summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Add-option-to-automatically-enforce-module-signature.patch8
-rw-r--r--Add-sysrq-option-to-disable-secure-boot-mode.patch4
-rw-r--r--KEYS-Add-a-system-blacklist-keyring.patch4
-rw-r--r--MODSIGN-Import-certificates-from-UEFI-Secure-Boot.patch4
-rw-r--r--config-armv7-generic1
-rw-r--r--config-generic4
-rw-r--r--config-x86-generic2
-rw-r--r--criu-no-expert.patch6
-rw-r--r--drm-i915-hush-check-crtc-state.patch4
-rw-r--r--drm-vmwgfx-Fix-drm.h-include.patch34
-rw-r--r--efi-Add-EFI_SECURE_BOOT-bit.patch4
-rw-r--r--efi-Make-EFI_SECURE_BOOT_SIG_ENFORCE-depend-on-EFI.patch4
-rw-r--r--fs-Add-a-missing-permission-check-to-do_umount.patch31
-rw-r--r--kbuild-AFTER_LINK.patch2
-rw-r--r--kernel.spec17
-rw-r--r--kexec-Disable-at-runtime-if-the-kernel-enforces-modu.patch2
-rw-r--r--mnt-Prevent-pivot_root-from-creating-a-loop-in-the-m.patch4
-rw-r--r--sources2
-rw-r--r--watchdog-Disable-watchdog-on-virtual-machines.patch6
19 files changed, 37 insertions, 106 deletions
diff --git a/Add-option-to-automatically-enforce-module-signature.patch b/Add-option-to-automatically-enforce-module-signature.patch
index 9bf38ea02..9d3f95e4d 100644
--- a/Add-option-to-automatically-enforce-module-signature.patch
+++ b/Add-option-to-automatically-enforce-module-signature.patch
@@ -33,10 +33,10 @@ index 199f453cb4de..ec38acf00b40 100644
290/040 ALL edd_mbr_sig_buffer EDD MBR signatures
2D0/A00 ALL e820_map E820 memory map table
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
-index 3eb8a41509b3..e46dc01f5904 100644
+index f2327e88e07c..4ba047a782fd 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
-@@ -1577,6 +1577,16 @@ config EFI_MIXED
+@@ -1607,6 +1607,16 @@ config EFI_MIXED
If unsure, say N.
@@ -129,10 +129,10 @@ index 225b0988043a..90dbfb73e11f 100644
* The sentinel is set to a nonzero value (0xff) in header.S.
*
diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
-index 41ead8d3bc0b..5a5cf7395724 100644
+index 235cfd39e0d7..13c0835f907a 100644
--- a/arch/x86/kernel/setup.c
+++ b/arch/x86/kernel/setup.c
-@@ -1142,6 +1142,12 @@ void __init setup_arch(char **cmdline_p)
+@@ -1151,6 +1151,12 @@ void __init setup_arch(char **cmdline_p)
io_delay_init();
diff --git a/Add-sysrq-option-to-disable-secure-boot-mode.patch b/Add-sysrq-option-to-disable-secure-boot-mode.patch
index fc59af3c1..ca9c990e4 100644
--- a/Add-sysrq-option-to-disable-secure-boot-mode.patch
+++ b/Add-sysrq-option-to-disable-secure-boot-mode.patch
@@ -15,7 +15,7 @@ Upstream-status: Fedora mustard
7 files changed, 65 insertions(+), 10 deletions(-)
diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
-index fb282ff6a802..d291d16ba257 100644
+index fbae2bf99a47..f3960a8c2627 100644
--- a/arch/x86/kernel/setup.c
+++ b/arch/x86/kernel/setup.c
@@ -70,6 +70,11 @@
@@ -30,7 +30,7 @@ index fb282ff6a802..d291d16ba257 100644
#include <video/edid.h>
#include <asm/mtrr.h>
-@@ -1268,6 +1273,37 @@ void __init i386_reserve_resources(void)
+@@ -1277,6 +1282,37 @@ void __init i386_reserve_resources(void)
#endif /* CONFIG_X86_32 */
diff --git a/KEYS-Add-a-system-blacklist-keyring.patch b/KEYS-Add-a-system-blacklist-keyring.patch
index 6e1f3015c..0f02211a4 100644
--- a/KEYS-Add-a-system-blacklist-keyring.patch
+++ b/KEYS-Add-a-system-blacklist-keyring.patch
@@ -29,10 +29,10 @@ index 72665eb80692..2c7b80d31366 100644
+
#endif /* _KEYS_SYSTEM_KEYRING_H */
diff --git a/init/Kconfig b/init/Kconfig
-index 1c505e090422..4fb572ae7423 100644
+index 3ee28ae02cc8..0bba9555e5ef 100644
--- a/init/Kconfig
+++ b/init/Kconfig
-@@ -1732,6 +1732,15 @@ config SYSTEM_TRUSTED_KEYRING
+@@ -1733,6 +1733,15 @@ config SYSTEM_TRUSTED_KEYRING
Keys in this keyring are used by module signature checking.
