dgit.raspbian.org Git - linux.git/log

fbdev/offb: Update expected device name

Origin: https://git.kernel.org/pub/scm/linux/kernel/git/deller/linux-fbdev.git/commit?id=27c74ea74be805ccba1bc1a0a03cc79c51dca6ea

Since commit 241d2fb56a18 ("of: Make OF framebuffer device names unique"),
as spotted by Frédéric Bonnard, the historical "of-display" device is
gone: the updated logic creates "of-display.0" instead, then as many
"of-display.N" as required.

This means that offb no longer finds the expected device, which prevents
the Debian Installer from setting up its interface, at least on ppc64el.

It might be better to iterate on all possible nodes, but updating the
hardcoded device from "of-display" to "of-display.0" is confirmed to fix
the Debian Installer at the very least.

Link: https://bugzilla.kernel.org/show_bug.cgi?id=217328
Link: https://bugs.debian.org/1033058
Fixes: 241d2fb56a18 ("of: Make OF framebuffer device names unique")
Cc: stable@vger.kernel.org
Signed-off-by: Cyril Brulebois <cyril@debamax.com>
Signed-off-by: Helge Deller <deller@gmx.de>
Gbp-Pq: Topic bugfix/powerpc
Gbp-Pq: Name fbdev-offb-Update-expected-device-name.patch

perf tools: Support EXTRA_CXXFLAGS

Add support for an EXTRA_CXXFLAGS variable, used similarly to
EXTRA_CFLAGS.

Signed-off-by: Ben Hutchings <benh@debian.org>
Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name perf-tools-support-extra-cxxflags.patch

tools lib symbol: Use -D_FORTIFY_SOURCE=2 for non-debug builds

Forwarded: https://lore.kernel.org/all/20230424102827.58707-1-ukleinek@debian.org/

Commit 160be157eaba ("tool lib symbol: Add Makefile/Build") failed to
define _FORTIFY_SOURCE to 2, probabaly this was cut&pasted from other
Makefiles with the same problem.

Fixes: 160be157eaba ("tool lib symbol: Add Makefile/Build")
Signed-off-by: Uwe Kleine-König <ukleinek@debian.org>
Acked-by: Ian Rogers <irogers@google.com>
Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name tools_lib_symbol_use_d_fortify_source_2_for_non_debug_builds.patch

tools/perf: Fix missing LDFLAGS for some programs

Signed-off-by: Ben Hutchings <benh@debian.org>
Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name tools-perf-fix-missing-ldflags-for-some-programs.patch

libapi: Define _FORTIFY_SOURCE as 2, not empty

Forwarded: https://lore.kernel.org/lkml/20230424102049.58338-1-ukleinek@debian.org/

Signed-off-by: Ben Hutchings <benh@debian.org>
Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name libapi-define-_fortify_source-as-2-not-empty.patch

cpupower: Fix checks for CPU existence

Forwarded: https://lore.kernel.org/all/20170418023118.GD4152@decadent.org.uk/

Calls to cpufreq_cpu_exists(cpu) were converted to
cpupower_is_cpu_online(cpu) when libcpupower was introduced and the
former function was deleted. However, cpupower_is_cpu_online() does
not distinguish physically absent and offline CPUs, and does not set
errno.

cpufreq-set has already been fixed (commit c25badc9ceb6).

In cpufreq-bench, which prints an error message for offline CPUs,
properly distinguish and report the zero and negative cases.

Fixes: ac5a181d065d ("cpupower: Add cpuidle parts into library")
Fixes: 53d1cd6b125f ("cpupowerutils: bench - Fix cpu online check")
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
[carnil: Update/Refresh patch for 4.14.17: The issue with the
incorrect check has been fixed with upstream commit 53d1cd6b125f.
Keep in the patch the distinction and report for the zero and
negative cases.]

Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name cpupower-fix-checks-for-cpu-existence.patch

cpupower: Bump soname version

Forwarded: https://lore.kernel.org/all/20160610005619.GQ7555@decadent.org.uk/

Several functions in the libcpupower API are renamed or removed in
Linux 4.7. This is an backward-incompatible ABI change, so the
library soname should change from libcpupower.so.0 to
libcpupower.so.1.

Fixes: ac5a181d065d ("cpupower: Add cpuidle parts into library")
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name cpupower-bump-soname-version.patch

tools/build: Remove bpf() run-time check at build time

Forwarded: no

It is not correct to test that a syscall works on the build system's
kernel. We might be building on an earlier kernel version or with
security restrictions that block bpf().

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name tools-build-remove-bpf-run-time-check-at-build-time.patch

Revert "perf build: Fix libunwind feature detection on 32-bit x86"

Forwarded: no

This reverts commit 05b41775e2edd69a83f592e3534930c934d4038e.
It broke feature detection that was working just fine for us.

Gbp-Pq: Topic bugfix/x86
Gbp-Pq: Name revert-perf-build-fix-libunwind-feature-detection-on.patch

tools/perf: Remove shebang lines from perf scripts

Forwarded: no

perf scripts need to be invoked through perf, not directly through
perl (or other language interpreter). So including shebang lines in
them is useless and possibly misleading.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name tools-perf-remove-shebangs.patch

perf tools: Use $KBUILD_BUILD_TIMESTAMP as man page date

Forwarded: https://lore.kernel.org/all/20160517132809.GE7555@decadent.org.uk/

This allows man pages to be built reproducibly.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name tools-perf-man-date.patch

kbuild: Fix recordmcount dependency for OOT modules

Forwarded: no

We never rebuild anything in-tree when building an out-of-tree
modules, so external modules should not depend on the recordmcount
sources.

Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name kbuild-fix-recordmcount-dependency.patch

usbip: Document TCP wrappers

Forwarded: no

Add references to TCP wrappers configuration in the manual page.

Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name usbip-document-tcp-wrappers.patch

module: Disable matching missing version CRC

Forwarded: not-needed

This partly reverts commit cd3caefb4663e3811d37cc2afad3cce642d60061.
We want to fail closed if a symbol version CRC is missing, as the
alternative may allow subverting module signing.

Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name module-disable-matching-missing-version-crc.patch

Bluetooth: hci_ldisc: check HCI_UART_PROTO_READY flag in HCIUARTGETPROTO

Origin: https://git.kernel.org/linus/9c33663af9ad115f90c076a1828129a3fbadea98
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2023-31083

This patch adds code to check HCI_UART_PROTO_READY flag before
accessing hci_uart->proto. It fixes the race condition in
hci_uart_tty_ioctl() between HCIUARTSETPROTO and HCIUARTGETPROTO.
This issue bug found by Yu Hao and Weiteng Chen:

BUG: general protection fault in hci_uart_tty_ioctl [1]

The information of C reproducer can also reference the link [2]

Reported-by: Yu Hao <yhao016@ucr.edu>
Closes: https://lore.kernel.org/all/CA+UBctC3p49aTgzbVgkSZ2+TQcqq4fPDO7yZitFT5uBPDeCO2g@mail.gmail.com/ [1]
Reported-by: Weiteng Chen <wchen130@ucr.edu>
Closes: https://lore.kernel.org/lkml/CA+UBctDPEvHdkHMwD340=n02rh+jNRJNNQ5LBZNA+Wm4Keh2ow@mail.gmail.com/T/ [2]
Signed-off-by: "Lee, Chun-Yi" <jlee@suse.com>
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name Bluetooth-hci_ldisc-check-HCI_UART_PROTO_READY-flag-.patch

ntfs: mark it as broken

NTFS has unfixed issues CVE-2018-12929, CVE-2018-12930, and
CVE-2018-12931. ntfs-3g is a better supported alternative.

Make sure it can't be enabled even in custom kernels.

Gbp-Pq: Topic debian
Gbp-Pq: Name ntfs-mark-it-as-broken.patch

[i386/686-pae] PCI: Set pci=nobios by default

Forwarded: not-needed

CONFIG_PCI_GOBIOS results in physical addresses 640KB-1MB being mapped
W+X, which is undesirable for security reasons and will result in a
warning at boot now that we enable CONFIG_DEBUG_WX.

This can be overridden using the kernel parameter "pci=nobios", but we
want to disable W+X by default. Disable PCI BIOS probing by default;
it can still be enabled using "pci=bios".

Gbp-Pq: Topic debian
Gbp-Pq: Name i386-686-pae-pci-set-pci-nobios-by-default.patch

trust machine keyring (MoK) by default

Debian always trusted keys in MoK by default. Upstream made it conditional on
a new EFI variable being set. To keep backward compatibility skip this check.

Gbp-Pq: Topic features/all/db-mok-keyring
Gbp-Pq: Name trust-machine-keyring-by-default.patch

[PATCH] KEYS: Make use of platform keyring for module signature verify

Bug-Debian: https://bugs.debian.org/935945
Bug-Debian: https://bugs.debian.org/1030200
Origin: https://src.fedoraproject.org/rpms/kernel/raw/master/f/KEYS-Make-use-of-platform-keyring-for-module-signature.patch
Forwarded: https://lore.kernel.org/linux-modules/qvgp2il2co4iyxkzxvcs4p2bpyilqsbfgcprtpfrsajwae2etc@3z2s2o52i3xg/t/#u

This allows a cert in DB to be used to sign modules,
in addition to certs in the MoK and built-in keyrings.

