debian-packaging
/
linux
8
0
Fork 0
Code Releases Activity

Release linux (4.4.2-1). 

-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIVAwUAVsT0Jue/yOyVhhEJAQo96w/+IZBasj9Vf3KovHNaOXaW1rZL6GRVNzpB
 OSNqINfAEtvOR8RuwAcA/zgHy7NNDS9CkDQgjGdJKIhdXXem7mG7Oo3iEwb5osL7
 HhUPmeTmXqsa5C6GWzNtERrtX6N8XtBV3inR8iSS46XOm+RHq5UnffqZB35DqUbq
 G0h5hiZSXXIXbn0MYJWSPAekAmTXdcevGUoe8bIBD+wH/X4oPINmQLkH6PL5iK7B
 KHbf7dJ+JnmbsKJdBpfZvPoa6B1a9FL3HLKkOQjmYF0YjIzZe14JHnvjZNULBmj9
 eqmwpfPxAmR5XQgUBu1TPx37FB/nJdMUjZQNz01k0Ybv3l6lKocc7YwX3kViitqe
 CiWqbq7LPwN1QNGI6Sf7UB/1XjWJPzWsYoZ0AjDH3ihIPrxmYCdjJstFXr0W3qEG
 4e3pJv8gqHxP5SSmE5PQQcS8uiisHmADHZc7C02mxWGDLpqb3gmtgrGqQRFjkk55
 tpn8jz2fGGt5VQkhpSBE8wWG4fHRFwiLaAsCVv9jE36pLNq5M9U9VnilCPeoTkti
 JcDfPYBjma6RVADIU6tkNnjxJcHFXAqEb5Jn0Wq89GGaS1egAlch4K/XYS+OnIH9
 m2Fg4P+TdMePDYxh40tNTIwwHcHLffNfe9K+Ien/DmffuQ87Jk4hfKPW/ZXDO3jO
 qdrmLXK2BEg=
 =syys
 -----END PGP SIGNATURE-----

Merge tag 'debian/4.4.2-1'

Drop rt featureset changes.

Drop patches that are already in 4.5-rc4.

Keep the ABI version at 'trunk'.
This commit is contained in:
Ben Hutchings 2016-02-17 22:45:34 +00:00
parent 9549742239 42d36aac27
commit cdcc46b5c4
66 changed files with 1372 additions and 662 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
debian/changelog vendored
View File

@ -13,6 +13,59 @@ linux (4.5~rc4-1~exp1) UNRELEASED; urgency=medium
-- Roger Shimizu <rogershimizu@gmail.com> Sun, 14 Feb 2016 00:32:40 +0900
linux (4.4.2-1) unstable; urgency=medium
* New upstream stable update:
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.2
- ALSA: usb-audio: avoid freeing umidi object twice (CVE-2016-2384)
[ Ben Hutchings ]
* Set ABI to 1
* iw_cxgb3: Fix incorrectly returning error on success (CVE-2015-8812)
* fs/hugetlbfs/inode.c: fix bugs in hugetlb_vmtruncate_list() (CVE-2016-0617)
(regression in 4.3)
* af_unix: Guard against other == sk in unix_dgram_sendmsg
(regression in 4.2.6-2)
* Revert "workqueue: make sure delayed work run in local cpu"
(regression in 4.3)
* af_unix: Don't set err in unix_stream_read_generic unless there was an error
(regression in 4.4, 4.3.4)
* bpf: fix branch offset adjustment on backjumps after patching ctx expansion
(CVE-2016-2383)
* udeb: Combine scsi-{common,extra}-modules with scsi-modules
* udeb: Use wildcards to include entire classes of drivers:
- input-modules: Include HID drivers by default
- nic{,-pcmcia,-usb,-wireless}-modules: Include Ethernet, USB and wireless
drivers by default
- {pata,sata}-modules: Include ATA drivers by default
- sound-modules: Include sound drivers by default
- scsi-modules: Include SCSI drivers by default
- usb-modules: Include USB host drivers by default
- usb-serial-modules: Include USB serial drivers by default
- usb-storage-modules: Include USB storage drivers by default
* udeb: Remove some obsolete drivers:
- nic-modules: Remove FDDI and HIPPI drivers, and inet_lro module
- nic-pcmcia-modules: Remove Arcnet drivers
* udeb: Move most USB wireless drivers from nic-usb-modules to
nic-wireless-modules
* udeb: Really add virtio_input to virtio-modules (not input-modules)
* [x86] Fix issues resulting in W+X pages:
- [amd64] efi: Build our own page table structure
- [i386/686-pae] mm: Fix types used in pgprot cacheability flags
translations
- [i386/686-pae] PCI: Set pci=nobios by default
* IFF_NO_QUEUE: Fix for drivers not calling ether_setup() (regression in 4.3)
* udeb: Fix issues with wildcards that caused FTBFS on armhf, thanks to
Karsten Merker
[ Roger Shimizu ]
* Enable TTY_PRINTK as module (Closes: #814540).
[ Uwe Kleine-König ]
* [rt] Update to 4.4.1-rt6
-- Ben Hutchings <ben@decadent.org.uk> Wed, 17 Feb 2016 21:20:12 +0000
linux (4.4.1-1~exp1) experimental; urgency=medium
* New upstream stable update:

1
debian/installer/alpha/modules/alpha-generic/scsi-common-modules vendored
View File

@ -1 +0,0 @@
#include <scsi-common-modules>

1
debian/installer/alpha/modules/alpha-generic/scsi-extra-modules vendored
View File

@ -1 +0,0 @@
#include <scsi-extra-modules>

1
debian/installer/amd64/modules/amd64/scsi-common-modules vendored
View File

@ -1 +0,0 @@
#include <scsi-common-modules>

1
debian/installer/amd64/modules/amd64/scsi-extra-modules vendored
View File

@ -1 +0,0 @@
#include <scsi-extra-modules>

2
debian/installer/amd64/package-list vendored
View File

@ -8,7 +8,7 @@ Package: fat-modules
Priority: standard
Package: scsi-modules
Depends: kernel-image, scsi-core-modules, scsi-common-modules, cdrom-core-modules, core-modules, ata-modules
Depends: kernel-image, scsi-core-modules, cdrom-core-modules, core-modules, ata-modules
Package: kernel-image
Provides: zlib-modules

1
debian/installer/armel/modules/armel-marvell/nic-modules vendored
View File

@ -1,3 +1,2 @@
inet_lro
mv643xx_eth
mvmdio

0
debian/installer/armel/modules/armel-versatile/scsi-common-modules → debian/installer/armel/modules/armel-versatile/scsi-modules vendored
View File

1
debian/installer/hppa/modules/hppa-parisc64-smp/scsi-common-modules vendored
View File

@ -1 +0,0 @@
#include "../hppa/scsi-common-modules"

2
debian/installer/hppa/modules/hppa/scsi-common-modules vendored
View File

@ -1,2 +0,0 @@
#include <scsi-common-modules>

5
debian/installer/hppa/modules/hppa/scsi-modules vendored
View File

@ -1,3 +1,8 @@
aic79xx
aic7xxx
BusLogic ?
sym53c8xx
sym53c8xx_2 ?
53c700
ch
lasi700

2
debian/installer/i386/modules/i386/scsi-common-modules vendored
View File

@ -1,2 +0,0 @@
#include <scsi-common-modules>

1
debian/installer/i386/modules/i386/scsi-extra-modules vendored
View File

@ -1 +0,0 @@
#include <scsi-extra-modules>

1
debian/installer/mips/modules/mips-4kc-malta/scsi-common-modules vendored
View File

@ -1 +0,0 @@
#include <scsi-common-modules>

1
debian/installer/mips/modules/mips-4kc-malta/scsi-extra-modules vendored
View File

@ -1 +0,0 @@
#include <scsi-extra-modules>

2
debian/installer/mips/modules/mips-octeon/scsi-common-modules vendored
View File

@ -1,2 +0,0 @@
#include <scsi-common-modules>
sym53c8xx -

4
debian/installer/mips/modules/mips-octeon/scsi-extra-modules vendored
View File

@ -1,4 +0,0 @@
#include <scsi-extra-modules>
cciss -
DAC960 -
ips -

4
debian/installer/mips/modules/mips-octeon/scsi-modules vendored
View File

@ -1,2 +1,6 @@
#include <scsi-modules>
DAC960 -
cciss -
dmx3191d -
ips -
sym53c8xx -

2
debian/installer/mipsel/modules/mipsel-loongson-2e/scsi-common-modules vendored
View File

@ -1,2 +0,0 @@
#include <scsi-common-modules>
sym53c8xx -

4
debian/installer/mipsel/modules/mipsel-loongson-2e/scsi-extra-modules vendored
View File

@ -1,4 +0,0 @@
#include <scsi-extra-modules>
cciss -
DAC960 -
ips -

4
debian/installer/mipsel/modules/mipsel-loongson-2e/scsi-modules vendored
View File

@ -1,2 +1,6 @@
#include <scsi-modules>
DAC960 -
cciss -
dmx3191d -
ips -
sym53c8xx -

2
debian/installer/mipsel/modules/mipsel-loongson-2f/scsi-common-modules vendored
View File

@ -1,2 +0,0 @@
#include <scsi-common-modules>
sym53c8xx -

4
debian/installer/mipsel/modules/mipsel-loongson-2f/scsi-extra-modules vendored
View File

@ -1,4 +0,0 @@
#include <scsi-extra-modules>
cciss -
DAC960 -
ips -

4
debian/installer/mipsel/modules/mipsel-loongson-2f/scsi-modules vendored
View File

@ -1,2 +1,6 @@
#include <scsi-modules>
DAC960 -
cciss -
dmx3191d -
ips -
sym53c8xx -

2
debian/installer/mipsel/modules/mipsel-loongson-3/scsi-common-modules vendored
View File

@ -1,2 +0,0 @@
#include <scsi-common-modules>
sym53c8xx -

4
debian/installer/mipsel/modules/mipsel-loongson-3/scsi-extra-modules vendored
View File

