Extras:
- Remove linux-tools.spec, as it is obsolete.
Change-Id: Idabb90963cd24f2d88ff8f3f66f92cceb6fe73ba
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/5113
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Sharath George
1 | 1 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,47 @@ |
0 |
+From 1572e45a924f254d9570093abde46430c3172e3d Mon Sep 17 00:00:00 2001 |
|
1 |
+From: Tan Xiaojun <tanxiaojun@huawei.com> |
|
2 |
+Date: Thu, 23 Feb 2017 14:04:39 +0800 |
|
3 |
+Subject: [PATCH] perf/core: Fix the perf_cpu_time_max_percent check |
|
4 |
+ |
|
5 |
+Use "proc_dointvec_minmax" instead of "proc_dointvec" to check the input |
|
6 |
+value from user-space. |
|
7 |
+ |
|
8 |
+If not, we can set a big value and some vars will overflow like |
|
9 |
+"sysctl_perf_event_sample_rate" which will cause a lot of unexpected |
|
10 |
+problems. |
|
11 |
+ |
|
12 |
+Signed-off-by: Tan Xiaojun <tanxiaojun@huawei.com> |
|
13 |
+Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org> |
|
14 |
+Cc: <acme@kernel.org> |
|
15 |
+Cc: <alexander.shishkin@linux.intel.com> |
|
16 |
+Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com> |
|
17 |
+Cc: Arnaldo Carvalho de Melo <acme@redhat.com> |
|
18 |
+Cc: Jiri Olsa <jolsa@redhat.com> |
|
19 |
+Cc: Linus Torvalds <torvalds@linux-foundation.org> |
|
20 |
+Cc: Peter Zijlstra <peterz@infradead.org> |
|
21 |
+Cc: Stephane Eranian <eranian@google.com> |
|
22 |
+Cc: Thomas Gleixner <tglx@linutronix.de> |
|
23 |
+Cc: Vince Weaver <vincent.weaver@maine.edu> |
|
24 |
+Link: http://lkml.kernel.org/r/1487829879-56237-1-git-send-email-tanxiaojun@huawei.com |
|
25 |
+Signed-off-by: Ingo Molnar <mingo@kernel.org> |
|
26 |
+Signed-off-by: Srivatsa S. Bhat <srivatsa@csail.mit.edu> |
|
27 |
+--- |
|
28 |
+ kernel/events/core.c | 2 +- |
|
29 |
+ 1 file changed, 1 insertion(+), 1 deletion(-) |
|
30 |
+ |
|
31 |
+diff --git a/kernel/events/core.c b/kernel/events/core.c |
|
32 |
+index 6aeb0ef..92d1f12 100644 |
|
33 |
+--- a/kernel/events/core.c |
|
34 |
+@@ -229,7 +229,7 @@ int perf_cpu_time_max_percent_handler(struct ctl_table *table, int write, |
|
35 |
+ void __user *buffer, size_t *lenp, |
|
36 |
+ loff_t *ppos) |
|
37 |
+ { |
|
38 |
+- int ret = proc_dointvec(table, write, buffer, lenp, ppos); |
|
39 |
++ int ret = proc_dointvec_minmax(table, write, buffer, lenp, ppos); |
|
40 |
+ |
|
41 |
+ if (ret || !write) |
|
42 |
+ return ret; |
|
43 |
+-- |
|
44 |
+2.7.4 |
|
45 |
+ |
... | ... |
@@ -2,7 +2,7 @@ |
2 | 2 |
Summary: Kernel |
3 | 3 |
Name: linux-esx |
4 | 4 |
Version: 4.4.130 |
5 |
-Release: 1%{?dist} |
|
5 |
+Release: 2%{?dist} |
|
6 | 6 |
License: GPLv2 |
7 | 7 |
URL: http://www.kernel.org/ |
8 | 8 |
Group: System Environment/Kernel |
... | ... |
@@ -40,6 +40,9 @@ Patch26: init-do_mounts-recreate-dev-root.patch |
40 | 40 |
# Fixes for CVE-2018-1000026 |
41 | 41 |
Patch27: 0001-net-create-skb_gso_validate_mac_len.patch |
42 | 42 |
Patch28: 0002-bnx2x-disable-GSO-where-gso_size-is-too-big-for-hard.patch |
43 |