Signed-off-by: Robert Holmes <robeholmes@gmail.com>
Signed-off-by: Jeremy Cline <jcline@redhat.com>
[bwh: Forward-ported to 5.19: adjust filename]
[наб: reinstate for 6.1, re-write description]

Gbp-Pq: Topic features/all/db-mok-keyring
Gbp-Pq: Name KEYS-Make-use-of-platform-keyring-for-module-signature.patch

[PATCH 3/4] MODSIGN: checking the blacklisted hash before loading a kernel module

Origin: https://lore.kernel.org/patchwork/patch/933175/

This patch adds the logic for checking the kernel module's hash
base on blacklist. The hash must be generated by sha256 and enrolled
to dbx/mokx.

For example:
sha256sum sample.ko
mokutil --mokx --import-hash $HASH_RESULT

Whether the signature on ko file is stripped or not, the hash can be
compared by kernel.

Cc: David Howells <dhowells@redhat.com>
Cc: Josh Boyer <jwboyer@fedoraproject.org>
Cc: James Bottomley <James.Bottomley@HansenPartnership.com>
Signed-off-by: "Lee, Chun-Yi" <jlee@suse.com>
[Rebased by Luca Boccassi]
[bwh: Forward-ported to 5.19:
- The type parameter to is_hash_blacklisted() is now an enumeration
rather than a string
- Adjust filename, context]

Gbp-Pq: Topic features/all/db-mok-keyring
Gbp-Pq: Name 0003-MODSIGN-checking-the-blacklisted-hash-before-loading-a-kernel-module.patch

arm64: add kernel config option to lock down when in Secure Boot mode

Bug-Debian: https://bugs.debian.org/831827
Forwarded: no

Add a kernel configuration option to lock down the kernel, to restrict
userspace's ability to modify the running kernel when UEFI Secure Boot is
enabled. Based on the x86 patch by Matthew Garrett.

Determine the state of Secure Boot in the EFI stub and pass this to the
kernel using the FDT.

Signed-off-by: Linn Crosetto <linn@hpe.com>
[bwh: Forward-ported to 4.10: adjust context]
[Lukas Wunner: Forward-ported to 4.11: drop parts applied upstream]
[bwh: Forward-ported to 4.15 and lockdown patch set:
- Pass result of efi_get_secureboot() in stub through to
   efi_set_secure_boot() in main kernel
- Use lockdown API and naming]
[bwh: Forward-ported to 4.19.3: adjust context in update_fdt()]
[dannf: Moved init_lockdown() call after uefi_init(), fixing SB detection]
[bwh: Drop call to init_lockdown(), as efi_set_secure_boot() now calls this]
[bwh: Forward-ported to 5.6: efi_get_secureboot() no longer takes a
sys_table parameter]
[bwh: Forward-ported to 5.7: EFI initialisation from FDT was rewritten, so:
- Add Secure Boot mode to the parameter enumeration in fdtparams.c
- Add a parameter to efi_get_fdt_params() to return the Secure Boot mode
- Since Xen does not have a property name defined for Secure Boot mode,
   change efi_get_fdt_prop() to handle a missing property name by clearing
   the output variable]
[Salvatore Bonaccorso: Forward-ported to 5.10: f30f242fb131 ("efi: Rename
arm-init to efi-init common for all arch") renamed arm-init.c to efi-init.c]

Gbp-Pq: Topic features/all/lockdown
Gbp-Pq: Name arm64-add-kernel-config-option-to-lock-down-when.patch

mtd: phram,slram: Disable when the kernel is locked down

Forwarded: https://lore.kernel.org/linux-security-module/20190830154720.eekfjt6c4jzvlbfz@decadent.org.uk/

These drivers allow mapping arbitrary memory ranges as MTD devices.
This should be disabled to preserve the kernel's integrity when it is
locked down.

* Add the HWPARAM flag to the module parameters
* When slram is built-in, it uses __setup() to read kernel parameters,
so add an explicit check security_locked_down() check

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Cc: Matthew Garrett <mjg59@google.com>
Cc: David Howells <dhowells@redhat.com>
Cc: Joern Engel <joern@lazybastard.org>
Cc: linux-mtd@lists.infradead.org
Gbp-Pq: Topic features/all/lockdown
Gbp-Pq: Name mtd-disable-slram-and-phram-when-locked-down.patch

efi: Lock down the kernel if booted in secure boot mode

Based on an earlier patch by David Howells, who wrote the following
description:

> UEFI Secure Boot provides a mechanism for ensuring that the firmware will
> only load signed bootloaders and kernels. Certain use cases may also
> require that all kernel modules also be signed. Add a configuration option
> that to lock down the kernel - which includes requiring validly signed
> modules - if the kernel is secure-booted.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
[Salvatore Bonaccorso: After fixing https://bugs.debian.org/956197 the
help text for LOCK_DOWN_IN_EFI_SECURE_BOOT was adjusted to mention that
lockdown is triggered in integrity mode (https://bugs.debian.org/1025417)]
Signed-off-by: Salvatore Bonaccorso <carnil@debian.org>
Gbp-Pq: Topic features/all/lockdown
Gbp-Pq: Name efi-lock-down-the-kernel-if-booted-in-secure-boot-mo.patch

[28/30] efi: Add an EFI_SECURE_BOOT flag to indicate secure boot mode

Origin: https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/commit?id=a5d70c55c603233c192b375f72116a395909da28

UEFI machines can be booted in Secure Boot mode. Add an EFI_SECURE_BOOT
flag that can be passed to efi_enabled() to find out whether secure boot is
enabled.

Move the switch-statement in x86's setup_arch() that inteprets the
secure_boot boot parameter to generic code and set the bit there.

Suggested-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
cc: linux-efi@vger.kernel.org
[rperier: Forward-ported to 5.5:
- Use pr_warn()
- Adjust context]
[bwh: Forward-ported to 5.6: adjust context]
[bwh: Forward-ported to 5.7:
- Use the next available bit in efi.flags
- Adjust context]

Gbp-Pq: Topic features/all/lockdown
Gbp-Pq: Name efi-add-an-efi_secure_boot-flag-to-indicate-secure-b.patch

fs: Add MODULE_SOFTDEP declarations for hard-coded crypto drivers

Bug-Debian: https://bugs.debian.org/819725
Forwarded: https://lore.kernel.org/all/20160517133631.GF7555@decadent.org.uk/

This helps initramfs builders and other tools to find the full
dependencies of a module.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
[Lukas Wunner: Forward-ported to 4.11: drop parts applied upstream]

Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name fs-add-module_softdep-declarations-for-hard-coded-cr.patch

phy/marvell: disable 4-port phys

Bug-Debian: https://bugs.debian.org/723177
Forwarded: https://lore.kernel.org/netdev/1386932764.20787.85.camel@dagon.hellion.org.uk/

The Marvell PHY was originally disabled because it can cause networking
failures on some systems. According to Lennert Buytenhek this is because some
of the variants added did not share the same register layout. Since the known
cases are all 4-ports disable those variants (indicated by a 4 in the
penultimate position of the model name) until they can be audited for
correctness.

[bwh: Also #if-out the init functions for these PHYs to avoid
compiler warnings]

Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name disable-some-marvell-phys.patch

x86: Make x32 syscall support conditional on a kernel parameter

Bug-Debian: https://bugs.debian.org/708070
Forwarded: https://lore.kernel.org/lkml/1415245982.3398.53.camel@decadent.org.uk/T/#u

Enabling x32 in the standard amd64 kernel would increase its attack
surface while provide no benefit to the vast majority of its users.
No-one seems interested in regularly checking for vulnerabilities
specific to x32 (at least no-one with a white hat).

Still, adding another flavour just to turn on x32 seems wasteful. And
the only differences on syscall entry are a few instructions that mask
out the x32 flag and compare the syscall number.

Use a static key to control whether x32 syscalls are really enabled, a
Kconfig parameter to set its default value and a kernel parameter
"syscall.x32" to change it at boot time.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic features/x86
Gbp-Pq: Name x86-make-x32-syscall-support-conditional.patch

x86: memtest: WARN if bad RAM found

Bug-Debian: https://bugs.debian.org/613321
Forwarded: https://lore.kernel.org/all/20120402150522.GA4980@burratino/

Since this is not a particularly thorough test, if we find any bad
bits of RAM then there is a fair chance that there are other bad bits
we fail to detect.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic features/x86
Gbp-Pq: Name x86-memtest-WARN-if-bad-RAM-found.patch

alpha: Fix missing symbol versions for str{,n}{cat,cpy}

Origin: https://marc.info/?l=linux-alpha&m=167364720725291&w=2

Now that modpost extracts symbol versions from *.cmd files, it can't
find the versions for these 4 symbols. This is due to the way we link
their objects together ahead of the full vmlinux link. genksyms puts
their symbol CRCs in .str{,n}{cat,cpy}.o.cmd, but modpost only reads
the .sty{,n}cpy.o.cmd files.

