rpms
/
kernel
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
3,017 Commits 69 Branches 0 Tags 274 MiB
Shell 87.1%
Python 9%
Perl 3.9%
Go to file
Josh Boyer f0cec8a3bb CVE-2016-1237 missing check for permissions setting ACL (rhbz 1350845 1350847) 2016-06-28 13:26:11 -04:00
scripts Add check-configs.pl script from Paul Bolle 2014-11-11 09:57:11 -05:00
.gitignore add kernel-4* to .gitignore 2015-03-13 12:54:51 -04:00
0001-drm-i915-Pretend-cursor-is-always-on-for-ILK-style-W.patch Fix for flickering on Intel graphics (rhbz 1310252 1313318) 2016-03-02 10:39:41 -08:00
0001-usb-hub-fix-panic-in-usb_reset_and_verify_device.patch Linux v4.4.3 2016-02-26 10:58:46 -08:00
ACPI-Limit-access-to-custom_method.patch Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
ALSA-timer-Fix-leak-in-SNDRV_TIMER_IOCTL_PARAMS.patch CVE-2016-4569 info leak in sound module (rhbz 1334643 1334645) 2016-05-10 08:18:51 -04:00
ALSA-timer-Fix-leak-in-events-via-snd_timer_user_cca.patch CVE-2016-4569 info leak in sound module (rhbz 1334643 1334645) 2016-05-10 08:18:51 -04:00
ALSA-timer-Fix-leak-in-events-via-snd_timer_user_tin.patch CVE-2016-4569 info leak in sound module (rhbz 1334643 1334645) 2016-05-10 08:18:51 -04:00
ARM-tegra-usb-no-reset.patch Linux v4.2.3 2015-10-07 16:39:21 -05:00
Add-EFI-signature-data-types.patch Linux v4.4.3 2016-02-26 10:58:46 -08:00
Add-an-EFI-signature-blob-parser-and-key-loader.patch Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
Add-option-to-automatically-enforce-module-signature.patch Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
Add-secure_modules-call.patch Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
Add-sysrq-option-to-disable-secure-boot-mode.patch Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
HID-chicony-Add-support-for-Acer-Aspire-Switch-12.patch Patch from Nicholas Kudriavtsev for Acer Switch 12 Fn keys (rhbz 1244511) 2015-08-04 14:32:11 -04:00
HID-hid-input-Fix-accessing-freed-memory-during-devi.patch Fix use after free in HID input (rhbz 1251877 1251880 1250279 1248741) 2015-08-10 08:56:44 -07:00
HID-hiddev-validate-num_values-for-HIDIOCGUSAGES-HID.patch CVE-2016-5829 heap overflow in hiddev (rhbz 1350509 1350513) 2016-06-27 12:01:49 -04:00
HID-multitouch-enable-palm-rejection-if-device-imple.patch Add patch to fix palm rejection on certain touchpads (rhbz 1287819) 2015-12-03 11:01:02 -05:00
HID-sony-do-not-bail-out-when-the-sixaxis-refuses-th.patch Backport HID sony patch to fix some gamepads (rhbz 1255235) 2016-01-29 15:25:26 -05:00
HID-wacom-fix-Bamboo-ONE-oops.patch Fix Bamboo ONE issues (rhbz 1317116) 2016-04-12 08:13:12 -04:00
Input-synaptics-pin-3-touches-when-the-firmware-repo.patch Linux v4.1.2 rebase 2015-07-15 11:26:14 -07:00
KEYS-Add-a-system-blacklist-keyring.patch Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
KEYS-Fix-ASN.1-indefinite-length-object-parsing.patch CVE-2016-0758 pointer corruption in asn1 decoder (rhbz 1300257 1335386) 2016-05-13 08:14:16 -04:00
KEYS-potential-uninitialized-variable.patch CVE-2016-4470 keys: uninitialized variable crash (rhbz 1341716 1346626) 2016-06-15 09:38:47 -04:00
Kbuild-Add-an-option-to-enable-GCC-VTA.patch Linux v4.2.3 2015-10-07 16:39:21 -05:00
MODSIGN-Import-certificates-from-UEFI-Secure-Boot.patch Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
MODSIGN-Support-not-importing-certs-from-db.patch Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
Makefile Linux v3.19-rc2 2015-01-05 16:09:49 -05:00
Makefile.config Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
