Hello !
-Ingo Molnar updates the x86, irq and scheduler trees, HP Anvin
has a quite important e-mail for those that have been following
the evolution of the kernel.org situation :
Hi all, Since the kernel.org status announcement last week a number of you have contacted me about re-establishing credentials. In order to establish a proper PGP web of trust we need keys that are cross-signed by other developers. As such, we ask that you follow the following steps: 1. Make sure your systems are uncompromised. We will address specific recommended steps for that in a separate email. 2. Create a new PGP/GPG key, and also generate a key revocation certificate (but don't import it anywhere -- save it for the future) for your new key. In the near future we are considering setting up an escrow service for key revocation certificates. I recommend using a 4096-bit RSA key. Given how fast computers are these days, there is no reason to use a shorter key. DSA keys should be considered obsolete; substantial weaknesses have been found in DSA. $ gpg --gen-key $ gpg -u -o .revoke --gen-revoke 3. If you are reasonably certain that your old key has never been jeopardized, sign the new key with the old key. $ gpg -u --sign-key If you are *not* sure about your old keys, please revoke them if you haven't already done so (create a revocation certificate and import it into your keyring, then push the key to the key servers.) $ gpg -u -o .revoke --gen-revoke $ gpg --import .revoke $ gpg --keyserver pgp.mit.edu --send-key 4. Upload the signed keys to the keyserver system (I usually use pgp.mit.edu, but most of the keyservers sync with each other with roughly a 24-hour delay.) By publishing the keys we make them available not only to kernel.org but for other uses, like signing email, and you can verify yourself by looking at http://pgp.mit.edu/ if there is someone out there who has published a key with your name on it. Furthermore, it allows us to tap other webs of trust already established. $ gpg --keyserver pgp.mit.edu --send-key 5. Get as many other kernel developers that you have physical access to to sign your key after verifying the fingerprint. Verifying keys over the phone is OK if and only if you know them *extremely* well; think "would I be willing to testify in court that the person I talked to was X"? If you work in an office with multiple other Linux developers, it would be a very good thing to organize a local key signing. We will do a key signing at Kernel Summit for the core kernel developers. A web site with recommendations for running a key signing: http://www.cryptnet.net/fdp/crypto/keysigning_party/en/keysigning_party.html $ gpg --fingerprint $ gpg --keyserver pgp.mit.edu --recv-key $ gpg -u --sign-key $ gpg --keyserver pgp.mit.edu --send-key $ gpg --keyserver pgp.mit.edu --recv-key 6. Please send me the key identifier and fingerprint to . This is a temporary address until the kernel.org MX is ready to put back online; eventually we will probably have a web form interface for this. -hpa
and Greg Kroah Hartman, in a response to the above, tries to give everyone a
few security-related pointers:
The compromise of kernel.org and related machines has made it clear that
some developers, at least, have had their systems penetrated. As we
seek to secure our infrastructure, it is imperative that nobody falls
victim to the belief that it cannot happen to them. We all need to
check our systems for intrusions. Here are some helpful hints as
proposed by a number of developers on how to check to see if your Linux
machine might be infected with something:
0. One way to be sure that your system is not compromised is to simply
do a clean install; we can all benefit from a new start sometimes.
Before reinstalling any systems, though, consider following the steps
below to learn if your system has been hit or not.
1. Install the chkrootkit package from your distro repository and see if it
reports anything. If your distro doesn't have the chkroot package,
download it from:
http://www.chkrootkit.org/
Another tool is the ossec-rootcheck tool which can be found at:
http://www.ossec.net/main/rootcheck
And another one is the rkhunter program:
http://www.rootkit.nl/projects/rootkit_hunter.html
[Note, this tool has the tendancy to give false-positives on some
Debian boxes, please read /usr/share/doc/rkhunter/README.Debian.gz if
you run this on a Debian machine]
2. Verify that your package signatures match what your package manager thinks
they are.
To do this on a rpm-based system, run the following command:
rpm --verify --all
Please read the rpm man page for information on how to interpret the
output of this command.
To do this on a Debian based system, run the following bash snippet:
dpkg -l \*|while read s n rest; do if [ "$s" == "ii" ]; then echo $n;
fi; done > ~/tmp.txt
for f in `cat ~/tmp.txt`; do debsums -s -a $f; done
If you have a source-based system (Gentoo, LFS, etc.) you presumably
know what you are doing already.
3. Verify that your packages are really signed with the distro's keys.
Here's a bash snippet that can do this on a rpm based system to
verify that the packages are signed with any key, not necessarily
your distro's key. That exercise is left for the reader:
for package in `rpm -qa`; do
sig=`rpm -q --qf '%{SIGPGP:pgpsig}\n' $package`
if [ -z "$sig" ] ; then
# check if there is a GPG key, not a PGP one
sig=`rpm -q --qf '%{SIGGPG:pgpsig}\n' $package`
if [ -z "$sig" ] ; then
echo "$package does not have a signature!!!"
fi
fi
done
Unfortunately there is no known way of verifying this on Debian-based
systems.
4. To replace a package that you find suspect, uninstall it and install
it anew from your distro. For example, if you want to reinstall the
ssh daemon, you would do:
$ /etc/init.d/sshd stop
rpm -e openssh
zypper install openssh # for openSUSE based systems
yum install openssh # for Fedora based systems
Ideally do this from a live cdrom boot, using the 'rpm --root' option
to point rpm at the correct location.
