Add i915 eDP fixes

Linux v4.18.16
Fix network on some i.MX6 devices (rhbz 1628209)
2018-10-23 03:26:21 -07:00 · 2018-10-21 00:26:28 +01:00 · 2018-10-21 00:19:20 +01:00 · 2018-10-18 11:11:26 -05:00 · 2018-10-15 07:16:25 -05:00 · 2018-10-12 09:54:06 -04:00
10939 changed files with 65722 additions and 91095 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +1,10 @@
+clog
 *.xz
 *.bz2
+*.rpm
+*.orig
+*.sign
+kernel-[234].*/
+perf-man-*.tar.gz
+kernel-tools/
+kernel-headers/
--- a/0001-Make-get_cert_list-not-complain-about-cert-lists-tha.patch
+++ b/0001-Make-get_cert_list-not-complain-about-cert-lists-tha.patch
@ -0,0 +1,109 @@
+From 3ce5852ec6add45a28fe1706e9163351940e905c Mon Sep 17 00:00:00 2001
+From: Peter Jones <pjones@redhat.com>
+Date: Mon, 2 Oct 2017 18:25:29 -0400
+Subject: [PATCH 1/3] Make get_cert_list() not complain about cert lists that
+ aren't present.
+
+Signed-off-by: Peter Jones <pjones@redhat.com>
+---
+ certs/load_uefi.c | 37 ++++++++++++++++++++++---------------
+ 1 file changed, 22 insertions(+), 15 deletions(-)
+
+diff --git a/certs/load_uefi.c b/certs/load_uefi.c
+index 3d884598601..9ef34c44fd1 100644
+--- a/certs/load_uefi.c
+++ b/certs/load_uefi.c
+@@ -35,8 +35,8 @@ static __init bool uefi_check_ignore_db(void)
+ /*
+  * Get a certificate list blob from the named EFI variable.
+  */
+-static __init void *get_cert_list(efi_char16_t *name, efi_guid_t *guid,
+-				  unsigned long *size)
+static __init int get_cert_list(efi_char16_t *name, efi_guid_t *guid,
+				unsigned long *size, void **cert_list)
+ {
+ 	efi_status_t status;
+ 	unsigned long lsize = 4;
+@@ -44,26 +44,33 @@ static __init void *get_cert_list(efi_char16_t *name, efi_guid_t *guid,
+ 	void *db;
+ 
+ 	status = efi.get_variable(name, guid, NULL, &lsize, &tmpdb);
+	if (status == EFI_NOT_FOUND) {
+		*size = 0;
+		*cert_list = NULL;
+		return 0;
+	}
+
+ 	if (status != EFI_BUFFER_TOO_SMALL) {
+ 		pr_err("Couldn't get size: 0x%lx\n", status);
+-		return NULL;
+		return efi_status_to_err(status);
+ 	}
+ 
+ 	db = kmalloc(lsize, GFP_KERNEL);
+ 	if (!db) {
+ 		pr_err("Couldn't allocate memory for uefi cert list\n");
+-		return NULL;
+		return -ENOMEM;
+ 	}
+ 
+ 	status = efi.get_variable(name, guid, NULL, &lsize, db);
+ 	if (status != EFI_SUCCESS) {
+ 		kfree(db);
+ 		pr_err("Error reading db var: 0x%lx\n", status);
+-		return NULL;
+		return efi_status_to_err(status);
+ 	}
+ 
+ 	*size = lsize;
+-	return db;
+	*cert_list = db;
+	return 0;
+ }
+ 
+ /*
+@@ -152,10 +159,10 @@ static int __init load_uefi_certs(void)
+ 	 * an error if we can't get them.
+ 	 */
+ 	if (!uefi_check_ignore_db()) {
+-		db = get_cert_list(L"db", &secure_var, &dbsize);
+-		if (!db) {
+		rc = get_cert_list(L"db", &secure_var, &dbsize, &db);
+		if (rc < 0) {
+ 			pr_err("MODSIGN: Couldn't get UEFI db list\n");
+-		} else {
+		} else if (dbsize != 0) {
+ 			rc = parse_efi_signature_list("UEFI:db",
+ 						      db, dbsize, get_handler_for_db);
+ 			if (rc)
+@@ -164,10 +171,10 @@ static int __init load_uefi_certs(void)
+ 		}
+ 	}
+ 
+-	mok = get_cert_list(L"MokListRT", &mok_var, &moksize);
+-	if (!mok) {
+	rc = get_cert_list(L"MokListRT", &mok_var, &moksize, &mok);
+	if (rc < 0) {
+ 		pr_info("MODSIGN: Couldn't get UEFI MokListRT\n");
+-	} else {
+	} else if (moksize != 0) {
+ 		rc = parse_efi_signature_list("UEFI:MokListRT",
+ 					      mok, moksize, get_handler_for_db);
+ 		if (rc)
+@@ -175,10 +182,10 @@ static int __init load_uefi_certs(void)
+ 		kfree(mok);
+ 	}
+ 
+-	dbx = get_cert_list(L"dbx", &secure_var, &dbxsize);
+-	if (!dbx) {
+	rc = get_cert_list(L"dbx", &secure_var, &dbxsize, &dbx);
+	if (rc < 0) {
+ 		pr_info("MODSIGN: Couldn't get UEFI dbx list\n");
+-	} else {
+	} else if (dbxsize != 0) {
+ 		rc = parse_efi_signature_list("UEFI:dbx",
+ 					      dbx, dbxsize,
+ 					      get_handler_for_dbx);
+-- 
+2.15.0
+
--- a/0001-iio-Use-event-header-from-kernel-tree.patch
+++ b/0001-iio-Use-event-header-from-kernel-tree.patch
@ -0,0 +1,64 @@
+From 0eadbb65c0026fb4eec89c54f6b48a0febd87f92 Mon Sep 17 00:00:00 2001
+From: Laura Abbott <labbott@redhat.com>
+Date: Fri, 9 Sep 2016 08:19:17 -0700
+Subject: [PATCH] iio: Use type header from kernel tree
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+To: Jonathan Cameron <jic23@kernel.org>
+To: Hartmut Knaack <knaack.h@gmx.de>
+To: Lars-Peter Clausen <lars@metafoo.de>
+To: Peter Meerwald-Stadler <pmeerw@pmeerw.net>
+Cc: linux-iio@vger.kernel.org
+Cc: linux-kernel@vger.kernel.org
+
+
+The iio tools have been updated as new event types have been added to
+the kernel. The tools currently use the standard system headers which
+means that the system may not have the newest defintitions. This leads
+to build failures when building newer tools on older hosts:
+
+gcc -Wall -g -D_GNU_SOURCE   -c -o iio_event_monitor.o
+iio_event_monitor.c
+iio_event_monitor.c:59:3: error: ‘IIO_UVINDEX’ undeclared here (not in a
+function)
+  [IIO_UVINDEX] = "uvindex",
+   ^~~~~~~~~~~
+iio_event_monitor.c:59:3: error: array index in initializer not of
+integer type
+iio_event_monitor.c:59:3: note: (near initialization for
+‘iio_chan_type_name_spec’)
+iio_event_monitor.c:97:3: error: ‘IIO_MOD_LIGHT_UV’ undeclared here (not
+in a function)
+  [IIO_MOD_LIGHT_UV] = "uv",
+   ^~~~~~~~~~~~~~~~
+iio_event_monitor.c:97:3: error: array index in initializer not of
+integer type
+iio_event_monitor.c:97:3: note: (near initialization for
+‘iio_modifier_names’)
+<builtin>: recipe for target 'iio_event_monitor.o' failed
+
+Switch to using the header from the kernel tree to ensure the newest
+defintions are always picked up.
+
+Signed-off-by: Laura Abbott <labbott@redhat.com>
+---
+ tools/iio/iio_event_monitor.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/tools/iio/iio_event_monitor.c b/tools/iio/iio_event_monitor.c
+index d9b7e0f..f02523d 100644
+--- a/tools/iio/iio_event_monitor.c
+++ b/tools/iio/iio_event_monitor.c
+@@ -26,7 +26,7 @@
+ #include <sys/ioctl.h>
+ #include "iio_utils.h"
+ #include <linux/iio/events.h>
+-#include <linux/iio/types.h>
+#include "../../include/uapi/linux/iio/types.h"
+ 
+ static const char * const iio_chan_type_name_spec[] = {
+ 	[IIO_VOLTAGE] = "voltage",
+-- 
+2.7.4
+
--- a/0001-random-add-a-config-option-to-trust-the-CPU-s-hwrng.patch
+++ b/0001-random-add-a-config-option-to-trust-the-CPU-s-hwrng.patch
@ -0,0 +1,78 @@
+From 39a8883a2b989d1d21bd8dd99f5557f0c5e89694 Mon Sep 17 00:00:00 2001
+From: Theodore Ts'o <tytso@mit.edu>
+Date: Tue, 17 Jul 2018 18:24:27 -0400
+Subject: [PATCH] random: add a config option to trust the CPU's hwrng
+
+This gives the user building their own kernel (or a Linux
+distribution) the option of deciding whether or not to trust the CPU's
+hardware random number generator (e.g., RDRAND for x86 CPU's) as being
+correctly implemented and not having a back door introduced (perhaps
+courtesy of a Nation State's law enforcement or intelligence
+agencies).
+
+This will prevent getrandom(2) from blocking, if there is a
+willingness to trust the CPU manufacturer.
+
+Signed-off-by: Theodore Ts'o <tytso@mit.edu>
+---
+ drivers/char/Kconfig  | 14 ++++++++++++++
+ drivers/char/random.c | 11 ++++++++++-
+ 2 files changed, 24 insertions(+), 1 deletion(-)
+
+diff --git a/drivers/char/Kconfig b/drivers/char/Kconfig
+index 212f447938ae..ce277ee0a28a 100644
+--- a/drivers/char/Kconfig
+++ b/drivers/char/Kconfig
+@@ -554,3 +554,17 @@ config ADI
+ 
+ endmenu
+ 
+config RANDOM_TRUST_CPU
+	bool "Trust the CPU manufacturer to initialize Linux's CRNG"
+	depends on X86 || S390 || PPC
+	default n
+	help
+	Assume that CPU manufacturer (e.g., Intel or AMD for RDSEED or
+	RDRAND, IBM for the S390 and Power PC architectures) is trustworthy
+	for the purposes of initializing Linux's CRNG.  Since this is not
+	something that can be independently audited, this amounts to trusting
+	that CPU manufacturer (perhaps with the insistence or mandate
+	of a Nation State's intelligence or law enforcement agencies)
+	has not installed a hidden back door to compromise the CPU's
+	random number generation facilities.
+
+diff --git a/drivers/char/random.c b/drivers/char/random.c
+index 34ddfd57419b..f4013b8a711b 100644
+--- a/drivers/char/random.c
+++ b/drivers/char/random.c
+@@ -782,6 +782,7 @@ static void invalidate_batched_entropy(void);
+ static void crng_initialize(struct crng_state *crng)
+ {
+ 	int		i;
+	int		arch_init = 1;
+ 	unsigned long	rv;
+ 
+ 	memcpy(&crng->state[0], "expand 32-byte k", 16);
+@@ -792,10 +793,18 @@ static void crng_initialize(struct crng_state *crng)
+ 		_get_random_bytes(&crng->state[4], sizeof(__u32) * 12);
+ 	for (i = 4; i < 16; i++) {
+ 		if (!arch_get_random_seed_long(&rv) &&
+-		    !arch_get_random_long(&rv))
+		    !arch_get_random_long(&rv)) {
+ 			rv = random_get_entropy();
+			arch_init = 0;
+		}
+ 		crng->state[i] ^= rv;
+ 	}
+#ifdef CONFIG_RANDOM_TRUST_CPU
+	if (arch_init) {
+		crng_init = 2;
+		pr_notice("random: crng done (trusting CPU's manufacturer)\n");
+	}
+#endif
+ 	crng->init_time = jiffies - CRNG_RESEED_INTERVAL - 1;
+ }
+ 
+-- 
+2.17.1
+
--- a/0001-random-make-CPU-trust-a-boot-parameter.patch
+++ b/0001-random-make-CPU-trust-a-boot-parameter.patch
@ -0,0 +1,82 @@
+From 9b25436662d5fb4c66eb527ead53cab15f596ee0 Mon Sep 17 00:00:00 2001
+From: Kees Cook <keescook@chromium.org>
+Date: Mon, 27 Aug 2018 14:51:54 -0700
+Subject: [PATCH] random: make CPU trust a boot parameter
+
+Instead of forcing a distro or other system builder to choose
+at build time whether the CPU is trusted for CRNG seeding via
+CONFIG_RANDOM_TRUST_CPU, provide a boot-time parameter for end users to
+control the choice. The CONFIG will set the default state instead.
+
+Signed-off-by: Kees Cook <keescook@chromium.org>
+Signed-off-by: Theodore Ts'o <tytso@mit.edu>
+---
+ Documentation/admin-guide/kernel-parameters.txt |  6 ++++++
+ drivers/char/Kconfig                            |  4 ++--
+ drivers/char/random.c                           | 11 ++++++++---
+ 3 files changed, 16 insertions(+), 5 deletions(-)
+
+diff --git a/Documentation/admin-guide/kernel-parameters.txt b/Documentation/admin-guide/kernel-parameters.txt
+index 0c8f7889efa1..227c5c6fa4c1 100644
+--- a/Documentation/admin-guide/kernel-parameters.txt
+++ b/Documentation/admin-guide/kernel-parameters.txt
+@@ -3390,6 +3390,12 @@
+ 	ramdisk_size=	[RAM] Sizes of RAM disks in kilobytes
+ 			See Documentation/blockdev/ramdisk.txt.
+ 
+	random.trust_cpu={on,off}
+			[KNL] Enable or disable trusting the use of the
+			CPU's random number generator (if available) to
+			fully seed the kernel's CRNG. Default is controlled
+			by CONFIG_RANDOM_TRUST_CPU.
+
+ 	ras=option[,option,...]	[KNL] RAS-specific options
+ 
+ 		cec_disable	[X86]
+diff --git a/drivers/char/Kconfig b/drivers/char/Kconfig
+index ce277ee0a28a..40728491f37b 100644
+--- a/drivers/char/Kconfig
+++ b/drivers/char/Kconfig
+@@ -566,5 +566,5 @@ config RANDOM_TRUST_CPU
+ 	that CPU manufacturer (perhaps with the insistence or mandate
+ 	of a Nation State's intelligence or law enforcement agencies)
+ 	has not installed a hidden back door to compromise the CPU's
+-	random number generation facilities.
+-
+	random number generation facilities. This can also be configured
+	at boot with "random.trust_cpu=on/off".
+diff --git a/drivers/char/random.c b/drivers/char/random.c
+index bf5f99fc36f1..c75b6cdf0053 100644
+--- a/drivers/char/random.c
+++ b/drivers/char/random.c
+@@ -779,6 +779,13 @@ static struct crng_state **crng_node_pool __read_mostly;
+ 
+ static void invalidate_batched_entropy(void);
+ 
+static bool trust_cpu __ro_after_init = IS_ENABLED(CONFIG_RANDOM_TRUST_CPU);
+static int __init parse_trust_cpu(char *arg)
+{
+	return kstrtobool(arg, &trust_cpu);
+}
+early_param("random.trust_cpu", parse_trust_cpu);
+
+ static void crng_initialize(struct crng_state *crng)
+ {
+ 	int		i;
+@@ -799,12 +806,10 @@ static void crng_initialize(struct crng_state *crng)
+ 		}
+ 		crng->state[i] ^= rv;
+ 	}
+-#ifdef CONFIG_RANDOM_TRUST_CPU
+-	if (arch_init) {
+	if (trust_cpu && arch_init) {
+ 		crng_init = 2;
+ 		pr_notice("random: crng done (trusting CPU's manufacturer)\n");
+ 	}
+-#endif
+ 	crng->init_time = jiffies - CRNG_RESEED_INTERVAL - 1;
+ }
+ 
+-- 
+2.17.1
+
--- a/0002-Add-efi_status_to_str-and-rework-efi_status_to_err.patch
+++ b/0002-Add-efi_status_to_str-and-rework-efi_status_to_err.patch
@ -0,0 +1,183 @@
+From c8218e9b3c38fcd36a2d06eec09952a0c6cee9e0 Mon Sep 17 00:00:00 2001
+From: Peter Jones <pjones@redhat.com>
+Date: Mon, 2 Oct 2017 18:22:13 -0400
+Subject: [PATCH 2/3] Add efi_status_to_str() and rework efi_status_to_err().
+
+This adds efi_status_to_str() for use when printing efi_status_t
+messages, and reworks efi_status_to_err() so that the two use a common
+list of errors.
+
+Signed-off-by: Peter Jones <pjones@redhat.com>
+---
+ include/linux/efi.h        |   3 ++
+ drivers/firmware/efi/efi.c | 122 ++++++++++++++++++++++++++++++++++-----------
+ 2 files changed, 95 insertions(+), 30 deletions(-)
+
+diff --git a/include/linux/efi.h b/include/linux/efi.h
+index 18b16bf5ce1..436b3c93c3d 100644
+--- a/include/linux/efi.h
+++ b/include/linux/efi.h
+@@ -42,6 +42,8 @@
+ #define EFI_ABORTED		(21 | (1UL << (BITS_PER_LONG-1)))
+ #define EFI_SECURITY_VIOLATION	(26 | (1UL << (BITS_PER_LONG-1)))
+ 
+#define EFI_IS_ERROR(x)		((x) & (1UL << (BITS_PER_LONG-1)))
+
+ typedef unsigned long efi_status_t;
+ typedef u8 efi_bool_t;
+ typedef u16 efi_char16_t;		/* UNICODE character */
+@@ -1183,6 +1185,7 @@ static inline void efi_set_secure_boot(enum efi_secureboot_mode mode) {}
+ #endif
+ 
+ extern int efi_status_to_err(efi_status_t status);
+extern const char *efi_status_to_str(efi_status_t status);
+ 
+ /*
+  * Variable Attributes
+diff --git a/drivers/firmware/efi/efi.c b/drivers/firmware/efi/efi.c
+index 557a47829d0..e8f9c7d84e9 100644
+--- a/drivers/firmware/efi/efi.c
+++ b/drivers/firmware/efi/efi.c
+@@ -31,6 +31,7 @@
+ #include <linux/acpi.h>
+ #include <linux/ucs2_string.h>
+ #include <linux/memblock.h>
+#include <linux/bsearch.h>
+ 
+ #include <asm/early_ioremap.h>
+ 
+@@ -865,40 +866,101 @@ int efi_mem_type(unsigned long phys_addr)
+ }
+ #endif
+ 
+struct efi_error_code {
+	efi_status_t status;
+	int errno;
+	const char *description;
+};
+
+static const struct efi_error_code efi_error_codes[] = {
+	{ EFI_SUCCESS, 0, "Success"},
+#if 0
+	{ EFI_LOAD_ERROR, -EPICK_AN_ERRNO, "Load Error"},
+#endif
+	{ EFI_INVALID_PARAMETER, -EINVAL, "Invalid Parameter"},
+	{ EFI_UNSUPPORTED, -ENOSYS, "Unsupported"},
+	{ EFI_BAD_BUFFER_SIZE, -ENOSPC, "Bad Buffer Size"},
+	{ EFI_BUFFER_TOO_SMALL, -ENOSPC, "Buffer Too Small"},
+	{ EFI_NOT_READY, -EAGAIN, "Not Ready"},
+	{ EFI_DEVICE_ERROR, -EIO, "Device Error"},
+	{ EFI_WRITE_PROTECTED, -EROFS, "Write Protected"},
+	{ EFI_OUT_OF_RESOURCES, -ENOMEM, "Out of Resources"},
+#if 0
+	{ EFI_VOLUME_CORRUPTED, -EPICK_AN_ERRNO, "Volume Corrupt"},
+	{ EFI_VOLUME_FULL, -EPICK_AN_ERRNO, "Volume Full"},
+	{ EFI_NO_MEDIA, -EPICK_AN_ERRNO, "No Media"},
+	{ EFI_MEDIA_CHANGED, -EPICK_AN_ERRNO, "Media changed"},
+#endif
+	{ EFI_NOT_FOUND, -ENOENT, "Not Found"},
+#if 0
+	{ EFI_ACCESS_DENIED, -EPICK_AN_ERRNO, "Access Denied"},
+	{ EFI_NO_RESPONSE, -EPICK_AN_ERRNO, "No Response"},
+	{ EFI_NO_MAPPING, -EPICK_AN_ERRNO, "No mapping"},
+	{ EFI_TIMEOUT, -EPICK_AN_ERRNO, "Time out"},
+	{ EFI_NOT_STARTED, -EPICK_AN_ERRNO, "Not started"},
+	{ EFI_ALREADY_STARTED, -EPICK_AN_ERRNO, "Already started"},
+#endif
+	{ EFI_ABORTED, -EINTR, "Aborted"},
+#if 0
+	{ EFI_ICMP_ERROR, -EPICK_AN_ERRNO, "ICMP Error"},
+	{ EFI_TFTP_ERROR, -EPICK_AN_ERRNO, "TFTP Error"},
+	{ EFI_PROTOCOL_ERROR, -EPICK_AN_ERRNO, "Protocol Error"},
+	{ EFI_INCOMPATIBLE_VERSION, -EPICK_AN_ERRNO, "Incompatible Version"},
+#endif
+	{ EFI_SECURITY_VIOLATION, -EACCES, "Security Policy Violation"},
+#if 0
+	{ EFI_CRC_ERROR, -EPICK_AN_ERRNO, "CRC Error"},
+	{ EFI_END_OF_MEDIA, -EPICK_AN_ERRNO, "End of Media"},
+	{ EFI_END_OF_FILE, -EPICK_AN_ERRNO, "End of File"},
+	{ EFI_INVALID_LANGUAGE, -EPICK_AN_ERRNO, "Invalid Languages"},
+	{ EFI_COMPROMISED_DATA, -EPICK_AN_ERRNO, "Compromised Data"},
+
+	// warnings
+	{ EFI_WARN_UNKOWN_GLYPH, -EPICK_AN_ERRNO, "Warning Unknown Glyph"},
+	{ EFI_WARN_DELETE_FAILURE, -EPICK_AN_ERRNO, "Warning Delete Failure"},
+	{ EFI_WARN_WRITE_FAILURE, -EPICK_AN_ERRNO, "Warning Write Failure"},
+	{ EFI_WARN_BUFFER_TOO_SMALL, -EPICK_AN_ERRNO, "Warning Buffer Too Small"},
+#endif
+};
+
+static int
+efi_status_cmp_bsearch(const void *key, const void *item)
+{
+	u64 status = (u64)(uintptr_t)key;
+	struct efi_error_code *code = (struct efi_error_code *)item;
+
+	if (status < code->status)
+		return -1;
+	if (status > code->status)
+		return 1;
+	return 0;
+}
+
+ int efi_status_to_err(efi_status_t status)
+ {
+-	int err;
+	struct efi_error_code *found;
+	size_t num = sizeof(efi_error_codes) / sizeof(struct efi_error_code);
+ 
+-	switch (status) {
+-	case EFI_SUCCESS:
+-		err = 0;
+-		break;
+-	case EFI_INVALID_PARAMETER:
+-		err = -EINVAL;
+-		break;
+-	case EFI_OUT_OF_RESOURCES:
+-		err = -ENOSPC;
+-		break;
+-	case EFI_DEVICE_ERROR:
+-		err = -EIO;
+-		break;
+-	case EFI_WRITE_PROTECTED:
+-		err = -EROFS;
+-		break;
+-	case EFI_SECURITY_VIOLATION:
+-		err = -EACCES;
+-		break;
+-	case EFI_NOT_FOUND:
+-		err = -ENOENT;
+-		break;
+-	case EFI_ABORTED:
+-		err = -EINTR;
+-		break;
+-	default:
+-		err = -EINVAL;
+-	}
+	found = bsearch((void *)(uintptr_t)status, efi_error_codes,
+			sizeof(struct efi_error_code), num,
+			efi_status_cmp_bsearch);
+	if (!found)
+		return -EINVAL;
+	return found->errno;
+}
+ 
+-	return err;
+const char *
+efi_status_to_str(efi_status_t status)
+{
+	struct efi_error_code *found;
+	size_t num = sizeof(efi_error_codes) / sizeof(struct efi_error_code);
+
+	found = bsearch((void *)(uintptr_t)status, efi_error_codes,
+			sizeof(struct efi_error_code), num,
+			efi_status_cmp_bsearch);
+	if (!found)
+		return "Unknown error code";
+	return found->description;
+ }
+ 
+ bool efi_is_table_address(unsigned long phys_addr)
+-- 
+2.15.0
+
--- a/0003-Make-get_cert_list-use-efi_status_to_str-to-print-er.patch
+++ b/0003-Make-get_cert_list-use-efi_status_to_str-to-print-er.patch
@ -0,0 +1,38 @@
+From 520e902d864930e2d4f329983d9ae9781a24231f Mon Sep 17 00:00:00 2001
+From: Peter Jones <pjones@redhat.com>
+Date: Mon, 2 Oct 2017 18:18:30 -0400
+Subject: [PATCH 3/3] Make get_cert_list() use efi_status_to_str() to print
+ error messages.
