Change-Id: Ie92ad134ca9fec19559acf126c33cca62d8f357b
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/7121
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Srivatsa S. Bhat <srivatsab@vmware.com>
(cherry picked from commit ac977611c4c8782e8a593abc73b7dfd04f2d3c17)
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/7169
... | ... |
@@ -1,6 +1,6 @@ |
1 | 1 |
Summary: Linux API header files |
2 | 2 |
Name: linux-api-headers |
3 |
-Version: 4.19.32 |
|
3 |
+Version: 4.19.40 |
|
4 | 4 |
Release: 1%{?dist} |
5 | 5 |
License: GPLv2 |
6 | 6 |
URL: http://www.kernel.org/ |
... | ... |
@@ -8,7 +8,7 @@ Group: System Environment/Kernel |
8 | 8 |
Vendor: VMware, Inc. |
9 | 9 |
Distribution: Photon |
10 | 10 |
Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz |
11 |
-%define sha1 linux=b5267a7e170d2ac0dd51f14c65a4832eb379fb19 |
|
11 |
+%define sha1 linux=c04181c3736e5b85d349f9b58d406d4c18ad4958 |
|
12 | 12 |
BuildArch: noarch |
13 | 13 |
%description |
14 | 14 |
The Linux API Headers expose the kernel's API for use by Glibc. |
... | ... |
@@ -25,6 +25,8 @@ find /%{buildroot}%{_includedir} \( -name .install -o -name ..install.cmd \) -de |
25 | 25 |
%defattr(-,root,root) |
26 | 26 |
%{_includedir}/* |
27 | 27 |
%changelog |
28 |
+* Tue May 07 2019 Ajay Kaher <akaher@vmware.com> 4.19.40-1 |
|
29 |
+- Update to version 4.19.40 |
|
28 | 30 |
* Wed Mar 27 2019 Srivatsa S. Bhat (VMware) <srivatsa@csail.mit.edu> 4.19.32-1 |
29 | 31 |
- Update to version 4.19.32 |
30 | 32 |
* Thu Mar 14 2019 Srivatsa S. Bhat (VMware) <srivatsa@csail.mit.edu> 4.19.29-1 |
31 | 33 |
deleted file mode 100644 |
... | ... |
@@ -1,305 +0,0 @@ |
1 |
-From 84c4e1f89fefe70554da0ab33be72c9be7994379 Mon Sep 17 00:00:00 2001 |
|
2 |
-From: Linus Torvalds <torvalds@linux-foundation.org> |
|
3 |
-Date: Sun, 3 Mar 2019 14:23:33 -0800 |
|
4 |
-Subject: aio: simplify - and fix - fget/fput for io_submit() |
|
5 |
- |
|
6 |
-commit 84c4e1f89fefe70554da0ab33be72c9be7994379 upstream. |
|
7 |
- |
|
8 |
-Al Viro root-caused a race where the IOCB_CMD_POLL handling of |
|
9 |
-fget/fput() could cause us to access the file pointer after it had |
|
10 |
-already been freed: |
|
11 |
- |
|
12 |
- "In more details - normally IOCB_CMD_POLL handling looks so: |
|
13 |
- |
|
14 |
- 1) io_submit(2) allocates aio_kiocb instance and passes it to |
|
15 |
- aio_poll() |
|
16 |
- |
|
17 |
- 2) aio_poll() resolves the descriptor to struct file by req->file = |
|
18 |
- fget(iocb->aio_fildes) |
|
19 |
- |
|
20 |
- 3) aio_poll() sets ->woken to false and raises ->ki_refcnt of that |
|
21 |
- aio_kiocb to 2 (bumps by 1, that is). |
|
22 |
- |
|
23 |
- 4) aio_poll() calls vfs_poll(). After sanity checks (basically, |
|
24 |
- "poll_wait() had been called and only once") it locks the queue. |
|
25 |
- That's what the extra reference to iocb had been for - we know we |
|
26 |
- can safely access it. |
|
27 |
- |
|
28 |
- 5) With queue locked, we check if ->woken has already been set to |
|
29 |
- true (by aio_poll_wake()) and, if it had been, we unlock the |
|
30 |
