summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJosh Boyer <jwboyer@fedoraproject.org>2015-02-23 11:30:18 -0500
committerJosh Boyer <jwboyer@fedoraproject.org>2015-02-23 11:30:23 -0500
commitd7293323e7b09ea8bd2f0bbdb43a9b169562bc4d (patch)
treefc7e0f0250044ba9fa8595e4f60eb5cf853c5342
parentea9098159c5db0c8cee08ee41ee147509c904eb3 (diff)
downloadkernel-d7293323e7b09ea8bd2f0bbdb43a9b169562bc4d.tar.gz
kernel-d7293323e7b09ea8bd2f0bbdb43a9b169562bc4d.tar.xz
kernel-d7293323e7b09ea8bd2f0bbdb43a9b169562bc4d.zip
Linux v4.0-rc1
- CVE-2015-0275 ext4: fallocate zero range page size > block size BUG (rhbz 1193907 1195178) - Disable debugging options. Yay for major version bumps :\. We grab the full rc1 tarball instead of just the patch to make this way less messy in the spec. When 4.0 final is released, we'll need to undo a few specific hacks. Namely, we need to redefine: upstream_sublevel kversion Source0 back to the standard definitions. Thanks to Kyle for figuring this out 3 years ago.
-rw-r--r--ASLR-fix-stack-randomization-on-64-bit-systems.patch104
-rw-r--r--Add-option-to-automatically-enforce-module-signature.patch14
-rw-r--r--Add-sysrq-option-to-disable-secure-boot-mode.patch6
-rw-r--r--Kbuild-Add-an-option-to-enable-GCC-VTA.patch2
-rw-r--r--Revert-Revert-ACPI-video-change-acpi-video-brightnes.patch2
-rw-r--r--arm-highbank-l2-reverts.patch2
-rw-r--r--config-arm-generic3
-rw-r--r--config-armv72
-rw-r--r--config-armv7-generic3
-rw-r--r--config-generic12
-rw-r--r--config-nodebug114
-rw-r--r--config-x86-32-generic1
-rw-r--r--config-x86-generic2
-rw-r--r--efi-Add-EFI_SECURE_BOOT-bit.patch4
-rw-r--r--efi-Make-EFI_SECURE_BOOT_SIG_ENFORCE-depend-on-EFI.patch4
-rw-r--r--ext4-Allocate-entire-range-in-zero-range.patch78
-rw-r--r--kernel.spec76
-rw-r--r--ntp-Fixup-adjtimex-freq-validation-on-32bit-systems.patch45
-rw-r--r--sources5
-rw-r--r--vhost-scsi-potential-memory-corruption.patch53
20 files changed, 204 insertions, 328 deletions
diff --git a/ASLR-fix-stack-randomization-on-64-bit-systems.patch b/ASLR-fix-stack-randomization-on-64-bit-systems.patch
deleted file mode 100644
index b382815f8..000000000
--- a/ASLR-fix-stack-randomization-on-64-bit-systems.patch
+++ /dev/null
@@ -1,104 +0,0 @@
-From: Hector Marco-Gisbert <hecmargi@upv.es>
-Date: Sat, 14 Feb 2015 09:33:50 -0800
-Subject: [PATCH] ASLR: fix stack randomization on 64-bit systems
-
-The issue is that the stack for processes is not properly randomized on 64 bit
-architectures due to an integer overflow.
-
-The affected function is randomize_stack_top() in file "fs/binfmt_elf.c":
-
-static unsigned long randomize_stack_top(unsigned long stack_top)
-{
- unsigned int random_variable = 0;
-
- if ((current->flags & PF_RANDOMIZE) &&
- !(current->personality & ADDR_NO_RANDOMIZE)) {
- random_variable = get_random_int() & STACK_RND_MASK;
- random_variable <<= PAGE_SHIFT;
- }
- return PAGE_ALIGN(stack_top) + random_variable;
- return PAGE_ALIGN(stack_top) - random_variable;
-}
-
-Note that, it declares the "random_variable" variable as "unsigned int". Since
-the result of the shifting operation between STACK_RND_MASK (which is
-0x3fffff on x86_64, 22 bits) and PAGE_SHIFT (which is 12 on x86_64):
-
-random_variable <<= PAGE_SHIFT;
-
-then the two leftmost bits are dropped when storing the result in the
-"random_variable". This variable shall be at least 34 bits long to hold the
-(22+12) result.
-
-These two dropped bits have an impact on the entropy of process stack.
-Concretely, the total stack entropy is reduced by four: from 2^28 to 2^30 (One
-fourth of expected entropy).
-
-This patch restores back the entropy by correcting the types involved in the
-operations in the functions randomize_stack_top() and stack_maxrandom_size().
-
-The successful fix can be tested with:
-$ for i in `seq 1 10`; do cat /proc/self/maps | grep stack; done
-7ffeda566000-7ffeda587000 rw-p 00000000 00:00 0 [stack]
-7fff5a332000-7fff5a353000 rw-p 00000000 00:00 0 [stack]
-7ffcdb7a1000-7ffcdb7c2000 rw-p 00000000 00:00 0 [stack]
-7ffd5e2c4000-7ffd5e2e5000 rw-p 00000000 00:00 0 [stack]
-...
-
-Once corrected, the leading bytes should be between 7ffc and 7fff, rather
-than always being 7fff.
