summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--ARM-tegra-usb-no-reset.patch4
-rw-r--r--Add-EFI-signature-data-types.patch6
-rw-r--r--Add-an-EFI-signature-blob-parser-and-key-loader.patch4
-rw-r--r--Add-option-to-automatically-enforce-module-signature.patch16
-rw-r--r--Add-secure_modules-call.patch10
-rw-r--r--Add-sysrq-option-to-disable-secure-boot-mode.patch6
-rw-r--r--HID-add-support-for-MS-Surface-Pro-3-Type-Cover.patch84
-rw-r--r--Input-add-driver-for-the-Goodix-touchpanel.patch479
-rw-r--r--KEYS-Add-a-system-blacklist-keyring.patch4
-rw-r--r--Kbuild-Add-an-option-to-enable-GCC-VTA.patch6
-rw-r--r--MODSIGN-Import-certificates-from-UEFI-Secure-Boot.patch12
-rw-r--r--Makefile1
-rw-r--r--Makefile.release2
-rw-r--r--PCI-Lock-down-BAR-access-when-module-security-is-ena.patch8
-rw-r--r--Restrict-dev-mem-and-dev-kmem-when-module-loading-is.patch6
-rw-r--r--Revert-Revert-ACPI-video-change-acpi-video-brightnes.patch6
-rw-r--r--acpi-Ignore-acpi_rsdp-kernel-parameter-when-module-l.patch2
-rw-r--r--arm-dts-am335x-boneblack-add-cpu0-opp-points.patch2
-rw-r--r--arm-dts-am335x-boneblack-lcdc-add-panel-info.patch5
-rw-r--r--arm-dts-sun7i-bananapi.patch213
-rw-r--r--asus-wmi-Restrict-debugfs-interface-when-module-load.patch8
-rw-r--r--ath9k-rx-dma-stop-check.patch6
-rw-r--r--blk-mq-Fix-uninitialized-kobject-at-CPU-hotplugging.patch79
-rw-r--r--cfg80211-don-t-WARN-about-two-consecutive-Country-IE.patch41
-rw-r--r--config-arm-generic4
-rw-r--r--config-arm6410
-rw-r--r--config-armv711
-rw-r--r--config-armv7-generic34
-rw-r--r--config-debug3
-rw-r--r--config-generic59
-rw-r--r--config-nodebug3
-rw-r--r--config-powerpc-generic2
-rw-r--r--config-powerpc644
-rw-r--r--config-powerpc64p74
-rw-r--r--config-s390x1
-rw-r--r--config-x86-32-generic2
-rw-r--r--config-x86-generic9
-rw-r--r--config-x86_64-generic2
-rw-r--r--crash-driver.patch6
-rw-r--r--criu-no-expert.patch6
-rw-r--r--disable-i8042-check-on-apple-mac.patch6
-rw-r--r--dm-cache-dirty-flag-was-mistakenly-being-cleared-whe.patch42
-rw-r--r--dm-cache-fix-spurious-cell_defer-when-dealing-with-p.patch40
-rw-r--r--dm-cache-only-use-overwrite-optimisation-for-promoti.patch32
-rw-r--r--drm-i915-hush-check-crtc-state.patch4
-rw-r--r--efi-Add-EFI_SECURE_BOOT-bit.patch8
-rw-r--r--efi-Disable-secure-boot-if-shim-is-in-insecure-mode.patch2
-rw-r--r--efi-Make-EFI_SECURE_BOOT_SIG_ENFORCE-depend-on-EFI.patch4
-rw-r--r--groups-Consolidate-the-setgroups-permission-checks.patch90
-rw-r--r--hibernate-Disable-in-a-signed-modules-environment.patch8
-rw-r--r--input-kill-stupid-messages.patch2
-rw-r--r--input-silence-i8042-noise.patch6
-rw-r--r--isofs-Fix-infinite-looping-over-CE-entries.patch54
-rw-r--r--kernel.spec111
-rw-r--r--kexec-Disable-at-runtime-if-the-kernel-enforces-modu.patch2
-rw-r--r--mnt-Implicitly-add-MNT_NODEV-on-remount-when-it-was-.patch41
-rw-r--r--mnt-Update-unprivileged-remount-test.patch280
-rw-r--r--no-pcspkr-modalias.patch2
-rw-r--r--pinctrl-pinctrl-single-must-be-initialized-early.patch4
-rw-r--r--powerpc-powernv-force-all-CPUs-to-be-bootable.patch46
-rw-r--r--scsi-sd_revalidate_disk-prevent-NULL-ptr-deref.patch4
-rw-r--r--silence-fbcon-logo.patch4
-rw-r--r--uapi-linux-target_core_user.h-fix-headers_install.sh.patch36
-rw-r--r--umount-Disallow-unprivileged-mount-force.patch33
-rw-r--r--userns-Add-a-knob-to-disable-setgroups-on-a-per-user.patch280
-rw-r--r--userns-Allow-setting-gid_maps-without-privilege-when.patch40
-rw-r--r--userns-Check-euid-no-fsuid-when-establishing-an-unpr.patch39
-rw-r--r--userns-Document-what-the-invariant-required-for-safe.patch48
-rw-r--r--userns-Don-t-allow-setgroups-until-a-gid-mapping-has.patch98
-rw-r--r--userns-Don-t-allow-unprivileged-creation-of-gid-mapp.patch46
-rw-r--r--userns-Only-allow-the-creator-of-the-userns-unprivil.patch54
-rw-r--r--userns-Rename-id_map_mutex-to-userns_state_mutex.patch80
-rw-r--r--userns-Unbreak-the-unprivileged-remount-tests.patch91
-rw-r--r--x86-Lock-down-IO-port-access-when-module-security-is.patch4
-rw-r--r--x86-Restrict-MSR-access-when-module-loading-is-restr.patch6
-rw-r--r--x86-kvm-Clear-paravirt_enabled-on-KVM-guests-for-esp.patch72
-rw-r--r--x86-tls-Validate-TLS-entries-to-protect-espfix.patch77
77 files changed, 248 insertions, 2718 deletions
diff --git a/ARM-tegra-usb-no-reset.patch b/ARM-tegra-usb-no-reset.patch
index 2b1058b26..c356aec66 100644
--- a/ARM-tegra-usb-no-reset.patch
+++ b/ARM-tegra-usb-no-reset.patch
@@ -9,10 +9,10 @@ Patch for disconnect issues with storage attached to a
1 file changed, 7 insertions(+)
diff --git a/drivers/usb/core/hub.c b/drivers/usb/core/hub.c
-index b649fef2e35d..fb89290710ad 100644
+index aeb50bb6ba9c..5859e12dd498 100644
--- a/drivers/usb/core/hub.c
+++ b/drivers/usb/core/hub.c
-@@ -5023,6 +5023,13 @@ static void hub_event(struct work_struct *work)
+@@ -5021,6 +5021,13 @@ static void hub_event(struct work_struct *work)
(u16) hub->change_bits[0],
(u16) hub->event_bits[0]);
diff --git a/Add-EFI-signature-data-types.patch b/Add-EFI-signature-data-types.patch
index 8a9a9f5fb..c19381982 100644
--- a/Add-EFI-signature-data-types.patch
+++ b/Add-EFI-signature-data-types.patch
@@ -14,10 +14,10 @@ Signed-off-by: David Howells <dhowells@redhat.com>
1 file changed, 20 insertions(+)
diff --git a/include/linux/efi.h b/include/linux/efi.h
-index 130ba866a24a..58d7feadd149 100644
+index 16ec1c00919d..b7cb7dc5ebb4 100644
--- a/include/linux/efi.h
+++ b/include/linux/efi.h
-@@ -586,6 +586,12 @@ void efi_native_runtime_setup(void);
+@@ -589,6 +589,12 @@ void efi_native_runtime_setup(void);
#define DEVICE_TREE_GUID \
EFI_GUID( 0xb1b621d5, 0xf19c, 0x41a5, 0x83, 0x0b, 0xd9, 0x15, 0x2c, 0x69, 0xaa, 0xe0 )
@@ -30,7 +30,7 @@ index 130ba866a24a..58d7feadd149 100644
typedef struct {
efi_guid_t guid;
u64 table;
-@@ -801,6 +807,20 @@ typedef struct _efi_file_io_interface {
+@@ -804,6 +810,20 @@ typedef struct _efi_file_io_interface {
#define EFI_INVALID_TABLE_ADDR (~0UL)
diff --git a/Add-an-EFI-signature-blob-parser-and-key-loader.patch b/Add-an-EFI-signature-blob-parser-and-key-loader.patch
index 7c5c7e7cd..978a3fc72 100644
--- a/Add-an-EFI-signature-blob-parser-and-key-loader.patch
+++ b/Add-an-EFI-signature-blob-parser-and-key-loader.patch
@@ -159,10 +159,10 @@ index 000000000000..424896a0b169
+ return 0;
+}
diff --git a/include/linux/efi.h b/include/linux/efi.h
-index 58d7feadd149..b1d686e9175e 100644
+index b7cb7dc5ebb4..fb972b96959a 100644
--- a/include/linux/efi.h
+++ b/include/linux/efi.h
-@@ -919,6 +919,10 @@ extern bool efi_poweroff_required(void);
+@@ -923,6 +923,10 @@ extern bool efi_poweroff_required(void);
char * __init efi_md_typeattr_format(char *buf, size_t size,
const efi_memory_desc_t *md);
diff --git a/Add-option-to-automatically-enforce-module-signature.patch b/Add-option-to-automatically-enforce-module-signature.patch
index a4ceb74e3..39c63fc02 100644
--- a/Add-option-to-automatically-enforce-module-signature.patch
+++ b/Add-option-to-automatically-enforce-module-signature.patch
@@ -33,10 +33,10 @@ index 199f453cb4de..ec38acf00b40 100644
290/040 ALL edd_mbr_sig_buffer EDD MBR signatures
2D0/A00 ALL e820_map E820 memory map table
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
-index 41a503c15862..7b8969db8398 100644
+index ba397bde7948..d4c55ee9f1ac 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
-@@ -1611,6 +1611,16 @@ config EFI_MIXED
+@@ -1656,6 +1656,16 @@ config EFI_MIXED
If unsure, say N.
@@ -54,7 +54,7 @@ index 41a503c15862..7b8969db8398 100644
def_bool y
prompt "Enable seccomp to safely compute untrusted bytecode"
diff --git a/arch/x86/boot/compressed/eboot.c b/arch/x86/boot/compressed/eboot.c
-index 1acf605a646d..6da2da7ac9c3 100644
+index 92b9a5f2aed6..2192da755e34 100644
--- a/arch/x86/boot/compressed/eboot.c
+++ b/arch/x86/boot/compressed/eboot.c
@@ -12,6 +12,7 @@
@@ -129,10 +129,10 @@ index 225b0988043a..90dbfb73e11f 100644
* The sentinel is set to a nonzero value (0xff) in header.S.
*
diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
-index ab08aa2276fb..f4eb99432db1 100644
+index ab4734e5411d..5d52d67d5097 100644
--- a/arch/x86/kernel/setup.c
+++ b/arch/x86/kernel/setup.c
-@@ -1150,6 +1150,12 @@ void __init setup_arch(char **cmdline_p)
+@@ -1152,6 +1152,12 @@ void __init setup_arch(char **cmdline_p)
io_delay_init();
@@ -146,7 +146,7 @@ index ab08aa2276fb..f4eb99432db1 100644
* Parse the ACPI tables for possible boot-time SMP configuration.
*/
diff --git a/include/linux/module.h b/include/linux/module.h
-index 341a73ecea2e..cca08ac450e2 100644
+index 089de6be8062..6a586a83ba7e 100644
--- a/include/linux/module.h
+++ b/include/linux/module.h
@@ -188,6 +188,12 @@ const struct exception_table_entry *search_exception_tables(unsigned long add);
@@ -163,10 +163,10 @@ index 341a73ecea2e..cca08ac450e2 100644
extern int modules_disabled; /* for sysctl */
diff --git a/kernel/module.c b/kernel/module.c
-index 6507ffcb5445..cace4bd04956 100644
+index fd8c5495fdc6..5f8c11de61fe 100644
--- a/kernel/module.c
+++ b/kernel/module.c
-@@ -3845,6 +3845,13 @@ void module_layout(struct module *mod,
+@@ -3851,6 +3851,13 @@ void module_layout(struct module *mod,
EXPORT_SYMBOL(module_layout);
#endif
diff --git a/Add-secure_modules-call.patch b/Add-secure_modules-call.patch
index d68a7e103..f517ccf02 100644
--- a/Add-secure_modules-call.patch
+++ b/Add-secure_modules-call.patch
@@ -16,10 +16,10 @@ Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
2 files changed, 17 insertions(+)
diff --git a/include/linux/module.h b/include/linux/module.h
-index 71f282a4e307..341a73ecea2e 100644
+index ebfb0e153c6a..089de6be8062 100644
--- a/include/linux/module.h
+++ b/include/linux/module.h
-@@ -516,6 +516,8 @@ int unregister_module_notifier(struct notifier_block *nb);
+@@ -502,6 +502,8 @@ int unregister_module_notifier(struct notifier_block *nb);
extern void print_modules(void);
@@ -28,7 +28,7 @@ index 71f282a4e307..341a73ecea2e 100644
#else /* !CONFIG_MODULES... */
/* Given an address, look for it in the exception tables. */
-@@ -626,6 +628,11 @@ static inline int unregister_module_notifier(struct notifier_block *nb)
+@@ -612,6 +614,11 @@ static inline int unregister_module_notifier(struct notifier_block *nb)
static inline void print_modules(void)
{
}
@@ -41,10 +41,10 @@ index 71f282a4e307..341a73ecea2e 100644
#ifdef CONFIG_SYSFS
diff --git a/kernel/module.c b/kernel/module.c
-index 88cec1ddb1e3..6507ffcb5445 100644
+index 3965511ae133..fd8c5495fdc6 100644
--- a/kernel/module.c
+++ b/kernel/module.c
-@@ -3844,3 +3844,13 @@ void module_layout(struct module *mod,
+@@ -3850,3 +3850,13 @@ void module_layout(struct module *mod,
}
EXPORT_SYMBOL(module_layout);
#endif
diff --git a/Add-sysrq-option-to-disable-secure-boot-mode.patch b/Add-sysrq-option-to-disable-secure-boot-mode.patch
index e0c567d78..ef8827fda 100644
--- a/Add-sysrq-option-to-disable-secure-boot-mode.patch
+++ b/Add-sysrq-option-to-disable-secure-boot-mode.patch
@@ -15,7 +15,7 @@ Upstream-status: Fedora mustard
7 files changed, 65 insertions(+), 10 deletions(-)
diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
-index bc31a43b31a0..5f80d12a55cb 100644
+index b40d6174242f..0ee7749bad74 100644
--- a/arch/x86/kernel/setup.c
+++ b/arch/x86/kernel/setup.c
@@ -70,6 +70,11 @@
@@ -228,10 +228,10 @@ index 379650b984f8..070f29fefdc2 100644
return 0;
diff --git a/kernel/module.c b/kernel/module.c
-index cace4bd04956..a33be993df25 100644
+index 5f8c11de61fe..13bed977f554 100644
--- a/kernel/module.c
+++ b/kernel/module.c
-@@ -108,9 +108,9 @@ struct list_head *kdb_modules = &modules; /* kdb needs the list of modules */
+@@ -107,9 +107,9 @@ struct list_head *kdb_modules = &modules; /* kdb needs the list of modules */
#ifdef CONFIG_MODULE_SIG
#ifdef CONFIG_MODULE_SIG_FORCE
diff --git a/HID-add-support-for-MS-Surface-Pro-3-Type-Cover.patch b/HID-add-support-for-MS-Surface-Pro-3-Type-Cover.patch
deleted file mode 100644
index 357ad1932..000000000
--- a/HID-add-support-for-MS-Surface-Pro-3-Type-Cover.patch
+++ /dev/null
@@ -1,84 +0,0 @@
-From: Alan Wu <alan.c.wu@gmail.com>
-Date: Mon, 3 Nov 2014 18:26:12 -0800
-Subject: [PATCH] HID: add support for MS Surface Pro 3 Type Cover
-
-Surface Pro 3 Type Cover that works with Ubuntu (and possibly Arch) from this thread. Both trackpad and keyboard work after compiling my own kernel.
-http://ubuntuforums.org/showthread.php?t=2231207&page=2&s=44910e0c56047e4f93dfd9fea58121ef
-
-Also includes Jarrad Whitaker's message which sources
-http://winaero.com/blog/how-to-install-linux-on-surface-pro-3/
-which he says is sourced from a Russian site
-
-Signed-off-by: Alan Wu <alan.c.wu@gmail.com>
-Signed-off-by: Jiri Kosina <jkosina@suse.cz>
----
- drivers/hid/hid-core.c | 6 ++++++
- drivers/hid/hid-ids.h | 1 +
- drivers/hid/hid-microsoft.c | 2 ++
- drivers/hid/usbhid/hid-quirks.c | 1 +
- 4 files changed, 10 insertions(+)
-
-diff --git a/drivers/hid/hid-core.c b/drivers/hid/hid-core.c
-index 3402033fa52a..3d3820ecaa49 100644
---- a/drivers/hid/hid-core.c
-+++ b/drivers/hid/hid-core.c
-@@ -702,6 +702,11 @@ static void hid_scan_collection(struct hid_parser *parser, unsigned type)
- if (((parser->global.usage_page << 16) == HID_UP_SENSOR) &&
- type == HID_COLLECTION_PHYSICAL)
- hid->group = HID_GROUP_SENSOR_HUB;
-+
-+ if (hid->vendor == USB_VENDOR_ID_MICROSOFT &&
-+ hid->product == USB_DEVICE_ID_MS_TYPE_COVER_3 &&
-+ hid->group == HID_GROUP_MULTITOUCH)
-+ hid->group = HID_GROUP_GENERIC;
- }
-
- static int hid_scan_main(struct hid_parser *parser, struct hid_item *item)
-@@ -1862,6 +1867,7 @@ static const struct hid_device_id hid_have_special_driver[] = {
- { HID_USB_DEVICE(USB_VENDOR_ID_MICROSOFT, USB_DEVICE_ID_MS_DIGITAL_MEDIA_3K) },
- { HID_USB_DEVICE(USB_VENDOR_ID_MICROSOFT, USB_DEVICE_ID_WIRELESS_OPTICAL_DESKTOP_3_0) },
- { HID_USB_DEVICE(USB_VENDOR_ID_MICROSOFT, USB_DEVICE_ID_MS_OFFICE_KB) },
-+ { HID_USB_DEVICE(USB_VENDOR_ID_MICROSOFT, USB_DEVICE_ID_MS_TYPE_COVER_3) },
- { HID_USB_DEVICE(USB_VENDOR_ID_MONTEREY, USB_DEVICE_ID_GENIUS_KB29E) },
- { HID_USB_DEVICE(USB_VENDOR_ID_MSI, USB_DEVICE_ID_MSI_GT683R_LED_PANEL) },
- { HID_USB_DEVICE(USB_VENDOR_ID_NTRIG, USB_DEVICE_ID_NTRIG_TOUCH_SCREEN) },
-diff --git a/drivers/hid/hid-ids.h b/drivers/hid/hid-ids.h
-index 7c863738e419..ab562f41c00c 100644
---- a/drivers/hid/hid-ids.h
-+++ b/drivers/hid/hid-ids.h
-@@ -649,6 +649,7 @@
- #define USB_DEVICE_ID_MS_SURFACE_PRO_2 0x0799
- #define USB_DEVICE_ID_MS_TOUCH_COVER_2 0x07a7
- #define USB_DEVICE_ID_MS_TYPE_COVER_2 0x07a9
-+#define USB_DEVICE_ID_MS_TYPE_COVER_3 0x07dc
-
- #define USB_VENDOR_ID_MOJO 0x8282
- #define USB_DEVICE_ID_RETRO_ADAPTER 0x3201
-diff --git a/drivers/hid/hid-microsoft.c b/drivers/hid/hid-microsoft.c
-index 8ba17a946f2a..cacda43f6a6f 100644
---- a/drivers/hid/hid-microsoft.c
-+++ b/drivers/hid/hid-microsoft.c
-@@ -274,6 +274,8 @@ static const struct hid_device_id ms_devices[] = {
- .driver_data = MS_NOGET },
- { HID_USB_DEVICE(USB_VENDOR_ID_MICROSOFT, USB_DEVICE_ID_MS_COMFORT_MOUSE_4500),
- .driver_data = MS_DUPLICATE_USAGES },
-+ { HID_USB_DEVICE(USB_VENDOR_ID_MICROSOFT, USB_DEVICE_ID_MS_TYPE_COVER_3),
-+ .driver_data = MS_HIDINPUT },
-
- { HID_BLUETOOTH_DEVICE(USB_VENDOR_ID_MICROSOFT, USB_DEVICE_ID_MS_PRESENTER_8K_BT),
- .driver_data = MS_PRESENTER },
-diff --git a/drivers/hid/usbhid/hid-quirks.c b/drivers/hid/usbhid/hid-quirks.c
-index 552671ee7c5d..41814fced1cc 100644
---- a/drivers/hid/usbhid/hid-quirks.c
-+++ b/drivers/hid/usbhid/hid-quirks.c
-@@ -78,6 +78,7 @@ static const struct hid_blacklist {
- { USB_VENDOR_ID_FORMOSA, USB_DEVICE_ID_FORMOSA_IR_RECEIVER, HID_QUIRK_NO_INIT_REPORTS },
- { USB_VENDOR_ID_FREESCALE, USB_DEVICE_ID_FREESCALE_MX28, HID_QUIRK_NOGET },
- { USB_VENDOR_ID_MGE, USB_DEVICE_ID_MGE_UPS, HID_QUIRK_NOGET },
-+ { USB_VENDOR_ID_MICROSOFT, USB_DEVICE_ID_MS_TYPE_COVER_3, HID_QUIRK_NO_INIT_REPORTS },
- { USB_VENDOR_ID_MSI, USB_DEVICE_ID_MSI_GT683R_LED_PANEL, HID_QUIRK_NO_INIT_REPORTS },
- { USB_VENDOR_ID_NEXIO, USB_DEVICE_ID_NEXIO_MULTITOUCH_PTI0750, HID_QUIRK_NO_INIT_REPORTS },
- { USB_VENDOR_ID_NOVATEK, USB_DEVICE_ID_NOVATEK_MOUSE, HID_QUIRK_NO_INIT_REPORTS },
---
-2.1.0
-
diff --git a/Input-add-driver-for-the-Goodix-touchpanel.patch b/Input-add-driver-for-the-Goodix-touchpanel.patch
deleted file mode 100644
index 30004ff92..000000000
--- a/Input-add-driver-for-the-Goodix-touchpanel.patch
+++ /dev/null
@@ -1,479 +0,0 @@
-From: Bastien Nocera <hadess@hadess.net>
-Date: Fri, 31 Oct 2014 09:26:16 -0700
-Subject: [PATCH] Input: add driver for the Goodix touchpanel
-
-Add a driver for the Goodix touchscreen panel found in Onda v975w tablets.
-The driver is based off the Android driver gt9xx.c found in some Android
-code dumps, but now bears no resemblance to the original driver.
-
-The driver was tested on the aforementioned tablet.
-
-Signed-off-by: Bastien Nocera <hadess@hadess.net>
-Tested-by: Bastien Nocera <hadess@hadess.net>
-Signed-off-by: Benjamin Tissoires <benjamin.tissoires@redhat.com>
-Signed-off-by: Dmitry Torokhov <dmitry.torokhov@gmail.com>
----
- MAINTAINERS | 6 +
- drivers/input/touchscreen/Kconfig | 13 ++
- drivers/input/touchscreen/Makefile | 1 +
- drivers/input/touchscreen/goodix.c | 395 +++++++++++++++++++++++++++++++++++++
- 4 files changed, 415 insertions(+)
- create mode 100644 drivers/input/touchscreen/goodix.c
-
-diff --git a/MAINTAINERS b/MAINTAINERS
-index c721042e7e45..738708f8b75f 100644
---- a/MAINTAINERS
-+++ b/MAINTAINERS
-@@ -4154,6 +4154,12 @@ L: linux-media@vger.kernel.org
- S: Maintained
- F: drivers/media/usb/go7007/
-
-+GOODIX TOUCHSCREEN
-+M: Bastien Nocera <hadess@hadess.net>
-+L: linux-input@vger.kernel.org
-+S: Maintained
-+F: drivers/input/touchscreen/goodix.c
-+
- GPIO SUBSYSTEM
- M: Linus Walleij <linus.walleij@linaro.org>
- M: Alexandre Courbot <gnurou@gmail.com>
-diff --git a/drivers/input/touchscreen/Kconfig b/drivers/input/touchscreen/Kconfig
-index e1d8003d01f8..568a0200fbc2 100644
---- a/drivers/input/touchscreen/Kconfig
-+++ b/drivers/input/touchscreen/Kconfig
-@@ -295,6 +295,19 @@ config TOUCHSCREEN_FUJITSU
- To compile this driver as a module, choose M here: the
- module will be called fujitsu-ts.
-
-+config TOUCHSCREEN_GOODIX
-+ tristate "Goodix I2C touchscreen"
-+ depends on I2C && ACPI
-+ help
-+ Say Y here if you have the Goodix touchscreen (such as one
-+ installed in Onda v975w tablets) connected to your
-+ system.
-+
-+ If unsure, say N.
-+
-+ To compile this driver as a module, choose M here: the
-+ module will be called goodix.
-+
- config TOUCHSCREEN_ILI210X
- tristate "Ilitek ILI210X based touchscreen"
- depends on I2C
-diff --git a/drivers/input/touchscreen/Makefile b/drivers/input/touchscreen/Makefile
-index 090e61cc9171..dab4a56ac98e 100644
---- a/drivers/input/touchscreen/Makefile
-+++ b/drivers/input/touchscreen/Makefile
-@@ -34,6 +34,7 @@ obj-$(CONFIG_TOUCHSCREEN_EETI) += eeti_ts.o
- obj-$(CONFIG_TOUCHSCREEN_ELO) += elo.o
- obj-$(CONFIG_TOUCHSCREEN_EGALAX) += egalax_ts.o
- obj-$(CONFIG_TOUCHSCREEN_FUJITSU) += fujitsu_ts.o
-+obj-$(CONFIG_TOUCHSCREEN_GOODIX) += goodix.o
- obj-$(CONFIG_TOUCHSCREEN_ILI210X) += ili210x.o
- obj-$(CONFIG_TOUCHSCREEN_INEXIO) += inexio.o
- obj-$(CONFIG_TOUCHSCREEN_INTEL_MID) += intel-mid-touch.o
-diff --git a/drivers/input/touchscreen/goodix.c b/drivers/input/touchscreen/goodix.c
-new file mode 100644
-index 000000000000..ca196689f025
---- /dev/null
-+++ b/drivers/input/touchscreen/goodix.c
-@@ -0,0 +1,395 @@
-+/*
-+ * Driver for Goodix Touchscreens
-+ *
-+ * Copyright (c) 2014 Red Hat Inc.
