Ben Hutchings
ece5b4e4cd
mm,fs: Prevent page refcount overflow (CVE-2019-11487)
2019-05-05 15:44:05 +01:00
Ben Hutchings
83f5e0f1ef
tracing: Fix buffer_ref pipe ops
...
This is preparation for fixing CVE-2019-11487.
2019-05-05 15:42:32 +01:00
Ben Hutchings
4f3fa1e296
aio: Apply fixes from 4.19.38 (CVE-2019-10125)
2019-05-05 15:41:31 +01:00
Salvatore Bonaccorso
55a23e404a
[amd64,arm64] vfio/type1: Limit DMA mappings per container (CVE-2019-3882)
2019-05-05 16:06:15 +02:00
Ben Hutchings
2c62d20848
MODSIGN: Make shash allocation failure fatal
2019-05-05 13:47:00 +01:00
Ben Hutchings
06cccfd2c3
Merge branch 'bluca/linux-mod_db' into sid
...
Add patches to enable loading db and MOK keys
See merge request kernel-team/linux!139
2019-05-05 13:16:03 +01:00
Ben Hutchings
95f09d9f29
Merge branch 'sid' of salsa.debian.org:kernel-team/linux into sid
2019-05-05 13:15:29 +01:00
Salvatore Bonaccorso
319a580681
Add Debian bug closer for #928457
2019-05-05 10:25:26 +02:00
Vagrant Cascadian
5be0740b91
Add changelog entry for "gencontrol_signed.py: Sort list of modules..."
2019-05-04 18:39:31 -07:00
Ben Hutchings
f79da03296
drivers/firmware/google: Adjust configuration for 4.19
2019-05-04 22:40:59 +01:00
Ben Hutchings
88cad5a2fb
Merge branch 'sid' into 'sid'
...
[arm64] Enable configs for Samsung Chromebook Plus (v1) and other rk3399-gru based devices
See merge request kernel-team/linux!142
2019-05-04 21:34:02 +00:00
Luca Boccassi
643cc8a41c
Add patches to enable loading dbx and MOKX blacklists
...
Import patches from:
https://lore.kernel.org/patchwork/cover/933178/
that allow to also load dbx and MOKX as blacklists for modules.
These patches also disable loading MOK/MOKX when secure boot is
not enabled, as the variables will not be safe, and to check the
variables attributes before accepting them.
2019-05-02 23:04:18 +01:00
Luca Boccassi
188df85f5b
Add patches to enable loading db and MOK keys
...
Import patches from:
http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-fs.git/log/?h=keys-uefi
that enable a new option that automatically loads keys from db
and MOK into the secondary keyring, so that they can be used to
verify the signature of kernel modules. Enable the required KCONFIGs.
Allows users to self-sign modules (eg: dkms).
2019-05-02 22:59:42 +01:00
Uwe Kleine-König
40e420be45
[armhf] Disable MVNETA_BM_ENABLE again
2019-05-02 22:13:54 +02:00
Salvatore Bonaccorso
ecc794295f
Remove annotation for one REJECTed CVE
...
Gbp-Dch: Ignore
2019-05-01 20:46:07 +02:00
Alper Nebi Yasak
b64a303c60
[arm64] Enable configs for Samsung Chromebook Plus (v1) and other rk3399-gru based devices
...
Signed-off-by: Alper Nebi Yasak <alpernebiyasak@gmail.com>
2019-05-01 17:40:56 +03:00
Ben Hutchings
ca91c5f5f3
Note that upstream change closes #925496
2019-05-01 14:18:46 +01:00
Romain Perier
0eb7489dad
Enable coreboot memconsole ( Closes : #872069 )
...
With this option enabled, the kernel will be able to retrieve firmware
logs by looking in the coreboot table. This can be accessed from
userspace via the sysfs file /sys/firmware/log.
2019-04-30 16:54:11 +02:00
Ben Hutchings
82f685da41
[sparc64] linux-image: Install uncompressed kernel image
...
Requested by John Paul Adrian Glaubitz, with the explanation:
> GRUB doesn't really support compressed kernels with OpenFirmware, at
> least on SPARC. It used to work with 2.02+patches but it doesn't
> work with GRUB 2.04~rc1 and upstream said that it's not really
> supported.
2019-04-30 15:49:46 +01:00
Romain Perier
fd064d4e63
[rt] Update to 4.19.37-rt19
2019-04-30 14:46:18 +02:00
Salvatore Bonaccorso
e6b7661450
Replace CVE id for CVE-2019-11599
...
Originally CVE-2019-3892 appeared which was REJECTED as reservation
duplicate of CVE-2019-11599.
Gbp-Dch: Ignore
2019-04-30 10:37:56 +02:00
Ben Hutchings
c72c0fff0a
[x86] platform: Enable INTEL_ATOMISP2_PM as module
2019-04-28 18:57:27 +01:00
Ben Hutchings
7ebc9f9504
Update to 4.19.37
...
* Refresh/drop patches as appropriate
2019-04-28 18:55:53 +01:00
Salvatore Bonaccorso
ad494c2131
tty: mark Siemens R3964 line discipline as BROKEN (CVE-2019-11486)
2019-04-26 16:11:56 +02:00
Salvatore Bonaccorso
859ec5f504
[x86] Disable R3964 due to lack of security support
2019-04-26 16:08:19 +02:00
Salvatore Bonaccorso
1c6240e692
inotify: Fix fsnotify_mark refcount leak in inotify_update_existing_watch() (CVE-2019-9857)
2019-04-26 14:54:14 +02:00
Ben Hutchings
cda3581467
ntfs: Mark it as broken, and add CVE IDs that are being closed
2019-04-25 15:35:56 +01:00
Ben Hutchings
becaca2c80
ntfs: Disable NTFS_FS due to lack of upstream security support
2019-04-25 15:27:49 +01:00
Ben Hutchings
81f14e4fc0
udeb: Drop unused ntfs-modules packages
...
The installer uses ntfs-3g-udeb instead.
2019-04-25 15:27:49 +01:00
Aurelien Jarno
223d2f61ad
[mips] Fix indirect syscall tracing & seccomp filtering for big endian MIPS64 kernels with 32-bit userland.
2019-04-23 19:35:04 +02:00
Ben Hutchings
8f20d53908
[armel/marvell,sh4] linux-image: Recommend apparmor, like all other configs
...
