linux-qoriq: update to revision f488de6

Minor version update to 3.12.37-rt51 with new features: * e6500 hugepage TLB miss performance improvement * T1023RDB support * T1040D4RDB and T1042D4RDB support * DIU [T1042] * DPAA Ethernet: loadable module * eMMC: DDR mode [T2080] * eTSEC: Gianfar upstream updates and fixes * fmlib: table statistics, stats extension * IEEE802.1AE (MACSEC) and IEEE802.1X (port-based network access control) [T104x, T102x] * IEEE1588 ptpd open source stack includes more DPAA processors: P1023, P2041, P3041, P5020, P5040, T4240, T1023 * LAG SGMII 2.5G ports support - IPv4 traffics forwarding on aggregated 2 x 2.5Gb L2 Switch FMAN ports [1040] * LAG support of IPv6 traffics forwarding and TCP/UDP traffics over IPv6 forwarding (2 x 2.5Gb L2 Switch WAN) [1040] * LAG support of IPv6 traffics forwarding and TCP/UDP traffics over IPv6 forwarding on both 1 G RGMII port and 1G SGMII port [1040] * Power Management: Power off feature for all QDS boards except B9132QDS and B4860QDS * SEC: QI Driver IPSec performance improvement * SGMII 2.5G fixed link [T1024] * USB: Dual UTMI For detailed history, see http://git.freescale.com/git/cgit.cgi/ppc/sdk/linux.git/tag/?id=fsl-sdk-v1.8 Also remove the patches which already merged in 3.12.37-rt51 Signed-off-by: Ting Liu <ting.liu@freescale.com> Acked-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
author: Ting Liu <ting.liu@freescale.com> 2015-07-17 15:17:38 +0800
committer: Otavio Salvador <otavio@ossystems.com.br> 2015-07-28 23:26:58 -0300
commit: 0253035a8af7a5be3e2de271cfe47d84543e8a00 (patch)
tree: 74e17568ebbcfbe36d0c7c5963e3849697d74d6d /meta-fsl-ppc/recipes-kernel/linux/files/0003-mnt-CVE-2014-5206_CVE-2014-5207.patch
parent: 4746fc1cb8d90dbeea36c1743315923e2184bf26 (diff)
download: meta-freescale-0253035a8af7a5be3e2de271cfe47d84543e8a00.tar.gz
1 files changed, 0 insertions, 137 deletions
diff --git a/meta-fsl-ppc/recipes-kernel/linux/files/0003-mnt-CVE-2014-5206_CVE-2014-5207.patch b/meta-fsl-ppc/recipes-kernel/linux/files/0003-mnt-CVE-2014-5206_CVE-2014-5207.patch
deleted file mode 100644
index aa5ca1bc..00000000
--- a/meta-fsl-ppc/recipes-kernel/linux/files/0003-mnt-CVE-2014-5206_CVE-2014-5207.patch
+++ /dev/null
@@ -1,137 +0,0 @@
-From 8b18c0adbc5d0cb1530692e72bcfb88fd7bb77bb Mon Sep 17 00:00:00 2001
-From: "Eric W. Biederman" <ebiederm@xmission.com>
-Date: Mon, 28 Jul 2014 17:26:07 -0700
-Subject: [PATCH] mnt: Correct permission checks in do_remount
-commit 9566d6742852c527bf5af38af5cbb878dad75705 upstream.
-While invesgiating the issue where in "mount --bind -oremount,ro ..."
-would result in later "mount --bind -oremount,rw" succeeding even if
-the mount started off locked I realized that there are several
-additional mount flags that should be locked and are not.
-In particular MNT_NOSUID, MNT_NODEV, MNT_NOEXEC, and the atime
-flags in addition to MNT_READONLY should all be locked.  These
-flags are all per superblock, can all be changed with MS_BIND,
-and should not be changable if set by a more privileged user.
-The following additions to the current logic are added in this patch.
- nosuid may not be clearable by a less privileged user.
- nodev  may not be clearable by a less privielged user.
- noexec may not be clearable by a less privileged user.
- atime flags may not be changeable by a less privileged user.
-The logic with atime is that always setting atime on access is a
-global policy and backup software and auditing software could break if
-atime bits are not updated (when they are configured to be updated),
-and serious performance degradation could result (DOS attack) if atime
-updates happen when they have been explicitly disabled.  Therefore an
-unprivileged user should not be able to mess with the atime bits set
-by a more privileged user.