+
+Signed-off-by: Peter Jones <pjones@redhat.com>
+---
+ certs/load_uefi.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/certs/load_uefi.c b/certs/load_uefi.c
+index 9ef34c44fd1..13a2826715d 100644
+--- a/certs/load_uefi.c
+++ b/certs/load_uefi.c
+@@ -51,7 +51,8 @@ static __init int get_cert_list(efi_char16_t *name, efi_guid_t *guid,
+ 	}
+ 
+ 	if (status != EFI_BUFFER_TOO_SMALL) {
+-		pr_err("Couldn't get size: 0x%lx\n", status);
+		pr_err("Couldn't get size: %s (0x%lx)\n",
+		       efi_status_to_str(status), status);
+ 		return efi_status_to_err(status);
+ 	}
+ 
+@@ -64,7 +65,8 @@ static __init int get_cert_list(efi_char16_t *name, efi_guid_t *guid,
+ 	status = efi.get_variable(name, guid, NULL, &lsize, db);
+ 	if (status != EFI_SUCCESS) {
+ 		kfree(db);
+-		pr_err("Error reading db var: 0x%lx\n", status);
+		pr_err("Error reading db var: %s (0x%lx)\n",
+		       efi_status_to_str(status), status);
+ 		return efi_status_to_err(status);
+ 	}
+ 
+-- 
+2.15.0
+
--- a/ACPI-irq-Workaround-firmware-issue-on-X-Gene-based-m400.patch
+++ b/ACPI-irq-Workaround-firmware-issue-on-X-Gene-based-m400.patch
@ -0,0 +1,64 @@
+From dbdda4277cf0422a9ccb7ea98d0263c3cdbecdf6 Mon Sep 17 00:00:00 2001
+From: Mark Salter <msalter@redhat.com>
+Date: Tue, 8 May 2018 21:54:39 -0400
+Subject: [PATCH] ACPI / irq: Workaround firmware issue on X-Gene based
+ m400
+
+The ACPI firmware on the xgene-based m400 platorms erroneously
+describes its UART interrupt as ACPI_PRODUCER rather than
+ACPI_CONSUMER. This leads to the UART driver being unable to
+find its interrupt and the kernel unable find a console.
+Work around this by avoiding the producer/consumer check
+for X-Gene UARTs.
+
+Signed-off-by: Mark Salter <msalter@redhat.com>
+---
+ drivers/acpi/irq.c | 17 +++++++++++++++--
+ 1 file changed, 15 insertions(+), 2 deletions(-)
+
+diff --git a/drivers/acpi/irq.c b/drivers/acpi/irq.c
+index 7c352cba0528..028c1a564cff 100644
+--- a/drivers/acpi/irq.c
+++ b/drivers/acpi/irq.c
+@@ -129,6 +129,7 @@ struct acpi_irq_parse_one_ctx {
+ 	unsigned int index;
+ 	unsigned long *res_flags;
+ 	struct irq_fwspec *fwspec;
+	bool skip_producer_check;
+ };
+ 
+ /**
+@@ -200,7 +201,8 @@ static acpi_status acpi_irq_parse_one_cb(struct acpi_resource *ares,
+ 		return AE_CTRL_TERMINATE;
+ 	case ACPI_RESOURCE_TYPE_EXTENDED_IRQ:
+ 		eirq = &ares->data.extended_irq;
+-		if (eirq->producer_consumer == ACPI_PRODUCER)
+		if (!ctx->skip_producer_check &&
+		    eirq->producer_consumer == ACPI_PRODUCER)
+ 			return AE_OK;
+ 		if (ctx->index >= eirq->interrupt_count) {
+ 			ctx->index -= eirq->interrupt_count;
+@@ -235,8 +237,19 @@ static acpi_status acpi_irq_parse_one_cb(struct acpi_resource *ares,
+ static int acpi_irq_parse_one(acpi_handle handle, unsigned int index,
+ 			      struct irq_fwspec *fwspec, unsigned long *flags)
+ {
+-	struct acpi_irq_parse_one_ctx ctx = { -EINVAL, index, flags, fwspec };
+	struct acpi_irq_parse_one_ctx ctx = { -EINVAL, index, flags, fwspec, false };
+ 
+	/*
+	 * Firmware on arm64-based HPE m400 platform incorrectly marks
+	 * its UART interrupt as ACPI_PRODUCER rather than ACPI_CONSUMER.
+	 * Don't do the producer/consumer check for that device.
+	 */
+	if (IS_ENABLED(CONFIG_ARM64)) {
+		struct acpi_device *adev = acpi_bus_get_acpi_device(handle);
+
+		if (adev && !strcmp(acpi_device_hid(adev), "APMC0D08"))
+			ctx.skip_producer_check = true;
+	}
+ 	acpi_walk_resources(handle, METHOD_NAME__CRS, acpi_irq_parse_one_cb, &ctx);
+ 	return ctx.rc;
+ }
+-- 
+2.17.0
+
--- a/ACPI-scan-Fix-regression-related-to-X-Gene-UARTs.patch
+++ b/ACPI-scan-Fix-regression-related-to-X-Gene-UARTs.patch
@ -0,0 +1,44 @@
+From patchwork Fri Apr 20 03:29:47 2018
+Content-Type: text/plain; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+Subject: ACPI / scan: Fix regression related to X-Gene UARTs
+From: Mark Salter <msalter@redhat.com>
+X-Patchwork-Id: 10351797
+Message-Id: <20180420032947.23023-1-msalter@redhat.com>
+To: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Danis?= <frederic.danis.oss@gmail.com>
+Cc: "Rafael J . Wysocki" <rjw@rjwysocki.net>,
+ linux-acpi@vger.kernel.org, linux-kernel@vger.kernel.org
+Date: Thu, 19 Apr 2018 23:29:47 -0400
+
+Commit e361d1f85855 ("ACPI / scan: Fix enumeration for special UART
+devices") caused a regression with some X-Gene based platforms (Mustang
+and M400) with invalid DSDT. The DSDT makes it appear that the UART
+device is also a slave device attached to itself. With the above commit
+the UART won't be enumerated by ACPI scan (slave serial devices shouldn't
+be). So check for X-Gene UART device and skip slace device check on it.
+
+Signed-off-by: Mark Salter <msalter@redhat.com>
+---
+ drivers/acpi/scan.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/drivers/acpi/scan.c b/drivers/acpi/scan.c
+index cc234e6a6297..1dcdd0122862 100644
+--- a/drivers/acpi/scan.c
+++ b/drivers/acpi/scan.c
+@@ -1551,6 +1551,14 @@ static bool acpi_device_enumeration_by_parent(struct acpi_device *device)
+ 	     fwnode_property_present(&device->fwnode, "baud")))
+ 		return true;
+ 
+	/*
+	 * Firmware on some arm64 X-Gene platforms will make the UART
+	 * device appear as both a UART and a slave of that UART. Just
+	 * bail out here for X-Gene UARTs.
+	 */
+	if (!strcmp(acpi_device_hid(device), "APMC0D08"))
+		return false;
+
+ 	INIT_LIST_HEAD(&resource_list);
+ 	acpi_dev_get_resources(device, &resource_list,
+ 			       acpi_check_serial_bus_slave,
--- a/ALSA-hda-Add-mic-quirk-for-the-Lenovo-G50-30-17aa-39.patch
+++ b/ALSA-hda-Add-mic-quirk-for-the-Lenovo-G50-30-17aa-39.patch
@ -0,0 +1,32 @@
+From 44002a8818bc64f53d855bc8e3ee4c6bb2d3db99 Mon Sep 17 00:00:00 2001
+From: Jeremy Cline <jcline@redhat.com>
+Date: Mon, 8 Oct 2018 14:37:52 -0400
+Subject: [PATCH] ALSA: hda - Add mic quirk for the Lenovo G50-30 (17aa:3905)
+
+The Lenovo G50-30, like other G50 models, has a Conexant codec that
+requires a quirk for its inverted stereo dmic.
+
+Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1249364
+Reported-by: Alexander Ploumistos <alex.ploumistos@gmail.com>
+Tested-by: Alexander Ploumistos <alex.ploumistos@gmail.com>
+Cc: stable@vger.kernel.org
+Signed-off-by: Jeremy Cline <jcline@redhat.com>
+---
+ sound/pci/hda/patch_conexant.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/sound/pci/hda/patch_conexant.c b/sound/pci/hda/patch_conexant.c
+index 5592557fe50e..950e02e71766 100644
+--- a/sound/pci/hda/patch_conexant.c
+++ b/sound/pci/hda/patch_conexant.c
+@@ -943,6 +943,7 @@ static const struct snd_pci_quirk cxt5066_fixups[] = {
+ 	SND_PCI_QUIRK(0x17aa, 0x21da, "Lenovo X220", CXT_PINCFG_LENOVO_TP410),
+ 	SND_PCI_QUIRK(0x17aa, 0x21db, "Lenovo X220-tablet", CXT_PINCFG_LENOVO_TP410),
+ 	SND_PCI_QUIRK(0x17aa, 0x38af, "Lenovo IdeaPad Z560", CXT_FIXUP_MUTE_LED_EAPD),
+	SND_PCI_QUIRK(0x17aa, 0x3905, "Lenovo G50-30", CXT_FIXUP_STEREO_DMIC),
+ 	SND_PCI_QUIRK(0x17aa, 0x390b, "Lenovo G50-80", CXT_FIXUP_STEREO_DMIC),
+ 	SND_PCI_QUIRK(0x17aa, 0x3975, "Lenovo U300s", CXT_FIXUP_STEREO_DMIC),
+ 	SND_PCI_QUIRK(0x17aa, 0x3977, "Lenovo IdeaPad U310", CXT_FIXUP_STEREO_DMIC),
+-- 
+2.19.1
+
--- a/ARM-tegra-usb-no-reset.patch
+++ b/ARM-tegra-usb-no-reset.patch
@ -0,0 +1,28 @@
+From: Peter Robinson <pbrobinson@gmail.com>
+Date: Thu, 3 May 2012 20:27:11 +0100
+Subject: [PATCH] ARM: tegra: usb no reset
+
+Patch for disconnect issues with storage attached to a
+ tegra-ehci controller
+---
+ drivers/usb/core/hub.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/drivers/usb/core/hub.c b/drivers/usb/core/hub.c
+index 43cb2f2e3b43..7f838ec11c81 100644
+--- a/drivers/usb/core/hub.c
+++ b/drivers/usb/core/hub.c
+@@ -4996,6 +4996,13 @@ static void hub_event(struct work_struct *work)
+ 			(u16) hub->change_bits[0],
+ 			(u16) hub->event_bits[0]);
+ 
+	/* Don't disconnect USB-SATA on TrimSlice */
+	if (strcmp(dev_name(hdev->bus->controller), "tegra-ehci.0") == 0) {
+		if ((hdev->state == 7) && (hub->change_bits[0] == 0) &&
+				(hub->event_bits[0] == 0x2))
+			hub->event_bits[0] = 0;
+	}
+
+ 	/* Lock the device, then check to see if we were
+ 	 * disconnected while waiting for the lock to succeed. */
+ 	usb_lock_device(hdev);
--- a/Add-EFI-signature-data-types.patch
+++ b/Add-EFI-signature-data-types.patch
@ -0,0 +1,60 @@
+From 0451d4e795929a69a0fda6d960aa4b077c5bd179 Mon Sep 17 00:00:00 2001
+From: Dave Howells <dhowells@redhat.com>
+Date: Fri, 5 May 2017 08:21:58 +0100
+Subject: [PATCH 1/4] efi: Add EFI signature data types
+
+Add the data types that are used for containing hashes, keys and
+certificates for cryptographic verification along with their corresponding
+type GUIDs.
+
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ include/linux/efi.h | 25 +++++++++++++++++++++++++
+ 1 file changed, 25 insertions(+)
+
+diff --git a/include/linux/efi.h b/include/linux/efi.h
+index ec36f42..3259ad6 100644
+--- a/include/linux/efi.h
+++ b/include/linux/efi.h
+@@ -614,6 +614,10 @@ void efi_native_runtime_setup(void);
+ #define EFI_IMAGE_SECURITY_DATABASE_GUID	EFI_GUID(0xd719b2cb, 0x3d3a, 0x4596,  0xa3, 0xbc, 0xda, 0xd0, 0x0e, 0x67, 0x65, 0x6f)
+ #define EFI_SHIM_LOCK_GUID			EFI_GUID(0x605dab50, 0xe046, 0x4300,  0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23)
+
+#define EFI_CERT_SHA256_GUID			EFI_GUID(0xc1c41626, 0x504c, 0x4092, 0xac, 0xa9, 0x41, 0xf9, 0x36, 0x93, 0x43, 0x28)
+#define EFI_CERT_X509_GUID			EFI_GUID(0xa5c059a1, 0x94e4, 0x4aa7, 0x87, 0xb5, 0xab, 0x15, 0x5c, 0x2b, 0xf0, 0x72)
+#define EFI_CERT_X509_SHA256_GUID		EFI_GUID(0x3bd2a492, 0x96c0, 0x4079, 0xb4, 0x20, 0xfc, 0xf9, 0x8e, 0xf1, 0x03, 0xed)
+
+ /*
+  * This GUID is used to pass to the kernel proper the struct screen_info
+  * structure that was populated by the stub based on the GOP protocol instance
+@@ -873,6 +877,27 @@ typedef struct {
+ 	efi_memory_desc_t entry[0];
+ } efi_memory_attributes_table_t;
+
+typedef struct  {
+	efi_guid_t signature_owner;
+	u8 signature_data[];
+} efi_signature_data_t;
+
+typedef struct {
+	efi_guid_t signature_type;
+	u32 signature_list_size;
+	u32 signature_header_size;
+	u32 signature_size;
+	u8 signature_header[];
+	/* efi_signature_data_t signatures[][] */
+} efi_signature_list_t;
+
+typedef u8 efi_sha256_hash_t[32];
+
+typedef struct {
+	efi_sha256_hash_t to_be_signed_hash;
+	efi_time_t time_of_revocation;
+} efi_cert_x509_sha256_t;
+
+ /*
+  * All runtime access to EFI goes through this structure:
+  */
+-- 
+2.9.3
+
--- a/Add-an-EFI-signature-blob-parser-and-key-loader.patch
+++ b/Add-an-EFI-signature-blob-parser-and-key-loader.patch
@ -0,0 +1,197 @@
+From e4c62c12635a371e43bd17e8d33a936668264491 Mon Sep 17 00:00:00 2001
+From: Dave Howells <dhowells@redhat.com>
+Date: Fri, 5 May 2017 08:21:58 +0100
+Subject: [PATCH 2/4] efi: Add an EFI signature blob parser
+
+Add a function to parse an EFI signature blob looking for elements of
+interest.  A list is made up of a series of sublists, where all the
+elements in a sublist are of the same type, but sublists can be of
+different types.
+
+For each sublist encountered, the function pointed to by the
+get_handler_for_guid argument is called with the type specifier GUID and
+returns either a pointer to a function to handle elements of that type or
+NULL if the type is not of interest.
+
+If the sublist is of interest, each element is passed to the handler
+function in turn.
+
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ certs/Kconfig       |   8 ++++
+ certs/Makefile      |   1 +
+ certs/efi_parser.c  | 112 ++++++++++++++++++++++++++++++++++++++++++++++++++++
+ include/linux/efi.h |   9 +++++
+ 4 files changed, 130 insertions(+)
+ create mode 100644 certs/efi_parser.c
+
+diff --git a/certs/Kconfig b/certs/Kconfig
+index 6ce51ed..630ae09 100644
+--- a/certs/Kconfig
+++ b/certs/Kconfig
+@@ -82,4 +82,12 @@ config SYSTEM_BLACKLIST_HASH_LIST
+ 	  wrapper to incorporate the list into the kernel.  Each <hash> should
+ 	  be a string of hex digits.
+
+config EFI_SIGNATURE_LIST_PARSER
+	bool "EFI signature list parser"
+	depends on EFI
+	select X509_CERTIFICATE_PARSER
+	help
+	  This option provides support for parsing EFI signature lists for
+	  X.509 certificates and turning them into keys.
+
+ endmenu
+diff --git a/certs/Makefile b/certs/Makefile
+index 4119bb3..738151a 100644
+--- a/certs/Makefile
+++ b/certs/Makefile
+@@ -9,6 +9,7 @@ obj-$(CONFIG_SYSTEM_BLACKLIST_KEYRING) += blacklist_hashes.o
+ else
+ obj-$(CONFIG_SYSTEM_BLACKLIST_KEYRING) += blacklist_nohashes.o
+ endif
+obj-$(CONFIG_EFI_SIGNATURE_LIST_PARSER) += efi_parser.o
+
+ ifeq ($(CONFIG_SYSTEM_TRUSTED_KEYRING),y)
+
+diff --git a/certs/efi_parser.c b/certs/efi_parser.c
+new file mode 100644
+index 0000000..4e396f9
+--- /dev/null
+++ b/certs/efi_parser.c
+@@ -0,0 +1,112 @@
+/* EFI signature/key/certificate list parser
+ *
+ * Copyright (C) 2012, 2016 Red Hat, Inc. All Rights Reserved.
+ * Written by David Howells (dhowells@redhat.com)
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public Licence
+ * as published by the Free Software Foundation; either version
+ * 2 of the Licence, or (at your option) any later version.
+ */
+
+#define pr_fmt(fmt) "EFI: "fmt
+#include <linux/module.h>
+#include <linux/printk.h>
+#include <linux/err.h>
+#include <linux/efi.h>
+
+/**
+ * parse_efi_signature_list - Parse an EFI signature list for certificates
+ * @source: The source of the key
+ * @data: The data blob to parse
+ * @size: The size of the data blob
+ * @get_handler_for_guid: Get the handler func for the sig type (or NULL)
+ *
+ * Parse an EFI signature list looking for elements of interest.  A list is
+ * made up of a series of sublists, where all the elements in a sublist are of
+ * the same type, but sublists can be of different types.
+ *
+ * For each sublist encountered, the @get_handler_for_guid function is called
+ * with the type specifier GUID and returns either a pointer to a function to
+ * handle elements of that type or NULL if the type is not of interest.
+ *
+ * If the sublist is of interest, each element is passed to the handler
+ * function in turn.
+ *
+ * Error EBADMSG is returned if the list doesn't parse correctly and 0 is
+ * returned if the list was parsed correctly.  No error can be returned from
+ * the @get_handler_for_guid function or the element handler function it
+ * returns.
+ */
+int __init parse_efi_signature_list(
+	const char *source,
+	const void *data, size_t size,
+	efi_element_handler_t (*get_handler_for_guid)(const efi_guid_t *))
+{
+	efi_element_handler_t handler;
+	unsigned offs = 0;
+
+	pr_devel("-->%s(,%zu)\n", __func__, size);
+
+	while (size > 0) {
+		const efi_signature_data_t *elem;
+		efi_signature_list_t list;
+		size_t lsize, esize, hsize, elsize;
+
+		if (size < sizeof(list))
+			return -EBADMSG;
+
+		memcpy(&list, data, sizeof(list));
+		pr_devel("LIST[%04x] guid=%pUl ls=%x hs=%x ss=%x\n",
+			 offs,
+			 list.signature_type.b, list.signature_list_size,
+			 list.signature_header_size, list.signature_size);
+
+		lsize = list.signature_list_size;
+		hsize = list.signature_header_size;
+		esize = list.signature_size;
+		elsize = lsize - sizeof(list) - hsize;
+
+		if (lsize > size) {
+			pr_devel("<--%s() = -EBADMSG [overrun @%x]\n",
+				 __func__, offs);
+			return -EBADMSG;
+		}
+
+		if (lsize < sizeof(list) ||
+		    lsize - sizeof(list) < hsize ||
+		    esize < sizeof(*elem) ||
+		    elsize < esize ||
+		    elsize % esize != 0) {
+			pr_devel("- bad size combo @%x\n", offs);
+			return -EBADMSG;
+		}
+
+		handler = get_handler_for_guid(&list.signature_type);
+		if (!handler) {
+			data += lsize;
+			size -= lsize;
+			offs += lsize;
+			continue;
+		}
+
+		data += sizeof(list) + hsize;
+		size -= sizeof(list) + hsize;
+		offs += sizeof(list) + hsize;
+
+		for (; elsize > 0; elsize -= esize) {
+			elem = data;
+
+			pr_devel("ELEM[%04x]\n", offs);
+			handler(source,
+				&elem->signature_data,
+				esize - sizeof(*elem));
+
+			data += esize;
+			size -= esize;
+			offs += esize;
+		}
+	}
+
+	return 0;
+}
+diff --git a/include/linux/efi.h b/include/linux/efi.h
+index 3259ad6..08024c6 100644
+--- a/include/linux/efi.h
+++ b/include/linux/efi.h
+@@ -1055,6 +1055,15 @@ extern int efi_memattr_apply_permissions(struct mm_struct *mm,
+ char * __init efi_md_typeattr_format(char *buf, size_t size,
+ 				     const efi_memory_desc_t *md);
+
+
+typedef void (*efi_element_handler_t)(const char *source,
+				      const void *element_data,
+				      size_t element_size);
+extern int __init parse_efi_signature_list(
+	const char *source,
+	const void *data, size_t size,
+	efi_element_handler_t (*get_handler_for_guid)(const efi_guid_t *));
+
+ /**
+  * efi_range_is_wc - check the WC bit on an address range
+  * @start: starting kvirt address
+-- 
+2.9.3
+
--- a/Add-option-to-automatically-enforce-module-signature.patch
+++ b/Add-option-to-automatically-enforce-module-signature.patch
@ -0,0 +1,217 @@
+From 6b6203b92cfb457a0669a9c87a29b360405bffc6 Mon Sep 17 00:00:00 2001
+From: Matthew Garrett <matthew.garrett@nebula.com>
+Date: Fri, 9 Aug 2013 18:36:30 -0400
+Subject: [PATCH 10/20] Add option to automatically enforce module signatures
+ when in Secure Boot mode
+
+UEFI Secure Boot provides a mechanism for ensuring that the firmware will
+only load signed bootloaders and kernels. Certain use cases may also
+require that all kernel modules also be signed. Add a configuration option
+that enforces this automatically when enabled.
