4.4.1

.SRCINFO

@@ -1,8 +1,8 @@
 # Generated by mksrcinfo v8
-# Tue Feb  2 20:10:47 UTC 2016
+# Tue Feb  2 20:15:53 UTC 2016
 pkgbase = linux-vfio
-	pkgver = 4.4
-	pkgrel = 4
+	pkgver = 4.4.1
+	pkgrel = 1
 	url = http://www.kernel.org/
 	arch = i686
 	arch = x86_64
@@ -15,24 +15,30 @@ pkgbase = linux-vfio
 	options = !strip
 	source = https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.4.tar.xz
 	source = https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.4.tar.sign
+	source = https://www.kernel.org/pub/linux/kernel/v4.x/patch-4.4.1.xz
+	source = https://www.kernel.org/pub/linux/kernel/v4.x/patch-4.4.1.sign
 	source = config
 	source = config.x86_64
 	source = linux.preset
 	source = change-default-console-loglevel.patch
 	source = 0001-sdhci-revert.patch
 	source = tpmdd-devel-v3-base-platform-fix-binding-for-drivers-without-probe-callback.patch
-	source = CVE-2016-0728.patch
+	source = 0001-4.4-revert-btrfs.patch
+	source = 0001-4.4-revert-xfs.patch
 	source = override_for_missing_acs_capabilities.patch
 	source = i915_317.patch
 	sha256sums = 401d7c8fef594999a460d10c72c5a94e9c2e1022f16795ec51746b0d165418b2
 	sha256sums = SKIP
-	sha256sums = d402c67f5a7334ac9e242344055ef4ac63fe43a1d8f1cda82eddd59d7242a63e
-	sha256sums = ddeadf2910deb0803d4d4920c4dc7f07d3fb63bca564073aeb5f6181358f20d7
+	sha256sums = c0218043e61da3921cd14579ae4a8774a6fdad91667a9fdb851d0a35f62edb48
+	sha256sums = SKIP
+	sha256sums = fbbae1d873900e84d1b7ef00593fbb94fc79f078a34b22ee824bab8b0a92be64
+	sha256sums = 756a168bbc3bb582f0df45b977c32af53658f21d62fe15171c9ac85f52d8852a
 	sha256sums = f0d90e756f14533ee67afda280500511a62465b4f76adcc5effa95a40045179c
 	sha256sums = 1256b241cd477b265a3c2d64bdc19ffe3c9bbcee82ea3994c590c2c76e767d99
 	sha256sums = 5313df7cb5b4d005422bd4cd0dae956b2dadba8f3db904275aaf99ac53894375
 	sha256sums = ab57037ecee0a425c612babdff47c831378bca0bff063a1308599989a350226d
-	sha256sums = 03bed5b1c6ef34a917e218a46d38cd1347c5ab5693131996113c6cad275dc4e9
+	sha256sums = 51586b733e9f178bebe577258b6057b035eded516ffe8bf8bbb26cb0b26c4958
+	sha256sums = ffbfaa192d17bfc7c6293aa9a07efe57f65177051ae3d8033d5e45a7bca2e0ad
 	sha256sums = 975f79348119bfba8dd972a9fbfe6b38484c45bfd228f2f6d48a0c02426ba149
 	sha256sums = b5a8eebbe75e1801b35d2f5197eba6f57123c224e09e97a7eb526f1fa58ac918
 

