November 2017 - Linux-stable-mirror

[Linux-stable-mirror] Patch "ppp: fix race in ppp device destruction" has been added to the 4.4-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled ppp: fix race in ppp device destruction to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: ppp-fix-race-in-ppp-device-destruction.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Thu Nov 16 15:08:14 CET 2017 From: Guillaume Nault <g.nault(a)alphalink.fr> Date: Fri, 6 Oct 2017 17:05:49 +0200 Subject: ppp: fix race in ppp device destruction From: Guillaume Nault <g.nault(a)alphalink.fr> [ Upstream commit 6151b8b37b119e8e3a8401b080d532520c95faf4 ] ppp_release() tries to ensure that netdevices are unregistered before decrementing the unit refcount and running ppp_destroy_interface(). This is all fine as long as the the device is unregistered by ppp_release(): the unregister_netdevice() call, followed by rtnl_unlock(), guarantee that the unregistration process completes before rtnl_unlock() returns. However, the device may be unregistered by other means (like ppp_nl_dellink()). If this happens right before ppp_release() calling rtnl_lock(), then ppp_release() has to wait for the concurrent unregistration code to release the lock. But rtnl_unlock() releases the lock before completing the device unregistration process. This allows ppp_release() to proceed and eventually call ppp_destroy_interface() before the unregistration process completes. Calling free_netdev() on this partially unregistered device will BUG(): ------------[ cut here ]------------ kernel BUG at net/core/dev.c:8141! invalid opcode: 0000 [#1] SMP CPU: 1 PID: 1557 Comm: pppd Not tainted 4.14.0-rc2+ #4 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1.fc26 04/01/2014 Call Trace: ppp_destroy_interface+0xd8/0xe0 [ppp_generic] ppp_disconnect_channel+0xda/0x110 [ppp_generic] ppp_unregister_channel+0x5e/0x110 [ppp_generic] pppox_unbind_sock+0x23/0x30 [pppox] pppoe_connect+0x130/0x440 [pppoe] SYSC_connect+0x98/0x110 ? do_fcntl+0x2c0/0x5d0 SyS_connect+0xe/0x10 entry_SYSCALL_64_fastpath+0x1a/0xa5 RIP: free_netdev+0x107/0x110 RSP: ffffc28a40573d88 ---[ end trace ed294ff0cc40eeff ]--- We could set the ->needs_free_netdev flag on PPP devices and move the ppp_destroy_interface() logic in the ->priv_destructor() callback. But that'd be quite intrusive as we'd first need to unlink from the other channels and units that depend on the device (the ones that used the PPPIOCCONNECT and PPPIOCATTACH ioctls). Instead, we can just let the netdevice hold a reference on its ppp_file. This reference is dropped in ->priv_destructor(), at the very end of the unregistration process, so that neither ppp_release() nor ppp_disconnect_channel() can call ppp_destroy_interface() in the interim. Reported-by: Beniamino Galvani <bgalvani(a)redhat.com> Fixes: 8cb775bc0a34 ("ppp: fix device unregistration upon netns deletion") Signed-off-by: Guillaume Nault <g.nault(a)alphalink.fr> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- drivers/net/ppp/ppp_generic.c | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) --- a/drivers/net/ppp/ppp_generic.c +++ b/drivers/net/ppp/ppp_generic.c @@ -1110,7 +1110,17 @@ ppp_get_stats64(struct net_device *dev, static struct lock_class_key ppp_tx_busylock; static int ppp_dev_init(struct net_device *dev) { + struct ppp *ppp; + dev->qdisc_tx_busylock = &ppp_tx_busylock; + + ppp = netdev_priv(dev); + /* Let the netdevice take a reference on the ppp file. This ensures + * that ppp_destroy_interface() won't run before the device gets + * unregistered. + */ + atomic_inc(&ppp->file.refcnt); + return 0; } @@ -1133,6 +1143,15 @@ static void ppp_dev_uninit(struct net_de wake_up_interruptible(&ppp->file.rwait); } +static void ppp_dev_priv_destructor(struct net_device *dev) +{ + struct ppp *ppp; + + ppp = netdev_priv(dev); + if (atomic_dec_and_test(&ppp->file.refcnt)) + ppp_destroy_interface(ppp); +} + static const struct net_device_ops ppp_netdev_ops = { .ndo_init = ppp_dev_init, .ndo_uninit = ppp_dev_uninit, @@ -1150,6 +1169,7 @@ static void ppp_setup(struct net_device dev->tx_queue_len = 3; dev->type = ARPHRD_PPP; dev->flags = IFF_POINTOPOINT | IFF_NOARP | IFF_MULTICAST; + dev->destructor = ppp_dev_priv_destructor; netif_keep_dst(dev); } Patches currently in stable-queue which might be from g.nault(a)alphalink.fr are queue-4.4/ppp-fix-race-in-ppp-device-destruction.patch queue-4.4/l2tp-check-ps-sock-before-running-pppol2tp_session_ioctl.patch