+
+Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
+---
+ Documentation/x86/zero-page.txt       |  2 ++
+ arch/x86/Kconfig                      | 11 ++++++
+ arch/x86/boot/compressed/eboot.c      | 66 +++++++++++++++++++++++++++++++++++
+ arch/x86/include/uapi/asm/bootparam.h |  3 +-
+ arch/x86/kernel/setup.c               |  6 ++++
+ include/linux/module.h                |  6 ++++
+ kernel/module.c                       |  7 ++++
+ 7 files changed, 100 insertions(+), 1 deletion(-)
+
+diff --git a/Documentation/x86/zero-page.txt b/Documentation/x86/zero-page.txt
+index 95a4d34af3fd..b8527c6b7646 100644
+--- a/Documentation/x86/zero-page.txt
+++ b/Documentation/x86/zero-page.txt
+@@ -31,6 +31,8 @@ Offset	Proto	Name		Meaning
+ 1E9/001	ALL	eddbuf_entries	Number of entries in eddbuf (below)
+ 1EA/001	ALL	edd_mbr_sig_buf_entries	Number of entries in edd_mbr_sig_buffer
+ 				(below)
+1EB/001	ALL     kbd_status      Numlock is enabled
+1EC/001	ALL     secure_boot	Secure boot is enabled in the firmware
+ 1EF/001	ALL	sentinel	Used to detect broken bootloaders
+ 290/040	ALL	edd_mbr_sig_buffer EDD MBR signatures
+ 2D0/A00	ALL	e820_map	E820 memory map table
+diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
+index bada636d1065..d666ef8b616c 100644
+--- a/arch/x86/Kconfig
+++ b/arch/x86/Kconfig
+@@ -1786,6 +1786,17 @@ config EFI_MIXED
+ 
+ 	   If unsure, say N.
+ 
+config EFI_SECURE_BOOT_SIG_ENFORCE
+	def_bool n
+	depends on EFI
+	prompt "Force module signing when UEFI Secure Boot is enabled"
+	---help---
+	  UEFI Secure Boot provides a mechanism for ensuring that the
+	  firmware will only load signed bootloaders and kernels. Certain
+	  use cases may also require that all kernel modules also be signed.
+	  Say Y here to automatically enable module signature enforcement
+	  when a system boots with UEFI Secure Boot enabled.
+
+ config SECCOMP
+ 	def_bool y
+ 	prompt "Enable seccomp to safely compute untrusted bytecode"
+diff --git a/arch/x86/boot/compressed/eboot.c b/arch/x86/boot/compressed/eboot.c
+index cc69e37548db..ebc85c1eefd6 100644
+--- a/arch/x86/boot/compressed/eboot.c
+++ b/arch/x86/boot/compressed/eboot.c
+@@ -12,6 +12,7 @@
+ #include <asm/efi.h>
+ #include <asm/setup.h>
+ #include <asm/desc.h>
+#include <asm/bootparam_utils.h>
+ 
+ #include "../string.h"
+ #include "eboot.h"
+@@ -537,6 +538,67 @@ static void setup_efi_pci(struct boot_params *params)
+ 	efi_call_early(free_pool, pci_handle);
+ }
+ 
+static int get_secure_boot(void)
+{
+	u8 sb, setup;
+	unsigned long datasize = sizeof(sb);
+	efi_guid_t var_guid = EFI_GLOBAL_VARIABLE_GUID;
+	efi_status_t status;
+
+	status = efi_early->call((unsigned long)sys_table->runtime->get_variable,
+				L"SecureBoot", &var_guid, NULL, &datasize, &sb);
+
+	if (status != EFI_SUCCESS)
+		return 0;
+
+	if (sb == 0)
+		return 0;
+
+
+	status = efi_early->call((unsigned long)sys_table->runtime->get_variable,
+				L"SetupMode", &var_guid, NULL, &datasize,
+				&setup);
+
+	if (status != EFI_SUCCESS)
+		return 0;
+
+	if (setup == 1)
+		return 0;
+
+	return 1;
+}
+
+
+/*
+ * See if we have Graphics Output Protocol
+ */
+static efi_status_t setup_gop(struct screen_info *si, efi_guid_t *proto,
+			      unsigned long size)
+{
+	efi_status_t status;
+	void **gop_handle = NULL;
+
+	status = efi_call_early(allocate_pool, EFI_LOADER_DATA,
+				size, (void **)&gop_handle);
+	if (status != EFI_SUCCESS)
+		return status;
+
+	status = efi_call_early(locate_handle,
+				EFI_LOCATE_BY_PROTOCOL,
+				proto, NULL, &size, gop_handle);
+	if (status != EFI_SUCCESS)
+		goto free_handle;
+
+	if (efi_early->is64)
+		status = setup_gop64(si, proto, size, gop_handle);
+	else
+		status = setup_gop32(si, proto, size, gop_handle);
+
+free_handle:
+	efi_call_early(free_pool, gop_handle);
+	return status;
+}
+
+ static efi_status_t
+ setup_uga32(void **uga_handle, unsigned long size, u32 *width, u32 *height)
+ {
+@@ -1094,6 +1156,10 @@ struct boot_params *efi_main(struct efi_config *c,
+ 	else
+ 		setup_boot_services32(efi_early);
+ 
+	sanitize_boot_params(boot_params);
+
+	boot_params->secure_boot = get_secure_boot();
+
+ 	setup_graphics(boot_params);
+ 
+ 	setup_efi_pci(boot_params);
+diff --git a/arch/x86/include/uapi/asm/bootparam.h b/arch/x86/include/uapi/asm/bootparam.h
+index c18ce67495fa..2b3e5427097b 100644
+--- a/arch/x86/include/uapi/asm/bootparam.h
+++ b/arch/x86/include/uapi/asm/bootparam.h
+@@ -134,7 +134,8 @@ struct boot_params {
+ 	__u8  eddbuf_entries;				/* 0x1e9 */
+ 	__u8  edd_mbr_sig_buf_entries;			/* 0x1ea */
+ 	__u8  kbd_status;				/* 0x1eb */
+-	__u8  _pad5[3];					/* 0x1ec */
+	__u8  secure_boot;				/* 0x1ec */
+	__u8  _pad5[2];					/* 0x1ed */
+ 	/*
+ 	 * The sentinel is set to a nonzero value (0xff) in header.S.
+ 	 *
+diff --git a/arch/x86/kernel/setup.c b/arch/x86/kernel/setup.c
+index bbfbca5fea0c..d40e961753c9 100644
+--- a/arch/x86/kernel/setup.c
+++ b/arch/x86/kernel/setup.c
+@@ -1160,6 +1160,12 @@ void __init setup_arch(char **cmdline_p)
+ 
+ 	io_delay_init();
+ 
+#ifdef CONFIG_EFI_SECURE_BOOT_SIG_ENFORCE
+	if (boot_params.secure_boot) {
+		enforce_signed_modules();
+	}
+#endif
+
+ 	/*
+ 	 * Parse the ACPI tables for possible boot-time SMP configuration.
+ 	 */
+diff --git a/include/linux/module.h b/include/linux/module.h
+index 05bd6c989a0c..32327704e18d 100644
+--- a/include/linux/module.h
+++ b/include/linux/module.h
+@@ -260,6 +260,12 @@ extern const typeof(name) __mod_##type##__##name##_device_table		\
+ 
+ struct notifier_block;
+ 
+#ifdef CONFIG_MODULE_SIG
+extern void enforce_signed_modules(void);
+#else
+static inline void enforce_signed_modules(void) {};
+#endif
+
+ #ifdef CONFIG_MODULES
+ 
+ extern int modules_disabled; /* for sysctl */
+diff --git a/kernel/module.c b/kernel/module.c
+index cb864505d020..cb1f1da69bf4 100644
+--- a/kernel/module.c
+++ b/kernel/module.c
+@@ -4285,6 +4285,13 @@ void module_layout(struct module *mod,
+ EXPORT_SYMBOL(module_layout);
+ #endif
+ 
+#ifdef CONFIG_MODULE_SIG
+void enforce_signed_modules(void)
+{
+	sig_enforce = true;
+}
+#endif
+
+ bool secure_modules(void)
+ {
+ #ifdef CONFIG_MODULE_SIG
+-- 
+2.9.3
+
--- a/CI-1-6-drm-i915-dp-Fix-link-retraining-comment-in-intel_dp_long_pulse.patch
+++ b/CI-1-6-drm-i915-dp-Fix-link-retraining-comment-in-intel_dp_long_pulse.patch
@ -0,0 +1,60 @@
+From patchwork Thu Sep 27 20:57:30 2018
+Content-Type: text/plain; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+Subject: [CI, 1/6] drm/i915/dp: Fix link retraining comment in
+ intel_dp_long_pulse()
+From: Dhinakaran Pandiyan <dhinakaran.pandiyan@intel.com>
+X-Patchwork-Id: 253516
+Message-Id: <20180927205735.16651-1-dhinakaran.pandiyan@intel.com>
+To: intel-gfx@lists.freedesktop.org
+Date: Thu, 27 Sep 2018 13:57:30 -0700
+
+Comment claims link needs to be retrained because the connected sink raised
+a long pulse to indicate link loss. If the sink did so,
+intel_dp_hotplug() would have handled link retraining. Looking at the
+logs in Bugzilla referenced in commit '3cf71bc9904d ("drm/i915: Re-apply
+Perform link quality check, unconditionally during long pulse"")', the
+issue is that the sink does not trigger an interrupt. What we want is
+->detect() from user space to check link status and retrain. Ville's
+review for the original patch also indicates the same root cause. So,
+rewrite the comment.
+
+v2: Patch split and rewrote comment.
+
+Cc: Lyude Paul <lyude@redhat.com>
+Cc: Ville Syrjälä <ville.syrjala@linux.intel.com>
+Cc: Jani Nikula <jani.nikula@linux.intel.com>
+Cc: Rodrigo Vivi <rodrigo.vivi@intel.com>
+Cc: Jan-Marek Glogowski <glogow@fbihome.de>
+References: 3cf71bc9904d ("drm/i915: Re-apply "Perform link quality check, unconditionally during long pulse"")
+Signed-off-by: Dhinakaran Pandiyan <dhinakaran.pandiyan@intel.com>
+Reviewed-by: Ville Syrjälä <ville.syrjala@linux.intel.com>
+---
+ drivers/gpu/drm/i915/intel_dp.c | 13 +++----------
+ 1 file changed, 3 insertions(+), 10 deletions(-)
+
+diff --git a/drivers/gpu/drm/i915/intel_dp.c b/drivers/gpu/drm/i915/intel_dp.c
+index 256a71c8c093..207b3ea2ed1a 100644
+--- a/drivers/gpu/drm/i915/intel_dp.c
+++ b/drivers/gpu/drm/i915/intel_dp.c
+@@ -5074,16 +5074,9 @@ intel_dp_long_pulse(struct intel_connector *connector,
+ 		goto out;
+ 	} else {
+ 		/*
+-		 * If display is now connected check links status,
+-		 * there has been known issues of link loss triggering
+-		 * long pulse.
+-		 *
+-		 * Some sinks (eg. ASUS PB287Q) seem to perform some
+-		 * weird HPD ping pong during modesets. So we can apparently
+-		 * end up with HPD going low during a modeset, and then
+-		 * going back up soon after. And once that happens we must
+-		 * retrain the link to get a picture. That's in case no
+-		 * userspace component reacted to intermittent HPD dip.
+		 * Some external monitors do not signal loss of link
+		 * synchronization with an IRQ_HPD, so force a link status
+		 * check.
+ 		 */
+ 		struct intel_encoder *encoder = &dp_to_dig_port(intel_dp)->base;
+ 
--- a/CI-2-6-drm-i915-dp-Restrict-link-retrain-workaround-to-external-monitors.patch
+++ b/CI-2-6-drm-i915-dp-Restrict-link-retrain-workaround-to-external-monitors.patch
@ -0,0 +1,55 @@
+From patchwork Thu Sep 27 20:57:31 2018
+Content-Type: text/plain; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+Subject: [CI, 2/6] drm/i915/dp: Restrict link retrain workaround to external
+ monitors
+From: Dhinakaran Pandiyan <dhinakaran.pandiyan@intel.com>
+X-Patchwork-Id: 253514
+Message-Id: <20180927205735.16651-2-dhinakaran.pandiyan@intel.com>
+To: intel-gfx@lists.freedesktop.org
+Date: Thu, 27 Sep 2018 13:57:31 -0700
+
+Commit '3cf71bc9904d ("drm/i915: Re-apply "Perform link quality check,
+unconditionally during long pulse"")' applies a work around for sinks
+that don't signal link loss. The work around does not need to have to be
+that broad as the issue was seen with only one particular monitor; limit
+this only for external displays as eDP features like PSR turn off the link
+and the driver ends up retraining the link seeeing that link is not
+synchronized.
+
+Cc: Lyude Paul <lyude@redhat.com>
+Cc: Jan-Marek Glogowski <glogow@fbihome.de>
+Cc: Ville Syrjälä <ville.syrjala@linux.intel.com>
+Cc: Rodrigo Vivi <rodrigo.vivi@intel.com>
+References: 3cf71bc9904d ("drm/i915: Re-apply "Perform link quality check, unconditionally during long pulse"")
+Signed-off-by: Dhinakaran Pandiyan <dhinakaran.pandiyan@intel.com>
+Reviewed-by: Ville Syrjälä <ville.syrjala@linux.intel.com>
+---
+ drivers/gpu/drm/i915/intel_dp.c | 13 +++++++------
+ 1 file changed, 7 insertions(+), 6 deletions(-)
+
+diff --git a/drivers/gpu/drm/i915/intel_dp.c b/drivers/gpu/drm/i915/intel_dp.c
+index 207b3ea2ed1a..4e0870f3a4a5 100644
+--- a/drivers/gpu/drm/i915/intel_dp.c
+++ b/drivers/gpu/drm/i915/intel_dp.c
+@@ -5072,12 +5072,13 @@ intel_dp_long_pulse(struct intel_connector *connector,
+ 		 */
+ 		status = connector_status_disconnected;
+ 		goto out;
+-	} else {
+-		/*
+-		 * Some external monitors do not signal loss of link
+-		 * synchronization with an IRQ_HPD, so force a link status
+-		 * check.
+-		 */
+	}
+
+	/*
+	 * Some external monitors do not signal loss of link synchronization
+	 * with an IRQ_HPD, so force a link status check.
+	 */
+	if (!intel_dp_is_edp(intel_dp)) {
+ 		struct intel_encoder *encoder = &dp_to_dig_port(intel_dp)->base;
+ 
+ 		intel_dp_retrain_link(encoder, ctx);
--- a/Fix-for-module-sig-verification.patch
+++ b/Fix-for-module-sig-verification.patch
@ -0,0 +1,24 @@
+From ea6e7d9d0fe3e448aef19b3943d4897ae0bef128 Mon Sep 17 00:00:00 2001
+From: Fedora Kernel Team <kernel-team@fedoraproject.org>
+Date: Thu, 3 Aug 2017 13:46:51 -0500
+Subject: [PATCH] Fix for module sig verification
+
+---
+ kernel/module_signing.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/kernel/module_signing.c b/kernel/module_signing.c
+index 937c844..d3d6f95 100644
+--- a/kernel/module_signing.c
+++ b/kernel/module_signing.c
+@@ -81,6 +81,6 @@ int mod_verify_sig(const void *mod, unsigned long *_modlen)
+ 	}
+
+ 	return verify_pkcs7_signature(mod, modlen, mod + modlen, sig_len,
+-				      NULL, VERIFYING_MODULE_SIGNATURE,
+				      (void *)1UL, VERIFYING_MODULE_SIGNATURE,
+ 				      NULL, NULL);
+ }
+-- 
+2.13.3
+
--- a/Input-synaptics-pin-3-touches-when-the-firmware-repo.patch
+++ b/Input-synaptics-pin-3-touches-when-the-firmware-repo.patch
@ -0,0 +1,47 @@
+From: Benjamin Tissoires <benjamin.tissoires@redhat.com>
+Date: Thu, 16 Apr 2015 13:01:46 -0400
+Subject: [PATCH] Input - synaptics: pin 3 touches when the firmware reports 3
+ fingers
+
+Synaptics PS/2 touchpad can send only 2 touches in a report. They can
+detect 4 or 5 and this information is valuable.
+
+In commit 63c4fda (Input: synaptics - allocate 3 slots to keep stability
+in image sensors), we allocate 3 slots, but we still continue to report
+the 2 available fingers. That means that the client sees 2 used slots while
+there is a total of 3 fingers advertised by BTN_TOOL_TRIPLETAP.
+
+For old kernels this is not a problem because max_slots was 2 and libinput/
+xorg-synaptics knew how to deal with that. Now that max_slot is 3, the
+clients ignore BTN_TOOL_TRIPLETAP and count the actual used slots (so 2).
+It then gets confused when receiving the BTN_TOOL_TRIPLETAP and DOUBLETAP
+information, and goes wild.
+
+We can pin the 3 slots until we get a total number of fingers below 2.
+
+Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1212230
+
+Signed-off-by: Benjamin Tissoires <benjamin.tissoires@redhat.com>
+---
+ drivers/input/mouse/synaptics.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/drivers/input/mouse/synaptics.c b/drivers/input/mouse/synaptics.c
+index 3a32caf06bf1..58102970f94f 100644
+--- a/drivers/input/mouse/synaptics.c
+++ b/drivers/input/mouse/synaptics.c
+@@ -940,6 +940,14 @@ static void synaptics_report_mt_data(struct psmouse *psmouse,
+ 		input_report_abs(dev, ABS_MT_PRESSURE, hw[i]->z);
+ 	}
+ 
+	/* keep (slot count <= num_fingers) by pinning all slots */
+	if (num_fingers >= 3) {
+		for (i = 0; i < 3; i++) {
+			input_mt_slot(dev, i);
+			input_mt_report_slot_state(dev, MT_TOOL_FINGER, true);
+		}
+	}
+
+ 	input_mt_drop_unused(dev);
+ 
+ 	/* Don't use active slot count to generate BTN_TOOL events. */
--- a/KEYS-Allow-unrestricted-boot-time-addition-of-keys-t.patch
+++ b/KEYS-Allow-unrestricted-boot-time-addition-of-keys-t.patch
@ -0,0 +1,95 @@
+From fb2ac204a70da565de9ef9a9d6d69a40c2d59727 Mon Sep 17 00:00:00 2001
+From: David Howells <dhowells@redhat.com>
+Date: Fri, 5 May 2017 08:21:56 +0100
+Subject: [PATCH] KEYS: Allow unrestricted boot-time addition of keys to
+ secondary keyring
+
+Allow keys to be added to the system secondary certificates keyring during
+kernel initialisation in an unrestricted fashion.  Such keys are implicitly
+trusted and don't have their trust chains checked on link.
+
+This allows keys in the UEFI database to be added in secure boot mode for
+the purposes of module signing.
+
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ certs/internal.h       | 18 ++++++++++++++++++
+ certs/system_keyring.c | 33 +++++++++++++++++++++++++++++++++
+ 2 files changed, 51 insertions(+)
+ create mode 100644 certs/internal.h
+
+diff --git a/certs/internal.h b/certs/internal.h
+new file mode 100644
+index 0000000..5dcbefb
+--- /dev/null
+++ b/certs/internal.h
+@@ -0,0 +1,18 @@
+/* Internal definitions
+ *
+ * Copyright (C) 2016 Red Hat, Inc. All Rights Reserved.
+ * Written by David Howells (dhowells@redhat.com)
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public Licence
+ * as published by the Free Software Foundation; either version
+ * 2 of the Licence, or (at your option) any later version.
+ */
+
+/*
+ * system_keyring.c
+ */
+#ifdef CONFIG_SECONDARY_TRUSTED_KEYRING
+extern void __init add_trusted_secondary_key(const char *source,
+					     const void *data, size_t len);
+#endif
+diff --git a/certs/system_keyring.c b/certs/system_keyring.c
+index 6251d1b..5ac8ba6 100644
+--- a/certs/system_keyring.c
+++ b/certs/system_keyring.c
+@@ -18,6 +18,7 @@
+ #include <keys/asymmetric-type.h>
+ #include <keys/system_keyring.h>
+ #include <crypto/pkcs7.h>
+#include "internal.h"
+
+ static struct key *builtin_trusted_keys;
+ #ifdef CONFIG_SECONDARY_TRUSTED_KEYRING
+@@ -265,3 +266,35 @@ int verify_pkcs7_signature(const void *data, size_t len,
+ EXPORT_SYMBOL_GPL(verify_pkcs7_signature);
+
+ #endif /* CONFIG_SYSTEM_DATA_VERIFICATION */
+
+#ifdef CONFIG_SECONDARY_TRUSTED_KEYRING
+/**
+ * add_trusted_secondary_key - Add to secondary keyring with no validation
+ * @source: Source of key
+ * @data: The blob holding the key
+ * @len: The length of the data blob
+ *
+ * Add a key to the secondary keyring without checking its trust chain.  This
+ * is available only during kernel initialisation.
+ */
+void __init add_trusted_secondary_key(const char *source,
+				      const void *data, size_t len)
+{
+	key_ref_t key;
+
+	key = key_create_or_update(make_key_ref(secondary_trusted_keys, 1),
+				   "asymmetric",
+				   NULL, data, len,
+				   (KEY_POS_ALL & ~KEY_POS_SETATTR) |
+				   KEY_USR_VIEW,
+				   KEY_ALLOC_NOT_IN_QUOTA |
+				   KEY_ALLOC_BYPASS_RESTRICTION);
+
+	if (IS_ERR(key))
+		pr_err("Problem loading %s X.509 certificate (%ld)\n",
+		       source, PTR_ERR(key));
+	else
+		pr_notice("Loaded %s cert '%s' linked to secondary sys keyring\n",
+			  source, key_ref_to_ptr(key)->description);
+}
+#endif /* CONFIG_SECONDARY_TRUSTED_KEYRING */
+-- 
+2.9.3
+
--- a/Kbuild-Add-an-option-to-enable-GCC-VTA.patch
+++ b/Kbuild-Add-an-option-to-enable-GCC-VTA.patch
@ -0,0 +1,89 @@
+From: Josh Stone <jistone@redhat.com>
+Date: Fri, 21 Nov 2014 10:40:00 -0800
+Subject: [PATCH] Kbuild: Add an option to enable GCC VTA
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Due to recent codegen issues, gcc -fvar-tracking-assignments was
+unconditionally disabled in commit 2062afb4f804a ("Fix gcc-4.9.0
+miscompilation of load_balance() in scheduler").  However, this reduces
+the debuginfo coverage for variable locations, especially in inline
+functions.  VTA is certainly not perfect either in those cases, but it
+is much better than without.  With compiler versions that have fixed the
+codegen bugs, we would prefer to have the better details for SystemTap,
+and surely other debuginfo consumers like perf will benefit as well.
+
+This patch simply makes CONFIG_DEBUG_INFO_VTA an option.  I considered
+Frank and Linus's discussion of a cc-option-like -fcompare-debug test,
+but I'm convinced that a narrow test of an arch-specific codegen issue
+is not really useful.  GCC has their own regression tests for this, so
+I'd suggest GCC_COMPARE_DEBUG=-fvar-tracking-assignments-toggle is more
+useful for kernel developers to test confidence.
+
+In fact, I ran into a couple more issues when testing for this patch[1],
+although neither of those had any codegen impact.
+ [1] https://bugzilla.redhat.com/show_bug.cgi?id=1140872
+
+With gcc-4.9.2-1.fc22, I can now build v3.18-rc5 with Fedora's i686 and
+x86_64 configs, and this is completely clean with GCC_COMPARE_DEBUG.
