--- /dev/null
+From 1c1fb9b0c89a2506e556114c813a606bc1508d49 Mon Sep 17 00:00:00 2001
+From: Krzysztof Kozlowski <k.kozlowski@samsung.com>
+Date: Wed, 25 Nov 2015 13:09:43 +0900
+Subject: ARM: exynos_defconfig: Enable NFSv4 client
+
+From: Krzysztof Kozlowski <k.kozlowski@samsung.com>
+
+commit 1c1fb9b0c89a2506e556114c813a606bc1508d49 upstream.
+
+NFS client is already enabled (NFS_FS) and by default it enables clients
+for version 2 and 3. Enable explicitly the version 4 client to utilize
+the newer protocol.
+
+The NFS client is especially useful for testing kernel in automated
+environments (network boot with network file system).
+
+Signed-off-by: Krzysztof Kozlowski <k.kozlowski@samsung.com>
+Reviewed-by: Javier Martinez Canillas <javier@osg.samsung.com>
+Signed-off-by: Guillaume Tucker <guillaume.tucker@collabora.com>
+Reviewed-by: Krzysztof Kozlowski <krzk@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/arm/configs/exynos_defconfig | 1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/arch/arm/configs/exynos_defconfig
++++ b/arch/arm/configs/exynos_defconfig
+@@ -175,6 +175,7 @@ CONFIG_TMPFS_POSIX_ACL=y
+ CONFIG_CRAMFS=y
+ CONFIG_ROMFS_FS=y
+ CONFIG_NFS_FS=y
++CONFIG_NFS_V4=y
+ CONFIG_ROOT_NFS=y
+ CONFIG_NLS_CODEPAGE_437=y
+ CONFIG_NLS_ASCII=y
--- /dev/null
+From 19f79ccf6d77409cd138bce8db206cdac7fd5ea7 Mon Sep 17 00:00:00 2001
+From: Javier Martinez Canillas <javier.martinez@collabora.co.uk>
+Date: Fri, 27 Mar 2015 01:50:16 +0900
+Subject: ARM: exynos_defconfig: Enable options to mount a rootfs via NFS
+
+From: Javier Martinez Canillas <javier.martinez@collabora.co.uk>
+
+commit 19f79ccf6d77409cd138bce8db206cdac7fd5ea7 upstream.
+
+This patch enables the options to mount a rootfs over NFS and also
+support for automatic configuration of IP addresses during boot as
+needed by NFS.
+
+Signed-off-by: Javier Martinez Canillas <javier.martinez@collabora.co.uk>
+Signed-off-by: Kukjin Kim <kgene@kernel.org>
+Signed-off-by: Guillaume Tucker <guillaume.tucker@collabora.com>
+Reviewed-by: Krzysztof Kozlowski <krzk@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/arm/configs/exynos_defconfig | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/arch/arm/configs/exynos_defconfig
++++ b/arch/arm/configs/exynos_defconfig
+@@ -33,6 +33,10 @@ CONFIG_PACKET=y
+ CONFIG_UNIX=y
+ CONFIG_NET_KEY=y
+ CONFIG_INET=y
++CONFIG_IP_PNP=y
++CONFIG_IP_PNP_DHCP=y
++CONFIG_IP_PNP_BOOTP=y
++CONFIG_IP_PNP_RARP=y
+ CONFIG_RFKILL_REGULATOR=y
+ CONFIG_UEVENT_HELPER_PATH="/sbin/hotplug"
+ CONFIG_DEVTMPFS=y
+@@ -170,6 +174,8 @@ CONFIG_TMPFS=y
+ CONFIG_TMPFS_POSIX_ACL=y
+ CONFIG_CRAMFS=y
+ CONFIG_ROMFS_FS=y
++CONFIG_NFS_FS=y
++CONFIG_ROOT_NFS=y
+ CONFIG_NLS_CODEPAGE_437=y
+ CONFIG_NLS_ASCII=y
+ CONFIG_NLS_ISO8859_1=y
--- /dev/null
+From 794b4bc292f5d31739d89c0202c54e7dc9bc3add Mon Sep 17 00:00:00 2001
+From: Eric Biggers <ebiggers@google.com>
+Date: Thu, 8 Jun 2017 14:48:18 +0100
+Subject: KEYS: encrypted: fix buffer overread in valid_master_desc()
+
+From: Eric Biggers <ebiggers@google.com>
+
+commit 794b4bc292f5d31739d89c0202c54e7dc9bc3add upstream.