The "recommends" field set in the [image] section for these
configurations overrode the field at the top level. We want
gencontrol.py to concatenate the relations in this section at all
levels.
The ConfigCore.get_merge method supports doing this, but only with
list fields So we need to specify in the config schema that these
fields are comma-separated lists.
2019-04-22 00:30:48 +01:00
Ben Hutchings
967b7d1987
linux-source: Recommend bison and flex, always needed to build the kernel
2019-04-21 23:59:50 +01:00
Ben Hutchings
e6231a29a7
[i386] Add grub-efi-ia32 as an alternate recommended bootloader
2019-04-21 23:56:35 +01:00
Ben Hutchings
25aadd8f22
[powerpc,ppc64,ppc64el] linux-image: Recommend grub-ieee1275
2019-04-21 23:56:01 +01:00
Ben Hutchings
a828d99124
[sparc64] linux-image: Recommend grub-ieee1275 instead of (removed) silo
2019-04-21 23:55:01 +01:00
Ben Hutchings
fb4777ce47
lockdown: Refer to Debian wiki until manual page exists
2019-04-21 00:22:20 +01:00
Ben Hutchings
7c8c3551e1
udeb: Add all HWRNG drivers to kernel-image (see #923675 )
...
The installer will soon start using haveged to provide entropy if
needed, but an HWRNG is probably still preferable.
2019-04-21 00:09:41 +01:00
Ben Hutchings
693aafefbb
[armel/marvell] Disable HW_RANDOM as no HWRNG drivers are usable here
...
We were building the omap-rng driver, because the same block is used
on some recent Marvell chips and HW_RANDOM_OMAP is enabled by default
if ARCH_MVEBU is enabled.
We were also building virtio-rng, but there isn't (so far as I know)
any publicly available emulation of the ARMv5 Marvell chips.
As we're about to include HWRNG drivers to the installer, disable the
whole subsystem for armel/marvell to avoid adding useless drivers.
2019-04-20 23:35:33 +01:00
Ben Hutchings
ea0d63df90
[ia64] linux-image: Recommend grub-efi-ia64 instead of (removed) elilo
2019-04-20 23:04:54 +01:00
Salvatore Bonaccorso
2dff862341
ACPICA: Namespace: remove address node from global list after method termination
2019-04-19 21:06:18 +02:00
Ben Hutchings
c854151c38
[riscv64] linux-image-dbg: Include vdso debug symbols
2019-04-18 00:55:26 +01:00
Salvatore Bonaccorso
90f48698a0
Fix typo: architecures -> architectures
...
Thanks: Cyril Brulebois
Gbp-Dch: Ignore
2019-04-15 21:05:02 +02:00
Salvatore Bonaccorso
4eef18f8b7
xen/pciback: Don't disable PCI_COMMAND on PCI device reset. (CVE-2015-8553)
2019-04-14 22:39:31 +02:00
Bastian Blank
c4517a7e99
Don't longer recommend irqbalance
2019-04-13 08:32:35 +02:00
Salvatore Bonaccorso
f73d6fa21b
Add bug closer for #923723
...
Gbp-Dch: Ignore
2019-04-12 23:39:23 +02:00
Salvatore Bonaccorso
c859bfa672
Add bug closer for #919290
...
Gbp-Dch: Ignore
2019-04-12 23:29:37 +02:00
Salvatore Bonaccorso
dde049bffb
Fix brackets for arch markes
...
Gbp-Dch: Ignore
2019-04-12 09:47:27 +02:00
Luca Boccassi
5a39ad2910
Generate and install libbpf.pc
...
Backport patch from bpf-next and install libbpf.pc in libbpf-dev
2019-04-11 23:15:22 +01:00
Ben Hutchings
1acfe734b7
Merge branch 'sf/linux-sid' into sid
...
Enable SND_SOC_SPDIF on armmp-lpae
See merge request kernel-team/linux!137
2019-04-09 01:19:39 +01:00
YunQiang Su
5ee30838da
re-eanble JUMP_LABEL for mips r6
...
[bwh: Cherry-picked onto the sid branch]
2019-04-09 01:07:11 +01:00
Ben Hutchings
502148bb02
[armhf,arm64[ Revert "net: stmmac: Send TSO packets always from Queue 0"
2019-04-09 01:05:01 +01:00
Ben Hutchings
a0366b7dd1
[rt] Update to 4.19.31-rt18
2019-04-09 00:53:38 +01:00
Ben Hutchings
6fa9d66378
[rt] Add new signing subkey for Steven Rostedt
2019-04-09 00:47:01 +01:00
Ben Hutchings
7935c22e07
Bump ABI to 5
...
There are too many ABI changes for me to cope with.
2019-04-09 00:33:21 +01:00
Ben Hutchings
821ec1b181
Update to 4.19.34
...
* Drop/refresh patches as appropriate
2019-04-09 00:27:06 +01:00
Stefan Fritsch
5862c7e202
Enable SND_SOC_SPDIF on armmp-lpae
...
Needed for Cubietruck
2019-04-07 09:53:33 +02:00
Ben Hutchings
6039118f59
[powerpc*] vdso: Make vdso32 installation conditional in vdso_install
...
Closes : #785065
This finally removes the need for the ppc64el compiler to support
32-bit code generation, and removes a useless file from debug
packages on ppc64el.
2019-03-22 04:28:49 +00:00
Ben Hutchings
e3c916c6d7
debian/bin/abiupdate.py: Change default URLs to use https: scheme
...
Since we don't use the Release and Packages files to verify the
packages we download, it's worth using TLS to reduce the risk of
a man-in-the-middle corrupting them.
ftp.ports.debian.org and security.debian.org don't support TLS
in general, so use deb.debian.org for the ports and security
archives.
2019-03-18 23:11:23 +00:00
Ben Hutchings
0e10941761
debian/bin/abiupdate.py: Automatically select the correct archive to fetch from
...
If the changelog distribution is *-security, fetch from the security
archive. Otherwise, try the main archive, ports, incoming, and
incoming.ports in that order.
2019-03-18 22:53:16 +00:00
Ben Hutchings
926120d62f
Prepare to release linux (4.19.28-2).
