From a6a1b2b1b4da4e7f6b587d5744e47871a31ded86 Mon Sep 17 00:00:00 2001
From: "Justin M. Forbes" <jforbes@fedoraproject.org>
Date: Wed, 23 Jan 2019 09:41:39 -0600
Subject: [PATCH] Linux v4.20.4

---
 CVE-2019-3701.patch         | 42 -------------------------------------
 kernel-aarch64-debug.config |  1 +
 kernel-aarch64.config       |  1 +
 kernel.spec                 |  8 +++----
 sources                     |  2 +-
 5 files changed, 7 insertions(+), 47 deletions(-)
 delete mode 100644 CVE-2019-3701.patch

diff --git a/CVE-2019-3701.patch b/CVE-2019-3701.patch
deleted file mode 100644
index 06ee36a63..000000000
--- a/CVE-2019-3701.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-From linux-netdev  Thu Jan 03 12:26:34 2019
-From: Oliver Hartkopp <socketcan () hartkopp ! net>
-Date: Thu, 03 Jan 2019 12:26:34 +0000
-To: linux-netdev
-Subject: [PATCH] can: gw: ensure DLC boundaries after CAN frame modification
-Message-Id: <20190103122634.2530-1-socketcan () hartkopp ! net>
-X-MARC-Message: https://marc.info/?l=linux-netdev&m=154651842302479
-
-The CAN frame modification rules allow bitwise logical operations which can
-be also applied to the can_dlc field. Ensure the manipulation result to
-maintain the can_dlc boundaries so that the CAN drivers do not accidently
-write arbitrary content beyond the data registers in the CAN controllers
-I/O mem when processing can-gw manipulated outgoing frames. When passing these
-frames to user space this issue did not have any effect to the kernel or any
-leaked data as we always strictly copy sizeof(struct can_frame) bytes.
-
-Reported-by: Muyu Yu <ieatmuttonchuan@gmail.com>
-Reported-by: Marcus Meissner <meissner@suse.de>
-Tested-by: Muyu Yu <ieatmuttonchuan@gmail.com>
-Signed-off-by: Oliver Hartkopp <socketcan@hartkopp.net>
-Cc: linux-stable <stable@vger.kernel.org> # >= v3.2
----
- net/can/gw.c | 4 ++++
- 1 file changed, 4 insertions(+)
-
-diff --git a/net/can/gw.c b/net/can/gw.c
-index faa3da88a127..9000d9b8a133 100644
---- a/net/can/gw.c
-+++ b/net/can/gw.c
-@@ -418,6 +418,10 @@ static void can_can_gw_rcv(struct sk_buff *skb, void *data)
- 
- 	/* check for checksum updates when the CAN frame has been modified */
- 	if (modidx) {
-+		/* ensure DLC boundaries after the different mods */
-+		if (cf->can_dlc > 8)
-+			cf->can_dlc = 8;
-+
- 		if (gwj->mod.csumfunc.crc8)
- 			(*gwj->mod.csumfunc.crc8)(cf, &gwj->mod.csum.crc8);
- 
--- 
-2.19.2
diff --git a/kernel-aarch64-debug.config b/kernel-aarch64-debug.config
index 8d78f25a8..fa6dab204 100644
--- a/kernel-aarch64-debug.config
+++ b/kernel-aarch64-debug.config
@@ -24,6 +24,7 @@ CONFIG_8139TOO_8129=y
 CONFIG_8139TOO=m
 # CONFIG_8139TOO_PIO is not set
 # CONFIG_8139TOO_TUNE_TWISTER is not set
+CONFIG_88EU_AP_MODE=y
 CONFIG_9P_FSCACHE=y
 CONFIG_9P_FS=m
 CONFIG_9P_FS_POSIX_ACL=y
diff --git a/kernel-aarch64.config b/kernel-aarch64.config
index 1147a854d..08fbdda85 100644
--- a/kernel-aarch64.config
+++ b/kernel-aarch64.config
@@ -24,6 +24,7 @@ CONFIG_8139TOO_8129=y
 CONFIG_8139TOO=m
 # CONFIG_8139TOO_PIO is not set
 # CONFIG_8139TOO_TUNE_TWISTER is not set
+CONFIG_88EU_AP_MODE=y
 CONFIG_9P_FSCACHE=y
 CONFIG_9P_FS=m
 CONFIG_9P_FS_POSIX_ACL=y
diff --git a/kernel.spec b/kernel.spec
index bdd39ad86..324ce806b 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -54,7 +54,7 @@ Summary: The Linux kernel
 %if 0%{?released_kernel}
 
 # Do we have a -stable update to apply?
-%define stable_update 3
+%define stable_update 4
 # Set rpm version accordingly
 %if 0%{?stable_update}
 %define stablerev %{stable_update}
@@ -624,9 +624,6 @@ Patch504: iio-accel-kxcjk1013-Add-more-hardware-ids.patch
 # rhbz 1645070 patch queued upstream for merging into 4.21
 Patch505: asus-fx503-keyb.patch
 
-# CVE-2019-3701 rhbz 1663729 1663730
-Patch506: CVE-2019-3701.patch
-
 # CVE-2019-3459 and CVE-2019-3460 rhbz 1663176 1663179 1665925
 Patch507: CVE-2019-3459-and-CVE-2019-3460.patch
 
@@ -1901,6 +1898,9 @@ fi
 #
 #
 %changelog
+* Wed Jan 23 2019 Justin M. Forbes <jforbes@fedoraproject.org> - 4.20.4-200
+- Linux v4.20.4
+
 * Thu Jan 17 2019 Justin M. Forbes <jforbes@fedoraproject.org> - 4.20.3-200
 - Linux v4.20.3 rebase
 
diff --git a/sources b/sources
index d026061b9..18ce488a8 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
 SHA512 (linux-4.20.tar.xz) = e282399beea5da539701aed2bc131abd5bc74a970dcd344163e9d295106dfd700180e672ed546ae5e55bc6b9ac95efd5ca1de2039015c1b7a6fc9c01ea6583d4
-SHA512 (patch-4.20.3.xz) = 47178b8e3bfe4ba09cb82bb1ce8b0742e6749d4be3412fb57518918f7109e74eac1d3d8eb32a43e21b3837a14f37d5eefd8cab819defd10cc2db61fb0ceddeaf
+SHA512 (patch-4.20.4.xz) = 56d18c5946c73d062665e92cfe28cc8d1a18a00804d1ddf1e0a8e8d5be1b84342b09ead1ed968aca4898fe689dcbdb8dfd4862a5f179c69bda79f8c1a0fc645f