parent
d67a9170f1
commit
a99b18b795
|
@ -209,229 +209,3 @@ sha256sums=(9044e7b4084afc636ccd7a7fe06439d8941b28613df79f16ce603ccca35292c6 # l
|
|||
76fa1fc28bd76b30a1d93ac5fe5749e60f2c5c026d06065f2278782f01558383 # config
|
||||
18d5666ba88aa811c1f627444c60101839d77cbdc467ac7d1495be73e752693f # sha256sums
|
||||
96a72e1652314215da7140956c3abcf495cafd00811eda3cf4ce03ec5f791f1e) # 0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch
|
||||
####### diffs between old and new Arch PKGBUILD
|
||||
--- PKGBUILD-arch 1970-01-01 02:00:00.000000000 +0200
|
||||
+++ PKGBUILD-arch.new 2022-06-11 01:30:15.825578620 +0300
|
||||
@@ -0,0 +1,218 @@
|
||||
+# Maintainer: Andreas Radke <andyrtr@archlinux.org>
|
||||
+
|
||||
+pkgbase=linux-lts
|
||||
+pkgver=5.15.46
|
||||
+pkgrel=1
|
||||
+pkgdesc='LTS Linux'
|
||||
+url="https://www.kernel.org/"
|
||||
+arch=(x86_64)
|
||||
+license=(GPL2)
|
||||
+makedepends=(
|
||||
+ bc libelf pahole cpio perl tar xz
|
||||
+ xmlto python-sphinx python-sphinx_rtd_theme graphviz imagemagick texlive-latexextra
|
||||
+)
|
||||
+options=('!strip')
|
||||
+_srcname=linux-$pkgver
|
||||
+source=(
|
||||
+ https://cdn.kernel.org/pub/linux/kernel/v${pkgver%%.*}.x/${_srcname}.tar.{xz,sign}
|
||||
+ config # the main kernel config file
|
||||
+ 0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch
|
||||
+ 0002-PCI_Add_more_NVIDIA_controllers_to_the_MSI_masking_quirk.patch
|
||||
+ 0003-iommu_intel_do_deep_dma-unmapping_to_avoid_kernel-flooding.patch
|
||||
+ 0004-Bluetooth_btintel_Fix_bdaddress_comparison_with_garbage_value.patch
|
||||
+ 0005-lg-laptop_Recognize_more_models.patch
|
||||
+ 0006_fix_NFSv4_mount_regression.diff
|
||||
+)
|
||||
+validpgpkeys=(
|
||||
+ 'ABAF11C65A2970B130ABE3C479BE3E4300411886' # Linus Torvalds
|
||||
+ '647F28654894E3BD457199BE38DBBDC86092693E' # Greg Kroah-Hartman
|
||||
+)
|
||||
+# https://www.kernel.org/pub/linux/kernel/v5.x/sha256sums.asc
|
||||
+sha256sums=('eb455746779bb79533e6c1afcd0d5e8ad2295898b786f47d718f087a3d07376b'
|
||||
+ 'SKIP'
|
||||
+ '35b54c38a302a957d3cabebbe74f231da43b52f033c302e1813a33fad401e41c'
|
||||
+ '99df282c594cc269d9a5d19bb86ea887892d3654cfc53c4ce94a644cf3278423'
|
||||
+ 'c35018601f04ae81e0a2018a8597595db6ae053158c206845399cdebb2d2b706'
|
||||
+ '7c7707c738983f3683d76295b496f578996b7341fa39ad334ec2833bfe4b966e'
|
||||
+ '3fa8a4af66d5a3b99b48ca979a247c61e81c9b2d3bcdffa9d3895a5532a420b4'
|
||||
+ '79266c6cc970733fd35881d9a8f0a74c25c00b4d81741b8d4bba6827c48f7c78'
|
||||
+ 'e9527ad81d5b1821a7b17c56cb3abaec85785563f51e448cb3c06f1c68e2966f')
|
||||
+
|
||||
+export KBUILD_BUILD_HOST=archlinux
|
||||
+export KBUILD_BUILD_USER=$pkgbase
|
||||
+export KBUILD_BUILD_TIMESTAMP="$(date -Ru${SOURCE_DATE_EPOCH:+d @$SOURCE_DATE_EPOCH})"
|
||||
+
|
||||
+prepare() {
|
||||
+ cd $_srcname
|
||||
+
|
||||
+ # fix NFSv4 mounting issue regression - FS#73838 / FS#73860
|
||||
+ # https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/patch/?id=6f2836341d8a39e1e000572b10959347d7e61fd9
|
||||
+ patch -Rp1 -i ../0006_fix_NFSv4_mount_regression.diff
|
||||
+
|
||||
+ echo "Setting version..."
|
||||
+ scripts/setlocalversion --save-scmversion
|
||||
+ echo "-$pkgrel" > localversion.10-pkgrel
|
||||
+ echo "${pkgbase#linux}" > localversion.20-pkgname
|
||||
+
|
||||
+ local src
|
||||
+ for src in "${source[@]}"; do
|
||||
+ src="${src%%::*}"
|
||||
+ src="${src##*/}"
|
||||
+ [[ $src = *.patch ]] || continue
|
||||
+ echo "Applying patch $src..."
|
||||
+ patch -Np1 < "../$src"
|
||||
+ done
|
||||
+
|
||||
+ echo "Setting config..."
|
||||
+ cp ../config .config
|
||||
+ make olddefconfig
|
||||
+# diff -u ../config .config || :
|
||||
+#return 1
|
||||
+ make -s kernelrelease > version
|
||||
+ echo "Prepared $pkgbase version $(<version)"
|
||||
+}
|
||||
+
|
||||
+build() {
|
||||
+ cd $_srcname
|
||||
+ make all
|
||||
+ make htmldocs
|
||||
+}
|
||||
+
|
||||
+_package() {
|
||||
+ pkgdesc="The $pkgdesc kernel and modules"
|
||||
+ depends=(coreutils kmod initramfs)
|
||||
+ optdepends=('wireless-regdb: to set the correct wireless channels of your country'
|
||||
+ 'linux-firmware: firmware images needed for some devices')
|
||||
+ provides=(VIRTUALBOX-GUEST-MODULES WIREGUARD-MODULE)
|
||||
+ replaces=(wireguard-lts)
|
||||
+
|
||||
+ cd $_srcname
|
||||
+ local kernver="$(<version)"
|
||||
+ local modulesdir="$pkgdir/usr/lib/modules/$kernver"
|
||||
+
|
||||
+ echo "Installing boot image..."
|
||||
+ # systemd expects to find the kernel here to allow hibernation
|
||||
+ # https://github.com/systemd/systemd/commit/edda44605f06a41fb86b7ab8128dcf99161d2344
|
||||
+ install -Dm644 "$(make -s image_name)" "$modulesdir/vmlinuz"
|
||||
+
|
||||
+ # Used by mkinitcpio to name the kernel
|
||||
+ echo "$pkgbase" | install -Dm644 /dev/stdin "$modulesdir/pkgbase"
|
||||
+
|
||||
+ echo "Installing modules..."
|
||||
+ make INSTALL_MOD_PATH="$pkgdir/usr" INSTALL_MOD_STRIP=1 \
|
||||
+ DEPMOD=/doesnt/exist modules_install # Suppress depmod
|
||||
+
|
||||
+ # remove build and source links
|
||||
+ rm "$modulesdir"/{source,build}
|
||||
+}
|
||||
+
|
||||
+_package-headers() {
|
||||
+ pkgdesc="Headers and scripts for building modules for the $pkgdesc kernel"
|
||||
+ depends=(pahole)
|
||||
+
|
||||
+ cd $_srcname
|
||||
+ local builddir="$pkgdir/usr/lib/modules/$(<version)/build"
|
||||
+
|
||||
+ echo "Installing build files..."
|
||||
+ install -Dt "$builddir" -m644 .config Makefile Module.symvers System.map \
|
||||
+ localversion.* version vmlinux
|
||||
+ install -Dt "$builddir/kernel" -m644 kernel/Makefile
|
||||
+ install -Dt "$builddir/arch/x86" -m644 arch/x86/Makefile
|
||||
+ cp -t "$builddir" -a scripts
|
||||
+
|
||||
+ # add objtool for external module building and enabled VALIDATION_STACK option
|
||||
+ install -Dt "$builddir/tools/objtool" tools/objtool/objtool
|
||||
+
|
||||
+ # add xfs and shmem for aufs building
|
||||
+ mkdir -p "$builddir"/{fs/xfs,mm}
|
||||
+
|
||||
+ echo "Installing headers..."
|
||||
+ cp -t "$builddir" -a include
|
||||
+ cp -t "$builddir/arch/x86" -a arch/x86/include
|
||||
+ install -Dt "$builddir/arch/x86/kernel" -m644 arch/x86/kernel/asm-offsets.s
|
||||
+
|
||||
+ install -Dt "$builddir/drivers/md" -m644 drivers/md/*.h
|
||||
+ install -Dt "$builddir/net/mac80211" -m644 net/mac80211/*.h
|
||||
+
|
||||
+ # https://bugs.archlinux.org/task/13146
|
||||
+ install -Dt "$builddir/drivers/media/i2c" -m644 drivers/media/i2c/msp3400-driver.h
|
||||
+
|
||||
+ # https://bugs.archlinux.org/task/20402
|
||||
+ install -Dt "$builddir/drivers/media/usb/dvb-usb" -m644 drivers/media/usb/dvb-usb/*.h
|
||||
+ install -Dt "$builddir/drivers/media/dvb-frontends" -m644 drivers/media/dvb-frontends/*.h
|
||||
+ install -Dt "$builddir/drivers/media/tuners" -m644 drivers/media/tuners/*.h
|
||||
+
|
||||
+ # https://bugs.archlinux.org/task/71392
|
||||
+ install -Dt "$builddir/drivers/iio/common/hid-sensors" -m644 drivers/iio/common/hid-sensors/*.h
|
||||
+
|
||||
+ echo "Installing KConfig files..."