-The additional restrictions are implemented with the addition of
-MNT_LOCK_NOSUID, MNT_LOCK_NODEV, MNT_LOCK_NOEXEC, and MNT_LOCK_ATIME
-mnt flags.
-Taken together these changes and the fixes for MNT_LOCK_READONLY
-should make it safe for an unprivileged user to create a user
-namespace and to call "mount --bind -o remount,... ..." without
-the danger of mount flags being changed maliciously.
-Fix for CVE-2014-5206 and CVE-2014-5207
-Upstream-Status: backport
-Cc: stable@vger.kernel.org
-Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
-Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
-Signed-off-by: Jiri Slaby <jslaby@suse.cz>
-Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
---
- fs/namespace.c        | 36 +++++++++++++++++++++++++++++++++---
- include/linux/mount.h |  5 +++++
- 2 files changed, 38 insertions(+), 3 deletions(-)
-diff --git a/fs/namespace.c b/fs/namespace.c
-index 8e90b03..7c67de8 100644
--- a/fs/namespace.c
-+++ b/fs/namespace.c
-@@ -827,8 +827,21 @@ static struct mount *clone_mnt(struct mount *old, struct dentry *root,
- 
-        mnt->mnt.mnt_flags = old->mnt.mnt_flags & ~MNT_WRITE_HOLD;
-        /* Don't allow unprivileged users to change mount flags */
-       if ((flag & CL_UNPRIVILEGED) && (mnt->mnt.mnt_flags & MNT_READONLY))
-               mnt->mnt.mnt_flags |= MNT_LOCK_READONLY;
-+       if (flag & CL_UNPRIVILEGED) {
-+               mnt->mnt.mnt_flags |= MNT_LOCK_ATIME;
-+
-+               if (mnt->mnt.mnt_flags & MNT_READONLY)
-+                       mnt->mnt.mnt_flags |= MNT_LOCK_READONLY;
-+
-+               if (mnt->mnt.mnt_flags & MNT_NODEV)
-+                       mnt->mnt.mnt_flags |= MNT_LOCK_NODEV;
-+
-+               if (mnt->mnt.mnt_flags & MNT_NOSUID)
-+                       mnt->mnt.mnt_flags |= MNT_LOCK_NOSUID;
-+
-+               if (mnt->mnt.mnt_flags & MNT_NOEXEC)
-+                       mnt->mnt.mnt_flags |= MNT_LOCK_NOEXEC;
-+       }
- 
-        /* Don't allow unprivileged users to reveal what is under a mount */
-        if ((flag & CL_UNPRIVILEGED) && list_empty(&old->mnt_expire))
-@@ -1841,6 +1854,23 @@ static int do_remount(struct path *path, int flags, int mnt_flags,
-            !(mnt_flags & MNT_READONLY)) {
-                return -EPERM;
-        }
-+       if ((mnt->mnt.mnt_flags & MNT_LOCK_NODEV) &&
-+           !(mnt_flags & MNT_NODEV)) {
-+               return -EPERM;
-+       }
-+       if ((mnt->mnt.mnt_flags & MNT_LOCK_NOSUID) &&
-+           !(mnt_flags & MNT_NOSUID)) {
-+               return -EPERM;
-+       }
-+       if ((mnt->mnt.mnt_flags & MNT_LOCK_NOEXEC) &&
-+           !(mnt_flags & MNT_NOEXEC)) {
-+               return -EPERM;
-+       }
-+       if ((mnt->mnt.mnt_flags & MNT_LOCK_ATIME) &&
-+           ((mnt->mnt.mnt_flags & MNT_ATIME_MASK) != (mnt_flags & MNT_ATIME_MASK))) {
-+               return -EPERM;
-+       }
-+
-        err = security_sb_remount(sb, data);
-        if (err)
-                return err;
-@@ -2043,7 +2073,7 @@ static int do_new_mount(struct path *path, const char *fstype, int flags,
-                 */
-                if (!(type->fs_flags & FS_USERNS_DEV_MOUNT)) {
-                        flags |= MS_NODEV;
-                       mnt_flags |= MNT_NODEV;
-+                       mnt_flags |= MNT_NODEV | MNT_LOCK_NODEV;
-                }
-        }
- 
-diff --git a/include/linux/mount.h b/include/linux/mount.h
-index 8707c9e..22e5b96 100644
--- a/include/linux/mount.h
-+++ b/include/linux/mount.h
