Hello community,
here is the log from the commit of package kernel-source for openSUSE:Factory
checked in at 2017-02-18 03:17:11
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/kernel-source (Old)
and /work/SRC/openSUSE:Factory/.kernel-source.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "kernel-source"
Changes:
--------
--- /work/SRC/openSUSE:Factory/kernel-source/dtb-aarch64.changes
2017-02-12 00:48:05.473160688 +0100
+++ /work/SRC/openSUSE:Factory/.kernel-source.new/dtb-aarch64.changes
2017-02-18 03:17:12.444382414 +0100
@@ -1,0 +2,22 @@
+Thu Feb 16 09:36:29 CET 2017 - mkube...@suse.cz
+
+- sctp: avoid BUG_ON on sctp_wait_for_sndbuf (CVE-2017-5986
+ bsc#1025235).
+- commit ffeeef5
+
+-------------------------------------------------------------------
+Wed Feb 15 17:50:50 CET 2017 - jsl...@suse.cz
+
+- Linux 4.9.10 (bnc#1012628 bsc#1018100).
+- Delete
+ patches.suse/btrfs-fix-btrfs_compat_ioctl-failures-on-non-compat-ioctls.
+- commit 59c7cc2
+
+-------------------------------------------------------------------
+Tue Feb 14 08:11:44 CET 2017 - mkube...@suse.cz
+
+- ipv4: keep skb->dst around in presence of IP options
+ (CVE-2017-5970 bsc#1024938).
+- commit fff3f63
+
+-------------------------------------------------------------------
dtb-armv6l.changes: same change
dtb-armv7l.changes: same change
kernel-64kb.changes: same change
kernel-debug.changes: same change
kernel-default.changes: same change
kernel-docs.changes: same change
kernel-lpae.changes: same change
kernel-obs-build.changes: same change
kernel-obs-qa.changes: same change
kernel-pae.changes: same change
kernel-source.changes: same change
kernel-syms.changes: same change
kernel-syzkaller.changes: same change
kernel-vanilla.changes: same change
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ dtb-aarch64.spec ++++++
--- /var/tmp/diff_new_pack.sv9mcb/_old 2017-02-18 03:17:17.563659379 +0100
+++ /var/tmp/diff_new_pack.sv9mcb/_new 2017-02-18 03:17:17.567658814 +0100
@@ -16,14 +16,14 @@
#
-%define patchversion 4.9.9
+%define patchversion 4.9.10
%include %_sourcedir/kernel-spec-macros
Name: dtb-aarch64
-Version: 4.9.9
+Version: 4.9.10
%if 0%{?is_kotd}
-Release: <RELEASE>.g6c5120c
+Release: <RELEASE>.gffeeef5
%else
Release: 0
%endif
dtb-armv6l.spec: same change
dtb-armv7l.spec: same change
++++++ kernel-64kb.spec ++++++
--- /var/tmp/diff_new_pack.sv9mcb/_old 2017-02-18 03:17:17.651646951 +0100
+++ /var/tmp/diff_new_pack.sv9mcb/_new 2017-02-18 03:17:17.655646387 +0100
@@ -18,7 +18,7 @@
%define srcversion 4.9
-%define patchversion 4.9.9
+%define patchversion 4.9.10
%define variant %{nil}
%define vanilla_only 0
@@ -58,9 +58,9 @@
Summary: Kernel with 64kb PAGE_SIZE
License: GPL-2.0
Group: System/Kernel
-Version: 4.9.9
+Version: 4.9.10
%if 0%{?is_kotd}
-Release: <RELEASE>.g6c5120c
+Release: <RELEASE>.gffeeef5
%else
Release: 0
%endif
kernel-debug.spec: same change
kernel-default.spec: same change
++++++ kernel-docs.spec ++++++
--- /var/tmp/diff_new_pack.sv9mcb/_old 2017-02-18 03:17:17.755632265 +0100
+++ /var/tmp/diff_new_pack.sv9mcb/_new 2017-02-18 03:17:17.755632265 +0100
