summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--KEYS-Add-a-system-blacklist-keyring.patch4
-rw-r--r--Kbuild-Add-an-option-to-enable-GCC-VTA.patch4
-rw-r--r--MODSIGN-Import-certificates-from-UEFI-Secure-Boot.patch10
-rw-r--r--Restrict-dev-mem-and-dev-kmem-when-module-loading-is.patch2
-rw-r--r--config-armv71
-rw-r--r--config-armv7-generic8
-rw-r--r--config-generic6
-rw-r--r--config-powerpc-generic1
-rw-r--r--config-powerpc642
-rw-r--r--config-powerpc64p72
-rw-r--r--criu-no-expert.patch8
-rw-r--r--kernel.spec11
-rw-r--r--security-yama-Remove-unnecessary-selects-from-Kconfi.patch28
-rw-r--r--sources2
-rw-r--r--x86-Lock-down-IO-port-access-when-module-security-is.patch2
15 files changed, 40 insertions, 51 deletions
diff --git a/KEYS-Add-a-system-blacklist-keyring.patch b/KEYS-Add-a-system-blacklist-keyring.patch
index ced0dec2e..74c2870dc 100644
--- a/KEYS-Add-a-system-blacklist-keyring.patch
+++ b/KEYS-Add-a-system-blacklist-keyring.patch
@@ -29,10 +29,10 @@ index 72665eb80692..2c7b80d31366 100644
+
#endif /* _KEYS_SYSTEM_KEYRING_H */
diff --git a/init/Kconfig b/init/Kconfig
-index a905b7301e10..65e1bd0bc995 100644
+index 3b9df1aa35db..0eaa8278c87b 100644
--- a/init/Kconfig
+++ b/init/Kconfig
-@@ -1747,6 +1747,15 @@ config SYSTEM_TRUSTED_KEYRING
+@@ -1764,6 +1764,15 @@ config SYSTEM_TRUSTED_KEYRING
Keys in this keyring are used by module signature checking.
diff --git a/Kbuild-Add-an-option-to-enable-GCC-VTA.patch b/Kbuild-Add-an-option-to-enable-GCC-VTA.patch
index 0ac2c66a4..15122606e 100644
--- a/Kbuild-Add-an-option-to-enable-GCC-VTA.patch
+++ b/Kbuild-Add-an-option-to-enable-GCC-VTA.patch
@@ -43,10 +43,10 @@ Signed-off-by: Josh Stone <jistone@redhat.com>
2 files changed, 21 insertions(+), 1 deletion(-)
diff --git a/Makefile b/Makefile
-index 9b76ce1e08bb..710c857e6450 100644
+index 6cc5b2434224..9e743f32d394 100644
--- a/Makefile
+++ b/Makefile
-@@ -706,7 +706,11 @@ KBUILD_CFLAGS += -fomit-frame-pointer
+@@ -704,7 +704,11 @@ KBUILD_CFLAGS += -fomit-frame-pointer
endif
endif
diff --git a/MODSIGN-Import-certificates-from-UEFI-Secure-Boot.patch b/MODSIGN-Import-certificates-from-UEFI-Secure-Boot.patch
index f2c19e463..bf630a2b5 100644
--- a/MODSIGN-Import-certificates-from-UEFI-Secure-Boot.patch
+++ b/MODSIGN-Import-certificates-from-UEFI-Secure-Boot.patch
@@ -42,10 +42,10 @@ index 3dd6f4a51b9b..9cc069579351 100644
efi_guid_t guid;
u64 table;
diff --git a/init/Kconfig b/init/Kconfig
-index 65e1bd0bc995..98af72b9a002 100644
+index 0eaa8278c87b..60ec329b1959 100644
--- a/init/Kconfig
+++ b/init/Kconfig
-@@ -1901,6 +1901,15 @@ config MODULE_SIG_ALL
+@@ -1918,6 +1918,15 @@ config MODULE_SIG_ALL
comment "Do not forget to sign required modules with scripts/sign-file"
depends on MODULE_SIG_FORCE && !MODULE_SIG_ALL
@@ -62,10 +62,10 @@ index 65e1bd0bc995..98af72b9a002 100644
prompt "Which hash algorithm should modules be signed with?"