2019-03-15 02:16:04 +00:00
Ben Hutchings
88d725750b
Merge remote-tracking branch 'salsa/sid' into sid
2019-03-15 01:45:58 +00:00
Ben Hutchings
44f134c2b9
Merge branch 'include-signing-cert' of salsa.debian.org:corsac/linux into sid
...
certs: include both root CA and direct signing certificate
See merge request kernel-team/linux!135
2019-03-14 21:26:12 +00:00
Vagrant Cascadian
fb17e155b9
[arm64,armhf] Drop PHY_ROCKCHIP_INNO_HDMI, not available till linux
...
v4.20.
2019-03-14 13:32:38 -07:00
Vagrant Cascadian
73f7977c15
[arm64,armhf] Enable PHY_ROCKCHIP_INNO_HDMI as built-ins, not
...
available as modules.
2019-03-14 13:10:29 -07:00
Ben Hutchings
0664e4e069
Merge branch 'sid' of salsa.debian.org:kernel-team/linux into sid
2019-03-14 17:53:52 +00:00
Ben Hutchings
0b67903203
[ppc64el] Disable PCMCIA (fixes FTBFS)
...
It appears to be technically possible to use PCMCIA cards on POWER8/9
systems through a PCI Express to PCI adapter and a PCI to
PCMCIA/CardBus adapter. But I can't believe anyone would want to.
So rather than adding a pcmcia-modules package or excluding the
drivers from udebs, disable PCMCIA altogether.
2019-03-14 17:49:45 +00:00
Ben Hutchings
ae178b6c72
udeb: Make serial_cs optional in serial-modules
...
The next commit will stop building PCMCIA drivers on ppc64el.
2019-03-14 17:48:52 +00:00
Yves-Alexis Perez
af53d158a0
certs: include both root CA and direct signing certificate. closes : #924545
...
Module loading needs the issuer certificate to validate the signature,
and that certificate is not embedded in the signature itself.
For now embed both the signing certificate and the root CA.
2019-03-14 14:16:50 +01:00
Vagrant Cascadian
2f067b01ec
[arm64] Enable MESON_EFUSE as a module.
2019-03-13 23:50:41 -07:00
Vagrant Cascadian
32b309d27c
[arm64] Enable I2C_GPIO as a module.
2019-03-13 23:50:03 -07:00
Vagrant Cascadian
22dd68875f
[arm64,armhf] Enable PHY_ROCKCHIP_INNO_HDMI as modules.
2019-03-13 23:49:26 -07:00
Vagrant Cascadian
7adaffb5a6
[arm64] Enable DRM_SUN4I and DRM_SUN8I_DW_HDMI as modules.
2019-03-13 23:48:44 -07:00
Ben Hutchings
20351317dd
[x86] Drop fix for #865303 , which no longer affects Debian's OpenJDK
...
This workaround is no longer needed for Debian's OpenJDK packages:
* OpenJDK 7 is unfixed (bug #876068 ) but is not present in stretch or
later suites
* OpenJDK 8 was fixed in unstable (bug #876051 ) and the fix was then
included in a stretch security update
* OpenJDK 9 and later were fixed (bug #876069 )
The workaround was never applied upstream and it also doesn't seem
like a good idea to have a Debian-specific VM quirk that weakens the
defence against Stack Clash. Therefore drop it now rather than
including it in another release.
2019-03-13 18:37:35 +00:00
Ben Hutchings
7064a34f6e
[x86,alpha,m68k] binfmt: Disable BINFMT_AOUT, IA32_AOUT, OSF4_COMPAT
...
a.out support is now untested and occasionally results in security
bugs, and will be deprecated upstream (depends on BROKEN) for x86 in
5.1. Disable it completely.
See:
https://lore.kernel.org/lkml/CAG48ez1RVd5mQ_Pb6eygQESaZhpQz765OAZYSoPE0kPqfZEXQg@mail.gmail.com/
https://lore.kernel.org/lkml/20190305145717.GD8256@zn.tnic/
2019-03-13 18:31:13 +00:00
Ben Hutchings
4895e487e1
Prepare to release linux (4.19.28-1).
2019-03-12 05:06:28 +00:00
Ben Hutchings
fb875ddeb6
Bump ABI to 4
2019-03-10 23:34:30 +00:00
Ben Hutchings
4454021eb3
debian/bin/gencontrol_signed.py: Put all files.json fields under "packages"
...
Follow the schema change made in
3a07a08a82
2019-03-10 22:46:07 +00:00
Ben Hutchings
16e5e055ca
certs: Replace test signing certificate with production signing certificate
2019-03-10 22:28:08 +00:00
Vagrant Cascadian
8a42d3ccb9
debian/changelog: Note upstream change closing bugs #913119 , #913138 .
2019-03-10 15:21:11 -07:00
Ben Hutchings
3f14005d42
Merge branch 'sid' into 'sid'
...
MIPS related backports to 4.19
See merge request kernel-team/linux!131
2019-03-10 21:57:55 +00:00
Ben Hutchings
224fd4bf26
debian/changelog: Note upstream change closing bug #921542
2019-03-10 21:49:26 +00:00
Romain Perier
340ed90d8e
Update to 4.19.28
2019-03-10 16:57:21 +01:00
Salvatore Bonaccorso
22610f2634
exec: Fix mem leak in kernel_read_file (CVE-2019-8980)
2019-03-10 09:00:43 +01:00
Ben Hutchings
531357e266
debian/changelog: Only close #922182 once
2019-03-07 21:47:35 +00:00
Ben Hutchings
3ebd4206bf
debian/changelog: Clean up 4.19.27 changes
...
* "svm" is AMD's virtualisation interface for x86 only
* We don't support the MIPS BCM63xx platform
2019-03-07 21:43:35 +00:00
Romain Perier
e702b1ae75
debian/changelog: Added accidentaly removed entries and Closes #922182
2019-03-06 18:56:59 +01:00
Salvatore Bonaccorso
a53ae83b62
Add CVE id reference for CVE-2019-9213
...
Gbp-Dch: Ignore
2019-03-06 17:33:45 +01:00
Romain Perier
8864787e64
Update to 4.19.27
2019-03-06 16:38:16 +01:00
YunQiang Su
2357044444
[mipsel/mips64el] Backport loongson workarounds
...
