summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJosh Boyer <jwboyer@redhat.com>2014-04-02 08:21:25 -0400
committerJosh Boyer <jwboyer@redhat.com>2014-04-02 08:21:25 -0400
commit9ed75fbd4f54d1ce199cdda951141662475c182a (patch)
tree31ee3b91f7a3d50535baedbf9517199f62f043ff
parent9969f4229cb12c59b85a05173822dbd70f5e931e (diff)
downloadkernel-9ed75fbd4f54d1ce199cdda951141662475c182a.tar.gz
kernel-9ed75fbd4f54d1ce199cdda951141662475c182a.tar.xz
kernel-9ed75fbd4f54d1ce199cdda951141662475c182a.zip
Linux v3.14-3893-gc12e69c6aaf7
-rw-r--r--Bluetooth-allocate-static-minor-for-vhci.patch22
-rw-r--r--config-armv73
-rw-r--r--config-armv7-generic38
-rw-r--r--config-generic17
-rw-r--r--config-x86-generic1
-rw-r--r--kernel.spec5
-rw-r--r--secure-modules.patch62
-rw-r--r--sources2
8 files changed, 109 insertions, 41 deletions
diff --git a/Bluetooth-allocate-static-minor-for-vhci.patch b/Bluetooth-allocate-static-minor-for-vhci.patch
index 8acfb308f..8e468e4fe 100644
--- a/Bluetooth-allocate-static-minor-for-vhci.patch
+++ b/Bluetooth-allocate-static-minor-for-vhci.patch
@@ -1,10 +1,10 @@
Bugzilla: 1051748
Upstream-status: Queued for 3.15
-From b075dd40c95d11c2c8690f6c4d6232fc0d9e7f56 Mon Sep 17 00:00:00 2001
+From ae77280ec0111a8728f52a27e480324935b97ae1 Mon Sep 17 00:00:00 2001
From: Lucas De Marchi <lucas.demarchi@intel.com>
Date: Tue, 18 Feb 2014 05:19:26 +0000
-Subject: Bluetooth: allocate static minor for vhci
+Subject: [PATCH] Bluetooth: allocate static minor for vhci
Commit bfacbb9 (Bluetooth: Use devname:vhci module alias for virtual HCI
driver) added the module alias to hci_vhci module so it's possible to
@@ -25,8 +25,13 @@ Signed-off-by: Lucas De Marchi <lucas.demarchi@intel.com>
Acked-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
---
+ Documentation/devices.txt | 1 +
+ drivers/bluetooth/hci_vhci.c | 3 ++-
+ include/linux/miscdevice.h | 1 +
+ 3 files changed, 4 insertions(+), 1 deletion(-)
+
diff --git a/Documentation/devices.txt b/Documentation/devices.txt
-index 10378cc..04356f5 100644
+index 087d2122b204..d154147d0015 100644
--- a/Documentation/devices.txt
+++ b/Documentation/devices.txt
@@ -353,6 +353,7 @@ Your cooperation is appreciated.
