From edfb7d0f0e5a7e69c4e7b0780afe66ca3437a6de Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Wed, 31 Jan 2018 21:08:15 +0100 Subject: [PATCH] Update to 4.14.16 --- debian/changelog | 77 ++++++++++++++++++- ...ink_cthelper-add-missing-permission-.patch | 74 ------------------ ...xt_osf-add-missing-permission-checks.patch | 56 -------------- ...-gid-sorting-when-rootsquash-enabled.patch | 46 ----------- ...-false-sharing-of-map-refcount-with-.patch | 59 ++++++++++++++ ...module-add-retpoline-tag-to-vermagic.patch | 52 ------------- ...-Reduce-conditional-code-hres_active.patch | 12 +-- ...e-remote-enqueue-check-unconditional.patch | 10 ++- debian/patches/series | 5 +- 9 files changed, 146 insertions(+), 245 deletions(-) delete mode 100644 debian/patches/bugfix/all/netfilter-nfnetlink_cthelper-add-missing-permission-.patch delete mode 100644 debian/patches/bugfix/all/netfilter-xt_osf-add-missing-permission-checks.patch delete mode 100644 debian/patches/bugfix/all/nfsd-auth-Fix-gid-sorting-when-rootsquash-enabled.patch create mode 100644 debian/patches/debian/revert-bpf-avoid-false-sharing-of-map-refcount-with-.patch delete mode 100644 debian/patches/debian/revert-module-add-retpoline-tag-to-vermagic.patch diff --git a/debian/changelog b/debian/changelog index e328f536b..3639814be 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -linux (4.14.15-1) UNRELEASED; urgency=medium +linux (4.14.16-1) UNRELEASED; urgency=medium * New upstream stable update: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.14 @@ -196,12 +196,83 @@ linux (4.14.15-1) UNRELEASED; urgency=medium - mm, page_vma_mapped: Drop faulty pointer arithmetics in check_pte() - [arm64, armhf] net: mvpp2: do not disable GMAC padding - [mips]: AR7: ensure the port type's FCR value is used + https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.16 + - mm, page_alloc: fix potential false positive in __zone_watermark_ok + - xfrm: Fix a race in the xdst pcpu cache. + - Revert "module: Add retpoline tag to VERMAGIC" + - Input: xpad - add support for PDP Xbox One controllers + - Input: trackpoint - force 3 buttons if 0 button is reported + - Input: trackpoint - only expose supported controls for Elan, ALPS and + NXP + - Btrfs: fix stale entries in readdir + - [s390x] KVM: add proper locking for CMMA migration bitmap + - [arm*] net: bpf: avoid 'bx' instruction on non-Thumb capable CPUs + - [arm*] net: bpf: fix tail call jumps + - [arm*] net: bpf: fix stack alignment + - [arm*] net: bpf: move stack documentation + - [arm*] net: bpf: correct stack layout documentation + - [arm*] net: bpf: fix register saving + - [arm*] net: bpf: fix LDX instructions + - [arm*] net: bpf: clarify tail_call index + - [arm64,armhf] drm/vc4: Fix NULL pointer dereference in + vc4_save_hang_state() + - net: Allow neigh contructor functions ability to modify the primary_key + - ipv4: Make neigh lookup keys for loopback/point-to-point devices be + INADDR_ANY + - dccp: don't restart ccid2_hc_tx_rto_expire() if sk in closed state + - ipv6: Fix getsockopt() for sockets with default IPV6_AUTOFLOWLABEL + - ipv6: fix udpv6 sendmsg crash caused by too small MTU + - ipv6: ip6_make_skb() needs to clear cork.base.dst + - lan78xx: Fix failure in USB Full Speed + - net: igmp: fix source address check for IGMPv3 reports + - net: qdisc_pkt_len_init() should be more robust + - net: tcp: close sock if net namespace is exiting + - net/tls: Fix inverted error codes to avoid endless loop + - net: vrf: Add support for sends to local broadcast address + - pppoe: take ->needed_headroom of lower device into account on xmit + - r8169: fix memory corruption on retrieval of hardware statistics. + - sctp: do not allow the v4 socket to bind a v4mapped v6 address + - sctp: return error if the asoc has been peeled off in + sctp_wait_for_sndbuf + - tipc: fix a memory leak in tipc_nl_node_get_link() + - {net,ib}/mlx5: Don't disable local loopback multicast traffic when + needed + - net/mlx5: Fix get vector affinity helper function + - ppp: unlock all_ppp_mutex before registering device + - be2net: restore properly promisc mode after queues reconfiguration + - ip6_gre: init dev->mtu and dev->hard_header_len correctly + - gso: validate gso_type in GSO handlers + - tun: fix a memory leak for tfile->tx_array + - flow_dissector: properly cap thoff field + - sctp: reinit stream if stream outcnt has been change by sinit in sendmsg + - netlink: extack needs to be reset each time through loop + - net/mlx5e: Fix fixpoint divide exception in mlx5e_am_stats_compare + - nfp: use the correct index for link speed table + - netlink: reset extack earlier in netlink_rcv_skb + - net/tls: Only attach to sockets in ESTABLISHED state + - tls: fix sw_ctx leak + - tls: return -EBUSY if crypto_info is already set + - tls: reset crypto_info when do_tls_setsockopt_tx fails + - net: ipv4: Make "ip route get" match iif lo rules again. + - vmxnet3: repair memory leak + - perf/x86/amd/power: Do not load AMD power module on !AMD platforms + - [x86] microcode/intel: Extend BDW late-loading further with LLC size + check + - [x86] microcode: Fix again accessing initrd after having been freed + - [x86] mm/64: Fix vmapped stack syncing on very-large-memory 4-level + systems + - hrtimer: Reset hrtimer cpu base proper on CPU hotplug + - bpf: introduce BPF_JIT_ALWAYS_ON config + - bpf: fix divides by zero + - bpf: fix 32-bit divide by zero + - bpf: reject stores into ctx via st and xadd + - [arm64] bpf: fix stack_depth tracking in combination with tail calls + - cpufreq: governor: Ensure sufficiently large sampling intervals + - nfsd: auth: Fix gid sorting when rootsquash enabled (CVE-2018-1000028) [ Salvatore Bonaccorso ] * loop: fix concurrent lo_open/lo_release (CVE-2018-5344) - * Revert "module: Add retpoline tag to VERMAGIC" * [rt] Update to 4.14.15-rt11 - * nfsd: auth: Fix gid sorting when rootsquash enabled (CVE-2018-1000028) * [rt] Update to 4.14.15-rt13 [ Ben Hutchings ] diff --git a/debian/patches/bugfix/all/netfilter-nfnetlink_cthelper-add-missing-permission-.patch b/debian/patches/bugfix/all/netfilter-nfnetlink_cthelper-add-missing-permission-.patch deleted file mode 100644 index effd6591c..000000000 --- a/debian/patches/bugfix/all/netfilter-nfnetlink_cthelper-add-missing-permission-.patch +++ /dev/null @@ -1,74 +0,0 @@ -From: Kevin Cernekee -Date: Sun, 3 Dec 2017 12:12:45 -0800 -Subject: netfilter: nfnetlink_cthelper: Add missing permission checks -Origin: https://git.kernel.org/linus/4b380c42f7d00a395feede754f0bc2292eebe6e5 -Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-17448 - -The capability check in nfnetlink_rcv() verifies that the caller -has CAP_NET_ADMIN in the namespace that "owns" the netlink socket. -However, nfnl_cthelper_list is shared by all net namespaces on the -system. An unprivileged