Add assembly sources that bring the appropriate routines together with
include directives instead of using the linker for this.

Reported-by: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>
Fixes: f292d875d0dc ("modpost: extract symbol versions from *.cmd files")
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic bugfix/alpha
Gbp-Pq: Name alpha-fix-missing-symbol-versions-for-str-n-cat-cpy.patch

arm64/acpi: Add fixup for HPE m400 quirks

Forwarded: https://lore.kernel.org/all/51d3d738-cdf5-2992-bba5-c3e1f34096c2@infradead.org/

Adds a new ACPI init routine acpi_fixup_m400_quirks that adds
a work-around for HPE ProLiant m400 APEI firmware problems.

The work-around disables APEI when CONFIG_ACPI_APEI is set and
m400 firmware is detected.  Without this fixup m400 systems
experience errors like these on startup:

  [Hardware Error]: Hardware error from APEI Generic Hardware Error Source: 2
  [Hardware Error]: event severity: fatal
  [Hardware Error]:  Error 0, type: fatal
  [Hardware Error]:   section_type: memory error
  [Hardware Error]:   error_status: 0x0000000000001300
  [Hardware Error]:   error_type: 10, invalid address
  Kernel panic - not syncing: Fatal hardware error!

Signed-off-by: Geoff Levand <geoff@infradead.org>
[bwh: Adjust context to apply to Linux 4.19]

Gbp-Pq: Topic bugfix/arm64
Gbp-Pq: Name arm64-acpi-Add-fixup-for-HPE-m400-quirks.patch

powerpc/boot: Fix missing crc32poly.h when building with KERNEL_XZ

Origin: https://patchwork.ozlabs.org/patch/963258/

After commit faa16bc404d7 ("lib: Use existing define with
polynomial") the lib/xz/xz_crc32.c includes a header from include/linux
directory thus any other user of this code should define proper include
path.

This fixes the build error on powerpc with CONFIG_KERNEL_XZ:

    In file included from ../arch/powerpc/boot/../../../lib/decompress_unxz.c:233:0,
                     from ../arch/powerpc/boot/decompress.c:42:
    ../arch/powerpc/boot/../../../lib/xz/xz_crc32.c:18:29: fatal error: linux/crc32poly.h: No such file or directory

Reported-by: Michal Kubecek <mkubecek@suse.cz>
Fixes: faa16bc404d7 ("lib: Use existing define with polynomial")
Signed-off-by: Krzysztof Kozlowski <krzk@kernel.org>
Reported-by: kbuild test robot <lkp@intel.com>
Reported-by: Meelis Roos <mroos@linux.ee>
Tested-by: Michal Kubecek <mkubecek@suse.cz>
Gbp-Pq: Topic bugfix/powerpc
Gbp-Pq: Name powerpc-boot-fix-missing-crc32poly.h-when-building-with-kernel_xz.patch

ARM: mm: Export __sync_icache_dcache() for xen-privcmd

Forwarded: https://lore.kernel.org/all/20180711225013.GF14131@decadent.org.uk/

The xen-privcmd driver, which can be modular, calls set_pte_at()
which in turn may call __sync_icache_dcache().

The call to __sync_icache_dcache() may be optimised out because it is
conditional on !pte_special(), and xen-privcmd calls pte_mkspecial().
However, in a non-LPAE configuration there is no "special" bit and the
call is really unconditional.

Fixes: 3ad0876554ca ("xen/privcmd: add IOCTL_PRIVCMD_MMAP_RESOURCE")
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic bugfix/arm
Gbp-Pq: Name arm-mm-export-__sync_icache_dcache-for-xen-privcmd.patch

sh: Do not use hyphen in exported variable names

arch/sh/Makefile defines and exports ld-bfd to be used by
arch/sh/boot/Makefile and arch/sh/boot/compressed/Makefile. However
some shells, including dash, will not pass through environment
variables whose name includes a hyphen. Usually GNU make does not use
a shell to recurse, but if e.g. $(srctree) contains '~' it will use a
shell here.

Rename the variable to ld_bfd.

(Another instance of this problem was fixed upstream by commit
82977af93a0d "sh: rename suffix-y to suffix_y".)

References: https://buildd.debian.org/status/fetch.php?pkg=linux&arch=sh4&ver=4.13%7Erc5-1%7Eexp1&stamp=1502943967&raw=0
Fixes: ef9b542fce00 ("sh: bzip2/lzma uImage support.")
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic bugfix/sh
Gbp-Pq: Name sh-boot-do-not-use-hyphen-in-exported-variable-name.patch

perf tools: Fix unwind build on i386

Forwarded: no

EINVAL may not be defined when building unwind-libunwind.c with
REMOTE_UNWIND_LIBUNWIND, resulting in a compiler error in
LIBUNWIND__ARCH_REG_ID(). Its only caller, access_reg(), only checks
for a negative return value and doesn't care what it is. So change
-EINVAL to -1.

Fixes: 52ffe0ff02fc ("Support x86(32-bit) cross platform callchain unwind.")
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic bugfix/x86
Gbp-Pq: Name perf-tools-fix-unwind-build-on-i386.patch

ARM: dts: kirkwood: Fix SATA pinmux-ing for TS419

Forwarded: https://lore.kernel.org/all/20170218003251.GC4152@decadent.org.uk/
Bug-Debian: https://bugs.debian.org/855017

The old board code for the TS419 assigns MPP pins 15 and 16 as SATA
activity signals (and none as SATA presence signals). Currently the
device tree assigns the SoC's default pinmux groups for SATA, which
conflict with the second Ethernet port.

Reported-by: gmbh@gazeta.pl
Tested-by: gmbh@gazeta.pl
References: https://bugs.debian.org/855017
Cc: stable@vger.kernel.org # 3.15+
Fixes: 934b524b3f49 ("ARM: Kirkwood: Add DT description of QNAP 419")
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic bugfix/arm
Gbp-Pq: Name arm-dts-kirkwood-fix-sata-pinmux-ing-for-ts419.patch

btrfs: warn about RAID5/6 being experimental at mount time

Bug-Debian: https://bugs.debian.org/863290
Origin: https://bugs.debian.org/863290#5

Too many people come complaining about losing their data -- and indeed,
there's no warning outside a wiki and the mailing list tribal knowledge.
Message severity chosen for consistency with XFS -- "alert" makes dmesg
produce nice red background which should get the point across.

Signed-off-by: Adam Borowski <kilobyte@angband.pl>
[bwh: Also add_taint() so this is flagged in bug reports]
[2023-01-10: still accurate according to btrfs-progs own manpage:
https://git.kernel.org/pub/scm/linux/kernel/git/kdave/btrfs-progs.git/commit/?id=922797e15590b836e377d6dc47b828356cafc2a9]

Gbp-Pq: Topic debian
Gbp-Pq: Name btrfs-warn-about-raid5-6-being-experimental-at-mount.patch

fanotify: Taint on use of FANOTIFY_ACCESS_PERMISSIONS

Forwarded: not-needed

Various free and proprietary AV products use this feature and users
apparently want it. But punting access checks to userland seems like
an easy way to deadlock the system, and there will be nothing we can
do about that. So warn and taint the kernel if this feature is
actually used.

Gbp-Pq: Topic debian
Gbp-Pq: Name fanotify-taint-on-use-of-fanotify_access_permissions.patch

fjes: Disable auto-loading

Bug-Debian: https://bugs.debian.org/853976
Forwarded: no

fjes matches a generic ACPI device ID, and relies on its probe
function to distinguish whether that really corresponds to a supported
device. Very few system will need the driver and it wastes memory on
all the other systems where the same device ID appears, so disable
auto-loading.

Gbp-Pq: Topic debian
Gbp-Pq: Name fjes-disable-autoload.patch

viafb: Autoload on OLPC XO 1.5 only

Bug-Debian: https://bugs.debian.org/705788
Forwarded: no

It appears that viafb won't work automatically on all the boards for
which it has a PCI device ID match. Currently, it is blacklisted by
udev along with most other framebuffer drivers, so this doesn't matter
much.

However, this driver is required for console support on the XO 1.5.
We need to allow it to be autoloaded on this model only, and then
un-blacklist it in udev.

Gbp-Pq: Topic bugfix/x86
Gbp-Pq: Name viafb-autoload-on-olpc-xo1.5-only.patch

snd-pcsp: Disable autoload

Forwarded: not-needed
Bug-Debian: https://bugs.debian.org/697709

There are two drivers claiming the platform:pcspkr device:
- pcspkr creates an input(!) device that can only beep
- snd-pcsp creates an equivalent input device plus a PCM device that can
  play barely recognisable renditions of sampled sound

snd-pcsp is blacklisted by the alsa-base package, but not everyone
installs that.  On PCs where no sound is wanted at all, both drivers
will still be loaded and one or other will complain that it couldn't
claim the relevant I/O range.

