Age | Commit message (Collapse) | Author |
|
Exempt-From-Owner-Approval: Changes already landed internally
Change-Id: I2ed7bec5c14deb3ba3b01ff7223f41e9bfd917c4
|
|
-s ours am: b7f0375a62 -s ours
am: 0eb326f182 -s ours
Change-Id: I1081fa2a5adb860c097857476c5270054b050dea
|
|
-s ours
am: b7f0375a62 -s ours
Change-Id: I14e0dad7cf08f27493c8b75e71ef54edfe638221
|
|
-s ours am: b7f0375a62 -s ours
am: 31d64b119d -s ours
Change-Id: Ic67c8e600523062de6805b462691d8617dd54bfb
|
|
-s ours
am: b7f0375a62 -s ours
Change-Id: I13ce6a9d2c26827df8b5ebb7ae5cbac8c7d5658b
|
|
am: 808ad0b2f1 -s ours
Change-Id: Ieec1f8267057481778b9035742da00b1bc3ed4bd
|
|
am: 101beef979
Change-Id: I7bdb5430ee9c43212c9f1086be3114433d51b254
|
|
8afc8877 Merge branch 'android-msm-bullhead-3.10-oc' into android-msm-bullhead-3.10
476e010d Merge branch 'android-msm-bullhead-3.10-oc-security-next' into android-msm-bullhead-3.10-oc
510c22e9 msm: gud: Remove gud driver
0cee9126 qseecom: Fix accessing userspace memory in kernel space
bee9a25f ANDROID: scsi: Add segment checking in sg_read
d49505d2 qcacld-2.0: Add bound check for numap to avoid integer overflow
2b1b24b8 msm: camera: Make use of mutex lock to avoid race condition
377b6758 ASoC: msm: qdsp6v2: clear address on error
c31ee5c0 coresight: tmc: Fix the unbalanced lock in tmc_read()
b73156e5 coresight: tmc: Fix use after free issue with tmc read
427e3e15 fbdev: msm: Allocate fd with O_CLOEXEC flag
98bd4639 msm: mdss: validate page id before reading from edid buffer
1b1d3381 msm: ipa: Add mutext protection when updating notify req cache
28ef4d7f qcacld-2.0: Check on IE length to avoid buffer over-read
6b4554b8 qcacld-2.0: Fix invalid buffer access in send mgmt tx
21bab4fe BACKPORT: dentry name snapshots
68e5a3c7 angler: remove 'reboot edl' interface for security.
505b8327 msm: sensor: Add mutex lock during ois power down operations
1ede4694 diag: Fix for possible dci stale entries
96a3947b diag: dci: Add protection while querying event status
ab177706 diag: dci: Add mutex protection while accessing client details
652f01eb diag: dci: Add protection while de-initializing clients
ab1e30ef ANDROID: usb: gadget: f_mtp: Return error if count is negative
a961645b UPSTREAM: ALSA: timer: Call notifier in the same spinlock
41455882 UPSTREAM: ALSA: timer: Fix race between stop and interrupt
7b2f2455 UPSTREAM: ALSA: timer: Fix link corruption due to double start or stop
babbb1fc UPSTREAM: ALSA: timer: Code cleanup
874d3848 BACKPORT: ALSA: timer: Fix race at concurrent reads
3fa00095 BACKPORT: ALSA: timer: Handle disconnection more safely
cbba392b UPSTREAM: ALSA: timer: Fix wrong instance passed to slave callbacks
b757637f UPSTREAM: ALSA: timer: Harden slave timer list handling
4a997f92 UPSTREAM: ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT
1c00f5b5 BACKPORT: ALSA: timer: Fix race between read and ioctl
0a2954f1 msm: vidc: Squash the below changes
163a9936 v4l2: Refactor, fix security bug in compat ioctl32
240cee8f msm: camera: Avoid deadlock for vb2 operations using separate lock
e4e29ab1 ANDROID: ion: Fix uninitialized variable
3611c756 Bluetooth: cmtp: cmtp_add_connection() should verify that it's dealing with l2cap socket
d2a946f6 Bluetooth: bnep: bnep_add_connection() should verify that it's dealing with l2cap socket
67862abd Merge branch 'android-msm-bullhead-3.10-oc' into android-msm-bullhead-3.10-oc-security-next
838c4d24 ANDROID: usb: gadget: f_mtp: Return error if count is negative
52557696 Merge branch 'android-msm-bullhead-3.10-oc' into android-msm-bullhead-3.10-oc-security-next
3f786450 Merge branch 'android-msm-bullhead-3.10-oc' into android-msm-bullhead-3.10-oc-security-next
Linux version 3.10.73-g8afc887796f (android-
build@wphp9.hot.corp.google.com) (gcc version 4.9.x-google
20140827 (prerelease) (GCC) ) #1 SMP PREEMPT Fri Oct 13 04:02:24
UTC 2017
Bug: 33982955
Bug: 34276203
Bug: 34329758
Bug: 34624167
Bug: 35138888
Bug: 37240993
Bug: 37429972
Bug: 62201221
Bug: 62378232
Bug: 62674846
Bug: 63100473
Bug: 63173580
Bug: 63522505
Bug: 63689921
Bug: 63868629
Bug: 63868933
Bug: 64431967
Bug: 64453105
Bug: 64453422
Bug: 64453423
Bug: 64728950
Bug: 64728953
Bug: 65023233
Bug: 65468973
Bug: 65468975
Bug: 65468986
Bug: 65468993
Bug: 67749279
Change-Id: Ic1c425e8579e815e4cc5492798fcd96b225a30ea
Source-Branch: android-msm-bullhead-3.10
Signed-off-by: Steve Pfetsch <spfetsch@google.com>
|
|
476e010d Merge branch 'android-msm-bullhead-3.10-oc-security-next' into android-msm-bullhead-3.10-oc
510c22e9 msm: gud: Remove gud driver
0cee9126 qseecom: Fix accessing userspace memory in kernel space
bee9a25f ANDROID: scsi: Add segment checking in sg_read
d49505d2 qcacld-2.0: Add bound check for numap to avoid integer overflow
2b1b24b8 msm: camera: Make use of mutex lock to avoid race condition
377b6758 ASoC: msm: qdsp6v2: clear address on error
c31ee5c0 coresight: tmc: Fix the unbalanced lock in tmc_read()
b73156e5 coresight: tmc: Fix use after free issue with tmc read
427e3e15 fbdev: msm: Allocate fd with O_CLOEXEC flag
98bd4639 msm: mdss: validate page id before reading from edid buffer
1b1d3381 msm: ipa: Add mutext protection when updating notify req cache
28ef4d7f qcacld-2.0: Check on IE length to avoid buffer over-read
6b4554b8 qcacld-2.0: Fix invalid buffer access in send mgmt tx
21bab4fe BACKPORT: dentry name snapshots
68e5a3c7 angler: remove 'reboot edl' interface for security.
