupower/lib/cpufreq.c  |2 
 tools/power/cpupower/lib/cpuidle.c  |2 
 tools/power/cpupower/lib/cpupower.c |4 
 tools/power/cpupower/lib/cpupower_intern.h  |2 
 86 files changed, 1317 insertions(+), 462 deletions(-)

Aaron Ma (2):
  usb: xhci: fix timeout for transition from RExit to U0
  usb: xhci: fix uninitialized completion when USB3 port got wrong status

Alex Estrin (1):
  IB/core: Fix for core panic

Alexander Aring (1):
  net: ieee802154: 6lowpan: fix frag reassembly

Amitkumar Karwar (3):
  mwifiex: prevent register accesses after host is sleeping
  mwifiex: report error to PCIe for suspend failure
  mwifiex: Fix NULL pointer dereference in skb_dequeue()

Andrew Price (1):
  gfs2: Don't leave s_fs_info pointing to freed memory in init_sbd

Andy Shevchenko (1):
  usb: dwc3: core: Clean up ULPI device

Anson Huang (1):
  cpufreq: imx6q: add return value check for voltage scale

Ard Biesheuvel (1):
  efi/arm: Revert deferred unmap of early memmap mapping

Arvind Yadav (1):
  Input: xpad - constify usb_device_id

Benjamin Valentin (5):
  Input: xpad - sort supported devices by USB ID
  Input: xpad - sync supported devices with xboxdrv
  Input: xpad - add USB IDs for Mad Catz Brawlstick and Razer Sabertooth
  Input: xpad - sync supported devices with 360Controller
  Input: xpad - sync supported devices with XBCD

Cameron Gutman (8):
  Input: xpad - add product ID for Xbox One S pad
  Input: xpad - fix Xbox One rumble stopping after 2.5 secs
  Input: xpad - don't depend on endpoint order
  Input: xpad - fix stuck mode button on Xbox One S pad
  Input: xpad - restore LED state after device resume
  Input: xpad - support some quirky Xbox One pads
  Input: xpad - fix PowerA init quirk for some gamepad models
  Input: xpad - validate USB endpoint type during probe

Daniel Tobias (2):
  Input: xpad - correctly sort vendor id's
  Input: xpad - move reporting xbox one home button to common function

Dennis Wassenberg (1):
  usb: core: Fix hub port connection events lost

Dmitry Kasatkin (1):
  ima: re-introduce own integrity cache lock

Dmitry Vyukov (1):
  mm: don't warn about large allocations for slab

Dominique Martinet (1):
  v9fs_dir_readdir: fix double-free on p9stat_read error

Emmanuel Grumbach (2):
  iwlwifi: mvm: support sta_statistics() even on older firmware
  iwlwifi: mvm: fix regulatory domain update when the firmware starts

Enno Boland (1):
  Input: xpad - fix GPD Win 2 controller name

Eric Dumazet (1):
  llc: do not use sk_eat_skb()

Eric W. Biederman (1):
  Revert "evm: Translate user/group ids relative to s_user_ns when 
computing HMAC"

Ethan Lee (1):
  Input: xpad - add GPD Win 2 Controller USB IDs

Francis Therien (1):
  Input: xpad - add PDP device id 0x02a4

Greg Hackmann (1):
  arm64: remove no-op -p linker flag

Greg Kroah-Hartman (3):
  MAINTAINERS: Add Sasha as a stable branch maintainer
  tty: wipe buffer if not echoing data
  Linux 4.9.142

Janosch Frank (1):
  s390/mm: Check for valid vma before zapping in gmap_discard

Jens Axboe (1):
  floppy: fix race condition in __floppy_read_block_0()

Jerome Brunet (1):
  pinctrl: meson: fix pinconf bias disable

Johan Hovold (3):
  of: add helper to lookup compatible child node
  NFC: nfcmrvl_uart: fix OF child-node lookup
  net: bcmgenet: fix OF child-node lookup

Johannes Thumshirn (1):
  cw1200: Don't leak memory if krealloc failes

Kan Liang (1):
  perf/x86/intel/uncore: Add more IMC PCI IDs for KabyLake and CoffeeLake 
CPUs

Karthik D A (1):
  mwifiex: fix p2p device doesn't find in scan pr