Makefile.release Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
PCI-Lock-down-BAR-access-when-module-security-is-ena.patch Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
PNP-Add-Broadwell-to-Intel-MCH-size-workaround.patch Fix backtrace from PNP conflict on Broadwell (rhbz 1083853) 2016-01-12 12:02:09 -05:00
PNP-Add-Haswell-ULT-to-Intel-MCH-size-workaround.patch Fix backtrace from PNP conflict on Haswell-ULT (rhbz 1300955) 2016-01-22 12:56:43 -05:00
PatchList.txt Linux v3.13-rc1-77-g4c1cc40 2013-11-24 08:42:45 -05:00
README.txt document inheritance/heirarchy of config generation 2012-01-13 15:42:52 -05:00
Restrict-dev-mem-and-dev-kmem-when-module-loading-is.patch Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
TODO re-enable RCU_FAST_NO_HZ, enable NO_HZ_FULL on x86_64 2014-09-17 13:10:12 -05:00
USB-usbfs-fix-potential-infoleak-in-devio.patch CVE-2016-4482 info leak in devio.c (rhbz 1332931 1332932) 2016-05-04 08:16:22 -04:00
acpi-Ignore-acpi_rsdp-kernel-parameter-when-module-l.patch Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
acpi-video-Add-force-native-backlight-quirk-for-Leno.patch Refresh from git tree 2015-05-07 08:15:54 -04:00
acpi-video-Allow-forcing-native-backlight-on-non-win.patch Refresh from git tree 2015-05-07 08:15:54 -04:00
alua_fix.patch Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
arm-dts-am335x-bone-common-add-uart2_pins-uart4_pins.patch Refresh from git tree 2015-06-23 09:06:14 -04:00
arm-dts-am335x-boneblack-add-cpu0-opp-points.patch Refresh from git tree 2015-05-07 08:15:54 -04:00
arm-dts-am335x-boneblack-lcdc-add-panel-info.patch Refresh from git tree 2015-05-07 08:15:54 -04:00
arm-i.MX6-Utilite-device-dtb.patch Refresh from git tree 2015-05-07 08:15:54 -04:00
arm64-acpi-drop-expert-patch.patch Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
arm64-avoid-needing-console-to-enable-serial-console.patch Linux v4.4.3 2016-02-26 10:58:46 -08:00
asus-wmi-Restrict-debugfs-interface-when-module-load.patch Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
ath9k-rx-dma-stop-check.patch Refresh from git tree 2015-05-07 08:15:54 -04:00
bluetooth-Validate-socket-address-length-in-sco_sock.patch CVE-2015-8575 information leak in sco_sock_bind (rhbz 1292840 1292841) 2015-12-18 08:57:18 -05:00
cdc_ncm-do-not-call-usbnet_link_change-from-cdc_ncm_.patch CVE-2016-3951 usbnet: crash on invalid USB descriptors (rhbz 1324782 1324815) 2016-04-11 09:52:24 -04:00
config-arm-generic Bring missed 4.4 ARMv7 fixes from F-23 kernel, Fix deferred nouveau module loading on tegra 2016-02-27 11:31:21 +00:00
config-arm64 Linux v4.4.3 2016-02-26 10:58:46 -08:00
config-armv7 Bring missed 4.4 ARMv7 fixes from F-23 kernel, Fix deferred nouveau module loading on tegra 2016-02-27 11:31:21 +00:00
config-armv7-generic Enable IEEE802154_AT86RF230 on more arches (rhbz 1330356) 2016-04-26 11:13:13 -04:00
config-armv7-lpae Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
config-debug Linux v4.4.3 2016-02-26 10:58:46 -08:00
config-generic Enable IEEE802154_AT86RF230 on more arches (rhbz 1330356) 2016-04-26 11:13:13 -04:00
config-i686-PAE Remove all references to unknown Kconfig symbols 2014-10-02 08:26:50 -04:00
config-local Add support for local rebuild config option overrides 2011-01-10 17:37:27 -05:00
config-no-extra disable extras on arm 2013-10-03 12:22:16 -04:00
config-nodebug Linux v4.4.3 2016-02-26 10:58:46 -08:00
config-powerpc64 Linux v4.2.3 2015-10-07 16:39:21 -05:00
config-powerpc64-generic Linux v4.4.3 2016-02-26 10:58:46 -08:00
config-powerpc64le Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
