debian-packaging
/
linux
8
0
Fork 0
Code Releases Activity

Update to 4.11-rc6 

Remove merged patches and rebase remaining patches.

A portion of the secureboot patches have been upstreamed, but were
changed substantially during review, primarily to avoid code
duplication among arches.  I've stripped the patches of the merged
bits and rebased the remainder.

Signed-off-by: Lukas Wunner <lukas@wunner.de>
[bwh: Undo some incorrect context changes in
 bugfix/all/firmware-remove-redundant-log-messages-from-drivers.patch]
This commit is contained in:
Lukas Wunner 2017-04-19 11:30:57 +02:00 committed by Ben Hutchings
parent c59213f33a
commit f26f2a520d
39 changed files with 93 additions and 1333 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
debian/changelog vendored
View File

@ -1,3 +1,9 @@
linux (4.11~rc6-1~exp1) UNRELEASED; urgency=medium
* New upstream release candidate
-- Lukas Wunner <lukas@wunner.de> Sun, 16 Apr 2017 16:09:27 +0200
linux (4.10.7-1~exp1) experimental; urgency=medium
* New upstream stable update:

167
debian/patches/bugfix/all/ACPI-EC-Use-busy-polling-mode-when-GPE-is-not-enable.patch vendored
View File

@ -1,167 +0,0 @@
From: Lv Zheng <lv.zheng@intel.com>
Date: Fri, 20 Jan 2017 16:42:48 +0800
Subject: ACPI / EC: Use busy polling mode when GPE is not enabled
Origin: https://git.kernel.org/linus/c3a696b6e8f8f75f9f75e556a9f9f6472eae2655
Bug: https://bugzilla.kernel.org/show_bug.cgi?id=191561
Bug-Debian: https://bugs.debian.org/846792
When GPE is not enabled, it is not efficient to use the wait polling mode
as it introduces an unexpected scheduler delay.
So before the GPE handler is installed, this patch uses busy polling mode
for all EC(s) and the logic can be applied to non boot EC(s) during the
suspend/resume process.
Link: https://bugzilla.kernel.org/show_bug.cgi?id=191561
Tested-by: Jakobus Schurz <jakobus.schurz@gmail.com>
Tested-by: Chen Yu <yu.c.chen@intel.com>
Signed-off-by: Lv Zheng <lv.zheng@intel.com>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
---
drivers/acpi/ec.c | 62 ++++++++++++++++++++++++-------------------------
drivers/acpi/internal.h | 4 ++--
2 files changed, 32 insertions(+), 34 deletions(-)
diff --git a/drivers/acpi/ec.c b/drivers/acpi/ec.c
index 6a32cd4ec9da..c24235d8fb52 100644
--- a/drivers/acpi/ec.c
+++ b/drivers/acpi/ec.c
@@ -704,12 +704,12 @@ static void start_transaction(struct acpi_ec *ec)
static int ec_guard(struct acpi_ec *ec)
{
- unsigned long guard = usecs_to_jiffies(ec_polling_guard);
+ unsigned long guard = usecs_to_jiffies(ec->polling_guard);
unsigned long timeout = ec->timestamp + guard;
/* Ensure guarding period before polling EC status */
do {
- if (ec_busy_polling) {
+ if (ec->busy_polling) {
/* Perform busy polling */
if (ec_transaction_completed(ec))
return 0;
@@ -973,6 +973,28 @@ static void acpi_ec_stop(struct acpi_ec *ec, bool suspending)
spin_unlock_irqrestore(&ec->lock, flags);
}
+static void acpi_ec_enter_noirq(struct acpi_ec *ec)
+{
+ unsigned long flags;
+
+ spin_lock_irqsave(&ec->lock, flags);
+ ec->busy_polling = true;
+ ec->polling_guard = 0;
+ ec_log_drv("interrupt blocked");
+ spin_unlock_irqrestore(&ec->lock, flags);
+}
+
+static void acpi_ec_leave_noirq(struct acpi_ec *ec)
+{
+ unsigned long flags;
+
+ spin_lock_irqsave(&ec->lock, flags);
+ ec->busy_polling = ec_busy_polling;
+ ec->polling_guard = ec_polling_guard;
+ ec_log_drv("interrupt unblocked");
+ spin_unlock_irqrestore(&ec->lock, flags);
+}
+
void acpi_ec_block_transactions(void)
{
struct acpi_ec *ec = first_ec;
@@ -1253,7 +1275,7 @@ acpi_ec_space_handler(u32 function, acpi_physical_address address,
if (function != ACPI_READ && function != ACPI_WRITE)
return AE_BAD_PARAMETER;
- if (ec_busy_polling || bits > 8)
+ if (ec->busy_polling || bits > 8)
acpi_ec_burst_enable(ec);
for (i = 0; i < bytes; ++i, ++address, ++value)
@@ -1261,7 +1283,7 @@ acpi_ec_space_handler(u32 function, acpi_physical_address address,
acpi_ec_read(ec, address, value) :
acpi_ec_write(ec, address, *value);
- if (ec_busy_polling || bits > 8)
+ if (ec->busy_polling || bits > 8)
acpi_ec_burst_disable(ec);
switch (result) {
@@ -1304,6 +1326,8 @@ static struct acpi_ec *acpi_ec_alloc(void)
spin_lock_init(&ec->lock);
INIT_WORK(&ec->work, acpi_ec_event_handler);
ec->timestamp = jiffies;
+ ec->busy_polling = true;
+ ec->polling_guard = 0;
return ec;
}
@@ -1365,6 +1389,7 @@ static int ec_install_handlers(struct acpi_ec *ec, bool handle_events)
acpi_ec_start(ec, false);
if (!test_bit(EC_FLAGS_EC_HANDLER_INSTALLED, &ec->flags)) {
+ acpi_ec_enter_noirq(ec);
status = acpi_install_address_space_handler(ec->handle,
ACPI_ADR_SPACE_EC,
&acpi_ec_space_handler,
@@ -1404,6 +1429,7 @@ static int ec_install_handlers(struct acpi_ec *ec, bool handle_events)
/* This is not fatal as we can poll EC events */
if (ACPI_SUCCESS(status)) {
set_bit(EC_FLAGS_GPE_HANDLER_INSTALLED, &ec->flags);
+ acpi_ec_leave_noirq(ec);
if (test_bit(EC_FLAGS_STARTED, &ec->flags) &&
ec->reference_count >= 1)
acpi_ec_enable_gpe(ec, true);
@@ -1786,34 +1812,6 @@ int __init acpi_ec_ecdt_probe(void)
}
#ifdef CONFIG_PM_SLEEP
-static void acpi_ec_enter_noirq(struct acpi_ec *ec)
-{
- unsigned long flags;
-
- if (ec == first_ec) {
- spin_lock_irqsave(&ec->lock, flags);
- ec->saved_busy_polling = ec_busy_polling;
- ec->saved_polling_guard = ec_polling_guard;
- ec_busy_polling = true;
- ec_polling_guard = 0;
- ec_log_drv("interrupt blocked");
- spin_unlock_irqrestore(&ec->lock, flags);
- }
-}
-
-static void acpi_ec_leave_noirq(struct acpi_ec *ec)
-{
- unsigned long flags;
-
- if (ec == first_ec) {
- spin_lock_irqsave(&ec->lock, flags);
- ec_busy_polling = ec->saved_busy_polling;
- ec_polling_guard = ec->saved_polling_guard;
- ec_log_drv("interrupt unblocked");
- spin_unlock_irqrestore(&ec->lock, flags);
- }
-}
-
static int acpi_ec_suspend_noirq(struct device *dev)
{
struct acpi_ec *ec =
diff --git a/drivers/acpi/internal.h b/drivers/acpi/internal.h
index 0c452265c111..219b90bc0922 100644
--- a/drivers/acpi/internal.h
+++ b/drivers/acpi/internal.h
@@ -172,8 +172,8 @@ struct acpi_ec {
struct work_struct work;
unsigned long timestamp;
unsigned long nr_pending_queries;
- bool saved_busy_polling;
- unsigned int saved_polling_guard;
+ bool busy_polling;
+ unsigned int polling_guard;
};
extern struct acpi_ec *first_ec;
--
2.11.0

106
debian/patches/bugfix/all/firmware-remove-redundant-log-messages-from-drivers.patch vendored
View File

