Upgrade Linux kernel to 4.14.336
This is the last LTS version buildable using GCC 4.0.x. The next one, version 4.19, requires at least GCC 4.6. Fortunately, this is also the first version of the Linux kernel without firmware blobs being included in /firmware, so the FSFLA deblob scripts aren't needed anymore to ensure a fully auditable kernel - the 3 remaining drivers that do include blobs masquerading as source code are removed via a patch, avoiding all the other side effects of the deblob scripts. This doesn't compromise the trustworthiness of the bootstrapped environment, since all the other drivers deblob would remove use the firmware loader mechanism, which does nothing when the actual firmware blobs aren't installed on the system separately. Features dependent on firmware still won't work, but many drivers that load firmware do so only optionally. This includes r8169, the driver for the Realtek gigabit NICs found on many x86 motherboards. This kernel is considerably larger than 4.9.10, and we build more of it (including drivers that would previously get stripped away by the deblob script, such as r8169), so to accommodate that, Fiwix initrd size is increased by 64MiB, while lowering kexec space by the same amount to ensure enough userspace memory available in Fiwix. Fiwix's maximum open file count is also bumped from 1.5K to 2.5K. The Documentation folder is deleted before build, to further save space in the ramdisk.
This commit is contained in:
parent
32138d13b9
commit
11d3605b08
|
@ -1 +1 @@
|
|||
Subproject commit b6342a88fbcbbf13fa11daf8890dd6ddd5a9011f
|
||||
Subproject commit 63fd7767db0651b703b8942cfc0c92989a3e4b25
|
|
@ -35,13 +35,13 @@ ca7403a7503e8f3bb55e6c5bd54571b8c061b11c96e50ee89e006df6011d1518 bzip2-1.0.8_0.
|
|||
7450bb38caaa633f8c11269fed44eb680c6ba03bb0e19c18fce3b2450f80e358 coreutils-5.0_0.tar.bz2
|
||||
c95fd8c51c3bfbd4d08a4a50d0033ee85394e6efe4ff82703c050e4dbc4347bf coreutils-6.10_0.tar.bz2
|
||||
9fa31a4aeaa5132205efb796c8f546c94c1cfef6b5c27e64f6ebe06ca0360e67 coreutils-9.4_0.tar.bz2
|
||||
6a10f5258650ae75e92eb7aa1a5e6107b72c8b6419a4f64272262a1545c43161 curl-8.5.0_0.tar.bz2
|
||||
f9efd6600ceb91918078078ff44a33f2a4fb4a59edb804866aebd288c2cfb24e curl-8.5.0_1.tar.bz2
|
||||
1d4dec2d1885a6b5499a0f0d55e9c2c65dab532c4c593d848b6a542f67789627 dhcpcd-10.0.1_0.tar.bz2
|
||||
abd629e5675196c39dae00afbe23e2116bbd277be1d82214e2ec557a3b03994f curl-8.5.0_0.tar.bz2
|
||||
a4473a15de63a1d8ed0a9344f81b3926ce2b1324e48c2574b0042a91384aa5c7 curl-8.5.0_1.tar.bz2
|
||||
9534d834b018343b8335d0ef0b5faff3ee18e4ecbecf43a2a80deb972283f5d6 dhcpcd-10.0.1_0.tar.bz2
|
||||
abb9f6fe46c57ea809100b71497e04905deaad345d64485532bf6ef7f2a07f2c diffutils-2.7_0.tar.bz2
|
||||
41e3129b974391fe4ace69914fdef9b0fe72c6f5d87d495750fb89bdd999fa01 diffutils-3.10_0.tar.bz2
|
||||
bda6afcd3a390a34a57443269a4857ccc470129f7a557981778c145fd841cbd1 dist-3.5-236_0.tar.bz2
|
||||
3a4c5143a241364019afd39af067f1e8433bab78b04096870d9bf2c70ec6ded8 e2fsprogs-1.45.7_0.tar.bz2
|
||||
26c0835a8b9be115082a2866e906363947528169c7274bd3b82752df77e99f11 e2fsprogs-1.45.7_0.tar.bz2
|
||||
9c6f7e156f299f1d0948537e28f00d40e727a3debae3cce158e9bce827136214 ed-1.4_0.tar.bz2
|
||||
0061d240f9bb2bb534db7003ddcc4eae9981954ad72e8f41ff1d76dc449ebd37 file-5.44_0.tar.bz2
|
||||
eec07e0d710ed3dd8d0ba6a1ec6ca9f1fa3a611bbb225195435679175317bf90 findutils-4.2.33_0.tar.bz2
|
||||
|
@ -65,10 +65,10 @@ dc67fc1b132fa3945349efe74c5b2197bd0b6babf4d29d2deddd04f09d9af680 gettext-0.21_0
|
|||
e2a85aad6d51e52c9a30afeed058f95172fde1215f77243549274672990f6237 guile-3.0.9_0.tar.bz2
|
||||
6585ae3bc8149ec0e3fba766278fa30e2d7f0e7d1b9a9a4a457e0afa15b109c9 gzip-1.13_0.tar.bz2
|
||||
8d2015b87337abbf287f7a39ee4cf53514120b5d3e90a93fe7d533dcc43f14fa help2man-1.36.4_0.tar.bz2
|
||||
f650c3b24de6edd49cd662c9e9ce11f7b0b5ea6df66d561b46a032b08fc34faa kbd-1.15_0.tar.bz2
|
||||
ea5639dc6198c5f243362a1a7adfbea0cb779e085975712a1b410e82d7e0cf84 kbd-1.15_0.tar.bz2
|
||||