-+ *
-+ * This code is based on gt9xx.c authored by andrew@goodix.com:
-+ *
-+ * 2010 - 2012 Goodix Technology.
-+ */
-+
-+/*
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License as published by the Free
-+ * Software Foundation; version 2 of the License.
-+ */
-+
-+#include <linux/kernel.h>
-+#include <linux/i2c.h>
-+#include <linux/input.h>
-+#include <linux/input/mt.h>
-+#include <linux/module.h>
-+#include <linux/delay.h>
-+#include <linux/irq.h>
-+#include <linux/interrupt.h>
-+#include <linux/slab.h>
-+#include <asm/unaligned.h>
-+
-+struct goodix_ts_data {
-+ struct i2c_client *client;
-+ struct input_dev *input_dev;
-+ int abs_x_max;
-+ int abs_y_max;
-+ unsigned int max_touch_num;
-+ unsigned int int_trigger_type;
-+};
-+
-+#define GOODIX_MAX_HEIGHT 4096
-+#define GOODIX_MAX_WIDTH 4096
-+#define GOODIX_INT_TRIGGER 1
-+#define GOODIX_CONTACT_SIZE 8
-+#define GOODIX_MAX_CONTACTS 10
-+
-+#define GOODIX_CONFIG_MAX_LENGTH 240
-+
-+/* Register defines */
-+#define GOODIX_READ_COOR_ADDR 0x814E
-+#define GOODIX_REG_CONFIG_DATA 0x8047
-+#define GOODIX_REG_VERSION 0x8140
-+
-+#define RESOLUTION_LOC 1
-+#define TRIGGER_LOC 6
-+
-+static const unsigned long goodix_irq_flags[] = {
-+ IRQ_TYPE_EDGE_RISING,
-+ IRQ_TYPE_EDGE_FALLING,
-+ IRQ_TYPE_LEVEL_LOW,
-+ IRQ_TYPE_LEVEL_HIGH,
-+};
-+
-+/**
-+ * goodix_i2c_read - read data from a register of the i2c slave device.
-+ *
-+ * @client: i2c device.
-+ * @reg: the register to read from.
-+ * @buf: raw write data buffer.
-+ * @len: length of the buffer to write
-+ */
-+static int goodix_i2c_read(struct i2c_client *client,
-+ u16 reg, u8 *buf, int len)
-+{
-+ struct i2c_msg msgs[2];
-+ u16 wbuf = cpu_to_be16(reg);
-+ int ret;
-+
-+ msgs[0].flags = 0;
-+ msgs[0].addr = client->addr;
-+ msgs[0].len = 2;
-+ msgs[0].buf = (u8 *) &wbuf;
-+
-+ msgs[1].flags = I2C_M_RD;
-+ msgs[1].addr = client->addr;
-+ msgs[1].len = len;
-+ msgs[1].buf = buf;
-+
-+ ret = i2c_transfer(client->adapter, msgs, 2);
-+ return ret < 0 ? ret : (ret != ARRAY_SIZE(msgs) ? -EIO : 0);
-+}
-+
-+static int goodix_ts_read_input_report(struct goodix_ts_data *ts, u8 *data)
-+{
-+ int touch_num;
-+ int error;
-+
-+ error = goodix_i2c_read(ts->client, GOODIX_READ_COOR_ADDR, data,
-+ GOODIX_CONTACT_SIZE + 1);
-+ if (error) {
-+ dev_err(&ts->client->dev, "I2C transfer error: %d\n", error);
-+ return error;
-+ }
-+
-+ touch_num = data[0] & 0x0f;
-+ if (touch_num > GOODIX_MAX_CONTACTS)
-+ return -EPROTO;
-+
-+ if (touch_num > 1) {
-+ data += 1 + GOODIX_CONTACT_SIZE;
-+ error = goodix_i2c_read(ts->client,
-+ GOODIX_READ_COOR_ADDR +
-+ 1 + GOODIX_CONTACT_SIZE,
-+ data,
-+ GOODIX_CONTACT_SIZE * (touch_num - 1));
-+ if (error)
-+ return error;
-+ }
-+
-+ return touch_num;
-+}
-+
-+static void goodix_ts_report_touch(struct goodix_ts_data *ts, u8 *coor_data)
-+{
-+ int id = coor_data[0] & 0x0F;
-+ int input_x = get_unaligned_le16(&coor_data[1]);
-+ int input_y = get_unaligned_le16(&coor_data[3]);
-+ int input_w = get_unaligned_le16(&coor_data[5]);
-+
-+ input_mt_slot(ts->input_dev, id);
-+ input_mt_report_slot_state(ts->input_dev, MT_TOOL_FINGER, true);
-+ input_report_abs(ts->input_dev, ABS_MT_POSITION_X, input_x);
-+ input_report_abs(ts->input_dev, ABS_MT_POSITION_Y, input_y);
-+ input_report_abs(ts->input_dev, ABS_MT_TOUCH_MAJOR, input_w);
-+ input_report_abs(ts->input_dev, ABS_MT_WIDTH_MAJOR, input_w);
-+}
-+
-+/**
-+ * goodix_process_events - Process incoming events
-+ *
-+ * @ts: our goodix_ts_data pointer
-+ *
-+ * Called when the IRQ is triggered. Read the current device state, and push
-+ * the input events to the user space.
-+ */
-+static void goodix_process_events(struct goodix_ts_data *ts)
-+{
-+ u8 point_data[1 + GOODIX_CONTACT_SIZE * GOODIX_MAX_CONTACTS];
-+ int touch_num;
-+ int i;
-+
-+ touch_num = goodix_ts_read_input_report(ts, point_data);
-+ if (touch_num < 0)
-+ return;
-+
-+ for (i = 0; i < touch_num; i++)
-+ goodix_ts_report_touch(ts,
-+ &point_data[1 + GOODIX_CONTACT_SIZE * i]);
-+
-+ input_mt_sync_frame(ts->input_dev);
-+ input_sync(ts->input_dev);
-+}
-+
-+/**
-+ * goodix_ts_irq_handler - The IRQ handler
-+ *
-+ * @irq: interrupt number.
-+ * @dev_id: private data pointer.
-+ */
-+static irqreturn_t goodix_ts_irq_handler(int irq, void *dev_id)
-+{
-+ static const u8 end_cmd[] = {
-+ GOODIX_READ_COOR_ADDR >> 8,
-+ GOODIX_READ_COOR_ADDR & 0xff,
-+ 0
-+ };
-+ struct goodix_ts_data *ts = dev_id;
-+
-+ goodix_process_events(ts);
-+
-+ if (i2c_master_send(ts->client, end_cmd, sizeof(end_cmd)) < 0)
-+ dev_err(&ts->client->dev, "I2C write end_cmd error\n");
-+
-+ return IRQ_HANDLED;
-+}
-+
-+/**
-+ * goodix_read_config - Read the embedded configuration of the panel
-+ *
-+ * @ts: our goodix_ts_data pointer
-+ *
-+ * Must be called during probe
-+ */
-+static void goodix_read_config(struct goodix_ts_data *ts)
-+{
-+ u8 config[GOODIX_CONFIG_MAX_LENGTH];
-+ int error;
-+
-+ error = goodix_i2c_read(ts->client, GOODIX_REG_CONFIG_DATA,
-+ config,
-+ GOODIX_CONFIG_MAX_LENGTH);
-+ if (error) {
-+ dev_warn(&ts->client->dev,
-+ "Error reading config (%d), using defaults\n",
-+ error);
-+ ts->abs_x_max = GOODIX_MAX_WIDTH;
-+ ts->abs_y_max = GOODIX_MAX_HEIGHT;
-+ ts->int_trigger_type = GOODIX_INT_TRIGGER;
-+ return;
-+ }
-+
-+ ts->abs_x_max = get_unaligned_le16(&config[RESOLUTION_LOC]);
-+ ts->abs_y_max = get_unaligned_le16(&config[RESOLUTION_LOC + 2]);
-+ ts->int_trigger_type = (config[TRIGGER_LOC]) & 0x03;
-+ if (!ts->abs_x_max || !ts->abs_y_max) {
-+ dev_err(&ts->client->dev,
-+ "Invalid config, using defaults\n");
-+ ts->abs_x_max = GOODIX_MAX_WIDTH;
-+ ts->abs_y_max = GOODIX_MAX_HEIGHT;
-+ }
-+}
-+
-+
-+/**
-+ * goodix_read_version - Read goodix touchscreen version
-+ *
-+ * @client: the i2c client
-+ * @version: output buffer containing the version on success
-+ */
-+static int goodix_read_version(struct i2c_client *client, u16 *version)
-+{
-+ int error;
-+ u8 buf[6];
-+
-+ error = goodix_i2c_read(client, GOODIX_REG_VERSION, buf, sizeof(buf));
-+ if (error) {
-+ dev_err(&client->dev, "read version failed: %d\n", error);
-+ return error;
-+ }
-+
-+ if (version)
-+ *version = get_unaligned_le16(&buf[4]);
-+
-+ dev_info(&client->dev, "IC VERSION: %6ph\n", buf);
-+
-+ return 0;
-+}
-+
-+/**
-+ * goodix_i2c_test - I2C test function to check if the device answers.
-+ *
-+ * @client: the i2c client
-+ */
-+static int goodix_i2c_test(struct i2c_client *client)
-+{
-+ int retry = 0;
-+ int error;
-+ u8 test;
-+
-+ while (retry++ < 2) {
-+ error = goodix_i2c_read(client, GOODIX_REG_CONFIG_DATA,
-+ &test, 1);
-+ if (!error)
-+ return 0;
-+
-+ dev_err(&client->dev, "i2c test failed attempt %d: %d\n",
-+ retry, error);
-+ msleep(20);
-+ }
-+
-+ return error;
-+}
-+
-+/**
-+ * goodix_request_input_dev - Allocate, populate and register the input device
-+ *
-+ * @ts: our goodix_ts_data pointer
-+ *
-+ * Must be called during probe
-+ */
-+static int goodix_request_input_dev(struct goodix_ts_data *ts)
-+{
-+ int error;
-+
-+ ts->input_dev = devm_input_allocate_device(&ts->client->dev);
-+ if (!ts->input_dev) {
-+ dev_err(&ts->client->dev, "Failed to allocate input device.");
-+ return -ENOMEM;
-+ }
-+
-+ ts->input_dev->evbit[0] = BIT_MASK(EV_SYN) |
-+ BIT_MASK(EV_KEY) |
-+ BIT_MASK(EV_ABS);
-+
-+ input_set_abs_params(ts->input_dev, ABS_MT_POSITION_X, 0,
-+ ts->abs_x_max, 0, 0);
-+ input_set_abs_params(ts->input_dev, ABS_MT_POSITION_Y, 0,
-+ ts->abs_y_max, 0, 0);
-+ input_set_abs_params(ts->input_dev, ABS_MT_WIDTH_MAJOR, 0, 255, 0, 0);
-+ input_set_abs_params(ts->input_dev, ABS_MT_TOUCH_MAJOR, 0, 255, 0, 0);
-+
-+ input_mt_init_slots(ts->input_dev, GOODIX_MAX_CONTACTS,
-+ INPUT_MT_DIRECT | INPUT_MT_DROP_UNUSED);
-+
-+ ts->input_dev->name = "Goodix Capacitive TouchScreen";
-+ ts->input_dev->phys = "input/ts";
-+ ts->input_dev->id.bustype = BUS_I2C;
-+ ts->input_dev->id.vendor = 0x0416;
-+ ts->input_dev->id.product = 0x1001;
-+ ts->input_dev->id.version = 10427;
-+
-+ error = input_register_device(ts->input_dev);
-+ if (error) {
-+ dev_err(&ts->client->dev,
-+ "Failed to register input device: %d", error);
-+ return error;
-+ }
-+
-+ return 0;
-+}
-+
-+static int goodix_ts_probe(struct i2c_client *client,
-+ const struct i2c_device_id *id)
-+{
-+ struct goodix_ts_data *ts;
-+ unsigned long irq_flags;
-+ int error;
-+ u16 version_info;
-+
-+ dev_dbg(&client->dev, "I2C Address: 0x%02x\n", client->addr);
-+
-+ if (!i2c_check_functionality(client->adapter, I2C_FUNC_I2C)) {
-+ dev_err(&client->dev, "I2C check functionality failed.\n");
-+ return -ENXIO;
-+ }
-+
-+ ts = devm_kzalloc(&client->dev, sizeof(*ts), GFP_KERNEL);
-+ if (!ts)
-+ return -ENOMEM;
-+
-+ ts->client = client;
-+ i2c_set_clientdata(client, ts);
-+
-+ error = goodix_i2c_test(client);
-+ if (error) {
-+ dev_err(&client->dev, "I2C communication failure: %d\n", error);
-+ return error;
-+ }
-+
-+ error = goodix_read_version(client, &version_info);
-+ if (error) {
-+ dev_err(&client->dev, "Read version failed.\n");
-+ return error;
-+ }
-+
-+ goodix_read_config(ts);
-+
-+ error = goodix_request_input_dev(ts);
-+ if (error)
-+ return error;
-+
-+ irq_flags = goodix_irq_flags[ts->int_trigger_type] | IRQF_ONESHOT;
-+ error = devm_request_threaded_irq(&ts->client->dev, client->irq,
-+ NULL, goodix_ts_irq_handler,
-+ irq_flags, client->name, ts);
-+ if (error) {
-+ dev_err(&client->dev, "request IRQ failed: %d\n", error);
-+ return error;
-+ }
-+
-+ return 0;
-+}
-+
-+static const struct i2c_device_id goodix_ts_id[] = {
-+ { "GDIX1001:00", 0 },
-+ { }
-+};
-+
-+static const struct acpi_device_id goodix_acpi_match[] = {
-+ { "GDIX1001", 0 },
-+ { }
-+};
-+MODULE_DEVICE_TABLE(acpi, goodix_acpi_match);
-+
-+static struct i2c_driver goodix_ts_driver = {
-+ .probe = goodix_ts_probe,
-+ .id_table = goodix_ts_id,
-+ .driver = {
-+ .name = "Goodix-TS",
-+ .owner = THIS_MODULE,
-+ .acpi_match_table = goodix_acpi_match,
-+ },
-+};
-+module_i2c_driver(goodix_ts_driver);
-+
-+MODULE_AUTHOR("Benjamin Tissoires <benjamin.tissoires@gmail.com>");
-+MODULE_AUTHOR("Bastien Nocera <hadess@hadess.net>");
-+MODULE_DESCRIPTION("Goodix touchscreen driver");
-+MODULE_LICENSE("GPL v2");
---
-2.1.0
-
diff --git a/KEYS-Add-a-system-blacklist-keyring.patch b/KEYS-Add-a-system-blacklist-keyring.patch
index 6e518e0cf..d1a77cfc8 100644
--- a/KEYS-Add-a-system-blacklist-keyring.patch
+++ b/KEYS-Add-a-system-blacklist-keyring.patch
@@ -29,10 +29,10 @@ index 72665eb80692..2c7b80d31366 100644
+
#endif /* _KEYS_SYSTEM_KEYRING_H */
diff --git a/init/Kconfig b/init/Kconfig
-index 2081a4d3d917..d99a519bb9ae 100644
+index 9afb971497f4..ea0dbdf29b75 100644
--- a/init/Kconfig
+++ b/init/Kconfig
-@@ -1747,6 +1747,15 @@ config SYSTEM_TRUSTED_KEYRING
+@@ -1742,6 +1742,15 @@ config SYSTEM_TRUSTED_KEYRING
Keys in this keyring are used by module signature checking.
diff --git a/Kbuild-Add-an-option-to-enable-GCC-VTA.patch b/Kbuild-Add-an-option-to-enable-GCC-VTA.patch
index 7149ec3ac..fbbb55c29 100644
--- a/Kbuild-Add-an-option-to-enable-GCC-VTA.patch
+++ b/Kbuild-Add-an-option-to-enable-GCC-VTA.patch
@@ -43,10 +43,10 @@ Signed-off-by: Josh Stone <jistone@redhat.com>
2 files changed, 21 insertions(+), 1 deletion(-)
diff --git a/Makefile b/Makefile
-index 3f84029f2b31..46a182f02ac4 100644
+index ef748e17702f..1d3e1d1fa376 100644
--- a/Makefile
+++ b/Makefile
-@@ -704,7 +704,11 @@ KBUILD_CFLAGS += -fomit-frame-pointer
+@@ -705,7 +705,11 @@ KBUILD_CFLAGS += -fomit-frame-pointer
endif
endif
@@ -59,7 +59,7 @@ index 3f84029f2b31..46a182f02ac4 100644
ifdef CONFIG_DEBUG_INFO
ifdef CONFIG_DEBUG_INFO_SPLIT
diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug
-index 4e35a5d767ed..27410417de1d 100644
+index 5f2ce616c046..6525e2a5619a 100644
--- a/lib/Kconfig.debug
+++ b/lib/Kconfig.debug
@@ -165,7 +165,23 @@ config DEBUG_INFO_DWARF4
diff --git a/MODSIGN-Import-certificates-from-UEFI-Secure-Boot.patch b/MODSIGN-Import-certificates-from-UEFI-Secure-Boot.patch
index 672e711f7..3789cd79c 100644
--- a/MODSIGN-Import-certificates-from-UEFI-Secure-Boot.patch
+++ b/MODSIGN-Import-certificates-from-UEFI-Secure-Boot.patch
@@ -25,10 +25,10 @@ Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org>
create mode 100644 kernel/modsign_uefi.c
diff --git a/include/linux/efi.h b/include/linux/efi.h
-index b1d686e9175e..4d41f4532127 100644
+index fb972b96959a..581878071c85 100644
--- a/include/linux/efi.h
+++ b/include/linux/efi.h
-@@ -592,6 +592,12 @@ void efi_native_runtime_setup(void);
+@@ -595,6 +595,12 @@ void efi_native_runtime_setup(void);
#define EFI_CERT_X509_GUID \
EFI_GUID( 0xa5c059a1, 0x94e4, 0x4aa7, 0x87, 0xb5, 0xab, 0x15, 0x5c, 0x2b, 0xf0, 0x72 )
@@ -42,10 +42,10 @@ index b1d686e9175e..4d41f4532127 100644
efi_guid_t guid;
u64 table;
diff --git a/init/Kconfig b/init/Kconfig
-index d99a519bb9ae..9ef459bb44b2 100644
+index ea0dbdf29b75..dac9ed0f01f7 100644
--- a/init/Kconfig
+++ b/init/Kconfig
-@@ -1901,6 +1901,15 @@ config MODULE_SIG_ALL
+@@ -1896,6 +1896,15 @@ config MODULE_SIG_ALL
comment "Do not forget to sign required modules with scripts/sign-file"
depends on MODULE_SIG_FORCE && !MODULE_SIG_ALL
@@ -62,7 +62,7 @@ index d99a519bb9ae..9ef459bb44b2 100644
prompt "Which hash algorithm should modules be signed with?"
depends on MODULE_SIG
diff --git a/kernel/Makefile b/kernel/Makefile
-index 17ea6d4a9a24..381fe2d56ed1 100644
+index a59481a3fa6c..04b4ba9e0c9d 100644
--- a/kernel/Makefile
+++ b/kernel/Makefile
@@ -45,6 +45,7 @@ obj-$(CONFIG_UID16) += uid16.o
@@ -73,7 +73,7 @@ index 17ea6d4a9a24..381fe2d56ed1 100644
obj-$(CONFIG_KALLSYMS) += kallsyms.o
obj-$(CONFIG_BSD_PROCESS_ACCT) += acct.o
obj-$(CONFIG_KEXEC) += kexec.o
-@@ -99,6 +100,8 @@ obj-$(CONFIG_TORTURE_TEST) += torture.o
+@@ -98,6 +99,8 @@ obj-$(CONFIG_TORTURE_TEST) += torture.o
$(obj)/configs.o: $(obj)/config_data.h
diff --git a/Makefile b/Makefile
index 0cdc9beeb..4f11a034b 100644
--- a/Makefile
+++ b/Makefile
@@ -54,6 +54,7 @@ debug:
@perl -pi -e 's/# CONFIG_DEBUG_OBJECTS_PERCPU_COUNTER is not set/CONFIG_DEBUG_OBJECTS_PERCPU_COUNTER=y/' config-nodebug
@perl -pi -e 's/# CONFIG_DEBUG_OBJECTS_RCU_HEAD is not set/CONFIG_DEBUG_OBJECTS_RCU_HEAD=y/' config-nodebug
@perl -pi -e 's/# CONFIG_X86_PTDUMP is not set/CONFIG_X86_PTDUMP=y/' config-nodebug
+ @perl -pi -e 's/# CONFIG_ARM64_PTDUMP is not set/CONFIG_ARM64_PTDUMP=y/' config-nodebug
@perl -pi -e 's/# CONFIG_EFI_PGT_DUMP is not set/CONFIG_EFI_PGT_DUMP=y/' config-nodebug
@perl -pi -e 's/# CONFIG_CAN_DEBUG_DEVICES is not set/CONFIG_CAN_DEBUG_DEVICES=y/' config-nodebug
@perl -pi -e 's/# CONFIG_MODULE_FORCE_UNLOAD is not set/CONFIG_MODULE_FORCE_UNLOAD=y/' config-nodebug
diff --git a/Makefile.release b/Makefile.release
index 6343073f9..f7b704237 100644
--- a/Makefile.release
+++ b/Makefile.release
@@ -33,7 +33,7 @@ config-release:
@perl -pi -e 's/CONFIG_DEBUG_OBJECTS_WORK=y/# CONFIG_DEBUG_OBJECTS_WORK is not set/' config-nodebug
@perl -pi -e 's/CONFIG_DEBUG_OBJECTS_PERCPU_COUNTER=y/# CONFIG_DEBUG_OBJECTS_PERCPU_COUNTER is not set/' config-nodebug
@perl -pi -e 's/CONFIG_DEBUG_OBJECTS_RCU_HEAD=y/# CONFIG_DEBUG_OBJECTS_RCU_HEAD is not set/' config-nodebug
- @perl -pi -e 's/CONFIG_X86_PTDUMP=y/# CONFIG_X86_PTDUMP is not set/' config-nodebug
+ @perl -pi -e 's/CONFIG_ARM64_PTDUMP=y/# CONFIG_ARM64_PTDUMP is not set/' config-nodebug
@perl -pi -e 's/CONFIG_EFI_PGT_DUMP=y/# CONFIG_EFI_PGT_DUMP is not set/' config-nodebug
@perl -pi -e 's/CONFIG_CAN_DEBUG_DEVICES=y/# CONFIG_CAN_DEBUG_DEVICES is not set/' config-nodebug
@perl -pi -e 's/CONFIG_MODULE_FORCE_UNLOAD=y/# CONFIG_MODULE_FORCE_UNLOAD is not set/' config-nodebug
diff --git a/PCI-Lock-down-BAR-access-when-module-security-is-ena.patch b/PCI-Lock-down-BAR-access-when-module-security-is-ena.patch
index a337a4a4c..9a234bcfc 100644
--- a/PCI-Lock-down-BAR-access-when-module-security-is-ena.patch
+++ b/PCI-Lock-down-BAR-access-when-module-security-is-ena.patch
@@ -16,7 +16,7 @@ Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
3 files changed, 19 insertions(+), 2 deletions(-)
diff --git a/drivers/pci/pci-sysfs.c b/drivers/pci/pci-sysfs.c
-index 2c6643fdc0cf..56333630ab77 100644
+index aa012fb3834b..35cb5e9ff9a1 100644
--- a/drivers/pci/pci-sysfs.c
+++ b/drivers/pci/pci-sysfs.c
@@ -30,6 +30,7 @@
@@ -27,7 +27,7 @@ index 2c6643fdc0cf..56333630ab77 100644
#include "pci.h"
static int sysfs_initialized; /* = 0 */
-@@ -703,6 +704,9 @@ static ssize_t pci_write_config(struct file *filp, struct kobject *kobj,
+@@ -709,6 +710,9 @@ static ssize_t pci_write_config(struct file *filp, struct kobject *kobj,
loff_t init_off = off;
u8 *data = (u8 *) buf;
@@ -37,7 +37,7 @@ index 2c6643fdc0cf..56333630ab77 100644
if (off > dev->cfg_size)
return 0;
if (off + count > dev->cfg_size) {
-@@ -997,6 +1001,9 @@ static int pci_mmap_resource(struct kobject *kobj, struct bin_attribute *attr,
+@@ -1003,6 +1007,9 @@ static int pci_mmap_resource(struct kobject *kobj, struct bin_attribute *attr,
resource_size_t start, end;
int i;
@@ -47,7 +47,7 @@ index 2c6643fdc0cf..56333630ab77 100644
for (i = 0; i < PCI_ROM_RESOURCE; i++)
if (res == &pdev->resource[i])
break;
-@@ -1098,6 +1105,9 @@ static ssize_t pci_write_resource_io(struct file *filp, struct kobject *kobj,
+@@ -1104,6 +1111,9 @@ static ssize_t pci_write_resource_io(struct file *filp, struct kobject *kobj,
struct bin_attribute *attr, char *buf,
loff_t off, size_t count)
{
diff --git a/Restrict-dev-mem-and-dev-kmem-when-module-loading-is.patch b/Restrict-dev-mem-and-dev-kmem-when-module-loading-is.patch
index 0b8b5cc4c..dd42dbdf2 100644
--- a/Restrict-dev-mem-and-dev-kmem-when-module-loading-is.patch
+++ b/Restrict-dev-mem-and-dev-kmem-when-module-loading-is.patch
@@ -13,10 +13,10 @@ Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
1 file changed, 6 insertions(+)
diff --git a/drivers/char/mem.c b/drivers/char/mem.c
-index c268e2581ed6..fb9ea1172ba8 100644
+index fc9637812d78..dde50e5bf527 100644
--- a/drivers/char/mem.c
+++ b/drivers/char/mem.c
-@@ -164,6 +164,9 @@ static ssize_t write_mem(struct file *file, const char __user *buf,
+@@ -167,6 +167,9 @@ static ssize_t write_mem(struct file *file, const char __user *buf,
if (p != *ppos)
return -EFBIG;
@@ -26,7 +26,7 @@ index c268e2581ed6..fb9ea1172ba8 100644
if (!valid_phys_addr_range(p, count))
return -EFAULT;
-@@ -502,6 +505,9 @@ static ssize_t write_kmem(struct file *file, const char __user *buf,
+@@ -505,6 +508,9 @@ static ssize_t write_kmem(struct file *file, const char __user *buf,
char *kbuf; /* k-addr because vwrite() takes vmlist_lock rwlock */
int err = 0;
diff --git a/Revert-Revert-ACPI-video-change-acpi-video-brightnes.patch b/Revert-Revert-ACPI-video-change-acpi-video-brightnes.patch
index 94c8e9d63..cb163d4d5 100644
--- a/Revert-Revert-ACPI-video-change-acpi-video-brightnes.patch
+++ b/Revert-Revert-ACPI-video-change-acpi-video-brightnes.patch
@@ -15,10 +15,10 @@ Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org>
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt
-index 479f33204a37..e362ef82dcc1 100644
+index 4df73da11adc..25ba093a98f1 100644
--- a/Documentation/kernel-parameters.txt
+++ b/Documentation/kernel-parameters.txt
-@@ -3719,7 +3719,7 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
+@@ -3792,7 +3792,7 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
the allocated input device; If set to 0, video driver
will only send out the event without touching backlight
brightness level.