|
||||
+ find . -name 'Kconfig*' -exec install -Dm644 {} "$builddir/{}" \;
|
||||
+
|
||||
+ echo "Removing unneeded architectures..."
|
||||
+ local arch
|
||||
+ for arch in "$builddir"/arch/*/; do
|
||||
+ [[ $arch = */x86/ ]] && continue
|
||||
+ echo "Removing $(basename "$arch")"
|
||||
+ rm -r "$arch"
|
||||
+ done
|
||||
+
|
||||
+ echo "Removing documentation..."
|
||||
+ rm -r "$builddir/Documentation"
|
||||
+
|
||||
+ echo "Removing broken symlinks..."
|
||||
+ find -L "$builddir" -type l -printf 'Removing %P\n' -delete
|
||||
+
|
||||
+ echo "Removing loose objects..."
|
||||
+ find "$builddir" -type f -name '*.o' -printf 'Removing %P\n' -delete
|
||||
+
|
||||
+ echo "Stripping build tools..."
|
||||
+ local file
|
||||
+ while read -rd '' file; do
|
||||
+ case "$(file -bi "$file")" in
|
||||
+ application/x-sharedlib\;*) # Libraries (.so)
|
||||
+ strip -v $STRIP_SHARED "$file" ;;
|
||||
+ application/x-archive\;*) # Libraries (.a)
|
||||
+ strip -v $STRIP_STATIC "$file" ;;
|
||||
+ application/x-executable\;*) # Binaries
|
||||
+ strip -v $STRIP_BINARIES "$file" ;;
|
||||
+ application/x-pie-executable\;*) # Relocatable binaries
|
||||
+ strip -v $STRIP_SHARED "$file" ;;
|
||||
+ esac
|
||||
+ done < <(find "$builddir" -type f -perm -u+x ! -name vmlinux -print0)
|
||||
+
|
||||
+ echo "Stripping vmlinux..."
|
||||
+ strip -v $STRIP_STATIC "$builddir/vmlinux"
|
||||
+
|
||||
+ echo "Adding symlink..."
|
||||
+ mkdir -p "$pkgdir/usr/src"
|
||||
+ ln -sr "$builddir" "$pkgdir/usr/src/$pkgbase"
|
||||
+}
|
||||
+
|
||||
+_package-docs() {
|
||||
+ pkgdesc="Documentation for the $pkgdesc kernel"
|
||||
+
|
||||
+ cd $_srcname
|
||||
+ local builddir="$pkgdir/usr/lib/modules/$(<version)/build"
|
||||
+
|
||||
+ echo "Installing documentation..."
|
||||
+ local src dst
|
||||
+ while read -rd '' src; do
|
||||
+ dst="${src#Documentation/}"
|
||||
+ dst="$builddir/Documentation/${dst#output/}"
|
||||
+ install -Dm644 "$src" "$dst"
|
||||
+ done < <(find Documentation -name '.*' -prune -o ! -type d -print0)
|
||||
+
|
||||
+ echo "Adding symlink..."
|
||||
+ mkdir -p "$pkgdir/usr/share/doc"
|
||||
+ ln -sr "$builddir/Documentation" "$pkgdir/usr/share/doc/$pkgbase"
|
||||
+}
|
||||
+
|
||||
+pkgname=("$pkgbase" "$pkgbase-headers" "$pkgbase-docs")
|
||||
+for _p in "${pkgname[@]}"; do
|
||||
+ eval "package_$_p() {
|
||||
+ $(declare -f "_package${_p#$pkgbase}")
|
||||
+ _package${_p#$pkgbase}
|
||||
+ }"
|
||||
+done
|
||||
+
|
||||
+# vim:set ts=8 sts=2 sw=2 et:
|
||||
scan for systemd ipv6 service & socket
|
||||
##### systemd crap in new PKGBUILD ###
|
||||
# systemd expects to find the kernel here to allow hibernation
|
||||
# https://github.com/systemd/systemd/commit/edda44605f06a41fb86b7ab8128dcf99161d2344
|
||||
|
|
|
@ -0,0 +1,129 @@
|
|||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: "Jan Alexander Steffens (heftig)" <jan.steffens@gmail.com>
|
||||
Date: Mon, 16 Sep 2019 04:53:20 +0200
|
||||
Subject: [PATCH] ZEN: Add sysctl and CONFIG to disallow unprivileged
|
||||
CLONE_NEWUSER
|
||||
|
||||
Our default behavior continues to match the vanilla kernel.
|
||||
---
|
||||
init/Kconfig | 16 ++++++++++++++++
|
||||
kernel/fork.c | 15 +++++++++++++++
|
||||
kernel/sysctl.c | 12 ++++++++++++
|
||||
kernel/user_namespace.c | 7 +++++++
|
||||
4 files changed, 50 insertions(+)
|
||||
|
||||
diff --git a/init/Kconfig b/init/Kconfig
|
||||
index 96fc45d1b686..3bc58f03a2cd 100644
|
||||
--- a/init/Kconfig
|
||||
+++ b/init/Kconfig
|
||||
@@ -1084,6 +1084,22 @@ config USER_NS
|
||||
|
||||
If unsure, say N.
|
||||
|
||||
+config USER_NS_UNPRIVILEGED
|
||||
+ bool "Allow unprivileged users to create namespaces"
|
||||
+ default y
|
||||
+ depends on USER_NS
|
||||
+ help
|
||||
+ When disabled, unprivileged users will not be able to create
|
||||
+ new namespaces. Allowing users to create their own namespaces
|
||||
+ has been part of several recent local privilege escalation
|
||||
+ exploits, so if you need user namespaces but are
|
||||
+ paranoid^Wsecurity-conscious you want to disable this.
|
||||
+
|
||||
+ This setting can be overridden at runtime via the
|
||||
+ kernel.unprivileged_userns_clone sysctl.
|
||||
+
|
||||
+ If unsure, say Y.
|
||||
+
|
||||
config PID_NS
|
||||
bool "PID Namespaces"
|
||||
default y
|
||||
diff --git a/kernel/fork.c b/kernel/fork.c
|
||||
index 419fff8eb9e5..70da21e5c06a 100644
|
||||
--- a/kernel/fork.c
|
||||
+++ b/kernel/fork.c
|
||||
@@ -106,6 +106,11 @@
|
||||
|
||||
#define CREATE_TRACE_POINTS
|
||||
#include <trace/events/task.h>
|
||||
+#ifdef CONFIG_USER_NS
|
||||
+extern int unprivileged_userns_clone;
|
||||
+#else
|
||||
+#define unprivileged_userns_clone 0
|
||||
+#endif
|
||||
|
||||
/*
|
||||
* Minimum number of threads to boot the kernel
|
||||
@@ -1799,6 +1804,10 @@ static __latent_entropy struct task_struct *copy_process(
|
||||
if ((clone_flags & (CLONE_NEWUSER|CLONE_FS)) == (CLONE_NEWUSER|CLONE_FS))
|
||||
return ERR_PTR(-EINVAL);
|
||||
|
||||
+ if ((clone_flags & CLONE_NEWUSER) && !unprivileged_userns_clone)
|
||||
+ if (!capable(CAP_SYS_ADMIN))
|
||||
+ return ERR_PTR(-EPERM);
|
||||
+
|
||||
/*
|
||||
* Thread groups must share signals as well, and detached threads
|
||||
* can only be started up within the thread group.
|
||||
@@ -2859,6 +2868,12 @@ int ksys_unshare(unsigned long unshare_flags)
|
||||
if (unshare_flags & CLONE_NEWNS)
|
||||
unshare_flags |= CLONE_FS;
|
||||
|
||||
+ if ((unshare_flags & CLONE_NEWUSER) && !unprivileged_userns_clone) {
|
||||
+ err = -EPERM;
|
||||
+ if (!capable(CAP_SYS_ADMIN))
|
||||
+ goto bad_unshare_out;
|
||||
+ }
|
||||
+
|
||||
err = check_unshare_flags(unshare_flags);
|
||||
if (err)
|
||||
goto bad_unshare_out;
|
||||
diff --git a/kernel/sysctl.c b/kernel/sysctl.c
|
||||
index 70665934d53e..9797869ed829 100644
|
||||
--- a/kernel/sysctl.c
|
||||
+++ b/kernel/sysctl.c
|
||||
@@ -110,6 +110,9 @@ extern int core_uses_pid;
|
||||
extern char core_pattern[];
|
||||
extern unsigned int core_pipe_limit;
|
||||
#endif
|
||||
+#ifdef CONFIG_USER_NS
|
||||
+extern int unprivileged_userns_clone;
|
||||
+#endif
|
||||
extern int pid_max;
|
||||
extern int pid_max_min, pid_max_max;
|
||||
extern int percpu_pagelist_fraction;
|
||||
@@ -546,6 +549,15 @@ static struct ctl_table kern_table[] = {
|
||||
.proc_handler = proc_dointvec,
|
||||
},
|
||||
#endif
|
||||
+#ifdef CONFIG_USER_NS
|
||||
+ {
|
||||
+ .procname = "unprivileged_userns_clone",
|
||||
+ .data = &unprivileged_userns_clone,
|
||||
+ .maxlen = sizeof(int),
|
||||
+ .mode = 0644,
|
||||
+ .proc_handler = proc_dointvec,
|
||||
+ },
|
||||
+#endif
|
||||
#ifdef CONFIG_PROC_SYSCTL
|
||||
{
|
||||
.procname = "tainted",
|
||||
diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
|
||||
index 8eadadc478f9..c36ecd19562c 100644
|
||||
--- a/kernel/user_namespace.c
|
||||
+++ b/kernel/user_namespace.c
|
||||
@@ -21,6 +21,13 @@
|
||||
#include <linux/bsearch.h>
|
||||
#include <linux/sort.h>
|
||||
|
||||
+/* sysctl */
|
||||
+#ifdef CONFIG_USER_NS_UNPRIVILEGED
|
||||
+int unprivileged_userns_clone = 1;
|
||||
+#else
|
||||
+int unprivileged_userns_clone;
|
||||
+#endif
|
||||
+
|
||||
static struct kmem_cache *user_ns_cachep __read_mostly;
|
||||
static DEFINE_MUTEX(userns_state_mutex);
|
||||
|
|
@ -0,0 +1,689 @@
|
|||
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
||||
From: "Jan Alexander Steffens (heftig)" <heftig@archlinux.org>
|
||||
Date: Wed, 15 Jul 2020 22:42:07 +0200
|
||||
Subject: [PATCH] virt: vbox: Add support for the new
|
||||
VBG_IOCTL_ACQUIRE_GUEST_CAPABILITIES ioctl
|
||||
|
||||
https://lore.kernel.org/patchwork/cover/1270301/
|
||||
|
||||
Needed for https://bugs.archlinux.org/task/67253
|
||||
|
||||
Squashed commit of the following:
|
||||
|
||||
commit 0d7bec556896815f4920a5ed87339732c697175c
|
||||
Author: Hans de Goede <hdegoede@redhat.com>
|
||||
Date: Thu Jul 9 14:08:58 2020 +0200
|
||||
|
||||
virt: vbox: Fix some comments which talk about the "session spinlock"
|
||||
|
||||
The session lock is a mutex, not a spinlock, fix the comments to match.
