[linux] 01/01: Update to 4.14.16
debian-kernel at lists.debian.org
debian-kernel at lists.debian.org
Fri Feb 2 13:40:13 UTC 2018
This is an automated email from the git hooks/post-receive script.
carnil pushed a commit to branch sid
in repository linux.
commit edfb7d0f0e5a7e69c4e7b0780afe66ca3437a6de
Author: Salvatore Bonaccorso <carnil at debian.org>
Date: Wed Jan 31 21:08:15 2018 +0100
Update to 4.14.16
---
debian/changelog | 77 +++++++++++++++++++++-
...fnetlink_cthelper-add-missing-permission-.patch | 74 ---------------------
...lter-xt_osf-add-missing-permission-checks.patch | 56 ----------------
...h-Fix-gid-sorting-when-rootsquash-enabled.patch | 46 -------------
...avoid-false-sharing-of-map-refcount-with-.patch | 59 +++++++++++++++++
...vert-module-add-retpoline-tag-to-vermagic.patch | 52 ---------------
...timer-Reduce-conditional-code-hres_active.patch | 12 ++--
...ke-the-remote-enqueue-check-unconditional.patch | 10 +--
debian/patches/series | 5 +-
9 files changed, 146 insertions(+), 245 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index e328f53..3639814 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,4 +1,4 @@
-linux (4.14.15-1) UNRELEASED; urgency=medium
+linux (4.14.16-1) UNRELEASED; urgency=medium
* New upstream stable update:
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.14
@@ -196,12 +196,83 @@ linux (4.14.15-1) UNRELEASED; urgency=medium
- mm, page_vma_mapped: Drop faulty pointer arithmetics in check_pte()
- [arm64, armhf] net: mvpp2: do not disable GMAC padding
- [mips]: AR7: ensure the port type's FCR value is used
+ https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.16
+ - mm, page_alloc: fix potential false positive in __zone_watermark_ok
+ - xfrm: Fix a race in the xdst pcpu cache.
+ - Revert "module: Add retpoline tag to VERMAGIC"
+ - Input: xpad - add support for PDP Xbox One controllers
+ - Input: trackpoint - force 3 buttons if 0 button is reported
+ - Input: trackpoint - only expose supported controls for Elan, ALPS and
+ NXP
+ - Btrfs: fix stale entries in readdir
+ - [s390x] KVM: add proper locking for CMMA migration bitmap
+ - [arm*] net: bpf: avoid 'bx' instruction on non-Thumb capable CPUs
+ - [arm*] net: bpf: fix tail call jumps
+ - [arm*] net: bpf: fix stack alignment
+ - [arm*] net: bpf: move stack documentation
+ - [arm*] net: bpf: correct stack layout documentation
+ - [arm*] net: bpf: fix register saving
+ - [arm*] net: bpf: fix LDX instructions
+ - [arm*] net: bpf: clarify tail_call index
+ - [arm64,armhf] drm/vc4: Fix NULL pointer dereference in
+ vc4_save_hang_state()
+ - net: Allow neigh contructor functions ability to modify the primary_key
+ - ipv4: Make neigh lookup keys for loopback/point-to-point devices be
+ INADDR_ANY
+ - dccp: don't restart ccid2_hc_tx_rto_expire() if sk in closed state
+ - ipv6: Fix getsockopt() for sockets with default IPV6_AUTOFLOWLABEL
+ - ipv6: fix udpv6 sendmsg crash caused by too small MTU
+ - ipv6: ip6_make_skb() needs to clear cork.base.dst
+ - lan78xx: Fix failure in USB Full Speed
+ - net: igmp: fix source address check for IGMPv3 reports
+ - net: qdisc_pkt_len_init() should be more robust
+ - net: tcp: close sock if net namespace is exiting
+ - net/tls: Fix inverted error codes to avoid endless loop
+ - net: vrf: Add support for sends to local broadcast address
+ - pppoe: take ->needed_headroom of lower device into account on xmit
+ - r8169: fix memory corruption on retrieval of hardware statistics.
