Update to 3.16.7-ckt6

Drop/refresh patches as necessary.
ABI changes still need to be resolved.

svn path=/dists/sid/linux/; revision=22412

debian/changelog

@@ -1,4 +1,132 @@
-linux (3.16.7-ckt4-4) UNRELEASED; urgency=medium
+linux (3.16.7-ckt6-1) UNRELEASED; urgency=medium
+
+  * New upstream stable update:
+    http://kernel.ubuntu.com/stable/ChangeLog-3.16.7-ckt5
+    - [x86] vdso: Use asm volatile in __getcpu
+    - SCSI: fix regression in scsi_send_eh_cmnd() (regression in 3.16)
+    - Btrfs: don't delay inode ref updates during log replay
+      (regression in 3.16.7)
+    - mm: propagate error from stack expansion even for guard page
+    - vfio-pci: Fix the check on pci device type in vfio_pci_probe()
+    - rpc: fix xdr_truncate_encode to handle buffer ending on page boundary
+      (regression in 3.16)
+    - [arm64] efi: add missing call to early_ioremap_reset()
+      (regression in 3.16)
+    - exit: fix race between wait_consider_task() and wait_task_zombie()
+      (regression in 3.15)
+    - mm: prevent endless growth of anon_vma hierarchy
+    - mm: protect set_page_dirty() from ongoing truncation
+    - mm, vmscan: prevent kswapd livelock due to pfmemalloc-throttled process
+      being killed
+    - sched/deadline: Fix migration of SCHED_DEADLINE tasks
+    - HID: roccat: potential out of bounds in pyra_sysfs_write_settings()
+    - mm: Don't count the stack guard page towards RLIMIT_STACK
+    - mm: fix corner case in anon_vma endless growing prevention
+    - [arm*][xen] introduce xen_arch_need_swiotlb
+    - fsnotify: next_i is freed during fsnotify_unmount_inodes.
+    - [armhf] ASoC: eukrea-tlv320: Fix of_node_put() call with uninitialized
+      object (regression in 3.15)
+    - HID: i2c-hid: Do not free buffers in i2c_hid_stop() (regression in 3.15)
+    - ALSA: fireworks: fix an endianness bug for transaction length
+      (regression in 3.16)
+    - [armhf] mtd: nand: omap: Fix NAND enumeration on 3430 LDP
+      (regression in 3.13)
+    - ocfs2: fix the wrong directory passed to ocfs2_lookup_ino_from_name()
+      when link file (regression in 3.14)
+    - [powerpc*] Fix bad NULL pointer check in udbg_uart_getc_poll()
+      (regression in 3.12)
+    - nilfs2: fix the nilfs_iget() vs. nilfs_new_inode() races
+    - [armhf] OMAP4: PM: Only do static dependency configuration in
+      omap4_init_static_deps (regression in 3.11)
+    - [armel,armhf] Revert "ARM: 7830/1: delay: don't bother reporting bogomips
+      in /proc/cpuinfo" (regression in 3.12)
+    - gre: fix the inner mac header in nbma tunnel xmit path
+      (regression in 3.16.7-ckt3)
+    - netlink: Always copy on mmap TX.
+    - netlink: Don't reorder loads/stores before marking mmap netlink frame as
+      available
+    - batman-adv: Unify fragment size calculation (regression in 3.13)
+    - batman-adv: avoid NULL dereferences and fix if check (regression in 3.13)
+    - net: Fix stacked vlan offload features computation
+    - net: Reset secmark when scrubbing packet
+    - xen-netback: fixing the propagation of the transmit shaper timeout
+      (regression in 3.16)
+    - team: avoid possible underflow of count_pending value for notify_peers
+      and mcast_rejoin (regression in 3.12)
+    - usb: gadget: gadgetfs: Free memory allocated by memdup_user()
+      (regression in 3.15)
+    - iwlwifi: mvm: fix Rx with both chains (regression in 3.16)
+    - LOCKD: Fix a race when initialising nlmsvc_timeout (regression in 3.11)
+    - NFSv4.1: Fix client id trunking on Linux
+    - vhost-scsi: Add missing virtio-scsi -> TCM attribute conversion
+    - xhci: Check if slot is already in default state before moving it there
+      (regression in 3.14)
+    - USB: console: fix uninitialised ldisc semaphore (regression in 3.12)
+    - USB: console: fix potential use after free
+    - [armhf] usb: dwc3: gadget: Fix TRB preparation during SG
+    - [x86] ftrace/jprobes: Fix conflict between jprobes and function graph
+      tracing
+    - clk: Don't try to use a struct clk* after it could have been freed
+    - [x86] drm/i915: Evict CS TLBs between batches
+    - [xen] Revert "swiotlb-xen: pass dev_addr to swiotlb_tbl_unmap_single"
+      (regression in 3.16.7-ckt4)
+    http://kernel.ubuntu.com/stable/ChangeLog-3.16.7-ckt6
+    - ipvs: uninitialized data with IP_VS_IPV6
+    - netfilter: nfnetlink: validate nfnetlink header from batch
+    - time: settimeofday: Validate the values of tv from user
+    - drm/radeon: fix VM flush on cayman/aruba (v3)
+    - drm/radeon: fix VM flush on SI (v3)
+    - drm/radeon: fix VM flush on CIK (v3)
+    - drm/radeon: add a dpm quirk list (regression around 3.14)
+    - can: dev: fix crtlmode_supported check
+    - can: kvaser_usb: Don't free packets when tight on URBs
+    - drm/radeon: use rv515_ring_start on r5xx (regression in 3.12)
+    - PCI: Mark Atheros AR93xx to avoid bus reset (regression in 3.14)
+    - [x86] PCI: Clip bridge windows to fit in upstream windows
+      (regression in 3.16)
+    - [armhf] mvebu: completely disable hardware I/O coherency
+    - cifs: fix deadlock in cifs_ioctl_clone()
+    - ipr: wait for aborted command responses
+    - libata: allow sata_sil24 to opt-out of tag ordered submission
+      (regression in 3.14.4, 3.15)
+    - [media] vb2: fix vb2_thread_stop race conditions
+    - [i386/586] apic: Re-enable PCI_MSI support for non-SMP X86_32
+      (regression in 3.12)
+    - dm cache: share cache-metadata object across inactive and active DM
+      tables
+    - dm cache: fix problematic dual use of a single migration count variable
+    - Input: evdev - fix EVIOCG{type} ioctl
+    - tty: Fix pty master poll() after slave closes v2 (regression in 3.12)
+    - [armhf] bus: omap_l3_noc: Add resume hook to restore context
+      (regression in 3.16)
+    - decompress_bunzip2: off by one in get_next_block()
+    - kbuild: Fix removal of the debian/ directory (regression in 3.16)
+    - mm: get rid of radix tree gfp mask for pagecache_get_page
+      (regression in 3.16)
+    - regulator: core: fix race condition in regulator_put()
+    - ASoC: simple-card: Fix crash in asoc_simple_card_unref()
+      (regression in 3.15)
+    - [ppc64el] xmon: Fix another endiannes issue in RTAS call from xmon
+    - nfs: fix dio deadlock when O_DIRECT flag is flipped
+    - mac80211: properly set CCK flag in radiotap (regression in 3.12)
+    - [x86] drm/i915: Only fence tiled region of object.
+    - can: kvaser_usb: Do not sleep in atomic context
+    - can: kvaser_usb: Send correct context to URB completion
+    - rbd: fix rbd_dev_parent_get() when parent_overlap == 0
+    - rbd: drop parent_ref in rbd_dev_unprobe() unconditionally
+    - dm cache: fix missing ERR_PTR returns and handling
+    - dm thin: don't allow messages to be sent to a pool target in READ_ONLY
+      or FAIL mode
+    - [armhf] mvebu: don't set the PL310 in I/O coherency mode when I/O
+      coherency is disabled
+    - vm: add VM_FAULT_SIGSEGV handling support
+    - vm: make stack guard page errors return VM_FAULT_SIGSEGV rather than
+      SIGBUS
+    - perf: Tighten (and fix) the grouping condition
+    - iwlwifi: mvm: drop non VO frames when flushing (regression in 3.16)
+    - memcg: remove extra newlines from memcg oom kill log (regression in 3.15)
+    - ipv4: try to cache dst_entries which would cause a redirect
+      (regression in 3.16)
 
   [ Ian Campbell ]
   * [armhf] Add DTB for Olimex A20-OLinuXino-LIME2. (Closes: #777455)

debian/patches/bugfix/all/Revert-swiotlb-xen-pass-dev_addr-to-swiotlb_tbl_unma.patch

@@ -1,35 +0,0 @@
-From c3d92e076c01e257d0cac339e1942f1217ba279b Mon Sep 17 00:00:00 2001
-From: David Vrabel <david.vrabel@citrix.com>
-Date: Wed, 10 Dec 2014 14:48:43 +0000
-Subject: [PATCH] Revert "swiotlb-xen: pass dev_addr to
- swiotlb_tbl_unmap_single"
-
-This reverts commit 2c3fc8d26dd09b9d7069687eead849ee81c78e46.
-
-This commit broke on x86 PV because entries in the generic SWIOTLB are
-indexed using (pseudo-)physical address not DMA address and these are
-not the same in a x86 PV guest.
-
-Signed-off-by: David Vrabel <david.vrabel@citrix.com>
-Reviewed-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
-(cherry picked from commit dbdd74763f1faf799fbb9ed30423182e92919378)
----
- drivers/xen/swiotlb-xen.c |    2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/drivers/xen/swiotlb-xen.c b/drivers/xen/swiotlb-xen.c
-index 5ea1e3c..810ad41 100644
---- a/drivers/xen/swiotlb-xen.c
-+++ b/drivers/xen/swiotlb-xen.c
-@@ -451,7 +451,7 @@ static void xen_unmap_single(struct device *hwdev, dma_addr_t dev_addr,
- 
- 	/* NOTE: We use dev_addr here, not paddr! */
- 	if (is_xen_swiotlb_buffer(dev_addr)) {
--		swiotlb_tbl_unmap_single(hwdev, dev_addr, size, dir);
-+		swiotlb_tbl_unmap_single(hwdev, paddr, size, dir);
- 		return;
- 	}
- 
--- 
-1.7.10.4
-

debian/patches/bugfix/all/crypto-add-missing-crypto-module-aliases.patch

@@ -1,223 +0,0 @@
-From: Mathias Krause <minipli@googlemail.com>
-Date: Sun, 11 Jan 2015 18:17:42 +0100
-Subject: crypto: add missing crypto module aliases
-Origin: https://git.kernel.org/linus/3e14dcf7cb80b34a1f38b55bc96f02d23fdaaaaf
-
-Commit 5d26a105b5a7 ("crypto: prefix module autoloading with "crypto-"")
-changed the automatic module loading when requesting crypto algorithms
-to prefix all module requests with "crypto-". This requires all crypto
-modules to have a crypto specific module alias even if their file name
-would otherwise match the requested crypto algorithm.
-
-Even though commit 5d26a105b5a7 added those aliases for a vast amount of
-modules, it was missing a few. Add the required MODULE_ALIAS_CRYPTO
-annotations to those files to make them get loaded automatically, again.
-This fixes, e.g., requesting 'ecb(blowfish-generic)', which used to work
-with kernels v3.18 and below.
-
-Also change MODULE_ALIAS() lines to MODULE_ALIAS_CRYPTO(). The former
-won't work for crypto modules any more.
-
-Fixes: 5d26a105b5a7 ("crypto: prefix module autoloading with "crypto-"")
-Cc: Kees Cook <keescook@chromium.org>
-Signed-off-by: Mathias Krause <minipli@googlemail.com>
-Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-[bwh: Backported to 3.16: drop changes to x86 sha1_mb which we don't have]
----
- arch/powerpc/crypto/sha1.c       | 1 +
- crypto/aes_generic.c             | 1 +
- crypto/ansi_cprng.c              | 1 +
- crypto/blowfish_generic.c        | 1 +
- crypto/camellia_generic.c        | 1 +
- crypto/cast5_generic.c           | 1 +
- crypto/cast6_generic.c           | 1 +
- crypto/crc32c_generic.c          | 1 +
- crypto/crct10dif_generic.c       | 1 +
- crypto/des_generic.c             | 7 ++++---
- crypto/ghash-generic.c           | 1 +
- crypto/krng.c                    | 1 +
- crypto/salsa20_generic.c         | 1 +
- crypto/serpent_generic.c         | 1 +
- crypto/sha1_generic.c            | 1 +
- crypto/sha256_generic.c          | 2 ++
- crypto/sha512_generic.c          | 2 ++
- crypto/tea.c                     | 1 +
- crypto/tgr192.c                  | 1 +
- crypto/twofish_generic.c         | 1 +
- crypto/wp512.c                   | 1 +
-
---- a/arch/powerpc/crypto/sha1.c
-+++ b/arch/powerpc/crypto/sha1.c
-@@ -154,4 +154,5 @@ module_exit(sha1_powerpc_mod_fini);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("SHA1 Secure Hash Algorithm");
- 
-+MODULE_ALIAS_CRYPTO("sha1");
- MODULE_ALIAS_CRYPTO("sha1-powerpc");
---- a/crypto/aes_generic.c
-+++ b/crypto/aes_generic.c
-@@ -1475,3 +1475,4 @@ module_exit(aes_fini);
- MODULE_DESCRIPTION("Rijndael (AES) Cipher Algorithm");
- MODULE_LICENSE("Dual BSD/GPL");
- MODULE_ALIAS_CRYPTO("aes");
-+MODULE_ALIAS_CRYPTO("aes-generic");
---- a/crypto/ansi_cprng.c
-+++ b/crypto/ansi_cprng.c
-@@ -477,3 +477,4 @@ MODULE_PARM_DESC(dbg, "Boolean to enable
- module_init(prng_mod_init);
- module_exit(prng_mod_fini);
- MODULE_ALIAS_CRYPTO("stdrng");
-+MODULE_ALIAS_CRYPTO("ansi_cprng");
---- a/crypto/blowfish_generic.c
-+++ b/crypto/blowfish_generic.c
-@@ -139,3 +139,4 @@ module_exit(blowfish_mod_fini);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("Blowfish Cipher Algorithm");
- MODULE_ALIAS_CRYPTO("blowfish");
-+MODULE_ALIAS_CRYPTO("blowfish-generic");
---- a/crypto/camellia_generic.c
-+++ b/crypto/camellia_generic.c
-@@ -1099,3 +1099,4 @@ module_exit(camellia_fini);
- MODULE_DESCRIPTION("Camellia Cipher Algorithm");
- MODULE_LICENSE("GPL");
- MODULE_ALIAS_CRYPTO("camellia");
-+MODULE_ALIAS_CRYPTO("camellia-generic");
---- a/crypto/cast5_generic.c
-+++ b/crypto/cast5_generic.c
-@@ -550,3 +550,4 @@ module_exit(cast5_mod_fini);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("Cast5 Cipher Algorithm");
- MODULE_ALIAS_CRYPTO("cast5");
-+MODULE_ALIAS_CRYPTO("cast5-generic");
---- a/crypto/cast6_generic.c
-+++ b/crypto/cast6_generic.c
-@@ -292,3 +292,4 @@ module_exit(cast6_mod_fini);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("Cast6 Cipher Algorithm");
- MODULE_ALIAS_CRYPTO("cast6");
-+MODULE_ALIAS_CRYPTO("cast6-generic");
---- a/crypto/crc32c_generic.c
-+++ b/crypto/crc32c_generic.c
-@@ -171,4 +171,5 @@ MODULE_AUTHOR("Clay Haapala <chaapala@ci
- MODULE_DESCRIPTION("CRC32c (Castagnoli) calculations wrapper for lib/crc32c");
- MODULE_LICENSE("GPL");
- MODULE_ALIAS_CRYPTO("crc32c");
-+MODULE_ALIAS_CRYPTO("crc32c-generic");
- MODULE_SOFTDEP("pre: crc32c");
---- a/crypto/crct10dif_generic.c
-+++ b/crypto/crct10dif_generic.c
-@@ -125,3 +125,4 @@ MODULE_AUTHOR("Tim Chen <tim.c.chen@linu
- MODULE_DESCRIPTION("T10 DIF CRC calculation.");
- MODULE_LICENSE("GPL");
- MODULE_ALIAS_CRYPTO("crct10dif");
-+MODULE_ALIAS_CRYPTO("crct10dif-generic");
---- a/crypto/des_generic.c
-+++ b/crypto/des_generic.c
-@@ -971,8 +971,6 @@ static struct crypto_alg des_algs[2] = {
- 	.cia_decrypt		=	des3_ede_decrypt } }
- } };
- 
--MODULE_ALIAS_CRYPTO("des3_ede");
--
- static int __init des_generic_mod_init(void)
- {
- 	return crypto_register_algs(des_algs, ARRAY_SIZE(des_algs));
-@@ -989,4 +987,7 @@ module_exit(des_generic_mod_fini);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("DES & Triple DES EDE Cipher Algorithms");
- MODULE_AUTHOR("Dag Arne Osvik <da@osvik.no>");
--MODULE_ALIAS("des");
-+MODULE_ALIAS_CRYPTO("des");
-+MODULE_ALIAS_CRYPTO("des-generic");
-+MODULE_ALIAS_CRYPTO("des3_ede");
-+MODULE_ALIAS_CRYPTO("des3_ede-generic");
---- a/crypto/ghash-generic.c
-+++ b/crypto/ghash-generic.c
-@@ -173,3 +173,4 @@ module_exit(ghash_mod_exit);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("GHASH Message Digest Algorithm");
- MODULE_ALIAS_CRYPTO("ghash");
-+MODULE_ALIAS_CRYPTO("ghash-generic");
---- a/crypto/krng.c
-+++ b/crypto/krng.c
-@@ -63,3 +63,4 @@ module_exit(krng_mod_fini);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("Kernel Random Number Generator");
- MODULE_ALIAS_CRYPTO("stdrng");
-+MODULE_ALIAS_CRYPTO("krng");
---- a/crypto/salsa20_generic.c
-+++ b/crypto/salsa20_generic.c
-@@ -249,3 +249,4 @@ module_exit(salsa20_generic_mod_fini);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION ("Salsa20 stream cipher algorithm");
- MODULE_ALIAS_CRYPTO("salsa20");
-+MODULE_ALIAS_CRYPTO("salsa20-generic");
---- a/crypto/serpent_generic.c
-+++ b/crypto/serpent_generic.c
-@@ -667,3 +667,4 @@ MODULE_DESCRIPTION("Serpent and tnepres
- MODULE_AUTHOR("Dag Arne Osvik <osvik@ii.uib.no>");
- MODULE_ALIAS_CRYPTO("tnepres");
- MODULE_ALIAS_CRYPTO("serpent");
-+MODULE_ALIAS_CRYPTO("serpent-generic");
---- a/crypto/sha1_generic.c
-+++ b/crypto/sha1_generic.c
-@@ -154,3 +154,4 @@ MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("SHA1 Secure Hash Algorithm");
- 
- MODULE_ALIAS_CRYPTO("sha1");
-+MODULE_ALIAS_CRYPTO("sha1-generic");
---- a/crypto/sha256_generic.c
-+++ b/crypto/sha256_generic.c
-@@ -385,4 +385,6 @@ MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("SHA-224 and SHA-256 Secure Hash Algorithm");
- 
- MODULE_ALIAS_CRYPTO("sha224");
-+MODULE_ALIAS_CRYPTO("sha224-generic");
- MODULE_ALIAS_CRYPTO("sha256");
-+MODULE_ALIAS_CRYPTO("sha256-generic");
---- a/crypto/sha512_generic.c
-+++ b/crypto/sha512_generic.c
-@@ -288,4 +288,6 @@ MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("SHA-512 and SHA-384 Secure Hash Algorithms");
- 
- MODULE_ALIAS_CRYPTO("sha384");
-+MODULE_ALIAS_CRYPTO("sha384-generic");
- MODULE_ALIAS_CRYPTO("sha512");
-+MODULE_ALIAS_CRYPTO("sha512-generic");
---- a/crypto/tea.c
-+++ b/crypto/tea.c
-@@ -270,6 +270,7 @@ static void __exit tea_mod_fini(void)
- 	crypto_unregister_algs(tea_algs, ARRAY_SIZE(tea_algs));
- }
- 
-+MODULE_ALIAS_CRYPTO("tea");
- MODULE_ALIAS_CRYPTO("xtea");
- MODULE_ALIAS_CRYPTO("xeta");
- 
---- a/crypto/tgr192.c
-+++ b/crypto/tgr192.c
-@@ -676,6 +676,7 @@ static void __exit tgr192_mod_fini(void)
- 	crypto_unregister_shashes(tgr_algs, ARRAY_SIZE(tgr_algs));
- }
- 
-+MODULE_ALIAS_CRYPTO("tgr192");
- MODULE_ALIAS_CRYPTO("tgr160");
- MODULE_ALIAS_CRYPTO("tgr128");
- 
---- a/crypto/twofish_generic.c
-+++ b/crypto/twofish_generic.c
-@@ -212,3 +212,4 @@ module_exit(twofish_mod_fini);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION ("Twofish Cipher Algorithm");
- MODULE_ALIAS_CRYPTO("twofish");
-+MODULE_ALIAS_CRYPTO("twofish-generic");
---- a/crypto/wp512.c
-+++ b/crypto/wp512.c
-@@ -1167,6 +1167,7 @@ static void __exit wp512_mod_fini(void)
- 	crypto_unregister_shashes(wp_algs, ARRAY_SIZE(wp_algs));
- }
- 
-+MODULE_ALIAS_CRYPTO("wp512");
- MODULE_ALIAS_CRYPTO("wp384");
- MODULE_ALIAS_CRYPTO("wp256");
- 

