Thomas Lamprecht
90eff7b943
bump version to 4.15.18-37
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-04-13 22:00:24 +02:00
Thomas Lamprecht
a4ea6fb33c
bump version to 4.15.18-36
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-04-11 13:06:49 +02:00
Thomas Lamprecht
61f33dc8f2
bump version to 4.15.18-35
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-03-13 08:40:24 +01:00
Fabian Grünbichler
62307a081a
ZFS/SPL: rework submodule and build
...
to follow changes made to our zfsonlinux repository.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2019-02-27 15:38:52 +01:00
Thomas Lamprecht
9bd09ca97a
bump version to 4.15.18-34
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-02-25 15:31:07 +01:00
Thomas Lamprecht
c47b16cb68
bump version to 4.15.18-33
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-02-06 11:43:04 +01:00
Thomas Lamprecht
4adf30b011
bump version to 4.15.18-32
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-01-19 12:11:14 +01:00
Thomas Lamprecht
da7def12fd
bump version to 4.15.18-31
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2019-01-14 14:00:25 +01:00
Stoiko Ivanov
3db86f1084
bump version to 4.15.18-30
...
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-11-15 13:33:28 +01:00
Thomas Lamprecht
89a09f9102
bump version to 4.15.18-29
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-11-12 16:01:40 +01:00
Thomas Lamprecht
645ef9e161
bump version to 4.15.18-28
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-10-31 16:28:06 +01:00
Thomas Lamprecht
d7571cfde0
update ABI and firmware
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-10-31 16:27:22 +01:00
Thomas Lamprecht
b8885eda75
bump version to 4.15.18-27
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-10-10 14:23:25 +02:00
Fabian Grünbichler
e25e851963
build: remove leftover ZoL workaround
...
the executable bit is now properly tracked in our submodule, so this is
no longer needed.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2018-10-05 14:10:00 +02:00
Thomas Lamprecht
3f14e60dfb
bump version to 4.15.18-26
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-10-04 11:38:16 +02:00
Thomas Lamprecht
70b29d94c2
bump version to 4.15.18-25
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-10-03 15:42:30 +02:00
Thomas Lamprecht
83848cd1db
bump version to 4.15.18-24
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-09-17 11:46:43 +02:00
Thomas Lamprecht
8cfff66691
bump version to Ubuntu-4.15.0-34.37
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-08-30 13:05:06 +02:00
Thomas Lamprecht
2b76f08c16
bump version to 4.15.18-22
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-08-24 11:13:18 +02:00
Thomas Lamprecht
0fbf7de6c8
bump version to 4.15.18-21
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-08-23 11:50:21 +02:00
Stoiko Ivanov
1bffa5165f
bump version to 4.15.18-20
...
and bump ABI/KREL
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
2018-08-16 13:21:59 +02:00
Dietmar Maurer
beb9b8695d
add -X to upload target
2018-08-13 08:29:09 +02:00
Dietmar Maurer
b6fe45e6d5
bump version to 4.15.18-19
2018-08-13 07:51:40 +02:00
Stoiko Ivanov
8b4e1fa9c6
Add short documentation about bumping the ABI
...
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
2018-08-13 07:41:59 +02:00
Stoiko Ivanov
80a7ba6436
bump version to 4.15.18-18
...
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
2018-08-08 12:10:37 +02:00
Thomas Lamprecht
eea72d300f
bump version to 4.15.18-17
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-07-30 12:55:38 +02:00
Thomas Lamprecht
64fc80e3b7
bump version to 4.15.18-16
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-07-23 15:59:51 +02:00
Thomas Lamprecht
75af7c34e3
bump version to 4.15.18-15
2018-07-04 15:44:15 +02:00
Thomas Lamprecht
b5e86998ea
use intree NIC driver for 10G IXGBE drivers
...
no problems had been reported with it, in contrary to igb and e1000e
so use the newer and better supported in tree driver.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-07-04 15:42:14 +02:00
Thomas Lamprecht
93a8ca28fc
bump version to 4.15.17-14
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-06-27 17:48:40 +02:00
Thomas Lamprecht
5d6c3ffa8e
buildsys: print out which patch we apply
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-06-27 17:48:40 +02:00
Thomas Lamprecht
d069b13f84
bump version to 4.15-13
2018-06-18 17:18:35 +02:00
Thomas Lamprecht
e8834e95a2
igb: ensure setting MTU sets also max_frame_size
...