diff --git a/MODSIGN-Import-certificates-from-UEFI-Secure-Boot.patch b/MODSIGN-Import-certificates-from-UEFI-Secure-Boot.patch
index 26cf0d3e7..47ce05447 100644
--- a/MODSIGN-Import-certificates-from-UEFI-Secure-Boot.patch
+++ b/MODSIGN-Import-certificates-from-UEFI-Secure-Boot.patch
@@ -42,10 +42,10 @@ index 41359e548bcb..db9e6118575e 100644
efi_guid_t guid;
u64 table;
diff --git a/init/Kconfig b/init/Kconfig
-index 4fb572ae7423..b0138f178c7c 100644
+index 0bba9555e5ef..0e1e8a14175a 100644
--- a/init/Kconfig
+++ b/init/Kconfig
-@@ -1886,6 +1886,15 @@ config MODULE_SIG_ALL
+@@ -1887,6 +1887,15 @@ config MODULE_SIG_ALL
comment "Do not forget to sign required modules with scripts/sign-file"
depends on MODULE_SIG_FORCE && !MODULE_SIG_ALL
diff --git a/config-armv7-generic b/config-armv7-generic
index dc996e098..55c2bc8bf 100644
--- a/config-armv7-generic
+++ b/config-armv7-generic
@@ -297,6 +297,7 @@ CONFIG_CHARGER_MAX8997=m
CONFIG_LEDS_MAX8997=m
CONFIG_RTC_DRV_MAX8997=m
CONFIG_RTC_DRV_MAX77686=m
+CONFIG_RTC_DRV_MAX77802=m
CONFIG_EXTCON_MAX8997=m
# Tegra
diff --git a/config-generic b/config-generic
index 5ca47dfc0..16791f173 100644
--- a/config-generic
+++ b/config-generic
@@ -5199,7 +5199,7 @@ CONFIG_PSTORE_RAM=m
# CONFIG_PSTORE_CONSOLE is not set
# CONFIG_PSTORE_FTRACE is not set
-# CONFIG_TEST_MODULE is not set
+# CONFIG_TEST_LKM is not set
# CONFIG_TEST_USER_COPY is not set
# CONFIG_TEST_BPF is not set
# CONFIG_TEST_UDELAY is not set
@@ -5245,6 +5245,8 @@ CONFIG_FMC_CHARDEV=m
# CONFIG_ARM_ARCH_TIMER_EVTSTREAM is not set
+# CONFIG_HMC_DRV is not set
+
# CONFIG_PM_DEVFREQ is not set
# CONFIG_DEVFREQ_GOV_SIMPLE_ONDEMAND is not set
# CONFIG_DEVFREQ_GOV_PERFORMANCE is not set
diff --git a/config-x86-generic b/config-x86-generic
index 2815f88fa..719f3e4b3 100644
--- a/config-x86-generic
+++ b/config-x86-generic
@@ -483,6 +483,8 @@ CONFIG_NFC_MICROREAD_MEI=m
# CONFIG_X86_GOLDFISH is not set
CONFIG_X86_INTEL_LPSS=y
+CONFIG_IOSF_MBI=m
+# CONFIG_IOSF_MBI_DEBUG is not set
CONFIG_PWM_LPSS=m
CONFIG_PINCTRL=y
CONFIG_PINCTRL_BAYTRAIL=y
diff --git a/criu-no-expert.patch b/criu-no-expert.patch
index a32c53dcd..3eadcc74a 100644
--- a/criu-no-expert.patch