-
-CVE-2015-1593
-
-Signed-off-by: Hector Marco-Gisbert <hecmargi@upv.es>
-Signed-off-by: Ismael Ripoll <iripoll@upv.es>
-[kees: rebase, fix 80 char, clean up commit message, add test example, cve]
-Signed-off-by: Kees Cook <keescook@chromium.org>
-Cc: stable@vger.kernel.org
----
- arch/x86/mm/mmap.c | 6 +++---
- fs/binfmt_elf.c | 5 +++--
- 2 files changed, 6 insertions(+), 5 deletions(-)
-
-diff --git a/arch/x86/mm/mmap.c b/arch/x86/mm/mmap.c
-index 919b91205cd4..df4552bd239e 100644
---- a/arch/x86/mm/mmap.c
-+++ b/arch/x86/mm/mmap.c
-@@ -35,12 +35,12 @@ struct va_alignment __read_mostly va_align = {
- .flags = -1,
- };
-
--static unsigned int stack_maxrandom_size(void)
-+static unsigned long stack_maxrandom_size(void)
- {
-- unsigned int max = 0;
-+ unsigned long max = 0;
- if ((current->flags & PF_RANDOMIZE) &&
- !(current->personality & ADDR_NO_RANDOMIZE)) {
-- max = ((-1U) & STACK_RND_MASK) << PAGE_SHIFT;
-+ max = ((-1UL) & STACK_RND_MASK) << PAGE_SHIFT;
- }
-
- return max;
-diff --git a/fs/binfmt_elf.c b/fs/binfmt_elf.c
-index 02b16910f4c9..995986b8e36b 100644
---- a/fs/binfmt_elf.c
-+++ b/fs/binfmt_elf.c
-@@ -645,11 +645,12 @@ out:
-
- static unsigned long randomize_stack_top(unsigned long stack_top)
- {
-- unsigned int random_variable = 0;
-+ unsigned long random_variable = 0;
-
- if ((current->flags & PF_RANDOMIZE) &&
- !(current->personality & ADDR_NO_RANDOMIZE)) {
-- random_variable = get_random_int() & STACK_RND_MASK;
-+ random_variable = (unsigned long) get_random_int();
-+ random_variable &= STACK_RND_MASK;
- random_variable <<= PAGE_SHIFT;
- }
- #ifdef CONFIG_STACK_GROWSUP
---
-2.1.0
-
diff --git a/Add-option-to-automatically-enforce-module-signature.patch b/Add-option-to-automatically-enforce-module-signature.patch
index 4f251711c..8f9122481 100644
--- a/Add-option-to-automatically-enforce-module-signature.patch
+++ b/Add-option-to-automatically-enforce-module-signature.patch
@@ -20,7 +20,7 @@ Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
7 files changed, 69 insertions(+), 1 deletion(-)
diff --git a/Documentation/x86/zero-page.txt b/Documentation/x86/zero-page.txt
-index 199f453cb4de..ec38acf00b40 100644
+index 82fbdbc1e0b0..a811210ad486 100644
--- a/Documentation/x86/zero-page.txt
+++ b/Documentation/x86/zero-page.txt
@@ -30,6 +30,8 @@ Offset Proto Name Meaning
@@ -33,10 +33,10 @@ index 199f453cb4de..ec38acf00b40 100644
290/040 ALL edd_mbr_sig_buffer EDD MBR signatures
2D0/A00 ALL e820_map E820 memory map table
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
-index eb1cf898ed3c..a2a0a1636287 100644
+index c2fb8a87dccb..0ec6272203e4 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
-@@ -1678,6 +1678,16 @@ config EFI_MIXED
+@@ -1694,6 +1694,16 @@ config EFI_MIXED
If unsure, say N.
@@ -115,10 +115,10 @@ index ef17683484e9..105e7360d747 100644
setup_efi_pci(boot_params);
diff --git a/arch/x86/include/uapi/asm/bootparam.h b/arch/x86/include/uapi/asm/bootparam.h
-index 225b0988043a..90dbfb73e11f 100644
+index 44e6dd7e36a2..3ddf4150bd9e 100644
--- a/arch/x86/include/uapi/asm/bootparam.h
+++ b/arch/x86/include/uapi/asm/bootparam.h
-@@ -133,7 +133,8 @@ struct boot_params {
+@@ -134,7 +134,8 @@ struct boot_params {
__u8 eddbuf_entries; /* 0x1e9 */
__u8 edd_mbr_sig_buf_entries; /* 0x1ea */
__u8 kbd_status; /* 0x1eb */
@@ -129,10 +129,10 @@ index 225b0988043a..90dbfb73e11f 100644
* The sentinel is set to a nonzero value (0xff) in header.S.
*
diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
-index 0a2421cca01f..a3d8174dedf9 100644
+index 98dc9317286e..26741d24797e 100644
--- a/arch/x86/kernel/setup.c
+++ b/arch/x86/kernel/setup.c
-@@ -1151,6 +1151,12 @@ void __init setup_arch(char **cmdline_p)
+@@ -1165,6 +1165,12 @@ void __init setup_arch(char **cmdline_p)
io_delay_init();
diff --git a/Add-sysrq-option-to-disable-secure-boot-mode.patch b/Add-sysrq-option-to-disable-secure-boot-mode.patch
index 76b493bb3..a22af8297 100644
--- a/Add-sysrq-option-to-disable-secure-boot-mode.patch
+++ b/Add-sysrq-option-to-disable-secure-boot-mode.patch
@@ -15,7 +15,7 @@ Upstream-status: Fedora mustard
7 files changed, 65 insertions(+), 10 deletions(-)
diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
-index 26c5d54124c1..dab298f03a9c 100644
+index 64a123acb97f..2964c69e7c8e 100644
--- a/arch/x86/kernel/setup.c
+++ b/arch/x86/kernel/setup.c
@@ -70,6 +70,11 @@
@@ -30,7 +30,7 @@ index 26c5d54124c1..dab298f03a9c 100644
#include <video/edid.h>
#include <asm/mtrr.h>
-@@ -1278,6 +1283,37 @@ void __init i386_reserve_resources(void)
+@@ -1292,6 +1297,37 @@ void __init i386_reserve_resources(void)
#endif /* CONFIG_X86_32 */
@@ -215,7 +215,7 @@ index 387fa7d05c98..4b07e30b3279 100644
int unregister_sysrq_key(int key, struct sysrq_key_op *op);
struct sysrq_key_op *__sysrq_get_key_op(int key);
diff --git a/kernel/debug/kdb/kdb_main.c b/kernel/debug/kdb/kdb_main.c
-index 7b40c5f07dce..8a60477b96e1 100644
+index 4121345498e0..0ff3cef5df96 100644
--- a/kernel/debug/kdb/kdb_main.c
+++ b/kernel/debug/kdb/kdb_main.c
@@ -1968,7 +1968,7 @@ static int kdb_sr(int argc, const char **argv)
diff --git a/Kbuild-Add-an-option-to-enable-GCC-VTA.patch b/Kbuild-Add-an-option-to-enable-GCC-VTA.patch
index c3f957b76..6eae7b8b1 100644
--- a/Kbuild-Add-an-option-to-enable-GCC-VTA.patch
+++ b/Kbuild-Add-an-option-to-enable-GCC-VTA.patch
@@ -43,7 +43,7 @@ Signed-off-by: Josh Stone <jistone@redhat.com>
2 files changed, 21 insertions(+), 1 deletion(-)
diff --git a/Makefile b/Makefile
-index 19e256ae2679..376e8a456f72 100644
+index 9fab639727c7..d67b25152475 100644
--- a/Makefile
+++ b/Makefile
@@ -706,7 +706,11 @@ KBUILD_CFLAGS += -fomit-frame-pointer
diff --git a/Revert-Revert-ACPI-video-change-acpi-video-brightnes.patch b/Revert-Revert-ACPI-video-change-acpi-video-brightnes.patch
index 27f5276eb..d10088ab7 100644
--- a/Revert-Revert-ACPI-video-change-acpi-video-brightnes.patch
+++ b/Revert-Revert-ACPI-video-change-acpi-video-brightnes.patch
@@ -28,7 +28,7 @@ index bfcb1a62a7b4..a1d62e9ed29b 100644
virtio_mmio.device=
[VMMIO] Memory mapped virtio (platform) device.