+
+Cc: Frank Ch. Eigler <fche@redhat.com>
+Cc: Jakub Jelinek <jakub@redhat.com>
+Cc: Josh Boyer <jwboyer@fedoraproject.org>
+Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Cc: Linus Torvalds <torvalds@linux-foundation.org>
+Cc: Andrew Morton <akpm@linux-foundation.org>
+Cc: Markus Trippelsdorf <markus@trippelsdorf.de>
+Cc: Michel Dänzer <michel@daenzer.net>
+Signed-off-by: Josh Stone <jistone@redhat.com>
+---
+ Makefile          |  4 ++++
+ lib/Kconfig.debug | 18 +++++++++++++++++-
+ 2 files changed, 21 insertions(+), 1 deletion(-)
+
+diff --git a/Makefile b/Makefile
+index 257ef5892ab7..3cc6f4477e78 100644
+--- a/Makefile
+++ b/Makefile
+@@ -701,7 +701,11 @@ KBUILD_CFLAGS	+= -fomit-frame-pointer
+ endif
+ endif
+ 
+ifdef CONFIG_DEBUG_INFO_VTA
+KBUILD_CFLAGS   += $(call cc-option, -fvar-tracking-assignments)
+else
+ KBUILD_CFLAGS   += $(call cc-option, -fno-var-tracking-assignments)
+endif
+ 
+ ifdef CONFIG_DEBUG_INFO
+ ifdef CONFIG_DEBUG_INFO_SPLIT
+diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug
+index e2894b23efb6..d98afe18f704 100644
+--- a/lib/Kconfig.debug
+++ b/lib/Kconfig.debug
+@@ -165,7 +165,23 @@ config DEBUG_INFO_DWARF4
+ 	  Generate dwarf4 debug info. This requires recent versions
+ 	  of gcc and gdb. It makes the debug information larger.
+ 	  But it significantly improves the success of resolving
+-	  variables in gdb on optimized code.
+	  variables in gdb on optimized code.  The gcc docs also
+	  recommend enabling -fvar-tracking-assignments for maximum
+	  benefit. (see DEBUG_INFO_VTA)
+
+config DEBUG_INFO_VTA
+	bool "Enable var-tracking-assignments for debuginfo"
+	depends on DEBUG_INFO
+	help
+	  Enable gcc -fvar-tracking-assignments for improved debug
+	  information on variable locations in optimized code.  Per
+	  gcc, DEBUG_INFO_DWARF4 is recommended for best use of VTA.
+
+	  VTA has been implicated in codegen bugs (gcc PR61801,
+	  PR61904), so this may deserve some caution.  One can set
+	  GCC_COMPARE_DEBUG=-fvar-tracking-assignments-toggle in the
+	  environment to automatically compile everything both ways,
+	  generating an error if anything differs.
+ 
+ config GDB_SCRIPTS
+ 	bool "Provide GDB scripts for kernel debugging"
--- a/MODSIGN-Import-certificates-from-UEFI-Secure-Boot.patch
+++ b/MODSIGN-Import-certificates-from-UEFI-Secure-Boot.patch
@ -0,0 +1,246 @@
+From 90dc66270b02981b19a085c6a9184e3452b7b3e8 Mon Sep 17 00:00:00 2001
+From: Josh Boyer <jwboyer@fedoraproject.org>
+Date: Fri, 5 May 2017 08:21:59 +0100
+Subject: [PATCH 3/4] MODSIGN: Import certificates from UEFI Secure Boot
+
+Secure Boot stores a list of allowed certificates in the 'db' variable.
+This imports those certificates into the system trusted keyring.  This
+allows for a third party signing certificate to be used in conjunction
+with signed modules.  By importing the public certificate into the 'db'
+variable, a user can allow a module signed with that certificate to
+load.  The shim UEFI bootloader has a similar certificate list stored
+in the 'MokListRT' variable.  We import those as well.
+
+Secure Boot also maintains a list of disallowed certificates in the 'dbx'
+variable.  We load those certificates into the newly introduced system
+blacklist keyring and forbid any module signed with those from loading and
+forbid the use within the kernel of any key with a matching hash.
+
+This facility is enabled by setting CONFIG_LOAD_UEFI_KEYS.
+
+Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org>
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ certs/Kconfig     |  16 ++++++
+ certs/Makefile    |   4 ++
+ certs/load_uefi.c | 168 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ 3 files changed, 188 insertions(+)
+ create mode 100644 certs/load_uefi.c
+
+diff --git a/certs/Kconfig b/certs/Kconfig
+index 630ae09..edf9f75 100644
+--- a/certs/Kconfig
+++ b/certs/Kconfig
+@@ -90,4 +90,20 @@ config EFI_SIGNATURE_LIST_PARSER
+ 	  This option provides support for parsing EFI signature lists for
+ 	  X.509 certificates and turning them into keys.
+
+config LOAD_UEFI_KEYS
+	bool "Load certs and blacklist from UEFI db for module checking"
+	depends on SYSTEM_BLACKLIST_KEYRING
+	depends on SECONDARY_TRUSTED_KEYRING
+	depends on EFI
+	depends on EFI_SIGNATURE_LIST_PARSER
+	help
+	  If the kernel is booted in secure boot mode, this option will cause
+	  the kernel to load the certificates from the UEFI db and MokListRT
+	  into the secondary trusted keyring.  It will also load any X.509
+	  SHA256 hashes in the dbx list into the blacklist.
+
+	  The effect of this is that, if the kernel is booted in secure boot
+	  mode, modules signed with UEFI-stored keys will be permitted to be
+	  loaded and keys that match the blacklist will be rejected.
+
+ endmenu
+diff --git a/certs/Makefile b/certs/Makefile
+index 738151a..a5e057a 100644
+--- a/certs/Makefile
+++ b/certs/Makefile
+@@ -11,6 +11,10 @@ obj-$(CONFIG_SYSTEM_BLACKLIST_KEYRING) += blacklist_nohashes.o
+ endif
+ obj-$(CONFIG_EFI_SIGNATURE_LIST_PARSER) += efi_parser.o
+
+obj-$(CONFIG_LOAD_UEFI_KEYS) += load_uefi.o
+$(obj)/load_uefi.o: KBUILD_CFLAGS += -fshort-wchar
+
+
+ ifeq ($(CONFIG_SYSTEM_TRUSTED_KEYRING),y)
+
+ $(eval $(call config_filename,SYSTEM_TRUSTED_KEYS))
+diff --git a/certs/load_uefi.c b/certs/load_uefi.c
+new file mode 100644
+index 0000000..b44e464
+--- /dev/null
+++ b/certs/load_uefi.c
+@@ -0,0 +1,168 @@
+#include <linux/kernel.h>
+#include <linux/sched.h>
+#include <linux/cred.h>
+#include <linux/err.h>
+#include <linux/efi.h>
+#include <linux/slab.h>
+#include <keys/asymmetric-type.h>
+#include <keys/system_keyring.h>
+#include "internal.h"
+
+static __initdata efi_guid_t efi_cert_x509_guid = EFI_CERT_X509_GUID;
+static __initdata efi_guid_t efi_cert_x509_sha256_guid = EFI_CERT_X509_SHA256_GUID;
+static __initdata efi_guid_t efi_cert_sha256_guid = EFI_CERT_SHA256_GUID;
+
+/*
+ * Get a certificate list blob from the named EFI variable.
+ */
+static __init void *get_cert_list(efi_char16_t *name, efi_guid_t *guid,
+				  unsigned long *size)
+{
+	efi_status_t status;
+	unsigned long lsize = 4;
+	unsigned long tmpdb[4];
+	void *db;
+
+	status = efi.get_variable(name, guid, NULL, &lsize, &tmpdb);
+	if (status != EFI_BUFFER_TOO_SMALL) {
+		pr_err("Couldn't get size: 0x%lx\n", status);
+		return NULL;
+	}
+
+	db = kmalloc(lsize, GFP_KERNEL);
+	if (!db) {
+		pr_err("Couldn't allocate memory for uefi cert list\n");
+		return NULL;
+	}
+
+	status = efi.get_variable(name, guid, NULL, &lsize, db);
+	if (status != EFI_SUCCESS) {
+		kfree(db);
+		pr_err("Error reading db var: 0x%lx\n", status);
+		return NULL;
+	}
+
+	*size = lsize;
+	return db;
+}
+
+/*
+ * Blacklist an X509 TBS hash.
+ */
+static __init void uefi_blacklist_x509_tbs(const char *source,
+					   const void *data, size_t len)
+{
+	char *hash, *p;
+
+	hash = kmalloc(4 + len * 2 + 1, GFP_KERNEL);
+	if (!hash)
+		return;
+	p = memcpy(hash, "tbs:", 4);
+	p += 4;
+	bin2hex(p, data, len);
+	p += len * 2;
+	*p = 0;
+
+	mark_hash_blacklisted(hash);
+	kfree(hash);
+}
+
+/*
+ * Blacklist the hash of an executable.
+ */
+static __init void uefi_blacklist_binary(const char *source,
+					 const void *data, size_t len)
+{
+	char *hash, *p;
+
+	hash = kmalloc(4 + len * 2 + 1, GFP_KERNEL);
+	if (!hash)
+		return;
+	p = memcpy(hash, "bin:", 4);
+	p += 4;
+	bin2hex(p, data, len);
+	p += len * 2;
+	*p = 0;
+
+	mark_hash_blacklisted(hash);
+	kfree(hash);
+}
+
+/*
+ * Return the appropriate handler for particular signature list types found in
+ * the UEFI db and MokListRT tables.
+ */
+static __init efi_element_handler_t get_handler_for_db(const efi_guid_t *sig_type)
+{
+	if (efi_guidcmp(*sig_type, efi_cert_x509_guid) == 0)
+		return add_trusted_secondary_key;
+	return 0;
+}
+
+/*
+ * Return the appropriate handler for particular signature list types found in
+ * the UEFI dbx and MokListXRT tables.
+ */
+static __init efi_element_handler_t get_handler_for_dbx(const efi_guid_t *sig_type)
+{
+	if (efi_guidcmp(*sig_type, efi_cert_x509_sha256_guid) == 0)
+		return uefi_blacklist_x509_tbs;
+	if (efi_guidcmp(*sig_type, efi_cert_sha256_guid) == 0)
+		return uefi_blacklist_binary;
+	return 0;
+}
+
+/*
+ * Load the certs contained in the UEFI databases
+ */
+static int __init load_uefi_certs(void)
+{
+	efi_guid_t secure_var = EFI_IMAGE_SECURITY_DATABASE_GUID;
+	efi_guid_t mok_var = EFI_SHIM_LOCK_GUID;
+	void *db = NULL, *dbx = NULL, *mok = NULL;
+	unsigned long dbsize = 0, dbxsize = 0, moksize = 0;
+	int rc = 0;
+
+	if (!efi.get_variable)
+		return false;
+
+	/* Get db, MokListRT, and dbx.  They might not exist, so it isn't
+	 * an error if we can't get them.
+	 */
+	db = get_cert_list(L"db", &secure_var, &dbsize);
+	if (!db) {
+		pr_err("MODSIGN: Couldn't get UEFI db list\n");
+	} else {
+		rc = parse_efi_signature_list("UEFI:db",
+					      db, dbsize, get_handler_for_db);
+		if (rc)
+			pr_err("Couldn't parse db signatures: %d\n", rc);
+		kfree(db);
+	}
+
+	mok = get_cert_list(L"MokListRT", &mok_var, &moksize);
+	if (!mok) {
+		pr_info("MODSIGN: Couldn't get UEFI MokListRT\n");
+	} else {
+		rc = parse_efi_signature_list("UEFI:MokListRT",
+					      mok, moksize, get_handler_for_db);
+		if (rc)
+			pr_err("Couldn't parse MokListRT signatures: %d\n", rc);
+		kfree(mok);
+	}
+
+	dbx = get_cert_list(L"dbx", &secure_var, &dbxsize);
+	if (!dbx) {
+		pr_info("MODSIGN: Couldn't get UEFI dbx list\n");
+	} else {
+		rc = parse_efi_signature_list("UEFI:dbx",
+					      dbx, dbxsize,
+					      get_handler_for_dbx);
+		if (rc)
+			pr_err("Couldn't parse dbx signatures: %d\n", rc);
+		kfree(dbx);
+	}
+
+	return rc;
+}
+late_initcall(load_uefi_certs);
+-- 
+2.9.3
+
--- a/MODSIGN-Support-not-importing-certs-from-db.patch
+++ b/MODSIGN-Support-not-importing-certs-from-db.patch
@ -0,0 +1,88 @@
+From 9f1958a0cc911e1f79b2733ee5029dbd819ff328 Mon Sep 17 00:00:00 2001
+From: Josh Boyer <jwboyer@fedoraproject.org>
+Date: Fri, 5 May 2017 08:21:59 +0100
+Subject: [PATCH 4/4] MODSIGN: Allow the "db" UEFI variable to be suppressed
+
+If a user tells shim to not use the certs/hashes in the UEFI db variable
+for verification purposes, shim will set a UEFI variable called
+MokIgnoreDB.  Have the uefi import code look for this and ignore the db
+variable if it is found.
+
+Signed-off-by: Josh Boyer <jwboyer@fedoraproject.org>
+Signed-off-by: David Howells <dhowells@redhat.com>
+---
+ certs/load_uefi.c | 44 ++++++++++++++++++++++++++++++++++----------
+ 1 file changed, 34 insertions(+), 10 deletions(-)
+
+diff --git a/certs/load_uefi.c b/certs/load_uefi.c
+index b44e464..3d88459 100644
+--- a/certs/load_uefi.c
+++ b/certs/load_uefi.c
+@@ -13,6 +13,26 @@ static __initdata efi_guid_t efi_cert_x509_sha256_guid = EFI_CERT_X509_SHA256_GU
+ static __initdata efi_guid_t efi_cert_sha256_guid = EFI_CERT_SHA256_GUID;
+
+ /*
+ * Look to see if a UEFI variable called MokIgnoreDB exists and return true if
+ * it does.
+ *
+ * This UEFI variable is set by the shim if a user tells the shim to not use
+ * the certs/hashes in the UEFI db variable for verification purposes.  If it
+ * is set, we should ignore the db variable also and the true return indicates
+ * this.
+ */
+static __init bool uefi_check_ignore_db(void)
+{
+	efi_status_t status;
+	unsigned int db = 0;
+	unsigned long size = sizeof(db);
+	efi_guid_t guid = EFI_SHIM_LOCK_GUID;
+
+	status = efi.get_variable(L"MokIgnoreDB", &guid, NULL, &size, &db);
+	return status == EFI_SUCCESS;
+}
+
+/*
+  * Get a certificate list blob from the named EFI variable.
+  */
+ static __init void *get_cert_list(efi_char16_t *name, efi_guid_t *guid,
+@@ -113,7 +133,9 @@ static __init efi_element_handler_t get_handler_for_dbx(const efi_guid_t *sig_ty
+ }
+
+ /*
+- * Load the certs contained in the UEFI databases
+ * Load the certs contained in the UEFI databases into the secondary trusted
+ * keyring and the UEFI blacklisted X.509 cert SHA256 hashes into the blacklist
+ * keyring.
+  */
+ static int __init load_uefi_certs(void)
+ {
+@@ -129,15 +151,17 @@ static int __init load_uefi_certs(void)
+ 	/* Get db, MokListRT, and dbx.  They might not exist, so it isn't
+ 	 * an error if we can't get them.
+ 	 */
+-	db = get_cert_list(L"db", &secure_var, &dbsize);
+-	if (!db) {
+-		pr_err("MODSIGN: Couldn't get UEFI db list\n");
+-	} else {
+-		rc = parse_efi_signature_list("UEFI:db",
+-					      db, dbsize, get_handler_for_db);
+-		if (rc)
+-			pr_err("Couldn't parse db signatures: %d\n", rc);
+-		kfree(db);
+	if (!uefi_check_ignore_db()) {
+		db = get_cert_list(L"db", &secure_var, &dbsize);
+		if (!db) {
+			pr_err("MODSIGN: Couldn't get UEFI db list\n");
+		} else {
+			rc = parse_efi_signature_list("UEFI:db",
+						      db, dbsize, get_handler_for_db);
+			if (rc)
+				pr_err("Couldn't parse db signatures: %d\n", rc);
+			kfree(db);
+		}
+ 	}
+
+ 	mok = get_cert_list(L"MokListRT", &mok_var, &moksize);
+-- 
+2.9.3
+
--- a/50
+++ b/50
@ -0,0 +1,50 @@
+# Makefile for source rpm: kernel
+SPECFILE := kernel.spec
+
+# we only check the .sign signatures
+UPSTREAM_CHECKS = sign
+
+.PHONY: help
+help:
+%:
+	@echo "Try fedpkg $@ or something like that"
+	@exit 1
+
+prep: config-files
+	fedpkg -v prep
+
+noarch:
+	fedpkg -v local --arch=noarch
+
+# 'make local' also needs to build the noarch firmware package
+local:
+	fedpkg -v local
+
+extremedebug:
+	@perl -pi -e 's/# CONFIG_DEBUG_PAGEALLOC is not set/CONFIG_DEBUG_PAGEALLOC=y/' config-nodebug
+
+config-files:
+	@./build_configs.sh
+
+debug:
+	@perl -pi -e 's/^%define debugbuildsenabled 1/%define debugbuildsenabled 0/' kernel.spec
+	@rpmdev-bumpspec -c "Reenable debugging options." kernel.spec
+
+release:
+	@perl -pi -e 's/^%define debugbuildsenabled 0/%define debugbuildsenabled 1/' kernel.spec
+	@rpmdev-bumpspec -c "Disable debugging options." kernel.spec
+
+nodebuginfo:
+	@perl -pi -e 's/^%define with_debuginfo %\{\?_without_debuginfo: 0\} %\{\?\!_without_debuginfo: 1\}/%define with_debuginfo %\{\?_without_debuginfo: 0\} %\{\?\!_without_debuginfo: 0\}/' kernel.spec
+
+nodebug: release
+	@perl -pi -e 's/^%define debugbuildsenabled 1/%define debugbuildsenabled 0/' kernel.spec
+
+ifeq ($(MAKECMDGOALS),me a sandwich)
+.PHONY: me a sandwich
+me a:
+	@:
+
+sandwich:
+	@[ `id -u` -ne 0 ] && echo "What? Make it yourself." || echo Okay.
+endif
--- a/Makefile.rhelver
+++ b/Makefile.rhelver
@ -1,45 +0,0 @@
-RHEL_MAJOR = 8
-RHEL_MINOR = 99
-
-#
-# RHEL_RELEASE
-# -------------
-#
-# Represents build number in 'release' part of RPM's name-version-release.
-#   name is <package_name>, e.g. kernel
-#   version is upstream kernel version this kernel is based on, e.g. 4.18.0
-#   release is <RHEL_RELEASE>.<dist_tag>[<buildid>], e.g. 100.el8
-#
-# Use this spot to avoid future merge conflicts.
-# Do not trim this comment.
-RHEL_RELEASE = 122
-
-#
-# Early y+1 numbering
-# --------------------
-#
-# In early y+1 process, RHEL_RELEASE consists of 2 numbers: x.y
-# First is RHEL_RELEASE inherited/merged from y as-is, second number
-# is incremented with each build starting from 1. After merge from y,
-# it resets back to 1. This way y+1 nvr reflects status of last merge.
-#
-# Example:
-#
-# rhel8.0                        rhel-8.1
-#   kernel-4.18.0-58.el8   -->     kernel-4.18.0-58.1.el8
-#                                  kernel-4.18.0-58.2.el8
-#   kernel-4.18.0-59.el8           kernel-4.18.0-59.1.el8
-#   kernel-4.18.0-60.el8
-#   kernel-4.18.0-61.el8   -->     kernel-4.18.0-61.1.el8
-#
-#
-# Use this spot to avoid future merge conflicts.
-# Do not trim this comment.
-EARLY_YSTREAM ?= no
-EARLY_YBUILD:=
-EARLY_YRELEASE:=
-ifneq ("$(ZSTREAM)", "yes")
-  ifeq ("$(EARLY_YSTREAM)","yes")
-    RHEL_RELEASE:=$(RHEL_RELEASE).$(EARLY_YRELEASE)
-  endif
-endif
--- a/Module.kabi_aarch64
+++ b/Module.kabi_aarch64
--- a/Module.kabi_dup_aarch64
+++ b/Module.kabi_dup_aarch64
--- a/Module.kabi_dup_ppc64le
+++ b/Module.kabi_dup_ppc64le
--- a/Module.kabi_dup_s390x
+++ b/Module.kabi_dup_s390x
--- a/Module.kabi_dup_x86_64
+++ b/Module.kabi_dup_x86_64
--- a/Module.kabi_ppc64le
+++ b/Module.kabi_ppc64le
--- a/Module.kabi_s390x
+++ b/Module.kabi_s390x
--- a/Module.kabi_x86_64
+++ b/Module.kabi_x86_64
--- a/PatchList.txt
+++ b/PatchList.txt
@ -0,0 +1,76 @@
+# This file contains patches that we intend to carry for longer than
+# "Should show up in a stable release soonish"
+# Some of these may eventually drop out
+
+kbuild-AFTER_LINK.patch
+
+arm64-avoid-needing-console-to-enable-serial-console.patch
+
+geekbox-v4-device-tree-support.patch
+
+Initial-AllWinner-A64-and-PINE64-support.patch
+
+arm64-pcie-quirks-xgene.patch
+
+usb-phy-tegra-Add-38.4MHz-clock-table-entry.patch
+
+ARM-tegra-usb-no-reset.patch
+
+bcm283x-upstream-fixes.patch
+
+lib-cpumask-Make-CPUMASK_OFFSTACK-usable-without-deb.patch
+
+input-kill-stupid-messages.patch
+
+die-floppy-die.patch
+
+no-pcspkr-modalias.patch
+
+silence-fbcon-logo.patch
+
+Kbuild-Add-an-option-to-enable-GCC-VTA.patch
+
+crash-driver.patch
+
+#Secure boot patches
+Add-secure_modules-call.patch
+PCI-Lock-down-BAR-access-when-module-security-is-ena.patch
+x86-Lock-down-IO-port-access-when-module-security-is.patch
+ACPI-Limit-access-to-custom_method.patch
+asus-wmi-Restrict-debugfs-interface-when-module-load.patch
+Restrict-dev-mem-and-dev-kmem-when-module-loading-is.patch
+acpi-Ignore-acpi_rsdp-kernel-parameter-when-module-l.patch
+kexec-Disable-at-runtime-if-the-kernel-enforces-modu.patch
+x86-Restrict-MSR-access-when-module-loading-is-restr.patch
+Add-option-to-automatically-enforce-module-signature.patch
+efi-Disable-secure-boot-if-shim-is-in-insecure-mode.patch
+efi-Add-EFI_SECURE_BOOT-bit.patch
+hibernate-Disable-in-a-signed-modules-environment.patch
+Add-EFI-signature-data-types.patch
+Add-an-EFI-signature-blob-parser-and-key-loader.patch
+KEYS-Add-a-system-blacklist-keyring.patch
+MODSIGN-Import-certificates-from-UEFI-Secure-Boot.patch
+MODSIGN-Support-not-importing-certs-from-db.patch
+Add-sysrq-option-to-disable-secure-boot-mode.patch
+kexec-uefi-copy-secure_boot-flag-in-boot-params.patch
+
+drm-i915-hush-check-crtc-state.patch
+
+disable-i8042-check-on-apple-mac.patch
+
+lis3-improve-handling-of-null-rate.patch
+
+scsi-sd_revalidate_disk-prevent-NULL-ptr-deref.patch
+
+criu-no-expert.patch
+
+ath9k-rx-dma-stop-check.patch
+
+xen-pciback-Don-t-disable-PCI_COMMAND-on-PCI-device-.patch
+
+Input-synaptics-pin-3-touches-when-the-firmware-repo.patch
+
+firmware-Drop-WARN-from-usermodehelper_read_trylock-.patch
+
+drm-i915-turn-off-wc-mmaps.patch
+
--- a/Patchlist.changelog
+++ b/Patchlist.changelog
@ -1,228 +0,0 @@
-https://gitlab.com/cki-project/kernel-ark/-/commit/8773e8c6039ff74d1426cc80de30de759cd0c2a2
- 8773e8c6039ff74d1426cc80de30de759cd0c2a2 irq: export irq_check_status_bit
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/e187313e5f0086538fefe0925ef84480f99616d8
- e187313e5f0086538fefe0925ef84480f99616d8 gcc-plugins: fix gcc 11 indigestion with plugins...
