This is the start of the stable review cycle for the 4.9.252 release.
There are 25 patches in this series, all will be posted as a response
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Sun, 17 Jan 2021 12:19:42 +0000.
Anything received after that time might be too late.
The whole patch series can be found in one patch at:
https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.9.252-rc1.gz
or in the git tree and branch at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.9.y
and the diffstat can be found below.
thanks,
greg k-h
-------------
Pseudo-Shortlog of commits:
Greg Kroah-Hartman <[email protected]>
Linux 4.9.252-rc1
Vasily Averin <[email protected]>
net: drop bogus skb with CHECKSUM_PARTIAL and offset beyond end of trimmed packet
Ming Lei <[email protected]>
block: fix use-after-free in disk_part_iter_next
Marc Zyngier <[email protected]>
KVM: arm64: Don't access PMCR_EL0 when no PMU is available
Arnd Bergmann <[email protected]>
wan: ds26522: select CONFIG_BITREVERSE
Dinghao Liu <[email protected]>
net/mlx5e: Fix memleak in mlx5e_create_l2_table_groups
Dinghao Liu <[email protected]>
iommu/intel: Fix memleak in intel_irq_remapping_alloc
Arnd Bergmann <[email protected]>
block: rsxx: select CONFIG_CRC32
Arnd Bergmann <[email protected]>
wil6210: select CONFIG_CRC32
Shravya Kumbham <[email protected]>
dmaengine: xilinx_dma: fix mixed_enum_type coverity warning
Shravya Kumbham <[email protected]>
dmaengine: xilinx_dma: check dma_async_device_register return value
Colin Ian King <[email protected]>
cpufreq: powernow-k8: pass policy rather than use cpufreq_cpu_get()
Andreas Kemnade <[email protected]>
ARM: OMAP2+: omap_device: fix idling of devices during probe
Lukas Wunner <[email protected]>
spi: pxa2xx: Fix use-after-free on unbind
Richard Weinberger <[email protected]>
ubifs: wbuf: Don't leak kernel memory to flash
Chris Wilson <[email protected]>
drm/i915: Fix mismatch between misplaced vma check and vma insert
Nick Desaulniers <[email protected]>
vmlinux.lds.h: Add PGO and AutoFDO input sections
Florian Westphal <[email protected]>
net: fix pmtu check in nopmtudisc mode
Florian Westphal <[email protected]>
net: ip: always refragment ip defragmented packets
Mathieu Desnoyers <[email protected]>
powerpc: Fix incorrect stw{, ux, u, x} instructions in __set_pte_at
David Disseldorp <[email protected]>
target: add XCOPY target/segment desc sense codes
David Disseldorp <[email protected]>
scsi: target: Fix XCOPY NAA identifier lookup
Mike Christie <[email protected]>
xcopy: loop over devices using idr helper
David Disseldorp <[email protected]>
target: use XCOPY segment descriptor CSCD IDs
David Disseldorp <[email protected]>
target: simplify XCOPY wwn->se_dev lookup helper
David Disseldorp <[email protected]>
target: bounds check XCOPY segment descriptor list
-------------
Diffstat:
Makefile | 4 +-
arch/arm/mach-omap2/omap_device.c | 8 +-
arch/arm64/kvm/sys_regs.c | 4 +
arch/powerpc/include/asm/book3s/32/pgtable.h | 4 +-
arch/powerpc/include/asm/nohash/pgtable.h | 4 +-
block/genhd.c | 9 +-
drivers/block/Kconfig | 1 +
drivers/cpufreq/powernow-k8.c | 9 +-
drivers/dma/xilinx/xilinx_dma.c | 8 +-
drivers/gpu/drm/i915/i915_gem_execbuffer.c | 2 +-
drivers/iommu/intel_irq_remapping.c | 2 +
drivers/net/ethernet/mellanox/mlx5/core/en_fs.c | 1 +
drivers/net/wan/Kconfig | 1 +
drivers/net/wireless/ath/wil6210/Kconfig | 1 +
drivers/spi/spi-pxa2xx.c | 3 +-
drivers/target/target_core_transport.c | 24 +++
drivers/target/target_core_xcopy.c | 220 +++++++++++++++---------
drivers/target/target_core_xcopy.h | 1 +
fs/ubifs/io.c | 13 +-
include/asm-generic/vmlinux.lds.h | 5 +-
include/target/target_core_base.h | 4 +
net/core/skbuff.c | 6 +
net/ipv4/ip_output.c | 2 +-
net/ipv4/ip_tunnel.c | 10 +-
24 files changed, 229 insertions(+), 117 deletions(-)
From: Richard Weinberger <[email protected]>
commit 20f1431160c6b590cdc269a846fc5a448abf5b98 upstream
Write buffers use a kmalloc()'ed buffer, they can leak
up to seven bytes of kernel memory to flash if writes are not
aligned.
So use ubifs_pad() to fill these gaps with padding bytes.
This was never a problem while scanning because the scanner logic
manually aligns node lengths and skips over these gaps.
Cc: <[email protected]>
Fixes: 1e51764a3c2ac05a2 ("UBIFS: add new flash file system")
Signed-off-by: Richard Weinberger <[email protected]>
Reviewed-by: Zhihao Cheng <[email protected]>
Signed-off-by: Richard Weinberger <[email protected]>
[sudip: adjust context]
Signed-off-by: Sudip Mukherjee <[email protected]>
Signed-off-by: Greg Kroah-Hartman <[email protected]>
---
fs/ubifs/io.c | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)
--- a/fs/ubifs/io.c
+++ b/fs/ubifs/io.c
@@ -331,7 +331,7 @@ void ubifs_pad(const struct ubifs_info *
{
uint32_t crc;
- ubifs_assert(pad >= 0 && !(pad & 7));
+ ubifs_assert(pad >= 0);
if (pad >= UBIFS_PAD_NODE_SZ) {
struct ubifs_ch *ch = buf;
@@ -721,6 +721,10 @@ int ubifs_wbuf_write_nolock(struct ubifs
* write-buffer.
