Browse code
kernels: Update to version 4.9.137
Remove alarmtimer-Prevent-overflow-for-relative-nanosleep.patch as it
got merged in 4.9.131
Change-Id: Ib7d88f4491f388855b715c10599beefe304be448
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/6195
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Srinidhi Rao <srinidhir@vmware.com>
Reviewed-by: Srivatsa S. Bhat <srivatsab@vmware.com>
Srivatsa S. Bhat (VMware) authored on 2018/11/17 08:31:03Showing 6 changed files
- SPECS/linux-api-headers/linux-api-headers.spec
- SPECS/linux/0001-alarmtimer-Prevent-overflow-for-relative-nanosleep.patch
- SPECS/linux/linux-aws.spec
- SPECS/linux/linux-esx.spec
- SPECS/linux/linux-secure.spec
- SPECS/linux/linux.spec
| ... | ... |
@@ -1,6 +1,6 @@ |
| 1 | 1 |
Summary: Linux API header files |
| 2 | 2 |
Name: linux-api-headers |
| 3 |
-Version: 4.9.130 |
|
| 3 |
+Version: 4.9.137 |
|
| 4 | 4 |
Release: 1%{?dist}
|
| 5 | 5 |
License: GPLv2 |
| 6 | 6 |
URL: http://www.kernel.org/ |
| ... | ... |
@@ -8,7 +8,7 @@ Group: System Environment/Kernel |
| 8 | 8 |
Vendor: VMware, Inc. |
| 9 | 9 |
Distribution: Photon |
| 10 | 10 |
Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz
|
| 11 |
-%define sha1 linux=59621537cc8891aa3d0d77b2892db7828a0098f9 |
|
| 11 |
+%define sha1 linux=bd0e5ecf3bee96cb8c81d90247cb3389cbdc0727 |
|
| 12 | 12 |
BuildArch: noarch |
| 13 | 13 |
Patch0: Implement-the-f-xattrat-family-of-functions.patch |
| 14 | 14 |
%description |
| ... | ... |
@@ -27,6 +27,8 @@ find /%{buildroot}%{_includedir} \( -name .install -o -name ..install.cmd \) -de
|
| 27 | 27 |
%defattr(-,root,root) |
| 28 | 28 |
%{_includedir}/*
|
| 29 | 29 |
%changelog |
| 30 |
+* Fri Nov 16 2018 Srivatsa S. Bhat (VMware) <srivatsa@csail.mit.edu> 4.9.137-1 |
|
| 31 |
+- Update to version 4.9.137 |
|
| 30 | 32 |
* Mon Oct 01 2018 srinidhira0 <srinidhir@vmware.com> 4.9.130-1 |
| 31 | 33 |
- Update to version 4.9.130 |
| 32 | 34 |
* Thu Aug 30 2018 Srivatsa S. Bhat <srivatsa@csail.mit.edu> 4.9.124-1 |
| 33 | 35 |
deleted file mode 100644 |
| ... | ... |
@@ -1,59 +0,0 @@ |
| 1 |
-From 8a31e7a17595db79a824e1c55f908acc3e076312 Mon Sep 17 00:00:00 2001 |
|
| 2 |
-From: srinidhira0 <srinidhira0.linuxvk@gmail.com> |
|
| 3 |
-Date: Mon, 10 Sep 2018 23:50:21 +0530 |
|
| 4 |
-Subject: [PATCH] From 5f936e19cc0ef97dbe3a56e9498922ad5ba1edef Mon Sep 17 |
|
| 5 |
- 00:00:00 2001 From: Thomas Gleixner <tglx@linutronix.de> Date: Mon, 2 Jul |
|
| 6 |
- 2018 09:34:29 +0200 Subject: [PATCH] alarmtimer: Prevent overflow for |
|
| 7 |
- relative nanosleep |
|
| 8 |
- |
|
| 9 |
-Air Icy reported: |
|
| 10 |
- |
|
| 11 |
- UBSAN: Undefined behaviour in kernel/time/alarmtimer.c:811:7 |
|
| 12 |
- signed integer overflow: |
|
| 13 |