@@ -28,7 +28,7 @@ index 479f33204a37..e362ef82dcc1 100644
virtio_mmio.device=
[VMMIO] Memory mapped virtio (platform) device.
diff --git a/drivers/acpi/video.c b/drivers/acpi/video.c
-index 9d75ead2a1f9..d7a0142cae8d 100644
+index c72e79d2c5ad..d621997f2ed6 100644
--- a/drivers/acpi/video.c
+++ b/drivers/acpi/video.c
@@ -68,7 +68,7 @@ MODULE_AUTHOR("Bruno Ducrot");
diff --git a/acpi-Ignore-acpi_rsdp-kernel-parameter-when-module-l.patch b/acpi-Ignore-acpi_rsdp-kernel-parameter-when-module-l.patch
index 077582bb2..7afe23d42 100644
--- a/acpi-Ignore-acpi_rsdp-kernel-parameter-when-module-l.patch
+++ b/acpi-Ignore-acpi_rsdp-kernel-parameter-when-module-l.patch
@@ -13,7 +13,7 @@ Signed-off-by: Josh Boyer <jwboyer@redhat.com>
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/acpi/osl.c b/drivers/acpi/osl.c
-index 9964f70be98d..d95d258f606c 100644
+index f9eeae871593..aa1dcf3d0216 100644
--- a/drivers/acpi/osl.c
+++ b/drivers/acpi/osl.c
@@ -44,6 +44,7 @@
diff --git a/arm-dts-am335x-boneblack-add-cpu0-opp-points.patch b/arm-dts-am335x-boneblack-add-cpu0-opp-points.patch
index feaa82e3c..f212c3efb 100644
--- a/arm-dts-am335x-boneblack-add-cpu0-opp-points.patch
+++ b/arm-dts-am335x-boneblack-add-cpu0-opp-points.patch
@@ -8,7 +8,7 @@ Signed-off-by: Robert Nelson <robertcnelson@gmail.com>
1 file changed, 18 insertions(+)
diff --git a/arch/arm/boot/dts/am335x-boneblack.dts b/arch/arm/boot/dts/am335x-boneblack.dts
-index 5dcdcd173572..38439e097b26 100644
+index 0fd89c38cf02..20660917a06f 100644
--- a/arch/arm/boot/dts/am335x-boneblack.dts
+++ b/arch/arm/boot/dts/am335x-boneblack.dts
@@ -71,6 +71,24 @@
diff --git a/arm-dts-am335x-boneblack-lcdc-add-panel-info.patch b/arm-dts-am335x-boneblack-lcdc-add-panel-info.patch
index 55450814b..46a151a9f 100644
--- a/arm-dts-am335x-boneblack-lcdc-add-panel-info.patch
+++ b/arm-dts-am335x-boneblack-lcdc-add-panel-info.patch
@@ -11,10 +11,10 @@ Signed-off-by: Robert Nelson <robertcnelson@gmail.com>
1 file changed, 13 insertions(+)
diff --git a/arch/arm/boot/dts/am335x-boneblack.dts b/arch/arm/boot/dts/am335x-boneblack.dts
-index 901739fcb85a..5dcdcd173572 100644
+index 5c42d259fa68..0fd89c38cf02 100644
--- a/arch/arm/boot/dts/am335x-boneblack.dts
+++ b/arch/arm/boot/dts/am335x-boneblack.dts
-@@ -78,5 +78,18 @@
+@@ -78,6 +78,19 @@
pinctrl-0 = <&nxp_hdmi_bonelt_pins>;
pinctrl-1 = <&nxp_hdmi_bonelt_off_pins>;
status = "okay";
@@ -33,6 +33,7 @@ index 901739fcb85a..5dcdcd173572 100644
+ };
};
};
+
--
2.1.0
diff --git a/arm-dts-sun7i-bananapi.patch b/arm-dts-sun7i-bananapi.patch
deleted file mode 100644
index 52b019709..000000000
--- a/arm-dts-sun7i-bananapi.patch
+++ /dev/null
@@ -1,213 +0,0 @@
-From: Hans de Goede <hdegoede@redhat.com>
-Date: Tue, 30 Sep 2014 14:29:26 +0100
-Subject: [PATCH] arm: dts sun7i bananapi
-
-The Banana Pi is an A20 based development board using Raspberry Pi compatible
-IO headers. It comes with 1 GB RAM, 1 Gb ethernet, 2x USB host, sata, hdmi
-and stereo audio out + various expenansion headers:
-
-Signed-off-by: Hans de Goede <hdegoede@xxxxxxxxxx>
----
- arch/arm/boot/dts/Makefile | 1 +
- arch/arm/boot/dts/sun7i-a20-bananapi.dts | 177 +++++++++++++++++++++++++++++++
- 2 files changed, 178 insertions(+)
- create mode 100644 arch/arm/boot/dts/sun7i-a20-bananapi.dts
-
-diff --git a/arch/arm/boot/dts/Makefile b/arch/arm/boot/dts/Makefile
-index 38c89cafa1ab..63422bde3a46 100644
---- a/arch/arm/boot/dts/Makefile
-+++ b/arch/arm/boot/dts/Makefile
-@@ -435,6 +435,7 @@ dtb-$(CONFIG_MACH_SUN6I) += \
- sun6i-a31-hummingbird.dtb \
- sun6i-a31-m9.dtb
- dtb-$(CONFIG_MACH_SUN7I) += \
-+ sun7i-a20-bananapi.dtb \
- sun7i-a20-cubieboard2.dtb \
- sun7i-a20-cubietruck.dtb \
- sun7i-a20-hummingbird.dtb \
-diff --git a/arch/arm/boot/dts/sun7i-a20-bananapi.dts b/arch/arm/boot/dts/sun7i-a20-bananapi.dts
-new file mode 100644
-index 000000000000..7214475a3c36
---- /dev/null
-+++ b/arch/arm/boot/dts/sun7i-a20-bananapi.dts
-@@ -0,0 +1,177 @@
-+/*
-+ * Copyright 2014 Hans de Goede <hdegoede@xxxxxxxxxx>
-+ *
-+ * The code contained herein is licensed under the GNU General Public
-+ * License. You may obtain a copy of the GNU General Public License
-+ * Version 2 or later at the following locations:
-+ *
-+ * http://www.opensource.org/licenses/gpl-license.html
-+ * http://www.gnu.org/copyleft/gpl.html
-+ */
-+
-+/dts-v1/;
-+/include/ "sun7i-a20.dtsi"
-+/include/ "sunxi-common-regulators.dtsi"
-+
-+/ {
-+ model = "LeMaker Banana Pi";
-+ compatible = "lemaker,bananapi", "allwinner,sun7i-a20";
-+
-+ soc@01c00000 {
-+ mmc0: mmc@01c0f000 {
-+ pinctrl-names = "default";
-+ pinctrl-0 = <&mmc0_pins_a>, <&mmc0_cd_pin_bananapi>;
-+ vmmc-supply = <&reg_vcc3v3>;
-+ bus-width = <4>;
-+ cd-gpios = <&pio 7 10 0>; /* PH10 */
-+ cd-inverted;
-+ status = "okay";
-+ };
-+
-+ usbphy: phy@01c13400 {
-+ usb1_vbus-supply = <&reg_usb1_vbus>;
-+ usb2_vbus-supply = <&reg_usb2_vbus>;
-+ status = "okay";
-+ };
-+
-+ ehci0: usb@01c14000 {
-+ status = "okay";
-+ };
-+
-+ ohci0: usb@01c14400 {
-+ status = "okay";
-+ };
-+
-+ ahci: sata@01c18000 {
-+ status = "okay";
-+ };
-+
-+ ehci1: usb@01c1c000 {
-+ status = "okay";
-+ };
-+
-+ ohci1: usb@01c1c400 {
-+ status = "okay";
-+ };
-+
-+ pinctrl@01c20800 {
-+ uart3_pins_bananapi: uart3_pin@0 {
-+ allwinner,pins = "PH0", "PH1";
-+ allwinner,function = "uart3";
-+ allwinner,drive = <0>;
-+ allwinner,pull = <0>;
-+ };
-+
-+ mmc0_cd_pin_bananapi: mmc0_cd_pin@0 {
-+ allwinner,pins = "PH10";
-+ allwinner,function = "gpio_in";
-+ allwinner,drive = <0>;
-+ allwinner,pull = <1>;
-+ };
-+
-+ gmac_power_pin_bananapi: gmac_power_pin@0 {
-+ allwinner,pins = "PH23";
-+ allwinner,function = "gpio_out";
-+ allwinner,drive = <0>;
-+ allwinner,pull = <0>;
-+ };
-+
-+ led_pins_bananapi: led_pins@0 {
-+ allwinner,pins = "PH24";
-+ allwinner,function = "gpio_out";
-+ allwinner,drive = <0>;
-+ allwinner,pull = <0>;
-+ };
-+ };
-+
-+ ir0: ir@01c21800 {
-+ pinctrl-names = "default";
-+ pinctrl-0 = <&ir0_pins_a>;
-+ status = "okay";
-+ };
-+
-+ uart0: serial@01c28000 {
-+ pinctrl-names = "default";
-+ pinctrl-0 = <&uart0_pins_a>;
-+ status = "okay";
-+ };
-+
-+ uart3: serial@01c28c00 {
-+ pinctrl-names = "default";
-+ pinctrl-0 = <&uart3_pins_bananapi>;
-+ status = "okay";
-+ };
-+
-+ uart7: serial@01c29c00 {
-+ pinctrl-names = "default";
-+ pinctrl-0 = <&uart7_pins_a>;
-+ status = "okay";
-+ };
-+
-+ i2c0: i2c@01c2ac00 {
-+ pinctrl-names = "default";
-+ pinctrl-0 = <&i2c0_pins_a>;
-+ status = "okay";
-+
-+ axp209: pmic@34 {
-+ compatible = "x-powers,axp209";
-+ reg = <0x34>;
-+ interrupt-parent = <&nmi_intc>;
-+ interrupts = <0 8>;
-+
-+ interrupt-controller;
-+ #interrupt-cells = <1>;
-+ };
-+ };
-+
-+ i2c2: i2c@01c2b400 {
-+ pinctrl-names = "default";
-+ pinctrl-0 = <&i2c2_pins_a>;
-+ status = "okay";
-+ };
-+
-+ gmac: ethernet@01c50000 {
-+ pinctrl-names = "default";
-+ pinctrl-0 = <&gmac_pins_rgmii_a>;
-+ phy = <&phy1>;
-+ phy-mode = "rgmii";
-+ phy-supply = <&reg_gmac_3v3>;
-+ status = "okay";
-+
-+ phy1: ethernet-phy@1 {
-+ reg = <1>;
-+ };
-+ };
-+ };
-+
-+ leds {
-+ compatible = "gpio-leds";
-+ pinctrl-names = "default";
-+ pinctrl-0 = <&led_pins_bananapi>;
-+
-+ green {
-+ label = "bananapi:green:usr";
-+ gpios = <&pio 7 24 0>;
-+ };
-+ };
-+
-+ reg_usb1_vbus: usb1-vbus {
-+ status = "okay";
-+ };
-+
-+ reg_usb2_vbus: usb2-vbus {
-+ status = "okay";
-+ };
-+
-+ reg_gmac_3v3: gmac-3v3 {
-+ compatible = "regulator-fixed";
-+ pinctrl-names = "default";
-+ pinctrl-0 = <&gmac_power_pin_bananapi>;
-+ regulator-name = "gmac-3v3";
-+ regulator-min-microvolt = <3300000>;
-+ regulator-max-microvolt = <3300000>;
-+ startup-delay-us = <50000>;
-+ enable-active-high;
-+ gpio = <&pio 7 23 0>;
-+ };
-+};
---
-2.1.0
-
diff --git a/asus-wmi-Restrict-debugfs-interface-when-module-load.patch b/asus-wmi-Restrict-debugfs-interface-when-module-load.patch
index 01d2c9386..6dd8b8342 100644
--- a/asus-wmi-Restrict-debugfs-interface-when-module-load.patch
+++ b/asus-wmi-Restrict-debugfs-interface-when-module-load.patch
@@ -15,10 +15,10 @@ Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
1 file changed, 9 insertions(+)
diff --git a/drivers/platform/x86/asus-wmi.c b/drivers/platform/x86/asus-wmi.c
-index 21fc932da3a1..c6d42ad95c08 100644
+index 7543a56e0f45..93b5a6998371 100644
--- a/drivers/platform/x86/asus-wmi.c
+++ b/drivers/platform/x86/asus-wmi.c
-@@ -1590,6 +1590,9 @@ static int show_dsts(struct seq_file *m, void *data)
+@@ -1589,6 +1589,9 @@ static int show_dsts(struct seq_file *m, void *data)
int err;
u32 retval = -1;
@@ -28,7 +28,7 @@ index 21fc932da3a1..c6d42ad95c08 100644
err = asus_wmi_get_devstate(asus, asus->debug.dev_id, &retval);
if (err < 0)
-@@ -1606,6 +1609,9 @@ static int show_devs(struct seq_file *m, void *data)
+@@ -1605,6 +1608,9 @@ static int show_devs(struct seq_file *m, void *data)
int err;
u32 retval = -1;
@@ -38,7 +38,7 @@ index 21fc932da3a1..c6d42ad95c08 100644
err = asus_wmi_set_devstate(asus->debug.dev_id, asus->debug.ctrl_param,
&retval);
-@@ -1630,6 +1636,9 @@ static int show_call(struct seq_file *m, void *data)
+@@ -1629,6 +1635,9 @@ static int show_call(struct seq_file *m, void *data)
union acpi_object *obj;
acpi_status status;
diff --git a/ath9k-rx-dma-stop-check.patch b/ath9k-rx-dma-stop-check.patch
index c1034a057..7613691bb 100644
--- a/ath9k-rx-dma-stop-check.patch
+++ b/ath9k-rx-dma-stop-check.patch
@@ -7,10 +7,10 @@ Subject: [PATCH] ath9k: rx dma stop check
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/drivers/net/wireless/ath/ath9k/mac.c b/drivers/net/wireless/ath/ath9k/mac.c
-index 275205ab5f15..bb842623bdf6 100644
+index 3e58bfa0c1fd..406eea47256e 100644
--- a/drivers/net/wireless/ath/ath9k/mac.c
+++ b/drivers/net/wireless/ath/ath9k/mac.c
-@@ -700,7 +700,7 @@ bool ath9k_hw_stopdmarecv(struct ath_hw *ah, bool *reset)
+@@ -693,7 +693,7 @@ bool ath9k_hw_stopdmarecv(struct ath_hw *ah, bool *reset)
{
#define AH_RX_STOP_DMA_TIMEOUT 10000 /* usec */
struct ath_common *common = ath9k_hw_common(ah);
@@ -19,7 +19,7 @@ index 275205ab5f15..bb842623bdf6 100644
int i;
/* Enable access to the DMA observation bus */
-@@ -730,6 +730,16 @@ bool ath9k_hw_stopdmarecv(struct ath_hw *ah, bool *reset)
+@@ -723,6 +723,16 @@ bool ath9k_hw_stopdmarecv(struct ath_hw *ah, bool *reset)
}
if (i == 0) {
diff --git a/blk-mq-Fix-uninitialized-kobject-at-CPU-hotplugging.patch b/blk-mq-Fix-uninitialized-kobject-at-CPU-hotplugging.patch
deleted file mode 100644
index 9042e1bee..000000000
--- a/blk-mq-Fix-uninitialized-kobject-at-CPU-hotplugging.patch
+++ /dev/null
@@ -1,79 +0,0 @@
-From: Takashi Iwai <tiwai@suse.de>
-Date: Wed, 10 Dec 2014 16:38:30 +0100
-Subject: [PATCH] blk-mq: Fix uninitialized kobject at CPU hotplugging
-
-When a CPU is hotplugged, the current blk-mq spews a warning like:
-
- kobject '(null)' (ffffe8ffffc8b5d8): tried to add an uninitialized object, something is seriously wrong.
- CPU: 1 PID: 1386 Comm: systemd-udevd Not tainted 3.18.0-rc7-2.g088d59b-default #1
- Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.7.5-20140531_171129-lamiak 04/01/2014
- 0000000000000000 0000000000000002 ffffffff81605f07 ffffe8ffffc8b5d8
- ffffffff8132c7a0 ffff88023341d370 0000000000000020 ffff8800bb05bd58
- ffff8800bb05bd08 000000000000a0a0 000000003f441940 0000000000000007
- Call Trace:
- [<ffffffff81005306>] dump_trace+0x86/0x330
- [<ffffffff81005644>] show_stack_log_lvl+0x94/0x170
- [<ffffffff81006d21>] show_stack+0x21/0x50
- [<ffffffff81605f07>] dump_stack+0x41/0x51
- [<ffffffff8132c7a0>] kobject_add+0xa0/0xb0
- [<ffffffff8130aee1>] blk_mq_register_hctx+0x91/0xb0
- [<ffffffff8130b82e>] blk_mq_sysfs_register+0x3e/0x60
- [<ffffffff81309298>] blk_mq_queue_reinit_notify+0xf8/0x190
- [<ffffffff8107cfdc>] notifier_call_chain+0x4c/0x70
- [<ffffffff8105fd23>] cpu_notify+0x23/0x50
- [<ffffffff81060037>] _cpu_up+0x157/0x170
- [<ffffffff810600d9>] cpu_up+0x89/0xb0
- [<ffffffff815fa5b5>] cpu_subsys_online+0x35/0x80
- [<ffffffff814323cd>] device_online+0x5d/0xa0
- [<ffffffff81432485>] online_store+0x75/0x80
- [<ffffffff81236a5a>] kernfs_fop_write+0xda/0x150
- [<ffffffff811c5532>] vfs_write+0xb2/0x1f0
- [<ffffffff811c5f42>] SyS_write+0x42/0xb0
- [<ffffffff8160c4ed>] system_call_fastpath+0x16/0x1b
- [<00007f0132fb24e0>] 0x7f0132fb24e0
-
-This is indeed because of an uninitialized kobject for blk_mq_ctx.
-The blk_mq_ctx kobjects are initialized in blk_mq_sysfs_init(), but it
-goes loop over hctx_for_each_ctx(), i.e. it initializes only for
-online CPUs. Thus, when a CPU is hotplugged, the ctx for the newly
-onlined CPU is registered without initialization.
-
-This patch fixes the issue by initializing the all ctx kobjects
-belonging to each queue.
-
-Bugzilla: https://bugzilla.novell.com/show_bug.cgi?id=908794
-Cc: <stable@vger.kernel.org>
-Signed-off-by: Takashi Iwai <tiwai@suse.de>
-Signed-off-by: Jens Axboe <axboe@fb.com>
----
- block/blk-mq-sysfs.c | 9 ++++-----
- 1 file changed, 4 insertions(+), 5 deletions(-)
-
-diff --git a/block/blk-mq-sysfs.c b/block/blk-mq-sysfs.c
-index 371d8800b48a..1630a20d5dcf 100644
---- a/block/blk-mq-sysfs.c
-+++ b/block/blk-mq-sysfs.c
-@@ -390,16 +390,15 @@ static void blk_mq_sysfs_init(struct request_queue *q)
- {
- struct blk_mq_hw_ctx *hctx;
- struct blk_mq_ctx *ctx;
-- int i, j;
-+ int i;
-
- kobject_init(&q->mq_kobj, &blk_mq_ktype);
-
-- queue_for_each_hw_ctx(q, hctx, i) {
-+ queue_for_each_hw_ctx(q, hctx, i)
- kobject_init(&hctx->kobj, &blk_mq_hw_ktype);
-
-- hctx_for_each_ctx(hctx, ctx, j)
-- kobject_init(&ctx->kobj, &blk_mq_ctx_ktype);
-- }
-+ queue_for_each_ctx(q, ctx, i)
-+ kobject_init(&ctx->kobj, &blk_mq_ctx_ktype);
- }
-
- /* see blk_register_queue() */
---
-2.1.0
-
diff --git a/cfg80211-don-t-WARN-about-two-consecutive-Country-IE.patch b/cfg80211-don-t-WARN-about-two-consecutive-Country-IE.patch
deleted file mode 100644
index 097be41cf..000000000
--- a/cfg80211-don-t-WARN-about-two-consecutive-Country-IE.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-From: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
-Date: Tue, 2 Dec 2014 09:53:25 +0200
-Subject: [PATCH] cfg80211: don't WARN about two consecutive Country IE hint
-
-This can happen and there is no point in added more
-detection code lower in the stack. Catching these in one
-single point (cfg80211) is enough. Stop WARNING about this
-case.
-
-This fixes:
-https://bugzilla.kernel.org/show_bug.cgi?id=89001
-
-Cc: <stable@vger.kernel.org>
-Fixes: 2f1c6c572d7b ("cfg80211: process non country IE conflicting first")
-Signed-off-by: Emmanuel Grumbach <emmanuel.grumbach@intel.com>
-Acked-by: Luis R. Rodriguez <mcgrof@suse.com>
----
- net/wireless/reg.c | 7 ++-----
- 1 file changed, 2 insertions(+), 5 deletions(-)
-
-diff --git a/net/wireless/reg.c b/net/wireless/reg.c
-index b725a31a4751..695f12b2c176 100644
---- a/net/wireless/reg.c
-+++ b/net/wireless/reg.c
-@@ -1839,11 +1839,8 @@ __reg_process_hint_country_ie(struct wiphy *wiphy,
- return REG_REQ_IGNORE;
- return REG_REQ_ALREADY_SET;
- }
-- /*
-- * Two consecutive Country IE hints on the same wiphy.
