diff --git a/.gitignore b/.gitignore
index 83498ea..581ba1a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -8,3 +8,14 @@ SOURCES/*.bz2
SOURCES/*.rpm
SOURCES/*.orig
SOURCES/*.sign
+
+#files generated by %prep
+SOURCES/filter-aarch64.sh
+SOURCES/filter-armv7hl.sh
+SOURCES/filter-i686.sh
+SOURCES/filter-modules.sh
+SOURCES/filter-ppc64le.sh
+SOURCES/filter-s390x.sh
+SOURCES/filter-x86_64.sh
+SOURCES/mod-extra.list
+SOURCES/x509.genkey
diff --git a/.kernel.metadata b/.kernel.metadata
index ffdc3a8..f3af03e 100644
--- a/.kernel.metadata
+++ b/.kernel.metadata
@@ -1,2 +1,2 @@
98ae49ad49397d5a4dcb3ff9a082223edf7c5bbd SOURCES/linux-5.4.tar.xz
-7ffe5446faa1749bd4efbab9540625a2bef4bec6 SOURCES/patch-5.4.22.xz
+58f37a7fb4f4f0050b291c2f71ea111082d46654 SOURCES/patch-5.4.25.xz
diff --git a/SOURCES/0001-Make-get_cert_list-not-complain-about-cert-lists-tha.patch b/SOURCES/0001-Make-get_cert_list-not-complain-about-cert-lists-tha.patch
deleted file mode 100644
index 34934a9..0000000
--- a/SOURCES/0001-Make-get_cert_list-not-complain-about-cert-lists-tha.patch
+++ /dev/null
@@ -1,104 +0,0 @@
-From 3ce5852ec6add45a28fe1706e9163351940e905c Mon Sep 17 00:00:00 2001
-From: Peter Jones <pjones@redhat.com>
-Date: Mon, 2 Oct 2017 18:25:29 -0400
-Subject: [PATCH 1/3] Make get_cert_list() not complain about cert lists that
- aren't present.
-
-Signed-off-by: Peter Jones <pjones@redhat.com>
----
- security/integrity/platform_certs/load_uefi.c | 37 ++++++++++++++++++++++---------------
- 1 file changed, 22 insertions(+), 15 deletions(-)
-
-diff --git a/security/integrity/platform_certs/load_uefi.c b/security/integrity/platform_certs/load_uefi.c
-index 81b19c52832b..e188f3ecbce3 100644
---- a/security/integrity/platform_certs/load_uefi.c
-+++ b/security/integrity/platform_certs/load_uefi.c
-@@ -38,8 +38,8 @@ static __init bool uefi_check_ignore_db(void)
- /*
- * Get a certificate list blob from the named EFI variable.
- */
--static __init void *get_cert_list(efi_char16_t *name, efi_guid_t *guid,
-- unsigned long *size)
-+static __init int get_cert_list(efi_char16_t *name, efi_guid_t *guid,
-+ unsigned long *size , void **cert_list)
- {
- efi_status_t status;
- unsigned long lsize = 4;
-@@ -47,24 +47,31 @@ static __init void *get_cert_list(efi_char16_t *name, efi_guid_t *guid,
- void *db;
-
- status = efi.get_variable(name, guid, NULL, &lsize, &tmpdb);
-+ if (status == EFI_NOT_FOUND) {
-+ *size = 0;
-+ *cert_list = NULL;
-+ return 0;
-+ }
-+
- if (status != EFI_BUFFER_TOO_SMALL) {
- pr_err("Couldn't get size: 0x%lx\n", status);
-- return NULL;
-+ return efi_status_to_err(status);
- }
-
- db = kmalloc(lsize, GFP_KERNEL);
- if (!db)
-- return NULL;
-+ return -ENOMEM;
-
- status = efi.get_variable(name, guid, NULL, &lsize, db);
- if (status != EFI_SUCCESS) {
- kfree(db);
- pr_err("Error reading db var: 0x%lx\n", status);
-- return NULL;
-+ return efi_status_to_err(status);
- }
-
- *size = lsize;
-- return db;
-+ *cert_list = db;
-+ return 0;
- }
-
- /*
-@@ -153,10 +160,10 @@ static int __init load_uefi_certs(void)
- * an error if we can't get them.
