Linux v4.17.7

4 files changed, 5 insertions, 91 deletions

diff --git a/CVE-2018-13405.patch b/CVE-2018-13405.patch
deleted file mode 100644
index 489e11f54..000000000
--- a/CVE-2018-13405.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-From 0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7 Mon Sep 17 00:00:00 2001
-From: Linus Torvalds <torvalds@linux-foundation.org>
-Date: Tue, 3 Jul 2018 17:10:19 -0700
-Subject: [PATCH] Fix up non-directory creation in SGID directories
-
-sgid directories have special semantics, making newly created files in
-the directory belong to the group of the directory, and newly created
-subdirectories will also become sgid.  This is historically used for
-group-shared directories.
-
-But group directories writable by non-group members should not imply
-that such non-group members can magically join the group, so make sure
-to clear the sgid bit on non-directories for non-members (but remember
-that sgid without group execute means "mandatory locking", just to
-confuse things even more).
-
-Reported-by: Jann Horn <jannh@google.com>
-Cc: Andy Lutomirski <luto@kernel.org>
-Cc: Al Viro <viro@zeniv.linux.org.uk>
-Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-Signed-off-by: Jeremy Cline <jcline@redhat.com>
----
- fs/inode.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/fs/inode.c b/fs/inode.c
-index 2c300e981796..8c86c809ca17 100644
---- a/fs/inode.c
-+++ b/fs/inode.c
-@@ -1999,8 +1999,14 @@ void inode_init_owner(struct inode *inode, const struct inode *dir,
- 	inode->i_uid = current_fsuid();
- 	if (dir && dir->i_mode & S_ISGID) {
- 		inode->i_gid = dir->i_gid;
-+
-+		/* Directories are special, and always inherit S_ISGID */
- 		if (S_ISDIR(mode))
- 			mode |= S_ISGID;
-+		else if ((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP) &&
-+			 !in_group_p(inode->i_gid) &&
-+			 !capable_wrt_inode_uidgid(dir, CAP_FSETID))
-+			mode &= ~S_ISGID;
- 	} else
- 		inode->i_gid = current_fsgid();
- 	inode->i_mode = mode;
--- 
-2.17.1
-
diff --git a/kernel.spec b/kernel.spec
index 39b98ba13..6416e2a9f 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -54,7 +54,7 @@ Summary: The Linux kernel
 %if 0%{?released_kernel}
 
 # Do we have a -stable update to apply?
-%define stable_update 6
+%define stable_update 7
 # Set rpm version accordingly
 %if 0%{?stable_update}
 %define stablerev %{stable_update}
@@ -668,12 +668,6 @@ Patch522: 0001-xfs-don-t-call-xfs_da_shrink_inode-with-NULL-bp.patch
 # CVE-2018-13095 rhbz 1597775 1597777
 Patch523: 0001-xfs-More-robust-inode-extent-count-validation.patch
 
-# CVE-2018-13405 rhbz 1599161 1599162
-Patch524: CVE-2018-13405.patch
-
-# rhbz 1592976
-Patch525: xen-remove-global-bit-from-__default_kernel_pte_mask.patch
-
 # rhbz 1597333
 Patch526: xhci-Fix-perceived-dead-host-due-to-runtime-suspend-.patch
 
@@ -1926,6 +1920,9 @@ fi
 #
 #
 %changelog
+* Tue Jul 17 2018 Justin M. Forbes <jforbes@fedoraproject.org> - 4.17.7-100
+- Linux v4.17.7
+
 * Thu Jul 12 2018 Jeremy Cline <jeremy@jcline.org>
 - Avoid an early WARN_ON in Xen (rhbz 1592976)
 - Fix perceived dead xhci host (rhbz 1597333)
diff --git a/sources b/sources
index b72509361..c3220eb6d 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
 SHA512 (linux-4.17.tar.xz) = 4d9de340a26155a89ea8773131c76220cc2057f2b5d031b467b60e8b14c1842518e2d60a863d8c695f0f7640f3f18d43826201984a238dade857b6cef79837db
-SHA512 (patch-4.17.6.xz) = 4b791d94db704cbbe3dbf6b340735fe7999957741f116ca14060ced836aece1d4b51d0c3f376af1564e7379fbb9c9132a8e4d021fc74599f3ab037237d718651
+SHA512 (patch-4.17.7.xz) = 955342b78da2977dbd08ff0acb7e681c646b1dfceef71246a08bdd102e0b2ad41f3eb7c353755ed1da2e1a5d9138476adc7bf11fd732a3033b6f8aac457dac75
diff --git a/xen-remove-global-bit-from-__default_kernel_pte_mask.patch b/xen-remove-global-bit-from-__default_kernel_pte_mask.patch
deleted file mode 100644
index 6f9b7f7be..000000000
--- a/xen-remove-global-bit-from-__default_kernel_pte_mask.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-From e69b5d308da72cbf4e7911c3979f9a46d28532af Mon Sep 17 00:00:00 2001
-From: Juergen Gross <jgross@suse.com>
-Date: Mon, 2 Jul 2018 12:00:18 +0200
-Subject: [PATCH] xen: remove global bit from __default_kernel_pte_mask for pv
- guests
-
-When removing the global bit from __supported_pte_mask do the same for
-__default_kernel_pte_mask in order to avoid the WARN_ONCE() in
-check_pgprot() when setting a kernel pte before having called
-init_mem_mapping().
-
-Cc: <stable@vger.kernel.org> # 4.17
-Reported-by: Michael Young <m.a.young@durham.ac.uk>
-Signed-off-by: Juergen Gross <jgross@suse.com>
-Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
-Signed-off-by: Juergen Gross <jgross@suse.com>
-Signed-off-by: Jeremy Cline <jcline@redhat.com>
----
- arch/x86/xen/enlighten_pv.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/arch/x86/xen/enlighten_pv.c b/arch/x86/xen/enlighten_pv.c
-index 8d4e2e1ae60b..4816b6f82a9a 100644
---- a/arch/x86/xen/enlighten_pv.c
-+++ b/arch/x86/xen/enlighten_pv.c
-@@ -1229,6 +1229,7 @@ asmlinkage __visible void __init xen_start_kernel(void)
- 
- 	/* Prevent unwanted bits from being set in PTEs. */
- 	__supported_pte_mask &= ~_PAGE_GLOBAL;
-+	__default_kernel_pte_mask &= ~_PAGE_GLOBAL;
- 
- 	/*
- 	 * Prevent page tables from being allocated in highmem, even
--- 
-2.17.1
-