5. From a liveCD environment, look for traces such as:
a. Rogue startup scripts in /etc/rc*.d and equivalent directories.
b. Strange directories in /usr/share that do not belong to a package.
This can be checked on an rpm system with the following bash snippet:
for file in `find /usr/share/`; do
package=`rpm -qf -- ${file} | grep "is not owned"`
if [ -n "$package" ] ; then
echo "weird file ${file}, please check this out"
fi
done
6. Look for mysterious log messages, such as:
a. Unexpected logins in wtmp and /var/log/secure*, quite possibly
from legitimate users from unexpected hosts.
b. Any program trying to touch /dev/mem.
c. References to strange (non-text) ssh version strings in
/var/log/secure*. These do not necessarily indicate *successful*
breakins, but they indicate *attempted* breakins which means your
system or IP address has been targeted.
7. If any of the above steps show possible signs of compromise, you
should investigate further and identify the actual cause. If it
becomes clear that the system has indeed been compromised, you should
certainly reinstall the system from the beginning, and change your
credentials on all machines that this machine would have had access
to, or which you connected to through this machine. You will need
to check your other systems carefully, and you should almost
certainly notify the administrators of other systems to which you
have access.
Finally, please note that these hints are not guaranteed to turn up
signs of a compromised systems. There are a lot of attackers out there;
some of them are rather more sophisticated than others. You should
always be on the alert for any sort of unexpected behavior from the
systems you work with.
thanks,
greg k-h
, while Willy Tarreau adds a list of tools and things to do :
I would like to add here a few controls I ran on firewall and system logs,
that are easy to perform and which report few false positives :
- check that communications between your local machines are expected ;
for instance if you have an SSH bouncing machine, it probably receives
tens of thousands of SSH connection attempts from outside every day,
but it should never ever attempt to connect to another machine unless
it's you who are doing it. So checking the firewall logs for SSH
connections on port 22 from local machines should only report your
activity (and nothing should happen when you sleep).
- no SSH log should report failed connection attempts between your
local machines (you do have your keys and remember your password).
And if it happens from time to time (eg: user mismatch between
machines), it should look normal to you. You should never observe
a connection attempt for a user you're not familiar with (eg: admin).
$ grep sshd /var/log/messages
$ grep sshd /var/log/messages | grep 'Invalid user'
- outgoing connections from your laptop, desktop or anything should
never happen when you're not there, unless there is a well known
reason (package updates, browser left open and refreshing ads). All
unexpected activity should be analysed (eg: connections to port 80
not coming from a browser should only match one distro mirror).
This is particularly true for cheap appliances which become more
and more common and are rarely secured. A NAS or media server, a
switch, a WiFi router, etc... has no reason to ever connect anywhere
without you being aware of it (eg: download a firmware update).
- check for suspicious DNS requests from machines that are normally
not accessed. A number of services perform DNS requests when
connected to, in order to log a resolved address. If the machine
was penetrated and the logs wiped, the DNS requests will probably
still lie in the firewall logs. While there's nothing suspect from
a machine that does tens of thousands DNS requests a day, one that
does 10 might be suspect.
- check for outgoing SMTP connections. Most machines probably never
send any mail outside or route them through a specific relay. If
one machine suddenly tries to send mails directly to the outside,
it might be someone trying to steal some data (eg: mail ssh keys).
- check for long holes in logs various service logs. The idea is that
if a system was penetrated and the guy notices he left a number of
traces, he will probably have wiped some logs. A simple way to check
for this is to count the number of events per hour and observe huge
variations. Eg:
$ cut -c1-9 < /var/log/syslog |uniq -c
8490 Oct 1 00
7712 Oct 1 01
8316 Oct 1 02
6743 Oct 1 03
7428 Oct 1 04
7041 Oct 1 05
7762 Oct 1 06
6562 Oct 1 07
7137 Oct 1 08
160 Oct 1 09
Activity looks normal here. Something like this however would be
extremely suspect :
8490 Oct 1 00
712 Oct 1 01
6743 Oct 1 03
- check that you never observe in logs a local address that you
don't know. For instance, if your reverse proxy is on a DMZ which
is provided by the same physical switch as your LAN and your switch
becomes ill and loses all its VLAN configuration, it them becomes
easy to add an alias to the reverse-proxy to connect directly to
LAN machines and bypass a firewall (and its logs).
- it's always a good exercise to check for setuids on all your machines.
You'll generally discover a number of things you did not even suspect
existed and will likely want to remove them. For instance, my file
server had dbus-daemon-launch-helper setuid root. I removed this crap
as dbus has nothing to do on such a machine. Similarly I don't need
fdmount to mount floppies. I might not use floppies often, and if I do,
I know how to use sudo.
$ find / -user root -perm -4000 -ls
- last considerations to keep in mind is that machines which receive
incoming connections from outside should never be able to go out, and
should be isolated in their own LAN. It's not hard to do at all, and
it massively limits the ability to bounce between systems and to steal
information. It also makes firewall logs much more meaningful, provided
they are stored on a support with limited access, of course :-)
Regards,
Willy
-Greg KH announces the release of Linux 3.0.5:
Al Cooper (1):
8250: Fix race condition in serial8250_backup_timeout().