+ - sctp: do not allow the v4 socket to bind a v4mapped v6 address
+ - sctp: return error if the asoc has been peeled off in
+ sctp_wait_for_sndbuf
+ - tipc: fix a memory leak in tipc_nl_node_get_link()
+ - {net,ib}/mlx5: Don't disable local loopback multicast traffic when
+ needed
+ - net/mlx5: Fix get vector affinity helper function
+ - ppp: unlock all_ppp_mutex before registering device
+ - be2net: restore properly promisc mode after queues reconfiguration
+ - ip6_gre: init dev->mtu and dev->hard_header_len correctly
+ - gso: validate gso_type in GSO handlers
+ - tun: fix a memory leak for tfile->tx_array
+ - flow_dissector: properly cap thoff field
+ - sctp: reinit stream if stream outcnt has been change by sinit in sendmsg
+ - netlink: extack needs to be reset each time through loop
+ - net/mlx5e: Fix fixpoint divide exception in mlx5e_am_stats_compare
+ - nfp: use the correct index for link speed table
+ - netlink: reset extack earlier in netlink_rcv_skb
+ - net/tls: Only attach to sockets in ESTABLISHED state
+ - tls: fix sw_ctx leak
+ - tls: return -EBUSY if crypto_info is already set
+ - tls: reset crypto_info when do_tls_setsockopt_tx fails
+ - net: ipv4: Make "ip route get" match iif lo rules again.
+ - vmxnet3: repair memory leak
+ - perf/x86/amd/power: Do not load AMD power module on !AMD platforms
+ - [x86] microcode/intel: Extend BDW late-loading further with LLC size
+ check
+ - [x86] microcode: Fix again accessing initrd after having been freed
+ - [x86] mm/64: Fix vmapped stack syncing on very-large-memory 4-level
+ systems
+ - hrtimer: Reset hrtimer cpu base proper on CPU hotplug
+ - bpf: introduce BPF_JIT_ALWAYS_ON config
+ - bpf: fix divides by zero
+ - bpf: fix 32-bit divide by zero
+ - bpf: reject stores into ctx via st and xadd
+ - [arm64] bpf: fix stack_depth tracking in combination with tail calls
+ - cpufreq: governor: Ensure sufficiently large sampling intervals
+ - nfsd: auth: Fix gid sorting when rootsquash enabled (CVE-2018-1000028)
[ Salvatore Bonaccorso ]
* loop: fix concurrent lo_open/lo_release (CVE-2018-5344)
- * Revert "module: Add retpoline tag to VERMAGIC"
* [rt] Update to 4.14.15-rt11
- * nfsd: auth: Fix gid sorting when rootsquash enabled (CVE-2018-1000028)
* [rt] Update to 4.14.15-rt13
[ Ben Hutchings ]
diff --git a/debian/patches/bugfix/all/netfilter-nfnetlink_cthelper-add-missing-permission-.patch b/debian/patches/bugfix/all/netfilter-nfnetlink_cthelper-add-missing-permission-.patch
deleted file mode 100644
index effd659..0000000
--- a/debian/patches/bugfix/all/netfilter-nfnetlink_cthelper-add-missing-permission-.patch
+++ /dev/null
@@ -1,74 +0,0 @@
-From: Kevin Cernekee <cernekee at chromium.org>
-Date: Sun, 3 Dec 2017 12:12:45 -0800
-Subject: netfilter: nfnetlink_cthelper: Add missing permission checks
-Origin: https://git.kernel.org/linus/4b380c42f7d00a395feede754f0bc2292eebe6e5
-Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-17448
-
-The capability check in nfnetlink_rcv() verifies that the caller
-has CAP_NET_ADMIN in the namespace that "owns" the netlink socket.
-However, nfnl_cthelper_list is shared by all net namespaces on the
-system. An unprivileged user can create user and net namespaces
-in which he holds CAP_NET_ADMIN to bypass the netlink_net_capable()
-check:
-
- $ nfct helper list
- nfct v1.4.4: netlink error: Operation not permitted
- $ vpnns -- nfct helper list
- {
- .name = ftp,
- .queuenum = 0,
- .l3protonum = 2,
- .l4protonum = 6,
- .priv_data_len = 24,
- .status = enabled,
- };
-
-Add capable() checks in nfnetlink_cthelper, as this is cleaner than
-trying to generalize the solution.
