diff options
author | Ben Hutchings <ben@decadent.org.uk> | 2019-04-27 14:30:25 +0100 |
---|---|---|
committer | Ben Hutchings <ben@decadent.org.uk> | 2019-04-27 14:30:25 +0100 |
commit | 8d875cda9660f37dfcae55645228ed0e827b43c4 (patch) | |
tree | b9fd96b9f12da86ea654ac9ee50009c89f32114d | |
parent | b54c79068a9da78b8d0aef769868403d0e6da77d (diff) | |
download | linux-stable-queue-8d875cda9660f37dfcae55645228ed0e827b43c4.tar.gz |
Add follow-up fixes for various queued patches
-rw-r--r-- | queue-3.16/apparmor-provide-userspace-flag-indicating-binfmt_elf_mmap-change.patch | 34 | ||||
-rw-r--r-- | queue-3.16/brcmfmac-fix-incorrect-event-channel-deduction.patch | 36 | ||||
-rw-r--r-- | queue-3.16/mips-use-sigsp.patch | 89 | ||||
-rw-r--r-- | queue-3.16/powerpc-signal-properly-handle-return-value-from.patch | 43 | ||||
-rw-r--r-- | queue-3.16/powerpc-use-sigsp.patch | 74 | ||||
-rw-r--r-- | queue-3.16/series | 6 | ||||
-rw-r--r-- | queue-3.16/unicore32-fix-build-error.patch | 76 |
7 files changed, 358 insertions, 0 deletions
diff --git a/queue-3.16/apparmor-provide-userspace-flag-indicating-binfmt_elf_mmap-change.patch b/queue-3.16/apparmor-provide-userspace-flag-indicating-binfmt_elf_mmap-change.patch new file mode 100644 index 00000000..61c2b7f2 --- /dev/null +++ b/queue-3.16/apparmor-provide-userspace-flag-indicating-binfmt_elf_mmap-change.patch @@ -0,0 +1,34 @@ +From: John Johansen <john.johansen@canonical.com> +Date: Mon, 16 Jan 2017 00:42:43 -0800 +Subject: apparmor: provide userspace flag indicating binfmt_elf_mmap change + +commit 34c426acb75cc21bdf84685e106db0c1a3565057 upstream. + +Commit 9f834ec18def ("binfmt_elf: switch to new creds when switching to new mm") +changed when the creds are installed by the binfmt_elf handler. This +affects which creds are used to mmap the executable into the address +space. Which can have an affect on apparmor policy. + +Add a flag to apparmor at +/sys/kernel/security/apparmor/features/domain/fix_binfmt_elf_mmap + +to make it possible to detect this semantic change so that the userspace +tools and the regression test suite can correctly deal with the change. + +BugLink: http://bugs.launchpad.net/bugs/1630069 +Signed-off-by: John Johansen <john.johansen@canonical.com> +Signed-off-by: Ben Hutchings <ben@decadent.org.uk> +--- + security/apparmor/apparmorfs.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/security/apparmor/apparmorfs.c ++++ b/security/apparmor/apparmorfs.c +@@ -794,6 +794,7 @@ static struct aa_fs_entry aa_fs_entry_do + AA_FS_FILE_BOOLEAN("change_hatv", 1), + AA_FS_FILE_BOOLEAN("change_onexec", 1), + AA_FS_FILE_BOOLEAN("change_profile", 1), ++ AA_FS_FILE_BOOLEAN("fix_binfmt_elf_mmap", 1), + { } + }; + diff --git a/queue-3.16/brcmfmac-fix-incorrect-event-channel-deduction.patch b/queue-3.16/brcmfmac-fix-incorrect-event-channel-deduction.patch new file mode 100644 index 00000000..471096fa --- /dev/null +++ b/queue-3.16/brcmfmac-fix-incorrect-event-channel-deduction.patch @@ -0,0 +1,36 @@ +From: Gavin Li <git@thegavinli.com> +Date: Tue, 17 Jan 2017 15:24:05 -0800 +Subject: brcmfmac: fix incorrect event channel deduction + +commit 8e290cecdd0178f3d4cf7d463c51dc7e462843b4 upstream. + +brcmf_sdio_fromevntchan() was being called on the the data frame +rather than the software header, causing some frames to be +mischaracterized as on the event channel rather than the data channel. + +This fixes a major performance regression (due to dropped packets). With +this