updpkg: linux-apparmor 4.15.5-1

Signed-off-by: alzeih <alzeih@users.noreply.github.com>

6 files changed, 30 insertions, 127 deletions

diff --git a/.SRCINFO b/.SRCINFO
index 3c24311f22d6..46facf643d0b 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,5 +1,5 @@
 pkgbase = linux-apparmor
-	pkgver = 4.15.4
+	pkgver = 4.15.5
 	pkgrel = 1
 	url = https://www.kernel.org/
 	arch = x86_64
@@ -12,8 +12,8 @@ pkgbase = linux-apparmor
 	options = !strip
 	source = https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.15.tar.xz
 	source = https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.15.tar.sign
-	source = https://www.kernel.org/pub/linux/kernel/v4.x/patch-4.15.4.xz
-	source = https://www.kernel.org/pub/linux/kernel/v4.x/patch-4.15.4.sign
+	source = https://www.kernel.org/pub/linux/kernel/v4.x/patch-4.15.5.xz
+	source = https://www.kernel.org/pub/linux/kernel/v4.x/patch-4.15.5.sign
 	source = config
 	source = 60-linux.hook
 	source = 90-linux.hook
@@ -21,21 +21,19 @@ pkgbase = linux-apparmor
 	source = config.fragment
 	source = 0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch
 	source = 0002-drm-i915-edp-Only-use-the-alternate-fixed-mode-if-it.patch
-	source = 0003-x86-xen-init-gs-very-early-to-avoid-page-faults-with.patch
 	validpgpkeys = ABAF11C65A2970B130ABE3C479BE3E4300411886
 	validpgpkeys = 647F28654894E3BD457199BE38DBBDC86092693E
 	sha256sums = 5a26478906d5005f4f809402e981518d2b8844949199f60c4b6e1f986ca2a769
 	sha256sums = SKIP
-	sha256sums = 5f8344fcc6b15be5f53001bb18df342bf5877563239f03271c236e3a40db89e8
+	sha256sums = b5dc7021bd0c08e4a58b59035f9b757ce6909b46067950ac56d2ad68c1b69dd1
 	sha256sums = SKIP
-	sha256sums = 617d1a2b0160fc72098524a51501531556050cab0e466c9dbae5d60a78991bd2
+	sha256sums = f38927db126ec7141ea2dd70cabb2ef378552672b31db4ab621493928497abd7
 	sha256sums = ae2e95db94ef7176207c690224169594d49445e04249d2499e9d2fbc117a0b21
 	sha256sums = 75f99f5239e03238f88d1a834c50043ec32b1dc568f2cc291b07d04718483919
 	sha256sums = ad6344badc91ad0630caacde83f7f9b97276f80d26a20619a87952be65492c65
 	sha256sums = 728ea88383ce6c542e2969246036f454395d5412779ffb5299639610b82b21f1
-	sha256sums = c7951a3dfa6dcfd6f7c56d8d5c7c89cceb0e612ce3e6134d3fe23d1202b69863
-	sha256sums = b1485882a9d26fe49b9fb2530259c2c39e03a3346ff63edcbc746f47ef693676
-	sha256sums = 54380eafa1dfb42f7860a5eee9f521c14aa5fd2c9f5bfaa6e0537d75800225b7
+	sha256sums = 19b17156ea5aec86e4eb87fc855789375a5184faf564b4ac2cd0f279de7b3bf9
+	sha256sums = f49e23e2a00357f8a5f6cc5caadd56a4df2b0a3e2b53d76a514ca508f25a62a7
 
 pkgname = linux-apparmor
 	pkgdesc = The Linux-apparmor kernel and modules
diff --git a/0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch b/0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch
index f155e964b1e2..1385f92d2797 100644
--- a/0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch
+++ b/0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch
@@ -1,8 +1,8 @@
-From 05a43fb8b36cdaf6a3580f46cab334f2c2796544 Mon Sep 17 00:00:00 2001
-Message-Id: <05a43fb8b36cdaf6a3580f46cab334f2c2796544.1518828081.git.jan.steffens@gmail.com>
+From 16305718ac69980301a803f32373cd0d80473a1c Mon Sep 17 00:00:00 2001
+Message-Id: <16305718ac69980301a803f32373cd0d80473a1c.1519311274.git.jan.steffens@gmail.com>
 From: Serge Hallyn <serge.hallyn@canonical.com>
 Date: Fri, 31 May 2013 19:12:12 +0100
-Subject: [PATCH 1/3] add sysctl to disallow unprivileged CLONE_NEWUSER by
+Subject: [PATCH 1/2] add sysctl to disallow unprivileged CLONE_NEWUSER by
  default
 
 Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
@@ -99,5 +99,5 @@ index 246d4d4ce5c7..f64432b45cec 100644
  static DEFINE_MUTEX(userns_state_mutex);
  
 -- 
-2.16.1
+2.16.2
 
diff --git a/0002-drm-i915-edp-Only-use-the-alternate-fixed-mode-if-it.patch b/0002-drm-i915-edp-Only-use-the-alternate-fixed-mode-if-it.patch
index 97848fc18593..7338383117fe 100644
--- a/0002-drm-i915-edp-Only-use-the-alternate-fixed-mode-if-it.patch
+++ b/0002-drm-i915-edp-Only-use-the-alternate-fixed-mode-if-it.patch
@@ -1,10 +1,10 @@
-From 9ae12d036a480aa5352118c982ba76f2fb1640a3 Mon Sep 17 00:00:00 2001
-Message-Id: <9ae12d036a480aa5352118c982ba76f2fb1640a3.1518828081.git.jan.steffens@gmail.com>
-In-Reply-To: <05a43fb8b36cdaf6a3580f46cab334f2c2796544.1518828081.git.jan.steffens@gmail.com>
-References: <05a43fb8b36cdaf6a3580f46cab334f2c2796544.1518828081.git.jan.steffens@gmail.com>
+From caccd577f10e4618e87c8b21bb14ab867208df04 Mon Sep 17 00:00:00 2001
+Message-Id: <caccd577f10e4618e87c8b21bb14ab867208df04.1519311274.git.jan.steffens@gmail.com>
+In-Reply-To: <16305718ac69980301a803f32373cd0d80473a1c.1519311274.git.jan.steffens@gmail.com>
+References: <16305718ac69980301a803f32373cd0d80473a1c.1519311274.git.jan.steffens@gmail.com>
 From: Jim Bride <jim.bride@linux.intel.com>
 Date: Mon, 6 Nov 2017 13:38:57 -0800
-Subject: [PATCH 2/3] drm/i915/edp: Only use the alternate fixed mode if it's
+Subject: [PATCH 2/2] drm/i915/edp: Only use the alternate fixed mode if it's
  asked for
 
 In commit dc911f5bd8aa ("drm/i915/edp: Allow alternate fixed mode for
@@ -38,5 +38,5 @@ index add4b2434aa3..14a8bef9fdfe 100644
  }
  
