summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Ben Hutchings [Tue, 20 Aug 2019 23:05:30 +0000 (00:05 +0100)]
intel-iommu: Add option to exclude integrated GPU only
Bug-Debian: https://bugs.debian.org/935270
Bug-Kali: https://bugs.kali.org/view.php?id=5644
There is still laptop firmware that touches the integrated GPU behind
the operating system's back, and doesn't say so in the RMRR table.
Enabling the IOMMU for all devices causes breakage, but turning it off
for all graphics devices seems like a major weakness.
Add an option, intel_iommu=intgpu_off, to exclude only integrated GPUs
from remapping. This is a narrower exclusion than igfx_off: it only
affects Intel devices on the root bus. Devices attached through an
external port (Thunderbolt or ExpressCard) won't be on the root bus.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic features/x86
Gbp-Pq: Name intel-iommu-add-option-to-exclude-integrated-gpu-only.patch
Ben Hutchings [Mon, 11 Jan 2016 15:23:55 +0000 (15:23 +0000)]
security,perf: Allow further restriction of perf_event_open
Forwarded: https://lore.kernel.org/all/
20160111152355.GS28542@decadent.org.uk/
When kernel.perf_event_open is set to 3 (or greater), disallow all
access to performance events by users without CAP_SYS_ADMIN.
Add a Kconfig symbol CONFIG_SECURITY_PERF_EVENTS_RESTRICT that
makes this value the default.
This is based on a similar feature in grsecurity
(CONFIG_GRKERNSEC_PERF_HARDEN). This version doesn't include making
the variable read-only. It also allows enabling further restriction
at run-time regardless of whether the default is changed.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic features/all
Gbp-Pq: Name security-perf-allow-further-restriction-of-perf_event_open.patch
Serge Hallyn [Fri, 31 May 2013 18:12:12 +0000 (19:12 +0100)]
add sysctl to disallow unprivileged CLONE_NEWUSER by default
Origin: http://kernel.ubuntu.com/git?p=serge%2Fubuntu-saucy.git;a=commit;h=
5c847404dcb2e3195ad0057877e1422ae90892b8
add sysctl to disallow unprivileged CLONE_NEWUSER by default
This is a short-term patch. Unprivileged use of CLONE_NEWUSER
is certainly an intended feature of user namespaces. However
for at least saucy we want to make sure that, if any security
issues are found, we have a fail-safe.
Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
[bwh: Remove unneeded binary sysctl bits]
[bwh: Keep this sysctl, but change the default to enabled]
Gbp-Pq: Topic debian
Gbp-Pq: Name add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by-default.patch
Ben Hutchings [Wed, 19 Jun 2013 03:35:28 +0000 (04:35 +0100)]
yama: Disable by default
Bug-Debian: https://bugs.debian.org/712740
Forwarded: not-needed
Gbp-Pq: Topic debian
Gbp-Pq: Name yama-disable-by-default.patch
Ben Hutchings [Fri, 2 Nov 2012 05:32:06 +0000 (05:32 +0000)]
fs: Enable link security restrictions by default
Bug-Debian: https://bugs.debian.org/609455
Forwarded: not-needed
This reverts commit
561ec64ae67ef25cac8d72bb9c4bfc955edfd415
('VFS: don't do protected {sym,hard}links by default').
Gbp-Pq: Topic debian
Gbp-Pq: Name fs-enable-link-security-restrictions-by-default.patch
Ben Hutchings [Sun, 4 Aug 2019 23:29:11 +0000 (00:29 +0100)]
hamradio: Disable auto-loading as mitigation against local exploits
Forwarded: not-needed
We can mitigate the effect of vulnerabilities in obscure protocols by
preventing unprivileged users from loading the modules, so that they
are only exploitable on systems where the administrator has chosen to
load the protocol.
The 'ham' radio protocols (ax25, netrom, rose) are not actively
maintained or widely used. Therefore disable auto-loading.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic debian
Gbp-Pq: Name hamradio-disable-auto-loading-as-mitigation-against-local-exploits.patch
Ben Hutchings [Thu, 16 Feb 2017 19:09:17 +0000 (19:09 +0000)]
dccp: Disable auto-loading as mitigation against local exploits
Forwarded: not-needed
We can mitigate the effect of vulnerabilities in obscure protocols by
preventing unprivileged users from loading the modules, so that they
are only exploitable on systems where the administrator has chosen to
load the protocol.
