kexec: Disable at runtime if securelevel has been set.
kexec permits the loading and execution of arbitrary code in ring 0, which
permits the modification of the running kernel. Prevent this if securelevel
has been set.
Signed-off-by: Matthew Garrett <mjg59@srcf.ucam.org>
Gbp-Pq: Topic features/all/securelevel
Gbp-Pq: Name kexec-disable-at-runtime-if-securelevel-has-been-set.patch
Restrict /dev/mem and /dev/kmem when securelevel is set.
Allowing users to write to address space provides mechanisms that may permit
modification of the kernel at runtime. Prevent this if securelevel has been
set.
Signed-off-by: Matthew Garrett <mjg59@srcf.ucam.org>
[bwh: Forward-ported to 4.9: adjust context]
Gbp-Pq: Topic features/all/securelevel
Gbp-Pq: Name restrict-dev-mem-and-dev-kmem-when-securelevel-is-se.patch
Tweak gitignore for Debian pkg-kernel using git svn.
[bwh: Tweak further for pure git]
Gbp-Pq: Topic debian
Gbp-Pq: Name gitignore.patch
linux (4.9.30-1) unstable; urgency=medium
* New upstream stable update:
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.26
- [arm64] Revert "mmc: sdhci-msm: Enable few quirks"
- ping: implement proper locking
- [sparc64] kern_addr_valid regression
- [sparc64] Fix kernel panic due to erroneous #ifdef surrounding
pmd_write()
- net: neigh: guard against NULL solicit() method
- net: phy: handle state correctly in phy_stop_machine
- bpf: improve verifier packet range checks
- net/mlx5: Avoid dereferencing uninitialized pointer
- l2tp: hold tunnel socket when handling control frames in l2tp_ip
and l2tp_ip6
- l2tp: purge socket queues in the .destruct() callback
- net/packet: fix overflow in check for tp_frame_nr
- net/packet: fix overflow in check for tp_reserve
- l2tp: take reference on sessions being dumped
- l2tp: fix PPP pseudo-wire auto-loading
- net: ipv4: fix multipath RTM_GETROUTE behavior when iif is given
- sctp: listen on the sock only when it's state is listening or
closed
- tcp: clear saved_syn in tcp_disconnect()
- ipv6: Fix idev->addr_list corruption
- net-timestamp: avoid use-after-free in ip_recv_error
- net: vrf: Fix setting NLM_F_EXCL flag when adding l3mdev rule
- dp83640: don't recieve time stamps twice
- gso: Validate assumption of frag_list segementation
- net: ipv6: RTF_PCPU should not be settable from userspace
- netpoll: Check for skb->queue_mapping
- ip6mr: fix notification device destruction
- net/mlx5: Fix driver load bad flow when having fw
initializing timeout
- net/mlx5e: Fix small packet threshold
- net/mlx5e: Fix ETHTOOL_GRXCLSRLALL handling
- macvlan: Fix device ref leak when purging bc_queue
- net: ipv6: regenerate host route if moved to gc list
- net: phy: fix auto-negotiation stall due to unavailable interrupt
- ipv6: check skb->protocol before lookup for nexthop
- tcp: memset ca_priv data to 0 properly
- ipv6: check raw payload size correctly in ioctl
- ALSA: oxfw: fix regression to handle Stanton SCS.1m/1d
- ALSA: firewire-lib: fix inappropriate assignment between
signed/unsigned type
- ALSA: seq: Don't break snd_use_lock_sync() loop by timeout
- [mips*] KGDB: Use kernel context for sleeping threads
- [mips*] Avoid BUG warning in arch_check_elf
- p9_client_readdir() fix
- [x86] ASoC: intel: Fix PM and non-atomic crash in bytcr drivers
- Input: i8042 - add Clevo P650RS to the i8042 reset list
