summarylogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.SRCINFO26
-rw-r--r--0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch10
-rw-r--r--0002-Arch-Linux-kernel-v4.18.9-arch1.patch (renamed from 0003-Arch-Linux-kernel-v4.18.7-arch1.patch)10
-rw-r--r--0002-HID-core-fix-grouping-by-application.patch81
-rw-r--r--PKGBUILD14
-rw-r--r--config30
6 files changed, 52 insertions, 119 deletions
diff --git a/.SRCINFO b/.SRCINFO
index 32372eb130f..a4fc8d885b1 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,7 +1,7 @@
# Generated by mksrcinfo v8
-# Sat Sep 15 08:37:37 UTC 2018
+# Wed Sep 19 23:05:12 UTC 2018
pkgbase = linux-ck
- pkgver = 4.18.8
+ pkgver = 4.18.9
pkgrel = 1
url = https://wiki.archlinux.org/index.php/Linux-ck
arch = x86_64
@@ -11,8 +11,8 @@ pkgbase = linux-ck
makedepends = bc
makedepends = libelf
options = !strip
- source = https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.18.8.tar.xz
- source = https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.18.8.tar.sign
+ source = https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.18.9.tar.xz
+ source = https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.18.9.tar.sign
source = config
source = 60-linux.hook
source = 90-linux.hook
@@ -21,20 +21,18 @@ pkgbase = linux-ck
source = http://ck.kolivas.org/patches/4.0/4.18/4.18-ck1/patch-4.18-ck1.xz
source = Fix_MuQSS_full_dynticks_build.patch::https://github.com/ckolivas/linux/commit/abb4fd30fa127a0e8178b975343eb01713bc2b18.patch
source = 0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch
- source = 0002-HID-core-fix-grouping-by-application.patch
- source = 0003-Arch-Linux-kernel-v4.18.7-arch1.patch
- sha256sums = f1551bad69ab617708fa8cf3f94545ae03dd350bdeb3065fbcf39c1a7df85494
+ source = 0002-Arch-Linux-kernel-v4.18.9-arch1.patch
+ sha256sums = 4c995351e57902a04a94e43796407b4ba295c8eae070c27e99f8f99c321e917a
sha256sums = SKIP
- sha256sums = a181ab290681e16b329775200357e7c04dcf8d6a5bc787d93feb5d763e892827
+ sha256sums = f5dd266c63f351508d14d8bc3c3c8918152beb0ea16610aef523008f5260149f
sha256sums = ae2e95db94ef7176207c690224169594d49445e04249d2499e9d2fbc117a0b21
sha256sums = 75f99f5239e03238f88d1a834c50043ec32b1dc568f2cc291b07d04718483919
sha256sums = ad6344badc91ad0630caacde83f7f9b97276f80d26a20619a87952be65492c65
sha256sums = 226e30068ea0fecdb22f337391385701996bfbdba37cdcf0f1dbf55f1080542d
sha256sums = 0354083492adb3785dd31d2d4bf7dc805110aceffb369deed6cbded121f8a3d3
sha256sums = 6e1f3cc3eb9a1e30a69ef1999f9aa6ad7f2f9fe4af7ba5dabe25d4ff19ee6740
- sha256sums = 8291c64db3068010b9663a343cccf1cd5ddb4db9eba481de7869d367cb06d93c
- sha256sums = f2c3aafcd932f39d94b4b840158f9d01f6da6c2fbaca6b1ec055fb4e332c70bc
- sha256sums = b625af571c7416e557831c425a754eb4bc1752b6ee253124be2c92f271ffc57f