-- * This should be picked up early by the driver/stack
-- */
-- if (WARN_ON(regdom_changes(country_ie_request->alpha2)))
-+
-+ if (regdom_changes(country_ie_request->alpha2))
- return REG_REQ_OK;
- return REG_REQ_ALREADY_SET;
- }
---
-2.1.0
-
diff --git a/config-arm-generic b/config-arm-generic
index c0fa94ddd..d7df33b2f 100644
--- a/config-arm-generic
+++ b/config-arm-generic
@@ -40,6 +40,7 @@ CONFIG_HAVE_PERF_USER_STACK_DUMP=y
# ARM AMBA generic HW
CONFIG_ARM_AMBA=y
+# CONFIG_TEGRA_AHB is not set
CONFIG_ARM_CCI=y
CONFIG_ARM_CCN=y
CONFIG_ARM_DMA_USE_IOMMU=y
@@ -79,6 +80,7 @@ CONFIG_POWER_RESET_VERSATILE=y
CONFIG_DTC=y
CONFIG_DMA_OF=y
CONFIG_OF=y
+# CONFIG_OF_UNITTEST is not set
CONFIG_OF_ADDRESS=y
CONFIG_OF_DYNAMIC=y
CONFIG_OF_EARLY_FLATTREE=y
@@ -134,6 +136,7 @@ CONFIG_BACKLIGHT_GPIO=m
CONFIG_POWER_RESET_GPIO=y
CONFIG_POWER_RESET_GPIO_RESTART=y
CONFIG_POWER_RESET_RESTART=y
+# CONFIG_GPIO_74XX_MMIO is not set
#i2c
CONFIG_I2C_ARB_GPIO_CHALLENGE=m
@@ -260,6 +263,7 @@ CONFIG_CMA_AREAS=7
# CONFIG_IMX_IPUV3_CORE is not set
# CONFIG_DEBUG_SET_MODULE_RONX is not set
+# CONFIG_CORESIGHT is not set
# CONFIG_LATTICE_ECP3_CONFIG is not set
# CONFIG_BMP085_SPI is not set
diff --git a/config-arm64 b/config-arm64
index 9fd40b9fd..60aabbfae 100644
--- a/config-arm64
+++ b/config-arm64
@@ -8,8 +8,16 @@ CONFIG_SCHED_SMT=y
# arm64 only SoCs
CONFIG_ARCH_XGENE=y
+CONFIG_ARCH_SEATTLE=y
# CONFIG_ARCH_THUNDER is not set
+# Erratum
+CONFIG_ARM64_ERRATUM_826319=y
+CONFIG_ARM64_ERRATUM_827319=y
+CONFIG_ARM64_ERRATUM_824069=y
+CONFIG_ARM64_ERRATUM_819472=y
+CONFIG_ARM64_ERRATUM_832075=y
+
# CONFIG_AMBA_PL08X is not set
CONFIG_ARCH_HAS_HOLES_MEMORYMODEL=y
CONFIG_ARCH_REQUIRE_GPIOLIB=y
@@ -78,6 +86,7 @@ CONFIG_CRYPTO_AES_ARM64_CE=m
CONFIG_CRYPTO_AES_ARM64_CE_CCM=m
CONFIG_CRYPTO_AES_ARM64_CE_BLK=m
CONFIG_CRYPTO_AES_ARM64_NEON_BLK=m
+CONFIG_CRYPTO_CRC32_ARM64=m
CONFIG_CRYPTO_DEV_CCP=y
CONFIG_CRYPTO_DEV_CCP_DD=m
CONFIG_CRYPTO_DEV_CCP_CRYPTO=m
@@ -133,6 +142,7 @@ CONFIG_AMD_XGBE_PHY=m
# CONFIG_AMD_XGBE_DCB is not set
# CONFIG_IMX_THERMAL is not set
+# CONFIG_MMC_DW is not set
# still? 2014-11-11
# CONFIG_BPF_JIT is not set
diff --git a/config-armv7 b/config-armv7
index 652d2248f..223684aef 100644
--- a/config-armv7
+++ b/config-armv7
@@ -114,6 +114,7 @@ CONFIG_OMAP3_EMU=y
CONFIG_SERIAL_OMAP=y
CONFIG_SERIAL_OMAP_CONSOLE=y
+CONFIG_SERIAL_8250_OMAP=m
CONFIG_GPIO_TWL4030=m
CONFIG_GPIO_TWL6040=m
@@ -258,7 +259,7 @@ CONFIG_SND_OMAP_SOC_DMIC=m
CONFIG_SND_OMAP_SOC_HDMI=m
CONFIG_SND_OMAP_SOC_MCBSP=m
CONFIG_SND_OMAP_SOC_MCPDM=m
-CONFIG_SND_OMAP_SOC_OMAP_HDMI=m
+CONFIG_SND_OMAP_SOC_HDMI_AUDIO=m
CONFIG_SND_OMAP_SOC_OMAP_ABE_TWL6040=m
CONFIG_SND_OMAP_SOC_OMAP_TWL4030=m
CONFIG_SND_OMAP_SOC_OMAP3_PANDORA=m
@@ -372,6 +373,7 @@ CONFIG_SOC_IMX53=y
CONFIG_SOC_IMX6Q=y
CONFIG_SOC_IMX6SL=y
CONFIG_SOC_IMX6SX=y
+# CONFIG_SOC_LS1021A is not set
# CONFIG_SOC_VF610 is not set
CONFIG_ARM_IMX6Q_CPUFREQ=m
CONFIG_PCI_IMX6=y
@@ -411,6 +413,8 @@ CONFIG_CRYPTO_DEV_SAHARA=m
CONFIG_RTC_DRV_SNVS=m
# CONFIG_FB_MX3 is not set
# CONFIG_FB_IMX is not set
+# CONFIG_FB_MXS is not set
+# CONFIG_POWER_RESET_IMX is not set
CONFIG_SND_IMX_SOC=m
CONFIG_SND_SOC_FSL_ASOC_CARD=m
@@ -501,6 +505,7 @@ CONFIG_REGULATOR_DA9055=m
CONFIG_ARCH_EXYNOS4=y
CONFIG_SOC_EXYNOS4212=y
CONFIG_SOC_EXYNOS4412=y
+# CONFIG_SOC_EXYNOS4415 is not set
CONFIG_ARM_EXYNOS4210_CPUFREQ=y
CONFIG_ARM_EXYNOS4X12_CPUFREQ=y
CONFIG_AK8975=m
@@ -521,6 +526,10 @@ CONFIG_COMMON_CLK_RK808=m
CONFIG_REGULATOR_RK808=m
CONFIG_RTC_DRV_HYM8563=m
CONFIG_ROCKCHIP_SARADC=m
+CONFIG_ROCKCHIP_IOMMU=y
+CONFIG_SND_SOC_ROCKCHIP_I2S=m
+CONFIG_ROCKCHIP_THERMAL=m
+CONFIG_DRM_ROCKCHIP=m
# ST Ericsson
CONFIG_MACH_HREFV60=y
diff --git a/config-armv7-generic b/config-armv7-generic
index cd5f89b33..f50ce2cba 100644
--- a/config-armv7-generic
+++ b/config-armv7-generic
@@ -123,6 +123,7 @@ CONFIG_PM_OPP=y
CONFIG_ARM_CPU_SUSPEND=y
CONFIG_ARM_PSCI=y
CONFIG_THERMAL=y
+CONFIG_CLOCK_THERMAL=y
CONFIG_CPUFREQ_DT=y
# CONFIG_ARM_BIG_LITTLE_CPUFREQ is not set
@@ -134,6 +135,7 @@ CONFIG_XZ_DEC_ARM=y
CONFIG_UACCESS_WITH_MEMCPY=y
CONFIG_PCI_HOST_GENERIC=y
+# CONFIG_PCI_LAYERSCAPE is not set
CONFIG_LBDAF=y
@@ -174,6 +176,7 @@ CONFIG_ARM_HIGHBANK_CPUFREQ=m
CONFIG_MACH_SUN6I=y
CONFIG_MACH_SUN7I=y
# CONFIG_MACH_SUN8I is not set
+# CONFIG_MACH_SUN9I is not set
CONFIG_DMA_SUN6I=m
CONFIG_SUNXI_WATCHDOG=m
CONFIG_NET_VENDOR_ALLWINNER=y
@@ -196,6 +199,8 @@ CONFIG_IR_SUNXI=m
CONFIG_MDIO_SUN4I=m
CONFIG_SUN4I_EMAC=m
CONFIG_RTC_DRV_SUN6I=m
+CONFIG_AXP288_ADC=m
+CONFIG_MTD_NAND_SUNXI=m
# Exynos
CONFIG_ARCH_EXYNOS3=y
@@ -311,6 +316,7 @@ CONFIG_EXTCON_MAX8997=m
# Tegra
CONFIG_ARCH_TEGRA_114_SOC=y
CONFIG_ARCH_TEGRA_124_SOC=y
+CONFIG_TEGRA_AHB=y
CONFIG_ARM_TEGRA_CPUFREQ=y
CONFIG_TRUSTED_FOUNDATIONS=y
CONFIG_SERIAL_TEGRA=y
@@ -344,6 +350,8 @@ CONFIG_NOUVEAU_PLATFORM_DRIVER=m
CONFIG_AD525X_DPOT=m
CONFIG_AD525X_DPOT_I2C=m
CONFIG_AD525X_DPOT_SPI=m
+CONFIG_TEGRA_SOCTHERM=m
+CONFIG_TEGRA_MC=y
# Jetson TK1
CONFIG_PINCTRL_AS3722=y
@@ -361,6 +369,7 @@ CONFIG_DRM_PANEL=y
CONFIG_DRM_PANEL_SIMPLE=m
CONFIG_DRM_PANEL_LD9040=m
CONFIG_DRM_PANEL_S6E8AA0=m
+CONFIG_DRM_PANEL_SHARP_LQ101R1SX01=m
# regmap
CONFIG_REGMAP=y
@@ -370,10 +379,6 @@ CONFIG_REGMAP_SPMI=m
CONFIG_REGMAP_MMIO=m
CONFIG_REGMAP_IRQ=y
-# Power management
-CONFIG_PM_OPP=y
-CONFIG_ARM_CPU_SUSPEND=y
-
# usb
CONFIG_USB_OHCI_HCD_PLATFORM=m
CONFIG_USB_EHCI_HCD_PLATFORM=m
@@ -391,6 +396,8 @@ CONFIG_USB_GADGET_STORAGE_NUM_BUFFERS=2
CONFIG_USB_MUSB_HDRC=m
CONFIG_USB_MUSB_DUAL_ROLE=y
CONFIG_USB_MUSB_DSPS=m
+# CONFIG_USB_MUSB_TUSB6010 is not set
+# CONFIG_USB_MUSB_UX500 is not set
CONFIG_USB_GPIO_VBUS=m
CONFIG_USB_CONFIGFS=m
CONFIG_USB_CONFIGFS_ACM=y
@@ -404,6 +411,10 @@ CONFIG_USB_CONFIGFS_OBEX=y
CONFIG_USB_CONFIGFS_SERIAL=y
# CONFIG_USB_CONFIGFS_F_LB_SS is not set
# CONFIG_USB_CONFIGFS_F_FS is not set
+# CONFIG_USB_CONFIGFS_F_UAC1 is not set
+# CONFIG_USB_CONFIGFS_F_UAC2 is not set
+# CONFIG_USB_CONFIGFS_F_MIDI is not set
+# CONFIG_USB_CONFIGFS_F_HID is not set
# CONFIG_MUSB_PIO_ONLY is not set
# CONFIG_USB_GADGET_DEBUG is not set
@@ -416,6 +427,7 @@ CONFIG_USB_CONFIGFS_SERIAL=y
# CONFIG_USB_PXA27X is not set
# CONFIG_USB_MV_UDC is not set
# CONFIG_USB_MV_U3D is not set
+# CONFIG_USB_BDC_UDC is not set
# CONFIG_USB_M66592 is not set
# CONFIG_USB_AMD5536UDC is not set
# CONFIG_USB_NET2272 is not set
@@ -572,7 +584,7 @@ CONFIG_SPI_DW_PCI=m
# CONFIG_MMC_QCOM_DML is not set
# CONFIG_MMC_DW_ROCKCHIP is not set
CONFIG_USB_DWC2=y
-CONFIG_USB_DWC2_HOST=m
+CONFIG_USB_DWC2_HOST=y
CONFIG_USB_DWC2_PLATFORM=y
CONFIG_USB_DWC2_PCI=y
# CONFIG_USB_DWC2_PERIPHERAL is not set
@@ -660,6 +672,15 @@ CONFIG_SND_SOC_SPDIF=m
# CONFIG_SND_SOC_FSL_ASOC_CARD is not set
# CONFIG_SND_EDMA_SOC is not set
# CONFIG_SND_SOC_ROCKCHIP is not set
+# CONFIG_SND_SOC_ARNDALE_RT5631_ALC5631 is not set
+# CONFIG_SND_SOC_CS42L51_I2C is not set
+# CONFIG_SND_SOC_CS4271_I2C is not set
+# CONFIG_SND_SOC_CS4271_SPI is not set
+# CONFIG_SND_SOC_RT5631 is not set
+# CONFIG_SND_SOC_TFA9879 is not set
+# CONFIG_SND_SOC_TLV320AIC23_I2C is not set
+# CONFIG_SND_SOC_TLV320AIC23_SPI is not set
+# CONFIG_SND_SOC_TS3A227E is not set
# Displays
CONFIG_BACKLIGHT_TPS65217=m
@@ -721,6 +742,7 @@ CONFIG_REGULATOR_DA9211=m
CONFIG_REGULATOR_ISL9305=m
CONFIG_REGULATOR_MAX77802=m
CONFIG_REGULATOR_PWM=m
+CONFIG_SENSORS_LTC2978_REGULATOR=y
CONFIG_POWER_AVS=y
CONFIG_CHARGER_MANAGER=y
@@ -853,6 +875,7 @@ CONFIG_I2C_CROS_EC_TUNNEL=m
# CONFIG_SERIAL_MAX3100 is not set
# CONFIG_SERIAL_MAX310X is not set
# CONFIG_SERIAL_IFX6X60 is not set
+# CONFIG_SERIAL_BCM63XX is not set
# CONFIG_FB_XILINX is not set
# CONFIG_BRCMSTB_GISB_ARB is not set
# CONFIG_SUNGEM is not set
@@ -888,3 +911,4 @@ CONFIG_I2C_CROS_EC_TUNNEL=m
# CONFIG_OMAP2_DSS_DEBUG is not set
# CONFIG_CRYPTO_DEV_UX500_DEBUG is not set
# CONFIG_AB8500_DEBUG is not set
+# CONFIG_ARM_KERNMEM_PERMS is not set
diff --git a/config-debug b/config-debug
index 467f33a19..28297d87e 100644
--- a/config-debug
+++ b/config-debug
@@ -35,6 +35,8 @@ CONFIG_ACPI_DEBUG=y
CONFIG_DEBUG_SG=y
CONFIG_DEBUG_PI_LIST=y
+# CONFIG_PAGE_EXTENSION is not set
+# CONFIG_PAGE_OWNER is not set
# CONFIG_DEBUG_PAGEALLOC is not set
CONFIG_DEBUG_OBJECTS=y
@@ -45,6 +47,7 @@ CONFIG_DEBUG_OBJECTS_RCU_HEAD=y
CONFIG_DEBUG_OBJECTS_ENABLE_DEFAULT=1
CONFIG_X86_PTDUMP=y
+CONFIG_ARM64_PTDUMP=y
CONFIG_EFI_PGT_DUMP=y
CONFIG_CAN_DEBUG_DEVICES=y
diff --git a/config-generic b/config-generic
index 74539dc30..596118f62 100644
--- a/config-generic
+++ b/config-generic
@@ -145,6 +145,7 @@ CONFIG_MMC_USHC=m
CONFIG_MMC_REALTEK_PCI=m
CONFIG_MMC_REALTEK_USB=m
CONFIG_MMC_VUB300=m
+CONFIG_MMC_TOSHIBA_PCI=m
# CONFIG_MMC_SPI is not set
# CONFIG_MMC_SDHCI_PXAV2 is not set
# CONFIG_MMC_SDHCI_PXAV3 is not set
@@ -166,6 +167,7 @@ CONFIG_INFINIBAND_SRP=m
CONFIG_INFINIBAND_SRPT=m
CONFIG_INFINIBAND_USER_MAD=m
CONFIG_INFINIBAND_USER_ACCESS=m
+CONFIG_INFINIBAND_ON_DEMAND_PAGING=y
CONFIG_INFINIBAND_IPATH=m
CONFIG_INFINIBAND_ISER=m
CONFIG_INFINIBAND_ISERT=m
@@ -504,6 +506,7 @@ CONFIG_SCSI_BUSLOGIC=m
CONFIG_SCSI_INITIO=m
CONFIG_SCSI_FLASHPOINT=y
CONFIG_SCSI_DMX3191D=m
+CONFIG_SCSI_AM53C974=m
# CONFIG_SCSI_EATA is not set
# CONFIG_SCSI_EATA_PIO is not set
# CONFIG_SCSI_FUTURE_DOMAIN is not set
@@ -524,6 +527,7 @@ CONFIG_SCSI_SYM53C8XX_MMIO=y
CONFIG_SCSI_QLOGIC_1280=m
CONFIG_SCSI_DC395x=m
# CONFIG_SCSI_NSP32 is not set
+CONFIG_SCSI_WD719X=m
CONFIG_SCSI_DEBUG=m
CONFIG_SCSI_DC390T=m
CONFIG_SCSI_QLA_FC=m
@@ -761,6 +765,7 @@ CONFIG_IP_PIMSM_V2=y
CONFIG_SYN_COOKIES=y
CONFIG_NET_IPVTI=m
CONFIG_NET_FOU=m
+CONFIG_NET_FOU_IP_TUNNELS=y
CONFIG_GENEVE=m
CONFIG_INET_AH=m
CONFIG_INET_ESP=m
@@ -1027,6 +1032,9 @@ CONFIG_NFT_MASQ_IPV4=m
CONFIG_NFT_MASQ_IPV6=m
CONFIG_NFT_NAT=m
CONFIG_NFT_QUEUE=m
+CONFIG_NFT_REDIR=m
+CONFIG_NFT_REDIR_IPV4=m
+CONFIG_NFT_REDIR_IPV6=m
CONFIG_NFT_REJECT=m
CONFIG_NFT_COMPAT=m
@@ -1204,6 +1212,7 @@ CONFIG_NET_ACT_PEDIT=m
CONFIG_NET_ACT_POLICE=m
CONFIG_NET_ACT_SIMP=m
CONFIG_NET_ACT_SKBEDIT=m
+CONFIG_NET_ACT_VLAN=m
CONFIG_DCB=y
CONFIG_DNS_RESOLVER=m
@@ -1246,6 +1255,7 @@ CONFIG_DUMMY=m
CONFIG_BONDING=m
CONFIG_MACVLAN=m
CONFIG_MACVTAP=m
+CONFIG_IPVLAN=m
CONFIG_VXLAN=m
CONFIG_EQUALIZER=m
CONFIG_TUN=m
@@ -1486,6 +1496,9 @@ CONFIG_SH_ETH=m
CONFIG_NET_VENDOR_RDC=y
CONFIG_R6040=m
+CONFIG_NET_VENDOR_ROCKER=y
+CONFIG_ROCKER=m
+
# CONFIG_NET_VENDOR_SEEQ is not set
# CONFIG_NET_VENDOR_SAMSUNG is not set
@@ -1840,6 +1853,8 @@ CONFIG_IEEE802154_FAKELB=m
CONFIG_MAC802154=m
CONFIG_NET_MPLS_GSO=m
+CONFIG_NET_SWITCHDEV=y
+
CONFIG_6LOWPAN=m
#
@@ -1949,6 +1964,8 @@ CONFIG_WINBOND_FIR=m
# Bluetooth support
#
CONFIG_BT=m
+CONFIG_BT_BREDR=y
+CONFIG_BT_LE=y
CONFIG_BT_6LOWPAN=m
CONFIG_BT_SCO=y
CONFIG_BT_CMTP=m
@@ -2197,7 +2214,7 @@ CONFIG_KEYBOARD_ATKBD=y
# CONFIG_KEYBOARD_TCA6416 is not set
# CONFIG_KEYBOARD_TCA8418 is not set
# CONFIG_KEYBOARD_OMAP4 is not set
-# CONFIG_KEYBOARD_CAP1106 is not set
+# CONFIG_KEYBOARD_CAP11XX is not set
CONFIG_INPUT_MOUSE=y
CONFIG_MOUSE_PS2=y
# CONFIG_MOUSE_PS2_TOUCHKIT is not set
@@ -2210,6 +2227,9 @@ CONFIG_MOUSE_BCM5974=m
CONFIG_MOUSE_SYNAPTICS_I2C=m
CONFIG_MOUSE_SYNAPTICS_USB=m
CONFIG_MOUSE_CYAPA=m
+CONFIG_MOUSE_ELAN_I2C=m
+CONFIG_MOUSE_ELAN_I2C_I2C=y
+CONFIG_MOUSE_ELAN_I2C_SMBUS=y
CONFIG_INPUT_JOYSTICK=y
CONFIG_JOYSTICK_ANALOG=m
CONFIG_JOYSTICK_A3D=m
@@ -2252,6 +2272,7 @@ CONFIG_TOUCHSCREEN_DYNAPRO=m
CONFIG_TOUCHSCREEN_EDT_FT5X06=m
CONFIG_TOUCHSCREEN_EETI=m
CONFIG_TOUCHSCREEN_EGALAX=m
+CONFIG_TOUCHSCREEN_ELAN=m
CONFIG_TOUCHSCREEN_ELO=m
CONFIG_TOUCHSCREEN_FUJITSU=m
CONFIG_TOUCHSCREEN_GUNZE=m
@@ -2460,6 +2481,8 @@ CONFIG_I2C_PCA_PLATFORM=m
# CONFIG_I2C_SIS96X is not set
CONFIG_I2C_SIMTEC=m
CONFIG_I2C_STUB=m
+CONFIG_I2C_SLAVE=y
+CONFIG_I2C_SLAVE_EEPROM=m
CONFIG_I2C_TINY_USB=m
# CONFIG_I2C_TAOS_EVM is not set
# CONFIG_I2C_VIA is not set
@@ -2542,6 +2565,7 @@ CONFIG_SENSORS_MAX6697=m
CONFIG_SENSORS_MCP3021=m
CONFIG_SENSORS_NCT6775=m
CONFIG_SENSORS_NCT6683=m
+CONFIG_SENSORS_NCT7802=m
CONFIG_SENSORS_NTC_THERMISTOR=m
CONFIG_SENSORS_PC87360=m
CONFIG_SENSORS_PC87427=m
@@ -2682,6 +2706,7 @@ CONFIG_HID_SENSOR_DEVICE_ROTATION=m
# CONFIG_MAG3110 is not set
# CONFIG_TMP006 is not set
# CONFIG_MLX90614 is not set
+# CONFIG_BMP280 is not set
# CONFIG_HID_SENSOR_PRESS is not set
# CONFIG_IIO_ST_PRESS is not set
# CONFIG_KXSD9 is not set
@@ -2720,6 +2745,7 @@ CONFIG_HID_SENSOR_DEVICE_ROTATION=m
# CONFIG_MPL3115 is not set
# CONFIG_MPL115 is not set
# CONFIG_SI7005 is not set
+# CONFIG_SI7020 is not set
# CONFIG_AS3935 is not set
CONFIG_KXCJK1013=m
# CONFIG_ISL29125 is not set
@@ -2815,6 +2841,7 @@ CONFIG_IPMI_DEVICE_INTERFACE=m
CONFIG_IPMI_WATCHDOG=m
CONFIG_IPMI_SI=m
# CONFIG_IPMI_SI_PROBE_DEFAULTS is not set
+CONFIG_IPMI_SSIF=m
CONFIG_IPMI_POWEROFF=m
#
@@ -2885,6 +2912,7 @@ CONFIG_RTC_DRV_DS1553=m
CONFIG_RTC_DRV_DS1672=m
CONFIG_RTC_DRV_DS1742=m
CONFIG_RTC_DRV_DS1374=m
+CONFIG_RTC_DRV_DS1374_WDT=y
# CONFIG_RTC_DRV_EP93XX is not set
CONFIG_RTC_DRV_FM3130=m
# CONFIG_RTC_DRV_HYM8563 is not set
@@ -2987,6 +3015,7 @@ CONFIG_DRM_NOUVEAU=m
CONFIG_NOUVEAU_DEBUG=5
CONFIG_NOUVEAU_DEBUG_DEFAULT=3
CONFIG_DRM_NOUVEAU_BACKLIGHT=y
+CONFIG_DRM_I2C_ADV7511=m
CONFIG_DRM_I2C_CH7006=m
CONFIG_DRM_I2C_SIL164=m
CONFIG_DRM_I2C_NXP_TDA998X=m
@@ -3169,6 +3198,7 @@ CONFIG_DVB_DM1105=m
CONFIG_DVB_FIREDTV=m
CONFIG_DVB_NGENE=m
CONFIG_DVB_DDBRIDGE=m
+CONFIG_DVB_SMIPCIE=m
CONFIG_DVB_USB_TECHNISAT_USB2=m
CONFIG_DVB_USB_V2=m
@@ -3259,6 +3289,7 @@ CONFIG_IR_REDRAT3=m
CONFIG_IR_ENE=m
CONFIG_IR_STREAMZAP=m
CONFIG_IR_WINBOND_CIR=m
+CONFIG_IR_IGORPLUGUSB=m
CONFIG_IR_IGUANA=m
CONFIG_IR_TTUSBIR=m
CONFIG_IR_GPIO_CIR=m
@@ -3534,6 +3565,7 @@ CONFIG_SND_FIREWIRE_SPEAKERS=m
CONFIG_SND_ISIGHT=m
CONFIG_SND_SCS1X=m
CONFIG_SND_DICE=m
+CONFIG_SND_OXFW=m
CONFIG_SND_FIREWORKS=m
# CONFIG_SND_BEBOB is not set
@@ -3631,6 +3663,7 @@ CONFIG_UHID=m
CONFIG_HID_PID=y
CONFIG_LOGITECH_FF=y
CONFIG_HID_LOGITECH_DJ=m
+CONFIG_HID_LOGITECH_HIDPP=m
CONFIG_LOGIRUMBLEPAD2_FF=y
CONFIG_PANTHERLORD_FF=y
CONFIG_THRUSTMASTER_FF=y
@@ -3646,6 +3679,7 @@ CONFIG_LOGIWHEELS_FF=y
CONFIG_HID_MAGICMOUSE=y
CONFIG_HID_MULTITOUCH=m
CONFIG_HID_NTRIG=y
+CONFIG_HID_PLANTRONICS=m
CONFIG_HID_PRIMAX=m
CONFIG_HID_PRODIKEYS=m
CONFIG_HID_DRAGONRISE=m
@@ -4039,7 +4073,9 @@ CONFIG_MFD_VIPERBOARD=m
# CONFIG_MFD_TPS65912 is not set
# CONFIG_MFD_SYSCON is not set
# CONFIG_MFD_DA9063 is not set
+# CONFIG_MFD_DLN2 is not set
# CONFIG_MFD_LP3943 is not set
+# CONFIG_MFD_ATMEL_HLCDC is not set
# CONFIG_MFD_BCM590XX is not set
# CONFIG_MFD_TPS65218 is not set
# CONFIG_MFD_WM831X_SPI is not set
@@ -4169,6 +4205,7 @@ CONFIG_CRAMFS=m
CONFIG_SQUASHFS=m
CONFIG_SQUASHFS_XATTR=y
CONFIG_SQUASHFS_LZO=y
+CONFIG_SQUASHFS_LZ4=y
CONFIG_SQUASHFS_XZ=y
CONFIG_SQUASHFS_ZLIB=y
# CONFIG_SQUASHFS_4K_DEVBLK_SIZE is not set
@@ -4578,6 +4615,19 @@ CONFIG_ZLIB_INFLATE=y
CONFIG_ZLIB_DEFLATE=m
CONFIG_INITRAMFS_SOURCE=""
+
+# These were all enabled by default before 3.19 made them individually
+# selectable. Possibly look at enabling only the one(s) Fedora actually
+# uses.