505b8327 msm: sensor: Add mutex lock during ois power down operations
1ede4694 diag: Fix for possible dci stale entries
96a3947b diag: dci: Add protection while querying event status
ab177706 diag: dci: Add mutex protection while accessing client details
652f01eb diag: dci: Add protection while de-initializing clients
ab1e30ef ANDROID: usb: gadget: f_mtp: Return error if count is negative
a961645b UPSTREAM: ALSA: timer: Call notifier in the same spinlock
41455882 UPSTREAM: ALSA: timer: Fix race between stop and interrupt
7b2f2455 UPSTREAM: ALSA: timer: Fix link corruption due to double start or stop
babbb1fc UPSTREAM: ALSA: timer: Code cleanup
874d3848 BACKPORT: ALSA: timer: Fix race at concurrent reads
3fa00095 BACKPORT: ALSA: timer: Handle disconnection more safely
cbba392b UPSTREAM: ALSA: timer: Fix wrong instance passed to slave callbacks
b757637f UPSTREAM: ALSA: timer: Harden slave timer list handling
4a997f92 UPSTREAM: ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT
1c00f5b5 BACKPORT: ALSA: timer: Fix race between read and ioctl
0a2954f1 msm: vidc: Squash the below changes
163a9936 v4l2: Refactor, fix security bug in compat ioctl32
240cee8f msm: camera: Avoid deadlock for vb2 operations using separate lock
e4e29ab1 ANDROID: ion: Fix uninitialized variable
3611c756 Bluetooth: cmtp: cmtp_add_connection() should verify that it's dealing with l2cap socket
d2a946f6 Bluetooth: bnep: bnep_add_connection() should verify that it's dealing with l2cap socket
67862abd Merge branch 'android-msm-bullhead-3.10-oc' into android-msm-bullhead-3.10-oc-security-next
2a6401ae Merge branch 'android-msm-bullhead-3.10-nyc-mr2' into android-msm-bullhead-3.10-oc
0406b382 Merge branch 'android-msm-bullhead-3.10-nyc-mr2-security-next' into android-msm-bullhead-3.10-nyc-mr2
bb3c16f2 qcacld-2.0: Skip an IE if found more its max times in a frame
1ed090bc net: usb: rmnet_usb_ctrl:Make sure list_head operate atomically
5ba94b6f ASoC: msm: qdspv2: add mutex to prevent access same memory simultaneously
a50ca3ce qcacld-2.0: Update SIR_MAC_AUTH_CHALLENGE_LENGTH as per IEEE spec
d7285900 qcacld-2.0: Update limComputeCrc32 to pass uint16_t
adb96af5 qcacld-2.0: Add bound check before writing to channel list
a37be93b msm: mdss: hdmi: check up-bound of CEC frame size
0a893142 msm: camera2: cpp: Fix iommu_attach/detach compat_ioctl issue
0d0fdf2b qcacld-2.0: Add check for set_ft_ies buffer length
d9b19534 UPSTREAM: brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx()
8f5bc497 SoC: msm: audio-effects: return directly to avoid integer overflow
d78717de msm: kgsl: Protect the event->handle with spinlock
757f0b6b diag: Add proper synchronization checks to msg mask table
120d28ba qcacld-2.0: Remove code related to mmap functionality for pktlog
e1e0e57c BACKPORT: perf/core: Fix concurrent sys_perf_event_open() vs. 'move_group' race
a30bdf22 cfg80211: Define nla_policy for NL80211_ATTR_LOCAL_MESH_POWER_MODE
98f7c17d cfg80211: Check if PMKID attribute is of expected size
baebf455 msm: sensor: Fix crash when ioctl VIDIOC_MSM_SENSOR_INIT_CFG
fb88a914 msm: camera: Bound check for num_of_stream.
