diff options
author | Pieter Lenaerts | 2018-01-07 19:31:04 +0100 |
---|---|---|
committer | Pieter Lenaerts | 2018-01-07 19:31:04 +0100 |
commit | c3008e23c3a98e59799113588e5fdae3b5561432 (patch) | |
tree | b64453094ab00f73363ea6db81b4409de9eaa435 | |
parent | bccc6c29e9834729490e898a71d081f7f8658cc4 (diff) | |
download | aur-c3008e23c3a98e59799113588e5fdae3b5561432.tar.gz |
updated to 4.14.12
-rw-r--r-- | .SRCINFO | 36 | ||||
-rw-r--r-- | 0001-ALSA-usb-audio-Fix-the-missing-ctl-name-suffix-at-pa.patch | 77 | ||||
-rw-r--r-- | 0001-Revert-xfrm-Fix-stack-out-of-bounds-read-in-xfrm_sta.patch | 72 | ||||
-rw-r--r-- | 0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch | 15 | ||||
-rw-r--r-- | 0002-e1000e-Fix-e1000_check_for_copper_link_ich8lan-retur.patch (renamed from 0001-e1000e-Fix-e1000_check_for_copper_link_ich8lan-retur.patch) | 8 | ||||
-rw-r--r-- | 0003-dccp-CVE-2017-8824-use-after-free-in-DCCP-code.patch (renamed from 0002-dccp-CVE-2017-8824-use-after-free-in-DCCP-code.patch) | 10 | ||||
-rw-r--r-- | 0004-xfrm-Fix-stack-out-of-bounds-read-on-socket-policy-l.patch (renamed from 0002-xfrm-Fix-stack-out-of-bounds-read-on-socket-policy-l.patch) | 12 | ||||
-rw-r--r-- | 0005-cgroup-fix-css_task_iter-crash-on-CSS_TASK_ITER_PROC.patch (renamed from 0003-cgroup-fix-css_task_iter-crash-on-CSS_TASK_ITER_PROC.patch) | 10 | ||||
-rw-r--r-- | 0006-drm-i915-edp-Only-use-the-alternate-fixed-mode-if-it.patch | 42 | ||||
-rw-r--r-- | PKGBUILD | 50 | ||||
-rw-r--r-- | config_x205ta | 3 |
11 files changed, 114 insertions, 221 deletions
@@ -1,7 +1,7 @@ # Generated by mksrcinfo v8 -# Sat Jan 6 22:39:49 UTC 2018 +# Sun Jan 7 18:03:42 UTC 2018 pkgbase = linux-x205ta - pkgver = 4.14.9 + pkgver = 4.14.12 pkgrel = 1 url = https://www.kernel.org/ arch = x86_64 @@ -14,18 +14,17 @@ pkgbase = linux-x205ta options = !strip source = https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.14.tar.xz source = https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.14.tar.sign - source = https://www.kernel.org/pub/linux/kernel/v4.x/patch-4.14.9.xz - source = https://www.kernel.org/pub/linux/kernel/v4.x/patch-4.14.9.sign + source = https://www.kernel.org/pub/linux/kernel/v4.x/patch-4.14.12.xz + source = https://www.kernel.org/pub/linux/kernel/v4.x/patch-4.14.12.sign source = 60-linux.hook source = 90-linux.hook source = linux.preset source = 0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch - source = 0001-e1000e-Fix-e1000_check_for_copper_link_ich8lan-retur.patch - source = 0002-dccp-CVE-2017-8824-use-after-free-in-DCCP-code.patch - source = 0001-Revert-xfrm-Fix-stack-out-of-bounds-read-in-xfrm_sta.patch - source = 0002-xfrm-Fix-stack-out-of-bounds-read-on-socket-policy-l.patch - source = 0003-cgroup-fix-css_task_iter-crash-on-CSS_TASK_ITER_PROC.patch - source = 0001-ALSA-usb-audio-Fix-the-missing-ctl-name-suffix-at-pa.patch + source = 0002-e1000e-Fix-e1000_check_for_copper_link_ich8lan-retur.patch + source = 0003-dccp-CVE-2017-8824-use-after-free-in-DCCP-code.patch + source = 0004-xfrm-Fix-stack-out-of-bounds-read-on-socket-policy-l.patch + source = 0005-cgroup-fix-css_task_iter-crash-on-CSS_TASK_ITER_PROC.patch + source = 0006-drm-i915-edp-Only-use-the-alternate-fixed-mode-if-it.patch source = 9000-fix_c-state_patchv4.14.patch source = 9002-brcmfmac-p2p-and-normal-ap-access-are-not-always-possible-at-the-same-time.patch source = 9001-rpmb.patch @@ -33,18 +32,17 @@ pkgbase = linux-x205ta source = config_x205ta sha256sums = f81d59477e90a130857ce18dc02f4fbe5725854911db1e7ba770c7cd350f96a7 sha256sums = SKIP - sha256sums = 5edc955bb67b04c7ed426b1df17a3e322e32ad9fdda9c6abb53ab6eca7faf704 + sha256sums = da5d8db44b0988e4c45346899d3f5a51f8bd6c25f14e729615ca9ff9f17bdefd sha256sums = SKIP sha256sums = ae2e95db94ef7176207c690224169594d49445e04249d2499e9d2fbc117a0b21 sha256sums = 75f99f5239e03238f88d1a834c50043ec32b1dc568f2cc291b07d04718483919 sha256sums = ad6344badc91ad0630caacde83f7f9b97276f80d26a20619a87952be65492c65 - sha256sums = 37b86ca3de148a34258e3176dbf41488d9dbd19e93adbd22a062b3c41332ce85 - sha256sums = c6e7db7dfd6a07e1fd0e20c3a5f0f315f9c2a366fe42214918b756f9a1c9bfa3 - sha256sums = 1d69940c6bf1731fa1d1da29b32ec4f594fa360118fe7b128c9810285ebf13e2 - sha256sums = ed3266ab03f836f57de0faf8a10ffd7566c909515c2649de99adaab2fac4aa32 - sha256sums = 64a014f7e1b4588728b3ea9538beee67ec63fb792d890c7be9cc13ddc2121b00 - sha256sums = 3d4c41086c077fbd515d04f5e59c0c258f700433c5da3365d960b696c2e56efb - sha256sums = 95f0d0a94983b0dafd295f660a663f9be5ef2fcb9646098426a5d12b59f50638 + sha256sums = d8a865a11665424b21fe6be9265eb287ee6d5646261a486954ddf3a4ee87e78f + sha256sums = 9251c03da9d4b64591d77f490ff144d4ba514e66e74294ada541bf827306c9c4 + sha256sums = 6ce57b8dba43db4c6ee167a8891167b7d1e1e101d5112e776113eb37de5c37d8 + sha256sums = 1c1f5792c98369c546840950e6569a690cd88e33d4f0931d2b0b5b88f705aa4d + sha256sums = c3d743a0e193294bc5fbae65e7ba69fd997cd8b2ded9c9a45c5151d71d9cfb95 + sha256sums = ec7342aab478af79a17ff65cf65bbd6744b0caee8f66c77a39bba61a78e6576d sha256sums = dfbef29d75d08010223379500be62b7866c4606386d863eae1ba41bee16807de sha256sums = ad0f318809d074ee387f48fdfcb711b0fa3eb378867ac65c6da3d490834e649d sha256sums = f69b0f127f8f1a2b4b34dedaf3c37ef3e561e75fea4de031993341a93c0456d9 @@ -65,5 +63,5 @@ pkgname = linux-x205ta-headers pkgdesc = Header files and scripts for building modules for Linux-x205ta kernel, with patches for ASUS x205ta. pkgname = linux-x205ta-docs - pkgdesc = Kernel hackers manual - HTML documentation that comes with the Linux-x205ta kernel + pkgdesc = Kernel hackers manual - HTML documentation that comes with the Linux-x205ta kernel, with patches for ASUS x205ta. diff --git a/0001-ALSA-usb-audio-Fix-the-missing-ctl-name-suffix-at-pa.patch b/0001-ALSA-usb-audio-Fix-the-missing-ctl-name-suffix-at-pa.patch deleted file mode 100644 index fe62f65af163..000000000000 --- a/0001-ALSA-usb-audio-Fix-the-missing-ctl-name-suffix-at-pa.patch +++ /dev/null @@ -1,77 +0,0 @@ -From 16b5ff888e251b8c4dedd3994d2e85ab25ea7fa4 Mon Sep 17 00:00:00 2001 -Message-Id: <16b5ff888e251b8c4dedd3994d2e85ab25ea7fa4.1514245036.git.jan.steffens@gmail.com> -From: Takashi Iwai <tiwai@suse.de> -Date: Mon, 18 Dec 2017 23:36:57 +0100 -Subject: [PATCH] ALSA: usb-audio: Fix the missing ctl name suffix at parsing - SU - -The commit 89b89d121ffc ("ALSA: usb-audio: Add check return value for -usb_string()") added the check of the return value from -snd_usb_copy_string_desc(), which is correct per se, but it introduced -a regression. In the original code, either the "Clock Source", -"Playback Source" or "Capture Source" suffix is added after the -terminal string, while the commit changed it to add the suffix only -when get_term_name() is failing. It ended up with an incorrect ctl -name like "PCM" instead of "PCM Capture Source". - -Also, even the original code has a similar bug: when the