In case anyone finds snd-pcsp useful, we continue to build it.  But
remove the alias, to ensure it's not loaded where it's not wanted.

Gbp-Pq: Topic debian
Gbp-Pq: Name snd-pcsp-disable-autoload.patch

cdc_ncm,cdc_mbim: Use NCM by default

Forwarded: not-needed

Devices that support both NCM and MBIM modes should be kept in NCM
mode unless there is userland support for MBIM.

Set the default value of cdc_ncm.prefer_mbim to false and leave it to
userland (modem-manager) to override this with a modprobe.conf file
once it's ready to speak MBIM.

Gbp-Pq: Topic debian
Gbp-Pq: Name cdc_ncm-cdc_mbim-use-ncm-by-default.patch

intel-iommu: Add Kconfig option to exclude iGPU by default

Bug-Debian: https://bugs.debian.org/935270
Bug-Kali: https://bugs.kali.org/view.php?id=5644

There is still laptop firmware that touches the integrated GPU behind
the operating system's back, and doesn't say so in the RMRR table.
Enabling the IOMMU for all devices causes breakage.

Replace CONFIG_INTEL_IOMMU_DEFAULT_ON with a 3-way choice
corresponding to "on", "off", and "on,intgpu_off".

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic features/x86
Gbp-Pq: Name intel-iommu-add-kconfig-option-to-exclude-igpu-by-default.patch

intel-iommu: Add option to exclude integrated GPU only

Bug-Debian: https://bugs.debian.org/935270
Bug-Kali: https://bugs.kali.org/view.php?id=5644

There is still laptop firmware that touches the integrated GPU behind
the operating system's back, and doesn't say so in the RMRR table.
Enabling the IOMMU for all devices causes breakage, but turning it off
for all graphics devices seems like a major weakness.

Add an option, intel_iommu=intgpu_off, to exclude only integrated GPUs
from remapping. This is a narrower exclusion than igfx_off: it only
affects Intel devices on the root bus. Devices attached through an
external port (Thunderbolt or ExpressCard) won't be on the root bus.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic features/x86
Gbp-Pq: Name intel-iommu-add-option-to-exclude-integrated-gpu-only.patch

security,perf: Allow further restriction of perf_event_open

Forwarded: https://lore.kernel.org/all/20160111152355.GS28542@decadent.org.uk/

When kernel.perf_event_open is set to 3 (or greater), disallow all
access to performance events by users without CAP_SYS_ADMIN.
Add a Kconfig symbol CONFIG_SECURITY_PERF_EVENTS_RESTRICT that
makes this value the default.

This is based on a similar feature in grsecurity
(CONFIG_GRKERNSEC_PERF_HARDEN). This version doesn't include making
the variable read-only. It also allows enabling further restriction
at run-time regardless of whether the default is changed.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic features/all
Gbp-Pq: Name security-perf-allow-further-restriction-of-perf_event_open.patch

add sysctl to disallow unprivileged CLONE_NEWUSER by default

Origin: http://kernel.ubuntu.com/git?p=serge%2Fubuntu-saucy.git;a=commit;h=5c847404dcb2e3195ad0057877e1422ae90892b8

add sysctl to disallow unprivileged CLONE_NEWUSER by default

This is a short-term patch. Unprivileged use of CLONE_NEWUSER
is certainly an intended feature of user namespaces. However
for at least saucy we want to make sure that, if any security
issues are found, we have a fail-safe.

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
[bwh: Remove unneeded binary sysctl bits]
[bwh: Keep this sysctl, but change the default to enabled]

Gbp-Pq: Topic debian
Gbp-Pq: Name add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by-default.patch

yama: Disable by default

Bug-Debian: https://bugs.debian.org/712740
Forwarded: not-needed

Gbp-Pq: Topic debian
Gbp-Pq: Name yama-disable-by-default.patch

sched: Do not enable autogrouping by default

Forwarded: not-needed

We want to provide the option of autogrouping but without enabling
it by default yet.

Gbp-Pq: Topic debian
Gbp-Pq: Name sched-autogroup-disabled.patch

fs: Enable link security restrictions by default

Bug-Debian: https://bugs.debian.org/609455
Forwarded: not-needed

This reverts commit 561ec64ae67ef25cac8d72bb9c4bfc955edfd415
('VFS: don't do protected {sym,hard}links by default').

Gbp-Pq: Topic debian
Gbp-Pq: Name fs-enable-link-security-restrictions-by-default.patch

hamradio: Disable auto-loading as mitigation against local exploits

Forwarded: not-needed

We can mitigate the effect of vulnerabilities in obscure protocols by
preventing unprivileged users from loading the modules, so that they
are only exploitable on systems where the administrator has chosen to
load the protocol.

The 'ham' radio protocols (ax25, netrom, rose) are not actively
maintained or widely used. Therefore disable auto-loading.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic debian
Gbp-Pq: Name hamradio-disable-auto-loading-as-mitigation-against-local-exploits.patch

dccp: Disable auto-loading as mitigation against local exploits

Forwarded: not-needed

We can mitigate the effect of vulnerabilities in obscure protocols by
preventing unprivileged users from loading the modules, so that they
are only exploitable on systems where the administrator has chosen to
load the protocol.

The 'dccp' protocol is not actively maintained or widely used.
Therefore disable auto-loading.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic debian
Gbp-Pq: Name dccp-disable-auto-loading-as-mitigation-against-local-exploits.patch

[PATCH 1/3] rds: Disable auto-loading as mitigation against local exploits

Forwarded: not-needed

Recent review has revealed several bugs in obscure protocol
implementations that can be exploited by local users for denial of
service or privilege escalation. We can mitigate the effect of any
remaining vulnerabilities in such protocols by preventing unprivileged
users from loading the modules, so that they are only exploitable on
systems where the administrator has chosen to load the protocol.

The 'rds' protocol is one such protocol that has been found to be
vulnerable, and which was not present in the 'lenny' kernel.
Therefore disable auto-loading.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic debian
Gbp-Pq: Name rds-Disable-auto-loading-as-mitigation-against-local.patch

[PATCH 2/3] af_802154: Disable auto-loading as mitigation against local exploits

Forwarded: not-needed

Recent review has revealed several bugs in obscure protocol
implementations that can be exploited by local users for denial of
service or privilege escalation. We can mitigate the effect of any
remaining vulnerabilities in such protocols by preventing unprivileged
users from loading the modules, so that they are only exploitable on
systems where the administrator has chosen to load the protocol.

The 'af_802154' (IEEE 802.15.4) protocol is not widely used, was
not present in the 'lenny' kernel, and seems to receive only sporadic
maintenance. Therefore disable auto-loading.

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic debian
Gbp-Pq: Name af_802154-Disable-auto-loading-as-mitigation-against.patch

firmware_class: Refer to Debian wiki page when logging missing firmware

Bug-Debian: https://bugs.debian.org/888405
Forwarded: not-needed

If firmware loading fails due to a missing file, log a second error
message referring to our wiki page about firmware. This will explain
why some firmware is in non-free, or can't be packaged at all. Only
do this once per boot.

Do something similar in the radeon and amdgpu drivers, where we have
an early check to avoid failing at a point where we cannot display
anything.

Gbp-Pq: Topic debian
Gbp-Pq: Name firmware_class-refer-to-debian-wiki-firmware-page.patch

radeon, amdgpu: Firmware is required for DRM and KMS on R600 onward

Bug-Debian: https://bugs.debian.org/607194
Bug-Debian: https://bugs.debian.org/607471
Bug-Debian: https://bugs.debian.org/610851
Bug-Debian: https://bugs.debian.org/627497
Bug-Debian: https://bugs.debian.org/632212
Bug-Debian: https://bugs.debian.org/637943
Bug-Debian: https://bugs.debian.org/649448
Bug-Debian: https://bugs.debian.org/697229
Forwarded: no

radeon requires firmware/microcode for the GPU in all chips, but for
newer chips (apparently R600 'Evergreen' onward) it also expects
firmware for the memory controller and other sub-blocks.

radeon attempts to gracefully fall back and disable some features if
the firmware is not available, but becomes unstable - the framebuffer
and/or system memory may be corrupted, or the display may stay black.

Therefore, perform a basic check for the existence of
/lib/firmware/{radeon,amdgpu} when a device is probed, and abort if it
is missing, except for the pre-R600 case.

Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name radeon-amdgpu-firmware-is-required-for-drm-and-kms-on-r600-onward.patch

firmware: Remove redundant log messages from drivers

Forwarded: no

Now that firmware_class logs every success and failure consistently,
many other log messages can be removed from drivers.

This will probably need to be split up into multiple patches prior to
upstream submission.

Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name firmware-remove-redundant-log-messages-from-drivers.patch

firmware_class: Log every success and failure against given device

Forwarded: no

The hundreds of users of request_firmware() have nearly as many
different log formats for reporting failures.  They also have only the
vaguest hint as to what went wrong; only firmware_class really knows
that.  Therefore, add specific log messages for the failure modes that
aren't currently logged.

In case of a driver that tries multiple names, this may result in the
impression that it failed to initialise.  Therefore, also log successes.

This makes many error messages in drivers redundant, which will be
removed in later patches.

This does not cover the case where we fall back to a user-mode helper
(which is no longer enabled in Debian).

NOTE: hw-detect will depend on the "firmware: failed to load %s (%d)\n"
format to detect missing firmware.

Gbp-Pq: Topic bugfix/all
Gbp-Pq: Name firmware_class-log-every-success-and-failure.patch

iwlwifi: Do not request unreleased firmware for IWL6000

Bug-Debian: https://bugs.debian.org/689416
Forwarded: not-needed

The iwlwifi driver currently supports firmware API versions 4-6 for
these devices.  It will request the file for the latest supported
version and then fall back to earlier versions.  However, the latest
version that has actually been released is 4, so we expect the
requests for versions 6 and then 5 to fail.

The installer appears to report any failed request, and it is probably
not easy to detect that this particular failure is harmless.  So stop
requesting the unreleased firmware.

Gbp-Pq: Topic debian
Gbp-Pq: Name iwlwifi-do-not-request-unreleased-firmware.patch

af9005: Use request_firmware() to load register init script

Forwarded: no

Read the register init script from the Windows driver. This is sick
but should avoid the potential copyright infringement in distributing
a version of the script which is directly derived from the driver.

Gbp-Pq: Topic features/all
Gbp-Pq: Name drivers-media-dvb-usb-af9005-request_firmware.patch

fixdep: Allow overriding HOSTCC and HOSTLD

Forwarded: not-needed

objtool always uses HOSTCC, HOSTLD, and HOSTAR, so we need to override
these on the command line for cross-builds of linux-kbuild. But it
also builds fixdep which still needs to be native in a cross-build.
Add support for REALHOSTCC and REALHOSTLD variables which, if set,
override HOSTCC and HOSTLD for fixdep only.

Gbp-Pq: Topic debian
Gbp-Pq: Name fixdep-allow-overriding-hostcc-and-hostld.patch

Makefile: Make compiler version comparison optional

Forwarded: not-needed
Bug-Debian: https://bugs.debian.org/1019749

The top-level Makefile warns if the compiler version string changes at
all between the kernel build and an out-of-tree module build.

We expect that major compiler version changes could introduce ABI
changes, and override the CC variable in out-of-tree module builds to
ensure that the same major compiler version is used. But minor
version changes should not make a difference, so this exact version
comparison produces false warnings.

Since custom kernel packages don't have that, don't remove the version
comparison. Instead, skip it if $(DEBIAN_KERNEL_NO_CC_VERSION_CHECK)
is non-empty.

Gbp-Pq: Topic debian
Gbp-Pq: Name makefile-make-compiler-version-comparison-optional.patch

module: Avoid ABI changes when debug info is disabled

Forwarded: not-needed

CI builds are done with debug info disabled, but this removes some
members from struct module. This causes builds to fail if there is an
ABI reference for the current ABI.

Define these members unconditionally, so that there is no ABI change.

Gbp-Pq: Topic debian
Gbp-Pq: Name module-avoid-abi-changes-when-debug-info-is-disabled.patch

kbuild: Abort build if SUBDIRS used

Forwarded: not-needed
Bug-Debian: https://bugs.debian.org/987575

DKMS and module-assistant both build OOT modules as root. If they
build an old OOT module that still use SUBDIRS this causes Kbuild
to try building a full kernel, which obviously fails but not before
deleting files from the installed headers package.

To avoid such mishaps, detect this situation and abort the build.

The error message is based on that used in commit 0126be38d988
"kbuild: announce removal of SUBDIRS if used".

Gbp-Pq: Topic debian
Gbp-Pq: Name kbuild-abort-build-if-subdirs-used.patch

kbuild: Look for module.lds under arch directory too

Forwarded: not-needed
Bug-Debian: https://bugs.debian.org/975571

The module.lds linker script is now built under the scripts directory,
where previously it was under arch/$(SRCARCH).

However, we package the scripts directory as linux-kbuild, which is
meant to be able to do support native and cross-builds. That means it
shouldn't contain files for a specific target architecture without a
wrapper to select between them, and it doesn't appear that linker
scripts are powerful enough to implement such a wrapper.

Building module.lds in a different location would require relatively
large changes. Moving it in the package build rules can work, but we
need to support custom kernel builds from the same source so we can't
assume it's moved.

Therefore, we move module.lds under the arch build directory in
rules.real and change Makefile.modfinal to look for it in both places.

Gbp-Pq: Topic debian
Gbp-Pq: Name kbuild-look-for-module.lds-under-arch-directory-too.patch

[PATCH 2/2] perf/traceevent: Support asciidoctor for documentation

From cd02fc78859ef9aefd7c92406f9523622da0b472 Mon Sep 17 00:00:00 2001
Forwarded: not-needed

Gbp-Pq: Topic debian
Gbp-Pq: Name perf-traceevent-support-asciidoctor-for-documentatio.patch

[PATCH 1/2] Documentation: Drop sphinx version check

From 252aa79fdbd4ac2da09d9b98f81bf11f5e3e1870 Mon Sep 17 00:00:00 2001
Forwarded: not-needed

Gbp-Pq: Topic debian
Gbp-Pq: Name documentation-drop-sphinx-version-check.patch

android: Enable building ashmem and binder as modules

Bug-Debian: https://bugs.debian.org/901492

We want to enable use of the Android ashmem and binder drivers to
support Anbox, but they should not be built-in as that would waste
resources and increase security attack surface on systems that don't
need them.

- Add a MODULE_LICENSE declaration to ashmem
- Change the Makefiles to build each driver as an object with the
"_linux" suffix (which is what Anbox expects)
- Change config symbol types to tristate

Update:
In upstream commit 721412ed3d titled "staging: remove ashmem" the ashmem
driver was removed entirely. Secondary commit message:
"The mainline replacement for ashmem is memfd, so remove the legacy
code from drivers/staging/"
Consequently, the ashmem part of this patch has been removed.

Gbp-Pq: Topic debian
Gbp-Pq: Name android-enable-building-ashmem-and-binder-as-modules.patch

Export symbols needed by Android drivers

Bug-Debian: https://bugs.debian.org/901492

We want to enable use of the Android ashmem and binder drivers to
support Anbox, but they should not be built-in as that would waste
resources and increase security attack surface on systems that don't
need them.

Export the currently un-exported symbols they depend on.

Gbp-Pq: Topic debian
Gbp-Pq: Name export-symbols-needed-by-android-drivers.patch

wireless: Add Debian wireless-regdb certificates

Forwarded: not-needed

This hex dump is generated using:

{
    for cert in debian/certs/wireless-regdb-*.pem; do
        openssl x509 -in $cert -outform der;
    done
} | hexdump -v -e '1/1 "0x%.2x," "\n"' > net/wireless/certs/debian.hex

Gbp-Pq: Topic debian
Gbp-Pq: Name wireless-add-debian-wireless-regdb-certificates.patch

tools: install perf python bindings

Bug-Debian: http://bugs.debian.org/860957
Forwarded: not-needed

Gbp-Pq: Topic debian
Gbp-Pq: Name tools-perf-install-python-bindings.patch

linux-tools: Install perf-read-vdso{,x}32 in directory under /usr/lib

Gbp-Pq: Topic debian
Gbp-Pq: Name tools-perf-perf-read-vdso-in-libexec.patch

[sh4] Fix uImage build

Bug-Debian: https://bugs.debian.org/569034
Forwarded: not-needed

[bwh: This was added without a description, but I think it is done
only to avoid a build-dependency on u-boot-tools.]

Gbp-Pq: Topic debian
Gbp-Pq: Name arch-sh4-fix-uimage-build.patch

Use RELAXED ieee754 mode for Loongson-3 as 3A 4000 is 2008-only

Forwarded: not-needed

There are 2 mode of value of IEEE NaN hardcoded by CPU.
Currently, our mipsel/mips64el port is in so-called lagacy mode.
Loongson 3A 4000 is set as the so-called 2008 mode.

To make Debian workable on Loongson 3A 4000, we need set the kerenl in
RELAXED mode.

https://web.archive.org/web/20180830093617/https://dmz-portal.mips.com/wiki/MIPS_ABI_-_NaN_Interlinking

Gbp-Pq: Topic debian
Gbp-Pq: Name mips-ieee754-relaxed.patch

Disable uImage generation for mips generic

Forwarded: not-needed

MIPS generic trys to generate uImage when build, which then ask for
u-boot-tools.