3ee7145e ALSA: pcm: prevent UAF in snd_pcm_info
47166c8e ANDROID: input: keychord: fix race condition bug
aca1f2ce BACKPORT: FROMLIST: pids: make task_tgid_nr_ns() safe
52557696 Merge branch 'android-msm-bullhead-3.10-oc' into android-msm-bullhead-3.10-oc-security-next
42e7fb17 Merge branch 'android-msm-bullhead-3.10-nyc-mr2' into android-msm-bullhead-3.10-nyc-mr2-security-next
a51b1600 Merge branch 'android-msm-bullhead-3.10-nyc-mr2' into android-msm-bullhead-3.10-oc
81f6559d Merge branch 'android-msm-bullhead-3.10-nyc-mr2-security-next' into android-msm-bullhead-3.10-nyc-mr2
856abd9a qcacld-2.0: Add an attribute to represent PNO/EPNO Request ID
a1589871 Merge branch 'android-msm-bullhead-3.10-nyc-mr2' into android-msm-bullhead-3.10-oc
bc13965d Merge branch 'android-msm-bullhead-3.10-nyc-mr2-security-next' into android-msm-bullhead-3.10-nyc-mr2
49eec96a qcacld-2.0: Avoid buffer overread when parsing PNO commands
a77634f8 Merge branch 'android-msm-bullhead-3.10-nyc-mr2' into android-msm-bullhead-3.10-oc
11d1008c Merge branch 'android-msm-bullhead-3.10-nyc-mr2-security-next' into android-msm-bullhead-3.10-nyc-mr2
c46874c8 msm: mdss: Buffer overflow while processing gamut table data
ed6814c1 qcacld-2.0: Avoid extscan bucket spec overread
42a28a93 qcacld-2.0: Validate vendor set roaming params command
68898d36 qcacld-2.0: Add get valid channels entry to NLA policy
5204ea3c qcacld-2.0: Avoid buffer overread when parsing PNO commands
6a165676 qcacld-2.0: Fix kernel memory corruption
d8669a00 msm: mdss: Increase fbmem buf ref count before use
8bb2e7a1 crypto: msm: Fix several race condition issues in crypto drivers
4d602a2d ASoC: msm: qdsp6v2: add size check to fix out of bounds issue
c18c5935 qcacld-2.0: Properly validate QCA_WLAN_VENDOR_ATTR_NDP_IFACE_STR
7dff4291 qcacld-2.0: Avoid overread when configuring MAC addresses
6d19d7d4 qcacld-2.0: Validate vendor command do_acs
9f5af495 qcacld-2.0: Apply policy to fine time measurement
0d355164 compat_qcedev: Fix accessing userspace memory in kernel space
181940e5 msm: camera: sensor:validating the flash initialization parameters
3fabdcba qcacld-2.0: Check target address boundary before access
4d723395 qcacld-2.0: Restrict max/min pktlog buffer size using pktlogconf tool
b4990c46 UPSTREAM: sctp: do not inherit ipv6_{mc|ac|fl}_list from parent
9e08c4d3 qcacld-2.0: Fix Uninitialized memory issue
e77c27b2 Revert "Revert "msm: sps: Fix race condition in SPS debugfs APIs""
822958b5 qcacld-2.0: Drop assoc request if RSNIE/WPAIE parsing fail
3f786450 Merge branch 'android-msm-bullhead-3.10-oc' into android-msm-bullhead-3.10-oc-security-next
34a16271 Merge branch 'android-msm-bullhead-3.10-nyc-mr2' into android-msm-bullhead-3.10-nyc-mr2-security-next
Linux version 3.10.73-g476e010d8028 (android-
build@wprf8.hot.corp.google.com) (gcc version 4.9.x-google
20140827 (prerelease) (GCC) ) #1 SMP PREEMPT Fri Oct 13 03:22:04
UTC 2017
Bug: 31495866
Bug: 33982955
Bug: 34170483
Bug: 34276203
Bug: 34329758
Bug: 34624167
Bug: 35138888
Bug: 36006779
Bug: 36006981
Bug: 36232584
Bug: 36492827
Bug: 36730104
Bug: 36815952
Bug: 36816726
Bug: 36817053
Bug: 36817548
Bug: 36818836
Bug: 36819059
Bug: 36895857
Bug: 37093119
Bug: 37240993
Bug: 37284397
Bug: 37429972
Bug: 37623773
Bug: 37687303
Bug: 37713609
Bug: 37720349
Bug: 37721426
Bug: 37893116
Bug: 37901413
Bug: 37949660
Bug: 62058746
Bug: 62084791
Bug: 62085265
Bug: 62201221
Bug: 62298712
Bug: 62378232
Bug: 62378962
Bug: 62456806
Bug: 62674846
Bug: 62827928
Bug: 62949902
Bug: 62952032
Bug: 63100473
Bug: 63173580
Bug: 63522505
Bug: 63689921
Bug: 63868020
Bug: 63868629
Bug: 63868933
Bug: 64258073
Bug: 64431967
Bug: 64431968
Bug: 64433362
Bug: 64438726
Bug: 64438727
Bug: 64438728
Bug: 64440043
Bug: 64441352
Bug: 64453105
Bug: 64453422
Bug: 64453423
Bug: 64693798
Bug: 64728950
Bug: 64728953
Bug: 65023233
Bug: 65468973
Bug: 65468975
Bug: 65468986
Bug: 65468993
Bug: 65558923
Bug: 67749279
Change-Id: I08f40b2064a410fbce4f7fadbe6a0a26e8bdde48
Source-Branch: android-msm-bullhead-3.10-oc
Signed-off-by: Steve Pfetsch <spfetsch@google.com>
|
|
am: a83911bfb6
Change-Id: I4c125a1b1802dccc012ab6e3e6d2b0e3894fa114
|
|
3df8baee android: binder: Move buffer out of area shared with user space
c656a30c android: binder: Refactor prev and next buffer into a helper function
