From Linus Torvalds <> Date Sun, 3 Sep 2017 14:47:05 -0700 Subject Linux 4.13 So last week was actually somewhat eventful, but not enough to push me

to delay 4.13.



Most of the changes since rc7 are actually networking fixes, the bulk

of them to various drivers. With apologies to the authors of said

patches, they don't look all that interesting (which is definitely

exactly what you want just before a release). Details in the appended

shortlog.



Note that the shortlog below is obviously only since rc7 - the _full_

4.13 log is much too big to post and nobody sane would read it. So if

you're interested in all the rest of it, get the git tree and limit

the logs to the files you are interested in if you crave details.



No, the excitement was largely in the mmu notification layer, where we

had a fairly last-minute regression and some discussion about the

problem. Lots of kudos to Jérôme Glisse for jumping on it, and

implementing the fix.



What's nice to see is that the regression pointed out a nasty and not

very well documented (or thought out) part of the mmu notifiers, and

the fix not only fixed the problem, but did so by cleaning up and

documenting what the right behavior should be, and furthermore did so

by getting rid of the problematic notifier and actually removing

almost two hundred lines in the process.



I love seeing those kinds of fixes. Better, smaller, code.



The other excitement this week was purely personal, consisting of

seven hours of pure agony due to a kidney stone. I'm all good, but it

sure _felt_ a lot longer than seven hours, and I don't even want to

imagine what it is for people that have had the experience drag out

for longer. Ugh.



Anyway, on to actual 4.13 issues.



While we've had lots of changes all over (4.13 was not particularly

big, but even a "solidly average" release is not exactly small), one

very _small_ change merits some extra attention, because it's one of

those very rare changes where we change behavior due to security

issues, and where people may need to be aware of that behavior change

when upgrading.



This time it's not really a kernel security issue, but a generic

protocol security issue.



The change in question is simply changing the default cifs behavior:

instead of defaulting to SMB 1.0 (which you really should not use:

just google for "stop using SMB1" or similar), the default cifs mount

now defaults to a rather more modern SMB 3.0.



Now, because you shouldn't have been using SMB1 anyway, this shouldn't

affect anybody. But guess what? It almost certainly does affect some

people, because they blithely continued using SMB1 without really

thinking about it.



And you certainly _can_ continue to use SMB1, but due to the default

change, now you need to be *aware* of it. You may need to add an

explicit "vers=1.0" to your mount options in /etc/fstab or similar if

you *really* want SMB1.



But if the new default of 3.0 doesn't work (because you still use a

pterodactyl as a windshield wiper), before you go all the way back to

the bad old days and use that "vers=1.0", you might want to try

"vers=2.1". Because let's face it, SMB1 is just bad, bad, bad.



Anyway, most people won't notice at all. And the ones that do notice

can check their current situation (just look at the output of "mount"

and see if you have any cifs things there), and you really should

update from the default even if you are *not* upgrading kernels.



Ok, enough about that. It was literally a two-liner change top

defaults - out of the million or so lines of the full 4.13 patch

changing real code.



Go get the new kernel,



Linus







---



Adrian Hunter (1):

mmc: block: Fix block status codes



Aleksander Morgado (1):

cdc_ncm: flag the u-blox TOBY-L4 as wwan



Alexey Brodkin (1):

ARCv2: SMP: Mask only private-per-core IRQ lines on boot at core intc



Andrew Jeffery (1):

net: ftgmac100: Fix oops in probe on failure to find associated PHY



Annie Li (1):

xen-blkback: stop blkback thread of every queue in xen_blkif_disconnect



Anthony Martin (1):

Input: synaptics - fix device info appearing different on reconnect



Antoine Tenart (1):

net: mvpp2: fix the mac address used when using PPv2.2



Ard Biesheuvel (2):

crypto: chacha20 - fix handling of chunked input

crypto: testmgr - add chunked test cases for chacha20



Arnd Bergmann (1):

qlge: avoid memcpy buffer overflow



Bart Van Assche (4):

dm: fix the second dec_pending() argument in __split_and_process_bio()

dm mpath: retry BLK_STS_RESOURCE errors

dm: fix printk() rate limiting code

dm mpath: do not lock up a CPU with requeuing activity



Ben Hutchings (1):

alpha: uapi: Add support for __SANE_USERSPACE_TYPES__



Benjamin Poirier (1):

packet: Don't write vnet header beyond end of buffer



Bob Peterson (1):

tipc: Fix tipc_sk_reinit handling of -EAGAIN



Brian King (1):

scsi: ipr: Set no_report_opcodes for RAID arrays



Cameron Gutman (1):