diff --git a/drivers/acpi/video.c b/drivers/acpi/video.c
-index 88a4f99dd2a7..570920c08a51 100644
+index debd30917010..eeb4cf627553 100644
--- a/drivers/acpi/video.c
+++ b/drivers/acpi/video.c
@@ -68,7 +68,7 @@ MODULE_AUTHOR("Bruno Ducrot");
diff --git a/arm-highbank-l2-reverts.patch b/arm-highbank-l2-reverts.patch
index b50c20dab..9b886d00d 100644
--- a/arm-highbank-l2-reverts.patch
+++ b/arm-highbank-l2-reverts.patch
@@ -9,7 +9,7 @@ Will debug upstream separately, but we need F22/21 running there. (#1139762)
1 file changed, 12 insertions(+), 9 deletions(-)
diff --git a/arch/arm/mach-highbank/highbank.c b/arch/arm/mach-highbank/highbank.c
-index 07a09570175d..5db6d14fcd67 100644
+index 231fba0d03e5..0de5a6ddd5eb 100644
--- a/arch/arm/mach-highbank/highbank.c
+++ b/arch/arm/mach-highbank/highbank.c
@@ -51,13 +51,11 @@ static void __init highbank_scu_map_io(void)
diff --git a/config-arm-generic b/config-arm-generic
index 47d524fd3..30b043642 100644
--- a/config-arm-generic
+++ b/config-arm-generic
@@ -196,9 +196,6 @@ CONFIG_IIO_SYSFS_TRIGGER=m
# PHY framework
CONFIG_GENERIC_PHY=y
-# MFD
-CONFIG_MFD_CORE=m
-
CONFIG_SMC91X=m
CONFIG_SMC911X=m
diff --git a/config-armv7 b/config-armv7
index 81175c22e..7f76e3893 100644
--- a/config-armv7
+++ b/config-armv7
@@ -329,6 +329,8 @@ CONFIG_PINCTRL_MSM8X74=m
CONFIG_PINCTRL_MSM8916=m
CONFIG_PINCTRL_QCOM_SPMI_PMIC=m
CONFIG_COMMON_CLK_QCOM=m
+# CONFIG_IPQ_LCC_806X is not set
+# CONFIG_MSM_LCC_8960 is not set
CONFIG_MFD_QCOM_RPM=m
CONFIG_MFD_PM8921_CORE=m
CONFIG_REGULATOR_QCOM_RPM=m
diff --git a/config-armv7-generic b/config-armv7-generic
index 761fd0224..74aa6fd0e 100644
--- a/config-armv7-generic
+++ b/config-armv7-generic
@@ -408,8 +408,6 @@ CONFIG_DRM_PANEL_S6E8AA0=m
CONFIG_DRM_PANEL_SHARP_LQ101R1SX01=m
# regmap
-CONFIG_REGMAP=y
-CONFIG_REGMAP_I2C=m
CONFIG_REGMAP_SPI=m
CONFIG_REGMAP_SPMI=m
CONFIG_REGMAP_MMIO=m
@@ -835,6 +833,7 @@ CONFIG_SND_SOC_TS3A227E=m
# CONFIG_INPUT_AXP20X_PEK is not set
# CONFIG_POWER_RESET_BRCMSTB is not set
# CONFIG_INPUT_TPS65218_PWRBUTTON is not set
+# CONFIG_CLK_QORIQ is not set
# Debug options. We need to deal with them at some point like x86
# CONFIG_DEBUG_USER is not set
diff --git a/config-generic b/config-generic
index 06b8c5750..7ce786e16 100644
--- a/config-generic
+++ b/config-generic
@@ -201,6 +201,7 @@ CONFIG_BINFMT_MISC=m
#
# CONFIG_COMMON_CLK_SI5351 is not set
+# CONFIG_COMMON_CLK_CDCE706 is not set
#
# Generic Driver Options
@@ -214,6 +215,9 @@ CONFIG_EXTRA_FIRMWARE=""
# CONFIG_FW_LOADER_USER_HELPER is not set
# CONFIG_FW_LOADER_USER_HELPER_FALLBACK is not set
+CONFIG_REGMAP=y
+CONFIG_REGMAP_I2C=m
+
# CONFIG_CMA is not set
# CONFIG_DMA_CMA is not set
# CONFIG_FENCE_TRACE is not set
@@ -1713,13 +1717,13 @@ CONFIG_B43_PCMCIA=y
CONFIG_B43_SDIO=y
CONFIG_B43_BCMA=y
CONFIG_B43_BCMA_PIO=y
-CONFIG_B43_DEBUG=y
+# CONFIG_B43_DEBUG is not set
CONFIG_B43_PHY_LP=y
CONFIG_B43_PHY_N=y
CONFIG_B43_PHY_HT=y
CONFIG_B43_PHY_G=y
CONFIG_B43LEGACY=m
-CONFIG_B43LEGACY_DEBUG=y
+# CONFIG_B43LEGACY_DEBUG is not set
CONFIG_B43LEGACY_DMA=y
CONFIG_B43LEGACY_PIO=y
CONFIG_B43LEGACY_DMA_AND_PIO_MODE=y
@@ -4056,6 +4060,8 @@ CONFIG_PCF50633_GPIO=m
CONFIG_INPUT_PCF50633_PMU=m
CONFIG_INPUT_GPIO_ROTARY_ENCODER=m
+CONFIG_MFD_CORE=m
+
CONFIG_MFD_VX855=m
CONFIG_MFD_SM501=m
CONFIG_MFD_SM501_GPIO=y
@@ -4778,7 +4784,7 @@ CONFIG_PM_DEBUG=y
# CONFIG_DPM_WATCHDOG is not set # revisit this in debug
CONFIG_PM_TRACE=y
CONFIG_PM_TRACE_RTC=y
-CONFIG_PM_TEST_SUSPEND=y
+# CONFIG_PM_TEST_SUSPEND is not set
CONFIG_PM_RUNTIME=y
# CONFIG_PM_OPP is not set
# CONFIG_PM_AUTOSLEEP is not set
diff --git a/config-nodebug b/config-nodebug
index 6c098422a..01008d646 100644
--- a/config-nodebug
+++ b/config-nodebug