-
-Signed-off-by: Kevin Cernekee <cernekee at chromium.org>
-Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
----
- net/netfilter/nfnetlink_cthelper.c | 10 ++++++++++
- 1 file changed, 10 insertions(+)
-
---- a/net/netfilter/nfnetlink_cthelper.c
-+++ b/net/netfilter/nfnetlink_cthelper.c
-@@ -17,6 +17,7 @@
- #include <linux/types.h>
- #include <linux/list.h>
- #include <linux/errno.h>
-+#include <linux/capability.h>
- #include <net/netlink.h>
- #include <net/sock.h>
-
-@@ -407,6 +408,9 @@ static int nfnl_cthelper_new(struct net
- struct nfnl_cthelper *nlcth;
- int ret = 0;
-
-+ if (!capable(CAP_NET_ADMIN))
-+ return -EPERM;
-+
- if (!tb[NFCTH_NAME] || !tb[NFCTH_TUPLE])
- return -EINVAL;
-
-@@ -611,6 +615,9 @@ static int nfnl_cthelper_get(struct net
- struct nfnl_cthelper *nlcth;
- bool tuple_set = false;
-
-+ if (!capable(CAP_NET_ADMIN))
-+ return -EPERM;
-+
- if (nlh->nlmsg_flags & NLM_F_DUMP) {
- struct netlink_dump_control c = {
- .dump = nfnl_cthelper_dump_table,
-@@ -678,6 +685,9 @@ static int nfnl_cthelper_del(struct net
- struct nfnl_cthelper *nlcth, *n;
- int j = 0, ret;
-
-+ if (!capable(CAP_NET_ADMIN))
-+ return -EPERM;
-+
- if (tb[NFCTH_NAME])
- helper_name = nla_data(tb[NFCTH_NAME]);
-
diff --git a/debian/patches/bugfix/all/netfilter-xt_osf-add-missing-permission-checks.patch b/debian/patches/bugfix/all/netfilter-xt_osf-add-missing-permission-checks.patch
deleted file mode 100644
index fcaacd7..0000000
--- a/debian/patches/bugfix/all/netfilter-xt_osf-add-missing-permission-checks.patch
+++ /dev/null
@@ -1,56 +0,0 @@
-From: Kevin Cernekee <cernekee at chromium.org>
-Date: Tue, 5 Dec 2017 15:42:41 -0800
-Subject: netfilter: xt_osf: Add missing permission checks
-Origin: https://git.kernel.org/linus/916a27901de01446bcf57ecca4783f6cff493309
-Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-17450
-
-The capability check in nfnetlink_rcv() verifies that the caller
-has CAP_NET_ADMIN in the namespace that "owns" the netlink socket.
-However, xt_osf_fingers is shared by all net namespaces on the
-system. An unprivileged user can create user and net namespaces
-in which he holds CAP_NET_ADMIN to bypass the netlink_net_capable()
-check:
-
- vpnns -- nfnl_osf -f /tmp/pf.os
-
- vpnns -- nfnl_osf -f /tmp/pf.os -d
-
-These non-root operations successfully modify the systemwide OS
-fingerprint list. Add new capable() checks so that they can't.
-
-Signed-off-by: Kevin Cernekee <cernekee at chromium.org>
-Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
----
- net/netfilter/xt_osf.c | 7 +++++++
- 1 file changed, 7 insertions(+)
-
---- a/net/netfilter/xt_osf.c
-+++ b/net/netfilter/xt_osf.c
-@@ -19,6 +19,7 @@
- #include <linux/module.h>
- #include <linux/kernel.h>
-
-+#include <linux/capability.h>
- #include <linux/if.h>
- #include <linux/inetdevice.h>
- #include <linux/ip.h>
-@@ -70,6 +71,9 @@ static int xt_osf_add_callback(struct ne
- struct xt_osf_finger *kf = NULL, *sf;
- int err = 0;
-
-+ if (!capable(CAP_NET_ADMIN))
-+ return -EPERM;
-+
- if (!osf_attrs[OSF_ATTR_FINGER])
- return -EINVAL;
-
-@@ -115,6 +119,9 @@ static int xt_osf_remove_callback(struct
- struct xt_osf_finger *sf;
- int err = -ENOENT;
-
-+ if (!capable(CAP_NET_ADMIN))
-+ return -EPERM;
-+
- if (!osf_attrs[OSF_ATTR_FINGER])
- return -EINVAL;
-
diff --git a/debian/patches/bugfix/all/nfsd-auth-Fix-gid-sorting-when-rootsquash-enabled.patch b/debian/patches/bugfix/all/nfsd-auth-Fix-gid-sorting-when-rootsquash-enabled.patch
deleted file mode 100644
index c2e3cc8..0000000
--- a/debian/patches/bugfix/all/nfsd-auth-Fix-gid-sorting-when-rootsquash-enabled.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-From: Ben Hutchings <ben.hutchings at codethink.co.uk>
-Date: Mon, 22 Jan 2018 20:11:06 +0000
-Subject: nfsd: auth: Fix gid sorting when rootsquash enabled
-Origin: https://git.kernel.org/linus/1995266727fa8143897e89b55f5d3c79aa828420
-Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2018-1000028
-
-Commit bdcf0a423ea1 ("kernel: make groups_sort calling a responsibility
-group_info allocators") appears to break nfsd rootsquash in a pretty
-major way.