@@ -38,7 +43,7 @@ index 10378cc..04356f5 100644
140 = /dev/relay8 Berkshire Products Octal relay card
141 = /dev/relay16 Berkshire Products ISO-16 relay card
diff --git a/drivers/bluetooth/hci_vhci.c b/drivers/bluetooth/hci_vhci.c
-index 1ef6990..add1c6a 100644
+index 1ef6990a5c7e..add1c6a72063 100644
--- a/drivers/bluetooth/hci_vhci.c
+++ b/drivers/bluetooth/hci_vhci.c
@@ -359,7 +359,7 @@ static const struct file_operations vhci_fops = {
@@ -56,7 +61,7 @@ index 1ef6990..add1c6a 100644
MODULE_ALIAS("devname:vhci");
+MODULE_ALIAS_MISCDEV(VHCI_MINOR);
diff --git a/include/linux/miscdevice.h b/include/linux/miscdevice.h
-index 3737f72..7bb6148 100644
+index 2cf1547096d9..51e26f3cd3b3 100644
--- a/include/linux/miscdevice.h
+++ b/include/linux/miscdevice.h
@@ -23,6 +23,7 @@
@@ -65,7 +70,8 @@ index 3737f72..7bb6148 100644
#define EFI_RTC_MINOR 136 /* EFI Time services */
+#define VHCI_MINOR 137
#define SUN_OPENPROM_MINOR 139
- #define DMAPI_MINOR 140 /* DMAPI */
+ #define DMAPI_MINOR 140 /* unused */
#define NVRAM_MINOR 144
---
-cgit v0.9.2
+--
+1.8.5.3
+
diff --git a/config-armv7 b/config-armv7
index d609bc65d..09d5bc52c 100644
--- a/config-armv7
+++ b/config-armv7
@@ -51,6 +51,7 @@ CONFIG_MVEBU_MBUS=y
CONFIG_PHY_MVEBU_SATA=y
CONFIG_ARMADA_THERMAL=m
CONFIG_DRM_ARMADA=m
+# CONFIG_SND_KIRKWOOD_SOC is not set
# omap
CONFIG_ARCH_OMAP2PLUS_TYPICAL=y
@@ -382,6 +383,7 @@ CONFIG_SND_SOC_IMX_SGTL5000=m
CONFIG_SND_SOC_IMX_WM8962=m
CONFIG_SND_SOC_IMX_MC13783=m
CONFIG_SND_SOC_IMX_SPDIF=m
+CONFIG_SND_SOC_EUKREA_TLV320=m
CONFIG_USB_IMX21_HCD=m
CONFIG_USB_MXS_PHY=m
@@ -569,6 +571,7 @@ CONFIG_DRM_TEGRA_STAGING=y
CONFIG_DRM_PANEL=y
CONFIG_DRM_PANEL_SIMPLE=m
+CONFIG_TEGRA_WATCHDOG=m
CONFIG_CRYPTO_DEV_TEGRA_AES=m
diff --git a/config-armv7-generic b/config-armv7-generic
index 66a5f6bd5..b562e4265 100644
--- a/config-armv7-generic
+++ b/config-armv7-generic
@@ -312,6 +312,8 @@ CONFIG_SPI_XCOMM=m
CONFIG_SPI_XILINX=m
CONFIG_SPI_DESIGNWARE=m
CONFIG_SPI_TLE62X0=m
+CONFIG_SPI_SUN4I=m
+CONFIG_SPI_SUN6I=m
# CONFIG_SPI_FSL_SPI is not set
CONFIG_NFC_NCI_SPI=y
@@ -408,6 +410,42 @@ CONFIG_SND_DMAENGINE_PCM=m
CONFIG_SND_JACK=y
CONFIG_SND_SIMPLE_CARD=m
CONFIG_SND_SOC_ALL_CODECS=m
+# CONFIG_SND_SOC_ADAU1701 is not set
+# CONFIG_SND_SOC_AK4104 is not set
+# CONFIG_SND_SOC_AK4554 is not set
+# CONFIG_SND_SOC_AK4642 is not set
+# CONFIG_SND_SOC_AK5386 is not set
+# CONFIG_SND_SOC_CS42L52 is not set
+# CONFIG_SND_SOC_CS42L73 is not set
+# CONFIG_SND_SOC_CS4270 is not set
+# CONFIG_SND_SOC_CS4271 is not set
+# CONFIG_SND_SOC_CS42XX8_I2C is not set
+# CONFIG_SND_SOC_HDMI_CODEC is not set
+# CONFIG_SND_SOC_PCM1681 is not set
+# CONFIG_SND_SOC_PCM1792A is not set
+# CONFIG_SND_SOC_PCM512x_I2C is not set
+# CONFIG_SND_SOC_PCM512x_SPI is not set
+# CONFIG_SND_SOC_SGTL5000 is not set
+# CONFIG_SND_SOC_SIRF_AUDIO_CODEC is not set
+# CONFIG_SND_SOC_SPDIF is not set
+# CONFIG_SND_SOC_TAS5086 is not set
