[gentoo-commits] proj/linux-patches:6.9 commit in: /
commit: e9f56ab9ee755cdb0ac1635e3b7c3939049f79d0 Author: Mike Pagano gentoo org> AuthorDate: Thu May 30 12:02:23 2024 + Commit: Mike Pagano gentoo org> CommitDate: Thu May 30 12:02:23 2024 + URL:https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=e9f56ab9 Remove redundant patch Removed: 2930_io-uring-sqpoll-ensure-task_work-fix.patch Signed-off-by: Mike Pagano gentoo.org> _README | 4 - 2930_io-uring-sqpoll-ensure-task_work-fix.patch | 115 2 files changed, 119 deletions(-) diff --git a/_README b/_README index 41e4fabf..83130556 100644 --- a/_README +++ b/_README @@ -83,10 +83,6 @@ Patch: 2920_sign-file-patch-for-libressl.patch From: https://bugs.gentoo.org/717166 Desc: sign-file: full functionality with modern LibreSSL -Patch: 2930_io-uring-sqpoll-ensure-task_work-fix.patch -From: https://bugs.gentoo.org/931942 -Desc: sqpoll: ensure that normal task_work is also run timely - Patch: 3000_Support-printing-firmware-info.patch From: https://bugs.gentoo.org/732852 Desc: Print firmware info (Reqs CONFIG_GENTOO_PRINT_FIRMWARE_INFO). Thanks to Georgy Yakovlev diff --git a/2930_io-uring-sqpoll-ensure-task_work-fix.patch b/2930_io-uring-sqpoll-ensure-task_work-fix.patch deleted file mode 100644 index 70e62a25.. --- a/2930_io-uring-sqpoll-ensure-task_work-fix.patch +++ /dev/null @@ -1,115 +0,0 @@ -From mboxrd@z Thu Jan 1 00:00:00 1970 -Received: from mail-io1-f48.google.com (mail-io1-f48.google.com [209.85.166.48]) - (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) - (No client certificate requested) - by smtp.subspace.kernel.org (Postfix) with ESMTPS id C0BC614884F - for ; Tue, 21 May 2024 19:43:52 + (UTC) -Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.166.48 -ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; - t=1716320634; cv=none; b=KU/mCJ7mBHO+iHipnVTh5iJc7FxW5xbo1S24b4Vfx1HWcIChj7ieZ6M0D4Dly+m6CHUZ/xGmrFxNLNl+hJyl1SruXRuZGd2zsG87whd+SMirOeAcxfkjgTN9YcSuuAs+cr6WBGo33TXA1wYYEdcKAp5+2MtFRlOEfEpneQZ1jRI= -ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; - s=arc-20240116; t=1716320634; c=relaxed/simple; - bh=gaIkoP5Tt9ptNy9eqUxDwFHSVRdtXZdNQxS3gSxXieM=; - h=Message-ID:Date:MIME-Version:To:From:Subject:Cc:Content-Type; b=g/8jkVOwbG15NZZ75HTC/Dfc8RLdXo+ufUTtRf0leBrGhctRXfFOQcPJHuIp8HY9Wrch47B9oRjqZL6/m5CaK8aKCXZAQ7dCknHsT8yf8O7aMN+fNs+3QQ7EyZpc+3NjnHZ+NbtSEtGyK2eC5F75Apq4KjVZCYUl/lUQ5sCjIp0= -ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=kernel.dk; spf=pass smtp.mailfrom=kernel.dk; dkim=pass (2048-bit key) header.d=kernel-dk.20230601.gappssmtp.com header.i=@kernel-dk.20230601.gappssmtp.com header.b=Q/x459tT; arc=none smtp.client-ip=209.85.166.48 -Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=kernel.dk -Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=kernel.dk -Authentication-Results: smtp.subspace.kernel.org; - dkim=pass (2048-bit key) header.d=kernel-dk.20230601.gappssmtp.com