mirror of
https://github.com/archlinuxarm/PKGBUILDs.git
synced 2024-11-18 22:54:00 +00:00
core/linux-odroid to 3.8.13.30-5
This commit is contained in:
parent
4859145f68
commit
b4eefb075d
6 changed files with 253 additions and 84 deletions
|
@ -1,7 +1,7 @@
|
|||
From 23567fd052a9abb6d67fe8e7a9ccdd9800a540f2 Mon Sep 17 00:00:00 2001
|
||||
From a7c092a19768d6b6dbb5d4afea33136c4637d633 Mon Sep 17 00:00:00 2001
|
||||
From: Yevgeny Pats <yevgeny@perception-point.io>
|
||||
Date: Tue, 19 Jan 2016 22:09:04 +0000
|
||||
Subject: KEYS: Fix keyring ref leak in join_session_keyring()
|
||||
Subject: [PATCH 1/4] KEYS: Fix keyring ref leak in join_session_keyring()
|
||||
|
||||
This fixes CVE-2016-0728.
|
||||
|
||||
|
@ -65,10 +65,10 @@ Signed-off-by: James Morris <james.l.morris@oracle.com>
|
|||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c
|
||||
index a3f85d2..e6d50172 100644
|
||||
index 42defae..cd871dc 100644
|
||||
--- a/security/keys/process_keys.c
|
||||
+++ b/security/keys/process_keys.c
|
||||
@@ -794,6 +794,7 @@ long join_session_keyring(const char *name)
|
||||
@@ -792,6 +792,7 @@ long join_session_keyring(const char *name)
|
||||
ret = PTR_ERR(keyring);
|
||||
goto error2;
|
||||
} else if (keyring == new->session_keyring) {
|
||||
|
@ -77,5 +77,5 @@ index a3f85d2..e6d50172 100644
|
|||
goto error2;
|
||||
}
|
||||
--
|
||||
cgit v0.12
|
||||
2.10.1
|
||||
|
|
@ -0,0 +1,101 @@
|
|||
From 541267fab71436c4acb361f1557a881c3908b22e Mon Sep 17 00:00:00 2001
|
||||
From: Linus Torvalds <torvalds@linux-foundation.org>
|
||||
Date: Thu, 13 Oct 2016 13:07:36 -0700
|
||||
Subject: [PATCH 2/4] mm: remove gup_flags FOLL_WRITE games from
|
||||
__get_user_pages()
|
||||
|
||||
commit 19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619 upstream.
|
||||
|
||||
This is an ancient bug that was actually attempted to be fixed once
|
||||
(badly) by me eleven years ago in commit 4ceb5db9757a ("Fix
|
||||
get_user_pages() race for write access") but that was then undone due to
|
||||
problems on s390 by commit f33ea7f404e5 ("fix get_user_pages bug").
|
||||
|
||||
In the meantime, the s390 situation has long been fixed, and we can now
|
||||
fix it by checking the pte_dirty() bit properly (and do it better). The
|
||||
s390 dirty bit was implemented in abf09bed3cce ("s390/mm: implement
|
||||
software dirty bits") which made it into v3.9. Earlier kernels will
|
||||
have to look at the page state itself.
|
||||
|
||||
Also, the VM has become more scalable, and what used a purely
|
||||
theoretical race back then has become easier to trigger.
|
||||
|
||||
To fix it, we introduce a new internal FOLL_COW flag to mark the "yes,
|
||||
we already did a COW" rather than play racy games with FOLL_WRITE that
|
||||
is very fundamental, and then use the pte dirty flag to validate that
|
||||
the FOLL_COW flag is still valid.