ctl name is -generated from snd_usb_copy_string_desc() for the given iSelector, it -also doesn't put the suffix. - -This patch addresses these issues: the suffix is added always when no -static mapping is found. Also the patch tries to put more comments -and cleans up the if/else block for better readability in order to -avoid the same pitfall again. - -Fixes: 89b89d121ffc ("ALSA: usb-audio: Add check return value for usb_string()") -Reported-and-tested-by: Mauro Santos <registo.mailling@gmail.com> -Cc: <stable@vger.kernel.org> -Signed-off-by: Takashi Iwai <tiwai@suse.de> ---- - sound/usb/mixer.c | 27 ++++++++++++++++----------- - 1 file changed, 16 insertions(+), 11 deletions(-) - -diff --git a/sound/usb/mixer.c b/sound/usb/mixer.c -index 4fde4f8d4444a597..75bce127d768c613 100644 ---- a/sound/usb/mixer.c -+++ b/sound/usb/mixer.c -@@ -2173,20 +2173,25 @@ static int parse_audio_selector_unit(struct mixer_build *state, int unitid, - kctl->private_value = (unsigned long)namelist; - kctl->private_free = usb_mixer_selector_elem_free; - -- nameid = uac_selector_unit_iSelector(desc); -+ /* check the static mapping table at first */ - len = check_mapped_name(map, kctl->id.name, sizeof(kctl->id.name)); -- if (len) -- ; -- else if (nameid) -- len = snd_usb_copy_string_desc(state, nameid, kctl->id.name, -- sizeof(kctl->id.name)); -- else -- len = get_term_name(state, &state->oterm, -- kctl->id.name, sizeof(kctl->id.name), 0); -- - if (!len) { -- strlcpy(kctl->id.name, "USB", sizeof(kctl->id.name)); -+ /* no mapping ? */ -+ /* if iSelector is given, use it */ -+ nameid = uac_selector_unit_iSelector(desc); -+ if (nameid) -+ len = snd_usb_copy_string_desc(state, nameid, -+ kctl->id.name, -+ sizeof(kctl->id.name)); -+ /* ... or pick up the terminal name at next */ -+ if (!len) -+ len = get_term_name(state, &state->oterm, -+ kctl->id.name, sizeof(kctl->id.name), 0); -+ /* ... or use the fixed string "USB" as the last resort */ -+ if (!len) -+ strlcpy(kctl->id.name, "USB", sizeof(kctl->id.name)); - -+ /* and add the proper suffix */ - if (desc->bDescriptorSubtype == UAC2_CLOCK_SELECTOR) - append_ctl_name(kctl, " Clock Source"); - else if ((state->oterm.type & 0xff00) == 0x0100) --- -2.15.1 - diff --git a/0001-Revert-xfrm-Fix-stack-out-of-bounds-read-in-xfrm_sta.patch b/0001-Revert-xfrm-Fix-stack-out-of-bounds-read-in-xfrm_sta.patch deleted file mode 100644 index b44eb2ab8898..000000000000 --- a/0001-Revert-xfrm-Fix-stack-out-of-bounds-read-in-xfrm_sta.patch +++ /dev/null @@ -1,72 +0,0 @@ -From b0bfa7c33cead5dd87267cfd4c29fda47dc1adc4 Mon Sep 17 00:00:00 2001 -Message-Id: <b0bfa7c33cead5dd87267cfd4c29fda47dc1adc4.1514245012.git.jan.steffens@gmail.com> -From: Steffen Klassert <steffen.klassert@secunet.com> -Date: Wed, 15 Nov 2017 06:40:57 +0100 -Subject: [PATCH 1/3] Revert "xfrm: Fix stack-out-of-bounds read in - xfrm_state_find." - -This reverts commit c9f3f813d462c72dbe412cee6a5cbacf13c4ad5e. - -This commit breaks transport mode when the policy template -has widlcard addresses configured, so revert it. - -Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com> ---- - net/xfrm/xfrm_policy.c | 29 ++++++++++++++++++----------- - 1 file changed, 18 insertions(+), 11 deletions(-) - -diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c -index 6eb228a70131069b..a2e531bf4f976308 100644 ---- a/net/xfrm/xfrm_policy.c -+++ b/net/xfrm/xfrm_policy.c -@@ -1361,29 +1361,36 @@ xfrm_tmpl_resolve_one(struct