@ -53,7 +53,7 @@ upstream submission.
/* disable MPU */
--- a/arch/x86/kernel/cpu/microcode/amd.c
+++ b/arch/x86/kernel/cpu/microcode/amd.c
@@ -918,10 +918,8 @@ static enum ucode_state request_microcod
@@ -734,10 +734,8 @@ static enum ucode_state request_microcod
if (c->x86 >= 0x15)
snprintf(fw_name, sizeof(fw_name), "amd-ucode/microcode_amd_fam%.2xh.bin", c->x86);
@ -96,7 +96,7 @@ upstream submission.
fw_size = firmware->size / sizeof(u32);
--- a/drivers/bluetooth/ath3k.c
+++ b/drivers/bluetooth/ath3k.c
@@ -422,10 +422,8 @@ static int ath3k_load_patch(struct usb_d
@@ -424,10 +424,8 @@ static int ath3k_load_patch(struct usb_d
le32_to_cpu(fw_version.rom_version));
ret = request_firmware(&firmware, filename, &udev->dev);
@ -108,7 +108,7 @@ upstream submission.
pt_rom_version = get_unaligned_le32(firmware->data +
firmware->size - 8);
@@ -485,10 +483,8 @@ static int ath3k_load_syscfg(struct usb_
@@ -487,10 +485,8 @@ static int ath3k_load_syscfg(struct usb_
le32_to_cpu(fw_version.rom_version), clk_value, ".dfu");
ret = request_firmware(&firmware, filename, &udev->dev);
@ -233,7 +233,7 @@ upstream submission.
where = 0;
--- a/drivers/gpu/drm/nouveau/nvkm/engine/gr/gf100.c
+++ b/drivers/gpu/drm/nouveau/nvkm/engine/gr/gf100.c
@@ -1793,10 +1793,8 @@ gf100_gr_ctor_fw_legacy(struct gf100_gr
@@ -1821,10 +1821,8 @@ gf100_gr_ctor_fw_legacy(struct gf100_gr
if (ret) {
snprintf(f, sizeof(f), "nouveau/%s", fwname);
ret = request_firmware(&fw, f, device->dev);
@ -364,9 +364,9 @@ upstream submission.
+ if (request_firmware(&state->frontend_firmware, "dib9090.fw", &adap->dev->udev->dev))
return -ENODEV;
- } else {
- deb_info("%s: firmware read %Zu bytes.\n", __func__, state->frontend_firmware->size);
- deb_info("%s: firmware read %zu bytes.\n", __func__, state->frontend_firmware->size);
- }
+ deb_info("%s: firmware read %Zu bytes.\n", __func__, state->frontend_firmware->size);
+ deb_info("%s: firmware read %zu bytes.\n", __func__, state->frontend_firmware->size);
stk9090m_config.microcode_B_fe_size = state->frontend_firmware->size;
stk9090m_config.microcode_B_fe_buffer = state->frontend_firmware->data;
@ -379,15 +379,15 @@ upstream submission.
+ if (request_firmware(&state->frontend_firmware, "dib9090.fw", &adap->dev->udev->dev))
return -EIO;
- } else {
- deb_info("%s: firmware read %Zu bytes.\n", __func__, state->frontend_firmware->size);
- deb_info("%s: firmware read %zu bytes.\n", __func__, state->frontend_firmware->size);
- }
+ deb_info("%s: firmware read %Zu bytes.\n", __func__, state->frontend_firmware->size);
+ deb_info("%s: firmware read %zu bytes.\n", __func__, state->frontend_firmware->size);
nim9090md_config[0].microcode_B_fe_size = state->frontend_firmware->size;
nim9090md_config[0].microcode_B_fe_buffer = state->frontend_firmware->data;
nim9090md_config[1].microcode_B_fe_size = state->frontend_firmware->size;
--- a/drivers/media/usb/dvb-usb/dvb-usb-firmware.c
+++ b/drivers/media/usb/dvb-usb/dvb-usb-firmware.c
@@ -79,13 +79,9 @@ int dvb_usb_download_firmware(struct usb
@@ -88,13 +88,9 @@ int dvb_usb_download_firmware(struct usb
int ret;
const struct firmware *fw = NULL;
@ -439,7 +439,7 @@ upstream submission.
p = kmalloc(fw->size, GFP_KERNEL);
--- a/drivers/media/dvb-frontends/af9013.c
+++ b/drivers/media/dvb-frontends/af9013.c
@@ -1380,16 +1380,8 @@ static int af9013_download_firmware(stru
@@ -1376,16 +1376,8 @@ static int af9013_download_firmware(stru
/* request the firmware, this will block and timeout */
ret = request_firmware(&fw, fw_file, state->i2c->dev.parent);
@ -491,7 +491,7 @@ upstream submission.
* during loading */
--- a/drivers/media/dvb-frontends/drxd_hard.c
+++ b/drivers/media/dvb-frontends/drxd_hard.c
@@ -905,10 +905,8 @@ static int load_firmware(struct drxd_sta
@@ -901,10 +901,8 @@ static int load_firmware(struct drxd_sta
{
const struct firmware *fw;
@ -505,7 +505,7 @@ upstream submission.
if (state->microcode == NULL) {
--- a/drivers/media/dvb-frontends/drxk_hard.c
+++ b/drivers/media/dvb-frontends/drxk_hard.c
@@ -6284,10 +6284,6 @@ static void load_firmware_cb(const struc
@@ -6280,10 +6280,6 @@ static void load_firmware_cb(const struc
dprintk(1, ": %s\n", fw ? "firmware loaded" : "firmware not loaded");
if (!fw) {
@ -534,7 +534,7 @@ upstream submission.
if (ret)
--- a/drivers/media/dvb-frontends/nxt200x.c
+++ b/drivers/media/dvb-frontends/nxt200x.c
@@ -890,12 +890,8 @@ static int nxt2002_init(struct dvb_front
@@ -886,12 +886,8 @@ static int nxt2002_init(struct dvb_front
__func__, NXT2002_DEFAULT_FIRMWARE);
ret = request_firmware(&fw, NXT2002_DEFAULT_FIRMWARE,
state->i2c->dev.parent);
@ -548,7 +548,7 @@ upstream submission.
ret = nxt2002_load_firmware(fe, fw);
release_firmware(fw);
@@ -957,12 +953,8 @@ static int nxt2004_init(struct dvb_front
@@ -953,12 +949,8 @@ static int nxt2004_init(struct dvb_front
__func__, NXT2004_DEFAULT_FIRMWARE);
ret = request_firmware(&fw, NXT2004_DEFAULT_FIRMWARE,
state->i2c->dev.parent);
@ -564,7 +564,7 @@ upstream submission.
release_firmware(fw);
--- a/drivers/media/dvb-frontends/or51132.c
+++ b/drivers/media/dvb-frontends/or51132.c
@@ -341,10 +341,8 @@ static int or51132_set_parameters(struct
@@ -337,10 +337,8 @@ static int or51132_set_parameters(struct
printk("or51132: Waiting for firmware upload(%s)...\n",
fwname);
ret = request_firmware(&fw, fwname, state->i2c->dev.parent);
@ -578,7 +578,7 @@ upstream submission.
if (ret) {
--- a/drivers/media/dvb-frontends/or51211.c
+++ b/drivers/media/dvb-frontends/or51211.c
@@ -375,11 +375,8 @@ static int or51211_init(struct dvb_front
@@ -371,11 +371,8 @@ static int or51211_init(struct dvb_front
OR51211_DEFAULT_FIRMWARE);
ret = config->request_firmware(fe, &fw,
OR51211_DEFAULT_FIRMWARE);
@ -629,7 +629,7 @@ upstream submission.
- __func__);
return -EIO;
} else {
printk(KERN_INFO "%s: firmware read %Zu bytes.\n",
printk(KERN_INFO "%s: firmware read %zu bytes.\n",
--- a/drivers/media/dvb-frontends/tda1004x.c
+++ b/drivers/media/dvb-frontends/tda1004x.c
@@ -401,10 +401,8 @@ static int tda10045_fwupload(struct dvb_
@ -670,7 +670,7 @@ upstream submission.
for (i = 0; i < ARRAY_SIZE(tab2); i++) {
--- a/drivers/media/pci/ngene/ngene-core.c
+++ b/drivers/media/pci/ngene/ngene-core.c
@@ -1260,13 +1260,8 @@ static int ngene_load_firm(struct ngene
@@ -1256,13 +1256,8 @@ static int ngene_load_firm(struct ngene
break;
}
@ -685,7 +685,7 @@ upstream submission.
if (size == 0)
size = fw->size;
if (size != fw->size) {
@@ -1274,8 +1269,6 @@ static int ngene_load_firm(struct ngene
@@ -1270,8 +1265,6 @@ static int ngene_load_firm(struct ngene
": Firmware %s has invalid size!", fw_name);
err = -1;
} else {
@ -696,7 +696,7 @@ upstream submission.
}
--- a/drivers/media/common/siano/smscoreapi.c
+++ b/drivers/media/common/siano/smscoreapi.c
@@ -1162,10 +1162,8 @@ static int smscore_load_firmware_from_fi
@@ -1158,10 +1158,8 @@ static int smscore_load_firmware_from_fi
return -EINVAL;
rc = request_firmware(&fw, fw_filename, coredev->device);
@ -710,7 +710,7 @@ upstream submission.
SMS_ALLOC_ALIGNMENT), GFP_KERNEL | GFP_DMA);
--- a/drivers/media/pci/ttpci/av7110.c
+++ b/drivers/media/pci/ttpci/av7110.c
@@ -1513,13 +1513,8 @@ static int get_firmware(struct av7110* a
@@ -1510,13 +1510,8 @@ static int get_firmware(struct av7110* a
/* request the av7110 firmware, this will block until someone uploads it */
ret = request_firmware(&fw, "dvb-ttpci-01.fw", &av7110->dev->pci->dev);
if (ret) {
@ -728,7 +728,7 @@ upstream submission.
--- a/drivers/media/pci/ttpci/av7110_hw.c
+++ b/drivers/media/pci/ttpci/av7110_hw.c
@@ -250,11 +250,8 @@ int av7110_bootarm(struct av7110 *av7110
@@ -247,11 +247,8 @@ int av7110_bootarm(struct av7110 *av7110
//saa7146_setgpio(dev, 3, SAA7146_GPIO_INPUT);
ret = request_firmware(&fw, fw_name, &dev->pci->dev);
@ -757,7 +757,7 @@ upstream submission.
b[0] = 0xaa;
--- a/drivers/media/usb/ttusb-dec/ttusb_dec.c
+++ b/drivers/media/usb/ttusb-dec/ttusb_dec.c
@@ -1348,11 +1348,8 @@ static int ttusb_dec_boot_dsp(struct ttu
@@ -1344,11 +1344,8 @@ static int ttusb_dec_boot_dsp(struct ttu
dprintk("%s\n", __func__);
result = request_firmware(&fw_entry, dec->firmware_name, &dec->udev->dev);
@ -772,7 +772,7 @@ upstream submission.
firmware_size = fw_entry->size;
--- a/drivers/media/radio/radio-wl1273.c
+++ b/drivers/media/radio/radio-wl1273.c
@@ -514,11 +514,8 @@ static int wl1273_fm_upload_firmware_pat
@@ -510,11 +510,8 @@ static int wl1273_fm_upload_firmware_pat
* Uploading the firmware patch is not always necessary,
* so we only print an info message.
*/
@ -787,7 +787,7 @@ upstream submission.
packet_num = ptr[0];
--- a/drivers/media/radio/wl128x/fmdrv_common.c
+++ b/drivers/media/radio/wl128x/fmdrv_common.c
@@ -1246,10 +1246,8 @@ static int fm_download_firmware(struct f
@@ -1242,10 +1242,8 @@ static int fm_download_firmware(struct f
ret = request_firmware(&fw_entry, fw_name,
&fmdev->radio_dev->dev);
@ -815,7 +815,7 @@ upstream submission.
btv->c.nr, (rc < 0) ? "failed" : "ok");
--- a/drivers/media/usb/cpia2/cpia2_core.c
+++ b/drivers/media/usb/cpia2/cpia2_core.c
@@ -907,11 +907,8 @@ static int apply_vp_patch(struct camera_
@@ -904,11 +904,8 @@ static int apply_vp_patch(struct camera_
struct cpia2_command cmd;
ret = request_firmware(&fw, fw_name, &cam->dev->dev);
@ -830,7 +830,7 @@ upstream submission.
cmd.direction = TRANSFER_WRITE;
--- a/drivers/media/pci/cx18/cx18-av-firmware.c
+++ b/drivers/media/pci/cx18/cx18-av-firmware.c
@@ -84,10 +84,8 @@ int cx18_av_loadfw(struct cx18 *cx)
@@ -79,10 +79,8 @@ int cx18_av_loadfw(struct cx18 *cx)
int i;
int retries1 = 0;
@ -844,7 +844,7 @@ upstream submission.
retries, both at byte level and at the firmware load level. */
--- a/drivers/media/pci/cx18/cx18-dvb.c
+++ b/drivers/media/pci/cx18/cx18-dvb.c
@@ -141,9 +141,7 @@ static int yuan_mpc718_mt352_reqfw(struc
@@ -137,9 +137,7 @@ static int yuan_mpc718_mt352_reqfw(struc
int ret;
ret = request_firmware(fw, fn, &cx->pci_dev->dev);
@ -857,7 +857,7 @@ upstream submission.
CX18_ERR("Firmware %s has a bad size: %lu bytes\n",
--- a/drivers/media/pci/cx18/cx18-firmware.c
+++ b/drivers/media/pci/cx18/cx18-firmware.c
@@ -106,11 +106,8 @@ static int load_cpu_fw_direct(const char
@@ -101,11 +101,8 @@ static int load_cpu_fw_direct(const char
u32 __iomem *dst = (u32 __iomem *)mem;
const u32 *src;
@ -870,7 +870,7 @@ upstream submission.
src = (const u32 *)fw->data;
@@ -151,8 +148,6 @@ static int load_apu_fw_direct(const char
@@ -146,8 +143,6 @@ static int load_apu_fw_direct(const char
int sz;
if (request_firmware(&fw, fn, &cx->pci_dev->dev)) {
@ -881,7 +881,7 @@ upstream submission.
}
--- a/drivers/media/usb/cx231xx/cx231xx-417.c
+++ b/drivers/media/usb/cx231xx/cx231xx-417.c
@@ -999,11 +999,6 @@ static int cx231xx_load_firmware(struct
@@ -995,11 +995,6 @@ static int cx231xx_load_firmware(struct
dev->dev);
if (retval != 0) {
@ -925,7 +925,7 @@ upstream submission.
release_firmware(fw);
--- a/drivers/media/i2c/cx25840/cx25840-firmware.c
+++ b/drivers/media/i2c/cx25840/cx25840-firmware.c
@@ -126,10 +126,8 @@ int cx25840_loadfw(struct i2c_client *cl
@@ -122,10 +122,8 @@ int cx25840_loadfw(struct i2c_client *cl
if (is_cx231xx(state) && max_buf_size > 16)
max_buf_size = 16;
@ -955,7 +955,7 @@ upstream submission.
pr_err("Firmware size mismatch (have %zd, expected %d)\n",
--- a/drivers/media/usb/gspca/vicam.c
+++ b/drivers/media/usb/gspca/vicam.c
@@ -243,10 +243,8 @@ static int sd_init(struct gspca_dev *gsp
@@ -239,10 +239,8 @@ static int sd_init(struct gspca_dev *gsp
ret = request_ihex_firmware(&fw, VICAM_FIRMWARE,
&gspca_dev->dev->dev);
@ -980,7 +980,7 @@ upstream submission.
--- a/drivers/media/usb/pvrusb2/pvrusb2-hdw.c
+++ b/drivers/media/usb/pvrusb2/pvrusb2-hdw.c
@@ -1381,25 +1381,6 @@ static int pvr2_locate_firmware(struct p
@@ -1377,25 +1377,6 @@ static int pvr2_locate_firmware(struct p
"request_firmware fatal error with code=%d",ret);
return ret;
}
@ -1008,7 +1008,7 @@ upstream submission.
--- a/drivers/media/usb/s2255/s2255drv.c
+++ b/drivers/media/usb/s2255/s2255drv.c
@@ -2308,10 +2308,8 @@ static int s2255_probe(struct usb_interf
@@ -2304,10 +2304,8 @@ static int s2255_probe(struct usb_interf
}
/* load the first chunk */
if (request_firmware(&dev->fw_data->fw,
@ -1036,7 +1036,7 @@ upstream submission.
release_firmware(fw_blob);
--- a/drivers/media/pci/saa7164/saa7164-fw.c
+++ b/drivers/media/pci/saa7164/saa7164-fw.c
@@ -420,11 +420,8 @@ int saa7164_downloadfirmware(struct saa7
@@ -416,11 +416,8 @@ int saa7164_downloadfirmware(struct saa7
__func__, fwname);
ret = request_firmware(&fw, fwname, &dev->pci->dev);
@ -1047,7 +1047,7 @@ upstream submission.
return -ENOMEM;
- }
printk(KERN_INFO "%s() firmware read %Zu bytes.\n",
printk(KERN_INFO "%s() firmware read %zu bytes.\n",
__func__, fw->size);
--- a/drivers/misc/ti-st/st_kim.c
+++ b/drivers/misc/ti-st/st_kim.c
@ -1161,7 +1161,7 @@ upstream submission.
if (bp->mips_firmware->size < sizeof(*mips_fw) ||
--- a/drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c
+++ b/drivers/net/ethernet/broadcom/bnx2x/bnx2x_main.c
@@ -13492,11 +13492,8 @@ static int bnx2x_init_firmware(struct bn
@@ -13490,11 +13490,8 @@ static int bnx2x_init_firmware(struct bn
BNX2X_DEV_INFO("Loading %s\n", fw_file_name);
rc = request_firmware(&bp->firmware, fw_file_name, &bp->pdev->dev);
@ -1176,7 +1176,7 @@ upstream submission.
if (rc) {
--- a/drivers/net/ethernet/broadcom/tg3.c
+++ b/drivers/net/ethernet/broadcom/tg3.c
@@ -11349,11 +11349,8 @@ static int tg3_request_firmware(struct t
@@ -11350,11 +11350,8 @@ static int tg3_request_firmware(struct t
{
const struct tg3_firmware_hdr *fw_hdr;
@ -1259,7 +1259,7 @@ upstream submission.
netif_info(nic, probe, nic->netdev,
--- a/drivers/net/ethernet/myricom/myri10ge/myri10ge.c
+++ b/drivers/net/ethernet/myricom/myri10ge/myri10ge.c
@@ -596,8 +596,6 @@ static int myri10ge_load_hotplug_firmwar
@@ -581,8 +581,6 @@ static int myri10ge_load_hotplug_firmwar
unsigned i;
if ((status = request_firmware(&fw, mgp->fw_name, dev)) < 0) {
@ -1270,7 +1270,7 @@ upstream submission.
}
--- a/drivers/net/ethernet/smsc/smc91c92_cs.c
+++ b/drivers/net/ethernet/smsc/smc91c92_cs.c
@@ -646,10 +646,8 @@ static int osi_load_firmware(struct pcmc
@@ -647,10 +647,8 @@ static int osi_load_firmware(struct pcmc
int i, err;
err = request_firmware(&fw, FIRMWARE_NAME, &link->dev);
@ -1509,13 +1509,13 @@ upstream submission.
else
--- a/drivers/net/wireless/intel/iwlwifi/iwl-drv.c
+++ b/drivers/net/wireless/intel/iwlwifi/iwl-drv.c
@@ -224,10 +224,8 @@ static int iwl_request_firmware(struct i
@@ -222,10 +222,8 @@ static int iwl_request_firmware(struct i
sprintf(tag, "%d", drv->fw_index);
}
- if (drv->fw_index < drv->cfg->ucode_api_min) {
- if (drv->fw_index < drv->trans->cfg->ucode_api_min) {
- IWL_ERR(drv, "no suitable firmware found!\n");
+ if (drv->fw_index < drv->cfg->ucode_api_min)
+ if (drv->fw_index < drv->trans->cfg->ucode_api_min)
return -ENOENT;
- }
@ -1534,7 +1534,7 @@ upstream submission.
}
--- a/drivers/net/wireless/marvell/mwifiex/main.c
+++ b/drivers/net/wireless/marvell/mwifiex/main.c
@@ -524,11 +524,8 @@ static void mwifiex_fw_dpc(const struct
@@ -521,11 +521,8 @@ static void mwifiex_fw_dpc(const struct
struct wireless_dev *wdev;
struct completion *fw_done = adapter->fw_done;
@ -1628,7 +1628,7 @@ upstream submission.
--- a/drivers/net/wireless/intersil/orinoco/orinoco_usb.c
+++ b/drivers/net/wireless/intersil/orinoco/orinoco_usb.c
@@ -1667,7 +1667,6 @@ static int ezusb_probe(struct usb_interf
@@ -1665,7 +1665,6 @@ static int ezusb_probe(struct usb_interf
if (ezusb_firmware_download(upriv, &firmware) < 0)
goto error;
} else {
@ -1906,7 +1906,7 @@ upstream submission.
}
--- a/drivers/scsi/qla2xxx/qla_init.c
+++ b/drivers/scsi/qla2xxx/qla_init.c
@@ -5652,8 +5652,6 @@ qla2x00_load_risc(scsi_qla_host_t *vha,
@@ -6420,8 +6420,6 @@ qla2x00_load_risc(scsi_qla_host_t *vha,
/* Load firmware blob. */
blob = qla2x00_request_firmware(vha);
if (!blob) {
@ -1915,7 +1915,7 @@ upstream submission.
ql_log(ql_log_info, vha, 0x0084,
"Firmware images can be retrieved from: "QLA_FW_URL ".\n");
return QLA_FUNCTION_FAILED;
@@ -5755,8 +5753,6 @@ qla24xx_load_risc_blob(scsi_qla_host_t *
@@ -6523,8 +6521,6 @@ qla24xx_load_risc_blob(scsi_qla_host_t *
/* Load firmware blob. */
blob = qla2x00_request_firmware(vha);
if (!blob) {
@ -1941,7 +1941,7 @@ upstream submission.
if (qla82xx_validate_firmware_blob(vha,
--- a/drivers/scsi/qla2xxx/qla_os.c
+++ b/drivers/scsi/qla2xxx/qla_os.c
@@ -5841,8 +5841,6 @@ qla2x00_request_firmware(scsi_qla_host_t
@@ -5956,8 +5956,6 @@ qla2x00_request_firmware(scsi_qla_host_t
goto out;
if (request_firmware(&blob->fw, blob->name, &ha->pdev->dev)) {
@ -2316,7 +2316,7 @@ upstream submission.
}
--- a/drivers/usb/serial/io_edgeport.c
+++ b/drivers/usb/serial/io_edgeport.c
@@ -299,11 +299,8 @@ static void update_edgeport_E2PROM(struc
@@ -379,11 +379,8 @@ static void update_edgeport_E2PROM(struc
response = request_ihex_firmware(&fw, fw_name,
&edge_serial->serial->dev->dev);
@ -2342,7 +2342,7 @@ upstream submission.
--- a/drivers/usb/serial/ti_usb_3410_5052.c
+++ b/drivers/usb/serial/ti_usb_3410_5052.c
@@ -1706,10 +1706,8 @@ static int ti_download_firmware(struct t
@@ -1702,10 +1702,8 @@ static int ti_download_firmware(struct t
}
check_firmware:
@ -2445,7 +2445,7 @@ upstream submission.
snd_printk(KERN_INFO "sscape: MIDI firmware loaded %zu KBs\n",
--- a/sound/isa/wavefront/wavefront_synth.c
+++ b/sound/isa/wavefront/wavefront_synth.c
@@ -1956,10 +1956,8 @@ wavefront_download_firmware (snd_wavefro
@@ -1957,10 +1957,8 @@ wavefront_download_firmware (snd_wavefro
const struct firmware *firmware;
err = request_firmware(&firmware, path, dev->card->dev);
@ -2499,7 +2499,7 @@ upstream submission.
snd_emu1010_fpga_read(emu, EMU_HANA_ID, &reg);
--- a/sound/pci/hda/hda_intel.c
+++ b/sound/pci/hda/hda_intel.c
@@ -1815,10 +1815,8 @@ static void azx_firmware_cb(const struct
@@ -1827,10 +1827,8 @@ static void azx_firmware_cb(const struct
struct azx *chip = card->private_data;
struct pci_dev *pci = chip->pci;

