8a81df4df4
debian/changelog: Note a change in 4.19.90-rt35
2020-01-19 00:44:23 +00:00
c0c469a1c6
debian/changelog: Qualify one model-specific quirk as x86-only
2020-01-19 00:34:01 +00:00
f4e9452435
[rt] Refresh 0199-net-move-xmit_recursion-to-per-task-variable-on-RT.patch (Context changes in 4.19.97)
2020-01-18 00:12:10 +01:00
69b7fea362
Cleanup debian/changelog file
2020-01-18 00:12:10 +01:00
c5a2f98b24
Add CVE id reference for CVE-2019-9445
2020-01-18 00:12:10 +01:00
404a161757
Add CVE id reference for CVE-2019-5108
2020-01-18 00:12:10 +01:00
8c48c6e453
Add CVE id reference for CVE-2019-20096
2020-01-18 00:12:10 +01:00
59d80dc0bc
Add CVE id reference for CVE-2019-19927
2020-01-18 00:12:10 +01:00
1dc42110a2
Add CVE id reference for CVE-2019-19077
2020-01-18 00:12:10 +01:00
a6e91788f5
Add CVE id reference for CVE-2019-19059
2020-01-18 00:12:10 +01:00
665007de06
Add CVE id reference for CVE-2019-19058
2020-01-18 00:12:10 +01:00
c8123e56d0
Add CVE id reference for CVE-2019-15217
2020-01-18 00:12:10 +01:00
cfe78f7064
Update to 4.19.97
2020-01-17 22:55:38 +01:00
477e55f8cd
Cleanup debian/changelog file
2020-01-17 15:04:15 +01:00
aa9f65ee62
Add CVE id reference for CVE-2019-19078
2020-01-15 00:03:28 +01:00
6ea5b99739
Add CVE id reference for CVE-2019-19068
2020-01-15 00:02:59 +01:00
6ef11c971e
Add CVE id reference for CVE-2019-19066
2020-01-15 00:02:31 +01:00
c79d5ca882
Add CVE id reference for CVE-2019-19056
2020-01-15 00:02:03 +01:00
1f119ff788
Add CVE id reference for CVE-2019-14895
2020-01-15 00:01:27 +01:00
17a488f946
Add CVE id reference for CVE-2019-14615
2020-01-15 00:00:37 +01:00
8fec41528b
Update to 4.19.96
2020-01-14 23:59:05 +01:00
217a44f064
Cleanup debian/changelog file
2020-01-14 23:58:22 +01:00
1f1923e171
Add CVE id reference for CVE-2019-14901
2020-01-14 23:25:37 +01:00
e5cc95a17c
Update to 4.19.95
2020-01-14 23:23:37 +01:00
febedce575
Cleanup debian/changelog file
2020-01-14 21:01:16 +01:00
b8f39ed155
Add CVE id reference for CVE-2019-19965
2020-01-14 21:01:16 +01:00
a5bf767a34
Add CVE id reference for CVE-2019-18809
2020-01-14 21:01:16 +01:00
4a8ae7c9d5
Update to 4.19.94
2020-01-14 21:01:16 +01:00
5510778373
Drop changelog entries for "powerpc/vcpu: Assume dedicated processors as non-preempt"
...
Gbp-Dch: Ignore
2020-01-14 21:01:16 +01:00
8c12894795
Cleanup debian/changelog file
2020-01-14 21:01:16 +01:00
f96fb9cfd5
[rt] Refresh 0253-watchdog-prevent-deferral-of-watchdogd-wakeup-on-RT.patch (Context changes in 4.19.93)
2020-01-14 21:01:16 +01:00
be9871ff2f
Refresh 0013-scsi-hisi_sas-Relocate-some-codes-to-avoid-an-unused.patch for context changes in 4.19.93.
2020-01-14 21:01:16 +01:00
6ea3bab2b2
Add CVE id reference for CVE-2019-10220
2020-01-14 21:01:16 +01:00
df1b718c9a
Update to 4.19.93
2020-01-14 21:01:16 +01:00
5b421326ca
[rt] Drop 0245-Revert-arm64-preempt-Fix-big-endian-when-checking-pr.patch
2020-01-14 21:01:16 +01:00
414985d41e
[rt] Drop 0013-x86-ioapic-Don-t-let-setaffinity-unmask-threaded-EOI.patch
...
One part of the patch correspond to df4393424af3 ("x86/ioapic: Prevent
inconsistent state when moving an interrupt") in 5.5-rc1 and which got
backported to 4.19.92.
The other is corresponding to 2579a4eefc04 ("x86/ioapic: Rename misnamed
functions") in 5.5-rc1.
2020-01-14 21:01:16 +01:00
88a4ba5bd0
[rt] Update to 4.19.90-rt35
2020-01-14 21:01:16 +01:00
60f99617aa
Cleanup debian/changelog file
2020-01-14 21:01:16 +01:00
903ee592c4
Add CVE id reference for CVE-2019-19947
2020-01-14 21:01:15 +01:00
ab30739ce0
Add CVE id reference for CVE-2019-19063
2020-01-14 21:01:15 +01:00
476e9daab6
Add CVE id reference for CVE-2019-19057
2020-01-14 21:01:15 +01:00
8c66e4c662
Add CVE id reference for CVE-2019-19037
2020-01-14 21:01:15 +01:00
d862bf8e49
Add CVE id reference for CVE-2019-18786
2020-01-14 21:01:15 +01:00
3ecef40306
Update to 4.19.92
2020-01-14 21:01:15 +01:00
5cd34a2914
Add CVE id reference for CVE-2019-19447
2020-01-14 21:01:15 +01:00
02a0b3eb56
Update to 4.19.91
...
* Drop/refresh patches as appropriate
* Several ABI changes still need to be resolved
2019-12-28 01:36:27 +00:00
a13b44e33a
debian/changelog: Clean up changes in 4.19.88 some more
2019-12-27 23:24:36 +00:00
947fbc6618
mips: enable O32_FP64 and MSA
...
CONFIG_MIPS_O32_FP64_SUPPORT is required to support MSA for O32.
It requires CPU >= mips32r1. It is OK for us: currently our
baseline is mips32r2/mips64r2.
Malta can use different CPUs, some of them may support MSA.
Loongson 3A/B 4000 will support MSA.
The only CPU currently we support has no MSA is octeon.