@@ -2,100 +2,100 @@ CONFIG_SND_VERBOSE_PRINTK=y
CONFIG_SND_DEBUG=y
CONFIG_SND_PCM_XRUN_DEBUG=y
-CONFIG_DEBUG_ATOMIC_SLEEP=y
-
-CONFIG_DEBUG_MUTEXES=y
-CONFIG_DEBUG_RT_MUTEXES=y
-CONFIG_DEBUG_LOCK_ALLOC=y
-CONFIG_LOCK_TORTURE_TEST=m
-CONFIG_PROVE_LOCKING=y
-CONFIG_DEBUG_SPINLOCK=y
-CONFIG_PROVE_RCU=y
+# CONFIG_DEBUG_ATOMIC_SLEEP is not set
+
+# CONFIG_DEBUG_MUTEXES is not set
+# CONFIG_DEBUG_RT_MUTEXES is not set
+# CONFIG_DEBUG_LOCK_ALLOC is not set
+# CONFIG_LOCK_TORTURE_TEST is not set
+# CONFIG_PROVE_LOCKING is not set
+# CONFIG_DEBUG_SPINLOCK is not set
+# CONFIG_PROVE_RCU is not set
# CONFIG_PROVE_RCU_REPEATEDLY is not set
-CONFIG_DEBUG_PER_CPU_MAPS=y
+# CONFIG_DEBUG_PER_CPU_MAPS is not set
CONFIG_CPUMASK_OFFSTACK=y
-CONFIG_CPU_NOTIFIER_ERROR_INJECT=m
+# CONFIG_CPU_NOTIFIER_ERROR_INJECT is not set
-CONFIG_FAULT_INJECTION=y
-CONFIG_FAILSLAB=y
-CONFIG_FAIL_PAGE_ALLOC=y
-CONFIG_FAIL_MAKE_REQUEST=y
-CONFIG_FAULT_INJECTION_DEBUG_FS=y
-CONFIG_FAULT_INJECTION_STACKTRACE_FILTER=y
-CONFIG_FAIL_IO_TIMEOUT=y
-CONFIG_FAIL_MMC_REQUEST=y
+# CONFIG_FAULT_INJECTION is not set
+# CONFIG_FAILSLAB is not set
+# CONFIG_FAIL_PAGE_ALLOC is not set
+# CONFIG_FAIL_MAKE_REQUEST is not set
+# CONFIG_FAULT_INJECTION_DEBUG_FS is not set
+# CONFIG_FAULT_INJECTION_STACKTRACE_FILTER is not set
+# CONFIG_FAIL_IO_TIMEOUT is not set
+# CONFIG_FAIL_MMC_REQUEST is not set
-CONFIG_LOCK_STAT=y
+# CONFIG_LOCK_STAT is not set
-CONFIG_DEBUG_STACK_USAGE=y
+# CONFIG_DEBUG_STACK_USAGE is not set
-CONFIG_ACPI_DEBUG=y
+# CONFIG_ACPI_DEBUG is not set
-CONFIG_DEBUG_SG=y
-CONFIG_DEBUG_PI_LIST=y
+# CONFIG_DEBUG_SG is not set
+# CONFIG_DEBUG_PI_LIST is not set
# CONFIG_PAGE_EXTENSION is not set
# CONFIG_PAGE_OWNER is not set
# CONFIG_DEBUG_PAGEALLOC is not set
-CONFIG_DEBUG_OBJECTS=y
+# CONFIG_DEBUG_OBJECTS is not set
# CONFIG_DEBUG_OBJECTS_SELFTEST is not set
-CONFIG_DEBUG_OBJECTS_FREE=y
-CONFIG_DEBUG_OBJECTS_TIMERS=y
-CONFIG_DEBUG_OBJECTS_RCU_HEAD=y
+# CONFIG_DEBUG_OBJECTS_FREE is not set
+# CONFIG_DEBUG_OBJECTS_TIMERS is not set
+# CONFIG_DEBUG_OBJECTS_RCU_HEAD is not set
CONFIG_DEBUG_OBJECTS_ENABLE_DEFAULT=1
CONFIG_X86_PTDUMP=y
-CONFIG_ARM64_PTDUMP=y
-CONFIG_EFI_PGT_DUMP=y
+# CONFIG_ARM64_PTDUMP is not set
+# CONFIG_EFI_PGT_DUMP is not set
-CONFIG_CAN_DEBUG_DEVICES=y
+# CONFIG_CAN_DEBUG_DEVICES is not set
-CONFIG_MODULE_FORCE_UNLOAD=y
+# CONFIG_MODULE_FORCE_UNLOAD is not set
-CONFIG_DEBUG_NOTIFIERS=y
+# CONFIG_DEBUG_NOTIFIERS is not set
-CONFIG_DMA_API_DEBUG=y
+# CONFIG_DMA_API_DEBUG is not set
-CONFIG_MMIOTRACE=y
+# CONFIG_MMIOTRACE is not set
-CONFIG_DEBUG_CREDENTIALS=y
+# CONFIG_DEBUG_CREDENTIALS is not set
# off in both production debug and nodebug builds,
# on in rawhide nodebug builds
-CONFIG_DEBUG_FORCE_WEAK_PER_CPU=y
+# CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set
-CONFIG_EXT4_DEBUG=y
+# CONFIG_EXT4_DEBUG is not set
# CONFIG_XFS_WARN is not set
-CONFIG_DEBUG_PERF_USE_VMALLOC=y
+# CONFIG_DEBUG_PERF_USE_VMALLOC is not set
-CONFIG_JBD2_DEBUG=y
+# CONFIG_JBD2_DEBUG is not set
-CONFIG_NFSD_FAULT_INJECTION=y
+# CONFIG_NFSD_FAULT_INJECTION is not set
-CONFIG_DEBUG_BLK_CGROUP=y
+# CONFIG_DEBUG_BLK_CGROUP is not set
-CONFIG_DRBD_FAULT_INJECTION=y
+# CONFIG_DRBD_FAULT_INJECTION is not set
-CONFIG_ATH_DEBUG=y
-CONFIG_CARL9170_DEBUGFS=y
-CONFIG_IWLWIFI_DEVICE_TRACING=y
+# CONFIG_ATH_DEBUG is not set
+# CONFIG_CARL9170_DEBUGFS is not set
+# CONFIG_IWLWIFI_DEVICE_TRACING is not set
# CONFIG_RTLWIFI_DEBUG is not set
-CONFIG_DEBUG_OBJECTS_WORK=y
+# CONFIG_DEBUG_OBJECTS_WORK is not set
-CONFIG_DMADEVICES_DEBUG=y
-CONFIG_DMADEVICES_VDEBUG=y
+# CONFIG_DMADEVICES_DEBUG is not set
+# CONFIG_DMADEVICES_VDEBUG is not set
CONFIG_PM_ADVANCED_DEBUG=y
-CONFIG_CEPH_LIB_PRETTYDEBUG=y