@@ -16,7 +16,7 @@
#
-%define patchversion 4.9.9
+%define patchversion 4.9.10
%define variant %{nil}
%include %_sourcedir/kernel-spec-macros
@@ -33,9 +33,9 @@
Summary: Kernel Documentation (man pages)
License: GPL-2.0
Group: Documentation/Man
-Version: 4.9.9
+Version: 4.9.10
%if 0%{?is_kotd}
-Release: <RELEASE>.g6c5120c
+Release: <RELEASE>.gffeeef5
%else
Release: 0
%endif
++++++ kernel-lpae.spec ++++++
--- /var/tmp/diff_new_pack.sv9mcb/_old 2017-02-18 03:17:17.783628311 +0100
+++ /var/tmp/diff_new_pack.sv9mcb/_new 2017-02-18 03:17:17.787627746 +0100
@@ -18,7 +18,7 @@
%define srcversion 4.9
-%define patchversion 4.9.9
+%define patchversion 4.9.10
%define variant %{nil}
%define vanilla_only 0
@@ -58,9 +58,9 @@
Summary: Kernel for LPAE enabled systems
License: GPL-2.0
Group: System/Kernel
-Version: 4.9.9
+Version: 4.9.10
%if 0%{?is_kotd}
-Release: <RELEASE>.g6c5120c
+Release: <RELEASE>.gffeeef5
%else
Release: 0
%endif
++++++ kernel-obs-build.spec ++++++
--- /var/tmp/diff_new_pack.sv9mcb/_old 2017-02-18 03:17:17.811624357 +0100
+++ /var/tmp/diff_new_pack.sv9mcb/_new 2017-02-18 03:17:17.815623792 +0100
@@ -19,7 +19,7 @@
#!BuildIgnore: post-build-checks
-%define patchversion 4.9.9
+%define patchversion 4.9.10
%define variant %{nil}
%include %_sourcedir/kernel-spec-macros
@@ -51,9 +51,9 @@
Summary: package kernel and initrd for OBS VM builds
License: GPL-2.0
Group: SLES
-Version: 4.9.9
+Version: 4.9.10
%if 0%{?is_kotd}
-Release: <RELEASE>.g6c5120c
+Release: <RELEASE>.gffeeef5
%else
Release: 0
%endif
++++++ kernel-obs-qa.spec ++++++
--- /var/tmp/diff_new_pack.sv9mcb/_old 2017-02-18 03:17:17.831621532 +0100
+++ /var/tmp/diff_new_pack.sv9mcb/_new 2017-02-18 03:17:17.835620968 +0100
@@ -17,7 +17,7 @@
# needsrootforbuild
-%define patchversion 4.9.9
+%define patchversion 4.9.10
%define variant %{nil}
%include %_sourcedir/kernel-spec-macros
@@ -36,9 +36,9 @@
Summary: Basic QA tests for the kernel
License: GPL-2.0
Group: SLES
-Version: 4.9.9
+Version: 4.9.10
%if 0%{?is_kotd}
-Release: <RELEASE>.g6c5120c
+Release: <RELEASE>.gffeeef5
%else
Release: 0
%endif
++++++ kernel-pae.spec ++++++
--- /var/tmp/diff_new_pack.sv9mcb/_old 2017-02-18 03:17:17.855618143 +0100
+++ /var/tmp/diff_new_pack.sv9mcb/_new 2017-02-18 03:17:17.859617578 +0100
@@ -18,7 +18,7 @@
%define srcversion 4.9
-%define patchversion 4.9.9
+%define patchversion 4.9.10
%define variant %{nil}
%define vanilla_only 0
@@ -58,9 +58,9 @@
Summary: Kernel with PAE Support
License: GPL-2.0
Group: System/Kernel
-Version: 4.9.9
+Version: 4.9.10
%if 0%{?is_kotd}
-Release: <RELEASE>.g6c5120c
+Release: <RELEASE>.gffeeef5
%else
Release: 0
%endif
++++++ kernel-source.spec ++++++
--- /var/tmp/diff_new_pack.sv9mcb/_old 2017-02-18 03:17:17.883614189 +0100
+++ /var/tmp/diff_new_pack.sv9mcb/_new 2017-02-18 03:17:17.883614189 +0100
@@ -18,7 +18,7 @@
%define srcversion 4.9
-%define patchversion 4.9.9
+%define patchversion 4.9.10
%define variant %{nil}
%define vanilla_only 0
@@ -30,9 +30,9 @@
Summary: The Linux Kernel Sources
License: GPL-2.0
Group: Development/Sources
-Version: 4.9.9
+Version: 4.9.10
%if 0%{?is_kotd}