50a0f881161c68fe7c9ec6836b11a905b0d54e08e99b2476e8d1f5ac3212769e kexec-linux-1.0.0_0.tar.bz2
|
||||
1be7bf0319635b8bd22fd3c1a5a88ea267730a9a2e3cfff37473a5fea0779efb kexec-tools-2.0.22_0.tar.bz2
|
||||
453c10220178f097e1ab26fac6dffbee63b61890cdb8d7d24dcd6acad6ad08a3 libarchive-3.5.2_0.tar.bz2
|
||||
fc784d2c46ffe91e7d54150022c9d2687140e90e3019c1d6799f875f22d99d2e kexec-tools-2.0.22_0.tar.bz2
|
||||
e4dcdabf540a9e51a555616abff8ec2fdee5bb40bb05ce702b5410239dd5d7d8 libarchive-3.5.2_0.tar.bz2
|
||||
36550df491767bb24d2ccab304ce70a3b4956e7c0c0e0c343d922fd57cdafbdd libatomic_ops-7.6.10_0.tar.bz2
|
||||
fea96776b929569b98bc1740a9977cf8c0eff1d999a08d766bcc0f40c7b1380c libbsd-0.11.8_0.tar.bz2
|
||||
b39826742e236890f3562cdf19492e7ef4224b271f3e75ddeab1f07982b03ebe libffi-3.3_0.tar.bz2
|
||||
|
@ -76,10 +76,10 @@ b39826742e236890f3562cdf19492e7ef4224b271f3e75ddeab1f07982b03ebe libffi-3.3_0.t
|
|||
daae709e98d2df2190d1d13b4e86f7f3fe90fa7a975282fe0bb03289b6539f29 libtool-2.2.4_0.tar.bz2
|
||||
6cefa575362149620f8008a32c8af54f0198a18bc6ab910bd3cead196c1507d7 libtool-2.4.7_0.tar.bz2
|
||||
503007bbcddcf4e49d26514c59b4c9501f8b42f0c994a59dfdc388b1ae6b7900 libunistring-0.9.10_0.tar.bz2
|
||||
576c04a4b2ccbfe6b48f5f16e8bd59469e359bdc77458ed82a4025da98ad6dcb linux-4.9.10_0.tar.bz2
|
||||
d15c922973c15a8206e09020e8cfe6a78f7e93614de212f2b37ff80163799c6c linux-headers-4.9.10_0.tar.bz2
|
||||
bd3885a389d3e058081e099850f95aa7938ce1d9b88a187aea6b7196124fbcfe m4-1.4.7_0.tar.bz2
|
||||
05a99e5404bc743570abf514d09a89a719d9443e0e6f196ce92c47a2be774a8a linux-4.14.336_0.tar.bz2
|
||||
1d88015de1be5416d4794559962c1c700d72b877cc0ce2a47b28b078d11b2075 linux-headers-4.14.336_0.tar.bz2
|
||||
78b0cf6d9312e53c613186cbddd5f747310f375c1f322f33a6ac33682d2f3389 m4-1.4.19_0.tar.bz2
|
||||
bd3885a389d3e058081e099850f95aa7938ce1d9b88a187aea6b7196124fbcfe m4-1.4.7_0.tar.bz2
|
||||
e69554b0a77b419ddd5d0a0e418ba4005ecd0f6784c92a6928a0270bd929a098 make-3.82_0.tar.bz2
|
||||
6d24960d6a987f68a7e0e3abf6edb52d2e0fe4c86f6ba45327e9634dbf7d40b4 make-4.2.1_0.tar.bz2
|
||||
17cd976bc0f6e897c6fffe43dd7c55d93ce0adadf1b4dc72925b80e2d266519f mpc-1.2.1_0.tar.bz2
|
||||
|
@ -91,37 +91,37 @@ d58d85c4be26d90f111f273929a4998d05294fe5aa37c4842d5aecaa593e6079 musl-1.1.24_2.
|
|||
6dc5e763b747b66f72692c6820d7f46b7f4cf2e2fe05229a1d01c03919c1c936 musl-1.2.4_1.tar.bz2
|
||||
820203286127e7c22cee9f1b3cff664431f10d14c3f22f00b3e771fd849fd449 musl-1.2.4_2.tar.bz2
|
||||
a18c4b2e5de2bfe5bb3ee9d360484fcfebad3df042f1859d4aa333dd60f55e56 opendoas-6.8.2_0.tar.bz2
|
||||
c490016e49bbf77e7f63071f7aa60e8290a0c67f017846def1c3f65bd10d5712 openssl-1.1.1l_0.tar.bz2
|
||||
b1acdc394c2dd42f01046480db07da6b0393bf76b198abf099c4877e5e3b869e openssl-1.1.1l_0.tar.bz2
|
||||
71864d042cdc564b65eab21360902c714e9b43f80a19689c5600589529b267e7 patch-2.7.6_0.tar.bz2
|
||||
5ae7fe43d62d1064c123d9813017015e5e8d5107d0e70f0199576141416ff81d perl-5.000_0.tar.bz2
|
||||
4994c55e3832649600f190079bd4779c463478a092b167098b1d00eff3358fbe perl-5.003_0.tar.bz2
|
||||
74d64a8af080022432fa94dba449090419d25b103d247710dc0b6102a4ad86a6 perl-5.10.1_0.tar.bz2
|
||||
c6c3d729cf36b820f9a671130b84c83fd384f38f639be63804e90c3a1f21d3ab perl-5.32.1_0.tar.bz2
|
||||
101a791b6843b997ec10d5ce6dc32af2637f687772674eb6f1cdc1c8ff836a03 perl-5.6.2_0.tar.bz2
|
||||
ae6c84e55c2d9bcd7b80bf780ae6921fe890608123c9ba904e1b7d90759ade3d perl5.004-05_0.tar.bz2
|
||||
8cedd2240bbbd5bca65a1362998ed73884756aa7ff5208226d3fa22c68868052 perl5.005-03_0.tar.bz2
|
||||
74d64a8af080022432fa94dba449090419d25b103d247710dc0b6102a4ad86a6 perl-5.10.1_0.tar.bz2
|
||||
bbbfde31441fab7fe8b825409fae8b2cd1032950d8f5a32fb8b9cf1555e11a70 perl-5.32.1_0.tar.bz2
|
||||
101a791b6843b997ec10d5ce6dc32af2637f687772674eb6f1cdc1c8ff836a03 perl-5.6.2_0.tar.bz2
|
||||
1b9d4260edf7b2241d10e4c4ad17d0f90047bd4bf42f2487a7133902529e9dfe pkg-config-0.29.2_0.tar.bz2
|
||||
2f7198009e4d021d52ee4ce86241b4936fb88349c20cc8b6c286261368878c3c python-2.0.1_0.tar.bz2
|
||||
b5d86ddc98cfbc684b03f1c84c786caaad810d5e4c7be38089f324eb3c276ad9 python-2.0.1_1.tar.bz2
