diff --git a/debian/README.source b/debian/README.source index 896a91e49..570353a1f 100644 --- a/debian/README.source +++ b/debian/README.source @@ -23,41 +23,20 @@ Updating the upstream source Applying patches to the Debian kernel tree ========================================== -The Debian kernel packaging uses a custom patching system: +The Debian kernel packaging uses the quilt patch system, but with +multiple series to allow for featuresets. Patches are stored below debian/patches, loosely sorted in bugfix/, features/ and debian/. Patches are in the standard kernel patch format (unified diff to be applied with patch -p1) and generally have DEP-3 headers. -The order and the selection of patches which are applied during build -time are specified in the series/ subdirectory. The series file 'base' -is used for all configurations and the series file 'base-extra' is -additionally used for optional featuresets. - -Let's look at the actual series file for 2.6.26-12: - -+ bugfix/all/net-unix-gc-fix-soft-lockups-oom-issues.patch -+ bugfix/all/inotify-watch-removal-umount-races.patch -+ bugfix/all/atm-duplicate-listen-on-socket-corrupts-the-vcc-table.patch -+ bugfix/all/ata-pata_marvell-vs-ahci.patch -+ features/sparc/video-sunxvr500-intergraph.patch - -The patches to be applied are specified relative to debian/patches -and must be preceded by a "+". The series files may be arbitrarily -documented with comments starting with "#". - -Let's now have a look at the series file for the addon kernel flavours -of 2.6.26-12: - -+ features/all/xen/dom0-fix-processor-throttling-when-pr-id-is-minus-1.patch featureset=xen - -The same syntax applies for specifing the patches, but an additional -argument is needed which specifies the featureset the patch applies to. - +The series file 'series-all' is used for all configurations and a +series file 'series-' is used for each optional +featureset. If you want to generate a source tree with all patches applied, run -make -f debian/rules source-all +make -f debian/rules source The resulting source can be found below debian/build. diff --git a/debian/bin/check-patches.sh b/debian/bin/check-patches.sh index 3a733fae3..2f18ea3b7 100755 --- a/debian/bin/check-patches.sh +++ b/debian/bin/check-patches.sh @@ -2,7 +2,7 @@ TMPDIR=$(mktemp -d) trap "rm -rf $TMPDIR" EXIT -grep -v "^#" debian/patches/series/* | awk '{if (NF >= 2) print "debian/patches/" $2}' | sort -u > $TMPDIR/used +sed '/^#/d; /^[[:space:]]*$/d; s/^[+X] //; s,^,debian/patches/,' debian/patches/series* | sort -u > $TMPDIR/used find debian/patches ! -path '*/series*' -type f -name "*.diff" -o -name "*.patch" -printf "%p\n" | sort > $TMPDIR/avail echo "Used patches" echo "==============" diff --git a/debian/bin/genorig.py b/debian/bin/genorig.py index 0a6d6a4cc..6ec909161 100755 --- a/debian/bin/genorig.py +++ b/debian/bin/genorig.py @@ -33,7 +33,7 @@ class Main(object): self.log('Using source name %s, version %s, dfsg %s\n' % (source, version.upstream, self.version_dfsg)) self.orig = '%s-%s' % (source, version.upstream) - self.orig_tar = '%s_%s.orig.tar.gz' % (source, version.upstream) + self.orig_tar = '%s_%s.orig.tar.xz' % (source, version.upstream) self.tag = 'v' + version.linux_upstream_full def __call__(self): @@ -117,7 +117,7 @@ class Main(object): except OSError: pass self.log("Generate tarball %s\n" % out) - cmdline = ['tar -czf', out, '-C', self.dir, self.orig] + cmdline = ['tar -caf', out, '-C', self.dir, self.orig] try: if os.spawnv(os.P_WAIT, '/bin/sh', ['sh', '-c', ' '.join(cmdline)]): raise RuntimeError("Can't patch source") diff --git a/debian/bin/patch.apply b/debian/bin/patch.apply index 8fa9e3702..e69de29bb 100644 --- a/debian/bin/patch.apply +++ b/debian/bin/patch.apply @@ -1,50 +0,0 @@ -#!/usr/bin/env python - -import os, os.path, re, sys -from warnings import warn -from debian_linux.patches import PatchSeries - -def main(): - options, args = parse_options() - - if len(args) > 1: - print "Too much arguments" - return - - home = options.home - name = options.featureset or "all" - fp = file(os.path.join(home, "series-%s" % name)) - PatchSeries(name, home, fp)() - -def parse_options(): - from optparse import OptionParser - parser = OptionParser( - usage = "%prog [OPTION]... [TARGET]", - ) - parser.add_option( - '-f', '--featureset', - dest = 'featureset', - help = "featureset", - ) - parser.add_option( - '-H', '--overwrite-home', - dest = 'home', - help = "overwrite home [no default]", - ) - - options, args = parser.parse_args() - - return options, args - -if __name__ == '__main__': - def showwarning(message, category, filename, lineno, - file=sys.stderr, line=''): - file.write("Warning: %s\n" % message) - import warnings - warnings.showwarning = showwarning - try: - main() - except RuntimeError, e: - sys.stderr.write("Error: %s\n" % e) - raise SystemExit, 1 - diff --git a/debian/bin/test-patches b/debian/bin/test-patches index 53e08c87a..fc17ede29 100755 --- a/debian/bin/test-patches +++ b/debian/bin/test-patches @@ -8,7 +8,7 @@ arch="$(dpkg --print-architecture)" kernelabi="$(uname -r)" ff="${kernelabi#+([^-])-@(trunk|+([0-9]))-}" if [ "x$ff" != "x$kernelabi" ]; then - flavour="${ff#@(openvz|vserver|xen)-}" + flavour="${ff#@(openvz|rt|vserver|xen)-}" if [ "x$flavour" != "x$ff" ]; then featureset="${ff%-$flavour}" else @@ -33,9 +33,9 @@ if [ $# -lt 1 ]; then echo >&2 "Usage: $0 [] ..." cat >&2 < specify the 'flavour' of kernel to build, e.g. 686 + -f specify the 'flavour' of kernel to build, e.g. 686-pae -j specify number of compiler jobs to run in parallel - -s specify an optional featureset to apply, e.g. xen + -s specify an optional featureset to apply, e.g. rt EOF exit 2 fi @@ -55,23 +55,24 @@ if [ "${version%a~test}" = "$version" ]; then dch -v "$version" --distribution UNRELEASED "Testing patches $*" fi -restrictfeature= -series="${version##*-}" -if [ "$featureset" != none ]; then - restrictfeature=" featureset=$featureset" - series="${series}-extra" +# Make new directory for patches +mkdir -p debian/patches/test + +# Ignore user's .quiltrc +alias quilt='quilt --quiltrc -' + +# Try to clean up any previous test patches +if [ "$featureset" = none ]; then + while quilt top 2>/dev/null | grep -q ^test/; do + quilt delete + done +else + sed -i '/^test\//d' debian/patches/series-${featureset} fi -# Copy all patches into a new directory +# Prepare a new directory for the patches rm -rf debian/patches/test/ mkdir debian/patches/test -cp -t debian/patches/test/ "$@" - -# Generate patch series for the new version ->debian/patches/series/"$series" -for patch in "$@"; do - echo "+ test/$(basename "$patch")${restrictfeature}" >>debian/patches/series/"$series" -done # Regenerate control and included rules rm debian/control debian/rules.gen @@ -79,9 +80,17 @@ debian/rules debian/control-real && exit 1 || true test -f debian/control test -f debian/rules.gen -# Clean and patch source +# Clean up old build; apply existing patches for featureset debian/rules clean debian/rules source +# Apply the additional patches +for patch in "$@"; do + patch_abs="$(readlink -f "$patch")" + (cd "debian/build/source_${featureset}" && \ + quilt import -P "test/$(basename "$patch")" "$patch_abs" && \ + quilt push --fuzz=0) +done + # Build selected binaries fakeroot make -f debian/rules.gen binary-arch_"$arch"_"$featureset"_"$flavour" diff --git a/debian/changelog b/debian/changelog index 73dce8191..0fa68dffb 100644 --- a/debian/changelog +++ b/debian/changelog @@ -6,6 +6,7 @@ linux-2.6 (3.4.2-1~experimental.1) UNRELEASED; urgency=low [ Ben Hutchings ] * [ia64] Export to userland (fixes FTBFS) * [x86] Enable BATTERY_SBS as module (Closes: #662902) + * team: Enable NET_TEAM_MODE_LOADBALANCE as module -- Ben Hutchings Thu, 07 Jun 2012 04:45:03 +0100 @@ -102,25 +103,71 @@ linux-2.6 (3.3~rc6-1~experimental.1) experimental; urgency=low -- Ben Hutchings Sun, 04 Mar 2012 20:27:42 +0000 -linux (3.2.19-2) UNRELEASED; urgency=low +linux (3.2.20-1) unstable; urgency=low - * The "Not Quite So Many Different Version Numbers" release + * The "Confused? You Won't Be" release + + * New upstream stable update: + http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.20 + - cifs: fix oops while traversing open file list (try #4) + - mm/fork: fix overflow in vma length when copying mmap on clone + - mm: fix faulty initialization in vmalloc_init() + - x86, amd, xen: Avoid NULL pointer paravirt references + - ext4: force ro mount if ext4_setup_super() fails + - ext4: disallow hard-linked directory in ext4_lookup + - ext4: add missing save_error_info() to ext4_error() + - ALSA: usb-audio: fix rate_list memory leak + - Bluetooth: btusb: typo in Broadcom SoftSailing id (Closes: #674565) + - ipv4: Do not use dead fib_info entries. + - ipv4: fix the rcu race between free_fib_info and ip_route_output_slow + - l2tp: fix oops in L2TP IP sockets for connect() AF_UNSPEC case + - btree: fix tree corruption in btree_get_prev() + - asix: allow full size 8021Q frames to be received (Closes: #676545) + - ext4: don't trash state flags in EXT4_IOC_SETFLAGS + - ext4: fix the free blocks calculation for ext3 file systems w/ uninit_bg [ Ben Hutchings ] * Rename source package to 'linux' (Closes: #636010) + * Convert source package format to 3.0 (quilt) + - Convert patch system to quilt, except for the 'orig' patch series + - Use xz compression for upstream and Debian tarballs + - README.source: Update description of patch system to match current + usage + - linux-patch-debian: Remove; it is no longer necessary for GPL + compliance and does not work with our current patch management * linux-image: Change package name for bugs to 'src:linux' (Closes: #644198) * DFSG: video: Remove nvidiafb and rivafb, which include apparently - obfuscated code (Closes: #383481). The nouveau driver supports all - the same hardware, aside from RIVA 128 (NV3). + obfuscated code (Closes: #383481, #609615). The nouveau driver supports + all the same hardware, aside from RIVA 128 (NV3). * udeb: Add udf-modules containing UDF filesystem module (Closes: #613972) * [mipsel/loongson2f] linux-image: Recommend libc6-loongson2f (Closes: #629410) * Build-Depend on kmod or module-init-tools, not just the latter - * README.source: Update description of patch system to match current usage - * linux-patch-debian: Remove; it is no longer necessary for GPL compliance - and does not work with our current patch management + * test-patches: Recognise the rt featureset automatically + * udeb: Build-Depend on kernel-wedge >= 2.84; this allows us to list + modules as required even if they are built-in in some configurations + * filter: Allow to create sk-unattached filters + * proc: Backport hidepid mount option from Linux 3.4 (Closes: #669028) + * NFSv4: Reduce the footprint of the idmapper (Closes: #657078) + * [i386] thp: avoid atomic64_read in pmd_read_atomic for 32bit PAE + (Closes: #676360) + * linux-source: Add single patch for each featureset + * [x86] Enable CRASH_DUMP, PROC_VMCORE (Closes: #623177) + * media/dvb: Enable DVB_DDBRIDGE as module (Closes: #676952) + * net: sock: validate data_len before allocating skb in + sock_alloc_send_pskb() (CVE-2012-2136) + * macvtap: zerocopy: fix offset calculation when building skb + * macvtap: zerocopy: fix truesize underestimation + * macvtap: zerocopy: put page when fail to get all requested user pages + * macvtap: zerocopy: set SKBTX_DEV_ZEROCOPY only when skb is built + successfully + * macvtap: zerocopy: validate vectors before building skb (CVE-2012-2119) + * KVM: Fix buffer overflow in kvm_set_irq() (CVE-2012-2137) - -- Ben Hutchings Sat, 02 Jun 2012 20:31:53 +0100 + [ Bastian Blank ] + * [s390/s390x,s390x/s390x] Build debugging symbols. + + -- Ben Hutchings Mon, 11 Jun 2012 02:46:34 +0100 linux-2.6 (3.2.19-1) unstable; urgency=low diff --git a/debian/config/config b/debian/config/config index 62399ded1..e3495057f 100644 --- a/debian/config/config +++ b/debian/config/config @@ -955,6 +955,11 @@ CONFIG_DVB_B2C2_FLEXCOP_USB=m ## CONFIG_DVB_BT8XX=m +## +## file: drivers/media/dvb/ddbridge/Kconfig +## +CONFIG_DVB_DDBRIDGE=m + ## ## file: drivers/media/dvb/dm1105/Kconfig ## @@ -2096,6 +2101,7 @@ CONFIG_SLIP_MODE_SLIP6=y CONFIG_NET_TEAM=m CONFIG_NET_TEAM_MODE_ROUNDROBIN=m CONFIG_NET_TEAM_MODE_ACTIVEBACKUP=m +CONFIG_NET_TEAM_MODE_LOADBALANCE=m ## ## file: drivers/net/tokenring/Kconfig diff --git a/debian/config/kernelarch-x86/config b/debian/config/kernelarch-x86/config index f0518bf19..94e1b0aab 100644 --- a/debian/config/kernelarch-x86/config +++ b/debian/config/kernelarch-x86/config @@ -48,7 +48,7 @@ CONFIG_EFI_STUB=y CONFIG_SECCOMP=y CONFIG_CC_STACKPROTECTOR=y CONFIG_KEXEC=y -# CONFIG_CRASH_DUMP is not set +CONFIG_CRASH_DUMP=y # CONFIG_KEXEC_JUMP is not set CONFIG_RELOCATABLE=y CONFIG_HOTPLUG_CPU=y @@ -1571,6 +1571,11 @@ CONFIG_SGI_PARTITION=y CONFIG_ULTRIX_PARTITION=y CONFIG_SUN_PARTITION=y +## +## file: fs/proc/Kconfig +## +CONFIG_PROC_VMCORE=y + ## ## file: kernel/irq/Kconfig ## diff --git a/debian/config/s390/defines b/debian/config/s390/defines index 7f817d130..88fcf4f12 100644 --- a/debian/config/s390/defines +++ b/debian/config/s390/defines @@ -28,6 +28,9 @@ initramfs: false override-localversion: s390 type: plain-s390-tape +[s390x_build] +debug-info: true + [s390x_description] hardware: IBM zSeries parts: reader diff --git a/debian/config/s390x/defines b/debian/config/s390x/defines index 9aacfe6b3..4d95550aa 100644 --- a/debian/config/s390x/defines +++ b/debian/config/s390x/defines @@ -13,6 +13,9 @@ part-short-tape: IPL from tape bootloaders: s390-tools configs: s390/config +[s390x_build] +debug-info: true + [s390x_description] hardware: IBM zSeries parts: reader diff --git a/debian/lib/python/debian_linux/gencontrol.py b/debian/lib/python/debian_linux/gencontrol.py index 389af7027..b10dfadba 100644 --- a/debian/lib/python/debian_linux/gencontrol.py +++ b/debian/lib/python/debian_linux/gencontrol.py @@ -114,6 +114,8 @@ class Gencontrol(object): pass def do_main_makefile(self, makefile, makeflags, extra): + makeflags = makeflags.copy() + makeflags['ALL_FEATURESETS'] = ' '.join(self.config['base', ]['featuresets']) makefile.add('binary-indep', cmds=["$(MAKE) -f debian/rules.real binary-indep %s" % makeflags]) def do_main_packages(self, packages, vars, makeflags, extra): diff --git a/debian/patches/bugfix/all/KVM-Fix-buffer-overflow-in-kvm_set_irq.patch b/debian/patches/bugfix/all/KVM-Fix-buffer-overflow-in-kvm_set_irq.patch new file mode 100644 index 000000000..08d4368d0 --- /dev/null +++ b/debian/patches/bugfix/all/KVM-Fix-buffer-overflow-in-kvm_set_irq.patch @@ -0,0 +1,33 @@ +From: Avi Kivity +Date: Sun, 22 Apr 2012 17:02:11 +0300 +Subject: [PATCH] KVM: Fix buffer overflow in kvm_set_irq() + +commit f2ebd422f71cda9c791f76f85d2ca102ae34a1ed upstream. + +kvm_set_irq() has an internal buffer of three irq routing entries, allowing +connecting a GSI to three IRQ chips or on MSI. However setup_routing_entry() +does not properly enforce this, allowing three irqchip routes followed by +an MSI route to overflow the buffer. + +Fix by ensuring that an MSI entry is added to an empty list. + +Signed-off-by: Avi Kivity +--- + virt/kvm/irq_comm.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/virt/kvm/irq_comm.c b/virt/kvm/irq_comm.c +index a6a0365..5afb431 100644 +--- a/virt/kvm/irq_comm.c ++++ b/virt/kvm/irq_comm.c +@@ -332,6 +332,7 @@ static int setup_routing_entry(struct kvm_irq_routing_table *rt, + */ + hlist_for_each_entry(ei, n, &rt->map[ue->gsi], link) + if (ei->type == KVM_IRQ_ROUTING_MSI || ++ ue->type == KVM_IRQ_ROUTING_MSI || + ue->u.irqchip.irqchip == ei->irqchip.irqchip) + return r; + +-- +1.7.10 + diff --git a/debian/patches/bugfix/all/macvtap-zerocopy-fix-offset-calculation-when-buildin.patch b/debian/patches/bugfix/all/macvtap-zerocopy-fix-offset-calculation-when-buildin.patch new file mode 100644 index 000000000..911076814 --- /dev/null +++ b/debian/patches/bugfix/all/macvtap-zerocopy-fix-offset-calculation-when-buildin.patch @@ -0,0 +1,61 @@ +From: Jason Wang +Date: Wed, 2 May 2012 11:41:30 +0800 +Subject: [1/5] macvtap: zerocopy: fix offset calculation when building skb + +commit 3afc9621f15701c557e60f61eba9242bac2771dd upstream. + +This patch fixes the offset calculation when building skb: + +- offset1 were used as skb data offset not vector offset +- reset offset to zero only when we advance to next vector + +Signed-off-by: Jason Wang +Signed-off-by: Michael S. Tsirkin +--- + drivers/net/macvtap.c | 13 +++++++------ + 1 file changed, 7 insertions(+), 6 deletions(-) + +diff --git a/drivers/net/macvtap.c b/drivers/net/macvtap.c +index 0427c65..bd4a70d 100644 +--- a/drivers/net/macvtap.c ++++ b/drivers/net/macvtap.c +@@ -505,10 +505,11 @@ static int zerocopy_sg_from_iovec(struct sk_buff *skb, const struct iovec *from, + if (copy > size) { + ++from; + --count; +- } ++ offset = 0; ++ } else ++ offset += size; + copy -= size; + offset1 += size; +- offset = 0; + } + + if (len == offset1) +@@ -519,13 +520,13 @@ static int zerocopy_sg_from_iovec(struct sk_buff *skb, const struct iovec *from, + int num_pages; + unsigned long base; + +- len = from->iov_len - offset1; ++ len = from->iov_len - offset; + if (!len) { +- offset1 = 0; ++ offset = 0; + ++from; + continue; + } +- base = (unsigned long)from->iov_base + offset1; ++ base = (unsigned long)from->iov_base + offset; + size = ((base & ~PAGE_MASK) + len + ~PAGE_MASK) >> PAGE_SHIFT; + num_pages = get_user_pages_fast(base, size, 0, &page[i]); + if ((num_pages != size) || +@@ -546,7 +547,7 @@ static int zerocopy_sg_from_iovec(struct sk_buff *skb, const struct iovec *from, + len -= size; + i++; + } +- offset1 = 0; ++ offset = 0; + ++from; + } + return 0; diff --git a/debian/patches/bugfix/all/macvtap-zerocopy-fix-truesize-underestimation.patch b/debian/patches/bugfix/all/macvtap-zerocopy-fix-truesize-underestimation.patch new file mode 100644 index 000000000..75164f0a2 --- /dev/null +++ b/debian/patches/bugfix/all/macvtap-zerocopy-fix-truesize-underestimation.patch @@ -0,0 +1,41 @@ +From: Jason Wang +Date: Wed, 2 May 2012 11:41:44 +0800 +Subject: [2/5] macvtap: zerocopy: fix truesize underestimation + +commit 4ef67ebedffa44ed9939b34708ac2fee06d2f65f upstream. + +As the skb fragment were pinned/built from user pages, we should +account the page instead of length for truesize. + +Signed-off-by: Jason Wang +Signed-off-by: Michael S. Tsirkin +--- + drivers/net/macvtap.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/drivers/net/macvtap.c b/drivers/net/macvtap.c +index bd4a70d..7cb2684 100644 +--- a/drivers/net/macvtap.c ++++ b/drivers/net/macvtap.c +@@ -519,6 +519,7 @@ static int zerocopy_sg_from_iovec(struct sk_buff *skb, const struct iovec *from, + struct page *page[MAX_SKB_FRAGS]; + int num_pages; + unsigned long base; ++ unsigned long truesize; + + len = from->iov_len - offset; + if (!len) { +@@ -533,10 +534,11 @@ static int zerocopy_sg_from_iovec(struct sk_buff *skb, const struct iovec *from, + (num_pages > MAX_SKB_FRAGS - skb_shinfo(skb)->nr_frags)) + /* put_page is in skb free */ + return -EFAULT; ++ truesize = size * PAGE_SIZE; + skb->data_len += len; + skb->len += len; +- skb->truesize += len; +- atomic_add(len, &skb->sk->sk_wmem_alloc); ++ skb->truesize += truesize; ++ atomic_add(truesize, &skb->sk->sk_wmem_alloc); + while (len) { + int off = base & ~PAGE_MASK; + int size = min_t(int, len, PAGE_SIZE - off); diff --git a/debian/patches/bugfix/all/macvtap-zerocopy-put-page-when-fail-to-get-all-reque.patch b/debian/patches/bugfix/all/macvtap-zerocopy-put-page-when-fail-to-get-all-reque.patch new file mode 100644 index 000000000..1674eb84f --- /dev/null +++ b/debian/patches/bugfix/all/macvtap-zerocopy-put-page-when-fail-to-get-all-reque.patch @@ -0,0 +1,35 @@ +From: Jason Wang +Date: Wed, 2 May 2012 11:41:58 +0800 +Subject: [3/5] macvtap: zerocopy: put page when fail to get all requested + user pages + +commit 02ce04bb3d28c3333231f43bca677228dbc686fe upstream. + +When get_user_pages_fast() fails to get all requested pages, we could not use +kfree_skb() to free it as it has not been put in the skb fragments. So we need +to call put_page() instead. + +Signed-off-by: Jason Wang +Signed-off-by: Michael S. Tsirkin +--- + drivers/net/macvtap.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/drivers/net/macvtap.c b/drivers/net/macvtap.c +index 7cb2684..9ab182a 100644 +--- a/drivers/net/macvtap.c ++++ b/drivers/net/macvtap.c +@@ -531,9 +531,11 @@ static int zerocopy_sg_from_iovec(struct sk_buff *skb, const struct iovec *from, + size = ((base & ~PAGE_MASK) + len + ~PAGE_MASK) >> PAGE_SHIFT; + num_pages = get_user_pages_fast(base, size, 0, &page[i]); + if ((num_pages != size) || +- (num_pages > MAX_SKB_FRAGS - skb_shinfo(skb)->nr_frags)) +- /* put_page is in skb free */ ++ (num_pages > MAX_SKB_FRAGS - skb_shinfo(skb)->nr_frags)) { ++ for (i = 0; i < num_pages; i++) ++ put_page(page[i]); + return -EFAULT; ++ } + truesize = size * PAGE_SIZE; + skb->data_len += len; + skb->len += len; diff --git a/debian/patches/bugfix/all/macvtap-zerocopy-set-SKBTX_DEV_ZEROCOPY-only-when-sk.patch b/debian/patches/bugfix/all/macvtap-zerocopy-set-SKBTX_DEV_ZEROCOPY-only-when-sk.patch new file mode 100644 index 000000000..fb5c20256 --- /dev/null +++ b/debian/patches/bugfix/all/macvtap-zerocopy-set-SKBTX_DEV_ZEROCOPY-only-when-sk.patch @@ -0,0 +1,48 @@ +From: Jason Wang +Date: Wed, 2 May 2012 11:42:06 +0800 +Subject: [4/5] macvtap: zerocopy: set SKBTX_DEV_ZEROCOPY only when skb is + built successfully + +commit 01d6657b388438def19c8baaea28e742b6ed32ec upstream. + +Current the SKBTX_DEV_ZEROCOPY is set unconditionally after +zerocopy_sg_from_iovec(), this would lead NULL pointer when macvtap +fails to build zerocopy skb because destructor_arg was not +initialized. Solve this by set this flag after the skb were built +successfully. + +Signed-off-by: Jason Wang +Signed-off-by: Michael S. Tsirkin +--- + drivers/net/macvtap.c | 9 +++++---- + 1 file changed, 5 insertions(+), 4 deletions(-) + +diff --git a/drivers/net/macvtap.c b/drivers/net/macvtap.c +index 9ab182a..a4ff694 100644 +--- a/drivers/net/macvtap.c ++++ b/drivers/net/macvtap.c +@@ -699,10 +699,9 @@ static ssize_t macvtap_get_user(struct macvtap_queue *q, struct msghdr *m, + if (!skb) + goto err; + +- if (zerocopy) { ++ if (zerocopy) + err = zerocopy_sg_from_iovec(skb, iv, vnet_hdr_len, count); +- skb_shinfo(skb)->tx_flags |= SKBTX_DEV_ZEROCOPY; +- } else ++ else + err = skb_copy_datagram_from_iovec(skb, 0, iv, vnet_hdr_len, + len); + if (err) +@@ -721,8 +720,10 @@ static ssize_t macvtap_get_user(struct macvtap_queue *q, struct msghdr *m, + rcu_read_lock_bh(); + vlan = rcu_dereference_bh(q->vlan); + /* copy skb_ubuf_info for callback when skb has no error */ +- if (zerocopy) ++ if (zerocopy) { + skb_shinfo(skb)->destructor_arg = m->msg_control; ++ skb_shinfo(skb)->tx_flags |= SKBTX_DEV_ZEROCOPY; ++ } + if (vlan) + macvlan_start_xmit(skb, vlan->dev); + else diff --git a/debian/patches/bugfix/all/macvtap-zerocopy-validate-vectors-before-building-sk.patch b/debian/patches/bugfix/all/macvtap-zerocopy-validate-vectors-before-building-sk.patch new file mode 100644 index 000000000..b9f8ce82c --- /dev/null +++ b/debian/patches/bugfix/all/macvtap-zerocopy-validate-vectors-before-building-sk.patch @@ -0,0 +1,78 @@ +From: Jason Wang +Date: Wed, 2 May 2012 11:42:15 +0800 +Subject: macvtap: zerocopy: validate vectors before building skb + +commit b92946e2919134ebe2a4083e4302236295ea2a73 upstream. + +There're several reasons that the vectors need to be validated: + +- Return error when caller provides vectors whose num is greater than UIO_MAXIOV. +- Linearize part of skb when userspace provides vectors grater than MAX_SKB_FRAGS. +- Return error when userspace provides vectors whose total length may exceed +- MAX_SKB_FRAGS * PAGE_SIZE. + +Signed-off-by: Jason Wang +Signed-off-by: Michael S. Tsirkin +--- + drivers/net/macvtap.c | 25 +++++++++++++++++++++---- + 1 file changed, 21 insertions(+), 4 deletions(-) + +diff --git a/drivers/net/macvtap.c b/drivers/net/macvtap.c +index a4ff694..163559c 100644 +--- a/drivers/net/macvtap.c ++++ b/drivers/net/macvtap.c +@@ -529,9 +529,10 @@ static int zerocopy_sg_from_iovec(struct sk_buff *skb, const struct iovec *from, + } + base = (unsigned long)from->iov_base + offset; + size = ((base & ~PAGE_MASK) + len + ~PAGE_MASK) >> PAGE_SHIFT; ++ if (i + size > MAX_SKB_FRAGS) ++ return -EMSGSIZE; + num_pages = get_user_pages_fast(base, size, 0, &page[i]); +- if ((num_pages != size) || +- (num_pages > MAX_SKB_FRAGS - skb_shinfo(skb)->nr_frags)) { ++ if (num_pages != size) { + for (i = 0; i < num_pages; i++) + put_page(page[i]); + return -EFAULT; +@@ -651,7 +652,7 @@ static ssize_t macvtap_get_user(struct macvtap_queue *q, struct msghdr *m, + int err; + struct virtio_net_hdr vnet_hdr = { 0 }; + int vnet_hdr_len = 0; +- int copylen; ++ int copylen = 0; + bool zerocopy = false; + + if (q->flags & IFF_VNET_HDR) { +@@ -680,15 +681,31 @@ static ssize_t macvtap_get_user(struct macvtap_queue *q, struct msghdr *m, + if (unlikely(len < ETH_HLEN)) + goto err; + ++ err = -EMSGSIZE; ++ if (unlikely(count > UIO_MAXIOV)) ++ goto err; ++ + if (m && m->msg_control && sock_flag(&q->sk, SOCK_ZEROCOPY)) + zerocopy = true; + + if (zerocopy) { ++ /* Userspace may produce vectors with count greater than ++ * MAX_SKB_FRAGS, so we need to linearize parts of the skb ++ * to let the rest of data to be fit in the frags. ++ */ ++ if (count > MAX_SKB_FRAGS) { ++ copylen = iov_length(iv, count - MAX_SKB_FRAGS); ++ if (copylen < vnet_hdr_len) ++ copylen = 0; ++ else ++ copylen -= vnet_hdr_len; ++ } + /* There are 256 bytes to be copied in skb, so there is enough + * room for skb expand head in case it is used. + * The rest buffer is mapped from userspace. + */ +- copylen = vnet_hdr.hdr_len; ++ if (copylen < vnet_hdr.hdr_len) ++ copylen = vnet_hdr.hdr_len; + if (!copylen) + copylen = GOODCOPY_LEN; + } else diff --git a/debian/patches/bugfix/all/net-sock-validate-data_len-before-allocating-skb-in-.patch b/debian/patches/bugfix/all/net-sock-validate-data_len-before-allocating-skb-in-.patch new file mode 100644 index 000000000..86b0554bc --- /dev/null +++ b/debian/patches/bugfix/all/net-sock-validate-data_len-before-allocating-skb-in-.patch @@ -0,0 +1,48 @@ +From: Jason Wang +Date: Wed, 30 May 2012 21:18:10 +0000 +Subject: net: sock: validate data_len before allocating skb in + sock_alloc_send_pskb() + +commit cc9b17ad29ecaa20bfe426a8d4dbfb94b13ff1cc upstream. + +We need to validate the number of pages consumed by data_len, otherwise frags +array could be overflowed by userspace. So this patch validate data_len and +return -EMSGSIZE when data_len may occupies more frags than MAX_SKB_FRAGS. + +Signed-off-by: Jason Wang +Signed-off-by: David S. Miller +--- + net/core/sock.