|
||||
|
||||
Reported-and-tested-by: Phil "not Paul" Oester <kernel@linuxace.com>
|
||||
Acked-by: Hugh Dickins <hughd@google.com>
|
||||
Reviewed-by: Michal Hocko <mhocko@suse.com>
|
||||
Cc: Andy Lutomirski <luto@kernel.org>
|
||||
Cc: Kees Cook <keescook@chromium.org>
|
||||
Cc: Oleg Nesterov <oleg@redhat.com>
|
||||
Cc: Willy Tarreau <w@1wt.eu>
|
||||
Cc: Nick Piggin <npiggin@gmail.com>
|
||||
Cc: Greg Thelen <gthelen@google.com>
|
||||
Cc: stable@vger.kernel.org
|
||||
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
|
||||
[wt: s/gup.c/memory.c; s/follow_page_pte/follow_page_mask;
|
||||
s/faultin_page/__get_user_page]
|
||||
Signed-off-by: Willy Tarreau <w@1wt.eu>
|
||||
---
|
||||
include/linux/mm.h | 2 ++
|
||||
mm/memory.c | 14 ++++++++++++--
|
||||
2 files changed, 14 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/include/linux/mm.h b/include/linux/mm.h
|
||||
index dbade0f..218be84 100644
|
||||
--- a/include/linux/mm.h
|
||||
+++ b/include/linux/mm.h
|
||||
@@ -1723,6 +1723,8 @@ struct page *follow_page(struct vm_area_struct *, unsigned long address,
|
||||
#define FOLL_SPLIT 0x80 /* don't return transhuge pages, split them */
|
||||
#define FOLL_HWPOISON 0x100 /* check page is hwpoisoned */
|
||||
#define FOLL_NUMA 0x200 /* force NUMA hinting page fault */
|
||||
+#define FOLL_MIGRATION 0x400 /* wait for page to replace migration entry */
|
||||
+#define FOLL_COW 0x4000 /* internal GUP flag */
|
||||
|
||||
typedef int (*pte_fn_t)(pte_t *pte, pgtable_t token, unsigned long addr,
|
||||
void *data);
|
||||
diff --git a/mm/memory.c b/mm/memory.c
|
||||
index 4395fe8..326e9cd 100644
|
||||
--- a/mm/memory.c
|
||||
+++ b/mm/memory.c
|
||||
@@ -1458,6 +1458,16 @@ int zap_vma_ptes(struct vm_area_struct *vma, unsigned long address,
|
||||
}
|
||||
EXPORT_SYMBOL_GPL(zap_vma_ptes);
|
||||
|
||||
+/*
|
||||
+ * FOLL_FORCE can write to even unwritable pte's, but only
|
||||
+ * after we've gone through a COW cycle and they are dirty.
|
||||
+ */
|
||||
+static inline bool can_follow_write_pte(pte_t pte, unsigned int flags)
|
||||
+{
|
||||
+ return pte_write(pte) ||
|
||||
+ ((flags & FOLL_FORCE) && (flags & FOLL_COW) && pte_dirty(pte));
|
||||
+}
|
||||
+
|
||||
/**
|
||||
* follow_page - look up a page descriptor from a user-virtual address
|
||||
* @vma: vm_area_struct mapping @address
|
||||
@@ -1544,7 +1554,7 @@ split_fallthrough:
|
||||
goto no_page;
|
||||
if ((flags & FOLL_NUMA) && pte_numa(pte))
|
||||
goto no_page;
|
||||
- if ((flags & FOLL_WRITE) && !pte_write(pte))
|
||||
+ if ((flags & FOLL_WRITE) && !can_follow_write_pte(pte, flags))
|
||||
goto unlock;
|
||||
|
||||
page = vm_normal_page(vma, address, pte);
|
||||
@@ -1847,7 +1857,7 @@ int __get_user_pages(struct task_struct *tsk, struct mm_struct *mm,
|
||||
*/
|
||||
if ((ret & VM_FAULT_WRITE) &&
|
||||
!(vma->vm_flags & VM_WRITE))
|
||||
- foll_flags &= ~FOLL_WRITE;
|
||||
+ foll_flags |= FOLL_COW;
|
||||
|
||||
cond_resched();
|
||||
}
|
||||
--
|
||||
2.10.1
|
||||
|
|
@ -0,0 +1,35 @@
|
|||
From 33ec211a483dd5fdc9c590f624ea395a237a59f1 Mon Sep 17 00:00:00 2001
|
||||
From: Kevin Mihelich <kevin@archlinuxarm.org>
|
||||
Date: Mon, 24 Oct 2016 19:33:31 -0600
|
||||
Subject: [PATCH 3/4] Revert "media/mfc: use shipped firmware paths"
|
||||
|
||||
This reverts commit 6720e7ffffed9656b006553311b2d85abcd3f0b6.