Commit-ID in master: b1d08a0cffbe181cbb94e3fc72a91c2e8a8a38e7
2019-12-27 17:34:42 +08:00
79505b154a
Cleanup debian/changelog file
2019-12-17 17:21:27 +01:00
5d3c55e949
Add CVE id reference for CVE-2019-12614
2019-12-17 17:16:43 +01:00
b4817400ed
Add CVE id reference for CVE-2019-19767
2019-12-17 17:15:13 +01:00
96a8136906
[rt] Refresh 0199-net-move-xmit_recursion-to-per-task-variable-on-RT.patch (Context changes in 4.19.88)
2019-12-17 16:56:40 +01:00
60468edbdf
Drop 0028-RDMA-hns-Bugfix-for-the-scene-without-receiver-queue.patch
2019-12-17 16:56:40 +01:00
9d10b57769
Drop 0027-RDMA-hns-Fix-the-bug-with-updating-rq-head-pointer-w.patch
2019-12-17 16:56:40 +01:00
b9568ec214
Refresh powerpc-fix-mcpu-options-for-spe-only-compiler.patch (Context changes in 4.19.88)
2019-12-17 16:56:40 +01:00
f73fafb39e
Revert "arm64: preempt: Fix big-endian when checking preempt count in assembly"
2019-12-17 16:56:40 +01:00
278eae7330
Update to 4.19.88
2019-12-14 22:00:25 +01:00
873d71775d
[buster] [cloud-amd64] tpm: Enable TPM drivers for Cloud ( Closes : #946237 )
...
The bug has most of the context for this fix. Basically, the cloud image
disables TPM drives, and we want to reenable them.
I added the virt and hardware-agnostic drivers (TIS/CRB/XEN/VTPM), and
I explictly didn't add the hardware-specific drivers. I also didn't
bother with CONFIG_HW_RANDOM_TPM as we already set
CONFIG_RANDOM_TRUST_CPU=y which handles any early-boot RNG issues.
Signed-off-by: Joe Richey <joerichey@google.com>
2019-12-06 00:39:32 -08:00
80865194b5
Prepare to release linux (4.19.87-1).
2019-12-03 06:58:41 +01:00
f9c7775f72
Add CVE id reference for CVE-2019-18683
2019-12-01 17:23:58 +01:00
34cf1b0258
Add CVE id reference for CVE-2019-18660
2019-12-01 17:23:29 +01:00
1a33bc2ef8
Update to 4.19.87
...
Drop "net: ena: Fix Kconfig dependency on X86" applied upstream
Drop "scsi: hisi_sas: Feed back linkrate(max/min) when re-attached" applied upstream
Drop "scsi: hisi_sas: Fix the race between IO completion and timeout for SMP/internal IO" applied upstream
Drop "scsi: hisi_sas: Free slot later in slot_complete_vx_hw()" applied upstream
Drop "scsi: hisi_sas: Fix NULL pointer dereference" applied upstream
[rt] Refresh 0057-printk-Add-a-printk-kill-switch.patch (context changes in 4.19.87)
[rt] Refresh 0207-printk-Make-rt-aware.patch (context changes in 4.19.87)
Cleanup debian/changelog file
2019-12-01 17:19:47 +01:00
c5c04abfa4
Update to 4.19.86
...
[rt] Refresh 0025-NFSv4-replace-seqcount_t-with-a-seqlock_t.patch (context changes in 4.19.86)
[rt] Refresh 0202-net-Qdisc-use-a-seqlock-instead-seqcount.patch (context changes in 4.19.86)
Cleanup debian/changelog file
2019-12-01 15:02:01 +01:00
f78694b110
debian/changelog: wrap long 4.85 changelog entries
2019-12-01 13:43:12 +01:00
5ba5b367b7
Update to 4.19.85
...
Drop introduce is_pae_paging applied upstream
Cleanup debian/changelog file
2019-12-01 13:29:09 +01:00
b62aac68b4
[rt] Refresh 0011-sched-fair-Robustify-CFS-bandwidth-timer-locking.patch (context changes in 4.19.84)
2019-12-01 10:55:02 +01:00
ea17f6edde
Update to 4.19.84
...
Drop TAA patches applied upstream
Drop ITLB_MULTIHIT patches applied upstream
Drop Intel i915 CVE fixes applied upstream
Add CVE id reference for CVE-2019-18813
Add CVE id reference for CVE-2019-19045
Add CVE id reference for CVE-2019-19052
Cleanup debian/changelog file
2019-12-01 10:54:59 +01:00
b69b28370c
Update to 4.19.83
...
Add CVE id reference for CVE-2019-19049
Cleanup debian/changelog file
2019-11-30 17:30:31 +01:00
1867067696
Update to 4.19.82
...
Add CVE id reference for CVE-2019-15098
Add CVE id reference for CVE-2019-17666
Add CVE id reference for CVE-2019-19048
Add CVE id reference for CVE-2019-19060
Add CVE id reference for CVE-2019-19065
Cleanup debian/changelog file
2019-11-30 14:42:27 +01:00
a84ef0f6e4
[x86] KVM: x86: introduce is_pae_paging (Regression in 4.19.77)
...
Fixes a regression in 4.19.81 while including backport of 16cfacc80857
("KVM: x86: Manually calculate reserved bits when loading PDPTRS") but
not bf03d4f93347 ("KVM: x86: introduce is_pae_paging").
2019-11-25 17:52:40 +01:00
098172cdc1
debian/changelog: Clean up list of changes from stable
...
* Delete changes that are irrelevant, were previously cherry-picked by
us, or that cancel each other out
* Add architecture/flavour/featureset-qualifications
* Add CVE IDs
* Word-wrap
2019-11-25 03:26:11 +00:00
8c4ce65f70
Drop "MIPS: tlbex: Fix build_restore_pagemask KScratch restore"
...
This was included in 4.19.81.
2019-11-25 01:09:29 +00:00
beb8c412e8
Merge branch 'buster-4.19.81' into 'buster'
...
Buster 4.19.81
See merge request kernel-team/linux!183
2019-11-25 01:06:06 +00:00
baa617cd99
[rt] Update to 4.19.82-rt30
2019-11-25 00:15:05 +00:00
0965371222
debian/bin/genpatch-rt: Fix series generation from git
2019-11-24 23:58:14 +00:00
6f6f98f0d9
Bump ABI to 7
2019-11-24 23:50:30 +00:00
fc769a9bb3
Merge branch 'bpoirier-guest/linux-buster' into buster
...
tools/perf: Add python3 support to scripts
See merge request kernel-team/linux!184
2019-11-24 19:25:28 +00:00
9397b7ea0e
[mips*] tlbex: Fix build_restore_pagemask KScratch restore.