header.i=@kernel-dk.20230601.gappssmtp.com header.b="Q/x459tT" -Received: by mail-io1-f48.google.com with SMTP id ca18e2360f4ac-7e1b8606bfdso19766539f.3 -for ; Tue, 21 May 2024 12:43:52 -0700 (PDT) -DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; -d=kernel-dk.20230601.gappssmtp.com; s=20230601; t=1716320631; x=1716925431; darn=vger.kernel.org; -h=content-transfer-encoding:cc:subject:from:to:content-language - :user-agent:mime-version:date:message-id:from:to:cc:subject:date - :message-id:reply-to; -bh=T4xIoHSMmGrzeSfhPivp04fPK+A8FmMUIxCHFcE1zPo=; -b=Q/x459tTR9ak5EYWL/Ygb8HtLydtfqDpakjjofFDUwlF24E3mxFim/Nnw4x9AEj/vO - Nw0e7YouxTiSj9kxnTdLpVz9LuTMJxvPohmoXfgI9ReSCIJ1I95Dn70CZ1CiQW8bsad1 - /7LdSpIPqGK1OCnLphDgXdqqyBn/URkVCoVovoxwhWgmDm4DwKMePqCdecoZ/M/o9zr5 - yEPrJag55yEmCVL6Rfezs07paFsHgHAiX55syf6xBBP2ghaH18+oB8oeeHfbCnHxunNc - cTL4mATn49cvERCj4GYxEZWnSB/KVSJw2TQbs8VyyLJauzMx4Jk5S/lrhsMzDolCajWj - /Tyw== -X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; -d=1e100.net; s=20230601; t=1716320631; x=1716925431; -h=content-transfer-encoding:cc:subject:from:to:content-language - :user-agent:mime-version:date:message-id:x-gm-message-state:from:to - :cc:subject:date:message-id:reply-to; -bh=T4xIoHSMmGrzeSfhPivp04fPK+A8FmMUIxCHFcE1zPo=; -b=W1PQkCljf2qgJy1vEyfE6GT8FahYvbyD7b8TGqRMKaqyAI6lt9kofryakDyC3RKSSQ - FZsB+Gx9RQEUu40SOMfUjZQegR+zKaojOx6wtx37pRW85eJG4oNto15sFFfJQSwyKuyN - p61QuElnpiAFyaT2QpK3M3NctjaTKRzT+DhJ4+cK1Py69C+ZCqQiaCMgtkIycVWtaUWF - evEF260Bry0bjSBbdVfuDaic9WhdvMo2p8c726hK/Bu1CkRs3pGoxkNEHWPQlMmyxzRw -
[gentoo-commits] proj/linux-patches:6.9 commit in: /
commit: 190af96490abc9ac3659f6e8a74e7ae51df04e0a Author: Mike Pagano gentoo org> AuthorDate: Sat May 25 15:18:56 2024 + Commit: Mike Pagano gentoo org> CommitDate: Sat May 25 15:18:56 2024 + URL:https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=190af964 Linux patch 6.9.2 Signed-off-by: Mike Pagano gentoo.org> _README|4 + 1001_linux-6.9.2.patch | 1480 2 files changed, 1484 insertions(+) diff --git a/_README b/_README index 55885e7a..111716b6 100644 --- a/_README +++ b/_README @@ -47,6 +47,10 @@ Patch: 1000_linux-6.9.1.patch From: https://www.kernel.org Desc: Linux 6.9.1 +Patch: 1001_linux-6.9.2.patch +From: https://www.kernel.org +Desc: Linux 6.9.2 + Patch: 1510_fs-enable-link-security-restrictions-by-default.patch From: http://sources.debian.net/src/linux/3.16.7-ckt4-3/debian/patches/debian/fs-enable-link-security-restrictions-by-default.patch/ Desc: Enable link security restrictions by default. diff --git a/1001_linux-6.9.2.patch b/1001_linux-6.9.2.patch new file mode 100644 index ..0b2b2476 --- /dev/null +++ b/1001_linux-6.9.2.patch @@ -0,0 +1,1480 @@ +diff --git a/Documentation/ABI/stable/sysfs-block b/Documentation/ABI/stable/sysfs-block +index 1fe9a553c37b7..f0025d1c3d5ac 100644 +--- a/Documentation/ABI/stable/sysfs-block b/Documentation/ABI/stable/sysfs-block +@@ -101,6 +101,16 @@ Description: + devices that support receiving integrity metadata. + + ++What: /sys/block//partscan ++Date: May 2024 ++Contact: Christoph Hellwig ++Description: ++ The /sys/block//partscan files reports if partition ++ scanning is enabled for the disk. It returns "1" if partition ++ scanning is enabled, or "0" if not. The value type is a 32-bit ++ unsigned integer, but only "0" and "1" are valid values. ++ ++ + What: /sys/block///alignment_offset + Date: April 2009 + Contact: Martin K. Petersen +diff --git a/Documentation/admin-guide/hw-vuln/core-scheduling.rst b/Documentation/admin-guide/hw-vuln/core-scheduling.rst +index cf1eeefdfc32f..a92e10ec402e7 100644 +--- a/Documentation/admin-guide/hw-vuln/core-scheduling.rst b/Documentation/admin-guide/hw-vuln/core-scheduling.rst +@@ -67,8 +67,8 @@ arg4: + will be performed for all tasks in the task group of ``pid``. + + arg5: +-userspace pointer to an unsigned long for storing the cookie returned by +-``PR_SCHED_CORE_GET`` command. Should be 0 for all other commands. ++userspace pointer to an unsigned long long for storing the cookie returned ++by ``PR_SCHED_CORE_GET`` command. Should be 0 for all other commands. + + In order for a process to push a cookie to, or pull a cookie from a process, it + is required to have the ptrace access mode: `PTRACE_MODE_READ_REALCREDS` to the +diff --git a/Documentation/admin-guide/mm/damon/usage.rst b/Documentation/admin-guide/mm/damon/usage.rst +index 6fce035fdbf5c..7daf1a95f9cb4 100644 +--- a/Documentation/admin-guide/mm/damon/usage.rst b/Documentation/admin-guide/mm/damon/usage.rst +@@ -153,7 +153,7 @@ Users can write below commands for the kdamond to the ``state`` file. + - ``clear_schemes_tried_regions``: Clear the DAMON-based operating scheme + action tried regions directory for each DAMON-based operation scheme of the + kdamond. +-- ``update_schemes_effective_bytes``: Update the contents of ++- ``update_schemes_effective_quotas``: Update the contents of + ``effective_bytes`` files for each DAMON-based operation scheme of the + kdamond. For more details, refer to :ref:`quotas directory `. + +@@ -342,7 +342,7 @@ Based on the user-specified :ref:`goal `, the + effective size quota is further adjusted. Reading ``effective_bytes`` returns + the current effective size quota. The file is not updated in real time, so + users should ask DAMON sysfs interface to update the content of the file for +-the stats by writing a special keyword, ``update_schemes_effective_bytes`` to ++the stats by writing a special keyword, ``update_schemes_effective_quotas`` to + the relevant ``kdamonds//state`` file. + + Under ``weights`` directory, three files (``sz_permil``, +@@ -434,7 +434,7 @@ pages of all memory cgroups except ``/having_care_already``.:: + # # further filter out all cgroups except one at '/having_care_already' + echo memcg > 1/type + echo /having_care_already > 1/memcg_path +-echo N > 1/matching ++echo Y > 1/matching + + Note that ``anon`` and ``memcg`` filters are currently supported only when + ``paddr`` :ref:`implementation ` is being used. +diff --git a/Documentation/sphinx/kernel_include.py b/Documentation/sphinx/kernel_include.py +index abe7680883771..6387624423363 100755 +--- a/Documentation/sphinx/kernel_include.py b/Documentation/sphinx/kernel_include.py +@@ -97,7 +97,6 @@ class