The 'dccp' protocol is not actively maintained or widely used.
Therefore disable auto-loading.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic debian
Gbp-Pq: Name dccp-disable-auto-loading-as-mitigation-against-local-exploits.patch
Ben Hutchings [Fri, 19 Nov 2010 02:12:48 +0000 (02:12 +0000)]
[PATCH 1/3] rds: Disable auto-loading as mitigation against local exploits
Forwarded: not-needed
Recent review has revealed several bugs in obscure protocol
implementations that can be exploited by local users for denial of
service or privilege escalation. We can mitigate the effect of any
remaining vulnerabilities in such protocols by preventing unprivileged
users from loading the modules, so that they are only exploitable on
systems where the administrator has chosen to load the protocol.
The 'rds' protocol is one such protocol that has been found to be
vulnerable, and which was not present in the 'lenny' kernel.
Therefore disable auto-loading.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic debian
Gbp-Pq: Name rds-Disable-auto-loading-as-mitigation-against-local.patch
Ben Hutchings [Fri, 19 Nov 2010 02:12:48 +0000 (02:12 +0000)]
[PATCH 2/3] af_802154: Disable auto-loading as mitigation against local exploits
Forwarded: not-needed
Recent review has revealed several bugs in obscure protocol
implementations that can be exploited by local users for denial of
service or privilege escalation. We can mitigate the effect of any
remaining vulnerabilities in such protocols by preventing unprivileged
users from loading the modules, so that they are only exploitable on
systems where the administrator has chosen to load the protocol.
The 'af_802154' (IEEE 802.15.4) protocol is not widely used, was
not present in the 'lenny' kernel, and seems to receive only sporadic
maintenance. Therefore disable auto-loading.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic debian
Gbp-Pq: Name af_802154-Disable-auto-loading-as-mitigation-against.patch
Ben Hutchings [Tue, 8 Jan 2013 03:25:52 +0000 (03:25 +0000)]
radeon, amdgpu: Firmware is required for DRM and KMS on R600 onward
Bug-Debian: https://bugs.debian.org/607194
Bug-Debian: https://bugs.debian.org/607471
Bug-Debian: https://bugs.debian.org/610851
Bug-Debian: https://bugs.debian.org/627497
Bug-Debian: https://bugs.debian.org/632212
Bug-Debian: https://bugs.debian.org/637943
Bug-Debian: https://bugs.debian.org/649448
Bug-Debian: https://bugs.debian.org/697229
Bug-Debian: https://bugs.debian.org/
1053764
Forwarded: no
Last-Update: 2023-11-08
radeon requires firmware/microcode for the GPU in all chips, but for
newer chips (apparently R600 'Evergreen' onward) it also expects
firmware for the memory controller and other sub-blocks.
radeon attempts to gracefully fall back and disable some features if
the firmware is not available, but becomes unstable - the framebuffer
and/or system memory may be corrupted, or the display may stay black.
Therefore, perform a basic check for the existence of
/lib/firmware/radeon when a device is probed, and abort if it
is missing, except for the pre-R600 case.
Update 2023-11-08:
In bug
1053764 Mario Limonciello <mario.limonciello@amd.com> states
that the patch isn't needed anymore for amdgpu, so remove that part
of the patch
Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name radeon-amdgpu-firmware-is-required-for-drm-and-kms-on-r600-onward.patch
Ben Hutchings [Thu, 30 May 2024 12:14:32 +0000 (13:14 +0100)]
firmware_loader: Log direct loading failures as info for d-i
Forwarded: not-needed
On an installed Debian system, firmware packages will normally be
installed automatically based on a mapping of device IDs to firmware.
Within the Debian installer this has not yet happened and we need a
way to detect missing firmware.
Although many/most drivers log firmware loading failures, they do so
using many different formats. This adds a single log message to the
firmware loader, which the installer's hw-detect package will look
for. The log level is set to "info" because some failures are
expected and we do not want to confuse users with bogus error messages
(like in bug #966218).