|
||||
|
||||
Acked-by: Arnd Bergmann <arnd@arndb.de>
|
||||
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
|
||||
|
||||
commit fed91350029e0c3bf626bd55a148e766587ec439
|
||||
Author: Hans de Goede <hdegoede@redhat.com>
|
||||
Date: Thu Jul 9 14:08:57 2020 +0200
|
||||
|
||||
virt: vbox: Log unknown ioctl requests as error
|
||||
|
||||
Every now and then upstream adds new ioctls without notifying us,
|
||||
log unknown ioctl requests as an error to catch these.
|
||||
|
||||
Acked-by: Arnd Bergmann <arnd@arndb.de>
|
||||
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
|
||||
|
||||
commit 245d06f4c1b8f84cde07d14c09296a4fe90a26f0
|
||||
Author: Hans de Goede <hdegoede@redhat.com>
|
||||
Date: Thu Jul 9 14:08:56 2020 +0200
|
||||
|
||||
virt: vbox: Add a few new vmmdev request types to the userspace whitelist
|
||||
|
||||
Upstream VirtualBox has defined and is using a few new request types for
|
||||
vmmdev requests passed through /dev/vboxguest to the hypervisor.
|
||||
|
||||
Add the defines for these to vbox_vmmdev_types.h and add add them to the
|
||||
whitelists of vmmdev requests which userspace is allowed to make.
|
||||
|
||||
BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=1789545
|
||||
Acked-by: Arnd Bergmann <arnd@arndb.de>
|
||||
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
|
||||
|
||||
commit 2f24f5446915322bbbb1ccf4ee2297512feab942
|
||||
Author: Hans de Goede <hdegoede@redhat.com>
|
||||
Date: Thu Jul 9 14:08:55 2020 +0200
|
||||
|
||||
virt: vbox: Add support for the new VBG_IOCTL_ACQUIRE_GUEST_CAPABILITIES ioctl
|
||||
|
||||
Add support for the new VBG_IOCTL_ACQUIRE_GUEST_CAPABILITIES ioctl, this
|
||||
is necessary for automatic resizing of the guest resolution to match the
|
||||
VM-window size to work with the new VMSVGA virtual GPU which is now the
|
||||
new default in VirtualBox.
|
||||
|
||||
BugLink: https://bugzilla.redhat.com/show_bug.cgi?id=1789545
|
||||
Acked-by: Arnd Bergmann <arnd@arndb.de>
|
||||
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
|
||||
|
||||
commit 2fc9822453e8dd215765cd2b28e5e6e26338829e
|
||||
Author: Hans de Goede <hdegoede@redhat.com>
|
||||
Date: Thu Jul 9 14:08:54 2020 +0200
|
||||
|
||||
virt: vbox: Add vbg_set_host_capabilities() helper function
|
||||
|
||||
Add vbg_set_host_capabilities() helper function, this is a preparation
|
||||
patch for adding support for the VBGL_IOCTL_GUEST_CAPS_ACQUIRE ioctl.
|
||||
|
||||
Acked-by: Arnd Bergmann <arnd@arndb.de>
|
||||
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
|
||||
|
||||
commit 1594daf929c8691849c00e49e4a1ed977048addc
|
||||
Author: Hans de Goede <hdegoede@redhat.com>
|
||||
Date: Thu Jul 9 14:08:53 2020 +0200
|
||||
|
||||
virt: vbox: Rename guest_caps struct members to set_guest_caps
|
||||
|
||||
Rename guest_caps[_tracker] struct members to set_guest_caps[_tracker]
|
||||
this is a preparation patch for adding support for the
|
||||
VBGL_IOCTL_GUEST_CAPS_ACQUIRE ioctl.
|
||||
|
||||
Acked-by: Arnd Bergmann <arnd@arndb.de>
|
||||
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
|
||||
|
||||
commit d7f3b7cec66d171cf5194ad37f647f4562da6ccc
|
||||
Author: Hans de Goede <hdegoede@redhat.com>
|
||||
Date: Thu Jul 9 14:08:52 2020 +0200
|
||||
|
||||
virt: vbox: Fix guest capabilities mask check
|
||||
|
||||
Check the passed in capabilities against VMMDEV_GUEST_CAPABILITIES_MASK
|
||||
instead of against VMMDEV_EVENT_VALID_EVENT_MASK.
|
||||
This tightens the allowed mask from 0x7ff to 0x7.
|
||||
|
||||
Fixes: 0ba002bc4393 ("virt: Add vboxguest driver for Virtual Box Guest integration")
|
||||
Cc: stable@vger.kernel.org
|
||||
Acked-by: Arnd Bergmann <arnd@arndb.de>
|
||||
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
|
||||
|
||||
commit f6694fa90e2183874def2d022d097795e2269a15
|
||||
Author: Hans de Goede <hdegoede@redhat.com>
|
||||
Date: Thu Jul 9 14:08:51 2020 +0200
|
||||
|
||||
virt: vbox: Fix VBGL_IOCTL_VMMDEV_REQUEST_BIG and _LOG req numbers to match upstream
|
||||
|
||||
Until this commit the mainline kernel version (this version) of the
|
||||
vboxguest module contained a bug where it defined
|
||||
VBGL_IOCTL_VMMDEV_REQUEST_BIG and VBGL_IOCTL_LOG using
|
||||
_IOC(_IOC_READ | _IOC_WRITE, 'V', ...) instead of
|
||||
_IO(V, ...) as the out of tree VirtualBox upstream version does.
|
||||
|
||||
Since the VirtualBox userspace bits are always built against VirtualBox
|
||||
upstream's headers, this means that so far the mainline kernel version
|
||||
of the vboxguest module has been failing these 2 ioctls with -ENOTTY.
|
||||
I guess that VBGL_IOCTL_VMMDEV_REQUEST_BIG is never used causing us to
|
||||
not hit that one and sofar the vboxguest driver has failed to actually
|
||||
log any log messages passed it through VBGL_IOCTL_LOG.
|
||||
|
||||
This commit changes the VBGL_IOCTL_VMMDEV_REQUEST_BIG and VBGL_IOCTL_LOG
|
||||
defines to match the out of tree VirtualBox upstream vboxguest version,
|
||||
while keeping compatibility with the old wrong request defines so as
|
||||
to not break the kernel ABI in case someone has been using the old
|
||||
request defines.
|
||||
|
||||
Fixes: f6ddd094f579 ("virt: Add vboxguest driver for Virtual Box Guest integration UAPI")
|
||||
Cc: stable@vger.kernel.org
|
||||
Acked-by: Arnd Bergmann <arnd@arndb.de>
|
||||
Reviewed-by: Arnd Bergmann <arnd@arndb.de>
|
||||
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
|
||||
---
|
||||
drivers/virt/vboxguest/vboxguest_core.c | 266 +++++++++++++++++++----
|
||||
drivers/virt/vboxguest/vboxguest_core.h | 23 +-
|
||||
drivers/virt/vboxguest/vboxguest_utils.c | 1 +
|
||||
include/linux/vbox_utils.h | 1 +
|
||||
include/uapi/linux/vbox_vmmdev_types.h | 3 +
|
||||
include/uapi/linux/vboxguest.h | 24 ++
|
||||
6 files changed, 269 insertions(+), 49 deletions(-)
|
||||
|
||||
diff --git a/drivers/virt/vboxguest/vboxguest_core.c b/drivers/virt/vboxguest/vboxguest_core.c
|
||||
index 95bfdb8ac8a2..f449fc366cf3 100644
|
||||
--- a/drivers/virt/vboxguest/vboxguest_core.c
|
||||
+++ b/drivers/virt/vboxguest/vboxguest_core.c
|
||||
@@ -558,7 +558,7 @@ static int vbg_reset_host_event_filter(struct vbg_dev *gdev,
|
||||
* Changes the event filter mask for the given session.
|
||||
*
|
||||
* This is called in response to VBG_IOCTL_CHANGE_FILTER_MASK as well as to
|
||||
- * do session cleanup. Takes the session spinlock.
|
||||
+ * do session cleanup. Takes the session mutex.
|
||||
*
|
||||
* Return: 0 or negative errno value.
|
||||
* @gdev: The Guest extension device.
|
||||
@@ -661,78 +661,205 @@ static int vbg_reset_host_capabilities(struct vbg_dev *gdev)
|
||||
}
|
||||
|
||||
/**
|
||||
- * Sets the guest capabilities for a session. Takes the session spinlock.