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/net/core/sock.c b/net/core/sock.c +index 653f8c0..9e5b71f 100644 +--- a/net/core/sock.c ++++ b/net/core/sock.c +@@ -1592,6 +1592,11 @@ struct sk_buff *sock_alloc_send_pskb(struct sock *sk, unsigned long header_len, + gfp_t gfp_mask; + long timeo; + int err; ++ int npages = (data_len + (PAGE_SIZE - 1)) >> PAGE_SHIFT; ++ ++ err = -EMSGSIZE; ++ if (npages > MAX_SKB_FRAGS) ++ goto failure; + + gfp_mask = sk->sk_allocation; + if (gfp_mask & __GFP_WAIT) +@@ -1610,14 +1615,12 @@ struct sk_buff *sock_alloc_send_pskb(struct sock *sk, unsigned long header_len, + if (atomic_read(&sk->sk_wmem_alloc) < sk->sk_sndbuf) { + skb = alloc_skb(header_len, gfp_mask); + if (skb) { +- int npages; + int i; + + /* No pages, we're done... */ + if (!data_len) + break; + +- npages = (data_len + (PAGE_SIZE - 1)) >> PAGE_SHIFT; + skb->truesize += data_len; + skb_shinfo(skb)->nr_frags = npages; + for (i = 0; i < npages; i++) { diff --git a/debian/patches/bugfix/x86/thp-avoid-atomic64_read-in-pmd_read_atomic-for-32bit-pae.patch b/debian/patches/bugfix/x86/thp-avoid-atomic64_read-in-pmd_read_atomic-for-32bit-pae.patch new file mode 100644 index 000000000..0a8dfe616 --- /dev/null +++ b/debian/patches/bugfix/x86/thp-avoid-atomic64_read-in-pmd_read_atomic-for-32bit-pae.patch @@ -0,0 +1,112 @@ +From: Andrea Arcangeli +Subject: thp: avoid atomic64_read in pmd_read_atomic for 32bit PAE + +In the x86 32bit PAE CONFIG_TRANSPARENT_HUGEPAGE=y case while holding the +mmap_sem for reading, cmpxchg8b cannot be used to read pmd contents under +Xen. + +So instead of dealing only with "consistent" pmdvals in +pmd_none_or_trans_huge_or_clear_bad() (which would be conceptually +simpler) we let pmd_none_or_trans_huge_or_clear_bad() deal with pmdvals +where the low 32bit and high 32bit could be inconsistent (to avoid having +to use cmpxchg8b). + +The only guarantee we get from pmd_read_atomic is that if the low part of +the pmd was found null, the high part will be null too (so the pmd will be +considered unstable). And if the low part of the pmd is found "stable" +later, then it means the whole pmd was read atomically (because after a +pmd is stable, neither MADV_DONTNEED nor page faults can alter it anymore, +and we read the high part after the low part). + +In the 32bit PAE x86 case, it is enough to read the low part of the pmdval +atomically to declare the pmd as "stable" and that's true for THP and no +THP, furthermore in the THP case we also have a barrier() that will +prevent any inconsistent pmdvals to be cached by a later re-read of the +*pmd. + +Signed-off-by: Andrea Arcangeli +Cc: Jonathan Nieder +Cc: Ulrich Obergfell +Cc: Mel Gorman +Cc: Hugh Dickins +Cc: Larry Woodman +Cc: Petr Matousek +Cc: Rik van Riel +Cc: Jan Beulich +Cc: KOSAKI Motohiro +Cc: +Signed-off-by: Andrew Morton +--- + + arch/x86/include/asm/pgtable-3level.h | 30 +++++++++++++----------- + include/asm-generic/pgtable.h | 10 ++++++++ + 2 files changed, 27 insertions(+), 13 deletions(-) + +--- a/arch/x86/include/asm/pgtable-3level.h ++++ b/arch/x86/include/asm/pgtable-3level.h +@@ -47,16 +47,26 @@ + * they can run pmd_offset_map_lock or pmd_trans_huge or other pmd + * operations. + * +- * Without THP if the mmap_sem is hold for reading, the +- * pmd can only transition from null to not null while pmd_read_atomic runs. +- * So there's no need of literally reading it atomically. ++ * Without THP if the mmap_sem is hold for reading, the pmd can only ++ * transition from null to not null while pmd_read_atomic runs. So ++ * we can always return atomic pmd values with this function. + * + * With THP if the mmap_sem is hold for reading, the pmd can become +- * THP or null or point to a pte (and in turn become "stable") at any +- * time under pmd_read_atomic, so it's mandatory to read it atomically +- * with cmpxchg8b. ++ * trans_huge or none or point to a pte (and in turn become "stable") ++ * at any time under pmd_read_atomic. We could read it really ++ * atomically here with a atomic64_read for the THP enabled case (and ++ * it would be a whole lot simpler), but to avoid using cmpxchg8b we ++ * only return an atomic pmdval if the low part of the pmdval is later ++ * found stable (i.e. pointing to a pte). And we're returning a none ++ * pmdval if the low part of the pmd is none. In some cases the high ++ * and low part of the pmdval returned may not be consistent if THP is ++ * enabled (the low part may point to previously mapped hugepage, ++ * while the high part may point to a more recently mapped hugepage), ++ * but pmd_none_or_trans_huge_or_clear_bad() only needs the low part ++ * of the pmd to be read atomically to decide if the pmd is unstable ++ * or not, with the only exception of when the low part of the pmd is ++ * zero in which case we return a none pmd. + */ +-#ifndef CONFIG_TRANSPARENT_HUGEPAGE + static inline pmd_t pmd_read_atomic(pmd_t *pmdp) + { + pmdval_t ret; +@@ -74,12 +84,6 @@ + + return (pmd_t) { ret }; + } +-#else /* CONFIG_TRANSPARENT_HUGEPAGE */ +-static inline pmd_t pmd_read_atomic(pmd_t *pmdp) +-{ +- return (pmd_t) { atomic64_read((atomic64_t *)pmdp) }; +-} +-#endif /* CONFIG_TRANSPARENT_HUGEPAGE */ + + static inline void native_set_pte_atomic(pte_t *ptep, pte_t pte) + { +--- a/include/asm-generic/pgtable.h ++++ b/include/asm-generic/pgtable.h +@@ -484,6 +484,16 @@ + /* + * The barrier will stabilize the pmdval in a register or on + * the stack so that it will stop changing under the code. ++ * ++ * When CONFIG_TRANSPARENT_HUGEPAGE=y on x86 32bit PAE, ++ * pmd_read_atomic is allowed to return a not atomic pmdval ++ * (for example pointing to an hugepage that has never been ++ * mapped in the pmd). The below checks will only care about ++ * the low part of the pmd with 32bit PAE x86 anyway, with the ++ * exception of pmd_none(). So the important thing is that if ++ * the low part of the pmd is found null, the high part will ++ * be also null or the pmd_none() check below would be ++ * confused. + */ + #ifdef CONFIG_TRANSPARENT_HUGEPAGE + barrier(); diff --git a/debian/patches/debian/arch-sh4-fix-uimage-build.patch b/debian/patches/debian/arch-sh4-fix-uimage-build.patch index 1ddc00c9e..853c11ad5 100644 --- a/debian/patches/debian/arch-sh4-fix-uimage-build.patch +++ b/debian/patches/debian/arch-sh4-fix-uimage-build.patch @@ -1,5 +1,5 @@ ---- a/arch/sh/Makefile 2009-12-03 12:51:21.000000000 +0900 -+++ b/arch/sh/Makefile 2010-02-04 15:47:57.000000000 +0900 +--- a/arch/sh/Makefile ++++ b/arch/sh/Makefile @@ -75,7 +75,6 @@ # Give the various platforms the opportunity to set default image types @@ -7,4 +7,4 @@ -defaultimage-$(CONFIG_SH_SH7785LCR) := uImage defaultimage-$(CONFIG_SH_RSK) := uImage defaultimage-$(CONFIG_SH_URQUELL) := uImage - defaultimage-$(CONFIG_SH_7206_SOLUTION_ENGINE) := vmlinux + defaultimage-$(CONFIG_SH_MIGOR) := uImage diff --git a/debian/patches/debian/kernelvariables.patch b/debian/patches/debian/kernelvariables.patch index f668bdd41..437a4d634 100644 --- a/debian/patches/debian/kernelvariables.patch +++ b/debian/patches/debian/kernelvariables.patch @@ -13,8 +13,8 @@ use of $(ARCH) needs to be moved after this. --- a/Makefile +++ b/Makefile -@@ -198,46 +198,6 @@ - CROSS_COMPILE ?= +@@ -195,46 +195,6 @@ + ARCH ?= $(SUBARCH) CROSS_COMPILE ?= $(CONFIG_CROSS_COMPILE:"%"=%) -# Architecture as present in compile.h @@ -60,7 +60,7 @@ use of $(ARCH) needs to be moved after this. KCONFIG_CONFIG ?= .config export KCONFIG_CONFIG -@@ -354,6 +314,44 @@ LDFLAGS_MODULE = +@@ -354,6 +314,44 @@ AFLAGS_KERNEL = CFLAGS_GCOV = -fprofile-arcs -ftest-coverage diff --git a/debian/patches/debian/version.patch b/debian/patches/debian/version.patch index f61f91bf6..a88e6974c 100644 --- a/debian/patches/debian/version.patch +++ b/debian/patches/debian/version.patch @@ -22,7 +22,7 @@ the kernel version string. --- a/init/version.c +++ b/init/version.c -@@ -36,12 +36,31 @@ struct uts_namespace init_uts_ns = { +@@ -37,12 +37,31 @@ }; EXPORT_SYMBOL_GPL(init_uts_ns); @@ -59,7 +59,7 @@ the kernel version string. " (" LINUX_COMPILER ") %s\n"; --- a/scripts/mkcompile_h +++ b/scripts/mkcompile_h -@@ -73,7 +73,25 @@ UTS_TRUNCATE="sed -e s/\(.\{1,$UTS_LEN\}\).*/\1/" +@@ -73,8 +73,26 @@ echo \#define UTS_VERSION \"`echo $UTS_VERSION | $UTS_TRUNCATE`\" @@ -87,3 +87,4 @@ the kernel version string. + fi echo \#define LINUX_COMPILER \"`$CC -v 2>&1 | tail -n 1`\" + ) > .tmpcompile diff --git a/debian/patches/features/all/hidepid/0001-procfs-parse-mount-options.patch b/debian/patches/features/all/hidepid/0001-procfs-parse-mount-options.patch new file mode 100644 index 000000000..8eabaebd7 --- /dev/null +++ b/debian/patches/features/all/hidepid/0001-procfs-parse-mount-options.patch @@ -0,0 +1,167 @@ +From: Vasiliy Kulikov +Date: Tue, 10 Jan 2012 15:11:27 -0800 +Subject: procfs: parse mount options + +commit 97412950b10e64f347aec4a9b759395c2465adf6 upstream. + +Add support for procfs mount options. Actual mount options are coming in +the next patches. + +Signed-off-by: Vasiliy Kulikov +Cc: Alexey Dobriyan +Cc: Al Viro +Cc: Randy Dunlap +Cc: "H. Peter Anvin" +Cc: Greg KH +Cc: Theodore Tso +Cc: Alan Cox +Cc: James Morris +Cc: Oleg Nesterov +Signed-off-by: Andrew Morton +Signed-off-by: Linus Torvalds +[bwh: Backported to 3.2: super_operations::show_options takes a + struct vfsmount *, not struct dentry *] +--- + fs/proc/inode.c | 10 ++++++++++ + fs/proc/internal.h | 1 + + fs/proc/root.c | 55 ++++++++++++++++++++++++++++++++++++++++++++++++++-- + 3 files changed, 64 insertions(+), 2 deletions(-) + +--- a/fs/proc/inode.c ++++ b/fs/proc/inode.c +@@ -7,6 +7,7 @@ + #include + #include + #include ++#include + #include + #include + #include +@@ -17,7 +18,9 @@ + #include + #include + #include ++#include + #include ++#include + + #include + #include +@@ -102,12 +105,19 @@ + init_once); + } + ++static int proc_show_options(struct seq_file *seq, struct vfsmount *vfs) ++{ ++ return 0; ++} ++ + static const struct super_operations proc_sops = { + .alloc_inode = proc_alloc_inode, + .destroy_inode = proc_destroy_inode, + .drop_inode = generic_delete_inode, + .evict_inode = proc_evict_inode, + .statfs = simple_statfs, ++ .remount_fs = proc_remount, ++ .show_options = proc_show_options, + }; + + static void __pde_users_dec(struct proc_dir_entry *pde) +--- a/fs/proc/internal.h ++++ b/fs/proc/internal.h +@@ -117,6 +117,7 @@ + + int proc_fill_super(struct super_block *); + struct inode *proc_get_inode(struct super_block *, struct proc_dir_entry *); ++int proc_remount(struct super_block *sb, int *flags, char *data); + + /* + * These are generic /proc routines that use the internal +--- a/fs/proc/root.c ++++ b/fs/proc/root.c +@@ -18,6 +18,7 @@ + #include + #include + #include ++#include + + #include "internal.h" + +@@ -36,6 +37,48 @@ + return err; + } + ++enum { ++ Opt_err, ++}; ++ ++static const match_table_t tokens = { ++ {Opt_err, NULL}, ++}; ++ ++static int proc_parse_options(char *options, struct pid_namespace *pid) ++{ ++ char *p; ++ substring_t args[MAX_OPT_ARGS]; ++ ++ pr_debug("proc: options = %s\n", options); ++ ++ if (!options) ++ return 1; ++ ++ while ((p = strsep(&options, ",")) != NULL) { ++ int token; ++ if (!