core/linux-odroid-c2 to 3.14.29-12

This commit is contained in:
Kevin Mihelich 2016-03-26 00:27:13 +00:00
parent 1c28c695d7
commit 2832d0318c
4 changed files with 18 additions and 173 deletions

View file

@ -1,74 +0,0 @@
From 895b628312862549fb6a037c54b55d0f3b3bbffb Mon Sep 17 00:00:00 2001
From: Lucas De Marchi <lucas.demarchi@intel.com>
Date: Tue, 18 Feb 2014 02:19:26 -0300
Subject: [PATCH 1/2] Bluetooth: allocate static minor for vhci
Commit bfacbb9 (Bluetooth: Use devname:vhci module alias for virtual HCI
driver) added the module alias to hci_vhci module so it's possible to
create the /dev/vhci node. However creating an alias without
specifying the minor doesn't allow us to create the node ahead,
triggerring module auto-load when it's first accessed.
Starting with depmod from kmod 16 we started to warn if there's a
devname alias without specifying the major and minor.
Let's do the same done for uhid, kvm, fuse and others, specifying a
fixed minor. In systems with systemd as the init the following will
happen: on early boot systemd will call "kmod static-nodes" to read
/lib/modules/$(uname -r)/modules.devname and then create the nodes. When
first accessed these "dead" nodes will trigger the module loading.
Signed-off-by: Lucas De Marchi <lucas.demarchi@intel.com>
Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
---
Documentation/devices.txt | 1 +
drivers/bluetooth/hci_vhci.c | 3 ++-
include/linux/miscdevice.h | 1 +
3 files changed, 4 insertions(+), 1 deletion(-)
diff --git a/Documentation/devices.txt b/Documentation/devices.txt
index 10378cc..04356f5 100644
--- a/Documentation/devices.txt
+++ b/Documentation/devices.txt
@@ -353,6 +353,7 @@ Your cooperation is appreciated.
133 = /dev/exttrp External device trap
134 = /dev/apm_bios Advanced Power Management BIOS
135 = /dev/rtc Real Time Clock
+ 137 = /dev/vhci Bluetooth virtual HCI driver
139 = /dev/openprom SPARC OpenBoot PROM
140 = /dev/relay8 Berkshire Products Octal relay card
141 = /dev/relay16 Berkshire Products ISO-16 relay card
diff --git a/drivers/bluetooth/hci_vhci.c b/drivers/bluetooth/hci_vhci.c
index 1ef6990..add1c6a 100644
--- a/drivers/bluetooth/hci_vhci.c
+++ b/drivers/bluetooth/hci_vhci.c
@@ -359,7 +359,7 @@ static const struct file_operations vhci_fops = {
static struct miscdevice vhci_miscdev= {
.name = "vhci",
.fops = &vhci_fops,
- .minor = MISC_DYNAMIC_MINOR,
+ .minor = VHCI_MINOR,
};
static int __init vhci_init(void)
@@ -385,3 +385,4 @@ MODULE_DESCRIPTION("Bluetooth virtual HCI driver ver " VERSION);
MODULE_VERSION(VERSION);
MODULE_LICENSE("GPL");
MODULE_ALIAS("devname:vhci");
+MODULE_ALIAS_MISCDEV(VHCI_MINOR);
diff --git a/include/linux/miscdevice.h b/include/linux/miscdevice.h
index 3737f72..7bb6148 100644
--- a/include/linux/miscdevice.h
+++ b/include/linux/miscdevice.h
@@ -23,6 +23,7 @@
#define TEMP_MINOR 131 /* Temperature Sensor */
#define RTC_MINOR 135
#define EFI_RTC_MINOR 136 /* EFI Time services */
+#define VHCI_MINOR 137
#define SUN_OPENPROM_MINOR 139
#define DMAPI_MINOR 140 /* DMAPI */
#define NVRAM_MINOR 144
--
2.7.0

