Skip to content

Thanks #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
aifari777 wants to merge 2,561 commits into
base: incredikernel-jb42
Choose a base branch
from
Open

Thanks #3

aifari777 wants to merge 2,561 commits into from

Conversation

@aifari777
Copy link

@aifari777 aifari777 commented Apr 4, 2015

No description provided.

jmalinen and others added 30 commits July 15, 2012 21:57
@jmalinen @drewis
cfg80211/nl80211: Send AssocReq IEs to user space in AP mode
7dd3f99 
When user space SME/MLME (e.g., hostapd) is not used in AP mode, the
IEs from the (Re)Association Request frame that was processed in
firmware need to be made available for user space (e.g., RSN IE for
hostapd). Allow this to be done with cfg80211_new_sta().

(cherry picked from commit d692df2 from
android.googlesource.com/common.git)

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
Acked-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
Signed-off-by: Varun Wadekar <vwadekar@nvidia.com>
Change-Id: I211171ca4953832cc998402c149ecf3fc429f9e6
Reviewed-on: http://git-master/r/78886
Reviewed-by: Automatic_Commit_Validation_User
@sdf611097 @drewis
cfg80211: fix a crash in nl80211_send_station
07e39d4 
mac80211 leaves sinfo->assoc_req_ies uninitialized, causing a random
pointer memory access in nl80211_send_station.
Instead of checking if the pointer is null, use sinfo->filled, like
the rest of the fields.

Change-Id: I312a466f8c631ad64a16ecf191fa8046fe658cc1
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
Reviewed-on: http://mcrd1-5.corpnet.asus/code-review/master/48179
Reviewed-by: Jim1 Lin <jim1_lin@asus.com>
Tested-by: Jim1 Lin <jim1_lin@asus.com>
Reviewed-by: Leslie Yu <Leslie_Yu@asus.com>
@drewis
cfg80211: Add nl80211 event for deletion of a station entry
6812878 
Indicate an NL80211_CMD_DEL_STATION event when a station entry in
mac80211 is deleted to match with the NL80211_CMD_NEW_STATION event
that is used when the entry was added. This is needed, e.g., to allow
user space to remove a peer from RSN IBSS Authenticator state machine
to avoid re-authentication and re-keying delays when the peer is not
reachable anymore.

Signed-off-by: Jouni Malinen <jouni.malinen@atheros.com>
Reviewed-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
@drewis
Revert "SLAB: Record actual last user of freed objects."
d897c9f 
This reverts commit 4eb1a6c.
@drewis
Revert "mm: notifier_from_errno() cleanup"
3bc8d90 
This reverts commit bbd2e7c.
@drewis
Revert "slab,rcu: don't assume the size of struct rcu_head"
eece673 
This reverts commit dec5bf8.
@drewis
Revert "mm: Remove support for kmem_cache_name()"
2739a74 
This reverts commit 59ecae8.
@drewis
Revert "sched: don't call task_group() many times in set_task_rq()"
b82ea02 
This reverts commit 8ebf6d5.
@drewis
Revert "cpufreq: Export user_policy min/max"
113c3c7 
This reverts commit 71d4679.
@drewis
Revert "[CPUFREQ] fix cpumask memory leak in acpi-cpufreq on cpu hotp…
80d799e 
…lug."

This reverts commit fa6f74c.
@drewis
Revert "cpufreq: expose a cpufreq_quick_get_max routine"
310fb69 
This reverts commit 4335761.
@drewis
msm: mahimahi: bcmdhd updates
c360d87
@drewis
msm: supersonic: bcmdhd updates
91c1d53
@drewis
msm: incrediblec: bcmdhd updates
6b38f0a
@drewis
msm: bravo: bcmdhd updates
4b38457
@drewis
configs: evervolv: bcmdhd updates
e94e44d
@drewis
net: wireless: Add CONFIG_WIFI_CONTROL_FUNC option
25be48f 
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
@drewis
net: wireless: bcmdhd: Reload FW in case of constant scan failure
136fdd6 
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
@drewis
net: wireless: bcmdhd: Reduce priority for dhd_dpc and watchdog
2c92a37 
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
@drewis
net: wireless: bcmdhd: Ignore error if "chanspecs" command is not sup…
6b9bbd6 
…ported

Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
@drewis
net: wireless: bcmdhd: Skip inaccurate wl_construct_reginfo() call
0303e06 
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
@drewis
net: wireless: bcmdhd: Add wiphyband update for country change
9444582 
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
@drewis
net: wireless: bcmdhd: Return wl_construct_reginfo() call
3d33f6c 
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
@drewis
net: wireless: bcmdhd: Skip country setting if unnecessary
9c387e9 
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
@drewis
net: wireless: bcmdhd: Add mutex to wl_update_wiphybands()
6302788 
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
@avagin @drewis
net: wireless: bcmdhd: Init locks in dhd_attach() at the beginning
a3e66c8 
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
@drewis
net: wireless: bcmdhd: Update wiphy bands on band change
722fbfe 
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
@drewis
net: wireless: bcmdhd: Fix P2P GO hang issue
c042ec5 
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
@drewis
net: wireless: bcmdhd: Remove country update from wl_update_wiphybands
ebee637 
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
@drewis
net: wireless: bcmdhd: Add info_string param with driver/fw/chip info
e561a8b 
Signed-off-by: Dmitry Shmidt <dimitrysh@google.com>
zachf714 and others added 30 commits April 10, 2014 17:34
@zachf714
defconfig: Enable Audit
7d77a22 
Just stops some log spam
@zachf714
Tweak lowmemorykiller
7a9a5a6
@zachf714
Fix memory leak
ba80a63
@zachf714
Add Add The Brain Fuck Scheduler v0.404 by Con Kolivas
ebaa675
@zachf714
Tweak BFS
e984739
@zachf714
Increase readahead buffer
5609f44
@zachf714
Adjust VM ratios
29febc0
@zachf714
Fix fixup_user_fault for MMU=n
3b00926
@zachf714
Flush disk cache when merging
e65f12f
@zachf714
Adjust VFS pressure
8225131
@zachf714
Fix BFS
6998c62
@zachf714
Avoid corrupting structure while waiting for rcu_free
bf84bf9
@zachf714
Fix IDR leak on module removal
e8f7387
@zachf714
Fix EXT4 should writeback data for non journal mode
e760a22
@zachf714
Fix oops in ext3_try_to_allocate_with_rsv
679e7d7
@zachf714
incrediblec: OC Farther (EXTREAMLY EXPERIMENTAL)
3190d29
@zachf714
Revert "incrediblec: OC Farther (EXTREAMLY EXPERIMENTAL)"
5445e45 
This reverts commit 3190d29.
@zachf714
Enable BFS
a4fd887
@zachf714
Tweak GPU
74324d0
@zachf714
Add missing kfree in ibmaem.c
dba71b7
@zachf714
add missing declaration of kgdb_init and breakpoint
e18af54
@zachf714
fix return type of __atomic64_add_return
a7c6d48
@zachf714
Overhaul kconfig
09e557b
@RonGokhale @zachf714
drivers: cpufreq: Adding SmartassH3 CPU Governor
95f58a7 
Kanged from nobodyAtall

Change-Id: I479372ad7877a1406d8fa31a2723dc9a1999a002
Signed-off-by: RonGokhale <cips173@gmail.com>

Conflicts:

	drivers/cpufreq/Kconfig
	drivers/cpufreq/Makefile

Conflicts:
	drivers/cpufreq/Kconfig
	drivers/cpufreq/Makefile
@zachf714
Enable the SmartassH3 gov
6b544a9
@zachf714
Revert "Enable the SmartassH3 gov"
d1dd0b1 
This reverts commit 6b544a9.
@zachf714
Revert "drivers: cpufreq: Adding SmartassH3 CPU Governor"
0357ff6 
This reverts commit 95f58a7.
@flar2 @zachf714
exfat filesystem support
bfe0855
@zachf714
Enable exFAT
9df8c28
@peterhurley @zachf714
n_tty: Fix n_tty_write crash when echoing in raw mode
8021c20 
The tty atomic_write_lock does not provide an exclusion guarantee for
the tty driver if the termios settings are LECHO & !OPOST.  And since
it is unexpected and not allowed to call TTY buffer helpers like
tty_insert_flip_string concurrently, this may lead to crashes when
concurrect writers call pty_write. In that case the following two
writers:
* the ECHOing from a workqueue and
* pty_write from the process
race and can overflow the corresponding TTY buffer like follows.

If we look into tty_insert_flip_string_fixed_flag, there is:
  int space = __tty_buffer_request_room(port, goal, flags);
  struct tty_buffer *tb = port->buf.tail;
  ...
  memcpy(char_buf_ptr(tb, tb->used), chars, space);
  ...
  tb->used += space;

so the race of the two can result in something like this:
              A                                B
__tty_buffer_request_room
                                  __tty_buffer_request_room
memcpy(buf(tb->used), ...)
tb->used += space;
                                  memcpy(buf(tb->used), ...) ->BOOM

B's memcpy is past the tty_buffer due to the previous A's tb->used
increment.

Since the N_TTY line discipline input processing can output
concurrently with a tty write, obtain the N_TTY ldisc output_lock to
serialize echo output with normal tty writes.  This ensures the tty
buffer helper tty_insert_flip_string is not called concurrently and
everything is fine.

Note that this is nicely reproducible by an ordinary user using
forkpty and some setup around that (raw termios + ECHO). And it is
present in kernels at least after commit
d945cb9 (pty: Rework the pty layer to
use the normal buffering logic) in 2.6.31-rc3.

js: add more info to the commit log
js: switch to bool
js: lock unconditionally
js: lock only the tty->ops->write call

Change-Id: Ie0b03989fa8cfd6ffe40d1f770044fe7447dda05
References: CVE-2014-0196
Reported-and-tested-by: Jiri Slaby <jslaby@suse.cz>
Signed-off-by: Peter Hurley <peter@hurleysoftware.com>
Signed-off-by: Jiri Slaby <jslaby@suse.cz>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>
Cc: <stable@vger.kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
[bwh: Backported to 3.4: output_lock is a member of struct tty_struct]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.