debian/patches/bugfix/all/crypto-include-crypto-module-prefix-in-template.patch

@@ -1,215 +0,0 @@
-From: Kees Cook <keescook@chromium.org>
-Date: Mon, 24 Nov 2014 16:32:38 -0800
-Subject: crypto: include crypto- module prefix in template
-Origin: https://git.kernel.org/linus/4943ba16bbc2db05115707b3ff7b4874e9e3c560
-
-This adds the module loading prefix "crypto-" to the template lookup
-as well.
-
-For example, attempting to load 'vfat(blowfish)' via AF_ALG now correctly
-includes the "crypto-" prefix at every level, correctly rejecting "vfat":
-
-	net-pf-38
-	algif-hash
-	crypto-vfat(blowfish)
-	crypto-vfat(blowfish)-all
-	crypto-vfat
-
-Reported-by: Mathias Krause <minipli@googlemail.com>
-Signed-off-by: Kees Cook <keescook@chromium.org>
-Acked-by: Mathias Krause <minipli@googlemail.com>
-Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-[bwh: Backported to 3.16: drop changes to mcryptd which we don't have]
----
- arch/x86/crypto/fpu.c | 3 +++
- crypto/algapi.c       | 4 ++--
- crypto/authenc.c      | 1 +
- crypto/authencesn.c   | 1 +
- crypto/cbc.c          | 1 +
- crypto/ccm.c          | 1 +
- crypto/chainiv.c      | 1 +
- crypto/cmac.c         | 1 +
- crypto/cryptd.c       | 1 +
- crypto/ctr.c          | 1 +
- crypto/cts.c          | 1 +
- crypto/ecb.c          | 1 +
- crypto/eseqiv.c       | 1 +
- crypto/gcm.c          | 1 +
- crypto/hmac.c         | 1 +
- crypto/lrw.c          | 1 +
- crypto/pcbc.c         | 1 +
- crypto/pcrypt.c       | 1 +
- crypto/seqiv.c        | 1 +
- crypto/vmac.c         | 1 +
- crypto/xcbc.c         | 1 +
- crypto/xts.c          | 1 +
-
---- a/arch/x86/crypto/fpu.c
-+++ b/arch/x86/crypto/fpu.c
-@@ -17,6 +17,7 @@
- #include <linux/kernel.h>
- #include <linux/module.h>
- #include <linux/slab.h>
-+#include <linux/crypto.h>
- #include <asm/i387.h>
- 
- struct crypto_fpu_ctx {
-@@ -159,3 +160,5 @@ void __exit crypto_fpu_exit(void)
- {
- 	crypto_unregister_template(&crypto_fpu_tmpl);
- }
-+
-+MODULE_ALIAS_CRYPTO("fpu");
---- a/crypto/algapi.c
-+++ b/crypto/algapi.c
-@@ -495,8 +495,8 @@ static struct crypto_template *__crypto_
- 
- struct crypto_template *crypto_lookup_template(const char *name)
- {
--	return try_then_request_module(__crypto_lookup_template(name), "%s",
--				       name);
-+	return try_then_request_module(__crypto_lookup_template(name),
-+				       "crypto-%s", name);
- }
- EXPORT_SYMBOL_GPL(crypto_lookup_template);
- 
---- a/crypto/authenc.c
-+++ b/crypto/authenc.c
-@@ -721,3 +721,4 @@ module_exit(crypto_authenc_module_exit);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("Simple AEAD wrapper for IPsec");
-+MODULE_ALIAS_CRYPTO("authenc");
---- a/crypto/authencesn.c
-+++ b/crypto/authencesn.c
-@@ -814,3 +814,4 @@ module_exit(crypto_authenc_esn_module_ex
- MODULE_LICENSE("GPL");
- MODULE_AUTHOR("Steffen Klassert <steffen.klassert@secunet.com>");
- MODULE_DESCRIPTION("AEAD wrapper for IPsec with extended sequence numbers");
-+MODULE_ALIAS_CRYPTO("authencesn");
---- a/crypto/cbc.c
-+++ b/crypto/cbc.c
-@@ -289,3 +289,4 @@ module_exit(crypto_cbc_module_exit);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("CBC block cipher algorithm");
-+MODULE_ALIAS_CRYPTO("cbc");
---- a/crypto/ccm.c
-+++ b/crypto/ccm.c
-@@ -881,3 +881,4 @@ MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("Counter with CBC MAC");
- MODULE_ALIAS_CRYPTO("ccm_base");
- MODULE_ALIAS_CRYPTO("rfc4309");
-+MODULE_ALIAS_CRYPTO("ccm");
---- a/crypto/chainiv.c
-+++ b/crypto/chainiv.c
-@@ -359,3 +359,4 @@ module_exit(chainiv_module_exit);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("Chain IV Generator");
-+MODULE_ALIAS_CRYPTO("chainiv");
---- a/crypto/cmac.c
-+++ b/crypto/cmac.c
-@@ -313,3 +313,4 @@ module_exit(crypto_cmac_module_exit);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("CMAC keyed hash algorithm");
-+MODULE_ALIAS_CRYPTO("cmac");
---- a/crypto/cryptd.c
-+++ b/crypto/cryptd.c
-@@ -955,3 +955,4 @@ module_exit(cryptd_exit);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("Software async crypto daemon");
-+MODULE_ALIAS_CRYPTO("cryptd");
---- a/crypto/ctr.c
-+++ b/crypto/ctr.c
-@@ -467,3 +467,4 @@ module_exit(crypto_ctr_module_exit);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("CTR Counter block mode");
- MODULE_ALIAS_CRYPTO("rfc3686");
-+MODULE_ALIAS_CRYPTO("ctr");
---- a/crypto/cts.c
-+++ b/crypto/cts.c
-@@ -350,3 +350,4 @@ module_exit(crypto_cts_module_exit);
- 
- MODULE_LICENSE("Dual BSD/GPL");
- MODULE_DESCRIPTION("CTS-CBC CipherText Stealing for CBC");
-+MODULE_ALIAS_CRYPTO("cts");
---- a/crypto/ecb.c
-+++ b/crypto/ecb.c
-@@ -185,3 +185,4 @@ module_exit(crypto_ecb_module_exit);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("ECB block cipher algorithm");
-+MODULE_ALIAS_CRYPTO("ecb");
---- a/crypto/eseqiv.c
-+++ b/crypto/eseqiv.c
-@@ -267,3 +267,4 @@ module_exit(eseqiv_module_exit);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("Encrypted Sequence Number IV Generator");
-+MODULE_ALIAS_CRYPTO("eseqiv");
---- a/crypto/gcm.c
-+++ b/crypto/gcm.c
-@@ -1444,3 +1444,4 @@ MODULE_AUTHOR("Mikko Herranen <mh1@iki.f
- MODULE_ALIAS_CRYPTO("gcm_base");
- MODULE_ALIAS_CRYPTO("rfc4106");
- MODULE_ALIAS_CRYPTO("rfc4543");
-+MODULE_ALIAS_CRYPTO("gcm");
---- a/crypto/hmac.c
-+++ b/crypto/hmac.c
-@@ -271,3 +271,4 @@ module_exit(hmac_module_exit);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("HMAC hash algorithm");
-+MODULE_ALIAS_CRYPTO("hmac");
---- a/crypto/lrw.c
-+++ b/crypto/lrw.c
-@@ -400,3 +400,4 @@ module_exit(crypto_module_exit);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("LRW block cipher mode");
-+MODULE_ALIAS_CRYPTO("lrw");
---- a/crypto/pcbc.c
-+++ b/crypto/pcbc.c
-@@ -295,3 +295,4 @@ module_exit(crypto_pcbc_module_exit);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("PCBC block cipher algorithm");
-+MODULE_ALIAS_CRYPTO("pcbc");
---- a/crypto/pcrypt.c
-+++ b/crypto/pcrypt.c
-@@ -565,3 +565,4 @@ module_exit(pcrypt_exit);
- MODULE_LICENSE("GPL");
- MODULE_AUTHOR("Steffen Klassert <steffen.klassert@secunet.com>");
- MODULE_DESCRIPTION("Parallel crypto wrapper");
-+MODULE_ALIAS_CRYPTO("pcrypt");
---- a/crypto/seqiv.c
-+++ b/crypto/seqiv.c
-@@ -362,3 +362,4 @@ module_exit(seqiv_module_exit);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("Sequence Number IV Generator");
-+MODULE_ALIAS_CRYPTO("seqiv");
---- a/crypto/vmac.c
-+++ b/crypto/vmac.c
-@@ -713,3 +713,4 @@ module_exit(vmac_module_exit);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("VMAC hash algorithm");
-+MODULE_ALIAS_CRYPTO("vmac");
---- a/crypto/xcbc.c
-+++ b/crypto/xcbc.c
-@@ -286,3 +286,4 @@ module_exit(crypto_xcbc_module_exit);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("XCBC keyed hash algorithm");
-+MODULE_ALIAS_CRYPTO("xcbc");
---- a/crypto/xts.c
-+++ b/crypto/xts.c
-@@ -362,3 +362,4 @@ module_exit(crypto_module_exit);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("XTS block cipher mode");
-+MODULE_ALIAS_CRYPTO("xts");