@ -1,4 +0,0 @@
#include <scsi-extra-modules>
cciss -
DAC960 -
ips -

4
debian/installer/mipsel/modules/mipsel-loongson-3/scsi-modules vendored
View File

@ -1,2 +1,6 @@
#include <scsi-modules>
DAC960 -
cciss -
dmx3191d -
ips -
sym53c8xx -

67
debian/installer/modules/input-modules vendored
View File

@ -1,36 +1,39 @@
hid
hid-generic
usbhid
hid-a4tech ?
hid-apple ?
hid-belkin ?
hid-cherry ?
hid-chicony ?
hid-cypress ?
hid-ezkey ?
hid-holtek-kbd ?
hid-kensington ?
hid-keytouch ?
hid-kye ?
hid-lenovo-tpkbd ?
hid-logitech ?
hid-logitech-dj
hid-logitech-hidpp ?
hid-microsoft ?
hid-monterey ?
hid-multitouch ?
hid-ortek ?
hid-primax ?
hid-roccat-isku ?
hid-roccat-lua ?
hid-roccat-savu ?
hid-samsung ?
hid-speedlink ?
hid-sunplus ?
hid-topseed ?
# Include HID drivers by default
drivers/hid/**
# Exclude hid-hyperv, packaged in hyperv-modules
hid-hyperv -
# Exclude drivers for anything but keyboard and mouse/trackball/touchpad
drivers/hid/hid-*ff -
hid-dr -
hid-elecom -
hid-gyration -
hid-icade -
hid-lcpower -
hid-ntrig -
hid-petalynx -
hid-picolcd -
hid-pl -
hid-prodikeys -
hid-ps3remote -
hid-quanta -
drivers/hid/hid-roccat-ko* -
hid-roccat-pyra -
hid-saitek -
hid-sensor-hub -
hid-sony -
hid-tivo -
hid-twinhan -
hid-uclogic -
hid-wacom -
hid-waltop -
hid-wiimote -
hid-zydacron -
wacom -
# Miscellaneous input drivers
synaptics_usb ?
wistron_btns ?
i2c-hid ?
virtio-input ?
gpio_keys ?
soc_button_array ?

132
debian/installer/modules/nic-modules vendored
View File

@ -1,118 +1,22 @@
3c509 ?
3c515 ?
3c523 ?
3c527 ?
3c59x ?
8139cp
8139too
acenic ?
alx ?
amd8111e ?
arlan ?
atl1 ?
atl1c ?
atl1e ?
atl2 ?
be2net ?
bna ?
bnx2 ?
bnx2x ?
cassini ?
cs89x0 ?
cxgb ?
cxgb3 ?
cxgb4 ?
cxgb4vf ?
de2104x ?
defxx ?
dl2k
dmfe
e100
e1000 ?
e1000e ?
enic ?
epic100
et131x ?
fealnx
forcedeth ?
hamachi
i40e ?
igb
igbvf ?
ipg ?
ixgb ?
ixgbe ?
ixgbevf ?
jme ?
lance ?
liquidio ?
mlx4_en ?
mlx5_core ?
myri10ge ?
natsemi
ne ?
ne2 ?
ne2k-pci
netxen_nic ?
ni65 ?
niu ?
ns83820
pch_gbe ?
pcnet32 ?
qla3xxx ?
qlcnic ?
qlge ?
r6040
r8169
rrunner ?
s2io ?
sc92031 ?
sfc
sis190 ?
sis900 ?
skfp
skge
sky2
smc-ultra ?
smc9194 ?
smsc9420 ?
starfire
sundance
tehuti ?
tg3 ?
tlan ?
tulip
typhoon
uli526x ?
via-rhine ?
via-velocity ?
# Include Ethernet controller and PHY drivers by default
drivers/net/ethernet/**
drivers/net/phy/*
# Include paravirtual network drivers with minimal dependencies
vmxnet3 ?
vxge ?
wd ?
winbond-840
xen-netfront ?
yellowfin
# inet_lro is shared but now only used by myri10ge (and the iw_nes IB driver)
inet_lro ?
# phy drivers
broadcom ?
cicada ?
davicom ?
dp83867 ?
et1011c ?
icplus ?
lxt ?
marvell ?
mdio-bitbang ?
micrel ?
national ?
qsemi ?
realtek ?
smsc ?
ste10Xp ?
vitesse ?
# VLAN
# Include VLAN driver
8021q
# Exclude drivers packaged in nic-pcmcia-modules
drivers/net/**_cs -
b44 -
xircom_cb -
# Exclude libraries packaged in nic-{common,shared} modules
8390 -
libphy -
# Exclude iSCSI drivers packaged in scsi-modules
cnic -

25
debian/installer/modules/nic-pcmcia-modules vendored
View File

@ -1,19 +1,10 @@
# Common pcmcia nic modules.
3c574_cs
3c589_cs
airo_cs ?
axnet_cs
# Include PCMCIA Ethernet and wireless drivers by default
drivers/net/ethernet/**_cs
drivers/net/wireless/**_cs
b44 ?
com20020_cs ?
fmvj18x_cs ?
netwave_cs ?
nmclan_cs
orinoco_cs
pcnet_cs
ray_cs
smc91c92_cs
wavelan_cs ?
xirc2ps_cs
hostap_plx ?
xircom_cb
atmel_cs ?
wl3501_cs ?
# Exclude drivers packaged in nic-wireless-modules
libertas_cs -
spectrum_cs -

37
debian/installer/modules/nic-usb-modules vendored
View File

@ -1,21 +1,16 @@
# USB wired network modules (USB wireless goes in nic-wireless-modules)
asix ?
ax88179_178a ?
catc
cdc_ether ?
dm9601 ?
g_ether ?
int51x1 ?
kaweth
mcs7830 ?
pegasus
r8152 ?
r815x ?
rndis_wlan ?
rtl8150
rtl8187 ?
smsc75xx ?
smsc95xx ?
usbnet
zd1201 ?
zd1211rw ?
# Include USB wired drivers by default
drivers/net/usb/*
# Include rndis_wlan, which depends on rndis_host
rndis_wlan
# Exclude wireless modem drivers which need extra configuration
cdc_mbim -
cdc_ncm -
cdc-phonet -
hso -
huawei_cdc_ncm -
kalmia -
lg-vl600 -
qmi_wwan -
sierra_net -

88
debian/installer/modules/nic-wireless-modules vendored
View File

@ -1,73 +1,25 @@
adm8211 ?
ar5523 ?
at76c50x-usb ?
ath5k ?
ath6kl_sdio ?
ath6kl_usb ?
ath9k ?
ath9k_htc ?
ath10k_core ?
ath10k_pci ?
atmel_pci ?
b43 ?
b43legacy ?
brcmfmac ?
brcmsmac ?
carl9170 ?
hermes ?
hostap_pci ?
ipw2100 ?
ipw2200 ?
iwl3945 ?
iwl4965 ?
iwldvm ?
iwlmvm ?
iwlwifi ?
libertas_cs ?
libertas_sdio ?
libertas_tf_usb ?
mwifiex_pcie ?
mwifiex_sdio ?
mwifiex_usb ?
mwl8k ?
orinoco ?
orinoco_nortel ?
orinoco_plx ?
orinoco_tmd ?
orinoco_usb ?
p54pci ?
p54usb
# Include wireless drivers by default
drivers/net/wireless/**
# Include staging wireless drivers
prism2_usb ?
prism54 ?
r8187se ?
r8192e_pci ?
r8192u_usb ?
r8712u ?
r8723au ?
rsi_usb ?
rt2400pci ?
rt2500pci ?
rt2500usb ?
rt2800pci ?
rt2800usb ?
rt61pci ?
rt73usb ?
rtl8180 ?
rtl8188ee ?
rtl8188eu ?
rtl818x_pci ?
rtl8192ce ?
rtl8192cu ?
rtl8192de ?
rtl8192se ?
rtl8723ae ?
rtl8723be ?
rtl8821ae ?
spectrum_cs ?
usb8xxx ?
drivers/staging/rtl8** ?
vt6656_stage ?
wavelan ?
wil6210 ?
# Exclude drivers packaged in nic-pcmcia-modules
drivers/net/wireless/**_cs -
airo -
hostap_plx -
# Don't separate these from their driver families
libertas_cs ?
spectrum_cs ?
# Exclude drivers packaged in nic-usb-modules
rndis_wlan -
# Exclude debug driver
mac80211_hwsim -
# lib80211 encryption algorithms
lib80211_crypt_wep ?

49
debian/installer/modules/pata-modules vendored
View File

@ -1,40 +1,9 @@
pata_ali ?
pata_amd ?
pata_artop ?
pata_atiixp ?
pata_cmd64x ?
pata_cs5520 ?
pata_cs5530 ?
pata_cs5535 ?
pata_cypress ?
pata_efar ?
pata_hpt366 ?
pata_hpt37x ?
pata_hpt3x2n ?
pata_hpt3x3 ?
pata_isapnp ?
pata_it821x ?
pata_jmicron ?
pata_legacy ?
pata_marvell ?
pata_mpiix ?
pata_netcell ?
pata_ns87410 ?
pata_oldpiix ?
pata_opti ?
pata_optidma ?
pata_pdc2027x ?
pata_pdc202xx_old ?
pata_piccolo ?
pata_qdi ?
pata_radisys ?
pata_rdc ?
pata_rz1000 ?
pata_sc1200 ?
pata_serverworks ?
pata_sil680 ?
pata_sch ?
pata_sl82c105 ?
pata_triflex ?
pata_via ?
pata_winbond ?
# Include PATA drivers by default
drivers/ata/pata_*
# Exclude pata_sis, which goes in sata-modules as a dependency of sata_sis
pata_sis -
# Exclude drivers packaged in pcmcia-storage-modules
pata_ninja32 -
pata_pcmcia -

21
debian/installer/modules/sata-modules vendored
View File

@ -1,22 +1,15 @@
ata_piix ?
sata_nv ?
sata_promise ?
sata_sil ?
sata_sis ?
# Include SATA drivers by default
drivers/ata/sata_*
# sata-sis depends on pata-sis; avoid a dependency
pata_sis ?
sata_sil24 ?
sata_svw ?
sata_sx4 ?
sata_via ?
sata_vsc ?
sata_qstor ?
sata_uli ?
# Include more SATA drivers with unusual names
ata_piix ?
ahci ?
sx8 ?
sata_sx4 ?
sata_mv ?
pdc_adma ?
mtip32xx ?
# XXX not actually SATA
nvme ?