Al Viro (2):
9p: close ACL leaks
restore pinning the victim dentry in vfs_rmdir()/vfs_rename_dir()
Alex Deucher (4):
drm/radeon/kms: add s/r quirk for Compaq Presario V5245EU
drm/radeon/kms: make sure pci max read request size is valid on evergreen+ (v2)
drm/radeon/kms: Make GPU/CPU page size handling consistent in blit code (v2)
drm/radeon/kms: fix DDIA enable on some rs690 systems
Alexandre Bounine (1):
rapidio: fix use of non-compatible registers
Alexey Khoroshilov (1):
carl9170: Fix mismatch in carl9170_op_set_key mutex lock-unlock
Anand Gadiyar (1):
mfd: Make omap-usb-host TLL mode work again
Andiry Xu (2):
xHCI: fix port U3 status check condition
xHCI: report USB2 port in resuming as suspend
Andrew Bird (3):
USB option driver add PID of Huawei Vodafone K3806
USB option driver add PID of Huawei Vodafone K4605
USB option driver K3765/K4505 avoid CDC_DATA interface
Andrew Vasquez (1):
qla2xxx: Correct inadvertent loop state transitions during port-update handling.
Andrey Vagin (1):
x86, perf: Check that current->mm is alive before getting user callchain
Aneesh Kumar K.V (8):
fs/9p: Fid is not valid after a failed clunk.
fs/9p: When doing inode lookup compare qid details and inode mode bits.
fs/9p: Always ask new inode in create
fs/9p: Add fid before dentry instantiation
fs/9p: Don't update file type when updating file attributes
fs/9p: Add OS dependent open flags in 9p protocol
net/9p: Fix kernel crash with msize 512K
fs/9p: Always ask new inode in lookup for cache mode disabled
Anisse Astier (2):
ehci: refactor pci quirk to use standard dmi_check_system method
ehci: add pci quirk for Ordissimo and RM Slate 100 too
Anton Blanchard (4):
ibmveth: Fix leak when recycling skb and hypervisor returns error
ibmveth: Fix issue with DMA mapping failure
ibmveth: Checksum offload is always disabled
perf symbols: Fix ppc64 SEGV in dso__load_sym with debuginfo files
Arjan van de Ven (1):
ALSA: pcm - fix race condition in wait_for_avail()
Arnaud Lacombe (1):
usb/host/pci-quirks.c: correct annotation of `ehci_dmi_nohandoff_table'
Axel Lin (3):
ASoC: soc-jack: Fix checking return value of request_any_context_irq
tty: Add "spi:" prefix for spi modalias
regulator: tps65910: Add missing breaks in switch/case
Ben Hutchings (3):
Revert "sfc: Use write-combining to reduce TX latency" and follow-ups
ALSA: fm801: Fix double free in case of error in tuner detection
ALSA: fm801: Gracefully handle failure of tuner auto-detect
Bhanu Prakash Gollapudi (2):
bnx2fc: Fix kernel panic when deleting NPIV ports
bnx2fc: scsi_dma_unmap() not invoked on IO completions
Bjorn Helgaas (1):
serial: 8250_pnp: add Intermec CV60 touchscreen device
Brian King (1):
ibmveth: Fix DMA unmap error
Carolyn Wyborny (1):
igb: fix WOL on second port of i350 device
Carsten Emde (1):
floppy: use del_timer_sync() in init cleanup
Dan Williams (3):
isci: fix sata response handling
isci: fix 32-bit operation when CONFIG_HIGHMEM64G=n
isci: fix event-get pointer increment
Daniel Baluta (1):
ipv6: Fix ipv6_getsockopt for IPV6_2292PKTOPTIONS
Daniel Schwierzeck (1):
atm: br2684: Fix oops due to skb->dev being NULL
Dave Airlie (1):
drm/radeon/kms: set a default max_pixel_clock
Dave Hansen (3):
make /proc/$pid/numa_maps gather_stats() take variable page size
break out numa_maps gather_pte_stats() checks
teach /proc/$pid/numa_maps about transparent hugepages
David Henningsson (3):
ALSA: HDA: Cirrus - fix "Surround Speaker" volume control name
ALSA: HDA: No power nids on 92HD93
ALSA: HDA: Add support for IDT 92HD93
David S. Miller (3):
sparc: Allow handling signals when stack is corrupted.
sparc64: Set HAVE_C_RECORDMCOUNT
sparc64: Only Panther cheetah+ chips have POPC.
David Vrabel (3):
mm: sync vmalloc address space page tables in alloc_vm_area()
xen: use maximum reservation to limit amount of usable RAM
xen/e820: if there is no dom0_mem=, don't tweak extra_pages.
Dmitry Kravkov (1):
bnx2x: fix hw attention handling
Don Fry (1):
iwlagn: workaround bug crashing some APs
Eddie Wai (1):
cnic: Randomize initial TCP port for iSCSI connections
Eric Dumazet (3):
arp: fix rcu lockdep splat in arp_process()
bridge: fix a possible net_device leak
bridge: fix a possible use after free
Eric Smith (1):
8250_pci: add support for Rosewill RC-305 4x serial port card
Eric Van Hensbergen (1):
net/9p: fix client code to fail more gracefully on protocol error
Felix Fietkau (1):
ath9k_hw: fix calibration on 5 ghz
Fenghua Yu (1):
ACPICA: Do not repair _TSS return package if _PSS is present
Florian Mickler (1):
vp7045: fix buffer setup
Florian Westphal (1):
net_sched: prio: use qdisc_dequeue_peeked
Gao feng (1):
fib:fix BUG_ON in fib_nl_newrule when add new fib rule
Gavin.zhu (1):
USB: option: add YUGA device id to driver
Geert Uytterhoeven (2):
genirq: Make irq_shutdown() symmetric vs. irq_startup again
zorro: Defer device_register() until all devices have been identified
George (2):
rtlwifi: rtl8192su: Fix problem connecting to HT-enabled AP
rtlwifi: Fix problem when switching connections
Girish K S (1):
mmc: sdhci-s3c: Fix mmc card I/O problem
Giuseppe Scrivano (1):
cdc_ncm: fix endianness problem.