+ sha256sums = f0a2f5a4134895028b4802f66e6f377f4f4a973ba1028f06907d42c905cabe87
+ sha256sums = f54f3013658cba08010a0c8c400996615c135ddb94c99b1ed8616ac58bf17ea9
pkgname = linux-ck
pkgdesc = The Linux-ck kernel and modules with the ck1 patchset featuring MuQSS CPU scheduler v0.173
@@ -44,12 +42,12 @@ pkgname = linux-ck
depends = kmod
depends = mkinitcpio
optdepends = crda: to set the correct wireless channels of your country
- provides = linux-ck=4.18.8
+ provides = linux-ck=4.18.9
backup = etc/mkinitcpio.d/linux-ck.preset
pkgname = linux-ck-headers
pkgdesc = Header files and scripts for building modules for Linux-ck kernel
depends = linux-ck
- provides = linux-ck-headers=4.18.8
- provides = linux-headers=4.18.8
+ provides = linux-ck-headers=4.18.9
+ provides = linux-headers=4.18.9
diff --git a/0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch b/0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch
index b0e8c5815f4..cff718b87ed 100644
--- a/0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch
+++ b/0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch
@@ -1,7 +1,7 @@
-From 288a921a8658bb478fe3c16120529fcd20f6d5d0 Mon Sep 17 00:00:00 2001
+From 1a47eb71988a919e811ce558f6f58855155c6218 Mon Sep 17 00:00:00 2001
From: Serge Hallyn <serge.hallyn@canonical.com>
Date: Fri, 31 May 2013 19:12:12 +0100
-Subject: [PATCH 1/3] add sysctl to disallow unprivileged CLONE_NEWUSER by
+Subject: [PATCH 1/2] add sysctl to disallow unprivileged CLONE_NEWUSER by
default
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
@@ -14,7 +14,7 @@ Signed-off-by: Daniel Micay <danielmicay@gmail.com>
3 files changed, 30 insertions(+)
diff --git a/kernel/fork.c b/kernel/fork.c
-index 1b27babc4c78..a88dd3ccd31c 100644
+index 8ed48ca2cc43..e02823819ab7 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -103,6 +103,11 @@
@@ -29,7 +29,7 @@ index 1b27babc4c78..a88dd3ccd31c 100644
/*
* Minimum number of threads to boot the kernel
-@@ -1624,6 +1629,10 @@ static __latent_entropy struct task_struct *copy_process(
+@@ -1625,6 +1630,10 @@ static __latent_entropy struct task_struct *copy_process(
if ((clone_flags & (CLONE_NEWUSER|CLONE_FS)) == (CLONE_NEWUSER|CLONE_FS))
return ERR_PTR(-EINVAL);
@@ -40,7 +40,7 @@ index 1b27babc4c78..a88dd3ccd31c 100644
/*
* Thread groups must share signals as well, and detached threads
* can only be started up within the thread group.
-@@ -2420,6 +2429,12 @@ int ksys_unshare(unsigned long unshare_flags)
+@@ -2421,6 +2430,12 @@ int ksys_unshare(unsigned long unshare_flags)
if (unshare_flags & CLONE_NEWNS)
unshare_flags |= CLONE_FS;
diff --git a/0003-Arch-Linux-kernel-v4.18.7-arch1.patch b/0002-Arch-Linux-kernel-v4.18.9-arch1.patch
index 34894b805e6..0e3d931b34a 100644
--- a/0003-Arch-Linux-kernel-v4.18.7-arch1.patch
