diff --git a/.SRCINFO b/.SRCINFO index 3c5b540..83e6329 100644 --- a/.SRCINFO +++ b/.SRCINFO @@ -1,8 +1,8 @@ # Generated by mksrcinfo v8 -# Tue Feb 2 20:10:47 UTC 2016 +# Tue Feb 2 20:15:53 UTC 2016 pkgbase = linux-vfio - pkgver = 4.4 - pkgrel = 4 + pkgver = 4.4.1 + pkgrel = 1 url = http://www.kernel.org/ arch = i686 arch = x86_64 @@ -15,24 +15,30 @@ pkgbase = linux-vfio options = !strip source = https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.4.tar.xz source = https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.4.tar.sign + source = https://www.kernel.org/pub/linux/kernel/v4.x/patch-4.4.1.xz + source = https://www.kernel.org/pub/linux/kernel/v4.x/patch-4.4.1.sign source = config source = config.x86_64 source = linux.preset source = change-default-console-loglevel.patch source = 0001-sdhci-revert.patch source = tpmdd-devel-v3-base-platform-fix-binding-for-drivers-without-probe-callback.patch - source = CVE-2016-0728.patch + source = 0001-4.4-revert-btrfs.patch + source = 0001-4.4-revert-xfs.patch source = override_for_missing_acs_capabilities.patch source = i915_317.patch sha256sums = 401d7c8fef594999a460d10c72c5a94e9c2e1022f16795ec51746b0d165418b2 sha256sums = SKIP - sha256sums = d402c67f5a7334ac9e242344055ef4ac63fe43a1d8f1cda82eddd59d7242a63e - sha256sums = ddeadf2910deb0803d4d4920c4dc7f07d3fb63bca564073aeb5f6181358f20d7 + sha256sums = c0218043e61da3921cd14579ae4a8774a6fdad91667a9fdb851d0a35f62edb48 + sha256sums = SKIP + sha256sums = fbbae1d873900e84d1b7ef00593fbb94fc79f078a34b22ee824bab8b0a92be64 + sha256sums = 756a168bbc3bb582f0df45b977c32af53658f21d62fe15171c9ac85f52d8852a sha256sums = f0d90e756f14533ee67afda280500511a62465b4f76adcc5effa95a40045179c sha256sums = 1256b241cd477b265a3c2d64bdc19ffe3c9bbcee82ea3994c590c2c76e767d99 sha256sums = 5313df7cb5b4d005422bd4cd0dae956b2dadba8f3db904275aaf99ac53894375 sha256sums = ab57037ecee0a425c612babdff47c831378bca0bff063a1308599989a350226d - sha256sums = 03bed5b1c6ef34a917e218a46d38cd1347c5ab5693131996113c6cad275dc4e9 + sha256sums = 51586b733e9f178bebe577258b6057b035eded516ffe8bf8bbb26cb0b26c4958 + sha256sums = ffbfaa192d17bfc7c6293aa9a07efe57f65177051ae3d8033d5e45a7bca2e0ad sha256sums = 975f79348119bfba8dd972a9fbfe6b38484c45bfd228f2f6d48a0c02426ba149 sha256sums = b5a8eebbe75e1801b35d2f5197eba6f57123c224e09e97a7eb526f1fa58ac918 diff --git a/0001-4.4-revert-btrfs.patch b/0001-4.4-revert-btrfs.patch new file mode 100644 index 0000000..4b56e24 --- /dev/null +++ b/0001-4.4-revert-btrfs.patch @@ -0,0 +1,78 @@ +From 80ad623edd2d0ccb47d85357ee31c97e6c684e82 Mon Sep 17 00:00:00 2001 +From: David Sterba +Date: Mon, 25 Jan 2016 11:02:06 +0100 +Subject: Revert "btrfs: clear PF_NOFREEZE in cleaner_kthread()" + +This reverts commit 696249132158014d594896df3a81390616069c5c. The +cleaner thread can block freezing when there's a snapshot cleaning in +progress and the other threads get suspended first. From the logs +provided by Martin we're waiting for reading extent pages: + +kernel: PM: Syncing filesystems ... done. +kernel: Freezing user space processes ... (elapsed 0.015 seconds) done. +kernel: Freezing remaining freezable tasks ... +kernel: Freezing of tasks failed after 20.003 seconds (1 tasks refusing to