- */
- if (!uefi_check_ignore_db()) {
-- db = get_cert_list(L"db", &secure_var, &dbsize);
-- if (!db) {
-+ rc = get_cert_list(L"db", &secure_var, &dbsize, &db);
-+ if (rc < 0) {
- pr_err("MODSIGN: Couldn't get UEFI db list\n");
-- } else {
-+ } else if (dbsize != 0) {
- rc = parse_efi_signature_list("UEFI:db",
- db, dbsize, get_handler_for_db);
- if (rc)
-@@ -166,10 +173,10 @@ static int __init load_uefi_certs(void)
- }
- }
-
-- mok = get_cert_list(L"MokListRT", &mok_var, &moksize);
-- if (!mok) {
-+ rc = get_cert_list(L"MokListRT", &mok_var, &moksize, &mok);
-+ if (rc < 0) {
- pr_info("Couldn't get UEFI MokListRT\n");
-- } else {
-+ } else if (moksize != 0) {
- rc = parse_efi_signature_list("UEFI:MokListRT",
- mok, moksize, get_handler_for_db);
- if (rc)
-@@ -177,10 +184,10 @@ static int __init load_uefi_certs(void)
- kfree(mok);
- }
-
-- dbx = get_cert_list(L"dbx", &secure_var, &dbxsize);
-- if (!dbx) {
-+ rc = get_cert_list(L"dbx", &secure_var, &dbxsize, &dbx);
-+ if (rc < 0) {
- pr_info("Couldn't get UEFI dbx list\n");
-- } else {
-+ } else if (dbxsize != 0) {
- rc = parse_efi_signature_list("UEFI:dbx",
- dbx, dbxsize,
- get_handler_for_dbx);
diff --git a/SOURCES/0001-mm-Avoid-creating-virtual-address-aliases-in-brk-mma.patch b/SOURCES/0001-mm-Avoid-creating-virtual-address-aliases-in-brk-mma.patch
deleted file mode 100644
index 6f3bd3c..0000000
--- a/SOURCES/0001-mm-Avoid-creating-virtual-address-aliases-in-brk-mma.patch
+++ /dev/null
@@ -1,95 +0,0 @@
-From a34309d16f41c48ffd90e56a6f865d6a1a8c49f0 Mon Sep 17 00:00:00 2001
-From: Catalin Marinas <catalin.marinas@arm.com>
-Date: Wed, 19 Feb 2020 12:31:56 +0000
-Subject: [PATCH] mm: Avoid creating virtual address aliases in
- brk()/mmap()/mremap()
-
-Currently the arm64 kernel ignores the top address byte passed to brk(),
-mmap() and mremap(). When the user is not aware of the 56-bit address
-limit or relies on the kernel to return an error, untagging such
-pointers has the potential to create address aliases in user-space.
-Passing a tagged address to munmap(), madvise() is permitted since the
-tagged pointer is expected to be inside an existing mapping.
-
-The current behaviour breaks the existing glibc malloc() implementation
-which relies on brk() with an address beyond 56-bit to be rejected by
-the kernel.
-
-Remove untagging in the above functions by partially reverting commit
-ce18d171cb73 ("mm: untag user pointers in mmap/munmap/mremap/brk"). In
-addition, update the arm64 tagged-address-abi.rst document accordingly.
