mirror of
https://github.com/openwrt/openwrt.git
synced 2024-12-25 16:31:13 +00:00
9ce7aa325e
* Refreshed patches. * Patches made redundant by changes upstream: - target/linux/ramips/patches-4.14/0036-mtd-fix-cfi-cmdset-0002-erase-status-check.patch * Patches accepted upstream: - target/linux/apm821xx/patches-4.14/020-0001-crypto-crypto4xx-remove-bad-list_del.patch - target/linux/apm821xx/patches-4.14/020-0011-crypto-crypto4xx-fix-crypto4xx_build_pdr-crypto4xx_b.patch - target/linux/brcm63xx/patches-4.14/001-4.15-08-bcm63xx_enet-correct-clock-usage.patch - target/linux/brcm63xx/patches-4.14/001-4.15-09-bcm63xx_enet-do-not-write-to-random-DMA-channel-on-B.patch - target/linux/generic/backport-4.14/080-net-convert-sock.sk_wmem_alloc-from-atomic_t-to-refc.patch - target/linux/generic/pending-4.14/900-gen_stats-fix-netlink-stats-padding.patch The ext4 regression introduced in 4.14.55 has been fixed by 4.14.60 (commit f547aa20b4f61662ad3e1a2040bb3cc5778f19b0). Fixes the following CVEs: - CVE-2018-10876 - CVE-2018-10877 - CVE-2018-10879 - CVE-2018-10880 - CVE-2018-10881 - CVE-2018-10882 - CVE-2018-10883 Thanks to Stijn Tintel for the CVE list :-). Compile-tested on: ramips/mt7621, x86/64 Run-tested on: ramips/mt7621, x86/64 Signed-off-by: Stijn Segers <foss@volatilesystems.org>
58 lines
2.6 KiB
Diff
58 lines
2.6 KiB
Diff
From: Felix Fietkau <nbd@nbd.name>
|
|
Date: Wed, 18 Apr 2018 10:50:05 +0200
|
|
Subject: [PATCH] MIPS: only process negative stack offsets on stack traces
|
|
|
|
Fixes endless back traces in cases where the compiler emits a stack
|
|
pointer increase in a branch delay slot (probably for some form of
|
|
function return).
|
|
|
|
[ 3.475442] BUG: MAX_STACK_TRACE_ENTRIES too low!
|
|
[ 3.480070] turning off the locking correctness validator.
|
|
[ 3.485521] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 4.14.34 #0
|
|
[ 3.491475] Stack : 00000000 00000000 00000000 00000000 80e0fce2 00000034 00000000 00000000
|
|
[ 3.499764] 87c3838c 80696377 8061047c 00000000 00000001 00000001 87c2d850 6534689f
|
|
[ 3.508059] 00000000 00000000 80e10000 00000000 00000000 000000cf 0000000f 00000000
|
|
[ 3.516353] 00000000 806a0000 00076891 00000000 00000000 00000000 ffffffff 00000000
|
|
[ 3.524648] 806c0000 00000004 80e10000 806a0000 00000003 80690000 00000000 80700000
|
|
[ 3.532942] ...
|
|
[ 3.535362] Call Trace:
|
|
[ 3.537818] [<80010a48>] show_stack+0x58/0x100
|
|
[ 3.542207] [<804c2f78>] dump_stack+0xe8/0x170
|
|
[ 3.546613] [<80079f90>] save_trace+0xf0/0x110
|
|
[ 3.551010] [<8007b1ec>] mark_lock+0x33c/0x78c
|
|
[ 3.555413] [<8007bf48>] __lock_acquire+0x2ac/0x1a08
|
|
[ 3.560337] [<8007de60>] lock_acquire+0x64/0x8c
|
|
[ 3.564846] [<804e1570>] _raw_spin_lock_irqsave+0x54/0x78
|
|
[ 3.570186] [<801b618c>] kernfs_notify+0x94/0xac
|
|
[ 3.574770] [<801b7b10>] sysfs_notify+0x74/0xa0
|
|
[ 3.579257] [<801b618c>] kernfs_notify+0x94/0xac
|
|
[ 3.583839] [<801b7b10>] sysfs_notify+0x74/0xa0
|
|
[ 3.588329] [<801b618c>] kernfs_notify+0x94/0xac
|
|
[ 3.592911] [<801b7b10>] sysfs_notify+0x74/0xa0
|
|
[ 3.597401] [<801b618c>] kernfs_notify+0x94/0xac
|
|
[ 3.601983] [<801b7b10>] sysfs_notify+0x74/0xa0
|
|
[ 3.606473] [<801b618c>] kernfs_notify+0x94/0xac
|
|
[ 3.611055] [<801b7b10>] sysfs_notify+0x74/0xa0
|
|
[ 3.615545] [<801b618c>] kernfs_notify+0x94/0xac
|
|
[ 3.620125] [<801b7b10>] sysfs_notify+0x74/0xa0
|
|
[ 3.624619] [<801b618c>] kernfs_notify+0x94/0xac
|
|
[ 3.629197] [<801b7b10>] sysfs_notify+0x74/0xa0
|
|
[ 3.633691] [<801b618c>] kernfs_notify+0x94/0xac
|
|
[ 3.638269] [<801b7b10>] sysfs_notify+0x74/0xa0
|
|
[ 3.642763] [<801b618c>] kernfs_notify+0x94/0xac
|
|
|
|
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
---
|
|
|
|
--- a/arch/mips/kernel/process.c
|
|
+++ b/arch/mips/kernel/process.c
|
|
@@ -358,6 +358,8 @@ static inline int is_sp_move_ins(union m
|
|
|
|
if (ip->i_format.opcode == addiu_op ||
|
|
ip->i_format.opcode == daddiu_op) {
|
|
+ if (ip->i_format.simmediate > 0)
|
|
+ return 0;
|
|
*frame_size = -ip->i_format.simmediate;
|
|
return 1;
|
|
}
|