freeze, wq_busy=0): +kernel: btrfs-cleaner D ffff88033dd13bc0 0 152 2 0x00000000 +kernel: ffff88032ebc2e00 ffff88032e750000 ffff88032e74fa50 7fffffffffffffff +kernel: ffffffff814a58df 0000000000000002 ffffea000934d580 ffffffff814a5451 +kernel: 7fffffffffffffff ffffffff814a6e8f 0000000000000000 0000000000000020 +kernel: Call Trace: +kernel: [] ? bit_wait+0x2c/0x2c +kernel: [] ? schedule+0x6f/0x7c +kernel: [] ? schedule_timeout+0x2f/0xd8 +kernel: [] ? timekeeping_get_ns+0xa/0x2e +kernel: [] ? ktime_get+0x36/0x44 +kernel: [] ? io_schedule_timeout+0x94/0xf2 +kernel: [] ? io_schedule_timeout+0x94/0xf2 +kernel: [] ? bit_wait_io+0x2c/0x30 +kernel: [] ? __wait_on_bit+0x41/0x73 +kernel: [] ? wait_on_page_bit+0x6d/0x72 +kernel: [] ? autoremove_wake_function+0x2a/0x2a +kernel: [] ? read_extent_buffer_pages+0x1bd/0x203 +kernel: [] ? free_root_pointers+0x4c/0x4c +kernel: [] ? btree_read_extent_buffer_pages.constprop.57+0x5a/0xe9 +kernel: [] ? read_tree_block+0x2d/0x45 +kernel: [] ? read_block_for_search.isra.34+0x22a/0x26b +kernel: [] ? btrfs_set_path_blocking+0x1e/0x4a +kernel: [] ? btrfs_search_slot+0x648/0x736 +kernel: [] ? btrfs_lookup_extent_info+0xb7/0x2c7 +kernel: [] ? walk_down_proc+0x9c/0x1ae +kernel: [] ? walk_down_tree+0x40/0xa4 +kernel: [] ? btrfs_drop_snapshot+0x2da/0x664 +kernel: [] ? finish_task_switch+0x126/0x167 +kernel: [] ? btrfs_clean_one_deleted_snapshot+0xa6/0xb0 +kernel: [] ? cleaner_kthread+0x13e/0x17b +kernel: [] ? btrfs_item_end+0x33/0x33 +kernel: [] ? kthread+0x95/0x9d +kernel: [] ? kthread_parkme+0x16/0x16 +kernel: [] ? ret_from_fork+0x3f/0x70 +kernel: [] ? kthread_parkme+0x16/0x16 + +As this affects a released kernel (4.4) we need a minimal fix for +stable kernels. + +Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=108361 +Reported-by: Martin Ziegler +CC: stable@vger.kernel.org # 4.4 +CC: Jiri Kosina +Signed-off-by: David Sterba +Signed-off-by: Chris Mason +--- + fs/btrfs/disk-io.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/fs/btrfs/disk-io.c b/fs/btrfs/disk-io.c +index 26ef141..404e894 100644 +--- a/fs/btrfs/disk-io.c ++++ b/fs/btrfs/disk-io.c +@@ -1787,7 +1787,6 @@ static int cleaner_kthread(void *arg) + int again; + struct btrfs_trans_handle *trans; + +- set_freezable(); + do { + again = 0; + +-- +cgit v0.12 + diff --git a/0001-4.4-revert-xfs.patch b/0001-4.4-revert-xfs.patch new file mode 100644 index 0000000..93eb192 --- /dev/null +++ b/0001-4.4-revert-xfs.patch @@ -0,0 +1,39 @@ +From 3e85286e75224fa3f08bdad20e78c8327742634e Mon Sep 17 00:00:00 2001 +From: Dave Chinner +Date: Tue, 19 Jan 2016 08:21:46 +1100 +Subject: Revert "xfs: clear PF_NOFREEZE for xfsaild kthread" + +This reverts commit 24ba16bb3d499c49974669cd8429c3e4138ab102 as it +prevents machines from suspending. This regression occurs when the +xfsaild is idle on entry to suspend, and so there s no activity to +wake it from it's idle sleep and hence see that it is supposed to +freeze. Hence the freezer times out waiting for it and suspend is +cancelled. + +There is no obvious fix for this short of freezing the filesystem +properly, so revert this change for now. + +cc: # 4.4 +Signed-off-by: Dave Chinner +Acked-by: Jiri Kosina +Reviewed-by: Brian Foster +Signed-off-by: Dave Chinner +--- + fs/xfs/xfs_trans_ail.