3c31c7b7 binder: always allocate/map first BINDER_MIN_ALLOC pages
9eb5d047 BACKPORT: staging: android: fix missing a blank line after declarations
bf6a113e UPSTREAM: Staging: Android: removed an unnecessary else statement
f4a1eae2 UPSTREAM: include/linux/mm.h: add PAGE_ALIGNED() helper
Linux version 3.10.73-g3df8baeedccb (android-
build@wpix8.hot.corp.google.com) (gcc version 4.9.x-google
20140827 (prerelease) (GCC) ) #1 SMP PREEMPT Wed Sep 20 19:12:30
UTC 2017
Bug: 36007193
Bug: 36727951
Change-Id: Iff3c8b9c379f3343f425d1f3b54d396bb7e8507d
Source-Branch: android-msm-bullhead-3.10
Signed-off-by: John Dias <joaodias@google.com>
|
|
am: 25d95c6dbb
Change-Id: Ib43ba37b4da33beb8c27fedeaa9a80200e5d47d1
|
|
935bb5c2 Merge branch 'android-msm-bullhead-3.10-oc' into android-msm-bullhead-3.10
2a6401ae Merge branch 'android-msm-bullhead-3.10-nyc-mr2' into android-msm-bullhead-3.10-oc
0406b382 Merge branch 'android-msm-bullhead-3.10-nyc-mr2-security-next' into android-msm-bullhead-3.10-nyc-mr2
8fb26b62 BACKPORT: ANDROID: Use sk_uid to replace uid get from socket file
bb3c16f2 qcacld-2.0: Skip an IE if found more its max times in a frame
1ed090bc net: usb: rmnet_usb_ctrl:Make sure list_head operate atomically
5ba94b6f ASoC: msm: qdspv2: add mutex to prevent access same memory simultaneously
a50ca3ce qcacld-2.0: Update SIR_MAC_AUTH_CHALLENGE_LENGTH as per IEEE spec
d7285900 qcacld-2.0: Update limComputeCrc32 to pass uint16_t
adb96af5 qcacld-2.0: Add bound check before writing to channel list
a37be93b msm: mdss: hdmi: check up-bound of CEC frame size
0a893142 msm: camera2: cpp: Fix iommu_attach/detach compat_ioctl issue
0d0fdf2b qcacld-2.0: Add check for set_ft_ies buffer length
d9b19534 UPSTREAM: brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx()
8f5bc497 SoC: msm: audio-effects: return directly to avoid integer overflow
d78717de msm: kgsl: Protect the event->handle with spinlock
757f0b6b diag: Add proper synchronization checks to msg mask table
120d28ba qcacld-2.0: Remove code related to mmap functionality for pktlog
e1e0e57c BACKPORT: perf/core: Fix concurrent sys_perf_event_open() vs. 'move_group' race
a30bdf22 cfg80211: Define nla_policy for NL80211_ATTR_LOCAL_MESH_POWER_MODE
98f7c17d cfg80211: Check if PMKID attribute is of expected size
baebf455 msm: sensor: Fix crash when ioctl VIDIOC_MSM_SENSOR_INIT_CFG
fb88a914 msm: camera: Bound check for num_of_stream.
3ee7145e ALSA: pcm: prevent UAF in snd_pcm_info
47166c8e ANDROID: input: keychord: fix race condition bug
c674dd6a ANDROID: Sdcardfs: Move gid derivation under flag
851220a0 ANDROID: mnt: Fix freeing of mount data
88741ba4 firmware_class: Tie exporting caching routines with CONFIG_CACHE_FW
f50dbabc BACKPORT: arm64: cpuinfo: Missing NULL terminator in compat_hwcap_str
aca1f2ce BACKPORT: FROMLIST: pids: make task_tgid_nr_ns() safe
42e7fb17 Merge branch 'android-msm-bullhead-3.10-nyc-mr2' into android-msm-bullhead-3.10-nyc-mr2-security-next
Linux version 3.10.73-g935bb5c2ec09 (android-
build@xpce3.ams.corp.google.com) (gcc version 4.9.x-google
20140827 (prerelease) (GCC) ) #1 SMP PREEMPT Tue Sep 12 19:28:56
UTC 2017
Bug: 31495866
Bug: 36006779
Bug: 36006981
Bug: 36232584
Bug: 36492827
Bug: 36818836
Bug: 36819059
Bug: 37430238
Bug: 37524657
Bug: 37901413
Bug: 38289596
Bug: 62084791
Bug: 62378962
Bug: 62949902
Bug: 62952032
Bug: 63245673
Bug: 64258073
Bug: 64431968
Bug: 64433362
Bug: 64438726
Bug: 64438727
Bug: 64438728
Bug: 64440043
Bug: 64441352
Bug: 64453535
Bug: 65386954
Bug: 65558923
Change-Id: I6229fda963f219f18a7aac8f51ac2f6b794f8420
Source-Branch: android-msm-bullhead-3.10
Signed-off-by: Andrew Lehmer <alehmer@google.com>
|
|
am: b5d01f3df2
Change-Id: Ie6213ef0c8b9d5588cc51cc0e6746f1d2da3db7d
|
|
5b0f1e32 firmware_class: make firmware caching configurable
6d6fb96d UPSTREAM: USB: iowarrior: fix oops with malicious USB descriptors
6159e7b9 UPSTREAM: USB: usb_driver_claim_interface: add sanity checking
7baaf8aa UPSTREAM: USB: mct_u232: add sanity checking in probe
4485e674 UPSTREAM: USB: cypress_m8: add endpoint sanity check
76e45df2 UPSTREAM: Input: powermate - fix oops with malicious USB descriptors
462b1596 BACKPORT: dm bufio: don't take the lock in dm_bufio_shrink_count
55d20f1e BACKPORT: dm bufio: avoid sleeping while holding the dm_bufio lock