6
debian/installer/modules/scsi-common-modules vendored
View File

@ -1,6 +0,0 @@
# Some historically common SCSI drivers
aic79xx
aic7xxx
BusLogic ?
sym53c8xx
sym53c8xx_2 ?

47
debian/installer/modules/scsi-extra-modules vendored
View File

@ -1,47 +0,0 @@
# tape
osst
st
# host adapters
3w-9xxx ?
3w-sas ?
3w-xxxx
aacraid
aha152x ?
arcmsr ?
bnx2fc ?
cciss
cpqarray ?
csiostor ?
DAC960
dtc ?
eata ?
fdomain ?
fnic ?
gdth ?
hpsa ?
hptiop ?
ibmmca ?
ips
isci ?
lpfc ?
megaraid ?
megaraid_mbox ?
megaraid_mm ?
megaraid_sas ?
mpt3sas ?
mptbase
mptfc ?
mptsas ?
mptscsih
mptspi ?
mvsas
pm80xx ?
pmcraid ?
qla2xxx ?
qla4xxx ?
sym53c416 ?
ufshcd ?
ufshcd-pci ?
vmw_pvscsi ?
wd719x ?

77
debian/installer/modules/scsi-modules vendored
View File

@ -1,29 +1,50 @@
NCR53c406a ?
advansys ?
aha1542 ?
aha1740 ?
atp870u ?
dmx3191d
esas2r ?
fd_mcs ?
g_NCR5380 ?
in2000 ?
pas16 ?
qla1280 ?
qlogicfas ?
sg
sim710 ?
snic ?
t128 ?
u14-34f ?
ultrastor ?
wd7000 ?
initio ?
ipr ?
qlogicfas408 ?
dc395x ?
aic94xx ?
stex ?
xen-blkfront ?
iscsi_tcp ?
# Include SCSI controller drivers by default
drivers/scsi/**
DAC960
cciss
mptfc
mptsas
mptspi
# Include iSCSI boot support
iscsi_ibft ?
# Include Xen block driver even though it's not SCSI
xen-blkfront ?
# Exclude hv_storvsc, packaged in hyperv-modules
hv_storvsc -
# Exclude virtio_scsi, packaged in virtio-modules
virtio_scsi -
# Exclude PCMCIA drivers, which depend on pcmcia-modules (FIXME)
drivers/scsi/pcmcia/* -
# Exclude Chelsio iSCSI drivers, which depend on the corresponding Ethernet
# drivers in nic-modules (FIXME)
drivers/scsi/cxgbi/* -
cxgb3i -
cxgb4i -
# Exclude enclosure driver
ses -
# Exclude target drivers
tcm_qla2xxx -
# Exclude common code packaged in {cdrom,scsi}-core-modules
scsi_mod -
sd_mod -
sr_mod -
scsi_transport_sas -
scsi_transport_spi -
# Exclude any other common code that isn't pulled in by dependencies
drivers/scsi/device_handler/* -
drivers/scsi/lib** -
drivers/scsi/osd/* -
drivers/scsi/scsi_transport_* -
fcoe -
raid_class -
scsi_debug -

179
debian/installer/modules/sound-modules vendored
View File

@ -1,164 +1,15 @@
snd-aaci ?
snd-ad1816a ?
snd-ad1848 ?
snd-ad1889 ?
snd-aica ?
snd-ak4113 ?
snd-ak4114 ?
snd-ak4117 ?
snd-ak4xxx-adda ?
snd-ali5451 ?
snd-als100 ?
snd-als300 ?
snd-als4000 ?
snd-aoa-codec-onyx ?
snd-aoa-codec-tas ?
snd-aoa-codec-toonie ?
snd-aoa-fabric-layout ?
snd-aoa-i2sbus ?
snd-aoa ?
snd-asihpi ?
snd-at73c213 ?
snd-atiixp ?
snd-atmel-abdac ?
snd-atmel-ac97c ?
snd-au1x00 ?
snd-au8810 ?
snd-au8820 ?
snd-au8830 ?
snd-aw2 ?
snd-azt1605 ?
snd-azt2316 ?
snd-azt2320 ?
snd-azt3328 ?
snd-bebob ?
snd-bt87x ?
snd-ca0106 ?
snd-cmi8328 ?
snd-cmi8330 ?
snd-cmipci ?
snd-cs4231 ?
snd-cs4236 ?
snd-cs4281 ?
snd-cs46xx ?
snd-cs5530 ?
snd-cs5535audio ?
snd-cs8427 ?
snd-ctxfi ?
snd-darla20 ?
snd-darla24 ?
snd-dice ?
snd-echo3g ?
snd-emu10k1 ?
snd-emu10k1x ?
snd-ens1370 ?
snd-ens1371 ?
snd-es1688 ?
snd-es18xx ?
snd-es1938 ?
snd-es1968 ?
snd-firewire-speakers ?
snd-fireworks ?
snd-fm801 ?
snd-gina20 ?
snd-gina24 ?
snd-gusclassic ?
snd-gusextreme ?
snd-gusmax ?
snd-harmony ?
snd-hda-codec-analog ?
snd-hda-codec-ca0110 ?
snd-hda-codec-ca0132 ?
snd-hda-codec-cirrus ?
snd-hda-codec-cmedia ?
snd-hda-codec-conexant ?
snd-hda-codec-generic ?
snd-hda-codec-hdmi ?
snd-hda-codec-idt ?
snd-hda-codec-realtek ?
snd-hda-codec-si3054 ?
snd-hda-codec-via ?
snd-hda-codec ?
snd-hda-intel ?
snd-hda-tegra ?
snd-hdsp ?
snd-hdspm ?
snd-ice1712 ?
snd-ice1724 ?
snd-ice17xx-ak4xxx ?
snd-indigo ?
snd-indigodj ?
snd-indigodjx ?
snd-indigoio ?
snd-indigoiox ?
snd-intel8x0 ?
snd-interwave ?
snd-interwave-stb ?
snd-interwave ?
snd-isight ?
snd-jazz16 ?
snd-korg1212 ?
snd-layla20 ?
snd-layla24 ?
snd-lola ?
snd-lx6464es ?
snd-maestro3 ?
snd-mia ?
snd-miro ?
snd-mixart ?
snd-ml403-ac97cr ?
snd-mona ?
snd-msnd-classic ?
snd-msnd-pinnacle ?
snd-nm256 ?
snd-opl3sa2 ?
snd-opti92x-ad1848 ?
snd-opti92x-cs4231 ?
snd-opti93x ?
snd-oxfw ?
snd-oxygen ?
snd-pcsp ?
snd-pcxhr ?
snd-pdaudiocf ?
snd-powermac ?
snd-pt2258 ?
snd-pxa2xx-ac97 ?
snd-pxa2xx-pcm ?
snd-riptide ?
snd-rme32 ?
snd-rme96 ?
snd-rme9652 ?
snd-sb16 ?
snd-sb8 ?
snd-sbawe ?
snd-sc6000 ?
snd-scs1x ?
snd-sgi-hal2 ?
snd-sgi-o2 ?
snd-sh_dac_audio ?
snd-sis7019 ?
snd-sonicvibes ?
snd-sscape ?
snd-sun-amd7930 ?
snd-sun-cs4231 ?
snd-sun-dbri ?
snd-trident ?
snd-ua101 ?
snd-usb-6fire ?
snd-usb-audio ?
snd-usb-caiaq ?
snd-usb-hiface ?
snd-usb-line6 ?
snd-usb-pod ?
snd-usb-podhd ?
snd-usb-toneport ?
snd-usb-us122l ?
snd-usb-usx2y ?
snd-usb-variax ?
snd-via82xx ?
snd-virtuoso ?
snd-vx222 ?
snd-vxpocket ?
snd-wavefront ?
snd-ymfpci ?
snd_ps3 ?
# Include sound drivers by default
sound/**
# Exclude any core/shared modules that aren't pulled in by dependencies
sound/core/** -
sound/drivers/** -
sound/i2c/** -
# Exclude synthesiser drivers
snd-adlib -
sound/**-synth -
# Exclude soft-modem drivers
sound/**-modem -
snd-intel8x0m -

22
debian/installer/modules/usb-modules vendored
View File

@ -1,13 +1,9 @@
ehci-hcd ?
ehci-pci ?
ehci-platform ?
ohci-hcd ?
ohci-pci ?
ohci-platform ?
uhci-hcd ?
xhci-hcd ?
xhci-pci ?
xhci-plat-hcd ?
usbcore ?
dwc3 ?
usb3503 ?
# Include USB host drivers by default
drivers/usb/host/**
# Exclude some obscure host drivers
hwa-hc -
sl811_cs -
sl811-hcd -
u132-hcd -
whci-hcd -

38
debian/installer/modules/usb-serial-modules vendored
View File

@ -1,10 +1,28 @@
usbserial
belkin_sa ?
digi_acceleport ?
f81232 ?
ftdi_sio ?
mct_u232 ?
pl2303 ?
quatech2 ?
spcp8x5 ?
zte_ev ?
# Include USB serial drivers by default
drivers/usb/serial/*
# Exclude drivers that are useless for serial consoles
aircable -
cyberjack -
cypress_m8 -
empeg -
garmin_gps -
ipaq -
ipw -
ir-usb -
iuu_phoenix -
kobil_sct -
metro-usb -
navman -
omninet -
opticon -
option -
qcaux -
qcserial -
sierra -
symbolserial -
usb_debug -
usb_wwan -
visor -
wishbone-serial -
xsens_mt -

16
debian/installer/modules/usb-storage-modules vendored
View File

@ -1,14 +1,2 @@
usb-storage
ums-alauda
ums-cypress
ums-datafab
ums-eneub6250
ums-freecom
ums-isd200
ums-jumpshot
ums-karma
ums-onetouch
ums-realtek
ums-sddr09
ums-sddr55
ums-usbat
# Include USB storage drivers by default
drivers/usb/storage/*

1
debian/installer/modules/virtio-modules vendored
View File

@ -2,6 +2,7 @@ virtio_net
virtio_blk
virtio_balloon
virtio_scsi
virtio_input
# Some architectures do not have PCI bus
virtio_pci ?

