From 9f7a0c0e7700d6455c3960fe1c00703778321bb3 Mon Sep 17 00:00:00 2001 From: Justin M. Forbes Date: Mar 22 2017 20:11:47 +0000 Subject: Linux v4.10.5 --- diff --git a/baseconfig/arm/arm64/CONFIG_QCOM_QDF2400_ERRATUM_0065 b/baseconfig/arm/arm64/CONFIG_QCOM_QDF2400_ERRATUM_0065 new file mode 100644 index 0000000..dec9be9 --- /dev/null +++ b/baseconfig/arm/arm64/CONFIG_QCOM_QDF2400_ERRATUM_0065 @@ -0,0 +1 @@ +CONFIG_QCOM_QDF2400_ERRATUM_0065=y diff --git a/kernel-aarch64-debug.config b/kernel-aarch64-debug.config index 5dd9006..47d3cc6 100644 --- a/kernel-aarch64-debug.config +++ b/kernel-aarch64-debug.config @@ -4026,6 +4026,7 @@ CONFIG_QCOM_GSBI=y CONFIG_QCOM_HIDMA=m CONFIG_QCOM_HIDMA_MGMT=m # CONFIG_QCOM_Q6V5_PIL is not set +CONFIG_QCOM_QDF2400_ERRATUM_0065=y CONFIG_QCOM_QFPROM=m CONFIG_QCOM_SMD=m CONFIG_QCOM_SMD_RPM=m diff --git a/kernel-aarch64.config b/kernel-aarch64.config index f18e33f..6144050 100644 --- a/kernel-aarch64.config +++ b/kernel-aarch64.config @@ -4004,6 +4004,7 @@ CONFIG_QCOM_GSBI=y CONFIG_QCOM_HIDMA=m CONFIG_QCOM_HIDMA_MGMT=m # CONFIG_QCOM_Q6V5_PIL is not set +CONFIG_QCOM_QDF2400_ERRATUM_0065=y CONFIG_QCOM_QFPROM=m CONFIG_QCOM_SMD=m CONFIG_QCOM_SMD_RPM=m diff --git a/kernel.spec b/kernel.spec index 2c7fa56..ba11a1f 100644 --- a/kernel.spec +++ b/kernel.spec @@ -54,7 +54,7 @@ Summary: The Linux kernel %if 0%{?released_kernel} # Do we have a -stable update to apply? -%define stable_update 4 +%define stable_update 5 # Set rpm version accordingly %if 0%{?stable_update} %define stablerev %{stable_update} @@ -608,8 +608,8 @@ Patch853: 0001-Work-around-for-gcc7-and-arm64.patch #CVE-2017-2596 rhbz 1417812 1417813 Patch854: kvm-fix-page-struct-leak-in-handle_vmon.patch -#CVE-2017-6353 rhbz 1428907 1428910 -Patch855: sctp-deny-peeloff-operation-on-asocs-with-threads-sl.patch +#Fix crda rhbz 1422247 +Patch856: genetlink-fix-counting-regression-on-ctrl_dumpfamily.patch # END OF PATCH DEFINITIONS @@ -2180,6 +2180,10 @@ fi # # %changelog +* Wed Mar 22 2017 Justin M. Forbes - 4.10.5-200 +- Linux v4.10.5 +- Fix crda (rhbz 1422247) + * Mon Mar 20 2017 Justin M. Forbes - 4.10.4-200 - Linux v4.10.4 diff --git a/sctp-deny-peeloff-operation-on-asocs-with-threads-sl.patch b/sctp-deny-peeloff-operation-on-asocs-with-threads-sl.patch deleted file mode 100644 index 47f586a..0000000 --- a/sctp-deny-peeloff-operation-on-asocs-with-threads-sl.patch +++ /dev/null @@ -1,66 +0,0 @@ -From dfcb9f4f99f1e9a49e43398a7bfbf56927544af1 Mon Sep 17 00:00:00 2001 -From: Marcelo Ricardo Leitner -Date: Thu, 23 Feb 2017 09:31:18 -0300 -Subject: [PATCH] sctp: deny peeloff operation on asocs with threads sleeping - on it - -commit 2dcab5984841 ("sctp: avoid BUG_ON on sctp_wait_for_sndbuf") -attempted to avoid a BUG_ON call when the association being used for a -sendmsg() is blocked waiting for more sndbuf and another thread did a -peeloff operation on such asoc, moving it to another socket. - -As Ben Hutchings noticed, then in such case it would return without -locking back the socket and would cause two unlocks in a row. - -Further analysis also revealed that it could allow a double free if the -application managed to peeloff the asoc that is created during the -sendmsg call, because then sctp_sendmsg() would try to free the asoc -that was created only for that call. - -This patch takes another approach. It will deny the peeloff operation -if there is a thread sleeping on the asoc, so this situation doesn't -exist anymore. This avoids the issues described above and also honors -the syscalls that are already being handled (it can be multiple sendmsg -calls). - -Joint work with Xin Long. - -Fixes: 2dcab5984841 ("sctp: avoid BUG_ON on sctp_wait_for_sndbuf") -Cc: Alexander Popov -Cc: Ben Hutchings -Signed-off-by: Marcelo Ricardo Leitner -Signed-off-by: Xin Long -Signed-off-by: David S. Miller ---- - net/sctp/socket.c | 8 ++++++-- - 1 file changed, 6 insertions(+), 2 deletions(-) - -diff --git a/net/sctp/socket.c b/net/sctp/socket.c -index b532148..465a9c8 100644 ---- a/net/sctp/socket.c -+++ b/net/sctp/socket.c -@@ -4862,6 +4862,12 @@ int sctp_do_peeloff(struct sock *sk, sctp_assoc_t id, struct socket **sockp) - if (!asoc) - return -EINVAL; - -+ /* If there is a thread waiting on more sndbuf space for -+ * sending on this asoc, it cannot be peeled. -+ */ -+ if (waitqueue_active(&asoc->wait)) -+ return -EBUSY; -+ - /* An association cannot be branched off from an already peeled-off - * socket, nor is this supported for tcp style sockets. - */ -@@ -7599,8 +7605,6 @@ static int sctp_wait_for_sndbuf(struct sctp_association *asoc, long *timeo_p, - */ - release_sock(sk); - current_timeo = schedule_timeout(current_timeo); -- if (sk != asoc->base.sk) -- goto do_error; - lock_sock(sk); - - *timeo_p = current_timeo; --- -2.9.3 - diff --git a/sources b/sources index 87a5242..0bf7b33 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ SHA512 (linux-4.10.tar.xz) = c3690125a8402df638095bd98a613fcf1a257b81de7611c84711d315cd11e2634ab4636302b3742aedf1e3ba9ce0fea53fe8c7d48e37865d8ee5db3565220d90 SHA512 (perf-man-4.10.tar.gz) = 2c830e06f47211d70a8330961487af73a8bc01073019475e6b6131d3bb8c95658b77ca0ae5f1b44371accf103658bc5a3a4366b3e017a4088a8fd408dd6867e8 -SHA512 (patch-4.10.4.xz) = a0631f3ee744984d9388d8e9ad98e7238d9305d94082db784b28080d9bae4f2c0cca84e4510ccfa562f5246ce1ed98c78cf41edc5a3b3bcc862ed62a1f2c8516 +SHA512 (patch-4.10.5.xz) = db494568a31cb9284f6a528f630ade1a6fdadf507187ec83ace48ccf9980663f3a636bc8a9a1d76b5beb3eb80e2e765d616898ec95d27aeee53fb4f04884c739