-@@ -45,10 +45,15 @@ struct mnt_namespace;
- #define MNT_USER_SETTABLE_MASK  (MNT_NOSUID | MNT_NODEV | MNT_NOEXEC \
-                                 | MNT_NOATIME | MNT_NODIRATIME | MNT_RELATIME \
-                                 | MNT_READONLY)
-+#define MNT_ATIME_MASK (MNT_NOATIME | MNT_NODIRATIME | MNT_RELATIME )
- 
- 
- #define MNT_INTERNAL   0x4000
- 
-+#define MNT_LOCK_ATIME         0x040000
-+#define MNT_LOCK_NOEXEC                0x080000
-+#define MNT_LOCK_NOSUID                0x100000
-+#define MNT_LOCK_NODEV         0x200000
- #define MNT_LOCK_READONLY      0x400000
- #define MNT_LOCKED             0x800000
- 
-- 
-1.9.1
author	Ting Liu <ting.liu@freescale.com>	2015-07-17 15:17:38 +0800
committer	Otavio Salvador <otavio@ossystems.com.br>	2015-07-28 23:26:58 -0300
commit	0253035a8af7a5be3e2de271cfe47d84543e8a00 (patch)
tree	74e17568ebbcfbe36d0c7c5963e3849697d74d6d /meta-fsl-ppc/recipes-kernel/linux/files/0003-mnt-CVE-2014-5206_CVE-2014-5207.patch
parent	4746fc1cb8d90dbeea36c1743315923e2184bf26 (diff)
download	meta-freescale-0253035a8af7a5be3e2de271cfe47d84543e8a00.tar.gz

diff --git a/meta-fsl-ppc/recipes-kernel/linux/files/0003-mnt-CVE-2014-5206_CVE-2014-5207.patch b/meta-fsl-ppc/recipes-kernel/linux/files/0003-mnt-CVE-2014-5206_CVE-2014-5207.patch deleted file mode 100644 index aa5ca1bc..00000000 --- a/meta-fsl-ppc/recipes-kernel/linux/files/0003-mnt-CVE-2014-5206_CVE-2014-5207.patch +++ /dev/null
@@ -1,137 +0,0 @@
1	From 8b18c0adbc5d0cb1530692e72bcfb88fd7bb77bb Mon Sep 17 00:00:00 2001
2	From: "Eric W. Biederman" <ebiederm@xmission.com>
3	Date: Mon, 28 Jul 2014 17:26:07 -0700
4	Subject: [PATCH] mnt: Correct permission checks in do_remount
5
6	commit 9566d6742852c527bf5af38af5cbb878dad75705 upstream.
7
8	While invesgiating the issue where in "mount --bind -oremount,ro ..."
9	would result in later "mount --bind -oremount,rw" succeeding even if
10	the mount started off locked I realized that there are several
11	additional mount flags that should be locked and are not.
12
13	In particular MNT_NOSUID, MNT_NODEV, MNT_NOEXEC, and the atime
14	flags in addition to MNT_READONLY should all be locked. These
15	flags are all per superblock, can all be changed with MS_BIND,
16	and should not be changable if set by a more privileged user.
17
18	The following additions to the current logic are added in this patch.
19	- nosuid may not be clearable by a less privileged user.
20	- nodev may not be clearable by a less privielged user.
21	- noexec may not be clearable by a less privileged user.
22	- atime flags may not be changeable by a less privileged user.
23
24	The logic with atime is that always setting atime on access is a
25	global policy and backup software and auditing software could break if
26	atime bits are not updated (when they are configured to be updated),
27	and serious performance degradation could result (DOS attack) if atime
28	updates happen when they have been explicitly disabled. Therefore an
29	unprivileged user should not be able to mess with the atime bits set
30	by a more privileged user.
31
32	The additional restrictions are implemented with the addition of
33	MNT_LOCK_NOSUID, MNT_LOCK_NODEV, MNT_LOCK_NOEXEC, and MNT_LOCK_ATIME
34	mnt flags.
35
36	Taken together these changes and the fixes for MNT_LOCK_READONLY
37	should make it safe for an unprivileged user to create a user
38	namespace and to call "mount --bind -o remount,... ..." without
39	the danger of mount flags being changed maliciously.