14
debian/installer/package-list vendored
View File

@ -79,20 +79,6 @@ Priority: standard
Description: SCSI drivers
This package contains SCSI drivers for the kernel.
Package: scsi-common-modules
Depends: kernel-image, scsi-core-modules, cdrom-core-modules
Priority: standard
Description: Very common SCSI drivers
This package contains very common SCSI drivers for the kernel.
Package: scsi-extra-modules
Depends: scsi-modules, scsi-core-modules, core-modules
Priority: standard
Description: Uncommon SCSI drivers
This package contains uncommon SCSI drivers for the kernel.
This includes SCSI RAID drivers, and some of the less common SCSI
controllers.
Package: loop-modules
Depends: kernel-image
Priority: standard

1
debian/installer/powerpc/modules/powerpc-powerpc-miboot/scsi-common-modules vendored
View File

@ -1 +0,0 @@
#include "../powerpc/scsi-common-modules"

1
debian/installer/powerpc/modules/powerpc-powerpc-miboot/scsi-extra-modules vendored
View File

@ -1 +0,0 @@
#include "../powerpc/scsi-extra-modules"

1
debian/installer/powerpc/modules/powerpc-powerpc64/scsi-common-modules vendored
View File

@ -1 +0,0 @@
#include "../powerpc/scsi-common-modules"

3
debian/installer/powerpc/modules/powerpc-powerpc64/scsi-extra-modules vendored
View File

@ -1,3 +0,0 @@
#include <scsi-extra-modules>
ps3disk ?

1
debian/installer/powerpc/modules/powerpc-powerpc64/scsi-modules vendored
View File

@ -1,4 +1,5 @@
#include <scsi-modules>
ibmvscsi
ps3disk ?
ps3rom

2
debian/installer/powerpc/modules/powerpc/scsi-common-modules vendored
View File

@ -1,2 +0,0 @@
#include <scsi-common-modules>

1
debian/installer/powerpc/modules/powerpc/scsi-extra-modules vendored
View File

@ -1 +0,0 @@
#include <scsi-extra-modules>

1
debian/installer/ppc64el/modules/ppc64el/scsi-common-modules vendored
View File

@ -1 +0,0 @@
#include "../../../ppc64/modules/ppc64/scsi-common-modules"

1
debian/installer/ppc64el/modules/ppc64el/scsi-extra-modules vendored
View File

@ -1 +0,0 @@
#include "../../../ppc64/modules/ppc64/scsi-extra-modules"

8
debian/installer/sparc64/modules/sparc64/scsi-common-modules vendored
View File

@ -1,8 +0,0 @@
sun_esp
aic79xx
aic7xxx
qlogicpti ?
sym53c8xx
mptsas
mptspi
mpt3sas

12
debian/installer/sparc64/modules/sparc64/scsi-modules vendored
View File

@ -1,6 +1,8 @@
3w-9xxx
3w-xxxx
aacraid
aic79xx
aic7xxx
aic94xx
arcmsr
atp870u ?
@ -8,12 +10,18 @@ dc395x
dmx3191d
hptiop
initio
ipr
lpfc
megaraid
megaraid_sas
mpt3sas
mptsas
mptspi
osst
ipr
stex
qla1280 ?
qla2xxx ?
qla4xxx ?
qlogicpti ?
stex
sun_esp
sym53c8xx

65
debian/patches/bugfix/all/af_unix-don-t-set-err-in-unix_stream_read_generic-unless-there-was-an-error.patch vendored Normal file
View File

@ -0,0 +1,65 @@
From: Rainer Weikusat <rweikusat@mobileactivedefense.com>
Date: Mon, 08 Feb 2016 18:47:19 +0000
Subject: af_unix: Don't set err in unix_stream_read_generic unless there was an error
Origin: http://mid.gmane.org/87bn7rrqdk.fsf@doppelsaurus.mobileactivedefense.com
The present unix_stream_read_generic contains various code sequences of
the form
err = -EDISASTER;
if (<test>)
goto out;
This has the unfortunate side effect of possibly causing the error code
to bleed through to the final
out:
return copied ? : err;
and then to be wrongly returned if no data was copied because the caller
didn't supply a data buffer, as demonstrated by the program available at
http://pad.lv/1540731
Change it such that err is only set if an error condition was detected.
Fixes: 3822b5c2fc62 ("af_unix: Revert 'lock_interruptible' in stream receive code")
Reported-by: Joseph Salisbury <joseph.salisbury@canonical.com>
Signed-off-by: Rainer Weikusat <rweikusat@mobileactivedefense.com>
---
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -2275,13 +2275,15 @@ static int unix_stream_read_generic(stru
size_t size = state->size;
unsigned int last_len;
- err = -EINVAL;
- if (sk->sk_state != TCP_ESTABLISHED)
+ if (unlikely(sk->sk_state != TCP_ESTABLISHED)) {
+ err = -EINVAL;
goto out;
+ }
- err = -EOPNOTSUPP;
- if (flags & MSG_OOB)
+ if (unlikely(flags & MSG_OOB)) {
+ err = -EOPNOTSUPP;
goto out;
+ }
target = sock_rcvlowat(sk, flags & MSG_WAITALL, size);
timeo = sock_rcvtimeo(sk, noblock);
@@ -2327,9 +2329,11 @@ again:
goto unlock;
unix_state_unlock(sk);
- err = -EAGAIN;
- if (!timeo)
+ if (!timeo) {
+ err = -EAGAIN;
break;
+ }
+
mutex_unlock(&u->readlock);
timeo = unix_stream_data_wait(sk, timeo, last,

40
debian/patches/bugfix/all/af_unix-guard-against-other-sk-in-unix_dgram_sendmsg.patch vendored Normal file
View File

@ -0,0 +1,40 @@
From: Rainer Weikusat <rweikusat@mobileactivedefense.com>
Date: Thu, 11 Feb 2016 19:37:27 +0000
Subject: af_unix: Guard against other == sk in unix_dgram_sendmsg
Origin: http://mid.gmane.org/87r3gj11jc.fsf_-_@doppelsaurus.mobileactivedefense.com
The unix_dgram_sendmsg routine use the following test
if (unlikely(unix_peer(other) != sk && unix_recvq_full(other))) {
to determine if sk and other are in an n:1 association (either
established via connect or by using sendto to send messages to an
unrelated socket identified by address). This isn't correct as the
specified address could have been bound to the sending socket itself or
because this socket could have been connected to itself by the time of
the unix_peer_get but disconnected before the unix_state_lock(other). In
both cases, the if-block would be entered despite other == sk which
might either block the sender unintentionally or lead to trying to unlock
the same spin lock twice for a non-blocking send. Add a other != sk
check to guard against this.
Fixes: 7d267278a9ec ("unix: avoid use-after-free in ep_remove_wait_queue")
Reported-By: Philipp Hahn <pmhahn@pmhahn.de>
Signed-off-by: Rainer Weikusat <rweikusat@mobileactivedefense.com>
---
--- a/net/unix/af_unix.c
+++ b/net/unix/af_unix.c
@@ -1781,7 +1781,12 @@ restart_locked:
goto out_unlock;
}
- if (unlikely(unix_peer(other) != sk && unix_recvq_full(other))) {
+ /* other == sk && unix_peer(other) != sk if
+ * - unix_peer(sk) == NULL, destination address bound to sk
+ * - unix_peer(sk) == sk by time of get but disconnected before lock
+ */
+ if (other != sk &&
+ unlikely(unix_peer(other) != sk && unix_recvq_full(other))) {
if (timeo) {
timeo = unix_wait_for_peer(other, timeo);

41
debian/patches/bugfix/all/iff_no_queue-fix-for-drivers-not-calling-ether_setup.patch vendored Normal file
View File

@ -0,0 +1,41 @@
From: Phil Sutter <phil@nwl.cc>
Date: Wed, 17 Feb 2016 15:37:43 +0100
Subject: IFF_NO_QUEUE: Fix for drivers not calling ether_setup()
Origin: http://mid.gmane.org/1455719863-25730-1-git-send-email-phil@nwl.cc
My implementation around IFF_NO_QUEUE driver flag assumed that leaving
tx_queue_len untouched (specifically: not setting it to zero) by drivers
would make it possible to assign a regular qdisc to them without having
to worry about setting tx_queue_len to a useful value. This was only
partially true: I overlooked that some drivers don't call ether_setup()
and therefore not initialize tx_queue_len to the default value of 1000.
Consequently, removing the workarounds in place for that case in qdisc
implementations which cared about it (namely, pfifo, bfifo, gred, htb,
plug and sfb) leads to problems with these specific interface types and
qdiscs.
Luckily, there's already a sanitization point for drivers setting
tx_queue_len to zero, which can be reused to assign the fallback value
most qdisc implementations used, which is 1.
Fixes: 348e3435cbefa ("net: sched: drop all special handling of tx_queue_len == 0")
Tested-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Phil Sutter <phil@nwl.cc>
---
net/core/dev.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -7125,8 +7125,10 @@ struct net_device *alloc_netdev_mqs(int
dev->priv_flags = IFF_XMIT_DST_RELEASE | IFF_XMIT_DST_RELEASE_PERM;
setup(dev);
- if (!dev->tx_queue_len)
+ if (!dev->tx_queue_len) {
dev->priv_flags |= IFF_NO_QUEUE;
+ dev->tx_queue_len = 1;
+ }
dev->num_tx_queues = txqs;
dev->real_num_tx_queues = txqs;