- nfsd: check for oversized NFSv2/v3 arguments
- nfsd4: minor NFSv2/v3 write decoding cleanup
- nfsd: stricter decoding of write-like NFSv2/v3 ops
- ceph: fix recursion between ceph_set_acl() and __ceph_setattr()
- macsec: avoid heap overflow in skb_to_sgvec
- net: can: usb: gs_usb: Fix buffer on stack
- [x86] ftrace: Fix triple fault with graph tracing and suspend-to-ram
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.27
- timerfd: Protect the might cancel mechanism proper
- Handle mismatched open calls
- [x86] tpm_tis: use default timeout value if chip reports it as zero
- scsi: storvsc: Workaround for virtual DVD SCSI version
- [powerpc, x86] hwmon: (it87) Avoid registering the same chip on both SIO
addresses
- 8250_pci: Fix potential use-after-free in error path
- ceph: try getting buffer capability for readahead/fadvise
- cpu/hotplug: Serialize callback invocations proper
- dm ioctl: prevent stack leak in dm ioctl call
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.28
- 9p: fix a potential acl leak
- hwmon: (it87) Fix pwm4 detection for IT8620 and IT8628
- [x86] tpm: fix RC value check in tpm2_seal_trusted
- [x86] tmp: use pdev for parent device in tpm_chip_alloc
- cpupower: Fix turbo frequency reporting for pre-Sandy Bridge cores
- [powerpc*] mm: Fixup wrong LPCR_VRMASD value
- [powerpc*] powernv: Fix opal_exit tracepoint opcode
- [powerpc*] Correctly disable latent entropy GCC plugin on
prom_init.o
- [x86] perf/x86/intel/pt: Add format strings for PTWRITE and power
event tracing
- [arm64] dts: r8a7795: Mark EthernetAVB device node disabled
- [arm64] dts: qcom: Fix ipq board clock rates
- [arm64] Improve detection of user/non-user mappings in
set_pte(_at)
- [armhf] OMAP5 / DRA7: Fix HYP mode boot for thumb2 build
- [armhf] dts: sun7i: lamobo-r1: Fix CPU port RGMII settings
- mwifiex: debugfs: Fix (sometimes) off-by-1 SSID print
- mwifiex: remove redundant dma padding in AMSDU
- mwifiex: Avoid skipping WEP key deletion for AP
- iwlwifi: fix MODULE_FIRMWARE for 6030
- iwlwifi: mvm: don't restart HW if suspend fails with unified image
- iwlwifi: mvm: overwrite skb info later
- iwlwifi: pcie: don't increment / decrement a bool
- iwlwifi: pcie: trans: Remove unused 'shift_param'
- iwlwifi: pcie: fix the set of DMA memory mask
- iwlwifi: mvm: fix reorder timer re-arming
- iwlwifi: mvm: Use aux queue for offchannel frames in dqa
- iwlwifi: mvm/pcie: adjust A-MSDU tx_cmd length in PCIe
- iwlwifi: mvm: fix pending frame counter calculation
- iwlwifi: mvm: fix references to first_agg_queue in DQA mode
- iwlwifi: mvm: synchronize firmware DMA paging memory
- iwlwifi: mvm: writing zero bytes to debugfs causes a crash
- [x86] ioapic: Restore IO-APIC irq_chip retrigger callback
- [amd64] x86/pci-calgary: Fix iommu_free() comparison of unsigned
expression >= 0
- [x86] kprobes/x86: Fix kernel panic when certain exception-
handling addresses are probed
- [x86] platform/intel-mid: Correct MSI IRQ line for watchdog device
- [x86] KVM: nVMX: initialize PML fields in vmcs02
- [x86] KVM: nVMX: do not leak PML full vmexit to L1
- [arm64, armhf] usb: dwc2: host: use msleep() for long delay
- [armhf] usb: host: ehci-exynos: Decrese node refcount on
exynos_ehci_get_phy() error paths
- [armhf] usb: host: ohci-exynos: Decrese node refcount on