16
debian/patches/bugfix/all/fs-add-module_softdep-declarations-for-hard-coded-cr.patch vendored
View File

@ -16,22 +16,6 @@ Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
MODULE_LICENSE("GPL");
+MODULE_SOFTDEP("pre: crypto-crc32c");
--- a/fs/cifs/cifsfs.c
+++ b/fs/cifs/cifsfs.c
@@ -1365,5 +1365,13 @@ MODULE_DESCRIPTION
("VFS to access servers complying with the SNIA CIFS Specification "
"e.g. Samba and Windows");
MODULE_VERSION(CIFS_VERSION);
+
+#ifdef CONFIG_CIFS_SMB2
+#define CIFS_SMB2_EXTRA_SOFTDEPS " crypto-aes crypto-cmac crypto-sha256"
+#else
+#define CIFS_SMB2_EXTRA_SOFTDEPS ""
+#endif
+MODULE_SOFTDEP("pre: crypto-arc4 crypto-des crypto-ecb crypto-hmac crypto-md4 crypto-md5" CIFS_SMB2_EXTRA_SOFTDEPS);
+
module_init(init_cifs)
module_exit(exit_cifs)
--- a/fs/crypto/crypto.c
+++ b/fs/crypto/crypto.c
@@ -614,3 +614,4 @@ static void __exit fscrypt_exit(void)

34
debian/patches/bugfix/all/net-packet-fix-overflow-in-check-for-priv-area-size.patch vendored
View File

@ -1,34 +0,0 @@
From: Andrey Konovalov <andreyknvl@google.com>
Date: Wed, 29 Mar 2017 16:11:20 +0200
Subject: net/packet: fix overflow in check for priv area size
Origin: https://patchwork.ozlabs.org/patch/744811/
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-7308
Subtracting tp_sizeof_priv from tp_block_size and casting to int
to check whether one is less then the other doesn't always work
(both of them are unsigned ints).
Compare them as is instead.
Also cast tp_sizeof_priv to u64 before using BLK_PLUS_PRIV, as
it can overflow inside BLK_PLUS_PRIV otherwise.
Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
Acked-by: Eric Dumazet <edumazet@google.com>
---
net/packet/af_packet.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- a/net/packet/af_packet.c
+++ b/net/packet/af_packet.c
@@ -4235,8 +4235,8 @@ static int packet_set_ring(struct sock *
if (unlikely(!PAGE_ALIGNED(req->tp_block_size)))
goto out;
if (po->tp_version >= TPACKET_V3 &&
- (int)(req->tp_block_size -
- BLK_PLUS_PRIV(req_u->req3.tp_sizeof_priv)) <= 0)
+ req->tp_block_size <=
+ BLK_PLUS_PRIV((u64)req_u->req3.tp_sizeof_priv))
goto out;
if (unlikely(req->tp_frame_size < po->tp_hdrlen +
po->tp_reserve))

31
debian/patches/bugfix/all/net-packet-fix-overflow-in-check-for-tp_frame_nr.patch vendored
View File