-
-It adds a call to groups_sort() inside the loop that copies/squashes
-gids, which means the valid gids are sorted along with the following
-garbage. The net result is that the highest numbered valid gids are
-replaced with any lower-valued garbage gids, possibly including 0.
-
-We should sort only once, after filling in all the gids.
-
-Fixes: bdcf0a423ea1 ("kernel: make groups_sort calling a responsibility ...")
-Signed-off-by: Ben Hutchings <ben.hutchings at codethink.co.uk>
-Acked-by: J. Bruce Fields <bfields at redhat.com>
-Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
----
- fs/nfsd/auth.c | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/fs/nfsd/auth.c b/fs/nfsd/auth.c
-index f650e475d8f0..fdf2aad73470 100644
---- a/fs/nfsd/auth.c
-+++ b/fs/nfsd/auth.c
-@@ -60,10 +60,10 @@ int nfsd_setuser(struct svc_rqst *rqstp, struct svc_export *exp)
- gi->gid[i] = exp->ex_anon_gid;
- else
- gi->gid[i] = rqgi->gid[i];
--
-- /* Each thread allocates its own gi, no race */
-- groups_sort(gi);
- }
-+
-+ /* Each thread allocates its own gi, no race */
-+ groups_sort(gi);
- } else {
- gi = get_group_info(rqgi);
- }
---
-2.11.0
-
diff --git a/debian/patches/debian/revert-bpf-avoid-false-sharing-of-map-refcount-with-.patch b/debian/patches/debian/revert-bpf-avoid-false-sharing-of-map-refcount-with-.patch
new file mode 100644
index 0000000..863af90
--- /dev/null
+++ b/debian/patches/debian/revert-bpf-avoid-false-sharing-of-map-refcount-with-.patch
@@ -0,0 +1,59 @@
+From: Salvatore Bonaccorso <carnil at debian.org>
+Date: Fri, 2 Feb 2018 13:33:53 +0100
+Subject: Revert "bpf: avoid false sharing of map refcount with max_entries"
+Origin: https://git.kernel.org/linus/d5b555516e042378f54c1640ba61265e76a8b6e9
+
+This reverts commit 3ea4247ec1b7efc423cf4f75450ebf5cffab9ed8 which is
+commit be95a845cc4402272994ce290e3ad928aff06cb9 upstream. This commit
+heavily modifies the bpf_map structure to split it on two cachelines and
+prevent sharing reference counter with other, read-only fields in order
+to mitigate Spectre attacks. This modification changes the ABI, so
+revert the mitigation for now since the infrastructure is not yet
+complete for Spectre mitigation anyway.
+---
+ include/linux/bpf.h | 21 +++++----------------
+ 1 file changed, 5 insertions(+), 16 deletions(-)
+
+diff --git a/include/linux/bpf.h b/include/linux/bpf.h
+index 5c5be80ce802..0bcf803f20de 100644
+--- a/include/linux/bpf.h
++++ b/include/linux/bpf.h
+@@ -42,14 +42,7 @@ struct bpf_map_ops {
+ };
+
+ struct bpf_map {
+- /* 1st cacheline with read-mostly members of which some
+- * are also accessed in fast-path (e.g. ops, max_entries).
+- */
+- const struct bpf_map_ops *ops ____cacheline_aligned;
+- struct bpf_map *inner_map_meta;
+-#ifdef CONFIG_SECURITY
+- void *security;
+-#endif
++ atomic_t refcnt;
+ enum bpf_map_type map_type;
+ u32 key_size;
+ u32 value_size;
+@@ -59,15 +52,11 @@ struct bpf_map {
+ u32 id;
+ int numa_node;
+ bool unpriv_array;
+- /* 7 bytes hole */
+-
+- /* 2nd cacheline with misc members to avoid false sharing
+- * particularly with refcounting.