exynos_ehci_get_phy() error paths
- [arm64, armhf] usb: chipidea: Only read/write OTGSC from one place
- [arm64, armhf] usb: chipidea: Handle extcon events properly
- USB: serial: keyspan_pda: fix receive sanity checks
- USB: serial: digi_acceleport: fix incomplete rx sanity check
- USB: serial: ssu100: fix control-message error handling
- USB: serial: io_edgeport: fix epic-descriptor handling
- USB: serial: ti_usb_3410_5052: fix control-message error handling
- USB: serial: ark3116: fix open error handling
- USB: serial: ftdi_sio: fix latency-timer error handling
- USB: serial: quatech2: fix control-message error handling
- USB: serial: mct_u232: fix modem-status error handling
- USB: serial: io_edgeport: fix descriptor error handling
- [armhf] clk: rockchip: add "," to
mux_pll_src_apll_dpll_gpll_usb480m_p on rk3036
- phy: qcom-usb-hs: Add depends on EXTCON
- scsi: qla2xxx: Fix crash in qla2xxx_eh_abort on bad ptr
- scsi: mac_scsi: Fix MAC_SCSI=m option when SCSI=m
- scsi: smartpqi: fix time handling
- [mips*] R2-on-R6 MULTU/MADDU/MSUBU emulation bugfix
- brcmfmac: Ensure pointer correctly set if skb data location
changes
- brcmfmac: Make skb header writable before use
- [x86] staging/lustre/llite: move root_squash from sysfs to debugfs
- [x86] staging: wlan-ng: add missing byte order conversion
- ALSA: hda - Fix deadlock of controller device lock at unbinding
- [sparc64] fix fault handling in NGbzero.S and GENbzero.S
- macsec: dynamically allocate space for sglist
- tcp: do not underestimate skb->truesize in tcp_trim_head()
- bpf: enhance verifier to understand stack pointer arithmetic
- [arm64] bpf: fix jit branch offset related to ldimm64
- tcp: fix wraparound issue in tcp_lp
- net: ipv6: Do not duplicate DAD on link up
- net: usb: qmi_wwan: add Telit ME910 support
- tcp: do not inherit fastopen_req from parent
- ipv4, ipv6: ensure raw socket message is big enough to hold
an IP header
- rtnetlink: NUL-terminate IFLA_PHYS_PORT_NAME string
- ipv6: initialize route null entry in addrconf_init()
- ipv6: reorder ip6_route_dev_notifier after ipv6_dev_notf
- bnxt_en: allocate enough space for ->ntp_fltr_bmap
- bpf: don't let ldimm64 leak map addresses on unprivileged
(CVE-2017-9150)
- f2fs: sanity check segment count
- xen: Revert commits
da72ff5bfcb0 and
72a9b186292d
- [arm64, armhf] wlcore: Pass win_size taken from
ieee80211_sta to FW
- [arm64, armhf] wlcore: Add RX_BA_WIN_SIZE_CHANGE_EVENT event
- drm/ttm: fix use-after-free races in vm fault handling
- block: get rid of blk_integrity_revalidate()
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.29
- [x86] xen: adjust early dom0 p2m handling to xen hypervisor behavior
- target: Fix compare_and_write_callback handling for non GOOD status
- target/fileio: Fix zero-length READ and WRITE handling
- iscsi-target: Set session_fall_back_to_erl0 when forcing reinstatement
- usb: xhci: bInterval quirk for TI TUSB73x0
- usb: host: xhci: print correct command ring address
- USB: Proper handling of Race Condition when two USB class drivers try to
call init_usb_class simultaneously
- USB: Revert "cdc-wdm: fix "out-of-sync" due to missing notifications"
- [x86] staging: vt6656: use off stack for in buffer USB transfers.
- [x86] staging: vt6656: use off stack for out buffer USB transfers.
