From 2d02a4f5bda4a5ff392286360ec7d1129bd77d25 Mon Sep 17 00:00:00 2001 From: Stijn Tintel Date: Thu, 17 Aug 2017 10:51:05 +0200 Subject: kernel: update 4.9 to 4.9.44 Refresh patches. Adapt 704-phy-no-genphy-soft-reset.patch. Remove brcm2708/950-0005-mm-Remove-the-PFN-busy-warning.patch. Compile-tested on brcm2708/bcm2708 and x86/64. Runtime-tested on brcm2708/bcm2708 and x86/64. Fixes the following vulnerabilities: - CVE-2017-7533 - CVE-2017-1000111 - CVE-2017-1000112 Signed-off-by: Stijn Tintel --- .../610-netfilter_match_bypass_default_checks.patch | 19 ++++++------------- 1 file changed, 6 insertions(+), 13 deletions(-) (limited to 'target/linux/generic/pending-4.9/610-netfilter_match_bypass_default_checks.patch') diff --git a/target/linux/generic/pending-4.9/610-netfilter_match_bypass_default_checks.patch b/target/linux/generic/pending-4.9/610-netfilter_match_bypass_default_checks.patch index 480bb3ff74..de17074019 100644 --- a/target/linux/generic/pending-4.9/610-netfilter_match_bypass_default_checks.patch +++ b/target/linux/generic/pending-4.9/610-netfilter_match_bypass_default_checks.patch @@ -7,8 +7,6 @@ Signed-off-by: Felix Fietkau net/ipv4/netfilter/ip_tables.c | 37 +++++++++++++++++++++++++++ 2 files changed, 38 insertions(+) -diff --git a/include/uapi/linux/netfilter_ipv4/ip_tables.h b/include/uapi/linux/netfilter_ipv4/ip_tables.h -index d0da53d96d93..f279daa13c0f 100644 --- a/include/uapi/linux/netfilter_ipv4/ip_tables.h +++ b/include/uapi/linux/netfilter_ipv4/ip_tables.h @@ -88,6 +88,7 @@ struct ipt_ip { @@ -19,8 +17,6 @@ index d0da53d96d93..f279daa13c0f 100644 /* Values for "inv" field in struct ipt_ip. */ #define IPT_INV_VIA_IN 0x01 /* Invert the sense of IN IFACE. */ -diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c -index 7c00ce90adb8..d919350a0e8b 100644 --- a/net/ipv4/netfilter/ip_tables.c +++ b/net/ipv4/netfilter/ip_tables.c @@ -58,6 +58,9 @@ ip_packet_match(const struct iphdr *ip, @@ -63,7 +59,7 @@ index 7c00ce90adb8..d919350a0e8b 100644 static bool ip_checkentry(const struct ipt_ip *ip) { -@@ -545,6 +571,8 @@ find_check_entry(struct ipt_entry *e, struct net *net, const char *name, +@@ -545,6 +571,8 @@ find_check_entry(struct ipt_entry *e, st struct xt_entry_match *ematch; unsigned long pcnt; @@ -72,7 +68,7 @@ index 7c00ce90adb8..d919350a0e8b 100644 pcnt = xt_percpu_counter_alloc(); if (IS_ERR_VALUE(pcnt)) return -ENOMEM; -@@ -824,6 +852,7 @@ copy_entries_to_user(unsigned int total_size, +@@ -824,6 +852,7 @@ copy_entries_to_user(unsigned int total_ const struct xt_table_info *private = table->private; int ret = 0; const void *loc_cpu_entry; @@ -80,10 +76,11 @@ index 7c00ce90adb8..d919350a0e8b 100644 counters = alloc_counters(table); if (IS_ERR(counters)) -@@ -851,6 +880,14 @@ copy_entries_to_user(unsigned int total_size, +@@ -850,6 +879,14 @@ copy_entries_to_user(unsigned int total_ + ret = -EFAULT; goto free_counters; } - ++ + flags = e->ip.flags & IPT_F_MASK; + if (copy_to_user(userptr + off + + offsetof(struct ipt_entry, ip.flags), @@ -91,10 +88,6 @@ index 7c00ce90adb8..d919350a0e8b 100644 + ret = -EFAULT; + goto free_counters; + } -+ + for (i = sizeof(struct ipt_entry); i < e->target_offset; - i += m->u.match_size) { --- -2.11.0 - -- cgit v1.2.3