|
||||
---
|
||||
drivers/media/platform/s5p-mfc/s5p_mfc.c | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/drivers/media/platform/s5p-mfc/s5p_mfc.c b/drivers/media/platform/s5p-mfc/s5p_mfc.c
|
||||
index 6a1cef5..0da338c 100644
|
||||
--- a/drivers/media/platform/s5p-mfc/s5p_mfc.c
|
||||
+++ b/drivers/media/platform/s5p-mfc/s5p_mfc.c
|
||||
@@ -1293,7 +1293,7 @@ static struct s5p_mfc_variant mfc_drvdata_v5 = {
|
||||
.buf_size = &buf_size_v5,
|
||||
.buf_align = &mfc_buf_align_v5,
|
||||
.mclk_name = "sclk_mfc",
|
||||
- .fw_name = "s5p-mfc/s5p-mfc.fw",
|
||||
+ .fw_name = "s5p-mfc.fw",
|
||||
};
|
||||
|
||||
struct s5p_mfc_buf_size_v6 mfc_buf_size_v6 = {
|
||||
@@ -1320,7 +1320,7 @@ static struct s5p_mfc_variant mfc_drvdata_v6 = {
|
||||
.buf_size = &buf_size_v6,
|
||||
.buf_align = &mfc_buf_align_v6,
|
||||
.mclk_name = "aclk_333",
|
||||
- .fw_name = "s5p-mfc/s5p-mfc-v6.fw",
|
||||
+ .fw_name = "s5p-mfc-v6.fw",
|
||||
};
|
||||
|
||||
static struct platform_device_id mfc_driver_ids[] = {
|
||||
--
|
||||
2.10.1
|
||||
|
|
@ -0,0 +1,96 @@
|
|||
From 9610e2bda9ccee379887600bac748aeb13a61cbe Mon Sep 17 00:00:00 2001
|
||||
From: popcornmix <popcornmix@gmail.com>
|
||||
Date: Tue, 26 Mar 2013 17:26:38 +0000
|
||||
Subject: [PATCH 4/4] Allow mac address to be set in smsc95xx
|
||||
|
||||
Signed-off-by: popcornmix <popcornmix@gmail.com>
|
||||
---
|
||||
drivers/net/usb/smsc95xx.c | 56 ++++++++++++++++++++++++++++++++++++++++++++++
|
||||
1 file changed, 56 insertions(+)
|
||||
|
||||
diff --git a/drivers/net/usb/smsc95xx.c b/drivers/net/usb/smsc95xx.c
|
||||
index 19a8db7..fdde874 100644
|
||||
--- a/drivers/net/usb/smsc95xx.c
|
||||
+++ b/drivers/net/usb/smsc95xx.c
|
||||
@@ -54,6 +54,7 @@
|
||||
#define FEATURE_8_WAKEUP_FILTERS (0x01)
|
||||
#define FEATURE_PHY_NLP_CROSSOVER (0x02)
|
||||
#define FEATURE_AUTOSUSPEND (0x04)
|
||||
+#define MAC_ADDR_LEN (6)
|
||||
|
||||
struct smsc95xx_priv {
|
||||
u32 mac_cr;
|
||||
@@ -129,6 +130,10 @@ int smsc95xx_read_mac_addr(unsigned char *mac)
|
||||
}
|
||||
#endif
|
||||
|
||||
+static char *macaddr = ":";
|
||||
+module_param(macaddr, charp, 0);
|
||||
+MODULE_PARM_DESC(macaddr, "MAC address");
|
||||
+
|
||||
static int __must_check __smsc95xx_read_reg(struct usbnet *dev, u32 index,
|
||||
u32 *data, int in_pm)
|
||||
{
|
||||
@@ -836,8 +841,59 @@ static int smsc95xx_ioctl(struct net_device *netdev, struct ifreq *rq, int cmd)
|
||||
return generic_mii_ioctl(&dev->mii, if_mii(rq), cmd, NULL);
|
||||
}
|
||||
|
||||
+/* Check the macaddr module parameter for a MAC address */
|
||||
+static int smsc95xx_is_macaddr_param(struct usbnet *dev, u8 *dev_mac)
|
||||
+{
|
||||
+ int i, j, got_num, num;
|
||||
+ u8 mtbl[MAC_ADDR_LEN];
|
||||
+
|
||||
+ if (macaddr[0] == ':')
|
||||
+ return 0;
|
||||
+
|
||||
+ i = 0;
|
||||
+ j = 0;
|
||||
+ num = 0;
|
||||
+ got_num = 0;
|
||||
+ while (j < MAC_ADDR_LEN) {
|
||||
+ if (macaddr[i] && macaddr[i] != ':') {
|
||||
+ got_num++;
|
||||
+ if ('0' <= macaddr[i] && macaddr[i] <= '9')
|
||||
+ num = num * 16 + macaddr[i] - '0';
|
||||
+ else if ('A' <= macaddr[i] && macaddr[i] <= 'F')
|
||||
+ num = num * 16 + 10 + macaddr[i] - 'A';
|
||||
+ else if ('a' <= macaddr[i] && macaddr[i] <= 'f')
|
||||
+ num = num * 16 + 10 + macaddr[i] - 'a';
|
||||
+ else
|
||||
+ break;
|
||||
+ i++;
|
||||
+ } else if (got_num == 2) {
|
||||
+ mtbl[j++] = (u8) num;
|
||||
+ num = 0;
|
||||
+ got_num = 0;
|
||||
+ i++;
|
||||
+ } else {
|
||||
+ break;
