diff --git a/.kernel.metadata b/.kernel.metadata index b5a1e3e..e40fa87 100644 --- a/.kernel.metadata +++ b/.kernel.metadata @@ -1,3 +1,3 @@ c64d80ad01a6a77bf46bce1bdc5c7f28bfb6bfd5 SOURCES/linux-4.14.tar.xz 7c7b661673896f836b505d872aa1ee842062c60e SOURCES/perf-man-4.14.tar.gz -b33aee72a162808af772458124b328298a0733cb SOURCES/patch-4.14.119.xz +6b4c1227a5427128257c543868a92a3015c6a831 SOURCES/patch-4.14.126.xz diff --git a/SOURCES/efi-lockdown.patch b/SOURCES/efi-lockdown.patch index 4ac65fd..c840685 100644 --- a/SOURCES/efi-lockdown.patch +++ b/SOURCES/efi-lockdown.patch @@ -1604,7 +1604,7 @@ index 66f4a4e79f4b..7c7a7e33e4d1 100644 extern int efi_status_to_err(efi_status_t status); @@ -1518,12 +1528,6 @@ efi_status_t efi_setup_gop(efi_system_table_t *sys_table_arg, - bool efi_runtime_disabled(void); + extern void efi_call_virt_check_flags(unsigned long flags, const char *call); -enum efi_secureboot_mode { diff --git a/SOURCES/kbuild-AFTER_LINK.patch b/SOURCES/kbuild-AFTER_LINK.patch index 0fd5bc7..cf6fbc6 100644 --- a/SOURCES/kbuild-AFTER_LINK.patch +++ b/SOURCES/kbuild-AFTER_LINK.patch @@ -105,7 +105,7 @@ index d540966..eeb47b6 100644 + sh $(srctree)/$(src)/checkundef.sh '$(NM)' '$@' VDSO_LDFLAGS = -shared $(call ld-option, --hash-style=both) \ - $(call ld-option, --build-id) -Bsymbolic + $(call ld-option, --build-id) $(call ld-option, --eh-frame-hdr) \ diff --git a/scripts/link-vmlinux.sh b/scripts/link-vmlinux.sh index f742c65..526eee4 100755 --- a/scripts/link-vmlinux.sh diff --git a/SOURCES/xen-pciback-Don-t-disable-PCI_COMMAND-on-PCI-device-.patch b/SOURCES/xen-pciback-Don-t-disable-PCI_COMMAND-on-PCI-device-.patch deleted file mode 100644 index 4c55bf2..0000000 --- a/SOURCES/xen-pciback-Don-t-disable-PCI_COMMAND-on-PCI-device-.patch +++ /dev/null @@ -1,48 +0,0 @@ -From: Konrad Rzeszutek Wilk -Date: Fri, 27 Mar 2015 13:31:11 -0400 -Subject: [PATCH] xen/pciback: Don't disable PCI_COMMAND on PCI device reset. - -There is no need for this at all. Worst it means that if -the guest tries to write to BARs it could lead (on certain -platforms) to PCI SERR errors. - -Please note that with af6fc858a35b90e89ea7a7ee58e66628c55c776b -"xen-pciback: limit guest control of command register" -a guest is still allowed to enable those control bits (safely), but -is not allowed to disable them and that therefore a well behaved -frontend which enables things before using them will still -function correctly. - -This is done via an write to the configuration register 0x4 which -triggers on the backend side: -command_write - \- pci_enable_device - \- pci_enable_device_flags - \- do_pci_enable_device - \- pcibios_enable_device - \-pci_enable_resourcess - [which enables the PCI_COMMAND_MEMORY|PCI_COMMAND_IO] - -However guests (and drivers) which don't do this could cause -problems, including the security issues which XSA-120 sought -to address. - -Reported-by: Jan Beulich -Signed-off-by: Konrad Rzeszutek Wilk ---- - drivers/xen/xen-pciback/pciback_ops.c | 2 -- - 1 file changed, 2 deletions(-) - -diff --git a/drivers/xen/xen-pciback/pciback_ops.c b/drivers/xen/xen-pciback/pciback_ops.c -index c4a0666de6f5..26e651336787 100644 ---- a/drivers/xen/xen-pciback/pciback_ops.c -+++ b/drivers/xen/xen-pciback/pciback_ops.c -@@ -119,8 +119,6 @@ void xen_pcibk_reset_device(struct pci_dev *dev) - if (pci_is_enabled(dev)) - pci_disable_device(dev); - -- pci_write_config_word(dev, PCI_COMMAND, 0); -- - dev->is_busmaster = 0; - } else { - pci_read_config_word(dev, PCI_COMMAND, &cmd); diff --git a/SPECS/kernel.spec b/SPECS/kernel.spec index 0e536b5..6eaf5f9 100644 --- a/SPECS/kernel.spec +++ b/SPECS/kernel.spec @@ -54,7 +54,7 @@ Summary: The Linux kernel %if 0%{?released_kernel} # Do we have a -stable update to apply? -%define stable_update 119 +%define stable_update 126 # Set rpm version accordingly %if 0%{?stable_update} %define stablerev %{stable_update} @@ -540,8 +540,6 @@ Patch119: criu-no-expert.patch Patch120: ath9k-rx-dma-stop-check.patch -Patch121: xen-pciback-Don-t-disable-PCI_COMMAND-on-PCI-device-.patch - Patch122: Input-synaptics-pin-3-touches-when-the-firmware-repo.patch # This no longer applies, let's see if it needs to be updated @@ -2239,6 +2237,10 @@ fi # # %changelog +* Sat Jun 15 2019 Pablo Greco - 4.14.126-200 +- Rebase to LTS 4.14.126 +- Remove upstreamed patches + * Thu May 16 2019 Pablo Greco - 4.14.119-200 - Rebase to LTS 4.14.119