+CONFIG_RD_GZIP=y
+CONFIG_RD_BZIP2=y
+CONFIG_RD_LZMA=y
+CONFIG_RD_XZ=y
+CONFIG_RD_LZO=y
+CONFIG_RD_LZ4=y
+
+CONFIG_INIT_FALLBACK=y
+
CONFIG_KEYS=y
CONFIG_PERSISTENT_KEYRINGS=y
CONFIG_BIG_KEYS=y
@@ -4766,6 +4816,7 @@ CONFIG_LEDS_DELL_NETBOOKS=m
# CONFIG_LEDS_OT200 is not set
# CONFIG_LEDS_PWM is not set
# CONFIG_LEDS_LP8501 is not set
+# CONFIG_LEDS_LP8860 is not set
# CONFIG_LEDS_PCA963X is not set
# CONFIG_LEDS_SYSCON is not set
CONFIG_LEDS_TRIGGERS=y
@@ -4963,10 +5014,12 @@ CONFIG_GPIOLIB=y
# CONFIG_PINCONF is not set
CONFIG_NET_DSA=m
+CONFIG_NET_DSA_HWMON=y
CONFIG_NET_DSA_MV88E6060=m
CONFIG_NET_DSA_MV88E6131=m
CONFIG_NET_DSA_MV88E6123_61_65=m
CONFIG_NET_DSA_MV88E6171=m
+CONFIG_NET_DSA_MV88E6352=m
CONFIG_NET_DSA_BCM_SF2=m
# Used by Maemo, we don't care.
@@ -5061,6 +5114,10 @@ CONFIG_USBIP_HOST=m
# CONFIG_GS_FPGABOOT is not set
# CONFIG_UNISYSSPAR is not set
# CONFIG_MEDIA_TUNER_MSI001 is not set
+# CONFIG_COMMON_CLK_XLNX_CLKWZRD is not set
+# CONFIG_VIDEO_SAA7191 is not set
+# CONFIG_DVB_MN88472 is not set
+# CONFIG_DVB_MN88473 is not set
# END OF STAGING
#
diff --git a/config-nodebug b/config-nodebug
index ed6913376..7318cff41 100644
--- a/config-nodebug
+++ b/config-nodebug
@@ -35,6 +35,8 @@ CONFIG_CPUMASK_OFFSTACK=y
# CONFIG_DEBUG_SG is not set
# CONFIG_DEBUG_PI_LIST is not set
+# CONFIG_PAGE_EXTENSION is not set
+# CONFIG_PAGE_OWNER is not set
# CONFIG_DEBUG_PAGEALLOC is not set
# CONFIG_DEBUG_OBJECTS is not set
@@ -45,6 +47,7 @@ CONFIG_CPUMASK_OFFSTACK=y
CONFIG_DEBUG_OBJECTS_ENABLE_DEFAULT=1
# CONFIG_X86_PTDUMP is not set
+# CONFIG_ARM64_PTDUMP is not set
# CONFIG_EFI_PGT_DUMP is not set
# CONFIG_CAN_DEBUG_DEVICES is not set
diff --git a/config-powerpc-generic b/config-powerpc-generic
index ce4da577f..30b071898 100644
--- a/config-powerpc-generic
+++ b/config-powerpc-generic
@@ -306,6 +306,7 @@ CONFIG_SERIAL_GRLIB_GAISLER_APBUART=m
# CONFIG_MFD_AAT2870_CORE is not set
# CONFIG_GPIO_SCH is not set
+# CONFIG_GPIO_74XX_MMIO is not set
# CONFIG_PPC_MPC512x is not set
# CONFIG_RTC_DRV_MPC5121 is not set
@@ -330,6 +331,7 @@ CONFIG_I2C_MPC=m
# CONFIG_NET_VENDOR_TOSHIBA is not set
# CONFIG_CPU_IDLE is not set
+# CONFIG_OF_UNITTEST is not set
# CONFIG_OF_SELFTEST is not set
# CONFIG_TOUCHSCREEN_AUO_PIXCIR is not set
# CONFIG_INPUT_GP2A is not set
diff --git a/config-powerpc64 b/config-powerpc64
index 49b4f2e70..5d9d29b22 100644
--- a/config-powerpc64
+++ b/config-powerpc64
@@ -15,6 +15,7 @@ CONFIG_PPC_POWERNV_RTAS=y
CONFIG_SENSORS_IBMPOWERNV=y
CONFIG_HW_RANDOM_POWERNV=m
CONFIG_POWERNV_CPUFREQ=m
+CONFIG_IPMI_POWERNV=m
CONFIG_SCOM_DEBUGFS=y
# CONFIG_PPC_PASEMI is not set
# CONFIG_PPC_PASEMI_IOMMU_DMA_FORCE is not set
@@ -165,6 +166,9 @@ CONFIG_HW_RANDOM_AMD=m
CONFIG_UIO_PDRV=m
+CONFIG_I2C_OPAL=m
+CONFIG_RTC_DRV_OPAL=m
+
CONFIG_HW_RANDOM_PSERIES=m
CONFIG_CRYPTO_DEV_NX=y
CONFIG_CRYPTO_842=m
diff --git a/config-powerpc64p7 b/config-powerpc64p7
index 6a5e1c6d9..eabb28c6e 100644
--- a/config-powerpc64p7
+++ b/config-powerpc64p7
@@ -10,6 +10,7 @@ CONFIG_PPC_POWERNV_RTAS=y
CONFIG_HW_RANDOM_POWERNV=m
CONFIG_SENSORS_IBMPOWERNV=y
CONFIG_POWERNV_CPUFREQ=m
+CONFIG_IPMI_POWERNV=m
CONFIG_SCOM_DEBUGFS=y
# CONFIG_PPC_PASEMI is not set
# CONFIG_PPC_PASEMI_IOMMU_DMA_FORCE is not set
@@ -155,6 +156,9 @@ CONFIG_HW_RANDOM_AMD=m
CONFIG_UIO_PDRV=m
+CONFIG_I2C_OPAL=m
+CONFIG_RTC_DRV_OPAL=m
+
CONFIG_HW_RANDOM_PSERIES=m
CONFIG_CRYPTO_DEV_NX=y
CONFIG_CRYPTO_842=m
diff --git a/config-s390x b/config-s390x
index 9534f51be..cc9fd0e38 100644
--- a/config-s390x
+++ b/config-s390x
@@ -63,6 +63,7 @@ CONFIG_SCLP_VT220_TTY=y
CONFIG_SCLP_VT220_CONSOLE=y
CONFIG_SCLP_CPI=m
CONFIG_SCLP_ASYNC=m
+CONFIG_SCLP_ASYNC_ID="000000000"
CONFIG_S390_TAPE=m
CONFIG_S390_TAPE_3590=m
diff --git a/config-x86-32-generic b/config-x86-32-generic
index 5daa9b8a3..bdf1b753a 100644
--- a/config-x86-32-generic
+++ b/config-x86-32-generic
@@ -197,6 +197,7 @@ CONFIG_BACKLIGHT_PWM=m
# CONFIG_EDAC_SBRIDGE is not set
+# CONFIG_OF_UNITTEST is not set
# CONFIG_OF_SELFTEST is not set
# CONFIG_TOUCHSCREEN_AUO_PIXCIR is not set
# CONFIG_INPUT_GP2A is not set
@@ -206,6 +207,7 @@ CONFIG_BACKLIGHT_PWM=m
# CONFIG_MDIO_BUS_MUX_GPIO is not set
# CONFIG_MDIO_BUS_MUX_MMIOREG is not set
# CONFIG_GPIO_SODAVILLE is not set
+# CONFIG_GPIO_74XX_MMIO is not set
# CONFIG_BACKLIGHT_OT200 is not set
# CONFIG_MLX5_INFINIBAND is not set
diff --git a/config-x86-generic b/config-x86-generic
index 88347fede..9a69726d1 100644
--- a/config-x86-generic
+++ b/config-x86-generic
@@ -34,6 +34,10 @@ CONFIG_MTRR_SANITIZER_SPARE_REG_NR_DEFAULT=1
CONFIG_X86_PAT=y
CONFIG_X86_PM_TIMER=y
+# This requires changes to binutils and the compiler. Plus you can't actually
+# buy hardware with MPX yet. So... leave it off until all of that seems set.
+# CONFIG_X86_INTEL_MPX is not set
+
CONFIG_EFI=y
CONFIG_EFI_STUB=y
# CONFIG_EFI_MIXED is not set
@@ -99,6 +103,8 @@ CONFIG_ACPI_CUSTOM_METHOD=m
CONFIG_ACPI_BGRT=y
# CONFIG_ACPI_EXTLOG is not set
+# CONFIG_PMIC_OPREGION is not set
+
CONFIG_X86_INTEL_PSTATE=y
CONFIG_X86_ACPI_CPUFREQ=m
CONFIG_X86_ACPI_CPUFREQ_CPB=y
@@ -166,6 +172,8 @@ CONFIG_DCDBAS=m
CONFIG_EDAC=y
CONFIG_EDAC_MM_EDAC=m
+# CONFIG_EDAC_AMD64_ERROR_INJECTION is not set
+CONFIG_EDAC_AMD64=m
CONFIG_EDAC_AMD76X=m
CONFIG_EDAC_AMD8111=m
CONFIG_EDAC_AMD8131=m
@@ -488,6 +496,7 @@ CONFIG_PWM_LPSS_PCI=m
CONFIG_PWM_LPSS_PLATFORM=m
CONFIG_PINCTRL=y
CONFIG_PINCTRL_BAYTRAIL=y
+CONFIG_PINCTRL_CHERRYVIEW=m
# CONFIG_INTEL_POWERCLAMP is not set
CONFIG_X86_PKG_TEMP_THERMAL=m
diff --git a/config-x86_64-generic b/config-x86_64-generic
index 89b7070ef..3a2ef08b2 100644
--- a/config-x86_64-generic
+++ b/config-x86_64-generic
@@ -177,6 +177,8 @@ CONFIG_SFC_MTD=y
# Override MTD stuff because SFC_MTD needs it
CONFIG_MTD_BLOCK=m
+CONFIG_HSA_AMD=m
+
CONFIG_NO_HZ_FULL=y
# CONFIG_NO_HZ_IDLE is not set
# CONFIG_NO_HZ_FULL_ALL is not set
diff --git a/crash-driver.patch b/crash-driver.patch
index 5a8fa876f..c9a99b8e2 100644
--- a/crash-driver.patch
+++ b/crash-driver.patch
@@ -240,10 +240,10 @@ index 000000000000..552be5e2c571
+
+#endif /* _S390_CRASH_H */
diff --git a/arch/s390/mm/maccess.c b/arch/s390/mm/maccess.c
-index 2a2e35416d2f..a529181429bb 100644
+index 2eb34bdfc613..11ce5c98462c 100644
--- a/arch/s390/mm/maccess.c
+++ b/arch/s390/mm/maccess.c
-@@ -193,6 +193,7 @@ void *xlate_dev_mem_ptr(unsigned long addr)
+@@ -193,6 +193,7 @@ void *xlate_dev_mem_ptr(phys_addr_t addr)
put_online_cpus();
return bounce;
}
@@ -251,7 +251,7 @@ index 2a2e35416d2f..a529181429bb 100644
/*
* Free converted buffer for /dev/mem access (if necessary)
-@@ -202,3 +203,4 @@ void unxlate_dev_mem_ptr(unsigned long addr, void *buf)
+@@ -202,3 +203,4 @@ void unxlate_dev_mem_ptr(phys_addr_t addr, void *buf)
if ((void *) addr != buf)
free_page((unsigned long) buf);
}
diff --git a/criu-no-expert.patch b/criu-no-expert.patch
index 11d3c87d5..2e7ca9138 100644
--- a/criu-no-expert.patch
+++ b/criu-no-expert.patch
@@ -9,10 +9,10 @@ Upstream-status: Fedora mustard
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/init/Kconfig b/init/Kconfig
-index 9ef459bb44b2..cc096e258a4a 100644
+index dac9ed0f01f7..31a29fe7c555 100644
--- a/init/Kconfig
+++ b/init/Kconfig
-@@ -1149,7 +1149,7 @@ config DEBUG_BLK_CGROUP
+@@ -1128,7 +1128,7 @@ config DEBUG_BLK_CGROUP
endif # CGROUPS
config CHECKPOINT_RESTORE
@@ -21,7 +21,7 @@ index 9ef459bb44b2..cc096e258a4a 100644
default n
help
Enables additional kernel features in a sake of checkpoint/restore.
-@@ -1160,7 +1160,7 @@ config CHECKPOINT_RESTORE
+@@ -1139,7 +1139,7 @@ config CHECKPOINT_RESTORE
If unsure, say N here.
menuconfig NAMESPACES
diff --git a/disable-i8042-check-on-apple-mac.patch b/disable-i8042-check-on-apple-mac.patch
index 8516532a8..0ada396a4 100644
--- a/disable-i8042-check-on-apple-mac.patch
+++ b/disable-i8042-check-on-apple-mac.patch
@@ -17,10 +17,10 @@ Signed-off-by: Bastien Nocera <hadess@hadess.net>
1 file changed, 22 insertions(+)
diff --git a/drivers/input/serio/i8042.c b/drivers/input/serio/i8042.c
-index 9bb95eab6926..4b5015f27f9e 100644
+index f91ed715b604..d64498a0d473 100644
--- a/drivers/input/serio/i8042.c
+++ b/drivers/input/serio/i8042.c
-@@ -1471,6 +1471,22 @@ static struct platform_driver i8042_driver = {
+@@ -1470,6 +1470,22 @@ static struct platform_driver i8042_driver = {
.shutdown = i8042_shutdown,
};
@@ -43,7 +43,7 @@ index 9bb95eab6926..4b5015f27f9e 100644
static int __init i8042_init(void)
{
struct platform_device *pdev;
-@@ -1478,6 +1494,12 @@ static int __init i8042_init(void)
+@@ -1477,6 +1493,12 @@ static int __init i8042_init(void)
dbg_init();
diff --git a/dm-cache-dirty-flag-was-mistakenly-being-cleared-whe.patch b/dm-cache-dirty-flag-was-mistakenly-being-cleared-whe.patch
deleted file mode 100644
index e64136a27..000000000
--- a/dm-cache-dirty-flag-was-mistakenly-being-cleared-whe.patch
+++ /dev/null
@@ -1,42 +0,0 @@
-From: Joe Thornber <ejt@redhat.com>
-Date: Thu, 27 Nov 2014 12:26:46 +0000
-Subject: [PATCH] dm cache: dirty flag was mistakenly being cleared when
- promoting via overwrite
-
-If the incoming bio is a WRITE and completely covers a block then we
-don't bother to do any copying for a promotion operation. Once this is
-done the cache block and origin block will be different, so we need to
-set it to 'dirty'.
-
-Signed-off-by: Joe Thornber <ejt@redhat.com>
-Signed-off-by: Mike Snitzer <snitzer@redhat.com>
-Cc: stable@vger.kernel.org
----
- drivers/md/dm-cache-target.c | 10 +++++++---
- 1 file changed, 7 insertions(+), 3 deletions(-)
-
-diff --git a/drivers/md/dm-cache-target.c b/drivers/md/dm-cache-target.c
-index 6f7086355691..387b93d81138 100644
---- a/drivers/md/dm-cache-target.c
-+++ b/drivers/md/dm-cache-target.c
-@@ -951,10 +951,14 @@ static void migration_success_post_commit(struct dm_cache_migration *mg)
- }
-
- } else {
-- clear_dirty(cache, mg->new_oblock, mg->cblock);
-- if (mg->requeue_holder)
-+ if (mg->requeue_holder) {
-+ clear_dirty(cache, mg->new_oblock, mg->cblock);
- cell_defer(cache, mg->new_ocell, true);
-- else {
-+ } else {
-+ /*
-+ * The block was promoted via an overwrite, so it's dirty.
-+ */
-+ set_dirty(cache, mg->new_oblock, mg->cblock);
- bio_endio(mg->new_ocell->holder, 0);
- cell_defer(cache, mg->new_ocell, false);
- }
---
-2.1.0
-
diff --git a/dm-cache-fix-spurious-cell_defer-when-dealing-with-p.patch b/dm-cache-fix-spurious-cell_defer-when-dealing-with-p.patch
deleted file mode 100644
index 05a6ebdca..000000000
--- a/dm-cache-fix-spurious-cell_defer-when-dealing-with-p.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From: Joe Thornber <ejt@redhat.com>
-Date: Fri, 28 Nov 2014 09:48:25 +0000
-Subject: [PATCH] dm cache: fix spurious cell_defer when dealing with partial
- block at end of device
-
-We never bother caching a partial block that is at the back end of the
-origin device. No cell ever gets locked, but the calling code was
-assuming it was and trying to release it.
-
-Now the code only releases if the cell has been set to a non NULL
-value.
-
-Signed-off-by: Joe Thornber <ejt@redhat.com>
-Signed-off-by: Mike Snitzer <snitzer@redhat.com>
-Cc: stable@vger.kernel.org
----
- drivers/md/dm-cache-target.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/drivers/md/dm-cache-target.c b/drivers/md/dm-cache-target.c
-index 387b93d81138..da496cfb458d 100644
---- a/drivers/md/dm-cache-target.c
-+++ b/drivers/md/dm-cache-target.c
-@@ -2554,11 +2554,11 @@ static int __cache_map(struct cache *cache, struct bio *bio, struct dm_bio_priso
- static int cache_map(struct dm_target *ti, struct bio *bio)
- {
- int r;
-- struct dm_bio_prison_cell *cell;
-+ struct dm_bio_prison_cell *cell = NULL;
- struct cache *cache = ti->private;
-
- r = __cache_map(cache, bio, &cell);
-- if (r == DM_MAPIO_REMAPPED) {
-+ if (r == DM_MAPIO_REMAPPED && cell) {
- inc_ds(cache, bio, cell);
- cell_defer(cache, cell, false);
- }
---
-2.1.0
-
diff --git a/dm-cache-only-use-overwrite-optimisation-for-promoti.patch b/dm-cache-only-use-overwrite-optimisation-for-promoti.patch
deleted file mode 100644
index 12a79113d..000000000
--- a/dm-cache-only-use-overwrite-optimisation-for-promoti.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From: Joe Thornber <ejt@redhat.com>
-Date: Thu, 27 Nov 2014 12:21:08 +0000
-Subject: [PATCH] dm cache: only use overwrite optimisation for promotion when
- in writeback mode
-
-Overwrite causes the cache block and origin blocks to diverge, which
-is only allowed in writeback mode.
-
-Signed-off-by: Joe Thornber <ejt@redhat.com>
-Signed-off-by: Mike Snitzer <snitzer@redhat.com>
-Cc: stable@vger.kernel.org
----
- drivers/md/dm-cache-target.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/drivers/md/dm-cache-target.c b/drivers/md/dm-cache-target.c
-index 7130505c2425..6f7086355691 100644
---- a/drivers/md/dm-cache-target.c
-+++ b/drivers/md/dm-cache-target.c
-@@ -1070,7 +1070,8 @@ static void issue_copy(struct dm_cache_migration *mg)
-
- avoid = is_discarded_oblock(cache, mg->new_oblock);
-
-- if (!avoid && bio_writes_complete_block(cache, bio)) {
-+ if (writeback_mode(&cache->features) &&
-+ !avoid && bio_writes_complete_block(cache, bio)) {
- issue_overwrite(mg, bio);
- return;
- }
---
-2.1.0
-
diff --git a/drm-i915-hush-check-crtc-state.patch b/drm-i915-hush-check-crtc-state.patch
index 0a76d10c1..329b59843 100644
--- a/drm-i915-hush-check-crtc-state.patch
+++ b/drm-i915-hush-check-crtc-state.patch
@@ -14,10 +14,10 @@ Upstream-status: http://lists.freedesktop.org/archives/intel-gfx/2013-November/0
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/gpu/drm/i915/intel_display.c b/drivers/gpu/drm/i915/intel_display.c
-index 9cb5c95d5898..edf0d4b78d68 100644
+index fb3e3d429191..49e5d5f9fbe5 100644
--- a/drivers/gpu/drm/i915/intel_display.c
+++ b/drivers/gpu/drm/i915/intel_display.c
-@@ -10965,7 +10965,7 @@ check_crtc_state(struct drm_device *dev)
+@@ -10869,7 +10869,7 @@ check_crtc_state(struct drm_device *dev)
if (active &&
!intel_pipe_config_compare(dev, &crtc->config, &pipe_config)) {
diff --git a/efi-Add-EFI_SECURE_BOOT-bit.patch b/efi-Add-EFI_SECURE_BOOT-bit.patch
index f6cc658f7..ef1733bb3 100644
--- a/efi-Add-EFI_SECURE_BOOT-bit.patch
+++ b/efi-Add-EFI_SECURE_BOOT-bit.patch
@@ -12,10 +12,10 @@ Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org>
2 files changed, 3 insertions(+)
diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
-index f4eb99432db1..bc31a43b31a0 100644
+index 5d52d67d5097..b40d6174242f 100644
--- a/arch/x86/kernel/setup.c
+++ b/arch/x86/kernel/setup.c
-@@ -1152,7 +1152,9 @@ void __init setup_arch(char **cmdline_p)
+@@ -1154,7 +1154,9 @@ void __init setup_arch(char **cmdline_p)
#ifdef CONFIG_EFI_SECURE_BOOT_SIG_ENFORCE
if (boot_params.secure_boot) {
@@ -26,10 +26,10 @@ index f4eb99432db1..bc31a43b31a0 100644
#endif
diff --git a/include/linux/efi.h b/include/linux/efi.h
-index 0949f9c7e872..130ba866a24a 100644
+index 0238d612750e..16ec1c00919d 100644
--- a/include/linux/efi.h
+++ b/include/linux/efi.h
-@@ -936,6 +936,7 @@ extern int __init efi_setup_pcdp_console(char *);
+@@ -940,6 +940,7 @@ extern int __init efi_setup_pcdp_console(char *);
#define EFI_64BIT 5 /* Is the firmware 64-bit? */
#define EFI_PARAVIRT 6 /* Access is via a paravirt interface */
#define EFI_ARCH_1 7 /* First arch-specific bit */
diff --git a/efi-Disable-secure-boot-if-shim-is-in-insecure-mode.patch b/efi-Disable-secure-boot-if-shim-is-in-insecure-mode.patch
index c9e629d62..2238eeda3 100644
--- a/efi-Disable-secure-boot-if-shim-is-in-insecure-mode.patch
+++ b/efi-Disable-secure-boot-if-shim-is-in-insecure-mode.patch
@@ -14,7 +14,7 @@ Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org>
1 file changed, 19 insertions(+), 1 deletion(-)
diff --git a/arch/x86/boot/compressed/eboot.c b/arch/x86/boot/compressed/eboot.c
-index 6da2da7ac9c3..ba3cf70c7d5a 100644
+index 2192da755e34..4b03911a502d 100644
--- a/arch/x86/boot/compressed/eboot.c
+++ b/arch/x86/boot/compressed/eboot.c
@@ -831,8 +831,9 @@ out:
diff --git a/efi-Make-EFI_SECURE_BOOT_SIG_ENFORCE-depend-on-EFI.patch b/efi-Make-EFI_SECURE_BOOT_SIG_ENFORCE-depend-on-EFI.patch
index 4d61ce91d..da1b53676 100644
--- a/efi-Make-EFI_SECURE_BOOT_SIG_ENFORCE-depend-on-EFI.patch
+++ b/efi-Make-EFI_SECURE_BOOT_SIG_ENFORCE-depend-on-EFI.patch
@@ -11,10 +11,10 @@ Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org>
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
-index 7b8969db8398..d1f4a3d88dfc 100644
+index d4c55ee9f1ac..88533b717d59 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
-@@ -1612,7 +1612,8 @@ config EFI_MIXED
+@@ -1657,7 +1657,8 @@ config EFI_MIXED
If unsure, say N.
config EFI_SECURE_BOOT_SIG_ENFORCE
diff --git a/groups-Consolidate-the-setgroups-permission-checks.patch b/groups-Consolidate-the-setgroups-permission-checks.patch
deleted file mode 100644
index e65ea2641..000000000
--- a/groups-Consolidate-the-setgroups-permission-checks.patch
+++ /dev/null
@@ -1,90 +0,0 @@
-From: "Eric W. Biederman" <ebiederm@xmission.com>
-Date: Fri, 5 Dec 2014 17:19:27 -0600
-Subject: [PATCH] groups: Consolidate the setgroups permission checks
-
-Today there are 3 instances of setgroups and due to an oversight their
-permission checking has diverged. Add a common function so that
-they may all share the same permission checking code.
-
-This corrects the current oversight in the current permission checks
-and adds a helper to avoid this in the future.
-
-A user namespace security fix will update this new helper, shortly.
-
-Cc: stable@vger.kernel.org
-Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
----
- arch/s390/kernel/compat_linux.c | 2 +-
- include/linux/cred.h | 1 +
- kernel/groups.c | 9 ++++++++-
- kernel/uid16.c | 2 +-
- 4 files changed, 11 insertions(+), 3 deletions(-)
-
-diff --git a/arch/s390/kernel/compat_linux.c b/arch/s390/kernel/compat_linux.c
-index ca38139423ae..437e61159279 100644
---- a/arch/s390/kernel/compat_linux.c
-+++ b/arch/s390/kernel/compat_linux.c
-@@ -249,7 +249,7 @@ COMPAT_SYSCALL_DEFINE2(s390_setgroups16, int, gidsetsize, u16 __user *, grouplis
- struct group_info *group_info;
- int retval;
-
-- if (!capable(CAP_SETGID))
-+ if (!may_setgroups())
- return -EPERM;
- if ((unsigned)gidsetsize > NGROUPS_MAX)
- return -EINVAL;
-diff --git a/include/linux/cred.h b/include/linux/cred.h
-index b2d0820837c4..2fb2ca2127ed 100644
---- a/include/linux/cred.h
-+++ b/include/linux/cred.h
-@@ -68,6 +68,7 @@ extern void groups_free(struct group_info *);
- extern int set_current_groups(struct group_info *);
- extern void set_groups(struct cred *, struct group_info *);
- extern int groups_search(const struct group_info *, kgid_t);
-+extern bool may_setgroups(void);
-
- /* access the groups "array" with this macro */
- #define GROUP_AT(gi, i) \
-diff --git a/kernel/groups.c b/kernel/groups.c
-index 451698f86cfa..02d8a251c476 100644
---- a/kernel/groups.c
-+++ b/kernel/groups.c
-@@ -213,6 +213,13 @@ out:
- return i;
- }
-
-+bool may_setgroups(void)
-+{
-+ struct user_namespace *user_ns = current_user_ns();
-+
-+ return ns_capable(user_ns, CAP_SETGID);
-+}
-+
- /*
- * SMP: Our groups are copy-on-write. We can set them safely
- * without another task interfering.
