diff options
7 files changed, 146 insertions, 12 deletions
diff --git a/libre/linux-libre-grsec/0011-kernfs-fix-removed-error-check.patch b/libre/linux-libre-grsec/0011-kernfs-fix-removed-error-check.patch new file mode 100644 index 000000000..b597595c6 --- /dev/null +++ b/libre/linux-libre-grsec/0011-kernfs-fix-removed-error-check.patch @@ -0,0 +1,13 @@ +diff --git a/fs/kernfs/file.c b/fs/kernfs/file.c +index 8034706..e01ea4a 100644 +--- a/fs/kernfs/file.c ++++ b/fs/kernfs/file.c +@@ -484,6 +484,8 @@ static int kernfs_fop_mmap(struct file *file, struct vm_area_struct *vma) + + ops = kernfs_ops(of->kn); + rc = ops->mmap(of, vma); ++ if (rc) ++ goto out_put; + + /* + * PowerPC's pci_mmap of legacy_mem uses shmem_zero_setup() diff --git a/libre/linux-libre-grsec/0012-fix-saa7134.patch b/libre/linux-libre-grsec/0012-fix-saa7134.patch new file mode 100644 index 000000000..070fbc8eb --- /dev/null +++ b/libre/linux-libre-grsec/0012-fix-saa7134.patch @@ -0,0 +1,37 @@ +--- a/drivers/media/pci/saa7134/saa7134-video.c ++++ a/drivers/media/pci/saa7134/saa7134-video.c +@@ -1243,6 +1243,7 @@ static int video_release(struct file *file) + videobuf_streamoff(&dev->cap); + res_free(dev, fh, RESOURCE_VIDEO); + videobuf_mmap_free(&dev->cap); ++ INIT_LIST_HEAD(&dev->cap.stream); + } + if (dev->cap.read_buf) { + buffer_release(&dev->cap, dev->cap.read_buf); +@@ -1254,6 +1255,7 @@ static int video_release(struct file *file) + videobuf_stop(&dev->vbi); + res_free(dev, fh, RESOURCE_VBI); + videobuf_mmap_free(&dev->vbi); ++ INIT_LIST_HEAD(&dev->vbi.stream); + } + + /* ts-capture will not work in planar mode, so turn it off Hac: 04.05*/ +@@ -1987,17 +1989,12 @@ int saa7134_streamoff(struct file *file, void *priv, + enum v4l2_buf_type type) + { + struct saa7134_dev *dev = video_drvdata(file); +- int err; + int res = saa7134_resource(file); + + if (res != RESOURCE_EMPRESS) + pm_qos_remove_request(&dev->qos_request); + +- err = videobuf_streamoff(saa7134_queue(file)); +- if (err < 0) +- return err; +- res_free(dev, priv, res); +- return 0; ++ return videobuf_streamoff(saa7134_queue(file)); + } + EXPORT_SYMBOL_GPL(saa7134_streamoff); + diff --git a/libre/linux-libre-grsec/0013-net-Start-with-correct-mac_len-in-skb_network_protocol.patch b/libre/linux-libre-grsec/0013-net-Start-with-correct-mac_len-in-skb_network_protocol.patch new file mode 100644 index 000000000..2840f190c --- /dev/null +++ b/libre/linux-libre-grsec/0013-net-Start-with-correct-mac_len-in-skb_network_protocol.patch @@ -0,0 +1,13 @@ +diff --git a/net/core/dev.c b/net/core/dev.c +index 45fa2f1..6088927 100644 +--- a/net/core/dev.c ++++ b/net/core/dev.c +@@ -2289,7 +2289,7 @@ EXPORT_SYMBOL(skb_checksum_help); + __be16 skb_network_protocol(struct sk_buff *skb, int *depth) + { + __be16 type = skb->protocol; +- int vlan_depth = ETH_HLEN; ++ int vlan_depth = skb->mac_len; + + /* Tunnel gso handlers can set protocol to ethernet. */ + if (type == htons(ETH_P_TEB)) { diff --git a/libre/linux-libre-grsec/0015-fix-xsdt-validation.patch b/libre/linux-libre-grsec/0015-fix-xsdt-validation.patch new file mode 100644 index 000000000..82dd2be25 --- /dev/null +++ b/libre/linux-libre-grsec/0015-fix-xsdt-validation.patch @@ -0,0 +1,42 @@ +@@ -, +, @@ + acpi_tb_parse_root_table(). + Commit: 671cc68dc61f029d44b43a681356078e02d8dab8 + Subject: ACPICA: Back port and refine validation of the XSDT root table. +--- + drivers/acpi/acpica/tbutils.