From c0bed758351738c1f970358a32d5793ccfea21c4 Mon Sep 17 00:00:00 2001 From: Jeremy Cline Date: Tue, 11 Jun 2019 15:42:12 +0000 Subject: Linux v5.1.9 --- ...netfilter-nat-fix-udp-checksum-corruption.patch | 33 +++++++++++++ ...heck-key-sizes-only-when-Secure-Simple-Pa.patch | 44 ------------------ ...uetooth-Align-minimum-encryption-key-size.patch | 54 ++++++++++++++++++++++ .../generic/CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT | 1 + kernel-aarch64-debug.config | 1 + kernel-aarch64.config | 1 + kernel-armv7hl-debug.config | 1 + kernel-armv7hl-lpae-debug.config | 1 + kernel-armv7hl-lpae.config | 1 + kernel-armv7hl.config | 1 + kernel-i686-debug.config | 1 + kernel-i686.config | 1 + kernel-ppc64le-debug.config | 1 + kernel-ppc64le.config | 1 + kernel-s390x-debug.config | 1 + kernel-s390x.config | 1 + kernel-x86_64-debug.config | 1 + kernel-x86_64.config | 1 + kernel.spec | 15 ++++-- ...set-gc_entries-counter-if-new-entry-is-re.patch | 41 ---------------- sources | 2 +- 21 files changed, 113 insertions(+), 91 deletions(-) create mode 100644 0001-netfilter-nat-fix-udp-checksum-corruption.patch delete mode 100644 Bluetooth-Check-key-sizes-only-when-Secure-Simple-Pa.patch create mode 100644 Revert-Bluetooth-Align-minimum-encryption-key-size.patch create mode 100644 configs/fedora/generic/CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT delete mode 100644 neighbor-Reset-gc_entries-counter-if-new-entry-is-re.patch diff --git a/0001-netfilter-nat-fix-udp-checksum-corruption.patch b/0001-netfilter-nat-fix-udp-checksum-corruption.patch new file mode 100644 index 000000000..a890ef924 --- /dev/null +++ b/0001-netfilter-nat-fix-udp-checksum-corruption.patch @@ -0,0 +1,33 @@ +From 7500096ef55989594c5e699a8ea078110bd3fc1a Mon Sep 17 00:00:00 2001 +From: Florian Westphal +Date: Mon, 20 May 2019 13:48:10 +0200 +Subject: [PATCH] netfilter: nat: fix udp checksum corruption + +Due to copy&paste error nf_nat_mangle_udp_packet passes IPPROTO_TCP, +resulting in incorrect udp checksum when payload had to be mangled. + +Fixes: dac3fe72596f9 ("netfilter: nat: remove csum_recalc hook") +Reported-by: Marc Haber +Tested-by: Marc Haber +Signed-off-by: Florian Westphal +Signed-off-by: Pablo Neira Ayuso +--- + net/netfilter/nf_nat_helper.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/net/netfilter/nf_nat_helper.c b/net/netfilter/nf_nat_helper.c +index ccc06f7539d7..53aeb12b70fb 100644 +--- a/net/netfilter/nf_nat_helper.c ++++ b/net/netfilter/nf_nat_helper.c +@@ -170,7 +170,7 @@ nf_nat_mangle_udp_packet(struct sk_buff *skb, + if (!udph->check && skb->ip_summed != CHECKSUM_PARTIAL) + return true; + +- nf_nat_csum_recalc(skb, nf_ct_l3num(ct), IPPROTO_TCP, ++ nf_nat_csum_recalc(skb, nf_ct_l3num(ct), IPPROTO_UDP, + udph, &udph->check, datalen, oldlen); + + return true; +-- +2.21.0 + diff --git a/Bluetooth-Check-key-sizes-only-when-Secure-Simple-Pa.patch b/Bluetooth-Check-key-sizes-only-when-Secure-Simple-Pa.patch deleted file mode 100644 index ee7a5309b..000000000 --- a/Bluetooth-Check-key-sizes-only-when-Secure-Simple-Pa.