diff options
30 files changed, 3610 insertions, 3114 deletions
diff --git a/sys-kernel/linux-image-redcore/Manifest b/sys-kernel/linux-image-redcore/Manifest index 30fbe503..8028344a 100644 --- a/sys-kernel/linux-image-redcore/Manifest +++ b/sys-kernel/linux-image-redcore/Manifest @@ -1 +1 @@ -DIST linux-4.16.16.tar.xz 103067792 BLAKE2B bb7c9fb78053e63d42c42d51852a30f28426696f93a87f877a55ca7e8b95eaece028c3c75300ddf596ba5f2a05b443d63bef54c00f60cda1584aa7103147b8d2 SHA512 549216593145c32aeb2bff64e353ba3bddf757d18cae9dae958d95431d30a82df782da3911740d19246bc25b5a00a8d14efa225e50281b74722bca03fef04f8d +DIST linux-4.18.5.tar.xz 101796536 BLAKE2B db7c4a46aba53d38ccc5f28a7da4a21f3d53667751f61595123f89e47e956bf13bcd6df85df47e78d2794fe78a7ec6c9082e64cb3025d6c5c1743d9935dde375 SHA512 604b334ccd74b230faf21db8887e382c49d4877ec8ce8298c079001a12222a6c7be2542c8f37c025cb3d625905d30e4c8c37267f0285aea25bbbe5aa3457040c diff --git a/sys-kernel/linux-image-redcore/files/0001-Make-it-possible-to-disable-SWIOTLB-code-on-admgpu-a.patch b/sys-kernel/linux-image-redcore/files/0001-Make-it-possible-to-disable-SWIOTLB-code-on-admgpu-a.patch deleted file mode 100644 index 1d988b37..00000000 --- a/sys-kernel/linux-image-redcore/files/0001-Make-it-possible-to-disable-SWIOTLB-code-on-admgpu-a.patch +++ /dev/null @@ -1,206 +0,0 @@ -From 6aa339bd361e862edb7724a4c61969ed72f3035f Mon Sep 17 00:00:00 2001 -From: Gabriel Craciunescu <nix.or.die@gmail.com> -Date: Thu, 12 Apr 2018 03:20:06 +0200 -Subject: [PATCH] Make it possible to disable SWIOTLB code on admgpu and radeon - - added admgpu.swiotlb and radeon.swiotlb option, defaults to disabled - since new the code doesn't seems to work good or work at all on some HW. - - https://lkml.org/lkml/2018/4/5/737 - https://bugzilla.kernel.org/show_bug.cgi?id=198511 - https://bugs.freedesktop.org/show_bug.cgi?id=105038 ---- - drivers/gpu/drm/amd/amdgpu/amdgpu.h | 1 + - drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c | 10 ++++++++++ - drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c | 20 +++++++++++++------- - drivers/gpu/drm/radeon/radeon.h | 1 + - drivers/gpu/drm/radeon/radeon_drv.c | 9 +++++++++ - drivers/gpu/drm/radeon/radeon_ttm.c | 20 +++++++++++++------- - 6 files changed, 47 insertions(+), 14 deletions(-) - -diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu.h b/drivers/gpu/drm/amd/amdgpu/amdgpu.h -index 74edba18b159..8371b06e5ecf 100644 ---- a/drivers/gpu/drm/amd/amdgpu/amdgpu.h -+++ b/drivers/gpu/drm/amd/amdgpu/amdgpu.h -@@ -127,6 +127,7 @@ extern int amdgpu_job_hang_limit; - extern int amdgpu_lbpw; - extern int amdgpu_compute_multipipe; - extern int amdgpu_gpu_recovery; -+extern int amdgpu_swiotlb; - - #ifdef CONFIG_DRM_AMDGPU_SI - extern int amdgpu_si_support; -diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c -index 50afcf65181a..d67c411fbaad 100644 ---- a/drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c -+++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c -@@ -129,6 +129,8 @@ int amdgpu_job_hang_limit = 0; - int amdgpu_lbpw = -1; - int amdgpu_compute_multipipe = -1; - int amdgpu_gpu_recovery = -1; /* auto */ -+int amdgpu_swiotlb = 0; -+ - - MODULE_PARM_DESC(vramlimit, "Restrict VRAM for testing, in megabytes"); - module_param_named(vramlimit, amdgpu_vram_limit, int, 0600); -@@ -284,6 +286,9 @@ module_param_named(compute_multipipe, amdgpu_compute_multipipe, int, 0444); - MODULE_PARM_DESC(gpu_recovery, "Enable GPU recovery mechanism, (1 = enable, 0 = disable, -1 = auto"); - module_param_named(gpu_recovery, amdgpu_gpu_recovery, int, 0444); - -+MODULE_PARM_DESC(swiotlb, "Enable new SWIOTLB code , (1 = enable , 0 = disable ( default )"); -+module_param_named(swiotlb, amdgpu_swiotlb, int, 0444); -+ - #ifdef CONFIG_DRM_AMDGPU_SI - - #if defined(CONFIG_DRM_RADEON) || defined(CONFIG_DRM_RADEON_MODULE) -@@ -918,6 +923,11 @@ static int __init amdgpu_init(void) - return -EINVAL; - } - DRM_INFO("amdgpu kernel modesetting enabled.\n"); -+ -+ if(amdgpu_swiotlb) { -+ DRM_INFO("amdgpu new SWIOTLB code enabled.\n"); -+ } -+ - driver = &kms_driver; - pdriver = &amdgpu_kms_pci_driver; - driver->num_ioctls = amdgpu_max_kms_ioctl; -diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c -index e4bb435e614b..58cd95c35a54 100644 ---- a/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c -+++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c -@@ -1018,8 +1018,10 @@ static int amdgpu_ttm_tt_populate(struct ttm_tt *ttm, - } - - #ifdef CONFIG_SWIOTLB -- if (swiotlb_nr_tbl()) { -- return ttm_dma_populate(>t->ttm, adev->dev, ctx); -+ if (amdgpu_swiotlb) { -+ if (swiotlb_nr_tbl()) { -+ return ttm_dma_populate(>t->ttm, adev->dev, ctx); -+ } - } - #endif - -@@ -1045,9 +1047,11 @@ static void amdgpu_ttm_tt_unpopulate(struct ttm_tt *ttm) - adev = amdgpu_ttm_adev(ttm->bdev); - - #ifdef CONFIG_SWIOTLB -- if (swiotlb_nr_tbl()) { -- ttm_dma_unpopulate(>t->ttm, adev->dev); -- return; -+ if (amdgpu_swiotlb) { -+ if (swiotlb_nr_tbl()) { -+ ttm_dma_unpopulate(>t->ttm, adev->dev); -+ return; -+ } - } - #endif - -@@ -2010,8 +2014,10 @@ static int amdgpu_ttm_debugfs_init(struct amdgpu_device *adev) - count = ARRAY_SIZE(amdgpu_ttm_debugfs_list); - - #ifdef CONFIG_SWIOTLB -- if (!swiotlb_nr_tbl()) -- --count; -+ if (amdgpu_swiotlb) { -+ if (!swiotlb_nr_tbl()) -+ --count; -+ } - #endif - - return amdgpu_debugfs_add_files(adev, amdgpu_ttm_debugfs_list, count); -diff --git a/drivers/gpu/drm/radeon/radeon.h b/drivers/gpu/drm/radeon/radeon.h -index d34887873dea..d614de12e30c 100644 ---- a/drivers/gpu/drm/radeon/radeon.h -+++ b/drivers/gpu/drm/radeon/radeon.h -@@ -117,6 +117,7 @@ extern int radeon_uvd; - extern int radeon_vce; - extern int radeon_si_support; - extern int radeon_cik_support; -+extern int radeon_swiotlb; - - /* - * Copy from radeon_drv.h so we don't have to include both and have conflicting -diff --git a/drivers/gpu/drm/radeon/radeon_drv.c b/drivers/gpu/drm/radeon/radeon_drv.c -index 31dd04f6baa1..20b1110e4698 100644 ---- a/drivers/gpu/drm/radeon/radeon_drv.c -+++ b/drivers/gpu/drm/radeon/radeon_drv.c -@@ -196,6 +196,7 @@ int radeon_auxch = -1; - int radeon_mst = 0; - int radeon_uvd = 1; - int radeon_vce = 1; -+int radeon_swiotlb = 0; - - MODULE_PARM_DESC(no_wb, "Disable AGP writeback for scratch registers"); - module_param_named(no_wb, radeon_no_wb, int, 0444); -@@ -301,6 +302,9 @@ int radeon_cik_support = 1; - MODULE_PARM_DESC(cik_support, "CIK support (1 = enabled (default), 0 = disabled)"); - module_param_named(cik_support, radeon_cik_support, int, 0444); - -+MODULE_PARM_DESC(swiotlb, "Enable new SWIOTLB code , (1 = enable, 0 = disable ( default )"); -+module_param_named(swiotlb, radeon_swiotlb, int, 0444); -+ - static struct pci_device_id pciidlist[] = { - radeon_PCI_IDS - }; -@@ -620,6 +624,11 @@ static int __init radeon_init(void) - - if (radeon_modeset == 1) { - DRM_INFO("radeon kernel modesetting enabled.\n"); -+ -+ if(radeon_swiotlb) { -+ DRM_INFO("radeon new SWIOTLB code enabled.\n"); -+ } -+ - driver = &kms_driver; - pdriver = &radeon_kms_pci_driver; - driver->driver_features |= DRIVER_MODESET; -diff --git a/drivers/gpu/drm/radeon/radeon_ttm.c b/drivers/gpu/drm/radeon/radeon_ttm.c -index a0a839bc39bf..952b1216c729 100644 ---- a/drivers/gpu/drm/radeon/radeon_ttm.c -+++ b/drivers/gpu/drm/radeon/radeon_ttm.c -@@ -756,8 +756,10 @@ static int radeon_ttm_tt_populate(struct ttm_tt *ttm, - #endif - - #ifdef CONFIG_SWIOTLB -- if (swiotlb_nr_tbl()) { -- return ttm_dma_populate(>t->ttm, rdev->dev, ctx); -+ if (radeon_swiotlb) { -+ if (swiotlb_nr_tbl()) { -+ return ttm_dma_populate(>t->ttm, rdev->dev, ctx); -+ } - } - #endif - -@@ -788,9 +790,11 @@ static void radeon_ttm_tt_unpopulate(struct ttm_tt *ttm) - #endif - - #ifdef CONFIG_SWIOTLB -- if (swiotlb_nr_tbl()) { -- ttm_dma_unpopulate(>t->ttm, rdev->dev); -- return; -+ if (radeon_swiotlb) { -+ if (swiotlb_nr_tbl()) { -+ ttm_dma_unpopulate(>t->ttm, rdev->dev); -+ return; -+ } - } - #endif - -@@ -1155,8 +1159,10 @@ static int radeon_ttm_debugfs_init(struct radeon_device *rdev) - count = ARRAY_SIZE(radeon_ttm_debugfs_list); - - #ifdef CONFIG_SWIOTLB -- if (!swiotlb_nr_tbl()) -- --count; -+ if (radeon_swiotlb) { -+ if (!swiotlb_nr_tbl()) -+ --count; -+ } - #endif - - return radeon_debugfs_add_files(rdev, radeon_ttm_debugfs_list, count); --- -2.17.0 - diff --git a/sys-kernel/linux-image-redcore/files/0001-Revert-ath10k-activate-user-space-firmware-loading-a.patch b/sys-kernel/linux-image-redcore/files/0001-Revert-ath10k-activate-user-space-firmware-loading-a.patch deleted file mode 100644 index 281ede4b..00000000 --- a/sys-kernel/linux-image-redcore/files/0001-Revert-ath10k-activate-user-space-firmware-loading-a.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 180dee4ae482fd31fb7f53f7e2d2bd62d1210383 Mon Sep 17 00:00:00 2001 -From: Gabriel Craciunescu <nix.or.die@gmail.com> -Date: Mon, 13 Nov 2017 12:54:26 +0100 -Subject: [PATCH] Revert "ath10k: activate user space firmware loading again" - This reverts commit c0cc00f250e19c717fc9cdbdb7f55aaa569c7498. - - Huh ? That fixes nothing but introduce *again* flooding users - dmesg with 'strange' firmware loading failures. - As example a hw1.0 QCA9377 card floods with: - - ... - ath10k_pci 0000:03:00.0: Direct firmware load for ath10k/pre-cal-pci-0000:03:00.0.bin failed with error -2 - ath10k_pci 0000:03:00.0: Direct firmware load for ath10k/cal-pci-0000:03:00.0.bin failed with error -2 - ath10k_pci 0000:03:00.0: Direct firmware load for ath10k/QCA9377/hw1.0/firmware-6.bin failed with error -2 - ... ---- - drivers/net/wireless/ath/ath10k/core.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/drivers/net/wireless/ath/ath10k/core.c b/drivers/net/wireless/ath/ath10k/core.c -index a4f635820f35..9b4c4facf725 100644 ---- a/drivers/net/wireless/ath/ath10k/core.c -+++ b/drivers/net/wireless/ath/ath10k/core.c -@@ -519,7 +519,7 @@ static const struct firmware *ath10k_fetch_fw_file(struct ath10k *ar, - dir = "."; - - snprintf(filename, sizeof(filename), "%s/%s", dir, file); -- ret = request_firmware(&fw, filename, ar->dev); -+ ret = request_firmware_direct(&fw, filename, ar->dev); - ath10k_dbg(ar, ATH10K_DBG_BOOT, "boot fw request '%s': %d\n", - filename, ret); - --- -2.15.0 - diff --git a/sys-kernel/linux-image-redcore/files/0001-Revert-swiotlb-remove-various-exports.patch b/sys-kernel/linux-image-redcore/files/0001-Revert-swiotlb-remove-various-exports.patch deleted file mode 100644 index 71133922..00000000 --- a/sys-kernel/linux-image-redcore/files/0001-Revert-swiotlb-remove-various-exports.patch +++ /dev/null @@ -1,125 +0,0 @@ -From f79f0faf65fedc6d8ef44c5aff3b673ae0d1793c Mon Sep 17 00:00:00 2001 -From: Gabriel Craciunescu <crazy@frugalware.org> -Date: Mon, 9 Apr 2018 20:57:38 +0200 -Subject: [PATCH] Revert "swiotlb: remove various exports" - -This reverts commit 4bd89ed39b2ab8dc4ac4b6c59b07d420b0213bec. - -I know NVIDIA ... but lets be nice.. -Until sorted revert the whole commit -see : https://bugzilla.kernel.org/show_bug.cgi?id=198997 - ---- - lib/swiotlb.c | 13 +++++++++++++ - 1 file changed, 13 insertions(+) - -diff --git a/lib/swiotlb.c b/lib/swiotlb.c -index c43ec2271469..0039b7c5e690 100644 ---- a/lib/swiotlb.c -+++ b/lib/swiotlb.c -@@ -605,6 +605,7 @@ phys_addr_t swiotlb_tbl_map_single(struct device *hwdev, - - return tlb_addr; - } -+EXPORT_SYMBOL_GPL(swiotlb_tbl_map_single); - - /* - * Allocates bounce buffer and returns its kernel virtual address. -@@ -674,6 +675,7 @@ void swiotlb_tbl_unmap_single(struct device *hwdev, phys_addr_t tlb_addr, - } - spin_unlock_irqrestore(&io_tlb_lock, flags); - } -+EXPORT_SYMBOL_GPL(swiotlb_tbl_unmap_single); - - void swiotlb_tbl_sync_single(struct device *hwdev, phys_addr_t tlb_addr, - size_t size, enum dma_data_direction dir, -@@ -705,6 +707,7 @@ void swiotlb_tbl_sync_single(struct device *hwdev, phys_addr_t tlb_addr, - BUG(); - } - } -+EXPORT_SYMBOL_GPL(swiotlb_tbl_sync_single); - - static inline bool dma_coherent_ok(struct device *dev, dma_addr_t addr, - size_t size) -@@ -881,6 +884,7 @@ dma_addr_t swiotlb_map_page(struct device *dev, struct page *page, - - return swiotlb_phys_to_dma(dev, io_tlb_overflow_buffer); - } -+EXPORT_SYMBOL_GPL(swiotlb_map_page); - - /* - * Unmap a single streaming mode DMA translation. The dma_addr and size must -@@ -921,6 +925,7 @@ void swiotlb_unmap_page(struct device *hwdev, dma_addr_t dev_addr, - { - unmap_single(hwdev, dev_addr, size, dir, attrs); - } -+EXPORT_SYMBOL_GPL(swiotlb_unmap_page); - - /* - * Make physical memory consistent for a single streaming mode DMA translation -@@ -958,6 +963,7 @@ swiotlb_sync_single_for_cpu(struct device *hwdev, dma_addr_t dev_addr, - { - swiotlb_sync_single(hwdev, dev_addr, size, dir, SYNC_FOR_CPU); - } -+EXPORT_SYMBOL(swiotlb_sync_single_for_cpu); - - void - swiotlb_sync_single_for_device(struct device *hwdev, dma_addr_t dev_addr, -@@ -965,6 +971,7 @@ swiotlb_sync_single_for_device(struct device *hwdev, dma_addr_t dev_addr, - { - swiotlb_sync_single(hwdev, dev_addr, size, dir, SYNC_FOR_DEVICE); - } -+EXPORT_SYMBOL(swiotlb_sync_single_for_device); - - /* - * Map a set of buffers described by scatterlist in streaming mode for DMA. -@@ -1016,6 +1023,7 @@ swiotlb_map_sg_attrs(struct device *hwdev, struct scatterlist *sgl, int nelems, - } - return nelems; - } -+EXPORT_SYMBOL(swiotlb_map_sg_attrs); - - /* - * Unmap a set of streaming mode DMA translations. Again, cpu read rules -@@ -1035,6 +1043,7 @@ swiotlb_unmap_sg_attrs(struct device *hwdev, struct scatterlist *sgl, - unmap_single(hwdev, sg->dma_address, sg_dma_len(sg), dir, - attrs); - } -+EXPORT_SYMBOL(swiotlb_unmap_sg_attrs); - - /* - * Make physical memory consistent for a set of streaming mode DMA translations -@@ -1062,6 +1071,7 @@ swiotlb_sync_sg_for_cpu(struct device *hwdev, struct scatterlist *sg, - { - swiotlb_sync_sg(hwdev, sg, nelems, dir, SYNC_FOR_CPU); - } -+EXPORT_SYMBOL(swiotlb_sync_sg_for_cpu); - - void - swiotlb_sync_sg_for_device(struct device *hwdev, struct scatterlist *sg, -@@ -1069,12 +1079,14 @@ swiotlb_sync_sg_for_device(struct device *hwdev, struct scatterlist *sg, - { - swiotlb_sync_sg(hwdev, sg, nelems, dir, SYNC_FOR_DEVICE); - } -+EXPORT_SYMBOL(swiotlb_sync_sg_for_device); - - int - swiotlb_dma_mapping_error(struct device *hwdev, dma_addr_t dma_addr) - { - return (dma_addr == swiotlb_phys_to_dma(hwdev, io_tlb_overflow_buffer)); - } -+EXPORT_SYMBOL(swiotlb_dma_mapping_error); - - /* - * Return whether the given device DMA address mask can be supported -@@ -1087,6 +1099,7 @@ swiotlb_dma_supported(struct device *hwdev, u64 mask) - { - return swiotlb_phys_to_dma(hwdev, io_tlb_end - 1) <= mask; - } -+EXPORT_SYMBOL(swiotlb_dma_supported); - - #ifdef CONFIG_DMA_DIRECT_OPS - void *swiotlb_alloc(struct device *dev, size_t size, dma_addr_t *dma_handle, --- -2.17.0 - diff --git a/sys-kernel/linux-image-redcore/files/dma_coherent_ok-logic.patch b/sys-kernel/linux-image-redcore/files/dma_coherent_ok-logic.patch deleted file mode 100644 index 19e01d57..00000000 --- a/sys-kernel/linux-image-redcore/files/dma_coherent_ok-logic.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -Naur linux-4.16.2/lib/swiotlb.c linux-4.16.2-p/lib/swiotlb.c ---- linux-4.16.2/lib/swiotlb.c 2018-04-12 12:30:01.000000000 +0200 -+++ linux-4.16.2-p/lib/swiotlb.c 2018-04-12 18:01:27.122073379 +0200 -@@ -732,7 +732,7 @@ - goto out_warn; - - *dma_handle = swiotlb_phys_to_dma(dev, phys_addr); -- if (dma_coherent_ok(dev, *dma_handle, size)) -+ if (!dma_coherent_ok(dev, *dma_handle, size)) - goto out_unmap; - - memset(phys_to_virt(phys_addr), 0, size); diff --git a/sys-kernel/linux-image-redcore/files/enable_alx_wol.patch b/sys-kernel/linux-image-redcore/files/enable_alx_wol.patch index f9347bfa..1b7f6e13 100644 --- a/sys-kernel/linux-image-redcore/files/enable_alx_wol.patch +++ b/sys-kernel/linux-image-redcore/files/enable_alx_wol.patch @@ -1,7 +1,8 @@ -diff -Nur a/drivers/net/ethernet/atheros/alx/ethtool.c b/drivers/net/ethernet/atheros/alx/ethtool.c ---- a/drivers/net/ethernet/atheros/alx/ethtool.c 2018-04-01 22:20:27.000000000 +0100 -+++ b/drivers/net/ethernet/atheros/alx/ethtool.c 2018-04-06 01:07:48.163242605 +0100 -@@ -310,11 +310,47 @@ +diff --git a/drivers/net/ethernet/atheros/alx/ethtool.c b/drivers/net/ethernet/atheros/alx/ethtool.c +index 2f4eabf652e8..859e27236ce4 100644 +--- a/drivers/net/ethernet/atheros/alx/ethtool.c ++++ b/drivers/net/ethernet/atheros/alx/ethtool.c +@@ -310,11 +310,47 @@ static int alx_get_sset_count(struct net_device *netdev, int sset) } } @@ -49,10 +50,11 @@ diff -Nur a/drivers/net/ethernet/atheros/alx/ethtool.c b/drivers/net/ethernet/at .get_link = ethtool_op_get_link, .get_strings = alx_get_strings, .get_sset_count = alx_get_sset_count, -diff -Nur a/drivers/net/ethernet/atheros/alx/hw.c b/drivers/net/ethernet/atheros/alx/hw.c ---- a/drivers/net/ethernet/atheros/alx/hw.c 2018-04-01 22:20:27.000000000 +0100 -+++ b/drivers/net/ethernet/atheros/alx/hw.c 2018-04-06 01:07:48.163242605 +0100 -@@ -332,6 +332,16 @@ +diff --git a/drivers/net/ethernet/atheros/alx/hw.c b/drivers/net/ethernet/atheros/alx/hw.c +index 6ac40b0003a3..4791b9dbbe26 100644 +--- a/drivers/net/ethernet/atheros/alx/hw.c ++++ b/drivers/net/ethernet/atheros/alx/hw.c +@@ -332,6 +332,16 @@ void alx_set_macaddr(struct alx_hw *hw, const u8 *addr) alx_write_mem32(hw, ALX_STAD1, val); } @@ -69,7 +71,7 @@ diff -Nur a/drivers/net/ethernet/atheros/alx/hw.c b/drivers/net/ethernet/atheros static void alx_reset_osc(struct alx_hw *hw, u8 rev) { u32 val, val2; -@@ -848,6 +858,66 @@ +@@ -848,6 +858,66 @@ void alx_post_phy_link(struct alx_hw *hw) } } @@ -136,7 +138,7 @@ diff -Nur a/drivers/net/ethernet/atheros/alx/hw.c b/drivers/net/ethernet/atheros bool alx_phy_configured(struct alx_hw *hw) { u32 cfg, hw_cfg; -@@ -920,6 +990,26 @@ +@@ -920,6 +990,26 @@ int alx_clear_phy_intr(struct alx_hw *hw) return alx_read_phy_reg(hw, ALX_MII_ISR, &isr); } @@ -163,7 +165,7 @@ diff -Nur a/drivers/net/ethernet/atheros/alx/hw.c b/drivers/net/ethernet/atheros void alx_disable_rss(struct alx_hw *hw) { u32 ctrl = alx_read_mem32(hw, ALX_RXQ0); -@@ -1045,6 +1135,71 @@ +@@ -1045,6 +1135,71 @@ void alx_mask_msix(struct alx_hw *hw, int index, bool mask) } @@ -235,10 +237,11 @@ diff -Nur a/drivers/net/ethernet/atheros/alx/hw.c b/drivers/net/ethernet/atheros bool alx_get_phy_info(struct alx_hw *hw) { u16 devs1, devs2; -diff -Nur a/drivers/net/ethernet/atheros/alx/hw.h b/drivers/net/ethernet/atheros/alx/hw.h ---- a/drivers/net/ethernet/atheros/alx/hw.h 2018-04-01 22:20:27.000000000 +0100 -+++ b/drivers/net/ethernet/atheros/alx/hw.h 2018-04-06 01:07:48.163242605 +0100 -@@ -487,6 +487,8 @@ +diff --git a/drivers/net/ethernet/atheros/alx/hw.h b/drivers/net/ethernet/atheros/alx/hw.h +index e42d7e0947eb..a7fb6c8d846a 100644 +--- a/drivers/net/ethernet/atheros/alx/hw.h ++++ b/drivers/net/ethernet/atheros/alx/hw.h +@@ -487,6 +487,8 @@ struct alx_hw { u8 flowctrl; u32 adv_cfg; @@ -247,7 +250,7 @@ diff -Nur a/drivers/net/ethernet/atheros/alx/hw.h b/drivers/net/ethernet/atheros spinlock_t mdio_lock; struct mdio_if_info mdio; u16 phy_id[2]; -@@ -549,12 +551,14 @@ +@@ -549,12 +551,14 @@ void alx_reset_pcie(struct alx_hw *hw); void alx_enable_aspm(struct alx_hw *hw, bool l0s_en, bool l1_en); int alx_setup_speed_duplex(struct alx_hw *hw, u32 ethadv, u8 flowctrl); void alx_post_phy_link(struct alx_hw *hw); @@ -262,7 +265,7 @@ diff -Nur a/drivers/net/ethernet/atheros/alx/hw.h b/drivers/net/ethernet/atheros void alx_cfg_mac_flowcontrol(struct alx_hw *hw, u8 fc); void alx_start_mac(struct alx_hw *hw); int alx_reset_mac(struct alx_hw *hw); -@@ -563,6 +567,7 @@ +@@ -563,6 +567,7 @@ bool alx_phy_configured(struct alx_hw *hw); void alx_configure_basic(struct alx_hw *hw); void alx_mask_msix(struct alx_hw *hw, int index, bool mask); void alx_disable_rss(struct alx_hw *hw); @@ -270,10 +273,11 @@ diff -Nur a/drivers/net/ethernet/atheros/alx/hw.h b/drivers/net/ethernet/atheros bool alx_get_phy_info(struct alx_hw *hw); void alx_update_hw_stats(struct alx_hw *hw); -diff -Nur a/drivers/net/ethernet/atheros/alx/main.c b/drivers/net/ethernet/atheros/alx/main.c ---- a/drivers/net/ethernet/atheros/alx/main.c 2018-04-01 22:20:27.000000000 +0100 -+++ b/drivers/net/ethernet/atheros/alx/main.c 2018-04-06 01:07:48.164242638 +0100 -@@ -1070,6 +1070,7 @@ +diff --git a/drivers/net/ethernet/atheros/alx/main.c b/drivers/net/ethernet/atheros/alx/main.c +index 5e5022fa1d04..7adaf10a1929 100644 +--- a/drivers/net/ethernet/atheros/alx/main.c ++++ b/drivers/net/ethernet/atheros/alx/main.c +@@ -1070,6 +1070,7 @@ static int alx_init_sw(struct alx_priv *alx) alx->dev->max_mtu = ALX_MAX_FRAME_LEN(ALX_MAX_FRAME_SIZE); alx->tx_ringsz = 256; alx->rx_ringsz = 512; @@ -281,7 +285,7 @@ diff -Nur a/drivers/net/ethernet/atheros/alx/main.c b/drivers/net/ethernet/ather hw->imt = 200; alx->int_mask = ALX_ISR_MISC; hw->dma_chnl = hw->max_dma_chnl; -@@ -1345,6 +1346,65 @@ +@@ -1345,6 +1346,65 @@ static int alx_stop(struct net_device *netdev) __alx_stop(netdev_priv(netdev)); return 0; } @@ -347,7 +351,7 @@ diff -Nur a/drivers/net/ethernet/atheros/alx/main.c b/drivers/net/ethernet/ather static void alx_link_check(struct work_struct *work) { -@@ -1841,6 +1901,8 @@ +@@ -1841,6 +1901,8 @@ static int alx_probe(struct pci_dev *pdev, const struct pci_device_id *ent) goto out_unmap; } @@ -356,7 +360,7 @@ diff -Nur a/drivers/net/ethernet/atheros/alx/main.c b/drivers/net/ethernet/ather netdev_info(netdev, "Qualcomm Atheros AR816x/AR817x Ethernet [%pM]\n", netdev->dev_addr); -@@ -1883,12 +1945,21 @@ +@@ -1883,12 +1945,21 @@ static void alx_remove(struct pci_dev *pdev) static int alx_suspend(struct device *dev) { struct pci_dev *pdev = to_pci_dev(dev); @@ -383,13 +387,23 @@ diff -Nur a/drivers/net/ethernet/atheros/alx/main.c b/drivers/net/ethernet/ather return 0; } -@@ -1896,20 +1967,47 @@ +@@ -1896,26 +1967,49 @@ static int alx_resume(struct device *dev) { struct pci_dev *pdev = to_pci_dev(dev); struct alx_priv *alx = pci_get_drvdata(pdev); - struct alx_hw *hw = &alx->hw; +- int err; - - alx_reset_phy(hw); +- +- if (!netif_running(alx->dev)) +- return 0; +- netif_device_attach(alx->dev); +- +- rtnl_lock(); +- err = __alx_open(alx, true); +- rtnl_unlock(); +- + struct net_device *netdev = alx->dev; + struct alx_hw *hw = &alx->hw; + int err; @@ -422,17 +436,15 @@ diff -Nur a/drivers/net/ethernet/atheros/alx/main.c b/drivers/net/ethernet/ather + } + + if (netif_running(netdev)) { ++ rtnl_lock(); + err = __alx_open(alx, true); ++ rtnl_unlock(); + if (err) + return err; + } - -- if (!netif_running(alx->dev)) -- return 0; -- netif_device_attach(alx->dev); -- return __alx_open(alx, true); ++ + netif_device_attach(netdev); -+ return err; + return err; } -static SIMPLE_DEV_PM_OPS(alx_pm_ops, alx_suspend, alx_resume); @@ -442,7 +454,7 @@ diff -Nur a/drivers/net/ethernet/atheros/alx/main.c b/drivers/net/ethernet/ather #endif -@@ -1955,6 +2053,8 @@ +@@ -1961,6 +2055,8 @@ static pci_ers_result_t alx_pci_error_slot_reset(struct pci_dev *pdev) } pci_set_master(pdev); @@ -451,7 +463,7 @@ diff -Nur a/drivers/net/ethernet/atheros/alx/main.c b/drivers/net/ethernet/ather alx_reset_pcie(hw); if (!alx_reset_mac(hw)) -@@ -2006,11 +2106,19 @@ +@@ -2012,11 +2108,19 @@ static const struct pci_device_id alx_pci_tbl[] = { {} }; diff --git a/sys-kernel/linux-image-redcore/files/fix-spectre_v2-mitigation-strings.patch b/sys-kernel/linux-image-redcore/files/fix-spectre_v2-mitigation-strings.patch deleted file mode 100644 index f77bb823..00000000 --- a/sys-kernel/linux-image-redcore/files/fix-spectre_v2-mitigation-strings.patch +++ /dev/null @@ -1,28 +0,0 @@ -diff -Naur linux-4.16.5/arch/x86/kernel/cpu/bugs.c linux-4.16.5-p/arch/x86/kernel/cpu/bugs.c ---- linux-4.16.5/arch/x86/kernel/cpu/bugs.c 2018-04-26 11:00:39.000000000 +0200 -+++ linux-4.16.5-p/arch/x86/kernel/cpu/bugs.c 2018-04-28 02:34:28.424306602 +0200 -@@ -292,13 +292,13 @@ - if ((!boot_cpu_has(X86_FEATURE_PTI) && - !boot_cpu_has(X86_FEATURE_SMEP)) || is_skylake_era()) { - setup_force_cpu_cap(X86_FEATURE_RSB_CTXSW); -- pr_info("Spectre v2 mitigation: Filling RSB on context switch\n"); -+ pr_info("Mitigation: Filling RSB on context switch\n"); - } - - /* Initialize Indirect Branch Prediction Barrier if supported */ - if (boot_cpu_has(X86_FEATURE_IBPB)) { - setup_force_cpu_cap(X86_FEATURE_USE_IBPB); -- pr_info("Spectre v2 mitigation: Enabling Indirect Branch Prediction Barrier\n"); -+ pr_info("Mitigation: Enabling Indirect Branch Prediction Barrier\n"); - } - - /* -@@ -307,7 +307,7 @@ - */ - if (boot_cpu_has(X86_FEATURE_IBRS)) { - setup_force_cpu_cap(X86_FEATURE_USE_IBRS_FW); -- pr_info("Enabling Restricted Speculation for firmware calls\n"); -+ pr_info("Mitigation: Enabling Restricted Speculation for firmware calls\n"); - } - } - diff --git a/sys-kernel/linux-image-redcore/files/linux-hardened-v3.patch b/sys-kernel/linux-image-redcore/files/linux-hardened.patch index 53bb313f..7a46a91b 100644 --- a/sys-kernel/linux-image-redcore/files/linux-hardened-v3.patch +++ b/sys-kernel/linux-image-redcore/files/linux-hardened.patch @@ -1,14 +1,176 @@ -diff -Nur a/arch/arm64/configs/defconfig b/arch/arm64/configs/defconfig ---- a/arch/arm64/configs/defconfig 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/arm64/configs/defconfig 2018-05-22 19:56:23.693071674 +0100 +diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt +index 1370b424a453..54d7125d6912 100644 +--- a/Documentation/admin-guide/kernel-parameters.txt ++++ b/Documentation/admin-guide/kernel-parameters.txt +@@ -496,16 +496,6 @@ + nosocket -- Disable socket memory accounting. + nokmem -- Disable kernel memory accounting. + +- checkreqprot [SELINUX] Set initial checkreqprot flag value. +- Format: { "0" | "1" } +- See security/selinux/Kconfig help text. +- 0 -- check protection applied by kernel (includes +- any implied execute protection). +- 1 -- check protection requested by application. +- Default value is set via a kernel config option. +- Value can be changed at runtime via +- /selinux/checkreqprot. +- + cio_ignore= [S390] + See Documentation/s390/CommonIO for details. + clk_ignore_unused +@@ -3066,6 +3056,11 @@ + the specified number of seconds. This is to be used if + your oopses keep scrolling off the screen. + ++ extra_latent_entropy ++ Enable a very simple form of latent entropy extraction ++ from the first 4GB of memory as the bootmem allocator ++ passes the memory pages to the buddy allocator. ++ + pcbit= [HW,ISDN] + + pcd. [PARIDE] +diff --git a/Documentation/sysctl/kernel.txt b/Documentation/sysctl/kernel.txt +index eded671d55eb..0abfc33f101d 100644 +--- a/Documentation/sysctl/kernel.txt ++++ b/Documentation/sysctl/kernel.txt +@@ -92,6 +92,7 @@ show up in /proc/sys/kernel: + - sysctl_writes_strict + - tainted + - threads-max ++- tiocsti_restrict + - unknown_nmi_panic + - watchdog + - watchdog_thresh +@@ -1016,6 +1017,26 @@ available RAM pages threads-max is reduced accordingly. + + ============================================================== + ++tiocsti_restrict: ++ ++This toggle indicates whether unprivileged users are prevented ++from using the TIOCSTI ioctl to inject commands into other processes ++which share a tty session. ++ ++When tiocsti_restrict is set to (0) there are no restrictions(accept ++the default restriction of only being able to injection commands into ++one's own tty). When tiocsti_restrict is set to (1), users must ++have CAP_SYS_ADMIN to use the TIOCSTI ioctl. ++ ++When user namespaces are in use, the check for the capability ++CAP_SYS_ADMIN is done against the user namespace that originally ++opened the tty. ++ ++The kernel config option CONFIG_SECURITY_TIOCSTI_RESTRICT sets the ++default value of tiocsti_restrict. ++ ++============================================================== ++ + unknown_nmi_panic: + + The value in this file affects behavior of handling NMI. When the +diff --git a/Makefile b/Makefile +index a41692c5827a..ce817616d8a9 100644 +--- a/Makefile ++++ b/Makefile +@@ -688,6 +688,9 @@ stackp-flags-$(CONFIG_STACKPROTECTOR_STRONG) := -fstack-protector-strong + KBUILD_CFLAGS += $(stackp-flags-y) + + ifeq ($(cc-name),clang) ++ifdef CONFIG_LOCAL_INIT ++KBUILD_CFLAGS += -fsanitize=local-init ++endif + KBUILD_CPPFLAGS += $(call cc-option,-Qunused-arguments,) + KBUILD_CFLAGS += $(call cc-disable-warning, format-invalid-specifier) + KBUILD_CFLAGS += $(call cc-disable-warning, gnu) +diff --git a/arch/Kconfig b/arch/Kconfig +index d1f2ed462ac8..19a595a47dae 100644 +--- a/arch/Kconfig ++++ b/arch/Kconfig +@@ -470,6 +470,11 @@ config GCC_PLUGIN_LATENT_ENTROPY + is some slowdown of the boot process (about 0.5%) and fork and + irq processing. + ++ When extra_latent_entropy is passed on the kernel command line, ++ entropy will be extracted from up to the first 4GB of RAM while the ++ runtime memory allocator is being initialized. This costs even more ++ slowdown of the boot process. ++ + Note that entropy extracted this way is not cryptographically + secure! + +@@ -731,7 +736,7 @@ config ARCH_MMAP_RND_BITS + int "Number of bits to use for ASLR of mmap base address" if EXPERT + range ARCH_MMAP_RND_BITS_MIN ARCH_MMAP_RND_BITS_MAX + default ARCH_MMAP_RND_BITS_DEFAULT if ARCH_MMAP_RND_BITS_DEFAULT +- default ARCH_MMAP_RND_BITS_MIN ++ default ARCH_MMAP_RND_BITS_MAX + depends on HAVE_ARCH_MMAP_RND_BITS + help + This value can be used to select the number of bits to use to +@@ -765,7 +770,7 @@ config ARCH_MMAP_RND_COMPAT_BITS + int "Number of bits to use for ASLR of mmap base address for compatible applications" if EXPERT + range ARCH_MMAP_RND_COMPAT_BITS_MIN ARCH_MMAP_RND_COMPAT_BITS_MAX + default ARCH_MMAP_RND_COMPAT_BITS_DEFAULT if ARCH_MMAP_RND_COMPAT_BITS_DEFAULT +- default ARCH_MMAP_RND_COMPAT_BITS_MIN ++ default ARCH_MMAP_RND_COMPAT_BITS_MAX + depends on HAVE_ARCH_MMAP_RND_COMPAT_BITS + help + This value can be used to select the number of bits to use to +@@ -967,6 +972,7 @@ config ARCH_HAS_REFCOUNT + + config REFCOUNT_FULL + bool "Perform full reference count validation at the expense of speed" ++ default y + help + Enabling this switches the refcounting infrastructure from a fast + unchecked atomic_t implementation to a fully state checked +diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig +index 42c090cf0292..a6e2276009e4 100644 +--- a/arch/arm64/Kconfig ++++ b/arch/arm64/Kconfig +@@ -1005,6 +1005,7 @@ endif + + config ARM64_SW_TTBR0_PAN + bool "Emulate Privileged Access Never using TTBR0_EL1 switching" ++ default y + help + Enabling this option prevents the kernel from accessing + user-space memory directly by pointing TTBR0_EL1 to a reserved +@@ -1180,6 +1181,7 @@ config RANDOMIZE_BASE + bool "Randomize the address of the kernel image" + select ARM64_MODULE_PLTS if MODULES + select RELOCATABLE ++ default y + help + Randomizes the virtual address at which the kernel image is + loaded, as a security feature that deters exploit attempts +diff --git a/arch/arm64/Kconfig.debug b/arch/arm64/Kconfig.debug +index cc6bd559af85..01d5442d4722 100644 +--- a/arch/arm64/Kconfig.debug ++++ b/arch/arm64/Kconfig.debug +@@ -45,6 +45,7 @@ config ARM64_RANDOMIZE_TEXT_OFFSET + config DEBUG_WX + bool "Warn on W+X mappings at boot" + select ARM64_PTDUMP_CORE ++ default y + ---help--- + Generate a warning if any W+X mappings are found at boot. + +diff --git a/arch/arm64/configs/defconfig b/arch/arm64/configs/defconfig +index f9a186f6af8a..e628231a5a92 100644 +--- a/arch/arm64/configs/defconfig ++++ b/arch/arm64/configs/defconfig @@ -1,4 +1,3 @@ -CONFIG_SYSVIPC=y CONFIG_POSIX_MQUEUE=y CONFIG_AUDIT=y CONFIG_NO_HZ_IDLE=y -diff -Nur a/arch/arm64/include/asm/elf.h b/arch/arm64/include/asm/elf.h ---- a/arch/arm64/include/asm/elf.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/arm64/include/asm/elf.h 2018-05-22 19:56:23.693071674 +0100 +diff --git a/arch/arm64/include/asm/elf.h b/arch/arm64/include/asm/elf.h +index 433b9554c6a1..1f4b06317c9f 100644 +--- a/arch/arm64/include/asm/elf.h ++++ b/arch/arm64/include/asm/elf.h @@ -114,10 +114,10 @@ /* @@ -22,7 +184,7 @@ diff -Nur a/arch/arm64/include/asm/elf.h b/arch/arm64/include/asm/elf.h #ifndef __ASSEMBLY__ -@@ -158,10 +158,10 @@ +@@ -171,10 +171,10 @@ extern int arch_setup_additional_pages(struct linux_binprm *bprm, /* 1GB of VA */ #ifdef CONFIG_COMPAT #define STACK_RND_MASK (test_thread_flag(TIF_32BIT) ? \ @@ -36,40 +198,11 @@ diff -Nur a/arch/arm64/include/asm/elf.h b/arch/arm64/include/asm/elf.h #endif #ifdef __AARCH64EB__ -diff -Nur a/arch/arm64/Kconfig b/arch/arm64/Kconfig ---- a/arch/arm64/Kconfig 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/arm64/Kconfig 2018-05-22 19:56:23.692071641 +0100 -@@ -988,6 +988,7 @@ - - config ARM64_SW_TTBR0_PAN - bool "Emulate Privileged Access Never using TTBR0_EL1 switching" -+ default y - help - Enabling this option prevents the kernel from accessing - user-space memory directly by pointing TTBR0_EL1 to a reserved -@@ -1141,6 +1142,7 @@ - bool "Randomize the address of the kernel image" - select ARM64_MODULE_PLTS if MODULES - select RELOCATABLE -+ default y - help - Randomizes the virtual address at which the kernel image is - loaded, as a security feature that deters exploit attempts -diff -Nur a/arch/arm64/Kconfig.debug b/arch/arm64/Kconfig.debug ---- a/arch/arm64/Kconfig.debug 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/arm64/Kconfig.debug 2018-05-22 19:56:23.692071641 +0100 -@@ -45,6 +45,7 @@ - config DEBUG_WX - bool "Warn on W+X mappings at boot" - select ARM64_PTDUMP_CORE -+ default y - ---help--- - Generate a warning if any W+X mappings are found at boot. - -diff -Nur a/arch/arm64/kernel/process.c b/arch/arm64/kernel/process.c ---- a/arch/arm64/kernel/process.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/arm64/kernel/process.c 2018-05-22 19:56:23.693071674 +0100 -@@ -481,9 +481,9 @@ +diff --git a/arch/arm64/kernel/process.c b/arch/arm64/kernel/process.c +index e10bc363f533..8e5701978b7c 100644 +--- a/arch/arm64/kernel/process.c ++++ b/arch/arm64/kernel/process.c +@@ -481,9 +481,9 @@ unsigned long arch_align_stack(unsigned long sp) unsigned long arch_randomize_brk(struct mm_struct *mm) { if (is_compat_task()) @@ -81,60 +214,66 @@ diff -Nur a/arch/arm64/kernel/process.c b/arch/arm64/kernel/process.c } /* -diff -Nur a/arch/Kconfig b/arch/Kconfig ---- a/arch/Kconfig 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/Kconfig 2018-05-22 19:56:23.692071641 +0100 -@@ -454,6 +454,11 @@ - is some slowdown of the boot process (about 0.5%) and fork and - irq processing. - -+ When extra_latent_entropy is passed on the kernel command line, -+ entropy will be extracted from up to the first 4GB of RAM while the -+ runtime memory allocator is being initialized. This costs even more -+ slowdown of the boot process. -+ - Note that entropy extracted this way is not cryptographically - secure! +diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig +index 6b8065d718bd..347c8d1c3a45 100644 +--- a/arch/x86/Kconfig ++++ b/arch/x86/Kconfig +@@ -1202,8 +1202,7 @@ config VM86 + default X86_LEGACY_VM86 -@@ -747,7 +752,7 @@ - int "Number of bits to use for ASLR of mmap base address" if EXPERT - range ARCH_MMAP_RND_BITS_MIN ARCH_MMAP_RND_BITS_MAX - default ARCH_MMAP_RND_BITS_DEFAULT if ARCH_MMAP_RND_BITS_DEFAULT -- default ARCH_MMAP_RND_BITS_MIN -+ default ARCH_MMAP_RND_BITS_MAX - depends on HAVE_ARCH_MMAP_RND_BITS - help - This value can be used to select the number of bits to use to -@@ -781,7 +786,7 @@ - int "Number of bits to use for ASLR of mmap base address for compatible applications" if EXPERT - range ARCH_MMAP_RND_COMPAT_BITS_MIN ARCH_MMAP_RND_COMPAT_BITS_MAX - default ARCH_MMAP_RND_COMPAT_BITS_DEFAULT if ARCH_MMAP_RND_COMPAT_BITS_DEFAULT -- default ARCH_MMAP_RND_COMPAT_BITS_MIN -+ default ARCH_MMAP_RND_COMPAT_BITS_MAX - depends on HAVE_ARCH_MMAP_RND_COMPAT_BITS + config X86_16BIT +- bool "Enable support for 16-bit segments" if EXPERT +- default y ++ bool "Enable support for 16-bit segments" + depends on MODIFY_LDT_SYSCALL + ---help--- + This option is required by programs like Wine to run 16-bit +@@ -2295,7 +2294,7 @@ config COMPAT_VDSO + choice + prompt "vsyscall table for legacy applications" + depends on X86_64 +- default LEGACY_VSYSCALL_EMULATE ++ default LEGACY_VSYSCALL_NONE help - This value can be used to select the number of bits to use to -@@ -968,6 +973,7 @@ + Legacy user code that does not know how to find the vDSO expects + to be able to issue three syscalls by calling fixed addresses in +@@ -2376,8 +2375,7 @@ config CMDLINE_OVERRIDE + be set to 'N' under normal conditions. - config REFCOUNT_FULL - bool "Perform full reference count validation at the expense of speed" + config MODIFY_LDT_SYSCALL +- bool "Enable the LDT (local descriptor table)" if EXPERT +- default y ++ bool "Enable the LDT (local descriptor table)" + ---help--- + Linux can allow user programs to install a per-process x86 + Local Descriptor Table (LDT) using the modify_ldt(2) system +diff --git a/arch/x86/Kconfig.debug b/arch/x86/Kconfig.debug +index c6dd1d980081..0acf0d1d67de 100644 +--- a/arch/x86/Kconfig.debug ++++ b/arch/x86/Kconfig.debug +@@ -104,6 +104,7 @@ config EFI_PGT_DUMP + config DEBUG_WX + bool "Warn on W+X mappings at boot" + select X86_PTDUMP_CORE + default y - help - Enabling this switches the refcounting infrastructure from a fast - unchecked atomic_t implementation to a fully state checked -diff -Nur a/arch/x86/configs/x86_64_defconfig b/arch/x86/configs/x86_64_defconfig ---- a/arch/x86/configs/x86_64_defconfig 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/x86/configs/x86_64_defconfig 2018-05-22 19:56:23.694071707 +0100 + ---help--- + Generate a warning if any W+X mappings are found at boot. + +diff --git a/arch/x86/configs/x86_64_defconfig b/arch/x86/configs/x86_64_defconfig +index e32fc1f274d8..d08acc76502a 100644 +--- a/arch/x86/configs/x86_64_defconfig ++++ b/arch/x86/configs/x86_64_defconfig @@ -1,5 +1,4 @@ # CONFIG_LOCALVERSION_AUTO is not set -CONFIG_SYSVIPC=y CONFIG_POSIX_MQUEUE=y CONFIG_BSD_PROCESS_ACCT=y CONFIG_TASKSTATS=y -diff -Nur a/arch/x86/entry/vdso/vma.c b/arch/x86/entry/vdso/vma.c ---- a/arch/x86/entry/vdso/vma.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/x86/entry/vdso/vma.c 2018-05-22 19:56:23.694071707 +0100 -@@ -204,55 +204,9 @@ +diff --git a/arch/x86/entry/vdso/vma.c b/arch/x86/entry/vdso/vma.c +index 5b8b556dbb12..a569f08b4478 100644 +--- a/arch/x86/entry/vdso/vma.c ++++ b/arch/x86/entry/vdso/vma.c +@@ -204,55 +204,9 @@ static int map_vdso(const struct vdso_image *image, unsigned long addr) } #ifdef CONFIG_X86_64 @@ -191,10 +330,11 @@ diff -Nur a/arch/x86/entry/vdso/vma.c b/arch/x86/entry/vdso/vma.c } #endif -diff -Nur a/arch/x86/include/asm/elf.h b/arch/x86/include/asm/elf.h ---- a/arch/x86/include/asm/elf.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/x86/include/asm/elf.h 2018-05-22 19:56:23.694071707 +0100 -@@ -249,11 +249,11 @@ +diff --git a/arch/x86/include/asm/elf.h b/arch/x86/include/asm/elf.h +index 0d157d2a1e2a..770c8ae97f92 100644 +--- a/arch/x86/include/asm/elf.h ++++ b/arch/x86/include/asm/elf.h +@@ -249,11 +249,11 @@ extern int force_personality32; /* * This is the base location for PIE (ET_DYN with INTERP) loads. On @@ -208,7 +348,7 @@ diff -Nur a/arch/x86/include/asm/elf.h b/arch/x86/include/asm/elf.h /* This yields a mask that user programs can use to figure out what instruction set this CPU supports. This could be done in user space, -@@ -313,8 +313,8 @@ +@@ -313,8 +313,8 @@ extern bool mmap_address_hint_valid(unsigned long addr, unsigned long len); #ifdef CONFIG_X86_32 @@ -219,7 +359,7 @@ diff -Nur a/arch/x86/include/asm/elf.h b/arch/x86/include/asm/elf.h #define ARCH_DLINFO ARCH_DLINFO_IA32 -@@ -323,7 +323,11 @@ +@@ -323,7 +323,11 @@ extern bool mmap_address_hint_valid(unsigned long addr, unsigned long len); #else /* CONFIG_X86_32 */ /* 1GB for 64bit, 8MB for 32bit */ @@ -232,16 +372,17 @@ diff -Nur a/arch/x86/include/asm/elf.h b/arch/x86/include/asm/elf.h #define STACK_RND_MASK __STACK_RND_MASK(mmap_is_ia32()) #define ARCH_DLINFO \ -@@ -381,5 +385,4 @@ +@@ -381,5 +385,4 @@ struct va_alignment { } ____cacheline_aligned; extern struct va_alignment va_align; -extern unsigned long align_vdso_addr(unsigned long); #endif /* _ASM_X86_ELF_H */ -diff -Nur a/arch/x86/include/asm/tlbflush.h b/arch/x86/include/asm/tlbflush.h ---- a/arch/x86/include/asm/tlbflush.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/x86/include/asm/tlbflush.h 2018-05-22 19:56:23.694071707 +0100 -@@ -261,6 +261,7 @@ +diff --git a/arch/x86/include/asm/tlbflush.h b/arch/x86/include/asm/tlbflush.h +index 6690cd3fc8b1..300a1c2819fb 100644 +--- a/arch/x86/include/asm/tlbflush.h ++++ b/arch/x86/include/asm/tlbflush.h +@@ -266,6 +266,7 @@ static inline void cr4_set_bits(unsigned long mask) local_irq_save(flags); cr4 = this_cpu_read(cpu_tlbstate.cr4); @@ -249,7 +390,7 @@ diff -Nur a/arch/x86/include/asm/tlbflush.h b/arch/x86/include/asm/tlbflush.h if ((cr4 | mask) != cr4) __cr4_set(cr4 | mask); local_irq_restore(flags); -@@ -273,6 +274,7 @@ +@@ -278,6 +279,7 @@ static inline void cr4_clear_bits(unsigned long mask) local_irq_save(flags); cr4 = this_cpu_read(cpu_tlbstate.cr4); @@ -257,7 +398,7 @@ diff -Nur a/arch/x86/include/asm/tlbflush.h b/arch/x86/include/asm/tlbflush.h if ((cr4 & ~mask) != cr4) __cr4_set(cr4 & ~mask); local_irq_restore(flags); -@@ -283,6 +285,7 @@ +@@ -288,6 +290,7 @@ static inline void cr4_toggle_bits_irqsoff(unsigned long mask) unsigned long cr4; cr4 = this_cpu_read(cpu_tlbstate.cr4); @@ -265,7 +406,7 @@ diff -Nur a/arch/x86/include/asm/tlbflush.h b/arch/x86/include/asm/tlbflush.h __cr4_set(cr4 ^ mask); } -@@ -389,6 +392,7 @@ +@@ -394,6 +397,7 @@ static inline void __native_flush_tlb_global(void) raw_local_irq_save(flags); cr4 = this_cpu_read(cpu_tlbstate.cr4); @@ -273,53 +414,11 @@ diff -Nur a/arch/x86/include/asm/tlbflush.h b/arch/x86/include/asm/tlbflush.h /* toggle PGE */ native_write_cr4(cr4 ^ X86_CR4_PGE); /* write old PGE again and flush TLBs */ -diff -Nur a/arch/x86/Kconfig b/arch/x86/Kconfig ---- a/arch/x86/Kconfig 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/x86/Kconfig 2018-05-22 19:56:23.694071707 +0100 -@@ -1208,8 +1208,7 @@ - default X86_LEGACY_VM86 - - config X86_16BIT -- bool "Enable support for 16-bit segments" if EXPERT -- default y -+ bool "Enable support for 16-bit segments" - depends on MODIFY_LDT_SYSCALL - ---help--- - This option is required by programs like Wine to run 16-bit -@@ -2299,7 +2298,7 @@ - choice - prompt "vsyscall table for legacy applications" - depends on X86_64 -- default LEGACY_VSYSCALL_EMULATE -+ default LEGACY_VSYSCALL_NONE - help - Legacy user code that does not know how to find the vDSO expects - to be able to issue three syscalls by calling fixed addresses in -@@ -2380,8 +2379,7 @@ - be set to 'N' under normal conditions. - - config MODIFY_LDT_SYSCALL -- bool "Enable the LDT (local descriptor table)" if EXPERT -- default y -+ bool "Enable the LDT (local descriptor table)" - ---help--- - Linux can allow user programs to install a per-process x86 - Local Descriptor Table (LDT) using the modify_ldt(2) system -diff -Nur a/arch/x86/Kconfig.debug b/arch/x86/Kconfig.debug ---- a/arch/x86/Kconfig.debug 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/x86/Kconfig.debug 2018-05-22 19:56:23.694071707 +0100 -@@ -101,6 +101,7 @@ - config DEBUG_WX - bool "Warn on W+X mappings at boot" - select X86_PTDUMP_CORE -+ default y - ---help--- - Generate a warning if any W+X mappings are found at boot. - -diff -Nur a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c ---- a/arch/x86/kernel/cpu/common.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/x86/kernel/cpu/common.c 2018-05-22 19:56:23.695071739 +0100 -@@ -1662,7 +1662,6 @@ +diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c +index b41b72bd8bb8..d54a3c30902a 100644 +--- a/arch/x86/kernel/cpu/common.c ++++ b/arch/x86/kernel/cpu/common.c +@@ -1726,7 +1726,6 @@ void cpu_init(void) wrmsrl(MSR_KERNEL_GS_BASE, 0); barrier(); @@ -327,9 +426,10 @@ diff -Nur a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c x2apic_setup(); /* -diff -Nur a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c ---- a/arch/x86/kernel/process.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/x86/kernel/process.c 2018-05-22 19:58:08.019495182 +0100 +diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c +index 30ca2d1a9231..bde0a18cd9f9 100644 +--- a/arch/x86/kernel/process.c ++++ b/arch/x86/kernel/process.c @@ -39,6 +39,8 @@ #include <asm/desc.h> #include <asm/prctl.h> @@ -339,7 +439,7 @@ diff -Nur a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c /* * per-CPU TSS segments. Threads are completely 'soft' on Linux, -@@ -718,7 +720,10 @@ +@@ -718,7 +720,10 @@ unsigned long arch_align_stack(unsigned long sp) unsigned long arch_randomize_brk(struct mm_struct *mm) { @@ -351,10 +451,11 @@ diff -Nur a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c } /* -diff -Nur a/arch/x86/kernel/sys_x86_64.c b/arch/x86/kernel/sys_x86_64.c ---- a/arch/x86/kernel/sys_x86_64.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/x86/kernel/sys_x86_64.c 2018-05-22 19:56:23.695071739 +0100 -@@ -54,13 +54,6 @@ +diff --git a/arch/x86/kernel/sys_x86_64.c b/arch/x86/kernel/sys_x86_64.c +index 6a78d4b36a79..715009f7a96c 100644 +--- a/arch/x86/kernel/sys_x86_64.c ++++ b/arch/x86/kernel/sys_x86_64.c +@@ -54,13 +54,6 @@ static unsigned long get_align_bits(void) return va_align.bits & get_align_mask(); } @@ -368,7 +469,7 @@ diff -Nur a/arch/x86/kernel/sys_x86_64.c b/arch/x86/kernel/sys_x86_64.c static int __init control_va_addr_alignment(char *str) { /* guard against enabling this on other CPU families */ -@@ -122,10 +115,7 @@ +@@ -122,10 +115,7 @@ static void find_start_end(unsigned long addr, unsigned long flags, } *begin = get_mmap_base(1); @@ -380,7 +481,7 @@ diff -Nur a/arch/x86/kernel/sys_x86_64.c b/arch/x86/kernel/sys_x86_64.c } unsigned long -@@ -210,7 +200,7 @@ +@@ -210,7 +200,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, info.flags = VM_UNMAPPED_AREA_TOPDOWN; info.length = len; @@ -389,19 +490,23 @@ diff -Nur a/arch/x86/kernel/sys_x86_64.c b/arch/x86/kernel/sys_x86_64.c info.high_limit = get_mmap_base(0); /* -diff -Nur a/arch/x86/mm/init_32.c b/arch/x86/mm/init_32.c ---- a/arch/x86/mm/init_32.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/x86/mm/init_32.c 2018-05-22 19:56:23.695071739 +0100 -@@ -558,7 +558,7 @@ - permanent_kmaps_init(pgd_base); - } - --pteval_t __supported_pte_mask __read_mostly = ~(_PAGE_NX | _PAGE_GLOBAL); -+pteval_t __supported_pte_mask __ro_after_init = ~(_PAGE_NX | _PAGE_GLOBAL); +diff --git a/arch/x86/mm/init_32.c b/arch/x86/mm/init_32.c +index 979e0a02cbe1..d6ab882a0091 100644 +--- a/arch/x86/mm/init_32.c ++++ b/arch/x86/mm/init_32.c +@@ -560,9 +560,9 @@ static void __init pagetable_init(void) + + #define DEFAULT_PTE_MASK ~(_PAGE_NX | _PAGE_GLOBAL) + /* Bits supported by the hardware: */ +-pteval_t __supported_pte_mask __read_mostly = DEFAULT_PTE_MASK; ++pteval_t __supported_pte_mask __ro_after_init = DEFAULT_PTE_MASK; + /* Bits allowed in normal kernel mappings: */ +-pteval_t __default_kernel_pte_mask __read_mostly = DEFAULT_PTE_MASK; ++pteval_t __default_kernel_pte_mask __ro_after_init = DEFAULT_PTE_MASK; EXPORT_SYMBOL_GPL(__supported_pte_mask); - - /* user-defined highmem size */ -@@ -866,7 +866,7 @@ + /* Used in PAGE_KERNEL_* macros which are reasonably used out-of-tree: */ + EXPORT_SYMBOL(__default_kernel_pte_mask); +@@ -873,7 +873,7 @@ int arch_remove_memory(u64 start, u64 size, struct vmem_altmap *altmap) #endif #endif @@ -410,7 +515,7 @@ diff -Nur a/arch/x86/mm/init_32.c b/arch/x86/mm/init_32.c void set_kernel_text_rw(void) { -@@ -918,12 +918,11 @@ +@@ -925,12 +925,11 @@ void mark_rodata_ro(void) unsigned long start = PFN_ALIGN(_text); unsigned long size = PFN_ALIGN(_etext) - start; @@ -424,19 +529,23 @@ diff -Nur a/arch/x86/mm/init_32.c b/arch/x86/mm/init_32.c #ifdef CONFIG_CPA_DEBUG printk(KERN_INFO "Testing CPA: Reverting %lx-%lx\n", start, start+size); -diff -Nur a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c ---- a/arch/x86/mm/init_64.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/x86/mm/init_64.c 2018-05-22 19:56:23.696071772 +0100 -@@ -65,7 +65,7 @@ - * around without checking the pgd every time. +diff --git a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c +index 68c292cb1ebf..b81cd1f2d6df 100644 +--- a/arch/x86/mm/init_64.c ++++ b/arch/x86/mm/init_64.c +@@ -66,9 +66,9 @@ */ + /* Bits supported by the hardware: */ -pteval_t __supported_pte_mask __read_mostly = ~0; +pteval_t __supported_pte_mask __ro_after_init = ~0; + /* Bits allowed in normal kernel mappings: */ +-pteval_t __default_kernel_pte_mask __read_mostly = ~0; ++pteval_t __default_kernel_pte_mask __ro_after_init = ~0; EXPORT_SYMBOL_GPL(__supported_pte_mask); - - int force_personality32; -@@ -1195,7 +1195,7 @@ + /* Used in PAGE_KERNEL_* macros which are reasonably used out-of-tree: */ + EXPORT_SYMBOL(__default_kernel_pte_mask); +@@ -1207,7 +1207,7 @@ void __init mem_init(void) mem_init_print_info(NULL); } @@ -445,7 +554,7 @@ diff -Nur a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c void set_kernel_text_rw(void) { -@@ -1244,9 +1244,8 @@ +@@ -1256,9 +1256,8 @@ void mark_rodata_ro(void) printk(KERN_INFO "Write protecting the kernel read-only data: %luk\n", (end - start) >> 10); @@ -456,10 +565,11 @@ diff -Nur a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c /* * The rodata/data/bss/brk section (but not the kernel text!) -diff -Nur a/block/blk-softirq.c b/block/blk-softirq.c ---- a/block/blk-softirq.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/block/blk-softirq.c 2018-05-22 19:56:23.696071772 +0100 -@@ -20,7 +20,7 @@ +diff --git a/block/blk-softirq.c b/block/blk-softirq.c +index 15c1f5e12eb8..ff72cccec5b8 100644 +--- a/block/blk-softirq.c ++++ b/block/blk-softirq.c +@@ -20,7 +20,7 @@ static DEFINE_PER_CPU(struct list_head, blk_cpu_done); * Softirq action handler - move entries to local list and loop over them * while passing them to the queue registered handler. */ @@ -468,42 +578,11 @@ diff -Nur a/block/blk-softirq.c b/block/blk-softirq.c { struct list_head *cpu_list, local_list; -diff -Nur a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt ---- a/Documentation/admin-guide/kernel-parameters.txt 2018-05-22 17:56:31.000000000 +0100 -+++ b/Documentation/admin-guide/kernel-parameters.txt 2018-05-22 19:56:23.691071608 +0100 -@@ -496,16 +496,6 @@ - nosocket -- Disable socket memory accounting. - nokmem -- Disable kernel memory accounting. - -- checkreqprot [SELINUX] Set initial checkreqprot flag value. -- Format: { "0" | "1" } -- See security/selinux/Kconfig help text. -- 0 -- check protection applied by kernel (includes -- any implied execute protection). -- 1 -- check protection requested by application. -- Default value is set via a kernel config option. -- Value can be changed at runtime via -- /selinux/checkreqprot. -- - cio_ignore= [S390] - See Documentation/s390/CommonIO for details. - clk_ignore_unused -@@ -2946,6 +2936,11 @@ - the specified number of seconds. This is to be used if - your oopses keep scrolling off the screen. - -+ extra_latent_entropy -+ Enable a very simple form of latent entropy extraction -+ from the first 4GB of memory as the bootmem allocator -+ passes the memory pages to the buddy allocator. -+ - pcbit= [HW,ISDN] - - pcd. [PARIDE] -diff -Nur a/drivers/ata/libata-core.c b/drivers/ata/libata-core.c ---- a/drivers/ata/libata-core.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/drivers/ata/libata-core.c 2018-05-22 19:56:23.697071805 +0100 -@@ -5151,7 +5151,7 @@ +diff --git a/drivers/ata/libata-core.c b/drivers/ata/libata-core.c +index cc71c63df381..44432ecffbcd 100644 +--- a/drivers/ata/libata-core.c ++++ b/drivers/ata/libata-core.c +@@ -5154,7 +5154,7 @@ void ata_qc_free(struct ata_queued_cmd *qc) struct ata_port *ap; unsigned int tag; @@ -512,7 +591,7 @@ diff -Nur a/drivers/ata/libata-core.c b/drivers/ata/libata-core.c ap = qc->ap; qc->flags = 0; -@@ -5168,7 +5168,7 @@ +@@ -5171,7 +5171,7 @@ void __ata_qc_complete(struct ata_queued_cmd *qc) struct ata_port *ap; struct ata_link *link; @@ -521,10 +600,11 @@ diff -Nur a/drivers/ata/libata-core.c b/drivers/ata/libata-core.c WARN_ON_ONCE(!(qc->flags & ATA_QCFLAG_ACTIVE)); ap = qc->ap; link = qc->dev->link; -diff -Nur a/drivers/char/Kconfig b/drivers/char/Kconfig ---- a/drivers/char/Kconfig 2018-05-22 17:56:31.000000000 +0100 -+++ b/drivers/char/Kconfig 2018-05-22 19:56:23.697071805 +0100 -@@ -9,7 +9,6 @@ +diff --git a/drivers/char/Kconfig b/drivers/char/Kconfig +index 212f447938ae..0982c7ddd88c 100644 +--- a/drivers/char/Kconfig ++++ b/drivers/char/Kconfig +@@ -9,7 +9,6 @@ source "drivers/tty/Kconfig" config DEVMEM bool "/dev/mem virtual device support" @@ -532,7 +612,7 @@ diff -Nur a/drivers/char/Kconfig b/drivers/char/Kconfig help Say Y here if you want to support the /dev/mem device. The /dev/mem device is used to access areas of physical -@@ -568,7 +567,6 @@ +@@ -531,7 +530,6 @@ config TELCLOCK config DEVPORT bool "/dev/port character device" depends on ISA || PCI @@ -540,10 +620,11 @@ diff -Nur a/drivers/char/Kconfig b/drivers/char/Kconfig help Say Y here if you want to support the /dev/port device. The /dev/port device is similar to /dev/mem, but for I/O ports. -diff -Nur a/drivers/tty/Kconfig b/drivers/tty/Kconfig ---- a/drivers/tty/Kconfig 2018-05-22 17:56:31.000000000 +0100 -+++ b/drivers/tty/Kconfig 2018-05-22 19:56:23.698071838 +0100 -@@ -122,7 +122,6 @@ +diff --git a/drivers/tty/Kconfig b/drivers/tty/Kconfig +index 0840d27381ea..ae292fcedaca 100644 +--- a/drivers/tty/Kconfig ++++ b/drivers/tty/Kconfig +@@ -122,7 +122,6 @@ config UNIX98_PTYS config LEGACY_PTYS bool "Legacy (BSD) PTY support" @@ -551,9 +632,50 @@ diff -Nur a/drivers/tty/Kconfig b/drivers/tty/Kconfig ---help--- A pseudo terminal (PTY) is a software device consisting of two halves: a master and a slave. The slave device behaves identical to -diff -Nur a/drivers/usb/core/hub.c b/drivers/usb/core/hub.c ---- a/drivers/usb/core/hub.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/drivers/usb/core/hub.c 2018-05-22 19:56:23.699071871 +0100 +diff --git a/drivers/tty/tty_io.c b/drivers/tty/tty_io.c +index aba59521ad48..90d4779683a3 100644 +--- a/drivers/tty/tty_io.c ++++ b/drivers/tty/tty_io.c +@@ -172,6 +172,7 @@ static void free_tty_struct(struct tty_struct *tty) + put_device(tty->dev); + kfree(tty->write_buf); + tty->magic = 0xDEADDEAD; ++ put_user_ns(tty->owner_user_ns); + kfree(tty); + } + +@@ -2164,11 +2165,19 @@ static int tty_fasync(int fd, struct file *filp, int on) + * FIXME: may race normal receive processing + */ + ++int tiocsti_restrict = IS_ENABLED(CONFIG_SECURITY_TIOCSTI_RESTRICT); ++ + static int tiocsti(struct tty_struct *tty, char __user *p) + { + char ch, mbz = 0; + struct tty_ldisc *ld; + ++ if (tiocsti_restrict && ++ !ns_capable(tty->owner_user_ns, CAP_SYS_ADMIN)) { ++ dev_warn_ratelimited(tty->dev, ++ "Denied TIOCSTI ioctl for non-privileged process\n"); ++ return -EPERM; ++ } + if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN)) + return -EPERM; + if (get_user(ch, p)) +@@ -2851,6 +2860,7 @@ struct tty_struct *alloc_tty_struct(struct tty_driver *driver, int idx) + tty->index = idx; + tty_line_name(driver, idx, tty->name); + tty->dev = tty_get_device(tty); ++ tty->owner_user_ns = get_user_ns(current_user_ns()); + + return tty; + } +diff --git a/drivers/usb/core/hub.c b/drivers/usb/core/hub.c +index 1fb266809966..db145cb734e4 100644 +--- a/drivers/usb/core/hub.c ++++ b/drivers/usb/core/hub.c @@ -41,6 +41,8 @@ #define USB_TP_TRANSMISSION_DELAY 40 /* ns */ #define USB_TP_TRANSMISSION_DELAY_MAX 65535 /* ns */ @@ -563,7 +685,7 @@ diff -Nur a/drivers/usb/core/hub.c b/drivers/usb/core/hub.c /* Protect struct usb_device->state and ->children members * Note: Both are also protected by ->dev.sem, except that ->state can * change to USB_STATE_NOTATTACHED even when the semaphore isn't held. */ -@@ -4847,6 +4849,12 @@ +@@ -4881,6 +4883,12 @@ static void hub_port_connect(struct usb_hub *hub, int port1, u16 portstatus, goto done; return; } @@ -576,9 +698,10 @@ diff -Nur a/drivers/usb/core/hub.c b/drivers/usb/core/hub.c if (hub_is_superspeed(hub->hdev)) unit_load = 150; else -diff -Nur a/fs/exec.c b/fs/exec.c ---- a/fs/exec.