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) +--- a/drivers/acpi/acpica/tbutils.c ++++ a/drivers/acpi/acpica/tbutils.c +@@ -461,6 +461,7 @@ acpi_status __init acpi_tb_parse_root_table(acpi_physical_address rsdp_address) + u32 table_count; + struct acpi_table_header *table; + acpi_physical_address address; ++ acpi_physical_address rsdt_address; + u32 length; + u8 *table_entry; + acpi_status status; +@@ -488,11 +489,13 @@ acpi_status __init acpi_tb_parse_root_table(acpi_physical_address rsdp_address) + * as per the ACPI specification. + */ + address = (acpi_physical_address) rsdp->xsdt_physical_address; ++ rsdt_address = (acpi_physical_address) rsdp->rsdt_physical_address; + table_entry_size = ACPI_XSDT_ENTRY_SIZE; + } else { + /* Root table is an RSDT (32-bit physical addresses) */ + + address = (acpi_physical_address) rsdp->rsdt_physical_address; ++ rsdt_address = address; + table_entry_size = ACPI_RSDT_ENTRY_SIZE; + } + +@@ -515,8 +518,7 @@ acpi_status __init acpi_tb_parse_root_table(acpi_physical_address rsdp_address) + + /* Fall back to the RSDT */ + +- address = +- (acpi_physical_address) rsdp->rsdt_physical_address; ++ address = rsdt_address; + table_entry_size = ACPI_RSDT_ENTRY_SIZE; + } + } + diff --git a/libre/linux-libre-grsec/PKGBUILD b/libre/linux-libre-grsec/PKGBUILD index 082bdb61a..e702d3ad8 100644 --- a/libre/linux-libre-grsec/PKGBUILD +++ b/libre/linux-libre-grsec/PKGBUILD @@ -12,9 +12,9 @@ pkgbase=linux-libre-grsec # Build stock -LIBRE-GRSEC kernel #pkgbase=linux-libre-custom # Build kernel with a different name _basekernel=3.14 -_sublevel=1 +_sublevel=2 _grsecver=3.0 -_timestamp=201404241722 +_timestamp=201404270907 _pkgver=${_basekernel}.${_sublevel} pkgver=${_basekernel}.${_sublevel}.${_timestamp} pkgrel=1 @@ -44,14 +44,18 @@ source=("http://linux-libre.fsfla.org/pub/linux-libre/releases/${_basekernel}-gn '0006-genksyms-fix-typeof-handling.patch' '0007-x86-efi-Correct-EFI-boot-stub-use-of-code32_start.patch' '0010-iwlwifi-mvm-delay-enabling-smart-FIFO-until-after-be.patch' + '0011-kernfs-fix-removed-error-check.patch' + '0012-fix-saa7134.patch' + '0013-net-Start-with-correct-mac_len-in-skb_network_protocol.patch' + '0015-fix-xsdt-validation.patch' 'sysctl.conf' "http://www.linux-libre.fsfla.org/pub/linux-libre/lemote/gnewsense/pool/debuginfo/linux-patches-${_lxopkgver}-gnu_0loongsonlibre_mipsel.tar.xz") md5sums=('c108ec52eeb2a9b9ddbb8d12496ff25f' - '2b4862b3c76011e66e536f18fbf0fb27' - 'c22e7672ec2b6a87b99734ea470988d9' + '77c34d5c5c2663d0daaf8ad3761fbaf3' + '108a9ec62f9015ed17cd91f40087ea03' 'SKIP' - '51ead958a4bb74ca5f5702b97740719b' - '0822a5655cef86bb6f449692d8b3f3d2' + '1b830bf677c7df400ac30192fa37f97f' + '408dd180559f71dab1fcc80a19da1343' '5f66bed97a5c37e48eb2f71b2d354b9a' '2967cecc3af9f954ccc822fd63dca6ff' '8267264d9a8966e57fdacd1fa1fc65c4' @@ -65,6 +69,10 @@ md5sums=('c108ec52eeb2a9b9ddbb8d12496ff25f' '16a161979f846b049e90daea907c35dd' '00727251b0d337a25d3ca392218afdf4' '353b553d69da810ef954618aca60e1e2' + 'b3f98eba6322463ed6644784c56893be' + '4f547d79fa1b2bb855dc2996be2a515e' + '21d25aef69f9da33c6087b7ffd97783e' + '278417ab07b6f5fe8e3e0ed656f35f3e' '7a052645280da78a98bfe8cf805ddab5' '3ab22a28f075ec92bca1b7598e8280e1') if [ "$CARCH" != "mips64el" ]; then @@ -127,6 +135,25 @@ prepare() { # FS#39815 patch -p1 -i "${srcdir}/0010-iwlwifi-mvm-delay-enabling-smart-FIFO-until-after-be.patch" + # fix Xorg crash with i810 chipset due to wrong removed error check + # References: http://lkml.kernel.org/g/533D01BD.1010200@googlemail.com + patch -Np1 -i "${srcdir}/0011-kernfs-fix-removed-error-check.patch" + + # fix saa7134 video + # https://bugs.archlinux.org/task/39904 + # https://bugzilla.kernel.org/show_bug.cgi?id=73361 + patch -Np1 -i "${srcdir}/0012-fix-saa7134.patch" + + # fix tun/openvpn performance + # https://bugs.archlinux.org/task/40089 + # https://bugzilla.kernel.org/show_bug.cgi?id=74051 + patch -Np1 -i "${srcdir}/0013-net-Start-with-correct-mac_len-in-skb_network_protocol.patch" + + # fix xsdt validation bug + # https://bugs.archlinux.org/task/39811 + # https://bugzilla.kernel.org/show_bug.cgi?id=73911 + patch -Np1 -i "${srcdir}/0015-fix-xsdt-validation.patch" + if [ "$CARCH" == "mips64el" ]; then sed -i "s|^EXTRAVERSION.*|EXTRAVERSION =-libre-grsec|" Makefile sed -r "s|^( SUBLEVEL = ).*|\1$_sublevel|" \ diff --git a/libre/linux-libre-grsec/config.i686 b/libre/linux-libre-grsec/config.i686 index 76ef4273e..cc0487d43 100644 --- a/libre/linux-libre-grsec/config.i686 +++ b/libre/linux-libre-grsec/config.i686 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 3.14.1-1 Kernel Configuration +# Linux/x86 3.14.2-1 Kernel Configuration # # CONFIG_64BIT is not set CONFIG_X86_32=y @@ -1487,7 +1487,8 @@ CONFIG_DMA_SHARED_BUFFER=y # # Bus devices # -CONFIG_CONNECTOR=m +CONFIG_CONNECTOR=y +CONFIG_PROC_EVENTS=y CONFIG_MTD=m CONFIG_MTD_TESTS=m CONFIG_MTD_REDBOOT_PARTS=m diff --git a/libre/linux-libre-grsec/config.x86_64 b/libre/linux-libre-grsec/config.x86_64 index 14c7909bc..4b3e0d5fd 100644 --- a/libre/linux-libre-grsec/config.x86_64 +++ b/libre/linux-libre-grsec/config.x86_64 @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 3.14.1-1 Kernel Configuration +# Linux/x86 3.14.2-1 Kernel Configuration # CONFIG_64BIT=y CONFIG_X86_64=y @@ -260,8 +260,8 @@ CONFIG_SECCOMP_FILTER=y CONFIG_HAVE_CC_STACKPROTECTOR=y CONFIG_CC_STACKPROTECTOR=y # CONFIG_CC_STACKPROTECTOR_NONE is not set -CONFIG_CC_STACKPROTECTOR_REGULAR=y -# CONFIG_CC_STACKPROTECTOR_STRONG is not set +# CONFIG_CC_STACKPROTECTOR_REGULAR is not set +CONFIG_CC_STACKPROTECTOR_STRONG=y CONFIG_HAVE_CONTEXT_TRACKING=y CONFIG_HAVE_VIRT_CPU_ACCOUNTING_GEN=y CONFIG_HAVE_IRQ_TIME_ACCOUNTING=y @@ -1472,7 +1472,8 @@ CONFIG_DMA_SHARED_BUFFER=y # # Bus devices # -CONFIG_CONNECTOR=m +CONFIG_CONNECTOR=y +CONFIG_PROC_EVENTS=y CONFIG_MTD=m CONFIG_MTD_TESTS=m CONFIG_MTD_REDBOOT_PARTS=m |