Linux version 3.10.73-g5b0f1e32d65 (android-
build@vpba2.mtv.corp.google.com) (gcc version 4.9.x-google
20140827 (prerelease) (GCC) ) #1 SMP PREEMPT Wed Sep 6 14:59:11
UTC 2017
Bug: 28242610
Bug: 38289596
Bug: 64122284
Change-Id: I609dee39e61021f0353e044236e1493509db4931
Source-Branch: android-msm-bullhead-3.10
Signed-off-by: Ajay Dudani <adudani@google.com>
|
|
am: 632ebaf48b
Change-Id: I711962d01d3c02d125cf02f81296f86fb0a214f6
|
|
am: 1eb8ae1509 am: 3eecbd1387
am: 29df3b0b66
Change-Id: Ibac1dd42cd751495eef0bc6e09c1891668923acc
|
|
am: 1eb8ae1509 am: 3eecbd1387
am: dbaec4f08f
Change-Id: Ief1ecf6a58c3432ce80a59d6ab69e086e958cc2c
|
|
193c69e1 ANDROID: xt_qtaguid: Use sk_callback_lock read locks before reading sk->sk_socket
b6043582 msm: kgsl: Add a trace event for the GPU clock
0401fc82 Merge branch 'android-msm-bullhead-3.10-oc' into android-msm-bullhead-3.10
a51b1600 Merge branch 'android-msm-bullhead-3.10-nyc-mr2' into android-msm-bullhead-3.10-oc
81f6559d Merge branch 'android-msm-bullhead-3.10-nyc-mr2-security-next' into android-msm-bullhead-3.10-nyc-mr2
856abd9a qcacld-2.0: Add an attribute to represent PNO/EPNO Request ID
ac59c6dc Merge branch 'android-msm-bullhead-3.10-oc' into android-msm-bullhead-3.10
a1589871 Merge branch 'android-msm-bullhead-3.10-nyc-mr2' into android-msm-bullhead-3.10-oc
bc13965d Merge branch 'android-msm-bullhead-3.10-nyc-mr2-security-next' into android-msm-bullhead-3.10-nyc-mr2
49eec96a qcacld-2.0: Avoid buffer overread when parsing PNO commands
31ed5c40 Merge branch 'android-msm-bullhead-3.10-oc' into android-msm-bullhead-3.10
a77634f8 Merge branch 'android-msm-bullhead-3.10-nyc-mr2' into android-msm-bullhead-3.10-oc
11d1008c Merge branch 'android-msm-bullhead-3.10-nyc-mr2-security-next' into android-msm-bullhead-3.10-nyc-mr2
c46874c8 msm: mdss: Buffer overflow while processing gamut table data
ed6814c1 qcacld-2.0: Avoid extscan bucket spec overread
42a28a93 qcacld-2.0: Validate vendor set roaming params command
68898d36 qcacld-2.0: Add get valid channels entry to NLA policy
5204ea3c qcacld-2.0: Avoid buffer overread when parsing PNO commands
6a165676 qcacld-2.0: Fix kernel memory corruption
d8669a00 msm: mdss: Increase fbmem buf ref count before use
8bb2e7a1 crypto: msm: Fix several race condition issues in crypto drivers
4d602a2d ASoC: msm: qdsp6v2: add size check to fix out of bounds issue
c18c5935 qcacld-2.0: Properly validate QCA_WLAN_VENDOR_ATTR_NDP_IFACE_STR
7dff4291 qcacld-2.0: Avoid overread when configuring MAC addresses
6d19d7d4 qcacld-2.0: Validate vendor command do_acs
9f5af495 qcacld-2.0: Apply policy to fine time measurement
0d355164 compat_qcedev: Fix accessing userspace memory in kernel space
181940e5 msm: camera: sensor:validating the flash initialization parameters
3fabdcba qcacld-2.0: Check target address boundary before access
4d723395 qcacld-2.0: Restrict max/min pktlog buffer size using pktlogconf tool
b4990c46 UPSTREAM: sctp: do not inherit ipv6_{mc|ac|fl}_list from parent
9e08c4d3 qcacld-2.0: Fix Uninitialized memory issue
e77c27b2 Revert "Revert "msm: sps: Fix race condition in SPS debugfs APIs""
822958b5 qcacld-2.0: Drop assoc request if RSNIE/WPAIE parsing fail
7e4eab44 UPSTREAM: arm64: perf: Fix callchain parse error with kernel tracepoint events
ad65c488 UPSTREAM: ARM: 8170/1: Add global named register current_stack_pointer for ARM
388212ef UPSTREAM: arm64: LLVMLinux: Add current_stack_pointer() for arm64
3c622aca UPSTREAM: arm: perf: Fix callchain parse error with kernel tracepoint events
34a16271 Merge branch 'android-msm-bullhead-3.10-nyc-mr2' into android-msm-bullhead-3.10-nyc-mr2-security-next
d5e5d516 ANDROID: lib: vsprintf: Add "%paP" option
Linux version 3.10.73-g193c69e1c2fe (android-
build@vpee10.mtv.corp.google.com) (gcc version 4.9.x-google
20140827 (prerelease) (GCC) ) #1 SMP PREEMPT Thu Aug 24 21:07:40
UTC 2017
Bug: 29520177
Bug: 30368199
Bug: 34170483
Bug: 36730104
Bug: 36815952
Bug: 36816726
Bug: 36817053
Bug: 36817548
Bug: 36895857
Bug: 37093119
Bug: 37284397
Bug: 37623773
Bug: 37687303
Bug: 37713609
Bug: 37720349
Bug: 37721426
Bug: 37723342
Bug: 37893116
Bug: 37949660
Bug: 62058746
Bug: 62085265
Bug: 62298712
Bug: 62456806
Bug: 62789671
Bug: 62827928
Bug: 63173580
Bug: 63868020
Bug: 64693798