Greg Kroah-Hartman (1):
Linux 3.0.5
Guenter Roeck (1):
hwmon: (max16065) Fix current calculation
Hannes Reinecke (1):
block: Free queue resources at blk_release_queue()
Hidetoshi Seto (1):
btrfs: fix d_off in the first dirent
Ian Campbell (1):
sparc: fix array bounds error setting up PCIC NMI trap
Igor Mammedov (1):
xen: x86_32: do not enable iterrupts when returning from exception in interrupt context
James Bottomley (1):
3w-9xxx: fix iommu_iova leak
James Smart (5):
lpfc 8.3.25: T10 DIF Fixes
lpfc 8.3.25: Miscellaneous Bug fixes and code cleanup
lpfc 8.3.25: Adapter Interface fixes and changes
lpfc 8.3.25: Fabric and Target Discovery Fixes
lpfc 8.3.25: PCI and SR-IOV Fixes
Jan Glauber (1):
qdio: clear shared DSCI before scheduling the queue handler
Jarkko Nikula (1):
ASoC: omap-mcbsp: Do not attempt to change DAI sysclk if stream is active
Jarod Wilson (1):
nuvoton-cir: simplify raw IR sample handling
Jean-Christophe PLAGNIOL-VILLARD (1):
USB: ftdi_sio: add Calao reference board support
Jeff Kirsher (1):
e1000: Fix driver to be used on PA RISC C8000 workstations
Jeff Layton (1):
cifs: fix possible memory corruption in CIFSFindNext
Jeff Skirvin (1):
isci: Leave requests alone if already terminating.
Jerome Glisse (1):
drm/radeon/kms: evergreen & ni reset SPI block on CP resume
Jesse Brandeburg (1):
ixgbe: fix possible null buffer error
Jim Garlick (1):
fs/9p: Use protocol-defined value for lock/getlock 'type' field.
Jiri Pirko (1):
vlan: reset headers on accel emulation path
Jiri Slaby (3):
TTY: pty, fix pty counting
ipc/mqueue.c: refactor failure handling
ipc/mqueue.c: fix mq_open() return value
Joerg Roedel (2):
iommu/amd: Don't take domain->lock recursivly
iommu/amd: Make sure iommu->need_sync contains correct value
Johan Hovold (2):
mfd: Fix initialisation of tps65910 interrupts
drivers/leds/ledtrig-timer.c: fix broken sysfs delay handling
Johannes Berg (3):
mac80211: fix missing sta_lock in __sta_info_destroy
iwlagn: fix command queue timeout
iwlagn: fix dangling scan request
John Stanley (1):
savagedb: Fix typo causing regression in savage4 series video chip detection
John Stultz (4):
alarmtimers: Avoid possible null pointer traversal
alarmtimers: Memset itimerspec passed into alarm_timer_get
alarmtimers: Avoid possible denial of service with high freq periodic timers
rtc: Fix RTC PIE frequency limit
Jouni Malinen (1):
cfg80211: Fix validation of AKM suites
Julian Anastasov (2):
ipv4: some rt_iif -> rt_route_iif conversions
netfilter: TCP and raw fix for ip_route_me_harder
KAMEZAWA Hiroyuki (1):
memcg: fix vmscan count in small memcgs
Kashyap, Desai (2):
mpt2sas: Added DID_NO_CONNECT return when driver remove and avoid shutdown call
mpt2sas: Adding support for customer specific branding
Kiran Patil (2):
libfc: Enhancement to RPORT state machine applicable only for VN2VN mode
fcoe: Unable to select the exchangeID from offload pool for storage targets
Kjetil Oftedal (1):
sparc32,sun4d: Change IPI IRQ level to prevent collision between IPI and timer interrupt
Konrad Rzeszutek Wilk (1):
xen/smp: Warn user why they keel over - nosmp or noapic and what to use instead.
Larry Finger (3):
rt2800pci: Fix compiler error on PowerPC
rtl2800usb: Fix incorrect storage of MAC address on big-endian platforms
rtlwifi: rtl8192cu: Fix unitialized struct
Lars-Peter Clausen (2):
ASoC: Blackfin: bf5xx-ad193x: Fix codec device name
ASoC: ssm2602: Re-enable oscillator after suspend
Lasse Collin (1):
XZ: Fix incorrect XZ_BUF_ERROR
Len Brown (1):
acpica: ACPI_MAX_SLEEP should be 2 sec, not 20
Linus Torvalds (1):
firmware loader: allow builtin firmware load even if usermodehelper is disabled
Linus Walleij (2):
ARM: 7081/1: mach-integrator: fix the clocksource
ARM: davinci: fix cache flush build error
Liu Gang-B34182 (1):
arch/powerpc/sysdev/fsl_rio.c: correct IECSR register clear value
Manual Munz (1):
b43: Fix beacon problem in ad-hoc mode
Marcin Slusarz (1):
drm/nouveau: properly handle allocation failure in nouveau_sgdma_populate
Marcin Tomczak (1):
isci: change sas phy timeouts from 54us to 59us
Marek Vasut (1):
ASIX: Add AX88772B USB ID
Mark Brown (2):
ASoC: Fix reporting of partial jack updates
mfd: Fix value of WM8994_CONFIGURE_GPIO
Mark Salyzyn (1):
libsas: fix failure to revalidate domain for anything but the first expander child.