-Release: <RELEASE>.g6c5120c
+Release: <RELEASE>.gffeeef5
%else
Release: 0
%endif
++++++ kernel-syms.spec ++++++
--- /var/tmp/diff_new_pack.sv9mcb/_old 2017-02-18 03:17:17.907610800 +0100
+++ /var/tmp/diff_new_pack.sv9mcb/_new 2017-02-18 03:17:17.911610235 +0100
@@ -24,10 +24,10 @@
Summary: Kernel Symbol Versions (modversions)
License: GPL-2.0
Group: Development/Sources
-Version: 4.9.9
+Version: 4.9.10
%if %using_buildservice
%if 0%{?is_kotd}
-Release: <RELEASE>.g6c5120c
+Release: <RELEASE>.gffeeef5
%else
Release: 0
%endif
++++++ kernel-syzkaller.spec ++++++
--- /var/tmp/diff_new_pack.sv9mcb/_old 2017-02-18 03:17:17.939606281 +0100
+++ /var/tmp/diff_new_pack.sv9mcb/_new 2017-02-18 03:17:17.943605716 +0100
@@ -18,7 +18,7 @@
%define srcversion 4.9
-%define patchversion 4.9.9
+%define patchversion 4.9.10
%define variant %{nil}
%define vanilla_only 0
@@ -58,9 +58,9 @@
Summary: Kernel used for fuzzing by syzkaller
License: GPL-2.0
Group: System/Kernel
-Version: 4.9.9
+Version: 4.9.10
%if 0%{?is_kotd}
-Release: <RELEASE>.g6c5120c
+Release: <RELEASE>.gffeeef5
%else
Release: 0
%endif
kernel-vanilla.spec: same change
++++++ patches.fixes.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.fixes/ipv4-keep-skb-dst-around-in-presence-of-IP-options.patch
new/patches.fixes/ipv4-keep-skb-dst-around-in-presence-of-IP-options.patch
--- old/patches.fixes/ipv4-keep-skb-dst-around-in-presence-of-IP-options.patch
1970-01-01 01:00:00.000000000 +0100
+++ new/patches.fixes/ipv4-keep-skb-dst-around-in-presence-of-IP-options.patch
2017-02-16 09:36:29.000000000 +0100
@@ -0,0 +1,51 @@
+From: Eric Dumazet <eduma...@google.com>
+Date: Sat, 4 Feb 2017 11:16:52 -0800
+Subject: ipv4: keep skb->dst around in presence of IP options
+Patch-mainline: v4.10-rc8
+Git-commit: 34b2cef20f19c87999fff3da4071e66937db9644
+References: CVE-2017-5970 bsc#1024938
+
+Andrey Konovalov got crashes in __ip_options_echo() when a NULL skb->dst
+is accessed.
+
+ipv4_pktinfo_prepare() should not drop the dst if (evil) IP options
+are present.
+
+We could refine the test to the presence of ts_needtime or srr,
+but IP options are not often used, so let's be conservative.
+
+Thanks to syzkaller team for finding this bug.
+
+Fixes: d826eb14ecef ("ipv4: PKTINFO doesnt need dst reference")
+Signed-off-by: Eric Dumazet <eduma...@google.com>
+Reported-by: Andrey Konovalov <andreyk...@google.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Acked-by: Michal Kubecek <mkube...@suse.cz>
+
+---
+ net/ipv4/ip_sockglue.c | 9 ++++++++-
+ 1 file changed, 8 insertions(+), 1 deletion(-)
+
+diff --git a/net/ipv4/ip_sockglue.c b/net/ipv4/ip_sockglue.c
+index f226f4086e05..65336f38a5d8 100644
+--- a/net/ipv4/ip_sockglue.c
++++ b/net/ipv4/ip_sockglue.c
+@@ -1215,7 +1215,14 @@ void ipv4_pktinfo_prepare(const struct sock *sk, struct
sk_buff *skb)
+ pktinfo->ipi_ifindex = 0;
+ pktinfo->ipi_spec_dst.s_addr = 0;
+ }
+- skb_dst_drop(skb);
++ /* We need to keep the dst for __ip_options_echo()
++ * We could restrict the test to opt.ts_needtime || opt.srr,
++ * but the following is good enough as IP options are not often used.