Change-Id: I19f40bb6cdc7e35228b32c48a2d6db3da94859ec
Source-Branch: android-msm-bullhead-3.10
Signed-off-by: Steve Pfetsch <spfetsch@google.com>
|
|
am: 1eb8ae1509
am: 3eecbd1387
Change-Id: I098433fbf1cec434948a5f7c18f646c1fa2fdbde
|
|
am: 1eb8ae1509
am: 3eecbd1387
Change-Id: I6bdc1fc343130e936704ad0e2b0b8dd75129570e
|
|
am: 1eb8ae1509
Change-Id: I835cb11b876af830c774649c442a549e4ccc56b0
|
|
am: 602f878e67 -s ours
Change-Id: I2480ad0da8f06986cea3ed2bbccd28c015e5a1ad
|
|
81f6559df5e9 Merge branch 'android-msm-bullhead-3.10-nyc-mr2-security-next' into android-msm-bullhead-3.10-nyc-mr2
856abd9ad16d qcacld-2.0: Add an attribute to represent PNO/EPNO Request ID
bc13965d8a13 Merge branch 'android-msm-bullhead-3.10-nyc-mr2-security-next' into android-msm-bullhead-3.10-nyc-mr2
49eec96af944 qcacld-2.0: Avoid buffer overread when parsing PNO commands
11d1008c3798 Merge branch 'android-msm-bullhead-3.10-nyc-mr2-security-next' into android-msm-bullhead-3.10-nyc-mr2
c46874c8be20 msm: mdss: Buffer overflow while processing gamut table data
ed6814c11abf qcacld-2.0: Avoid extscan bucket spec overread
42a28a93ef19 qcacld-2.0: Validate vendor set roaming params command
68898d364c0f qcacld-2.0: Add get valid channels entry to NLA policy
5204ea3cae1b qcacld-2.0: Avoid buffer overread when parsing PNO commands
6a16567622ff qcacld-2.0: Fix kernel memory corruption
d8669a00f68a msm: mdss: Increase fbmem buf ref count before use
8bb2e7a13a5a crypto: msm: Fix several race condition issues in crypto drivers
4d602a2d14c3 ASoC: msm: qdsp6v2: add size check to fix out of bounds issue
c18c5935d437 qcacld-2.0: Properly validate QCA_WLAN_VENDOR_ATTR_NDP_IFACE_STR
7dff4291c6ae qcacld-2.0: Avoid overread when configuring MAC addresses
6d19d7d4e0ff qcacld-2.0: Validate vendor command do_acs
9f5af4954a04 qcacld-2.0: Apply policy to fine time measurement
0d355164233a compat_qcedev: Fix accessing userspace memory in kernel space
181940e5a70d msm: camera: sensor:validating the flash initialization parameters
3fabdcba3a09 qcacld-2.0: Check target address boundary before access
4d7233954031 qcacld-2.0: Restrict max/min pktlog buffer size using pktlogconf tool
b4990c468229 UPSTREAM: sctp: do not inherit ipv6_{mc|ac|fl}_list from parent
9e08c4d35fc5 qcacld-2.0: Fix Uninitialized memory issue
e77c27b2b3ca Revert "Revert "msm: sps: Fix race condition in SPS debugfs APIs""
822958b55703 qcacld-2.0: Drop assoc request if RSNIE/WPAIE parsing fail
34a1627153f7 Merge branch 'android-msm-bullhead-3.10-nyc-mr2' into android-msm-bullhead-3.10-nyc-mr2-security-next
Linux version 3.10.73-g81f6559df5e (android-
build@vpee1.mtv.corp.google.com) (gcc version 4.9.x-google
20140827 (prerelease) (GCC) ) #1 SMP PREEMPT Thu Aug 17 22:04:34
UTC 2017
Bug: 34170483
Bug: 36730104
Bug: 36815952
Bug: 36816726
Bug: 36817053
Bug: 36817548
Bug: 36895857
Bug: 37093119
Bug: 37284397
Bug: 37623773
Bug: 37687303
Bug: 37713609
Bug: 37720349
Bug: 37721426
Bug: 37893116
Bug: 37949660
Bug: 62058746
Bug: 62085265
Bug: 62298712
Bug: 62456806
Bug: 62827928
Bug: 63868020
Bug: 64693798
Change-Id: I3ff50faa6f718ccb150bd634695cf49711fe7ed9
Source-Branch: android-msm-bullhead-3.10-nyc-mr2
Signed-off-by: Siqi Lin <siqilin@google.com>
|
|
am: 2886b27a16
Change-Id: I77fdbcf4086daad0c66813a8ea153c4bcd80799b
|
|
7c665d4f Revert "Revert "msm: sps: Fix race condition in SPS debugfs APIs""
f99fc6c8 Revert "Revert "dm ioctl: prevent stack leak in dm ioctl call""
6a67fb64 Revert "Revert "UPSTREAM: ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT""
8e2c2a71 Revert "Revert "BACKPORT: ALSA: timer: Fix race between read and ioctl""
e56ce2bc Revert "Revert "msm: sensor: Validationg function pointers before using them""
75635320 Revert "Revert "BACKPORT: crypto: msm: Fix buffer overflow issue""
a13b9c4a Revert "Revert "msm: camera: isp: Avoid information leak in ISPIF""
c374e728 Revert "Revert "msm: camera: validate num_streams in stream_cfg_cmd before using it""
66ca8c8e UPSTREAM: af_key: Fix sadb_x_ipsecrequest parsing
91ebeadf Merge branch 'android-msm-bullhead-3.10-oc' into android-msm-bullhead-3.10
1c037db2 ANDROID: sdcardfs: Remove unnecessary lock
5d870cd6 Make the VTI code compile.
Linux version 3.10.73-g7c665d4f611a (android-
build@wphr12.hot.corp.google.com) (gcc version 4.9.x-google
