[linux] 05/05: Explicitly mark some patches as Forwarded: no or not-needed
debian-kernel at lists.debian.org
debian-kernel at lists.debian.org
Tue Apr 18 03:20:45 UTC 2017
This is an automated email from the git hooks/post-receive script.
benh pushed a commit to branch sid
in repository linux.
commit 22e8e7af28b3094fb7a36fffc70889345d5df94d
Author: Ben Hutchings <ben at decadent.org.uk>
Date: Tue Apr 18 04:19:54 2017 +0100
Explicitly mark some patches as Forwarded: no or not-needed
---
debian/patches/debian/fjes-disable-autoload.patch | 1 +
.../patches/debian/userns-avoid-abi-change-for-cve-2017-6874-fix.patch | 1 +
.../arm64-add-kernel-config-option-to-set-securelevel-wh.patch | 2 ++
.../arm64-efi-disable-secure-boot-if-shim-is-in-insecure.patch | 2 ++
.../mtd-disable-slram-and-phram-when-securelevel-is-enabled.patch | 1 +
5 files changed, 7 insertions(+)
diff --git a/debian/patches/debian/fjes-disable-autoload.patch b/debian/patches/debian/fjes-disable-autoload.patch
index 0461fad..049dfb5 100644
--- a/debian/patches/debian/fjes-disable-autoload.patch
+++ b/debian/patches/debian/fjes-disable-autoload.patch
@@ -2,6 +2,7 @@ From: Ben Hutchings <ben at decadent.org.uk>
Date: Sat, 18 Mar 2017 20:47:58 +0000
Subject: fjes: Disable auto-loading
Bug-Debian: https://bugs.debian.org/853976
+Forwarded: no
fjes matches a generic ACPI device ID, and relies on its probe
function to distinguish whether that really corresponds to a supported
diff --git a/debian/patches/debian/userns-avoid-abi-change-for-cve-2017-6874-fix.patch b/debian/patches/debian/userns-avoid-abi-change-for-cve-2017-6874-fix.patch
index 58a6a58..3e7572b 100644
--- a/debian/patches/debian/userns-avoid-abi-change-for-cve-2017-6874-fix.patch
+++ b/debian/patches/debian/userns-avoid-abi-change-for-cve-2017-6874-fix.patch
@@ -1,6 +1,7 @@
From: Ben Hutchings <ben at decadent.org.uk>
Date: Tue, 14 Mar 2017 21:35:33 +0000
Subject: userns: Avoid ABI change for CVE-2017-6874 fix
+Forwarded: not-needed
The type of ucounts::count changed from atomic_t to int. But they're
the same size, and it's only accessed within kernel/ucount.c, so hide
diff --git a/debian/patches/features/all/securelevel/arm64-add-kernel-config-option-to-set-securelevel-wh.patch b/debian/patches/features/all/securelevel/arm64-add-kernel-config-option-to-set-securelevel-wh.patch
index 92f5057..761838b 100644
--- a/debian/patches/features/all/securelevel/arm64-add-kernel-config-option-to-set-securelevel-wh.patch
+++ b/debian/patches/features/all/securelevel/arm64-add-kernel-config-option-to-set-securelevel-wh.patch
@@ -1,6 +1,8 @@
From: Linn Crosetto <linn at hpe.com>
Date: Tue, 30 Aug 2016 11:54:38 -0600
Subject: arm64: add kernel config option to set securelevel when in Secure Boot mode
+Bug-Debian: https://bugs.debian.org/831827
+Forwarded: no
Add a kernel configuration option to enable securelevel, to restrict
userspace's ability to modify the running kernel when UEFI Secure Boot is
diff --git a/debian/patches/features/all/securelevel/arm64-efi-disable-secure-boot-if-shim-is-in-insecure.patch b/debian/patches/features/all/securelevel/arm64-efi-disable-secure-boot-if-shim-is-in-insecure.patch
index 59fd422..0430f0c 100644
--- a/debian/patches/features/all/securelevel/arm64-efi-disable-secure-boot-if-shim-is-in-insecure.patch
+++ b/debian/patches/features/all/securelevel/arm64-efi-disable-secure-boot-if-shim-is-in-insecure.patch
@@ -1,6 +1,8 @@
From: Linn Crosetto <linn at hpe.com>
Date: Mon, 22 Feb 2016 12:54:37 -0700
Subject: arm64/efi: Disable secure boot if shim is in insecure mode
+Bug-Debian: https://bugs.debian.org/831827
+Forwarded: no
Port to arm64 a patch originally written by Josh Boyer for the x86 EFI
stub.
diff --git a/debian/patches/features/all/securelevel/mtd-disable-slram-and-phram-when-securelevel-is-enabled.patch b/debian/patches/features/all/securelevel/mtd-disable-slram-and-phram-when-securelevel-is-enabled.patch
index b8b2e33..40adb44 100644
--- a/debian/patches/features/all/securelevel/mtd-disable-slram-and-phram-when-securelevel-is-enabled.patch
+++ b/debian/patches/features/all/securelevel/mtd-disable-slram-and-phram-when-securelevel-is-enabled.patch
@@ -1,6 +1,7 @@
From: Ben Hutchings <ben at decadent.org.uk>
Date: Fri, 03 Jun 2016 00:48:39 +0100
Subject: mtd: Disable slram and phram when securelevel is enabled
+Forwarded: no
The slram and phram drivers both allow mapping regions of physical
address space such that they can then be read and written by userland
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/kernel/linux.git
More information about the Kernel-svn-changes
mailing list