319
debian/patches/bugfix/x86/x86-efi-build-our-own-page-table-structures.patch vendored Normal file
View File

@ -0,0 +1,319 @@
From: Matt Fleming <matt@codeblueprint.co.uk>
Date: Fri, 27 Nov 2015 21:09:34 +0000
Subject: [5/5] x86/efi: Build our own page table structures
Origin: https://git.kernel.org/cgit/linux/kernel/git/mfleming/efi.git/commit?id=67a9108ed4313b85a9c53406d80dc1ae3f8c3e36
With commit e1a58320a38d ("x86/mm: Warn on W^X mappings") all
users booting on 64-bit UEFI machines see the following warning,
------------[ cut here ]------------
WARNING: CPU: 7 PID: 1 at arch/x86/mm/dump_pagetables.c:225 note_page+0x5dc/0x780()
x86/mm: Found insecure W+X mapping at address ffff88000005f000/0xffff88000005f000
...
x86/mm: Checked W+X mappings: FAILED, 165660 W+X pages found.
...
This is caused by mapping EFI regions with RWX permissions.
There isn't much we can do to restrict the permissions for these
regions due to the way the firmware toolchains mix code and
data, but we can at least isolate these mappings so that they do
not appear in the regular kernel page tables.
In commit d2f7cbe7b26a ("x86/efi: Runtime services virtual
mapping") we started using 'trampoline_pgd' to map the EFI
regions because there was an existing identity mapping there
which we use during the SetVirtualAddressMap() call and for
broken firmware that accesses those addresses.
But 'trampoline_pgd' shares some PGD entries with
'swapper_pg_dir' and does not provide the isolation we require.
Notably the virtual address for __START_KERNEL_map and
MODULES_START are mapped by the same PGD entry so we need to be
more careful when copying changes over in
efi_sync_low_kernel_mappings().
This patch doesn't go the full mile, we still want to share some
PGD entries with 'swapper_pg_dir'. Having completely separate
page tables brings its own issues such as synchronising new
mappings after memory hotplug and module loading. Sharing also
keeps memory usage down.
Signed-off-by: Matt Fleming <matt@codeblueprint.co.uk>
Reviewed-by: Borislav Petkov <bp@suse.de>
Acked-by: Borislav Petkov <bp@suse.de>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Dave Jones <davej@codemonkey.org.uk>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Sai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Toshi Kani <toshi.kani@hp.com>
Cc: linux-efi@vger.kernel.org
Link: http://lkml.kernel.org/r/1448658575-17029-6-git-send-email-matt@codeblueprint.co.uk
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
arch/x86/include/asm/efi.h | 1 +
arch/x86/platform/efi/efi.c | 39 ++++++-----------
arch/x86/platform/efi/efi_32.c | 5 +++
arch/x86/platform/efi/efi_64.c | 97 +++++++++++++++++++++++++++++++++++-------
4 files changed, 102 insertions(+), 40 deletions(-)
diff --git a/arch/x86/include/asm/efi.h b/arch/x86/include/asm/efi.h
index 347eeacb06a8..8fd9e637629a 100644
--- a/arch/x86/include/asm/efi.h
+++ b/arch/x86/include/asm/efi.h
@@ -136,6 +136,7 @@ extern void __init efi_memory_uc(u64 addr, unsigned long size);
extern void __init efi_map_region(efi_memory_desc_t *md);
extern void __init efi_map_region_fixed(efi_memory_desc_t *md);
extern void efi_sync_low_kernel_mappings(void);
+extern int __init efi_alloc_page_tables(void);
extern int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages);
extern void __init efi_cleanup_page_tables(unsigned long pa_memmap, unsigned num_pages);
extern void __init old_map_region(efi_memory_desc_t *md);
diff --git a/arch/x86/platform/efi/efi.c b/arch/x86/platform/efi/efi.c
index ad285404ea7f..3c1f3cd7b2ba 100644
--- a/arch/x86/platform/efi/efi.c
+++ b/arch/x86/platform/efi/efi.c
@@ -869,7 +869,7 @@ static void __init kexec_enter_virtual_mode(void)
* This function will switch the EFI runtime services to virtual mode.
* Essentially, we look through the EFI memmap and map every region that
* has the runtime attribute bit set in its memory descriptor into the
- * ->trampoline_pgd page table using a top-down VA allocation scheme.
+ * efi_pgd page table.
*
* The old method which used to update that memory descriptor with the
* virtual address obtained from ioremap() is still supported when the
@@ -879,8 +879,8 @@ static void __init kexec_enter_virtual_mode(void)
*
* The new method does a pagetable switch in a preemption-safe manner
* so that we're in a different address space when calling a runtime
- * function. For function arguments passing we do copy the PGDs of the
- * kernel page table into ->trampoline_pgd prior to each call.
+ * function. For function arguments passing we do copy the PUDs of the
+ * kernel page table into efi_pgd prior to each call.
*
* Specially for kexec boot, efi runtime maps in previous kernel should
* be passed in via setup_data. In that case runtime ranges will be mapped
@@ -895,6 +895,12 @@ static void __init __efi_enter_virtual_mode(void)
efi.systab = NULL;
+ if (efi_alloc_page_tables()) {
+ pr_err("Failed to allocate EFI page tables\n");
+ clear_bit(EFI_RUNTIME_SERVICES, &efi.flags);
+ return;
+ }
+
efi_merge_regions();
new_memmap = efi_map_regions(&count, &pg_shift);
if (!new_memmap) {
@@ -954,28 +960,11 @@ static void __init __efi_enter_virtual_mode(void)
efi_runtime_mkexec();
/*
- * We mapped the descriptor array into the EFI pagetable above but we're
- * not unmapping it here. Here's why:
- *
- * We're copying select PGDs from the kernel page table to the EFI page
- * table and when we do so and make changes to those PGDs like unmapping
- * stuff from them, those changes appear in the kernel page table and we
- * go boom.
- *
- * From setup_real_mode():
- *
- * ...
- * trampoline_pgd[0] = init_level4_pgt[pgd_index(__PAGE_OFFSET)].pgd;
- *
- * In this particular case, our allocation is in PGD 0 of the EFI page
- * table but we've copied that PGD from PGD[272] of the EFI page table:
- *
- * pgd_index(__PAGE_OFFSET = 0xffff880000000000) = 272
- *
- * where the direct memory mapping in kernel space is.
- *
- * new_memmap's VA comes from that direct mapping and thus clearing it,
- * it would get cleared in the kernel page table too.
+ * We mapped the descriptor array into the EFI pagetable above
+ * but we're not unmapping it here because if we're running in
+ * EFI mixed mode we need all of memory to be accessible when
+ * we pass parameters to the EFI runtime services in the
+ * thunking code.
*
* efi_cleanup_page_tables(__pa(new_memmap), 1 << pg_shift);
*/
diff --git a/arch/x86/platform/efi/efi_32.c b/arch/x86/platform/efi/efi_32.c
index ed5b67338294..58d669bc8250 100644
--- a/arch/x86/platform/efi/efi_32.c
+++ b/arch/x86/platform/efi/efi_32.c
@@ -38,6 +38,11 @@
* say 0 - 3G.
*/
+int __init efi_alloc_page_tables(void)
+{
+ return 0;
+}
+
void efi_sync_low_kernel_mappings(void) {}
void __init efi_dump_pagetable(void) {}
int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages)
diff --git a/arch/x86/platform/efi/efi_64.c b/arch/x86/platform/efi/efi_64.c
index b19cdac959b2..4897f518760f 100644
--- a/arch/x86/platform/efi/efi_64.c
+++ b/arch/x86/platform/efi/efi_64.c
@@ -40,6 +40,7 @@
#include <asm/fixmap.h>
#include <asm/realmode.h>
#include <asm/time.h>
+#include <asm/pgalloc.h>
/*
* We allocate runtime services regions bottom-up, starting from -4G, i.e.
@@ -121,22 +122,92 @@ void __init efi_call_phys_epilog(pgd_t *save_pgd)
early_code_mapping_set_exec(0);
}
+static pgd_t *efi_pgd;
+
+/*
+ * We need our own copy of the higher levels of the page tables
+ * because we want to avoid inserting EFI region mappings (EFI_VA_END
+ * to EFI_VA_START) into the standard kernel page tables. Everything
+ * else can be shared, see efi_sync_low_kernel_mappings().
+ */
+int __init efi_alloc_page_tables(void)
+{
+ pgd_t *pgd;
+ pud_t *pud;
+ gfp_t gfp_mask;
+
+ if (efi_enabled(EFI_OLD_MEMMAP))
+ return 0;
+
+ gfp_mask = GFP_KERNEL | __GFP_NOTRACK | __GFP_REPEAT | __GFP_ZERO;
+ efi_pgd = (pgd_t *)__get_free_page(gfp_mask);
+ if (!efi_pgd)
+ return -ENOMEM;
+
+ pgd = efi_pgd + pgd_index(EFI_VA_END);
+
+ pud = pud_alloc_one(NULL, 0);
+ if (!pud) {
+ free_page((unsigned long)efi_pgd);
+ return -ENOMEM;
+ }
+
+ pgd_populate(NULL, pgd, pud);
+
+ return 0;
+}
+
/*
* Add low kernel mappings for passing arguments to EFI functions.
*/
void efi_sync_low_kernel_mappings(void)
{
- unsigned num_pgds;
- pgd_t *pgd = (pgd_t *)__va(real_mode_header->trampoline_pgd);
+ unsigned num_entries;
+ pgd_t *pgd_k, *pgd_efi;
+ pud_t *pud_k, *pud_efi;
if (efi_enabled(EFI_OLD_MEMMAP))
return;
- num_pgds = pgd_index(MODULES_END - 1) - pgd_index(PAGE_OFFSET);
+ /*
+ * We can share all PGD entries apart from the one entry that
+ * covers the EFI runtime mapping space.
+ *
+ * Make sure the EFI runtime region mappings are guaranteed to
+ * only span a single PGD entry and that the entry also maps
+ * other important kernel regions.
+ */
+ BUILD_BUG_ON(pgd_index(EFI_VA_END) != pgd_index(MODULES_END));
+ BUILD_BUG_ON((EFI_VA_START & PGDIR_MASK) !=
+ (EFI_VA_END & PGDIR_MASK));
+
+ pgd_efi = efi_pgd + pgd_index(PAGE_OFFSET);
+ pgd_k = pgd_offset_k(PAGE_OFFSET);
+
+ num_entries = pgd_index(EFI_VA_END) - pgd_index(PAGE_OFFSET);
+ memcpy(pgd_efi, pgd_k, sizeof(pgd_t) * num_entries);
- memcpy(pgd + pgd_index(PAGE_OFFSET),
- init_mm.pgd + pgd_index(PAGE_OFFSET),
- sizeof(pgd_t) * num_pgds);
+ /*
+ * We share all the PUD entries apart from those that map the
+ * EFI regions. Copy around them.
+ */
+ BUILD_BUG_ON((EFI_VA_START & ~PUD_MASK) != 0);
+ BUILD_BUG_ON((EFI_VA_END & ~PUD_MASK) != 0);
+
+ pgd_efi = efi_pgd + pgd_index(EFI_VA_END);
+ pud_efi = pud_offset(pgd_efi, 0);
+
+ pgd_k = pgd_offset_k(EFI_VA_END);
+ pud_k = pud_offset(pgd_k, 0);
+
+ num_entries = pud_index(EFI_VA_END);
+ memcpy(pud_efi, pud_k, sizeof(pud_t) * num_entries);
+
+ pud_efi = pud_offset(pgd_efi, EFI_VA_START);
+ pud_k = pud_offset(pgd_k, EFI_VA_START);
+
+ num_entries = PTRS_PER_PUD - pud_index(EFI_VA_START);
+ memcpy(pud_efi, pud_k, sizeof(pud_t) * num_entries);
}
int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages)
@@ -150,8 +221,8 @@ int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages)
if (efi_enabled(EFI_OLD_MEMMAP))
return 0;
- efi_scratch.efi_pgt = (pgd_t *)(unsigned long)real_mode_header->trampoline_pgd;
- pgd = __va(efi_scratch.efi_pgt);
+ efi_scratch.efi_pgt = (pgd_t *)__pa(efi_pgd);
+ pgd = efi_pgd;
/*
* It can happen that the physical address of new_memmap lands in memory
@@ -216,16 +287,14 @@ int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages)
void __init efi_cleanup_page_tables(unsigned long pa_memmap, unsigned num_pages)
{
- pgd_t *pgd = (pgd_t *)__va(real_mode_header->trampoline_pgd);
-
- kernel_unmap_pages_in_pgd(pgd, pa_memmap, num_pages);
+ kernel_unmap_pages_in_pgd(efi_pgd, pa_memmap, num_pages);
}
static void __init __map_region(efi_memory_desc_t *md, u64 va)
{
- pgd_t *pgd = (pgd_t *)__va(real_mode_header->trampoline_pgd);
unsigned long flags = 0;
unsigned long pfn;
+ pgd_t *pgd = efi_pgd;
if (!(md->attribute & EFI_MEMORY_WB))
flags |= _PAGE_PCD;
@@ -334,9 +403,7 @@ void __init efi_runtime_mkexec(void)
void __init efi_dump_pagetable(void)
{
#ifdef CONFIG_EFI_PGT_DUMP
- pgd_t *pgd = (pgd_t *)__va(real_mode_header->trampoline_pgd);
-
- ptdump_walk_pgd_level(NULL, pgd);
+ ptdump_walk_pgd_level(NULL, efi_pgd);
#endif
}

