rpms
/
kernel
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Linux 3.3.3

This commit is contained in:
Josh Boyer 2012-04-23 10:51:58 -04:00
parent 11834d2d28
commit 6b7781c7dd
7 changed files with 6 additions and 212 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
Bluetooth-Adding-USB-device-13d3-3375-as-an-Atheros-.patch
View File

@ -1,58 +0,0 @@
From 9498ba7a1d38d42eef4ef6d906ab1743c9f0fd6f Mon Sep 17 00:00:00 2001
From: Eran <eran@over-here.org>
Date: Mon, 5 Dec 2011 22:15:29 +0000
Subject: [PATCH] Bluetooth: Adding USB device 13d3:3375 as an Atheros AR3012.
The bluetooth module in the Asus UX31/UX21 is based on Atheros AR3012
and requires a firmware to be uploaded before it's usable.
output of usb-devices for this module:
T: Bus=01 Lev=02 Prnt=02 Port=07 Cnt=03 Dev#= 6 Spd=12 MxCh= 0
D: Ver= 1.10 Cls=e0(wlcon) Sub=01 Prot=01 MxPS=64 #Cfgs= 1
P: Vendor=13d3 ProdID=3375 Rev=00.02
S: Manufacturer=Atheros Communications
S: Product=Bluetooth USB Host Controller
S: SerialNumber=Alaska Day 2006
C: #Ifs= 2 Cfg#= 1 Atr=e0 MxPwr=100mA
I: If#= 0 Alt= 0 #EPs= 3 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb
I: If#= 1 Alt= 0 #EPs= 2 Cls=e0(wlcon) Sub=01 Prot=01 Driver=btusb
Signed-off-by: Eran <eran@over-here.org>
Tested-by: Michal Labedzki <michal.labedzki@tieto.com>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
diff --git a/drivers/bluetooth/ath3k.c b/drivers/bluetooth/ath3k.c
index 4eca6e5..4844247 100644
--- a/drivers/bluetooth/ath3k.c
+++ b/drivers/bluetooth/ath3k.c
@@ -72,6 +72,7 @@ static struct usb_device_id ath3k_table[] = {
/* Atheros AR3012 with sflash firmware*/
{ USB_DEVICE(0x0CF3, 0x3004) },
+ { USB_DEVICE(0x13d3, 0x3375) },
/* Atheros AR5BBU12 with sflash firmware */
{ USB_DEVICE(0x0489, 0xE02C) },
@@ -88,6 +89,7 @@ static struct usb_device_id ath3k_blist_tbl[] = {
/* Atheros AR3012 with sflash firmware*/
{ USB_DEVICE(0x0cf3, 0x3004), .driver_info = BTUSB_ATH3012 },
+ { USB_DEVICE(0x13d3, 0x3375), .driver_info = BTUSB_ATH3012 },
{ } /* Terminating entry */
};
diff --git a/drivers/bluetooth/btusb.c b/drivers/bluetooth/btusb.c
index 22f695e..480cad9 100644
--- a/drivers/bluetooth/btusb.c
+++ b/drivers/bluetooth/btusb.c
@@ -129,6 +129,7 @@ static struct usb_device_id blacklist_table[] = {
/* Atheros 3012 with sflash firmware */
{ USB_DEVICE(0x0cf3, 0x3004), .driver_info = BTUSB_ATH3012 },
+ { USB_DEVICE(0x13d3, 0x3375), .driver_info = BTUSB_ATH3012 },
/* Atheros AR5BBU12 with sflash firmware */
{ USB_DEVICE(0x0489, 0xe02c), .driver_info = BTUSB_IGNORE },
--
1.7.7.6

38
fcaps-clear-the-same-personality-flags-as-suid-when-.patch
View File

@ -1,38 +0,0 @@
From d52fc5dde171f030170a6cb78034d166b13c9445 Mon Sep 17 00:00:00 2001
From: Eric Paris <eparis@redhat.com>
Date: Tue, 17 Apr 2012 16:26:54 -0400
Subject: [PATCH] fcaps: clear the same personality flags as suid when fcaps
are used
If a process increases permissions using fcaps all of the dangerous
personality flags which are cleared for suid apps should also be cleared.
Thus programs given priviledge with fcaps will continue to have address space
randomization enabled even if the parent tried to disable it to make it
easier to attack.
Signed-off-by: Eric Paris <eparis@redhat.com>
Reviewed-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
---
security/commoncap.c | 5 +++++
1 files changed, 5 insertions(+), 0 deletions(-)
diff --git a/security/commoncap.c b/security/commoncap.c
index 0cf4b53..0ecf4ba 100644
--- a/security/commoncap.c
+++ b/security/commoncap.c
@@ -505,6 +505,11 @@ int cap_bprm_set_creds(struct linux_binprm *bprm)
}
skip:
+ /* if we have fs caps, clear dangerous personality flags */
+ if (!cap_issubset(new->cap_permitted, old->cap_permitted))
+ bprm->per_clear |= PER_CLEAR_ON_SETID;
+
+
/* Don't let someone trace a set[ug]id/setpcap binary with the revised
* credentials unless they have the appropriate permit
*/
--
1.7.7.6