debian/patches/bugfix/all/crypto-prefix-module-autoloading-with-crypto.patch

@@ -1,995 +0,0 @@
-From: Kees Cook <keescook@chromium.org>
-Date: Thu, 20 Nov 2014 17:05:53 -0800
-Subject: crypto: prefix module autoloading with "crypto-"
-Origin: https://git.kernel.org/linus/5d26a105b5a73e5635eae0629b42fa0a90e07b7b
-
-This prefixes all crypto module loading with "crypto-" so we never run
-the risk of exposing module auto-loading to userspace via a crypto API,
-as demonstrated by Mathias Krause:
-
-https://lkml.org/lkml/2013/3/4/70
-
-Signed-off-by: Kees Cook <keescook@chromium.org>
-Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
-[bwh: Backported to 3.16: drop changes to drivers we don't have]
----
- arch/arm/crypto/aes_glue.c                  |  4 ++--
- arch/arm/crypto/sha1_glue.c                 |  2 +-
- arch/arm64/crypto/aes-ce-ccm-glue.c         |  2 +-
- arch/arm64/crypto/aes-glue.c                |  8 ++++----
- arch/powerpc/crypto/sha1.c                  |  2 +-
- arch/s390/crypto/aes_s390.c                 |  2 +-
- arch/s390/crypto/des_s390.c                 |  4 ++--
- arch/s390/crypto/ghash_s390.c               |  2 +-
- arch/s390/crypto/sha1_s390.c                |  2 +-
- arch/s390/crypto/sha256_s390.c              |  4 ++--
- arch/s390/crypto/sha512_s390.c              |  4 ++--
- arch/sparc/crypto/aes_glue.c                |  2 +-
- arch/sparc/crypto/camellia_glue.c           |  2 +-
- arch/sparc/crypto/crc32c_glue.c             |  2 +-
- arch/sparc/crypto/des_glue.c                |  2 +-
- arch/sparc/crypto/md5_glue.c                |  2 +-
- arch/sparc/crypto/sha1_glue.c               |  2 +-
- arch/sparc/crypto/sha256_glue.c             |  4 ++--
- arch/sparc/crypto/sha512_glue.c             |  4 ++--
- arch/x86/crypto/aes_glue.c                  |  4 ++--
- arch/x86/crypto/aesni-intel_glue.c          |  2 +-
- arch/x86/crypto/blowfish_glue.c             |  4 ++--
- arch/x86/crypto/camellia_aesni_avx2_glue.c  |  4 ++--
- arch/x86/crypto/camellia_aesni_avx_glue.c   |  4 ++--
- arch/x86/crypto/camellia_glue.c             |  4 ++--
- arch/x86/crypto/cast5_avx_glue.c            |  2 +-
- arch/x86/crypto/cast6_avx_glue.c            |  2 +-
- arch/x86/crypto/crc32-pclmul_glue.c         |  4 ++--
- arch/x86/crypto/crc32c-intel_glue.c         |  4 ++--
- arch/x86/crypto/crct10dif-pclmul_glue.c     |  4 ++--
- arch/x86/crypto/ghash-clmulni-intel_glue.c  |  2 +-
- arch/x86/crypto/salsa20_glue.c              |  4 ++--
- arch/x86/crypto/serpent_avx2_glue.c         |  4 ++--
- arch/x86/crypto/serpent_avx_glue.c          |  2 +-
- arch/x86/crypto/serpent_sse2_glue.c         |  2 +-
- arch/x86/crypto/sha1_ssse3_glue.c           |  2 +-
- arch/x86/crypto/sha256_ssse3_glue.c         |  4 ++--
- arch/x86/crypto/sha512_ssse3_glue.c         |  4 ++--
- arch/x86/crypto/twofish_avx_glue.c          |  2 +-
- arch/x86/crypto/twofish_glue.c              |  4 ++--
- arch/x86/crypto/twofish_glue_3way.c         |  4 ++--
- crypto/842.c                                |  1 +
- crypto/aes_generic.c                        |  2 +-
- crypto/ansi_cprng.c                         |  2 +-
- crypto/anubis.c                             |  1 +
- crypto/api.c                                |  4 ++--
- crypto/arc4.c                               |  1 +
- crypto/blowfish_generic.c                   |  2 +-
- crypto/camellia_generic.c                   |  2 +-
- crypto/cast5_generic.c                      |  2 +-
- crypto/cast6_generic.c                      |  2 +-
- crypto/ccm.c                                |  4 ++--
- crypto/crc32.c                              |  1 +
- crypto/crc32c_generic.c                     |  2 +-
- crypto/crct10dif_generic.c                  |  2 +-
- crypto/crypto_null.c                        |  6 +++---
- crypto/ctr.c                                |  2 +-
- crypto/deflate.c                            |  2 +-
- crypto/des_generic.c                        |  2 +-
- crypto/fcrypt.c                             |  1 +
- crypto/gcm.c                                |  6 +++---
- crypto/ghash-generic.c                      |  2 +-
- crypto/khazad.c                             |  1 +
- crypto/krng.c                               |  2 +-
- crypto/lz4.c                                |  1 +
- crypto/lz4hc.c                              |  1 +
- crypto/lzo.c                                |  1 +
- crypto/md4.c                                |  2 +-
- crypto/md5.c                                |  1 +
- crypto/michael_mic.c                        |  1 +
- crypto/rmd128.c                             |  1 +
- crypto/rmd160.c                             |  1 +
- crypto/rmd256.c                             |  1 +
- crypto/rmd320.c                             |  1 +
- crypto/salsa20_generic.c                    |  2 +-
- crypto/seed.c                               |  1 +
- crypto/serpent_generic.c                    |  4 ++--
- crypto/sha1_generic.c                       |  2 +-
- crypto/sha256_generic.c                     |  4 ++--
- crypto/sha512_generic.c                     |  4 ++--
- crypto/tea.c                                |  4 ++--
- crypto/tgr192.c                             |  4 ++--
- crypto/twofish_generic.c                    |  2 +-
- crypto/wp512.c                              |  4 ++--
- crypto/zlib.c                               |  1 +
- drivers/crypto/padlock-aes.c                |  2 +-
- drivers/crypto/padlock-sha.c                |  8 ++++----
- drivers/crypto/ux500/cryp/cryp_core.c       |  4 ++--
- drivers/crypto/ux500/hash/hash_core.c       |  8 ++++----
- drivers/s390/crypto/ap_bus.c                |  3 ++-
- include/linux/crypto.h                      | 13 +++++++++++++
-
---- a/arch/arm/crypto/aes_glue.c
-+++ b/arch/arm/crypto/aes_glue.c
-@@ -93,6 +93,6 @@ module_exit(aes_fini);
- 
- MODULE_DESCRIPTION("Rijndael (AES) Cipher Algorithm (ASM)");
- MODULE_LICENSE("GPL");
--MODULE_ALIAS("aes");
--MODULE_ALIAS("aes-asm");
-+MODULE_ALIAS_CRYPTO("aes");
-+MODULE_ALIAS_CRYPTO("aes-asm");
- MODULE_AUTHOR("David McCullough <ucdevel@gmail.com>");
---- a/arch/arm/crypto/sha1_glue.c
-+++ b/arch/arm/crypto/sha1_glue.c
-@@ -175,5 +175,5 @@ module_exit(sha1_mod_fini);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("SHA1 Secure Hash Algorithm (ARM)");
--MODULE_ALIAS("sha1");
-+MODULE_ALIAS_CRYPTO("sha1");
- MODULE_AUTHOR("David McCullough <ucdevel@gmail.com>");
---- a/arch/arm64/crypto/aes-ce-ccm-glue.c
-+++ b/arch/arm64/crypto/aes-ce-ccm-glue.c
-@@ -294,4 +294,4 @@ module_exit(aes_mod_exit);
- MODULE_DESCRIPTION("Synchronous AES in CCM mode using ARMv8 Crypto Extensions");
- MODULE_AUTHOR("Ard Biesheuvel <ard.biesheuvel@linaro.org>");
- MODULE_LICENSE("GPL v2");
--MODULE_ALIAS("ccm(aes)");
-+MODULE_ALIAS_CRYPTO("ccm(aes)");
---- a/arch/arm64/crypto/aes-glue.c
-+++ b/arch/arm64/crypto/aes-glue.c
-@@ -38,10 +38,10 @@ MODULE_DESCRIPTION("AES-ECB/CBC/CTR/XTS
- #define aes_xts_encrypt		neon_aes_xts_encrypt
- #define aes_xts_decrypt		neon_aes_xts_decrypt
- MODULE_DESCRIPTION("AES-ECB/CBC/CTR/XTS using ARMv8 NEON");
--MODULE_ALIAS("ecb(aes)");
--MODULE_ALIAS("cbc(aes)");
--MODULE_ALIAS("ctr(aes)");
--MODULE_ALIAS("xts(aes)");
-+MODULE_ALIAS_CRYPTO("ecb(aes)");
-+MODULE_ALIAS_CRYPTO("cbc(aes)");
-+MODULE_ALIAS_CRYPTO("ctr(aes)");
-+MODULE_ALIAS_CRYPTO("xts(aes)");
- #endif
- 
- MODULE_AUTHOR("Ard Biesheuvel <ard.biesheuvel@linaro.org>");
---- a/arch/powerpc/crypto/sha1.c
-+++ b/arch/powerpc/crypto/sha1.c
-@@ -154,4 +154,4 @@ module_exit(sha1_powerpc_mod_fini);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("SHA1 Secure Hash Algorithm");
- 
--MODULE_ALIAS("sha1-powerpc");
-+MODULE_ALIAS_CRYPTO("sha1-powerpc");
---- a/arch/s390/crypto/aes_s390.c
-+++ b/arch/s390/crypto/aes_s390.c
-@@ -979,7 +979,7 @@ static void __exit aes_s390_fini(void)
- module_init(aes_s390_init);
- module_exit(aes_s390_fini);
- 
--MODULE_ALIAS("aes-all");
-+MODULE_ALIAS_CRYPTO("aes-all");
- 
- MODULE_DESCRIPTION("Rijndael (AES) Cipher Algorithm");
- MODULE_LICENSE("GPL");
---- a/arch/s390/crypto/des_s390.c
-+++ b/arch/s390/crypto/des_s390.c
-@@ -619,8 +619,8 @@ static void __exit des_s390_exit(void)
- module_init(des_s390_init);
- module_exit(des_s390_exit);
- 
--MODULE_ALIAS("des");
--MODULE_ALIAS("des3_ede");
-+MODULE_ALIAS_CRYPTO("des");
-+MODULE_ALIAS_CRYPTO("des3_ede");
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("DES & Triple DES EDE Cipher Algorithms");
---- a/arch/s390/crypto/ghash_s390.c
-+++ b/arch/s390/crypto/ghash_s390.c
-@@ -160,7 +160,7 @@ static void __exit ghash_mod_exit(void)
- module_init(ghash_mod_init);
- module_exit(ghash_mod_exit);
- 
--MODULE_ALIAS("ghash");
-+MODULE_ALIAS_CRYPTO("ghash");
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("GHASH Message Digest Algorithm, s390 implementation");
---- a/arch/s390/crypto/sha1_s390.c
-+++ b/arch/s390/crypto/sha1_s390.c
-@@ -103,6 +103,6 @@ static void __exit sha1_s390_fini(void)
- module_init(sha1_s390_init);
- module_exit(sha1_s390_fini);
- 
--MODULE_ALIAS("sha1");
-+MODULE_ALIAS_CRYPTO("sha1");
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("SHA1 Secure Hash Algorithm");
---- a/arch/s390/crypto/sha256_s390.c
-+++ b/arch/s390/crypto/sha256_s390.c
-@@ -143,7 +143,7 @@ static void __exit sha256_s390_fini(void
- module_init(sha256_s390_init);
- module_exit(sha256_s390_fini);
- 
--MODULE_ALIAS("sha256");
--MODULE_ALIAS("sha224");
-+MODULE_ALIAS_CRYPTO("sha256");
-+MODULE_ALIAS_CRYPTO("sha224");
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("SHA256 and SHA224 Secure Hash Algorithm");
---- a/arch/s390/crypto/sha512_s390.c
-+++ b/arch/s390/crypto/sha512_s390.c
-@@ -86,7 +86,7 @@ static struct shash_alg sha512_alg = {
- 	}
- };
- 
--MODULE_ALIAS("sha512");
-+MODULE_ALIAS_CRYPTO("sha512");
- 
- static int sha384_init(struct shash_desc *desc)
- {
-@@ -126,7 +126,7 @@ static struct shash_alg sha384_alg = {
- 	}
- };
- 
--MODULE_ALIAS("sha384");
-+MODULE_ALIAS_CRYPTO("sha384");
- 
- static int __init init(void)
- {
---- a/arch/sparc/crypto/aes_glue.c
-+++ b/arch/sparc/crypto/aes_glue.c
-@@ -499,6 +499,6 @@ module_exit(aes_sparc64_mod_fini);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("AES Secure Hash Algorithm, sparc64 aes opcode accelerated");
- 
--MODULE_ALIAS("aes");
-+MODULE_ALIAS_CRYPTO("aes");
- 
- #include "crop_devid.c"
---- a/arch/sparc/crypto/camellia_glue.c
-+++ b/arch/sparc/crypto/camellia_glue.c
-@@ -322,6 +322,6 @@ module_exit(camellia_sparc64_mod_fini);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("Camellia Cipher Algorithm, sparc64 camellia opcode accelerated");
- 
--MODULE_ALIAS("aes");
-+MODULE_ALIAS_CRYPTO("aes");
- 
- #include "crop_devid.c"
---- a/arch/sparc/crypto/crc32c_glue.c
-+++ b/arch/sparc/crypto/crc32c_glue.c
-@@ -176,6 +176,6 @@ module_exit(crc32c_sparc64_mod_fini);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("CRC32c (Castagnoli), sparc64 crc32c opcode accelerated");
- 
--MODULE_ALIAS("crc32c");
-+MODULE_ALIAS_CRYPTO("crc32c");
- 
- #include "crop_devid.c"
---- a/arch/sparc/crypto/des_glue.c
-+++ b/arch/sparc/crypto/des_glue.c
-@@ -532,6 +532,6 @@ module_exit(des_sparc64_mod_fini);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("DES & Triple DES EDE Cipher Algorithms, sparc64 des opcode accelerated");
- 
--MODULE_ALIAS("des");
-+MODULE_ALIAS_CRYPTO("des");
- 
- #include "crop_devid.c"
---- a/arch/sparc/crypto/md5_glue.c
-+++ b/arch/sparc/crypto/md5_glue.c
-@@ -185,6 +185,6 @@ module_exit(md5_sparc64_mod_fini);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("MD5 Secure Hash Algorithm, sparc64 md5 opcode accelerated");
- 
--MODULE_ALIAS("md5");
-+MODULE_ALIAS_CRYPTO("md5");
- 
- #include "crop_devid.c"
---- a/arch/sparc/crypto/sha1_glue.c
-+++ b/arch/sparc/crypto/sha1_glue.c
-@@ -180,6 +180,6 @@ module_exit(sha1_sparc64_mod_fini);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("SHA1 Secure Hash Algorithm, sparc64 sha1 opcode accelerated");
- 
