diff options
author | Justin M. Forbes <jforbes@fedoraproject.org> | 2022-03-16 11:45:33 -0500 |
---|---|---|
committer | Justin M. Forbes <jforbes@fedoraproject.org> | 2022-03-16 11:45:33 -0500 |
commit | 37ca87224b08cc207cf992c4bb3be19e8fd9d233 (patch) | |
tree | cf3b8edc565ead2a75fa58e152df74e768526ed7 /patch-5.16-redhat.patch | |
parent | fc82598159037daf06b84df475ba09cd6c25da69 (diff) | |
download | kernel-37ca87224b08cc207cf992c4bb3be19e8fd9d233.tar.gz kernel-37ca87224b08cc207cf992c4bb3be19e8fd9d233.tar.xz kernel-37ca87224b08cc207cf992c4bb3be19e8fd9d233.zip |
kernel-5.16.15-0
* Wed Mar 16 2022 Justin M. Forbes <jforbes@fedoraproject.org> [5.16.15-0]
- nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION (Jordy Zomer)
- Restrict FS_LOCATIONS to NFS v4.2+ to work around Qnap knfsd-3.4.6 bug (Justin M. Forbes)
- Turn on VDPA_SIM_BLOCK (Justin M. Forbes)
- Fix up changelog (Justin M. Forbes)
Resolves: rhbz#
Signed-off-by: Justin M. Forbes <jforbes@fedoraproject.org>
Diffstat (limited to 'patch-5.16-redhat.patch')
-rw-r--r-- | patch-5.16-redhat.patch | 126 |
1 files changed, 63 insertions, 63 deletions
diff --git a/patch-5.16-redhat.patch b/patch-5.16-redhat.patch index 7110a8e5c..4a6334deb 100644 --- a/patch-5.16-redhat.patch +++ b/patch-5.16-redhat.patch @@ -16,8 +16,6 @@ drivers/firmware/efi/Makefile | 1 + drivers/firmware/efi/efi.c | 124 +++++++++++++++------ drivers/firmware/efi/secureboot.c | 38 +++++++ - drivers/gpu/drm/i915/display/intel_psr.c | 16 ++- - drivers/gpu/drm/i915/i915_reg.h | 1 + drivers/gpu/drm/nouveau/nouveau_backlight.c | 3 +- drivers/hid/hid-rmi.c | 64 ----------- drivers/hwtracing/coresight/coresight-etm4x-core.c | 19 ++++ @@ -27,12 +25,14 @@ drivers/net/wireless/ath/ath11k/core.h | 1 + drivers/net/wireless/ath/ath11k/mhi.c | 1 + drivers/net/wireless/ath/ath11k/pci.c | 16 ++- + drivers/nfc/st21nfca/se.c | 10 ++ drivers/nvme/host/core.c | 22 +++- drivers/nvme/host/multipath.c | 19 ++-- drivers/nvme/host/nvme.h | 4 + drivers/pci/msi.c | 13 +-- drivers/pci/quirks.c | 24 ++++ drivers/usb/core/hub.c | 7 ++ + fs/nfs/nfs4proc.c | 7 +- include/linux/efi.h | 22 ++-- include/linux/lsm_hook_defs.h | 2 + include/linux/lsm_hooks.h | 6 + @@ -49,10 +49,10 @@ security/lockdown/lockdown.c | 1 + security/security.c | 6 + tools/testing/selftests/netfilter/nft_nat.sh | 5 +- - 51 files changed, 811 insertions(+), 205 deletions(-) + 51 files changed, 810 insertions(+), 206 deletions(-) diff --git a/Makefile b/Makefile -index 86835419075f..dd0dae5bea09 100644 +index 8675dd2a9cc8..fae0fa3f7ed5 100644 --- a/Makefile +++ b/Makefile @@ -18,6 +18,10 @@ $(if $(filter __%, $(MAKECMDGOALS)), \ @@ -83,7 +83,7 @@ index c2724d986fa0..8063dcef65f7 100644 The VM uses one page of physical memory for each page table. For systems with a lot of processes, this can use a lot of diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig -index 0e2c31f7a9aa..25310b3a1fc6 100644 +index d05d94d2b28b..1dfcaaba8810 100644 --- a/arch/arm64/Kconfig +++ b/arch/arm64/Kconfig @@ -1109,7 +1109,7 @@ endchoice @@ -95,7 +95,7 @@ index 0e2c31f7a9aa..25310b3a1fc6 100644 help For systems with 52-bit userspace VAs enabled, the kernel will attempt to maintain compatibility with older software by providing 48-bit VAs -@@ -1363,6 +1363,7 @@ config XEN +@@ -1360,6 +1360,7 @@ config XEN config FORCE_MAX_ZONEORDER int default "14" if ARM64_64K_PAGES @@ -151,7 +151,7 @@ index 65a31cb0611f..5d059341f02b 