rebase patches on top of Ubuntu-4.15.0-33.36

(generated with debian/scripts/import-upstream-tag) Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-08-24 10:30:36 +02:00 · 2018-08-24 10:30:36 +02:00 · 9464be5351
commit 9464be5351
parent b59d76e6de
8 changed files with 6 additions and 285 deletions
--- a/patches/kernel/0008-net-ethernet-sun-niu-set-correct-packet-size-in-skb.patch
+++ b/patches/kernel/0008-net-ethernet-sun-niu-set-correct-packet-size-in-skb.patch
@ -1,56 +0,0 @@
 From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
 From: Rob Taglang <rob@taglang.io>
 Date: Thu, 3 May 2018 17:13:06 -0400
 Subject: [PATCH] net: ethernet: sun: niu set correct packet size in skb
 Currently, skb->len and skb->data_len are set to the page size, not
 the packet size. This causes the frame check sequence to not be
 located at the "end" of the packet resulting in ethernet frame check
 errors. The driver does work currently, but stricter kernel facing
 networking solutions like OpenVSwitch will drop these packets as
 invalid.
 These changes set the packet size correctly so that these errors no
 longer occur. The length does not include the frame check sequence, so
 that subtraction was removed.
 Tested on Oracle/SUN Multithreaded 10-Gigabit Ethernet Network
 Controller [108e:abcd] and validated in wireshark.
 Signed-off-by: Rob Taglang <rob@taglang.io>
 Signed-off-by: David S. Miller <davem@davemloft.net>
 Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 ---
 drivers/net/ethernet/sun/niu.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)
 diff --git a/drivers/net/ethernet/sun/niu.c b/drivers/net/ethernet/sun/niu.c
 index 06001bacbe0f..64f1b3a3afa8 100644
 --- a/drivers/net/ethernet/sun/niu.c
 +++ b/drivers/net/ethernet/sun/niu.c
@@ -3442,7 +3442,7 @@ static int niu_process_rx_pkt(struct napi_struct *napi, struct niu *np,
 		len = (val & RCR_ENTRY_L2_LEN) >>
 			RCR_ENTRY_L2_LEN_SHIFT;
 -		len -= ETH_FCS_LEN;
 +		append_size = len + ETH_HLEN + ETH_FCS_LEN;
 		addr = (val & RCR_ENTRY_PKT_BUF_ADDR) <<
 			RCR_ENTRY_PKT_BUF_ADDR_SHIFT;
@@ -3452,7 +3452,6 @@ static int niu_process_rx_pkt(struct napi_struct *napi, struct niu *np,
 					 RCR_ENTRY_PKTBUFSZ_SHIFT];
 		off = addr & ~PAGE_MASK;
 -		append_size = rcr_size;
 		if (num_rcr == 1) {
 			int ptype;
@@ -3465,7 +3464,7 @@ static int niu_process_rx_pkt(struct napi_struct *napi, struct niu *np,
 			else
 				skb_checksum_none_assert(skb);
 		} else if (!(val & RCR_ENTRY_MULTI))
 -			append_size = len - skb->len;
 +			append_size = append_size - skb->len;
 		niu_rx_skb_append(skb, page, off, append_size, rcr_size);
 		if ((page->index + rp->rbr_block_size) - rcr_size == addr) {
--- a/patches/kernel/0013-net-net-tcp-Fix-socket-lookups-with-SO_BINDTODEVICE.patch
+++ b/patches/kernel/0013-net-net-tcp-Fix-socket-lookups-with-SO_BINDTODEVICE.patch
@ -1,20 +1,7 @@
-From patchwork Mon Jun 18 19:30:37 2018
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
 Content-Transfer-Encoding: 7bit
 Subject: [net] net/tcp: Fix socket lookups with SO_BINDTODEVICE
 X-Patchwork-Submitter: dsahern@kernel.org
 X-Patchwork-Id: 931179
 X-Patchwork-Delegate: davem@davemloft.net
 Message-Id: <20180618193037.3365-1-dsahern@kernel.org>
 To: netdev@vger.kernel.org
 Cc: davem@davemloft.net, lberger@labn.net,
 renato@opensourcerouting.org, David Ahern <dsahern@gmail.com>
 Date: Mon, 18 Jun 2018 12:30:37 -0700
 From: dsahern@kernel.org