|
||||
396577cdd0cc61d76420a1771c64156e49e8f9d00430c82feb88ad933b341632 python-2.3.7_0.tar.bz2
|
||||
2499cb7f10f292c3506fbf1b6a876195179ec98edfe7b8c357140137a1449492 python-2.3.7_1.tar.bz2
|
||||
2dd06364e281da421a16251fa2258df201efd180461718f5a000012c4b2bdfe5 python-2.5.6_0.tar.bz2
|
||||
52ffb1ea6f2b893a6fd26f930c8ff63f78ddcc31ac3ec9c2ddade555205aa1ef python-3.11.1_0.tar.bz2
|
||||
3508248f299b73c50e3607c4c294d40face05170476a5026b0821aed69025863 python-3.1.5_0.tar.bz2
|
||||
12b1ffc7ec98ba8f807160b93ba69a694d5395567c3bcac1e49e8f8d1d50de43 python-3.1.5_1.tar.bz2
|
||||
fde3a6af334434b35a8db0711d33c21a96762d09ff912e19638efbdf2dc363c5 python-3.11.1_0.tar.bz2
|
||||
60b93253a2078f849f81e7e1ed6233e30702f03b1893640eee95671d814f5514 python-3.3.7_0.tar.bz2
|
||||
da7c8ec579dd225c0d8bee63d95aeeb27ac2d5a60d4eefe298508cbf86bf506c python-3.4.10_0.tar.bz2
|
||||
0be505f63205b4bc1b1421896c610468ad1a2194bbc4c9abf58f61685c2023d1 python-3.8.16_0.tar.bz2
|
||||
4c5c08b237d1c8cfe91d6b8f36d1942bf1e8f114894a228b5969c810ea52b8c3 python-3.8.16_0.tar.bz2
|
||||
34c51d3df85585a8aee7691b3500a5c3c7442b06a6f57231b76970bdd6e99bf9 sed-4.0.9_0.tar.bz2
|
||||
e8daec00b2c2de7b18efbec057dc9290eed06668806c6f5a48914d4a5cd95eb4 sed-4.8_0.tar.bz2
|
||||
96bd9f051aa665f6836efe3642127df6987b529ed53f1c539293fc049f0f4c28 shadow-4.14.3_0.tar.bz2
|
||||
ef2f2c791c1ae74f19c98ebcd7edae6ae28bc1d9367cc3a2cdb1ac302a156cb7 shadow-4.14.3_0.tar.bz2
|
||||
912d8f344104f1322255d6210c7c7e1371413ab530b2c6796e6aa565c74bf647 tar-1.34_0.tar.bz2
|
||||
1667937d5d646f2bb7ec7ab54a23ddd65a0ae3ca7d5e597f3fbcd5163031d2ef tcc-0.9.27_0.tar.bz2
|
||||
b20cea098c8ff635a0ce9f99430d7c9a75d081194941ab54dc92dbc8af3776a4 tcc-0.9.27_1.tar.bz2
|
||||
8e8cc802fccdb907cd74501dccce1ee85ffb0150b33b4719f86d6720f5b09a7a tcc-0.9.27_2.tar.bz2
|
||||
d4fe9460ca561fc2f546f9730f19f541b17dac0bcc42eb190abba856588c3593 tcc-0.9.27_3.tar.bz2
|
||||
50ebaa1d8fcc4a03a43d431eb71e2f435cc8712ae47d400564df3716037d553a texinfo-6.7_0.tar.bz2
|
||||
858f3c9b3e824d6cdff8009de171fb1ac6932adc227efd854aebf29aba0bbf7c util-linux-2.19.1_0.tar.bz2
|
||||
59bda6faaa95782154b917a6600cdf932e08cd6bf9388ba40d801baf18e5b454 util-linux-2.19.1_0.tar.bz2
|
||||
ecdb7ffeb9256f6a9760be70969fe5dea9cde6a538cc88595281fe44340e98a1 which-2.21_0.tar.bz2
|
||||
3fade2079cc91f2c5624ff7247220059caee82e7de493332103d7a78155400b2 xz-5.4.1_0.tar.bz2
|
||||
ca8ec9876a7334f5f87e1159e0efe343b8b497ffb0dea8b548223035ecd67f9e zlib-1.2.13_0.tar.bz2
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
#undef NR_CALLOUTS
|
||||
#define NR_CALLOUTS NR_PROCS
|
||||
#undef NR_OPENS
|
||||
#define NR_OPENS 1536
|
||||
#define NR_OPENS 4096
|
||||
#undef NR_FLOCKS
|
||||
#define NR_FLOCKS (NR_PROCS * 5)
|
||||
#undef MAX_PID_VALUE
|
||||
|
|
|
@ -3,6 +3,6 @@
|
|||
#undef CHILD_MAX
|
||||
#define CHILD_MAX 4096
|
||||
#undef OPEN_MAX
|
||||
#define OPEN_MAX 1536
|
||||
#define OPEN_MAX 4096
|
||||
#undef FD_SETSIZE
|
||||
#define FD_SETSIZE OPEN_MAX
|
||||
|
|
|
@ -1 +1 @@
|
|||
5aee0b059f5dddb096779b9fb7d6f5f47b56da750623a0a506f47632d31efac6 /boot/fiwix
|
||||
2c6d2d24bc1ffcec1af415b031846d06f581cd4d2b8ba721fed55f98863a79f9 /boot/fiwix
|
||||
|
|
|
@ -38,9 +38,9 @@ for source in "${DISTFILES}/"*; do
|
|||
rm "${source}"
|
||||
done
|
||||
|
||||
if [ -e "/external/repo-preseeded/linux-4.9.10_0.tar.bz2" ]; then
|
||||
if [ -e "/external/repo-preseeded/linux-4.14.336_0.tar.bz2" ]; then
|
||||
# This is done in src_extract out of necessity usually -- I can't think of a better solution :(
|
||||
rm -f "${DISTFILES}/linux-4.9.10.tar.xz"
|
||||
rm -f "${DISTFILES}/linux-4.14.336.tar.xz"
|
||||
fi
|
||||
|
||||
unset get_source_filename
|
||||
|
|
|
@ -24,11 +24,11 @@ grub-install "/dev/${PHYSICAL}"
|
|||
cat > /boot/grub/grub.cfg <<- EOF
|
||||
set timeout=5
|
||||
set default=0
|
||||
menuentry 'Linux live-bootstrap (4.9.10)' {
|
||||
menuentry 'Linux live-bootstrap' {
|
||||
insmod part_msdos
|
||||