[bwh: Updated for 5.17:
- zload-y is no longer assigned here and appears to default to empty
- Adjust context]

Gbp-Pq: Topic debian
Gbp-Pq: Name mips-boston-disable-its.patch

[PATCH] Partially revert "MIPS: Add -Werror to arch/mips/Kbuild"

Forwarded: not-needed

This reverts commits 66f9ba101f54bda63ab1db97f9e9e94763d0651b and
5373633cc9253ba82547473e899cab141c54133e.

We really don't want to add -Werror anywhere.

Gbp-Pq: Topic debian
Gbp-Pq: Name mips-disable-werror.patch

Hardcode arch script output

Bug-Debian: https://bugs.debian.org/392592
Forwarded: not-needed

Here's a patch that simply uses hardcoded definitions instead of
doing the dynamic tests that require architecture-specific scripts.

I don't particularly like this approach because it restricts
portability and diverts from upstream. But, it is simpler, and this
really needs to be fixed somehow before etch (along with a rebuild of
linux-modules-extra-2.6), so I'm willing to live with it if my other
patch is deemed unacceptable.

My primary concern is that, in the future, the output of these scripts
will change and we (or our successors) will either not notice or
forget to update the hardcoded values.

Including the scripts in linux-kbuild will avoid this manual step
altogether, and allow for the possibility of other archs to provide
their own scripts in the future.

Gbp-Pq: Topic debian
Gbp-Pq: Name ia64-hardcode-arch-script-output.patch

kbuild: Make the toolchain variables easily overwritable

Forwarded: not-needed

Allow make variables to be overridden for each flavour by a file in
the build tree, .kernelvariables.

We currently use this for ARCH, KERNELRELEASE, CC, and in some cases
also CROSS_COMPILE, KCFLAGS.

This file can only be read after we establish the build tree, and all
use of $(ARCH) needs to be moved after this.

[bwh: Updated for 5.3: include .kernelvariables from current directory
rather than using undefined $(obj).]

Gbp-Pq: Topic debian
Gbp-Pq: Name kernelvariables.patch

Make mkcompile_h accept an alternate timestamp string

Forwarded: not-needed

We want to include the Debian version in the utsname::version string
instead of a full timestamp string. However, we still need to provide
a standard timestamp string for gen_initramfs_list.sh to make the
kernel image reproducible.

Make mkcompile_h use $KBUILD_BUILD_VERSION_TIMESTAMP in preference to
$KBUILD_BUILD_TIMESTAMP.

Gbp-Pq: Topic debian
Gbp-Pq: Name uname-version-timestamp.patch

Include package version along with kernel release in stack traces

Forwarded: not-needed

For distribution binary packages we assume
$DISTRIBUTION_OFFICIAL_BUILD, $DISTRIBUTOR and $DISTRIBUTION_VERSION
are set.

Gbp-Pq: Topic debian
Gbp-Pq: Name version.patch

Documentation: Fix broken link to CIPSO draft

Forwarded: not-needed

We exclude the CIPSO draft text as its licence is not DFSG compliant.
Link to the IETF's online version instead.

Gbp-Pq: Topic debian/dfsg
Gbp-Pq: Name documentation-fix-broken-link-to-cipso-draft.patch

video: Remove nvidiafb and rivafb

Bug-Debian: https://bugs.debian.org/383481
Forwarded: no

These drivers contain register programming code provided by the
hardware vendor that appears to have been deliberately obfuscated.
This is arguably not the preferred form for modification.

These drivers are also largely redundant with nouveau. The RIVA 128
(NV3) is not supported by nouveau but is about 15 years old and
probably discontinued 10 years ago.

Gbp-Pq: Topic debian/dfsg
Gbp-Pq: Name video-remove-nvidiafb-and-rivafb.patch

Add removal patches for: 3c359, smctr, keyspan, cops

Forwarded: not-needed

Gbp-Pq: Topic debian/dfsg
Gbp-Pq: Name drivers-net-appletalk-cops.patch

dvb-usb-af9005: mark as broken

Forwarded: not-needed

Gbp-Pq: Topic debian/dfsg
Gbp-Pq: Name drivers-media-dvb-dvb-usb-af9005-disable.patch

Remove microcode patches for mgsuvd (not enabled in Debian configs)

Forwarded: not-needed

Gbp-Pq: Topic debian/dfsg
Gbp-Pq: Name arch-powerpc-platforms-8xx-ucode-disable.patch

Tweak gitignore for Debian pkg-kernel using git svn.

Forwarded: not-needed

[bwh: Tweak further for pure git]