This is a regression from the out-of-tree Intel IGB driver happened
between 5.3.5.10 and 5.3.5.18.
The condition here should be actually reveresed, but as we always can
be sure to have a MAX/MIN MTU defined we can just remove it,
essentially going back to the previous code state (which also works
with our current 4.15 kernel).
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-06-18 17:07:01 +02:00
Thomas Lamprecht
75b315d492
bsys: clarify when to bump meta package
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-06-08 14:39:31 +02:00
Thomas Lamprecht
4379131c79
bump version to 4.15-12
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-06-08 12:01:57 +02:00
Thomas Lamprecht
515973635b
renenable out-of-tree intel ethernet driver (e1000e, igb, ixgbe)
...
There where just to much issues with the 4.15 in tree drivers for our
users [1]. The updated igb and ixgbe drivers are compatible with
4.15, the e1000e driver needed to be ported to the new internal
kernel timer API, which is pretty straight forward.
[1]: https://forum.proxmox.com/threads/4-15-based-test-kernel-for-pve-5-x-available.42097/page-5
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-06-08 11:58:18 +02:00
Thomas Lamprecht
f61496936e
update out-of-tree intel ethernet drivers
...
update OOT Intel ethernet driver for e1000e, igb and ixgbe backed
NICs from: https://sourceforge.net/projects/e1000/
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2018-06-08 11:35:11 +02:00
Stoiko Ivanov
5fd5ec0e77
refactor variable names and remove hardcoded major.minor version
...
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
2018-05-30 08:24:13 +02:00
Thomas Lamprecht
cd69f5e8ed
bump version to 4.15-10
2018-05-23 13:16:05 +02:00
Thomas Lamprecht
9952c40c8a
buildsys: also cleanup *.{deb,changes,buildinfo} files
2018-05-23 11:43:21 +02:00
Fabian Grünbichler
7361c770af
bump version to 4.15-9
2018-05-09 13:32:39 +02:00
Thomas Lamprecht
9552bb6dee
bump version to 4.15-8
2018-05-04 13:14:39 +02:00
Fabian Grünbichler
679a836a3a
bump version to 4.15-7, bump ABI to 4.15.17-1-pve
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2018-04-20 14:55:21 +02:00
Fabian Grünbichler
f060990aa5
bump version to 4.15-6
2018-04-09 12:25:32 +02:00
Fabian Grünbichler
4afcfa3a6f
bump version to 4.15-5, bump ABI to 4.15.15-1-pve
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2018-04-04 15:43:07 +02:00
Fabian Grünbichler
aac513414d
update SPL/ZFS to 0.7.7
...
and manually set the executable build on this new helper script
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2018-04-04 15:43:07 +02:00
Fabian Grünbichler
4794f3cd69
bump version to 4.15.10-4
2018-03-28 15:47:55 +02:00
Fabian Grünbichler
498bdfe5e5
bump version to 4.15.10-3
2018-03-28 11:07:58 +02:00
Fabian Grünbichler
b4ecde23e8
build: add abiupdate target
...
to automatically extract and commit the ABI data from a built
pve-headers binary package.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2018-03-22 11:12:48 +01:00
Fabian Grünbichler
330d1c9ea1
bump version to 4.15-2, bump ABI to 4.15.10-1-pve
...
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2018-03-22 11:12:48 +01:00
Fabian Grünbichler
faa3d7515d
build: rename ABI file
...
to track previous ABI to automatically skip ABI checks on ABI bumps.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
2018-03-22 11:12:48 +01:00
Fabian Grünbichler
2454b79d7a
switch to in-tree intel drivers
...
as the out-of-tree ones are not compatible with 4.15
2018-03-09 15:28:03 +01:00
Fabian Grünbichler
1e99f45be0
build: replace 4.13 with 4.15
...
as well as artful with bionic, and reset KREL/PKGREL accordingly
2018-03-09 14:47:21 +01:00
Fabian Grünbichler
320c823e91
bump version to 4.13.13-42
2018-03-09 11:57:49 +01:00
Fabian Grünbichler
44403fcc69
update README
2018-03-09 11:57:24 +01:00
Fabian Grünbichler
12aaf1a2f7
build: cleanup directory handling
2018-03-09 11:56:22 +01:00
Fabian Grünbichler
66aed5b89f
build: remove exported variables
...
in favor of generated rules.d snippet. this allows calling
dpkg-buildpackage in the build directory manually without setting up the
environment to match.
