Ben Hutchings
48bb38a3f7
Update to 4.13.9
...
Drop many patches which are now upstream.
Avoid/ignore ABI changes as appropriate.
2017-10-26 22:41:11 +02:00
Salvatore Bonaccorso
ccefd718c8
[x86] KVM: MMU: always terminate page walks at level 1 (CVE-2017-12188)
2017-10-13 18:09:37 +02:00
Salvatore Bonaccorso
02033a7a17
[x86] KVM: nVMX: update last_nonleaf_level when initializing nested EPT (CVE-2017-12188)
2017-10-13 18:07:54 +02:00
Ben Hutchings
a18f05bb5b
Add various security fixes
2017-09-19 00:49:12 +01:00
Ben Hutchings
192ee88a05
[i386] perf tools: Fix unwind build (fixes FTBFS)
2017-07-22 17:41:53 +01:00
Ben Hutchings
50381a0ca2
Update to 4.12.2
...
Refresh aufs4 patches by hand, as there is no release for 4.12 yet.
Refresh lockdown patches with genpatch.py and then by hand, as the
branch is a little out of date and many patches went upstream.
[rt] Disable until it is updated for 4.12 or later
2017-07-18 01:06:31 +01:00
Ben Hutchings
0de513746f
[x86] pinctrl: cherryview: Extend the Chromebook DMI quirk to Intel_Strago systems
...
Closes : #862723
2017-07-17 00:38:29 +01:00
Ben Hutchings
769a37d5bd
[x86] ideapad-laptop: Add various IdeaPad models to no_hw_rfkill list
...
Closes : #866706
2017-07-17 00:04:31 +01:00
Lukas Wunner
f26f2a520d
Update to 4.11-rc6
...
Remove merged patches and rebase remaining patches.
A portion of the secureboot patches have been upstreamed, but were
changed substantially during review, primarily to avoid code
duplication among arches. I've stripped the patches of the merged
bits and rebased the remainder.
Signed-off-by: Lukas Wunner <lukas@wunner.de>
[bwh: Undo some incorrect context changes in
bugfix/all/firmware-remove-redundant-log-messages-from-drivers.patch]
2017-04-20 00:15:17 +01:00
Ben Hutchings
459f0a48e4
Release linux (4.9.18-1).
...
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAljcf5EACgkQ57/I7JWG
EQmFcQ/8DoBxenUbNW5cY+YbwBKsjuBb8Q6gnqQLOX/JtOJ8MtpQ1t2QQPvMYdXJ
PTcNZAKm8mrsWJxos9WsUHjkdrfuLAsMTisC5FvDkE6myBt++GH3gRtKCT0A2nep
ZU17YeHYfcqv6UK90Jg0p+xAKQEEqKZrryP7fvb8oX5wOORwlLMxBScErftbB/vV
hBvwybq7gfA/4KxDTnWgadpidg16/67ZgKd0EoSsbCpFAJble/hRroMwzKUSzFW+
2yFxrmUNFoIXddoDtORNNdK0nM6b2MKeWKjmndknz4QehlayZWCg1+mEjp7A7Wqp
9naONqhQWMibARGkDl5Y7SZ9/XJXjPmDFXi3EIbhrWMN2TUkzUN14A1YHw+M9p5Q
9UbnpI6eDxjvlezcPjqucIM0ywFwljBrDsQXfGsR6ogQbYvA7nJ0dK63/EXzvl1U
UGUBwHtDhLHxtv85/JsUqq9/UVGbZjcHvyEfmE1mvbMcNxkSLSewt+jd78h7xIyL
tOZP24ARPKqcQ1detou47o8cMmwTqVl6xu08w83xin2Xux+UlYFTtI/LVws3oYNb
F3uEzIgtJbu7ENxCkY5RmIJG9qRJZJ2f6dnpLLld6D52paD5OYNrk1NShtf/Dp+r
zjJoiIRTcO9fPatjl07Y2eDeFeo2SKoD+Xd/5nGDoytE6JiDEXg=
=ONVb
-----END PGP SIGNATURE-----
Merge tag 'debian/4.9.18-1'
Drop ABI reference files.
Refresh/drop patches as needed.
2017-03-30 14:16:47 +01:00
Ben Hutchings
8703214f24
[x86] drm/vmwgfx: fix integer overflow in vmw_surface_define_ioctl() (CVE-2017-7294)
2017-03-29 22:42:53 +01:00
Ben Hutchings
de3e9af4dc
[x86] vmwgfx: NULL pointer dereference in vmw_surface_define_ioctl() (CVE-2017-7261)
2017-03-29 22:36:16 +01:00
Ben Hutchings
003300166a
[x86] kvm: fix page struct leak in handle_vmon (CVE-2017-2596)
2017-02-26 20:29:29 +00:00
Ben Hutchings
8c94f719fa
Release linux (4.9.10-1).
