From: Greg Kroah-Hartman Date: Sun, 19 Oct 2014 23:18:56 +0000 (+0800) Subject: 3.14-stable patches X-Git-Tag: v3.10.59~39 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=3374347f2fcaeeafeea8399e1de061b1dd035ee1;p=thirdparty%2Fkernel%2Fstable-queue.git 3.14-stable patches added patches: fs-add-a-missing-permission-check-to-do_umount.patch pci_ids-add-support-for-intel-quark-ilb.patch usb-pch_udc-usb-gadget-device-support-for-intel-quark-x1000.patch --- diff --git a/queue-3.14/fs-add-a-missing-permission-check-to-do_umount.patch b/queue-3.14/fs-add-a-missing-permission-check-to-do_umount.patch new file mode 100644 index 00000000000..76e0e5ba708 --- /dev/null +++ b/queue-3.14/fs-add-a-missing-permission-check-to-do_umount.patch @@ -0,0 +1,32 @@ +From a1480dcc3c706e309a88884723446f2e84fedd5b Mon Sep 17 00:00:00 2001 +From: Andy Lutomirski +Date: Wed, 8 Oct 2014 12:32:47 -0700 +Subject: fs: Add a missing permission check to do_umount + +From: Andy Lutomirski + +commit a1480dcc3c706e309a88884723446f2e84fedd5b upstream. + +Accessing do_remount_sb should require global CAP_SYS_ADMIN, but +only one of the two call sites was appropriately protected. + +Fixes CVE-2014-7975. + +Signed-off-by: Andy Lutomirski +Signed-off-by: Greg Kroah-Hartman + +--- + fs/namespace.c | 2 ++ + 1 file changed, 2 insertions(+) + +--- a/fs/namespace.c ++++ b/fs/namespace.c +@@ -1365,6 +1365,8 @@ static int do_umount(struct mount *mnt, + * Special case for "unmounting" root ... + * we just try to remount it readonly. + */ ++ if (!capable(CAP_SYS_ADMIN)) ++ return -EPERM; + down_write(&sb->s_umount); + if (!(sb->s_flags & MS_RDONLY)) + retval = do_remount_sb(sb, MS_RDONLY, NULL, 0); diff --git a/queue-3.14/pci_ids-add-support-for-intel-quark-ilb.patch b/queue-3.14/pci_ids-add-support-for-intel-quark-ilb.patch new file mode 100644 index 00000000000..476cdf9d14d --- /dev/null +++ b/queue-3.14/pci_ids-add-support-for-intel-quark-ilb.patch @@ -0,0 +1,33 @@ +From bb048713bba3ead39f6112910906d9fe3f88ede7 Mon Sep 17 00:00:00 2001 +From: Josef Ahmad +Date: Tue, 2 Sep 2014 13:45:20 +0300 +Subject: pci_ids: Add support for Intel Quark ILB + +From: Josef Ahmad + +commit bb048713bba3ead39f6112910906d9fe3f88ede7 upstream. + +This patch adds the PCI id for Intel Quark ILB. +It will be used for GPIO and Multifunction device driver. + +Signed-off-by: Josef Ahmad +Acked-by: Bjorn Helgaas +Signed-off-by: Andy Shevchenko +Signed-off-by: Lee Jones +Signed-off-by: Chang Rebecca Swee Fun +Signed-off-by: Greg Kroah-Hartman + +--- + include/linux/pci_ids.h | 1 + + 1 file changed, 1 insertion(+) + +--- a/include/linux/pci_ids.h ++++ b/include/linux/pci_ids.h +@@ -2551,6 +2551,7 @@ + #define PCI_DEVICE_ID_INTEL_MFD_EMMC0 0x0823 + #define PCI_DEVICE_ID_INTEL_MFD_EMMC1 0x0824 + #define PCI_DEVICE_ID_INTEL_MRST_SD2 0x084F ++#define PCI_DEVICE_ID_INTEL_QUARK_X1000_ILB 0x095E + #define PCI_DEVICE_ID_INTEL_I960 0x0960 + #define PCI_DEVICE_ID_INTEL_I960RM 0x0962 + #define PCI_DEVICE_ID_INTEL_CENTERTON_ILB 0x0c60 diff --git a/queue-3.14/series b/queue-3.14/series index 3aff91ba573..586aa0b3d0f 100644 --- a/queue-3.14/series +++ b/queue-3.14/series @@ -5,3 +5,6 @@ btrfs-try-not-to-enospc-on-log-replay.patch btrfs-cleanup-error-handling-in-build_backref_tree.patch btrfs-fix-build_backref_tree-issue-with-multiple-shared-blocks.patch btrfs-fix-race-in-wait_sync-ioctl.patch +fs-add-a-missing-permission-check-to-do_umount.patch +usb-pch_udc-usb-gadget-device-support-for-intel-quark-x1000.patch +pci_ids-add-support-for-intel-quark-ilb.patch diff --git a/queue-3.14/usb-pch_udc-usb-gadget-device-support-for-intel-quark-x1000.patch b/queue-3.14/usb-pch_udc-usb-gadget-device-support-for-intel-quark-x1000.patch new file mode 100644 index 00000000000..144cd440547 --- /dev/null +++ b/queue-3.14/usb-pch_udc-usb-gadget-device-support-for-intel-quark-x1000.patch @@ -0,0 +1,110 @@ +From a68df7066a6f974db6069e0b93c498775660a114 Mon Sep 17 00:00:00 2001 +From: Bryan O'Donoghue +Date: Mon, 4 Aug 2014 10:22:54 -0700 +Subject: usb: pch_udc: usb gadget device support for Intel Quark X1000 + +From: Bryan O'Donoghue + +commit a68df7066a6f974db6069e0b93c498775660a114 upstream. + +This patch is to enable the USB gadget device for Intel Quark X1000 + +Signed-off-by: Bryan O'Donoghue +Signed-off-by: Bing Niu +Signed-off-by: Alvin (Weike) Chen +Signed-off-by: Felipe Balbi +Signed-off-by: Chang Rebecca Swee Fun +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/usb/gadget/Kconfig | 3 ++- + drivers/usb/gadget/pch_udc.c | 22 +++++++++++++++++++--- + 2 files changed, 21 insertions(+), 4 deletions(-) + +--- a/drivers/usb/gadget/Kconfig ++++ b/drivers/usb/gadget/Kconfig +@@ -445,7 +445,7 @@ config USB_GOKU + gadget drivers to also be dynamically linked. + + config USB_EG20T +- tristate "Intel EG20T PCH/LAPIS Semiconductor IOH(ML7213/ML7831) UDC" ++ tristate "Intel QUARK X1000/EG20T PCH/LAPIS Semiconductor IOH(ML7213/ML7831) UDC" + depends on PCI + help + This is a USB device driver for EG20T PCH. +@@ -466,6 +466,7 @@ config USB_EG20T + ML7213/ML7831 is companion chip for Intel Atom E6xx series. + ML7213/ML7831 is completely compatible for Intel EG20T PCH. + ++ This driver can be used with Intel's Quark X1000 SOC platform + # + # LAST -- dummy/emulated controller + # +--- a/drivers/usb/gadget/pch_udc.c ++++ b/drivers/usb/gadget/pch_udc.c +@@ -343,6 +343,7 @@ struct pch_vbus_gpio_data { + * @setup_data: Received setup data + * @phys_addr: of device memory + * @base_addr: for mapped device memory ++ * @bar: Indicates which PCI BAR for USB regs + * @irq: IRQ line for the device + * @cfg_data: current cfg, intf, and alt in use + * @vbus_gpio: GPIO informaton for detecting VBUS +@@ -370,14 +371,17 @@ struct pch_udc_dev { + struct usb_ctrlrequest setup_data; + unsigned long phys_addr; + void __iomem *base_addr; ++ unsigned bar; + unsigned irq; + struct pch_udc_cfg_data cfg_data; + struct pch_vbus_gpio_data vbus_gpio; + }; + #define to_pch_udc(g) (container_of((g), struct pch_udc_dev, gadget)) + ++#define PCH_UDC_PCI_BAR_QUARK_X1000 0 + #define PCH_UDC_PCI_BAR 1 + #define PCI_DEVICE_ID_INTEL_EG20T_UDC 0x8808 ++#define PCI_DEVICE_ID_INTEL_QUARK_X1000_UDC 0x0939 + #define PCI_VENDOR_ID_ROHM 0x10DB + #define PCI_DEVICE_ID_ML7213_IOH_UDC 0x801D + #define PCI_DEVICE_ID_ML7831_IOH_UDC 0x8808 +@@ -3076,7 +3080,7 @@ static void pch_udc_remove(struct pci_de + iounmap(dev->base_addr); + if (dev->mem_region) + release_mem_region(dev->phys_addr, +- pci_resource_len(pdev, PCH_UDC_PCI_BAR)); ++ pci_resource_len(pdev, dev->bar)); + if (dev->active) + pci_disable_device(pdev); + kfree(dev); +@@ -3144,9 +3148,15 @@ static int pch_udc_probe(struct pci_dev + dev->active = 1; + pci_set_drvdata(pdev, dev); + ++ /* Determine BAR based on PCI ID */ ++ if (id->device == PCI_DEVICE_ID_INTEL_QUARK_X1000_UDC) ++ dev->bar = PCH_UDC_PCI_BAR_QUARK_X1000; ++ else ++ dev->bar = PCH_UDC_PCI_BAR; ++ + /* PCI resource allocation */ +- resource = pci_resource_start(pdev, 1); +- len = pci_resource_len(pdev, 1); ++ resource = pci_resource_start(pdev, dev->bar); ++ len = pci_resource_len(pdev, dev->bar); + + if (!request_mem_region(resource, len, KBUILD_MODNAME)) { + dev_err(&pdev->dev, "%s: pci device used already\n", __func__); +@@ -3212,6 +3222,12 @@ finished: + + static const struct pci_device_id pch_udc_pcidev_id[] = { + { ++ PCI_DEVICE(PCI_VENDOR_ID_INTEL, ++ PCI_DEVICE_ID_INTEL_QUARK_X1000_UDC), ++ .class = (PCI_CLASS_SERIAL_USB << 8) | 0xfe, ++ .class_mask = 0xffffffff, ++ }, ++ { + PCI_DEVICE(PCI_VENDOR_ID_INTEL, PCI_DEVICE_ID_INTEL_EG20T_UDC), + .class = (PCI_CLASS_SERIAL_USB << 8) | 0xfe, + .class_mask = 0xffffffff,