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/fs/exec.c 2018-05-22 19:56:23.699071871 +0100 +diff --git a/fs/exec.c b/fs/exec.c +index bdd0eacefdf5..20908a84550c 100644 +--- a/fs/exec.c ++++ b/fs/exec.c @@ -62,6 +62,7 @@ #include <linux/oom.h> #include <linux/compat.h> @@ -587,7 +710,7 @@ diff -Nur a/fs/exec.c b/fs/exec.c #include <linux/uaccess.h> #include <asm/mmu_context.h> -@@ -321,6 +322,8 @@ +@@ -320,6 +321,8 @@ static int __bprm_mm_init(struct linux_binprm *bprm) arch_bprm_mm_init(mm, vma); up_write(&mm->mmap_sem); bprm->p = vma->vm_end - sizeof(void *); @@ -596,10 +719,11 @@ diff -Nur a/fs/exec.c b/fs/exec.c return 0; err: up_write(&mm->mmap_sem); -diff -Nur a/fs/namei.c b/fs/namei.c ---- a/fs/namei.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/fs/namei.c 2018-05-22 19:56:23.700071903 +0100 -@@ -883,8 +883,8 @@ +diff --git a/fs/namei.c b/fs/namei.c +index 734cef54fdf8..8e3b3ae0cf30 100644 +--- a/fs/namei.c ++++ b/fs/namei.c +@@ -885,8 +885,8 @@ static inline void put_link(struct nameidata *nd) path_put(&last->link); } @@ -610,18 +734,20 @@ diff -Nur a/fs/namei.c b/fs/namei.c /** * may_follow_link - Check symlink following for unsafe situations -diff -Nur a/fs/nfs/Kconfig b/fs/nfs/Kconfig ---- a/fs/nfs/Kconfig 2018-05-22 17:56:31.000000000 +0100 -+++ b/fs/nfs/Kconfig 2018-05-22 19:56:23.700071903 +0100 -@@ -195,4 +195,3 @@ +diff --git a/fs/nfs/Kconfig b/fs/nfs/Kconfig +index 5f93cfacb3d1..cea0d7d3b23e 100644 +--- a/fs/nfs/Kconfig ++++ b/fs/nfs/Kconfig +@@ -195,4 +195,3 @@ config NFS_DEBUG bool depends on NFS_FS && SUNRPC_DEBUG select CRC32 - default y -diff -Nur a/fs/proc/Kconfig b/fs/proc/Kconfig ---- a/fs/proc/Kconfig 2018-05-22 17:56:31.000000000 +0100 -+++ b/fs/proc/Kconfig 2018-05-22 19:56:23.700071903 +0100 -@@ -39,7 +39,6 @@ +diff --git a/fs/proc/Kconfig b/fs/proc/Kconfig +index 0eaeb41453f5..8cd1e66aa408 100644 +--- a/fs/proc/Kconfig ++++ b/fs/proc/Kconfig +@@ -39,7 +39,6 @@ config PROC_KCORE config PROC_VMCORE bool "/proc/vmcore support" depends on PROC_FS && CRASH_DUMP @@ -629,10 +755,11 @@ diff -Nur a/fs/proc/Kconfig b/fs/proc/Kconfig help Exports the dump image of crashed kernel in ELF format. -diff -Nur a/fs/stat.c b/fs/stat.c ---- a/fs/stat.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/fs/stat.c 2018-05-22 19:56:23.700071903 +0100 -@@ -40,8 +40,13 @@ +diff --git a/fs/stat.c b/fs/stat.c +index f8e6fb2c3657..240c1432e18f 100644 +--- a/fs/stat.c ++++ b/fs/stat.c +@@ -40,8 +40,13 @@ void generic_fillattr(struct inode *inode, struct kstat *stat) stat->gid = inode->i_gid; stat->rdev = inode->i_rdev; stat->size = i_size_read(inode); @@ -648,7 +775,7 @@ diff -Nur a/fs/stat.c b/fs/stat.c stat->ctime = inode->i_ctime; stat->blksize = i_blocksize(inode); stat->blocks = inode->i_blocks; -@@ -75,9 +80,14 @@ +@@ -75,9 +80,14 @@ int vfs_getattr_nosec(const struct path *path, struct kstat *stat, stat->result_mask |= STATX_BASIC_STATS; request_mask &= STATX_ALL; query_flags &= KSTAT_QUERY_FLAGS; @@ -666,9 +793,10 @@ diff -Nur a/fs/stat.c b/fs/stat.c generic_fillattr(inode, stat); return 0; -diff -Nur a/include/linux/cache.h b/include/linux/cache.h ---- a/include/linux/cache.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/include/linux/cache.h 2018-05-22 19:56:23.700071903 +0100 +diff --git a/include/linux/cache.h b/include/linux/cache.h +index 750621e41d1c..e7157c18c62c 100644 +--- a/include/linux/cache.h ++++ b/include/linux/cache.h @@ -31,6 +31,8 @@ #define __ro_after_init __attribute__((__section__(".data..ro_after_init"))) #endif @@ -678,10 +806,11 @@ diff -Nur a/include/linux/cache.h b/include/linux/cache.h #ifndef ____cacheline_aligned #define ____cacheline_aligned __attribute__((__aligned__(SMP_CACHE_BYTES))) #endif -diff -Nur a/include/linux/capability.h b/include/linux/capability.h ---- a/include/linux/capability.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/include/linux/capability.h 2018-05-22 19:56:23.700071903 +0100 -@@ -207,6 +207,7 @@ +diff --git a/include/linux/capability.h b/include/linux/capability.h +index f640dcbc880c..2b4f5d651f19 100644 +--- a/include/linux/capability.h ++++ b/include/linux/capability.h +@@ -207,6 +207,7 @@ extern bool has_capability_noaudit(struct task_struct *t, int cap); extern bool has_ns_capability_noaudit(struct task_struct *t, struct user_namespace *ns, int cap); extern bool capable(int cap); @@ -689,7 +818,7 @@ diff -Nur a/include/linux/capability.h b/include/linux/capability.h extern bool ns_capable(struct user_namespace *ns, int cap); extern bool ns_capable_noaudit(struct user_namespace *ns, int cap); #else -@@ -232,6 +233,10 @@ +@@ -232,6 +233,10 @@ static inline bool capable(int cap) { return true; } @@ -700,10 +829,11 @@ diff -Nur a/include/linux/capability.h b/include/linux/capability.h static inline bool ns_capable(struct user_namespace *ns, int cap) { return true; -diff -Nur a/include/linux/fs.h b/include/linux/fs.h ---- a/include/linux/fs.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/include/linux/fs.h 2018-05-22 19:56:23.701071936 +0100 -@@ -3407,4 +3407,15 @@ +diff --git a/include/linux/fs.h b/include/linux/fs.h +index 805bf22898cf..e3a036f29e69 100644 +--- a/include/linux/fs.h ++++ b/include/linux/fs.h +@@ -3438,4 +3438,15 @@ static inline bool dir_relax_shared(struct inode *inode) extern bool path_noexec(const struct path *path); extern void inode_nohighmem(struct inode *inode); @@ -719,10 +849,11 @@ diff -Nur a/include/linux/fs.h b/include/linux/fs.h +} + #endif /* _LINUX_FS_H */ -diff -Nur a/include/linux/fsnotify.h b/include/linux/fsnotify.h ---- a/include/linux/fsnotify.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/include/linux/fsnotify.h 2018-05-22 19:56:23.701071936 +0100 -@@ -181,6 +181,9 @@ +diff --git a/include/linux/fsnotify.h b/include/linux/fsnotify.h +index bdaf22582f6e..326ff15d4637 100644 +--- a/include/linux/fsnotify.h ++++ b/include/linux/fsnotify.h +@@ -181,6 +181,9 @@ static inline void fsnotify_access(struct file *file) struct inode *inode = path->dentry->d_inode; __u32 mask = FS_ACCESS; @@ -732,7 +863,7 @@ diff -Nur a/include/linux/fsnotify.h b/include/linux/fsnotify.h if (S_ISDIR(inode->i_mode)) mask |= FS_ISDIR; -@@ -199,6 +202,9 @@ +@@ -199,6 +202,9 @@ static inline void fsnotify_modify(struct file *file) struct inode *inode = path->dentry->d_inode; __u32 mask = FS_MODIFY; @@ -742,10 +873,11 @@ diff -Nur a/include/linux/fsnotify.h b/include/linux/fsnotify.h if (S_ISDIR(inode->i_mode)) mask |= FS_ISDIR; -diff -Nur a/include/linux/gfp.h b/include/linux/gfp.h ---- a/include/linux/gfp.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/include/linux/gfp.h 2018-05-22 19:56:23.701071936 +0100 -@@ -513,9 +513,9 @@ +diff --git a/include/linux/gfp.h b/include/linux/gfp.h +index a6afcec53795..dea3241398bb 100644 +--- a/include/linux/gfp.h ++++ b/include/linux/gfp.h +@@ -513,9 +513,9 @@ extern struct page *alloc_pages_vma(gfp_t gfp_mask, int order, extern unsigned long __get_free_pages(gfp_t gfp_mask, unsigned int order); extern unsigned long get_zeroed_page(gfp_t gfp_mask); @@ -753,14 +885,15 @@ diff -Nur a/include/linux/gfp.h b/include/linux/gfp.h +void *alloc_pages_exact(size_t size, gfp_t gfp_mask) __attribute__((alloc_size(1))); void free_pages_exact(void *virt, size_t size); -void * __meminit alloc_pages_exact_nid(int nid, size_t size, gfp_t gfp_mask); -+void * __meminit alloc_pages_exact_nid(int nid, size_t size, gfp_t gfp_mask) __attribute__((alloc_size(1))); ++void * __meminit alloc_pages_exact_nid(int nid, size_t size, gfp_t gfp_mask) __attribute__((alloc_size(2))); #define __get_free_page(gfp_mask) \ __get_free_pages((gfp_mask), 0) -diff -Nur a/include/linux/highmem.h b/include/linux/highmem.h ---- a/include/linux/highmem.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/include/linux/highmem.h 2018-05-22 19:56:23.702071969 +0100 -@@ -191,6 +191,13 @@ +diff --git a/include/linux/highmem.h b/include/linux/highmem.h +index 0690679832d4..b9394bc86fad 100644 +--- a/include/linux/highmem.h ++++ b/include/linux/highmem.h +@@ -191,6 +191,13 @@ static inline void clear_highpage(struct page *page) kunmap_atomic(kaddr); } @@ -774,10 +907,11 @@ diff -Nur a/include/linux/highmem.h b/include/linux/highmem.h static inline void zero_user_segments(struct page *page, unsigned start1, unsigned end1, unsigned start2, unsigned end2) -diff -Nur a/include/linux/interrupt.h b/include/linux/interrupt.h ---- a/include/linux/interrupt.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/include/linux/interrupt.h 2018-05-22 19:56:23.702071969 +0100 -@@ -485,7 +485,7 @@ +diff --git a/include/linux/interrupt.h b/include/linux/interrupt.h +index eeceac3376fc..78ad558bce5f 100644 +--- a/include/linux/interrupt.h ++++ b/include/linux/interrupt.h +@@ -490,7 +490,7 @@ extern const char * const softirq_to_name[NR_SOFTIRQS]; struct softirq_action { @@ -786,7 +920,7 @@ diff -Nur a/include/linux/interrupt.h b/include/linux/interrupt.h }; asmlinkage void do_softirq(void); -@@ -500,7 +500,7 @@ +@@ -505,7 +505,7 @@ static inline void do_softirq_own_stack(void) } #endif @@ -795,10 +929,11 @@ diff -Nur a/include/linux/interrupt.h b/include/linux/interrupt.h extern void softirq_init(void); extern void __raise_softirq_irqoff(unsigned int nr); -diff -Nur a/include/linux/kobject_ns.h b/include/linux/kobject_ns.h ---- a/include/linux/kobject_ns.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/include/linux/kobject_ns.h 2018-05-22 19:56:23.702071969 +0100 -@@ -45,7 +45,7 @@ +diff --git a/include/linux/kobject_ns.h b/include/linux/kobject_ns.h +index 069aa2ebef90..cb9e3637a620 100644 +--- a/include/linux/kobject_ns.h ++++ b/include/linux/kobject_ns.h +@@ -45,7 +45,7 @@ struct kobj_ns_type_operations { void (*drop_ns)(void *); }; @@ -807,10 +942,11 @@ diff -Nur a/include/linux/kobject_ns.h b/include/linux/kobject_ns.h int kobj_ns_type_registered(enum kobj_ns_type type); const struct kobj_ns_type_operations *kobj_child_ns_ops(struct kobject *parent); const struct kobj_ns_type_operations *kobj_ns_ops(struct kobject *kobj); -diff -Nur a/include/linux/mm.h b/include/linux/mm.h ---- a/include/linux/mm.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/include/linux/mm.h 2018-05-22 19:56:23.702071969 +0100 -@@ -535,7 +535,7 @@ +diff --git a/include/linux/mm.h b/include/linux/mm.h +index 68a5121694ef..4f6c2e842744 100644 +--- a/include/linux/mm.h ++++ b/include/linux/mm.h +@@ -570,7 +570,7 @@ static inline int is_vmalloc_or_module_addr(const void *x) } #endif @@ -819,10 +955,11 @@ diff -Nur a/include/linux/mm.h b/include/linux/mm.h static inline void *kvmalloc(size_t size, gfp_t flags) { return kvmalloc_node(size, flags, NUMA_NO_NODE); -diff -Nur a/include/linux/percpu.h b/include/linux/percpu.h ---- a/include/linux/percpu.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/include/linux/percpu.h 2018-05-22 19:56:23.702071969 +0100 -@@ -129,7 +129,7 @@ +diff --git a/include/linux/percpu.h b/include/linux/percpu.h +index 296bbe49d5d1..b26652c9a98d 100644 +--- a/include/linux/percpu.h ++++ b/include/linux/percpu.h +@@ -129,7 +129,7 @@ extern int __init pcpu_page_first_chunk(size_t reserved_size, pcpu_fc_populate_pte_fn_t populate_pte_fn); #endif @@ -831,7 +968,7 @@ diff -Nur a/include/linux/percpu.h b/include/linux/percpu.h extern bool __is_kernel_percpu_address(unsigned long addr, unsigned long *can_addr); extern bool is_kernel_percpu_address(unsigned long addr); -@@ -137,8 +137,8 @@ +@@ -137,8 +137,8 @@ extern bool is_kernel_percpu_address(unsigned long addr); extern void __init setup_per_cpu_areas(void); #endif @@ -842,10 +979,11 @@ diff -Nur a/include/linux/percpu.h b/include/linux/percpu.h extern void free_percpu(void __percpu *__pdata); extern phys_addr_t per_cpu_ptr_to_phys(void *addr); -diff -Nur a/include/linux/perf_event.h b/include/linux/perf_event.h ---- a/include/linux/perf_event.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/include/linux/perf_event.h 2018-05-22 19:56:23.703072002 +0100 -@@ -1151,6 +1151,11 @@ +diff --git a/include/linux/perf_event.h b/include/linux/perf_event.h +index 87f6db437e4a..bbcd76ec7d6e 100644 +--- a/include/linux/perf_event.h ++++ b/include/linux/perf_event.h +@@ -1179,6 +1179,11 @@ extern int perf_cpu_time_max_percent_handler(struct ctl_table *table, int write, int perf_event_max_stack_handler(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos); @@ -857,10 +995,11 @@ diff -Nur a/include/linux/perf_event.h b/include/linux/perf_event.h static inline bool perf_paranoid_tracepoint_raw(void) { return sysctl_perf_event_paranoid > -1; -diff -Nur a/include/linux/slab.h b/include/linux/slab.h ---- a/include/linux/slab.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/include/linux/slab.h 2018-05-22 19:56:23.703072002 +0100 -@@ -177,8 +177,8 @@ +diff --git a/include/linux/slab.h b/include/linux/slab.h +index 14e3fe4bd6a1..2b1d16e90e75 100644 +--- a/include/linux/slab.h ++++ b/include/linux/slab.h +@@ -178,8 +178,8 @@ void memcg_destroy_kmem_caches(struct mem_cgroup *); /* * Common kmalloc functions provided by all allocators */ @@ -871,7 +1010,7 @@ diff -Nur a/include/linux/slab.h b/include/linux/slab.h void kfree(const void *); void kzfree(const void *); size_t ksize(const void *); -@@ -351,7 +351,7 @@ +@@ -352,7 +352,7 @@ static __always_inline unsigned int kmalloc_index(size_t size) } #endif /* !CONFIG_SLOB */ @@ -880,7 +1019,7 @@ diff -Nur a/include/linux/slab.h b/include/linux/slab.h void *kmem_cache_alloc(struct kmem_cache *, gfp_t flags) __assume_slab_alignment __malloc; void kmem_cache_free(struct kmem_cache *, void *); -@@ -375,7 +375,7 @@ +@@ -376,7 +376,7 @@ static __always_inline void kfree_bulk(size_t size, void **p) } #ifdef CONFIG_NUMA @@ -889,7 +1028,7 @@ diff -Nur a/include/linux/slab.h b/include/linux/slab.h void *kmem_cache_alloc_node(struct kmem_cache *, gfp_t flags, int node) __assume_slab_alignment __malloc; #else static __always_inline void *__kmalloc_node(size_t size, gfp_t flags, int node) -@@ -497,7 +497,7 @@ +@@ -498,7 +498,7 @@ static __always_inline void *kmalloc_large(size_t size, gfp_t flags) * for general use, and so are not documented here. For a full list of * potential flags, always refer to linux/gfp.h. */ @@ -898,7 +1037,7 @@ diff -Nur a/include/linux/slab.h b/include/linux/slab.h { if (__builtin_constant_p(size)) { if (size > KMALLOC_MAX_CACHE_SIZE) -@@ -537,7 +537,7 @@ +@@ -538,7 +538,7 @@ static __always_inline unsigned int kmalloc_size(unsigned int n) return 0; } @@ -907,10 +1046,11 @@ diff -Nur a/include/linux/slab.h b/include/linux/slab.h { #ifndef CONFIG_SLOB if (__builtin_constant_p(size) && -diff -Nur a/include/linux/slub_def.h b/include/linux/slub_def.h ---- a/include/linux/slub_def.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/include/linux/slub_def.h 2018-05-22 19:56:23.703072002 +0100 -@@ -120,6 +120,11 @@ +diff --git a/include/linux/slub_def.h b/include/linux/slub_def.h +index 3a1a1dbc6f49..ff38fec9eb76 100644 +--- a/include/linux/slub_def.h ++++ b/include/linux/slub_def.h +@@ -121,6 +121,11 @@ struct kmem_cache { unsigned long random; #endif @@ -922,10 +1062,11 @@ diff -Nur a/include/linux/slub_def.h b/include/linux/slub_def.h #ifdef CONFIG_NUMA /* * Defragmentation by allocating from a remote node. -diff -Nur a/include/linux/string.h b/include/linux/string.h ---- a/include/linux/string.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/include/linux/string.h 2018-05-22 19:56:23.703072002 +0100 -@@ -235,10 +235,16 @@ +diff --git a/include/linux/string.h b/include/linux/string.h +index 4a5a0eb7df51..be86cf21d0ce 100644 +--- a/include/linux/string.h ++++ b/include/linux/string.h +@@ -235,10 +235,16 @@ void __read_overflow2(void) __compiletime_error("detected read beyond size of ob void __read_overflow3(void) __compiletime_error("detected read beyond size of object passed as 3rd parameter"); void __write_overflow(void) __compiletime_error("detected write beyond size of object passed as 1st parameter"); @@ -943,7 +1084,7 @@ diff -Nur a/include/linux/string.h b/include/linux/string.h if (__builtin_constant_p(size) && p_size < size) __write_overflow(); if (p_size < size) -@@ -248,7 +254,7 @@ +@@ -248,7 +254,7 @@ __FORTIFY_INLINE char *strncpy(char *p, const char *q, __kernel_size_t size) __FORTIFY_INLINE char *strcat(char *p, const char *q) { @@ -952,7 +1093,7 @@ diff -Nur a/include/linux/string.h b/include/linux/string.h if (p_size == (size_t)-1) return __builtin_strcat(p, q); if (strlcat(p, q, p_size) >= p_size) -@@ -259,7 +265,7 @@ +@@ -259,7 +265,7 @@ __FORTIFY_INLINE char *strcat(char *p, const char *q) __FORTIFY_INLINE __kernel_size_t strlen(const char *p) { __kernel_size_t ret; @@ -961,7 +1102,7 @@ diff -Nur a/include/linux/string.h b/include/linux/string.h /* Work around gcc excess stack consumption issue */ if (p_size == (size_t)-1 || -@@ -274,7 +280,7 @@ +@@ -274,7 +280,7 @@ __FORTIFY_INLINE __kernel_size_t strlen(const char *p) extern __kernel_size_t __real_strnlen(const char *, __kernel_size_t) __RENAME(strnlen); __FORTIFY_INLINE __kernel_size_t strnlen(const char *p, __kernel_size_t maxlen) { @@ -970,7 +1111,7 @@ diff -Nur a/include/linux/string.h b/include/linux/string.h __kernel_size_t ret = __real_strnlen(p, maxlen < p_size ? maxlen : p_size); if (p_size <= ret && maxlen != ret) fortify_panic(__func__); -@@ -286,8 +292,8 @@ +@@ -286,8 +292,8 @@ extern size_t __real_strlcpy(char *, const char *, size_t) __RENAME(strlcpy); __FORTIFY_INLINE size_t strlcpy(char *p, const char *q, size_t size) { size_t ret; @@ -981,7 +1122,7 @@ diff -Nur a/include/linux/string.h b/include/linux/string.h if (p_size == (size_t)-1 && q_size == (size_t)-1) return __real_strlcpy(p, q, size); ret = strlen(q); -@@ -307,8 +313,8 @@ +@@ -307,8 +313,8 @@ __FORTIFY_INLINE size_t strlcpy(char *p, const char *q, size_t size) __FORTIFY_INLINE char *strncat(char *p, const char *q, __kernel_size_t count) { size_t p_len, copy_len; @@ -992,7 +1133,7 @@ diff -Nur a/include/linux/string.h b/include/linux/string.h if (p_size == (size_t)-1 && q_size == (size_t)-1) return __builtin_strncat(p, q, count); p_len = strlen(p); -@@ -421,8 +427,8 @@ +@@ -421,8 +427,8 @@ __FORTIFY_INLINE void *kmemdup(const void *p, size_t size, gfp_t gfp) /* defined after fortified strlen and memcpy to reuse them */ __FORTIFY_INLINE char *strcpy(char *p, const char *q) { @@ -1003,10 +1144,40 @@ diff -Nur a/include/linux/string.h b/include/linux/string.h if (p_size == (size_t)-1 && q_size == (size_t)-1) return __builtin_strcpy(p, q); memcpy(p, q, strlen(q) + 1); -diff -Nur a/include/linux/vmalloc.h b/include/linux/vmalloc.h ---- a/include/linux/vmalloc.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/include/linux/vmalloc.h 2018-05-22 19:56:23.703072002 +0100 -@@ -68,19 +68,19 @@ +diff --git a/include/linux/tty.h b/include/linux/tty.h +index c56e3978b00f..1625c85f31f0 100644 +--- a/include/linux/tty.h ++++ b/include/linux/tty.h +@@ -14,6 +14,7 @@ + #include <uapi/linux/tty.h> + #include <linux/rwsem.h> + #include <linux/llist.h> ++#include <linux/user_namespace.h> + + + /* +@@ -336,6 +337,7 @@ struct tty_struct { + /* If the tty has a pending do_SAK, queue it here - akpm */ + struct work_struct SAK_work; + struct tty_port *port; ++ struct user_namespace *owner_user_ns; + } __randomize_layout; + + /* Each of a tty's open files has private_data pointing to tty_file_private */ +@@ -345,6 +347,8 @@ struct tty_file_private { + struct list_head list; + }; + ++extern int tiocsti_restrict; ++ + /* tty magic number */ + #define TTY_MAGIC 0x5401 + +diff --git a/include/linux/vmalloc.h b/include/linux/vmalloc.h +index 398e9c95cd61..baab7195306a 100644 +--- a/include/linux/vmalloc.h ++++ b/include/linux/vmalloc.h +@@ -69,19 +69,19 @@ static inline void vmalloc_init(void) } #endif @@ -1036,10 +1207,11 @@ diff -Nur a/include/linux/vmalloc.h b/include/linux/vmalloc.h #ifndef CONFIG_MMU extern void *__vmalloc_node_flags(unsigned long size, int node, gfp_t flags); static inline void *__vmalloc_node_flags_caller(unsigned long size, int node, -diff -Nur a/init/Kconfig b/init/Kconfig ---- a/init/Kconfig 2018-05-22 17:56:31.000000000 +0100 -+++ b/init/Kconfig 2018-05-22 19:56:23.704072035 +0100 -@@ -296,6 +296,7 @@ +diff --git a/init/Kconfig b/init/Kconfig +index 041f3a022122..0ddcf8b083d4 100644 +--- a/init/Kconfig ++++ b/init/Kconfig +@@ -294,6 +294,7 @@ config USELIB config AUDIT bool "Auditing support" depends on NET @@ -1047,7 +1219,7 @@ diff -Nur a/init/Kconfig b/init/Kconfig help Enable auditing infrastructure that can be used with another kernel subsystem, such as SELinux (which requires this for -@@ -1039,6 +1040,12 @@ +@@ -1036,6 +1037,12 @@ config CC_OPTIMIZE_FOR_SIZE endchoice @@ -1057,10 +1229,10 @@ diff -Nur a/init/Kconfig b/init/Kconfig + Zero-fill uninitialized local variables, other than variable-length + arrays. Requires compiler support. + - config SYSCTL + config HAVE_LD_DEAD_CODE_DATA_ELIMINATION bool - -@@ -1296,8 +1303,7 @@ + help +@@ -1319,8 +1326,7 @@ config SHMEM which may be appropriate on small systems without swap. config AIO @@ -1070,7 +1242,7 @@ diff -Nur a/init/Kconfig b/init/Kconfig help This option enables POSIX asynchronous I/O which may by used by some high performance threaded applications. Disabling -@@ -1502,7 +1508,7 @@ +@@ -1549,7 +1555,7 @@ config VM_EVENT_COUNTERS config SLUB_DEBUG default y @@ -1079,7 +1251,7 @@ diff -Nur a/init/Kconfig b/init/Kconfig depends on SLUB && SYSFS help SLUB has extensive debug support features. Disabling these can -@@ -1526,7 +1532,6 @@ +@@ -1573,7 +1579,6 @@ config SLUB_MEMCG_SYSFS_ON config COMPAT_BRK bool "Disable heap randomization" @@ -1087,7 +1259,7 @@ diff -Nur a/init/Kconfig b/init/Kconfig help Randomizing heap placement makes heap exploits harder, but it also breaks ancient binaries (including anything libc5 based). -@@ -1573,7 +1578,6 @@ +@@ -1620,7 +1625,6 @@ endchoice config SLAB_MERGE_DEFAULT bool "Allow slab caches to be merged" @@ -1095,7 +1267,7 @@ diff -Nur a/init/Kconfig b/init/Kconfig help For reduced kernel memory fragmentation, slab caches can be merged when they share the same size and other characteristics. -@@ -1586,9 +1590,9 @@ +@@ -1633,9 +1637,9 @@ config SLAB_MERGE_DEFAULT command line. config SLAB_FREELIST_RANDOM @@ -1106,7 +1278,7 @@ diff -Nur a/init/Kconfig b/init/Kconfig help Randomizes the freelist order used on creating new pages. This security feature reduces the predictability of the kernel slab -@@ -1597,12 +1601,56 @@ +@@ -1644,12 +1648,56 @@ config SLAB_FREELIST_RANDOM config SLAB_FREELIST_HARDENED bool "Harden slab freelist metadata" depends on SLUB @@ -1163,10 +1335,11 @@ diff -Nur a/init/Kconfig b/init/Kconfig config SLUB_CPU_PARTIAL default y depends on SLUB && SMP -diff -Nur a/kernel/audit.c b/kernel/audit.c ---- a/kernel/audit.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/kernel/audit.c 2018-05-22 19:56:23.704072035 +0100 -@@ -1578,6 +1578,9 @@ +diff --git a/kernel/audit.c b/kernel/audit.c +index e7478cb58079..69be132956df 100644 +--- a/kernel/audit.c ++++ b/kernel/audit.c +@@ -1631,6 +1631,9 @@ static int __init audit_enable(char *str) if (audit_default == AUDIT_OFF) audit_initialized = AUDIT_DISABLED; @@ -1174,12 +1347,13 @@ diff -Nur a/kernel/audit.c b/kernel/audit.c + audit_initialized = AUDIT_UNINITIALIZED; + if (audit_set_enabled(audit_default)) - panic("audit: error setting audit state (%d)\n", audit_default); - -diff -Nur a/kernel/bpf/core.c b/kernel/bpf/core.c ---- a/kernel/bpf/core.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/kernel/bpf/core.c 2018-05-22 19:56:23.705072067 +0100 -@@ -302,7 +302,7 @@ + pr_err("audit: error setting audit state (%d)\n", + audit_default); +diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c +index 1e5625d46414..71cac92b6629 100644 +--- a/kernel/bpf/core.c ++++ b/kernel/bpf/core.c +@@ -367,7 +367,7 @@ void bpf_prog_kallsyms_del_all(struct bpf_prog *fp) #ifdef CONFIG_BPF_JIT /* All BPF JIT sysctl knobs here. */ int bpf_jit_enable __read_mostly = IS_BUILTIN(CONFIG_BPF_JIT_ALWAYS_ON); @@ -1188,10 +1362,11 @@ diff -Nur a/kernel/bpf/core.c b/kernel/bpf/core.c int bpf_jit_kallsyms __read_mostly; static __always_inline void -diff -Nur a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c ---- a/kernel/bpf/syscall.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/kernel/bpf/syscall.c 2018-05-22 19:56:23.705072067 +0100 -@@ -42,7 +42,7 @@ +diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c +index a31a1ba0f8ea..1d5093b51c63 100644 +--- a/kernel/bpf/syscall.c ++++ b/kernel/bpf/syscall.c +@@ -48,7 +48,7 @@ static DEFINE_SPINLOCK(prog_idr_lock); static DEFINE_IDR(map_idr); static DEFINE_SPINLOCK(map_idr_lock); @@ -1200,10 +1375,11 @@ diff -Nur a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c static const struct bpf_map_ops * const bpf_map_types[] = { #define BPF_PROG_TYPE(_id, _ops) -diff -Nur a/kernel/capability.c b/kernel/capability.c ---- a/kernel/capability.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/kernel/capability.c 2018-05-22 19:56:23.705072067 +0100 -@@ -431,6 +431,12 @@ +diff --git a/kernel/capability.c b/kernel/capability.c +index 1e1c0236f55b..452062fe45ce 100644 +--- a/kernel/capability.c ++++ b/kernel/capability.c +@@ -431,6 +431,12 @@ bool capable(int cap) return ns_capable(&init_user_ns, cap); } EXPORT_SYMBOL(capable); @@ -1216,10 +1392,11 @@ diff -Nur a/kernel/capability.c b/kernel/capability.c #endif /* CONFIG_MULTIUSER */ /** -diff -Nur a/kernel/events/core.c b/kernel/events/core.c ---- a/kernel/events/core.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/kernel/events/core.c 2018-05-22 19:56:23.707072133 +0100 -@@ -397,8 +397,13 @@ +diff --git a/kernel/events/core.c b/kernel/events/core.c +index eec2d5fb676b..9040756bbb0a 100644 +--- a/kernel/events/core.c ++++ b/kernel/events/core.c +@@ -397,8 +397,13 @@ static cpumask_var_t perf_online_mask; * 0 - disallow raw tracepoint access for unpriv * 1 - disallow cpu events for unpriv * 2 - disallow kernel profiling for unpriv @@ -1233,7 +1410,7 @@ diff -Nur a/kernel/events/core.c b/kernel/events/core.c /* Minimum for 512 kiB + 1 user control page */ int sysctl_perf_event_mlock __read_mostly = 512 + (PAGE_SIZE / 1024); /* 'free' kiB per user */ -@@ -9921,6 +9926,9 @@ +@@ -10408,6 +10413,9 @@ SYSCALL_DEFINE5(perf_event_open, if (flags & ~PERF_FLAG_ALL) return -EINVAL; @@ -1243,9 +1420,10 @@ diff -Nur a/kernel/events/core.c b/kernel/events/core.c err = perf_copy_attr(attr_uptr, &attr); if (err) return err; -diff -Nur a/kernel/fork.c b/kernel/fork.c ---- a/kernel/fork.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/kernel/fork.c 2018-05-22 19:56:23.708072166 +0100 +diff --git a/kernel/fork.c b/kernel/fork.c +index 1b27babc4c78..a88dd3ccd31c 100644 +--- a/kernel/fork.c ++++ b/kernel/fork.c @@ -103,6 +103,11 @@ #define CREATE_TRACE_POINTS @@ -1258,7 +1436,7 @@ diff -Nur a/kernel/fork.c b/kernel/fork.c /* * Minimum number of threads to boot the kernel -@@ -1591,6 +1596,10 @@ +@@ -1624,6 +1629,10 @@ static __latent_entropy struct task_struct *copy_process( if ((clone_flags & (CLONE_NEWUSER|CLONE_FS)) == (CLONE_NEWUSER|CLONE_FS)) return ERR_PTR(-EINVAL); @@ -1269,7 +1447,7 @@ diff -Nur a/kernel/fork.c b/kernel/fork.c /* * Thread groups must share signals as well, and detached threads * can only be started up within the thread group. -@@ -2385,6 +2394,12 @@ +@@ -2420,6 +2429,12 @@ int ksys_unshare(unsigned long unshare_flags) if (unshare_flags & CLONE_NEWNS) unshare_flags |= CLONE_FS; @@ -1282,10 +1460,11 @@ diff -Nur a/kernel/fork.c b/kernel/fork.c err = check_unshare_flags(unshare_flags); if (err) goto bad_unshare_out; -diff -Nur a/kernel/power/snapshot.c b/kernel/power/snapshot.c ---- a/kernel/power/snapshot.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/kernel/power/snapshot.c 2018-05-22 19:56:23.708072166 +0100 -@@ -1138,7 +1138,7 @@ +diff --git a/kernel/power/snapshot.c b/kernel/power/snapshot.c +index 3d37c279c090..0789ca413f09 100644 +--- a/kernel/power/snapshot.c ++++ b/kernel/power/snapshot.c +@@ -1138,7 +1138,7 @@ void free_basic_memory_bitmaps(void) void clear_free_pages(void) { @@ -1294,7 +1473,7 @@ diff -Nur a/kernel/power/snapshot.c b/kernel/power/snapshot.c struct memory_bitmap *bm = free_pages_map; unsigned long pfn; -@@ -1155,7 +1155,7 @@ +@@ -1155,7 +1155,7 @@ void clear_free_pages(void) } memory_bm_position_reset(bm); pr_info("free pages cleared after restore\n"); @@ -1303,10 +1482,11 @@ diff -Nur a/kernel/power/snapshot.c b/kernel/power/snapshot.c } /** -diff -Nur a/kernel/rcu/tiny.c b/kernel/rcu/tiny.c ---- a/kernel/rcu/tiny.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/kernel/rcu/tiny.c 2018-05-22 19:56:23.708072166 +0100 -@@ -164,7 +164,7 @@ +diff --git a/kernel/rcu/tiny.c b/kernel/rcu/tiny.c +index a64eee0db39e..4d7de378fe4c 100644 +--- a/kernel/rcu/tiny.c ++++ b/kernel/rcu/tiny.c +@@ -164,7 +164,7 @@ static void __rcu_process_callbacks(struct rcu_ctrlblk *rcp) } } @@ -1315,10 +1495,11 @@ diff -Nur a/kernel/rcu/tiny.c b/kernel/rcu/tiny.c { __rcu_process_callbacks(&rcu_sched_ctrlblk); __rcu_process_callbacks(&rcu_bh_ctrlblk); -diff -Nur a/kernel/rcu/tree.c b/kernel/rcu/tree.c ---- a/kernel/rcu/tree.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/kernel/rcu/tree.c 2018-05-22 19:56:23.709072199 +0100 -@@ -2906,7 +2906,7 @@ +diff --git a/kernel/rcu/tree.c b/kernel/rcu/tree.c +index aa7cade1b9f3..d6be47e1c86f 100644 +--- a/kernel/rcu/tree.c ++++ b/kernel/rcu/tree.c +@@ -2791,7 +2791,7 @@ __rcu_process_callbacks(struct rcu_state *rsp) /* * Do RCU core processing for the current CPU. */ @@ -1327,10 +1508,11 @@ diff -Nur a/kernel/rcu/tree.c b/kernel/rcu/tree.c { struct rcu_state *rsp; -diff -Nur a/kernel/sched/fair.c b/kernel/sched/fair.c ---- a/kernel/sched/fair.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/kernel/sched/fair.c 2018-05-22 19:56:23.711072264 +0100 -@@ -9387,7 +9387,7 @@ +diff --git a/kernel/sched/fair.c b/kernel/sched/fair.c +index 9c219f7b0970..963a68e64593 100644 +--- a/kernel/sched/fair.c ++++ b/kernel/sched/fair.c +@@ -9862,7 +9862,7 @@ static int idle_balance(struct rq *this_rq, struct rq_flags *rf) * run_rebalance_domains is triggered when needed from the scheduler tick. * Also triggered for nohz idle balancing (with nohz_balancing_kick set). */ @@ -1339,11 +1521,12 @@ diff -Nur a/kernel/sched/fair.c b/kernel/sched/fair.c { struct rq *this_rq = this_rq(); enum cpu_idle_type idle = this_rq->idle_balance ? -diff -Nur a/kernel/softirq.c b/kernel/softirq.c ---- a/kernel/softirq.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/kernel/softirq.c 2018-05-22 19:56:23.711072264 +0100 -@@ -53,7 +53,7 @@ - EXPORT_SYMBOL(irq_stat); +diff --git a/kernel/softirq.c b/kernel/softirq.c +index 6f584861d329..1943fe60f3b9 100644 +--- a/kernel/softirq.c ++++ b/kernel/softirq.c +@@ -53,7 +53,7 @@ DEFINE_PER_CPU_ALIGNED(irq_cpustat_t, irq_stat); + EXPORT_PER_CPU_SYMBOL(irq_stat); #endif -static struct softirq_action softirq_vec[NR_SOFTIRQS] __cacheline_aligned_in_smp; @@ -1351,7 +1534,7 @@ diff -Nur a/kernel/softirq.c b/kernel/softirq.c DEFINE_PER_CPU(struct task_struct *, ksoftirqd); -@@ -282,7 +282,7 @@ +@@ -289,7 +289,7 @@ asmlinkage __visible void __softirq_entry __do_softirq(void) kstat_incr_softirqs_this_cpu(vec_nr); trace_softirq_entry(vec_nr); @@ -1360,7 +1543,7 @@ diff -Nur a/kernel/softirq.c b/kernel/softirq.c trace_softirq_exit(vec_nr); if (unlikely(prev_count != preempt_count())) { pr_err("huh, entered softirq %u %s %p with preempt_count %08x, exited with %08x?\n", -@@ -444,7 +444,7 @@ +@@ -451,7 +451,7 @@ void __raise_softirq_irqoff(unsigned int nr) or_softirq_pending(1UL << nr); } @@ -1369,28 +1552,48 @@ diff -Nur a/kernel/softirq.c b/kernel/softirq.c { softirq_vec[nr].action = action; } -@@ -486,7 +486,7 @@ +@@ -497,8 +497,7 @@ void __tasklet_hi_schedule(struct tasklet_struct *t) } EXPORT_SYMBOL(__tasklet_hi_schedule); --static __latent_entropy void tasklet_action(struct softirq_action *a) -+static __latent_entropy void tasklet_action(void) +-static void tasklet_action_common(struct softirq_action *a, +- struct tasklet_head *tl_head, ++static void tasklet_action_common(struct tasklet_head *tl_head, + unsigned int softirq_nr) { struct tasklet_struct *list; - -@@ -522,7 +522,7 @@ +@@ -535,14 +534,14 @@ static void tasklet_action_common(struct softirq_action *a, } } +-static __latent_entropy void tasklet_action(struct softirq_action *a) ++static __latent_entropy void tasklet_action(void) + { +- tasklet_action_common(a, this_cpu_ptr(&tasklet_vec), TASKLET_SOFTIRQ); ++ tasklet_action_common(this_cpu_ptr(&tasklet_vec), TASKLET_SOFTIRQ); + } + -static __latent_entropy void tasklet_hi_action(struct softirq_action *a) +static __latent_entropy void tasklet_hi_action(void) { - struct tasklet_struct *list; +- tasklet_action_common(a, this_cpu_ptr(&tasklet_hi_vec), HI_SOFTIRQ); ++ tasklet_action_common(this_cpu_ptr(&tasklet_hi_vec), HI_SOFTIRQ); + } -diff -Nur a/kernel/sysctl.c b/kernel/sysctl.c ---- a/kernel/sysctl.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/kernel/sysctl.c 2018-05-22 19:56:23.711072264 +0100 -@@ -99,12 +99,19 @@ + void tasklet_init(struct tasklet_struct *t, +diff --git a/kernel/sysctl.c b/kernel/sysctl.c +index 2d9837c0aff4..852fea68d574 100644 +--- a/kernel/sysctl.c ++++ b/kernel/sysctl.c +@@ -67,6 +67,7 @@ + #include <linux/bpf.h> + #include <linux/mount.h> + #include <linux/pipe_fs_i.h> ++#include <linux/tty.h> + + #include <linux/uaccess.h> + #include <asm/processor.h> +@@ -99,12 +100,19 @@ #if defined(CONFIG_SYSCTL) /* External variables not in a header file. */ @@ -1410,7 +1613,7 @@ diff -Nur a/kernel/sysctl.c b/kernel/sysctl.c extern int pid_max; extern int pid_max_min, pid_max_max; extern int percpu_pagelist_fraction; -@@ -116,40 +123,43 @@ +@@ -116,40 +124,43 @@ extern int sysctl_nr_trim_pages; /* Constants used for minimum and maximum */ #ifdef CONFIG_LOCKUP_DETECTOR @@ -1469,7 +1672,7 @@ diff -Nur a/kernel/sysctl.c b/kernel/sysctl.c #ifdef CONFIG_INOTIFY_USER #include <linux/inotify.h> #endif -@@ -289,19 +299,19 @@ +@@ -293,19 +304,19 @@ static struct ctl_table sysctl_base_table[] = { }; #ifdef CONFIG_SCHED_DEBUG @@ -1497,7 +1700,7 @@ diff -Nur a/kernel/sysctl.c b/kernel/sysctl.c #endif static struct ctl_table kern_table[] = { -@@ -515,6 +525,15 @@ +@@ -519,6 +530,15 @@ static struct ctl_table kern_table[] = { .proc_handler = proc_dointvec, }, #endif @@ -1513,10 +1716,23 @@ diff -Nur a/kernel/sysctl.c b/kernel/sysctl.c #ifdef CONFIG_PROC_SYSCTL { .procname = "tainted", -@@ -858,6 +877,26 @@ +@@ -867,6 +887,37 @@ static struct ctl_table kern_table[] = { + .extra1 = &zero, + .extra2 = &two, }, - #endif - { ++#endif ++#if defined CONFIG_TTY ++ { ++ .procname = "tiocsti_restrict", ++ .data = &tiocsti_restrict, ++ .maxlen = sizeof(int), ++ .mode = 0644, ++ .proc_handler = proc_dointvec_minmax_sysadmin, ++ .extra1 = &zero, ++ .extra2 = &one, ++ }, ++#endif ++ { + .procname = "device_sidechannel_restrict", + .data = &device_sidechannel_restrict, + .maxlen = sizeof(int), @@ -1535,15 +1751,14 @@ diff -Nur a/kernel/sysctl.c b/kernel/sysctl.c + .extra1 = &zero, + .extra2 = &one, + }, -+#endif -+ { + #endif + { .procname = "ngroups_max", - .data = &ngroups_max, - .maxlen = sizeof (int), -diff -Nur a/kernel/time/hrtimer.c b/kernel/time/hrtimer.c ---- a/kernel/time/hrtimer.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/kernel/time/hrtimer.c 2018-05-22 19:56:23.712072297 +0100 -@@ -1413,7 +1413,7 @@ +diff --git a/kernel/time/hrtimer.c b/kernel/time/hrtimer.c +index 3e93c54bd3a1..0fed811ed850 100644 +--- a/kernel/time/hrtimer.c ++++ b/kernel/time/hrtimer.c +@@ -1462,7 +1462,7 @@ static void __hrtimer_run_queues(struct hrtimer_cpu_base *cpu_base, ktime_t now, } } @@ -1552,10 +1767,11 @@ diff -Nur a/kernel/time/hrtimer.c b/kernel/time/hrtimer.c { struct hrtimer_cpu_base *cpu_base = this_cpu_ptr(&hrtimer_bases); unsigned long flags; -diff -Nur a/kernel/time/timer.c b/kernel/time/timer.c ---- a/kernel/time/timer.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/kernel/time/timer.c 2018-05-22 19:56:23.712072297 +0100 -@@ -1672,7 +1672,7 @@ +diff --git a/kernel/time/timer.c b/kernel/time/timer.c +index cc2d23e6ff61..438be7646454 100644 +--- a/kernel/time/timer.c ++++ b/kernel/time/timer.c +@@ -1672,7 +1672,7 @@ static inline void __run_timers(struct timer_base *base) /* * This function runs timers and the timer-tq in bottom half context. */ @@ -1564,9 +1780,10 @@ diff -Nur a/kernel/time/timer.c b/kernel/time/timer.c { struct timer_base *base = this_cpu_ptr(&timer_bases[BASE_STD]); -diff -Nur a/kernel/user_namespace.c b/kernel/user_namespace.c ---- a/kernel/user_namespace.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/kernel/user_namespace.c 2018-05-22 19:56:23.713072330 +0100 +diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c +index c3d7583fcd21..6ee37e516869 100644 +--- a/kernel/user_namespace.c ++++ b/kernel/user_namespace.c @@ -26,6 +26,9 @@ #include <linux/bsearch.h> #include <linux/sort.h> @@ -1577,22 +1794,11 @@ diff -Nur a/kernel/user_namespace.c b/kernel/user_namespace.c static struct kmem_cache *user_ns_cachep __read_mostly; static DEFINE_MUTEX(userns_state_mutex); -diff -Nur a/lib/irq_poll.c b/lib/irq_poll.c ---- a/lib/irq_poll.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/lib/irq_poll.c 2018-05-22 19:56:23.713072330 +0100 -@@ -75,7 +75,7 @@ - } - EXPORT_SYMBOL(irq_poll_complete); - --static void __latent_entropy irq_poll_softirq(struct softirq_action *h) -+static void __latent_entropy irq_poll_softirq(void) - { - struct list_head *list = this_cpu_ptr(&blk_cpu_iopoll); - int rearm = 0, budget = irq_poll_budget; -diff -Nur a/lib/Kconfig.debug b/lib/Kconfig.debug ---- a/lib/Kconfig.debug 2018-05-22 17:56:31.000000000 +0100 -+++ b/lib/Kconfig.debug 2018-05-22 19:56:23.713072330 +0100 -@@ -945,6 +945,7 @@ +diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug +index 8838d1158d19..a208770a0e9e 100644 +--- a/lib/Kconfig.debug ++++ b/lib/Kconfig.debug +@@ -945,6 +945,7 @@ endmenu # "Debug lockups and hangs" config PANIC_ON_OOPS bool "Panic on Oops" @@ -1600,7 +1806,7 @@ diff -Nur a/lib/Kconfig.debug b/lib/Kconfig.debug help Say Y here to enable the kernel to panic when it oopses. This has the same effect as setting oops=panic on the kernel command -@@ -954,7 +955,7 @@ +@@ -954,7 +955,7 @@ config PANIC_ON_OOPS anything erroneous after an oops which could result in data corruption or other issues. @@ -1609,7 +1815,7 @@ diff -Nur a/lib/Kconfig.debug b/lib/Kconfig.debug config PANIC_ON_OOPS_VALUE int -@@ -1309,6 +1310,7 @@ +@@ -1323,6 +1324,7 @@ config DEBUG_BUGVERBOSE config DEBUG_LIST bool "Debug linked list manipulation" depends on DEBUG_KERNEL || BUG_ON_DATA_CORRUPTION @@ -1617,7 +1823,7 @@ diff -Nur a/lib/Kconfig.debug b/lib/Kconfig.debug help Enable this to turn on extended checks in the linked-list walking routines. -@@ -1949,6 +1951,7 @@ +@@ -1983,6 +1985,7 @@ config MEMTEST config BUG_ON_DATA_CORRUPTION bool "Trigger a BUG when data corruption is detected" select DEBUG_LIST @@ -1625,7 +1831,7 @@ diff -Nur a/lib/Kconfig.debug b/lib/Kconfig.debug help Select this option if the kernel should BUG when it encounters data corruption in kernel memory structures when they get checked -@@ -1988,6 +1991,7 @@ +@@ -2022,6 +2025,7 @@ config STRICT_DEVMEM config IO_STRICT_DEVMEM bool "Filter I/O access to /dev/mem" depends on STRICT_DEVMEM @@ -1633,10 +1839,24 @@ diff -Nur a/lib/Kconfig.debug b/lib/Kconfig.debug ---help--- If this option is disabled, you allow userspace (root) access to all io-memory regardless of whether a driver is actively using that -diff -Nur a/lib/kobject.c b/lib/kobject.c ---- a/lib/kobject.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/lib/kobject.c 2018-05-22 19:56:23.713072330 +0100 -@@ -954,9 +954,9 @@ +diff --git a/lib/irq_poll.c b/lib/irq_poll.c +index 86a709954f5a..6f15787fcb1b 100644 +--- a/lib/irq_poll.c ++++ b/lib/irq_poll.c +@@ -75,7 +75,7 @@ void irq_poll_complete(struct irq_poll *iop) + } + EXPORT_SYMBOL(irq_poll_complete); + +-static void __latent_entropy irq_poll_softirq(struct softirq_action *h) ++static void __latent_entropy irq_poll_softirq(void) + { + struct list_head *list = this_cpu_ptr(&blk_cpu_iopoll); + int rearm = 0, budget = irq_poll_budget; +diff --git a/lib/kobject.c b/lib/kobject.c +index 18989b5b3b56..bd46da8243a6 100644 +--- a/lib/kobject.c ++++ b/lib/kobject.c +@@ -952,9 +952,9 @@ EXPORT_SYMBOL_GPL(kset_create_and_add); static DEFINE_SPINLOCK(kobj_ns_type_lock); @@ -1648,10 +1868,11 @@ diff -Nur a/lib/kobject.c b/lib/kobject.c { enum kobj_ns_type type = ops->type; int error; -diff -Nur a/lib/nlattr.c b/lib/nlattr.c ---- a/lib/nlattr.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/lib/nlattr.c 2018-05-22 19:56:23.714072363 +0100 -@@ -364,6 +364,8 @@ +diff --git a/lib/nlattr.c b/lib/nlattr.c +index dfa55c873c13..c6b0436f473d 100644 +--- a/lib/nlattr.c ++++ b/lib/nlattr.c +@@ -364,6 +364,8 @@ int nla_memcpy(void *dest, const struct nlattr *src, int count) { int minlen = min_t(int, count, nla_len(src)); @@ -1660,11 +1881,12 @@ diff -Nur a/lib/nlattr.c b/lib/nlattr.c memcpy(dest, nla_data(src), minlen); if (count > minlen) memset(dest + minlen, 0, count - minlen); -diff -Nur a/lib/vsprintf.c b/lib/vsprintf.c ---- a/lib/vsprintf.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/lib/vsprintf.c 2018-05-22 19:56:23.714072363 +0100 -@@ -1344,7 +1344,7 @@ - return string(buf, end, uuid, spec); +diff --git a/lib/vsprintf.c b/lib/vsprintf.c +index a48aaa79d352..a57213b70cad 100644 +--- a/lib/vsprintf.c ++++ b/lib/vsprintf.c +@@ -1371,7 +1371,7 @@ char *pointer_string(char *buf, char *end, const void *ptr, + return number(buf, end, (unsigned long int)ptr, spec); } -int kptr_restrict __read_mostly; @@ -1672,23 +1894,11 @@ diff -Nur a/lib/vsprintf.c b/lib/vsprintf.c static noinline_for_stack char *restricted_pointer(char *buf, char *end, const void *ptr, -diff -Nur a/Makefile b/Makefile ---- a/Makefile 2018-05-22 17:56:31.000000000 +0100 -+++ b/Makefile 2018-05-22 19:56:23.692071641 +0100 -@@ -734,6 +734,9 @@ - endif - - ifeq ($(cc-name),clang) -+ifdef CONFIG_LOCAL_INIT -+KBUILD_CFLAGS += -fsanitize=local-init -+endif - KBUILD_CPPFLAGS += $(call cc-option,-Qunused-arguments,) - KBUILD_CFLAGS += $(call cc-disable-warning, format-invalid-specifier) - KBUILD_CFLAGS += $(call cc-disable-warning, gnu) -diff -Nur a/mm/Kconfig b/mm/Kconfig ---- a/mm/Kconfig 2018-05-22 17:56:31.000000000 +0100 -+++ b/mm/Kconfig 2018-05-22 19:56:23.714072363 +0100 -@@ -319,7 +319,8 @@ +diff --git a/mm/Kconfig b/mm/Kconfig +index ce95491abd6a..19b62893da3d 100644 +--- a/mm/Kconfig ++++ b/mm/Kconfig +@@ -312,7 +312,8 @@ config KSM config DEFAULT_MMAP_MIN_ADDR int "Low address space to protect from user allocation" depends on MMU @@ -1698,10 +1908,11 @@ diff -Nur a/mm/Kconfig b/mm/Kconfig help This is the portion of low virtual memory which should be protected from userspace allocation. Keeping a user from writing to low pages -diff -Nur a/mm/mmap.c b/mm/mmap.c ---- a/mm/mmap.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/mm/mmap.c 2018-05-22 19:56:23.715072396 +0100 -@@ -220,6 +220,13 @@ +diff --git a/mm/mmap.c b/mm/mmap.c +index 17bbf4d3e24f..40ac799db35b 100644 +--- a/mm/mmap.c ++++ b/mm/mmap.c +@@ -229,6 +229,13 @@ SYSCALL_DEFINE1(brk, unsigned long, brk) newbrk = PAGE_ALIGN(brk); oldbrk = PAGE_ALIGN(mm->brk); @@ -1715,10 +1926,11 @@ diff -Nur a/mm/mmap.c b/mm/mmap.c if (oldbrk == newbrk) goto set_brk; -diff -Nur a/mm/page_alloc.c b/mm/page_alloc.c ---- a/mm/page_alloc.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/mm/page_alloc.c 2018-05-22 19:56:23.716072429 +0100 -@@ -68,6 +68,7 @@ +diff --git a/mm/page_alloc.c b/mm/page_alloc.c +index 3222193c46c6..b8e36bed196d 100644 +--- a/mm/page_alloc.c ++++ b/mm/page_alloc.c +@@ -67,6 +67,7 @@ #include <linux/ftrace.h> #include <linux/lockdep.h> #include <linux/nmi.h> @@ -1726,7 +1938,7 @@ diff -Nur a/mm/page_alloc.c b/mm/page_alloc.c #include <asm/sections.h> #include <asm/tlbflush.h> -@@ -101,6 +102,15 @@ +@@ -100,6 +101,15 @@ int _node_numa_mem_[MAX_NUMNODES]; DEFINE_MUTEX(pcpu_drain_mutex); DEFINE_PER_CPU(struct work_struct, pcpu_drain); @@ -1742,7 +1954,7 @@ diff -Nur a/mm/page_alloc.c b/mm/page_alloc.c #ifdef CONFIG_GCC_PLUGIN_LATENT_ENTROPY volatile unsigned long latent_entropy __latent_entropy; EXPORT_SYMBOL(latent_entropy); -@@ -1069,6 +1079,13 @@ +@@ -1027,6 +1037,13 @@ static __always_inline bool free_pages_prepare(struct page *page, debug_check_no_obj_freed(page_address(page), PAGE_SIZE << order); } @@ -1756,7 +1968,7 @@ diff -Nur a/mm/page_alloc.c b/mm/page_alloc.c arch_free_page(page, order); kernel_poison_pages(page, 1 << order, 0); kernel_map_pages(page, 1 << order, 0); -@@ -1286,6 +1303,21 @@ +@@ -1267,6 +1284,21 @@ static void __init __free_pages_boot_core(struct page *page, unsigned int order) __ClearPageReserved(p); set_page_count(p, 0); @@ -1778,7 +1990,7 @@ diff -Nur a/mm/page_alloc.c b/mm/page_alloc.c page_zone(page)->managed_pages += nr_pages; set_page_refcounted(page); __free_pages(page, order); -@@ -1754,8 +1786,8 @@ +@@ -1855,8 +1887,8 @@ static inline int check_new_page(struct page *page) static inline bool free_pages_prezeroed(void) { @@ -1789,7 +2001,7 @@ diff -Nur a/mm/page_alloc.c b/mm/page_alloc.c } #ifdef CONFIG_DEBUG_VM -@@ -1812,6 +1844,11 @@ +@@ -1913,6 +1945,11 @@ static void prep_new_page(struct page *page, unsigned int order, gfp_t gfp_flags post_alloc_hook(page, order, gfp_flags); @@ -1801,44 +2013,11 @@ diff -Nur a/mm/page_alloc.c b/mm/page_alloc.c if (!free_pages_prezeroed() && (gfp_flags & __GFP_ZERO)) for (i = 0; i < (1 << order); i++) clear_highpage(page + i); -diff -Nur a/mm/slab_common.c b/mm/slab_common.c ---- a/mm/slab_common.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/mm/slab_common.c 2018-05-22 19:56:23.717072461 +0100 -@@ -26,10 +26,10 @@ - - #include "slab.h" - --enum slab_state slab_state; -+enum slab_state slab_state __ro_after_init; - LIST_HEAD(slab_caches); - DEFINE_MUTEX(slab_mutex); --struct kmem_cache *kmem_cache; -+struct kmem_cache *kmem_cache __ro_after_init; - - #ifdef CONFIG_HARDENED_USERCOPY - bool usercopy_fallback __ro_after_init = -@@ -57,7 +57,7 @@ - /* - * Merge control. If this is set then no merging of slab caches will occur. - */ --static bool slab_nomerge = !IS_ENABLED(CONFIG_SLAB_MERGE_DEFAULT); -+static bool slab_nomerge __ro_after_init = !IS_ENABLED(CONFIG_SLAB_MERGE_DEFAULT); - - static int __init setup_slab_nomerge(char *str) - { -@@ -968,7 +968,7 @@ - * of two cache sizes there. The size of larger slabs can be determined using - * fls. - */ --static s8 size_index[24] = { -+static s8 size_index[24] __ro_after_init = { - 3, /* 8 */ - 4, /* 16 */ - 5, /* 24 */ -diff -Nur a/mm/slab.h b/mm/slab.h ---- a/mm/slab.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/mm/slab.h 2018-05-22 19:56:23.717072461 +0100 -@@ -312,7 +312,11 @@ +diff --git a/mm/slab.h b/mm/slab.h +index 68bdf498da3b..079ff5df3b16 100644 +--- a/mm/slab.h ++++ b/mm/slab.h +@@ -313,7 +313,11 @@ static inline bool is_root_cache(struct kmem_cache *s) static inline bool slab_equal_or_root(struct kmem_cache *s, struct kmem_cache *p) { @@ -1850,7 +2029,7 @@ diff -Nur a/mm/slab.h b/mm/slab.h } static inline const char *cache_name(struct kmem_cache *s) -@@ -364,18 +368,26 @@ +@@ -365,18 +369,26 @@ static inline struct kmem_cache *cache_from_obj(struct kmem_cache *s, void *x) * to not do even the assignment. In that case, slab_equal_or_root * will also be a constant. */ @@ -1878,7 +2057,7 @@ diff -Nur a/mm/slab.h b/mm/slab.h return s; } -@@ -400,7 +412,7 @@ +@@ -401,7 +413,7 @@ static inline size_t slab_ksize(const struct kmem_cache *s) * back there or track user information then we can * only use the space before that information. */ @@ -1887,10 +2066,37 @@ diff -Nur a/mm/slab.h b/mm/slab.h return s->inuse; /* * Else we can use all the padding etc for the allocation -diff -Nur a/mm/slub.c b/mm/slub.c ---- a/mm/slub.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/mm/slub.c 2018-05-22 19:56:23.718072494 +0100 -@@ -125,6 +125,16 @@ +diff --git a/mm/slab_common.c b/mm/slab_common.c +index 2296caf87bfb..7abd5a11e12d 100644 +--- a/mm/slab_common.c ++++ b/mm/slab_common.c +@@ -27,10 +27,10 @@ + + #include "slab.h" + +-enum slab_state slab_state; ++enum slab_state slab_state __ro_after_init; + LIST_HEAD(slab_caches); + DEFINE_MUTEX(slab_mutex); +-struct kmem_cache *kmem_cache; ++struct kmem_cache *kmem_cache __ro_after_init; + + #ifdef CONFIG_HARDENED_USERCOPY + bool usercopy_fallback __ro_after_init = +@@ -58,7 +58,7 @@ static DECLARE_WORK(slab_caches_to_rcu_destroy_work, + /* + * Merge control. If this is set then no merging of slab caches will occur. + */ +-static bool slab_nomerge = !IS_ENABLED(CONFIG_SLAB_MERGE_DEFAULT); ++static bool slab_nomerge __ro_after_init = !IS_ENABLED(CONFIG_SLAB_MERGE_DEFAULT); + + static int __init setup_slab_nomerge(char *str) + { +diff --git a/mm/slub.c b/mm/slub.c +index 51258eff4178..075266bfbccf 100644 +--- a/mm/slub.c ++++ b/mm/slub.c +@@ -125,6 +125,16 @@ static inline int kmem_cache_debug(struct kmem_cache *s) #endif } @@ -1907,7 +2113,7 @@ diff -Nur a/mm/slub.c b/mm/slub.c void *fixup_red_left(struct kmem_cache *s, void *p) { if (kmem_cache_debug(s) && s->flags & SLAB_RED_ZONE) -@@ -299,6 +309,35 @@ +@@ -299,6 +309,35 @@ static inline void set_freepointer(struct kmem_cache *s, void *object, void *fp) *(void **)freeptr_addr = freelist_ptr(s, fp, freeptr_addr); } @@ -1943,7 +2149,7 @@ diff -Nur a/mm/slub.c b/mm/slub.c /* Loop over all objects in a slab */ #define for_each_object(__p, __s, __addr, __objects) \ for (__p = fixup_red_left(__s, __addr); \ -@@ -486,13 +525,13 @@ +@@ -471,13 +510,13 @@ static inline void *restore_red_left(struct kmem_cache *s, void *p) * Debug settings: */ #if defined(CONFIG_SLUB_DEBUG_ON) @@ -1961,7 +2167,7 @@ diff -Nur a/mm/slub.c b/mm/slub.c /* * slub is about to manipulate internal object metadata. This memory lies -@@ -552,6 +591,9 @@ +@@ -537,6 +576,9 @@ static struct track *get_track(struct kmem_cache *s, void *object, else p = object + s->inuse; @@ -1971,7 +2177,7 @@ diff -Nur a/mm/slub.c b/mm/slub.c return p + alloc; } -@@ -690,6 +732,9 @@ +@@ -676,6 +718,9 @@ static void print_trailer(struct kmem_cache *s, struct page *page, u8 *p) else off = s->inuse; @@ -1981,7 +2187,7 @@ diff -Nur a/mm/slub.c b/mm/slub.c if (s->flags & SLAB_STORE_USER) off += 2 * sizeof(struct track); -@@ -819,6 +864,9 @@ +@@ -805,6 +850,9 @@ static int check_pad_bytes(struct kmem_cache *s, struct page *page, u8 *p) /* Freepointer is placed after the object. */ off += sizeof(void *); @@ -1991,7 +2197,7 @@ diff -Nur a/mm/slub.c b/mm/slub.c if (s->flags & SLAB_STORE_USER) /* We also have user information there */ off += 2 * sizeof(struct track); -@@ -1420,8 +1468,9 @@ +@@ -1419,8 +1467,9 @@ static void setup_object(struct kmem_cache *s, struct page *page, void *object) { setup_object_debug(s, page, object); @@ -2002,7 +2208,7 @@ diff -Nur a/mm/slub.c b/mm/slub.c kasan_unpoison_object_data(s, object); s->ctor(object); kasan_poison_object_data(s, object); -@@ -2719,9 +2768,21 @@ +@@ -2702,9 +2751,21 @@ static __always_inline void *slab_alloc_node(struct kmem_cache *s, stat(s, ALLOC_FASTPATH); } @@ -2025,7 +2231,7 @@ diff -Nur a/mm/slub.c b/mm/slub.c slab_post_alloc_hook(s, gfpflags, 1, &object); return object; -@@ -2928,6 +2989,27 @@ +@@ -2911,6 +2972,27 @@ static __always_inline void do_slab_free(struct kmem_cache *s, void *tail_obj = tail ? : head; struct kmem_cache_cpu *c; unsigned long tid; @@ -2053,7 +2259,7 @@ diff -Nur a/mm/slub.c b/mm/slub.c redo: /* * Determine the currently cpus per cpu slab. -@@ -3106,7 +3188,7 @@ +@@ -3087,7 +3169,7 @@ int kmem_cache_alloc_bulk(struct kmem_cache *s, gfp_t flags, size_t size, void **p) { struct kmem_cache_cpu *c; @@ -2062,7 +2268,7 @@ diff -Nur a/mm/slub.c b/mm/slub.c /* memcg and kmem_cache debug support */ s = slab_pre_alloc_hook(s, flags); -@@ -3143,13 +3225,29 @@ +@@ -3124,13 +3206,29 @@ int kmem_cache_alloc_bulk(struct kmem_cache *s, gfp_t flags, size_t size, local_irq_enable(); /* Clear memory outside IRQ disabled fastpath loop */ @@ -2093,20 +2299,20 @@ diff -Nur a/mm/slub.c b/mm/slub.c /* memcg and kmem_cache debug support */ slab_post_alloc_hook(s, flags, size, p); return i; -@@ -3181,9 +3279,9 @@ +@@ -3162,9 +3260,9 @@ EXPORT_SYMBOL(kmem_cache_alloc_bulk); * and increases the number of allocations possible without having to * take the list_lock. */ --static int slub_min_order; --static int slub_max_order = PAGE_ALLOC_COSTLY_ORDER; --static int slub_min_objects; -+static int slub_min_order __ro_after_init; -+static int slub_max_order __ro_after_init = PAGE_ALLOC_COSTLY_ORDER; -+static int slub_min_objects __ro_after_init; +-static unsigned int slub_min_order; +-static unsigned int slub_max_order = PAGE_ALLOC_COSTLY_ORDER; +-static unsigned int slub_min_objects; ++static unsigned int slub_min_order __ro_after_init; ++static unsigned int slub_max_order __ro_after_init = PAGE_ALLOC_COSTLY_ORDER; ++static unsigned int slub_min_objects __ro_after_init; /* * Calculate the order of allocation given an slab object size. -@@ -3353,6 +3451,7 @@ +@@ -3336,6 +3434,7 @@ static void early_kmem_cache_node_alloc(int node) init_object(kmem_cache_node, n, SLUB_RED_ACTIVE); init_tracking(kmem_cache_node, n); #endif @@ -2114,7 +2320,7 @@ diff -Nur a/mm/slub.c b/mm/slub.c kasan_kmalloc(kmem_cache_node, n, sizeof(struct kmem_cache_node), GFP_KERNEL); init_kmem_cache_node(n); -@@ -3509,6 +3608,9 @@ +@@ -3492,6 +3591,9 @@ static int calculate_sizes(struct kmem_cache *s, int forced_order) size += sizeof(void *); } @@ -2124,7 +2330,7 @@ diff -Nur a/mm/slub.c b/mm/slub.c #ifdef CONFIG_SLUB_DEBUG if (flags & SLAB_STORE_USER) /* -@@ -3579,6 +3681,10 @@ +@@ -3561,6 +3663,10 @@ static int kmem_cache_open(struct kmem_cache *s, slab_flags_t flags) #ifdef CONFIG_SLAB_FREELIST_HARDENED s->random = get_random_long(); #endif @@ -2133,9 +2339,9 @@ diff -Nur a/mm/slub.c b/mm/slub.c + s->random_inactive = get_random_long(); +#endif - if (need_reserve_slab_rcu && (s->flags & SLAB_TYPESAFE_BY_RCU)) - s->reserved = sizeof(struct rcu_head); -@@ -3846,6 +3952,8 @@ + if (!calculate_sizes(s, -1)) + goto error; +@@ -3837,6 +3943,8 @@ void __check_heap_object(const void *ptr, unsigned long n, struct page *page, offset -= s->red_left_pad; } @@ -2144,7 +2350,7 @@ diff -Nur a/mm/slub.c b/mm/slub.c /* Allow address range falling entirely within usercopy region. */ if (offset >= s->useroffset && offset - s->useroffset <= s->usersize && -@@ -3879,7 +3987,11 @@ +@@ -3870,7 +3978,11 @@ static size_t __ksize(const void *object) page = virt_to_head_page(object); if (unlikely(!PageSlab(page))) { @@ -2156,7 +2362,7 @@ diff -Nur a/mm/slub.c b/mm/slub.c return PAGE_SIZE << compound_order(page); } -@@ -4744,7 +4856,7 @@ +@@ -4730,7 +4842,7 @@ enum slab_stat_type { #define SO_TOTAL (1 << SL_TOTAL) #ifdef CONFIG_MEMCG @@ -2165,10 +2371,11 @@ diff -Nur a/mm/slub.c b/mm/slub.c static int __init setup_slub_memcg_sysfs(char *str) { -diff -Nur a/mm/swap.c b/mm/swap.c ---- a/mm/swap.