2018-03-09 11:56:22 +01:00
Fabian Grünbichler
f3acafc70e
build: add pmg to upload target
2018-03-09 09:19:58 +01:00
Fabian Grünbichler
e96d2ab3a1
build: move build and packaging to debian/
...
the top-level Makefile now only prepares the build directory by copying
and patching sources and generating the real files from debian/*.in
the actual build and packaging happens in debian/rules
2018-03-09 09:19:58 +01:00
Fabian Grünbichler
89102957f9
bump version to 4.13-41
2018-02-21 10:08:20 +01:00
Fabian Grünbichler
8a8c16e218
bump version to 4.13-40
2018-02-16 09:58:12 +01:00
Fabian Grünbichler
eb7f659548
bump version to 4.13-39, bump ABI to 4.13.13-6-pve
2018-02-16 09:58:12 +01:00
Fabian Grünbichler
7f4d14b06f
buildsys: check for indirect/RETPOLINE gcc support
...
copied from arch/x86/Makefile
2018-02-16 09:58:12 +01:00
Fabian Grünbichler
57ff4c945b
bump version to 4.13-38
2018-01-26 10:48:16 +01:00
Fabian Grünbichler
c1178a874f
bump version to 4.13-37
2018-01-19 12:45:45 +01:00
Fabian Grünbichler
5c85c0455e
bump version to 4.13-36, bump ABI to 4.13.13-5-pve
2018-01-15 14:05:27 +01:00
Fabian Grünbichler
9c34463e8c
bump version to 4.13-35, bump ABI to 4.13.13-4-pve
2018-01-08 11:51:24 +01:00
Fabian Grünbichler
597fd67073
bump version to 4.13-34, bump ABI to 4.13.13-3-pve
2018-01-07 13:21:02 +01:00
Fabian Grünbichler
6ecf746bac
enable KPTI
2018-01-07 13:18:22 +01:00
Fabian Grünbichler
e414beae5f
default to FRAME_POINTER unwinder again
...
the new default was changed in 4.14 and was cherry-picked together with
KPTI, but the ORC_UNWINDER seems to break ZFS
2018-01-07 13:18:22 +01:00
Fabian Grünbichler
4536c7a7ed
bump version to 4.13-33
2018-01-02 10:04:21 +01:00
Fabian Grünbichler
f783f68d2c
bump version to 4.13-32, bump ABI to 4.13.13-2-pve
2017-12-21 10:22:24 +01:00
Fabian Grünbichler
bfd0cd3fe0
bump version to 4.13-31, bump ABI to 4.13.13-1-pve
2017-12-11 11:24:58 +01:00
Fabian Grünbichler
cba3f72b57
bump version to 4.13-30
2017-12-05 13:07:11 +01:00
Fabian Grünbichler
6eb123031d
revert igb to 5.3.5.10
...
because 5.3.5.12 broke JUMBO_FRAMES (again)
2017-12-05 13:05:16 +01:00
Fabian Grünbichler
6749ef5ad2
bump version to 4.13-29, bump ABI to 4.13.8-3-pve
2017-12-04 09:36:58 +01:00
Fabian Grünbichler
8345558924
bump version to 4.13-28, bump ABI to 4.13.8-2-pve
2017-11-29 10:23:18 +01:00
Fabian Grünbichler
350f641023
bump version to 4.13-27, bump ABI to 4.13.8-1-pve
2017-11-22 09:47:25 +01:00
Fabian Grünbichler
25c35b26a1
update intel drivers to latest upstream releases
2017-11-22 09:47:25 +01:00
Fabian Grünbichler
d060c84f4d
drop patches applied upstream
2017-11-17 11:59:22 +01:00
Fabian Grünbichler
2a26cde588
bump version to 4.13-26
2017-11-06 11:24:17 +01:00
Fabian Grünbichler
3572537ff8
bump version to 5.1-25
2017-10-23 09:39:36 +02:00
Fabian Grünbichler
da64a9b95a
bump version to 4.13-25, bump ABI to 4.13.4-1-pve
2017-10-13 11:33:03 +02:00
Fabian Grünbichler
0e3176e76f
fix CVE-2017-12188: nested KVM stack overflow
2017-10-13 11:33:03 +02:00
Fabian Grünbichler
2e38f6f987
update ZFS/SPL to 0.7.2
...