user can create user and net namespaces -in which he holds CAP_NET_ADMIN to bypass the netlink_net_capable() -check: - - $ nfct helper list - nfct v1.4.4: netlink error: Operation not permitted - $ vpnns -- nfct helper list - { - .name = ftp, - .queuenum = 0, - .l3protonum = 2, - .l4protonum = 6, - .priv_data_len = 24, - .status = enabled, - }; - -Add capable() checks in nfnetlink_cthelper, as this is cleaner than -trying to generalize the solution. - -Signed-off-by: Kevin Cernekee -Signed-off-by: Pablo Neira Ayuso ---- - net/netfilter/nfnetlink_cthelper.c | 10 ++++++++++ - 1 file changed, 10 insertions(+) - ---- a/net/netfilter/nfnetlink_cthelper.c -+++ b/net/netfilter/nfnetlink_cthelper.c -@@ -17,6 +17,7 @@ - #include - #include - #include -+#include - #include - #include - -@@ -407,6 +408,9 @@ static int nfnl_cthelper_new(struct net - struct nfnl_cthelper *nlcth; - int ret = 0; - -+ if (!capable(CAP_NET_ADMIN)) -+ return -EPERM; -+ - if (!tb[NFCTH_NAME] || !tb[NFCTH_TUPLE]) - return -EINVAL; - -@@ -611,6 +615,9 @@ static int nfnl_cthelper_get(struct net - struct nfnl_cthelper *nlcth; - bool tuple_set = false; - -+ if (!capable(CAP_NET_ADMIN)) -+ return -EPERM; -+ - if (nlh->nlmsg_flags & NLM_F_DUMP) { - struct netlink_dump_control c = { - .dump = nfnl_cthelper_dump_table, -@@ -678,6 +685,9 @@ static int nfnl_cthelper_del(struct net - struct nfnl_cthelper *nlcth, *n; - int j = 0, ret; - -+ if (!capable(CAP_NET_ADMIN)) -+ return -EPERM; -+ - if (tb[NFCTH_NAME]) - helper_name = nla_data(tb[NFCTH_NAME]); - diff --git a/debian/patches/bugfix/all/netfilter-xt_osf-add-missing-permission-checks.patch b/debian/patches/bugfix/all/netfilter-xt_osf-add-missing-permission-checks.patch deleted file mode 100644 index fcaacd725..000000000 --- a/debian/patches/bugfix/all/netfilter-xt_osf-add-missing-permission-checks.patch +++ /dev/null @@ -1,56 +0,0 @@ -From: Kevin Cernekee -Date: Tue, 5 Dec 2017 15:42:41 -0800 -Subject: netfilter: xt_osf: Add missing permission checks -Origin: https://git.kernel.org/linus/916a27901de01446bcf57ecca4783f6cff493309 -Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-17450 - -The capability check in nfnetlink_rcv() verifies that the caller -has CAP_NET_ADMIN in the namespace that "owns" the netlink socket. -However, xt_osf_fingers is shared by all net namespaces on the -system. An unprivileged user can create user and net namespaces -in which he holds CAP_NET_ADMIN to bypass the netlink_net_capable() -check: - - vpnns -- nfnl_osf -f /tmp/pf.os - - vpnns -- nfnl_osf -f /tmp/pf.os -d - -These non-root operations successfully modify the systemwide OS -fingerprint list. Add new capable() checks so that they can't. - -Signed-off-by: Kevin Cernekee -Signed-off-by: Pablo Neira Ayuso ---- - net/netfilter/xt_osf.c | 7 +++++++ - 1 file changed, 7 insertions(+) - ---- a/net/netfilter/xt_osf.c -+++ b/net/netfilter/xt_osf.c -@@ -19,6 +19,7 @@ - #include - #include - -+#include - #include - #include - #include -@@ -70,6 +71,9 @@ static int xt_osf_add_callback(struct ne - struct xt_osf_finger *kf = NULL, *sf; - int err = 0; - -+ if (!capable(CAP_NET_ADMIN)) -+ return -EPERM; -+ - if (!osf_attrs[OSF_ATTR_FINGER]) - return -EINVAL; - -@@ -115,6 +119,9 @@ static int xt_osf_remove_callback(struct - struct xt_osf_finger *sf; - int err = -ENOENT; - -+ if (!capable(CAP_NET_ADMIN)) -+ return -EPERM; -+ - if (!osf_attrs[OSF_ATTR_FINGER]) - return -EINVAL; - diff --git a/debian/patches/bugfix/all/nfsd-auth-Fix-gid-sorting-when-rootsquash-enabled.patch b/debian/patches/bugfix/all/nfsd-auth-Fix-gid-sorting-when-rootsquash-enabled.patch deleted file mode 100644 index c2e3cc858..000000000 --- a/debian/patches/bugfix/all/nfsd-auth-Fix-gid-sorting-when-rootsquash-enabled.patch +++ /dev/null @@ -1,46 +0,0 @@ -From: Ben Hutchings -Date: Mon, 22 Jan 2018 20:11:06 +0000 -Subject: nfsd: auth: Fix gid sorting when rootsquash enabled -Origin: https://git.kernel.org/linus/1995266727fa8143897e89b55f5d3c79aa828420 -Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2018-1000028 - -Commit bdcf0a423ea1 ("kernel: make groups_sort calling a responsibility -group_info allocators") appears to break nfsd rootsquash in a pretty -major way. - -It adds a call to groups_sort() inside the loop that copies/squashes -gids, which means the valid gids are sorted along with the following -garbage. The net result is that the highest numbered valid gids are -replaced with any lower-valued garbage gids, possibly including 0. - -We should sort only once, after filling in all the gids. - -Fixes: bdcf0a423ea1 ("kernel: make groups_sort calling a responsibility ...") -Signed-off-by: Ben Hutchings -Acked-by: J. Bruce Fields -Signed-off-by: Linus Torvalds ---- - fs/nfsd/auth.c | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/fs/nfsd/auth.c b/fs/nfsd/auth.c -index f650e475d8f0..fdf2aad73470 100644 ---- a/fs/nfsd/auth.c -+++ b/fs/nfsd/auth.c -@@ -60,10 +60,10 @@ int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp) - gi->gid[i] = exp->ex_anon_gid; - else - gi->gid[i] = rqgi->gid[i]; -- -- /* Each thread allocates its own gi, no race */ -- groups_sort(gi); - } -+ -+ /* Each thread allocates its own gi, no race */ -+ groups_sort(gi); - } else { - gi = get_group_info(rqgi); - } --- -2.11.0 - diff --git a/debian/patches/debian/revert-bpf-avoid-false-sharing-of-map-refcount-with-.patch b/debian/patches/debian/revert-bpf-avoid-false-sharing-of-map-refcount-with-.patch new file mode 100644 index 000000000..863af90fd --- /dev/null +++ b/debian/patches/debian/revert-bpf-avoid-false-sharing-of-map-refcount-with-.patch @@ -0,0 +1,59 @@ +From: Salvatore Bonaccorso +Date: Fri, 2 Feb 2018 13:33:53 +0100 +Subject: Revert "bpf: avoid false sharing of map refcount with max_entries" +Origin: https://git.kernel.org/linus/d5b555516e042378f54c1640ba61265e76a8b6e9 + +This reverts commit 3ea4247ec1b7efc423cf4f75450ebf5cffab9ed8 which is +commit be95a845cc4402272994ce290e3ad928aff06cb9 upstream. This commit +heavily modifies the bpf_map structure to split it on two cachelines and +prevent sharing reference counter with other, read-only fields in order +to mitigate Spectre attacks. This modification changes the ABI, so +revert the mitigation for now since the infrastructure is not yet +complete for Spectre mitigation anyway. +--- + include/linux/bpf.h | 21 +++++---------------- + 1 file changed, 5 insertions(+), 16 deletions(-) + +diff --git a/include/linux/bpf.h b/include/linux/bpf.h +index 5c5be80ce802..0bcf803f20de 100644 +--- a/include/linux/bpf.h ++++ b/include/linux/bpf.h +@@ -42,14 +42,7 @@ struct bpf_map_ops { + }; + + struct bpf_map { +- /* 1st cacheline with read-mostly members of which some +- * are also accessed in fast-path (e.g. ops, max_entries). +- */ +- const struct bpf_map_ops *ops ____cacheline_aligned; +- struct