0001-4.4-revert-btrfs.patch

@@ -0,0 +1,78 @@
+From 80ad623edd2d0ccb47d85357ee31c97e6c684e82 Mon Sep 17 00:00:00 2001
+From: David Sterba <dsterba@suse.com>
+Date: Mon, 25 Jan 2016 11:02:06 +0100
+Subject: Revert "btrfs: clear PF_NOFREEZE in cleaner_kthread()"
+
+This reverts commit 696249132158014d594896df3a81390616069c5c. The
+cleaner thread can block freezing when there's a snapshot cleaning in
+progress and the other threads get suspended first. From the logs
+provided by Martin we're waiting for reading extent pages:
+
+kernel: PM: Syncing filesystems ... done.
+kernel: Freezing user space processes ... (elapsed 0.015 seconds) done.
+kernel: Freezing remaining freezable tasks ...
+kernel: Freezing of tasks failed after 20.003 seconds (1 tasks refusing to freeze, wq_busy=0):
+kernel: btrfs-cleaner   D ffff88033dd13bc0     0   152      2 0x00000000
+kernel: ffff88032ebc2e00 ffff88032e750000 ffff88032e74fa50 7fffffffffffffff
+kernel: ffffffff814a58df 0000000000000002 ffffea000934d580 ffffffff814a5451
+kernel: 7fffffffffffffff ffffffff814a6e8f 0000000000000000 0000000000000020
+kernel: Call Trace:
+kernel: [<ffffffff814a58df>] ? bit_wait+0x2c/0x2c
+kernel: [<ffffffff814a5451>] ? schedule+0x6f/0x7c
+kernel: [<ffffffff814a6e8f>] ? schedule_timeout+0x2f/0xd8
+kernel: [<ffffffff81076f94>] ? timekeeping_get_ns+0xa/0x2e
+kernel: [<ffffffff81077603>] ? ktime_get+0x36/0x44
+kernel: [<ffffffff814a4f6c>] ? io_schedule_timeout+0x94/0xf2
+kernel: [<ffffffff814a4f6c>] ? io_schedule_timeout+0x94/0xf2
+kernel: [<ffffffff814a590b>] ? bit_wait_io+0x2c/0x30
+kernel: [<ffffffff814a5694>] ? __wait_on_bit+0x41/0x73
+kernel: [<ffffffff8109eba8>] ? wait_on_page_bit+0x6d/0x72
+kernel: [<ffffffff8105d718>] ? autoremove_wake_function+0x2a/0x2a
+kernel: [<ffffffff811a02d7>] ? read_extent_buffer_pages+0x1bd/0x203
+kernel: [<ffffffff8117d9e9>] ? free_root_pointers+0x4c/0x4c
+kernel: [<ffffffff8117e831>] ? btree_read_extent_buffer_pages.constprop.57+0x5a/0xe9
+kernel: [<ffffffff8117f4f3>] ? read_tree_block+0x2d/0x45
+kernel: [<ffffffff8116782a>] ? read_block_for_search.isra.34+0x22a/0x26b
+kernel: [<ffffffff811656c3>] ? btrfs_set_path_blocking+0x1e/0x4a
+kernel: [<ffffffff8116919b>] ? btrfs_search_slot+0x648/0x736
+kernel: [<ffffffff81170559>] ? btrfs_lookup_extent_info+0xb7/0x2c7
+kernel: [<ffffffff81170ee5>] ? walk_down_proc+0x9c/0x1ae
+kernel: [<ffffffff81171c9d>] ? walk_down_tree+0x40/0xa4
+kernel: [<ffffffff8117375f>] ? btrfs_drop_snapshot+0x2da/0x664
+kernel: [<ffffffff8104ff21>] ? finish_task_switch+0x126/0x167
+kernel: [<ffffffff811850f8>] ? btrfs_clean_one_deleted_snapshot+0xa6/0xb0
+kernel: [<ffffffff8117eaba>] ? cleaner_kthread+0x13e/0x17b
+kernel: [<ffffffff8117e97c>] ? btrfs_item_end+0x33/0x33
+kernel: [<ffffffff8104d256>] ? kthread+0x95/0x9d
+kernel: [<ffffffff8104d1c1>] ? kthread_parkme+0x16/0x16
+kernel: [<ffffffff814a7b5f>] ? ret_from_fork+0x3f/0x70
+kernel: [<ffffffff8104d1c1>] ? kthread_parkme+0x16/0x16
+
+As this affects a released kernel (4.4) we need a minimal fix for
+stable kernels.
+
+Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=108361
+Reported-by: Martin Ziegler <ziegler@uni-freiburg.de>
+CC: stable@vger.kernel.org # 4.4
+CC: Jiri Kosina <jkosina@suse.cz>
+Signed-off-by: David Sterba <dsterba@suse.com>
+Signed-off-by: Chris Mason <clm@fb.com>
+---
+ fs/btrfs/disk-io.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/fs/btrfs/disk-io.c b/fs/btrfs/disk-io.c
+index 26ef141..404e894 100644
+--- a/fs/btrfs/disk-io.c
++++ b/fs/btrfs/disk-io.c
+@@ -1787,7 +1787,6 @@ static int cleaner_kthread(void *arg)
+ 	int again;
+ 	struct btrfs_trans_handle *trans;
+ 
+-	set_freezable();
+ 	do {
+ 		again = 0;
+ 
+-- 
+cgit v0.12
+