-
-Link: https://bugzilla.redhat.com/1797052
-Fixes: ce18d171cb73 ("mm: untag user pointers in mmap/munmap/mremap/brk")
-Cc: <stable@vger.kernel.org> # 5.4.x-
-Cc: Andrew Morton <akpm@linux-foundation.org>
-Cc: Florian Weimer <fweimer@redhat.com>
-Reported-by: Victor Stinner <vstinner@redhat.com>
-Acked-by: Will Deacon <will@kernel.org>
-Acked-by: Andrey Konovalov <andreyknvl@google.com>
-Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
----
- Documentation/arm64/tagged-address-abi.rst | 11 +++++++++--
- mm/mmap.c | 4 ----
- mm/mremap.c | 1 -
- 3 files changed, 9 insertions(+), 7 deletions(-)
-
-diff --git a/Documentation/arm64/tagged-address-abi.rst b/Documentation/arm64/tagged-address-abi.rst
-index d4a85d535bf9..f6289116893c 100644
---- a/Documentation/arm64/tagged-address-abi.rst
-+++ b/Documentation/arm64/tagged-address-abi.rst
-@@ -44,8 +44,15 @@ The AArch64 Tagged Address ABI has two stages of relaxation depending
- how the user addresses are used by the kernel:
-
- 1. User addresses not accessed by the kernel but used for address space
-- management (e.g. ``mmap()``, ``mprotect()``, ``madvise()``). The use
-- of valid tagged pointers in this context is always allowed.
-+ management (e.g. ``mprotect()``, ``madvise()``). The use of valid
-+ tagged pointers in this context is allowed with the exception of
-+ ``brk()``, ``mmap()`` and the ``new_address`` argument to
-+ ``mremap()`` as these have the potential of aliasing with existing
-+ user addresses.
-+
-+ NOTE: This behaviour changed in v5.6 and so some earlier kernels may
-+ incorrectly accept valid tagged pointers for the ``brk()``,
-+ ``mmap()`` and ``mremap()`` system calls.
-
- 2. User addresses accessed by the kernel (e.g. ``write()``). This ABI
- relaxation is disabled by default and the application thread needs to
-diff --git a/mm/mmap.c b/mm/mmap.c
-index 4390dbea4aa5..514cc19c5916 100644
---- a/mm/mmap.c
-+++ b/mm/mmap.c
-@@ -195,8 +195,6 @@ SYSCALL_DEFINE1(brk, unsigned long, brk)
- bool downgraded = false;
- LIST_HEAD(uf);
-
-- brk = untagged_addr(brk);
--
- if (down_write_killable(&mm->mmap_sem))
- return -EINTR;
-
-@@ -1583,8 +1581,6 @@ unsigned long ksys_mmap_pgoff(unsigned long addr, unsigned long len,
- struct file *file = NULL;
- unsigned long retval;
-
-- addr = untagged_addr(addr);
--
- if (!(flags & MAP_ANONYMOUS)) {
- audit_mmap_fd(fd, flags);
- file = fget(fd);
-diff --git a/mm/mremap.c b/mm/mremap.c
-index 1fc8a29fbe3f..1d98281f7204 100644
---- a/mm/mremap.c
-+++ b/mm/mremap.c
-@@ -607,7 +607,6 @@ SYSCALL_DEFINE5(mremap, unsigned long, addr, unsigned long, old_len,
- LIST_HEAD(uf_unmap);
-
- addr = untagged_addr(addr);
-- new_addr = untagged_addr(new_addr);
-
- if (flags & ~(MREMAP_FIXED | MREMAP_MAYMOVE))
- return ret;
---
-2.24.1
-
diff --git a/SOURCES/0003-Make-get_cert_list-use-efi_status_to_str-to-print-er.patch b/SOURCES/0003-Make-get_cert_list-use-efi_status_to_str-to-print-er.patch
index ec107ba..d1e43ed 100644
--- a/SOURCES/0003-Make-get_cert_list-use-efi_status_to_str-to-print-er.patch
+++ b/SOURCES/0003-Make-get_cert_list-use-efi_status_to_str-to-print-er.patch
@@ -1,38 +1,39 @@
-From 520e902d864930e2d4f329983d9ae9781a24231f Mon Sep 17 00:00:00 2001
+From 46daeedffe98b489014dcdcf14c89438362de7eb Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Mon, 2 Oct 2017 18:18:30 -0400
-Subject: [PATCH 3/3] Make get_cert_list() use efi_status_to_str() to print
- error messages.