set root='$(grub-probe -d /dev/${DISK} -t bios_hints | sed -e 's/ //g')'
|
||||
set gfxpayload=auto
|
||||
linux /boot/linux-4.9.10 root=/dev/${DISK} rw $(cat /proc/cmdline)
|
||||
linux /boot/vmlinuz root=/dev/${DISK} rw $(cat /proc/cmdline)
|
||||
}
|
||||
EOF
|
||||
|
||||
|
|
|
@ -7,11 +7,11 @@
|
|||
set -ex
|
||||
|
||||
# Build the ext2 image
|
||||
make_fiwix_initrd -s 1310720 /boot/fiwix.ext2
|
||||
make_fiwix_initrd -s 1376256 /boot/fiwix.ext2
|
||||
|
||||
# Boot Fiwix
|
||||
if match x${BARE_METAL} xTrue; then
|
||||
kexec-fiwix /boot/fiwix -i /boot/fiwix.ext2 -m /e820 -c "fiwix console=/dev/tty1 root=/dev/ram0 initrd=fiwix.ext2 kexec_proto=linux kexec_size=262144 kexec_cmdline=\"init=/init consoleblank=0\""
|
||||
kexec-fiwix /boot/fiwix -i /boot/fiwix.ext2 -m /e820 -c "fiwix console=/dev/tty1 root=/dev/ram0 initrd=fiwix.ext2 kexec_proto=linux kexec_size=204800 kexec_cmdline=\"init=/init consoleblank=0\""
|
||||
else
|
||||
kexec-fiwix /boot/fiwix -i /boot/fiwix.ext2 -m /e820 -c "fiwix console=/dev/ttyS0 root=/dev/ram0 initrd=fiwix.ext2 kexec_proto=linux kexec_size=262144 kexec_cmdline=\"init=/init console=ttyS0\""
|
||||
kexec-fiwix /boot/fiwix -i /boot/fiwix.ext2 -m /e820 -c "fiwix console=/dev/ttyS0 root=/dev/ram0 initrd=fiwix.ext2 kexec_proto=linux kexec_size=204800 kexec_cmdline=\"init=/init console=ttyS0\""
|
||||
fi
|
||||
|
|
|
@ -17,15 +17,15 @@ if [ "${KERNEL_BOOTSTRAP}" = True ]; then
|
|||
find / -xdev -type d -printf "dir %p %m %U %G\n" >> /initramfs.list
|
||||
find / -xdev -type f -printf "file %p %p %m %U %G\n" >> /initramfs.list
|
||||
find / -xdev -type l -printf "slink %p %l %m %U %G\n" >> /initramfs.list
|
||||
kexec-linux "/dev/ram1" "/boot/linux-4.9.10" "!gen_init_cpio /initramfs.list | gzip -c"
|
||||
kexec-linux "/dev/ram1" "/boot/vmlinuz" "!gen_init_cpio /initramfs.list | gzip -c"
|
||||
else
|
||||
mkdir /etc
|
||||
# kexec time
|
||||
if [ "${BARE_METAL}" = True ]; then
|
||||
kexec -l "/boot/linux-4.9.10" \
|
||||
kexec -l "/boot/vmlinuz" \
|
||||
--append="root=/dev/sda1 rootfstype=ext3 init=/init rw"
|
||||
else
|
||||
kexec -l "/boot/linux-4.9.10" --console-serial \
|
||||
kexec -l "/boot/vmlinuz" --console-serial \
|
||||
--append="console=ttyS0 root=/dev/sda1 rootfstype=ext3 init=/init rw"
|
||||
fi
|
||||
kexec -e
|
||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -3,11 +3,8 @@
|
|||
#
|
||||
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||
|
||||
# XXX: Fix package after builder-hex0
|
||||
|
||||
src_unpack() {
|
||||
mkdir "${pkg}"
|
||||
cp "${DISTFILES}/deblob-4.9" "${pkg}/"
|
||||
default || true # Predictable link errors - not a problem
|
||||
rm "${DISTFILES}/${pkg}.tar.xz"
|
||||
}
|
||||
|
@ -32,12 +29,11 @@ src_prepare() {
|
|||
|
||||
generate_autoconf_h
|
||||
|
||||
# Deblob the kernel
|
||||
chmod +x deblob-4.9
|
||||
./deblob-4.9 --force
|
||||
|
||||
# Remove shipped files
|
||||
find . -name "*_shipped*" -delete
|
||||
|
||||
# Remove documentation to save space
|
||||
rm -rf Documentation
|
||||
}
|
||||
|
||||
src_compile() {
|
||||
|
@ -54,7 +50,7 @@ src_compile() {
|
|||
}
|
||||
|
||||
src_install() {
|
||||
install -D -m 644 arch/i386/boot/bzImage "${DESTDIR}/boot/linux-4.9.10"
|
||||
install -D -m 644 arch/i386/boot/bzImage "${DESTDIR}/boot/vmlinuz"
|
||||
install -D -m 755 usr/gen_init_cpio "${DESTDIR}${PREFIX}/bin/gen_init_cpio"
|
||||
install -D -m 755 scripts/gen_initramfs_list.sh "${DESTDIR}${PREFIX}/bin/gen_initramfs_list.sh"
|
||||
}
|
|
@ -0,0 +1,60 @@
|
|||
SPDX-FileCopyrightText: 2022 Sean Christopherson <seanjc@google.com>
|
||||
|
||||
SPDX-License-Identifier: GPL-2.0-only
|
||||
|
||||
Revert the following patch:
|
||||
From ddfd117714014cebe7b5d008fdec8eaec620cba1 Mon Sep 17 00:00:00 2001
|
||||
From: Sean Christopherson <seanjc@google.com>
|
||||
Date: Wed, 30 Nov 2022 23:36:48 +0000
|
||||
Subject: [PATCH] x86/virt: Force GIF=1 prior to disabling SVM (for reboot
|
||||
flows)
|
||||
|
||||
commit 6a3236580b0b1accc3976345e723104f74f6f8e6 upstream.