- 1529859276030040771 + 9223372036854775807 cannot be represented in type 'long long int' |
|
| 14 |
- Call Trace: |
|
| 15 |
- alarm_timer_nsleep+0x44c/0x510 kernel/time/alarmtimer.c:811 |
|
| 16 |
- __do_sys_clock_nanosleep kernel/time/posix-timers.c:1235 [inline] |
|
| 17 |
- __se_sys_clock_nanosleep kernel/time/posix-timers.c:1213 [inline] |
|
| 18 |
- __x64_sys_clock_nanosleep+0x326/0x4e0 kernel/time/posix-timers.c:1213 |
|
| 19 |
- do_syscall_64+0xb8/0x3a0 arch/x86/entry/common.c:290 |
|
| 20 |
- |
|
| 21 |
-alarm_timer_nsleep() uses ktime_add() to add the current time and the |
|
| 22 |
-relative expiry value. ktime_add() has no sanity checks so the addition |
|
| 23 |
-can overflow when the relative timeout is large enough. |
|
| 24 |
- |
|
| 25 |
-Use ktime_add_safe() which has the necessary sanity checks in place and |
|
| 26 |
-limits the result to the valid range. |
|
| 27 |
- |
|
| 28 |
-Fixes: 9a7adcf5c6de ("timers: Posix interface for alarm-timers")
|
|
| 29 |
-Reported-by: Team OWL337 <icytxw@gmail.com> |
|
| 30 |
-Signed-off-by: Thomas Gleixner <tglx@linutronix.de> |
|
| 31 |
-Cc: John Stultz <john.stultz@linaro.org> |
|
| 32 |
-Link: https://lkml.kernel.org/r/alpine.DEB.2.21.1807020926360.1595@nanos.tec.linutronix.de |
|
| 33 |
- kernel/time/alarmtimer.c | 3 ++- |
|
| 34 |
- 1 file changed, 2 insertions(+), 1 deletion(-) |
|
| 35 |
- |
|
| 36 |
-[ Srinidhi Rao: Backported this fix to linux-stable 4.9 branch ] |
|
| 37 |
- |
|
| 38 |
-Signed-off-by: srinidhira0 <srinidhira0.linuxvk@gmail.com> |
|
| 39 |
- kernel/time/alarmtimer.c | 2 +- |
|
| 40 |
- 1 file changed, 1 insertion(+), 1 deletion(-) |
|
| 41 |
- |
|
| 42 |
-diff --git a/kernel/time/alarmtimer.c b/kernel/time/alarmtimer.c |
|
| 43 |
-index d67ef56c..ef11f63 100644 |
|
| 44 |
-+++ b/kernel/time/alarmtimer.c |
|
| 45 |
-@@ -786,7 +786,7 @@ static int alarm_timer_nsleep(const clockid_t which_clock, int flags, |
|
| 46 |
- /* Convert (if necessary) to absolute time */ |
|
| 47 |
- if (flags != TIMER_ABSTIME) {
|
|
| 48 |
- ktime_t now = alarm_bases[type].gettime(); |
|
| 49 |
-- exp = ktime_add(now, exp); |
|
| 50 |
-+ exp = ktime_add_safe(now, exp); |
|
| 51 |
- } |
|
| 52 |
- |
|
| 53 |
- if (alarmtimer_do_nsleep(&alarm, exp)) |
|
| 54 |
-2.7.4 |
|
| 55 |
- |
| ... | ... |
@@ -1,15 +1,15 @@ |
| 1 | 1 |
%global security_hardening none |
| 2 | 2 |
Summary: Kernel |
| 3 | 3 |
Name: linux-aws |
| 4 |
-Version: 4.9.130 |
|
| 5 |
-Release: 2%{?kat_build:.%kat_build}%{?dist}
|
|
| 4 |
+Version: 4.9.137 |
|
| 5 |
+Release: 1%{?kat_build:.%kat_build}%{?dist}
|
|
| 6 | 6 |
License: GPLv2 |
| 7 | 7 |
URL: http://www.kernel.org/ |
| 8 | 8 |
Group: System Environment/Kernel |
| 9 | 9 |
Vendor: VMware, Inc. |
| 10 | 10 |
Distribution: Photon |
