Linux v4.6-8907-g7639dad
- trace, f2fs, btrfs, rtc, mailbox, akpm, staging, driver core, char, usb, tty, clk, net, devicetree, rdma, mfd, iio, powerpc, arm merges
This commit is contained in:
Laura Abbott
parent
8a052bf240
commit
cfaea7dc72
|
|
@ -1,41 +0,0 @@
|
|||
From 7adc5cbc25dcc47dc3856108d9823d08da75da9d Mon Sep 17 00:00:00 2001
|
||||
From: Kangjie Lu <kangjielu@gmail.com>
|
||||
Date: Tue, 3 May 2016 16:32:16 -0400
|
||||
Subject: [PATCH] USB: usbfs: fix potential infoleak in devio
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
The stack object “ci” has a total size of 8 bytes. Its last 3 bytes
|
||||
are padding bytes which are not initialized and leaked to userland
|
||||
via “copy_to_user”.
|
||||
|
||||
Signed-off-by: Kangjie Lu <kjlu@gatech.edu>
|
||||
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||||
---
|
||||
drivers/usb/core/devio.c | 9 +++++----
|
||||
1 file changed, 5 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/drivers/usb/core/devio.c b/drivers/usb/core/devio.c
|
||||
index 52c4461dfccd..9b7f1f75e887 100644
|
||||
--- a/drivers/usb/core/devio.c
|
||||
+++ b/drivers/usb/core/devio.c
|
||||
@@ -1316,10 +1316,11 @@ static int proc_getdriver(struct usb_dev_state *ps, void __user *arg)
|
||||
|
||||
static int proc_connectinfo(struct usb_dev_state *ps, void __user *arg)
|
||||
{
|
||||
- struct usbdevfs_connectinfo ci = {
|
||||
- .devnum = ps->dev->devnum,
|
||||
- .slow = ps->dev->speed == USB_SPEED_LOW
|
||||
- };
|
||||
+ struct usbdevfs_connectinfo ci;
|
||||
+
|
||||
+ memset(&ci, 0, sizeof(ci));
|
||||
+ ci.devnum = ps->dev->devnum;
|
||||
+ ci.slow = ps->dev->speed == USB_SPEED_LOW;
|
||||
|
||||
if (copy_to_user(arg, &ci, sizeof(ci)))
|
||||
return -EFAULT;
|
||||
--
|
||||
2.5.5
|
||||
|
||||
|
|
@ -158,6 +158,7 @@ CONFIG_REGULATOR_HI655X=m
|
|||
CONFIG_PHY_HI6220_USB=m
|
||||
CONFIG_COMMON_RESET_HI6220=m
|
||||
CONFIG_HI6220_MBOX=m
|
||||
# CONFIG_RESET_HISI is not set
|
||||
|
||||
# Tegra
|
||||
CONFIG_ARCH_TEGRA_132_SOC=y
|
||||
|
|
@ -176,6 +177,7 @@ CONFIG_NET_VENDOR_ALLWINNER=y
|
|||
# CONFIG_SERIO_SUN4I_PS2 is not set
|
||||
CONFIG_SUNXI_WATCHDOG=m
|
||||
CONFIG_MFD_SUN6I_PRCM=y
|
||||
# CONFIG_MFD_HI655X_PMIC is not set
|
||||
CONFIG_IR_SUNXI=m
|
||||
CONFIG_MMC_SUNXI=m
|
||||
CONFIG_RTC_DRV_SUN6I=m
|
||||
|
|
@ -227,3 +229,4 @@ CONFIG_DEBUG_SECTION_MISMATCH=y
|
|||
|
||||
# Will probably need to be changed later
|
||||
# CONFIG_NUMA is not set
|