+# CONFIG_SND_SOC_TLV320AIC3X is not set
+# CONFIG_SND_SOC_WM8510 is not set
+# CONFIG_SND_SOC_WM8523 is not set
+# CONFIG_SND_SOC_WM8580 is not set
+# CONFIG_SND_SOC_WM8711 is not set
+# CONFIG_SND_SOC_WM8728 is not set
+# CONFIG_SND_SOC_WM8731 is not set
+# CONFIG_SND_SOC_WM8737 is not set
+# CONFIG_SND_SOC_WM8741 is not set
+# CONFIG_SND_SOC_WM8750 is not set
+# CONFIG_SND_SOC_WM8753 is not set
+# CONFIG_SND_SOC_WM8770 is not set
+# CONFIG_SND_SOC_WM8776 is not set
+# CONFIG_SND_SOC_WM8804 is not set
+# CONFIG_SND_SOC_WM8903 is not set
+# CONFIG_SND_SOC_WM8962 is not set
+# CONFIG_SND_SOC_TPA6130A2 is not set
CONFIG_SND_SOC_CACHE_LZO=y
CONFIG_SND_SOC_DMIC=m
CONFIG_SND_SOC_GENERIC_DMAENGINE_PCM=y
diff --git a/config-generic b/config-generic
index 11661840c..9d3b29795 100644
--- a/config-generic
+++ b/config-generic
@@ -216,6 +216,8 @@ CONFIG_EXTRA_FIRMWARE=""
# CONFIG_SPI is not set
+# CONFIG_SPMI is not set
+
#
# Memory Technology Devices (MTD)
#
@@ -602,6 +604,7 @@ CONFIG_PATA_VIA=m
CONFIG_PATA_WINBOND=m
CONFIG_PATA_ATP867X=m
+# CONFIG_MCB is not set
#
# Multi-device support (RAID and LVM)
@@ -2404,6 +2407,7 @@ CONFIG_SENSORS_ABITUGURU=m
CONFIG_SENSORS_ABITUGURU3=m
CONFIG_SENSORS_AD7414=m
CONFIG_SENSORS_AD7418=m
+CONFIG_SENSORS_ADC128D818=m
CONFIG_SENSORS_ADM1021=m
CONFIG_SENSORS_ADM1025=m
CONFIG_SENSORS_ADM1026=m
@@ -2457,6 +2461,9 @@ CONFIG_SENSORS_LM92=m
CONFIG_SENSORS_LM93=m
CONFIG_SENSORS_LM95234=m
CONFIG_SENSORS_LTC4245=m
+CONFIG_SENSORS_LTC2945=m
+CONFIG_SENSORS_LTC4222=m
+CONFIG_SENSORS_LTC4260=m
CONFIG_SENSORS_MAX1619=m
CONFIG_SENSORS_MAX6650=m
CONFIG_SENSORS_MAX6697=m
@@ -2567,12 +2574,15 @@ CONFIG_HID_SENSOR_ENUM_BASE_QUIRKS=y
# CONFIG_GP2AP020A00F is not set
# CONFIG_TSL2583 is not set
# CONFIG_TSL2x7x is not set
+# CONFIG_LTR501 is not set
# CONFIG_TCS3472 is not set
# CONFIG_TSL4531 is not set
# CONFIG_NAU7802 is not set
# CONFIG_TI_ADC081C is not set
# CONFIG_EXYNOS_ADC is not set
# CONFIG_VIPERBOARD_ADC is not set
+# CONFIG_VF610_ADC is not set
+# CONFIG_XILINX_XADC is not set
# CONFIG_INV_MPU6050_IIO is not set
CONFIG_IIO_ST_GYRO_3AXIS=m
CONFIG_IIO_ST_MAGN_3AXIS=m
@@ -2584,6 +2594,7 @@ CONFIG_HID_SENSOR_INCLINOMETER_3D=m
# CONFIG_AK8975 is not set
# CONFIG_MAG3110 is not set
# CONFIG_TMP006 is not set
+# CONFIG_HID_SENSOR_PRESS is not set
# CONFIG_IIO_ST_PRESS is not set
# CONFIG_KXSD9 is not set
# CONFIG_AD7266 is not set
@@ -2617,6 +2628,7 @@ CONFIG_HID_SENSOR_INCLINOMETER_3D=m
# CONFIG_ADIS16480 is not set
# CONFIG_DHT11 is not set
# CONFIG_MPL3115 is not set
+# CONFIG_SI7005 is not set
# staging IIO drivers
# CONFIG_AD7291 is not set
@@ -2749,6 +2761,7 @@ CONFIG_WM831X_WATCHDOG=m
CONFIG_W83697UG_WDT=m
# CONFIG_MEN_A21_WDT is not set
# CONFIG_GPIO_WATCHDOG is not set
+# CONFIG_XILINX_WATCHDOG is not set
CONFIG_HW_RANDOM=y
CONFIG_HW_RANDOM_TIMERIOMEM=m
@@ -3569,6 +3582,7 @@ CONFIG_HID_SENSOR_HUB=m