depends on MODULE_SIG
diff --git a/kernel/Makefile b/kernel/Makefile
-index 1408b3353a3c..8a3be67a3a15 100644
+index 0f8f8b0bc1bf..cbe268943cee 100644
--- a/kernel/Makefile
+++ b/kernel/Makefile
-@@ -46,6 +46,7 @@ obj-$(CONFIG_UID16) += uid16.o
+@@ -48,6 +48,7 @@ obj-$(CONFIG_UID16) += uid16.o
obj-$(CONFIG_SYSTEM_TRUSTED_KEYRING) += system_keyring.o system_certificates.o
obj-$(CONFIG_MODULES) += module.o
obj-$(CONFIG_MODULE_SIG) += module_signing.o
@@ -73,7 +73,7 @@ index 1408b3353a3c..8a3be67a3a15 100644
obj-$(CONFIG_KALLSYMS) += kallsyms.o
obj-$(CONFIG_BSD_PROCESS_ACCT) += acct.o
obj-$(CONFIG_KEXEC) += kexec.o
-@@ -99,6 +100,8 @@ obj-$(CONFIG_TORTURE_TEST) += torture.o
+@@ -101,6 +102,8 @@ obj-$(CONFIG_TORTURE_TEST) += torture.o
$(obj)/configs.o: $(obj)/config_data.h
diff --git a/Restrict-dev-mem-and-dev-kmem-when-module-loading-is.patch b/Restrict-dev-mem-and-dev-kmem-when-module-loading-is.patch
index fd2faacbd..d3f6ee243 100644
--- a/Restrict-dev-mem-and-dev-kmem-when-module-loading-is.patch
+++ b/Restrict-dev-mem-and-dev-kmem-when-module-loading-is.patch
@@ -13,7 +13,7 @@ Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
1 file changed, 6 insertions(+)
diff --git a/drivers/char/mem.c b/drivers/char/mem.c
-index aa2fac9086b5..fb88c24ebd01 100644
+index 53fe675f9bd7..b52c88860532 100644
--- a/drivers/char/mem.c
+++ b/drivers/char/mem.c
@@ -167,6 +167,9 @@ static ssize_t write_mem(struct file *file, const char __user *buf,
