Linux v4.14.17

kernel.spec

@@ -54,7 +54,7 @@ Summary: The Linux kernel
 %if 0%{?released_kernel}
 
 # Do we have a -stable update to apply?
-%define stable_update 16
+%define stable_update 17
 # Set rpm version accordingly
 %if 0%{?stable_update}
 %define stablerev %{stable_update}
@@ -603,8 +603,6 @@ Patch321: bcm283x-dma-mapping-skip-USB-devices-when-configuring-DMA-during-probe
 # bcm2837 bluetooth support
 Patch323: bcm2837-bluetooth-support.patch
 
-Patch324: rpi-graphics-fix.patch
-
 # Generic fixes and enablement for Socionext SoC and 96board
 # https://patchwork.kernel.org/patch/9980861/
 Patch331: PCI-aspm-deal-with-missing-root-ports-in-link-state-handling.patch
@@ -621,9 +619,6 @@ Patch335: arm-exynos-fix-usb3.patch
 # rbhz 1519591 1520764
 Patch500: dccp-CVE-2017-8824-use-after-free-in-DCCP-code.patch
 
-# CVE-2018-5344 rhbz 1533909 1533911
-Patch507: loop-fix-concurrent-lo_open-lo_release.patch
-
 # 550-600 Meltdown and Spectre Fixes
 Patch550: prevent-bounds-check-bypass-via-speculative-execution.patch
 
@@ -2243,6 +2238,9 @@ fi
 #
 #
 %changelog
+* Mon Feb 05 2018 Justin M. Forbes <jforbes@fedoraproject.org> - 4.14.17-200
+- Linux v4.14.17
+
 * Wed Jan 31 2018 Justin M. Forbes <jforbes@fedoraproject.org> - 4.14.16-200
 - Linux v4.14.16
 

loop-fix-concurrent-lo_open-lo_release.patch

@@ -1,55 +0,0 @@
-From ae6650163c66a7eff1acd6eb8b0f752dcfa8eba5 Mon Sep 17 00:00:00 2001
-From: Linus Torvalds <torvalds@linux-foundation.org>
-Date: Fri, 5 Jan 2018 16:26:00 -0800
-Subject: [PATCH] loop: fix concurrent lo_open/lo_release
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-范龙飞 reports that KASAN can report a use-after-free in __lock_acquire.
-The reason is due to insufficient serialization in lo_release(), which
-will continue to use the loop device even after it has decremented the
-lo_refcnt to zero.
-
-In the meantime, another process can come in, open the loop device
-again as it is being shut down. Confusion ensues.
-
-Reported-by: 范龙飞 <long7573@126.com>
-Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-Signed-off-by: Jens Axboe <axboe@kernel.dk>
----
- drivers/block/loop.c | 10 ++++++++--
- 1 file changed, 8 insertions(+), 2 deletions(-)
-
-diff --git a/drivers/block/loop.c b/drivers/block/loop.c
-index bc8e61506968..d5fe720cf149 100644
---- a/drivers/block/loop.c
-+++ b/drivers/block/loop.c
-@@ -1581,9 +1581,8 @@ static int lo_open(struct block_device *bdev, fmode_t mode)
- 	return err;
- }
- 
--static void lo_release(struct gendisk *disk, fmode_t mode)
-+static void __lo_release(struct loop_device *lo)
- {
--	struct loop_device *lo = disk->private_data;
- 	int err;
- 
- 	if (atomic_dec_return(&lo->lo_refcnt))
-@@ -1610,6 +1609,13 @@ static void lo_release(struct gendisk *disk, fmode_t mode)
- 	mutex_unlock(&lo->lo_ctl_mutex);
- }
- 
-+static void lo_release(struct gendisk *disk, fmode_t mode)
-+{
-+	mutex_lock(&loop_index_mutex);
-+	__lo_release(disk->private_data);
-+	mutex_unlock(&loop_index_mutex);
-+}
-+
- static const struct block_device_operations lo_fops = {
- 	.owner =	THIS_MODULE,
- 	.open =		lo_open,
--- 
-2.15.1
-

rpi-graphics-fix.patch

@@ -1,46 +0,0 @@
-From 253696ccd613fbdaa5aba1de44c461a058e0a114 Mon Sep 17 00:00:00 2001
-From: Stefan Schake <stschake@gmail.com>
-Date: Fri, 10 Nov 2017 02:05:06 +0100
-Subject: drm/vc4: Account for interrupts in flight
-
-Synchronously disable the IRQ to make the following cancel_work_sync
-invocation effective.
-
-An interrupt in flight could enqueue further overflow mem work. As we
-free the binner BO immediately following vc4_irq_uninstall this caused
-a NULL pointer dereference in the work callback vc4_overflow_mem_work.
-
-Link: https://github.com/anholt/linux/issues/114
-Signed-off-by: Stefan Schake <stschake@gmail.com>
-Fixes: d5b1a78a772f ("drm/vc4: Add support for drawing 3D frames.")
-Signed-off-by: Eric Anholt <eric@anholt.net>
-Reviewed-by: Eric Anholt <eric@anholt.net>
-Link: https://patchwork.freedesktop.org/patch/msgid/1510275907-993-2-git-send-email-stschake@gmail.com
-
-diff --git a/drivers/gpu/drm/vc4/vc4_irq.c b/drivers/gpu/drm/vc4/vc4_irq.c
-index 7d7af3a..61b2e53 100644
---- a/drivers/gpu/drm/vc4/vc4_irq.c
-+++ b/drivers/gpu/drm/vc4/vc4_irq.c
-@@ -208,6 +208,9 @@ vc4_irq_postinstall(struct drm_device *dev)
- {
- 	struct vc4_dev *vc4 = to_vc4_dev(dev);
- 
-+	/* Undo the effects of a previous vc4_irq_uninstall. */
-+	enable_irq(dev->irq);
-+
- 	/* Enable both the render done and out of memory interrupts. */
- 	V3D_WRITE(V3D_INTENA, V3D_DRIVER_IRQS);
- 
-@@ -225,6 +228,9 @@ vc4_irq_uninstall(struct drm_device *dev)
- 	/* Clear any pending interrupts we might have left. */
- 	V3D_WRITE(V3D_INTCTL, V3D_DRIVER_IRQS);
- 
-+	/* Finish any interrupt handler still in flight. */
-+	disable_irq(dev->irq);
-+
- 	cancel_work_sync(&vc4->overflow_mem_work);
- }
- 
--- 
-cgit v0.10.2
-

sources

@@ -1,3 +1,3 @@
 SHA512 (linux-4.14.tar.xz) = 77e43a02d766c3d73b7e25c4aafb2e931d6b16e870510c22cef0cdb05c3acb7952b8908ebad12b10ef982c6efbe286364b1544586e715cf38390e483927904d8
 SHA512 (perf-man-4.14.tar.gz) = 76a9d8adc284cdffd4b3fbb060e7f9a14109267707ce1d03f4c3239cd70d8d164f697da3a0f90a363fbcac42a61d3c378afbcc2a86f112c501b9cb5ce74ef9f8
-SHA512 (patch-4.14.16.xz) = 7ba492011915a356ea696a6ae2269ff85725f726f6dd382973ceb417ac3289c7b4384bdffbde8ddea04b386126e07a3ea3aacf18253db4fcbc461e7c7e75d371
+SHA512 (patch-4.14.17.xz) = fd785f0ab864ef4d2b18041183d867fb3a00e6d8718cb016d61a5c6de9f29f6653678ae6cc72593224da3e1bc44cc061d285a2f426ca1d62b4eb571549c440e3