From 76549601a3dec40cddf5ddb08d776cedfc012aa9 Mon Sep 17 00:00:00 2001 From: moonman Date: Wed, 15 Jun 2016 22:35:02 -0600 Subject: [PATCH] core/linux-clearfog to 3.10.102-1 --- core/linux-clearfog/PKGBUILD | 24 +- ...ble_-ftracer_for-__noclone_functions.patch | 45 --- ...tegrate_the_various_compiler-h_files.patch | 367 ------------------ .../linux-clearfog/kernel-CVE-2016-0728.patch | 81 ---- core/linux-clearfog/linux-clearfog.install | 2 +- 5 files changed, 9 insertions(+), 510 deletions(-) delete mode 100644 core/linux-clearfog/compiler-gcc_disable_-ftracer_for-__noclone_functions.patch delete mode 100644 core/linux-clearfog/compiler-gcc_integrate_the_various_compiler-h_files.patch delete mode 100644 core/linux-clearfog/kernel-CVE-2016-0728.patch diff --git a/core/linux-clearfog/PKGBUILD b/core/linux-clearfog/PKGBUILD index f09d56fb1..09ad29bff 100644 --- a/core/linux-clearfog/PKGBUILD +++ b/core/linux-clearfog/PKGBUILD @@ -5,12 +5,12 @@ buildarch=4 pkgbase=linux-clearfog pkgname=('linux-clearfog' 'linux-headers-clearfog') # pkgname=linux-custom # Build kernel with a different name -_commit=a20f684fb5df2d2968f012a9450ee1d59c7a2f29 +_commit=635afced6e6084fa835dd4e48d2f4a05ae2f75b6 _srcname=linux-armada38x-${_commit} _kernelname=${pkgname#linux} -pkgver=3.10.101 -pkgrel=4 -cryptodev_commit=bc67142c57eadc0aafd0323ec527849012786643 +pkgver=3.10.102 +pkgrel=1 +cryptodev_commit=7a3a9ee1329f7224b4fc564b80ef8160457caf76 bfqver=v7r8 arch=('armv7h') @@ -23,25 +23,17 @@ source=("linux-${_commit}::https://github.com/moonman/linux-armada38x/archive/${ "ftp://teambelgium.net/bfq/patches/${pkgver:0:4}.8+-${bfqver}/0001-block-cgroups-kconfig-build-bits-for-BFQ-${bfqver}-${pkgver:0:4}.8.patch" "ftp://teambelgium.net/bfq/patches/${pkgver:0:4}.8+-${bfqver}/0002-block-introduce-the-BFQ-${bfqver}-I-O-sched-for-${pkgver:0:4}.8.patch" "ftp://teambelgium.net/bfq/patches/${pkgver:0:4}.8+-${bfqver}/0003-block-bfq-add-Early-Queue-Merge-EQM-to-BFQ-${bfqver}-for-${pkgver:0:4}.8+.patch" - 'config' - 'compiler-gcc_integrate_the_various_compiler-h_files.patch' - 'compiler-gcc_disable_-ftracer_for-__noclone_functions.patch') + 'config') -md5sums=('fd7f6d9eb913586582d2f2e4264b904f' - '2c8ecae91223868decdf37b8a76489b7' +md5sums=('616432e9b3b5dbadb17c4e819eb50db4' + 'ad56ca4e2a29a3b76f3526c262d9fec1' '003f1554be6b672100d2f2401a574d92' '12ffe57584b4f2adcc3e184dc6948772' '9e78f9f5364f8ebb981aeb235dcb7415' - 'bc9c5a31b4ea9de5a9386dc4623531ae' - 'c7367a2bd5462ce12a7c38adfd8a2ad8' - 'dc1ea1c0f5e8bc484aa30cae9bac7066') + 'bc9c5a31b4ea9de5a9386dc4623531ae') prepare() { cd "${srcdir}/${_srcname}" - msg2 "GCC6 support patches from upstream" - patch -Np1 -i ${srcdir}/compiler-gcc_integrate_the_various_compiler-h_files.patch - patch -Np1 -i ${srcdir}/compiler-gcc_disable_-ftracer_for-__noclone_functions.patch - msg2 "Add BFQ patches" patch -Np1 -i "${srcdir}/0001-block-cgroups-kconfig-build-bits-for-BFQ-${bfqver}-${pkgver:0:4}.8.patch" patch -Np1 -i "${srcdir}/0002-block-introduce-the-BFQ-${bfqver}-I-O-sched-for-${pkgver:0:4}.8.patch" diff --git a/core/linux-clearfog/compiler-gcc_disable_-ftracer_for-__noclone_functions.patch b/core/linux-clearfog/compiler-gcc_disable_-ftracer_for-__noclone_functions.patch deleted file mode 100644 index 46e96a746..000000000 --- a/core/linux-clearfog/compiler-gcc_disable_-ftracer_for-__noclone_functions.patch +++ /dev/null @@ -1,45 +0,0 @@ -From 615829a03dc729e78372d40d95ba40e2ad51783b Mon Sep 17 00:00:00 2001 -From: Paolo Bonzini -Date: Thu, 31 Mar 2016 09:38:51 +0200 -Subject: compiler-gcc: disable -ftracer for __noclone functions - -commit 95272c29378ee7dc15f43fa2758cb28a5913a06d upstream. - --ftracer can duplicate asm blocks causing compilation to fail in -noclone functions. For example, KVM declares a global variable -in an asm like - - asm("2: ... \n - .pushsection data \n - .global vmx_return \n - vmx_return: .long 2b"); - -and -ftracer causes a double declaration. - -Cc: Andrew Morton -Cc: Michal Marek -Cc: stable@vger.kernel.org -Cc: kvm@vger.kernel.org -Reported-by: Linda Walsh -Signed-off-by: Paolo Bonzini -Signed-off-by: Greg Kroah-Hartman ---- - include/linux/compiler-gcc.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/include/linux/compiler-gcc.h b/include/linux/compiler-gcc.h -index bb2cdcd..633716e 100644 ---- a/include/linux/compiler-gcc.h -+++ b/include/linux/compiler-gcc.h -@@ -177,7 +177,7 @@ - #define unreachable() __builtin_unreachable() - - /* Mark a function definition as prohibited from being cloned. */ --#define __noclone __attribute__((__noclone__)) -+#define __noclone __attribute__((__noclone__, __optimize__("no-tracer"))) - - #endif /* GCC_VERSION >= 40500 */ - --- -cgit v0.12 - diff --git a/core/linux-clearfog/compiler-gcc_integrate_the_various_compiler-h_files.patch b/core/linux-clearfog/compiler-gcc_integrate_the_various_compiler-h_files.patch deleted file mode 100644 index d2f239d86..000000000 --- a/core/linux-clearfog/compiler-gcc_integrate_the_various_compiler-h_files.patch +++ /dev/null @@ -1,367 +0,0 @@ -From 3711edaf01a01818f2aed9f21efe29b9818134b9 Mon Sep 17 00:00:00 2001 -From: Joe Perches -Date: Thu, 25 Jun 2015 15:01:02 -0700 -Subject: compiler-gcc: integrate the various compiler-gcc[345].h files - -commit f320793e52aee78f0fbb8bcaf10e6614d2e67bfc upstream. - -[ Upstream commit cb984d101b30eb7478d32df56a0023e4603cba7f ] - -As gcc major version numbers are going to advance rather rapidly in the -future, there's no real value in separate files for each compiler -version. - -Deduplicate some of the macros #defined in each file too. - -Neaten comments using normal kernel commenting style. - -Signed-off-by: Joe Perches -Cc: Andi Kleen -Cc: Michal Marek -Cc: Segher Boessenkool -Cc: Sasha Levin -Cc: Anton Blanchard -Cc: Alan Modra -Signed-off-by: Andrew Morton -Signed-off-by: Linus Torvalds -Signed-off-by: Sasha Levin -Signed-off-by: Greg Kroah-Hartman ---- - include/linux/compiler-gcc.h | 120 ++++++++++++++++++++++++++++++++++++++++-- - include/linux/compiler-gcc3.h | 23 -------- - include/linux/compiler-gcc4.h | 88 ------------------------------- - include/linux/compiler-gcc5.h | 66 ----------------------- - 4 files changed, 116 insertions(+), 181 deletions(-) - delete mode 100644 include/linux/compiler-gcc3.h - delete mode 100644 include/linux/compiler-gcc4.h - delete mode 100644 include/linux/compiler-gcc5.h - -diff --git a/include/linux/compiler-gcc.h b/include/linux/compiler-gcc.h -index 02ae99e..bb2cdcd 100644 ---- a/include/linux/compiler-gcc.h -+++ b/include/linux/compiler-gcc.h -@@ -100,10 +100,122 @@ - #define __maybe_unused __attribute__((unused)) - #define __always_unused __attribute__((unused)) - --#define __gcc_header(x) #x --#define _gcc_header(x) __gcc_header(linux/compiler-gcc##x.h) --#define gcc_header(x) _gcc_header(x) --#include gcc_header(__GNUC__) -+/* gcc version specific checks */ -+ -+#if GCC_VERSION < 30200 -+# error Sorry, your compiler is too old - please upgrade it. -+#endif -+ -+#if GCC_VERSION < 30300 -+# define __used __attribute__((__unused__)) -+#else -+# define __used __attribute__((__used__)) -+#endif -+ -+#ifdef CONFIG_GCOV_KERNEL -+# if GCC_VERSION < 30400 -+# error "GCOV profiling support for gcc versions below 3.4 not included" -+# endif /* __GNUC_MINOR__ */ -+#endif /* CONFIG_GCOV_KERNEL */ -+ -+#if GCC_VERSION >= 30400 -+#define __must_check __attribute__((warn_unused_result)) -+#endif -+ -+#if GCC_VERSION >= 40000 -+ -+/* GCC 4.1.[01] miscompiles __weak */ -+#ifdef __KERNEL__ -+# if GCC_VERSION >= 40100 && GCC_VERSION <= 40101 -+# error Your version of gcc miscompiles the __weak directive -+# endif -+#endif -+ -+#define __used __attribute__((__used__)) -+#define __compiler_offsetof(a, b) \ -+ __builtin_offsetof(a, b) -+ -+#if GCC_VERSION >= 40100 && GCC_VERSION < 40600 -+# define __compiletime_object_size(obj) __builtin_object_size(obj, 0) -+#endif -+ -+#if GCC_VERSION >= 40300 -+/* Mark functions as cold. gcc will assume any path leading to a call -+ * to them will be unlikely. This means a lot of manual unlikely()s -+ * are unnecessary now for any paths leading to the usual suspects -+ * like BUG(), printk(), panic() etc. [but let's keep them for now for -+ * older compilers] -+ * -+ * Early snapshots of gcc 4.3 don't support this and we can't detect this -+ * in the preprocessor, but we can live with this because they're unreleased. -+ * Maketime probing would be overkill here. -+ * -+ * gcc also has a __attribute__((__hot__)) to move hot functions into -+ * a special section, but I don't see any sense in this right now in -+ * the kernel context -+ */ -+#define __cold __attribute__((__cold__)) -+ -+#define __UNIQUE_ID(prefix) __PASTE(__PASTE(__UNIQUE_ID_, prefix), __COUNTER__) -+ -+#ifndef __CHECKER__ -+# define __compiletime_warning(message) __attribute__((warning(message))) -+# define __compiletime_error(message) __attribute__((error(message))) -+#endif /* __CHECKER__ */ -+#endif /* GCC_VERSION >= 40300 */ -+ -+#if GCC_VERSION >= 40500 -+/* -+ * Mark a position in code as unreachable. This can be used to -+ * suppress control flow warnings after asm blocks that transfer -+ * control elsewhere. -+ * -+ * Early snapshots of gcc 4.5 don't support this and we can't detect -+ * this in the preprocessor, but we can live with this because they're -+ * unreleased. Really, we need to have autoconf for the kernel. -+ */ -+#define unreachable() __builtin_unreachable() -+ -+/* Mark a function definition as prohibited from being cloned. */ -+#define __noclone __attribute__((__noclone__)) -+ -+#endif /* GCC_VERSION >= 40500 */ -+ -+#if GCC_VERSION >= 40600 -+/* -+ * Tell the optimizer that something else uses this function or variable. -+ */ -+#define __visible __attribute__((externally_visible)) -+#endif -+ -+/* -+ * GCC 'asm goto' miscompiles certain code sequences: -+ * -+ * http://gcc.gnu.org/bugzilla/show_bug.cgi?id=58670 -+ * -+ * Work it around via a compiler barrier quirk suggested by Jakub Jelinek. -+ * -+ * (asm goto is automatically volatile - the naming reflects this.) -+ */ -+#define asm_volatile_goto(x...) do { asm goto(x); asm (""); } while (0) -+ -+#ifdef CONFIG_ARCH_USE_BUILTIN_BSWAP -+#if GCC_VERSION >= 40400 -+#define __HAVE_BUILTIN_BSWAP32__ -+#define __HAVE_BUILTIN_BSWAP64__ -+#endif -+#if GCC_VERSION >= 40800 || (defined(__powerpc__) && GCC_VERSION >= 40600) -+#define __HAVE_BUILTIN_BSWAP16__ -+#endif -+#endif /* CONFIG_ARCH_USE_BUILTIN_BSWAP */ -+ -+#if GCC_VERSION >= 50000 -+#define KASAN_ABI_VERSION 4 -+#elif GCC_VERSION >= 40902 -+#define KASAN_ABI_VERSION 3 -+#endif -+ -+#endif /* gcc version >= 40000 specific checks */ - - #if !defined(__noclone) - #define __noclone /* not needed */ -diff --git a/include/linux/compiler-gcc3.h b/include/linux/compiler-gcc3.h -deleted file mode 100644 -index 7d89feb..0000000 ---- a/include/linux/compiler-gcc3.h -+++ /dev/null -@@ -1,23 +0,0 @@ --#ifndef __LINUX_COMPILER_H --#error "Please don't include directly, include instead." --#endif -- --#if GCC_VERSION < 30200 --# error Sorry, your compiler is too old - please upgrade it. --#endif -- --#if GCC_VERSION >= 30300 --# define __used __attribute__((__used__)) --#else --# define __used __attribute__((__unused__)) --#endif -- --#if GCC_VERSION >= 30400 --#define __must_check __attribute__((warn_unused_result)) --#endif -- --#ifdef CONFIG_GCOV_KERNEL --# if GCC_VERSION < 30400 --# error "GCOV profiling support for gcc versions below 3.4 not included" --# endif /* __GNUC_MINOR__ */ --#endif /* CONFIG_GCOV_KERNEL */ -diff --git a/include/linux/compiler-gcc4.h b/include/linux/compiler-gcc4.h -deleted file mode 100644 -index 2507fd2..0000000 ---- a/include/linux/compiler-gcc4.h -+++ /dev/null -@@ -1,88 +0,0 @@ --#ifndef __LINUX_COMPILER_H --#error "Please don't include directly, include instead." --#endif -- --/* GCC 4.1.[01] miscompiles __weak */ --#ifdef __KERNEL__ --# if GCC_VERSION >= 40100 && GCC_VERSION <= 40101 --# error Your version of gcc miscompiles the __weak directive --# endif --#endif -- --#define __used __attribute__((__used__)) --#define __must_check __attribute__((warn_unused_result)) --#define __compiler_offsetof(a,b) __builtin_offsetof(a,b) -- --#if GCC_VERSION >= 40100 && GCC_VERSION < 40600 --# define __compiletime_object_size(obj) __builtin_object_size(obj, 0) --#endif -- --#if GCC_VERSION >= 40300 --/* Mark functions as cold. gcc will assume any path leading to a call -- to them will be unlikely. This means a lot of manual unlikely()s -- are unnecessary now for any paths leading to the usual suspects -- like BUG(), printk(), panic() etc. [but let's keep them for now for -- older compilers] -- -- Early snapshots of gcc 4.3 don't support this and we can't detect this -- in the preprocessor, but we can live with this because they're unreleased. -- Maketime probing would be overkill here. -- -- gcc also has a __attribute__((__hot__)) to move hot functions into -- a special section, but I don't see any sense in this right now in -- the kernel context */ --#define __cold __attribute__((__cold__)) -- --#define __UNIQUE_ID(prefix) __PASTE(__PASTE(__UNIQUE_ID_, prefix), __COUNTER__) -- --#ifndef __CHECKER__ --# define __compiletime_warning(message) __attribute__((warning(message))) --# define __compiletime_error(message) __attribute__((error(message))) --#endif /* __CHECKER__ */ --#endif /* GCC_VERSION >= 40300 */ -- --#if GCC_VERSION >= 40500 --/* -- * Mark a position in code as unreachable. This can be used to -- * suppress