NOTE: The log message format must not be changed without coordinating
this with the check-missing-firmware.sh in hw-detect.
Gbp-Pq: Topic debian
Gbp-Pq: Name firmware_loader-log-direct-loading-failures-as-info-for-d-i.patch
Ben Hutchings [Wed, 16 Jul 2025 07:13:16 +0000 (09:13 +0200)]
iwlwifi: Do not request unreleased firmware for IWL6000
Bug-Debian: https://bugs.debian.org/689416
Forwarded: not-needed
The iwlwifi driver currently supports firmware API versions 4-6 for
these devices. It will request the file for the latest supported
version and then fall back to earlier versions. However, the latest
version that has actually been released is 4, so we expect the
requests for versions 6 and then 5 to fail.
The installer appears to report any failed request, and it is probably
not easy to detect that this particular failure is harmless. So stop
requesting the unreleased firmware.
Gbp-Pq: Topic debian
Gbp-Pq: Name iwlwifi-do-not-request-unreleased-firmware.patch
Ben Hutchings [Mon, 24 Aug 2009 22:19:58 +0000 (23:19 +0100)]
af9005: Use request_firmware() to load register init script
Forwarded: no
Read the register init script from the Windows driver. This is sick
but should avoid the potential copyright infringement in distributing
a version of the script which is directly derived from the driver.
Gbp-Pq: Topic features/all
Gbp-Pq: Name drivers-media-dvb-usb-af9005-request_firmware.patch
Ben Hutchings [Mon, 29 May 2023 22:16:39 +0000 (00:16 +0200)]
linux-perf: Remove remaining source filenames from executable
When we build perf with -ffile-prefix-map, there are still 2
source directory names embedded in the executable:
1. The Documentation subdirectory, used as a fallback from the
installed location.
2. The python subdirectory, used in the Python script test.
Remove (1) since it is an unnecessary fallback. Change (2)
to the installed location.
Gbp-Pq: Topic debian
Gbp-Pq: Name linux-perf-remove-remaining-source-filenames-from-executable.patch
Ben Hutchings [Sat, 13 May 2023 11:03:26 +0000 (13:03 +0200)]
fixdep: Allow overriding HOSTCC and HOSTLD
Forwarded: not-needed
objtool always uses HOSTCC, HOSTLD, and HOSTAR, so we need to override
these on the command line for cross-builds of linux-kbuild. But it
also builds fixdep which still needs to be native in a cross-build.
Add support for REALHOSTCC and REALHOSTLD variables which, if set,
override HOSTCC and HOSTLD for fixdep only.
Gbp-Pq: Topic debian
Gbp-Pq: Name fixdep-allow-overriding-hostcc-and-hostld.patch
Ben Hutchings [Mon, 16 Sep 2024 17:14:19 +0000 (19:14 +0200)]
Revert "tools build: Clean CFLAGS and LDFLAGS for fixdep"
This reverts commit
5725dd8fa888b4dcdff58241f9d3d3ac42a048e2. That
was a workaround for the bug fixed by commit
6b3db6f9b970 "tools
build: Make fixdep a hostprog" and is no longer needed.
Signed-off-by: Ben Hutchings <benh@debian.org>
Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name revert-tools-build-clean-cflags-and-ldflags-for-fixdep.patch
Ben Hutchings [Thu, 15 Sep 2022 00:14:03 +0000 (02:14 +0200)]
Makefile: Make compiler version comparison optional
Forwarded: not-needed
Bug-Debian: https://bugs.debian.org/
1019749
The top-level Makefile warns if the compiler version string changes at
all between the kernel build and an out-of-tree module build.
We expect that major compiler version changes could introduce ABI
changes, and override the CC variable in out-of-tree module builds to
ensure that the same major compiler version is used. But minor
version changes should not make a difference, so this exact version
comparison produces false warnings.
Since custom kernel packages don't have that, don't remove the version
comparison. Instead, skip it if $(DEBIAN_KERNEL_NO_CC_VERSION_CHECK)
is non-empty.