|
||||
+ * Set guest capabilities on the host.
|
||||
+ * Must be called with gdev->session_mutex hold.
|
||||
+ * Return: 0 or negative errno value.
|
||||
+ * @gdev: The Guest extension device.
|
||||
+ * @session: The session.
|
||||
+ * @session_termination: Set if we're called by the session cleanup code.
|
||||
+ */
|
||||
+static int vbg_set_host_capabilities(struct vbg_dev *gdev,
|
||||
+ struct vbg_session *session,
|
||||
+ bool session_termination)
|
||||
+{
|
||||
+ struct vmmdev_mask *req;
|
||||
+ u32 caps;
|
||||
+ int rc;
|
||||
+
|
||||
+ WARN_ON(!mutex_is_locked(&gdev->session_mutex));
|
||||
+
|
||||
+ caps = gdev->acquired_guest_caps | gdev->set_guest_caps_tracker.mask;
|
||||
+
|
||||
+ if (gdev->guest_caps_host == caps)
|
||||
+ return 0;
|
||||
+
|
||||
+ /* On termination the requestor is the kernel, as we're cleaning up. */
|
||||
+ req = vbg_req_alloc(sizeof(*req), VMMDEVREQ_SET_GUEST_CAPABILITIES,
|
||||
+ session_termination ? VBG_KERNEL_REQUEST :
|
||||
+ session->requestor);
|
||||
+ if (!req) {
|
||||
+ gdev->guest_caps_host = U32_MAX;
|
||||
+ return -ENOMEM;
|
||||
+ }
|
||||
+
|
||||
+ req->or_mask = caps;
|
||||
+ req->not_mask = ~caps;
|
||||
+ rc = vbg_req_perform(gdev, req);
|
||||
+ vbg_req_free(req, sizeof(*req));
|
||||
+
|
||||
+ gdev->guest_caps_host = (rc >= 0) ? caps : U32_MAX;
|
||||
+
|
||||
+ return vbg_status_code_to_errno(rc);
|
||||
+}
|
||||
+
|
||||
+/**
|
||||
+ * Acquire (get exclusive access) guest capabilities for a session.
|
||||
+ * Takes the session mutex.
|
||||
+ * Return: 0 or negative errno value.
|
||||
+ * @gdev: The Guest extension device.
|
||||
+ * @session: The session.
|
||||
+ * @flags: Flags (VBGL_IOC_AGC_FLAGS_XXX).
|
||||
+ * @or_mask: The capabilities to add.
|
||||
+ * @not_mask: The capabilities to remove.
|
||||
+ * @session_termination: Set if we're called by the session cleanup code.
|
||||
+ * This tweaks the error handling so we perform
|
||||
+ * proper session cleanup even if the host
|
||||
+ * misbehaves.
|
||||
+ */
|
||||
+static int vbg_acquire_session_capabilities(struct vbg_dev *gdev,
|
||||
+ struct vbg_session *session,
|
||||
+ u32 or_mask, u32 not_mask,
|
||||
+ u32 flags, bool session_termination)
|
||||
+{
|
||||
+ unsigned long irqflags;
|
||||
+ bool wakeup = false;
|
||||
+ int ret = 0;
|
||||
+
|
||||
+ mutex_lock(&gdev->session_mutex);
|
||||
+
|
||||
+ if (gdev->set_guest_caps_tracker.mask & or_mask) {
|
||||
+ vbg_err("%s error: cannot acquire caps which are currently set\n",
|
||||
+ __func__);
|
||||
+ ret = -EINVAL;
|
||||
+ goto out;
|
||||
+ }
|
||||
+
|
||||
+ /*
|
||||
+ * Mark any caps in the or_mask as now being in acquire-mode. Note
|
||||
+ * once caps are in acquire_mode they always stay in this mode.
|
||||
+ * This impacts event handling, so we take the event-lock.
|
||||
+ */
|
||||
+ spin_lock_irqsave(&gdev->event_spinlock, irqflags);
|
||||
+ gdev->acquire_mode_guest_caps |= or_mask;
|
||||
+ spin_unlock_irqrestore(&gdev->event_spinlock, irqflags);
|
||||
+
|
||||
+ /* If we only have to switch the caps to acquire mode, we're done. */
|
||||
+ if (flags & VBGL_IOC_AGC_FLAGS_CONFIG_ACQUIRE_MODE)
|
||||
+ goto out;
|
||||
+
|
||||
+ not_mask &= ~or_mask; /* or_mask takes priority over not_mask */
|
||||
+ not_mask &= session->acquired_guest_caps;
|
||||
+ or_mask &= ~session->acquired_guest_caps;
|
||||
+
|
||||
+ if (or_mask == 0 && not_mask == 0)
|
||||
+ goto out;
|
||||
+
|
||||
+ if (gdev->acquired_guest_caps & or_mask) {
|
||||
+ ret = -EBUSY;
|
||||
+ goto out;
|
||||
+ }
|
||||
+
|
||||
+ gdev->acquired_guest_caps |= or_mask;
|
||||
+ gdev->acquired_guest_caps &= ~not_mask;
|
||||
+ /* session->acquired_guest_caps impacts event handling, take the lock */
|
||||
+ spin_lock_irqsave(&gdev->event_spinlock, irqflags);
|
||||
+ session->acquired_guest_caps |= or_mask;
|
||||
+ session->acquired_guest_caps &= ~not_mask;
|
||||
+ spin_unlock_irqrestore(&gdev->event_spinlock, irqflags);
|
||||
+
|
||||
+ ret = vbg_set_host_capabilities(gdev, session, session_termination);
|
||||
+ /* Roll back on failure, unless it's session termination time. */
|
||||
+ if (ret < 0 && !session_termination) {
|
||||
+ gdev->acquired_guest_caps &= ~or_mask;
|
||||
+ gdev->acquired_guest_caps |= not_mask;
|
||||
+ spin_lock_irqsave(&gdev->event_spinlock, irqflags);
|
||||
+ session->acquired_guest_caps &= ~or_mask;
|
||||
+ session->acquired_guest_caps |= not_mask;
|
||||
+ spin_unlock_irqrestore(&gdev->event_spinlock, irqflags);
|
||||
+ }
|
||||
+
|
||||
+ /*
|
||||
+ * If we added a capability, check if that means some other thread in
|
||||
+ * our session should be unblocked because there are events pending
|
||||
+ * (the result of vbg_get_allowed_event_mask_for_session() may change).
|
||||
+ *
|
||||
+ * HACK ALERT! When the seamless support capability is added we generate
|
||||
+ * a seamless change event so that the ring-3 client can sync with
|
||||
+ * the seamless state.
|
||||
+ */
|
||||
+ if (ret == 0 && or_mask != 0) {
|
||||
+ spin_lock_irqsave(&gdev->event_spinlock, irqflags);
|
||||
+
|
||||
+ if (or_mask & VMMDEV_GUEST_SUPPORTS_SEAMLESS)
|
||||
+ gdev->pending_events |=
|
||||
+ VMMDEV_EVENT_SEAMLESS_MODE_CHANGE_REQUEST;
|
||||
+
|
||||
+ if (gdev->pending_events)
|
||||
+ wakeup = true;
|
||||
+
|
||||
+ spin_unlock_irqrestore(&gdev->event_spinlock, irqflags);
|
||||
+
|
||||
+ if (wakeup)
|
||||
+ wake_up(&gdev->event_wq);
|
||||
+ }
|
||||
+
|
||||
+out:
|
||||
+ mutex_unlock(&gdev->session_mutex);
|
||||
+
|
||||
+ return ret;
|
||||
+}
|
||||
+
|
||||
+/**
|
||||
+ * Sets the guest capabilities for a session. Takes the session mutex.
|
||||
* Return: 0 or negative errno value.
|
||||
* @gdev: The Guest extension device.
|
||||
* @session: The session.
|
||||
* @or_mask: The capabilities to add.
|
||||
* @not_mask: The capabilities to remove.
|
||||
* @session_termination: Set if we're called by the session cleanup code.
|
||||
* This tweaks the error handling so we perform
|
||||
* proper session cleanup even if the host
|
||||
* misbehaves.
|
||||
*/
|
||||
static int vbg_set_session_capabilities(struct vbg_dev *gdev,
|
||||
struct vbg_session *session,
|
||||
u32 or_mask, u32 not_mask,
|
||||
bool session_termination)
|
||||
{
|
||||
- struct vmmdev_mask *req;
|
||||
u32 changed, previous;
|
||||
- int rc, ret = 0;
|
||||
-
|
||||
- /*
|
||||
- * Allocate a request buffer before taking the spinlock, when
|
||||
- * the session is being terminated the requestor is the kernel,
|
||||
- * as we're cleaning up.