7 years, 1 month

1
0
0 0

[Linux-stable-mirror] Patch "packet: avoid panic in packet_getsockopt()" has been added to the 4.4-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled packet: avoid panic in packet_getsockopt() to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: packet-avoid-panic-in-packet_getsockopt.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Thu Nov 16 15:08:14 CET 2017 From: Eric Dumazet <edumazet(a)google.com> Date: Wed, 18 Oct 2017 16:14:52 -0700 Subject: packet: avoid panic in packet_getsockopt() From: Eric Dumazet <edumazet(a)google.com> [ Upstream commit 509c7a1ecc8601f94ffba8a00889fefb239c00c6 ] syzkaller got crashes in packet_getsockopt() processing PACKET_ROLLOVER_STATS command while another thread was managing to change po->rollover Using RCU will fix this bug. We might later add proper RCU annotations for sparse sake. In v2: I replaced kfree(rollover) in fanout_add() to kfree_rcu() variant, as spotted by John. Fixes: a9b6391814d5 ("packet: rollover statistics") Signed-off-by: Eric Dumazet <edumazet(a)google.com> Cc: Willem de Bruijn <willemb(a)google.com> Cc: John Sperbeck <jsperbeck(a)google.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- net/packet/af_packet.c | 24 ++++++++++++++++-------- 1 file changed, 16 insertions(+), 8 deletions(-) --- a/net/packet/af_packet.c +++ b/net/packet/af_packet.c @@ -1724,7 +1724,7 @@ static int fanout_add(struct sock *sk, u out: if (err && rollover) { - kfree(rollover); + kfree_rcu(rollover, rcu); po->rollover = NULL; } mutex_unlock(&fanout_mutex); @@ -1751,8 +1751,10 @@ static struct packet_fanout *fanout_rele else f = NULL; - if (po->rollover) + if (po->rollover) { kfree_rcu(po->rollover, rcu); + po->rollover = NULL; + } } mutex_unlock(&fanout_mutex); @@ -3769,6 +3771,7 @@ static int packet_getsockopt(struct sock void *data = &val; union tpacket_stats_u st; struct tpacket_rollover_stats rstats; + struct packet_rollover *rollover; if (level != SOL_PACKET) return -ENOPROTOOPT; @@ -3847,13 +3850,18 @@ static int packet_getsockopt(struct sock 0); break; case PACKET_ROLLOVER_STATS: - if (!po->rollover) + rcu_read_lock(); + rollover = rcu_dereference(po->rollover); + if (rollover) { + rstats.tp_all = atomic_long_read(&rollover->num); + rstats.tp_huge = atomic_long_read(&rollover->num_huge); + rstats.tp_failed = atomic_long_read(&rollover->num_failed); + data = &rstats; + lv = sizeof(rstats); + } + rcu_read_unlock(); + if (!rollover) return -EINVAL; - rstats.tp_all = atomic_long_read(&po->rollover->num); - rstats.tp_huge = atomic_long_read(&po->rollover->num_huge); - rstats.tp_failed = atomic_long_read(&po->rollover->num_failed); - data = &rstats; - lv = sizeof(rstats); break; case PACKET_TX_HAS_OFF: val = po->tp_tx_has_off; Patches currently in stable-queue which might be from edumazet(a)google.com are queue-4.4/tcp-fix-tcp_mtu_probe-vs-highest_sack.patch queue-4.4/ipv6-flowlabel-do-not-leave-opt-tot_len-with-garbage.patch queue-4.4/packet-avoid-panic-in-packet_getsockopt.patch queue-4.4/sctp-add-the-missing-sock_owned_by_user-check-in-sctp_icmp_redirect.patch queue-4.4/tun-tap-sanitize-tunsetsndbuf-input.patch

7 years, 1 month

1
0
0 0

[Linux-stable-mirror] Patch "net/unix: don't show information about sockets from other namespaces" has been added to the 4.4-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled net/unix: don't show information about sockets from other namespaces to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: net-unix-don-t-show-information-about-sockets-from-other-namespaces.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Thu Nov 16 15:08:14 CET 2017 From: Andrei Vagin <avagin(a)openvz.org> Date: Wed, 25 Oct 2017 10:16:42 -0700 Subject: net/unix: don't show information about sockets from other namespaces From: Andrei Vagin <avagin(a)openvz.org> [ Upstream commit 0f5da659d8f1810f44de14acf2c80cd6499623a0 ] socket_diag shows information only about sockets from a namespace where a diag socket lives. But if we request information about one unix socket, the kernel don't check that its netns is matched with a diag socket namespace, so any user can get information about any unix socket in a system. This looks like a bug. v2: add a Fixes tag Fixes: 51d7cccf0723 ("net: make sock diag per-namespace") Signed-off-by: Andrei Vagin <avagin(a)openvz.org> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- net/unix/diag.c | 2 ++ 1 file changed, 2 insertions(+) --- a/net/unix/diag.c +++ b/net/unix/diag.c @@ -257,6 +257,8 @@ static int unix_diag_get_exact(struct sk err = -ENOENT; if (sk == NULL) goto out_nosk; + if (!net_eq(sock_net(sk), net)) + goto out; err = sock_diag_check_cookie(sk, req->udiag_cookie); if (err) Patches currently in stable-queue which might be from avagin(a)openvz.org are queue-4.4/net-unix-don-t-show-information-about-sockets-from-other-namespaces.patch

7 years, 1 month

1
0
0 0

[Linux-stable-mirror] Patch "l2tp: check ps->sock before running pppol2tp_session_ioctl()" has been added to the 4.4-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled l2tp: check ps->sock before running pppol2tp_session_ioctl() to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: l2tp-check-ps-sock-before-running-pppol2tp_session_ioctl.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Thu Nov 16 15:08:14 CET 2017 From: Guillaume Nault <g.nault(a)alphalink.fr> Date: Fri, 13 Oct 2017 19:22:35 +0200 Subject: l2tp: check ps->sock before running pppol2tp_session_ioctl() From: Guillaume Nault <g.nault(a)alphalink.fr> [ Upstream commit 5903f594935a3841137c86b9d5b75143a5b7121c ] When pppol2tp_session_ioctl() is called by pppol2tp_tunnel_ioctl(), the session may be unconnected. That is, it was created by pppol2tp_session_create() and hasn't been connected with pppol2tp_connect(). In this case, ps->sock is NULL, so we need to check for this case in order to avoid dereferencing a NULL pointer. Fixes: 309795f4bec2 ("l2tp: Add netlink control API for L2TP") Signed-off-by: Guillaume Nault <g.nault(a)alphalink.fr> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- net/l2tp/l2tp_ppp.c | 3 +++ 1 file changed, 3 insertions(+) --- a/net/l2tp/l2tp_ppp.c +++ b/net/l2tp/l2tp_ppp.c @@ -1015,6 +1015,9 @@ static int pppol2tp_session_ioctl(struct session->name, cmd, arg); sk = ps->sock; + if (!sk) + return -EBADR; + sock_hold(sk); switch (cmd) { Patches currently in stable-queue which might be from g.nault(a)alphalink.fr are queue-4.4/ppp-fix-race-in-ppp-device-destruction.patch queue-4.4/l2tp-check-ps-sock-before-running-pppol2tp_session_ioctl.patch

