Linux v3.16-rc7-76-g3a1122d26c62
This commit is contained in:
parent
3a3d323ba8
commit
73f882b7bf
@ -69,7 +69,7 @@ Summary: The Linux kernel
|
||||
# The rc snapshot level
|
||||
%define rcrev 7
|
||||
# The git snapshot level
|
||||
%define gitrev 2
|
||||
%define gitrev 3
|
||||
# Set rpm version accordingly
|
||||
%define rpmversion 3.%{upstream_sublevel}.0
|
||||
%endif
|
||||
@ -2259,6 +2259,9 @@ fi
|
||||
# ||----w |
|
||||
# || ||
|
||||
%changelog
|
||||
* Thu Jul 31 2014 Josh Boyer <jwboyer@fedoraproject.org> - 3.16.0-0.rc7.git3.1
|
||||
- Linux v3.16-rc7-76-g3a1122d26c62
|
||||
|
||||
* Wed Jul 30 2014 Kyle McMartin <kyle@fedoraproject.org>
|
||||
- kernel-arm64.patch: fix up merge conflict and re-enable
|
||||
|
||||
|
@ -1,8 +1,7 @@
|
||||
Bugzilla: N/A
|
||||
Upstream-status: Fedora mustard. Replaced by securelevels, but that was nak'd
|
||||
|
||||
|
||||
From 3b083aa4b42c6f2e814742b24e1948aced3a5e3f Mon Sep 17 00:00:00 2001
|
||||
From 952dbcbea4cffb1a05773af3b5f41e8ed477c5fe Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Date: Fri, 9 Aug 2013 17:58:15 -0400
|
||||
Subject: [PATCH 01/14] Add secure_modules() call
|
||||
@ -64,7 +63,7 @@ index 81e727cf6df9..fc14f48915dd 100644
|
||||
1.9.3
|
||||
|
||||
|
||||
From 5c9708ebd7a52bf432745dc9b739c54666f2789d Mon Sep 17 00:00:00 2001
|
||||
From 3b451a12e60a47d152ecce1c02634c4d7320b024 Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Date: Thu, 8 Mar 2012 10:10:38 -0500
|
||||
Subject: [PATCH 02/14] PCI: Lock down BAR access when module security is
|
||||
@ -183,7 +182,7 @@ index b91c4da68365..98f5637304d1 100644
|
||||
1.9.3
|
||||
|
||||
|
||||
From c5f35519151d28b1a3c3dee5cb67fd67befa7fb6 Mon Sep 17 00:00:00 2001
|
||||
From 42a620055ac873fb378ec69731c7a2200f6779cc Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Date: Thu, 8 Mar 2012 10:35:59 -0500
|
||||
Subject: [PATCH 03/14] x86: Lock down IO port access when module security is
|
||||
@ -256,7 +255,7 @@ index 917403fe10da..cdf839f9defe 100644
|
||||
1.9.3
|
||||
|
||||
|
||||
From 24b607adc80fdebbc3497efc4b997a62edc06280 Mon Sep 17 00:00:00 2001
|
||||
From 8019fb7c7b5f18b19f7c980987953680ee218c9f Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Date: Fri, 9 Mar 2012 08:39:37 -0500
|
||||
Subject: [PATCH 04/14] ACPI: Limit access to custom_method
|
||||
@ -288,7 +287,7 @@ index c68e72414a67..4277938af700 100644
|
||||
1.9.3
|
||||
|
||||
|
||||
From 215559c7708671e85ceb42f6e25445b9b27f6c38 Mon Sep 17 00:00:00 2001
|
||||
From bf84e9e1022b2d3d0c97ae48fb8b61e5336c50f8 Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Date: Fri, 9 Mar 2012 08:46:50 -0500
|
||||
Subject: [PATCH 05/14] asus-wmi: Restrict debugfs interface when module
|
||||
@ -343,7 +342,7 @@ index 3c6ccedc82b6..960c46536c65 100644
|
||||
1.9.3
|
||||
|
||||
|
||||
From b709a5110b728b526063c6814413a8c0f0d01203 Mon Sep 17 00:00:00 2001
|
||||
From 9a56e8715d3b6dc84989997f34b6b5d407cabad2 Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Date: Fri, 9 Mar 2012 09:28:15 -0500
|
||||