- queue, drop a reference to aio_kiocb and bugger off - at that |
|
31 |
- point it's a responsibility to aio_poll_wake() and the stuff |
|
32 |
- called/scheduled by it. That code will drop the reference to file |
|
33 |
- in req->file, along with the other reference to our aio_kiocb. |
|
34 |
- |
|
35 |
- 6) otherwise, we see whether we need to wait. If we do, we unlock the |
|
36 |
- queue, drop one reference to aio_kiocb and go away - eventual |
|
37 |
- wakeup (or cancel) will deal with the reference to file and with |
|
38 |
- the other reference to aio_kiocb |
|
39 |
- |
|
40 |
- 7) otherwise we remove ourselves from waitqueue (still under the |
|
41 |
- queue lock), so that wakeup won't get us. No async activity will |
|
42 |
- be happening, so we can safely drop req->file and iocb ourselves. |
|
43 |
- |
|
44 |
- If wakeup happens while we are in vfs_poll(), we are fine - aio_kiocb |
|
45 |
- won't get freed under us, so we can do all the checks and locking |
|
46 |
- safely. And we don't touch ->file if we detect that case. |
|
47 |
- |
|
48 |
- However, vfs_poll() most certainly *does* touch the file it had been |
|
49 |
- given. So wakeup coming while we are still in ->poll() might end up |
|
50 |
- doing fput() on that file. That case is not too rare, and usually we |
|
51 |
- are saved by the still present reference from descriptor table - that |
|
52 |
- fput() is not the final one. |
|
53 |
- |
|
54 |
- But if another thread closes that descriptor right after our fget() |
|
55 |
- and wakeup does happen before ->poll() returns, we are in trouble - |
|
56 |
- final fput() done while we are in the middle of a method: |
|
57 |
- |
|
58 |
-Al also wrote a patch to take an extra reference to the file descriptor |
|
59 |
-to fix this, but I instead suggested we just streamline the whole file |
|
60 |
-pointer handling by submit_io() so that the generic aio submission code |
|
61 |
-simply keeps the file pointer around until the aio has completed. |
|
62 |
- |
|
63 |
-Fixes: bfe4037e722e ("aio: implement IOCB_CMD_POLL") |
|
64 |
-Acked-by: Al Viro <viro@zeniv.linux.org.uk> |
|
65 |
-Reported-by: syzbot+503d4cc169fcec1cb18c@syzkaller.appspotmail.com |
|
66 |
-Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
|
67 |
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
|
68 |
-[ Srivatsa: Fixed accessing aio_fildes within iocb. ] |
|
69 |
-Signed-off-by: Srivatsa S. Bhat (VMware) <srivatsa@csail.mit.edu> |
|
70 |
- |
|
71 |
- fs/aio.c | 67 ++++++++++++++++++++++-------------------------------- |
|
72 |
- include/linux/fs.h | 8 ++++++- |
|
73 |
- 2 files changed, 34 insertions(+), 41 deletions(-) |
|
74 |
- |
|
75 |
-diff --git a/fs/aio.c b/fs/aio.c |
|
76 |
-index 45d5ef8..014d692 100644 |
|
77 |
-+++ b/fs/aio.c |
|
78 |
-@@ -161,9 +161,13 @@ struct kioctx { |
|
79 |
- unsigned id; |
|
80 |
- }; |
|
81 |
- |
|
82 |
-+/* |
|
83 |
-+ * First field must be the file pointer in all the |
|
84 |
-+ * iocb unions! See also 'struct kiocb' in <linux/fs.h> |
|
85 |
-+ */ |
|
86 |
- struct fsync_iocb { |
|
87 |
-- struct work_struct work; |