MIPS: Loongson: Introduce and use loongson_llsc_mb()
2019-03-06 21:15:23 +08:00
YunQiang Su
40b0b77497
Enable some boston drivers
...
IMG_ASCII_LCD, I2C_EG20T, PCH_PHUB, MMC, PCIE_XILINX,
RTC_DRV_M41T80, SPI_TOPCLIFF_PCH
2019-03-06 21:15:22 +08:00
YunQiang Su
5ba611e17d
[mips r6] CPU and ASE related modify
...
Enable CPU_HAS_MSA, HIGHMEM, CRYPTO_CRC32_MIPS.
Set NR_CPUS to 16.
2019-03-06 21:15:22 +08:00
YunQiang Su
b710f665ba
[mips r6] enable SERIAL_OF_PLATFORM
...
If serial of platform is not enabled, userland shows nothing on console.
2019-03-06 21:15:22 +08:00
YunQiang Su
cf0de8585e
[mips r6]disable JUMP_LABLE: cause Reservered Instruction
2019-03-06 21:15:22 +08:00
Ben Hutchings
df5732713c
Merge branch 'sid-cleanup-arm64-di' into 'sid'
...
Sid cleanup arm64 di
See merge request kernel-team/linux!130
2019-03-05 20:43:58 +00:00
Ben Hutchings
c2a762a435
Merge branch 'rperier-guest/linux-armel_rpi' into sid
...
[armel/rpi] Add flavour for Raspberry Pi and Raspberry Pi Zero
See merge request kernel-team/linux!117
2019-03-05 20:39:14 +00:00
Ben Hutchings
12c2125853
debian/changelog: Add missing architecture qualifications
2019-03-05 20:31:24 +00:00
Ben Hutchings
e1259b5b3a
debian/changelog: Delete some stable changes that don't affect us
...
These drivers/features don't seem to be enabled in any configuration.
2019-03-05 20:30:51 +00:00
Marcin Juszkiewicz
e8890b92b6
[arm64] udeb: Remove redundant lines from nic-modules
...
All drivers listed were Ethernet ones and such are added by global
config already.
2019-03-05 21:23:02 +01:00
Marcin Juszkiewicz
3afa55a954
[arm64] udeb: Use generic ata-modules
...
arm64 does not have any special ata drivers so instead of listing
'libata' we can just reuse global ones.
2019-03-05 21:23:01 +01:00
Romain Perier
6b175bc9fd
Enable STRICT_MODULE_RWX
...
With this option set, module text and rodata memory areas will be made
read-only. Moreover, non-text memory will be made non-executable. This
provides protection against certain security exploits. Currently, this
option is implicitly enabled in Kconfig for most configurations where it
is possible to enable it. This commit enables the option by default
explictly for all supported targets (except marvell to keep it small)
2019-03-05 21:10:12 +01:00
Romain Perier
693bbd783d
[armel, armhf] Enable CRASH_DUMP
...
When set, this generates crash dump after being started by kexec. Useful
for debugging purpose on ARM. As this is already enabled for other arch,
enable it for ARM, as well (except marvell to keep it small).
2019-03-05 21:00:28 +01:00
Ben Hutchings
1ef9b5a41e
debian/changelog: List changes in 4.19.25-rt16
2019-03-05 19:56:21 +00:00
Romain Perier
f24c6b7b60
[armel/rpi] Add flavour for Raspberry Pi and Raspberry Pi Zero
...
Nowadays, Raspberry Pi 2 and Rasberry Pi 3 works perfectly fine with
Debian (including the official kernel package or the userland). RPi 1
and RPi Zero have an SoC that contains an armv6-based CPU, this means
that it cannot work with an hardfloat ABI, that is armv7 based. So we
have to use the Debian armel userland for this reason. Both boards are
supported in the mainline linux kernel and not being supported in the
debian-kernel package is the only blocking point that prevent RPI 1 and
RPI Zero from being well supported in an official Debian distribution.
This commit add a new kernel flavour for enabling support for the both
platforms.
2019-03-05 20:55:45 +01:00
Ben Hutchings
ad9f27e1eb
Merge branch 'sid-4.19.21-wip' into 'sid'
...
4.19.26
See merge request kernel-team/linux!126
2019-03-05 19:49:02 +00:00
Ben Hutchings
96e3ed26a7
debian/bin/gencontrol.py: Add rules to build debian/build/config.*
...
It is no longer possible to run the "setup" rules without a compiler,
because Kconfig symbols can depend on compiler properties. Add a way
to invoke just the first step of setup, which merges the kconfig files
and overrides together.
2019-03-05 19:11:48 +00:00
Romain Perier
2ef57b8ec9
[rt] Update to 4.19.25-rt16
2019-03-05 14:29:38 +01:00
Marcin Juszkiewicz
8e3ab60ac6
update to 4.19.26
2019-03-05 14:28:55 +01:00
Marcin Juszkiewicz
1b33d3e00b
update to 4.19.25
2019-03-05 14:28:55 +01:00
Marcin Juszkiewicz
37e6c11924
update to 4.19.24
2019-03-05 14:28:55 +01:00
Marcin Juszkiewicz
493801a88a
update to 4.19.23
2019-03-05 14:28:55 +01:00
Marcin Juszkiewicz
ee5b6f81c6
update to 4.19.22
2019-03-05 14:28:55 +01:00
Marcin Juszkiewicz
4a0b4cb79e
update to 4.19.21
2019-03-05 14:28:55 +01:00
Vagrant Cascadian
5cb904c8a9
[arm64] Add patch from v4.20 to enable device-tree for Pine64-LTS.
2019-03-04 07:56:07 -08:00
Salvatore Bonaccorso
76a21e66e3
Btrfs: fix corruption reading shared and compressed extents after hole punching
...
Closes : #922306
2019-02-26 21:06:35 +01:00
Vagrant Cascadian
5d94872d0b
Add changelog entry for A64-timer patch.
2019-02-19 12:30:18 -08:00
dann frazier
1ebd53abbf
arm64: lockdown: Move init_lockdown() call after efi_init()
...
The lockdown code for arm64 currently fails to engage when in Secure Boot
mode. Seth Forshee noticed that this is because init_lockdown() checks
for efi_enabled(EFI_BOOT), but that bit doesn't get set until uefi_init()
is called.