||||
|
||||
|
|
|
|||
|
|
@ -805,6 +805,7 @@ CONFIG_R8188EU=m
|
|||
# CONFIG_SERIAL_IFX6X60 is not set
|
||||
# CONFIG_SERIAL_BCM63XX is not set
|
||||
# CONFIG_SERIAL_STM32 is not set
|
||||
# CONFIG_SERIAL_MPS2_UART is not set
|
||||
# CONFIG_FB_XILINX is not set
|
||||
# CONFIG_BRCMSTB_GISB_ARB is not set
|
||||
# CONFIG_SUNGEM is not set
|
||||
|
|
|
|||
|
|
@ -25,6 +25,7 @@ CONFIG_FAULT_INJECTION_DEBUG_FS=y
|
|||
CONFIG_FAULT_INJECTION_STACKTRACE_FILTER=y
|
||||
CONFIG_FAIL_IO_TIMEOUT=y
|
||||
CONFIG_FAIL_MMC_REQUEST=y
|
||||
# CONFIG_F2FS_FAULT_INJECTION is not set
|
||||
|
||||
CONFIG_LOCK_STAT=y
|
||||
|
||||
|
|
|
|||
|
|
@ -215,7 +215,8 @@ CONFIG_BINFMT_MISC=m
|
|||
# CONFIG_COMMON_CLK_CS2000_CP is not set
|
||||
# CONFIG_COMMON_CLK_PWM is not set
|
||||
# CONFIG_COMMON_CLK_CDCE925 is not set
|
||||
#
|
||||
# CONFIG_COMMON_CLK_OXNAS is not set
|
||||
# CONFIG_COMMON_CLK_HI3519 is not set
|
||||
|
||||
#
|
||||
# Generic Driver Options
|
||||
|
|
@ -238,6 +239,7 @@ CONFIG_REGMAP_I2C=m
|
|||
# CONFIG_CMA is not set
|
||||
# CONFIG_DMA_CMA is not set
|
||||
# CONFIG_FENCE_TRACE is not set
|
||||
# CONFIG_SYNC_FILE is not set
|
||||
|
||||
# CONFIG_SPI is not set
|
||||
# CONFIG_SPI_ALTERA is not set
|
||||
|
|
@ -3012,6 +3014,8 @@ CONFIG_ACPI_ALS=m
|
|||
# CONFIG_AD5421 is not set
|
||||
# CONFIG_AD5449 is not set
|
||||
# CONFIG_AD5504 is not set
|
||||
# CONFIG_AD5592R is not set
|
||||
# CONFIG_AD5593R is not set
|
||||
# CONFIG_AD5624R_SPI is not set
|
||||
# CONFIG_AD5686 is not set
|
||||
# CONFIG_AD5755 is not set
|
||||
|
|
@ -3074,6 +3078,18 @@ CONFIG_PA12203001=m
|
|||
# CONFIG_TSYS02D is not set
|
||||
# CONFIG_HI8435 is not set
|
||||
# CONFIG_IMX7D_ADC is not set
|
||||
# CONFIG_AM2315 is not set
|
||||
# CONFIG_BMI160_I2C is not set
|
||||
# CONFIG_BMI160_SPI is not set
|
||||
# CONFIG_BH1780 is not set
|
||||
# CONFIG_MAX44000 is not set
|
||||
# CONFIG_VEML6070 is not set
|
||||
# CONFIG_BMC150_MAGN_I2C is not set
|
||||
# CONFIG_BMC150_MAGN_SPI is not set
|
||||
# CONFIG_DS1803 is not set
|
||||
# CONFIG_MCP4131 is not set
|
||||
# CONFIG_HP03 is not set
|
||||
# CONFIG_HP206C is not set
|
||||
|
||||
# staging IIO drivers
|
||||
# CONFIG_AD7291 is not set
|
||||
|
|
@ -3304,6 +3320,7 @@ CONFIG_RTC_DRV_PCF85063=m
|
|||
# CONFIG_RTC_DRV_ABB5ZES3 is not set
|
||||
# CONFIG_RTC_DRV_ZYNQMP is not set
|
||||
# CONFIG_RTC_DRV_RV8803 is not set
|
||||
# CONFIG_RTC_DRV_DS1302 is not set
|
||||