0001-4.4-revert-xfs.patch

@@ -0,0 +1,39 @@
+From 3e85286e75224fa3f08bdad20e78c8327742634e Mon Sep 17 00:00:00 2001
+From: Dave Chinner <david@fromorbit.com>
+Date: Tue, 19 Jan 2016 08:21:46 +1100
+Subject: Revert "xfs: clear PF_NOFREEZE for xfsaild kthread"
+
+This reverts commit 24ba16bb3d499c49974669cd8429c3e4138ab102 as it
+prevents machines from suspending. This regression occurs when the
+xfsaild is idle on entry to suspend, and so there s no activity to
+wake it from it's idle sleep and hence see that it is supposed to
+freeze. Hence the freezer times out waiting for it and suspend is
+cancelled.
+
+There is no obvious fix for this short of freezing the filesystem
+properly, so revert this change for now.
+
+cc: <stable@vger.kernel.org> # 4.4
+Signed-off-by: Dave Chinner <david@fromorbit.com>
+Acked-by: Jiri Kosina <jkosina@suse.cz>
+Reviewed-by: Brian Foster <bfoster@redhat.com>
+Signed-off-by: Dave Chinner <david@fromorbit.com>
+---
+ fs/xfs/xfs_trans_ail.c | 1 -
+ 1 file changed, 1 deletion(-)
+
+diff --git a/fs/xfs/xfs_trans_ail.c b/fs/xfs/xfs_trans_ail.c
+index aa67339..4f18fd9 100644
+--- a/fs/xfs/xfs_trans_ail.c
++++ b/fs/xfs/xfs_trans_ail.c
+@@ -497,7 +497,6 @@ xfsaild(
+ 	long		tout = 0;	/* milliseconds */
+ 
+ 	current->flags |= PF_MEMALLOC;
+-	set_freezable();
+ 
+ 	while (!kthread_should_stop()) {
+ 		if (tout && tout <= 20)
+-- 
+cgit v0.12
+