+# Fix for CVE-2017-18255 |
|
44 |
+Patch29: 0001-perf-core-Fix-the-perf_cpu_time_max_percent-check.patch |
|
45 |
+ |
|
43 | 46 |
# For Spectre |
44 | 47 |
Patch52: 0141-locking-barriers-introduce-new-observable-speculatio.patch |
45 | 48 |
Patch55: 0144-uvcvideo-prevent-speculative-execution.patch |
... | ... |
@@ -119,6 +122,7 @@ The Linux package contains the Linux kernel doc files |
119 | 119 |
%patch26 -p1 |
120 | 120 |
%patch27 -p1 |
121 | 121 |
%patch28 -p1 |
122 |
+%patch29 -p1 |
|
122 | 123 |
|
123 | 124 |
%patch52 -p1 |
124 | 125 |
%patch55 -p1 |
... | ... |
@@ -222,6 +226,8 @@ ln -sf linux-%{uname_r}.cfg /boot/photon.cfg |
222 | 222 |
/usr/src/linux-headers-%{uname_r} |
223 | 223 |
|
224 | 224 |
%changelog |
225 |
+* Wed May 02 2018 Srivatsa S. Bhat <srivatsa@csail.mit.edu> 4.4.130-2 |
|
226 |
+- Fix CVE-2017-18255. |
|
225 | 227 |
* Mon Apr 30 2018 Srivatsa S. Bhat <srivatsa@csail.mit.edu> 4.4.130-1 |
226 | 228 |
- Update to version 4.4.130 and fix CVE-2018-1000026. |
227 | 229 |
* Thu Apr 19 2018 Srivatsa S. Bhat <srivatsa@csail.mit.edu> 4.4.124-2 |
228 | 230 |
deleted file mode 100644 |
... | ... |
@@ -1,71 +0,0 @@ |
1 |
-Summary: This package contains the 'perf' performance analysis tools for Linux kernel |
|
2 |
-Name: linux-tools |
|
3 |
-Version: 4.4.64 |
|
4 |
-Release: 1%{?dist} |
|
5 |
-License: GPLv2 |
|
6 |
-URL: http://www.kernel.org/ |
|
7 |
-Group: System/Tools |
|
8 |
-Vendor: VMware, Inc. |
|
9 |
-Distribution: Photon |
|
10 |
-Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz |
|
11 |
-%define sha1 linux=4554451ee0b50e55674795f5d760fdbc72df7bf3 |
|
12 |
-Patch0: perf-top-sigsegv-fix.patch |
|
13 |
-Requires: filesystem kmod coreutils binutils |
|
14 |
- |
|
15 |
-%description |
|
16 |
-This package contains the 'perf' performance analysis tools for Linux kernel. |
|
17 |
- |
|
18 |
-%prep |
|
19 |
-%setup -q -n linux-%{version} |
|
20 |
-%patch0 -p1 |
|
21 |
- |
|
22 |
-%build |
|
23 |
-make -C tools perf |
|
24 |
- |
|
25 |
-%install |
|
26 |
-# disable (JOBS=1) parallel build to fix this issue: |
|
27 |
-# fixdep: error opening depfile: ./.plugin_cfg80211.o.d: No such file or directory |
|
28 |
-# Linux version that was affected is 4.4.26 |
|
29 |
-make -C tools JOBS=1 DESTDIR=%{buildroot} prefix=%{_prefix} perf_install |
|
30 |
-mv %{buildroot}/usr/lib64 %{buildroot}%{_libdir} |
|
31 |
- |
|
32 |
-%files |
|
33 |
-%defattr(-,root,root) |
|
34 |
-/usr/libexec |
|
35 |
-%exclude %{_libdir}/debug |
|
36 |
-%{_libdir}/traceevent |
|
37 |
-%{_bindir} |
|
38 |
-/etc/bash_completion.d/* |
|
39 |
- |
|
40 |
-%changelog |
|
41 |
-* Thu Apr 27 2017 Alexey Makhalov <amakhalov@vmware.com> 4.4.64-1 |
|
42 |
-- Update version |
|
43 |
-* Mon Apr 10 2017 Alexey Makhalov <amakhalov@vmware.com> 4.4.60-1 |
|
44 |
-- Update to linux-4.4.60 |
|
45 |
-* Wed Mar 15 2017 Alexey Makhalov <amakhalov@vmware.com> 4.4.54-1 |
|
46 |
-- Update to linux-4.4.54 |
|
47 |
-* Thu Feb 23 2017 Alexey Makhalov <amakhalov@vmware.com> 4.4.51-1 |
|
48 |