-@@ -223,7 +230,7 @@ SYSCALL_DEFINE2(setgroups, int, gidsetsize, gid_t __user *, grouplist)
- struct group_info *group_info;
- int retval;
-
-- if (!ns_capable(current_user_ns(), CAP_SETGID))
-+ if (!may_setgroups())
- return -EPERM;
- if ((unsigned)gidsetsize > NGROUPS_MAX)
- return -EINVAL;
-diff --git a/kernel/uid16.c b/kernel/uid16.c
-index 602e5bbbceff..d58cc4d8f0d1 100644
---- a/kernel/uid16.c
-+++ b/kernel/uid16.c
-@@ -176,7 +176,7 @@ SYSCALL_DEFINE2(setgroups16, int, gidsetsize, old_gid_t __user *, grouplist)
- struct group_info *group_info;
- int retval;
-
-- if (!ns_capable(current_user_ns(), CAP_SETGID))
-+ if (!may_setgroups())
- return -EPERM;
- if ((unsigned)gidsetsize > NGROUPS_MAX)
- return -EINVAL;
---
-2.1.0
-
diff --git a/hibernate-Disable-in-a-signed-modules-environment.patch b/hibernate-Disable-in-a-signed-modules-environment.patch
index fa1d53a51..f1cc67935 100644
--- a/hibernate-Disable-in-a-signed-modules-environment.patch
+++ b/hibernate-Disable-in-a-signed-modules-environment.patch
@@ -13,18 +13,18 @@ Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org>
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/kernel/power/hibernate.c b/kernel/power/hibernate.c
-index 1f35a3478f3c..5e2472fc3dda 100644
+index 2329daae5255..48a8e82c7e2e 100644
--- a/kernel/power/hibernate.c
+++ b/kernel/power/hibernate.c
-@@ -28,6 +28,7 @@
- #include <linux/syscore_ops.h>
+@@ -29,6 +29,7 @@
#include <linux/ctype.h>
#include <linux/genhd.h>
+ #include <linux/ktime.h>
+#include <linux/module.h>
#include <trace/events/power.h>
#include "power.h"
-@@ -65,7 +66,7 @@ static const struct platform_hibernation_ops *hibernation_ops;
+@@ -66,7 +67,7 @@ static const struct platform_hibernation_ops *hibernation_ops;
bool hibernation_available(void)
{
diff --git a/input-kill-stupid-messages.patch b/input-kill-stupid-messages.patch
index 5b9c3d923..fe01d3a75 100644
--- a/input-kill-stupid-messages.patch
+++ b/input-kill-stupid-messages.patch
@@ -9,7 +9,7 @@ Upstream-status: Fedora mustard
1 file changed, 4 insertions(+)
diff --git a/drivers/input/keyboard/atkbd.c b/drivers/input/keyboard/atkbd.c
-index 6f5d79569136..95469f6ecfa5 100644
+index e27a25892db4..9ab0a86cc03d 100644
--- a/drivers/input/keyboard/atkbd.c
+++ b/drivers/input/keyboard/atkbd.c
@@ -436,11 +436,15 @@ static irqreturn_t atkbd_interrupt(struct serio *serio, unsigned char data,
diff --git a/input-silence-i8042-noise.patch b/input-silence-i8042-noise.patch
index dcfee1e6d..fa40d1b88 100644
--- a/input-silence-i8042-noise.patch
+++ b/input-silence-i8042-noise.patch
@@ -29,7 +29,7 @@ index 9717d5f20139..a3101d2fd936 100644
if (dev->parent && dev->parent->power.is_prepared)
dev_warn(dev, "parent %s should not be sleeping\n",
diff --git a/drivers/input/serio/i8042.c b/drivers/input/serio/i8042.c
-index f5a98af3b325..9bb95eab6926 100644
+index 924e4bf357fb..f91ed715b604 100644
--- a/drivers/input/serio/i8042.c
+++ b/drivers/input/serio/i8042.c
@@ -857,7 +857,6 @@ static int __init i8042_check_aux(void)
@@ -41,10 +41,10 @@ index f5a98af3b325..9bb95eab6926 100644
}
diff --git a/net/can/af_can.c b/net/can/af_can.c
-index ce82337521f6..a3fee4becc93 100644
+index 66e08040ced7..5268a601f406 100644
--- a/net/can/af_can.c
+++ b/net/can/af_can.c
-@@ -158,13 +158,9 @@ static int can_create(struct net *net, struct socket *sock, int protocol,
+@@ -155,13 +155,9 @@ static int can_create(struct net *net, struct socket *sock, int protocol,
err = request_module("can-proto-%d", protocol);
/*
diff --git a/isofs-Fix-infinite-looping-over-CE-entries.patch b/isofs-Fix-infinite-looping-over-CE-entries.patch
deleted file mode 100644
index bff25ac27..000000000
--- a/isofs-Fix-infinite-looping-over-CE-entries.patch
+++ /dev/null
@@ -1,54 +0,0 @@
-From: Jan Kara <jack@suse.cz>
-Date: Mon, 15 Dec 2014 14:22:46 +0100
-Subject: [PATCH] isofs: Fix infinite looping over CE entries
-
-Rock Ridge extensions define so called Continuation Entries (CE) which
-define where is further space with Rock Ridge data. Corrupted isofs
-image can contain arbitrarily long chain of these, including a one
-containing loop and thus causing kernel to end in an infinite loop when
-traversing these entries.
-
-Limit the traversal to 32 entries which should be more than enough space
-to store all the Rock Ridge data.
-
-Reported-by: P J P <ppandit@redhat.com>
-CC: stable@vger.kernel.org
-Signed-off-by: Jan Kara <jack@suse.cz>
----
- fs/isofs/rock.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/fs/isofs/rock.c b/fs/isofs/rock.c
-index f488bbae541a..bb63254ed848 100644
---- a/fs/isofs/rock.c
-+++ b/fs/isofs/rock.c
-@@ -30,6 +30,7 @@ struct rock_state {
- int cont_size;
- int cont_extent;
- int cont_offset;
-+ int cont_loops;
- struct inode *inode;
- };
-
-@@ -73,6 +74,9 @@ static void init_rock_state(struct rock_state *rs, struct inode *inode)
- rs->inode = inode;
- }
-
-+/* Maximum number of Rock Ridge continuation entries */
-+#define RR_MAX_CE_ENTRIES 32
-+
- /*
- * Returns 0 if the caller should continue scanning, 1 if the scan must end
- * and -ve on error.
-@@ -105,6 +109,8 @@ static int rock_continue(struct rock_state *rs)
- goto out;
- }
- ret = -EIO;
-+ if (++rs->cont_loops >= RR_MAX_CE_ENTRIES)
-+ goto out;
- bh = sb_bread(rs->inode->i_sb, rs->cont_extent);
- if (bh) {
- memcpy(rs->buffer, bh->b_data + rs->cont_offset,
---
-2.1.0
-
diff --git a/kernel.spec b/kernel.spec
index aaf648611..ff2c5f2fc 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -6,9 +6,9 @@ Summary: The Linux kernel
# For a stable, released kernel, released_kernel should be 1. For rawhide
# and/or a kernel built from an rc or git snapshot, released_kernel should
# be 0.
-%global released_kernel 1
+%global released_kernel 0
-%global aarch64patches 1
+%global aarch64patches 0
# Sign modules on x86. Make sure the config files match this setting if more
# architectures are added.
@@ -42,7 +42,7 @@ Summary: The Linux kernel
# For non-released -rc kernels, this will be appended after the rcX and
# gitX tags, so a 3 here would become part of release "0.rcX.gitX.3"
#
-%global baserelease 3
+%global baserelease 1
%global fedora_build %{baserelease}
# base_sublevel is the kernel version we're starting with and patching
@@ -54,7 +54,7 @@ Summary: The Linux kernel
%if 0%{?released_kernel}
# Do we have a -stable update to apply?
-%define stable_update 1
+%define stable_update 0
# Set rpm version accordingly
%if 0%{?stable_update}
%define stablerev %{stable_update}
@@ -67,7 +67,7 @@ Summary: The Linux kernel
# The next upstream release sublevel (base_sublevel+1)
%define upstream_sublevel %(echo $((%{base_sublevel} + 1)))
# The rc snapshot level
-%define rcrev 0
+%define rcrev 2
# The git snapshot level
%define gitrev 0
# Set rpm version accordingly
@@ -587,7 +587,6 @@ Patch21025: arm-dts-am335x-bone-common-add-uart2_pins-uart4_pins.patch
Patch21026: pinctrl-pinctrl-single-must-be-initialized-early.patch
Patch21028: arm-i.MX6-Utilite-device-dtb.patch
-Patch21029: arm-dts-sun7i-bananapi.patch
Patch21100: arm-highbank-l2-reverts.patch
@@ -610,58 +609,11 @@ Patch26058: asus-nb-wmi-Add-wapf4-quirk-for-the-X550VB.patch
#rhbz 1111138
Patch26059: i8042-Add-notimeout-quirk-for-Fujitsu-Lifebook-A544-.patch
-Patch26064: Input-add-driver-for-the-Goodix-touchpanel.patch
-
-#rhbz 1135338
-Patch26070: HID-add-support-for-MS-Surface-Pro-3-Type-Cover.patch
-
-#CVE-2014-8134 rhbz 1172765 1172769
-Patch26091: x86-kvm-Clear-paravirt_enabled-on-KVM-guests-for-esp.patch
-
#rhbz 1164945
Patch26092: xhci-Add-broken-streams-quirk-for-Fresco-Logic-FL100.patch
Patch26093: uas-Add-US_FL_NO_ATA_1X-for-Seagate-devices-with-usb.patch
Patch26094: uas-Add-US_FL_NO_REPORT_OPCODES-for-JMicron-JMS566-w.patch
-#rhbz 1172543
-Patch26096: cfg80211-don-t-WARN-about-two-consecutive-Country-IE.patch
-
-#CVE-2014-8133 rhbz 1172797 1174374
-Patch26100: x86-tls-Validate-TLS-entries-to-protect-espfix.patch
-
-#rhbz 1173806
-Patch26101: powerpc-powernv-force-all-CPUs-to-be-bootable.patch
-
-#CVE-2014-XXXX rhbz 1175235 1175250
-Patch26102: isofs-Fix-infinite-looping-over-CE-entries.patch
-
-#rhbz 1175261
-Patch26103: blk-mq-Fix-uninitialized-kobject-at-CPU-hotplugging.patch
-
-#rhbz 1168434
-Patch26104: dm-cache-only-use-overwrite-optimisation-for-promoti.patch
-Patch26105: dm-cache-dirty-flag-was-mistakenly-being-cleared-whe.patch
-Patch26106: dm-cache-fix-spurious-cell_defer-when-dealing-with-p.patch
-
-Patch26107: uapi-linux-target_core_user.h-fix-headers_install.sh.patch
-
-#mount fixes for stable
-Patch26108: mnt-Implicitly-add-MNT_NODEV-on-remount-when-it-was-.patch
-Patch26109: mnt-Update-unprivileged-remount-test.patch
-Patch26110: umount-Disallow-unprivileged-mount-force.patch
-
-#CVE-2014-8989 rhbz 1170684 1170688
-Patch26111: groups-Consolidate-the-setgroups-permission-checks.patch
-Patch26112: userns-Document-what-the-invariant-required-for-safe.patch
-Patch26113: userns-Don-t-allow-setgroups-until-a-gid-mapping-has.patch
-Patch26114: userns-Don-t-allow-unprivileged-creation-of-gid-mapp.patch
-Patch26115: userns-Check-euid-no-fsuid-when-establishing-an-unpr.patch
-Patch26116: userns-Only-allow-the-creator-of-the-userns-unprivil.patch
-Patch26117: userns-Rename-id_map_mutex-to-userns_state_mutex.patch
-Patch26118: userns-Add-a-knob-to-disable-setgroups-on-a-per-user.patch
-Patch26119: userns-Allow-setting-gid_maps-without-privilege-when.patch
-Patch26120: userns-Unbreak-the-unprivileged-remount-tests.patch
-
# git clone ssh://git.fedorahosted.org/git/kernel-arm64.git, git diff master...devel
Patch30000: kernel-arm64.patch
@@ -1251,7 +1203,6 @@ ApplyPatch arm-dts-am335x-bone-common-add-uart2_pins-uart4_pins.patch
ApplyPatch pinctrl-pinctrl-single-must-be-initialized-early.patch
ApplyPatch arm-i.MX6-Utilite-device-dtb.patch
-ApplyPatch arm-dts-sun7i-bananapi.patch
ApplyPatch arm-highbank-l2-reverts.patch
@@ -1380,58 +1331,11 @@ ApplyPatch asus-nb-wmi-Add-wapf4-quirk-for-the-X550VB.patch
#rhbz 1111138
ApplyPatch i8042-Add-notimeout-quirk-for-Fujitsu-Lifebook-A544-.patch
-ApplyPatch Input-add-driver-for-the-Goodix-touchpanel.patch
-
-#rhbz 1135338
-ApplyPatch HID-add-support-for-MS-Surface-Pro-3-Type-Cover.patch
-
-#CVE-2014-8134 rhbz 1172765 1172769
-ApplyPatch x86-kvm-Clear-paravirt_enabled-on-KVM-guests-for-esp.patch
-
#rhbz 1164945
ApplyPatch xhci-Add-broken-streams-quirk-for-Fresco-Logic-FL100.patch
ApplyPatch uas-Add-US_FL_NO_ATA_1X-for-Seagate-devices-with-usb.patch
ApplyPatch uas-Add-US_FL_NO_REPORT_OPCODES-for-JMicron-JMS566-w.patch
-#rhbz 1172543
-ApplyPatch cfg80211-don-t-WARN-about-two-consecutive-Country-IE.patch
-
-#CVE-2014-8133 rhbz 1172797 1174374
-ApplyPatch x86-tls-Validate-TLS-entries-to-protect-espfix.patch
-
-#rhbz 1173806
-ApplyPatch powerpc-powernv-force-all-CPUs-to-be-bootable.patch
-
-#CVE-2014-XXXX rhbz 1175235 1175250
-ApplyPatch isofs-Fix-infinite-looping-over-CE-entries.patch
-
-#rhbz 1175261
-ApplyPatch blk-mq-Fix-uninitialized-kobject-at-CPU-hotplugging.patch
-
-#rhbz 1168434
-ApplyPatch dm-cache-only-use-overwrite-optimisation-for-promoti.patch
-ApplyPatch dm-cache-dirty-flag-was-mistakenly-being-cleared-whe.patch
-ApplyPatch dm-cache-fix-spurious-cell_defer-when-dealing-with-p.patch
-
-ApplyPatch uapi-linux-target_core_user.h-fix-headers_install.sh.patch
-
-#mount fixes for stable
-ApplyPatch mnt-Implicitly-add-MNT_NODEV-on-remount-when-it-was-.patch
-ApplyPatch mnt-Update-unprivileged-remount-test.patch
-ApplyPatch umount-Disallow-unprivileged-mount-force.patch
-
-#CVE-2014-8989 rhbz 1170684 1170688
-ApplyPatch groups-Consolidate-the-setgroups-permission-checks.patch
-ApplyPatch userns-Document-what-the-invariant-required-for-safe.patch
-ApplyPatch userns-Don-t-allow-setgroups-until-a-gid-mapping-has.patch
-ApplyPatch userns-Don-t-allow-unprivileged-creation-of-gid-mapp.patch
-ApplyPatch userns-Check-euid-no-fsuid-when-establishing-an-unpr.patch
-ApplyPatch userns-Only-allow-the-creator-of-the-userns-unprivil.patch
-ApplyPatch userns-Rename-id_map_mutex-to-userns_state_mutex.patch
-ApplyPatch userns-Add-a-knob-to-disable-setgroups-on-a-per-user.patch
-ApplyPatch userns-Allow-setting-gid_maps-without-privilege-when.patch
-ApplyPatch userns-Unbreak-the-unprivileged-remount-tests.patch
-
%if 0%{?aarch64patches}
ApplyPatch kernel-arm64.patch
%ifnarch aarch64 # this is stupid, but i want to notice before secondary koji does.
@@ -2300,6 +2204,11 @@ fi
# ||----w |
# || ||
%changelog
+* Mon Jan 05 2015 Josh Boyer <jwboyer@fedoraproject.org>
+- Linux v3.19-rc2
+- Temporarily disable aarch64patches
+- Happy New Year
+
* Sun Dec 28 2014 Josh Boyer <jwboyer@fedoraproject.org>
- Enable F2FS (rhbz 972446)
diff --git a/kexec-Disable-at-runtime-if-the-kernel-enforces-modu.patch b/kexec-Disable-at-runtime-if-the-kernel-enforces-modu.patch
index eac51c600..d521c804d 100644
--- a/kexec-Disable-at-runtime-if-the-kernel-enforces-modu.patch
+++ b/kexec-Disable-at-runtime-if-the-kernel-enforces-modu.patch
@@ -13,7 +13,7 @@ Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
1 file changed, 8 insertions(+)
diff --git a/kernel/kexec.c b/kernel/kexec.c
-index 2abf9f6e9a61..417bd0599024 100644
+index 9a8a01abbaed..9a0ecbf14545 100644
--- a/kernel/kexec.c
+++ b/kernel/kexec.c
@@ -36,6 +36,7 @@
diff --git a/mnt-Implicitly-add-MNT_NODEV-on-remount-when-it-was-.patch b/mnt-Implicitly-add-MNT_NODEV-on-remount-when-it-was-.patch
deleted file mode 100644
index 0fff15128..000000000
--- a/mnt-Implicitly-add-MNT_NODEV-on-remount-when-it-was-.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-From: "Eric W. Biederman" <ebiederm@xmission.com>
-Date: Wed, 13 Aug 2014 01:33:38 -0700
-Subject: [PATCH] mnt: Implicitly add MNT_NODEV on remount when it was
- implicitly added by mount
-
-Now that remount is properly enforcing the rule that you can't remove
-nodev at least sandstorm.io is breaking when performing a remount.
-
-It turns out that there is an easy intuitive solution implicitly
-add nodev on remount when nodev was implicitly added on mount.
-
-Tested-by: Cedric Bosdonnat <cbosdonnat@suse.com>
-Tested-by: Richard Weinberger <richard@nod.at>
-Cc: stable@vger.kernel.org
-Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
----
- fs/namespace.c | 8 +++++++-
- 1 file changed, 7 insertions(+), 1 deletion(-)
-
-diff --git a/fs/namespace.c b/fs/namespace.c
-index 5b66b2b3624d..3a1a87dc33df 100644
---- a/fs/namespace.c
-+++ b/fs/namespace.c
-@@ -2098,7 +2098,13 @@ static int do_remount(struct path *path, int flags, int mnt_flags,
- }
- if ((mnt->mnt.mnt_flags & MNT_LOCK_NODEV) &&
- !(mnt_flags & MNT_NODEV)) {
-- return -EPERM;
-+ /* Was the nodev implicitly added in mount? */
-+ if ((mnt->mnt_ns->user_ns != &init_user_ns) &&
-+ !(sb->s_type->fs_flags & FS_USERNS_DEV_MOUNT)) {
-+ mnt_flags |= MNT_NODEV;
-+ } else {
-+ return -EPERM;
-+ }
- }
- if ((mnt->mnt.mnt_flags & MNT_LOCK_NOSUID) &&
- !(mnt_flags & MNT_NOSUID)) {
---
-2.1.0
-
diff --git a/mnt-Update-unprivileged-remount-test.patch b/mnt-Update-unprivileged-remount-test.patch
deleted file mode 100644
index 5913d8272..000000000
--- a/mnt-Update-unprivileged-remount-test.patch
+++ /dev/null
@@ -1,280 +0,0 @@
-From: "Eric W. Biederman" <ebiederm@xmission.com>
-Date: Fri, 22 Aug 2014 16:39:03 -0500
-Subject: [PATCH] mnt: Update unprivileged remount test
-
-- MNT_NODEV should be irrelevant except when reading back mount flags,
- no longer specify MNT_NODEV on remount.
-
-- Test MNT_NODEV on devpts where it is meaningful even for unprivileged mounts.
-
-- Add a test to verify that remount of a prexisting mount with the same flags
- is allowed and does not change those flags.
-
-- Cleanup up the definitions of MS_REC, MS_RELATIME, MS_STRICTATIME that are used
- when the code is built in an environment without them.
-
-- Correct the test error messages when tests fail. There were not 5 tests
- that tested MS_RELATIME.
-
-Cc: stable@vger.kernel.org
-Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
----
- .../selftests/mount/unprivileged-remount-test.c | 172 +++++++++++++++++----
- 1 file changed, 142 insertions(+), 30 deletions(-)
-
-diff --git a/tools/testing/selftests/mount/unprivileged-remount-test.c b/tools/testing/selftests/mount/unprivileged-remount-test.c
-index 1b3ff2fda4d0..9669d375625a 100644
---- a/tools/testing/selftests/mount/unprivileged-remount-test.c
-+++ b/tools/testing/selftests/mount/unprivileged-remount-test.c
-@@ -6,6 +6,8 @@
- #include <sys/types.h>
- #include <sys/mount.h>
- #include <sys/wait.h>
-+#include <sys/vfs.h>
-+#include <sys/statvfs.h>
- #include <stdlib.h>
- #include <unistd.h>
- #include <fcntl.h>
-@@ -32,11 +34,14 @@
- # define CLONE_NEWPID 0x20000000
- #endif
-
-+#ifndef MS_REC
-+# define MS_REC 16384
-+#endif
- #ifndef MS_RELATIME
--#define MS_RELATIME (1 << 21)
-+# define MS_RELATIME (1 << 21)
- #endif
- #ifndef MS_STRICTATIME
--#define MS_STRICTATIME (1 << 24)
-+# define MS_STRICTATIME (1 << 24)
- #endif
-
- static void die(char *fmt, ...)
-@@ -87,6 +92,45 @@ static void write_file(char *filename, char *fmt, ...)
- }
- }
-
-+static int read_mnt_flags(const char *path)
-+{
-+ int ret;
-+ struct statvfs stat;
-+ int mnt_flags;
-+
-+ ret = statvfs(path, &stat);
-+ if (ret != 0) {
-+ die("statvfs of %s failed: %s\n",
-+ path, strerror(errno));
-+ }
-+ if (stat.f_flag & ~(ST_RDONLY | ST_NOSUID | ST_NODEV | \
-+ ST_NOEXEC | ST_NOATIME | ST_NODIRATIME | ST_RELATIME | \
-+ ST_SYNCHRONOUS | ST_MANDLOCK)) {
-+ die("Unrecognized mount flags\n");
-+ }
-+ mnt_flags = 0;
-+ if (stat.f_flag & ST_RDONLY)
-+ mnt_flags |= MS_RDONLY;
-+ if (stat.f_flag & ST_NOSUID)
-+ mnt_flags |= MS_NOSUID;
-+ if (stat.f_flag & ST_NODEV)
-+ mnt_flags |= MS_NODEV;
-+ if (stat.f_flag & ST_NOEXEC)
-+ mnt_flags |= MS_NOEXEC;
-+ if (stat.f_flag & ST_NOATIME)
-+ mnt_flags |= MS_NOATIME;
-+ if (stat.f_flag & ST_NODIRATIME)
-+ mnt_flags |= MS_NODIRATIME;
-+ if (stat.f_flag & ST_RELATIME)
-+ mnt_flags |= MS_RELATIME;
-+ if (stat.f_flag & ST_SYNCHRONOUS)
-+ mnt_flags |= MS_SYNCHRONOUS;
-+ if (stat.f_flag & ST_MANDLOCK)
-+ mnt_flags |= ST_MANDLOCK;
-+
-+ return mnt_flags;
-+}
-+
- static void create_and_enter_userns(void)
- {
- uid_t uid;
-@@ -118,7 +162,8 @@ static void create_and_enter_userns(void)
- }
-
- static
--bool test_unpriv_remount(int mount_flags, int remount_flags, int invalid_flags)
-+bool test_unpriv_remount(const char *fstype, const char *mount_options,
-+ int mount_flags, int remount_flags, int invalid_flags)
- {
- pid_t child;
-
-@@ -151,9 +196,11 @@ bool test_unpriv_remount(int mount_flags, int remount_flags, int invalid_flags)
- strerror(errno));
- }
-
-- if (mount("testing", "/tmp", "ramfs", mount_flags, NULL) != 0) {
-- die("mount of /tmp failed: %s\n",
-- strerror(errno));
-+ if (mount("testing", "/tmp", fstype, mount_flags, mount_options) != 0) {
-+ die("mount of %s with options '%s' on /tmp failed: %s\n",
-+ fstype,
-+ mount_options? mount_options : "",
-+ strerror(errno));
- }
-
- create_and_enter_userns();
-@@ -181,62 +228,127 @@ bool test_unpriv_remount(int mount_flags, int remount_flags, int invalid_flags)
-
- static bool test_unpriv_remount_simple(int mount_flags)
- {
-- return test_unpriv_remount(mount_flags, mount_flags, 0);
-+ return test_unpriv_remount("ramfs", NULL, mount_flags, mount_flags, 0);
- }
-
- static bool test_unpriv_remount_atime(int mount_flags, int invalid_flags)
- {
-- return test_unpriv_remount(mount_flags, mount_flags, invalid_flags);
-+ return test_unpriv_remount("ramfs", NULL, mount_flags, mount_flags,
-+ invalid_flags);
-+}
-+
-+static bool test_priv_mount_unpriv_remount(void)
-+{
-+ pid_t child;
-+ int ret;
-+ const char *orig_path = "/dev";
-+ const char *dest_path = "/tmp";
-+ int orig_mnt_flags, remount_mnt_flags;
-+
-+ child = fork();
-+ if (child == -1) {
-+ die("fork failed: %s\n",
-+ strerror(errno));
-+ }
-+ if (child != 0) { /* parent */
-+ pid_t pid;
-+ int status;
-+ pid = waitpid(child, &status, 0);
-+ if (pid == -1) {
-+ die("waitpid failed: %s\n",
-+ strerror(errno));
-+ }
-+ if (pid != child) {
-+ die("waited for %d got %d\n",
-+ child, pid);
-+ }
-+ if (!WIFEXITED(status)) {
-+ die("child did not terminate cleanly\n");
-+ }
-+ return WEXITSTATUS(status) == EXIT_SUCCESS ? true : false;
-+ }
-+
-+ orig_mnt_flags = read_mnt_flags(orig_path);
-+
-+ create_and_enter_userns();
-+ ret = unshare(CLONE_NEWNS);
-+ if (ret != 0) {
-+ die("unshare(CLONE_NEWNS) failed: %s\n",
-+ strerror(errno));
-+ }
-+
-+ ret = mount(orig_path, dest_path, "bind", MS_BIND | MS_REC, NULL);
-+ if (ret != 0) {
-+ die("recursive bind mount of %s onto %s failed: %s\n",
-+ orig_path, dest_path, strerror(errno));
-+ }
-+
-+ ret = mount(dest_path, dest_path, "none",
-+ MS_REMOUNT | MS_BIND | orig_mnt_flags , NULL);
-+ if (ret != 0) {
-+ /* system("cat /proc/self/mounts"); */
-+ die("remount of /tmp failed: %s\n",
-+ strerror(errno));
-+ }
-+
-+ remount_mnt_flags = read_mnt_flags(dest_path);
-+ if (orig_mnt_flags != remount_mnt_flags) {
-+ die("Mount flags unexpectedly changed during remount of %s originally mounted on %s\n",
-+ dest_path, orig_path);
-+ }
-+ exit(EXIT_SUCCESS);
- }
-
- int main(int argc, char **argv)
- {
-- if (!test_unpriv_remount_simple(MS_RDONLY|MS_NODEV)) {
-+ if (!test_unpriv_remount_simple(MS_RDONLY)) {
- die("MS_RDONLY malfunctions\n");
- }
-- if (!test_unpriv_remount_simple(MS_NODEV)) {
-+ if (!test_unpriv_remount("devpts", "newinstance", MS_NODEV, MS_NODEV, 0)) {
- die("MS_NODEV malfunctions\n");
- }
-- if (!test_unpriv_remount_simple(MS_NOSUID|MS_NODEV)) {
-+ if (!test_unpriv_remount_simple(MS_NOSUID)) {
- die("MS_NOSUID malfunctions\n");
- }
-- if (!test_unpriv_remount_simple(MS_NOEXEC|MS_NODEV)) {
-+ if (!test_unpriv_remount_simple(MS_NOEXEC)) {
- die("MS_NOEXEC malfunctions\n");
- }
-- if (!test_unpriv_remount_atime(MS_RELATIME|MS_NODEV,
-- MS_NOATIME|MS_NODEV))
-+ if (!test_unpriv_remount_atime(MS_RELATIME,
-+ MS_NOATIME))
- {
- die("MS_RELATIME malfunctions\n");
- }
-- if (!test_unpriv_remount_atime(MS_STRICTATIME|MS_NODEV,
-- MS_NOATIME|MS_NODEV))
-+ if (!test_unpriv_remount_atime(MS_STRICTATIME,
-+ MS_NOATIME))
- {
- die("MS_STRICTATIME malfunctions\n");
- }
-- if (!test_unpriv_remount_atime(MS_NOATIME|MS_NODEV,
-- MS_STRICTATIME|MS_NODEV))
-+ if (!test_unpriv_remount_atime(MS_NOATIME,
-+ MS_STRICTATIME))
- {
-- die("MS_RELATIME malfunctions\n");
-+ die("MS_NOATIME malfunctions\n");
- }
-- if (!test_unpriv_remount_atime(MS_RELATIME|MS_NODIRATIME|MS_NODEV,
-- MS_NOATIME|MS_NODEV))
-+ if (!test_unpriv_remount_atime(MS_RELATIME|MS_NODIRATIME,
-+ MS_NOATIME))
- {
-- die("MS_RELATIME malfunctions\n");
-+ die("MS_RELATIME|MS_NODIRATIME malfunctions\n");
- }
-- if (!test_unpriv_remount_atime(MS_STRICTATIME|MS_NODIRATIME|MS_NODEV,
-- MS_NOATIME|MS_NODEV))
-+ if (!test_unpriv_remount_atime(MS_STRICTATIME|MS_NODIRATIME,
-+ MS_NOATIME))
- {
-- die("MS_RELATIME malfunctions\n");
-+ die("MS_STRICTATIME|MS_NODIRATIME malfunctions\n");
- }
-- if (!test_unpriv_remount_atime(MS_NOATIME|MS_NODIRATIME|MS_NODEV,
-- MS_STRICTATIME|MS_NODEV))
-+ if (!test_unpriv_remount_atime(MS_NOATIME|MS_NODIRATIME,
-+ MS_STRICTATIME))
- {
-- die("MS_RELATIME malfunctions\n");
-+ die("MS_NOATIME|MS_DIRATIME malfunctions\n");
- }
-- if (!test_unpriv_remount(MS_STRICTATIME|MS_NODEV, MS_NODEV,
-- MS_NOATIME|MS_NODEV))
-+ if (!test_unpriv_remount("ramfs", NULL, MS_STRICTATIME, 0, MS_NOATIME))
- {
- die("Default atime malfunctions\n");
- }
-+ if (!test_priv_mount_unpriv_remount()) {
-+ die("Mount flags unexpectedly changed after remount\n");
-+ }
- return EXIT_SUCCESS;
- }
---
-2.1.0
-
diff --git a/no-pcspkr-modalias.patch b/no-pcspkr-modalias.patch
index a258676c3..28008094d 100644
--- a/no-pcspkr-modalias.patch
+++ b/no-pcspkr-modalias.patch
@@ -9,7 +9,7 @@ Upstream-status: Fedora mustard
1 file changed, 1 deletion(-)
diff --git a/drivers/input/misc/pcspkr.c b/drivers/input/misc/pcspkr.c
-index 674a2cfc3c0e..9a2807227c69 100644
+index 72b1fc3ab910..86907eaa4883 100644
--- a/drivers/input/misc/pcspkr.c
+++ b/drivers/input/misc/pcspkr.c
@@ -23,7 +23,6 @@
diff --git a/pinctrl-pinctrl-single-must-be-initialized-early.patch b/pinctrl-pinctrl-single-must-be-initialized-early.patch
index 765ec1d3d..5aa4bd22f 100644
--- a/pinctrl-pinctrl-single-must-be-initialized-early.patch
+++ b/pinctrl-pinctrl-single-must-be-initialized-early.patch
@@ -10,10 +10,10 @@ exercise left to the reader.