- [x86] staging: comedi: jr3_pci: fix possible null pointer dereference
- [x86] staging: comedi: jr3_pci: cope with jiffies wraparound
- usb: misc: add missing continue in switch
- usb: gadget: legacy gadgets are optional
- usb: Make sure usb/phy/of gets built-in
- usb: hub: Fix error loop seen after hub communication errors
- usb: hub: Do not attempt to autosuspend disconnected devices
- [x86] boot: Fix BSS corruption/overwrite bug in early x86 kernel startup
- [amd64] pmem: Fix cache flushing for iovec write < 8 bytes
- [x86] perf: Fix Broadwell-EP DRAM RAPL events
- [x86] KVM: fix user triggerable warning in kvm_apic_accept_events()
- [armhf,arm64] KVM: fix races in kvm_psci_vcpu_on
- [arm64] KVM: Fix decoding of Rt/Rt2 when trapping AArch32 CP accesses
- block: fix blk_integrity_register to use template's interval_exp if not 0
- crypto: algif_aead - Require setkey before accept(2)
- [x86] crypto: ccp - Use only the relevant interrupt bits
- [x86] crypto: ccp - Disable interrupts early on unload
- [x86] crypto: ccp - Change ISR handler method for a v3 CCP
- [x86] crypto: ccp - Change ISR handler method for a v5 CCP
- dm era: save spacemap metadata root after the pre-commit
- dm rq: check blk_mq_register_dev() return value in
dm_mq_init_request_queue()
- dm thin: fix a memory leak when passing discard bio down
- vfio/type1: Remove locked page accounting workqueue
- iov_iter: don't revert iov buffer if csum error
- IB/core: Fix sysfs registration error flow
- IB/core: For multicast functions, verify that LIDs are multicast LIDs
- IB/IPoIB: ibX: failed to create mcg debug file
- IB/mlx4: Fix ib device initialization error flow
- IB/mlx4: Reduce SRIOV multicast cleanup warning message to debug level
- IB/hfi1: Prevent kernel QP post send hard lockups
- perf auxtrace: Fix no_size logic in addr_filter__resolve_kernel_syms()
- ext4: evict inline data when writing to memory map
- fs/xattr.c: zero out memory copied to userspace in getxattr
- ceph: fix memory leak in __ceph_setxattr()
- fs/block_dev: always invalidate cleancache in invalidate_bdev()
- mm: prevent potential recursive reclaim due to clearing PF_MEMALLOC
- Fix match_prepath()
- Set unicode flag on cifs echo request to avoid Mac error
- SMB3: Work around mount failure when using SMB3 dialect to Macs
- CIFS: fix mapping of SFM_SPACE and SFM_PERIOD
- cifs: fix leak in FSCTL_ENUM_SNAPS response handling
- cifs: fix CIFS_ENUMERATE_SNAPSHOTS oops
- CIFS: fix oplock break deadlocks
- cifs: fix CIFS_IOC_GET_MNT_INFO oops
- CIFS: add misssing SFM mapping for doublequote
- padata: free correct variable
- device-dax: fix cdev leak
- fscrypt: fix context consistency check when key(s) unavailable
- [armhf] serial: samsung: Use right device for DMA-mapping calls
- [armhf] serial: omap: fix runtime-pm handling on unbind
- [armhf] serial: omap: suspend device on probe errors
- tty: pty: Fix ldisc flush after userspace become aware of the data already
- Bluetooth: Fix user channel for 32bit userspace on 64bit kernel
- Bluetooth: hci_bcm: add missing tty-device sanity check
- Bluetooth: hci_intel: add missing tty-device sanity check
- ipmi: Fix kernel panic at ipmi_ssif_thread()
- libnvdimm, region: fix flush hint detection crash
- libnvdimm, pmem: fix a NULL pointer BUG in nd_pmem_notify
- libnvdimm, pfn: fix 'npfns' vs section alignment
- [powerpc*/*64*] pstore: Fix flags to enable dumps on powerpc
- pstore: Shut down worker when unregistering
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.30
- usb: misc: legousbtower: Fix buffers on stack