7 years, 1 month

1
0
0 0

[Linux-stable-mirror] Patch "ipv6: flowlabel: do not leave opt->tot_len with garbage" has been added to the 4.4-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled ipv6: flowlabel: do not leave opt->tot_len with garbage to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: ipv6-flowlabel-do-not-leave-opt-tot_len-with-garbage.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Thu Nov 16 15:08:14 CET 2017 From: Eric Dumazet <edumazet(a)google.com> Date: Sat, 21 Oct 2017 12:26:23 -0700 Subject: ipv6: flowlabel: do not leave opt->tot_len with garbage From: Eric Dumazet <edumazet(a)google.com> [ Upstream commit 864e2a1f8aac05effac6063ce316b480facb46ff ] When syzkaller team brought us a C repro for the crash [1] that had been reported many times in the past, I finally could find the root cause. If FlowLabel info is merged by fl6_merge_options(), we leave part of the opt_space storage provided by udp/raw/l2tp with random value in opt_space.tot_len, unless a control message was provided at sendmsg() time. Then ip6_setup_cork() would use this random value to perform a kzalloc() call. Undefined behavior and crashes. Fix is to properly set tot_len in fl6_merge_options() At the same time, we can also avoid consuming memory and cpu cycles to clear it, if every option is copied via a kmemdup(). This is the change in ip6_setup_cork(). [1] kasan: CONFIG_KASAN_INLINE enabled kasan: GPF could be caused by NULL-ptr deref or user memory access general protection fault: 0000 [#1] SMP KASAN Dumping ftrace buffer: (ftrace buffer empty) Modules linked in: CPU: 0 PID: 6613 Comm: syz-executor0 Not tainted 4.14.0-rc4+ #127 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 task: ffff8801cb64a100 task.stack: ffff8801cc350000 RIP: 0010:ip6_setup_cork+0x274/0x15c0 net/ipv6/ip6_output.c:1168 RSP: 0018:ffff8801cc357550 EFLAGS: 00010203 RAX: dffffc0000000000 RBX: ffff8801cc357748 RCX: 0000000000000010 RDX: 0000000000000002 RSI: ffffffff842bd1d9 RDI: 0000000000000014 RBP: ffff8801cc357620 R08: ffff8801cb17f380 R09: ffff8801cc357b10 R10: ffff8801cb64a100 R11: 0000000000000000 R12: ffff8801cc357ab0 R13: ffff8801cc357b10 R14: 0000000000000000 R15: ffff8801c3bbf0c0 FS: 00007f9c5c459700(0000) GS:ffff8801db200000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000020324000 CR3: 00000001d1cf2000 CR4: 00000000001406f0 DR0: 0000000020001010 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600 Call Trace: ip6_make_skb+0x282/0x530 net/ipv6/ip6_output.c:1729 udpv6_sendmsg+0x2769/0x3380 net/ipv6/udp.c:1340 inet_sendmsg+0x11f/0x5e0 net/ipv4/af_inet.c:762 sock_sendmsg_nosec net/socket.c:633 [inline] sock_sendmsg+0xca/0x110 net/socket.c:643 SYSC_sendto+0x358/0x5a0 net/socket.c:1750 SyS_sendto+0x40/0x50 net/socket.c:1718 entry_SYSCALL_64_fastpath+0x1f/0xbe RIP: 0033:0x4520a9 RSP: 002b:00007f9c5c458c08 EFLAGS: 00000216 ORIG_RAX: 000000000000002c RAX: ffffffffffffffda RBX: 0000000000718000 RCX: 00000000004520a9 RDX: 0000000000000001 RSI: 0000000020fd1000 RDI: 0000000000000016 RBP: 0000000000000086 R08: 0000000020e0afe4 R09: 000000000000001c R10: 0000000000000000 R11: 0000000000000216 R12: 00000000004bb1ee R13: 00000000ffffffff R14: 0000000000000016 R15: 0000000000000029 Code: e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 ea 0f 00 00 48 8d 79 04 48 b8 00 00 00 00 00 fc ff df 45 8b 74 24 04 48 89 fa 48 c1 ea 03 <0f> b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 RIP: ip6_setup_cork+0x274/0x15c0 net/ipv6/ip6_output.c:1168 RSP: ffff8801cc357550 Signed-off-by: Eric Dumazet <edumazet(a)google.com> Reported-by: Dmitry Vyukov <dvyukov(a)google.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- net/ipv6/ip6_flowlabel.c | 1 + net/ipv6/ip6_output.c | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) --- a/net/ipv6/ip6_flowlabel.c +++ b/net/ipv6/ip6_flowlabel.c @@ -315,6 +315,7 @@ struct ipv6_txoptions *fl6_merge_options } opt_space->dst1opt = fopt->dst1opt; opt_space->opt_flen = fopt->opt_flen; + opt_space->tot_len = fopt->tot_len; return opt_space; } EXPORT_SYMBOL_GPL(fl6_merge_options); --- a/net/ipv6/ip6_output.c +++ b/net/ipv6/ip6_output.c @@ -1201,11 +1201,11 @@ static int ip6_setup_cork(struct sock *s if (WARN_ON(v6_cork->opt)) return -EINVAL; - v6_cork->opt = kzalloc(opt->tot_len, sk->sk_allocation); + v6_cork->opt = kzalloc(sizeof(*opt), sk->sk_allocation); if (unlikely(!v6_cork->opt)) return -ENOBUFS; - v6_cork->opt->tot_len = opt->tot_len; + v6_cork->opt->tot_len = sizeof(*opt); v6_cork->opt->opt_flen = opt->opt_flen; v6_cork->opt->opt_nflen = opt->opt_nflen; Patches currently in stable-queue which might be from edumazet(a)google.com are queue-4.4/tcp-fix-tcp_mtu_probe-vs-highest_sack.patch queue-4.4/ipv6-flowlabel-do-not-leave-opt-tot_len-with-garbage.patch queue-4.4/packet-avoid-panic-in-packet_getsockopt.patch queue-4.4/sctp-add-the-missing-sock_owned_by_user-check-in-sctp_icmp_redirect.patch queue-4.4/tun-tap-sanitize-tunsetsndbuf-input.patch

