diff options
author | Björn Bidar | 2018-01-18 13:33:04 +0100 |
---|---|---|
committer | Björn Bidar | 2018-01-18 13:34:17 +0100 |
commit | bee41e6f8ea700caf6cbd9b38c6b4c1486cb8f0b (patch) | |
tree | 34965f4d4e4b37399e41cc57ee90893c09bf8713 | |
parent | 6624b87e6ab80e8ca53c11cb7a9199fa0acb14f4 (diff) | |
download | aur-bee41e6f8ea700caf6cbd9b38c6b4c1486cb8f0b.tar.gz |
upkg
-rw-r--r-- | .SRCINFO | 30 | ||||
-rw-r--r-- | 0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch | 6 | ||||
-rw-r--r-- | 0004-Revert-xfrm-Fix-stack-out-of-bounds-read-in-xfrm_sta.patch | 74 | ||||
-rw-r--r-- | 0004-xfrm-Fix-stack-out-of-bounds-read-on-socket-policy-l.patch (renamed from 0005-xfrm-Fix-stack-out-of-bounds-read-on-socket-policy-l.patch) | 10 | ||||
-rw-r--r-- | 0005-cgroup-fix-css_task_iter-crash-on-CSS_TASK_ITER_PROC.patch | 114 | ||||
-rw-r--r-- | 0006-drm-i915-edp-Only-use-the-alternate-fixed-mode-if-it.patch | 42 | ||||
-rw-r--r-- | PKGBUILD | 27 |
7 files changed, 192 insertions, 111 deletions
@@ -1,8 +1,8 @@ # Generated by mksrcinfo v8 -# Fri Jan 5 18:35:51 UTC 2018 +# Thu Jan 18 12:31:44 UTC 2018 pkgbase = linux-pf pkgdesc = Linux kernel and modules with the pf-kernel patch (uksm, PDS). - pkgver = 4.14.8 + pkgver = 4.14.9 pkgrel = 1 url = http://pf.natalenko.name/ arch = i686 @@ -20,24 +20,24 @@ pkgbase = linux-pf source = config.i686 source = config.x86_64 source = linux.preset - source = https://github.com/pfactum/pf-kernel/compare/v4.14...v4.14-pf8.diff + source = https://github.com/pfactum/pf-kernel/compare/v4.14...v4.14-pf9.diff source = 90-linux.hook source = 60-linux.hook - source = 0004-Revert-xfrm-Fix-stack-out-of-bounds-read-in-xfrm_sta.patch - source = 0005-xfrm-Fix-stack-out-of-bounds-read-on-socket-policy-l.patch - source = 0006-cgroup-fix-css_task_iter-crash-on-CSS_TASK_ITER_PROC.patch + source = 0004-xfrm-Fix-stack-out-of-bounds-read-on-socket-policy-l.patch + source = 0005-cgroup-fix-css_task_iter-crash-on-CSS_TASK_ITER_PROC.patch source = 0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch + source = 0006-drm-i915-edp-Only-use-the-alternate-fixed-mode-if-it.patch sha256sums = f81d59477e90a130857ce18dc02f4fbe5725854911db1e7ba770c7cd350f96a7 sha256sums = 102d518779dc312af35faf7e07ff01df3c04521d40d8757fc4e8eba9c595c395 sha256sums = 943e1e6e1518edc8ab86023805f8f88f3672871a4039ccf8a9e97c33e95ae395 sha256sums = 82d660caa11db0cd34fd550a049d7296b4a9dcd28f2a50c81418066d6e598864 - sha256sums = e8765a6a553b914b21e59dfe4d2311aba1d518bfcc71d32802d3bc0fa4874369 + sha256sums = 233adc6ec0faf2c71bea243935c9ed945b4ffadbfabd183cd4455e41a3261efa sha256sums = 75f99f5239e03238f88d1a834c50043ec32b1dc568f2cc291b07d04718483919 sha256sums = ae2e95db94ef7176207c690224169594d49445e04249d2499e9d2fbc117a0b21 - sha256sums = 705d5fbfce00ccc20490bdfb5853d67d86ac00c845de6ecb13e414214b48daeb - sha256sums = 0a249248534a17f14fab7e14994811ae81fe324668a82ff41f3bcabeeae1460f - sha256sums = 8e1b303957ddd829c0c9ad7c012cd32f2354ff3c8c1b85da3d7f8a54524f3711 - sha256sums = 06bc1d8b1cd153c3146a4376d833f5769b980e5ef5eae99ddaaeb48bf514dae2 + sha256sums = 1c1f5792c98369c546840950e6569a690cd88e33d4f0931d2b0b5b88f705aa4d + sha256sums = c3d743a0e193294bc5fbae65e7ba69fd997cd8b2ded9c9a45c5151d71d9cfb95 + sha256sums = d8a865a11665424b21fe6be9265eb287ee6d5646261a486954ddf3a4ee87e78f + sha256sums = ec7342aab478af79a17ff65cf65bbd6744b0caee8f66c77a39bba61a78e6576d pkgname = linux-pf pkgdesc = Linux kernel and modules with the pf-kernel patch (uksm, PDS) @@ -53,7 +53,7 @@ pkgname = linux-pf optdepends = nvidia-pf: NVIDIA drivers for linux-pf optdepends = nvidia-beta-all: NVIDIA drivers for all installed kernels optdepends = modprobed-db: Keeps track of EVERY kernel module that has ever been probed. Useful for make localmodconfig. - provides = linux-pf=4.14.8 + provides = linux-pf=4.14.9 provides = linux-tomoyo conflicts = linux-pf conflicts = kernel26-pf @@ -62,13 +62,13 @@ pkgname = linux-pf pkgname = linux-pf-headers pkgdesc = Header files and scripts for building modules for linux-pf kernel. depends = linux-pf - provides = linux-pf-headers=4.14.8 + provides = linux-pf-headers=4.14.9 conflicts = linux-pf-headers pkgname = linux-pf-preset-default pkgdesc = Linux-pf default preset install = linux.install - depends = linux-pf=4.14.8 - provides = linux-pf-preset=4.14.8 + depends = linux-pf=4.14.9 + provides = linux-pf-preset=4.14.9 backup = etc/mkinitcpio.d/linux-pf.preset diff --git a/0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch b/0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch index 64341b9b7026..c3364a49db0e 100644 --- a/0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch +++ b/0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch @@ -1,8 +1,8 @@ -From fb89d912d5f7289d3a922c77b671e36e1c740f5e Mon Sep 17 00:00:00 2001 -Message-Id: <fb89d912d5f7289d3a922c77b671e36e1c740f5e.1514959852.git.jan.steffens@gmail.com> +From 0b716bdb952b678d9bb5eb32198dbc82ec492df2 Mon Sep 17 00:00:00 2001 +Message-Id: <0b716bdb952b678d9bb5eb32198dbc82ec492df2.1515173964.git.jan.steffens@gmail.com> From: Serge Hallyn <serge.hallyn@canonical.com> Date: Fri, 31 May 2013 19:12:12 +0100 -Subject: [PATCH 1/7] add sysctl to disallow unprivileged CLONE_NEWUSER by +Subject: [PATCH 1/6] add sysctl to disallow unprivileged CLONE_NEWUSER by default Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com> diff --git a/0004-Revert-xfrm-Fix-stack-out-of-bounds-read-in-xfrm_sta.patch b/0004-Revert-xfrm-Fix-stack-out-of-bounds-read-in-xfrm_sta.patch deleted file mode 100644 index 4dca618a8c03..000000000000 --- a/0004-Revert-xfrm-Fix-stack-out-of-bounds-read-in-xfrm_sta.patch +++ /dev/null @@ -1,74 +0,0 @@ -From d03c0ef520f40c6de691c37e0f168c87b3423015 Mon Sep 17 00:00:00 2001 -Message-Id: <d03c0ef520f40c6de691c37e0f168c87b3423015.1514959852.git.jan.steffens@gmail.com> -In-Reply-To: <fb89d912d5f7289d3a922c77b671e36e1c740f5e.1514959852.git.jan.steffens@gmail.com> -References: <fb89d912d5f7289d3a922c77b671e36e1c740f5e.1514959852.git.jan.steffens@gmail.com> -From: Steffen Klassert <steffen.klassert@secunet.com> -Date: Wed, 15 Nov 2017 06:40:57 +0100 -Subject: [PATCH 4/7] Revert "xfrm: Fix stack-out-of-bounds read in - xfrm_state_find." - -This reverts commit c9f3f813d462c72dbe412cee6a5cbacf13c4ad5e. - -This commit breaks transport mode when the policy template -has widlcard addresses configured, so revert it. - -Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com> ---- - net/xfrm/xfrm_policy.c | 29 ++++++++++++++++++----------- - 1 file changed, 18 