CVE-2016-0728.patch

@@ -1,78 +0,0 @@
-From 23567fd052a9abb6d67fe8e7a9ccdd9800a540f2 Mon Sep 17 00:00:00 2001
-From: Yevgeny Pats <yevgeny@perception-point.io>
-Date: Tue, 19 Jan 2016 22:09:04 +0000
-Subject: [PATCH] KEYS: Fix keyring ref leak in join_session_keyring()
-
-This fixes CVE-2016-0728.
-
-If a thread is asked to join as a session keyring the keyring that's already
-set as its session, we leak a keyring reference.
-
-This can be tested with the following program:
-
-	#include <stddef.h>
-	#include <stdio.h>
-	#include <sys/types.h>
-	#include <keyutils.h>
-
-	int main(int argc, const char *argv[])
-	{
-		int i = 0;
-		key_serial_t serial;
-
-		serial = keyctl(KEYCTL_JOIN_SESSION_KEYRING,
-				"leaked-keyring");
-		if (serial < 0) {
-			perror("keyctl");
-			return -1;
-		}
-
-		if (keyctl(KEYCTL_SETPERM, serial,
-			   KEY_POS_ALL | KEY_USR_ALL) < 0) {
-			perror("keyctl");
-			return -1;
-		}
-
-		for (i = 0; i < 100; i++) {
-			serial = keyctl(KEYCTL_JOIN_SESSION_KEYRING,
-					"leaked-keyring");
-			if (serial < 0) {
-				perror("keyctl");
-				return -1;
-			}
-		}
-
-		return 0;
-	}
-
-If, after the program has run, there something like the following line in
-/proc/keys:
-
-3f3d898f I--Q---   100 perm 3f3f0000     0     0 keyring   leaked-keyring: empty
-
-with a usage count of 100 * the number of times the program has been run,
-then the kernel is malfunctioning.  If leaked-keyring has zero usages or
-has been garbage collected, then the problem is fixed.
-
-Reported-by: Yevgeny Pats <yevgeny@perception-point.io>
-Signed-off-by: David Howells <dhowells@redhat.com>
-Acked-by: Don Zickus <dzickus@redhat.com>
-Acked-by: Prarit Bhargava <prarit@redhat.com>
-Acked-by: Jarod Wilson <jarod@redhat.com>
-Signed-off-by: James Morris <james.l.morris@oracle.com>
----
- security/keys/process_keys.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c
-index a3f85d2a..e6d50172 100644
---- a/security/keys/process_keys.c
-+++ b/security/keys/process_keys.c
-@@ -794,6 +794,7 @@ long join_session_keyring(const char *name)
- 		ret = PTR_ERR(keyring);
- 		goto error2;
- 	} else if (keyring == new->session_keyring) {
-+		key_put(keyring);
- 		ret = 0;
- 		goto error2;
- 	}

PKGBUILD

@@ -2,8 +2,8 @@
 
 pkgbase=linux-vfio
 _srcname=linux-4.4
-pkgver=4.4
-pkgrel=4
+pkgver=4.4.1
+pkgrel=1
 arch=('i686' 'x86_64')
 url="http://www.kernel.org/"
 license=('GPL2')
@@ -11,8 +11,8 @@ makedepends=('xmlto' 'docbook-xsl' 'kmod' 'inetutils' 'bc')
 options=('!strip')
 source=("https://www.kernel.org/pub/linux/kernel/v4.x/${_srcname}.tar.xz"
         "https://www.kernel.org/pub/linux/kernel/v4.x/${_srcname}.tar.sign"
-        #"https://www.kernel.org/pub/linux/kernel/v4.x/patch-${pkgver}.xz"
-        #"https://www.kernel.org/pub/linux/kernel/v4.x/patch-${pkgver}.sign"
+        "https://www.kernel.org/pub/linux/kernel/v4.x/patch-${pkgver}.xz"
+        "https://www.kernel.org/pub/linux/kernel/v4.x/patch-${pkgver}.sign"
         # the main kernel config files
         'config' 'config.x86_64'
         # standard config files for mkinitcpio ramdisk
@@ -20,18 +20,22 @@ source=("https://www.kernel.org/pub/linux/kernel/v4.x/${_srcname}.tar.xz"
         'change-default-console-loglevel.patch'
         '0001-sdhci-revert.patch'
         'tpmdd-devel-v3-base-platform-fix-binding-for-drivers-without-probe-callback.patch'
-        'CVE-2016-0728.patch'
+        '0001-4.4-revert-btrfs.patch'
+        '0001-4.4-revert-xfs.patch'
         'override_for_missing_acs_capabilities.patch'
         'i915_317.patch')
 sha256sums=('401d7c8fef594999a460d10c72c5a94e9c2e1022f16795ec51746b0d165418b2'
             'SKIP'
-            'd402c67f5a7334ac9e242344055ef4ac63fe43a1d8f1cda82eddd59d7242a63e'
-            'ddeadf2910deb0803d4d4920c4dc7f07d3fb63bca564073aeb5f6181358f20d7'
+            'c0218043e61da3921cd14579ae4a8774a6fdad91667a9fdb851d0a35f62edb48'
+            'SKIP'
+            'fbbae1d873900e84d1b7ef00593fbb94fc79f078a34b22ee824bab8b0a92be64'
+            '756a168bbc3bb582f0df45b977c32af53658f21d62fe15171c9ac85f52d8852a'
             'f0d90e756f14533ee67afda280500511a62465b4f76adcc5effa95a40045179c'
             '1256b241cd477b265a3c2d64bdc19ffe3c9bbcee82ea3994c590c2c76e767d99'
             '5313df7cb5b4d005422bd4cd0dae956b2dadba8f3db904275aaf99ac53894375'
             'ab57037ecee0a425c612babdff47c831378bca0bff063a1308599989a350226d'
-            '03bed5b1c6ef34a917e218a46d38cd1347c5ab5693131996113c6cad275dc4e9'
+            '51586b733e9f178bebe577258b6057b035eded516ffe8bf8bbb26cb0b26c4958'
+            'ffbfaa192d17bfc7c6293aa9a07efe57f65177051ae3d8033d5e45a7bca2e0ad'
             '975f79348119bfba8dd972a9fbfe6b38484c45bfd228f2f6d48a0c02426ba149'
             'b5a8eebbe75e1801b35d2f5197eba6f57123c224e09e97a7eb526f1fa58ac918')
 validpgpkeys=(
@@ -45,7 +49,7 @@ prepare() {
   cd "${srcdir}/${_srcname}"
 