config-powerpc64p7 Linux v4.2.3 2015-10-07 16:39:21 -05:00
config-s390x Linux v4.4.3 2016-02-26 10:58:46 -08:00
config-x86-32-generic Linux v4.2.3 2015-10-07 16:39:21 -05:00
config-x86-generic Switch back to not using CONFIG_ACPI_REV_OVERRIDE_POSSIBLE 2016-03-03 18:03:32 -08:00
config-x86_64-generic Linux v4.4.3 2016-02-26 10:58:46 -08:00
cpupower.config Create the kernel-tools package. WHEE 2011-08-17 21:19:57 -04:00
cpupower.service Create the kernel-tools package. WHEE 2011-08-17 21:19:57 -04:00
crash-driver.patch Linux v4.2.3 2015-10-07 16:39:21 -05:00
criu-no-expert.patch Linux v4.2.3 2015-10-07 16:39:21 -05:00
die-floppy-die.patch Refresh from git tree 2015-05-07 08:15:54 -04:00
disable-i8042-check-on-apple-mac.patch Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
drm-i915-hush-check-crtc-state.patch Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
drm-i915-turn-off-wc-mmaps.patch Linux v4.1.2 rebase 2015-07-15 11:26:14 -07:00
drm-vmwgfx-Allow-dropped-masters-render-node-like-ac.patch Fix vmware driver issues from Thomas Hellström (rhbz 1227193) 2015-08-27 13:45:32 -04:00
efi-Add-EFI_SECURE_BOOT-bit.patch Linux v4.4.3 2016-02-26 10:58:46 -08:00
efi-Disable-secure-boot-if-shim-is-in-insecure-mode.patch Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
efi-Make-EFI_SECURE_BOOT_SIG_ENFORCE-depend-on-EFI.patch Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
filter-aarch64.sh Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
filter-armv7hl.sh Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
filter-i686.sh Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
filter-modules.sh Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
filter-ppc64.sh Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
filter-ppc64le.sh Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
filter-ppc64p7.sh Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
filter-s390x.sh Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
filter-x86_64.sh Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
firmware-Drop-WARN-from-usermodehelper_read_trylock-.patch Linux v4.2.3 2015-10-07 16:39:21 -05:00
hibernate-Disable-in-a-signed-modules-environment.patch Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
hp-wmi-fix-wifi-cannot-be-hard-unblock.patch hp-wmi: fix wifi cannot be hard-unblock (rhbz 1338025) 2016-06-15 14:11:15 -07:00
iSCSI-let-session-recovery_tmo-sysfs-writes-persist.patch Fix iscsi issue (rhbz 1253789) 2015-08-17 11:47:25 -04:00
ideapad-laptop-Add-Lenovo-Yoga-3-14-to-no_hw_rfkill-.patch Patch from Hans de Goede to add yoga 3 rfkill quirk (rhbz 1239050) 2015-08-15 20:59:03 -04:00
input-kill-stupid-messages.patch Linux v4.2.3 2015-10-07 16:39:21 -05:00
input-silence-i8042-noise.patch Linux v4.2.3 2015-10-07 16:39:21 -05:00
kbuild-AFTER_LINK.patch Linux v4.4.4 2016-03-03 17:53:18 -08:00
kernel.spec CVE-2016-1237 missing check for permissions setting ACL (rhbz 1350845 1350847) 2016-06-28 13:26:11 -04:00
kexec-Disable-at-runtime-if-the-kernel-enforces-modu.patch Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
kexec-uefi-copy-secure_boot-flag-in-boot-params.patch Linux v4.2.3 2015-10-07 16:39:21 -05:00
lib-cpumask-Make-CPUMASK_OFFSTACK-usable-without-deb.patch Linux v4.2.3 2015-10-07 16:39:21 -05:00
lis3-improve-handling-of-null-rate.patch Linux v4.2.3 2015-10-07 16:39:21 -05:00
media-ivtv-avoid-going-past-input-audio-array.patch Fix issues with ivtv driver on PVR350 devices (rhbz 1278942) 2016-01-28 15:43:15 -05:00
merge.pl initial srpm import 2010-07-29 16:46:31 -07:00