|
||||
- */
|
||||
- req = vbg_req_alloc(sizeof(*req), VMMDEVREQ_SET_GUEST_CAPABILITIES,
|
||||
- session_termination ? VBG_KERNEL_REQUEST :
|
||||
- session->requestor);
|
||||
- if (!req) {
|
||||
- if (!session_termination)
|
||||
- return -ENOMEM;
|
||||
- /* Ignore allocation failure, we must do session cleanup. */
|
||||
- }
|
||||
+ int ret = 0;
|
||||
|
||||
mutex_lock(&gdev->session_mutex);
|
||||
|
||||
+ if (gdev->acquire_mode_guest_caps & or_mask) {
|
||||
+ vbg_err("%s error: cannot set caps which are in acquire_mode\n",
|
||||
+ __func__);
|
||||
+ ret = -EBUSY;
|
||||
+ goto out;
|
||||
+ }
|
||||
+
|
||||
/* Apply the changes to the session mask. */
|
||||
- previous = session->guest_caps;
|
||||
- session->guest_caps |= or_mask;
|
||||
- session->guest_caps &= ~not_mask;
|
||||
+ previous = session->set_guest_caps;
|
||||
+ session->set_guest_caps |= or_mask;
|
||||
+ session->set_guest_caps &= ~not_mask;
|
||||
|
||||
/* If anything actually changed, update the global usage counters. */
|
||||
- changed = previous ^ session->guest_caps;
|
||||
+ changed = previous ^ session->set_guest_caps;
|
||||
if (!changed)
|
||||
goto out;
|
||||
|
||||
- vbg_track_bit_usage(&gdev->guest_caps_tracker, changed, previous);
|
||||
- or_mask = gdev->guest_caps_tracker.mask;
|
||||
+ vbg_track_bit_usage(&gdev->set_guest_caps_tracker, changed, previous);
|
||||
|
||||
- if (gdev->guest_caps_host == or_mask || !req)
|
||||
- goto out;
|
||||
-
|
||||
- gdev->guest_caps_host = or_mask;
|
||||
- req->or_mask = or_mask;
|
||||
- req->not_mask = ~or_mask;
|
||||
- rc = vbg_req_perform(gdev, req);
|
||||
- if (rc < 0) {
|
||||
- ret = vbg_status_code_to_errno(rc);
|
||||
-
|
||||
- /* Failed, roll back (unless it's session termination time). */
|
||||
- gdev->guest_caps_host = U32_MAX;
|
||||
- if (session_termination)
|
||||
- goto out;
|
||||
-
|
||||
- vbg_track_bit_usage(&gdev->guest_caps_tracker, changed,
|
||||
- session->guest_caps);
|
||||
- session->guest_caps = previous;
|
||||
+ ret = vbg_set_host_capabilities(gdev, session, session_termination);
|
||||
+ /* Roll back on failure, unless it's session termination time. */
|
||||
+ if (ret < 0 && !session_termination) {
|
||||
+ vbg_track_bit_usage(&gdev->set_guest_caps_tracker, changed,
|
||||
+ session->set_guest_caps);
|
||||
+ session->set_guest_caps = previous;
|
||||
}
|
||||
|
||||
out:
|
||||
mutex_unlock(&gdev->session_mutex);
|
||||
- vbg_req_free(req, sizeof(*req));
|
||||
|
||||
return ret;
|
||||
}
|
||||
@@ -948,6 +1075,7 @@ void vbg_core_close_session(struct vbg_session *session)
|
||||
struct vbg_dev *gdev = session->gdev;
|
||||
int i, rc;
|
||||
|
||||
+ vbg_acquire_session_capabilities(gdev, session, 0, U32_MAX, 0, true);
|
||||
vbg_set_session_capabilities(gdev, session, 0, U32_MAX, true);
|
||||
vbg_set_session_event_filter(gdev, session, 0, U32_MAX, true);
|
||||
|
||||
@@ -1005,31 +1133,52 @@ static int vbg_ioctl_driver_version_info(
|
||||
return 0;
|
||||
}
|
||||
|
||||
+/* Must be called with the event_lock held */
|
||||
+static u32 vbg_get_allowed_event_mask_for_session(struct vbg_dev *gdev,
|
||||
+ struct vbg_session *session)
|
||||
+{
|
||||
+ u32 acquire_mode_caps = gdev->acquire_mode_guest_caps;
|
||||
+ u32 session_acquired_caps = session->acquired_guest_caps;
|
||||
+ u32 allowed_events = VMMDEV_EVENT_VALID_EVENT_MASK;
|
||||
+
|
||||
+ if ((acquire_mode_caps & VMMDEV_GUEST_SUPPORTS_GRAPHICS) &&
|
||||
+ !(session_acquired_caps & VMMDEV_GUEST_SUPPORTS_GRAPHICS))
|
||||
+ allowed_events &= ~VMMDEV_EVENT_DISPLAY_CHANGE_REQUEST;
|
||||
+
|
||||
+ if ((acquire_mode_caps & VMMDEV_GUEST_SUPPORTS_SEAMLESS) &&
|
||||
+ !(session_acquired_caps & VMMDEV_GUEST_SUPPORTS_SEAMLESS))
|
||||
+ allowed_events &= ~VMMDEV_EVENT_SEAMLESS_MODE_CHANGE_REQUEST;
|
||||
+
|
||||
+ return allowed_events;
|
||||
+}
|
||||
+
|
||||
static bool vbg_wait_event_cond(struct vbg_dev *gdev,
|
||||
struct vbg_session *session,
|
||||
u32 event_mask)
|
||||
{
|
||||
unsigned long flags;
|
||||
bool wakeup;
|
||||
u32 events;
|
||||
|
||||
spin_lock_irqsave(&gdev->event_spinlock, flags);
|
||||
|
||||
events = gdev->pending_events & event_mask;
|
||||
+ events &= vbg_get_allowed_event_mask_for_session(gdev, session);
|
||||
wakeup = events || session->cancel_waiters;
|
||||
|
||||
spin_unlock_irqrestore(&gdev->event_spinlock, flags);
|
||||
|
||||
return wakeup;
|
||||
}
|
||||
|
||||
/* Must be called with the event_lock held */
|
||||
static u32 vbg_consume_events_locked(struct vbg_dev *gdev,
|
||||
struct vbg_session *session,
|
||||
u32 event_mask)
|
||||
{
|
||||
u32 events = gdev->pending_events & event_mask;
|
||||
|
||||
+ events &= vbg_get_allowed_event_mask_for_session(gdev, session);
|
||||
gdev->pending_events &= ~events;
|
||||
return events;
|
||||
}
|
||||
@@ -1149,7 +1298,9 @@ static int vbg_req_allowed(struct vbg_dev *gdev, struct vbg_session *session,
|
||||
case VMMDEVREQ_VIDEO_ACCEL_ENABLE:
|
||||
case VMMDEVREQ_VIDEO_ACCEL_FLUSH:
|
||||
case VMMDEVREQ_VIDEO_SET_VISIBLE_REGION:
|
||||
+ case VMMDEVREQ_VIDEO_UPDATE_MONITOR_POSITIONS:
|
||||
case VMMDEVREQ_GET_DISPLAY_CHANGE_REQEX:
|
||||
+ case VMMDEVREQ_GET_DISPLAY_CHANGE_REQ_MULTI:
|
||||
case VMMDEVREQ_GET_SEAMLESS_CHANGE_REQ:
|
||||
case VMMDEVREQ_GET_VRDPCHANGE_REQ:
|
||||
case VMMDEVREQ_LOG_STRING:
|
||||
@@ -1431,27 +1582,50 @@ static int vbg_ioctl_change_filter_mask(struct vbg_dev *gdev,
|
||||
false);
|
||||
}
|
||||
|
||||
+static int vbg_ioctl_acquire_guest_capabilities(struct vbg_dev *gdev,
|
||||
+ struct vbg_session *session,
|
||||
+ struct vbg_ioctl_acquire_guest_caps *caps)
|
||||
+{
|
||||
+ u32 flags, or_mask, not_mask;
|
||||
+
|
||||
+ if (vbg_ioctl_chk(&caps->hdr, sizeof(caps->u.in), 0))
|
||||
+ return -EINVAL;
|
||||
+
|
||||
+ flags = caps->u.in.flags;
|
||||
+ or_mask = caps->u.in.or_mask;
|
||||
+ not_mask = caps->u.in.not_mask;
|
||||
+
|
||||
+ if (flags & ~VBGL_IOC_AGC_FLAGS_VALID_MASK)
|
||||
+ return -EINVAL;
|
||||
+
|
||||
+ if ((or_mask | not_mask) & ~VMMDEV_GUEST_CAPABILITIES_MASK)
|
||||
+ return -EINVAL;
|
||||
+
|
||||
+ return vbg_acquire_session_capabilities(gdev, session, or_mask,
|
||||
+ not_mask, flags, false);
|
||||
+}
|
||||
+
|
||||
static int vbg_ioctl_change_guest_capabilities(struct vbg_dev *gdev,
|
||||
struct vbg_session *session, struct vbg_ioctl_set_guest_caps *caps)
|
||||
{
|
||||
u32 or_mask, not_mask;
|
||||
int ret;
|
||||
|
||||
if (vbg_ioctl_chk(&caps->hdr, sizeof(caps->u.in), sizeof(caps->u.out)))
|
||||
return -EINVAL;
|
||||
|
||||
or_mask = caps->u.in.or_mask;
|
||||
not_mask = caps->u.in.not_mask;
|
||||
|
||||
if ((or_mask | not_mask) & ~VMMDEV_GUEST_CAPABILITIES_MASK)
|
||||
return -EINVAL;
|
||||
|
||||
ret = vbg_set_session_capabilities(gdev, session, or_mask, not_mask,
|
||||
false);
|
||||
if (ret)
|
||||
return ret;
|
||||
|
||||
- caps->u.out.session_caps = session->guest_caps;
|
||||
+ caps->u.out.session_caps = session->set_guest_caps;
|
||||
caps->u.out.global_caps = gdev->guest_caps_host;
|
||||
|
||||
return 0;
|
||||
@@ -1540,29 +1714,31 @@ int vbg_core_ioctl(struct vbg_session *session, unsigned int req, void *data)
|
||||
return vbg_ioctl_interrupt_all_wait_events(gdev, session, data);
|
||||
case VBG_IOCTL_CHANGE_FILTER_MASK:
|
||||
return vbg_ioctl_change_filter_mask(gdev, session, data);
|
||||
+ case VBG_IOCTL_ACQUIRE_GUEST_CAPABILITIES:
|
||||
+ return vbg_ioctl_acquire_guest_capabilities(gdev, session, data);
|
||||
case VBG_IOCTL_CHANGE_GUEST_CAPABILITIES:
|
||||
return vbg_ioctl_change_guest_capabilities(gdev, session, data);
|
||||
case VBG_IOCTL_CHECK_BALLOON:
|
||||
return vbg_ioctl_check_balloon(gdev, data);
|
||||
case VBG_IOCTL_WRITE_CORE_DUMP:
|
||||
return vbg_ioctl_write_core_dump(gdev, session, data);
|
||||
}
|
||||
|
||||
/* Variable sized requests. */
|
||||
switch (req_no_size) {
|
||||
#ifdef CONFIG_COMPAT
|
||||
case VBG_IOCTL_HGCM_CALL_32(0):
|
||||
f32bit = true;
|
||||
#endif
|
||||
/* Fall through */
|
||||
case VBG_IOCTL_HGCM_CALL(0):
|
||||
return vbg_ioctl_hgcm_call(gdev, session, f32bit, data);
|
||||
case VBG_IOCTL_LOG(0):
|
||||
case VBG_IOCTL_LOG_ALT(0):
|
||||
return vbg_ioctl_log(data);
|
||||
}
|
||||
|
||||
- vbg_debug("VGDrvCommonIoCtl: Unknown req %#08x\n", req);
|
||||
+ vbg_err_ratelimited("Userspace made an unknown ioctl req %#08x\n", req);
|
||||
return -ENOTTY;
|
||||
}
|
||||
|
||||
diff --git a/drivers/virt/vboxguest/vboxguest_core.h b/drivers/virt/vboxguest/vboxguest_core.h
|
||||
index 77c3a9c8255d..ab4bf64e2cec 100644
|
||||
--- a/drivers/virt/vboxguest/vboxguest_core.h
|
||||
+++ b/drivers/virt/vboxguest/vboxguest_core.h
|
||||
@@ -118,11 +118,21 @@ struct vbg_dev {
|
||||
u32 event_filter_host;
|
||||
|
||||
/**
|
||||
- * Usage counters for guest capabilities. Indexed by capability bit
|
||||
+ * Guest capabilities which have been switched to acquire_mode.