 List-Id: <netdev.vger.kernel.org>
 From: David Ahern <dsahern@gmail.com>
 Date: Mon, 18 Jun 2018 12:30:37 -0700
 Subject: [PATCH] net/tcp: Fix socket lookups with SO_BINDTODEVICE
 Similar to 69678bcd4d2d ("udp: fix SO_BINDTODEVICE"), TCP socket lookups
 need to fail if dev_match is not true. Currently, a packet to a given port
@ -34,10 +21,10 @@ Signed-off-by: David Ahern <dsahern@gmail.com>
 2 files changed, 4 insertions(+), 4 deletions(-)
 diff --git a/net/ipv4/inet_hashtables.c b/net/ipv4/inet_hashtables.c
-index 31ff46daae97..3647167c8fa3 100644
+index e7d15fb0d94d..24b066c32e06 100644
 --- a/net/ipv4/inet_hashtables.c
 +++ b/net/ipv4/inet_hashtables.c
-@@ -243,9 +243,9 @@ static inline int compute_score(struct sock *sk, struct net *net,
+@@ -188,9 +188,9 @@ static inline int compute_score(struct sock *sk, struct net *net,
 			bool dev_match = (sk->sk_bound_dev_if == dif ||
 					  sk->sk_bound_dev_if == sdif);
@ -50,7 +37,7 @@ index 31ff46daae97..3647167c8fa3 100644
 		}
 		if (sk->sk_incoming_cpu == raw_smp_processor_id())
 diff --git a/net/ipv6/inet6_hashtables.c b/net/ipv6/inet6_hashtables.c
-index 2febe26de6a1..595ad408dba0 100644
+index b01858f5deb1..6dc93ac28261 100644
 --- a/net/ipv6/inet6_hashtables.c
 +++ b/net/ipv6/inet6_hashtables.c
@@ -113,9 +113,9 @@ static inline int compute_score(struct sock *sk, struct net *net,
--- a/patches/kernel/0009-kvm-nVMX-Enforce-cpl-0-for-VMX-instructions.patch
+++ b/patches/kernel/0009-kvm-nVMX-Enforce-cpl-0-for-VMX-instructions.patch
@ -1,65 +0,0 @@
 From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
 From: Felix Wilhelm <fwilhelm@google.com>
 Date: Mon, 11 Jun 2018 09:43:44 +0200
 Subject: [PATCH] kvm: nVMX: Enforce cpl=0 for VMX instructions
 VMX instructions executed inside a L1 VM will always trigger a VM exit
 even when executed with cpl 3. This means we must perform the
 privilege check in software.
 Fixes: 70f3aac964ae("kvm: nVMX: Remove superfluous VMX instruction fault checks")
 Cc: stable@vger.kernel.org
 Signed-off-by: Felix Wilhelm <fwilhelm@google.com>
 Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
 Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 ---
 arch/x86/kvm/vmx.c | 15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)
 diff --git a/arch/x86/kvm/vmx.c b/arch/x86/kvm/vmx.c
 index 1a5617fc8b6a..5c8bd2d61080 100644
 --- a/arch/x86/kvm/vmx.c
 +++ b/arch/x86/kvm/vmx.c
@@ -7575,6 +7575,12 @@ static int handle_vmon(struct kvm_vcpu *vcpu)
 		return 1;
 	}
 +	/* CPL=0 must be checked manually. */
 +	if (vmx_get_cpl(vcpu)) {
 +		kvm_queue_exception(vcpu, UD_VECTOR);
 +		return 1;
 +	}
 +
 	if (vmx->nested.vmxon) {
 		nested_vmx_failValid(vcpu, VMXERR_VMXON_IN_VMX_ROOT_OPERATION);
 		return kvm_skip_emulated_instruction(vcpu);
@@ -7634,6 +7640,11 @@ static int handle_vmon(struct kvm_vcpu *vcpu)
  */
 static int nested_vmx_check_permission(struct kvm_vcpu *vcpu)
 {
 +	if (vmx_get_cpl(vcpu)) {
 +		kvm_queue_exception(vcpu, UD_VECTOR);
 +		return 0;
 +	}
 +
 	if (!to_vmx(vcpu)->nested.vmxon) {
 		kvm_queue_exception(vcpu, UD_VECTOR);
 		return 0;
@@ -7967,7 +7978,7 @@ static int handle_vmread(struct kvm_vcpu *vcpu)
 		if (get_vmx_mem_address(vcpu, exit_qualification,
 				vmx_instruction_info, true, &gva))
 			return 1;
 -		/* _system ok, as hardware has verified cpl=0 */
 +		/* _system ok, nested_vmx_check_permission has verified cpl=0 */