@ -1,31 +0,0 @@
From: Andrey Konovalov <andreyknvl@google.com>
Date: Wed, 29 Mar 2017 16:11:21 +0200
Subject: net/packet: fix overflow in check for tp_frame_nr
Origin: https://patchwork.ozlabs.org/patch/744812/
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-7308
When calculating rb->frames_per_block * req->tp_block_nr the result
can overflow.
Add a check that tp_block_size * tp_block_nr <= UINT_MAX.
Since frames_per_block <= tp_block_size, the expression would
never overflow.
Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
Acked-by: Eric Dumazet <edumazet@google.com>
---
net/packet/af_packet.c | 2 ++
1 file changed, 2 insertions(+)
--- a/net/packet/af_packet.c
+++ b/net/packet/af_packet.c
@@ -4247,6 +4247,8 @@ static int packet_set_ring(struct sock *
rb->frames_per_block = req->tp_block_size / req->tp_frame_size;
if (unlikely(rb->frames_per_block == 0))
goto out;
+ if (unlikely(req->tp_block_size > UINT_MAX / req->tp_block_nr))
+ goto out;
if (unlikely((rb->frames_per_block * req->tp_block_nr) !=
req->tp_frame_nr))
goto out;

27
debian/patches/bugfix/all/net-packet-fix-overflow-in-check-for-tp_reserve.patch vendored
View File

@ -1,27 +0,0 @@
From: Andrey Konovalov <andreyknvl@google.com>
Date: Wed, 29 Mar 2017 16:11:22 +0200
Subject: net/packet: fix overflow in check for tp_reserve
Origin: https://patchwork.ozlabs.org/patch/744813/
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-7308
When calculating po->tp_hdrlen + po->tp_reserve the result can overflow.
Fix by checking that tp_reserve <= INT_MAX on assign.
Signed-off-by: Andrey Konovalov <andreyknvl@google.com>
Acked-by: Eric Dumazet <edumazet@google.com>
---
net/packet/af_packet.c | 2 ++
1 file changed, 2 insertions(+)
--- a/net/packet/af_packet.c
+++ b/net/packet/af_packet.c
@@ -3702,6 +3702,8 @@ packet_setsockopt(struct socket *sock, i
return -EBUSY;
if (copy_from_user(&val, optval, sizeof(val)))
return -EFAULT;
+ if (val > INT_MAX)
+ return -EINVAL;
po->tp_reserve = val;
return 0;
}

29
debian/patches/bugfix/all/scsi-sg-check-length-passed-to-sg_next_cmd_len.patch vendored
View File

@ -1,29 +0,0 @@
From: peter chang <dpf@google.com>
Date: Wed, 15 Feb 2017 14:11:54 -0800
Subject: scsi: sg: check length passed to SG_NEXT_CMD_LEN
Origin: https://git.kernel.org/cgit/linux/kernel/git/mkp/scsi.git/commit?id=bf33f87dd04c371ea33feb821b60d63d754e3124
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-7187
The user can control the size of the next command passed along, but the
value passed to the ioctl isn't checked against the usable max command
size.
Cc: <stable@vger.kernel.org>
Signed-off-by: Peter Chang <dpf@google.com>
Acked-by: Douglas Gilbert <dgilbert@interlog.com>
Signed-off-by: Martin K. Petersen <martin.petersen@oracle.com>
---
drivers/scsi/sg.c | 2 ++
1 file changed, 2 insertions(+)
--- a/drivers/scsi/sg.c
+++ b/drivers/scsi/sg.c
@@ -998,6 +998,8 @@ sg_ioctl(struct file *filp, unsigned int
result = get_user(val, ip);
if (result)
return result;
+ if (val > SG_MAX_CDB_SIZE)
+ return -ENOMEM;
sfp->next_cmd_len = (val > 0) ? val : 0;
return 0;
case SG_GET_VERSION_NUM:

20
debian/patches/bugfix/all/tools-lib-traceevent-fix-use-of-uninitialized-variables.patch vendored
View File

@ -12,16 +12,6 @@ Fix a number of correct warnings from gcc:
'index' is initialized only if indentation is wanted. Move the
printing of indentation using 'index' into the same if-statement.
> kbuffer-parse.c:339:27: warning: 'length' may be used uninitialized in this function [-Wmaybe-uninitialized]
> kbuf->next = kbuf->index + length;
> ^
> kbuffer-parse.c:297:15: note: 'length' was declared here
> unsigned int length;
> ^
'length' is not initialized when handling an OLD_RINGBUF_TYPE_TIME_EXTEND
record. Based on what trace-cmd does, set length = 0 in this case.
> kbuffer-parse.c: In function 'kbuffer_read_at_offset':
> kbuffer-parse.c:632:9: warning: 'data' may be used uninitialized in this function [-Wmaybe-uninitialized]
> return data;
@ -33,16 +23,6 @@ large.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
---
--- a/tools/lib/traceevent/kbuffer-parse.c
+++ b/tools/lib/traceevent/kbuffer-parse.c
@@ -314,6 +314,7 @@ static unsigned int old_update_pointers(
extend <<= TS_SHIFT;
extend += delta;
delta = extend;
+ length = 0;
ptr += 4;
break;
@@ -613,7 +614,7 @@ unsigned long long kbuffer_timestamp(str
void *kbuffer_read_at_offset(struct kbuffer *kbuf, int offset,
unsigned long long *ts)

34
debian/patches/bugfix/all/xfrm_user-validate-xfrm_msg_newae-incoming-esn-size-harder.patch vendored
View File

@ -1,34 +0,0 @@
From: Andy Whitcroft <apw@canonical.com>
Date: Thu, 23 Mar 2017 07:45:44 +0000
Subject: [PATCH 2/2] xfrm_user: validate XFRM_MSG_NEWAE incoming ESN size
harder
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-7184
Kees Cook has pointed out that xfrm_replay_state_esn_len() is subject to
wrapping issues. To ensure we are correctly ensuring that the two ESN
structures are the same size compare both the overall size as reported
by xfrm_replay_state_esn_len() and the internal length are the same.
CVE-2017-7184
Signed-off-by: Andy Whitcroft <apw@canonical.com>
---
net/xfrm/xfrm_user.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index 81c4112..87e0c22 100644
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -412,7 +412,11 @@ static inline int xfrm_replay_verify_len(struct xfrm_replay_state_esn *replay_es
up = nla_data(rp);
ulen = xfrm_replay_state_esn_len(up);
- if (nla_len(rp) < ulen || xfrm_replay_state_esn_len(replay_esn) != ulen)
+ /* Check the overall length and the internal bitmap length to avoid
+ * potential overflow. */
+ if (nla_len(rp) < ulen ||
+ xfrm_replay_state_esn_len(replay_esn) != ulen ||
+ replay_esn->bmp_len != up->bmp_len)
return -EINVAL;
if (up->replay_window > up->bmp_len * sizeof(__u32) * 8)

42
debian/patches/bugfix/all/xfrm_user-validate-xfrm_msg_newae-xfrma_replay_esn_val-replay_window.patch vendored
View File

@ -1,42 +0,0 @@
From: Andy Whitcroft <apw@canonical.com>
Date: Wed, 22 Mar 2017 07:29:31 +0000
Subject: [PATCH 1/2] xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL
replay_window
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-7184
When a new xfrm state is created during an XFRM_MSG_NEWSA call we validate
the user supplied replay_esn to ensure that the size is valid and to ensure
that the replay_window size is within the allocated buffer. However later
it is possible to update this replay_esn via a XFRM_MSG_NEWAE call.
There we again validate the size of the supplied buffer matches the
existing state and if so inject the contents. We do not at this point
check that the replay_window is within the allocated memory. This leads
to out-of-bounds reads and writes triggered by netlink packets. This leads
to memory corruption and the potential for priviledge escalation.
We already attempt to validate the incoming replay information in
xfrm_new_ae() via xfrm_replay_verify_len(). This confirms that the
user is not trying to change the size of the replay state buffer which
includes the replay_esn. It however does not check the replay_window
remains within that buffer. Add validation of the contained replay_window.
CVE-2017-7184
Signed-off-by: Andy Whitcroft <apw@canonical.com>
---
net/xfrm/xfrm_user.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index 0889209..81c4112 100644
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -415,6 +415,9 @@ static inline int xfrm_replay_verify_len(struct xfrm_replay_state_esn *replay_es
if (nla_len(rp) < ulen || xfrm_replay_state_esn_len(replay_esn) != ulen)
return -EINVAL;
+ if (up->replay_window > up->bmp_len * sizeof(__u32) * 8)
+ return -EINVAL;
+
return 0;
}

2
debian/patches/bugfix/alpha/revert-alpha-move-exports-to-actual-definitions.patch vendored
View File

@ -56,8 +56,8 @@ index bf8475ce85ee..ffd9cf5ec8c4 100644
--- a/arch/alpha/include/asm/Kbuild
+++ b/arch/alpha/include/asm/Kbuild
@@ -3,7 +3,6 @@
generic-y += clkdev.h
generic-y += cputime.h
generic-y += exec.h
-generic-y += export.h
generic-y += irq_work.h

120
debian/patches/bugfix/arm64/rtc-tegra-implement-clock-handling.patch vendored
View File

@ -1,120 +0,0 @@
From: Thierry Reding <treding@nvidia.com>
Date: Thu, 12 Jan 2017 17:07:43 +0100
Subject: rtc: tegra: Implement clock handling
Origin: https://git.kernel.org/linus/5fa4086987506b2ab8c92f8f99f2295db9918856
Bug-Debian: https://bugs.debian.org/858514
Accessing the registers of the RTC block on Tegra requires the module
clock to be enabled. This only works because the RTC module clock will
be enabled by default during early boot. However, because the clock is
unused, the CCF will disable it at late_init time. This causes the RTC
to become unusable afterwards. This can easily be reproduced by trying
to use the RTC:
$ hwclock --rtc /dev/rtc1
This will hang the system. I ran into this by following up on a report
by Martin Michlmayr that reboot wasn't working on Tegra210 systems. It
turns out that the rtc-tegra driver's ->shutdown() implementation will
hang the CPU, because of the disabled clock, before the system can be
rebooted.
What confused me for a while is that the same driver is used on prior
Tegra generations where the hang can not be observed. However, as Peter
De Schrijver pointed out, this is because on 32-bit Tegra chips the RTC
clock is enabled by the tegra20_timer.c clocksource driver, which uses
the RTC to provide a persistent clock. This code is never enabled on
64-bit Tegra because the persistent clock infrastructure does not exist
on 64-bit ARM.
The proper fix for this is to add proper clock handling to the RTC
driver in order to ensure that the clock is enabled when the driver
requires it. All device trees contain the clock already, therefore
no additional changes are required.
Reported-by: Martin Michlmayr <tbm@cyrius.com>
Acked-By Peter De Schrijver <pdeschrijver@nvidia.com>
Signed-off-by: Thierry Reding <treding@nvidia.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@free-electrons.com>
[bwh: Backported to 4.9: adjust context]
---
drivers/rtc/rtc-tegra.c | 28 ++++++++++++++++++++++++++--
1 file changed, 26 insertions(+), 2 deletions(-)
--- a/drivers/rtc/rtc-tegra.c
+++ b/drivers/rtc/rtc-tegra.c
@@ -18,6 +18,7 @@
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
#include <linux/kernel.h>
+#include <linux/clk.h>
#include <linux/init.h>
#include <linux/module.h>
#include <linux/slab.h>
@@ -59,6 +60,7 @@ struct tegra_rtc_info {
struct platform_device *pdev;
struct rtc_device *rtc_dev;
void __iomem *rtc_base; /* NULL if not initialized. */
+ struct clk *clk;
int tegra_rtc_irq; /* alarm and periodic irq */
spinlock_t tegra_rtc_lock;
};
@@ -326,6 +328,14 @@ static int __init tegra_rtc_probe(struct
if (info->tegra_rtc_irq <= 0)
return -EBUSY;
+ info->clk = devm_clk_get(&pdev->dev, NULL);
+ if (IS_ERR(info->clk))
+ return PTR_ERR(info->clk);
+
+ ret = clk_prepare_enable(info->clk);
+ if (ret < 0)
+ return ret;
+
/* set context info. */
info->pdev = pdev;
spin_lock_init(&info->tegra_rtc_lock);
@@ -346,7 +356,7 @@ static int __init tegra_rtc_probe(struct
ret = PTR_ERR(info->rtc_dev);
dev_err(&pdev->dev, "Unable to register device (err=%d).\n",
ret);
- return ret;
+ goto disable_clk;
}
ret = devm_request_irq(&pdev->dev, info->tegra_rtc_irq,
@@ -356,12 +366,25 @@ static int __init tegra_rtc_probe(struct
dev_err(&pdev->dev,
"Unable to request interrupt for device (err=%d).\n",
ret);
- return ret;
+ goto disable_clk;
}
dev_notice(&pdev->dev, "Tegra internal Real Time Clock\n");
return 0;
+
+disable_clk:
+ clk_disable_unprepare(info->clk);
+ return ret;
+}
+
+static int tegra_rtc_remove(struct platform_device *pdev)
+{
+ struct tegra_rtc_info *info = platform_get_drvdata(pdev);
+
+ clk_disable_unprepare(info->clk);
+
+ return 0;
}
#ifdef CONFIG_PM_SLEEP
@@ -413,6 +436,7 @@ static void tegra_rtc_shutdown(struct pl
MODULE_ALIAS("platform:tegra_rtc");
static struct platform_driver tegra_rtc_driver = {
+ .remove = tegra_rtc_remove,
.shutdown = tegra_rtc_shutdown,
.driver = {
.name = "tegra_rtc",