|
||||
+ */
|
||||
+ u32 acquire_mode_guest_caps;
|
||||
+ /**
|
||||
+ * Guest capabilities acquired by vbg_acquire_session_capabilities().
|
||||
+ * Only one session can acquire a capability at a time.
|
||||
+ */
|
||||
+ u32 acquired_guest_caps;
|
||||
+ /**
|
||||
+ * Usage counters for guest capabilities requested through
|
||||
+ * vbg_set_session_capabilities(). Indexed by capability bit
|
||||
* number, one count per session using a capability.
|
||||
* Protected by session_mutex.
|
||||
*/
|
||||
- struct vbg_bit_usage_tracker guest_caps_tracker;
|
||||
+ struct vbg_bit_usage_tracker set_guest_caps_tracker;
|
||||
/**
|
||||
* The guest capabilities last reported to the host (or UINT32_MAX).
|
||||
* Protected by session_mutex.
|
||||
@@ -164,11 +174,16 @@ struct vbg_session {
|
||||
*/
|
||||
u32 event_filter;
|
||||
/**
|
||||
- * Guest capabilities for this session.
|
||||
+ * Guest capabilities acquired by vbg_acquire_session_capabilities().
|
||||
+ * Only one session can acquire a capability at a time.
|
||||
+ */
|
||||
+ u32 acquired_guest_caps;
|
||||
+ /**
|
||||
+ * Guest capabilities set through vbg_set_session_capabilities().
|
||||
* A capability claimed by any guest session will be reported to the
|
||||
* host. Protected by vbg_gdev.session_mutex.
|
||||
*/
|
||||
- u32 guest_caps;
|
||||
+ u32 set_guest_caps;
|
||||
/** VMMDEV_REQUESTOR_* flags */
|
||||
u32 requestor;
|
||||
/** Set on CANCEL_ALL_WAITEVENTS, protected by vbg_devevent_spinlock. */
|
||||
diff --git a/drivers/virt/vboxguest/vboxguest_utils.c b/drivers/virt/vboxguest/vboxguest_utils.c
|
||||
index 43c391626a00..b6fd06eb015e 100644
|
||||
--- a/drivers/virt/vboxguest/vboxguest_utils.c
|
||||
+++ b/drivers/virt/vboxguest/vboxguest_utils.c
|
||||
@@ -58,6 +58,7 @@ EXPORT_SYMBOL(name)
|
||||
VBG_LOG(vbg_info, pr_info);
|
||||
VBG_LOG(vbg_warn, pr_warn);
|
||||
VBG_LOG(vbg_err, pr_err);
|
||||
+VBG_LOG(vbg_err_ratelimited, pr_err_ratelimited);
|
||||
#if defined(DEBUG) && !defined(CONFIG_DYNAMIC_DEBUG)
|
||||
VBG_LOG(vbg_debug, pr_debug);
|
||||
#endif
|
||||
diff --git a/include/linux/vbox_utils.h b/include/linux/vbox_utils.h
|
||||
index ff56c443180c..db8a7d118093 100644
|
||||
--- a/include/linux/vbox_utils.h
|
||||
+++ b/include/linux/vbox_utils.h
|
||||
@@ -16,6 +16,7 @@ struct vbg_dev;
|
||||
__printf(1, 2) void vbg_info(const char *fmt, ...);
|
||||
__printf(1, 2) void vbg_warn(const char *fmt, ...);
|
||||
__printf(1, 2) void vbg_err(const char *fmt, ...);
|
||||
+__printf(1, 2) void vbg_err_ratelimited(const char *fmt, ...);
|
||||
|
||||
/* Only use backdoor logging for non-dynamic debug builds */
|
||||
#if defined(DEBUG) && !defined(CONFIG_DYNAMIC_DEBUG)
|
||||
diff --git a/include/uapi/linux/vbox_vmmdev_types.h b/include/uapi/linux/vbox_vmmdev_types.h
|
||||
index c27289fd619a..f8a8d6b3c521 100644
|
||||
--- a/include/uapi/linux/vbox_vmmdev_types.h
|
||||
+++ b/include/uapi/linux/vbox_vmmdev_types.h
|
||||
@@ -63,6 +63,7 @@ enum vmmdev_request_type {
|
||||
VMMDEVREQ_SET_GUEST_CAPABILITIES = 56,
|
||||
VMMDEVREQ_VIDEMODE_SUPPORTED2 = 57, /* since version 3.2.0 */
|
||||
VMMDEVREQ_GET_DISPLAY_CHANGE_REQEX = 80, /* since version 4.2.4 */
|
||||
+ VMMDEVREQ_GET_DISPLAY_CHANGE_REQ_MULTI = 81,
|
||||
VMMDEVREQ_HGCM_CONNECT = 60,
|
||||
VMMDEVREQ_HGCM_DISCONNECT = 61,
|
||||
VMMDEVREQ_HGCM_CALL32 = 62,
|
||||
@@ -92,6 +93,8 @@ enum vmmdev_request_type {
|
||||
VMMDEVREQ_WRITE_COREDUMP = 218,
|
||||
VMMDEVREQ_GUEST_HEARTBEAT = 219,
|
||||
VMMDEVREQ_HEARTBEAT_CONFIGURE = 220,
|
||||
+ VMMDEVREQ_NT_BUG_CHECK = 221,
|
||||
+ VMMDEVREQ_VIDEO_UPDATE_MONITOR_POSITIONS = 222,
|
||||
/* Ensure the enum is a 32 bit data-type */
|
||||
VMMDEVREQ_SIZEHACK = 0x7fffffff
|
||||
};
|
||||
diff --git a/include/uapi/linux/vboxguest.h b/include/uapi/linux/vboxguest.h
|
||||
index f79d7abe27db..15125f6ec60d 100644
|
||||
--- a/include/uapi/linux/vboxguest.h
|
||||
+++ b/include/uapi/linux/vboxguest.h
|
||||
@@ -257,6 +257,30 @@ VMMDEV_ASSERT_SIZE(vbg_ioctl_change_filter, 24 + 8);
|
||||
_IOWR('V', 12, struct vbg_ioctl_change_filter)
|
||||
|
||||
|
||||
+/** VBG_IOCTL_ACQUIRE_GUEST_CAPABILITIES data structure. */
|
||||
+struct vbg_ioctl_acquire_guest_caps {
|
||||
+ /** The header. */
|
||||
+ struct vbg_ioctl_hdr hdr;
|
||||
+ union {
|
||||
+ struct {
|
||||
+ /** Flags (VBGL_IOC_AGC_FLAGS_XXX). */
|
||||
+ __u32 flags;
|
||||
+ /** Capabilities to set (VMMDEV_GUEST_SUPPORTS_XXX). */
|
||||
+ __u32 or_mask;
|
||||
+ /** Capabilities to drop (VMMDEV_GUEST_SUPPORTS_XXX). */
|
||||
+ __u32 not_mask;
|
||||
+ } in;
|
||||
+ } u;
|
||||
+};
|
||||
+VMMDEV_ASSERT_SIZE(vbg_ioctl_acquire_guest_caps, 24 + 12);
|
||||
+
|
||||
+#define VBGL_IOC_AGC_FLAGS_CONFIG_ACQUIRE_MODE 0x00000001
|
||||
+#define VBGL_IOC_AGC_FLAGS_VALID_MASK 0x00000001
|
||||
+
|
||||
+#define VBG_IOCTL_ACQUIRE_GUEST_CAPABILITIES \
|
||||
+ _IOWR('V', 13, struct vbg_ioctl_acquire_guest_caps)
|
||||
+
|
||||
+
|
||||
/** VBG_IOCTL_CHANGE_GUEST_CAPABILITIES data structure. */
|
||||
struct vbg_ioctl_set_guest_caps {
|
||||
/** The header. */
|
|
@ -0,0 +1,211 @@
|
|||
#!/usr/bin/bash
|
||||
# JOBoRun : Jwm OpenBox Obarun RUNit
|
||||
# Maintainer : Joe Bo Run <joborun@disroot.org>
|
||||
# PkgSource : url="https://gittea.disroot.org/joborun-pkg/jobcore/$pkgname"
|
||||
# Website : https://pozol.eu
|
||||
#-----------------------------------------| DESCRIPTION |---------------------------------------
|
||||
|
||||
pkgbase=linux-lts54
|
||||
pkgver=5.4.200
|
||||
pkgrel=01
|
||||
pkgdesc='LTS Linux 5.4 w/o zstd & ipv6'
|
||||
#url="https://www.kernel.org/"
|
||||
arch=(x86_64)
|
||||
makedepends=(
|
||||
bc kmod libelf cpio perl tar xz
|
||||
xmlto python-sphinx python-sphinx_rtd_theme graphviz imagemagick
|
||||
) # python-six
|
||||
options=('!strip')
|
||||
_srcname=linux-$pkgver
|
||||
url="https://cdn.kernel.org/pub/linux/kernel"
|
||||
source=($url/v5.x/$_srcname.tar.{xz,sign}
|
||||
config # the main kernel config file
|
||||
sha256sums
|
||||
0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch
|
||||
0002-virt-vbox-Add-support-for-the-new-VBG_IOCTL_ACQUIRE_.patch
|
||||
sphinx-workaround.patch)
|
||||
|
||||
export KBUILD_BUILD_HOST=joborun
|
||||
export KBUILD_BUILD_USER=$pkgbase
|
||||
export KBUILD_BUILD_TIMESTAMP="$(date -Ru${SOURCE_DATE_EPOCH:+d @$SOURCE_DATE_EPOCH})"
|
||||
|
||||
prepare() {
|
||||
cd $_srcname
|
||||
|
||||
echo "Setting version... $pkgver"
|
||||
scripts/setlocalversion --save-scmversion
|
||||
echo "-$pkgrel" > localversion.10-pkgrel
|
||||
echo "${pkgbase#linux}" > localversion.20-pkgname
|
||||
|
||||
local src
|
||||
for src in "${source[@]}"; do
|
||||
src="${src%%::*}"
|
||||
src="${src##*/}"
|
||||
[[ $src = *.patch ]] || continue
|
||||
echo "Applying patch $src..."