+++ b/criu-no-expert.patch
@@ -9,10 +9,10 @@ Upstream-status: Fedora mustard
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/init/Kconfig b/init/Kconfig
-index b0138f178c7c..faf5ff3b26ae 100644
+index 0e1e8a14175a..71cd7226a78f 100644
--- a/init/Kconfig
+++ b/init/Kconfig
-@@ -1148,7 +1148,7 @@ config DEBUG_BLK_CGROUP
+@@ -1149,7 +1149,7 @@ config DEBUG_BLK_CGROUP
endif # CGROUPS
config CHECKPOINT_RESTORE
@@ -21,7 +21,7 @@ index b0138f178c7c..faf5ff3b26ae 100644
default n
help
Enables additional kernel features in a sake of checkpoint/restore.
-@@ -1159,7 +1159,7 @@ config CHECKPOINT_RESTORE
+@@ -1160,7 +1160,7 @@ config CHECKPOINT_RESTORE
If unsure, say N here.
menuconfig NAMESPACES
diff --git a/drm-i915-hush-check-crtc-state.patch b/drm-i915-hush-check-crtc-state.patch
index b4bea5f76..ddcf314db 100644
--- a/drm-i915-hush-check-crtc-state.patch
+++ b/drm-i915-hush-check-crtc-state.patch
@@ -14,10 +14,10 @@ Upstream-status: http://lists.freedesktop.org/archives/intel-gfx/2013-November/0
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/gpu/drm/i915/intel_display.c b/drivers/gpu/drm/i915/intel_display.c
-index d8324c69fa86..ee0ca36930f8 100644
+index 507370513f3d..fa5bc89a4c93 100644
--- a/drivers/gpu/drm/i915/intel_display.c
+++ b/drivers/gpu/drm/i915/intel_display.c
-@@ -10656,7 +10656,7 @@ check_crtc_state(struct drm_device *dev)
+@@ -10966,7 +10966,7 @@ check_crtc_state(struct drm_device *dev)
if (active &&
!intel_pipe_config_compare(dev, &crtc->config, &pipe_config)) {
diff --git a/drm-vmwgfx-Fix-drm.h-include.patch b/drm-vmwgfx-Fix-drm.h-include.patch
deleted file mode 100644
index 9e6929b9d..000000000
--- a/drm-vmwgfx-Fix-drm.h-include.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From: Josh Boyer <jwboyer@fedoraproject.org>
-Date: Fri, 5 Sep 2014 13:19:59 -0400
-Subject: [PATCH] drm/vmwgfx: Fix drm.h include
-
-The userspace drm.h include doesn't prefix the drm directory. This can lead
-to compile failures as /usr/include/drm/ isn't in the standard gcc include
-paths. Fix it to be <drm/drm.h>, which matches the rest of the driver drm
-header files that get installed into /usr/include/drm.