|
||||
|
||||
Set GIF=1 prior to disabling SVM to ensure that INIT is recognized if the
|
||||
kernel is disabling SVM in an emergency, e.g. if the kernel is about to
|
||||
jump into a crash kernel or may reboot without doing a full CPU RESET.
|
||||
If GIF is left cleared, the new kernel (or firmware) will be unabled to
|
||||
awaken APs. Eat faults on STGI (due to EFER.SVME=0) as it's possible
|
||||
that SVM could be disabled via NMI shootdown between reading EFER.SVME
|
||||
and executing STGI.
|
||||
|
||||
Link: https://lore.kernel.org/all/cbcb6f35-e5d7-c1c9-4db9-fe5cc4de579a@amd.com
|
||||
Cc: stable@vger.kernel.org
|
||||
Cc: Andrew Cooper <Andrew.Cooper3@citrix.com>
|
||||
Cc: Tom Lendacky <thomas.lendacky@amd.com>
|
||||
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
|
||||
Link: https://lore.kernel.org/r/20221130233650.1404148-3-seanjc@google.com
|
||||
Signed-off-by: Sean Christopherson <seanjc@google.com>
|
||||
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||||
---
|
||||
arch/x86/include/asm/virtext.h | 16 +++++++++++++++-
|
||||
1 file changed, 15 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/arch/x86/include/asm/virtext.h b/arch/x86/include/asm/virtext.h
|
||||
index 0116b2ee9e64f..4699acd602af4 100644
|
||||
--- arch/x86/include/asm/virtext.h
|
||||
+++ arch/x86/include/asm/virtext.h
|
||||
@@ -114,21 +114,7 @@ static inline void cpu_svm_disable(void)
|
||||
|
||||
wrmsrl(MSR_VM_HSAVE_PA, 0);
|
||||
rdmsrl(MSR_EFER, efer);
|
||||
- if (efer & EFER_SVME) {
|
||||
- /*
|
||||
- * Force GIF=1 prior to disabling SVM to ensure INIT and NMI
|
||||
- * aren't blocked, e.g. if a fatal error occurred between CLGI
|
||||
- * and STGI. Note, STGI may #UD if SVM is disabled from NMI
|
||||
- * context between reading EFER and executing STGI. In that
|
||||
- * case, GIF must already be set, otherwise the NMI would have
|
||||
- * been blocked, so just eat the fault.
|
||||
- */
|
||||
- asm_volatile_goto("1: stgi\n\t"
|
||||
- _ASM_EXTABLE(1b, %l[fault])
|
||||
- ::: "memory" : fault);
|
||||
-fault:
|
||||
- wrmsrl(MSR_EFER, efer & ~EFER_SVME);
|
||||
- }
|
||||
+ wrmsrl(MSR_EFER, efer & ~EFER_SVME);
|
||||
}
|
||||
|
||||
/** Makes sure SVM is disabled, if it is supported on the CPU
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,24 @@
|
|||
SPDX-FileCopyrightText: 2024 Gábor Stefanik <netrolller.3d@gmail.com>
|
||||
|
||||
SPDX-License-Identifier: GPL-2.0-only
|
||||
|
||||
Remove BUILD_BUG_ON check as it causes a link error
|
||||
|
||||
--- drivers/gpu/drm/drm_edid.c.bak 2024-02-16 08:36:01.168832650 +0100
|
||||
+++ drivers/gpu/drm/drm_edid.c 2024-02-16 08:36:58.148828524 +0100
|
||||
@@ -2879,15 +2879,6 @@
|
||||
* get the other variants by simply increasing the
|
||||
* vertical front porch length.
