Update linux-drd to 3.13.5

2014-03-01 12:39:26 +01:00 · 2014-03-01 12:39:26 +01:00 · 3a6a43528e
commit 3a6a43528e
parent 0053530499
4 changed files with 95 additions and 95 deletions
--- a/linux-drd/0001-SUNRPC-Ensure-that-gss_auth-isn-t-freed-before-its-u.patch
+++ b/linux-drd/0001-SUNRPC-Ensure-that-gss_auth-isn-t-freed-before-its-u.patch
@ -0,0 +1,82 @@
+From 2bd7c7b5f011b3d57e4f5625b561a6f3f2f34a81 Mon Sep 17 00:00:00 2001
+From: Trond Myklebust <trond.myklebust@primarydata.com>
+Date: Sun, 16 Feb 2014 12:14:13 -0500
+Subject: [PATCH] SUNRPC: Ensure that gss_auth isn't freed before its upcall
+ messages
+
+Fix a race in which the RPC client is shutting down while the
+gss daemon is processing a downcall. If the RPC client manages to
+shut down before the gss daemon is done, then the struct gss_auth
+used in gss_release_msg() may have already been freed.
+
+Link: http://lkml.kernel.org/r/1392494917.71728.YahooMailNeo@web140002.mail.bf1.yahoo.com
+Reported-by: John <da_audiophile@yahoo.com>
+Reported-by: Borislav Petkov <bp@alien8.de>
+Cc: stable@vger.kernel.org # 3.12+
+Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
+---
+ net/sunrpc/auth_gss/auth_gss.c | 13 +++++++++++--
+ 1 file changed, 11 insertions(+), 2 deletions(-)
+
+diff --git a/net/sunrpc/auth_gss/auth_gss.c b/net/sunrpc/auth_gss/auth_gss.c
+index 42fdfc6..a642fd616 100644
+--- a/net/sunrpc/auth_gss/auth_gss.c
+++ b/net/sunrpc/auth_gss/auth_gss.c
+@@ -108,6 +108,7 @@ struct gss_auth {
+ static DEFINE_SPINLOCK(pipe_version_lock);
+ static struct rpc_wait_queue pipe_version_rpc_waitqueue;
+ static DECLARE_WAIT_QUEUE_HEAD(pipe_version_waitqueue);
+static void gss_put_auth(struct gss_auth *gss_auth);
+ 
+ static void gss_free_ctx(struct gss_cl_ctx *);
+ static const struct rpc_pipe_ops gss_upcall_ops_v0;
+@@ -320,6 +321,7 @@ gss_release_msg(struct gss_upcall_msg *gss_msg)
+ 	if (gss_msg->ctx != NULL)
+ 		gss_put_ctx(gss_msg->ctx);
+ 	rpc_destroy_wait_queue(&gss_msg->rpc_waitqueue);
+	gss_put_auth(gss_msg->auth);
+ 	kfree(gss_msg);
+ }
+ 
+@@ -500,6 +502,7 @@ gss_alloc_msg(struct gss_auth *gss_auth,
+ 		if (err)
+ 			goto err_free_msg;
+ 	};
+	kref_get(&gss_auth->kref);
+ 	return gss_msg;
+ err_free_msg:
+ 	kfree(gss_msg);
+@@ -1071,6 +1074,12 @@ gss_free_callback(struct kref *kref)
+ }
+ 
+ static void
+gss_put_auth(struct gss_auth *gss_auth)
+{
+	kref_put(&gss_auth->kref, gss_free_callback);
+}
+
+static void
+ gss_destroy(struct rpc_auth *auth)
+ {
+ 	struct gss_auth *gss_auth = container_of(auth,
+@@ -1091,7 +1100,7 @@ gss_destroy(struct rpc_auth *auth)
+ 	gss_auth->gss_pipe[1] = NULL;
+ 	rpcauth_destroy_credcache(auth);
+ 
+-	kref_put(&gss_auth->kref, gss_free_callback);
+	gss_put_auth(gss_auth);
+ }
+ 
+ /*
+@@ -1262,7 +1271,7 @@ gss_destroy_nullcred(struct rpc_cred *cred)
+ 	call_rcu(&cred->cr_rcu, gss_free_cred_callback);
+ 	if (ctx)
+ 		gss_put_ctx(ctx);
+-	kref_put(&gss_auth->kref, gss_free_callback);
+	gss_put_auth(gss_auth);
+ }
+ 
+ static void
+-- 
+1.9.0
+
--- a/linux-drd/0001-x86-x32-Correct-invalid-use-of-user-timespec-in-the-.patch
+++ b/linux-drd/0001-x86-x32-Correct-invalid-use-of-user-timespec-in-the-.patch
@ -1,80 +0,0 @@
-From 2def2ef2ae5f3990aabdbe8a755911902707d268 Mon Sep 17 00:00:00 2001