--MODULE_ALIAS("sha1");
-+MODULE_ALIAS_CRYPTO("sha1");
- 
- #include "crop_devid.c"
---- a/arch/sparc/crypto/sha256_glue.c
-+++ b/arch/sparc/crypto/sha256_glue.c
-@@ -237,7 +237,7 @@ module_exit(sha256_sparc64_mod_fini);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("SHA-224 and SHA-256 Secure Hash Algorithm, sparc64 sha256 opcode accelerated");
- 
--MODULE_ALIAS("sha224");
--MODULE_ALIAS("sha256");
-+MODULE_ALIAS_CRYPTO("sha224");
-+MODULE_ALIAS_CRYPTO("sha256");
- 
- #include "crop_devid.c"
---- a/arch/sparc/crypto/sha512_glue.c
-+++ b/arch/sparc/crypto/sha512_glue.c
-@@ -222,7 +222,7 @@ module_exit(sha512_sparc64_mod_fini);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("SHA-384 and SHA-512 Secure Hash Algorithm, sparc64 sha512 opcode accelerated");
- 
--MODULE_ALIAS("sha384");
--MODULE_ALIAS("sha512");
-+MODULE_ALIAS_CRYPTO("sha384");
-+MODULE_ALIAS_CRYPTO("sha512");
- 
- #include "crop_devid.c"
---- a/arch/x86/crypto/aes_glue.c
-+++ b/arch/x86/crypto/aes_glue.c
-@@ -66,5 +66,5 @@ module_exit(aes_fini);
- 
- MODULE_DESCRIPTION("Rijndael (AES) Cipher Algorithm, asm optimized");
- MODULE_LICENSE("GPL");
--MODULE_ALIAS("aes");
--MODULE_ALIAS("aes-asm");
-+MODULE_ALIAS_CRYPTO("aes");
-+MODULE_ALIAS_CRYPTO("aes-asm");
---- a/arch/x86/crypto/aesni-intel_glue.c
-+++ b/arch/x86/crypto/aesni-intel_glue.c
-@@ -1514,4 +1514,4 @@ module_exit(aesni_exit);
- 
- MODULE_DESCRIPTION("Rijndael (AES) Cipher Algorithm, Intel AES-NI instructions optimized");
- MODULE_LICENSE("GPL");
--MODULE_ALIAS("aes");
-+MODULE_ALIAS_CRYPTO("aes");
---- a/arch/x86/crypto/blowfish_glue.c
-+++ b/arch/x86/crypto/blowfish_glue.c
-@@ -478,5 +478,5 @@ module_exit(fini);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("Blowfish Cipher Algorithm, asm optimized");
--MODULE_ALIAS("blowfish");
--MODULE_ALIAS("blowfish-asm");
-+MODULE_ALIAS_CRYPTO("blowfish");
-+MODULE_ALIAS_CRYPTO("blowfish-asm");
---- a/arch/x86/crypto/camellia_aesni_avx2_glue.c
-+++ b/arch/x86/crypto/camellia_aesni_avx2_glue.c
-@@ -582,5 +582,5 @@ module_exit(camellia_aesni_fini);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("Camellia Cipher Algorithm, AES-NI/AVX2 optimized");
--MODULE_ALIAS("camellia");
--MODULE_ALIAS("camellia-asm");
-+MODULE_ALIAS_CRYPTO("camellia");
-+MODULE_ALIAS_CRYPTO("camellia-asm");
---- a/arch/x86/crypto/camellia_aesni_avx_glue.c
-+++ b/arch/x86/crypto/camellia_aesni_avx_glue.c
-@@ -574,5 +574,5 @@ module_exit(camellia_aesni_fini);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("Camellia Cipher Algorithm, AES-NI/AVX optimized");
--MODULE_ALIAS("camellia");
--MODULE_ALIAS("camellia-asm");
-+MODULE_ALIAS_CRYPTO("camellia");
-+MODULE_ALIAS_CRYPTO("camellia-asm");
---- a/arch/x86/crypto/camellia_glue.c
-+++ b/arch/x86/crypto/camellia_glue.c
-@@ -1725,5 +1725,5 @@ module_exit(fini);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("Camellia Cipher Algorithm, asm optimized");
--MODULE_ALIAS("camellia");
--MODULE_ALIAS("camellia-asm");
-+MODULE_ALIAS_CRYPTO("camellia");
-+MODULE_ALIAS_CRYPTO("camellia-asm");
---- a/arch/x86/crypto/cast5_avx_glue.c
-+++ b/arch/x86/crypto/cast5_avx_glue.c
-@@ -491,4 +491,4 @@ module_exit(cast5_exit);
- 
- MODULE_DESCRIPTION("Cast5 Cipher Algorithm, AVX optimized");
- MODULE_LICENSE("GPL");
--MODULE_ALIAS("cast5");
-+MODULE_ALIAS_CRYPTO("cast5");
---- a/arch/x86/crypto/cast6_avx_glue.c
-+++ b/arch/x86/crypto/cast6_avx_glue.c
-@@ -611,4 +611,4 @@ module_exit(cast6_exit);
- 
- MODULE_DESCRIPTION("Cast6 Cipher Algorithm, AVX optimized");
- MODULE_LICENSE("GPL");
--MODULE_ALIAS("cast6");
-+MODULE_ALIAS_CRYPTO("cast6");
---- a/arch/x86/crypto/crc32-pclmul_glue.c
-+++ b/arch/x86/crypto/crc32-pclmul_glue.c
-@@ -197,5 +197,5 @@ module_exit(crc32_pclmul_mod_fini);
- MODULE_AUTHOR("Alexander Boyko <alexander_boyko@xyratex.com>");
- MODULE_LICENSE("GPL");
- 
--MODULE_ALIAS("crc32");
--MODULE_ALIAS("crc32-pclmul");
-+MODULE_ALIAS_CRYPTO("crc32");
-+MODULE_ALIAS_CRYPTO("crc32-pclmul");
---- a/arch/x86/crypto/crc32c-intel_glue.c
-+++ b/arch/x86/crypto/crc32c-intel_glue.c
-@@ -280,5 +280,5 @@ MODULE_AUTHOR("Austin Zhang <austin.zhan
- MODULE_DESCRIPTION("CRC32c (Castagnoli) optimization using Intel Hardware.");
- MODULE_LICENSE("GPL");
- 
--MODULE_ALIAS("crc32c");
--MODULE_ALIAS("crc32c-intel");
-+MODULE_ALIAS_CRYPTO("crc32c");
-+MODULE_ALIAS_CRYPTO("crc32c-intel");
---- a/arch/x86/crypto/crct10dif-pclmul_glue.c
-+++ b/arch/x86/crypto/crct10dif-pclmul_glue.c
-@@ -147,5 +147,5 @@ MODULE_AUTHOR("Tim Chen <tim.c.chen@linu
- MODULE_DESCRIPTION("T10 DIF CRC calculation accelerated with PCLMULQDQ.");
- MODULE_LICENSE("GPL");
- 
--MODULE_ALIAS("crct10dif");
--MODULE_ALIAS("crct10dif-pclmul");
-+MODULE_ALIAS_CRYPTO("crct10dif");
-+MODULE_ALIAS_CRYPTO("crct10dif-pclmul");
---- a/arch/x86/crypto/ghash-clmulni-intel_glue.c
-+++ b/arch/x86/crypto/ghash-clmulni-intel_glue.c
-@@ -341,4 +341,4 @@ module_exit(ghash_pclmulqdqni_mod_exit);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("GHASH Message Digest Algorithm, "
- 		   "acclerated by PCLMULQDQ-NI");
--MODULE_ALIAS("ghash");
-+MODULE_ALIAS_CRYPTO("ghash");
---- a/arch/x86/crypto/salsa20_glue.c
-+++ b/arch/x86/crypto/salsa20_glue.c
-@@ -119,5 +119,5 @@ module_exit(fini);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION ("Salsa20 stream cipher algorithm (optimized assembly version)");
--MODULE_ALIAS("salsa20");
--MODULE_ALIAS("salsa20-asm");
-+MODULE_ALIAS_CRYPTO("salsa20");
-+MODULE_ALIAS_CRYPTO("salsa20-asm");
---- a/arch/x86/crypto/serpent_avx2_glue.c
-+++ b/arch/x86/crypto/serpent_avx2_glue.c
-@@ -558,5 +558,5 @@ module_exit(fini);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("Serpent Cipher Algorithm, AVX2 optimized");
--MODULE_ALIAS("serpent");
--MODULE_ALIAS("serpent-asm");
-+MODULE_ALIAS_CRYPTO("serpent");
-+MODULE_ALIAS_CRYPTO("serpent-asm");
---- a/arch/x86/crypto/serpent_avx_glue.c
-+++ b/arch/x86/crypto/serpent_avx_glue.c
-@@ -617,4 +617,4 @@ module_exit(serpent_exit);
- 
- MODULE_DESCRIPTION("Serpent Cipher Algorithm, AVX optimized");
- MODULE_LICENSE("GPL");
--MODULE_ALIAS("serpent");
-+MODULE_ALIAS_CRYPTO("serpent");
---- a/arch/x86/crypto/serpent_sse2_glue.c
-+++ b/arch/x86/crypto/serpent_sse2_glue.c
-@@ -618,4 +618,4 @@ module_exit(serpent_sse2_exit);
- 
- MODULE_DESCRIPTION("Serpent Cipher Algorithm, SSE2 optimized");
- MODULE_LICENSE("GPL");
--MODULE_ALIAS("serpent");
-+MODULE_ALIAS_CRYPTO("serpent");
---- a/arch/x86/crypto/sha1_ssse3_glue.c
-+++ b/arch/x86/crypto/sha1_ssse3_glue.c
-@@ -278,4 +278,4 @@ module_exit(sha1_ssse3_mod_fini);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("SHA1 Secure Hash Algorithm, Supplemental SSE3 accelerated");
- 
--MODULE_ALIAS("sha1");
-+MODULE_ALIAS_CRYPTO("sha1");
---- a/arch/x86/crypto/sha256_ssse3_glue.c
-+++ b/arch/x86/crypto/sha256_ssse3_glue.c
-@@ -318,5 +318,5 @@ module_exit(sha256_ssse3_mod_fini);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("SHA256 Secure Hash Algorithm, Supplemental SSE3 accelerated");
- 
--MODULE_ALIAS("sha256");
--MODULE_ALIAS("sha224");
-+MODULE_ALIAS_CRYPTO("sha256");
-+MODULE_ALIAS_CRYPTO("sha224");
---- a/arch/x86/crypto/sha512_ssse3_glue.c
-+++ b/arch/x86/crypto/sha512_ssse3_glue.c
-@@ -326,5 +326,5 @@ module_exit(sha512_ssse3_mod_fini);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("SHA512 Secure Hash Algorithm, Supplemental SSE3 accelerated");
- 
--MODULE_ALIAS("sha512");
--MODULE_ALIAS("sha384");
-+MODULE_ALIAS_CRYPTO("sha512");
-+MODULE_ALIAS_CRYPTO("sha384");
---- a/arch/x86/crypto/twofish_avx_glue.c
-+++ b/arch/x86/crypto/twofish_avx_glue.c
-@@ -579,4 +579,4 @@ module_exit(twofish_exit);
- 
- MODULE_DESCRIPTION("Twofish Cipher Algorithm, AVX optimized");
- MODULE_LICENSE("GPL");
--MODULE_ALIAS("twofish");
-+MODULE_ALIAS_CRYPTO("twofish");
---- a/arch/x86/crypto/twofish_glue.c
-+++ b/arch/x86/crypto/twofish_glue.c
-@@ -96,5 +96,5 @@ module_exit(fini);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION ("Twofish Cipher Algorithm, asm optimized");
--MODULE_ALIAS("twofish");
--MODULE_ALIAS("twofish-asm");
-+MODULE_ALIAS_CRYPTO("twofish");
-+MODULE_ALIAS_CRYPTO("twofish-asm");
---- a/arch/x86/crypto/twofish_glue_3way.c
-+++ b/arch/x86/crypto/twofish_glue_3way.c
-@@ -495,5 +495,5 @@ module_exit(fini);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("Twofish Cipher Algorithm, 3-way parallel asm optimized");
--MODULE_ALIAS("twofish");
--MODULE_ALIAS("twofish-asm");
-+MODULE_ALIAS_CRYPTO("twofish");
-+MODULE_ALIAS_CRYPTO("twofish-asm");
---- a/crypto/842.c
-+++ b/crypto/842.c
-@@ -180,3 +180,4 @@ module_exit(nx842_mod_exit);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("842 Compression Algorithm");
-+MODULE_ALIAS_CRYPTO("842");
---- a/crypto/aes_generic.c
-+++ b/crypto/aes_generic.c
-@@ -1474,4 +1474,4 @@ module_exit(aes_fini);
- 
- MODULE_DESCRIPTION("Rijndael (AES) Cipher Algorithm");
- MODULE_LICENSE("Dual BSD/GPL");
--MODULE_ALIAS("aes");
-+MODULE_ALIAS_CRYPTO("aes");
---- a/crypto/ansi_cprng.c
-+++ b/crypto/ansi_cprng.c
-@@ -476,4 +476,4 @@ module_param(dbg, int, 0);
- MODULE_PARM_DESC(dbg, "Boolean to enable debugging (0/1 == off/on)");
- module_init(prng_mod_init);
- module_exit(prng_mod_fini);
--MODULE_ALIAS("stdrng");
-+MODULE_ALIAS_CRYPTO("stdrng");
---- a/crypto/anubis.c
-+++ b/crypto/anubis.c
-@@ -704,3 +704,4 @@ module_exit(anubis_mod_fini);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("Anubis Cryptographic Algorithm");
-+MODULE_ALIAS_CRYPTO("anubis");
---- a/crypto/api.c
-+++ b/crypto/api.c
-@@ -216,11 +216,11 @@ struct crypto_alg *crypto_larval_lookup(
- 
- 	alg = crypto_alg_lookup(name, type, mask);
- 	if (!alg) {
--		request_module("%s", name);
-+		request_module("crypto-%s", name);
- 
- 		if (!((type ^ CRYPTO_ALG_NEED_FALLBACK) & mask &
- 		      CRYPTO_ALG_NEED_FALLBACK))
--			request_module("%s-all", name);
-+			request_module("crypto-%s-all", name);
- 
- 		alg = crypto_alg_lookup(name, type, mask);
- 	}
---- a/crypto/arc4.c
-+++ b/crypto/arc4.c
-@@ -166,3 +166,4 @@ module_exit(arc4_exit);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("ARC4 Cipher Algorithm");
- MODULE_AUTHOR("Jon Oberheide <jon@oberheide.org>");
-+MODULE_ALIAS_CRYPTO("arc4");
---- a/crypto/blowfish_generic.c
-+++ b/crypto/blowfish_generic.c
-@@ -138,4 +138,4 @@ module_exit(blowfish_mod_fini);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("Blowfish Cipher Algorithm");
--MODULE_ALIAS("blowfish");
-+MODULE_ALIAS_CRYPTO("blowfish");
---- a/crypto/camellia_generic.c
-+++ b/crypto/camellia_generic.c
-@@ -1098,4 +1098,4 @@ module_exit(camellia_fini);
- 
- MODULE_DESCRIPTION("Camellia Cipher Algorithm");
- MODULE_LICENSE("GPL");
--MODULE_ALIAS("camellia");
-+MODULE_ALIAS_CRYPTO("camellia");
---- a/crypto/cast5_generic.c
-+++ b/crypto/cast5_generic.c
-@@ -549,4 +549,4 @@ module_exit(cast5_mod_fini);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("Cast5 Cipher Algorithm");
--MODULE_ALIAS("cast5");
-+MODULE_ALIAS_CRYPTO("cast5");
---- a/crypto/cast6_generic.c
-+++ b/crypto/cast6_generic.c
-@@ -291,4 +291,4 @@ module_exit(cast6_mod_fini);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("Cast6 Cipher Algorithm");
--MODULE_ALIAS("cast6");
-+MODULE_ALIAS_CRYPTO("cast6");
---- a/crypto/ccm.c
-+++ b/crypto/ccm.c
-@@ -879,5 +879,5 @@ module_exit(crypto_ccm_module_exit);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("Counter with CBC MAC");
--MODULE_ALIAS("ccm_base");
--MODULE_ALIAS("rfc4309");
-+MODULE_ALIAS_CRYPTO("ccm_base");
-+MODULE_ALIAS_CRYPTO("rfc4309");
---- a/crypto/crc32.c
-+++ b/crypto/crc32.c
-@@ -156,3 +156,4 @@ module_exit(crc32_mod_fini);
- MODULE_AUTHOR("Alexander Boyko <alexander_boyko@xyratex.com>");
- MODULE_DESCRIPTION("CRC32 calculations wrapper for lib/crc32");
- MODULE_LICENSE("GPL");
-+MODULE_ALIAS_CRYPTO("crc32");
---- a/crypto/crc32c_generic.c
-+++ b/crypto/crc32c_generic.c
-@@ -170,5 +170,5 @@ module_exit(crc32c_mod_fini);
- MODULE_AUTHOR("Clay Haapala <chaapala@cisco.com>");