|
88 |
- struct file *file; |
|
89 |
-+ struct work_struct work; |
|
90 |
- bool datasync; |
|
91 |
- }; |
|
92 |
- |
|
93 |
-@@ -177,8 +181,15 @@ struct poll_iocb { |
|
94 |
- struct work_struct work; |
|
95 |
- }; |
|
96 |
- |
|
97 |
-+/* |
|
98 |
-+ * NOTE! Each of the iocb union members has the file pointer |
|
99 |
-+ * as the first entry in their struct definition. So you can |
|
100 |
-+ * access the file pointer through any of the sub-structs, |
|
101 |
-+ * or directly as just 'ki_filp' in this struct. |
|
102 |
-+ */ |
|
103 |
- struct aio_kiocb { |
|
104 |
- union { |
|
105 |
-+ struct file *ki_filp; |
|
106 |
- struct kiocb rw; |
|
107 |
- struct fsync_iocb fsync; |
|
108 |
- struct poll_iocb poll; |
|
109 |
-@@ -1054,6 +1065,8 @@ static inline void iocb_put(struct aio_kiocb *iocb) |
|
110 |
- { |
|
111 |
- if (refcount_read(&iocb->ki_refcnt) == 0 || |
|
112 |
- refcount_dec_and_test(&iocb->ki_refcnt)) { |
|
113 |
-+ if (iocb->ki_filp) |
|
114 |
-+ fput(iocb->ki_filp); |
|
115 |
- percpu_ref_put(&iocb->ki_ctx->reqs); |
|
116 |
- kmem_cache_free(kiocb_cachep, iocb); |
|
117 |
- } |
|
118 |
-@@ -1412,7 +1425,6 @@ static void aio_complete_rw(struct kiocb *kiocb, long res, long res2) |
|
119 |
- file_end_write(kiocb->ki_filp); |
|
120 |
- } |
|
121 |
- |
|
122 |
-- fput(kiocb->ki_filp); |
|
123 |
- aio_complete(iocb, res, res2); |
|
124 |
- } |
|
125 |
- |
|
126 |
-@@ -1420,9 +1432,6 @@ static int aio_prep_rw(struct kiocb *req, struct iocb *iocb) |
|
127 |
- { |
|
128 |
- int ret; |
|
129 |
- |
|
130 |
-- req->ki_filp = fget(iocb->aio_fildes); |
|
131 |
-- if (unlikely(!req->ki_filp)) |
|
132 |
-- return -EBADF; |
|
133 |
- req->ki_complete = aio_complete_rw; |
|
134 |
- req->ki_pos = iocb->aio_offset; |
|
135 |
- req->ki_flags = iocb_flags(req->ki_filp); |
|
136 |
-@@ -1438,7 +1447,6 @@ static int aio_prep_rw(struct kiocb *req, struct iocb *iocb) |
|
137 |
- ret = ioprio_check_cap(iocb->aio_reqprio); |
|
138 |
- if (ret) { |
|
139 |
- pr_debug("aio ioprio check cap error: %d\n", ret); |
|
140 |
-- fput(req->ki_filp); |
|
141 |
- return ret; |
|
142 |
- } |
|
143 |
- |
|
144 |
-@@ -1447,8 +1455,6 @@ static int aio_prep_rw(struct kiocb *req, struct iocb *iocb) |
|
145 |
- req->ki_ioprio = IOPRIO_PRIO_VALUE(IOPRIO_CLASS_NONE, 0); |
|
146 |
- |
|
147 |
- ret = kiocb_set_rw_flags(req, iocb->aio_rw_flags); |
|
148 |
-- if (unlikely(ret)) |
|
149 |
-- fput(req->ki_filp); |
|
150 |
- return ret; |
|
151 |
- } |
|
152 |
- |
|
153 |
-@@ -1503,24 +1509,19 @@ static ssize_t aio_read(struct kiocb *req, struct iocb *iocb, bool vectored, |
|
154 |
- if (ret) |
|
155 |
- return ret; |
|
156 |
- file = req->ki_filp; |
|
157 |
-- |
|
158 |
-- ret = -EBADF; |
|
159 |
- if (unlikely(!(file->f_mode & FMODE_READ))) |
|
160 |
-- goto out_fput; |
|
161 |
-+ return -EBADF; |
|
162 |
- ret = -EINVAL; |
|
163 |
- if (unlikely(!file->f_op->read_iter)) |
|
164 |
-- goto out_fput; |
|
165 |
-+ return -EINVAL; |
|
166 |
- |
|
167 |
- ret = aio_setup_rw(READ, iocb, &iovec, vectored, compat, &iter); |
|
168 |
- if (ret) |
|
169 |
