diff options
| -rw-r--r-- | 0003-toneport-fixes.patch | 61 | ||||
| -rw-r--r-- | sctp-walk-the-list-of-asoc-safely.patch | 39 | ||||
| -rw-r--r-- | series | 1 | ||||
| -rw-r--r-- | stable-kernel-rules.rst-add-link-to-networking-patch-queue.patch | 30 |
4 files changed, 131 insertions, 0 deletions
diff --git a/0003-toneport-fixes.patch b/0003-toneport-fixes.patch new file mode 100644 index 00000000000000..4bc8ab38570295 --- /dev/null +++ b/0003-toneport-fixes.patch @@ -0,0 +1,61 @@ +From e2c743d1f900135c3e560cd9ea1647e4a1ebce7a Mon Sep 17 00:00:00 2001 +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> +Date: Wed, 23 Jan 2019 11:01:46 +0100 +Subject: [PATCH 3/3] toneport fixes + +--- + sound/usb/line6/toneport.c | 23 +++++++++++++++++------ + 1 file changed, 17 insertions(+), 6 deletions(-) + +--- a/sound/usb/line6/toneport.c ++++ b/sound/usb/line6/toneport.c +@@ -365,16 +365,21 @@ static bool toneport_has_source_select(s + /* + Setup Toneport device. + */ +-static void toneport_setup(struct usb_line6_toneport *toneport) ++static int toneport_setup(struct usb_line6_toneport *toneport) + { +- u32 ticks; ++ u32 *ticks; + struct usb_line6 *line6 = &toneport->line6; + struct usb_device *usbdev = line6->usbdev; + ++ ticks = kmalloc(sizeof(*ticks), GFP_KERNEL); ++ if (!ticks) ++ return -ENOMEM; ++ + /* sync time on device with host: */ + /* note: 32-bit timestamps overflow in year 2106 */ +- ticks = (u32)ktime_get_real_seconds(); +- line6_write_data(line6, 0x80c6, &ticks, 4); ++ *ticks = (u32)ktime_get_real_seconds(); ++ line6_write_data(line6, 0x80c6, ticks, 4); ++ kfree(ticks); + + /* enable device: */ + toneport_send_cmd(usbdev, 0x0301, 0x0000); +@@ -451,7 +456,9 @@ static int toneport_init(struct usb_line + return err; + } + +- toneport_setup(toneport); ++ err = toneport_setup(toneport); ++ if (err) ++ return err; + + /* register audio system: */ + return snd_card_register(line6->card); +@@ -463,7 +470,11 @@ static int toneport_init(struct usb_line + */ + static int toneport_reset_resume(struct usb_interface *interface) + { +- toneport_setup(usb_get_intfdata(interface)); ++ int err; ++ ++ err = toneport_setup(usb_get_intfdata(interface)); ++ if (err) ++ return err; + return line6_resume(interface); + } + #endif diff --git a/sctp-walk-the-list-of-asoc-safely.patch b/sctp-walk-the-list-of-asoc-safely.patch new file mode 100644 index 00000000000000..04b03dc760d0eb --- /dev/null +++ b/sctp-walk-the-list-of-asoc-safely.patch @@ -0,0 +1,39 @@ +From foo@baz Fri Feb 1 14:09:51 CET 2019 +Date: Fri, 01 Feb 2019 14:09:51 +0100 +To: Greg KH <gregkh@linuxfoundation.org> +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> +Subject: sctp: walk the list of asoc safely + +In sctp_sendmesg(), when walking the list of endpoint associations, the +association can be dropped from the list, making the list corrupt. +Properly handle this by using list_for_each_entry_safe() + +Fixes: 4910280503f3 ("sctp: add support for snd flag SCTP_SENDALL process in sendmsg") +Reported-by: Secunia Research <vuln@secunia.com> +Tested-by: Secunia Research <vuln@secunia.com> +Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> + +--- + net/sctp/socket.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/net/sctp/socket.c ++++ b/net/sctp/socket.c +@@ -2027,7 +2027,7 @@ static int sctp_sendmsg(struct sock *sk, + struct sctp_endpoint *ep = sctp_sk(sk)->ep; + struct sctp_transport *transport = NULL; + struct sctp_sndrcvinfo _sinfo, *sinfo; +- struct sctp_association *asoc; ++ struct sctp_association *asoc, *tmp; + struct sctp_cmsgs cmsgs; + union sctp_addr *daddr; + bool new = false; +@@ -2053,7 +2053,7 @@ static int sctp_sendmsg(struct sock *sk, + + /* SCTP_SENDALL process */ + if ((sflags & SCTP_SENDALL) && sctp_style(sk, UDP)) { +- list_for_each_entry(asoc, &ep->asocs, asocs) { ++ list_for_each_entry_safe(asoc, tmp, &ep->asocs, asocs) { + err = sctp_sendmsg_check_sflags(asoc, sflags, msg, + msg_len); + if (err == 0) @@ -1,5 +1,6 @@ # +0003-toneport-fixes.patch sctp-walk-the-list-of-asoc-safely.patch stable-kernel-rules.rst-add-link-to-networking-patch-queue.patch spdxcheck-print-out-files-without-any-spdx-lines.patch diff --git a/stable-kernel-rules.rst-add-link-to-networking-patch-queue.patch b/stable-kernel-rules.rst-add-link-to-networking-patch-queue.patch new file mode 100644 index 00000000000000..b98d37f3f7943d --- /dev/null +++ b/stable-kernel-rules.rst-add-link-to-networking-patch-queue.patch @@ -0,0 +1,30 @@ +From foo@baz Tue Jan 22 19:43:36 CET 2019 +Date: Tue, 22 Jan 2019 19:43:36 +0100 +To: Greg KH <gregkh@linuxfoundation.org> +From: Greg Kroah-Hartman <gregkh@linuxfoundation.org> +Subject: [PATCH] stable-kernel-rules.rst: add link to networking patch queue + +The networking maintainer keeps a public list of the patches being +queued up for the next round of stable releases. Be sure to check there +before asking for a patch to be applied so that you do not waste +people's time. + +Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> +Acked-by: David S. Miller <davem@davemloft.net> + +--- + Documentation/process/stable-kernel-rules.rst | 3 +++ + 1 file changed, 3 insertions(+) + +--- a/Documentation/process/stable-kernel-rules.rst ++++ b/Documentation/process/stable-kernel-rules.rst +@@ -38,6 +38,9 @@ Procedure for submitting patches to the + - If the patch covers files in net/ or drivers/net please follow netdev stable + submission guidelines as described in + :ref:`Documentation/networking/netdev-FAQ.rst <netdev-FAQ>` ++ after first checking the stable networking queue at ++ https://patchwork.ozlabs.org/bundle/davem/stable/?series=&submitter=&state=*&q=&archive= ++ to ensure the requested patch is not already queued up. + - Security patches should not be handled (solely) by the -stable review + process but should follow the procedures in + :ref:`Documentation/admin-guide/security-bugs.rst <securitybugs>`. |