summaryrefslogtreecommitdiffstats
path: root/debian/patches
Commit message (Collapse)AuthorAgeFilesLines
* restarting on master=5.19 with rhe patches v7Kazuki Yamaguchi2022-08-022-0/+82
|
* Update to 5.19-rc8Salvatore Bonaccorso2022-07-312-57/+0
| | | | Drop patches applied upstream
* d/patches: Fix conflicts in patch merged from sidBen Hutchings2022-07-251-3/+3
|
* Merge tag 'debian/5.18.14-1'Ben Hutchings2022-07-242-0/+57
|\ | | | | | | Release linux (5.18.14-1).
| * [x86] speculation: Make all RETbleed mitigations depend on X86_64Ben Hutchings2022-07-232-0/+57
| | | | | | | | | | The mitigations for RETBleed are currently ineffective on i386, but without this they would wrongly be reported as active.
* | Merge branch 'add-rtla' to 'master'Ben Hutchings2022-07-193-0/+52
|\ \ | | | | | | | | | | | | | | | [x86,arm64,armhf] Add rtla package for Real-Time Linux Analysis tools See merge request kernel-team/linux!512
| * | [x86,arm64,armhf] Add rtla package for Real-Time Linux Analysis toolsBen Hutchings2022-07-163-0/+52
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Patch the upstream Makefile to allow appending to CFLAGS and LDFLAGS - Patch the upstream Makefile to fix command symlinks - Add control file template - Add the necessary glue in rules.real and rules.d - Add manual page symlinks mirroring the command symlinks I'm only adding this for architectures that we build an RT kernel for.
* | | Update to 5.19-rc7Ben Hutchings2022-07-1957-7633/+0
|/ / | | | | | | Drop all the RETbleed patches which are included in it.
* | Merge branch 'sid' into 'master'Ben Hutchings2022-07-169-6/+589
|\| | | | | | | | | - Drop RT patch changes - Keep ABI as trunk
| * [amd64,arm64,armhf] wireguard: Clear keys after suspend despite CONFIG_ANDROID=yBen Hutchings2022-07-072-0/+30
| | | | | | | | | | | | | | | | | | | | WireGuard assumes that CONFIG_ANDROID implies Android power management, i.e. user-space suspending the system automatically at short intervals, and so does not clear keys after a suspend/resume cycle. Debian systems don't do that kind of power management but we do set CONFIG_ANDROID on some architectures as a dependency of Binder. Remove this test that does the wrong thing for us.
| * tools/perf: Fix "unused parameter" warningBen Hutchings2022-07-051-6/+7
| | | | | | | | | | | | "tools/perf: pmu-events: Fix reproducibility" adds a callback function which does not use all its parameters. Since perf wrongly defaults to using -Werror, this breaks custom builds.
| * tools/bpf, tools/perf: Update for init_disassemble_info() API changeBen Hutchings2022-07-057-0/+552
| | | | | | | | | | | | | | | | | | In binutils 2.38.50, the init_disassemble_info() function in libopcodes takes an extra parameter. This only affects custom builds, not package builds, because we do not allow bpftool or perf to be linked with libbfd (and implicitly, not with libopcodes either).
| * Update to 5.18.8Ben Hutchings2022-07-032-200/+0
| | | | | | | | - Drop one patch that's included in it
* | [i386] x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit (fixes FTBFS)Ben Hutchings2022-07-142-0/+37
| |
* | [x86] Add mitigations for RETbleed on AMD/Hygon and Intel processors:Ben Hutchings2022-07-1256-0/+7596
| | | | | | | | CVE-2022-29901, CVE-2022-29901
* | Update to 5.19-rc5Salvatore Bonaccorso2022-07-092-149/+0
| | | | | | | | | | Drop "virtio: disable notification hardening by default" applied upstream.
* | virtio: disable notification hardening by defaultBen Hutchings2022-06-292-0/+149
| | | | | | | | This fixes a regression in 5.19-rc1.
* | Update to 5.19-rc3Ben Hutchings2022-06-2915-330/+109
|/ | | | Refresh our patches.
* io_uring: reinstate the inflight tracking (CVE-2022-1976)Salvatore Bonaccorso2022-06-271-0/+1
|
* io_uring: reinstate the inflight tracking (CVE-2022-1976)Salvatore Bonaccorso2022-06-161-0/+199
|
* Drop "sign-file: Convert API usage to support OpenSSL v3"Salvatore Bonaccorso2022-06-162-103/+0
| | | | Apply solution only once it is accepted upstream.
* Update to 5.18.4Salvatore Bonaccorso2022-06-162-94/+0
| | | | | | | | | | | | | | Add bug closer for Debian bug #1012655 Add CVE id reference for CVE-2022-32981 Drop patches applied upstream [rt] Refresh patches for context changes Cleanup debian/changelog file Add Debian bug closer for #1012054
* Update to 5.18.2Salvatore Bonaccorso2022-06-062-116/+0
| | | | | | | | | | | | | | Add CVE id reference for CVE-2022-1852 Add CVE id reference for CVE-2022-1966 Add CVE id reference for CVE-2022-1972 Add reference to ZDI-CAN-17291 Drop patch applied upstream Cleanup debian/changelog file
* block, loop: support partitions without scanningSalvatore Bonaccorso2022-06-052-0/+94
| | | | Closes: #1012298
* [x86] fpu: KVM: Set the base guest FPU uABI size to sizeof(struct kvm_xsave)Salvatore Bonaccorso2022-06-052-0/+116
| | | | Closes: #1011168
* intel-iommu: Correct matching of the "intgpu_off" option valueBen Hutchings2022-06-021-2/+2
| | | | | | | | | | At some point in development I changed the name of this option from "igpu_off" to "intgpu_off", but didn't update the length used for matching it. The patch description also had the earlier name. Thanks: Markus Kolb
* Merge tag 'debian/5.17.11-1'Salvatore Bonaccorso2022-05-272-0/+103
|\ | | | | | | | | | | Release linux (5.17.11-1). Drop patches applied upstream
| * Revert "ixgbe: add improvement for MDD response functionality (CVE-2021-33061)"Salvatore Bonaccorso2022-05-262-163/+0
| | | | | | | | | | | | This reverts commit 1be71e246c5564a650cf22f1d0721981b6abc7d2. We have actually depending changes so we cannot pick this up for 5.17.y.