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 7451bbd2c5c1c6512689855532ad49f26ba00cd6 Mon Sep 17 00:00:00 2001 -From: Marcel Holtmann -Date: Wed, 22 May 2019 09:05:40 +0200 -Subject: [PATCH] Bluetooth: Check key sizes only when Secure Simple Pairing is - enabled - -The encryption is only mandatory to be enforced when both sides are using -Secure Simple Pairing and this means the key size check makes only sense -in that case. - -On legacy Bluetooth 2.0 and earlier devices like mice the encryption was -optional and thus causing an issue if the key size check is not bound to -using Secure Simple Pairing. - -Fixes: d5bb334a8e17 ("Bluetooth: Align minimum encryption key size for LE and BR/EDR connections") -Signed-off-by: Marcel Holtmann -Cc: stable@vger.kernel.org ---- - net/bluetooth/hci_conn.c | 9 +++++++-- - 1 file changed, 7 insertions(+), 2 deletions(-) - -diff --git a/net/bluetooth/hci_conn.c b/net/bluetooth/hci_conn.c -index 3cf0764d5793..7516cdde3373 100644 ---- a/net/bluetooth/hci_conn.c -+++ b/net/bluetooth/hci_conn.c -@@ -1272,8 +1272,13 @@ int hci_conn_check_link_mode(struct hci_conn *conn) - return 0; - } - -- if (hci_conn_ssp_enabled(conn) && -- !test_bit(HCI_CONN_ENCRYPT, &conn->flags)) -+ /* If Secure Simple Pairing is not enabled, then legacy connection -+ * setup is used and no encryption or key sizes can be enforced. -+ */ -+ if (!hci_conn_ssp_enabled(conn)) -+ return 1; -+ -+ if (!test_bit(HCI_CONN_ENCRYPT, &conn->flags)) - return 0; - - /* The minimum encryption key size needs to be enforced by the --- -2.20.1 - diff --git a/Revert-Bluetooth-Align-minimum-encryption-key-size.patch b/Revert-Bluetooth-Align-minimum-encryption-key-size.patch new file mode 100644 index 000000000..1318de32a --- /dev/null +++ b/Revert-Bluetooth-Align-minimum-encryption-key-size.patch @@ -0,0 +1,54 @@ +From c8f57936ab21a1430ae2209fa874e842d13552d3 Mon Sep 17 00:00:00 2001 +From: Jeremy Cline +Date: Tue, 11 Jun 2019 14:59:23 +0000 +Subject: [PATCH] Revert "Bluetooth: Align minimum encryption key size for LE + and BR/EDR connections" + +This reverts commit d5bb334a8e171b262e48f378bd2096c0ea458265. + +This patch broke a number of older bluetooth devices and while an RFC +that fixes this patch has been posted upstream, it has not been merged +and there are still a few folks reporting problems. + +Signed-off-by: Jeremy Cline +--- + include/net/bluetooth/hci_core.h | 3 --- + net/bluetooth/hci_conn.c | 8 -------- + 2 files changed, 11 deletions(-) + +diff --git a/include/net/bluetooth/hci_core.h b/include/net/bluetooth/hci_core.h +index 05b1b96f4d9e..094e61e07030 100644 +--- a/include/net/bluetooth/hci_core.h ++++ b/include/net/bluetooth/hci_core.h +@@ -190,9 +190,6 @@ struct adv_info { + + #define HCI_MAX_SHORT_NAME_LENGTH 10 + +-/* Min encryption key size to match with SMP */ +-#define HCI_MIN_ENC_KEY_SIZE 7 +- + /* Default LE RPA expiry time, 15 minutes */ + #define HCI_DEFAULT_RPA_TIMEOUT (15 * 60) + +diff --git a/net/bluetooth/hci_conn.c b/net/bluetooth/hci_conn.c +index 3cf0764d5793..bd4978ce8c45 100644 +--- a/net/bluetooth/hci_conn.c ++++ b/net/bluetooth/hci_conn.c +@@ -1276,14 +1276,6 @@ int hci_conn_check_link_mode(struct hci_conn *conn) + !test_bit(HCI_CONN_ENCRYPT, &conn->flags)) + return 0; + +- /* The minimum encryption key size needs to be enforced by the +- * host stack before establishing any L2CAP connections. The +- * specification in theory allows a minimum of 1, but to align +- * BR/EDR and LE transports, a minimum of 7 is chosen. +- */ +- if (conn->enc_key_size < HCI_MIN_ENC_KEY_SIZE) +- return 0; +- + return 1; + } + +-- +2.21.0 + diff --git a/configs/fedora/generic/CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT b/configs/fedora/generic/CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT new file mode 100644 index 000000000..b0c4eae87 --- /dev/null +++ b/configs/fedora/generic/CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT @@ -0,0 +1 @@ +CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT=y diff --git a/kernel-aarch64-debug.config b/kernel-aarch64-debug.config index 170e109a7..d1808b5e7 100644 --- a/kernel-aarch64-debug.config +++ b/kernel-aarch64-debug.config @@ -4130,6 +4130,7 @@ CONFIG_NORTEL_HERMES=m CONFIG_NOUVEAU_DEBUG=5 CONFIG_NOUVEAU_DEBUG_DEFAULT=3 CONFIG_NOUVEAU_DEBUG_MMU=y +CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT=y CONFIG_NOUVEAU_PLATFORM_DRIVER=y CONFIG_NOZOMI=m CONFIG_NR_CPUS=256 diff --git a/kernel-aarch64.config b/kernel-aarch64.config index 116e56f5d..92602b416 100644 --- a/kernel-aarch64.config +++ b/kernel-aarch64.config @@ -4110,6 +4110,7 @@ CONFIG_NORTEL_HERMES=m CONFIG_NOUVEAU_DEBUG=5 CONFIG_NOUVEAU_DEBUG_DEFAULT=3 # CONFIG_NOUVEAU_DEBUG_MMU is not set +CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT=y CONFIG_NOUVEAU_PLATFORM_DRIVER=y CONFIG_NOZOMI=m CONFIG_NR_CPUS=256 diff --git a/kernel-armv7hl-debug.config b/kernel-armv7hl-debug.config index 62161d2b9..a39b0dd45 100644 --- a/kernel-armv7hl-debug.config +++ b/kernel-armv7hl-debug.config @@ -4243,6 +4243,7 @@ CONFIG_NORTEL_HERMES=m CONFIG_NOUVEAU_DEBUG=5 CONFIG_NOUVEAU_DEBUG_DEFAULT=3 CONFIG_NOUVEAU_DEBUG_MMU=y +CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT=y CONFIG_NOUVEAU_PLATFORM_DRIVER=y CONFIG_NOZOMI=m CONFIG_NR_CPUS=32 diff --git a/kernel-armv7hl-lpae-debug.config b/kernel-armv7hl-lpae-debug.config index 56c26c5c0..6c4ab4e3c 100644 --- a/kernel-armv7hl-lpae-debug.config +++ b/kernel-armv7hl-lpae-debug.config @@ -4106,6 +4106,7 @@ CONFIG_NORTEL_HERMES=m CONFIG_NOUVEAU_DEBUG=5 CONFIG_NOUVEAU_DEBUG_DEFAULT=3 CONFIG_NOUVEAU_DEBUG_MMU=y +CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT=y CONFIG_NOUVEAU_PLATFORM_DRIVER=y CONFIG_NOZOMI=m CONFIG_NR_CPUS=32 diff --git a/kernel-armv7hl-lpae.config b/kernel-armv7hl-lpae.config index d27bacca2..874017f4d 100644 --- a/kernel-armv7hl-lpae.config +++ b/kernel-armv7hl-lpae.config @@ -4087,6 +4087,7 @@ CONFIG_NORTEL_HERMES=m CONFIG_NOUVEAU_DEBUG=5 CONFIG_NOUVEAU_DEBUG_DEFAULT=3 # CONFIG_NOUVEAU_DEBUG_MMU is not set +CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT=y CONFIG_NOUVEAU_PLATFORM_DRIVER=y CONFIG_NOZOMI=m CONFIG_NR_CPUS=32 diff --git a/kernel-armv7hl.config b/kernel-armv7hl.config index f3acc627f..a7fca44c8 100644 --- a/kernel-armv7hl.config +++ b/kernel-armv7hl.config @@ -4224,6 +4224,7 @@ CONFIG_NORTEL_HERMES=m CONFIG_NOUVEAU_DEBUG=5 CONFIG_NOUVEAU_DEBUG_DEFAULT=3 # CONFIG_NOUVEAU_DEBUG_MMU is not set +CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT=y CONFIG_NOUVEAU_PLATFORM_DRIVER=y CONFIG_NOZOMI=m CONFIG_NR_CPUS=32 diff --git a/kernel-i686-debug.config b/kernel-i686-debug.config index ef134d413..0b87d7c62 100644 --- a/kernel-i686-debug.config +++ b/kernel-i686-debug.config @@ -3865,6 +3865,7 @@ CONFIG_NORTEL_HERMES=m CONFIG_NOUVEAU_DEBUG=5 CONFIG_NOUVEAU_DEBUG_DEFAULT=3 CONFIG_NOUVEAU_DEBUG_MMU=y +CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT=y CONFIG_NOZOMI=m CONFIG_NR_CPUS=32 CONFIG_NS83820=m diff --git a/kernel-i686.config b/kernel-i686.config index 8f60aa6d5..41057b9d1 100644 --- a/kernel-i686.config +++ b/kernel-i686.config @@ -3846,6 +3846,7 @@ CONFIG_NORTEL_HERMES=m CONFIG_NOUVEAU_DEBUG=5 CONFIG_NOUVEAU_DEBUG_DEFAULT=3 # CONFIG_NOUVEAU_DEBUG_MMU is not set +CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT=y CONFIG_NOZOMI=m CONFIG_NR_CPUS=32 CONFIG_NS83820=m diff --git a/kernel-ppc64le-debug.config b/kernel-ppc64le-debug.config index bc688b823..a37c61ad5 100644 --- a/kernel-ppc64le-debug.config +++ b/kernel-ppc64le-debug.config @@ -3588,6 +3588,7 @@ CONFIG_NORTEL_HERMES=m CONFIG_NOUVEAU_DEBUG=5 CONFIG_NOUVEAU_DEBUG_DEFAULT=3 CONFIG_NOUVEAU_DEBUG_MMU=y +CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT=y CONFIG_NOZOMI=m CONFIG_NR_CPUS=1024 CONFIG_NR_IRQS=512 diff --git a/kernel-ppc64le.config b/kernel-ppc64le.config index 7955d0c31..a23326d07 100644 --- a/kernel-ppc64le.config +++ b/kernel-ppc64le.config @@ -3567,6 +3567,7 @@ CONFIG_NORTEL_HERMES=m CONFIG_NOUVEAU_DEBUG=5 CONFIG_NOUVEAU_DEBUG_DEFAULT=3 # CONFIG_NOUVEAU_DEBUG_MMU is not set +CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT=y CONFIG_NOZOMI=m CONFIG_NR_CPUS=1024 CONFIG_NR_IRQS=512 diff --git a/kernel-s390x-debug.config b/kernel-s390x-debug.config index 80fc19f6b..894ded60d 100644 --- a/kernel-s390x-debug.config +++ b/kernel-s390x-debug.config @@ -3559,6 +3559,7 @@ CONFIG_NORTEL_HERMES=m CONFIG_NOUVEAU_DEBUG=5 CONFIG_NOUVEAU_DEBUG_DEFAULT=3 CONFIG_NOUVEAU_DEBUG_MMU=y +CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT=y # CONFIG_NOZOMI is not set CONFIG_NR_CPUS=64 CONFIG_NS83820=m diff --git a/kernel-s390x.config b/kernel-s390x.config index e5e7c7ad3..d58fdfe4e 100644 --- a/kernel-s390x.config +++ b/kernel-s390x.config @@ -3538,6 +3538,7 @@ CONFIG_NORTEL_HERMES=m CONFIG_NOUVEAU_DEBUG=5 CONFIG_NOUVEAU_DEBUG_DEFAULT=3 # CONFIG_NOUVEAU_DEBUG_MMU is not set +CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT=y # CONFIG_NOZOMI is not set CONFIG_NR_CPUS=64 CONFIG_NS83820=m diff --git a/kernel-x86_64-debug.config b/kernel-x86_64-debug.config index 29d327a5a..db2ed00ba 100644 --- a/kernel-x86_64-debug.config +++ b/kernel-x86_64-debug.config @@ -3909,6 +3909,7 @@ CONFIG_NORTEL_HERMES=m CONFIG_NOUVEAU_DEBUG=5 CONFIG_NOUVEAU_DEBUG_DEFAULT=3 CONFIG_NOUVEAU_DEBUG_MMU=y +CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT=y CONFIG_NOZOMI=m CONFIG_NR_CPUS=8192 CONFIG_NS83820=m diff --git a/kernel-x86_64.config b/kernel-x86_64.config index 718c23c83..ef5038e3f 100644 --- a/kernel-x86_64.config +++ b/kernel-x86_64.config @@ -3890,6 +3890,7 @@ CONFIG_NORTEL_HERMES=m CONFIG_NOUVEAU_DEBUG=5 CONFIG_NOUVEAU_DEBUG_DEFAULT=3 # CONFIG_NOUVEAU_DEBUG_MMU is not set +CONFIG_NOUVEAU_LEGACY_CTX_SUPPORT=y CONFIG_NOZOMI=m CONFIG_NR_CPUS=1024 CONFIG_NS83820=m diff --git a/kernel.spec b/kernel.spec index 5f59cbf0c..ea706d09e 100644 --- a/kernel.spec +++ b/kernel.spec @@ -54,7 +54,7 @@ Summary: The Linux kernel %if 0%{?released_kernel} # Do we have a -stable update to apply? -%define stable_update 8 +%define stable_update 9 # Set rpm version accordingly %if 0%{?stable_update} %define stablerev %{stable_update} @@ -587,7 +587,8 @@ Patch526: 0001-platform-x86-ideapad-laptop-Remove-no_hw_rfkill_list.patch # rhbz 1711468 # https://lore.kernel.org/linux-bluetooth/20190522070540.48895-1-marcel@holtmann.org/ -Patch527: Bluetooth-Check-key-sizes-only-when-Secure-Simple-Pa.patch +# https://lore.kernel.org/linux-bluetooth/af8cf6f4-4979-2f6f-68ed-e5b368b17ec7@redhat.com/ +Patch527: Revert-Bluetooth-Align-minimum-encryption-key-size.patch # CVE-2019-12378 rhbz 1715459 1715460 Patch528: ipv6_sockglue-fix-missing-check-bug-in-ip6_ra_control.patch @@ -616,15 +617,15 @@ Patch535: wcd9335-fix-a-incorrect-use-of-kstrndup.patch # CVE-2019-12456 rhbz 1717182 1717183 Patch536: scsi-mpt3sas_ctl-fix-double-fetch-bug-in_ctl_ioctl_main.patch -# rhbz 1708717 -Patch537: neighbor-Reset-gc_entries-counter-if-new-entry-is-re.patch - # CVE-2019-12614 rhbz 1718176 1718185 Patch538: powerpc-fix-a-missing-check-in-dlpar_parse_cc_property.patch # https://patchwork.kernel.org/patch/10817377/ Patch539: usb-dwc2-Fix-DMA-cache-alignment-issues.patch +# Mainlined, https://bugzilla.redhat.com/show_bug.cgi?id=1716289 +Patch540: 0001-netfilter-nat-fix-udp-checksum-corruption.patch + # END OF PATCH DEFINITIONS %endif @@ -1863,6 +1864,10 @@ fi # # %changelog +* Tue Jun 11 2019 Jeremy Cline - 5.1.9-300 +- Linux v5.1.9 +- Fix UDP checkshums for SIP packets (rhbz 1716289) + * Sun Jun 09 2019 Jeremy Cline - 5.1.8-300 - Linux v5.1.8 diff --git a/neighbor-Reset-gc_entries-counter-if-new-entry-is-re.patch b/neighbor-Reset-gc_entries-counter-if-new-entry-is-re.patch deleted file mode 100644 index 6c4b078b5..000000000 --- a/neighbor-Reset-gc_entries-counter-if-new-entry-is-re.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 51b840ae99c70e03ff463e3d98d4fcac2e31344c Mon Sep 17 00:00:00 2001 -From: David Ahern -Date: Wed, 1 May 2019 18:08:34 -0700 -Subject: [PATCH] neighbor: Reset gc_entries counter if new entry is released - before insert - -Ian and Alan both reported seeing overflows after upgrades to 5.x kernels: - neighbour: arp_cache: neighbor table overflow! - -Alan's mpls script helped get to the bottom of this bug. When a new entry -is created the gc_entries counter is bumped in neigh_alloc to check if a -new one is allowed to be created. ___neigh_create then searches for an -existing entry before inserting the just allocated one. If an entry -already exists, the new one is dropped in favor of the existing one. In -this case the cleanup path needs to drop the gc_entries counter. There -is no memory leak, only a counter leak. - -Fixes: 58956317c8d ("neighbor: Improve garbage collection") -Reported-by: Ian Kumlien -Reported-by: Alan Maguire -Signed-off-by: David Ahern ---- - net/core/neighbour.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/net/core/neighbour.c b/net/core/neighbour.c -index 30f6fd8f68e0..aff051e5521d 100644 ---- a/net/core/neighbour.c -+++ b/net/core/neighbour.c -@@ -663,6 +663,8 @@ static struct neighbour *___neigh_create(struct neigh_table *tbl, - out_tbl_unlock: - write_unlock_bh(&tbl->lock); - out_neigh_release: -+ if (!exempt_from_gc) -+ atomic_dec(&tbl->gc_entries); - neigh_release(n); - goto out; - } --- -2.21.0 - diff --git a/sources b/sources index a803dcac2..7ea3025ed 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ SHA512 (linux-5.1.tar.xz) = ae96f347badc95f1f3acf506c52b6cc23c0bd09ce8f4ce6705d4b4058b62593059bba1bc603c8d8b00a2f19131e7e56c31ac62b45883a346fa61d655e178f236 -SHA512 (patch-5.1.8.xz) = b87bea971d0ec92a3243ba868d5a4a25c16a0e36dda50edbaf59ea60ce11d96019517b1d3153de829e91791976ef37f59433c65563e04ae33ac107b9a8badf73 +SHA512 (patch-5.1.9.xz) = 07fe43bdcb37f8f082cfeb19c3728fd0c5292d479793d02bad1386b2b3eb0618f1b4c95b17dba16eac19b1cdfd3d8aa9c235784d7abed2222b4dd14636756ec6 -- cgit