Subject: [PATCH 06/14] Restrict /dev/mem and /dev/kmem when module loading is
|
||||
@ -386,7 +385,7 @@ index cdf839f9defe..c63cf93b00eb 100644
|
||||
1.9.3
|
||||
|
||||
|
||||
From 2896018a1c991e19691ab203a9e9010e898587e7 Mon Sep 17 00:00:00 2001
|
||||
From 8d6faa19bbbaa4df411becda7e40c4ea0684c134 Mon Sep 17 00:00:00 2001
|
||||
From: Josh Boyer <jwboyer@redhat.com>
|
||||
Date: Mon, 25 Jun 2012 19:57:30 -0400
|
||||
Subject: [PATCH 07/14] acpi: Ignore acpi_rsdp kernel parameter when module
|
||||
@ -426,7 +425,7 @@ index bad25b070fe0..0606585e8b93 100644
|
||||
1.9.3
|
||||
|
||||
|
||||
From a9c7c2c5e39d3e687b3e90845a753673144a754b Mon Sep 17 00:00:00 2001
|
||||
From 1ff86ddea019f543f6668b56889f86811028f303 Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Date: Fri, 9 Aug 2013 03:33:56 -0400
|
||||
Subject: [PATCH 08/14] kexec: Disable at runtime if the kernel enforces module
|
||||
@ -442,18 +441,18 @@ Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
1 file changed, 8 insertions(+)
|
||||
|
||||
diff --git a/kernel/kexec.c b/kernel/kexec.c
|
||||
index 6748688813d0..d4d88984bf45 100644
|
||||
index 4b8f0c925884..df14daa323a9 100644
|
||||
--- a/kernel/kexec.c
|
||||
+++ b/kernel/kexec.c
|
||||
@@ -33,6 +33,7 @@
|
||||
#include <linux/swap.h>
|
||||
@@ -34,6 +34,7 @@
|
||||
#include <linux/syscore_ops.h>
|
||||
#include <linux/compiler.h>
|
||||
#include <linux/hugetlb.h>
|
||||
+#include <linux/module.h>
|
||||
|
||||
#include <asm/page.h>
|
||||
#include <asm/uaccess.h>
|
||||
@@ -946,6 +947,13 @@ SYSCALL_DEFINE4(kexec_load, unsigned long, entry, unsigned long, nr_segments,
|
||||
@@ -947,6 +948,13 @@ SYSCALL_DEFINE4(kexec_load, unsigned long, entry, unsigned long, nr_segments,
|
||||
return -EPERM;
|
||||
|
||||
/*
|
||||
@ -471,7 +470,7 @@ index 6748688813d0..d4d88984bf45 100644
|
||||
1.9.3
|
||||
|
||||
|
||||
From 4ce6023b9f02d5397156976568b3aad88b2f5b95 Mon Sep 17 00:00:00 2001
|
||||
From 4d56368f1364b45c18067bab1d6abc5ce0f67183 Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Date: Fri, 8 Feb 2013 11:12:13 -0800
|
||||
Subject: [PATCH 09/14] x86: Restrict MSR access when module loading is
|
||||
@ -516,7 +515,7 @@ index c9603ac80de5..8bef43fc3f40 100644
|
||||
1.9.3
|
||||
|
||||
|
||||
From c95290110f65724e58b7506281759c0bac59b9f5 Mon Sep 17 00:00:00 2001
|
||||
From aab8ba85241a85a0b2ed622edd7874c74cafa496 Mon Sep 17 00:00:00 2001
|
||||
From: Matthew Garrett <matthew.garrett@nebula.com>
|
||||
Date: Fri, 9 Aug 2013 18:36:30 -0400
|
||||
Subject: [PATCH 10/14] Add option to automatically enforce module signatures
|
||||
@ -552,10 +551,10 @@ index 199f453cb4de..ec38acf00b40 100644
|
||||
290/040 ALL edd_mbr_sig_buffer EDD MBR signatures
|
||||
2D0/A00 ALL e820_map E820 memory map table
|
||||
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
|
||||
index a8f749ef0fdc..35bfd8259993 100644
|
||||
index d24887b645dc..870aac9520b3 100644
|
||||
--- a/arch/x86/Kconfig
|
||||
+++ b/arch/x86/Kconfig
|
||||
@@ -1556,6 +1556,16 @@ config EFI_MIXED
|
||||
@@ -1557,6 +1557,16 @@ config EFI_MIXED
|
||||
|
||||
If unsure, say N.