Input: xpad - fix PowerA init quirk for some gamepad models



Changpeng Liu (1):

nvme: fix the definition of the doorbell buffer config support bit



Christoph Hellwig (3):

libata: quirk read log on no-name M.2 SSD

libata: check for trusted computing in IDENTIFY DEVICE data

nvme-pci: use dma memory for the host memory buffer descriptors



Christophe JAILLET (2):

sata: ahci-da850: Fix some error handling paths in 'ahci_da850_probe()'

scsi: qedf: Fix a potential NULL pointer dereference



Christophe Jaillet (1):

net: sxgbe: check memory allocation failure



Cong Wang (1):

wl1251: add a missing spin_lock_init()



Dan Carpenter (3):

scsi: sg: off by one in sg_ioctl()

x86/ldt: Fix off by one in get_segment_base()

nfp: double free on error in probe



Dan Williams (1):

libnvdimm: clean up command definitions



Daniel Borkmann (1):

bpf: fix map value attribute for hash of maps



Dave Kleikamp (1):

jfs should use MAX_LFS_FILESIZE when calculating s_maxbytes



Eran Ben Elisha (1):

net/mlx5e: Fix dangling page pointer on DMA mapping error



Eric Biggers (1):

mm, uprobes: fix multiple free of ->uprobes_state.xol_area



Eric Dumazet (5):

udp: on peeking bad csum, drop packets even if not at head

net: dsa: use consume_skb()

virtio_net: be drop monitor friendly

net_sched: fix a refcount_t issue with noop_qdisc

kcm: do not attach PF_KCM sockets to avoid deadlock



Florian Fainelli (14):

net/hsr: Check skb_put_padto() return value

net: phy: Deal with unbound PHY driver in phy_attached_print()

fsl/man: Inherit parent device and of_node

net: core: Specify skb_pad()/skb_put_padto() SKB freeing

net: dsa: skb_put_padto() already frees nskb

um: Fix check for _xstate for older hosts

net: systemport: Be drop monitor friendly

net: bcmgenet: Be drop monitor friendly

net: systemport: Free DMA coherent descriptors on errors

r8169: Do not increment tx_dropped in TX ring cleaning

r8169: Be drop monitor friendly

net: dsa: Don't dereference dst->cpu_dp->netdev

net: dsa: bcm_sf2: Fix number of CFP entries for BCM7278

Revert "net: phy: Correctly process PHY_HALTED in phy_stop_machine()"



Guenter Roeck (1):

alpha: Define ioremap_wc



Guillaume Nault (6):

l2tp: initialise session's refcount before making it reachable

l2tp: hold tunnel while looking up sessions in l2tp_netlink

l2tp: hold tunnel while processing genl delete command

l2tp: hold tunnel while handling genl tunnel updates

l2tp: hold tunnel while handling genl TUNNEL_GET commands

l2tp: hold tunnel used while creating sessions with netlink



Hans de Goede (1):

i2c: designware: Round down ACPI provided clk to nearest supported clk



Helge Deller (1):

fs/select: Fix memory corruption in compat_get_fd_set()



Huy Nguyen (4):

net/mlx5e: Check for qos capability in dcbnl_initialize

net/mlx5e: Fix DCB_CAP_ATTR_DCBX capability for DCBNL getcap.

net/mlx5: Skip mlx5_unload_one if mlx5_load_one fails

net/mlx5: Remove the flag MLX5_INTERFACE_STATE_SHUTDOWN



Ido Schimmel (2):

mlxsw: spectrum: Forbid linking to devices that have uppers

bridge: switchdev: Clear forward mark when transmitting packet



Igor Russkikh (1):

net:ethernet:aquantia: Fix for multicast filter handling.



Inbar Karmy (1):

net/mlx5e: Don't override user RSS upon set channels



Jakub Kicinski (4):

nfp: don't hold PF lock while enabling SR-IOV

nfp: make sure representors are destroyed before their lower netdev

nfp: avoid buffer leak when representor is missing

nfp: TX time stamp packets before HW doorbell is rung



James Cowgill (1):

MIPS: Remove pt_regs adjustments in indirect syscall handler



James Hogan (2):