Mathieu Desnoyers (1):
sendmmsg/sendmsg: fix unsafe user pointer access
Matt Carlson (3):
tg3: Fix io failures after chip reset
tg3: Add 5719 and 5720 to EEE_CAP list
tg3: Fix int selftest for recent devices.
Mel Gorman (2):
mm: page allocator: initialise ZLC for first zone eligible for zone_reclaim
mm: page allocator: reconsider zones for allocation after direct reclaim
Michael Chan (4):
cnic: Fix interrupt logic
cnic: Fix race conditions with firmware
cnic: Improve NETDEV_UP event handling
cnic, bnx2: Check iSCSI support early in bnx2_init_one()
Michal Sroczynski (1):
USB: PL2303: correctly handle baudrates above 115200
Michel Dänzer (1):
drm/radeon: Don't read from CP ring write pointer registers.
Mika Westerberg (3):
mmc: rename mmc_host_clk_{ungate|gate} to mmc_host_clk_{hold|release}
mmc: core: prevent aggressive clock gating racing with ios updates
mmc: core: use non-reentrant workqueue for clock gating
Mikael Pettersson (2):
sparc64: remove unnecessary macros from spinlock_64.h
sparc32: unbreak arch_write_unlock()
Mike Christie (2):
iscsi_tcp: fix locking around iscsi sk user data
libiscsi_tcp: fix LLD data allocation
Mike Waychison (1):
tcp: initialize variable ecn_ok in syncookies path
Ming Lei (1):
firewire: ohci: add no MSI quirk for O2Micro controller
Mohammed Shafi Shajakhan (1):
ath9k: Fix PS wrappers in ath9k_set_coverage_class
Naga Chumbalkar (1):
drivers/cpufreq/pcc-cpufreq.c: avoid NULL pointer dereference
Neil Horman (1):
cxgb3i: convert cdev->l2opt to use rcu to prevent NULL dereference
NeilBrown (3):
md/linear: avoid corrupting structure while waiting for rcu_free to complete.
Avoid dereferencing a 'request_queue' after last close.
md: Fix handling for devices from 2TB to 4TB in 0.90 metadata.
Nick Pelly (1):
omap-serial: Allow IXON and IXOFF to be disabled.
Nicolas Pitre (1):
ARM: Dove: fix second SPI initialization call
Nishanth Aravamudan (1):
kernel/printk: do not turn off bootconsole in printk_late_init() if keep_bootcon
Oliver Neukum (1):
Bluetooth: Fix timeout on scanning for the second time
Per Forlin (1):
usb: musb: cppi: fix build errors due to DBG and missing musb variable
Peter Huewe (2):
TPM: Call tpm_transmit with correct size
TPM: Zero buffer after copying to userspace
Prem Karat (1):
fs/9p: Fix invalid mount options/args
Rajkumar Manoharan (2):
wireless: Reset beacon_found while updating regulatory
ath9k_hw: Fix Rx DMA stuck for AR9003 chips
Randy Dunlap (2):
irda: fix smsc-ircc2 section mismatch warning
scsi: qla4xxx needs libiscsi.o
Roland Stigge (1):
hwmon: (ds620) Fix handling of negative temperatures
Russell King (1):
ARM: dma-mapping: free allocated page if unable to map
Sarah Sharp (5):
xhci: Fix memory leak during failed enqueue.
xhci: Fix failed enqueue in the middle of isoch TD.
xhci: Remove TDs from TD lists when URBs are canceled.
xhci: Handle zero-length isochronous packets.
USB: xhci: Set change bit when warm reset change is set.
Scott Jiang (2):
ASoC: ad193x: fix registers definition
ASoC: ad193x: fix dac word len setting
Senthil Balasubramanian (1):
ath9k_hw: Fix STA (AR9485) bringup issue due to incorrect MAC address
Seth Heasley (1):
ahci: RAID-mode SATA patch for Intel Panther Point DeviceIDs
Shmulik Ravid (1):
bnx2x: add missing break in bnx2x_dcbnl_get_cap
Srinivas Kandagatla (1):
ARM: 7014/1: cache-l2x0: Fix L2 Cache size calculation.
Stanislaw Gruszka (6):
rt2x00: do not drop usb dev reference counter on suspend
rt2x00: fix crash in rt2800usb_write_tx_desc
rt2x00: fix crash in rt2800usb_get_txwi
iwlegacy: fix BUG_ON(info->control.rates[0].idx probing on error exit
ALSA: usb-audio: Check for possible chip NULL pointer before clearing probing flag
Thomas Tuttle (1):
workqueue: lock cwq access in drain_workqueue
Tim Chen (1):
scm: Capture the full credentials of the scm sender
Timur Tabi (1):
ASoC: MPC5200: replace of_device with platform_device
Troy Kisky (1):
MXC: iomux-v3: correct NO_PAD_CTRL definition
Vasily Averin (1):
aacraid: reset should disable MSI interrupt
Venkateswararao Jujjuri (JV) (1):
net/9p: Fix the msize calculation.