and switch submodule to simplify patch handling
2017-10-13 11:33:03 +02:00
Fabian Grünbichler
a6dd515e43
build: rename submodules target to submodule
2017-10-13 08:41:42 +02:00
Fabian Grünbichler
2a1d389df6
bump version to 4.13-2, bump ABI to 4.13.3-1
2017-09-27 14:32:08 +02:00
Fabian Grünbichler
262ff4236b
bump version to 4.13.1-1
...
kernel and header only, no meta packages
2017-09-27 10:08:57 +02:00
Fabian Grünbichler
d84d9cdc47
ZFS/SPL: add 4.13 compat patches
2017-09-27 10:06:33 +02:00
Fabian Grünbichler
a8ee21761c
ixgbe: add 4.13 compat patch
2017-09-26 10:46:35 +02:00
Fabian Grünbichler
628004c405
igb: add 4.12 compat patch
2017-09-26 10:46:35 +02:00
Fabian Grünbichler
8021de509c
intel: drop patches which are no longer needed
2017-09-26 10:46:35 +02:00
Fabian Grünbichler
85507ee2c5
update igb to 5.3.5.10
2017-09-26 10:46:35 +02:00
Fabian Grünbichler
f3bad6d2b0
update ixgbe to 5.2.3
2017-09-26 10:46:35 +02:00
Fabian Grünbichler
b46edee600
update e1000e to 3.3.5.10
2017-09-26 10:46:35 +02:00
Fabian Grünbichler
2f7beffd96
build: move intel NIC patches
2017-09-26 10:46:35 +02:00
Fabian Grünbichler
b9e76370ab
build: rebase and refactor kernel patches
2017-09-26 10:46:35 +02:00
Fabian Grünbichler
6c7fba28d9
drop cpuset patch
...
to be replaced with backport of cgroup v2 functionality
2017-09-26 10:46:35 +02:00
Fabian Grünbichler
a350540ee9
drop patches applied upstream
2017-09-26 10:46:35 +02:00
Fabian Grünbichler
0194915336
build: update for 4.13/artful
2017-09-26 10:38:27 +02:00
Fabian Grünbichler
54a9e5a210
bump version to 4.10.17-23
2017-09-19 09:44:04 +02:00
Fabian Grünbichler
6aebbe9122
drop patches applied upstream
2017-09-19 09:43:03 +02:00
Fabian Grünbichler
212d9d415f
revert LP#1705447 fix
...
see https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1715609
2017-09-19 09:41:58 +02:00
Fabian Grünbichler
3e1f7b2f8e
bump version to 4.10.17-22
2017-09-18 10:39:28 +02:00
Fabian Grünbichler
6029760ee4
cherry-pick tcp reset bug fix
2017-09-18 10:38:27 +02:00
Fabian Grünbichler
d799ad3bc2
bump version to 4.10.17-21, bump ABI to 4.10.17-3-pve
2017-09-01 09:03:47 +02:00
Fabian Grünbichler
d6a36c6f72
bump version to 4.10.17-20
2017-08-14 11:23:56 +02:00
Fabian Grünbichler
ca36280078
zfs/spl: update to 0.6.5.11-1, switch submodules
2017-08-14 11:19:31 +02:00
Fabian Grünbichler
07dcf16338
bump version to 4.10.17-19, bump ABI to 4.10.17-2-pve
2017-08-04 14:08:58 +02:00
Fabian Grünbichler
11ce3c4a4b
drop patches applied upstream
2017-08-04 13:39:30 +02:00
Fabian Grünbichler
c1fc04f4d1
add follow-up fix for NVME driver
...