20140827 (prerelease) (GCC) ) #1 SMP PREEMPT Tue Jul 25 20:56:14
UTC 2017
Bug: 33548839
Bug: 35644370
Bug: 36232584
Bug: 37239119
Bug: 37438302
Bug: 38027632
Bug: 62201221
Bug: 63173580
Bug: 63785372
Bug: 63963140
Change-Id: I8865c60c5b7ad82e4cd31ac1413f8875da1c3da4
Source-Branch: android-msm-bullhead-3.10
Signed-off-by: Jonathan Solnit <jsolnit@google.com>
|
|
ae8a995f36 am: 68bcf3531d
am: c682a6d043
Change-Id: I137651cc589276c58506e968c09131d226453c7a
|
|
ae8a995f36
am: 68bcf3531d
Change-Id: Ided0530f675eea000a182f419d8df599225f0424
|
|
ours am: ae8a995f36 am: b6d9785668 am: 18361348c1" into oc-mr1-dev-plus-aosp
|
|
ae8a995f36 am: b6d9785668
am: 18361348c1
Change-Id: I3a81dc30f4c7bec9cb12eb922490d98435f3f99b
|
|
dbc7194ad2" into oc-dr1-dev-plus-aosp am: 5c2be3a320" into oc-mr1-dev-plus-aosp
|
|
ours am: ae8a995f36 am: b6d9785668 am: 873e44a58b" into oc-mr1-dev-plus-aosp
|
|
oc-dr1-dev-plus-aosp
am: 5c2be3a320
Change-Id: I5cd132823eb1c16d280f392c25affbc2577c7e8b
|
|
ae8a995f36 am: b6d9785668
am: 873e44a58b
Change-Id: Iea8859fffeb045a6e992a5f3ca74b3f3d4410464
|
|
96f78c8e56" into oc-mr1-dev-plus-aosp
|
|
am: 96f78c8e56
Change-Id: I27f3a402df48227a813cc64a777b0c3fe1d7f7e8
|
|
am: db2d918d9a
Change-Id: I529bdf0cd9989bcb06bab44f73f86f3412a55f95
|
|
ae8a995f36
am: b6d9785668
Change-Id: I209f179d085fda5617471523c1ad154d15b7d9a2
|
|
ae8a995f36
am: b6d9785668
Change-Id: I337b870e9658203c33a4667edc09efc8c0d9378b
|
|
am: ae8a995f36
Change-Id: Ib8f0cf60663f7c1c2c31327f130b739bc99fb59e
|
|
am: ae8a995f36
Change-Id: I88ef7c1b74e78d75c2aa4ae3f3b9d6af3cd41eda
|
|
oc-dr1-dev-plus-aosp
|
|
am: 744bfe3d01
Change-Id: I08a0d03f4b916048a010339bdf2a26556b600636
|
|
am: 744bfe3d01
Change-Id: I4de5638018b5b517d4b373ecb3417a3d77ab0a2c
|
|
am: dbc7194ad2
Change-Id: I69555bd2173a3b7466ce317f1ddf10fa9cd62618
|
|
am: b6708ca998 -s ours
Change-Id: Ib81ac459324c3980b51fc20f5b47f911788d09d9
|
|
am: 0ea1552cb8
Change-Id: I6147294a6c93bf0af76375e35923b976eb9fcf61
|
|
am: 0ea1552cb8
Change-Id: Ia3899e31749b038bab977286707dc3176ea31995
|
|
24ddad04 Merge branch 'android-msm-bullhead-3.10-nyc-mr2-security-next' into android-msm-bullhead-3.10-nyc-mr2
7d856b6c Revert "UPSTREAM: ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT"
e44d5aa7 Revert "BACKPORT: ALSA: timer: Fix race between read and ioctl"
e07d78c3 Revert "msm: sensor: Validationg function pointers before using them"
1023d214 Revert "BACKPORT: crypto: msm: Fix buffer overflow issue"
d3968cec Revert "msm: camera: isp: Avoid information leak in ISPIF"
4b1c1817 Revert "msm: camera: validate num_streams in stream_cfg_cmd before using it"
375bc72c Revert "dm ioctl: prevent stack leak in dm ioctl call"
34347426 Revert "msm: sps: Fix race condition in SPS debugfs APIs"
563799c3 Merge branch 'android-msm-bullhead-3.10-nyc-mr2-security-next' into android-msm-bullhead-3.10-nyc-mr2
6fb7c5fa msm: sensor: Validationg function pointers before using them
ccab1068 UPSTREAM: mm: fix new crash in unmapped_area_topdown()
b62291ed ASoC: msm: remove unused msm-compr-q6-v2
115a8814 msm: camera: Allow driver file to be opend only once.
c3907635 soc: qcom: msm_bus: add mutex lock for cllist data
6b58aa8f BACKPORT: ipv6/dccp: do not inherit ipv6_mc_list from parent
31aaef07 UPSTREAM: ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT
ceb09959 BACKPORT: ALSA: timer: Fix race between read and ioctl
c4fbca81 BACKPORT: ext4: fix data exposure after a crash
e8746255 BACKPORT: dccp/tcp: do not inherit mc_list from parent
067e855b msm: camera: isp: Handle array out of bounds
3905b093 UPSTREAM: tcp: avoid infinite loop in tcp_splice_read()
03d4c02c UPSTREAM: packet: fix races in fanout_add()
4c000367 BACKPORT: ip6_gre: fix ip6gre_err() invalid reads
443ed3de UPSTREAM: mm/mempolicy.c: fix error handling in set_mempolicy and mbind.
f51a152a msm: ipa: fix security issues in ipa wan driver
9349ead0 msm: camera: isp: Avoid information leak in ISPIF
4d526dae BACKPORT: crypto: msm: Fix buffer overflow issue
83c470dc msm: camera: validate num_streams in stream_cfg_cmd before using it
af787fde msm: camera: fix off-by-one overflow in msm_isp_get_bufq
47b3a105 Prevent potential double frees in sg driver
1d5b6ba1 dm ioctl: prevent stack leak in dm ioctl call
3968c7d5 msm: camera: Fix Use after free bug in msm_vb2.c.