*p) ++ continue; ++ ++ args[0].to = args[0].from = 0; ++ token = match_token(p, tokens, args); ++ switch (token) { ++ default: ++ pr_err("proc: unrecognized mount option \"%s\" " ++ "or missing value\n", p); ++ return 0; ++ } ++ } ++ ++ return 1; ++} ++ ++int proc_remount(struct super_block *sb, int *flags, char *data) ++{ ++ struct pid_namespace *pid = sb->s_fs_info; ++ return !proc_parse_options(data, pid); ++} ++ + static struct dentry *proc_mount(struct file_system_type *fs_type, + int flags, const char *dev_name, void *data) + { +@@ -43,11 +86,15 @@ + struct super_block *sb; + struct pid_namespace *ns; + struct proc_inode *ei; ++ char *options; + +- if (flags & MS_KERNMOUNT) ++ if (flags & MS_KERNMOUNT) { + ns = (struct pid_namespace *)data; +- else ++ options = NULL; ++ } else { + ns = current->nsproxy->pid_ns; ++ options = data; ++ } + + sb = sget(fs_type, proc_test_super, proc_set_super, ns); + if (IS_ERR(sb)) +@@ -55,6 +102,10 @@ + + if (!sb->s_root) { + sb->s_flags = flags; ++ if (!proc_parse_options(options, ns)) { ++ deactivate_locked_super(sb); ++ return ERR_PTR(-EINVAL); ++ } + err = proc_fill_super(sb); + if (err) { + deactivate_locked_super(sb); diff --git a/debian/patches/features/all/hidepid/0002-procfs-add-hidepid-and-gid-mount-options.patch b/debian/patches/features/all/hidepid/0002-procfs-add-hidepid-and-gid-mount-options.patch new file mode 100644 index 000000000..f1adaf8dc --- /dev/null +++ b/debian/patches/features/all/hidepid/0002-procfs-add-hidepid-and-gid-mount-options.patch @@ -0,0 +1,332 @@ +From: Vasiliy Kulikov +Date: Tue, 10 Jan 2012 15:11:31 -0800 +Subject: procfs: add hidepid= and gid= mount options + +commit 0499680a42141d86417a8fbaa8c8db806bea1201 upstream. + +Add support for mount options to restrict access to /proc/PID/ +directories. The default backward-compatible "relaxed" behaviour is left +untouched. + +The first mount option is called "hidepid" and its value defines how much +info about processes we want to be available for non-owners: + +hidepid=0 (default) means the old behavior - anybody may read all +world-readable /proc/PID/* files. + +hidepid=1 means users may not access any /proc// directories, but +their own. Sensitive files like cmdline, sched*, status are now protected +against other users. As permission checking done in proc_pid_permission() +and files' permissions are left untouched, programs expecting specific +files' modes are not confused. + +hidepid=2 means hidepid=1 plus all /proc/PID/ will be invisible to other +users. It doesn't mean that it hides whether a process exists (it can be +learned by other means, e.g. by kill -0 $PID), but it hides process' euid +and egid. It compicates intruder's task of gathering info about running +processes, whether some daemon runs with elevated privileges, whether +another user runs some sensitive program, whether other users run any +program at all, etc. + +gid=XXX defines a group that will be able to gather all processes' info +(as in hidepid=0 mode). This group should be used instead of putting +nonroot user in sudoers file or something. However, untrusted users (like +daemons, etc.) which are not supposed to monitor the tasks in the whole +system should not be added to the group. + +hidepid=1 or higher is designed to restrict access to procfs files, which +might reveal some sensitive private information like precise keystrokes +timings: + +http://www.openwall.com/lists/oss-security/2011/11/05/3 + +hidepid=1/2 doesn't break monitoring userspace tools. ps, top, pgrep, and +conky gracefully handle EPERM/ENOENT and behave as if the current user is +the only user running processes. pstree shows the process subtree which +contains "pstree" process. + +Note: the patch doesn't deal with setuid/setgid issues of keeping +preopened descriptors of procfs files (like +https://lkml.org/lkml/2011/2/7/368). We rely on that the leaked +information like the scheduling counters of setuid apps doesn't threaten +anybody's privacy - only the user started the setuid program may read the +counters. + +Signed-off-by: Vasiliy Kulikov +Cc: Alexey Dobriyan +Cc: Al Viro +Cc: Randy Dunlap +Cc: "H. Peter Anvin" +Cc: Greg KH +Cc: Theodore Tso +Cc: Alan Cox +Cc: James Morris +Cc: Oleg Nesterov +Cc: Hugh Dickins +Signed-off-by: Andrew Morton +Signed-off-by: Linus Torvalds +[bwh: Backported to 3.2: super_operations::show_options takes a + struct vfsmount *, not struct dentry *] +--- + Documentation/filesystems/proc.txt | 39 ++++++++++++++++++++ + fs/proc/base.c | 69 +++++++++++++++++++++++++++++++++++- + fs/proc/inode.c | 8 +++++ + fs/proc/root.c | 21 +++++++++-- + include/linux/pid_namespace.h | 2 ++ + 5 files changed, 135 insertions(+), 4 deletions(-) + +--- a/Documentation/filesystems/proc.txt ++++ b/Documentation/filesystems/proc.txt +@@ -41,6 +41,8 @@ + 3.5 /proc//mountinfo - Information about mounts + 3.6 /proc//comm & /proc//task//comm + ++ 4 Configuring procfs ++ 4.1 Mount options + + ------------------------------------------------------------------------------ + Preface +@@ -1542,3 +1544,40 @@ + is limited in size compared to the cmdline value, so writing anything longer + then the kernel's TASK_COMM_LEN (currently 16 chars) will result in a truncated + comm value. ++ ++ ++------------------------------------------------------------------------------ ++Configuring procfs ++------------------------------------------------------------------------------ ++ ++4.1 Mount options ++--------------------- ++ ++The following mount options are supported: ++ ++ hidepid= Set /proc// access mode. ++ gid= Set the group authorized to learn processes information. ++ ++hidepid=0 means classic mode - everybody may access all /proc// directories ++(default). ++ ++hidepid=1 means users may not access any /proc// directories but their ++own. Sensitive files like cmdline, sched*, status are now protected against ++other users. This makes it impossible to learn whether any user runs ++specific program (given the program doesn't reveal itself by its behaviour). ++As an additional bonus, as /proc//cmdline is unaccessible for other users, ++poorly written programs passing sensitive information via program arguments are ++now protected against local eavesdroppers. ++ ++hidepid=2 means hidepid=1 plus all /proc// will be fully invisible to other ++users. It doesn't mean that it hides a fact whether a process with a specific ++pid value exists (it can be learned by other means, e.g. by "kill -0 $PID"), ++but it hides process' uid and gid, which may be learned by stat()'ing ++/proc// otherwise. It greatly complicates an intruder's task of gathering ++information about running processes, whether some daemon runs with elevated ++privileges, whether other user runs some sensitive program, whether other users ++run any program at all, etc. ++ ++gid= defines a group authorized to learn processes information otherwise ++prohibited by hidepid=. If you use some daemon like identd which needs to learn ++information about processes information, just add identd to this group. +--- a/fs/proc/base.c ++++ b/fs/proc/base.c +@@ -574,6 +574,50 @@ + return 0; + } + ++/* ++ * May current process learn task's sched/cmdline info (for hide_pid_min=1) ++ * or euid/egid (for hide_pid_min=2)? ++ */ ++static bool has_pid_permissions(struct pid_namespace *pid, ++ struct task_struct *task, ++ int hide_pid_min) ++{ ++ if (pid->hide_pid < hide_pid_min) ++ return true; ++ if (in_group_p(pid->pid_gid)) ++ return true; ++ return ptrace_may_access(task, PTRACE_MODE_READ); ++} ++ ++ ++static int proc_pid_permission(struct inode *inode, int mask) ++{ ++ struct pid_namespace *pid = inode->i_sb->s_fs_info; ++ struct task_struct *task; ++ bool has_perms; ++ ++ task = get_proc_task(inode); ++ has_perms = has_pid_permissions(pid, task, 1); ++ put_task_struct(task); ++ ++ if (!has_perms) { ++ if (pid->hide_pid == 2) { ++ /* ++ * Let's make getdents(), stat(), and open() ++ * consistent with each other. If a process ++ * may not stat() a file, it shouldn't be seen ++ * in procfs at all. ++ */ ++ return -ENOENT; ++ } ++ ++ return -EPERM; ++ } ++ return generic_permission(inode, mask); ++} ++ ++ ++ + static const struct inode_operations proc_def_inode_operations = { + .setattr = proc_setattr, + }; +@@ -1642,6 +1686,7 @@ + struct inode *inode = dentry->d_inode; + struct task_struct *task; + const struct cred *cred; ++ struct pid_namespace *pid = dentry->d_sb->s_fs_info; + + generic_fillattr(inode, stat); + +@@ -1650,6 +1695,14 @@ + stat->gid = 0; + task = pid_task(proc_pid(inode), PIDTYPE_PID); + if (task) { ++ if (!has_pid_permissions(pid, task, 2)) { ++ rcu_read_unlock(); ++ /* ++ * This doesn't prevent learning whether PID exists, ++ * it only makes getattr() consistent with readdir(). ++ */ ++ return -ENOENT; ++ } + if ((inode->i_mode == (S_IFDIR|S_IRUGO|S_IXUGO)) || + task_dumpable(task)) { + cred = __task_cred(task); +@@ -2794,6 +2847,7 @@ + .lookup = proc_tgid_base_lookup, + .getattr = pid_getattr, + .setattr = proc_setattr, ++ .permission = proc_pid_permission, + }; + + static void proc_flush_task_mnt(struct vfsmount *mnt, pid_t pid, pid_t tgid) +@@ -2997,6 +3051,12 @@ + proc_pid_instantiate, iter.task, NULL); + } + ++static int fake_filldir(void *buf, const char *name, int namelen, ++ loff_t offset, u64 ino, unsigned d_type) ++{ ++ return 0; ++} ++ + /* for the /proc/ directory itself, after non-process stuff has been done */ + int proc_pid_readdir(struct file * filp, void * dirent, filldir_t filldir) + { +@@ -3004,6 +3064,7 @@ + struct task_struct *reaper; + struct tgid_iter iter; + struct pid_namespace *ns; ++ filldir_t __filldir; + + if (filp->f_pos >= PID_MAX_LIMIT + TGID_OFFSET) + goto out_no_task; +@@ -3025,8 +3086,13 @@ + for (iter = next_tgid(ns, iter); + iter.task; + iter.tgid += 1, iter = next_tgid(ns, iter)) { ++ if (has_pid_permissions(ns, iter.task, 2)) ++ __filldir = filldir; ++ else ++ __filldir = fake_filldir; ++ + filp->f_pos = iter.tgid + TGID_OFFSET; +- if (proc_pid_fill_cache(filp, dirent, filldir, iter) < 0) { ++ if (proc_pid_fill_cache(filp, dirent, __filldir, iter) < 0) { + put_task_struct(iter.task); + goto out; + } +@@ -3361,6 +3427,7 @@ + .lookup = proc_task_lookup, + .getattr = proc_task_getattr, + .setattr = proc_setattr, ++ .permission = proc_pid_permission, + }; + + static const struct file_operations proc_task_operations = { +--- a/fs/proc/inode.c ++++ b/fs/proc/inode.c +@@ -107,6 +107,14 @@ + + static int proc_show_options(struct seq_file *seq, struct vfsmount *vfs) + { ++ struct super_block *sb = vfs->mnt_sb; ++ struct pid_namespace *pid = sb->s_fs_info; ++ ++ if (pid->pid_gid) ++ seq_printf(seq, ",gid=%lu", (unsigned long)pid->pid_gid); ++ if (pid->hide_pid != 0) ++ seq_printf(seq, ",hidepid=%u", pid->hide_pid); ++ + return 0; + } + +--- a/fs/proc/root.c ++++ b/fs/proc/root.c +@@ -38,10 +38,12 @@ + } + + enum { +- Opt_err, ++ Opt_gid, Opt_hidepid, Opt_err, + }; + + static const match_table_t tokens = { ++ {Opt_hidepid, "hidepid=%u"}, ++ {Opt_gid, "gid=%u"}, + {Opt_err, NULL}, + }; + +@@ -49,8 +51,7 @@ + { + char *p; + substring_t args[MAX_OPT_ARGS]; +- +- pr_debug("proc: options = %s\n", options); ++ int option; + + if (!options) + return 1; +@@ -63,6 +64,20 @@ + args[0].to = args[0].from = 0; + token = match_token(p, tokens, args); + switch (token) { ++ case Opt_gid: ++ if (match_int(&args[0], &option)) ++ return 0; ++ pid->pid_gid = option; ++ break; ++ case Opt_hidepid: ++ if (match_int(&args[0], &option)) ++ return 0; ++ if (option < 0 || option > 2) { ++ pr_err("proc: hidepid value must be between 0 and 2.\n"); ++ return 0; ++ } ++ pid->hide_pid = option; ++ break; + default: + pr_err("proc: unrecognized mount option \"%s\" " + "or missing value\n", p); +--- a/include/linux/pid_namespace.h ++++ b/include/linux/pid_namespace.h +@@ -30,6 +30,8 @@ + #ifdef CONFIG_BSD_PROCESS_ACCT + struct bsd_acct_struct *bacct; + #endif ++ gid_t pid_gid; ++ int hide_pid; + }; + + extern struct pid_namespace init_pid_ns; diff --git a/debian/patches/features/all/hidepid/0003-proc-fix-null-pointer-deref-in-proc_pid_permission.patch b/debian/patches/features/all/hidepid/0003-proc-fix-null-pointer-deref-in-proc_pid_permission.patch new file mode 100644 index 000000000..6e4ecaa53 --- /dev/null +++ b/debian/patches/features/all/hidepid/0003-proc-fix-null-pointer-deref-in-proc_pid_permission.patch @@ -0,0 +1,42 @@ +From: Xiaotian Feng +Date: Thu, 12 Jan 2012 17:17:08 -0800 +Subject: proc: fix null pointer deref in proc_pid_permission() + +commit a2ef990ab5a6705a356d146dd773a3b359787497 upstream. + +get_proc_task() can fail to search the task and return NULL, +put_task_struct() will then bomb the kernel with following oops: + + BUG: unable to handle kernel NULL pointer dereference at 0000000000000010 + IP: [] proc_pid_permission+0x64/0xe0 + PGD 112075067 PUD 112814067 PMD 0 + Oops: 0002 [#1] PREEMPT SMP + +This is a regression introduced by commit 0499680a ("procfs: add hidepid= +and gid= mount options"). The kernel should return -ESRCH if +get_proc_task() failed. + +Signed-off-by: Xiaotian Feng +Cc: Al Viro +Cc: Vasiliy Kulikov +Cc: Stephen Wilson +Acked-by: David Rientjes +Signed-off-by: Andrew Morton +Signed-off-by: Linus Torvalds +--- + fs/proc/base.