|
||||
*/
|
||||
- BUILD_BUG_ON(edid_cea_modes[8].vtotal != 262 ||
|
||||
- edid_cea_modes[9].vtotal != 262 ||
|
||||
- edid_cea_modes[12].vtotal != 262 ||
|
||||
- edid_cea_modes[13].vtotal != 262 ||
|
||||
- edid_cea_modes[23].vtotal != 312 ||
|
||||
- edid_cea_modes[24].vtotal != 312 ||
|
||||
- edid_cea_modes[27].vtotal != 312 ||
|
||||
- edid_cea_modes[28].vtotal != 312);
|
||||
-
|
||||
if (((vic == 8 || vic == 9 ||
|
||||
vic == 12 || vic == 13) && mode->vtotal < 263) ||
|
||||
((vic == 23 || vic == 24 ||
|
|
@ -0,0 +1,42 @@
|
|||
SPDX-FileCopyrightText: 2024 Gábor Stefanik <netrolller.3d@gmail.com>
|
||||
|
||||
SPDX-License-Identifier: GPL-2.0-only
|
||||
|
||||
Name the union in i2c_hid_desc_override, to avoid unknown field error
|
||||
|
||||
--- drivers/hid/i2c-hid/i2c-hid-dmi-quirks.c.bak 2024-02-15 13:27:20.177877726 +0100
|
||||
+++ drivers/hid/i2c-hid/i2c-hid-dmi-quirks.c 2024-02-15 15:11:15.787482938 +0100
|
||||
@@ -18,7 +18,7 @@
|
||||
union {
|
||||
struct i2c_hid_desc *i2c_hid_desc;
|
||||
uint8_t *i2c_hid_desc_buffer;
|
||||
- };
|
||||
+ } u;
|
||||
uint8_t *hid_report_desc;
|
||||
unsigned int hid_report_desc_size;
|
||||
uint8_t *i2c_name;
|
||||
@@ -36,6 +36,7 @@
|
||||
*/
|
||||
|
||||
static const struct i2c_hid_desc_override sipodev_desc = {
|
||||
+ .u = {
|
||||
.i2c_hid_desc_buffer = (uint8_t [])
|
||||
{0x1e, 0x00, /* Length of descriptor */
|
||||
0x00, 0x01, /* Version of descriptor */
|
||||
@@ -52,6 +53,7 @@
|
||||
0x06, 0x00, /* Version ID */
|
||||
0x00, 0x00, 0x00, 0x00 /* Reserved */
|
||||
},
|
||||
+ },
|
||||
|
||||
.hid_report_desc = (uint8_t [])
|
||||
{0x05, 0x01, /* Usage Page (Desktop), */
|
||||
@@ -422,7 +424,7 @@
|
||||
if (strcmp(override->i2c_name, i2c_name))
|
||||
return NULL;
|
||||
|
||||
- return override->i2c_hid_desc;
|
||||
+ return override->u.i2c_hid_desc;
|
||||
}
|
||||
|
||||
char *i2c_hid_get_dmi_hid_report_desc_override(uint8_t *i2c_name,
|
|
@ -0,0 +1,17 @@
|
|||
SPDX-FileCopyrightText: 2024 Gábor Stefanik <netrolller.3d@gmail.com>
|
||||
|
||||
SPDX-License-Identifier: GPL-2.0-only
|
||||
|
||||
Neuter the __i915_sw_fence_call define, which our gcc can't understand
|
||||
|
||||
--- drivers/gpu/drm/i915/i915_sw_fence.h.bak 2024-02-15 12:21:07.758127759 +0100
|
||||
+++ drivers/gpu/drm/i915/i915_sw_fence.h 2024-02-15 12:22:04.498124232 +0100
|
||||
@@ -37,7 +37,7 @@
|
||||
|
||||
typedef int (*i915_sw_fence_notify_t)(struct i915_sw_fence *,
|
||||
enum i915_sw_fence_notify state);
|
||||
-#define __i915_sw_fence_call __aligned(4)
|
||||
+#define __i915_sw_fence_call /* __aligned(4) */
|
||||
|
||||
void __i915_sw_fence_init(struct i915_sw_fence *fence,
|
||||
i915_sw_fence_notify_t fn,
|
|
@ -0,0 +1,17 @@
|
|||
SPDX-FileCopyrightText: 2024 Gábor Stefanik <netrolller.3d@gmail.com>
|
||||
|
||||
SPDX-License-Identifier: GPL-2.0-only
|
||||
|
||||
Remove -Wno-array-bounds which gcc-4.0.4 doesn't recognize
|
||||
|
||||
--- drivers/net/ethernet/broadcom/Makefile.bak 2024-02-15 17:05:34.617050047 +0100
|
||||
+++ drivers/net/ethernet/broadcom/Makefile 2024-02-15 17:06:06.097047984 +0100
|
||||
@@ -16,8 +16,3 @@
|
||||
obj-$(CONFIG_BGMAC_PLATFORM) += bgmac-platform.o
|
||||
obj-$(CONFIG_SYSTEMPORT) += bcmsysport.o
|
||||
obj-$(CONFIG_BNXT) += bnxt/
|
||||
-
|
||||
-# FIXME: temporarily silence -Warray-bounds on non W=1+ builds
|
||||
-ifndef KBUILD_EXTRA_WARN
|
||||
-CFLAGS_tg3.o += -Wno-array-bounds
|
||||
-endif
|
|
@ -0,0 +1 @@
|
|||
https://cdn.kernel.org/pub/linux/kernel/v4.x/linux-4.14.336.tar.xz 0820fdb7971c6974338081c11fbf2dc869870501e7bdcac4d0ed58ba1f57b61c
|
|
@ -1,2 +0,0 @@
|
|||
https://cdn.kernel.org/pub/linux/kernel/v4.x/linux-4.9.10.tar.xz bd6e05476fd8d9ea4945e11598d87bc97806bbc8d03556abbaaf809707661525
|
||||
https://linux-libre.fsfla.org/pub/linux-libre/releases/old/gen6/4.9.10-gnu/deblob-4.9 af4214b851928a53ef470ed8729122b9db910a6c0769d5d46a5de0b3e96f74f3
|
|
@ -3,7 +3,7 @@
|
|||
#
|
||||
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||
|
||||
extract="linux-4.9.10/scripts linux-4.9.10/include linux-4.9.10/arch/x86/include linux-4.9.10/arch/x86/entry"
|
||||
extract="linux-4.14.336/scripts linux-4.14.336/include linux-4.14.336/arch/x86/include linux-4.14.336/arch/x86/entry"
|
||||
|
||||
src_prepare() {
|
||||
default
|
||||
|
@ -49,8 +49,8 @@ src_install() {
|
|||
# Generate linux/version.h
|
||||
# Rules are from makefile
|
||||
VERSION=4
|
||||
PATCHLEVEL=9
|
||||
SUBLEVEL=10
|
||||
PATCHLEVEL=14
|
||||
SUBLEVEL=336
|
||||
VERSION_CODE="$((VERSION * 65536 + PATCHLEVEL * 256 + SUBLEVEL))"
|
||||
echo '#define LINUX_VERSION_CODE '"${VERSION_CODE}" \
|
||||
> "${DESTDIR}${PREFIX}/include/linux/version.h"
|
|
@ -0,0 +1 @@
|
|||
https://cdn.kernel.org/pub/linux/kernel/v4.x/linux-4.14.336.tar.xz 0820fdb7971c6974338081c11fbf2dc869870501e7bdcac4d0ed58ba1f57b61c
|
|
@ -1,160 +0,0 @@
|
|||
SPDX-FileCopyrightText: 2018 Felix Janda <felix.janda@posteo.de>
|
||||
|
||||
SPDX-License-Identifier: GPL-2.0-only
|
||||
|
||||
Applies cleanly (backport).