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/drivers/pinctrl/pinctrl-single.c b/drivers/pinctrl/pinctrl-single.c
-index fb94b772ad62..99668ad01b54 100644
+index 69e84427f913..f21cf4291476 100644
--- a/drivers/pinctrl/pinctrl-single.c
+++ b/drivers/pinctrl/pinctrl-single.c
-@@ -2026,7 +2026,17 @@ static struct platform_driver pcs_driver = {
+@@ -2025,7 +2025,17 @@ static struct platform_driver pcs_driver = {
#endif
};
diff --git a/powerpc-powernv-force-all-CPUs-to-be-bootable.patch b/powerpc-powernv-force-all-CPUs-to-be-bootable.patch
deleted file mode 100644
index f98ac878d..000000000
--- a/powerpc-powernv-force-all-CPUs-to-be-bootable.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-From: Greg Kurz <gkurz@linux.vnet.ibm.com>
-Date: Fri, 12 Dec 2014 12:37:40 +0100
-Subject: [PATCH] powerpc/powernv: force all CPUs to be bootable
-
-The subcore logic needs all the CPUs declared in the DT to be bootable,
-otherwise the kernel hangs at boot time. Since subcore support starts
-with POWER8, we can keep the current behaviour for older CPUs.
-
-Signed-off-by: Greg Kurz <gkurz@linux.vnet.ibm.com>
----
- arch/powerpc/platforms/powernv/smp.c | 13 ++++++++++++-
- 1 file changed, 12 insertions(+), 1 deletion(-)
-
-diff --git a/arch/powerpc/platforms/powernv/smp.c b/arch/powerpc/platforms/powernv/smp.c
-index 4753958cd509..44ecd0925f56 100644
---- a/arch/powerpc/platforms/powernv/smp.c
-+++ b/arch/powerpc/platforms/powernv/smp.c
-@@ -185,13 +185,24 @@ static void pnv_smp_cpu_kill_self(void)
-
- #endif /* CONFIG_HOTPLUG_CPU */
-
-+static int pnv_cpu_bootable(unsigned int nr)
-+{
-+ /* Starting with POWER8, all CPUs need to be booted to avoid hangs
-+ * during subcore init.
-+ */
-+ if (cpu_has_feature(CPU_FTR_ARCH_207S))
-+ return 1;
-+
-+ return smp_generic_cpu_bootable(nr);
-+}
-+
- static struct smp_ops_t pnv_smp_ops = {
- .message_pass = smp_muxed_ipi_message_pass,
- .cause_ipi = NULL, /* Filled at runtime by xics_smp_probe() */
- .probe = xics_smp_probe,
- .kick_cpu = pnv_smp_kick_cpu,
- .setup_cpu = pnv_smp_setup_cpu,
-- .cpu_bootable = smp_generic_cpu_bootable,
-+ .cpu_bootable = pnv_cpu_bootable,
- #ifdef CONFIG_HOTPLUG_CPU
- .cpu_disable = pnv_smp_cpu_disable,
- .cpu_die = generic_cpu_die,
---
-2.1.0
-
diff --git a/scsi-sd_revalidate_disk-prevent-NULL-ptr-deref.patch b/scsi-sd_revalidate_disk-prevent-NULL-ptr-deref.patch
index 62530050f..f635da21a 100644
--- a/scsi-sd_revalidate_disk-prevent-NULL-ptr-deref.patch
+++ b/scsi-sd_revalidate_disk-prevent-NULL-ptr-deref.patch
@@ -9,10 +9,10 @@ Upstream-status: Fedora mustard (might be worth dropping...)
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/drivers/scsi/sd.c b/drivers/scsi/sd.c
-index cfba74cd8e8b..5127df3cc064 100644
+index 399516925d80..2ac9a156da39 100644
--- a/drivers/scsi/sd.c
+++ b/drivers/scsi/sd.c
-@@ -2768,13 +2768,18 @@ static int sd_try_extended_inquiry(struct scsi_device *sdp)
+@@ -2750,13 +2750,18 @@ static int sd_try_extended_inquiry(struct scsi_device *sdp)
static int sd_revalidate_disk(struct gendisk *disk)
{
struct scsi_disk *sdkp = scsi_disk(disk);
diff --git a/silence-fbcon-logo.patch b/silence-fbcon-logo.patch
index 654927e41..baeb94e5c 100644
--- a/silence-fbcon-logo.patch
+++ b/silence-fbcon-logo.patch
@@ -9,7 +9,7 @@ Upstream-status: Fedora mustard
1 file changed, 17 insertions(+), 7 deletions(-)
diff --git a/drivers/video/console/fbcon.c b/drivers/video/console/fbcon.c
-index eb976ee3a02f..275f20a643f4 100644
+index ea437245562e..eefa9c45d2e1 100644
--- a/drivers/video/console/fbcon.c
+++ b/drivers/video/console/fbcon.c
@@ -637,13 +637,15 @@ static void fbcon_prepare_logo(struct vc_data *vc, struct fb_info *info,
@@ -47,7 +47,7 @@ index eb976ee3a02f..275f20a643f4 100644
+
+early_param("quiet", quiet_logo);
+
- module_init(fb_console_init);
+ fs_initcall(fb_console_init);
#ifdef MODULE
--
diff --git a/uapi-linux-target_core_user.h-fix-headers_install.sh.patch b/uapi-linux-target_core_user.h-fix-headers_install.sh.patch
deleted file mode 100644
index 516d10f8a..000000000
--- a/uapi-linux-target_core_user.h-fix-headers_install.sh.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-From: Kyle McMartin <kyle@redhat.com>
-Date: Thu, 18 Dec 2014 12:57:14 -0500
-Subject: [PATCH] uapi/linux/target_core_user.h: fix headers_install.sh badness
-
-scripts/headers_install.sh will transform __packed to
-__attribute__((packed)), so the #ifndef is not necessary.
-(and, in fact, it's problematic, because we'll end up with the header
- containing:
-#ifndef __attribute__((packed))
-#define __attribu...
-and so forth.)
-
-Cc: stable@vger.kernel.org # 3.18
-Signed-off-by: Kyle McMartin <kyle@redhat.com>
----
- include/uapi/linux/target_core_user.h | 4 ----
- 1 file changed, 4 deletions(-)
-
-diff --git a/include/uapi/linux/target_core_user.h b/include/uapi/linux/target_core_user.h
-index 7dcfbe6771b1..b483d1909d3e 100644
---- a/include/uapi/linux/target_core_user.h
-+++ b/include/uapi/linux/target_core_user.h
-@@ -6,10 +6,6 @@
- #include <linux/types.h>
- #include <linux/uio.h>
-
--#ifndef __packed
--#define __packed __attribute__((packed))
--#endif
--
- #define TCMU_VERSION "1.0"
-
- /*
---
-2.1.0
-
diff --git a/umount-Disallow-unprivileged-mount-force.patch b/umount-Disallow-unprivileged-mount-force.patch
deleted file mode 100644
index a57b2c927..000000000
--- a/umount-Disallow-unprivileged-mount-force.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From: "Eric W. Biederman" <ebiederm@xmission.com>
-Date: Sat, 4 Oct 2014 14:44:03 -0700
-Subject: [PATCH] umount: Disallow unprivileged mount force
-
-Forced unmount affects not just the mount namespace but the underlying
-superblock as well. Restrict forced unmount to the global root user
-for now. Otherwise it becomes possible a user in a less privileged
-mount namespace to force the shutdown of a superblock of a filesystem
-in a more privileged mount namespace, allowing a DOS attack on root.
-
-Cc: stable@vger.kernel.org
-Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
----
- fs/namespace.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/fs/namespace.c b/fs/namespace.c
-index 3a1a87dc33df..43b16af8af30 100644
---- a/fs/namespace.c
-+++ b/fs/namespace.c
-@@ -1544,6 +1544,9 @@ SYSCALL_DEFINE2(umount, char __user *, name, int, flags)
- goto dput_and_out;
- if (mnt->mnt.mnt_flags & MNT_LOCKED)
- goto dput_and_out;
-+ retval = -EPERM;
-+ if (flags & MNT_FORCE && !capable(CAP_SYS_ADMIN))
-+ goto dput_and_out;
-
- retval = do_umount(mnt, flags);
- dput_and_out:
---
-2.1.0
-
diff --git a/userns-Add-a-knob-to-disable-setgroups-on-a-per-user.patch b/userns-Add-a-knob-to-disable-setgroups-on-a-per-user.patch
deleted file mode 100644
index a55381706..000000000
--- a/userns-Add-a-knob-to-disable-setgroups-on-a-per-user.patch
+++ /dev/null
@@ -1,280 +0,0 @@
-From: "Eric W. Biederman" <ebiederm@xmission.com>
-Date: Tue, 2 Dec 2014 12:27:26 -0600
-Subject: [PATCH] userns: Add a knob to disable setgroups on a per user
- namespace basis
-
-- Expose the knob to user space through a proc file /proc/<pid>/setgroups
-
- A value of "deny" means the setgroups system call is disabled in the
- current processes user namespace and can not be enabled in the
- future in this user namespace.
-
- A value of "allow" means the segtoups system call is enabled.
-
-- Descendant user namespaces inherit the value of setgroups from
- their parents.
-
-- A proc file is used (instead of a sysctl) as sysctls currently do
- not allow checking the permissions at open time.
-
-- Writing to the proc file is restricted to before the gid_map
- for the user namespace is set.
-
- This ensures that disabling setgroups at a user namespace
- level will never remove the ability to call setgroups
- from a process that already has that ability.
-
- A process may opt in to the setgroups disable for itself by
- creating, entering and configuring a user namespace or by calling
- setns on an existing user namespace with setgroups disabled.
- Processes without privileges already can not call setgroups so this
- is a noop. Prodcess with privilege become processes without
- privilege when entering a user namespace and as with any other path
- to dropping privilege they would not have the ability to call
- setgroups. So this remains within the bounds of what is possible
- without a knob to disable setgroups permanently in a user namespace.
-
-Cc: stable@vger.kernel.org
-Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
----
- fs/proc/base.c | 53 ++++++++++++++++++++++++++
- include/linux/user_namespace.h | 7 ++++
- kernel/user.c | 1 +
- kernel/user_namespace.c | 85 ++++++++++++++++++++++++++++++++++++++++++
- 4 files changed, 146 insertions(+)
-
-diff --git a/fs/proc/base.c b/fs/proc/base.c
-index 772efa45a452..7dc3ea89ef1a 100644
---- a/fs/proc/base.c
-+++ b/fs/proc/base.c
-@@ -2464,6 +2464,57 @@ static const struct file_operations proc_projid_map_operations = {
- .llseek = seq_lseek,
- .release = proc_id_map_release,
- };
-+
-+static int proc_setgroups_open(struct inode *inode, struct file *file)
-+{
-+ struct user_namespace *ns = NULL;
-+ struct task_struct *task;
-+ int ret;
-+
-+ ret = -ESRCH;
-+ task = get_proc_task(inode);
-+ if (task) {
-+ rcu_read_lock();
-+ ns = get_user_ns(task_cred_xxx(task, user_ns));
-+ rcu_read_unlock();
-+ put_task_struct(task);
-+ }
-+ if (!ns)
-+ goto err;
-+
-+ if (file->f_mode & FMODE_WRITE) {
-+ ret = -EACCES;
-+ if (!ns_capable(ns, CAP_SYS_ADMIN))
-+ goto err_put_ns;
-+ }
-+
-+ ret = single_open(file, &proc_setgroups_show, ns);
-+ if (ret)
-+ goto err_put_ns;
-+
-+ return 0;
-+err_put_ns:
-+ put_user_ns(ns);
-+err:
-+ return ret;
-+}
-+
-+static int proc_setgroups_release(struct inode *inode, struct file *file)
-+{
-+ struct seq_file *seq = file->private_data;
-+ struct user_namespace *ns = seq->private;
-+ int ret = single_release(inode, file);
-+ put_user_ns(ns);
-+ return ret;
-+}
-+
-+static const struct file_operations proc_setgroups_operations = {
-+ .open = proc_setgroups_open,
-+ .write = proc_setgroups_write,
-+ .read = seq_read,
-+ .llseek = seq_lseek,
-+ .release = proc_setgroups_release,
-+};
- #endif /* CONFIG_USER_NS */
-
- static int proc_pid_personality(struct seq_file *m, struct pid_namespace *ns,
-@@ -2572,6 +2623,7 @@ static const struct pid_entry tgid_base_stuff[] = {
- REG("uid_map", S_IRUGO|S_IWUSR, proc_uid_map_operations),
- REG("gid_map", S_IRUGO|S_IWUSR, proc_gid_map_operations),
- REG("projid_map", S_IRUGO|S_IWUSR, proc_projid_map_operations),
-+ REG("setgroups", S_IRUGO|S_IWUSR, proc_setgroups_operations),
- #endif
- #ifdef CONFIG_CHECKPOINT_RESTORE
- REG("timers", S_IRUGO, proc_timers_operations),
-@@ -2913,6 +2965,7 @@ static const struct pid_entry tid_base_stuff[] = {
- REG("uid_map", S_IRUGO|S_IWUSR, proc_uid_map_operations),
- REG("gid_map", S_IRUGO|S_IWUSR, proc_gid_map_operations),
- REG("projid_map", S_IRUGO|S_IWUSR, proc_projid_map_operations),
-+ REG("setgroups", S_IRUGO|S_IWUSR, proc_setgroups_operations),
- #endif
- };
-
-diff --git a/include/linux/user_namespace.h b/include/linux/user_namespace.h
-index 8d493083486a..9f3579ff543d 100644
---- a/include/linux/user_namespace.h
-+++ b/include/linux/user_namespace.h
-@@ -17,6 +17,10 @@ struct uid_gid_map { /* 64 bytes -- 1 cache line */
- } extent[UID_GID_MAP_MAX_EXTENTS];
- };
-
-+#define USERNS_SETGROUPS_ALLOWED 1UL
-+
-+#define USERNS_INIT_FLAGS USERNS_SETGROUPS_ALLOWED
-+
- struct user_namespace {
- struct uid_gid_map uid_map;
- struct uid_gid_map gid_map;
-@@ -27,6 +31,7 @@ struct user_namespace {
- kuid_t owner;
- kgid_t group;
- unsigned int proc_inum;
-+ unsigned long flags;
-
- /* Register of per-UID persistent keyrings for this namespace */
- #ifdef CONFIG_PERSISTENT_KEYRINGS
-@@ -63,6 +68,8 @@ extern const struct seq_operations proc_projid_seq_operations;
- extern ssize_t proc_uid_map_write(struct file *, const char __user *, size_t, loff_t *);
- extern ssize_t proc_gid_map_write(struct file *, const char __user *, size_t, loff_t *);
- extern ssize_t proc_projid_map_write(struct file *, const char __user *, size_t, loff_t *);
-+extern ssize_t proc_setgroups_write(struct file *, const char __user *, size_t, loff_t *);
-+extern int proc_setgroups_show(struct seq_file *m, void *v);
- extern bool userns_may_setgroups(const struct user_namespace *ns);
- #else
-
-diff --git a/kernel/user.c b/kernel/user.c
-index 4efa39350e44..2d09940c9632 100644
---- a/kernel/user.c
-+++ b/kernel/user.c
-@@ -51,6 +51,7 @@ struct user_namespace init_user_ns = {
- .owner = GLOBAL_ROOT_UID,
- .group = GLOBAL_ROOT_GID,
- .proc_inum = PROC_USER_INIT_INO,
-+ .flags = USERNS_INIT_FLAGS,
- #ifdef CONFIG_PERSISTENT_KEYRINGS
- .persistent_keyring_register_sem =
- __RWSEM_INITIALIZER(init_user_ns.persistent_keyring_register_sem),
-diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
-index 44a555ac6104..6e80f4c1322b 100644
---- a/kernel/user_namespace.c
-+++ b/kernel/user_namespace.c
-@@ -100,6 +100,11 @@ int create_user_ns(struct cred *new)
- ns->owner = owner;
- ns->group = group;
-
-+ /* Inherit USERNS_SETGROUPS_ALLOWED from our parent */
-+ mutex_lock(&userns_state_mutex);
-+ ns->flags = parent_ns->flags;
-+ mutex_unlock(&userns_state_mutex);
-+
- set_cred_user_ns(new, ns);
-
- #ifdef CONFIG_PERSISTENT_KEYRINGS
-@@ -839,6 +844,84 @@ static bool new_idmap_permitted(const struct file *file,
- return false;
- }
-
-+int proc_setgroups_show(struct seq_file *seq, void *v)
-+{
-+ struct user_namespace *ns = seq->private;
-+ unsigned long userns_flags = ACCESS_ONCE(ns->flags);
-+
-+ seq_printf(seq, "%s\n",
-+ (userns_flags & USERNS_SETGROUPS_ALLOWED) ?
-+ "allow" : "deny");
-+ return 0;
-+}
-+
-+ssize_t proc_setgroups_write(struct file *file, const char __user *buf,
-+ size_t count, loff_t *ppos)
-+{
-+ struct seq_file *seq = file->private_data;
-+ struct user_namespace *ns = seq->private;
-+ char kbuf[8], *pos;
-+ bool setgroups_allowed;
-+ ssize_t ret;
-+
-+ /* Only allow a very narrow range of strings to be written */
-+ ret = -EINVAL;
-+ if ((*ppos != 0) || (count >= sizeof(kbuf)))
-+ goto out;
-+
-+ /* What was written? */
-+ ret = -EFAULT;
-+ if (copy_from_user(kbuf, buf, count))
-+ goto out;
-+ kbuf[count] = '\0';
-+ pos = kbuf;
-+
-+ /* What is being requested? */
-+ ret = -EINVAL;
-+ if (strncmp(pos, "allow", 5) == 0) {
-+ pos += 5;
-+ setgroups_allowed = true;
-+ }
-+ else if (strncmp(pos, "deny", 4) == 0) {
-+ pos += 4;
-+ setgroups_allowed = false;
-+ }
-+ else
-+ goto out;
-+
-+ /* Verify there is not trailing junk on the line */
-+ pos = skip_spaces(pos);
-+ if (*pos != '\0')
-+ goto out;
-+
-+ ret = -EPERM;
-+ mutex_lock(&userns_state_mutex);
-+ if (setgroups_allowed) {
-+ /* Enabling setgroups after setgroups has been disabled
-+ * is not allowed.
-+ */
-+ if (!(ns->flags & USERNS_SETGROUPS_ALLOWED))
-+ goto out_unlock;
-+ } else {
-+ /* Permanently disabling setgroups after setgroups has
-+ * been enabled by writing the gid_map is not allowed.
-+ */
-+ if (ns->gid_map.nr_extents != 0)
-+ goto out_unlock;
-+ ns->flags &= ~USERNS_SETGROUPS_ALLOWED;
-+ }
-+ mutex_unlock(&userns_state_mutex);
-+
-+ /* Report a successful write */
-+ *ppos = count;
-+ ret = count;
-+out:
-+ return ret;
-+out_unlock:
-+ mutex_unlock(&userns_state_mutex);
-+ goto out;
-+}
-+
- bool userns_may_setgroups(const struct user_namespace *ns)
- {
- bool allowed;
-@@ -848,6 +931,8 @@ bool userns_may_setgroups(const struct user_namespace *ns)
- * the user namespace has been established.
- */
- allowed = ns->gid_map.nr_extents != 0;
-+ /* Is setgroups allowed? */
-+ allowed = allowed && (ns->flags & USERNS_SETGROUPS_ALLOWED);
- mutex_unlock(&userns_state_mutex);
-
- return allowed;
---
-2.1.0
-
diff --git a/userns-Allow-setting-gid_maps-without-privilege-when.patch b/userns-Allow-setting-gid_maps-without-privilege-when.patch
deleted file mode 100644
index 97d3fe69a..000000000
--- a/userns-Allow-setting-gid_maps-without-privilege-when.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From: "Eric W. Biederman" <ebiederm@xmission.com>
-Date: Fri, 5 Dec 2014 19:36:04 -0600
-Subject: [PATCH] userns: Allow setting gid_maps without privilege when
- setgroups is disabled
-
-Now that setgroups can be disabled and not reenabled, setting gid_map
-without privielge can now be enabled when setgroups is disabled.
-
-This restores most of the functionality that was lost when unprivileged
-setting of gid_map was removed. Applications that use this functionality
-will need to check to see if they use setgroups or init_groups, and if they
-don't they can be fixed by simply disabling setgroups before writing to
-gid_map.
-
-Cc: stable@vger.kernel.org
-Reviewed-by: Andy Lutomirski <luto@amacapital.net>
-Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
----
- kernel/user_namespace.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
-index 6e80f4c1322b..a2e37c5d2f63 100644
---- a/kernel/user_namespace.c
-+++ b/kernel/user_namespace.c
-@@ -826,6 +826,11 @@ static bool new_idmap_permitted(const struct file *file,
- kuid_t uid = make_kuid(ns->parent, id);
- if (uid_eq(uid, cred->euid))
- return true;
-+ } else if (cap_setid == CAP_SETGID) {
-+ kgid_t gid = make_kgid(ns->parent, id);
-+ if (!(ns->flags & USERNS_SETGROUPS_ALLOWED) &&
-+ gid_eq(gid, cred->egid))
-+ return true;
- }
- }
-
---
-2.1.0
-
diff --git a/userns-Check-euid-no-fsuid-when-establishing-an-unpr.patch b/userns-Check-euid-no-fsuid-when-establishing-an-unpr.patch
deleted file mode 100644
index 50830c30e..000000000
--- a/userns-Check-euid-no-fsuid-when-establishing-an-unpr.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-From: "Eric W. Biederman" <ebiederm@xmission.com>
-Date: Fri, 5 Dec 2014 18:26:30 -0600
-Subject: [PATCH] userns: Check euid no fsuid when establishing an unprivileged
- uid mapping
-
-setresuid allows the euid to be set to any of uid, euid, suid, and
-fsuid. Therefor it is safe to allow an unprivileged user to map
-their euid and use CAP_SETUID privileged with exactly that uid,
-as no new credentials can be obtained.
-
-I can not find a combination of existing system calls that allows setting
-uid, euid, suid, and fsuid from the fsuid making the previous use
-of fsuid for allowing unprivileged mappings a bug.
-
-This is part of a fix for CVE-2014-8989.
-
-Cc: stable@vger.kernel.org
-Reviewed-by: Andy Lutomirski <luto@amacapital.net>
-Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
----
- kernel/user_namespace.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
-index 1ce6d67c07b7..9451b12a9b6c 100644
---- a/kernel/user_namespace.c
-+++ b/kernel/user_namespace.c
-@@ -819,7 +819,7 @@ static bool new_idmap_permitted(const struct file *file,
- u32 id = new_map->extent[0].lower_first;
- if (cap_setid == CAP_SETUID) {
- kuid_t uid = make_kuid(ns->parent, id);
-- if (uid_eq(uid, file->f_cred->fsuid))
-+ if (uid_eq(uid, file->f_cred->euid))
- return true;
- }
- }
---
-2.1.0
-
diff --git a/userns-Document-what-the-invariant-required-for-safe.patch b/userns-Document-what-the-invariant-required-for-safe.patch
deleted file mode 100644
index c364b2bce..000000000
--- a/userns-Document-what-the-invariant-required-for-safe.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-From: "Eric W. Biederman" <ebiederm@xmission.com>
-Date: Fri, 5 Dec 2014 17:51:47 -0600
-Subject: [PATCH] userns: Document what the invariant required for safe
- unprivileged mappings.