215
debian/patches/bugfix/x86/x86-efi-hoist-page-table-switching-code-into-efi_cal.patch vendored Normal file
View File

@ -0,0 +1,215 @@
From: Matt Fleming <matt@codeblueprint.co.uk>
Date: Fri, 27 Nov 2015 21:09:33 +0000
Subject: [4/5] x86/efi: Hoist page table switching code into efi_call_virt()
Origin: https://git.kernel.org/cgit/linux/kernel/git/mfleming/efi.git/commit?id=c9f2a9a65e4855b74d92cdad688f6ee4a1a323ff
This change is a prerequisite for pending patches that switch to
a dedicated EFI page table, instead of using 'trampoline_pgd'
which shares PGD entries with 'swapper_pg_dir'. The pending
patches make it impossible to dereference the runtime service
function pointer without first switching %cr3.
It's true that we now have duplicated switching code in
efi_call_virt() and efi_call_phys_{prolog,epilog}() but we are
sacrificing code duplication for a little more clarity and the
ease of writing the page table switching code in C instead of
asm.
Signed-off-by: Matt Fleming <matt@codeblueprint.co.uk>
Reviewed-by: Borislav Petkov <bp@suse.de>
Acked-by: Borislav Petkov <bp@suse.de>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Andy Lutomirski <luto@kernel.org>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Dave Jones <davej@codemonkey.org.uk>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Sai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Toshi Kani <toshi.kani@hp.com>
Cc: linux-efi@vger.kernel.org
Link: http://lkml.kernel.org/r/1448658575-17029-5-git-send-email-matt@codeblueprint.co.uk
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
arch/x86/include/asm/efi.h | 25 +++++++++++++++++++++
arch/x86/platform/efi/efi_64.c | 24 ++++++++++-----------
arch/x86/platform/efi/efi_stub_64.S | 43 -------------------------------------
3 files changed, 36 insertions(+), 56 deletions(-)
diff --git a/arch/x86/include/asm/efi.h b/arch/x86/include/asm/efi.h
index 0010c78c4998..347eeacb06a8 100644
--- a/arch/x86/include/asm/efi.h
+++ b/arch/x86/include/asm/efi.h
@@ -3,6 +3,7 @@
#include <asm/fpu/api.h>
#include <asm/pgtable.h>
+#include <asm/tlb.h>
/*
* We map the EFI regions needed for runtime services non-contiguously,
@@ -64,6 +65,17 @@ extern u64 asmlinkage efi_call(void *fp, ...);
#define efi_call_phys(f, args...) efi_call((f), args)
+/*
+ * Scratch space used for switching the pagetable in the EFI stub
+ */
+struct efi_scratch {
+ u64 r15;
+ u64 prev_cr3;
+ pgd_t *efi_pgt;
+ bool use_pgd;
+ u64 phys_stack;
+} __packed;
+
#define efi_call_virt(f, ...) \
({ \
efi_status_t __s; \
@@ -71,7 +83,20 @@ extern u64 asmlinkage efi_call(void *fp, ...);
efi_sync_low_kernel_mappings(); \
preempt_disable(); \
__kernel_fpu_begin(); \
+ \
+ if (efi_scratch.use_pgd) { \
+ efi_scratch.prev_cr3 = read_cr3(); \
+ write_cr3((unsigned long)efi_scratch.efi_pgt); \
+ __flush_tlb_all(); \
+ } \
+ \
__s = efi_call((void *)efi.systab->runtime->f, __VA_ARGS__); \
+ \
+ if (efi_scratch.use_pgd) { \
+ write_cr3(efi_scratch.prev_cr3); \
+ __flush_tlb_all(); \
+ } \
+ \
__kernel_fpu_end(); \
preempt_enable(); \
__s; \
diff --git a/arch/x86/platform/efi/efi_64.c b/arch/x86/platform/efi/efi_64.c
index 102976dda8c4..b19cdac959b2 100644
--- a/arch/x86/platform/efi/efi_64.c
+++ b/arch/x86/platform/efi/efi_64.c
@@ -47,16 +47,7 @@
*/
static u64 efi_va = EFI_VA_START;
-/*
- * Scratch space used for switching the pagetable in the EFI stub
- */
-struct efi_scratch {
- u64 r15;
- u64 prev_cr3;
- pgd_t *efi_pgt;
- bool use_pgd;
- u64 phys_stack;
-} __packed;
+struct efi_scratch efi_scratch;
static void __init early_code_mapping_set_exec(int executable)
{
@@ -83,8 +74,11 @@ pgd_t * __init efi_call_phys_prolog(void)
int pgd;
int n_pgds;
- if (!efi_enabled(EFI_OLD_MEMMAP))
- return NULL;
+ if (!efi_enabled(EFI_OLD_MEMMAP)) {
+ save_pgd = (pgd_t *)read_cr3();
+ write_cr3((unsigned long)efi_scratch.efi_pgt);
+ goto out;
+ }
early_code_mapping_set_exec(1);
@@ -96,6 +90,7 @@ pgd_t * __init efi_call_phys_prolog(void)
vaddress = (unsigned long)__va(pgd * PGDIR_SIZE);
set_pgd(pgd_offset_k(pgd * PGDIR_SIZE), *pgd_offset_k(vaddress));
}
+out:
__flush_tlb_all();
return save_pgd;
@@ -109,8 +104,11 @@ void __init efi_call_phys_epilog(pgd_t *save_pgd)
int pgd_idx;
int nr_pgds;
- if (!save_pgd)
+ if (!efi_enabled(EFI_OLD_MEMMAP)) {
+ write_cr3((unsigned long)save_pgd);
+ __flush_tlb_all();
return;
+ }
nr_pgds = DIV_ROUND_UP((max_pfn << PAGE_SHIFT) , PGDIR_SIZE);
diff --git a/arch/x86/platform/efi/efi_stub_64.S b/arch/x86/platform/efi/efi_stub_64.S
index 86d0f9e08dd9..32020cb8bb08 100644
--- a/arch/x86/platform/efi/efi_stub_64.S
+++ b/arch/x86/platform/efi/efi_stub_64.S
@@ -38,41 +38,6 @@
mov %rsi, %cr0; \
mov (%rsp), %rsp
- /* stolen from gcc */
- .macro FLUSH_TLB_ALL
- movq %r15, efi_scratch(%rip)
- movq %r14, efi_scratch+8(%rip)
- movq %cr4, %r15
- movq %r15, %r14
- andb $0x7f, %r14b
- movq %r14, %cr4
- movq %r15, %cr4
- movq efi_scratch+8(%rip), %r14
- movq efi_scratch(%rip), %r15
- .endm
-
- .macro SWITCH_PGT
- cmpb $0, efi_scratch+24(%rip)
- je 1f
- movq %r15, efi_scratch(%rip) # r15
- # save previous CR3
- movq %cr3, %r15
- movq %r15, efi_scratch+8(%rip) # prev_cr3
- movq efi_scratch+16(%rip), %r15 # EFI pgt
- movq %r15, %cr3
- 1:
- .endm
-
- .macro RESTORE_PGT
- cmpb $0, efi_scratch+24(%rip)
- je 2f
- movq efi_scratch+8(%rip), %r15
- movq %r15, %cr3
- movq efi_scratch(%rip), %r15
- FLUSH_TLB_ALL
- 2:
- .endm
-
ENTRY(efi_call)
SAVE_XMM
mov (%rsp), %rax
@@ -83,16 +48,8 @@ ENTRY(efi_call)
mov %r8, %r9
mov %rcx, %r8
mov %rsi, %rcx
- SWITCH_PGT
call *%rdi
- RESTORE_PGT
addq $48, %rsp
RESTORE_XMM
ret
ENDPROC(efi_call)
-
- .data
-ENTRY(efi_scratch)
- .fill 3,8,0
- .byte 0
- .quad 0