25
kernel.spec
View File

@ -42,7 +42,7 @@ Summary: The Linux kernel
# When changing real_sublevel below, reset this by hand to 1
# (or to 0 and then use rpmdev-bumpspec).
#
%global baserelease 7
%global baserelease 1
%global fedora_build %{baserelease}
# real_sublevel is the 3.x kernel version we're starting with
@ -51,7 +51,7 @@ Summary: The Linux kernel
%define fake_sublevel %(echo $((40 + %{real_sublevel})))
# Do we have a -stable update to apply?
%define stable_update 2
%define stable_update 3
# Is it a -stable RC?
%define stable_rc 0
# Set rpm version accordingly
@ -655,7 +655,6 @@ Patch14001: hibernate-watermark.patch
Patch14010: lis3-improve-handling-of-null-rate.patch
Patch15000: bluetooth-use-after-free.patch
Patch15001: Bluetooth-Adding-USB-device-13d3-3375-as-an-Atheros-.patch
Patch20000: utrace.patch
@ -695,10 +694,6 @@ Patch21380: wimax-i2400m-prevent-a-possible-kernel-bug-due-to-mi.patch
#rhbz 807632
Patch21385: libata-forbid-port-runtime-pm-by-default.patch
#rhbz 809014
Patch21390: x86-Use-correct-byte-sized-register-constraint-in-__xchg_op.patch
Patch21391: x86-Use-correct-byte-sized-register-constraint-in-__add.patch
#rhbz 808207 CVE-2012-1601
Patch21520: KVM-Ensure-all-vcpus-are-consistent-with-in-kernel-i.patch
@ -719,10 +714,6 @@ Patch22006: KVM-unmap-pages-from-the-iommu-when-slots-are-removed.patch
#rhbz 814278 814289 CVE-2012-2119
Patch22007: macvtap-zerocopy-validate-vector-length.patch
#rhbz 814523 806722 CVE-2012-2123
Patch22008: fcaps-clear-the-same-personality-flags-as-suid-when-.patch
Patch22009: security-fix-compile-error-in-commoncap.c.patch
#rhbz 811225
Patch22010: memblock-memblock-should-be-able-to-handle-zero-leng.patch
@ -1285,7 +1276,6 @@ ApplyPatch hibernate-watermark.patch
ApplyPatch lis3-improve-handling-of-null-rate.patch
ApplyPatch bluetooth-use-after-free.patch
ApplyPatch Bluetooth-Adding-USB-device-13d3-3375-as-an-Atheros-.patch
# utrace.
ApplyPatch utrace.patch
@ -1323,10 +1313,6 @@ ApplyPatch wimax-i2400m-prevent-a-possible-kernel-bug-due-to-mi.patch
#rhbz 807632
ApplyPatch libata-forbid-port-runtime-pm-by-default.patch
#rhbz 809014
ApplyPatch x86-Use-correct-byte-sized-register-constraint-in-__xchg_op.patch
ApplyPatch x86-Use-correct-byte-sized-register-constraint-in-__add.patch
#rhbz 797559
ApplyPatch x86-microcode-Fix-sysfs-warning-during-module-unload-on-unsupported-CPUs.patch
ApplyPatch x86-microcode-Ensure-that-module-is-only-loaded-for-supported-AMD-CPUs.patch
@ -1340,10 +1326,6 @@ ApplyPatch KVM-unmap-pages-from-the-iommu-when-slots-are-removed.patch
#rhbz 814278 814289 CVE-2012-2119
ApplyPatch macvtap-zerocopy-validate-vector-length.patch
#rhbz 814523 806722 CVE-2012-2123
ApplyPatch fcaps-clear-the-same-personality-flags-as-suid-when-.patch
ApplyPatch security-fix-compile-error-in-commoncap.c.patch
#rhbz 811225
ApplyPatch memblock-memblock-should-be-able-to-handle-zero-leng.patch
@ -2001,6 +1983,9 @@ fi
# and build.
%changelog
* Mon Apr 23 2012 Josh Boyer <jwboyer@redhat.com>
- Linux 3.3.3
* Mon Apr 23 2012 Peter Hutterer <peter.hutterer@redhat.com>
- Fix regression on clickpads