MIPS: seccomp: Fix indirect syscall args

irqchip: mips-gic: SYNC after enabling GIC region



Jan H. Schönherr (2):

x86/boot: Provide more slack space during decompression

x86/boot: Prevent faulty bootparams.screeninfo from causing harm



Jason J. Herne (1):

vfio: ccw: fix bad ptr math for TIC cda translation



Jesper Dangaard Brouer (1):

net: missing call of trace_napi_poll in busy_poll_stop



Jiri Pirko (2):

net: sched: fix use after free when tcf_chain_destroy is called

multiple times

net: sched: don't do tcf_chain_flush from tcf_chain_destroy



Joe Stringer (1):

include/linux/compiler.h: don't perform compiletime_assert with -O0



John Stultz (1):

time: Fix ktime_get_raw() incorrect base accumulation



Jérôme Glisse (13):

dax: update to new mmu_notifier semantic

mm/rmap: update to new mmu_notifier semantic v2

powerpc/powernv: update to new mmu_notifier semantic

drm/amdgpu: update to new mmu_notifier semantic

IB/umem: update to new mmu_notifier semantic

IB/hfi1: update to new mmu_notifier semantic

iommu/amd: update to new mmu_notifier semantic

iommu/intel: update to new mmu_notifier semantic

misc/mic/scif: update to new mmu_notifier semantic

sgi-gru: update to new mmu_notifier semantic

xen/gntdev: update to new mmu_notifier semantic

KVM: update to new mmu_notifier semantic v2

mm/mmu_notifier: kill invalidate_page



Koichiro Den (1):

xfrm: fix null pointer dereference on state and tmpl sort



Krzysztof Kozlowski (1):

c6x: defconfig: Cleanup from old Kconfig options



Linus Torvalds (3):

page waitqueue: always add new entries at the end

Revert "rmap: do not call mmu_notifier_invalidate_page() under ptl"

Linux 4.13



Lorenzo Colitti (1):

net: xfrm: don't double-hold dst when sk_policy in use.



Luca Coelho (1):

iwlwifi: pcie: move rx workqueue initialization to iwl_trans_pcie_alloc()



Lucas Stach (1):

ASoC: simple_card_utils: fix fallback when "label" property isn't present



Maciej Purski (1):

drm/bridge/sii8620: Fix memory corruption



Martin Schwidefsky (2):

s390/mm: fork vs. 5 level page tabel

s390/mm: fix BUG_ON in crst_table_upgrade



Mathias Krause (4):

xfrm_user: fix info leak in copy_user_offload()

xfrm_user: fix info leak in xfrm_notify_sa()

xfrm_user: fix info leak in build_expire()

xfrm_user: fix info leak in build_aevent()



Matt Turner (2):

alpha: Fix build error without CONFIG_VGA_HOSE.

alpha: Fix section mismatches



Max Gurtovoy (1):

nvme-rdma: default MR page size to 4k



Maxime Ripard (4):

dt-bindings: net: Revert sun8i dwmac binding

arm64: dts: allwinner: Revert EMAC changes

arm: dts: sunxi: Revert EMAC changes

net: stmmac: sun8i: Remove the compatibles



Mel Gorman (1):

mm, madvise: ensure poisoned pages are removed from per-cpu lists



Meng Xu (1):

perf/core: Fix potential double-fetch bug



Michael Chan (3):

bnxt_en: Fix .ndo_setup_tc() to include XDP rings.

bnxt_en: Free MSIX vectors when unregistering the device from bnxt_re.

bnxt_en: Do not setup MAC address in bnxt_hwrm_func_qcaps().



Michael Cree (1):

alpha: support R_ALPHA_REFLONG relocations for module loading



Moshe Shemesh (1):

net/mlx5e: Fix inline header size for small packets



Nikolay Aleksandrov (9):

sch_htb: fix crash on init failure

sch_multiq: fix double free on init failure

sch_hhf: fix null pointer dereference on init failure

sch_hfsc: fix null pointer deref and double free on init failure

sch_cbq: fix null pointer dereferences on init failure

sch_fq_codel: avoid double free on init failure

sch_netem: avoid null pointer deref on init failure

sch_sfq: fix null pointer dereference on init failure

sch_tbf: fix two null pointer dereferences on init failure



Noa Osherovich (1):

net/mlx5: Fix arm SRQ command for ISSI version 0



Nogah Frankel (1):

mlxsw: spectrum_switchdev: Fix mrouter flag update



Oleg Nesterov (1):

epoll: fix race between ep_poll_callback(POLLFREE) and

ep_free()/ep_remove()



Pablo Neira Ayuso (1):

netfilter: nft_compat: check extension hook mask only if set



Paolo Abeni (1):

udp6: set rx_dst_cookie on rx_dst updates



Parthasarathy Bhuvaragan (5):

tipc: remove subscription references only for pending timers

tipc: perform skb_linearize() before parsing the inner header

tipc: reassign pointers after skb reallocation / linearization

tipc: context imbalance at node read unlock

tipc: permit bond slave as bearer



Paul Blakey (1):

net/mlx5e: Properly resolve TC offloaded ipv6 vxlan tunnel source address



Pavel Belous (5):

net:ethernet:aquantia: Extra spinlocks removed.

net:ethernet:aquantia: Fix for number of RSS queues.

net:ethernet:aquantia: Workaround for HW checksum bug.

net:ethernet:aquantia: Fix for incorrect speed index.

net:ethernet:aquantia: Show info message if bad firmware version detected.