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/mm/swap.c 2018-05-22 19:56:23.718072494 +0100 -@@ -92,6 +92,13 @@ +diff --git a/mm/swap.c b/mm/swap.c +index 26fc9b5f1b6c..7c9312ca8982 100644 +--- a/mm/swap.c ++++ b/mm/swap.c +@@ -93,6 +93,13 @@ static void __put_compound_page(struct page *page) if (!PageHuge(page)) __page_cache_release(page); dtor = get_compound_page_dtor(page); @@ -2182,10 +2389,11 @@ diff -Nur a/mm/swap.c b/mm/swap.c (*dtor)(page); } -diff -Nur a/net/core/dev.c b/net/core/dev.c ---- a/net/core/dev.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/net/core/dev.c 2018-05-22 19:56:23.720072560 +0100 -@@ -4196,7 +4196,7 @@ +diff --git a/net/core/dev.c b/net/core/dev.c +index 559a91271f82..1e3b8deea1a7 100644 +--- a/net/core/dev.c ++++ b/net/core/dev.c +@@ -4259,7 +4259,7 @@ int netif_rx_ni(struct sk_buff *skb) } EXPORT_SYMBOL(netif_rx_ni); @@ -2194,7 +2402,7 @@ diff -Nur a/net/core/dev.c b/net/core/dev.c { struct softnet_data *sd = this_cpu_ptr(&softnet_data); -@@ -5745,7 +5745,7 @@ +@@ -5811,7 +5811,7 @@ static int napi_poll(struct napi_struct *n, struct list_head *repoll) return work; } @@ -2203,10 +2411,11 @@ diff -Nur a/net/core/dev.c b/net/core/dev.c { struct softnet_data *sd = this_cpu_ptr(&softnet_data); unsigned long time_limit = jiffies + -diff -Nur a/net/ipv4/Kconfig b/net/ipv4/Kconfig ---- a/net/ipv4/Kconfig 2018-05-22 17:56:31.000000000 +0100 -+++ b/net/ipv4/Kconfig 2018-05-22 19:56:23.720072560 +0100 -@@ -261,6 +261,7 @@ +diff --git a/net/ipv4/Kconfig b/net/ipv4/Kconfig +index 80dad301361d..0c85c2a29ac1 100644 +--- a/net/ipv4/Kconfig ++++ b/net/ipv4/Kconfig +@@ -266,6 +266,7 @@ config IP_PIMSM_V2 config SYN_COOKIES bool "IP: TCP syncookie support" @@ -2214,10 +2423,11 @@ diff -Nur a/net/ipv4/Kconfig b/net/ipv4/Kconfig ---help--- Normal TCP/IP networking is open to an attack known as "SYN flooding". This denial-of-service attack prevents legitimate remote -diff -Nur a/scripts/mod/modpost.c b/scripts/mod/modpost.c ---- a/scripts/mod/modpost.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/scripts/mod/modpost.c 2018-05-22 19:56:23.721072593 +0100 -@@ -37,6 +37,7 @@ +diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c +index 1663fb19343a..4b44744fc1be 100644 +--- a/scripts/mod/modpost.c ++++ b/scripts/mod/modpost.c +@@ -35,6 +35,7 @@ static int vmlinux_section_warnings = 1; static int warn_unresolved = 0; /* How a symbol is exported */ static int sec_mismatch_count = 0; @@ -2225,7 +2435,7 @@ diff -Nur a/scripts/mod/modpost.c b/scripts/mod/modpost.c static int sec_mismatch_verbose = 1; static int sec_mismatch_fatal = 0; /* ignore missing files */ -@@ -965,6 +966,7 @@ +@@ -954,6 +955,7 @@ enum mismatch { ANY_EXIT_TO_ANY_INIT, EXPORT_TO_INIT_EXIT, EXTABLE_TO_NON_TEXT, @@ -2233,7 +2443,7 @@ diff -Nur a/scripts/mod/modpost.c b/scripts/mod/modpost.c }; /** -@@ -1091,6 +1093,12 @@ +@@ -1080,6 +1082,12 @@ static const struct sectioncheck sectioncheck[] = { .good_tosec = {ALL_TEXT_SECTIONS , NULL}, .mismatch = EXTABLE_TO_NON_TEXT, .handler = extable_mismatch_handler, @@ -2246,7 +2456,7 @@ diff -Nur a/scripts/mod/modpost.c b/scripts/mod/modpost.c } }; -@@ -1240,10 +1248,10 @@ +@@ -1229,10 +1237,10 @@ static Elf_Sym *find_elf_symbol(struct elf_info *elf, Elf64_Sword addr, continue; if (ELF_ST_TYPE(sym->st_info) == STT_SECTION) continue; @@ -2259,7 +2469,7 @@ diff -Nur a/scripts/mod/modpost.c b/scripts/mod/modpost.c if (d < 0) d = addr - sym->st_value; if (d < distance) { -@@ -1402,7 +1410,11 @@ +@@ -1391,7 +1399,11 @@ static void report_sec_mismatch(const char *modname, char *prl_from; char *prl_to; @@ -2272,7 +2482,7 @@ diff -Nur a/scripts/mod/modpost.c b/scripts/mod/modpost.c if (!sec_mismatch_verbose) return; -@@ -1526,6 +1538,14 @@ +@@ -1515,6 +1527,14 @@ static void report_sec_mismatch(const char *modname, fatal("There's a special handler for this mismatch type, " "we should never get here."); break; @@ -2287,7 +2497,7 @@ diff -Nur a/scripts/mod/modpost.c b/scripts/mod/modpost.c } fprintf(stderr, "\n"); } -@@ -2539,6 +2559,14 @@ +@@ -2523,6 +2543,14 @@ int main(int argc, char **argv) } } free(buf.p); @@ -2302,10 +2512,11 @@ diff -Nur a/scripts/mod/modpost.c b/scripts/mod/modpost.c return err; } -diff -Nur a/security/Kconfig b/security/Kconfig ---- a/security/Kconfig 2018-05-22 17:56:31.000000000 +0100 -+++ b/security/Kconfig 2018-05-22 19:56:23.721072593 +0100 -@@ -8,7 +8,7 @@ +diff --git a/security/Kconfig b/security/Kconfig +index c4302067a3ad..f5f5ff98e6b8 100644 +--- a/security/Kconfig ++++ b/security/Kconfig +@@ -8,7 +8,7 @@ source security/keys/Kconfig config SECURITY_DMESG_RESTRICT bool "Restrict unprivileged access to the kernel syslog" @@ -2314,7 +2525,7 @@ diff -Nur a/security/Kconfig b/security/Kconfig help This enforces restrictions on unprivileged users reading the kernel syslog via dmesg(8). -@@ -18,10 +18,21 @@ +@@ -18,10 +18,34 @@ config SECURITY_DMESG_RESTRICT If you are unsure how to answer this question, answer N. @@ -2328,6 +2539,19 @@ diff -Nur a/security/Kconfig b/security/Kconfig + perf_event_open syscall will be permitted unless it is + changed. + ++config SECURITY_TIOCSTI_RESTRICT ++ bool "Restrict unprivileged use of tiocsti command injection" ++ default y ++ help ++ This enforces restrictions on unprivileged users injecting commands ++ into other processes which share a tty session using the TIOCSTI ++ ioctl. This option makes TIOCSTI use require CAP_SYS_ADMIN. ++ ++ If this option is not selected, no restrictions will be enforced ++ unless the tiocsti_restrict sysctl is explicitly set to (1). ++ ++ If you are unsure how to answer this question, answer N. ++ config SECURITY bool "Enable different security models" depends on SYSFS @@ -2336,7 +2560,7 @@ diff -Nur a/security/Kconfig b/security/Kconfig help This allows you to choose different security modules to be configured into your kernel. -@@ -48,6 +59,7 @@ +@@ -48,6 +72,7 @@ config SECURITYFS config SECURITY_NETWORK bool "Socket and Networking Security Hooks" depends on SECURITY @@ -2344,7 +2568,7 @@ diff -Nur a/security/Kconfig b/security/Kconfig help This enables the socket and networking security hooks. If enabled, a security module can use these hooks to -@@ -155,6 +167,7 @@ +@@ -155,6 +180,7 @@ config HARDENED_USERCOPY depends on HAVE_HARDENED_USERCOPY_ALLOCATOR select BUG imply STRICT_DEVMEM @@ -2352,7 +2576,7 @@ diff -Nur a/security/Kconfig b/security/Kconfig help This option checks for obviously wrong memory regions when copying memory to/from the kernel (via copy_to_user() and -@@ -167,7 +180,6 @@ +@@ -167,7 +193,6 @@ config HARDENED_USERCOPY config HARDENED_USERCOPY_FALLBACK bool "Allow usercopy whitelist violations to fallback to object size" depends on HARDENED_USERCOPY @@ -2360,7 +2584,7 @@ diff -Nur a/security/Kconfig b/security/Kconfig help This is a temporary option that allows missing usercopy whitelists to be discovered via a WARN() to the kernel log, instead of -@@ -192,10 +204,36 @@ +@@ -192,10 +217,36 @@ config HARDENED_USERCOPY_PAGESPAN config FORTIFY_SOURCE bool "Harden common str/mem functions against buffer overflows" depends on ARCH_HAS_FORTIFY_SOURCE @@ -2397,21 +2621,11 @@ diff -Nur a/security/Kconfig b/security/Kconfig config STATIC_USERMODEHELPER bool "Force all usermode helper calls through a single binary" help -diff -Nur a/security/selinux/include/objsec.h b/security/selinux/include/objsec.h ---- a/security/selinux/include/objsec.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/security/selinux/include/objsec.h 2018-05-22 19:56:23.721072593 +0100 -@@ -154,6 +154,6 @@ - u32 sid; /*SID of bpf obj creater*/ - }; - --extern unsigned int selinux_checkreqprot; -+extern const unsigned int selinux_checkreqprot; - - #endif /* _SELINUX_OBJSEC_H_ */ -diff -Nur a/security/selinux/Kconfig b/security/selinux/Kconfig ---- a/security/selinux/Kconfig 2018-05-22 17:56:31.000000000 +0100 -+++ b/security/selinux/Kconfig 2018-05-22 19:56:23.721072593 +0100 -@@ -2,7 +2,7 @@ +diff --git a/security/selinux/Kconfig b/security/selinux/Kconfig +index 8af7a690eb40..6539694b0fd3 100644 +--- a/security/selinux/Kconfig ++++ b/security/selinux/Kconfig +@@ -2,7 +2,7 @@ config SECURITY_SELINUX bool "NSA SELinux Support" depends on SECURITY_NETWORK && AUDIT && NET && INET select NETWORK_SECMARK @@ -2420,7 +2634,7 @@ diff -Nur a/security/selinux/Kconfig b/security/selinux/Kconfig help This selects NSA Security-Enhanced Linux (SELinux). You will also need a policy configuration and a labeled filesystem. -@@ -79,23 +79,3 @@ +@@ -79,23 +79,3 @@ config SECURITY_SELINUX_AVC_STATS This option collects access vector cache statistics to /selinux/avc/cache_stats, which may be monitored via tools such as avcstat. @@ -2444,28 +2658,35 @@ diff -Nur a/security/selinux/Kconfig b/security/selinux/Kconfig - via /selinux/checkreqprot if authorized by policy. - - If you are unsure how to answer this question, answer 0. -diff -Nur a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c ---- a/security/selinux/selinuxfs.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/security/selinux/selinuxfs.c 2018-05-22 19:56:23.721072593 +0100 -@@ -41,16 +41,7 @@ - #include "objsec.h" - #include "conditional.h" - --unsigned int selinux_checkreqprot = CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE; +diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c +index 2b5ee5fbd652..99c7ed953d4e 100644 +--- a/security/selinux/hooks.c ++++ b/security/selinux/hooks.c +@@ -135,18 +135,7 @@ __setup("selinux=", selinux_enabled_setup); + int selinux_enabled = 1; + #endif + +-static unsigned int selinux_checkreqprot_boot = +- CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE; - -static int __init checkreqprot_setup(char *str) -{ - unsigned long checkreqprot; +- - if (!kstrtoul(str, 0, &checkreqprot)) -- selinux_checkreqprot = checkreqprot ? 1 : 0; +- selinux_checkreqprot_boot = checkreqprot ? 1 : 0; - return 1; -} -__setup("checkreqprot=", checkreqprot_setup); -+const unsigned int selinux_checkreqprot; - - static DEFINE_MUTEX(sel_mutex); - -@@ -610,10 +601,9 @@ ++static const unsigned int selinux_checkreqprot_boot; + + static struct kmem_cache *sel_inode_cache; + static struct kmem_cache *file_security_cache; +diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c +index 79d3709b0671..4db06a12d48c 100644 +--- a/security/selinux/selinuxfs.c ++++ b/security/selinux/selinuxfs.c +@@ -664,10 +664,9 @@ static ssize_t sel_write_checkreqprot(struct file *file, const char __user *buf, return PTR_ERR(page); length = -EINVAL; @@ -2473,13 +2694,14 @@ diff -Nur a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c + if (sscanf(page, "%u", &new_value) != 1 || new_value) goto out; -- selinux_checkreqprot = new_value ? 1 : 0; +- fsi->state->checkreqprot = new_value ? 1 : 0; length = count; out: kfree(page); -diff -Nur a/security/yama/Kconfig b/security/yama/Kconfig ---- a/security/yama/Kconfig 2018-05-22 17:56:31.000000000 +0100 -+++ b/security/yama/Kconfig 2018-05-22 19:56:23.721072593 +0100 +diff --git a/security/yama/Kconfig b/security/yama/Kconfig +index 96b27405558a..485c1b85c325 100644 +--- a/security/yama/Kconfig ++++ b/security/yama/Kconfig @@ -1,7 +1,7 @@ config SECURITY_YAMA bool "Yama support" diff --git a/sys-kernel/linux-image-redcore/files/radeon_dp_aux_transfer_native-no-ratelimited_debug.patch b/sys-kernel/linux-image-redcore/files/radeon_dp_aux_transfer_native-no-ratelimited_debug.patch new file mode 100644 index 00000000..6ffcb42c --- /dev/null +++ b/sys-kernel/linux-image-redcore/files/radeon_dp_aux_transfer_native-no-ratelimited_debug.patch @@ -0,0 +1,13 @@ +diff --git a/drivers/gpu/drm/radeon/radeon_dp_auxch.c b/drivers/gpu/drm/radeon/radeon_dp_auxch.c +index 12eac4e75542..a26b8ddd7d3f 100644 +--- a/drivers/gpu/drm/radeon/radeon_dp_auxch.c ++++ b/drivers/gpu/drm/radeon/radeon_dp_auxch.c +@@ -168,7 +168,7 @@ radeon_dp_aux_transfer_native(struct drm_dp_aux *aux, struct drm_dp_aux_msg *msg + goto done; + } + if (tmp & AUX_RX_ERROR_FLAGS) { +- DRM_DEBUG_KMS_RATELIMITED("dp_aux_ch flags not zero: %08x\n", ++ DRM_DEBUG_KMS("dp_aux_ch flags not zero: %08x\n", + tmp); + ret = -EIO; + goto done; diff --git a/sys-kernel/linux-image-redcore/files/redcore-amd64.config b/sys-kernel/linux-image-redcore/files/redcore-amd64.config index f63178d1..288c1279 100644 --- a/sys-kernel/linux-image-redcore/files/redcore-amd64.config +++ b/sys-kernel/linux-image-redcore/files/redcore-amd64.config @@ -1,6 +1,10 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.16.11-redcore Kernel Configuration +# Linux/x86 4.18.5-redcore Kernel Configuration +# + +# +# Compiler: gcc (Gentoo Hardened 7.3.0-r3 p1.4) 7.3.0 # CONFIG_64BIT=y CONFIG_X86_64=y @@ -15,8 +19,6 @@ CONFIG_ARCH_MMAP_RND_BITS_MIN=28 CONFIG_ARCH_MMAP_RND_BITS_MAX=32 CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MIN=8 CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MAX=16 -CONFIG_NEED_DMA_MAP_STATE=y -CONFIG_NEED_SG_DMA_LENGTH=y CONFIG_GENERIC_ISA_DMA=y CONFIG_GENERIC_BUG=y CONFIG_GENERIC_BUG_RELATIVE_POINTERS=y @@ -26,6 +28,7 @@ CONFIG_RWSEM_XCHGADD_ALGORITHM=y CONFIG_GENERIC_CALIBRATE_DELAY=y CONFIG_ARCH_HAS_CPU_RELAX=y CONFIG_ARCH_HAS_CACHE_LINE_SIZE=y +CONFIG_ARCH_HAS_FILTER_PGPROT=y CONFIG_HAVE_SETUP_PER_CPU_AREA=y CONFIG_NEED_PER_CPU_EMBED_FIRST_CHUNK=y CONFIG_NEED_PER_CPU_PAGE_FIRST_CHUNK=y @@ -41,7 +44,11 @@ CONFIG_HAVE_INTEL_TXT=y CONFIG_X86_64_SMP=y CONFIG_ARCH_SUPPORTS_UPROBES=y CONFIG_FIX_EARLYCON_MEM=y +CONFIG_DYNAMIC_PHYSICAL_MASK=y CONFIG_PGTABLE_LEVELS=4 +CONFIG_CC_IS_GCC=y +CONFIG_GCC_VERSION=70300 +CONFIG_CLANG_VERSION=0 CONFIG_IRQ_WORK=y CONFIG_BUILDTIME_EXTABLE_SORT=y CONFIG_THREAD_INFO_IN_TASK=y @@ -50,7 +57,6 @@ CONFIG_THREAD_INFO_IN_TASK=y # General setup # CONFIG_INIT_ENV_ARG_LIMIT=32 -CONFIG_CROSS_COMPILE="" # CONFIG_COMPILE_TEST is not set CONFIG_LOCALVERSION="" CONFIG_LOCALVERSION_AUTO=y @@ -116,7 +122,6 @@ CONFIG_NO_HZ_COMMON=y # CONFIG_HZ_PERIODIC is not set # CONFIG_NO_HZ_IDLE is not set CONFIG_NO_HZ_FULL=y -# CONFIG_NO_HZ_FULL_ALL is not set CONFIG_NO_HZ=y CONFIG_HIGH_RES_TIMERS=y @@ -172,7 +177,7 @@ CONFIG_FAIR_GROUP_SCHED=y CONFIG_CFS_BANDWIDTH=y CONFIG_RT_GROUP_SCHED=y CONFIG_CGROUP_PIDS=y -# CONFIG_CGROUP_RDMA is not set +CONFIG_CGROUP_RDMA=y CONFIG_CGROUP_FREEZER=y CONFIG_CGROUP_HUGETLB=y CONFIG_CPUSETS=y @@ -202,7 +207,7 @@ CONFIG_RD_LZO=y CONFIG_RD_LZ4=y CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE=y # CONFIG_CC_OPTIMIZE_FOR_SIZE is not set -CONFIG_LOCAL_INIT=y +# CONFIG_LOCAL_INIT is not set CONFIG_SYSCTL=y CONFIG_ANON_INODES=y CONFIG_HAVE_UID16=y @@ -214,7 +219,6 @@ CONFIG_UID16=y CONFIG_MULTIUSER=y CONFIG_SGETMASK_SYSCALL=y CONFIG_SYSFS_SYSCALL=y -# CONFIG_SYSCTL_SYSCALL is not set CONFIG_FHANDLE=y CONFIG_POSIX_TIMERS=y CONFIG_PRINTK=y @@ -233,7 +237,6 @@ CONFIG_SHMEM=y CONFIG_AIO=y CONFIG_ADVISE_SYSCALLS=y CONFIG_MEMBARRIER=y -# CONFIG_CHECKPOINT_RESTORE is not set CONFIG_KALLSYMS=y CONFIG_KALLSYMS_ALL=y CONFIG_KALLSYMS_ABSOLUTE_PERCPU=y @@ -242,9 +245,9 @@ CONFIG_BPF_SYSCALL=y CONFIG_BPF_JIT_ALWAYS_ON=y CONFIG_USERFAULTFD=y CONFIG_ARCH_HAS_MEMBARRIER_SYNC_CORE=y +CONFIG_RSEQ=y # CONFIG_EMBEDDED is not set CONFIG_HAVE_PERF_EVENTS=y -# CONFIG_PC104 is not set # # Kernel Performance Events And Counters @@ -253,31 +256,33 @@ CONFIG_PERF_EVENTS=y # CONFIG_DEBUG_PERF_USE_VMALLOC is not set CONFIG_VM_EVENT_COUNTERS=y CONFIG_SLUB_DEBUG=y -# CONFIG_SLUB_MEMCG_SYSFS_ON is not set # CONFIG_COMPAT_BRK is not set # CONFIG_SLAB is not set CONFIG_SLUB=y CONFIG_SLAB_MERGE_DEFAULT=y -# CONFIG_SLAB_FREELIST_RANDOM is not set +CONFIG_SLAB_FREELIST_RANDOM=y CONFIG_SLAB_FREELIST_HARDENED=y CONFIG_SLAB_HARDENED=y CONFIG_SLAB_SANITIZE=y CONFIG_SLAB_SANITIZE_VERIFY=y CONFIG_SLUB_CPU_PARTIAL=y CONFIG_SYSTEM_DATA_VERIFICATION=y -# CONFIG_PROFILING is not set +CONFIG_PROFILING=y CONFIG_TRACEPOINTS=y CONFIG_CRASH_CORE=y CONFIG_KEXEC_CORE=y +CONFIG_HOTPLUG_SMT=y +# CONFIG_OPROFILE is not set CONFIG_HAVE_OPROFILE=y CONFIG_OPROFILE_NMI_TIMER=y -# CONFIG_KPROBES is not set +CONFIG_KPROBES=y CONFIG_JUMP_LABEL=y # CONFIG_STATIC_KEYS_SELFTEST is not set -# CONFIG_UPROBES is not set -# CONFIG_HAVE_64BIT_ALIGNED_ACCESS is not set +CONFIG_OPTPROBES=y +CONFIG_KPROBES_ON_FTRACE=y CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y CONFIG_ARCH_USE_BUILTIN_BSWAP=y +CONFIG_KRETPROBES=y CONFIG_USER_RETURN_NOTIFIER=y CONFIG_HAVE_IOREMAP_PROT=y CONFIG_HAVE_KPROBES=y @@ -294,8 +299,8 @@ CONFIG_ARCH_HAS_SET_MEMORY=y CONFIG_HAVE_ARCH_THREAD_STRUCT_WHITELIST=y CONFIG_ARCH_WANTS_DYNAMIC_TASK_STRUCT=y CONFIG_HAVE_REGS_AND_STACK_ACCESS_API=y +CONFIG_HAVE_RSEQ=y CONFIG_HAVE_CLK=y -CONFIG_HAVE_DMA_API_DEBUG=y CONFIG_HAVE_HW_BREAKPOINT=y CONFIG_HAVE_MIXED_BREAKPOINTS_REGS=y CONFIG_HAVE_USER_RETURN_NOTIFIER=y @@ -313,14 +318,13 @@ CONFIG_ARCH_WANT_COMPAT_IPC_PARSE_VERSION=y CONFIG_ARCH_WANT_OLD_COMPAT_IPC=y CONFIG_HAVE_ARCH_SECCOMP_FILTER=y CONFIG_SECCOMP_FILTER=y +CONFIG_PLUGIN_HOSTCC="g++" CONFIG_HAVE_GCC_PLUGINS=y # CONFIG_GCC_PLUGINS is not set -CONFIG_HAVE_CC_STACKPROTECTOR=y -# CONFIG_CC_STACKPROTECTOR_NONE is not set -# CONFIG_CC_STACKPROTECTOR_REGULAR is not set -CONFIG_CC_STACKPROTECTOR_STRONG=y -# CONFIG_CC_STACKPROTECTOR_AUTO is not set -CONFIG_THIN_ARCHIVES=y +CONFIG_HAVE_STACKPROTECTOR=y +CONFIG_CC_HAS_STACKPROTECTOR_NONE=y +CONFIG_STACKPROTECTOR=y +CONFIG_STACKPROTECTOR_STRONG=y CONFIG_HAVE_ARCH_WITHIN_STACK_FRAMES=y CONFIG_HAVE_CONTEXT_TRACKING=y CONFIG_HAVE_VIRT_CPU_ACCOUNTING_GEN=y @@ -341,29 +345,24 @@ CONFIG_ARCH_MMAP_RND_COMPAT_BITS=16 CONFIG_HAVE_ARCH_COMPAT_MMAP_BASES=y CONFIG_HAVE_COPY_THREAD_TLS=y CONFIG_HAVE_STACK_VALIDATION=y -# CONFIG_HAVE_ARCH_HASH is not set -# CONFIG_ISA_BUS_API is not set +CONFIG_ISA_BUS_API=y CONFIG_OLD_SIGSUSPEND3=y CONFIG_COMPAT_OLD_SIGACTION=y -# CONFIG_CPU_NO_EFFICIENT_FFS is not set +CONFIG_COMPAT_32BIT_TIME=y CONFIG_HAVE_ARCH_VMAP_STACK=y CONFIG_VMAP_STACK=y -# CONFIG_ARCH_OPTIONAL_KERNEL_RWX is not set -# CONFIG_ARCH_OPTIONAL_KERNEL_RWX_DEFAULT is not set CONFIG_ARCH_HAS_STRICT_KERNEL_RWX=y CONFIG_STRICT_KERNEL_RWX=y CONFIG_ARCH_HAS_STRICT_MODULE_RWX=y CONFIG_STRICT_MODULE_RWX=y -CONFIG_ARCH_HAS_PHYS_TO_DMA=y CONFIG_ARCH_HAS_REFCOUNT=y -# CONFIG_REFCOUNT_FULL is not set +CONFIG_REFCOUNT_FULL=y # # GCOV-based kernel profiling # # CONFIG_GCOV_KERNEL is not set CONFIG_ARCH_HAS_GCOV_PROFILE_ALL=y -# CONFIG_HAVE_GENERIC_DMA_COHERENT is not set CONFIG_RT_MUTEXES=y CONFIG_BASE_SMALL=0 CONFIG_MODULES=y @@ -372,7 +371,15 @@ CONFIG_MODULE_UNLOAD=y CONFIG_MODULE_FORCE_UNLOAD=y CONFIG_MODVERSIONS=y CONFIG_MODULE_SRCVERSION_ALL=y -# CONFIG_MODULE_SIG is not set +CONFIG_MODULE_SIG=y +# CONFIG_MODULE_SIG_FORCE is not set +CONFIG_MODULE_SIG_ALL=y +# CONFIG_MODULE_SIG_SHA1 is not set +# CONFIG_MODULE_SIG_SHA224 is not set +# CONFIG_MODULE_SIG_SHA256 is not set +# CONFIG_MODULE_SIG_SHA384 is not set +CONFIG_MODULE_SIG_SHA512=y +CONFIG_MODULE_SIG_HASH="sha512" CONFIG_MODULE_COMPRESS=y CONFIG_MODULE_COMPRESS_GZIP=y # CONFIG_MODULE_COMPRESS_XZ is not set @@ -456,6 +463,8 @@ CONFIG_QUEUED_SPINLOCKS=y CONFIG_ARCH_USE_QUEUED_RWLOCKS=y CONFIG_QUEUED_RWLOCKS=y CONFIG_ARCH_HAS_SYNC_CORE_BEFORE_USERMODE=y +CONFIG_ARCH_HAS_SYSCALL_WRAPPER=y +CONFIG_CC_HAS_SANE_STACKPROTECTOR=y CONFIG_FREEZER=y # @@ -464,7 +473,6 @@ CONFIG_FREEZER=y CONFIG_ZONE_DMA=y CONFIG_SMP=y CONFIG_X86_FEATURE_NAMES=y -CONFIG_X86_FAST_FEATURE_TESTS=y CONFIG_X86_X2APIC=y CONFIG_X86_MPPARSE=y # CONFIG_GOLDFISH is not set @@ -507,10 +515,7 @@ CONFIG_HPET_TIMER=y CONFIG_HPET_EMULATE_RTC=y CONFIG_DMI=y CONFIG_GART_IOMMU=y -CONFIG_CALGARY_IOMMU=y -CONFIG_CALGARY_IOMMU_ENABLED_BY_DEFAULT=y -CONFIG_SWIOTLB=y -CONFIG_IOMMU_HELPER=y +# CONFIG_CALGARY_IOMMU is not set CONFIG_MAXSMP=y CONFIG_NR_CPUS_RANGE_BEGIN=8192 CONFIG_NR_CPUS_RANGE_END=8192 @@ -541,7 +546,6 @@ CONFIG_PERF_EVENTS_INTEL_UNCORE=y CONFIG_PERF_EVENTS_INTEL_RAPL=y CONFIG_PERF_EVENTS_INTEL_CSTATE=y CONFIG_PERF_EVENTS_AMD_POWER=m -# CONFIG_VM86 is not set CONFIG_X86_16BIT=y CONFIG_X86_ESPFIX64=y CONFIG_X86_VSYSCALL_EMULATION=y @@ -553,8 +557,6 @@ CONFIG_MICROCODE_OLD_INTERFACE=y CONFIG_X86_MSR=m CONFIG_X86_CPUID=m # CONFIG_X86_5LEVEL is not set -CONFIG_ARCH_PHYS_ADDR_T_64BIT=y -CONFIG_ARCH_DMA_ADDR_T_64BIT=y CONFIG_X86_DIRECT_GBPAGES=y CONFIG_ARCH_HAS_MEM_ENCRYPT=y CONFIG_AMD_MEM_ENCRYPT=y @@ -639,6 +641,7 @@ CONFIG_ARCH_USES_HIGH_VMA_FLAGS=y CONFIG_ARCH_HAS_PKEYS=y # CONFIG_PERCPU_STATS is not set # CONFIG_GUP_BENCHMARK is not set +CONFIG_ARCH_HAS_PTE_SPECIAL=y CONFIG_X86_PMEM_LEGACY_DEVICE=y CONFIG_X86_PMEM_LEGACY=m CONFIG_X86_CHECK_BIOS_CORRUPTION=y @@ -673,6 +676,7 @@ CONFIG_RELOCATABLE=y CONFIG_RANDOMIZE_BASE=y CONFIG_X86_NEED_RELOCS=y CONFIG_PHYSICAL_ALIGN=0x1000000 +CONFIG_DYNAMIC_MEMORY_LAYOUT=y CONFIG_RANDOMIZE_MEMORY=y CONFIG_RANDOMIZE_MEMORY_PHYSICAL_PADDING=0xa CONFIG_HOTPLUG_CPU=y @@ -727,6 +731,7 @@ CONFIG_ACPI_BATTERY=m CONFIG_ACPI_BUTTON=m CONFIG_ACPI_VIDEO=m CONFIG_ACPI_FAN=m +CONFIG_ACPI_TAD=m CONFIG_ACPI_DOCK=y CONFIG_ACPI_CPU_FREQ_PSS=y CONFIG_ACPI_PROCESSOR_CSTATE=y @@ -738,7 +743,6 @@ CONFIG_ACPI_HOTPLUG_CPU=y CONFIG_ACPI_PROCESSOR_AGGREGATOR=m CONFIG_ACPI_THERMAL=m CONFIG_ACPI_NUMA=y -# CONFIG_ACPI_CUSTOM_DSDT is not set CONFIG_ARCH_HAS_ACPI_TABLE_UPGRADE=y CONFIG_ACPI_TABLE_UPGRADE=y # CONFIG_ACPI_DEBUG is not set @@ -750,7 +754,6 @@ CONFIG_ACPI_SBS=m CONFIG_ACPI_HED=y # CONFIG_ACPI_CUSTOM_METHOD is not set CONFIG_ACPI_BGRT=y -# CONFIG_ACPI_REDUCED_HARDWARE_ONLY is not set CONFIG_ACPI_NFIT=m CONFIG_HAVE_ACPI_APEI=y CONFIG_HAVE_ACPI_APEI_NMI=y @@ -806,7 +809,6 @@ CONFIG_X86_AMD_FREQ_SENSITIVITY=m # # shared options # -# CONFIG_X86_SPEEDSTEP_LIB is not set # # CPU Idle @@ -814,7 +816,6 @@ CONFIG_X86_AMD_FREQ_SENSITIVITY=m CONFIG_CPU_IDLE=y CONFIG_CPU_IDLE_GOV_LADDER=y CONFIG_CPU_IDLE_GOV_MENU=y -# CONFIG_ARCH_NEEDS_CPU_IDLE_COUPLED is not set CONFIG_INTEL_IDLE=y # @@ -824,11 +825,12 @@ CONFIG_PCI=y CONFIG_PCI_DIRECT=y CONFIG_PCI_MMCONFIG=y CONFIG_PCI_DOMAINS=y +CONFIG_MMCONF_FAM10H=y CONFIG_PCIEPORTBUS=y CONFIG_HOTPLUG_PCI_PCIE=y CONFIG_PCIEAER=y -CONFIG_PCIE_ECRC=y CONFIG_PCIEAER_INJECT=m +CONFIG_PCIE_ECRC=y CONFIG_PCIEASPM=y # CONFIG_PCIEASPM_DEBUG is not set CONFIG_PCIEASPM_DEFAULT=y @@ -838,13 +840,13 @@ CONFIG_PCIEASPM_DEFAULT=y CONFIG_PCIE_PME=y CONFIG_PCIE_DPC=y CONFIG_PCIE_PTM=y -CONFIG_PCI_BUS_ADDR_T_64BIT=y CONFIG_PCI_MSI=y CONFIG_PCI_MSI_IRQ_DOMAIN=y CONFIG_PCI_QUIRKS=y # CONFIG_PCI_DEBUG is not set CONFIG_PCI_REALLOC_ENABLE_AUTO=y CONFIG_PCI_STUB=m +CONFIG_PCI_PF_STUB=m CONFIG_PCI_ATS=y CONFIG_PCI_LOCKLESS_CONFIG=y CONFIG_PCI_IOV=y @@ -858,26 +860,29 @@ CONFIG_HOTPLUG_PCI_ACPI_IBM=m CONFIG_HOTPLUG_PCI_CPCI=y CONFIG_HOTPLUG_PCI_CPCI_ZT5550=m CONFIG_HOTPLUG_PCI_CPCI_GENERIC=m -CONFIG_HOTPLUG_PCI_SHPC=m +# CONFIG_HOTPLUG_PCI_SHPC is not set # -# Cadence PCIe controllers support +# PCI controller drivers # # -# DesignWare PCI Core Support +# Cadence PCIe controllers support # -# CONFIG_PCIE_DW_PLAT is not set +CONFIG_VMD=m # -# PCI host controller drivers +# DesignWare PCI Core Support # -CONFIG_VMD=m +# CONFIG_PCIE_DW_PLAT_HOST is not set +# CONFIG_PCIE_DW_PLAT_EP is not set # # PCI Endpoint # -# CONFIG_PCI_ENDPOINT is not set +CONFIG_PCI_ENDPOINT=y +CONFIG_PCI_ENDPOINT_CONFIGFS=y +# CONFIG_PCI_EPF_TEST is not set # # PCI switch controller drivers @@ -930,12 +935,11 @@ CONFIG_COMPAT_BINFMT_ELF=y CONFIG_ELFCORE=y CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS=y CONFIG_BINFMT_SCRIPT=y -# CONFIG_HAVE_AOUT is not set -CONFIG_BINFMT_MISC=m +CONFIG_BINFMT_MISC=y CONFIG_COREDUMP=y CONFIG_IA32_EMULATION=y -CONFIG_IA32_AOUT=m -# CONFIG_X86_X32 is not set +CONFIG_IA32_AOUT=y +CONFIG_X86_X32=y CONFIG_COMPAT_32=y CONFIG_COMPAT=y CONFIG_COMPAT_FOR_U64_ALIGNMENT=y @@ -954,6 +958,7 @@ CONFIG_PACKET_DIAG=m CONFIG_UNIX=m CONFIG_UNIX_DIAG=m CONFIG_TLS=m +# CONFIG_TLS_DEVICE is not set CONFIG_XFRM=y CONFIG_XFRM_OFFLOAD=y CONFIG_XFRM_ALGO=m @@ -966,6 +971,7 @@ CONFIG_NET_KEY=m CONFIG_NET_KEY_MIGRATE=y CONFIG_SMC=m CONFIG_SMC_DIAG=m +CONFIG_XDP_SOCKETS=y CONFIG_INET=y CONFIG_IP_MULTICAST=y CONFIG_IP_ADVANCED_ROUTER=y @@ -983,6 +989,7 @@ CONFIG_NET_IPGRE_DEMUX=m CONFIG_NET_IP_TUNNEL=m CONFIG_NET_IPGRE=m CONFIG_NET_IPGRE_BROADCAST=y +CONFIG_IP_MROUTE_COMMON=y CONFIG_IP_MROUTE=y CONFIG_IP_MROUTE_MULTIPLE_TABLES=y CONFIG_IP_PIMSM_V1=y @@ -1057,6 +1064,7 @@ CONFIG_IPV6_MROUTE_MULTIPLE_TABLES=y CONFIG_IPV6_PIMSM_V2=y CONFIG_IPV6_SEG6_LWTUNNEL=y CONFIG_IPV6_SEG6_HMAC=y +# CONFIG_NETLABEL is not set CONFIG_NETWORK_SECMARK=y CONFIG_NET_PTP_CLASSIFY=y CONFIG_NETWORK_PHY_TIMESTAMPING=y @@ -1115,21 +1123,18 @@ CONFIG_NF_NAT_FTP=m CONFIG_NF_NAT_IRC=m CONFIG_NF_NAT_SIP=m CONFIG_NF_NAT_TFTP=m -CONFIG_NF_NAT_REDIRECT=m +CONFIG_NF_NAT_REDIRECT=y CONFIG_NETFILTER_SYNPROXY=m +CONFIG_NF_OSF=m CONFIG_NF_TABLES=m -CONFIG_NF_TABLES_INET=m -CONFIG_NF_TABLES_NETDEV=m -CONFIG_NFT_EXTHDR=m -CONFIG_NFT_META=m -CONFIG_NFT_RT=m +CONFIG_NF_TABLES_SET=m +CONFIG_NF_TABLES_INET=y +CONFIG_NF_TABLES_NETDEV=y CONFIG_NFT_NUMGEN=m CONFIG_NFT_CT=m CONFIG_NFT_FLOW_OFFLOAD=m -CONFIG_NFT_SET_RBTREE=m -CONFIG_NFT_SET_HASH=m -CONFIG_NFT_SET_BITMAP=m CONFIG_NFT_COUNTER=m +CONFIG_NFT_CONNLIMIT=m CONFIG_NFT_LOG=m CONFIG_NFT_LIMIT=m CONFIG_NFT_MASQ=m @@ -1144,6 +1149,7 @@ CONFIG_NFT_COMPAT=m CONFIG_NFT_HASH=m CONFIG_NFT_FIB=m CONFIG_NFT_FIB_INET=m +CONFIG_NFT_SOCKET=m CONFIG_NF_DUP_NETDEV=m CONFIG_NFT_DUP_NETDEV=m CONFIG_NFT_FWD_NETDEV=m @@ -1284,6 +1290,7 @@ CONFIG_IP_VS_LBLC=m CONFIG_IP_VS_LBLCR=m CONFIG_IP_VS_DH=m CONFIG_IP_VS_SH=m +CONFIG_IP_VS_MH=m CONFIG_IP_VS_SED=m CONFIG_IP_VS_NQ=m @@ -1293,6 +1300,11 @@ CONFIG_IP_VS_NQ=m CONFIG_IP_VS_SH_TAB_BITS=8 # +# IPVS MH scheduler +# +CONFIG_IP_VS_MH_TAB_INDEX=12 + +# # IPVS application helper # CONFIG_IP_VS_FTP=m @@ -1305,12 +1317,13 @@ CONFIG_IP_VS_PE_SIP=m CONFIG_NF_DEFRAG_IPV4=m CONFIG_NF_CONNTRACK_IPV4=m CONFIG_NF_SOCKET_IPV4=m -CONFIG_NF_TABLES_IPV4=m +CONFIG_NF_TPROXY_IPV4=m +CONFIG_NF_TABLES_IPV4=y CONFIG_NFT_CHAIN_ROUTE_IPV4=m CONFIG_NFT_REJECT_IPV4=m CONFIG_NFT_DUP_IPV4=m CONFIG_NFT_FIB_IPV4=m -CONFIG_NF_TABLES_ARP=m +CONFIG_NF_TABLES_ARP=y CONFIG_NF_FLOW_TABLE_IPV4=m CONFIG_NF_DUP_IPV4=m CONFIG_NF_LOG_ARP=m @@ -1318,7 +1331,7 @@ CONFIG_NF_LOG_IPV4=m CONFIG_NF_REJECT_IPV4=m CONFIG_NF_NAT_IPV4=m CONFIG_NFT_CHAIN_NAT_IPV4=m -CONFIG_NF_NAT_MASQUERADE_IPV4=m +CONFIG_NF_NAT_MASQUERADE_IPV4=y CONFIG_NFT_MASQ_IPV4=m CONFIG_NFT_REDIR_IPV4=m CONFIG_NF_NAT_SNMP_BASIC=m @@ -1342,6 +1355,7 @@ CONFIG_IP_NF_TARGET_CLUSTERIP=m CONFIG_IP_NF_TARGET_ECN=m CONFIG_IP_NF_TARGET_TTL=m CONFIG_IP_NF_RAW=m +# CONFIG_IP_NF_SECURITY is not set CONFIG_IP_NF_ARPTABLES=m CONFIG_IP_NF_ARPFILTER=m CONFIG_IP_NF_ARP_MANGLE=m @@ -1352,8 +1366,12 @@ CONFIG_IP_NF_ARP_MANGLE=m CONFIG_NF_DEFRAG_IPV6=m CONFIG_NF_CONNTRACK_IPV6=m CONFIG_NF_SOCKET_IPV6=m -CONFIG_NF_TABLES_IPV6=m +CONFIG_NF_TPROXY_IPV6=m +CONFIG_NF_TABLES_IPV6=y CONFIG_NFT_CHAIN_ROUTE_IPV6=m +CONFIG_NFT_CHAIN_NAT_IPV6=m +CONFIG_NFT_MASQ_IPV6=m +CONFIG_NFT_REDIR_IPV6=m CONFIG_NFT_REJECT_IPV6=m CONFIG_NFT_DUP_IPV6=m CONFIG_NFT_FIB_IPV6=m @@ -1362,10 +1380,7 @@ CONFIG_NF_DUP_IPV6=m CONFIG_NF_REJECT_IPV6=m CONFIG_NF_LOG_IPV6=m CONFIG_NF_NAT_IPV6=m -CONFIG_NFT_CHAIN_NAT_IPV6=m -CONFIG_NF_NAT_MASQUERADE_IPV6=m -CONFIG_NFT_MASQ_IPV6=m -CONFIG_NFT_REDIR_IPV6=m +CONFIG_NF_NAT_MASQUERADE_IPV6=y CONFIG_IP6_NF_IPTABLES=m CONFIG_IP6_NF_MATCH_AH=m CONFIG_IP6_NF_MATCH_EUI64=m @@ -1383,6 +1398,7 @@ CONFIG_IP6_NF_TARGET_REJECT=m CONFIG_IP6_NF_TARGET_SYNPROXY=m CONFIG_IP6_NF_MANGLE=m CONFIG_IP6_NF_RAW=m +# CONFIG_IP6_NF_SECURITY is not set CONFIG_IP6_NF_NAT=m CONFIG_IP6_NF_TARGET_MASQUERADE=m CONFIG_IP6_NF_TARGET_NPT=m @@ -1391,8 +1407,7 @@ CONFIG_IP6_NF_TARGET_NPT=m # DECnet: Netfilter Configuration # CONFIG_DECNET_NF_GRABULATOR=m -CONFIG_NF_TABLES_BRIDGE=m -CONFIG_NFT_BRIDGE_META=m +CONFIG_NF_TABLES_BRIDGE=y CONFIG_NFT_BRIDGE_REJECT=m CONFIG_NF_LOG_BRIDGE=m CONFIG_BRIDGE_NF_EBTABLES=m @@ -1416,6 +1431,8 @@ CONFIG_BRIDGE_EBT_REDIRECT=m CONFIG_BRIDGE_EBT_SNAT=m CONFIG_BRIDGE_EBT_LOG=m CONFIG_BRIDGE_EBT_NFLOG=m +CONFIG_BPFILTER=y +CONFIG_BPFILTER_UMH=m CONFIG_IP_DCCP=m CONFIG_INET_DCCP_DIAG=m @@ -1446,6 +1463,7 @@ CONFIG_RDS_TCP=m CONFIG_TIPC=m CONFIG_TIPC_MEDIA_IB=y CONFIG_TIPC_MEDIA_UDP=y +CONFIG_TIPC_DIAG=m CONFIG_ATM=m CONFIG_ATM_CLIP=m # CONFIG_ATM_CLIP_NO_ICMP is not set @@ -1571,6 +1589,7 @@ CONFIG_NET_EMATCH_META=m CONFIG_NET_EMATCH_TEXT=m CONFIG_NET_EMATCH_CANID=m CONFIG_NET_EMATCH_IPSET=m +CONFIG_NET_EMATCH_IPT=m CONFIG_NET_CLS_ACT=y CONFIG_NET_ACT_POLICE=m CONFIG_NET_ACT_GACT=m @@ -1760,12 +1779,12 @@ CONFIG_BT_HCIBFUSB=m CONFIG_BT_HCIDTL1=m CONFIG_BT_HCIBT3C=m CONFIG_BT_HCIBLUECARD=m -CONFIG_BT_HCIBTUART=m CONFIG_BT_HCIVHCI=m CONFIG_BT_MRVL=m CONFIG_BT_MRVL_SDIO=m CONFIG_BT_ATH3K=m CONFIG_BT_WILINK=m +CONFIG_BT_HCIRSI=m CONFIG_AF_RXRPC=m CONFIG_AF_RXRPC_IPV6=y # CONFIG_AF_RXRPC_INJECT_LOSS is not set @@ -1799,7 +1818,6 @@ CONFIG_MAC80211=m CONFIG_MAC80211_HAS_RC=y CONFIG_MAC80211_RC_MINSTREL=y CONFIG_MAC80211_RC_MINSTREL_HT=y -# CONFIG_MAC80211_RC_MINSTREL_VHT is not set CONFIG_MAC80211_RC_DEFAULT_MINSTREL=y CONFIG_MAC80211_RC_DEFAULT="minstrel_ht" CONFIG_MAC80211_MESH=y @@ -1874,6 +1892,7 @@ CONFIG_DST_CACHE=y CONFIG_GRO_CELLS=y CONFIG_NET_DEVLINK=m CONFIG_MAY_USE_DEVLINK=m +CONFIG_FAILOVER=m CONFIG_HAVE_EBPF_JIT=y # @@ -1888,6 +1907,10 @@ CONFIG_DEVTMPFS=y CONFIG_DEVTMPFS_MOUNT=y CONFIG_STANDALONE=y CONFIG_PREVENT_FIRMWARE_BUILD=y + +# +# Firmware loader +# CONFIG_FW_LOADER=y CONFIG_EXTRA_FIRMWARE="" CONFIG_FW_LOADER_USER_HELPER=y @@ -1899,8 +1922,6 @@ CONFIG_DEV_COREDUMP=y # CONFIG_DEBUG_DEVRES is not set # CONFIG_DEBUG_TEST_DRIVER_REMOVE is not set CONFIG_TEST_ASYNC_DRIVER_PROBE=m -# CONFIG_SYS_HYPERVISOR is not set -# CONFIG_GENERIC_CPU_DEVICES is not set CONFIG_GENERIC_CPU_AUTOPROBE=y CONFIG_GENERIC_CPU_VULNERABILITIES=y CONFIG_REGMAP=y @@ -1959,13 +1980,8 @@ CONFIG_MTD_GEN_PROBE=m CONFIG_MTD_MAP_BANK_WIDTH_1=y CONFIG_MTD_MAP_BANK_WIDTH_2=y CONFIG_MTD_MAP_BANK_WIDTH_4=y -# CONFIG_MTD_MAP_BANK_WIDTH_8 is not set -# CONFIG_MTD_MAP_BANK_WIDTH_16 is not set -# CONFIG_MTD_MAP_BANK_WIDTH_32 is not set CONFIG_MTD_CFI_I1=y CONFIG_MTD_CFI_I2=y -# CONFIG_MTD_CFI_I4 is not set -# CONFIG_MTD_CFI_I8 is not set CONFIG_MTD_CFI_INTELEXT=m CONFIG_MTD_CFI_AMDSTD=m CONFIG_MTD_CFI_STAA=m @@ -2021,6 +2037,11 @@ CONFIG_MTD_BLOCK2MTD=m CONFIG_MTD_DOCG3=m CONFIG_BCH_CONST_M=14 CONFIG_BCH_CONST_T=4 +CONFIG_MTD_ONENAND=m +CONFIG_MTD_ONENAND_VERIFY_WRITE=y +CONFIG_MTD_ONENAND_GENERIC=m +CONFIG_MTD_ONENAND_OTP=y +CONFIG_MTD_ONENAND_2X_PROGRAM=y CONFIG_MTD_NAND_ECC=m CONFIG_MTD_NAND_ECC_SMC=y CONFIG_MTD_NAND=m @@ -2030,7 +2051,6 @@ CONFIG_MTD_SM_COMMON=m CONFIG_MTD_NAND_DENALI=m CONFIG_MTD_NAND_DENALI_PCI=m CONFIG_MTD_NAND_GPIO=m -# CONFIG_MTD_NAND_OMAP_BCH_BUILD is not set CONFIG_MTD_NAND_RICOH=m CONFIG_MTD_NAND_DISKONCHIP=m CONFIG_MTD_NAND_DISKONCHIP_PROBE_ADVANCED=y @@ -2041,11 +2061,6 @@ CONFIG_MTD_NAND_DOCG4=m CONFIG_MTD_NAND_CAFE=m CONFIG_MTD_NAND_NANDSIM=m CONFIG_MTD_NAND_PLATFORM=m -CONFIG_MTD_ONENAND=m -CONFIG_MTD_ONENAND_VERIFY_WRITE=y -CONFIG_MTD_ONENAND_GENERIC=m -CONFIG_MTD_ONENAND_OTP=y -CONFIG_MTD_ONENAND_2X_PROGRAM=y # # LPDDR & LPDDR2 PCM memory drivers @@ -2072,7 +2087,6 @@ CONFIG_PARPORT_SERIAL=m CONFIG_PARPORT_PC_FIFO=y CONFIG_PARPORT_PC_SUPERIO=y CONFIG_PARPORT_PC_PCMCIA=m -# CONFIG_PARPORT_GSC is not set CONFIG_PARPORT_AX88796=m CONFIG_PARPORT_1284=y CONFIG_PARPORT_NOT_PC=y @@ -2119,9 +2133,9 @@ CONFIG_PARIDE_ON26=m CONFIG_BLK_DEV_PCIESSD_MTIP32XX=m CONFIG_ZRAM=m CONFIG_ZRAM_WRITEBACK=y +# CONFIG_ZRAM_MEMORY_TRACKING is not set CONFIG_BLK_DEV_DAC960=m CONFIG_BLK_DEV_UMEM=m -# CONFIG_BLK_DEV_COW_COMMON is not set CONFIG_BLK_DEV_LOOP=y CONFIG_BLK_DEV_LOOP_MIN_COUNT=8 CONFIG_BLK_DEV_CRYPTOLOOP=m @@ -2266,10 +2280,6 @@ CONFIG_VHOST_RING=m CONFIG_GENWQE=m CONFIG_GENWQE_PLATFORM_ERROR_RECOVERY=0 CONFIG_ECHO=m -# CONFIG_CXL_BASE is not set -# CONFIG_CXL_AFU_DRIVER_OPS is not set -# CONFIG_CXL_LIB is not set -# CONFIG_OCXL_BASE is not set CONFIG_MISC_RTSX_PCI=m CONFIG_MISC_RTSX_USB=m CONFIG_HAVE_IDE=y @@ -2375,11 +2385,6 @@ CONFIG_FCOE_FNIC=m CONFIG_SCSI_SNIC=m # CONFIG_SCSI_SNIC_DEBUG_FS is not set CONFIG_SCSI_DMX3191D=m -CONFIG_SCSI_EATA=m -# CONFIG_SCSI_EATA_TAGGED_QUEUE is not set -# CONFIG_SCSI_EATA_LINKED_COMMANDS is not set -CONFIG_SCSI_EATA_MAX_TAGS=16 -CONFIG_SCSI_FUTURE_DOMAIN=m CONFIG_SCSI_GDTH=m CONFIG_SCSI_ISCI=m CONFIG_SCSI_IPS=m @@ -2418,7 +2423,6 @@ CONFIG_SCSI_VIRTIO=m CONFIG_SCSI_CHELSIO_FCOE=m CONFIG_SCSI_LOWLEVEL_PCMCIA=y CONFIG_PCMCIA_AHA152X=m -CONFIG_PCMCIA_FDOMAIN=m CONFIG_PCMCIA_QLOGIC=m CONFIG_PCMCIA_SYM53C500=m CONFIG_SCSI_DH=y @@ -2431,7 +2435,6 @@ CONFIG_SCSI_OSD_ULD=m CONFIG_SCSI_OSD_DPRINT_SENSE=1 # CONFIG_SCSI_OSD_DEBUG is not set CONFIG_ATA=m -# CONFIG_ATA_NONSTANDARD is not set CONFIG_ATA_VERBOSE_ERROR=y CONFIG_ATA_ACPI=y CONFIG_SATA_ZPODD=y @@ -2554,6 +2557,7 @@ CONFIG_DM_SNAPSHOT=m CONFIG_DM_THIN_PROVISIONING=m CONFIG_DM_CACHE=m CONFIG_DM_CACHE_SMQ=m +CONFIG_DM_WRITECACHE=m CONFIG_DM_ERA=m CONFIG_DM_MIRROR=m CONFIG_DM_LOG_USERSPACE=m @@ -2705,6 +2709,7 @@ CONFIG_MICROCHIP_KSZ=m CONFIG_MICROCHIP_KSZ_SPI_DRIVER=m CONFIG_NET_DSA_MV88E6XXX=m CONFIG_NET_DSA_MV88E6XXX_GLOBAL2=y +CONFIG_NET_DSA_MV88E6XXX_PTP=y CONFIG_NET_DSA_QCA8K=m CONFIG_NET_DSA_SMSC_LAN9303=m CONFIG_NET_DSA_SMSC_LAN9303_I2C=m @@ -2746,10 +2751,6 @@ CONFIG_ATL1C=m CONFIG_ALX=m CONFIG_NET_VENDOR_AURORA=y CONFIG_AURORA_NB8800=m -CONFIG_NET_CADENCE=y -CONFIG_MACB=m -CONFIG_MACB_USE_HWSTAMP=y -CONFIG_MACB_PCI=m CONFIG_NET_VENDOR_BROADCOM=y CONFIG_B44=m CONFIG_B44_PCI_AUTOSELECT=y @@ -2767,6 +2768,10 @@ CONFIG_BNXT_FLOWER_OFFLOAD=y CONFIG_BNXT_DCB=y CONFIG_NET_VENDOR_BROCADE=y CONFIG_BNA=m +CONFIG_NET_CADENCE=y +CONFIG_MACB=m +CONFIG_MACB_USE_HWSTAMP=y +CONFIG_MACB_PCI=m CONFIG_NET_VENDOR_CAVIUM=y CONFIG_THUNDER_NIC_PF=m CONFIG_THUNDER_NIC_VF=m @@ -2811,16 +2816,13 @@ CONFIG_NET_VENDOR_EMULEX=y CONFIG_BE2NET=m CONFIG_BE2NET_HWMON=y CONFIG_NET_VENDOR_EZCHIP=y -CONFIG_NET_VENDOR_EXAR=y -CONFIG_S2IO=m -CONFIG_VXGE=m -# CONFIG_VXGE_DEBUG_TRACE_ALL is not set CONFIG_NET_VENDOR_FUJITSU=y CONFIG_PCMCIA_FMVJ18X=m CONFIG_NET_VENDOR_HP=y CONFIG_HP100=m CONFIG_NET_VENDOR_HUAWEI=y CONFIG_HINIC=m +CONFIG_NET_VENDOR_I825XX=y CONFIG_NET_VENDOR_INTEL=y CONFIG_E100=m CONFIG_E1000=m @@ -2839,8 +2841,12 @@ CONFIG_IXGBEVF=m CONFIG_I40E=m CONFIG_I40E_DCB=y CONFIG_I40EVF=m +CONFIG_ICE=m CONFIG_FM10K=m -CONFIG_NET_VENDOR_I825XX=y +CONFIG_NET_VENDOR_EXAR=y +CONFIG_S2IO=m +CONFIG_VXGE=m +# CONFIG_VXGE_DEBUG_TRACE_ALL is not set CONFIG_JME=m CONFIG_NET_VENDOR_MARVELL=y CONFIG_MVMDIO=m @@ -2879,6 +2885,10 @@ CONFIG_NET_VENDOR_MICROCHIP=y CONFIG_ENC28J60=m # CONFIG_ENC28J60_WRITEVERIFY is not set CONFIG_ENCX24J600=m +CONFIG_LAN743X=m +CONFIG_NET_VENDOR_MICROSEMI=y +CONFIG_MSCC_OCELOT_SWITCH=m +CONFIG_MSCC_OCELOT_SWITCH_OCELOT=m CONFIG_NET_VENDOR_MYRI=y CONFIG_MYRI10GE=m CONFIG_MYRI10GE_DCA=y @@ -2889,7 +2899,9 @@ CONFIG_NS83820=m CONFIG_NET_VENDOR_NETRONOME=y CONFIG_NFP=m # CONFIG_NFP_APP_FLOWER is not set +CONFIG_NFP_APP_ABM_NIC=y # CONFIG_NFP_DEBUG is not set +CONFIG_NET_VENDOR_NI=y CONFIG_NET_VENDOR_8390=y CONFIG_PCMCIA_AXNET=m CONFIG_NE2K_PCI=m @@ -2920,6 +2932,8 @@ CONFIG_QED_OOO=y CONFIG_NET_VENDOR_QUALCOMM=y CONFIG_QCOM_EMAC=m CONFIG_RMNET=m +CONFIG_NET_VENDOR_RDC=y +CONFIG_R6040=m CONFIG_NET_VENDOR_REALTEK=y CONFIG_ATP=m CONFIG_8139CP=m @@ -2930,18 +2944,11 @@ CONFIG_8139TOO_8129=y # CONFIG_8139_OLD_RX_RESET is not set CONFIG_R8169=m CONFIG_NET_VENDOR_RENESAS=y -CONFIG_NET_VENDOR_RDC=y -CONFIG_R6040=m CONFIG_NET_VENDOR_ROCKER=y CONFIG_ROCKER=m CONFIG_NET_VENDOR_SAMSUNG=y CONFIG_SXGBE_ETH=m CONFIG_NET_VENDOR_SEEQ=y -CONFIG_NET_VENDOR_SILAN=y -CONFIG_SC92031=m -CONFIG_NET_VENDOR_SIS=y -CONFIG_SIS900=m -CONFIG_SIS190=m CONFIG_NET_VENDOR_SOLARFLARE=y CONFIG_SFC=m CONFIG_SFC_MTD=y @@ -2950,11 +2957,15 @@ CONFIG_SFC_SRIOV=y CONFIG_SFC_MCDI_LOGGING=y CONFIG_SFC_FALCON=m CONFIG_SFC_FALCON_MTD=y +CONFIG_NET_VENDOR_SILAN=y +CONFIG_SC92031=m +CONFIG_NET_VENDOR_SIS=y +CONFIG_SIS900=m +CONFIG_SIS190=m CONFIG_NET_VENDOR_SMSC=y CONFIG_PCMCIA_SMC91C92=m CONFIG_EPIC100=m CONFIG_SMSC911X=m -# CONFIG_SMSC911X_ARCH_HOOKS is not set CONFIG_SMSC9420=m # CONFIG_NET_VENDOR_SOCIONEXT is not set CONFIG_NET_VENDOR_STMICRO=y @@ -2967,6 +2978,9 @@ CONFIG_HAPPYMEAL=m CONFIG_SUNGEM=m CONFIG_CASSINI=m CONFIG_NIU=m +CONFIG_NET_VENDOR_SYNOPSYS=y +CONFIG_DWC_XLGMAC=m +CONFIG_DWC_XLGMAC_PCI=m CONFIG_NET_VENDOR_TEHUTI=y CONFIG_TEHUTI=m CONFIG_NET_VENDOR_TI=y @@ -2985,9 +2999,6 @@ CONFIG_WIZNET_BUS_ANY=y CONFIG_WIZNET_W5100_SPI=m CONFIG_NET_VENDOR_XIRCOM=y CONFIG_PCMCIA_XIRC2PS=m -CONFIG_NET_VENDOR_SYNOPSYS=y -CONFIG_DWC_XLGMAC=m -CONFIG_DWC_XLGMAC_PCI=m CONFIG_FDDI=m CONFIG_DEFXX=m # CONFIG_DEFXX_MMIO is not set @@ -3001,7 +3012,10 @@ CONFIG_MDIO_BUS=m CONFIG_MDIO_BITBANG=m CONFIG_MDIO_CAVIUM=m CONFIG_MDIO_GPIO=m +CONFIG_MDIO_I2C=m +CONFIG_MDIO_MSCC_MIIM=m CONFIG_MDIO_THUNDER=m +CONFIG_PHYLINK=m CONFIG_PHYLIB=m CONFIG_SWPHY=y CONFIG_LED_TRIGGER_PHY=y @@ -3009,8 +3023,10 @@ CONFIG_LED_TRIGGER_PHY=y # # MII PHY device drivers # +CONFIG_SFP=m CONFIG_AMD_PHY=m CONFIG_AQUANTIA_PHY=m +CONFIG_ASIX_PHY=m CONFIG_AT803X_PHY=m CONFIG_BCM7XXX_PHY=m CONFIG_BCM87XX_PHY=m @@ -3020,6 +3036,7 @@ CONFIG_CICADA_PHY=m CONFIG_CORTINA_PHY=m CONFIG_DAVICOM_PHY=m CONFIG_DP83822_PHY=m +CONFIG_DP83TC811_PHY=m CONFIG_DP83848_PHY=m CONFIG_DP83867_PHY=m CONFIG_FIXED_PHY=m @@ -3031,6 +3048,7 @@ CONFIG_MARVELL_PHY=m CONFIG_MARVELL_10G_PHY=m CONFIG_MICREL_PHY=m CONFIG_MICROCHIP_PHY=m +CONFIG_MICROCHIP_T1_PHY=m CONFIG_MICROSEMI_PHY=m CONFIG_NATIONAL_PHY=m CONFIG_QSEMI_PHY=m @@ -3149,6 +3167,7 @@ CONFIG_WIL6210_ISR_COR=y CONFIG_WIL6210_TRACING=y CONFIG_WIL6210_DEBUGFS=y CONFIG_ATH10K=m +CONFIG_ATH10K_CE=y CONFIG_ATH10K_PCI=m CONFIG_ATH10K_SDIO=m CONFIG_ATH10K_USB=m @@ -3338,6 +3357,7 @@ CONFIG_RSI_91X=m # CONFIG_RSI_DEBUGFS is not set CONFIG_RSI_SDIO=m CONFIG_RSI_USB=m +CONFIG_RSI_COEX=y CONFIG_WLAN_VENDOR_ST=y CONFIG_CW1200=m CONFIG_CW1200_WLAN_SDIO=m @@ -3401,11 +3421,13 @@ CONFIG_IEEE802154_ATUSB=m CONFIG_IEEE802154_ADF7242=m CONFIG_IEEE802154_CA8210=m # CONFIG_IEEE802154_CA8210_DEBUGFS is not set +CONFIG_IEEE802154_MCR20A=m CONFIG_VMXNET3=m CONFIG_FUJITSU_ES=m CONFIG_THUNDERBOLT_NET=m CONFIG_HYPERV_NET=m CONFIG_NETDEVSIM=m +CONFIG_NET_FAILOVER=m CONFIG_ISDN=y CONFIG_ISDN_I4L=m CONFIG_ISDN_PPP=y @@ -3507,8 +3529,6 @@ CONFIG_ISDN_DIVAS_USERIDI=m CONFIG_ISDN_DIVAS_MAINT=m CONFIG_ISDN_DRV_GIGASET=m CONFIG_GIGASET_CAPI=y -# CONFIG_GIGASET_I4L is not set -# CONFIG_GIGASET_DUMMYLL is not set CONFIG_GIGASET_BASE=m CONFIG_GIGASET_M105=m CONFIG_GIGASET_M101=m @@ -3588,6 +3608,7 @@ CONFIG_KEYBOARD_SUNKBD=m CONFIG_KEYBOARD_TM2_TOUCHKEY=m CONFIG_KEYBOARD_XTKBD=m CONFIG_KEYBOARD_CROS_EC=m +CONFIG_KEYBOARD_MTK_PMIC=m CONFIG_INPUT_MOUSE=y CONFIG_MOUSE_PS2=m CONFIG_MOUSE_PS2_ALPS=y @@ -3599,6 +3620,7 @@ CONFIG_MOUSE_PS2_CYPRESS=y CONFIG_MOUSE_PS2_LIFEBOOK=y CONFIG_MOUSE_PS2_TRACKPOINT=y CONFIG_MOUSE_PS2_ELANTECH=y +CONFIG_MOUSE_PS2_ELANTECH_SMBUS=y CONFIG_MOUSE_PS2_SENTELIC=y CONFIG_MOUSE_PS2_TOUCHKIT=y CONFIG_MOUSE_PS2_FOCALTECH=y @@ -3648,6 +3670,7 @@ CONFIG_JOYSTICK_XPAD_LEDS=y CONFIG_JOYSTICK_WALKERA0701=m CONFIG_JOYSTICK_PSXPAD_SPI=m CONFIG_JOYSTICK_PSXPAD_SPI_FF=y +CONFIG_JOYSTICK_PXRC=m CONFIG_INPUT_TABLET=y CONFIG_TABLET_USB_ACECAD=m CONFIG_TABLET_USB_AIPTEK=m @@ -3667,6 +3690,7 @@ CONFIG_TOUCHSCREEN_ATMEL_MXT=m # CONFIG_TOUCHSCREEN_ATMEL_MXT_T37 is not set CONFIG_TOUCHSCREEN_AUO_PIXCIR=m CONFIG_TOUCHSCREEN_BU21013=m +CONFIG_TOUCHSCREEN_CHIPONE_ICN8505=m CONFIG_TOUCHSCREEN_CY8CTMG110=m CONFIG_TOUCHSCREEN_CYTTSP_CORE=m CONFIG_TOUCHSCREEN_CYTTSP_I2C=m @@ -3799,6 +3823,7 @@ CONFIG_INPUT_SOC_BUTTON_ARRAY=m CONFIG_INPUT_DRV260X_HAPTICS=m CONFIG_INPUT_DRV2665_HAPTICS=m CONFIG_INPUT_DRV2667_HAPTICS=m +CONFIG_INPUT_RAVE_SP_PWRBUTTON=m CONFIG_RMI4_CORE=m CONFIG_RMI4_I2C=m CONFIG_RMI4_SPI=m @@ -3889,7 +3914,6 @@ CONFIG_SERIAL_8250_MANY_PORTS=y CONFIG_SERIAL_8250_SHARE_IRQ=y CONFIG_SERIAL_8250_DETECT_IRQ=y CONFIG_SERIAL_8250_RSA=y -# CONFIG_SERIAL_8250_FSL is not set CONFIG_SERIAL_8250_DW=m CONFIG_SERIAL_8250_RT288X=y CONFIG_SERIAL_8250_LPSS=y @@ -3930,7 +3954,6 @@ CONFIG_HVC_DRIVER=y CONFIG_VIRTIO_CONSOLE=m CONFIG_IPMI_HANDLER=m CONFIG_IPMI_DMI_DECODE=y -CONFIG_IPMI_PROC_INTERFACE=y CONFIG_IPMI_PANIC_EVENT=y CONFIG_IPMI_PANIC_STRING=y CONFIG_IPMI_DEVICE_INTERFACE=m @@ -4052,7 +4075,6 @@ CONFIG_I2C_GPIO=m CONFIG_I2C_KEMPLD=m CONFIG_I2C_OCORES=m CONFIG_I2C_PCA_PLATFORM=m -# CONFIG_I2C_PXA_PCI is not set CONFIG_I2C_SIMTEC=m CONFIG_I2C_XILINX=m @@ -4082,6 +4104,7 @@ CONFIG_I2C_SLAVE_EEPROM=m CONFIG_SPI=y # CONFIG_SPI_DEBUG is not set CONFIG_SPI_MASTER=y +CONFIG_SPI_MEM=y # # SPI Master Controller Drivers @@ -4128,7 +4151,7 @@ CONFIG_HSI_BOARDINFO=y # HSI clients # CONFIG_HSI_CHAR=m -CONFIG_PPS=m +CONFIG_PPS=y # CONFIG_PPS_DEBUG is not set # @@ -4146,7 +4169,7 @@ CONFIG_PPS_CLIENT_GPIO=m # # PTP clock support # -CONFIG_PTP_1588_CLOCK=m +CONFIG_PTP_1588_CLOCK=y CONFIG_DP83640_PHY=m CONFIG_PTP_1588_CLOCK_KVM=m CONFIG_PINCTRL=y @@ -4167,6 +4190,7 @@ CONFIG_PINCTRL_GEMINILAKE=m CONFIG_PINCTRL_LEWISBURG=m CONFIG_PINCTRL_SUNRISEPOINT=m CONFIG_GPIOLIB=y +CONFIG_GPIOLIB_FASTPATH_LIMIT=512 CONFIG_GPIO_ACPI=y CONFIG_GPIOLIB_IRQCHIP=y # CONFIG_DEBUG_GPIO is not set @@ -4195,6 +4219,8 @@ CONFIG_GPIO_F7188X=m CONFIG_GPIO_IT87=m CONFIG_GPIO_SCH=m CONFIG_GPIO_SCH311X=m +CONFIG_GPIO_WINBOND=m +CONFIG_GPIO_WS16C48=m # # I2C GPIO expanders @@ -4510,6 +4536,7 @@ CONFIG_SENSORS_XGENE=m CONFIG_SENSORS_ACPI_POWER=m CONFIG_SENSORS_ATK0110=m CONFIG_THERMAL=y +# CONFIG_THERMAL_STATISTICS is not set CONFIG_THERMAL_EMERGENCY_POWEROFF_DELAY_MS=0 CONFIG_THERMAL_WRITABLE_TRIPS=y CONFIG_THERMAL_DEFAULT_GOV_STEP_WISE=y @@ -4566,6 +4593,7 @@ CONFIG_ACQUIRE_WDT=m CONFIG_ADVANTECH_WDT=m CONFIG_ALIM1535_WDT=m CONFIG_ALIM7101_WDT=m +CONFIG_EBC_C384_WDT=m CONFIG_F71808E_WDT=m # CONFIG_SP5100_TCO is not set CONFIG_SBC_FITPC2_WATCHDOG=m @@ -4713,7 +4741,6 @@ CONFIG_MFD_TPS65912_I2C=m CONFIG_MFD_TPS65912_SPI=y CONFIG_MFD_WL1273_CORE=m CONFIG_MFD_LM3533=m -# CONFIG_MFD_TMIO is not set CONFIG_MFD_VX855=m CONFIG_MFD_ARIZONA=y CONFIG_MFD_ARIZONA_I2C=m @@ -4732,6 +4759,7 @@ CONFIG_REGULATOR=y CONFIG_REGULATOR_FIXED_VOLTAGE=m CONFIG_REGULATOR_VIRTUAL_CONSUMER=m CONFIG_REGULATOR_USERSPACE_CONSUMER=m +CONFIG_REGULATOR_88PG86X=m CONFIG_REGULATOR_88PM800=m CONFIG_REGULATOR_ACT8865=m CONFIG_REGULATOR_AD5398=m @@ -4792,6 +4820,7 @@ CONFIG_REGULATOR_TPS65912=m CONFIG_REGULATOR_WM831X=m CONFIG_REGULATOR_WM8994=m CONFIG_CEC_CORE=m +CONFIG_CEC_NOTIFIER=y CONFIG_CEC_PIN=y CONFIG_RC_CORE=m CONFIG_RC_MAP=m @@ -4806,10 +4835,12 @@ CONFIG_IR_SANYO_DECODER=m CONFIG_IR_SHARP_DECODER=m CONFIG_IR_MCE_KBD_DECODER=m CONFIG_IR_XMP_DECODER=m +CONFIG_IR_IMON_DECODER=m CONFIG_RC_DEVICES=y CONFIG_RC_ATI_REMOTE=m CONFIG_IR_ENE=m CONFIG_IR_IMON=m +CONFIG_IR_IMON_RAW=m CONFIG_IR_MCEUSB=m CONFIG_IR_ITE_CIR=m CONFIG_IR_FINTEK=m @@ -4836,6 +4867,7 @@ CONFIG_MEDIA_RADIO_SUPPORT=y CONFIG_MEDIA_SDR_SUPPORT=y CONFIG_MEDIA_CEC_SUPPORT=y CONFIG_MEDIA_CEC_RC=y +# CONFIG_CEC_PIN_ERROR_INJ is not set CONFIG_MEDIA_CONTROLLER=y CONFIG_MEDIA_CONTROLLER_DVB=y CONFIG_VIDEO_DEV=m @@ -4851,7 +4883,6 @@ CONFIG_V4L2_FWNODE=m CONFIG_VIDEOBUF_GEN=m CONFIG_VIDEOBUF_DMA_SG=m CONFIG_VIDEOBUF_VMALLOC=m -CONFIG_VIDEOBUF_DVB=m CONFIG_DVB_CORE=m # CONFIG_DVB_MMAP is not set CONFIG_DVB_NET=y @@ -5043,14 +5074,6 @@ CONFIG_VIDEO_SOLO6X10=m CONFIG_VIDEO_TW5864=m CONFIG_VIDEO_TW68=m CONFIG_VIDEO_TW686X=m -CONFIG_VIDEO_ZORAN=m -CONFIG_VIDEO_ZORAN_DC30=m -CONFIG_VIDEO_ZORAN_ZR36060=m -CONFIG_VIDEO_ZORAN_BUZ=m -CONFIG_VIDEO_ZORAN_DC10=m -CONFIG_VIDEO_ZORAN_LML33=m -CONFIG_VIDEO_ZORAN_LML33R10=m -CONFIG_VIDEO_ZORAN_AVS6EYES=m # # Media capture/analog TV support @@ -5118,6 +5141,9 @@ CONFIG_DVB_NETUP_UNIDVB=m CONFIG_VIDEO_IPU3_CIO2=m CONFIG_V4L_PLATFORM_DRIVERS=y CONFIG_VIDEO_CAFE_CCIC=m +CONFIG_VIDEO_CADENCE=y +CONFIG_VIDEO_CADENCE_CSI2RX=m +CONFIG_VIDEO_CADENCE_CSI2TX=m CONFIG_SOC_CAMERA=m CONFIG_SOC_CAMERA_PLATFORM=m CONFIG_V4L_MEM2MEM_DRIVERS=y @@ -5135,7 +5161,7 @@ CONFIG_SDR_PLATFORM_DRIVERS=y CONFIG_SMS_SDIO_DRV=m CONFIG_RADIO_ADAPTERS=y CONFIG_RADIO_TEA575X=m -CONFIG_RADIO_SI470X=y +CONFIG_RADIO_SI470X=m CONFIG_USB_SI470X=m CONFIG_I2C_SI470X=m CONFIG_RADIO_SI4713=m @@ -5287,10 +5313,8 @@ CONFIG_VIDEO_M52790=m # # soc_camera sensor drivers # -CONFIG_SOC_CAMERA_IMX074=m CONFIG_SOC_CAMERA_MT9M001=m CONFIG_SOC_CAMERA_MT9M111=m -CONFIG_SOC_CAMERA_MT9T031=m CONFIG_SOC_CAMERA_MT9T112=m CONFIG_SOC_CAMERA_MT9V022=m CONFIG_SOC_CAMERA_OV5642=m @@ -5299,6 +5323,11 @@ CONFIG_SOC_CAMERA_OV9640=m CONFIG_SOC_CAMERA_OV9740=m CONFIG_SOC_CAMERA_RJ54N1=m CONFIG_SOC_CAMERA_TW9910=m + +# +# Media SPI Adapters +# +CONFIG_CXD2880_SPI_DRV=m CONFIG_MEDIA_TUNER=m CONFIG_MEDIA_TUNER_SIMPLE=m CONFIG_MEDIA_TUNER_TDA18250=m @@ -5336,6 +5365,7 @@ CONFIG_MEDIA_TUNER_IT913X=m CONFIG_MEDIA_TUNER_R820T=m CONFIG_MEDIA_TUNER_MXL301RF=m CONFIG_MEDIA_TUNER_QM1D1C0042=m +CONFIG_MEDIA_TUNER_QM1D1B0004=m # # Multistandard (satellite) frontends @@ -5475,7 +5505,6 @@ CONFIG_DVB_ISL6405=m CONFIG_DVB_ISL6421=m CONFIG_DVB_ISL6423=m CONFIG_DVB_A8293=m -CONFIG_DVB_SP2=m CONFIG_DVB_LGS8GXX=m CONFIG_DVB_ATBM8830=m CONFIG_DVB_TDA665x=m @@ -5487,9 +5516,15 @@ CONFIG_DVB_ASCOT2E=m CONFIG_DVB_HELENE=m # +# Common Interface (EN50221) controller drivers +# +CONFIG_DVB_CXD2099=m +CONFIG_DVB_SP2=m + +# # Tools to develop new frontends # -# CONFIG_DVB_DUMMY_FE is not set +CONFIG_DVB_DUMMY_FE=m # # Graphics support @@ -5506,7 +5541,7 @@ CONFIG_VGA_SWITCHEROO=y CONFIG_DRM=m CONFIG_DRM_MIPI_DSI=y CONFIG_DRM_DP_AUX_CHARDEV=y -# CONFIG_DRM_DEBUG_MM_SELFTEST is not set +CONFIG_DRM_DEBUG_SELFTEST=m CONFIG_DRM_KMS_HELPER=m CONFIG_DRM_KMS_FB_HELPER=y CONFIG_DRM_FBDEV_EMULATION=y @@ -5524,6 +5559,7 @@ CONFIG_DRM_SCHED=m CONFIG_DRM_I2C_CH7006=m CONFIG_DRM_I2C_SIL164=m CONFIG_DRM_I2C_NXP_TDA998X=m +CONFIG_DRM_I2C_NXP_TDA9950=m CONFIG_DRM_RADEON=m # CONFIG_DRM_RADEON_USERPTR is not set CONFIG_DRM_AMDGPU=m @@ -5541,7 +5577,6 @@ CONFIG_DRM_AMD_ACP=y # Display Engine Configuration # CONFIG_DRM_AMD_DC=y -CONFIG_DRM_AMD_DC_PRE_VEGA=y # CONFIG_DRM_AMD_DC_FBC is not set CONFIG_DRM_AMD_DC_DCN1_0=y # CONFIG_DEBUG_KERNEL_DC is not set @@ -5601,7 +5636,7 @@ CONFIG_TINYDRM_ST7586=m CONFIG_TINYDRM_ST7735R=m # CONFIG_DRM_LEGACY is not set CONFIG_DRM_PANEL_ORIENTATION_QUIRKS=y -# CONFIG_DRM_LIB_RANDOM is not set +CONFIG_DRM_LIB_RANDOM=y # # Frame buffer Devices @@ -5610,24 +5645,19 @@ CONFIG_FB=y CONFIG_FIRMWARE_EDID=y CONFIG_FB_CMDLINE=y CONFIG_FB_NOTIFY=y -# CONFIG_FB_DDC is not set CONFIG_FB_BOOT_VESA_SUPPORT=y CONFIG_FB_CFB_FILLRECT=y CONFIG_FB_CFB_COPYAREA=y CONFIG_FB_CFB_IMAGEBLIT=y -# CONFIG_FB_CFB_REV_PIXELS_IN_BYTE is not set CONFIG_FB_SYS_FILLRECT=m CONFIG_FB_SYS_COPYAREA=m CONFIG_FB_SYS_IMAGEBLIT=m -# CONFIG_FB_PROVIDE_GET_FB_UNMAPPED_AREA is not set CONFIG_FB_FOREIGN_ENDIAN=y CONFIG_FB_BOTH_ENDIAN=y # CONFIG_FB_BIG_ENDIAN is not set # CONFIG_FB_LITTLE_ENDIAN is not set CONFIG_FB_SYS_FOPS=m CONFIG_FB_DEFERRED_IO=y -# CONFIG_FB_SVGALIB is not set -# CONFIG_FB_MACMODES is not set CONFIG_FB_BACKLIGHT=y CONFIG_FB_MODE_HELPERS=y CONFIG_FB_TILEBLITTING=y @@ -5642,7 +5672,7 @@ CONFIG_FB_TILEBLITTING=y # CONFIG_FB_ASILIANT is not set # CONFIG_FB_IMSTT is not set # CONFIG_FB_VGA16 is not set -CONFIG_FB_UVESA=m +# CONFIG_FB_UVESA is not set CONFIG_FB_VESA=y CONFIG_FB_EFI=y # CONFIG_FB_N411 is not set @@ -5678,7 +5708,6 @@ CONFIG_FB_EFI=y # CONFIG_FB_METRONOME is not set # CONFIG_FB_MB862XX is not set # CONFIG_FB_BROADSHEET is not set -# CONFIG_FB_AUO_K190X is not set # CONFIG_FB_HYPERV is not set CONFIG_FB_SIMPLE=y # CONFIG_FB_SM712 is not set @@ -5697,6 +5726,7 @@ CONFIG_LCD_LD9040=m CONFIG_LCD_AMS369FG06=m CONFIG_LCD_LMS501KF03=m CONFIG_LCD_HX8357=m +CONFIG_LCD_OTM3225A=m CONFIG_BACKLIGHT_CLASS_DEVICE=y CONFIG_BACKLIGHT_GENERIC=m CONFIG_BACKLIGHT_LM3533=m @@ -5717,7 +5747,7 @@ CONFIG_BACKLIGHT_GPIO=m CONFIG_BACKLIGHT_LV5207LP=m CONFIG_BACKLIGHT_BD6107=m CONFIG_BACKLIGHT_ARCXCNN=m -# CONFIG_VGASTATE is not set +CONFIG_BACKLIGHT_RAVE_SP=m CONFIG_HDMI=y # @@ -5735,8 +5765,8 @@ CONFIG_FRAMEBUFFER_CONSOLE_DETECT_PRIMARY=y CONFIG_FRAMEBUFFER_CONSOLE_ROTATION=y CONFIG_LOGO=y CONFIG_LOGO_LINUX_MONO=y -# CONFIG_LOGO_LINUX_VGA16 is not set -# CONFIG_LOGO_LINUX_CLUT224 is not set +CONFIG_LOGO_LINUX_VGA16=y +CONFIG_LOGO_LINUX_CLUT224=y CONFIG_SOUND=m CONFIG_SOUND_OSS_CORE=y CONFIG_SOUND_OSS_CORE_PRECLAIM=y @@ -5778,7 +5808,6 @@ CONFIG_SND_SEQ_VIRMIDI=m CONFIG_SND_MPU401_UART=m CONFIG_SND_OPL3_LIB=m CONFIG_SND_OPL3_LIB_SEQ=m -# CONFIG_SND_OPL4_LIB_SEQ is not set CONFIG_SND_VX_LIB=m CONFIG_SND_AC97_CODEC=m CONFIG_SND_DRIVERS=y @@ -5933,6 +5962,7 @@ CONFIG_SND_SOC_COMPRESS=y CONFIG_SND_SOC_TOPOLOGY=y CONFIG_SND_SOC_ACPI=m CONFIG_SND_SOC_AMD_ACP=m +CONFIG_SND_SOC_AMD_CZ_DA7219MX98357_MACH=m CONFIG_SND_SOC_AMD_CZ_RT5645_MACH=m CONFIG_SND_ATMEL_SOC=m CONFIG_SND_DESIGNWARE_I2S=m @@ -5967,9 +5997,9 @@ CONFIG_SND_SOC_INTEL_SST_ACPI=m CONFIG_SND_SOC_INTEL_SST=m CONFIG_SND_SOC_INTEL_SST_FIRMWARE=m CONFIG_SND_SOC_INTEL_HASWELL=m -CONFIG_SND_SOC_INTEL_BAYTRAIL=m -CONFIG_SND_SST_ATOM_HIFI2_PLATFORM_PCI=m CONFIG_SND_SST_ATOM_HIFI2_PLATFORM=m +CONFIG_SND_SST_ATOM_HIFI2_PLATFORM_PCI=m +CONFIG_SND_SST_ATOM_HIFI2_PLATFORM_ACPI=m CONFIG_SND_SOC_INTEL_SKYLAKE_SSP_CLK=m CONFIG_SND_SOC_INTEL_SKYLAKE=m CONFIG_SND_SOC_ACPI_INTEL_MATCH=m @@ -5977,13 +6007,12 @@ CONFIG_SND_SOC_INTEL_MACH=y CONFIG_SND_SOC_INTEL_HASWELL_MACH=m CONFIG_SND_SOC_INTEL_BDW_RT5677_MACH=m CONFIG_SND_SOC_INTEL_BROADWELL_MACH=m -CONFIG_SND_SOC_INTEL_BYT_MAX98090_MACH=m -CONFIG_SND_SOC_INTEL_BYT_RT5640_MACH=m CONFIG_SND_SOC_INTEL_BYTCR_RT5640_MACH=m CONFIG_SND_SOC_INTEL_BYTCR_RT5651_MACH=m CONFIG_SND_SOC_INTEL_CHT_BSW_RT5672_MACH=m CONFIG_SND_SOC_INTEL_CHT_BSW_RT5645_MACH=m CONFIG_SND_SOC_INTEL_CHT_BSW_MAX98090_TI_MACH=m +CONFIG_SND_SOC_INTEL_CHT_BSW_NAU8824_MACH=m CONFIG_SND_SOC_INTEL_BYT_CHT_DA7213_MACH=m CONFIG_SND_SOC_INTEL_BYT_CHT_ES8316_MACH=m CONFIG_SND_SOC_INTEL_BYT_CHT_NOCODEC_MACH=m @@ -5994,6 +6023,7 @@ CONFIG_SND_SOC_INTEL_BXT_DA7219_MAX98357A_MACH=m CONFIG_SND_SOC_INTEL_BXT_RT298_MACH=m CONFIG_SND_SOC_INTEL_KBL_RT5663_MAX98927_MACH=m CONFIG_SND_SOC_INTEL_KBL_RT5663_RT5514_MAX98927_MACH=m +CONFIG_SND_SOC_INTEL_KBL_DA7219_MAX98357A_MACH=m # # STMicroelectronics STM32 SOC audio support @@ -6014,11 +6044,14 @@ CONFIG_SND_SOC_ADAU1761_I2C=m CONFIG_SND_SOC_ADAU1761_SPI=m CONFIG_SND_SOC_ADAU7002=m CONFIG_SND_SOC_AK4104=m +CONFIG_SND_SOC_AK4458=m CONFIG_SND_SOC_AK4554=m CONFIG_SND_SOC_AK4613=m CONFIG_SND_SOC_AK4642=m CONFIG_SND_SOC_AK5386=m +CONFIG_SND_SOC_AK5558=m CONFIG_SND_SOC_ALC5623=m +CONFIG_SND_SOC_BD28623=m # CONFIG_SND_SOC_BT_SCO is not set CONFIG_SND_SOC_CS35L32=m CONFIG_SND_SOC_CS35L33=m @@ -6056,12 +6089,15 @@ CONFIG_SND_SOC_INNO_RK3036=m CONFIG_SND_SOC_MAX98090=m CONFIG_SND_SOC_MAX98357A=m CONFIG_SND_SOC_MAX98504=m +CONFIG_SND_SOC_MAX9867=m CONFIG_SND_SOC_MAX98927=m CONFIG_SND_SOC_MAX98373=m CONFIG_SND_SOC_MAX9860=m CONFIG_SND_SOC_MSM8916_WCD_ANALOG=m CONFIG_SND_SOC_MSM8916_WCD_DIGITAL=m CONFIG_SND_SOC_PCM1681=m +CONFIG_SND_SOC_PCM1789=m +CONFIG_SND_SOC_PCM1789_I2C=m CONFIG_SND_SOC_PCM179X=m CONFIG_SND_SOC_PCM179X_I2C=m CONFIG_SND_SOC_PCM179X_SPI=m @@ -6080,7 +6116,6 @@ CONFIG_SND_SOC_RT286=m CONFIG_SND_SOC_RT298=m CONFIG_SND_SOC_RT5514=m CONFIG_SND_SOC_RT5514_SPI=m -# CONFIG_SND_SOC_RT5514_SPI_BUILTIN is not set CONFIG_SND_SOC_RT5616=m CONFIG_SND_SOC_RT5631=m CONFIG_SND_SOC_RT5640=m @@ -6097,6 +6132,7 @@ CONFIG_SND_SOC_SIGMADSP_I2C=m CONFIG_SND_SOC_SIGMADSP_REGMAP=m CONFIG_SND_SOC_SIRF_AUDIO_CODEC=m CONFIG_SND_SOC_SPDIF=m +CONFIG_SND_SOC_SSM2305=m CONFIG_SND_SOC_SSM2602=m CONFIG_SND_SOC_SSM2602_SPI=m CONFIG_SND_SOC_SSM2602_I2C=m @@ -6109,6 +6145,7 @@ CONFIG_SND_SOC_TAS5086=m CONFIG_SND_SOC_TAS571X=m CONFIG_SND_SOC_TAS5720=m CONFIG_SND_SOC_TAS6424=m +CONFIG_SND_SOC_TDA7419=m CONFIG_SND_SOC_TFA9879=m CONFIG_SND_SOC_TLV320AIC23=m CONFIG_SND_SOC_TLV320AIC23_I2C=m @@ -6120,6 +6157,7 @@ CONFIG_SND_SOC_TLV320AIC32X4_SPI=m CONFIG_SND_SOC_TLV320AIC3X=m CONFIG_SND_SOC_TS3A227E=m CONFIG_SND_SOC_TSCS42XX=m +CONFIG_SND_SOC_TSCS454=m CONFIG_SND_SOC_WM8510=m CONFIG_SND_SOC_WM8523=m CONFIG_SND_SOC_WM8524=m @@ -6133,6 +6171,7 @@ CONFIG_SND_SOC_WM8750=m CONFIG_SND_SOC_WM8753=m CONFIG_SND_SOC_WM8770=m CONFIG_SND_SOC_WM8776=m +CONFIG_SND_SOC_WM8782=m CONFIG_SND_SOC_WM8804=m CONFIG_SND_SOC_WM8804_I2C=m CONFIG_SND_SOC_WM8804_SPI=m @@ -6143,6 +6182,8 @@ CONFIG_SND_SOC_WM8974=m CONFIG_SND_SOC_WM8978=m CONFIG_SND_SOC_WM8985=m CONFIG_SND_SOC_ZX_AUD96P22=m +CONFIG_SND_SOC_MAX9759=m +CONFIG_SND_SOC_MT6351=m CONFIG_SND_SOC_NAU8540=m CONFIG_SND_SOC_NAU8810=m CONFIG_SND_SOC_NAU8824=m @@ -6187,6 +6228,7 @@ CONFIG_HID_CYPRESS=m CONFIG_HID_DRAGONRISE=m CONFIG_DRAGONRISE_FF=y CONFIG_HID_EMS_FF=m +CONFIG_HID_ELAN=m CONFIG_HID_ELECOM=m CONFIG_HID_ELO=m CONFIG_HID_EZKEY=m @@ -6194,6 +6236,7 @@ CONFIG_HID_GEMBIRD=m CONFIG_HID_GFRM=m CONFIG_HID_HOLTEK=m CONFIG_HOLTEK_FF=y +CONFIG_HID_GOOGLE_HAMMER=m CONFIG_HID_GT683R=m CONFIG_HID_KEYTOUCH=m CONFIG_HID_KYE=m @@ -6217,6 +6260,7 @@ CONFIG_LOGIG940_FF=y CONFIG_LOGIWHEELS_FF=y CONFIG_HID_MAGICMOUSE=m CONFIG_HID_MAYFLASH=m +CONFIG_HID_REDRAGON=m CONFIG_HID_MICROSOFT=m CONFIG_HID_MONTEREY=m CONFIG_HID_MULTITOUCH=m @@ -6242,6 +6286,7 @@ CONFIG_HID_SAMSUNG=m CONFIG_HID_SONY=m CONFIG_SONY_FF=y CONFIG_HID_SPEEDLINK=m +CONFIG_HID_STEAM=m CONFIG_HID_STEELSERIES=m CONFIG_HID_SUNPLUS=m CONFIG_HID_RMI=m @@ -6320,7 +6365,6 @@ CONFIG_USB_EHCI_PCI=m CONFIG_USB_EHCI_HCD_PLATFORM=m CONFIG_USB_OXU210HP_HCD=m CONFIG_USB_ISP116X_HCD=m -CONFIG_USB_ISP1362_HCD=m CONFIG_USB_FOTG210_HCD=m CONFIG_USB_MAX3421_HCD=m CONFIG_USB_OHCI_HCD=m @@ -6422,7 +6466,6 @@ CONFIG_USB_CHIPIDEA=m CONFIG_USB_CHIPIDEA_PCI=m CONFIG_USB_CHIPIDEA_UDC=y CONFIG_USB_CHIPIDEA_HOST=y -# CONFIG_USB_CHIPIDEA_ULPI is not set CONFIG_USB_ISP1760=m CONFIG_USB_ISP1760_HCD=y CONFIG_USB_ISP1761_UDC=y @@ -6646,8 +6689,15 @@ CONFIG_TYPEC_FUSB302=m CONFIG_TYPEC_UCSI=m CONFIG_UCSI_ACPI=m CONFIG_TYPEC_TPS6598X=m + +# +# USB Type-C Multiplexer/DeMultiplexer Switch support +# +CONFIG_TYPEC_MUX_PI3USB30532=m +CONFIG_USB_ROLES_INTEL_XHCI=m CONFIG_USB_LED_TRIG=y CONFIG_USB_ULPI_BUS=m +CONFIG_USB_ROLE_SWITCH=m CONFIG_UWB=m CONFIG_UWB_HWA=m CONFIG_UWB_WHCI=m @@ -6714,6 +6764,7 @@ CONFIG_LEDS_AS3645A=m CONFIG_LEDS_LM3530=m CONFIG_LEDS_LM3533=m CONFIG_LEDS_LM3642=m +CONFIG_LEDS_LM3601X=m CONFIG_LEDS_MT6323=m CONFIG_LEDS_PCA9532=m CONFIG_LEDS_PCA9532_GPIO=y @@ -6748,6 +6799,7 @@ CONFIG_LEDS_MENF21BMC=m # CONFIG_LEDS_BLINKM=m CONFIG_LEDS_MLXCPLD=m +CONFIG_LEDS_MLXREG=m CONFIG_LEDS_USER=m CONFIG_LEDS_NIC78BX=m @@ -6778,7 +6830,7 @@ CONFIG_A11Y_BRAILLE_CONSOLE=y CONFIG_INFINIBAND=m CONFIG_INFINIBAND_USER_MAD=m CONFIG_INFINIBAND_USER_ACCESS=m -# CONFIG_INFINIBAND_EXP_USER_ACCESS is not set +# CONFIG_INFINIBAND_EXP_LEGACY_VERBS_NEW_UAPI is not set CONFIG_INFINIBAND_USER_MEM=y CONFIG_INFINIBAND_ON_DEMAND_PAGING=y CONFIG_INFINIBAND_ADDR_TRANS=y @@ -6788,7 +6840,6 @@ CONFIG_INFINIBAND_MTHCA_DEBUG=y CONFIG_INFINIBAND_QIB=m CONFIG_INFINIBAND_QIB_DCA=y CONFIG_INFINIBAND_CXGB3=m -# CONFIG_INFINIBAND_CXGB3_DEBUG is not set CONFIG_INFINIBAND_CXGB4=m CONFIG_INFINIBAND_I40IW=m CONFIG_MLX4_INFINIBAND=m @@ -6996,7 +7047,6 @@ CONFIG_SYNC_FILE=y # CONFIG_SW_SYNC is not set CONFIG_DCA=m CONFIG_AUXDISPLAY=y -CONFIG_CHARLCD=m CONFIG_HD44780=m CONFIG_KS0108=m CONFIG_KS0108_PORT=0x378 @@ -7008,6 +7058,7 @@ CONFIG_PANEL=m CONFIG_PANEL_PARPORT=0 CONFIG_PANEL_PROFILE=5 # CONFIG_PANEL_CHANGE_MESSAGE is not set +CONFIG_CHARLCD=m CONFIG_UIO=m CONFIG_UIO_CIF=m CONFIG_UIO_PDRV_GENIRQ=m @@ -7050,73 +7101,6 @@ CONFIG_HYPERV_TSCPAGE=y CONFIG_HYPERV_UTILS=m CONFIG_HYPERV_BALLOON=m CONFIG_STAGING=y -CONFIG_IRDA=m - -# -# IrDA protocols -# -CONFIG_IRLAN=m -CONFIG_IRNET=m -CONFIG_IRCOMM=m -CONFIG_IRDA_ULTRA=y - -# -# IrDA options -# -CONFIG_IRDA_CACHE_LAST_LSAP=y -CONFIG_IRDA_FAST_RR=y -# CONFIG_IRDA_DEBUG