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/fs/xfs/xfs_trans_ail.c b/fs/xfs/xfs_trans_ail.c +index aa67339..4f18fd9 100644 +--- a/fs/xfs/xfs_trans_ail.c ++++ b/fs/xfs/xfs_trans_ail.c +@@ -497,7 +497,6 @@ xfsaild( + long tout = 0; /* milliseconds */ + + current->flags |= PF_MEMALLOC; +- set_freezable(); + + while (!kthread_should_stop()) { + if (tout && tout <= 20) +-- +cgit v0.12 + diff --git a/CVE-2016-0728.patch b/CVE-2016-0728.patch deleted file mode 100644 index e915d82..0000000 --- a/CVE-2016-0728.patch +++ /dev/null @@ -1,78 +0,0 @@ -From 23567fd052a9abb6d67fe8e7a9ccdd9800a540f2 Mon Sep 17 00:00:00 2001 -From: Yevgeny Pats -Date: Tue, 19 Jan 2016 22:09:04 +0000 -Subject: [PATCH] KEYS: Fix keyring ref leak in join_session_keyring() - -This fixes CVE-2016-0728. - -If a thread is asked to join as a session keyring the keyring that's already -set as its session, we leak a keyring reference. - -This can be tested with the following program: - - #include - #include - #include - #include - - int main(int argc, const char *argv[]) - { - int i = 0; - key_serial_t serial; - - serial = keyctl(KEYCTL_JOIN_SESSION_KEYRING, - "leaked-keyring"); - if (serial < 0) { - perror("keyctl"); - return -1; - } - - if (keyctl(KEYCTL_SETPERM, serial, - KEY_POS_ALL | KEY_USR_ALL) < 0) { - perror("keyctl"); - return -1; - } - - for (i = 0; i < 100; i++) { - serial = keyctl(KEYCTL_JOIN_SESSION_KEYRING, - "leaked-keyring"); - if (serial < 0) { - perror("keyctl"); - return -1; - } - } - - return 0; - } - -If, after the program has run, there something like the following line in -/proc/keys: - -3f3d898f I--Q--- 100 perm 3f3f0000 0 0 keyring leaked-keyring: empty - -with a usage count of 100 * the number of times the program has been run, -then the kernel is malfunctioning. If leaked-keyring has zero usages or -has been garbage collected, then the problem is fixed. - -Reported-by: Yevgeny Pats -Signed-off-by: David Howells -Acked-by: Don Zickus -Acked-by: Prarit Bhargava -Acked-by: Jarod Wilson -Signed-off-by: James Morris ---- - security/keys/process_keys.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c -index a3f85d2a..e6d50172 100644 ---- a/security/keys/process_keys.c -+++ b/security/keys/process_keys.c -@@ -794,6 +794,7 @@ long join_session_keyring(const char *name) - ret = PTR_ERR(keyring); - goto error2; - } else if (keyring == new->session_keyring) { -+ key_put(keyring); - ret = 0; - goto error2; - } diff --git a/PKGBUILD b/PKGBUILD index d0e1a94..d899b48 100644 --- a/PKGBUILD +++ b/PKGBUILD @@ -2,8 +2,8 @@ pkgbase=linux-vfio _srcname=linux-4.4 -pkgver=4.4 -pkgrel=4 +pkgver=4.4.1 +pkgrel=1 arch=('i686' 'x86_64') url="http://www.kernel.org/" license=('GPL2') @@ -11,8 +11,8 @@ makedepends=('xmlto' 'docbook-xsl' 'kmod' 'inetutils' 'bc') options=('!strip') source=("https://www.kernel.org/pub/linux/kernel/v4.x/${_srcname}.tar.xz" "https://www.kernel.org/pub/linux/kernel/v4.x/${_srcname}.tar.sign" - #"https://www.kernel.org/pub/linux/kernel/v4.x/patch-${pkgver}.xz" - #"https://www.kernel.org/pub/linux/kernel/v4.x/patch-${pkgver}.sign" + "https://www.kernel.org/pub/linux/kernel/v4.x/patch-${pkgver}.xz" + "https://www.kernel.org/pub/linux/kernel/v4.x/patch-${pkgver}.sign" # the