*/
memcpy(wbuf->buf + wbuf->used, buf, len);
+ if (aligned_len > len) {
+ ubifs_assert(aligned_len - len < 8);
+ ubifs_pad(c, wbuf->buf + wbuf->used + len, aligned_len - len);
+ }
if (aligned_len == wbuf->avail) {
dbg_io("flush jhead %s wbuf to LEB %d:%d",
@@ -813,13 +817,18 @@ int ubifs_wbuf_write_nolock(struct ubifs
}
spin_lock(&wbuf->lock);
- if (aligned_len)
+ if (aligned_len) {
/*
* And now we have what's left and what does not take whole
* max. write unit, so write it to the write-buffer and we are
* done.
*/
memcpy(wbuf->buf, buf + written, len);
+ if (aligned_len > len) {
+ ubifs_assert(aligned_len - len < 8);
+ ubifs_pad(c, wbuf->buf + len, aligned_len - len);
+ }
+ }
if (c->leb_size - wbuf->offs >= c->max_write_size)
wbuf->size = c->max_write_size;
On 1/15/21 5:27 AM, Greg Kroah-Hartman wrote:
> This is the start of the stable review cycle for the 4.9.252 release.
> There are 25 patches in this series, all will be posted as a response
> to this one. If anyone has any issues with these being applied, please
> let me know.
>
> Responses should be made by Sun, 17 Jan 2021 12:19:42 +0000.
> Anything received after that time might be too late.
>
> The whole patch series can be found in one patch at:
> https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.9.252-rc1.gz
> or in the git tree and branch at:
> git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.9.y
> and the diffstat can be found below.
>
> thanks,
>
> greg k-h
>
Compiled and booted on my test system. No dmesg regressions.
Tested-by: Shuah Khan <[email protected]>
thanks,
-- Shuah
On Fri, Jan 15, 2021 at 01:27:31PM +0100, Greg Kroah-Hartman wrote:
> This is the start of the stable review cycle for the 4.9.252 release.
> There are 25 patches in this series, all will be posted as a response
> to this one. If anyone has any issues with these being applied, please
> let me know.
>
> Responses should be made by Sun, 17 Jan 2021 12:19:42 +0000.
> Anything received after that time might be too late.
>
Build results:
total: 168 pass: 168 fail: 0
Qemu test results:
total: 382 pass: 382 fail: 0
Tested-by: Guenter Roeck <[email protected]>
Guenter
On Fri, 15 Jan 2021 at 18:02, Greg Kroah-Hartman
<[email protected]> wrote:
>
> This is the start of the stable review cycle for the 4.9.252 release.
> There are 25 patches in this series, all will be posted as a response
> to this one. If anyone has any issues with these being applied, please
> let me know.
>
> Responses should be made by Sun, 17 Jan 2021 12:19:42 +0000.
> Anything received after that time might be too late.
>
> The whole patch series can be found in one patch at:
> https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.9.252-rc1.gz
> or in the git tree and branch at:
> git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.9.y
> and the diffstat can be found below.
>
> thanks,
>
> greg k-h
Results from Linaro’s test farm.
No regressions on arm64, arm, x86_64, and i386.
Tested-by: Linux Kernel Functional Testing <[email protected]>
Summary
------------------------------------------------------------------------
kernel: 4.9.252-rc1
git repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git
git branch: linux-4.9.y
git commit: 5728b2608cec5ac986e96fec329c9afce3c6e6fd
git describe: v4.9.251-26-g5728b2608cec
Test details: https://qa-reports.linaro.org/lkft/linux-stable-rc-linux-4.9.y/build/v4.9.251-26-g5728b2608cec
No regressions (compared to build v4.9.251)
No fixes (compared to build v4.9.251)
Ran 39849 total tests in the following environments and test suites.
Environments
--------------
- arm
- arm64
- dragonboard-410c - arm64
- hi6220-hikey - arm64
- i386
- juno-r2 - arm64
- juno-r2-compat
- juno-r2-kasan
- mips
- qemu-arm64-kasan
- qemu-x86_64-kasan
- qemu_arm
- qemu_arm64
- qemu_arm64-compat
- qemu_i386
- qemu_x86_64
- qemu_x86_64-compat
- sparc
- x15 - arm
- x86_64
- x86-kasan
- x86_64
Test Suites
-----------
* build
* linux-log-parser
* install-android-platform-tools-r2600
* kvm-unit-tests
* ltp-cap_bounds-tests
* ltp-commands-tests
* ltp-containers-tests
* ltp-controllers-tests
* ltp-cpuhotplug-tests
* ltp-crypto-tests
* ltp-cve-tests
* ltp-dio-tests
* ltp-fcntl-locktests-tests
* ltp-filecaps-tests
* ltp-fs-tests
* ltp-fs_bind-tests
* ltp-fs_perms_simple-tests
* ltp-fsx-tests
* ltp-hugetlb-tests
* ltp-io-tests
* ltp-ipc-tests
* ltp-math-tests
* ltp-mm-tests
* ltp-sched-tests
* ltp-syscalls-tests
* ltp-tracing-tests
* perf
* v4l2-compliance
* fwts
* libhugetlbfs
* ltp-nptl-tests
* ltp-pty-tests
* ltp-securebits-tests
* network-basic-tests
* ltp-open-posix-tests
--
Linaro LKFT
https://lkft.linaro.org