Package: linux / 6.12.6-1

Metadata

Package Version Patches format
linux 6.12.6-1 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
debian/gitignore.patch | (download)

.gitignore | 25 7 18 - 0 !
1 file changed, 7 insertions( ), 18 deletions(-)

 tweak gitignore for debian pkg-kernel using git
debian/dfsg/arch powerpc platforms 8xx ucode disable.patch | (download)

arch/powerpc/platforms/8xx/Kconfig | 3 3 0 - 0 !
1 file changed, 3 insertions( )

 remove microcode patches for mgsuvd (not enabled in debian configs)
debian/dfsg/drivers media dvb dvb usb af9005 disable.patch | (download)

drivers/media/usb/dvb-usb/Kconfig | 1 1 0 - 0 !
1 file changed, 1 insertion( )

 dvb-usb-af9005: mark as broken
debian/dfsg/video remove nvidiafb and rivafb.patch | (download)

drivers/video/fbdev/Kconfig | 94 0 94 - 0 !
drivers/video/fbdev/Makefile | 2 0 2 - 0 !
2 files changed, 96 deletions(-)

 video: remove nvidiafb and rivafb
Bug-Debian: https://bugs.debian.org/383481
debian/dfsg/documentation fix broken link to cipso draft.patch | (download)

Documentation/netlabel/draft_ietf.rst | 3 1 2 - 0 !
1 file changed, 1 insertion( ), 2 deletions(-)

 documentation: fix broken link to cipso draft
debian/version.patch | (download)

Makefile | 16 15 1 - 0 !
arch/powerpc/kernel/process.c | 6 4 2 - 0 !
arch/x86/um/sysrq_64.c | 6 4 2 - 0 !
kernel/hung_task.c | 6 4 2 - 0 !
lib/dump_stack.c | 7 5 2 - 0 !
5 files changed, 32 insertions( ), 9 deletions(-)

 include package version along with kernel release in stack traces
Date: Tue, 24 Jul 2012 03:13:10  0100
debian/uname version timestamp.patch | (download)

init/Makefile | 2 1 1 - 0 !
1 file changed, 1 insertion( ), 1 deletion(-)

 make mkcompile_h accept an alternate timestamp string
Date: Tue, 12 May 2015 19:29:22  0100
debian/kernelvariables.patch | (download)

Makefile | 59 29 30 - 0 !
1 file changed, 29 insertions( ), 30 deletions(-)

 kbuild: make the toolchain variables easily overwritable
Date: Sun, 22 Feb 2009 15:39:35  0100
debian/mips boston disable its.patch | (download)

arch/mips/generic/Platform | 1 0 1 - 0 !
1 file changed, 1 deletion(-)

 disable uimage generation for mips generic 
debian/mips ieee754 relaxed.patch | (download)

arch/mips/kernel/fpu-probe.c | 7 6 1 - 0 !
1 file changed, 6 insertions( ), 1 deletion(-)

 use relaxed ieee754 mode for loongson-3 as 3a 4000 is 2008-only
debian/mips enable r2 to r6 emu by default.patch | (download)

arch/mips/kernel/mips-r2-to-r6-emul.c | 2 1 1 - 0 !
1 file changed, 1 insertion( ), 1 deletion(-)

 enable r2 to r6 emulator by default
debian/arch sh4 fix uimage build.patch | (download)

arch/sh/Makefile | 1 0 1 - 0 !
1 file changed, 1 deletion(-)

 [sh4] fix uimage build
Bug-Debian: https://bugs.debian.org/569034
debian/tools perf perf read vdso in libexec.patch | (download)

tools/perf/Makefile.perf | 8 4 4 - 0 !
1 file changed, 4 insertions( ), 4 deletions(-)

 linux-tools: install perf-read-vdso{,x}32 in directory under /usr/lib


debian/tools perf install python bindings.patch | (download)

tools/perf/Makefile.perf | 2 1 1 - 0 !
1 file changed, 1 insertion( ), 1 deletion(-)

 tools: install perf python bindings
Bug-Debian: http://bugs.debian.org/860957
debian/wireless add debian wireless regdb certificates.patch | (download)

net/wireless/certs/debian.hex | 1426 1426 0 - 0 !
1 file changed, 1426 insertions( )