| * ixgbe: add improvement for MDD response functionality (CVE-2021-33061)Salvatore Bonaccorso2022-05-262-0/+163
| |
| * [x86] KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID ↵Salvatore Bonaccorso2022-05-262-0/+54
| | | | | | | | (CVE-2022-1789)
| * sign-file: Convert API usage to support OpenSSL v3Salvatore Bonaccorso2022-05-192-0/+103
| |
* | Drop "bpftool: Fix version string in recursive builds" as redundantBen Hutchings2022-05-132-31/+0
| |
* | Refresh various patches that are just a little fuzzyBen Hutchings2022-05-134-30/+26
| |
* | In "x86: Make x32 syscall support conditional on a kernel parameter", update ↵Ben Hutchings2022-05-131-28/+16
| | | | | | | | dependency from X86_X32 to X86_X32_ABI
* | In "firmware: Remove redundant log messages from drivers", adjust some filenamesBen Hutchings2022-05-131-628/+334
| |
* | Rewrite "module: Avoid ABI changes when debug info is disabled" for 5.18Ben Hutchings2022-05-131-74/+5
| | | | | | | | | | | | | | | | The function definitions that used to depend on CONFIG_DEBUG_INFO_BTF_MODULES are now unconditional, so we only need to deal with the struct module members. And there seems little point in adding a config symbol for this, so make the member definitions unconditional.
* | Update to 5.18rc6Diederik de Haas2022-05-104-53/+21
|/ | | | | | | | | | | | | When more then a simple rebase is done, a relevant upstream commit ID is mentioned between brackets. The debian/android-enable-building-ashmem-and-binder-as-modules.patch has been partially 'reverted' as upstream removed support for ashmem entirely. The debian/module-avoid-abi-changes-when-debug-info-is-disabled.patch has been substantially changed and was done to 'fix' salsa's CI and I don't know how to handle that.
* tools/perf: add Python bindingsAdriaan Schmidt2022-04-042-0/+27
| | | | | | | This builds the perf Python bindings (perf.cpython-*.so) and adds them to the linux-perf package. Signed-off-by: Adriaan Schmidt <adriaan.schmidt@siemens.com>
* Update to Update to 5.17-rc8Salvatore Bonaccorso2022-03-139-1049/+0
| | | | Drop patches applied upstream
* Merge tag 'debian/5.16.12-1'Salvatore Bonaccorso2022-03-0910-0/+1142
|\ | | | | | | | | | | | | Release linux (5.16.12-1). Replace Spectre v2-type Branch History Buffer patches with upstream versions for mainline.
| * Mitigate Spectre v2-type Branch History Buffer attacks (CVE-2022-0001, ↵Salvatore Bonaccorso2022-03-069-0/+1074
| | | | | | | | | | | | | | | | | | | | | | | | | | CVE-2022-0002) - [x86] speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE - [x86] speculation: Add eIBRS + Retpoline options - Documentation/hw-vuln: Update spectre doc - [x86] speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting - [x86] speculation: Use generic retpoline by default on AMD - [x86] speculation: Update link to AMD speculation whitepaper - [x86] speculation: Warn about Spectre v2 LFENCE mitigation - [x86] speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT
| * Merge branch 'ci-abi-stability' into sidBen Hutchings2022-03-062-0/+93
| |\ | | | | | | | | | | | | | | | module: Avoid ABI changes when debug info is disabled See merge request kernel-team/linux!452
| | * module: Avoid ABI changes when debug info is disabledBen Hutchings2022-03-022-0/+93
| | |
| * | Update to 5.16.12Salvatore Bonaccorso2022-03-055-276/+0
| |/ | | | | | | | | | | Drop patches applied upstream Cleanup debian/changelog file
* | Update to 5.17-rc6Salvatore Bonaccorso2022-03-024-241/+0
| | | | | | | | Drop patches applied upstream
* | Merge tag 'debian/5.16.11-1'Salvatore Bonaccorso2022-02-254-0/+241
|\| | | | | | | | | | | Release linux (5.16.11-1). Drop patches applied upstream
| * netfilter: nf_tables_offload: incorrect flow offload action array size ↵Salvatore Bonaccorso2022-02-252-0/+151
| | | | | | | | (CVE-2022-25636)
| * netfilter: xt_socket: missing ifdef CONFIG_IP6_NF_IPTABLES dependencySalvatore Bonaccorso2022-02-252-0/+34
| |
| * netfilter: xt_socket: fix a typo in socket_mt_destroy()Salvatore Bonaccorso2022-02-252-0/+35
| |
| * cgroup-v1: Correct privileges check in release_agent writesSalvatore Bonaccorso2022-02-252-0/+56
| |
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-09 01:22:55 +0000