is not set - -# -# Infrared-port device drivers -# - -# -# SIR device drivers -# -CONFIG_IRTTY_SIR=m - -# -# Dongle support -# -CONFIG_DONGLE=y -CONFIG_ESI_DONGLE=m -CONFIG_ACTISYS_DONGLE=m -CONFIG_TEKRAM_DONGLE=m -CONFIG_TOIM3232_DONGLE=m -CONFIG_LITELINK_DONGLE=m -CONFIG_MA600_DONGLE=m -CONFIG_GIRBIL_DONGLE=m -CONFIG_MCP2120_DONGLE=m -CONFIG_OLD_BELKIN_DONGLE=m -CONFIG_ACT200L_DONGLE=m -CONFIG_KINGSUN_DONGLE=m -CONFIG_KSDAZZLE_DONGLE=m -CONFIG_KS959_DONGLE=m - -# -# FIR device drivers -# -CONFIG_USB_IRDA=m -CONFIG_SIGMATEL_FIR=m -CONFIG_NSC_FIR=m -CONFIG_WINBOND_FIR=m -CONFIG_SMC_IRCC_FIR=m -CONFIG_ALI_FIR=m -CONFIG_VLSI_FIR=m -CONFIG_VIA_FIR=m -CONFIG_MCS_FIR=m -CONFIG_IPX=m -CONFIG_IPX_INTERN=y -CONFIG_NCP_FS=m -CONFIG_NCPFS_PACKET_SIGNING=y -CONFIG_NCPFS_IOCTL_LOCKING=y -CONFIG_NCPFS_STRONG=y -CONFIG_NCPFS_NFS_NS=y -CONFIG_NCPFS_OS2_NS=y -CONFIG_NCPFS_SMALLDOS=y -CONFIG_NCPFS_NLS=y -CONFIG_NCPFS_EXTRAS=y CONFIG_PRISM2_USB=m CONFIG_COMEDI=m # CONFIG_COMEDI_DEBUG is not set @@ -7279,9 +7263,7 @@ CONFIG_VT6656=m # # Accelerometers # -CONFIG_ADIS16201=m CONFIG_ADIS16203=m -CONFIG_ADIS16209=m CONFIG_ADIS16240=m # @@ -7326,17 +7308,8 @@ CONFIG_ADIS16060=m CONFIG_AD5933=m # -# Light sensors -# -CONFIG_TSL2x7x=m - -# # Active energy metering IC # -CONFIG_ADE7753=m -CONFIG_ADE7754=m -CONFIG_ADE7758=m -CONFIG_ADE7759=m CONFIG_ADE7854=m CONFIG_ADE7854_I2C=m CONFIG_ADE7854_SPI=m @@ -7345,12 +7318,7 @@ CONFIG_ADE7854_SPI=m # Resolver to digital converters # CONFIG_AD2S90=m -CONFIG_AD2S1200=m CONFIG_AD2S1210=m - -# -# Triggers - standalone -# CONFIG_FB_SM750=m CONFIG_FB_XGI=m @@ -7370,19 +7338,17 @@ CONFIG_SPEAKUP_SYNTH_SPKOUT=m CONFIG_SPEAKUP_SYNTH_TXPRT=m # CONFIG_SPEAKUP_SYNTH_DUMMY is not set CONFIG_STAGING_MEDIA=y -CONFIG_INTEL_ATOMISP=y -CONFIG_VIDEO_ATOMISP=m -CONFIG_VIDEO_ATOMISP_OV5693=m -CONFIG_VIDEO_ATOMISP_OV2722=m -CONFIG_VIDEO_ATOMISP_GC2235=m -CONFIG_VIDEO_ATOMISP_OV8858=m -CONFIG_VIDEO_ATOMISP_MSRLIST_HELPER=m -CONFIG_VIDEO_ATOMISP_MT9M114=m -CONFIG_VIDEO_ATOMISP_GC0310=m -CONFIG_VIDEO_ATOMISP_OV2680=m -CONFIG_VIDEO_ATOMISP_LM3554=m CONFIG_I2C_BCM2048=m -CONFIG_DVB_CXD2099=m +CONFIG_SOC_CAMERA_IMX074=m +CONFIG_SOC_CAMERA_MT9T031=m +CONFIG_VIDEO_ZORAN=m +CONFIG_VIDEO_ZORAN_DC30=m +CONFIG_VIDEO_ZORAN_ZR36060=m +CONFIG_VIDEO_ZORAN_BUZ=m +CONFIG_VIDEO_ZORAN_DC10=m +CONFIG_VIDEO_ZORAN_LML33=m +CONFIG_VIDEO_ZORAN_LML33R10=m +CONFIG_VIDEO_ZORAN_AVS6EYES=m # # Android @@ -7393,12 +7359,6 @@ CONFIG_FWTTY_MAX_TOTAL_PORTS=64 CONFIG_FWTTY_MAX_CARD_PORTS=32 CONFIG_MTD_SPINAND_MT29F=m CONFIG_MTD_SPINAND_ONDIEECC=y -CONFIG_LNET=m -CONFIG_LNET_MAX_PAYLOAD=1048576 -# CONFIG_LNET_SELFTEST is not set -CONFIG_LNET_XPRT_IB=m -CONFIG_LUSTRE_FS=m -# CONFIG_LUSTRE_DEBUG_EXPENSIVE_CHECK is not set CONFIG_DGNC=m CONFIG_GS_FPGABOOT=m CONFIG_CRYPTO_SKEIN=m @@ -7446,7 +7406,6 @@ CONFIG_MOST_CDEV=m CONFIG_MOST_NET=m CONFIG_MOST_SOUND=m CONFIG_MOST_VIDEO=m -CONFIG_MOST_DIM2=m CONFIG_MOST_I2C=m CONFIG_MOST_USB=m CONFIG_KS7010=m @@ -7475,8 +7434,12 @@ CONFIG_GREYBUS_USB=m # USB Power Delivery and Type-C drivers # CONFIG_TYPEC_TCPCI=m -CONFIG_DRM_VBOXVIDEO=m +CONFIG_TYPEC_RT1711H=m +# CONFIG_DRM_VBOXVIDEO is not set CONFIG_PI433=m +CONFIG_MTK_MMC=m +# CONFIG_MTK_AEE_KDUMP is not set +# CONFIG_MTK_MMC_CD_POLL is not set CONFIG_X86_PLATFORM_DEVICES=y CONFIG_ACER_WMI=m CONFIG_ACER_WIRELESS=m @@ -7560,6 +7523,7 @@ CONFIG_PMC_ATOM=y CONFIG_CHROME_PLATFORMS=y CONFIG_CHROMEOS_LAPTOP=m CONFIG_CHROMEOS_PSTORE=m +CONFIG_CHROMEOS_TBMC=m CONFIG_CROS_EC_LPC=m CONFIG_CROS_EC_LPC_MEC=y CONFIG_CROS_EC_PROTO=y @@ -7575,12 +7539,10 @@ CONFIG_COMMON_CLK=y # CONFIG_COMMON_CLK_WM831X=m CONFIG_COMMON_CLK_SI5351=m +CONFIG_COMMON_CLK_SI544=m CONFIG_COMMON_CLK_CDCE706=m CONFIG_COMMON_CLK_CS2000_CP=m -# CONFIG_COMMON_CLK_NXP is not set CONFIG_COMMON_CLK_PWM=m -# CONFIG_COMMON_CLK_PXA is not set -# CONFIG_COMMON_CLK_PIC32 is not set CONFIG_HWSPINLOCK=y # @@ -7589,11 +7551,6 @@ CONFIG_HWSPINLOCK=y CONFIG_CLKEVT_I8253=y CONFIG_I8253_LOCK=y CONFIG_CLKBLD_I8253=y -# CONFIG_ATMEL_PIT is not set -# CONFIG_SH_TIMER_CMT is not set -# CONFIG_SH_TIMER_MTU2 is not set -# CONFIG_SH_TIMER_TMU is not set -# CONFIG_EM_TIMER_STI is not set CONFIG_MAILBOX=y CONFIG_PCC=y CONFIG_ALTERA_MBOX=m @@ -7654,7 +7611,6 @@ CONFIG_SOUNDWIRE_INTEL=m # # Qualcomm SoC drivers # -# CONFIG_SUNXI_SRAM is not set CONFIG_SOC_TI=y # @@ -7710,6 +7666,8 @@ CONFIG_IIO_TRIGGERED_EVENT=m # # Accelerometers # +CONFIG_ADIS16201=m +CONFIG_ADIS16209=m CONFIG_BMA180=m CONFIG_BMA220=m CONFIG_BMC150_ACCEL=m @@ -7794,6 +7752,10 @@ CONFIG_TI_TLC4541=m CONFIG_VIPERBOARD_ADC=m # +# Analog Front Ends +# + +# # Amplifiers # CONFIG_AD8366=m @@ -7844,6 +7806,8 @@ CONFIG_AD5504=m CONFIG_AD5624R_SPI=m CONFIG_LTC2632=m CONFIG_AD5686=m +CONFIG_AD5686_SPI=m +CONFIG_AD5696_I2C=m CONFIG_AD5755=m CONFIG_AD5761=m CONFIG_AD5764=m @@ -7856,6 +7820,7 @@ CONFIG_MAX517=m CONFIG_MCP4725=m CONFIG_MCP4922=m CONFIG_TI_DAC082S085=m +CONFIG_TI_DAC5571=m # # IIO dummy driver @@ -7964,6 +7929,7 @@ CONFIG_JSA1212=m CONFIG_RPR0521=m CONFIG_SENSORS_LM3533=m CONFIG_LTR501=m +CONFIG_LV0104CS=m CONFIG_MAX44000=m CONFIG_OPT3001=m CONFIG_PA12203001=m @@ -7976,6 +7942,7 @@ CONFIG_TCS3414=m CONFIG_TCS3472=m CONFIG_SENSORS_TSL2563=m CONFIG_TSL2583=m +CONFIG_TSL2772=m CONFIG_TSL4531=m CONFIG_US5182D=m CONFIG_VCNL4000=m @@ -8022,9 +7989,11 @@ CONFIG_IIO_SYSFS_TRIGGER=m # # Digital potentiometers # +CONFIG_AD5272=m CONFIG_DS1803=m CONFIG_MAX5481=m CONFIG_MAX5487=m +CONFIG_MCP4018=m CONFIG_MCP4131=m CONFIG_MCP4531=m CONFIG_TPL0102=m @@ -8076,11 +8045,17 @@ CONFIG_SX9500=m CONFIG_SRF08=m # +# Resolver to digital converters +# +CONFIG_AD2S1200=m + +# # Temperature sensors # CONFIG_MAXIM_THERMOCOUPLE=m CONFIG_HID_SENSOR_TEMP=m CONFIG_MLX90614=m +CONFIG_MLX90632=m CONFIG_TMP006=m CONFIG_TMP007=m CONFIG_TSYS01=m @@ -8125,24 +8100,11 @@ CONFIG_PWM_PCA9685=m # IRQ chip support # CONFIG_ARM_GIC_MAX_NR=1 -# CONFIG_ARM_GIC_V3_ITS is not set CONFIG_IPACK_BUS=m CONFIG_BOARD_TPCI200=m CONFIG_SERIAL_IPOCTAL=m CONFIG_RESET_CONTROLLER=y -# CONFIG_RESET_ATH79 is not set -# CONFIG_RESET_AXS10X is not set -# CONFIG_RESET_BERLIN is not set -# CONFIG_RESET_IMX7 is not set -# CONFIG_RESET_LANTIQ is not set -# CONFIG_RESET_LPC18XX is not set -# CONFIG_RESET_MESON is not set -# CONFIG_RESET_PISTACHIO is not set -# CONFIG_RESET_SIMPLE is not set -# CONFIG_RESET_SUNXI is not set CONFIG_RESET_TI_SYSCON=m -# CONFIG_RESET_ZYNQ is not set -# CONFIG_RESET_TEGRA_BPMP is not set CONFIG_FMC=m CONFIG_FMC_FAKEDEV=m CONFIG_FMC_TRIVIAL=m @@ -8160,9 +8122,6 @@ CONFIG_PHY_CPCAP_USB=m CONFIG_PHY_QCOM_USB_HS=m CONFIG_PHY_QCOM_USB_HSIC=m CONFIG_PHY_SAMSUNG_USB2=m -# CONFIG_PHY_EXYNOS4210_USB2 is not set -# CONFIG_PHY_EXYNOS4X12_USB2 is not set -# CONFIG_PHY_EXYNOS5250_USB2 is not set CONFIG_PHY_TUSB1210=m CONFIG_POWERCAP=y CONFIG_INTEL_RAPL=m @@ -8187,9 +8146,15 @@ CONFIG_ND_BLK=m CONFIG_ND_CLAIM=y CONFIG_ND_BTT=m CONFIG_BTT=y +CONFIG_DAX_DRIVER=y CONFIG_DAX=y CONFIG_DEV_DAX=m CONFIG_NVMEM=y +CONFIG_RAVE_SP_EEPROM=m + +# +# HW tracing support +# CONFIG_STM=m # CONFIG_STM_DUMMY is not set CONFIG_STM_SOURCE_CONSOLE=m @@ -8197,6 +8162,7 @@ CONFIG_STM_SOURCE_HEARTBEAT=m # CONFIG_STM_SOURCE_FTRACE is not set CONFIG_INTEL_TH=m CONFIG_INTEL_TH_PCI=m +CONFIG_INTEL_TH_ACPI=m CONFIG_INTEL_TH_GTH=m CONFIG_INTEL_TH_STH=m CONFIG_INTEL_TH_MSU=m @@ -8207,13 +8173,10 @@ CONFIG_ALTERA_PR_IP_CORE=m CONFIG_FPGA_MGR_ALTERA_PS_SPI=m CONFIG_FPGA_MGR_ALTERA_CVP=m CONFIG_FPGA_MGR_XILINX_SPI=m +CONFIG_FPGA_MGR_MACHXO2_SPI=m CONFIG_FPGA_BRIDGE=m CONFIG_XILINX_PR_DECOUPLER=m CONFIG_FPGA_REGION=m -CONFIG_FSI=m -CONFIG_FSI_MASTER_GPIO=m -CONFIG_FSI_MASTER_HUB=m -CONFIG_FSI_SCOM=m CONFIG_PM_OPP=y # CONFIG_UNISYS_VISORBUS is not set CONFIG_SIOX=m @@ -8242,6 +8205,7 @@ CONFIG_GOOGLE_COREBOOT_TABLE=m CONFIG_GOOGLE_COREBOOT_TABLE_ACPI=m CONFIG_GOOGLE_MEMCONSOLE=m CONFIG_GOOGLE_MEMCONSOLE_X86_LEGACY=m +CONFIG_GOOGLE_FRAMEBUFFER_COREBOOT=m CONFIG_GOOGLE_MEMCONSOLE_COREBOOT=m CONFIG_GOOGLE_VPD=m @@ -8261,6 +8225,7 @@ CONFIG_EFI_TEST=m CONFIG_APPLE_PROPERTIES=y CONFIG_RESET_ATTACK_MITIGATION=y CONFIG_UEFI_CPER=y +CONFIG_UEFI_CPER_X86=y CONFIG_EFI_DEV_PATH_PARSER=y # @@ -8304,6 +8269,7 @@ CONFIG_XFS_QUOTA=y CONFIG_XFS_POSIX_ACL=y CONFIG_XFS_RT=y CONFIG_XFS_ONLINE_SCRUB=y +# CONFIG_XFS_ONLINE_REPAIR is not set # CONFIG_XFS_WARN is not set # CONFIG_XFS_DEBUG is not set CONFIG_GFS2_FS=m @@ -8342,6 +8308,7 @@ CONFIG_FSNOTIFY=y CONFIG_DNOTIFY=y CONFIG_INOTIFY_USER=y CONFIG_FANOTIFY=y +# CONFIG_FANOTIFY_ACCESS_PERMISSIONS is not set CONFIG_QUOTA=y CONFIG_QUOTA_NETLINK_INTERFACE=y # CONFIG_PRINT_QUOTA_WARNING is not set @@ -8352,6 +8319,7 @@ CONFIG_QFMT_V2=m CONFIG_QUOTACTL=y CONFIG_QUOTACTL_COMPAT=y CONFIG_AUTOFS4_FS=m +CONFIG_AUTOFS_FS=m CONFIG_FUSE_FS=m CONFIG_CUSE=m CONFIG_OVERLAY_FS=m @@ -8359,6 +8327,7 @@ CONFIG_OVERLAY_FS=m CONFIG_OVERLAY_FS_REDIRECT_ALWAYS_FOLLOW=y CONFIG_OVERLAY_FS_INDEX=y CONFIG_OVERLAY_FS_NFS_EXPORT=y +# CONFIG_OVERLAY_FS_XINO_AUTO is not set # # Caches @@ -8379,7 +8348,6 @@ CONFIG_ISO9660_FS=m CONFIG_JOLIET=y CONFIG_ZISOFS=y CONFIG_UDF_FS=m -CONFIG_UDF_NLS=y # # DOS/FAT/NT Filesystems @@ -8409,8 +8377,9 @@ CONFIG_TMPFS_POSIX_ACL=y CONFIG_TMPFS_XATTR=y CONFIG_HUGETLBFS=y CONFIG_HUGETLB_PAGE=y +CONFIG_MEMFD_CREATE=y CONFIG_ARCH_HAS_GIGANTIC_PAGE=y -CONFIG_CONFIGFS_FS=m +CONFIG_CONFIGFS_FS=y CONFIG_EFIVAR_FS=m CONFIG_MISC_FILESYSTEMS=y CONFIG_ORANGEFS_FS=m @@ -8482,9 +8451,17 @@ CONFIG_ROMFS_BACKED_BY_BOTH=y CONFIG_ROMFS_ON_BLOCK=y CONFIG_ROMFS_ON_MTD=y CONFIG_PSTORE=y -# CONFIG_PSTORE_ZLIB_COMPRESS is not set +CONFIG_PSTORE_DEFLATE_COMPRESS=y CONFIG_PSTORE_LZO_COMPRESS=y # CONFIG_PSTORE_LZ4_COMPRESS is not set +CONFIG_PSTORE_LZ4HC_COMPRESS=m +CONFIG_PSTORE_842_COMPRESS=y +CONFIG_PSTORE_COMPRESS=y +CONFIG_PSTORE_DEFLATE_COMPRESS_DEFAULT=y +# CONFIG_PSTORE_LZO_COMPRESS_DEFAULT is not set +# CONFIG_PSTORE_LZ4HC_COMPRESS_DEFAULT is not set +# CONFIG_PSTORE_842_COMPRESS_DEFAULT is not set +CONFIG_PSTORE_COMPRESS_DEFAULT="deflate" # CONFIG_PSTORE_CONSOLE is not set CONFIG_PSTORE_PMSG=y # CONFIG_PSTORE_FTRACE is not set @@ -8510,6 +8487,7 @@ CONFIG_PNFS_BLOCK=m CONFIG_PNFS_FLEXFILE_LAYOUT=m CONFIG_NFS_V4_1_IMPLEMENTATION_ID_DOMAIN="kernel.org" CONFIG_NFS_V4_1_MIGRATION=y +CONFIG_NFS_V4_SECURITY_LABEL=y CONFIG_NFS_FSCACHE=y # CONFIG_NFS_USE_LEGACY_DNS is not set CONFIG_NFS_USE_KERNEL_DNS=y @@ -8522,6 +8500,7 @@ CONFIG_NFSD_PNFS=y CONFIG_NFSD_BLOCKLAYOUT=y CONFIG_NFSD_SCSILAYOUT=y CONFIG_NFSD_FLEXFILELAYOUT=y +# CONFIG_NFSD_V4_SECURITY_LABEL is not set # CONFIG_NFSD_FAULT_INJECTION is not set CONFIG_GRACE_PERIOD=m CONFIG_LOCKD=m @@ -8622,8 +8601,8 @@ CONFIG_TRACE_IRQFLAGS_SUPPORT=y # printk and dmesg options # # CONFIG_PRINTK_TIME is not set -CONFIG_CONSOLE_LOGLEVEL_DEFAULT=4 -CONFIG_MESSAGE_LOGLEVEL_DEFAULT=4 +CONFIG_CONSOLE_LOGLEVEL_DEFAULT=1 +CONFIG_MESSAGE_LOGLEVEL_DEFAULT=1 # CONFIG_BOOT_PRINTK_DELAY is not set # CONFIG_DYNAMIC_DEBUG is not set @@ -8646,7 +8625,7 @@ CONFIG_STACK_VALIDATION=y # CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set CONFIG_MAGIC_SYSRQ=y CONFIG_MAGIC_SYSRQ_DEFAULT_ENABLE=0x1 -# CONFIG_MAGIC_SYSRQ_SERIAL is not set +CONFIG_MAGIC_SYSRQ_SERIAL=y CONFIG_DEBUG_KERNEL=y # @@ -8658,7 +8637,7 @@ CONFIG_DEBUG_KERNEL=y # CONFIG_DEBUG_PAGE_REF is not set # CONFIG_DEBUG_RODATA_TEST is not set # CONFIG_DEBUG_OBJECTS is not set -# CONFIG_SLUB_DEBUG_ON is not set +CONFIG_SLUB_DEBUG_ON=y # CONFIG_SLUB_STATS is not set CONFIG_HAVE_DEBUG_KMEMLEAK=y # CONFIG_DEBUG_KMEMLEAK is not set @@ -8673,6 +8652,7 @@ CONFIG_HAVE_DEBUG_STACKOVERFLOW=y CONFIG_HAVE_ARCH_KASAN=y # CONFIG_KASAN is not set CONFIG_ARCH_HAS_KCOV=y +CONFIG_CC_HAS_SANCOV_TRACE_PC=y # CONFIG_KCOV is not set # CONFIG_DEBUG_SHIRQ is not set @@ -8690,20 +8670,22 @@ CONFIG_PANIC_TIMEOUT=0 CONFIG_SCHED_DEBUG=y CONFIG_SCHED_INFO=y CONFIG_SCHEDSTATS=y -# CONFIG_SCHED_STACK_END_CHECK is not set +CONFIG_SCHED_STACK_END_CHECK=y # CONFIG_DEBUG_TIMEKEEPING is not set # CONFIG_DEBUG_PREEMPT is not set # # Lock Debugging (spinlocks, mutexes, etc...) # +CONFIG_LOCK_DEBUGGING_SUPPORT=y +# CONFIG_PROVE_LOCKING is not set +# CONFIG_LOCK_STAT is not set # CONFIG_DEBUG_RT_MUTEXES is not set # CONFIG_DEBUG_SPINLOCK is not set # CONFIG_DEBUG_MUTEXES is not set # CONFIG_DEBUG_WW_MUTEX_SLOWPATH is not set +# CONFIG_DEBUG_RWSEMS is not set # CONFIG_DEBUG_LOCK_ALLOC is not set -# CONFIG_PROVE_LOCKING is not set -# CONFIG_LOCK_STAT is not set # CONFIG_DEBUG_ATOMIC_SLEEP is not set # CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set # CONFIG_LOCK_TORTURE_TEST is not set @@ -8712,16 +8694,15 @@ CONFIG_STACKTRACE=y # CONFIG_WARN_ALL_UNSEEDED_RANDOM is not set # CONFIG_DEBUG_KOBJECT is not set CONFIG_DEBUG_BUGVERBOSE=y -# CONFIG_DEBUG_LIST is not set -# CONFIG_DEBUG_PI_LIST is not set -# CONFIG_DEBUG_SG is not set -# CONFIG_DEBUG_NOTIFIERS is not set -# CONFIG_DEBUG_CREDENTIALS is not set +CONFIG_DEBUG_LIST=y +CONFIG_DEBUG_PI_LIST=y +CONFIG_DEBUG_SG=y +CONFIG_DEBUG_NOTIFIERS=y +CONFIG_DEBUG_CREDENTIALS=y # # RCU Debugging # -# CONFIG_PROVE_RCU is not set CONFIG_TORTURE_TEST=m CONFIG_RCU_PERF_TEST=m # CONFIG_RCU_TORTURE_TEST is not set @@ -8732,6 +8713,7 @@ CONFIG_RCU_CPU_STALL_TIMEOUT=60 # CONFIG_DEBUG_BLOCK_EXT_DEVT is not set # CONFIG_CPU_HOTPLUG_STATE_CONTROL is not set # CONFIG_NOTIFIER_ERROR_INJECTION is not set +CONFIG_FUNCTION_ERROR_INJECTION=y # CONFIG_FAULT_INJECTION is not set CONFIG_LATENCYTOP=y CONFIG_USER_STACKTRACE_SUPPORT=y @@ -8765,11 +8747,14 @@ CONFIG_BRANCH_PROFILE_NONE=y # CONFIG_PROFILE_ANNOTATED_BRANCHES is not set CONFIG_STACK_TRACER=y CONFIG_BLK_DEV_IO_TRACE=y +CONFIG_KPROBE_EVENTS=y # CONFIG_UPROBE_EVENTS is not set -# CONFIG_PROBE_EVENTS is not set +CONFIG_BPF_EVENTS=y +CONFIG_PROBE_EVENTS=y CONFIG_DYNAMIC_FTRACE=y CONFIG_DYNAMIC_FTRACE_WITH_REGS=y CONFIG_FUNCTION_PROFILER=y +# CONFIG_BPF_KPROBE_OVERRIDE is not set CONFIG_FTRACE_MCOUNT_RECORD=y # CONFIG_FTRACE_STARTUP_TEST is not set # CONFIG_MMIOTRACE is not set @@ -8781,32 +8766,61 @@ CONFIG_FTRACE_MCOUNT_RECORD=y CONFIG_TRACING_EVENTS_GPIO=y # CONFIG_PROVIDE_OHCI1394_DMA_INIT is not set # CONFIG_DMA_API_DEBUG is not set -# CONFIG_RUNTIME_TESTING_MENU is not set +CONFIG_RUNTIME_TESTING_MENU=y +CONFIG_LKDTM=m +# CONFIG_TEST_LIST_SORT is not set +# CONFIG_TEST_SORT is not set +# CONFIG_KPROBES_SANITY_TEST is not set +# CONFIG_BACKTRACE_SELF_TEST is not set +# CONFIG_RBTREE_TEST is not set +# CONFIG_INTERVAL_TREE_TEST is not set +# CONFIG_PERCPU_TEST is not set +# CONFIG_ATOMIC64_SELFTEST is not set +# CONFIG_ASYNC_RAID6_TEST is not set +# CONFIG_TEST_HEXDUMP is not set +# CONFIG_TEST_STRING_HELPERS is not set +# CONFIG_TEST_KSTRTOX is not set +# CONFIG_TEST_PRINTF is not set +# CONFIG_TEST_BITMAP is not set +# CONFIG_TEST_UUID is not set +# CONFIG_TEST_OVERFLOW is not set +# CONFIG_TEST_RHASHTABLE is not set +# CONFIG_TEST_HASH is not set +# CONFIG_TEST_PARMAN is not set +# CONFIG_TEST_LKM is not set +# CONFIG_TEST_USER_COPY is not set +# CONFIG_TEST_BPF is not set +# CONFIG_FIND_BIT_BENCHMARK is not set +# CONFIG_TEST_FIRMWARE is not set +# CONFIG_TEST_SYSCTL is not set +# CONFIG_TEST_UDELAY is not set +# CONFIG_TEST_STATIC_KEYS is not set +# CONFIG_TEST_KMOD is not set CONFIG_MEMTEST=y # CONFIG_BUG_ON_DATA_CORRUPTION is not set # CONFIG_SAMPLES is not set CONFIG_HAVE_ARCH_KGDB=y # CONFIG_KGDB is not set CONFIG_ARCH_HAS_UBSAN_SANITIZE_ALL=y -# CONFIG_ARCH_WANTS_UBSAN_NO_NULL is not set # CONFIG_UBSAN is not set CONFIG_ARCH_HAS_DEVMEM_IS_ALLOWED=y CONFIG_STRICT_DEVMEM=y -# CONFIG_IO_STRICT_DEVMEM is not set +CONFIG_IO_STRICT_DEVMEM=y CONFIG_EARLY_PRINTK_USB=y CONFIG_X86_VERBOSE_BOOTUP=y CONFIG_EARLY_PRINTK=y CONFIG_EARLY_PRINTK_DBGP=y CONFIG_EARLY_PRINTK_EFI=y CONFIG_EARLY_PRINTK_USB_XDBC=y -# CONFIG_X86_PTDUMP_CORE is not set +CONFIG_X86_PTDUMP_CORE=y # CONFIG_X86_PTDUMP is not set # CONFIG_EFI_PGT_DUMP is not set -# CONFIG_DEBUG_WX is not set +CONFIG_DEBUG_WX=y CONFIG_DOUBLEFAULT=y # CONFIG_DEBUG_TLBFLUSH is not set # CONFIG_IOMMU_DEBUG is not set CONFIG_HAVE_MMIOTRACE_SUPPORT=y +# CONFIG_X86_DECODER_SELFTEST is not set CONFIG_IO_DELAY_TYPE_0X80=0 CONFIG_IO_DELAY_TYPE_0XED=1 CONFIG_IO_DELAY_TYPE_UDELAY=2 @@ -8838,9 +8852,14 @@ CONFIG_ENCRYPTED_KEYS=m # CONFIG_KEY_DH_OPERATIONS is not set CONFIG_SECURITY_DMESG_RESTRICT=y CONFIG_SECURITY_PERF_EVENTS_RESTRICT=y -# CONFIG_SECURITY is not set +CONFIG_SECURITY_TIOCSTI_RESTRICT=y +CONFIG_SECURITY=y CONFIG_SECURITYFS=y +CONFIG_SECURITY_NETWORK=y CONFIG_PAGE_TABLE_ISOLATION=y +# CONFIG_SECURITY_INFINIBAND is not set +# CONFIG_SECURITY_NETWORK_XFRM is not set +CONFIG_SECURITY_PATH=y CONFIG_INTEL_TXT=y CONFIG_HAVE_HARDENED_USERCOPY_ALLOCATOR=y CONFIG_HARDENED_USERCOPY=y @@ -8849,8 +8868,20 @@ CONFIG_FORTIFY_SOURCE=y CONFIG_PAGE_SANITIZE=y CONFIG_PAGE_SANITIZE_VERIFY=y # CONFIG_STATIC_USERMODEHELPER is not set -CONFIG_DEFAULT_SECURITY_DAC=y -CONFIG_DEFAULT_SECURITY="" +# CONFIG_SECURITY_SELINUX is not set +# CONFIG_SECURITY_SMACK is not set +# CONFIG_SECURITY_TOMOYO is not set +CONFIG_SECURITY_APPARMOR=y +CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=1 +CONFIG_SECURITY_APPARMOR_HASH=y +CONFIG_SECURITY_APPARMOR_HASH_DEFAULT=y +# CONFIG_SECURITY_APPARMOR_DEBUG is not set +# CONFIG_SECURITY_LOADPIN is not set +CONFIG_SECURITY_YAMA=y +# CONFIG_INTEGRITY is not set +CONFIG_DEFAULT_SECURITY_APPARMOR=y +# CONFIG_DEFAULT_SECURITY_DAC is not set +CONFIG_DEFAULT_SECURITY="apparmor" CONFIG_XOR_BLOCKS=m CONFIG_ASYNC_CORE=m CONFIG_ASYNC_MEMCPY=m @@ -8894,7 +8925,6 @@ CONFIG_CRYPTO_CRYPTD=m CONFIG_CRYPTO_MCRYPTD=m CONFIG_CRYPTO_AUTHENC=m CONFIG_CRYPTO_TEST=m -CONFIG_CRYPTO_ABLK_HELPER=m CONFIG_CRYPTO_SIMD=m CONFIG_CRYPTO_GLUE_HELPER_X86=m CONFIG_CRYPTO_ENGINE=m @@ -8905,6 +8935,19 @@ CONFIG_CRYPTO_ENGINE=m CONFIG_CRYPTO_CCM=m CONFIG_CRYPTO_GCM=m CONFIG_CRYPTO_CHACHA20POLY1305=m +CONFIG_CRYPTO_AEGIS128=m +CONFIG_CRYPTO_AEGIS128L=m +CONFIG_CRYPTO_AEGIS256=m +CONFIG_CRYPTO_AEGIS128_AESNI_SSE2=m +CONFIG_CRYPTO_AEGIS128L_AESNI_SSE2=m +CONFIG_CRYPTO_AEGIS256_AESNI_SSE2=m +CONFIG_CRYPTO_MORUS640=m +CONFIG_CRYPTO_MORUS640_GLUE=m +CONFIG_CRYPTO_MORUS640_SSE2=m +CONFIG_CRYPTO_MORUS1280=m +CONFIG_CRYPTO_MORUS1280_GLUE=m +CONFIG_CRYPTO_MORUS1280_SSE2=m +CONFIG_CRYPTO_MORUS1280_AVX2=m CONFIG_CRYPTO_SEQIV=m CONFIG_CRYPTO_ECHAINIV=m @@ -8912,6 +8955,7 @@ CONFIG_CRYPTO_ECHAINIV=m # Block modes # CONFIG_CRYPTO_CBC=m +CONFIG_CRYPTO_CFB=m CONFIG_CRYPTO_CTR=m CONFIG_CRYPTO_CTS=m CONFIG_CRYPTO_ECB=y @@ -8947,7 +8991,7 @@ CONFIG_CRYPTO_RMD128=m CONFIG_CRYPTO_RMD160=m CONFIG_CRYPTO_RMD256=m CONFIG_CRYPTO_RMD320=m -CONFIG_CRYPTO_SHA1=m +CONFIG_CRYPTO_SHA1=y CONFIG_CRYPTO_SHA1_SSSE3=m CONFIG_CRYPTO_SHA256_SSSE3=m CONFIG_CRYPTO_SHA512_SSSE3=m @@ -8955,7 +8999,7 @@ CONFIG_CRYPTO_SHA1_MB=m CONFIG_CRYPTO_SHA256_MB=m CONFIG_CRYPTO_SHA512_MB=m CONFIG_CRYPTO_SHA256=m -CONFIG_CRYPTO_SHA512=m +CONFIG_CRYPTO_SHA512=y CONFIG_CRYPTO_SHA3=m CONFIG_CRYPTO_SM3=m CONFIG_CRYPTO_TGR192=m @@ -8988,7 +9032,6 @@ CONFIG_CRYPTO_DES3_EDE_X86_64=m CONFIG_CRYPTO_FCRYPT=m CONFIG_CRYPTO_KHAZAD=m CONFIG_CRYPTO_SALSA20=m -CONFIG_CRYPTO_SALSA20_X86_64=m CONFIG_CRYPTO_CHACHA20=m CONFIG_CRYPTO_CHACHA20_X86_64=m CONFIG_CRYPTO_SEED=m @@ -8996,6 +9039,8 @@ CONFIG_CRYPTO_SERPENT=m CONFIG_CRYPTO_SERPENT_SSE2_X86_64=m CONFIG_CRYPTO_SERPENT_AVX_X86_64=m CONFIG_CRYPTO_SERPENT_AVX2_X86_64=m +CONFIG_CRYPTO_SM4=m +CONFIG_CRYPTO_SPECK=m CONFIG_CRYPTO_TEA=m CONFIG_CRYPTO_TWOFISH=m CONFIG_CRYPTO_TWOFISH_COMMON=m @@ -9006,11 +9051,12 @@ CONFIG_CRYPTO_TWOFISH_AVX_X86_64=m # # Compression # -CONFIG_CRYPTO_DEFLATE=m +CONFIG_CRYPTO_DEFLATE=y CONFIG_CRYPTO_LZO=y -CONFIG_CRYPTO_842=m -CONFIG_CRYPTO_LZ4=m -CONFIG_CRYPTO_LZ4HC=m +CONFIG_CRYPTO_842=y +CONFIG_CRYPTO_LZ4=y +CONFIG_CRYPTO_LZ4HC=y +CONFIG_CRYPTO_ZSTD=y # # Random Number Generation @@ -9032,7 +9078,6 @@ CONFIG_CRYPTO_HW=y CONFIG_CRYPTO_DEV_PADLOCK=m CONFIG_CRYPTO_DEV_PADLOCK_AES=m CONFIG_CRYPTO_DEV_PADLOCK_SHA=m -# CONFIG_CRYPTO_DEV_FSL_CAAM_CRYPTO_API_DESC is not set CONFIG_CRYPTO_DEV_CCP=y CONFIG_CRYPTO_DEV_CCP_DD=m CONFIG_CRYPTO_DEV_SP_CCP=y @@ -9049,6 +9094,7 @@ CONFIG_CRYPTO_DEV_NITROX=m CONFIG_CRYPTO_DEV_NITROX_CNN55XX=m CONFIG_CRYPTO_DEV_CHELSIO=m CONFIG_CHELSIO_IPSEC_INLINE=y +CONFIG_CRYPTO_DEV_CHELSIO_TLS=m CONFIG_CRYPTO_DEV_VIRTIO=m CONFIG_ASYMMETRIC_KEY_TYPE=y CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE=y @@ -9060,6 +9106,7 @@ CONFIG_SIGNED_PE_FILE_VERIFICATION=y # # Certificates for signature checking # +CONFIG_MODULE_SIG_KEY="certs/signing_key.pem" CONFIG_SYSTEM_TRUSTED_KEYRING=y CONFIG_SYSTEM_TRUSTED_KEYS="" # CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set @@ -9097,7 +9144,6 @@ CONFIG_BINARY_PRINTF=y # CONFIG_RAID6_PQ=m CONFIG_BITREVERSE=y -# CONFIG_HAVE_ARCH_BITREVERSE is not set CONFIG_RATIONAL=y CONFIG_GENERIC_STRNCPY_FROM_USER=y CONFIG_GENERIC_STRNLEN_USER=y @@ -9121,20 +9167,19 @@ CONFIG_CRC4=m CONFIG_CRC7=m CONFIG_LIBCRC32C=m CONFIG_CRC8=m -CONFIG_XXHASH=m -# CONFIG_AUDIT_ARCH_COMPAT_GENERIC is not set +CONFIG_XXHASH=y # CONFIG_RANDOM32_SELFTEST is not set -CONFIG_842_COMPRESS=m -CONFIG_842_DECOMPRESS=m +CONFIG_842_COMPRESS=y +CONFIG_842_DECOMPRESS=y CONFIG_ZLIB_INFLATE=y CONFIG_ZLIB_DEFLATE=y CONFIG_LZO_COMPRESS=y CONFIG_LZO_DECOMPRESS=y -CONFIG_LZ4_COMPRESS=m -CONFIG_LZ4HC_COMPRESS=m +CONFIG_LZ4_COMPRESS=y +CONFIG_LZ4HC_COMPRESS=y CONFIG_LZ4_DECOMPRESS=y -CONFIG_ZSTD_COMPRESS=m -CONFIG_ZSTD_DECOMPRESS=m +CONFIG_ZSTD_COMPRESS=y +CONFIG_ZSTD_DECOMPRESS=y CONFIG_XZ_DEC=y CONFIG_XZ_DEC_X86=y CONFIG_XZ_DEC_POWERPC=y @@ -9168,9 +9213,14 @@ CONFIG_ASSOCIATIVE_ARRAY=y CONFIG_HAS_IOMEM=y CONFIG_HAS_IOPORT_MAP=y CONFIG_HAS_DMA=y -CONFIG_SGL_ALLOC=y -# CONFIG_DMA_DIRECT_OPS is not set +CONFIG_NEED_SG_DMA_LENGTH=y +CONFIG_NEED_DMA_MAP_STATE=y +CONFIG_ARCH_DMA_ADDR_T_64BIT=y +CONFIG_DMA_DIRECT_OPS=y CONFIG_DMA_VIRT_OPS=y +CONFIG_SWIOTLB=y +CONFIG_SGL_ALLOC=y +CONFIG_IOMMU_HELPER=y CONFIG_CHECK_SIGNATURE=y CONFIG_CPUMASK_OFFSTACK=y CONFIG_CPU_RMAP=y @@ -9199,11 +9249,12 @@ CONFIG_FONT_8x16=y # CONFIG_FONT_10x18 is not set # CONFIG_FONT_SUN8x16 is not set # CONFIG_FONT_SUN12x22 is not set -# CONFIG_SG_SPLIT is not set CONFIG_SG_POOL=y CONFIG_ARCH_HAS_SG_CHAIN=y CONFIG_ARCH_HAS_PMEM_API=y CONFIG_ARCH_HAS_UACCESS_FLUSHCACHE=y +CONFIG_ARCH_HAS_UACCESS_MCSAFE=y CONFIG_SBITMAP=y CONFIG_PARMAN=m +CONFIG_PRIME_NUMBERS=m # CONFIG_STRING_SELFTEST is not set diff --git a/sys-kernel/linux-image-redcore/files/revert-disable-CRTCs-with-NULL-FB-on-their-primary-plane.patch b/sys-kernel/linux-image-redcore/files/revert-disable-CRTCs-with-NULL-FB-on-their-primary-plane.patch deleted file mode 100644 index 1fce1ef9..00000000 --- a/sys-kernel/linux-image-redcore/files/revert-disable-CRTCs-with-NULL-FB-on-their-primary-plane.patch +++ /dev/null @@ -1,48 +0,0 @@ -diff -Naur linux-4.16.2/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c linux-4.16.2-p/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c ---- linux-4.16.2/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c 2018-04-12 12:30:01.000000000 +0200 -+++ linux-4.16.2-p/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c 2018-04-13 15:31:41.086861095 +0200 -@@ -4776,33 +4776,6 @@ - return ret; - } - --static int dm_atomic_check_plane_state_fb(struct drm_atomic_state *state, -- struct drm_crtc *crtc) --{ -- struct drm_plane *plane; -- struct drm_crtc_state *crtc_state; -- -- WARN_ON(!drm_atomic_get_new_crtc_state(state, crtc)); -- -- drm_for_each_plane_mask(plane, state->dev, crtc->state->plane_mask) { -- struct drm_plane_state *plane_state = -- drm_atomic_get_plane_state(state, plane); -- -- if (IS_ERR(plane_state)) -- return -EDEADLK; -- -- crtc_state = drm_atomic_get_crtc_state(plane_state->state, crtc); -- if (IS_ERR(crtc_state)) -- return PTR_ERR(crtc_state); -- -- if (crtc->primary == plane && crtc_state->active) { -- if (!plane_state->fb) -- return -EINVAL; -- } -- } -- return 0; --} -- - static int amdgpu_dm_atomic_check(struct drm_device *dev, - struct drm_atomic_state *state) - { -@@ -4826,10 +4799,6 @@ - goto fail; - - for_each_oldnew_crtc_in_state(state, crtc, old_crtc_state, new_crtc_state, i) { -- ret = dm_atomic_check_plane_state_fb(state, crtc); -- if (ret) -- goto fail; -- - if (!drm_atomic_crtc_needs_modeset(new_crtc_state) && - !new_crtc_state->color_mgmt_changed) - continue; diff --git a/sys-kernel/linux-image-redcore/files/revert-patches-causing-instant-reboot.patch b/sys-kernel/linux-image-redcore/files/revert-patches-causing-instant-reboot.patch new file mode 100644 index 00000000..a2127cff --- /dev/null +++ b/sys-kernel/linux-image-redcore/files/revert-patches-causing-instant-reboot.patch @@ -0,0 +1,314 @@ +diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S +index 8169e8b7a4dc..12915511be61 100644 +--- a/arch/x86/boot/compressed/head_64.S ++++ b/arch/x86/boot/compressed/head_64.S +@@ -305,48 +305,13 @@ ENTRY(startup_64) + /* Set up the stack */ + leaq boot_stack_end(%rbx), %rsp + +- /* +- * paging_prepare() and cleanup_trampoline() below can have GOT +- * references. Adjust the table with address we are running at. +- * +- * Zero RAX for adjust_got: the GOT was not adjusted before; +- * there's no adjustment to undo. +- */ +- xorq %rax, %rax +- +- /* +- * Calculate the address the binary is loaded at and use it as +- * a GOT adjustment. +- */ +- call 1f +-1: popq %rdi +- subq $1b, %rdi +- +- call adjust_got +- + /* + * At this point we are in long mode with 4-level paging enabled, +- * but we might want to enable 5-level paging or vice versa. +- * +- * The problem is that we cannot do it directly. Setting or clearing +- * CR4.LA57 in long mode would trigger #GP. So we need to switch off +- * long mode and paging first. +- * +- * We also need a trampoline in lower memory to switch over from +- * 4- to 5-level paging for cases when the bootloader puts the kernel +- * above 4G, but didn't enable 5-level paging for us. +- * +- * The same trampoline can be used to switch from 5- to 4-level paging +- * mode, like when starting 4-level paging kernel via kexec() when +- * original kernel worked in 5-level paging mode. +- * +- * For the trampoline, we need the top page table to reside in lower +- * memory as we don't have a way to load 64-bit values into CR3 in +- * 32-bit mode. ++ * but we want to enable 5-level paging. + * +- * We go though the trampoline even if we don't have to: if we're +- * already in a desired paging mode. This way the trampoline code gets +- * tested on every boot. ++ * The problem is that we cannot do it directly. Setting LA57 in ++ * long mode would trigger #GP. So we need to switch off long mode ++ * first. + */ + + /* Make sure we have GDT with 32-bit code segment */ +@@ -371,32 +336,40 @@ ENTRY(startup_64) + /* Save the trampoline address in RCX */ + movq %rax, %rcx + ++ /* Check if we need to enable 5-level paging */ ++ cmpq $0, %rdx ++ jz lvl5 ++ ++ /* Clear additional page table */ ++ leaq lvl5_pgtable(%rbx), %rdi ++ xorq %rax, %rax ++ movq $(PAGE_SIZE/8), %rcx ++ rep stosq ++ + /* +- * Load the address of trampoline_return() into RDI. +- * It will be used by the trampoline to return to the main code. ++ * Setup current CR3 as the first and only entry in a new top level ++ * page table. + */ +- leaq trampoline_return(%rip), %rdi ++ movq %cr3, %rdi ++ leaq 0x7 (%rdi), %rax ++ movq %rax, lvl5_pgtable(%rbx) + + /* Switch to compatibility mode (CS.L = 0 CS.D = 1) via far return */ + pushq $__KERNEL32_CS +- leaq TRAMPOLINE_32BIT_CODE_OFFSET(%rax), %rax ++ leaq compatible_mode(%rip), %rax + pushq %rax + lretq +-trampoline_return: ++lvl5: + /* Restore the stack, the 32-bit trampoline uses its own stack */ + leaq boot_stack_end(%rbx), %rsp + + /* + * cleanup_trampoline() would restore trampoline memory. + * +- * RDI is address of the page table to use instead of page table +- * in trampoline memory (if required). +- * + * RSI holds real mode data and needs to be preserved across + * this function call. + */ + pushq %rsi +- leaq top_pgtable(%rbx), %rdi + call cleanup_trampoline + popq %rsi + +@@ -404,21 +377,6 @@ trampoline_return: + pushq $0 + popfq + +- /* +- * Previously we've adjusted the GOT with address the binary was +- * loaded at. Now we need to re-adjust for relocation address. +- * +- * Calculate the address the binary is loaded at, so that we can +- * undo the previous GOT adjustment. +- */ +- call 1f +-1: popq %rax +- subq $1b, %rax +- +- /* The new adjustment is the relocation address */ +- movq %rbx, %rdi +- call adjust_got +- + /* + * Copy the compressed kernel to the end of our buffer + * where decompression in place becomes safe. +@@ -519,6 +477,19 @@ relocated: + shrq $3, %rcx + rep stosq + ++/* ++ * Adjust our own GOT ++ */ ++ leaq _got(%rip), %rdx ++ leaq _egot(%rip), %rcx ++1: ++ cmpq %rcx, %rdx ++ jae 2f ++ addq %rbx, (%rdx) ++ addq $8, %rdx ++ jmp 1b ++2: ++ + /* + * Do the extraction, and jump to the new kernel.. + */ +@@ -537,36 +508,9 @@ relocated: + */ + jmp *%rax + +-/* +- * Adjust the global offset table +- * +- * RAX is the previous adjustment of the table to undo (use 0 if it's the +- * first time we touch GOT). +- * RDI is the new adjustment to apply. +- */ +-adjust_got: +- /* Walk through the GOT adding the address to the entries */ +- leaq _got(%rip), %rdx +- leaq _egot(%rip), %rcx +-1: +- cmpq %rcx, %rdx +- jae 2f +- subq %rax, (%rdx) /* Undo previous adjustment */ +- addq %rdi, (%rdx) /* Apply the new adjustment */ +- addq $8, %rdx +- jmp 1b +-2: +- ret +- + .code32 +-/* +- * This is the 32-bit trampoline that will be copied over to low memory. +- * +- * RDI contains the return address (might be above 4G). +- * ECX contains the base address of the trampoline memory. +- * Non zero RDX on return means we need to enable 5-level paging. +- */ + ENTRY(trampoline_32bit_src) ++compatible_mode: + /* Set up data and stack segments */ + movl $__KERNEL_DS, %eax + movl %eax, %ds +@@ -580,61 +524,33 @@ ENTRY(trampoline_32bit_src) + btrl $X86_CR0_PG_BIT, %eax + movl %eax, %cr0 + +- /* Check what paging mode we want to be in after the trampoline */ +- cmpl $0, %edx +- jz 1f ++ /* Point CR3 to 5-level paging */ ++ leal lvl5_pgtable(%ebx), %eax ++ movl %eax, %cr3 + +- /* We want 5-level paging: don't touch CR3 if it already points to 5-level page tables */ ++ /* Enable PAE and LA57 mode */ + movl %cr4, %eax +- testl $X86_CR4_LA57, %eax +- jnz 3f +- jmp 2f +-1: +- /* We want 4-level paging: don't touch CR3 if it already points to 4-level page tables */ +- movl %cr4, %eax +- testl $X86_CR4_LA57, %eax +- jz 3f +-2: +- /* Point CR3 to the trampoline's new top level page table */ +- leal TRAMPOLINE_32BIT_PGTABLE_OFFSET(%ecx), %eax +- movl %eax, %cr3 +-3: +- /* Enable PAE and LA57 (if required) paging modes */ +- movl $X86_CR4_PAE, %eax +- cmpl $0, %edx +- jz 1f +- orl $X86_CR4_LA57, %eax +-1: ++ orl $(X86_CR4_PAE | X86_CR4_LA57), %eax + movl %eax, %cr4 + +- /* Calculate address of paging_enabled() once we are executing in the trampoline */ +- leal paging_enabled - trampoline_32bit_src + TRAMPOLINE_32BIT_CODE_OFFSET(%ecx), %eax ++ /* Calculate address we are running at */ ++ call 1f ++1: popl %edi ++ subl $1b, %edi + +- /* Prepare the stack for far return to Long Mode */ ++ /* Prepare stack for far return to Long Mode */ + pushl $__KERNEL_CS +- pushl %eax ++ leal lvl5(%edi), %eax ++ push %eax + +- /* Enable paging again */ ++ /* Enable paging back */ + movl $(X86_CR0_PG | X86_CR0_PE), %eax + movl %eax, %cr0 + + lret + +- .code64 +-paging_enabled: +- /* Return from the trampoline */ +- jmp *%rdi +- +- /* +- * The trampoline code has a size limit. +- * Make sure we fail to compile if the trampoline code grows +- * beyond TRAMPOLINE_32BIT_CODE_SIZE bytes. +- */ +- .org trampoline_32bit_src + TRAMPOLINE_32BIT_CODE_SIZE +- +- .code32 + no_longmode: +- /* This isn't an x86-64 CPU, so hang intentionally, we cannot continue */ ++ /* This isn't an x86-64 CPU so hang */ + 1: + hlt + jmp 1b +@@ -695,10 +611,5 @@ boot_stack_end: + .balign 4096 + pgtable: + .fill BOOT_PGT_SIZE, 1, 0 +- +-/* +- * The page table is going to be used instead of page table in the trampoline +- * memory. +- */ +-top_pgtable: ++lvl5_pgtable: + .fill PAGE_SIZE, 1, 0 +diff --git a/arch/x86/boot/compressed/pgtable_64.c b/arch/x86/boot/compressed/pgtable_64.c +index a362fa0b849c..32af1cbcd903 100644 +--- a/arch/x86/boot/compressed/pgtable_64.c ++++ b/arch/x86/boot/compressed/pgtable_64.c +@@ -22,6 +22,14 @@ struct paging_config { + /* Buffer to preserve trampoline memory */ + static char trampoline_save[TRAMPOLINE_32BIT_SIZE]; + ++/* ++ * The page table is going to be used instead of page table in the trampoline ++ * memory. ++ * ++ * It must not be in BSS as BSS is cleared after cleanup_trampoline(). ++ */ ++static char top_pgtable[PAGE_SIZE] __aligned(PAGE_SIZE) __section(.data); ++ + /* + * Trampoline address will be printed by extract_kernel() for debugging + * purposes. +@@ -126,7 +134,7 @@ struct paging_config paging_prepare(void) + return paging_config; + } + +-void cleanup_trampoline(void *pgtable) ++void cleanup_trampoline(void) + { + void *trampoline_pgtable; + +@@ -137,8 +145,8 @@ void cleanup_trampoline(void *pgtable) + * if it's there. + */ + if ((void *)__native_read_cr3() == trampoline_pgtable) { +- memcpy(pgtable, trampoline_pgtable, PAGE_SIZE); +- native_write_cr3((unsigned long)pgtable); ++ memcpy(top_pgtable, trampoline_pgtable, PAGE_SIZE); ++ native_write_cr3((unsigned long)top_pgtable); + } + + /* Restore trampoline memory */ diff --git a/sys-kernel/linux-image-redcore/files/uksm-for-linux-hardened.patch b/sys-kernel/linux-image-redcore/files/uksm-for-linux-hardened.patch index 733618de..d973274a 100644 --- a/sys-kernel/linux-image-redcore/files/uksm-for-linux-hardened.patch +++ b/sys-kernel/linux-image-redcore/files/uksm-for-linux-hardened.patch @@ -1,18 +1,20 @@ diff -Nur a/Documentation/vm/00-INDEX b/Documentation/vm/00-INDEX ---- a/Documentation/vm/00-INDEX 2018-04-08 13:29:52.000000000 +0100 -+++ b/Documentation/vm/00-INDEX 2018-04-11 22:47:44.597845750 +0100 -@@ -20,6 +20,8 @@ - - description of the idle page tracking feature. - ksm.txt +--- a/Documentation/vm/00-INDEX 2018-08-24 12:04:51.000000000 +0100 ++++ b/Documentation/vm/00-INDEX 2018-08-27 10:44:36.340467187 +0100 +@@ -18,7 +18,9 @@ + - explains what hwpoison is + ksm.rst - how to use the Kernel Samepage Merging feature. +-mmu_notifier.rst +uksm.txt + - Introduction to Ultra KSM - numa ++mmu_notifier.txt + - a note about clearing pte/pmd and mmu notifications + numa.rst - information about NUMA specific code in the Linux vm. - numa_memory_policy.txt diff -Nur a/Documentation/vm/uksm.txt b/Documentation/vm/uksm.txt --- a/Documentation/vm/uksm.txt 1970-01-01 01:00:00.000000000 +0100 -+++ b/Documentation/vm/uksm.txt 2018-04-11 22:47:44.597845750 +0100 ++++ b/Documentation/vm/uksm.txt 2018-08-27 10:44:36.340467187 +0100 @@ -0,0 +1,61 @@ +The Ultra Kernel Samepage Merging feature +---------------------------------------------- @@ -76,8 +78,8 @@ diff -Nur a/Documentation/vm/uksm.txt b/Documentation/vm/uksm.txt +2016-09-10 UKSM 0.1.2.5 Fix a bug in dedup ratio calculation. +2017-02-26 UKSM 0.1.2.6 Fix a bug in hugetlbpage handling and a race bug with page migration. diff -Nur a/fs/exec.c b/fs/exec.c ---- a/fs/exec.c 2018-04-11 22:44:55.743399844 +0100 -+++ b/fs/exec.c 2018-04-11 22:51:54.986922932 +0100 +--- a/fs/exec.c 2018-08-27 10:42:48.184976507 +0100 ++++ b/fs/exec.c 2018-08-27 10:47:39.413380371 +0100 @@ -63,6 +63,7 @@ #include <linux/compat.h> #include <linux/vmalloc.h> @@ -86,7 +88,7 @@ diff -Nur a/fs/exec.c b/fs/exec.c #include <linux/uaccess.h> #include <asm/mmu_context.h> -@@ -1377,6 +1378,7 @@ +@@ -1381,6 +1382,7 @@ /* An exec changes our domain. We are no longer part of the thread group */ current->self_exec_id++; @@ -95,9 +97,9 @@ diff -Nur a/fs/exec.c b/fs/exec.c } EXPORT_SYMBOL(setup_new_exec); diff -Nur a/fs/proc/meminfo.c b/fs/proc/meminfo.c ---- a/fs/proc/meminfo.c 2018-04-08 13:29:52.000000000 +0100 -+++ b/fs/proc/meminfo.c 2018-04-11 22:47:44.597845750 +0100 -@@ -118,6 +118,10 @@ +--- a/fs/proc/meminfo.c 2018-08-24 12:04:51.000000000 +0100 ++++ b/fs/proc/meminfo.c 2018-08-27 10:44:36.341467220 +0100 +@@ -105,6 +105,10 @@ global_zone_page_state(NR_KERNEL_STACK_KB)); show_val_kb(m, "PageTables: ", global_zone_page_state(NR_PAGETABLE)); @@ -109,9 +111,9 @@ diff -Nur a/fs/proc/meminfo.c b/fs/proc/meminfo.c show_val_kb(m, "Quicklists: ", quicklist_total_size()); #endif diff -Nur a/include/asm-generic/pgtable.h b/include/asm-generic/pgtable.h ---- a/include/asm-generic/pgtable.h 2018-04-08 13:29:52.000000000 +0100 -+++ b/include/asm-generic/pgtable.h 2018-04-11 22:47:44.598845782 +0100 -@@ -781,12 +781,25 @@ +--- a/include/asm-generic/pgtable.h 2018-08-24 12:04:51.000000000 +0100 ++++ b/include/asm-generic/pgtable.h 2018-08-27 10:44:36.341467220 +0100 +@@ -817,12 +817,25 @@ extern void untrack_pfn_moved(struct vm_area_struct *vma); #endif @@ -138,7 +140,7 @@ diff -Nur a/include/asm-generic/pgtable.h b/include/asm-generic/pgtable.h } #define my_zero_pfn(addr) page_to_pfn(ZERO_PAGE(addr)) -@@ -795,7 +808,7 @@ +@@ -831,7 +844,7 @@ static inline int is_zero_pfn(unsigned long pfn) { extern unsigned long zero_pfn; @@ -148,8 +150,8 @@ diff -Nur a/include/asm-generic/pgtable.h b/include/asm-generic/pgtable.h static inline unsigned long my_zero_pfn(unsigned long addr) diff -Nur a/include/linux/ksm.h b/include/linux/ksm.h ---- a/include/linux/ksm.h 2018-04-08 13:29:52.000000000 +0100 -+++ b/include/linux/ksm.h 2018-04-11 22:47:44.598845782 +0100 +--- a/include/linux/ksm.h 2018-08-24 12:04:51.000000000 +0100 ++++ b/include/linux/ksm.h 2018-08-27 10:44:36.341467220 +0100 @@ -21,21 +21,6 @@ #ifdef CONFIG_KSM int ksm_madvise(struct vm_area_struct *vma, unsigned long start, @@ -170,9 +172,9 @@ diff -Nur a/include/linux/ksm.h b/include/linux/ksm.h - __ksm_exit(mm); -} - static inline struct stable_node *page_stable_node(struct page *page) - { -@@ -65,6 +50,33 @@ + /* + * When do_swap_page() first faults in from swap what used to be a KSM page, +@@ -54,6 +39,46 @@ void rmap_walk_ksm(struct page *page, struct rmap_walk_control *rwc); void ksm_migrate_page(struct page *newpage, struct page *oldpage); @@ -201,12 +203,25 @@ diff -Nur a/include/linux/ksm.h b/include/linux/ksm.h +static inline void ksm_exit(struct mm_struct *mm) +{ +} ++ ++static inline void set_page_stable_node(struct page *page, ++ struct stable_node *stable_node) ++{ ++ page->mapping = (void *)((unsigned long)stable_node | PAGE_MAPPING_KSM); ++} ++ ++static inline struct stable_node *page_stable_node(struct page *page) ++{ ++ return PageKsm(page) ? page_rmapping(page) : NULL; ++} ++ ++ +#endif /* !CONFIG_UKSM */ + #else /* !CONFIG_KSM */ static inline int ksm_fork(struct mm_struct *mm, struct mm_struct *oldmm) -@@ -106,4 +118,6 @@ +@@ -89,4 +114,6 @@ #endif /* CONFIG_MMU */ #endif /* !CONFIG_KSM */ @@ -214,9 +229,9 @@ diff -Nur a/include/linux/ksm.h b/include/linux/ksm.h + #endif /* __LINUX_KSM_H */ diff -Nur a/include/linux/mm_types.h b/include/linux/mm_types.h ---- a/include/linux/mm_types.h 2018-04-08 13:29:52.000000000 +0100 -+++ b/include/linux/mm_types.h 2018-04-11 22:47:44.598845782 +0100 -@@ -333,6 +333,9 @@ +--- a/include/linux/mm_types.h 2018-08-24 12:04:51.000000000 +0100 ++++ b/include/linux/mm_types.h 2018-08-27 10:44:36.342467252 +0100 +@@ -320,6 +320,9 @@ struct mempolicy *vm_policy; /* NUMA policy for the VMA */ #endif struct vm_userfaultfd_ctx vm_userfaultfd_ctx; @@ -227,8 +242,8 @@ diff -Nur a/include/linux/mm_types.h b/include/linux/mm_types.h struct core_thread { diff -Nur a/include/linux/mmzone.h b/include/linux/mmzone.h ---- a/include/linux/mmzone.h 2018-04-08 13:29:52.000000000 +0100 -+++ b/include/linux/mmzone.h 2018-04-11 22:47:44.598845782 +0100 +--- a/include/linux/mmzone.h 2018-08-24 12:04:51.000000000 +0100 ++++ b/include/linux/mmzone.h 2018-08-27 10:44:36.342467252 +0100 @@ -148,6 +148,9 @@ NR_ZSPAGES, /* allocated in zsmalloc */ #endif @@ -239,7 +254,7 @@ diff -Nur a/include/linux/mmzone.h b/include/linux/mmzone.h NR_VM_ZONE_STAT_ITEMS }; enum node_stat_item { -@@ -866,7 +869,7 @@ +@@ -865,7 +868,7 @@ } /** @@ -250,7 +265,7 @@ diff -Nur a/include/linux/mmzone.h b/include/linux/mmzone.h * @zone - pointer to struct zone variable diff -Nur a/include/linux/sradix-tree.h b/include/linux/sradix-tree.h --- a/include/linux/sradix-tree.h 1970-01-01 01:00:00.000000000 +0100 -+++ b/include/linux/sradix-tree.h 2018-04-11 22:47:44.599845814 +0100 ++++ b/include/linux/sradix-tree.h 2018-08-27 10:44:36.343467284 +0100 @@ -0,0 +1,77 @@ +#ifndef _LINUX_SRADIX_TREE_H +#define _LINUX_SRADIX_TREE_H @@ -331,7 +346,7 @@ diff -Nur a/include/linux/sradix-tree.h b/include/linux/sradix-tree.h +#endif /* _LINUX_SRADIX_TREE_H */ diff -Nur a/include/linux/uksm.h b/include/linux/uksm.h --- a/include/linux/uksm.h 1970-01-01 01:00:00.000000000 +0100 -+++ b/include/linux/uksm.h 2018-04-11 22:47:44.599845814 +0100 ++++ b/include/linux/uksm.h 2018-08-27 10:44:36.343467284 +0100 @@ -0,0 +1,149 @@ +#ifndef __LINUX_UKSM_H +#define __LINUX_UKSM_H @@ -483,18 +498,9 @@ diff -Nur a/include/linux/uksm.h b/include/linux/uksm.h +#endif /* !CONFIG_UKSM */ +#endif /* __LINUX_UKSM_H */ diff -Nur a/kernel/fork.c b/kernel/fork.c ---- a/kernel/fork.c 2018-04-11 22:44:55.753400167 +0100 -+++ b/kernel/fork.c 2018-04-11 22:47:44.599845814 +0100 -@@ -453,7 +453,7 @@ - goto fail_nomem; - charge = len; - } -- tmp = kmem_cache_alloc(vm_area_cachep, GFP_KERNEL); -+ tmp = kmem_cache_zalloc(vm_area_cachep, GFP_KERNEL); - if (!tmp) - goto fail_nomem; - *tmp = *mpnt; -@@ -512,7 +512,7 @@ +--- a/kernel/fork.c 2018-08-27 10:42:48.208977282 +0100 ++++ b/kernel/fork.c 2018-08-27 10:44:36.344467317 +0100 +@@ -542,7 +542,7 @@ __vma_link_rb(mm, tmp, rb_link, rb_parent); rb_link = &tmp->vm_rb.rb_right; rb_parent = &tmp->vm_rb; @@ -504,20 +510,20 @@ diff -Nur a/kernel/fork.c b/kernel/fork.c if (!(tmp->vm_flags & VM_WIPEONFORK)) retval = copy_page_range(mm, oldmm, mpnt); diff -Nur a/lib/Makefile b/lib/Makefile ---- a/lib/Makefile 2018-04-08 13:29:52.000000000 +0100 -+++ b/lib/Makefile 2018-04-11 22:47:44.599845814 +0100 +--- a/lib/Makefile 2018-08-24 12:04:51.000000000 +0100 ++++ b/lib/Makefile 2018-08-27 10:44:36.344467317 +0100 @@ -18,7 +18,7 @@ KCOV_INSTRUMENT_dynamic_debug.o := n lib-y := ctype.o string.o vsprintf.o cmdline.o \ -- rbtree.o radix-tree.o dump_stack.o timerqueue.o\ -+ rbtree.o radix-tree.o sradix-tree.o dump_stack.o timerqueue.o\ +- rbtree.o radix-tree.o timerqueue.o\ ++ rbtree.o radix-tree.o sradix-tree.o timerqueue.o\ idr.o int_sqrt.o extable.o \ sha1.o chacha20.o irq_regs.o argv_split.o \ flex_proportions.o ratelimit.o show_mem.o \ diff -Nur a/lib/sradix-tree.c b/lib/sradix-tree.c --- a/lib/sradix-tree.c 1970-01-01 01:00:00.000000000 +0100 -+++ b/lib/sradix-tree.c 2018-04-11 22:47:44.600845846 +0100 ++++ b/lib/sradix-tree.c 2018-08-27 10:44:36.344467317 +0100 @@ -0,0 +1,476 @@ +#include <linux/errno.h> +#include <linux/mm.h> @@ -996,10 +1002,10 @@ diff -Nur a/lib/sradix-tree.c b/lib/sradix-tree.c + return 0; +} diff -Nur a/mm/Kconfig b/mm/Kconfig ---- a/mm/Kconfig 2018-04-11 22:44:55.761400426 +0100 -+++ b/mm/Kconfig 2018-04-11 22:47:44.600845846 +0100 -@@ -315,6 +315,32 @@ - See Documentation/vm/ksm.txt for more information: KSM is inactive +--- a/mm/Kconfig 2018-08-27 10:42:48.219977637 +0100 ++++ b/mm/Kconfig 2018-08-27 10:44:36.345467349 +0100 +@@ -308,6 +308,32 @@ + See Documentation/vm/ksm.rst for more information: KSM is inactive until a program has madvised that an area is MADV_MERGEABLE, and root has set /sys/kernel/mm/ksm/run to 1 (if CONFIG_SYSFS is set). +choice @@ -1032,8 +1038,8 @@ diff -Nur a/mm/Kconfig b/mm/Kconfig config DEFAULT_MMAP_MIN_ADDR int "Low address space to protect from user allocation" diff -Nur a/mm/Makefile b/mm/Makefile ---- a/mm/Makefile 2018-04-08 13:29:52.000000000 +0100 -+++ b/mm/Makefile 2018-04-11 22:47:44.600845846 +0100 +--- a/mm/Makefile 2018-08-24 12:04:51.000000000 +0100 ++++ b/mm/Makefile 2018-08-27 10:44:36.345467349 +0100 @@ -65,7 +65,8 @@ obj-$(CONFIG_SPARSEMEM_VMEMMAP) += sparse-vmemmap.o obj-$(CONFIG_SLOB) += slob.o @@ -1045,8 +1051,8 @@ diff -Nur a/mm/Makefile b/mm/Makefile obj-$(CONFIG_SLAB) += slab.o obj-$(CONFIG_SLUB) += slub.o diff -Nur a/mm/memory.c b/mm/memory.c ---- a/mm/memory.c 2018-04-08 13:29:52.000000000 +0100 -+++ b/mm/memory.c 2018-04-11 22:47:44.601845879 +0100 +--- a/mm/memory.c 2018-08-24 12:04:51.000000000 +0100 ++++ b/mm/memory.c 2018-08-27 10:44:36.346467381 +0100 @@ -128,6 +128,25 @@ unsigned long highest_memmap_pfn __read_mostly; @@ -1081,7 +1087,7 @@ diff -Nur a/mm/memory.c b/mm/memory.c #if defined(SPLIT_RSS_COUNTING) void sync_mm_rss(struct mm_struct *mm) -@@ -1039,6 +1059,9 @@ +@@ -1035,6 +1055,9 @@ get_page(page); page_dup_rmap(page, false); rss[mm_counter(page)]++; @@ -1091,7 +1097,7 @@ diff -Nur a/mm/memory.c b/mm/memory.c } else if (pte_devmap(pte)) { page = pte_page(pte); -@@ -1052,6 +1075,8 @@ +@@ -1048,6 +1071,8 @@ page_dup_rmap(page, false); rss[mm_counter(page)]++; } @@ -1100,7 +1106,7 @@ diff -Nur a/mm/memory.c b/mm/memory.c } out_set_pte: -@@ -1321,8 +1346,10 @@ +@@ -1317,8 +1342,10 @@ ptent = ptep_get_and_clear_full(mm, addr, pte, tlb->fullmm); tlb_remove_tlb_entry(tlb, pte, addr); @@ -1112,7 +1118,7 @@ diff -Nur a/mm/memory.c b/mm/memory.c if (!PageAnon(page)) { if (pte_dirty(ptent)) { -@@ -2336,8 +2363,10 @@ +@@ -2360,8 +2387,10 @@ clear_page(kaddr); kunmap_atomic(kaddr); flush_dcache_page(dst); @@ -1124,7 +1130,7 @@ diff -Nur a/mm/memory.c b/mm/memory.c } static gfp_t __get_fault_gfp_mask(struct vm_area_struct *vma) -@@ -2486,6 +2515,7 @@ +@@ -2510,6 +2539,7 @@ vmf->address); if (!new_page) goto oom; @@ -1132,7 +1138,7 @@ diff -Nur a/mm/memory.c b/mm/memory.c } else { new_page = alloc_page_vma(GFP_HIGHUSER_MOVABLE, vma, vmf->address); -@@ -2512,7 +2542,9 @@ +@@ -2536,7 +2566,9 @@ mm_counter_file(old_page)); inc_mm_counter_fast(mm, MM_ANONPAGES); } @@ -1143,8 +1149,8 @@ diff -Nur a/mm/memory.c b/mm/memory.c } flush_cache_page(vma, vmf->address, pte_pfn(vmf->orig_pte)); diff -Nur a/mm/mmap.c b/mm/mmap.c ---- a/mm/mmap.c 2018-04-11 22:44:55.762400458 +0100 -+++ b/mm/mmap.c 2018-04-11 22:47:44.602845911 +0100 +--- a/mm/mmap.c 2018-08-27 10:42:48.220977669 +0100 ++++ b/mm/mmap.c 2018-08-27 10:44:36.348467446 +0100 @@ -45,6 +45,7 @@ #include <linux/moduleparam.h> #include <linux/pkeys.h> @@ -1153,15 +1159,15 @@ diff -Nur a/mm/mmap.c b/mm/mmap.c #include <linux/uaccess.h> #include <asm/cacheflush.h> -@@ -173,6 +174,7 @@ +@@ -182,6 +183,7 @@ if (vma->vm_file) fput(vma->vm_file); mpol_put(vma_policy(vma)); + uksm_remove_vma(vma); - kmem_cache_free(vm_area_cachep, vma); + vm_area_free(vma); return next; } -@@ -699,9 +701,16 @@ +@@ -708,9 +710,16 @@ long adjust_next = 0; int remove_next = 0; @@ -1178,7 +1184,7 @@ diff -Nur a/mm/mmap.c b/mm/mmap.c if (end >= next->vm_end) { /* * vma expands, overlapping all the next, and -@@ -834,6 +843,7 @@ +@@ -843,6 +852,7 @@ end_changed = true; } vma->vm_pgoff = pgoff; @@ -1186,7 +1192,7 @@ diff -Nur a/mm/mmap.c b/mm/mmap.c if (adjust_next) { next->vm_start += adjust_next << PAGE_SHIFT; next->vm_pgoff += adjust_next; -@@ -939,6 +949,7 @@ +@@ -948,6 +958,7 @@ if (remove_next == 2) { remove_next = 1; end = next->vm_end; @@ -1194,7 +1200,7 @@ diff -Nur a/mm/mmap.c b/mm/mmap.c goto again; } else if (next) -@@ -965,10 +976,14 @@ +@@ -974,10 +985,14 @@ */ VM_WARN_ON(mm->highest_vm_end != vm_end_gap(vma)); } @@ -1209,7 +1215,7 @@ diff -Nur a/mm/mmap.c b/mm/mmap.c validate_mm(mm); return 0; -@@ -1385,6 +1400,9 @@ +@@ -1434,6 +1449,9 @@ vm_flags |= calc_vm_prot_bits(prot, pkey) | calc_vm_flag_bits(flags) | mm->def_flags | VM_MAYREAD | VM_MAYWRITE | VM_MAYEXEC; @@ -1219,7 +1225,7 @@ diff -Nur a/mm/mmap.c b/mm/mmap.c if (flags & MAP_LOCKED) if (!can_do_mlock()) return -EPERM; -@@ -1739,6 +1757,7 @@ +@@ -1798,6 +1816,7 @@ allow_write_access(file); } file = vma->vm_file; @@ -1227,15 +1233,15 @@ diff -Nur a/mm/mmap.c b/mm/mmap.c out: perf_event_mmap(vma); -@@ -1780,6 +1799,7 @@ +@@ -1839,6 +1858,7 @@ if (vm_flags & VM_DENYWRITE) allow_write_access(file); free_vma: + uksm_remove_vma(vma); - kmem_cache_free(vm_area_cachep, vma); + vm_area_free(vma); unacct_error: if (charged) -@@ -2604,6 +2624,8 @@ +@@ -2658,6 +2678,8 @@ else err = vma_adjust(vma, vma->vm_start, addr, vma->vm_pgoff, new); @@ -1244,7 +1250,7 @@ diff -Nur a/mm/mmap.c b/mm/mmap.c /* Success. */ if (!err) return 0; -@@ -2896,6 +2918,7 @@ +@@ -2943,6 +2965,7 @@ if ((flags & (~VM_EXEC)) != 0) return -EINVAL; flags |= VM_DATA_DEFAULT_FLAGS | VM_ACCOUNT | mm->def_flags; @@ -1252,7 +1258,7 @@ diff -Nur a/mm/mmap.c b/mm/mmap.c error = get_unmapped_area(NULL, addr, len, 0, MAP_FIXED); if (offset_in_page(error)) -@@ -2953,6 +2976,7 @@ +@@ -2999,6 +3022,7 @@ vma->vm_flags = flags; vma->vm_page_prot = vm_get_page_prot(flags); vma_link(mm, vma, prev, rb_link, rb_parent); @@ -1260,9 +1266,9 @@ diff -Nur a/mm/mmap.c b/mm/mmap.c out: perf_event_mmap(vma); mm->total_vm += len >> PAGE_SHIFT; -@@ -3004,6 +3028,12 @@ - /* mm's last user has gone, and its about to be pulled down */ - mmu_notifier_release(mm); +@@ -3078,6 +3102,12 @@ + up_write(&mm->mmap_sem); + } + /* + * Taking write lock on mmap_sem does not harm others, @@ -1273,7 +1279,7 @@ diff -Nur a/mm/mmap.c b/mm/mmap.c if (mm->locked_vm) { vma = mm->mmap; while (vma) { -@@ -3056,6 +3086,11 @@ +@@ -3112,6 +3142,11 @@ vma = remove_vma(vma); } vm_unacct_memory(nr_accounted); @@ -1285,7 +1291,7 @@ diff -Nur a/mm/mmap.c b/mm/mmap.c } /* Insert vm structure into process list sorted by address -@@ -3165,6 +3200,7 @@ +@@ -3219,6 +3254,7 @@ new_vma->vm_ops->open(new_vma); vma_link(mm, new_vma, prev, rb_link, rb_parent); *need_rmap_locks = false; @@ -1293,7 +1299,7 @@ diff -Nur a/mm/mmap.c b/mm/mmap.c } return new_vma; -@@ -3315,6 +3351,7 @@ +@@ -3369,6 +3405,7 @@ vm_stat_account(mm, vma->vm_flags, len >> PAGE_SHIFT); perf_event_mmap(vma); @@ -1302,9 +1308,9 @@ diff -Nur a/mm/mmap.c b/mm/mmap.c return vma; diff -Nur a/mm/rmap.c b/mm/rmap.c ---- a/mm/rmap.c 2018-04-08 13:29:52.000000000 +0100 -+++ b/mm/rmap.c 2018-04-11 22:47:44.602845911 +0100 -@@ -1016,9 +1016,9 @@ +--- a/mm/rmap.c 2018-08-24 12:04:51.000000000 +0100 ++++ b/mm/rmap.c 2018-08-27 10:44:36.348467446 +0100 +@@ -1017,9 +1017,9 @@ /** * __page_set_anon_rmap - set up new anonymous rmap @@ -1318,7 +1324,7 @@ diff -Nur a/mm/rmap.c b/mm/rmap.c static void __page_set_anon_rmap(struct page *page, diff -Nur a/mm/uksm.c b/mm/uksm.c --- a/mm/uksm.c 1970-01-01 01:00:00.000000000 +0100 -+++ b/mm/uksm.c 2018-04-11 22:47:44.605846008 +0100 ++++ b/mm/uksm.c 2018-08-27 10:44:36.351467543 +0100 @@ -0,0 +1,5584 @@ +/* + * Ultra KSM. Copyright (C) 2011-2012 Nai Xia @@ -6905,11 +6911,11 @@ diff -Nur a/mm/uksm.c b/mm/uksm.c +#endif + diff -Nur a/mm/vmstat.c b/mm/vmstat.c ---- a/mm/vmstat.c 2018-04-08 13:29:52.000000000 +0100 -+++ b/mm/vmstat.c 2018-04-11 22:47:44.606846040 +0100 -@@ -1162,6 +1162,9 @@ - "nr_dirtied", +--- a/mm/vmstat.c 2018-08-24 12:04:51.000000000 +0100 ++++ b/mm/vmstat.c 2018-08-27 10:44:36.352467575 +0100 +@@ -1163,6 +1163,9 @@ "nr_written", + "", /* nr_indirectly_reclaimable */ +#ifdef CONFIG_UKSM + "nr_uksm_zero_pages", diff --git a/sys-kernel/linux-image-redcore/files/workaround-BIOS-bugs-on-CCP-SVE-ryzen-TR.patch b/sys-kernel/linux-image-redcore/files/workaround-BIOS-bugs-on-CCP-SVE-ryzen-TR.patch new file mode 100644 index 00000000..1d1ae0e3 --- /dev/null +++ b/sys-kernel/linux-image-redcore/files/workaround-BIOS-bugs-on-CCP-SVE-ryzen-TR.patch @@ -0,0 +1,85 @@ +diff -up linux-4.18/drivers/crypto/ccp/psp-dev.c.0333~ linux-4.18/drivers/crypto/ccp/psp-dev.c +--- linux-4.18/drivers/crypto/ccp/psp-dev.c.0333~ 2018-08-21 19:32:36.457890957 +0200 ++++ linux-4.18/drivers/crypto/ccp/psp-dev.c 2018-08-21 19:35:43.283028769 +0200 +@@ -38,6 +38,17 @@ static DEFINE_MUTEX(sev_cmd_mutex); + static struct sev_misc_dev *misc_dev; + static struct psp_device *psp_master; + ++static int psp_cmd_timeout = 100; ++module_param(psp_cmd_timeout, int, 0644); ++MODULE_PARM_DESC(psp_cmd_timeout, " default timeout value, in seconds, for PSP commands"); ++ ++static int psp_probe_timeout = 5; ++module_param(psp_probe_timeout, int, 0644); ++MODULE_PARM_DESC(psp_probe_timeout, " default timeout value, in seconds, during PSP device probe"); ++ ++static bool psp_dead; ++static int psp_timeout; ++ + static struct psp_device *psp_alloc_struct(struct sp_device *sp) + { + struct device *dev = sp->dev; +@@ -82,10 +93,15 @@ done: + return IRQ_HANDLED; + } + +-static void sev_wait_cmd_ioc(struct psp_device *psp, unsigned int *reg) ++static int sev_wait_cmd_ioc(struct psp_device *psp, unsigned int *reg, unsigned int timeout) + { +- wait_event(psp->sev_int_queue, psp->sev_int_rcvd); ++ int ret; ++ ret = wait_event_timeout(psp->sev_int_queue, psp->sev_int_rcvd, ++ timeout * HZ); ++ if (!ret) ++ return -ETIMEDOUT; + *reg = ioread32(psp->io_regs + PSP_CMDRESP); ++ return 0; + } + + static int sev_cmd_buffer_len(int cmd) +@@ -133,12 +149,15 @@ static int __sev_do_cmd_locked(int cmd, + if (!psp) + return -ENODEV; + ++ if (psp_dead) ++ return -EBUSY; ++ + /* Get the physical address of the command buffer */ + phys_lsb = data ? lower_32_bits(__psp_pa(data)) : 0; + phys_msb = data ? upper_32_bits(__psp_pa(data)) : 0; + +- dev_dbg(psp->dev, "sev command id %#x buffer 0x%08x%08x\n", +- cmd, phys_msb, phys_lsb); ++ dev_dbg(psp->dev, "sev command id %#x buffer 0x%08x%08x timeout %us\n", ++ cmd, phys_msb, phys_lsb, psp_timeout); + + print_hex_dump_debug("(in): ", DUMP_PREFIX_OFFSET, 16, 2, data, + sev_cmd_buffer_len(cmd), false); +@@ -154,7 +173,17 @@ static int __sev_do_cmd_locked(int cmd, + iowrite32(reg, psp->io_regs + PSP_CMDRESP); + + /* wait for command completion */ +- sev_wait_cmd_ioc(psp, ®); ++ ret = sev_wait_cmd_ioc(psp, ®, psp_timeout); ++ if (ret) { ++ if (psp_ret) ++ *psp_ret = 0; ++ ++ dev_err(psp->dev, "sev command %#x timed out, disabling PSP\n", cmd); ++ psp_dead = true; ++ return ret; ++ } ++ ++ psp_timeout = psp_cmd_timeout; + + if (psp_ret) + *psp_ret = reg & PSP_CMDRESP_ERR_MASK; +@@ -886,6 +915,8 @@ void psp_pci_init(void) + + psp_master = sp->psp_data; + ++ psp_timeout = psp_probe_timeout; ++ + if (sev_get_api_version()) + goto err; + diff --git a/sys-kernel/linux-image-redcore/linux-image-redcore-4.16.16.ebuild b/sys-kernel/linux-image-redcore/linux-image-redcore-4.18.5.ebuild index 75f75ca2..2100ebc1 100644 --- a/sys-kernel/linux-image-redcore/linux-image-redcore-4.16.16.ebuild +++ b/sys-kernel/linux-image-redcore/linux-image-redcore-4.18.5.ebuild @@ -31,17 +31,16 @@ DEPEND=" >=sys-kernel/linux-firmware-20180314" RDEPEND="${DEPEND}" -PATCHES=( "${FILESDIR}"/enable_alx_wol.patch - "${FILESDIR}"/0001-Revert-ath10k-activate-user-space-firmware-loading-a.patch - "${FILESDIR}"/0001-Revert-swiotlb-remove-various-exports.patch - "${FILESDIR}"/0001-Revert-x86-ACPI-cstate-Allow-ACPI-C1-FFH-MWAIT-use-o.patch - "${FILESDIR}"/0001-Make-it-possible-to-disable-SWIOTLB-code-on-admgpu-a.patch - "${FILESDIR}"/fix-spectre_v2-mitigation-strings.patch +PATCHES=( "${FILESDIR}"/0001-Revert-x86-ACPI-cstate-Allow-ACPI-C1-FFH-MWAIT-use-o.patch "${FILESDIR}"/ata-fix-NCQ-LOG-strings-and-move-to-debug.patch - "${FILESDIR}"/mute-pps_state_mismatch.patch "${FILESDIR}"/drop_ancient-and-wrong-msg.patch + "${FILESDIR}"/enable_alx_wol.patch + "${FILESDIR}"/mute-pps_state_mismatch.patch "${FILESDIR}"/nouveau-pascal-backlight.patch - "${FILESDIR}"/linux-hardened-v3.patch + "${FILESDIR}"/radeon_dp_aux_transfer_native-no-ratelimited_debug.patch + "${FILESDIR}"/revert-patches-causing-instant-reboot.patch + "${FILESDIR}"/workaround-BIOS-bugs-on-CCP-SVE-ryzen-TR.patch + "${FILESDIR}"/linux-hardened.patch "${FILESDIR}"/uksm-for-linux-hardened.patch ) S="${WORKDIR}"/linux-"${PV}" diff --git a/sys-kernel/linux-sources-redcore/Manifest b/sys-kernel/linux-sources-redcore/Manifest index 30fbe503..8028344a 100644 --- a/sys-kernel/linux-sources-redcore/Manifest +++ b/sys-kernel/linux-sources-redcore/Manifest @@ -1 +1 @@ -DIST linux-4.16.16.tar.xz 103067792 BLAKE2B bb7c9fb78053e63d42c42d51852a30f28426696f93a87f877a55ca7e8b95eaece028c3c75300ddf596ba5f2a05b443d63bef54c00f60cda1584aa7103147b8d2 SHA512 549216593145c32aeb2bff64e353ba3bddf757d18cae9dae958d95431d30a82df782da3911740d19246bc25b5a00a8d14efa225e50281b74722bca03fef04f8d +DIST linux-4.18.5.tar.xz 101796536 BLAKE2B db7c4a46aba53d38ccc5f28a7da4a21f3d53667751f61595123f89e47e956bf13bcd6df85df47e78d2794fe78a7ec6c9082e64cb3025d6c5c1743d9935dde375 SHA512 604b334ccd74b230faf21db8887e382c49d4877ec8ce8298c079001a12222a6c7be2542c8f37c025cb3d625905d30e4c8c37267f0285aea25bbbe5aa3457040c diff --git a/sys-kernel/linux-sources-redcore/files/0001-Make-it-possible-to-disable-SWIOTLB-code-on-admgpu-a.patch b/sys-kernel/linux-sources-redcore/files/0001-Make-it-possible-to-disable-SWIOTLB-code-on-admgpu-a.patch deleted file mode 100644 index 1d988b37..00000000 --- a/sys-kernel/linux-sources-redcore/files/0001-Make-it-possible-to-disable-SWIOTLB-code-on-admgpu-a.patch +++ /dev/null @@ -1,206 +0,0 @@ -From 6aa339bd361e862edb7724a4c61969ed72f3035f Mon Sep 17 00:00:00 2001 -From: Gabriel Craciunescu <nix.or.die@gmail.com> -Date: Thu, 12 Apr 2018 03:20:06 +0200 -Subject: [PATCH] Make it possible to disable SWIOTLB code on admgpu and radeon - - added admgpu.swiotlb and radeon.swiotlb option, defaults to disabled - since new the code doesn't seems to work good or work at all on some HW. - - https://lkml.org/lkml/2018/4/5/737 - https://bugzilla.kernel.org/show_bug.cgi?id=198511 - https://bugs.freedesktop.org/show_bug.cgi?id=105038 ---- - drivers/gpu/drm/amd/amdgpu/amdgpu.h | 1 + - drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c | 10 ++++++++++ - drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c | 20 +++++++++++++------- - drivers/gpu/drm/radeon/radeon.h | 1 + - drivers/gpu/drm/radeon/radeon_drv.c | 9 +++++++++ - drivers/gpu/drm/radeon/radeon_ttm.c | 20 +++++++++++++------- - 6 files changed, 47 insertions(+), 14 deletions(-) - -diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu.h b/drivers/gpu/drm/amd/amdgpu/amdgpu.h -index 74edba18b159..8371b06e5ecf 100644 ---- a/drivers/gpu/drm/amd/amdgpu/amdgpu.h -+++ b/drivers/gpu/drm/amd/amdgpu/amdgpu.h -@@ -127,6 +127,7 @@ extern int amdgpu_job_hang_limit; - extern int amdgpu_lbpw; - extern int amdgpu_compute_multipipe; - extern int amdgpu_gpu_recovery; -+extern int amdgpu_swiotlb; - - #ifdef CONFIG_DRM_AMDGPU_SI - extern int amdgpu_si_support; -diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c -index 50afcf65181a..d67c411fbaad 100644 ---- a/drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c -+++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_drv.c -@@ -129,6 +129,8 @@ int amdgpu_job_hang_limit = 0; - int amdgpu_lbpw = -1; - int amdgpu_compute_multipipe = -1; - int amdgpu_gpu_recovery = -1; /* auto */ -+int amdgpu_swiotlb = 0; -+ - - MODULE_PARM_DESC(vramlimit, "Restrict VRAM for testing, in megabytes"); - module_param_named(vramlimit, amdgpu_vram_limit, int, 0600); -@@ -284,6 +286,9 @@ module_param_named(compute_multipipe, amdgpu_compute_multipipe, int, 0444); - MODULE_PARM_DESC(gpu_recovery, "Enable GPU recovery mechanism, (1 = enable, 0 = disable, -1 = auto"); - module_param_named(gpu_recovery, amdgpu_gpu_recovery, int, 0444); - -+MODULE_PARM_DESC(swiotlb, "Enable new SWIOTLB code , (1 = enable , 0 = disable ( default )"); -+module_param_named(swiotlb, amdgpu_swiotlb, int, 0444); -+ - #ifdef CONFIG_DRM_AMDGPU_SI - - #if defined(CONFIG_DRM_RADEON) || defined(CONFIG_DRM_RADEON_MODULE) -@@ -918,6 +923,11 @@ static int __init amdgpu_init(void) - return -EINVAL; - } - DRM_INFO("amdgpu kernel modesetting enabled.