-
-Red Hat Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1138759
-
-Fixes: 1d7a5cbf8f74e
-Reported-by: Jeffrey Bastian <jbastian@redhat.com>
-Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org>
----
- include/uapi/drm/vmwgfx_drm.h | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/include/uapi/drm/vmwgfx_drm.h b/include/uapi/drm/vmwgfx_drm.h
-index 4fc66f6b12ce..c472bedbe38e 100644
---- a/include/uapi/drm/vmwgfx_drm.h
-+++ b/include/uapi/drm/vmwgfx_drm.h
-@@ -29,7 +29,7 @@
- #define __VMWGFX_DRM_H__
-
- #ifndef __KERNEL__
--#include <drm.h>
-+#include <drm/drm.h>
- #endif
-
- #define DRM_VMW_MAX_SURFACE_FACES 6
---
-1.9.3
-
diff --git a/efi-Add-EFI_SECURE_BOOT-bit.patch b/efi-Add-EFI_SECURE_BOOT-bit.patch
index 8f49e006a..4148da049 100644
--- a/efi-Add-EFI_SECURE_BOOT-bit.patch
+++ b/efi-Add-EFI_SECURE_BOOT-bit.patch
@@ -12,10 +12,10 @@ Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org>
2 files changed, 3 insertions(+)
diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
-index 5a5cf7395724..fb282ff6a802 100644
+index 13c0835f907a..fbae2bf99a47 100644
--- a/arch/x86/kernel/setup.c
+++ b/arch/x86/kernel/setup.c
-@@ -1144,7 +1144,9 @@ void __init setup_arch(char **cmdline_p)
+@@ -1153,7 +1153,9 @@ void __init setup_arch(char **cmdline_p)
#ifdef CONFIG_EFI_SECURE_BOOT_SIG_ENFORCE
if (boot_params.secure_boot) {
diff --git a/efi-Make-EFI_SECURE_BOOT_SIG_ENFORCE-depend-on-EFI.patch b/efi-Make-EFI_SECURE_BOOT_SIG_ENFORCE-depend-on-EFI.patch
index 0f1082cbe..3e5166a82 100644
--- a/efi-Make-EFI_SECURE_BOOT_SIG_ENFORCE-depend-on-EFI.patch
+++ b/efi-Make-EFI_SECURE_BOOT_SIG_ENFORCE-depend-on-EFI.patch
@@ -11,10 +11,10 @@ Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org>
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
-index e46dc01f5904..738c295ac3c3 100644
+index 4ba047a782fd..749f58ba7e36 100644
--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
-@@ -1578,7 +1578,8 @@ config EFI_MIXED
+@@ -1608,7 +1608,8 @@ config EFI_MIXED
If unsure, say N.
config EFI_SECURE_BOOT_SIG_ENFORCE
diff --git a/fs-Add-a-missing-permission-check-to-do_umount.patch b/fs-Add-a-missing-permission-check-to-do_umount.patch
deleted file mode 100644
index ce9de6641..000000000
--- a/fs-Add-a-missing-permission-check-to-do_umount.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From: Andy Lutomirski <luto@amacapital.net>
-Date: Wed, 8 Oct 2014 12:37:46 -0700
-Subject: [PATCH] fs: Add a missing permission check to do_umount
-
-Accessing do_remount_sb should require global CAP_SYS_ADMIN, but
-only one of the two call sites was appropriately protected.
-
-Fixes CVE-2014-7975.
-
-Cc: stable@vger.kernel.org
-Signed-off-by: Andy Lutomirski <luto@amacapital.net>
----
- fs/namespace.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/fs/namespace.c b/fs/namespace.c
-index c8e3034ff4b2..fbba8b17330d 100644
---- a/fs/namespace.c
-+++ b/fs/namespace.c
-@@ -1439,6 +1439,8 @@ static int do_umount(struct mount *mnt, int flags)
- * Special case for "unmounting" root ...
- * we just try to remount it readonly.