+++ b/0002-Arch-Linux-kernel-v4.18.9-arch1.patch
@@ -1,20 +1,20 @@
-From 03875ed006ae4cac7d78a1b3af6d66aba16ebf71 Mon Sep 17 00:00:00 2001
+From 1b198ca523ae628692e547f1022eed6429346f09 Mon Sep 17 00:00:00 2001
From: "Jan Alexander Steffens (heftig)" <jan.steffens@gmail.com>
-Date: Sun, 9 Sep 2018 13:20:57 +0200
-Subject: [PATCH 3/3] Arch Linux kernel v4.18.8-arch1
+Date: Wed, 19 Sep 2018 23:16:01 +0200
+Subject: [PATCH 2/2] Arch Linux kernel v4.18.9-arch1
---
Makefile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Makefile b/Makefile
-index 711b04d00e49..52f76fab1dd6 100644
+index 1178348fb9ca..3d3847395282 100644
--- a/Makefile
+++ b/Makefile
@@ -2,7 +2,7 @@
VERSION = 4
PATCHLEVEL = 18
- SUBLEVEL = 8
+ SUBLEVEL = 9
-EXTRAVERSION =
+EXTRAVERSION = -arch1
NAME = Merciless Moray
diff --git a/0002-HID-core-fix-grouping-by-application.patch b/0002-HID-core-fix-grouping-by-application.patch
deleted file mode 100644
index a54c8a0d9b7..00000000000
--- a/0002-HID-core-fix-grouping-by-application.patch
+++ /dev/null
@@ -1,81 +0,0 @@
-From 2f2c07d184241b9f133ebe4498575a9f8cda6d1e Mon Sep 17 00:00:00 2001
-From: Benjamin Tissoires <benjamin.tissoires@redhat.com>
-Date: Tue, 4 Sep 2018 15:31:14 +0200
-Subject: [PATCH 2/3] HID: core: fix grouping by application
-
-commit f07b3c1da92d ("HID: generic: create one input report per
-application type") was effectively the same as MULTI_INPUT:
-hidinput->report was never set, so hidinput_match_application()
-always returned null.
-
-Fix that by testing against the real application.
-
-Note that this breaks some old eGalax touchscreens that expect MULTI_INPUT
-instead of HID_QUIRK_INPUT_PER_APP. Enable this quirk for backward
-compatibility on all non-Win8 touchscreens.
-
-link: https://bugzilla.kernel.org/show_bug.cgi?id=200847
-link: https://bugzilla.kernel.org/show_bug.cgi?id=200849
-link: https://bugs.archlinux.org/task/59699
-link: https://github.com/NixOS/nixpkgs/issues/45165
-
-Cc: stable@vger.kernel.org # v4.18+
-Signed-off-by: Benjamin Tissoires <benjamin.tissoires@redhat.com>
-Signed-off-by: Jiri Kosina <jkosina@suse.cz>
----
- drivers/hid/hid-input.c | 4 ++--
- drivers/hid/hid-multitouch.c | 3 +++
- include/linux/hid.h | 1 +
- 3 files changed, 6 insertions(+), 2 deletions(-)
-
-diff --git a/drivers/hid/hid-input.c b/drivers/hid/hid-input.c
-index ab93dd5927c3..a137d2835f32 100644
---- a/drivers/hid/hid-input.c
-+++ b/drivers/hid/hid-input.c
-@@ -1579,6 +1579,7 @@ static struct hid_input *hidinput_allocate(struct hid_device *hid,
- input_dev->dev.parent = &hid->dev;
-
- hidinput->input = input_dev;
-+ hidinput->application = application;
- list_add_tail(&hidinput->list, &hid->inputs);
-
- INIT_LIST_HEAD(&hidinput->reports);
-@@ -1674,8 +1675,7 @@ static struct hid_input *hidinput_match_application(struct hid_report *report)