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/0c84b348e33ab9d7df5c3c5acc7fbc07fd96fafc
- 0c84b348e33ab9d7df5c3c5acc7fbc07fd96fafc Fix up bad merge with efi: generalize efi_get_secureboot
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/364788093bdf437c33753d327136c363be8f756c
- 364788093bdf437c33753d327136c363be8f756c Fix up a merge issue with rxe.c
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/a4d554ce883e24df77cce42bc2deec527028c213
- a4d554ce883e24df77cce42bc2deec527028c213 Filter out LTO build options from the perl ccopts
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/17b0f7f1d49df30661b517d668715ff5ee1bab09
- 17b0f7f1d49df30661b517d668715ff5ee1bab09 Fixes "acpi: prefer booting with ACPI over DTS" to be RHEL only
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/e7c009cd91ababdbb5f726ef592c7800f0682d3a
- e7c009cd91ababdbb5f726ef592c7800f0682d3a arch/x86: Remove vendor specific CPU ID checks
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/7120b2a26fc4c7954fd0395973dc6739c110e091
- 7120b2a26fc4c7954fd0395973dc6739c110e091 redhat: Replace hardware.redhat.com link in Unsupported message
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/7a28e2fde653a161913abb8eee943cdacb5ff2ae
- 7a28e2fde653a161913abb8eee943cdacb5ff2ae x86: Fix compile issues with rh_check_supported()
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/45f64c1a24e73af7987cffec3ea941e29364f87f
- 45f64c1a24e73af7987cffec3ea941e29364f87f e1000e: bump up timeout to wait when ME un-configure ULP mode
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/6c14763b1ce98698949ff45135c15e333aa6416d
- 6c14763b1ce98698949ff45135c15e333aa6416d drm/sun4i: sun6i_mipi_dsi: fix horizontal timing calculation
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/67a19b16012b12cffba0b515c6503e5f8cdbb798
- 67a19b16012b12cffba0b515c6503e5f8cdbb798 drm: panel: add Xingbangda XBD599 panel
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/d220dbf98cef820367b5a2a2eeaacebee958bdd4
- d220dbf98cef820367b5a2a2eeaacebee958bdd4 dt-bindings: panel: add binding for Xingbangda XBD599 panel
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/80660062260dec4bdca9540922577542c16145e8
- 80660062260dec4bdca9540922577542c16145e8 ARM: fix __get_user_check() in case uaccess_* calls are not inlined
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/24d8743613b2a6a585fc68cfe95078d9a3d5b389
- 24d8743613b2a6a585fc68cfe95078d9a3d5b389 mm/kmemleak: skip late_init if not skip disable
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/b697ff5e26974fee8fcd31a1e221e9dd41515efc
- b697ff5e26974fee8fcd31a1e221e9dd41515efc KEYS: Make use of platform keyring for module signature verify
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/081d2185e22479b449586c4e9843602ca0d49806
- 081d2185e22479b449586c4e9843602ca0d49806 Drop that for now
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/5ef51389cf6673a0e9e004909c7be1dc785050b2
- 5ef51389cf6673a0e9e004909c7be1dc785050b2 Input: rmi4 - remove the need for artificial IRQ in case of HID
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/c1788012ebf8de46e9dc80d18051ed0c77c811b6
- c1788012ebf8de46e9dc80d18051ed0c77c811b6 ARM: tegra: usb no reset
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/577365feaa909db4c0949eabfcda7e4a972b8e54
- 577365feaa909db4c0949eabfcda7e4a972b8e54 arm: make CONFIG_HIGHPTE optional without CONFIG_EXPERT
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/331be9c5a436057ee852075c102d9d90a9046a30
- 331be9c5a436057ee852075c102d9d90a9046a30 redhat: rh_kabi: deduplication friendly structs
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/34d79fbfb327f732ebf3ece4db21a14f81fedf03
- 34d79fbfb327f732ebf3ece4db21a14f81fedf03 redhat: rh_kabi add a comment with warning about RH_KABI_EXCLUDE usage
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/93a4b5f12d5a1c2d62cf1d7c440b31d9847eab07
- 93a4b5f12d5a1c2d62cf1d7c440b31d9847eab07 redhat: rh_kabi: introduce RH_KABI_EXTEND_WITH_SIZE
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/8e5c06356457f5351289e9f687b991189d163dae
- 8e5c06356457f5351289e9f687b991189d163dae redhat: rh_kabi: Indirect EXTEND macros so nesting of other macros will resolve.
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/212cbccda77cc81fcb60123907eabdac8ad5adb7
- 212cbccda77cc81fcb60123907eabdac8ad5adb7 redhat: rh_kabi: Fix RH_KABI_SET_SIZE to use dereference operator
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/6f7744b412e1fb86a67d8761e64df69cf891b4ad
- 6f7744b412e1fb86a67d8761e64df69cf891b4ad redhat: rh_kabi: Add macros to size and extend structs
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/049623d33998be30d79692c69b34acb502c496e3
- 049623d33998be30d79692c69b34acb502c496e3 Removing Obsolete hba pci-ids from rhel8
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/43ef1d631ecfe84084db3572c9ed1bedbdceb0f8
- 43ef1d631ecfe84084db3572c9ed1bedbdceb0f8 mptsas: pci-id table changes
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/e5726695109dd1a73da92487b75de6a51d54c015
- e5726695109dd1a73da92487b75de6a51d54c015 mptsas: Taint kernel if mptsas is loaded
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/ee4dcd6f04ca76ad35ab0f38c436ab2f7de53f16
- ee4dcd6f04ca76ad35ab0f38c436ab2f7de53f16 mptspi: pci-id table changes
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/bd305f716d8b64be1926bc7aebe02468ac6bf599
- bd305f716d8b64be1926bc7aebe02468ac6bf599 qla2xxx: Remove PCI IDs of deprecated adapter
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/803ff9a2c660c094e14d246ef05019bf6008d503
- 803ff9a2c660c094e14d246ef05019bf6008d503 be2iscsi: remove unsupported device IDs
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/2cb24399321f555f18b0804d3fe02cf53949fba1
- 2cb24399321f555f18b0804d3fe02cf53949fba1 mptspi: Taint kernel if mptspi is loaded
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/ad1740551ff4af49f1ef10a130783d9369e955a0
- ad1740551ff4af49f1ef10a130783d9369e955a0 hpsa: remove old cciss-based smartarray pci ids
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/4197ba3e766656eea9175c11ed05903620d98a28
- 4197ba3e766656eea9175c11ed05903620d98a28 qla4xxx: Remove deprecated PCI IDs from RHEL 8
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/7e285aec22ab1213639afda877902db363473cb0
- 7e285aec22ab1213639afda877902db363473cb0 aacraid: Remove depreciated device and vendor PCI id's
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/846109a16be92155e69731c36dde48761d375153
- 846109a16be92155e69731c36dde48761d375153 megaraid_sas: remove deprecated pci-ids
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/6fd2019d01cee7ff36dc047d3ecdb504b968f222
- 6fd2019d01cee7ff36dc047d3ecdb504b968f222 mpt*: remove certain deprecated pci-ids
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/dddcd5c1129b275ff160324036a662739db51fc3
- dddcd5c1129b275ff160324036a662739db51fc3 kernel: add SUPPORT_REMOVED kernel taint
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/08d77161dba915d1ed0d9fede658085440ab4474
- 08d77161dba915d1ed0d9fede658085440ab4474 Rename RH_DISABLE_DEPRECATED to RHEL_DIFFERENCES
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/e2dc2ca6a25a445bf22ceb6a8e38e02706605341
- e2dc2ca6a25a445bf22ceb6a8e38e02706605341 Add option of 13 for FORCE_MAX_ZONEORDER
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/2384646bf71d8c282cf49bb20321fdf802c61cce
- 2384646bf71d8c282cf49bb20321fdf802c61cce s390: Lock down the kernel when the IPL secure flag is set
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/5850c93175b9d2e1081873f4bbe08dead202cb08
- 5850c93175b9d2e1081873f4bbe08dead202cb08 efi: Lock down the kernel if booted in secure boot mode
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/53250b991f841be025fa4d264850dadc0fae2861
- 53250b991f841be025fa4d264850dadc0fae2861 efi: Add an EFI_SECURE_BOOT flag to indicate secure boot mode
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/72223fd1241cc5c70b96a491db14d54c83beadd8
- 72223fd1241cc5c70b96a491db14d54c83beadd8 security: lockdown: expose a hook to lock the kernel down
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/7ba28f03674fa9346610c3fea7fc93bc58f06d2a
- 7ba28f03674fa9346610c3fea7fc93bc58f06d2a Make get_cert_list() use efi_status_to_str() to print error messages.
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/2ae9082db0b54d831a9b3782c049d9917e37d89f
- 2ae9082db0b54d831a9b3782c049d9917e37d89f Add efi_status_to_str() and rework efi_status_to_err().
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/cee1461ada1b7e4b92cd154e7ec241119afcd644
- cee1461ada1b7e4b92cd154e7ec241119afcd644 Add support for deprecating processors
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/2420149f8f5fa9dd1e2dc793765b498022922a81
- 2420149f8f5fa9dd1e2dc793765b498022922a81 arm: aarch64: Drop the EXPERT setting from ARM64_FORCE_52BIT
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/1d69b30b98b60aff639351f5788d20a3b17f6e27
- 1d69b30b98b60aff639351f5788d20a3b17f6e27 iommu/arm-smmu: workaround DMA mode issues
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/6b2e73e508e7a117b1db91596097c00e5570f64a
- 6b2e73e508e7a117b1db91596097c00e5570f64a rh_kabi: introduce RH_KABI_EXCLUDE
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/ecb9206bce179eb600c52642a6753012a69ce4a2
- ecb9206bce179eb600c52642a6753012a69ce4a2 ipmi: do not configure ipmi for HPE m400
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/473be59fe72afa9969cf8d10609ef3f14f594631
- 473be59fe72afa9969cf8d10609ef3f14f594631 IB/rxe: Mark Soft-RoCE Transport driver as tech-preview
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/b94117795261f9c074a7addca2252238871b5081
- b94117795261f9c074a7addca2252238871b5081 scsi: smartpqi: add inspur advantech ids
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/cae871558c333880c1687cab6f2a71accf40d105
- cae871558c333880c1687cab6f2a71accf40d105 ice: mark driver as tech-preview
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/7d9cb007404211ea6638bde4a28dd0fbe8d95de0
- 7d9cb007404211ea6638bde4a28dd0fbe8d95de0 kABI: Add generic kABI macros to use for kABI workarounds
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/bd353e9aae8877dd490e6c92b67849e0dcfbab25
- bd353e9aae8877dd490e6c92b67849e0dcfbab25 add pci_hw_vendor_status()
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/41a259999969bbdfe9f556ce71f2c3c07d7454f4
- 41a259999969bbdfe9f556ce71f2c3c07d7454f4 ahci: thunderx2: Fix for errata that affects stop engine
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/2a107343529ce648c11bff62e9f72bbeec738f3f
- 2a107343529ce648c11bff62e9f72bbeec738f3f Vulcan: AHCI PCI bar fix for Broadcom Vulcan early silicon
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/03e48a48f400a51a182a1254cf22ff0c08706d76
- 03e48a48f400a51a182a1254cf22ff0c08706d76 bpf: Add tech preview taint for syscall
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/607f0e89af7ef5682f79f2eea0a99638a1bc0c4f
- 607f0e89af7ef5682f79f2eea0a99638a1bc0c4f bpf: set unprivileged_bpf_disabled to 1 by default, add a boot parameter
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/31da227877eb734ddb484bc519aae85ce200802e
- 31da227877eb734ddb484bc519aae85ce200802e add Red Hat-specific taint flags
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/7a2e2c83be0230667756cccb5bc3687419dfbb8b
- 7a2e2c83be0230667756cccb5bc3687419dfbb8b kdump: fix a grammar issue in a kernel message
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/d345d54d33e7d496c9d845e4723550dd37cb3f88
- d345d54d33e7d496c9d845e4723550dd37cb3f88 tags.sh: Ignore redhat/rpm
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/5c67dc1eb0783a5c4ca4eb5c545ff6fe05facff0
- 5c67dc1eb0783a5c4ca4eb5c545ff6fe05facff0 put RHEL info into generated headers
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/ce12884c009ec3bed11100c9d19f6d97628cf8ae
- ce12884c009ec3bed11100c9d19f6d97628cf8ae kdump: add support for crashkernel=auto
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/18fb1389afccdc5535977a10669b49a37829b55a
- 18fb1389afccdc5535977a10669b49a37829b55a kdump: round up the total memory size to 128M for crashkernel reservation
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/5fb9821441cc0b77101ad9c0dfaa747957a4cce4
- 5fb9821441cc0b77101ad9c0dfaa747957a4cce4 acpi: prefer booting with ACPI over DTS
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/0cf21a40db6fca5d89cf3d65808117c8c14e524e
- 0cf21a40db6fca5d89cf3d65808117c8c14e524e aarch64: acpi scan: Fix regression related to X-Gene UARTs
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/de13e14cc2388478d9a2c68c5d90affd92098f11
- de13e14cc2388478d9a2c68c5d90affd92098f11 ACPI / irq: Workaround firmware issue on X-Gene based m400
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/71c098f4afa38a15a95495c14f71fb087ab27308
- 71c098f4afa38a15a95495c14f71fb087ab27308 modules: add rhelversion MODULE_INFO tag
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/3247f9c838f4aa91aa5d08c152b385d61554d4b5
- 3247f9c838f4aa91aa5d08c152b385d61554d4b5 ACPI: APEI: arm64: Ignore broken HPE moonshot APEI support
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/e80982feaa68226ff60d2f83dace2016c35270d3
- e80982feaa68226ff60d2f83dace2016c35270d3 Add Red Hat tainting
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/2987f9a606df106f5bdfa4113eb55356a21085a6
- 2987f9a606df106f5bdfa4113eb55356a21085a6 Introduce CONFIG_RH_DISABLE_DEPRECATED
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/a99885a5e77af594dfdce586cc83e5911d8401ce
- a99885a5e77af594dfdce586cc83e5911d8401ce Pull the RHEL version defines out of the Makefile
-
-https://gitlab.com/cki-project/kernel-ark/-/commit/cd3a5d30570279538623ea8a1255db0ee4b728f7
- cd3a5d30570279538623ea8a1255db0ee4b728f7 [initial commit] Add Red Hat variables in the top level makefile
-
--- a/README.rst
+++ b/README.rst
@ -1,25 +0,0 @@
-===================
-The Kernel dist-git
-===================
-
-The kernel is maintained in a `source tree`_ rather than directly in dist-git.
-The specfile is maintained as a `template`_ in the source tree along with a set
-of build scripts to generate configurations, (S)RPMs, and to populate the
-dist-git repository.
-
-The `documentation`_ for the source tree covers how to contribute and maintain
-the tree.
-
-If you're looking for the downstream patch set it's available in the source
-tree with "git log master..ark-patches" or
-`online`_.
-
-Each release in dist-git is tagged in the source repository so you can easily
-check out the source tree for a build. The tags are in the format
-name-version-release, but note release doesn't contain the dist tag since the
-source can be built in different build roots (Fedora, CentOS, etc.)
-
-.. _source tree: https://gitlab.com/cki-project/kernel-ark.git
-.. _template: https://gitlab.com/cki-project/kernel-ark/-/blob/os-build/redhat/kernel.spec.template
-.. _documentation: https://gitlab.com/cki-project/kernel-ark/-/wikis/home
-.. _online: https://gitlab.com/cki-project/kernel-ark/-/commits/ark-patches
--- a/README.txt
+++ b/README.txt
@ -0,0 +1,78 @@
+
+		Kernel package tips & tricks.
+		~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+The kernel is one of the more complicated packages in the distro, and
+for the newcomer, some of the voodoo in the spec file can be somewhat scary.
+This file attempts to document some of the magic.
+
+
+Speeding up make prep
+---------------------
+The kernel is nearly 500MB of source code, and as such, 'make prep'
+takes a while. The spec file employs some trickery so that repeated
+invocations of make prep don't take as long.  Ordinarily the %prep
+phase of a package will delete the tree it is about to untar/patch.
+The kernel %prep keeps around an unpatched version of the tree,
+and makes a symlink tree clone of that clean tree and than applies
+the patches listed in the spec to the symlink tree.
+This makes a huge difference if you're doing multiple make preps a day.
+As an added bonus, doing a diff between the clean tree and the symlink
+tree is slightly faster than it would be doing two proper copies of the tree.
+
+
+build logs.
+-----------
+There's a convenience helper script in scripts/grab-logs.sh
+that will grab the build logs from koji for the kernel version reported
+by make verrel
+
+
+config heirarchy.
+-----------------
+Instead of having to maintain a config file for every arch variant we build on,
+the kernel spec uses a nested system of configs. Each option CONFIG_FOO is
+represented by a single file named CONFIG_FOO which contains the state (=y, =m,
+=n). These options are collected in the folder base-generic. Architecture
+specific options are set in nested folders. An option set in a nested folder
+will override the same option set in one of the higher levels.
+
+The individual CONFIG_FOO files only exist in the pkg-git repository. The RPM
+contains kernel-foo.config files which are the result of combining all the
+CONFIG_FOO files. The files are combined by running build_configs.sh. This
+script _must_ be run each time one of the options is changed.
+
+Example flow:
+
+# Enable the option CONFIG_ABC123 as a module for all arches
+echo "CONFIG_ABC123=m" > configs/base-generic/CONFIG_ABC1234
+# enable the option CONFIG_XYZ321 for only x86
+echo "# CONFIG_XYZ321 is not set" > configs/base-generic/CONFIG_XYZ321
+echo "CONFIG_XYZ321=m" > configs/base-generic/x86/CONFIG_XYZ321
+# regenerate the combined config files
+./build_configs.sh
+
+The file config_generation gives a listing of what folders go into each
+config file generated.
+
+debug options.
+--------------
+This is a little complicated, as the purpose & meaning of this changes
+depending on where we are in the release cycle.
+If we are building for a current stable release, 'make release' has
+typically been run already, which sets up the following..
+- Two builds occur, a 'kernel' and a 'kernel-debug' flavor.
+- kernel-debug will get various heavyweight debugging options like
+  lockdep etc turned on.
+
+If we are building for rawhide, 'make debug' has been run, which changes
+the status quo to:
+- We only build one kernel 'kernel'
+- The debug options are always turned on.
+This is done to increase coverage testing, as not many people actually
+run kernel-debug.
+
+The debug options are managed in a separate heierarchy under base-debug. This
+works in a similar manner to base-generic. More deeply nested folders, again,
+override options. The file config_generation gives a listing of what folders
+go into each config file generated.
--- a/10
+++ b/10
@ -0,0 +1,10 @@
+Config TODOs:
+* review & disable a bunch of the I2C, RTC, DVB, SOUND options.
+
+Spec file TODOs:
+
+* modules-extra: Do a few more things to make it a bit more robust.
+  - Allow for comments in the mod-extra.list file.
+  - Don't fail the build if a module is listed but not built (maybe).
+  - See if it can be tied into Kconfig instead of module names.
+
--- a/arm-sdhci-esdhc-imx-fixes.patch
+++ b/arm-sdhci-esdhc-imx-fixes.patch
@ -0,0 +1,172 @@
+From patchwork Thu Jun 28 07:31:36 2018
+Content-Type: text/plain; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+Subject: mmc: sdhci-esdhc-imx: support eMMC DDR mode when running at 3.3V
+From: Stefan Agner <stefan@agner.ch>
+X-Patchwork-Id: 10493185
+Message-Id: <20180628073136.21748-1-stefan@agner.ch>
+To: adrian.hunter@intel.com, ulf.hansson@linaro.org
+Cc: fabio.estevam@nxp.com, haibo.chen@nxp.com, aisheng.dong@nxp.com,
+ michael@amarulasolutions.com, linux-mmc@vger.kernel.org,
+ linux-kernel@vger.kernel.org, Stefan Agner <stefan@agner.ch>
+Date: Thu, 28 Jun 2018 09:31:36 +0200
+
+The uSDHC supports DDR modes for eMMC devices running at 3.3V. This
+allows to run eMMC with 3.3V signaling voltage at DDR52 mode:
+
+  # cat /sys/kernel/debug/mmc1/ios
+  clock:          52000000 Hz
+  vdd:            21 (3.3 ~ 3.4 V)
+  bus mode:       2 (push-pull)
+  chip select:    0 (don't care)
+  power mode:     2 (on)
+  bus width:      3 (8 bits)
+  timing spec:    8 (mmc DDR52)
+  signal voltage: 0 (3.30 V)
+  driver type:    0 (driver type B)
+
+Signed-off-by: Stefan Agner <stefan@agner.ch>
+---
+ drivers/mmc/host/sdhci-esdhc-imx.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/drivers/mmc/host/sdhci-esdhc-imx.c b/drivers/mmc/host/sdhci-esdhc-imx.c
+index b716b933f00a..6f444731754d 100644
+--- a/drivers/mmc/host/sdhci-esdhc-imx.c
+++ b/drivers/mmc/host/sdhci-esdhc-imx.c
+@@ -1324,7 +1324,7 @@ static int sdhci_esdhc_imx_probe(struct platform_device *pdev)
+ 
+ 	if (esdhc_is_usdhc(imx_data)) {
+ 		host->quirks2 |= SDHCI_QUIRK2_PRESET_VALUE_BROKEN;
+-		host->mmc->caps |= MMC_CAP_1_8V_DDR;
+		host->mmc->caps |= MMC_CAP_1_8V_DDR | MMC_CAP_3_3V_DDR;
+ 		if (!(imx_data->socdata->flags & ESDHC_FLAG_HS200))
+ 			host->quirks2 |= SDHCI_QUIRK2_BROKEN_HS200;
+ 
+From patchwork Thu Jun 28 08:13:29 2018
+Content-Type: text/plain; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+Subject: [1/3] mmc: sdhci-esdhc-imx: get rid of support_vsel
+From: Stefan Agner <stefan@agner.ch>
+X-Patchwork-Id: 10493269
+Message-Id: <20180628081331.13051-2-stefan@agner.ch>
+To: adrian.hunter@intel.com, ulf.hansson@linaro.org
+Cc: fabio.estevam@nxp.com, haibo.chen@nxp.com, aisheng.dong@nxp.com,
+ michael@amarulasolutions.com, rmk+kernel@armlinux.org.uk,
+ linux-mmc@vger.kernel.org, linux-kernel@vger.kernel.org,
+ Stefan Agner <stefan@agner.ch>
+Date: Thu, 28 Jun 2018 10:13:29 +0200
+
+The field support_vsel is currently only used in the device tree
+case. Get rid of it. No change in behavior.