2019-11-23 22:23:57 +01:00
016066336b
tools/perf: Add python3 support to scripts
2019-11-20 15:04:24 +09:00
c064eca42f
New upstream version 4.19.81
2019-11-19 16:03:48 -08:00
3e9a6acd20
ipv4: Return -ENETUNREACH if we can't create route but saddr is valid
...
Closes : #945023
2019-11-19 08:00:10 +01:00
014f165375
Release linux (4.19.67-2+deb10u2).
...
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAl3JkpgACgkQ57/I7JWG
EQkwVhAAwN5/oNLjJcrhJjGvLW36QIcli05GoNH1hqLNlppwFwzxFYms5f4Y0uAn
lu5wWo59jL2xqnZ0azNg7ukujVUyLuVEsBuShCBmkSWtt+3mXjKJay1lnwtEei1R
w2WnXIsAFdSocpnCq7BfQi0sGgUetPJANkkXe019x8H7DmzugisnArp4hX7e7eU5
JaRuugKTquYjPNN1mQaNS3/C6ODWRBZlTjafznZ3lTme9ku195oUAJWvyU6/AMDB
+QB9lnaWVNsWkKt3Hx0yquY6sFHYhDhxxKXdULWDwjTW4r1Ye5DKJT433gbKjhTZ
sILbbXMs2eEv9KM+NvMB96s32z+dc59q1KM3IeAKqQljsqngquqvBQtFRqJYtUCA
k4HY0wO/2EapWnYnO0z7XekjolZlK7Nj6aldysZ8f6V1q13apPraYKscQyMLTAfy
CXaUP3bsaxKZvEtlz4+x9OHIqKVrIzI8mLujcpgildz8E3bToXZCgK+CzIAFCdy+
vY1wUoP5S/DCdgvAIzyT9g2VoFae3DNRNv2DSC53FMHaD1PRwE2wf4XgXSAc4hC+
s3orsvA8PpHj7BpAa3D3JnrZbP/kAn+rFCqUha/6cs5npOUwpSs1SNdil60K130q
dS9KcnWY2Do7fp6xc0T4WCRcR6osDJp3WzTmuHpHivfuP26VwXY=
=aKic
-----END PGP SIGNATURE-----
Merge tag 'debian/4.19.67-2+deb10u2' into buster
Release linux (4.19.67-2+deb10u2).
2019-11-19 07:42:38 +01:00
c3649501d0
Prepare to release linux (4.19.67-2+deb10u2).
2019-11-11 00:30:56 +00:00
9a2df80e9d
Drop "x86/cpu: Add Tremont to the cpu vulnerability whitelist"
...
We don't have this CPU ID, and I don't see the point in adding it
right now.
2019-11-11 00:29:38 +00:00
6d8b0092bb
[x86] drm/i915/cmdparser: Fix jump whitelist clearing
...
Fix a flaw I found in the mitigation for CVE-2019-0155.
2019-11-10 22:41:41 +00:00
feec1caa94
[x86] i915: Add mitigations for two hardware security flaws
2019-11-10 02:53:32 +00:00
c2443a2e97
[x86] Update TAA and NX fixes to pending stable backports
2019-11-09 20:17:15 +00:00
be004c1b69
x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs
2019-11-08 00:14:38 +01:00
37baed7166
[x86] Update TAA (Borislav v2) and NX (v9) fixes
...
The upstream commits for these are now finalised, so we shouldn't need
to replace patches after this (but might need to add more).
2019-11-07 18:10:48 +00:00
cd92ab49c4
KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is active
2019-11-07 17:32:14 +01:00
87c48ee54f
drivers/net/ethernet/amazon: Backport ENA driver from Linux 5.4
2019-10-29 09:47:59 -07:00
02d8d0c5b0
Merge branch 'rpi3_a_plus' into 'buster'
...
[armhf, arm64] Add patches from 5.1 for enabling support for the Raspberry PI 3 A+
See merge request kernel-team/linux!134
2019-10-27 14:24:25 +00:00
dbb59eba34
[amd64/cloud-amd64] Re-enable RTC drivers
2019-10-25 23:30:18 +02:00
537ad2315a
[x86] Update TAA patch set to v7
2019-10-24 22:52:37 +01:00
96c0e74c50
[x86] Add mitigation for TSX Asynchronous Abort (CVE-2019-11135)
...
This is a backport of v6 of the TAA patch set, and will probably
require updates before release. The subject lines for these patches
didn't come through.
2019-10-20 14:51:55 +01:00
d9bd594144
[x86] KVM: Add mitigation for Machine Check Error on Page Size Change
...
(aka iTLB multi-hit, CVE-2018-12207)
This is a backport of v6 of the "NX" patch set, and will probably
require updates before release.
2019-10-20 14:46:13 +01:00
1df282987d
[armhf, arm64] Backport devicetree for enabling support for the Raspberry PI 3 A+
...
We already have everything we need inside the kernel 4.19.x for
supporting this board. backporting patches from upstream so we get
the support for buster.
2019-10-16 20:07:45 +02:00
530030f117
ixgbe: Fix secpath usage for IPsec TX offload
...
Closes : #930443
2019-10-15 22:57:58 +02:00
63680f3314
Release linux (4.19.67-2+deb10u1).
...
-----BEGIN PGP SIGNATURE-----
iQKmBAABCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl2EsyhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89ErG0QAKEp2inuWb4xyie24D6ZDbpTWi/37uWW
2E8bYiMguHGv3tJgqBKkz0YQ0BdPYcSk8Jxx9SrHNPvA6TQ8eUup17a9lrPucruj
TcLGyK+d5RG8YX+8ssyrGuC6uG+tO4oYUf4y/Tb+jYH1VOTBasUs3RF0l0bVq33e
BvGJZ4ITkkITmuPv+0/EJs5cbhxtshZ0g63Ojkq1KkcpJI9ZORhgYeOEzMca3qkN
3OkPvl2AcGE027aXQpigvPxfg0S2MpdGLf0aqmpifZbfB69G0f8QihmJ0PEaX72w
1cxFqePBV/noLq9acXOVtdWts2Ufldm8ytn7/BMu+s5utX/jQU/WVCorBWNCVN58
yYLBiLE6hatjhShKDvj20g4aiF8hHzErdlyrs+3jtkElvKvQhw/h8MDyNsvVD70H
UhQH8kdMf3VJ0y4J/PkWXKiBvQJAbUosGFz0LRJUuhoys7CQEP0CGB/iJsIbLMZ9
eRovrwxM2zJNtPFE0R80pZXsb0e2WJHsPY9Ta2OHZHaDEGP2wwnD/wvWo+zIFx9K
YJNYDsnChGwqWqIEvpf3nJVObUfQFOkpWuG3QeFRr3xAujIjOsHMjH8UGdRQMNen
8w0mGMcbnclAHZ7zk3GEHp83qsyH7tCFj37W0ZO8YHj2nMrFMc9D3RGPjvoZ//jM
gRJoAn5pdfE+
=QEEi
-----END PGP SIGNATURE-----
Merge tag 'debian/4.19.67-2+deb10u1' into buster
Release linux (4.19.67-2+deb10u1).