- usb: misc: legousbtower: Fix memory leak
- USB: ene_usb6250: fix DMA to the stack
- watchdog: pcwd_usb: fix NULL-deref at probe
- char: lp: fix possible integer overflow in lp_setup() (CVE-2017-
1000363)
- USB: core: replace %p with %pK
- tpm_tis_core: Choose appropriate timeout for reading burstcount
- ALSA: hda: Fix cpu lockup when stopping the cmd dmas
- [armhf] tegra: paz00: Mark panel regulator as enabled on boot
- fanotify: don't expose EOPENSTALE to userspace
- tpm_tis_spi: Use single function to transfer data
- tpm_tis_spi: Abort transfer when too many wait states are signaled
- tpm_tis_spi: Check correct byte for wait state indicator
- tpm_tis_spi: Remove limitation of transfers to MAX_SPI_FRAMESIZE bytes
- tpm_tis_spi: Add small delay after last transfer
- tpm: msleep() delays - replace with usleep_range() in i2c nuvoton driver
- tpm: add sleep only for retry in i2c_nuvoton_write_status()
- tpm_crb: check for bad response size
- mlx5: Fix mlx5_ib_map_mr_sg mr length
- infiniband: call ipv6 route lookup via the stub interface
- dm btree: fix for dm_btree_find_lowest_key()
- dm raid: select the Kconfig option CONFIG_MD_RAID0
- dm bufio: avoid a possible ABBA deadlock
- dm bufio: check new buffer allocation watermark every 30 seconds
- dm mpath: split and rename activate_path() to prepare for its expanded use
- dm cache metadata: fail operations if fail_io mode has been established
- dm bufio: make the parameter "retain_bytes" unsigned long
- dm thin metadata: call precommit before saving the roots
- dm space map disk: fix some book keeping in the disk space map
- md: update slab_cache before releasing new stripes when stripes resizing
- md: MD_CLOSING needs to be cleared after called md_set_readonly or
do_md_stop
- rtlwifi: rtl8821ae: setup 8812ae RFE according to device type
- mwifiex: MAC randomization should not be persistent
- mwifiex: pcie: fix cmd_buf use-after-free in remove/reset
- ima: accept previously set IMA_NEW_FILE
- [x86] KVM: Fix load damaged SSEx MXCSR register
- [x86] KVM: Fix potential preemption when get the current kvmclock
timestamp
- [x86] KVM: Fix read out-of-bounds vulnerability in kvm pio emulation
- [i386] fix 32-bit case of __get_user_asm_u64()
- [armhf] regulator: rk808: Fix RK818 LDO2
- [s390x] kdump: Add final note
- [s390x] cputime: fix incorrect system time
- ath9k_htc: Add support of AirTies 1eda:2315 AR9271 device
- ath9k_htc: fix NULL-deref at probe
- [x86] drm/amdgpu: Make display watermark calculations more accurate
- [x86] drm/amdgpu: Avoid overflows/divide-by-zero in latency_watermark
calculations.
- [x86] drm/amdgpu: Add missing lb_vblank_lead_lines setup to DCE-6 path.
- drm/nouveau/therm: remove ineffective workarounds for alarm bugs
- drm/nouveau/tmr: ack interrupt before processing alarms
- drm/nouveau/tmr: fix corruption of the pending list when rescheduling an
alarm
- drm/nouveau/tmr: avoid processing completed alarms when adding a new one
- drm/nouveau/tmr: handle races with hw when updating the next alarm time
- [armhf] gpio: omap: return error if requested debounce time is not
possible
- cdc-acm: fix possible invalid access when processing notification
- ohci-pci: add qemu quirk
- [powerpc*] cxl: Force context lock during EEH flow
- [powerpc*] cxl: Route eeh events to all drivers in
cxl_pci_error_detected()
- proc: Fix unbalanced hard link numbers
- of: fix sparse warning in of_pci_range_parser_one
- of: fix "/cpus" reference leak in of_numa_parse_cpu_nodes()
- of: fdt: add missing allocation-failure check
