summaryrefslogtreecommitdiff
path: root/sys-kernel/linux-image-redcore-lts
diff options
context:
space:
mode:
Diffstat (limited to 'sys-kernel/linux-image-redcore-lts')
-rw-r--r--sys-kernel/linux-image-redcore-lts/Manifest4
-rw-r--r--sys-kernel/linux-image-redcore-lts/files/4.14-linux-hardened.patch32
-rw-r--r--sys-kernel/linux-image-redcore-lts/files/4.19-linux-hardened.patch61
-rw-r--r--sys-kernel/linux-image-redcore-lts/linux-image-redcore-lts-4.14.100.ebuild (renamed from sys-kernel/linux-image-redcore-lts/linux-image-redcore-lts-4.14.95-r1.ebuild)2
-rw-r--r--sys-kernel/linux-image-redcore-lts/linux-image-redcore-lts-4.19.25.ebuild (renamed from sys-kernel/linux-image-redcore-lts/linux-image-redcore-lts-4.19.20-r1.ebuild)2
5 files changed, 55 insertions, 46 deletions
diff --git a/sys-kernel/linux-image-redcore-lts/Manifest b/sys-kernel/linux-image-redcore-lts/Manifest
index 89a7e6c1..48585918 100644
--- a/sys-kernel/linux-image-redcore-lts/Manifest
+++ b/sys-kernel/linux-image-redcore-lts/Manifest
@@ -1,2 +1,2 @@
-DIST linux-4.14.95.tar.xz 101049552 BLAKE2B 48e55bc8b7844d2ede44254b884201f4a239afd45e680ac6c4fc5fae8550eb4a0ad714c4625421ddffea89b09f7841a347e1e032716178bda123abecbecaa28f SHA512 ab1e9c54a852adfa4b0fb451db8cdafecb3cf1adca9dcc0574c2c2a5e7edd9ba77a551ac27a4e16fcf23d89c8f278b04b5c522b7d7b4043ab0309084a3b35a89
-DIST linux-4.19.20.tar.xz 103142620 BLAKE2B a1dbb52aa6727906792741a80b49a26d62ecb40306e8545854967def16875fb1b8d5e09894dd310aa32060155006eecad5fe461c44074a8fecd90d4fc5dc47ce SHA512 1eac44b81c54f34faf782c9d6990703c463206d8c16716c4c3be5c7a7add3a8f4c5695f6191ffdf3a0ffdc549dda5f0ca154e6751fa024d2fae2684cc4e5e182
+DIST linux-4.14.100.tar.xz 101063000 BLAKE2B 35425761c40aed4e0393273c2d04c88af48d371372a77c02895f41fe98a596be90af8eace296be9feaa2bf0a41977b92e2a4237760192cd9a7475603facd0958 SHA512 24b0453cfbe7fb9d41055d1de015e95d8685db9dddfeea62894eddaced0624698a4592c1fc53d48011c1760d374671fa6376c8cd853873200356ea14316e284f
+DIST linux-4.19.25.tar.xz 103160576 BLAKE2B 25952ebcdf9010a992eabe088e87610f2033c5768251d257fb7d5041e0def50faf798d0ec2a00e7c8e6bcb6ef6b9ea6dfd3b19c75145fdff3e11cb6d7d768544 SHA512 d7f6cb0980640a772008f3517e260e545d201658d2202834fba82f9abc6d05a2917d45d8ab8885c0282c1064dbd9149adc5df307ba3ea063dbe1a9dde40c8810
diff --git a/sys-kernel/linux-image-redcore-lts/files/4.14-linux-hardened.patch b/sys-kernel/linux-image-redcore-lts/files/4.14-linux-hardened.patch
index 9280791e..126e3f00 100644
--- a/sys-kernel/linux-image-redcore-lts/files/4.14-linux-hardened.patch
+++ b/sys-kernel/linux-image-redcore-lts/files/4.14-linux-hardened.patch
@@ -71,7 +71,7 @@ index 694968c7523c..002d86416ef8 100644
The value in this file affects behavior of handling NMI. When the
diff --git a/Makefile b/Makefile
-index 70cc37cb3e99..edc3de99b3cd 100644