xfrm_policy *policy, const struct flowi *fl, - struct net *net = xp_net(policy); - int nx; - int i, error; -+ xfrm_address_t *daddr = xfrm_flowi_daddr(fl, family); -+ xfrm_address_t *saddr = xfrm_flowi_saddr(fl, family); - xfrm_address_t tmp; - - for (nx = 0, i = 0; i < policy->xfrm_nr; i++) { - struct xfrm_state *x; -- xfrm_address_t *local; -- xfrm_address_t *remote; -+ xfrm_address_t *remote = daddr; -+ xfrm_address_t *local = saddr; - struct xfrm_tmpl *tmpl = &policy->xfrm_vec[i]; - -- remote = &tmpl->id.daddr; -- local = &tmpl->saddr; -- if (xfrm_addr_any(local, tmpl->encap_family)) { -- error = xfrm_get_saddr(net, fl->flowi_oif, -- &tmp, remote, -- tmpl->encap_family, 0); -- if (error) -- goto fail; -- local = &tmp; -+ if (tmpl->mode == XFRM_MODE_TUNNEL || -+ tmpl->mode == XFRM_MODE_BEET) { -+ remote = &tmpl->id.daddr; -+ local = &tmpl->saddr; -+ if (xfrm_addr_any(local, tmpl->encap_family)) { -+ error = xfrm_get_saddr(net, fl->flowi_oif, -+ &tmp, remote, -+ tmpl->encap_family, 0); -+ if (error) -+ goto fail; -+ local = &tmp; -+ } - } - - x = xfrm_state_find(remote, local, fl, tmpl, policy, &error, family); - - if (x && x->km.state == XFRM_STATE_VALID) { - xfrm[nx++] = x; -+ daddr = remote; -+ saddr = local; - continue; - } - if (x) { --- -2.15.1 - diff --git a/0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch b/0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch index 29582c2bf608..c3364a49db0e 100644 --- a/0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch +++ b/0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch @@ -1,8 +1,9 @@ -From 5ec2dd3a095442ec1a21d86042a4994f2ba24e63 Mon Sep 17 00:00:00 2001 -Message-Id: <5ec2dd3a095442ec1a21d86042a4994f2ba24e63.1512651251.git.jan.steffens@gmail.com> +From 0b716bdb952b678d9bb5eb32198dbc82ec492df2 Mon Sep 17 00:00:00 2001 +Message-Id: <0b716bdb952b678d9bb5eb32198dbc82ec492df2.1515173964.git.jan.steffens@gmail.com> From: Serge Hallyn <serge.hallyn@canonical.com> Date: Fri, 31 May 2013 19:12:12 +0100 -Subject: [PATCH] add sysctl to disallow unprivileged CLONE_NEWUSER by default +Subject: [PATCH 1/6] add sysctl to disallow unprivileged CLONE_NEWUSER by + default Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com> [bwh: Remove unneeded binary sysctl bits] @@ -14,7 +15,7 @@ Signed-off-by: Daniel Micay <danielmicay@gmail.com> 3 files changed, 30 insertions(+) diff --git a/kernel/fork.c b/kernel/fork.c -index 07cc743698d3668e..4011d68a8ff9305c 100644 +index 500ce64517d93e68..35f5860958b40e9b 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -102,6 +102,11 @@ @@ -29,7 +30,7 @@ index 07cc743698d3668e..4011d68a8ff9305c 100644 /* * Minimum number of threads to boot the kernel -@@ -1555,6 +1560,10 @@ static __latent_entropy struct task_struct *copy_process( +@@ -1554,6 +1559,10 @@ static __latent_entropy struct task_struct *copy_process( if ((clone_flags & (CLONE_NEWUSER|CLONE_FS)) == (CLONE_NEWUSER|CLONE_FS)) return ERR_PTR(-EINVAL); @@ -40,7 +41,7 @@ index 07cc743698d3668e..4011d68a8ff9305c 100644 /* * Thread groups must share signals as well, and detached threads * can only be started up within the thread group. -@@ -2348,6 +2357,12 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags) +@@ -2347,6 +2356,12 @@ SYSCALL_DEFINE1(unshare, unsigned long, unshare_flags) if (unshare_flags & CLONE_NEWNS) unshare_flags |= CLONE_FS; @@ -54,7 +55,7 @@ index 07cc743698d3668e..4011d68a8ff9305c 100644 