[gentoo-commits] proj/linux-patches:6.9 commit in: /
commit: 9528f04dd74f7ffae81a7909fb07c8a57bb4d814 Author: Mike Pagano gentoo org> AuthorDate: Thu May 23 12:41:03 2024 + Commit: Mike Pagano gentoo org> CommitDate: Thu May 23 12:41:03 2024 + URL:https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=9528f04d io_uring/sqpoll: ensure normal task_work is also run timely Bug: https://bugs.gentoo.org/931942 Signed-off-by: Mike Pagano gentoo.org> _README | 4 + 2930_io-uring-sqpoll-ensure-task_work-fix.patch | 115 2 files changed, 119 insertions(+) diff --git a/_README b/_README index 02b4c7fb..55885e7a 100644 --- a/_README +++ b/_README @@ -75,6 +75,10 @@ Patch: 2920_sign-file-patch-for-libressl.patch From: https://bugs.gentoo.org/717166 Desc: sign-file: full functionality with modern LibreSSL +Patch: 2930_io-uring-sqpoll-ensure-task_work-fix.patch +From: https://bugs.gentoo.org/931942 +Desc: sqpoll: ensure that normal task_work is also run timely + Patch: 3000_Support-printing-firmware-info.patch From: https://bugs.gentoo.org/732852 Desc: Print firmware info (Reqs CONFIG_GENTOO_PRINT_FIRMWARE_INFO). Thanks to Georgy Yakovlev diff --git a/2930_io-uring-sqpoll-ensure-task_work-fix.patch b/2930_io-uring-sqpoll-ensure-task_work-fix.patch new file mode 100644 index ..70e62a25 --- /dev/null +++ b/2930_io-uring-sqpoll-ensure-task_work-fix.patch @@ -0,0 +1,115 @@ +From mboxrd@z Thu Jan 1 00:00:00 1970 +Received: from mail-io1-f48.google.com (mail-io1-f48.google.com [209.85.166.48]) + (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) + (No client certificate requested) + by smtp.subspace.kernel.org (Postfix) with ESMTPS id C0BC614884F + for ; Tue, 21 May 2024 19:43:52 + (UTC) +Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.166.48 +ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; + t=1716320634; cv=none; b=KU/mCJ7mBHO+iHipnVTh5iJc7FxW5xbo1S24b4Vfx1HWcIChj7ieZ6M0D4Dly+m6CHUZ/xGmrFxNLNl+hJyl1SruXRuZGd2zsG87whd+SMirOeAcxfkjgTN9YcSuuAs+cr6WBGo33TXA1wYYEdcKAp5+2MtFRlOEfEpneQZ1jRI= +ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; + s=arc-20240116; t=1716320634; c=relaxed/simple; + bh=gaIkoP5Tt9ptNy9eqUxDwFHSVRdtXZdNQxS3gSxXieM=; + h=Message-ID:Date:MIME-Version:To:From:Subject:Cc:Content-Type; b=g/8jkVOwbG15NZZ75HTC/Dfc8RLdXo+ufUTtRf0leBrGhctRXfFOQcPJHuIp8HY9Wrch47B9oRjqZL6/m5CaK8aKCXZAQ7dCknHsT8yf8O7aMN+fNs+3QQ7EyZpc+3NjnHZ+NbtSEtGyK2eC5F75Apq4KjVZCYUl/lUQ5sCjIp0= +ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=kernel.dk; spf=pass