diff options
| -rw-r--r-- | .SRCINFO | 8 | ||||
| -rw-r--r-- | 0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch | 20 | ||||
| -rw-r--r-- | 0002-efi-libstub-Fix-path-separator-regression.patch | 54 | ||||
| -rw-r--r-- | PKGBUILD | 8 | ||||
| -rw-r--r-- | config | 4 |
5 files changed, 77 insertions, 17 deletions
@@ -1,6 +1,6 @@ pkgbase = linux-ck pkgver = 5.7.6 - pkgrel = 1 + pkgrel = 2 url = https://wiki.archlinux.org/index.php/Linux-ck arch = x86_64 license = GPL2 @@ -15,16 +15,18 @@ pkgbase = linux-ck source = enable_additional_cpu_optimizations-20200615.tar.gz::https://github.com/graysky2/kernel_gcc_patch/archive/20200615.tar.gz source = http://ck.kolivas.org/patches/5.0/5.7/5.7-ck1/patch-5.7-ck1.xz source = 0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch + source = 0002-efi-libstub-Fix-path-separator-regression.patch source = unfuck-ck1.patch::https://github.com/ckolivas/linux/commit/0b69e633d6b0b08ae8547dc4099c8c0985019553.patch validpgpkeys = ABAF11C65A2970B130ABE3C479BE3E4300411886 validpgpkeys = 647F28654894E3BD457199BE38DBBDC86092693E sha256sums = 9fd4c93dc6df53efa904134aa2ede6100f7453c11383490dd32ebbed84f610e6 sha256sums = SKIP - sha256sums = 623601ed9d7879dd9dba1cd50fc8051f9db508b49b4fc0c47c5a9eb9165fc04e + sha256sums = ed60b20ee841e16038da0d145fbf3f53fac94122c4001d6cd03abe64e9e760f6 sha256sums = 8cb21e0b3411327b627a9dd15b8eb773295a0d2782b1a41b2a8839d1b2f5778c sha256sums = 278fe9ffb29d92cc5220e7beac34a8e3a2006e714d16a21a0427069f9634af90 sha256sums = e4a201e984cf229b66fbab713c49fa3a0e0e8f238f2216e503f9452a7a7a5e06 - sha256sums = 3b5de5bf70a63a6549f986d071f3d9572b19707548cd205a3b8ecdb7dcba3f1c + sha256sums = 2fd54c37df600221909e9af84cecae85b843913fb0e206e5f996a43c40d2dcc8 + sha256sums = de7ad8b9b265dbb70daddd49943ddb06799b491dbb53dce50540a840191f3f4b sha256sums = 5a08ac04975fe784d16d6c8ec2be733c73cdcfc19795f5c7b97d7a1aa7f12328 pkgname = linux-ck diff --git a/0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch b/0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch index 1ba337e64322..f819c30bdf6d 100644 --- a/0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch +++ b/0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch @@ -1,7 +1,7 @@ -From 29d4e22912c69936a503f521b8eff1b3d5dfd427 Mon Sep 17 00:00:00 2001 +From 77c07a8d6f12681914e8b6f0c709d45d8c2114b1 Mon Sep 17 00:00:00 2001 From: "Jan Alexander Steffens (heftig)" <jan.steffens@gmail.com> Date: Mon, 16 Sep 2019 04:53:20 +0200 -Subject: [PATCH 1/4] ZEN: Add sysctl and CONFIG to disallow unprivileged +Subject: [PATCH 1/3] ZEN: Add sysctl and CONFIG to disallow unprivileged CLONE_NEWUSER Our default behavior continues to match the vanilla kernel. @@ -13,10 +13,10 @@ Our default behavior continues to match the vanilla kernel. 