-- goto out_fput; |
|
170 |
-+ return ret; |
|
171 |
- ret = rw_verify_area(READ, file, &req->ki_pos, iov_iter_count(&iter)); |
|
172 |
- if (!ret) |
|
173 |
- aio_rw_done(req, call_read_iter(file, req, &iter)); |
|
174 |
- kfree(iovec); |
|
175 |
--out_fput: |
|
176 |
-- if (unlikely(ret)) |
|
177 |
-- fput(file); |
|
178 |
- return ret; |
|
179 |
- } |
|
180 |
- |
|
181 |
-@@ -1537,16 +1538,14 @@ static ssize_t aio_write(struct kiocb *req, struct iocb *iocb, bool vectored, |
|
182 |
- return ret; |
|
183 |
- file = req->ki_filp; |
|
184 |
- |
|
185 |
-- ret = -EBADF; |
|
186 |
- if (unlikely(!(file->f_mode & FMODE_WRITE))) |
|
187 |
-- goto out_fput; |
|
188 |
-- ret = -EINVAL; |
|
189 |
-+ return -EBADF; |
|
190 |
- if (unlikely(!file->f_op->write_iter)) |
|
191 |
-- goto out_fput; |
|
192 |
-+ return -EINVAL; |
|
193 |
- |
|
194 |
- ret = aio_setup_rw(WRITE, iocb, &iovec, vectored, compat, &iter); |
|
195 |
- if (ret) |
|
196 |
-- goto out_fput; |
|
197 |
-+ return ret; |
|
198 |
- ret = rw_verify_area(WRITE, file, &req->ki_pos, iov_iter_count(&iter)); |
|
199 |
- if (!ret) { |
|
200 |
- /* |
|
201 |
-@@ -1564,9 +1563,6 @@ static ssize_t aio_write(struct kiocb *req, struct iocb *iocb, bool vectored, |
|
202 |
- aio_rw_done(req, call_write_iter(file, req, &iter)); |
|
203 |
- } |
|
204 |
- kfree(iovec); |
|
205 |
--out_fput: |
|
206 |
-- if (unlikely(ret)) |
|
207 |
-- fput(file); |
|
208 |
- return ret; |
|
209 |
- } |
|
210 |
- |
|
211 |
-@@ -1576,7 +1572,6 @@ static void aio_fsync_work(struct work_struct *work) |
|
212 |
- int ret; |
|
213 |
- |
|
214 |
- ret = vfs_fsync(req->file, req->datasync); |
|
215 |
-- fput(req->file); |
|
216 |
- aio_complete(container_of(req, struct aio_kiocb, fsync), ret, 0); |
|
217 |
- } |
|
218 |
- |
|
219 |
-@@ -1586,13 +1581,8 @@ static int aio_fsync(struct fsync_iocb *req, struct iocb *iocb, bool datasync) |
|
220 |
- iocb->aio_rw_flags)) |
|
221 |
- return -EINVAL; |
|
222 |
- |
|
223 |
-- req->file = fget(iocb->aio_fildes); |
|
224 |
-- if (unlikely(!req->file)) |
|
225 |
-- return -EBADF; |
|
226 |
-- if (unlikely(!req->file->f_op->fsync)) { |
|
227 |
-- fput(req->file); |
|
228 |
-+ if (unlikely(!req->file->f_op->fsync)) |
|
229 |
- return -EINVAL; |
|
230 |
-- } |
|
231 |
- |
|
232 |
- req->datasync = datasync; |
|
233 |
- INIT_WORK(&req->work, aio_fsync_work); |
|
234 |
-@@ -1602,10 +1592,7 @@ static int aio_fsync(struct fsync_iocb *req, struct iocb *iocb, bool datasync) |
|
235 |
- |
|
236 |
- static inline void aio_poll_complete(struct aio_kiocb *iocb, __poll_t mask) |
|
237 |
- { |
|
238 |
-- struct file *file = iocb->poll.file; |
|
239 |
-- |
|
240 |
- aio_complete(iocb, mangle_poll(mask), 0); |
|
241 |
-- fput(file); |
|
242 |
- } |
|
243 |
- |
|
244 |
- static void aio_poll_complete_work(struct work_struct *work) |
|
245 |
-@@ -1730,9 +1717,6 @@ static ssize_t aio_poll(struct aio_kiocb *aiocb, struct iocb *iocb) |
|
246 |
- |
|
247 |
- INIT_WORK(&req->work, aio_poll_complete_work); |
|
248 |
- req->events = demangle_poll(iocb->aio_buf) | EPOLLERR | EPOLLHUP; |
|
249 |