-From: PaX Team <pageexec@freemail.hu>
-Date: Thu, 30 Jan 2014 16:59:25 -0800
-Subject: [PATCH] x86, x32: Correct invalid use of user timespec in the kernel
-
-The x32 case for the recvmsg() timout handling is broken:
-
-  asmlinkage long compat_sys_recvmmsg(int fd, struct compat_mmsghdr __user *mmsg,
-                                      unsigned int vlen, unsigned int flags,
-                                      struct compat_timespec __user *timeout)
-  {
-          int datagrams;
-          struct timespec ktspec;
-
-          if (flags & MSG_CMSG_COMPAT)
-                  return -EINVAL;
-
-          if (COMPAT_USE_64BIT_TIME)
-                  return __sys_recvmmsg(fd, (struct mmsghdr __user *)mmsg, vlen,
-                                        flags | MSG_CMSG_COMPAT,
-                                        (struct timespec *) timeout);
-          ...
-
-The timeout pointer parameter is provided by userland (hence the __user
-annotation) but for x32 syscalls it's simply cast to a kernel pointer
-and is passed to __sys_recvmmsg which will eventually directly
-dereference it for both reading and writing.  Other callers to
-__sys_recvmmsg properly copy from userland to the kernel first.
-
-The bug was introduced by commit ee4fa23c4bfc ("compat: Use
-COMPAT_USE_64BIT_TIME in net/compat.c") and should affect all kernels
-since 3.4 (and perhaps vendor kernels if they backported x32 support
-along with this code).
-
-Note that CONFIG_X86_X32_ABI gets enabled at build time and only if
-CONFIG_X86_X32 is enabled and ld can build x32 executables.
-
-Other uses of COMPAT_USE_64BIT_TIME seem fine.
-
-This addresses CVE-2014-0038.
-
-Signed-off-by: PaX Team <pageexec@freemail.hu>
-Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>
-Cc: <stable@vger.kernel.org> # v3.4+
-Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
---
- net/compat.c | 9 ++-------
- 1 file changed, 2 insertions(+), 7 deletions(-)
-
-diff --git a/net/compat.c b/net/compat.c
-index dd32e34..f50161f 100644
--- a/net/compat.c
-+++ b/net/compat.c
-@@ -780,21 +780,16 @@ asmlinkage long compat_sys_recvmmsg(int fd, struct compat_mmsghdr __user *mmsg,
- 	if (flags & MSG_CMSG_COMPAT)
- 		return -EINVAL;
- 
-	if (COMPAT_USE_64BIT_TIME)
-		return __sys_recvmmsg(fd, (struct mmsghdr __user *)mmsg, vlen,
-				      flags | MSG_CMSG_COMPAT,
-				      (struct timespec *) timeout);
-
- 	if (timeout == NULL)
- 		return __sys_recvmmsg(fd, (struct mmsghdr __user *)mmsg, vlen,
- 				      flags | MSG_CMSG_COMPAT, NULL);
- 
-	if (get_compat_timespec(&ktspec, timeout))
-+	if (compat_get_timespec(&ktspec, timeout))
- 		return -EFAULT;
- 
- 	datagrams = __sys_recvmmsg(fd, (struct mmsghdr __user *)mmsg, vlen,
- 				   flags | MSG_CMSG_COMPAT, &ktspec);
-	if (datagrams > 0 && put_compat_timespec(&ktspec, timeout))
-+	if (datagrams > 0 && compat_put_timespec(&ktspec, timeout))
- 		datagrams = -EFAULT;
- 
- 	return datagrams;
-- 
-1.8.5.3
-
--- a/linux-drd/PKGBUILD
+++ b/linux-drd/PKGBUILD
@ -1,12 +1,12 @@
-# $Id: PKGBUILD 204912 2014-01-31 10:00:00Z bluewind $
+# $Id: PKGBUILD 206322 2014-02-23 22:56:33Z thomas $
 # Maintainer: Tobias Powalowski <tpowa@archlinux.org>
 # Maintainer: Thomas Baechler <thomas@archlinux.org>