if (err) goto bad_unshare_out; diff --git a/kernel/sysctl.c b/kernel/sysctl.c -index b86520ed3fb60fbf..f7dab3760839f1a1 100644 +index 56aca862c4f584f5..e8402ba393c1915d 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c @@ -105,6 +105,9 @@ extern int core_uses_pid; diff --git a/0001-e1000e-Fix-e1000_check_for_copper_link_ich8lan-retur.patch b/0002-e1000e-Fix-e1000_check_for_copper_link_ich8lan-retur.patch index 7e3ecbde40ff..9961ab6f9273 100644 --- a/0001-e1000e-Fix-e1000_check_for_copper_link_ich8lan-retur.patch +++ b/0002-e1000e-Fix-e1000_check_for_copper_link_ich8lan-retur.patch @@ -1,8 +1,10 @@ -From c3c1af44db713ac6624e729ea4832d0ce70685e0 Mon Sep 17 00:00:00 2001 -Message-Id: <c3c1af44db713ac6624e729ea4832d0ce70685e0.1513282811.git.jan.steffens@gmail.com> +From e6a5e05524563626d14c1745619e37e79cb5a3a7 Mon Sep 17 00:00:00 2001 +Message-Id: <e6a5e05524563626d14c1745619e37e79cb5a3a7.1515173964.git.jan.steffens@gmail.com> +In-Reply-To: <0b716bdb952b678d9bb5eb32198dbc82ec492df2.1515173964.git.jan.steffens@gmail.com> +References: <0b716bdb952b678d9bb5eb32198dbc82ec492df2.1515173964.git.jan.steffens@gmail.com> From: Benjamin Poirier <bpoirier@suse.com> Date: Mon, 11 Dec 2017 16:26:40 +0900 -Subject: [PATCH 1/2] e1000e: Fix e1000_check_for_copper_link_ich8lan return +Subject: [PATCH 2/6] e1000e: Fix e1000_check_for_copper_link_ich8lan return value. e1000e_check_for_copper_link() and e1000_check_for_copper_link_ich8lan() diff --git a/0002-dccp-CVE-2017-8824-use-after-free-in-DCCP-code.patch b/0003-dccp-CVE-2017-8824-use-after-free-in-DCCP-code.patch index 26311bf3bb54..15e4d29b6e14 100644 --- a/0002-dccp-CVE-2017-8824-use-after-free-in-DCCP-code.patch +++ b/0003-dccp-CVE-2017-8824-use-after-free-in-DCCP-code.patch @@ -1,10 +1,10 @@ -From 80d3e994e0631d9135cadf20a0b5ad483d7e9bbb Mon Sep 17 00:00:00 2001 -Message-Id: <80d3e994e0631d9135cadf20a0b5ad483d7e9bbb.1513282811.git.jan.steffens@gmail.com> -In-Reply-To: <c3c1af44db713ac6624e729ea4832d0ce70685e0.1513282811.git.jan.steffens@gmail.com> -References: <c3c1af44db713ac6624e729ea4832d0ce70685e0.1513282811.git.jan.steffens@gmail.com> +From e3fff011db7dd80d53b6bda48bcf2313918aa7a8 Mon Sep 17 00:00:00 2001 +Message-Id: <e3fff011db7dd80d53b6bda48bcf2313918aa7a8.1515173964.git.jan.steffens@gmail.com> +In-Reply-To: <0b716bdb952b678d9bb5eb32198dbc82ec492df2.1515173964.git.jan.steffens@gmail.com> +References: <0b716bdb952b678d9bb5eb32198dbc82ec492df2.1515173964.git.jan.steffens@gmail.com> From: Mohamed Ghannam <simo.ghannam@gmail.com> Date: Tue, 5 Dec 2017 20:58:35 +0000 -Subject: [PATCH 2/2] dccp: CVE-2017-8824: use-after-free in DCCP code +Subject: [PATCH 3/6] dccp: CVE-2017-8824: use-after-free in DCCP code Whenever the sock object is in DCCP_CLOSED state, dccp_disconnect() must free dccps_hc_tx_ccid and diff --git a/0002-xfrm-Fix-stack-out-of-bounds-read-on-socket-policy-l.patch b/0004-xfrm-Fix-stack-out-of-bounds-read-on-socket-policy-l.patch index ad4614492736..6b4de3a648d9 100644 --- a/0002-xfrm-Fix-stack-out-of-bounds-read-on-socket-policy-l.patch +++ b/0004-xfrm-Fix-stack-out-of-bounds-read-on-socket-policy-l.patch @@ -1,10 +1,10 @@ -From 1c3a5e72b70bcfaf342075a3fa5fcbdf99302a3f Mon Sep 17 00:00:00 2001 -Message-Id: <1c3a5e72b70bcfaf342075a3fa5fcbdf99302a3f.1514245012.git.jan.steffens@gmail.com> -In-Reply-To: <b0bfa7c33cead5dd87267cfd4c29fda47dc1adc4.1514245012.git.jan.steffens@gmail.com> -References: <b0bfa7c33cead5dd87267cfd4c29fda47dc1adc4.1514245012.git.jan.steffens@gmail.com> +From 5a11be3bab2dcd6fe061206662969c4cea46988f Mon Sep 17 00:00:00 2001 +Message-Id: <5a11be3bab2dcd6fe061206662969c4cea46988f.1515173964.git.jan.steffens@gmail.com> +In-Reply-To: <0b716bdb952b678d9bb5eb32198dbc82ec492df2.1515173964.git.jan.steffens@gmail.com> +References: <0b716bdb952b678d9bb5eb32198dbc82ec492df2.1515173964.git.jan.steffens@gmail.com> From: Steffen Klassert <steffen.klassert@secunet.com> Date: Fri, 22 Dec 2017 10:44:57 +0100 -Subject: [PATCH 2/3] xfrm: Fix stack-out-of-bounds read on socket policy +Subject: [PATCH 4/6] xfrm: Fix stack-out-of-bounds read on socket policy lookup. When we do tunnel or beet mode, we pass saddr and daddr from the @@ -24,7 +24,7 @@ Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com> 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c -index a2e531bf4f976308..c79ed3bed5d4dc2f 100644 +index 6bc16bb61b5533ef..50c5f46b5cca942e 100644 --- a/net/xfrm/xfrm_policy.c +++ b/net/xfrm/xfrm_policy.c @@ -1169,9 +1169,15 @@ static struct xfrm_policy *xfrm_sk_policy_lookup(const struct sock *sk, int dir, diff --git a/0003-cgroup-fix-css_task_iter-crash-on-CSS_TASK_ITER_PROC.patch b/0005-cgroup-fix-css_task_iter-crash-on-CSS_TASK_ITER_PROC.patch index 80a09f9a5469..3090318aacb8 100644 --- a/0003-cgroup-fix-css_task_iter-crash-on-CSS_TASK_ITER_PROC.patch +++ b/0005-cgroup-fix-css_task_iter-crash-on-CSS_TASK_ITER_PROC.patch @@ -1,10 +1,10 @@ -From a3c64fe9d978f3ee8f21fac5b410c63fe7cce725 Mon Sep 17 00:00:00 2001 -Message-Id: <a3c64fe9d978f3ee8f21fac5b410c63fe7cce725.1514245012.git.jan.steffens@gmail.com> -In-Reply-To: <b0bfa7c33cead5dd87267cfd4c29fda47dc1adc4.1514245012.git.jan.steffens@gmail.com> -References: <b0bfa7c33cead5dd87267cfd4c29fda47dc1adc4.1514245012.git.jan.steffens@gmail.com> +From eadda028a73a567edd8462ccd0e8c28e023cde28 Mon Sep 17 00:00:00 2001 +Message-Id: <eadda028a73a567edd8462ccd0e8c28e023cde28.1515173964.git.jan.steffens@gmail.com> +In-Reply-To: <0b716bdb952b678d9bb5eb32198dbc82ec492df2.1515173964.git.jan.steffens@gmail.com> +References: <0b716bdb952b678d9bb5eb32198dbc82ec492df2.1515173964.git.jan.steffens@gmail.com> From: Tejun Heo <tj@kernel.org> Date: Wed, 20 Dec 2017 07:09:19 -0800 -Subject: [PATCH 3/3] cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC +Subject: [PATCH 5/6] cgroup: fix css_task_iter crash on CSS_TASK_ITER_PROC While teaching css_task_iter to handle skipping over tasks which aren't group leaders, bc2fb7ed089f ("cgroup: add @flags to diff --git a/0006-drm-i915-edp-Only-use-the-alternate-fixed-mode-if-it.patch b/0006-drm-i915-edp-Only-use-the-alternate-fixed-mode-if-it.patch new file mode 100644 index 000000000000..5d36d15ac47b --- /dev/null +++ b/0006-drm-i915-edp-Only-use-the-alternate-fixed-mode-if-it.patch @@ -0,0 +1,42 @@ +From cf45be4971bdd769c09e2a11db483510cd0bcc5f Mon Sep 17 00:00:00 2001 +Message-Id: <cf45be4971bdd769c09e2a11db483510cd0bcc5f.1515173964.git.jan.steffens@gmail.com> +In-Reply-To: <0b716bdb952b678d9bb5eb32198dbc82ec492df2.1515173964.git.jan.steffens@gmail.com> +References: <0b716bdb952b678d9bb5eb32198dbc82ec492df2.1515173964.git.jan.steffens@gmail.com> +From: Jim Bride <jim.bride@linux.intel.com> +Date: Mon, 6 Nov 2017 13:38:57 -0800 +Subject: [PATCH 6/6] drm/i915/edp: Only use the alternate fixed mode if it's + asked for + +In commit dc911f5bd8aa ("drm/i915/edp: Allow alternate fixed mode for +eDP if