Accepted linux-grsec 4.4.7-1+grsec201604152208+1 (source) into unstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 17 Apr 2016 11:52:27 +0200
Source: linux-grsec
Binary: linux-grsec-source-4.4 linux-grsec-support-4.4.0-1 linux-headers-4.4.0-1-common-grsec linux-image-4.4.0-1-grsec-amd64 linux-headers-4.4.0-1-grsec-amd64 linux-image-4.4.0-1-grsec-686-pae linux-headers-4.4.0-1-grsec-686-pae
Architecture: source
Version: 4.4.7-1+grsec201604152208+1
Distribution: unstable
Urgency: medium
Maintainer: Yves-Alexis Perez <corsac@debian.org>
Changed-By: Yves-Alexis Perez <corsac@debian.org>
Description:
linux-grsec-source-4.4 - Linux kernel source for version 4.4 with Debian patches
linux-grsec-support-4.4.0-1 - Support files for Linux 4.4
linux-headers-4.4.0-1-common-grsec - Common header files for Linux 4.4.0-1-grsec
linux-headers-4.4.0-1-grsec-686-pae - Header files for Linux 4.4.0-1-grsec-686-pae
linux-headers-4.4.0-1-grsec-amd64 - Header files for Linux 4.4.0-1-grsec-amd64
linux-image-4.4.0-1-grsec-686-pae - Linux 4.4 for modern PCs, Grsecurity protection
linux-image-4.4.0-1-grsec-amd64 - Linux 4.4 for 64-bit PCs, Grsecurity protection
Changes:
linux-grsec (4.4.7-1+grsec201604152208+1) unstable; urgency=medium
.
* New upstream stable update:
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.7
- s390/cpumf: Fix lpp detection
- regulator: core: avoid unused variable warning
- regulator: core: Fix nested locking of supplies
- ASoC: samsung: pass DMA channels as pointers
- mmc: sh_mmcif: rework dma channel handling
- mmc: sh_mmcif: Correct TX DMA channel allocation
- x86/microcode/intel: Make early loader look for builtin microcode too
- x86/microcode: Untangle from BLK_DEV_INITRD
- x86/entry/compat: Keep TS_COMPAT set during signal delivery
- perf/x86/intel: Add definition for PT PMI bit
- x86/PCI: Mark Broadwell-EP Home Agent & PCU as having non-compliant BARs
- KVM: x86: fix missed hardware breakpoints
- KVM: i8254: change PIT discard tick policy
- KVM: fix spin_lock_init order on x86
- KVM: VMX: avoid guest hang on invalid invept instruction
- KVM: VMX: avoid guest hang on invalid invvpid instruction
- KVM: VMX: fix nested vpid for old KVM guests
- perf/core: Fix perf_sched_count derailment
- perf tools: Dont stop PMU parsing on alias parse error
- perf tools: Fix checking asprintf return value
- perf tools: Fix python extension build
- Thermal: Ignore invalid trip points
- sched/cputime: Fix steal_account_process_tick() to always return jiffies
- sched/preempt, sh: kmap_coherent relies on disabled preemption
- EDAC/sb_edac: Fix computation of channel address
- EDAC, amd64_edac: Shift wrapping issue in f1x_get_norm_dct_addr()
- s390: fix floating pointer register corruption (again)
- s390/cpumf: add missing lpp magic initialization
- s390/pci: enforce fmb page boundary rule
- pinctrl-bcm2835: Fix cut-and-paste error in "pull" parsing
- PCI: Disable IO/MEM decoding for devices with non-compliant BARs
- PCI: ACPI: IA64: fix IO port generic range check
- x86/irq: Cure live lock in fixup_irqs()
- x86/apic: Fix suspicious RCU usage in smp_trace_call_function_interrupt()
- x86/iopl/64: Properly context-switch IOPL on Xen PV
- x86/iopl: Fix iopl capability check on Xen PV
- x86/mm: TLB_REMOTE_SEND_IPI should count pages
- sg: fix dxferp in from_to case
- aacraid: Fix RRQ overload
- aacraid: Fix memory leak in aac_fib_map_free
- aacraid: Set correct msix count for EEH recovery
- sd: Fix discard granularity when LBPRZ=1
- scsi: storvsc: fix SRB_STATUS_ABORTED handling
- be2iscsi: set the boot_kset pointer to NULL in case of failure
- aic7xxx: Fix queue depth handling
- libnvdimm: Fix security issue with DSM IOCTL.
