3.7.2-201.fc18.gnu

6 files changed, 23 insertions, 175 deletions

diff --git a/freed-ora/current/f18/Bluetooth-Add-support-for-BCM20702A0.patch b/freed-ora/current/f18/Bluetooth-Add-support-for-BCM20702A0.patch
deleted file mode 100644
index 99178d757..000000000
--- a/freed-ora/current/f18/Bluetooth-Add-support-for-BCM20702A0.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From a5f86c3423428c8e28b6501d0e9c3929ca91f07d Mon Sep 17 00:00:00 2001
-From: Jeff Cook <jeff@deserettechnology.com>
-Date: Fri, 9 Nov 2012 16:39:48 -0700
-Subject: [PATCH 2/2] Bluetooth: Add support for BCM20702A0 [0b05, 17b5]
-
-Vendor-specific ID for BCM20702A0.
-Support for bluetooth over Asus Wi-Fi GO!, included with Asus P8Z77-V
-Deluxe.
-
-T:  Bus=07 Lev=02 Prnt=02 Port=00 Cnt=01 Dev#=  3 Spd=12  MxCh= 0
-D:  Ver= 2.00 Cls=ff(vend.) Sub=01 Prot=01 MxPS=64 #Cfgs=  1
-P:  Vendor=0b05 ProdID=17b5 Rev=01.12
-S:  Manufacturer=Broadcom Corp
-S:  Product=BCM20702A0
-S:  SerialNumber=94DBC98AC113
-C:  #Ifs= 4 Cfg#= 1 Atr=e0 MxPwr=0mA
-I:  If#= 0 Alt= 0 #EPs= 3 Cls=ff(vend.) Sub=01 Prot=01 Driver=(none)
-I:  If#= 1 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=01 Prot=01 Driver=(none)
-I:  If#= 2 Alt= 0 #EPs= 2 Cls=ff(vend.) Sub=ff Prot=ff Driver=(none)
-I:  If#= 3 Alt= 0 #EPs= 0 Cls=fe(app. ) Sub=01 Prot=01 Driver=(none)
-
-Cc: stable@vger.kernel.org
-Signed-off-by: Jeff Cook <jeff@deserettechnology.com>
-Signed-off-by: Gustavo Padovan <gustavo.padovan@collabora.co.uk>
----
- drivers/bluetooth/btusb.c | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/drivers/bluetooth/btusb.c b/drivers/bluetooth/btusb.c
-index b167944..6dc44ff 100644
---- a/drivers/bluetooth/btusb.c
-+++ b/drivers/bluetooth/btusb.c
-@@ -96,6 +96,7 @@ static struct usb_device_id btusb_table[] = {
- 	{ USB_DEVICE(0x0c10, 0x0000) },
- 
- 	/* Broadcom BCM20702A0 */
-+	{ USB_DEVICE(0x0b05, 0x17b5) },
- 	{ USB_DEVICE(0x04ca, 0x2003) },
- 	{ USB_DEVICE(0x0489, 0xe042) },
- 	{ USB_DEVICE(0x413c, 0x8197) },
--- 
-1.8.0
-
diff --git a/freed-ora/current/f18/config-x86-generic b/freed-ora/current/f18/config-x86-generic
index 2bcd498eb..b3d19ea45 100644
--- a/freed-ora/current/f18/config-x86-generic
+++ b/freed-ora/current/f18/config-x86-generic
@@ -45,7 +45,7 @@ CONFIG_FB_EFI=y
 CONFIG_INTEL_IOMMU=y
 CONFIG_DMAR_BROKEN_GFX_WA=y
 CONFIG_INTEL_IOMMU_FLOPPY_WA=y
-# CONFIG_INTEL_IOMMU_DEFAULT_ON is not set
+CONFIG_INTEL_IOMMU_DEFAULT_ON=y
 CONFIG_SCSI_ADVANSYS=m
 