smtp.mailfrom=kernel.dk; dkim=pass (2048-bit key) header.d=kernel-dk.20230601.gappssmtp.com header.i=@kernel-dk.20230601.gappssmtp.com header.b=Q/x459tT; arc=none smtp.client-ip=209.85.166.48 +Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=kernel.dk +Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=kernel.dk +Authentication-Results: smtp.subspace.kernel.org; + dkim=pass (2048-bit key) header.d=kernel-dk.20230601.gappssmtp.com header.i=@kernel-dk.20230601.gappssmtp.com header.b="Q/x459tT" +Received: by mail-io1-f48.google.com with SMTP id ca18e2360f4ac-7e1b8606bfdso19766539f.3 +for ; Tue, 21 May 2024 12:43:52 -0700 (PDT) +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; +d=kernel-dk.20230601.gappssmtp.com; s=20230601; t=1716320631; x=1716925431; darn=vger.kernel.org; +h=content-transfer-encoding:cc:subject:from:to:content-language + :user-agent:mime-version:date:message-id:from:to:cc:subject:date + :message-id:reply-to; +bh=T4xIoHSMmGrzeSfhPivp04fPK+A8FmMUIxCHFcE1zPo=; +b=Q/x459tTR9ak5EYWL/Ygb8HtLydtfqDpakjjofFDUwlF24E3mxFim/Nnw4x9AEj/vO + Nw0e7YouxTiSj9kxnTdLpVz9LuTMJxvPohmoXfgI9ReSCIJ1I95Dn70CZ1CiQW8bsad1 + /7LdSpIPqGK1OCnLphDgXdqqyBn/URkVCoVovoxwhWgmDm4DwKMePqCdecoZ/M/o9zr5 + yEPrJag55yEmCVL6Rfezs07paFsHgHAiX55syf6xBBP2ghaH18+oB8oeeHfbCnHxunNc + cTL4mATn49cvERCj4GYxEZWnSB/KVSJw2TQbs8VyyLJauzMx4Jk5S/lrhsMzDolCajWj + /Tyw== +X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; +d=1e100.net; s=20230601; t=1716320631; x=1716925431; +h=content-transfer-encoding:cc:subject:from:to:content-language + :user-agent:mime-version:date:message-id:x-gm-message-state:from:to + :cc:subject:date:message-id:reply-to; +bh=T4xIoHSMmGrzeSfhPivp04fPK+A8FmMUIxCHFcE1zPo=; +b=W1PQkCljf2qgJy1vEyfE6GT8FahYvbyD7b8TGqRMKaqyAI6lt9kofryakDyC3RKSSQ + FZsB+Gx9RQEUu40SOMfUjZQegR+zKaojOx6wtx37pRW85eJG4oNto15sFFfJQSwyKuyN + p61QuElnpiAFyaT2QpK3M3NctjaTKRzT+DhJ4+cK1Py69C+ZCqQiaCMgtkIycVWtaUWF + evEF260Bry0bjSBbdVfuDaic9WhdvMo2p8c726hK/Bu1CkRs3pGoxkNEHWPQlMmyxzRw +
[gentoo-commits] proj/linux-patches:6.9 commit in: /
commit: 705e865cb7116eec6fa548403b2d0c5c6309dd0e
Author: Mike Pagano gentoo org>
AuthorDate: Fri May 17 11:23:48 2024 +
Commit: Mike Pagano gentoo org>
CommitDate: Fri May 17 11:23:48 2024 +
URL:https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=705e865c
Linux patch 6.9.1
Signed-off-by: Mike Pagano gentoo.org>
_README| 4 +
1000_linux-6.9.1.patch | 286 +
2 files changed, 290 insertions(+)
diff --git a/_README b/_README
index 887cea4c..02b4c7fb 100644
--- a/_README
+++ b/_README
@@ -43,6 +43,10 @@ EXPERIMENTAL
Individual Patch Descriptions:
--
+Patch: 1000_linux-6.9.1.patch
+From: https://www.kernel.org
+Desc: Linux 6.9.1
+
Patch: 1510_fs-enable-link-security-restrictions-by-default.patch
From:
http://sources.debian.net/src/linux/3.16.7-ckt4-3/debian/patches/debian/fs-enable-link-security-restrictions-by-default.patch/
Desc: Enable link security restrictions by default.