| 11 | 11 |
Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz
|
| 12 |
-%define sha1 linux=59621537cc8891aa3d0d77b2892db7828a0098f9 |
|
| 12 |
+%define sha1 linux=bd0e5ecf3bee96cb8c81d90247cb3389cbdc0727 |
|
| 13 | 13 |
Source1: config-aws |
| 14 | 14 |
Source2: initramfs.trigger |
| 15 | 15 |
# common |
| ... | ... |
@@ -65,8 +65,6 @@ Patch45: 0001-xfs-set-format-back-to-extents-if-xfs_bmap_extents_t.patch |
| 65 | 65 |
Patch46: 0001-xfs-move-inode-fork-verifiers-to-xfs-dinode-verify.patch |
| 66 | 66 |
Patch47: 0002-xfs-verify-dinode-header-first.patch |
| 67 | 67 |
Patch48: 0003-xfs-enhance-dinode-verifier.patch |
| 68 |
-# Fix for CVE-2018-13053 |
|
| 69 |
-Patch49: 0001-alarmtimer-Prevent-overflow-for-relative-nanosleep.patch |
|
| 70 | 68 |
|
| 71 | 69 |
# Out-of-tree patches from AppArmor: |
| 72 | 70 |
Patch71: 0001-UBUNTU-SAUCE-AppArmor-basic-networking-rules.patch |
| ... | ... |
@@ -233,7 +231,6 @@ This package contains the 'perf' performance analysis tools for Linux kernel. |
| 233 | 233 |
%patch46 -p1 |
| 234 | 234 |
%patch47 -p1 |
| 235 | 235 |
%patch48 -p1 |
| 236 |
-%patch49 -p1 |
|
| 237 | 236 |
|
| 238 | 237 |
%patch71 -p1 |
| 239 | 238 |
%patch72 -p1 |
| ... | ... |
@@ -443,6 +440,8 @@ ln -sf %{name}-%{uname_r}.cfg /boot/photon.cfg
|
| 443 | 443 |
/usr/share/doc/* |
| 444 | 444 |
|
| 445 | 445 |
%changelog |
| 446 |
+* Fri Nov 16 2018 Srivatsa S. Bhat (VMware) <srivatsa@csail.mit.edu> 4.9.137-1 |
|
| 447 |
+- Update to version 4.9.137 |
|
| 446 | 448 |
* Tue Oct 02 2018 Srivatsa S. Bhat <srivatsa@csail.mit.edu> 4.9.130-2 |
| 447 | 449 |
- Improve error-handling of rdrand-rng kernel driver. |
| 448 | 450 |
* Mon Oct 01 2018 srinidhira0 <srinidhir@vmware.com> 4.9.130-1 |
| ... | ... |
@@ -1,15 +1,15 @@ |
| 1 | 1 |
%global security_hardening none |
| 2 | 2 |
Summary: Kernel |
| 3 | 3 |
Name: linux-esx |
| 4 |
-Version: 4.9.130 |
|
| 5 |
-Release: 3%{?dist}
|
|
| 4 |
+Version: 4.9.137 |
|
| 5 |
+Release: 1%{?dist}
|
|
| 6 | 6 |
License: GPLv2 |
| 7 | 7 |
URL: http://www.kernel.org/ |
| 8 | 8 |
Group: System Environment/Kernel |
| 9 | 9 |
Vendor: VMware, Inc. |
| 10 | 10 |
Distribution: Photon |
| 11 | 11 |
Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz
|
| 12 |
-%define sha1 linux=59621537cc8891aa3d0d77b2892db7828a0098f9 |
|
| 12 |
+%define sha1 linux=bd0e5ecf3bee96cb8c81d90247cb3389cbdc0727 |
|
| 13 | 13 |
Source1: config-esx |
| 14 | 14 |
Source2: initramfs.trigger |
| 15 | 15 |
# common |
| ... | ... |
@@ -61,8 +61,6 @@ Patch45: 0001-xfs-set-format-back-to-extents-if-xfs_bmap_extents_t.patch |
| 61 | 61 |
Patch46: 0001-xfs-move-inode-fork-verifiers-to-xfs-dinode-verify.patch |
| 62 | 62 |
Patch47: 0002-xfs-verify-dinode-header-first.patch |