+- */
+- struct user_struct *user ____cacheline_aligned;
+- atomic_t refcnt;
+- atomic_t usercnt;
++ struct user_struct *user;
++ const struct bpf_map_ops *ops;
+ struct work_struct work;
++ atomic_t usercnt;
++ struct bpf_map *inner_map_meta;
+ };
+
+ /* function argument constraints */
+--
+2.11.0
+
diff --git a/debian/patches/debian/revert-module-add-retpoline-tag-to-vermagic.patch b/debian/patches/debian/revert-module-add-retpoline-tag-to-vermagic.patch
deleted file mode 100644
index 2b4d0ea..0000000
--- a/debian/patches/debian/revert-module-add-retpoline-tag-to-vermagic.patch
+++ /dev/null
@@ -1,52 +0,0 @@
-From 5132ede0fe8092b043dae09a7cc32b8ae7272baa Mon Sep 17 00:00:00 2001
-From: Greg Kroah-Hartman <gregkh at linuxfoundation.org>
-Date: Wed, 24 Jan 2018 15:28:17 +0100
-Subject: Revert "module: Add retpoline tag to VERMAGIC"
-
-From: Greg Kroah-Hartman <gregkh at linuxfoundation.org>
-
-commit 5132ede0fe8092b043dae09a7cc32b8ae7272baa upstream.
-
-This reverts commit 6cfb521ac0d5b97470883ff9b7facae264b7ab12.
-
-Turns out distros do not want to make retpoline as part of their "ABI",
-so this patch should not have been merged. Sorry Andi, this was my
-fault, I suggested it when your original patch was the "correct" way of
-doing this instead.
-
-Reported-by: Jiri Kosina <jikos at kernel.org>
-Fixes: 6cfb521ac0d5 ("module: Add retpoline tag to VERMAGIC")
-Acked-by: Andi Kleen <ak at linux.intel.com>
-Cc: Thomas Gleixner <tglx at linutronix.de>
-Cc: David Woodhouse <dwmw at amazon.co.uk>
-Cc: rusty at rustcorp.com.au
-Cc: arjan.van.de.ven at intel.com
-Cc: jeyu at kernel.org
-Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
-Signed-off-by: Greg Kroah-Hartman <gregkh at linuxfoundation.org>
-
----
- include/linux/vermagic.h | 8 +-------
- 1 file changed, 1 insertion(+), 7 deletions(-)
-
---- a/include/linux/vermagic.h
-+++ b/include/linux/vermagic.h
-@@ -31,17 +31,11 @@
- #else
- #define MODULE_RANDSTRUCT_PLUGIN
- #endif
--#ifdef RETPOLINE
--#define MODULE_VERMAGIC_RETPOLINE "retpoline "
--#else
--#define MODULE_VERMAGIC_RETPOLINE ""
--#endif
-
- #define VERMAGIC_STRING \
- UTS_RELEASE " " \
- MODULE_VERMAGIC_SMP MODULE_VERMAGIC_PREEMPT \
- MODULE_VERMAGIC_MODULE_UNLOAD MODULE_VERMAGIC_MODVERSIONS \
- MODULE_ARCH_VERMAGIC \
-- MODULE_RANDSTRUCT_PLUGIN \
-- MODULE_VERMAGIC_RETPOLINE
-+ MODULE_RANDSTRUCT_PLUGIN
-
diff --git a/debian/patches/features/all/rt/0013-hrtimer-Reduce-conditional-code-hres_active.patch b/debian/patches/features/all/rt/0013-hrtimer-Reduce-conditional-code-hres_active.patch
index 2571417..cd46b76 100644
--- a/debian/patches/features/all/rt/0013-hrtimer-Reduce-conditional-code-hres_active.patch
+++ b/debian/patches/features/all/rt/0013-hrtimer-Reduce-conditional-code-hres_active.patch
@@ -123,15 +123,15 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy at linutronix.de>
* Reprogram the event source with checking both queues for the
* next event
* Called with interrupts disabled and base->lock held
-@@ -661,7 +662,6 @@ static void hrtimer_reprogram(struct hrt
- static inline void hrtimer_init_hres(struct hrtimer_cpu_base *base)
+@@ -662,7 +663,6 @@ static inline void hrtimer_init_hres(str
{
base->expires_next = KTIME_MAX;
+ base->hang_detected = 0;
- base->hres_active = 0;
+ base->next_timer = NULL;
}
- /*
-@@ -720,8 +720,6 @@ void clock_was_set_delayed(void)
+@@ -722,8 +722,6 @@ void clock_was_set_delayed(void)
#else