-CONFIG_QUOTA_DEBUG=y
+# CONFIG_CEPH_LIB_PRETTYDEBUG is not set
+# CONFIG_QUOTA_DEBUG is not set
CONFIG_KGDB_KDB=y
@@ -103,18 +103,18 @@ CONFIG_KDB_DEFAULT_ENABLE=0x0
CONFIG_KDB_KEYBOARD=y
CONFIG_KDB_CONTINUE_CATASTROPHIC=0
-CONFIG_DEBUG_OBJECTS_PERCPU_COUNTER=y
+# CONFIG_DEBUG_OBJECTS_PERCPU_COUNTER is not set
# CONFIG_PERCPU_TEST is not set
-CONFIG_TEST_LIST_SORT=y
+# CONFIG_TEST_LIST_SORT is not set
# CONFIG_TEST_STRING_HELPERS is not set
-CONFIG_DETECT_HUNG_TASK=y
+# CONFIG_DETECT_HUNG_TASK is not set
CONFIG_DEFAULT_HUNG_TASK_TIMEOUT=120
# CONFIG_BOOTPARAM_HUNG_TASK_PANIC is not set
-CONFIG_X86_BOOTPARAM_MEMORY_CORRUPTION_CHECK=y
+# CONFIG_X86_BOOTPARAM_MEMORY_CORRUPTION_CHECK is not set
-CONFIG_DEBUG_KMEMLEAK=y
+# CONFIG_DEBUG_KMEMLEAK is not set
CONFIG_DEBUG_KMEMLEAK_EARLY_LOG_SIZE=1024
# CONFIG_DEBUG_KMEMLEAK_TEST is not set
CONFIG_DEBUG_KMEMLEAK_DEFAULT_OFF=y
@@ -125,7 +125,7 @@ CONFIG_DEBUG_KMEMLEAK_DEFAULT_OFF=y
# CONFIG_SPI_DEBUG is not set
-CONFIG_X86_DEBUG_STATIC_CPU_HAS=y
+# CONFIG_X86_DEBUG_STATIC_CPU_HAS is not set
# CONFIG_SCHEDSTATS is not set
# CONFIG_LATENCYTOP is not set
diff --git a/config-x86-32-generic b/config-x86-32-generic
index 78814522d..ba25ddb4d 100644
--- a/config-x86-32-generic
+++ b/config-x86-32-generic
@@ -178,6 +178,7 @@ CONFIG_SERIAL_GRLIB_GAISLER_APBUART=m
# CONFIG_MMC_SDHCI_OF is not set
# CONFIG_X86_INTEL_MID is not set
+# CONFIG_X86_INTEL_QUARK is not set
CONFIG_MFD_CS5535=m
# CONFIG_MFD_SYSCON is not set
diff --git a/config-x86-generic b/config-x86-generic
index 1aadc94cc..ed384c358 100644
--- a/config-x86-generic
+++ b/config-x86-generic
@@ -348,7 +348,7 @@ CONFIG_SP5100_TCO=m
# CONFIG_MEMTEST is not set
# CONFIG_DEBUG_TLBFLUSH is not set
-CONFIG_MAXSMP=y
+# CONFIG_MAXSMP is not set
CONFIG_HP_ILO=m
diff --git a/efi-Add-EFI_SECURE_BOOT-bit.patch b/efi-Add-EFI_SECURE_BOOT-bit.patch
index df9a0dfcb..f0110ea86 100644
--- a/efi-Add-EFI_SECURE_BOOT-bit.patch
+++ b/efi-Add-EFI_SECURE_BOOT-bit.patch
@@ -12,10 +12,10 @@ Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org>
2 files changed, 3 insertions(+)
diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
-index a3d8174dedf9..26c5d54124c1 100644
+index 26741d24797e..64a123acb97f 100644
--- a/arch/x86/kernel/setup.c
+++ b/arch/x86/kernel/setup.c
-@@ -1153,7 +1153,9 @@ void __init setup_arch(char **cmdline_p)
+@@ -1167,7 +1167,9 @@ void __init setup_arch(char **cmdline_p)
#ifdef CONFIG_EFI_SECURE_BOOT_SIG_ENFORCE
if (boot_params.secure_boot) {
diff --git a/efi-Make-EFI_SECURE_BOOT_SIG_ENFORCE-depend-on-EFI.patch b/efi-Make-EFI_SECURE_BOOT_SIG_ENFORCE-depend-on-EFI.patch
index 5db62eed9..f4cdd8d35 100644
--- a/efi-Make-EFI_SECURE_BOOT_SIG_ENFORCE-depend-on-EFI.patch
+++ b/efi-Make-EFI_SECURE_BOOT_SIG_ENFORCE-depend-on-EFI.patch
@@ -11,10 +11,10 @@ Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org>
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
-index a2a0a1636287..5b5c9e803d19 100644
+index 0ec6272203e4..9d8c58783e7d 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
-@@ -1679,7 +1679,8 @@ config EFI_MIXED
+@@ -1695,7 +1695,8 @@ config EFI_MIXED
If unsure, say N.
config EFI_SECURE_BOOT_SIG_ENFORCE
diff --git a/ext4-Allocate-entire-range-in-zero-range.patch b/ext4-Allocate-entire-range-in-zero-range.patch
new file mode 100644
index 000000000..3b35e1a1b
--- /dev/null
+++ b/ext4-Allocate-entire-range-in-zero-range.patch
@@ -0,0 +1,78 @@
+From: Lukas Czerner <lczerner@redhat.com>
+Date: Wed, 18 Feb 2015 17:49:28 +0100
+Subject: [PATCH] ext4: Allocate entire range in zero range
+
+Currently there is a bug in zero range code which causes zero range
+calls to only allocate block aligned portion of the range, while
+ignoring the rest in some cases.