View file

@ -1,84 +0,0 @@
From 7ffe3b6e83dd235fbc3608d19bfadca7ecceb46e Mon Sep 17 00:00:00 2001
From: Yevgeny Pats <yevgeny@perception-point.io>
Date: Tue, 19 Jan 2016 22:09:04 +0000
Subject: [PATCH 2/2] KEYS: Fix keyring ref leak in join_session_keyring()
commit 23567fd052a9abb6d67fe8e7a9ccdd9800a540f2 upstream.
This fixes CVE-2016-0728.
If a thread is asked to join as a session keyring the keyring that's already
set as its session, we leak a keyring reference.
This can be tested with the following program:
#include <stddef.h>
#include <stdio.h>
#include <sys/types.h>
#include <keyutils.h>
int main(int argc, const char *argv[])
{
int i = 0;
key_serial_t serial;
serial = keyctl(KEYCTL_JOIN_SESSION_KEYRING,
"leaked-keyring");
if (serial < 0) {
perror("keyctl");
return -1;
}
if (keyctl(KEYCTL_SETPERM, serial,
KEY_POS_ALL | KEY_USR_ALL) < 0) {
perror("keyctl");
return -1;
}
for (i = 0; i < 100; i++) {
serial = keyctl(KEYCTL_JOIN_SESSION_KEYRING,
"leaked-keyring");
if (serial < 0) {
perror("keyctl");
return -1;
}
}
return 0;
}
If, after the program has run, there something like the following line in
/proc/keys:
3f3d898f I--Q--- 100 perm 3f3f0000 0 0 keyring leaked-keyring: empty
with a usage count of 100 * the number of times the program has been run,
then the kernel is malfunctioning. If leaked-keyring has zero usages or
has been garbage collected, then the problem is fixed.
Reported-by: Yevgeny Pats <yevgeny@perception-point.io>
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Don Zickus <dzickus@redhat.com>
Acked-by: Prarit Bhargava <prarit@redhat.com>
Acked-by: Jarod Wilson <jarod@redhat.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
security/keys/process_keys.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c
index 0cf8a13..4e56371 100644
--- a/security/keys/process_keys.c
+++ b/security/keys/process_keys.c
@@ -793,6 +793,7 @@ long join_session_keyring(const char *name)
ret = PTR_ERR(keyring);
goto error2;
} else if (keyring == new->session_keyring) {
+ key_put(keyring);
ret = 0;
goto error2;
}
--
2.7.0

View file

@ -4,12 +4,12 @@
buildarch=8
pkgbase=linux-odroid-c2
_commit=892ed5789dc8f5c8d1d612ed566bf4b2bd6a569b
_commit=fa8c4f73de55c6f73e28e1b0c4b93cdabff37e9f
_srcname=linux-${_commit}
_kernelname=${pkgbase#linux}
_desc="ODROID-C2"
pkgver=3.14.29
pkgrel=11
pkgrel=12
arch=('aarch64')
url="https://github.com/hardkernel/linux/tree/odroidc2-3.14.y"
license=('GPL2')
@ -17,25 +17,18 @@ makedepends=('xmlto' 'docbook-xsl' 'kmod' 'inetutils' 'bc' 'git')
options=('!strip')
source=("https://github.com/hardkernel/linux/archive/${_commit}.tar.gz"
"git+https://github.com/mdrjr/c2_bootini.git"
'0001-Bluetooth-allocate-static-minor-for-vhci.patch'
'0002-KEYS-Fix-keyring-ref-leak-in-join_session_keyring.patch'
'config'
'linux.preset'
'amlogic.service')
md5sums=('42a9f92e4390d42b9a37a1bb97bf92e6'
md5sums=('1ea6c8057a5f28c09c5290513e0c5c3a'
'SKIP'
'1b8e6672f31b17d4f2f18b5991edae5e'
'790ea64513d1b6e7497f8cecdb10780b'
'd1e72c2ad3744307a8b6bc230d540ff1'
'e12e397d52a92ab1892c85f60e302877'
'85fd3026c435ffa6d7c2d7f9767b4251'
'b8956789318f49cec5b8bb0b41654a9b')
prepare() {
cd "${srcdir}/${_srcname}"
git apply ../0001-Bluetooth-allocate-static-minor-for-vhci.patch
git apply ../0002-KEYS-Fix-keyring-ref-leak-in-join_session_keyring.patch
cat "${srcdir}/config" > ./.config
# add pkgrel to extraversion

View file

@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
# Linux/arm64 3.14.29-11 Kernel Configuration
# Linux/arm64 3.14.29-12 Kernel Configuration
#
CONFIG_ARM64=y
CONFIG_ARM64_HAS_SG_CHAIN=y
@ -1922,8 +1922,18 @@ CONFIG_ATH_COMMON=m
CONFIG_ATH_CARDS=m
# CONFIG_ATH_DEBUG is not set
# CONFIG_ATH_REG_DYNAMIC_USER_REG_HINTS is not set
# CONFIG_ATH9K is not set
# CONFIG_ATH9K_HTC is not set
CONFIG_ATH9K_HW=m
CONFIG_ATH9K_COMMON=m
CONFIG_ATH9K_BTCOEX_SUPPORT=y
CONFIG_ATH9K=m
CONFIG_ATH9K_AHB=y
# CONFIG_ATH9K_DEBUGFS is not set
# CONFIG_ATH9K_DFS_CERTIFIED is not set
# CONFIG_ATH9K_WOW is not set
# CONFIG_ATH9K_LEGACY_RATE_CONTROL is not set
CONFIG_ATH9K_RFKILL=y
CONFIG_ATH9K_HTC=m
# CONFIG_ATH9K_HTC_DEBUGFS is not set
CONFIG_CARL9170=m
CONFIG_CARL9170_LEDS=y
CONFIG_CARL9170_WPC=y
@ -3891,7 +3901,7 @@ CONFIG_RTLLIB=m
CONFIG_RTLLIB_CRYPTO_CCMP=m
CONFIG_RTLLIB_CRYPTO_TKIP=m
CONFIG_RTLLIB_CRYPTO_WEP=m
# CONFIG_R8712U is not set
CONFIG_R8712U=m
CONFIG_R8188EU=m
CONFIG_88EU_AP_MODE=y
CONFIG_88EU_P2P=y