7 years, 1 month

1
0
0 0

[Linux-stable-mirror] Patch "ip6_gre: only increase err_count for some certain type icmpv6 in ip6gre_err" has been added to the 4.4-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled ip6_gre: only increase err_count for some certain type icmpv6 in ip6gre_err to the 4.4-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: ip6_gre-only-increase-err_count-for-some-certain-type-icmpv6-in-ip6gre_err.patch and it can be found in the queue-4.4 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From foo@baz Thu Nov 16 15:08:14 CET 2017 From: Xin Long <lucien.xin(a)gmail.com> Date: Thu, 26 Oct 2017 19:23:27 +0800 Subject: ip6_gre: only increase err_count for some certain type icmpv6 in ip6gre_err From: Xin Long <lucien.xin(a)gmail.com> [ Upstream commit f8d20b46ce55cf40afb30dcef6d9288f7ef46d9b ] The similar fix in patch 'ipip: only increase err_count for some certain type icmp in ipip_err' is needed for ip6gre_err. In Jianlin's case, udp netperf broke even when receiving a TooBig icmpv6 packet. Fixes: c12b395a4664 ("gre: Support GRE over IPv6") Reported-by: Jianlin Shi <jishi(a)redhat.com> Signed-off-by: Xin Long <lucien.xin(a)gmail.com> Signed-off-by: David S. Miller <davem(a)davemloft.net> Signed-off-by: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> --- net/ipv6/ip6_gre.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) --- a/net/ipv6/ip6_gre.c +++ b/net/ipv6/ip6_gre.c @@ -409,13 +409,16 @@ static void ip6gre_err(struct sk_buff *s case ICMPV6_DEST_UNREACH: net_dbg_ratelimited("%s: Path to destination invalid or inactive!\n", t->parms.name); - break; + if (code != ICMPV6_PORT_UNREACH) + break; + return; case ICMPV6_TIME_EXCEED: if (code == ICMPV6_EXC_HOPLIMIT) { net_dbg_ratelimited("%s: Too small hop limit or routing loop in tunnel!\n", t->parms.name); + break; } - break; + return; case ICMPV6_PARAMPROB: teli = 0; if (code == ICMPV6_HDR_FIELD) @@ -431,13 +434,13 @@ static void ip6gre_err(struct sk_buff *s net_dbg_ratelimited("%s: Recipient unable to parse tunneled packet!\n", t->parms.name); } - break; + return; case ICMPV6_PKT_TOOBIG: mtu = be32_to_cpu(info) - offset; if (mtu < IPV6_MIN_MTU) mtu = IPV6_MIN_MTU; t->dev->mtu = mtu; - break; + return; } if (time_before(jiffies, t->err_time + IP6TUNNEL_ERR_TIMEO)) Patches currently in stable-queue which might be from lucien.xin(a)gmail.com are queue-4.4/sctp-reset-owner-sk-for-data-chunks-on-out-queues-when-migrating-a-sock.patch queue-4.4/sctp-add-the-missing-sock_owned_by_user-check-in-sctp_icmp_redirect.patch queue-4.4/ip6_gre-only-increase-err_count-for-some-certain-type-icmpv6-in-ip6gre_err.patch

7 years, 1 month

1
0
0 0

[Linux-stable-mirror] [PATCHES] Networking

by David Miller

Please queue up the following bug fixes to 4.9.x and 4.13.x -stable, respectively. Thank you!

7 years, 1 month

2
1
0 0

[Linux-stable-mirror] [PATCH] fealnx: Fix building error on MIPS

by Huacai Chen

This patch try to fix the building error on MIPS. The reason is MIPS has already defined the LONG macro, which conflicts with the LONG enum in drivers/net/ethernet/fealnx.c. Cc: stable(a)vger.kernel.org Signed-off-by: Huacai Chen <chenhc(a)lemote.com> --- drivers/net/ethernet/fealnx.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/drivers/net/ethernet/fealnx.c b/drivers/net/ethernet/fealnx.c index 2305391..ae55da6 100644 --- a/drivers/net/ethernet/fealnx.c +++ b/drivers/net/ethernet/fealnx.c @@ -257,8 +257,8 @@ enum rx_desc_status_bits { RXFSD = 0x00000800, /* first descriptor */ RXLSD = 0x00000400, /* last descriptor */ ErrorSummary = 0x80, /* error summary */ - RUNT = 0x40, /* runt packet received */ - LONG = 0x20, /* long packet received */ + RUNTPKT = 0x40, /* runt packet received */ + LONGPKT = 0x20, /* long packet received */ FAE = 0x10, /* frame align error */ CRC = 0x08, /* crc error */ RXER = 0x04, /* receive error */ @@ -1628,7 +1628,7 @@ static int netdev_rx(struct net_device *dev) dev->name, rx_status); dev->stats.rx_errors++; /* end of a packet. */ - if (rx_status & (LONG | RUNT)) + if (rx_status & (LONGPKT | RUNTPKT)) dev->stats.rx_length_errors++; if (rx_status & RXER) dev->stats.rx_frame_errors++; -- 2.7.0