+
+In some cases, namely if the end of the range is past isize, we do
+attempt to preallocate the last nonaligned block. However this might
+cause kernel to BUG() in some carefully designed zero range requests on
+setups where page size > block size.
+
+Fix this problem by first preallocating the entire range, including the
+nonaligned edges and converting the written extents to unwritten in the
+next step. This approach will also give us the advantage of having the
+range to be as linearly contiguous as possible.
+
+Signed-off-by: Lukas Czerner <lczerner@redhat.com>
+---
+ fs/ext4/extents.c | 31 +++++++++++++++++++------------
+ 1 file changed, 19 insertions(+), 12 deletions(-)
+
+diff --git a/fs/ext4/extents.c b/fs/ext4/extents.c
+index bed43081720f..aa522429b751 100644
+--- a/fs/ext4/extents.c
++++ b/fs/ext4/extents.c
+@@ -4803,12 +4803,6 @@ static long ext4_zero_range(struct file *file, loff_t offset,
+ else
+ max_blocks -= lblk;
+
+- flags = EXT4_GET_BLOCKS_CREATE_UNWRIT_EXT |
+- EXT4_GET_BLOCKS_CONVERT_UNWRITTEN |
+- EXT4_EX_NOCACHE;
+- if (mode & FALLOC_FL_KEEP_SIZE)
+- flags |= EXT4_GET_BLOCKS_KEEP_SIZE;
+-
+ mutex_lock(&inode->i_mutex);
+
+ /*
+@@ -4825,15 +4819,28 @@ static long ext4_zero_range(struct file *file, loff_t offset,
+ ret = inode_newsize_ok(inode, new_size);
+ if (ret)
+ goto out_mutex;
+- /*
+- * If we have a partial block after EOF we have to allocate
+- * the entire block.
+- */
+- if (partial_end)
+- max_blocks += 1;
+ }
+
++ flags = EXT4_GET_BLOCKS_CREATE_UNWRIT_EXT;
++ if (mode & FALLOC_FL_KEEP_SIZE)
++ flags |= EXT4_GET_BLOCKS_KEEP_SIZE;
++
++ /* Preallocate the range including the unaligned edges */
++ if (partial_begin || partial_end) {
++ ret = ext4_alloc_file_blocks(file,
++ round_down(offset, 1 << blkbits) >> blkbits,
++ (round_up((offset + len), 1 << blkbits) -
++ round_down(offset, 1 << blkbits)) >> blkbits,
++ new_size, flags, mode);
++ if (ret)
++ goto out_mutex;
++
++ }
++
++ /* Zero range excluding the unaligned edges */
+ if (max_blocks > 0) {
++ flags |= (EXT4_GET_BLOCKS_CONVERT_UNWRITTEN |
++ EXT4_EX_NOCACHE);
+
+ /* Now release the pages and zero block aligned part of pages*/
+ truncate_pagecache_range(inode, start, end - 1);
+--
+2.1.0
+
diff --git a/kernel.spec b/kernel.spec
index 538064429..0911aaad8 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -48,7 +48,7 @@ Summary: The Linux kernel
# base_sublevel is the kernel version we're starting with and patching
# on top of -- for example, 3.1-rc7-git1 starts with a 3.0 base,
# which yields a base_sublevel of 0.
-%define base_sublevel 19
+%define base_sublevel 0
## If this is a released kernel ##
%if 0%{?released_kernel}
@@ -60,18 +60,19 @@ Summary: The Linux kernel
%define stablerev %{stable_update}
%define stable_base %{stable_update}
%endif
-%define rpmversion 3.%{base_sublevel}.%{stable_update}
+%define rpmversion 4.%{base_sublevel}.%{stable_update}
## The not-released-kernel case ##
%else
# The next upstream release sublevel (base_sublevel+1)
-%define upstream_sublevel %(echo $((%{base_sublevel} + 1)))
+# define upstream_sublevel %(echo $((%{base_sublevel} + 1)))
+%define upstream_sublevel 0
# The rc snapshot level
-%define rcrev 0
+%define rcrev 1
# The git snapshot level
-%define gitrev 10
+%define gitrev 0
# Set rpm version accordingly
-%define rpmversion 3.%{upstream_sublevel}.0
+%define rpmversion 4.%{upstream_sublevel}.0
%endif
# Nb: The above rcrev and gitrev values automagically define Patch00 and Patch01 below.
@@ -124,7 +125,7 @@ Summary: The Linux kernel
# Set debugbuildsenabled to 1 for production (build separate debug kernels)
# and 0 for rawhide (all kernels are debug kernels).
# See also 'make debug' and 'make release'.
-%define debugbuildsenabled 0
+%define debugbuildsenabled 1
# Want to build a vanilla kernel build without any non-upstream patches?
%define with_vanilla %{?_with_vanilla: 1} %{?!_with_vanilla: 0}
@@ -152,7 +153,8 @@ Summary: The Linux kernel
%endif
# The kernel tarball/base version
-%define kversion 3.%{base_sublevel}
+# define kversion 4.%{base_sublevel}
+%define kversion 4.%{base_sublevel}-rc%rcrev
%define make_target bzImage
@@ -409,7 +411,8 @@ BuildRequires: binutils-%{_build_arch}-linux-gnu, gcc-%{_build_arch}-linux-gnu