40
41	Fix for CVE-2014-5206 and CVE-2014-5207
42	Upstream-Status: backport
43
44	Cc: stable@vger.kernel.org
45	Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
46	Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
47	Signed-off-by: Jiri Slaby <jslaby@suse.cz>
48	Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
49	---
50	fs/namespace.c \| 36 +++++++++++++++++++++++++++++++++---
51	include/linux/mount.h \| 5 +++++
52	2 files changed, 38 insertions(+), 3 deletions(-)
53
54	diff --git a/fs/namespace.c b/fs/namespace.c
55	index 8e90b03..7c67de8 100644
56	--- a/fs/namespace.c
57	+++ b/fs/namespace.c
58	@@ -827,8 +827,21 @@ static struct mount clone_mnt(struct mount old, struct dentry *root,
59
60	mnt->mnt.mnt_flags = old->mnt.mnt_flags & ~MNT_WRITE_HOLD;
61	/* Don't allow unprivileged users to change mount flags */
62	- if ((flag & CL_UNPRIVILEGED) && (mnt->mnt.mnt_flags & MNT_READONLY))
63	- mnt->mnt.mnt_flags \|= MNT_LOCK_READONLY;
64	+ if (flag & CL_UNPRIVILEGED) {
65	+ mnt->mnt.mnt_flags \|= MNT_LOCK_ATIME;
66	+
67	+ if (mnt->mnt.mnt_flags & MNT_READONLY)
68	+ mnt->mnt.mnt_flags \|= MNT_LOCK_READONLY;
69	+
70	+ if (mnt->mnt.mnt_flags & MNT_NODEV)
71	+ mnt->mnt.mnt_flags \|= MNT_LOCK_NODEV;
72	+
73	+ if (mnt->mnt.mnt_flags & MNT_NOSUID)
74	+ mnt->mnt.mnt_flags \|= MNT_LOCK_NOSUID;
75	+
76	+ if (mnt->mnt.mnt_flags & MNT_NOEXEC)
77	+ mnt->mnt.mnt_flags \|= MNT_LOCK_NOEXEC;
78	+ }
79
80	/* Don't allow unprivileged users to reveal what is under a mount */
81	if ((flag & CL_UNPRIVILEGED) && list_empty(&old->mnt_expire))
82	@@ -1841,6 +1854,23 @@ static int do_remount(struct path *path, int flags, int mnt_flags,
83	!(mnt_flags & MNT_READONLY)) {
84	return -EPERM;
85	}
86	+ if ((mnt->mnt.mnt_flags & MNT_LOCK_NODEV) &&
87	+ !(mnt_flags & MNT_NODEV)) {
88	+ return -EPERM;
89	+ }
90	+ if ((mnt->mnt.mnt_flags & MNT_LOCK_NOSUID) &&
91	+ !(mnt_flags & MNT_NOSUID)) {
92	+ return -EPERM;
93	+ }
94	+ if ((mnt->mnt.mnt_flags & MNT_LOCK_NOEXEC) &&
95	+ !(mnt_flags & MNT_NOEXEC)) {
96	+ return -EPERM;
97	+ }
98	+ if ((mnt->mnt.mnt_flags & MNT_LOCK_ATIME) &&
99	+ ((mnt->mnt.mnt_flags & MNT_ATIME_MASK) != (mnt_flags & MNT_ATIME_MASK))) {
100	+ return -EPERM;
101	+ }
102	+
103	err = security_sb_remount(sb, data);
104	if (err)
105	return err;
106	@@ -2043,7 +2073,7 @@ static int do_new_mount(struct path path, const char fstype, int flags,
107	*/
108	if (!(type->fs_flags & FS_USERNS_DEV_MOUNT)) {
109	flags \|= MS_NODEV;
110	- mnt_flags \|= MNT_NODEV;
111	+ mnt_flags \|= MNT_NODEV \| MNT_LOCK_NODEV;
112	}
113	}
114
115	diff --git a/include/linux/mount.h b/include/linux/mount.h
116	index 8707c9e..22e5b96 100644
117	--- a/include/linux/mount.h
118	+++ b/include/linux/mount.h
119	@@ -45,10 +45,15 @@ struct mnt_namespace;
120	#define MNT_USER_SETTABLE_MASK (MNT_NOSUID \| MNT_NODEV \| MNT_NOEXEC \
121	\| MNT_NOATIME \| MNT_NODIRATIME \| MNT_RELATIME \
122	\| MNT_READONLY)
123	+#define MNT_ATIME_MASK (MNT_NOATIME \| MNT_NODIRATIME \| MNT_RELATIME )
124
125
126	#define MNT_INTERNAL 0x4000
127
128	+#define MNT_LOCK_ATIME 0x040000
129	+#define MNT_LOCK_NOEXEC 0x080000
130	+#define MNT_LOCK_NOSUID 0x100000
131	+#define MNT_LOCK_NODEV 0x200000
132	#define MNT_LOCK_READONLY 0x400000
133	#define MNT_LOCKED 0x800000
134
135	--
136	1.9.1
137