diff --git a/config-armv7 b/config-armv7
index 079af96af..a37d238b7 100644
--- a/config-armv7
+++ b/config-armv7
@@ -371,6 +371,7 @@ CONFIG_SPMI_MSM_PMIC_ARB=m
CONFIG_QCOM_SPMI_IADC=m
CONFIG_QCOM_SPMI_VADC=m
CONFIG_INPUT_PM8941_PWRKEY=m
+CONFIG_LEDS_PM8941_WLED=m
# i.MX
# CONFIG_MXC_DEBUG_BOARD is not set
diff --git a/config-armv7-generic b/config-armv7-generic
index ed54f7bf5..041cb34ca 100644
--- a/config-armv7-generic
+++ b/config-armv7-generic
@@ -555,11 +555,18 @@ CONFIG_I2C_DESIGNWARE_PLATFORM=m
CONFIG_I2C_MV64XXX=m
# HW crypto and rng
+CONFIG_ARM_CRYPTO=y
CONFIG_CRYPTO_SHA1_ARM=m
CONFIG_CRYPTO_AES_ARM=m
# CONFIG_CRYPTO_AES_ARM_BS is not set
CONFIG_CRYPTO_SHA1_ARM_NEON=m
CONFIG_CRYPTO_SHA512_ARM_NEON=m
+# CONFIG_CRYPTO_SHA1_ARM_CE is not set
+# CONFIG_CRYPTO_SHA2_ARM_CE is not set
+CONFIG_CRYPTO_SHA256_ARM=m
+# CONFIG_CRYPTO_AES_ARM_CE is not set
+# CONFIG_CRYPTO_GHASH_ARM_CE is not set
+
# DMA
CONFIG_TI_PRIV_EDMA=y
@@ -602,6 +609,7 @@ CONFIG_EEPROM_93XX46=m
# Sound
CONFIG_SND_ARM=y
CONFIG_SND_SOC_AC97_BUS=y
+# CONFIG_SND_SOC_QCOM is not set
# Displays
CONFIG_BACKLIGHT_TPS65217=m
diff --git a/config-generic b/config-generic
index e24f33c46..c16872f29 100644
--- a/config-generic
+++ b/config-generic
@@ -2386,6 +2386,7 @@ CONFIG_TCG_NSC=m
CONFIG_TCG_ATMEL=m
# CONFIG_TCG_INFINEON is not set
# CONFIG_TCG_TIS_I2C_ST33 is not set
+# CONFIG_TCG_TIS_ST33ZP24 is not set
# CONFIG_TCG_XEN is not set
CONFIG_TELCLOCK=m
@@ -4588,6 +4589,7 @@ CONFIG_CRYPTO_FIPS=y
CONFIG_CRYPTO_USER_API_HASH=y
CONFIG_CRYPTO_USER_API_SKCIPHER=y
CONFIG_CRYPTO_USER_API_RNG=y
+CONFIG_CRYPTO_USER_API_AEAD=y
CONFIG_CRYPTO_MANAGER=y
# Note, CONFIG_CRYPTO_MANAGER_DISABLE_TESTS needs to be unset, or FIPS will be disabled.
# CONFIG_CRYPTO_MANAGER_DISABLE_TESTS is not set
@@ -4880,6 +4882,7 @@ CONFIG_SND_SOC_GENERIC_DMAENGINE_PCM=y
# CONFIG_SND_SOC_PCM1792A is not set
# CONFIG_SND_SOC_PCM512x_I2C is not set
# CONFIG_SND_SOC_PCM512x_SPI is not set
+# CONFIG_SND_SOC_QCOM is not set
# CONFIG_SND_SOC_SGTL5000 is not set
# CONFIG_SND_SOC_SIRF_AUDIO_CODEC is not set
# CONFIG_SND_SOC_TAS5086 is not set
@@ -4897,6 +4900,8 @@ CONFIG_SND_SOC_GENERIC_DMAENGINE_PCM=y
# CONFIG_SND_SOC_WM8770 is not set
# CONFIG_SND_SOC_WM8776 is not set
# CONFIG_SND_SOC_WM8804 is not set
+# CONFIG_SND_SOC_WM8804_I2C is not set
+# CONFIG_SND_SOC_WM8804_SPI is not set
# CONFIG_SND_SOC_WM8903 is not set
# CONFIG_SND_SOC_WM8962 is not set
# CONFIG_SND_SOC_TPA6130A2 is not set
@@ -4955,6 +4960,7 @@ CONFIG_LEDS_DELL_NETBOOKS=m
# CONFIG_LEDS_LP8501 is not set
# CONFIG_LEDS_LP8860 is not set
# CONFIG_LEDS_PCA963X is not set
+# CONFIG_LEDS_PM8941_WLED is not set
# CONFIG_LEDS_SYSCON is not set
CONFIG_LEDS_TRIGGERS=y
CONFIG_LEDS_TRIGGER_TIMER=m
diff --git a/config-powerpc-generic b/config-powerpc-generic
index 00aaace9a..07008552e 100644
--- a/config-powerpc-generic
+++ b/config-powerpc-generic
@@ -326,6 +326,7 @@ CONFIG_I2C_MPC=m
# CONFIG_CRYPTO_DEV_FSL_CAAM is not set
# CONFIG_CRYPTO_SHA1_PPC is not set
+# CONFIG_CRYPTO_MD5_PPC is not set
# CONFIG_CAN_FLEXCAN is not set
# CONFIG_NET_VENDOR_XILINX is not set
diff --git a/config-powerpc64 b/config-powerpc64
index a139271ad..87de5f203 100644
--- a/config-powerpc64
+++ b/config-powerpc64
@@ -174,6 +174,8 @@ CONFIG_CRYPTO_DEV_NX=y
CONFIG_CRYPTO_842=m
CONFIG_CRYPTO_DEV_NX_ENCRYPT=m
CONFIG_CRYPTO_DEV_NX_COMPRESS=m
+CONFIG_CRYPTO_DEV_VMX=y
+CONFIG_CRYPTO_DEV_VMX_ENCRYPT=y
CONFIG_CXL=m
diff --git a/config-powerpc64p7 b/config-powerpc64p7
index a04513d22..2a6d6472a 100644
--- a/config-powerpc64p7
+++ b/config-powerpc64p7
@@ -164,6 +164,8 @@ CONFIG_CRYPTO_DEV_NX=y
CONFIG_CRYPTO_842=m
CONFIG_CRYPTO_DEV_NX_ENCRYPT=m
CONFIG_CRYPTO_DEV_NX_COMPRESS=m
+CONFIG_CRYPTO_DEV_VMX=y
+CONFIG_CRYPTO_DEV_VMX_ENCRYPT=y
CONFIG_CXL=m
diff --git a/criu-no-expert.patch b/criu-no-expert.patch
index 5807360f2..f0f93d60e 100644
--- a/criu-no-expert.patch
+++ b/criu-no-expert.patch
@@ -9,10 +9,10 @@ Upstream-status: Fedora mustard
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/init/Kconfig b/init/Kconfig
-index 98af72b9a002..73f60b09ecd1 100644
+index 60ec329b1959..6a3a2f63399b 100644
--- a/init/Kconfig
+++ b/init/Kconfig
-@@ -1148,7 +1148,7 @@ config DEBUG_BLK_CGROUP
+@@ -1150,7 +1150,7 @@ config DEBUG_BLK_CGROUP
endif # CGROUPS
config CHECKPOINT_RESTORE
@@ -21,15 +21,15 @@ index 98af72b9a002..73f60b09ecd1 100644
default n
help
Enables additional kernel features in a sake of checkpoint/restore.
