diff options
25 files changed, 114 insertions, 28 deletions
diff --git a/SOURCES/kernel-aarch64-debug-fedora.config b/SOURCES/kernel-aarch64-debug-fedora.config index c47b34a..242af30 100644 --- a/SOURCES/kernel-aarch64-debug-fedora.config +++ b/SOURCES/kernel-aarch64-debug-fedora.config @@ -8004,5 +8004,5 @@ CONFIG_ZYNQMP_POWER=y # Select this config option to add support for the initrd= command # This option determines the default init for the system if no init= # warnings from C=1 sparse checker or -Wextra compilations. It has -# CONFIG_ZENIFY is not set +CONFIG_ZENIFY=y # CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE_O3 is not set
\ No newline at end of file diff --git a/SOURCES/kernel-aarch64-debug-rhel.config b/SOURCES/kernel-aarch64-debug-rhel.config index f937775..44d74da 100644 --- a/SOURCES/kernel-aarch64-debug-rhel.config +++ b/SOURCES/kernel-aarch64-debug-rhel.config @@ -6270,5 +6270,5 @@ CONFIG_ZSWAP=y CONFIG_ZSWAP_ZPOOL_DEFAULT_ZBUD=y # CONFIG_ZSWAP_ZPOOL_DEFAULT_ZSMALLOC is not set # CONFIG_ZX_TDM is not set -# CONFIG_ZENIFY is not set +CONFIG_ZENIFY=y # CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE_O3 is not set diff --git a/SOURCES/kernel-aarch64-fedora.config b/SOURCES/kernel-aarch64-fedora.config index 8847b72..85dd36b 100644 --- a/SOURCES/kernel-aarch64-fedora.config +++ b/SOURCES/kernel-aarch64-fedora.config @@ -7982,5 +7982,5 @@ CONFIG_ZYNQMP_POWER=y # Select this config option to add support for the initrd= command # This option determines the default init for the system if no init= # warnings from C=1 sparse checker or -Wextra compilations. It has -# CONFIG_ZENIFY is not set +CONFIG_ZENIFY=y # CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE_O3 is not set
\ No newline at end of file diff --git a/SOURCES/kernel-aarch64-rhel.config b/SOURCES/kernel-aarch64-rhel.config index 6bae073..20018cd 100644 --- a/SOURCES/kernel-aarch64-rhel.config +++ b/SOURCES/kernel-aarch64-rhel.config @@ -6249,5 +6249,5 @@ CONFIG_ZSWAP=y CONFIG_ZSWAP_ZPOOL_DEFAULT_ZBUD=y # CONFIG_ZSWAP_ZPOOL_DEFAULT_ZSMALLOC is not set # CONFIG_ZX_TDM is not set -# CONFIG_ZENIFY is not set +CONFIG_ZENIFY=y # CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE_O3 is not set diff --git a/SOURCES/kernel-armv7hl-debug-fedora.config b/SOURCES/kernel-armv7hl-debug-fedora.config index e833045..96fe756 100644 --- a/SOURCES/kernel-armv7hl-debug-fedora.config +++ b/SOURCES/kernel-armv7hl-debug-fedora.config @@ -8302,5 +8302,5 @@ CONFIG_ZSWAP_ZPOOL_DEFAULT_ZBUD=y # Select this config option to add support for the initrd= command # This option determines the default init for the system if no init= # warnings from C=1 sparse checker or -Wextra compilations. It has -# CONFIG_ZENIFY is not set +CONFIG_ZENIFY=y # CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE_O3 is not set
\ No newline at end of file diff --git a/SOURCES/kernel-armv7hl-fedora.config b/SOURCES/kernel-armv7hl-fedora.config index 36f343f..f7803eb 100644 --- a/SOURCES/kernel-armv7hl-fedora.config +++ b/SOURCES/kernel-armv7hl-fedora.config @@ -8281,5 +8281,5 @@ CONFIG_ZSWAP_ZPOOL_DEFAULT_ZBUD=y # Select this config option to add support for the initrd= command # This option determines the default init for the system if no init= # warnings from C=1 sparse checker or -Wextra compilations. It has -# CONFIG_ZENIFY is not set +CONFIG_ZENIFY=y # CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE_O3 is not set
