Linux v3.15.8
This commit is contained in:
Justin M. Forbes
parent
53c1f7a31b
commit
efc4216e5a
|
|
@ -1,41 +0,0 @@
|
|||
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1114768
|
||||
Upstream-status: Send upstream, with Cc: stable@vger.kernel.org
|
||||
|
||||
From f7c60e6750a17e3d6734ab12a2f8e3aab521406e Mon Sep 17 00:00:00 2001
|
||||
From: Hans de Goede <hdegoede@redhat.com>
|
||||
Date: Tue, 1 Jul 2014 12:27:05 +0200
|
||||
Subject: [PATCH] synaptics: Add min/max quirk for pnp-id LEN2002 (Edge E531)
|
||||
|
||||
https://bugzilla.redhat.com/show_bug.cgi?id=1114768
|
||||
|
||||
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
|
||||
---
|
||||
drivers/input/mouse/synaptics.c | 5 +++--
|
||||
1 file changed, 3 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/drivers/input/mouse/synaptics.c b/drivers/input/mouse/synaptics.c
|
||||
index 75a5154..84c72f6 100644
|
||||
--- a/drivers/input/mouse/synaptics.c
|
||||
+++ b/drivers/input/mouse/synaptics.c
|
||||
@@ -132,7 +132,8 @@ static const struct min_max_quirk min_max_pnpid_table[] = {
|
||||
1232, 5710, 1156, 4696
|
||||
},
|
||||
{
|
||||
- (const char * const []){"LEN0034", "LEN0036", "LEN2004", NULL},
|
||||
+ (const char * const []){"LEN0034", "LEN0036", "LEN2002",
|
||||
+ "LEN2004", NULL},
|
||||
1024, 5112, 2024, 4832
|
||||
},
|
||||
{
|
||||
@@ -168,7 +169,7 @@ static const char * const topbuttonpad_pnp_ids[] = {
|
||||
"LEN0049",
|
||||
"LEN2000",
|
||||
"LEN2001", /* Edge E431 */
|
||||
- "LEN2002",
|
||||
+ "LEN2002", /* Edge E531 */
|
||||
"LEN2003",
|
||||
"LEN2004", /* L440 */
|
||||
"LEN2005",
|
||||
--
|
||||
2.0.0
|
||||
|
||||
|
|
@ -1,41 +0,0 @@
|
|||
Bugzilla: 1122482
|
||||
Upstream-status: Sent for 3.16
|
||||
From: Vasily Averin <vvs@openvz.org>
|
||||
Subject: [PATCH v4] fs: umount on symlink leaks mnt count
|
||||
Currently umount on symlink blocks following umount:
|
||||
|
||||
/vz is separate mount
|
||||
|
||||
# ls /vz/ -al | grep test
|
||||
drwxr-xr-x. 2 root root 4096 Jul 19 01:14 testdir
|
||||
lrwxrwxrwx. 1 root root 11 Jul 19 01:16 testlink -> /vz/testdir
|
||||
# umount -l /vz/testlink
|
||||
umount: /vz/testlink: not mounted (expected)
|
||||
# lsof /vz
|
||||
# umount /vz
|
||||
umount: /vz: device is busy. (unexpected)
|
||||
|
||||
In this case mountpoint_last() gets an extra refcount on path->mnt
|
||||
|
||||
Signed-off-by: Vasily Averin <vvs@openvz.org>
|
||||
---
|
||||
fs/namei.c | 3 ++-
|
||||
1 files changed, 2 insertions(+), 1 deletions(-)
|
||||
diff --git a/fs/namei.c b/fs/namei.c
|
||||
index 985c6f3..9eb787e 100644
|
||||
--- a/fs/namei.c
|
||||
+++ b/fs/namei.c
|
||||
@@ -2256,9 +2256,10 @@ done:
|
||||
goto out;
|
||||
}
|
||||
path->dentry = dentry;
|
||||
- path->mnt = mntget(nd->path.mnt);
|
||||
+ path->mnt = nd->path.mnt;
|
||||
if (should_follow_link(dentry, nd->flags & LOOKUP_FOLLOW))
|
||||
return 1;
|
||||
+ mntget(path->mnt);
|
||||
follow_mount(path);
|
||||
error = 0;
|
||||
out:
|
||||
--
|
||||
1.7.5.4
|
||||
23
kernel.spec
23
kernel.spec
|
|
@ -74,7 +74,7 @@ Summary: The Linux kernel
|
|||
%if 0%{?released_kernel}
|
||||
|
||||
# Do we have a -stable update to apply?
|
||||
%define stable_update 7
|
||||
%define stable_update 8
|
||||
# Is it a -stable RC?
|
||||
%define stable_rc 0
|
||||
# Set rpm version accordingly
|
||||
|
|
@ -738,21 +738,12 @@ Patch25109: revert-input-wacom-testing-result-shows-get_report-is-unnecessary.pa
|
|||
#rhbz 1021036, submitted upstream
|
||||
Patch25110: 0001-ideapad-laptop-Change-Lenovo-Yoga-2-series-rfkill-ha.patch
|
||||
|
||||
#rhbz 1114768
|
||||
Patch25112: 0001-synaptics-Add-min-max-quirk-for-pnp-id-LEN2002-Edge-.patch
|
||||
|
||||
#CVE-2014-4943 rhbz 1119458 1120542
|
||||
Patch25115: net-l2tp-don-t-fall-back-on-UDP-get-set-sockopt.patch
|
||||
|
||||
#CVE-2014-3534 rhbz 1114089 1122612
|
||||
Patch25117: s390-ptrace-fix-PSW-mask-check.patch
|
||||
|
||||
#rhbz 1117942
|
||||
Patch25118: sched-fix-sched_setparam-policy-1-logic.patch
|
||||
|
||||
#CVE-2014-5045 rhbz 1122472 1122482
|
||||
Patch25119: fs-umount-on-symlink-leaks-mnt-count.patch
|
||||
|
||||
#rhbz 1060327
|
||||
Patch25123: drm-try-harder-to-avoid-regression-when-merging-mode.patch
|
||||
|
||||
|
|
@ -1465,21 +1456,12 @@ ApplyPatch revert-input-wacom-testing-result-shows-get_report-is-unnecessary.pat
|
|||
#rhbz 1021036, submitted upstream
|
||||
ApplyPatch 0001-ideapad-laptop-Change-Lenovo-Yoga-2-series-rfkill-ha.patch
|
||||
|
||||
#rhbz 1114768
|
||||
ApplyPatch 0001-synaptics-Add-min-max-quirk-for-pnp-id-LEN2002-Edge-.patch
|
||||
|
||||
#CVE-2014-4943 rhbz 1119458 1120542
|
||||
ApplyPatch net-l2tp-don-t-fall-back-on-UDP-get-set-sockopt.patch
|
||||
|
||||
#CVE-2014-3534 rhbz 1114089 1122612
|
||||
ApplyPatch s390-ptrace-fix-PSW-mask-check.patch
|
||||
|
||||
#rhbz 1117942
|
||||
ApplyPatch sched-fix-sched_setparam-policy-1-logic.patch
|
||||
|
||||
#CVE-2014-5045 rhbz 1122472 1122482
|
||||
ApplyPatch fs-umount-on-symlink-leaks-mnt-count.patch
|
||||
|
||||
#rhbz 1060327
|
||||
ApplyPatch drm-try-harder-to-avoid-regression-when-merging-mode.patch
|
||||
|
||||
|
|
@ -2306,6 +2288,9 @@ fi
|
|||
# ||----w |
|
||||
# || ||
|
||||
%changelog
|
||||
* Thu Jul 31 2014 Justin M. Forbes <jforbes@fedoraproject.org> 3.15.8-200
|
||||
- Linux v3.15.8
|
||||
|
||||
* Mon Jul 28 2014 Justin M. Forbes <jforbes@fedoraproject.org> 3.15.7-200
|
||||
- Linux v3.15.7
|
||||
|
||||
|
|
|
|||
|
|
@ -1,59 +0,0 @@
|
|||
Bugzilla: 1122612
|
||||
Upstream-status: 3.16 and CC'd to stable
|
||||
|
||||
From dab6cf55f81a6e16b8147aed9a843e1691dcd318 Mon Sep 17 00:00:00 2001
|
||||
From: Martin Schwidefsky <schwidefsky@de.ibm.com>
|
||||
Date: Mon, 23 Jun 2014 15:29:40 +0200
|
||||
Subject: [PATCH] s390/ptrace: fix PSW mask check
|
||||
|
||||
The PSW mask check of the PTRACE_POKEUSR_AREA command is incorrect.