 		kvm_write_guest_virt_system(&vcpu->arch.emulate_ctxt, gva,
 			     &field_value, (is_long_mode(vcpu) ? 8 : 4), NULL);
 	}
@@ -8110,7 +8121,7 @@ static int handle_vmptrst(struct kvm_vcpu *vcpu)
 	if (get_vmx_mem_address(vcpu, exit_qualification,
 			vmx_instruction_info, true, &vmcs_gva))
 		return 1;
 -	/* ok to use *_system, as hardware has verified cpl=0 */
 +	/* *_system ok, nested_vmx_check_permission has verified cpl=0 */
 	if (kvm_write_guest_virt_system(&vcpu->arch.emulate_ctxt, vmcs_gva,
 				 (void *)&to_vmx(vcpu)->nested.current_vmptr,
 				 sizeof(u64), &e)) {
--- a/patches/kernel/0009-vhost-fix-info-leak-due-to-uninitialized-memory.patch
+++ b/patches/kernel/0009-vhost-fix-info-leak-due-to-uninitialized-memory.patch
--- a/patches/kernel/0010-UBUNTU-SAUCE-apparmor-fix-apparmor-mediating-locking.patch
+++ b/patches/kernel/0010-UBUNTU-SAUCE-apparmor-fix-apparmor-mediating-locking.patch
@ -1,33 +0,0 @@
 From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
 From: John Johansen <john.johansen@canonical.com>
 Date: Fri, 27 Jul 2018 14:27:05 -0700
 Subject: [PATCH] UBUNTU SAUCE: apparmor: fix apparmor mediating locking non-fs
 unix sockets
 the apparmor policy language current does not allow expressing of the
 locking permission for no-fs unix sockets. However the kernel is
 enforcing mediation.
 Add the AA_MAY_LOCK perm to the computed perm mask which will grant
 permission for all current abi profiles, but still allow specifying
 auditing of the operation if needed.
 http://bugs.launchpad.net/bugs/1780227
 Signed-off-by: John Johansen <john.johansen@canonical.com>
 ---
 security/apparmor/lib.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 diff --git a/security/apparmor/lib.c b/security/apparmor/lib.c
 index 068a9f471f77..23f3d16d6b85 100644
 --- a/security/apparmor/lib.c
 +++ b/security/apparmor/lib.c
@@ -327,7 +327,7 @@ void aa_compute_perms(struct aa_dfa *dfa, unsigned int state,
 	/* for v5 perm mapping in the policydb, the other set is used
 	 * to extend the general perm set
 	 */
 -	perms->allow |= map_other(dfa_other_allow(dfa, state));
 +	perms->allow |= map_other(dfa_other_allow(dfa, state)) | AA_MAY_LOCK;
 	perms->audit |= map_other(dfa_other_audit(dfa, state));
 	perms->quiet |= map_other(dfa_other_quiet(dfa, state));
 //	perms->xindex = dfa_user_xindex(dfa, state);
--- a/patches/kernel/0010-scsi-hpsa-disable-device-during-shutdown.patch
+++ b/patches/kernel/0010-scsi-hpsa-disable-device-during-shutdown.patch
--- a/patches/kernel/0011-Fix-up-non-directory-creation-in-SGID-directories.patch
+++ b/patches/kernel/0011-Fix-up-non-directory-creation-in-SGID-directories.patch
@ -1,45 +0,0 @@
 From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
 From: Linus Torvalds <torvalds@linux-foundation.org>
 Date: Tue, 3 Jul 2018 17:10:19 -0700
 Subject: [PATCH] Fix up non-directory creation in SGID directories
 sgid directories have special semantics, making newly created files in
 the directory belong to the group of the directory, and newly created
 subdirectories will also become sgid.  This is historically used for
 group-shared directories.
 But group directories writable by non-group members should not imply
 that such non-group members can magically join the group, so make sure
 to clear the sgid bit on non-directories for non-members (but remember
 that sgid without group execute means "mandatory locking", just to
 confuse things even more).