\n"); -+ -+ if(amdgpu_swiotlb) { -+ DRM_INFO("amdgpu new SWIOTLB code enabled.\n"); -+ } -+ - driver = &kms_driver; - pdriver = &amdgpu_kms_pci_driver; - driver->num_ioctls = amdgpu_max_kms_ioctl; -diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c -index e4bb435e614b..58cd95c35a54 100644 ---- a/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c -+++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c -@@ -1018,8 +1018,10 @@ static int amdgpu_ttm_tt_populate(struct ttm_tt *ttm, - } - - #ifdef CONFIG_SWIOTLB -- if (swiotlb_nr_tbl()) { -- return ttm_dma_populate(>t->ttm, adev->dev, ctx); -+ if (amdgpu_swiotlb) { -+ if (swiotlb_nr_tbl()) { -+ return ttm_dma_populate(>t->ttm, adev->dev, ctx); -+ } - } - #endif - -@@ -1045,9 +1047,11 @@ static void amdgpu_ttm_tt_unpopulate(struct ttm_tt *ttm) - adev = amdgpu_ttm_adev(ttm->bdev); - - #ifdef CONFIG_SWIOTLB -- if (swiotlb_nr_tbl()) { -- ttm_dma_unpopulate(>t->ttm, adev->dev); -- return; -+ if (amdgpu_swiotlb) { -+ if (swiotlb_nr_tbl()) { -+ ttm_dma_unpopulate(>t->ttm, adev->dev); -+ return; -+ } - } - #endif - -@@ -2010,8 +2014,10 @@ static int amdgpu_ttm_debugfs_init(struct amdgpu_device *adev) - count = ARRAY_SIZE(amdgpu_ttm_debugfs_list); - - #ifdef CONFIG_SWIOTLB -- if (!swiotlb_nr_tbl()) -- --count; -+ if (amdgpu_swiotlb) { -+ if (!swiotlb_nr_tbl()) -+ --count; -+ } - #endif - - return amdgpu_debugfs_add_files(adev, amdgpu_ttm_debugfs_list, count); -diff --git a/drivers/gpu/drm/radeon/radeon.h b/drivers/gpu/drm/radeon/radeon.h -index d34887873dea..d614de12e30c 100644 ---- a/drivers/gpu/drm/radeon/radeon.h -+++ b/drivers/gpu/drm/radeon/radeon.h -@@ -117,6 +117,7 @@ extern int radeon_uvd; - extern int radeon_vce; - extern int radeon_si_support; - extern int radeon_cik_support; -+extern int radeon_swiotlb; - - /* - * Copy from radeon_drv.h so we don't have to include both and have conflicting -diff --git a/drivers/gpu/drm/radeon/radeon_drv.c b/drivers/gpu/drm/radeon/radeon_drv.c -index 31dd04f6baa1..20b1110e4698 100644 ---- a/drivers/gpu/drm/radeon/radeon_drv.c -+++ b/drivers/gpu/drm/radeon/radeon_drv.c -@@ -196,6 +196,7 @@ int radeon_auxch = -1; - int radeon_mst = 0; - int radeon_uvd = 1; - int radeon_vce = 1; -+int radeon_swiotlb = 0; - - MODULE_PARM_DESC(no_wb, "Disable AGP writeback for scratch registers"); - module_param_named(no_wb, radeon_no_wb, int, 0444); -@@ -301,6 +302,9 @@ int radeon_cik_support = 1; - MODULE_PARM_DESC(cik_support, "CIK support (1 = enabled (default), 0 = disabled)"); - module_param_named(cik_support, radeon_cik_support, int, 0444); - -+MODULE_PARM_DESC(swiotlb, "Enable new SWIOTLB code , (1 = enable, 0 = disable ( default )"); -+module_param_named(swiotlb, radeon_swiotlb, int, 0444); -+ - static struct pci_device_id pciidlist[] = { - radeon_PCI_IDS - }; -@@ -620,6 +624,11 @@ static int __init radeon_init(void) - - if (radeon_modeset == 1) { - DRM_INFO("radeon kernel modesetting enabled.\n"); -+ -+ if(radeon_swiotlb) { -+ DRM_INFO("radeon new SWIOTLB code enabled.\n"); -+ } -+ - driver = &kms_driver; - pdriver = &radeon_kms_pci_driver; - driver->driver_features |= DRIVER_MODESET; -diff --git a/drivers/gpu/drm/radeon/radeon_ttm.c b/drivers/gpu/drm/radeon/radeon_ttm.c -index a0a839bc39bf..952b1216c729 100644 ---- a/drivers/gpu/drm/radeon/radeon_ttm.c -+++ b/drivers/gpu/drm/radeon/radeon_ttm.c -@@ -756,8 +756,10 @@ static int radeon_ttm_tt_populate(struct ttm_tt *ttm, - #endif - - #ifdef CONFIG_SWIOTLB -- if (swiotlb_nr_tbl()) { -- return ttm_dma_populate(>t->ttm, rdev->dev, ctx); -+ if (radeon_swiotlb) { -+ if (swiotlb_nr_tbl()) { -+ return ttm_dma_populate(>t->ttm, rdev->dev, ctx); -+ } - } - #endif - -@@ -788,9 +790,11 @@ static void radeon_ttm_tt_unpopulate(struct ttm_tt *ttm) - #endif - - #ifdef CONFIG_SWIOTLB -- if (swiotlb_nr_tbl()) { -- ttm_dma_unpopulate(>t->ttm, rdev->dev); -- return; -+ if (radeon_swiotlb) { -+ if (swiotlb_nr_tbl()) { -+ ttm_dma_unpopulate(>t->ttm, rdev->dev); -+ return; -+ } - } - #endif - -@@ -1155,8 +1159,10 @@ static int radeon_ttm_debugfs_init(struct radeon_device *rdev) - count = ARRAY_SIZE(radeon_ttm_debugfs_list); - - #ifdef CONFIG_SWIOTLB -- if (!swiotlb_nr_tbl()) -- --count; -+ if (radeon_swiotlb) { -+ if (!swiotlb_nr_tbl()) -+ --count; -+ } - #endif - - return radeon_debugfs_add_files(rdev, radeon_ttm_debugfs_list, count); --- -2.17.0 - diff --git a/sys-kernel/linux-sources-redcore/files/0001-Revert-ath10k-activate-user-space-firmware-loading-a.patch b/sys-kernel/linux-sources-redcore/files/0001-Revert-ath10k-activate-user-space-firmware-loading-a.patch deleted file mode 100644 index 281ede4b..00000000 --- a/sys-kernel/linux-sources-redcore/files/0001-Revert-ath10k-activate-user-space-firmware-loading-a.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 180dee4ae482fd31fb7f53f7e2d2bd62d1210383 Mon Sep 17 00:00:00 2001 -From: Gabriel Craciunescu <nix.or.die@gmail.com> -Date: Mon, 13 Nov 2017 12:54:26 +0100 -Subject: [PATCH] Revert "ath10k: activate user space firmware loading again" - This reverts commit c0cc00f250e19c717fc9cdbdb7f55aaa569c7498. - - Huh ? That fixes nothing but introduce *again* flooding users - dmesg with 'strange' firmware loading failures. - As example a hw1.0 QCA9377 card floods with: - - ... - ath10k_pci 0000:03:00.0: Direct firmware load for ath10k/pre-cal-pci-0000:03:00.0.bin failed with error -2 - ath10k_pci 0000:03:00.0: Direct firmware load for ath10k/cal-pci-0000:03:00.0.bin failed with error -2 - ath10k_pci 0000:03:00.0: Direct firmware load for ath10k/QCA9377/hw1.0/firmware-6.bin failed with error -2 - ... ---- - drivers/net/wireless/ath/ath10k/core.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/drivers/net/wireless/ath/ath10k/core.c b/drivers/net/wireless/ath/ath10k/core.c -index a4f635820f35..9b4c4facf725 100644 ---- a/drivers/net/wireless/ath/ath10k/core.c -+++ b/drivers/net/wireless/ath/ath10k/core.c -@@ -519,7 +519,7 @@ static const struct firmware *ath10k_fetch_fw_file(struct ath10k *ar, - dir = "."; - - snprintf(filename, sizeof(filename), "%s/%s", dir, file); -- ret = request_firmware(&fw, filename, ar->dev); -+ ret = request_firmware_direct(&fw, filename, ar->dev); - ath10k_dbg(ar, ATH10K_DBG_BOOT, "boot fw request '%s': %d\n", - filename, ret); - --- -2.15.0 - diff --git a/sys-kernel/linux-sources-redcore/files/0001-Revert-swiotlb-remove-various-exports.patch b/sys-kernel/linux-sources-redcore/files/0001-Revert-swiotlb-remove-various-exports.patch deleted file mode 100644 index 71133922..00000000 --- a/sys-kernel/linux-sources-redcore/files/0001-Revert-swiotlb-remove-various-exports.patch +++ /dev/null @@ -1,125 +0,0 @@ -From f79f0faf65fedc6d8ef44c5aff3b673ae0d1793c Mon Sep 17 00:00:00 2001 -From: Gabriel Craciunescu <crazy@frugalware.org> -Date: Mon, 9 Apr 2018 20:57:38 +0200 -Subject: [PATCH] Revert "swiotlb: remove various exports" - -This reverts commit 4bd89ed39b2ab8dc4ac4b6c59b07d420b0213bec. - -I know NVIDIA ... but lets be nice.. -Until sorted revert the whole commit -see : https://bugzilla.kernel.org/show_bug.cgi?id=198997 - ---- - lib/swiotlb.c | 13 +++++++++++++ - 1 file changed, 13 insertions(+) - -diff --git a/lib/swiotlb.c b/lib/swiotlb.c -index c43ec2271469..0039b7c5e690 100644 ---- a/lib/swiotlb.c -+++ b/lib/swiotlb.c -@@ -605,6 +605,7 @@ phys_addr_t swiotlb_tbl_map_single(struct device *hwdev, - - return tlb_addr; - } -+EXPORT_SYMBOL_GPL(swiotlb_tbl_map_single); - - /* - * Allocates bounce buffer and returns its kernel virtual address. -@@ -674,6 +675,7 @@ void swiotlb_tbl_unmap_single(struct device *hwdev, phys_addr_t tlb_addr, - } - spin_unlock_irqrestore(&io_tlb_lock, flags); - } -+EXPORT_SYMBOL_GPL(swiotlb_tbl_unmap_single); - - void swiotlb_tbl_sync_single(struct device *hwdev, phys_addr_t tlb_addr, - size_t size, enum dma_data_direction dir, -@@ -705,6 +707,7 @@ void swiotlb_tbl_sync_single(struct device *hwdev, phys_addr_t tlb_addr, - BUG(); - } - } -+EXPORT_SYMBOL_GPL(swiotlb_tbl_sync_single); - - static inline bool dma_coherent_ok(struct device *dev, dma_addr_t addr, - size_t size) -@@ -881,6 +884,7 @@ dma_addr_t swiotlb_map_page(struct device *dev, struct page *page, - - return swiotlb_phys_to_dma(dev, io_tlb_overflow_buffer); - } -+EXPORT_SYMBOL_GPL(swiotlb_map_page); - - /* - * Unmap a single streaming mode DMA translation. The dma_addr and size must -@@ -921,6 +925,7 @@ void swiotlb_unmap_page(struct device *hwdev, dma_addr_t dev_addr, - { - unmap_single(hwdev, dev_addr, size, dir, attrs); - } -+EXPORT_SYMBOL_GPL(swiotlb_unmap_page); - - /* - * Make physical memory consistent for a single streaming mode DMA translation -@@ -958,6 +963,7 @@ swiotlb_sync_single_for_cpu(struct device *hwdev, dma_addr_t dev_addr, - { - swiotlb_sync_single(hwdev, dev_addr, size, dir, SYNC_FOR_CPU); - } -+EXPORT_SYMBOL(swiotlb_sync_single_for_cpu); - - void - swiotlb_sync_single_for_device(struct device *hwdev, dma_addr_t dev_addr, -@@ -965,6 +971,7 @@ swiotlb_sync_single_for_device(struct device *hwdev, dma_addr_t dev_addr, - { - swiotlb_sync_single(hwdev, dev_addr, size, dir, SYNC_FOR_DEVICE); - } -+EXPORT_SYMBOL(swiotlb_sync_single_for_device); - - /* - * Map a set of buffers described by scatterlist in streaming mode for DMA. -@@ -1016,6 +1023,7 @@ swiotlb_map_sg_attrs(struct device *hwdev, struct scatterlist *sgl, int nelems, - } - return nelems; - } -+EXPORT_SYMBOL(swiotlb_map_sg_attrs); - - /* - * Unmap a set of streaming mode DMA translations. Again, cpu read rules -@@ -1035,6 +1043,7 @@ swiotlb_unmap_sg_attrs(struct device *hwdev, struct scatterlist *sgl, - unmap_single(hwdev, sg->dma_address, sg_dma_len(sg), dir, - attrs); - } -+EXPORT_SYMBOL(swiotlb_unmap_sg_attrs); - - /* - * Make physical memory consistent for a set of streaming mode DMA translations -@@ -1062,6 +1071,7 @@ swiotlb_sync_sg_for_cpu(struct device *hwdev, struct scatterlist *sg, - { - swiotlb_sync_sg(hwdev, sg, nelems, dir, SYNC_FOR_CPU); - } -+EXPORT_SYMBOL(swiotlb_sync_sg_for_cpu); - - void - swiotlb_sync_sg_for_device(struct device *hwdev, struct scatterlist *sg, -@@ -1069,12 +1079,14 @@ swiotlb_sync_sg_for_device(struct device *hwdev, struct scatterlist *sg, - { - swiotlb_sync_sg(hwdev, sg, nelems, dir, SYNC_FOR_DEVICE); - } -+EXPORT_SYMBOL(swiotlb_sync_sg_for_device); - - int - swiotlb_dma_mapping_error(struct device *hwdev, dma_addr_t dma_addr) - { - return (dma_addr == swiotlb_phys_to_dma(hwdev, io_tlb_overflow_buffer)); - } -+EXPORT_SYMBOL(swiotlb_dma_mapping_error); - - /* - * Return whether the given device DMA address mask can be supported -@@ -1087,6 +1099,7 @@ swiotlb_dma_supported(struct device *hwdev, u64 mask) - { - return swiotlb_phys_to_dma(hwdev, io_tlb_end - 1) <= mask; - } -+EXPORT_SYMBOL(swiotlb_dma_supported); - - #ifdef CONFIG_DMA_DIRECT_OPS - void *swiotlb_alloc(struct device *dev, size_t size, dma_addr_t *dma_handle, --- -2.17.0 - diff --git a/sys-kernel/linux-sources-redcore/files/dma_coherent_ok-logic.patch b/sys-kernel/linux-sources-redcore/files/dma_coherent_ok-logic.patch deleted file mode 100644 index 19e01d57..00000000 --- a/sys-kernel/linux-sources-redcore/files/dma_coherent_ok-logic.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -Naur linux-4.16.2/lib/swiotlb.c linux-4.16.2-p/lib/swiotlb.c ---- linux-4.16.2/lib/swiotlb.c 2018-04-12 12:30:01.000000000 +0200 -+++ linux-4.16.2-p/lib/swiotlb.c 2018-04-12 18:01:27.122073379 +0200 -@@ -732,7 +732,7 @@ - goto out_warn; - - *dma_handle = swiotlb_phys_to_dma(dev, phys_addr); -- if (dma_coherent_ok(dev, *dma_handle, size)) -+ if (!dma_coherent_ok(dev, *dma_handle, size)) - goto out_unmap; - - memset(phys_to_virt(phys_addr), 0, size); diff --git a/sys-kernel/linux-sources-redcore/files/enable_alx_wol.patch b/sys-kernel/linux-sources-redcore/files/enable_alx_wol.patch index f9347bfa..1b7f6e13 100644 --- a/sys-kernel/linux-sources-redcore/files/enable_alx_wol.patch +++ b/sys-kernel/linux-sources-redcore/files/enable_alx_wol.patch @@ -1,7 +1,8 @@ -diff -Nur a/drivers/net/ethernet/atheros/alx/ethtool.c b/drivers/net/ethernet/atheros/alx/ethtool.c ---- a/drivers/net/ethernet/atheros/alx/ethtool.c 2018-04-01 22:20:27.000000000 +0100 -+++ b/drivers/net/ethernet/atheros/alx/ethtool.c 2018-04-06 01:07:48.163242605 +0100 -@@ -310,11 +310,47 @@ +diff --git a/drivers/net/ethernet/atheros/alx/ethtool.c b/drivers/net/ethernet/atheros/alx/ethtool.c +index 2f4eabf652e8..859e27236ce4 100644 +--- a/drivers/net/ethernet/atheros/alx/ethtool.c ++++ b/drivers/net/ethernet/atheros/alx/ethtool.c +@@ -310,11 +310,47 @@ static int alx_get_sset_count(struct net_device *netdev, int sset) } } @@ -49,10 +50,11 @@ diff -Nur a/drivers/net/ethernet/atheros/alx/ethtool.c b/drivers/net/ethernet/at .get_link = ethtool_op_get_link, .get_strings = alx_get_strings, .get_sset_count = alx_get_sset_count, -diff -Nur a/drivers/net/ethernet/atheros/alx/hw.c b/drivers/net/ethernet/atheros/alx/hw.c ---- a/drivers/net/ethernet/atheros/alx/hw.c 2018-04-01 22:20:27.000000000 +0100 -+++ b/drivers/net/ethernet/atheros/alx/hw.c 2018-04-06 01:07:48.163242605 +0100 -@@ -332,6 +332,16 @@ +diff --git a/drivers/net/ethernet/atheros/alx/hw.c b/drivers/net/ethernet/atheros/alx/hw.c +index 6ac40b0003a3..4791b9dbbe26 100644 +--- a/drivers/net/ethernet/atheros/alx/hw.c ++++ b/drivers/net/ethernet/atheros/alx/hw.c +@@ -332,6 +332,16 @@ void alx_set_macaddr(struct alx_hw *hw, const u8 *addr) alx_write_mem32(hw, ALX_STAD1, val); } @@ -69,7 +71,7 @@ diff -Nur a/drivers/net/ethernet/atheros/alx/hw.c b/drivers/net/ethernet/atheros static void alx_reset_osc(struct alx_hw *hw, u8 rev) { u32 val, val2; -@@ -848,6 +858,66 @@ +@@ -848,6 +858,66 @@ void alx_post_phy_link(struct alx_hw *hw) } } @@ -136,7 +138,7 @@ diff -Nur a/drivers/net/ethernet/atheros/alx/hw.c b/drivers/net/ethernet/atheros bool alx_phy_configured(struct alx_hw *hw) { u32 cfg, hw_cfg; -@@ -920,6 +990,26 @@ +@@ -920,6 +990,26 @@ int alx_clear_phy_intr(struct alx_hw *hw) return alx_read_phy_reg(hw, ALX_MII_ISR, &isr); } @@ -163,7 +165,7 @@ diff -Nur a/drivers/net/ethernet/atheros/alx/hw.c b/drivers/net/ethernet/atheros void alx_disable_rss(struct alx_hw *hw) { u32 ctrl = alx_read_mem32(hw, ALX_RXQ0); -@@ -1045,6 +1135,71 @@ +@@ -1045,6 +1135,71 @@ void alx_mask_msix(struct alx_hw *hw, int index, bool mask) } @@ -235,10 +237,11 @@ diff -Nur a/drivers/net/ethernet/atheros/alx/hw.c b/drivers/net/ethernet/atheros bool alx_get_phy_info(struct alx_hw *hw) { u16 devs1, devs2; -diff -Nur a/drivers/net/ethernet/atheros/alx/hw.h b/drivers/net/ethernet/atheros/alx/hw.h ---- a/drivers/net/ethernet/atheros/alx/hw.h 2018-04-01 22:20:27.000000000 +0100 -+++ b/drivers/net/ethernet/atheros/alx/hw.h 2018-04-06 01:07:48.163242605 +0100 -@@ -487,6 +487,8 @@ +diff --git a/drivers/net/ethernet/atheros/alx/hw.h b/drivers/net/ethernet/atheros/alx/hw.h +index e42d7e0947eb..a7fb6c8d846a 100644 +--- a/drivers/net/ethernet/atheros/alx/hw.h ++++ b/drivers/net/ethernet/atheros/alx/hw.h +@@ -487,6 +487,8 @@ struct alx_hw { u8 flowctrl; u32 adv_cfg; @@ -247,7 +250,7 @@ diff -Nur a/drivers/net/ethernet/atheros/alx/hw.h b/drivers/net/ethernet/atheros spinlock_t mdio_lock; struct mdio_if_info mdio; u16 phy_id[2]; -@@ -549,12 +551,14 @@ +@@ -549,12 +551,14 @@ void alx_reset_pcie(struct alx_hw *hw); void alx_enable_aspm(struct alx_hw *hw, bool l0s_en, bool l1_en); int alx_setup_speed_duplex(struct alx_hw *hw, u32 ethadv, u8 flowctrl); void alx_post_phy_link(struct alx_hw *hw); @@ -262,7 +265,7 @@ diff -Nur a/drivers/net/ethernet/atheros/alx/hw.h b/drivers/net/ethernet/atheros void alx_cfg_mac_flowcontrol(struct alx_hw *hw, u8 fc); void alx_start_mac(struct alx_hw *hw); int alx_reset_mac(struct alx_hw *hw); -@@ -563,6 +567,7 @@ +@@ -563,6 +567,7 @@ bool alx_phy_configured(struct alx_hw *hw); void alx_configure_basic(struct alx_hw *hw); void alx_mask_msix(struct alx_hw *hw, int index, bool mask); void alx_disable_rss(struct alx_hw *hw); @@ -270,10 +273,11 @@ diff -Nur a/drivers/net/ethernet/atheros/alx/hw.h b/drivers/net/ethernet/atheros bool alx_get_phy_info(struct alx_hw *hw); void alx_update_hw_stats(struct alx_hw *hw); -diff -Nur a/drivers/net/ethernet/atheros/alx/main.c b/drivers/net/ethernet/atheros/alx/main.c ---- a/drivers/net/ethernet/atheros/alx/main.c 2018-04-01 22:20:27.000000000 +0100 -+++ b/drivers/net/ethernet/atheros/alx/main.c 2018-04-06 01:07:48.164242638 +0100 -@@ -1070,6 +1070,7 @@ +diff --git a/drivers/net/ethernet/atheros/alx/main.c b/drivers/net/ethernet/atheros/alx/main.c +index 5e5022fa1d04..7adaf10a1929 100644 +--- a/drivers/net/ethernet/atheros/alx/main.c ++++ b/drivers/net/ethernet/atheros/alx/main.c +@@ -1070,6 +1070,7 @@ static int alx_init_sw(struct alx_priv *alx) alx->dev->max_mtu = ALX_MAX_FRAME_LEN(ALX_MAX_FRAME_SIZE); alx->tx_ringsz = 256; alx->rx_ringsz = 512; @@ -281,7 +285,7 @@ diff -Nur a/drivers/net/ethernet/atheros/alx/main.c b/drivers/net/ethernet/ather hw->imt = 200; alx->int_mask = ALX_ISR_MISC; hw->dma_chnl = hw->max_dma_chnl; -@@ -1345,6 +1346,65 @@ +@@ -1345,6 +1346,65 @@ static int alx_stop(struct net_device *netdev) __alx_stop(netdev_priv(netdev)); return 0; } @@ -347,7 +351,7 @@ diff -Nur a/drivers/net/ethernet/atheros/alx/main.c b/drivers/net/ethernet/ather static void alx_link_check(struct work_struct *work) { -@@ -1841,6 +1901,8 @@ +@@ -1841,6 +1901,8 @@ static int alx_probe(struct pci_dev *pdev, const struct pci_device_id *ent) goto out_unmap; } @@ -356,7 +360,7 @@ diff -Nur a/drivers/net/ethernet/atheros/alx/main.c b/drivers/net/ethernet/ather netdev_info(netdev, "Qualcomm Atheros AR816x/AR817x Ethernet [%pM]\n", netdev->dev_addr); -@@ -1883,12 +1945,21 @@ +@@ -1883,12 +1945,21 @@ static void alx_remove(struct pci_dev *pdev) static int alx_suspend(struct device *dev) { struct pci_dev *pdev = to_pci_dev(dev); @@ -383,13 +387,23 @@ diff -Nur a/drivers/net/ethernet/atheros/alx/main.c b/drivers/net/ethernet/ather return 0; } -@@ -1896,20 +1967,47 @@ +@@ -1896,26 +1967,49 @@ static int alx_resume(struct device *dev) { struct pci_dev *pdev = to_pci_dev(dev); struct alx_priv *alx = pci_get_drvdata(pdev); - struct alx_hw *hw = &alx->hw; +- int err; - - alx_reset_phy(hw); +- +- if (!netif_running(alx->dev)) +- return 0; +- netif_device_attach(alx->dev); +- +- rtnl_lock(); +- err = __alx_open(alx, true); +- rtnl_unlock(); +- + struct net_device *netdev = alx->dev; + struct alx_hw *hw = &alx->hw; + int err; @@ -422,17 +436,15 @@ diff -Nur a/drivers/net/ethernet/atheros/alx/main.c b/drivers/net/ethernet/ather + } + + if (netif_running(netdev)) { ++ rtnl_lock(); + err = __alx_open(alx, true); ++ rtnl_unlock(); + if (err) + return err; + } - -- if (!netif_running(alx->dev)) -- return 0; -- netif_device_attach(alx->dev); -- return __alx_open(alx, true); ++ + netif_device_attach(netdev); -+ return err; + return err; } -static SIMPLE_DEV_PM_OPS(alx_pm_ops, alx_suspend, alx_resume); @@ -442,7 +454,7 @@ diff -Nur a/drivers/net/ethernet/atheros/alx/main.c b/drivers/net/ethernet/ather #endif -@@ -1955,6 +2053,8 @@ +@@ -1961,6 +2055,8 @@ static pci_ers_result_t alx_pci_error_slot_reset(struct pci_dev *pdev) } pci_set_master(pdev); @@ -451,7 +463,7 @@ diff -Nur a/drivers/net/ethernet/atheros/alx/main.c b/drivers/net/ethernet/ather alx_reset_pcie(hw); if (!alx_reset_mac(hw)) -@@ -2006,11 +2106,19 @@ +@@ -2012,11 +2108,19 @@ static const struct pci_device_id alx_pci_tbl[] = { {} }; diff --git a/sys-kernel/linux-sources-redcore/files/fix-spectre_v2-mitigation-strings.patch b/sys-kernel/linux-sources-redcore/files/fix-spectre_v2-mitigation-strings.patch deleted file mode 100644 index f77bb823..00000000 --- a/sys-kernel/linux-sources-redcore/files/fix-spectre_v2-mitigation-strings.patch +++ /dev/null @@ -1,28 +0,0 @@ -diff -Naur linux-4.16.5/arch/x86/kernel/cpu/bugs.c linux-4.16.5-p/arch/x86/kernel/cpu/bugs.c ---- linux-4.16.5/arch/x86/kernel/cpu/bugs.c 2018-04-26 11:00:39.000000000 +0200 -+++ linux-4.16.5-p/arch/x86/kernel/cpu/bugs.c 2018-04-28 02:34:28.424306602 +0200 -@@ -292,13 +292,13 @@ - if ((!boot_cpu_has(X86_FEATURE_PTI) && - !boot_cpu_has(X86_FEATURE_SMEP)) || is_skylake_era()) { - setup_force_cpu_cap(X86_FEATURE_RSB_CTXSW); -- pr_info("Spectre v2 mitigation: Filling RSB on context switch\n"); -+ pr_info("Mitigation: Filling RSB on context switch\n"); - } - - /* Initialize Indirect Branch Prediction Barrier if supported */ - if (boot_cpu_has(X86_FEATURE_IBPB)) { - setup_force_cpu_cap(X86_FEATURE_USE_IBPB); -- pr_info("Spectre v2 mitigation: Enabling Indirect Branch Prediction Barrier\n"); -+ pr_info("Mitigation: Enabling Indirect Branch Prediction Barrier\n"); - } - - /* -@@ -307,7 +307,7 @@ - */ - if (boot_cpu_has(X86_FEATURE_IBRS)) { - setup_force_cpu_cap(X86_FEATURE_USE_IBRS_FW); -- pr_info("Enabling Restricted Speculation for firmware calls\n"); -+ pr_info("Mitigation: Enabling Restricted Speculation for firmware calls\n"); - } - } - diff --git a/sys-kernel/linux-sources-redcore/files/linux-hardened-v3.patch b/sys-kernel/linux-sources-redcore/files/linux-hardened.patch index 53bb313f..7a46a91b 100644 --- a/sys-kernel/linux-sources-redcore/files/linux-hardened-v3.patch +++ b/sys-kernel/linux-sources-redcore/files/linux-hardened.patch @@ -1,14 +1,176 @@ -diff -Nur a/arch/arm64/configs/defconfig b/arch/arm64/configs/defconfig ---- a/arch/arm64/configs/defconfig 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/arm64/configs/defconfig 2018-05-22 19:56:23.693071674 +0100 +diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt +index 1370b424a453..54d7125d6912 100644 +--- a/Documentation/admin-guide/kernel-parameters.txt ++++ b/Documentation/admin-guide/kernel-parameters.txt +@@ -496,16 +496,6 @@ + nosocket -- Disable socket memory accounting. + nokmem -- Disable kernel memory accounting. + +- checkreqprot [SELINUX] Set initial checkreqprot flag value. +- Format: { "0" | "1" } +- See security/selinux/Kconfig help text. +- 0 -- check protection applied by kernel (includes +- any implied execute protection). +- 1 -- check protection requested by application. +- Default value is set via a kernel config option. +- Value can be changed at runtime via +- /selinux/checkreqprot. +- + cio_ignore= [S390] + See Documentation/s390/CommonIO for details. + clk_ignore_unused +@@ -3066,6 +3056,11 @@ + the specified number of seconds. This is to be used if + your oopses keep scrolling off the screen. + ++ extra_latent_entropy ++ Enable a very simple form of latent entropy extraction ++ from the first 4GB of memory as the bootmem allocator ++ passes the memory pages to the buddy allocator. ++ + pcbit= [HW,ISDN] + + pcd. [PARIDE] +diff --git a/Documentation/sysctl/kernel.txt b/Documentation/sysctl/kernel.txt +index eded671d55eb..0abfc33f101d 100644 +--- a/Documentation/sysctl/kernel.txt ++++ b/Documentation/sysctl/kernel.txt +@@ -92,6 +92,7 @@ show up in /proc/sys/kernel: + - sysctl_writes_strict + - tainted + - threads-max ++- tiocsti_restrict + - unknown_nmi_panic + - watchdog + - watchdog_thresh +@@ -1016,6 +1017,26 @@ available RAM pages threads-max is reduced accordingly. + + ============================================================== + ++tiocsti_restrict: ++ ++This toggle indicates whether unprivileged users are prevented ++from using the TIOCSTI ioctl to inject commands into other processes ++which share a tty session. ++ ++When tiocsti_restrict is set to (0) there are no restrictions(accept ++the default restriction of only being able to injection commands into ++one's own tty). When tiocsti_restrict is set to (1), users must ++have CAP_SYS_ADMIN to use the TIOCSTI ioctl. ++ ++When user namespaces are in use, the check for the capability ++CAP_SYS_ADMIN is done against the user namespace that originally ++opened the tty. ++ ++The kernel config option CONFIG_SECURITY_TIOCSTI_RESTRICT sets the ++default value of tiocsti_restrict. ++ ++============================================================== ++ + unknown_nmi_panic: + + The value in this file affects behavior of handling NMI. When the +diff --git a/Makefile b/Makefile +index a41692c5827a..ce817616d8a9 100644 +--- a/Makefile ++++ b/Makefile +@@ -688,6 +688,9 @@ stackp-flags-$(CONFIG_STACKPROTECTOR_STRONG) := -fstack-protector-strong + KBUILD_CFLAGS += $(stackp-flags-y) + + ifeq ($(cc-name),clang) ++ifdef CONFIG_LOCAL_INIT ++KBUILD_CFLAGS += -fsanitize=local-init ++endif + KBUILD_CPPFLAGS += $(call cc-option,-Qunused-arguments,) + KBUILD_CFLAGS += $(call cc-disable-warning, format-invalid-specifier) + KBUILD_CFLAGS += $(call cc-disable-warning, gnu) +diff --git a/arch/Kconfig b/arch/Kconfig +index d1f2ed462ac8..19a595a47dae 100644 +--- a/arch/Kconfig ++++ b/arch/Kconfig +@@ -470,6 +470,11 @@ config GCC_PLUGIN_LATENT_ENTROPY + is some slowdown of the boot process (about 0.5%) and fork and + irq processing. + ++ When extra_latent_entropy is passed on the kernel command line, ++ entropy will be extracted from up to the first 4GB of RAM while the ++ runtime memory allocator is being initialized. This costs even more ++ slowdown of the boot process. ++ + Note that entropy extracted this way is not cryptographically + secure! + +@@ -731,7 +736,7 @@ config ARCH_MMAP_RND_BITS + int "Number of bits to use for ASLR of mmap base address" if EXPERT + range ARCH_MMAP_RND_BITS_MIN ARCH_MMAP_RND_BITS_MAX + default ARCH_MMAP_RND_BITS_DEFAULT if ARCH_MMAP_RND_BITS_DEFAULT +- default ARCH_MMAP_RND_BITS_MIN ++ default ARCH_MMAP_RND_BITS_MAX + depends on HAVE_ARCH_MMAP_RND_BITS + help + This value can be used to select the number of bits to use to +@@ -765,7 +770,7 @@ config ARCH_MMAP_RND_COMPAT_BITS + int "Number of bits to use for ASLR of mmap base address for compatible applications" if EXPERT + range ARCH_MMAP_RND_COMPAT_BITS_MIN ARCH_MMAP_RND_COMPAT_BITS_MAX + default ARCH_MMAP_RND_COMPAT_BITS_DEFAULT if ARCH_MMAP_RND_COMPAT_BITS_DEFAULT +- default ARCH_MMAP_RND_COMPAT_BITS_MIN ++ default ARCH_MMAP_RND_COMPAT_BITS_MAX + depends on HAVE_ARCH_MMAP_RND_COMPAT_BITS + help + This value can be used to select the number of bits to use to +@@ -967,6 +972,7 @@ config ARCH_HAS_REFCOUNT + + config REFCOUNT_FULL + bool "Perform full reference count validation at the expense of speed" ++ default y + help + Enabling this switches the refcounting infrastructure from a fast + unchecked atomic_t implementation to a fully state checked +diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig +index 42c090cf0292..a6e2276009e4 100644 +--- a/arch/arm64/Kconfig ++++ b/arch/arm64/Kconfig +@@ -1005,6 +1005,7 @@ endif + + config ARM64_SW_TTBR0_PAN + bool "Emulate Privileged Access Never using TTBR0_EL1 switching" ++ default y + help + Enabling this option prevents the kernel from accessing + user-space memory directly by pointing TTBR0_EL1 to a reserved +@@ -1180,6 +1181,7 @@ config RANDOMIZE_BASE + bool "Randomize the address of the kernel image" + select ARM64_MODULE_PLTS if MODULES + select RELOCATABLE ++ default y + help + Randomizes the virtual address at which the kernel image is + loaded, as a security feature that deters exploit attempts +diff --git a/arch/arm64/Kconfig.debug b/arch/arm64/Kconfig.debug +index cc6bd559af85..01d5442d4722 100644 +--- a/arch/arm64/Kconfig.debug ++++ b/arch/arm64/Kconfig.debug +@@ -45,6 +45,7 @@ config ARM64_RANDOMIZE_TEXT_OFFSET + config DEBUG_WX + bool "Warn on W+X mappings at boot" + select ARM64_PTDUMP_CORE ++ default y + ---help--- + Generate a warning if any W+X mappings are found at boot. + +diff --git a/arch/arm64/configs/defconfig b/arch/arm64/configs/defconfig +index f9a186f6af8a..e628231a5a92 100644 +--- a/arch/arm64/configs/defconfig ++++ b/arch/arm64/configs/defconfig @@ -1,4 +1,3 @@ -CONFIG_SYSVIPC=y CONFIG_POSIX_MQUEUE=y CONFIG_AUDIT=y CONFIG_NO_HZ_IDLE=y -diff -Nur a/arch/arm64/include/asm/elf.h b/arch/arm64/include/asm/elf.h ---- a/arch/arm64/include/asm/elf.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/arm64/include/asm/elf.h 2018-05-22 19:56:23.693071674 +0100 +diff --git a/arch/arm64/include/asm/elf.h b/arch/arm64/include/asm/elf.h +index 433b9554c6a1..1f4b06317c9f 100644 +--- a/arch/arm64/include/asm/elf.h ++++ b/arch/arm64/include/asm/elf.h @@ -114,10 +114,10 @@ /* @@ -22,7 +184,7 @@ diff -Nur a/arch/arm64/include/asm/elf.h b/arch/arm64/include/asm/elf.h #ifndef __ASSEMBLY__ -@@ -158,10 +158,10 @@ +@@ -171,10 +171,10 @@ extern int arch_setup_additional_pages(struct linux_binprm *bprm, /* 1GB of VA */ #ifdef CONFIG_COMPAT #define STACK_RND_MASK (test_thread_flag(TIF_32BIT) ? \ @@ -36,40 +198,11 @@ diff -Nur a/arch/arm64/include/asm/elf.h b/arch/arm64/include/asm/elf.h #endif #ifdef __AARCH64EB__ -diff -Nur a/arch/arm64/Kconfig b/arch/arm64/Kconfig ---- a/arch/arm64/Kconfig 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/arm64/Kconfig 2018-05-22 19:56:23.692071641 +0100 -@@ -988,6 +988,7 @@ - - config ARM64_SW_TTBR0_PAN - bool "Emulate Privileged Access Never using TTBR0_EL1 switching" -+ default y - help - Enabling this option prevents the kernel from accessing - user-space memory directly by pointing TTBR0_EL1 to a reserved -@@ -1141,6 +1142,7 @@ - bool "Randomize the address of the kernel image" - select ARM64_MODULE_PLTS if MODULES - select RELOCATABLE -+ default y - help - Randomizes the virtual address at which the kernel image is - loaded, as a security feature that deters exploit attempts -diff -Nur a/arch/arm64/Kconfig.debug b/arch/arm64/Kconfig.debug ---- a/arch/arm64/Kconfig.debug 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/arm64/Kconfig.debug 2018-05-22 19:56:23.692071641 +0100 -@@ -45,6 +45,7 @@ - config DEBUG_WX - bool "Warn on W+X mappings at boot" - select ARM64_PTDUMP_CORE -+ default y - ---help--- - Generate a warning if any W+X mappings are found at boot. - -diff -Nur a/arch/arm64/kernel/process.c b/arch/arm64/kernel/process.c ---- a/arch/arm64/kernel/process.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/arm64/kernel/process.c 2018-05-22 19:56:23.693071674 +0100 -@@ -481,9 +481,9 @@ +diff --git a/arch/arm64/kernel/process.c b/arch/arm64/kernel/process.c +index e10bc363f533..8e5701978b7c 100644 +--- a/arch/arm64/kernel/process.c ++++ b/arch/arm64/kernel/process.c +@@ -481,9 +481,9 @@ unsigned long arch_align_stack(unsigned long sp) unsigned long arch_randomize_brk(struct mm_struct *mm) { if (is_compat_task()) @@ -81,60 +214,66 @@ diff -Nur a/arch/arm64/kernel/process.c b/arch/arm64/kernel/process.c } /* -diff -Nur a/arch/Kconfig b/arch/Kconfig ---- a/arch/Kconfig 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/Kconfig 2018-05-22 19:56:23.692071641 +0100 -@@ -454,6 +454,11 @@ - is some slowdown of the boot process (about 0.5%) and fork and - irq processing. - -+ When extra_latent_entropy is passed on the kernel command line, -+ entropy will be extracted from up to the first 4GB of RAM while the -+ runtime memory allocator is being initialized. This costs even more -+ slowdown of the boot process. -+ - Note that entropy extracted this way is not cryptographically - secure! +diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig +index 6b8065d718bd..347c8d1c3a45 100644 +--- a/arch/x86/Kconfig ++++ b/arch/x86/Kconfig +@@ -1202,8 +1202,7 @@ config VM86 + default X86_LEGACY_VM86 -@@ -747,7 +752,7 @@ - int "Number of bits to use for ASLR of mmap base address" if EXPERT - range ARCH_MMAP_RND_BITS_MIN ARCH_MMAP_RND_BITS_MAX - default ARCH_MMAP_RND_BITS_DEFAULT if ARCH_MMAP_RND_BITS_DEFAULT -- default ARCH_MMAP_RND_BITS_MIN -+ default ARCH_MMAP_RND_BITS_MAX - depends on HAVE_ARCH_MMAP_RND_BITS - help - This value can be used to select the number of bits to use to -@@ -781,7 +786,7 @@ - int "Number of bits to use for ASLR of mmap base address for compatible applications" if EXPERT - range ARCH_MMAP_RND_COMPAT_BITS_MIN ARCH_MMAP_RND_COMPAT_BITS_MAX - default ARCH_MMAP_RND_COMPAT_BITS_DEFAULT if ARCH_MMAP_RND_COMPAT_BITS_DEFAULT -- default ARCH_MMAP_RND_COMPAT_BITS_MIN -+ default ARCH_MMAP_RND_COMPAT_BITS_MAX - depends on HAVE_ARCH_MMAP_RND_COMPAT_BITS + config X86_16BIT +- bool "Enable support for 16-bit segments" if EXPERT +- default y ++ bool "Enable support for 16-bit segments" + depends on MODIFY_LDT_SYSCALL + ---help--- + This option is required by programs like Wine to run 16-bit +@@ -2295,7 +2294,7 @@ config COMPAT_VDSO + choice + prompt "vsyscall table for legacy applications" + depends on X86_64 +- default LEGACY_VSYSCALL_EMULATE ++ default LEGACY_VSYSCALL_NONE help - This value can be used to select the number of bits to use to -@@ -968,6 +973,7 @@ + Legacy user code that does not know how to find the vDSO expects + to be able to issue three syscalls by calling fixed addresses in +@@ -2376,8 +2375,7 @@ config CMDLINE_OVERRIDE + be set to 'N' under normal conditions. - config REFCOUNT_FULL - bool "Perform full reference count validation at the expense of speed" + config MODIFY_LDT_SYSCALL +- bool "Enable the LDT (local descriptor table)" if EXPERT +- default y ++ bool "Enable the LDT (local descriptor table)" + ---help--- + Linux can allow user programs to install a per-process x86 + Local Descriptor Table (LDT) using the modify_ldt(2) system +diff --git a/arch/x86/Kconfig.debug b/arch/x86/Kconfig.debug +index c6dd1d980081..0acf0d1d67de 100644 +--- a/arch/x86/Kconfig.debug ++++ b/arch/x86/Kconfig.debug +@@ -104,6 +104,7 @@ config EFI_PGT_DUMP + config DEBUG_WX + bool "Warn on W+X mappings at boot" + select X86_PTDUMP_CORE + default y - help - Enabling this switches the refcounting infrastructure from a fast - unchecked atomic_t implementation to a fully state checked -diff -Nur a/arch/x86/configs/x86_64_defconfig b/arch/x86/configs/x86_64_defconfig ---- a/arch/x86/configs/x86_64_defconfig 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/x86/configs/x86_64_defconfig 2018-05-22 19:56:23.694071707 +0100 + ---help--- + Generate a warning if any W+X mappings are found at boot. + +diff --git a/arch/x86/configs/x86_64_defconfig b/arch/x86/configs/x86_64_defconfig +index e32fc1f274d8..d08acc76502a 100644 +--- a/arch/x86/configs/x86_64_defconfig ++++ b/arch/x86/configs/x86_64_defconfig @@ -1,5 +1,4 @@ # CONFIG_LOCALVERSION_AUTO is not set -CONFIG_SYSVIPC=y CONFIG_POSIX_MQUEUE=y CONFIG_BSD_PROCESS_ACCT=y CONFIG_TASKSTATS=y -diff -Nur a/arch/x86/entry/vdso/vma.c b/arch/x86/entry/vdso/vma.c ---- a/arch/x86/entry/vdso/vma.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/x86/entry/vdso/vma.c 2018-05-22 19:56:23.694071707 +0100 -@@ -204,55 +204,9 @@ +diff --git a/arch/x86/entry/vdso/vma.c b/arch/x86/entry/vdso/vma.c +index 5b8b556dbb12..a569f08b4478 100644 +--- a/arch/x86/entry/vdso/vma.c ++++ b/arch/x86/entry/vdso/vma.c +@@ -204,55 +204,9 @@ static int map_vdso(const struct vdso_image *image, unsigned long addr) } #ifdef CONFIG_X86_64 @@ -191,10 +330,11 @@ diff -Nur a/arch/x86/entry/vdso/vma.c b/arch/x86/entry/vdso/vma.c } #endif -diff -Nur a/arch/x86/include/asm/elf.h b/arch/x86/include/asm/elf.h ---- a/arch/x86/include/asm/elf.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/x86/include/asm/elf.h 2018-05-22 19:56:23.694071707 +0100 -@@ -249,11 +249,11 @@ +diff --git a/arch/x86/include/asm/elf.h b/arch/x86/include/asm/elf.h +index 0d157d2a1e2a..770c8ae97f92 100644 +--- a/arch/x86/include/asm/elf.h ++++ b/arch/x86/include/asm/elf.h +@@ -249,11 +249,11 @@ extern int force_personality32; /* * This is the base location for PIE (ET_DYN with INTERP) loads. On @@ -208,7 +348,7 @@ diff -Nur a/arch/x86/include/asm/elf.h b/arch/x86/include/asm/elf.h /* This yields a mask that user programs can use to figure out what instruction set this CPU supports. This could be done in user space, -@@ -313,8 +313,8 @@ +@@ -313,8 +313,8 @@ extern bool mmap_address_hint_valid(unsigned long addr, unsigned long len); #ifdef CONFIG_X86_32 @@ -219,7 +359,7 @@ diff -Nur a/arch/x86/include/asm/elf.h b/arch/x86/include/asm/elf.h #define ARCH_DLINFO ARCH_DLINFO_IA32 -@@ -323,7 +323,11 @@ +@@ -323,7 +323,11 @@ extern bool mmap_address_hint_valid(unsigned long addr, unsigned long len); #else /* CONFIG_X86_32 */ /* 1GB for 64bit, 8MB for 32bit */ @@ -232,16 +372,17 @@ diff -Nur a/arch/x86/include/asm/elf.h b/arch/x86/include/asm/elf.h #define STACK_RND_MASK __STACK_RND_MASK(mmap_is_ia32()) #define ARCH_DLINFO \ -@@ -381,5 +385,4 @@ +@@ -381,5 +385,4 @@ struct va_alignment { } ____cacheline_aligned; extern struct va_alignment va_align; -extern unsigned long align_vdso_addr(unsigned long); #endif /* _ASM_X86_ELF_H */ -diff -Nur a/arch/x86/include/asm/tlbflush.h b/arch/x86/include/asm/tlbflush.h ---- a/arch/x86/include/asm/tlbflush.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/x86/include/asm/tlbflush.h 2018-05-22 19:56:23.694071707 +0100 -@@ -261,6 +261,7 @@ +diff --git a/arch/x86/include/asm/tlbflush.h b/arch/x86/include/asm/tlbflush.h +index 6690cd3fc8b1..300a1c2819fb 100644 +--- a/arch/x86/include/asm/tlbflush.h ++++ b/arch/x86/include/asm/tlbflush.h +@@ -266,6 +266,7 @@ static inline void cr4_set_bits(unsigned long mask) local_irq_save(flags); cr4 = this_cpu_read(cpu_tlbstate.cr4); @@ -249,7 +390,7 @@ diff -Nur a/arch/x86/include/asm/tlbflush.h b/arch/x86/include/asm/tlbflush.h if ((cr4 | mask) != cr4) __cr4_set(cr4 | mask); local_irq_restore(flags); -@@ -273,6 +274,7 @@ +@@ -278,6 +279,7 @@ static inline void cr4_clear_bits(unsigned long mask) local_irq_save(flags); cr4 = this_cpu_read(cpu_tlbstate.cr4); @@ -257,7 +398,7 @@ diff -Nur a/arch/x86/include/asm/tlbflush.h b/arch/x86/include/asm/tlbflush.h if ((cr4 & ~mask) != cr4) __cr4_set(cr4 & ~mask); local_irq_restore(flags); -@@ -283,6 +285,7 @@ +@@ -288,6 +290,7 @@ static inline void cr4_toggle_bits_irqsoff(unsigned long mask) unsigned long cr4; cr4 = this_cpu_read(cpu_tlbstate.cr4); @@ -265,7 +406,7 @@ diff -Nur a/arch/x86/include/asm/tlbflush.h b/arch/x86/include/asm/tlbflush.h __cr4_set(cr4 ^ mask); } -@@ -389,6 +392,7 @@ +@@ -394,6 +397,7 @@ static inline void __native_flush_tlb_global(void) raw_local_irq_save(flags); cr4 = this_cpu_read(cpu_tlbstate.cr4); @@ -273,53 +414,11 @@ diff -Nur a/arch/x86/include/asm/tlbflush.h b/arch/x86/include/asm/tlbflush.h /* toggle PGE */ native_write_cr4(cr4 ^ X86_CR4_PGE); /* write old PGE again and flush TLBs */ -diff -Nur a/arch/x86/Kconfig b/arch/x86/Kconfig ---- a/arch/x86/Kconfig 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/x86/Kconfig 2018-05-22 19:56:23.694071707 +0100 -@@ -1208,8 +1208,7 @@ - default X86_LEGACY_VM86 - - config X86_16BIT -- bool "Enable support for 16-bit segments" if EXPERT -- default y -+ bool "Enable support for 16-bit segments" - depends on MODIFY_LDT_SYSCALL - ---help--- - This option is required by programs like Wine to run 16-bit -@@ -2299,7 +2298,7 @@ - choice - prompt "vsyscall table for legacy applications" - depends on X86_64 -- default LEGACY_VSYSCALL_EMULATE -+ default LEGACY_VSYSCALL_NONE - help - Legacy user code that does not know how to find the vDSO expects - to be able to issue three syscalls by calling fixed addresses in -@@ -2380,8 +2379,7 @@ - be set to 'N' under normal conditions. - - config MODIFY_LDT_SYSCALL -- bool "Enable the LDT (local descriptor table)" if EXPERT -- default y -+ bool "Enable the LDT (local descriptor table)" - ---help--- - Linux can allow user programs to install a per-process x86 - Local Descriptor Table (LDT) using the modify_ldt(2) system -diff -Nur a/arch/x86/Kconfig.debug b/arch/x86/Kconfig.debug ---- a/arch/x86/Kconfig.debug 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/x86/Kconfig.debug 2018-05-22 19:56:23.694071707 +0100 -@@ -101,6 +101,7 @@ - config DEBUG_WX - bool "Warn on W+X mappings at boot" - select X86_PTDUMP_CORE -+ default y - ---help--- - Generate a warning if any W+X mappings are found at boot. - -diff -Nur a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c ---- a/arch/x86/kernel/cpu/common.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/x86/kernel/cpu/common.c 2018-05-22 19:56:23.695071739 +0100 -@@ -1662,7 +1662,6 @@ +diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c +index b41b72bd8bb8..d54a3c30902a 100644 +--- a/arch/x86/kernel/cpu/common.c ++++ b/arch/x86/kernel/cpu/common.c +@@ -1726,7 +1726,6 @@ void cpu_init(void) wrmsrl(MSR_KERNEL_GS_BASE, 0); barrier(); @@ -327,9 +426,10 @@ diff -Nur a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c x2apic_setup(); /* -diff -Nur a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c ---- a/arch/x86/kernel/process.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/x86/kernel/process.c 2018-05-22 19:58:08.019495182 +0100 +diff --git a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c +index 30ca2d1a9231..bde0a18cd9f9 100644 +--- a/arch/x86/kernel/process.c ++++ b/arch/x86/kernel/process.c @@ -39,6 +39,8 @@ #include <asm/desc.h> #include <asm/prctl.h> @@ -339,7 +439,7 @@ diff -Nur a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c /* * per-CPU TSS segments. Threads are completely 'soft' on Linux, -@@ -718,7 +720,10 @@ +@@ -718,7 +720,10 @@ unsigned long arch_align_stack(unsigned long sp) unsigned long arch_randomize_brk(struct mm_struct *mm) { @@ -351,10 +451,11 @@ diff -Nur a/arch/x86/kernel/process.c b/arch/x86/kernel/process.c } /* -diff -Nur a/arch/x86/kernel/sys_x86_64.c b/arch/x86/kernel/sys_x86_64.c ---- a/arch/x86/kernel/sys_x86_64.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/x86/kernel/sys_x86_64.c 2018-05-22 19:56:23.695071739 +0100 -@@ -54,13 +54,6 @@ +diff --git a/arch/x86/kernel/sys_x86_64.c b/arch/x86/kernel/sys_x86_64.c +index 6a78d4b36a79..715009f7a96c 100644 +--- a/arch/x86/kernel/sys_x86_64.c ++++ b/arch/x86/kernel/sys_x86_64.c +@@ -54,13 +54,6 @@ static unsigned long get_align_bits(void) return va_align.bits & get_align_mask(); } @@ -368,7 +469,7 @@ diff -Nur a/arch/x86/kernel/sys_x86_64.c b/arch/x86/kernel/sys_x86_64.c static int __init control_va_addr_alignment(char *str) { /* guard against enabling this on other CPU families */ -@@ -122,10 +115,7 @@ +@@ -122,10 +115,7 @@ static void find_start_end(unsigned long addr, unsigned long flags, } *begin = get_mmap_base(1); @@ -380,7 +481,7 @@ diff -Nur a/arch/x86/kernel/sys_x86_64.c b/arch/x86/kernel/sys_x86_64.c } unsigned long -@@ -210,7 +200,7 @@ +@@ -210,7 +200,7 @@ arch_get_unmapped_area_topdown(struct file *filp, const unsigned long addr0, info.flags = VM_UNMAPPED_AREA_TOPDOWN; info.length = len; @@ -389,19 +490,23 @@ diff -Nur a/arch/x86/kernel/sys_x86_64.c b/arch/x86/kernel/sys_x86_64.c info.high_limit = get_mmap_base(0); /* -diff -Nur a/arch/x86/mm/init_32.c b/arch/x86/mm/init_32.c ---- a/arch/x86/mm/init_32.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/x86/mm/init_32.c 2018-05-22 19:56:23.695071739 +0100 -@@ -558,7 +558,7 @@ - permanent_kmaps_init(pgd_base); - } - --pteval_t __supported_pte_mask __read_mostly = ~(_PAGE_NX | _PAGE_GLOBAL); -+pteval_t __supported_pte_mask __ro_after_init = ~(_PAGE_NX | _PAGE_GLOBAL); +diff --git a/arch/x86/mm/init_32.c b/arch/x86/mm/init_32.c +index 979e0a02cbe1..d6ab882a0091 100644 +--- a/arch/x86/mm/init_32.c ++++ b/arch/x86/mm/init_32.c +@@ -560,9 +560,9 @@ static void __init pagetable_init(void) + + #define DEFAULT_PTE_MASK ~(_PAGE_NX | _PAGE_GLOBAL) + /* Bits supported by the hardware: */ +-pteval_t __supported_pte_mask __read_mostly = DEFAULT_PTE_MASK; ++pteval_t __supported_pte_mask __ro_after_init = DEFAULT_PTE_MASK; + /* Bits allowed in normal kernel mappings: */ +-pteval_t __default_kernel_pte_mask __read_mostly = DEFAULT_PTE_MASK; ++pteval_t __default_kernel_pte_mask __ro_after_init = DEFAULT_PTE_MASK; EXPORT_SYMBOL_GPL(__supported_pte_mask); - - /* user-defined highmem size */ -@@ -866,7 +866,7 @@ + /* Used in PAGE_KERNEL_* macros which are reasonably used out-of-tree: */ + EXPORT_SYMBOL(__default_kernel_pte_mask); +@@ -873,7 +873,7 @@ int arch_remove_memory(u64 start, u64 size, struct vmem_altmap *altmap) #endif #endif @@ -410,7 +515,7 @@ diff -Nur a/arch/x86/mm/init_32.c b/arch/x86/mm/init_32.c void set_kernel_text_rw(void) { -@@ -918,12 +918,11 @@ +@@ -925,12 +925,11 @@ void mark_rodata_ro(void) unsigned long start = PFN_ALIGN(_text); unsigned long size = PFN_ALIGN(_etext) - start; @@ -424,19 +529,23 @@ diff -Nur a/arch/x86/mm/init_32.c b/arch/x86/mm/init_32.c #ifdef CONFIG_CPA_DEBUG printk(KERN_INFO "Testing CPA: Reverting %lx-%lx\n", start, start+size); -diff -Nur a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c ---- a/arch/x86/mm/init_64.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/arch/x86/mm/init_64.c 2018-05-22 19:56:23.696071772 +0100 -@@ -65,7 +65,7 @@ - * around without checking the pgd every time. +diff --git a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c +index 68c292cb1ebf..b81cd1f2d6df 100644 +--- a/arch/x86/mm/init_64.c ++++ b/arch/x86/mm/init_64.c +@@ -66,9 +66,9 @@ */ + /* Bits supported by the hardware: */ -pteval_t __supported_pte_mask __read_mostly = ~0; +pteval_t __supported_pte_mask __ro_after_init = ~0; + /* Bits allowed in normal kernel mappings: */ +-pteval_t __default_kernel_pte_mask __read_mostly = ~0; ++pteval_t __default_kernel_pte_mask __ro_after_init = ~0; EXPORT_SYMBOL_GPL(__supported_pte_mask); - - int force_personality32; -@@ -1195,7 +1195,7 @@ + /* Used in PAGE_KERNEL_* macros which are reasonably used out-of-tree: */ + EXPORT_SYMBOL(__default_kernel_pte_mask); +@@ -1207,7 +1207,7 @@ void __init mem_init(void) mem_init_print_info(NULL); } @@ -445,7 +554,7 @@ diff -Nur a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c void set_kernel_text_rw(void) { -@@ -1244,9 +1244,8 @@ +@@ -1256,9 +1256,8 @@ void mark_rodata_ro(void) printk(KERN_INFO "Write protecting the kernel read-only data: %luk\n", (end - start) >> 10); @@ -456,10 +565,11 @@ diff -Nur a/arch/x86/mm/init_64.c b/arch/x86/mm/init_64.c /* * The rodata/data/bss/brk section (but not the kernel text!) -diff -Nur a/block/blk-softirq.c b/block/blk-softirq.c ---- a/block/blk-softirq.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/block/blk-softirq.c 2018-05-22 19:56:23.696071772 +0100 -@@ -20,7 +20,7 @@ +diff --git a/block/blk-softirq.c b/block/blk-softirq.c +index 15c1f5e12eb8..ff72cccec5b8 100644 +--- a/block/blk-softirq.c ++++ b/block/blk-softirq.c +@@ -20,7 +20,7 @@ static DEFINE_PER_CPU(struct list_head, blk_cpu_done); * Softirq action handler - move entries to local list and loop over them * while passing them to the queue registered handler. */ @@ -468,42 +578,11 @@ diff -Nur a/block/blk-softirq.c b/block/blk-softirq.c { struct list_head *cpu_list, local_list; -diff -Nur a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt ---- a/Documentation/admin-guide/kernel-parameters.txt 2018-05-22 17:56:31.000000000 +0100 -+++ b/Documentation/admin-guide/kernel-parameters.txt 2018-05-22 19:56:23.691071608 +0100 -@@ -496,16 +496,6 @@ - nosocket -- Disable socket memory accounting. - nokmem -- Disable kernel memory accounting. - -- checkreqprot [SELINUX] Set initial checkreqprot flag value. -- Format: { "0" | "1" } -- See security/selinux/Kconfig help text. -- 0 -- check protection applied by kernel (includes -- any implied execute protection). -- 1 -- check protection requested by application. -- Default value is set via a kernel config option. -- Value can be changed at runtime via -- /selinux/checkreqprot. -- - cio_ignore= [S390] - See Documentation/s390/CommonIO for details. - clk_ignore_unused -@@ -2946,6 +2936,11 @@ - the specified number of seconds. This is to be used if - your oopses keep scrolling off the screen. - -+ extra_latent_entropy -+ Enable a very simple form of latent entropy extraction -+ from the first 4GB of memory as the bootmem allocator -+ passes the memory pages to the buddy allocator. -+ - pcbit= [HW,ISDN] - - pcd. [PARIDE] -diff -Nur a/drivers/ata/libata-core.c b/drivers/ata/libata-core.c ---- a/drivers/ata/libata-core.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/drivers/ata/libata-core.c 2018-05-22 19:56:23.697071805 +0100 -@@ -5151,7 +5151,7 @@ +diff --git a/drivers/ata/libata-core.c b/drivers/ata/libata-core.c +index cc71c63df381..44432ecffbcd 100644 +--- a/drivers/ata/libata-core.c ++++ b/drivers/ata/libata-core.c +@@ -5154,7 +5154,7 @@ void ata_qc_free(struct ata_queued_cmd *qc) struct ata_port *ap; unsigned int tag; @@ -512,7 +591,7 @@ diff -Nur a/drivers/ata/libata-core.c b/drivers/ata/libata-core.c ap = qc->ap; qc->flags = 0; -@@ -5168,7 +5168,7 @@ +@@ -5171,7 +5171,7 @@ void __ata_qc_complete(struct ata_queued_cmd *qc) struct ata_port *ap; struct ata_link *link; @@ -521,10 +600,11 @@ diff -Nur a/drivers/ata/libata-core.c b/drivers/ata/libata-core.c WARN_ON_ONCE(!(qc->flags & ATA_QCFLAG_ACTIVE)); ap = qc->ap; link = qc->dev->link; -diff -Nur a/drivers/char/Kconfig b/drivers/char/Kconfig ---- a/drivers/char/Kconfig 2018-05-22 17:56:31.000000000 +0100 -+++ b/drivers/char/Kconfig 2018-05-22 19:56:23.697071805 +0100 -@@ -9,7 +9,6 @@ +diff --git a/drivers/char/Kconfig b/drivers/char/Kconfig +index 212f447938ae..0982c7ddd88c 100644 +--- a/drivers/char/Kconfig ++++ b/drivers/char/Kconfig +@@ -9,7 +9,6 @@ source "drivers/tty/Kconfig" config DEVMEM bool "/dev/mem virtual device support" @@ -532,7 +612,7 @@ diff -Nur a/drivers/char/Kconfig b/drivers/char/Kconfig help Say Y here if you want to support the /dev/mem device. The /dev/mem device is used to access areas of physical -@@ -568,7 +567,6 @@ +@@ -531,7 +530,6 @@ config TELCLOCK config DEVPORT bool "/dev/port character device" depends on ISA || PCI @@ -540,10 +620,11 @@ diff -Nur a/drivers/char/Kconfig b/drivers/char/Kconfig help Say Y here if you want to support the /dev/port device. The /dev/port device is similar to /dev/mem, but for I/O ports. -diff -Nur a/drivers/tty/Kconfig b/drivers/tty/Kconfig ---- a/drivers/tty/Kconfig 2018-05-22 17:56:31.000000000 +0100 -+++ b/drivers/tty/Kconfig 2018-05-22 19:56:23.698071838 +0100 -@@ -122,7 +122,6 @@ +diff --git a/drivers/tty/Kconfig b/drivers/tty/Kconfig +index 0840d27381ea..ae292fcedaca 100644 +--- a/drivers/tty/Kconfig ++++ b/drivers/tty/Kconfig +@@ -122,7 +122,6 @@ config UNIX98_PTYS config LEGACY_PTYS bool "Legacy (BSD) PTY support" @@ -551,9 +632,50 @@ diff -Nur a/drivers/tty/Kconfig b/drivers/tty/Kconfig ---help--- A pseudo terminal (PTY) is a software device consisting of two halves: a master and a slave. The slave device behaves identical to -diff -Nur a/drivers/usb/core/hub.c b/drivers/usb/core/hub.c ---- a/drivers/usb/core/hub.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/drivers/usb/core/hub.c 2018-05-22 19:56:23.699071871 +0100 +diff --git a/drivers/tty/tty_io.c b/drivers/tty/tty_io.c +index aba59521ad48..90d4779683a3 100644 +--- a/drivers/tty/tty_io.c ++++ b/drivers/tty/tty_io.c +@@ -172,6 +172,7 @@ static void free_tty_struct(struct tty_struct *tty) + put_device(tty->dev); + kfree(tty->write_buf); + tty->magic = 0xDEADDEAD; ++ put_user_ns(tty->owner_user_ns); + kfree(tty); + } + +@@ -2164,11 +2165,19 @@ static int tty_fasync(int fd, struct file *filp, int on) + * FIXME: may race normal receive processing + */ + ++int tiocsti_restrict = IS_ENABLED(CONFIG_SECURITY_TIOCSTI_RESTRICT); ++ + static int tiocsti(struct tty_struct *tty, char __user *p) + { + char ch, mbz = 0; + struct tty_ldisc *ld; + ++ if (tiocsti_restrict && ++ !ns_capable(tty->owner_user_ns, CAP_SYS_ADMIN)) { ++ dev_warn_ratelimited(tty->dev, ++ "Denied TIOCSTI ioctl for non-privileged process\n"); ++ return -EPERM; ++ } + if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN)) + return -EPERM; + if (get_user(ch, p)) +@@ -2851,6 +2860,7 @@ struct tty_struct *alloc_tty_struct(struct tty_driver *driver, int idx) + tty->index = idx; + tty_line_name(driver, idx, tty->name); + tty->dev = tty_get_device(tty); ++ tty->owner_user_ns = get_user_ns(current_user_ns()); + + return tty; + } +diff --git a/drivers/usb/core/hub.c b/drivers/usb/core/hub.c +index 1fb266809966..db145cb734e4 100644 +--- a/drivers/usb/core/hub.c ++++ b/drivers/usb/core/hub.c @@ -41,6 +41,8 @@ #define USB_TP_TRANSMISSION_DELAY 40 /* ns */ #define USB_TP_TRANSMISSION_DELAY_MAX 65535 /* ns */ @@ -563,7 +685,7 @@ diff -Nur a/drivers/usb/core/hub.c b/drivers/usb/core/hub.c /* Protect struct usb_device->state and ->children members * Note: Both are also protected by ->dev.sem, except that ->state can * change to USB_STATE_NOTATTACHED even when the semaphore isn't held. */ -@@ -4847,6 +4849,12 @@ +@@ -4881,6 +4883,12 @@ static void hub_port_connect(struct usb_hub *hub, int port1, u16 portstatus, goto done; return; } @@ -576,9 +698,10 @@ diff -Nur a/drivers/usb/core/hub.c b/drivers/usb/core/hub.c if (hub_is_superspeed(hub->hdev)) unit_load = 150; else -diff -Nur a/fs/exec.c b/fs/exec.c ---- a/fs/exec.