 -- 
-2.16.1
+2.16.2
 
diff --git a/0003-x86-xen-init-gs-very-early-to-avoid-page-faults-with.patch b/0003-x86-xen-init-gs-very-early-to-avoid-page-faults-with.patch
deleted file mode 100644
index 4b490730e3c3..000000000000
--- a/0003-x86-xen-init-gs-very-early-to-avoid-page-faults-with.patch
+++ /dev/null
@@ -1,80 +0,0 @@
-From cd0c80aa02dbfe649c743fa98fcc0d9f427e0827 Mon Sep 17 00:00:00 2001
-Message-Id: <cd0c80aa02dbfe649c743fa98fcc0d9f427e0827.1518828081.git.jan.steffens@gmail.com>
-In-Reply-To: <05a43fb8b36cdaf6a3580f46cab334f2c2796544.1518828081.git.jan.steffens@gmail.com>
-References: <05a43fb8b36cdaf6a3580f46cab334f2c2796544.1518828081.git.jan.steffens@gmail.com>
-From: Juergen Gross <jgross@suse.com>
-Date: Thu, 1 Feb 2018 13:40:19 +0100
-Subject: [PATCH 3/3] x86/xen: init %gs very early to avoid page faults with
- stack protector
-
-When running as Xen pv guest %gs is initialized some time after
-C code is started. Depending on stack protector usage this might be
-too late, resulting in page faults.
-
-So setup %gs and MSR_GS_BASE in assembly code already.
-
-Cc: stable@vger.kernel.org
-Signed-off-by: Juergen Gross <jgross@suse.com>
-Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
-Tested-by: Chris Patterson <cjp256@gmail.com>
-Signed-off-by: Juergen Gross <jgross@suse.com>
----
- arch/x86/xen/xen-head.S | 16 ++++++++++++++++
- 1 file changed, 16 insertions(+)
-
-diff --git a/arch/x86/xen/xen-head.S b/arch/x86/xen/xen-head.S
-index 497cc55a0c16..96f26e026783 100644
---- a/arch/x86/xen/xen-head.S
-+++ b/arch/x86/xen/xen-head.S
-@@ -9,32 +9,48 @@
- 
- #include <asm/boot.h>
- #include <asm/asm.h>
-+#include <asm/msr.h>
- #include <asm/page_types.h>
-+#include <asm/percpu.h>
- #include <asm/unwind_hints.h>
- 
- #include <xen/interface/elfnote.h>
- #include <xen/interface/features.h>
- #include <xen/interface/xen.h>
- #include <xen/interface/xen-mca.h>
- #include <asm/xen/interface.h>
- 
- #ifdef CONFIG_XEN_PV
- 	__INIT
- ENTRY(startup_xen)
- 	UNWIND_HINT_EMPTY
- 	cld
- 
- 	/* Clear .bss */
- 	xor %eax,%eax
- 	mov $__bss_start, %_ASM_DI
- 	mov $__bss_stop, %_ASM_CX
- 	sub %_ASM_DI, %_ASM_CX
- 	shr $__ASM_SEL(2, 3), %_ASM_CX
- 	rep __ASM_SIZE(stos)
- 
- 	mov %_ASM_SI, xen_start_info
- 	mov $init_thread_union+THREAD_SIZE, %_ASM_SP
- 
-+#ifdef CONFIG_X86_64
-+	/* Set up %gs.
-+	 *
-+	 * The base of %gs always points to the bottom of the irqstack
-+	 * union.  If the stack protector canary is enabled, it is
-+	 * located at %gs:40.  Note that, on SMP, the boot cpu uses
-+	 * init data section till per cpu areas are set up.
-+	 */
-+	movl	$MSR_GS_BASE,%ecx
-+	movq	$INIT_PER_CPU_VAR(irq_stack_union),%rax
-+	cdq
-+	wrmsr
-+#endif
-+
- 	jmp xen_start_kernel
- END(startup_xen)
- 	__FINIT
--- 
-2.16.1
-
diff --git a/PKGBUILD b/PKGBUILD
index bd4aac781a7c..e908829a6656 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -3,7 +3,7 @@
 
 pkgbase=linux-apparmor
 _srcname=linux-4.15
-pkgver=4.15.4
+pkgver=4.15.5
 pkgrel=1
 arch=('x86_64')
 url="https://www.kernel.org/"
@@ -20,7 +20,6 @@ source=(
   'config.fragment'
   0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch
   0002-drm-i915-edp-Only-use-the-alternate-fixed-mode-if-it.patch
-  0003-x86-xen-init-gs-very-early-to-avoid-page-faults-with.patch
 )
 validpgpkeys=(
   'ABAF11C65A2970B130ABE3C479BE3E4300411886'  # Linus Torvalds
@@ -28,16 +27,15 @@ validpgpkeys=(
 )
 sha256sums=('5a26478906d5005f4f809402e981518d2b8844949199f60c4b6e1f986ca2a769'
             'SKIP'
-            '5f8344fcc6b15be5f53001bb18df342bf5877563239f03271c236e3a40db89e8'
+            'b5dc7021bd0c08e4a58b59035f9b757ce6909b46067950ac56d2ad68c1b69dd1'
             'SKIP'
-            '617d1a2b0160fc72098524a51501531556050cab0e466c9dbae5d60a78991bd2'
+            'f38927db126ec7141ea2dd70cabb2ef378552672b31db4ab621493928497abd7'
             'ae2e95db94ef7176207c690224169594d49445e04249d2499e9d2fbc117a0b21'
             '75f99f5239e03238f88d1a834c50043ec32b1dc568f2cc291b07d04718483919'
             'ad6344badc91ad0630caacde83f7f9b97276f80d26a20619a87952be65492c65'
             '728ea88383ce6c542e2969246036f454395d5412779ffb5299639610b82b21f1'
-            'c7951a3dfa6dcfd6f7c56d8d5c7c89cceb0e612ce3e6134d3fe23d1202b69863'
-            'b1485882a9d26fe49b9fb2530259c2c39e03a3346ff63edcbc746f47ef693676'
-            '54380eafa1dfb42f7860a5eee9f521c14aa5fd2c9f5bfaa6e0537d75800225b7')
+            '19b17156ea5aec86e4eb87fc855789375a5184faf564b4ac2cd0f279de7b3bf9'
+            'f49e23e2a00357f8a5f6cc5caadd56a4df2b0a3e2b53d76a514ca508f25a62a7')
 