|
||||
|
||||
From c0bace798436bca0fdc221ff61143f1376a9c3de Mon Sep 17 00:00:00 2001
|
||||
From: Date: Mon, 1 Jan 2018 19:33:20 +0100
|
||||
Subject: uapi libc compat: add fallback for unsupported libcs
|
||||
|
||||
libc-compat.h aims to prevent symbol collisions between uapi and libc
|
||||
headers for each supported libc. This requires continuous coordination
|
||||
between them.
|
||||
|
||||
The goal of this commit is to improve the situation for libcs (such as
|
||||
musl) which are not yet supported and/or do not wish to be explicitly
|
||||
supported, while not affecting supported libcs. More precisely, with
|
||||
this commit, unsupported libcs can request the suppression of any
|
||||
specific uapi definition by defining the correspondings _UAPI_DEF_*
|
||||
macro as 0. This can fix symbol collisions for them, as long as the
|
||||
libc headers are included before the uapi headers. Inclusion in the
|
||||
other order is outside the scope of this commit.
|
||||
|
||||
All infrastructure in order to enable this fallback for unsupported
|
||||
libcs is already in place, except that libc-compat.h unconditionally
|
||||
defines all _UAPI_DEF_* macros to 1 for all unsupported libcs so that
|
||||
any previous definitions are ignored. In order to fix this, this commit
|
||||
merely makes these definitions conditional.
|
||||
|
||||
This commit together with the musl libc commit
|
||||
|
||||
http://git.musl-libc.org/cgit/musl/commit/?id=04983f2272382af92eb8f8838964ff944fbb8258
|
||||
|
||||
fixes for example the following compiler errors when <linux/in6.h> is
|
||||
included after musl's <netinet/in.h>:
|
||||
|
||||
./linux/in6.h:32:8: error: redefinition of 'struct in6_addr'
|
||||
./linux/in6.h:49:8: error: redefinition of 'struct sockaddr_in6'
|
||||
./linux/in6.h:59:8: error: redefinition of 'struct ipv6_mreq'
|
||||
|
||||
The comments referencing glibc are still correct, but this file is not
|
||||
only used for glibc any more.
|
||||
|
||||
Signed-off-by: Felix Janda <felix.janda@posteo.de>
|
||||
Reviewed-by: Hauke Mehrtens <hauke@hauke-m.de>
|
||||
Signed-off-by: David S. Miller <davem@davemloft.net>
|
||||
---
|
||||
include/uapi/linux/libc-compat.h | 55 +++++++++++++++++++++++++++++++++++++++-
|
||||
1 file changed, 54 insertions(+), 1 deletion(-)
|
||||
|
||||
(limited to 'include/uapi/linux/libc-compat.h')
|
||||
|
||||
diff --git include/uapi/linux/libc-compat.h include/uapi/linux/libc-compat.h
|
||||
index 282875cf805657..8254c937c9f455 100644
|
||||
--- include/uapi/linux/libc-compat.h
|
||||
+++ include/uapi/linux/libc-compat.h
|
||||
@@ -168,46 +168,99 @@
|
||||
|
||||
/* If we did not see any headers from any supported C libraries,
|
||||
* or we are being included in the kernel, then define everything
|
||||
- * that we need. */
|
||||
+ * that we need. Check for previous __UAPI_* definitions to give
|
||||
+ * unsupported C libraries a way to opt out of any kernel definition. */
|
||||
#else /* !defined(__GLIBC__) */
|
||||
|
||||
/* Definitions for if.h */
|
||||
+#ifndef __UAPI_DEF_IF_IFCONF
|
||||
#define __UAPI_DEF_IF_IFCONF 1
|
||||
+#endif
|
||||
+#ifndef __UAPI_DEF_IF_IFMAP
|
||||
#define __UAPI_DEF_IF_IFMAP 1
|
||||
+#endif
|
||||
+#ifndef __UAPI_DEF_IF_IFNAMSIZ
|
||||
#define __UAPI_DEF_IF_IFNAMSIZ 1
|
||||
+#endif
|
||||
+#ifndef __UAPI_DEF_IF_IFREQ
|
||||
#define __UAPI_DEF_IF_IFREQ 1
|
||||
+#endif
|
||||
/* Everything up to IFF_DYNAMIC, matches net/if.h until glibc 2.23 */
|
||||
+#ifndef __UAPI_DEF_IF_NET_DEVICE_FLAGS
|
||||
#define __UAPI_DEF_IF_NET_DEVICE_FLAGS 1
|
||||
+#endif
|
||||
/* For the future if glibc adds IFF_LOWER_UP, IFF_DORMANT and IFF_ECHO */
|
||||
+#ifndef __UAPI_DEF_IF_NET_DEVICE_FLAGS_LOWER_UP_DORMANT_ECHO
|
||||
#define __UAPI_DEF_IF_NET_DEVICE_FLAGS_LOWER_UP_DORMANT_ECHO 1
|
||||
+#endif
|
||||
|
||||
/* Definitions for in.h */
|
||||
+#ifndef __UAPI_DEF_IN_ADDR
|
||||
#define __UAPI_DEF_IN_ADDR 1
|
||||
+#endif
|
||||
+#ifndef __UAPI_DEF_IN_IPPROTO
|
||||
#define __UAPI_DEF_IN_IPPROTO 1
|
||||
+#endif
|
||||
+#ifndef __UAPI_DEF_IN_PKTINFO