 wireless: add debian wireless-regdb certificates
debian/export symbols needed by android drivers.patch | (download)

fs/file.c | 1 1 0 - 0 !
ipc/msgutil.c | 1 1 0 - 0 !
ipc/namespace.c | 1 1 0 - 0 !
kernel/sched/syscalls.c | 1 1 0 - 0 !
kernel/sched/wait.c | 1 1 0 - 0 !
kernel/task_work.c | 1 1 0 - 0 !
mm/memory.c | 1 1 0 - 0 !
security/security.c | 4 4 0 - 0 !
8 files changed, 11 insertions( )

 export symbols needed by binder
Bug-Debian: https://bugs.debian.org/901492

We want to enable use of the Android binder driver to support
Waydroid, but it should not be built-in as that would waste resources
and increase security attack surface on systems that don't need it.

Export the currently un-exported symbols it depends on.


debian/android enable building ashmem and binder as modules.patch | (download)

drivers/android/Kconfig | 2 1 1 - 0 !
drivers/android/Makefile | 7 4 3 - 0 !
drivers/android/binder_alloc.c | 2 1 1 - 0 !
3 files changed, 6 insertions( ), 5 deletions(-)

 android: enable building ashmem and binder as modules
Bug-Debian: https://bugs.debian.org/901492

We want to enable use of the Android ashmem and binder drivers to
support Anbox, but they should not be built-in as that would waste
resources and increase security attack surface on systems that don't
need them.

- Add a MODULE_LICENSE declaration to ashmem
- Change the Makefiles to build each driver as an object with the
  "_linux" suffix (which is what Anbox expects)
- Change config symbol types to tristate

Update:
In upstream commit 721412ed3d titled "staging: remove ashmem" the ashmem
driver was removed entirely. Secondary commit message:
"The mainline replacement for ashmem is memfd, so remove the legacy
code from drivers/staging/"
Consequently, the ashmem part of this patch has been removed.

debian/documentation drop sphinx version check.patch | (download)

Documentation/Makefile | 6 0 6 - 0 !
1 file changed, 6 deletions(-)

 [patch 1/2] documentation: drop sphinx version check
debian/perf traceevent support asciidoctor for documentatio.patch | (download)

tools/lib/perf/Documentation/Makefile | 2 1 1 - 0 !
tools/perf/Documentation/Makefile | 2 1 1 - 0 !
2 files changed, 2 insertions( ), 2 deletions(-)

 [patch 2/2] perf/traceevent: support asciidoctor for documentation
debian/kbuild look for module.lds under arch directory too.patch | (download)

scripts/Makefile.modfinal | 6 4 2 - 0 !
1 file changed, 4 insertions( ), 2 deletions(-)

 kbuild: look for module.lds under arch directory too
debian/kbuild abort build if subdirs used.patch | (download)

Makefile | 12 12 0 - 0 !
1 file changed, 12 insertions( )

 kbuild: abort build if subdirs used
debian/makefile make compiler version comparison optional.patch | (download)

Makefile | 2 1 1 - 0 !
1 file changed, 1 insertion( ), 1 deletion(-)

 makefile: make compiler version comparison optional
bugfix/all/revert tools build clean cflags and ldflags for fixdep.patch | (download)

tools/build/Makefile.include | 2 1 1 - 0 !
1 file changed, 1 insertion( ), 1 deletion(-)

 revert "tools build: clean cflags and ldflags for fixdep"

This reverts commit 5725dd8fa888b4dcdff58241f9d3d3ac42a048e2.  That
was a workaround for the bug fixed by commit 6b3db6f9b970 "tools
build: Make fixdep a hostprog" and is no longer needed.

Signed-off-by: Ben Hutchings <[email protected]>

debian/fixdep allow overriding hostcc and hostld.patch | (download)

tools/build/Makefile.include | 5 4 1 - 0 !
1 file changed, 4 insertions( ), 1 deletion(-)

 fixdep: allow overriding hostcc and hostld
debian/linux perf remove remaining source filenames from executable.patch | (download)

tools/perf/Build | 2 1 1 - 0 !
tools/perf/builtin-report.c | 2 2 0 - 0 !
tools/perf/tests/Build | 2 1 1 - 0 !
3 files changed, 4 insertions( ), 2 deletions(-)

 linux-perf: remove remaining source filenames from executable

When we build perf with -ffile-prefix-map, there are still 2
source directory names embedded in the executable:

1. The Documentation subdirectory, used as a fallback from the
   installed location.
2. The python subdirectory, used in the Python script test.