-- Update to linux-4.4.51 |
|
49 |
-* Mon Jan 9 2017 Alexey Makhalov <amakhalov@vmware.com> 4.4.41-1 |
|
50 |
-- Update to linux-4.4.41 |
|
51 |
-* Mon Nov 28 2016 Alexey Makhalov <amakhalov@vmware.com> 4.4.35-1 |
|
52 |
-- Update to linux-4.4.35 |
|
53 |
-* Thu Nov 10 2016 Alexey Makhalov <amakhalov@vmware.com> 4.4.31-1 |
|
54 |
-- Update to linux-4.4.31 |
|
55 |
-* Fri Oct 28 2016 Alexey Makhalov <amakhalov@vmware.com> 4.4.26-2 |
|
56 |
-- Disable parallel build for the perf_install. |
|
57 |
-* Mon Oct 24 2016 Anish Swaminathan <anishs@vmware.com> 4.4.26-1 |
|
58 |
-- Update to linux-4.4.26 |
|
59 |
-* Wed Sep 7 2016 Alexey Makhalov <amakhalov@vmware.com> 4.4.20-1 |
|
60 |
-- Update to linux-4.4.20 |
|
61 |
-* Mon Jun 20 2016 Harish Udaiya Kumar <hudaiyakumar@vmware.com> 4.4.8-3 |
|
62 |
-- Added patch to fix perf top segmentation fault. |
|
63 |
-* Tue May 24 2016 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 4.4.8-2 |
|
64 |
-- GA - Bump release of all rpms |
|
65 |
-* Thu Apr 28 2016 Alexey Makhalov <amakhalov@vmware.com> 4.4.8-1 |
|
66 |
-- Update to linux-4.4.8 |
|
67 |
-* Wed Jan 13 2016 Anish Swaminathan <anishs@vmware.com> 4.2.0-2 |
|
68 |
-- Fix for new perl |
|
69 |
-* Wed Nov 5 2014 Divya Thaluru <dthaluru@vmware.com> 3.13.3-1 |
|
70 |
-- Initial build. First version |
|
71 |
- |
... | ... |
@@ -2,7 +2,7 @@ |
2 | 2 |
Summary: Kernel |
3 | 3 |
Name: linux |
4 | 4 |
Version: 4.4.130 |
5 |
-Release: 1%{?kat_build:.%kat_build}%{?dist} |
|
5 |
+Release: 2%{?kat_build:.%kat_build}%{?dist} |
|
6 | 6 |
License: GPLv2 |
7 | 7 |
URL: http://www.kernel.org/ |
8 | 8 |
Group: System Environment/Kernel |
... | ... |
@@ -39,6 +39,9 @@ Patch18: 0002-allow-also-ecb-cipher_null.patch |
39 | 39 |
# Fixes for CVE-2018-1000026 |
40 | 40 |
Patch19: 0001-net-create-skb_gso_validate_mac_len.patch |
41 | 41 |
Patch20: 0002-bnx2x-disable-GSO-where-gso_size-is-too-big-for-hard.patch |
42 |
+# Fix for CVE-2017-18255 |
|
43 |
+Patch21: 0001-perf-core-Fix-the-perf_cpu_time_max_percent-check.patch |
|
44 |
+ |
|
42 | 45 |
# For Spectre |
43 | 46 |
Patch52: 0141-locking-barriers-introduce-new-observable-speculatio.patch |
44 | 47 |
Patch55: 0144-uvcvideo-prevent-speculative-execution.patch |
... | ... |
@@ -149,6 +152,7 @@ This package contains the 'perf' performance analysis tools for Linux kernel. |
149 | 149 |
%patch18 -p1 |
150 | 150 |
%patch19 -p1 |
151 | 151 |
%patch20 -p1 |
152 |
+%patch21 -p1 |
|
152 | 153 |
|
153 | 154 |
%patch52 -p1 |
154 | 155 |
%patch55 -p1 |
... | ... |
@@ -320,6 +324,8 @@ ln -sf %{name}-%{uname_r}.cfg /boot/photon.cfg |
320 | 320 |
/usr/share/perf-core |
321 | 321 |
|
322 | 322 |
%changelog |
323 |
+* Wed May 02 2018 Srivatsa S. Bhat <srivatsa@csail.mit.edu> 4.4.130-2 |
|
324 |
+- Fix CVE-2017-18255. |
|
323 | 325 |
* Mon Apr 30 2018 Srivatsa S. Bhat <srivatsa@csail.mit.edu> 4.4.130-1 |
324 | 326 |
- Update to version 4.4.130 and fix CVE-2018-1000026. |
325 | 327 |
* Thu Apr 19 2018 Srivatsa S. Bhat <srivatsa@csail.mit.edu> 4.4.124-2 |