available."), the patch allows for the use of an alternate fixed +mode if it is available, but the patch was not ensuring that the only +time the alternate mode is used is when it is specifically requested. +This patch adds an additional comparison to intel_edp_compare_alt_mode +to ensure that we only use the alternate mode if it is directly +requested. + +Fixes: dc911f5bd8aac ("Allow alternate fixed mode for eDP if available.") +Cc: David Weinehall <david.weinehall@linux.intel.com> +Cc: Rodrigo Vivi <rodrigo.vivi@intel.com> +Signed-off-by: Jim Bride <jim.bride@linux.intel.com> +--- + drivers/gpu/drm/i915/intel_dp.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/drivers/gpu/drm/i915/intel_dp.c b/drivers/gpu/drm/i915/intel_dp.c +index 09f274419eea1c74..838cee312e8e6978 100644 +--- a/drivers/gpu/drm/i915/intel_dp.c ++++ b/drivers/gpu/drm/i915/intel_dp.c +@@ -1632,7 +1632,8 @@ static bool intel_edp_compare_alt_mode(struct drm_display_mode *m1, + m1->vdisplay == m2->vdisplay && + m1->vsync_start == m2->vsync_start && + m1->vsync_end == m2->vsync_end && +- m1->vtotal == m2->vtotal); ++ m1->vtotal == m2->vtotal && ++ m1->vrefresh == m2->vrefresh); + return bres; + } + +-- +2.15.1 + @@ -5,7 +5,7 @@ pkgbase=linux-x205ta _srcname=linux-4.14 -pkgver=4.14.9 +pkgver=4.14.12 pkgrel=1 arch=('x86_64') url="https://www.kernel.org/" @@ -20,13 +20,12 @@ source=( '60-linux.hook' # pacman hook for depmod '90-linux.hook' # pacman hook for initramfs regeneration 'linux.preset' # standard config files for mkinitcpio ramdisk - '0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch' - '0001-e1000e-Fix-e1000_check_for_copper_link_ich8lan-retur.patch' - '0002-dccp-CVE-2017-8824-use-after-free-in-DCCP-code.patch' - '0001-Revert-xfrm-Fix-stack-out-of-bounds-read-in-xfrm_sta.patch' - '0002-xfrm-Fix-stack-out-of-bounds-read-on-socket-policy-l.patch' - '0003-cgroup-fix-css_task_iter-crash-on-CSS_TASK_ITER_PROC.patch' - '0001-ALSA-usb-audio-Fix-the-missing-ctl-name-suffix-at-pa.patch' + 0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch + 0002-e1000e-Fix-e1000_check_for_copper_link_ich8lan-retur.patch + 0003-dccp-CVE-2017-8824-use-after-free-in-DCCP-code.patch + 0004-xfrm-Fix-stack-out-of-bounds-read-on-socket-policy-l.patch + 0005-cgroup-fix-css_task_iter-crash-on-CSS_TASK_ITER_PROC.patch + 0006-drm-i915-edp-Only-use-the-alternate-fixed-mode-if-it.patch '9000-fix_c-state_patchv4.14.patch' '9002-brcmfmac-p2p-and-normal-ap-access-are-not-always-possible-at-the-same-time.patch' '9001-rpmb.patch' @@ -39,32 +38,32 @@ validpgpkeys=( ) sha256sums=('f81d59477e90a130857ce18dc02f4fbe5725854911db1e7ba770c7cd350f96a7' 'SKIP' - '5edc955bb67b04c7ed426b1df17a3e322e32ad9fdda9c6abb53ab6eca7faf704' + 'da5d8db44b0988e4c45346899d3f5a51f8bd6c25f14e729615ca9ff9f17bdefd' 'SKIP' 'ae2e95db94ef7176207c690224169594d49445e04249d2499e9d2fbc117a0b21' '75f99f5239e03238f88d1a834c50043ec32b1dc568f2cc291b07d04718483919' 'ad6344badc91ad0630caacde83f7f9b97276f80d26a20619a87952be65492c65' - '37b86ca3de148a34258e3176dbf41488d9dbd19e93adbd22a062b3c41332ce85' - 'c6e7db7dfd6a07e1fd0e20c3a5f0f315f9c2a366fe42214918b756f9a1c9bfa3' - '1d69940c6bf1731fa1d1da29b32ec4f594fa360118fe7b128c9810285ebf13e2' - 'ed3266ab03f836f57de0faf8a10ffd7566c909515c2649de99adaab2fac4aa32' - '64a014f7e1b4588728b3ea9538beee67ec63fb792d890c7be9cc13ddc2121b00' - '3d4c41086c077fbd515d04f5e59c0c258f700433c5da3365d960b696c2e56efb' - '95f0d0a94983b0dafd295f660a663f9be5ef2fcb9646098426a5d12b59f50638' + 