+Subject: [PATCH] Make get_cert_list() use efi_status_to_str() to print error
+ messages.
Signed-off-by: Peter Jones <pjones@redhat.com>
+Signed-off-by: Jeremy Cline <jcline@redhat.com>
---
security/integrity/platform_certs/load_uefi.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/security/integrity/platform_certs/load_uefi.c b/security/integrity/platform_certs/load_uefi.c
-index 9ef34c44fd1..13a2826715d 100644
+index f0c908241966..4e783f6c6cfb 100644
--- a/security/integrity/platform_certs/load_uefi.c
+++ b/security/integrity/platform_certs/load_uefi.c
-@@ -51,7 +51,8 @@ static __init int get_cert_list(efi_char16_t *name, efi_guid_t *guid,
- }
+@@ -46,7 +46,8 @@ static __init void *get_cert_list(efi_char16_t *name, efi_guid_t *guid,
+ return NULL;
- if (status != EFI_BUFFER_TOO_SMALL) {
-- pr_err("Couldn't get size: 0x%lx\n", status);
+ if (*status != EFI_BUFFER_TOO_SMALL) {
+- pr_err("Couldn't get size: 0x%lx\n", *status);
+ pr_err("Couldn't get size: %s (0x%lx)\n",
-+ efi_status_to_str(status), status);
- return efi_status_to_err(status);
++ efi_status_to_str(*status), *status);
+ return NULL;
}
-@@ -64,7 +65,8 @@ static __init int get_cert_list(efi_char16_t *name, efi_guid_t *guid,
- status = efi.get_variable(name, guid, NULL, &lsize, db);
- if (status != EFI_SUCCESS) {
+@@ -57,7 +58,8 @@ static __init void *get_cert_list(efi_char16_t *name, efi_guid_t *guid,
+ *status = efi.get_variable(name, guid, NULL, &lsize, db);
+ if (*status != EFI_SUCCESS) {
kfree(db);
-- pr_err("Error reading db var: 0x%lx\n", status);
+- pr_err("Error reading db var: 0x%lx\n", *status);
+ pr_err("Error reading db var: %s (0x%lx)\n",
-+ efi_status_to_str(status), status);
- return efi_status_to_err(status);
++ efi_status_to_str(*status), *status);
+ return NULL;
}
--
-2.15.0
+2.24.1
diff --git a/SOURCES/drm-i915-gt-Detect-if-we-miss-WaIdleLiteRestore.patch b/SOURCES/drm-i915-gt-Detect-if-we-miss-WaIdleLiteRestore.patch
deleted file mode 100644
index c0251d1..0000000
--- a/SOURCES/drm-i915-gt-Detect-if-we-miss-WaIdleLiteRestore.patch
+++ /dev/null
@@ -1,129 +0,0 @@
-From 90de578c81e983b3d992ca3e1a7e5910c803abba Mon Sep 17 00:00:00 2001
-From: Chris Wilson <chris@chris-wilson.co.uk>
-Date: Mon, 30 Dec 2019 11:15:30 +0000
-Subject: [PATCH] drm/i915/gt: Detect if we miss WaIdleLiteRestore
-
-In order to avoid confusing the HW, we must never submit an empty ring
-during lite-restore, that is we should always advance the RING_TAIL
-before submitting to stay ahead of the RING_HEAD.
