kernel-5.18.17-100
* Thu Aug 11 2022 Justin M. Forbes <jforbes@fedoraproject.org> [5.18.17-0] - netfilter: nf_tables: do not allow RULE_ID to refer to another chain (Thadeu Lima de Souza Cascardo) - netfilter: nf_tables: do not allow CHAIN_ID to refer to another table (Thadeu Lima de Souza Cascardo) - netfilter: nf_tables: do not allow SET_ID to refer to another table (Thadeu Lima de Souza Cascardo) - net_sched: cls_route: remove from list when handle is 0 (Thadeu Lima de Souza Cascardo) - posix-cpu-timers: Cleanup CPU timers before freeing them during exec (Thadeu Lima de Souza Cascardo) - Linux v5.18.16 (Justin M. Forbes) Resolves: Signed-off-by: Justin M. Forbes <jforbes@fedoraproject.org>
This commit is contained in:
parent
16566738de
commit
6cee9e3293
|
@ -1,3 +1,18 @@
|
|||
"https://gitlab.com/cki-project/kernel-ark/-/commit"/9602f79ee66be0de1e67917bfc95252c6e596a9c
|
||||
9602f79ee66be0de1e67917bfc95252c6e596a9c netfilter: nf_tables: do not allow RULE_ID to refer to another chain
|
||||
|
||||
"https://gitlab.com/cki-project/kernel-ark/-/commit"/659e3d168cadf504f65adc830287592f0397f8d4
|
||||
659e3d168cadf504f65adc830287592f0397f8d4 netfilter: nf_tables: do not allow CHAIN_ID to refer to another table
|
||||
|
||||
"https://gitlab.com/cki-project/kernel-ark/-/commit"/29e6901364bcdd9d664b3a5bb142063710f66745
|
||||
29e6901364bcdd9d664b3a5bb142063710f66745 netfilter: nf_tables: do not allow SET_ID to refer to another table
|
||||
|
||||
"https://gitlab.com/cki-project/kernel-ark/-/commit"/2aff526ed9ac346017df36be2ee8cf3cb08a85f0
|
||||
2aff526ed9ac346017df36be2ee8cf3cb08a85f0 net_sched: cls_route: remove from list when handle is 0
|
||||
|
||||
"https://gitlab.com/cki-project/kernel-ark/-/commit"/5bd3fa9e52be0ddcacde0c305a19e500f9572606
|
||||
5bd3fa9e52be0ddcacde0c305a19e500f9572606 posix-cpu-timers: Cleanup CPU timers before freeing them during exec
|
||||
|
||||
"https://gitlab.com/cki-project/kernel-ark/-/commit"/f014b0b869404c24a955539ae044dae72f639cce
|
||||
f014b0b869404c24a955539ae044dae72f639cce um: Add missing apply_returns()
|
||||
|
||||
|
|
11
kernel.spec
11
kernel.spec
|
@ -122,11 +122,11 @@ Summary: The Linux kernel
|
|||
# the --with-release option overrides this setting.)
|
||||
%define debugbuildsenabled 1
|
||||
# define buildid .local
|
||||
%define specversion 5.18.16
|
||||
%define specversion 5.18.17
|
||||
%define patchversion 5.18
|
||||
%define pkgrelease 100
|
||||
%define kversion 5
|
||||
%define tarfile_release 5.18.16
|
||||
%define tarfile_release 5.18.17
|
||||
# This is needed to do merge window version magic
|
||||
%define patchlevel 18
|
||||
# allow pkg_release to have configurable %%{?dist} tag
|
||||
|
@ -3034,7 +3034,12 @@ fi
|
|||
#
|
||||
#
|
||||
%changelog
|
||||
* Wed Aug 03 2022 Justin M. Forbes <jforbes@fedoraproject.org> [5.18.16-100]
|
||||
* Thu Aug 11 2022 Justin M. Forbes <jforbes@fedoraproject.org> [5.18.17-0]
|
||||
- netfilter: nf_tables: do not allow RULE_ID to refer to another chain (Thadeu Lima de Souza Cascardo)