insertions(+), 11 deletions(-) - -diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c -index 2a6093840e7e856e..6bc16bb61b5533ef 100644 ---- a/net/xfrm/xfrm_policy.c -+++ b/net/xfrm/xfrm_policy.c -@@ -1362,29 +1362,36 @@ xfrm_tmpl_resolve_one(struct xfrm_policy *policy, const struct flowi *fl, - struct net *net = xp_net(policy); - int nx; - int i, error; -+ xfrm_address_t *daddr = xfrm_flowi_daddr(fl, family); -+ xfrm_address_t *saddr = xfrm_flowi_saddr(fl, family); - xfrm_address_t tmp; - - for (nx = 0, i = 0; i < policy->xfrm_nr; i++) { - struct xfrm_state *x; -- xfrm_address_t *local; -- xfrm_address_t *remote; -+ xfrm_address_t *remote = daddr; -+ xfrm_address_t *local = saddr; - struct xfrm_tmpl *tmpl = &policy->xfrm_vec[i]; - -- remote = &tmpl->id.daddr; -- local = &tmpl->saddr; -- if (xfrm_addr_any(local, tmpl->encap_family)) { -- error = xfrm_get_saddr(net, fl->flowi_oif, -- &tmp, remote, -- tmpl->encap_family, 0); -- if (error) -- goto fail; -- local = &tmp; -+ if (tmpl->mode == XFRM_MODE_TUNNEL || -+ tmpl->mode == XFRM_MODE_BEET) { -+ remote = &tmpl->id.daddr; -+ local = &tmpl->saddr; -+ if (xfrm_addr_any(local, tmpl->encap_family)) { -+ error = xfrm_get_saddr(net, fl->flowi_oif, -+ &tmp, remote, -+ tmpl->encap_family, 0); -+ if (error) -+ goto fail; -+ local = &tmp; -+ } - } - - x = xfrm_state_find(remote, local, fl, tmpl, policy, &error, family); - - if (x && x->km.state == XFRM_STATE_VALID) { - xfrm[nx++] = x; -+ daddr = remote; -+ saddr = local; - continue; - } - if (x) { --- -2.15.1 - diff --git a/0005-xfrm-Fix-stack-out-of-bounds-read-on-socket-policy-l.patch b/0004-xfrm-Fix-stack-out-of-bounds-read-on-socket-policy-l.patch index edd7b24a32d6..6b4de3a648d9 100644 --- a/0005-xfrm-Fix-stack-out-of-bounds-read-on-socket-policy-l.patch +++ b/0004-xfrm-Fix-stack-out-of-bounds-read-on-socket-policy-l.patch @@ -1,10 +1,10 @@ -From 3721d64246982f91a5bf863fc17ac60ff722e0c4 Mon Sep 17 00:00:00 2001 -Message-Id: <3721d64246982f91a5bf863fc17ac60ff722e0c4.1514959852.git.jan.steffens@gmail.com> -In-Reply-To: <fb89d912d5f7289d3a922c77b671e36e1c740f5e.1514959852.git.jan.steffens@gmail.com> -References: <fb89d912d5f7289d3a922c77b671e36e1c740f5e.1514959852.git.jan.steffens@gmail.com> +From 5a11be3bab2dcd6fe061206662969c4cea46988f Mon Sep 17 00:00:00 2001 +Message-Id: <5a11be3bab2dcd6fe061206662969c4cea46988f.1515173964.git.jan.steffens@gmail.com> +In-Reply-To: <0b716bdb952b678d9bb5eb32198dbc82ec492df2.1515173964.git.jan.steffens@gmail.com> +References: <0b716bdb952b678d9bb5eb32198dbc82ec492df2.1515173964.git.jan.steffens@gmail.com> From: Steffen Klassert <steffen.klassert@secunet.com> Date: Fri, 22 Dec 2017 10:44:57 +0100 -Subject: [PATCH 5/7] xfrm: Fix stack-out-of-bounds read on socket policy +Subject: [PATCH 4/6] xfrm: Fix stack-out-of-bounds read on socket policy lookup. When we do tunnel or beet mode, we pass saddr and daddr from the diff --git a/0005-cgroup-fix-css_task_iter-crash-on-CSS_TASK_ITER_PROC.patch b/0005-cgroup-fix-css_task_iter-crash-on-CSS_TASK_ITER_PROC.patch new file mode 100644 index 000000000000..3090318aacb8 --- /dev/null +++ b/0005-cgroup-fix-css_task_iter-crash-on-CSS_TASK_ITER_PROC.patch @@ -0,0 +1,114 @@ +From eadda028a73a567edd8462ccd0e8c28e023cde28 Mon Sep 17 00:00:00 