+
+Signed-off-by: Stefan Agner <stefan@agner.ch>
+---
+ drivers/mmc/host/sdhci-esdhc-imx.c          | 8 ++------
+ include/linux/platform_data/mmc-esdhc-imx.h | 2 --
+ 2 files changed, 2 insertions(+), 8 deletions(-)
+
+diff --git a/drivers/mmc/host/sdhci-esdhc-imx.c b/drivers/mmc/host/sdhci-esdhc-imx.c
+index 6f444731754d..20a420b765b3 100644
+--- a/drivers/mmc/host/sdhci-esdhc-imx.c
+++ b/drivers/mmc/host/sdhci-esdhc-imx.c
+@@ -1145,18 +1145,14 @@ sdhci_esdhc_imx_probe_dt(struct platform_device *pdev,
+ 			     &boarddata->tuning_start_tap);
+ 
+ 	if (of_find_property(np, "no-1-8-v", NULL))
+-		boarddata->support_vsel = false;
+-	else
+-		boarddata->support_vsel = true;
+		host->quirks2 |= SDHCI_QUIRK2_NO_1_8_V;
+ 
+ 	if (of_property_read_u32(np, "fsl,delay-line", &boarddata->delay_line))
+ 		boarddata->delay_line = 0;
+ 
+ 	mmc_of_parse_voltage(np, &host->ocr_mask);
+ 
+-	/* sdr50 and sdr104 need work on 1.8v signal voltage */
+-	if ((boarddata->support_vsel) && esdhc_is_usdhc(imx_data) &&
+-	    !IS_ERR(imx_data->pins_default)) {
+	if (esdhc_is_usdhc(imx_data) && !IS_ERR(imx_data->pins_default)) {
+ 		imx_data->pins_100mhz = pinctrl_lookup_state(imx_data->pinctrl,
+ 						ESDHC_PINCTRL_STATE_100MHZ);
+ 		imx_data->pins_200mhz = pinctrl_lookup_state(imx_data->pinctrl,
+diff --git a/include/linux/platform_data/mmc-esdhc-imx.h b/include/linux/platform_data/mmc-esdhc-imx.h
+index 7daa78a2f342..640dec8b5b0c 100644
+--- a/include/linux/platform_data/mmc-esdhc-imx.h
+++ b/include/linux/platform_data/mmc-esdhc-imx.h
+@@ -34,7 +34,6 @@ enum cd_types {
+  * @cd_gpio:	gpio for card_detect interrupt
+  * @wp_type:	type of write_protect method (see wp_types enum above)
+  * @cd_type:	type of card_detect method (see cd_types enum above)
+- * @support_vsel:  indicate it supports 1.8v switching
+  */
+ 
+ struct esdhc_platform_data {
+@@ -43,7 +42,6 @@ struct esdhc_platform_data {
+ 	enum wp_types wp_type;
+ 	enum cd_types cd_type;
+ 	int max_bus_width;
+-	bool support_vsel;
+ 	unsigned int delay_line;
+ 	unsigned int tuning_step;       /* The delay cell steps in tuning procedure */
+ 	unsigned int tuning_start_tap;	/* The start delay cell point in tuning procedure */
+From patchwork Thu Jun 28 08:13:30 2018
+Content-Type: text/plain; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+Subject: [2/3] mmc: sdhci: add quirk to prevent higher speed modes
+From: Stefan Agner <stefan@agner.ch>
+X-Patchwork-Id: 10493273
+Message-Id: <20180628081331.13051-3-stefan@agner.ch>
+To: adrian.hunter@intel.com, ulf.hansson@linaro.org
+Cc: fabio.estevam@nxp.com, haibo.chen@nxp.com, aisheng.dong@nxp.com,
+ michael@amarulasolutions.com, rmk+kernel@armlinux.org.uk,
+ linux-mmc@vger.kernel.org, linux-kernel@vger.kernel.org,
+ Stefan Agner <stefan@agner.ch>
+Date: Thu, 28 Jun 2018 10:13:30 +0200
+
+Some hosts are capable of running higher speed modes but do not
+have the board support for it. Introduce a quirk which prevents
+the stack from using modes running at 100MHz or faster.
+
+Signed-off-by: Stefan Agner <stefan@agner.ch>
+---
+ drivers/mmc/host/sdhci.c | 8 ++++++++
+ drivers/mmc/host/sdhci.h | 2 ++
+ 2 files changed, 10 insertions(+)
+
+diff --git a/drivers/mmc/host/sdhci.c b/drivers/mmc/host/sdhci.c
+index 1c828e0e9905..8ac257dfaab3 100644
+--- a/drivers/mmc/host/sdhci.c
+++ b/drivers/mmc/host/sdhci.c
+@@ -3749,6 +3749,14 @@ int sdhci_setup_host(struct sdhci_host *host)
+ 		}
+ 	}
+ 
+	if (host->quirks2 & SDHCI_QUIRK2_NO_UHS_HS200_HS400) {
+		host->caps1 &= ~(SDHCI_SUPPORT_SDR104 | SDHCI_SUPPORT_SDR50 |
+				 SDHCI_SUPPORT_DDR50);
+
+		mmc->caps2 &= ~(MMC_CAP2_HSX00_1_8V | MMC_CAP2_HSX00_1_2V |
+				MMC_CAP2_HS400_ES);
+	}
+
+ 	if (host->quirks2 & SDHCI_QUIRK2_NO_1_8_V) {
+ 		host->caps1 &= ~(SDHCI_SUPPORT_SDR104 | SDHCI_SUPPORT_SDR50 |
+ 				 SDHCI_SUPPORT_DDR50);
+diff --git a/drivers/mmc/host/sdhci.h b/drivers/mmc/host/sdhci.h
+index 23966f887da6..cb2433d6d61f 100644
+--- a/drivers/mmc/host/sdhci.h
+++ b/drivers/mmc/host/sdhci.h
+@@ -450,6 +450,8 @@ struct sdhci_host {
+  * obtainable timeout.
+  */
+ #define SDHCI_QUIRK2_DISABLE_HW_TIMEOUT			(1<<17)
+/* Do not support any higher speeds (>50MHz) */
+#define SDHCI_QUIRK2_NO_UHS_HS200_HS400			(1<<18)
+ 
+ 	int irq;		/* Device IRQ */
+ 	void __iomem *ioaddr;	/* Mapped address */
--- a/arm64-Add-option-of-13-for-FORCE_MAX_ZONEORDER.patch
+++ b/arm64-Add-option-of-13-for-FORCE_MAX_ZONEORDER.patch
@ -0,0 +1,29 @@
+From 487ff7b0e537506057960a0c2d9482d19f2acf4a Mon Sep 17 00:00:00 2001
+From: Peter Robinson <pbrobinson@gmail.com>
+Date: Wed, 26 Apr 2017 11:12:54 +0100
+Subject: [PATCH] Add option of 13 for FORCE_MAX_ZONEORDER
+
+This is a hack, but it's what the other distros currently use
+for aarch64 with 4K pages so we'll do the same while upstream
+decides what the best outcome is (which isn't this).
+
+Signed-off-by: Peter Robinson <pbrobinson@gmail.com>
+---
+ arch/arm64/Kconfig | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/arch/arm64/Kconfig b/arch/arm64/Kconfig
+index 3741859765cf..deec9511f1d3 100644
+--- a/arch/arm64/Kconfig
+++ b/arch/arm64/Kconfig
+@@ -751,6 +751,7 @@ config XEN
+ config FORCE_MAX_ZONEORDER
+ 	int
+ 	default "14" if (ARM64_64K_PAGES && TRANSPARENT_HUGEPAGE)
+	default "13" if (ARCH_THUNDER && !ARM64_64K_PAGES)
+ 	default "12" if (ARM64_16K_PAGES && TRANSPARENT_HUGEPAGE)
+ 	default "11"
+ 	help
+-- 
+2.12.2
+
--- a/arm64-ZynqMP-firmware-clock-drivers-core.patch
+++ b/arm64-ZynqMP-firmware-clock-drivers-core.patch
--- a/arm64-arch_timer-Workaround-for-Allwinner-A64-timer-instability.patch
+++ b/arm64-arch_timer-Workaround-for-Allwinner-A64-timer-instability.patch
@ -0,0 +1,184 @@
+From patchwork Fri May 11 02:27:50 2018
+Content-Type: text/plain; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 8bit
+Subject: [1/2] arm64: arch_timer: Workaround for Allwinner A64 timer
+ instability
+From: Samuel Holland <samuel@sholland.org>
+X-Patchwork-Id: 10392891
+Message-Id: <20180511022751.9096-2-samuel@sholland.org>
+To: Maxime Ripard <maxime.ripard@bootlin.com>, Chen-Yu Tsai <wens@csie.org>, 
+ Catalin Marinas <catalin.marinas@arm.com>,
+ Will Deacon <will.deacon@arm.com>,
+ Daniel Lezcano <daniel.lezcano@linaro.org>,
+ Thomas Gleixner <tglx@linutronix.de>, Marc Zyngier <marc.zyngier@arm.com>
+Cc: linux-sunxi@googlegroups.com, linux-kernel@vger.kernel.org,
+ linux-arm-kernel@lists.infradead.org, Samuel Holland <samuel@sholland.org>
+Date: Thu, 10 May 2018 21:27:50 -0500
+
+The Allwinner A64 SoC is known [1] to have an unstable architectural
+timer, which manifests itself most obviously in the time jumping forward
+a multiple of 95 years [2][3]. This coincides with 2^56 cycles at a
+timer frequency of 24 MHz, implying that the time went slightly backward
+(and this was interpreted by the kernel as it jumping forward and
+wrapping around past the epoch).
+
+Further investigation revealed instability in the low bits of CNTVCT at
+the point a high bit rolls over. This leads to power-of-two cycle
+forward and backward jumps. (Testing shows that forward jumps are about
+twice as likely as backward jumps.)
+
+Without trapping reads to CNTVCT, a userspace program is able to read it
+in a loop faster than it changes. A test program running on all 4 CPU
+cores that reported jumps larger than 100 ms was run for 13.6 hours and
+reported the following:
+
+ Count | Event
+-------+---------------------------
+  9940 | jumped backward      699ms
+   268 | jumped backward     1398ms
+     1 | jumped backward     2097ms
+ 16020 | jumped forward       175ms
+  6443 | jumped forward       699ms
+  2976 | jumped forward      1398ms
+     9 | jumped forward    356516ms
+     9 | jumped forward    357215ms
+     4 | jumped forward    714430ms
+     1 | jumped forward   3578440ms
+
+This works out to a jump larger than 100 ms about every 5.5 seconds on
+each CPU core.
+
+The largest jump (almost an hour!) was the following sequence of reads:
+      0x0000007fffffffff → 0x00000093feffffff → 0x0000008000000000
+
+Note that the middle bits don't necessarily all read as all zeroes or
+all ones during the anomalous behavior; however the low 11 bits checked
+by the function in this patch have never been observed with any other
+value.
+
+Also note that smaller jumps are much more common, with the smallest
+backward jumps of 2048 cycles observed over 400 times per second on each
+core. (Of course, this is partially due to lower bits rolling over more
+frequently.) Any one of these could have caused the 95 year time skip.
+
+Similar anomalies were observed while reading CNTPCT (after patching the
+kernel to allow reads from userspace). However, the jumps are much less
+frequent, and only small jumps were observed. The same program as before
+(except now reading CNTPCT) observed after 72 hours:
+
+ Count | Event
+-------+---------------------------
+    17 | jumped backward      699ms
+    52 | jumped forward       175ms
+  2831 | jumped forward       699ms
+     5 | jumped forward      1398ms
+Acked-by: Maxime Ripard <maxime.ripard@bootlin.com>
+Tested-by: Andre Przywara <andre.przywara@arm.com>
+
+========================================================================
+
+Because the CPU can read the CNTPCT/CNTVCT registers faster than they
+change, performing two reads of the register and comparing the high bits
+(like other workarounds) is not a workable solution. And because the
+timer can jump both forward and backward, no pair of reads can
+distinguish a good value from a bad one. The only way to guarantee a
+good value from consecutive reads would be to read _three_ times, and
+take the middle value iff the three values are 1) individually unique
+and 2) increasing. This takes at minimum 3 cycles (125 ns), or more if
+an anomaly is detected.
+
+However, since there is a distinct pattern to the bad values, we can
+optimize the common case (2046/2048 of the time) to a single read by
+simply ignoring values that match the pattern. This still takes no more
+than 3 cycles in the worst case, and requires much less code.
+
+[1]: https://github.com/armbian/build/commit/a08cd6fe7ae9
+[2]: https://forum.armbian.com/topic/3458-a64-datetime-clock-issue/
+[3]: https://irclog.whitequark.org/linux-sunxi/2018-01-26
+
+Signed-off-by: Samuel Holland <samuel@sholland.org>
+---
+ drivers/clocksource/Kconfig          | 11 ++++++++++
+ drivers/clocksource/arm_arch_timer.c | 39 ++++++++++++++++++++++++++++++++++++
+ 2 files changed, 50 insertions(+)
+
+diff --git a/drivers/clocksource/Kconfig b/drivers/clocksource/Kconfig
+index 8e8a09755d10..7a5d434dd30b 100644
+--- a/drivers/clocksource/Kconfig
+++ b/drivers/clocksource/Kconfig
+@@ -364,6 +364,17 @@ config ARM64_ERRATUM_858921
+ 	  The workaround will be dynamically enabled when an affected
+ 	  core is detected.
+ 
+config SUN50I_A64_UNSTABLE_TIMER
+	bool "Workaround for Allwinner A64 timer instability"
+	default y
+	depends on ARM_ARCH_TIMER && ARM64 && ARCH_SUNXI
+	select ARM_ARCH_TIMER_OOL_WORKAROUND
+	help
+	  This option enables a workaround for instability in the timer on
+	  the Allwinner A64 SoC. The workaround will only be active if the
+	  allwinner,sun50i-a64-unstable-timer property is found in the
+	  timer node.
+
+ config ARM_GLOBAL_TIMER
+ 	bool "Support for the ARM global timer" if COMPILE_TEST
+ 	select TIMER_OF if OF
+diff --git a/drivers/clocksource/arm_arch_timer.c b/drivers/clocksource/arm_arch_timer.c
+index 57cb2f00fc07..66ce13578c52 100644
+--- a/drivers/clocksource/arm_arch_timer.c
+++ b/drivers/clocksource/arm_arch_timer.c
+@@ -319,6 +319,36 @@ static u64 notrace arm64_858921_read_cntvct_el0(void)
+ }
+ #endif
+ 
+#ifdef CONFIG_SUN50I_A64_UNSTABLE_TIMER
+/*
+ * The low bits of each register can transiently read as all ones or all zeroes
+ * when bit 11 or greater rolls over. Since the value can jump both backward
+ * (7ff -> 000 -> 800) and forward (7ff -> fff -> 800), it is simplest to just
+ * ignore register values with all ones or zeros in the low bits.
+ */
+static u64 notrace sun50i_a64_read_cntpct_el0(void)
+{
+	u64 val;
+
+	do {
+		val = read_sysreg(cntpct_el0);
+	} while (((val + 1) & GENMASK(10, 0)) <= 1);
+
+	return val;
+}
+
+static u64 notrace sun50i_a64_read_cntvct_el0(void)
+{
+	u64 val;
+
+	do {
+		val = read_sysreg(cntvct_el0);
+	} while (((val + 1) & GENMASK(10, 0)) <= 1);
+
+	return val;
+}
+#endif
+
+ #ifdef CONFIG_ARM_ARCH_TIMER_OOL_WORKAROUND
+ DEFINE_PER_CPU(const struct arch_timer_erratum_workaround *, timer_unstable_counter_workaround);
+ EXPORT_SYMBOL_GPL(timer_unstable_counter_workaround);
+@@ -408,6 +438,15 @@ static const struct arch_timer_erratum_workaround ool_workarounds[] = {
+ 		.read_cntvct_el0 = arm64_858921_read_cntvct_el0,
+ 	},
+ #endif
+#ifdef CONFIG_SUN50I_A64_UNSTABLE_TIMER
+	{
+		.match_type = ate_match_dt,
+		.id = "allwinner,sun50i-a64-unstable-timer",
+		.desc = "Allwinner A64 timer instability",
+		.read_cntpct_el0 = sun50i_a64_read_cntpct_el0,
+		.read_cntvct_el0 = sun50i_a64_read_cntvct_el0,
+	},
+#endif
+ };
+ 
+ typedef bool (*ate_match_fn_t)(const struct arch_timer_erratum_workaround *,
--- a/arm64-dts-allwinner-a64-Enable-A64-timer-workaround.patch
+++ b/arm64-dts-allwinner-a64-Enable-A64-timer-workaround.patch
@ -0,0 +1,38 @@
+From patchwork Fri May 11 02:27:51 2018
+Content-Type: text/plain; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+Subject: [2/2] arm64: dts: allwinner: a64: Enable A64 timer workaround
+From: Samuel Holland <samuel@sholland.org>
+X-Patchwork-Id: 10392889
+Message-Id: <20180511022751.9096-3-samuel@sholland.org>
+To: Maxime Ripard <maxime.ripard@bootlin.com>, Chen-Yu Tsai <wens@csie.org>, 
+ Catalin Marinas <catalin.marinas@arm.com>,
+ Will Deacon <will.deacon@arm.com>,
+ Daniel Lezcano <daniel.lezcano@linaro.org>,
+ Thomas Gleixner <tglx@linutronix.de>, Marc Zyngier <marc.zyngier@arm.com>
+Cc: linux-sunxi@googlegroups.com, linux-kernel@vger.kernel.org,
+ linux-arm-kernel@lists.infradead.org, Samuel Holland <samuel@sholland.org>
+Date: Thu, 10 May 2018 21:27:51 -0500
+
+As instability in the architectural timer has been observed on multiple
+devices using this SoC, inluding the Pine64 and the Orange Pi Win,
+enable the workaround in the SoC's device tree.
+
+Signed-off-by: Samuel Holland <samuel@sholland.org>
+---
+ arch/arm64/boot/dts/allwinner/sun50i-a64.dtsi | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/arch/arm64/boot/dts/allwinner/sun50i-a64.dtsi b/arch/arm64/boot/dts/allwinner/sun50i-a64.dtsi
+index 1b2ef28c42bd..5202b76e9684 100644
+--- a/arch/arm64/boot/dts/allwinner/sun50i-a64.dtsi
+++ b/arch/arm64/boot/dts/allwinner/sun50i-a64.dtsi
+@@ -152,6 +152,7 @@
+ 
+ 	timer {
+ 		compatible = "arm,armv8-timer";
+		allwinner,sun50i-a64-unstable-timer;
+ 		interrupts = <GIC_PPI 13
+ 			(GIC_CPU_MASK_SIMPLE(4) | IRQ_TYPE_LEVEL_HIGH)>,
+ 			     <GIC_PPI 14
--- a/ath9k-rx-dma-stop-check.patch
+++ b/ath9k-rx-dma-stop-check.patch
@ -0,0 +1,38 @@
+From: "kernel-team@fedoraproject.org" <kernel-team@fedoraproject.org>
+Date: Wed, 6 Feb 2013 09:57:47 -0500
+Subject: [PATCH] ath9k: rx dma stop check
+
+---
+ drivers/net/wireless/ath/ath9k/mac.c | 12 +++++++++++-
+ 1 file changed, 11 insertions(+), 1 deletion(-)
+
+diff --git a/drivers/net/wireless/ath/ath9k/mac.c b/drivers/net/wireless/ath/ath9k/mac.c
+index bba85d1a6cd1..ebbee8f17130 100644
+--- a/drivers/net/wireless/ath/ath9k/mac.c
+++ b/drivers/net/wireless/ath/ath9k/mac.c
+@@ -693,7 +693,7 @@ bool ath9k_hw_stopdmarecv(struct ath_hw *ah, bool *reset)
+ {
+ #define AH_RX_STOP_DMA_TIMEOUT 10000   /* usec */
+ 	struct ath_common *common = ath9k_hw_common(ah);
+-	u32 mac_status, last_mac_status = 0;
+	u32 mac_status = 0, last_mac_status = 0;
+ 	int i;
+ 
+ 	/* Enable access to the DMA observation bus */
+@@ -723,6 +723,16 @@ bool ath9k_hw_stopdmarecv(struct ath_hw *ah, bool *reset)
+ 	}
+ 
+ 	if (i == 0) {
+		if (!AR_SREV_9300_20_OR_LATER(ah) &&
+		    (mac_status & 0x700) == 0) {
+			/*
+			 * DMA is idle but the MAC is still stuck
+			 * processing events
+			 */
+			*reset = true;
+			return true;
+		}
+
+ 		ath_err(common,
+ 			"DMA failed to stop in %d ms AR_CR=0x%08x AR_DIAG_SW=0x%08x DMADBG_7=0x%08x\n",
+ 			AH_RX_STOP_DMA_TIMEOUT / 1000,
--- a/bcm2837-enable-pmu.patch
+++ b/bcm2837-enable-pmu.patch
@ -0,0 +1,31 @@
+From 69e52712002cb6768b894cde9620fb426fd8728d Mon Sep 17 00:00:00 2001
+From: Stefan Wahren <stefan.wahren@i2se.com>
+Date: Fri, 16 Mar 2018 21:49:37 +0100
+Subject: [PATCH] ARM: dts: bcm2837: Enable PMU on Raspberry Pi 3
+
+This enables the PMU (performance monitoring unit) on Raspberry Pi 3.
+In order to make it work on ARM and ARM64, we need to specify two
+compatible strings.
+
+Signed-off-by: Stefan Wahren <stefan.wahren@i2se.com>
+---
+ arch/arm/boot/dts/bcm2837.dtsi | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/arch/arm/boot/dts/bcm2837.dtsi b/arch/arm/boot/dts/bcm2837.dtsi
+index 7704bb029605..1f5e5c782835 100644
+--- a/arch/arm/boot/dts/bcm2837.dtsi
+++ b/arch/arm/boot/dts/bcm2837.dtsi
+@@ -17,6 +17,12 @@
+ 		};
+ 	};
+ 
+	arm-pmu {
+		compatible = "arm,cortex-a53-pmu", "arm,cortex-a7-pmu";
+		interrupt-parent = <&local_intc>;
+		interrupts = <9 IRQ_TYPE_LEVEL_HIGH>;
+	};
+
+ 	timer {
+ 		compatible = "arm,armv7-timer";
+ 		interrupt-parent = <&local_intc>;
--- a/build_configs.sh
+++ b/build_configs.sh
@ -0,0 +1 @@
+configs/build_configs.sh
--- a/149
+++ b/149
@ -1,149 +0,0 @@
-#!/usr/bin/python3
-#
-# check-kabi - Red Hat kABI reference checking tool
-#
-# We use this script to check against reference Module.kabi files.
-#
-# Author: Jon Masters <jcm@redhat.com>
-# Copyright (C) 2007-2009 Red Hat, Inc.
-#
-# This software may be freely redistributed under the terms of the GNU
-# General Public License (GPL).
-
-# Changelog:
-#
-# 2018/06/01 - Update for python3 by Petr Oros.
-# 2009/08/15 - Updated for use in RHEL6.
-# 2007/06/13 - Initial rewrite in python by Jon Masters.
-
-__author__ = "Jon Masters <jcm@redhat.com>"
-__version__ = "2.0"
-__date__ = "2009/08/15"
-__copyright__ = "Copyright (C) 2007-2009 Red Hat, Inc"
-__license__ = "GPL"
-
-import getopt
-import string
-import sys
-
-true = 1
-false = 0
-
-
-def load_symvers(symvers, filename):
-    """Load a Module.symvers file."""
-
-    symvers_file = open(filename, "r")
-
-    while true:
-        in_line = symvers_file.readline()
-        if in_line == "":
-            break
-        if in_line == "\n":
-            continue
-        checksum, symbol, directory, type = in_line.split()
-
-        symvers[symbol] = in_line[0:-1]
-
-
-def load_kabi(kabi, filename):
-    """Load a Module.kabi file."""
-
-    kabi_file = open(filename, "r")
-
-    while true:
-        in_line = kabi_file.readline()
-        if in_line == "":
-            break
-        if in_line == "\n":
-            continue
-        checksum, symbol, directory, type = in_line.split()
-
-        kabi[symbol] = in_line[0:-1]
-
-
-def check_kabi(symvers, kabi):
-    """Check Module.kabi and Module.symvers files."""
-
-    fail = 0
-    warn = 0
-    changed_symbols = []
-    moved_symbols = []
-
-    for symbol in kabi:
-        abi_hash, abi_sym, abi_dir, abi_type = kabi[symbol].split()
-        if symbol in symvers:
-            sym_hash, sym_sym, sym_dir, sym_type = symvers[symbol].split()
-            if abi_hash != sym_hash:
-                fail = 1
-                changed_symbols.append(symbol)
-
-            if abi_dir != sym_dir:
-                warn = 1
-                moved_symbols.append(symbol)
-        else:
-            fail = 1
-            changed_symbols.append(symbol)
-
-    if fail:
-        print("*** ERROR - ABI BREAKAGE WAS DETECTED ***")
-        print("")
-        print("The following symbols have been changed (this will cause an ABI breakage):")
-        print("")
-        for symbol in changed_symbols:
-            print(symbol)
-        print("")
-
-    if warn:
-        print("*** WARNING - ABI SYMBOLS MOVED ***")
-        print("")
-        print("The following symbols moved (typically caused by moving a symbol from being")
-        print("provided by the kernel vmlinux out to a loadable module):")
-        print("")
-        for symbol in moved_symbols:
-            print(symbol)
-        print("")
-
-    """Halt the build, if we got errors and/or warnings. In either case,
-       double-checkig is required to avoid introducing / concealing
-       KABI inconsistencies."""