|
||||
The PSW_MASK_USER define contains the PSW_MASK_ASC bits, the ptrace
|
||||
interface accepts all combinations for the address-space-control
|
||||
bits. To protect the kernel space the PSW mask check in ptrace needs
|
||||
to reject the address-space-control bit combination for home space.
|
||||
|
||||
Fixes CVE-2014-3534
|
||||
|
||||
Cc: stable@vger.kernel.org
|
||||
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
|
||||
---
|
||||
arch/s390/kernel/ptrace.c | 12 ++++++++++--
|
||||
1 file changed, 10 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/arch/s390/kernel/ptrace.c b/arch/s390/kernel/ptrace.c
|
||||
index 2d716734b5b1..5dc7ad9e2fbf 100644
|
||||
--- a/arch/s390/kernel/ptrace.c
|
||||
+++ b/arch/s390/kernel/ptrace.c
|
||||
@@ -334,9 +334,14 @@ static int __poke_user(struct task_struct *child, addr_t addr, addr_t data)
|
||||
unsigned long mask = PSW_MASK_USER;
|
||||
|
||||
mask |= is_ri_task(child) ? PSW_MASK_RI : 0;
|
||||
- if ((data & ~mask) != PSW_USER_BITS)
|
||||
+ if ((data ^ PSW_USER_BITS) & ~mask)
|
||||
+ /* Invalid psw mask. */
|
||||
+ return -EINVAL;
|
||||
+ if ((data & PSW_MASK_ASC) == PSW_ASC_HOME)
|
||||
+ /* Invalid address-space-control bits */
|
||||
return -EINVAL;
|
||||
if ((data & PSW_MASK_EA) && !(data & PSW_MASK_BA))
|
||||
+ /* Invalid addressing mode bits */
|
||||
return -EINVAL;
|
||||
}
|
||||
*(addr_t *)((addr_t) &task_pt_regs(child)->psw + addr) = data;
|
||||
@@ -672,9 +677,12 @@ static int __poke_user_compat(struct task_struct *child,
|
||||
|
||||
mask |= is_ri_task(child) ? PSW32_MASK_RI : 0;
|
||||
/* Build a 64 bit psw mask from 31 bit mask. */
|
||||
- if ((tmp & ~mask) != PSW32_USER_BITS)
|
||||
+ if ((tmp ^ PSW32_USER_BITS) & ~mask)
|
||||
/* Invalid psw mask. */
|
||||
return -EINVAL;
|
||||
+ if ((data & PSW32_MASK_ASC) == PSW32_ASC_HOME)
|
||||
+ /* Invalid address-space-control bits */
|
||||
+ return -EINVAL;
|
||||
regs->psw.mask = (regs->psw.mask & ~PSW_MASK_USER) |
|
||||
(regs->psw.mask & PSW_MASK_BA) |
|
||||
(__u64)(tmp & mask) << 32;
|
||||
--
|
||||
1.9.3
|
||||
|
||||
Loading…
Reference in New Issue