100644 /* boot_command_line has been already set up in early.c */ *cmdline_p = boot_command_line; diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c -index e04f5e6eb33f..8015e3d2dc9a 100644 +index 1782b3fb9320..d4b69f672bec 100644 --- a/arch/x86/kernel/setup.c +++ b/arch/x86/kernel/setup.c @@ -20,6 +20,7 @@ @@ -162,7 +162,7 @@ index e04f5e6eb33f..8015e3d2dc9a 100644 #include <linux/usb/xhci-dbgp.h> #include <linux/static_call.h> #include <linux/swiotlb.h> -@@ -929,6 +930,13 @@ void __init setup_arch(char **cmdline_p) +@@ -949,6 +950,13 @@ void __init setup_arch(char **cmdline_p) if (efi_enabled(EFI_BOOT)) efi_init(); @@ -176,7 +176,7 @@ index e04f5e6eb33f..8015e3d2dc9a 100644 dmi_setup(); /* -@@ -1094,19 +1102,7 @@ void __init setup_arch(char **cmdline_p) +@@ -1114,19 +1122,7 @@ void __init setup_arch(char **cmdline_p) /* Allocate bigger log buffer */ setup_log_buf(1); @@ -850,59 +850,6 @@ index 000000000000..de0a3714a5d4 + } + } +} -diff --git a/drivers/gpu/drm/i915/display/intel_psr.c b/drivers/gpu/drm/i915/display/intel_psr.c -index 7a205fd5023b..3ba8b717e176 100644 ---- a/drivers/gpu/drm/i915/display/intel_psr.c -+++ b/drivers/gpu/drm/i915/display/intel_psr.c -@@ -1400,6 +1400,13 @@ static inline u32 man_trk_ctl_single_full_frame_bit_get(struct drm_i915_private - PSR2_MAN_TRK_CTL_SF_SINGLE_FULL_FRAME; - } - -+static inline u32 man_trk_ctl_partial_frame_bit_get(struct drm_i915_private *dev_priv) -+{ -+ return IS_ALDERLAKE_P(dev_priv) ? -+ ADLP_PSR2_MAN_TRK_CTL_SF_PARTIAL_FRAME_UPDATE : -+ PSR2_MAN_TRK_CTL_SF_PARTIAL_FRAME_UPDATE; -+} -+ - static void psr_force_hw_tracking_exit(struct intel_dp *intel_dp) - { - struct drm_i915_private *dev_priv = dp_to_i915(intel_dp); -@@ -1495,7 +1502,13 @@ static void psr2_man_trk_ctl_calc(struct intel_crtc_state *crtc_state, - { - struct intel_crtc *crtc = to_intel_crtc(crtc_state->uapi.crtc); - struct drm_i915_private *dev_priv = to_i915(crtc->base.dev); -- u32 val = PSR2_MAN_TRK_CTL_ENABLE; -+ u32 val = 0; -+ -+ if (!IS_ALDERLAKE_P(dev_priv)) -+ val = PSR2_MAN_TRK_CTL_ENABLE; -+ -+ /* SF partial frame enable has to be set even on full update */ -+ val |= man_trk_ctl_partial_frame_bit_get(dev_priv); - - if (full_update) { - /* -@@ -1515,7 +1528,6 @@ static void psr2_man_trk_ctl_calc(struct intel_crtc_state *crtc_state, - } else { - drm_WARN_ON(crtc_state->uapi.crtc->dev, clip->y1 % 4 || clip->y2 % 4); - -- val |= PSR2_MAN_TRK_CTL_SF_PARTIAL_FRAME_UPDATE; - val |= PSR2_MAN_TRK_CTL_SU_REGION_START_ADDR(clip->y1 / 4 + 1); - val |= PSR2_MAN_TRK_CTL_SU_REGION_END_ADDR(clip->y2 / 4 + 1); - } -diff --git a/drivers/gpu/drm/i915/i915_reg.h b/drivers/gpu/drm/i915/i915_reg.h -index 14ce8809efdd..e927776ae183 100644 ---- a/drivers/gpu/drm/i915/i915_reg.h -+++ b/drivers/gpu/drm/i915/i915_reg.h -@@ -4738,6 +4738,7 @@ enum { - #define ADLP_PSR2_MAN_TRK_CTL_SU_REGION_START_ADDR(val) REG_FIELD_PREP(ADLP_PSR2_MAN_TRK_CTL_SU_REGION_START_ADDR_MASK, val) - #define ADLP_PSR2_MAN_TRK_CTL_SU_REGION_END_ADDR_MASK REG_GENMASK(12, 0) - #define ADLP_PSR2_MAN_TRK_CTL_SU_REGION_END_ADDR(val) REG_FIELD_PREP(ADLP_PSR2_MAN_TRK_CTL_SU_REGION_END_ADDR_MASK, val) -+#define ADLP_PSR2_MAN_TRK_CTL_SF_PARTIAL_FRAME_UPDATE REG_BIT(31) - #define ADLP_PSR2_MAN_TRK_CTL_SF_SINGLE_FULL_FRAME REG_BIT(14) - #define ADLP_PSR2_MAN_TRK_CTL_SF_CONTINUOS_FULL_FRAME REG_BIT(13) - diff --git a/drivers/gpu/drm/nouveau/nouveau_backlight.c b/drivers/gpu/drm/nouveau/nouveau_backlight.c