|
||||
CONFIG_R3964=m
|
||||
# CONFIG_APPLICOM is not set
|
||||
|
|
@ -4358,6 +4375,7 @@ CONFIG_USB_EZUSB_FX2=m
|
|||
CONFIG_USB_HSIC_USB3503=m
|
||||
# CONFIG_USB_LINK_LAYER_TEST is not set
|
||||
CONFIG_USB_CHAOSKEY=m
|
||||
CONFIG_UCSI=m
|
||||
CONFIG_USB_LCD=m
|
||||
CONFIG_USB_LD=m
|
||||
CONFIG_USB_LEGOTOWER=m
|
||||
|
|
@ -4494,6 +4512,8 @@ CONFIG_MFD_VIPERBOARD=m
|
|||
# CONFIG_MFD_MAX77686 is not set
|
||||
# CONFIG_MFD_MAX8907 is not set
|
||||
# CONFIG_MFD_TPS65086 is not set
|
||||
# CONFIG_MFD_MAX77620 is not set
|
||||
# CONFIG_MFD_MAX77693 is not set
|
||||
|
||||
#
|
||||
# File systems
|
||||
|
|
@ -5656,6 +5676,7 @@ CONFIG_ALTERA_STAPL=m
|
|||
CONFIG_USBIP_CORE=m
|
||||
CONFIG_USBIP_VHCI_HCD=m
|
||||
CONFIG_USBIP_HOST=m
|
||||
CONFIG_USBIP_VUDC=m
|
||||
# CONFIG_USBIP_DEBUG is not set
|
||||
# CONFIG_INTEL_MEI is not set
|
||||
# CONFIG_VT6655 is not set
|
||||
|
|
@ -5747,6 +5768,7 @@ CONFIG_CLEANCACHE=y
|
|||
CONFIG_FRONTSWAP=y
|
||||
CONFIG_ZSWAP=y
|
||||
CONFIG_ZBUD=y
|
||||
CONFIG_Z3FOLD=y
|
||||
CONFIG_ZSMALLOC=y
|
||||
# CONFIG_ZSMALLOC_STAT is not set
|
||||
# CONFIG_PGTABLE_MAPPING is not set
|
||||
|
|
@ -5961,3 +5983,5 @@ CONFIG_SYSTEM_BLACKLIST_KEYRING=y
|
|||
# CONFIG_MCE_AMD_INJ is not set
|
||||
|
||||
# CONFIG_EZNPS_GIC is not set
|
||||
|
||||
CONFIG_NMI_LOG_BUF_SHIFT=13
|
||||
|
|
|
|||
|
|
@ -25,6 +25,7 @@ CONFIG_FAULT_INJECTION_DEBUG_FS=y
|
|||
CONFIG_FAULT_INJECTION_STACKTRACE_FILTER=y
|
||||
CONFIG_FAIL_IO_TIMEOUT=y
|
||||
CONFIG_FAIL_MMC_REQUEST=y
|
||||
# CONFIG_F2FS_FAULT_INJECTION is not set
|
||||
|
||||
CONFIG_LOCK_STAT=y
|
||||
|
||||
|
|
|
|||
|
|
@ -14,6 +14,8 @@ CONFIG_PPC_PSERIES=y
|
|||
# CONFIG_PPC_PMAC64 is not set
|
||||
# CONFIG_PPC_PS3 is not set
|
||||
CONFIG_HIBERNATION=n
|
||||
CONFIG_PPC_RADIX_MMU=y
|
||||
# CONFIG_FSL_LBC is not set
|
||||
|
||||
CONFIG_EXTRA_TARGETS=""
|
||||
|
||||
|
|
@ -54,6 +56,7 @@ CONFIG_PPC_64K_PAGES=y
|
|||
CONFIG_PPC_SUBPAGE_PROT=y
|
||||
CONFIG_SCHED_SMT=y
|
||||
CONFIG_MEMORY_HOTPLUG=y
|
||||
# CONFIG_MEMORY_HOTPLUG_DEFAULT_ONLINE is not set
|
||||
CONFIG_MEMORY_HOTREMOVE=y
|
||||
CONFIG_PPC64_SUPPORTS_MEMORY_FAILURE=y
|
||||
|
||||
|
|
|
|||
|
|
@ -183,6 +183,7 @@ CONFIG_VIRTIO_CONSOLE=y
|
|||
|
||||
CONFIG_MEMORY_HOTPLUG=y
|
||||
CONFIG_MEMORY_HOTREMOVE=y
|
||||
# CONFIG_MEMORY_HOTPLUG_DEFAULT_ONLINE is not set
|
||||
CONFIG_CHSC_SCH=m
|
||||
|
||||
# drivers/isdn/hardware/mISDN/hfcmulti.c:5255:2: error: #error "not running on big endian machines now"
|