- MODULE_DESCRIPTION("CRC32c (Castagnoli) calculations wrapper for lib/crc32c");
- MODULE_LICENSE("GPL");
--MODULE_ALIAS("crc32c");
-+MODULE_ALIAS_CRYPTO("crc32c");
- MODULE_SOFTDEP("pre: crc32c");
---- a/crypto/crct10dif_generic.c
-+++ b/crypto/crct10dif_generic.c
-@@ -124,4 +124,4 @@ module_exit(crct10dif_mod_fini);
- MODULE_AUTHOR("Tim Chen <tim.c.chen@linux.intel.com>");
- MODULE_DESCRIPTION("T10 DIF CRC calculation.");
- MODULE_LICENSE("GPL");
--MODULE_ALIAS("crct10dif");
-+MODULE_ALIAS_CRYPTO("crct10dif");
---- a/crypto/crypto_null.c
-+++ b/crypto/crypto_null.c
-@@ -145,9 +145,9 @@ static struct crypto_alg null_algs[3] =
- 	.coa_decompress		=	null_compress } }
- } };
- 
--MODULE_ALIAS("compress_null");
--MODULE_ALIAS("digest_null");
--MODULE_ALIAS("cipher_null");
-+MODULE_ALIAS_CRYPTO("compress_null");
-+MODULE_ALIAS_CRYPTO("digest_null");
-+MODULE_ALIAS_CRYPTO("cipher_null");
- 
- static int __init crypto_null_mod_init(void)
- {
---- a/crypto/ctr.c
-+++ b/crypto/ctr.c
-@@ -466,4 +466,4 @@ module_exit(crypto_ctr_module_exit);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("CTR Counter block mode");
--MODULE_ALIAS("rfc3686");
-+MODULE_ALIAS_CRYPTO("rfc3686");
---- a/crypto/deflate.c
-+++ b/crypto/deflate.c
-@@ -222,4 +222,4 @@ module_exit(deflate_mod_fini);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("Deflate Compression Algorithm for IPCOMP");
- MODULE_AUTHOR("James Morris <jmorris@intercode.com.au>");
--
-+MODULE_ALIAS_CRYPTO("deflate");
---- a/crypto/des_generic.c
-+++ b/crypto/des_generic.c
-@@ -971,7 +971,7 @@ static struct crypto_alg des_algs[2] = {
- 	.cia_decrypt		=	des3_ede_decrypt } }
- } };
- 
--MODULE_ALIAS("des3_ede");
-+MODULE_ALIAS_CRYPTO("des3_ede");
- 
- static int __init des_generic_mod_init(void)
- {
---- a/crypto/fcrypt.c
-+++ b/crypto/fcrypt.c
-@@ -420,3 +420,4 @@ module_exit(fcrypt_mod_fini);
- MODULE_LICENSE("Dual BSD/GPL");
- MODULE_DESCRIPTION("FCrypt Cipher Algorithm");
- MODULE_AUTHOR("David Howells <dhowells@redhat.com>");
-+MODULE_ALIAS_CRYPTO("fcrypt");
---- a/crypto/gcm.c
-+++ b/crypto/gcm.c
-@@ -1441,6 +1441,6 @@ module_exit(crypto_gcm_module_exit);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("Galois/Counter Mode");
- MODULE_AUTHOR("Mikko Herranen <mh1@iki.fi>");
--MODULE_ALIAS("gcm_base");
--MODULE_ALIAS("rfc4106");
--MODULE_ALIAS("rfc4543");
-+MODULE_ALIAS_CRYPTO("gcm_base");
-+MODULE_ALIAS_CRYPTO("rfc4106");
-+MODULE_ALIAS_CRYPTO("rfc4543");
---- a/crypto/ghash-generic.c
-+++ b/crypto/ghash-generic.c
-@@ -172,4 +172,4 @@ module_exit(ghash_mod_exit);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("GHASH Message Digest Algorithm");
--MODULE_ALIAS("ghash");
-+MODULE_ALIAS_CRYPTO("ghash");
---- a/crypto/khazad.c
-+++ b/crypto/khazad.c
-@@ -880,3 +880,4 @@ module_exit(khazad_mod_fini);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("Khazad Cryptographic Algorithm");
-+MODULE_ALIAS_CRYPTO("khazad");
---- a/crypto/krng.c
-+++ b/crypto/krng.c
-@@ -62,4 +62,4 @@ module_exit(krng_mod_fini);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("Kernel Random Number Generator");
--MODULE_ALIAS("stdrng");
-+MODULE_ALIAS_CRYPTO("stdrng");
---- a/crypto/lz4.c
-+++ b/crypto/lz4.c
-@@ -104,3 +104,4 @@ module_exit(lz4_mod_fini);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("LZ4 Compression Algorithm");
-+MODULE_ALIAS_CRYPTO("lz4");
---- a/crypto/lz4hc.c
-+++ b/crypto/lz4hc.c
-@@ -104,3 +104,4 @@ module_exit(lz4hc_mod_fini);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("LZ4HC Compression Algorithm");
-+MODULE_ALIAS_CRYPTO("lz4hc");
---- a/crypto/lzo.c
-+++ b/crypto/lzo.c
-@@ -103,3 +103,4 @@ module_exit(lzo_mod_fini);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("LZO Compression Algorithm");
-+MODULE_ALIAS_CRYPTO("lzo");
---- a/crypto/md4.c
-+++ b/crypto/md4.c
-@@ -255,4 +255,4 @@ module_exit(md4_mod_fini);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("MD4 Message Digest Algorithm");
--
-+MODULE_ALIAS_CRYPTO("md4");
---- a/crypto/md5.c
-+++ b/crypto/md5.c
-@@ -168,3 +168,4 @@ module_exit(md5_mod_fini);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("MD5 Message Digest Algorithm");
-+MODULE_ALIAS_CRYPTO("md5");
---- a/crypto/michael_mic.c
-+++ b/crypto/michael_mic.c
-@@ -184,3 +184,4 @@ module_exit(michael_mic_exit);
- MODULE_LICENSE("GPL v2");
- MODULE_DESCRIPTION("Michael MIC");
- MODULE_AUTHOR("Jouni Malinen <j@w1.fi>");
-+MODULE_ALIAS_CRYPTO("michael_mic");
---- a/crypto/rmd128.c
-+++ b/crypto/rmd128.c
-@@ -327,3 +327,4 @@ module_exit(rmd128_mod_fini);
- MODULE_LICENSE("GPL");
- MODULE_AUTHOR("Adrian-Ken Rueegsegger <ken@codelabs.ch>");
- MODULE_DESCRIPTION("RIPEMD-128 Message Digest");
-+MODULE_ALIAS_CRYPTO("rmd128");
---- a/crypto/rmd160.c
-+++ b/crypto/rmd160.c
-@@ -371,3 +371,4 @@ module_exit(rmd160_mod_fini);
- MODULE_LICENSE("GPL");
- MODULE_AUTHOR("Adrian-Ken Rueegsegger <ken@codelabs.ch>");
- MODULE_DESCRIPTION("RIPEMD-160 Message Digest");
-+MODULE_ALIAS_CRYPTO("rmd160");
---- a/crypto/rmd256.c
-+++ b/crypto/rmd256.c
-@@ -346,3 +346,4 @@ module_exit(rmd256_mod_fini);
- MODULE_LICENSE("GPL");
- MODULE_AUTHOR("Adrian-Ken Rueegsegger <ken@codelabs.ch>");
- MODULE_DESCRIPTION("RIPEMD-256 Message Digest");
-+MODULE_ALIAS_CRYPTO("rmd256");
---- a/crypto/rmd320.c
-+++ b/crypto/rmd320.c
-@@ -395,3 +395,4 @@ module_exit(rmd320_mod_fini);
- MODULE_LICENSE("GPL");
- MODULE_AUTHOR("Adrian-Ken Rueegsegger <ken@codelabs.ch>");
- MODULE_DESCRIPTION("RIPEMD-320 Message Digest");
-+MODULE_ALIAS_CRYPTO("rmd320");
---- a/crypto/salsa20_generic.c
-+++ b/crypto/salsa20_generic.c
-@@ -248,4 +248,4 @@ module_exit(salsa20_generic_mod_fini);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION ("Salsa20 stream cipher algorithm");
--MODULE_ALIAS("salsa20");
-+MODULE_ALIAS_CRYPTO("salsa20");
---- a/crypto/seed.c
-+++ b/crypto/seed.c
-@@ -476,3 +476,4 @@ module_exit(seed_fini);
- MODULE_DESCRIPTION("SEED Cipher Algorithm");
- MODULE_LICENSE("GPL");
- MODULE_AUTHOR("Hye-Shik Chang <perky@FreeBSD.org>, Kim Hyun <hkim@kisa.or.kr>");
-+MODULE_ALIAS_CRYPTO("seed");
---- a/crypto/serpent_generic.c
-+++ b/crypto/serpent_generic.c
-@@ -665,5 +665,5 @@ module_exit(serpent_mod_fini);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("Serpent and tnepres (kerneli compatible serpent reversed) Cipher Algorithm");
- MODULE_AUTHOR("Dag Arne Osvik <osvik@ii.uib.no>");
--MODULE_ALIAS("tnepres");
--MODULE_ALIAS("serpent");
-+MODULE_ALIAS_CRYPTO("tnepres");
-+MODULE_ALIAS_CRYPTO("serpent");
---- a/crypto/sha1_generic.c
-+++ b/crypto/sha1_generic.c
-@@ -153,4 +153,4 @@ module_exit(sha1_generic_mod_fini);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("SHA1 Secure Hash Algorithm");
- 
--MODULE_ALIAS("sha1");
-+MODULE_ALIAS_CRYPTO("sha1");
---- a/crypto/sha256_generic.c
-+++ b/crypto/sha256_generic.c
-@@ -384,5 +384,5 @@ module_exit(sha256_generic_mod_fini);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("SHA-224 and SHA-256 Secure Hash Algorithm");
- 
--MODULE_ALIAS("sha224");
--MODULE_ALIAS("sha256");
-+MODULE_ALIAS_CRYPTO("sha224");
-+MODULE_ALIAS_CRYPTO("sha256");
---- a/crypto/sha512_generic.c
-+++ b/crypto/sha512_generic.c
-@@ -287,5 +287,5 @@ module_exit(sha512_generic_mod_fini);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("SHA-512 and SHA-384 Secure Hash Algorithms");
- 
--MODULE_ALIAS("sha384");
--MODULE_ALIAS("sha512");
-+MODULE_ALIAS_CRYPTO("sha384");
-+MODULE_ALIAS_CRYPTO("sha512");
---- a/crypto/tea.c
-+++ b/crypto/tea.c
-@@ -270,8 +270,8 @@ static void __exit tea_mod_fini(void)
- 	crypto_unregister_algs(tea_algs, ARRAY_SIZE(tea_algs));
- }
- 
--MODULE_ALIAS("xtea");
--MODULE_ALIAS("xeta");
-+MODULE_ALIAS_CRYPTO("xtea");
-+MODULE_ALIAS_CRYPTO("xeta");
- 
- module_init(tea_mod_init);
- module_exit(tea_mod_fini);
---- a/crypto/tgr192.c
-+++ b/crypto/tgr192.c
-@@ -676,8 +676,8 @@ static void __exit tgr192_mod_fini(void)
- 	crypto_unregister_shashes(tgr_algs, ARRAY_SIZE(tgr_algs));
- }
- 
--MODULE_ALIAS("tgr160");
--MODULE_ALIAS("tgr128");
-+MODULE_ALIAS_CRYPTO("tgr160");
-+MODULE_ALIAS_CRYPTO("tgr128");
- 
- module_init(tgr192_mod_init);
- module_exit(tgr192_mod_fini);
---- a/crypto/twofish_generic.c
-+++ b/crypto/twofish_generic.c
-@@ -211,4 +211,4 @@ module_exit(twofish_mod_fini);
- 
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION ("Twofish Cipher Algorithm");
--MODULE_ALIAS("twofish");
-+MODULE_ALIAS_CRYPTO("twofish");
---- a/crypto/wp512.c
-+++ b/crypto/wp512.c
-@@ -1167,8 +1167,8 @@ static void __exit wp512_mod_fini(void)
- 	crypto_unregister_shashes(wp_algs, ARRAY_SIZE(wp_algs));
- }
- 
--MODULE_ALIAS("wp384");
--MODULE_ALIAS("wp256");
-+MODULE_ALIAS_CRYPTO("wp384");
-+MODULE_ALIAS_CRYPTO("wp256");
- 
- module_init(wp512_mod_init);
- module_exit(wp512_mod_fini);
---- a/crypto/zlib.c
-+++ b/crypto/zlib.c
-@@ -378,3 +378,4 @@ module_exit(zlib_mod_fini);
- MODULE_LICENSE("GPL");
- MODULE_DESCRIPTION("Zlib Compression Algorithm");
- MODULE_AUTHOR("Sony Corporation");
-+MODULE_ALIAS_CRYPTO("zlib");
---- a/drivers/crypto/padlock-aes.c
-+++ b/drivers/crypto/padlock-aes.c
-@@ -563,4 +563,4 @@ MODULE_DESCRIPTION("VIA PadLock AES algo
- MODULE_LICENSE("GPL");
- MODULE_AUTHOR("Michal Ludvig");
- 
--MODULE_ALIAS("aes");
-+MODULE_ALIAS_CRYPTO("aes");
---- a/drivers/crypto/padlock-sha.c
-+++ b/drivers/crypto/padlock-sha.c
-@@ -593,7 +593,7 @@ MODULE_DESCRIPTION("VIA PadLock SHA1/SHA
- MODULE_LICENSE("GPL");
- MODULE_AUTHOR("Michal Ludvig");
- 
--MODULE_ALIAS("sha1-all");
--MODULE_ALIAS("sha256-all");
--MODULE_ALIAS("sha1-padlock");
--MODULE_ALIAS("sha256-padlock");
-+MODULE_ALIAS_CRYPTO("sha1-all");
-+MODULE_ALIAS_CRYPTO("sha256-all");
-+MODULE_ALIAS_CRYPTO("sha1-padlock");
-+MODULE_ALIAS_CRYPTO("sha256-padlock");
---- a/drivers/crypto/ux500/cryp/cryp_core.c
-+++ b/drivers/crypto/ux500/cryp/cryp_core.c
-@@ -1810,7 +1810,7 @@ module_exit(ux500_cryp_mod_fini);
- module_param(cryp_mode, int, 0);
- 
- MODULE_DESCRIPTION("Driver for ST-Ericsson UX500 CRYP crypto engine.");
--MODULE_ALIAS("aes-all");
--MODULE_ALIAS("des-all");
-+MODULE_ALIAS_CRYPTO("aes-all");
-+MODULE_ALIAS_CRYPTO("des-all");
- 
- MODULE_LICENSE("GPL");
---- a/drivers/crypto/ux500/hash/hash_core.c
-+++ b/drivers/crypto/ux500/hash/hash_core.c
-@@ -1995,7 +1995,7 @@ module_exit(ux500_hash_mod_fini);
- MODULE_DESCRIPTION("Driver for ST-Ericsson UX500 HASH engine.");
- MODULE_LICENSE("GPL");
- 
--MODULE_ALIAS("sha1-all");
--MODULE_ALIAS("sha256-all");
--MODULE_ALIAS("hmac-sha1-all");
--MODULE_ALIAS("hmac-sha256-all");
-+MODULE_ALIAS_CRYPTO("sha1-all");
-+MODULE_ALIAS_CRYPTO("sha256-all");
-+MODULE_ALIAS_CRYPTO("hmac-sha1-all");
-+MODULE_ALIAS_CRYPTO("hmac-sha256-all");
---- a/drivers/s390/crypto/ap_bus.c
-+++ b/drivers/s390/crypto/ap_bus.c
-@@ -44,6 +44,7 @@
- #include <linux/hrtimer.h>
- #include <linux/ktime.h>
- #include <asm/facility.h>
-+#include <linux/crypto.h>
- 
- #include "ap_bus.h"
- 
-@@ -71,7 +72,7 @@ MODULE_AUTHOR("IBM Corporation");
- MODULE_DESCRIPTION("Adjunct Processor Bus driver, " \
- 		   "Copyright IBM Corp. 2006, 2012");
- MODULE_LICENSE("GPL");
--MODULE_ALIAS("z90crypt");
-+MODULE_ALIAS_CRYPTO("z90crypt");
- 
- /*
-  * Module parameter
---- a/include/linux/crypto.h
-+++ b/include/linux/crypto.h
-@@ -26,6 +26,19 @@
- #include <linux/uaccess.h>
- 
- /*
-+ * Autoloaded crypto modules should only use a prefixed name to avoid allowing
-+ * arbitrary modules to be loaded. Loading from userspace may still need the
-+ * unprefixed names, so retains those aliases as well.
-+ * This uses __MODULE_INFO directly instead of MODULE_ALIAS because pre-4.3
-+ * gcc (e.g. avr32 toolchain) uses __LINE__ for uniqueness, and this macro
-+ * expands twice on the same line. Instead, use a separate base name for the
-+ * alias.
-+ */
-+#define MODULE_ALIAS_CRYPTO(name)	\
-+		__MODULE_INFO(alias, alias_userspace, name);	\
-+		__MODULE_INFO(alias, alias_crypto, "crypto-" name)
-+
-+/*
-  * Algorithm masks and types.
-  */
- #define CRYPTO_ALG_TYPE_MASK		0x0000000f