-- req->file = fget(iocb->aio_fildes); |
|
250 |
-- if (unlikely(!req->file)) |
|
251 |
-- return -EBADF; |
|
252 |
- |
|
253 |
- apt.pt._qproc = aio_poll_queue_proc; |
|
254 |
- apt.pt._key = req->events; |
|
255 |
-@@ -1771,10 +1755,8 @@ static ssize_t aio_poll(struct aio_kiocb *aiocb, struct iocb *iocb) |
|
256 |
- spin_unlock_irq(&ctx->ctx_lock); |
|
257 |
- |
|
258 |
- out: |
|
259 |
-- if (unlikely(apt.error)) { |
|
260 |
-- fput(req->file); |
|
261 |
-+ if (unlikely(apt.error)) |
|
262 |
- return apt.error; |
|
263 |
-- } |
|
264 |
- |
|
265 |
- if (mask) |
|
266 |
- aio_poll_complete(aiocb, mask); |
|
267 |
-@@ -1812,6 +1794,11 @@ static int io_submit_one(struct kioctx *ctx, struct iocb __user *user_iocb, |
|
268 |
- if (unlikely(!req)) |
|
269 |
- return -EAGAIN; |
|
270 |
- |
|
271 |
-+ req->ki_filp = fget(iocb.aio_fildes); |
|
272 |
-+ ret = -EBADF; |
|
273 |
-+ if (unlikely(!req->ki_filp)) |
|
274 |
-+ goto out_put_req; |
|
275 |
-+ |
|
276 |
- if (iocb.aio_flags & IOCB_FLAG_RESFD) { |
|
277 |
- /* |
|
278 |
- * If the IOCB_FLAG_RESFD flag of aio_flags is set, get an |
|
279 |
-diff --git a/include/linux/fs.h b/include/linux/fs.h |
|
280 |
-index 7b60848..111c94c 100644 |
|
281 |
-+++ b/include/linux/fs.h |
|
282 |
-@@ -304,13 +304,19 @@ enum rw_hint { |
|
283 |
- |
|
284 |
- struct kiocb { |
|
285 |
- struct file *ki_filp; |
|
286 |
-+ |
|
287 |
-+ /* The 'ki_filp' pointer is shared in a union for aio */ |
|
288 |
-+ randomized_struct_fields_start |
|
289 |
-+ |
|
290 |
- loff_t ki_pos; |
|
291 |
- void (*ki_complete)(struct kiocb *iocb, long ret, long ret2); |
|
292 |
- void *private; |
|
293 |
- int ki_flags; |
|
294 |
- u16 ki_hint; |
|
295 |
- u16 ki_ioprio; /* See linux/ioprio.h */ |
|
296 |
--} __randomize_layout; |
|
297 |
-+ |
|
298 |
-+ randomized_struct_fields_end |
|
299 |
-+}; |
|
300 |
- |
|
301 |
- static inline bool is_sync_kiocb(struct kiocb *kiocb) |
|
302 |
- { |
... | ... |
@@ -2758,6 +2758,7 @@ CONFIG_UNIX98_PTYS=y |
2758 | 2758 |
# CONFIG_NOZOMI is not set |
2759 | 2759 |
# CONFIG_N_GSM is not set |
2760 | 2760 |
# CONFIG_TRACE_SINK is not set |
2761 |
+CONFIG_LDISC_AUTOLOAD=y |
|
2761 | 2762 |
CONFIG_DEVMEM=y |
2762 | 2763 |
# CONFIG_DEVKMEM is not set |
2763 | 2764 |
|
... | ... |
@@ -4592,6 +4593,7 @@ CONFIG_INTEL_PUNIT_IPC=m |
4592 | 4592 |
# CONFIG_MLX_PLATFORM is not set |
4593 | 4593 |
# CONFIG_INTEL_TURBO_MAX_3 is not set |
4594 | 4594 |
# CONFIG_I2C_MULTI_INSTANTIATE is not set |
4595 |
+# CONFIG_INTEL_ATOMISP2_PM is not set |
|
4595 | 4596 |
CONFIG_PMC_ATOM=y |
4596 | 4597 |
# CONFIG_CHROME_PLATFORMS is not set |
4597 | 4598 |
# CONFIG_MELLANOX_PLATFORM is not set |
... | ... |
@@ -2411,6 +2411,7 @@ CONFIG_UNIX98_PTYS=y |
2411 | 2411 |
# CONFIG_NOZOMI is not set |
2412 | 2412 |
# CONFIG_N_GSM is not set |
2413 | 2413 |
# CONFIG_TRACE_SINK is not set |
2414 |
+CONFIG_LDISC_AUTOLOAD=y |
|
2414 | 2415 |
CONFIG_DEVMEM=y |
2415 | 2416 |
# CONFIG_DEVKMEM is not set |
2416 | 2417 |
|
... | ... |
@@ -3611,6 +3612,7 @@ CONFIG_MXM_WMI=m |
3611 | 3611 |
# CONFIG_MLX_PLATFORM is not set |
3612 | 3612 |