Pavel Shilovsky (1):

CIFS: Fix maximum SMB2 header size



Pieter Jansen van Vuuren (3):

nfp: fix unchecked flow dissector use

nfp: fix supported key layers calculation

nfp: remove incorrect mask check for vlan matching



Quan Nguyen (1):

drivers: net: xgene: Correct probe sequence handling



Richard Henderson (3):

alpha: Update for new syscalls

alpha: Package string routines together

alpha: Fix typo in ev6-copy_user.S



Rob Herring (1):

c6x: Convert to using %pOF instead of full_name



Roopa Prabhu (1):

bridge: check for null fdb->dst before notifying switchdev drivers



Russell King (1):

scripts/dtc: fix '%zx' warning



Sabrina Dubroca (3):

netfilter: ipt_CLUSTERIP: fix use-after-free of proc entry

macsec: add genl family module alias

tcp: fix refcnt leak with ebpf congestion control



Sekhar Nori (1):

net: ti: cpsw-common: dont print error if ti_cm_get_macid() fails



Shahar Klein (1):

net/mlx5: E-Switch, Unload the representors in the correct order



Shaohua Li (1):

kernel/kthread.c: kthread_worker: don't hog the cpu



Sinclair Yeh (1):

drm/vmwgfx: Fix F26 Wayland screen update issue



Stefano Brivio (3):

ipv6: accept 64k - 1 packet length in ip6_find_1stfragopt()

sctp: Avoid out-of-bounds reads from address storage

cxgb4: Fix stack out-of-bounds read due to wrong size to t4_record_mbox()



Steffen Klassert (5):

esp: Fix memleaks on error paths.

esp: Fix error handling on layer 2 xmit.

esp: Fix locking on page fragment allocation

esp: Fix skb tailroom calculation

ipv6: Fix may be used uninitialized warning in rt6_check



Stephan Gatzka (1):

net: stmmac: socfgpa: Ensure emac bit set in sys manager for

MII/GMII/SGMII.



Stephan Mueller (2):

lib/mpi: kunmap after finishing accessing buffer

crypto: algif_skcipher - only call put_page on referenced and used pages



Stephen Douthit (2):

i2c: ismt: Don't duplicate the receive length for block reads

i2c: ismt: Return EMSGSIZE for block reads with bogus length



Steve French (2):

CIFS: remove endian related sparse warning

Fix warning messages when mounting to older servers



Taehee Yoo (1):

netfilter: x_tables: Fix use-after-free in ipt_do_table.



Takashi Iwai (2):

ASoC: rt5670: Fix GPIO headset detection regression

ALSA: pcm: Fix power lock unbalance via OSS emulation



Tal Gilboa (1):

net/mlx5e: Fix CQ moderation mode not set properly



Tejun Heo (2):

cpumask: fix spurious cpumask_of_node() on non-NUMA multi-node configs

Revert "libata: quirk read log on no-name M.2 SSD"



Tetsuo Handa (1):

mm,page_alloc: don't call __node_reclaim() with oom_lock held.



Thomas Petazzoni (1):

arm64: dts: marvell: fix number of GPIOs in Armada AP806 description



Vladis Dronov (1):

xfrm: policy: check policy direction value



Waiman Long (1):

cpuset: Fix incorrect memory_pressure control file mapping



Wei Wang (2):

ipv6: add rcu grace period before freeing fib6_node

ipv6: fix sparse warning on rt6i_node



Xin Long (3):

netfilter: check for seqadj ext existence before adding it in

nf_nat_setup_info

ipv6: set dst.obsolete when a cached route has expired

ipv6: do not set sk_destruct in IPV6_ADDRFORM sockopt



Yan, Zheng (1):

ceph: fix readpage from fscache



Ying Xue (1):

tipc: fix a race condition of releasing subscriber object



Yossi Kuperman (1):

udp: fix secpath leak



Yuchung Cheng (1):

bpf: fix bpf_setsockopts return value



Zhou Chengming (1):

perf/ftrace: Fix double traces of perf on ftrace:function



Zhoujie Wu (1):

mmc: sdhci-xenon: add set_power callback



andy zhou (1):

netfilter: nf_tables: Fix nft limit burst handling



stephen hemminger (1):

netvsc: fix deadlock betwen link status and removal