patch the download speed jumped from 1Mbit/s back up to 40MBit/s due +to the sheer amount of packets being incorrectly processed. + +Fixes: c56caa9db8ab ("brcmfmac: screening firmware event packet") +Signed-off-by: Gavin Li <git@thegavinli.com> +Acked-by: Arend van Spriel <arend.vanspriel@broadcom.com> +[kvalo@codeaurora.org: improve commit logs based on email discussion] +Signed-off-by: Kalle Valo <kvalo@codeaurora.org> +[bwh: Backported to 3.16: adjust filename] +Signed-off-by: Ben Hutchings <ben@decadent.org.uk> +--- + drivers/net/wireless/brcm80211/brcmfmac/dhd_sdio.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/drivers/net/wireless/brcm80211/brcmfmac/dhd_sdio.c ++++ b/drivers/net/wireless/brcm80211/brcmfmac/dhd_sdio.c +@@ -1710,7 +1710,7 @@ static u8 brcmf_sdio_rxglom(struct brcmf + pfirst->len, pfirst->next, + pfirst->prev); + skb_unlink(pfirst, &bus->glom); +- if (brcmf_sdio_fromevntchan(pfirst->data)) ++ if (brcmf_sdio_fromevntchan(&dptr[SDPCM_HWHDR_LEN])) + brcmf_rx_event(bus->sdiodev->dev, pfirst); + else + brcmf_rx_frame(bus->sdiodev->dev, pfirst, diff --git a/queue-3.16/mips-use-sigsp.patch b/queue-3.16/mips-use-sigsp.patch new file mode 100644 index 00000000..b4e14f78 --- /dev/null +++ b/queue-3.16/mips-use-sigsp.patch @@ -0,0 +1,89 @@ +From: Richard Weinberger <richard@nod.at> +Date: Wed, 5 Mar 2014 15:35:41 +0100 +Subject: mips: Use sigsp() + +commit 7c4f563507c33ca97dcfbd62dba1e9232575d499 upstream. + +Use sigsp() instead of the open coded variant. + +Signed-off-by: Richard Weinberger <richard@nod.at> +[bwh: Backported to 3.16 as dependency of commit 35634ffa1751 + "signal: Always notice exiting tasks"] +Signed-off-by: Ben Hutchings <ben@decadent.org.uk> +--- + arch/mips/kernel/signal.c | 10 ++++------ + arch/mips/kernel/signal32.c | 4 ++-- + arch/mips/kernel/signal_n32.c | 2 +- + 3 files changed, 7 insertions(+), 9 deletions(-) + +--- a/arch/mips/kernel/signal.c ++++ b/arch/mips/kernel/signal.c +@@ -280,7 +280,7 @@ int restore_sigcontext(struct pt_regs *r + return err; + } + +-void __user *get_sigframe(struct k_sigaction *ka, struct pt_regs *regs, ++void __user *get_sigframe(struct ksignal *ksig, struct pt_regs *regs, + size_t frame_size) + { + unsigned long sp; +@@ -295,9 +295,7 @@ void __user *get_sigframe(struct k_sigac + */ + sp -= 32; + +- /* This is the X/Open sanctioned signal stack switching. */ +- if ((ka->sa.sa_flags & SA_ONSTACK) && (sas_ss_flags (sp) == 0)) +- sp = current->sas_ss_sp + current->sas_ss_size; ++ sp = sigsp(sp, ksig); + + return (void __user *)((sp - frame_size) & (ICACHE_REFILLS_WORKAROUND_WAR ? ~(cpu_icache_line_size()-1) : ALMASK)); + } +@@ -434,7 +432,7 @@ static int setup_frame(void *sig_return, + struct sigframe __user *frame; + int err = 0; + +- frame = get_sigframe(&ksig->ka, regs, sizeof(*frame)); ++ frame = get_sigframe(ksig, regs, sizeof(*frame)); + if (!access_ok(VERIFY_WRITE, frame, sizeof (*frame))) + return -EFAULT; + +@@ -473,7 +471,7 @@ static int setup_rt_frame(void *sig_retu + struct rt_sigframe __user *frame; + int err = 0; + +- frame = get_sigframe(&ksig->ka, regs, sizeof(*frame)); ++ frame = get_sigframe(ksig, regs, sizeof(*frame)); + if (!access_ok(VERIFY_WRITE, frame, sizeof (*frame))) + return -EFAULT; + +--- a/arch/mips/kernel/signal32.c ++++ b/arch/mips/kernel/signal32.c +@@ -494,7 +494,7 @@ static int setup_frame_32(void *sig_retu + struct sigframe32 __user *frame; + int err = 0; + +- frame = get_sigframe(&ksig->ka, regs, sizeof(*frame)); ++ frame = get_sigframe(ksig, regs, sizeof(*frame)); + if (!access_ok(VERIFY_WRITE, frame, sizeof (*frame))) + return -EFAULT; + +@@ -534,7 +534,7 @@ static int setup_rt_frame_32(void *sig_r + struct rt_sigframe32 __user *frame; + int err = 0; + +- frame = get_sigframe(&ksig->ka, regs, sizeof(*frame)); ++ frame = get_sigframe(ksig, regs, sizeof(*frame)); + if (!access_ok(VERIFY_WRITE, frame, sizeof (*frame))) + return -EFAULT; + +--- a/arch/mips/kernel/signal_n32.c ++++ b/arch/mips/kernel/signal_n32.c +@@ -108,7 +108,7 @@ static int setup_rt_frame_n32(void *sig_ + struct rt_sigframe_n32 __user *frame; + int err = 0; + +- frame = get_sigframe(&ksig->ka, regs, sizeof(*frame)); ++ frame = get_sigframe(ksig, regs, sizeof(*frame)); + if (!access_ok(VERIFY_WRITE, frame, sizeof (*frame))) + return -EFAULT; + diff --git a/queue-3.16/powerpc-signal-properly-handle-return-value-from.patch b/queue-3.16/powerpc-signal-properly-handle-return-value-from.patch new file mode 100644 index 00000000..81599f53 --- /dev/null +++ b/queue-3.16/powerpc-signal-properly-handle-return-value-from.patch @@ -0,0 +1,43 @@ +From: "Naveen N. Rao" <naveen.n.rao@linux.vnet.ibm.com> +Date: Thu, 31 Aug 2017 21:55:57 +0530 +Subject: powerpc/signal: Properly handle return value from + uprobe_deny_signal() + +commit 46725b17f1c6c815a41429259b3f070c01e71bc1 upstream. + +When a uprobe is installed on an instruction that we currently do not +emulate, we copy the instruction into a xol buffer and single step +that instruction. If that instruction generates a fault, we abort the +single stepping before invoking the signal handler. Once the signal +handler is done, the uprobe trap is hit again since the instruction is +retried and the process repeats. + +We use uprobe_deny_signal() to detect if the xol instruction triggered +a signal. If so, we clear TIF_SIGPENDING and set TIF_UPROBE so that the +signal is not handled until after the single stepping is aborted. In +this case, uprobe_deny_signal() returns true and get_signal() ends up +returning 0. However, in do_signal(), we are not looking at the return +value, but depending on ksig.sig for further action, all with an +uninitialized ksig that is not touched in this scenario. Fix the same +by initializing ksig.sig to 0. + +Fixes: 129b69df9c90 ("powerpc: Use get_signal() signal_setup_done()") +Reported-by: Anton Blanchard <anton@samba.org> +Signed-off-by: Naveen N. Rao <naveen.n.rao@linux.vnet.ibm.com> +Signed-off-by: Michael Ellerman <mpe@ellerman.id.au> +Signed-off-by: Ben Hutchings <ben@decadent.org.uk> +--- + arch/powerpc/kernel/signal.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/arch/powerpc/kernel/signal.c ++++ b/arch/powerpc/kernel/signal.c +@@ -102,7 +102,7 @@ static void check_syscall_restart(struct + static void do_signal(struct pt_regs *regs) + { + sigset_t *oldset = sigmask_to_save(); +- struct ksignal ksig; ++ struct ksignal ksig = { .sig = 0 }; + int ret; + int is32 = is_32bit_task(); + diff --git a/queue-3.16/powerpc-use-sigsp.patch b/queue-3.16/powerpc-use-sigsp.patch new file mode 100644 index 00000000..249bedbf --- /dev/null +++ b/queue-3.16/powerpc-use-sigsp.patch @@ -0,0 +1,74 @@ +From: Richard Weinberger <richard@nod.at> +Date: Wed, 5 Mar 2014 16:25:55 +0100 +Subject: powerpc: Use sigsp() + +commit 059ade650ae57cfd371af690fdba887af04aded8 upstream. + +Use sigsp() instead of the open coded variant. + +Signed-off-by: Richard Weinberger <richard@nod.at> +[bwh: Backported to 3.16 as dependency of commit 35634ffa1751 + "signal: Always notice exiting tasks"] +Signed-off-by: Ben Hutchings <ben@decadent.org.uk> +--- + arch/powerpc/kernel/signal.c | 10 ++-------- + arch/powerpc/kernel/signal_32.c | 4 ++-- + arch/powerpc/kernel/signal_64.c | 2 +- + 3 files changed, 5 insertions(+), 11 deletions(-) + +--- a/arch/powerpc/kernel/signal.c ++++ b/arch/powerpc/kernel/signal.c +@@ -31,20 +31,14 @@ int show_unhandled_signals = 1; + /* + * Allocate space for the signal frame + */ +-void __user * get_sigframe(struct k_sigaction *ka, unsigned long sp, ++void __user *get_sigframe(struct ksignal *ksig, unsigned long sp, + size_t frame_size, int is_32) + { + unsigned long oldsp, newsp; + + /* Default to using normal stack */ + oldsp = get_clean_sp(sp, is_32); +- +- /* Check for alt stack */ +- if ((ka->sa.sa_flags & SA_ONSTACK) && +- current->sas_ss_size && !on_sig_stack(oldsp)) +- oldsp = (current->sas_ss_sp + current->sas_ss_size); +- +- /* Get aligned frame */ ++ oldsp = sigsp(oldsp, ksig); + newsp = (oldsp - frame_size) & ~0xFUL; + + /* Check access */ +--- a/arch/powerpc/kernel/signal_32.c ++++ b/arch/powerpc/kernel/signal_32.c +@@ -1014,7 +1014,7 @@ int handle_rt_signal32(struct ksignal *k + + /* Set up Signal Frame */ + /* Put a Real Time Context onto stack */ +- rt_sf = get_sigframe(&ksig->ka, get_tm_stackpointer(regs), sizeof(*rt_sf), 1); ++ rt_sf = get_sigframe(ksig, get_tm_stackpointer(regs), sizeof(*rt_sf), 1); + addr = rt_sf; + if (unlikely(rt_sf == NULL)) + goto badframe; +@@ -1445,7 +1445,7 @@ int handle_signal32(struct ksignal *ksig + unsigned long tramp; + + /* Set up Signal Frame */ +- frame = get_sigframe(&ksig->ka, get_tm_stackpointer(regs), sizeof(*frame), 1); ++ frame = get_sigframe(ksig, get_tm_stackpointer(regs), sizeof(*frame), 1); + if (unlikely(frame == NULL)) + goto badframe; + sc = (struct sigcontext __user *) &frame->sctx; +--- a/arch/powerpc/kernel/signal_64.c ++++ b/arch/powerpc/kernel/signal_64.c +@@ -749,7 +749,7 @@ int handle_rt_signal64(struct ksignal *k + unsigned long newsp = 0; + long err = 0; + +- frame = get_sigframe(&ksig->ka, get_tm_stackpointer(regs), sizeof(*frame), 0); ++ frame = get_sigframe(ksig, get_tm_stackpointer(regs), sizeof(*frame), 0); + if (unlikely(frame == NULL)) + goto badframe; + diff --git a/queue-3.16/series b/queue-3.16/series index 8f77cdc1..716ec8dc 100644 --- a/queue-3.16/series +++ b/queue-3.16/series @@ -117,15 +117,19 @@ m32r-use-get_signal-signal_setup_done.patch m68k-use-get_signal-signal_setup_done.patch microblaze-use-get_signal-signal_setup_done.patch mips-use-get_signal-signal_setup_done.patch +mips-use-sigsp.patch mn10300-use-get_signal-signal_setup_done.patch parisc-use-get_signal-signal_setup_done.patch powerpc-use-get_signal-signal_setup_done.patch +powerpc-use-sigsp.patch +powerpc-signal-properly-handle-return-value-from.patch s390-use-get_signal-signal_setup_done.patch score-use-get_signal-signal_setup_done.patch sh-use-get_signal-signal_setup_done.patch tile-use-get_signal-signal_setup_done.patch um-use-get_signal-signal_setup_done.patch unicore32-use-get_signal-signal_setup_done.patch +unicore32-fix-build-error.patch xtensa-use-get_signal-signal_setup_done.patch tracehook_signal_handler-remove-sig-info-ka-and-regs.patch clean-up-signal_delivered.patch @@ -189,8 +193,10 @@ brcmfmac-assure-ssid-length-from-firmware-is-limited.patch brcmfmac-consolidate-ifp-lookup-in-driver-core.patch