diff --git a/1000_linux-6.9.1.patch b/1000_linux-6.9.1.patch
new file mode 100644
index ..277d2283
--- /dev/null
+++ b/1000_linux-6.9.1.patch
@@ -0,0 +1,286 @@
+diff --git a/Makefile b/Makefile
+index 967e97878ecdf..a7045435151e6 100644
+--- a/Makefile
b/Makefile
+@@ -1,7 +1,7 @@
+ # SPDX-License-Identifier: GPL-2.0
+ VERSION = 6
+ PATCHLEVEL = 9
+-SUBLEVEL = 0
++SUBLEVEL = 1
+ EXTRAVERSION =
+ NAME = Hurr durr I'ma ninja sloth
+
+diff --git a/drivers/dma/idxd/cdev.c b/drivers/dma/idxd/cdev.c
+index c095a2c8f6595..39935071174a3 100644
+--- a/drivers/dma/idxd/cdev.c
b/drivers/dma/idxd/cdev.c
+@@ -400,6 +400,18 @@ static int idxd_cdev_mmap(struct file *filp, struct
vm_area_struct *vma)
+ int rc;
+
+ dev_dbg(>dev, "%s called\n", __func__);
++
++ /*
++ * Due to an erratum in some of the devices supported by the driver,
++ * direct user submission to the device can be unsafe.
++ * (See the INTEL-SA-01084 security advisory)
++ *
++ * For the devices that exhibit this behavior, require that the user
++ * has CAP_SYS_RAWIO capabilities.
++ */
++ if (!idxd->user_submission_safe && !capable(CAP_SYS_RAWIO))
++ return -EPERM;
++
+ rc = check_vma(wq, vma, __func__);
+ if (rc < 0)
+ return rc;
+@@ -414,6 +426,70 @@ static int idxd_cdev_mmap(struct file *filp, struct
vm_area_struct *vma)
+ vma->vm_page_prot);
+ }
+
++static int idxd_submit_user_descriptor(struct idxd_user_context *ctx,
++ struct dsa_hw_desc __user *udesc)
++{
++ struct idxd_wq *wq = ctx->wq;
++ struct idxd_dev *idxd_dev = >idxd->idxd_dev;
++ const uint64_t comp_addr_align = is_dsa_dev(idxd_dev) ? 0x20 : 0x40;
++ void __iomem *portal = idxd_wq_portal_addr(wq);
++ struct dsa_hw_desc descriptor __aligned(64);
++ int rc;
++
++ rc = copy_from_user(, udesc, sizeof(descriptor));
++ if (rc)
++ return -EFAULT;
++
++ /*
++ * DSA devices are capable of indirect ("batch") command submission.
++ * On devices where direct user submissions are not safe, we cannot
++ * allow this since there is no good way for us to verify these
++ * indirect commands.
++ */
++ if (is_dsa_dev(idxd_dev) && descriptor.opcode == DSA_OPCODE_BATCH &&
++ !wq->idxd->user_submission_safe)
++ return -EINVAL;
++ /*
++ * As per the programming specification, the completion address must be
++ * aligned to 32 or 64 bytes. If this is violated the hardware
++ * engine can get very confused (security issue).