71
debian/patches/bugfix/x86/x86-efi-map-ram-into-the-identity-page-table-for-mix.patch vendored Normal file
View File

@ -0,0 +1,71 @@
From: Matt Fleming <matt@codeblueprint.co.uk>
Date: Fri, 27 Nov 2015 21:09:32 +0000
Subject: [3/5] x86/efi: Map RAM into the identity page table for mixed mode
Origin: https://git.kernel.org/cgit/linux/kernel/git/mfleming/efi.git/commit?id=b61a76f8850d2979550abc42d7e09154ebb8d785
We are relying on the pre-existing mappings in 'trampoline_pgd'
when accessing function arguments in the EFI mixed mode thunking
code.
Instead let's map memory explicitly so that things will continue
to work when we move to a separate page table in the future.
Signed-off-by: Matt Fleming <matt@codeblueprint.co.uk>
Reviewed-by: Borislav Petkov <bp@suse.de>
Acked-by: Borislav Petkov <bp@suse.de>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Sai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Toshi Kani <toshi.kani@hp.com>
Cc: linux-efi@vger.kernel.org
Link: http://lkml.kernel.org/r/1448658575-17029-4-git-send-email-matt@codeblueprint.co.uk
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
arch/x86/platform/efi/efi_64.c | 20 ++++++++++++++++++++
1 file changed, 20 insertions(+)
diff --git a/arch/x86/platform/efi/efi_64.c b/arch/x86/platform/efi/efi_64.c
index 5aa186db59e3..102976dda8c4 100644
--- a/arch/x86/platform/efi/efi_64.c
+++ b/arch/x86/platform/efi/efi_64.c
@@ -144,6 +144,7 @@ void efi_sync_low_kernel_mappings(void)
int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages)
{
unsigned long pfn, text;
+ efi_memory_desc_t *md;
struct page *page;
unsigned npages;
pgd_t *pgd;
@@ -177,6 +178,25 @@ int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages)
if (!IS_ENABLED(CONFIG_EFI_MIXED))
return 0;
+ /*
+ * Map all of RAM so that we can access arguments in the 1:1
+ * mapping when making EFI runtime calls.
+ */
+ for_each_efi_memory_desc(&memmap, md) {
+ if (md->type != EFI_CONVENTIONAL_MEMORY &&
+ md->type != EFI_LOADER_DATA &&
+ md->type != EFI_LOADER_CODE)
+ continue;
+
+ pfn = md->phys_addr >> PAGE_SHIFT;
+ npages = md->num_pages;
+
+ if (kernel_map_pages_in_pgd(pgd, pfn, md->phys_addr, npages, 0)) {
+ pr_err("Failed to map 1:1 memory\n");
+ return 1;
+ }
+ }
+
page = alloc_page(GFP_KERNEL|__GFP_DMA32);
if (!page)
panic("Unable to allocate EFI runtime stack < 4GB\n");

83
debian/patches/bugfix/x86/x86-efi-setup-separate-efi-page-tables-in-kexec-path.patch vendored Normal file
View File

@ -0,0 +1,83 @@
From: Matt Fleming <matt@codeblueprint.co.uk>
Date: Thu, 21 Jan 2016 14:11:59 +0000
Subject: x86/efi: Setup separate EFI page tables in kexec paths
Origin: https://git.kernel.org/cgit/linux/kernel/git/mfleming/efi.git/commit?id=753b11ef8e92a1c1bbe97f2a5ec14bdd1ef2e6fe
The switch to using a new dedicated page table for EFI runtime
calls in commit commit 67a9108ed431 ("x86/efi: Build our own
page table structures") failed to take into account changes
required for the kexec code paths, which are unfortunately
duplicated in the EFI code.
Call the allocation and setup functions in
kexec_enter_virtual_mode() just like we do for
__efi_enter_virtual_mode() to avoid hitting NULL-pointer
dereferences when making EFI runtime calls.
At the very least, the call to efi_setup_page_tables() should
have existed for kexec before the following commit:
67a9108ed431 ("x86/efi: Build our own page table structures")
Things just magically worked because we were actually using
the kernel's page tables that contained the required mappings.
Reported-by: Srikar Dronamraju <srikar@linux.vnet.ibm.com>
Tested-by: Srikar Dronamraju <srikar@linux.vnet.ibm.com>
Signed-off-by: Matt Fleming <matt@codeblueprint.co.uk>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Dave Young <dyoung@redhat.com>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Raghavendra K T <raghavendra.kt@linux.vnet.ibm.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/1453385519-11477-1-git-send-email-matt@codeblueprint.co.uk
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
arch/x86/platform/efi/efi.c | 15 +++++++++++++++
1 file changed, 15 insertions(+)
diff --git a/arch/x86/platform/efi/efi.c b/arch/x86/platform/efi/efi.c
index 3c1f3cd7b2ba..bdd9477f937c 100644
--- a/arch/x86/platform/efi/efi.c
+++ b/arch/x86/platform/efi/efi.c
@@ -815,6 +815,7 @@ static void __init kexec_enter_virtual_mode(void)
{
#ifdef CONFIG_KEXEC_CORE
efi_memory_desc_t *md;
+ unsigned int num_pages;
void *p;
efi.systab = NULL;
@@ -829,6 +830,12 @@ static void __init kexec_enter_virtual_mode(void)
return;
}
+ if (efi_alloc_page_tables()) {
+ pr_err("Failed to allocate EFI page tables\n");
+ clear_bit(EFI_RUNTIME_SERVICES, &efi.flags);
+ return;
+ }
+
/*
* Map efi regions which were passed via setup_data. The virt_addr is a
* fixed addr which was used in first kernel of a kexec boot.
@@ -843,6 +850,14 @@ static void __init kexec_enter_virtual_mode(void)
BUG_ON(!efi.systab);
+ num_pages = ALIGN(memmap.nr_map * memmap.desc_size, PAGE_SIZE);
+ num_pages >>= PAGE_SHIFT;
+
+ if (efi_setup_page_tables(memmap.phys_map, num_pages)) {
+ clear_bit(EFI_RUNTIME_SERVICES, &efi.flags);
+ return;
+ }
+
efi_sync_low_kernel_mappings();
/*

53
debian/patches/bugfix/x86/x86-mm-page-align-the-_end-symbol-to-avoid-pfn-conve.patch vendored Normal file
View File

@ -0,0 +1,53 @@
From: Matt Fleming <matt@codeblueprint.co.uk>
Date: Fri, 27 Nov 2015 21:09:30 +0000
Subject: [1/5] x86/mm: Page align the '_end' symbol to avoid pfn conversion
bugs
Origin: https://git.kernel.org/cgit/linux/kernel/git/mfleming/efi.git/commit?id=21cdb6b568435738cc0b303b2b3b82742396310c
Ingo noted that if we can guarantee _end is aligned to PAGE_SIZE
we can automatically avoid bugs along the lines of,
size = _end - _text >> PAGE_SHIFT
which is missing a call to PFN_ALIGN(). The EFI mixed mode
contains this bug, for example.
_text is already aligned to PAGE_SIZE through the use of
LOAD_PHYSICAL_ADDR, and the BSS and BRK sections are explicitly
aligned in the linker script, so it makes sense to align _end to
match.
Reported-by: Ingo Molnar <mingo@kernel.org>
Signed-off-by: Matt Fleming <matt@codeblueprint.co.uk>
Acked-by: Borislav Petkov <bp@suse.de>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Sai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Toshi Kani <toshi.kani@hp.com>
Cc: linux-efi@vger.kernel.org
Link: http://lkml.kernel.org/r/1448658575-17029-2-git-send-email-matt@codeblueprint.co.uk
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
arch/x86/kernel/vmlinux.lds.S | 1 +
1 file changed, 1 insertion(+)
diff --git a/arch/x86/kernel/vmlinux.lds.S b/arch/x86/kernel/vmlinux.lds.S
index 74e4bf11f562..4f1994257a18 100644
--- a/arch/x86/kernel/vmlinux.lds.S
+++ b/arch/x86/kernel/vmlinux.lds.S
@@ -325,6 +325,7 @@ SECTIONS
__brk_limit = .;
}
+ . = ALIGN(PAGE_SIZE);
_end = .;
STABS_DEBUG

144
debian/patches/bugfix/x86/x86-mm-pat-ensure-cpa-pfn-only-contains-page-frame-n.patch vendored Normal file
View File