+index 86fa9a371383..f7a041b5e9c7 100644
--- a/Makefile
+++ b/Makefile
@@ -714,6 +714,9 @@ endif
@@ -279,7 +279,7 @@ index e32fc1f274d8..d08acc76502a 100644
CONFIG_BSD_PROCESS_ACCT=y
CONFIG_TASKSTATS=y
diff --git a/arch/x86/entry/vdso/vma.c b/arch/x86/entry/vdso/vma.c
-index 1911310959f8..bba8dbbc07a8 100644
+index a77fd3c8d824..3a8f35c85ecf 100644
--- a/arch/x86/entry/vdso/vma.c
+++ b/arch/x86/entry/vdso/vma.c
@@ -203,55 +203,9 @@ static int map_vdso(const struct vdso_image *image, unsigned long addr)
@@ -779,7 +779,7 @@ index b811442c5ce6..4f62a63cbcb1 100644
A pseudo terminal (PTY) is a software device consisting of two
halves: a master and a slave. The slave device behaves identical to
diff --git a/drivers/tty/tty_io.c b/drivers/tty/tty_io.c
-index 417b81c67fe9..4e9bb7851ab1 100644
+index 7e351d205393..426e22697412 100644
--- a/drivers/tty/tty_io.c
+++ b/drivers/tty/tty_io.c
@@ -171,6 +171,7 @@ static void free_tty_struct(struct tty_struct *tty)
@@ -810,7 +810,7 @@ index 417b81c67fe9..4e9bb7851ab1 100644
if ((current->signal->tty != tty) && !capable(CAP_SYS_ADMIN))
return -EPERM;
if (get_user(ch, p))
-@@ -2854,6 +2863,7 @@ struct tty_struct *alloc_tty_struct(struct tty_driver *driver, int idx)
+@@ -2855,6 +2864,7 @@ struct tty_struct *alloc_tty_struct(struct tty_driver *driver, int idx)
tty->index = idx;
tty_line_name(driver, idx, tty->name);
tty->dev = tty_get_device(tty);
@@ -819,7 +819,7 @@ index 417b81c67fe9..4e9bb7851ab1 100644
return tty;
}
diff --git a/drivers/usb/core/hub.c b/drivers/usb/core/hub.c
-index a073cb5be013..e9dfece7b7ce 100644
+index 4a4e666a8e09..8ee7835decc6 100644
--- a/drivers/usb/core/hub.c
+++ b/drivers/usb/core/hub.c
@@ -38,6 +38,8 @@
@@ -831,7 +831,7 @@ index a073cb5be013..e9dfece7b7ce 100644
/* Protect struct usb_device->state and ->children members
* Note: Both are also protected by ->dev.sem, except that ->state can
* change to USB_STATE_NOTATTACHED even when the semaphore isn't held. */
-@@ -4818,6 +4820,12 @@ static void hub_port_connect(struct usb_hub *hub, int port1, u16 portstatus,
+@@ -4828,6 +4830,12 @@ static void hub_port_connect(struct usb_hub *hub, int port1, u16 portstatus,
goto done;
return;
}
@@ -1672,10 +1672,10 @@ index 710ce1d6b982..4013b634e820 100644
struct rcu_state *rsp;
diff --git a/kernel/sched/fair.c b/kernel/sched/fair.c
-index f33b24080b1c..99c5e423906f 100644
+index 4d54c1fe9623..92612d51d6e1 100644
--- a/kernel/sched/fair.c
+++ b/kernel/sched/fair.c
-@@ -8982,7 +8982,7 @@ static void nohz_idle_balance(struct rq *this_rq, enum cpu_idle_type idle) { }
+@@ -8983,7 +8983,7 @@ static void nohz_idle_balance(struct rq *this_rq, enum cpu_idle_type idle) { }
* run_rebalance_domains is triggered when needed from the scheduler tick.
* Also triggered for nohz idle balancing (with nohz_balancing_kick set).
