Update to 4.9-rc3

3 files changed, 1 insertions, 72 deletions

diff --git a/debian/changelog b/debian/changelog
index cfd6ed167..cdfe59566 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,4 +1,4 @@
-linux (4.9~rc2-1~exp1) UNRELEASED; urgency=medium
+linux (4.9~rc3-1~exp1) UNRELEASED; urgency=medium
 
   * New upstream release candidate
 
diff --git a/debian/patches/bugfix/all/KEYS-Fix-short-sprintf-buffer-in-proc-keys-show-func.patch b/debian/patches/bugfix/all/KEYS-Fix-short-sprintf-buffer-in-proc-keys-show-func.patch
deleted file mode 100644
index 904105512..000000000
--- a/debian/patches/bugfix/all/KEYS-Fix-short-sprintf-buffer-in-proc-keys-show-func.patch
+++ /dev/null
@@ -1,70 +0,0 @@
-From: David Howells <dhowells@redhat.com>
-Date: Thu, 13 Oct 2016 22:38:46 +0200
-Subject: KEYS: Fix short sprintf buffer in /proc/keys show function
-Origin: https://bugzilla.redhat.com/attachment.cgi?id=1200212
-
-Fix a short sprintf buffer in proc_keys_show().  If the gcc stack protector
-is turned on, this can cause a panic due to stack corruption.
-
-The problem is that xbuf[] is not big enough to hold a 64-bit timeout
-rendered as weeks:
-
-	(gdb) p 0xffffffffffffffffULL/(60*60*24*7)
-	$2 = 30500568904943
-
-That's 14 chars plus NUL, not 11 chars plus NUL.
-
-Expand the buffer to 16 chars.
-
-I think the unpatched code apparently works if the stack-protector is not
-enabled because on a 32-bit machine the buffer won't be overflowed and on a
-64-bit machine there's a 64-bit aligned pointer at one side and an int that
-isn't checked again on the other side.
-
-The panic incurred looks something like:
-
-Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: ffffffff81352ebe
-CPU: 0 PID: 1692 Comm: reproducer Not tainted 4.7.2-201.fc24.x86_64 #1
-Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
- 0000000000000086 00000000fbbd2679 ffff8800a044bc00 ffffffff813d941f
- ffffffff81a28d58 ffff8800a044bc98 ffff8800a044bc88 ffffffff811b2cb6
- ffff880000000010 ffff8800a044bc98 ffff8800a044bc30 00000000fbbd2679
-Call Trace:
- [<ffffffff813d941f>] dump_stack+0x63/0x84
- [<ffffffff811b2cb6>] panic+0xde/0x22a
- [<ffffffff81352ebe>] ? proc_keys_show+0x3ce/0x3d0
- [<ffffffff8109f7f9>] __stack_chk_fail+0x19/0x30
- [<ffffffff81352ebe>] proc_keys_show+0x3ce/0x3d0
- [<ffffffff81350410>] ? key_validate+0x50/0x50
- [<ffffffff8134db30>] ? key_default_cmp+0x20/0x20
- [<ffffffff8126b31c>] seq_read+0x2cc/0x390
- [<ffffffff812b6b12>] proc_reg_read+0x42/0x70
- [<ffffffff81244fc7>] __vfs_read+0x37/0x150
- [<ffffffff81357020>] ? security_file_permission+0xa0/0xc0
- [<ffffffff81246156>] vfs_read+0x96/0x130
- [<ffffffff81247635>] SyS_read+0x55/0xc0
- [<ffffffff817eb872>] entry_SYSCALL_64_fastpath+0x1a/0xa4
-
-Reported-by: Ondrej Kozina <okozina@redhat.com>
-Signed-off-by: David Howells <dhowells@redhat.com>
-Tested-by: Ondrej Kozina <okozina@redhat.com>
----
- security/keys/proc.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/security/keys/proc.c b/security/keys/proc.c
-index f0611a6..b9f531c 100644
---- a/security/keys/proc.c
-+++ b/security/keys/proc.c
-@@ -181,7 +181,7 @@ static int proc_keys_show(struct seq_file *m, void *v)
- 	struct timespec now;
- 	unsigned long timo;
- 	key_ref_t key_ref, skey_ref;
--	char xbuf[12];
-+	char xbuf[16];
- 	int rc;
- 
- 	struct keyring_search_context ctx = {
--- 
-2.9.3
-
diff --git a/debian/patches/series b/debian/patches/series
index de5129d79..8d78ed427 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -94,7 +94,6 @@ features/all/securelevel/arm64-add-kernel-config-option-to-set-securelevel-wh.pa
 bugfix/all/ptrace-being-capable-wrt-a-process-requires-mapped-uids-gids.patch
 debian/i386-686-pae-pci-set-pci-nobios-by-default.patch
 bugfix/all/net-add-recursion-limit-to-gro.patch
-bugfix/all/KEYS-Fix-short-sprintf-buffer-in-proc-keys-show-func.patch
 
 # ABI maintenance