From 22b9f99b87fa1ff991180cabf02dd04d1bddce2b Mon Sep 17 00:00:00 2001 From: Stijn Tintel Date: Tue, 31 Jul 2018 05:11:07 +0300 Subject: kernel: bump 4.14 to 4.14.59 Drop patch that was superseded upstream: ramips/0036-mtd-fix-cfi-cmdset-0002-erase-status-check.patch Drop upstreamed patches: - apm821xx/020-0001-crypto-crypto4xx-remove-bad-list_del.patch - apm821xx/020-0011-crypto-crypto4xx-fix-crypto4xx_build_pdr-crypto4xx_b.patch - ath79/0011-MIPS-ath79-fix-register-address-in-ath79_ddr_wb_flus.patch - brcm63xx/001-4.15-08-bcm63xx_enet-correct-clock-usage.patch - brcm63xx/001-4.15-09-bcm63xx_enet-do-not-write-to-random-DMA-channel-on-B.patch - generic/backport/080-net-convert-sock.sk_wmem_alloc-from-atomic_t-to-refc.patch - generic/pending/170-usb-dwc2-Fix-DMA-alignment-to-start-at-allocated-boun.patch - generic/pending/900-gen_stats-fix-netlink-stats-padding.patch In 4.14.55, a patch was introduced that breaks ext4 images in some cases. The newly introduced patch backport-4.14/500-ext4-fix-check-to-prevent-initializing-reserved-inod.patch addresses this breakage. Fixes the following CVEs: - CVE-2018-10876 - CVE-2018-10877 - CVE-2018-10879 - CVE-2018-10880 - CVE-2018-10881 - CVE-2018-10882 - CVE-2018-10883 Compile-tested: ath79, octeon, x86/64 Runtime-tested: ath79, octeon, x86/64 Signed-off-by: Stijn Tintel --- ...eck-to-prevent-initializing-reserved-inod.patch | 65 ++++++++++++++++++++++ 1 file changed, 65 insertions(+) create mode 100644 target/linux/generic/backport-4.14/500-ext4-fix-check-to-prevent-initializing-reserved-inod.patch (limited to 'target/linux/generic/backport-4.14/500-ext4-fix-check-to-prevent-initializing-reserved-inod.patch') diff --git a/target/linux/generic/backport-4.14/500-ext4-fix-check-to-prevent-initializing-reserved-inod.patch b/target/linux/generic/backport-4.14/500-ext4-fix-check-to-prevent-initializing-reserved-inod.patch new file mode 100644 index 0000000000..8e63189e80 --- /dev/null +++ b/target/linux/generic/backport-4.14/500-ext4-fix-check-to-prevent-initializing-reserved-inod.patch @@ -0,0 +1,65 @@ +From 5012284700775a4e6e3fbe7eac4c543c4874b559 Mon Sep 17 00:00:00 2001 +From: Theodore Ts'o +Date: Sat, 28 Jul 2018 08:12:04 -0400 +Subject: [PATCH] ext4: fix check to prevent initializing reserved inodes + +Commit 8844618d8aa7: "ext4: only look at the bg_flags field if it is +valid" will complain if block group zero does not have the +EXT4_BG_INODE_ZEROED flag set. Unfortunately, this is not correct, +since a freshly created file system has this flag cleared. It gets +almost immediately after the file system is mounted read-write --- but +the following somewhat unlikely sequence will end up triggering a +false positive report of a corrupted file system: + + mkfs.ext4 /dev/vdc + mount -o ro /dev/vdc /vdc + mount -o remount,rw /dev/vdc + +Instead, when initializing the inode table for block group zero, test +to make sure that itable_unused count is not too large, since that is +the case that will result in some or all of the reserved inodes +getting cleared. + +This fixes the failures reported by Eric Whiteney when running +generic/230 and generic/231 in the the nojournal test case. + +Fixes: 8844618d8aa7 ("ext4: only look at the bg_flags field if it is valid") +Reported-by: Eric Whitney +Signed-off-by: Theodore Ts'o +--- + fs/ext4/ialloc.c | 5 ++++- + fs/ext4/super.c | 8 +------- + 2 files changed, 5 insertions(+), 8 deletions(-) + +--- a/fs/ext4/ialloc.c ++++ b/fs/ext4/ialloc.c +@@ -1394,7 +1394,10 @@ int ext4_init_inode_table(struct super_b + ext4_itable_unused_count(sb, gdp)), + sbi->s_inodes_per_block); + +- if ((used_blks < 0) || (used_blks > sbi->s_itb_per_group)) { ++ if ((used_blks < 0) || (used_blks > sbi->s_itb_per_group) || ++ ((group == 0) && ((EXT4_INODES_PER_GROUP(sb) - ++ ext4_itable_unused_count(sb, gdp)) < ++ EXT4_FIRST_INO(sb)))) { + ext4_error(sb, "Something is wrong with group %u: " + "used itable blocks: %d; " + "itable unused count: %u", +--- a/fs/ext4/super.c ++++ b/fs/ext4/super.c +@@ -3103,14 +3103,8 @@ static ext4_group_t ext4_has_uninit_itab + if (!gdp) + continue; + +- if (gdp->bg_flags & cpu_to_le16(EXT4_BG_INODE_ZEROED)) +- continue; +- if (group != 0) ++ if (!(gdp->bg_flags & cpu_to_le16(EXT4_BG_INODE_ZEROED))) + break; +- ext4_error(sb, "Inode table for bg 0 marked as " +- "needing zeroing"); +- if (sb_rdonly(sb)) +- return ngroups; + } + + return group; -- cgit v1.2.3