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ if (j == MAC_ADDR_LEN) {
|
||||
+ netif_dbg(dev, ifup, dev->net, "Overriding MAC address with: "
|
||||
+ "%02x:%02x:%02x:%02x:%02x:%02x\n", mtbl[0], mtbl[1], mtbl[2],
|
||||
+ mtbl[3], mtbl[4], mtbl[5]);
|
||||
+ for (i = 0; i < MAC_ADDR_LEN; i++)
|
||||
+ dev_mac[i] = mtbl[i];
|
||||
+ return 1;
|
||||
+ } else {
|
||||
+ return 0;
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
static void smsc95xx_init_mac_address(struct usbnet *dev)
|
||||
{
|
||||
+ /* Check module parameters */
|
||||
+ if (smsc95xx_is_macaddr_param(dev, dev->net->dev_addr))
|
||||
+ return;
|
||||
+
|
||||
/* try reading mac address from EEPROM */
|
||||
if (smsc95xx_read_eeprom(dev, EEPROM_MAC_OFFSET, ETH_ALEN,
|
||||
dev->net->dev_addr) == 0) {
|
||||
--
|
||||
2.10.1
|
||||
|
|
@ -8,7 +8,7 @@ pkgname=('linux-odroid-x' 'linux-odroid-x2' 'linux-odroid-u2' 'linux-headers-odr
|
|||
_kernelname=${pkgname#linux}
|
||||
_basekernel=3.8
|
||||
pkgver=${_basekernel}.13.30
|
||||
pkgrel=4
|
||||
pkgrel=5
|
||||
arch=('armv7h')
|
||||
url="http://github.com/hardkernel/linux/"
|
||||
license=('GPL2')
|
||||
|
@ -16,16 +16,20 @@ makedepends=('xmlto' 'docbook-xsl' 'kmod' 'git' 'inetutils' 'bc')
|
|||
options=('!strip')
|
||||
_commit=ddfddf829693c6bb739074e1b14e9e4fa1c55ea8
|
||||
source=("https://github.com/hardkernel/linux/archive/${_commit}.tar.gz"
|
||||
'add-gcc6-support.patch'
|
||||
'rtl8812_to_v4_3_14_and_enable_rtl8821.patch.xz'
|
||||
'kernel-CVE-2016-0728.patch'
|
||||
'0001-KEYS-Fix-keyring-ref-leak-in-join_session_keyring.patch'
|
||||
'0002-mm-remove-gup_flags-FOLL_WRITE-games-from-__get_user.patch'
|
||||
'0003-Revert-media-mfc-use-shipped-firmware-paths.patch'
|
||||
'0004-Allow-mac-address-to-be-set-in-smsc95xx.patch'
|
||||
'config_x'
|
||||
'config_x2'
|
||||
'config_u2')
|
||||
md5sums=('e4ff4cbd8bd2145ba26e085de665d806'
|
||||
'840a69592300bf7cbc3ad317e8100114'
|
||||
'c6d56cc8134dd25d97d0416ef98a3dfe'
|
||||
'6470e9783bd1c7a8feddc2d67f07afd5'
|
||||
'a78459b6f959991291c0cf16efd701b8'
|
||||
'b13dc91cba30802ee1e6cfd247c8925d'
|
||||
'34bdc31e77b4b74348181ccbf7faaa32'
|
||||
'3fbbb92df6a08005260e9f1aab28cf60'
|
||||
'f54b9fa32d672116c73e6e3c9585929f'
|
||||
'1211492fdd1125c68d03d0a1f8d6c498'
|
||||
'13011519e5c36655bdb5315178c5c1fe')
|
||||
|
@ -33,9 +37,13 @@ md5sums=('e4ff4cbd8bd2145ba26e085de665d806'
|
|||
prepare() {
|
||||
cd "${srcdir}/linux-${_commit}"
|
||||
|
||||
patch -Np1 -i ${srcdir}/add-gcc6-support.patch
|
||||
patch -p1 -i ${srcdir}/rtl8812_to_v4_3_14_and_enable_rtl8821.patch
|
||||
patch -p1 -i ${srcdir}/kernel-CVE-2016-0728.patch
|
||||
patch -p1 -i ../rtl8812_to_v4_3_14_and_enable_rtl8821.patch
|
||||
patch -p1 -i ../0001-KEYS-Fix-keyring-ref-leak-in-join_session_keyring.patch
|
||||
patch -p1 -i ../0002-mm-remove-gup_flags-FOLL_WRITE-games-from-__get_user.patch
|
||||
patch -p1 -i ../0003-Revert-media-mfc-use-shipped-firmware-paths.patch
|
||||
patch -p1 -i ../0004-Allow-mac-address-to-be-set-in-smsc95xx.patch
|
||||
|
||||
cp include/linux/compiler-gcc5.h include/linux/compiler-gcc6.h
|
||||
|
||||
# add pkgrel to extraversion
|
||||
sed -ri "s|^(EXTRAVERSION =)(.*)|\1 \2-${pkgrel}|" Makefile
|
||||
|
|
|
@ -1,71 +0,0 @@
|
|||
--- /dev/null
|
||||
+++ b/include/linux/compiler-gcc6.h
|
||||
@@ -0,0 +1,66 @@
|
||||
+#ifndef __LINUX_COMPILER_H
|
||||
+#error "Please don't include <linux/compiler-gcc5.h> directly, include <linux/compiler.h> instead."
