summarylogtreecommitdiffstats
diff options
context:
space:
mode:
authorgraysky2019-02-26 07:41:54 -0500
committergraysky2019-02-26 07:41:54 -0500
commitaeb97e1e9c0810fff00a0c504ccebfdc5c9a4ec9 (patch)
tree75787477c589dd9c0a0f1130598c4d41521aaa17
parentcc22f513b477e6fb6e764a4071c62707ab8602f6 (diff)
downloadaur-aeb97e1e9c0810fff00a0c504ccebfdc5c9a4ec9.tar.gz
Update to 4.20.13rc1-1
Diffstat
-rw-r--r--.SRCINFO20
-rw-r--r--0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch22
-rw-r--r--0002-exec-Fix-mem-leak-in-kernel_read_file.patch49
-rw-r--r--PKGBUILD12
4 files changed, 78 insertions, 25 deletions
diff --git a/.SRCINFO b/.SRCINFO
index 10f71eb7d0de..6c4cd007193b 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,7 +1,7 @@
# Generated by mksrcinfo v8
-# Thu Feb 21 20:11:04 UTC 2019
+# Tue Feb 26 12:41:54 UTC 2019
pkgbase = linux-rc
- pkgver = 4.20.12rc1
+ pkgver = 4.20.13rc1
pkgrel = 1
url = https://www.kernel.org/
arch = x86_64
@@ -11,24 +11,26 @@ pkgbase = linux-rc
makedepends = bc
makedepends = libelf
options = !strip
- source = https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.20.12-rc1.xz
- source = https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.20.12-rc1.sign
- source = https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.20.11.tar.xz
- source = https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.20.11.tar.sign
+ source = https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.20.13-rc1.xz
+ source = https://www.kernel.org/pub/linux/kernel/v4.x/stable-review/patch-4.20.13-rc1.sign
+ source = https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.20.12.tar.xz
+ source = https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.20.12.tar.sign
source = config
source = 60-linux.hook
source = 90-linux.hook
source = linux.preset
source = 0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch
- sha256sums = 3623d1d11b3f0f15c03fcf5bb195d0ae71d17b9bb3a88662e0c7cf9b886b6c4b
+ source = 0002-exec-Fix-mem-leak-in-kernel_read_file.patch
+ sha256sums = dfe5e7fa1cb2e6b344d8f1a388a15f1ea85c4a6eb115090f878341bc598b5006
sha256sums = SKIP
- sha256sums = dcd95c41f45c8ee90e249887f4aa8657b9a4c5d0fcef69ba17e75b5304d7411f
+ sha256sums = 1cf544308195250805e0731c716691bea4c1ed29e03e6f9ae5be6dc16785a504
sha256sums = SKIP
sha256sums = f863b3e9640161f61e859f22f2d1258c940101de8f007a207c1ede2f71d36206
sha256sums = ae2e95db94ef7176207c690224169594d49445e04249d2499e9d2fbc117a0b21
sha256sums = 75f99f5239e03238f88d1a834c50043ec32b1dc568f2cc291b07d04718483919
sha256sums = ad6344badc91ad0630caacde83f7f9b97276f80d26a20619a87952be65492c65
- sha256sums = c6a52de5d629fdfaa35553c71e2b020c421f170ef1ca0acfc72fffe7258a6358
+ sha256sums = 55823bb3ca652d917ba79860d595b479ec20c22a7c6854cbef901d44b4196316
+ sha256sums = bbf31b3a6af1db882cb63bd5e5385f174f2345272acaf18f129712a0a726689b
pkgname = linux-rc
pkgdesc = The release candidate kernel and modules
diff --git a/0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch b/0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch
index 7ce1462f2167..4a24f9ce9682 100644
--- a/0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch
+++ b/0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch
@@ -1,7 +1,7 @@
-From ffc883bc93c2fed977fc82cc36305880fab10247 Mon Sep 17 00:00:00 2001
+From 884528c4629b0b333061c191d9b26081431dbfd3 Mon Sep 17 00:00:00 2001
From: Serge Hallyn <serge.hallyn@canonical.com>
Date: Fri, 31 May 2013 19:12:12 +0100
-Subject: [PATCH 1/2] add sysctl to disallow unprivileged CLONE_NEWUSER by
+Subject: [PATCH 1/3] add sysctl to disallow unprivileged CLONE_NEWUSER by
default
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
@@ -14,10 +14,10 @@ Signed-off-by: Daniel Micay <danielmicay@gmail.com>
3 files changed, 30 insertions(+)
diff --git a/kernel/fork.c b/kernel/fork.c
-index f0b58479534f..8b2d927125c5 100644
+index 906cd0c13d15..0d1d30ad91e7 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
-@@ -103,6 +103,11 @@
+@@ -104,6 +104,11 @@
#define CREATE_TRACE_POINTS
#include <trace/events/task.h>
@@ -29,7 +29,7 @@ index f0b58479534f..8b2d927125c5 100644
/*
* Minimum number of threads to boot the kernel
-@@ -1649,6 +1654,10 @@ static __latent_entropy struct task_struct *copy_process(
+@@ -1699,6 +1704,10 @@ static __latent_entropy struct task_struct *copy_process(
if ((clone_flags & (CLONE_NEWUSER|CLONE_FS)) == (CLONE_NEWUSER|CLONE_FS))
return ERR_PTR(-EINVAL);
@@ -40,7 +40,7 @@ index f0b58479534f..8b2d927125c5 100644
/*
* Thread groups must share signals as well, and detached threads
* can only be started up within the thread group.