|
||||
- netfilter: nf_tables: do not allow CHAIN_ID to refer to another table (Thadeu Lima de Souza Cascardo)
|
||||
- netfilter: nf_tables: do not allow SET_ID to refer to another table (Thadeu Lima de Souza Cascardo)
|
||||
- net_sched: cls_route: remove from list when handle is 0 (Thadeu Lima de Souza Cascardo)
|
||||
- posix-cpu-timers: Cleanup CPU timers before freeing them during exec (Thadeu Lima de Souza Cascardo)
|
||||
- Linux v5.18.16 (Justin M. Forbes)
|
||||
|
||||
* Wed Aug 03 2022 Justin M. Forbes <jforbes@fedoraproject.org> [5.18.16-0]
|
||||
|
|
|
@ -30,6 +30,7 @@
|
|||
drivers/nvme/host/nvme.h | 4 +
|
||||
drivers/pci/quirks.c | 24 ++++
|
||||
drivers/usb/core/hub.c | 7 ++
|
||||
fs/exec.c | 3 +
|
||||
include/linux/efi.h | 24 ++--
|
||||
include/linux/lsm_hook_defs.h | 2 +
|
||||
include/linux/lsm_hooks.h | 6 +
|
||||
|
@ -37,15 +38,17 @@
|
|||
include/linux/security.h | 5 +
|
||||
init/Kconfig | 2 +-
|
||||
kernel/module_signing.c | 9 +-
|
||||
net/netfilter/nf_tables_api.c | 17 ++-
|
||||
net/sched/cls_route.c | 2 +-
|
||||
scripts/tags.sh | 2 +
|
||||
security/integrity/platform_certs/load_uefi.c | 6 +-
|
||||
security/lockdown/Kconfig | 13 +++
|
||||
security/lockdown/lockdown.c | 1 +
|
||||
security/security.c | 6 +
|
||||
44 files changed, 721 insertions(+), 191 deletions(-)
|
||||
47 files changed, 737 insertions(+), 197 deletions(-)
|
||||
|
||||
diff --git a/Makefile b/Makefile
|
||||
index 18bcbcd037f0..0d3bf7d650c0 100644
|
||||
index ef8c18e5c161..81900a28f77b 100644
|
||||
--- a/Makefile
|
||||
+++ b/Makefile
|
||||
@@ -18,6 +18,10 @@ $(if $(filter __%, $(MAKECMDGOALS)), \
|
||||
|
@ -1516,6 +1519,20 @@ index 1460857026e0..7e1964891089 100644
|
|||
/* Lock the device, then check to see if we were
|
||||
* disconnected while waiting for the lock to succeed. */
|
||||
usb_lock_device(hdev);
|
||||
diff --git a/fs/exec.c b/fs/exec.c
|
||||
index 5a75e92b1a0a..a9f5acf8f0ec 100644
|
||||
--- a/fs/exec.c
|
||||
+++ b/fs/exec.c
|
||||
@@ -1297,6 +1297,9 @@ int begin_new_exec(struct linux_binprm * bprm)
|
||||
bprm->mm = NULL;
|
||||
|
||||
#ifdef CONFIG_POSIX_TIMERS
|
||||
+ spin_lock_irq(&me->sighand->siglock);
|
||||
+ posix_cpu_timers_exit(me);
|
||||
+ spin_unlock_irq(&me->sighand->siglock);
|
||||
exit_itimers(me);
|
||||
flush_itimer_signals();
|
||||
#endif
|
||||
diff --git a/include/linux/efi.h b/include/linux/efi.h
|
||||
index cc6d2be2ffd5..418d814d2eb7 100644
|
||||
--- a/include/linux/efi.h
|
||||
|
@ -1699,6 +1716,124 @@ index 8723ae70ea1f..fb2d773498c2 100644
|
|||
+ }
|
||||
+ return ret;
|
||||
}
|
||||
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
|
||||
index de3dc35ce609..30dd77d58f20 100644
|
||||
--- a/net/netfilter/nf_tables_api.c
|
||||
+++ b/net/netfilter/nf_tables_api.c
|
||||
@@ -2472,6 +2472,7 @@ static int nf_tables_updchain(struct nft_ctx *ctx, u8 genmask, u8 policy,
|
||||
}
|
||||
|
||||
static struct nft_chain *nft_chain_lookup_byid(const struct net *net,