\ No newline at end of file diff --git a/SOURCES/kernel-armv7hl-lpae-debug-fedora.config b/SOURCES/kernel-armv7hl-lpae-debug-fedora.config index 0e32bea..473d426 100644 --- a/SOURCES/kernel-armv7hl-lpae-debug-fedora.config +++ b/SOURCES/kernel-armv7hl-lpae-debug-fedora.config @@ -8027,5 +8027,5 @@ CONFIG_ZSWAP_ZPOOL_DEFAULT_ZBUD=y # Select this config option to add support for the initrd= command # This option determines the default init for the system if no init= # warnings from C=1 sparse checker or -Wextra compilations. It has -# CONFIG_ZENIFY is not set +CONFIG_ZENIFY=y # CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE_O3 is not set
\ No newline at end of file diff --git a/SOURCES/kernel-armv7hl-lpae-fedora.config b/SOURCES/kernel-armv7hl-lpae-fedora.config index dc10858..fda01ed 100644 --- a/SOURCES/kernel-armv7hl-lpae-fedora.config +++ b/SOURCES/kernel-armv7hl-lpae-fedora.config @@ -8006,5 +8006,5 @@ CONFIG_ZSWAP_ZPOOL_DEFAULT_ZBUD=y # Select this config option to add support for the initrd= command # This option determines the default init for the system if no init= # warnings from C=1 sparse checker or -Wextra compilations. It has -# CONFIG_ZENIFY is not set +CONFIG_ZENIFY=y # CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE_O3 is not set
\ No newline at end of file diff --git a/SOURCES/kernel-i686-debug-fedora.config b/SOURCES/kernel-i686-debug-fedora.config index 868a2a3..09068c8 100644 --- a/SOURCES/kernel-i686-debug-fedora.config +++ b/SOURCES/kernel-i686-debug-fedora.config @@ -7328,5 +7328,5 @@ CONFIG_ZSWAP_ZPOOL_DEFAULT_ZBUD=y # Select this config option to add support for the initrd= command # This option determines the default init for the system if no init= # warnings from C=1 sparse checker or -Wextra compilations. It has -# CONFIG_ZENIFY is not set +CONFIG_ZENIFY=y # CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE_O3 is not set
\ No newline at end of file diff --git a/SOURCES/kernel-i686-fedora.config b/SOURCES/kernel-i686-fedora.config index 8805a75..076b5a7 100644 --- a/SOURCES/kernel-i686-fedora.config +++ b/SOURCES/kernel-i686-fedora.config @@ -7306,5 +7306,5 @@ CONFIG_ZSWAP_ZPOOL_DEFAULT_ZBUD=y # Select this config option to add support for the initrd= command # This option determines the default init for the system if no init= # warnings from C=1 sparse checker or -Wextra compilations. It has -# CONFIG_ZENIFY is not set +CONFIG_ZENIFY=y # CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE_O3 is not set
\ No newline at end of file diff --git a/SOURCES/kernel-ppc64le-debug-fedora.config b/SOURCES/kernel-ppc64le-debug-fedora.config index 992df8f..948474f 100644 --- a/SOURCES/kernel-ppc64le-debug-fedora.config +++ b/SOURCES/kernel-ppc64le-debug-fedora.config @@ -6804,5 +6804,5 @@ CONFIG_ZSWAP_ZPOOL_DEFAULT_ZBUD=y # Select this config option to add support for the initrd= command # This option determines the default init for the system if no init= # warnings from C=1 sparse checker or -Wextra compilations. It has -# CONFIG_ZENIFY is not set +CONFIG_ZENIFY=y # CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE_O3 is not set
\ No newline at end of file diff --git a/SOURCES/kernel-ppc64le-debug-rhel.config b/SOURCES/kernel-ppc64le-debug-rhel.config index 258f763..3d3a986 100644 --- a/SOURCES/kernel-ppc64le-debug-rhel.config +++ b/SOURCES/kernel-ppc64le-debug-rhel.config @@ -6117,5 +6117,5 @@ CONFIG_ZSWAP=y CONFIG_ZSWAP_ZPOOL_DEFAULT_ZBUD=y # CONFIG_ZSWAP_ZPOOL_DEFAULT_ZSMALLOC is not set # CONFIG_ZX_TDM is not set -# CONFIG_ZENIFY is not set +CONFIG_ZENIFY=y # CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE_O3 is not set diff --git a/SOURCES/kernel-ppc64le-fedora.config