2019-10-15 22:48:01 +02:00
ae1a40e9a5
[armel/rpi] Enable CONFIG_BRCMFMAC_SDIO ( Closes : #940530 )
2019-09-30 16:55:52 +02:00
f13b3cd992
Prepare to release linux (4.19.67-2+deb10u1).
2019-09-20 12:51:56 +02:00
942d6ddd3f
KVM: coalesced_mmio: add bounds checking (CVE-2019-14821)
2019-09-19 17:16:06 +02:00
c0096a08f9
[x86] ptrace: fix up botched merge of spectrev1 fix (CVE-2019-15902)
2019-09-18 21:35:01 +02:00
78f0b2574a
vhost: make sure log_num < in_num (CVE-2019-14835)
2019-09-13 06:12:11 +02:00
782d6ea880
ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term
...
(CVE-2019-15118)
2019-09-12 22:40:43 +02:00
aa8fb19232
ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit
...
(CVE-2019-15117)
[carnil: Use 4.19.67-2+deb10u1 version for buster-security branch]
2019-09-12 22:40:21 +02:00
484d0b5f4b
ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term
...
(CVE-2019-15118)
2019-08-28 13:38:41 +02:00
80e547b069
ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit
...
(CVE-2019-15117)
2019-08-28 13:38:34 +02:00
ff672b98a7
Prepare to release linux (4.19.67-2).
2019-08-28 06:20:22 +02:00
e10bab8d2e
Reference assigned CVE id for CVE-2019-15538
...
Gbp-Dch: Ignore
2019-08-25 17:31:05 +02:00
a065e442e2
xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT
2019-08-24 20:51:54 +02:00
1b40f700ac
[arm64] Backport DTB support for Rasperry Pi Compute Module 3.
...
Tested-by: Charles Fendt <charles.fendt@me.com>
Signed-off-by: Cyril Brulebois <cyril@debamax.com>
(cherry picked from commit de7501857cae4892f52d8c56c2184be548709052)
2019-08-22 21:16:10 +02:00
10dd2b634c
[arm] Backport DTB support for Rasperry Pi Compute Module 3.
...
Signed-off-by: Cyril Brulebois <cyril@debamax.com>
(cherry picked from commit 64801af590540b4494f408b95a31fbe07963784d)
2019-08-22 21:16:10 +02:00
57f74f6573
netfilter: conntrack: Use consistent ct id hash calculation
...
This fixes a regression in 4.19.44.
2019-08-22 20:04:20 +01:00
00ee7f7173
[ppc64el] Avoid ABI change for disabling TM
...
Ignore removal of TM functions that are exported for use by KVM.
2019-08-22 20:03:54 +01:00
019113b013
[ppc64el] Disable PPC_TRANSACTIONAL_MEM ( Closes : #866122 )
2019-08-22 20:03:19 +01:00
7ee3696c10
KVM: Ignore ABI changes
...
We already ignored most of them, but missed some. Group together
all the KVM patterns in debian/config/defines.
2019-08-22 20:02:52 +01:00
eaab250914
Merge remote-tracking branch 'salsa/buster' into buster
...
Since I've already uploaded 4.19.67-1, open a new changelog entry for
Salvatore's change.
2019-08-21 23:39:23 +01:00
9bf2130b62
dm: disable DISCARD if the underlying storage no longer supports it
...
Closes : #934331
2019-08-21 21:41:04 +02:00
8d3b3b09b9
Add CVE id for CVE-2019-15215
2019-08-21 21:30:17 +02:00
2de12d5f21
Add CVE id for CVE-2019-15211
2019-08-21 21:29:45 +02:00
71253bf604
Add CVE id for CVE-2019-15220
2019-08-21 21:28:17 +02:00
d5720146ae
Add CVE id for CVE-2019-15221
2019-08-21 21:27:23 +02:00
37487d12f3
Add CVE id for CVE-2019-15223
2019-08-21 21:24:47 +02:00
0cde12d3b1
Add CVE id for CVE-2019-15219
2019-08-21 21:24:12 +02:00
92583c3bcb
Add CVE id for CVE-2019-15218
2019-08-21 21:23:39 +02:00
4d54b8bb16
Add CVE id for CVE-2019-15212
2019-08-21 21:22:59 +02:00
8e8dc21337
Add CVE id reference for CVE-2019-15216
2019-08-21 21:13:31 +02:00
889a9d1fb0
Prepare to release linux (4.19.67-1).
2019-08-21 17:44:57 +01:00
f79aedcfab
Bump ABI to 6
2019-08-20 01:51:35 +01:00
795d93f1ed
[rt] Update to 4.19.59-rt24
...
This mostly applied cleanly on 4.19.67. A few patches had 1 or 2
lines of fuzz which I've resolved.
2019-08-20 01:51:34 +01:00
0899b0f554
Update to 4.19.67
...
* Drop patches which have been applied to 4.19-stable
* Drop "Revert "net: stmmac: Send TSO packets always from Queue 0"" in
favour of upstream fix "net: stmmac: Re-work the queue selection for
TSO packets"
* Refresh patches that became fuzzy
2019-08-20 01:51:22 +01:00
64c3754b90
Merge branch 'buster-security' into buster
...
* Accept revert of "[sh4]: Check for kprobe trap number before trying
to handle a kprobe trap" and update debian/changelog accordingly, as
sh4 is not a release architecture
* Keep "[arm64] Improve support for the Huawei TaiShan server platform"
which was reverted on the buster-security branch
2019-08-18 19:29:59 +01:00
92fee68e15
Prepare to release linux (4.19.37-5+deb10u2).