2019-02-17 06:09:47 -07:00
Vagrant Cascadian
95c2cd3378
[armhf] Enable REGULATOR_SY8106A as module.
2019-02-16 22:10:56 -08:00
Vagrant Cascadian
e078163694
Clarify changelog entry regarding orange pi plus cpufreq issue.
2019-02-16 22:09:09 -08:00
Vagrant Cascadian
3f699085ff
[armhf] Add patch from upstream fixing cpufreq on Orange Pi Plus.
2019-02-16 19:54:39 -08:00
Aurelien Jarno
26e9f62e39
Revert "usbip: depend on usb.ids instead of usbutils."
...
This reverts commit b95a83a3ec
.
This won't work for stretch-backports, so let's wait for bullseye.
2019-02-13 19:36:49 +01:00
Aurelien Jarno
b95a83a3ec
usbip: depend on usb.ids instead of usbutils.
...
usbip depends on usbutils only to get /usr/share/misc/usb.ids. It's
better to directly depend on the new usb.ids package.
2019-02-13 19:18:24 +01:00
Ben Hutchings
a6b15ac2c4
debian/changelog: Wrap an over-long line
2019-02-13 16:53:32 +00:00
Ben Hutchings
36c3e46992
Merge branch 'wookey/linux-sid' into sid
...
Sid: Add support for coresight (libopencsd) to perf
See merge request kernel-team/linux!123
2019-02-13 16:52:49 +00:00
Ben Hutchings
1bfee96fd0
udeb: Move crc7 to crc-modules to avoid duplication
2019-02-13 15:10:54 +00:00
Ben Hutchings
deaca48d3c
[sparc64] udeb: Use standard module list in nic-modules
2019-02-13 15:04:23 +00:00
Wookey
f43b9851eb
Add support for coresight (libopencsd) to perf
2019-02-13 03:00:18 +00:00
Ben Hutchings
f98f9b5dcf
udeb: Move drivers from {hyperv,virtio}-modules to {fb,input,nic,scsi}-modules
...
Now that the shared dependencies of these drivers are in kernel-image,
we can safely move them into the packages for each driver class.
2019-02-13 01:23:11 +00:00
Ben Hutchings
cb01662a3e
udeb: Move basic PV modules from {hyperv,virtio}-modules to kernel-image
...
These modules will end up in every installer build, one way or
another. Move them into kernel-image, which all other packages
depend on, so we can then split up the remaining PV drivers.
2019-02-13 01:23:11 +00:00
Ben Hutchings
9235dbdde8
udeb: Add fb-modules and include drm and drm_kms_helper on most architecures
...
The previous version failed to build on alpha:
debian/virtio-modules-4.19.0-3-alpha-generic-di lib/modules/4.19.0-3-alpha-generic/kernel/drivers/i2c/i2c-core.ko
debian/i2c-modules-4.19.0-3-alpha-generic-di lib/modules/4.19.0-3-alpha-generic/kernel/drivers/i2c/i2c-core.ko
and sparc64:
debian/virtio-modules-4.19.0-3-sparc64-di lib/modules/4.19.0-3-sparc64/kernel/drivers/i2c/i2c-core.ko
debian/nic-modules-4.19.0-3-sparc64-di lib/modules/4.19.0-3-sparc64/kernel/drivers/i2c/i2c-core.ko
sparc64 was missing a i2c-modules package, but adding that just gets
it to the same state as alpha. On both architectures drm_kms_helper
is included in the virtio-modules package as a dependency of
virtio-gpu, and then i2c-core is included as a dependency of
drm_kms_helper.
I don't think it makes sense to make virtio-modules directly depend on
i2c-modules. (In fact I think virtio-modules was a mistake entirely.)
Instead, for all configurations that enable both DRM and virtio:
1. Add an fb-modules package if it doesn't already exist
2. Include drm and drm_kms_helper in it
2019-02-13 01:23:11 +00:00
Ben Hutchings
722cef58bc
[powerpc*] udeb: Add i2c-modules
2019-02-13 01:23:11 +00:00
Ben Hutchings
93dd52b2a0
[arm64,armhf] udeb: Add mmc-core-modules to Provides of kernel-image
...
CONFIG_MMC is built-in for some reason, which I won't change right
now.
2019-02-13 00:22:08 +00:00
Ben Hutchings
1eff5d823e
udeb: Make nic-wireless-modules depend on mmc-core-modules, not mmc-modules
2019-02-13 00:21:25 +00:00
Ben Hutchings
f5c38df428
[armel] udeb: Add mmc-core-modules
2019-02-13 00:21:24 +00:00
Ben Hutchings
1d8da34a80
[powerpc*] udeb: Add mmc-core-modules and nic-wireless-modules
...
* Move airport into nic-wireless-modules
* Remove overrides for Depends field of nic-pcmcia-modules
2019-02-12 22:07:51 +00:00
Ben Hutchings
1d80b19d87
mt76: Use the correct hweight8() function (fixes FTBFS on ia64)
2019-02-12 15:39:34 +00:00
Ben Hutchings
300cb820cd
[sparc64] udeb: Add i2c-modules and nic-shared-modules to avoid duplication
2019-02-12 12:51:59 +00:00
Ben Hutchings
9050e91ac0
Prepare to release linux (4.19.20-1).
2019-02-11 16:56:00 +00:00
Ben Hutchings
b4995d6607
video: Disable FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER again
...
It won't work nicely unless we make the boot loader completely silent,
and we might need to update themes as well.
<https://fedoraproject.org/wiki/Changes/FlickerFreeBoot > has the full
details.
2019-02-11 16:55:58 +00:00
Ben Hutchings
fd527676dd
rmi4: Disable RMI_F54
...
Enabling this symbol makes rmi4_core depend on the media/v4l2
subsystem which is not only weird but also results in duplicate
modules at kernel-wedge time.
2019-02-11 14:06:39 +00:00
Ben Hutchings
07c5106918
udeb: Add scsi-nic-modules containing Chelsio and Qlogic iSCSI/FC drivers
...
These drivers depend on the corresponding net drivers, or at least
common modules built under drivers/net/ethernet, currently leading
to duplicate modules.
I don't want to resolve this by adding a dependency between
nic-modules and scsi-modules, as that would pull in both into
installer images that previously only needed one set of drivers. I
also don't want to add the common modules into kernel-image as that
would bloat all installer images. Instead, put the drivers in a new
package and we can work out which installer images should include it
later.