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/fs/exec.c 2018-05-22 19:56:23.699071871 +0100 +diff --git a/fs/exec.c b/fs/exec.c +index bdd0eacefdf5..20908a84550c 100644 +--- a/fs/exec.c ++++ b/fs/exec.c @@ -62,6 +62,7 @@ #include <linux/oom.h> #include <linux/compat.h> @@ -587,7 +710,7 @@ diff -Nur a/fs/exec.c b/fs/exec.c #include <linux/uaccess.h> #include <asm/mmu_context.h> -@@ -321,6 +322,8 @@ +@@ -320,6 +321,8 @@ static int __bprm_mm_init(struct linux_binprm *bprm) arch_bprm_mm_init(mm, vma); up_write(&mm->mmap_sem); bprm->p = vma->vm_end - sizeof(void *); @@ -596,10 +719,11 @@ diff -Nur a/fs/exec.c b/fs/exec.c return 0; err: up_write(&mm->mmap_sem); -diff -Nur a/fs/namei.c b/fs/namei.c ---- a/fs/namei.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/fs/namei.c 2018-05-22 19:56:23.700071903 +0100 -@@ -883,8 +883,8 @@ +diff --git a/fs/namei.c b/fs/namei.c +index 734cef54fdf8..8e3b3ae0cf30 100644 +--- a/fs/namei.c ++++ b/fs/namei.c +@@ -885,8 +885,8 @@ static inline void put_link(struct nameidata *nd) path_put(&last->link); } @@ -610,18 +734,20 @@ diff -Nur a/fs/namei.c b/fs/namei.c /** * may_follow_link - Check symlink following for unsafe situations -diff -Nur a/fs/nfs/Kconfig b/fs/nfs/Kconfig ---- a/fs/nfs/Kconfig 2018-05-22 17:56:31.000000000 +0100 -+++ b/fs/nfs/Kconfig 2018-05-22 19:56:23.700071903 +0100 -@@ -195,4 +195,3 @@ +diff --git a/fs/nfs/Kconfig b/fs/nfs/Kconfig +index 5f93cfacb3d1..cea0d7d3b23e 100644 +--- a/fs/nfs/Kconfig ++++ b/fs/nfs/Kconfig +@@ -195,4 +195,3 @@ config NFS_DEBUG bool depends on NFS_FS && SUNRPC_DEBUG select CRC32 - default y -diff -Nur a/fs/proc/Kconfig b/fs/proc/Kconfig ---- a/fs/proc/Kconfig 2018-05-22 17:56:31.000000000 +0100 -+++ b/fs/proc/Kconfig 2018-05-22 19:56:23.700071903 +0100 -@@ -39,7 +39,6 @@ +diff --git a/fs/proc/Kconfig b/fs/proc/Kconfig +index 0eaeb41453f5..8cd1e66aa408 100644 +--- a/fs/proc/Kconfig ++++ b/fs/proc/Kconfig +@@ -39,7 +39,6 @@ config PROC_KCORE config PROC_VMCORE bool "/proc/vmcore support" depends on PROC_FS && CRASH_DUMP @@ -629,10 +755,11 @@ diff -Nur a/fs/proc/Kconfig b/fs/proc/Kconfig help Exports the dump image of crashed kernel in ELF format. -diff -Nur a/fs/stat.c b/fs/stat.c ---- a/fs/stat.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/fs/stat.c 2018-05-22 19:56:23.700071903 +0100 -@@ -40,8 +40,13 @@ +diff --git a/fs/stat.c b/fs/stat.c +index f8e6fb2c3657..240c1432e18f 100644 +--- a/fs/stat.c ++++ b/fs/stat.c +@@ -40,8 +40,13 @@ void generic_fillattr(struct inode *inode, struct kstat *stat) stat->gid = inode->i_gid; stat->rdev = inode->i_rdev; stat->size = i_size_read(inode); @@ -648,7 +775,7 @@ diff -Nur a/fs/stat.c b/fs/stat.c stat->ctime = inode->i_ctime; stat->blksize = i_blocksize(inode); stat->blocks = inode->i_blocks; -@@ -75,9 +80,14 @@ +@@ -75,9 +80,14 @@ int vfs_getattr_nosec(const struct path *path, struct kstat *stat, stat->result_mask |= STATX_BASIC_STATS; request_mask &= STATX_ALL; query_flags &= KSTAT_QUERY_FLAGS; @@ -666,9 +793,10 @@ diff -Nur a/fs/stat.c b/fs/stat.c generic_fillattr(inode, stat); return 0; -diff -Nur a/include/linux/cache.h b/include/linux/cache.h ---- a/include/linux/cache.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/include/linux/cache.h 2018-05-22 19:56:23.700071903 +0100 +diff --git a/include/linux/cache.h b/include/linux/cache.h +index 750621e41d1c..e7157c18c62c 100644 +--- a/include/linux/cache.h ++++ b/include/linux/cache.h @@ -31,6 +31,8 @@ #define __ro_after_init __attribute__((__section__(".data..ro_after_init"))) #endif @@ -678,10 +806,11 @@ diff -Nur a/include/linux/cache.h b/include/linux/cache.h #ifndef ____cacheline_aligned #define ____cacheline_aligned __attribute__((__aligned__(SMP_CACHE_BYTES))) #endif -diff -Nur a/include/linux/capability.h b/include/linux/capability.h ---- a/include/linux/capability.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/include/linux/capability.h 2018-05-22 19:56:23.700071903 +0100 -@@ -207,6 +207,7 @@ +diff --git a/include/linux/capability.h b/include/linux/capability.h +index f640dcbc880c..2b4f5d651f19 100644 +--- a/include/linux/capability.h ++++ b/include/linux/capability.h +@@ -207,6 +207,7 @@ extern bool has_capability_noaudit(struct task_struct *t, int cap); extern bool has_ns_capability_noaudit(struct task_struct *t, struct user_namespace *ns, int cap); extern bool capable(int cap); @@ -689,7 +818,7 @@ diff -Nur a/include/linux/capability.h b/include/linux/capability.h extern bool ns_capable(struct user_namespace *ns, int cap); extern bool ns_capable_noaudit(struct user_namespace *ns, int cap); #else -@@ -232,6 +233,10 @@ +@@ -232,6 +233,10 @@ static inline bool capable(int cap) { return true; } @@ -700,10 +829,11 @@ diff -Nur a/include/linux/capability.h b/include/linux/capability.h static inline bool ns_capable(struct user_namespace *ns, int cap) { return true; -diff -Nur a/include/linux/fs.h b/include/linux/fs.h ---- a/include/linux/fs.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/include/linux/fs.h 2018-05-22 19:56:23.701071936 +0100 -@@ -3407,4 +3407,15 @@ +diff --git a/include/linux/fs.h b/include/linux/fs.h +index 805bf22898cf..e3a036f29e69 100644 +--- a/include/linux/fs.h ++++ b/include/linux/fs.h +@@ -3438,4 +3438,15 @@ static inline bool dir_relax_shared(struct inode *inode) extern bool path_noexec(const struct path *path); extern void inode_nohighmem(struct inode *inode); @@ -719,10 +849,11 @@ diff -Nur a/include/linux/fs.h b/include/linux/fs.h +} + #endif /* _LINUX_FS_H */ -diff -Nur a/include/linux/fsnotify.h b/include/linux/fsnotify.h ---- a/include/linux/fsnotify.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/include/linux/fsnotify.h 2018-05-22 19:56:23.701071936 +0100 -@@ -181,6 +181,9 @@ +diff --git a/include/linux/fsnotify.h b/include/linux/fsnotify.h +index bdaf22582f6e..326ff15d4637 100644 +--- a/include/linux/fsnotify.h ++++ b/include/linux/fsnotify.h +@@ -181,6 +181,9 @@ static inline void fsnotify_access(struct file *file) struct inode *inode = path->dentry->d_inode; __u32 mask = FS_ACCESS; @@ -732,7 +863,7 @@ diff -Nur a/include/linux/fsnotify.h b/include/linux/fsnotify.h if (S_ISDIR(inode->i_mode)) mask |= FS_ISDIR; -@@ -199,6 +202,9 @@ +@@ -199,6 +202,9 @@ static inline void fsnotify_modify(struct file *file) struct inode *inode = path->dentry->d_inode; __u32 mask = FS_MODIFY; @@ -742,10 +873,11 @@ diff -Nur a/include/linux/fsnotify.h b/include/linux/fsnotify.h if (S_ISDIR(inode->i_mode)) mask |= FS_ISDIR; -diff -Nur a/include/linux/gfp.h b/include/linux/gfp.h ---- a/include/linux/gfp.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/include/linux/gfp.h 2018-05-22 19:56:23.701071936 +0100 -@@ -513,9 +513,9 @@ +diff --git a/include/linux/gfp.h b/include/linux/gfp.h +index a6afcec53795..dea3241398bb 100644 +--- a/include/linux/gfp.h ++++ b/include/linux/gfp.h +@@ -513,9 +513,9 @@ extern struct page *alloc_pages_vma(gfp_t gfp_mask, int order, extern unsigned long __get_free_pages(gfp_t gfp_mask, unsigned int order); extern unsigned long get_zeroed_page(gfp_t gfp_mask); @@ -753,14 +885,15 @@ diff -Nur a/include/linux/gfp.h b/include/linux/gfp.h +void *alloc_pages_exact(size_t size, gfp_t gfp_mask) __attribute__((alloc_size(1))); void free_pages_exact(void *virt, size_t size); -void * __meminit alloc_pages_exact_nid(int nid, size_t size, gfp_t gfp_mask); -+void * __meminit alloc_pages_exact_nid(int nid, size_t size, gfp_t gfp_mask) __attribute__((alloc_size(1))); ++void * __meminit alloc_pages_exact_nid(int nid, size_t size, gfp_t gfp_mask) __attribute__((alloc_size(2))); #define __get_free_page(gfp_mask) \ __get_free_pages((gfp_mask), 0) -diff -Nur a/include/linux/highmem.h b/include/linux/highmem.h ---- a/include/linux/highmem.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/include/linux/highmem.h 2018-05-22 19:56:23.702071969 +0100 -@@ -191,6 +191,13 @@ +diff --git a/include/linux/highmem.h b/include/linux/highmem.h +index 0690679832d4..b9394bc86fad 100644 +--- a/include/linux/highmem.h ++++ b/include/linux/highmem.h +@@ -191,6 +191,13 @@ static inline void clear_highpage(struct page *page) kunmap_atomic(kaddr); } @@ -774,10 +907,11 @@ diff -Nur a/include/linux/highmem.h b/include/linux/highmem.h static inline void zero_user_segments(struct page *page, unsigned start1, unsigned end1, unsigned start2, unsigned end2) -diff -Nur a/include/linux/interrupt.h b/include/linux/interrupt.h ---- a/include/linux/interrupt.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/include/linux/interrupt.h 2018-05-22 19:56:23.702071969 +0100 -@@ -485,7 +485,7 @@ +diff --git a/include/linux/interrupt.h b/include/linux/interrupt.h +index eeceac3376fc..78ad558bce5f 100644 +--- a/include/linux/interrupt.h ++++ b/include/linux/interrupt.h +@@ -490,7 +490,7 @@ extern const char * const softirq_to_name[NR_SOFTIRQS]; struct softirq_action { @@ -786,7 +920,7 @@ diff -Nur a/include/linux/interrupt.h b/include/linux/interrupt.h }; asmlinkage void do_softirq(void); -@@ -500,7 +500,7 @@ +@@ -505,7 +505,7 @@ static inline void do_softirq_own_stack(void) } #endif @@ -795,10 +929,11 @@ diff -Nur a/include/linux/interrupt.h b/include/linux/interrupt.h extern void softirq_init(void); extern void __raise_softirq_irqoff(unsigned int nr); -diff -Nur a/include/linux/kobject_ns.h b/include/linux/kobject_ns.h ---- a/include/linux/kobject_ns.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/include/linux/kobject_ns.h 2018-05-22 19:56:23.702071969 +0100 -@@ -45,7 +45,7 @@ +diff --git a/include/linux/kobject_ns.h b/include/linux/kobject_ns.h +index 069aa2ebef90..cb9e3637a620 100644 +--- a/include/linux/kobject_ns.h ++++ b/include/linux/kobject_ns.h +@@ -45,7 +45,7 @@ struct kobj_ns_type_operations { void (*drop_ns)(void *); }; @@ -807,10 +942,11 @@ diff -Nur a/include/linux/kobject_ns.h b/include/linux/kobject_ns.h int kobj_ns_type_registered(enum kobj_ns_type type); const struct kobj_ns_type_operations *kobj_child_ns_ops(struct kobject *parent); const struct kobj_ns_type_operations *kobj_ns_ops(struct kobject *kobj); -diff -Nur a/include/linux/mm.h b/include/linux/mm.h ---- a/include/linux/mm.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/include/linux/mm.h 2018-05-22 19:56:23.702071969 +0100 -@@ -535,7 +535,7 @@ +diff --git a/include/linux/mm.h b/include/linux/mm.h +index 68a5121694ef..4f6c2e842744 100644 +--- a/include/linux/mm.h ++++ b/include/linux/mm.h +@@ -570,7 +570,7 @@ static inline int is_vmalloc_or_module_addr(const void *x) } #endif @@ -819,10 +955,11 @@ diff -Nur a/include/linux/mm.h b/include/linux/mm.h static inline void *kvmalloc(size_t size, gfp_t flags) { return kvmalloc_node(size, flags, NUMA_NO_NODE); -diff -Nur a/include/linux/percpu.h b/include/linux/percpu.h ---- a/include/linux/percpu.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/include/linux/percpu.h 2018-05-22 19:56:23.702071969 +0100 -@@ -129,7 +129,7 @@ +diff --git a/include/linux/percpu.h b/include/linux/percpu.h +index 296bbe49d5d1..b26652c9a98d 100644 +--- a/include/linux/percpu.h ++++ b/include/linux/percpu.h +@@ -129,7 +129,7 @@ extern int __init pcpu_page_first_chunk(size_t reserved_size, pcpu_fc_populate_pte_fn_t populate_pte_fn); #endif @@ -831,7 +968,7 @@ diff -Nur a/include/linux/percpu.h b/include/linux/percpu.h extern bool __is_kernel_percpu_address(unsigned long addr, unsigned long *can_addr); extern bool is_kernel_percpu_address(unsigned long addr); -@@ -137,8 +137,8 @@ +@@ -137,8 +137,8 @@ extern bool is_kernel_percpu_address(unsigned long addr); extern void __init setup_per_cpu_areas(void); #endif @@ -842,10 +979,11 @@ diff -Nur a/include/linux/percpu.h b/include/linux/percpu.h extern void free_percpu(void __percpu *__pdata); extern phys_addr_t per_cpu_ptr_to_phys(void *addr); -diff -Nur a/include/linux/perf_event.h b/include/linux/perf_event.h ---- a/include/linux/perf_event.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/include/linux/perf_event.h 2018-05-22 19:56:23.703072002 +0100 -@@ -1151,6 +1151,11 @@ +diff --git a/include/linux/perf_event.h b/include/linux/perf_event.h +index 87f6db437e4a..bbcd76ec7d6e 100644 +--- a/include/linux/perf_event.h ++++ b/include/linux/perf_event.h +@@ -1179,6 +1179,11 @@ extern int perf_cpu_time_max_percent_handler(struct ctl_table *table, int write, int perf_event_max_stack_handler(struct ctl_table *table, int write, void __user *buffer, size_t *lenp, loff_t *ppos); @@ -857,10 +995,11 @@ diff -Nur a/include/linux/perf_event.h b/include/linux/perf_event.h static inline bool perf_paranoid_tracepoint_raw(void) { return sysctl_perf_event_paranoid > -1; -diff -Nur a/include/linux/slab.h b/include/linux/slab.h ---- a/include/linux/slab.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/include/linux/slab.h 2018-05-22 19:56:23.703072002 +0100 -@@ -177,8 +177,8 @@ +diff --git a/include/linux/slab.h b/include/linux/slab.h +index 14e3fe4bd6a1..2b1d16e90e75 100644 +--- a/include/linux/slab.h ++++ b/include/linux/slab.h +@@ -178,8 +178,8 @@ void memcg_destroy_kmem_caches(struct mem_cgroup *); /* * Common kmalloc functions provided by all allocators */ @@ -871,7 +1010,7 @@ diff -Nur a/include/linux/slab.h b/include/linux/slab.h void kfree(const void *); void kzfree(const void *); size_t ksize(const void *); -@@ -351,7 +351,7 @@ +@@ -352,7 +352,7 @@ static __always_inline unsigned int kmalloc_index(size_t size) } #endif /* !CONFIG_SLOB */ @@ -880,7 +1019,7 @@ diff -Nur a/include/linux/slab.h b/include/linux/slab.h void *kmem_cache_alloc(struct kmem_cache *, gfp_t flags) __assume_slab_alignment __malloc; void kmem_cache_free(struct kmem_cache *, void *); -@@ -375,7 +375,7 @@ +@@ -376,7 +376,7 @@ static __always_inline void kfree_bulk(size_t size, void **p) } #ifdef CONFIG_NUMA @@ -889,7 +1028,7 @@ diff -Nur a/include/linux/slab.h b/include/linux/slab.h void *kmem_cache_alloc_node(struct kmem_cache *, gfp_t flags, int node) __assume_slab_alignment __malloc; #else static __always_inline void *__kmalloc_node(size_t size, gfp_t flags, int node) -@@ -497,7 +497,7 @@ +@@ -498,7 +498,7 @@ static __always_inline void *kmalloc_large(size_t size, gfp_t flags) * for general use, and so are not documented here. For a full list of * potential flags, always refer to linux/gfp.h. */ @@ -898,7 +1037,7 @@ diff -Nur a/include/linux/slab.h b/include/linux/slab.h { if (__builtin_constant_p(size)) { if (size > KMALLOC_MAX_CACHE_SIZE) -@@ -537,7 +537,7 @@ +@@ -538,7 +538,7 @@ static __always_inline unsigned int kmalloc_size(unsigned int n) return 0; } @@ -907,10 +1046,11 @@ diff -Nur a/include/linux/slab.h b/include/linux/slab.h { #ifndef CONFIG_SLOB if (__builtin_constant_p(size) && -diff -Nur a/include/linux/slub_def.h b/include/linux/slub_def.h ---- a/include/linux/slub_def.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/include/linux/slub_def.h 2018-05-22 19:56:23.703072002 +0100 -@@ -120,6 +120,11 @@ +diff --git a/include/linux/slub_def.h b/include/linux/slub_def.h +index 3a1a1dbc6f49..ff38fec9eb76 100644 +--- a/include/linux/slub_def.h ++++ b/include/linux/slub_def.h +@@ -121,6 +121,11 @@ struct kmem_cache { unsigned long random; #endif @@ -922,10 +1062,11 @@ diff -Nur a/include/linux/slub_def.h b/include/linux/slub_def.h #ifdef CONFIG_NUMA /* * Defragmentation by allocating from a remote node. -diff -Nur a/include/linux/string.h b/include/linux/string.h ---- a/include/linux/string.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/include/linux/string.h 2018-05-22 19:56:23.703072002 +0100 -@@ -235,10 +235,16 @@ +diff --git a/include/linux/string.h b/include/linux/string.h +index 4a5a0eb7df51..be86cf21d0ce 100644 +--- a/include/linux/string.h ++++ b/include/linux/string.h +@@ -235,10 +235,16 @@ void __read_overflow2(void) __compiletime_error("detected read beyond size of ob void __read_overflow3(void) __compiletime_error("detected read beyond size of object passed as 3rd parameter"); void __write_overflow(void) __compiletime_error("detected write beyond size of object passed as 1st parameter"); @@ -943,7 +1084,7 @@ diff -Nur a/include/linux/string.h b/include/linux/string.h if (__builtin_constant_p(size) && p_size < size) __write_overflow(); if (p_size < size) -@@ -248,7 +254,7 @@ +@@ -248,7 +254,7 @@ __FORTIFY_INLINE char *strncpy(char *p, const char *q, __kernel_size_t size) __FORTIFY_INLINE char *strcat(char *p, const char *q) { @@ -952,7 +1093,7 @@ diff -Nur a/include/linux/string.h b/include/linux/string.h if (p_size == (size_t)-1) return __builtin_strcat(p, q); if (strlcat(p, q, p_size) >= p_size) -@@ -259,7 +265,7 @@ +@@ -259,7 +265,7 @@ __FORTIFY_INLINE char *strcat(char *p, const char *q) __FORTIFY_INLINE __kernel_size_t strlen(const char *p) { __kernel_size_t ret; @@ -961,7 +1102,7 @@ diff -Nur a/include/linux/string.h b/include/linux/string.h /* Work around gcc excess stack consumption issue */ if (p_size == (size_t)-1 || -@@ -274,7 +280,7 @@ +@@ -274,7 +280,7 @@ __FORTIFY_INLINE __kernel_size_t strlen(const char *p) extern __kernel_size_t __real_strnlen(const char *, __kernel_size_t) __RENAME(strnlen); __FORTIFY_INLINE __kernel_size_t strnlen(const char *p, __kernel_size_t maxlen) { @@ -970,7 +1111,7 @@ diff -Nur a/include/linux/string.h b/include/linux/string.h __kernel_size_t ret = __real_strnlen(p, maxlen < p_size ? maxlen : p_size); if (p_size <= ret && maxlen != ret) fortify_panic(__func__); -@@ -286,8 +292,8 @@ +@@ -286,8 +292,8 @@ extern size_t __real_strlcpy(char *, const char *, size_t) __RENAME(strlcpy); __FORTIFY_INLINE size_t strlcpy(char *p, const char *q, size_t size) { size_t ret; @@ -981,7 +1122,7 @@ diff -Nur a/include/linux/string.h b/include/linux/string.h if (p_size == (size_t)-1 && q_size == (size_t)-1) return __real_strlcpy(p, q, size); ret = strlen(q); -@@ -307,8 +313,8 @@ +@@ -307,8 +313,8 @@ __FORTIFY_INLINE size_t strlcpy(char *p, const char *q, size_t size) __FORTIFY_INLINE char *strncat(char *p, const char *q, __kernel_size_t count) { size_t p_len, copy_len; @@ -992,7 +1133,7 @@ diff -Nur a/include/linux/string.h b/include/linux/string.h if (p_size == (size_t)-1 && q_size == (size_t)-1) return __builtin_strncat(p, q, count); p_len = strlen(p); -@@ -421,8 +427,8 @@ +@@ -421,8 +427,8 @@ __FORTIFY_INLINE void *kmemdup(const void *p, size_t size, gfp_t gfp) /* defined after fortified strlen and memcpy to reuse them */ __FORTIFY_INLINE char *strcpy(char *p, const char *q) { @@ -1003,10 +1144,40 @@ diff -Nur a/include/linux/string.h b/include/linux/string.h if (p_size == (size_t)-1 && q_size == (size_t)-1) return __builtin_strcpy(p, q); memcpy(p, q, strlen(q) + 1); -diff -Nur a/include/linux/vmalloc.h b/include/linux/vmalloc.h ---- a/include/linux/vmalloc.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/include/linux/vmalloc.h 2018-05-22 19:56:23.703072002 +0100 -@@ -68,19 +68,19 @@ +diff --git a/include/linux/tty.h b/include/linux/tty.h +index c56e3978b00f..1625c85f31f0 100644 +--- a/include/linux/tty.h ++++ b/include/linux/tty.h +@@ -14,6 +14,7 @@ + #include <uapi/linux/tty.h> + #include <linux/rwsem.h> + #include <linux/llist.h> ++#include <linux/user_namespace.h> + + + /* +@@ -336,6 +337,7 @@ struct tty_struct { + /* If the tty has a pending do_SAK, queue it here - akpm */ + struct work_struct SAK_work; + struct tty_port *port; ++ struct user_namespace *owner_user_ns; + } __randomize_layout; + + /* Each of a tty's open files has private_data pointing to tty_file_private */ +@@ -345,6 +347,8 @@ struct tty_file_private { + struct list_head list; + }; + ++extern int tiocsti_restrict; ++ + /* tty magic number */ + #define TTY_MAGIC 0x5401 + +diff --git a/include/linux/vmalloc.h b/include/linux/vmalloc.h +index 398e9c95cd61..baab7195306a 100644 +--- a/include/linux/vmalloc.h ++++ b/include/linux/vmalloc.h +@@ -69,19 +69,19 @@ static inline void vmalloc_init(void) } #endif @@ -1036,10 +1207,11 @@ diff -Nur a/include/linux/vmalloc.h b/include/linux/vmalloc.h #ifndef CONFIG_MMU extern void *__vmalloc_node_flags(unsigned long size, int node, gfp_t flags); static inline void *__vmalloc_node_flags_caller(unsigned long size, int node, -diff -Nur a/init/Kconfig b/init/Kconfig ---- a/init/Kconfig 2018-05-22 17:56:31.000000000 +0100 -+++ b/init/Kconfig 2018-05-22 19:56:23.704072035 +0100 -@@ -296,6 +296,7 @@ +diff --git a/init/Kconfig b/init/Kconfig +index 041f3a022122..0ddcf8b083d4 100644 +--- a/init/Kconfig ++++ b/init/Kconfig +@@ -294,6 +294,7 @@ config USELIB config AUDIT bool "Auditing support" depends on NET @@ -1047,7 +1219,7 @@ diff -Nur a/init/Kconfig b/init/Kconfig help Enable auditing infrastructure that can be used with another kernel subsystem, such as SELinux (which requires this for -@@ -1039,6 +1040,12 @@ +@@ -1036,6 +1037,12 @@ config CC_OPTIMIZE_FOR_SIZE endchoice @@ -1057,10 +1229,10 @@ diff -Nur a/init/Kconfig b/init/Kconfig + Zero-fill uninitialized local variables, other than variable-length + arrays. Requires compiler support. + - config SYSCTL + config HAVE_LD_DEAD_CODE_DATA_ELIMINATION bool - -@@ -1296,8 +1303,7 @@ + help +@@ -1319,8 +1326,7 @@ config SHMEM which may be appropriate on small systems without swap. config AIO @@ -1070,7 +1242,7 @@ diff -Nur a/init/Kconfig b/init/Kconfig help This option enables POSIX asynchronous I/O which may by used by some high performance threaded applications. Disabling -@@ -1502,7 +1508,7 @@ +@@ -1549,7 +1555,7 @@ config VM_EVENT_COUNTERS config SLUB_DEBUG default y @@ -1079,7 +1251,7 @@ diff -Nur a/init/Kconfig b/init/Kconfig depends on SLUB && SYSFS help SLUB has extensive debug support features. Disabling these can -@@ -1526,7 +1532,6 @@ +@@ -1573,7 +1579,6 @@ config SLUB_MEMCG_SYSFS_ON config COMPAT_BRK bool "Disable heap randomization" @@ -1087,7 +1259,7 @@ diff -Nur a/init/Kconfig b/init/Kconfig help Randomizing heap placement makes heap exploits harder, but it also breaks ancient binaries (including anything libc5 based). -@@ -1573,7 +1578,6 @@ +@@ -1620,7 +1625,6 @@ endchoice config SLAB_MERGE_DEFAULT bool "Allow slab caches to be merged" @@ -1095,7 +1267,7 @@ diff -Nur a/init/Kconfig b/init/Kconfig help For reduced kernel memory fragmentation, slab caches can be merged when they share the same size and other characteristics. -@@ -1586,9 +1590,9 @@ +@@ -1633,9 +1637,9 @@ config SLAB_MERGE_DEFAULT command line. config SLAB_FREELIST_RANDOM @@ -1106,7 +1278,7 @@ diff -Nur a/init/Kconfig b/init/Kconfig help Randomizes the freelist order used on creating new pages. This security feature reduces the predictability of the kernel slab -@@ -1597,12 +1601,56 @@ +@@ -1644,12 +1648,56 @@ config SLAB_FREELIST_RANDOM config SLAB_FREELIST_HARDENED bool "Harden slab freelist metadata" depends on SLUB @@ -1163,10 +1335,11 @@ diff -Nur a/init/Kconfig b/init/Kconfig config SLUB_CPU_PARTIAL default y depends on SLUB && SMP -diff -Nur a/kernel/audit.c b/kernel/audit.c ---- a/kernel/audit.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/kernel/audit.c 2018-05-22 19:56:23.704072035 +0100 -@@ -1578,6 +1578,9 @@ +diff --git a/kernel/audit.c b/kernel/audit.c +index e7478cb58079..69be132956df 100644 +--- a/kernel/audit.c ++++ b/kernel/audit.c +@@ -1631,6 +1631,9 @@ static int __init audit_enable(char *str) if (audit_default == AUDIT_OFF) audit_initialized = AUDIT_DISABLED; @@ -1174,12 +1347,13 @@ diff -Nur a/kernel/audit.c b/kernel/audit.c + audit_initialized = AUDIT_UNINITIALIZED; + if (audit_set_enabled(audit_default)) - panic("audit: error setting audit state (%d)\n", audit_default); - -diff -Nur a/kernel/bpf/core.c b/kernel/bpf/core.c ---- a/kernel/bpf/core.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/kernel/bpf/core.c 2018-05-22 19:56:23.705072067 +0100 -@@ -302,7 +302,7 @@ + pr_err("audit: error setting audit state (%d)\n", + audit_default); +diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c +index 1e5625d46414..71cac92b6629 100644 +--- a/kernel/bpf/core.c ++++ b/kernel/bpf/core.c +@@ -367,7 +367,7 @@ void bpf_prog_kallsyms_del_all(struct bpf_prog *fp) #ifdef CONFIG_BPF_JIT /* All BPF JIT sysctl knobs here. */ int bpf_jit_enable __read_mostly = IS_BUILTIN(CONFIG_BPF_JIT_ALWAYS_ON); @@ -1188,10 +1362,11 @@ diff -Nur a/kernel/bpf/core.c b/kernel/bpf/core.c int bpf_jit_kallsyms __read_mostly; static __always_inline void -diff -Nur a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c ---- a/kernel/bpf/syscall.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/kernel/bpf/syscall.c 2018-05-22 19:56:23.705072067 +0100 -@@ -42,7 +42,7 @@ +diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c +index a31a1ba0f8ea..1d5093b51c63 100644 +--- a/kernel/bpf/syscall.c ++++ b/kernel/bpf/syscall.c +@@ -48,7 +48,7 @@ static DEFINE_SPINLOCK(prog_idr_lock); static DEFINE_IDR(map_idr); static DEFINE_SPINLOCK(map_idr_lock); @@ -1200,10 +1375,11 @@ diff -Nur a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c static const struct bpf_map_ops * const bpf_map_types[] = { #define BPF_PROG_TYPE(_id, _ops) -diff -Nur a/kernel/capability.c b/kernel/capability.c ---- a/kernel/capability.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/kernel/capability.c 2018-05-22 19:56:23.705072067 +0100 -@@ -431,6 +431,12 @@ +diff --git a/kernel/capability.c b/kernel/capability.c +index 1e1c0236f55b..452062fe45ce 100644 +--- a/kernel/capability.c ++++ b/kernel/capability.c +@@ -431,6 +431,12 @@ bool capable(int cap) return ns_capable(&init_user_ns, cap); } EXPORT_SYMBOL(capable); @@ -1216,10 +1392,11 @@ diff -Nur a/kernel/capability.c b/kernel/capability.c #endif /* CONFIG_MULTIUSER */ /** -diff -Nur a/kernel/events/core.c b/kernel/events/core.c ---- a/kernel/events/core.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/kernel/events/core.c 2018-05-22 19:56:23.707072133 +0100 -@@ -397,8 +397,13 @@ +diff --git a/kernel/events/core.c b/kernel/events/core.c +index eec2d5fb676b..9040756bbb0a 100644 +--- a/kernel/events/core.c ++++ b/kernel/events/core.c +@@ -397,8 +397,13 @@ static cpumask_var_t perf_online_mask; * 0 - disallow raw tracepoint access for unpriv * 1 - disallow cpu events for unpriv * 2 - disallow kernel profiling for unpriv @@ -1233,7 +1410,7 @@ diff -Nur a/kernel/events/core.c b/kernel/events/core.c /* Minimum for 512 kiB + 1 user control page */ int sysctl_perf_event_mlock __read_mostly = 512 + (PAGE_SIZE / 1024); /* 'free' kiB per user */ -@@ -9921,6 +9926,9 @@ +@@ -10408,6 +10413,9 @@ SYSCALL_DEFINE5(perf_event_open, if (flags & ~PERF_FLAG_ALL) return -EINVAL; @@ -1243,9 +1420,10 @@ diff -Nur a/kernel/events/core.c b/kernel/events/core.c err = perf_copy_attr(attr_uptr, &attr); if (err) return err; -diff -Nur a/kernel/fork.c b/kernel/fork.c ---- a/kernel/fork.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/kernel/fork.c 2018-05-22 19:56:23.708072166 +0100 +diff --git a/kernel/fork.c b/kernel/fork.c +index 1b27babc4c78..a88dd3ccd31c 100644 +--- a/kernel/fork.c ++++ b/kernel/fork.c @@ -103,6 +103,11 @@ #define CREATE_TRACE_POINTS @@ -1258,7 +1436,7 @@ diff -Nur a/kernel/fork.c b/kernel/fork.c /* * Minimum number of threads to boot the kernel -@@ -1591,6 +1596,10 @@ +@@ -1624,6 +1629,10 @@ static __latent_entropy struct task_struct *copy_process( if ((clone_flags & (CLONE_NEWUSER|CLONE_FS)) == (CLONE_NEWUSER|CLONE_FS)) return ERR_PTR(-EINVAL); @@ -1269,7 +1447,7 @@ diff -Nur a/kernel/fork.c b/kernel/fork.c /* * Thread groups must share signals as well, and detached threads * can only be started up within the thread group. -@@ -2385,6 +2394,12 @@ +@@ -2420,6 +2429,12 @@ int ksys_unshare(unsigned long unshare_flags) if (unshare_flags & CLONE_NEWNS) unshare_flags |= CLONE_FS; @@ -1282,10 +1460,11 @@ diff -Nur a/kernel/fork.c b/kernel/fork.c err = check_unshare_flags(unshare_flags); if (err) goto bad_unshare_out; -diff -Nur a/kernel/power/snapshot.c b/kernel/power/snapshot.c ---- a/kernel/power/snapshot.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/kernel/power/snapshot.c 2018-05-22 19:56:23.708072166 +0100 -@@ -1138,7 +1138,7 @@ +diff --git a/kernel/power/snapshot.c b/kernel/power/snapshot.c +index 3d37c279c090..0789ca413f09 100644 +--- a/kernel/power/snapshot.c ++++ b/kernel/power/snapshot.c +@@ -1138,7 +1138,7 @@ void free_basic_memory_bitmaps(void) void clear_free_pages(void) { @@ -1294,7 +1473,7 @@ diff -Nur a/kernel/power/snapshot.c b/kernel/power/snapshot.c struct memory_bitmap *bm = free_pages_map; unsigned long pfn; -@@ -1155,7 +1155,7 @@ +@@ -1155,7 +1155,7 @@ void clear_free_pages(void) } memory_bm_position_reset(bm); pr_info("free pages cleared after restore\n"); @@ -1303,10 +1482,11 @@ diff -Nur a/kernel/power/snapshot.c b/kernel/power/snapshot.c } /** -diff -Nur a/kernel/rcu/tiny.c b/kernel/rcu/tiny.c ---- a/kernel/rcu/tiny.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/kernel/rcu/tiny.c 2018-05-22 19:56:23.708072166 +0100 -@@ -164,7 +164,7 @@ +diff --git a/kernel/rcu/tiny.c b/kernel/rcu/tiny.c +index a64eee0db39e..4d7de378fe4c 100644 +--- a/kernel/rcu/tiny.c ++++ b/kernel/rcu/tiny.c +@@ -164,7 +164,7 @@ static void __rcu_process_callbacks(struct rcu_ctrlblk *rcp) } } @@ -1315,10 +1495,11 @@ diff -Nur a/kernel/rcu/tiny.c b/kernel/rcu/tiny.c { __rcu_process_callbacks(&rcu_sched_ctrlblk); __rcu_process_callbacks(&rcu_bh_ctrlblk); -diff -Nur a/kernel/rcu/tree.c b/kernel/rcu/tree.c ---- a/kernel/rcu/tree.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/kernel/rcu/tree.c 2018-05-22 19:56:23.709072199 +0100 -@@ -2906,7 +2906,7 @@ +diff --git a/kernel/rcu/tree.c b/kernel/rcu/tree.c +index aa7cade1b9f3..d6be47e1c86f 100644 +--- a/kernel/rcu/tree.c ++++ b/kernel/rcu/tree.c +@@ -2791,7 +2791,7 @@ __rcu_process_callbacks(struct rcu_state *rsp) /* * Do RCU core processing for the current CPU. */ @@ -1327,10 +1508,11 @@ diff -Nur a/kernel/rcu/tree.c b/kernel/rcu/tree.c { struct rcu_state *rsp; -diff -Nur a/kernel/sched/fair.c b/kernel/sched/fair.c ---- a/kernel/sched/fair.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/kernel/sched/fair.c 2018-05-22 19:56:23.711072264 +0100 -@@ -9387,7 +9387,7 @@ +diff --git a/kernel/sched/fair.c b/kernel/sched/fair.c +index 9c219f7b0970..963a68e64593 100644 +--- a/kernel/sched/fair.c ++++ b/kernel/sched/fair.c +@@ -9862,7 +9862,7 @@ static int idle_balance(struct rq *this_rq, struct rq_flags *rf) * run_rebalance_domains is triggered when needed from the scheduler tick. * Also triggered for nohz idle balancing (with nohz_balancing_kick set). */ @@ -1339,11 +1521,12 @@ diff -Nur a/kernel/sched/fair.c b/kernel/sched/fair.c { struct rq *this_rq = this_rq(); enum cpu_idle_type idle = this_rq->idle_balance ? -diff -Nur a/kernel/softirq.c b/kernel/softirq.c ---- a/kernel/softirq.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/kernel/softirq.c 2018-05-22 19:56:23.711072264 +0100 -@@ -53,7 +53,7 @@ - EXPORT_SYMBOL(irq_stat); +diff --git a/kernel/softirq.c b/kernel/softirq.c +index 6f584861d329..1943fe60f3b9 100644 +--- a/kernel/softirq.c ++++ b/kernel/softirq.c +@@ -53,7 +53,7 @@ DEFINE_PER_CPU_ALIGNED(irq_cpustat_t, irq_stat); + EXPORT_PER_CPU_SYMBOL(irq_stat); #endif -static struct softirq_action softirq_vec[NR_SOFTIRQS] __cacheline_aligned_in_smp; @@ -1351,7 +1534,7 @@ diff -Nur a/kernel/softirq.c b/kernel/softirq.c DEFINE_PER_CPU(struct task_struct *, ksoftirqd); -@@ -282,7 +282,7 @@ +@@ -289,7 +289,7 @@ asmlinkage __visible void __softirq_entry __do_softirq(void) kstat_incr_softirqs_this_cpu(vec_nr); trace_softirq_entry(vec_nr); @@ -1360,7 +1543,7 @@ diff -Nur a/kernel/softirq.c b/kernel/softirq.c trace_softirq_exit(vec_nr); if (unlikely(prev_count != preempt_count())) { pr_err("huh, entered softirq %u %s %p with preempt_count %08x, exited with %08x?\n", -@@ -444,7 +444,7 @@ +@@ -451,7 +451,7 @@ void __raise_softirq_irqoff(unsigned int nr) or_softirq_pending(1UL << nr); } @@ -1369,28 +1552,48 @@ diff -Nur a/kernel/softirq.c b/kernel/softirq.c { softirq_vec[nr].action = action; } -@@ -486,7 +486,7 @@ +@@ -497,8 +497,7 @@ void __tasklet_hi_schedule(struct tasklet_struct *t) } EXPORT_SYMBOL(__tasklet_hi_schedule); --static __latent_entropy void tasklet_action(struct softirq_action *a) -+static __latent_entropy void tasklet_action(void) +-static void tasklet_action_common(struct softirq_action *a, +- struct tasklet_head *tl_head, ++static void tasklet_action_common(struct tasklet_head *tl_head, + unsigned int softirq_nr) { struct tasklet_struct *list; - -@@ -522,7 +522,7 @@ +@@ -535,14 +534,14 @@ static void tasklet_action_common(struct softirq_action *a, } } +-static __latent_entropy void tasklet_action(struct softirq_action *a) ++static __latent_entropy void tasklet_action(void) + { +- tasklet_action_common(a, this_cpu_ptr(&tasklet_vec), TASKLET_SOFTIRQ); ++ tasklet_action_common(this_cpu_ptr(&tasklet_vec), TASKLET_SOFTIRQ); + } + -static __latent_entropy void tasklet_hi_action(struct softirq_action *a) +static __latent_entropy void tasklet_hi_action(void) { - struct tasklet_struct *list; +- tasklet_action_common(a, this_cpu_ptr(&tasklet_hi_vec), HI_SOFTIRQ); ++ tasklet_action_common(this_cpu_ptr(&tasklet_hi_vec), HI_SOFTIRQ); + } -diff -Nur a/kernel/sysctl.c b/kernel/sysctl.c ---- a/kernel/sysctl.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/kernel/sysctl.c 2018-05-22 19:56:23.711072264 +0100 -@@ -99,12 +99,19 @@ + void tasklet_init(struct tasklet_struct *t, +diff --git a/kernel/sysctl.c b/kernel/sysctl.c +index 2d9837c0aff4..852fea68d574 100644 +--- a/kernel/sysctl.c ++++ b/kernel/sysctl.c +@@ -67,6 +67,7 @@ + #include <linux/bpf.h> + #include <linux/mount.h> + #include <linux/pipe_fs_i.h> ++#include <linux/tty.h> + + #include <linux/uaccess.h> + #include <asm/processor.h> +@@ -99,12 +100,19 @@ #if defined(CONFIG_SYSCTL) /* External variables not in a header file. */ @@ -1410,7 +1613,7 @@ diff -Nur a/kernel/sysctl.c b/kernel/sysctl.c extern int pid_max; extern int pid_max_min, pid_max_max; extern int percpu_pagelist_fraction; -@@ -116,40 +123,43 @@ +@@ -116,40 +124,43 @@ extern int sysctl_nr_trim_pages; /* Constants used for minimum and maximum */ #ifdef CONFIG_LOCKUP_DETECTOR @@ -1469,7 +1672,7 @@ diff -Nur a/kernel/sysctl.c b/kernel/sysctl.c #ifdef CONFIG_INOTIFY_USER #include <linux/inotify.h> #endif -@@ -289,19 +299,19 @@ +@@ -293,19 +304,19 @@ static struct ctl_table sysctl_base_table[] = { }; #ifdef CONFIG_SCHED_DEBUG @@ -1497,7 +1700,7 @@ diff -Nur a/kernel/sysctl.c b/kernel/sysctl.c #endif static struct ctl_table kern_table[] = { -@@ -515,6 +525,15 @@ +@@ -519,6 +530,15 @@ static struct ctl_table kern_table[] = { .proc_handler = proc_dointvec, }, #endif @@ -1513,10 +1716,23 @@ diff -Nur a/kernel/sysctl.c b/kernel/sysctl.c #ifdef CONFIG_PROC_SYSCTL { .procname = "tainted", -@@ -858,6 +877,26 @@ +@@ -867,6 +887,37 @@ static struct ctl_table kern_table[] = { + .extra1 = &zero, + .extra2 = &two, }, - #endif - { ++#endif ++#if defined CONFIG_TTY ++ { ++ .procname = "tiocsti_restrict", ++ .data = &tiocsti_restrict, ++ .maxlen = sizeof(int), ++ .mode = 0644, ++ .proc_handler = proc_dointvec_minmax_sysadmin, ++ .extra1 = &zero, ++ .extra2 = &one, ++ }, ++#endif ++ { + .procname = "device_sidechannel_restrict", + .data = &device_sidechannel_restrict, + .maxlen = sizeof(int), @@ -1535,15 +1751,14 @@ diff -Nur a/kernel/sysctl.c b/kernel/sysctl.c + .extra1 = &zero, + .extra2 = &one, + }, -+#endif -+ { + #endif + { .procname = "ngroups_max", - .data = &ngroups_max, - .maxlen = sizeof (int), -diff -Nur a/kernel/time/hrtimer.c b/kernel/time/hrtimer.c ---- a/kernel/time/hrtimer.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/kernel/time/hrtimer.c 2018-05-22 19:56:23.712072297 +0100 -@@ -1413,7 +1413,7 @@ +diff --git a/kernel/time/hrtimer.c b/kernel/time/hrtimer.c +index 3e93c54bd3a1..0fed811ed850 100644 +--- a/kernel/time/hrtimer.c ++++ b/kernel/time/hrtimer.c +@@ -1462,7 +1462,7 @@ static void __hrtimer_run_queues(struct hrtimer_cpu_base *cpu_base, ktime_t now, } } @@ -1552,10 +1767,11 @@ diff -Nur a/kernel/time/hrtimer.c b/kernel/time/hrtimer.c { struct hrtimer_cpu_base *cpu_base = this_cpu_ptr(&hrtimer_bases); unsigned long flags; -diff -Nur a/kernel/time/timer.c b/kernel/time/timer.c ---- a/kernel/time/timer.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/kernel/time/timer.c 2018-05-22 19:56:23.712072297 +0100 -@@ -1672,7 +1672,7 @@ +diff --git a/kernel/time/timer.c b/kernel/time/timer.c +index cc2d23e6ff61..438be7646454 100644 +--- a/kernel/time/timer.c ++++ b/kernel/time/timer.c +@@ -1672,7 +1672,7 @@ static inline void __run_timers(struct timer_base *base) /* * This function runs timers and the timer-tq in bottom half context. */ @@ -1564,9 +1780,10 @@ diff -Nur a/kernel/time/timer.c b/kernel/time/timer.c { struct timer_base *base = this_cpu_ptr(&timer_bases[BASE_STD]); -diff -Nur a/kernel/user_namespace.c b/kernel/user_namespace.c ---- a/kernel/user_namespace.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/kernel/user_namespace.c 2018-05-22 19:56:23.713072330 +0100 +diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c +index c3d7583fcd21..6ee37e516869 100644 +--- a/kernel/user_namespace.c ++++ b/kernel/user_namespace.c @@ -26,6 +26,9 @@ #include <linux/bsearch.h> #include <linux/sort.h> @@ -1577,22 +1794,11 @@ diff -Nur a/kernel/user_namespace.c b/kernel/user_namespace.c static struct kmem_cache *user_ns_cachep __read_mostly; static DEFINE_MUTEX(userns_state_mutex); -diff -Nur a/lib/irq_poll.c b/lib/irq_poll.c ---- a/lib/irq_poll.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/lib/irq_poll.c 2018-05-22 19:56:23.713072330 +0100 -@@ -75,7 +75,7 @@ - } - EXPORT_SYMBOL(irq_poll_complete); - --static void __latent_entropy irq_poll_softirq(struct softirq_action *h) -+static void __latent_entropy irq_poll_softirq(void) - { - struct list_head *list = this_cpu_ptr(&blk_cpu_iopoll); - int rearm = 0, budget = irq_poll_budget; -diff -Nur a/lib/Kconfig.debug b/lib/Kconfig.debug ---- a/lib/Kconfig.debug 2018-05-22 17:56:31.000000000 +0100 -+++ b/lib/Kconfig.debug 2018-05-22 19:56:23.713072330 +0100 -@@ -945,6 +945,7 @@ +diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug +index 8838d1158d19..a208770a0e9e 100644 +--- a/lib/Kconfig.debug ++++ b/lib/Kconfig.debug +@@ -945,6 +945,7 @@ endmenu # "Debug lockups and hangs" config PANIC_ON_OOPS bool "Panic on Oops" @@ -1600,7 +1806,7 @@ diff -Nur a/lib/Kconfig.debug b/lib/Kconfig.debug help Say Y here to enable the kernel to panic when it oopses. This has the same effect as setting oops=panic on the kernel command -@@ -954,7 +955,7 @@ +@@ -954,7 +955,7 @@ config PANIC_ON_OOPS anything erroneous after an oops which could result in data corruption or other issues. @@ -1609,7 +1815,7 @@ diff -Nur a/lib/Kconfig.debug b/lib/Kconfig.debug config PANIC_ON_OOPS_VALUE int -@@ -1309,6 +1310,7 @@ +@@ -1323,6 +1324,7 @@ config DEBUG_BUGVERBOSE config DEBUG_LIST bool "Debug linked list manipulation" depends on DEBUG_KERNEL || BUG_ON_DATA_CORRUPTION @@ -1617,7 +1823,7 @@ diff -Nur a/lib/Kconfig.debug b/lib/Kconfig.debug help Enable this to turn on extended checks in the linked-list walking routines. -@@ -1949,6 +1951,7 @@ +@@ -1983,6 +1985,7 @@ config MEMTEST config BUG_ON_DATA_CORRUPTION bool "Trigger a BUG when data corruption is detected" select DEBUG_LIST @@ -1625,7 +1831,7 @@ diff -Nur a/lib/Kconfig.debug b/lib/Kconfig.debug help Select this option if the kernel should BUG when it encounters data corruption in kernel memory structures when they get checked -@@ -1988,6 +1991,7 @@ +@@ -2022,6 +2025,7 @@ config STRICT_DEVMEM config IO_STRICT_DEVMEM bool "Filter I/O access to /dev/mem" depends on STRICT_DEVMEM @@ -1633,10 +1839,24 @@ diff -Nur a/lib/Kconfig.debug b/lib/Kconfig.debug ---help--- If this option is disabled, you allow userspace (root) access to all io-memory regardless of whether a driver is actively using that -diff -Nur a/lib/kobject.c b/lib/kobject.c ---- a/lib/kobject.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/lib/kobject.c 2018-05-22 19:56:23.713072330 +0100 -@@ -954,9 +954,9 @@ +diff --git a/lib/irq_poll.c b/lib/irq_poll.c +index 86a709954f5a..6f15787fcb1b 100644 +--- a/lib/irq_poll.c ++++ b/lib/irq_poll.c +@@ -75,7 +75,7 @@ void irq_poll_complete(struct irq_poll *iop) + } + EXPORT_SYMBOL(irq_poll_complete); + +-static void __latent_entropy irq_poll_softirq(struct softirq_action *h) ++static void __latent_entropy irq_poll_softirq(void) + { + struct list_head *list = this_cpu_ptr(&blk_cpu_iopoll); + int rearm = 0, budget = irq_poll_budget; +diff --git a/lib/kobject.c b/lib/kobject.c +index 18989b5b3b56..bd46da8243a6 100644 +--- a/lib/kobject.c ++++ b/lib/kobject.c +@@ -952,9 +952,9 @@ EXPORT_SYMBOL_GPL(kset_create_and_add); static DEFINE_SPINLOCK(kobj_ns_type_lock); @@ -1648,10 +1868,11 @@ diff -Nur a/lib/kobject.c b/lib/kobject.c { enum kobj_ns_type type = ops->type; int error; -diff -Nur a/lib/nlattr.c b/lib/nlattr.c ---- a/lib/nlattr.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/lib/nlattr.c 2018-05-22 19:56:23.714072363 +0100 -@@ -364,6 +364,8 @@ +diff --git a/lib/nlattr.c b/lib/nlattr.c +index dfa55c873c13..c6b0436f473d 100644 +--- a/lib/nlattr.c ++++ b/lib/nlattr.c +@@ -364,6 +364,8 @@ int nla_memcpy(void *dest, const struct nlattr *src, int count) { int minlen = min_t(int, count, nla_len(src)); @@ -1660,11 +1881,12 @@ diff -Nur a/lib/nlattr.c b/lib/nlattr.c memcpy(dest, nla_data(src), minlen); if (count > minlen) memset(dest + minlen, 0, count - minlen); -diff -Nur a/lib/vsprintf.c b/lib/vsprintf.c ---- a/lib/vsprintf.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/lib/vsprintf.c 2018-05-22 19:56:23.714072363 +0100 -@@ -1344,7 +1344,7 @@ - return string(buf, end, uuid, spec); +diff --git a/lib/vsprintf.c b/lib/vsprintf.c +index a48aaa79d352..a57213b70cad 100644 +--- a/lib/vsprintf.c ++++ b/lib/vsprintf.c +@@ -1371,7 +1371,7 @@ char *pointer_string(char *buf, char *end, const void *ptr, + return number(buf, end, (unsigned long int)ptr, spec); } -int kptr_restrict __read_mostly; @@ -1672,23 +1894,11 @@ diff -Nur a/lib/vsprintf.c b/lib/vsprintf.c static noinline_for_stack char *restricted_pointer(char *buf, char *end, const void *ptr, -diff -Nur a/Makefile b/Makefile ---- a/Makefile 2018-05-22 17:56:31.000000000 +0100 -+++ b/Makefile 2018-05-22 19:56:23.692071641 +0100 -@@ -734,6 +734,9 @@ - endif - - ifeq ($(cc-name),clang) -+ifdef CONFIG_LOCAL_INIT -+KBUILD_CFLAGS += -fsanitize=local-init -+endif - KBUILD_CPPFLAGS += $(call cc-option,-Qunused-arguments,) - KBUILD_CFLAGS += $(call cc-disable-warning, format-invalid-specifier) - KBUILD_CFLAGS += $(call cc-disable-warning, gnu) -diff -Nur a/mm/Kconfig b/mm/Kconfig ---- a/mm/Kconfig 2018-05-22 17:56:31.000000000 +0100 -+++ b/mm/Kconfig 2018-05-22 19:56:23.714072363 +0100 -@@ -319,7 +319,8 @@ +diff --git a/mm/Kconfig b/mm/Kconfig +index ce95491abd6a..19b62893da3d 100644 +--- a/mm/Kconfig ++++ b/mm/Kconfig +@@ -312,7 +312,8 @@ config KSM config DEFAULT_MMAP_MIN_ADDR int "Low address space to protect from user allocation" depends on MMU @@ -1698,10 +1908,11 @@ diff -Nur a/mm/Kconfig b/mm/Kconfig help This is the portion of low virtual memory which should be protected from userspace allocation. Keeping a user from writing to low pages -diff -Nur a/mm/mmap.c b/mm/mmap.c ---- a/mm/mmap.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/mm/mmap.c 2018-05-22 19:56:23.715072396 +0100 -@@ -220,6 +220,13 @@ +diff --git a/mm/mmap.c b/mm/mmap.c +index 17bbf4d3e24f..40ac799db35b 100644 +--- a/mm/mmap.c ++++ b/mm/mmap.c +@@ -229,6 +229,13 @@ SYSCALL_DEFINE1(brk, unsigned long, brk) newbrk = PAGE_ALIGN(brk); oldbrk = PAGE_ALIGN(mm->brk); @@ -1715,10 +1926,11 @@ diff -Nur a/mm/mmap.c b/mm/mmap.c if (oldbrk == newbrk) goto set_brk; -diff -Nur a/mm/page_alloc.c b/mm/page_alloc.c ---- a/mm/page_alloc.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/mm/page_alloc.c 2018-05-22 19:56:23.716072429 +0100 -@@ -68,6 +68,7 @@ +diff --git a/mm/page_alloc.c b/mm/page_alloc.c +index 3222193c46c6..b8e36bed196d 100644 +--- a/mm/page_alloc.c ++++ b/mm/page_alloc.c +@@ -67,6 +67,7 @@ #include <linux/ftrace.h> #include <linux/lockdep.h> #include <linux/nmi.h> @@ -1726,7 +1938,7 @@ diff -Nur a/mm/page_alloc.c b/mm/page_alloc.c #include <asm/sections.h> #include <asm/tlbflush.h> -@@ -101,6 +102,15 @@ +@@ -100,6 +101,15 @@ int _node_numa_mem_[MAX_NUMNODES]; DEFINE_MUTEX(pcpu_drain_mutex); DEFINE_PER_CPU(struct work_struct, pcpu_drain); @@ -1742,7 +1954,7 @@ diff -Nur a/mm/page_alloc.c b/mm/page_alloc.c #ifdef CONFIG_GCC_PLUGIN_LATENT_ENTROPY volatile unsigned long latent_entropy __latent_entropy; EXPORT_SYMBOL(latent_entropy); -@@ -1069,6 +1079,13 @@ +@@ -1027,6 +1037,13 @@ static __always_inline bool free_pages_prepare(struct page *page, debug_check_no_obj_freed(page_address(page), PAGE_SIZE << order); } @@ -1756,7 +1968,7 @@ diff -Nur a/mm/page_alloc.c b/mm/page_alloc.c arch_free_page(page, order); kernel_poison_pages(page, 1 << order, 0); kernel_map_pages(page, 1 << order, 0); -@@ -1286,6 +1303,21 @@ +@@ -1267,6 +1284,21 @@ static void __init __free_pages_boot_core(struct page *page, unsigned int order) __ClearPageReserved(p); set_page_count(p, 0); @@ -1778,7 +1990,7 @@ diff -Nur a/mm/page_alloc.c b/mm/page_alloc.c page_zone(page)->managed_pages += nr_pages; set_page_refcounted(page); __free_pages(page, order); -@@ -1754,8 +1786,8 @@ +@@ -1855,8 +1887,8 @@ static inline int check_new_page(struct page *page) static inline bool free_pages_prezeroed(void) { @@ -1789,7 +2001,7 @@ diff -Nur a/mm/page_alloc.c b/mm/page_alloc.c } #ifdef CONFIG_DEBUG_VM -@@ -1812,6 +1844,11 @@ +@@ -1913,6 +1945,11 @@ static void prep_new_page(struct page *page, unsigned int order, gfp_t gfp_flags post_alloc_hook(page, order, gfp_flags); @@ -1801,44 +2013,11 @@ diff -Nur a/mm/page_alloc.c b/mm/page_alloc.c if (!free_pages_prezeroed() && (gfp_flags & __GFP_ZERO)) for (i = 0; i < (1 << order); i++) clear_highpage(page + i); -diff -Nur a/mm/slab_common.c b/mm/slab_common.c ---- a/mm/slab_common.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/mm/slab_common.c 2018-05-22 19:56:23.717072461 +0100 -@@ -26,10 +26,10 @@ - - #include "slab.h" - --enum slab_state slab_state; -+enum slab_state slab_state __ro_after_init; - LIST_HEAD(slab_caches); - DEFINE_MUTEX(slab_mutex); --struct kmem_cache *kmem_cache; -+struct kmem_cache *kmem_cache __ro_after_init; - - #ifdef CONFIG_HARDENED_USERCOPY - bool usercopy_fallback __ro_after_init = -@@ -57,7 +57,7 @@ - /* - * Merge control. If this is set then no merging of slab caches will occur. - */ --static bool slab_nomerge = !IS_ENABLED(CONFIG_SLAB_MERGE_DEFAULT); -+static bool slab_nomerge __ro_after_init = !IS_ENABLED(CONFIG_SLAB_MERGE_DEFAULT); - - static int __init setup_slab_nomerge(char *str) - { -@@ -968,7 +968,7 @@ - * of two cache sizes there. The size of larger slabs can be determined using - * fls. - */ --static s8 size_index[24] = { -+static s8 size_index[24] __ro_after_init = { - 3, /* 8 */ - 4, /* 16 */ - 5, /* 24 */ -diff -Nur a/mm/slab.h b/mm/slab.h ---- a/mm/slab.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/mm/slab.h 2018-05-22 19:56:23.717072461 +0100 -@@ -312,7 +312,11 @@ +diff --git a/mm/slab.h b/mm/slab.h +index 68bdf498da3b..079ff5df3b16 100644 +--- a/mm/slab.h ++++ b/mm/slab.h +@@ -313,7 +313,11 @@ static inline bool is_root_cache(struct kmem_cache *s) static inline bool slab_equal_or_root(struct kmem_cache *s, struct kmem_cache *p) { @@ -1850,7 +2029,7 @@ diff -Nur a/mm/slab.h b/mm/slab.h } static inline const char *cache_name(struct kmem_cache *s) -@@ -364,18 +368,26 @@ +@@ -365,18 +369,26 @@ static inline struct kmem_cache *cache_from_obj(struct kmem_cache *s, void *x) * to not do even the assignment. In that case, slab_equal_or_root * will also be a constant. */ @@ -1878,7 +2057,7 @@ diff -Nur a/mm/slab.h b/mm/slab.h return s; } -@@ -400,7 +412,7 @@ +@@ -401,7 +413,7 @@ static inline size_t slab_ksize(const struct kmem_cache *s) * back there or track user information then we can * only use the space before that information. */ @@ -1887,10 +2066,37 @@ diff -Nur a/mm/slab.h b/mm/slab.h return s->inuse; /* * Else we can use all the padding etc for the allocation -diff -Nur a/mm/slub.c b/mm/slub.c ---- a/mm/slub.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/mm/slub.c 2018-05-22 19:56:23.718072494 +0100 -@@ -125,6 +125,16 @@ +diff --git a/mm/slab_common.c b/mm/slab_common.c +index 2296caf87bfb..7abd5a11e12d 100644 +--- a/mm/slab_common.c ++++ b/mm/slab_common.c +@@ -27,10 +27,10 @@ + + #include "slab.h" + +-enum slab_state slab_state; ++enum slab_state slab_state __ro_after_init; + LIST_HEAD(slab_caches); + DEFINE_MUTEX(slab_mutex); +-struct kmem_cache *kmem_cache; ++struct kmem_cache *kmem_cache __ro_after_init; + + #ifdef CONFIG_HARDENED_USERCOPY + bool usercopy_fallback __ro_after_init = +@@ -58,7 +58,7 @@ static DECLARE_WORK(slab_caches_to_rcu_destroy_work, + /* + * Merge control. If this is set then no merging of slab caches will occur. + */ +-static bool slab_nomerge = !IS_ENABLED(CONFIG_SLAB_MERGE_DEFAULT); ++static bool slab_nomerge __ro_after_init = !IS_ENABLED(CONFIG_SLAB_MERGE_DEFAULT); + + static int __init setup_slab_nomerge(char *str) + { +diff --git a/mm/slub.c b/mm/slub.c +index 51258eff4178..075266bfbccf 100644 +--- a/mm/slub.c ++++ b/mm/slub.c +@@ -125,6 +125,16 @@ static inline int kmem_cache_debug(struct kmem_cache *s) #endif } @@ -1907,7 +2113,7 @@ diff -Nur a/mm/slub.c b/mm/slub.c void *fixup_red_left(struct kmem_cache *s, void *p) { if (kmem_cache_debug(s) && s->flags & SLAB_RED_ZONE) -@@ -299,6 +309,35 @@ +@@ -299,6 +309,35 @@ static inline void set_freepointer(struct kmem_cache *s, void *object, void *fp) *(void **)freeptr_addr = freelist_ptr(s, fp, freeptr_addr); } @@ -1943,7 +2149,7 @@ diff -Nur a/mm/slub.c b/mm/slub.c /* Loop over all objects in a slab */ #define for_each_object(__p, __s, __addr, __objects) \ for (__p = fixup_red_left(__s, __addr); \ -@@ -486,13 +525,13 @@ +@@ -471,13 +510,13 @@ static inline void *restore_red_left(struct kmem_cache *s, void *p) * Debug settings: */ #if defined(CONFIG_SLUB_DEBUG_ON) @@ -1961,7 +2167,7 @@ diff -Nur a/mm/slub.c b/mm/slub.c /* * slub is about to manipulate internal object metadata. This memory lies -@@ -552,6 +591,9 @@ +@@ -537,6 +576,9 @@ static struct track *get_track(struct kmem_cache *s, void *object, else p = object + s->inuse; @@ -1971,7 +2177,7 @@ diff -Nur a/mm/slub.c b/mm/slub.c return p + alloc; } -@@ -690,6 +732,9 @@ +@@ -676,6 +718,9 @@ static void print_trailer(struct kmem_cache *s, struct page *page, u8 *p) else off = s->inuse; @@ -1981,7 +2187,7 @@ diff -Nur a/mm/slub.c b/mm/slub.c if (s->flags & SLAB_STORE_USER) off += 2 * sizeof(struct track); -@@ -819,6 +864,9 @@ +@@ -805,6 +850,9 @@ static int check_pad_bytes(struct kmem_cache *s, struct page *page, u8 *p) /* Freepointer is placed after the object. */ off += sizeof(void *); @@ -1991,7 +2197,7 @@ diff -Nur a/mm/slub.c b/mm/slub.c if (s->flags & SLAB_STORE_USER) /* We also have user information there */ off += 2 * sizeof(struct track); -@@ -1420,8 +1468,9 @@ +@@ -1419,8 +1467,9 @@ static void setup_object(struct kmem_cache *s, struct page *page, void *object) { setup_object_debug(s, page, object); @@ -2002,7 +2208,7 @@ diff -Nur a/mm/slub.c b/mm/slub.c kasan_unpoison_object_data(s, object); s->ctor(object); kasan_poison_object_data(s, object); -@@ -2719,9 +2768,21 @@ +@@ -2702,9 +2751,21 @@ static __always_inline void *slab_alloc_node(struct kmem_cache *s, stat(s, ALLOC_FASTPATH); } @@ -2025,7 +2231,7 @@ diff -Nur a/mm/slub.c b/mm/slub.c slab_post_alloc_hook(s, gfpflags, 1, &object); return object; -@@ -2928,6 +2989,27 @@ +@@ -2911,6 +2972,27 @@ static __always_inline void do_slab_free(struct kmem_cache *s, void *tail_obj = tail ? : head; struct kmem_cache_cpu *c; unsigned long tid; @@ -2053,7 +2259,7 @@ diff -Nur a/mm/slub.c b/mm/slub.c redo: /* * Determine the currently cpus per cpu slab. -@@ -3106,7 +3188,7 @@ +@@ -3087,7 +3169,7 @@ int kmem_cache_alloc_bulk(struct kmem_cache *s, gfp_t flags, size_t size, void **p) { struct kmem_cache_cpu *c; @@ -2062,7 +2268,7 @@ diff -Nur a/mm/slub.c b/mm/slub.c /* memcg and kmem_cache debug support */ s = slab_pre_alloc_hook(s, flags); -@@ -3143,13 +3225,29 @@ +@@ -3124,13 +3206,29 @@ int kmem_cache_alloc_bulk(struct kmem_cache *s, gfp_t flags, size_t size, local_irq_enable(); /* Clear memory outside IRQ disabled fastpath loop */ @@ -2093,20 +2299,20 @@ diff -Nur a/mm/slub.c b/mm/slub.c /* memcg and kmem_cache debug support */ slab_post_alloc_hook(s, flags, size, p); return i; -@@ -3181,9 +3279,9 @@ +@@ -3162,9 +3260,9 @@ EXPORT_SYMBOL(kmem_cache_alloc_bulk); * and increases the number of allocations possible without having to * take the list_lock. */ --static int slub_min_order; --static int slub_max_order = PAGE_ALLOC_COSTLY_ORDER; --static int slub_min_objects; -+static int slub_min_order __ro_after_init; -+static int slub_max_order __ro_after_init = PAGE_ALLOC_COSTLY_ORDER; -+static int slub_min_objects __ro_after_init; +-static unsigned int slub_min_order; +-static unsigned int slub_max_order = PAGE_ALLOC_COSTLY_ORDER; +-static unsigned int slub_min_objects; ++static unsigned int slub_min_order __ro_after_init; ++static unsigned int slub_max_order __ro_after_init = PAGE_ALLOC_COSTLY_ORDER; ++static unsigned int slub_min_objects __ro_after_init; /* * Calculate the order of allocation given an slab object size. -@@ -3353,6 +3451,7 @@ +@@ -3336,6 +3434,7 @@ static void early_kmem_cache_node_alloc(int node) init_object(kmem_cache_node, n, SLUB_RED_ACTIVE); init_tracking(kmem_cache_node, n); #endif @@ -2114,7 +2320,7 @@ diff -Nur a/mm/slub.c b/mm/slub.c kasan_kmalloc(kmem_cache_node, n, sizeof(struct kmem_cache_node), GFP_KERNEL); init_kmem_cache_node(n); -@@ -3509,6 +3608,9 @@ +@@ -3492,6 +3591,9 @@ static int calculate_sizes(struct kmem_cache *s, int forced_order) size += sizeof(void *); } @@ -2124,7 +2330,7 @@ diff -Nur a/mm/slub.c b/mm/slub.c #ifdef CONFIG_SLUB_DEBUG if (flags & SLAB_STORE_USER) /* -@@ -3579,6 +3681,10 @@ +@@ -3561,6 +3663,10 @@ static int kmem_cache_open(struct kmem_cache *s, slab_flags_t flags) #ifdef CONFIG_SLAB_FREELIST_HARDENED s->random = get_random_long(); #endif @@ -2133,9 +2339,9 @@ diff -Nur a/mm/slub.c b/mm/slub.c + s->random_inactive = get_random_long(); +#endif - if (need_reserve_slab_rcu && (s->flags & SLAB_TYPESAFE_BY_RCU)) - s->reserved = sizeof(struct rcu_head); -@@ -3846,6 +3952,8 @@ + if (!calculate_sizes(s, -1)) + goto error; +@@ -3837,6 +3943,8 @@ void __check_heap_object(const void *ptr, unsigned long n, struct page *page, offset -= s->red_left_pad; } @@ -2144,7 +2350,7 @@ diff -Nur a/mm/slub.c b/mm/slub.c /* Allow address range falling entirely within usercopy region. */ if (offset >= s->useroffset && offset - s->useroffset <= s->usersize && -@@ -3879,7 +3987,11 @@ +@@ -3870,7 +3978,11 @@ static size_t __ksize(const void *object) page = virt_to_head_page(object); if (unlikely(!PageSlab(page))) { @@ -2156,7 +2362,7 @@ diff -Nur a/mm/slub.c b/mm/slub.c return PAGE_SIZE << compound_order(page); } -@@ -4744,7 +4856,7 @@ +@@ -4730,7 +4842,7 @@ enum slab_stat_type { #define SO_TOTAL (1 << SL_TOTAL) #ifdef CONFIG_MEMCG @@ -2165,10 +2371,11 @@ diff -Nur a/mm/slub.c b/mm/slub.c static int __init setup_slub_memcg_sysfs(char *str) { -diff -Nur a/mm/swap.c b/mm/swap.c ---- a/mm/swap.