- */
-+ if (!capable(CAP_SYS_ADMIN))
-+ return -EPERM;
- down_write(&sb->s_umount);
- if (!(sb->s_flags & MS_RDONLY))
- retval = do_remount_sb(sb, MS_RDONLY, NULL, 0);
---
-1.9.3
-
diff --git a/kbuild-AFTER_LINK.patch b/kbuild-AFTER_LINK.patch
index 603e0e053..f686a6365 100644
--- a/kbuild-AFTER_LINK.patch
+++ b/kbuild-AFTER_LINK.patch
@@ -106,7 +106,7 @@ index 5a4affe025e8..8ff38ce94c8e 100644
VDSO_LDFLAGS = -fPIC -shared $(call cc-ldoption, -Wl$(comma)--hash-style=sysv) \
$(call cc-ldoption, -Wl$(comma)--build-id) -Wl,-Bsymbolic $(LTO_CFLAGS)
diff --git a/scripts/link-vmlinux.sh b/scripts/link-vmlinux.sh
-index 86a4fe75f453..161637ed5611 100644
+index 86a4fe75f453..161637ed5611 100755
--- a/scripts/link-vmlinux.sh
+++ b/scripts/link-vmlinux.sh
@@ -65,6 +65,10 @@ vmlinux_link()
diff --git a/kernel.spec b/kernel.spec
index 669721193..5e8bda5a2 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -69,7 +69,7 @@ Summary: The Linux kernel
# The rc snapshot level
%define rcrev 0
# The git snapshot level
-%define gitrev 7
+%define gitrev 8
# Set rpm version accordingly
%define rpmversion 3.%{upstream_sublevel}.0
%endif
@@ -599,17 +599,11 @@ Patch22000: weird-root-dentry-name-debug.patch
# Patch series from Hans for various backlight and platform driver fixes
Patch26002: samsung-laptop-Add-broken-acpi-video-quirk-for-NC210.patch
-#rhbz 1138759
-Patch26021: drm-vmwgfx-Fix-drm.h-include.patch
-
Patch26032: Revert-pinctrl-qcom-use-restart_notifier-mechanism-f.patch
#CVE-2014-7970 rhbz 1151095 1151484
Patch26033: mnt-Prevent-pivot_root-from-creating-a-loop-in-the-m.patch
-#CVE-2014-7975 rhbz 1151108 1152025
-Patch26034: fs-Add-a-missing-permission-check-to-do_umount.patch
-
Patch26035: nf_reject_ipv4-module-license-unspecified-taints-ker.patch
# git clone ssh://git.fedorahosted.org/git/kernel-arm64.git, git diff master...devel
@@ -1323,17 +1317,11 @@ ApplyPatch ath9k-rx-dma-stop-check.patch
# Patch series from Hans for various backlight and platform driver fixes
ApplyPatch samsung-laptop-Add-broken-acpi-video-quirk-for-NC210.patch
-#rhbz 1138759
-ApplyPatch drm-vmwgfx-Fix-drm.h-include.patch
-
ApplyPatch Revert-pinctrl-qcom-use-restart_notifier-mechanism-f.patch
#CVE-2014-7970 rhbz 1151095 1151484
ApplyPatch mnt-Prevent-pivot_root-from-creating-a-loop-in-the-m.patch
-#CVE-2014-7975 rhbz 1151108 1152025
-ApplyPatch fs-Add-a-missing-permission-check-to-do_umount.patch
-
ApplyPatch nf_reject_ipv4-module-license-unspecified-taints-ker.patch
%if 0%{?aarch64patches}
@@ -2204,6 +2192,9 @@ fi
# ||----w |
# || ||
%changelog
+* Tue Oct 14 2014 Josh Boyer <jwboyer@fedoraproject.org> - 3.18.0-0.rc0.git8.1
+- Linux v3.17-9283-g2d65a9f48fcd
+
* Tue Oct 14 2014 Josh Boyer <jwboyer@fedoraproject.org> - 3.18.0-0.rc0.git7.1
- Linux v3.17-8307-gf1d0d14120a8
diff --git a/kexec-Disable-at-runtime-if-the-kernel-enforces-modu.patch b/kexec-Disable-at-runtime-if-the-kernel-enforces-modu.patch