|
||||
patch -Np1 < "../$src"
|
||||
done
|
||||
|
||||
echo "Setting joborunlinux config..."
|
||||
cp ../config .config
|
||||
make olddefconfig
|
||||
|
||||
make -s kernelrelease > version
|
||||
echo "Prepared $pkgbase version $(<version)"
|
||||
}
|
||||
|
||||
build() {
|
||||
cd $_srcname
|
||||
make all
|
||||
}
|
||||
## make htmldocs
|
||||
|
||||
_package() {
|
||||
pkgdesc="The $pkgdesc kernel and modules w/o zstd ipv6 touchscreen"
|
||||
depends=(coreutils kmod initramfs)
|
||||
optdepends=('crda: to set the correct wireless channels of your country'
|
||||
'linux-firmware: firmware images needed for some devices')
|
||||
provides=(VIRTUALBOX-GUEST-MODULES WIREGUARD-MODULE)
|
||||
replaces=(wireguard-lts)
|
||||
|
||||
cd $_srcname
|
||||
local kernver="$(<version)"
|
||||
local modulesdir="$pkgdir/usr/lib/modules/$kernver"
|
||||
|
||||
echo "Installing boot image..."
|
||||
# systemd expects to find the kernel here to allow hibernation
|
||||
# https://github.com/systemd/systemd/commit/edda44605f06a41fb86b7ab8128dcf99161d2344
|
||||
install -Dm644 "$(make -s image_name)" "$modulesdir/vmlinuz"
|
||||
|
||||
# Used by mkinitcpio to name the kernel
|
||||
echo "$pkgbase" | install -Dm644 /dev/stdin "$modulesdir/pkgbase"
|
||||
|
||||
echo "Installing modules..."
|
||||
make INSTALL_MOD_PATH="$pkgdir/usr" INSTALL_MOD_STRIP=1 modules_install
|
||||
|
||||
# remove build and source links
|
||||
rm "$modulesdir"/{source,build}
|
||||
}
|
||||
|
||||
_package-headers() {
|
||||
pkgdesc="Headers and scripts for building modules for the $pkgdesc kernel"
|
||||
depends=(pahole)
|
||||
|
||||
cd $_srcname
|
||||
local builddir="$pkgdir/usr/lib/modules/$(<version)/build"
|
||||
|
||||
echo "Installing build files..."
|
||||
install -Dt "$builddir" -m644 .config Makefile Module.symvers System.map \
|
||||
localversion.* version vmlinux
|
||||
install -Dt "$builddir/kernel" -m644 kernel/Makefile
|
||||
install -Dt "$builddir/arch/x86" -m644 arch/x86/Makefile
|
||||
cp -t "$builddir" -a scripts
|
||||
|
||||
# add objtool for external module building and enabled VALIDATION_STACK option
|
||||
install -Dt "$builddir/tools/objtool" tools/objtool/objtool
|
||||
|
||||
# add xfs and shmem for aufs building
|
||||
mkdir -p "$builddir"/{fs/xfs,mm}
|
||||
|
||||
echo "Installing headers..."
|
||||
cp -t "$builddir" -a include
|
||||
cp -t "$builddir/arch/x86" -a arch/x86/include
|
||||
install -Dt "$builddir/arch/x86/kernel" -m644 arch/x86/kernel/asm-offsets.s
|
||||
|
||||
install -Dt "$builddir/drivers/md" -m644 drivers/md/*.h
|
||||
install -Dt "$builddir/net/mac80211" -m644 net/mac80211/*.h
|
||||
|
||||
# https://bugs.archlinux.org/task/13146
|
||||
install -Dt "$builddir/drivers/media/i2c" -m644 drivers/media/i2c/msp3400-driver.h
|
||||
|
||||
# https://bugs.archlinux.org/task/20402
|
||||
install -Dt "$builddir/drivers/media/usb/dvb-usb" -m644 drivers/media/usb/dvb-usb/*.h
|
||||
install -Dt "$builddir/drivers/media/dvb-frontends" -m644 drivers/media/dvb-frontends/*.h
|
||||
install -Dt "$builddir/drivers/media/tuners" -m644 drivers/media/tuners/*.h
|
||||
|
||||
echo "Installing KConfig files..."
|
||||
find . -name 'Kconfig*' -exec install -Dm644 {} "$builddir/{}" \;
|
||||
|
||||
echo "Removing unneeded architectures..."
|
||||
local arch
|
||||
for arch in "$builddir"/arch/*/; do
|
||||
[[ $arch = */x86/ ]] && continue
|
||||
echo "Removing $(basename "$arch")"
|
||||
rm -r "$arch"
|
||||
done
|
||||
|
||||
echo "Removing documentation..."
|
||||
rm -r "$builddir/Documentation"
|
||||
|
||||
echo "Removing broken symlinks..."
|
||||
find -L "$builddir" -type l -printf 'Removing %P\n' -delete
|
||||
|
||||
echo "Removing loose objects..."
|
||||
find "$builddir" -type f -name '*.o' -printf 'Removing %P\n' -delete
|
||||
|
||||
echo "Stripping build tools..."
|
||||
local file
|
||||
while read -rd '' file; do
|
||||
case "$(file -bi "$file")" in
|
||||
application/x-sharedlib\;*) # Libraries (.so)
|
||||
strip -v $STRIP_SHARED "$file" ;;
|
||||
application/x-archive\;*) # Libraries (.a)
|
||||
strip -v $STRIP_STATIC "$file" ;;
|
||||
application/x-executable\;*) # Binaries
|
||||
strip -v $STRIP_BINARIES "$file" ;;
|
||||
application/x-pie-executable\;*) # Relocatable binaries
|
||||
strip -v $STRIP_SHARED "$file" ;;
|
||||
esac
|
||||
done < <(find "$builddir" -type f -perm -u+x ! -name vmlinux -print0)
|
||||
|
||||
echo "Stripping vmlinux..."
|
||||
strip -v $STRIP_STATIC "$builddir/vmlinux"
|
||||
|
||||
echo "Adding symlink..."
|
||||
mkdir -p "$pkgdir/usr/src"
|
||||
ln -sr "$builddir" "$pkgdir/usr/src/$pkgbase"