Build scsi-nic-modules for all architectures/flavours that build
scsi-modules using the common module list now.
2019-02-11 14:00:58 +00:00
Ben Hutchings
b7a2d1a5e6
debian/changelog: Close more bugs that requested config changes
2019-02-11 01:49:14 +00:00
Ben Hutchings
4a73a700d4
[armhf,riscv64,s390x] udeb: Add cdrom-core-modules
2019-02-11 01:40:18 +00:00
Ben Hutchings
1a8256e0fb
Enable some more new(ish) kconfig options
...
* [arm64,armhf] drm: Enable DRM_PANEL_RASPBERRYPI_TOUCHSCREEN as module
* dvb-usb-v2: Enable DVB_USB_ZD1301 as module
* gpio: Enable GPIO_EXAR, GPIO_PCI_IDIO_16, GPIO_PCIE_IDIO_24 as modules
* HID: Enable HID_ACCUTOUCH, HID_COUGAR, HID_ELAN, HID_ITE, HID_JABRA,
HID_MAYFLASH, HID_REDRAGON, HID_RETRODE, HID_STEAM, HID_UDRAW_PS3 as
modules
* [x86] i2c: Enable I2C_DESIGNWARE_BAYTRAIL
* media/rc: Enable IR_IMON_DECODER, IR_IMON_RAW as modules
* [x86] mfd: Enable INTEL_SOC_PMIC_BXTWC, INTEL_SOC_PMIC_CHTDC_TI as modules
* [x86] pinctrl: Enable PINCTRL_CANNONLAKE, PINCTRL_CEDARFORK,
PINCTRL_DENVERTON, PINCTRL_GEMINILAKE, PINCTRL_ICELAKE, PINCTRL_LEWISBURG
* ptp: Change PTP_1588_CLOCK_KVM from built-in to module
* serial: Enable USB_SERIAL_F8153X, USB_SERIAL_UPD78F0730 as modules
* sound: Enable SND_FIREWIRE_MOTU, SND_FIREFACE, SND_XEN_FRONTEND as modules
* [x86] sound: Enable SND_SOC_AMD_CZ_DA7219MX98357_MACH,
SND_SOC_AMD_CZ_RT5645_MACH, SND_SOC_INTEL_CHT_BSW_NAU8824_MACH,
SND_SOC_INTEL_BYT_CHT_DA7213_MACH, SND_SOC_INTEL_KBL_RT5663_MAX98927_MACH,
SND_SOC_INTEL_KBL_RT5663_RT5514_MAX98927_MACH,
SND_SOC_INTEL_KBL_DA7219_MAX98357A_MACH,
SND_SOC_INTEL_GLK_RT5682_MAX98357A_MACH as modules
* thermal: Enable DEVFREQ_THERMAL, THERMAL_STATISTICS
* video: Enable FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER
* watchdog: Enable WATCHDOG_PRETIMEOUT_GOV, WATCHDOG_PRETIMEOUT_GOV_NOOP,
WATCHDOG_PRETIMEOUT_DEFAULT_GOV_NOOP; WATCHDOG_PRETIMEOUT_GOV_PANIC,
WDAT_WDT as modules
* [x86] watchdog: Enable INTEL_MEI_WDT, NI903X_WDT, NIC7018_WDT as modules
2019-02-11 01:35:14 +00:00
Ben Hutchings
9954895622
Enable lots of new(ish) kconfig options
...
* 9p: Enable NET_9P_XEN as module
* ACPI: Enable ACPI_TAD as module
* amd-xgbe: Enable AMD_XGBE_DCB
* ath9k: Enable ATH9K_CHANNEL_CONTEXT
* block: Enable BLK_DEV_ZONED (except armel/marvell)
* bluetooth: Enable BT_HCIUART_RTL; BT_HCIUART_NOKIA, BT_MTKUART as modules
* bnxt: Enable BNXT_DCB
* ethernet: Enable HINIC, ICE, LAN743X, LIQUIDIO_VF as modules
* can: Enable CAN_VXCAN, CAN_MCBA_USB, CAN_UCAN as modules
* dm: Enable DM_UNSTRIPED, DM_WRITECACHE, DM_ZONED as modules
* gnss: Enable GNSS, GNSS_SIRF_SERIAL, GNSS_UBX_SERIAL as modules
* IB: Enable CGROUP_RDMA (except armel/marvell)
* ieee802154: Enable IEEE802154_HWSIM as module
* inet: Enable INET_RAW_DIAG as module
* input: Enable INPUT_AXP20X_PEK as module
* IPMI: Enable IPMI_SSIF as module
* joystick: Enable JOYSTICK_PXRC as module
* mlx5: Enable MLX5_FPGA, MLX5_CORE_IPOIB; MLXFW as module
* net: Enable BPF_STREAM_PARSER, XDP_SOCKETS (except armel/marvell);
NET_FAILOVER, SMC, SMC_DIAG, VSOCKMON as modules
* net/phy: Enable LED_TRIGGER_PHY; CORTINA_PHY, DP83822_PHY, DP83TC811_PHY,
MARVELL_10G_PHY, MICROCHIP_T1_PHY, RENESAS_PHY, ROCKCHIP_PHY as modules
* net/sched: Enable NET_SCH_CBS, NET_SCH_ETF, NET_SCH_SKBPRIO, NET_EMATCH_IPT
as modules
* PCMCIA: Enable SCR24X as module
* [x86] rmi4: Re-enable RMI4_CORE, RMI4_SMB as modules (Closes : #875621 );
RMI4_F03, RMI4_F11, RMI4_F12, RMI4_F30, RMI4_F34, RMI4_F54, RMI4_F55
* xfrm: Enable XFRM_INTERFACE as module
* PCI: Enable PCI_PF_STUB as module
* random: Enable RANDOM_TRUST_CPU. This can be reverted using the kernel
parameter: random.trust_cpu=off
* SCSI: Enable QEDF, QEDI as modules
* serial: Enable SERIAL_8250_EXAR as module
* tpm: Enable TCG_TIS_SPI, TCG_VTPM_PROXY as modules
* usbtouchscreen: Enable TOUCHSCREEN_USB_EASYTOUCH
* wireless: Enable MT76x0U, MT76x2E, MT76x2U, QTNFMAC_PEARL_PCIE as modules
* zram: Enable ZRAM_WRITEBACK, ZRAM_MEMORY_TRACKING
2019-02-10 23:16:32 +00:00
Ben Hutchings
d73ca07047
[powerpc*,sparc64] udeb: Add nic-usb-modules
2019-02-10 18:13:34 +00:00
Ben Hutchings
e62943f64c
[arm64,armhf,ia64,riscv64,sparc64] udeb: Add usb-serial-modules
...
