diff options
author | Stijn Tintel <stijn@linux-ipv6.be> | 2018-07-31 05:11:07 +0300 |
---|---|---|
committer | Stijn Tintel <stijn@linux-ipv6.be> | 2018-07-31 05:11:07 +0300 |
commit | 22b9f99b87fa1ff991180cabf02dd04d1bddce2b (patch) | |
tree | 4675ce75a330278a46b34522f99d9e5ca6b9e8d3 /target/linux/apm821xx/patches-4.14/020-0011-crypto-crypto4xx-fix-crypto4xx_build_pdr-crypto4xx_b.patch | |
parent | c89195eb25a4dfd093f9d0d3b3adac896bb471ad (diff) | |
download | upstream-22b9f99b87fa1ff991180cabf02dd04d1bddce2b.tar.gz upstream-22b9f99b87fa1ff991180cabf02dd04d1bddce2b.tar.bz2 upstream-22b9f99b87fa1ff991180cabf02dd04d1bddce2b.zip |
kernel: bump 4.14 to 4.14.59
Drop patch that was superseded upstream:
ramips/0036-mtd-fix-cfi-cmdset-0002-erase-status-check.patch
Drop upstreamed patches:
- apm821xx/020-0001-crypto-crypto4xx-remove-bad-list_del.patch
- apm821xx/020-0011-crypto-crypto4xx-fix-crypto4xx_build_pdr-crypto4xx_b.patch
- ath79/0011-MIPS-ath79-fix-register-address-in-ath79_ddr_wb_flus.patch
- brcm63xx/001-4.15-08-bcm63xx_enet-correct-clock-usage.patch
- brcm63xx/001-4.15-09-bcm63xx_enet-do-not-write-to-random-DMA-channel-on-B.patch
- generic/backport/080-net-convert-sock.sk_wmem_alloc-from-atomic_t-to-refc.patch
- generic/pending/170-usb-dwc2-Fix-DMA-alignment-to-start-at-allocated-boun.patch
- generic/pending/900-gen_stats-fix-netlink-stats-padding.patch
In 4.14.55, a patch was introduced that breaks ext4 images in some
cases. The newly introduced patch
backport-4.14/500-ext4-fix-check-to-prevent-initializing-reserved-inod.patch
addresses this breakage.
Fixes the following CVEs:
- CVE-2018-10876
- CVE-2018-10877
- CVE-2018-10879
- CVE-2018-10880
- CVE-2018-10881
- CVE-2018-10882
- CVE-2018-10883
Compile-tested: ath79, octeon, x86/64
Runtime-tested: ath79, octeon, x86/64
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Diffstat (limited to 'target/linux/apm821xx/patches-4.14/020-0011-crypto-crypto4xx-fix-crypto4xx_build_pdr-crypto4xx_b.patch')
-rw-r--r-- | target/linux/apm821xx/patches-4.14/020-0011-crypto-crypto4xx-fix-crypto4xx_build_pdr-crypto4xx_b.patch | 84 |
1 files changed, 0 insertions, 84 deletions
diff --git a/target/linux/apm821xx/patches-4.14/020-0011-crypto-crypto4xx-fix-crypto4xx_build_pdr-crypto4xx_b.patch b/target/linux/apm821xx/patches-4.14/020-0011-crypto-crypto4xx-fix-crypto4xx_build_pdr-crypto4xx_b.patch deleted file mode 100644 index 837fbdc547..0000000000 --- a/target/linux/apm821xx/patches-4.14/020-0011-crypto-crypto4xx-fix-crypto4xx_build_pdr-crypto4xx_b.patch +++ /dev/null @@ -1,84 +0,0 @@ -From 5d59ad6eea82ef8df92b4109615a0dde9d8093e9 Mon Sep 17 00:00:00 2001 -From: Christian Lamparter <chunkeey@googlemail.com> -Date: Fri, 25 Aug 2017 15:47:24 +0200 -Subject: [PATCH 11/25] crypto: crypto4xx - fix crypto4xx_build_pdr, - crypto4xx_build_sdr leak - -If one of the later memory allocations in rypto4xx_build_pdr() -fails: dev->pdr (and/or) dev->pdr_uinfo wouldn't be freed. - -crypto4xx_build_sdr() has the same issue with dev->sdr. - -Signed-off-by: Christian Lamparter <chunkeey@googlemail.com> -Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> ---- - drivers/crypto/amcc/crypto4xx_core.c | 17 +++++++++-------- - 1 file changed, 9 insertions(+), 8 deletions(-) - ---- a/drivers/crypto/amcc/crypto4xx_core.c -+++ b/drivers/crypto/amcc/crypto4xx_core.c -@@ -209,7 +209,7 @@ static u32 crypto4xx_build_pdr(struct cr - dev->pdr_pa); - return -ENOMEM; - } -- memset(dev->pdr, 0, sizeof(struct ce_pd) * PPC4XX_NUM_PD); -+ memset(dev->pdr, 0, sizeof(struct ce_pd) * PPC4XX_NUM_PD); - dev->shadow_sa_pool = dma_alloc_coherent(dev->core_dev->device, - 256 * PPC4XX_NUM_PD, - &dev->shadow_sa_pool_pa, -@@ -242,13 +242,15 @@ static u32 crypto4xx_build_pdr(struct cr - - static void crypto4xx_destroy_pdr(struct crypto4xx_device *dev) - { -- if (dev->pdr != NULL) -+ if (dev->pdr) - dma_free_coherent(dev->core_dev->device, - sizeof(struct ce_pd) * PPC4XX_NUM_PD, - dev->pdr, dev->pdr_pa); -+ - if (dev->shadow_sa_pool) - dma_free_coherent(dev->core_dev->device, 256 * PPC4XX_NUM_PD, - dev->shadow_sa_pool, dev->shadow_sa_pool_pa); -+ - if (dev->shadow_sr_pool) - dma_free_coherent(dev->core_dev->device, - sizeof(struct sa_state_record) * PPC4XX_NUM_PD, -@@ -417,12 +419,12 @@ static u32 crypto4xx_build_sdr(struct cr - - static void crypto4xx_destroy_sdr(struct crypto4xx_device *dev) - { -- if (dev->sdr != NULL) -+ if (dev->sdr) - dma_free_coherent(dev->core_dev->device, - sizeof(struct ce_sd) * PPC4XX_NUM_SD, - dev->sdr, dev->sdr_pa); - -- if (dev->scatter_buffer_va != NULL) -+ if (dev->scatter_buffer_va) - dma_free_coherent(dev->core_dev->device, - PPC4XX_SD_BUFFER_SIZE * PPC4XX_NUM_SD, - dev->scatter_buffer_va, -@@ -1223,7 +1225,7 @@ static int crypto4xx_probe(struct platfo - - rc = crypto4xx_build_gdr(core_dev->dev); - if (rc) -- goto err_build_gdr; -+ goto err_build_pdr; - - rc = crypto4xx_build_sdr(core_dev->dev); - if (rc) -@@ -1266,12 +1268,11 @@ err_iomap: - err_request_irq: - irq_dispose_mapping(core_dev->irq); - tasklet_kill(&core_dev->tasklet); -- crypto4xx_destroy_sdr(core_dev->dev); - err_build_sdr: -+ crypto4xx_destroy_sdr(core_dev->dev); - crypto4xx_destroy_gdr(core_dev->dev); --err_build_gdr: -- crypto4xx_destroy_pdr(core_dev->dev); - err_build_pdr: -+ crypto4xx_destroy_pdr(core_dev->dev); - kfree(core_dev->dev); - err_alloc_dev: - kfree(core_dev); |