Gbp-Pq: Topic debian
Gbp-Pq: Name makefile-make-compiler-version-comparison-optional.patch
Ben Hutchings [Mon, 26 Apr 2021 16:27:16 +0000 (18:27 +0200)]
kbuild: Abort build if SUBDIRS used
Forwarded: not-needed
Bug-Debian: https://bugs.debian.org/987575
DKMS and module-assistant both build OOT modules as root. If they
build an old OOT module that still use SUBDIRS this causes Kbuild
to try building a full kernel, which obviously fails but not before
deleting files from the installed headers package.
To avoid such mishaps, detect this situation and abort the build.
The error message is based on that used in commit
0126be38d988
"kbuild: announce removal of SUBDIRS if used".
Gbp-Pq: Topic debian
Gbp-Pq: Name kbuild-abort-build-if-subdirs-used.patch
Ben Hutchings [Thu, 10 Dec 2020 16:31:39 +0000 (17:31 +0100)]
kbuild: Look for module.lds under arch directory too
Forwarded: not-needed
Bug-Debian: https://bugs.debian.org/975571
The module.lds linker script is now built under the scripts directory,
where previously it was under arch/$(SRCARCH).
However, we package the scripts directory as linux-kbuild, which is
meant to be able to do support native and cross-builds. That means it
shouldn't contain files for a specific target architecture without a
wrapper to select between them, and it doesn't appear that linker
scripts are powerful enough to implement such a wrapper.
Building module.lds in a different location would require relatively
large changes. Moving it in the package build rules can work, but we
need to support custom kernel builds from the same source so we can't
assume it's moved.
Therefore, we move module.lds under the arch build directory in
rules.real and change Makefile.modfinal to look for it in both places.
Gbp-Pq: Topic debian
Gbp-Pq: Name kbuild-look-for-module.lds-under-arch-directory-too.patch
Bastian Blank [Tue, 4 Aug 2020 09:44:37 +0000 (09:44 +0000)]
[PATCH 2/2] perf/traceevent: Support asciidoctor for documentation
From
cd02fc78859ef9aefd7c92406f9523622da0b472 Mon Sep 17 00:00:00 2001
Forwarded: not-needed
Gbp-Pq: Topic debian
Gbp-Pq: Name perf-traceevent-support-asciidoctor-for-documentatio.patch
Bastian Blank [Tue, 4 Aug 2020 09:44:19 +0000 (09:44 +0000)]
[PATCH 1/2] Documentation: Drop sphinx version check
From
252aa79fdbd4ac2da09d9b98f81bf11f5e3e1870 Mon Sep 17 00:00:00 2001
Forwarded: not-needed
Gbp-Pq: Topic debian
Gbp-Pq: Name documentation-drop-sphinx-version-check.patch
Ben Hutchings [Fri, 22 Jun 2018 16:27:00 +0000 (17:27 +0100)]
android: Enable building ashmem and binder as modules
Bug-Debian: https://bugs.debian.org/901492
We want to enable use of the Android ashmem and binder drivers to
support Anbox, but they should not be built-in as that would waste
resources and increase security attack surface on systems that don't
need them.
- Add a MODULE_LICENSE declaration to ashmem
- Change the Makefiles to build each driver as an object with the
"_linux" suffix (which is what Anbox expects)
- Change config symbol types to tristate
Update:
In upstream commit
721412ed3d titled "staging: remove ashmem" the ashmem
driver was removed entirely. Secondary commit message:
"The mainline replacement for ashmem is memfd, so remove the legacy
code from drivers/staging/"
Consequently, the ashmem part of this patch has been removed.
Gbp-Pq: Topic debian
Gbp-Pq: Name android-enable-building-ashmem-and-binder-as-modules.patch
Ben Hutchings [Mon, 5 Aug 2024 01:26:48 +0000 (03:26 +0200)]
Export symbols needed by binder
Bug-Debian: https://bugs.debian.org/901492
We want to enable use of the Android binder driver to support
Waydroid, but it should not be built-in as that would waste resources
and increase security attack surface on systems that don't need it.
Export the currently un-exported symbols it depends on.
