Adding the x86_cpu_id::steppings field is an ABI change. It doesn't
seem worth the trouble of another ABI bump just to be able to report
some potential future CPU steppings as invulnerable. Until we have
other change that require an ABI bump, we'll match the affected models
regardless of stepping.
Keep the reverted patch in the queue so that the reverting patch will
continue to be applied when we rebase onto a new stable update.
debian/abi/powerpc-avoid-abi-change-for-disabling-tm.patch let us postpone an
ABI bump. But with the 4.19.81 upstream release, we can no longer avoid it.
Part of the section we move was moved upstream in 4.19.15 by commit
ae206a1a5e3a "kbuild: fix false positive warning/error about missing
libelf". Don't duplicate that section.
Permit overlayfs mounts within user namespaces to allow utilisation of e.g.
unprivileged LXC overlay snapshots.
Except by the Ubuntu community [1], overlayfs mounts in user namespaces are
expected to be a security risk [2] and thus are not enabled on upstream
Linux kernels. For the non-Ubuntu users that have to stick to unprivileged
overlay-based LXCs, this meant to patch and compile the kernel manually.
Instead, adding the kernel tainting 'permit_mounts_in_userns' module
parameter allows a kind of a user-friendly way to enable the feature.
Testable with:
sudo modprobe overlay permit_mounts_in_userns=1
sudo sysctl -w kernel.unprivileged_userns_clone=1
mkdir -p lower upper work mnt
unshare --map-root-user --mount \
mount -t overlay none mnt \
-o lowerdir=lower,upperdir=upper,workdir=work
[1]: Ubuntu allows unprivileged mounting of overlay filesystem
https://lists.ubuntu.com/archives/kernel-team/2014-February/038091.html
[2]: User namespaces + overlayfs = root privileges
https://lwn.net/Articles/671641/
Signed-off-by: Nicolas Schier <nicolas@fjasle.eu>
binder.c and binder_alloc.c both define a debug_mask module parameter,
which was fine when they were two separate built-in "modules". Now
that they're grouped together we need to distinguish these parameters,
so rename the one in binder_alloc.c to alloc_debug_mask.
Add a patch to disable uImage generation to avoid depend on u-boot-tools
Fix typo the EL's flavor names in installer: not same within defines
Malta is never used for r6. (Closes: #898523)
Boston also requires relocation table size >= 0x00121000
- Drop patches included upstream
- Drop "Don't WARN about expected W+X pages on Xen"; the problem appears
to have been fixed by upstream commits 2cc42bac1c ("x86-64/Xen: eliminate
W+X mappings") and 672c0ae09b33 ("x86/mm: Consider effective protection
attributes in W+X check")
- Drop "Kbuild: kconfig: Verbose version of --listnewconfig"; it seems
redundant with upstream commit 17baab68d337 ("kconfig: extend output of
'listnewconfig'")
- Drop lockdown patch to drivers/scsi/eata.c; the driver was removed
upstream
- Refresh various other patches
- Drop patches already in 4.16
- Overwrite changes on master to debian/installer, which were also
applied on sid and then changed
- [x86] Fix up dell_smbios configuration; now it's a single driver
selected by DELL_SMBIOS, with DELL_SMBIOS_{SMM,WMI} being boolean
options
- Clean up configuration with kconfigeditor2
Commit 1df9e416e647 "Kbuild: always define endianess in kconfig.h"
fixed several cases where some types (and inline functions) might not
be correctly defined according to the host byte order. It might be
possible to avoid an ABI bump, but it would require a lot of work.
Also, the problem may affect OOT modules that therefore should be
rebuilt with the fix.
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAlpb7AUACgkQ57/I7JWG
EQmfjhAArIzynB9B8lG9U8OlC7bp+HTjk9BgOKo5VZ6ABlIePxveUgkc44kYK1ET
YGiqpi1BbMPoDiu32QyuCzYwxNjUl6dXCOKnUgsTR0jyKSXoc19idWLb/U5akXxF
Q1LWUaBWB/SbR52inAE8nX2s1tdgFjKDHgebAOdbPApt8eTnI4pSL1YvehDQtqG1
olz3L1PjlRhT2XCdtWIPrLioIxUiOacYGV7sMZHL2jsJS+mmf20BiUMsfusafL2r
Q8LSVGCQRgWutbTZW2YmFtx0FybxYc8wRj/9d7nYMaOv+UeFbx6ffYrkZUqXlK4j
TkVsFULVoEfgnu9GkWnd+kdJP8PwbDkrjk1JsXg55A0LCrfFcorbMQc8GCJ6ICpu
mFqw5NQaxQZszP6W0dYWHWJTLENOVxjYyoMjmLuQIMudzHP4bGTXjJ/PCBebT5fR
6XOPdqcWoOT5f8NloMFqzPQQeFQMY+DycYiz2tdYxH4AnvGsgdOLFiHHYxxIsOa1
Bzxb4bWxF2m3hKiyY5am/5U6MAxLrBwsvLZVklyfxYSRlvnPldKVHohzHTZafPSo
M7KU4R1e6wywwjg9Qtk4YJBX5w0jT3b9vbVQVNT47WzvLwXA/TY+Il6BIAVuzL57
MJAosU9SDAf28XUVzcaXbsHm9l2gcnUS6kCVVWTEvmehkW1rR3o=
=M11J
-----END PGP SIGNATURE-----
Merge tag 'debian/4.14.13-1'
Release linux (4.14.13-1).
- Drop ABI reference
- Drop/refresh patches as necessary
- linux-headers: Drop versioned dependency on linux-kbuild, as there has not
been any version of linux-kbuild-4.15 without objtool
Salvatore Bonaccorso
Ben Hutchings
Noah Meyerhans
Ben Hutchings
Yves-Alexis Perez
Nicolas Schier
Romain Perier
YunQiang Su
Helge Deller