2019-08-08 03:02:38 +01:00
95a59b0c5d
inet: Avoid ABI change for IP ID hash change
2019-08-08 03:01:19 +01:00
f02f2890aa
[x86] cpufeatures: Avoid ABI change for swapgs mitigations
...
- Move swapgs feature bits to existing scattered words
- Revert "x86/cpufeatures: Combine word 11 and 12 into a new scattered
features word"
2019-08-08 02:49:24 +01:00
07a6d57831
Add patchset for CVE-2019-1125
2019-08-07 08:34:30 +02:00
65c2005956
[powerpc/tm] Fix oops on sigreturn on systems without TM (CVE-2019-13648)
2019-08-05 19:04:21 +02:00
3b76691d24
Bluetooth: hci_uart: check for missing tty operations (CVE-2019-10207)
2019-08-05 18:57:05 +02:00
ec64cb4c87
floppy: fix div-by-zero in setup_format_params (CVE-2019-14284)
...
This retrieves the patch from the linux-4.19.y branch and refreshes the
previous one "floppy: fix out-of-bounds read in copy_buffer", because
this is firstly "floppy: fix div-by-zero in setup_format_params" that is
applied upstream, then the one regarding out-of-bounds read in copy_buffer.
The one for CVE-2019-14283 was previously refreshed because it was not
applicable directly. Now both patches are synchronized with upstream and
applied in the same order.
2019-08-05 17:56:29 +02:00
24c58d8c20
inet: switch IP ID generator to siphash (CVE-2019-10638)
2019-07-30 11:20:38 +02:00
4962cdb584
floppy: fix out-of-bounds read in copy_buffer (CVE-2019-14283)
2019-07-30 11:14:00 +02:00
b394039686
[arm64] compat: Provide definition for COMPAT_SIGMINSTKSZ ( Closes : #904385 ).
2019-07-29 22:36:47 +02:00
8da545ad5d
rtc-s35390a: backport fix to make hwclock able to read the time
2019-07-28 21:37:15 +02:00
ed5659c4e4
Merge branch 'imx6' of salsa.debian.org:ukleinek/linux into buster
2019-07-28 21:23:53 +02:00
8cb769111f
Input: gtco - bounds check collection indent level (CVE-2019-13631)
2019-07-27 13:15:59 +02:00
167ecd4ada
scsi: libsas: fix a race condition when smp task timeout (CVE-2018-20836)
2019-07-22 14:01:45 +02:00
84b1bd80aa
Revert unwanted changes for buster-security
...
We need to be based onto 4.19.37-5+deb10u1, and only include security
related topics. Things or improvements added to 4.19.37-6 (that is
already in sid) should be removed because they should not be uploaded
to buster-security accidentaly.
2019-07-22 11:44:02 +02:00
01d9fffd29
Release linux (4.19.37-5+deb10u1).
...
-----BEGIN PGP SIGNATURE-----
iQKmBAABCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl0xhh1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89E8nEP/iF7NUo1hvYNR/ueapgtpnMaHh/OeiGp
x5/4RQW9Lo+Y8djiJWr9Kh7DVT7zp2k6OOb6o2qypgpEpFGGZAf02E3kheTJMhJz
XxDHyGRflQpXDsEbPCcWCXvJjH/7puV/GWATPYo9qE/hs9rBAiFsOlOTqWSJf8Yd
rVxjRRXe9/qRcOV4OJyiuL2GbeL7eO3TqTEl1NVSNP4V1RjYFFy/CUelWAcGzUOI
tkk+NM7CEspQQhpIRkSGB+GyYMvOFNi2mkrz+mJbSUeb75uiZq3myJqHiQOKpwHe
OGJiVBD4Ce8pv3PvR9bFZwgOV2t1XTDOeyUcmh8C07SblwI6iM/vi/nWw7B9VUEH
X2EB/3/TuhKgJHtYpFZdi1mlRrt+6YYgDmbFVUyjojZhOONlVagwq2vaX0ep6yI4
FOQo4kpCG10yse4JxUS0Unv6hk7ShfLe/Kb9lOJvPSZM5dCutWTQrRO05gTyFaev
orMZou9lsXYDTzpFAICE2ZhCcySvYLqvPkkCoabiECMlJE2Ra/rsHiuQEcSNjG8E
A8EqJhElt+W8mvTkofG5yL3oguD6yg4Qf0luKOl0bEcZyBXDbK4nHtHAwcBNoR5X
zNfrikCyo7jPX3JGH3F8wYE9vc04SO+YEkvcyZcLTOUBiDIpZgC4r3IOyBDgzv1K
KDIBNpFCBL0Z
=794G
-----END PGP SIGNATURE-----
Merge tag 'debian/4.19.37-5+deb10u1' into buster
Release linux (4.19.37-5+deb10u1).
2019-07-20 23:07:45 +02:00
1e1ff4ce9c
binder: fix race between munmap() and direct reclaim (CVE-2019-1999)
2019-07-20 18:36:49 +02:00
091f76e86d
nfc: Ensure presence of required attributes in the deactivate_target handler (CVE-2019-12984)
2019-07-20 18:21:14 +02:00
fbe4322901
[powerpc*] mm/64s/hash: Reallocate context ids on fork (CVE-2019-12817)
2019-07-20 17:17:59 +02:00
7e902dbcd3
[x86] x86/insn-eval: Fix use-after-free access to LDT entry (CVE-2019-13233)
2019-07-20 17:17:43 +02:00
aa3c23fe0e
Release linux (4.19.37-5+deb10u1).
...