-@@ -2467,6 +2476,12 @@ int ksys_unshare(unsigned long unshare_flags)
+@@ -2532,6 +2541,12 @@ int ksys_unshare(unsigned long unshare_flags)
if (unshare_flags & CLONE_NEWNS)
unshare_flags |= CLONE_FS;
@@ -54,10 +54,10 @@ index f0b58479534f..8b2d927125c5 100644
if (err)
goto bad_unshare_out;
diff --git a/kernel/sysctl.c b/kernel/sysctl.c
-index cc02050fd0c4..ce2ad2b92897 100644
+index 9ee261fce89e..ab26ddeab33d 100644
--- a/kernel/sysctl.c
+++ b/kernel/sysctl.c
-@@ -105,6 +105,9 @@ extern int core_uses_pid;
+@@ -106,6 +106,9 @@ extern int core_uses_pid;
extern char core_pattern[];
extern unsigned int core_pipe_limit;
#endif
@@ -67,7 +67,7 @@ index cc02050fd0c4..ce2ad2b92897 100644
extern int pid_max;
extern int pid_max_min, pid_max_max;
extern int percpu_pagelist_fraction;
-@@ -514,6 +517,15 @@ static struct ctl_table kern_table[] = {
+@@ -515,6 +518,15 @@ static struct ctl_table kern_table[] = {
.proc_handler = proc_dointvec,
},
#endif
@@ -84,7 +84,7 @@ index cc02050fd0c4..ce2ad2b92897 100644
{
.procname = "tainted",
diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
-index e5222b5fb4fe..c941a66e51d1 100644
+index 923414a246e9..6b9dbc257e34 100644
--- a/kernel/user_namespace.c
+++ b/kernel/user_namespace.c
@@ -26,6 +26,9 @@
@@ -98,5 +98,5 @@ index e5222b5fb4fe..c941a66e51d1 100644
static DEFINE_MUTEX(userns_state_mutex);
--
-2.19.1
+2.20.1
diff --git a/0002-exec-Fix-mem-leak-in-kernel_read_file.patch b/0002-exec-Fix-mem-leak-in-kernel_read_file.patch
new file mode 100644
index 000000000000..750e105d3741
--- /dev/null
+++ b/0002-exec-Fix-mem-leak-in-kernel_read_file.patch
@@ -0,0 +1,49 @@
+From e4817043e07f7414acdb25aa0d0689cb30a5fc2b Mon Sep 17 00:00:00 2001
+From: YueHaibing <yuehaibing@huawei.com>
+Date: Tue, 19 Feb 2019 10:10:38 +0800
+Subject: [PATCH 2/3] exec: Fix mem leak in kernel_read_file
+
+syzkaller report this:
+BUG: memory leak
+unreferenced object 0xffffc9000488d000 (size 9195520):
+ comm "syz-executor.0", pid 2752, jiffies 4294787496 (age 18.757s)
+ hex dump (first 32 bytes):
+ ff ff ff ff ff ff ff ff a8 00 00 00 01 00 00 00 ................