- dm snapshot: disallow the COW and origin devices from being identical
- dm: fix excessive dm-mq context switching
- dm thin metadata: don't issue prefetches if a transaction abort has failed
- dm cache: make sure every metadata function checks fail_io
- dm: fix rq_end_stats() NULL pointer in dm_requeue_original_request()
- usb: retry reset if a device times out
- usb: hub: fix a typo in hub_port_init() leading to wrong logic
- USB: uas: Reduce can_queue to MAX_CMNDS
- USB: cdc-acm: more sanity checking
- USB: iowarrior: fix oops with malicious USB descriptors
- USB: usb_driver_claim_interface: add sanity checking
- USB: mct_u232: add sanity checking in probe
- USB: digi_acceleport: do sanity checking for the number of ports
- USB: cypress_m8: add endpoint sanity check
- USB: serial: cp210x: Adding GE Healthcare Device ID
- USB: serial: ftdi_sio: Add support for ICP DAS I-756xU devices
- USB: option: add "D-Link DWM-221 B1" device id
- pwc: Add USB id for Philips Spc880nc webcam
- Input: powermate - fix oops with malicious USB descriptors
- ALSA: usb-audio: Fix NULL dereference in create_fixed_stream_quirk()
- ALSA: usb-audio: Add sanity checks for endpoint accesses
- ALSA: usb-audio: add Microsoft HD-5001 to quirks
- ALSA: usb-audio: Minor code cleanup in create_fixed_stream_quirk()
- ALSA: usb-audio: Fix double-free in error paths after snd_usb_add_audio_stream() call
- Bluetooth: btusb: Add new AR3012 ID 13d3:3395
- Bluetooth: btusb: Add a new AR3012 ID 04ca:3014
- Bluetooth: btusb: Add a new AR3012 ID 13d3:3472
- crypto: ccp - Add hash state import and export support
- crypto: ccp - Limit the amount of information exported
- crypto: ccp - Don't assume export/import areas are aligned
- crypto: ccp - memset request context to zero during import
- crypto: keywrap - memzero the correct memory
- crypto: atmel - fix checks of error code returned by devm_ioremap_resource()
- crypto: ux500 - fix checks of error code returned by devm_ioremap_resource()
- crypto: marvell/cesa - forward devm_ioremap_resource() error code
- X.509: Fix leap year handling again
- mei: bus: check if the device is enabled before data transfer
- tpm: fix the rollback in tpm_chip_register()
- tpm_crb: tpm2_shutdown() must be called before tpm_chip_unregister()
- tpm_eventlog.c: fix binary_bios_measurements
- tpm: fix the cleanup of struct tpm_chip
- HID: logitech: fix Dual Action gamepad support
- HID: i2c-hid: fix OOB write in i2c_hid_set_or_send_report()
- HID: multitouch: force retrieving of Win8 signature blob
- HID: fix hid_ignore_special_drivers module parameter
- staging: comedi: ni_tiocmd: change mistaken use of start_src for start_arg
- staging: android: ion_test: fix check of platform_device_register_simple() error code
- staging: comedi: ni_mio_common: fix the ni_write[blw]() functions
- tty: Fix GPF in flush_to_ldisc(), part 2
- net: irda: Fix use-after-free in irtty_open()
- 8250: use callbacks to access UART_DLL/UART_DLM
- saa7134: Fix bytesperline not being set correctly for planar formats
- adv7511: TX_EDID_PRESENT is still 1 after a disconnect
- bttv: Width must be a multiple of 16 when capturing planar formats
- coda: fix first encoded frame payload
- media: v4l2-compat-ioctl32: fix missing length copy in put_v4l2_buffer32
- mtip32xx: Avoid issuing standby immediate cmd during FTL rebuild
- mtip32xx: Fix broken service thread handling
- mtip32xx: Remove unwanted code from taskfile error handler
- mtip32xx: Print exact time when an internal command is interrupted
- mtip32xx: Fix for rmmod crash when drive is in FTL rebuild
- mtip32xx: Handle safe removal during IO
- mtip32xx: Handle FTL rebuild failure state during device initialization
- mtip32xx: Implement timeout handler
- mtip32xx: Cleanup queued requests after surprise removal
- ALSA: hda - Apply reboot D3 fix for CX20724 codec, too
- ALSA: pcm: Avoid "BUG:" string for warnings again
- ALSA: intel8x0: Add clock quirk entry for AD1981B on IBM ThinkPad X41.