bpf_map *inner_map_meta; +-#ifdef CONFIG_SECURITY +- void *security; +-#endif ++ atomic_t refcnt; + enum bpf_map_type map_type; + u32 key_size; + u32 value_size; +@@ -59,15 +52,11 @@ struct bpf_map { + u32 id; + int numa_node; + bool unpriv_array; +- /* 7 bytes hole */ +- +- /* 2nd cacheline with misc members to avoid false sharing +- * particularly with refcounting. +- */ +- struct user_struct *user ____cacheline_aligned; +- atomic_t refcnt; +- atomic_t usercnt; ++ struct user_struct *user; ++ const struct bpf_map_ops *ops; + struct work_struct work; ++ atomic_t usercnt; ++ struct bpf_map *inner_map_meta; + }; + + /* function argument constraints */ +-- +2.11.0 + diff --git a/debian/patches/debian/revert-module-add-retpoline-tag-to-vermagic.patch b/debian/patches/debian/revert-module-add-retpoline-tag-to-vermagic.patch deleted file mode 100644 index 2b4d0eacc..000000000 --- a/debian/patches/debian/revert-module-add-retpoline-tag-to-vermagic.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 5132ede0fe8092b043dae09a7cc32b8ae7272baa Mon Sep 17 00:00:00 2001 -From: Greg Kroah-Hartman -Date: Wed, 24 Jan 2018 15:28:17 +0100 -Subject: Revert "module: Add retpoline tag to VERMAGIC" - -From: Greg Kroah-Hartman - -commit 5132ede0fe8092b043dae09a7cc32b8ae7272baa upstream. - -This reverts commit 6cfb521ac0d5b97470883ff9b7facae264b7ab12. - -Turns out distros do not want to make retpoline as part of their "ABI", -so this patch should not have been merged. Sorry Andi, this was my -fault, I suggested it when your original patch was the "correct" way of -doing this instead. - -Reported-by: Jiri Kosina -Fixes: 6cfb521ac0d5 ("module: Add retpoline tag to VERMAGIC") -Acked-by: Andi Kleen -Cc: Thomas Gleixner -Cc: David Woodhouse -Cc: rusty@rustcorp.com.au -Cc: arjan.van.de.ven@intel.com -Cc: jeyu@kernel.org -Signed-off-by: Linus Torvalds -Signed-off-by: Greg Kroah-Hartman - ---- - include/linux/vermagic.h | 8 +------- - 1 file changed, 1 insertion(+), 7 deletions(-) - ---- a/include/linux/vermagic.h -+++ b/include/linux/vermagic.h -@@ -31,17 +31,11 @@ - #else - #define MODULE_RANDSTRUCT_PLUGIN - #endif --#ifdef RETPOLINE --#define MODULE_VERMAGIC_RETPOLINE "retpoline " --#else --#define MODULE_VERMAGIC_RETPOLINE "" --#endif - - #define VERMAGIC_STRING \ - UTS_RELEASE " " \ - MODULE_VERMAGIC_SMP MODULE_VERMAGIC_PREEMPT \ - MODULE_VERMAGIC_MODULE_UNLOAD MODULE_VERMAGIC_MODVERSIONS \ - MODULE_ARCH_VERMAGIC \ -- MODULE_RANDSTRUCT_PLUGIN \ -- MODULE_VERMAGIC_RETPOLINE -+ MODULE_RANDSTRUCT_PLUGIN - diff --git a/debian/patches/features/all/rt/0013-hrtimer-Reduce-conditional-code-hres_active.patch b/debian/patches/features/all/rt/0013-hrtimer-Reduce-conditional-code-hres_active.patch index 25714172c..cd46b76ea 100644 --- a/debian/patches/features/all/rt/0013-hrtimer-Reduce-conditional-code-hres_active.patch +++ b/debian/patches/features/all/rt/0013-hrtimer-Reduce-conditional-code-hres_active.patch @@ -123,15 +123,15 @@ Signed-off-by: Sebastian Andrzej Siewior * Reprogram the event source with checking both queues for the * next event * Called with interrupts disabled and base->lock held -@@ -661,7 +662,6 @@ static void hrtimer_reprogram(struct hrt - static inline void hrtimer_init_hres(struct hrtimer_cpu_base *base) +@@ -662,7 +663,6 @@ static inline void hrtimer_init_hres(str { base->expires_next = KTIME_MAX; + base->hang_detected = 0; - base->hres_active = 