# CONFIG_INTEL_TURBO_MAX_3 is not set |
3613 | 3613 |
# CONFIG_I2C_MULTI_INSTANTIATE is not set |
3614 |
+# CONFIG_INTEL_ATOMISP2_PM is not set |
|
3614 | 3615 |
CONFIG_PMC_ATOM=y |
3615 | 3616 |
# CONFIG_CHROME_PLATFORMS is not set |
3616 | 3617 |
# CONFIG_MELLANOX_PLATFORM is not set |
... | ... |
@@ -2529,6 +2529,7 @@ CONFIG_UNIX98_PTYS=y |
2529 | 2529 |
# CONFIG_NOZOMI is not set |
2530 | 2530 |
# CONFIG_N_GSM is not set |
2531 | 2531 |
# CONFIG_TRACE_SINK is not set |
2532 |
+CONFIG_LDISC_AUTOLOAD=y |
|
2532 | 2533 |
# CONFIG_DEVMEM is not set |
2533 | 2534 |
# CONFIG_DEVKMEM is not set |
2534 | 2535 |
|
... | ... |
@@ -3955,6 +3956,7 @@ CONFIG_PVPANIC=m |
3955 | 3955 |
# CONFIG_MLX_PLATFORM is not set |
3956 | 3956 |
# CONFIG_INTEL_TURBO_MAX_3 is not set |
3957 | 3957 |
# CONFIG_I2C_MULTI_INSTANTIATE is not set |
3958 |
+# CONFIG_INTEL_ATOMISP2_PM is not set |
|
3958 | 3959 |
CONFIG_PMC_ATOM=y |
3959 | 3960 |
# CONFIG_CHROME_PLATFORMS is not set |
3960 | 3961 |
# CONFIG_MELLANOX_PLATFORM is not set |
... | ... |
@@ -1,15 +1,15 @@ |
1 | 1 |
%global security_hardening none |
2 | 2 |
Summary: Kernel |
3 | 3 |
Name: linux-aws |
4 |
-Version: 4.19.32 |
|
5 |
-Release: 2%{?kat_build:.%kat_build}%{?dist} |
|
4 |
+Version: 4.19.40 |
|
5 |
+Release: 1%{?kat_build:.%kat_build}%{?dist} |
|
6 | 6 |
License: GPLv2 |
7 | 7 |
URL: http://www.kernel.org/ |
8 | 8 |
Group: System Environment/Kernel |
9 | 9 |
Vendor: VMware, Inc. |
10 | 10 |
Distribution: Photon |
11 | 11 |
Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz |
12 |
-%define sha1 linux=b5267a7e170d2ac0dd51f14c65a4832eb379fb19 |
|
12 |
+%define sha1 linux=c04181c3736e5b85d349f9b58d406d4c18ad4958 |
|
13 | 13 |
Source1: config-aws |
14 | 14 |
Source2: initramfs.trigger |
15 | 15 |
# common |
... | ... |
@@ -36,9 +36,6 @@ Patch30: 4.17-0002-apparmor-af_unix-mediation.patch |
36 | 36 |
Patch31: 4.17-0003-apparmor-fix-use-after-free-in-sk_peer_label.patch |
37 | 37 |
# RDRAND-based RNG driver to enhance the kernel's entropy pool: |
38 | 38 |
Patch32: 4.18-0001-hwrng-rdrand-Add-RNG-driver-based-on-x86-rdrand-inst.patch |
39 |
-# Fix CVE-2019-10125 |
|
40 |
-Patch33: 0001-aio-simplify-and-fix-fget-fput-for-io_submit.patch |
|
41 |
- |
|
42 | 39 |
|
43 | 40 |
# Amazon AWS |
44 | 41 |
Patch101: 0002-watchdog-Disable-watchdog-on-virtual-machines.patch |
... | ... |
@@ -156,7 +153,6 @@ This package contains the 'perf' performance analysis tools for Linux kernel. |
156 | 156 |
%patch30 -p1 |
157 | 157 |
%patch31 -p1 |
158 | 158 |
%patch32 -p1 |
159 |
-%patch33 -p1 |
|
160 | 159 |
|
161 | 160 |
%patch101 -p1 |
162 | 161 |
%patch102 -p1 |
... | ... |
@@ -361,6 +357,8 @@ ln -sf %{name}-%{uname_r}.cfg /boot/photon.cfg |
361 | 361 |
%{_libdir}/perf/include/bpf/* |
362 | 362 |
|
363 | 363 |
%changelog |
364 |
+* Tue May 07 2019 Ajay Kaher <akaher@vmware.com> 4.19.40-1 |
|
365 |
+- Update to version 4.19.40 |
|
364 | 366 |
* Fri Mar 29 2019 Srivatsa S. Bhat (VMware) <srivatsa@csail.mit.edu> 4.19.32-2 |
365 | 367 |
- Fix CVE-2019-10125 |
366 | 368 |