| 63 | 63 |
Patch48: 0003-xfs-enhance-dinode-verifier.patch |
| 64 |
-# Fix for CVE-2018-13053 |
|
| 65 |
-Patch49: 0001-alarmtimer-Prevent-overflow-for-relative-nanosleep.patch |
|
| 66 | 64 |
|
| 67 | 65 |
BuildRequires: bc |
| 68 | 66 |
BuildRequires: kbd |
| ... | ... |
@@ -140,7 +138,6 @@ The Linux package contains the Linux kernel doc files |
| 140 | 140 |
%patch46 -p1 |
| 141 | 141 |
%patch47 -p1 |
| 142 | 142 |
%patch48 -p1 |
| 143 |
-%patch49 -p1 |
|
| 144 | 143 |
|
| 145 | 144 |
|
| 146 | 145 |
%build |
| ... | ... |
@@ -236,6 +233,8 @@ ln -sf linux-%{uname_r}.cfg /boot/photon.cfg
|
| 236 | 236 |
/usr/src/linux-headers-%{uname_r}
|
| 237 | 237 |
|
| 238 | 238 |
%changelog |
| 239 |
+* Fri Nov 16 2018 Srivatsa S. Bhat (VMware) <srivatsa@csail.mit.edu> 4.9.137-1 |
|
| 240 |
+- Update to version 4.9.137 |
|
| 239 | 241 |
* Mon Oct 08 2018 Srivatsa S. Bhat <srivatsa@csail.mit.edu> 4.9.130-3 |
| 240 | 242 |
- Enable SMB2 support in the config. |
| 241 | 243 |
* Tue Oct 02 2018 Srivatsa S. Bhat <srivatsa@csail.mit.edu> 4.9.130-2 |
| ... | ... |
@@ -1,15 +1,15 @@ |
| 1 | 1 |
%global security_hardening none |
| 2 | 2 |
Summary: Kernel |
| 3 | 3 |
Name: linux-secure |
| 4 |
-Version: 4.9.130 |
|
| 5 |
-Release: 2%{?kat_build:.%kat_build}%{?dist}
|
|
| 4 |
+Version: 4.9.137 |
|
| 5 |
+Release: 1%{?kat_build:.%kat_build}%{?dist}
|
|
| 6 | 6 |
License: GPLv2 |
| 7 | 7 |
URL: http://www.kernel.org/ |
| 8 | 8 |
Group: System Environment/Kernel |
| 9 | 9 |
Vendor: VMware, Inc. |
| 10 | 10 |
Distribution: Photon |
| 11 | 11 |
Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz
|
| 12 |
-%define sha1 linux=59621537cc8891aa3d0d77b2892db7828a0098f9 |
|
| 12 |
+%define sha1 linux=bd0e5ecf3bee96cb8c81d90247cb3389cbdc0727 |
|
| 13 | 13 |
Source1: config-secure |
| 14 | 14 |
Source2: aufs4.9.tar.gz |
| 15 | 15 |
%define sha1 aufs=ebe716ce4b638a3772c7cd3161abbfe11d584906 |
| ... | ... |
@@ -71,8 +71,6 @@ Patch47: 0001-xfs-set-format-back-to-extents-if-xfs_bmap_extents_t.patch |
| 71 | 71 |
Patch48: 0001-xfs-move-inode-fork-verifiers-to-xfs-dinode-verify.patch |
| 72 | 72 |
Patch49: 0002-xfs-verify-dinode-header-first.patch |
| 73 | 73 |
Patch50: 0003-xfs-enhance-dinode-verifier.patch |
| 74 |
-# Fix for CVE-2018-13053 |
|
| 75 |
-Patch51: 0001-alarmtimer-Prevent-overflow-for-relative-nanosleep.patch |
|
| 76 | 74 |
|
| 77 | 75 |
# Out-of-tree patches from AppArmor: |
| 78 | 76 |
Patch71: 0001-UBUNTU-SAUCE-AppArmor-basic-networking-rules.patch |
| ... | ... |
@@ -199,7 +197,6 @@ EOF |
| 199 | 199 |
%patch48 -p1 |
| 200 | 200 |
%patch49 -p1 |
| 201 | 201 |
%patch50 -p1 |
| 202 |
-%patch51 -p1 |
|
| 203 | 202 |
|
| 204 | 203 |
|
| 205 | 204 |
%patch71 -p1 |
| ... | ... |