- [powerpc*/*64*] ibmvscsis: Do not send aborted task response
- [x86] IIO: bmp280-core.c: fix error in humidity calculation
- IB/hfi1: Return an error on memory allocation failure
- IB/hfi1: Fix a subcontext memory leak
- pid_ns: Sleep in TASK_INTERRUPTIBLE in zap_pid_ns_processes
- pid_ns: Fix race between setns'ed fork() and zap_pid_ns_processes()
- USB: serial: ftdi_sio: fix setting latency for unprivileged users
- USB: serial: ftdi_sio: add Olimex ARM-USB-TINY(H) PIDs
- USB: chaoskey: fix Alea quirk on big-endian hosts
- f2fs: check entire encrypted bigname when finding a dentry
- fscrypt: avoid collisions when presenting long encrypted filenames
- libnvdimm: fix clear length of nvdimm_forget_poison()
- xhci: remove GFP_DMA flag from allocation
- usb: host: xhci-plat: propagate return value of platform_get_irq()
- xhci: apply PME_STUCK_QUIRK and MISSING_CAS quirk for Denverton
- usb: host: xhci-mem: allocate zeroed Scratchpad Buffer
- net: irda: irda-usb: fix firmware name on big-endian hosts
- usbvision: fix NULL-deref at probe
- mceusb: fix NULL-deref at probe
- ttusb2: limit messages to buffer size
- [armhf,arm64] usb: dwc3: gadget: Prevent losing events in event cache
- [armhf] usb: musb: tusb6010_omap: Do not reset the other direction's
packet size
- [armhf] usb: musb: Fix trying to suspend while active for OTG
configurations
- USB: iowarrior: fix info ioctl on big-endian hosts
- usb: serial: option: add Telit ME910 support
- USB: serial: qcserial: add more Lenovo EM74xx device IDs
- USB: serial: mct_u232: fix big-endian baud-rate handling
- USB: serial: io_ti: fix div-by-zero in set_termios
- USB: hub: fix SS hub-descriptor handling
- USB: hub: fix non-SS hub-descriptor handling
- ipx: call ipxitf_put() in ioctl error path (CVE-2017-7487)
- iio: hid-sensor: Store restore poll and hysteresis on S3
- gspca: konica: add missing endpoint sanity check
- dib0700: fix NULL-deref at probe
- zr364xx: enforce minimum size when reading header
- dvb-frontends/cxd2841er: define symbol_rate_min/max in T/C fe-ops
- digitv: limit messages to buffer size
- dw2102: limit messages to buffer size
- cx231xx-audio: fix init error path
- cx231xx-audio: fix NULL-deref at probe
- cx231xx-cards: fix NULL-deref at probe
- [powerpc*] mm: Ensure IRQs are off in switch_mm()
- [powerpc*] eeh: Avoid use after free in eeh_handle_special_event()
- [powerpc*] book3s/mce: Move add_taint() later in virtual mode
- [powerpc*] pseries: Fix of_node_put() underflow during DLPAR remove
- [powerpc*] iommu: Do not call PageTransHuge() on tail pages
- [powerpc*] tm: Fix FP and VMX register corruption
- [arm64] KVM: Do not use stack-protector to compile EL2 code
- [armhf] KVM: Do not use stack-protector to compile HYP code
- [armhf] KVM: plug potential guest hardware debug leakage
- [armel,armhf] 8662/1: module: split core and init PLT sections
- [armhf] dts: imx6sx-sdb: Remove OPP override
- [arm64] dts: hi6220: Reset the mmc hosts
- [arm64] xchg: hazard against entire exchange variable
- [arm64] ensure extension of smp_store_release value
- [arm64] armv8_deprecated: ensure extension of addr
- [arm64] uaccess: ensure extension of access_ok() addr
- [arm64] documentation: document tagged pointer stack constraints
- [x86] staging: rtl8192e: rtl92e_fill_tx_desc fix write to mapped out
memory.
- [x86] staging: rtl8192e: fix 2 byte alignment of register BSSIDR.
- [x86] staging: rtl8192e: rtl92e_get_eeprom_size Fix read size of
EPROM_CMD.
- [x86] staging: rtl8192e: GetTs Fix invalid TID 7 warning.