...
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAlinNOsACgkQ57/I7JWG
EQntWg//RuNSbOQeyML971UnFUtZjY3yAUYqhPJdpJimjY3WHjmZlJQrLlSz9IYQ
48Pkt/64P0+iAr9zJ+3uJv1fOagKePd5RaS/iChJdvq0fCGZstFlti5NwXEQtGSv
Yzp0LStZr+pEPZo+8Bo+TVSP25FNXdZBvhUXE2sbxaV8+W9Vx+qFkfrWEiW7hpFv
nCQJic7kmzllS4Aol9e/jj2MqcdWIhviufAImNnfrbpK61Ud6Gznw9gTODw9+OIT
ny6F/k7O6MFPuHp3aAxVC5TCowh16PcC+VqJF9MTnnvHQmD3jYqdeA8zKLnW/tJk
Dl9A6whZ3n4fFRlGjgxjmTP/CgAIeQVqgTgYCApuQQTVG3svIkznoXJLraj5UE90
rzeB30x3ikUWcVggN7xfSkW3e6/v+XSbRfu73sFA81mWyWoddT/NYhw+Y18ym4UJ
Vk8iuAakpjdVj73FSyYOcNGRzOEp2SAV72EsJEMw1/IlIkmRkMmJkkg4T/HYj11P
jK/TjZtSsVbje4zx9/U6g8Rj4Wi40EHZu6kuh2jUhCk91zsAr+7EC45gZC+uohxL
jxKxv2R5p9AR7uN6JzQR4OuOL1bTCrt02MrWdsiPlUi0RBKlJ7O5sGMMsHrVMinn
4zFNeYq2U3Fyaejb32x3DOKtgCjoMRQ5iHyrjgljhzxJcf3fWKk=
=rRkU
-----END PGP SIGNATURE-----
Merge tag 'debian/4.9.10-1'
Drop changes to aufs.
2017-02-22 20:57:36 +00:00
Ben Hutchings
4e1df53c24
[x86] xen: Fix APIC id mismatch warning on Intel ( Closes : #853193 )
2017-02-17 02:42:17 +00:00
Ben Hutchings
31532f0851
[x86] platform: acer-wmi: setup accelerometer when machine has appropriate notify event ( Closes : #853067 )
2017-02-17 02:37:50 +00:00
Ben Hutchings
6adadc8ec6
Release linux (4.9.6-2).
...
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAliL3k0ACgkQ57/I7JWG
EQlmog/8D/DowVsxEjNdiHAewH7HUyqdADkCRkeqsmKgCtZEmvEaYE0RijZzGDhm
Ge4PxOzhLE/DRxJF2gN8y0hIVOnigje9qYN5OBdgB/FNNKThL6ARwiu2LD6DYcwU
+Lu6g8iHqsKHZ+NllHEiiwJ4rR39qf3Tkzz5cgm4jEi+5IjnoefOhaFhyPzBkz8i
p6fWklEhev8+lQ1sW9gF94p3t0dOp/31TWACagRQronrTtT2xAzdrR5ESPTo6FFg
gtcfqoB7AYA4LTuzoKIQRgGLsgKk73iLPF874ZuK9g/+4Z2lF9NBbwve3O0qYKCy
NERddjjx9QEf4cjToqAii10AzAfuBFDG/b77ZscREwysUwMhkz47ADefu5v1P2kJ
XdL/sJ/nXyhItV/VK8ym9lg4jAA8K5UOjn+8RtWBTE8091N7y7kyNHTQ4SppySIZ
Ow+NsWkMd+WYxkdGPSYc7nHthhVRvfC9C4cxamn9en+MNmakMgJcOZTxS4/gcTvx
DMCWGmEJrD5Bu3m9GrJzwfaXteWxMYihsq9ofjXeaeYqxgXZ62GuxMeRq3kBOhSw
H9MUITkqfsjcg7eAz8elFhRvrurlVUWFsSCGr4Fd1Tv9zrFw8OXNRrApy4UQOQ4x
Uw5AcA/3ZA3QCPsOuU8ENES57vJb+D3E/LZZJdTktVLUcoxA0tA=
=C8FJ
-----END PGP SIGNATURE-----
Merge tag 'debian/4.9.6-2'
2017-01-28 01:19:31 +00:00
Ben Hutchings
601b9e92a1
Update to 4.10-rc5
...
Drop/refresh patches as appropriate.
[rt] Disable until it is updated for 4.10 or later
2017-01-24 19:26:38 +00:00
Ben Hutchings
a2704d736e
[x86] ASoC: Intel: select DW_DMAC_CORE since it's mandatory
...
This also allows enabling SND_SOC_INTEL_BDW_RT5677_MACH without
DW_DMAC_CORE built-in.