@@ -140,9 +140,9 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy at linutronix.de>
static inline int hrtimer_is_hres_enabled(void) { return 0; }
static inline void hrtimer_switch_to_hres(void) { }
static inline void
-@@ -1602,6 +1600,7 @@ int hrtimers_prepare_cpu(unsigned int cp
- }
+@@ -1605,6 +1603,7 @@ int hrtimers_prepare_cpu(unsigned int cp
+ cpu_base->active_bases = 0;
cpu_base->cpu = cpu;
+ cpu_base->hres_active = 0;
hrtimer_init_hres(cpu_base);
diff --git a/debian/patches/features/all/rt/0015-hrtimer-Make-the-remote-enqueue-check-unconditional.patch b/debian/patches/features/all/rt/0015-hrtimer-Make-the-remote-enqueue-check-unconditional.patch
index 80e15bc..05e8e61 100644
--- a/debian/patches/features/all/rt/0015-hrtimer-Make-the-remote-enqueue-check-unconditional.patch
+++ b/debian/patches/features/all/rt/0015-hrtimer-Make-the-remote-enqueue-check-unconditional.patch
@@ -95,7 +95,7 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy at linutronix.de>
}
static inline
-@@ -657,14 +652,6 @@ static void hrtimer_reprogram(struct hrt
+@@ -657,16 +652,6 @@ static void hrtimer_reprogram(struct hrt
}
/*
@@ -104,13 +104,15 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy at linutronix.de>
-static inline void hrtimer_init_hres(struct hrtimer_cpu_base *base)
-{
- base->expires_next = KTIME_MAX;
+- base->hang_detected = 0;
+- base->next_timer = NULL;
-}
-
-/*
* Retrigger next event is called after clock was set
*
* Called with interrupts disabled via on_each_cpu()
-@@ -729,7 +716,6 @@ static inline int hrtimer_reprogram(stru
+@@ -731,7 +716,6 @@ static inline int hrtimer_reprogram(stru
{
return 0;
}
@@ -118,8 +120,8 @@ Signed-off-by: Sebastian Andrzej Siewior <bigeasy at linutronix.de>
static inline void retrigger_next_event(void *arg) { }
#endif /* CONFIG_HIGH_RES_TIMERS */
-@@ -1601,7 +1587,7 @@ int hrtimers_prepare_cpu(unsigned int cp
-
+@@ -1604,7 +1588,7 @@ int hrtimers_prepare_cpu(unsigned int cp
+ cpu_base->active_bases = 0;
cpu_base->cpu = cpu;
cpu_base->hres_active = 0;
- hrtimer_init_hres(cpu_base);
diff --git a/debian/patches/series b/debian/patches/series
index beda545..8825ed6 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -118,13 +118,10 @@ features/all/lockdown/arm64-add-kernel-config-option-to-lock-down-when.patch
# Security fixes
debian/i386-686-pae-pci-set-pci-nobios-by-default.patch
bugfix/all/dccp-cve-2017-8824-use-after-free-in-dccp-code.patch
-bugfix/all/netfilter-nfnetlink_cthelper-add-missing-permission-.patch
-bugfix/all/netfilter-xt_osf-add-missing-permission-checks.patch
bugfix/all/media-dvb-usb-v2-lmedm04-Improve-logic-checking-of-w.patch
bugfix/all/media-dvb-usb-v2-lmedm04-move-ts2020-attach-to-dm04_.patch
bugfix/all/media-hdpvr-fix-an-error-handling-path-in-hdpvr_prob.patch
bugfix/all/loop-fix-concurrent-lo_open-lo_release.patch
-bugfix/all/nfsd-auth-Fix-gid-sorting-when-rootsquash-enabled.patch
# Fix exported symbol versions
bugfix/all/module-disable-matching-missing-version-crc.patch
@@ -155,5 +152,5 @@ features/arm/dwmac-sun8i/0008-ARM-dts-sunxi-h3-h5-represent-the-mdio-switch-used
features/arm64/tegra210-smp/0001-arm64-tegra-Add-CPU-and-PSCI-nodes-for-NVIDIA-Tegra2.patch
# ABI maintenance
+debian/revert-bpf-avoid-false-sharing-of-map-refcount-with-.patch
debian/bpf-avoid-abi-change-in-4.14.14.patch
-debian/revert-module-add-retpoline-tag-to-vermagic.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/kernel/linux.git
More information about the Kernel-svn-changes
mailing list