index b33213738..f6f72ada5 100644
--- a/kexec-Disable-at-runtime-if-the-kernel-enforces-modu.patch
+++ b/kexec-Disable-at-runtime-if-the-kernel-enforces-modu.patch
@@ -13,7 +13,7 @@ Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
1 file changed, 8 insertions(+)
diff --git a/kernel/kexec.c b/kernel/kexec.c
-index 2bee072268d9..891477dbfee0 100644
+index 2abf9f6e9a61..417bd0599024 100644
--- a/kernel/kexec.c
+++ b/kernel/kexec.c
@@ -36,6 +36,7 @@
diff --git a/mnt-Prevent-pivot_root-from-creating-a-loop-in-the-m.patch b/mnt-Prevent-pivot_root-from-creating-a-loop-in-the-m.patch
index b89527ff7..be3660125 100644
--- a/mnt-Prevent-pivot_root-from-creating-a-loop-in-the-m.patch
+++ b/mnt-Prevent-pivot_root-from-creating-a-loop-in-the-m.patch
@@ -26,10 +26,10 @@ Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
1 file changed, 3 insertions(+)
diff --git a/fs/namespace.c b/fs/namespace.c
-index 348562f14e93..c8e3034ff4b2 100644
+index 2651328d1790..fbba8b17330d 100644
--- a/fs/namespace.c
+++ b/fs/namespace.c
-@@ -2913,6 +2913,9 @@ SYSCALL_DEFINE2(pivot_root, const char __user *, new_root,
+@@ -2915,6 +2915,9 @@ SYSCALL_DEFINE2(pivot_root, const char __user *, new_root,
/* make sure we can reach put_old from new_root */
if (!is_path_reachable(old_mnt, old.dentry, &new))
goto out4;
diff --git a/sources b/sources
index f288149b1..042fae112 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
fb30d0f29214d75cddd2faa94f73d5cf linux-3.17.tar.xz
159e969cbc27201d8e2fa0f609dc722f perf-man-3.17.tar.gz
-992c678dad773514a9c3ae553fe50d1c patch-3.17-git7.xz
+6377140a0dc23037b33bc1e6bc625cbb patch-3.17-git8.xz
diff --git a/watchdog-Disable-watchdog-on-virtual-machines.patch b/watchdog-Disable-watchdog-on-virtual-machines.patch
index b37f14144..b386ee1b9 100644
--- a/watchdog-Disable-watchdog-on-virtual-machines.patch
+++ b/watchdog-Disable-watchdog-on-virtual-machines.patch
@@ -20,7 +20,7 @@ Signed-off-by: Dave Jones <davej@redhat.com>
1 file changed, 29 insertions(+)
diff --git a/kernel/watchdog.c b/kernel/watchdog.c
-index ff7fd80bef99..88aebd38b92f 100644
+index 49e9537f3673..a800af056510 100644
--- a/kernel/watchdog.c
+++ b/kernel/watchdog.c
@@ -19,6 +19,7 @@
@@ -31,7 +31,7 @@ index ff7fd80bef99..88aebd38b92f 100644
#include <asm/irq_regs.h>
#include <linux/kvm_para.h>
-@@ -108,6 +109,32 @@ static int __init softlockup_all_cpu_backtrace_setup(char *str)
+@@ -135,6 +136,32 @@ static int __init softlockup_all_cpu_backtrace_setup(char *str)
__setup("softlockup_all_cpu_backtrace=", softlockup_all_cpu_backtrace_setup);
#endif
@@ -64,7 +64,7 @@ index ff7fd80bef99..88aebd38b92f 100644
/*
* Hard-lockup warnings should be triggered after just a few seconds. Soft-
* lockups can have false positives under extreme conditions. So we generally
-@@ -658,6 +685,8 @@ out:
+@@ -704,6 +731,8 @@ out:
void __init lockup_detector_init(void)
{