- struct hid_input *hidinput;
-
- list_for_each_entry(hidinput, &hid->inputs, list) {
-- if (hidinput->report &&
-- hidinput->report->application == report->application)
-+ if (hidinput->application == report->application)
- return hidinput;
- }
-
-diff --git a/drivers/hid/hid-multitouch.c b/drivers/hid/hid-multitouch.c
-index 45968f7970f8..1a987345692a 100644
---- a/drivers/hid/hid-multitouch.c
-+++ b/drivers/hid/hid-multitouch.c
-@@ -1476,6 +1476,9 @@ static int mt_probe(struct hid_device *hdev, const struct hid_device_id *id)
- */
- hdev->quirks |= HID_QUIRK_INPUT_PER_APP;
-
-+ if (id->group != HID_GROUP_MULTITOUCH_WIN_8)
-+ hdev->quirks |= HID_QUIRK_MULTI_INPUT;
-+
- timer_setup(&td->release_timer, mt_expired_timeout, 0);
-
- ret = hid_parse(hdev);
-diff --git a/include/linux/hid.h b/include/linux/hid.h
-index 773bcb1d4044..5482dd6ae9ef 100644
---- a/include/linux/hid.h
-+++ b/include/linux/hid.h
-@@ -520,6 +520,7 @@ struct hid_input {
- const char *name;
- bool registered;
- struct list_head reports; /* the list of reports */
-+ unsigned int application; /* application usage for this input */
- };
-
- enum hid_type {
---
-2.19.0
-
diff --git a/PKGBUILD b/PKGBUILD
index bac88432e46..6aef8c21ccf 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -69,7 +69,7 @@ _localmodcfg=
### IMPORTANT: Do no edit below this line unless you know what you're doing
pkgbase=linux-ck
-_srcver=4.18.8-arch1
+_srcver=4.18.9-arch1
pkgver=${_srcver%-*}
pkgrel=1
_ckpatchversion=1
@@ -90,25 +90,23 @@ source=(
"http://ck.kolivas.org/patches/4.0/4.18/4.18-ck${_ckpatchversion}/${_ckpatchname}.xz"
Fix_MuQSS_full_dynticks_build.patch::https://github.com/ckolivas/linux/commit/abb4fd30fa127a0e8178b975343eb01713bc2b18.patch
0001-add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by.patch
- 0002-HID-core-fix-grouping-by-application.patch
- 0003-Arch-Linux-kernel-v4.18.7-arch1.patch
+ 0002-Arch-Linux-kernel-v4.18.9-arch1.patch
)
validpgpkeys=(
'ABAF11C65A2970B130ABE3C479BE3E4300411886' # Linus Torvalds
'647F28654894E3BD457199BE38DBBDC86092693E' # Greg Kroah-Hartman
)
-sha256sums=('f1551bad69ab617708fa8cf3f94545ae03dd350bdeb3065fbcf39c1a7df85494'
+sha256sums=('4c995351e57902a04a94e43796407b4ba295c8eae070c27e99f8f99c321e917a'
'SKIP'
- 'a181ab290681e16b329775200357e7c04dcf8d6a5bc787d93feb5d763e892827'
+ 'f5dd266c63f351508d14d8bc3c3c8918152beb0ea16610aef523008f5260149f'
'ae2e95db94ef7176207c690224169594d49445e04249d2499e9d2fbc117a0b21'
'75f99f5239e03238f88d1a834c50043ec32b1dc568f2cc291b07d04718483919'
'ad6344badc91ad0630caacde83f7f9b97276f80d26a20619a87952be65492c65'
'226e30068ea0fecdb22f337391385701996bfbdba37cdcf0f1dbf55f1080542d'
'0354083492adb3785dd31d2d4bf7dc805110aceffb369deed6cbded121f8a3d3'