debian/patches/bugfix/all/net-sctp-fix-slab-corruption-from-use-after-free-on-.patch

@@ -1,126 +0,0 @@
-From: Daniel Borkmann <dborkman@redhat.com>
-Date: Thu, 22 Jan 2015 18:26:54 +0100
-Subject: net: sctp: fix slab corruption from use after free on INIT collisions
-Origin: https://git.kernel.org/linus/600ddd6825543962fb807884169e57b580dba208
-
-When hitting an INIT collision case during the 4WHS with AUTH enabled, as
-already described in detail in commit 1be9a950c646 ("net: sctp: inherit
-auth_capable on INIT collisions"), it can happen that we occasionally
-still remotely trigger the following panic on server side which seems to
-have been uncovered after the fix from commit 1be9a950c646 ...
-
-[  533.876389] BUG: unable to handle kernel paging request at 00000000ffffffff
-[  533.913657] IP: [<ffffffff811ac385>] __kmalloc+0x95/0x230
-[  533.940559] PGD 5030f2067 PUD 0
-[  533.957104] Oops: 0000 [#1] SMP
-[  533.974283] Modules linked in: sctp mlx4_en [...]
-[  534.939704] Call Trace:
-[  534.951833]  [<ffffffff81294e30>] ? crypto_init_shash_ops+0x60/0xf0
-[  534.984213]  [<ffffffff81294e30>] crypto_init_shash_ops+0x60/0xf0
-[  535.015025]  [<ffffffff8128c8ed>] __crypto_alloc_tfm+0x6d/0x170
-[  535.045661]  [<ffffffff8128d12c>] crypto_alloc_base+0x4c/0xb0
-[  535.074593]  [<ffffffff8160bd42>] ? _raw_spin_lock_bh+0x12/0x50
-[  535.105239]  [<ffffffffa0418c11>] sctp_inet_listen+0x161/0x1e0 [sctp]
-[  535.138606]  [<ffffffff814e43bd>] SyS_listen+0x9d/0xb0
-[  535.166848]  [<ffffffff816149a9>] system_call_fastpath+0x16/0x1b
-
-... or depending on the the application, for example this one:
-
-[ 1370.026490] BUG: unable to handle kernel paging request at 00000000ffffffff
-[ 1370.026506] IP: [<ffffffff811ab455>] kmem_cache_alloc+0x75/0x1d0
-[ 1370.054568] PGD 633c94067 PUD 0
-[ 1370.070446] Oops: 0000 [#1] SMP
-[ 1370.085010] Modules linked in: sctp kvm_amd kvm [...]
-[ 1370.963431] Call Trace:
-[ 1370.974632]  [<ffffffff8120f7cf>] ? SyS_epoll_ctl+0x53f/0x960
-[ 1371.000863]  [<ffffffff8120f7cf>] SyS_epoll_ctl+0x53f/0x960
-[ 1371.027154]  [<ffffffff812100d3>] ? anon_inode_getfile+0xd3/0x170
-[ 1371.054679]  [<ffffffff811e3d67>] ? __alloc_fd+0xa7/0x130
-[ 1371.080183]  [<ffffffff816149a9>] system_call_fastpath+0x16/0x1b
-
-With slab debugging enabled, we can see that the poison has been overwritten:
-
-[  669.826368] BUG kmalloc-128 (Tainted: G        W     ): Poison overwritten
-[  669.826385] INFO: 0xffff880228b32e50-0xffff880228b32e50. First byte 0x6a instead of 0x6b
-[  669.826414] INFO: Allocated in sctp_auth_create_key+0x23/0x50 [sctp] age=3 cpu=0 pid=18494
-[  669.826424]  __slab_alloc+0x4bf/0x566
-[  669.826433]  __kmalloc+0x280/0x310
-[  669.826453]  sctp_auth_create_key+0x23/0x50 [sctp]
-[  669.826471]  sctp_auth_asoc_create_secret+0xcb/0x1e0 [sctp]
-[  669.826488]  sctp_auth_asoc_init_active_key+0x68/0xa0 [sctp]
-[  669.826505]  sctp_do_sm+0x29d/0x17c0 [sctp] [...]
-[  669.826629] INFO: Freed in kzfree+0x31/0x40 age=1 cpu=0 pid=18494
-[  669.826635]  __slab_free+0x39/0x2a8
-[  669.826643]  kfree+0x1d6/0x230
-[  669.826650]  kzfree+0x31/0x40
-[  669.826666]  sctp_auth_key_put+0x19/0x20 [sctp]
-[  669.826681]  sctp_assoc_update+0x1ee/0x2d0 [sctp]
-[  669.826695]  sctp_do_sm+0x674/0x17c0 [sctp]
-
-Since this only triggers in some collision-cases with AUTH, the problem at
-heart is that sctp_auth_key_put() on asoc->asoc_shared_key is called twice
-when having refcnt 1, once directly in sctp_assoc_update() and yet again
-from within sctp_auth_asoc_init_active_key() via sctp_assoc_update() on
-the already kzfree'd memory, which is also consistent with the observation
-of the poison decrease from 0x6b to 0x6a (note: the overwrite is detected
-at a later point in time when poison is checked on new allocation).
-
-Reference counting of auth keys revisited:
-
-Shared keys for AUTH chunks are being stored in endpoints and associations
-in endpoint_shared_keys list. On endpoint creation, a null key is being
-added; on association creation, all endpoint shared keys are being cached
-and thus cloned over to the association. struct sctp_shared_key only holds
-a pointer to the actual key bytes, that is, struct sctp_auth_bytes which
-keeps track of users internally through refcounting. Naturally, on assoc
-or enpoint destruction, sctp_shared_key are being destroyed directly and
-the reference on sctp_auth_bytes dropped.
-
-User space can add keys to either list via setsockopt(2) through struct
-sctp_authkey and by passing that to sctp_auth_set_key() which replaces or
-adds a new auth key. There, sctp_auth_create_key() creates a new sctp_auth_bytes
-with refcount 1 and in case of replacement drops the reference on the old
-sctp_auth_bytes. A key can be set active from user space through setsockopt()
-on the id via sctp_auth_set_active_key(), which iterates through either
-endpoint_shared_keys and in case of an assoc, invokes (one of various places)
-sctp_auth_asoc_init_active_key().
-
-sctp_auth_asoc_init_active_key() computes the actual secret from local's
-and peer's random, hmac and shared key parameters and returns a new key
-directly as sctp_auth_bytes, that is asoc->asoc_shared_key, plus drops
-the reference if there was a previous one. The secret, which where we
-eventually double drop the ref comes from sctp_auth_asoc_set_secret() with
-intitial refcount of 1, which also stays unchanged eventually in
-sctp_assoc_update(). This key is later being used for crypto layer to
-set the key for the hash in crypto_hash_setkey() from sctp_auth_calculate_hmac().
-
-To close the loop: asoc->asoc_shared_key is freshly allocated secret
-material and independant of the sctp_shared_key management keeping track
-of only shared keys in endpoints and assocs. Hence, also commit 4184b2a79a76
-("net: sctp: fix memory leak in auth key management") is independant of
-this bug here since it concerns a different layer (though same structures
-being used eventually). asoc->asoc_shared_key is reference dropped correctly
-on assoc destruction in sctp_association_free() and when active keys are
-being replaced in sctp_auth_asoc_init_active_key(), it always has a refcount
-of 1. Hence, it's freed prematurely in sctp_assoc_update(). Simple fix is
-to remove that sctp_auth_key_put() from there which fixes these panics.
-
-Fixes: 730fc3d05cd4 ("[SCTP]: Implete SCTP-AUTH parameter processing")
-Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
-Acked-by: Vlad Yasevich <vyasevich@gmail.com>
-Acked-by: Neil Horman <nhorman@tuxdriver.com>
-Signed-off-by: David S. Miller <davem@davemloft.net>
----
- net/sctp/associola.c | 1 -
- 1 file changed, 1 deletion(-)
-
---- a/net/sctp/associola.c
-+++ b/net/sctp/associola.c
-@@ -1181,7 +1181,6 @@ void sctp_assoc_update(struct sctp_assoc
- 	asoc->peer.peer_hmacs = new->peer.peer_hmacs;
- 	new->peer.peer_hmacs = NULL;
- 
--	sctp_auth_key_put(asoc->asoc_shared_key);
- 	sctp_auth_asoc_init_active_key(asoc, GFP_ATOMIC);
- }
- 

debian/patches/bugfix/all/netfilter-conntrack-disable-generic-tracking-for-kno.patch

@@ -1,87 +0,0 @@
-From: Florian Westphal <fw@strlen.de>
-Date: Fri, 26 Sep 2014 11:35:42 +0200
-Subject: netfilter: conntrack: disable generic tracking for known protocols
-Origin: https://git.kernel.org/linus/db29a9508a9246e77087c5531e45b2c88ec6988b
-
-Given following iptables ruleset:
-
--P FORWARD DROP
--A FORWARD -m sctp --dport 9 -j ACCEPT
--A FORWARD -p tcp --dport 80 -j ACCEPT
--A FORWARD -p tcp -m conntrack -m state ESTABLISHED,RELATED -j ACCEPT
-
-One would assume that this allows SCTP on port 9 and TCP on port 80.
-Unfortunately, if the SCTP conntrack module is not loaded, this allows
-*all* SCTP communication, to pass though, i.e. -p sctp -j ACCEPT,
-which we think is a security issue.
-
-This is because on the first SCTP packet on port 9, we create a dummy
-"generic l4" conntrack entry without any port information (since
-conntrack doesn't know how to extract this information).
-
-All subsequent packets that are unknown will then be in established
-state since they will fallback to proto_generic and will match the
-'generic' entry.
-
-Our originally proposed version [1] completely disabled generic protocol
-tracking, but Jozsef suggests to not track protocols for which a more
-suitable helper is available, hence we now mitigate the issue for in
-tree known ct protocol helpers only, so that at least NAT and direction
-information will still be preserved for others.
-
- [1] http://www.spinics.net/lists/netfilter-devel/msg33430.html
-
-Joint work with Daniel Borkmann.
-
-Signed-off-by: Florian Westphal <fw@strlen.de>
-Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
-Acked-by: Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
-Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
----
- net/netfilter/nf_conntrack_proto_generic.c | 26 +++++++++++++++++++++++++-
- 1 file changed, 25 insertions(+), 1 deletion(-)
-
-diff --git a/net/netfilter/nf_conntrack_proto_generic.c b/net/netfilter/nf_conntrack_proto_generic.c
-index d25f293..957c1db 100644
---- a/net/netfilter/nf_conntrack_proto_generic.c
-+++ b/net/netfilter/nf_conntrack_proto_generic.c
-@@ -14,6 +14,30 @@
- 
- static unsigned int nf_ct_generic_timeout __read_mostly = 600*HZ;
- 
-+static bool nf_generic_should_process(u8 proto)
-+{
-+	switch (proto) {
-+#ifdef CONFIG_NF_CT_PROTO_SCTP_MODULE
-+	case IPPROTO_SCTP:
-+		return false;
-+#endif
-+#ifdef CONFIG_NF_CT_PROTO_DCCP_MODULE
-+	case IPPROTO_DCCP:
-+		return false;
-+#endif
-+#ifdef CONFIG_NF_CT_PROTO_GRE_MODULE
-+	case IPPROTO_GRE:
-+		return false;
-+#endif
-+#ifdef CONFIG_NF_CT_PROTO_UDPLITE_MODULE
-+	case IPPROTO_UDPLITE:
-+		return false;
-+#endif
-+	default:
-+		return true;
-+	}
-+}
-+
- static inline struct nf_generic_net *generic_pernet(struct net *net)
- {
- 	return &net->ct.nf_ct_proto.generic;
-@@ -67,7 +91,7 @@ static int generic_packet(struct nf_conn *ct,
- static bool generic_new(struct nf_conn *ct, const struct sk_buff *skb,
- 			unsigned int dataoff, unsigned int *timeouts)
- {
--	return true;
-+	return nf_generic_should_process(nf_ct_protonum(ct));
- }
- 
- #if IS_ENABLED(CONFIG_NF_CT_NETLINK_TIMEOUT)

debian/patches/bugfix/arm64/clocksource-arch_timer-Only-use-the-virtual-counter-.patch

@@ -1,40 +0,0 @@
-From 53a2dd7f567cebda868b0765e2659f7930ba958f Mon Sep 17 00:00:00 2001
-From: Catalin Marinas <catalin.marinas@arm.com>
-Date: Wed, 10 Dec 2014 11:02:09 +0000
-Subject: [PATCH] clocksource: arch_timer: Only use the virtual counter
- (CNTVCT) on arm64
-Origin: https://git.kernel.org/linus/d6ad36913083d683aad4e02e53580c995f1a6ede
-
-Commit 0b46b8a718c6 (clocksource: arch_timer: Fix code to use physical
-timers when requested) introduces the use of physical counters in the
-ARM architected timer driver. However, he arm64 kernel uses CNTVCT in
-VDSO. When booting in EL2, the kernel switches to the physical timers to
-make things easier for KVM but it continues to use the virtual counter
-both in user and kernel. While in such scenario CNTVCT == CNTPCT (since
-CNTVOFF is initialised by the kernel to 0), we want to spot firmware
-bugs corrupting CNTVOFF early (which would affect CNTVCT).
-
-Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
-Tested-by: Yingjoe Chen <yingjoe.chen@mediatek.com>
-Cc: Daniel Lezcano <daniel.lezcano@linaro.org>
-Signed-off-by: Arnd Bergmann <arnd@arndb.de>
----
- drivers/clocksource/arm_arch_timer.c |    2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/drivers/clocksource/arm_arch_timer.c b/drivers/clocksource/arm_arch_timer.c
-index 506949d..499cb1d 100644
---- a/drivers/clocksource/arm_arch_timer.c
-+++ b/drivers/clocksource/arm_arch_timer.c
-@@ -430,7 +430,7 @@ static void __init arch_counter_register(unsigned type)
- 
- 	/* Register the CP15 based counter if we have one */
- 	if (type & ARCH_CP15_TIMER) {
--		if (arch_timer_use_virtual)
-+		if (IS_ENABLED(CONFIG_ARM64) || arch_timer_use_virtual)
- 			arch_timer_read_counter = arch_counter_get_cntvct;
- 		else
- 			arch_timer_read_counter = arch_counter_get_cntpct;
--- 
-1.7.10.4
-

debian/patches/bugfix/sh4/scripts-recordmcount.pl-there-is-no-m32-option-on-super-h.patch

@@ -1,40 +0,0 @@
-From: Michael Karcher <kernel@mkarcher.dialup.fu-berlin.de>
-Date: Sun, 18 Jan 2015 00:36:15 +0100
-Subject: scripts/recordmcount.pl: There is no -m32 gcc option on Super-H
- anymore
-Origin: https://git.kernel.org/linus/1caf6aaaa47471831d77c75f094d4e00ad1ec808
-
-Compiling SH with gcc-4.8 fails due to the -m32 option not being
-supported.
-
-From http://buildd.debian-ports.org/status/fetch.php?pkg=linux&arch=sh4&ver=3.16.7-ckt4-1&stamp=1421425783
-
-      CC      init/main.o
-    gcc-4.8: error: unrecognized command line option '-m32'
-    ld: cannot find init/.tmp_mc_main.o: No such file or directory
-    objcopy: 'init/.tmp_mx_main.o': No such file
-    rm: cannot remove 'init/.tmp_mx_main.o': No such file or directory
-    rm: cannot remove 'init/.tmp_mc_main.o': No such file or directory
-
-Link: http://lkml.kernel.org/r/1421537778-29001-1-git-send-email-kernel@mkarcher.dialup.fu-berlin.de
-Link: http://lkml.kernel.org/r/54BCBDD4.10102@physik.fu-berlin.de
-
-Cc: stable@vger.kernel.org
-Cc: Matt Fleming <matt@console-pimps.org>
-Reported-by: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
-Signed-off-by: Michael Karcher <kernel@mkarcher.dialup.fu-berlin.de>
-Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
----
- scripts/recordmcount.pl | 1 -
- 1 file changed, 1 deletion(-)
-
---- a/scripts/recordmcount.pl
-+++ b/scripts/recordmcount.pl
-@@ -262,7 +262,6 @@ if ($arch eq "x86_64") {
-     # force flags for this arch
-     $ld .= " -m shlelf_linux";
-     $objcopy .= " -O elf32-sh-linux";
--    $cc .= " -m32";
- 
- } elsif ($arch eq "powerpc") {
-     $local_regex = "^[0-9a-fA-F]+\\s+t\\s+(\\.?\\S+)";

debian/patches/bugfix/x86/kvm-x86-sysenter-emulation-is-broken.patch

@@ -1,78 +0,0 @@
-From: Nadav Amit <namit@cs.technion.ac.il>
-Date: Thu, 1 Jan 2015 23:11:11 +0200
-Subject: KVM: x86: SYSENTER emulation is broken
-Origin: https://git.kernel.org/linus/f3747379accba8e95d70cec0eae0582c8c182050
-
-SYSENTER emulation is broken in several ways:
-1. It misses the case of 16-bit code segments completely (CVE-2015-0239).
-2. MSR_IA32_SYSENTER_CS is checked in 64-bit mode incorrectly (bits 0 and 1 can
-   still be set without causing #GP).
-3. MSR_IA32_SYSENTER_EIP and MSR_IA32_SYSENTER_ESP are not masked in
-   legacy-mode.
-4. There is some unneeded code.
-
-Fix it.
-
-Cc: stable@vger.linux.org
-Signed-off-by: Nadav Amit <namit@cs.technion.ac.il>
-Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
-[bwh: Backported to 3.16: adjust context]
----
- arch/x86/kvm/emulate.c | 27 ++++++++-------------------
- 1 file changed, 8 insertions(+), 19 deletions(-)
-
---- a/arch/x86/kvm/emulate.c
-+++ b/arch/x86/kvm/emulate.c
-@@ -2302,7 +2302,7 @@ static int em_sysenter(struct x86_emulat
- 	 * Not recognized on AMD in compat mode (but is recognized in legacy
- 	 * mode).
- 	 */
--	if ((ctxt->mode == X86EMUL_MODE_PROT32) && (efer & EFER_LMA)
-+	if ((ctxt->mode != X86EMUL_MODE_PROT64) && (efer & EFER_LMA)
- 	    && !vendor_intel(ctxt))
- 		return emulate_ud(ctxt);
- 
-@@ -2315,25 +2315,13 @@ static int em_sysenter(struct x86_emulat
- 	setup_syscalls_segments(ctxt, &cs, &ss);
- 
- 	ops->get_msr(ctxt, MSR_IA32_SYSENTER_CS, &msr_data);
--	switch (ctxt->mode) {
--	case X86EMUL_MODE_PROT32:
--		if ((msr_data & 0xfffc) == 0x0)
--			return emulate_gp(ctxt, 0);
--		break;
--	case X86EMUL_MODE_PROT64:
--		if (msr_data == 0x0)
--			return emulate_gp(ctxt, 0);
--		break;
--	default:
--		break;
--	}
-+	if ((msr_data & 0xfffc) == 0x0)
-+		return emulate_gp(ctxt, 0);
- 
- 	ctxt->eflags &= ~(EFLG_VM | EFLG_IF | EFLG_RF);
--	cs_sel = (u16)msr_data;
--	cs_sel &= ~SELECTOR_RPL_MASK;
-+	cs_sel = (u16)msr_data & ~SELECTOR_RPL_MASK;
- 	ss_sel = cs_sel + 8;
--	ss_sel &= ~SELECTOR_RPL_MASK;
--	if (ctxt->mode == X86EMUL_MODE_PROT64 || (efer & EFER_LMA)) {
-+	if (efer & EFER_LMA) {
- 		cs.d = 0;
- 		cs.l = 1;
- 	}
-@@ -2342,10 +2330,11 @@ static int em_sysenter(struct x86_emulat
- 	ops->set_segment(ctxt, ss_sel, &ss, 0, VCPU_SREG_SS);
- 
- 	ops->get_msr(ctxt, MSR_IA32_SYSENTER_EIP, &msr_data);
--	ctxt->_eip = msr_data;
-+	ctxt->_eip = (efer & EFER_LMA) ? msr_data : (u32)msr_data;
- 
- 	ops->get_msr(ctxt, MSR_IA32_SYSENTER_ESP, &msr_data);
--	*reg_write(ctxt, VCPU_REGS_RSP) = msr_data;
-+	*reg_write(ctxt, VCPU_REGS_RSP) = (efer & EFER_LMA) ? msr_data :
-+							      (u32)msr_data;
- 
- 	return X86EMUL_CONTINUE;
- }

debian/patches/bugfix/x86/x86-tls-interpret-an-all-zero-struct-user_desc-as-no.patch