 _kernelname=${pkgbase#linux}
 : ${_kernelname:=-ARCH}
@@ -57,9 +55,6 @@ prepare() {
   # https://bugs.archlinux.org/task/56711
   patch -Np1 -i ../0002-drm-i915-edp-Only-use-the-alternate-fixed-mode-if-it.patch
 
-  # https://bugs.archlinux.org/task/57500
-  patch -Np1 -i ../0003-x86-xen-init-gs-very-early-to-avoid-page-faults-with.patch
-
   cat ../config - >.config <<END
 CONFIG_LOCALVERSION="${_kernelname}"
 CONFIG_LOCALVERSION_AUTO=n
diff --git a/config b/config
index e58bd222377d..ea0d4f1aaa0a 100644
--- a/config
+++ b/config
@@ -1,6 +1,6 @@
 #
 # Automatically generated file; DO NOT EDIT.
-# Linux/x86 4.15.3-1 Kernel Configuration
+# Linux/x86 4.15.5-1 Kernel Configuration
 #
 CONFIG_64BIT=y
 CONFIG_X86_64=y
@@ -1040,7 +1040,6 @@ CONFIG_TCP_CONG_DCTCP=m
 CONFIG_TCP_CONG_CDG=m
 CONFIG_TCP_CONG_BBR=m
 CONFIG_DEFAULT_CUBIC=y
-# CONFIG_DEFAULT_BBR is not set
 # CONFIG_DEFAULT_RENO is not set
 CONFIG_DEFAULT_TCP_CONG="cubic"
 CONFIG_TCP_MD5SIG=y
@@ -5878,7 +5877,7 @@ CONFIG_FB=y
 CONFIG_FIRMWARE_EDID=y
 CONFIG_FB_CMDLINE=y
 CONFIG_FB_NOTIFY=y
-CONFIG_FB_DDC=m
+# CONFIG_FB_DDC is not set
 CONFIG_FB_BOOT_VESA_SUPPORT=y
 CONFIG_FB_CFB_FILLRECT=y
 CONFIG_FB_CFB_COPYAREA=y
@@ -5906,30 +5905,21 @@ CONFIG_FB_TILEBLITTING=y
 # CONFIG_FB_ARC is not set
 # CONFIG_FB_ASILIANT is not set
 # CONFIG_FB_IMSTT is not set
-CONFIG_FB_VGA16=m
-CONFIG_FB_UVESA=m
+# CONFIG_FB_VGA16 is not set
+# CONFIG_FB_UVESA is not set
 CONFIG_FB_VESA=y
 CONFIG_FB_EFI=y
 # CONFIG_FB_N411 is not set
 # CONFIG_FB_HGA is not set
 # CONFIG_FB_OPENCORES is not set
 # CONFIG_FB_S1D13XXX is not set
-CONFIG_FB_NVIDIA=m
-CONFIG_FB_NVIDIA_I2C=y
-# CONFIG_FB_NVIDIA_DEBUG is not set
-CONFIG_FB_NVIDIA_BACKLIGHT=y
-CONFIG_FB_RIVA=m
-CONFIG_FB_RIVA_I2C=y
-# CONFIG_FB_RIVA_DEBUG is not set
-CONFIG_FB_RIVA_BACKLIGHT=y
+# CONFIG_FB_NVIDIA is not set
+# CONFIG_FB_RIVA is not set
 # CONFIG_FB_I740 is not set
 # CONFIG_FB_LE80578 is not set
 # CONFIG_FB_INTEL is not set
 # CONFIG_FB_MATROX is not set
-CONFIG_FB_RADEON=m
-CONFIG_FB_RADEON_I2C=y
-CONFIG_FB_RADEON_BACKLIGHT=y
-# CONFIG_FB_RADEON_DEBUG is not set
+# CONFIG_FB_RADEON is not set
 # CONFIG_FB_ATY128 is not set
 # CONFIG_FB_ATY is not set
 # CONFIG_FB_S3 is not set
@@ -6003,7 +5993,7 @@ CONFIG_BACKLIGHT_GPIO=m
 CONFIG_BACKLIGHT_LV5207LP=m
 CONFIG_BACKLIGHT_BD6107=m
 CONFIG_BACKLIGHT_ARCXCNN=m
-CONFIG_VGASTATE=m
+# CONFIG_VGASTATE is not set
 CONFIG_VIDEOMODE_HELPERS=y
 CONFIG_HDMI=y