-
-The rule is simple. Don't allow anything that wouldn't be allowed
-without unprivileged mappings.
-
-It was previously overlooked that establishing gid mappings would
-allow dropping groups and potentially gaining permission to files and
-directories that had lesser permissions for a specific group than for
-all other users.
-
-This is the rule needed to fix CVE-2014-8989 and prevent any other
-security issues with new_idmap_permitted.
-
-The reason for this rule is that the unix permission model is old and
-there are programs out there somewhere that take advantage of every
-little corner of it. So allowing a uid or gid mapping to be
-established without privielge that would allow anything that would not
-be allowed without that mapping will result in expectations from some
-code somewhere being violated. Violated expectations about the
-behavior of the OS is a long way to say a security issue.
-
-Cc: stable@vger.kernel.org
-Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
----
- kernel/user_namespace.c | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
-index aa312b0dc3ec..b99c862a2e3f 100644
---- a/kernel/user_namespace.c
-+++ b/kernel/user_namespace.c
-@@ -812,7 +812,9 @@ static bool new_idmap_permitted(const struct file *file,
- struct user_namespace *ns, int cap_setid,
- struct uid_gid_map *new_map)
- {
-- /* Allow mapping to your own filesystem ids */
-+ /* Don't allow mappings that would allow anything that wouldn't
-+ * be allowed without the establishment of unprivileged mappings.
-+ */
- if ((new_map->nr_extents == 1) && (new_map->extent[0].count == 1)) {
- u32 id = new_map->extent[0].lower_first;
- if (cap_setid == CAP_SETUID) {
---
-2.1.0
-
diff --git a/userns-Don-t-allow-setgroups-until-a-gid-mapping-has.patch b/userns-Don-t-allow-setgroups-until-a-gid-mapping-has.patch
deleted file mode 100644
index 81217d2a5..000000000
--- a/userns-Don-t-allow-setgroups-until-a-gid-mapping-has.patch
+++ /dev/null
@@ -1,98 +0,0 @@
-From: "Eric W. Biederman" <ebiederm@xmission.com>
-Date: Fri, 5 Dec 2014 18:01:11 -0600
-Subject: [PATCH] userns: Don't allow setgroups until a gid mapping has been
- setablished
-
-setgroups is unique in not needing a valid mapping before it can be called,
-in the case of setgroups(0, NULL) which drops all supplemental groups.
-
-The design of the user namespace assumes that CAP_SETGID can not actually
-be used until a gid mapping is established. Therefore add a helper function
-to see if the user namespace gid mapping has been established and call
-that function in the setgroups permission check.
-
-This is part of the fix for CVE-2014-8989, being able to drop groups
-without privilege using user namespaces.
-
-Cc: stable@vger.kernel.org
-Reviewed-by: Andy Lutomirski <luto@amacapital.net>
-Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
----
- include/linux/user_namespace.h | 5 +++++
- kernel/groups.c | 4 +++-
- kernel/user_namespace.c | 14 ++++++++++++++
- 3 files changed, 22 insertions(+), 1 deletion(-)
-
-diff --git a/include/linux/user_namespace.h b/include/linux/user_namespace.h
-index e95372654f09..8d493083486a 100644
---- a/include/linux/user_namespace.h
-+++ b/include/linux/user_namespace.h
-@@ -63,6 +63,7 @@ extern const struct seq_operations proc_projid_seq_operations;
- extern ssize_t proc_uid_map_write(struct file *, const char __user *, size_t, loff_t *);
- extern ssize_t proc_gid_map_write(struct file *, const char __user *, size_t, loff_t *);
- extern ssize_t proc_projid_map_write(struct file *, const char __user *, size_t, loff_t *);
-+extern bool userns_may_setgroups(const struct user_namespace *ns);
- #else
-
- static inline struct user_namespace *get_user_ns(struct user_namespace *ns)
-@@ -87,6 +88,10 @@ static inline void put_user_ns(struct user_namespace *ns)
- {
- }
-
-+static inline bool userns_may_setgroups(const struct user_namespace *ns)
-+{
-+ return true;
-+}
- #endif
-
- #endif /* _LINUX_USER_H */
-diff --git a/kernel/groups.c b/kernel/groups.c
-index 02d8a251c476..664411f171b5 100644
---- a/kernel/groups.c
-+++ b/kernel/groups.c
-@@ -6,6 +6,7 @@
- #include <linux/slab.h>
- #include <linux/security.h>
- #include <linux/syscalls.h>
-+#include <linux/user_namespace.h>
- #include <asm/uaccess.h>
-
- /* init to 2 - one for init_task, one to ensure it is never freed */
-@@ -217,7 +218,8 @@ bool may_setgroups(void)
- {
- struct user_namespace *user_ns = current_user_ns();
-
-- return ns_capable(user_ns, CAP_SETGID);
-+ return ns_capable(user_ns, CAP_SETGID) &&
-+ userns_may_setgroups(user_ns);
- }
-
- /*
-diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
-index b99c862a2e3f..27c8dab48c07 100644
---- a/kernel/user_namespace.c
-+++ b/kernel/user_namespace.c
-@@ -843,6 +843,20 @@ static bool new_idmap_permitted(const struct file *file,
- return false;
- }
-
-+bool userns_may_setgroups(const struct user_namespace *ns)
-+{
-+ bool allowed;
-+
-+ mutex_lock(&id_map_mutex);
-+ /* It is not safe to use setgroups until a gid mapping in
-+ * the user namespace has been established.
-+ */
-+ allowed = ns->gid_map.nr_extents != 0;
-+ mutex_unlock(&id_map_mutex);
-+
-+ return allowed;
-+}
-+
- static void *userns_get(struct task_struct *task)
- {
- struct user_namespace *user_ns;
---
-2.1.0
-
diff --git a/userns-Don-t-allow-unprivileged-creation-of-gid-mapp.patch b/userns-Don-t-allow-unprivileged-creation-of-gid-mapp.patch
deleted file mode 100644
index b1d53828a..000000000
--- a/userns-Don-t-allow-unprivileged-creation-of-gid-mapp.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-From: "Eric W. Biederman" <ebiederm@xmission.com>
-Date: Fri, 5 Dec 2014 18:14:19 -0600
-Subject: [PATCH] userns: Don't allow unprivileged creation of gid mappings
-
-As any gid mapping will allow and must allow for backwards
-compatibility dropping groups don't allow any gid mappings to be
-established without CAP_SETGID in the parent user namespace.
-
-For a small class of applications this change breaks userspace
-and removes useful functionality. This small class of applications
-includes tools/testing/selftests/mount/unprivilged-remount-test.c
-
-Most of the removed functionality will be added back with the addition
-of a one way knob to disable setgroups. Once setgroups is disabled
-setting the gid_map becomes as safe as setting the uid_map.
-
-For more common applications that set the uid_map and the gid_map
-with privilege this change will have no affect.
-
-This is part of a fix for CVE-2014-8989.
-
-Cc: stable@vger.kernel.org
-Reviewed-by: Andy Lutomirski <luto@amacapital.net>
-Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
----
- kernel/user_namespace.c | 4 ----
- 1 file changed, 4 deletions(-)
-
-diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
-index 27c8dab48c07..1ce6d67c07b7 100644
---- a/kernel/user_namespace.c
-+++ b/kernel/user_namespace.c
-@@ -821,10 +821,6 @@ static bool new_idmap_permitted(const struct file *file,
- kuid_t uid = make_kuid(ns->parent, id);
- if (uid_eq(uid, file->f_cred->fsuid))
- return true;
-- } else if (cap_setid == CAP_SETGID) {
-- kgid_t gid = make_kgid(ns->parent, id);
-- if (gid_eq(gid, file->f_cred->fsgid))
-- return true;
- }
- }
-
---
-2.1.0
-
diff --git a/userns-Only-allow-the-creator-of-the-userns-unprivil.patch b/userns-Only-allow-the-creator-of-the-userns-unprivil.patch
deleted file mode 100644
index 8381b14e3..000000000
--- a/userns-Only-allow-the-creator-of-the-userns-unprivil.patch
+++ /dev/null
@@ -1,54 +0,0 @@
-From: "Eric W. Biederman" <ebiederm@xmission.com>
-Date: Wed, 26 Nov 2014 23:22:14 -0600
-Subject: [PATCH] userns: Only allow the creator of the userns unprivileged
- mappings
-
-If you did not create the user namespace and are allowed
-to write to uid_map or gid_map you should already have the necessary
-privilege in the parent user namespace to establish any mapping
-you want so this will not affect userspace in practice.
-
-Limiting unprivileged uid mapping establishment to the creator of the
-user namespace makes it easier to verify all credentials obtained with
-the uid mapping can be obtained without the uid mapping without
-privilege.
-
-Limiting unprivileged gid mapping establishment (which is temporarily
-absent) to the creator of the user namespace also ensures that the
-combination of uid and gid can already be obtained without privilege.
-
-This is part of the fix for CVE-2014-8989.
-
-Cc: stable@vger.kernel.org
-Reviewed-by: Andy Lutomirski <luto@amacapital.net>
-Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
----
- kernel/user_namespace.c | 6 ++++--
- 1 file changed, 4 insertions(+), 2 deletions(-)
-
-diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
-index 9451b12a9b6c..1e34de2fbd60 100644
---- a/kernel/user_namespace.c
-+++ b/kernel/user_namespace.c
-@@ -812,14 +812,16 @@ static bool new_idmap_permitted(const struct file *file,
- struct user_namespace *ns, int cap_setid,
- struct uid_gid_map *new_map)
- {
-+ const struct cred *cred = file->f_cred;
- /* Don't allow mappings that would allow anything that wouldn't
- * be allowed without the establishment of unprivileged mappings.
- */
-- if ((new_map->nr_extents == 1) && (new_map->extent[0].count == 1)) {
-+ if ((new_map->nr_extents == 1) && (new_map->extent[0].count == 1) &&
-+ uid_eq(ns->owner, cred->euid)) {
- u32 id = new_map->extent[0].lower_first;
- if (cap_setid == CAP_SETUID) {
- kuid_t uid = make_kuid(ns->parent, id);
-- if (uid_eq(uid, file->f_cred->euid))
-+ if (uid_eq(uid, cred->euid))
- return true;
- }
- }
---
-2.1.0
-
diff --git a/userns-Rename-id_map_mutex-to-userns_state_mutex.patch b/userns-Rename-id_map_mutex-to-userns_state_mutex.patch
deleted file mode 100644
index ce6288ae6..000000000
--- a/userns-Rename-id_map_mutex-to-userns_state_mutex.patch
+++ /dev/null
@@ -1,80 +0,0 @@
-From: "Eric W. Biederman" <ebiederm@xmission.com>
-Date: Tue, 9 Dec 2014 14:03:14 -0600
-Subject: [PATCH] userns: Rename id_map_mutex to userns_state_mutex
-
-Generalize id_map_mutex so it can be used for more state of a user namespace.
-
-Cc: stable@vger.kernel.org
-Reviewed-by: Andy Lutomirski <luto@amacapital.net>
-Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
----
- kernel/user_namespace.c | 14 ++++++--------
- 1 file changed, 6 insertions(+), 8 deletions(-)
-
-diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
-index 1e34de2fbd60..44a555ac6104 100644
---- a/kernel/user_namespace.c
-+++ b/kernel/user_namespace.c
-@@ -24,6 +24,7 @@
- #include <linux/fs_struct.h>
-
- static struct kmem_cache *user_ns_cachep __read_mostly;
-+static DEFINE_MUTEX(userns_state_mutex);
-
- static bool new_idmap_permitted(const struct file *file,
- struct user_namespace *ns, int cap_setid,
-@@ -583,9 +584,6 @@ static bool mappings_overlap(struct uid_gid_map *new_map,
- return false;
- }
-
--
--static DEFINE_MUTEX(id_map_mutex);
--
- static ssize_t map_write(struct file *file, const char __user *buf,
- size_t count, loff_t *ppos,
- int cap_setid,
-@@ -602,7 +600,7 @@ static ssize_t map_write(struct file *file, const char __user *buf,
- ssize_t ret = -EINVAL;
-
- /*
-- * The id_map_mutex serializes all writes to any given map.
-+ * The userns_state_mutex serializes all writes to any given map.
- *
- * Any map is only ever written once.
- *
-@@ -620,7 +618,7 @@ static ssize_t map_write(struct file *file, const char __user *buf,
- * order and smp_rmb() is guaranteed that we don't have crazy
- * architectures returning stale data.
- */
-- mutex_lock(&id_map_mutex);
-+ mutex_lock(&userns_state_mutex);
-
- ret = -EPERM;
- /* Only allow one successful write to the map */
-@@ -750,7 +748,7 @@ static ssize_t map_write(struct file *file, const char __user *buf,
- *ppos = count;
- ret = count;
- out:
-- mutex_unlock(&id_map_mutex);
-+ mutex_unlock(&userns_state_mutex);
- if (page)
- free_page(page);
- return ret;
-@@ -845,12 +843,12 @@ bool userns_may_setgroups(const struct user_namespace *ns)
- {
- bool allowed;
-
-- mutex_lock(&id_map_mutex);
-+ mutex_lock(&userns_state_mutex);
- /* It is not safe to use setgroups until a gid mapping in
- * the user namespace has been established.
- */
- allowed = ns->gid_map.nr_extents != 0;
-- mutex_unlock(&id_map_mutex);
-+ mutex_unlock(&userns_state_mutex);
-
- return allowed;
- }
---
-2.1.0
-
diff --git a/userns-Unbreak-the-unprivileged-remount-tests.patch b/userns-Unbreak-the-unprivileged-remount-tests.patch
deleted file mode 100644
index 69edd2ed3..000000000
--- a/userns-Unbreak-the-unprivileged-remount-tests.patch
+++ /dev/null
@@ -1,91 +0,0 @@
-From: "Eric W. Biederman" <ebiederm@xmission.com>
-Date: Tue, 2 Dec 2014 13:56:30 -0600
-Subject: [PATCH] userns: Unbreak the unprivileged remount tests
-
-A security fix in caused the way the unprivileged remount tests were
-using user namespaces to break. Tweak the way user namespaces are
-being used so the test works again.
-
-Cc: stable@vger.kernel.org
-Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
----
- .../selftests/mount/unprivileged-remount-test.c | 32 ++++++++++++++++------
- 1 file changed, 24 insertions(+), 8 deletions(-)
-
-diff --git a/tools/testing/selftests/mount/unprivileged-remount-test.c b/tools/testing/selftests/mount/unprivileged-remount-test.c
-index 9669d375625a..517785052f1c 100644
---- a/tools/testing/selftests/mount/unprivileged-remount-test.c
-+++ b/tools/testing/selftests/mount/unprivileged-remount-test.c
-@@ -53,17 +53,14 @@ static void die(char *fmt, ...)
- exit(EXIT_FAILURE);
- }
-
--static void write_file(char *filename, char *fmt, ...)
-+static void vmaybe_write_file(bool enoent_ok, char *filename, char *fmt, va_list ap)
- {
- char buf[4096];
- int fd;
- ssize_t written;
- int buf_len;
-- va_list ap;
-
-- va_start(ap, fmt);
- buf_len = vsnprintf(buf, sizeof(buf), fmt, ap);
-- va_end(ap);
- if (buf_len < 0) {
- die("vsnprintf failed: %s\n",
- strerror(errno));
-@@ -74,6 +71,8 @@ static void write_file(char *filename, char *fmt, ...)
-
- fd = open(filename, O_WRONLY);
- if (fd < 0) {
-+ if ((errno == ENOENT) && enoent_ok)
-+ return;
- die("open of %s failed: %s\n",
- filename, strerror(errno));
- }
-@@ -92,6 +91,26 @@ static void write_file(char *filename, char *fmt, ...)
- }
- }
-
-+static void maybe_write_file(char *filename, char *fmt, ...)
-+{
-+ va_list ap;
-+
-+ va_start(ap, fmt);
-+ vmaybe_write_file(true, filename, fmt, ap);
-+ va_end(ap);
-+
-+}
-+
-+static void write_file(char *filename, char *fmt, ...)
-+{
-+ va_list ap;
-+
-+ va_start(ap, fmt);
-+ vmaybe_write_file(false, filename, fmt, ap);
-+ va_end(ap);
-+
-+}
-+
- static int read_mnt_flags(const char *path)
- {
- int ret;
-@@ -144,13 +163,10 @@ static void create_and_enter_userns(void)
- strerror(errno));
- }
-
-+ maybe_write_file("/proc/self/setgroups", "deny");
- write_file("/proc/self/uid_map", "0 %d 1", uid);
- write_file("/proc/self/gid_map", "0 %d 1", gid);
-
-- if (setgroups(0, NULL) != 0) {
-- die("setgroups failed: %s\n",
-- strerror(errno));
-- }
- if (setgid(0) != 0) {
- die ("setgid(0) failed %s\n",
- strerror(errno));
---
-2.1.0
-
diff --git a/x86-Lock-down-IO-port-access-when-module-security-is.patch b/x86-Lock-down-IO-port-access-when-module-security-is.patch
index 13392c902..cf57f33bd 100644
--- a/x86-Lock-down-IO-port-access-when-module-security-is.patch
+++ b/x86-Lock-down-IO-port-access-when-module-security-is.patch
@@ -44,7 +44,7 @@ index 4ddaf66ea35f..00b440307419 100644
}
regs->flags = (regs->flags & ~X86_EFLAGS_IOPL) | (level << 12);
diff --git a/drivers/char/mem.c b/drivers/char/mem.c
-index 524b707894ef..c268e2581ed6 100644
+index 4c58333b4257..fc9637812d78 100644
--- a/drivers/char/mem.c
+++ b/drivers/char/mem.c
@@ -27,6 +27,7 @@
@@ -55,7 +55,7 @@ index 524b707894ef..c268e2581ed6 100644
#include <asm/uaccess.h>
-@@ -568,6 +569,9 @@ static ssize_t write_port(struct file *file, const char __user *buf,
+@@ -571,6 +572,9 @@ static ssize_t write_port(struct file *file, const char __user *buf,
unsigned long i = *ppos;
const char __user *tmp = buf;
diff --git a/x86-Restrict-MSR-access-when-module-loading-is-restr.patch b/x86-Restrict-MSR-access-when-module-loading-is-restr.patch
index 12eedc931..39ea0604b 100644
--- a/x86-Restrict-MSR-access-when-module-loading-is-restr.patch
+++ b/x86-Restrict-MSR-access-when-module-loading-is-restr.patch
@@ -13,10 +13,10 @@ Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
1 file changed, 7 insertions(+)
diff --git a/arch/x86/kernel/msr.c b/arch/x86/kernel/msr.c
-index c9603ac80de5..8bef43fc3f40 100644
+index 113e70784854..26c2f83fc470 100644
--- a/arch/x86/kernel/msr.c
+++ b/arch/x86/kernel/msr.c
-@@ -103,6 +103,9 @@ static ssize_t msr_write(struct file *file, const char __user *buf,
+@@ -105,6 +105,9 @@ static ssize_t msr_write(struct file *file, const char __user *buf,
int err = 0;
ssize_t bytes = 0;
@@ -26,7 +26,7 @@ index c9603ac80de5..8bef43fc3f40 100644
if (count % 8)
return -EINVAL; /* Invalid chunk size */
-@@ -150,6 +153,10 @@ static long msr_ioctl(struct file *file, unsigned int ioc, unsigned long arg)
+@@ -152,6 +155,10 @@ static long msr_ioctl(struct file *file, unsigned int ioc, unsigned long arg)
err = -EBADF;
break;
}
diff --git a/x86-kvm-Clear-paravirt_enabled-on-KVM-guests-for-esp.patch b/x86-kvm-Clear-paravirt_enabled-on-KVM-guests-for-esp.patch
deleted file mode 100644
index 4fbbfb585..000000000
--- a/x86-kvm-Clear-paravirt_enabled-on-KVM-guests-for-esp.patch
+++ /dev/null
@@ -1,72 +0,0 @@
-From: Andy Lutomirski <luto@amacapital.net>
-Date: Fri, 5 Dec 2014 19:03:28 -0800
-Subject: [PATCH] x86, kvm: Clear paravirt_enabled on KVM guests for espfix32's
- benefit
-
-paravirt_enabled has the following effects:
-
- - Disables the F00F bug workaround warning. There is no F00F bug
- workaround any more because Linux's standard IDT handling already
- works around the F00F bug, but the warning still exists. This
- is only cosmetic, and, in any event, there is no such thing as
- KVM on a CPU with the F00F bug.
-
- - Disables 32-bit APM BIOS detection. On a KVM paravirt system,
- there should be no APM BIOS anyway.
-
- - Disables tboot. I think that the tboot code should check the
- CPUID hypervisor bit directly if it matters.
-
- - paravirt_enabled disables espfix32. espfix32 should *not* be
- disabled under KVM paravirt.
-
-The last point is the purpose of this patch. It fixes a leak of the
-high 16 bits of the kernel stack address on 32-bit KVM paravirt
-guests.
-
-While I'm at it, this removes pv_info setup from kvmclock. That
-code seems to serve no purpose.
-
-Cc: stable@vger.kernel.org
-Signed-off-by: Andy Lutomirski <luto@amacapital.net>
----
- arch/x86/kernel/kvm.c | 9 ++++++++-
- arch/x86/kernel/kvmclock.c | 2 --
- 2 files changed, 8 insertions(+), 3 deletions(-)
-
-diff --git a/arch/x86/kernel/kvm.c b/arch/x86/kernel/kvm.c
-index f6945bef2cd1..94f643484300 100644
---- a/arch/x86/kernel/kvm.c
-+++ b/arch/x86/kernel/kvm.c
-@@ -283,7 +283,14 @@ NOKPROBE_SYMBOL(do_async_page_fault);
- static void __init paravirt_ops_setup(void)
- {
- pv_info.name = "KVM";
-- pv_info.paravirt_enabled = 1;
-+
-+ /*
-+ * KVM isn't paravirt in the sense of paravirt_enabled. A KVM
-+ * guest kernel works like a bare metal kernel with additional
-+ * features, and paravirt_enabled is about features that are
-+ * missing.
-+ */
-+ pv_info.paravirt_enabled = 0;
-
- if (kvm_para_has_feature(KVM_FEATURE_NOP_IO_DELAY))
- pv_cpu_ops.io_delay = kvm_io_delay;
-diff --git a/arch/x86/kernel/kvmclock.c b/arch/x86/kernel/kvmclock.c
-index d9156ceecdff..d4d9a8ad7893 100644
---- a/arch/x86/kernel/kvmclock.c
-+++ b/arch/x86/kernel/kvmclock.c
-@@ -263,8 +263,6 @@ void __init kvmclock_init(void)
- #endif
- kvm_get_preset_lpj();
- clocksource_register_hz(&kvm_clock, NSEC_PER_SEC);
-- pv_info.paravirt_enabled = 1;
-- pv_info.name = "KVM";
-
- if (kvm_para_has_feature(KVM_FEATURE_CLOCKSOURCE_STABLE_BIT))
- pvclock_set_flags(PVCLOCK_TSC_STABLE_BIT);
---
-2.1.0
-
diff --git a/x86-tls-Validate-TLS-entries-to-protect-espfix.patch b/x86-tls-Validate-TLS-entries-to-protect-espfix.patch
deleted file mode 100644
index 52c049767..000000000
--- a/x86-tls-Validate-TLS-entries-to-protect-espfix.patch
+++ /dev/null
@@ -1,77 +0,0 @@
-From: Andy Lutomirski <luto@amacapital.net>
-Date: Thu, 4 Dec 2014 16:48:16 -0800
-Subject: [PATCH] x86/tls: Validate TLS entries to protect espfix
-
-Installing a 16-bit RW data segment into the GDT defeats espfix.
-AFAICT this will not affect glibc, Wine, or dosemu at all.
-
-Signed-off-by: Andy Lutomirski <luto@amacapital.net>
-Acked-by: H. Peter Anvin <hpa@zytor.com>
-Cc: stable@vger.kernel.org
-Cc: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
-Cc: Linus Torvalds <torvalds@linux-foundation.org>
-Cc: security@kernel.org <security@kernel.org>
-Cc: Willy Tarreau <w@1wt.eu>
-Signed-off-by: Ingo Molnar <mingo@kernel.org>
----
- arch/x86/kernel/tls.c | 23 +++++++++++++++++++++++
- 1 file changed, 23 insertions(+)
-
-diff --git a/arch/x86/kernel/tls.c b/arch/x86/kernel/tls.c
-index f7fec09e3e3a..e7650bd71109 100644
---- a/arch/x86/kernel/tls.c
-+++ b/arch/x86/kernel/tls.c
-@@ -27,6 +27,21 @@ static int get_free_idx(void)
- return -ESRCH;
- }
-
-+static bool tls_desc_okay(const struct user_desc *info)
-+{
-+ if (LDT_empty(info))
-+ return true;
-+
-+ /*
-+ * espfix is required for 16-bit data segments, but espfix
-+ * only works for LDT segments.
-+ */
-+ if (!info->seg_32bit)
-+ return false;
-+
-+ return true;
-+}
-+
- static void set_tls_desc(struct task_struct *p, int idx,
- const struct user_desc *info, int n)
- {
-@@ -66,6 +81,9 @@ int do_set_thread_area(struct task_struct *p, int idx,
- if (copy_from_user(&info, u_info, sizeof(info)))
- return -EFAULT;
-
-+ if (!tls_desc_okay(&info))
-+ return -EINVAL;
-+
- if (idx == -1)
- idx = info.entry_number;
-
-@@ -192,6 +210,7 @@ int regset_tls_set(struct task_struct *target, const struct user_regset *regset,
- {
- struct user_desc infobuf[GDT_ENTRY_TLS_ENTRIES];
- const struct user_desc *info;
-+ int i;
-
- if (pos >= GDT_ENTRY_TLS_ENTRIES * sizeof(struct user_desc) ||
- (pos % sizeof(struct user_desc)) != 0 ||
-@@ -205,6 +224,10 @@ int regset_tls_set(struct task_struct *target, const struct user_regset *regset,
- else
- info = infobuf;
-
-+ for (i = 0; i < count / sizeof(struct user_desc); i++)
-+ if (!tls_desc_okay(info + i))
-+ return -EINVAL;
-+
- set_tls_desc(target,
- GDT_ENTRY_TLS_MIN + (pos / sizeof(struct user_desc)),
- info, count / sizeof(struct user_desc));
---
-2.1.0
-