*/
@@ -1734,7 +1734,7 @@ index a4c87cf27f9d..efb97a8dc568 100644
struct tasklet_struct *list;
diff --git a/kernel/sysctl.c b/kernel/sysctl.c
-index d330b1ce3b94..050278b12928 100644
+index 3ad00bf90b3d..35c7d3336f87 100644
--- a/kernel/sysctl.c
+++ b/kernel/sysctl.c
@@ -66,6 +66,7 @@
@@ -2547,7 +2547,7 @@ index a77d68f2c1b6..d1f1d75f4d1f 100644
}
diff --git a/net/core/dev.c b/net/core/dev.c
-index 4337450a5fdb..5a3c7d217719 100644
+index 54ba5b5bc55c..564f21fc2df5 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -4117,7 +4117,7 @@ int netif_rx_ni(struct sk_buff *skb)
@@ -2581,7 +2581,7 @@ index f48fe6fc7e8c..d78c52835c08 100644
Normal TCP/IP networking is open to an attack known as "SYN
flooding". This denial-of-service attack prevents legitimate remote
diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c
-index 18bc8738e989..d2866f6dd736 100644
+index e36a673833ae..03914dfa0bd0 100644
--- a/scripts/mod/modpost.c
+++ b/scripts/mod/modpost.c
@@ -37,6 +37,7 @@ static int vmlinux_section_warnings = 1;
@@ -2613,9 +2613,9 @@ index 18bc8738e989..d2866f6dd736 100644
}
};
-@@ -1240,10 +1248,10 @@ static Elf_Sym *find_elf_symbol(struct elf_info *elf, Elf64_Sword addr,
+@@ -1266,10 +1274,10 @@ static Elf_Sym *find_elf_symbol(struct elf_info *elf, Elf64_Sword addr,
continue;
- if (ELF_ST_TYPE(sym->st_info) == STT_SECTION)
+ if (!is_valid_name(elf, sym))
continue;
- if (sym->st_value == addr)
- return sym;
@@ -2626,7 +2626,7 @@ index 18bc8738e989..d2866f6dd736 100644
if (d < 0)
d = addr - sym->st_value;
if (d < distance) {
-@@ -1402,7 +1410,11 @@ static void report_sec_mismatch(const char *modname,
+@@ -1404,7 +1412,11 @@ static void report_sec_mismatch(const char *modname,
char *prl_from;
char *prl_to;
@@ -2639,7 +2639,7 @@ index 18bc8738e989..d2866f6dd736 100644
if (!sec_mismatch_verbose)
return;
-@@ -1526,6 +1538,14 @@ static void report_sec_mismatch(const char *modname,
+@@ -1528,6 +1540,14 @@ static void report_sec_mismatch(const char *modname,
fatal("There's a special handler for this mismatch type, "
"we should never get here.");
break;
@@ -2654,7 +2654,7 @@ index 18bc8738e989..d2866f6dd736 100644
}
fprintf(stderr, "\n");
}
-@@ -2539,6 +2559,14 @@ int main(int argc, char **argv)
+@@ -2541,6 +2561,14 @@ int main(int argc, char **argv)
}
}
free(buf.p);
diff --git a/sys-kernel/linux-image-redcore-lts/files/4.19-linux-hardened.patch b/sys-kernel/linux-image-redcore-lts/files/4.19-linux-hardened.patch
index 42ba2084..4608c3bc 100644
--- a/sys-kernel/linux-image-redcore-lts/files/4.19-linux-hardened.patch
+++ b/sys-kernel/linux-image-redcore-lts/files/4.19-linux-hardened.patch
@@ -71,7 +71,7 @@ index 37a679501ddc..59b747920f4d 100644
The value in this file affects behavior of handling NMI. When the
diff --git a/Makefile b/Makefile
-index f1859811dca1..432040e2d299 100644
+index 2caa131ff306..42e5022af1d7 100644
--- a/Makefile
+++ b/Makefile
@@ -698,6 +698,9 @@ stackp-flags-$(CONFIG_STACKPROTECTOR_STRONG) := -fstack-protector-strong
@@ -567,10 +567,10 @@ index 15c1f5e12eb8..ff72cccec5b8 100644
struct list_head *cpu_list, local_list;
diff --git a/drivers/ata/libata-core.c b/drivers/ata/libata-core.c
-index b8c3f9e6af89..bf65bc091cb6 100644
+index adf28788cab5..cd4b3501eda9 100644
--- a/drivers/ata/libata-core.c
+++ b/drivers/ata/libata-core.c
-@@ -5157,7 +5157,7 @@ void ata_qc_free(struct ata_queued_cmd *qc)
+@@ -5158,7 +5158,7 @@ void ata_qc_free(struct ata_queued_cmd *qc)
struct ata_port *ap;
unsigned int tag;
@@ -579,7 +579,7 @@ index b8c3f9e6af89..bf65bc091cb6 100644
ap = qc->ap;