CONFIG_HID_SENSOR_GYRO_3D=m
CONFIG_HID_SENSOR_MAGNETOMETER_3D=m
CONFIG_HID_SENSOR_ALS=m
+# CONFIG_HID_SENSOR_PROX is not set
CONFIG_HID_SENSOR_ACCEL_3D=m
CONFIG_HID_EMS_FF=m
CONFIG_HID_ELECOM=m
@@ -4966,6 +4980,9 @@ CONFIG_ALTERA_STAPL=m
# CONFIG_DGAP is not set
# CONFIG_DGNC is not set
# CONFIG_RTS5208 is not set
+# CONFIG_GS_FPGABOOT is not set
+# CONFIG_BT_NOKIA_H4P is not set
+# CONFIG_UNISYSSPAR is not set
# END OF STAGING
#
diff --git a/config-x86-generic b/config-x86-generic
index 0e2916bb8..963584cc3 100644
--- a/config-x86-generic
+++ b/config-x86-generic
@@ -440,6 +440,7 @@ CONFIG_RCU_FANOUT_LEAF=16
CONFIG_INTEL_MEI=m
CONFIG_INTEL_MEI_ME=m
+CONFIG_INTEL_MEI_TXE=m
CONFIG_NFC_MEI_PHY=m
CONFIG_NFC_PN544_MEI=m
diff --git a/kernel.spec b/kernel.spec
index 5d7e0dc11..d19a1e14d 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -61,7 +61,7 @@ Summary: The Linux kernel
# The rc snapshot level
%define rcrev 0
# The git snapshot level
-%define gitrev 2
+%define gitrev 3
# Set rpm version accordingly
%define rpmversion 3.%{upstream_sublevel}.0
%endif
@@ -2080,6 +2080,9 @@ fi
# ||----w |
# || ||
%changelog
+* Wed Apr 02 2014 Josh Boyer <jwboyer@fedoraproject.org> - 3.15.0-0.rc0.git3.1
+- Linux v3.14-3893-gc12e69c6aaf7
+
* Tue Apr 01 2014 Josh Boyer <jwboyer@fedoraproject.org> - 3.15.0-0.rc0.git2.1
- CVE-2014-2678 net: rds: deref of NULL dev in rds_iw_laddr_check (rhbz 1083274 1083280)
diff --git a/secure-modules.patch b/secure-modules.patch
index 9c44ea47a..0c93fa51b 100644
--- a/secure-modules.patch
+++ b/secure-modules.patch
@@ -1,7 +1,7 @@
Bugzilla: N/A
Upstream-status: Fedora mustard. Replaced by securelevels, but that was nak'd
-From 8c5bcdba1c1ff54913679e435e90f6084b15e8bf Mon Sep 17 00:00:00 2001
+From b0466e5c5483957f8ca30b8f1bcf60bbad9d40aa Mon Sep 17 00:00:00 2001
From: Matthew Garrett <matthew.garrett@nebula.com>
Date: Fri, 9 Aug 2013 17:58:15 -0400
Subject: [PATCH 01/14] Add secure_modules() call
@@ -63,7 +63,7 @@ index 8dc7f5e80dd8..62f9b72bf85e 100644
1.8.5.3
-From 07a3bcd38cc1056dd6c58ba58316296c4df38fb0 Mon Sep 17 00:00:00 2001
+From 3df1daaa8cd3c8450fd8fda62ff4836eddbf0f09 Mon Sep 17 00:00:00 2001
From: Matthew Garrett <matthew.garrett@nebula.com>
Date: Thu, 8 Mar 2012 10:10:38 -0500
Subject: [PATCH 02/14] PCI: Lock down BAR access when module security is
@@ -83,7 +83,7 @@ Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
3 files changed, 19 insertions(+), 2 deletions(-)
diff --git a/drivers/pci/pci-sysfs.c b/drivers/pci/pci-sysfs.c
-index 276ef9c18802..acd1d61247c8 100644
+index 4e0acefb7565..01b56d13d021 100644
--- a/drivers/pci/pci-sysfs.c
+++ b/drivers/pci/pci-sysfs.c
@@ -29,6 +29,7 @@
@@ -94,7 +94,7 @@ index 276ef9c18802..acd1d61247c8 100644
#include "pci.h"
static int sysfs_initialized; /* = 0 */
-@@ -663,6 +664,9 @@ pci_write_config(struct file* filp, struct kobject *kobj,
+@@ -652,6 +653,9 @@ pci_write_config(struct file* filp, struct kobject *kobj,