++ */
++ if (!IS_ALIGNED(descriptor.completion_addr, comp_addr_align))
++ return -EINVAL;
++
++ if (wq_dedicated(wq))
++ iosubmit_cmds512(portal, , 1);
++ else {
++ descriptor.priv = 0;
++ descriptor.pasid = ctx->pasid;
++ rc = idxd_enqcmds(wq, portal, );
++ if (rc < 0)
++ return rc;
++ }
++
++ return 0;
++}
++
++static ssize_t idxd_cdev_write(struct file *filp, const char __user *buf,
size_t len,
++ loff_t *unused)
++{
++ struct dsa_hw_desc __user *udesc = (struct dsa_hw_desc __user *)buf;
++ struct idxd_user_context *ctx = filp->private_data;
++ ssize_t written = 0;
++ int i;
++
++ for (i = 0; i < len/sizeof(struct dsa_hw_desc); i++) {
++ int rc = idxd_submit_user_descriptor(ctx, udesc + i);
++
++ if (rc)
++ return written ? written : rc;
++
++ written += sizeof(struct dsa_hw_desc);
++ }
++
++ return written;
++}
++
+ static __poll_t idxd_cdev_poll(struct file *filp,
+ struct poll_table_struct *wait)
+ {
+@@ -436,6
[gentoo-commits] proj/linux-patches:6.9 commit in: /
commit: bf5362e40b7eaa6ea37b4205fdc8f6f106de74d9
Author: Mike Pagano gentoo org>
AuthorDate: Sun May 5 17:54:13 2024 +
Commit: Mike Pagano gentoo org>
CommitDate: Sun May 5 18:02:15 2024 +
URL:https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=bf5362e4
Update to KSPP patch
Bug: https://bugs.gentoo.org/930733
Signed-off-by: Mike Pagano gentoo.org>
4567_distro-Gentoo-Kconfig.patch | 33 +
1 file changed, 21 insertions(+), 12 deletions(-)
diff --git a/4567_distro-Gentoo-Kconfig.patch b/4567_distro-Gentoo-Kconfig.patch
index 6134393f..87b8fa95 100644
--- a/4567_distro-Gentoo-Kconfig.patch
+++ b/4567_distro-Gentoo-Kconfig.patch
@@ -6,9 +6,9 @@
source "Documentation/Kconfig"
+
+source "distro/Kconfig"
/dev/null 2024-04-27 13:10:54.18827 -0400
-+++ b/distro/Kconfig 2024-04-27 17:56:56.723132353 -0400
-@@ -0,0 +1,295 @@
+--- /dev/null 2024-05-05 10:40:37.10388 -0400
b/distro/Kconfig 2024-05-05 13:37:37.699554927 -0400
+@@ -0,0 +1,310 @@
+menu "Gentoo Linux"
+
+config GENTOO_LINUX
@@ -178,7 +178,7 @@
+ to unmet dependencies. Search for
GENTOO_KERNEL_SELF_PROTECTION_COMMON and search for
+ GENTOO_KERNEL_SELF_PROTECTION_{X86_64, ARM64, X86_32, ARM} for
dependency information on your
+ specific architecture.
-+ Note 2: Please see the URL above for numeric settings, e.g.
CONFIG_DEFAULT_MMAP_MIN_ADDR=65536
++ Note 2: Please see the URL above for numeric settings, e.g.
CONFIG_DEFAULT_MMAP_MIN_ADDR=65536
+ for X86_64
+
+if GENTOO_KERNEL_SELF_PROTECTION
@@ -201,10 +201,13 @@
+ select DEBUG_SG
+ select HARDENED_USERCOPY if HAVE_HARDENED_USERCOPY_ALLOCATOR=y
+ select KFENCE if HAVE_ARCH_KFENCE && (!SLAB || SLUB)
++ select PAGE_TABLE_CHECK if ARCH_SUPPORTS_PAGE_TABLE_CHECK=y &&
EXCLUSIVE_SYSTEM_RAM=y