main kernel config files 'config' 'config.x86_64' # standard config files for mkinitcpio ramdisk @@ -20,18 +20,22 @@ source=("https://www.kernel.org/pub/linux/kernel/v4.x/${_srcname}.tar.xz" 'change-default-console-loglevel.patch' '0001-sdhci-revert.patch' 'tpmdd-devel-v3-base-platform-fix-binding-for-drivers-without-probe-callback.patch' - 'CVE-2016-0728.patch' + '0001-4.4-revert-btrfs.patch' + '0001-4.4-revert-xfs.patch' 'override_for_missing_acs_capabilities.patch' 'i915_317.patch') sha256sums=('401d7c8fef594999a460d10c72c5a94e9c2e1022f16795ec51746b0d165418b2' 'SKIP' - 'd402c67f5a7334ac9e242344055ef4ac63fe43a1d8f1cda82eddd59d7242a63e' - 'ddeadf2910deb0803d4d4920c4dc7f07d3fb63bca564073aeb5f6181358f20d7' + 'c0218043e61da3921cd14579ae4a8774a6fdad91667a9fdb851d0a35f62edb48' + 'SKIP' + 'fbbae1d873900e84d1b7ef00593fbb94fc79f078a34b22ee824bab8b0a92be64' + '756a168bbc3bb582f0df45b977c32af53658f21d62fe15171c9ac85f52d8852a' 'f0d90e756f14533ee67afda280500511a62465b4f76adcc5effa95a40045179c' '1256b241cd477b265a3c2d64bdc19ffe3c9bbcee82ea3994c590c2c76e767d99' '5313df7cb5b4d005422bd4cd0dae956b2dadba8f3db904275aaf99ac53894375' 'ab57037ecee0a425c612babdff47c831378bca0bff063a1308599989a350226d' - '03bed5b1c6ef34a917e218a46d38cd1347c5ab5693131996113c6cad275dc4e9' + '51586b733e9f178bebe577258b6057b035eded516ffe8bf8bbb26cb0b26c4958' + 'ffbfaa192d17bfc7c6293aa9a07efe57f65177051ae3d8033d5e45a7bca2e0ad' '975f79348119bfba8dd972a9fbfe6b38484c45bfd228f2f6d48a0c02426ba149' 'b5a8eebbe75e1801b35d2f5197eba6f57123c224e09e97a7eb526f1fa58ac918') validpgpkeys=( @@ -45,7 +49,7 @@ prepare() { cd "${srcdir}/${_srcname}" # add upstream patch - #patch -p1 -i "${srcdir}/patch-${pkgver}" + patch -p1 -i "${srcdir}/patch-${pkgver}" # add latest fixes from stable queue, if needed # http://git.kernel.org/?p=linux/kernel/git/stable/stable-queue.git @@ -59,8 +63,9 @@ prepare() { # https://bugzilla.kernel.org/show_bug.cgi?id=110751 patch -Np1 -i "${srcdir}/tpmdd-devel-v3-base-platform-fix-binding-for-drivers-without-probe-callback.patch" - # fixes #47820 CVE-2016-0728.patch - patch -Np1 -i "${srcdir}/CVE-2016-0728.patch" + # #47757 fix broken suspend from btrfs and xfs + patch -Np1 -i "${srcdir}/0001-4.4-revert-xfs.patch" + patch -Np1 -i "${srcdir}/0001-4.4-revert-btrfs.patch" # set DEFAULT_CONSOLE_LOGLEVEL to 4 (same value as the 'quiet' kernel param) # remove this when a Kconfig knob is made available by upstream diff --git a/config b/config index 8020666..53cfc82 100644 --- a/config +++ b/config @@ -7546,7 +7546,7 @@ CONFIG_X86_PTDUMP_CORE=y # CONFIG_EFI_PGT_DUMP is not set CONFIG_DEBUG_RODATA=y # CONFIG_DEBUG_RODATA_TEST is not set -CONFIG_DEBUG_WX=y +# CONFIG_DEBUG_WX is not set CONFIG_DEBUG_SET_MODULE_RONX=y # CONFIG_DEBUG_NX_TEST is not set CONFIG_DOUBLEFAULT=y diff --git a/config.x86_64 b/config.x86_64 index 7f63808..90ea644 100644 --- a/config.x86_64 +++ b/config.x86_64 @@ -7286,7 +7286,7 @@ CONFIG_X86_PTDUMP_CORE=y # CONFIG_EFI_PGT_DUMP is not set CONFIG_DEBUG_RODATA=y # CONFIG_DEBUG_RODATA_TEST is not set -CONFIG_DEBUG_WX=y +# CONFIG_DEBUG_WX is not set CONFIG_DEBUG_SET_MODULE_RONX=y # CONFIG_DEBUG_NX_TEST is not set CONFIG_DOUBLEFAULT=y