control flow warnings after asm blocks that transfer -- * control elsewhere. -- * -- * Early snapshots of gcc 4.5 don't support this and we can't detect -- * this in the preprocessor, but we can live with this because they're -- * unreleased. Really, we need to have autoconf for the kernel. -- */ --#define unreachable() __builtin_unreachable() -- --/* Mark a function definition as prohibited from being cloned. */ --#define __noclone __attribute__((__noclone__)) -- --#endif /* GCC_VERSION >= 40500 */ -- --#if GCC_VERSION >= 40600 --/* -- * Tell the optimizer that something else uses this function or variable. -- */ --#define __visible __attribute__((externally_visible)) --#endif -- --/* -- * GCC 'asm goto' miscompiles certain code sequences: -- * -- * http://gcc.gnu.org/bugzilla/show_bug.cgi?id=58670 -- * -- * Work it around via a compiler barrier quirk suggested by Jakub Jelinek. -- * Fixed in GCC 4.8.2 and later versions. -- * -- * (asm goto is automatically volatile - the naming reflects this.) -- */ --#define asm_volatile_goto(x...) do { asm goto(x); asm (""); } while (0) -- --#ifdef CONFIG_ARCH_USE_BUILTIN_BSWAP --#if GCC_VERSION >= 40400 --#define __HAVE_BUILTIN_BSWAP32__ --#define __HAVE_BUILTIN_BSWAP64__ --#endif --#if GCC_VERSION >= 40800 || (defined(__powerpc__) && GCC_VERSION >= 40600) --#define __HAVE_BUILTIN_BSWAP16__ --#endif --#endif /* CONFIG_ARCH_USE_BUILTIN_BSWAP */ -diff --git a/include/linux/compiler-gcc5.h b/include/linux/compiler-gcc5.h -deleted file mode 100644 -index cdd1cc2..0000000 ---- a/include/linux/compiler-gcc5.h -+++ /dev/null -@@ -1,66 +0,0 @@ --#ifndef __LINUX_COMPILER_H --#error "Please don't include directly, include instead." --#endif -- --#define __used __attribute__((__used__)) --#define __must_check __attribute__((warn_unused_result)) --#define __compiler_offsetof(a, b) __builtin_offsetof(a, b) -- --/* Mark functions as cold. gcc will assume any path leading to a call -- to them will be unlikely. This means a lot of manual unlikely()s -- are unnecessary now for any paths leading to the usual suspects -- like BUG(), printk(), panic() etc. [but let's keep them for now for -- older compilers] -- -- Early snapshots of gcc 4.3 don't support this and we can't detect this -- in the preprocessor, but we can live with this because they're unreleased. -- Maketime probing would be overkill here. -- -- gcc also has a __attribute__((__hot__)) to move hot functions into -- a special section, but I don't see any sense in this right now in -- the kernel context */ --#define __cold __attribute__((__cold__)) -- --#define __UNIQUE_ID(prefix) __PASTE(__PASTE(__UNIQUE_ID_, prefix), __COUNTER__) -- --#ifndef __CHECKER__ --# define __compiletime_warning(message) __attribute__((warning(message))) --# define __compiletime_error(message) __attribute__((error(message))) --#endif /* __CHECKER__ */ -- --/* -- * Mark a position in code as unreachable. This can be used to -- * suppress control flow warnings after asm blocks that transfer -- * control elsewhere. -- * -- * Early snapshots of gcc 4.5 don't support this and we can't detect -- * this in the preprocessor, but we can live with this because they're -- * unreleased. Really, we need to have autoconf for the kernel. -- */ --#define unreachable() __builtin_unreachable() -- --/* Mark a function definition as prohibited from being cloned. */ --#define __noclone __attribute__((__noclone__)) -- --/* -- * Tell the optimizer that something else uses this function or variable. -- */ --#define __visible __attribute__((externally_visible)) -- --/* -- * GCC 'asm goto' miscompiles certain code sequences: -- * -- * http://gcc.gnu.org/bugzilla/show_bug.cgi?id=58670 -- * -- * Work it around via a compiler barrier quirk suggested by Jakub Jelinek. -- * Fixed in GCC 4.8.2 and later versions. -- * -- * (asm goto is automatically volatile - the naming reflects this.) -- */ --#define asm_volatile_goto(x...) do { asm goto(x); asm (""); } while (0) -- --#ifdef CONFIG_ARCH_USE_BUILTIN_BSWAP --#define __HAVE_BUILTIN_BSWAP32__ --#define __HAVE_BUILTIN_BSWAP64__ --#define __HAVE_BUILTIN_BSWAP16__ --#endif /* CONFIG_ARCH_USE_BUILTIN_BSWAP */ --- -cgit v0.12 - diff --git a/core/linux-clearfog/kernel-CVE-2016-0728.patch b/core/linux-clearfog/kernel-CVE-2016-0728.patch deleted file mode 100644 index 49020d7db..000000000 --- a/core/linux-clearfog/kernel-CVE-2016-0728.patch +++ /dev/null @@ -1,81 +0,0 @@ -From 23567fd052a9abb6d67fe8e7a9ccdd9800a540f2 Mon Sep 17 00:00:00 2001 -From: Yevgeny Pats -Date: Tue, 19 Jan 2016 22:09:04 +0000 -Subject: KEYS: Fix keyring ref leak in join_session_keyring() - -This fixes CVE-2016-0728. - -If a thread is asked to join as a session keyring the keyring that's already -set as its session, we leak a keyring reference. - -This can be tested with the following program: - - #include - #include - #include - #include - - int main(int argc, const char *argv[]) - { - int i = 0; - key_serial_t serial; - - serial = keyctl(KEYCTL_JOIN_SESSION_KEYRING, - "leaked-keyring"); - if (serial < 0) { - perror("keyctl"); - return -1; - } - - if (keyctl(KEYCTL_SETPERM, serial, - KEY_POS_ALL | KEY_USR_ALL) < 0) { - perror("keyctl"); - return -1; - } - - for (i = 0; i < 100; i++) { - serial = keyctl(KEYCTL_JOIN_SESSION_KEYRING, - "leaked-keyring"); - if (serial < 0) { - perror("keyctl"); - return -1; - } - } - - return 0; - } - -If, after the program has run, there something like the following line in -/proc/keys: - -3f3d898f I--Q--- 100 perm 3f3f0000 0 0 keyring leaked-keyring: empty - -with a usage count of 100 * the number of times the program has been run, -then the kernel is malfunctioning. If leaked-keyring has zero usages or -has been garbage collected, then the problem is fixed. - -Reported-by: Yevgeny Pats -Signed-off-by: David Howells -Acked-by: Don Zickus -Acked-by: Prarit Bhargava -Acked-by: Jarod Wilson -Signed-off-by: James Morris ---- - security/keys/process_keys.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c -index a3f85d2..e6d50172 100644 ---- a/security/keys/process_keys.c -+++ b/security/keys/process_keys.c -@@ -794,6 +794,7 @@ long join_session_keyring(const char *name) - ret = PTR_ERR(keyring); - goto error2; - } else if (keyring == new->session_keyring) { -+ key_put(keyring); - ret = 0; - goto error2; - } --- -cgit v0.12 - diff --git a/core/linux-clearfog/linux-clearfog.install b/core/linux-clearfog/linux-clearfog.install index 3d84e6b4f..98ead4298 100644 --- a/core/linux-clearfog/linux-clearfog.install +++ b/core/linux-clearfog/linux-clearfog.install @@ -2,7 +2,7 @@ # arg 2: the old package version KERNEL_NAME=-clearfog -KERNEL_VERSION=3.10.101-2-ARCH +KERNEL_VERSION=3.10.102-1-ARCH post_install () { # updating module dependencies