6
debian/patches/bugfix/m68k/revert-m68k-move-exports-to-definitions.patch vendored
View File

@ -96,7 +96,7 @@ index 8dffd36ec4f2..37234c2df47f 100644
-
#define BITS_PER_UNIT 8
typedef int SItype __attribute__ ((mode (SI)));
typedef int SItype __mode(SI);
@@ -58,4 +55,3 @@ __ashldi3 (DItype u, word_type b)
return w.ll;
@ -115,7 +115,7 @@ index e6565a3ee2c3..1d59345f36c6 100644
-
#define BITS_PER_UNIT 8
typedef int SItype __attribute__ ((mode (SI)));
typedef int SItype __mode(SI);
@@ -59,4 +56,3 @@ __ashrdi3 (DItype u, word_type b)
return w.ll;
@ -152,7 +152,7 @@ index 039779737c7d..49e1ec8f2cc2 100644
-
#define BITS_PER_UNIT 8
typedef int SItype __attribute__ ((mode (SI)));
typedef int SItype __mode(SI);
@@ -58,4 +55,3 @@ __lshrdi3 (DItype u, word_type b)
return w.ll;

30
debian/patches/bugfix/sparc/sparc-topology_64.h-fix-condition-for-including-cpudata.h.patch vendored
View File

@ -1,30 +0,0 @@
From: Ben Hutchings <ben@decadent.org.uk>
Date: Wed, 01 Feb 2017 22:45:06 +0000
Subject: sparc: topology_64.h: Fix condition for including cpudata.h
We currently define macros referring to cpu_data if CONFIG_SMP is
defined, but only include the declaration if CONFIG_NUMA is defined.
Fixes: 541cc39433a8 ("sparc: fix a building error reported by kbuild")
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
---
--- a/arch/sparc/include/asm/topology_64.h
+++ b/arch/sparc/include/asm/topology_64.h
@@ -4,7 +4,6 @@
#ifdef CONFIG_NUMA
#include <asm/mmzone.h>
-#include <asm/cpudata.h>
static inline int cpu_to_node(int cpu)
{
@@ -42,6 +41,9 @@ int __node_distance(int, int);
#endif /* !(CONFIG_NUMA) */
#ifdef CONFIG_SMP
+
+#include <asm/cpudata.h>
+
#define topology_physical_package_id(cpu) (cpu_data(cpu).proc_id)
#define topology_core_id(cpu) (cpu_data(cpu).core_id)
#define topology_core_cpumask(cpu) (&cpu_core_sib_map[cpu])

107
debian/patches/bugfix/x86/asoc-intel-select-dw_dmac_core-since-it-s-mandatory.patch vendored
View File

@ -1,107 +0,0 @@
From: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Date: Mon, 16 Jan 2017 15:12:26 +0200
Subject: ASoC: Intel: select DW_DMAC_CORE since it's mandatory
Origin: https://git.kernel.org/linus/ebf79091bf85d9b2270ab29191de9cd3aaf888c5
Bug-Debian: https://bugs.debian.org/851916
Select DW_DMAC_CORE like the rest of glue drivers do, e.g.
drivers/dma/dw/Kconfig.
While here group selectors under SND_SOC_INTEL_HASWELL and
SND_SOC_INTEL_BAYTRAIL.
Make platforms, which are using a common SST firmware driver, to be
dependent on DMADEVICES.
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
Acked-by: Liam Girdwood <liam.r.girdwood@linux.intel.com>
Signed-off-by: Mark Brown <broonie@kernel.org>
---
sound/soc/intel/Kconfig | 31 +++++++++++++------------------
1 file changed, 13 insertions(+), 18 deletions(-)
--- a/sound/soc/intel/Kconfig
+++ b/sound/soc/intel/Kconfig
@@ -33,11 +33,9 @@ config SND_SOC_INTEL_SST
select SND_SOC_INTEL_SST_MATCH if ACPI
depends on (X86 || COMPILE_TEST)
-# firmware stuff depends DW_DMAC_CORE; since there is no depends-on from
-# the reverse selection, each machine driver needs to select
-# SND_SOC_INTEL_SST_FIRMWARE carefully depending on DW_DMAC_CORE
config SND_SOC_INTEL_SST_FIRMWARE
tristate
+ select DW_DMAC_CORE
config SND_SOC_INTEL_SST_ACPI
tristate
@@ -47,16 +45,18 @@ config SND_SOC_INTEL_SST_MATCH
config SND_SOC_INTEL_HASWELL
tristate
+ select SND_SOC_INTEL_SST
select SND_SOC_INTEL_SST_FIRMWARE
config SND_SOC_INTEL_BAYTRAIL
tristate
+ select SND_SOC_INTEL_SST
+ select SND_SOC_INTEL_SST_FIRMWARE
config SND_SOC_INTEL_HASWELL_MACH
tristate "ASoC Audio DSP support for Intel Haswell Lynxpoint"
depends on X86_INTEL_LPSS && I2C && I2C_DESIGNWARE_PLATFORM
- depends on DW_DMAC_CORE
- select SND_SOC_INTEL_SST
+ depends on DMADEVICES
select SND_SOC_INTEL_HASWELL
select SND_SOC_RT5640
help
@@ -99,9 +99,8 @@ config SND_SOC_INTEL_BXT_RT298_MACH
config SND_SOC_INTEL_BYT_RT5640_MACH
tristate "ASoC Audio driver for Intel Baytrail with RT5640 codec"
depends on X86_INTEL_LPSS && I2C
- depends on DW_DMAC_CORE && (SND_SST_IPC_ACPI = n)
- select SND_SOC_INTEL_SST
- select SND_SOC_INTEL_SST_FIRMWARE
+ depends on DMADEVICES
+ depends on SND_SST_IPC_ACPI = n
select SND_SOC_INTEL_BAYTRAIL
select SND_SOC_RT5640
help
@@ -112,9 +111,8 @@ config SND_SOC_INTEL_BYT_RT5640_MACH
config SND_SOC_INTEL_BYT_MAX98090_MACH
tristate "ASoC Audio driver for Intel Baytrail with MAX98090 codec"
depends on X86_INTEL_LPSS && I2C
- depends on DW_DMAC_CORE && (SND_SST_IPC_ACPI = n)
- select SND_SOC_INTEL_SST
- select SND_SOC_INTEL_SST_FIRMWARE
+ depends on DMADEVICES
+ depends on SND_SST_IPC_ACPI = n
select SND_SOC_INTEL_BAYTRAIL
select SND_SOC_MAX98090
help
@@ -123,9 +121,8 @@ config SND_SOC_INTEL_BYT_MAX98090_MACH
config SND_SOC_INTEL_BDW_RT5677_MACH
tristate "ASoC Audio driver for Intel Broadwell with RT5677 codec"
- depends on X86_INTEL_LPSS && GPIOLIB && I2C && DW_DMAC
- depends on DW_DMAC_CORE=y
- select SND_SOC_INTEL_SST
+ depends on X86_INTEL_LPSS && GPIOLIB && I2C
+ depends on DMADEVICES
select SND_SOC_INTEL_HASWELL
select SND_SOC_RT5677
help
@@ -134,10 +131,8 @@ config SND_SOC_INTEL_BDW_RT5677_MACH
config SND_SOC_INTEL_BROADWELL_MACH
tristate "ASoC Audio DSP support for Intel Broadwell Wildcatpoint"
- depends on X86_INTEL_LPSS && I2C && DW_DMAC && \
- I2C_DESIGNWARE_PLATFORM
- depends on DW_DMAC_CORE
- select SND_SOC_INTEL_SST
+ depends on X86_INTEL_LPSS && I2C && I2C_DESIGNWARE_PLATFORM
+ depends on DMADEVICES
select SND_SOC_INTEL_HASWELL
select SND_SOC_RT286
help

33
debian/patches/bugfix/x86/drm-vmwgfx-fix-integer-overflow-in-vmw_surface_define_ioctl.patch vendored
View File

@ -1,33 +0,0 @@
Subject: drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl()
From: Li Qiang <liq3ea@gmail.com>
Date: Tue, 28 Mar 2017 03:10:53 +0000
Origin: https://lists.freedesktop.org/archives/dri-devel/2017-March/137124.html
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-7294
In vmw_surface_define_ioctl(), the 'num_sizes' is the sum of the
'req->mip_levels' array. This array can be assigned any value from
the user space. As both the 'num_sizes' and the array is uint32_t,
it is easy to make 'num_sizes' overflow. The later 'mip_levels' is
used as the loop count. This can lead an oob write. Add the check of
'req->mip_levels' to avoid this.
Signed-off-by: Li Qiang <liqiang6-s@360.cn>
---
drivers/gpu/drm/vmwgfx/vmwgfx_surface.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
--- a/drivers/gpu/drm/vmwgfx/vmwgfx_surface.c
+++ b/drivers/gpu/drm/vmwgfx/vmwgfx_surface.c
@@ -713,8 +713,11 @@ int vmw_surface_define_ioctl(struct drm_
128;
num_sizes = 0;
- for (i = 0; i < DRM_VMW_MAX_SURFACE_FACES; ++i)
+ for (i = 0; i < DRM_VMW_MAX_SURFACE_FACES; ++i) {
+ if (req->mip_levels[i] > DRM_VMW_MAX_MIP_LEVELS)
+ return -EINVAL;
num_sizes += req->mip_levels[i];
+ }
if (num_sizes > DRM_VMW_MAX_SURFACE_FACES * DRM_VMW_MAX_MIP_LEVELS ||
num_sizes == 0)

40
debian/patches/bugfix/x86/kvm-fix-page-struct-leak-in-handle_vmon.patch vendored
View File

@ -1,40 +0,0 @@
From: Paolo Bonzini <pbonzini@redhat.com>
Date: Tue, 24 Jan 2017 11:56:21 +0100
Subject: kvm: fix page struct leak in handle_vmon
Origin: https://git.kernel.org/linus/06ce521af9558814b8606c0476c54497cf83a653
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-2596
handle_vmon gets a reference on VMXON region page,
but does not release it. Release the reference.
Found by syzkaller; based on a patch by Dmitry.
Reported-by: Dmitry Vyukov <dvyukov@google.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
arch/x86/kvm/vmx.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
--- a/arch/x86/kvm/vmx.c
+++ b/arch/x86/kvm/vmx.c
@@ -7085,13 +7085,18 @@ static int nested_vmx_check_vmptr(struct
}
page = nested_get_page(vcpu, vmptr);
- if (page == NULL ||
- *(u32 *)kmap(page) != VMCS12_REVISION) {
+ if (page == NULL) {
nested_vmx_failInvalid(vcpu);
+ return kvm_skip_emulated_instruction(vcpu);
+ }
+ if (*(u32 *)kmap(page) != VMCS12_REVISION) {
kunmap(page);
+ nested_release_page_clean(page);
+ nested_vmx_failInvalid(vcpu);
return kvm_skip_emulated_instruction(vcpu);
}
kunmap(page);
+ nested_release_page_clean(page);
vmx->nested.vmxon_ptr = vmptr;
break;
case EXIT_REASON_VMCLEAR:

79
debian/patches/bugfix/x86/platform-x86-acer-wmi-setup-accelerometer-when-machi.patch vendored
View File

@ -1,79 +0,0 @@
From: "Lee, Chun-Yi" <joeyli.kernel@gmail.com>
Date: Thu, 3 Nov 2016 08:18:52 +0800
Subject: platform/x86: acer-wmi: setup accelerometer when machine has
appropriate notify event
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Origin: https://git.kernel.org/linus/98d610c3739ac354319a6590b915f4624d9151e6
Bug-Debian: https://bugs.debian.org/853067
The accelerometer event relies on the ACERWMID_EVENT_GUID notify.
So, this patch changes the codes to setup accelerometer input device
when detected ACERWMID_EVENT_GUID. It avoids that the accel input
device created on every Acer machines.
In addition, patch adds a clearly parsing logic of accelerometer hid
to acer_wmi_get_handle_cb callback function. It is positive matching
the "SENR" name with "BST0001" device to avoid non-supported hardware.
Reported-by: Bjørn Mork <bjorn@mork.no>
Cc: Darren Hart <dvhart@infradead.org>
Signed-off-by: Lee, Chun-Yi <jlee@suse.com>
[andy: slightly massage commit message]
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com>
---
drivers/platform/x86/acer-wmi.c | 22 ++++++++++++++++++----
1 file changed, 18 insertions(+), 4 deletions(-)
--- a/drivers/platform/x86/acer-wmi.c
+++ b/drivers/platform/x86/acer-wmi.c
@@ -1808,11 +1808,24 @@ static int __init acer_wmi_enable_lm(voi
return status;
}
+#define ACER_WMID_ACCEL_HID "BST0001"
+
static acpi_status __init acer_wmi_get_handle_cb(acpi_handle ah, u32 level,
void *ctx, void **retval)
{
+ struct acpi_device *dev;
+
+ if (!strcmp(ctx, "SENR")) {
+ if (acpi_bus_get_device(ah, &dev))
+ return AE_OK;
+ if (!strcmp(ACER_WMID_ACCEL_HID, acpi_device_hid(dev)))
+ return AE_OK;
+ } else
+ return AE_OK;
+
*(acpi_handle *)retval = ah;
- return AE_OK;
+
+ return AE_CTRL_TERMINATE;
}
static int __init acer_wmi_get_handle(const char *name, const char *prop,
@@ -1839,7 +1852,7 @@ static int __init acer_wmi_accel_setup(v
{
int err;
- err = acer_wmi_get_handle("SENR", "BST0001", &gsensor_handle);
+ err = acer_wmi_get_handle("SENR", ACER_WMID_ACCEL_HID, &gsensor_handle);
if (err)
return err;
@@ -2177,10 +2190,11 @@ static int __init acer_wmi_init(void)
err = acer_wmi_input_setup();
if (err)
return err;
+ err = acer_wmi_accel_setup();
+ if (err)
+ return err;
}
- acer_wmi_accel_setup();
-
err = platform_driver_register(&acer_platform_driver);
if (err) {
pr_err("Unable to register platform driver\n");

29
debian/patches/bugfix/x86/vmwgfx-null-pointer-dereference-in-vmw_surface_define_ioctl.patch vendored
View File

@ -1,29 +0,0 @@
From: Murray McAllister <murray.mcallister@insomniasec.com>
Date: Fri, 24 Mar 2017 20:33:00 -0700
Subject: vmwgfx: NULL pointer dereference in vmw_surface_define_ioctl()
Origin: https://cgit.freedesktop.org/mesa/vmwgfx/commit/?id=e904061d2c8968429954be87ad1cc45526510812
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-7261
Before memory allocations vmw_surface_define_ioctl() checks the
upper-bounds of a user-supplied size, but does not check if the
supplied size is 0.
Add check to avoid NULL pointer dereferences.
Signed-off-by: Murray McAllister <murray.mcallister@insomniasec.com>
Reviewed-by: Sinclair Yeh <syeh@vmware.com>
[bwh: Fix filename]
---
--- a/drivers/gpu/drm/vmwgfx/vmwgfx_surface.c
+++ b/drivers/gpu/drm/vmwgfx/vmwgfx_surface.c
@@ -716,8 +716,8 @@ int vmw_surface_define_ioctl(struct drm_
for (i = 0; i < DRM_VMW_MAX_SURFACE_FACES; ++i)
num_sizes += req->mip_levels[i];
- if (num_sizes > DRM_VMW_MAX_SURFACE_FACES *
- DRM_VMW_MAX_MIP_LEVELS)
+ if (num_sizes > DRM_VMW_MAX_SURFACE_FACES * DRM_VMW_MAX_MIP_LEVELS ||
+ num_sizes == 0)
return -EINVAL;
size = vmw_user_surface_size + 128 +

57
debian/patches/bugfix/x86/x86-xen-fix-apic-id-mismatch-warning-on-intel.patch vendored
View File

@ -1,57 +0,0 @@
From: Mohit Gambhir <mohit.gambhir@oracle.com>
Date: Thu, 26 Jan 2017 13:12:27 -0500
Subject: x86/xen: Fix APIC id mismatch warning on Intel
Origin: https://git.kernel.org/linus/cc272163ea554a97dac180fa8dd6cd54c2810bd1
Bug-Debian: https://bugs.debian.org/853193
This patch fixes the following warning message seen when booting the
kernel as Dom0 with Xen on Intel machines.
[0.003000] [Firmware Bug]: CPU1: APIC id mismatch. Firmware: 0 APIC: 1]
The code generating the warning in validate_apic_and_package_id() matches
cpu_data(cpu).apicid (initialized in init_intel()->
detect_extended_topology() using cpuid) against the apicid returned from
xen_apic_read(). Now, xen_apic_read() makes a hypercall to retrieve apicid
for the boot cpu but returns 0 otherwise. Hence the warning gets thrown
for all but the boot cpu.
The idea behind xen_apic_read() returning 0 for apicid is that the
guests (even Dom0) should not need to know what physical processor their
vcpus are running on. This is because we currently do not have topology
information in Xen and also because xen allows more vcpus than physical
processors. However, boot cpu's apicid is required for loading
xen-acpi-processor driver on AMD machines. Look at following patch for
details:
commit 558daa289a40 ("xen/apic: Return the APIC ID (and version) for CPU
0.")
So to get rid of the warning, this patch modifies
xen_cpu_present_to_apicid() to return cpu_data(cpu).apicid instead of
calling xen_apic_read().
The warning is not seen on AMD machines because init_amd() populates
cpu_data(cpu).apicid by calling hard_smp_processor_id()->xen_apic_read()
as opposed to using apicid from cpuid as is done on Intel machines.
Signed-off-by: Mohit Gambhir <mohit.gambhir@oracle.com>
Reviewed-by: Juergen Gross <jgross@suse.com>
Signed-off-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
---
arch/x86/xen/apic.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/arch/x86/xen/apic.c b/arch/x86/xen/apic.c
index 44c88ad1841a..bcea81f36fc5 100644
--- a/arch/x86/xen/apic.c
+++ b/arch/x86/xen/apic.c
@@ -145,7 +145,7 @@ static void xen_silent_inquire(int apicid)
static int xen_cpu_present_to_apicid(int cpu)
{
if (cpu_present(cpu))
- return xen_get_apic_id(xen_apic_read(APIC_ID));
+ return cpu_data(cpu).apicid;
else
return BAD_APICID;
}

2
debian/patches/debian/amd64-don-t-warn-about-expected-w+x-pages-on-xen.patch vendored
View File

@ -19,8 +19,8 @@ other W+X cases. So add a condition to the WARN_ON.
#include <linux/seq_file.h>
+#include <xen/xen.h>
#include <asm/kasan.h>
#include <asm/pgtable.h>
@@ -220,7 +221,7 @@ static void note_page(struct seq_file *m
pgprotval_t pr = pgprot_val(st->current_prot);

2
debian/patches/debian/fjes-disable-autoload.patch vendored
View File

@ -13,7 +13,7 @@ auto-loading.
--- a/drivers/net/fjes/fjes_main.c
+++ b/drivers/net/fjes/fjes_main.c
@@ -81,7 +81,7 @@ static const struct acpi_device_id fjes_
{"PNP0C02", 0},
{ACPI_MOTHERBOARD_RESOURCE_HID, 0},
{"", 0},
};
-MODULE_DEVICE_TABLE(acpi, fjes_acpi_ids);

2
debian/patches/debian/kernelvariables.patch vendored
View File

@ -58,7 +58,7 @@ use of $(ARCH) needs to be moved after this.
export KCONFIG_CONFIG
@@ -373,6 +337,44 @@ LDFLAGS_vmlinux =
CFLAGS_GCOV = -fprofile-arcs -ftest-coverage -fno-tree-loop-im -Wno-maybe-uninitialized
CFLAGS_GCOV := -fprofile-arcs -ftest-coverage -fno-tree-loop-im $(call cc-disable-warning,maybe-uninitialized,)
CFLAGS_KCOV := $(call cc-option,-fsanitize-coverage=trace-pc,)
+-include $(obj)/.kernelvariables

4
debian/patches/debian/sched-autogroup-disabled.patch vendored
View File

@ -6,8 +6,8 @@ Forwarded: not-needed
We want to provide the option of autogrouping but without enabling
it by default yet.
--- a/kernel/sched/auto_group.c
+++ b/kernel/sched/auto_group.c
--- a/kernel/sched/autogroup.c
+++ b/kernel/sched/autogroup.c
@@ -9,7 +9,7 @@
#include <linux/security.h>
#include <linux/export.h>

21
debian/patches/debian/time-mark-timer_stats-as-broken.patch vendored
View File

@ -1,21 +0,0 @@
From: Ben Hutchings <ben@decadent.org.uk>
Date: Sun, 26 Feb 2017 21:01:50 +0000
Subject: time: Mark TIMER_STATS as broken
Forwarded: not-needed
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-5967
This is a substitute for upstream commit dfb4357da6dd "time: Remove
CONFIG_TIMER_STATS", which avoids the need to resolve conflicts with
the PREEMPT_RT patch series.
---
--- a/lib/Kconfig.debug
+++ b/lib/Kconfig.debug
@@ -964,6 +964,7 @@ config DEBUG_TIMEKEEPING
config TIMER_STATS
bool "Collect kernel timers statistics"
depends on DEBUG_KERNEL && PROC_FS
+ depends on BROKEN
help
If you say Y here, additional code will be inserted into the
timer routines to collect statistics about kernel timers being

5
debian/patches/debian/tools-perf-version.patch vendored
View File

@ -9,7 +9,7 @@ version-dependent name. And do the same for trace.]
--- a/tools/perf/Makefile.perf
+++ b/tools/perf/Makefile.perf
@@ -649,22 +649,22 @@ endif
@@ -649,23 +649,23 @@ endif
install-tools: all install-gtk
$(call QUIET_INSTALL, binaries) \
$(INSTALL) -d -m 755 '$(DESTDIR_SQ)$(bindir_SQ)'; \
@ -31,6 +31,7 @@ version-dependent name. And do the same for trace.]
endif
ifndef NO_JVMTI
$(call QUIET_INSTALL, $(LIBJVMTI)) \
$(INSTALL) -d -m 755 '$(DESTDIR_SQ)$(libdir_SQ)'; \
$(INSTALL) $(OUTPUT)$(LIBJVMTI) '$(DESTDIR_SQ)$(libdir_SQ)';
endif
- $(call QUIET_INSTALL, libexec) \
@ -84,9 +85,9 @@ version-dependent name. And do the same for trace.]
--- a/tools/perf/util/Build
+++ b/tools/perf/util/Build
@@ -162,6 +162,7 @@ CFLAGS_rbtree.o += -Wno-unused-pa
CFLAGS_libstring.o += -Wno-unused-parameter -DETC_PERFCONFIG="BUILD_STR($(ETC_PERFCONFIG_SQ))"
CFLAGS_hweight.o += -Wno-unused-parameter -DETC_PERFCONFIG="BUILD_STR($(ETC_PERFCONFIG_SQ))"
CFLAGS_parse-events.o += -Wno-redundant-decls
CFLAGS_header.o += -include $(OUTPUT)PERF-VERSION-FILE
+CFLAGS_vdso.o += -DPERFEXECDIR='"$(perfexec_instdir_SQ)"'
$(OUTPUT)util/kallsyms.o: ../lib/symbol/kallsyms.c FORCE