WANG Cong (1):
sched: Fix a memory leak in __sdt_free()
Wang Zhi (1):
USB: EHCI: Do not rely on PORT_SUSPEND to stop USB resuming in ehci_bus_resume().
Wanlong Gao (1):
blk-cgroup: be able to remove the record of unplugged device
Will Deacon (2):
ARM: 7091/1: errata: D-cache line maintenance operation by MVA may not succeed
ARM: 7099/1: futex: preserve oldval in SMP __futex_atomic_op
Wu Fengguang (2):
writeback: introduce .tagged_writepages for the WB_SYNC_NONE sync stage
writeback: update dirtied_when for synced inode to prevent livelock
Yan, Zheng (2):
mcast: Fix source address selection for multicast listener report
bridge: Pseudo-header required for the checksum of ICMPv6
Youquan Song (1):
perf, x86: Add model 45 SandyBridge support
Yulgon Kim (1):
usb: s5p-ehci: fix a NULL pointer deference
Zheng Yan (1):
tcp: fix validation of D-SACK
jvrao (2):
Fix the size of receive buffer packing onto VirtIO ring.
VirtIO can transfer VIRTQUEUE_NUM of pages.
[...]
The updated 3.0.y git tree can be found at (NOTE THE ADDRESS CHANGE):
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git
and can be browsed at the normal kernel.org git web browser:
http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
-The same Greg announces 3.0.6 :
I'm announcing the release of the 3.0.6 kernel.
There was a build error in the radeon driver of the 3.0.5 kernel, so
this update is only needed if you have problems building that kernel.
The updated 3.0.y git tree can be found at (NOTE THE ADDRESS CHANGE):
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git
and can be browsed at the normal kernel.org git web browser:
http://git.kernel.org/?p=linux/kernel/git/stable/linux-stable.git;a=summary
-Dave Airlie has drm fixes, radeon-related, as follows:
all radeon fixes, one nasty startup crash and/or memory corruption on one
family of radeon hd6450s resulted in a patch to stop setting a bunch of
regs in the drivers and let the BIOS set them correctly, displayport
regression fix, and some off-by-one in the cursor code around the corners
of the screens.
its a bit bigger than I'd like but the register setting removal had to
remove the unused functions.
[snip...]
Alex Deucher (4):
drm/radeon/kms: fix regression in DP aux defer handling
drm/radeon/kms: add retry limits for native DP aux defer
drm/radeon/kms: Fix logic error in DP HPD handler
drm/radeon/kms: fix channel_remap setup (v2)
Michel Dänzer (3):
drm/radeon: Simplify cursor x/yorigin calculation.
drm/radeon: Update AVIVO cursor coordinate origin before x/yorigin calculation.
drm/radeon: Set cursor x/y to 0 when x/yorigin > 0.
Nicholas Miell (1):
drm/radeon/kms: fix cursor image off-by-one error
-David Miller has some networking fixes:
1) ipv6 accepted sockets forget to clear out ipv6_ac_list and ipv6_fl_list
causing crashes later. Fix from Zheng Yan.
2) RDSRDMA refcounting is busted, resulting in leaks and crashes on module
unload. Fix from Jonathan Lallinger.
3) Because of bugs in error code propagation, ibmveth gets OOPS when
request_irq() fails. Fix from Brian King.
4) Due to missing state checks, workqueues can get queued up after a bond
is shutdown, crashing us on unload. Fix from Andy Gospodarek.
5) Fix off-by-one corrupter in CAN BCM, from Oliver Hartkopp.
6) When link is brought down, pch_gbe can hang in NAPI poll or disable
HW interrupts forever. Fix from Toshiharu Okada.
7) When socket state overflow changes were added, this broke AF_PACKET
statistic reporting in the non-ring case. Fix from Willem de Bruijn.
8) PTP classifier incorrectly interprets general messages as event messages.
Fix from Richard Cochran.
9) XEN netback driver was broken by the commit that converted it to
hw_features. TX was never restarted correctly after a VM restore/migrate.
Fix from David Vrabel.
10) EEH recovery doesn't work in cxgb4 driver on PPC, need to set ->needs_freset.
Fix from Divy Le Ray.
[snip...]
Andy Gospodarek (1):
bonding: properly stop queuing work when requested
Brian King (1):
ibmveth: Fix oops on request_irq failure
David Vrabel (1):
net: xen-netback: correctly restart Tx after a VM restore/migrate
Divy Le Ray (1):
cxgb4: Fix EEH on IBM P7IOC
Ian Campbell (1):
MAINTAINERS: tehuti: Alexander Indenbaum's address bounces
Jonathan Lallinger (1):
RDSRDMA: Fix cleanup of rds_iw_mr_pool
Oliver Hartkopp (2):
can bcm: fix tx_setup off-by-one errors
can bcm: fix incomplete tx_setup fix
Richard Cochran (2):
ptp: fix L2 event message recognition
dp83640: reduce driver noise
Roy.Li (1):
net: Documentation: Fix type of variables
Toshiharu Okada (2):
pch_gbe: Fixed the issue on which PC was frozen when link was downed.
pch_gbe: Fixed the issue on which a network freezes
Willem de Bruijn (1):
make PACKET_STATISTICS getsockopt report consistently between ring and non-ring
Yan, Zheng (1):
ipv6: nullify ipv6_ac_list and ipv6_fl_list when creating new socket
-Linus Torvalds announces 3.1-rc9:
Another week, another -rc.