 CONFIG_SECCOMP=y
diff --git a/freed-ora/current/f18/exec-do-not-leave-bprm-interp-on-stack.patch b/freed-ora/current/f18/exec-do-not-leave-bprm-interp-on-stack.patch
deleted file mode 100644
index 5198824ed..000000000
--- a/freed-ora/current/f18/exec-do-not-leave-bprm-interp-on-stack.patch
+++ /dev/null
@@ -1,118 +0,0 @@
-From 6752ab4cb863fc63ed85f1ca78a42235c09fad83 Mon Sep 17 00:00:00 2001
-From: Kees Cook <keescook@chromium.org>
-Date: Mon, 26 Nov 2012 09:07:50 -0500
-Subject: [PATCH 1/2] exec: do not leave bprm->interp on stack
-
-If a series of scripts are executed, each triggering module loading via
-unprintable bytes in the script header, kernel stack contents can leak
-into the command line.
-
-Normally execution of binfmt_script and binfmt_misc happens recursively.
-However, when modules are enabled, and unprintable bytes exist in the
-bprm->buf, execution will restart after attempting to load matching binfmt
-modules.  Unfortunately, the logic in binfmt_script and binfmt_misc does
-not expect to get restarted.  They leave bprm->interp pointing to their
-local stack.  This means on restart bprm->interp is left pointing into
-unused stack memory which can then be copied into the userspace argv
-areas.
-
-After additional study, it seems that both recursion and restart remains
-the desirable way to handle exec with scripts, misc, and modules.  As
-such, we need to protect the changes to interp.
-
-This changes the logic to require allocation for any changes to the
-bprm->interp.  To avoid adding a new kmalloc to every exec, the default
-value is left as-is.  Only when passing through binfmt_script or
-binfmt_misc does an allocation take place.
-
-For a proof of concept, see DoTest.sh from:
-http://www.halfdog.net/Security/2012/LinuxKernelBinfmtScriptStackDataDisclosure/
-
-Signed-off-by: Kees Cook <keescook@chromium.org>
-Cc: halfdog <me@halfdog.net>
-Cc: P J P <ppandit@redhat.com>
-Cc: Alexander Viro <viro@zeniv.linux.org.uk>
-Cc: <stable@vger.kernel.org>
-Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
----
- fs/binfmt_misc.c        |  5 ++++-
- fs/binfmt_script.c      |  4 +++-
- fs/exec.c               | 15 +++++++++++++++
- include/linux/binfmts.h |  1 +
- 4 files changed, 23 insertions(+), 2 deletions(-)
-
-diff --git a/fs/binfmt_misc.c b/fs/binfmt_misc.c
-index 790b3cd..772428d 100644
---- a/fs/binfmt_misc.c
-+++ b/fs/binfmt_misc.c
-@@ -176,7 +176,10 @@ static int load_misc_binary(struct linux_binprm *bprm, struct pt_regs *regs)
- 		goto _error;
- 	bprm->argc ++;
- 
--	bprm->interp = iname;	/* for binfmt_script */
-+	/* Update interp in case binfmt_script needs it. */
-+	retval = bprm_change_interp(iname, bprm);
-+	if (retval < 0)
-+		goto _error;
- 
- 	interp_file = open_exec (iname);
- 	retval = PTR_ERR (interp_file);
-diff --git a/fs/binfmt_script.c b/fs/binfmt_script.c
-index d3b8c1f..df49d48 100644
---- a/fs/binfmt_script.c
-+++ b/fs/binfmt_script.c
-@@ -82,7 +82,9 @@ static int load_script(struct linux_binprm *bprm,struct pt_regs *regs)
- 	retval = copy_strings_kernel(1, &i_name, bprm);
- 	if (retval) return retval; 
- 	bprm->argc++;
--	bprm->interp = interp;
-+	retval = bprm_change_interp(interp, bprm);
-+	if (retval < 0)
-+		return retval;
- 
- 	/*
- 	 * OK, now restart the process with the interpreter's dentry.
-diff --git a/fs/exec.c b/fs/exec.c
-index 0039055..c6e6de4 100644
---- a/fs/exec.c
-+++ b/fs/exec.c
-@@ -1175,9 +1175,24 @@ void free_bprm(struct linux_binprm *bprm)
- 		mutex_unlock(&current->signal->cred_guard_mutex);
- 		abort_creds(bprm->cred);
- 	}
-+	/* If a binfmt changed the interp, free it. */
-+	if (bprm->interp != bprm->filename)
-+		kfree(bprm->interp);
- 	kfree(bprm);
- }
- 
-+int bprm_change_interp(char *interp, struct linux_binprm *bprm)
-+{
-+	/* If a binfmt changed the interp, free it first. */
-+	if (bprm->interp != bprm->filename)
-+		kfree(bprm->interp);
-+	bprm->interp = kstrdup(interp, GFP_KERNEL);
-+	if (!bprm->interp)
-+		return -ENOMEM;
-+	return 0;
-+}
-+EXPORT_SYMBOL(bprm_change_interp);
-+
- /*
-  * install the new credentials for this executable
-  */
-diff --git a/include/linux/binfmts.h b/include/linux/binfmts.h
-index cfcc6bf..de0628e 100644
---- a/include/linux/binfmts.h
-+++ b/include/linux/binfmts.h
-@@ -114,6 +114,7 @@ extern int setup_arg_pages(struct linux_binprm * bprm,
- 			   unsigned long stack_top,
- 			   int executable_stack);
- extern int bprm_mm_init(struct linux_binprm *bprm);
-+extern int bprm_change_interp(char *interp, struct linux_binprm *bprm);
- extern int copy_strings_kernel(int argc, const char *const *argv,
- 			       struct linux_binprm *bprm);
- extern int prepare_bprm_creds(struct linux_binprm *bprm);
--- 
-1.8.0
-
diff --git a/freed-ora/current/f18/kernel.spec b/freed-ora/current/f18/kernel.spec
index 081c4f1b8..32586334b 100644
--- a/freed-ora/current/f18/kernel.spec
+++ b/freed-ora/current/f18/kernel.spec
@@ -62,7 +62,7 @@ Summary: The Linux kernel
 # For non-released -rc kernels, this will be appended after the rcX and
 # gitX tags, so a 3 here would become part of release "0.rcX.gitX.3"
 #
-%global baserelease 5
+%global baserelease 201
 %global fedora_build %{baserelease}
 