eee8b2ca msm: camera: Use mutex lock to avoid race condition
19d23397 msm: sps: Fix race condition in SPS debugfs APIs
fae242db msm: pcie: add bounds check for debugfs register write
3a42f1b7 msm: camera: isp: fix for out of bound access array
5935a691 wcnss: fix the potential memory leak and heap overflow
25cd7841 BACKPORT: mm: larger stack guard gap, between vmas
56e2621b mm: Fix incorrect type conversion for size during dma allocation
9ffb3cdd ASoC: msm: qdsp6v2: extend validation of virtual address
825eeb85 qcacld-2.0: Avoid concurrent matrix max param overread
d5d2c9ba qcacld-2.0: Fix out of bound read issue in get link properties
6a1d4a43 msm: camera: fix untrusted pointer for power down setting
c74dbab5 msm:camera: correct stats query out of boundary
33191e11 Merge android-msm-bullhead-3.10-nyc-mr2 into android-msm-bullhead-3.10-nyc-mr2-security-next
Linux version 3.10.73-g24ddad0417f6 (android-
build@wphs5.hot.corp.google.com) (gcc version 4.9.x-google
20140827 (prerelease) (GCC) ) #1 SMP PREEMPT Mon Jul 24 16:41:55
UTC 2017
Bug: 33039685
Bug: 33548839
Bug: 34329758
Bug: 35099636
Bug: 35644370
Bug: 35644812
Bug: 36136563
Bug: 36232584
Bug: 36264696
Bug: 36490777
Bug: 36492827
Bug: 36815555
Bug: 37239119
Bug: 37438302
Bug: 37712167
Bug: 37751399
Bug: 37871211
Bug: 37897645
Bug: 37901268
Bug: 38027632
Bug: 38195131
Bug: 38195738
Bug: 38196031
Bug: 38413813
Bug: 38413975
Bug: 62198330
Bug: 62201221
Bug: 62299478
Bug: 62377236
Bug: 62378596
Bug: 62378684
Bug: 62379475
Bug: 62379525
Bug: 63173580
Change-Id: Icb4346bf9492fb143aeb8fc45a65644f5f43263b
Source-Branch: android-msm-bullhead-3.10-nyc-mr2
Signed-off-by: Jonathan Solnit <jsolnit@google.com>
|
|
f712c050 Merge branch 'android-msm-bullhead-3.10-nyc-mr2' into android-msm-bullhead-3.10-oc
24ddad04 Merge branch 'android-msm-bullhead-3.10-nyc-mr2-security-next' into android-msm-bullhead-3.10-nyc-mr2
7d856b6c Revert "UPSTREAM: ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT"
e44d5aa7 Revert "BACKPORT: ALSA: timer: Fix race between read and ioctl"
e07d78c3 Revert "msm: sensor: Validationg function pointers before using them"
1023d214 Revert "BACKPORT: crypto: msm: Fix buffer overflow issue"
d3968cec Revert "msm: camera: isp: Avoid information leak in ISPIF"
4b1c1817 Revert "msm: camera: validate num_streams in stream_cfg_cmd before using it"
375bc72c Revert "dm ioctl: prevent stack leak in dm ioctl call"
34347426 Revert "msm: sps: Fix race condition in SPS debugfs APIs"
78ce025a Merge branch 'android-msm-bullhead-3.10-nyc-mr2' into android-msm-bullhead-3.10-oc
563799c3 Merge branch 'android-msm-bullhead-3.10-nyc-mr2-security-next' into android-msm-bullhead-3.10-nyc-mr2
6fb7c5fa msm: sensor: Validationg function pointers before using them
ccab1068 UPSTREAM: mm: fix new crash in unmapped_area_topdown()
b62291ed ASoC: msm: remove unused msm-compr-q6-v2
115a8814 msm: camera: Allow driver file to be opend only once.
c3907635 soc: qcom: msm_bus: add mutex lock for cllist data
6b58aa8f BACKPORT: ipv6/dccp: do not inherit ipv6_mc_list from parent
31aaef07 UPSTREAM: ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT
ceb09959 BACKPORT: ALSA: timer: Fix race between read and ioctl
c4fbca81 BACKPORT: ext4: fix data exposure after a crash
e8746255 BACKPORT: dccp/tcp: do not inherit mc_list from parent
067e855b msm: camera: isp: Handle array out of bounds
3905b093 UPSTREAM: tcp: avoid infinite loop in tcp_splice_read()
03d4c02c UPSTREAM: packet: fix races in fanout_add()
4c000367 BACKPORT: ip6_gre: fix ip6gre_err() invalid reads
443ed3de UPSTREAM: mm/mempolicy.c: fix error handling in set_mempolicy and mbind.
f51a152a msm: ipa: fix security issues in ipa wan driver
9349ead0 msm: camera: isp: Avoid information leak in ISPIF
4d526dae BACKPORT: crypto: msm: Fix buffer overflow issue
83c470dc msm: camera: validate num_streams in stream_cfg_cmd before using it
af787fde msm: camera: fix off-by-one overflow in msm_isp_get_bufq
47b3a105 Prevent potential double frees in sg driver
1d5b6ba1 dm ioctl: prevent stack leak in dm ioctl call
3968c7d5 msm: camera: Fix Use after free bug in msm_vb2.c.
eee8b2ca msm: camera: Use mutex lock to avoid race condition
19d23397 msm: sps: Fix race condition in SPS debugfs APIs
fae242db msm: pcie: add bounds check for debugfs register write
3a42f1b7 msm: camera: isp: fix for out of bound access array
5935a691 wcnss: fix the potential memory leak and heap overflow
25cd7841 BACKPORT: mm: larger stack guard gap, between vmas
56e2621b mm: Fix incorrect type conversion for size during dma allocation
9ffb3cdd ASoC: msm: qdsp6v2: extend validation of virtual address
825eeb85 qcacld-2.0: Avoid concurrent matrix max param overread
d5d2c9ba qcacld-2.0: Fix out of bound read issue in get link properties
6a1d4a43 msm: camera: fix untrusted pointer for power down setting
c74dbab5 msm:camera: correct stats query out of boundary
33191e11 Merge android-msm-bullhead-3.10-nyc-mr2 into android-msm-bullhead-3.10-nyc-mr2-security-next
Linux version 3.10.73-gf712c0503a8 (android-
build@wphs7.hot.corp.google.com) (gcc version 4.9.x-google
20140827 (prerelease) (GCC) ) #1 SMP PREEMPT Mon Jul 24 16:41:25
UTC 2017
Bug: 33039685
Bug: 33548839
Bug: 34329758
Bug: 35099636
Bug: 35644370
Bug: 35644812
Bug: 36136563
Bug: 36232584
Bug: 36264696
Bug: 36490777
Bug: 36492827
Bug: 36815555
Bug: 37239119
Bug: 37438302
Bug: 37712167
Bug: 37751399
Bug: 37871211
Bug: 37897645
Bug: 37901268
Bug: 38027632
Bug: 38195131
Bug: 38195738
Bug: 38196031
Bug: 38413813
Bug: 38413975
Bug: 62198330
Bug: 62201221
Bug: 62299478
Bug: 62377236
Bug: 62378596
Bug: 62378684
Bug: 62379475
Bug: 62379525
Bug: 63173580
Change-Id: I5a750e54f06dda6401bac2e2e44cd8950a904b73
Source-Branch: android-msm-bullhead-3.10-oc
Signed-off-by: Jonathan Solnit <jsolnit@google.com>
|