Remove (1) since it is an unnecessary fallback.  Change (2)
to the installed location.


features/all/drivers media dvb usb af9005 request_firmware.patch | (download)

drivers/media/usb/dvb-usb/Kconfig | 2 1 1 - 0 !
drivers/media/usb/dvb-usb/af9005-fe.c | 66 53 13 - 0 !
2 files changed, 54 insertions( ), 14 deletions(-)

 af9005: use request_firmware() to load register init script
debian/iwlwifi do not request unreleased firmware.patch | (download)

drivers/net/wireless/intel/iwlwifi/cfg/6000.c | 2 1 1 - 0 !
1 file changed, 1 insertion( ), 1 deletion(-)

 iwlwifi: do not request unreleased firmware for iwl6000
Bug-Debian: https://bugs.debian.org/689416
debian/firmware_loader log direct loading failures as info for d i.patch | (download)

drivers/base/firmware_loader/main.c | 4 4 0 - 0 !
1 file changed, 4 insertions( )

 firmware_loader: log direct loading failures as info for d-i
Date: Thu, 30 May 2024 13:14:32  0100
bugfix/all/radeon amdgpu firmware is required for drm and kms on r600 onward.patch | (download)

drivers/gpu/drm/radeon/radeon_drv.c | 30 30 0 - 0 !
1 file changed, 30 insertions( )

 radeon, amdgpu: firmware is required for drm and kms on r600 onward
Date: Tue, 08 Jan 2013 03:25:52  0000
Bug-Debian: https://bugs.debian.org/607194
Bug-Debian: https://bugs.debian.org/607471
Bug-Debian: https://bugs.debian.org/610851
Bug-Debian: https://bugs.debian.org/627497
Bug-Debian: https://bugs.debian.org/632212
Bug-Debian: https://bugs.debian.org/637943
Bug-Debian: https://bugs.debian.org/649448
Bug-Debian: https://bugs.debian.org/697229
Bug-Debian: https://bugs.debian.org/1053764
debian/af_802154 Disable auto loading as mitigation against.patch | (download)

net/ieee802154/socket.c | 2 1 1 - 0 !
1 file changed, 1 insertion( ), 1 deletion(-)

 [patch 2/3] af_802154: disable auto-loading as mitigation against local exploits
debian/rds Disable auto loading as mitigation against local.patch | (download)

net/rds/af_rds.c | 2 1 1 - 0 !
1 file changed, 1 insertion( ), 1 deletion(-)

 [patch 1/3] rds: disable auto-loading as mitigation against local exploits
debian/dccp disable auto loading as mitigation against local exploits.patch | (download)

net/dccp/ipv4.c | 4 2 2 - 0 !
net/dccp/ipv6.c | 4 2 2 - 0 !
2 files changed, 4 insertions( ), 4 deletions(-)

 dccp: disable auto-loading as mitigation against local exploits
debian/hamradio disable auto loading as mitigation against local exploits.patch | (download)

net/ax25/af_ax25.c | 2 1 1 - 0 !
net/netrom/af_netrom.c | 2 1 1 - 0 !
net/rose/af_rose.c | 2 1 1 - 0 !
3 files changed, 3 insertions( ), 3 deletions(-)

 hamradio: disable auto-loading as mitigation against local exploits
debian/fs enable link security restrictions by default.patch | (download)

fs/namei.c | 4 2 2 - 0 !
1 file changed, 2 insertions( ), 2 deletions(-)

 fs: enable link security restrictions by default
Date: Fri, 02 Nov 2012 05:32:06  0000
Bug-Debian: https://bugs.debian.org/609455
debian/yama disable by default.patch | (download)

security/yama/yama_lsm.c | 4 2 2 - 0 !
1 file changed, 2 insertions( ), 2 deletions(-)

 yama: disable by default
Date: Wed, 19 Jun 2013 04:35:28  0100
Bug-Debian: https://bugs.debian.org/712740
debian/add sysctl to disallow unprivileged CLONE_NEWUSER by default.patch | (download)