||||
|
|
|
|||
|
|
@ -117,6 +117,7 @@ CONFIG_SPARSEMEM_EXTREME=y
|
|||
CONFIG_SPARSEMEM_VMEMMAP=y
|
||||
# CONFIG_MOVABLE_NODE is not set
|
||||
CONFIG_MEMORY_HOTPLUG=y
|
||||
# CONFIG_MEMORY_HOTPLUG_DEFAULT_ONLINE is not set
|
||||
# CONFIG_ARCH_MEMORY_PROBE is not set
|
||||
CONFIG_MEMORY_HOTREMOVE=y
|
||||
# CONFIG_DEFERRED_STRUCT_PAGE_INIT is not set
|
||||
|
|
|
|||
2
gitrev
2
gitrev
|
|
@ -1 +1 @@
|
|||
03b979dd0323ace8e29a0561cd5232f73a060c09
|
||||
7639dad93a5564579987abded4ec05e3db13659d
|
||||
|
|
|
|||
13
kernel.spec
13
kernel.spec
|
|
@ -69,7 +69,7 @@ Summary: The Linux kernel
|
|||
# The rc snapshot level
|
||||
%define rcrev 0
|
||||
# The git snapshot level
|
||||
%define gitrev 5
|
||||
%define gitrev 6
|
||||
# Set rpm version accordingly
|
||||
%define rpmversion 4.%{upstream_sublevel}.0
|
||||
%endif
|
||||
|
|
@ -503,7 +503,8 @@ Patch420: arm64-avoid-needing-console-to-enable-serial-console.patch
|
|||
Patch422: geekbox-v4-device-tree-support.patch
|
||||
|
||||
# http://www.spinics.net/lists/arm-kernel/msg483898.html
|
||||
Patch423: Initial-AllWinner-A64-and-PINE64-support.patch
|
||||
# This has major conflicts and needs to be rebased
|
||||
# Patch423: Initial-AllWinner-A64-and-PINE64-support.patch
|
||||
|
||||
# http://www.spinics.net/lists/linux-tegra/msg26029.html
|
||||
Patch426: usb-phy-tegra-Add-38.4MHz-clock-table-entry.patch
|
||||
|
|
@ -606,9 +607,6 @@ Patch641: disable-CONFIG_EXPERT-for-ZONE_DMA.patch
|
|||
#CVE-2016-3134 rhbz 1317383 1317384
|
||||
Patch665: netfilter-x_tables-deal-with-bogus-nextoffset-values.patch
|
||||
|
||||
#CVE-2016-4482 rhbz 1332931 1332932
|
||||
Patch706: USB-usbfs-fix-potential-infoleak-in-devio.patch
|
||||
|
||||
#CVE-2016-4440 rhbz 1337806 1337807
|
||||
Patch719: kvm-vmx-more-complete-state-update-on-APICv-on-off.patch
|
||||
|
||||
|
|
@ -2137,6 +2135,11 @@ fi
|
|||
#
|
||||
#
|
||||
%changelog
|
||||
* Mon May 23 2016 Laura Abbott <labbott@redhat.com> - 4.7.0-0.rc0.git6.1
|
||||
- Linux v4.6-8907-g7639dad
|
||||
- trace, f2fs, btrfs, rtc, mailbox, akpm, staging, driver core, char, usb,
|
||||
tty, clk, net, devicetree, rdma, mfd, iio, powerpc, arm merges
|
||||
|
||||
* Fri May 20 2016 Laura Abbott <labbott@redhat.com> - 4.7.0-0.rc0.git5.1
|
||||
- Linux v4.6-6148-g03b979d
|
||||
- Docs, i2c, md, iommu, sound, pci, pinctrl, dmaengine, kvm, security merges
|
||||
|
|
|
|||
Loading…
Reference in New Issue