%define cross_opts CROSS_COMPILE=%{_build_arch}-linux-gnu-
%endif
-Source0: ftp://ftp.kernel.org/pub/linux/kernel/v3.0/linux-%{kversion}.tar.xz
+#Source0: ftp://ftp.kernel.org/pub/linux/kernel/v4.x/linux-%{kversion}.tar.xz
+Source0: ftp://ftp.kernel.org/pub/linux/kernel/v4.x/linux-4.0-rc1.tar.xz
Source10: perf-man-%{kversion}.tar.gz
Source11: x509.genkey
@@ -471,7 +474,7 @@ Source2001: cpupower.config
# For a stable release kernel
%if 0%{?stable_update}
%if 0%{?stable_base}
-%define stable_patch_00 patch-3.%{base_sublevel}.%{stable_base}.xz
+%define stable_patch_00 patch-4.%{base_sublevel}.%{stable_base}.xz
Patch00: %{stable_patch_00}
%endif
@@ -480,14 +483,14 @@ Patch00: %{stable_patch_00}
# near the top of this spec file.
%else
%if 0%{?rcrev}
-Patch00: patch-3.%{upstream_sublevel}-rc%{rcrev}.xz
+Patch00: patch-4.%{upstream_sublevel}-rc%{rcrev}.xz
%if 0%{?gitrev}
-Patch01: patch-3.%{upstream_sublevel}-rc%{rcrev}-git%{gitrev}.xz
+Patch01: patch-4.%{upstream_sublevel}-rc%{rcrev}-git%{gitrev}.xz
%endif
%else
# pre-{base_sublevel+1}-rc1 case
%if 0%{?gitrev}
-Patch00: patch-3.%{base_sublevel}-git%{gitrev}.xz
+Patch00: patch-4.%{base_sublevel}-git%{gitrev}.xz
%endif
%endif
%endif
@@ -609,19 +612,13 @@ Patch26059: i8042-Add-notimeout-quirk-for-Fujitsu-Lifebook-A544-.patch
#rhbz 1094948
Patch26131: acpi-video-Add-disable_native_backlight-quirk-for-Sa.patch
-#rhbz 1188074
-Patch26133: ntp-Fixup-adjtimex-freq-validation-on-32bit-systems.patch
-
Patch26134: perf-tools-Define-_GNU_SOURCE-on-pthread_attr_setaff.patch
-#CVE-2015-1593 rhbz 1192519 1192520
-Patch26135: ASLR-fix-stack-randomization-on-64-bit-systems.patch
-
-#CVE-XXXX-XXXX rhbz 1189864 1192079
-Patch26136: vhost-scsi-potential-memory-corruption.patch
-
Patch26137: fifo-nv04-remove-the-loop-from-the-interrupt-handler.patch
+#CVE-2015-0275 rhbz 1193907 1195178
+Patch26138: ext4-Allocate-entire-range-in-zero-range.patch
+
# git clone ssh://git.fedorahosted.org/git/kernel-arm64.git, git diff master...devel
Patch30000: kernel-arm64.patch
Patch30001: kernel-arm64-fix-psci-when-pg.patch
@@ -1024,20 +1021,20 @@ ApplyOptionalPatch()
# Update to latest upstream.
%if 0%{?released_kernel}
-%define vanillaversion 3.%{base_sublevel}
+%define vanillaversion 4.%{base_sublevel}
# non-released_kernel case
%else
%if 0%{?rcrev}
-%define vanillaversion 3.%{upstream_sublevel}-rc%{rcrev}
+%define vanillaversion 4.%{upstream_sublevel}-rc%{rcrev}
%if 0%{?gitrev}
-%define vanillaversion 3.%{upstream_sublevel}-rc%{rcrev}-git%{gitrev}
+%define vanillaversion 4.%{upstream_sublevel}-rc%{rcrev}-git%{gitrev}
%endif
%else
# pre-{base_sublevel+1}-rc1 case
%if 0%{?gitrev}
-%define vanillaversion 3.%{base_sublevel}-git%{gitrev}
+%define vanillaversion 4.%{base_sublevel}-git%{gitrev}
%else
-%define vanillaversion 3.%{base_sublevel}
+%define vanillaversion 4.%{base_sublevel}
%endif
%endif
%endif
@@ -1050,7 +1047,7 @@ ApplyOptionalPatch()
# Build a list of the other top-level kernel tree directories.
# This will be used to hardlink identical vanilla subdirs.
-sharedirs=$(find "$PWD" -maxdepth 1 -type d -name 'kernel-3.*' \
+sharedirs=$(find "$PWD" -maxdepth 1 -type d -name 'kernel-4.*' \
| grep -x -v "$PWD"/kernel-%{kversion}%{?dist}) ||:
# Delete all old stale trees.
@@ -1121,14 +1118,14 @@ if [ ! -d kernel-%{kversion}%{?dist}/vanilla-%{vanillaversion} ]; then
# Update vanilla to the latest upstream.
# (non-released_kernel case only)
%if 0%{?rcrev}
- ApplyPatch patch-3.%{upstream_sublevel}-rc%{rcrev}.xz
+ ApplyPatch patch-4.%{upstream_sublevel}-rc%{rcrev}.xz
%if 0%{?gitrev}
- ApplyPatch patch-3.%{upstream_sublevel}-rc%{rcrev}-git%{gitrev}.xz
+ ApplyPatch patch-4.%{upstream_sublevel}-rc%{rcrev}-git%{gitrev}.xz
%endif
%else
# pre-{base_sublevel+1}-rc1 case
%if 0%{?gitrev}
- ApplyPatch patch-3.%{base_sublevel}-git%{gitrev}.xz
+ ApplyPatch patch-4.%{base_sublevel}-git%{gitrev}.xz
%endif
%endif
@@ -1341,19 +1338,13 @@ ApplyPatch i8042-Add-notimeout-quirk-for-Fujitsu-Lifebook-A544-.patch
#rhbz 1094948
ApplyPatch acpi-video-Add-disable_native_backlight-quirk-for-Sa.patch
-#rhbz 1188074
-ApplyPatch ntp-Fixup-adjtimex-freq-validation-on-32bit-systems.patch
-
ApplyPatch perf-tools-Define-_GNU_SOURCE-on-pthread_attr_setaff.patch
-#CVE-2015-1593 rhbz 1192519 1192520
-ApplyPatch ASLR-fix-stack-randomization-on-64-bit-systems.patch
-
-#CVE-XXXX-XXXX rhbz 1189864 1192079
-ApplyPatch vhost-scsi-potential-memory-corruption.patch
-
ApplyPatch fifo-nv04-remove-the-loop-from-the-interrupt-handler.patch
+#CVE-2015-0275 rhbz 1193907 1195178
+ApplyPatch ext4-Allocate-entire-range-in-zero-range.patch
+
%if 0%{?aarch64patches}
ApplyPatch kernel-arm64.patch
%ifnarch aarch64 # this is stupid, but i want to notice before secondary koji does.