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/fs/proc/base.c b/fs/proc/base.c +index 8173dfd..5485a53 100644 +--- a/fs/proc/base.c ++++ b/fs/proc/base.c +@@ -654,6 +654,8 @@ static int proc_pid_permission(struct inode *inode, int mask) + bool has_perms; + + task = get_proc_task(inode); ++ if (!task) ++ return -ESRCH; + has_perms = has_pid_permissions(pid, task, 1); + put_task_struct(task); + diff --git a/debian/patches/features/all/hidepid/0004-proc-fix-mount-t-proc-o-AAA.patch b/debian/patches/features/all/hidepid/0004-proc-fix-mount-t-proc-o-AAA.patch new file mode 100644 index 000000000..da1a2f4b2 --- /dev/null +++ b/debian/patches/features/all/hidepid/0004-proc-fix-mount-t-proc-o-AAA.patch @@ -0,0 +1,49 @@ +From: Vasiliy Kulikov +Date: Thu, 5 Apr 2012 14:25:04 -0700 +Subject: proc: fix mount -t proc -o AAA + +commit 99663be772c827b8f5f594fe87eb4807be1994e5 upstream. + +The proc_parse_options() call from proc_mount() runs only once at boot +time. So on any later mount attempt, any mount options are ignored +because ->s_root is already initialized. + +As a consequence, "mount -o " will ignore the options. The +only way to change mount options is "mount -o remount,". + +To fix this, parse the mount options unconditionally. + +Signed-off-by: Vasiliy Kulikov +Reported-by: Arkadiusz Miskiewicz +Tested-by: Arkadiusz Miskiewicz +Cc: Alexey Dobriyan +Cc: Al Viro +Cc: Valdis Kletnieks +Signed-off-by: Andrew Morton +Signed-off-by: Linus Torvalds +--- + fs/proc/root.c | 9 +++++---- + 1 file changed, 5 insertions(+), 4 deletions(-) + +diff --git a/fs/proc/root.c b/fs/proc/root.c +index 46a15d8..eed44bf 100644 +--- a/fs/proc/root.c ++++ b/fs/proc/root.c +@@ -115,12 +115,13 @@ static struct dentry *proc_mount(struct file_system_type *fs_type, + if (IS_ERR(sb)) + return ERR_CAST(sb); + ++ if (!proc_parse_options(options, ns)) { ++ deactivate_locked_super(sb); ++ return ERR_PTR(-EINVAL); ++ } ++ + if (!sb->s_root) { + sb->s_flags = flags; +- if (!proc_parse_options(options, ns)) { +- deactivate_locked_super(sb); +- return ERR_PTR(-EINVAL); +- } + err = proc_fill_super(sb); + if (err) { + deactivate_locked_super(sb); diff --git a/debian/patches/features/all/rt/check-series b/debian/patches/features/all/rt/check-series index 3d68e54cf..a25c5292f 100755 --- a/debian/patches/features/all/rt/check-series +++ b/debian/patches/features/all/rt/check-series @@ -1,16 +1,13 @@ #! /bin/sh -debian_series="$(mktemp)" +debian_series=debian/patches/series-rt rt_series="$(mktemp)" -trap 'rm "$debian_series" "$rt_series"' INT QUIT EXIT - -# Pick all featureset=rt patches -grep "featureset=rt$" debian/patches/series/base-extra > "$debian_series" +trap 'rm "$rt_series"' INT QUIT EXIT # Remove comments and empty lines. Drop localversion patch as uname version # shouldn't be touched. Reformat to match series format. -sed -r -e 's/ *#.*//; /^$/d; /^....-(localversion\.patch|Linux-.*-REBASE)\.patch$/d; s,.*,+ features/all/rt/& featureset=rt,' "debian/patches/features/all/rt/series" > "$rt_series" +sed -r -e 's/ *#.*//; /^$/d; /^....-(localversion\.patch|Linux-.*-REBASE)\.patch$/d; s,.*,features/all/rt/&,' "debian/patches/features/all/rt/series" > "$rt_series" # removed lines are OK if the rt patch contains fixes that are applied on # featureset=none kernels, too. diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 000000000..89e7ec70c --- /dev/null +++ b/debian/patches/series @@ -0,0 +1,100 @@ +debian/version.patch +debian/kernelvariables.patch +debian/doc-build-parallel.patch + +features/all/drivers-media-dvb-usb-af9005-request_firmware.patch + +features/all/sound-pci-cs46xx-request_firmware.patch + +# Patches and source files from aufs3 repository, imported with +# debian/patches/features/all/aufs3/gen-patch. +features/all/aufs3/aufs3-base.patch +features/all/aufs3/aufs3-standalone.patch +features/all/aufs3/aufs3-kbuild.patch +features/all/aufs3/aufs3-add.patch +# mark as staging/crap +features/all/aufs3/mark-as-staging.patch +# fix added exports from security/device_cgroup.c +features/all/aufs3/aufs3-fix-export-__devcgroup_inode_permission.patch + +bugfix/ia64/hardcode-arch-script-output.patch +bugfix/mips/disable-advansys.patch +bugfix/arm/disable-scsi_acard.patch +debian/mips-disable-werror.patch +bugfix/powerpc/lpar-console.patch + +debian/sysrq-mask.patch + +debian/arch-sh4-fix-uimage-build.patch + +debian/af_802154-Disable-auto-loading-as-mitigation-against.patch +debian/rds-Disable-auto-loading-as-mitigation-against-local.patch +debian/decnet-Disable-auto-loading-as-mitigation-against-lo.patch + +bugfix/all/dm-Deal-with-merge_bvec_fn-in-component-devices-bett.patch +features/all/Kbuild-kconfig-Verbose-version-of-listnewconfig.patch + +debian/sched-autogroup-disabled.patch +#+ bugfix/all/rt2800-disable-powersaving-as-default.patch +features/all/cgroups-Allow-memory-cgroup-support-to-be-included-b.patch +debian/cgroups-Document-the-Debian-memory-resource-controll.patch +bugfix/ia64/nouveau-ACPI-support-is-dependent-on-X86.patch +bugfix/arm/ixp4xx_iobe.patch +debian/x86-memtest-WARN-if-bad-RAM-found.patch +bugfix/alpha/alpha-add-io-read-write-16-32-be-functions.patch + +features/all/fs-symlink-restrictions-on-sticky-directories.patch +features/all/fs-symlink-restrictions-on-sticky-directories-fix-2.patch +features/all/fs-hardlink-creation-restrictions.patch +features/all/fs-hardlink-creation-restrictions-fix.patch +features/all/fs-hardlink-creation-restriction-cleanup.patch + +# Update wacom driver to 3.5ish +features/all/wacom/0020-Input-wacom-add-basic-Intuos5-support.patch +features/all/wacom/0021-Input-wacom-add-Intuos5-Touch-Ring-ExpressKey-suppor.patch +features/all/wacom/0022-Input-wacom-add-Intuos5-Touch-Ring-LED-support.patch +features/all/wacom/0023-Input-wacom-add-Intuos5-multitouch-sensor-support.patch +features/all/wacom/0024-Input-wacom-retrieve-maximum-number-of-touch-points.patch +features/all/wacom/0025-Input-wacom-add-0xE5-MT-device-support.patch +features/all/wacom/0026-Input-wacom-return-proper-error-if-usb_get_extra_des.patch + +# Update be2net driver to 3.5ish +features/all/be2net/0043-be2net-fix-ethtool-get-settings.patch +features/all/be2net/0044-be2net-Fix-VLAN-multicast-packet-reception.patch +features/all/be2net/0045-be2net-Fix-FW-download-in-Lancer.patch +features/all/be2net/0046-be2net-Fix-ethtool-self-test-for-Lancer.patch +features/all/be2net/0047-be2net-Fix-traffic-stall-INTx-mode.patch +features/all/be2net/0048-be2net-Fix-Lancer-statistics.patch +features/all/be2net/0049-be2net-Fix-wrong-status-getting-returned-for-MCC-com.patch +features/all/be2net/0050-be2net-Fix-FW-download-for-BE.patch +features/all/be2net/0051-be2net-Ignore-status-of-some-ioctls-during-driver-lo.patch +features/all/be2net/0052-be2net-fix-speed-displayed-by-ethtool-on-certain-SKU.patch +features/all/be2net/0053-be2net-update-the-driver-version.patch +features/all/be2net/0054-be2net-Fix-to-not-set-link-speed-for-disabled-functi.patch +features/all/be2net/0055-be2net-Fix-to-apply-duplex-value-as-unknown-when-lin.patch +features/all/be2net/0056-be2net-Record-receive-queue-index-in-skb-to-aid-RPS.patch +features/all/be2net/0057-be2net-Fix-EEH-error-reset-before-a-flash-dump-compl.patch +features/all/be2net/0058-be2net-avoid-disabling-sriov-while-VFs-are-assigned.patch + +# Add CoDel from 3.5, and prerequisites +features/all/codel/0001-codel-Controlled-Delay-AQM.patch +features/all/codel/0002-codel-use-Newton-method-instead-of-sqrt-and-divides.patch +features/all/codel/0003-fq_codel-Fair-Queue-Codel-AQM.patch +features/all/codel/0004-net-codel-Add-missing-include-linux-prefetch.h.patch +features/all/codel/0005-net-codel-fix-build-errors.patch +features/all/codel/0006-codel-use-u16-field-instead-of-31bits-for-rec_inv_sq.patch +features/all/codel/0007-fq_codel-should-use-qdisc-backlog-as-threshold.patch + +bugfix/x86/mm-pmd_read_atomic-fix-32bit-pae-pmd-walk-vs-pmd_populate-smp-race.patch +bugfix/x86/thp-avoid-atomic64_read-in-pmd_read_atomic-for-32bit-pae.patch + +bugfix/ia64/IA64-Export-asm-cmpxchg.h-to-userland.patch +bugfix/all/net-sock-validate-data_len-before-allocating-skb-in-.patch + +bugfix/all/macvtap-zerocopy-fix-offset-calculation-when-buildin.patch +bugfix/all/macvtap-zerocopy-fix-truesize-underestimation.patch +bugfix/all/macvtap-zerocopy-put-page-when-fail-to-get-all-reque.patch +bugfix/all/macvtap-zerocopy-set-SKBTX_DEV_ZEROCOPY-only-when-sk.patch +bugfix/all/macvtap-zerocopy-validate-vectors-before-building-sk.patch + +bugfix/all/KVM-Fix-buffer-overflow-in-kvm_set_irq.patch diff --git a/debian/patches/series-all b/debian/patches/series-all deleted file mode 100644 index 29a5b0689..000000000 --- a/debian/patches/series-all +++ /dev/null @@ -1,90 +0,0 @@ -+ debian/version.patch -+ debian/kernelvariables.patch -+ debian/doc-build-parallel.patch - -+ features/all/drivers-media-dvb-usb-af9005-request_firmware.patch - -+ features/all/sound-pci-cs46xx-request_firmware.patch - -# Patches and source files from aufs3 repository, imported with -# debian/patches/features/all/aufs3/gen-patch. -+ features/all/aufs3/aufs3-base.patch -+ features/all/aufs3/aufs3-standalone.patch -+ features/all/aufs3/aufs3-kbuild.patch -+ features/all/aufs3/aufs3-add.patch -# mark as staging/crap -+ features/all/aufs3/mark-as-staging.patch -# fix added exports from security/device_cgroup.c -+ features/all/aufs3/aufs3-fix-export-__devcgroup_inode_permission.patch - -+ bugfix/ia64/hardcode-arch-script-output.patch -+ bugfix/mips/disable-advansys.patch -+ bugfix/arm/disable-scsi_acard.patch -+ debian/mips-disable-werror.patch -+ bugfix/powerpc/lpar-console.patch - -+ debian/sysrq-mask.patch - -+ debian/arch-sh4-fix-uimage-build.patch - -+ debian/af_802154-Disable-auto-loading-as-mitigation-against.patch -+ debian/rds-Disable-auto-loading-as-mitigation-against-local.patch -+ debian/decnet-Disable-auto-loading-as-mitigation-against-lo.patch - -+ bugfix/all/dm-Deal-with-merge_bvec_fn-in-component-devices-bett.patch -+ features/all/Kbuild-kconfig-Verbose-version-of-listnewconfig.patch - -+ debian/sched-autogroup-disabled.patch -#+ bugfix/all/rt2800-disable-powersaving-as-default.patch -+ features/all/cgroups-Allow-memory-cgroup-support-to-be-included-b.patch -+ debian/cgroups-Document-the-Debian-memory-resource-controll.patch -+ bugfix/ia64/nouveau-ACPI-support-is-dependent-on-X86.patch -+ bugfix/arm/ixp4xx_iobe.patch -+ debian/x86-memtest-WARN-if-bad-RAM-found.patch -+ bugfix/alpha/alpha-add-io-read-write-16-32-be-functions.patch - -+ features/all/fs-symlink-restrictions-on-sticky-directories.patch -+ features/all/fs-symlink-restrictions-on-sticky-directories-fix-2.patch -+ features/all/fs-hardlink-creation-restrictions.patch -+ features/all/fs-hardlink-creation-restrictions-fix.patch -+ features/all/fs-hardlink-creation-restriction-cleanup.patch - -# Update wacom driver to 3.5ish -+ features/all/wacom/0020-Input-wacom-add-basic-Intuos5-support.patch -+ features/all/wacom/0021-Input-wacom-add-Intuos5-Touch-Ring-ExpressKey-suppor.patch -+ features/all/wacom/0022-Input-wacom-add-Intuos5-Touch-Ring-LED-support.patch -+ features/all/wacom/0023-Input-wacom-add-Intuos5-multitouch-sensor-support.patch -+ features/all/wacom/0024-Input-wacom-retrieve-maximum-number-of-touch-points.patch -+ features/all/wacom/0025-Input-wacom-add-0xE5-MT-device-support.patch -+ features/all/wacom/0026-Input-wacom-return-proper-error-if-usb_get_extra_des.patch - -# Update be2net driver to 3.5ish -+ features/all/be2net/0043-be2net-fix-ethtool-get-settings.patch -+ features/all/be2net/0044-be2net-Fix-VLAN-multicast-packet-reception.patch -+ features/all/be2net/0045-be2net-Fix-FW-download-in-Lancer.patch -+ features/all/be2net/0046-be2net-Fix-ethtool-self-test-for-Lancer.patch -+ features/all/be2net/0047-be2net-Fix-traffic-stall-INTx-mode.patch -+ features/all/be2net/0048-be2net-Fix-Lancer-statistics.patch -+ features/all/be2net/0049-be2net-Fix-wrong-status-getting-returned-for-MCC-com.patch -+ features/all/be2net/0050-be2net-Fix-FW-download-for-BE.patch -+ features/all/be2net/0051-be2net-Ignore-status-of-some-ioctls-during-driver-lo.patch -+ features/all/be2net/0052-be2net-fix-speed-displayed-by-ethtool-on-certain-SKU.patch -+ features/all/be2net/0053-be2net-update-the-driver-version.patch -+ features/all/be2net/0054-be2net-Fix-to-not-set-link-speed-for-disabled-functi.patch -+ features/all/be2net/0055-be2net-Fix-to-apply-duplex-value-as-unknown-when-lin.patch -+ features/all/be2net/0056-be2net-Record-receive-queue-index-in-skb-to-aid-RPS.patch -+ features/all/be2net/0057-be2net-Fix-EEH-error-reset-before-a-flash-dump-compl.patch -+ features/all/be2net/0058-be2net-avoid-disabling-sriov-while-VFs-are-assigned.patch - -# Add CoDel from 3.5, and prerequisites -+ features/all/codel/0001-codel-Controlled-Delay-AQM.patch -+ features/all/codel/0002-codel-use-Newton-method-instead-of-sqrt-and-divides.patch -+ features/all/codel/0003-fq_codel-Fair-Queue-Codel-AQM.patch -+ features/all/codel/0004-net-codel-Add-missing-include-linux-prefetch.h.patch -+ features/all/codel/0005-net-codel-fix-build-errors.patch -+ features/all/codel/0006-codel-use-u16-field-instead-of-31bits-for-rec_inv_sq.patch -+ features/all/codel/0007-fq_codel-should-use-qdisc-backlog-as-threshold.patch - -+ bugfix/x86/mm-pmd_read_atomic-fix-32bit-pae-pmd-walk-vs-pmd_populate-smp-race.patch - -+ bugfix/ia64/IA64-Export-asm-cmpxchg.h-to-userland.patch diff --git a/debian/patches/series-none b/debian/patches/series-none deleted file mode 100644 index fe9c2dc01..000000000 --- a/debian/patches/series-none +++ /dev/null @@ -1 +0,0 @@ -# dummy file diff --git a/debian/patches/series-rt b/debian/patches/series-rt index 5d16b62b2..8196308aa 100644 --- a/debian/patches/series-rt +++ b/debian/patches/series-rt @@ -1,253 +1,253 @@ -+ features/all/rt/re-possible-slab-deadlock-while-doing-ifenslave-1.patch -+ features/all/rt/x86-kprobes-remove-bogus-preempt-enable.patch -+ features/all/rt/tick-skew.patch -+ features/all/rt/x86-hpet-disable-msi-on-lenovo-w510.patch -+ features/all/rt/block-shorten-interrupt-disabled-regions.patch -+ features/all/rt/sched-distangle-worker-accounting-from-rq-3elock.patch -+ features/all/rt/mips-enable-interrupts-in-signal.patch -+ features/all/rt/arm-enable-interrupts-in-signal-code.patch -+ features/all/rt/seqlock-remove-unused-functions.patch -+ features/all/rt/seqlock-use-seqcount.patch -+ features/all/rt/timekeeping-split-xtime-lock.patch -+ features/all/rt/intel_idle-convert-i7300_idle_lock-to-raw-spinlock.patch -+ features/all/rt/tracing-account-for-preempt-off-in-preempt_schedule.patch -+ features/all/rt/signal-revert-ptrace-preempt-magic.patch -+ features/all/rt/arm-mark-pmu-interupt-no-thread.patch -+ features/all/rt/arm-allow-irq-threading.patch -+ features/all/rt/arm-convert-boot-lock-to-raw.patch -+ features/all/rt/arm-omap-make-wakeupgen_lock-raw.patch -+ features/all/rt/signals-do-not-wake-self.patch -+ features/all/rt/posix-timers-no-broadcast.patch -+ features/all/rt/signals-allow-rt-tasks-to-cache-one-sigqueue-struct.patch -+ features/all/rt/oleg-signal-rt-fix.patch -+ features/all/rt/generic-cmpxchg-use-raw-local-irq.patch -+ features/all/rt/drivers-random-reduce-preempt-disabled-region.patch -+ features/all/rt/arm-at91-pit-remove-irq-handler-when-clock-is-unused.patch -+ features/all/rt/clocksource-tclib-allow-higher-clockrates.patch -+ features/all/rt/drivers-net-tulip-add-missing-pci-disable.patch -+ features/all/rt/drivers-net-8139-disable-irq-nosync.patch -+ features/all/rt/drivers-net-ehea-mark-rx-irq-no-thread.patch -+ features/all/rt/drivers-net-at91-make-mdio-protection-rt-safe.patch -+ features/all/rt/mm-prepare-pf-disable-discoupling.patch -+ features/all/rt/arch-use-pagefault-disabled.patch -+ features/all/rt/peter_zijlstra-frob-pagefault_disable.patch -+ features/all/rt/peterz-raw_pagefault_disable.patch -+ features/all/rt/filemap-fix-up.patch -+ features/all/rt/mm-remove-preempt-count-from-pf.patch -+ features/all/rt/x86-highmem-warn.patch -+ features/all/rt/suspend-prevernt-might-sleep-splats.patch -+ features/all/rt/of-fixup-recursive-locking.patch -+ features/all/rt/of-convert-devtree-lock.patch -+ features/all/rt/list-add-list-last-entry.patch -+ features/all/rt/mm-page-alloc-use-list-last-entry.patch -+ features/all/rt/mm-slab-move-debug-out.patch -+ features/all/rt/pid-h-include-atomic-h.patch -+ features/all/rt/sysctl-include-atomic-h.patch -+ features/all/rt/net-flip-lock-dep-thingy.patch -+ features/all/rt/softirq-thread-do-softirq.patch -+ features/all/rt/softirq-split-out-code.patch -+ features/all/rt/x86-io-apic-migra-no-unmask.patch -+ features/all/rt/fix-rt-int3-x86_32-3.2-rt.patch -+ features/all/rt/locking-various-init-fixes.patch -+ features/all/rt/pci-access-use-__wake_up_all_locked.patch -+ features/all/rt/latency-hist.patch -+ features/all/rt/hwlatdetect.patch -+ features/all/rt/localversion.patch -+ features/all/rt/early-printk-consolidate.patch -+ features/all/rt/printk-kill.patch -+ features/all/rt/printk-27force_early_printk-27-boot-param-to-help-with-debugging.patch -+ features/all/rt/rt-preempt-base-config.patch -+ features/all/rt/bug-rt-dependend-variants.patch -+ features/all/rt/local-irq-rt-depending-variants.patch -+ features/all/rt/preempt-nort-rt-variants.patch -+ features/all/rt/ata-disable-interrupts-if-non-rt.patch -+ features/all/rt/ide-use-nort-local-irq-variants.patch -+ features/all/rt/infiniband-mellanox-ib-use-nort-irq.patch -+ features/all/rt/inpt-gameport-use-local-irq-nort.patch -+ features/all/rt/acpi-use-local-irq-nort.patch -+ features/all/rt/user-use-local-irq-nort.patch -+ features/all/rt/resource-counters-use-localirq-nort.patch -+ features/all/rt/usb-hcd-use-local-irq-nort.patch -+ features/all/rt/tty-use-local-irq-nort.patch -+ features/all/rt/mm-scatterlist-dont-disable-irqs-on-RT.patch -+ features/all/rt/signal-fix-up-rcu-wreckage.patch -+ features/all/rt/net-wireless-warn-nort.patch -+ features/all/rt/mm-cgroup-page-bit-spinlock.patch -+ features/all/rt/fs-replace-bh_uptodate_lock-for-rt.patch -+ features/all/rt/fs-jbd-replace-bh_state-lock.patch -+ features/all/rt/genirq-nodebug-shirq.patch -+ features/all/rt/genirq-disable-random-call-on-preempt-rt.patch -+ features/all/rt/genirq-disable-irqpoll-on-rt.patch -+ features/all/rt/genirq-force-threading.patch -+ features/all/rt/drivers-net-fix-livelock-issues.patch -+ features/all/rt/drivers-net-vortex-fix-locking-issues.patch -+ features/all/rt/drivers-net-gianfar-make-rt-aware.patch -+ features/all/rt/usb-fix-mouse-problem-copying-large-data.patch -+ features/all/rt/local-var.patch -+ features/all/rt/rt-local-irq-lock.patch -+ features/all/rt/cpu-rt-variants.patch -+ features/all/rt/mm-slab-wrap-functions.patch -+ features/all/rt/rt-slab-fix-__do_drain-to-use-the-right-array-cache.patch -+ features/all/rt/mm-slab-more-lock-breaks.patch -+ features/all/rt/mm-page_alloc-rt-friendly-per-cpu-pages.patch -+ features/all/rt/mm-page_alloc-reduce-lock-sections-further.patch -+ features/all/rt/mm-page-alloc-fix.patch -+ features/all/rt/mm-convert-swap-to-percpu-locked.patch -+ features/all/rt/mm-make-vmstat-rt-aware.patch -+ features/all/rt/mm-shrink-the-page-frame-to-rt-size.patch -+ features/all/rt/re-preempt_rt_full-arm-coredump-fails-for-cpu-3e-3d-4.patch -+ features/all/rt/mm-allow-slab-rt.patch -+ features/all/rt/radix-tree-rt-aware.patch -+ features/all/rt/panic-disable-random-on-rt.patch -+ features/all/rt/ipc-make-rt-aware.patch -+ features/all/rt/ipc-mqueue-add-a-critical-section-to-avoid-a-deadlock.patch -+ features/all/rt/relay-fix-timer-madness.patch -+ features/all/rt/net-ipv4-route-use-locks-on-up-rt.patch -+ features/all/rt/workqueue-avoid-the-lock-in-cpu-dying.patch -+ features/all/rt/timers-prepare-for-full-preemption.patch -+ features/all/rt/timers-preempt-rt-support.patch -+ features/all/rt/timers-fix-timer-hotplug-on-rt.patch -+ features/all/rt/timers-mov-printk_tick-to-soft-interrupt.patch -+ features/all/rt/timer-delay-waking-softirqs-from-the-jiffy-tick.patch -+ features/all/rt/timers-avoid-the-base-null-otptimization-on-rt.patch -+ features/all/rt/rfc-printk-don-27t-call-printk_tick-in-printk_needs_cpu.patch -+ features/all/rt/hrtimers-prepare-full-preemption.patch -+ features/all/rt/hrtimer-fixup-hrtimer-callback-changes-for-preempt-r.patch -+ features/all/rt/peter_zijlstra-frob-hrtimer.patch -+ features/all/rt/hrtimer-add-missing-debug_activate-aid-was-re-announce-3-0-6-rt17.patch -+ features/all/rt/hrtimer-fix-reprogram-madness.patch -+ features/all/rt/timer-fd-avoid-live-lock.patch -+ features/all/rt/posix-timers-thread-posix-cpu-timers-on-rt.patch -+ features/all/rt/posix-timers-shorten-cpu-timers-thread.patch -+ features/all/rt/posix-timers-avoid-wakeups-when-no-timers-are-active.patch -+ features/all/rt/sched-delay-put-task.patch -+ features/all/rt/sched-limit-nr-migrate.patch -+ features/all/rt/sched-mmdrop-delayed.patch -+ features/all/rt/sched-rt-mutex-wakeup.patch -+ features/all/rt/sched-might-sleep-do-not-account-rcu-depth.patch -+ features/all/rt/sched-cond-resched.patch -+ features/all/rt/cond-resched-softirq-rt.patch -+ features/all/rt/cond-resched-lock-rt-tweak.patch -+ features/all/rt/sched-disable-ttwu-queue.patch -+ features/all/rt/sched-disable-rt-group-sched-on-rt.patch -+ features/all/rt/sched-ttwu-ensure-success-return-is-correct.patch -+ features/all/rt/stop_machine-convert-stop_machine_run-to-PREEMPT_RT.patch -+ features/all/rt/stomp-machine-mark-stomper-thread.patch -+ features/all/rt/stomp-machine-raw-lock.patch -+ features/all/rt/hotplug-light-get-online-cpus.patch -+ features/all/rt/hotplug-sync_unplug-no-27-5cn-27-in-task-name.patch -+ features/all/rt/re-migrate_disable-race-with-cpu-hotplug-3f.patch -+ features/all/rt/sched-migrate-disable.patch -+ features/all/rt/hotplug-use-migrate-disable.patch -+ features/all/rt/hotplug-call-cpu_unplug_begin-a-little-early.patch -+ features/all/rt/ftrace-migrate-disable-tracing.patch -+ features/all/rt/rt-tracing-show-padding-as-unsigned-short.patch -+ features/all/rt/migrate-disable-rt-variant.patch -+ features/all/rt/peter_zijlstra-frob-migrate_disable.patch -+ features/all/rt/peter_zijlstra-frob-migrate_disable-2.patch -+ features/all/rt/sched-rt-fix-migrate_enable-thinko.patch -+ features/all/rt/sched-teach-migrate_disable-about-atomic-contexts.patch -+ features/all/rt/rt-sched-postpone-actual-migration-disalbe-to-schedule.patch -+ features/all/rt/rt-sched-do-not-compare-cpu-masks-in-scheduler.patch -+ features/all/rt/rt-sched-have-migrate_disable-ignore-bounded-threads.patch -+ features/all/rt/sched-clear-pf-thread-bound-on-fallback-rq.patch -+ features/all/rt/ftrace-crap.patch -+ features/all/rt/rt-ring-buffer-convert-reader_lock-from-raw_spin_lock-into-spin_lock.patch -+ features/all/rt/net-netif_rx_ni-migrate-disable.patch -+ features/all/rt/softirq-sanitize-softirq-pending.patch -+ features/all/rt/lockdep-no-softirq-accounting-on-rt.patch -+ features/all/rt/mutex-no-spin-on-rt.patch -+ features/all/rt/softirq-local-lock.patch -+ features/all/rt/softirq-export-in-serving-softirq.patch -+ features/all/rt/harirq-h-define-softirq_count-as-oul-to-kill-build-warning.patch -+ features/all/rt/softirq-fix-unplug-deadlock.patch -+ features/all/rt/softirq-disable-softirq-stacks-for-rt.patch -+ features/all/rt/softirq-make-fifo.patch -+ features/all/rt/tasklet-rt-prevent-tasklets-from-going-into-infinite-spin-in-rt.patch -+ features/all/rt/irq-allow-disabling-of-softirq-processing-in-irq-thread-context.patch -+ features/all/rt/local-vars-migrate-disable.patch -+ features/all/rt/md-raid5-percpu-handling-rt-aware.patch -+ features/all/rt/rtmutex-lock-killable.patch -+ features/all/rt/rtmutex-futex-prepare-rt.patch -+ features/all/rt/futex-requeue-pi-fix.patch -+ features/all/rt/rt-mutex-add-sleeping-spinlocks-support.patch -+ features/all/rt/spinlock-types-separate-raw.patch -+ features/all/rt/rtmutex-avoid-include-hell.patch -+ features/all/rt/rt-add-rt-spinlock-to-headers.patch -+ features/all/rt/rt-add-rt-to-mutex-headers.patch -+ features/all/rt/rwsem-add-rt-variant.patch -+ features/all/rt/rt-add-rt-locks.patch -+ features/all/rt/tasklist-lock-fix-section-conflict.patch -+ features/all/rt/timer-handle-idle-trylock-in-get-next-timer-irq.patch -+ features/all/rt/rcu-force-preempt-rcu-for-rt.patch -+ features/all/rt/peter_zijlstra-frob-rcu.patch -+ features/all/rt/rcu-merge-rcu-bh-into-rcu-preempt-for-rt.patch -+ features/all/rt/rcu-fix-macro-substitution.patch -+ features/all/rt/rcu-tiny-merge-bh.patch -+ features/all/rt/patch-to-introduce-rcu-bh-qs-where-safe-from-softirq.patch -+ features/all/rt/rcu-fix-build-break.patch -+ features/all/rt/rt-rcutree-warn-fix.patch -+ features/all/rt/lglocks-rt.patch -+ features/all/rt/drivers-serial-cleanup-locking-for-rt.patch -+ features/all/rt/drivers-serial-call-flush_to_ldisc-when-the-irq-is-t.patch -+ features/all/rt/drivers-tty-fix-omap-lock-crap.patch -+ features/all/rt/rt-serial-warn-fix.patch -+ features/all/rt/fs-namespace-preemption-fix.patch -+ features/all/rt/mm-protect-activate-switch-mm.patch -+ features/all/rt/mm-protect-activate_mm-by-preempt_-disable-7cenable-_rt.patch -+ features/all/rt/fs-block-rt-support.patch -+ features/all/rt/fs-ntfs-disable-interrupt-non-rt.patch -+ features/all/rt/x86-mce-timer-hrtimer.patch -+ features/all/rt/x86-stackprot-no-random-on-rt.patch -+ features/all/rt/x86-use-gen-rwsem-spinlocks-rt.patch -+ features/all/rt/x86-disable-debug-stack.patch -+ features/all/rt/workqueue-use-get-cpu-light.patch -+ features/all/rt/epoll-use-get-cpu-light.patch -+ features/all/rt/mm-vmalloc-use-get-cpu-light.patch -+ features/all/rt/revert-workqueue-skip-nr_running-sanity-check-in-wor.patch -+ features/all/rt/workqueue-sanity.patch -+ features/all/rt/workqueue-fix-PF_THREAD_BOUND.patch -+ features/all/rt/workqueue-hotplug-fix.patch -+ features/all/rt/workqueue-more-hotplug-fallout.patch -+ features/all/rt/debugobjects-rt.patch -+ features/all/rt/jump-label-rt.patch -+ features/all/rt/skbufhead-raw-lock.patch -+ features/all/rt/perf-move-irq-work-to-softirq-in-rt.patch -+ features/all/rt/console-make-rt-friendly.patch -+ features/all/rt/fix-printk-flush-of-messages-1.patch -+ features/all/rt/power-use-generic-rwsem-on-rt.patch -+ features/all/rt/power-disable-highmem-on-rt.patch -+ features/all/rt/arm-disable-highmem-on-rt.patch -+ features/all/rt/arm-at91-tclib-default-to-tclib-timer-for-rt.patch -+ features/all/rt/mips-disable-highmem-on-rt.patch -+ features/all/rt/net-tx-action-avoid-livelock-on-rt.patch -+ features/all/rt/ping-sysrq.patch -+ features/all/rt/kgb-serial-hackaround.patch -+ features/all/rt/sysfs-realtime-entry.patch -+ features/all/rt/peter_zijlstra-re-_3_0-rt4.patch -+ features/all/rt/ipc-sem-rework-semaphore-wakeups.patch -+ features/all/rt/x86-kvm-require-const-tsc-for-rt.patch -+ features/all/rt/scsi-fcoe-rt-aware.patch -+ features/all/rt/x86-crypto-reduce-preempt-disabled-regions.patch -+ features/all/rt/dm-make-rt-aware.patch -+ features/all/rt/cpumask-disable-offstack-on-rt.patch -+ features/all/rt/seqlock-prevent-rt-starvation.patch -+ features/all/rt/rfc-timer-fix-hotplug-for-rt.patch -+ features/all/rt/rfc-futex-rt-fix-possible-lockup-when-taking-pi_lock-in-proxy-handler.patch -+ features/all/rt/rfc-ring-buffer-rt-check-for-irqs-disabled-before-grabbing-reader-lock.patch -+ features/all/rt/rfc-sched-rt-fix-wait_task_interactive-to-test-rt_spin_lock-state.patch -+ features/all/rt/rfc-lglock-rt-use-non-rt-for_each_cpu-in-rt-code.patch -+ features/all/rt/cpu-rt-make-hotplug-lock-a-sleeping-spinlock-on-rt.patch -+ features/all/rt/softirq-preempt-fix-3-re.txt -+ features/all/rt/scsi-qla2xxx-fix-bug-sleeping-function-called-from-invalid-context.patch -+ features/all/rt/upstream-net-rt-remove-preemption-disabling-in-netif_rx.patch -+ features/all/rt/rt-introduce-cpu-chill.patch -+ features/all/rt/fs-dcache-use-cpu-chill-in-trylock-loops.patch -+ features/all/rt/net-use-cpu-chill.patch -+ features/all/rt/ntp-make-ntp-lock-raw-sigh.patch -+ features/all/rt/mips-remove-smp-reserve-lock.patch -+ features/all/rt/lockdep-selftest-convert-spinlock-to-raw-spinlock.patch -+ features/all/rt/lockdep-selftest-only-do-hardirq-context-test-for-raw-spinlock.patch -+ features/all/rt/genirq-add-default-mask-cmdline-option.patch -+ features/all/rt/kconfig-disable-a-few-options-rt.patch -+ features/all/rt/kconfig-preempt-rt-full.patch +features/all/rt/re-possible-slab-deadlock-while-doing-ifenslave-1.patch +features/all/rt/x86-kprobes-remove-bogus-preempt-enable.patch +features/all/rt/tick-skew.patch +features/all/rt/x86-hpet-disable-msi-on-lenovo-w510.patch +features/all/rt/block-shorten-interrupt-disabled-regions.patch +features/all/rt/sched-distangle-worker-accounting-from-rq-3elock.patch +features/all/rt/mips-enable-interrupts-in-signal.patch +features/all/rt/arm-enable-interrupts-in-signal-code.patch +features/all/rt/seqlock-remove-unused-functions.patch +features/all/rt/seqlock-use-seqcount.patch +features/all/rt/timekeeping-split-xtime-lock.patch +features/all/rt/intel_idle-convert-i7300_idle_lock-to-raw-spinlock.patch +features/all/rt/tracing-account-for-preempt-off-in-preempt_schedule.patch +features/all/rt/signal-revert-ptrace-preempt-magic.patch +features/all/rt/arm-mark-pmu-interupt-no-thread.patch +features/all/rt/arm-allow-irq-threading.patch +features/all/rt/arm-convert-boot-lock-to-raw.patch +features/all/rt/arm-omap-make-wakeupgen_lock-raw.patch +features/all/rt/signals-do-not-wake-self.patch +features/all/rt/posix-timers-no-broadcast.patch +features/all/rt/signals-allow-rt-tasks-to-cache-one-sigqueue-struct.patch +features/all/rt/oleg-signal-rt-fix.patch +features/all/rt/generic-cmpxchg-use-raw-local-irq.patch +features/all/rt/drivers-random-reduce-preempt-disabled-region.patch +features/all/rt/arm-at91-pit-remove-irq-handler-when-clock-is-unused.patch +features/all/rt/clocksource-tclib-allow-higher-clockrates.patch +features/all/rt/drivers-net-tulip-add-missing-pci-disable.patch +features/all/rt/drivers-net-8139-disable-irq-nosync.patch +features/all/rt/drivers-net-ehea-mark-rx-irq-no-thread.patch +features/all/rt/drivers-net-at91-make-mdio-protection-rt-safe.patch +features/all/rt/mm-prepare-pf-disable-discoupling.patch +features/all/rt/arch-use-pagefault-disabled.patch +features/all/rt/peter_zijlstra-frob-pagefault_disable.patch +features/all/rt/peterz-raw_pagefault_disable.patch +features/all/rt/filemap-fix-up.patch +features/all/rt/mm-remove-preempt-count-from-pf.patch +features/all/rt/x86-highmem-warn.patch +features/all/rt/suspend-prevernt-might-sleep-splats.patch +features/all/rt/of-fixup-recursive-locking.patch +features/all/rt/of-convert-devtree-lock.patch +features/all/rt/list-add-list-last-entry.patch +features/all/rt/mm-page-alloc-use-list-last-entry.patch +features/all/rt/mm-slab-move-debug-out.patch +features/all/rt/pid-h-include-atomic-h.patch +features/all/rt/sysctl-include-atomic-h.patch +features/all/rt/net-flip-lock-dep-thingy.patch +features/all/rt/softirq-thread-do-softirq.patch +features/all/rt/softirq-split-out-code.patch +features/all/rt/x86-io-apic-migra-no-unmask.patch +features/all/rt/fix-rt-int3-x86_32-3.2-rt.patch +features/all/rt/locking-various-init-fixes.patch +features/all/rt/pci-access-use-__wake_up_all_locked.patch +features/all/rt/latency-hist.patch +features/all/rt/hwlatdetect.patch +features/all/rt/localversion.patch +features/all/rt/early-printk-consolidate.patch +features/all/rt/printk-kill.patch +features/all/rt/printk-27force_early_printk-27-boot-param-to-help-with-debugging.patch +features/all/rt/rt-preempt-base-config.patch +features/all/rt/bug-rt-dependend-variants.patch +features/all/rt/local-irq-rt-depending-variants.patch +features/all/rt/preempt-nort-rt-variants.patch +features/all/rt/ata-disable-interrupts-if-non-rt.patch +features/all/rt/ide-use-nort-local-irq-variants.patch +features/all/rt/infiniband-mellanox-ib-use-nort-irq.patch +features/all/rt/inpt-gameport-use-local-irq-nort.patch +features/all/rt/acpi-use-local-irq-nort.patch +features/all/rt/user-use-local-irq-nort.patch +features/all/rt/resource-counters-use-localirq-nort.patch +features/all/rt/usb-hcd-use-local-irq-nort.patch +features/all/rt/tty-use-local-irq-nort.patch +features/all/rt/mm-scatterlist-dont-disable-irqs-on-RT.patch +features/all/rt/signal-fix-up-rcu-wreckage.patch +features/all/rt/net-wireless-warn-nort.patch +features/all/rt/mm-cgroup-page-bit-spinlock.patch +features/all/rt/fs-replace-bh_uptodate_lock-for-rt.patch +features/all/rt/fs-jbd-replace-bh_state-lock.patch +features/all/rt/genirq-nodebug-shirq.patch +features/all/rt/genirq-disable-random-call-on-preempt-rt.patch +features/all/rt/genirq-disable-irqpoll-on-rt.patch +features/all/rt/genirq-force-threading.patch +features/all/rt/drivers-net-fix-livelock-issues.patch +features/all/rt/drivers-net-vortex-fix-locking-issues.patch +features/all/rt/drivers-net-gianfar-make-rt-aware.patch +features/all/rt/usb-fix-mouse-problem-copying-large-data.patch +features/all/rt/local-var.patch +features/all/rt/rt-local-irq-lock.patch +features/all/rt/cpu-rt-variants.patch +features/all/rt/mm-slab-wrap-functions.patch +features/all/rt/rt-slab-fix-__do_drain-to-use-the-right-array-cache.patch +features/all/rt/mm-slab-more-lock-breaks.patch +features/all/rt/mm-page_alloc-rt-friendly-per-cpu-pages.patch +features/all/rt/mm-page_alloc-reduce-lock-sections-further.patch +features/all/rt/mm-page-alloc-fix.patch +features/all/rt/mm-convert-swap-to-percpu-locked.patch +features/all/rt/mm-make-vmstat-rt-aware.patch +features/all/rt/mm-shrink-the-page-frame-to-rt-size.patch +features/all/rt/re-preempt_rt_full-arm-coredump-fails-for-cpu-3e-3d-4.patch +features/all/rt/mm-allow-slab-rt.patch +features/all/rt/radix-tree-rt-aware.patch +features/all/rt/panic-disable-random-on-rt.patch +features/all/rt/ipc-make-rt-aware.patch +features/all/rt/ipc-mqueue-add-a-critical-section-to-avoid-a-deadlock.patch +features/all/rt/relay-fix-timer-madness.patch +features/all/rt/net-ipv4-route-use-locks-on-up-rt.patch +features/all/rt/workqueue-avoid-the-lock-in-cpu-dying.patch +features/all/rt/timers-prepare-for-full-preemption.patch +features/all/rt/timers-preempt-rt-support.patch +features/all/rt/timers-fix-timer-hotplug-on-rt.patch +features/all/rt/timers-mov-printk_tick-to-soft-interrupt.patch +features/all/rt/timer-delay-waking-softirqs-from-the-jiffy-tick.patch +features/all/rt/timers-avoid-the-base-null-otptimization-on-rt.patch +features/all/rt/rfc-printk-don-27t-call-printk_tick-in-printk_needs_cpu.patch +features/all/rt/hrtimers-prepare-full-preemption.patch +features/all/rt/hrtimer-fixup-hrtimer-callback-changes-for-preempt-r.patch +features/all/rt/peter_zijlstra-frob-hrtimer.patch +features/all/rt/hrtimer-add-missing-debug_activate-aid-was-re-announce-3-0-6-rt17.patch +features/all/rt/hrtimer-fix-reprogram-madness.patch +features/all/rt/timer-fd-avoid-live-lock.patch +features/all/rt/posix-timers-thread-posix-cpu-timers-on-rt.patch +features/all/rt/posix-timers-shorten-cpu-timers-thread.patch +features/all/rt/posix-timers-avoid-wakeups-when-no-timers-are-active.patch +features/all/rt/sched-delay-put-task.patch +features/all/rt/sched-limit-nr-migrate.patch +features/all/rt/sched-mmdrop-delayed.patch +features/all/rt/sched-rt-mutex-wakeup.patch +features/all/rt/sched-might-sleep-do-not-account-rcu-depth.patch +features/all/rt/sched-cond-resched.patch +features/all/rt/cond-resched-softirq-rt.patch +features/all/rt/cond-resched-lock-rt-tweak.patch +features/all/rt/sched-disable-ttwu-queue.patch +features/all/rt/sched-disable-rt-group-sched-on-rt.patch +features/all/rt/sched-ttwu-ensure-success-return-is-correct.patch +features/all/rt/stop_machine-convert-stop_machine_run-to-PREEMPT_RT.patch +features/all/rt/stomp-machine-mark-stomper-thread.patch +features/all/rt/stomp-machine-raw-lock.patch +features/all/rt/hotplug-light-get-online-cpus.patch +features/all/rt/hotplug-sync_unplug-no-27-5cn-27-in-task-name.patch +features/all/rt/re-migrate_disable-race-with-cpu-hotplug-3f.patch +features/all/rt/sched-migrate-disable.patch +features/all/rt/hotplug-use-migrate-disable.patch +features/all/rt/hotplug-call-cpu_unplug_begin-a-little-early.patch +features/all/rt/ftrace-migrate-disable-tracing.patch +features/all/rt/rt-tracing-show-padding-as-unsigned-short.patch +features/all/rt/migrate-disable-rt-variant.patch +features/all/rt/peter_zijlstra-frob-migrate_disable.patch +features/all/rt/peter_zijlstra-frob-migrate_disable-2.patch +features/all/rt/sched-rt-fix-migrate_enable-thinko.patch +features/all/rt/sched-teach-migrate_disable-about-atomic-contexts.patch +features/all/rt/rt-sched-postpone-actual-migration-disalbe-to-schedule.patch +features/all/rt/rt-sched-do-not-compare-cpu-masks-in-scheduler.patch +features/all/rt/rt-sched-have-migrate_disable-ignore-bounded-threads.patch +features/all/rt/sched-clear-pf-thread-bound-on-fallback-rq.patch +features/all/rt/ftrace-crap.patch +features/all/rt/rt-ring-buffer-convert-reader_lock-from-raw_spin_lock-into-spin_lock.patch +features/all/rt/net-netif_rx_ni-migrate-disable.patch +features/all/rt/softirq-sanitize-softirq-pending.patch +features/all/rt/lockdep-no-softirq-accounting-on-rt.patch +features/all/rt/mutex-no-spin-on-rt.patch +features/all/rt/softirq-local-lock.patch +features/all/rt/softirq-export-in-serving-softirq.patch +features/all/rt/harirq-h-define-softirq_count-as-oul-to-kill-build-warning.patch +features/all/rt/softirq-fix-unplug-deadlock.patch +features/all/rt/softirq-disable-softirq-stacks-for-rt.patch +features/all/rt/softirq-make-fifo.patch +features/all/rt/tasklet-rt-prevent-tasklets-from-going-into-infinite-spin-in-rt.patch +features/all/rt/irq-allow-disabling-of-softirq-processing-in-irq-thread-context.patch +features/all/rt/local-vars-migrate-disable.patch +features/all/rt/md-raid5-percpu-handling-rt-aware.patch +features/all/rt/rtmutex-lock-killable.patch +features/all/rt/rtmutex-futex-prepare-rt.patch +features/all/rt/futex-requeue-pi-fix.patch +features/all/rt/rt-mutex-add-sleeping-spinlocks-support.patch +features/all/rt/spinlock-types-separate-raw.patch +features/all/rt/rtmutex-avoid-include-hell.patch +features/all/rt/rt-add-rt-spinlock-to-headers.patch +features/all/rt/rt-add-rt-to-mutex-headers.patch +features/all/rt/rwsem-add-rt-variant.patch +features/all/rt/rt-add-rt-locks.patch +features/all/rt/tasklist-lock-fix-section-conflict.patch +features/all/rt/timer-handle-idle-trylock-in-get-next-timer-irq.patch +features/all/rt/rcu-force-preempt-rcu-for-rt.patch +features/all/rt/peter_zijlstra-frob-rcu.patch +features/all/rt/rcu-merge-rcu-bh-into-rcu-preempt-for-rt.patch +features/all/rt/rcu-fix-macro-substitution.patch +features/all/rt/rcu-tiny-merge-bh.patch +features/all/rt/patch-to-introduce-rcu-bh-qs-where-safe-from-softirq.patch +features/all/rt/rcu-fix-build-break.patch +features/all/rt/rt-rcutree-warn-fix.patch +features/all/rt/lglocks-rt.patch +features/all/rt/drivers-serial-cleanup-locking-for-rt.patch +features/all/rt/drivers-serial-call-flush_to_ldisc-when-the-irq-is-t.patch +features/all/rt/drivers-tty-fix-omap-lock-crap.patch +features/all/rt/rt-serial-warn-fix.patch +features/all/rt/fs-namespace-preemption-fix.patch +features/all/rt/mm-protect-activate-switch-mm.patch +features/all/rt/mm-protect-activate_mm-by-preempt_-disable-7cenable-_rt.patch +features/all/rt/fs-block-rt-support.patch +features/all/rt/fs-ntfs-disable-interrupt-non-rt.patch +features/all/rt/x86-mce-timer-hrtimer.patch +features/all/rt/x86-stackprot-no-random-on-rt.patch +features/all/rt/x86-use-gen-rwsem-spinlocks-rt.patch +features/all/rt/x86-disable-debug-stack.patch +features/all/rt/workqueue-use-get-cpu-light.patch +features/all/rt/epoll-use-get-cpu-light.patch +features/all/rt/mm-vmalloc-use-get-cpu-light.patch +features/all/rt/revert-workqueue-skip-nr_running-sanity-check-in-wor.patch +features/all/rt/workqueue-sanity.patch +features/all/rt/workqueue-fix-PF_THREAD_BOUND.patch +features/all/rt/workqueue-hotplug-fix.patch +features/all/rt/workqueue-more-hotplug-fallout.patch +features/all/rt/debugobjects-rt.patch +features/all/rt/jump-label-rt.patch +features/all/rt/skbufhead-raw-lock.patch +features/all/rt/perf-move-irq-work-to-softirq-in-rt.patch +features/all/rt/console-make-rt-friendly.patch +features/all/rt/fix-printk-flush-of-messages-1.patch +features/all/rt/power-use-generic-rwsem-on-rt.patch +features/all/rt/power-disable-highmem-on-rt.patch +features/all/rt/arm-disable-highmem-on-rt.patch +features/all/rt/arm-at91-tclib-default-to-tclib-timer-for-rt.patch +features/all/rt/mips-disable-highmem-on-rt.patch +features/all/rt/net-tx-action-avoid-livelock-on-rt.patch +features/all/rt/ping-sysrq.patch +features/all/rt/kgb-serial-hackaround.patch +features/all/rt/sysfs-realtime-entry.patch +features/all/rt/peter_zijlstra-re-_3_0-rt4.patch +features/all/rt/ipc-sem-rework-semaphore-wakeups.patch +features/all/rt/x86-kvm-require-const-tsc-for-rt.patch +features/all/rt/scsi-fcoe-rt-aware.patch +features/all/rt/x86-crypto-reduce-preempt-disabled-regions.patch +features/all/rt/dm-make-rt-aware.patch +features/all/rt/cpumask-disable-offstack-on-rt.patch +features/all/rt/seqlock-prevent-rt-starvation.patch +features/all/rt/rfc-timer-fix-hotplug-for-rt.patch +features/all/rt/rfc-futex-rt-fix-possible-lockup-when-taking-pi_lock-in-proxy-handler.patch +features/all/rt/rfc-ring-buffer-rt-check-for-irqs-disabled-before-grabbing-reader-lock.patch +features/all/rt/rfc-sched-rt-fix-wait_task_interactive-to-test-rt_spin_lock-state.patch +features/all/rt/rfc-lglock-rt-use-non-rt-for_each_cpu-in-rt-code.patch +features/all/rt/cpu-rt-make-hotplug-lock-a-sleeping-spinlock-on-rt.patch +features/all/rt/softirq-preempt-fix-3-re.txt +features/all/rt/scsi-qla2xxx-fix-bug-sleeping-function-called-from-invalid-context.patch +features/all/rt/upstream-net-rt-remove-preemption-disabling-in-netif_rx.patch +features/all/rt/rt-introduce-cpu-chill.patch +features/all/rt/fs-dcache-use-cpu-chill-in-trylock-loops.patch +features/all/rt/net-use-cpu-chill.patch +features/all/rt/ntp-make-ntp-lock-raw-sigh.patch +features/all/rt/mips-remove-smp-reserve-lock.patch +features/all/rt/lockdep-selftest-convert-spinlock-to-raw-spinlock.patch +features/all/rt/lockdep-selftest-only-do-hardirq-context-test-for-raw-spinlock.patch +features/all/rt/genirq-add-default-mask-cmdline-option.patch +features/all/rt/kconfig-disable-a-few-options-rt.patch +features/all/rt/kconfig-preempt-rt-full.patch diff --git a/debian/rules b/debian/rules index b7996c5ef..458bc289b 100755 --- a/debian/rules +++ b/debian/rules @@ -39,18 +39,19 @@ $(STAMPS_DIR)/build-base: $(STAMPS_DIR)/setup-base @$(stamp) DIR_ORIG = ../orig/$(SOURCE)-$(VERSION_UPSTREAM) -TAR_ORIG_NAME = $(SOURCE)_$(VERSION_UPSTREAM).orig.tar.gz +TAR_ORIG_NAME = $(SOURCE)_$(VERSION_UPSTREAM).orig.tar.xz TAR_ORIG = $(firstword $(wildcard ../$(TAR_ORIG_NAME)) $(wildcard ../orig/$(TAR_ORIG_NAME))) orig: $(DIR_ORIG) - rsync --delete --exclude debian --exclude .svk --exclude .svn --link-dest=$(DIR_ORIG)/ -a $(DIR_ORIG)/ . + rsync --delete --exclude /debian --exclude .svk --exclude .svn --link-dest=$(DIR_ORIG)/ -a $(DIR_ORIG)/ . + QUILT_PATCHES='$(CURDIR)/debian/patches' quilt push --quiltrc - -a -q --fuzz=0 $(DIR_ORIG): ifeq ($(TAR_ORIG),) $(error Cannot find orig tarball $(TAR_ORIG_NAME)) else mkdir -p ../orig - tar -C ../orig -xzf $(TAR_ORIG) + tar -C ../orig -xaf $(TAR_ORIG) endif maintainerclean: diff --git a/debian/rules.real b/debian/rules.real index 18ffdcd75..7a3bb0a5a 100644 --- a/debian/rules.real +++ b/debian/rules.real @@ -60,34 +60,53 @@ source-featureset: $(STAMPS_DIR)/source_$(FEATURESET) $(BUILD_DIR)/config.$(ARCH)_$(FEATURESET)_$(FLAVOUR): $(KCONFIG) python debian/bin/kconfig.py '$@' $(KCONFIG) $(KCONFIG_OPTIONS) -$(BUILD_DIR)/linux-source-$(UPSTREAMVERSION).tar.bz2: SOURCE_DIR=$(BUILD_DIR)/source +define copy_source +mkdir -p '$(1)' +cp -al $(filter-out debian .pc .svk .svn, $(wildcard * .[^.]*)) '$(1)' +endef + $(BUILD_DIR)/linux-source-$(UPSTREAMVERSION).tar.bz2: DIR = $(BUILD_DIR)/linux-source-$(UPSTREAMVERSION) $(BUILD_DIR)/linux-source-$(UPSTREAMVERSION).tar.bz2: $(STAMPS_DIR)/source rm -rf '$@' '$(DIR)' - cp -al '$(SOURCE_DIR)' '$(DIR)' + $(call copy_source,$(DIR)) chmod -R u+rw,go=rX '$(DIR)' cd '$(BUILD_DIR)'; tar -cjf 'linux-source-$(UPSTREAMVERSION).tar.bz2' 'linux-source-$(UPSTREAMVERSION)' rm -rf '$(DIR)' +$(BUILD_DIR)/linux-patch-$(UPSTREAMVERSION)-%.patch.bz2: $(STAMPS_DIR)/source_none $(STAMPS_DIR)/source_% + set -o pipefail; \ + (cd '$(BUILD_DIR)'; \ + set +e; \ + diff -urN -p -x debian -x .pc -x .svk -x .svn source_none source_$*; \ + test $$? -eq 1) | \ + filterdiff --remove-timestamps --strip=1 --addoldprefix=a/ --addnewprefix=b/ | \ + bzip2 -c >$@ || \ + (rm -f $@; exit 1) + define patch_cmd -cd '$(DIR)'; python '$(CURDIR)/debian/bin/patch.apply' --overwrite-home='$(CURDIR)/debian/patches' +cd '$(DIR)' && QUILT_PATCHES='$(CURDIR)/debian/patches' QUILT_SERIES=series-$(1) quilt push --quiltrc - -a -q --fuzz=0 endef -$(STAMPS_DIR)/source: SOURCE_FILES = $(filter-out debian, $(wildcard * .[^.]*)) -$(STAMPS_DIR)/source: DIR = $(BUILD_DIR)/source $(STAMPS_DIR)/source: - rm -rf '$(DIR)' - mkdir -p '$(DIR)' - cp -al $(SOURCE_FILES) '$(DIR)' - $(patch_cmd) + test -d .pc + set +e; quilt unapplied --quiltrc - >/dev/null && echo 'Patch series not fully applied'; test $$? -eq 1 @$(stamp) -$(STAMPS_DIR)/source_$(FEATURESET): SOURCE_DIR=$(BUILD_DIR)/source -$(STAMPS_DIR)/source_$(FEATURESET): DIR=$(BUILD_DIR)/source_$(FEATURESET) -$(STAMPS_DIR)/source_$(FEATURESET): $(STAMPS_DIR)/source +$(STAMPS_DIR)/source_%: SOURCE_DIR=$(BUILD_DIR)/source +$(STAMPS_DIR)/source_%: DIR=$(BUILD_DIR)/source_$* +$(STAMPS_DIR)/source_%: $(STAMPS_DIR)/source + mkdir -p '$(BUILD_DIR)' rm -rf '$(DIR)' - cp -al '$(SOURCE_DIR)' '$(DIR)' - $(patch_cmd) -f $(FEATURESET) + $(call copy_source,$(DIR)) + $(call patch_cmd,$*) + @$(stamp) +.PRECIOUS: $(STAMPS_DIR)/source_% + +$(STAMPS_DIR)/source_none: DIR=$(BUILD_DIR)/source_none +$(STAMPS_DIR)/source_none: $(STAMPS_DIR)/source + mkdir -p '$(BUILD_DIR)' + rm -f '$(DIR)' + ln -s '$(CURDIR)' '$(DIR)' @$(stamp) $(STAMPS_DIR)/setup_$(ARCH)_$(FEATURESET)_$(FLAVOUR): CONFIG=$(BUILD_DIR)/config.$(ARCH)_$(FEATURESET)_$(FLAVOUR) @@ -131,13 +150,12 @@ $(STAMPS_DIR)/build_$(ARCH)_$(FEATURESET)_$(FLAVOUR)_plain-s390x-tape: python debian/bin/buildcheck.py $(DIR) $(ARCH) $(FEATURESET) $(FLAVOUR) @$(stamp) -$(STAMPS_DIR)/build-doc: SOURCE_DIR=$(BUILD_DIR)/source $(STAMPS_DIR)/build-doc: DIR=$(BUILD_DIR)/build-doc $(STAMPS_DIR)/build-doc: $(STAMPS_DIR)/source rm -rf $(DIR) - mkdir $(DIR) - +$(MAKE_CLEAN) -C $(SOURCE_DIR) O='$(CURDIR)/$(DIR)' xmldocs - +$(MAKE_CLEAN) -C $(SOURCE_DIR) O='$(CURDIR)/$(DIR)' htmldocs mandocs + mkdir -p $(DIR) + +$(MAKE_CLEAN) O='$(CURDIR)/$(DIR)' xmldocs + +$(MAKE_CLEAN) O='$(CURDIR)/$(DIR)' htmldocs mandocs @$(stamp) install-base: @@ -159,14 +177,13 @@ install-dummy: install-doc: PACKAGE_NAME = linux-doc-$(VERSION) install-doc: DIR = $(BUILD_DIR)/build-doc -install-doc: SOURCE_DIR = $(BUILD_DIR)/source install-doc: PACKAGE_DIR = debian/$(PACKAGE_NAME) install-doc: OUT_DIR = $(PACKAGE_DIR)/usr/share/doc/$(PACKAGE_NAME) install-doc: DH_OPTIONS = -p$(PACKAGE_NAME) install-doc: $(STAMPS_DIR)/build-doc dh_prep mkdir -p $(OUT_DIR) - cp -a $(addprefix $(SOURCE_DIR)/, CREDITS MAINTAINERS README REPORTING-BUGS Documentation) $(OUT_DIR) + cp -a CREDITS MAINTAINERS README REPORTING-BUGS Documentation $(OUT_DIR) rm -rf $(OUT_DIR)/Documentation/DocBook cd $(DIR)/Documentation/DocBook; \ find * -name '*.html' -print \ @@ -273,7 +290,6 @@ install-headers_$(ARCH)_$(FEATURESET)_$(FLAVOUR): $(STAMPS_DIR)/build_$(ARCH)_$( install-libc-dev_$(ARCH): PACKAGE_NAME = linux-libc-dev install-libc-dev_$(ARCH): DH_OPTIONS = -p$(PACKAGE_NAME) -install-libc-dev_$(ARCH): SOURCE_DIR = $(BUILD_DIR)/source install-libc-dev_$(ARCH): DIR = $(BUILD_DIR)/build-libc-dev install-libc-dev_$(ARCH): OUT_DIR = debian/$(PACKAGE_NAME)/usr install-libc-dev_$(ARCH): @@ -281,9 +297,9 @@ install-libc-dev_$(ARCH): dh_testroot dh_prep rm -rf '$(DIR)' - mkdir $(DIR) - +$(MAKE_CLEAN) -C $(SOURCE_DIR) O='$(CURDIR)/$(DIR)' headers_check ARCH=$(KERNEL_ARCH) - +$(MAKE_CLEAN) -C $(SOURCE_DIR) O='$(CURDIR)/$(DIR)' headers_install ARCH=$(KERNEL_ARCH) INSTALL_HDR_PATH='$(CURDIR)'/$(OUT_DIR) + mkdir -p $(DIR) + +$(MAKE_CLEAN) O='$(CURDIR)/$(DIR)' headers_check ARCH=$(KERNEL_ARCH) + +$(MAKE_CLEAN) O='$(CURDIR)/$(DIR)' headers_install ARCH=$(KERNEL_ARCH) INSTALL_HDR_PATH='$(CURDIR)'/$(OUT_DIR) rm -rf $(OUT_DIR)/include/drm $(OUT_DIR)/include/scsi find $(OUT_DIR)/include \( -name .install -o -name ..install.cmd \) -execdir rm {} + @@ -470,10 +486,10 @@ install-udeb_$(ARCH): dh_builddeb install-source: DH_OPTIONS = -plinux-source-$(VERSION) -install-source: $(BUILD_DIR)/linux-source-$(UPSTREAMVERSION).tar.bz2 +install-source: $(BUILD_DIR)/linux-source-$(UPSTREAMVERSION).tar.bz2 $(foreach FEATURESET,$(filter-out none,$(ALL_FEATURESETS)),$(BUILD_DIR)/linux-patch-$(UPSTREAMVERSION)-$(FEATURESET).patch.bz2) dh_testdir dh_testroot - dh_install '$<' /usr/src + dh_install '$^' /usr/src +$(MAKE_SELF) install-base # vim: filetype=make diff --git a/debian/source/format b/debian/source/format index b9b023757..c3d9f2407 100644 --- a/debian/source/format +++ b/debian/source/format @@ -1,2 +1,2 @@ -1.0 +3.0 (quilt) diff --git a/debian/source/local-options b/debian/source/local-options new file mode 100644 index 000000000..2ee6f0fa1 --- /dev/null +++ b/debian/source/local-options @@ -0,0 +1 @@ +abort-on-upstream-changes diff --git a/debian/source/options b/debian/source/options new file mode 100644 index 000000000..b7bc1f2b7 --- /dev/null +++ b/debian/source/options @@ -0,0 +1 @@ +compression = "xz" diff --git a/debian/templates/control.source.in b/debian/templates/control.source.in index d854fcbef..e1161eedf 100644 --- a/debian/templates/control.source.in +++ b/debian/templates/control.source.in @@ -3,7 +3,7 @@ Priority: optional Maintainer: Debian Kernel Team Uploaders: Bastian Blank , Frederik Schüler , maximilian attems , Ben Hutchings Standards-Version: 3.9.2 -Build-Depends: debhelper (>> 7), cpio, kmod | module-init-tools, python (>= 2.6.6-3~), lzma [armel], kernel-wedge (>= 2.83) +Build-Depends: debhelper (>> 7), cpio, kmod | module-init-tools, python (>= 2.6.6-3~), lzma [armel], kernel-wedge (>= 2.84), quilt, patchutils Build-Depends-Indep: bzip2, xmlto Vcs-Svn: svn://svn.debian.org/svn/kernel/dists/trunk/linux/ Vcs-Browser: http://anonscm.debian.org/viewvc/kernel/dists/trunk/linux/