fixes a BUG_ON triggered by Samsung SM960 Pro NVME devices
2017-08-04 13:09:45 +02:00
Fabian Grünbichler
1e9f438872
build: drop bash from fwcheck target
2017-08-02 14:46:11 +02:00
Fabian Grünbichler
bdfc6d28fc
build: add deb target
2017-08-02 14:45:53 +02:00
Fabian Grünbichler
7153d8134a
build: dynamically choose number of jobs
2017-08-02 14:45:36 +02:00
Thomas Lamprecht
5aecf10b77
bump version to 4.10.17-18
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Changed-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
* fixed changelog user name
* adapt wording of nic driver change message to the one from
the release originally removing them
* removed duplicate 'Ubuntu' text
2017-07-28 14:09:06 +02:00
Thomas Lamprecht
22fa3dbdcc
drop patches applied upstream
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2017-07-28 14:02:26 +02:00
Thomas Lamprecht
9722965770
Revert "remove outdated intel nic drivers"
...
This reverts commit 7beee5f3eb
.
While they repositories of those drivers state that the in kernel one
should be used, as they are newer, it seems they do not provide the
same functionallity. So revert to the out of tree drivers for now.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2017-07-28 14:02:26 +02:00
Wolfgang Bumiller
0ee4a967cb
bump version to 4.10.17-17
2017-07-19 12:38:48 +02:00
Wolfgang Bumiller
58a18ce39d
buildsys: fix parallel builds
2017-07-19 12:38:48 +02:00
Thomas Lamprecht
4c390211d8
add CVE fixes
...
CVE-2017-1000364 (rather bugfix for the original CVE fix):
* mm/mmap.c: expand_downwards: don't require the gap if !vm_prev
* mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack
CVE-2017-1000365: fs/exec.c: account for argv/envp pointers
CVE-2017-10810: drm/virtio: don't leak bo on drm_gem_object_init
failure
CVE-2017-7482: rxrpc: Fix several cases where a padded len isn't
checked in ticket decode
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2017-07-19 09:46:19 +02:00
Thomas Lamprecht
a7f181d4b0
bump version to 4.10.17-16, bump ABI to 4.10.17-1-pve
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2017-07-13 09:07:40 +02:00
Dietmar Maurer
7beee5f3eb
remove outdated intel nic drivers
2017-07-13 09:06:03 +02:00
Thomas Lamprecht
d513484f62
add CVE fixes
...
CVE-2014-9900: net: Zeroing the structure ethtool_wolinfo in ethtool_get_wol()
CVE-2017-7346: drm/vmwgfx: limit the number of mip levels in vmw_gb_surface_define_ioctl()
CVE-2017-9605: drm/vmwgfx: Make sure backup_handle is always valid
CVE-2017-1000380:
* ALSA: timer: Fix race between read and ioctl
* ALSA: timer: Fix missing queue indices reset at SNDRV_TIMER_IOCTL_SELECT
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2017-07-13 06:04:17 +02:00
Thomas Lamprecht
ea91ce10d6
drop patches applied upstream
...
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2017-07-13 06:04:17 +02:00
Fabian Grünbichler
dc2b2ba06c
bump version to 4.10.15-15
2017-06-23 08:58:04 +02:00
Fabian Grünbichler
b4b8080506
replace Stack-Clash fix with upstream version
...
sicne the Ubuntu / Suse one seems to have some segfaulting
issues.
2017-06-23 08:57:04 +02:00
Fabian Grünbichler
02ad7886ad
bump version to 4.10.15-14
2017-06-22 09:24:04 +02:00
Fabian Grünbichler
7c01aa8df7
add follow-up fix for CVE-2017-100364 fix
2017-06-22 09:23:11 +02:00
Fabian Grünbichler
3905cd6842
bump version to 4.10.15-13
2017-06-20 09:58:25 +02:00
Fabian Grünbichler
97d6ca37ca
build: use git to get GITVERSION
2017-06-20 09:51:41 +02:00
Fabian Grünbichler
47d1503892
bump version to 4.10.15-12
2017-06-12 13:25:16 +02:00
Fabian Grünbichler
5aa54b7501
fix #1366 : pinctl fix for AMD Ryzen on Gigabyte MBs
2017-06-12 13:24:57 +02:00
Fabian Grünbichler
d8cc30e0cd
bump version to 4.10.15-11
2017-06-09 11:40:10 +02:00
Fabian Grünbichler
c1f358be22
add fix for CVE-2017-9074 fix
2017-06-09 11:39:33 +02:00
Fabian Grünbichler
05806a84a3
bump version to 4.10.15-10, bump ABI to 4.10.15-1-pve
2017-06-08 14:22:03 +02:00
Fabian Grünbichler
0f831b3cf2
add CVE fixes
...