Closes : #903824
2019-02-10 18:13:34 +00:00
Ben Hutchings
1ca5094557
drivers/firmware: Enable FW_CFG_SYSFS as module ( Closes : #882208 )
2019-02-10 18:13:34 +00:00
Marcin Juszkiewicz
3efa0022ac
arm64: Enable ARM64_ERRATUM_843419 ( Closes : #920866 )
2019-02-10 00:26:21 +01:00
Salvatore Bonaccorso
5019a8394c
HID: debug: fix the ring buffer implementation (CVE-2019-3819)
2019-02-09 15:14:06 +01:00
Ben Hutchings
9c88b474fe
Merge branch 'henrich/ARM_ARMADA_37XX_CPUFREQ' into sid
...
enable CONFIG_ARM_ARMADA_37XX_CPUFREQ for arm64 (Closes : #917939 )
See merge request kernel-team/linux!121
2019-02-08 23:12:46 +00:00
Ben Hutchings
98ad181d65
Merge branch 'henrich/IMX_THERMAL' into 'sid'
...
enable CONFIG_IMX_THERMAL (#883023 )
See merge request kernel-team/linux!120
2019-02-08 23:09:34 +00:00
Ben Hutchings
e773a42de0
debian/changelog: Add nf_conncount fixes in 4.19.17 and related Debian bug
2019-02-08 22:52:17 +00:00
Ben Hutchings
152737c8ce
debian/changelog: Wrap an over-long line
2019-02-08 22:48:16 +00:00
Ben Hutchings
fc8bea1698
Bump ABI to 3
...
struct hd_struct changed and it's not obvious how to avoid an ABI
change.
2019-02-08 22:39:29 +00:00
Hideki Yamane
00adcacb33
enable CONFIG_ARM_ARMADA_37XX_CPUFREQ for arm64 ( Closes : #917939 )
2019-02-09 02:38:04 +09:00
Hideki Yamane
ee08aef37e
enable CONFIG_IMX_THERMAL ( #883023 )
2019-02-09 02:28:23 +09:00
Salvatore Bonaccorso
00224672bb
[x86] KVM: nVMX: unconditionally cancel preemption timer in free_nested (CVE-2019-7221)
2019-02-08 10:32:39 +01:00
Salvatore Bonaccorso
fb1b32a316
[x86] KVM: work around leak of uninitialized stack contents (CVE-2019-7222)
2019-02-08 10:18:28 +01:00
Salvatore Bonaccorso
71aa687bf8
kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)
2019-02-08 10:01:58 +01:00
Ben Hutchings
e898a5d96a
Update "Revert "objtool: Fix CONFIG_STACK_VALIDATION=y warning for ..."
...
Part of the section we move was moved upstream in 4.19.15 by commit
ae206a1a5e3a "kbuild: fix false positive warning/error about missing
libelf". Don't duplicate that section.
2019-02-07 23:09:25 +00:00
Marcin Juszkiewicz
bf22005770
Enable virtio-gpu for debian installer
...
This will allow to get graphics support in VM instances right from
Debian installer phase.
(cherry picked from commit fb11c71e7c36b2e9abb7535e6c9c0ddbb8dc7c15)
2019-02-07 22:47:54 +00:00
Ben Hutchings
f6cfd5f990
Merge branch 'hrw-guest/linux-sid' into sid
...
Update to 4.19.20
See merge request kernel-team/linux!116
2019-02-07 21:00:43 +00:00
Marcin Juszkiewicz
bb2161ae6c
changelog: cleanup and debianization
2019-02-07 19:48:45 +01:00
Ben Hutchings
406f867ae8
debian/tests/python: Fix spurious failure due to misuse of stderr
...
While pycodestyle and pyflakes wrongly write error messages to stdout,
the unittest module has the opposite bug: it writes successful status
messages to stderr.
2019-02-07 04:14:55 +00:00
Ben Hutchings
886c02b804
percpu: convert spin_lock_irq to spin_lock_irqsave
...
This fixes boot failure with the alpha-generic flavour, discussed in
https://lists.debian.org/debian-alpha/2018/12/msg00001.html and
https://salsa.debian.org/kernel-team/linux/merge_requests/79
2019-02-06 23:41:18 +00:00
Ben Hutchings
3bdfe29c3e
[armhf,arm64] serial: 8250: Disable SERIAL_8250_DEPRECATED_OPTIONS
...
8250 was only called 8250_core in Linux 3.7 and 3.8, so there's
been plenty of time for people to switch back to setting module
parameters on 8250.
2019-02-06 23:18:32 +00:00
Ben Hutchings
f217e5602b
Merge branch 'henrich/sensors-lm75' into sid
...
enable CONFIG_SENSORS_LM75 for armhf (Closes : #918114 )
See merge request kernel-team/linux!114
2019-02-06 23:10:05 +00:00
Marcin Juszkiewicz
8f73ffdafe
Update to 4.19.20
2019-02-06 19:57:01 +00:00
Marcin Juszkiewicz
954102fe6b
Update to 4.19.19
2019-02-06 19:57:01 +00:00
Hideki Yamane
f9020427df
enable CONFIG_SENSORS_LM75 for armhf ( Closes : #918114 )
2019-02-05 19:11:44 +09:00
Hideki Yamane
fbaa5ba879
enable CONFIG_CAN_PEAK_PCIEFD ( Closes : #920809 )
2019-02-04 07:20:00 +09:00
Uwe Kleine-König
1ed7357997
[armel] add spi-orion to mtd.udeb
2019-02-02 16:16:02 +01:00
Hideki Yamane
5b1537b234
enable CONFIG_SENSORS_NCT7802 and others ( Closes : #912597 )
...