@@ -2212,6 +2203,11 @@ fi
#
#
%changelog
+* Mon Feb 23 2015 Josh Boyer <jwboyer@fedoraproject.org> - 4.0.0-0.rc1.git0.1
+- Linux v4.0-rc1
+- CVE-2015-0275 ext4: fallocate zero range page size > block size BUG (rhbz 1193907 1195178)
+- Disable debugging options.
+
* Fri Feb 20 2015 Josh Boyer <jwboyer@fedoraproject.org> - 3.20.0-0.rc0.git10.1
- Linux v3.19-8975-g3d883483dc0a
- Add patch to fix intermittent hangs in nouveau driver
diff --git a/ntp-Fixup-adjtimex-freq-validation-on-32bit-systems.patch b/ntp-Fixup-adjtimex-freq-validation-on-32bit-systems.patch
deleted file mode 100644
index 841a9d162..000000000
--- a/ntp-Fixup-adjtimex-freq-validation-on-32bit-systems.patch
+++ /dev/null
@@ -1,45 +0,0 @@
-From: John Stultz <john.stultz@linaro.org>
-Date: Mon, 2 Feb 2015 10:57:56 -0800
-Subject: [PATCH] ntp: Fixup adjtimex freq validation on 32bit systems
-
-Additional validation of adjtimex freq values to avoid
-potential multiplication overflows were added in commit
-5e5aeb4367b (time: adjtimex: Validate the ADJ_FREQUENCY values)
-
-Unfortunately the patch used LONG_MAX/MIN instead of
-LLONG_MAX/MIN, which was fine on 64bit systems, but caused
-false positives on 32bit systems resulting in most direct
-frequency adjustments to fail w/ EINVAL.
-
-ntpd only does driect frequency adjustments at startup,
-so the issue was not easily observed there, but other sync
-applications like ptpd and chrony were more effected by
-the bug.
-
-Cc: Sasha Levin <sasha.levin@oracle.com>
-Reported-by: Josh Boyer <jwboyer@fedoraproject.org>
-Reported-by: George Joseph <george.joseph@fairview5.com>
-Signed-off-by: John Stultz <john.stultz@linaro.org>
----
- kernel/time/ntp.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/kernel/time/ntp.c b/kernel/time/ntp.c
-index 4b585e0fdd22..a5f4d24c95cc 100644
---- a/kernel/time/ntp.c
-+++ b/kernel/time/ntp.c
-@@ -634,9 +634,9 @@ int ntp_validate_timex(struct timex *txc)
- return -EPERM;
-
- if (txc->modes & ADJ_FREQUENCY) {
-- if (LONG_MIN / PPM_SCALE > txc->freq)
-+ if (LLONG_MIN / PPM_SCALE > txc->freq)
- return -EINVAL;
-- if (LONG_MAX / PPM_SCALE < txc->freq)
-+ if (LLONG_MAX / PPM_SCALE < txc->freq)
- return -EINVAL;
- }
-
---
-2.1.0
-
diff --git a/sources b/sources
index f8e7faf76..2b9ae2afd 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,2 @@
-d3fc8316d4d4d04b65cbc2d70799e763 linux-3.19.tar.xz
-15d8d2f97ce056488451a5bfb2944603 perf-man-3.19.tar.gz
-d7783c6837600b2db12ff9bc603de6c0 patch-3.19-git10.xz
+547b340dca94d358b68d2658822080fa linux-4.0-rc1.tar.xz
+6fb88c6624ded64bd5981c3c1df0003a perf-man-4.0-rc1.tar.gz
diff --git a/vhost-scsi-potential-memory-corruption.patch b/vhost-scsi-potential-memory-corruption.patch
deleted file mode 100644
index 08a75a5ff..000000000
--- a/vhost-scsi-potential-memory-corruption.patch
+++ /dev/null
@@ -1,53 +0,0 @@
-From: Dan Carpenter <dan.carpenter@oracle.com>
-Date: Thu, 5 Feb 2015 10:37:33 +0300
-Subject: [PATCH] vhost/scsi: potential memory corruption
-
-This code in vhost_scsi_make_tpg() is confusing because we limit "tpgt"
-to UINT_MAX but the data type of "tpg->tport_tpgt" and that is a u16.
-
-I looked at the context and it turns out that in
-vhost_scsi_set_endpoint(), "tpg->tport_tpgt" is used as an offset into
-the vs_tpg[] array which has VHOST_SCSI_MAX_TARGET (256) elements so
-anything higher than 255 then it is invalid. I have made that the limit
-now.
-
-In vhost_scsi_send_evt() we mask away values higher than 255, but now
-that the limit has changed, we don't need the mask.
-
-Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
-Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
----
- drivers/vhost/scsi.c | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/drivers/vhost/scsi.c b/drivers/vhost/scsi.c
-index dc78d87e0fc2..d27cfb20776f 100644
---- a/drivers/vhost/scsi.c
-+++ b/drivers/vhost/scsi.c
-@@ -1253,7 +1253,7 @@ tcm_vhost_send_evt(struct vhost_scsi *vs,
- * lun[4-7] need to be zero according to virtio-scsi spec.
- */
- evt->event.lun[0] = 0x01;
-- evt->event.lun[1] = tpg->tport_tpgt & 0xFF;
-+ evt->event.lun[1] = tpg->tport_tpgt;
- if (lun->unpacked_lun >= 256)
- evt->event.lun[2] = lun->unpacked_lun >> 8 | 0x40 ;
- evt->event.lun[3] = lun->unpacked_lun & 0xFF;
-@@ -2124,12 +2124,12 @@ tcm_vhost_make_tpg(struct se_wwn *wwn,
- struct tcm_vhost_tport, tport_wwn);
-
- struct tcm_vhost_tpg *tpg;
-- unsigned long tpgt;
-+ u16 tpgt;
- int ret;
-
- if (strstr(name, "tpgt_") != name)
- return ERR_PTR(-EINVAL);
-- if (kstrtoul(name + 5, 10, &tpgt) || tpgt > UINT_MAX)
-+ if (kstrtou16(name + 5, 10, &tpgt) || tpgt >= VHOST_SCSI_MAX_TARGET)
- return ERR_PTR(-EINVAL);
-
- tpg = kzalloc(sizeof(struct tcm_vhost_tpg), GFP_KERNEL);
---
-2.1.0
-