-@@ -1159,7 +1159,7 @@ config CHECKPOINT_RESTORE
+@@ -1161,7 +1161,7 @@ config CHECKPOINT_RESTORE
If unsure, say N here.
menuconfig NAMESPACES
- bool "Namespaces support" if EXPERT
+ bool "Namespaces support"
+ depends on MULTIUSER
default !EXPERT
help
- Provides the way to make tasks work with different objects using
--
2.1.0
diff --git a/kernel.spec b/kernel.spec
index 899310910..d2e12a6ef 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -67,7 +67,7 @@ Summary: The Linux kernel
# The rc snapshot level
%define rcrev 0
# The git snapshot level
-%define gitrev 3
+%define gitrev 4
# Set rpm version accordingly
%define rpmversion 4.%{upstream_sublevel}.0
%endif
@@ -608,9 +608,6 @@ Patch26131: acpi-video-Add-disable_native_backlight-quirk-for-Sa.patch
#CVE-2015-0275 rhbz 1193907 1195178
Patch26138: ext4-Allocate-entire-range-in-zero-range.patch
-#rhbz 1196825
-Patch26140: security-yama-Remove-unnecessary-selects-from-Kconfi.patch
-
#CVE-2015-2150 rhbz 1196266 1200397
Patch26175: xen-pciback-Don-t-disable-PCI_COMMAND-on-PCI-device-.patch
@@ -1337,9 +1334,6 @@ ApplyPatch acpi-video-Add-disable_native_backlight-quirk-for-Sa.patch
#CVE-2015-0275 rhbz 1193907 1195178
ApplyPatch ext4-Allocate-entire-range-in-zero-range.patch
-#rhbz 1196825
-ApplyPatch security-yama-Remove-unnecessary-selects-from-Kconfi.patch
-
#CVE-2015-2150 rhbz 1196266 1200397
ApplyPatch xen-pciback-Don-t-disable-PCI_COMMAND-on-PCI-device-.patch
@@ -2193,6 +2187,9 @@ fi
#
#
%changelog
+* Thu Apr 16 2015 Josh Boyer <jwboyer@fedoraproject.org> - 4.1.0-0.rc0.git4.1
+- Linux v4.0-6817-geea3a00264cf
+
* Wed Apr 15 2015 Josh Boyer <jwboyer@fedoraproject.org> - 4.1.0-0.rc0.git3.1
- Linux v4.0-5833-g6c373ca89399
diff --git a/security-yama-Remove-unnecessary-selects-from-Kconfi.patch b/security-yama-Remove-unnecessary-selects-from-Kconfi.patch
deleted file mode 100644
index aa2a0d3c2..000000000
--- a/security-yama-Remove-unnecessary-selects-from-Kconfi.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From: Stephen Smalley <sds@tycho.nsa.gov>
-Date: Fri, 27 Feb 2015 16:23:59 -0500
-Subject: [PATCH] security/yama: Remove unnecessary selects from Kconfig.
-
-Yama selects SECURITYFS and SECURITY_PATH, but requires neither.
-Remove them.
-
-Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
----
- security/yama/Kconfig | 2 --
- 1 file changed, 2 deletions(-)
-
-diff --git a/security/yama/Kconfig b/security/yama/Kconfig
-index 20ef5143c0c0..3123e1da2fed 100644
---- a/security/yama/Kconfig
-+++ b/security/yama/Kconfig
-@@ -1,8 +1,6 @@
- config SECURITY_YAMA
- bool "Yama support"
- depends on SECURITY
-- select SECURITYFS
-- select SECURITY_PATH
- default n
- help
- This selects Yama, which extends DAC support with additional
---
-2.1.0
-
diff --git a/sources b/sources
index 766b5b03b..7a1d5c418 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
a86916bd12798220da9eb4a1eec3616d linux-4.0.tar.xz
d125eecce68ab6fb5f1f23523c2c04b8 perf-man-4.0.tar.gz
-9af367dcd56427b7d3f5eda66a5c538c patch-4.0-git3.xz
+386fb222abea7dbffaa8560a756336cf patch-4.0-git4.xz
diff --git a/x86-Lock-down-IO-port-access-when-module-security-is.patch b/x86-Lock-down-IO-port-access-when-module-security-is.patch
index 9307136dd..42b6bb02c 100644
--- a/x86-Lock-down-IO-port-access-when-module-security-is.patch
+++ b/x86-Lock-down-IO-port-access-when-module-security-is.patch
@@ -44,7 +44,7 @@ index 37dae792dbbe..1ecc03ca3c15 100644
}
regs->flags = (regs->flags & ~X86_EFLAGS_IOPL) | (level << 12);
diff --git a/drivers/char/mem.c b/drivers/char/mem.c
-index 9c4fd7a8e2e5..aa2fac9086b5 100644
+index 6b1721f978c2..53fe675f9bd7 100644
--- a/drivers/char/mem.c
+++ b/drivers/char/mem.c
@@ -27,6 +27,7 @@