On the kernel front, not a huge amount of changes. That said, by now,
there had better not be - and I definitely wouldn't have minded having
even fewer changes. But the fixes that are here are generally pretty
small, and the diffstat really doesn't look all that scary - there
really aren't *big* changes anywhere.
The things that do stand out a bit: some DRM fixes (radeon and i915),
various network drivers, some ceph fixes - and just lots of random
small stuff. The sparc updates are tiny (T4/T5 detection), but even so
are the bulk of the arch changes, things really have been that quiet.
The more noticeable change isn't actually to the code at all, it's
that kernel.org is starting to have parts of it come up again, so you
can now find the kernel sources back in the traditional location:
git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
(although I am also updating github in case you cloned from there, so
you don't *have* to change).
Also, since I now have a new stronger gpg key, and that new key
actually ends up being signed by more people than the old one ever was
(at least people I *know*), I decided I might as well switch to that
one. So if you are the kind of person who verifies tags, you may want
to do
gpg --recv-keys 00411886
to get my new key, so that "git verify-tag" will work for you.
(Key fingerprint = ABAF 11C6 5A29 70B1 30AB E3C4 79BE 3E43 0041 1886)
Obviously, in order to trust that that is actually really my key
rather than just blindly believe this email that could easily have
been faked by some Linux wannabe), you'd need to check it. But since
it's signed with my old tag signing key, you shouldn't have any more
trust issues with the new one than you should have with the old key.
Or you can try to follow the chain of trust of the other key signers -
some of them have way more signatures than I ever had and are pretty
well connected.
Anything else worth mentioning? Hopefully the PCIe issues with MPS
tuning are all behind us, for the simple reason that we just disabled
them for now, and will revisit it for 3.2. And the occasional oopses
with USB disk removal should now be fixed once and for all (knock
wood). Anything else should be really esoteric and device-specific,
you can get a feel for it in the shortlog.
Go forth and test,
Linus
Alex Deucher (4):
drm/radeon/kms: fix regression in DP aux defer handling
drm/radeon/kms: add retry limits for native DP aux defer
drm/radeon/kms: Fix logic error in DP HPD handler
drm/radeon/kms: fix channel_remap setup (v2)
Andy Gospodarek (1):
bonding: properly stop queuing work when requested
Antonio Quartulli (1):
batman-adv: do_bcast has to be true for broadcast packets only
Archit Taneja (1):
[media] OMAP_VOUT: Fix build break caused by update_mode removal in DSS2
Arnd Bergmann (2):
ASoC: use a valid device for dev_err() in Zylonite
ASoC: omap_mcpdm_remove cannot be __devexit
Axel Lin (1):
ASoC: Fix setting update bits for WM8753_LADC and WM8753_RADC
Ben Greear (2):
ipv6-multicast: Fix memory leak in input path.
ipv6-multicast: Fix memory leak in IPv6 multicast.
Benjamin Herrenschmidt (1):
powerpc: Fix device-tree matching for Apple U4 bridge
Borislav Petkov (1):
ide-disk: Fix request requeuing
Brian King (1):
ibmveth: Fix oops on request_irq failure
Carsten Otte (1):
[S390] gmap: always up mmap_sem properly
Dave Young (1):
[media] v4l: Make sure we hold a reference to the v4l2_device
before using it
David S. Miller (3):
sparc64: Future proof Niagara cpu detection.
sparc: Make '-p' boot option meaningful again.
sparc64: Force the execute bit in OpenFirmware's translation entries.
David Vrabel (1):
net: xen-netback: correctly restart Tx after a VM restore/migrate
Divy Le Ray (1):
cxgb4: Fix EEH on IBM P7IOC
Dmitry Kravkov (2):
bnx2x: fix hw attention handling
bnx2x: fix WOL by enablement PME in config space
Guenter Roeck (1):
hwmon: (coretemp) Avoid leaving around dangling pointer
Hannes Reinecke (1):
block: Free queue resources at blk_release_queue()
Hans Verkuil (1):
[media] v4l: Fix use-after-free case in v4l2_device_release
Ian Campbell (1):
MAINTAINERS: tehuti: Alexander Indenbaum's address bounces
James Bottomley (1):
[SCSI] 3w-9xxx: fix iommu_iova leak
Jason Wang (1):
net: fix a typo in Documentation/networking/scaling.txt
Jean Delvare (1):
hwmon: (coretemp) Fixup platform device ID change
Jim Schutt (1):
libceph: initialize ack_stamp to avoid unnecessary connection reset
Jiri Olsa (1):
perf tools: Fix raw sample reading
Joerg Roedel (1):
[media] omap3isp: Fix build error in ispccdc.c
Johannes Berg (1):
iwlagn: fix dangling scan request
Jon Mason (1):
PCI: Disable MPS configuration by default
Jonathan Lallinger (1):
RDSRDMA: Fix cleanup of rds_iw_mr_pool
Josef Bacik (1):
Btrfs: force a page fault if we have a shorty copy on a page boundary
Jouni Malinen (1):
cfg80211: Fix validation of AKM suites
Keith Packard (2):
drm/i915: Enable dither whenever display bpc 0.