brcmfmac-make-brcmf_proto_hdrpull-return-struct-brcmf_if-instance.patch brcmfmac-screening-firmware-event-packet.patch +brcmfmac-fix-incorrect-event-channel-deduction.patch brcmfmac-revise-handling-events-in-receive-path.patch brcmfmac-add-subtype-check-for-event-handling-in-data-path.patch binfmt_elf-fix-missing-sigkill-for-empty-pie.patch binfmt_elf-switch-to-new-creds-when-switching-to-new-mm.patch +apparmor-provide-userspace-flag-indicating-binfmt_elf_mmap-change.patch tty-mark-siemens-r3964-line-discipline-as-broken.patch diff --git a/queue-3.16/unicore32-fix-build-error.patch b/queue-3.16/unicore32-fix-build-error.patch new file mode 100644 index 00000000..4c1d372c --- /dev/null +++ b/queue-3.16/unicore32-fix-build-error.patch @@ -0,0 +1,76 @@ +From: Guenter Roeck <linux@roeck-us.net> +Date: Sun, 31 Aug 2014 11:14:26 -0700 +Subject: unicore32: Fix build error +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +commit ca98565a6182a960cd857d7546267a0775154eb8 upstream. + +unicore32 builds fail with + + arch/unicore32/kernel/signal.c: In function ‘setup_frame’: + arch/unicore32/kernel/signal.c:257: error: ‘usig’ undeclared (first use in this function) + arch/unicore32/kernel/signal.c:279: error: ‘usig’ undeclared (first use in this function) + arch/unicore32/kernel/signal.c: In function ‘handle_signal’: + arch/unicore32/kernel/signal.c:306: warning: unused variable ‘tsk’ + arch/unicore32/kernel/signal.c: In function ‘do_signal’: + arch/unicore32/kernel/signal.c:376: error: implicit declaration of function ‘get_signsl’ + make[1]: *** [arch/unicore32/kernel/signal.o] Error 1 + make: *** [arch/unicore32/kernel/signal.o] Error 2 + +Bisect points to commit 649671c90eaf ("unicore32: Use get_signal() +signal_setup_done()"). + +This code never even compiled. Reverting the patch does not work, since +previously used functions no longer exist, so try to fix it up. Compile +tested only. + +Fixes: 649671c90eaf ("unicore32: Use get_signal() signal_setup_done()") +Cc: Richard Weinberger <richard@nod.at> +Signed-off-by: Guenter Roeck <linux@roeck-us.net> +Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> +Signed-off-by: Ben Hutchings <ben@decadent.org.uk> +--- + arch/unicore32/kernel/signal.c | 9 +++++---- + 1 file changed, 5 insertions(+), 4 deletions(-) + +--- a/arch/unicore32/kernel/signal.c ++++ b/arch/unicore32/kernel/signal.c +@@ -254,7 +254,8 @@ static int setup_frame(struct ksignal *k + + err |= setup_sigframe(frame, regs, set); + if (err == 0) +- err |= setup_return(regs, &ksig->ka, frame->retcode, frame, usig); ++ err |= setup_return(regs, &ksig->ka, frame->retcode, frame, ++ ksig->sig); + + return err; + } +@@ -276,7 +277,8 @@ static int setup_rt_frame(struct ksignal + err |= __save_altstack(&frame->sig.uc.uc_stack, regs->UCreg_sp); + err |= setup_sigframe(&frame->sig, regs, set); + if (err == 0) +- err |= setup_return(regs, &ksig->ka, frame->sig.retcode, frame, usig); ++ err |= setup_return(regs, &ksig->ka, frame->sig.retcode, frame, ++ ksig->sig); + + if (err == 0) { + /* +@@ -303,7 +305,6 @@ static void handle_signal(struct ksignal + int syscall) + { + struct thread_info *thread = current_thread_info(); +- struct task_struct *tsk = current; + sigset_t *oldset = sigmask_to_save(); + int usig = ksig->sig; + int ret; +@@ -373,7 +374,7 @@ static void do_signal(struct pt_regs *re + if (!user_mode(regs)) + return; + +- if (get_signsl(&ksig)) { ++ if (get_signal(&ksig)) { + handle_signal(&ksig, regs, syscall); + return; + } |