- ALSA: hda - Don't handle ELD notify from invalid port
- ALSA: hda - fix the mic mute button and led problem for a Lenovo AIO
- ALSA: hda - Fix unconditional GPIO toggle via automute
- tools/hv: Use include/uapi with __EXPORTED_HEADERS__
- jbd2: fix FS corruption possibility in jbd2_journal_destroy() on umount path
- brd: Fix discard request processing
- IB/srpt: Simplify srpt_handle_tsk_mgmt()
- bcache: cleaned up error handling around register_cache()
- bcache: fix race of writeback thread starting before complete initialization
- bcache: fix cache_set_flush() NULL pointer dereference on OOM
- mm: memcontrol: reclaim when shrinking memory.high below usage
- mm: memcontrol: reclaim and OOM kill when shrinking memory.max below usage
- ia64: define ioremap_uc()
- watchdog: don't run proc_watchdog_update if new value is same as old
- watchdog: rc32434_wdt: fix ioctl error handling
- Bluetooth: Add new AR3012 ID 0489:e095
- Bluetooth: Fix potential buffer overflow with Add Advertising
- cgroup: ignore css_sets associated with dead cgroups during migration
- net: mvneta: enable change MAC address when interface is up
- of: alloc anywhere from memblock if range not specified
- vfs: show_vfsstat: do not ignore errors from show_devname method
- splice: handle zero nr_pages in splice_to_pipe()
- xtensa: ISS: don't hang if stdin EOF is reached
- xtensa: fix preemption in {clear,copy}_user_highpage
- xtensa: clear all DBREAKC registers on start
- ARC: [BE] readl()/writel() to work in Big Endian CPU configuration
- ARC: bitops: Remove non relevant comments
- quota: Fix possible GPF due to uninitialised pointers
- xfs: fix two memory leaks in xfs_attr_list.c error paths
- raid1: include bio_end_io_list in nr_queued to prevent freeze_array hang
- md/raid5: Compare apples to apples (or sectors to sectors)
- RAID5: check_reshape() shouldn't call mddev_suspend
- RAID5: revert e9e4c377e2f563 to fix a livelock
- raid10: include bio_end_io_list in nr_queued to prevent freeze_array hang
- md/raid5: preserve STRIPE_PREREAD_ACTIVE in break_stripe_batch_list
- md: multipath: don't hardcopy bio in .make_request path
- fuse: do not use iocb after it may have been freed
- fuse: Add reference counting for fuse_io_priv
- fs/coredump: prevent fsuid=0 dumps into user-controlled directories
- rapidio/rionet: fix deadlock on SMP
- ipr: Fix out-of-bounds null overwrite
- ipr: Fix regression when loading firmware
- iwlwifi: mvm: Fix paging memory leak
- drm/radeon: disable runtime pm on PX laptops without dGPU power control
- drm/radeon: Don't drop DP 2.7 Ghz link setup on some cards.
- drm/amdgpu: disable runtime pm on PX laptops without dGPU power control
- drm/amdgpu: include the right version of gmc header files for iceland
- IB/ipoib: fix for rare multicast join race condition
- tracing: Have preempt(irqs)off trace preempt disabled functions
- tracing: Fix crash from reading trace_pipe with sendfile
- tracing: Fix trace_printk() to print when not using bprintk()
- bitops: Do not default to __clear_bit() for __clear_bit_unlock()
- scripts/coccinelle: modernize &
- scripts/kconfig: allow building with make 3.80 again
- kbuild/mkspec: fix grub2 installkernel issue
- MAINTAINERS: Update mailing list and web page for hwmon subsystem
- ideapad-laptop: Add ideapad Y700 (15) to the no_hw_rfkill DMI list
- mmc: block: fix ABI regression of mmc_blk_ioctl
- mmc: mmc_spi: Add Card Detect comments and fix CD GPIO case
- mmc: sdhci: fix data timeout (part 1)
- mmc: sdhci: fix data timeout (part 2)
- mmc: sdhci: Fix override of timeout clk wrt max_busy_timeout
- clk: rockchip: rk3368: fix cpuclk mux bit of big cpu-cluster