-
-Normally this is prevented by keeping a couple of spare NOPs in the
-request->wa_tail so that on resubmission we can advance the tail. This
-relies on the request only being resubmitted once, which is the normal
-condition as it is seen once for ELSP[1] and then later in ELSP[0]. On
-preemption, the requests are unwound and the tail reset back to the
-normal end point (as we know the request is incomplete and therefore its
-RING_HEAD is even earlier).
-
-However, if this w/a should fail we would try and resubmit the request
-with the RING_TAIL already set to the location of this request's wa_tail
-potentially causing a GPU hang. We can spot when we do try and
-incorrectly resubmit without advancing the RING_TAIL and spare any
-embarrassment by forcing the context restore.
-
-In the case of preempt-to-busy, we leave the requests running on the HW
-while we unwind. As the ring is still live, we cannot rewind our
-rq->tail without forcing a reload so leave it set to rq->wa_tail and
-only force a reload if we resubmit after a lite-restore. (Normally, the
-forced reload will be a part of the preemption event.)
-
-Fixes: 22b7a426bbe1 ("drm/i915/execlists: Preempt-to-busy")
-Closes: https://gitlab.freedesktop.org/drm/intel/issues/673
-Signed-off-by: Chris Wilson <chris@chris-wilson.co.uk>
-Cc: Mika Kuoppala <mika.kuoppala@linux.intel.com>
-Cc: Tvrtko Ursulin <tvrtko.ursulin@intel.com>
-Reviewed-by: Tvrtko Ursulin <tvrtko.ursulin@intel.com>
-Cc: stable@vger.kernel.org
-Link: https://patchwork.freedesktop.org/patch/msgid/20191209023215.3519970-1-chris@chris-wilson.co.uk
-(cherry picked from commit 82c69bf58650e644c61aa2bf5100b63a1070fd2f)
----
- drivers/gpu/drm/i915/gt/intel_lrc.c | 42 ++++++++++++++---------------
- 1 file changed, 20 insertions(+), 22 deletions(-)
-
-diff --git a/drivers/gpu/drm/i915/gt/intel_lrc.c b/drivers/gpu/drm/i915/gt/intel_lrc.c
-index d564bfcab6a3..49ce15553e7b 100644
---- a/drivers/gpu/drm/i915/gt/intel_lrc.c
-+++ b/drivers/gpu/drm/i915/gt/intel_lrc.c
-@@ -471,12 +471,6 @@ lrc_descriptor(struct intel_context *ce, struct intel_engine_cs *engine)
- return desc;
- }
-
--static void unwind_wa_tail(struct i915_request *rq)
--{
-- rq->tail = intel_ring_wrap(rq->ring, rq->wa_tail - WA_TAIL_BYTES);
-- assert_ring_tail_valid(rq->ring, rq->tail);
--}
--
- static struct i915_request *
- __unwind_incomplete_requests(struct intel_engine_cs *engine)
- {
-@@ -495,7 +489,6 @@ __unwind_incomplete_requests(struct intel_engine_cs *engine)
- continue; /* XXX */
-
- __i915_request_unsubmit(rq);
-- unwind_wa_tail(rq);
-
- /*
- * Push the request back into the queue for later resubmission.
-@@ -650,13 +643,29 @@ execlists_schedule_out(struct i915_request *rq)
- i915_request_put(rq);
- }
-
--static u64 execlists_update_context(const struct i915_request *rq)
-+static u64 execlists_update_context(struct i915_request *rq)
- {
- struct intel_context *ce = rq->hw_context;
-- u64 desc;
-+ u64 desc = ce->lrc_desc;
-+ u32 tail;
-
-- ce->lrc_reg_state[CTX_RING_TAIL + 1] =
-- intel_ring_set_tail(rq->ring, rq->tail);
-+ /*
-+ * WaIdleLiteRestore:bdw,skl
-+ *
-+ * We should never submit the context with the same RING_TAIL twice
-+ * just in case we submit an empty ring, which confuses the HW.