 # base_sublevel is the kernel version we're starting with and patching
@@ -78,7 +78,7 @@ Summary: The Linux kernel
 %define basegnu -gnu%{?librev}
 
 # To be inserted between "patch" and "-2.6.".
-#define stablelibre -3.7%{?stablegnux}
+%define stablelibre -3.7%{?stablegnux}
 #define rcrevlibre -3.7%{?rcrevgnux}
 #define gitrevlibre -3.7%{?gitrevgnux}
 
@@ -112,7 +112,7 @@ Summary: The Linux kernel
 %if 0%{?released_kernel}
 
 # Do we have a -stable update to apply?
-%define stable_update 1
+%define stable_update 2
 # Is it a -stable RC?
 %define stable_rc 0
 # Set rpm version accordingly
@@ -596,7 +596,7 @@ BuildRequires: xmlto, asciidoc
 BuildRequires: sparse >= 0.4.1
 %endif
 %if %{with_perf}
-BuildRequires: elfutils-devel zlib-devel binutils-devel newt-devel python-devel perl(ExtUtils::Embed) bison
+BuildRequires: elfutils-devel zlib-devel binutils-devel newt-devel python-devel perl(ExtUtils::Embed) bison audit-libs-devel
 %endif
 %if %{with_tools}
 BuildRequires: pciutils-devel gettext
@@ -827,14 +827,10 @@ Patch22001: selinux-apply-different-permission-to-ptrace-child.patch
 #rhbz 871078
 Patch22112: USB-report-submission-of-active-URBs.patch
 
-#rhbz 874791
-Patch22125: Bluetooth-Add-support-for-BCM20702A0.patch
-
 #rhbz 859485
 Patch21226: vt-Drop-K_OFF-for-VC_MUTE.patch
 
 #rhbz CVE-2012-4530 868285 880147
-Patch21228: exec-do-not-leave-bprm-interp-on-stack.patch
 Patch21229: exec-use-eloop-for-max-recursion-depth.patch
 
 #rhbz 851278
@@ -1626,14 +1622,10 @@ ApplyPatch selinux-apply-different-permission-to-ptrace-child.patch
 #rhbz 871078
 ApplyPatch USB-report-submission-of-active-URBs.patch
 
-#rhbz 874791
-ApplyPatch Bluetooth-Add-support-for-BCM20702A0.patch
-
 #rhbz 859485
 ApplyPatch vt-Drop-K_OFF-for-VC_MUTE.patch
 
 #rhbz CVE-2012-4530 868285 880147
-ApplyPatch exec-do-not-leave-bprm-interp-on-stack.patch
 ApplyPatch exec-use-eloop-for-max-recursion-depth.patch
 
 #rhbz 851278
@@ -2537,6 +2529,16 @@ fi
 #                 ||----w |
 #                 ||     ||
 %changelog
+* Sun Jan 13 2013 Alexandre Oliva <lxoliva@fsfla.org> -libre
+- GNU Linux-libre 3.7.2-gnu
+
+* Fri Jan 11 2013 Justin M. Forbes <jforbes@redhat.com> 3.7.1-1
+- Linux v3.7.2
+- Enable Intel IOMMU by default
+
+* Thu Jan 10 2013 Dave Jones <davej@redhat.com>
+- Add audit-libs-devel to perf build-deps to enable trace command. (rhbz 892893)
+
 * Tue Jan 08 2013 Josh Boyer <jwboyer@redhat.com>
 - Add patch to fix shutdown on some machines (rhbz 890547)
 
diff --git a/freed-ora/current/f18/patch-3.7-gnu-3.7.2-gnu.xz.sign b/freed-ora/current/f18/patch-3.7-gnu-3.7.2-gnu.xz.sign
new file mode 100644
index 000000000..82ad9825b
--- /dev/null
+++ b/freed-ora/current/f18/patch-3.7-gnu-3.7.2-gnu.xz.sign
@@ -0,0 +1,7 @@
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v2.0.18 (GNU/Linux)
+
+iEYEABECAAYFAlDxg74ACgkQvLfPh359R6ch4QCcDqik2mwKNz93jdej3E80Qrxx
+SCsAn1Kuth0dkcZCEYVZeirdK51YHf3z
+=ijab
+-----END PGP SIGNATURE-----
diff --git a/freed-ora/current/f18/sources b/freed-ora/current/f18/sources
index e54b5c017..df0e70051 100644
--- a/freed-ora/current/f18/sources
+++ b/freed-ora/current/f18/sources
@@ -1,2 +1,2 @@
 06bf9601d859531e7378eb43d4ca7dd3  linux-libre-3.7-gnu.tar.xz
-48f5f530b048e387e978e3e49de7742a  patch-3.7.1.xz
+60acd5c68e27a2b31ab8993f91ae7938  patch-3.7-gnu-3.7.2-gnu.xz