Gbp-Pq: Topic debian
Gbp-Pq: Name gitignore.patch

linux (6.5.10-1) unstable; urgency=medium

  * New upstream stable update:
    https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.9
    - Bluetooth: hci_event: Ignore NULL link key
    - Bluetooth: Reject connection with the device which has same BD_ADDR
    - Bluetooth: Fix a refcnt underflow problem for hci_conn
    - Bluetooth: vhci: Fix race when opening vhci device
    - Bluetooth: hci_event: Fix coding style
    - Bluetooth: avoid memcmp() out of bounds warning
    - Bluetooth: hci_conn: Fix modifying handle while aborting
    - ice: fix over-shifted variable
    - ice: Fix safe mode when DDP is missing
    - ice: reset first in crash dump kernels
    - net/smc: return the right falback reason when prefix checks fail
    - btrfs: fix stripe length calculation for non-zoned data chunk allocation
    - regmap: fix NULL deref on lookup
    - [x86] KVM: x86: Mask LVTPC when handling a PMI
    - [x86] sev: Disable MMIO emulation from user mode (CVE-2023-46813)
    - [x86] sev: Check IOBM for IOIO exceptions from user-space (CVE-2023-46813)
    - [x86] sev: Check for user-space IOIO pointing to kernel space
      (CVE-2023-46813)
    - [x86] fpu: Allow caller to constrain xfeatures when copying to uabi buffer
    - [x86] KVM: x86/pmu: Truncate counter value to allowed width on write
    - [x86] KVM: x86: Constrain guest-supported xfeatures only at
      KVM_GET_XSAVE{2}
    - [x86] KVM: SVM: add support for Invalid IPI Vector interception
    - [x86] KVM: SVM: refresh AVIC inhibition in svm_leave_nested()
    - audit,io_uring: io_uring openat triggers audit reference count underflow
    - tcp: check mptcp-level constraints for backlog coalescing
    - mptcp: more conservative check for zero probes
    - mm: slab: Do not create kmalloc caches smaller than arch_slab_minalign()
    - Revert "net: wwan: iosm: enable runtime pm support for 7560"
    - netfilter: nft_payload: fix wrong mac header matching
    - io_uring: fix crash with IORING_SETUP_NO_MMAP and invalid SQ ring address
    - [x86] drm/i915: Retry gtt fault when out of fence registers
    - drm/nouveau/disp: fix DP capable DSM connectors
    - drm/edid: add 8 bpc quirk to the BenQ GW2765
    - ALSA: hda/realtek - Fixed ASUS platform headset Mic issue
    - ALSA: hda/realtek: Add quirk for ASUS ROG GU603ZV
    - ALSA: hda/relatek: Enable Mute LED on HP Laptop 15s-fq5xxx
    - [arm64] ASoC: codecs: wcd938x-sdw: fix use after free on driver unbind
    - [arm64] ASoC: codecs: wcd938x-sdw: fix runtime PM imbalance on probe
      errors
    - [arm64] ASoC: codecs: wcd938x: drop bogus bind error handling
    - [arm64] ASoC: codecs: wcd938x: fix unbind tear down order
    - [arm64] ASoC: codecs: wcd938x: fix resource leaks on bind errors
    - [arm64] ASoC: codecs: wcd938x: fix regulator leaks on probe errors
    - [arm64] ASoC: codecs: wcd938x: fix runtime PM imbalance on remove
    - qed: fix LL2 RX buffer allocation
    - xfrm: fix a data-race in xfrm_lookup_with_ifid()
    - xfrm6: fix inet6_dev refcount underflow problem
    - xfrm: fix a data-race in xfrm_gen_index()
    - xfrm: interface: use DEV_STATS_INC()
    - net: xfrm: skip policies marked as dead while reinserting policies
    - fprobe: Fix to ensure the number of active retprobes is not zero
    - wifi: cfg80211: use system_unbound_wq for wiphy work
    - net: ipv4: fix return value check in esp_remove_trailer
    - net: ipv6: fix return value check in esp_remove_trailer
    - net: rfkill: gpio: prevent value glitch during probe
    - tcp: fix excessive TLP and RACK timeouts from HZ rounding
    - tcp: tsq: relax tcp_small_queue_check() when rtx queue contains a single
      skb
    - tcp: Fix listen() warning with v4-mapped-v6 address.
    - docs: fix info about representor identification
    - tun: prevent negative ifindex
    - gve: Do not fully free QPL pages on prefill errors
    - ipv4: fib: annotate races around nh->nh_saddr_genid and nh->nh_saddr
    - net: usb: smsc95xx: Fix an error code in smsc95xx_reset()
    - i40e: prevent crash on probe if hw registers have invalid values
    - net: dsa: bcm_sf2: Fix possible memory leak in bcm_sf2_mdio_register()
    - bonding: Return pointer to data after pull on skb
    - net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it becomes a inner curve
    - neighbor: tracing: Move pin6 inside CONFIG_IPV6=y section
    - netfilter: nft_set_rbtree: .deactivate fails if element has expired
    - netlink: Correct offload_xstats size
    - netfilter: nf_tables: do not refresh timeout when resetting element
    - nf_tables: fix NULL pointer dereference in nft_expr_inner_parse()
    - nf_tables: fix NULL pointer dereference in nft_inner_init()
    - netfilter: nf_tables: do not remove elements if set backend implements
      .abort
    - netfilter: nf_tables: revert do not remove elements if set backend
      implements .abort
    - net: phy: bcm7xxx: Add missing 16nm EPHY statistics
    - net: pktgen: Fix interface flags printing
    - net: more strict VIRTIO_NET_HDR_GSO_UDP_L4 validation
    - net: mdio-mux: fix C45 access returning -EIO after API change
    - net: avoid UAF on deleted altname
    - net: fix ifname in netlink ntf during netns move
    - net: check for altname conflicts when changing netdev's netns
    - iio: light: vcnl4000: Don't power on/off chip in config
    - fs-writeback: do not requeue a clean inode having skipped pages
    - btrfs: fix race when refilling delayed refs block reserve
    - btrfs: prevent transaction block reserve underflow when starting
      transaction
    - btrfs: return -EUCLEAN for delayed tree ref with a ref count not equals to
      1
    - btrfs: initialize start_slot in btrfs_log_prealloc_extents
    - i2c: mux: Avoid potential false error message in i2c_mux_add_adapter
    - overlayfs: set ctime when setting mtime and atime
    - gpio: timberdale: Fix potential deadlock on &tgpio->lock
    - ata: libata-core: Fix compilation warning in ata_dev_config_ncq()
    - ata: libata-eh: Fix compilation warning in ata_eh_link_report()
    - tracing: relax trace_event_eval_update() execution with cond_resched()
    - wifi: mwifiex: Sanity check tlv_len and tlv_bitmap_len
    - wifi: cfg80211: validate AP phy operation before starting it
    - wifi: iwlwifi: Ensure ack flag is properly cleared.
    - rfkill: sync before userspace visibility/changes
    - HID: logitech-hidpp: Add Bluetooth ID for the Logitech M720 Triathlon
      mouse
    - HID: holtek: fix slab-out-of-bounds Write in holtek_kbd_input_event
    - Bluetooth: btusb: add shutdown function for QCA6174
    - Bluetooth: Avoid redundant authentication
    - Bluetooth: hci_core: Fix build warnings
    - wifi: cfg80211: Fix 6GHz scan configuration
    - wifi: mac80211: work around Cisco AP 9115 VHT MPDU length
    - wifi: mac80211: allow transmitting EAPOL frames with tainted key
    - wifi: cfg80211: avoid leaking stack data into trace
    - regulator/core: Revert "fix kobject release warning and memory leak in
      regulator_register()"
    - SUNRPC: Fail quickly when server does not recognize TLS
    - SUNRPC/TLS: Lock the lower_xprt during the tls handshake
    - nfs: decrement nrequests counter before releasing the req
    - sky2: Make sure there is at least one frag_addr available
    - ipv4/fib: send notify when delete source address routes
    - drm: panel-orientation-quirks: Add quirk for One Mix 2S
    - btrfs: fix some -Wmaybe-uninitialized warnings in ioctl.c
    - btrfs: error out when COWing block using a stale transaction
    - btrfs: error when COWing block from a root that is being deleted
    - btrfs: error out when reallocating block for defrag using a stale
      transaction
    - [x86] platform/x86: touchscreen_dmi: Add info for the BUSH Bush Windows
      tablet
    - drm/amd/pm: add unique_id for gc 11.0.3
    - HID: multitouch: Add required quirk for Synaptics 0xcd7e device
    - HID: nintendo: reinitialize USB Pro Controller after resuming from suspend
    - HID: Add quirk to ignore the touchscreen battery on HP ENVY 15-eu0556ng
    - [x86] platform/x86: touchscreen_dmi: Add info for the Positivo C4128B
    - cpufreq: schedutil: Update next_freq when cpufreq_limits change
    - io-wq: fully initialize wqe before calling
      cpuhp_state_add_instance_nocalls()
    - Bluetooth: hci_sync: Fix not handling ISO_LINK in hci_abort_conn_sync
    - Bluetooth: hci_sync: Introduce PTR_UINT/UINT_PTR macros
    - Bluetooth: ISO: Fix invalid context error
    - Bluetooth: hci_sync: delete CIS in BT_OPEN/CONNECT/BOUND when aborting
    - Bluetooth: hci_sync: always check if connection is alive before deleting
    - net/mlx5: E-switch, register event handler before arming the event
    - net/mlx5: Handle fw tracer change ownership event based on MTRC
    - net/mlx5e: RX, Fix page_pool allocation failure recovery for striding rq
    - net/mlx5e: RX, Fix page_pool allocation failure recovery for legacy rq
    - net/mlx5e: XDP, Fix XDP_REDIRECT mpwqe page fragment leaks on shutdown
    - net/mlx5e: Take RTNL lock before triggering netdev notifiers
    - net/mlx5e: Don't offload internal port if filter device is out device
    - net/mlx5e: Fix VF representors reporting zero counters to "ip -s" command
    - net/tls: split tls_rx_reader_lock
    - tcp: allow again tcp_disconnect() when threads are waiting
    - Bluetooth: hci_event: Fix using memcmp when comparing keys
    - tcp_bpf: properly release resources on error paths
    - dt-bindings: mmc: sdhci-msm: correct minimum number of clocks
    - mmc: sdhci-pci-gli: fix LPM negotiation so x86/S0ix SoCs can suspend
    - mmc: core: Fix error propagation for some ioctl commands
    - mmc: core: sdio: hold retuning if sdio in 1-bit mode
    - mmc: core: Capture correct oemid-bits for eMMC cards
    - pinctrl: qcom: lpass-lpi: fix concurrent register updates
    - Revert "pinctrl: avoid unsafe code pattern in find_pinctrl()"
    - pNFS: Fix a hang in nfs4_evict_inode()
    - pNFS/flexfiles: Check the layout validity in
      ff_layout_mirror_prepare_stats