NCT7802,NCT7904,NPCM7XX,ASPEED and W83773G
2019-02-02 13:13:39 +09:00
Ben Hutchings
e18af5fcd1
Merge branch 'henrich/es8316' into 'sid'
...
enable SND_SOC_ES8316 in debian/config/kernelarch-x86/config (Closes : #918589 )
See merge request kernel-team/linux!106
2019-02-01 22:24:17 +00:00
Vagrant Cascadian
0837abc977
[armhf] Enable CONFIG_MMC_SDHCI_OMAP=m, used on DRA7 and related SoCs.
2019-02-01 12:01:01 -08:00
Hideki Yamane
d8bee97bd3
enable SND_SOC_ES8316 in debian/config/kernelarch-x86/config ( Closes : #918589 )
...
enabled SND_SOC_ES8316 in debian/config/kernelarch-x86/config and
Baytrail & Cherrytrail with ES8316 codec, too
2019-02-01 22:03:22 +09:00
Ben Hutchings
a5c82d1497
Merge branch 'sid' into 'sid'
...
make Touchpad working on Gemini Lake laptop (Closes : #917388 )
See merge request kernel-team/linux!105
2019-02-01 02:44:59 +00:00
Ben Hutchings
bb99bcfc51
Merge branch 'hrw-guest/linux-debian-enable-pci-options' into sid
2019-02-01 02:38:40 +00:00
Salvatore Bonaccorso
86ff06cd73
[x86] kvmclock: set offset for kvm unstable clock
...
Closes : #918036
2019-01-30 17:14:36 +01:00
Uwe Kleine-König
5fec0e0218
Merge branch 'debian-enable-arm-cci-pmu' of https://salsa.debian.org/hrw-guest/linux into sid
2019-01-29 18:33:48 +01:00
Marcin Juszkiewicz
27eecf10bf
[arm64] enable PCI_PRI, PCI_PASID
...
On ARM64 servers PCI devices can be behind IOMMU.
2019-01-29 16:58:48 +00:00
Marcin Juszkiewicz
93c485ea3e
[arm64] enable ARM_CCI_PMU
...
Both ARM_CCI400_PMU and ARM_CCI5xx_PMU options require ARM_CCI_PMU to be
enabled.
2019-01-29 16:52:01 +00:00
Salvatore Bonaccorso
d3c3eedb65
Add CVE id for CVE-2019-3701
2019-01-29 17:06:51 +01:00
Romain Perier
87753f2642
Update to 4.19.17
2019-01-29 11:34:12 +01:00
Hideki Yamane
55449ebd02
make Touchpad working on Gemini Lake laptop ( Closes : #917388 )
2019-01-28 16:55:00 +09:00
Ben Hutchings
1fd1e48157
debian/README.source: Document how to run kconfigeditor2
2019-01-23 17:37:47 +00:00
Luca Boccassi
338140ddae
cloud-amd64: enable UIO, UIO_HV_GENERIC, VFIO.
...
In order to access Azure's VMbus via /sys/vmbus, the corresponding
UIO module must be available.
Also enable VFIO for safe userspace device handling when the host
exposes a vIOMMU.
2019-01-21 16:37:23 +00:00
Ben Hutchings
18d72fb7b8
[i386] debian/control: Fix cross-compiler build-dependency
...
gcc-8-x86_64-linux-gnu is obviously not the right cross-compiler for i386!
2019-01-18 23:54:28 +00:00
Ben Hutchings
86a5455b20
debian/control: Add !pkg.linux.nokernel to qualification for compiler build-deps
...
We use the default compiler provided by (cross-)build-essential for
userland, so the compiler build-dependencies are not needed when
the pkg.linux.nokernel profile is used.
2019-01-18 23:54:28 +00:00
Ben Hutchings
6c01fb1460
debian/rules.d/tools/perf/Makefile: Delete redundant arch/profile checks
...
Since commit f5f169ba99
"Split build rules for tools to allow
skipping them." the architecture and profile checks are done in
debian/rules.real.
2019-01-18 23:54:28 +00:00
Ben Hutchings
5b0c3258f6
debian/rules.d: Delete now-unused recursive makefiles
...
Since commit f5f169ba99
"Split build rules for tools to allow
skipping them." these recursive makefiles are not used.
(debian/rules.d/Makefile can additionally install the top-level Kbuild
and Makefile, but that target hasn't been used since svn rev 18133
(version 3.1-1~experimental.1).)
2019-01-18 23:54:28 +00:00
Ben Hutchings
cd07c2e48b
debian/rules.d, debian/rules.real: Restore build of userland headers for tools
...
Since commit f5f169ba99
"Split build rules for tools to allow
skipping them." debian/rules.d/Makefile is not used and the current
kernel's UAPI headers are not installed. This hasn't caused breakage
yet, probably because many tools have their own workaround using
include/uapi etc. directly, but could break backports builds at some
point.
Move the build of userland headers up into debian/rules.real and
make all tools build targets depend on it.
2019-01-18 23:54:28 +00:00
Luca Boccassi
7368dbe6c6
Document pkg.linux.nosource in debian/README.source.
2019-01-18 20:59:11 +00:00
Luca Boccassi
7a4961e3fc
linux-perf: explicitly disable the jvmti feature and shared library.
2019-01-18 20:57:32 +00:00
Luca Boccassi
380ff19d50
Don't add linux-source to d/control when source: false
...
With the recent refactor, setting source: false in debian/config/defines
is no longer enough to disable the linux-source-$ver package build, as
dh_listpackages is used to determine what is built.
Do not add linux-source-$ver to d/control if it is disabled.
2019-01-18 20:57:32 +00:00
Ben Hutchings
3cc965234c
Prepare to release linux (4.19.16-1).
2019-01-17 18:56:17 +00:00
Ben Hutchings
a54836a8ea
Update to 4.19.16
2019-01-16 22:08:49 +00:00
Ben Hutchings
4a61bb4df9
Merge branch 'leds-apu' into 'sid'
...
Enable LEDS_APU to support leds on PC Engines APU
See merge request kernel-team/linux!101
2019-01-16 19:00:52 +00:00
Luigi Baldoni
b835b5ea87
Enable LEDS_APU to support leds on PC Engines APU
2019-01-16 13:04:14 +01:00
Yves-Alexis Perez
9bba1fb9b9
[rt] Update to 4.19.15-rt12
2019-01-16 11:09:49 +01:00