4 files changed, 50 insertions(+) diff --git a/init/Kconfig b/init/Kconfig -index ef59c5c36cdb..aaad1e4a5772 100644 +index 74a5ac65644f..965a628556e8 100644 --- a/init/Kconfig +++ b/init/Kconfig -@@ -1094,6 +1094,22 @@ config USER_NS +@@ -1102,6 +1102,22 @@ config USER_NS If unsure, say N. @@ -40,7 +40,7 @@ index ef59c5c36cdb..aaad1e4a5772 100644 bool "PID Namespaces" default y diff --git a/kernel/fork.c b/kernel/fork.c -index c9ba2b7bfef9..599349b67aca 100644 +index 48ed22774efa..ec61454a18d5 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -106,6 +106,11 @@ @@ -55,7 +55,7 @@ index c9ba2b7bfef9..599349b67aca 100644 /* * Minimum number of threads to boot the kernel -@@ -1844,6 +1849,10 @@ static __latent_entropy struct task_struct *copy_process( +@@ -1848,6 +1853,10 @@ static __latent_entropy struct task_struct *copy_process( if ((clone_flags & (CLONE_NEWUSER|CLONE_FS)) == (CLONE_NEWUSER|CLONE_FS)) return ERR_PTR(-EINVAL); @@ -66,7 +66,7 @@ index c9ba2b7bfef9..599349b67aca 100644 /* * Thread groups must share signals as well, and detached threads * can only be started up within the thread group. -@@ -2934,6 +2943,12 @@ int ksys_unshare(unsigned long unshare_flags) +@@ -2948,6 +2957,12 @@ int ksys_unshare(unsigned long unshare_flags) if (unshare_flags & CLONE_NEWNS) unshare_flags |= CLONE_FS; @@ -80,7 +80,7 @@ index c9ba2b7bfef9..599349b67aca 100644 if (err) goto bad_unshare_out; diff --git a/kernel/sysctl.c b/kernel/sysctl.c -index ad5b88a53c5a..8f00d26b7b59 100644 +index 8a176d8727a3..9500597739a2 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c @@ -110,6 +110,9 @@ extern int core_uses_pid; @@ -93,7 +93,7 @@ index ad5b88a53c5a..8f00d26b7b59 100644 extern int pid_max; extern int pid_max_min, pid_max_max; extern int percpu_pagelist_fraction; -@@ -546,6 +549,15 @@ static struct ctl_table kern_table[] = { +@@ -534,6 +537,15 @@ static struct ctl_table kern_table[] = { .proc_handler = proc_dointvec, }, #endif @@ -128,5 +128,5 @@ index 8eadadc478f9..c36ecd19562c 100644 static DEFINE_MUTEX(userns_state_mutex); -- -2.26.2 +2.27.0 diff --git a/0002-efi-libstub-Fix-path-separator-regression.patch b/0002-efi-libstub-Fix-path-separator-regression.patch new file mode 100644 index 000000000000..fc504dbc4448 --- /dev/null +++ b/0002-efi-libstub-Fix-path-separator-regression.patch @@ -0,0 +1,54 @@ +From 2eff8033714ddf05bb2fe52003921af8c8839ed2 Mon Sep 17 00:00:00 2001 +From: Philipp Fent <fent@in.tum.de> +Date: Mon, 15 Jun 2020 13:51:09 +0200 +Subject: [PATCH 2/3] efi/libstub: Fix path separator regression + +Commit 9302c1bb8e47 ("efi/libstub: Rewrite file I/O routine") introduced a +regression that made a couple of (badly configured) systems fail to +boot [1]: Until 5.6, we silently accepted Unix-style file separators in +EFI paths, which might violate the EFI standard, but are an easy to make +mistake. This fix restores the pre-5.7 behaviour. + +[1] https://bbs.archlinux.org/viewtopic.php?id=256273 + +Fixes: 9302c1bb8e47 ("efi/libstub: Rewrite file I/O routine") +Signed-off-by: Philipp