qc->flags = 0;
-@@ -5174,7 +5174,7 @@ void __ata_qc_complete(struct ata_queued_cmd *qc)
+@@ -5175,7 +5175,7 @@ void __ata_qc_complete(struct ata_queued_cmd *qc)
struct ata_port *ap;
struct ata_link *link;
@@ -661,7 +661,7 @@ index e7d192ebecd7..1c682abd31ca 100644
return tty;
}
diff --git a/drivers/usb/core/hub.c b/drivers/usb/core/hub.c
-index cc62707c0251..21d78ae4b4ae 100644
+index 3adff4da2ee1..5416294d2bc9 100644
--- a/drivers/usb/core/hub.c
+++ b/drivers/usb/core/hub.c
@@ -41,6 +41,8 @@
@@ -673,7 +673,7 @@ index cc62707c0251..21d78ae4b4ae 100644
/* Protect struct usb_device->state and ->children members
* Note: Both are also protected by ->dev.sem, except that ->state can
* change to USB_STATE_NOTATTACHED even when the semaphore isn't held. */
-@@ -4933,6 +4935,12 @@ static void hub_port_connect(struct usb_hub *hub, int port1, u16 portstatus,
+@@ -4943,6 +4945,12 @@ static void hub_port_connect(struct usb_hub *hub, int port1, u16 portstatus,
goto done;
return;
}
@@ -687,7 +687,7 @@ index cc62707c0251..21d78ae4b4ae 100644
unit_load = 150;
else
diff --git a/fs/exec.c b/fs/exec.c
-index 1ebf6e5a521d..73b8d839927c 100644
+index 1ebf6e5a521d..f86201f25a4c 100644
--- a/fs/exec.c
+++ b/fs/exec.c
@@ -62,6 +62,7 @@
@@ -707,6 +707,15 @@ index 1ebf6e5a521d..73b8d839927c 100644
return 0;
err:
up_write(&mm->mmap_sem);
+@@ -929,7 +932,7 @@ int kernel_read_file(struct file *file, void **buf, loff_t *size,
+ bytes = kernel_read(file, *buf + pos, i_size - pos, &pos);
+ if (bytes < 0) {
+ ret = bytes;
+- goto out;
++ goto out_free;
+ }
+
+ if (bytes == 0)
diff --git a/fs/namei.c b/fs/namei.c
index 914178cdbe94..7422b5ce077a 100644
--- a/fs/namei.c
@@ -972,10 +981,10 @@ index 70b7123f38c7..09f3019489b2 100644
extern phys_addr_t per_cpu_ptr_to_phys(void *addr);
diff --git a/include/linux/perf_event.h b/include/linux/perf_event.h
-index 53c500f0ca79..15c236b8aba3 100644
+index c2876e740514..45673e9e1770 100644
--- a/include/linux/perf_event.h
+++ b/include/linux/perf_event.h
-@@ -1179,6 +1179,11 @@ extern int perf_cpu_time_max_percent_handler(struct ctl_table *table, int write,
+@@ -1184,6 +1184,11 @@ extern int perf_cpu_time_max_percent_handler(struct ctl_table *table, int write,
int perf_event_max_stack_handler(struct ctl_table *table, int write,
void __user *buffer, size_t *lenp, loff_t *ppos);
@@ -1385,7 +1394,7 @@ index 1e1c0236f55b..452062fe45ce 100644
/**
diff --git a/kernel/events/core.c b/kernel/events/core.c
-index 5a97f34bc14c..a4a4fc1e1586 100644
+index 4fb9d5054618..ec52d87916ef 100644
--- a/kernel/events/core.c
+++ b/kernel/events/core.c
@@ -397,8 +397,13 @@ static cpumask_var_t perf_online_mask;
@@ -1402,7 +1411,7 @@ index 5a97f34bc14c..a4a4fc1e1586 100644
/* Minimum for 512 kiB + 1 user control page */
int sysctl_perf_event_mlock __read_mostly = 512 + (PAGE_SIZE / 1024); /* 'free' kiB per user */
-@@ -10410,6 +10415,9 @@ SYSCALL_DEFINE5(perf_event_open,
+@@ -10426,6 +10431,9 @@ SYSCALL_DEFINE5(perf_event_open,
if (flags & ~PERF_FLAG_ALL)
return -EINVAL;
@@ -1501,10 +1510,10 @@ index 15301ed19da6..2a799dea7016 100644
struct rcu_state *rsp;
diff --git a/kernel/sched/fair.c b/kernel/sched/fair.c
-index 7137bc343b4a..104e0855a018 100644
+index f7c375d1e601..6c5f522385fc 100644
--- a/kernel/sched/fair.c
+++ b/kernel/sched/fair.c
-@@ -9593,7 +9593,7 @@ static int idle_balance(struct rq *this_rq, struct rq_flags *rf)
+@@ -9594,7 +9594,7 @@ static int idle_balance(struct rq *this_rq, struct rq_flags *rf)
* run_rebalance_domains is triggered when needed from the scheduler tick.