-+ *
-+ * We append a couple of NOOPs (gen8_emit_wa_tail) after the end of
-+ * the normal request to be able to always advance the RING_TAIL on
-+ * subsequent resubmissions (for lite restore). Should that fail us,
-+ * and we try and submit the same tail again, force the context
-+ * reload.
-+ */
-+ tail = intel_ring_set_tail(rq->ring, rq->tail);
-+ if (unlikely(ce->lrc_reg_state[CTX_RING_TAIL + 1] == tail))
-+ desc |= CTX_DESC_FORCE_RESTORE;
-+ ce->lrc_reg_state[CTX_RING_TAIL + 1] = tail;
-+ rq->tail = rq->wa_tail;
-
- /*
- * Make sure the context image is complete before we submit it to HW.
-@@ -675,7 +684,6 @@ static u64 execlists_update_context(const struct i915_request *rq)
- */
- mb();
-
-- desc = ce->lrc_desc;
- ce->lrc_desc &= ~CTX_DESC_FORCE_RESTORE;
-
- return desc;
-@@ -1150,16 +1158,6 @@ static void execlists_dequeue(struct intel_engine_cs *engine)
- if (!list_is_last(&last->sched.link,
- &engine->active.requests))
- return;
--
-- /*
-- * WaIdleLiteRestore:bdw,skl
-- * Apply the wa NOOPs to prevent
-- * ring:HEAD == rq:TAIL as we resubmit the
-- * request. See gen8_emit_fini_breadcrumb() for
-- * where we prepare the padding after the
-- * end of the request.
-- */
-- last->tail = last->wa_tail;
- }
- }
-
---
-2.24.1
-
diff --git a/SPECS/kernel.spec b/SPECS/kernel.spec
index faec6fe..2d8ced1 100644
--- a/SPECS/kernel.spec
+++ b/SPECS/kernel.spec
@@ -89,7 +89,7 @@ Summary: The Linux kernel
%if 0%{?released_kernel}
# Do we have a -stable update to apply?
-%define stable_update 22
+%define stable_update 25
# Set rpm version accordingly
%if 0%{?stable_update}
%define stablerev %{stable_update}
@@ -789,7 +789,6 @@ Source5000: patch-5.%{base_sublevel}-git%{gitrev}.xz
# 200 - x86 / secureboot
# bz 1497559 - Make kernel MODSIGN code not error on missing variables
-Patch200: 0001-Make-get_cert_list-not-complain-about-cert-lists-tha.patch
Patch201: 0002-Add-efi_status_to_str-and-rework-efi_status_to_err.patch
Patch202: 0003-Make-get_cert_list-use-efi_status_to_str-to-print-er.patch
@@ -850,13 +849,6 @@ Patch523: media-rc-prevent-memory-leak-in-cx23888_ir_probe.patch
# CVE-2019-18808 rhbz 1777418 1777421
Patch527: 0001-crypto-ccp-Release-all-allocated-memory-if-sha-type-.patch
-# https://bugzilla.redhat.com/show_bug.cgi?id=1797052
-# http://lists.infradead.org/pipermail/linux-arm-kernel/2020-February/712003.html
-Patch528: 0001-mm-Avoid-creating-virtual-address-aliases-in-brk-mma.patch
-
-# https://gitlab.freedesktop.org/drm/intel/issues/673
-Patch531: drm-i915-gt-Detect-if-we-miss-WaIdleLiteRestore.patch
-
# ALSA code from v5.5 (Intel ASoC Sound Open Firmware driver support)
Patch600: alsa-5.5.patch
@@ -2905,6 +2897,9 @@ fi
#
#
%changelog
+* Sat Mar 14 2020 Pablo Greco <pgreco@centosproject.org> - 5.4.25-200
+- Update to 5.4.25
+
* Wed Feb 26 2020 Pablo Greco <pgreco@centosproject.org> - 5.4.22-200
- Update to 5.4.22