7 years, 1 month

2
1
0 0

[Linux-stable-mirror] [PATCH 4.9 00/87] 4.9.62-stable review

by Greg Kroah-Hartman

This is the start of the stable review cycle for the 4.9.62 release. There are 87 patches in this series, all will be posted as a response to this one. If anyone has any issues with these being applied, please let me know. Responses should be made by Wed Nov 15 12:55:40 UTC 2017. Anything received after that time might be too late. The whole patch series can be found in one patch at: kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.9.62-rc1.gz or in the git tree and branch at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable-rc.git linux-4.9.y and the diffstat can be found below. thanks, greg k-h ------------- Pseudo-Shortlog of commits: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Linux 4.9.62-rc1 Borislav Petkov <bp(a)suse.de> x86/oprofile/ppro: Do not use __this_cpu*() in preemptible context Pavel Tatashin <pasha.tatashin(a)oracle.com> x86/smpboot: Make optimization of delay calibration work correctly Florian Westphal <fw(a)strlen.de> netfilter: nat: Revert "netfilter: nat: convert nat bysrc hash to rhashtable" Richard Schütz <rschuetz(a)uni-koblenz.de> can: c_can: don't indicate triple sampling support for D_CAN Marek Vasut <marex(a)denx.de> can: ifi: Fix transmitter delay calculation Gerhard Bertelsmann <info(a)gerhard-bertelsmann.de> can: sun4i: handle overrun in RX FIFO John Stultz <john.stultz(a)linaro.org> drm/bridge: adv7511: Re-write the i2c address before EDID probing John Stultz <john.stultz(a)linaro.org> drm/bridge: adv7511: Reuse __adv7511_power_on/off() when probing EDID John Stultz <john.stultz(a)linaro.org> drm/bridge: adv7511: Rework adv7511_power_on/off() so they can be reused internally Sinclair Yeh <syeh(a)vmware.com> drm/vmwgfx: Fix Ubuntu 17.10 Wayland black screen issue Ilya Dryomov <idryomov(a)gmail.com> rbd: use GFP_NOIO for parent stat and data requests Kai-Heng Feng <kai.heng.feng(a)canonical.com> Input: elan_i2c - add ELAN060C to the ACPI table Oswald Buddenhagen <oswald.buddenhagen(a)gmx.de> MIPS: AR7: Ensure that serial ports are properly set up Jonas Gorski <jonas.gorski(a)gmail.com> MIPS: AR7: Defer registration of GPIO Jaedon Shin <jaedon.shin(a)gmail.com> MIPS: BMIPS: Fix missing cbr address Marcus Cooper <codekipper(a)gmail.com> ASoC: sun4i-spdif: remove legacy dapm components Luis R. Rodriguez <mcgrof(a)kernel.org> tools: firmware: check for distro fallback udev cancel rule Luis R. Rodriguez <mcgrof(a)kernel.org> selftests: firmware: send expected errors to /dev/null Matt Redfearn <matt.redfearn(a)imgtec.com> MIPS: SMP: Fix deadlock & online race Matija Glavinic Pecotic <matija.glavinic-pecotic.ext(a)nokia.com> MIPS: Fix race on setting and getting cpu_online_mask Matt Redfearn <matt.redfearn(a)imgtec.com> MIPS: SMP: Use a completion event to signal CPU up Paul Burton <paul.burton(a)mips.com> MIPS: Fix CM region target definitions Gustavo A. R. Silva <garsilva(a)embeddedor.com> MIPS: microMIPS: Fix incorrect mask in insn_table_MM Maarten Lankhorst <maarten.lankhorst(a)linux.intel.com> drm/i915: Do not rely on wm preservation for ILK watermarks Takashi Iwai <tiwai(a)suse.de> ALSA: seq: Avoid invalid lockdep class warning Takashi Iwai <tiwai(a)suse.de> ALSA: seq: Fix OSS sysex delivery in OSS emulation Mark Rutland <mark.rutland(a)arm.com> ARM: 8720/1: ensure dump_instr() checks addr_limit Eric Biggers <ebiggers(a)google.com> KEYS: fix NULL pointer dereference during ASN.1 parsing [ver #2] Andrey Ryabinin <aryabinin(a)virtuozzo.com> crypto: x86/sha256-mb - fix panic due to unaligned access Andrey Ryabinin <aryabinin(a)virtuozzo.com> crypto: x86/sha1-mb - fix panic due to unaligned access Romain Izard <romain.izard.pro(a)gmail.com> crypto: ccm - preserve the IV buffer Li Bin <huawei.libin(a)huawei.com> workqueue: Fix NULL pointer dereference Peter Zijlstra <peterz(a)infradead.org> x86/uaccess, sched/preempt: Verify access_ok() context Carlo Caione <carlo(a)endlessm.com> platform/x86: hp-wmi: Do not shadow error values Carlo Caione <carlo(a)endlessm.com> platform/x86: hp-wmi: Fix error value for hp_wmi_tablet_state Eric Biggers <ebiggers(a)google.com> KEYS: trusted: fix writing past end of buffer in trusted_read() Eric Biggers <ebiggers(a)google.com> KEYS: trusted: sanitize all key material Enrico Mioso <mrkiko.rs(a)gmail.com> cdc_ncm: Set NTB format again after altsetting switch for Huawei devices Carlo Caione <carlo(a)endlessm.com> platform/x86: hp-wmi: Fix detection for dock and tablet mode Vivien Didelot <vivien.didelot(a)savoirfairelinux.com> net: dsa: select NET_SWITCHDEV Thomas Petazzoni <thomas.petazzoni(a)free-electrons.com> clk: mvebu: adjust AP806 CPU clock frequencies to production chip Bart Van Assche <bart.vanassche(a)sandisk.com> IB/rxe: Fix reference leaks in memory key invalidation code Bjorn Andersson <bjorn.andersson(a)linaro.org> wcn36xx: Don't use the destroyed hal_mutex Julian Wiedmann <jwi(a)linux.vnet.ibm.com> s390/qeth: issue STARTLAN as first IPA command Ursula Braun <ubraun(a)linux.vnet.ibm.com> s390/qeth: fix retrieval of vipa and proxy-arp addresses Patrice Chotard <patrice.chotard(a)st.com> ARM: dts: STiH410-family: fix wrong parent clock frequency Feras Daoud <ferasda(a)mellanox.com> IB/ipoib: Change list_del to list_del_init in the tx object Frederic Weisbecker <fweisbec(a)gmail.com> sched/cputime, powerpc32: Fix stale scaled stime on context switch Akinobu Mita <akinobu.mita(a)gmail.com> Input: mpr121 - set missing event capability Akinobu Mita <akinobu.mita(a)gmail.com> Input: mpr121 - handle multiple bits change of status register Heiko Carstens <heiko.carstens(a)de.ibm.com> s390/topology: make "topology=off" parameter work Yazen Ghannam <Yazen.Ghannam(a)amd.com> EDAC, amd64: Save and return err code from probe_one_instance() Gilad Ben-Yossef <gilad(a)benyossef.com> IPsec: do not ignore crypto err in ah4 input John Johansen <john.johansen(a)canonical.com> apparmor: fix undefined reference to `aa_g_hash_policy' Stanislaw Gruszka <sgruszka(a)redhat.com> rt2800usb: mark tx failure on timeout Rafał Miłecki <rafal(a)milecki.pl> brcmfmac: setup wiphy bands after registering it first Liping Zhang <zlpnobody(a)gmail.com> netfilter: nft_meta: deal with PACKET_LOOPBACK in netdev family William wu <wulf(a)rock-chips.com> usb: hcd: initialize hcd->flags to 0 when rm hcd Pan Bian <bianpan2016(a)163.com> libertas: fix improper return value Laurent Pinchart <laurent.pinchart+renesas(a)ideasonboard.com> serial: sh-sci: Fix register offsets for the IRDA serial port Volodymyr Bendiuga <volodymyr.bendiuga(a)gmail.com> phy: increase size of MII_BUS_ID_SIZE and bus_id David Lechner <david(a)lechnology.com> dt-bindings: Add vendor prefix for LEGO David Lechner <david(a)lechnology.com> dt-bindings: Add LEGO MINDSTORMS EV3 compatible specification Alison Schofield <amsfield22(a)gmail.com> iio: proximity: sx9500: claim direct mode during raw proximity reads Alison Schofield <amsfield22(a)gmail.com> iio: magnetometer: mag3110: claim direct mode during raw writes Alison Schofield <amsfield22(a)gmail.com> iio: pressure: ms5611: claim direct mode during oversampling changes Alison Schofield <amsfield22(a)gmail.com> iio: trigger: free trigger resource correctly Mihail Atanassov <mihail.atanassov(a)arm.com> drm: mali-dp: fix Lx_CONTROL register fields clobber Li Zhong <zhong(a)linux.vnet.ibm.com> crypto: vmx - disable preemption to enable vsx in aes_ctr.c Will Deacon <will.deacon(a)arm.com> arm64: dma-mapping: Only swizzle DMA ops for IOMMU_DOMAIN_DMA Tony Lindgren <tony(a)atomide.com> ARM: omap2plus_defconfig: Fix probe errors on UARTs 5 and 6 Vaibhav Jain <vaibhav(a)linux.vnet.ibm.com> cxl: Force psl data-cache flush during device shutdown Valentin Longchamp <valentin.longchamp(a)keymile.com> powerpc/corenet: explicitly disable the SDHC controller on kmcoge4 Alexander Stein <alexander.stein(a)systec-electronic.com> pinctrl: baytrail: Fix debugfs offset output Nate Watterson <nwatters(a)codeaurora.org> iommu/arm-smmu-v3: Clear prior settings when updating STEs Li Zhong <zhong(a)linux.vnet.ibm.com> KVM: PPC: Book 3S: XICS: correct the real mode ICP rejecting counter Noralf Trønnes <noralf(a)tronnes.org> drm: drm_minor_register(): Clean up debugfs on failure Marek Szyprowski <m.szyprowski(a)samsung.com> clk: samsung: exynos5433: Add IDs for PHYCLK_MIPIDPHY0_* clocks Viresh Kumar <viresh.kumar(a)linaro.org> PM / OPP: Error out on failing to add static OPPs for v1 bindings Yazen Ghannam <Yazen.Ghannam(a)amd.com> EDAC, amd64: Add x86cpuid sanity check during init Harninder Rai <harninder.rai(a)nxp.com> dt-bindings: clockgen: Add compatible string for LS1012A Patrick Bruenn <p.bruenn(a)beckhoff.com> ARM: dts: imx53-qsb-common: fix FEC pinmux config Juergen Gross <jgross(a)suse.com> xen/netback: set default upper limit of tx/rx queues to 8 Peter Zijlstra <peterz(a)infradead.org> sched/core: Add missing