2017-01-24 04:43:02 +00:00
Salvatore Bonaccorso
4686b122fc
Update to 4.9.5
2017-01-21 15:52:44 +01:00
Salvatore Bonaccorso
f18792b8fa
[x86] KVM: fix emulation of "MOV SS, null selector" (CVE-2017-2583)
2017-01-19 13:13:14 +01:00
Salvatore Bonaccorso
5745d97d88
[x86] KVM: Introduce segmented_write_std (CVE-2017-2584)
2017-01-19 13:09:22 +01:00
Ben Hutchings
0814db65a8
Update to 4.9.1
...
Drop two obsolete patches.
"ptrace: being capable wrt a process requires mapped uids/gids"
appears to be obsoleted by upstream commit bfedb589252c "mm: Add
a user_ns owner to mm_struct and fix ptrace permission checks".
2017-01-07 03:27:13 +00:00
Ben Hutchings
aca57cd0d7
Fix patch header for "x86/kbuild: enable modversions for symbols exported from asm"
2016-12-02 02:49:08 +00:00
Ben Hutchings
54d0756a33
Fix exported symbol versions
...
- Revert upstream changes moving exports to assembly sources
- [x86] kbuild: enable modversions for symbols exported from assembly
- Revert "Fix subtle CONFIG_MODVERSIONS problems"
This leaves powerpc and x86 as the only kernel architectures that
export symbols from assembly, and <asm/asm-prototypes.h> for those
two appear to define prototypes for all the functions that are used.
2016-12-02 00:19:09 +00:00
Ben Hutchings
fa9e148da4
Update to 4.9-rc6
2016-11-21 23:52:49 +00:00
Ben Hutchings
9ab8cb710b
[x86] efi: Prevent mixed mode boot corruption with CONFIG_VMAP_STACK=y
2016-11-13 21:00:47 +00:00
Ben Hutchings
82c55764b5
kbuild: Update -fno-PIE patches to match upstream
2016-11-10 20:26:29 +00:00
Ben Hutchings
64e2286fbd
Update to 4.8.5
...
Drop patches applied upstream and move changelog text for the bugs
under the stable update.
2016-10-28 20:31:36 +01:00
Ben Hutchings
e34c6c01c6
[x86] Input: elantech - add Fujitsu Lifebook E556 to force crc_enabled ( Closes : #835160 )
2016-10-28 20:18:08 +01:00
Ben Hutchings
4456cb3bc3
[x86] Input: i8042 - skip selftest on ASUS laptops
2016-10-28 20:16:42 +01:00
Salvatore Bonaccorso
f86bc88075
[x86] boot/smp: Don't try to poke disabled/non-existent APIC
...
Closes : #841850
2016-10-26 09:17:48 +02:00
Ben Hutchings
1222968771
Update to 4.8-rc3
2016-08-28 19:52:50 +01:00
Ben Hutchings
4e86887dda
Update to 4.7-rc7
2016-07-14 10:50:31 +01:00
Ben Hutchings
aab434acde
[x86] Fix incompatiblity between kaslr and hibernation
...
* [amd64] power: Fix crash whan the hibernation code passes control to the
image kernel
* [x86] KASLR, power: Remove x86 hibernation restrictions
2016-07-02 19:29:28 +02:00
Ben Hutchings
906f7b1351
Update to 4.7-rc2
...
[rt] Disable until it is updated for 4.7 or later
2016-06-10 14:47:48 +01:00
Ben Hutchings
4e2a281abe
Update to 4.6.1
2016-06-05 14:30:35 +01:00
Ben Hutchings
6976b08b12
Release linux (4.5.5-1).
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUAV0te3Oe/yOyVhhEJAQodqBAAjpkEuBm2kSlQD1y8qeb/+1+CxJPcqIH1
DHTyMpFHQvX5VT+vCX83WhiWncMz85z7f0wcElpNaZ/3ExOQzbmrIwsucgXRXVUS
txKxHaQQv8uU1m8dgxqjOWP80+IT71H9rBcitfrRqyzLiEhC1mPOfvxjtGTOJWw+
Lohie5WPMMsfrahQGw4srPMcpVRwVKuX5N+azgk6rg8VA7rxyxQaMZRg3rr+N7Aw
btwVC5vyL8K5Be0LnveR/PdOosaUU6XzyT7kNT0fLSO9H4bWenielHaduSDI5iU4
WcPRhymrHv0dBDvbyw8vkJMDd+/1x9gWk4/DHFQNw1miaUx87N+vKyC4rZ7Lqc2d
4n/hpq3HjPBZqC07Q0mddeTy7OoN4obYSXTipIu9rWBsTJtcxxwSUVg86+xo03Zg
bb0VoEudp9JZGBMLS8PjBJ66d+/p7Q47YnKV7ZwNKyLwRq4AMo65L7PeUJflNHvj
UmJrOG/6AJ6bi+eXrWDbwAA8mrwdPPKu+QzBSQ9c6hm4CFmgkgWTH/oA2iPsp7AX
iqcPgKp6XA8YLXpiDeCqvMV5cSkGD67cpIcgTB0CrH7KILXD61cP8QEl7eaWiBMW
MW9IPDeEBEmEN3ST2tg1H7udEzzpEZXHg4NZ5gOZ7lMZphbILrapJYuUf3PDdZKL
Ccz9YH5eSuE=
=gSlx
-----END PGP SIGNATURE-----
Merge tag 'debian/4.5.5-1'
2016-05-29 22:33:26 +01:00
Ben Hutchings
5bec7a0097
[x86] kvm:vmx: more complete state update on APICv on/off (CVE-2016-4440)
2016-05-23 02:35:36 +01:00
Ben Hutchings
a65b751ecf
Add Forwarded/Origin headers to patches as appropriate
2016-05-17 14:44:47 +01:00
Ben Hutchings
0c5a10d4c1
Update to 4.6
...