loff_t init_off = off;
u8 *data = (u8*) buf;
@@ -104,7 +104,7 @@ index 276ef9c18802..acd1d61247c8 100644
if (off > dev->cfg_size)
return 0;
if (off + count > dev->cfg_size) {
-@@ -969,6 +973,9 @@ pci_mmap_resource(struct kobject *kobj, struct bin_attribute *attr,
+@@ -958,6 +962,9 @@ pci_mmap_resource(struct kobject *kobj, struct bin_attribute *attr,
resource_size_t start, end;
int i;
@@ -114,7 +114,7 @@ index 276ef9c18802..acd1d61247c8 100644
for (i = 0; i < PCI_ROM_RESOURCE; i++)
if (res == &pdev->resource[i])
break;
-@@ -1076,6 +1083,9 @@ pci_write_resource_io(struct file *filp, struct kobject *kobj,
+@@ -1065,6 +1072,9 @@ pci_write_resource_io(struct file *filp, struct kobject *kobj,
struct bin_attribute *attr, char *buf,
loff_t off, size_t count)
{
@@ -182,7 +182,7 @@ index 24750a1b39b6..fa57896b97dd 100644
1.8.5.3
-From ec91151858b2610fab98eaee045718f83b95b182 Mon Sep 17 00:00:00 2001
+From c14a3599cdf71ccd6ea47e8b404412b8e7a5c1b3 Mon Sep 17 00:00:00 2001
From: Matthew Garrett <matthew.garrett@nebula.com>
Date: Thu, 8 Mar 2012 10:35:59 -0500
Subject: [PATCH 03/14] x86: Lock down IO port access when module security is
@@ -230,7 +230,7 @@ index 4ddaf66ea35f..00b440307419 100644
}
regs->flags = (regs->flags & ~X86_EFLAGS_IOPL) | (level << 12);
diff --git a/drivers/char/mem.c b/drivers/char/mem.c
-index 92c5937f80c3..9d67b702bee5 100644
+index 917403fe10da..cdf839f9defe 100644
--- a/drivers/char/mem.c
+++ b/drivers/char/mem.c
@@ -27,6 +27,7 @@
@@ -241,7 +241,7 @@ index 92c5937f80c3..9d67b702bee5 100644
#include <asm/uaccess.h>
-@@ -562,6 +563,9 @@ static ssize_t write_port(struct file *file, const char __user *buf,
+@@ -568,6 +569,9 @@ static ssize_t write_port(struct file *file, const char __user *buf,
unsigned long i = *ppos;
const char __user *tmp = buf;
@@ -255,7 +255,7 @@ index 92c5937f80c3..9d67b702bee5 100644
1.8.5.3
-From 6a1ba9b8e21747505e3242edec5eb32b34151197 Mon Sep 17 00:00:00 2001
+From ccbc02eee179074b13acc2d7dfd17835726a579a Mon Sep 17 00:00:00 2001
From: Matthew Garrett <matthew.garrett@nebula.com>
Date: Fri, 9 Mar 2012 08:39:37 -0500
Subject: [PATCH 04/14] ACPI: Limit access to custom_method
@@ -287,7 +287,7 @@ index c68e72414a67..4277938af700 100644
1.8.5.3
-From 3b4277dc7a3dfefe3e27405e497eed0f90359141 Mon Sep 17 00:00:00 2001
+From b40f05f5ec470bc59f41ca7ce66ea09614db60ea Mon Sep 17 00:00:00 2001
From: Matthew Garrett <matthew.garrett@nebula.com>
Date: Fri, 9 Mar 2012 08:46:50 -0500
Subject: [PATCH 05/14] asus-wmi: Restrict debugfs interface when module
@@ -342,7 +342,7 @@ index c5e082fb82fa..03c57fc8de8a 100644
1.8.5.3
-From a04a8ae989b90585a242eb19a8567e70419be27b Mon Sep 17 00:00:00 2001
+From bfa6f400f5e0f98772f3c77b60d8ac3d39b080a8 Mon Sep 17 00:00:00 2001
From: Matthew Garrett <matthew.garrett@nebula.com>
Date: Fri, 9 Mar 2012 09:28:15 -0500