'6e1f3cc3eb9a1e30a69ef1999f9aa6ad7f2f9fe4af7ba5dabe25d4ff19ee6740'
- '8291c64db3068010b9663a343cccf1cd5ddb4db9eba481de7869d367cb06d93c'
- 'f2c3aafcd932f39d94b4b840158f9d01f6da6c2fbaca6b1ec055fb4e332c70bc'
- 'b625af571c7416e557831c425a754eb4bc1752b6ee253124be2c92f271ffc57f')
+ 'f0a2f5a4134895028b4802f66e6f377f4f4a973ba1028f06907d42c905cabe87'
+ 'f54f3013658cba08010a0c8c400996615c135ddb94c99b1ed8616ac58bf17ea9')
_kernelname=${pkgbase#linux}
: ${_kernelname:=-ARCH}
diff --git a/config b/config
index aa39bb1b0d7..5661383617a 100644
--- a/config
+++ b/config
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/x86 4.18.7 Kernel Configuration
+# Linux/x86 4.18.8 Kernel Configuration
#
#
@@ -9218,9 +9218,10 @@ CONFIG_EARLY_PRINTK=y
# CONFIG_EARLY_PRINTK_DBGP is not set
CONFIG_EARLY_PRINTK_EFI=y
# CONFIG_EARLY_PRINTK_USB_XDBC is not set
+CONFIG_X86_PTDUMP_CORE=y
# CONFIG_X86_PTDUMP is not set
# CONFIG_EFI_PGT_DUMP is not set
-# CONFIG_DEBUG_WX is not set
+CONFIG_DEBUG_WX=y
CONFIG_DOUBLEFAULT=y
# CONFIG_DEBUG_TLBFLUSH is not set
# CONFIG_IOMMU_DEBUG is not set
@@ -9265,19 +9266,36 @@ CONFIG_SECURITY_INFINIBAND=y
CONFIG_SECURITY_NETWORK_XFRM=y
CONFIG_SECURITY_PATH=y
# CONFIG_INTEL_TXT is not set
+CONFIG_LSM_MMAP_MIN_ADDR=65536
CONFIG_HAVE_HARDENED_USERCOPY_ALLOCATOR=y
CONFIG_HARDENED_USERCOPY=y
CONFIG_HARDENED_USERCOPY_FALLBACK=y
# CONFIG_HARDENED_USERCOPY_PAGESPAN is not set
CONFIG_FORTIFY_SOURCE=y
# CONFIG_STATIC_USERMODEHELPER is not set
-# CONFIG_SECURITY_SELINUX is not set
+CONFIG_SECURITY_SELINUX=y
+CONFIG_SECURITY_SELINUX_BOOTPARAM=y
+CONFIG_SECURITY_SELINUX_BOOTPARAM_VALUE=0
+# CONFIG_SECURITY_SELINUX_DISABLE is not set
+CONFIG_SECURITY_SELINUX_DEVELOP=y
+CONFIG_SECURITY_SELINUX_AVC_STATS=y
+CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE=0
# CONFIG_SECURITY_SMACK is not set
# CONFIG_SECURITY_TOMOYO is not set
-# CONFIG_SECURITY_APPARMOR is not set
+CONFIG_SECURITY_APPARMOR=y
+CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=0
+CONFIG_SECURITY_APPARMOR_HASH=y
+CONFIG_SECURITY_APPARMOR_HASH_DEFAULT=y
+# CONFIG_SECURITY_APPARMOR_DEBUG is not set
# CONFIG_SECURITY_LOADPIN is not set
CONFIG_SECURITY_YAMA=y
-# CONFIG_INTEGRITY is not set
+CONFIG_INTEGRITY=y
+# CONFIG_INTEGRITY_SIGNATURE is not set
+CONFIG_INTEGRITY_AUDIT=y
+# CONFIG_IMA is not set
+# CONFIG_EVM is not set
+# CONFIG_DEFAULT_SECURITY_SELINUX is not set
+# CONFIG_DEFAULT_SECURITY_APPARMOR is not set
CONFIG_DEFAULT_SECURITY_DAC=y
CONFIG_DEFAULT_SECURITY=""
CONFIG_XOR_BLOCKS=m
@@ -9438,7 +9456,7 @@ CONFIG_CRYPTO_SERPENT_SSE2_X86_64=m
CONFIG_CRYPTO_SERPENT_AVX_X86_64=m
CONFIG_CRYPTO_SERPENT_AVX2_X86_64=m
CONFIG_CRYPTO_SM4=m
-CONFIG_CRYPTO_SPECK=m
+# CONFIG_CRYPTO_SPECK is not set
CONFIG_CRYPTO_TEA=m
CONFIG_CRYPTO_TWOFISH=m
CONFIG_CRYPTO_TWOFISH_COMMON=m