Fent <fent@in.tum.de> +Link: https://lore.kernel.org/r/20200615115109.7823-1-fent@in.tum.de +[ardb: rewrite as chained if/else statements] +Signed-off-by: Ard Biesheuvel <ardb@kernel.org> +--- + drivers/firmware/efi/libstub/file.c | 16 ++++++++++++---- + 1 file changed, 12 insertions(+), 4 deletions(-) + +diff --git a/drivers/firmware/efi/libstub/file.c b/drivers/firmware/efi/libstub/file.c +index ea66b1f16a79..f1c4faf58c76 100644 +--- a/drivers/firmware/efi/libstub/file.c ++++ b/drivers/firmware/efi/libstub/file.c +@@ -104,12 +104,20 @@ static int find_file_option(const efi_char16_t *cmdline, int cmdline_len, + if (!found) + return 0; + ++ /* Skip any leading slashes */ ++ while (cmdline[i] == L'/' || cmdline[i] == L'\\') ++ i++; ++ + while (--result_len > 0 && i < cmdline_len) { +- if (cmdline[i] == L'\0' || +- cmdline[i] == L'\n' || +- cmdline[i] == L' ') ++ efi_char16_t c = cmdline[i++]; ++ ++ if (c == L'\0' || c == L'\n' || c == L' ') + break; +- *result++ = cmdline[i++]; ++ else if (c == L'/') ++ /* Replace UNIX dir separators with EFI standard ones */ ++ *result++ = L'\\'; ++ else ++ *result++ = c; + } + *result = L'\0'; + return i; +-- +2.27.0 + @@ -65,7 +65,7 @@ _localmodcfg= pkgbase=linux-ck pkgver=5.7.6 -pkgrel=1 +pkgrel=2 _ckpatchversion=1 arch=(x86_64) url="https://wiki.archlinux.org/index.php/Linux-ck" @@ -83,6 +83,7 @@ source=( "enable_additional_cpu_optimizations-$_gcc_more_v.tar.gz::https://github.com/graysky2/kernel_gcc_patch/archive/$_gcc_more_v.tar.gz" "http://ck.kolivas.org/patches/5.0/5.7/5.7-ck${_ckpatchversion}/$_ckpatch.xz" 0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch + 0002-efi-libstub-Fix-path-separator-regression.patch "unfuck-ck1.patch::https://github.com/ckolivas/linux/commit/0b69e633d6b0b08ae8547dc4099c8c0985019553.patch" ) validpgpkeys=( @@ -91,11 +92,12 @@ validpgpkeys=( ) sha256sums=('9fd4c93dc6df53efa904134aa2ede6100f7453c11383490dd32ebbed84f610e6' 'SKIP' - '623601ed9d7879dd9dba1cd50fc8051f9db508b49b4fc0c47c5a9eb9165fc04e' + 'ed60b20ee841e16038da0d145fbf3f53fac94122c4001d6cd03abe64e9e760f6' '8cb21e0b3411327b627a9dd15b8eb773295a0d2782b1a41b2a8839d1b2f5778c' '278fe9ffb29d92cc5220e7beac34a8e3a2006e714d16a21a0427069f9634af90' 'e4a201e984cf229b66fbab713c49fa3a0e0e8f238f2216e503f9452a7a7a5e06' - '3b5de5bf70a63a6549f986d071f3d9572b19707548cd205a3b8ecdb7dcba3f1c' + '2fd54c37df600221909e9af84cecae85b843913fb0e206e5f996a43c40d2dcc8' + 'de7ad8b9b265dbb70daddd49943ddb06799b491dbb53dce50540a840191f3f4b' '5a08ac04975fe784d16d6c8ec2be733c73cdcfc19795f5c7b97d7a1aa7f12328') export KBUILD_BUILD_HOST=archlinux @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 5.7.1-arch1 Kernel Configuration +# Linux/x86 5.7.6-arch1 Kernel Configuration # # @@ -8778,6 +8778,8 @@ CONFIG_HWSPINLOCK=y # # Clock Source drivers # +CONFIG_TIMER_OF=y +CONFIG_TIMER_PROBE=y CONFIG_CLKEVT_I8253=y CONFIG_I8253_LOCK=y CONFIG_CLKBLD_I8253=y |