update_rq_clock() call in sched_move_task() Jason Gunthorpe <jgunthorpe(a)obsidianresearch.com> PCI: mvebu: Handle changes to the bridge windows while enabled Maciej W. Rozycki <macro(a)linux-mips.org> video: fbdev: pmag-ba-fb: Remove bad `__init' annotation Lars-Peter Clausen <lars(a)metafoo.de> adv7604: Initialize drive strength to default when using DT ------------- Diffstat: Documentation/devicetree/bindings/arm/davinci.txt | 4 + .../devicetree/bindings/clock/qoriq-clock.txt | 1 + .../devicetree/bindings/vendor-prefixes.txt | 1 + Makefile | 4 +- arch/arm/boot/dts/imx53-qsb-common.dtsi | 20 ++-- arch/arm/boot/dts/stih410.dtsi | 2 +- arch/arm/configs/omap2plus_defconfig | 1 + arch/arm/kernel/traps.c | 28 +++-- arch/arm64/mm/dma-mapping.c | 17 ++- arch/mips/ar7/platform.c | 5 + arch/mips/ar7/prom.c | 2 - arch/mips/include/asm/mips-cm.h | 4 +- arch/mips/kernel/process.c | 4 +- arch/mips/kernel/smp-bmips.c | 4 +- arch/mips/kernel/smp.c | 29 +++-- arch/mips/mm/uasm-micromips.c | 2 +- arch/powerpc/boot/dts/fsl/kmcoge4.dts | 4 + arch/powerpc/kernel/time.c | 1 + arch/powerpc/kvm/book3s_hv_rm_xics.c | 5 +- arch/s390/kernel/early.c | 12 ++ arch/s390/kernel/topology.c | 11 +- arch/sh/kernel/cpu/sh3/setup-sh770x.c | 1 - arch/x86/crypto/sha1-mb/sha1_mb_mgr_flush_avx2.S | 12 +- .../crypto/sha256-mb/sha256_mb_mgr_flush_avx2.S | 12 +- arch/x86/include/asm/uaccess.h | 13 +- arch/x86/kernel/smpboot.c | 11 +- arch/x86/kernel/tsc.c | 8 +- arch/x86/oprofile/op_model_ppro.c | 4 +- crypto/ccm.c | 4 +- drivers/base/power/opp/of.c | 12 +- drivers/block/rbd.c | 4 +- drivers/clk/mvebu/ap806-system-controller.c | 28 ++++- drivers/clk/samsung/clk-exynos5433.c | 6 +- drivers/crypto/vmx/aes_ctr.c | 6 + drivers/edac/amd64_edac.c | 12 +- drivers/edac/amd64_edac.h | 1 + drivers/gpu/drm/arm/malidp_planes.c | 3 +- drivers/gpu/drm/bridge/adv7511/adv7511_drv.c | 36 +++--- drivers/gpu/drm/drm_drv.c | 2 +- drivers/gpu/drm/i915/intel_drv.h | 1 - drivers/gpu/drm/i915/intel_pm.c | 52 ++++---- drivers/gpu/drm/vmwgfx/vmwgfx_drv.c | 2 +- drivers/iio/magnetometer/mag3110.c | 30 +++-- drivers/iio/pressure/ms5611_core.c | 12 +- drivers/iio/proximity/sx9500.c | 10 +- drivers/iio/trigger/iio-trig-interrupt.c | 8 +- drivers/iio/trigger/iio-trig-sysfs.c | 2 +- drivers/infiniband/sw/rxe/rxe_req.c | 1 + drivers/infiniband/sw/rxe/rxe_resp.c | 1 + drivers/infiniband/ulp/ipoib/ipoib_cm.c | 2 +- drivers/input/keyboard/mpr121_touchkey.c | 24 ++-- drivers/input/mouse/elan_i2c_core.c | 1 + drivers/iommu/arm-smmu-v3.c | 10 +- drivers/media/i2c/adv7604.c | 3 + drivers/misc/cxl/pci.c | 3 + drivers/net/can/c_can/c_can_pci.c | 1 - drivers/net/can/c_can/c_can_platform.c | 1 - drivers/net/can/ifi_canfd/ifi_canfd.c | 6 +- drivers/net/can/sun4i_can.c | 12 +- drivers/net/usb/cdc_ncm.c | 28 +++++ drivers/net/usb/huawei_cdc_ncm.c | 6 + drivers/net/wireless/ath/wcn36xx/main.c | 3 +- .../broadcom/brcm80211/brcmfmac/cfg80211.c | 9 +- drivers/net/wireless/marvell/libertas/cmd.c | 2 +- drivers/net/wireless/ralink/rt2x00/rt2800usb.c | 5 +- drivers/net/xen-netback/netback.c | 6 +- drivers/pci/host/pci-mvebu.c | 101 +++++++++------- drivers/pinctrl/intel/pinctrl-baytrail.c | 2 +- drivers/platform/x86/hp-wmi.c | 60 ++++++---- drivers/s390/net/qeth_core.h | 1 - drivers/s390/net/qeth_core_main.c | 21 +++- drivers/s390/net/qeth_l2_main.c | 15 --- drivers/s390/net/qeth_l3_main.c | 15 --- drivers/s390/net/qeth_l3_sys.c | 30 ++--- drivers/staging/iio/trigger/iio-trig-bfin-timer.c | 4 +- drivers/tty/serial/sh-sci.c | 17 ++- drivers/usb/core/hcd.c | 1 + drivers/video/fbdev/pmag-ba-fb.c | 2 +- include/dt-bindings/clock/exynos5433.h | 5 +- include/linux/phy.h | 8 +- include/linux/preempt.h | 21 ++-- include/linux/usb/cdc_ncm.h | 1 + include/net/netfilter/nf_conntrack.h | 3 +- include/net/netfilter/nf_nat.h | 1 - include/sound/seq_kernel.h | 3 +- kernel/sched/core.c | 1 + kernel/workqueue_internal.h | 3 +- lib/asn1_decoder.c | 4 +- net/dsa/Kconfig | 5 +- net/ipv4/ah4.c | 3 + net/netfilter/nf_nat_core.c | 133 +++++++++------------ net/netfilter/nft_meta.c | 28 ++++- security/apparmor/lsm.c | 2 +- security/keys/trusted.c | 71 +++++------ sound/core/seq/oss/seq_oss_midi.c | 4 +- sound/core/seq/oss/seq_oss_readq.c | 29 +++++ sound/core/seq/oss/seq_oss_readq.h | 2 + sound/soc/sunxi/sun4i-spdif.c | 8 -- tools/testing/selftests/firmware/fw_filesystem.sh | 6 +- tools/testing/selftests/firmware/fw_userhelper.sh | 28 ++++- 100 files changed, 722 insertions(+), 493 deletions(-)