@@ -1,112 +0,0 @@
-From: Andy Lutomirski <luto@amacapital.net>
-Date: Thu, 22 Jan 2015 11:27:59 -0800
-Subject: x86, tls: Interpret an all-zero struct user_desc as "no segment"
-Origin: https://git.kernel.org/linus/3669ef9fa7d35f573ec9c0e0341b29251c2734a7
-
-The Witcher 2 did something like this to allocate a TLS segment index:
-
-        struct user_desc u_info;
-        bzero(&u_info, sizeof(u_info));
-        u_info.entry_number = (uint32_t)-1;
-
-        syscall(SYS_set_thread_area, &u_info);
-
-Strictly speaking, this code was never correct.  It should have set
-read_exec_only and seg_not_present to 1 to indicate that it wanted
-to find a free slot without putting anything there, or it should
-have put something sensible in the TLS slot if it wanted to allocate
-a TLS entry for real.  The actual effect of this code was to
-allocate a bogus segment that could be used to exploit espfix.
-
-The set_thread_area hardening patches changed the behavior, causing
-set_thread_area to return -EINVAL and crashing the game.
-
-This changes set_thread_area to interpret this as a request to find
-a free slot and to leave it empty, which isn't *quite* what the game
-expects but should be close enough to keep it working.  In
-particular, using the code above to allocate two segments will
-allocate the same segment both times.
-
-According to FrostbittenKing on Github, this fixes The Witcher 2.
-
-If this somehow still causes problems, we could instead allocate
-a limit==0 32-bit data segment, but that seems rather ugly to me.
-
-Fixes: 41bdc78544b8 x86/tls: Validate TLS entries to protect espfix
-Signed-off-by: Andy Lutomirski <luto@amacapital.net>
-Cc: stable@vger.kernel.org
-Cc: torvalds@linux-foundation.org
-Link: http://lkml.kernel.org/r/0cb251abe1ff0958b8e468a9a9a905b80ae3a746.1421954363.git.luto@amacapital.net
-Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
----
- arch/x86/include/asm/desc.h | 13 +++++++++++++
- arch/x86/kernel/tls.c       | 25 +++++++++++++++++++++++--
- 2 files changed, 36 insertions(+), 2 deletions(-)
-
-diff --git a/arch/x86/include/asm/desc.h b/arch/x86/include/asm/desc.h
-index fc237fd..a94b82e 100644
---- a/arch/x86/include/asm/desc.h
-+++ b/arch/x86/include/asm/desc.h
-@@ -262,6 +262,19 @@ static inline void native_load_tls(struct thread_struct *t, unsigned int cpu)
- 	 (info)->seg_not_present	== 1	&&	\
- 	 (info)->useable		== 0)
- 
-+/* Lots of programs expect an all-zero user_desc to mean "no segment at all". */
-+static inline bool LDT_zero(const struct user_desc *info)
-+{
-+	return (info->base_addr		== 0 &&
-+		info->limit		== 0 &&
-+		info->contents		== 0 &&
-+		info->read_exec_only	== 0 &&
-+		info->seg_32bit		== 0 &&
-+		info->limit_in_pages	== 0 &&
-+		info->seg_not_present	== 0 &&
-+		info->useable		== 0);
-+}
-+
- static inline void clear_LDT(void)
- {
- 	set_ldt(NULL, 0);
-diff --git a/arch/x86/kernel/tls.c b/arch/x86/kernel/tls.c
-index 4e942f3..7fc5e84 100644
---- a/arch/x86/kernel/tls.c
-+++ b/arch/x86/kernel/tls.c
-@@ -29,7 +29,28 @@ static int get_free_idx(void)
- 
- static bool tls_desc_okay(const struct user_desc *info)
- {
--	if (LDT_empty(info))
-+	/*
-+	 * For historical reasons (i.e. no one ever documented how any
-+	 * of the segmentation APIs work), user programs can and do
-+	 * assume that a struct user_desc that's all zeros except for
-+	 * entry_number means "no segment at all".  This never actually
-+	 * worked.  In fact, up to Linux 3.19, a struct user_desc like
-+	 * this would create a 16-bit read-write segment with base and
-+	 * limit both equal to zero.
-+	 *
-+	 * That was close enough to "no segment at all" until we
-+	 * hardened this function to disallow 16-bit TLS segments.  Fix
-+	 * it up by interpreting these zeroed segments the way that they
-+	 * were almost certainly intended to be interpreted.
-+	 *
-+	 * The correct way to ask for "no segment at all" is to specify
-+	 * a user_desc that satisfies LDT_empty.  To keep everything
-+	 * working, we accept both.
-+	 *
-+	 * Note that there's a similar kludge in modify_ldt -- look at
-+	 * the distinction between modes 1 and 0x11.
-+	 */
-+	if (LDT_empty(info) || LDT_zero(info))
- 		return true;
- 
- 	/*
-@@ -71,7 +92,7 @@ static void set_tls_desc(struct task_struct *p, int idx,
- 	cpu = get_cpu();
- 
- 	while (n-- > 0) {
--		if (LDT_empty(info))
-+		if (LDT_empty(info) || LDT_zero(info))
- 			desc->a = desc->b = 0;
- 		else
- 			fill_ldt(desc, info);

debian/patches/bugfix/x86/x86-tls-ldt-stop-checking-lm-in-ldt_empty.patch

@@ -1,49 +0,0 @@
-From: Andy Lutomirski <luto@amacapital.net>
-Date: Thu, 22 Jan 2015 11:27:58 -0800
-Subject: x86, tls, ldt: Stop checking lm in LDT_empty
-Origin: https://git.kernel.org/linus/e30ab185c490e9a9381385529e0fd32f0a399495
-
-32-bit programs don't have an lm bit in their ABI, so they can't
-reliably cause LDT_empty to return true without resorting to memset.
-They shouldn't need to do this.
-
-This should fix a longstanding, if minor, issue in all 64-bit kernels
-as well as a potential regression in the TLS hardening code.
-
-Fixes: 41bdc78544b8 x86/tls: Validate TLS entries to protect espfix
-Cc: stable@vger.kernel.org
-Signed-off-by: Andy Lutomirski <luto@amacapital.net>
-Cc: torvalds@linux-foundation.org
-Link: http://lkml.kernel.org/r/72a059de55e86ad5e2935c80aa91880ddf19d07c.1421954363.git.luto@amacapital.net
-Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
----
- arch/x86/include/asm/desc.h | 9 ++-------
- 1 file changed, 2 insertions(+), 7 deletions(-)
-
-diff --git a/arch/x86/include/asm/desc.h b/arch/x86/include/asm/desc.h
-index 50d033a..fc237fd 100644
---- a/arch/x86/include/asm/desc.h
-+++ b/arch/x86/include/asm/desc.h
-@@ -251,7 +251,8 @@ static inline void native_load_tls(struct thread_struct *t, unsigned int cpu)
- 		gdt[GDT_ENTRY_TLS_MIN + i] = t->tls_array[i];
- }
- 
--#define _LDT_empty(info)				\
-+/* This intentionally ignores lm, since 32-bit apps don't have that field. */
-+#define LDT_empty(info)					\
- 	((info)->base_addr		== 0	&&	\
- 	 (info)->limit			== 0	&&	\
- 	 (info)->contents		== 0	&&	\
-@@ -261,12 +262,6 @@ static inline void native_load_tls(struct thread_struct *t, unsigned int cpu)
- 	 (info)->seg_not_present	== 1	&&	\
- 	 (info)->useable		== 0)
- 
--#ifdef CONFIG_X86_64
--#define LDT_empty(info) (_LDT_empty(info) && ((info)->lm == 0))
--#else
--#define LDT_empty(info) (_LDT_empty(info))
--#endif
--
- static inline void clear_LDT(void)
- {
- 	set_ldt(NULL, 0);

debian/patches/bugfix/x86/x86_64-vdso-fix-the-vdso-address-randomization-algor.patch

@@ -1,124 +0,0 @@
-From: Andy Lutomirski <luto@amacapital.net>
-Date: Fri, 19 Dec 2014 16:04:11 -0800
-Subject: x86_64, vdso: Fix the vdso address randomization algorithm
-Origin: https://git.kernel.org/linus/394f56fe480140877304d342dec46d50dc823d46
-
-The theory behind vdso randomization is that it's mapped at a random
-offset above the top of the stack.  To avoid wasting a page of
-memory for an extra page table, the vdso isn't supposed to extend
-past the lowest PMD into which it can fit.  Other than that, the
-address should be a uniformly distributed address that meets all of
-the alignment requirements.
-
-The current algorithm is buggy: the vdso has about a 50% probability
-of being at the very end of a PMD.  The current algorithm also has a
-decent chance of failing outright due to incorrect handling of the
-case where the top of the stack is near the top of its PMD.
-
-This fixes the implementation.  The paxtest estimate of vdso
-"randomisation" improves from 11 bits to 18 bits.  (Disclaimer: I
-don't know what the paxtest code is actually calculating.)
-
-It's worth noting that this algorithm is inherently biased: the vdso
-is more likely to end up near the end of its PMD than near the
-beginning.  Ideally we would either nix the PMD sharing requirement
-or jointly randomize the vdso and the stack to reduce the bias.
-
-In the mean time, this is a considerable improvement with basically
-no risk of compatibility issues, since the allowed outputs of the
-algorithm are unchanged.
-
-As an easy test, doing this:
-
-for i in `seq 10000`
-  do grep -P vdso /proc/self/maps |cut -d- -f1
-done |sort |uniq -d
-
-used to produce lots of output (1445 lines on my most recent run).
-A tiny subset looks like this:
-
-7fffdfffe000
-7fffe01fe000
-7fffe05fe000
-7fffe07fe000
-7fffe09fe000
-7fffe0bfe000
-7fffe0dfe000
-
-Note the suspicious fe000 endings.  With the fix, I get a much more
-palatable 76 repeated addresses.
-
-Reviewed-by: Kees Cook <keescook@chromium.org>
-Cc: stable@vger.kernel.org
-Signed-off-by: Andy Lutomirski <luto@amacapital.net>
----
- arch/x86/vdso/vma.c | 45 +++++++++++++++++++++++++++++----------------
- 1 file changed, 29 insertions(+), 16 deletions(-)
-
---- a/arch/x86/vdso/vma.c
-+++ b/arch/x86/vdso/vma.c
-@@ -54,12 +54,17 @@ subsys_initcall(init_vdso);
- 
- struct linux_binprm;
- 
--/* Put the vdso above the (randomized) stack with another randomized offset.
--   This way there is no hole in the middle of address space.
--   To save memory make sure it is still in the same PTE as the stack top.
--   This doesn't give that many random bits.
--
--   Only used for the 64-bit and x32 vdsos. */
-+/*
-+ * Put the vdso above the (randomized) stack with another randomized
-+ * offset.  This way there is no hole in the middle of address space.
-+ * To save memory make sure it is still in the same PTE as the stack
-+ * top.  This doesn't give that many random bits.
-+ *
-+ * Note that this algorithm is imperfect: the distribution of the vdso
-+ * start address within a PMD is biased toward the end.
-+ *
-+ * Only used for the 64-bit and x32 vdsos.
-+ */
- static unsigned long vdso_addr(unsigned long start, unsigned len)
- {
- #ifdef CONFIG_X86_32
-@@ -67,22 +72,30 @@ static unsigned long vdso_addr(unsigned
- #else
- 	unsigned long addr, end;
- 	unsigned offset;
--	end = (start + PMD_SIZE - 1) & PMD_MASK;
-+
-+	/*
-+	 * Round up the start address.  It can start out unaligned as a result
-+	 * of stack start randomization.
-+	 */
-+	start = PAGE_ALIGN(start);
-+
-+	/* Round the lowest possible end address up to a PMD boundary. */
-+	end = (start + len + PMD_SIZE - 1) & PMD_MASK;
- 	if (end >= TASK_SIZE_MAX)
- 		end = TASK_SIZE_MAX;
- 	end -= len;
--	/* This loses some more bits than a modulo, but is cheaper */
--	offset = get_random_int() & (PTRS_PER_PTE - 1);
--	addr = start + (offset << PAGE_SHIFT);
--	if (addr >= end)
--		addr = end;
-+
-+	if (end > start) {
-+		offset = get_random_int() % (((end - start) >> PAGE_SHIFT) + 1);
-+		addr = start + (offset << PAGE_SHIFT);
-+	} else {
-+		addr = start;
-+	}
- 
- 	/*
--	 * page-align it here so that get_unmapped_area doesn't
--	 * align it wrongfully again to the next page. addr can come in 4K
--	 * unaligned here as a result of stack start randomization.
-+	 * Forcibly align the final address in case we have a hardware
-+	 * issue that requires alignment for performance reasons.
- 	 */
--	addr = PAGE_ALIGN(addr);
- 	addr = align_vdso_addr(addr);
- 
- 	return addr;

debian/patches/features/all/aufs3/aufs3-mmap.patch

@@ -8,11 +8,9 @@ Patch headers added by debian/patches/features/all/aufs3/gen-patch
 
 aufs3.16 mmap patch
 
-diff --git a/fs/buffer.c b/fs/buffer.c
-index eba6e4f..31f0b2d 100644
 --- a/fs/buffer.c
 +++ b/fs/buffer.c
-@@ -2460,7 +2460,7 @@ int block_page_mkwrite(struct vm_area_struct *vma, struct vm_fault *vmf,
+@@ -2470,7 +2470,7 @@ int block_page_mkwrite(struct vm_area_st
  	 * Update file times before taking page lock. We may end up failing the
  	 * fault so this update may be superfluous but who really cares...
  	 */
@@ -21,11 +19,9 @@ index eba6e4f..31f0b2d 100644
  
  	ret = __block_page_mkwrite(vma, vmf, get_block);
  	sb_end_pagefault(sb);
-diff --git a/fs/proc/nommu.c b/fs/proc/nommu.c
-index d4a3574..1397181 100644
 --- a/fs/proc/nommu.c
 +++ b/fs/proc/nommu.c
-@@ -45,7 +45,10 @@ static int nommu_region_show(struct seq_file *m, struct vm_region *region)
+@@ -45,7 +45,10 @@ static int nommu_region_show(struct seq_
  	file = region->vm_file;
  
  	if (file) {
@@ -37,11 +33,9 @@ index d4a3574..1397181 100644
  		dev = inode->i_sb->s_dev;
  		ino = inode->i_ino;
  	}
-diff --git a/fs/proc/task_mmu.c b/fs/proc/task_mmu.c
-index cfa63ee..bf4919e 100644
 --- a/fs/proc/task_mmu.c
 +++ b/fs/proc/task_mmu.c
-@@ -265,7 +265,10 @@ show_map_vma(struct seq_file *m, struct vm_area_struct *vma, int is_pid)
+@@ -265,7 +265,10 @@ show_map_vma(struct seq_file *m, struct
  	const char *name = NULL;
  
  	if (file) {
@@ -53,7 +47,7 @@ index cfa63ee..bf4919e 100644
  		dev = inode->i_sb->s_dev;
  		ino = inode->i_ino;
  		pgoff = ((loff_t)vma->vm_pgoff) << PAGE_SHIFT;
-@@ -1390,7 +1393,7 @@ static int show_numa_map(struct seq_file *m, void *v, int is_pid)
+@@ -1390,7 +1393,7 @@ static int show_numa_map(struct seq_file
  	struct proc_maps_private *proc_priv = &numa_priv->proc_maps;
  	struct vm_area_struct *vma = v;
  	struct numa_maps *md = &numa_priv->md;
@@ -62,11 +56,9 @@ index cfa63ee..bf4919e 100644
  	struct task_struct *task = proc_priv->task;
  	struct mm_struct *mm = vma->vm_mm;
  	struct mm_walk walk = {};
-diff --git a/fs/proc/task_nommu.c b/fs/proc/task_nommu.c
-index 678455d..0ef7ef4 100644
 --- a/fs/proc/task_nommu.c
 +++ b/fs/proc/task_nommu.c
-@@ -141,7 +141,10 @@ static int nommu_vma_show(struct seq_file *m, struct vm_area_struct *vma,
+@@ -141,7 +141,10 @@ static int nommu_vma_show(struct seq_fil
  	file = vma->vm_file;
  
  	if (file) {
@@ -78,11 +70,9 @@ index 678455d..0ef7ef4 100644
  		dev = inode->i_sb->s_dev;
  		ino = inode->i_ino;
  		pgoff = (loff_t)vma->vm_pgoff << PAGE_SHIFT;
-diff --git a/include/linux/mm.h b/include/linux/mm.h
-index e03dd29..dd32624 100644
 --- a/include/linux/mm.h
 +++ b/include/linux/mm.h
-@@ -1184,6 +1184,28 @@ static inline int fixup_user_fault(struct task_struct *tsk,
+@@ -1187,6 +1187,28 @@ static inline int fixup_user_fault(struc
  }
  #endif
  