@ -0,0 +1,144 @@
From: Matt Fleming <matt@codeblueprint.co.uk>
Date: Fri, 27 Nov 2015 21:09:31 +0000
Subject: [2/5] x86/mm/pat: Ensure cpa->pfn only contains page frame numbers
Origin: https://git.kernel.org/cgit/linux/kernel/git/mfleming/efi.git/commit?id=edc3b9129cecd0f0857112136f5b8b1bc1d45918
The x86 pageattr code is confused about the data that is stored
in cpa->pfn, sometimes it's treated as a page frame number,
sometimes it's treated as an unshifted physical address, and in
one place it's treated as a pte.
The result of this is that the mapping functions do not map the
intended physical address.
This isn't a problem in practice because most of the addresses
we're mapping in the EFI code paths are already mapped in
'trampoline_pgd' and so the pageattr mapping functions don't
actually do anything in this case. But when we move to using a
separate page table for the EFI runtime this will be an issue.
Signed-off-by: Matt Fleming <matt@codeblueprint.co.uk>
Reviewed-by: Borislav Petkov <bp@suse.de>
Acked-by: Borislav Petkov <bp@suse.de>
Cc: Andy Lutomirski <luto@amacapital.net>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Brian Gerst <brgerst@gmail.com>
Cc: Dave Hansen <dave.hansen@intel.com>
Cc: Denys Vlasenko <dvlasenk@redhat.com>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Sai Praneeth Prakhya <sai.praneeth.prakhya@intel.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Toshi Kani <toshi.kani@hp.com>
Cc: linux-efi@vger.kernel.org
Link: http://lkml.kernel.org/r/1448658575-17029-3-git-send-email-matt@codeblueprint.co.uk
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
arch/x86/mm/pageattr.c | 17 ++++++-----------
arch/x86/platform/efi/efi_64.c | 16 ++++++++++------
2 files changed, 16 insertions(+), 17 deletions(-)
diff --git a/arch/x86/mm/pageattr.c b/arch/x86/mm/pageattr.c
index a3137a4feed1..c70e42014101 100644
--- a/arch/x86/mm/pageattr.c
+++ b/arch/x86/mm/pageattr.c
@@ -905,15 +905,10 @@ static void populate_pte(struct cpa_data *cpa,
pte = pte_offset_kernel(pmd, start);
while (num_pages-- && start < end) {
-
- /* deal with the NX bit */
- if (!(pgprot_val(pgprot) & _PAGE_NX))
- cpa->pfn &= ~_PAGE_NX;
-
- set_pte(pte, pfn_pte(cpa->pfn >> PAGE_SHIFT, pgprot));
+ set_pte(pte, pfn_pte(cpa->pfn, pgprot));
start += PAGE_SIZE;
- cpa->pfn += PAGE_SIZE;
+ cpa->pfn++;
pte++;
}
}
@@ -969,11 +964,11 @@ static int populate_pmd(struct cpa_data *cpa,
pmd = pmd_offset(pud, start);
- set_pmd(pmd, __pmd(cpa->pfn | _PAGE_PSE |
+ set_pmd(pmd, __pmd(cpa->pfn << PAGE_SHIFT | _PAGE_PSE |
massage_pgprot(pmd_pgprot)));
start += PMD_SIZE;
- cpa->pfn += PMD_SIZE;
+ cpa->pfn += PMD_SIZE >> PAGE_SHIFT;
cur_pages += PMD_SIZE >> PAGE_SHIFT;
}
@@ -1042,11 +1037,11 @@ static int populate_pud(struct cpa_data *cpa, unsigned long start, pgd_t *pgd,
* Map everything starting from the Gb boundary, possibly with 1G pages
*/
while (end - start >= PUD_SIZE) {
- set_pud(pud, __pud(cpa->pfn | _PAGE_PSE |
+ set_pud(pud, __pud(cpa->pfn << PAGE_SHIFT | _PAGE_PSE |
massage_pgprot(pud_pgprot)));
start += PUD_SIZE;
- cpa->pfn += PUD_SIZE;
+ cpa->pfn += PUD_SIZE >> PAGE_SHIFT;
cur_pages += PUD_SIZE >> PAGE_SHIFT;
pud++;
}
diff --git a/arch/x86/platform/efi/efi_64.c b/arch/x86/platform/efi/efi_64.c
index a0ac0f9c307f..5aa186db59e3 100644
--- a/arch/x86/platform/efi/efi_64.c
+++ b/arch/x86/platform/efi/efi_64.c
@@ -143,7 +143,7 @@ void efi_sync_low_kernel_mappings(void)
int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages)
{
- unsigned long text;
+ unsigned long pfn, text;
struct page *page;
unsigned npages;
pgd_t *pgd;
@@ -160,7 +160,8 @@ int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages)
* and ident-map those pages containing the map before calling
* phys_efi_set_virtual_address_map().
*/
- if (kernel_map_pages_in_pgd(pgd, pa_memmap, pa_memmap, num_pages, _PAGE_NX)) {
+ pfn = pa_memmap >> PAGE_SHIFT;
+ if (kernel_map_pages_in_pgd(pgd, pfn, pa_memmap, num_pages, _PAGE_NX)) {
pr_err("Error ident-mapping new memmap (0x%lx)!\n", pa_memmap);
return 1;
}
@@ -185,8 +186,9 @@ int __init efi_setup_page_tables(unsigned long pa_memmap, unsigned num_pages)
npages = (_end - _text) >> PAGE_SHIFT;
text = __pa(_text);
+ pfn = text >> PAGE_SHIFT;
- if (kernel_map_pages_in_pgd(pgd, text >> PAGE_SHIFT, text, npages, 0)) {
+ if (kernel_map_pages_in_pgd(pgd, pfn, text, npages, 0)) {
pr_err("Failed to map kernel text 1:1\n");
return 1;
}
@@ -204,12 +206,14 @@ void __init efi_cleanup_page_tables(unsigned long pa_memmap, unsigned num_pages)
static void __init __map_region(efi_memory_desc_t *md, u64 va)
{
pgd_t *pgd = (pgd_t *)__va(real_mode_header->trampoline_pgd);
- unsigned long pf = 0;
+ unsigned long flags = 0;
+ unsigned long pfn;
if (!(md->attribute & EFI_MEMORY_WB))
- pf |= _PAGE_PCD;
+ flags |= _PAGE_PCD;
- if (kernel_map_pages_in_pgd(pgd, md->phys_addr, va, md->num_pages, pf))
+ pfn = md->phys_addr >> PAGE_SHIFT;
+ if (kernel_map_pages_in_pgd(pgd, pfn, va, md->num_pages, flags))
pr_warn("Error mapping PA 0x%llx -> VA 0x%llx!\n",
md->phys_addr, va);
}

27
debian/patches/debian/i386-686-pae-pci-set-pci-nobios-by-default.patch vendored Normal file
View File

@ -0,0 +1,27 @@
From: Ben Hutchings <ben@decadent.org.uk>
Date: Tue, 16 Feb 2016 02:45:42 +0000
Subject: [i386/686-pae] PCI: Set pci=nobios by default
Forwarded: not-needed
CONFIG_PCI_GOBIOS results in physical addresses 640KB-1MB being mapped
W+X, which is undesirable for security reasons and will result in a
warning at boot now that we enable CONFIG_DEBUG_WX.
This can be overridden using the kernel parameter "pci=nobios", but we
want to disable W+X by default. Disable PCI BIOS probing by default;
it can still be enabled using "pci=bios".
---
--- a/arch/x86/pci/common.c
+++ b/arch/x86/pci/common.c
@@ -20,8 +20,8 @@
#include <asm/pci_x86.h>
#include <asm/setup.h>
-unsigned int pci_probe = PCI_PROBE_BIOS | PCI_PROBE_CONF1 | PCI_PROBE_CONF2 |
- PCI_PROBE_MMCONF;
+unsigned int pci_probe = PCI_PROBE_CONF1 | PCI_PROBE_CONF2 | PCI_PROBE_MMCONF |
+ (IS_ENABLED(CONFIG_X86_64) || IS_ENABLED(CONFIG_X86_PAE) ? 0 : PCI_PROBE_BIOS);
unsigned int pci_early_dump_regs;
static int pci_bf_sort;

10
debian/patches/series vendored
View File

@ -67,3 +67,13 @@ features/all/grsecurity/grkernsec_perf_harden.patch
# Security fixes
bugfix/all/ptrace-being-capable-wrt-a-process-requires-mapped-uids-gids.patch
bugfix/all/af_unix-guard-against-other-sk-in-unix_dgram_sendmsg.patch
bugfix/all/af_unix-don-t-set-err-in-unix_stream_read_generic-unless-there-was-an-error.patch
bugfix/x86/x86-mm-page-align-the-_end-symbol-to-avoid-pfn-conve.patch
bugfix/x86/x86-mm-pat-ensure-cpa-pfn-only-contains-page-frame-n.patch
bugfix/x86/x86-efi-map-ram-into-the-identity-page-table-for-mix.patch
bugfix/x86/x86-efi-hoist-page-table-switching-code-into-efi_cal.patch
bugfix/x86/x86-efi-build-our-own-page-table-structures.patch
bugfix/x86/x86-efi-setup-separate-efi-page-tables-in-kexec-path.patch
debian/i386-686-pae-pci-set-pci-nobios-by-default.patch
bugfix/all/iff_no_queue-fix-for-drivers-not-calling-ether_setup.patch

2
debian/templates/control.source.in vendored
View File

@ -4,7 +4,7 @@ Maintainer: Debian Kernel Team <debian-kernel@lists.debian.org>
Uploaders: Bastian Blank <waldi@debian.org>, maximilian attems <maks@debian.org>, Ben Hutchings <ben@decadent.org.uk>
Standards-Version: 3.9.5
Build-Depends: debhelper, python3:any, quilt,
cpio <!stage1>, kmod <!stage1>, xz-utils <!stage1>, kernel-wedge <!stage1>, bc <!stage1>
cpio <!stage1>, kmod <!stage1>, xz-utils <!stage1>, kernel-wedge (>= 2.93~) <!stage1>, bc <!stage1>
Build-Depends-Indep: patchutils <!stage1>, xmlto <!stage1>
Vcs-Git: https://anonscm.debian.org/git/kernel/linux.git
Vcs-Browser: https://anonscm.debian.org/cgit/kernel/linux.git