+
+With the 'encrypted' key type it was possible for userspace to provide a
+data blob ending with a master key description shorter than expected,
+e.g. 'keyctl add encrypted desc "new x" @s'. When validating such a
+master key description, validate_master_desc() could read beyond the end
+of the buffer. Fix this by using strncmp() instead of memcmp(). [Also
+clean up the code to deduplicate some logic.]
+
+Cc: Mimi Zohar <zohar@linux.vnet.ibm.com>
+Signed-off-by: Eric Biggers <ebiggers@google.com>
+Signed-off-by: David Howells <dhowells@redhat.com>
+Signed-off-by: James Morris <james.l.morris@oracle.com>
+Signed-off-by: Jin Qian <jinqian@google.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ security/keys/encrypted-keys/encrypted.c | 31 +++++++++++++++----------------
+ 1 file changed, 15 insertions(+), 16 deletions(-)
+
+--- a/security/keys/encrypted-keys/encrypted.c
++++ b/security/keys/encrypted-keys/encrypted.c
+@@ -141,23 +141,22 @@ static int valid_ecryptfs_desc(const cha
+ */
+ static int valid_master_desc(const char *new_desc, const char *orig_desc)
+ {
+- if (!memcmp(new_desc, KEY_TRUSTED_PREFIX, KEY_TRUSTED_PREFIX_LEN)) {
+- if (strlen(new_desc) == KEY_TRUSTED_PREFIX_LEN)
+- goto out;
+- if (orig_desc)
+- if (memcmp(new_desc, orig_desc, KEY_TRUSTED_PREFIX_LEN))
+- goto out;
+- } else if (!memcmp(new_desc, KEY_USER_PREFIX, KEY_USER_PREFIX_LEN)) {
+- if (strlen(new_desc) == KEY_USER_PREFIX_LEN)
+- goto out;
+- if (orig_desc)
+- if (memcmp(new_desc, orig_desc, KEY_USER_PREFIX_LEN))
+- goto out;
+- } else
+- goto out;
++ int prefix_len;
++
++ if (!strncmp(new_desc, KEY_TRUSTED_PREFIX, KEY_TRUSTED_PREFIX_LEN))
++ prefix_len = KEY_TRUSTED_PREFIX_LEN;
++ else if (!strncmp(new_desc, KEY_USER_PREFIX, KEY_USER_PREFIX_LEN))
++ prefix_len = KEY_USER_PREFIX_LEN;
++ else
++ return -EINVAL;
++
++ if (!new_desc[prefix_len])
++ return -EINVAL;
++
++ if (orig_desc && strncmp(new_desc, orig_desc, prefix_len))
++ return -EINVAL;
++
+ return 0;
+-out:
+- return -EINVAL;
+ }
+
+ /*
qlcnic-fix-deadlock-bug.patch
r8169-fix-rtl8168ep-take-too-long-to-complete-driver-initialization.patch
tcp-release-sk_frag.page-in-tcp_disconnect.patch
+arm-exynos_defconfig-enable-options-to-mount-a-rootfs-via-nfs.patch
+arm-exynos_defconfig-enable-nfsv4-client.patch
+keys-encrypted-fix-buffer-overread-in-valid_master_desc.patch
projects / thirdparty / kernel / stable-queue.git / commitdiff