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/mm/swap.c 2018-05-22 19:56:23.718072494 +0100 -@@ -92,6 +92,13 @@ +diff --git a/mm/swap.c b/mm/swap.c +index 26fc9b5f1b6c..7c9312ca8982 100644 +--- a/mm/swap.c ++++ b/mm/swap.c +@@ -93,6 +93,13 @@ static void __put_compound_page(struct page *page) if (!PageHuge(page)) __page_cache_release(page); dtor = get_compound_page_dtor(page); @@ -2182,10 +2389,11 @@ diff -Nur a/mm/swap.c b/mm/swap.c (*dtor)(page); } -diff -Nur a/net/core/dev.c b/net/core/dev.c ---- a/net/core/dev.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/net/core/dev.c 2018-05-22 19:56:23.720072560 +0100 -@@ -4196,7 +4196,7 @@ +diff --git a/net/core/dev.c b/net/core/dev.c +index 559a91271f82..1e3b8deea1a7 100644 +--- a/net/core/dev.c ++++ b/net/core/dev.c +@@ -4259,7 +4259,7 @@ int netif_rx_ni(struct sk_buff *skb) } EXPORT_SYMBOL(netif_rx_ni); @@ -2194,7 +2402,7 @@ diff -Nur a/net/core/dev.c b/net/core/dev.c { struct softnet_data *sd = this_cpu_ptr(&softnet_data); -@@ -5745,7 +5745,7 @@ +@@ -5811,7 +5811,7 @@ static int napi_poll(struct napi_struct *n, struct list_head *repoll) return work; } @@ -2203,10 +2411,11 @@ diff -Nur a/net/core/dev.c b/net/core/dev.c { struct softnet_data *sd = this_cpu_ptr(&softnet_data); unsigned long time_limit = jiffies + -diff -Nur a/net/ipv4/Kconfig b/net/ipv4/Kconfig ---- a/net/ipv4/Kconfig 2018-05-22 17:56:31.000000000 +0100 -+++ b/net/ipv4/Kconfig 2018-05-22 19:56:23.720072560 +0100 -@@ -261,6 +261,7 @@ +diff --git a/net/ipv4/Kconfig b/net/ipv4/Kconfig +index 80dad301361d..0c85c2a29ac1 100644 +--- a/net/ipv4/Kconfig ++++ b/net/ipv4/Kconfig +@@ -266,6 +266,7 @@ config IP_PIMSM_V2 config SYN_COOKIES bool "IP: TCP syncookie support" @@ -2214,10 +2423,11 @@ diff -Nur a/net/ipv4/Kconfig b/net/ipv4/Kconfig ---help--- Normal TCP/IP networking is open to an attack known as "SYN flooding". This denial-of-service attack prevents legitimate remote -diff -Nur a/scripts/mod/modpost.c b/scripts/mod/modpost.c ---- a/scripts/mod/modpost.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/scripts/mod/modpost.c 2018-05-22 19:56:23.721072593 +0100 -@@ -37,6 +37,7 @@ +diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c +index 1663fb19343a..4b44744fc1be 100644 +--- a/scripts/mod/modpost.c ++++ b/scripts/mod/modpost.c +@@ -35,6 +35,7 @@ static int vmlinux_section_warnings = 1; static int warn_unresolved = 0; /* How a symbol is exported */ static int sec_mismatch_count = 0; @@ -2225,7 +2435,7 @@ diff -Nur a/scripts/mod/modpost.c b/scripts/mod/modpost.c static int sec_mismatch_verbose = 1; static int sec_mismatch_fatal = 0; /* ignore missing files */ -@@ -965,6 +966,7 @@ +@@ -954,6 +955,7 @@ enum mismatch { ANY_EXIT_TO_ANY_INIT, EXPORT_TO_INIT_EXIT, EXTABLE_TO_NON_TEXT, @@ -2233,7 +2443,7 @@ diff -Nur a/scripts/mod/modpost.c b/scripts/mod/modpost.c }; /** -@@ -1091,6 +1093,12 @@ +@@ -1080,6 +1082,12 @@ static const struct sectioncheck sectioncheck[] = { .good_tosec = {ALL_TEXT_SECTIONS , NULL}, .mismatch = EXTABLE_TO_NON_TEXT, .handler = extable_mismatch_handler, @@ -2246,7 +2456,7 @@ diff -Nur a/scripts/mod/modpost.c b/scripts/mod/modpost.c } }; -@@ -1240,10 +1248,10 @@ +@@ -1229,10 +1237,10 @@ static Elf_Sym *find_elf_symbol(struct elf_info *elf, Elf64_Sword addr, continue; if (ELF_ST_TYPE(sym->st_info) == STT_SECTION) continue; @@ -2259,7 +2469,7 @@ diff -Nur a/scripts/mod/modpost.c b/scripts/mod/modpost.c if (d < 0) d = addr - sym->st_value; if (d < distance) { -@@ -1402,7 +1410,11 @@ +@@ -1391,7 +1399,11 @@ static void report_sec_mismatch(const char *modname, char *prl_from; char *prl_to; @@ -2272,7 +2482,7 @@ diff -Nur a/scripts/mod/modpost.c b/scripts/mod/modpost.c if (!sec_mismatch_verbose) return; -@@ -1526,6 +1538,14 @@ +@@ -1515,6 +1527,14 @@ static void report_sec_mismatch(const char *modname, fatal("There's a special handler for this mismatch type, " "we should never get here."); break; @@ -2287,7 +2497,7 @@ diff -Nur a/scripts/mod/modpost.c b/scripts/mod/modpost.c } fprintf(stderr, "\n"); } -@@ -2539,6 +2559,14 @@ +@@ -2523,6 +2543,14 @@ int main(int argc, char **argv) } } free(buf.p); @@ -2302,10 +2512,11 @@ diff -Nur a/scripts/mod/modpost.c b/scripts/mod/modpost.c return err; } -diff -Nur a/security/Kconfig b/security/Kconfig ---- a/security/Kconfig 2018-05-22 17:56:31.000000000 +0100 -+++ b/security/Kconfig 2018-05-22 19:56:23.721072593 +0100 -@@ -8,7 +8,7 @@ +diff --git a/security/Kconfig b/security/Kconfig +index c4302067a3ad..f5f5ff98e6b8 100644 +--- a/security/Kconfig ++++ b/security/Kconfig +@@ -8,7 +8,7 @@ source security/keys/Kconfig config SECURITY_DMESG_RESTRICT bool "Restrict unprivileged access to the kernel syslog" @@ -2314,7 +2525,7 @@ diff -Nur a/security/Kconfig b/security/Kconfig help This enforces restrictions on unprivileged users reading the kernel syslog via dmesg(8). -@@ -18,10 +18,21 @@ +@@ -18,10 +18,34 @@ config SECURITY_DMESG_RESTRICT If you are unsure how to answer this question, answer N. @@ -2328,6 +2539,19 @@ diff -Nur a/security/Kconfig b/security/Kconfig + perf_event_open syscall will be permitted unless it is + changed. + ++config SECURITY_TIOCSTI_RESTRICT ++ bool "Restrict unprivileged use of tiocsti command injection" ++ default y ++ help ++ This enforces restrictions on unprivileged users injecting commands ++ into other processes which share a tty session using the TIOCSTI ++ ioctl. This option makes TIOCSTI use require CAP_SYS_ADMIN. ++ ++ If this option is not selected, no restrictions will be enforced ++ unless the tiocsti_restrict sysctl is explicitly set to (1). ++ ++ If you are unsure how to answer this question, answer N. ++ config SECURITY bool "Enable different security models" depends on SYSFS @@ -2336,7 +2560,7 @@ diff -Nur a/security/Kconfig b/security/Kconfig help This allows you to choose different security modules to be configured into your kernel. -@@ -48,6 +59,7 @@ +@@ -48,6 +72,7 @@ config SECURITYFS config SECURITY_NETWORK bool "Socket and Networking Security Hooks" depends on SECURITY @@ -2344,7 +2568,7 @@ diff -Nur a/security/Kconfig b/security/Kconfig help This enables the socket and networking security hooks. If enabled, a security module can use these hooks to -@@ -155,6 +167,7 @@ +@@ -155,6 +180,7 @@ config HARDENED_USERCOPY depends on HAVE_HARDENED_USERCOPY_ALLOCATOR select BUG imply STRICT_DEVMEM @@ -2352,7 +2576,7 @@ diff -Nur a/security/Kconfig b/security/Kconfig help This option checks for obviously wrong memory regions when copying memory to/from the kernel (via copy_to_user() and -@@ -167,7 +180,6 @@ +@@ -167,7 +193,6 @@ config HARDENED_USERCOPY config HARDENED_USERCOPY_FALLBACK bool "Allow usercopy whitelist violations to fallback to object size" depends on HARDENED_USERCOPY @@ -2360,7 +2584,7 @@ diff -Nur a/security/Kconfig b/security/Kconfig help This is a temporary option that allows missing usercopy whitelists to be discovered via a WARN() to the kernel log, instead of -@@ -192,10 +204,36 @@ +@@ -192,10 +217,36 @@ config HARDENED_USERCOPY_PAGESPAN config FORTIFY_SOURCE bool "Harden common str/mem functions against buffer overflows" depends on ARCH_HAS_FORTIFY_SOURCE @@ -2397,21 +2621,11 @@ diff -Nur a/security/Kconfig b/security/Kconfig config STATIC_USERMODEHELPER bool "Force all usermode helper calls through a single binary" help -diff -Nur a/security/selinux/include/objsec.h b/security/selinux/include/objsec.h ---- a/security/selinux/include/objsec.h 2018-05-22 17:56:31.000000000 +0100 -+++ b/security/selinux/include/objsec.h 2018-05-22 19:56:23.721072593 +0100 -@@ -154,6 +154,6 @@ - u32 sid; /*SID of bpf obj creater*/ - }; - --extern unsigned int selinux_checkreqprot; -+extern const unsigned int selinux_checkreqprot; - - #endif /* _SELINUX_OBJSEC_H_ */ -diff -Nur a/security/selinux/Kconfig b/security/selinux/Kconfig ---- a/security/selinux/Kconfig 2018-05-22 17:56:31.000000000 +0100 -+++ b/security/selinux/Kconfig 2018-05-22 19:56:23.721072593 +0100 -@@ -2,7 +2,7 @@ +diff --git a/security/selinux/Kconfig b/security/selinux/Kconfig +index 8af7a690eb40..6539694b0fd3 100644 +--- a/security/selinux/Kconfig ++++ b/security/selinux/Kconfig +@@ -2,7 +2,7 @@ config SECURITY_SELINUX bool "NSA SELinux Support" depends on SECURITY_NETWORK && AUDIT && NET && INET select NETWORK_SECMARK @@ -2420,7 +2634,7 @@ diff -Nur a/security/selinux/Kconfig b/security/selinux/Kconfig help This selects NSA Security-Enhanced Linux (SELinux). You will also need a policy configuration and a labeled filesystem. -@@ -79,23 +79,3 @@ +@@ -79,23 +79,3 @@ config SECURITY_SELINUX_AVC_STATS This option collects access vector cache statistics to /selinux/avc/cache_stats, which may be monitored via tools such as avcstat. @@ -2444,28 +2658,35 @@ diff -Nur a/security/selinux/Kconfig b/security/selinux/Kconfig - via /selinux/checkreqprot if authorized by policy. - - If you are unsure how to answer this question, answer 0. -diff -Nur a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c ---- a/security/selinux/selinuxfs.c 2018-05-22 17:56:31.000000000 +0100 -+++ b/security/selinux/selinuxfs.c 2018-05-22 19:56:23.721072593 +0100 -@@ -41,16 +41,7 @@ - #include "objsec.h" - #include "conditional.h" - --unsigned int selinux_checkreqprot = CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE; +diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c +index 2b5ee5fbd652..99c7ed953d4e 100644 +--- a/security/selinux/hooks.c ++++ b/security/selinux/hooks.c +@@ -135,18 +135,7 @@ __setup("selinux=", selinux_enabled_setup); + int selinux_enabled = 1; + #endif + +-static unsigned int selinux_checkreqprot_boot = +- CONFIG_SECURITY_SELINUX_CHECKREQPROT_VALUE; - -static int __init checkreqprot_setup(char *str) -{ - unsigned long checkreqprot; +- - if (!kstrtoul(str, 0, &checkreqprot)) -- selinux_checkreqprot = checkreqprot ? 1 : 0; +- selinux_checkreqprot_boot = checkreqprot ? 1 : 0; - return 1; -} -__setup("checkreqprot=", checkreqprot_setup); -+const unsigned int selinux_checkreqprot; - - static DEFINE_MUTEX(sel_mutex); - -@@ -610,10 +601,9 @@ ++static const unsigned int selinux_checkreqprot_boot; + + static struct kmem_cache *sel_inode_cache; + static struct kmem_cache *file_security_cache; +diff --git a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c +index 79d3709b0671..4db06a12d48c 100644 +--- a/security/selinux/selinuxfs.c ++++ b/security/selinux/selinuxfs.c +@@ -664,10 +664,9 @@ static ssize_t sel_write_checkreqprot(struct file *file, const char __user *buf, return PTR_ERR(page); length = -EINVAL; @@ -2473,13 +2694,14 @@ diff -Nur a/security/selinux/selinuxfs.c b/security/selinux/selinuxfs.c + if (sscanf(page, "%u", &new_value) != 1 || new_value) goto out; -- selinux_checkreqprot = new_value ? 1 : 0; +- fsi->state->checkreqprot = new_value ? 1 : 0; length = count; out: kfree(page); -diff -Nur a/security/yama/Kconfig b/security/yama/Kconfig ---- a/security/yama/Kconfig 2018-05-22 17:56:31.000000000 +0100 -+++ b/security/yama/Kconfig 2018-05-22 19:56:23.721072593 +0100 +diff --git a/security/yama/Kconfig b/security/yama/Kconfig +index 96b27405558a..485c1b85c325 100644 +--- a/security/yama/Kconfig ++++ b/security/yama/Kconfig @@ -1,7 +1,7 @@ config SECURITY_YAMA bool "Yama support" diff --git a/sys-kernel/linux-sources-redcore/files/radeon_dp_aux_transfer_native-no-ratelimited_debug.patch b/sys-kernel/linux-sources-redcore/files/radeon_dp_aux_transfer_native-no-ratelimited_debug.patch new file mode 100644 index 00000000..6ffcb42c --- /dev/null +++ b/sys-kernel/linux-sources-redcore/files/radeon_dp_aux_transfer_native-no-ratelimited_debug.patch @@ -0,0 +1,13 @@ +diff --git a/drivers/gpu/drm/radeon/radeon_dp_auxch.c b/drivers/gpu/drm/radeon/radeon_dp_auxch.c +index 12eac4e75542..a26b8ddd7d3f 100644 +--- a/drivers/gpu/drm/radeon/radeon_dp_auxch.c ++++ b/drivers/gpu/drm/radeon/radeon_dp_auxch.c +@@ -168,7 +168,7 @@ radeon_dp_aux_transfer_native(struct drm_dp_aux *aux, struct drm_dp_aux_msg *msg + goto done; + } + if (tmp & AUX_RX_ERROR_FLAGS) { +- DRM_DEBUG_KMS_RATELIMITED("dp_aux_ch flags not zero: %08x\n", ++ DRM_DEBUG_KMS("dp_aux_ch flags not zero: %08x\n", + tmp); + ret = -EIO; + goto done; diff --git a/sys-kernel/linux-sources-redcore/files/redcore-amd64.config b/sys-kernel/linux-sources-redcore/files/redcore-amd64.config index f63178d1..288c1279 100644 --- a/sys-kernel/linux-sources-redcore/files/redcore-amd64.config +++ b/sys-kernel/linux-sources-redcore/files/redcore-amd64.config @@ -1,6 +1,10 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 4.16.11-redcore Kernel Configuration +# Linux/x86 4.18.5-redcore Kernel Configuration +# + +# +# Compiler: gcc (Gentoo Hardened 7.3.0-r3 p1.4) 7.3.0 # CONFIG_64BIT=y CONFIG_X86_64=y @@ -15,8 +19,6 @@ CONFIG_ARCH_MMAP_RND_BITS_MIN=28 CONFIG_ARCH_MMAP_RND_BITS_MAX=32 CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MIN=8 CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MAX=16 -CONFIG_NEED_DMA_MAP_STATE=y -CONFIG_NEED_SG_DMA_LENGTH=y CONFIG_GENERIC_ISA_DMA=y CONFIG_GENERIC_BUG=y CONFIG_GENERIC_BUG_RELATIVE_POINTERS=y @@ -26,6 +28,7 @@ CONFIG_RWSEM_XCHGADD_ALGORITHM=y CONFIG_GENERIC_CALIBRATE_DELAY=y CONFIG_ARCH_HAS_CPU_RELAX=y CONFIG_ARCH_HAS_CACHE_LINE_SIZE=y +CONFIG_ARCH_HAS_FILTER_PGPROT=y CONFIG_HAVE_SETUP_PER_CPU_AREA=y CONFIG_NEED_PER_CPU_EMBED_FIRST_CHUNK=y CONFIG_NEED_PER_CPU_PAGE_FIRST_CHUNK=y @@ -41,7 +44,11 @@ CONFIG_HAVE_INTEL_TXT=y CONFIG_X86_64_SMP=y CONFIG_ARCH_SUPPORTS_UPROBES=y CONFIG_FIX_EARLYCON_MEM=y +CONFIG_DYNAMIC_PHYSICAL_MASK=y CONFIG_PGTABLE_LEVELS=4 +CONFIG_CC_IS_GCC=y +CONFIG_GCC_VERSION=70300 +CONFIG_CLANG_VERSION=0 CONFIG_IRQ_WORK=y CONFIG_BUILDTIME_EXTABLE_SORT=y CONFIG_THREAD_INFO_IN_TASK=y @@ -50,7 +57,6 @@ CONFIG_THREAD_INFO_IN_TASK=y # General setup # CONFIG_INIT_ENV_ARG_LIMIT=32 -CONFIG_CROSS_COMPILE="" # CONFIG_COMPILE_TEST is not set CONFIG_LOCALVERSION="" CONFIG_LOCALVERSION_AUTO=y @@ -116,7 +122,6 @@ CONFIG_NO_HZ_COMMON=y # CONFIG_HZ_PERIODIC is not set # CONFIG_NO_HZ_IDLE is not set CONFIG_NO_HZ_FULL=y -# CONFIG_NO_HZ_FULL_ALL is not set CONFIG_NO_HZ=y CONFIG_HIGH_RES_TIMERS=y @@ -172,7 +177,7 @@ CONFIG_FAIR_GROUP_SCHED=y CONFIG_CFS_BANDWIDTH=y CONFIG_RT_GROUP_SCHED=y CONFIG_CGROUP_PIDS=y -# CONFIG_CGROUP_RDMA is not set +CONFIG_CGROUP_RDMA=y CONFIG_CGROUP_FREEZER=y CONFIG_CGROUP_HUGETLB=y CONFIG_CPUSETS=y @@ -202,7 +207,7 @@ CONFIG_RD_LZO=y CONFIG_RD_LZ4=y CONFIG_CC_OPTIMIZE_FOR_PERFORMANCE=y # CONFIG_CC_OPTIMIZE_FOR_SIZE is not set -CONFIG_LOCAL_INIT=y +# CONFIG_LOCAL_INIT is not set CONFIG_SYSCTL=y CONFIG_ANON_INODES=y CONFIG_HAVE_UID16=y @@ -214,7 +219,6 @@ CONFIG_UID16=y CONFIG_MULTIUSER=y CONFIG_SGETMASK_SYSCALL=y CONFIG_SYSFS_SYSCALL=y -# CONFIG_SYSCTL_SYSCALL is not set CONFIG_FHANDLE=y CONFIG_POSIX_TIMERS=y CONFIG_PRINTK=y @@ -233,7 +237,6 @@ CONFIG_SHMEM=y CONFIG_AIO=y CONFIG_ADVISE_SYSCALLS=y CONFIG_MEMBARRIER=y -# CONFIG_CHECKPOINT_RESTORE is not set CONFIG_KALLSYMS=y CONFIG_KALLSYMS_ALL=y CONFIG_KALLSYMS_ABSOLUTE_PERCPU=y @@ -242,9 +245,9 @@ CONFIG_BPF_SYSCALL=y CONFIG_BPF_JIT_ALWAYS_ON=y CONFIG_USERFAULTFD=y CONFIG_ARCH_HAS_MEMBARRIER_SYNC_CORE=y +CONFIG_RSEQ=y # CONFIG_EMBEDDED is not set CONFIG_HAVE_PERF_EVENTS=y -# CONFIG_PC104 is not set # # Kernel Performance Events And Counters @@ -253,31 +256,33 @@ CONFIG_PERF_EVENTS=y # CONFIG_DEBUG_PERF_USE_VMALLOC is not set CONFIG_VM_EVENT_COUNTERS=y CONFIG_SLUB_DEBUG=y -# CONFIG_SLUB_MEMCG_SYSFS_ON is not set # CONFIG_COMPAT_BRK is not set # CONFIG_SLAB is not set CONFIG_SLUB=y CONFIG_SLAB_MERGE_DEFAULT=y -# CONFIG_SLAB_FREELIST_RANDOM is not set +CONFIG_SLAB_FREELIST_RANDOM=y CONFIG_SLAB_FREELIST_HARDENED=y CONFIG_SLAB_HARDENED=y CONFIG_SLAB_SANITIZE=y CONFIG_SLAB_SANITIZE_VERIFY=y CONFIG_SLUB_CPU_PARTIAL=y CONFIG_SYSTEM_DATA_VERIFICATION=y -# CONFIG_PROFILING is not set +CONFIG_PROFILING=y CONFIG_TRACEPOINTS=y CONFIG_CRASH_CORE=y CONFIG_KEXEC_CORE=y +CONFIG_HOTPLUG_SMT=y +# CONFIG_OPROFILE is not set CONFIG_HAVE_OPROFILE=y CONFIG_OPROFILE_NMI_TIMER=y -# CONFIG_KPROBES is not set +CONFIG_KPROBES=y CONFIG_JUMP_LABEL=y # CONFIG_STATIC_KEYS_SELFTEST is not set -# CONFIG_UPROBES is not set -# CONFIG_HAVE_64BIT_ALIGNED_ACCESS is not set +CONFIG_OPTPROBES=y +CONFIG_KPROBES_ON_FTRACE=y CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS=y CONFIG_ARCH_USE_BUILTIN_BSWAP=y +CONFIG_KRETPROBES=y CONFIG_USER_RETURN_NOTIFIER=y CONFIG_HAVE_IOREMAP_PROT=y CONFIG_HAVE_KPROBES=y @@ -294,8 +299,8 @@ CONFIG_ARCH_HAS_SET_MEMORY=y CONFIG_HAVE_ARCH_THREAD_STRUCT_WHITELIST=y CONFIG_ARCH_WANTS_DYNAMIC_TASK_STRUCT=y CONFIG_HAVE_REGS_AND_STACK_ACCESS_API=y +CONFIG_HAVE_RSEQ=y CONFIG_HAVE_CLK=y -CONFIG_HAVE_DMA_API_DEBUG=y CONFIG_HAVE_HW_BREAKPOINT=y CONFIG_HAVE_MIXED_BREAKPOINTS_REGS=y CONFIG_HAVE_USER_RETURN_NOTIFIER=y @@ -313,14 +318,13 @@ CONFIG_ARCH_WANT_COMPAT_IPC_PARSE_VERSION=y CONFIG_ARCH_WANT_OLD_COMPAT_IPC=y CONFIG_HAVE_ARCH_SECCOMP_FILTER=y CONFIG_SECCOMP_FILTER=y +CONFIG_PLUGIN_HOSTCC="g++" CONFIG_HAVE_GCC_PLUGINS=y # CONFIG_GCC_PLUGINS is not set -CONFIG_HAVE_CC_STACKPROTECTOR=y -# CONFIG_CC_STACKPROTECTOR_NONE is not set -# CONFIG_CC_STACKPROTECTOR_REGULAR is not set -CONFIG_CC_STACKPROTECTOR_STRONG=y -# CONFIG_CC_STACKPROTECTOR_AUTO is not set -CONFIG_THIN_ARCHIVES=y +CONFIG_HAVE_STACKPROTECTOR=y +CONFIG_CC_HAS_STACKPROTECTOR_NONE=y +CONFIG_STACKPROTECTOR=y +CONFIG_STACKPROTECTOR_STRONG=y CONFIG_HAVE_ARCH_WITHIN_STACK_FRAMES=y CONFIG_HAVE_CONTEXT_TRACKING=y CONFIG_HAVE_VIRT_CPU_ACCOUNTING_GEN=y @@ -341,29 +345,24 @@ CONFIG_ARCH_MMAP_RND_COMPAT_BITS=16 CONFIG_HAVE_ARCH_COMPAT_MMAP_BASES=y CONFIG_HAVE_COPY_THREAD_TLS=y CONFIG_HAVE_STACK_VALIDATION=y -# CONFIG_HAVE_ARCH_HASH is not set -# CONFIG_ISA_BUS_API is not set +CONFIG_ISA_BUS_API=y CONFIG_OLD_SIGSUSPEND3=y CONFIG_COMPAT_OLD_SIGACTION=y -# CONFIG_CPU_NO_EFFICIENT_FFS is not set +CONFIG_COMPAT_32BIT_TIME=y CONFIG_HAVE_ARCH_VMAP_STACK=y CONFIG_VMAP_STACK=y -# CONFIG_ARCH_OPTIONAL_KERNEL_RWX is not set -# CONFIG_ARCH_OPTIONAL_KERNEL_RWX_DEFAULT is not set CONFIG_ARCH_HAS_STRICT_KERNEL_RWX=y CONFIG_STRICT_KERNEL_RWX=y CONFIG_ARCH_HAS_STRICT_MODULE_RWX=y CONFIG_STRICT_MODULE_RWX=y -CONFIG_ARCH_HAS_PHYS_TO_DMA=y CONFIG_ARCH_HAS_REFCOUNT=y -# CONFIG_REFCOUNT_FULL is not set +CONFIG_REFCOUNT_FULL=y # # GCOV-based kernel profiling # # CONFIG_GCOV_KERNEL is not set CONFIG_ARCH_HAS_GCOV_PROFILE_ALL=y -# CONFIG_HAVE_GENERIC_DMA_COHERENT is not set CONFIG_RT_MUTEXES=y CONFIG_BASE_SMALL=0 CONFIG_MODULES=y @@ -372,7 +371,15 @@ CONFIG_MODULE_UNLOAD=y CONFIG_MODULE_FORCE_UNLOAD=y CONFIG_MODVERSIONS=y CONFIG_MODULE_SRCVERSION_ALL=y -# CONFIG_MODULE_SIG is not set +CONFIG_MODULE_SIG=y +# CONFIG_MODULE_SIG_FORCE is not set +CONFIG_MODULE_SIG_ALL=y +# CONFIG_MODULE_SIG_SHA1 is not set +# CONFIG_MODULE_SIG_SHA224 is not set +# CONFIG_MODULE_SIG_SHA256 is not set +# CONFIG_MODULE_SIG_SHA384 is not set +CONFIG_MODULE_SIG_SHA512=y +CONFIG_MODULE_SIG_HASH="sha512" CONFIG_MODULE_COMPRESS=y CONFIG_MODULE_COMPRESS_GZIP=y # CONFIG_MODULE_COMPRESS_XZ is not set @@ -456,6 +463,8 @@ CONFIG_QUEUED_SPINLOCKS=y CONFIG_ARCH_USE_QUEUED_RWLOCKS=y CONFIG_QUEUED_RWLOCKS=y CONFIG_ARCH_HAS_SYNC_CORE_BEFORE_USERMODE=y +CONFIG_ARCH_HAS_SYSCALL_WRAPPER=y +CONFIG_CC_HAS_SANE_STACKPROTECTOR=y CONFIG_FREEZER=y # @@ -464,7 +473,6 @@ CONFIG_FREEZER=y CONFIG_ZONE_DMA=y CONFIG_SMP=y CONFIG_X86_FEATURE_NAMES=y -CONFIG_X86_FAST_FEATURE_TESTS=y CONFIG_X86_X2APIC=y CONFIG_X86_MPPARSE=y # CONFIG_GOLDFISH is not set @@ -507,10 +515,7 @@ CONFIG_HPET_TIMER=y CONFIG_HPET_EMULATE_RTC=y CONFIG_DMI=y CONFIG_GART_IOMMU=y -CONFIG_CALGARY_IOMMU=y -CONFIG_CALGARY_IOMMU_ENABLED_BY_DEFAULT=y -CONFIG_SWIOTLB=y -CONFIG_IOMMU_HELPER=y +# CONFIG_CALGARY_IOMMU is not set CONFIG_MAXSMP=y CONFIG_NR_CPUS_RANGE_BEGIN=8192 CONFIG_NR_CPUS_RANGE_END=8192 @@ -541,7 +546,6 @@ CONFIG_PERF_EVENTS_INTEL_UNCORE=y CONFIG_PERF_EVENTS_INTEL_RAPL=y CONFIG_PERF_EVENTS_INTEL_CSTATE=y CONFIG_PERF_EVENTS_AMD_POWER=m -# CONFIG_VM86 is not set CONFIG_X86_16BIT=y CONFIG_X86_ESPFIX64=y CONFIG_X86_VSYSCALL_EMULATION=y @@ -553,8 +557,6 @@ CONFIG_MICROCODE_OLD_INTERFACE=y CONFIG_X86_MSR=m CONFIG_X86_CPUID=m # CONFIG_X86_5LEVEL is not set -CONFIG_ARCH_PHYS_ADDR_T_64BIT=y -CONFIG_ARCH_DMA_ADDR_T_64BIT=y CONFIG_X86_DIRECT_GBPAGES=y CONFIG_ARCH_HAS_MEM_ENCRYPT=y CONFIG_AMD_MEM_ENCRYPT=y @@ -639,6 +641,7 @@ CONFIG_ARCH_USES_HIGH_VMA_FLAGS=y CONFIG_ARCH_HAS_PKEYS=y # CONFIG_PERCPU_STATS is not set # CONFIG_GUP_BENCHMARK is not set +CONFIG_ARCH_HAS_PTE_SPECIAL=y CONFIG_X86_PMEM_LEGACY_DEVICE=y CONFIG_X86_PMEM_LEGACY=m CONFIG_X86_CHECK_BIOS_CORRUPTION=y @@ -673,6 +676,7 @@ CONFIG_RELOCATABLE=y CONFIG_RANDOMIZE_BASE=y CONFIG_X86_NEED_RELOCS=y CONFIG_PHYSICAL_ALIGN=0x1000000 +CONFIG_DYNAMIC_MEMORY_LAYOUT=y CONFIG_RANDOMIZE_MEMORY=y CONFIG_RANDOMIZE_MEMORY_PHYSICAL_PADDING=0xa CONFIG_HOTPLUG_CPU=y @@ -727,6 +731,7 @@ CONFIG_ACPI_BATTERY=m CONFIG_ACPI_BUTTON=m CONFIG_ACPI_VIDEO=m CONFIG_ACPI_FAN=m +CONFIG_ACPI_TAD=m CONFIG_ACPI_DOCK=y CONFIG_ACPI_CPU_FREQ_PSS=y CONFIG_ACPI_PROCESSOR_CSTATE=y @@ -738,7 +743,6 @@ CONFIG_ACPI_HOTPLUG_CPU=y CONFIG_ACPI_PROCESSOR_AGGREGATOR=m CONFIG_ACPI_THERMAL=m CONFIG_ACPI_NUMA=y -# CONFIG_ACPI_CUSTOM_DSDT is not set CONFIG_ARCH_HAS_ACPI_TABLE_UPGRADE=y CONFIG_ACPI_TABLE_UPGRADE=y # CONFIG_ACPI_DEBUG is not set @@ -750,7 +754,6 @@ CONFIG_ACPI_SBS=m CONFIG_ACPI_HED=y # CONFIG_ACPI_CUSTOM_METHOD is not set CONFIG_ACPI_BGRT=y -# CONFIG_ACPI_REDUCED_HARDWARE_ONLY is not set CONFIG_ACPI_NFIT=m CONFIG_HAVE_ACPI_APEI=y CONFIG_HAVE_ACPI_APEI_NMI=y @@ -806,7 +809,6 @@ CONFIG_X86_AMD_FREQ_SENSITIVITY=m # # shared options # -# CONFIG_X86_SPEEDSTEP_LIB is not set # # CPU Idle @@ -814,7 +816,6 @@ CONFIG_X86_AMD_FREQ_SENSITIVITY=m CONFIG_CPU_IDLE=y CONFIG_CPU_IDLE_GOV_LADDER=y CONFIG_CPU_IDLE_GOV_MENU=y -# CONFIG_ARCH_NEEDS_CPU_IDLE_COUPLED is not set CONFIG_INTEL_IDLE=y # @@ -824,11 +825,12 @@ CONFIG_PCI=y CONFIG_PCI_DIRECT=y CONFIG_PCI_MMCONFIG=y CONFIG_PCI_DOMAINS=y +CONFIG_MMCONF_FAM10H=y CONFIG_PCIEPORTBUS=y CONFIG_HOTPLUG_PCI_PCIE=y CONFIG_PCIEAER=y -CONFIG_PCIE_ECRC=y CONFIG_PCIEAER_INJECT=m +CONFIG_PCIE_ECRC=y CONFIG_PCIEASPM=y # CONFIG_PCIEASPM_DEBUG is not set CONFIG_PCIEASPM_DEFAULT=y @@ -838,13 +840,13 @@ CONFIG_PCIEASPM_DEFAULT=y CONFIG_PCIE_PME=y CONFIG_PCIE_DPC=y CONFIG_PCIE_PTM=y -CONFIG_PCI_BUS_ADDR_T_64BIT=y CONFIG_PCI_MSI=y CONFIG_PCI_MSI_IRQ_DOMAIN=y CONFIG_PCI_QUIRKS=y # CONFIG_PCI_DEBUG is not set CONFIG_PCI_REALLOC_ENABLE_AUTO=y CONFIG_PCI_STUB=m +CONFIG_PCI_PF_STUB=m CONFIG_PCI_ATS=y CONFIG_PCI_LOCKLESS_CONFIG=y CONFIG_PCI_IOV=y @@ -858,26 +860,29 @@ CONFIG_HOTPLUG_PCI_ACPI_IBM=m CONFIG_HOTPLUG_PCI_CPCI=y CONFIG_HOTPLUG_PCI_CPCI_ZT5550=m CONFIG_HOTPLUG_PCI_CPCI_GENERIC=m -CONFIG_HOTPLUG_PCI_SHPC=m +# CONFIG_HOTPLUG_PCI_SHPC is not set # -# Cadence PCIe controllers support +# PCI controller drivers # # -# DesignWare PCI Core Support +# Cadence PCIe controllers support # -# CONFIG_PCIE_DW_PLAT is not set +CONFIG_VMD=m # -# PCI host controller drivers +# DesignWare PCI Core Support # -CONFIG_VMD=m +# CONFIG_PCIE_DW_PLAT_HOST is not set +# CONFIG_PCIE_DW_PLAT_EP is not set # # PCI Endpoint # -# CONFIG_PCI_ENDPOINT is not set +CONFIG_PCI_ENDPOINT=y +CONFIG_PCI_ENDPOINT_CONFIGFS=y +# CONFIG_PCI_EPF_TEST is not set # # PCI switch controller drivers @@ -930,12 +935,11 @@ CONFIG_COMPAT_BINFMT_ELF=y CONFIG_ELFCORE=y CONFIG_CORE_DUMP_DEFAULT_ELF_HEADERS=y CONFIG_BINFMT_SCRIPT=y -# CONFIG_HAVE_AOUT is not set -CONFIG_BINFMT_MISC=m +CONFIG_BINFMT_MISC=y CONFIG_COREDUMP=y CONFIG_IA32_EMULATION=y -CONFIG_IA32_AOUT=m -# CONFIG_X86_X32 is not set +CONFIG_IA32_AOUT=y +CONFIG_X86_X32=y CONFIG_COMPAT_32=y CONFIG_COMPAT=y CONFIG_COMPAT_FOR_U64_ALIGNMENT=y @@ -954,6 +958,7 @@ CONFIG_PACKET_DIAG=m CONFIG_UNIX=m CONFIG_UNIX_DIAG=m CONFIG_TLS=m +# CONFIG_TLS_DEVICE is not set CONFIG_XFRM=y CONFIG_XFRM_OFFLOAD=y CONFIG_XFRM_ALGO=m @@ -966,6 +971,7 @@ CONFIG_NET_KEY=m CONFIG_NET_KEY_MIGRATE=y CONFIG_SMC=m CONFIG_SMC_DIAG=m +CONFIG_XDP_SOCKETS=y CONFIG_INET=y CONFIG_IP_MULTICAST=y CONFIG_IP_ADVANCED_ROUTER=y @@ -983,6 +989,7 @@ CONFIG_NET_IPGRE_DEMUX=m CONFIG_NET_IP_TUNNEL=m CONFIG_NET_IPGRE=m CONFIG_NET_IPGRE_BROADCAST=y +CONFIG_IP_MROUTE_COMMON=y CONFIG_IP_MROUTE=y CONFIG_IP_MROUTE_MULTIPLE_TABLES=y CONFIG_IP_PIMSM_V1=y @@ -1057,6 +1064,7 @@ CONFIG_IPV6_MROUTE_MULTIPLE_TABLES=y CONFIG_IPV6_PIMSM_V2=y CONFIG_IPV6_SEG6_LWTUNNEL=y CONFIG_IPV6_SEG6_HMAC=y +# CONFIG_NETLABEL is not set CONFIG_NETWORK_SECMARK=y CONFIG_NET_PTP_CLASSIFY=y CONFIG_NETWORK_PHY_TIMESTAMPING=y @@ -1115,21 +1123,18 @@ CONFIG_NF_NAT_FTP=m CONFIG_NF_NAT_IRC=m CONFIG_NF_NAT_SIP=m CONFIG_NF_NAT_TFTP=m -CONFIG_NF_NAT_REDIRECT=m +CONFIG_NF_NAT_REDIRECT=y CONFIG_NETFILTER_SYNPROXY=m +CONFIG_NF_OSF=m CONFIG_NF_TABLES=m -CONFIG_NF_TABLES_INET=m -CONFIG_NF_TABLES_NETDEV=m -CONFIG_NFT_EXTHDR=m -CONFIG_NFT_META=m -CONFIG_NFT_RT=m +CONFIG_NF_TABLES_SET=m +CONFIG_NF_TABLES_INET=y +CONFIG_NF_TABLES_NETDEV=y CONFIG_NFT_NUMGEN=m CONFIG_NFT_CT=m CONFIG_NFT_FLOW_OFFLOAD=m -CONFIG_NFT_SET_RBTREE=m -CONFIG_NFT_SET_HASH=m -CONFIG_NFT_SET_BITMAP=m CONFIG_NFT_COUNTER=m +CONFIG_NFT_CONNLIMIT=m CONFIG_NFT_LOG=m CONFIG_NFT_LIMIT=m CONFIG_NFT_MASQ=m @@ -1144,6 +1149,7 @@ CONFIG_NFT_COMPAT=m CONFIG_NFT_HASH=m CONFIG_NFT_FIB=m CONFIG_NFT_FIB_INET=m +CONFIG_NFT_SOCKET=m CONFIG_NF_DUP_NETDEV=m CONFIG_NFT_DUP_NETDEV=m CONFIG_NFT_FWD_NETDEV=m @@ -1284,6 +1290,7 @@ CONFIG_IP_VS_LBLC=m CONFIG_IP_VS_LBLCR=m CONFIG_IP_VS_DH=m CONFIG_IP_VS_SH=m +CONFIG_IP_VS_MH=m CONFIG_IP_VS_SED=m CONFIG_IP_VS_NQ=m @@ -1293,6 +1300,11 @@ CONFIG_IP_VS_NQ=m CONFIG_IP_VS_SH_TAB_BITS=8 # +# IPVS MH scheduler +# +CONFIG_IP_VS_MH_TAB_INDEX=12 + +# # IPVS application helper # CONFIG_IP_VS_FTP=m @@ -1305,12 +1317,13 @@ CONFIG_IP_VS_PE_SIP=m CONFIG_NF_DEFRAG_IPV4=m CONFIG_NF_CONNTRACK_IPV4=m CONFIG_NF_SOCKET_IPV4=m -CONFIG_NF_TABLES_IPV4=m +CONFIG_NF_TPROXY_IPV4=m +CONFIG_NF_TABLES_IPV4=y CONFIG_NFT_CHAIN_ROUTE_IPV4=m CONFIG_NFT_REJECT_IPV4=m CONFIG_NFT_DUP_IPV4=m CONFIG_NFT_FIB_IPV4=m -CONFIG_NF_TABLES_ARP=m +CONFIG_NF_TABLES_ARP=y CONFIG_NF_FLOW_TABLE_IPV4=m CONFIG_NF_DUP_IPV4=m CONFIG_NF_LOG_ARP=m @@ -1318,7 +1331,7 @@ CONFIG_NF_LOG_IPV4=m CONFIG_NF_REJECT_IPV4=m CONFIG_NF_NAT_IPV4=m CONFIG_NFT_CHAIN_NAT_IPV4=m -CONFIG_NF_NAT_MASQUERADE_IPV4=m +CONFIG_NF_NAT_MASQUERADE_IPV4=y CONFIG_NFT_MASQ_IPV4=m CONFIG_NFT_REDIR_IPV4=m CONFIG_NF_NAT_SNMP_BASIC=m @@ -1342,6 +1355,7 @@ CONFIG_IP_NF_TARGET_CLUSTERIP=m CONFIG_IP_NF_TARGET_ECN=m CONFIG_IP_NF_TARGET_TTL=m CONFIG_IP_NF_RAW=m +# CONFIG_IP_NF_SECURITY is not set CONFIG_IP_NF_ARPTABLES=m CONFIG_IP_NF_ARPFILTER=m CONFIG_IP_NF_ARP_MANGLE=m @@ -1352,8 +1366,12 @@ CONFIG_IP_NF_ARP_MANGLE=m CONFIG_NF_DEFRAG_IPV6=m CONFIG_NF_CONNTRACK_IPV6=m CONFIG_NF_SOCKET_IPV6=m -CONFIG_NF_TABLES_IPV6=m +CONFIG_NF_TPROXY_IPV6=m +CONFIG_NF_TABLES_IPV6=y CONFIG_NFT_CHAIN_ROUTE_IPV6=m +CONFIG_NFT_CHAIN_NAT_IPV6=m +CONFIG_NFT_MASQ_IPV6=m +CONFIG_NFT_REDIR_IPV6=m CONFIG_NFT_REJECT_IPV6=m CONFIG_NFT_DUP_IPV6=m CONFIG_NFT_FIB_IPV6=m @@ -1362,10 +1380,7 @@ CONFIG_NF_DUP_IPV6=m CONFIG_NF_REJECT_IPV6=m CONFIG_NF_LOG_IPV6=m CONFIG_NF_NAT_IPV6=m -CONFIG_NFT_CHAIN_NAT_IPV6=m -CONFIG_NF_NAT_MASQUERADE_IPV6=m -CONFIG_NFT_MASQ_IPV6=m -CONFIG_NFT_REDIR_IPV6=m +CONFIG_NF_NAT_MASQUERADE_IPV6=y CONFIG_IP6_NF_IPTABLES=m CONFIG_IP6_NF_MATCH_AH=m CONFIG_IP6_NF_MATCH_EUI64=m @@ -1383,6 +1398,7 @@ CONFIG_IP6_NF_TARGET_REJECT=m CONFIG_IP6_NF_TARGET_SYNPROXY=m CONFIG_IP6_NF_MANGLE=m CONFIG_IP6_NF_RAW=m +# CONFIG_IP6_NF_SECURITY is not set CONFIG_IP6_NF_NAT=m CONFIG_IP6_NF_TARGET_MASQUERADE=m CONFIG_IP6_NF_TARGET_NPT=m @@ -1391,8 +1407,7 @@ CONFIG_IP6_NF_TARGET_NPT=m # DECnet: Netfilter Configuration # CONFIG_DECNET_NF_GRABULATOR=m -CONFIG_NF_TABLES_BRIDGE=m -CONFIG_NFT_BRIDGE_META=m +CONFIG_NF_TABLES_BRIDGE=y CONFIG_NFT_BRIDGE_REJECT=m CONFIG_NF_LOG_BRIDGE=m CONFIG_BRIDGE_NF_EBTABLES=m @@ -1416,6 +1431,8 @@ CONFIG_BRIDGE_EBT_REDIRECT=m CONFIG_BRIDGE_EBT_SNAT=m CONFIG_BRIDGE_EBT_LOG=m CONFIG_BRIDGE_EBT_NFLOG=m +CONFIG_BPFILTER=y +CONFIG_BPFILTER_UMH=m CONFIG_IP_DCCP=m CONFIG_INET_DCCP_DIAG=m @@ -1446,6 +1463,7 @@ CONFIG_RDS_TCP=m CONFIG_TIPC=m CONFIG_TIPC_MEDIA_IB=y CONFIG_TIPC_MEDIA_UDP=y +CONFIG_TIPC_DIAG=m CONFIG_ATM=m CONFIG_ATM_CLIP=m # CONFIG_ATM_CLIP_NO_ICMP is not set @@ -1571,6 +1589,7 @@ CONFIG_NET_EMATCH_META=m CONFIG_NET_EMATCH_TEXT=m CONFIG_NET_EMATCH_CANID=m CONFIG_NET_EMATCH_IPSET=m +CONFIG_NET_EMATCH_IPT=m CONFIG_NET_CLS_ACT=y CONFIG_NET_ACT_POLICE=m CONFIG_NET_ACT_GACT=m @@ -1760,12 +1779,12 @@ CONFIG_BT_HCIBFUSB=m CONFIG_BT_HCIDTL1=m CONFIG_BT_HCIBT3C=m CONFIG_BT_HCIBLUECARD=m -CONFIG_BT_HCIBTUART=m CONFIG_BT_HCIVHCI=m CONFIG_BT_MRVL=m CONFIG_BT_MRVL_SDIO=m CONFIG_BT_ATH3K=m CONFIG_BT_WILINK=m +CONFIG_BT_HCIRSI=m CONFIG_AF_RXRPC=m CONFIG_AF_RXRPC_IPV6=y # CONFIG_AF_RXRPC_INJECT_LOSS is not set @@ -1799,7 +1818,6 @@ CONFIG_MAC80211=m CONFIG_MAC80211_HAS_RC=y CONFIG_MAC80211_RC_MINSTREL=y CONFIG_MAC80211_RC_MINSTREL_HT=y -# CONFIG_MAC80211_RC_MINSTREL_VHT is not set CONFIG_MAC80211_RC_DEFAULT_MINSTREL=y CONFIG_MAC80211_RC_DEFAULT="minstrel_ht" CONFIG_MAC80211_MESH=y @@ -1874,6 +1892,7 @@ CONFIG_DST_CACHE=y CONFIG_GRO_CELLS=y CONFIG_NET_DEVLINK=m CONFIG_MAY_USE_DEVLINK=m +CONFIG_FAILOVER=m CONFIG_HAVE_EBPF_JIT=y # @@ -1888,6 +1907,10 @@ CONFIG_DEVTMPFS=y CONFIG_DEVTMPFS_MOUNT=y CONFIG_STANDALONE=y CONFIG_PREVENT_FIRMWARE_BUILD=y + +# +# Firmware loader +# CONFIG_FW_LOADER=y CONFIG_EXTRA_FIRMWARE="" CONFIG_FW_LOADER_USER_HELPER=y @@ -1899,8 +1922,6 @@ CONFIG_DEV_COREDUMP=y # CONFIG_DEBUG_DEVRES is not set # CONFIG_DEBUG_TEST_DRIVER_REMOVE is not set CONFIG_TEST_ASYNC_DRIVER_PROBE=m -# CONFIG_SYS_HYPERVISOR is not set -# CONFIG_GENERIC_CPU_DEVICES is not set CONFIG_GENERIC_CPU_AUTOPROBE=y CONFIG_GENERIC_CPU_VULNERABILITIES=y CONFIG_REGMAP=y @@ -1959,13 +1980,8 @@ CONFIG_MTD_GEN_PROBE=m CONFIG_MTD_MAP_BANK_WIDTH_1=y CONFIG_MTD_MAP_BANK_WIDTH_2=y CONFIG_MTD_MAP_BANK_WIDTH_4=y -# CONFIG_MTD_MAP_BANK_WIDTH_8 is not set -# CONFIG_MTD_MAP_BANK_WIDTH_16 is not set -# CONFIG_MTD_MAP_BANK_WIDTH_32 is not set CONFIG_MTD_CFI_I1=y CONFIG_MTD_CFI_I2=y -# CONFIG_MTD_CFI_I4 is not set -# CONFIG_MTD_CFI_I8 is not set CONFIG_MTD_CFI_INTELEXT=m CONFIG_MTD_CFI_AMDSTD=m CONFIG_MTD_CFI_STAA=m @@ -2021,6 +2037,11 @@ CONFIG_MTD_BLOCK2MTD=m CONFIG_MTD_DOCG3=m CONFIG_BCH_CONST_M=14 CONFIG_BCH_CONST_T=4 +CONFIG_MTD_ONENAND=m +CONFIG_MTD_ONENAND_VERIFY_WRITE=y +CONFIG_MTD_ONENAND_GENERIC=m +CONFIG_MTD_ONENAND_OTP=y +CONFIG_MTD_ONENAND_2X_PROGRAM=y CONFIG_MTD_NAND_ECC=m CONFIG_MTD_NAND_ECC_SMC=y CONFIG_MTD_NAND=m @@ -2030,7 +2051,6 @@ CONFIG_MTD_SM_COMMON=m CONFIG_MTD_NAND_DENALI=m CONFIG_MTD_NAND_DENALI_PCI=m CONFIG_MTD_NAND_GPIO=m -# CONFIG_MTD_NAND_OMAP_BCH_BUILD is not set CONFIG_MTD_NAND_RICOH=m CONFIG_MTD_NAND_DISKONCHIP=m CONFIG_MTD_NAND_DISKONCHIP_PROBE_ADVANCED=y @@ -2041,11 +2061,6 @@ CONFIG_MTD_NAND_DOCG4=m CONFIG_MTD_NAND_CAFE=m CONFIG_MTD_NAND_NANDSIM=m CONFIG_MTD_NAND_PLATFORM=m -CONFIG_MTD_ONENAND=m -CONFIG_MTD_ONENAND_VERIFY_WRITE=y -CONFIG_MTD_ONENAND_GENERIC=m -CONFIG_MTD_ONENAND_OTP=y -CONFIG_MTD_ONENAND_2X_PROGRAM=y # # LPDDR & LPDDR2 PCM memory drivers @@ -2072,7 +2087,6 @@ CONFIG_PARPORT_SERIAL=m CONFIG_PARPORT_PC_FIFO=y CONFIG_PARPORT_PC_SUPERIO=y CONFIG_PARPORT_PC_PCMCIA=m -# CONFIG_PARPORT_GSC is not set CONFIG_PARPORT_AX88796=m CONFIG_PARPORT_1284=y CONFIG_PARPORT_NOT_PC=y @@ -2119,9 +2133,9 @@ CONFIG_PARIDE_ON26=m CONFIG_BLK_DEV_PCIESSD_MTIP32XX=m CONFIG_ZRAM=m CONFIG_ZRAM_WRITEBACK=y +# CONFIG_ZRAM_MEMORY_TRACKING is not set CONFIG_BLK_DEV_DAC960=m CONFIG_BLK_DEV_UMEM=m -# CONFIG_BLK_DEV_COW_COMMON is not set CONFIG_BLK_DEV_LOOP=y CONFIG_BLK_DEV_LOOP_MIN_COUNT=8 CONFIG_BLK_DEV_CRYPTOLOOP=m @@ -2266,10 +2280,6 @@ CONFIG_VHOST_RING=m CONFIG_GENWQE=m CONFIG_GENWQE_PLATFORM_ERROR_RECOVERY=0 CONFIG_ECHO=m -# CONFIG_CXL_BASE is not set -# CONFIG_CXL_AFU_DRIVER_OPS is not set -# CONFIG_CXL_LIB is not set -# CONFIG_OCXL_BASE is not set CONFIG_MISC_RTSX_PCI=m CONFIG_MISC_RTSX_USB=m CONFIG_HAVE_IDE=y @@ -2375,11 +2385,6 @@ CONFIG_FCOE_FNIC=m CONFIG_SCSI_SNIC=m # CONFIG_SCSI_SNIC_DEBUG_FS is not set CONFIG_SCSI_DMX3191D=m -CONFIG_SCSI_EATA=m -# CONFIG_SCSI_EATA_TAGGED_QUEUE is not set -# CONFIG_SCSI_EATA_LINKED_COMMANDS is not set -CONFIG_SCSI_EATA_MAX_TAGS=16 -CONFIG_SCSI_FUTURE_DOMAIN=m CONFIG_SCSI_GDTH=m CONFIG_SCSI_ISCI=m CONFIG_SCSI_IPS=m @@ -2418,7 +2423,6 @@ CONFIG_SCSI_VIRTIO=m CONFIG_SCSI_CHELSIO_FCOE=m CONFIG_SCSI_LOWLEVEL_PCMCIA=y CONFIG_PCMCIA_AHA152X=m -CONFIG_PCMCIA_FDOMAIN=m CONFIG_PCMCIA_QLOGIC=m CONFIG_PCMCIA_SYM53C500=m CONFIG_SCSI_DH=y @@ -2431,7 +2435,6 @@ CONFIG_SCSI_OSD_ULD=m CONFIG_SCSI_OSD_DPRINT_SENSE=1 # CONFIG_SCSI_OSD_DEBUG is not set CONFIG_ATA=m -# CONFIG_ATA_NONSTANDARD is not set CONFIG_ATA_VERBOSE_ERROR=y CONFIG_ATA_ACPI=y CONFIG_SATA_ZPODD=y @@ -2554,6 +2557,7 @@ CONFIG_DM_SNAPSHOT=m CONFIG_DM_THIN_PROVISIONING=m CONFIG_DM_CACHE=m CONFIG_DM_CACHE_SMQ=m +CONFIG_DM_WRITECACHE=m CONFIG_DM_ERA=m CONFIG_DM_MIRROR=m CONFIG_DM_LOG_USERSPACE=m @@ -2705,6 +2709,7 @@ CONFIG_MICROCHIP_KSZ=m CONFIG_MICROCHIP_KSZ_SPI_DRIVER=m CONFIG_NET_DSA_MV88E6XXX=m CONFIG_NET_DSA_MV88E6XXX_GLOBAL2=y +CONFIG_NET_DSA_MV88E6XXX_PTP=y CONFIG_NET_DSA_QCA8K=m CONFIG_NET_DSA_SMSC_LAN9303=m CONFIG_NET_DSA_SMSC_LAN9303_I2C=m @@ -2746,10 +2751,6 @@ CONFIG_ATL1C=m CONFIG_ALX=m CONFIG_NET_VENDOR_AURORA=y CONFIG_AURORA_NB8800=m -CONFIG_NET_CADENCE=y -CONFIG_MACB=m -CONFIG_MACB_USE_HWSTAMP=y -CONFIG_MACB_PCI=m CONFIG_NET_VENDOR_BROADCOM=y CONFIG_B44=m CONFIG_B44_PCI_AUTOSELECT=y @@ -2767,6 +2768,10 @@ CONFIG_BNXT_FLOWER_OFFLOAD=y CONFIG_BNXT_DCB=y CONFIG_NET_VENDOR_BROCADE=y CONFIG_BNA=m +CONFIG_NET_CADENCE=y +CONFIG_MACB=m +CONFIG_MACB_USE_HWSTAMP=y +CONFIG_MACB_PCI=m CONFIG_NET_VENDOR_CAVIUM=y CONFIG_THUNDER_NIC_PF=m CONFIG_THUNDER_NIC_VF=m @@ -2811,16 +2816,13 @@ CONFIG_NET_VENDOR_EMULEX=y CONFIG_BE2NET=m CONFIG_BE2NET_HWMON=y CONFIG_NET_VENDOR_EZCHIP=y -CONFIG_NET_VENDOR_EXAR=y -CONFIG_S2IO=m -CONFIG_VXGE=m -# CONFIG_VXGE_DEBUG_TRACE_ALL is not set CONFIG_NET_VENDOR_FUJITSU=y CONFIG_PCMCIA_FMVJ18X=m CONFIG_NET_VENDOR_HP=y CONFIG_HP100=m CONFIG_NET_VENDOR_HUAWEI=y CONFIG_HINIC=m +CONFIG_NET_VENDOR_I825XX=y CONFIG_NET_VENDOR_INTEL=y CONFIG_E100=m CONFIG_E1000=m @@ -2839,8 +2841,12 @@ CONFIG_IXGBEVF=m CONFIG_I40E=m CONFIG_I40E_DCB=y CONFIG_I40EVF=m +CONFIG_ICE=m CONFIG_FM10K=m -CONFIG_NET_VENDOR_I825XX=y +CONFIG_NET_VENDOR_EXAR=y +CONFIG_S2IO=m +CONFIG_VXGE=m +# CONFIG_VXGE_DEBUG_TRACE_ALL is not set CONFIG_JME=m CONFIG_NET_VENDOR_MARVELL=y CONFIG_MVMDIO=m @@ -2879,6 +2885,10 @@ CONFIG_NET_VENDOR_MICROCHIP=y CONFIG_ENC28J60=m # CONFIG_ENC28J60_WRITEVERIFY is not set CONFIG_ENCX24J600=m +CONFIG_LAN743X=m +CONFIG_NET_VENDOR_MICROSEMI=y +CONFIG_MSCC_OCELOT_SWITCH=m +CONFIG_MSCC_OCELOT_SWITCH_OCELOT=m CONFIG_NET_VENDOR_MYRI=y CONFIG_MYRI10GE=m CONFIG_MYRI10GE_DCA=y @@ -2889,7 +2899,9 @@ CONFIG_NS83820=m CONFIG_NET_VENDOR_NETRONOME=y CONFIG_NFP=m # CONFIG_NFP_APP_FLOWER is not set +CONFIG_NFP_APP_ABM_NIC=y # CONFIG_NFP_DEBUG is not set +CONFIG_NET_VENDOR_NI=y CONFIG_NET_VENDOR_8390=y CONFIG_PCMCIA_AXNET=m CONFIG_NE2K_PCI=m @@ -2920,6 +2932,8 @@ CONFIG_QED_OOO=y CONFIG_NET_VENDOR_QUALCOMM=y CONFIG_QCOM_EMAC=m CONFIG_RMNET=m +CONFIG_NET_VENDOR_RDC=y +CONFIG_R6040=m CONFIG_NET_VENDOR_REALTEK=y CONFIG_ATP=m CONFIG_8139CP=m @@ -2930,18 +2944,11 @@ CONFIG_8139TOO_8129=y # CONFIG_8139_OLD_RX_RESET is not set CONFIG_R8169=m CONFIG_NET_VENDOR_RENESAS=y -CONFIG_NET_VENDOR_RDC=y -CONFIG_R6040=m CONFIG_NET_VENDOR_ROCKER=y CONFIG_ROCKER=m CONFIG_NET_VENDOR_SAMSUNG=y CONFIG_SXGBE_ETH=m CONFIG_NET_VENDOR_SEEQ=y -CONFIG_NET_VENDOR_SILAN=y -CONFIG_SC92031=m -CONFIG_NET_VENDOR_SIS=y -CONFIG_SIS900=m -CONFIG_SIS190=m CONFIG_NET_VENDOR_SOLARFLARE=y CONFIG_SFC=m CONFIG_SFC_MTD=y @@ -2950,11 +2957,15 @@ CONFIG_SFC_SRIOV=y CONFIG_SFC_MCDI_LOGGING=y CONFIG_SFC_FALCON=m CONFIG_SFC_FALCON_MTD=y +CONFIG_NET_VENDOR_SILAN=y +CONFIG_SC92031=m +CONFIG_NET_VENDOR_SIS=y +CONFIG_SIS900=m +CONFIG_SIS190=m CONFIG_NET_VENDOR_SMSC=y CONFIG_PCMCIA_SMC91C92=m CONFIG_EPIC100=m CONFIG_SMSC911X=m -# CONFIG_SMSC911X_ARCH_HOOKS is not set CONFIG_SMSC9420=m # CONFIG_NET_VENDOR_SOCIONEXT is not set CONFIG_NET_VENDOR_STMICRO=y @@ -2967,6 +2978,9 @@ CONFIG_HAPPYMEAL=m CONFIG_SUNGEM=m CONFIG_CASSINI=m CONFIG_NIU=m +CONFIG_NET_VENDOR_SYNOPSYS=y +CONFIG_DWC_XLGMAC=m +CONFIG_DWC_XLGMAC_PCI=m CONFIG_NET_VENDOR_TEHUTI=y CONFIG_TEHUTI=m CONFIG_NET_VENDOR_TI=y @@ -2985,9 +2999,6 @@ CONFIG_WIZNET_BUS_ANY=y CONFIG_WIZNET_W5100_SPI=m CONFIG_NET_VENDOR_XIRCOM=y CONFIG_PCMCIA_XIRC2PS=m -CONFIG_NET_VENDOR_SYNOPSYS=y -CONFIG_DWC_XLGMAC=m -CONFIG_DWC_XLGMAC_PCI=m CONFIG_FDDI=m CONFIG_DEFXX=m # CONFIG_DEFXX_MMIO is not set @@ -3001,7 +3012,10 @@ CONFIG_MDIO_BUS=m CONFIG_MDIO_BITBANG=m CONFIG_MDIO_CAVIUM=m CONFIG_MDIO_GPIO=m +CONFIG_MDIO_I2C=m +CONFIG_MDIO_MSCC_MIIM=m CONFIG_MDIO_THUNDER=m +CONFIG_PHYLINK=m CONFIG_PHYLIB=m CONFIG_SWPHY=y CONFIG_LED_TRIGGER_PHY=y @@ -3009,8 +3023,10 @@ CONFIG_LED_TRIGGER_PHY=y # # MII PHY device drivers # +CONFIG_SFP=m CONFIG_AMD_PHY=m CONFIG_AQUANTIA_PHY=m +CONFIG_ASIX_PHY=m CONFIG_AT803X_PHY=m CONFIG_BCM7XXX_PHY=m CONFIG_BCM87XX_PHY=m @@ -3020,6 +3036,7 @@ CONFIG_CICADA_PHY=m CONFIG_CORTINA_PHY=m CONFIG_DAVICOM_PHY=m CONFIG_DP83822_PHY=m +CONFIG_DP83TC811_PHY=m CONFIG_DP83848_PHY=m CONFIG_DP83867_PHY=m CONFIG_FIXED_PHY=m @@ -3031,6 +3048,7 @@ CONFIG_MARVELL_PHY=m CONFIG_MARVELL_10G_PHY=m CONFIG_MICREL_PHY=m CONFIG_MICROCHIP_PHY=m +CONFIG_MICROCHIP_T1_PHY=m CONFIG_MICROSEMI_PHY=m CONFIG_NATIONAL_PHY=m CONFIG_QSEMI_PHY=m @@ -3149,6 +3167,7 @@ CONFIG_WIL6210_ISR_COR=y CONFIG_WIL6210_TRACING=y CONFIG_WIL6210_DEBUGFS=y CONFIG_ATH10K=m +CONFIG_ATH10K_CE=y CONFIG_ATH10K_PCI=m CONFIG_ATH10K_SDIO=m CONFIG_ATH10K_USB=m @@ -3338,6 +3357,7 @@ CONFIG_RSI_91X=m # CONFIG_RSI_DEBUGFS is not set CONFIG_RSI_SDIO=m CONFIG_RSI_USB=m +CONFIG_RSI_COEX=y CONFIG_WLAN_VENDOR_ST=y CONFIG_CW1200=m CONFIG_CW1200_WLAN_SDIO=m @@ -3401,11 +3421,13 @@ CONFIG_IEEE802154_ATUSB=m CONFIG_IEEE802154_ADF7242=m CONFIG_IEEE802154_CA8210=m # CONFIG_IEEE802154_CA8210_DEBUGFS is not set +CONFIG_IEEE802154_MCR20A=m CONFIG_VMXNET3=m CONFIG_FUJITSU_ES=m CONFIG_THUNDERBOLT_NET=m CONFIG_HYPERV_NET=m CONFIG_NETDEVSIM=m +CONFIG_NET_FAILOVER=m CONFIG_ISDN=y CONFIG_ISDN_I4L=m CONFIG_ISDN_PPP=y @@ -3507,8 +3529,6 @@ CONFIG_ISDN_DIVAS_USERIDI=m CONFIG_ISDN_DIVAS_MAINT=m CONFIG_ISDN_DRV_GIGASET=m CONFIG_GIGASET_CAPI=y -# CONFIG_GIGASET_I4L is not set -# CONFIG_GIGASET_DUMMYLL is not set CONFIG_GIGASET_BASE=m CONFIG_GIGASET_M105=m CONFIG_GIGASET_M101=m @@ -3588,6 +3608,7 @@ CONFIG_KEYBOARD_SUNKBD=m CONFIG_KEYBOARD_TM2_TOUCHKEY=m CONFIG_KEYBOARD_XTKBD=m CONFIG_KEYBOARD_CROS_EC=m +CONFIG_KEYBOARD_MTK_PMIC=m CONFIG_INPUT_MOUSE=y CONFIG_MOUSE_PS2=m CONFIG_MOUSE_PS2_ALPS=y @@ -3599,6 +3620,7 @@ CONFIG_MOUSE_PS2_CYPRESS=y CONFIG_MOUSE_PS2_LIFEBOOK=y CONFIG_MOUSE_PS2_TRACKPOINT=y CONFIG_MOUSE_PS2_ELANTECH=y +CONFIG_MOUSE_PS2_ELANTECH_SMBUS=y CONFIG_MOUSE_PS2_SENTELIC=y CONFIG_MOUSE_PS2_TOUCHKIT=y CONFIG_MOUSE_PS2_FOCALTECH=y @@ -3648,6 +3670,7 @@ CONFIG_JOYSTICK_XPAD_LEDS=y CONFIG_JOYSTICK_WALKERA0701=m CONFIG_JOYSTICK_PSXPAD_SPI=m CONFIG_JOYSTICK_PSXPAD_SPI_FF=y +CONFIG_JOYSTICK_PXRC=m CONFIG_INPUT_TABLET=y CONFIG_TABLET_USB_ACECAD=m CONFIG_TABLET_USB_AIPTEK=m @@ -3667,6 +3690,7 @@ CONFIG_TOUCHSCREEN_ATMEL_MXT=m # CONFIG_TOUCHSCREEN_ATMEL_MXT_T37 is not set CONFIG_TOUCHSCREEN_AUO_PIXCIR=m CONFIG_TOUCHSCREEN_BU21013=m +CONFIG_TOUCHSCREEN_CHIPONE_ICN8505=m CONFIG_TOUCHSCREEN_CY8CTMG110=m CONFIG_TOUCHSCREEN_CYTTSP_CORE=m CONFIG_TOUCHSCREEN_CYTTSP_I2C=m @@ -3799,6 +3823,7 @@ CONFIG_INPUT_SOC_BUTTON_ARRAY=m CONFIG_INPUT_DRV260X_HAPTICS=m CONFIG_INPUT_DRV2665_HAPTICS=m CONFIG_INPUT_DRV2667_HAPTICS=m +CONFIG_INPUT_RAVE_SP_PWRBUTTON=m CONFIG_RMI4_CORE=m CONFIG_RMI4_I2C=m CONFIG_RMI4_SPI=m @@ -3889,7 +3914,6 @@ CONFIG_SERIAL_8250_MANY_PORTS=y CONFIG_SERIAL_8250_SHARE_IRQ=y CONFIG_SERIAL_8250_DETECT_IRQ=y CONFIG_SERIAL_8250_RSA=y -# CONFIG_SERIAL_8250_FSL is not set CONFIG_SERIAL_8250_DW=m CONFIG_SERIAL_8250_RT288X=y CONFIG_SERIAL_8250_LPSS=y @@ -3930,7 +3954,6 @@ CONFIG_HVC_DRIVER=y CONFIG_VIRTIO_CONSOLE=m CONFIG_IPMI_HANDLER=m CONFIG_IPMI_DMI_DECODE=y -CONFIG_IPMI_PROC_INTERFACE=y CONFIG_IPMI_PANIC_EVENT=y CONFIG_IPMI_PANIC_STRING=y CONFIG_IPMI_DEVICE_INTERFACE=m @@ -4052,7 +4075,6 @@ CONFIG_I2C_GPIO=m CONFIG_I2C_KEMPLD=m CONFIG_I2C_OCORES=m CONFIG_I2C_PCA_PLATFORM=m -# CONFIG_I2C_PXA_PCI is not set CONFIG_I2C_SIMTEC=m CONFIG_I2C_XILINX=m @@ -4082,6 +4104,7 @@ CONFIG_I2C_SLAVE_EEPROM=m CONFIG_SPI=y # CONFIG_SPI_DEBUG is not set CONFIG_SPI_MASTER=y +CONFIG_SPI_MEM=y # # SPI Master Controller Drivers @@ -4128,7 +4151,7 @@ CONFIG_HSI_BOARDINFO=y # HSI clients # CONFIG_HSI_CHAR=m -CONFIG_PPS=m +CONFIG_PPS=y # CONFIG_PPS_DEBUG is not set # @@ -4146,7 +4169,7 @@ CONFIG_PPS_CLIENT_GPIO=m # # PTP clock support # -CONFIG_PTP_1588_CLOCK=m +CONFIG_PTP_1588_CLOCK=y CONFIG_DP83640_PHY=m CONFIG_PTP_1588_CLOCK_KVM=m CONFIG_PINCTRL=y @@ -4167,6 +4190,7 @@ CONFIG_PINCTRL_GEMINILAKE=m CONFIG_PINCTRL_LEWISBURG=m CONFIG_PINCTRL_SUNRISEPOINT=m CONFIG_GPIOLIB=y +CONFIG_GPIOLIB_FASTPATH_LIMIT=512 CONFIG_GPIO_ACPI=y CONFIG_GPIOLIB_IRQCHIP=y # CONFIG_DEBUG_GPIO is not set @@ -4195,6 +4219,8 @@ CONFIG_GPIO_F7188X=m CONFIG_GPIO_IT87=m CONFIG_GPIO_SCH=m CONFIG_GPIO_SCH311X=m +CONFIG_GPIO_WINBOND=m +CONFIG_GPIO_WS16C48=m # # I2C GPIO expanders @@ -4510,6 +4536,7 @@ CONFIG_SENSORS_XGENE=m CONFIG_SENSORS_ACPI_POWER=m CONFIG_SENSORS_ATK0110=m CONFIG_THERMAL=y +# CONFIG_THERMAL_STATISTICS is not set CONFIG_THERMAL_EMERGENCY_POWEROFF_DELAY_MS=0 CONFIG_THERMAL_WRITABLE_TRIPS=y CONFIG_THERMAL_DEFAULT_GOV_STEP_WISE=y @@ -4566,6 +4593,7 @@ CONFIG_ACQUIRE_WDT=m CONFIG_ADVANTECH_WDT=m CONFIG_ALIM1535_WDT=m CONFIG_ALIM7101_WDT=m +CONFIG_EBC_C384_WDT=m CONFIG_F71808E_WDT=m # CONFIG_SP5100_TCO is not set CONFIG_SBC_FITPC2_WATCHDOG=m @@ -4713,7 +4741,6 @@ CONFIG_MFD_TPS65912_I2C=m CONFIG_MFD_TPS65912_SPI=y CONFIG_MFD_WL1273_CORE=m CONFIG_MFD_LM3533=m -# CONFIG_MFD_TMIO is not set CONFIG_MFD_VX855=m CONFIG_MFD_ARIZONA=y CONFIG_MFD_ARIZONA_I2C=m @@ -4732,6 +4759,7 @@ CONFIG_REGULATOR=y CONFIG_REGULATOR_FIXED_VOLTAGE=m CONFIG_REGULATOR_VIRTUAL_CONSUMER=m CONFIG_REGULATOR_USERSPACE_CONSUMER=m +CONFIG_REGULATOR_88PG86X=m CONFIG_REGULATOR_88PM800=m CONFIG_REGULATOR_ACT8865=m CONFIG_REGULATOR_AD5398=m @@ -4792,6 +4820,7 @@ CONFIG_REGULATOR_TPS65912=m CONFIG_REGULATOR_WM831X=m CONFIG_REGULATOR_WM8994=m CONFIG_CEC_CORE=m +CONFIG_CEC_NOTIFIER=y CONFIG_CEC_PIN=y CONFIG_RC_CORE=m CONFIG_RC_MAP=m @@ -4806,10 +4835,12 @@ CONFIG_IR_SANYO_DECODER=m CONFIG_IR_SHARP_DECODER=m CONFIG_IR_MCE_KBD_DECODER=m CONFIG_IR_XMP_DECODER=m +CONFIG_IR_IMON_DECODER=m CONFIG_RC_DEVICES=y CONFIG_RC_ATI_REMOTE=m CONFIG_IR_ENE=m CONFIG_IR_IMON=m +CONFIG_IR_IMON_RAW=m CONFIG_IR_MCEUSB=m CONFIG_IR_ITE_CIR=m CONFIG_IR_FINTEK=m @@ -4836,6 +4867,7 @@ CONFIG_MEDIA_RADIO_SUPPORT=y CONFIG_MEDIA_SDR_SUPPORT=y CONFIG_MEDIA_CEC_SUPPORT=y CONFIG_MEDIA_CEC_RC=y +# CONFIG_CEC_PIN_ERROR_INJ is not set CONFIG_MEDIA_CONTROLLER=y CONFIG_MEDIA_CONTROLLER_DVB=y CONFIG_VIDEO_DEV=m @@ -4851,7 +4883,6 @@ CONFIG_V4L2_FWNODE=m CONFIG_VIDEOBUF_GEN=m CONFIG_VIDEOBUF_DMA_SG=m CONFIG_VIDEOBUF_VMALLOC=m -CONFIG_VIDEOBUF_DVB=m CONFIG_DVB_CORE=m # CONFIG_DVB_MMAP is not set CONFIG_DVB_NET=y @@ -5043,14 +5074,6 @@ CONFIG_VIDEO_SOLO6X10=m CONFIG_VIDEO_TW5864=m CONFIG_VIDEO_TW68=m CONFIG_VIDEO_TW686X=m -CONFIG_VIDEO_ZORAN=m -CONFIG_VIDEO_ZORAN_DC30=m -CONFIG_VIDEO_ZORAN_ZR36060=m -CONFIG_VIDEO_ZORAN_BUZ=m -CONFIG_VIDEO_ZORAN_DC10=m -CONFIG_VIDEO_ZORAN_LML33=m -CONFIG_VIDEO_ZORAN_LML33R10=m -CONFIG_VIDEO_ZORAN_AVS6EYES=m # # Media capture/analog TV support @@ -5118,6 +5141,9 @@ CONFIG_DVB_NETUP_UNIDVB=m CONFIG_VIDEO_IPU3_CIO2=m CONFIG_V4L_PLATFORM_DRIVERS=y CONFIG_VIDEO_CAFE_CCIC=m +CONFIG_VIDEO_CADENCE=y +CONFIG_VIDEO_CADENCE_CSI2RX=m +CONFIG_VIDEO_CADENCE_CSI2TX=m CONFIG_SOC_CAMERA=m CONFIG_SOC_CAMERA_PLATFORM=m CONFIG_V4L_MEM2MEM_DRIVERS=y @@ -5135,7 +5161,7 @@ CONFIG_SDR_PLATFORM_DRIVERS=y CONFIG_SMS_SDIO_DRV=m CONFIG_RADIO_ADAPTERS=y CONFIG_RADIO_TEA575X=m -CONFIG_RADIO_SI470X=y +CONFIG_RADIO_SI470X=m CONFIG_USB_SI470X=m CONFIG_I2C_SI470X=m CONFIG_RADIO_SI4713=m @@ -5287,10 +5313,8 @@ CONFIG_VIDEO_M52790=m # # soc_camera sensor drivers # -CONFIG_SOC_CAMERA_IMX074=m CONFIG_SOC_CAMERA_MT9M001=m CONFIG_SOC_CAMERA_MT9M111=m -CONFIG_SOC_CAMERA_MT9T031=m CONFIG_SOC_CAMERA_MT9T112=m CONFIG_SOC_CAMERA_MT9V022=m CONFIG_SOC_CAMERA_OV5642=m @@ -5299,6 +5323,11 @@ CONFIG_SOC_CAMERA_OV9640=m CONFIG_SOC_CAMERA_OV9740=m CONFIG_SOC_CAMERA_RJ54N1=m CONFIG_SOC_CAMERA_TW9910=m + +# +# Media SPI Adapters +# +CONFIG_CXD2880_SPI_DRV=m CONFIG_MEDIA_TUNER=m CONFIG_MEDIA_TUNER_SIMPLE=m CONFIG_MEDIA_TUNER_TDA18250=m @@ -5336,6 +5365,7 @@ CONFIG_MEDIA_TUNER_IT913X=m CONFIG_MEDIA_TUNER_R820T=m CONFIG_MEDIA_TUNER_MXL301RF=m CONFIG_MEDIA_TUNER_QM1D1C0042=m +CONFIG_MEDIA_TUNER_QM1D1B0004=m # # Multistandard (satellite) frontends @@ -5475,7 +5505,6 @@ CONFIG_DVB_ISL6405=m CONFIG_DVB_ISL6421=m CONFIG_DVB_ISL6423=m CONFIG_DVB_A8293=m -CONFIG_DVB_SP2=m CONFIG_DVB_LGS8GXX=m CONFIG_DVB_ATBM8830=m CONFIG_DVB_TDA665x=m @@ -5487,9 +5516,15 @@ CONFIG_DVB_ASCOT2E=m CONFIG_DVB_HELENE=m # +# Common Interface (EN50221) controller drivers +# +CONFIG_DVB_CXD2099=m +CONFIG_DVB_SP2=m + +# # Tools to develop new frontends # -# CONFIG_DVB_DUMMY_FE is not set +CONFIG_DVB_DUMMY_FE=m # # Graphics support @@ -5506,7 +5541,7 @@ CONFIG_VGA_SWITCHEROO=y CONFIG_DRM=m CONFIG_DRM_MIPI_DSI=y CONFIG_DRM_DP_AUX_CHARDEV=y -# CONFIG_DRM_DEBUG_MM_SELFTEST is not set +CONFIG_DRM_DEBUG_SELFTEST=m CONFIG_DRM_KMS_HELPER=m CONFIG_DRM_KMS_FB_HELPER=y CONFIG_DRM_FBDEV_EMULATION=y @@ -5524,6 +5559,7 @@ CONFIG_DRM_SCHED=m CONFIG_DRM_I2C_CH7006=m CONFIG_DRM_I2C_SIL164=m CONFIG_DRM_I2C_NXP_TDA998X=m +CONFIG_DRM_I2C_NXP_TDA9950=m CONFIG_DRM_RADEON=m # CONFIG_DRM_RADEON_USERPTR is not set CONFIG_DRM_AMDGPU=m @@ -5541,7 +5577,6 @@ CONFIG_DRM_AMD_ACP=y # Display Engine Configuration # CONFIG_DRM_AMD_DC=y -CONFIG_DRM_AMD_DC_PRE_VEGA=y # CONFIG_DRM_AMD_DC_FBC is not set CONFIG_DRM_AMD_DC_DCN1_0=y # CONFIG_DEBUG_KERNEL_DC is not set @@ -5601,7 +5636,7 @@ CONFIG_TINYDRM_ST7586=m CONFIG_TINYDRM_ST7735R=m # CONFIG_DRM_LEGACY is not set CONFIG_DRM_PANEL_ORIENTATION_QUIRKS=y -# CONFIG_DRM_LIB_RANDOM is not set +CONFIG_DRM_LIB_RANDOM=y # # Frame buffer Devices @@ -5610,24 +5645,19 @@ CONFIG_FB=y CONFIG_FIRMWARE_EDID=y CONFIG_FB_CMDLINE=y CONFIG_FB_NOTIFY=y -# CONFIG_FB_DDC is not set CONFIG_FB_BOOT_VESA_SUPPORT=y CONFIG_FB_CFB_FILLRECT=y CONFIG_FB_CFB_COPYAREA=y CONFIG_FB_CFB_IMAGEBLIT=y -# CONFIG_FB_CFB_REV_PIXELS_IN_BYTE is not set CONFIG_FB_SYS_FILLRECT=m CONFIG_FB_SYS_COPYAREA=m CONFIG_FB_SYS_IMAGEBLIT=m -# CONFIG_FB_PROVIDE_GET_FB_UNMAPPED_AREA is not set CONFIG_FB_FOREIGN_ENDIAN=y CONFIG_FB_BOTH_ENDIAN=y # CONFIG_FB_BIG_ENDIAN is not set # CONFIG_FB_LITTLE_ENDIAN is not set CONFIG_FB_SYS_FOPS=m CONFIG_FB_DEFERRED_IO=y -# CONFIG_FB_SVGALIB is not set -# CONFIG_FB_MACMODES is not set CONFIG_FB_BACKLIGHT=y CONFIG_FB_MODE_HELPERS=y CONFIG_FB_TILEBLITTING=y @@ -5642,7 +5672,7 @@ CONFIG_FB_TILEBLITTING=y # CONFIG_FB_ASILIANT is not set # CONFIG_FB_IMSTT is not set # CONFIG_FB_VGA16 is not set -CONFIG_FB_UVESA=m +# CONFIG_FB_UVESA is not set CONFIG_FB_VESA=y CONFIG_FB_EFI=y # CONFIG_FB_N411 is not set @@ -5678,7 +5708,6 @@ CONFIG_FB_EFI=y # CONFIG_FB_METRONOME is not set # CONFIG_FB_MB862XX is not set # CONFIG_FB_BROADSHEET is not set -# CONFIG_FB_AUO_K190X is not set # CONFIG_FB_HYPERV is not set CONFIG_FB_SIMPLE=y # CONFIG_FB_SM712 is not set @@ -5697,6 +5726,7 @@ CONFIG_LCD_LD9040=m CONFIG_LCD_AMS369FG06=m CONFIG_LCD_LMS501KF03=m CONFIG_LCD_HX8357=m +CONFIG_LCD_OTM3225A=m CONFIG_BACKLIGHT_CLASS_DEVICE=y CONFIG_BACKLIGHT_GENERIC=m CONFIG_BACKLIGHT_LM3533=m @@ -5717,7 +5747,7 @@ CONFIG_BACKLIGHT_GPIO=m CONFIG_BACKLIGHT_LV5207LP=m CONFIG_BACKLIGHT_BD6107=m CONFIG_BACKLIGHT_ARCXCNN=m -# CONFIG_VGASTATE is not set +CONFIG_BACKLIGHT_RAVE_SP=m CONFIG_HDMI=y # @@ -5735,8 +5765,8 @@ CONFIG_FRAMEBUFFER_CONSOLE_DETECT_PRIMARY=y CONFIG_FRAMEBUFFER_CONSOLE_ROTATION=y CONFIG_LOGO=y CONFIG_LOGO_LINUX_MONO=y -# CONFIG_LOGO_LINUX_VGA16 is not set -# CONFIG_LOGO_LINUX_CLUT224 is not set +CONFIG_LOGO_LINUX_VGA16=y +CONFIG_LOGO_LINUX_CLUT224=y CONFIG_SOUND=m CONFIG_SOUND_OSS_CORE=y CONFIG_SOUND_OSS_CORE_PRECLAIM=y @@ -5778,7 +5808,6 @@ CONFIG_SND_SEQ_VIRMIDI=m CONFIG_SND_MPU401_UART=m CONFIG_SND_OPL3_LIB=m CONFIG_SND_OPL3_LIB_SEQ=m -# CONFIG_SND_OPL4_LIB_SEQ is not set CONFIG_SND_VX_LIB=m CONFIG_SND_AC97_CODEC=m CONFIG_SND_DRIVERS=y @@ -5933,6 +5962,7 @@ CONFIG_SND_SOC_COMPRESS=y CONFIG_SND_SOC_TOPOLOGY=y CONFIG_SND_SOC_ACPI=m CONFIG_SND_SOC_AMD_ACP=m +CONFIG_SND_SOC_AMD_CZ_DA7219MX98357_MACH=m CONFIG_SND_SOC_AMD_CZ_RT5645_MACH=m CONFIG_SND_ATMEL_SOC=m CONFIG_SND_DESIGNWARE_I2S=m @@ -5967,9 +5997,9 @@ CONFIG_SND_SOC_INTEL_SST_ACPI=m CONFIG_SND_SOC_INTEL_SST=m CONFIG_SND_SOC_INTEL_SST_FIRMWARE=m CONFIG_SND_SOC_INTEL_HASWELL=m -CONFIG_SND_SOC_INTEL_BAYTRAIL=m -CONFIG_SND_SST_ATOM_HIFI2_PLATFORM_PCI=m CONFIG_SND_SST_ATOM_HIFI2_PLATFORM=m +CONFIG_SND_SST_ATOM_HIFI2_PLATFORM_PCI=m +CONFIG_SND_SST_ATOM_HIFI2_PLATFORM_ACPI=m CONFIG_SND_SOC_INTEL_SKYLAKE_SSP_CLK=m CONFIG_SND_SOC_INTEL_SKYLAKE=m CONFIG_SND_SOC_ACPI_INTEL_MATCH=m @@ -5977,13 +6007,12 @@ CONFIG_SND_SOC_INTEL_MACH=y CONFIG_SND_SOC_INTEL_HASWELL_MACH=m CONFIG_SND_SOC_INTEL_BDW_RT5677_MACH=m CONFIG_SND_SOC_INTEL_BROADWELL_MACH=m -CONFIG_SND_SOC_INTEL_BYT_MAX98090_MACH=m -CONFIG_SND_SOC_INTEL_BYT_RT5640_MACH=m CONFIG_SND_SOC_INTEL_BYTCR_RT5640_MACH=m CONFIG_SND_SOC_INTEL_BYTCR_RT5651_MACH=m CONFIG_SND_SOC_INTEL_CHT_BSW_RT5672_MACH=m CONFIG_SND_SOC_INTEL_CHT_BSW_RT5645_MACH=m CONFIG_SND_SOC_INTEL_CHT_BSW_MAX98090_TI_MACH=m +CONFIG_SND_SOC_INTEL_CHT_BSW_NAU8824_MACH=m CONFIG_SND_SOC_INTEL_BYT_CHT_DA7213_MACH=m CONFIG_SND_SOC_INTEL_BYT_CHT_ES8316_MACH=m CONFIG_SND_SOC_INTEL_BYT_CHT_NOCODEC_MACH=m @@ -5994,6 +6023,7 @@ CONFIG_SND_SOC_INTEL_BXT_DA7219_MAX98357A_MACH=m CONFIG_SND_SOC_INTEL_BXT_RT298_MACH=m CONFIG_SND_SOC_INTEL_KBL_RT5663_MAX98927_MACH=m CONFIG_SND_SOC_INTEL_KBL_RT5663_RT5514_MAX98927_MACH=m +CONFIG_SND_SOC_INTEL_KBL_DA7219_MAX98357A_MACH=m # # STMicroelectronics STM32 SOC audio support @@ -6014,11 +6044,14 @@ CONFIG_SND_SOC_ADAU1761_I2C=m CONFIG_SND_SOC_ADAU1761_SPI=m CONFIG_SND_SOC_ADAU7002=m CONFIG_SND_SOC_AK4104=m +CONFIG_SND_SOC_AK4458=m CONFIG_SND_SOC_AK4554=m CONFIG_SND_SOC_AK4613=m CONFIG_SND_SOC_AK4642=m CONFIG_SND_SOC_AK5386=m +CONFIG_SND_SOC_AK5558=m CONFIG_SND_SOC_ALC5623=m +CONFIG_SND_SOC_BD28623=m # CONFIG_SND_SOC_BT_SCO is not set CONFIG_SND_SOC_CS35L32=m CONFIG_SND_SOC_CS35L33=m @@ -6056,12 +6089,15 @@ CONFIG_SND_SOC_INNO_RK3036=m CONFIG_SND_SOC_MAX98090=m CONFIG_SND_SOC_MAX98357A=m CONFIG_SND_SOC_MAX98504=m +CONFIG_SND_SOC_MAX9867=m CONFIG_SND_SOC_MAX98927=m CONFIG_SND_SOC_MAX98373=m CONFIG_SND_SOC_MAX9860=m CONFIG_SND_SOC_MSM8916_WCD_ANALOG=m CONFIG_SND_SOC_MSM8916_WCD_DIGITAL=m CONFIG_SND_SOC_PCM1681=m +CONFIG_SND_SOC_PCM1789=m +CONFIG_SND_SOC_PCM1789_I2C=m CONFIG_SND_SOC_PCM179X=m CONFIG_SND_SOC_PCM179X_I2C=m CONFIG_SND_SOC_PCM179X_SPI=m @@ -6080,7 +6116,6 @@ CONFIG_SND_SOC_RT286=m CONFIG_SND_SOC_RT298=m CONFIG_SND_SOC_RT5514=m CONFIG_SND_SOC_RT5514_SPI=m -# CONFIG_SND_SOC_RT5514_SPI_BUILTIN is not set CONFIG_SND_SOC_RT5616=m CONFIG_SND_SOC_RT5631=m CONFIG_SND_SOC_RT5640=m @@ -6097,6 +6132,7 @@ CONFIG_SND_SOC_SIGMADSP_I2C=m CONFIG_SND_SOC_SIGMADSP_REGMAP=m CONFIG_SND_SOC_SIRF_AUDIO_CODEC=m CONFIG_SND_SOC_SPDIF=m +CONFIG_SND_SOC_SSM2305=m CONFIG_SND_SOC_SSM2602=m CONFIG_SND_SOC_SSM2602_SPI=m CONFIG_SND_SOC_SSM2602_I2C=m @@ -6109,6 +6145,7 @@ CONFIG_SND_SOC_TAS5086=m CONFIG_SND_SOC_TAS571X=m CONFIG_SND_SOC_TAS5720=m CONFIG_SND_SOC_TAS6424=m +CONFIG_SND_SOC_TDA7419=m CONFIG_SND_SOC_TFA9879=m CONFIG_SND_SOC_TLV320AIC23=m CONFIG_SND_SOC_TLV320AIC23_I2C=m @@ -6120,6 +6157,7 @@ CONFIG_SND_SOC_TLV320AIC32X4_SPI=m CONFIG_SND_SOC_TLV320AIC3X=m CONFIG_SND_SOC_TS3A227E=m CONFIG_SND_SOC_TSCS42XX=m +CONFIG_SND_SOC_TSCS454=m CONFIG_SND_SOC_WM8510=m CONFIG_SND_SOC_WM8523=m CONFIG_SND_SOC_WM8524=m @@ -6133,6 +6171,7 @@ CONFIG_SND_SOC_WM8750=m CONFIG_SND_SOC_WM8753=m CONFIG_SND_SOC_WM8770=m CONFIG_SND_SOC_WM8776=m +CONFIG_SND_SOC_WM8782=m CONFIG_SND_SOC_WM8804=m CONFIG_SND_SOC_WM8804_I2C=m CONFIG_SND_SOC_WM8804_SPI=m @@ -6143,6 +6182,8 @@ CONFIG_SND_SOC_WM8974=m CONFIG_SND_SOC_WM8978=m CONFIG_SND_SOC_WM8985=m CONFIG_SND_SOC_ZX_AUD96P22=m +CONFIG_SND_SOC_MAX9759=m +CONFIG_SND_SOC_MT6351=m CONFIG_SND_SOC_NAU8540=m CONFIG_SND_SOC_NAU8810=m CONFIG_SND_SOC_NAU8824=m @@ -6187,6 +6228,7 @@ CONFIG_HID_CYPRESS=m CONFIG_HID_DRAGONRISE=m CONFIG_DRAGONRISE_FF=y CONFIG_HID_EMS_FF=m +CONFIG_HID_ELAN=m CONFIG_HID_ELECOM=m CONFIG_HID_ELO=m CONFIG_HID_EZKEY=m @@ -6194,6 +6236,7 @@ CONFIG_HID_GEMBIRD=m CONFIG_HID_GFRM=m CONFIG_HID_HOLTEK=m CONFIG_HOLTEK_FF=y +CONFIG_HID_GOOGLE_HAMMER=m CONFIG_HID_GT683R=m CONFIG_HID_KEYTOUCH=m CONFIG_HID_KYE=m @@ -6217,6 +6260,7 @@ CONFIG_LOGIG940_FF=y CONFIG_LOGIWHEELS_FF=y CONFIG_HID_MAGICMOUSE=m CONFIG_HID_MAYFLASH=m +CONFIG_HID_REDRAGON=m CONFIG_HID_MICROSOFT=m CONFIG_HID_MONTEREY=m CONFIG_HID_MULTITOUCH=m @@ -6242,6 +6286,7 @@ CONFIG_HID_SAMSUNG=m CONFIG_HID_SONY=m CONFIG_SONY_FF=y CONFIG_HID_SPEEDLINK=m +CONFIG_HID_STEAM=m CONFIG_HID_STEELSERIES=m CONFIG_HID_SUNPLUS=m CONFIG_HID_RMI=m @@ -6320,7 +6365,6 @@ CONFIG_USB_EHCI_PCI=m CONFIG_USB_EHCI_HCD_PLATFORM=m CONFIG_USB_OXU210HP_HCD=m CONFIG_USB_ISP116X_HCD=m -CONFIG_USB_ISP1362_HCD=m CONFIG_USB_FOTG210_HCD=m CONFIG_USB_MAX3421_HCD=m CONFIG_USB_OHCI_HCD=m @@ -6422,7 +6466,6 @@ CONFIG_USB_CHIPIDEA=m CONFIG_USB_CHIPIDEA_PCI=m CONFIG_USB_CHIPIDEA_UDC=y CONFIG_USB_CHIPIDEA_HOST=y -# CONFIG_USB_CHIPIDEA_ULPI is not set CONFIG_USB_ISP1760=m CONFIG_USB_ISP1760_HCD=y CONFIG_USB_ISP1761_UDC=y @@ -6646,8 +6689,15 @@ CONFIG_TYPEC_FUSB302=m CONFIG_TYPEC_UCSI=m CONFIG_UCSI_ACPI=m CONFIG_TYPEC_TPS6598X=m + +# +# USB Type-C Multiplexer/DeMultiplexer Switch support +# +CONFIG_TYPEC_MUX_PI3USB30532=m +CONFIG_USB_ROLES_INTEL_XHCI=m CONFIG_USB_LED_TRIG=y CONFIG_USB_ULPI_BUS=m +CONFIG_USB_ROLE_SWITCH=m CONFIG_UWB=m CONFIG_UWB_HWA=m CONFIG_UWB_WHCI=m @@ -6714,6 +6764,7 @@ CONFIG_LEDS_AS3645A=m CONFIG_LEDS_LM3530=m CONFIG_LEDS_LM3533=m CONFIG_LEDS_LM3642=m +CONFIG_LEDS_LM3601X=m CONFIG_LEDS_MT6323=m CONFIG_LEDS_PCA9532=m CONFIG_LEDS_PCA9532_GPIO=y @@ -6748,6 +6799,7 @@ CONFIG_LEDS_MENF21BMC=m # CONFIG_LEDS_BLINKM=m CONFIG_LEDS_MLXCPLD=m +CONFIG_LEDS_MLXREG=m CONFIG_LEDS_USER=m CONFIG_LEDS_NIC78BX=m @@ -6778,7 +6830,7 @@ CONFIG_A11Y_BRAILLE_CONSOLE=y CONFIG_INFINIBAND=m CONFIG_INFINIBAND_USER_MAD=m CONFIG_INFINIBAND_USER_ACCESS=m -# CONFIG_INFINIBAND_EXP_USER_ACCESS is not set +# CONFIG_INFINIBAND_EXP_LEGACY_VERBS_NEW_UAPI is not set CONFIG_INFINIBAND_USER_MEM=y CONFIG_INFINIBAND_ON_DEMAND_PAGING=y CONFIG_INFINIBAND_ADDR_TRANS=y @@ -6788,7 +6840,6 @@ CONFIG_INFINIBAND_MTHCA_DEBUG=y CONFIG_INFINIBAND_QIB=m CONFIG_INFINIBAND_QIB_DCA=y CONFIG_INFINIBAND_CXGB3=m -# CONFIG_INFINIBAND_CXGB3_DEBUG is not set CONFIG_INFINIBAND_CXGB4=m CONFIG_INFINIBAND_I40IW=m CONFIG_MLX4_INFINIBAND=m @@ -6996,7 +7047,6 @@ CONFIG_SYNC_FILE=y # CONFIG_SW_SYNC is not set CONFIG_DCA=m CONFIG_AUXDISPLAY=y -CONFIG_CHARLCD=m CONFIG_HD44780=m CONFIG_KS0108=m CONFIG_KS0108_PORT=0x378 @@ -7008,6 +7058,7 @@ CONFIG_PANEL=m CONFIG_PANEL_PARPORT=0 CONFIG_PANEL_PROFILE=5 # CONFIG_PANEL_CHANGE_MESSAGE is not set +CONFIG_CHARLCD=m CONFIG_UIO=m CONFIG_UIO_CIF=m CONFIG_UIO_PDRV_GENIRQ=m @@ -7050,73 +7101,6 @@ CONFIG_HYPERV_TSCPAGE=y CONFIG_HYPERV_UTILS=m CONFIG_HYPERV_BALLOON=m CONFIG_STAGING=y -CONFIG_IRDA=m - -# -# IrDA protocols -# -CONFIG_IRLAN=m -CONFIG_IRNET=m -CONFIG_IRCOMM=m -CONFIG_IRDA_ULTRA=y - -# -# IrDA options -# -CONFIG_IRDA_CACHE_LAST_LSAP=y -CONFIG_IRDA_FAST_RR=y -# CONFIG_IRDA_DEBUG is not set - -# -# Infrared-port device drivers -# - -# -# SIR device drivers -# -CONFIG_IRTTY_SIR=m - -# -# Dongle support -# -CONFIG_DONGLE=y -CONFIG_ESI_DONGLE=m -CONFIG_ACTISYS_DONGLE=m -CONFIG_TEKRAM_DONGLE=m -CONFIG_TOIM3232_DONGLE=m -CONFIG_LITELINK_DONGLE=m -CONFIG_MA600_DONGLE=m -CONFIG_GIRBIL_DONGLE=m -CONFIG_MCP2120_DONGLE=m -CONFIG_OLD_BELKIN_DONGLE=m -CONFIG_ACT200L_DONGLE=m -CONFIG_KINGSUN_DONGLE=m -CONFIG_KSDAZZLE_DONGLE=m -CONFIG_KS959_DONGLE=m - -# -# FIR device drivers -# -CONFIG_USB_IRDA=m -CONFIG_SIGMATEL_FIR=m -CONFIG_NSC_FIR=m -CONFIG_WINBOND_FIR=m -CONFIG_SMC_IRCC_FIR=m -CONFIG_ALI_FIR=m -CONFIG_VLSI_FIR=m -CONFIG_VIA_FIR=m -CONFIG_MCS_FIR=m -CONFIG_IPX=m -CONFIG_IPX_INTERN=y -CONFIG_NCP_FS=m -CONFIG_NCPFS_PACKET_SIGNING=y -CONFIG_NCPFS_IOCTL_LOCKING=y -CONFIG_NCPFS_STRONG=y -CONFIG_NCPFS_NFS_NS=y -CONFIG_NCPFS_OS2_NS=y -CONFIG_NCPFS_SMALLDOS=y -CONFIG_NCPFS_NLS=y -CONFIG_NCPFS_EXTRAS=y CONFIG_PRISM2_USB=m CONFIG_COMEDI=m # CONFIG_COMEDI_DEBUG is not set @@ -7279,9 +7263,7 @@ CONFIG_VT6656=m # # Accelerometers # -CONFIG_ADIS16201=m CONFIG_ADIS16203=m -CONFIG_ADIS16209=m CONFIG_ADIS16240=m # @@ -7326,17 +7308,8 @@ CONFIG_ADIS16060=m CONFIG_AD5933=m # -# Light sensors -# -CONFIG_TSL2x7x=m - -# # Active energy metering IC # -CONFIG_ADE7753=m -CONFIG_ADE7754=m -CONFIG_ADE7758=m -CONFIG_ADE7759=m CONFIG_ADE7854=m CONFIG_ADE7854_I2C=m CONFIG_ADE7854_SPI=m @@ -7345,12 +7318,7 @@ CONFIG_ADE7854_SPI=m # Resolver to digital converters # CONFIG_AD2S90=m -CONFIG_AD2S1200=m CONFIG_AD2S1210=m - -# -# Triggers - standalone -# CONFIG_FB_SM750=m CONFIG_FB_XGI=m @@ -7370,19 +7338,17 @@ CONFIG_SPEAKUP_SYNTH_SPKOUT=m CONFIG_SPEAKUP_SYNTH_TXPRT=m # CONFIG_SPEAKUP_SYNTH_DUMMY is not set CONFIG_STAGING_MEDIA=y -CONFIG_INTEL_ATOMISP=y -CONFIG_VIDEO_ATOMISP=m -CONFIG_VIDEO_ATOMISP_OV5693=m -CONFIG_VIDEO_ATOMISP_OV2722=m -CONFIG_VIDEO_ATOMISP_GC2235=m -CONFIG_VIDEO_ATOMISP_OV8858=m -CONFIG_VIDEO_ATOMISP_MSRLIST_HELPER=m -CONFIG_VIDEO_ATOMISP_MT9M114=m -CONFIG_VIDEO_ATOMISP_GC0310=m -CONFIG_VIDEO_ATOMISP_OV2680=m -CONFIG_VIDEO_ATOMISP_LM3554=m CONFIG_I2C_BCM2048=m -CONFIG_DVB_CXD2099=m +CONFIG_SOC_CAMERA_IMX074=m +CONFIG_SOC_CAMERA_MT9T031=m +CONFIG_VIDEO_ZORAN=m +CONFIG_VIDEO_ZORAN_DC30=m +CONFIG_VIDEO_ZORAN_ZR36060=m +CONFIG_VIDEO_ZORAN_BUZ=m +CONFIG_VIDEO_ZORAN_DC10=m +CONFIG_VIDEO_ZORAN_LML33=m +CONFIG_VIDEO_ZORAN_LML33R10=m +CONFIG_VIDEO_ZORAN_AVS6EYES=m # # Android @@ -7393,12 +7359,6 @@ CONFIG_FWTTY_MAX_TOTAL_PORTS=64 CONFIG_FWTTY_MAX_CARD_PORTS=32 CONFIG_MTD_SPINAND_MT29F=m CONFIG_MTD_SPINAND_ONDIEECC=y -CONFIG_LNET=m -CONFIG_LNET_MAX_PAYLOAD=1048576 -# CONFIG_LNET_SELFTEST is not set -CONFIG_LNET_XPRT_IB=m -CONFIG_LUSTRE_FS=m -# CONFIG_LUSTRE_DEBUG_EXPENSIVE_CHECK is not set CONFIG_DGNC=m CONFIG_GS_FPGABOOT=m CONFIG_CRYPTO_SKEIN=m @@ -7446,7 +7406,6 @@ CONFIG_MOST_CDEV=m CONFIG_MOST_NET=m CONFIG_MOST_SOUND=m CONFIG_MOST_VIDEO=m -CONFIG_MOST_DIM2=m CONFIG_MOST_I2C=m CONFIG_MOST_USB=m CONFIG_KS7010=m @@ -7475,8 +7434,12 @@ CONFIG_GREYBUS_USB=m # USB Power Delivery and Type-C drivers # CONFIG_TYPEC_TCPCI=m -CONFIG_DRM_VBOXVIDEO=m +CONFIG_TYPEC_RT1711H=m +# CONFIG_DRM_VBOXVIDEO is not set CONFIG_PI433=m +CONFIG_MTK_MMC=m +# CONFIG_MTK_AEE_KDUMP is not set +# CONFIG_MTK_MMC_CD_POLL is not set CONFIG_X86_PLATFORM_DEVICES=y CONFIG_ACER_WMI=m CONFIG_ACER_WIRELESS=m @@ -7560,6 +7523,7 @@ CONFIG_PMC_ATOM=y CONFIG_CHROME_PLATFORMS=y CONFIG_CHROMEOS_LAPTOP=m CONFIG_CHROMEOS_PSTORE=m +CONFIG_CHROMEOS_TBMC=m CONFIG_CROS_EC_LPC=m CONFIG_CROS_EC_LPC_MEC=y CONFIG_CROS_EC_PROTO=y @@ -7575,12 +7539,10 @@ CONFIG_COMMON_CLK=y # CONFIG_COMMON_CLK_WM831X=m CONFIG_COMMON_CLK_SI5351=m +CONFIG_COMMON_CLK_SI544=m CONFIG_COMMON_CLK_CDCE706=m CONFIG_COMMON_CLK_CS2000_CP=m -# CONFIG_COMMON_CLK_NXP is not set CONFIG_COMMON_CLK_PWM=m -# CONFIG_COMMON_CLK_PXA is not set -# CONFIG_COMMON_CLK_PIC32 is not set CONFIG_HWSPINLOCK=y # @@ -7589,11 +7551,6 @@ CONFIG_HWSPINLOCK=y CONFIG_CLKEVT_I8253=y CONFIG_I8253_LOCK=y CONFIG_CLKBLD_I8253=y -# CONFIG_ATMEL_PIT is not set -# CONFIG_SH_TIMER_CMT is not set -# CONFIG_SH_TIMER_MTU2 is not set -# CONFIG_SH_TIMER_TMU is not set -# CONFIG_EM_TIMER_STI is not set CONFIG_MAILBOX=y CONFIG_PCC=y CONFIG_ALTERA_MBOX=m @@ -7654,7 +7611,6 @@ CONFIG_SOUNDWIRE_INTEL=m # # Qualcomm SoC drivers # -# CONFIG_SUNXI_SRAM is not set CONFIG_SOC_TI=y # @@ -7710,6 +7666,8 @@ CONFIG_IIO_TRIGGERED_EVENT=m # # Accelerometers # +CONFIG_ADIS16201=m +CONFIG_ADIS16209=m CONFIG_BMA180=m CONFIG_BMA220=m CONFIG_BMC150_ACCEL=m @@ -7794,6 +7752,10 @@ CONFIG_TI_TLC4541=m CONFIG_VIPERBOARD_ADC=m # +# Analog Front Ends +# + +# # Amplifiers # CONFIG_AD8366=m @@ -7844,6 +7806,8 @@ CONFIG_AD5504=m CONFIG_AD5624R_SPI=m CONFIG_LTC2632=m CONFIG_AD5686=m +CONFIG_AD5686_SPI=m +CONFIG_AD5696_I2C=m CONFIG_AD5755=m CONFIG_AD5761=m CONFIG_AD5764=m @@ -7856,6 +7820,7 @@ CONFIG_MAX517=m CONFIG_MCP4725=m CONFIG_MCP4922=m CONFIG_TI_DAC082S085=m +CONFIG_TI_DAC5571=m # # IIO dummy driver @@ -7964,6 +7929,7 @@ CONFIG_JSA1212=m CONFIG_RPR0521=m CONFIG_SENSORS_LM3533=m CONFIG_LTR501=m +CONFIG_LV0104CS=m CONFIG_MAX44000=m CONFIG_OPT3001=m CONFIG_PA12203001=m @@ -7976,6 +7942,7 @@ CONFIG_TCS3414=m CONFIG_TCS3472=m CONFIG_SENSORS_TSL2563=m CONFIG_TSL2583=m +CONFIG_TSL2772=m CONFIG_TSL4531=m CONFIG_US5182D=m CONFIG_VCNL4000=m @@ -8022,9 +7989,11 @@ CONFIG_IIO_SYSFS_TRIGGER=m # # Digital potentiometers # +CONFIG_AD5272=m CONFIG_DS1803=m CONFIG_MAX5481=m CONFIG_MAX5487=m +CONFIG_MCP4018=m CONFIG_MCP4131=m CONFIG_MCP4531=m CONFIG_TPL0102=m @@ -8076,11 +8045,17 @@ CONFIG_SX9500=m CONFIG_SRF08=m # +# Resolver to digital converters +# +CONFIG_AD2S1200=m + +# # Temperature sensors # CONFIG_MAXIM_THERMOCOUPLE=m CONFIG_HID_SENSOR_TEMP=m CONFIG_MLX90614=m +CONFIG_MLX90632=m CONFIG_TMP006=m CONFIG_TMP007=m CONFIG_TSYS01=m @@ -8125,24 +8100,11 @@ CONFIG_PWM_PCA9685=m # IRQ chip support # CONFIG_ARM_GIC_MAX_NR=1 -# CONFIG_ARM_GIC_V3_ITS is not set CONFIG_IPACK_BUS=m CONFIG_BOARD_TPCI200=m CONFIG_SERIAL_IPOCTAL=m CONFIG_RESET_CONTROLLER=y -# CONFIG_RESET_ATH79 is not set -# CONFIG_RESET_AXS10X is not set -# CONFIG_RESET_BERLIN is not set -# CONFIG_RESET_IMX7 is not set -# CONFIG_RESET_LANTIQ is not set -# CONFIG_RESET_LPC18XX is not set -# CONFIG_RESET_MESON is not set -# CONFIG_RESET_PISTACHIO is not set -# CONFIG_RESET_SIMPLE is not set -# CONFIG_RESET_SUNXI is not set CONFIG_RESET_TI_SYSCON=m -# CONFIG_RESET_ZYNQ is not set -# CONFIG_RESET_TEGRA_BPMP is not set CONFIG_FMC=m CONFIG_FMC_FAKEDEV=m CONFIG_FMC_TRIVIAL=m @@ -8160,9 +8122,6 @@ CONFIG_PHY_CPCAP_USB=m CONFIG_PHY_QCOM_USB_HS=m CONFIG_PHY_QCOM_USB_HSIC=m CONFIG_PHY_SAMSUNG_USB2=m -# CONFIG_PHY_EXYNOS4210_USB2 is not set -# CONFIG_PHY_EXYNOS4X12_USB2 is not set -# CONFIG_PHY_EXYNOS5250_USB2 is not set CONFIG_PHY_TUSB1210=m CONFIG_POWERCAP=y CONFIG_INTEL_RAPL=m @@ -8187,9 +8146,15 @@ CONFIG_ND_BLK=m CONFIG_ND_CLAIM=y CONFIG_ND_BTT=m CONFIG_BTT=y +CONFIG_DAX_DRIVER=y CONFIG_DAX=y CONFIG_DEV_DAX=m CONFIG_NVMEM=y +CONFIG_RAVE_SP_EEPROM=m + +# +# HW tracing support +# CONFIG_STM=m # CONFIG_STM_DUMMY is not set CONFIG_STM_SOURCE_CONSOLE=m @@ -8197,6 +8162,7 @@ CONFIG_STM_SOURCE_HEARTBEAT=m # CONFIG_STM_SOURCE_FTRACE is not set CONFIG_INTEL_TH=m CONFIG_INTEL_TH_PCI=m +CONFIG_INTEL_TH_ACPI=m CONFIG_INTEL_TH_GTH=m CONFIG_INTEL_TH_STH=m CONFIG_INTEL_TH_MSU=m @@ -8207,13 +8173,10 @@ CONFIG_ALTERA_PR_IP_CORE=m CONFIG_FPGA_MGR_ALTERA_PS_SPI=m CONFIG_FPGA_MGR_ALTERA_CVP=m CONFIG_FPGA_MGR_XILINX_SPI=m +CONFIG_FPGA_MGR_MACHXO2_SPI=m CONFIG_FPGA_BRIDGE=m CONFIG_XILINX_PR_DECOUPLER=m CONFIG_FPGA_REGION=m -CONFIG_FSI=m -CONFIG_FSI_MASTER_GPIO=m -CONFIG_FSI_MASTER_HUB=m -CONFIG_FSI_SCOM=m CONFIG_PM_OPP=y # CONFIG_UNISYS_VISORBUS is not set CONFIG_SIOX=m @@ -8242,6 +8205,7 @@ CONFIG_GOOGLE_COREBOOT_TABLE=m CONFIG_GOOGLE_COREBOOT_TABLE_ACPI=m CONFIG_GOOGLE_MEMCONSOLE=m CONFIG_GOOGLE_MEMCONSOLE_X86_LEGACY=m +CONFIG_GOOGLE_FRAMEBUFFER_COREBOOT=m CONFIG_GOOGLE_MEMCONSOLE_COREBOOT=m CONFIG_GOOGLE_VPD=m @@ -8261,6 +8225,7 @@ CONFIG_EFI_TEST=m CONFIG_APPLE_PROPERTIES=y CONFIG_RESET_ATTACK_MITIGATION=y CONFIG_UEFI_CPER=y +CONFIG_UEFI_CPER_X86=y CONFIG_EFI_DEV_PATH_PARSER=y # @@ -8304,6 +8269,7 @@ CONFIG_XFS_QUOTA=y CONFIG_XFS_POSIX_ACL=y CONFIG_XFS_RT=y CONFIG_XFS_ONLINE_SCRUB=y +# CONFIG_XFS_ONLINE_REPAIR is not set # CONFIG_XFS_WARN is not set # CONFIG_XFS_DEBUG is not set CONFIG_GFS2_FS=m @@ -8342,6 +8308,7 @@ CONFIG_FSNOTIFY=y CONFIG_DNOTIFY=y CONFIG_INOTIFY_USER=y CONFIG_FANOTIFY=y +# CONFIG_FANOTIFY_ACCESS_PERMISSIONS is not set CONFIG_QUOTA=y CONFIG_QUOTA_NETLINK_INTERFACE=y # CONFIG_PRINT_QUOTA_WARNING is not set @@ -8352,6 +8319,7 @@ CONFIG_QFMT_V2=m CONFIG_QUOTACTL=y CONFIG_QUOTACTL_COMPAT=y CONFIG_AUTOFS4_FS=m +CONFIG_AUTOFS_FS=m CONFIG_FUSE_FS=m CONFIG_CUSE=m CONFIG_OVERLAY_FS=m @@ -8359,6 +8327,7 @@ CONFIG_OVERLAY_FS=m CONFIG_OVERLAY_FS_REDIRECT_ALWAYS_FOLLOW=y CONFIG_OVERLAY_FS_INDEX=y CONFIG_OVERLAY_FS_NFS_EXPORT=y +# CONFIG_OVERLAY_FS_XINO_AUTO is not set # # Caches @@ -8379,7 +8348,6 @@ CONFIG_ISO9660_FS=m CONFIG_JOLIET=y CONFIG_ZISOFS=y CONFIG_UDF_FS=m -CONFIG_UDF_NLS=y # # DOS/FAT/NT Filesystems @@ -8409,8 +8377,9 @@ CONFIG_TMPFS_POSIX_ACL=y CONFIG_TMPFS_XATTR=y CONFIG_HUGETLBFS=y CONFIG_HUGETLB_PAGE=y +CONFIG_MEMFD_CREATE=y CONFIG_ARCH_HAS_GIGANTIC_PAGE=y -CONFIG_CONFIGFS_FS=m +CONFIG_CONFIGFS_FS=y CONFIG_EFIVAR_FS=m CONFIG_MISC_FILESYSTEMS=y CONFIG_ORANGEFS_FS=m @@ -8482,9 +8451,17 @@ CONFIG_ROMFS_BACKED_BY_BOTH=y CONFIG_ROMFS_ON_BLOCK=y CONFIG_ROMFS_ON_MTD=y CONFIG_PSTORE=y -# CONFIG_PSTORE_ZLIB_COMPRESS is not set +CONFIG_PSTORE_DEFLATE_COMPRESS=y CONFIG_PSTORE_LZO_COMPRESS=y # CONFIG_PSTORE_LZ4_COMPRESS is not set +CONFIG_PSTORE_LZ4HC_COMPRESS=m +CONFIG_PSTORE_842_COMPRESS=y +CONFIG_PSTORE_COMPRESS=y +CONFIG_PSTORE_DEFLATE_COMPRESS_DEFAULT=y +# CONFIG_PSTORE_LZO_COMPRESS_DEFAULT is not set +# CONFIG_PSTORE_LZ4HC_COMPRESS_DEFAULT is not set +# CONFIG_PSTORE_842_COMPRESS_DEFAULT is not set +CONFIG_PSTORE_COMPRESS_DEFAULT="deflate" # CONFIG_PSTORE_CONSOLE is not set CONFIG_PSTORE_PMSG=y # CONFIG_PSTORE_FTRACE is not set @@ -8510,6 +8487,7 @@ CONFIG_PNFS_BLOCK=m CONFIG_PNFS_FLEXFILE_LAYOUT=m CONFIG_NFS_V4_1_IMPLEMENTATION_ID_DOMAIN="kernel.org" CONFIG_NFS_V4_1_MIGRATION=y +CONFIG_NFS_V4_SECURITY_LABEL=y CONFIG_NFS_FSCACHE=y # CONFIG_NFS_USE_LEGACY_DNS is not set CONFIG_NFS_USE_KERNEL_DNS=y @@ -8522,6 +8500,7 @@ CONFIG_NFSD_PNFS=y CONFIG_NFSD_BLOCKLAYOUT=y CONFIG_NFSD_SCSILAYOUT=y CONFIG_NFSD_FLEXFILELAYOUT=y +# CONFIG_NFSD_V4_SECURITY_LABEL is not set # CONFIG_NFSD_FAULT_INJECTION is not set CONFIG_GRACE_PERIOD=m CONFIG_LOCKD=m @@ -8622,8 +8601,8 @@ CONFIG_TRACE_IRQFLAGS_SUPPORT=y # printk and dmesg options # # CONFIG_PRINTK_TIME is not set -CONFIG_CONSOLE_LOGLEVEL_DEFAULT=4 -CONFIG_MESSAGE_LOGLEVEL_DEFAULT=4 +CONFIG_CONSOLE_LOGLEVEL_DEFAULT=1 +CONFIG_MESSAGE_LOGLEVEL_DEFAULT=1 # CONFIG_BOOT_PRINTK_DELAY is not set # CONFIG_DYNAMIC_DEBUG is not set @@ -8646,7 +8625,7 @@ CONFIG_STACK_VALIDATION=y # CONFIG_DEBUG_FORCE_WEAK_PER_CPU is not set CONFIG_MAGIC_SYSRQ=y CONFIG_MAGIC_SYSRQ_DEFAULT_ENABLE=0x1 -# CONFIG_MAGIC_SYSRQ_SERIAL is not set +CONFIG_MAGIC_SYSRQ_SERIAL=y CONFIG_DEBUG_KERNEL=y # @@ -8658,7 +8637,7 @@ CONFIG_DEBUG_KERNEL=y # CONFIG_DEBUG_PAGE_REF is not set # CONFIG_DEBUG_RODATA_TEST is not set # CONFIG_DEBUG_OBJECTS is not set -# CONFIG_SLUB_DEBUG_ON is not set +CONFIG_SLUB_DEBUG_ON=y # CONFIG_SLUB_STATS is not set CONFIG_HAVE_DEBUG_KMEMLEAK=y # CONFIG_DEBUG_KMEMLEAK is not set @@ -8673,6 +8652,7 @@ CONFIG_HAVE_DEBUG_STACKOVERFLOW=y CONFIG_HAVE_ARCH_KASAN=y # CONFIG_KASAN is not set CONFIG_ARCH_HAS_KCOV=y +CONFIG_CC_HAS_SANCOV_TRACE_PC=y # CONFIG_KCOV is not set # CONFIG_DEBUG_SHIRQ is not set @@ -8690,20 +8670,22 @@ CONFIG_PANIC_TIMEOUT=0 CONFIG_SCHED_DEBUG=y CONFIG_SCHED_INFO=y CONFIG_SCHEDSTATS=y -# CONFIG_SCHED_STACK_END_CHECK is not set +CONFIG_SCHED_STACK_END_CHECK=y # CONFIG_DEBUG_TIMEKEEPING is not set # CONFIG_DEBUG_PREEMPT is not set # # Lock Debugging (spinlocks, mutexes, etc...) # +CONFIG_LOCK_DEBUGGING_SUPPORT=y +# CONFIG_PROVE_LOCKING is not set +# CONFIG_LOCK_STAT is not set # CONFIG_DEBUG_RT_MUTEXES is not set # CONFIG_DEBUG_SPINLOCK is not set # CONFIG_DEBUG_MUTEXES is not set # CONFIG_DEBUG_WW_MUTEX_SLOWPATH is not set +# CONFIG_DEBUG_RWSEMS is not set # CONFIG_DEBUG_LOCK_ALLOC is not set -# CONFIG_PROVE_LOCKING is not set -# CONFIG_LOCK_STAT is not set # CONFIG_DEBUG_ATOMIC_SLEEP is not set # CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set # CONFIG_LOCK_TORTURE_TEST is not set @@ -8712,16 +8694,15 @@ CONFIG_STACKTRACE=y # CONFIG_WARN_ALL_UNSEEDED_RANDOM is not set # CONFIG_DEBUG_KOBJECT is not set CONFIG_DEBUG_BUGVERBOSE=y -# CONFIG_DEBUG_LIST is not set -# CONFIG_DEBUG_PI_LIST is not set -# CONFIG_DEBUG_SG is not set -# CONFIG_DEBUG_NOTIFIERS is not set -# CONFIG_DEBUG_CREDENTIALS is not set +CONFIG_DEBUG_LIST=y +CONFIG_DEBUG_PI_LIST=y +CONFIG_DEBUG_SG=y +CONFIG_DEBUG_NOTIFIERS=y +CONFIG_DEBUG_CREDENTIALS=y # # RCU Debugging # -# CONFIG_PROVE_RCU is not set CONFIG_TORTURE_TEST=m CONFIG_RCU_PERF_TEST=m # CONFIG_RCU_TORTURE_TEST is not set @@ -8732,6 +8713,7 @@ CONFIG_RCU_CPU_STALL_TIMEOUT=60 # CONFIG_DEBUG_BLOCK_EXT_DEVT is not set # CONFIG_CPU_HOTPLUG_STATE_CONTROL is not set # CONFIG_NOTIFIER_ERROR_INJECTION is not set +CONFIG_FUNCTION_ERROR_INJECTION=y # CONFIG_FAULT_INJECTION is not set CONFIG_LATENCYTOP=y CONFIG_USER_STACKTRACE_SUPPORT=y @@ -8765,11 +8747,14 @@ CONFIG_BRANCH_PROFILE_NONE=y # CONFIG_PROFILE_ANNOTATED_BRANCHES is not set CONFIG_STACK_TRACER=y CONFIG_BLK_DEV_IO_TRACE=y +CONFIG_KPROBE_EVENTS=y # CONFIG_UPROBE_EVENTS is not set -# CONFIG_PROBE_EVENTS is not set +CONFIG_BPF_EVENTS=y +CONFIG_PROBE_EVENTS=y CONFIG_DYNAMIC_FTRACE=y CONFIG_DYNAMIC_FTRACE_WITH_REGS=y CONFIG_FUNCTION_PROFILER=y +# CONFIG_BPF_KPROBE_OVERRIDE is not set CONFIG_FTRACE_MCOUNT_RECORD=y # CONFIG_FTRACE_STARTUP_TEST is not set # CONFIG_MMIOTRACE is not set @@ -8781,32 +8766,61 @@ CONFIG_FTRACE_MCOUNT_RECORD=y CONFIG_TRACING_EVENTS_GPIO=y # CONFIG_PROVIDE_OHCI1394_DMA_INIT is not set # CONFIG_DMA_API_DEBUG is not set -# CONFIG_RUNTIME_TESTING_MENU is not set +CONFIG_RUNTIME_TESTING_MENU=y +CONFIG_LKDTM=m +# CONFIG_TEST_LIST_SORT is not set +# CONFIG_TEST_SORT is not set +# CONFIG_KPROBES_SANITY_TEST is not set +# CONFIG_BACKTRACE_SELF_TEST is not set +# CONFIG_RBTREE_TEST is not set +# CONFIG_INTERVAL_TREE_TEST is not set +# CONFIG_PERCPU_TEST is not set +# CONFIG_ATOMIC64_SELFTEST is not set +# CONFIG_ASYNC_RAID6_TEST is not set +# CONFIG_TEST_HEXDUMP is not set +# CONFIG_TEST_STRING_HELPERS is not set +# CONFIG_TEST_KSTRTOX is not set +# CONFIG_TEST_PRINTF is not set +# CONFIG_TEST_BITMAP is not set +# CONFIG_TEST_UUID is not set +# CONFIG_TEST_OVERFLOW is not set +# CONFIG_TEST_RHASHTABLE is not set +# CONFIG_TEST_HASH is not set +# CONFIG_TEST_PARMAN is not set +# CONFIG_TEST_LKM is not set +# CONFIG_TEST_USER_COPY is not set +# CONFIG_TEST_BPF is not set +# CONFIG_FIND_BIT_BENCHMARK is not set +# CONFIG_TEST_FIRMWARE is not set +# CONFIG_TEST_SYSCTL is not set +# CONFIG_TEST_UDELAY is not set +# CONFIG_TEST_STATIC_KEYS is not set +# CONFIG_TEST_KMOD is not set CONFIG_MEMTEST=y # CONFIG_BUG_ON_DATA_CORRUPTION is not set # CONFIG_SAMPLES is not set CONFIG_HAVE_ARCH_KGDB=y # CONFIG_KGDB is not set CONFIG_ARCH_HAS_UBSAN_SANITIZE_ALL=y -# CONFIG_ARCH_WANTS_UBSAN_NO_NULL is not set # CONFIG_UBSAN is not set CONFIG_ARCH_HAS_DEVMEM_IS_ALLOWED=y CONFIG_STRICT_DEVMEM=y -# CONFIG_IO_STRICT_DEVMEM is not set +CONFIG_IO_STRICT_DEVMEM=y CONFIG_EARLY_PRINTK_USB=y CONFIG_X86_VERBOSE_BOOTUP=y CONFIG_EARLY_PRINTK=y CONFIG_EARLY_PRINTK_DBGP=y CONFIG_EARLY_PRINTK_EFI=y CONFIG_EARLY_PRINTK_USB_XDBC=y -# CONFIG_X86_PTDUMP_CORE is not set +CONFIG_X86_PTDUMP_CORE=y # CONFIG_X86_PTDUMP is not set # CONFIG_EFI_PGT_DUMP is not set -# CONFIG_DEBUG_WX is not set +CONFIG_DEBUG_WX=y CONFIG_DOUBLEFAULT=y # CONFIG_DEBUG_TLBFLUSH is not set # CONFIG_IOMMU_DEBUG is not set CONFIG_HAVE_MMIOTRACE_SUPPORT=y +# CONFIG_X86_DECODER_SELFTEST is not set CONFIG_IO_DELAY_TYPE_0X80=0 CONFIG_IO_DELAY_TYPE_0XED=1 CONFIG_IO_DELAY_TYPE_UDELAY=2 @@ -8838,9 +8852,14 @@ CONFIG_ENCRYPTED_KEYS=m # CONFIG_KEY_DH_OPERATIONS is not set CONFIG_SECURITY_DMESG_RESTRICT=y CONFIG_SECURITY_PERF_EVENTS_RESTRICT=y -# CONFIG_SECURITY is not set +CONFIG_SECURITY_TIOCSTI_RESTRICT=y +CONFIG_SECURITY=y CONFIG_SECURITYFS=y +CONFIG_SECURITY_NETWORK=y CONFIG_PAGE_TABLE_ISOLATION=y +# CONFIG_SECURITY_INFINIBAND is not set +# CONFIG_SECURITY_NETWORK_XFRM is not set +CONFIG_SECURITY_PATH=y CONFIG_INTEL_TXT=y CONFIG_HAVE_HARDENED_USERCOPY_ALLOCATOR=y CONFIG_HARDENED_USERCOPY=y @@ -8849,8 +8868,20 @@ CONFIG_FORTIFY_SOURCE=y CONFIG_PAGE_SANITIZE=y CONFIG_PAGE_SANITIZE_VERIFY=y # CONFIG_STATIC_USERMODEHELPER is not set -CONFIG_DEFAULT_SECURITY_DAC=y -CONFIG_DEFAULT_SECURITY="" +# CONFIG_SECURITY_SELINUX is not set +# CONFIG_SECURITY_SMACK is not set +# CONFIG_SECURITY_TOMOYO is not set +CONFIG_SECURITY_APPARMOR=y +CONFIG_SECURITY_APPARMOR_BOOTPARAM_VALUE=1 +CONFIG_SECURITY_APPARMOR_HASH=y +CONFIG_SECURITY_APPARMOR_HASH_DEFAULT=y +# CONFIG_SECURITY_APPARMOR_DEBUG is not set +# CONFIG_SECURITY_LOADPIN is not set +CONFIG_SECURITY_YAMA=y +# CONFIG_INTEGRITY is not set +CONFIG_DEFAULT_SECURITY_APPARMOR=y +# CONFIG_DEFAULT_SECURITY_DAC is not set +CONFIG_DEFAULT_SECURITY="apparmor" CONFIG_XOR_BLOCKS=m CONFIG_ASYNC_CORE=m CONFIG_ASYNC_MEMCPY=m @@ -8894,7 +8925,6 @@ CONFIG_CRYPTO_CRYPTD=m CONFIG_CRYPTO_MCRYPTD=m CONFIG_CRYPTO_AUTHENC=m CONFIG_CRYPTO_TEST=m -CONFIG_CRYPTO_ABLK_HELPER=m CONFIG_CRYPTO_SIMD=m CONFIG_CRYPTO_GLUE_HELPER_X86=m CONFIG_CRYPTO_ENGINE=m @@ -8905,6 +8935,19 @@ CONFIG_CRYPTO_ENGINE=m CONFIG_CRYPTO_CCM=m CONFIG_CRYPTO_GCM=m CONFIG_CRYPTO_CHACHA20POLY1305=m +CONFIG_CRYPTO_AEGIS128=m +CONFIG_CRYPTO_AEGIS128L=m +CONFIG_CRYPTO_AEGIS256=m +CONFIG_CRYPTO_AEGIS128_AESNI_SSE2=m +CONFIG_CRYPTO_AEGIS128L_AESNI_SSE2=m +CONFIG_CRYPTO_AEGIS256_AESNI_SSE2=m +CONFIG_CRYPTO_MORUS640=m +CONFIG_CRYPTO_MORUS640_GLUE=m +CONFIG_CRYPTO_MORUS640_SSE2=m +CONFIG_CRYPTO_MORUS1280=m +CONFIG_CRYPTO_MORUS1280_GLUE=m +CONFIG_CRYPTO_MORUS1280_SSE2=m +CONFIG_CRYPTO_MORUS1280_AVX2=m CONFIG_CRYPTO_SEQIV=m CONFIG_CRYPTO_ECHAINIV=m @@ -8912,6 +8955,7 @@ CONFIG_CRYPTO_ECHAINIV=m # Block modes # CONFIG_CRYPTO_CBC=m +CONFIG_CRYPTO_CFB=m CONFIG_CRYPTO_CTR=m CONFIG_CRYPTO_CTS=m CONFIG_CRYPTO_ECB=y @@ -8947,7 +8991,7 @@ CONFIG_CRYPTO_RMD128=m CONFIG_CRYPTO_RMD160=m CONFIG_CRYPTO_RMD256=m CONFIG_CRYPTO_RMD320=m -CONFIG_CRYPTO_SHA1=m +CONFIG_CRYPTO_SHA1=y CONFIG_CRYPTO_SHA1_SSSE3=m CONFIG_CRYPTO_SHA256_SSSE3=m CONFIG_CRYPTO_SHA512_SSSE3=m @@ -8955,7 +8999,7 @@ CONFIG_CRYPTO_SHA1_MB=m CONFIG_CRYPTO_SHA256_MB=m CONFIG_CRYPTO_SHA512_MB=m CONFIG_CRYPTO_SHA256=m -CONFIG_CRYPTO_SHA512=m +CONFIG_CRYPTO_SHA512=y CONFIG_CRYPTO_SHA3=m CONFIG_CRYPTO_SM3=m CONFIG_CRYPTO_TGR192=m @@ -8988,7 +9032,6 @@ CONFIG_CRYPTO_DES3_EDE_X86_64=m CONFIG_CRYPTO_FCRYPT=m CONFIG_CRYPTO_KHAZAD=m CONFIG_CRYPTO_SALSA20=m -CONFIG_CRYPTO_SALSA20_X86_64=m CONFIG_CRYPTO_CHACHA20=m CONFIG_CRYPTO_CHACHA20_X86_64=m CONFIG_CRYPTO_SEED=m @@ -8996,6 +9039,8 @@ CONFIG_CRYPTO_SERPENT=m CONFIG_CRYPTO_SERPENT_SSE2_X86_64=m CONFIG_CRYPTO_SERPENT_AVX_X86_64=m CONFIG_CRYPTO_SERPENT_AVX2_X86_64=m +CONFIG_CRYPTO_SM4=m +CONFIG_CRYPTO_SPECK=m CONFIG_CRYPTO_TEA=m CONFIG_CRYPTO_TWOFISH=m CONFIG_CRYPTO_TWOFISH_COMMON=m @@ -9006,11 +9051,12 @@ CONFIG_CRYPTO_TWOFISH_AVX_X86_64=m # # Compression # -CONFIG_CRYPTO_DEFLATE=m +CONFIG_CRYPTO_DEFLATE=y CONFIG_CRYPTO_LZO=y -CONFIG_CRYPTO_842=m -CONFIG_CRYPTO_LZ4=m -CONFIG_CRYPTO_LZ4HC=m +CONFIG_CRYPTO_842=y +CONFIG_CRYPTO_LZ4=y +CONFIG_CRYPTO_LZ4HC=y +CONFIG_CRYPTO_ZSTD=y # # Random Number Generation @@ -9032,7 +9078,6 @@ CONFIG_CRYPTO_HW=y CONFIG_CRYPTO_DEV_PADLOCK=m CONFIG_CRYPTO_DEV_PADLOCK_AES=m CONFIG_CRYPTO_DEV_PADLOCK_SHA=m -# CONFIG_CRYPTO_DEV_FSL_CAAM_CRYPTO_API_DESC is not set CONFIG_CRYPTO_DEV_CCP=y CONFIG_CRYPTO_DEV_CCP_DD=m CONFIG_CRYPTO_DEV_SP_CCP=y @@ -9049,6 +9094,7 @@ CONFIG_CRYPTO_DEV_NITROX=m CONFIG_CRYPTO_DEV_NITROX_CNN55XX=m CONFIG_CRYPTO_DEV_CHELSIO=m CONFIG_CHELSIO_IPSEC_INLINE=y +CONFIG_CRYPTO_DEV_CHELSIO_TLS=m CONFIG_CRYPTO_DEV_VIRTIO=m CONFIG_ASYMMETRIC_KEY_TYPE=y CONFIG_ASYMMETRIC_PUBLIC_KEY_SUBTYPE=y @@ -9060,6 +9106,7 @@ CONFIG_SIGNED_PE_FILE_VERIFICATION=y # # Certificates for signature checking # +CONFIG_MODULE_SIG_KEY="certs/signing_key.pem" CONFIG_SYSTEM_TRUSTED_KEYRING=y CONFIG_SYSTEM_TRUSTED_KEYS="" # CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set @@ -9097,7 +9144,6 @@ CONFIG_BINARY_PRINTF=y # CONFIG_RAID6_PQ=m CONFIG_BITREVERSE=y -# CONFIG_HAVE_ARCH_BITREVERSE is not set CONFIG_RATIONAL=y CONFIG_GENERIC_STRNCPY_FROM_USER=y CONFIG_GENERIC_STRNLEN_USER=y @@ -9121,20 +9167,19 @@ CONFIG_CRC4=m CONFIG_CRC7=m CONFIG_LIBCRC32C=m CONFIG_CRC8=m -CONFIG_XXHASH=m -# CONFIG_AUDIT_ARCH_COMPAT_GENERIC is not set +CONFIG_XXHASH=y # CONFIG_RANDOM32_SELFTEST is not set -CONFIG_842_COMPRESS=m -CONFIG_842_DECOMPRESS=m +CONFIG_842_COMPRESS=y +CONFIG_842_DECOMPRESS=y CONFIG_ZLIB_INFLATE=y CONFIG_ZLIB_DEFLATE=y CONFIG_LZO_COMPRESS=y CONFIG_LZO_DECOMPRESS=y -CONFIG_LZ4_COMPRESS=m -CONFIG_LZ4HC_COMPRESS=m +CONFIG_LZ4_COMPRESS=y +CONFIG_LZ4HC_COMPRESS=y CONFIG_LZ4_DECOMPRESS=y -CONFIG_ZSTD_COMPRESS=m -CONFIG_ZSTD_DECOMPRESS=m +CONFIG_ZSTD_COMPRESS=y +CONFIG_ZSTD_DECOMPRESS=y CONFIG_XZ_DEC=y CONFIG_XZ_DEC_X86=y CONFIG_XZ_DEC_POWERPC=y @@ -9168,9 +9213,14 @@ CONFIG_ASSOCIATIVE_ARRAY=y CONFIG_HAS_IOMEM=y CONFIG_HAS_IOPORT_MAP=y CONFIG_HAS_DMA=y -CONFIG_SGL_ALLOC=y -# CONFIG_DMA_DIRECT_OPS is not set +CONFIG_NEED_SG_DMA_LENGTH=y +CONFIG_NEED_DMA_MAP_STATE=y +CONFIG_ARCH_DMA_ADDR_T_64BIT=y +CONFIG_DMA_DIRECT_OPS=y CONFIG_DMA_VIRT_OPS=y +CONFIG_SWIOTLB=y +CONFIG_SGL_ALLOC=y +CONFIG_IOMMU_HELPER=y CONFIG_CHECK_SIGNATURE=y CONFIG_CPUMASK_OFFSTACK=y CONFIG_CPU_RMAP=y @@ -9199,11 +9249,12 @@ CONFIG_FONT_8x16=y # CONFIG_FONT_10x18 is not set # CONFIG_FONT_SUN8x16 is not set # CONFIG_FONT_SUN12x22 is not set -# CONFIG_SG_SPLIT is not set CONFIG_SG_POOL=y CONFIG_ARCH_HAS_SG_CHAIN=y CONFIG_ARCH_HAS_PMEM_API=y CONFIG_ARCH_HAS_UACCESS_FLUSHCACHE=y +CONFIG_ARCH_HAS_UACCESS_MCSAFE=y CONFIG_SBITMAP=y CONFIG_PARMAN=m +CONFIG_PRIME_NUMBERS=m # CONFIG_STRING_SELFTEST is not set diff --git a/sys-kernel/linux-sources-redcore/files/revert-disable-CRTCs-with-NULL-FB-on-their-primary-plane.patch b/sys-kernel/linux-sources-redcore/files/revert-disable-CRTCs-with-NULL-FB-on-their-primary-plane.patch deleted file mode 100644 index 1fce1ef9..00000000 --- a/sys-kernel/linux-sources-redcore/files/revert-disable-CRTCs-with-NULL-FB-on-their-primary-plane.patch +++ /dev/null @@ -1,48 +0,0 @@ -diff -Naur linux-4.16.2/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c linux-4.16.2-p/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c ---- linux-4.16.2/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c 2018-04-12 12:30:01.000000000 +0200 -+++ linux-4.16.2-p/drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c 2018-04-13 15:31:41.086861095 +0200 -@@ -4776,33 +4776,6 @@ - return ret; - } - --static int dm_atomic_check_plane_state_fb(struct drm_atomic_state *state, -- struct drm_crtc *crtc) --{ -- struct drm_plane *plane; -- struct drm_crtc_state *crtc_state; -- -- WARN_ON(!drm_atomic_get_new_crtc_state(state, crtc)); -- -- drm_for_each_plane_mask(plane, state->dev, crtc->state->plane_mask) { -- struct drm_plane_state *plane_state = -- drm_atomic_get_plane_state(state, plane); -- -- if (IS_ERR(plane_state)) -- return -EDEADLK; -- -- crtc_state = drm_atomic_get_crtc_state(plane_state->state, crtc); -- if (IS_ERR(crtc_state)) -- return PTR_ERR(crtc_state); -- -- if (crtc->primary == plane && crtc_state->active) { -- if (!plane_state->fb) -- return -EINVAL; -- } -- } -- return 0; --} -- - static int amdgpu_dm_atomic_check(struct drm_device *dev, - struct drm_atomic_state *state) - { -@@ -4826,10 +4799,6 @@ - goto fail; - - for_each_oldnew_crtc_in_state(state, crtc, old_crtc_state, new_crtc_state, i) { -- ret = dm_atomic_check_plane_state_fb(state, crtc); -- if (ret) -- goto fail; -- - if (!drm_atomic_crtc_needs_modeset(new_crtc_state) && - !new_crtc_state->color_mgmt_changed) - continue; diff --git a/sys-kernel/linux-sources-redcore/files/revert-patches-causing-instant-reboot.patch b/sys-kernel/linux-sources-redcore/files/revert-patches-causing-instant-reboot.patch new file mode 100644 index 00000000..a2127cff --- /dev/null +++ b/sys-kernel/linux-sources-redcore/files/revert-patches-causing-instant-reboot.patch @@ -0,0 +1,314 @@ +diff --git a/arch/x86/boot/compressed/head_64.S b/arch/x86/boot/compressed/head_64.S +index 8169e8b7a4dc..12915511be61 100644 +--- a/arch/x86/boot/compressed/head_64.S ++++ b/arch/x86/boot/compressed/head_64.S +@@ -305,48 +305,13 @@ ENTRY(startup_64) + /* Set up the stack */ + leaq boot_stack_end(%rbx), %rsp + +- /* +- * paging_prepare() and cleanup_trampoline() below can have GOT +- * references. Adjust the table with address we are running at. +- * +- * Zero RAX for adjust_got: the GOT was not adjusted before; +- * there's no adjustment to undo. +- */ +- xorq %rax, %rax +- +- /* +- * Calculate the address the binary is loaded at and use it as +- * a GOT adjustment. +- */ +- call 1f +-1: popq %rdi +- subq $1b, %rdi +- +- call adjust_got +- + /* + * At this point we are in long mode with 4-level paging enabled, +- * but we might want to enable 5-level paging or vice versa. +- * +- * The problem is that we cannot do it directly. Setting or clearing +- * CR4.LA57 in long mode would trigger #GP. So we need to switch off +- * long mode and paging first. +- * +- * We also need a trampoline in lower memory to switch over from +- * 4- to 5-level paging for cases when the bootloader puts the kernel +- * above 4G, but didn't enable 5-level paging for us. +- * +- * The same trampoline can be used to switch from 5- to 4-level paging +- * mode, like when starting 4-level paging kernel via kexec() when +- * original kernel worked in 5-level paging mode. +- * +- * For the trampoline, we need the top page table to reside in lower +- * memory as we don't have a way to load 64-bit values into CR3 in +- * 32-bit mode. ++ * but we want to enable 5-level paging. + * +- * We go though the trampoline even if we don't have to: if we're +- * already in a desired paging mode. This way the trampoline code gets +- * tested on every boot. ++ * The problem is that we cannot do it directly. Setting LA57 in ++ * long mode would trigger #GP. So we need to switch off long mode ++ * first. + */ + + /* Make sure we have GDT with 32-bit code segment */ +@@ -371,32 +336,40 @@ ENTRY(startup_64) + /* Save the trampoline address in RCX */ + movq %rax, %rcx + ++ /* Check if we need to enable 5-level paging */ ++ cmpq $0, %rdx ++ jz lvl5 ++ ++ /* Clear additional page table */ ++ leaq lvl5_pgtable(%rbx), %rdi ++ xorq %rax, %rax ++ movq $(PAGE_SIZE/8), %rcx ++ rep stosq ++ + /* +- * Load the address of trampoline_return() into RDI. +- * It will be used by the trampoline to return to the main code. ++ * Setup current CR3 as the first and only entry in a new top level ++ * page table. + */ +- leaq trampoline_return(%rip), %rdi ++ movq %cr3, %rdi ++ leaq 0x7 (%rdi), %rax ++ movq %rax, lvl5_pgtable(%rbx) + + /* Switch to compatibility mode (CS.L = 0 CS.D = 1) via far return */ + pushq $__KERNEL32_CS +- leaq TRAMPOLINE_32BIT_CODE_OFFSET(%rax), %rax ++ leaq compatible_mode(%rip), %rax + pushq %rax + lretq +-trampoline_return: ++lvl5: + /* Restore the stack, the 32-bit trampoline uses its own stack */ + leaq boot_stack_end(%rbx), %rsp + + /* + * cleanup_trampoline() would restore trampoline memory. + * +- * RDI is address of the page table to use instead of page table +- * in trampoline memory (if required). +- * + * RSI holds real mode data and needs to be preserved across + * this function call. + */ + pushq %rsi +- leaq top_pgtable(%rbx), %rdi + call cleanup_trampoline + popq %rsi + +@@ -404,21 +377,6 @@ trampoline_return: + pushq $0 + popfq + +- /* +- * Previously we've adjusted the GOT with address the binary was +- * loaded at. Now we need to re-adjust for relocation address. +- * +- * Calculate the address the binary is loaded at, so that we can +- * undo the previous GOT adjustment. +- */ +- call 1f +-1: popq %rax +- subq $1b, %rax +- +- /* The new adjustment is the relocation address */ +- movq %rbx, %rdi +- call adjust_got +- + /* + * Copy the compressed kernel to the end of our buffer + * where decompression in place becomes safe. +@@ -519,6 +477,19 @@ relocated: + shrq $3, %rcx + rep stosq + ++/* ++ * Adjust our own GOT ++ */ ++ leaq _got(%rip), %rdx ++ leaq _egot(%rip), %rcx ++1: ++ cmpq %rcx, %rdx ++ jae 2f ++ addq %rbx, (%rdx) ++ addq $8, %rdx ++ jmp 1b ++2: ++ + /* + * Do the extraction, and jump to the new kernel.. + */ +@@ -537,36 +508,9 @@ relocated: + */ + jmp *%rax + +-/* +- * Adjust the global offset table +- * +- * RAX is the previous adjustment of the table to undo (use 0 if it's the +- * first time we touch GOT). +- * RDI is the new adjustment to apply. +- */ +-adjust_got: +- /* Walk through the GOT adding the address to the entries */ +- leaq _got(%rip), %rdx +- leaq _egot(%rip), %rcx +-1: +- cmpq %rcx, %rdx +- jae 2f +- subq %rax, (%rdx) /* Undo previous adjustment */ +- addq %rdi, (%rdx) /* Apply the new adjustment */ +- addq $8, %rdx +- jmp 1b +-2: +- ret +- + .code32 +-/* +- * This is the 32-bit trampoline that will be copied over to low memory. +- * +- * RDI contains the return address (might be above 4G). +- * ECX contains the base address of the trampoline memory. +- * Non zero RDX on return means we need to enable 5-level paging. +- */ + ENTRY(trampoline_32bit_src) ++compatible_mode: + /* Set up data and stack segments */ + movl $__KERNEL_DS, %eax + movl %eax, %ds +@@ -580,61 +524,33 @@ ENTRY(trampoline_32bit_src) + btrl $X86_CR0_PG_BIT, %eax + movl %eax, %cr0 + +- /* Check what paging mode we want to be in after the trampoline */ +- cmpl $0, %edx +- jz 1f ++ /* Point CR3 to 5-level paging */ ++ leal lvl5_pgtable(%ebx), %eax ++ movl %eax, %cr3 + +- /* We want 5-level paging: don't touch CR3 if it already points to 5-level page tables */ ++ /* Enable PAE and LA57 mode */ + movl %cr4, %eax +- testl $X86_CR4_LA57, %eax +- jnz 3f +- jmp 2f +-1: +- /* We want 4-level paging: don't touch CR3 if it already points to 4-level page tables */ +- movl %cr4, %eax +- testl $X86_CR4_LA57, %eax +- jz 3f +-2: +- /* Point CR3 to the trampoline's new top level page table */ +- leal TRAMPOLINE_32BIT_PGTABLE_OFFSET(%ecx), %eax +- movl %eax, %cr3 +-3: +- /* Enable PAE and LA57 (if required) paging modes */ +- movl $X86_CR4_PAE, %eax +- cmpl $0, %edx +- jz 1f +- orl $X86_CR4_LA57, %eax +-1: ++ orl $(X86_CR4_PAE | X86_CR4_LA57), %eax + movl %eax, %cr4 + +- /* Calculate address of paging_enabled() once we are executing in the trampoline */ +- leal paging_enabled - trampoline_32bit_src + TRAMPOLINE_32BIT_CODE_OFFSET(%ecx), %eax ++ /* Calculate address we are running at */ ++ call 1f ++1: popl %edi ++ subl $1b, %edi + +- /* Prepare the stack for far return to Long Mode */ ++ /* Prepare stack for far return to Long Mode */ + pushl $__KERNEL_CS +- pushl %eax ++ leal lvl5(%edi), %eax ++ push %eax + +- /* Enable paging again */ ++ /* Enable paging back */ + movl $(X86_CR0_PG | X86_CR0_PE), %eax + movl %eax, %cr0 + + lret + +- .code64 +-paging_enabled: +- /* Return from the trampoline */ +- jmp *%rdi +- +- /* +- * The trampoline code has a size limit. +- * Make sure we fail to compile if the trampoline code grows +- * beyond TRAMPOLINE_32BIT_CODE_SIZE bytes. +- */ +- .org trampoline_32bit_src + TRAMPOLINE_32BIT_CODE_SIZE +- +- .code32 + no_longmode: +- /* This isn't an x86-64 CPU, so hang intentionally, we cannot continue */ ++ /* This isn't an x86-64 CPU so hang */ + 1: + hlt + jmp 1b +@@ -695,10 +611,5 @@ boot_stack_end: + .balign 4096 + pgtable: + .fill BOOT_PGT_SIZE, 1, 0 +- +-/* +- * The page table is going to be used instead of page table in the trampoline +- * memory. +- */ +-top_pgtable: ++lvl5_pgtable: + .fill PAGE_SIZE, 1, 0 +diff --git a/arch/x86/boot/compressed/pgtable_64.c b/arch/x86/boot/compressed/pgtable_64.c +index a362fa0b849c..32af1cbcd903 100644 +--- a/arch/x86/boot/compressed/pgtable_64.c ++++ b/arch/x86/boot/compressed/pgtable_64.c +@@ -22,6 +22,14 @@ struct paging_config { + /* Buffer to preserve trampoline memory */ + static char trampoline_save[TRAMPOLINE_32BIT_SIZE]; + ++/* ++ * The page table is going to be used instead of page table in the trampoline ++ * memory. ++ * ++ * It must not be in BSS as BSS is cleared after cleanup_trampoline(). ++ */ ++static char top_pgtable[PAGE_SIZE] __aligned(PAGE_SIZE) __section(.data); ++ + /* + * Trampoline address will be printed by extract_kernel() for debugging + * purposes. +@@ -126,7 +134,7 @@ struct paging_config paging_prepare(void) + return paging_config; + } + +-void cleanup_trampoline(void *pgtable) ++void cleanup_trampoline(void) + { + void *trampoline_pgtable; + +@@ -137,8 +145,8 @@ void cleanup_trampoline(void *pgtable) + * if it's there. + */ + if ((void *)__native_read_cr3() == trampoline_pgtable) { +- memcpy(pgtable, trampoline_pgtable, PAGE_SIZE); +- native_write_cr3((unsigned long)pgtable); ++ memcpy(top_pgtable, trampoline_pgtable, PAGE_SIZE); ++ native_write_cr3((unsigned long)top_pgtable); + } + + /* Restore trampoline memory */ diff --git a/sys-kernel/linux-sources-redcore/files/uksm-for-linux-hardened.patch b/sys-kernel/linux-sources-redcore/files/uksm-for-linux-hardened.patch index 733618de..d973274a 100644 --- a/sys-kernel/linux-sources-redcore/files/uksm-for-linux-hardened.patch +++ b/sys-kernel/linux-sources-redcore/files/uksm-for-linux-hardened.patch @@ -1,18 +1,20 @@ diff -Nur a/Documentation/vm/00-INDEX b/Documentation/vm/00-INDEX ---- a/Documentation/vm/00-INDEX 2018-04-08 13:29:52.000000000 +0100 -+++ b/Documentation/vm/00-INDEX 2018-04-11 22:47:44.597845750 +0100 -@@ -20,6 +20,8 @@ - - description of the idle page tracking feature. - ksm.txt +--- a/Documentation/vm/00-INDEX 2018-08-24 12:04:51.000000000 +0100 ++++ b/Documentation/vm/00-INDEX 2018-08-27 10:44:36.340467187 +0100 +@@ -18,7 +18,9 @@ + - explains what hwpoison is + ksm.rst - how to use the Kernel Samepage Merging feature. +-mmu_notifier.rst +uksm.txt + - Introduction to Ultra KSM - numa ++mmu_notifier.txt + - a note about clearing pte/pmd and mmu notifications + numa.rst - information about NUMA specific code in the Linux vm. - numa_memory_policy.txt diff -Nur a/Documentation/vm/uksm.txt b/Documentation/vm/uksm.txt --- a/Documentation/vm/uksm.txt 1970-01-01 01:00:00.000000000 +0100 -+++ b/Documentation/vm/uksm.txt 2018-04-11 22:47:44.597845750 +0100 ++++ b/Documentation/vm/uksm.txt 2018-08-27 10:44:36.340467187 +0100 @@ -0,0 +1,61 @@ +The Ultra Kernel Samepage Merging feature +---------------------------------------------- @@ -76,8 +78,8 @@ diff -Nur a/Documentation/vm/uksm.txt b/Documentation/vm/uksm.txt +2016-09-10 UKSM 0.1.2.5 Fix a bug in dedup ratio calculation. +2017-02-26 UKSM 0.1.2.6 Fix a bug in hugetlbpage handling and a race bug with page migration. diff -Nur a/fs/exec.c b/fs/exec.c ---- a/fs/exec.c 2018-04-11 22:44:55.743399844 +0100 -+++ b/fs/exec.c 2018-04-11 22:51:54.986922932 +0100 +--- a/fs/exec.c 2018-08-27 10:42:48.184976507 +0100 ++++ b/fs/exec.c 2018-08-27 10:47:39.413380371 +0100 @@ -63,6 +63,7 @@ #include <linux/compat.h> #include <linux/vmalloc.h> @@ -86,7 +88,7 @@ diff -Nur a/fs/exec.c b/fs/exec.c #include <linux/uaccess.h> #include <asm/mmu_context.h> -@@ -1377,6 +1378,7 @@ +@@ -1381,6 +1382,7 @@ /* An exec changes our domain. We are no longer part of the thread group */ current->self_exec_id++; @@ -95,9 +97,9 @@ diff -Nur a/fs/exec.c b/fs/exec.c } EXPORT_SYMBOL(setup_new_exec); diff -Nur a/fs/proc/meminfo.c b/fs/proc/meminfo.c ---- a/fs/proc/meminfo.c 2018-04-08 13:29:52.000000000 +0100 -+++ b/fs/proc/meminfo.c 2018-04-11 22:47:44.597845750 +0100 -@@ -118,6 +118,10 @@ +--- a/fs/proc/meminfo.c 2018-08-24 12:04:51.000000000 +0100 ++++ b/fs/proc/meminfo.c 2018-08-27 10:44:36.341467220 +0100 +@@ -105,6 +105,10 @@ global_zone_page_state(NR_KERNEL_STACK_KB)); show_val_kb(m, "PageTables: ", global_zone_page_state(NR_PAGETABLE)); @@ -109,9 +111,9 @@ diff -Nur a/fs/proc/meminfo.c b/fs/proc/meminfo.c show_val_kb(m, "Quicklists: ", quicklist_total_size()); #endif diff -Nur a/include/asm-generic/pgtable.h b/include/asm-generic/pgtable.h ---- a/include/asm-generic/pgtable.h 2018-04-08 13:29:52.000000000 +0100 -+++ b/include/asm-generic/pgtable.h 2018-04-11 22:47:44.598845782 +0100 -@@ -781,12 +781,25 @@ +--- a/include/asm-generic/pgtable.h 2018-08-24 12:04:51.000000000 +0100 ++++ b/include/asm-generic/pgtable.h 2018-08-27 10:44:36.341467220 +0100 +@@ -817,12 +817,25 @@ extern void untrack_pfn_moved(struct vm_area_struct *vma); #endif @@ -138,7 +140,7 @@ diff -Nur a/include/asm-generic/pgtable.h b/include/asm-generic/pgtable.h } #define my_zero_pfn(addr) page_to_pfn(ZERO_PAGE(addr)) -@@ -795,7 +808,7 @@ +@@ -831,7 +844,7 @@ static inline int is_zero_pfn(unsigned long pfn) { extern unsigned long zero_pfn; @@ -148,8 +150,8 @@ diff -Nur a/include/asm-generic/pgtable.h b/include/asm-generic/pgtable.h static inline unsigned long my_zero_pfn(unsigned long addr) diff -Nur a/include/linux/ksm.h b/include/linux/ksm.h ---- a/include/linux/ksm.h 2018-04-08 13:29:52.000000000 +0100 -+++ b/include/linux/ksm.h 2018-04-11 22:47:44.598845782 +0100 +--- a/include/linux/ksm.h 2018-08-24 12:04:51.000000000 +0100 ++++ b/include/linux/ksm.h 2018-08-27 10:44:36.341467220 +0100 @@ -21,21 +21,6 @@ #ifdef CONFIG_KSM int ksm_madvise(struct vm_area_struct *vma, unsigned long start, @@ -170,9 +172,9 @@ diff -Nur a/include/linux/ksm.h b/include/linux/ksm.h - __ksm_exit(mm); -} - static inline struct stable_node *page_stable_node(struct page *page) - { -@@ -65,6 +50,33 @@ + /* + * When do_swap_page() first faults in from swap what used to be a KSM page, +@@ -54,6 +39,46 @@ void rmap_walk_ksm(struct page *page, struct rmap_walk_control *rwc); void ksm_migrate_page(struct page *newpage, struct page *oldpage); @@ -201,12 +203,25 @@ diff -Nur a/include/linux/ksm.h b/include/linux/ksm.h +static inline void ksm_exit(struct mm_struct *mm) +{ +} ++ ++static inline void set_page_stable_node(struct page *page, ++ struct stable_node *stable_node) ++{ ++ page->mapping = (void *)((unsigned long)stable_node | PAGE_MAPPING_KSM); ++} ++ ++static inline struct stable_node *page_stable_node(struct page *page) ++{ ++ return PageKsm(page) ? page_rmapping(page) : NULL; ++} ++ ++ +#endif /* !CONFIG_UKSM */ + #else /* !CONFIG_KSM */ static inline int ksm_fork(struct mm_struct *mm, struct mm_struct *oldmm) -@@ -106,4 +118,6 @@ +@@ -89,4 +114,6 @@ #endif /* CONFIG_MMU */ #endif /* !CONFIG_KSM */ @@ -214,9 +229,9 @@ diff -Nur a/include/linux/ksm.h b/include/linux/ksm.h + #endif /* __LINUX_KSM_H */ diff -Nur a/include/linux/mm_types.h b/include/linux/mm_types.h ---- a/include/linux/mm_types.h 2018-04-08 13:29:52.000000000 +0100 -+++ b/include/linux/mm_types.h 2018-04-11 22:47:44.598845782 +0100 -@@ -333,6 +333,9 @@ +--- a/include/linux/mm_types.h 2018-08-24 12:04:51.000000000 +0100 ++++ b/include/linux/mm_types.h 2018-08-27 10:44:36.342467252 +0100 +@@ -320,6 +320,9 @@ struct mempolicy *vm_policy; /* NUMA policy for the VMA */ #endif struct vm_userfaultfd_ctx vm_userfaultfd_ctx; @@ -227,8 +242,8 @@ diff -Nur a/include/linux/mm_types.h b/include/linux/mm_types.h struct core_thread { diff -Nur a/include/linux/mmzone.h b/include/linux/mmzone.h ---- a/include/linux/mmzone.h 2018-04-08 13:29:52.000000000 +0100 -+++ b/include/linux/mmzone.h 2018-04-11 22:47:44.598845782 +0100 +--- a/include/linux/mmzone.h 2018-08-24 12:04:51.000000000 +0100 ++++ b/include/linux/mmzone.h 2018-08-27 10:44:36.342467252 +0100 @@ -148,6 +148,9 @@ NR_ZSPAGES, /* allocated in zsmalloc */ #endif @@ -239,7 +254,7 @@ diff -Nur a/include/linux/mmzone.h b/include/linux/mmzone.h NR_VM_ZONE_STAT_ITEMS }; enum node_stat_item { -@@ -866,7 +869,7 @@ +@@ -865,7 +868,7 @@ } /** @@ -250,7 +265,7 @@ diff -Nur a/include/linux/mmzone.h b/include/linux/mmzone.h * @zone - pointer to struct zone variable diff -Nur a/include/linux/sradix-tree.h b/include/linux/sradix-tree.h --- a/include/linux/sradix-tree.h 1970-01-01 01:00:00.000000000 +0100 -+++ b/include/linux/sradix-tree.h 2018-04-11 22:47:44.599845814 +0100 ++++ b/include/linux/sradix-tree.h 2018-08-27 10:44:36.343467284 +0100 @@ -0,0 +1,77 @@ +#ifndef _LINUX_SRADIX_TREE_H +#define _LINUX_SRADIX_TREE_H @@ -331,7 +346,7 @@ diff -Nur a/include/linux/sradix-tree.h b/include/linux/sradix-tree.h +#endif /* _LINUX_SRADIX_TREE_H */ diff -Nur a/include/linux/uksm.h b/include/linux/uksm.h --- a/include/linux/uksm.h 1970-01-01 01:00:00.000000000 +0100 -+++ b/include/linux/uksm.h 2018-04-11 22:47:44.599845814 +0100 ++++ b/include/linux/uksm.h 2018-08-27 10:44:36.343467284 +0100 @@ -0,0 +1,149 @@ +#ifndef __LINUX_UKSM_H +#define __LINUX_UKSM_H @@ -483,18 +498,9 @@ diff -Nur a/include/linux/uksm.h b/include/linux/uksm.h +#endif /* !CONFIG_UKSM */ +#endif /* __LINUX_UKSM_H */ diff -Nur a/kernel/fork.c b/kernel/fork.c ---- a/kernel/fork.c 2018-04-11 22:44:55.753400167 +0100 -+++ b/kernel/fork.c 2018-04-11 22:47:44.599845814 +0100 -@@ -453,7 +453,7 @@ - goto fail_nomem; - charge = len; - } -- tmp = kmem_cache_alloc(vm_area_cachep, GFP_KERNEL); -+ tmp = kmem_cache_zalloc(vm_area_cachep, GFP_KERNEL); - if (!tmp) - goto fail_nomem; - *tmp = *mpnt; -@@ -512,7 +512,7 @@ +--- a/kernel/fork.c 2018-08-27 10:42:48.208977282 +0100 ++++ b/kernel/fork.c 2018-08-27 10:44:36.344467317 +0100 +@@ -542,7 +542,7 @@ __vma_link_rb(mm, tmp, rb_link, rb_parent); rb_link = &tmp->vm_rb.rb_right; rb_parent = &tmp->vm_rb; @@ -504,20 +510,20 @@ diff -Nur a/kernel/fork.c b/kernel/fork.c if (!(tmp->vm_flags & VM_WIPEONFORK)) retval = copy_page_range(mm, oldmm, mpnt); diff -Nur a/lib/Makefile b/lib/Makefile ---- a/lib/Makefile 2018-04-08 13:29:52.000000000 +0100 -+++ b/lib/Makefile 2018-04-11 22:47:44.599845814 +0100 +--- a/lib/Makefile 2018-08-24 12:04:51.000000000 +0100 ++++ b/lib/Makefile 2018-08-27 10:44:36.344467317 +0100 @@ -18,7 +18,7 @@ KCOV_INSTRUMENT_dynamic_debug.o := n lib-y := ctype.o string.o vsprintf.o cmdline.o \ -- rbtree.o radix-tree.o dump_stack.o timerqueue.o\ -+ rbtree.o radix-tree.o sradix-tree.o dump_stack.o timerqueue.o\ +- rbtree.o radix-tree.o timerqueue.o\ ++ rbtree.o radix-tree.o sradix-tree.o timerqueue.o\ idr.o int_sqrt.o extable.o \ sha1.o chacha20.o irq_regs.o argv_split.o \ flex_proportions.o ratelimit.o show_mem.o \ diff -Nur a/lib/sradix-tree.c b/lib/sradix-tree.c --- a/lib/sradix-tree.c 1970-01-01 01:00:00.000000000 +0100 -+++ b/lib/sradix-tree.c 2018-04-11 22:47:44.600845846 +0100 ++++ b/lib/sradix-tree.c 2018-08-27 10:44:36.344467317 +0100 @@ -0,0 +1,476 @@ +#include <linux/errno.h> +#include <linux/mm.h> @@ -996,10 +1002,10 @@ diff -Nur a/lib/sradix-tree.c b/lib/sradix-tree.c + return 0; +} diff -Nur a/mm/Kconfig b/mm/Kconfig ---- a/mm/Kconfig 2018-04-11 22:44:55.761400426 +0100 -+++ b/mm/Kconfig 2018-04-11 22:47:44.600845846 +0100 -@@ -315,6 +315,32 @@ - See Documentation/vm/ksm.txt for more information: KSM is inactive +--- a/mm/Kconfig 2018-08-27 10:42:48.219977637 +0100 ++++ b/mm/Kconfig 2018-08-27 10:44:36.345467349 +0100 +@@ -308,6 +308,32 @@ + See Documentation/vm/ksm.rst for more information: KSM is inactive until a program has madvised that an area is MADV_MERGEABLE, and root has set /sys/kernel/mm/ksm/run to 1 (if CONFIG_SYSFS is set). +choice @@ -1032,8 +1038,8 @@ diff -Nur a/mm/Kconfig b/mm/Kconfig config DEFAULT_MMAP_MIN_ADDR int "Low address space to protect from user allocation" diff -Nur a/mm/Makefile b/mm/Makefile ---- a/mm/Makefile 2018-04-08 13:29:52.000000000 +0100 -+++ b/mm/Makefile 2018-04-11 22:47:44.600845846 +0100 +--- a/mm/Makefile 2018-08-24 12:04:51.000000000 +0100 ++++ b/mm/Makefile 2018-08-27 10:44:36.345467349 +0100 @@ -65,7 +65,8 @@ obj-$(CONFIG_SPARSEMEM_VMEMMAP) += sparse-vmemmap.o obj-$(CONFIG_SLOB) += slob.o @@ -1045,8 +1051,8 @@ diff -Nur a/mm/Makefile b/mm/Makefile obj-$(CONFIG_SLAB) += slab.o obj-$(CONFIG_SLUB) += slub.o diff -Nur a/mm/memory.c b/mm/memory.c ---- a/mm/memory.c 2018-04-08 13:29:52.000000000 +0100 -+++ b/mm/memory.c 2018-04-11 22:47:44.601845879 +0100 +--- a/mm/memory.c 2018-08-24 12:04:51.000000000 +0100 ++++ b/mm/memory.c 2018-08-27 10:44:36.346467381 +0100 @@ -128,6 +128,25 @@ unsigned long highest_memmap_pfn __read_mostly; @@ -1081,7 +1087,7 @@ diff -Nur a/mm/memory.c b/mm/memory.c #if defined(SPLIT_RSS_COUNTING) void sync_mm_rss(struct mm_struct *mm) -@@ -1039,6 +1059,9 @@ +@@ -1035,6 +1055,9 @@ get_page(page); page_dup_rmap(page, false); rss[mm_counter(page)]++; @@ -1091,7 +1097,7 @@ diff -Nur a/mm/memory.c b/mm/memory.c } else if (pte_devmap(pte)) { page = pte_page(pte); -@@ -1052,6 +1075,8 @@ +@@ -1048,6 +1071,8 @@ page_dup_rmap(page, false); rss[mm_counter(page)]++; } @@ -1100,7 +1106,7 @@ diff -Nur a/mm/memory.c b/mm/memory.c } out_set_pte: -@@ -1321,8 +1346,10 @@ +@@ -1317,8 +1342,10 @@ ptent = ptep_get_and_clear_full(mm, addr, pte, tlb->fullmm); tlb_remove_tlb_entry(tlb, pte, addr); @@ -1112,7 +1118,7 @@ diff -Nur a/mm/memory.c b/mm/memory.c if (!PageAnon(page)) { if (pte_dirty(ptent)) { -@@ -2336,8 +2363,10 @@ +@@ -2360,8 +2387,10 @@ clear_page(kaddr); kunmap_atomic(kaddr); flush_dcache_page(dst); @@ -1124,7 +1130,7 @@ diff -Nur a/mm/memory.c b/mm/memory.c } static gfp_t __get_fault_gfp_mask(struct vm_area_struct *vma) -@@ -2486,6 +2515,7 @@ +@@ -2510,6 +2539,7 @@ vmf->address); if (!new_page) goto oom; @@ -1132,7 +1138,7 @@ diff -Nur a/mm/memory.c b/mm/memory.c } else { new_page = alloc_page_vma(GFP_HIGHUSER_MOVABLE, vma, vmf->address); -@@ -2512,7 +2542,9 @@ +@@ -2536,7 +2566,9 @@ mm_counter_file(old_page)); inc_mm_counter_fast(mm, MM_ANONPAGES); } @@ -1143,8 +1149,8 @@ diff -Nur a/mm/memory.c b/mm/memory.c } flush_cache_page(vma, vmf->address, pte_pfn(vmf->orig_pte)); diff -Nur a/mm/mmap.c b/mm/mmap.c ---- a/mm/mmap.c 2018-04-11 22:44:55.762400458 +0100 -+++ b/mm/mmap.c 2018-04-11 22:47:44.602845911 +0100 +--- a/mm/mmap.c 2018-08-27 10:42:48.220977669 +0100 ++++ b/mm/mmap.c 2018-08-27 10:44:36.348467446 +0100 @@ -45,6 +45,7 @@ #include <linux/moduleparam.h> #include <linux/pkeys.h> @@ -1153,15 +1159,15 @@ diff -Nur a/mm/mmap.c b/mm/mmap.c #include <linux/uaccess.h> #include <asm/cacheflush.h> -@@ -173,6 +174,7 @@ +@@ -182,6 +183,7 @@ if (vma->vm_file) fput(vma->vm_file); mpol_put(vma_policy(vma)); + uksm_remove_vma(vma); - kmem_cache_free(vm_area_cachep, vma); + vm_area_free(vma); return next; } -@@ -699,9 +701,16 @@ +@@ -708,9 +710,16 @@ long adjust_next = 0; int remove_next = 0; @@ -1178,7 +1184,7 @@ diff -Nur a/mm/mmap.c b/mm/mmap.c if (end >= next->vm_end) { /* * vma expands, overlapping all the next, and -@@ -834,6 +843,7 @@ +@@ -843,6 +852,7 @@ end_changed = true; } vma->vm_pgoff = pgoff; @@ -1186,7 +1192,7 @@ diff -Nur a/mm/mmap.c b/mm/mmap.c if (adjust_next) { next->vm_start += adjust_next << PAGE_SHIFT; next->vm_pgoff += adjust_next; -@@ -939,6 +949,7 @@ +@@ -948,6 +958,7 @@ if (remove_next == 2) { remove_next = 1; end = next->vm_end; @@ -1194,7 +1200,7 @@ diff -Nur a/mm/mmap.c b/mm/mmap.c goto again; } else if (next) -@@ -965,10 +976,14 @@ +@@ -974,10 +985,14 @@ */ VM_WARN_ON(mm->highest_vm_end != vm_end_gap(vma)); } @@ -1209,7 +1215,7 @@ diff -Nur a/mm/mmap.c b/mm/mmap.c validate_mm(mm); return 0; -@@ -1385,6 +1400,9 @@ +@@ -1434,6 +1449,9 @@ vm_flags |= calc_vm_prot_bits(prot, pkey) | calc_vm_flag_bits(flags) | mm->def_flags | VM_MAYREAD | VM_MAYWRITE | VM_MAYEXEC; @@ -1219,7 +1225,7 @@ diff -Nur a/mm/mmap.c b/mm/mmap.c if (flags & MAP_LOCKED) if (!can_do_mlock()) return -EPERM; -@@ -1739,6 +1757,7 @@ +@@ -1798,6 +1816,7 @@ allow_write_access(file); } file = vma->vm_file; @@ -1227,15 +1233,15 @@ diff -Nur a/mm/mmap.c b/mm/mmap.c out: perf_event_mmap(vma); -@@ -1780,6 +1799,7 @@ +@@ -1839,6 +1858,7 @@ if (vm_flags & VM_DENYWRITE) allow_write_access(file); free_vma: + uksm_remove_vma(vma); - kmem_cache_free(vm_area_cachep, vma); + vm_area_free(vma); unacct_error: if (charged) -@@ -2604,6 +2624,8 @@ +@@ -2658,6 +2678,8 @@ else err = vma_adjust(vma, vma->vm_start, addr, vma->vm_pgoff, new); @@ -1244,7 +1250,7 @@ diff -Nur a/mm/mmap.c b/mm/mmap.c /* Success. */ if (!err) return 0; -@@ -2896,6 +2918,7 @@ +@@ -2943,6 +2965,7 @@ if ((flags & (~VM_EXEC)) != 0) return -EINVAL; flags |= VM_DATA_DEFAULT_FLAGS | VM_ACCOUNT | mm->def_flags; @@ -1252,7 +1258,7 @@ diff -Nur a/mm/mmap.c b/mm/mmap.c error = get_unmapped_area(NULL, addr, len, 0, MAP_FIXED); if (offset_in_page(error)) -@@ -2953,6 +2976,7 @@ +@@ -2999,6 +3022,7 @@ vma->vm_flags = flags; vma->vm_page_prot = vm_get_page_prot(flags); vma_link(mm, vma, prev, rb_link, rb_parent); @@ -1260,9 +1266,9 @@ diff -Nur a/mm/mmap.c b/mm/mmap.c out: perf_event_mmap(vma); mm->total_vm += len >> PAGE_SHIFT; -@@ -3004,6 +3028,12 @@ - /* mm's last user has gone, and its about to be pulled down */ - mmu_notifier_release(mm); +@@ -3078,6 +3102,12 @@ + up_write(&mm->mmap_sem); + } + /* + * Taking write lock on mmap_sem does not harm others, @@ -1273,7 +1279,7 @@ diff -Nur a/mm/mmap.c b/mm/mmap.c if (mm->locked_vm) { vma = mm->mmap; while (vma) { -@@ -3056,6 +3086,11 @@ +@@ -3112,6 +3142,11 @@ vma = remove_vma(vma); } vm_unacct_memory(nr_accounted); @@ -1285,7 +1291,7 @@ diff -Nur a/mm/mmap.c b/mm/mmap.c } /* Insert vm structure into process list sorted by address -@@ -3165,6 +3200,7 @@ +@@ -3219,6 +3254,7 @@ new_vma->vm_ops->open(new_vma); vma_link(mm, new_vma, prev, rb_link, rb_parent); *need_rmap_locks = false; @@ -1293,7 +1299,7 @@ diff -Nur a/mm/mmap.c b/mm/mmap.c } return new_vma; -@@ -3315,6 +3351,7 @@ +@@ -3369,6 +3405,7 @@ vm_stat_account(mm, vma->vm_flags, len >> PAGE_SHIFT); perf_event_mmap(vma); @@ -1302,9 +1308,9 @@ diff -Nur a/mm/mmap.c b/mm/mmap.c return vma; diff -Nur a/mm/rmap.c b/mm/rmap.c ---- a/mm/rmap.c 2018-04-08 13:29:52.000000000 +0100 -+++ b/mm/rmap.c 2018-04-11 22:47:44.602845911 +0100 -@@ -1016,9 +1016,9 @@ +--- a/mm/rmap.c 2018-08-24 12:04:51.000000000 +0100 ++++ b/mm/rmap.c 2018-08-27 10:44:36.348467446 +0100 +@@ -1017,9 +1017,9 @@ /** * __page_set_anon_rmap - set up new anonymous rmap @@ -1318,7 +1324,7 @@ diff -Nur a/mm/rmap.c b/mm/rmap.c static void __page_set_anon_rmap(struct page *page, diff -Nur a/mm/uksm.c b/mm/uksm.c --- a/mm/uksm.c 1970-01-01 01:00:00.000000000 +0100 -+++ b/mm/uksm.c 2018-04-11 22:47:44.605846008 +0100 ++++ b/mm/uksm.c 2018-08-27 10:44:36.351467543 +0100 @@ -0,0 +1,5584 @@ +/* + * Ultra KSM. Copyright (C) 2011-2012 Nai Xia @@ -6905,11 +6911,11 @@ diff -Nur a/mm/uksm.c b/mm/uksm.c +#endif + diff -Nur a/mm/vmstat.c b/mm/vmstat.c ---- a/mm/vmstat.c 2018-04-08 13:29:52.000000000 +0100 -+++ b/mm/vmstat.c 2018-04-11 22:47:44.606846040 +0100 -@@ -1162,6 +1162,9 @@ - "nr_dirtied", +--- a/mm/vmstat.c 2018-08-24 12:04:51.000000000 +0100 ++++ b/mm/vmstat.c 2018-08-27 10:44:36.352467575 +0100 +@@ -1163,6 +1163,9 @@ "nr_written", + "", /* nr_indirectly_reclaimable */ +#ifdef CONFIG_UKSM + "nr_uksm_zero_pages", diff --git a/sys-kernel/linux-sources-redcore/files/workaround-BIOS-bugs-on-CCP-SVE-ryzen-TR.patch b/sys-kernel/linux-sources-redcore/files/workaround-BIOS-bugs-on-CCP-SVE-ryzen-TR.patch new file mode 100644 index 00000000..1d1ae0e3 --- /dev/null +++ b/sys-kernel/linux-sources-redcore/files/workaround-BIOS-bugs-on-CCP-SVE-ryzen-TR.patch @@ -0,0 +1,85 @@ +diff -up linux-4.18/drivers/crypto/ccp/psp-dev.c.0333~ linux-4.18/drivers/crypto/ccp/psp-dev.c +--- linux-4.18/drivers/crypto/ccp/psp-dev.c.0333~ 2018-08-21 19:32:36.457890957 +0200 ++++ linux-4.18/drivers/crypto/ccp/psp-dev.c 2018-08-21 19:35:43.283028769 +0200 +@@ -38,6 +38,17 @@ static DEFINE_MUTEX(sev_cmd_mutex); + static struct sev_misc_dev *misc_dev; + static struct psp_device *psp_master; + ++static int psp_cmd_timeout = 100; ++module_param(psp_cmd_timeout, int, 0644); ++MODULE_PARM_DESC(psp_cmd_timeout, " default timeout value, in seconds, for PSP commands"); ++ ++static int psp_probe_timeout = 5; ++module_param(psp_probe_timeout, int, 0644); ++MODULE_PARM_DESC(psp_probe_timeout, " default timeout value, in seconds, during PSP device probe"); ++ ++static bool psp_dead; ++static int psp_timeout; ++ + static struct psp_device *psp_alloc_struct(struct sp_device *sp) + { + struct device *dev = sp->dev; +@@ -82,10 +93,15 @@ done: + return IRQ_HANDLED; + } + +-static void sev_wait_cmd_ioc(struct psp_device *psp, unsigned int *reg) ++static int sev_wait_cmd_ioc(struct psp_device *psp, unsigned int *reg, unsigned int timeout) + { +- wait_event(psp->sev_int_queue, psp->sev_int_rcvd); ++ int ret; ++ ret = wait_event_timeout(psp->sev_int_queue, psp->sev_int_rcvd, ++ timeout * HZ); ++ if (!ret) ++ return -ETIMEDOUT; + *reg = ioread32(psp->io_regs + PSP_CMDRESP); ++ return 0; + } + + static int sev_cmd_buffer_len(int cmd) +@@ -133,12 +149,15 @@ static int __sev_do_cmd_locked(int cmd, + if (!psp) + return -ENODEV; + ++ if (psp_dead) ++ return -EBUSY; ++ + /* Get the physical address of the command buffer */ + phys_lsb = data ? lower_32_bits(__psp_pa(data)) : 0; + phys_msb = data ? upper_32_bits(__psp_pa(data)) : 0; + +- dev_dbg(psp->dev, "sev command id %#x buffer 0x%08x%08x\n", +- cmd, phys_msb, phys_lsb); ++ dev_dbg(psp->dev, "sev command id %#x buffer 0x%08x%08x timeout %us\n", ++ cmd, phys_msb, phys_lsb, psp_timeout); + + print_hex_dump_debug("(in): ", DUMP_PREFIX_OFFSET, 16, 2, data, + sev_cmd_buffer_len(cmd), false); +@@ -154,7 +173,17 @@ static int __sev_do_cmd_locked(int cmd, + iowrite32(reg, psp->io_regs + PSP_CMDRESP); + + /* wait for command completion */ +- sev_wait_cmd_ioc(psp, ®); ++ ret = sev_wait_cmd_ioc(psp, ®, psp_timeout); ++ if (ret) { ++ if (psp_ret) ++ *psp_ret = 0; ++ ++ dev_err(psp->dev, "sev command %#x timed out, disabling PSP\n", cmd); ++ psp_dead = true; ++ return ret; ++ } ++ ++ psp_timeout = psp_cmd_timeout; + + if (psp_ret) + *psp_ret = reg & PSP_CMDRESP_ERR_MASK; +@@ -886,6 +915,8 @@ void psp_pci_init(void) + + psp_master = sp->psp_data; + ++ psp_timeout = psp_probe_timeout; ++ + if (sev_get_api_version()) + goto err; + diff --git a/sys-kernel/linux-sources-redcore/linux-sources-redcore-4.16.16.ebuild b/sys-kernel/linux-sources-redcore/linux-sources-redcore-4.18.5.ebuild index b7be4299..2aa366b1 100644 --- a/sys-kernel/linux-sources-redcore/linux-sources-redcore-4.16.16.ebuild +++ b/sys-kernel/linux-sources-redcore/linux-sources-redcore-4.18.5.ebuild @@ -25,17 +25,16 @@ DEPEND=" sys-devel/make" RDEPEND="${DEPEND}" -PATCHES=( "${FILESDIR}"/enable_alx_wol.patch - "${FILESDIR}"/0001-Revert-ath10k-activate-user-space-firmware-loading-a.patch - "${FILESDIR}"/0001-Revert-swiotlb-remove-various-exports.patch - "${FILESDIR}"/0001-Revert-x86-ACPI-cstate-Allow-ACPI-C1-FFH-MWAIT-use-o.patch - "${FILESDIR}"/0001-Make-it-possible-to-disable-SWIOTLB-code-on-admgpu-a.patch - "${FILESDIR}"/fix-spectre_v2-mitigation-strings.patch +PATCHES=( "${FILESDIR}"/0001-Revert-x86-ACPI-cstate-Allow-ACPI-C1-FFH-MWAIT-use-o.patch "${FILESDIR}"/ata-fix-NCQ-LOG-strings-and-move-to-debug.patch - "${FILESDIR}"/mute-pps_state_mismatch.patch "${FILESDIR}"/drop_ancient-and-wrong-msg.patch + "${FILESDIR}"/enable_alx_wol.patch + "${FILESDIR}"/mute-pps_state_mismatch.patch "${FILESDIR}"/nouveau-pascal-backlight.patch - "${FILESDIR}"/linux-hardened-v3.patch + "${FILESDIR}"/radeon_dp_aux_transfer_native-no-ratelimited_debug.patch + "${FILESDIR}"/revert-patches-causing-instant-reboot.patch + "${FILESDIR}"/workaround-BIOS-bugs-on-CCP-SVE-ryzen-TR.patch + "${FILESDIR}"/linux-hardened.patch "${FILESDIR}"/uksm-for-linux-hardened.patch ) S="${WORKDIR}"/linux-"${PV}" |