2001 +Message-Id: <eadda028a73a567edd8462ccd0e8c28e023cde28.1515173964.git.jan.steffens@gmail.com> +In-Reply-To: <0b716bdb952b678d9bb5eb32198dbc82ec492df2.1515173964.git.jan.steffens@gmail.com> +References: <0b716bdb952b678d9bb5eb32198dbc82ec492df2.1515173964.git.jan.steffens@gmail.com> +From: Tejun Heo <tj@kernel.org> +Date: Wed, 20 Dec 2017 07:09:19 -0800 +Subject: [PATCH 5/6] cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC + +While teaching css_task_iter to handle skipping over tasks which +aren't group leaders, bc2fb7ed089f ("cgroup: add @flags to +css_task_iter_start() and implement CSS_TASK_ITER_PROCS") introduced a +silly bug. + +CSS_TASK_ITER_PROCS is implemented by repeating +css_task_iter_advance() while the advanced cursor is pointing to a +non-leader thread. However, the cursor variable, @l, wasn't updated +when the iteration has to advance to the next css_set and the +following repetition would operate on the terminal @l from the +previous iteration which isn't pointing to a valid task leading to +oopses like the following or infinite looping. + + BUG: unable to handle kernel NULL pointer dereference at 0000000000000254 + IP: __task_pid_nr_ns+0xc7/0xf0 + PGD 0 P4D 0 + Oops: 0000 [#1] SMP + ... + CPU: 2 PID: 1 Comm: systemd Not tainted 4.14.4-200.fc26.x86_64 #1 + Hardware name: System manufacturer System Product Name/PRIME B350M-A, BIOS 3203 11/09/2017 + task: ffff88c4baee8000 task.stack: ffff96d5c3158000 + RIP: 0010:__task_pid_nr_ns+0xc7/0xf0 + RSP: 0018:ffff96d5c315bd50 EFLAGS: 00010206 + RAX: 0000000000000000 RBX: ffff88c4b68c6000 RCX: 0000000000000250 + RDX: ffffffffa5e47960 RSI: 0000000000000000 RDI: ffff88c490f6ab00 + RBP: ffff96d5c315bd50 R08: 0000000000001000 R09: 0000000000000005 + R10: ffff88c4be006b80 R11: ffff88c42f1b8004 R12: ffff96d5c315bf18 + R13: ffff88c42d7dd200 R14: ffff88c490f6a510 R15: ffff88c4b68c6000 + FS: 00007f9446f8ea00(0000) GS:ffff88c4be680000(0000) knlGS:0000000000000000 + CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 + CR2: 0000000000000254 CR3: 00000007f956f000 CR4: 00000000003406e0 + Call Trace: + cgroup_procs_show+0x19/0x30 + cgroup_seqfile_show+0x4c/0xb0 + kernfs_seq_show+0x21/0x30 + seq_read+0x2ec/0x3f0 + kernfs_fop_read+0x134/0x180 + __vfs_read+0x37/0x160 + ? security_file_permission+0x9b/0xc0 + vfs_read+0x8e/0x130 + SyS_read+0x55/0xc0 + entry_SYSCALL_64_fastpath+0x1a/0xa5 + RIP: 0033:0x7f94455f942d + RSP: 002b:00007ffe81ba2d00 EFLAGS: 00000293 ORIG_RAX: 0000000000000000 + RAX: ffffffffffffffda RBX: 00005574e2233f00 RCX: 00007f94455f942d + RDX: 0000000000001000 RSI: 00005574e2321a90 RDI: 000000000000002b + RBP: 0000000000000000 R08: 00005574e2321a90 R09: 00005574e231de60 + R10: 00007f94458c8b38 R11: 0000000000000293 R12: 00007f94458c8ae0 + R13: 00007ffe81ba3800 R14: 0000000000000000 R15: 00005574e2116560 + Code: 04 74 0e 89 f6 48 8d 04 76 48 8d 04 c5 f0 05 00 00 48 8b bf b8 05 00 00 48 01 c7 31 c0 48 8b 0f 48 85 c9 74 18 8b b2 30 08 00 00 <3b> 71 04 77 0d 48 c1 e6 05 48 01 f1 48 3b 51 38 74 09 5d c3 8b + RIP: __task_pid_nr_ns+0xc7/0xf0 RSP: ffff96d5c315bd50 + +Fix it by moving the initialization of the cursor below the repeat +label. While at it, rename it to @next for readability. + +Signed-off-by: Tejun Heo <tj@kernel.org> +Fixes: bc2fb7ed089f ("cgroup: add @flags to css_task_iter_start() and implement CSS_TASK_ITER_PROCS") +Cc: stable@vger.kernel.org # v4.14+ +Reported-by: Laura Abbott <labbott@redhat.com> +Reported-by: Bronek Kozicki <brok@incorrekt.com> +Reported-by: George Amanakis <gamanakis@gmail.com> +Signed-off-by: Tejun Heo <tj@kernel.org> +--- + kernel/cgroup/cgroup.c | 14 ++++++-------- + 1 file changed, 6 insertions(+), 8 deletions(-) + +diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c +index 44857278eb8aa6a2..030e4286f14c715e 100644 +--- a/kernel/cgroup/cgroup.c ++++ b/kernel/cgroup/cgroup.c +@@ -4059,26 +4059,24 @@ static void css_task_iter_advance_css_set(struct css_task_iter *it) + + static void css_task_iter_advance(struct css_task_iter *it) + { +- struct list_head *l = it->task_pos; ++ struct list_head *next; + + lockdep_assert_held(&css_set_lock); +- WARN_ON_ONCE(!l); +- + repeat: + /* + * Advance iterator to find next entry. cset->tasks is consumed + * first and then ->mg_tasks. After ->mg_tasks, we move onto the + * next cset. + */ +- l = l->next; ++ next = it->task_pos->next; + +- if (l == it->tasks_head) +- l = it->mg_tasks_head->next; ++ if (next == it->tasks_head) ++ next = it->mg_tasks_head->next; + +- if (l == it->mg_tasks_head) ++ if (next == it->mg_tasks_head) + css_task_iter_advance_css_set(it); + else +- it->task_pos = l; ++ it->task_pos = next; + + /* if PROCS, skip over tasks which aren't group leaders */ + if ((it->flags & CSS_TASK_ITER_PROCS) && it->task_pos && +-- +2.15.1 + diff --git a/0006-drm-i915-edp-Only-use-the-alternate-fixed-mode-if-it.patch b/0006-drm-i915-edp-Only-use-the-alternate-fixed-mode-if-it.patch new file mode 100644 index 000000000000..5d36d15ac47b --- /dev/null +++ b/0006-drm-i915-edp-Only-use-the-alternate-fixed-mode-if-it.patch @@ -0,0 +1,42 @@ +From cf45be4971bdd769c09e2a11db483510cd0bcc5f Mon Sep 17 00:00:00 2001 +Message-Id: <cf45be4971bdd769c09e2a11db483510cd0bcc5f.1515173964.git.jan.steffens@gmail.com> +In-Reply-To: <0b716bdb952b678d9bb5eb32198dbc82ec492df2.1515173964.git.jan.steffens@gmail.com> +References: <0b716bdb952b678d9bb5eb32198dbc82ec492df2.1515173964.git.jan.steffens@gmail.com> +From: Jim Bride <jim.bride@linux.intel.com> +Date: Mon, 6 Nov 2017 13:38:57 -0800 +Subject: [PATCH 6/6] drm/i915/edp: Only use the alternate fixed mode if it's + asked for + +In commit dc911f5bd8aa ("drm/i915/edp: Allow alternate fixed mode for +eDP if available."), the patch allows for the use of an alternate fixed +mode if it is available, but the patch was not ensuring that the only +time the alternate mode is used is when it is specifically requested. +This patch adds an additional comparison to intel_edp_compare_alt_mode +to ensure that we only use the alternate mode if it is directly +requested. + +Fixes: dc911f5bd8aac ("Allow alternate fixed mode for eDP if available.") +Cc: David Weinehall <david.weinehall@linux.intel.com> +Cc: Rodrigo Vivi <rodrigo.vivi@intel.com> +Signed-off-by: Jim Bride <jim.bride@linux.intel.com> +--- + drivers/gpu/drm/i915/intel_dp.