- [x86] iommu/vt-d: Flush the IOTLB to get rid of the initial kdump mappings
- stackprotector: Increase the per-task stack canary's random range from 32
bits to 64 bits on 64-bit platforms
- uwb: fix device quirk on big-endian hosts
- genirq: Fix chained interrupt data ordering
- nvme: unmap CMB and remove sysfs file in reset path
- [alpha] osf_wait4(): fix infoleak
- tracing/kprobes: Enforce kprobes teardown after testing
- [x86] PCI: hv: Allocate interrupt descriptors with GFP_ATOMIC
- [x86] PCI: hv: Specify CPU_AFFINITY_ALL for MSI affinity when >= 32 CPUs
- PCI: Fix pci_mmap_fits() for HAVE_PCI_RESOURCE_TO_USER platforms
- PCI: Fix another sanity check bug in /proc/pci mmap
- PCI: Only allow WC mmap on prefetchable resources
- PCI: Freeze PME scan before suspending devices
- [armel,armhf] mtd: nand: orion: fix clk handling
- [armhf] mtd: nand: omap2: Fix partition creation via cmdline mtdparts
- mtd: nand: add ooblayout for old hamming layout
- [x86] drm/edid: Add 10 bpc quirk for LGD 764 panel in HP zBook 17 G2
- NFSv4: Fix a hang in OPEN related to server reboot
- NFS: Fix use after free in write error path
- NFS: Use GFP_NOIO for two allocations in writeback
- nfsd: fix undefined behavior in nfsd4_layout_verify
- nfsd: encoders mustn't use unitialized values in error cases
- drivers: char: mem: Check for address space wraparound with mmap()
- [x86] drm/i915/gvt: Disable access to stolen memory as a guest
[ Aurelien Jarno ]
* [mips*/*-malta] Enable POWER_RESET and POWER_RESET_SYSCON.
[ Uwe Kleine-König ]
* [arm64] Enable DRM modules (Closes: #863344)
* Ignore ABI changes in chipidea driver
[ Ben Hutchings ]
* Ignore ABI changes in ccp and hid-sensors
* [mips*el/loongson-3] Revert "MIPS: Loongson-3: Select
MIPS_L1_CACHE_SHIFT_6" to avoid ABI change
* SUNRPC: Refactor svc_set_num_threads()
* NFSv4: Fix callback server shutdown (CVE-2017-9059) (Closes: #862357)
* uapi: fix linux/if.h userspace compilation errors (see #822393, #824442)
* debian/control: Fix compiler build-dependencies for cross-building
(Closes: #863907)
* Add Debian package version to "hung task" log messages
* btrfs: warn about RAID5/6 being experimental at mount time (Closes: #863290)
* [x86] pinctrl: cherryview: Add a quirk to make Acer Chromebook keyboard
work again (Closes: #862723)
* [arm64] serial: pl011: add console matching function (Closes: #861898)
* [rt] Add new GPG subkeys for Sebastian Andrzej Siewior
* [rt] Update to 4.9.30-rt20:
- rtmutex: Deboost before waking up the top waiter
- sched/rtmutex/deadline: Fix a PI crash for deadline tasks
- sched/deadline/rtmutex: Dont miss the dl_runtime/dl_period update
- rtmutex: Clean up
- sched/rtmutex: Refactor rt_mutex_setprio()
- sched,tracing: Update trace_sched_pi_setprio()
- rtmutex: Fix PI chain order integrity
- rtmutex: Fix more prio comparisons
- rtmutex: Plug preempt count leak in rt_mutex_futex_unlock()
- futex: Avoid freeing an active timer
- futex: Fix small (and harmless looking) inconsistencies
- futex,rt_mutex: Fix rt_mutex_cleanup_proxy_lock()
- Revert "timers: Don't wake ktimersoftd on every tick"
- futex/rtmutex: Cure RT double blocking issue
- random: avoid preempt_disable()ed section
[ Salvatore Bonaccorso ]
* tracing: Use strlcpy() instead of strcpy() in __trace_find_cmdline()
(CVE-2017-0605)
* dccp/tcp: do not inherit mc_list from parent (CVE-2017-8890)
* ipv6: Prevent overrun when parsing v6 header options (CVE-2017-9074)
* sctp: do not inherit ipv6_{mc|ac|fl}_list from parent (CVE-2017-9075)
* ipv6/dccp: do not inherit ipv6_mc_list from parent (CVE-2017-9076,
CVE-2017-9077)
* crypto: skcipher - Add missing API setkey checks (CVE-2017-9211)
* ipv6: fix out of bound writes in __ip6_append_data() (CVE-2017-9242)
[ Cyril Brulebois ]
* udeb: Add efivarfs to efi-modules, which can be needed to retrieve
firmware or configuration bits from d-i. (Closes: #862555)
[ John Paul Adrian Glaubitz ]
* [m68k] udeb: Build loop-modules package (Closes: #862813)
[dgit import unpatched linux 4.9.30-1]
projects / linux.git / log