++ */
++ if (unlikely(IPCB(skb)->opt.optlen))
++ skb_dst_force(skb);
++ else
++ skb_dst_drop(skb);
+ }
+
+ int ip_setsockopt(struct sock *sk, int level,
+--
+2.11.1
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.fixes/sctp-avoid-BUG_ON-on-sctp_wait_for_sndbuf.patch
new/patches.fixes/sctp-avoid-BUG_ON-on-sctp_wait_for_sndbuf.patch
--- old/patches.fixes/sctp-avoid-BUG_ON-on-sctp_wait_for_sndbuf.patch
1970-01-01 01:00:00.000000000 +0100
+++ new/patches.fixes/sctp-avoid-BUG_ON-on-sctp_wait_for_sndbuf.patch
2017-02-16 09:36:29.000000000 +0100
@@ -0,0 +1,43 @@
+From: Marcelo Ricardo Leitner <marcelo.leit...@gmail.com>
+Date: Mon, 6 Feb 2017 18:10:31 -0200
+Subject: sctp: avoid BUG_ON on sctp_wait_for_sndbuf
+Patch-mainline: v4.10-rc8
+Git-commit: 2dcab598484185dea7ec22219c76dcdd59e3cb90
+References: CVE-2017-5986 bsc#1025235
+
+Alexander Popov reported that an application may trigger a BUG_ON in
+sctp_wait_for_sndbuf if the socket tx buffer is full, a thread is
+waiting on it to queue more data and meanwhile another thread peels off
+the association being used by the first thread.
+
+This patch replaces the BUG_ON call with a proper error handling. It
+will return -EPIPE to the original sendmsg call, similarly to what would
+have been done if the association wasn't found in the first place.
+
+Acked-by: Alexander Popov <alex.po...@linux.com>
+Signed-off-by: Marcelo Ricardo Leitner <marcelo.leit...@gmail.com>
+Reviewed-by: Xin Long <lucien....@gmail.com>
+Signed-off-by: David S. Miller <da...@davemloft.net>
+Acked-by: Michal Kubecek <mkube...@suse.cz>
+
+---
+ net/sctp/socket.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/net/sctp/socket.c b/net/sctp/socket.c
+index ca12aa346c0d..6cbe5bdf2b15 100644
+--- a/net/sctp/socket.c
++++ b/net/sctp/socket.c
+@@ -7427,7 +7427,8 @@ static int sctp_wait_for_sndbuf(struct sctp_association
*asoc, long *timeo_p,
+ */
+ release_sock(sk);
+ current_timeo = schedule_timeout(current_timeo);
+- BUG_ON(sk != asoc->base.sk);
++ if (sk != asoc->base.sk)
++ goto do_error;
+ lock_sock(sk);
+
+ *timeo_p = current_timeo;
+--
+2.11.1
+
++++++ patches.kernel.org.tar.bz2 ++++++
++++ 2231 lines of diff (skipped)
++++++ patches.suse.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/patches.suse/btrfs-fix-btrfs_compat_ioctl-failures-on-non-compat-ioctls
new/patches.suse/btrfs-fix-btrfs_compat_ioctl-failures-on-non-compat-ioctls
--- old/patches.suse/btrfs-fix-btrfs_compat_ioctl-failures-on-non-compat-ioctls
2017-02-07 16:51:24.000000000 +0100
+++ new/patches.suse/btrfs-fix-btrfs_compat_ioctl-failures-on-non-compat-ioctls
1970-01-01 01:00:00.000000000 +0100
@@ -1,40 +0,0 @@
-From: Jeff Mahoney <je...@suse.com>
-Subject: btrfs: fix btrfs_compat_ioctl failures on non-compat ioctls
-References: bsc#1018100
-Patch-mainline: Submitted, linux-btrfs, 6 Feb 2017
-
-Commit 4c63c2454ef incorrectly assumed that returning -ENOIOCTLCMD would
-cause the native ioctl to be called. The ->compat_ioctl callback is
-expected to handle all ioctls, not just compat variants. As a result,
-when using 32-bit userspace on 64-bit kernels, everything except those
-three ioctls would return -ENOTTY.