Ming Lei (1):
[media] uvcvideo: Set alternate setting 0 on resume if the bus
has been reset
Mohammed Shafi Shajakhan (1):
ath9k: Fix a dma warning/memory leak
Neil Horman (1):
[SCSI] cxgb3i: convert cdev->l2opt to use rcu to prevent NULL dereference
Nicholas Miell (1):
drm/radeon/kms: fix cursor image off-by-one error
Noah Watkins (1):
libceph: fix parse options memory leak
Oliver Hartkopp (2):
can bcm: fix tx_setup off-by-one errors
can bcm: fix incomplete tx_setup fix
Peter Oberparleiter (1):
[S390] cio: fix cio_tpi ignoring adapter interrupts
Peter Zijlstra (1):
posix-cpu-timers: Cure SMP wobbles
Rajkumar Manoharan (1):
ath9k_hw: Fix Rx DMA stuck for AR9003 chips
Ram Pai (1):
Resource: fix wrong resource window calculation
Randy Dunlap (1):
[SCSI] scsi: qla4xxx needs libiscsi.o
Richard Cochran (2):
ptp: fix L2 event message recognition
dp83640: reduce driver noise
Rob Herring (2):
irq: Add declaration of irq_domain_simple_ops to irqdomain.h
irq: Fix check for already initialized irq_domain in irq_domain_add
Roy.Li (1):
net: Documentation: Fix type of variables
Sage Weil (3):
libceph: fix linger request requeuing
libceph: fix pg_temp mapping calculation
libceph: fix pg_temp mapping update
Shawn Bohrer (1):
sched/rt: Migrate equal priority tasks to available CPUs
Shmulik Ravid (1):
bnx2x: add missing break in bnx2x_dcbnl_get_cap
Simon Farnsworth (1):
drm/i915: Enable SDVO hotplug interrupts for HDMI and DVI
Simon Kirby (1):
sched: Fix up wchan borkage
Stanislaw Gruszka (2):
iwlegacy: fix command queue timeout
iwlegacy: do not use interruptible waits
Takashi Iwai (2):
ALSA: hda - Fix a regression of the position-buffer check
lis3: fix regression of HP DriveGuard with 8bit chip
Tomoya MORINAGA (5):
spi-topcliff-pch: add tx-memory clear after complete transmitting
spi-topcliff-pch: Fix SSN Control issue
spi-topcliff-pch: Fix CPU read complete condition issue
spi-topcliff-pch: Add recovery processing in case FIFO overrun
error occurs
spi-topcliff-pch: Fix overrun issue
Toshiharu Okada (2):
pch_gbe: Fixed the issue on which PC was frozen when link was downed.
pch_gbe: Fixed the issue on which a network freezes
Vasily Averin (1):
[SCSI] aacraid: reset should disable MSI interrupt
Willem de Bruijn (1):
make PACKET_STATISTICS getsockopt report consistently between
ring and non-ring
Wu Fengguang (1):
writeback: show raw dirtied_when in trace writeback_single_inode
Yan, Zheng (1):
ipv6: nullify ipv6_ac_list and ipv6_fl_list when creating new socket
wangyanqing (1):
bootup: move 'usermodehelper_enable()' a little earlier
-Arnaldo Carvalho de Melo announces perf/core fixes:
1. Have total consistency with 'report' 2. Allow --sort to be used to have more views than just 'dso, symbol' Try 'perf top --sort comm' or 'pid' for instance 3. All the goodies in the TUI, like zooming in/out threads, dsos, etc 4. Integration with Live Annotation 5. In the live annotation window, navigate to functions called by the one being annotated (x86_64 only right now). This is just an experimentation in increasing the integration of the multiple perf tools, more of this kind to come. 6. Initial callchain support, not yet decaying it over time as the main view. Also in this batch is the work Stephane did on including information about the machine where the perf.data file was collected. Regards, - Arnaldo Arnaldo Carvalho de Melo (13): perf hists: Stop using 'self' for struct hists perf hists: Allow limiting the number of rows and columns in fprintf perf report: Add option to show total period perf hists: Threaded addition and sorting of entries perf browsers: Add live mode to the hists, annotate browsers perf top: Reuse the 'report' hist_entry/hists classes perf top: Add callgraph support perf annotate browser: Allow navigation to called functions perf top: Use the TUI interface by default perf annotate browser: Use -> to navigate on assembly lines perf hists browser: Don't offer symbol actions when symbols not on --sort perf hists browser: Fix TAB/UNTAB use with multiple events perf hists browser: Update the browser.nr_entries after the timer Stephane Eranian (2): perf tools: Fix broken number of samples for perf report -n perf tools: Make perf.data more self-descriptive (v8)
-A few networking fixes from David Miller:
1) MD5 signature pool leak fix in TCP, from Zheng Yan.
2) Fix carrier state regression in bridging, from Stephen Hemminger.
3) Unicast forwards between macvtap interfaces should use
dev_forward_skb() not the vlan->forward() method. Fix from David
Ward.
4) TCP's lost_cnt_hint is updated one too many times in some situations,
fix from Zheng Yan.
5) netfilter needs to use rwlock_init(), from Thomas Gleixner.
[snip...]
Benjamin Poirier (1):
net: fix typos in Documentation/networking/scaling.txt
David Ward (1):
macvlan/macvtap: Fix unicast between macvtap interfaces in bridge mode
Thomas Gleixner (1):
netfilter: Use proper rwlock init function
Yan, Zheng (2):
tcp: properly handle md5sig_pool references
tcp: properly update lost_cnt_hint during shifting
stephen hemminger (1):
bridge: leave carrier on for empty bridge
-That’s it for this week, take care.
thanks for the useful info