mfd-wm8994-Ensure-that-the-whole-MFD-is-built-into-a.patch Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
misc-mic-Fix-for-double-fetch-security-bug-in-mic_co.patch CVE-2016-5728 race condition in mic driver (rhbz 1350811 1350812) 2016-06-28 10:02:40 -04:00
mod-extra.list Add USBIP drivers to kernel-modules-extra 2014-12-17 12:28:18 -05:00
mod-extra.sh Prep mod-extra.sh for signed modules 2012-09-25 13:22:00 -04:00
mod-sign.sh simplify the signing stuff now that sign-file takes pub/priv key args 2013-03-28 16:33:21 -04:00
net-add-validation-for-the-socket-syscall-protocol-a.patch CVE-2015-8543 ipv6: DoS via NULL pointer dereference (rhbz 1290475 1290477) 2015-12-15 10:59:07 -05:00
netfilter-x_tables-check-for-size-overflow.patch CVE-2016-3135 netfilter: size overflow in x_tables (rhbz 1317386 1317387) 2016-03-14 08:46:22 -04:00
netfilter-x_tables-deal-with-bogus-nextoffset-values.patch Linux v4.4.14 2016-06-24 13:56:52 -07:00
nfsd-check-permissions-when-setting-ACLs.patch CVE-2016-1237 missing check for permissions setting ACL (rhbz 1350845 1350847) 2016-06-28 13:26:11 -04:00
no-pcspkr-modalias.patch Refresh from git tree 2015-05-07 08:15:54 -04:00
nv46-Change-mc-subdev-oclass-from-nv44-to-nv4c.patch Add patch from Hans de Goede to fix nv46 based cards (rhbz 1257534) 2015-08-27 10:50:53 -04:00
pinctrl-pinctrl-single-must-be-initialized-early.patch Refresh from git tree 2015-05-07 08:15:54 -04:00
posix_acl-Add-set_posix_acl.patch CVE-2016-1237 missing check for permissions setting ACL (rhbz 1350845 1350847) 2016-06-28 13:26:11 -04:00
pptp-verify-sockaddr_len-in-pptp_bind-and-pptp_conne.patch CVE-2015-8569 info leak from getsockname (rhbz 1292045 1292047) 2015-12-17 08:22:07 -05:00
rds-fix-an-infoleak-in-rds_inc_info_copy.txt CVE-2016-5244 info leak in rds (rhbz 1343338 1343337) 2016-06-07 08:25:14 -04:00
rebase-notes.txt rebase-notes: no X32 2012-03-19 20:54:31 -04:00
regulator-axp20x-module-alias.patch Linux v4.2.3 2015-10-07 16:39:21 -05:00
scsi-sd_revalidate_disk-prevent-NULL-ptr-deref.patch Linux v4.4.3 2016-02-26 10:58:46 -08:00
sctp-Prevent-soft-lockup-when-sctp_accept-is-called-.patch CVE-2015-8767 sctp: DoS during timeout (rhbz 1297389 1298437) 2016-01-15 08:56:27 -05:00
silence-fbcon-logo.patch Linux v4.2.3 2015-10-07 16:39:21 -05:00
sources Linux v4.4.14 2016-06-24 13:56:52 -07:00
tipc-fix-an-infoleak-in-tipc_nl_compat_link_dump.patch CVE-2016-5243 info leak in tipc (rhbz 1343338 1343335) 2016-06-07 08:18:46 -04:00
vmwgfx-Rework-device-initialization.patch Fix vmware driver issues from Thomas Hellström (rhbz 1227193) 2015-08-27 13:45:32 -04:00
watchdog-Disable-watchdog-on-virtual-machines.patch Linux v4.4.3 2016-02-26 10:58:46 -08:00
x86-Lock-down-IO-port-access-when-module-security-is.patch Linux v4.4.7 2016-04-12 14:32:05 -07:00
x86-Restrict-MSR-access-when-module-loading-is-restr.patch Rebase to 4.3.y 2016-01-19 16:29:42 -05:00
x86-apic-Fix-fallout-from-x2apic-cleanup.patch Fix x2apic refactoring breakage (rhbz 1224764) 2015-08-25 19:29:47 -07:00
x86-efi-bgrt-Switch-all-pr_err-to-pr_debug-for-inval.patch Don't splash warnings from broken BGRT firmware implementations 2016-04-28 08:37:40 -04:00
x86-mm-32-Enable-full-randomization-on-i386-and-X86_.patch Enable Full Randomization on 32bit x86 CVE-2016-3672 (rhbz 1324749 1324750) 2016-04-07 12:16:20 -05:00
x509.genkey Switch to using modsign-post-KS upstream with x509 certs 2012-09-25 13:22:04 -04:00
xen-pciback-Don-t-disable-PCI_COMMAND-on-PCI-device-.patch Refresh from git tree 2015-05-07 08:15:54 -04:00