* Also triggered for nohz idle balancing (with nohz_balancing_kick set).
*/
@@ -1574,7 +1583,7 @@ index 6f584861d329..1943fe60f3b9 100644
void tasklet_init(struct tasklet_struct *t,
diff --git a/kernel/sysctl.c b/kernel/sysctl.c
-index cc02050fd0c4..cca161854186 100644
+index 32dea29d05a0..391876c1ca97 100644
--- a/kernel/sysctl.c
+++ b/kernel/sysctl.c
@@ -67,6 +67,7 @@
@@ -1922,7 +1931,7 @@ index f7cd9cb966c0..fda49841f4f2 100644
goto set_brk;
diff --git a/mm/page_alloc.c b/mm/page_alloc.c
-index 9e45553cabd6..f5ec01e1498c 100644
+index a9de1dbb9a6c..da3b27a09065 100644
--- a/mm/page_alloc.c
+++ b/mm/page_alloc.c
@@ -66,6 +66,7 @@
@@ -1949,7 +1958,7 @@ index 9e45553cabd6..f5ec01e1498c 100644
#ifdef CONFIG_GCC_PLUGIN_LATENT_ENTROPY
volatile unsigned long latent_entropy __latent_entropy;
EXPORT_SYMBOL(latent_entropy);
-@@ -1027,6 +1037,13 @@ static __always_inline bool free_pages_prepare(struct page *page,
+@@ -1055,6 +1065,13 @@ static __always_inline bool free_pages_prepare(struct page *page,
debug_check_no_obj_freed(page_address(page),
PAGE_SIZE << order);
}
@@ -1963,7 +1972,7 @@ index 9e45553cabd6..f5ec01e1498c 100644
arch_free_page(page, order);
kernel_poison_pages(page, 1 << order, 0);
kernel_map_pages(page, 1 << order, 0);
-@@ -1267,6 +1284,21 @@ static void __init __free_pages_boot_core(struct page *page, unsigned int order)
+@@ -1295,6 +1312,21 @@ static void __init __free_pages_boot_core(struct page *page, unsigned int order)
__ClearPageReserved(p);
set_page_count(p, 0);
@@ -1985,7 +1994,7 @@ index 9e45553cabd6..f5ec01e1498c 100644
page_zone(page)->managed_pages += nr_pages;
set_page_refcounted(page);
__free_pages(page, order);
-@@ -1855,8 +1887,8 @@ static inline int check_new_page(struct page *page)
+@@ -1876,8 +1908,8 @@ static inline int check_new_page(struct page *page)
static inline bool free_pages_prezeroed(void)
{
@@ -1996,7 +2005,7 @@ index 9e45553cabd6..f5ec01e1498c 100644
}
#ifdef CONFIG_DEBUG_VM
-@@ -1913,6 +1945,11 @@ static void prep_new_page(struct page *page, unsigned int order, gfp_t gfp_flags
+@@ -1934,6 +1966,11 @@ static void prep_new_page(struct page *page, unsigned int order, gfp_t gfp_flags
post_alloc_hook(page, order, gfp_flags);
@@ -2385,7 +2394,7 @@ index 26fc9b5f1b6c..7c9312ca8982 100644
}
diff --git a/net/core/dev.c b/net/core/dev.c
-index af097ca9cb4f..fda1753e5b65 100644
+index 5c8c0a572ee9..875f2cea68e9 100644
--- a/net/core/dev.c
+++ b/net/core/dev.c
@@ -4519,7 +4519,7 @@ int netif_rx_ni(struct sk_buff *skb)
@@ -2435,7 +2444,7 @@ index cb0c889e13aa..305f52f58c1a 100644
secure!
diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c
-index 5a5b3780456f..01eac2c6e7eb 100644
+index 5a77efd39b3f..e771cb100e66 100644
--- a/scripts/mod/modpost.c
+++ b/scripts/mod/modpost.c
@@ -35,6 +35,7 @@ static int vmlinux_section_warnings = 1;
@@ -2467,9 +2476,9 @@ index 5a5b3780456f..01eac2c6e7eb 100644
}
};
-@@ -1229,10 +1237,10 @@ static Elf_Sym *find_elf_symbol(struct elf_info *elf, Elf64_Sword addr,
+@@ -1255,10 +1263,10 @@ static Elf_Sym *find_elf_symbol(struct elf_info *elf, Elf64_Sword addr,
continue;
- if (ELF_ST_TYPE(sym->st_info) == STT_SECTION)
+ if (!is_valid_name(elf, sym))
continue;
- if (sym->st_value == addr)
- return sym;
@@ -2480,7 +2489,7 @@ index 5a5b3780456f..01eac2c6e7eb 100644
if (d < 0)
d = addr - sym->st_value;
if (d < distance) {
-@@ -1391,7 +1399,11 @@ static void report_sec_mismatch(const char *modname,
+@@ -1393,7 +1401,11 @@ static void report_sec_mismatch(const char *modname,
char *prl_from;
char *prl_to;
@@ -2493,7 +2502,7 @@ index 5a5b3780456f..01eac2c6e7eb 100644
if (!sec_mismatch_verbose)
return;
-@@ -1515,6 +1527,14 @@ static void report_sec_mismatch(const char *modname,
+@@ -1517,6 +1529,14 @@ static void report_sec_mismatch(const char *modname,
fatal("There's a special handler for this mismatch type, "
"we should never get here.");
break;
@@ -2508,7 +2517,7 @@ index 5a5b3780456f..01eac2c6e7eb 100644
}
fprintf(stderr, "\n");
}
-@@ -2526,6 +2546,14 @@ int main(int argc, char **argv)
+@@ -2528,6 +2548,14 @@ int main(int argc, char **argv)
}
}
free(buf.p);
diff --git a/sys-kernel/linux-image-redcore-lts/linux-image-redcore-lts-4.14.95-r1.ebuild b/sys-kernel/linux-image-redcore-lts/linux-image-redcore-lts-4.14.100.ebuild
index 333a4b50..ea4435ff 100644
--- a/sys-kernel/linux-image-redcore-lts/linux-image-redcore-lts-4.14.95-r1.ebuild
+++ b/sys-kernel/linux-image-redcore-lts/linux-image-redcore-lts-4.14.100.ebuild
@@ -5,7 +5,7 @@ EAPI=6
inherit eutils
-EXTRAVERSION="redcore-lts-r1"
+EXTRAVERSION="redcore-lts"
KV_FULL="${PV}-${EXTRAVERSION}"
KV_MAJOR="4.14"
diff --git a/sys-kernel/linux-image-redcore-lts/linux-image-redcore-lts-4.19.20-r1.ebuild b/sys-kernel/linux-image-redcore-lts/linux-image-redcore-lts-4.19.25.ebuild
index 19bc96c9..6c09196c 100644
--- a/sys-kernel/linux-image-redcore-lts/linux-image-redcore-lts-4.19.20-r1.ebuild
+++ b/sys-kernel/linux-image-redcore-lts/linux-image-redcore-lts-4.19.25.ebuild
@@ -5,7 +5,7 @@ EAPI=6
inherit eutils
-EXTRAVERSION="redcore-lts-r1"
+EXTRAVERSION="redcore-lts"
KV_FULL="${PV}-${EXTRAVERSION}"
KV_MAJOR="4.19"