Linux v5.5.14

3 files changed, 59 insertions, 2 deletions

diff --git a/bpf-update-jmp32-test-cases-to-fix-range-bound-deduction.patch b/bpf-update-jmp32-test-cases-to-fix-range-bound-deduction.patch
new file mode 100644
index 000000000..0b8304e7f
--- /dev/null
+++ b/bpf-update-jmp32-test-cases-to-fix-range-bound-deduction.patch
@@ -0,0 +1,53 @@
+From 6b5ca133b9fbd57f0ca4acd7999c4e9a93e702be Mon Sep 17 00:00:00 2001
+From: Daniel Borkmann <daniel@iogearbox.net>
+Date: Fri, 24 Jan 2020 14:21:14 +0000
+Subject: bpf: update jmp32 test cases to fix range bound deduction
+
+From: Daniel Borkmann <daniel@iogearbox.net>
+
+[ no upstream commit ]
+
+Since commit f2d67fec0b43 ("bpf: Undo incorrect __reg_bound_offset32 handling")
+has been backported to stable, we also need to update related test cases that
+started to (expectedly) fail on stable. Given the functionality has been reverted
+we need to move the result to REJECT.
+
+Reported-by: Naresh Kamboju <naresh.kamboju@linaro.org>
+Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ tools/testing/selftests/bpf/verifier/jmp32.c |    9 ++++++---
+ 1 file changed, 6 insertions(+), 3 deletions(-)
+
+--- a/tools/testing/selftests/bpf/verifier/jmp32.c
++++ b/tools/testing/selftests/bpf/verifier/jmp32.c
+@@ -768,7 +768,8 @@
+ 	},
+ 	.prog_type = BPF_PROG_TYPE_SCHED_CLS,
+ 	.fixup_map_hash_48b = { 4 },
+-	.result = ACCEPT,
++	.result = REJECT,
++	.errstr = "R8 unbounded memory access",
+ 	.flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS,
+ },
+ {
+@@ -796,7 +797,8 @@
+ 	},
+ 	.prog_type = BPF_PROG_TYPE_SCHED_CLS,
+ 	.fixup_map_hash_48b = { 4 },
+-	.result = ACCEPT,
++	.result = REJECT,
++	.errstr = "R8 unbounded memory access",
+ 	.flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS,
+ },
+ {
+@@ -824,6 +826,7 @@
+ 	},
+ 	.prog_type = BPF_PROG_TYPE_SCHED_CLS,
+ 	.fixup_map_hash_48b = { 4 },
+-	.result = ACCEPT,
++	.result = REJECT,
++	.errstr = "R8 unbounded memory access",
+ 	.flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS,
+ },
diff --git a/kernel.spec b/kernel.spec
index 4d3a27137..8e8d27a64 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -89,7 +89,7 @@ Summary: The Linux kernel
 %if 0%{?released_kernel}
 
 # Do we have a -stable update to apply?
-%define stable_update 13
+%define stable_update 14
 # Set rpm version accordingly
 %if 0%{?stable_update}
 %define stablerev %{stable_update}
@@ -2893,6 +2893,10 @@ fi
 #
 #
 %changelog
+* Wed Apr 01 2020 Justin M. Forbes <jforbes@fedoraproject.org> - 5.5.14-200
+- Linux v5.5.14
+- Fixes CVE-2020-8835 (rhbz 1818941 1817350)
+
 * Wed Mar 25 2020 Justin M. Forbes <jforbes@fedoraproject.org> - 5.5.13-200
 - Linux v5.5.13
 
diff --git a/sources b/sources
index 7a8d0ae85..85c5f595f 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
 SHA512 (linux-5.5.tar.xz) = fa74fdabb5e63384a39e54da05b86a9ae9ea16179524b041fbbdffc7177e80b53600ae98d76be127ba216148f9dc55fe07ab20637e22c6d6030cb4aa09eb2f86
-SHA512 (patch-5.5.13.xz) = 22ff73b07ef89cc61950d929d99cabba42b2678e4e08a981e5bc61aae9523637626e779ce718eb55e27568479db2db483eee4fe042e36f70335b6b74886950a5
+SHA512 (patch-5.5.14.xz) = 3f975cbbaa68a6455eb3fce81e9ac14bf68721077cd0d6b5dc530034bcde3ccc9046e712c08253d89157a25ab29fae614a6b99e7186bfddc960938ce242ba55b