   # add upstream patch
-  #patch -p1 -i "${srcdir}/patch-${pkgver}"
+  patch -p1 -i "${srcdir}/patch-${pkgver}"
 
   # add latest fixes from stable queue, if needed
   # http://git.kernel.org/?p=linux/kernel/git/stable/stable-queue.git
@@ -59,8 +63,9 @@ prepare() {
   # https://bugzilla.kernel.org/show_bug.cgi?id=110751
   patch -Np1 -i "${srcdir}/tpmdd-devel-v3-base-platform-fix-binding-for-drivers-without-probe-callback.patch"
 
-  # fixes #47820 CVE-2016-0728.patch
-  patch -Np1 -i "${srcdir}/CVE-2016-0728.patch"
+  # #47757 fix broken suspend from btrfs and xfs
+  patch -Np1 -i "${srcdir}/0001-4.4-revert-xfs.patch"
+  patch -Np1 -i "${srcdir}/0001-4.4-revert-btrfs.patch"
 
   # set DEFAULT_CONSOLE_LOGLEVEL to 4 (same value as the 'quiet' kernel param)
   # remove this when a Kconfig knob is made available by upstream

config

@@ -7546,7 +7546,7 @@ CONFIG_X86_PTDUMP_CORE=y
 # CONFIG_EFI_PGT_DUMP is not set
 CONFIG_DEBUG_RODATA=y
 # CONFIG_DEBUG_RODATA_TEST is not set
-CONFIG_DEBUG_WX=y
+# CONFIG_DEBUG_WX is not set
 CONFIG_DEBUG_SET_MODULE_RONX=y
 # CONFIG_DEBUG_NX_TEST is not set
 CONFIG_DOUBLEFAULT=y

config.x86_64

@@ -7286,7 +7286,7 @@ CONFIG_X86_PTDUMP_CORE=y
 # CONFIG_EFI_PGT_DUMP is not set
 CONFIG_DEBUG_RODATA=y
 # CONFIG_DEBUG_RODATA_TEST is not set
-CONFIG_DEBUG_WX=y
+# CONFIG_DEBUG_WX is not set
 CONFIG_DEBUG_SET_MODULE_RONX=y
 # CONFIG_DEBUG_NX_TEST is not set
 CONFIG_DOUBLEFAULT=y