@@ -334,6 +331,8 @@ ln -sf linux-%{uname_r}.cfg /boot/photon.cfg
|
| 334 | 334 |
/usr/src/linux-headers-%{uname_r}
|
| 335 | 335 |
|
| 336 | 336 |
%changelog |
| 337 |
+* Fri Nov 16 2018 Srivatsa S. Bhat (VMware) <srivatsa@csail.mit.edu> 4.9.137-1 |
|
| 338 |
+- Update to version 4.9.137 |
|
| 337 | 339 |
* Tue Oct 02 2018 Srivatsa S. Bhat <srivatsa@csail.mit.edu> 4.9.130-2 |
| 338 | 340 |
- Improve error-handling of rdrand-rng kernel driver. |
| 339 | 341 |
* Mon Oct 01 2018 srinidhira0 <srinidhir@vmware.com> 4.9.130-1 |
| ... | ... |
@@ -1,15 +1,15 @@ |
| 1 | 1 |
%global security_hardening none |
| 2 | 2 |
Summary: Kernel |
| 3 | 3 |
Name: linux |
| 4 |
-Version: 4.9.130 |
|
| 5 |
-Release: 2%{?kat_build:.%kat_build}%{?dist}
|
|
| 4 |
+Version: 4.9.137 |
|
| 5 |
+Release: 1%{?kat_build:.%kat_build}%{?dist}
|
|
| 6 | 6 |
License: GPLv2 |
| 7 | 7 |
URL: http://www.kernel.org/ |
| 8 | 8 |
Group: System Environment/Kernel |
| 9 | 9 |
Vendor: VMware, Inc. |
| 10 | 10 |
Distribution: Photon |
| 11 | 11 |
Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%{version}.tar.xz
|
| 12 |
-%define sha1 linux=59621537cc8891aa3d0d77b2892db7828a0098f9 |
|
| 12 |
+%define sha1 linux=bd0e5ecf3bee96cb8c81d90247cb3389cbdc0727 |
|
| 13 | 13 |
Source1: config |
| 14 | 14 |
Source2: initramfs.trigger |
| 15 | 15 |
%define ena_version 1.1.3 |
| ... | ... |
@@ -70,8 +70,6 @@ Patch45: 0001-xfs-set-format-back-to-extents-if-xfs_bmap_extents_t.patch |
| 70 | 70 |
Patch46: 0001-xfs-move-inode-fork-verifiers-to-xfs-dinode-verify.patch |
| 71 | 71 |
Patch47: 0002-xfs-verify-dinode-header-first.patch |
| 72 | 72 |
Patch48: 0003-xfs-enhance-dinode-verifier.patch |
| 73 |
-# Fix for CVE-2018-13053 |
|
| 74 |
-Patch49: 0001-alarmtimer-Prevent-overflow-for-relative-nanosleep.patch |
|
| 75 | 73 |
|
| 76 | 74 |
# Out-of-tree patches from AppArmor: |
| 77 | 75 |
Patch71: 0001-UBUNTU-SAUCE-AppArmor-basic-networking-rules.patch |
| ... | ... |
@@ -191,7 +189,6 @@ This package contains the 'perf' performance analysis tools for Linux kernel. |
| 191 | 191 |
%patch46 -p1 |
| 192 | 192 |
%patch47 -p1 |
| 193 | 193 |
%patch48 -p1 |
| 194 |
-%patch49 -p1 |
|
| 195 | 194 |
|
| 196 | 195 |
%patch71 -p1 |
| 197 | 196 |
%patch72 -p1 |
| ... | ... |
@@ -366,6 +363,8 @@ ln -sf %{name}-%{uname_r}.cfg /boot/photon.cfg
|
| 366 | 366 |
/usr/share/doc/* |
| 367 | 367 |
|
| 368 | 368 |
%changelog |
| 369 |
+* Fri Nov 16 2018 Srivatsa S. Bhat (VMware) <srivatsa@csail.mit.edu> 4.9.137-1 |
|
| 370 |
+- Update to version 4.9.137 |
|
| 369 | 371 |
* Tue Oct 02 2018 Srivatsa S. Bhat <srivatsa@csail.mit.edu> 4.9.130-2 |
| 370 | 372 |
- Improve error-handling of rdrand-rng kernel driver. |
| 371 | 373 |
* Mon Oct 01 2018 srinidhira0 <srinidhir@vmware.com> 4.9.130-1 |