* Wed Mar 27 2019 Srivatsa S. Bhat (VMware) <srivatsa@csail.mit.edu> 4.19.32-1 |
... | ... |
@@ -1,15 +1,15 @@ |
1 | 1 |
%global security_hardening none |
2 | 2 |
Summary: Kernel |
3 | 3 |
Name: linux-esx |
4 |
-Version: 4.19.32 |
|
5 |
-Release: 3%{?dist} |
|
4 |
+Version: 4.19.40 |
|
5 |
+Release: 1%{?dist} |
|
6 | 6 |
License: GPLv2 |
7 | 7 |
URL: http://www.kernel.org/ |
8 | 8 |
Group: System Environment/Kernel |
9 | 9 |
Vendor: VMware, Inc. |
10 | 10 |
Distribution: Photon |
11 | 11 |
Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz |
12 |
-%define sha1 linux=b5267a7e170d2ac0dd51f14c65a4832eb379fb19 |
|
12 |
+%define sha1 linux=c04181c3736e5b85d349f9b58d406d4c18ad4958 |
|
13 | 13 |
Source1: config-esx |
14 | 14 |
Source2: initramfs.trigger |
15 | 15 |
# common |
... | ... |
@@ -40,8 +40,6 @@ Patch25: 4.18-0001-hwrng-rdrand-Add-RNG-driver-based-on-x86-rdrand-inst.p |
40 | 40 |
Patch26: 4.17-0001-apparmor-patch-to-provide-compatibility-with-v2.x-ne.patch |
41 | 41 |
Patch27: 4.17-0002-apparmor-af_unix-mediation.patch |
42 | 42 |
Patch28: 4.17-0003-apparmor-fix-use-after-free-in-sk_peer_label.patch |
43 |
-# Fix CVE-2019-10125 |
|
44 |
-Patch29: 0001-aio-simplify-and-fix-fget-fput-for-io_submit.patch |
|
45 | 43 |
|
46 | 44 |
BuildArch: x86_64 |
47 | 45 |
BuildRequires: bc |
... | ... |
@@ -100,7 +98,6 @@ The Linux package contains the Linux kernel doc files |
100 | 100 |
%patch26 -p1 |
101 | 101 |
%patch27 -p1 |
102 | 102 |
%patch28 -p1 |
103 |
-%patch29 -p1 |
|
104 | 103 |
|
105 | 104 |
%build |
106 | 105 |
# patch vmw_balloon driver |
... | ... |
@@ -197,6 +194,8 @@ ln -sf linux-%{uname_r}.cfg /boot/photon.cfg |
197 | 197 |
/usr/src/linux-headers-%{uname_r} |
198 | 198 |
|
199 | 199 |
%changelog |
200 |
+* Tue May 07 2019 Ajay Kaher <akaher@vmware.com> 4.19.40-1 |
|
201 |
+- Update to version 4.19.40 |
|
200 | 202 |
* Fri May 03 2019 Ajay Kaher <akaher@vmware.com> 4.19.32-3 |
201 | 203 |
- Enable SELinux kernel config |
202 | 204 |
* Fri Mar 29 2019 Srivatsa S. Bhat (VMware) <srivatsa@csail.mit.edu> 4.19.32-2 |
... | ... |
@@ -1,15 +1,15 @@ |
1 | 1 |
%global security_hardening none |
2 | 2 |
Summary: Kernel |
3 | 3 |
Name: linux-secure |
4 |
-Version: 4.19.32 |
|
5 |
-Release: 2%{?kat_build:.%kat_build}%{?dist} |
|
4 |
+Version: 4.19.40 |
|
5 |
+Release: 1%{?kat_build:.%kat_build}%{?dist} |
|
6 | 6 |
License: GPLv2 |
7 | 7 |
URL: http://www.kernel.org/ |
8 | 8 |
Group: System Environment/Kernel |
9 | 9 |
Vendor: VMware, Inc. |
10 | 10 |
Distribution: Photon |
11 | 11 |
Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz |
12 |
-%define sha1 linux=b5267a7e170d2ac0dd51f14c65a4832eb379fb19 |
|
12 |
+%define sha1 linux=c04181c3736e5b85d349f9b58d406d4c18ad4958 |
|
13 | 13 |
Source1: config-secure |
14 | 14 |
Source2: initramfs.trigger |
15 | 15 |
# common |
... | ... |
@@ -39,9 +39,6 @@ Patch33: 4.17-0002-apparmor-af_unix-mediation.patch |
39 | 39 |
Patch34: 4.17-0003-apparmor-fix-use-after-free-in-sk_peer_label.patch |
40 | 40 |
# RDRAND-based RNG driver to enhance the kernel's entropy pool: |
41 | 41 |