-----BEGIN PGP SIGNATURE-----
iQKmBAABCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl0xhh1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89E8nEP/iF7NUo1hvYNR/ueapgtpnMaHh/OeiGp
x5/4RQW9Lo+Y8djiJWr9Kh7DVT7zp2k6OOb6o2qypgpEpFGGZAf02E3kheTJMhJz
XxDHyGRflQpXDsEbPCcWCXvJjH/7puV/GWATPYo9qE/hs9rBAiFsOlOTqWSJf8Yd
rVxjRRXe9/qRcOV4OJyiuL2GbeL7eO3TqTEl1NVSNP4V1RjYFFy/CUelWAcGzUOI
tkk+NM7CEspQQhpIRkSGB+GyYMvOFNi2mkrz+mJbSUeb75uiZq3myJqHiQOKpwHe
OGJiVBD4Ce8pv3PvR9bFZwgOV2t1XTDOeyUcmh8C07SblwI6iM/vi/nWw7B9VUEH
X2EB/3/TuhKgJHtYpFZdi1mlRrt+6YYgDmbFVUyjojZhOONlVagwq2vaX0ep6yI4
FOQo4kpCG10yse4JxUS0Unv6hk7ShfLe/Kb9lOJvPSZM5dCutWTQrRO05gTyFaev
orMZou9lsXYDTzpFAICE2ZhCcySvYLqvPkkCoabiECMlJE2Ra/rsHiuQEcSNjG8E
A8EqJhElt+W8mvTkofG5yL3oguD6yg4Qf0luKOl0bEcZyBXDbK4nHtHAwcBNoR5X
zNfrikCyo7jPX3JGH3F8wYE9vc04SO+YEkvcyZcLTOUBiDIpZgC4r3IOyBDgzv1K
KDIBNpFCBL0Z
=794G
-----END PGP SIGNATURE-----
Merge tag 'debian/4.19.37-5+deb10u1' into buster-security
Release linux (4.19.37-5+deb10u1).
2019-07-19 11:15:23 +02:00
786d73da80
Prepare to release linux (4.19.37-5+deb10u1).
2019-07-19 10:46:02 +02:00
c6f3814dc4
ptrace: Fix ->ptracer_cred handling for PTRACE_TRACEME (CVE-2019-13272)
2019-07-19 10:45:11 +02:00
faee94d2ad
[armhf] Add support for all i.MX6 variants.
2019-07-16 16:48:34 +02:00
c342a968c4
[sh4]: Check for kprobe trap number before trying to handle a kprobe trap
2019-06-23 18:59:55 +02:00
e2cc6dfed3
debian/changelog: Clean up entry for Huawei TaiShan support
2019-06-23 17:27:59 +01:00
c01ce3da12
Merge branch '93sam/linux-huawei-taishan-support' into sid
...
[arm64] Improve support for the Huawei TaiShan server platform
See merge request kernel-team/linux!151
2019-06-23 17:19:03 +01:00
eb5241a213
tcp: refine memory limit test in tcp_fragment()
...
Closes : #930904
2019-06-23 16:15:34 +02:00
2c3b28ea8f
[arm64] Improve support for the Huawei TaiShan server platform
...
Closes : #930554
Enable the HNS/ROCE Infiniband driver
Backport fixes from 4.20 and 4.21 for HNS3 networking, hisi_sas SAS
and HNS/ROCE Infiniband
Signed-off-by: Steve McIntyre <93sam@debian.org>
2019-06-23 10:58:07 +01:00
8fb3f0b24d
Prepare to release linux (4.19.37-5).
2019-06-19 23:16:58 +01:00
e60e81ccd9
debian/changelog: Wrap a >80-character line
2019-06-19 23:16:33 +01:00
0a8cb2b316
Add ABI reference for 4.19.0-5
...
This is based on version 4.19.37-1 and 4.19.37-3, which are
consistent except for the addition of two symbols related to the
MDS mitigation on x86.
2019-06-19 23:16:32 +01:00
ac648cc5be
debian/changelog: Record ABI fix that did *not* make it into 4.19.37-4
...
Thought I'd built with the ABI fix, but didn't. And there was
no ABI reference to catch this. :-(
2019-06-19 23:16:25 +01:00
d2962338d6
[sparc64] Fix device naming inconsistency between sunhv_console and sunhv_reg ( Closes : #926539 )
2019-06-19 16:30:43 +02:00
2536e21256
Prepare to release linux (4.19.37-4).
2019-06-17 20:00:30 +01:00
afceeb64fe
debian/changelog: List changes in 4.19.37-rt20
2019-06-17 20:00:14 +01:00
1e253edaa7
Add TCP DoS fixes
2019-06-17 19:46:08 +01:00
4ea468554d
mwifiex: Fix heap overflow in mwifiex_uap_parse_tail_ies() (CVE-2019-10126)
2019-06-17 19:32:38 +01:00
e5664e23f5
mm/mincore.c: make mincore() more conservative (CVE-2019-5489)
2019-06-17 19:29:35 +01:00
1894e89399
mwifiex: Don't abort on small, spec-compliant vendor IEs
2019-06-17 19:29:14 +01:00
70b1e1a8fa
mwifiex: Abort at too short BSS descriptor element
2019-06-17 19:25:01 +01:00
54fa813858
mwifiex: Fix possible buffer overflows at parsing bss descriptor (CVE-2019-3846)
2019-06-17 19:24:10 +01:00
cc59373e08
[arm64] udeb: fb-modules: Include rockchipdrm, panel-simple, pwm_bl, pwm-cros-ec
...
Some ChromeOS devices need these for the display.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
2019-06-10 18:50:46 +03:00
c8cdb80b66
[arm64] udeb: mmc-modules: Include phy-rockchip-emmc
...
Needed for internal storage on some ChromeOS devices.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
2019-06-10 18:50:46 +03:00
cb05f8d52a
[arm64] udeb: usb-modules: Include phy-rockchip-typec, extcon-usbc-cros-ec
...
On Samsung Chromebook Plus (v1) trying to boot from a rootfs on a USB
storage device without these modules in the initramfs, it drops to an
initramfs shell with a non-working display. For the d-i netboot image,
the screen doesn't turn on, but the installer menu works.
A recent change to initramfs-tools includes extcon-usbc-cros-ec, so
include that and a relevant PHY module here as well.
Relevant:
https://salsa.debian.org/kernel-team/initramfs-tools/commit/994d698a
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
2019-06-10 18:50:45 +03:00
3c9e2d8dee
[arm64] udeb: kernel-image: Include phy-rockchip-pcie
...
On some ChromeOS devices, this is required to connect to a wireless
network via mwifiex_pcie.
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
2019-06-10 18:50:45 +03:00
b68c83d156
[arm64] udeb: kernel-image: Include cros_ec_spi and SPI drivers
...
The cros_ec multifunction device provides the keyboard services on some
ChromeOS devices, but requires a bus to be enabled to communicate with
it. On Samsung Chromebook Plus (v1), including spi-rockchip and
cros_ec_spi are enough. A recent change in initramfs-tools included all
SPI drivers, so include them here as well.
Relevant:
https://salsa.debian.org/kernel-team/initramfs-tools/commit/797e5fed
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
2019-06-10 18:50:45 +03:00
0114d125ba
udeb: input-modules: Include all keyboard driver modules
...