CVE-2017-8890: dccp/tcp: do not inherit mc_list from parent
CVE-2017-9074: ipv6: Prevent overrun when parsing v6 header options
CVE-2017-9075: sctp: do not inherit ipv6_{mc|ac|fl}_list from parent
CVE-2017-9076/CVE-2017-9077: ipv6/dccp: do not inherit ipv6_mc_list from parent
CVE-2017-9242: ipv6: fix out of bound writes in __ip6_append_data()
2017-06-08 14:22:03 +02:00
Fabian Grünbichler
674abe87c8
drop patches applied upstream
2017-06-07 10:35:40 +02:00
Fabian Grünbichler
fd5c21692a
bump version to 4.10.11-9
2017-05-22 10:00:43 +02:00
Fabian Grünbichler
88582bb094
add fix for DoS via nftables
2017-05-22 09:59:35 +02:00
Fabian Grünbichler
c73cc23929
bump version to 4.10.11-8, bump ABI to 4.10.11-1-pve
2017-05-18 11:22:00 +02:00
Fabian Grünbichler
1e165a112f
drop patches applied upstream
2017-05-18 11:22:00 +02:00
Thomas Lamprecht
6490543bf7
add mapping from DEB_BUILD_ARCH to kernel arch subdirectory
...
and fix the rest of the architecture-hardcoded paths
2017-05-11 08:50:39 +02:00
Thomas Lamprecht
37d1225d09
build-sys: replace fixed architecture use where possible
2017-05-11 08:50:39 +02:00
Fabian Grünbichler
aa785972db
bump version to 4.10.8-7
2017-05-05 09:19:50 +02:00
Fabian Grünbichler
2b834b083d
add proposed fix for LP#1674838
...
Patches and rationale by Seth Forshee[1]:
My testing shows that the "POWER9: Additional power9
patches" patches are responsible, two of them in particular:
- mm: introduce page_vma_mapped_walk()
- mm, ksm: convert write_protect_page() to use page_vma_mapped_walk()
These patches don't appear to be included for any
functionality they provide, but rather to make "mm/ksm:
handle protnone saved writes when making page write protect"
a clean cherry pick instead of a backport. But the backport
isn't that difficult, so as far as I can tell we can do away
with the other two patches.
1: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1674838/comments/108
2017-05-05 09:12:20 +02:00
Fabian Grünbichler
7f0f6370be
update fix for CVE-2017-7979 to final version
...
cherry-picked from Ubuntu Zesty's master-next
2017-05-05 09:06:44 +02:00
Fabian Grünbichler
95cebd4144
build: export SOURCE_DATE_EPOCH
...
SOURCE_DATE_EPOCH is used to set various timestamps in build
products, and was introduced as part of the reproducible
builds efforts.
this is a great help for future build system restructuring,
as the "diffoscope"-diff of the produced .debs is now small
enough to catch unintended changes.
2017-05-04 15:40:21 +02:00
Fabian Grünbichler
a6c22e7b57
build: re-add kernel build symlink check
...
but in a way which works for regular users, not only root
2017-05-04 09:14:55 +02:00
Fabian Grünbichler
5f99d7c8cb
build: remove unused parts of Makefile
2017-05-04 09:14:46 +02:00
Fabian Grünbichler
973ac1a4ef
fix #1343 : add MTU patches for intel drivers
...
ported from upstream / in-tree commits
91c527a55664ddf4bee26673a35f91748dae4142
and
45693bcb00cbd379c373ab22ccd9a9d4755cc7ed
2017-05-03 14:05:03 +02:00