|
||||
+ const struct nft_table *table,
|
||||
const struct nlattr *nla)
|
||||
{
|
||||
struct nftables_pernet *nft_net = nft_pernet(net);
|
||||
@@ -2482,6 +2483,7 @@ static struct nft_chain *nft_chain_lookup_byid(const struct net *net,
|
||||
struct nft_chain *chain = trans->ctx.chain;
|
||||
|
||||
if (trans->msg_type == NFT_MSG_NEWCHAIN &&
|
||||
+ chain->table == table &&
|
||||
id == nft_trans_chain_id(trans))
|
||||
return chain;
|
||||
}
|
||||
@@ -3369,6 +3371,7 @@ static int nft_table_validate(struct net *net, const struct nft_table *table)
|
||||
}
|
||||
|
||||
static struct nft_rule *nft_rule_lookup_byid(const struct net *net,
|
||||
+ const struct nft_chain *chain,
|
||||
const struct nlattr *nla);
|
||||
|
||||
#define NFT_RULE_MAXEXPRS 128
|
||||
@@ -3415,7 +3418,7 @@ static int nf_tables_newrule(struct sk_buff *skb, const struct nfnl_info *info,
|
||||
return -EOPNOTSUPP;
|
||||
|
||||
} else if (nla[NFTA_RULE_CHAIN_ID]) {
|
||||
- chain = nft_chain_lookup_byid(net, nla[NFTA_RULE_CHAIN_ID]);
|
||||
+ chain = nft_chain_lookup_byid(net, table, nla[NFTA_RULE_CHAIN_ID]);
|
||||
if (IS_ERR(chain)) {
|
||||
NL_SET_BAD_ATTR(extack, nla[NFTA_RULE_CHAIN_ID]);
|
||||
return PTR_ERR(chain);
|
||||
@@ -3457,7 +3460,7 @@ static int nf_tables_newrule(struct sk_buff *skb, const struct nfnl_info *info,
|
||||
return PTR_ERR(old_rule);
|
||||
}
|
||||
} else if (nla[NFTA_RULE_POSITION_ID]) {
|
||||
- old_rule = nft_rule_lookup_byid(net, nla[NFTA_RULE_POSITION_ID]);
|
||||
+ old_rule = nft_rule_lookup_byid(net, chain, nla[NFTA_RULE_POSITION_ID]);
|
||||
if (IS_ERR(old_rule)) {
|
||||
NL_SET_BAD_ATTR(extack, nla[NFTA_RULE_POSITION_ID]);
|
||||
return PTR_ERR(old_rule);
|
||||
@@ -3602,6 +3605,7 @@ static int nf_tables_newrule(struct sk_buff *skb, const struct nfnl_info *info,
|
||||
}
|
||||
|
||||
static struct nft_rule *nft_rule_lookup_byid(const struct net *net,
|
||||
+ const struct nft_chain *chain,
|
||||
const struct nlattr *nla)
|
||||
{
|
||||
struct nftables_pernet *nft_net = nft_pernet(net);
|
||||
@@ -3612,6 +3616,7 @@ static struct nft_rule *nft_rule_lookup_byid(const struct net *net,
|
||||
struct nft_rule *rule = nft_trans_rule(trans);
|
||||
|
||||
if (trans->msg_type == NFT_MSG_NEWRULE &&
|
||||
+ trans->ctx.chain == chain &&
|
||||
id == nft_trans_rule_id(trans))
|
||||
return rule;
|
||||
}
|
||||
@@ -3661,7 +3666,7 @@ static int nf_tables_delrule(struct sk_buff *skb, const struct nfnl_info *info,
|
||||
|
||||
err = nft_delrule(&ctx, rule);
|
||||
} else if (nla[NFTA_RULE_ID]) {
|
||||
- rule = nft_rule_lookup_byid(net, nla[NFTA_RULE_ID]);
|
||||
+ rule = nft_rule_lookup_byid(net, chain, nla[NFTA_RULE_ID]);
|
||||
if (IS_ERR(rule)) {
|
||||
NL_SET_BAD_ATTR(extack, nla[NFTA_RULE_ID]);
|
||||
return PTR_ERR(rule);
|
||||
@@ -3840,6 +3845,7 @@ static struct nft_set *nft_set_lookup_byhandle(const struct nft_table *table,
|
||||
}
|
||||
|
||||
static struct nft_set *nft_set_lookup_byid(const struct net *net,
|
||||
+ const struct nft_table *table,