Some important modules like cros_ec_keyb are in input/keyboard. A recent
change in initramfs-tools also includes them, so include them here too.
Relevant:
https://salsa.debian.org/kernel-team/initramfs-tools/commit/40f66474
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
2019-06-10 18:50:45 +03:00
d7374fce1e
Merge branch 'sparc64-sid' into 'sid'
...
[sparc64] udeb: Disable suffix for kernel-image
See merge request kernel-team/linux!147
2019-06-09 23:28:08 +00:00
cbcfb20ce0
[mips] Correctly bounds check virt_addr_valid ( Closes : #929366 )
2019-06-09 00:06:52 +02:00
3b44df1499
Bluetooth: hidp: fix buffer overflow (CVE-2019-11884)
2019-06-07 15:25:30 +02:00
8910626bca
ext4: zero out the unused memory region in the extent tree block (CVE-2019-11833)
2019-06-07 14:53:07 +02:00
23527ae20b
brcmfmac: add subtype check for event handling in data path (CVE-2019-9503)
2019-06-07 14:49:05 +02:00
8970aaa563
brcmfmac: assure SSID length from firmware is limited (CVE-2019-9500)
2019-06-07 14:43:58 +02:00
c11ba60cce
[rt] Update to 4.19.37-rt20
2019-05-29 21:49:30 +02:00
92a96d298e
[x86] lockdown,sysrq: Enable ALLOW_LOCKDOWN_LIFT_BY_SYSRQ ( Closes : #929583 )
2019-05-26 18:13:59 +01:00
db249f2b52
[sparc64] udeb: Disable suffix for kernel-image
2019-05-21 14:29:31 +02:00
a8c3d89c71
README.source: Document the various makefiles and use of out-of-tree builds
2019-05-19 15:05:10 +01:00
a96bd61a2e
libbpf: Build out-of-tree
2019-05-19 14:49:48 +01:00
9b28931859
libbpf: Use only 2 components in soversion, matching package name
...
Debian policy says the package name must change when the soname
changes. We don't expect the ABI to change in a stable update,
so use only 2 components in both.
2019-05-19 14:48:13 +01:00
a6879552b5
Drop unnecessary changes from "libbpf: add SONAME to shared object"
...
It's not necessary to delete the definitions of the variables that
become unused. Nor is it necessary to move the definition of
LIBBPF_VERSION before LIB_FILES, because the latter is defined
as recursively expanded (i.e. its variable references are not
immediately expanded).
This makes the actual change we're making clearer, and should
reduce the future work to maintain this patch.
2019-05-19 14:36:25 +01:00
9329ccdf87
[powerpc*] 64s: Include cpu header (fixes FTBFS)
2019-05-15 23:07:44 +01:00
85eddd4dd2
Prepare to release linux (4.19.37-2).
2019-05-14 17:34:46 +01:00
4abc99e835
[x86] linux-cpupower: Update CPPFLAGS for change in <asm/msr-index.h>
2019-05-14 17:34:29 +01:00
1565dc00f4
[x86] Mitigate Microarchitectural Data Sampling (MDS) vulnerabilities
...
Together with a microcode update, this mitigates CVE-2018-12126,
CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091.
2019-05-10 12:03:12 +01:00
98cbc347d3
debian/bin: Fix Python static checker regressions ( Closes : #928618 )
2019-05-07 21:04:05 +01:00
5ece558b8d
Prepare to release linux (4.19.37-1).
2019-05-05 19:32:32 +01:00
ece5b4e4cd
mm,fs: Prevent page refcount overflow (CVE-2019-11487)
2019-05-05 15:44:05 +01:00
83f5e0f1ef
tracing: Fix buffer_ref pipe ops
...
This is preparation for fixing CVE-2019-11487.
2019-05-05 15:42:32 +01:00
4f3fa1e296
aio: Apply fixes from 4.19.38 (CVE-2019-10125)
2019-05-05 15:41:31 +01:00
55a23e404a
[amd64,arm64] vfio/type1: Limit DMA mappings per container (CVE-2019-3882)
2019-05-05 16:06:15 +02:00
2c62d20848
MODSIGN: Make shash allocation failure fatal
2019-05-05 13:47:00 +01:00
06cccfd2c3
Merge branch 'bluca/linux-mod_db' into sid
...
Add patches to enable loading db and MOK keys
See merge request kernel-team/linux!139
2019-05-05 13:16:03 +01:00
95f09d9f29
Merge branch 'sid' of salsa.debian.org:kernel-team/linux into sid
2019-05-05 13:15:29 +01:00
319a580681
Add Debian bug closer for #928457
2019-05-05 10:25:26 +02:00
5be0740b91
Add changelog entry for "gencontrol_signed.py: Sort list of modules..."
2019-05-04 18:39:31 -07:00
f79da03296
drivers/firmware/google: Adjust configuration for 4.19
2019-05-04 22:40:59 +01:00
88cad5a2fb
Merge branch 'sid' into 'sid'
...
[arm64] Enable configs for Samsung Chromebook Plus (v1) and other rk3399-gru based devices
See merge request kernel-team/linux!142
2019-05-04 21:34:02 +00:00
643cc8a41c
Add patches to enable loading dbx and MOKX blacklists
...
Import patches from:
https://lore.kernel.org/patchwork/cover/933178/
that allow to also load dbx and MOKX as blacklists for modules.
These patches also disable loading MOK/MOKX when secure boot is
not enabled, as the variables will not be safe, and to check the
variables attributes before accepting them.
2019-05-02 23:04:18 +01:00
188df85f5b
Add patches to enable loading db and MOK keys
...
Import patches from:
http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-fs.git/log/?h=keys-uefi
that enable a new option that automatically loads keys from db
and MOK into the secondary keyring, so that they can be used to
verify the signature of kernel modules. Enable the required KCONFIGs.
Allows users to self-sign modules (eg: dkms).
2019-05-02 22:59:42 +01:00
40e420be45
[armhf] Disable MVNETA_BM_ENABLE again
2019-05-02 22:13:54 +02:00
ecc794295f
Remove annotation for one REJECTed CVE
...
Gbp-Dch: Ignore
2019-05-01 20:46:07 +02:00
b64a303c60
[arm64] Enable configs for Samsung Chromebook Plus (v1) and other rk3399-gru based devices
...
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
2019-05-01 17:40:56 +03:00
ca91c5f5f3
Note that upstream change closes #925496
2019-05-01 14:18:46 +01:00
0eb7489dad
Enable coreboot memconsole ( Closes : #872069 )
...