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/drivers/gpu/drm/i915/intel_dp.c b/drivers/gpu/drm/i915/intel_dp.c +index 09f274419eea1c74..838cee312e8e6978 100644 +--- a/drivers/gpu/drm/i915/intel_dp.c ++++ b/drivers/gpu/drm/i915/intel_dp.c +@@ -1632,7 +1632,8 @@ static bool intel_edp_compare_alt_mode(struct drm_display_mode *m1, + m1->vdisplay == m2->vdisplay && + m1->vsync_start == m2->vsync_start && + m1->vsync_end == m2->vsync_end && +- m1->vtotal == m2->vtotal); ++ m1->vtotal == m2->vtotal && ++ m1->vrefresh == m2->vrefresh); + return bres; + } + +-- +2.15.1 + @@ -10,7 +10,7 @@ _minor=14 _basekernel=${_major}.${_minor} _srcname=linux-${_major}.${_minor} pkgbase=linux-pf -_pfrel=8 +_pfrel=9 _kernelname=-pf _pfpatchhome="https://github.com/pfactum/pf-kernel/compare" _pfpatchname="v$_major.$_minor...v$_major.$_minor-pf$_pfrel.diff" @@ -83,10 +83,10 @@ source=("https://www.kernel.org/pub/linux/kernel/v${_major}.x/linux-${_basekerne "${_pfpatchhome}/${_pfpatchname}" # the -pf patchset "90-linux.hook" "60-linux.hook" - '0004-Revert-xfrm-Fix-stack-out-of-bounds-read-in-xfrm_sta.patch' - '0005-xfrm-Fix-stack-out-of-bounds-read-on-socket-policy-l.patch' - '0006-cgroup-fix-css_task_iter-crash-on-CSS_TASK_ITER_PROC.patch' + '0004-xfrm-Fix-stack-out-of-bounds-read-on-socket-policy-l.patch' + '0005-cgroup-fix-css_task_iter-crash-on-CSS_TASK_ITER_PROC.patch' '0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch' + '0006-drm-i915-edp-Only-use-the-alternate-fixed-mode-if-it.patch' ) # 'cx23885_move_CI_AC_registration_to_a_separate_function.patch' @@ -103,13 +103,12 @@ prepare() { # disable USER_NS for non-root users by default patch -Np1 -i ../0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch + # https://bugs.archlinux.org/task/56605 - patch -Np1 -i ../0004-Revert-xfrm-Fix-stack-out-of-bounds-read-in-xfrm_sta.patch - patch -Np1 -i ../0005-xfrm-Fix-stack-out-of-bounds-read-on-socket-policy-l.patch - - # https://bugs.archlinux.org/task/56846 - patch -Np1 -i ../0006-cgroup-fix-css_task_iter-crash-on-CSS_TASK_ITER_PROC.patch + patch -Np1 -i ../0004-xfrm-Fix-stack-out-of-bounds-read-on-socket-policy-l.patch + # https://bugs.archlinux.org/task/56711 + patch -Np1 -i ../0006-drm-i915-edp-Only-use-the-alternate-fixed-mode-if-it.patch # end linux-ARCH patches # fix ci invalid PC card inserted issue hopefully @@ -685,11 +684,11 @@ sha256sums=('f81d59477e90a130857ce18dc02f4fbe5725854911db1e7ba770c7cd350f96a7' '102d518779dc312af35faf7e07ff01df3c04521d40d8757fc4e8eba9c595c395' '943e1e6e1518edc8ab86023805f8f88f3672871a4039ccf8a9e97c33e95ae395' '82d660caa11db0cd34fd550a049d7296b4a9dcd28f2a50c81418066d6e598864' - 'e8765a6a553b914b21e59dfe4d2311aba1d518bfcc71d32802d3bc0fa4874369' + '233adc6ec0faf2c71bea243935c9ed945b4ffadbfabd183cd4455e41a3261efa' '75f99f5239e03238f88d1a834c50043ec32b1dc568f2cc291b07d04718483919' 'ae2e95db94ef7176207c690224169594d49445e04249d2499e9d2fbc117a0b21' - '705d5fbfce00ccc20490bdfb5853d67d86ac00c845de6ecb13e414214b48daeb' - '0a249248534a17f14fab7e14994811ae81fe324668a82ff41f3bcabeeae1460f' - '8e1b303957ddd829c0c9ad7c012cd32f2354ff3c8c1b85da3d7f8a54524f3711' - '06bc1d8b1cd153c3146a4376d833f5769b980e5ef5eae99ddaaeb48bf514dae2') + '1c1f5792c98369c546840950e6569a690cd88e33d4f0931d2b0b5b88f705aa4d' + 'c3d743a0e193294bc5fbae65e7ba69fd997cd8b2ded9c9a45c5151d71d9cfb95' + 'd8a865a11665424b21fe6be9265eb287ee6d5646261a486954ddf3a4ee87e78f' + 'ec7342aab478af79a17ff65cf65bbd6744b0caee8f66c77a39bba61a78e6576d') |