@@ -111,8 +101,6 @@ index e03dd29..dd32624 100644
  extern int access_process_vm(struct task_struct *tsk, unsigned long addr, void *buf, int len, int write);
  extern int access_remote_vm(struct mm_struct *mm, unsigned long addr,
  		void *buf, int len, int write);
-diff --git a/include/linux/mm_types.h b/include/linux/mm_types.h
-index 96c5750..a087ecd 100644
 --- a/include/linux/mm_types.h
 +++ b/include/linux/mm_types.h
 @@ -232,6 +232,7 @@ struct vm_region {
@@ -131,11 +119,9 @@ index 96c5750..a087ecd 100644
  	void * vm_private_data;		/* was vm_pte (shared mem) */
  
  #ifndef CONFIG_MMU
-diff --git a/kernel/fork.c b/kernel/fork.c
-index 6a13c46..714302c 100644
 --- a/kernel/fork.c
 +++ b/kernel/fork.c
-@@ -416,7 +416,7 @@ static int dup_mmap(struct mm_struct *mm, struct mm_struct *oldmm)
+@@ -416,7 +416,7 @@ static int dup_mmap(struct mm_struct *mm
  			struct inode *inode = file_inode(file);
  			struct address_space *mapping = file->f_mapping;
  
@@ -144,11 +130,9 @@ index 6a13c46..714302c 100644
  			if (tmp->vm_flags & VM_DENYWRITE)
  				atomic_dec(&inode->i_writecount);
  			mutex_lock(&mapping->i_mmap_mutex);
-diff --git a/mm/Makefile b/mm/Makefile
-index 4064f3e..0003fdf 100644
 --- a/mm/Makefile
 +++ b/mm/Makefile
-@@ -18,7 +18,7 @@ obj-y			:= filemap.o mempool.o oom_kill.o fadvise.o \
+@@ -18,7 +18,7 @@ obj-y			:= filemap.o mempool.o oom_kill.
  			   mm_init.o mmu_context.o percpu.o slab_common.o \
  			   compaction.o balloon_compaction.o vmacache.o \
  			   interval_tree.o list_lru.o workingset.o \
@@ -157,11 +141,9 @@ index 4064f3e..0003fdf 100644
  
  obj-y += init-mm.o
  
-diff --git a/mm/filemap.c b/mm/filemap.c
-index 900edfa..f4dda0c 100644
 --- a/mm/filemap.c
 +++ b/mm/filemap.c
-@@ -2040,7 +2040,7 @@ int filemap_page_mkwrite(struct vm_area_struct *vma, struct vm_fault *vmf)
+@@ -2036,7 +2036,7 @@ int filemap_page_mkwrite(struct vm_area_
  	int ret = VM_FAULT_LOCKED;
  
  	sb_start_pagefault(inode->i_sb);
@@ -170,8 +152,6 @@ index 900edfa..f4dda0c 100644
  	lock_page(page);
  	if (page->mapping != inode->i_mapping) {
  		unlock_page(page);
-diff --git a/mm/fremap.c b/mm/fremap.c
-index 72b8fa3..a00bbf0 100644
 --- a/mm/fremap.c
 +++ b/mm/fremap.c
 @@ -224,16 +224,28 @@ get_write_lock:
@@ -205,11 +185,9 @@ index 72b8fa3..a00bbf0 100644
  				err = 0;
  			}
  			goto out_freed;
-diff --git a/mm/madvise.c b/mm/madvise.c
-index a402f8f..134e15d 100644
 --- a/mm/madvise.c
 +++ b/mm/madvise.c
-@@ -327,12 +327,12 @@ static long madvise_remove(struct vm_area_struct *vma,
+@@ -327,12 +327,12 @@ static long madvise_remove(struct vm_are
  	 * vma's reference to the file) can go away as soon as we drop
  	 * mmap_sem.
  	 */
@@ -224,12 +202,10 @@ index a402f8f..134e15d 100644
  	down_read(&current->mm->mmap_sem);
  	return error;
  }
-diff --git a/mm/memory.c b/mm/memory.c
-index 8b44f76..69a72bf 100644
 --- a/mm/memory.c
 +++ b/mm/memory.c
-@@ -2161,7 +2161,7 @@ reuse:
- 			set_page_dirty_balance(dirty_page);
+@@ -2168,7 +2168,7 @@ reuse:
+ 
  			/* file_update_time outside page_lock */
  			if (vma->vm_file)
 -				file_update_time(vma->vm_file);
@@ -237,11 +213,9 @@ index 8b44f76..69a72bf 100644
  		}
  		put_page(dirty_page);
  		if (page_mkwrite) {
-diff --git a/mm/mmap.c b/mm/mmap.c
-index 129b847..869d1d7 100644
 --- a/mm/mmap.c
 +++ b/mm/mmap.c
-@@ -253,7 +253,7 @@ static struct vm_area_struct *remove_vma(struct vm_area_struct *vma)
+@@ -253,7 +253,7 @@ static struct vm_area_struct *remove_vma
  	if (vma->vm_ops && vma->vm_ops->close)
  		vma->vm_ops->close(vma);
  	if (vma->vm_file)
@@ -250,7 +224,7 @@ index 129b847..869d1d7 100644
  	mpol_put(vma_policy(vma));
  	kmem_cache_free(vm_area_cachep, vma);
  	return next;
-@@ -863,7 +863,7 @@ again:			remove_next = 1 + (end > next->vm_end);
+@@ -868,7 +868,7 @@ again:			remove_next = 1 + (end > next->
  	if (remove_next) {
  		if (file) {
  			uprobe_munmap(next, next->vm_start, next->vm_end);
@@ -259,7 +233,7 @@ index 129b847..869d1d7 100644
  		}
  		if (next->anon_vma)
  			anon_vma_merge(vma, next);
-@@ -1643,8 +1643,8 @@ out:
+@@ -1648,8 +1648,8 @@ out:
  unmap_and_free_vma:
  	if (vm_flags & VM_DENYWRITE)
  		allow_write_access(file);
@@ -269,7 +243,7 @@ index 129b847..869d1d7 100644
  
  	/* Undo any partial mapping done by a device driver. */
  	unmap_region(mm, vma, prev, vma->vm_start, vma->vm_end);
-@@ -2434,7 +2434,7 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma,
+@@ -2443,7 +2443,7 @@ static int __split_vma(struct mm_struct
  		goto out_free_mpol;
  
  	if (new->vm_file)
@@ -278,7 +252,7 @@ index 129b847..869d1d7 100644
  
  	if (new->vm_ops && new->vm_ops->open)
  		new->vm_ops->open(new);
-@@ -2453,7 +2453,7 @@ static int __split_vma(struct mm_struct * mm, struct vm_area_struct * vma,
+@@ -2462,7 +2462,7 @@ static int __split_vma(struct mm_struct
  	if (new->vm_ops && new->vm_ops->close)
  		new->vm_ops->close(new);
  	if (new->vm_file)
@@ -287,7 +261,7 @@ index 129b847..869d1d7 100644
  	unlink_anon_vmas(new);
   out_free_mpol:
  	mpol_put(vma_policy(new));
-@@ -2842,7 +2842,7 @@ struct vm_area_struct *copy_vma(struct vm_area_struct **vmap,
+@@ -2851,7 +2851,7 @@ struct vm_area_struct *copy_vma(struct v
  			if (anon_vma_clone(new_vma, vma))
  				goto out_free_mempol;
  			if (new_vma->vm_file)
@@ -296,11 +270,9 @@ index 129b847..869d1d7 100644
  			if (new_vma->vm_ops && new_vma->vm_ops->open)
  				new_vma->vm_ops->open(new_vma);
  			vma_link(mm, new_vma, prev, rb_link, rb_parent);
-diff --git a/mm/msync.c b/mm/msync.c
-index 992a167..ce1915b 100644
 --- a/mm/msync.c
 +++ b/mm/msync.c
-@@ -84,13 +84,13 @@ SYSCALL_DEFINE3(msync, unsigned long, start, size_t, len, int, flags)
+@@ -84,13 +84,13 @@ SYSCALL_DEFINE3(msync, unsigned long, st
  		start = vma->vm_end;
  		if ((flags & MS_SYNC) && file &&
  				(vma->vm_flags & VM_SHARED)) {
@@ -316,11 +288,9 @@ index 992a167..ce1915b 100644
  			if (error || start >= end)
  				goto out;
  			down_read(&mm->mmap_sem);
-diff --git a/mm/nommu.c b/mm/nommu.c
-index 4a852f6..b369644 100644
 --- a/mm/nommu.c
 +++ b/mm/nommu.c
-@@ -658,7 +658,7 @@ static void __put_nommu_region(struct vm_region *region)
+@@ -658,7 +658,7 @@ static void __put_nommu_region(struct vm
  		up_write(&nommu_region_sem);
  
  		if (region->vm_file)
@@ -329,7 +299,7 @@ index 4a852f6..b369644 100644
  
  		/* IO memory and memory shared directly out of the pagecache
  		 * from ramfs/tmpfs mustn't be released here */
-@@ -823,7 +823,7 @@ static void delete_vma(struct mm_struct *mm, struct vm_area_struct *vma)
+@@ -823,7 +823,7 @@ static void delete_vma(struct mm_struct
  	if (vma->vm_ops && vma->vm_ops->close)
  		vma->vm_ops->close(vma);
  	if (vma->vm_file)
@@ -338,7 +308,7 @@ index 4a852f6..b369644 100644
  	put_nommu_region(vma->vm_region);
  	kmem_cache_free(vm_area_cachep, vma);
  }
-@@ -1385,7 +1385,7 @@ unsigned long do_mmap_pgoff(struct file *file,
+@@ -1385,7 +1385,7 @@ unsigned long do_mmap_pgoff(struct file
  					goto error_just_free;
  				}
  			}
@@ -360,9 +330,6 @@ index 4a852f6..b369644 100644
  	kmem_cache_free(vm_area_cachep, vma);
  	kleave(" = %d", ret);
  	return ret;
-diff --git a/mm/prfile.c b/mm/prfile.c
-new file mode 100644
-index 0000000..fc708d2
 --- /dev/null
 +++ b/mm/prfile.c
 @@ -0,0 +1,86 @@

debian/patches/features/x86/apple-tb/pci-suspend-resume-quirks-for-apple-thunderbolt.patch

@@ -30,9 +30,9 @@ Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 
 --- a/drivers/pci/quirks.c
 +++ b/drivers/pci/quirks.c
-@@ -3006,6 +3006,103 @@ DECLARE_PCI_FIXUP_HEADER(0x1814, 0x0601,
- DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_REALTEK, 0x8169,
- 			 quirk_broken_intx_masking);
+@@ -3020,6 +3020,103 @@ static void quirk_no_bus_reset(struct pc
+  */
+ DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_ATHEROS, 0x0030, quirk_no_bus_reset);
  
 +#ifdef CONFIG_ACPI
 +/*
@@ -136,7 +136,7 @@ Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
  {
 --- a/include/linux/pci.h
 +++ b/include/linux/pci.h
-@@ -1485,7 +1485,9 @@ enum pci_fixup_pass {
+@@ -1489,7 +1489,9 @@ enum pci_fixup_pass {
  	pci_fixup_resume,	/* pci_device_resume() */
  	pci_fixup_suspend,	/* pci_device_suspend() */
  	pci_fixup_resume_early, /* pci_device_resume_early() */

debian/patches/series

@@ -56,7 +56,6 @@ bugfix/x86/drm-i915-Add-some-L3-registers-to-the-parser-whiteli.patch
 bugfix/parisc/parisc-reduce-sigrtmin-from-37-to-32-to-behave-like-.patch
 bugfix/arm64/arm64-add-missing-dts-entry-for-X-Gene-platform.patch
 bugfix/arm64/arm64-removed-using-of-the-mask-attribute-in-the-dts.patch
-bugfix/arm64/clocksource-arch_timer-Only-use-the-virtual-counter-.patch
 bugfix/x86/acpi-video-run-_bcl-before-deciding-registering-back.patch
 
 # Arch features
@@ -154,7 +153,6 @@ bugfix/all/netback-don-t-store-invalid-vif-pointer.patch
 bugfix/all/xen-netback-support-frontends-without-feature-rx-not.patch
 bugfix/all/aufs-move-d_rcu-from-overlapping-d_child-to-overlapping-d.patch
 bugfix/all/net-mv643xx-disable-tso-by-default.patch
-bugfix/all/Revert-swiotlb-xen-pass-dev_addr-to-swiotlb_tbl_unma.patch
 bugfix/all/xen-balloon-cancel-ballooning-if-adding-new-memory-f.patch
 bugfix/all/xen-balloon-Don-t-continue-ballooning-when-BP_ECANCE.patch
 
@@ -491,16 +489,6 @@ debian/arm-thread_info-fix-abi-change-in-3.16.7-ckt3.patch
 debian/pci-fix-abi-change-in-3.16.7-ckt3.patch
 debian/vfs-avoid-abi-change-for-dentry-union-changes.patch
 debian/userns-fix-abi-change-in-3.16.7-ckt4.patch
-bugfix/all/netfilter-conntrack-disable-generic-tracking-for-kno.patch
-bugfix/x86/x86_64-vdso-fix-the-vdso-address-randomization-algor.patch
-bugfix/all/crypto-prefix-module-autoloading-with-crypto.patch
-bugfix/all/crypto-include-crypto-module-prefix-in-template.patch
-bugfix/all/crypto-add-missing-crypto-module-aliases.patch
-bugfix/x86/kvm-x86-sysenter-emulation-is-broken.patch
-bugfix/sh4/scripts-recordmcount.pl-there-is-no-m32-option-on-super-h.patch
-bugfix/x86/x86-tls-ldt-stop-checking-lm-in-ldt_empty.patch
-bugfix/x86/x86-tls-interpret-an-all-zero-struct-user_desc-as-no.patch
-bugfix/all/net-sctp-fix-slab-corruption-from-use-after-free-on-.patch
 features/all/kdbus/shm-add-memfd.h-to-uapi-export-list.patch
 bugfix/x86/x86-hpet-force-enable-for-e6xx-based-systems.patch
 bugfix/all/vfs-read-file_handle-only-once-in-handle_to_path.patch