++ select PAGE_TABLE_CHECK_ENFORCED if PAGE_TABLE_CHECK=y
+ select RANDOMIZE_KSTACK_OFFSET_DEFAULT if
HAVE_ARCH_RANDOMIZE_KSTACK_OFFSET && (INIT_STACK_NONE || !CC_IS_CLANG ||
CLANG_VERSION>=14)
+ select SECURITY_LANDLOCK
+ select SCHED_CORE if SCHED_SMT
+ select BUG_ON_DATA_CORRUPTION
++ select RANDOM_KMALLOC_CACHE if SLUB_TINY=n
+ select SCHED_STACK_END_CHECK
+ select SECCOMP if HAVE_ARCH_SECCOMP
+ select SECCOMP_FILTER if HAVE_ARCH_SECCOMP_FILTER
@@ -245,11 +248,13 @@
+ default n
+
+ select GCC_PLUGIN_STACKLEAK
++ select X86_KERNEL_IBT if CC_HAS_IBT=y && HAVE_OBJTOOL=y &&
(!LD_IS_LLD=n || LLD_VERSION>=14)
+ select LEGACY_VSYSCALL_NONE
+ select PAGE_TABLE_ISOLATION
+ select RANDOMIZE_BASE
+ select RANDOMIZE_MEMORY
+ select RELOCATABLE
++ select X86_USER_SHADOW_STACK if AS_WRUSS=Y
+ select VMAP_STACK
+
+
@@ -259,11 +264,21 @@
+ depends on ARM64
+ default n
+
-+ select RANDOMIZE_BASE
-+ select RELOCATABLE
++ select ARM64_BTI
++ select ARM64_E0PD
++ select ARM64_EPAN if ARM64_PAN=y
++ select ARM64_MTE if (ARM64_AS_HAS_MTE=y && ARM64_TAGGED_ADDR_ABI=y ) &&
( AS_HAS_ARMV8_5=y ) && ( AS_HAS_LSE_ATOMICS=y ) && ( ARM64_PAN=y )
++ select ARM64_PTR_AUTH
++ select ARM64_PTR_AUTH_KERNEL if ( ARM64_PTR_AUTH=y ) && ((
CC_HAS_SIGN_RETURN_ADDRESS=y || CC_HAS_BRANCH_PROT_PAC_RET=y ) &&
AS_HAS_ARMV8_3=y ) && ( LD_IS_LLD=y || LD_VERSION >= 23301 || ( CC_IS_GCC=y &&
GCC_VERSION < 90100 )) && (CC_IS_CLANG=n || AS_HAS_CFI_NEGATE_RA_STATE=y ) &&
((FUNCTION_GRAPH_TRACER=n || DYNAMIC_FTRACE_WITH_ARGS=y ))
++ select ARM64_BTI_KERNEL if ( ARM64_BTI=y ) && ( ARM64_PTR_AUTH_KERNEL=y
) && ( CC_HAS_BRANCH_PROT_PAC_RET_BTI=y ) && (CC_IS_GCC=n || GCC_VERSION >=
100100 ) && (CC_IS_GCC=n ) && ((FUNCTION_GRAPH_TRACE=n ||
DYNAMIC_FTRACE_WITH_ARG=y ))
+ select ARM64_SW_TTBR0_PAN
+ select CONFIG_UNMAP_KERNEL_AT_EL0
+ select GCC_PLUGIN_STACKLEAK
++ select KASAN_HW_TAGS if HAVE_ARCH_KASAN_HW_TAGS=y
++ select RANDOMIZE_BASE
++ select RELOCATABLE
++ select SHADOW_CALL_STACK if ARCH_SUPPORTS_SHADOW_CALL_STACK=y &&
(DYNAMIC_FTRACE_WITH_ARGS=y || DYNAMIC_FTRACE_WITH_REGS=y ||
FUNCTION_GRAPH_TRACER=n) && MMU=y
++ select UNWIND_PATCH_PAC_INTO_SCS if (CC_IS_CLANG=y && CLANG_VERSION >=
CONFIG_15 ) && ( ARM64_PTR_AUTH_KERNEL=y && CC_HAS_BRANCH_PROT_PAC_RET=y )
&& ( SHADOW_CALL_STACK=y )
+ select VMAP_STACK
+
+config GENTOO_KERNEL_SELF_PROTECTION_X86_32
@@ -304,12 +319,6 @@
+ See the settings that become available for more details and
fine-tuning.
+
+endmenu
-From bd3ff0b16792c18c0614c2b95e148943209f460a Mon Sep 17 00:00:00 2001
-From: Georgy Yakovlev
-Date: Tue, 8 Jun 2021 13:59:57 -0700
-Subject: [PATCH 2/2] set DEFAULT_MMAP_MIN_ADDR by default
-
mm/Kconfig | 2 ++
1 file changed, 2 insertions(+)