Gbp-Pq: Topic debian
Gbp-Pq: Name export-symbols-needed-by-android-drivers.patch
Ben Hutchings [Fri, 13 Apr 2018 19:10:28 +0000 (20:10 +0100)]
wireless: Add Debian wireless-regdb certificates
Forwarded: not-needed
This hex dump is generated using:
{
for cert in debian/certs/wireless-regdb-*.pem; do
openssl x509 -in $cert -outform der;
done
} | hexdump -v -e '1/1 "0x%.2x," "\n"' > net/wireless/certs/debian.hex
Gbp-Pq: Topic debian
Gbp-Pq: Name wireless-add-debian-wireless-regdb-certificates.patch
Adriaan Schmidt [Mon, 4 Apr 2022 11:38:33 +0000 (13:38 +0200)]
tools: install perf python bindings
Bug-Debian: http://bugs.debian.org/860957
Forwarded: not-needed
Gbp-Pq: Topic debian
Gbp-Pq: Name tools-perf-install-python-bindings.patch
Ben Hutchings [Mon, 11 May 2015 02:51:07 +0000 (02:51 +0000)]
linux-tools: Install perf-read-vdso{,x}32 in directory under /usr/lib
Gbp-Pq: Topic debian
Gbp-Pq: Name tools-perf-perf-read-vdso-in-libexec.patch
Nobuhiro Iwamatsu [Wed, 16 Jul 2025 07:13:16 +0000 (09:13 +0200)]
[sh4] Fix uImage build
Bug-Debian: https://bugs.debian.org/569034
Forwarded: not-needed
[bwh: This was added without a description, but I think it is done
only to avoid a build-dependency on u-boot-tools.]
Gbp-Pq: Topic debian
Gbp-Pq: Name arch-sh4-fix-uimage-build.patch
YunQiang Su [Mon, 14 May 2018 08:16:18 +0000 (16:16 +0800)]
Enable R2 to R6 emulator by default
Forwarded: not-needed
In upstream code, 'mipsr2emu' kernel option is needed
to enable R2 to R6 emulator. Since we need r6 kernel
for our r2 port, let's always enable it.
Gbp-Pq: Topic debian
Gbp-Pq: Name mips-enable-r2-to-r6-emu-by-default.patch
YunQiang Su [Mon, 16 Nov 2020 01:11:00 +0000 (09:11 +0800)]
Use RELAXED ieee754 mode for Loongson-3 as 3A 4000 is 2008-only
Forwarded: not-needed
There are 2 mode of value of IEEE NaN hardcoded by CPU.
Currently, our mipsel/mips64el port is in so-called lagacy mode.
Loongson 3A 4000 is set as the so-called 2008 mode.
To make Debian workable on Loongson 3A 4000, we need set the kerenl in
RELAXED mode.
https://web.archive.org/web/
20180830093617/https://dmz-portal.mips.com/wiki/MIPS_ABI_-_NaN_Interlinking
[bwh: Update for addition of EMULATED mode in 6.11]
Gbp-Pq: Topic debian
Gbp-Pq: Name mips-ieee754-relaxed.patch
YunQiang Su [Mon, 14 May 2018 08:16:18 +0000 (16:16 +0800)]
Disable uImage generation for mips generic
Forwarded: not-needed
MIPS generic trys to generate uImage when build, which then ask for
u-boot-tools.
[bwh: Updated for 5.17:
- zload-y is no longer assigned here and appears to default to empty
- Adjust context]
Gbp-Pq: Topic debian
Gbp-Pq: Name mips-boston-disable-its.patch
Bastian Blank [Sun, 22 Feb 2009 14:39:35 +0000 (15:39 +0100)]
kbuild: Make the toolchain variables easily overwritable
Forwarded: not-needed
Allow make variables to be overridden for each flavour by a file in
the build tree, .kernelvariables.
We currently use this for ARCH, KERNELRELEASE, CC, and in some cases
also CROSS_COMPILE, KCFLAGS.
This file can only be read after we establish the build tree, and all
use of $(ARCH) needs to be moved after this.
[bwh: Updated for 5.3: include .kernelvariables from current directory
rather than using undefined $(obj).]