7 years, 1 month

7
88
0 0

[Linux-stable-mirror] Patch "Revert "ARM: dts: imx53-qsb-common: fix FEC pinmux config"" has been added to the 4.9-stable tree

by gregkh＠linuxfoundation.org

This is a note to let you know that I've just added the patch titled Revert "ARM: dts: imx53-qsb-common: fix FEC pinmux config" to the 4.9-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=sum… The filename of the patch is: revert-arm-dts-imx53-qsb-common-fix-fec-pinmux-config.patch and it can be found in the queue-4.9 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable(a)vger.kernel.org> know about it. >From 2cfe61144e9d770ed3e0556257e9dcc469ca14cf Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman <gregkh(a)linuxfoundation.org> Date: Thu, 16 Nov 2017 14:29:13 +0100 Subject: Revert "ARM: dts: imx53-qsb-common: fix FEC pinmux config" MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This reverts commit 62b9fa2c436ffd9b87e6ed81df7f86c29fee092b which is commit 8b649e426336d7d4800ff9c82858328f4215ba01 upstream. Turns out not to be a good idea in the stable kernels for now as Patrick writes: As discussed for 4.4 stable queue this patch might break existing machines, if they use a different pinmux configuration with their own bootloader. Reported-by: Patrick Brünn <P.Bruenn(a)beckhoff.com> Cc: Shawn Guo <shawnguo(a)kernel.org> Cc: Sasha Levin <alexander.levin(a)verizon.com> Signed-off-by: Greg Kroah-Hartman gregkh(a)linuxfoundation.org --- arch/arm/boot/dts/imx53-qsb-common.dtsi | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) --- a/arch/arm/boot/dts/imx53-qsb-common.dtsi +++ b/arch/arm/boot/dts/imx53-qsb-common.dtsi @@ -215,16 +215,16 @@ pinctrl_fec: fecgrp { fsl,pins = < - MX53_PAD_FEC_MDC__FEC_MDC 0x4 - MX53_PAD_FEC_MDIO__FEC_MDIO 0x1fc - MX53_PAD_FEC_REF_CLK__FEC_TX_CLK 0x180 - MX53_PAD_FEC_RX_ER__FEC_RX_ER 0x180 - MX53_PAD_FEC_CRS_DV__FEC_RX_DV 0x180 - MX53_PAD_FEC_RXD1__FEC_RDATA_1 0x180 - MX53_PAD_FEC_RXD0__FEC_RDATA_0 0x180 - MX53_PAD_FEC_TX_EN__FEC_TX_EN 0x4 - MX53_PAD_FEC_TXD1__FEC_TDATA_1 0x4 - MX53_PAD_FEC_TXD0__FEC_TDATA_0 0x4 + MX53_PAD_FEC_MDC__FEC_MDC 0x80000000 + MX53_PAD_FEC_MDIO__FEC_MDIO 0x80000000 + MX53_PAD_FEC_REF_CLK__FEC_TX_CLK 0x80000000 + MX53_PAD_FEC_RX_ER__FEC_RX_ER 0x80000000 + MX53_PAD_FEC_CRS_DV__FEC_RX_DV 0x80000000 + MX53_PAD_FEC_RXD1__FEC_RDATA_1 0x80000000 + MX53_PAD_FEC_RXD0__FEC_RDATA_0 0x80000000 + MX53_PAD_FEC_TX_EN__FEC_TX_EN 0x80000000 + MX53_PAD_FEC_TXD1__FEC_TDATA_1 0x80000000 + MX53_PAD_FEC_TXD0__FEC_TDATA_0 0x80000000 >; }; Patches currently in stable-queue which might be from gregkh(a)linuxfoundation.org are queue-4.9/net-call-cgroup_sk_alloc-earlier-in-sk_clone_lock.patch queue-4.9/tcp-dccp-fix-ireq-opt-races.patch queue-4.9/soreuseport-fix-initialization-race.patch queue-4.9/tcp-fix-tcp_mtu_probe-vs-highest_sack.patch queue-4.9/input-ims-psu-check-if-cdc-union-descriptor-is-sane.patch queue-4.9/revert-arm-dts-imx53-qsb-common-fix-fec-pinmux-config.patch queue-4.9/mac80211-use-constant-time-comparison-with-keys.patch queue-4.9/ipv6-addrconf-increment-ifp-refcount-before-ipv6_del_addr.patch queue-4.9/sctp-reset-owner-sk-for-data-chunks-on-out-queues-when-migrating-a-sock.patch queue-4.9/ipip-only-increase-err_count-for-some-certain-type-icmp-in-ipip_err.patch queue-4.9/ipv6-flowlabel-do-not-leave-opt-tot_len-with-garbage.patch queue-4.9/sctp-full-support-for-ipv6-ip_nonlocal_bind-ip_freebind.patch queue-4.9/packet-avoid-panic-in-packet_getsockopt.patch queue-4.9/tun-call-dev_get_valid_name-before-register_netdevice.patch queue-4.9/gso-fix-payload-length-when-gso_size-is-zero.patch queue-4.9/sctp-add-the-missing-sock_owned_by_user-check-in-sctp_icmp_redirect.patch queue-4.9/net_sched-avoid-matching-qdisc-with-zero-handle.patch queue-4.9/ip6_gre-only-increase-err_count-for-some-certain-type-icmpv6-in-ip6gre_err.patch queue-4.9/ip6_gre-update-dst-pmtu-if-dev-mtu-has-been-updated-by-toobig-in-__gre6_xmit.patch queue-4.9/tun-tap-sanitize-tunsetsndbuf-input.patch queue-4.9/alsa-seq-cancel-pending-autoload-work-at-unbinding-device.patch queue-4.9/tap-double-free-in-error-path-in-tap_open.patch queue-4.9/ppp-fix-race-in-ppp-device-destruction.patch queue-4.9/tcp-dccp-fix-lockdep-splat-in-inet_csk_route_req.patch queue-4.9/mac80211-don-t-compare-tkip-tx-mic-key-in-reinstall-prevention.patch queue-4.9/l2tp-check-ps-sock-before-running-pppol2tp_session_ioctl.patch queue-4.9/netlink-do-not-set-cb_running-if-dump-s-start-errs.patch queue-4.9/tun-allow-positive-return-values-on-dev_get_valid_name-call.patch queue-4.9/mac80211-accept-key-reinstall-without-changing-anything.patch queue-4.9/usb-usbtest-fix-null-pointer-dereference.patch queue-4.9/net-unix-don-t-show-information-about-sockets-from-other-namespaces.patch queue-4.9/tcp-dccp-fix-other-lockdep-splats-accessing-ireq_opt.patch

7 years, 1 month

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror November 2017