Subject: [PATCH 06/14] Restrict /dev/mem and /dev/kmem when module loading is
@@ -358,12 +358,12 @@ Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
1 file changed, 6 insertions(+)
diff --git a/drivers/char/mem.c b/drivers/char/mem.c
-index 9d67b702bee5..9116f10eec5e 100644
+index cdf839f9defe..c63cf93b00eb 100644
--- a/drivers/char/mem.c
+++ b/drivers/char/mem.c
-@@ -158,6 +158,9 @@ static ssize_t write_mem(struct file *file, const char __user *buf,
- unsigned long copied;
- void *ptr;
+@@ -164,6 +164,9 @@ static ssize_t write_mem(struct file *file, const char __user *buf,
+ if (p != *ppos)
+ return -EFBIG;
+ if (secure_modules())
+ return -EPERM;
@@ -371,7 +371,7 @@ index 9d67b702bee5..9116f10eec5e 100644
if (!valid_phys_addr_range(p, count))
return -EFAULT;
-@@ -496,6 +499,9 @@ static ssize_t write_kmem(struct file *file, const char __user *buf,
+@@ -502,6 +505,9 @@ static ssize_t write_kmem(struct file *file, const char __user *buf,
char *kbuf; /* k-addr because vwrite() takes vmlist_lock rwlock */
int err = 0;
@@ -385,7 +385,7 @@ index 9d67b702bee5..9116f10eec5e 100644
1.8.5.3
-From 9aac939b874fc53c4021baf88914292448dcb0f6 Mon Sep 17 00:00:00 2001
+From e399403d8b74cbbb23ead4e43b70b4d82ee00402 Mon Sep 17 00:00:00 2001
From: Josh Boyer <jwboyer@redhat.com>
Date: Mon, 25 Jun 2012 19:57:30 -0400
Subject: [PATCH 07/14] acpi: Ignore acpi_rsdp kernel parameter when module
@@ -401,7 +401,7 @@ Signed-off-by: Josh Boyer <jwboyer@redhat.com>
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/acpi/osl.c b/drivers/acpi/osl.c
-index fc1aa7909690..ee9f123db960 100644
+index 27f84af4e337..bd3ac0947890 100644
--- a/drivers/acpi/osl.c
+++ b/drivers/acpi/osl.c
@@ -44,6 +44,7 @@
@@ -425,7 +425,7 @@ index fc1aa7909690..ee9f123db960 100644
1.8.5.3
-From 7105897db69bf40f7a860d962d6364f44b184a99 Mon Sep 17 00:00:00 2001
+From 686268dea5fa802409d99f964005bc57d62f6b04 Mon Sep 17 00:00:00 2001
From: Matthew Garrett <matthew.garrett@nebula.com>
Date: Fri, 9 Aug 2013 03:33:56 -0400
Subject: [PATCH 08/14] kexec: Disable at runtime if the kernel enforces module
@@ -470,7 +470,7 @@ index 45601cf41bee..d5819bb45bec 100644
1.8.5.3
-From 396802aea251e2b6d73b8af6107bf5b15319c5d9 Mon Sep 17 00:00:00 2001
+From 4a1068eb94b99cab1d31a8a87eea9aafb39bcea0 Mon Sep 17 00:00:00 2001
From: Matthew Garrett <matthew.garrett@nebula.com>
Date: Tue, 3 Sep 2013 11:23:29 -0400
Subject: [PATCH 09/14] uswsusp: Disable when module loading is restricted
@@ -510,7 +510,7 @@ index 98d357584cd6..efe99dee9510 100644
1.8.5.3
-From a35665548d4a0a2e56692f6d8e1a85097f8a1d78 Mon Sep 17 00:00:00 2001
+From 569d0384d6846dae76910d5104666f11597a6a78 Mon Sep 17 00:00:00 2001
From: Matthew Garrett <matthew.garrett@nebula.com>
Date: Fri, 8 Feb 2013 11:12:13 -0800
Subject: [PATCH 10/14] x86: Restrict MSR access when module loading is
@@ -555,7 +555,7 @@ index 05266b5aae22..e2bd647f676e 100644
1.8.5.3