0; + base->next_timer = NULL; } - /* -@@ -720,8 +720,6 @@ void clock_was_set_delayed(void) +@@ -722,8 +722,6 @@ void clock_was_set_delayed(void) #else @@ -140,9 +140,9 @@ Signed-off-by: Sebastian Andrzej Siewior static inline int hrtimer_is_hres_enabled(void) { return 0; } static inline void hrtimer_switch_to_hres(void) { } static inline void -@@ -1602,6 +1600,7 @@ int hrtimers_prepare_cpu(unsigned int cp - } +@@ -1605,6 +1603,7 @@ int hrtimers_prepare_cpu(unsigned int cp + cpu_base->active_bases = 0; cpu_base->cpu = cpu; + cpu_base->hres_active = 0; hrtimer_init_hres(cpu_base); diff --git a/debian/patches/features/all/rt/0015-hrtimer-Make-the-remote-enqueue-check-unconditional.patch b/debian/patches/features/all/rt/0015-hrtimer-Make-the-remote-enqueue-check-unconditional.patch index 80e15bc60..05e8e61c6 100644 --- a/debian/patches/features/all/rt/0015-hrtimer-Make-the-remote-enqueue-check-unconditional.patch +++ b/debian/patches/features/all/rt/0015-hrtimer-Make-the-remote-enqueue-check-unconditional.patch @@ -95,7 +95,7 @@ Signed-off-by: Sebastian Andrzej Siewior } static inline -@@ -657,14 +652,6 @@ static void hrtimer_reprogram(struct hrt +@@ -657,16 +652,6 @@ static void hrtimer_reprogram(struct hrt } /* @@ -104,13 +104,15 @@ Signed-off-by: Sebastian Andrzej Siewior -static inline void hrtimer_init_hres(struct hrtimer_cpu_base *base) -{ - base->expires_next = KTIME_MAX; +- base->hang_detected = 0; +- base->next_timer = NULL; -} - -/* * Retrigger next event is called after clock was set * * Called with interrupts disabled via on_each_cpu() -@@ -729,7 +716,6 @@ static inline int hrtimer_reprogram(stru +@@ -731,7 +716,6 @@ static inline int hrtimer_reprogram(stru { return 0; } @@ -118,8 +120,8 @@ Signed-off-by: Sebastian Andrzej Siewior static inline void retrigger_next_event(void *arg) { } #endif /* CONFIG_HIGH_RES_TIMERS */ -@@ -1601,7 +1587,7 @@ int hrtimers_prepare_cpu(unsigned int cp - +@@ -1604,7 +1588,7 @@ int hrtimers_prepare_cpu(unsigned int cp + cpu_base->active_bases = 0; cpu_base->cpu = cpu; cpu_base->hres_active = 0; - hrtimer_init_hres(cpu_base); diff --git a/debian/patches/series b/debian/patches/series index beda545ab..8825ed677 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -118,13 +118,10 @@ features/all/lockdown/arm64-add-kernel-config-option-to-lock-down-when.patch # Security fixes debian/i386-686-pae-pci-set-pci-nobios-by-default.patch bugfix/all/dccp-cve-2017-8824-use-after-free-in-dccp-code.patch -bugfix/all/netfilter-nfnetlink_cthelper-add-missing-permission-.patch -bugfix/all/netfilter-xt_osf-add-missing-permission-checks.patch bugfix/all/media-dvb-usb-v2-lmedm04-Improve-logic-checking-of-w.patch bugfix/all/media-dvb-usb-v2-lmedm04-move-ts2020-attach-to-dm04_.patch bugfix/all/media-hdpvr-fix-an-error-handling-path-in-hdpvr_prob.patch bugfix/all/loop-fix-concurrent-lo_open-lo_release.patch -bugfix/all/nfsd-auth-Fix-gid-sorting-when-rootsquash-enabled.patch # Fix exported symbol versions bugfix/all/module-disable-matching-missing-version-crc.patch @@ -155,5 +152,5 @@ features/arm/dwmac-sun8i/0008-ARM-dts-sunxi-h3-h5-represent-the-mdio-switch-used features/arm64/tegra210-smp/0001-arm64-tegra-Add-CPU-and-PSCI-nodes-for-NVIDIA-Tegra2.patch # ABI maintenance +debian/revert-bpf-avoid-false-sharing-of-map-refcount-with-.patch debian/bpf-avoid-abi-change-in-4.14.14.patch -debian/revert-module-add-retpoline-tag-to-vermagic.patch