-    if fail or warn:
-        sys.exit(1)
-    sys.exit(0)
-
-
-def usage():
-    print("""
-check-kabi: check Module.kabi and Module.symvers files.
-
-    check-kabi [ -k Module.kabi ] [ -s Module.symvers ]
-
-""")
-
-
-if __name__ == "__main__":
-
-    symvers_file = ""
-    kabi_file = ""
-
-    opts, args = getopt.getopt(sys.argv[1:], 'hk:s:')
-
-    for o, v in opts:
-        if o == "-s":
-            symvers_file = v
-        if o == "-h":
-            usage()
-            sys.exit(0)
-        if o == "-k":
-            kabi_file = v
-
-    if (symvers_file == "") or (kabi_file == ""):
-        usage()
-        sys.exit(1)
-
-    symvers = {}
-    kabi = {}
-
-    load_symvers(symvers, symvers_file)
-    load_kabi(kabi, kabi_file)
-    check_kabi(symvers, kabi)
--- a/check_configs.awk
+++ b/check_configs.awk
@ -0,0 +1,22 @@
+#!/usr/bin/awk -f
+
+/is not set/ {
+                split ($0, a, "#");
+                split(a[2], b);
+                if (NR==FNR) {
+                        configs[b[1]]="is not set";
+                } else {
+                        if (configs[b[1]] != "" && configs[b[1]] != "is not set")
+                                print "Found # "b[1] " is not set, after generation, had " b[1] " " configs[b[1]] " in Fedora tree";
+                }
+}
+
+/=/     {
+                split ($0, a, "=");
+                if (NR==FNR) {
+                        configs[a[1]]=a[2];
+                } else {
+                        if (configs[a[1]] != "" && configs[a[1]] != a[2])
+                                print "Found "a[1]"="configs[a[1]]"  after generation, had " a[1]"="a[2]" in Fedora tree";
+                }
+}
--- a/1
+++ b/1
@ -0,0 +1 @@
+configs/config_generation
--- a/configs/build_configs.sh
+++ b/configs/build_configs.sh
@ -0,0 +1,139 @@
+#!/bin/bash
+#
+# This script merges together the hierarchy of CONFIG_* files under generic
+# and debug to form the necessary $PACKAGE_NAME<version>-<arch>-<variant>.config
+# files for building RHEL kernels, based on the contents of a control file
+
+PACKAGE_NAME="${1:-kernel}" # defines the package name used
+KVERREL="${2:-}"
+SUBARCH="${3:-}" # defines a specific arch
+SCRIPT="$(readlink -f $0)"
+OUTPUT_DIR="$PWD"
+SCRIPT_DIR="$(dirname $SCRIPT)"
+
+LANG=en_US.UTF-8
+
+# to handle this script being a symlink
+cd $SCRIPT_DIR
+
+set errexit
+set nounset
+
+control_file="config_generation"
+
+cleanup()
+{
+	rm -f config-*
+}
+
+die()
+{
+	echo "$1"
+	cleanup
+	exit 1
+}
+
+function combine_config_layer()
+{
+	dir=$1
+	file="config-$(echo $dir | sed -e 's|/|-|g')"
+
+	if [ $(ls $dir/ | grep -c "^CONFIG_") -eq 0 ]; then
+		touch $file
+		return
+	fi
+
+	cat $dir/CONFIG_* > $file
+}
+
+function merge_configs()
+{
+	archvar=$1
+	arch=$(echo "$archvar" | cut -f1 -d"-")
+	configs=$2
+	order=$3
+	name=$OUTPUT_DIR/$PACKAGE_NAME-$archvar.config
+	echo -n "Building $name ... "
+	touch config-merging config-merged
+
+	# apply based on order
+	skip_if_missing=""
+	for o in $order
+	do
+		for config in $(echo $configs | sed -e 's/:/ /g')
+		do
+			cfile="config-$o-$config"
+
+			test -n "$skip_if_missing" && test ! -e $cfile && continue
+
+			perl merge.pl $cfile config-merging > config-merged
+			if [ ! $? -eq 0 ]; then
+				die "Failed to merge $cfile"
+			fi
+			mv config-merged config-merging
+		done
+
+		# first configs in $order is baseline, all files should be
+		# there.  second pass is overrides and can be missing.
+		skip_if_missing="1"
+	done
+	if [ "x$arch" == "xaarch64" ]; then
+		echo "# arm64" > $name
+	elif [ "x$arch" == "xppc64" ]; then
+		echo "# powerpc" > $name
+	elif [ "x$arch" == "xppc64le" ]; then
+		echo "# powerpc" > $name
+	elif [ "x$arch" == "xs390x" ]; then
+		echo "# s390" > $name
+	elif [ "x$arch" == "xarmv7hl" ]; then
+		echo "# arm" > $name
+	elif [ "x$arch" == "xi686" ]; then
+		echo "# i386" > $name
+	else
+		echo "# $arch" > $name
+	fi
+	sort config-merging >> $name
+	rm -f config-merged config-merging
+	echo "done"
+}
+
+while read line
+do
+	if [ $(echo "$line" | grep -c "^#") -ne 0 ]; then
+		continue
+	elif [ $(echo "$line" | grep -c "^$") -ne 0 ]; then
+		continue
+	elif [ $(echo "$line" | grep -c "^ORDER") -ne 0 ]; then
+		order=$(echo "$line" | cut -f2 -d"=")
+		for o in $order
+		do
+			glist=$(find $o -type d)
+			for d in $glist
+			do
+				combine_config_layer $d
+			done
+		done
+	else
+		arch=$(echo "$line" | cut -f1 -d"=")
+		configs=$(echo "$line" | cut -f2 -d"=")
+
+		if [ -n "$SUBARCH" -a "$SUBARCH" != "$arch" ]; then
+			continue
+		fi
+
+		merge_configs $arch $configs "$order"
+	fi
+done < $control_file
+
+# A passed in kernel version implies copy to final location
+# otherwise defer to another script
+if test -n "$KVERREL"
+then
+	for i in kernel-*.config
+	do
+		NEW="$(echo $i | sed "s/$PACKAGE_NAME-$SUBARCH/$PACKAGE_NAME-$KVERREL-$SUBARCH/")"
+		mv $i $NEW
+	done
+fi
+
+cleanup
--- a/configs/config_generation
+++ b/configs/config_generation
@ -0,0 +1,41 @@
+# config-variant=config:config:config
+# kernel.config files are build on the fly based on this config,
+# the first arg is arch and variant, the second is a hierarchy of
+# config options, lowest priority to highest
+
+# tells the build_configs.sh which order to build the configs.
+# this is useful when providing a separate overrides directory.
+# do not use quotes and space separate the directories.
+ORDER=fedora
+
+# x86_64
+x86_64=generic:generic-x86:generic-x86-x86_64
+x86_64-debug=generic:generic-x86:generic-x86-x86_64:debug:debug-x86:debug-x86-x86_64
+
+# i686
+i686=generic:generic-x86:generic-x86-i686
+i686-debug=generic:generic-x86:generic-x86-i686:debug:debug-x86
+i686-PAE=generic:generic-x86:generic-x86-i686PAE
+i686-PAEdebug=generic:generic-x86:generic-x86-i686PAE:debug:debug-x86
+
+# ppc64
+ppc64=generic:generic-powerpc:generic-powerpc-powerpc64
+ppc64-debug=generic:generic-powerpc:generic-powerpc-powerpc64:debug
+
+# ppc64le
+ppc64le=generic:generic-powerpc:generic-powerpc-powerpc64le
+ppc64le-debug=generic:generic-powerpc:generic-powerpc-powerpc64le:debug
+
+# s390x
+s390x=generic:generic-s390x
+s390x-debug=generic:generic-s390x:debug
+
+# aarch64
+aarch64=generic:generic-arm:generic-arm-aarch64
+aarch64-debug=generic:generic-arm:generic-arm-aarch64:debug:debug-arm
+
+# arm
+armv7hl=generic:generic-arm:generic-arm-armv7:generic-arm-armv7-armv7
+armv7hl-debug=generic:generic-arm:generic-arm-armv7:generic-arm-armv7-armv7:debug:debug-arm
+armv7hl-lpae=generic:generic-arm:generic-arm-armv7:generic-arm-armv7-lpae
+armv7hl-lpae-debug=generic:generic-arm:generic-arm-armv7:generic-arm-armv7-lpae:debug:debug-arm
--- a/configs/fedora/debug/CONFIG_ACPI_DEBUG
+++ b/configs/fedora/debug/CONFIG_ACPI_DEBUG
@ -0,0 +1 @@
+CONFIG_ACPI_DEBUG=y
--- a/configs/fedora/debug/CONFIG_ARM64_PTDUMP
+++ b/configs/fedora/debug/CONFIG_ARM64_PTDUMP
@ -0,0 +1 @@
+CONFIG_ARM64_PTDUMP=y
--- a/configs/fedora/debug/CONFIG_ARM_PTDUMP
+++ b/configs/fedora/debug/CONFIG_ARM_PTDUMP
@ -0,0 +1 @@
+CONFIG_ARM_PTDUMP=y
--- a/configs/fedora/debug/CONFIG_ARM_PTDUMP_DEBUGFS
+++ b/configs/fedora/debug/CONFIG_ARM_PTDUMP_DEBUGFS
@ -0,0 +1 @@
+CONFIG_ARM_PTDUMP_DEBUGFS=y
--- a/configs/fedora/debug/CONFIG_ATH_DEBUG
+++ b/configs/fedora/debug/CONFIG_ATH_DEBUG
@ -0,0 +1 @@
+CONFIG_ATH_DEBUG=y
--- a/configs/fedora/debug/CONFIG_B43LEGACY_DEBUG
+++ b/configs/fedora/debug/CONFIG_B43LEGACY_DEBUG
@ -0,0 +1 @@
+CONFIG_B43LEGACY_DEBUG=y
--- a/configs/fedora/debug/CONFIG_B43_DEBUG
+++ b/configs/fedora/debug/CONFIG_B43_DEBUG
@ -0,0 +1 @@
+CONFIG_B43_DEBUG=y
--- a/configs/fedora/debug/CONFIG_BLK_DEV_NULL_BLK_FAULT_INJECTION
+++ b/configs/fedora/debug/CONFIG_BLK_DEV_NULL_BLK_FAULT_INJECTION
@ -0,0 +1 @@
+CONFIG_BLK_DEV_NULL_BLK_FAULT_INJECTION=y
--- a/configs/fedora/debug/CONFIG_BPF_KPROBE_OVERRIDE
+++ b/configs/fedora/debug/CONFIG_BPF_KPROBE_OVERRIDE
@ -0,0 +1 @@
+CONFIG_BPF_KPROBE_OVERRIDE=y
--- a/configs/fedora/debug/CONFIG_CAN_DEBUG_DEVICES
+++ b/configs/fedora/debug/CONFIG_CAN_DEBUG_DEVICES
@ -0,0 +1 @@
+CONFIG_CAN_DEBUG_DEVICES=y
--- a/configs/fedora/debug/CONFIG_CARL9170_DEBUGFS
+++ b/configs/fedora/debug/CONFIG_CARL9170_DEBUGFS
@ -0,0 +1 @@
+CONFIG_CARL9170_DEBUGFS=y
--- a/configs/fedora/debug/CONFIG_CEPH_LIB_PRETTYDEBUG
+++ b/configs/fedora/debug/CONFIG_CEPH_LIB_PRETTYDEBUG
@ -0,0 +1 @@
+CONFIG_CEPH_LIB_PRETTYDEBUG=y
--- a/configs/fedora/debug/CONFIG_CPU_NOTIFIER_ERROR_INJECT
+++ b/configs/fedora/debug/CONFIG_CPU_NOTIFIER_ERROR_INJECT
@ -0,0 +1 @@
+CONFIG_CPU_NOTIFIER_ERROR_INJECT=m
--- a/configs/fedora/debug/CONFIG_DEBUG_ATOMIC_SLEEP
+++ b/configs/fedora/debug/CONFIG_DEBUG_ATOMIC_SLEEP
@ -0,0 +1 @@
+CONFIG_DEBUG_ATOMIC_SLEEP=y
--- a/configs/fedora/debug/CONFIG_DEBUG_BLK_CGROUP
+++ b/configs/fedora/debug/CONFIG_DEBUG_BLK_CGROUP
@ -0,0 +1 @@
+CONFIG_DEBUG_BLK_CGROUP=y
--- a/configs/fedora/debug/CONFIG_DEBUG_CREDENTIALS
+++ b/configs/fedora/debug/CONFIG_DEBUG_CREDENTIALS
@ -0,0 +1 @@
+CONFIG_DEBUG_CREDENTIALS=y
--- a/configs/fedora/debug/CONFIG_DEBUG_FORCE_WEAK_PER_CPU
+++ b/configs/fedora/debug/CONFIG_DEBUG_FORCE_WEAK_PER_CPU
@ -0,0 +1 @@
+CONFIG_DEBUG_FORCE_WEAK_PER_CPU=y
--- a/configs/fedora/debug/CONFIG_DEBUG_KMEMLEAK
+++ b/configs/fedora/debug/CONFIG_DEBUG_KMEMLEAK
@ -0,0 +1 @@
+CONFIG_DEBUG_KMEMLEAK=y
--- a/configs/fedora/debug/CONFIG_DEBUG_KMEMLEAK_DEFAULT_OFF
+++ b/configs/fedora/debug/CONFIG_DEBUG_KMEMLEAK_DEFAULT_OFF
@ -0,0 +1 @@
+CONFIG_DEBUG_KMEMLEAK_DEFAULT_OFF=y
--- a/configs/fedora/debug/CONFIG_DEBUG_KMEMLEAK_EARLY
+++ b/configs/fedora/debug/CONFIG_DEBUG_KMEMLEAK_EARLY
@ -0,0 +1 @@
+CONFIG_DEBUG_KMEMLEAK_EARLY_LOG_SIZE=4096
--- a/configs/fedora/debug/CONFIG_DEBUG_LOCK_ALLOC
+++ b/configs/fedora/debug/CONFIG_DEBUG_LOCK_ALLOC
@ -0,0 +1 @@
+CONFIG_DEBUG_LOCK_ALLOC=y
--- a/configs/fedora/debug/CONFIG_DEBUG_MUTEXES
+++ b/configs/fedora/debug/CONFIG_DEBUG_MUTEXES
@ -0,0 +1 @@
+CONFIG_DEBUG_MUTEXES=y
--- a/configs/fedora/debug/CONFIG_DEBUG_NOTIFIERS
+++ b/configs/fedora/debug/CONFIG_DEBUG_NOTIFIERS
@ -0,0 +1 @@
+CONFIG_DEBUG_NOTIFIERS=y
--- a/configs/fedora/debug/CONFIG_DEBUG_OBJECTS
+++ b/configs/fedora/debug/CONFIG_DEBUG_OBJECTS
@ -0,0 +1 @@
+CONFIG_DEBUG_OBJECTS=y
--- a/configs/fedora/debug/CONFIG_DEBUG_OBJECTS_FREE
+++ b/configs/fedora/debug/CONFIG_DEBUG_OBJECTS_FREE
@ -0,0 +1 @@
+CONFIG_DEBUG_OBJECTS_FREE=y
--- a/configs/fedora/debug/CONFIG_DEBUG_OBJECTS_PERCPU_COUNTER
+++ b/configs/fedora/debug/CONFIG_DEBUG_OBJECTS_PERCPU_COUNTER
@ -0,0 +1 @@
+CONFIG_DEBUG_OBJECTS_PERCPU_COUNTER=y
--- a/configs/fedora/debug/CONFIG_DEBUG_OBJECTS_RCU_HEAD
+++ b/configs/fedora/debug/CONFIG_DEBUG_OBJECTS_RCU_HEAD
@ -0,0 +1 @@
+CONFIG_DEBUG_OBJECTS_RCU_HEAD=y
--- a/configs/fedora/debug/CONFIG_DEBUG_OBJECTS_TIMERS
+++ b/configs/fedora/debug/CONFIG_DEBUG_OBJECTS_TIMERS
@ -0,0 +1 @@
+CONFIG_DEBUG_OBJECTS_TIMERS=y
--- a/configs/fedora/debug/CONFIG_DEBUG_OBJECTS_WORK
+++ b/configs/fedora/debug/CONFIG_DEBUG_OBJECTS_WORK
@ -0,0 +1 @@
+CONFIG_DEBUG_OBJECTS_WORK=y
--- a/configs/fedora/debug/CONFIG_DEBUG_PAGEALLOC
+++ b/configs/fedora/debug/CONFIG_DEBUG_PAGEALLOC
@ -0,0 +1 @@
+# CONFIG_DEBUG_PAGEALLOC is not set
--- a/configs/fedora/debug/CONFIG_DEBUG_PERF_USE_VMALLOC
+++ b/configs/fedora/debug/CONFIG_DEBUG_PERF_USE_VMALLOC
@ -0,0 +1 @@
+CONFIG_DEBUG_PERF_USE_VMALLOC=y
--- a/configs/fedora/debug/CONFIG_DEBUG_PER_CPU_MAPS
+++ b/configs/fedora/debug/CONFIG_DEBUG_PER_CPU_MAPS
@ -0,0 +1 @@
+CONFIG_DEBUG_PER_CPU_MAPS=y
--- a/configs/fedora/debug/CONFIG_DEBUG_PI_LIST
+++ b/configs/fedora/debug/CONFIG_DEBUG_PI_LIST
@ -0,0 +1 @@
+CONFIG_DEBUG_PI_LIST=y
--- a/configs/fedora/debug/CONFIG_DEBUG_REFCOUNT
+++ b/configs/fedora/debug/CONFIG_DEBUG_REFCOUNT
@ -0,0 +1 @@
+CONFIG_DEBUG_REFCOUNT=y
--- a/configs/fedora/debug/CONFIG_DEBUG_RT_MUTEXES
+++ b/configs/fedora/debug/CONFIG_DEBUG_RT_MUTEXES
@ -0,0 +1 @@
+CONFIG_DEBUG_RT_MUTEXES=y
--- a/configs/fedora/debug/CONFIG_DEBUG_RWSEMS
+++ b/configs/fedora/debug/CONFIG_DEBUG_RWSEMS
@ -0,0 +1 @@
+CONFIG_DEBUG_RWSEMS=y
--- a/configs/fedora/debug/CONFIG_DEBUG_SG
+++ b/configs/fedora/debug/CONFIG_DEBUG_SG
@ -0,0 +1 @@
+CONFIG_DEBUG_SG=y
--- a/configs/fedora/debug/CONFIG_DEBUG_SLAB
+++ b/configs/fedora/debug/CONFIG_DEBUG_SLAB
@ -0,0 +1 @@
+CONFIG_DEBUG_SLAB=y
--- a/configs/fedora/debug/CONFIG_DEBUG_SPINLOCK
+++ b/configs/fedora/debug/CONFIG_DEBUG_SPINLOCK
@ -0,0 +1 @@
+CONFIG_DEBUG_SPINLOCK=y
--- a/configs/fedora/debug/CONFIG_DEBUG_STACK_USAGE
+++ b/configs/fedora/debug/CONFIG_DEBUG_STACK_USAGE
@ -0,0 +1 @@
+CONFIG_DEBUG_STACK_USAGE=y
--- a/configs/fedora/debug/CONFIG_DEBUG_VM
+++ b/configs/fedora/debug/CONFIG_DEBUG_VM
@ -0,0 +1 @@
+CONFIG_DEBUG_VM=y
--- a/configs/fedora/debug/CONFIG_DEBUG_VM_PGFLAGS
+++ b/configs/fedora/debug/CONFIG_DEBUG_VM_PGFLAGS
@ -0,0 +1 @@
+CONFIG_DEBUG_VM_PGFLAGS=y
--- a/configs/fedora/debug/CONFIG_DEBUG_WW_MUTEX_SLOWPATH
+++ b/configs/fedora/debug/CONFIG_DEBUG_WW_MUTEX_SLOWPATH
@ -0,0 +1 @@
+CONFIG_DEBUG_WW_MUTEX_SLOWPATH=y
--- a/configs/fedora/debug/CONFIG_DETECT_HUNG_TASK
+++ b/configs/fedora/debug/CONFIG_DETECT_HUNG_TASK
@ -0,0 +1 @@
+CONFIG_DETECT_HUNG_TASK=y
--- a/configs/fedora/debug/CONFIG_DMADEVICES_DEBUG
+++ b/configs/fedora/debug/CONFIG_DMADEVICES_DEBUG
@ -0,0 +1 @@
+CONFIG_DMADEVICES_DEBUG=y
--- a/configs/fedora/debug/CONFIG_DMADEVICES_VDEBUG
+++ b/configs/fedora/debug/CONFIG_DMADEVICES_VDEBUG
@ -0,0 +1 @@
+# CONFIG_DMADEVICES_VDEBUG is not set
--- a/configs/fedora/debug/CONFIG_DMA_API_DEBUG
+++ b/configs/fedora/debug/CONFIG_DMA_API_DEBUG
@ -0,0 +1 @@
+CONFIG_DMA_API_DEBUG=y
--- a/configs/fedora/debug/CONFIG_DRBD_FAULT_INJECTION
+++ b/configs/fedora/debug/CONFIG_DRBD_FAULT_INJECTION
@ -0,0 +1 @@
+CONFIG_DRBD_FAULT_INJECTION=y
--- a/configs/fedora/debug/CONFIG_EFI_PGT_DUMP
+++ b/configs/fedora/debug/CONFIG_EFI_PGT_DUMP
@ -0,0 +1 @@
+CONFIG_EFI_PGT_DUMP=y
--- a/configs/fedora/debug/CONFIG_EXT4_DEBUG
+++ b/configs/fedora/debug/CONFIG_EXT4_DEBUG
@ -0,0 +1 @@
+CONFIG_EXT4_DEBUG=y
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Laura Abbott	5038283914	Add i915 eDP fixes	2018-10-23 03:26:21 -07:00
Peter Robinson	99efb173c5	Linux v4.18.16	2018-10-21 00:26:28 +01:00
Peter Robinson	2705a5abcc	Fix network on some i.MX6 devices (rhbz 1628209)	2018-10-21 00:19:20 +01:00
Justin M. Forbes	7750898d22	Linux v4.18.15	2018-10-18 11:11:26 -05:00
Justin M. Forbes	c56823b3f8	Linux 4.18.14	2018-10-15 07:16:25 -05:00
Jeremy Cline	36af63d636	Fix the microphone on Lenovo G50-30s (rhbz 1249364)	2018-10-12 09:54:06 -04:00
Laura Abbott	ab387cba42	Linux v4.18.13	2018-10-10 10:00:56 -07:00
Laura Abbott	bbb8ad2185	Disable CONFIG_FRAMEBUFFER_CONSOLE_DEFERRED_TAKEOVER (rhbz 1637547)	2018-10-09 08:26:50 -07:00
Justin M. Forbes	e141e07521	Revert drm/amd/pp: Send khz clock values to DC for smu7/8 (rhbz 1636249)	2018-10-08 16:57:52 -05:00
Laura Abbott	4caa5d4352	Linux v4.18.12	2018-10-04 07:33:35 -07:00
Justin M. Forbes	5826936f37	Fix arm64 kvm priv escalation (rhbz 1635475 1635476)	2018-10-03 07:55:15 -05:00
Laura Abbott	d54a013326	Disable CONFIG_CRYPTO_DEV_SP_PSP (rhbz 1608242)	2018-10-01 12:47:49 -07:00
Laura Abbott	5c244a715c	Fix for Intel Sensor Hub (rhbz 1634250)	2018-10-01 10:48:48 -07:00
Laura Abbott	143f2f1410	Linux v4.18.11	2018-09-30 07:58:22 -07:00
Jeremy Cline	bbc0bbcd2e	Change CONFIG_SSB back to a module (rhbz #1572349 )	2018-09-28 13:32:33 -04:00
Laura Abbott	82aeae7d94	Linux v4.18.10	2018-09-26 02:13:29 -07:00
Laura Abbott	e7783e7e1c	Fix powerpc IPv6 (rhbz 1628394)	2018-09-26 02:03:18 -07:00
Justin M. Forbes	71d09c9a1d	Fix CVE-2018-14633	2018-09-24 07:10:41 -05:00
Justin M. Forbes	926904aee3	Note 4.18.9 fixes CVE-2018-17182	2018-09-20 07:44:18 -05:00
Laura Abbott	45a13388a0	Linux v4.18.9	2018-09-19 19:11:36 -07:00
Laura Abbott	0f58080e74	Linux v4.18.8	2018-09-16 10:44:15 -07:00
Justin M. Forbes	0fc194c42c	Additional Fixes for CVE-2018-5391 (rhbz 1616059)	2018-09-14 14:01:43 -05:00
Laura Abbott	b1cc6d82ff	Use the CPU RNG for entropy (rhbz 1572944)	2018-09-13 17:29:08 -07:00
Laura Abbott	473a8aafe6	HID fixes (rhbz 1627963 1628715)	2018-09-13 17:10:41 -07:00
Laura Abbott	87c80209cc	Linux v4.18.7	2018-09-10 08:10:32 -07:00