28
security-fix-compile-error-in-commoncap.c.patch
View File

@ -1,28 +0,0 @@
From 51b79bee627d526199b2f6a6bef8ee0c0739b6d1 Mon Sep 17 00:00:00 2001
From: Jonghwan Choi <jhbird.choi@samsung.com>
Date: Wed, 18 Apr 2012 17:23:04 -0400
Subject: [PATCH] security: fix compile error in commoncap.c
Add missing "personality.h"
security/commoncap.c: In function 'cap_bprm_set_creds':
security/commoncap.c:510: error: 'PER_CLEAR_ON_SETID' undeclared (first use in this function)
security/commoncap.c:510: error: (Each undeclared identifier is reported only once
security/commoncap.c:510: error: for each function it appears in.)
Signed-off-by: Jonghwan Choi <jhbird.choi@samsung.com>
Acked-by: Serge Hallyn <serge.hallyn@canonical.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
---
security/commoncap.c | 1 +
1 files changed, 1 insertions(+), 0 deletions(-)
--- linux-3.3.2-6.fc17.noarch.orig/security/commoncap.c
+++ linux-3.3.2-6.fc17.noarch/security/commoncap.c
@@ -28,6 +28,7 @@
#include <linux/prctl.h>
#include <linux/securebits.h>
#include <linux/user_namespace.h>
+#include <linux/personality.h>
/*
* If a non-root user executes a setuid-root binary in

2
sources
View File

@ -1,2 +1,2 @@
7133f5a2086a7d7ef97abac610c094f5 linux-3.3.tar.xz
68907107b0f62a19608588bdb6b29e20 patch-3.3.2.xz
634a088d3789870885dc6ee1eb9627d4 patch-3.3.3.xz

35
x86-Use-correct-byte-sized-register-constraint-in-__add.patch
View File

@ -1,35 +0,0 @@
From: H. Peter Anvin <hpa@zytor.com>
Date: Fri, 6 Apr 2012 16:30:57 +0000 (-0700)
Subject: x86: Use correct byte-sized register constraint in __add()
X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftip%2Ftip.git;a=commitdiff_plain;h=8c91c5325e107ec17e40a59a47c6517387d64eb7
x86: Use correct byte-sized register constraint in __add()
Similar to:
2ca052a x86: Use correct byte-sized register constraint in __xchg_op()
... the __add() macro also needs to use a "q" constraint in the
byte-sized case, lest we try to generate an illegal register.
Link: http://lkml.kernel.org/r/4F7A3315.501@goop.org
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Cc: Jeremy Fitzhardinge <jeremy@goop.org>
Cc: Leigh Scott <leigh123linux@googlemail.com>
Cc: Thomas Reitmayr <treitmayr@devbase.at>
Cc: <stable@vger.kernel.org> v3.3
---
diff --git a/arch/x86/include/asm/cmpxchg.h b/arch/x86/include/asm/cmpxchg.h
index bc18d0e..99480e5 100644
--- a/arch/x86/include/asm/cmpxchg.h
+++ b/arch/x86/include/asm/cmpxchg.h
@@ -173,7 +173,7 @@ extern void __add_wrong_size(void)
switch (sizeof(*(ptr))) { \
case __X86_CASE_B: \
asm volatile (lock "addb %b1, %0\n" \
- : "+m" (*(ptr)) : "ri" (inc) \
+ : "+m" (*(ptr)) : "qi" (inc) \
: "memory", "cc"); \
break; \
case __X86_CASE_W: \

32
x86-Use-correct-byte-sized-register-constraint-in-__xchg_op.patch
View File

@ -1,32 +0,0 @@
From: Jeremy Fitzhardinge <jeremy@goop.org>
Date: Mon, 2 Apr 2012 23:15:33 +0000 (-0700)
Subject: x86: Use correct byte-sized register constraint in __xchg_op()
X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftip%2Ftip.git;a=commitdiff_plain;h=2ca052a3710fac208eee690faefdeb8bbd4586a1
x86: Use correct byte-sized register constraint in __xchg_op()
x86-64 can access the low half of any register, but i386 can only do
it with a subset of registers. 'r' causes compilation failures on i386,
but 'q' expresses the constraint properly.
Signed-off-by: Jeremy Fitzhardinge <jeremy@goop.org>
Link: http://lkml.kernel.org/r/4F7A3315.501@goop.org
Reported-by: Leigh Scott <leigh123linux@googlemail.com>
Tested-by: Thomas Reitmayr <treitmayr@devbase.at>
Signed-off-by: H. Peter Anvin <hpa@zytor.com>
Cc: <stable@vger.kernel.org> v3.3
---
diff --git a/arch/x86/include/asm/cmpxchg.h b/arch/x86/include/asm/cmpxchg.h
index b3b7332..bc18d0e 100644
--- a/arch/x86/include/asm/cmpxchg.h
+++ b/arch/x86/include/asm/cmpxchg.h
@@ -43,7 +43,7 @@ extern void __add_wrong_size(void)
switch (sizeof(*(ptr))) { \
case __X86_CASE_B: \
asm volatile (lock #op "b %b0, %1\n" \
- : "+r" (__ret), "+m" (*(ptr)) \
+ : "+q" (__ret), "+m" (*(ptr)) \
: : "memory", "cc"); \
break; \
case __X86_CASE_W: \