|
||||
+#endif
|
||||
+
|
||||
+#define __used __attribute__((__used__))
|
||||
+#define __must_check __attribute__((warn_unused_result))
|
||||
+#define __compiler_offsetof(a, b) __builtin_offsetof(a, b)
|
||||
+
|
||||
+/* Mark functions as cold. gcc will assume any path leading to a call
|
||||
+ to them will be unlikely. This means a lot of manual unlikely()s
|
||||
+ are unnecessary now for any paths leading to the usual suspects
|
||||
+ like BUG(), printk(), panic() etc. [but let's keep them for now for
|
||||
+ older compilers]
|
||||
+
|
||||
+ Early snapshots of gcc 4.3 don't support this and we can't detect this
|
||||
+ in the preprocessor, but we can live with this because they're unreleased.
|
||||
+ Maketime probing would be overkill here.
|
||||
+
|
||||
+ gcc also has a __attribute__((__hot__)) to move hot functions into
|
||||
+ a special section, but I don't see any sense in this right now in
|
||||
+ the kernel context */
|
||||
+#define __cold __attribute__((__cold__))
|
||||
+
|
||||
+#define __UNIQUE_ID(prefix) __PASTE(__PASTE(__UNIQUE_ID_, prefix), __COUNTER__)
|
||||
+
|
||||
+#ifndef __CHECKER__
|
||||
+# define __compiletime_warning(message) __attribute__((warning(message)))
|
||||
+# define __compiletime_error(message) __attribute__((error(message)))
|
||||
+#endif /* __CHECKER__ */
|
||||
+
|
||||
+/*
|
||||
+ * Mark a position in code as unreachable. This can be used to
|
||||
+ * suppress control flow warnings after asm blocks that transfer
|
||||
+ * control elsewhere.
|
||||
+ *
|
||||
+ * Early snapshots of gcc 4.5 don't support this and we can't detect
|
||||
+ * this in the preprocessor, but we can live with this because they're
|
||||
+ * unreleased. Really, we need to have autoconf for the kernel.
|
||||
+ */
|
||||
+#define unreachable() __builtin_unreachable()
|
||||
+
|
||||
+/* Mark a function definition as prohibited from being cloned. */
|
||||
+#define __noclone __attribute__((__noclone__))
|
||||
+
|
||||
+/*
|
||||
+ * Tell the optimizer that something else uses this function or variable.
|
||||
+ */
|
||||
+#define __visible __attribute__((externally_visible))
|
||||
+
|
||||
+/*
|
||||
+ * GCC 'asm goto' miscompiles certain code sequences:
|
||||
+ *
|
||||
+ * http://gcc.gnu.org/bugzilla/show_bug.cgi?id=58670
|
||||
+ *
|
||||
+ * Work it around via a compiler barrier quirk suggested by Jakub Jelinek.
|
||||
+ * Fixed in GCC 4.8.2 and later versions.
|
||||
+ *
|
||||
+ * (asm goto is automatically volatile - the naming reflects this.)
|
||||
+ */
|
||||
+#define asm_volatile_goto(x...) do { asm goto(x); asm (""); } while (0)
|
||||
+
|
||||
+#ifdef CONFIG_ARCH_USE_BUILTIN_BSWAP
|
||||
+#define __HAVE_BUILTIN_BSWAP32__
|
||||
+#define __HAVE_BUILTIN_BSWAP64__
|
||||
+#define __HAVE_BUILTIN_BSWAP16__
|
||||
+#endif /* CONFIG_ARCH_USE_BUILTIN_BSWAP */
|
||||
--
|
||||
1.9.1
|
Loading…
Reference in a new issue