b/SOURCES/kernel-ppc64le-fedora.config index be7fc34..2362172 100644 --- a/SOURCES/kernel-ppc64le-fedora.config +++ b/SOURCES/kernel-ppc64le-fedora.config @@ -6781,5 +6781,5 @@ CONFIG_ZSWAP_ZPOOL_DEFAULT_ZBUD=y # Select this config option to add support for the initrd= command # This option determines the default init for the system if no init= # warnings from C=1 sparse checker or -Wextra compilations. It has -# CONFIG_ZENIFY is not set +CONFIG_ZENIFY=y # CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE_O3 is not set
\ No newline at end of file diff --git a/SOURCES/kernel-ppc64le-rhel.config b/SOURCES/kernel-ppc64le-rhel.config index dea550e..d5ea6e9 100644 --- a/SOURCES/kernel-ppc64le-rhel.config +++ b/SOURCES/kernel-ppc64le-rhel.config @@ -6099,5 +6099,5 @@ CONFIG_ZSWAP=y CONFIG_ZSWAP_ZPOOL_DEFAULT_ZBUD=y # CONFIG_ZSWAP_ZPOOL_DEFAULT_ZSMALLOC is not set # CONFIG_ZX_TDM is not set -# CONFIG_ZENIFY is not set +CONFIG_ZENIFY=y # CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE_O3 is not set diff --git a/SOURCES/kernel-s390x-debug-fedora.config b/SOURCES/kernel-s390x-debug-fedora.config index 3745cb7..8ce6075 100644 --- a/SOURCES/kernel-s390x-debug-fedora.config +++ b/SOURCES/kernel-s390x-debug-fedora.config @@ -6745,5 +6745,5 @@ CONFIG_ZSWAP_ZPOOL_DEFAULT_ZBUD=y # This option determines the default init for the system if no init= # warnings from C=1 sparse checker or -Wextra compilations. It has -# CONFIG_ZENIFY is not set +CONFIG_ZENIFY=y # CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE_O3 is not set
\ No newline at end of file diff --git a/SOURCES/kernel-s390x-debug-rhel.config b/SOURCES/kernel-s390x-debug-rhel.config index c3bcdf1..0de42ff 100644 --- a/SOURCES/kernel-s390x-debug-rhel.config +++ b/SOURCES/kernel-s390x-debug-rhel.config @@ -6070,5 +6070,5 @@ CONFIG_ZSWAP_COMPRESSOR_DEFAULT_LZO=y CONFIG_ZSWAP_ZPOOL_DEFAULT_ZBUD=y # CONFIG_ZSWAP_ZPOOL_DEFAULT_ZSMALLOC is not set # CONFIG_ZX_TDM is not set -# CONFIG_ZENIFY is not set +CONFIG_ZENIFY=y # CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE_O3 is not set
\ No newline at end of file diff --git a/SOURCES/kernel-s390x-fedora.config b/SOURCES/kernel-s390x-fedora.config index 7e5452a..7324eb1 100644 --- a/SOURCES/kernel-s390x-fedora.config +++ b/SOURCES/kernel-s390x-fedora.config @@ -6722,5 +6722,5 @@ CONFIG_ZSWAP_ZPOOL_DEFAULT_ZBUD=y # This option determines the default init for the system if no init= # warnings from C=1 sparse checker or -Wextra compilations. It has -# CONFIG_ZENIFY is not set +CONFIG_ZENIFY=y # CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE_O3 is not set
\ No newline at end of file diff --git a/SOURCES/kernel-s390x-rhel.config b/SOURCES/kernel-s390x-rhel.config index 645dc7d..cf00d7c 100644 --- a/SOURCES/kernel-s390x-rhel.config +++ b/SOURCES/kernel-s390x-rhel.config @@ -6052,5 +6052,5 @@ CONFIG_ZSWAP_COMPRESSOR_DEFAULT_LZO=y CONFIG_ZSWAP_ZPOOL_DEFAULT_ZBUD=y # CONFIG_ZSWAP_ZPOOL_DEFAULT_ZSMALLOC is not set # CONFIG_ZX_TDM is not set -# CONFIG_ZENIFY is not set +CONFIG_ZENIFY=y # CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE_O3 is not set diff --git a/SOURCES/kernel-s390x-zfcpdump-rhel.config b/SOURCES/kernel-s390x-zfcpdump-rhel.config index f53d812..6eb4856 100644 --- a/SOURCES/kernel-s390x-zfcpdump-rhel.config +++ b/SOURCES/kernel-s390x-zfcpdump-rhel.config @@ -6088,5 +6088,5 @@ CONFIG_ZSWAP_COMPRESSOR_DEFAULT_LZO=y CONFIG_ZSWAP_ZPOOL_DEFAULT_ZBUD=y # CONFIG_ZSWAP_ZPOOL_DEFAULT_ZSMALLOC is not set # CONFIG_ZX_TDM is not set -# CONFIG_ZENIFY is not set +CONFIG_ZENIFY=y # CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE_O3 is not set diff --git a/SOURCES/kernel-x86_64-debug-fedora.config b/SOURCES/kernel-x86_64-debug-fedora.config index b5281a8..1a5c4fa 100644 --- a/SOURCES/kernel-x86_64-debug-fedora.config +++ b/SOURCES/kernel-x86_64-debug-fedora.config @@ -7380,5 +7380,5 @@ CONFIG_ZSWAP_ZPOOL_DEFAULT_ZBUD=y # Select this config option to add support for the initrd= command # This option determines the default init for the system if no init= # warnings from C=1 sparse checker or -Wextra compilations. It has -# CONFIG_ZENIFY is not set +CONFIG_ZENIFY=y # CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE_O3 is not set
\ No newline at end of file diff --git a/SOURCES/kernel-x86_64-debug-rhel.config b/SOURCES/kernel-x86_64-debug-rhel.config index 9008ce3..0f2195e 100644 --- a/SOURCES/kernel-x86_64-debug-rhel.config +++ b/SOURCES/kernel-x86_64-debug-rhel.config @@ -6402,5 +6402,5 @@ CONFIG_ZSWAP=y CONFIG_ZSWAP_ZPOOL_DEFAULT_ZBUD=y # CONFIG_ZSWAP_ZPOOL_DEFAULT_ZSMALLOC is not set # CONFIG_ZX_TDM is not set -# CONFIG_ZENIFY is not set +CONFIG_ZENIFY=y # CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE_O3 is not set diff --git a/SOURCES/kernel-x86_64-fedora.config b/SOURCES/kernel-x86_64-fedora.config index cc102b9..e70e902 100644 --- a/SOURCES/kernel-x86_64-fedora.config +++ b/SOURCES/kernel-x86_64-fedora.config @@ -7358,5 +7358,5 @@ CONFIG_ZSWAP_ZPOOL_DEFAULT_ZBUD=y # Select this config option to add support for the initrd= command # This option determines the default init for the system if no init= # warnings from C=1 sparse checker or -Wextra compilations. It has -# CONFIG_ZENIFY is not set +CONFIG_ZENIFY=y # CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE_O3 is not set
\ No newline at end of file diff --git a/SOURCES/kernel-x86_64-rhel.config b/SOURCES/kernel-x86_64-rhel.config index e99decf..6d5f980 100644 --- a/SOURCES/kernel-x86_64-rhel.config +++ b/SOURCES/kernel-x86_64-rhel.config @@ -6382,5 +6382,5 @@ CONFIG_ZSWAP=y CONFIG_ZSWAP_ZPOOL_DEFAULT_ZBUD=y # CONFIG_ZSWAP_ZPOOL_DEFAULT_ZSMALLOC is not set # CONFIG_ZX_TDM is not set -# CONFIG_ZENIFY is not set +CONFIG_ZENIFY=y # CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE_O3 is not set diff --git a/SOURCES/speakup-do-not-let-the-line-discipline-be-used-several-times.patch b/SOURCES/speakup-do-not-let-the-line-discipline-be-used-several-times.patch new file mode 100644 index 0000000..449aace --- /dev/null +++ b/SOURCES/speakup-do-not-let-the-line-discipline-be-used-several-times.patch @@ -0,0 +1,76 @@ +From d4122754442799187d5d537a9c039a49a67e57f1 Mon Sep 17 00:00:00 2001 +From: Samuel Thibault <samuel.thibault@ens-lyon.org> +Date: Tue, 10 Nov 2020 19:35:41 +0100 +Subject: speakup: Do not let the line discipline be used several times +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Samuel Thibault <samuel.thibault@ens-lyon.org> + +commit d4122754442799187d5d537a9c039a49a67e57f1 upstream. + +Speakup has only one speakup_tty variable to store the tty it is managing. This +makes sense since its codebase currently assumes that there is only one user who +controls the screen reading. + +That however means that we have to forbid using the line discipline several +times, otherwise the second closure would try to free a NULL ldisc_data, leading to + +general protection fault: 0000 [#1] SMP KASAN PTI +RIP: 0010:spk_ttyio_ldisc_close+0x2c/0x60 +Call Trace: + tty_ldisc_release+0xa2/0x340 + tty_release_struct+0x17/0xd0 + tty_release+0x9d9/0xcc0 + __fput+0x231/0x740 + task_work_run+0x12c/0x1a0 + do_exit+0x9b5/0x2230 + ? release_task+0x1240/0x1240 + ? __do_page_fault+0x562/0xa30 + do_group_exit+0xd5/0x2a0 + __x64_sys_exit_group+0x35/0x40 + do_syscall_64+0x89/0x2b0 + ? page_fault+0x8/0x30 + entry_SYSCALL_64_after_hwframe+0x44/0xa9 + +Cc: stable@vger.kernel.org +Reported-by: 秦世松 <qinshisong1205@gmail.com> +Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org> +Tested-by: Shisong Qin <qinshisong1205@gmail.com> +Link: https://lore.kernel.org/r/20201110183541.fzgnlwhjpgqzjeth@function +Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> + +--- + drivers/accessibility/speakup/spk_ttyio.c | 12 +++++++++++- + 1 file changed, 11 insertions(+), 1 deletion(-) + +--- a/drivers/accessibility/speakup/spk_ttyio.c ++++ b/drivers/accessibility/speakup/spk_ttyio.c +@@ -49,15 +49,25 @@ static int spk_ttyio_ldisc_open(struct t + + if (!tty->ops->write) + return -EOPNOTSUPP; ++ ++ mutex_lock(&speakup_tty_mutex); ++ if (speakup_tty) { ++ mutex_unlock(&speakup_tty_mutex); ++ return -EBUSY; ++ } + speakup_tty = tty; + + ldisc_data = kmalloc(sizeof(*ldisc_data), GFP_KERNEL); +- if (!ldisc_data) ++ if (!ldisc_data) { ++ speakup_tty = NULL; ++ mutex_unlock(&speakup_tty_mutex); + return -ENOMEM; ++ } + + init_completion(&ldisc_data->completion); + ldisc_data->buf_free = true; + speakup_tty->disc_data = ldisc_data; ++ mutex_unlock(&speakup_tty_mutex); + + return 0; + } diff --git a/SPECS/kernel.spec b/SPECS/kernel.spec index 12e62b1..832018d 100644 --- a/SPECS/kernel.spec +++ b/SPECS/kernel.spec @@ -54,6 +54,8 @@ Summary: The Linux kernel %if %{zipmodules} %global zipsed -e 's/\.ko$/\.ko.xz/' +# for parallel xz processes, replace with 1 to go back to single process +%global zcpu `nproc --all` %endif %define buildid .fsync @@ -92,7 +94,7 @@ Summary: The Linux kernel %if 0%{?released_kernel} # Do we have a -stable update to apply? -%define stable_update 9 +%define stable_update 10 # Set rpm version accordingly %if 0%{?stable_update} %define stablerev %{stable_update} @@ -204,7 +206,7 @@ Summary: The Linux kernel %if 0%{?fedora} # Kernel headers are being split out into a separate package -%define with_headers 1 +%define with_headers 0 %define with_cross_headers 0 # no selftests for now %define with_selftests 0 @@ -868,6 +870,9 @@ Patch131: arm64-dts-allwinner-h6-Pine-H64-Fix-ethernet-node.patch # rhbz 1897038 Patch132: bluetooth-fix-LL-privacy-BLE-device-fails-to-connect.patch +# CVE-2020-28941 rhbz 1899985 1899986 +Patch133: speakup-do-not-let-the-line-discipline-be-used-several-times.patch + # Linux-tkg patches - https://github.com/Frogging-Family/linux-tkg/tree/master/linux-tkg-patches/5.8 Patch200: zen.patch Patch201: fsync.patch @@ -2350,7 +2355,7 @@ find Documentation -type d | xargs chmod u+w fi \ fi \ if [ "%{zipmodules}" -eq "1" ]; then \ - find $RPM_BUILD_ROOT/lib/modules/ -type f -name '*.ko' | %{SOURCE79} %{?_smp_mflags}; \ + find $RPM_BUILD_ROOT/lib/modules/ -type f -name '*.ko' | xargs -P%{zcpu} xz; \ fi \ %{nil} @@ -2985,8 +2990,13 @@ fi # # %changelog -* Mon Nov 23 20:49:48 CET 2020 Jan Drögehoff <sentrycraft123@gmail.com> - 5.9.9-201.fsync -- Linux v5.9.9 fsync zen +* Wed Nov 25 19:20:00 CET 2020 Jan Drögehoff <sentrycraft123@gmail.com> - 5.9.10-201.fsync +- Linux v5.9.10 fsync zen + +* Mon Nov 23 09:58:15 CST 2020 Justin M. Forbes <jforbes@fedoraproject.org> - 5.9.10-200 +- Linux v5.9.10 +- Fix CVE-2020-28941 (rhbz 1899985 1899986) +- Fix CVE-2020-4788 (rhbz 1888433 1900437) * Thu Nov 19 07:09:26 CST 2020 Justin M. Forbes <jforbes@fedoraproject.org> - 5.9.9-200 - Linux v5.9.9 |