With this option enabled, the kernel will be able to retrieve firmware
logs by looking in the coreboot table. This can be accessed from
userspace via the sysfs file /sys/firmware/log.
2019-04-30 16:54:11 +02:00
82f685da41
[sparc64] linux-image: Install uncompressed kernel image
...
Requested by John Paul Adrian Glaubitz, with the explanation:
> GRUB doesn't really support compressed kernels with OpenFirmware, at
> least on SPARC. It used to work with 2.02+patches but it doesn't
> work with GRUB 2.04~rc1 and upstream said that it's not really
> supported.
2019-04-30 15:49:46 +01:00
fd064d4e63
[rt] Update to 4.19.37-rt19
2019-04-30 14:46:18 +02:00
e6b7661450
Replace CVE id for CVE-2019-11599
...
Originally CVE-2019-3892 appeared which was REJECTED as reservation
duplicate of CVE-2019-11599.
Gbp-Dch: Ignore
2019-04-30 10:37:56 +02:00
c72c0fff0a
[x86] platform: Enable INTEL_ATOMISP2_PM as module
2019-04-28 18:57:27 +01:00
7ebc9f9504
Update to 4.19.37
...
* Refresh/drop patches as appropriate
2019-04-28 18:55:53 +01:00
ad494c2131
tty: mark Siemens R3964 line discipline as BROKEN (CVE-2019-11486)
2019-04-26 16:11:56 +02:00
859ec5f504
[x86] Disable R3964 due to lack of security support
2019-04-26 16:08:19 +02:00
1c6240e692
inotify: Fix fsnotify_mark refcount leak in inotify_update_existing_watch() (CVE-2019-9857)
2019-04-26 14:54:14 +02:00
cda3581467
ntfs: Mark it as broken, and add CVE IDs that are being closed
2019-04-25 15:35:56 +01:00
becaca2c80
ntfs: Disable NTFS_FS due to lack of upstream security support
2019-04-25 15:27:49 +01:00
81f14e4fc0
udeb: Drop unused ntfs-modules packages
...
The installer uses ntfs-3g-udeb instead.
2019-04-25 15:27:49 +01:00
223d2f61ad
[mips] Fix indirect syscall tracing & seccomp filtering for big endian MIPS64 kernels with 32-bit userland.
2019-04-23 19:35:04 +02:00
8f20d53908
[armel/marvell,sh4] linux-image: Recommend apparmor, like all other configs
...
The "recommends" field set in the [image] section for these
configurations overrode the field at the top level. We want
gencontrol.py to concatenate the relations in this section at all
levels.
The ConfigCore.get_merge method supports doing this, but only with
list fields So we need to specify in the config schema that these
fields are comma-separated lists.
2019-04-22 00:30:48 +01:00
967b7d1987
linux-source: Recommend bison and flex, always needed to build the kernel
2019-04-21 23:59:50 +01:00
e6231a29a7
[i386] Add grub-efi-ia32 as an alternate recommended bootloader
2019-04-21 23:56:35 +01:00
25aadd8f22
[powerpc,ppc64,ppc64el] linux-image: Recommend grub-ieee1275
2019-04-21 23:56:01 +01:00
a828d99124
[sparc64] linux-image: Recommend grub-ieee1275 instead of (removed) silo
2019-04-21 23:55:01 +01:00
fb4777ce47
lockdown: Refer to Debian wiki until manual page exists
2019-04-21 00:22:20 +01:00
7c8c3551e1
udeb: Add all HWRNG drivers to kernel-image (see #923675 )
...
The installer will soon start using haveged to provide entropy if
needed, but an HWRNG is probably still preferable.
2019-04-21 00:09:41 +01:00
693aafefbb
[armel/marvell] Disable HW_RANDOM as no HWRNG drivers are usable here
...
We were building the omap-rng driver, because the same block is used
on some recent Marvell chips and HW_RANDOM_OMAP is enabled by default
if ARCH_MVEBU is enabled.
We were also building virtio-rng, but there isn't (so far as I know)
any publicly available emulation of the ARMv5 Marvell chips.
As we're about to include HWRNG drivers to the installer, disable the
whole subsystem for armel/marvell to avoid adding useless drivers.
2019-04-20 23:35:33 +01:00
ea0d63df90
[ia64] linux-image: Recommend grub-efi-ia64 instead of (removed) elilo
2019-04-20 23:04:54 +01:00
2dff862341
ACPICA: Namespace: remove address node from global list after method termination
2019-04-19 21:06:18 +02:00
c854151c38
[riscv64] linux-image-dbg: Include vdso debug symbols
2019-04-18 00:55:26 +01:00
90f48698a0
Fix typo: architecures -> architectures
...
Thanks: Cyril Brulebois
Gbp-Dch: Ignore
2019-04-15 21:05:02 +02:00
4eef18f8b7
xen/pciback: Don't disable PCI_COMMAND on PCI device reset. (CVE-2015-8553)
2019-04-14 22:39:31 +02:00
c4517a7e99
Don't longer recommend irqbalance
2019-04-13 08:32:35 +02:00
f73d6fa21b
Add bug closer for #923723
...
Gbp-Dch: Ignore
2019-04-12 23:39:23 +02:00
c859bfa672
Add bug closer for #919290
...
Gbp-Dch: Ignore
2019-04-12 23:29:37 +02:00
dde049bffb
Fix brackets for arch markes
...
Gbp-Dch: Ignore
2019-04-12 09:47:27 +02:00
5a39ad2910
Generate and install libbpf.pc
...
Backport patch from bpf-next and install libbpf.pc in libbpf-dev
2019-04-11 23:15:22 +01:00
1acfe734b7
Merge branch 'sf/linux-sid' into sid
...
Enable SND_SOC_SPDIF on armmp-lpae
See merge request kernel-team/linux!137
2019-04-09 01:19:39 +01:00
5ee30838da
re-eanble JUMP_LABEL for mips r6
...
[bwh: Cherry-picked onto the sid branch]
2019-04-09 01:07:11 +01:00
Ben Hutchings
Salvatore Bonaccorso
YunQiang Su
Joe Richey
Aurelien Jarno
Noah Meyerhans
Benjamin Poirier
Bastian Blank
Romain Perier
Romain Perier
Cyril Brulebois
Romain Perier
Uwe Kleine-König
John Paul Adrian Glaubitz
Steve McIntyre
Alper Nebi Yasak
Vagrant Cascadian
Luca Boccassi