Laura Abbott	0fc317f3bd	Linux v4.18.6	2018-09-09 11:00:20 -07:00
Peter Robinson	f607ba7581	drop ARM feature enablement bits that weren't meant to go < f29	2018-09-07 10:22:54 +01:00
Laura Abbott	151d4019f7	Linux v4.18 rebase	2018-09-02 12:13:26 -07:00
Justin M. Forbes	5a10a74844	Update headers script	2018-08-27 11:20:32 -05:00
Justin M. Forbes	f6a90065d9	Linux v4.17.19	2018-08-24 09:41:20 -05:00
Justin M. Forbes	01bd226ddb	Linux v4.17.18	2018-08-22 08:11:02 -05:00
Justin M. Forbes	d9b24fa3d2	Fix CVE-2018-15471 rhbz 1610555 1618414	2018-08-20 08:58:36 -05:00
Justin M. Forbes	3a24c75425	Linux v4.17.17	2018-08-20 06:57:23 -05:00
Justin M. Forbes	2ae6784ba7	Add missing foreshadow patches	2018-08-15 06:50:12 -05:00
Justin M. Forbes	e55efd6b2f	Fix Foreshadow CVE-2018-3620 CVE-2018-3646 (rhbz 1585005 1615998)	2018-08-14 12:47:16 -05:00
Justin M. Forbes	33fa022f32	Linux v4.17.14	2018-08-09 06:51:57 -05:00
Justin M. Forbes	95234a2661	Linux v4.17.13	2018-08-09 03:48:48 -05:00
Justin M. Forbes	c274f6a4ee	Linux v4.17.12	2018-08-03 09:08:47 -05:00
Peter Robinson	059f3ba4f2	Add fix for lan78xx RX packets (Raspberry Pi 3B+)	2018-08-01 18:07:54 +01:00
Justin M. Forbes	27910d55be	Fix CVE-2018-14678 (rhbz 1608559 1608560)	2018-07-30 09:13:33 -05:00
Justin M. Forbes	0d298e70b5	Linux v4.17.11	2018-07-30 08:40:14 -05:00
Justin M. Forbes	23c0c7b625	Add headers tarball creation script	2018-07-27 13:37:17 -05:00
Justin M. Forbes	031975ac6f	Linux v4.17.10	2018-07-25 09:12:42 -05:00
Justin M. Forbes	50f0a3682d	Linux v4.17.9	2018-07-23 14:38:59 -05:00
Jeremy Cline	635afafc7b	Fix iwlwifi load failure on some hardware (rbhz 1607092)	2018-07-23 09:55:22 -04:00
Justin M. Forbes	39a8ad911d	Comment out bad xhci patch until I can track down what's really needed	2018-07-17 10:51:52 -05:00
Justin M. Forbes	9faa0a329f	Fix for i686 that will eventually be 4.17.8	2018-07-17 10:29:38 -05:00
Justin M. Forbes	f526cdc715	Linux v4.17.7	2018-07-17 09:42:02 -05:00
Jeremy Cline	3bef8a1760	Fix perceived dead xhci host (rhbz 1597333)	2018-07-13 10:27:41 -04:00
Jeremy Cline	6ccfea9eca	Avoid an early WARN_ON in Xen (rhbz 1592976)	2018-07-12 13:17:10 -04:00
Dan Horák	127beecb11	enable HDA sound drivers on PPC	2018-07-12 12:49:44 -04:00
Jeremy Cline	51cc9d3a62	Linux v4.17.6	2018-07-11 15:50:36 -04:00
Jeremy Cline	807bacdbd3	Add device ID for RTL8822BE in the Asus ROG GL702ZC (rhbz 1599917)	2018-07-11 09:41:41 -04:00
Jeremy Cline	c50701879a	Fix for CVE-2018-13095 depends on 7d71a671a2d9 The build 4.17.5 build failed because "fa" was not declared. Signed-off-by: Jeremy Cline <jcline@redhat.com>	2018-07-09 12:42:46 -04:00
Jeremy Cline	c6f9dc8803	Linux v4.17.5	2018-07-09 12:01:10 -04:00
Justin M. Forbes	5ec032cfa0	Fix CVE-2018-13053 CVE-2018-12896 CVE-2018-13093 CVE-2018-13094 CVE-2018-13095	2018-07-05 09:31:30 -05:00
Peter Robinson	4723878682	minor tegra 186 tweaks	2018-07-05 12:17:00 +01:00
Peter Robinson	f3af3aa6ab	Enable Tegra194 SoC	2018-07-05 12:15:17 +01:00
Justin M. Forbes	d7febc550b	Linux v4.17.4	2018-07-03 08:29:41 -05:00
Jeremy Cline	f17b62cb59	Bring back the revert for rhbz 1572944	2018-06-29 09:48:43 -04:00
Peter Robinson	1ebe0dd256	drop unnessary patches	2018-06-29 13:29:48 +01:00
Laura Abbott	b1c4f44bae	Enable leds-pca9532 module (rhbz 1595163)	2018-06-28 09:32:11 -04:00
Jeremy Cline	dea0f108e2	Fix CVE-2018-12714 (rhbz 1595835 1595837)	2018-06-28 09:23:57 -04:00
Jeremy Cline	7343689b34	Linux v4.17.3	2018-06-26 09:33:54 -04:00
Laura Abbott	687d20f6e8	Fix for armv7 siginfo ABI regression (rhbz 1591516)	2018-06-25 14:02:32 -07:00
Laura Abbott	1af46037fb	Some webcam fixes (rhbz 1592454 1590304)	2018-06-25 11:05:52 -07:00
Justin M. Forbes	052e62cec7	Fix CVE-2018-12633 (rhbz 1594170 1594172)	2018-06-22 11:37:42 -05:00
Laura Abbott	c9cb169d5e	Fix for Xen MTU issue (rhbz 1584216)	2018-06-21 14:15:09 -07:00
Peter Robinson	a94d1056ee	Add fix for 96boards DB410c	2018-06-21 16:09:41 +01:00
Jeremy Cline	0426af398e	Don't log an error if RTC_NVMEM isn't enabled (rhbz 1568276)	2018-06-19 09:29:34 -04:00
Jeremy Cline	bf4104477e	Re-apply 3 patches that got lost during the rebase	2018-06-19 09:28:57 -04:00
Justin M. Forbes	ac63c81fef	Linux v4.17.2 Rebase	2018-06-18 11:46:07 -05:00
Jeremy Cline	9ea83b4034	Linux v4.16.16	2018-06-16 22:28:29 -04:00
Jeremy Cline	aeed1b0b0d	Fix kexec_file_load pefile signature verification (rhbz 1470995)	2018-06-13 09:54:44 -04:00
Jeremy Cline	481fd57c00	Fix a crash in ath10k when bandwidth changes (rhbz 1577106)	2018-06-13 09:22:23 -04:00
Justin M. Forbes	db967e16ae	Fix CVE-2018-12232 (rhbz 1590215 1590216)	2018-06-12 16:31:33 -05:00
Jeremy Cline	985188b446	Linux v4.16.15	2018-06-11 20:02:29 -04:00
Jeremy Cline	349bbc6126	Fix for the keyboard backlight on Dell XPS 13 9370	2018-06-11 19:59:27 -04:00
Justin M. Forbes	088f35853b	Fix CVE-2018-10853 (rhbz 1589890 1589892)	2018-06-11 16:15:37 -05:00
Jeremy Cline	659cba17dc	Enable CONFIG_SCSI_DH* for s390x (rhbz 1586189)	2018-06-05 17:14:56 -04:00
Jeremy Cline	930c3373a2	Linux v4.16.14	2018-06-05 11:49:39 -04:00
Jeremy Cline	bb91673878	Drop SanDisk SD7UB3Q*G1001 NOLPM quirk (rhbz 1583207)	2018-06-04 13:39:16 -04:00
Jeremy Cline	e404002dcb	Linux v4.16.13	2018-05-30 09:57:48 -04:00
Jeremy Cline	e371f88c37	Linux v4.16.12 Also includes the fix for CVE-2018-10840 (rhbz 1582346 1582348)	2018-05-25 16:20:37 -04:00
Jeremy Cline	4edac0b8be	Fix for incorrect error message about parsing PCCT (rhbz 1435837)	2018-05-25 10:57:07 -04:00
Jeremy Cline	bf70f2b607	Linux v4.16.11	2018-05-22 14:00:45 -04:00
Justin M. Forbes	5dd124110c	Fix CVE-2018-3639 (rhbz 1566890 1580713)	2018-05-21 16:22:48 -05:00
Jeremy Cline	0ccf8741f6	Linux v4.16.10	2018-05-21 09:48:40 -04:00
Hans de Goede	c3e1a8474b	Enable GPIO_AMDPT, PINCTRL_AMD and X86_AMD_PLATFORM_DEVICE Kconfig options This fixes i2c and GPIOs not working on AMD based laptops (rhbz#1510649)	2018-05-20 15:46:04 +02:00
Justin M. Forbes	9ec8353f72	Fix CVE-2018-1120 (rhbz 1575472 1579542)	2018-05-17 16:31:21 -05:00
Jeremy Cline	2a6c422405	Linux v4.16.9	2018-05-17 00:07:43 -04:00
Jeremy Cline	a15aa7f1f8	Silence unwanted "swiotlb buffer is full" warnings (rhbz 1556797)	2018-05-15 21:45:22 -04:00
Jeremy Cline	c3b0254aa8	Only set ARM64_ERRATUM_1024718 for aarch64 Obviously this erratum only applies to aarch64 so don't set it for other ARM kernels.	2018-05-11 09:58:57 -04:00
Jeremy Cline	7a92c28cfe	Work around firmware issue on X-Gene based m400 (rhbz 1574718)	2018-05-09 19:28:57 -04:00
Jeremy Cline	37fd2efdfa	Linux v4.16.8	2018-05-09 09:40:17 -04:00
Jeremy Cline	d6c10be787	Backport fix for KVM on core 2 processors (rhbz 1566258)	2018-05-07 15:31:40 -04:00
Peter Robinson	181fb4b726	add USB_TEGRA_PHY config	2018-05-07 15:08:23 +01:00
Peter Robinson	aaead6e756	Fix USB-2 on Tegra devices	2018-05-07 15:01:04 +01:00
Peter Robinson	f222561204	ARM and Raspberry Pi fixes	2018-05-06 23:58:18 +01:00
Hendrik Brueckner	3e369019cc	kernel.spec: build and package bzImage on s390 For s390, build and package the compressed kernel image. Signed-off-by: Hendrik Brueckner <brueckner@linux.ibm.com>	2018-05-04 14:05:52 -07:00
Laura Abbott	9747cecd42	Fix for building out of tree modules on powerpc (rhbz 1574604)	2018-05-04 13:15:06 -07:00
Justin M. Forbes	ff6ae77804	Fix CVE-2018-10322 CVE-2018-10323	2018-05-04 11:52:24 -05:00
Jeremy Cline	7cceef9fc8	Build HW_RANDOM_VIRTIO in rather than as a module This helps when early boot needs the CRNG initialized (rhbz 1572944).	2018-05-02 18:23:00 -04:00
Jeremy Cline	c493f8d453	Linux v4.16.7	2018-05-02 15:35:24 -04:00
Jeremy Cline	a7ee398569	Revert the entire random series from 4.16.4 (rhbz 1572944)	2018-05-01 18:58:33 -04:00
Jeremy Cline	5f3a25bb12	Revert "random: fix crng_ready() test" (rhbz 1572944)	2018-05-01 14:44:26 -04:00
Jeremy Cline	68e84c56ee	Linux v4.16.6	2018-04-30 09:34:03 -04:00
Peter Robinson	fd135da1f4	drop RPi usb fix as it was fixed upstream differently with commit 723288836628	2018-04-30 00:55:24 +01:00
Jeremy Cline	fb9c6479b1	Linux v4.16.5	2018-04-27 13:12:12 -04:00
Jeremy Cline	77fc3c609d	Fix a bluetooth autosuspend issue on some XPS 13s (rhbz 1514836)	2018-04-27 13:10:02 -04:00
Peter Robinson	1f3a1fc075	Enable QLogic NICs on ARM	2018-04-27 10:42:54 +01:00
Jeremy Cline	8b93f92022	Fix a kernel oops when using Thunderbolt 3 docks (rhbz 1565131)	2018-04-25 15:20:25 -04:00
Jeremy Cline	8630265198	Fix a regression in backlight interfaces for some laptops (rhbz 1571036)	2018-04-24 17:48:58 -04:00
Jeremy Cline	83209239d1	Linux v4.16.4	2018-04-24 11:48:55 -04:00
Jeremy Cline	279f39904e	Revert "Revert "Bump release for a build that includes rhbz 1531140"" This reverts commit `a8b40b2ec1`.	2018-04-23 18:11:27 -04:00
Jeremy Cline	8803f4784b	Revert "Revert "Latest RPi3+ patches, RPi fixes, further lan78xx patches (some from 4.17, some under review), fixes for Marvell a37xx EspressoBin"" This reverts commit `feae0be2a7`.	2018-04-23 18:11:25 -04:00
Jeremy Cline	92873c44ba	Revert "Revert "Enable on ARMv7 for i.MX"" This reverts commit `276205a018`.	2018-04-23 18:11:23 -04:00
Jeremy Cline	9c1607982a	Revert "Bump the release for a build that only includes RHBZ 1531140" This reverts commit `7d6e2552b7`.	2018-04-23 18:11:22 -04:00
Jeremy Cline	7d6e2552b7	Bump the release for a build that only includes RHBZ 1531140	2018-04-23 17:57:24 -04:00
Jeremy Cline	276205a018	Revert "Enable on ARMv7 for i.MX" This reverts commit `42d382586b`.	2018-04-23 17:56:24 -04:00
Jeremy Cline	feae0be2a7	Revert "Latest RPi3+ patches, RPi fixes, further lan78xx patches (some from 4.17, some under review), fixes for Marvell a37xx EspressoBin" This reverts commit `ce55d365ba`.	2018-04-23 17:56:23 -04:00
Jeremy Cline	a8b40b2ec1	Revert "Bump release for a build that includes rhbz 1531140" This reverts commit `6e3f46319c`.	2018-04-23 17:56:22 -04:00
Jeremy Cline	6e3f46319c	Bump release for a build that includes rhbz 1531140	2018-04-23 17:31:17 -04:00
Peter Robinson	ce55d365ba	Latest RPi3+ patches, RPi fixes, further lan78xx patches (some from 4.17, some under review), fixes for Marvell a37xx EspressoBin	2018-04-23 17:16:43 +01:00
Peter Robinson	42d382586b	Enable on ARMv7 for i.MX	2018-04-22 22:56:08 +01:00
Peter Robinson	fa3b85b25c	Add quirk patch to fix X-Gene 1 console on HP m400/Mustang (RHBZ 1531140)	2018-04-21 15:34:26 +01:00
Peter Robinson	5c3e312120	actually add the full PocketBeagle DT	2018-04-19 19:37:43 +01:00
Jeremy Cline	280956f686	Linux v4.16.3	2018-04-19 13:08:25 -04:00
Peter Robinson	8d319f1cc8	Add support for Pocket Beagle	2018-04-19 17:10:57 +01:00
Peter Robinson	4f7721a7a3	Enable UFS storage options on ARM	2018-04-19 17:03:56 +01:00
Jeremy Cline	8abaa9101d	Revert "Enable CONFIG_DRM on s390x (rhbz 1569086)" It turns out this depends on CONFIG_VT which depends on !S390 This reverts commit `0ec9f4d319`.	2018-04-19 11:50:24 -04:00
Jeremy Cline	0ec9f4d319	Enable CONFIG_DRM on s390x (rhbz 1569086)	2018-04-18 13:42:21 -04:00
Peter Robinson	64e9c49481	Enable drivers for Xilinx ZYMQ-MP Ultra96	2018-04-18 00:10:20 +01:00
Peter Robinson	823336e6f0	Tegra TX fixes attempt 2	2018-04-17 14:28:16 +01:00
Peter Robinson	3a398481db	Fix Tegra TX series firmware/thermal interface	2018-04-17 14:18:51 +01:00
Laura Abbott	8a0bdfe4ec	Fix for hang on removal of macsec module (rhbz 1566410)	2018-04-16 10:24:28 -07:00
Peter Robinson	d509340556	Disable tps65217-charger on BeagleBone to fix USB-OTG port rhbz 1487399	2018-04-12 17:38:06 +01:00
Peter Robinson	a4a909da35	Add fix for the BeagleBone boot failure	2018-04-12 15:33:27 +01:00
Peter Robinson	ea29e15179	Merge branch 'f28' of ssh://pkgs.fedoraproject.org/rpms/kernel into f28	2018-04-12 15:32:58 +01:00
Jeremy Cline	7cc4b3157b	Linux v4.16.2	2018-04-12 09:25:03 -04:00
Peter Robinson	600b8a52ba	Fix for OF i2c module aliases, Fix for nvmem on AllWinner H3/H5 SoCs	2018-04-12 13:55:49 +01:00
Peter Robinson	570585ecda	Further fix for ThunderX ZIP driver - not had a decent review upstream, yet, seems mostly sane	2018-04-12 13:21:57 +01:00
Peter Robinson	d666622eac	fix nouveau on Tegra, Enable IOMMU on Exynos	2018-04-12 08:29:41 +01:00
Jeremy Cline	fb22a071cc	Apply the IPMI fixes patch from F27	2018-04-09 14:22:10 -04:00
Peter Robinson	af313c9728	More fixes for Raspberry Pi 3+ lan78xx ethernet interface, Fixes for Cavium ThunderX ZIP driver stability	2018-04-09 18:30:51 +01:00
Jeremy Cline	d1b9c24e94	Download patch signatures and verify them Before uploading the source files, verify the GPG signature is good. Signed-off-by: Jeremy Cline <jeremy@jcline.org>	2018-04-09 11:32:01 -04:00
Jeremy Cline	12d6dcc62b	Linux v4.16.1	2018-04-09 11:02:24 -04:00
Peter Robinson	8dcb1eca9c	drop a couple of no longer needed ARM patches, renumber ARM patch list	2018-04-09 14:47:36 +01:00
Peter Robinson	c015ddfa3a	Move to the 300 series builds now rawhide will diverge, bump and build for RPi3+	2018-04-03 01:13:56 +01:00
Peter Robinson	748ac1b79c	Improvements for the Raspberry Pi 3+, Fixes and minor improvements to Raspberry Pi 2/3	2018-04-02 18:39:05 +01:00
Jeremy Cline	d2a389eae3	Linux v4.16 Disable debugging options.	2018-04-02 10:07:33 -04:00
Jeremy Cline	e8e939e08e	Fix for NFS mounts with Kerberos (rhbz 1558977)	2018-03-29 12:43:55 -04:00
Peter Robinson	a990c4e11c	drop removed X86_PPRO_FENCE config option	2018-03-29 12:43:35 -04:00
Jeremy Cline	7ff201a48b	Linux v4.16-rc7	2018-03-26 10:21:22 -04:00
Peter Robinson	7f079ede7b	Enable initial config for Xilinx ZynqMP platforms	2018-03-26 10:21:21 -04:00
Jeremy Cline	7079600beb	Fix efi-lockdown.patch for upstream BPF change Commit 0fa4fe85f472 ("bpf: skip unnecessary capability check") switched the if statement around. Signed-off-by: Jeremy Cline <jeremy@jcline.org>	2018-03-26 10:21:21 -04:00
Peter Robinson	583289fed5	Wifi fixes for QCom DragonBoard 410c, drop reference to upstreamed bcm283x patch	2018-03-26 10:21:21 -04:00
Jeremy Cline	6ff5dec3b8	Reset the baserelease to 1	2018-03-20 10:19:12 -07:00
Peter Jones	165bdf837b	Make BLS 'id' and 'version' fields include if it's a debug variant or not. Signed-off-by: Peter Jones <pjones@redhat.com>	2018-03-20 11:35:37 -04:00
Javier Martinez Canillas	c207367127	Include version field to generated BLS configuration fragment The BootLoaderSpec defines an optional version field that contains a human readable version string for the menu item. This can be used by bootloaders to set the boot menu item names instead of the optional title field. For example the zipl bootloader used by s390x architecture doesn't support names that contains spaces, so it uses the kernel version as the item name. Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>	2018-03-19 11:50:17 -07:00
Jeremy Cline	20dbc319c3	Linux v4.16-rc6	2018-03-19 09:10:51 -07:00
Jeremy Cline	a48c15e5eb	Disable debugging options.	2018-03-19 09:02:20 -07:00
Peter Robinson	378d5c554c	Initial Raspberry Pi 3+ support rpi3: add the gpio expander for the 3+ too	2018-03-19 09:01:41 -07:00
Hans de Goede	34439c7842	Add release-note about disabling CONFIG_VBOXGUEST for F27 and earlier	2018-03-19 08:56:55 -07:00
Laura Abbott	e371c522a9	Temporarily workaround gcc warning New gcc, new warnings: ../lib/str_error_r.c: In function ‘str_error_r’: ../lib/str_error_r.c:25:3: error: passing argument 1 to restrict-qualified parameter aliases with argument 5 [-Werror=restrict] snprintf(buf, buflen, "INTERNAL ERROR: strerror_r(%d, %p, %zd)=%d", errnum, buf, buflen, err); ^~~~~~~~ cc1: all warnings being treated as errors Bring in a quick fix for now.	2018-03-19 08:55:42 -07:00
Jeremy Cline	21a841fa40	Bump the release to rebuild rc5.git0 with aarch64 fix	2018-03-14 09:44:31 -04:00
Laura Abbott	b7b49982b4	Fix for boot hang on arm64 (rhbz 1554954)	2018-03-14 09:43:31 -04:00
Jeremy Cline	2758d24adf	Revert "Enable IMA (rhbz 790008)" This reverts commit `bb540d20c6`. A recent change to the EFI lockdown patch forces IMA policy to be loaded when secureboot is used. Unfortunately, we don't have all the pieces in place to have all components fully signed. A F29 change request is planned to address this, so disable IMA for F28.	2018-03-12 15:31:15 -04:00