'd8a865a11665424b21fe6be9265eb287ee6d5646261a486954ddf3a4ee87e78f' + '9251c03da9d4b64591d77f490ff144d4ba514e66e74294ada541bf827306c9c4' + '6ce57b8dba43db4c6ee167a8891167b7d1e1e101d5112e776113eb37de5c37d8' + '1c1f5792c98369c546840950e6569a690cd88e33d4f0931d2b0b5b88f705aa4d' + 'c3d743a0e193294bc5fbae65e7ba69fd997cd8b2ded9c9a45c5151d71d9cfb95' + 'ec7342aab478af79a17ff65cf65bbd6744b0caee8f66c77a39bba61a78e6576d' 'dfbef29d75d08010223379500be62b7866c4606386d863eae1ba41bee16807de' 'ad0f318809d074ee387f48fdfcb711b0fa3eb378867ac65c6da3d490834e649d' 'f69b0f127f8f1a2b4b34dedaf3c37ef3e561e75fea4de031993341a93c0456d9' '139b6357a092ecc0284ba8f4440f7babcb6f5ac81a52420ad950de4cd2f281dd' - '13bdf6048dba34c76565a98f758333bfe38bdb7e378122ea98c249f8e2c2cda5') + 'fe2f82b81d689ec35a9ecb3ecf1ebc17c39dcbf214039f200ff19a27cd2482e9') _kernelname=${pkgbase#linux} prepare() { -cd ${_srcname} + cd ${_srcname} # add upstream patch patch -p1 -i ../patch-${pkgver} + chmod +x tools/objtool/sync-check.sh # GNU patch doesn't support git-style file mode # security patches @@ -75,20 +74,19 @@ cd ${_srcname} patch -Np1 -i ../0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch # https://bugs.archlinux.org/task/56575 - patch -Np1 -i ../0001-e1000e-Fix-e1000_check_for_copper_link_ich8lan-retur.patch + patch -Np1 -i ../0002-e1000e-Fix-e1000_check_for_copper_link_ich8lan-retur.patch # https://nvd.nist.gov/vuln/detail/CVE-2017-8824 - patch -Np1 -i ../0002-dccp-CVE-2017-8824-use-after-free-in-DCCP-code.patch + patch -Np1 -i ../0003-dccp-CVE-2017-8824-use-after-free-in-DCCP-code.patch # https://bugs.archlinux.org/task/56605 - patch -Np1 -i ../0001-Revert-xfrm-Fix-stack-out-of-bounds-read-in-xfrm_sta.patch - patch -Np1 -i ../0002-xfrm-Fix-stack-out-of-bounds-read-on-socket-policy-l.patch + patch -Np1 -i ../0004-xfrm-Fix-stack-out-of-bounds-read-on-socket-policy-l.patch # https://bugs.archlinux.org/task/56846 - patch -Np1 -i ../0003-cgroup-fix-css_task_iter-crash-on-CSS_TASK_ITER_PROC.patch + patch -Np1 -i ../0005-cgroup-fix-css_task_iter-crash-on-CSS_TASK_ITER_PROC.patch - # https://bugs.archlinux.org/task/56830 - patch -Np1 -i ../0001-ALSA-usb-audio-Fix-the-missing-ctl-name-suffix-at-pa.patch + # https://bugs.archlinux.org/task/56711 + patch -Np1 -i ../0006-drm-i915-edp-Only-use-the-alternate-fixed-mode-if-it.patch # Here start x205ta patches, refer to https://goo.gl/dcXIM0 for harryharryharry's guide which is the main starting point # for info on these patches. @@ -277,7 +275,7 @@ _package-headers() { } _package-docs() { - pkgdesc="Kernel hackers manual - HTML documentation that comes with the ${pkgbase/linux/Linux} kernel" + pkgdesc="Kernel hackers manual - HTML documentation that comes with the ${pkgbase/linux/Linux} kernel, with patches for ASUS x205ta." cd ${_srcname} local _builddir="${pkgdir}/usr/lib/modules/${_kernver}/build" diff --git a/config_x205ta b/config_x205ta index 63097f75a499..17d9d90606e9 100644 --- a/config_x205ta +++ b/config_x205ta @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.14.9-1 Kernel Configuration +# Linux/x86 4.14.12-1 Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y @@ -5545,6 +5545,7 @@ CONFIG_SECURITY=y # CONFIG_SECURITY_WRITABLE_HOOKS is not set CONFIG_SECURITYFS=y CONFIG_SECURITY_NETWORK=y +CONFIG_PAGE_TABLE_ISOLATION=y # CONFIG_SECURITY_NETWORK_XFRM is not set CONFIG_SECURITY_PATH=y # CONFIG_INTEL_TXT is not set |