-
-Fixes: 4c63c2454ef ("btrfs: bugfix: handle
FS_IOC32_{GETFLAGS,SETFLAGS,GETVERSION} in btrfs_ioctl")
-Cc: sta...@vger.kernel.org
-Signed-off-by: Jeff Mahoney <je...@suse.com>
----
- fs/btrfs/ioctl.c | 6 ++++--
- 1 file changed, 4 insertions(+), 2 deletions(-)
-
---- a/fs/btrfs/ioctl.c
-+++ b/fs/btrfs/ioctl.c
-@@ -5653,6 +5653,10 @@ long btrfs_ioctl(struct file *file, unsi
- #ifdef CONFIG_COMPAT
- long btrfs_compat_ioctl(struct file *file, unsigned int cmd, unsigned long
arg)
- {
-+ /*
-+ * These all access 32-bit values anyway so no further
-+ * handling is necessary.
-+ */
- switch (cmd) {
- case FS_IOC32_GETFLAGS:
- cmd = FS_IOC_GETFLAGS;
-@@ -5663,8 +5667,6 @@ long btrfs_compat_ioctl(struct file *fil
- case FS_IOC32_GETVERSION:
- cmd = FS_IOC_GETVERSION;
- break;
-- default:
-- return -ENOIOCTLCMD;
- }
-
- return btrfs_ioctl(file, cmd, (unsigned long) compat_ptr(arg));
++++++ series.conf ++++++
--- /var/tmp/diff_new_pack.sv9mcb/_old 2017-02-18 03:17:19.099442468 +0100
+++ /var/tmp/diff_new_pack.sv9mcb/_new 2017-02-18 03:17:19.099442468 +0100
@@ -36,6 +36,7 @@
patches.kernel.org/patch-4.9.6-7
patches.kernel.org/patch-4.9.7-8
patches.kernel.org/patch-4.9.8-9
+ patches.kernel.org/patch-4.9.9-10
########################################################
# Build fixes that apply to the vanilla kernel too.
@@ -218,6 +219,8 @@
# Networking, IPv6
########################################################
patches.fixes/ip6_gre-fix-ip6gre_err-invalid-reads.patch
+ patches.fixes/ipv4-keep-skb-dst-around-in-presence-of-IP-options.patch
+ patches.fixes/sctp-avoid-BUG_ON-on-sctp_wait_for_sndbuf.patch
########################################################
# Netfilter
@@ -254,7 +257,6 @@
patches.suse/revert-btrfs-fix-lockdep-warning-on-deadlock-against-an-inode-s-log-mutex.patch
patches.suse/revert-btrfs-improve-performance-on-fsync-against-new-inode-after-rename-unlink.patch
patches.suse/btrfs-fix-extent-tree-corruption-due-to-relocation.patch
- patches.suse/btrfs-fix-btrfs_compat_ioctl-failures-on-non-compat-ioctls
########################################################
# Reiserfs Patches
++++++ source-timestamp ++++++
--- /var/tmp/diff_new_pack.sv9mcb/_old 2017-02-18 03:17:19.131437949 +0100
+++ /var/tmp/diff_new_pack.sv9mcb/_new 2017-02-18 03:17:19.131437949 +0100
@@ -1,3 +1,3 @@
-2017-02-09 11:55:53 +0100
-GIT Revision: 6c5120caac312a1909e2347a00433920d10ebd9f
+2017-02-16 09:36:29 +0100
+GIT Revision: ffeeef592fefd9695f1869aefc0ac470de923bc7
GIT Branch: stable