|
||||
const struct nlattr *nla, u8 genmask)
|
||||
{
|
||||
struct nftables_pernet *nft_net = nft_pernet(net);
|
||||
@@ -3851,6 +3857,7 @@ static struct nft_set *nft_set_lookup_byid(const struct net *net,
|
||||
struct nft_set *set = nft_trans_set(trans);
|
||||
|
||||
if (id == nft_trans_set_id(trans) &&
|
||||
+ set->table == table &&
|
||||
nft_active_genmask(set, genmask))
|
||||
return set;
|
||||
}
|
||||
@@ -3871,7 +3878,7 @@ struct nft_set *nft_set_lookup_global(const struct net *net,
|
||||
if (!nla_set_id)
|
||||
return set;
|
||||
|
||||
- set = nft_set_lookup_byid(net, nla_set_id, genmask);
|
||||
+ set = nft_set_lookup_byid(net, table, nla_set_id, genmask);
|
||||
}
|
||||
return set;
|
||||
}
|
||||
@@ -9595,7 +9602,7 @@ static int nft_verdict_init(const struct nft_ctx *ctx, struct nft_data *data,
|
||||
tb[NFTA_VERDICT_CHAIN],
|
||||
genmask);
|
||||
} else if (tb[NFTA_VERDICT_CHAIN_ID]) {
|
||||
- chain = nft_chain_lookup_byid(ctx->net,
|
||||
+ chain = nft_chain_lookup_byid(ctx->net, ctx->table,
|
||||
tb[NFTA_VERDICT_CHAIN_ID]);
|
||||
if (IS_ERR(chain))
|
||||
return PTR_ERR(chain);
|
||||
diff --git a/net/sched/cls_route.c b/net/sched/cls_route.c
|
||||
index a35ab8c27866..3f935cbbaff6 100644
|
||||
--- a/net/sched/cls_route.c
|
||||
+++ b/net/sched/cls_route.c
|
||||
@@ -526,7 +526,7 @@ static int route4_change(struct net *net, struct sk_buff *in_skb,
|
||||
rcu_assign_pointer(f->next, f1);
|
||||
rcu_assign_pointer(*fp, f);
|
||||
|
||||
- if (fold && fold->handle && f->handle != fold->handle) {
|
||||
+ if (fold) {
|
||||
th = to_hash(fold->handle);
|
||||
h = from_hash(fold->handle >> 16);
|
||||
b = rtnl_dereference(head->table[th]);
|
||||
diff --git a/scripts/tags.sh b/scripts/tags.sh
|
||||
index 16d475b3e203..4e333f14b84e 100755
|
||||
--- a/scripts/tags.sh
|
||||
|
|
6
sources
6
sources
|
@ -1,3 +1,3 @@
|
|||
SHA512 (linux-5.18.16.tar.xz) = 57f6ccbbc3dfe08ae171737b389b3e25577c893d32ff73e97eae36ce44f97aae254862c0234f3e5f84f8512c2ed20f5fd45f57a06a4ea5e76cdeda7ba421782e
|
||||
SHA512 (kernel-abi-stablelists-5.18.16-100.tar.bz2) = fbbe68654dc370e61f46f832698f9d23bf48b3c01099381239f8a422fc0d1c8ae1d8cb774d574172d53889d105a52d074cc64126a6a480b56f575b260da731bd
|
||||
SHA512 (kernel-kabi-dw-5.18.16-100.tar.bz2) = f018d6d055f1683900bf23135e8ebebebb511494136b807c29a939f591d3f864bd8f6843724c08f9427247a157487edfd2951fc0500f178041a3a9468ae0d98b
|
||||
SHA512 (linux-5.18.17.tar.xz) = fb838f8f93faf83a41d9f42178c1ccd296d2a9e10fd1508f868e3e6d0bae4ebe2fb6ec2537cc3a6c955aec4520f402f53066e769c5be9244410fd3ae47b49faa
|
||||
SHA512 (kernel-abi-stablelists-5.18.17-100.tar.bz2) = bd37621c15ac6597c619ec27ca13dc85a9efae6ac95c8990f4a7f3f66b492ef0b8fd4cfcbd58149b07516c9d3a501d5a54127df4d0b2d6fb011288b9b3165ddd
|
||||
SHA512 (kernel-kabi-dw-5.18.17-100.tar.bz2) = a7bae8b6c6e312475257435f33510d725374b213998d439aaa786c68255871715c4d300738dd72d7eb943989f690e1c0fc73108c0ee329dd5c7f3da8d5239920
|
||||
|
|
Loading…
Reference in New Issue