    - NFSv4.1: fixup use EXCHGID4_FLAG_USE_PNFS_DS for DS server
    - ACPI: irq: Fix incorrect return value in acpi_register_gsi()
    - ACPI: bus: Move acpi_arm_init() to the place of after acpi_ghes_init()
    - perf dlfilter: Fix use of addr_location__exit() in dlfilter__object_code()
    - fanotify: limit reporting of event with non-decodeable file handles
    - NFS: Fix potential oops in nfs_inode_remove_request()
    - nfs42: client needs to strip file mode's suid/sgid bit after ALLOCATE op
    - nvme: sanitize metadata bounce buffer for reads
    - nvme-pci: add BOGUS_NID for Intel 0a54 device
    - nvme-auth: use chap->s2 to indicate bidirectional authentication
    - USB: serial: option: add Telit LE910C4-WWX 0x1035 composition
    - USB: serial: option: add entry for Sierra EM9191 with new firmware
    - USB: serial: option: add Fibocom to DELL custom modem FM101R-GL
    - [x86] thunderbolt: Call tb_switch_put() once DisplayPort bandwidth request
      is finished
    - perf: Disallow mis-matched inherited group reads (CVE-2023-5717)
    - [s390x] pci: fix iommu bitmap allocation
    - tracing/kprobes: Return EADDRNOTAVAIL when func matches several symbols
    - KEYS: asymmetric: Fix sign/verify on pkcs1pad without a hash
    - apple-gmux: Hard Code max brightness for MMIO gmux
    - [s390x] cio: fix a memleak in css_alloc_subchannel
    - [x86] platform/surface: platform_profile: Propagate error if profile
      registration fails
    - [x86] platform/x86: intel-uncore-freq: Conditionally create attribute for
      read frequency
    - [x86] platform/x86: msi-ec: Fix the 3rd config
    - [x86] platform/x86: asus-wmi: Change ASUS_WMI_BRN_DOWN code from 0x20 to
      0x2e
    - [x86] platform/x86: asus-wmi: Only map brightness codes when using
      asus-wmi backlight control
    - [x86] platform/x86: asus-wmi: Map 0x2a code, Ignore 0x2b and 0x2c events
    - gpiolib: acpi: Add missing memset(0) to acpi_get_gpiod_from_data()
    - gpio: vf610: set value before the direction to avoid a glitch
    - gpio: vf610: mask the gpio irq in system suspend and support wakeup
    - drm/bridge: ti-sn65dsi86: Associate DSI device lifetime with auxiliary
      device
    - [x86] drm/i915/cx0: Only clear/set the Pipe Reset bit of the PHY Lanes
      Owned
    - drm/amdgpu: Fix possible null pointer dereference
    - [powerpc*] mm: Allow ARCH_FORCE_MAX_ORDER up to 12
    - [powerpc*] qspinlock: Fix stale propagated yield_cpu
    - docs: Move rustdoc output, cross-reference it
    - [arm64] phy: qcom-qmp-usb: initialize PCS_USB registers
    - [arm64] phy: qcom-qmp-usb: split PCS_USB init table for sc8280xp and
      sa8775p
    - [arm64] phy: qcom-qmp-combo: Square out 8550 POWER_STATE_CONFIG1
    - [arm64] phy: qcom-qmp-combo: initialize PCS_USB registers
    - efi/unaccepted: Fix soft lockups caused by parallel memory acceptance
    - net: move altnames together with the netdevice
    - Bluetooth: hci_sock: fix slab oob read in create_monitor_event
    - net: rfkill: reduce data->mtx scope in rfkill_fop_open
    - Bluetooth: hci_sock: Correctly bounds check and pad HCI_MON_NEW_INDEX name
    - mptcp: avoid sending RST when closing the initial subflow
    https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.10
    - smb3: allow controlling length of time directory entries are cached with
      dir leases
    - smb3: allow controlling maximum number of cached directories
    - smb3: do not start laundromat thread when dir leases disabled
    - smb: client: do not start laundromat thread on nohandlecache
    - smb: client: make laundromat a delayed worker
    - smb: client: prevent new fids from being removed by laundromat
    - [arm64] virtio_balloon: Fix endless deflation and inflation on arm64
    - virtio-mmio: fix memory leak of vm_dev
    - virtio-crypto: handle config changed by work queue
    - virtio_pci: fix the common cfg map size
    - vsock/virtio: initialize the_virtio_vsock before using VQs
    - vhost: Allow null msg.size on VHOST_IOTLB_INVALIDATE
    - [arm64] dts: qcom: apq8096-db820c: fix missing clock populate
    - [arm64] dts: qcom: msm8996-xiaomi: fix missing clock populate
    - [arm64] dts: rockchip: use codec as clock master on px30-ringneck-haikou
    - [arm64] dts: rockchip: set codec system-clock-fixed on
      px30-ringneck-haikou
    - [arm64] dts: qcom: sa8775p: correct PMIC GPIO label in gpio-ranges
    - [arm64] dts: rockchip: Add i2s0-2ch-bus-bclk-off pins to RK3399
    - [arm64] dts: rockchip: Fix i2s0 pin conflict on ROCK Pi 4 boards
    - i40e: sync next_to_clean and next_to_process for programming status desc
    - mm: fix vm_brk_flags() to not bail out while holding lock
    - hugetlbfs: clear resv_map pointer if mmap fails
    - mm/page_alloc: correct start page when guard page debug is enabled
    - mm/migrate: fix do_pages_move for compat pointers
    - mm/mempolicy: fix set_mempolicy_home_node() previous VMA pointer
    - hugetlbfs: extend hugetlb_vma_lock to private VMAs
    - maple_tree: add GFP_KERNEL to allocations in mas_expected_entries()
    - nfsd: lock_rename() needs both directories to live on the same fs
    - [x86] drm/i915/pmu: Check if pmu is closed before stopping event
    - drm/amd: Disable ASPM for VI w/ all Intel systems
    - drm/dp_mst: Fix NULL deref in get_mst_branch_device_by_guid_helper()
    - btrfs: remove v0 extent handling
    - btrfs: fix unwritten extent buffer after snapshotting a new subvolume
    - [armhf] clk: ti: Fix missing omap4 mcbsp functional clock and aliases
    - [armhf] clk: ti: Fix missing omap5 mcbsp functional clock and aliases
    - r8169: fix the KCSAN reported data-race in rtl_tx() while reading
      tp->cur_tx
    - r8169: fix the KCSAN reported data-race in rtl_tx while reading
      TxDescArray[entry].opts1
    - r8169: fix the KCSAN reported data race in rtl_rx while reading
      desc->opts1
    - iavf: initialize waitqueues before starting watchdog_task
    - i40e: Fix I40E_FLAG_VF_VLAN_PRUNING value
    - igb: Fix potential memory leak in igb_add_ethtool_nfc_entry
    - net: do not leave an empty skb in write queue
    - neighbour: fix various data-races
    - igc: Fix ambiguity in the ethtool advertising
    - net: ethernet: adi: adin1110: Fix uninitialized variable
    - net: ieee802154: adf7242: Fix some potential buffer overflow in
      adf7242_stats_show()
    - net: usb: smsc95xx: Fix uninit-value access in smsc95xx_read_reg
    - r8152: Increase USB control msg timeout to 5000ms as per spec
    - r8152: Run the unload routine if we have errors during probe
    - r8152: Cancel hw_phy_work if we have an error in probe
    - r8152: Release firmware if we have an error in probe
    - tcp: fix wrong RTO timeout when received SACK reneging
    - wifi: cfg80211: pass correct pointer to rdev_inform_bss()
    - wifi: cfg80211: fix assoc response warning on failed links
    - wifi: mac80211: don't drop all unprotected public action frames
    - net/handshake: fix file ref count in handshake_nl_accept_doit()
    - gtp: uapi: fix GTPA_MAX
    - gtp: fix fragmentation needed check with gso
    - [x86] drm/i915/perf: Determine context valid in OA reports
    - i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR
    - netfilter: flowtable: GC pushes back packets to classic path
    - net/sched: act_ct: additional checks for outdated flows
    - drm/i915/mcr: Hold GT forcewake during steering operations
    - iavf: in iavf_down, disable queues when removing the driver
    - scsi: sd: Introduce manage_shutdown device flag
    - blk-throttle: check for overflow in calculate_bytes_allowed
    - io_uring/fdinfo: lock SQ thread while retrieving thread cpu/pid
      (CVE-2023-46862)
    - iio: afe: rescale: Accept only offset channels
    - iio: exynos-adc: request second interupt only when touchscreen mode is
      used
    - iio: adc: xilinx-xadc: Don't clobber preset voltage/temperature thresholds
    - iio: adc: xilinx-xadc: Correct temperature offset/scale for UltraScale
    - i2c: muxes: i2c-mux-pinctrl: Use of_get_i2c_adapter_by_node()
    - i2c: muxes: i2c-mux-gpmux: Use of_get_i2c_adapter_by_node()
    - i2c: muxes: i2c-demux-pinctrl: Use of_get_i2c_adapter_by_node()
    - i2c: stm32f7: Fix PEC handling in case of SMBUS transfers
    - i2c: aspeed: Fix i2c bus hang in slave read
    - tracing/kprobes: Fix symbol counting logic by looking at modules as well
    - tracing/kprobes: Fix the description of variable length arguments
    - [arm64] misc: fastrpc: Reset metadata buffer to avoid incorrect free
    - [arm64] misc: fastrpc: Free DMA handles for RPC calls with no arguments
    - [arm64] misc: fastrpc: Clean buffers on remote invocation failures
    - [arm64] misc: fastrpc: Unmap only if buffer is unmapped from DSP
    - [arm64,armhf] nvmem: imx: correct nregs for i.MX6ULL
    - [arm64,armhf] nvmem: imx: correct nregs for i.MX6SLL
    - [arm64,armhf] nvmem: imx: correct nregs for i.MX6UL
    - [x86] tsc: Defer marking TSC unstable to a worker
    - [x86] i8259: Skip probing when ACPI/MADT advertises PCAT compatibility
    - [x86] cpu: Add model number for Intel Arrow Lake mobile processor
    - perf/core: Fix potential NULL deref
    - clk: Sanitize possible_parent_show to Handle Return Value of
      of_clk_get_parent_name
    - [armhf] clk: socfpga: gate: Account for the divider in determine_rate
    - [armhf] clk: stm32: Fix a signedness issue in
      clk_stm32_composite_determine_rate()
    - [x86] platform/x86: Add s2idle quirk for more Lenovo laptops
    - mm/damon/sysfs: check DAMOS regions update progress from
      before_terminate()

  [ Emanuele Rocca ]
  * Disable DEBUG_PREEMPT as it introduces slowdowns up to 20% on certain
    workloads.

  [ Salvatore Bonaccorso ]
  * Bump ABI to 4
  * Do not explicitly unset DEBUG_PREEMPT (not enabled by default since 6.3-rc1)

[dgit import unpatched linux 6.5.10-1]

Import linux_6.5.10.orig.tar.xz

[dgit import orig linux_6.5.10.orig.tar.xz]

Import linux_6.5.10-1.debian.tar.xz

[dgit import tarball linux 6.5.10-1 linux_6.5.10-1.debian.tar.xz]