Gbp-Pq: Topic debian
Gbp-Pq: Name kernelvariables.patch
Ben Hutchings [Tue, 12 May 2015 18:29:22 +0000 (19:29 +0100)]
Make mkcompile_h accept an alternate timestamp string
Forwarded: not-needed
We want to include the Debian version in the utsname::version string
instead of a full timestamp string. However, we still need to provide
a standard timestamp string for gen_initramfs_list.sh to make the
kernel image reproducible.
Make mkcompile_h use $KBUILD_BUILD_VERSION_TIMESTAMP in preference to
$KBUILD_BUILD_TIMESTAMP.
Gbp-Pq: Topic debian
Gbp-Pq: Name uname-version-timestamp.patch
Ben Hutchings [Tue, 24 Jul 2012 02:13:10 +0000 (03:13 +0100)]
Include package version along with kernel release in stack traces
Forwarded: not-needed
For distribution binary packages we assume
$DISTRIBUTION_OFFICIAL_BUILD, $DISTRIBUTOR and $DISTRIBUTION_VERSION
are set.
Gbp-Pq: Topic debian
Gbp-Pq: Name version.patch
Ben Hutchings [Sat, 24 Aug 2019 18:00:41 +0000 (19:00 +0100)]
Documentation: Fix broken link to CIPSO draft
Forwarded: not-needed
We exclude the CIPSO draft text as its licence is not DFSG compliant.
Link to the IETF's online version instead.
Gbp-Pq: Topic debian/dfsg
Gbp-Pq: Name documentation-fix-broken-link-to-cipso-draft.patch
Ben Hutchings [Sat, 2 Jun 2012 18:53:38 +0000 (19:53 +0100)]
video: Remove nvidiafb and rivafb
Bug-Debian: https://bugs.debian.org/383481
Forwarded: no
These drivers contain register programming code provided by the
hardware vendor that appears to have been deliberately obfuscated.
This is arguably not the preferred form for modification.
These drivers are also largely redundant with nouveau. The RIVA 128
(NV3) is not supported by nouveau but is about 15 years old and
probably discontinued 10 years ago.
Gbp-Pq: Topic debian/dfsg
Gbp-Pq: Name video-remove-nvidiafb-and-rivafb.patch
Ben Hutchings [Mon, 17 Aug 2009 01:45:41 +0000 (02:45 +0100)]
dvb-usb-af9005: mark as broken
Forwarded: not-needed
Gbp-Pq: Topic debian/dfsg
Gbp-Pq: Name drivers-media-dvb-dvb-usb-af9005-disable.patch
Ben Hutchings [Mon, 13 Apr 2009 16:34:00 +0000 (17:34 +0100)]
Remove microcode patches for mgsuvd (not enabled in Debian configs)
Forwarded: not-needed
Gbp-Pq: Topic debian/dfsg
Gbp-Pq: Name arch-powerpc-platforms-8xx-ucode-disable.patch
Ian Campbell [Thu, 17 Jan 2013 08:55:21 +0000 (08:55 +0000)]
Tweak gitignore for Debian pkg-kernel using git
Forwarded: not-needed
[bwh: Tweak further for pure git]
Gbp-Pq: Topic debian
Gbp-Pq: Name gitignore.patch
Salvatore Bonaccorso [Wed, 16 Jul 2025 07:13:16 +0000 (09:13 +0200)]
linux (6.12.38-1) unstable; urgency=medium
* New upstream stable update:
https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.12.38
- [amd64] x86/CPU/AMD: Properly check the TSA microcode
[dgit import unpatched linux 6.12.38-1]
Salvatore Bonaccorso [Wed, 16 Jul 2025 07:13:16 +0000 (09:13 +0200)]
Import linux_6.12.38.orig.tar.xz
[dgit import orig linux_6.12.38.orig.tar.xz]
Salvatore Bonaccorso [Wed, 16 Jul 2025 07:13:16 +0000 (09:13 +0200)]
Import linux_6.12.38-1.debian.tar.xz
[dgit import tarball linux 6.12.38-1 linux_6.12.38-1.debian.tar.xz]
projects / linux.git / log