|
||||
#define __UAPI_DEF_IN_PKTINFO 1
|
||||
+#endif
|
||||
+#ifndef __UAPI_DEF_IP_MREQ
|
||||
#define __UAPI_DEF_IP_MREQ 1
|
||||
+#endif
|
||||
+#ifndef __UAPI_DEF_SOCKADDR_IN
|
||||
#define __UAPI_DEF_SOCKADDR_IN 1
|
||||
+#endif
|
||||
+#ifndef __UAPI_DEF_IN_CLASS
|
||||
#define __UAPI_DEF_IN_CLASS 1
|
||||
+#endif
|
||||
|
||||
/* Definitions for in6.h */
|
||||
+#ifndef __UAPI_DEF_IN6_ADDR
|
||||
#define __UAPI_DEF_IN6_ADDR 1
|
||||
+#endif
|
||||
+#ifndef __UAPI_DEF_IN6_ADDR_ALT
|
||||
#define __UAPI_DEF_IN6_ADDR_ALT 1
|
||||
+#endif
|
||||
+#ifndef __UAPI_DEF_SOCKADDR_IN6
|
||||
#define __UAPI_DEF_SOCKADDR_IN6 1
|
||||
+#endif
|
||||
+#ifndef __UAPI_DEF_IPV6_MREQ
|
||||
#define __UAPI_DEF_IPV6_MREQ 1
|
||||
+#endif
|
||||
+#ifndef __UAPI_DEF_IPPROTO_V6
|
||||
#define __UAPI_DEF_IPPROTO_V6 1
|
||||
+#endif
|
||||
+#ifndef __UAPI_DEF_IPV6_OPTIONS
|
||||
#define __UAPI_DEF_IPV6_OPTIONS 1
|
||||
+#endif
|
||||
+#ifndef __UAPI_DEF_IN6_PKTINFO
|
||||
#define __UAPI_DEF_IN6_PKTINFO 1
|
||||
+#endif
|
||||
+#ifndef __UAPI_DEF_IP6_MTUINFO
|
||||
#define __UAPI_DEF_IP6_MTUINFO 1
|
||||
+#endif
|
||||
|
||||
/* Definitions for ipx.h */
|
||||
+#ifndef __UAPI_DEF_SOCKADDR_IPX
|
||||
#define __UAPI_DEF_SOCKADDR_IPX 1
|
||||
+#endif
|
||||
+#ifndef __UAPI_DEF_IPX_ROUTE_DEFINITION
|
||||
#define __UAPI_DEF_IPX_ROUTE_DEFINITION 1
|
||||
+#endif
|
||||
+#ifndef __UAPI_DEF_IPX_INTERFACE_DEFINITION
|
||||
#define __UAPI_DEF_IPX_INTERFACE_DEFINITION 1
|
||||
+#endif
|
||||
+#ifndef __UAPI_DEF_IPX_CONFIG_DATA
|
||||
#define __UAPI_DEF_IPX_CONFIG_DATA 1
|
||||
+#endif
|
||||
+#ifndef __UAPI_DEF_IPX_ROUTE_DEF
|
||||
#define __UAPI_DEF_IPX_ROUTE_DEF 1
|
||||
+#endif
|
||||
|
||||
/* Definitions for xattr.h */
|
||||
+#ifndef __UAPI_DEF_XATTR
|
||||
#define __UAPI_DEF_XATTR 1
|
||||
+#endif
|
||||
|
||||
#endif /* __GLIBC__ */
|
||||
|
||||
--
|
||||
cgit
|
||||
|
|
@ -1 +0,0 @@
|
|||
https://cdn.kernel.org/pub/linux/kernel/v4.x/linux-4.9.10.tar.xz bd6e05476fd8d9ea4945e11598d87bc97806bbc8d03556abbaaf809707661525
|
|
@ -110,7 +110,7 @@ improve: populate_device_nodes
|
|||
build: gcc-4.0.4
|
||||
build: findutils-4.2.33
|
||||
build: musl-1.2.4
|
||||
build: linux-headers-4.9.10
|
||||
build: linux-headers-4.14.336
|
||||
build: gcc-4.0.4
|
||||
build: util-linux-2.19.1
|
||||
build: e2fsprogs-1.45.7
|
||||
|
@ -124,7 +124,7 @@ build: kexec-linux-1.0.0 ( BUILD_LINUX == True )
|
|||
build: kexec-tools-2.0.22 ( BUILD_LINUX == True )
|
||||
improve: clean_sources
|
||||
improve: clean_artifacts
|
||||
build: linux-4.9.10 ( BUILD_LINUX == True )
|
||||
build: linux-4.14.336 ( BUILD_LINUX == True )
|
||||
jump: break ( INTERNAL_CI == pass1 )
|
||||
improve: populate_device_nodes
|
||||
jump: linux ( CHROOT == False )
|
||||
|
|
|
@ -34,7 +34,7 @@ NOTE: this patch CANNOT be applied to a non-live-bootstrap environment.
|
|||
# because the A-Z/a-z are not consecutive.
|
||||
-myuname=`echo $myuname | $sed -e "s,['/],,g" | \
|
||||
- ./tr '[A-Z]' '[a-z]' | $tr $trnl ' '`
|
||||
+myuname="linux (none) 4.9.10-gnu_1 #1 mon jan 1 00:00:01 1970 i686 gnulinux"
|
||||
+myuname="linux (none) 4.14.336 #1 mon jan 1 00:00:01 1970 i686 gnulinux"
|
||||
?X: Save the value we just computed to reset myuname after we get done here.
|
||||
newmyuname="$myuname"
|
||||
dflt=n
|
||||
|
@ -43,7 +43,7 @@ NOTE: this patch CANNOT be applied to a non-live-bootstrap environment.
|
|||
?X: into using the SysV case!
|
||||
gnu) osname=gnu
|
||||
- osvers="$3" ;;
|
||||
+ osvers="4.9.10-gnu_1" ;;
|
||||
+ osvers="4.14.336" ;;
|
||||
?X: HP-UX uname -a gives something like
|
||||
?X: HP-UX foobar B.10.20 A 9000/735 2016483812 two-user license
|
||||
?X: Preserve the full 10.20 string instead of the previous plain '10'.
|
||||
|
|
|
@ -41,7 +41,7 @@ NOTE: this patch CANNOT be applied to a non-live-bootstrap environment.
|
|||
linux) osname=linux
|
||||
case "$3" in
|
||||
- *) osvers="$3" ;;
|
||||
+ *) osvers="4.9.10-gnu_1" ;;
|
||||
+ *) osvers="4.14.336" ;;
|
||||
esac
|
||||
;;
|
||||
MiNT) osname=mint
|
||||
|
|
Loading…
Reference in New Issue