index 1cbd71abc80a..9d2513de959b 100644 --- a/drivers/gpu/drm/nouveau/nouveau_backlight.c @@ -1422,6 +1369,34 @@ index 4c348bacf2cb..9fe496d35b38 100644 dev_err(&pdev->dev, "Unsupported WCN6855 SOC hardware version: %d %d\n", soc_hw_version_major, soc_hw_version_minor); ret = -EOPNOTSUPP; +diff --git a/drivers/nfc/st21nfca/se.c b/drivers/nfc/st21nfca/se.c +index a43fc4117fa5..c922f10d0d7b 100644 +--- a/drivers/nfc/st21nfca/se.c ++++ b/drivers/nfc/st21nfca/se.c +@@ -316,6 +316,11 @@ int st21nfca_connectivity_event_received(struct nfc_hci_dev *hdev, u8 host, + return -ENOMEM; + + transaction->aid_len = skb->data[1]; ++ ++ /* Checking if the length of the AID is valid */ ++ if (transaction->aid_len > sizeof(transaction->aid)) ++ return -EINVAL; ++ + memcpy(transaction->aid, &skb->data[2], + transaction->aid_len); + +@@ -325,6 +330,11 @@ int st21nfca_connectivity_event_received(struct nfc_hci_dev *hdev, u8 host, + return -EPROTO; + + transaction->params_len = skb->data[transaction->aid_len + 3]; ++ ++ /* Total size is allocated (skb->len - 2) minus fixed array members */ ++ if (transaction->params_len > ((skb->len - 2) - sizeof(struct nfc_evt_transaction))) ++ return -EINVAL; ++ + memcpy(transaction->params, skb->data + + transaction->aid_len + 4, transaction->params_len); + diff --git a/drivers/nvme/host/core.c b/drivers/nvme/host/core.c index 5785f6abf194..7fc5f15a4b78 100644 --- a/drivers/nvme/host/core.c @@ -1590,7 +1565,7 @@ index 8465221be6d2..64f37ad8227d 100644 pcibios_free_irq(dev); diff --git a/drivers/pci/quirks.c b/drivers/pci/quirks.c -index 20a932690738..494cee3aec7b 100644 +index db864bf634a3..0489be6c81d4 100644 --- a/drivers/pci/quirks.c +++ b/drivers/pci/quirks.c @@ -4272,6 +4272,30 @@ DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_BROADCOM, 0x9000, @@ -1642,6 +1617,31 @@ index ac6c5ccfe1cb..ec784479eece 100644 /* Lock the device, then check to see if we were * disconnected while waiting for the lock to succeed. */ usb_lock_device(hdev); +diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c +index 0abbbf5d2bdf..c216bbf7ee75 100644 +--- a/fs/nfs/nfs4proc.c ++++ b/fs/nfs/nfs4proc.c +@@ -3859,8 +3859,8 @@ static int _nfs4_server_capabilities(struct nfs_server *server, struct nfs_fh *f + res.attr_bitmask[2] &= FATTR4_WORD2_NFS42_MASK; + } + memcpy(server->attr_bitmask, res.attr_bitmask, sizeof(server->attr_bitmask)); +- server->caps &= ~(NFS_CAP_ACLS | NFS_CAP_HARDLINKS | +- NFS_CAP_SYMLINKS| NFS_CAP_SECURITY_LABEL); ++ server->caps &= ~(NFS_CAP_ACLS | NFS_CAP_HARDLINKS | NFS_CAP_SYMLINKS ++ | NFS_CAP_SECURITY_LABEL | NFS_CAP_FS_LOCATIONS); + server->fattr_valid = NFS_ATTR_FATTR_V4; + if (res.attr_bitmask[0] & FATTR4_WORD0_ACL && + res.acl_bitmask & ACL4_SUPPORT_ALLOW_ACL) +@@ -3873,7 +3873,8 @@ static int _nfs4_server_capabilities(struct nfs_server *server, struct nfs_fh *f + if (res.attr_bitmask[2] & FATTR4_WORD2_SECURITY_LABEL) + server->caps |= NFS_CAP_SECURITY_LABEL; + #endif +- if (res.attr_bitmask[0] & FATTR4_WORD0_FS_LOCATIONS) ++ /* Restrict FS_LOCATIONS to NFS v4.2+ to work around Qnap knfsd-3.4.6 bug */ ++ if (res.attr_bitmask[0] & FATTR4_WORD0_FS_LOCATIONS && minorversion >= 2) + server->caps |= NFS_CAP_FS_LOCATIONS; + if (!(res.attr_bitmask[0] & FATTR4_WORD0_FILEID)) + server->fattr_valid &= ~NFS_ATTR_FATTR_FILEID; diff --git a/include/linux/efi.h b/include/linux/efi.h index ef8dbc0a1522..836a5dfc6156 100644 --- a/include/linux/efi.h |