README.txt 

		Kernel package tips & tricks.
		~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

The kernel is one of the more complicated packages in the distro, and
for the newcomer, some of the voodoo in the spec file can be somewhat scary.
This file attempts to document some of the magic.


Speeding up make prep
---------------------
The kernel is nearly 500MB of source code, and as such, 'make prep'
takes a while. The spec file employs some trickery so that repeated
invocations of make prep don't take as long.  Ordinarily the %prep
phase of a package will delete the tree it is about to untar/patch.
The kernel %prep keeps around an unpatched version of the tree,
and makes a symlink tree clone of that clean tree and than applies
the patches listed in the spec to the symlink tree.
This makes a huge difference if you're doing multiple make preps a day.
As an added bonus, doing a diff between the clean tree and the symlink
tree is slightly faster than it would be doing two proper copies of the tree.


build logs.
-----------
There's a convenience helper script in scripts/grab-logs.sh
that will grab the build logs from koji for the kernel version reported
by make verrel


config heirarchy.
-----------------
Instead of having to maintain a config file for every arch variant we build on,
the kernel spec uses a nested system of configs.  At the top level, is
config-generic. Add options here that should be present in every possible
config on all architectures.

Beneath this are per-arch overrides. For example config-x86-generic add
additional x86 specific options, and also _override_ any options that were
set in config-generic.

The heirarchy looks like this..

                           config-generic
                                 |
                         config-x86-generic
                         |                |
             config-x86-32-generic   config-x86-64-generic

An option set in a lower level will override the same option set in one
of the higher levels.


There exist two additional overrides, config-debug, and config-nodebug,
which override -generic, and the per-arch overrides. It is documented
further below.


debug options.
--------------
This is a little complicated, as the purpose & meaning of this changes
depending on where we are in the release cycle.
If we are building for a current stable release, 'make release' has
typically been run already, which sets up the following..
- Two builds occur, a 'kernel' and a 'kernel-debug' flavor.
- kernel-debug will get various heavyweight debugging options like
  lockdep etc turned on.

If we are building for rawhide, 'make debug' has been run, which changes
the status quo to:
- We only build one kernel 'kernel'
- The debug options from 'config-debug' are always turned on.
This is done to increase coverage testing, as not many people actually
run kernel-debug.

To add new debug options, add an option to _both_ config-debug and config-nodebug,
and also new stanzas to the Makefile 'debug' and 'release' targets.

Sometimes debug options get added to config-generic, or per-arch overrides
instead of config-[no]debug. In this instance, the options should have no
discernable performance impact, otherwise they belong in the debug files.