- clk: rockchip: rk3368: fix cpuclk core dividers
- clk: rockchip: rk3368: fix parents of video encoder/decoder
- clk: rockchip: rk3368: fix hdmi_cec gate-register
- clk: rockchip: add hclk_cpubus to the list of rk3188 critical clocks
- clk: bcm2835: Fix setting of PLL divider clock rates
- target: Fix target_release_cmd_kref shutdown comp leak
- iser-target: Fix identification of login rx descriptor type
- iser-target: Add new state ISER_CONN_BOUND to isert_conn
- iser-target: Separate flows for np listeners and connections cma events
- iser-target: Rework connection termination
- nfsd4: fix bad bounds checking
- nfsd: fix deadlock secinfo+readdir compound
- ARM: dts: at91: sama5d3 Xplained: don't disable hsmci regulator
- ARM: dts: at91: sama5d4 Xplained: don't disable hsmci regulator
- ACPI / PM: Runtime resume devices when waking from hibernate
- writeback, cgroup: fix premature wb_put() in locked_inode_to_wb_and_lock_list()
- writeback, cgroup: fix use of the wrong bdi_writeback which mismatches the inode
- Input: synaptics - handle spurious release of trackstick buttons, again
- Input: ims-pcu - sanity check against missing interfaces
- Input: ati_remote2 - fix crashes on detecting device with invalid descriptor
- ocfs2/dlm: fix race between convert and recovery
- ocfs2/dlm: fix BUG in dlm_move_lockres_to_recovery_list
- mm/page_alloc: prevent merging between isolated and other pageblocks
- mtd: onenand: fix deadlock in onenand_block_markbad
- intel_idle: prevent SKL-H boot failure when C8+C9+C10 enabled
- PM / sleep: Clear pm_suspend_global_flags upon hibernate
- scsi_common: do not clobber fixed sense information
- sched/cputime: Fix steal time accounting vs. CPU hotplug
- perf/x86/pebs: Add workaround for broken OVFL status on HSW+
- perf/x86/intel: Fix PEBS warning by only restoring active PMU in pmi
- perf/x86/intel: Use PAGE_SIZE for PEBS buffer size on Core2
- perf/x86/intel: Fix PEBS data source interpretation on Nehalem/Westmere
* Update grsecurity patch to 3.1-4.4.7-201604152208.
* debian/patches:
- bugfix/all/firmware-remove-redundant-log-messages-from-drivers rebased
against 4.4.7
- bugfix/all/uas-fix-high-order-alloc disabled, included in 4.4.7.
Checksums-Sha1:
16369abcc04a15d826c5a2d782e0cec176e131b8 2604 linux-grsec_4.4.7-1+grsec201604152208+1.dsc
f56c6b26d1e6c9f6521ab6797fb3658ac7f65104 88512564 linux-grsec_4.4.7.orig.tar.xz
99e43d999b3529b131bab4d36d9700386f6e7bba 4417060 linux-grsec_4.4.7-1+grsec201604152208+1.debian.tar.xz
Checksums-Sha256:
ce7569e4e5c1fd70c6ec394e7268e3d3fe6e29cc707282e72383e7d64c997654 2604 linux-grsec_4.4.7-1+grsec201604152208+1.dsc
6268686a6953d7aea9a57952b7ef5b160e8265173020089bef64883879c63d4c 88512564 linux-grsec_4.4.7.orig.tar.xz
5726d40af1b576fd26faa2361ff803ea7bf46ff2e08bccd3bdc7804aef6f67d6 4417060 linux-grsec_4.4.7-1+grsec201604152208+1.debian.tar.xz
Files:
8c253aeae07acaa6127a11fab421d612 2604 kernel optional linux-grsec_4.4.7-1+grsec201604152208+1.dsc
f305b7bfe62b5fe6480c86c100fa5e71 88512564 kernel optional linux-grsec_4.4.7.orig.tar.xz
4e9d138108ff8848ef4a7c2d11221324 4417060 kernel optional linux-grsec_4.4.7-1+grsec201604152208+1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCgAGBQJXE11NAAoJEG3bU/KmdcCleMYH/1J22+AI49MU4Wp6FmRnGS6/
iwN8mI2SpoNI8LrUoKevHjzlG/Rz7LVWLVq4qfu07Jz+ISRgIRzqG3Hd0w4datKL
NwUnzynFH3B9nfbq4u31GzNzCyrFtVGSQ/NTPE8t4C68PLsKgj0FBoDHQDy9xX/4
nqkSq0DwUCWwNdR3WKW8xU3OHihFE9gIlJyPQN7TXwokwxn/KCoCf/IOZEE8wm35
pyO3pc/+r9xBV7aIaPjxZ0y40P6LRvMAmWL3AolKa2bS7h6ssG3nCG9J3feqDDD+
71E5eRZ5Bl85xic3RrUDx2IUUvb1DiBm8XiUTOGEvYE9QBIntI/i4Qz+G+KAe8w=
=muz9
-----END PGP SIGNATURE-----