 # pkgbase=linux               # Build stock -ARCH kernel
 pkgbase=linux-drd       # Build kernel with a different name
 _srcname=linux-3.13
-pkgver=3.13.1
-pkgrel=2
+pkgver=3.13.5
+pkgrel=1
 arch=('i686' 'x86_64')
 url="http://www.kernel.org/"
 license=('GPL2')
@ -27,19 +27,15 @@ source=(
    '0004-rpc_pipe-remove-the-clntXX-dir-if-creating-the-pipe-.patch'
    '0005-sunrpc-add-an-info-file-for-the-dummy-gssd-pipe.patch'
    '0006-rpc_pipe-fix-cleanup-of-dummy-gssd-directory-when-no.patch'
+    '0001-SUNRPC-Ensure-that-gss_auth-isn-t-freed-before-its-u.patch'
    '0001-syscalls.h-use-gcc-alias-instead-of-assembler-aliase.patch'
    'i8042-fix-aliases.patch'
-    '0001-x86-x32-Correct-invalid-use-of-user-timespec-in-the-.patch'
    'aufs3-standalone::git://git.code.sf.net/p/aufs/aufs3-standalone#branch=aufs3.13'
    # 'aufs3-mmap.patch'
 )

 _kernelname=${pkgbase#linux}

-# module.symbols md5sums
-# x86_64
-# i686
-
 prepare() {
  cd "${srcdir}/${_srcname}"

@ -73,15 +69,16 @@ prepare() {
  # http://git.linux-nfs.org/?p=trondmy/linux-nfs.git;a=commitdiff;h=23e66ba97127ff3b064d4c6c5138aa34eafc492f
  patch -p1 -i "${srcdir}/0006-rpc_pipe-fix-cleanup-of-dummy-gssd-directory-when-no.patch"

+  # Fix FS#38921
+  # http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9eb2ddb48ce3a7bd745c14a933112994647fa3cd
+  patch -p1 -i "${srcdir}/0001-SUNRPC-Ensure-that-gss_auth-isn-t-freed-before-its-u.patch"
+
  # Fix symbols: Revert http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=83460ec8dcac14142e7860a01fa59c267ac4657c
  patch -Rp1 -i "${srcdir}/0001-syscalls.h-use-gcc-alias-instead-of-assembler-aliase.patch"

  # Fix i8042 aliases
  patch -p1 -i "${srcdir}/i8042-fix-aliases.patch"

-  # Fix CVE-2014-0038
-  patch -p1 -i "${srcdir}/0001-x86-x32-Correct-invalid-use-of-user-timespec-in-the-.patch"
-
  ## aufs3
  patch -p1 -i "${srcdir}/aufs3-standalone/aufs3-kbuild.patch"
  patch -p1 -i "${srcdir}/aufs3-standalone/aufs3-base.patch"
@ -383,9 +380,9 @@ for _p in ${pkgname[@]}; do
 done

 md5sums=('0ecbaf65c00374eb4a826c2f9f37606f'
-         '675692f24410f375055d422e7886f3d8'
+         '114c391a592131f1c12544e063173a45'
         'ba4468d313adfaf22368add7f58204aa'
-         '036251c6d0e3cd1b648a881230d8f1bd'
+         'c8643861b5d5b05358fbbf37a48c3e17'
         'eb14dcfd80c00852ef81ded6e826826a'
         '98beb36f9b8cf16e58de2483ea9985e3'
         '989dc54ff8b179b0f80333cc97c0d43f'
@ -395,7 +392,7 @@ md5sums=('0ecbaf65c00374eb4a826c2f9f37606f'
         '10dbaf863e22b2437e68f9190d65c861'
         'd5907a721b97299f0685c583499f7820'
         'a724515b350b29c53f20e631c6cf9a14'
+         '1ae4ec847f41fa1b6d488f956e94c893'
         'e6fa278c092ad83780e2dd0568e24ca6'
         '93dbf73af819b77f03453a9c6de2bb47'
-         '336d2c4afd7ee5f2bdf0dcb1a54df4b2'
         'SKIP')
--- a/linux-drd/config.x86_64
+++ b/linux-drd/config.x86_64
@ -1,6 +1,6 @@
 #
 # Automatically generated file; DO NOT EDIT.
-# Linux/x86 3.13.1-2 Kernel Configuration
+# Linux/x86 3.13.5-1 Kernel Configuration
 #
 CONFIG_64BIT=y
 CONFIG_X86_64=y
@ -1741,6 +1741,7 @@ CONFIG_MD_FAULTY=m
 CONFIG_BCACHE=m
 # CONFIG_BCACHE_DEBUG is not set
 # CONFIG_BCACHE_CLOSURES_DEBUG is not set
+CONFIG_BLK_DEV_DM_BUILTIN=y
 CONFIG_BLK_DEV_DM=m
 # CONFIG_DM_DEBUG is not set
 CONFIG_DM_BUFIO=m