 Reported-by: Jann Horn <jannh@google.com>
 Cc: Andy Lutomirski <luto@kernel.org>
 Cc: Al Viro <viro@zeniv.linux.org.uk>
 Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
 (cherry picked from commit  0fa3ecd87848c9c93c2c828ef4c3a8ca36ce46c7)
 Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
 ---
 fs/inode.c | 6 ++++++
 1 file changed, 6 insertions(+)
 diff --git a/fs/inode.c b/fs/inode.c
 index 5c1138e9cac0..797b4cb3d20b 100644
 --- a/fs/inode.c
 +++ b/fs/inode.c
@@ -2008,8 +2008,14 @@ void inode_init_owner(struct inode *inode, const struct inode *dir,
 	inode->i_uid = current_fsuid();
 	if (dir && dir->i_mode & S_ISGID) {
 		inode->i_gid = dir->i_gid;
 +
 +		/* Directories are special, and always inherit S_ISGID */
 		if (S_ISDIR(mode))
 			mode |= S_ISGID;
 +		else if ((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP) &&
 +			 !in_group_p(inode->i_gid) &&
 +			 !capable_wrt_inode_uidgid(dir, CAP_FSETID))
 +			mode &= ~S_ISGID;
 	} else
 		inode->i_gid = current_fsgid();
 	inode->i_mode = mode;
--- a/patches/kernel/0012-net-udp-fix-SO_BINDTODEVICE.patch
+++ b/patches/kernel/0012-net-udp-fix-SO_BINDTODEVICE.patch
@ -1,67 +0,0 @@
 From patchwork Wed May  9 10:42:34 2018
 Content-Type: text/plain; charset="utf-8"
 MIME-Version: 1.0
 Content-Transfer-Encoding: 7bit
 Subject: [net] udp: fix SO_BINDTODEVICE
 X-Patchwork-Submitter: Paolo Abeni <pabeni@redhat.com>
 X-Patchwork-Id: 910747
 X-Patchwork-Delegate: davem@davemloft.net
 Message-Id: <9445dd5d149af16463df4d0502b2667ee2b6f4e8.1525862461.git.pabeni@redhat.com>
 To: netdev@vger.kernel.org
 Cc: Damir Mansurov <dnman@oktetlabs.ru>, David Ahern <dsahern@gmail.com>,
 David Miller <davem@davemloft.net>
 Date: Wed,  9 May 2018 12:42:34 +0200
 From: Paolo Abeni <pabeni@redhat.com>
 List-Id: <netdev.vger.kernel.org>
 Damir reported a breakage of SO_BINDTODEVICE for UDP sockets.
 In absence of VRF devices, after commit fb74c27735f0 ("net:
 ipv4: add second dif to udp socket lookups") the dif mismatch
 isn't fatal anymore for UDP socket lookup with non null
 sk_bound_dev_if, breaking SO_BINDTODEVICE semantics.
 This changeset addresses the issue making the dif match mandatory
 again in the above scenario.
 Reported-by: Damir Mansurov <dnman@oktetlabs.ru>
 Fixes: fb74c27735f0 ("net: ipv4: add second dif to udp socket lookups")
 Fixes: 1801b570dd2a ("net: ipv6: add second dif to udp socket lookups")
 Signed-off-by: Paolo Abeni <pabeni@redhat.com>
 Acked-by: David Ahern <dsahern@gmail.com>
 ---
 net/ipv4/udp.c | 4 ++--
 net/ipv6/udp.c | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)
 diff --git a/net/ipv4/udp.c b/net/ipv4/udp.c
 index 24b5c59b1c53..c2a292dfd137 100644
 --- a/net/ipv4/udp.c
 +++ b/net/ipv4/udp.c
@@ -401,9 +401,9 @@ static int compute_score(struct sock *sk, struct net *net,
 		bool dev_match = (sk->sk_bound_dev_if == dif ||
 				  sk->sk_bound_dev_if == sdif);
 -		if (exact_dif && !dev_match)
 +		if (!dev_match)
 			return -1;
 -		if (sk->sk_bound_dev_if && dev_match)
 +		if (sk->sk_bound_dev_if)
 			score += 4;
 	}
 diff --git a/net/ipv6/udp.c b/net/ipv6/udp.c
 index 4ec76a87aeb8..ea0730028e5d 100644
 --- a/net/ipv6/udp.c
 +++ b/net/ipv6/udp.c
@@ -148,9 +148,9 @@ static int compute_score(struct sock *sk, struct net *net,
 		bool dev_match = (sk->sk_bound_dev_if == dif ||
 				  sk->sk_bound_dev_if == sdif);
 -		if (exact_dif && !dev_match)
 +		if (!dev_match)
 			return -1;
 -		if (sk->sk_bound_dev_if && dev_match)
 +		if (sk->sk_bound_dev_if)
 			score++;
 	}