Rebase patch series.
2016-05-16 19:49:24 +01:00
Salvatore Bonaccorso
2c6d72a09e
Update to 4.5.4
2016-05-12 21:22:09 +02:00
Ben Hutchings
be31f1ecd5
Release linux (4.5.3-2).
...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUAVy9ITOe/yOyVhhEJAQq2Tw/+IbJSVFZ3v7J7I6ZwZuJLmhnEpPyuE1Md
OkJieChhe0wpnIFQD3fhHsKClXUzHORahq8O4qGd5BPb9ttYSr7Hm/SvPxQK91Cr
mP857CZWNopLatVbKAzmQ3unFcpD/zbTGr2iC0IBmu4TJQBMr2tDejd2ndlq2psG
YoaHSh1wHutenaF9iFQ2/H2V6ScM7DX9DMTOrqhFxaIkc7WaJSjpVoKCrYxRFQUX
9ogMqxPRqTzsEBxS0PwO1vBTDx2OgwkmvnY0rOj1fpswgEfwvS4XO46EpiFx45Mc
grzDW6jrKMKWpeH1JC1YLvOltR/nSx4vM3E5sbjSKJQv0F1oIoQuKyfRLOw9Oe3q
4/7xqS5/aNJ9aaNPi4p7/L8JdGtkJEW26XczgXbKRlY4AfKvt7bPTztoe4KQOSDA
roqmj7f782nJOerQxKScsE7HM6DpLViSoGhCyf0DNnqwQaUKDyaLhdu0LNA73wCx
FMFQfZnDN8Yg0UP5BJouSoKprf4hL7CiQcMcfXqLj/QsNB8vCjfs6offKtZ7bckZ
Si1L2proXY3esQ95Npd2HIKDo4gGajQ8Xkpkf9+6FZdhMLm/w17y9kppgVlcKQ/T
q/emN0JEuzxMkvtZbmVMRzd0NI4tXzlBwOVcASMzI0ak5CLOPoWO0Cc/jOYg24H3
yabrIvpcq0s=
=jVBT
-----END PGP SIGNATURE-----
Merge tag 'debian/4.5.3-2'
Drop the ABI reference files and patches.
Rebase patches added on the sid branch.
2016-05-08 21:47:32 +01:00
Ben Hutchings
8b31e1c0a6
Update to 4.5.3
...
Drop changes which were included or superceded upstream.
Fix ABI changes.
2016-05-07 19:40:36 +01:00
Ben Hutchings
5416c1a1e3
Revert "sp5100_tco: fix the device check for SB800 and later chipsets"
...
Probably fixes #822651 , #823146
2016-05-02 21:25:40 +02:00
Salvatore Bonaccorso
92f972094e
[x86] xen: suppress hugetlbfs in PV guests (CVE-2016-3961)
2016-04-14 20:57:52 +02:00
Ben Hutchings
f4701f7d70
Update to 4.6-rc3
...
Refresh or drop *many* patches.
aufs: Update support patches to aufs4.x-rcN-20160328
2016-04-14 15:00:19 +01:00
Ben Hutchings
1d7f287b7a
[x86] ACPI / processor: Request native thermal interrupt handling via _OSC ( Closes : #817016 , #819336 )
2016-04-13 23:06:17 +01:00
Ben Hutchings
aac56d9572
[x86] mm/32: Enable full randomization on i386 and X86_32 (CVE-2016-3672)
2016-04-13 21:26:06 +01:00
Ben Hutchings
f24971b257
Rename and regroup patches from linux-tools
...
Move patches specific to Debian packaging under debian/, and bug fixes that
could go upstream belong under bugfix/. Put them in two separate groups in
the series.
2016-03-21 03:14:46 +00:00