+ 02 00 00 00 00 00 00 00 80 a1 7a c1 ff ff ff ff ..........z.....
+ backtrace:
+ [<000000000863775c>] __vmalloc_node mm/vmalloc.c:1795 [inline]
+ [<000000000863775c>] __vmalloc_node_flags mm/vmalloc.c:1809 [inline]
+ [<000000000863775c>] vmalloc+0x8c/0xb0 mm/vmalloc.c:1831
+ [<000000003f668111>] kernel_read_file+0x58f/0x7d0 fs/exec.c:924
+ [<000000002385813f>] kernel_read_file_from_fd+0x49/0x80 fs/exec.c:993
+ [<0000000011953ff1>] __do_sys_finit_module+0x13b/0x2a0 kernel/module.c:3895
+ [<000000006f58491f>] do_syscall_64+0x147/0x600 arch/x86/entry/common.c:290
+ [<00000000ee78baf4>] entry_SYSCALL_64_after_hwframe+0x49/0xbe
+ [<00000000241f889b>] 0xffffffffffffffff
+
+It should goto 'out_free' lable to free allocated buf while kernel_read
+fails.
+
+Fixes: 39d637af5aa7 ("vfs: forbid write access when reading a file into memory")
+Signed-off-by: YueHaibing <yuehaibing@huawei.com>
+Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
+---
+ fs/exec.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/fs/exec.c b/fs/exec.c
+index fc281b738a98..20c33029a062 100644
+--- a/fs/exec.c
++++ b/fs/exec.c
+@@ -929,7 +929,7 @@ int kernel_read_file(struct file *file, void **buf, loff_t *size,
+ bytes = kernel_read(file, *buf + pos, i_size - pos, &pos);
+ if (bytes < 0) {
+ ret = bytes;
+- goto out;
++ goto out_free;
+ }
+
+ if (bytes == 0)
+--
+2.20.1
+
diff --git a/PKGBUILD b/PKGBUILD
index 54cf19edb382..9fec4058638f 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -5,8 +5,8 @@
pkgbase=linux-rc
pkgrel=1
_srcname=linux-4.20
-_stable=4.20.11
-_patchver=4.20.12
+_stable=4.20.12
+_patchver=4.20.13
_rcver=1
pkgver=${_patchver}rc${_rcver}
_rcpatch=patch-${_patchver}-rc${_rcver}
@@ -23,21 +23,23 @@ source=(
90-linux.hook # pacman hook for initramfs regeneration
linux.preset # standard config files for mkinitcpio ramdisk
0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch
+ 0002-exec-Fix-mem-leak-in-kernel_read_file.patch
# Arch-Linux-kernel-vx.xx.x-arch1.patch is not needed for rc1
)
validpgpkeys=(
'ABAF11C65A2970B130ABE3C479BE3E4300411886' # Linus Torvalds
'647F28654894E3BD457199BE38DBBDC86092693E' # Greg Kroah-Hartman
)
-sha256sums=('3623d1d11b3f0f15c03fcf5bb195d0ae71d17b9bb3a88662e0c7cf9b886b6c4b'
+sha256sums=('dfe5e7fa1cb2e6b344d8f1a388a15f1ea85c4a6eb115090f878341bc598b5006'
'SKIP'
- 'dcd95c41f45c8ee90e249887f4aa8657b9a4c5d0fcef69ba17e75b5304d7411f'
+ '1cf544308195250805e0731c716691bea4c1ed29e03e6f9ae5be6dc16785a504'
'SKIP'
'f863b3e9640161f61e859f22f2d1258c940101de8f007a207c1ede2f71d36206'
'ae2e95db94ef7176207c690224169594d49445e04249d2499e9d2fbc117a0b21'
'75f99f5239e03238f88d1a834c50043ec32b1dc568f2cc291b07d04718483919'
'ad6344badc91ad0630caacde83f7f9b97276f80d26a20619a87952be65492c65'
- 'c6a52de5d629fdfaa35553c71e2b020c421f170ef1ca0acfc72fffe7258a6358')
+ '55823bb3ca652d917ba79860d595b479ec20c22a7c6854cbef901d44b4196316'
+ 'bbf31b3a6af1db882cb63bd5e5385f174f2345272acaf18f129712a0a726689b')
_kernelname=${pkgbase#linux}