new file mode 100644

@@ -0,0 +1,47 @@

+From 1572e45a924f254d9570093abde46430c3172e3d Mon Sep 17 00:00:00 2001

+From: Tan Xiaojun <tanxiaojun@huawei.com>

+Date: Thu, 23 Feb 2017 14:04:39 +0800

+Subject: [PATCH] perf/core: Fix the perf_cpu_time_max_percent check

+

+Use "proc_dointvec_minmax" instead of "proc_dointvec" to check the input

+value from user-space.

+

+If not, we can set a big value and some vars will overflow like

+"sysctl_perf_event_sample_rate" which will cause a lot of unexpected

+problems.

+

+Signed-off-by: Tan Xiaojun <tanxiaojun@huawei.com>

+Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>

+Cc: <acme@kernel.org>

+Cc: <alexander.shishkin@linux.intel.com>

+Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>

+Cc: Arnaldo Carvalho de Melo <acme@redhat.com>

+Cc: Jiri Olsa <jolsa@redhat.com>

+Cc: Linus Torvalds <torvalds@linux-foundation.org>

+Cc: Peter Zijlstra <peterz@infradead.org>

+Cc: Stephane Eranian <eranian@google.com>

+Cc: Thomas Gleixner <tglx@linutronix.de>

+Cc: Vince Weaver <vincent.weaver@maine.edu>

+Link: http://lkml.kernel.org/r/1487829879-56237-1-git-send-email-tanxiaojun@huawei.com

+Signed-off-by: Ingo Molnar <mingo@kernel.org>

+Signed-off-by: Srivatsa S. Bhat <srivatsa@csail.mit.edu>

+---

+ kernel/events/core.c | 2 +-

+ 1 file changed, 1 insertion(+), 1 deletion(-)

+

+diff --git a/kernel/events/core.c b/kernel/events/core.c

+index b1d6b98..cbc5182 100644

+--- a/kernel/events/core.c

+@@ -453,7 +453,7 @@ int perf_cpu_time_max_percent_handler(struct ctl_table *table, int write,

+ 				void __user *buffer, size_t *lenp,

+ 				loff_t *ppos)

+ {

+-	int ret = proc_dointvec(table, write, buffer, lenp, ppos);

++	int ret = proc_dointvec_minmax(table, write, buffer, lenp, ppos);

+ 

+ 	if (ret || !write)

+ 		return ret;

+-- 

+2.7.4

+

@@ -2,7 +2,7 @@

 Summary:        Kernel

 Name:           linux-aws

 Version:        4.9.97

-Release:        2%{?kat_build:.%kat_build}%{?dist}

+Release:        3%{?kat_build:.%kat_build}%{?dist}

 License:    	GPLv2

 URL:        	http://www.kernel.org/

 Group:        	System Environment/Kernel

@@ -49,6 +49,8 @@ Patch33:        vmxnet3-fix-incorrect-dereference-when-rxvlan-is-disabled.patch

 # Fixes for CVE-2018-1000026

 Patch34:        0001-net-create-skb_gso_validate_mac_len.patch

 Patch35:        0002-bnx2x-disable-GSO-where-gso_size-is-too-big-for-hard.patch

+# Fix for CVE-2017-18255

+Patch36:        0001-perf-core-Fix-the-perf_cpu_time_max_percent-check.patch

 # For Spectre

 Patch52: 0141-locking-barriers-introduce-new-observable-speculatio.patch

@@ -214,6 +216,7 @@ This package contains the 'perf' performance analysis tools for Linux kernel.

 %patch33 -p1

 %patch34 -p1

 %patch35 -p1

+%patch36 -p1

 %patch52 -p1

 %patch53 -p1

@@ -433,6 +436,8 @@ ln -sf %{name}-%{uname_r}.cfg /boot/photon.cfg

 /usr/share/doc/*

 %changelog

+*   Wed May 02 2018 Srivatsa S. Bhat <srivatsa@csail.mit.edu> 4.9.97-3

+-   Fix CVE-2017-18255.

 *   Tue May 01 2018 Srivatsa S. Bhat <srivatsa@csail.mit.edu> 4.9.97-2

 -   Fix CVE-2018-1000026.