Patch35: 4.18-0001-hwrng-rdrand-Add-RNG-driver-based-on-x86-rdrand-inst.patch |
42 |
-# Fix CVE-2019-10125 |
|
43 |
-Patch36: 0001-aio-simplify-and-fix-fget-fput-for-io_submit.patch |
|
44 |
- |
|
45 | 42 |
|
46 | 43 |
# NSX requirements (should be removed) |
47 | 44 |
Patch99: LKCM.patch |
... | ... |
@@ -112,7 +109,6 @@ The Linux package contains the Linux kernel doc files |
112 | 112 |
%patch33 -p1 |
113 | 113 |
%patch34 -p1 |
114 | 114 |
%patch35 -p1 |
115 |
-%patch36 -p1 |
|
116 | 115 |
|
117 | 116 |
pushd .. |
118 | 117 |
%patch99 -p0 |
... | ... |
@@ -240,6 +236,8 @@ ln -sf linux-%{uname_r}.cfg /boot/photon.cfg |
240 | 240 |
/usr/src/linux-headers-%{uname_r} |
241 | 241 |
|
242 | 242 |
%changelog |
243 |
+* Tue May 07 2019 Ajay Kaher <akaher@vmware.com> 4.19.40-1 |
|
244 |
+- Update to version 4.19.40 |
|
243 | 245 |
* Fri Mar 29 2019 Srivatsa S. Bhat (VMware) <srivatsa@csail.mit.edu> 4.19.32-2 |
244 | 246 |
- Fix CVE-2019-10125 |
245 | 247 |
* Wed Mar 27 2019 Srivatsa S. Bhat (VMware) <srivatsa@csail.mit.edu> 4.19.32-1 |
... | ... |
@@ -1,15 +1,15 @@ |
1 | 1 |
%global security_hardening none |
2 | 2 |
Summary: Kernel |
3 | 3 |
Name: linux |
4 |
-Version: 4.19.32 |
|
5 |
-Release: 3%{?kat_build:.%kat_build}%{?dist} |
|
4 |
+Version: 4.19.40 |
|
5 |
+Release: 1%{?kat_build:.%kat_build}%{?dist} |
|
6 | 6 |
License: GPLv2 |
7 | 7 |
URL: http://www.kernel.org/ |
8 | 8 |
Group: System Environment/Kernel |
9 | 9 |
Vendor: VMware, Inc. |
10 | 10 |
Distribution: Photon |
11 | 11 |
Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz |
12 |
-%define sha1 linux=b5267a7e170d2ac0dd51f14c65a4832eb379fb19 |
|
12 |
+%define sha1 linux=c04181c3736e5b85d349f9b58d406d4c18ad4958 |
|
13 | 13 |
Source1: config |
14 | 14 |
Source2: initramfs.trigger |
15 | 15 |
%define ena_version 1.6.0 |
... | ... |
@@ -44,8 +44,6 @@ Patch30: 4.17-0002-apparmor-af_unix-mediation.patch |
44 | 44 |
Patch31: 4.17-0003-apparmor-fix-use-after-free-in-sk_peer_label.patch |
45 | 45 |
# RDRAND-based RNG driver to enhance the kernel's entropy pool: |
46 | 46 |
Patch32: 4.18-0001-hwrng-rdrand-Add-RNG-driver-based-on-x86-rdrand-inst.patch |
47 |
-# Fix CVE-2019-10125 |
|
48 |
-Patch33: 0001-aio-simplify-and-fix-fget-fput-for-io_submit.patch |
|
49 | 47 |
|
50 | 48 |
%ifarch aarch64 |
51 | 49 |
# NXP LS1012a FRWY patches |
... | ... |
@@ -183,7 +181,6 @@ Kernel Device Tree Blob files for NXP ls1012a FRWY board |
183 | 183 |
%patch30 -p1 |
184 | 184 |
%patch31 -p1 |
185 | 185 |
%patch32 -p1 |
186 |
-%patch33 -p1 |
|
187 | 186 |
|
188 | 187 |
%ifarch aarch64 |
189 | 188 |
# NXP FSL_PPFE Driver patches |
... | ... |
@@ -442,6 +439,8 @@ ln -sf %{name}-%{uname_r}.cfg /boot/photon.cfg |
442 | 442 |
%endif |
443 | 443 |
|
444 | 444 |
%changelog |
445 |
+* Tue May 07 2019 Ajay Kaher <akaher@vmware.com> 4.19.40-1 |
|
446 |
+- Update to version 4.19.40 |
|
445 | 447 |
* Thu Apr 11 2019 Srivatsa S. Bhat (VMware) <srivatsa@csail.mit.edu> 4.19.32-3 |
446 | 448 |
- Update config_aarch64 to fix ARM64 build. |
447 | 449 |
* Fri Mar 29 2019 Srivatsa S. Bhat (VMware) <srivatsa@csail.mit.edu> 4.19.32-2 |