kernel/fork.c | 16 16 0 - 0 !
kernel/sysctl.c | 13 13 0 - 0 !
kernel/user_namespace.c | 3 3 0 - 0 !
3 files changed, 32 insertions( )

 add sysctl to disallow unprivileged clone_newuser by default
features/all/security perf allow further restriction of perf_event_open.patch | (download)

include/linux/perf_event.h | 5 5 0 - 0 !
kernel/events/core.c | 8 8 0 - 0 !
security/Kconfig | 9 9 0 - 0 !
3 files changed, 22 insertions( )

 security,perf: allow further restriction of perf_event_open
features/x86/intel iommu add option to exclude integrated gpu only.patch | (download)

Documentation/admin-guide/kernel-parameters.txt | 2 2 0 - 0 !
drivers/iommu/intel/iommu.c | 14 14 0 - 0 !
2 files changed, 16 insertions( )

 intel-iommu: add option to exclude integrated gpu only
Bug-Debian: https://bugs.debian.org/935270
Bug-Kali: https://bugs.kali.org/view.php?id=5644

There is still laptop firmware that touches the integrated GPU behind
the operating system's back, and doesn't say so in the RMRR table.
Enabling the IOMMU for all devices causes breakage, but turning it off
for all graphics devices seems like a major weakness.

Add an option, intel_iommu=intgpu_off, to exclude only integrated GPUs
from remapping.  This is a narrower exclusion than igfx_off: it only
affects Intel devices on the root bus.  Devices attached through an
external port (Thunderbolt or ExpressCard) won't be on the root bus.

Signed-off-by: Ben Hutchings <[email protected]>

features/x86/intel iommu add kconfig option to exclude igpu by default.patch | (download)

drivers/iommu/intel/Kconfig | 23 17 6 - 0 !
drivers/iommu/intel/iommu.c | 5 3 2 - 0 !
2 files changed, 20 insertions( ), 8 deletions(-)

 intel-iommu: add kconfig option to exclude igpu by default
Bug-Debian: https://bugs.debian.org/935270
Bug-Kali: https://bugs.kali.org/view.php?id=5644

There is still laptop firmware that touches the integrated GPU behind
the operating system's back, and doesn't say so in the RMRR table.
Enabling the IOMMU for all devices causes breakage.

Replace CONFIG_INTEL_IOMMU_DEFAULT_ON with a 3-way choice
corresponding to "on", "off", and "on,intgpu_off".

Signed-off-by: Ben Hutchings <[email protected]>

debian/cdc_ncm cdc_mbim use ncm by default.patch | (download)

drivers/net/usb/cdc_ncm.c | 4 0 4 - 0 !
1 file changed, 4 deletions(-)

 cdc_ncm,cdc_mbim: use ncm by default
Date: Sun, 31 Mar 2013 03:58:04  0100
debian/snd pcsp disable autoload.patch | (download)

sound/drivers/pcsp/pcsp.c | 2 1 1 - 0 !
1 file changed, 1 insertion( ), 1 deletion(-)

 snd-pcsp: disable autoload
bugfix/x86/viafb autoload on olpc xo1.5 only.patch | (download)

drivers/video/fbdev/via/via-core.c | 9 8 1 - 0 !
1 file changed, 8 insertions( ), 1 deletion(-)

 viafb: autoload on olpc xo 1.5 only
Bug-Debian: https://bugs.debian.org/705788
debian/fjes disable autoload.patch | (download)

drivers/net/fjes/fjes_main.c | 2 1 1 - 0 !
1 file changed, 1 insertion( ), 1 deletion(-)

 fjes: disable auto-loading
Bug-Debian: https://bugs.debian.org/853976
debian/fanotify taint on use of fanotify_access_permissions.patch | (download)

fs/notify/fanotify/fanotify_user.c | 8 8 0 - 0 !
1 file changed, 8 insertions( )

 fanotify: taint on use of fanotify_access_permissions
Date: Wed, 13 Jul 2016 01:37:22  0100
debian/btrfs warn about raid5 6 being experimental at mount.patch | (download)

fs/btrfs/super.c | 12 12 0 - 0 !
1 file changed, 12 insertions( )

 btrfs: warn about raid5/6 being experimental at mount time
Bug-Debian: https://bugs.debian.org/863290