-From e6666519c5267410c85d8271c69a421eb735f58e Mon Sep 17 00:00:00 2001
+From bca29272512c8646bf2feaf304a0eceb05c0d0c0 Mon Sep 17 00:00:00 2001
From: Matthew Garrett <matthew.garrett@nebula.com>
Date: Fri, 9 Aug 2013 18:36:30 -0400
Subject: [PATCH 11/14] Add option to automatically enforce module signatures
@@ -591,10 +591,10 @@ index 199f453cb4de..ec38acf00b40 100644
290/040 ALL edd_mbr_sig_buffer EDD MBR signatures
2D0/A00 ALL e820_map E820 memory map table
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
-index 8453fe1342ea..ba517988f087 100644
+index 26237934ac87..e27b78bcca34 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
-@@ -1599,6 +1599,16 @@ config EFI_MIXED
+@@ -1597,6 +1597,16 @@ config EFI_MIXED
If unsure, say N.
@@ -742,7 +742,7 @@ index 62f9b72bf85e..dcfb07ae5e4e 100644
1.8.5.3
-From 00f0cb47385ccf3b3dab4d94a1a286c9d2327cf3 Mon Sep 17 00:00:00 2001
+From 67ff850d16232e30c39109d29510d2a4aef34de9 Mon Sep 17 00:00:00 2001
From: Josh Boyer <jwboyer@redhat.com>
Date: Tue, 5 Feb 2013 19:25:05 -0500
Subject: [PATCH 12/14] efi: Disable secure boot if shim is in insecure mode
@@ -801,7 +801,7 @@ index b00745ff398a..bf42cc5f083d 100644
1.8.5.3
-From e058a830573fcf283ae17b412d10313140f489a4 Mon Sep 17 00:00:00 2001
+From 53645ba848224ee81978b17c5e5328dca798466f Mon Sep 17 00:00:00 2001
From: Josh Boyer <jwboyer@fedoraproject.org>
Date: Tue, 27 Aug 2013 13:28:43 -0400
Subject: [PATCH 13/14] efi: Make EFI_SECURE_BOOT_SIG_ENFORCE depend on EFI
@@ -815,10 +815,10 @@ Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org>
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
-index ba517988f087..34144e88208e 100644
+index e27b78bcca34..dfd068b32cdc 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
-@@ -1600,7 +1600,8 @@ config EFI_MIXED
+@@ -1598,7 +1598,8 @@ config EFI_MIXED
If unsure, say N.
config EFI_SECURE_BOOT_SIG_ENFORCE
@@ -832,7 +832,7 @@ index ba517988f087..34144e88208e 100644
1.8.5.3
-From a523b1823cbde3933269ccf10c147f7f1961a7cc Mon Sep 17 00:00:00 2001
+From e5b7eaf1b5d04ec739464b6e2df21c666d060c69 Mon Sep 17 00:00:00 2001
From: Josh Boyer <jwboyer@fedoraproject.org>
Date: Tue, 27 Aug 2013 13:33:03 -0400
Subject: [PATCH 14/14] efi: Add EFI_SECURE_BOOT bit
@@ -847,7 +847,7 @@ Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org>
2 files changed, 3 insertions(+)
diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
-index aa227f68687c..9991a533f3e1 100644
+index aa227f68687c..c7cf7919b3c4 100644
--- a/arch/x86/kernel/setup.c
+++ b/arch/x86/kernel/setup.c
@@ -1145,7 +1145,9 @@ void __init setup_arch(char **cmdline_p)
diff --git a/sources b/sources
index 27c741348..8bcba151a 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
b621207b3f6ecbb67db18b13258f8ea8 linux-3.14.tar.xz
d36baf2d62de5aa61f10a976d00d2d2a perf-man-3.14.tar.gz
-d3007f1995961ff098f7a60c1897d2a7 patch-3.14-git2.xz
+a4353e0273eb8fac9105813a8789fb77 patch-3.14-git3.xz