 *   Mon Apr 30 2018 Alexey Makhalov <amakhalov@vmware.com> 4.9.97-1

@@ -2,7 +2,7 @@

 Summary:        Kernel

 Name:           linux-esx

 Version:        4.9.97

-Release:        2%{?dist}

+Release:        3%{?dist}

 License:        GPLv2

 URL:            http://www.kernel.org/

 Group:          System Environment/Kernel

@@ -46,6 +46,8 @@ Patch33:        vmxnet3-fix-incorrect-dereference-when-rxvlan-is-disabled.patch

 # Fixes for CVE-2018-1000026

 Patch34:        0001-net-create-skb_gso_validate_mac_len.patch

 Patch35:        0002-bnx2x-disable-GSO-where-gso_size-is-too-big-for-hard.patch

+# Fix for CVE-2017-18255

+Patch36:        0001-perf-core-Fix-the-perf_cpu_time_max_percent-check.patch

 # For Spectre

 Patch52: 0141-locking-barriers-introduce-new-observable-speculatio.patch

@@ -129,6 +131,7 @@ The Linux package contains the Linux kernel doc files

 %patch33 -p1

 %patch34 -p1

 %patch35 -p1

+%patch36 -p1

 %patch52 -p1

 %patch53 -p1

@@ -240,6 +243,8 @@ ln -sf linux-%{uname_r}.cfg /boot/photon.cfg

 /usr/src/linux-headers-%{uname_r}

 %changelog

+*   Wed May 02 2018 Srivatsa S. Bhat <srivatsa@csail.mit.edu> 4.9.97-3

+-   Fix CVE-2017-18255.

 *   Tue May 01 2018 Srivatsa S. Bhat <srivatsa@csail.mit.edu> 4.9.97-2

 -   Fix CVE-2018-1000026.

 *   Mon Apr 30 2018 Alexey Makhalov <amakhalov@vmware.com> 4.9.97-1

@@ -2,7 +2,7 @@

 Summary:        Kernel

 Name:           linux-secure

 Version:        4.9.97

-Release:        2%{?kat_build:.%kat_build}%{?dist}

+Release:        3%{?kat_build:.%kat_build}%{?dist}

 License:        GPLv2

 URL:            http://www.kernel.org/

 Group:          System Environment/Kernel

@@ -55,6 +55,8 @@ Patch35:        vmxnet3-fix-incorrect-dereference-when-rxvlan-is-disabled.patch

 # Fixes for CVE-2018-1000026

 Patch36:        0001-net-create-skb_gso_validate_mac_len.patch

 Patch37:        0002-bnx2x-disable-GSO-where-gso_size-is-too-big-for-hard.patch

+# Fix for CVE-2017-18255

+Patch38:        0001-perf-core-Fix-the-perf_cpu_time_max_percent-check.patch

 # For Spectre

 Patch52: 0141-locking-barriers-introduce-new-observable-speculatio.patch

@@ -182,6 +184,7 @@ EOF

 %patch35 -p1

 %patch36 -p1

 %patch37 -p1

+%patch38 -p1

 # spectre

 %patch52 -p1

@@ -329,6 +332,8 @@ ln -sf linux-%{uname_r}.cfg /boot/photon.cfg

 /usr/src/linux-headers-%{uname_r}

 %changelog

+*   Wed May 02 2018 Srivatsa S. Bhat <srivatsa@csail.mit.edu> 4.9.97-3

+-   Fix CVE-2017-18255.

 *   Tue May 01 2018 Srivatsa S. Bhat <srivatsa@csail.mit.edu> 4.9.97-2

 -   Fix CVE-2018-1000026.

 *   Mon Apr 30 2018 Alexey Makhalov <amakhalov@vmware.com> 4.9.97-1

@@ -2,7 +2,7 @@

 Summary:        Kernel

 Name:           linux

 Version:        4.9.97

-Release:        2%{?kat_build:.%kat_build}%{?dist}

+Release:        3%{?kat_build:.%kat_build}%{?dist}

 License:    	GPLv2

 URL:        	http://www.kernel.org/

 Group:        	System Environment/Kernel

@@ -53,6 +53,8 @@ Patch33:        vmxnet3-fix-incorrect-dereference-when-rxvlan-is-disabled.patch

 # Fixes for CVE-2018-1000026

 Patch34:        0001-net-create-skb_gso_validate_mac_len.patch

 Patch35:        0002-bnx2x-disable-GSO-where-gso_size-is-too-big-for-hard.patch

+# Fix for CVE-2017-18255

+Patch36:        0001-perf-core-Fix-the-perf_cpu_time_max_percent-check.patch

 # For Spectre

 Patch52: 0141-locking-barriers-introduce-new-observable-speculatio.patch

@@ -173,6 +175,7 @@ This package contains the 'perf' performance analysis tools for Linux kernel.

 %patch33 -p1

 %patch34 -p1

 %patch35 -p1

+%patch36 -p1

 %patch52 -p1

 %patch53 -p1

@@ -355,6 +358,8 @@ ln -sf %{name}-%{uname_r}.cfg /boot/photon.cfg

 /usr/share/doc/*

 %changelog

+*   Wed May 02 2018 Srivatsa S. Bhat <srivatsa@csail.mit.edu> 4.9.97-3

+-   Fix CVE-2017-18255.

 *   Tue May 01 2018 Srivatsa S. Bhat <srivatsa@csail.mit.edu> 4.9.97-2

 -   Fix CVE-2018-1000026.

 *   Mon Apr 30 2018 Alexey Makhalov <amakhalov@vmware.com> 4.9.97-1