8
debian/patches/debian/version.patch vendored
View File

@ -48,8 +48,8 @@ are set.
--- a/arch/x86/um/sysrq_64.c
+++ b/arch/x86/um/sysrq_64.c
@@ -8,6 +8,7 @@
#include <linux/module.h>
#include <linux/sched.h>
#include <linux/sched/debug.h>
#include <linux/utsname.h>
+#include <generated/package.h>
#include <asm/current.h>
@ -114,9 +114,9 @@ are set.
--- a/kernel/printk/printk.c
+++ b/kernel/printk/printk.c
@@ -45,6 +45,7 @@
#include <linux/utsname.h>
#include <linux/ctype.h>
#include <linux/uio.h>
#include <linux/sched/clock.h>
#include <linux/sched/debug.h>
#include <linux/sched/task_stack.h>
+#include <generated/package.h>
#include <linux/uaccess.h>

2
debian/patches/debian/yama-disable-by-default.patch vendored
View File

@ -21,6 +21,6 @@ Forwarded: not-needed
{
- pr_info("Yama: becoming mindful.\n");
+ pr_info("Yama: disabled by default; enable with sysctl kernel.yama.*\n");
security_add_hooks(yama_hooks, ARRAY_SIZE(yama_hooks));
security_add_hooks(yama_hooks, ARRAY_SIZE(yama_hooks), "yama");
yama_init_sysctl();
}

8
debian/patches/features/all/aufs4/aufs4-mmap.patch vendored
View File

@ -150,7 +150,7 @@ index 295bd7a..14fa1c8 100644
+++ b/mm/Makefile
@@ -37,7 +37,7 @@ obj-y := filemap.o mempool.o oom_kill.o \
mm_init.o mmu_context.o percpu.o slab_common.o \
compaction.o vmacache.o \
compaction.o vmacache.o swap_slots.o \
interval_tree.o list_lru.o workingset.o \
- debug.o $(mmu-y)
+ prfile.o debug.o $(mmu-y)
@ -165,8 +165,8 @@ index b772a33..1c11f45 100644
int ret = VM_FAULT_LOCKED;
sb_start_pagefault(inode->i_sb);
- file_update_time(vma->vm_file);
+ vma_file_update_time(vma);
- file_update_time(vmf->vma->vm_file);
+ vma_file_update_time(vmf->vma);
lock_page(page);
if (page->mapping != inode->i_mapping) {
unlock_page(page);
@ -238,7 +238,7 @@ index dc4291d..4b3a2aa 100644
+ file = vma->vm_file;
+ prfile = vma->vm_prfile;
ret = do_mmap_pgoff(vma->vm_file, start, size,
prot, flags, pgoff, &populate);
prot, flags, pgoff, &populate, NULL);
+ if (!IS_ERR_VALUE(ret) && file && prfile) {
+ struct vm_area_struct *new_vma;
+

8
debian/patches/features/all/securelevel/acpi-disable-acpi-table-override-if-securelevel-is-s.patch vendored
View File

@ -24,11 +24,11 @@ Signed-off-by: Linn Crosetto <linn@hpe.com>
--- a/arch/x86/kernel/setup.c
+++ b/arch/x86/kernel/setup.c
@@ -1153,6 +1153,12 @@ void __init setup_arch(char **cmdline_p)
/* Allocate bigger log buffer */
setup_log_buf(1);
}
}
+#ifdef CONFIG_EFI_SECURE_BOOT_SECURELEVEL
+ if (boot_params.secure_boot) {
+ if (boot_params.secure_boot == efi_secureboot_mode_enabled) {
+ set_securelevel(1);
+ }
+#endif
@ -41,7 +41,7 @@ Signed-off-by: Linn Crosetto <linn@hpe.com>
io_delay_init();
-#ifdef CONFIG_EFI_SECURE_BOOT_SECURELEVEL
- if (boot_params.secure_boot) {
- if (boot_params.secure_boot == efi_secureboot_mode_enabled) {
- set_securelevel(1);
- }
-#endif

74
debian/patches/features/all/securelevel/add-option-to-automatically-set-securelevel-when-in-.patch vendored
View File

@ -12,24 +12,10 @@ when enabled.
Signed-off-by: Matthew Garrett <mjg59@srcf.ucam.org>
---
Documentation/x86/zero-page.txt | 2 ++
arch/x86/Kconfig | 13 +++++++++++++
arch/x86/boot/compressed/eboot.c | 36 +++++++++++++++++++++++++++++++++++
arch/x86/include/uapi/asm/bootparam.h | 3 ++-
arch/x86/kernel/setup.c | 7 +++++++
5 files changed, 60 insertions(+), 1 deletion(-)
--- a/Documentation/x86/zero-page.txt
+++ b/Documentation/x86/zero-page.txt
@@ -31,6 +31,8 @@ Offset Proto Name Meaning
1E9/001 ALL eddbuf_entries Number of entries in eddbuf (below)
1EA/001 ALL edd_mbr_sig_buf_entries Number of entries in edd_mbr_sig_buffer
(below)
+1EB/001 ALL kbd_status Numlock is enabled
+1EC/001 ALL secure_boot Secure boot is enabled in the firmware
1EF/001 ALL sentinel Used to detect broken bootloaders
290/040 ALL edd_mbr_sig_buffer EDD MBR signatures
2D0/A00 ALL e820_map E820 memory map table
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
@@ -1754,6 +1754,19 @@ config EFI_MIXED
@ -62,67 +48,15 @@ Signed-off-by: Matthew Garrett <mjg59@srcf.ucam.org>
#include "../string.h"
#include "eboot.h"
@@ -1050,6 +1051,37 @@ void setup_graphics(struct boot_params *
}
}
+static int get_secure_boot(void)
+{
+ u8 sb, setup;
+ unsigned long datasize = sizeof(sb);
+ efi_guid_t var_guid = EFI_GLOBAL_VARIABLE_GUID;
+ efi_status_t status;
+
+ status = efi_early->call((unsigned long)sys_table->runtime->get_variable,
+ L"SecureBoot", &var_guid, NULL, &datasize, &sb);
+
+ if (status != EFI_SUCCESS)
+ return 0;
+
+ if (sb == 0)
+ return 0;
+
+
+ status = efi_early->call((unsigned long)sys_table->runtime->get_variable,
+ L"SetupMode", &var_guid, NULL, &datasize,
+ &setup);
+
+ if (status != EFI_SUCCESS)
+ return 0;
+
+ if (setup == 1)
+ return 0;
+
+ return 1;
+}
+
+
/*
* Because the x86 boot code expects to be passed a boot_params we
* need to create one ourselves (usually the bootloader would create
@@ -1432,6 +1464,10 @@ struct boot_params *efi_main(struct efi_
@@ -1432,6 +1464,8 @@ struct boot_params *efi_main(struct efi_
else
setup_boot_services32(efi_early);
+ sanitize_boot_params(boot_params);
+
+ boot_params->secure_boot = get_secure_boot();
+
setup_graphics(boot_params);
setup_efi_pci(boot_params);
--- a/arch/x86/include/uapi/asm/bootparam.h
+++ b/arch/x86/include/uapi/asm/bootparam.h
@@ -134,7 +134,8 @@ struct boot_params {
__u8 eddbuf_entries; /* 0x1e9 */
__u8 edd_mbr_sig_buf_entries; /* 0x1ea */
__u8 kbd_status; /* 0x1eb */
- __u8 _pad5[3]; /* 0x1ec */
+ __u8 secure_boot; /* 0x1ec */
+ __u8 _pad5[2]; /* 0x1ed */
/*
* The sentinel is set to a nonzero value (0xff) in header.S.
*
* If the boot loader gave us a value for secure_boot then we use that,
* otherwise we ask the BIOS.
--- a/arch/x86/kernel/setup.c
+++ b/arch/x86/kernel/setup.c
@@ -50,6 +50,7 @@
@ -138,7 +72,7 @@ Signed-off-by: Matthew Garrett <mjg59@srcf.ucam.org>
io_delay_init();
+#ifdef CONFIG_EFI_SECURE_BOOT_SECURELEVEL
+ if (boot_params.secure_boot) {
+ if (boot_params.secure_boot == efi_secureboot_mode_enabled) {
+ set_securelevel(1);
+ }
+#endif

19
debian/patches/features/all/securelevel/arm64-add-kernel-config-option-to-set-securelevel-wh.patch vendored
View File

@ -82,25 +82,6 @@ v2:
};
static __initdata struct params xen_fdt_params[] = {
--- a/drivers/firmware/efi/libstub/arm-stub.c
+++ b/drivers/firmware/efi/libstub/arm-stub.c
@@ -20,7 +20,7 @@
bool __nokaslr;
-static int efi_get_secureboot(efi_system_table_t *sys_table_arg)
+int efi_get_secureboot(efi_system_table_t *sys_table_arg)
{
static efi_char16_t const sb_var_name[] = {
'S', 'e', 'c', 'u', 'r', 'e', 'B', 'o', 'o', 't', 0 };
--- a/drivers/firmware/efi/libstub/efistub.h
+++ b/drivers/firmware/efi/libstub/efistub.h
@@ -65,4 +65,5 @@ efi_status_t check_platform_features(efi
efi_status_t efi_random_get_seed(efi_system_table_t *sys_table_arg);
+int efi_get_secureboot(efi_system_table_t *sys_table_arg);
#endif
--- a/drivers/firmware/efi/libstub/fdt.c
+++ b/drivers/firmware/efi/libstub/fdt.c
@@ -134,6 +134,13 @@ static efi_status_t update_fdt(efi_syste

59
debian/patches/features/all/securelevel/arm64-efi-disable-secure-boot-if-shim-is-in-insecure.patch vendored
View File

@ -1,59 +0,0 @@
From: Linn Crosetto <linn@hpe.com>
Date: Mon, 22 Feb 2016 12:54:37 -0700
Subject: arm64/efi: Disable secure boot if shim is in insecure mode
Port to arm64 a patch originally written by Josh Boyer for the x86 EFI
stub.
A user can manually tell the shim boot loader to disable validation of
images it loads. When a user does this, it creates a UEFI variable called
MokSBState that does not have the runtime attribute set. Given that the
user explicitly disabled validation, we can honor that and not enable
secure boot mode if that variable is set.
Signed-off-by: Linn Crosetto <linn@hpe.com>
Cc: Josh Boyer <jwboyer@fedoraproject.org>
---
drivers/firmware/efi/libstub/arm-stub.c | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
--- a/drivers/firmware/efi/libstub/arm-stub.c
+++ b/drivers/firmware/efi/libstub/arm-stub.c
@@ -26,11 +26,14 @@ static int efi_get_secureboot(efi_system
'S', 'e', 'c', 'u', 'r', 'e', 'B', 'o', 'o', 't', 0 };
static efi_char16_t const sm_var_name[] = {
'S', 'e', 't', 'u', 'p', 'M', 'o', 'd', 'e', 0 };
+ static efi_char16_t const mk_var_name[] = {
+ 'M', 'o', 'k', 'S', 'B', 'S', 't', 'a', 't', 'e', 0 };
efi_guid_t var_guid = EFI_GLOBAL_VARIABLE_GUID;
efi_get_variable_t *f_getvar = sys_table_arg->runtime->get_variable;
u8 val;
unsigned long size = sizeof(val);
+ u32 attr;
efi_status_t status;
status = f_getvar((efi_char16_t *)sb_var_name, (efi_guid_t *)&var_guid,
@@ -51,6 +54,22 @@ static int efi_get_secureboot(efi_system
if (val == 1)
return 0;
+ /* See if a user has put shim into insecure_mode. If so, and the variable
+ * doesn't have the runtime attribute set, we might as well honor that.
+ */
+ var_guid = EFI_SHIM_LOCK_GUID;
+ status = f_getvar((efi_char16_t *)mk_var_name, (efi_guid_t *)&var_guid,
+ &attr, &size, &val);
+
+ /* If it fails, we don't care why. Default to secure */
+ if (status != EFI_SUCCESS)
+ return 1;
+
+ if (!(attr & EFI_VARIABLE_RUNTIME_ACCESS)) {
+ if (val == 1)
+ return 0;
+ }
+
return 1;
out_efi_err:

66
debian/patches/features/all/securelevel/efi-disable-secure-boot-if-shim-is-in-insecure-mode.patch vendored
View File

@ -1,66 +0,0 @@
From: Josh Boyer <jwboyer@fedoraproject.org>
Date: Tue, 5 Feb 2013 19:25:05 -0500
Subject: [13/18] efi: Disable secure boot if shim is in insecure mode
Origin: https://github.com/mjg59/linux/commit/f444a5ecb0ab09d6cf661b4520dd8e6fffacb8be
A user can manually tell the shim boot loader to disable validation of
images it loads. When a user does this, it creates a UEFI variable called
MokSBState that does not have the runtime attribute set. Given that the
user explicitly disabled validation, we can honor that and not enable
secure boot mode if that variable is set.
Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org>
---
arch/x86/boot/compressed/eboot.c | 20 +++++++++++++++++++-
include/linux/efi.h | 3 +++
2 files changed, 22 insertions(+), 1 deletion(-)
--- a/arch/x86/boot/compressed/eboot.c
+++ b/arch/x86/boot/compressed/eboot.c
@@ -1053,8 +1053,9 @@ void setup_graphics(struct boot_params *
static int get_secure_boot(void)
{
- u8 sb, setup;
+ u8 sb, setup, moksbstate;
unsigned long datasize = sizeof(sb);
+ u32 attr;
efi_guid_t var_guid = EFI_GLOBAL_VARIABLE_GUID;
efi_status_t status;
@@ -1078,6 +1079,23 @@ static int get_secure_boot(void)
if (setup == 1)
return 0;
+ /* See if a user has put shim into insecure_mode. If so, and the variable
+ * doesn't have the runtime attribute set, we might as well honor that.
+ */
+ var_guid = EFI_SHIM_LOCK_GUID;
+ status = efi_early->call((unsigned long)sys_table->runtime->get_variable,
+ L"MokSBState", &var_guid, &attr, &datasize,
+ &moksbstate);
+
+ /* If it fails, we don't care why. Default to secure */
+ if (status != EFI_SUCCESS)
+ return 1;
+
+ if (!(attr & EFI_VARIABLE_RUNTIME_ACCESS)) {
+ if (moksbstate == 1)
+ return 0;
+ }
+
return 1;
}
--- a/include/linux/efi.h
+++ b/include/linux/efi.h
@@ -629,6 +629,9 @@ typedef struct {
#define EFI_1_10_SYSTEM_TABLE_REVISION ((1 << 16) | (10))
#define EFI_1_02_SYSTEM_TABLE_REVISION ((1 << 16) | (02))
+#define EFI_SHIM_LOCK_GUID \
+ EFI_GUID( 0x605dab50, 0xe046, 0x4300, 0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23 )
+
typedef struct {
efi_table_hdr_t hdr;
u64 fw_vendor; /* physical addr of CHAR16 vendor string */

8
debian/patches/features/all/securelevel/enable-cold-boot-attack-mitigation.patch vendored
View File

@ -31,9 +31,9 @@ index 28c24d80d0a0..b0413ba639af 100644
+ EFI_VARIABLE_RUNTIME_ACCESS, sizeof(val), val);
+}
+
static int get_secure_boot(void)
{
u8 sb, setup, moksbstate;
/*
* Because the x86 boot code expects to be passed a boot_params we
* need to create one ourselves (usually the bootloader would create
@@ -1482,6 +1498,12 @@ struct boot_params *efi_main(struct efi_config *c,
else
setup_boot_services32(efi_early);
@ -46,4 +46,4 @@ index 28c24d80d0a0..b0413ba639af 100644
+
sanitize_boot_params(boot_params);
boot_params->secure_boot = get_secure_boot();
/*

2
debian/patches/features/all/securelevel/x86-lock-down-io-port-access-when-securelevel-is-ena.patch vendored
View File

@ -22,8 +22,8 @@ Signed-off-by: Matthew Garrett <mjg59@srcf.ucam.org>
#include <linux/bitmap.h>
+#include <linux/security.h>
#include <asm/syscalls.h>
#include <asm/desc.h>
/*
@@ -28,7 +29,7 @@ asmlinkage long sys_ioperm(unsigned long
if ((from + num <= from) || (from + num > IO_BITMAP_BITS))

102
debian/patches/features/arm/arm-dts-turris-omnia-add-support-for-ethernet-switch.patch vendored
View File

@ -1,102 +0,0 @@
From: Uwe Kleine-König <uwe@kleine-koenig.org>
Date: Tue, 3 Jan 2017 20:35:01 +0100
Subject: [PATCH] ARM: dts: turris-omnia: add support for ethernet switch
Origin: https://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git/commit/?id=7b7db5ab33d2292d9b037cda0c41a795b094d940
The Turris Omnia features a Marvell MV88E6176 ethernet switch. Add it to
the dts.
Signed-off-by: Uwe Kleine-König <uwe@kleine-koenig.org>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Tested-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Gregory CLEMENT <gregory.clement@free-electrons.com>
---
arch/arm/boot/dts/armada-385-turris-omnia.dts | 58 +++++++++++++++++++++++++--
1 file changed, 55 insertions(+), 3 deletions(-)
diff --git a/arch/arm/boot/dts/armada-385-turris-omnia.dts b/arch/arm/boot/dts/armada-385-turris-omnia.dts
index ab49acb2d452..28eede180e4f 100644
--- a/arch/arm/boot/dts/armada-385-turris-omnia.dts
+++ b/arch/arm/boot/dts/armada-385-turris-omnia.dts
@@ -122,7 +122,7 @@
pinctrl-names = "default";
pinctrl-0 = <&ge0_rgmii_pins>;
status = "okay";
- phy-mode = "rgmii-id";
+ phy-mode = "rgmii";
fixed-link {
speed = <1000>;
@@ -135,7 +135,7 @@
pinctrl-names = "default";
pinctrl-0 = <&ge1_rgmii_pins>;
status = "okay";
- phy-mode = "rgmii-id";
+ phy-mode = "rgmii";
fixed-link {
speed = <1000>;
@@ -273,7 +273,59 @@
/* irq is connected to &pcawan pin 7 */
};
- /* Switch MV88E7176 at address 0x10 */
+ /* Switch MV88E6176 at address 0x10 */
+ switch@10 {
+ compatible = "marvell,mv88e6085";
+ #address-cells = <1>;
+ #size-cells = <0>;
+ dsa,member = <0 0>;
+
+ reg = <0x10>;
+
+ ports {
+ #address-cells = <1>;
+ #size-cells = <0>;
+
+ ports@0 {
+ reg = <0>;
+ label = "lan0";
+ };
+
+ ports@1 {
+ reg = <1>;
+ label = "lan1";
+ };
+
+ ports@2 {
+ reg = <2>;
+ label = "lan2";
+ };
+
+ ports@3 {
+ reg = <3>;
+ label = "lan3";
+ };
+
+ ports@4 {
+ reg = <4>;
+ label = "lan4";
+ };
+
+ ports@5 {
+ reg = <5>;
+ label = "cpu";
+ ethernet = <&eth1>;
+ phy-mode = "rgmii-id";
+
+ fixed-link {
+ speed = <1000>;
+ full-duplex;
+ };
+ };
+
+ /* port 6 is connected to eth0 */
+ };
+ };
};
&pinctrl {
--
2.11.0

19
debian/patches/series vendored
View File

@ -51,12 +51,7 @@ debian/fanotify-taint-on-use-of-fanotify_access_permissions.patch
debian/amd64-don-t-warn-about-expected-w+x-pages-on-xen.patch
# Arch bug fixes
bugfix/x86/asoc-intel-select-dw_dmac_core-since-it-s-mandatory.patch
bugfix/sparc/sparc-topology_64.h-fix-condition-for-including-cpudata.h.patch
bugfix/x86/platform-x86-acer-wmi-setup-accelerometer-when-machi.patch
bugfix/x86/x86-xen-fix-apic-id-mismatch-warning-on-intel.patch
bugfix/arm/arm-dts-kirkwood-fix-sata-pinmux-ing-for-ts419.patch
bugfix/arm64/rtc-tegra-implement-clock-handling.patch
# Arch features
features/mips/MIPS-increase-MAX-PHYSMEM-BITS-on-Loongson-3-only.patch
@ -64,7 +59,6 @@ features/mips/MIPS-Loongson-3-Add-Loongson-LS3A-RS780E-1-way-machi.patch
features/mips/MIPS-octeon-Add-support-for-the-UBNT-E200-board.patch
features/x86/x86-memtest-WARN-if-bad-RAM-found.patch
features/x86/x86-make-x32-syscall-support-conditional.patch
features/arm/arm-dts-turris-omnia-add-support-for-ethernet-switch.patch
# Miscellaneous bug fixes
bugfix/all/kbuild-use-nostdinc-in-compile-tests.patch
@ -74,7 +68,6 @@ bugfix/all/kbuild-do-not-use-hyphen-in-exported-variable-name.patch
bugfix/all/partially-revert-usb-kconfig-using-select-for-usb_co.patch
bugfix/all/media-dvb-usb-dibusb-mc-common-add-module_license.patch
bugfix/all/kbuild-include-addtree-remove-quotes-before-matching-path.patch
bugfix/all/ACPI-EC-Use-busy-polling-mode-when-GPE-is-not-enable.patch
# Miscellaneous features
@ -91,7 +84,6 @@ features/all/securelevel/uswsusp-disable-when-securelevel-is-set.patch
features/all/securelevel/x86-restrict-msr-access-when-securelevel-is-set.patch
features/all/securelevel/asus-wmi-restrict-debugfs-interface-when-securelevel.patch
features/all/securelevel/add-option-to-automatically-set-securelevel-when-in-.patch
features/all/securelevel/efi-disable-secure-boot-if-shim-is-in-insecure-mode.patch
features/all/securelevel/hibernate-disable-when-securelevel-is-set.patch
features/all/securelevel/kexec-uefi-copy-secure_boot-flag-in-boot-params-acro.patch
features/all/securelevel/acpi-disable-acpi-table-override-if-securelevel-is-s.patch
@ -99,21 +91,10 @@ features/all/securelevel/acpi-disable-apei-error-injection-if-securelevel-is-.pa
features/all/securelevel/enable-cold-boot-attack-mitigation.patch
features/all/securelevel/mtd-disable-slram-and-phram-when-securelevel-is-enabled.patch
# same for arm64
features/all/securelevel/arm64-efi-disable-secure-boot-if-shim-is-in-insecure.patch
features/all/securelevel/arm64-add-kernel-config-option-to-set-securelevel-wh.patch
# Security fixes
debian/i386-686-pae-pci-set-pci-nobios-by-default.patch
bugfix/x86/kvm-fix-page-struct-leak-in-handle_vmon.patch
debian/time-mark-timer_stats-as-broken.patch
bugfix/all/xfrm_user-validate-xfrm_msg_newae-xfrma_replay_esn_val-replay_window.patch
bugfix/all/xfrm_user-validate-xfrm_msg_newae-incoming-esn-size-harder.patch
bugfix/all/scsi-sg-check-length-passed-to-sg_next_cmd_len.patch
bugfix/x86/vmwgfx-null-pointer-dereference-in-vmw_surface_define_ioctl.patch
bugfix/x86/drm-vmwgfx-fix-integer-overflow-in-vmw_surface_define_ioctl.patch
bugfix/all/net-packet-fix-overflow-in-check-for-priv-area-size.patch
bugfix/all/net-packet-fix-overflow-in-check-for-tp_frame_nr.patch
bugfix/all/net-packet-fix-overflow-in-check-for-tp_reserve.patch
# Fix exported symbol versions
bugfix/ia64/revert-ia64-move-exports-to-definitions.patch