|
||||
|
||||
@ -703,7 +702,7 @@ index fc14f48915dd..2d68d276f3b6 100644
|
||||
1.9.3
|
||||
|
||||
|
||||
From f0baa6f34da3f151c059ca3043945837db0ca8d1 Mon Sep 17 00:00:00 2001
|
||||
From eae8a80ddc185b3f233e2620dbfc6454b6f0c3a6 Mon Sep 17 00:00:00 2001
|
||||
From: Josh Boyer <jwboyer@fedoraproject.org>
|
||||
Date: Tue, 5 Feb 2013 19:25:05 -0500
|
||||
Subject: [PATCH 11/14] efi: Disable secure boot if shim is in insecure mode
|
||||
@ -762,7 +761,7 @@ index 85defaf5a27c..b4013a4ba005 100644
|
||||
1.9.3
|
||||
|
||||
|
||||
From 6bc90bfd4c13fd6cc4a536630807406c16395bf5 Mon Sep 17 00:00:00 2001
|
||||
From 9728a4f49b284b7354876e1d77174d5838306e21 Mon Sep 17 00:00:00 2001
|
||||
From: Josh Boyer <jwboyer@fedoraproject.org>
|
||||
Date: Tue, 27 Aug 2013 13:28:43 -0400
|
||||
Subject: [PATCH 12/14] efi: Make EFI_SECURE_BOOT_SIG_ENFORCE depend on EFI
|
||||
@ -776,10 +775,10 @@ Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org>
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
|
||||
index 35bfd8259993..746b1b63da8c 100644
|
||||
index 870aac9520b3..7aecd3f9f8ee 100644
|
||||
--- a/arch/x86/Kconfig
|
||||
+++ b/arch/x86/Kconfig
|
||||
@@ -1557,7 +1557,8 @@ config EFI_MIXED
|
||||
@@ -1558,7 +1558,8 @@ config EFI_MIXED
|
||||
If unsure, say N.
|
||||
|
||||
config EFI_SECURE_BOOT_SIG_ENFORCE
|
||||
@ -793,7 +792,7 @@ index 35bfd8259993..746b1b63da8c 100644
|
||||
1.9.3
|
||||
|
||||
|
||||
From 292f6faa86f44fe261c8da58cc2c7f65aa0acad6 Mon Sep 17 00:00:00 2001
|
||||
From 4211b4919b8ccecc4f4cdc0a46ead7294478b687 Mon Sep 17 00:00:00 2001
|
||||
From: Josh Boyer <jwboyer@fedoraproject.org>
|
||||
Date: Tue, 27 Aug 2013 13:33:03 -0400
|
||||
Subject: [PATCH 13/14] efi: Add EFI_SECURE_BOOT bit
|
||||
@ -837,7 +836,7 @@ index 41bbf8ba4ba8..e73f391fd3c8 100644
|
||||
1.9.3
|
||||
|
||||
|
||||
From 594e605ee9589150919aa113e3e01163168ad041 Mon Sep 17 00:00:00 2001
|
||||
From 18b50c6f0597b606cb03cbd8a9fdef7478cb2b21 Mon Sep 17 00:00:00 2001
|
||||
From: Josh Boyer <jwboyer@fedoraproject.org>
|
||||
Date: Fri, 20 Jun 2014 08:53:24 -0400
|
||||
Subject: [PATCH 14/14] hibernate: Disable in a signed modules environment
|
||||
|
2
sources
2
sources
@ -1,4 +1,4 @@
|
||||
97ca1625bb40368dc41b9a7971549071 linux-3.15.tar.xz
|
||||
ef8f4db937f521a7e323ec589536ba25 perf-man-3.15.tar.gz
|
||||
cf68262d938c6ec27bc96896beb8549f patch-3.16-rc7.xz
|
||||
3627dd3a3efad454c49e422f16dc3d44 patch-3.16-rc7-git2.xz
|
||||
1c67029928355381d4d884f17627c800 patch-3.16-rc7-git3.xz
|
||||
|
Loading…
Reference in New Issue
Block a user