|
||||
}
|
||||
|
||||
#_package-docs() {
|
||||
# pkgdesc="Documentation for the $pkgdesc kernel"
|
||||
#
|
||||
# cd $_srcname
|
||||
# local builddir="$pkgdir/usr/lib/modules/$(<version)/build"
|
||||
#
|
||||
# echo "Installing documentation..."
|
||||
# local src dst
|
||||
# while read -rd '' src; do
|
||||
# dst="${src#Documentation/}"
|
||||
# dst="$builddir/Documentation/${dst#output/}"
|
||||
# install -Dm644 "$src" "$dst"
|
||||
# done < <(find Documentation -name '.*' -prune -o ! -type d -print0)
|
||||
#
|
||||
# echo "Adding symlink..."
|
||||
# mkdir -p "$pkgdir/usr/share/doc"
|
||||
# ln -sr "$builddir/Documentation" "$pkgdir/usr/share/doc/$pkgbase"
|
||||
#}
|
||||
|
||||
pkgname=("$pkgbase" "$pkgbase-headers") # "$pkgbase-docs")
|
||||
for _p in "${pkgname[@]}"; do
|
||||
eval "package_$_p() {
|
||||
$(declare -f "_package${_p#$pkgbase}")
|
||||
_package${_p#$pkgbase}
|
||||
}"
|
||||
done
|
||||
|
||||
#---- license gpg-key sha256sums ----
|
||||
|
||||
license=(GPL2)
|
||||
|
||||
validpgpkeys=(ABAF11C65A2970B130ABE3C479BE3E4300411886 # Linus Torvalds
|
||||
647F28654894E3BD457199BE38DBBDC86092693E) # Greg Kroah-Hartman
|
||||
|
||||
# https://cdn.kernel.org/pub/linux/kernel/v5.x/sha256sums.asc
|
||||
|
||||
sha256sums=(eae97c9bbf0228bef165be60283ec42cfc9531cea5c641aa3ba131f2125525b8 # linux-5.4.200.tar.xz
|
||||
b9f32ec6525361da38d133048e1e98ab424cf9c0251a708f6b55c6ba91fe9e71 # linux-5.4.200.tar.sign
|
||||
b1311e94cb105aafc5c4c3cc09096b23b83ce7a50b6e12a5ad44082f9fa17a05 # config
|
||||
4ddf8dd1ebdb44af29df8fab575b3547543493eadfe85bb849ee9fad8d071b0d # sha256sums
|
||||
b439f57b84bc98730c0265695abb92385ee4dcd35a5c00d4cb3d3155c75fb491 # 0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch
|
||||
4fd74bb2a7101d700fba91806141339d8c9e46a14f8fc1fe276cfb68f1eec0f5 # 0002-virt-vbox-Add-support-for-the-new-VBG_IOCTL_ACQUIRE_.patch
|
||||
b7c814c8183e4645947a6dcc3cbf80431de8a8fd4e895b780f9a5fd92f82cb8e) # sphinx-workaround.patch
|
|
@ -0,0 +1,201 @@
|
|||
# Maintainer: Jonathon Fernyhough <jonathon+m2x+dev>
|
||||
# Contributor: Andreas Radke <andyrtr@archlinux.org>
|
||||
|
||||
pkgbase=linux-lts54
|
||||
pkgver=5.4.200
|
||||
pkgrel=1
|
||||
pkgdesc='LTS 5.4 Linux'
|
||||
url="https://www.kernel.org/"
|
||||
arch=(x86_64)
|
||||
license=(GPL2)
|
||||
makedepends=(
|
||||
bc kmod libelf cpio perl tar xz
|
||||
xmlto python-six python-sphinx python-sphinx_rtd_theme graphviz imagemagick
|
||||
)
|
||||
options=('!strip')
|
||||
_srcname=linux-$pkgver
|
||||
source=(
|
||||
https://cdn.kernel.org/pub/linux/kernel/v${pkgver%%.*}.x/${_srcname}.tar.{xz,sign}
|
||||
config # the main kernel config file
|
||||
0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch
|
||||
0002-virt-vbox-Add-support-for-the-new-VBG_IOCTL_ACQUIRE_.patch
|
||||
0003-Add-support-for-ZSTD-compressed-kernel.patch
|
||||
sphinx-workaround.patch
|
||||
)
|
||||
validpgpkeys=(
|
||||
'ABAF11C65A2970B130ABE3C479BE3E4300411886' # Linus Torvalds
|
||||
'647F28654894E3BD457199BE38DBBDC86092693E' # Greg Kroah-Hartman
|
||||
)
|
||||
# https://www.kernel.org/pub/linux/kernel/v5.x/sha256sums.asc
|
||||
sha256sums=('eae97c9bbf0228bef165be60283ec42cfc9531cea5c641aa3ba131f2125525b8'
|
||||
'SKIP'
|
||||
'df3e11d360eb17fa6564a55ff05f14624c5ed8763a64cf0a9b9f4ebde5863412'
|
||||
'b439f57b84bc98730c0265695abb92385ee4dcd35a5c00d4cb3d3155c75fb491'
|
||||
'4fd74bb2a7101d700fba91806141339d8c9e46a14f8fc1fe276cfb68f1eec0f5'
|
||||
'8b604b7dc447b5f1f6f0b6239d5dd3ec6a5336cba78ac6dcef8f3e59357bd8c0'
|
||||
'b7c814c8183e4645947a6dcc3cbf80431de8a8fd4e895b780f9a5fd92f82cb8e')
|
||||
|
||||
export KBUILD_BUILD_HOST=archlinux
|
||||
export KBUILD_BUILD_USER=$pkgbase
|
||||
export KBUILD_BUILD_TIMESTAMP="$(date -Ru${SOURCE_DATE_EPOCH:+d @$SOURCE_DATE_EPOCH})"
|
||||
|
||||
prepare() {
|
||||
cd $_srcname
|
||||
|
||||
echo "Setting version..."
|
||||
scripts/setlocalversion --save-scmversion
|
||||
echo "-$pkgrel" > localversion.10-pkgrel
|
||||
echo "${pkgbase#linux}" > localversion.20-pkgname
|
||||
|
||||
local src
|
||||
for src in "${source[@]}"; do
|
||||
src="${src%%::*}"
|
||||
src="${src##*/}"
|
||||
[[ $src = *.patch ]] || continue
|
||||
echo "Applying patch $src..."
|
||||
patch -Np1 < "../$src"
|
||||
done
|
||||
|
||||
echo "Setting config..."
|
||||
cp ../config .config
|
||||
make olddefconfig
|
||||
|
||||
make -s kernelrelease > version
|
||||
echo "Prepared $pkgbase version $(<version)"
|
||||
}
|
||||
|
||||
build() {
|
||||
cd $_srcname
|
||||
make all
|
||||
make htmldocs
|
||||
}
|
||||
|
||||
_package() {
|
||||
pkgdesc="The $pkgdesc kernel and modules"
|
||||
depends=(coreutils kmod initramfs)
|
||||
optdepends=('crda: to set the correct wireless channels of your country'
|
||||
'linux-firmware: firmware images needed for some devices')
|
||||
provides=(VIRTUALBOX-GUEST-MODULES)
|
||||
|
||||
cd $_srcname
|
||||
local kernver="$(<version)"
|
||||
local modulesdir="$pkgdir/usr/lib/modules/$kernver"
|
||||
|
||||
echo "Installing boot image..."
|
||||
# systemd expects to find the kernel here to allow hibernation
|
||||
# https://github.com/systemd/systemd/commit/edda44605f06a41fb86b7ab8128dcf99161d2344
|
||||
install -Dm644 "$(make -s image_name)" "$modulesdir/vmlinuz"
|
||||
|
||||
# Used by mkinitcpio to name the kernel
|
||||
echo "$pkgbase" | install -Dm644 /dev/stdin "$modulesdir/pkgbase"
|
||||
|
||||
echo "Installing modules..."
|
||||
make INSTALL_MOD_PATH="$pkgdir/usr" modules_install
|
||||
|
||||
# remove build and source links
|
||||
rm "$modulesdir"/{source,build}
|
||||
}
|
||||
|
||||
_package-headers() {
|
||||
pkgdesc="Headers and scripts for building modules for the $pkgdesc kernel"
|
||||
|
||||
cd $_srcname
|
||||
local builddir="$pkgdir/usr/lib/modules/$(<version)/build"
|
||||
|
||||
echo "Installing build files..."
|
||||
install -Dt "$builddir" -m644 .config Makefile Module.symvers System.map \
|
||||
localversion.* version vmlinux
|
||||
install -Dt "$builddir/kernel" -m644 kernel/Makefile
|
||||
install -Dt "$builddir/arch/x86" -m644 arch/x86/Makefile
|
||||
cp -t "$builddir" -a scripts
|
||||
|
||||
# add objtool for external module building and enabled VALIDATION_STACK option
|
||||
install -Dt "$builddir/tools/objtool" tools/objtool/objtool
|
||||
|
||||
# add xfs and shmem for aufs building
|
||||
mkdir -p "$builddir"/{fs/xfs,mm}
|
||||
|
||||
echo "Installing headers..."
|
||||
cp -t "$builddir" -a include
|
||||
cp -t "$builddir/arch/x86" -a arch/x86/include
|
||||
install -Dt "$builddir/arch/x86/kernel" -m644 arch/x86/kernel/asm-offsets.s
|
||||
|
||||
install -Dt "$builddir/drivers/md" -m644 drivers/md/*.h
|
||||
install -Dt "$builddir/net/mac80211" -m644 net/mac80211/*.h
|
||||
|
||||
# http://bugs.archlinux.org/task/13146
|
||||
install -Dt "$builddir/drivers/media/i2c" -m644 drivers/media/i2c/msp3400-driver.h
|
||||
|
||||
# http://bugs.archlinux.org/task/20402
|
||||
install -Dt "$builddir/drivers/media/usb/dvb-usb" -m644 drivers/media/usb/dvb-usb/*.h
|
||||
install -Dt "$builddir/drivers/media/dvb-frontends" -m644 drivers/media/dvb-frontends/*.h
|
||||
install -Dt "$builddir/drivers/media/tuners" -m644 drivers/media/tuners/*.h
|
||||
|
||||
echo "Installing KConfig files..."
|
||||
find . -name 'Kconfig*' -exec install -Dm644 {} "$builddir/{}" \;
|
||||
|
||||
echo "Removing unneeded architectures..."
|
||||
local arch
|
||||
for arch in "$builddir"/arch/*/; do
|
||||
[[ $arch = */x86/ ]] && continue
|
||||
echo "Removing $(basename "$arch")"
|
||||
rm -r "$arch"
|
||||
done
|
||||
|
||||
echo "Removing documentation..."
|
||||
rm -r "$builddir/Documentation"
|
||||
|
||||
echo "Removing broken symlinks..."
|
||||
find -L "$builddir" -type l -printf 'Removing %P\n' -delete
|
||||
|
||||
echo "Removing loose objects..."
|
||||
find "$builddir" -type f -name '*.o' -printf 'Removing %P\n' -delete
|
||||
|
||||
echo "Stripping build tools..."
|
||||
local file
|
||||
while read -rd '' file; do
|
||||
case "$(file -bi "$file")" in
|
||||
application/x-sharedlib\;*) # Libraries (.so)
|
||||
strip -v $STRIP_SHARED "$file" ;;
|
||||
application/x-archive\;*) # Libraries (.a)
|
||||
strip -v $STRIP_STATIC "$file" ;;
|
||||
application/x-executable\;*) # Binaries
|
||||
strip -v $STRIP_BINARIES "$file" ;;
|
||||
application/x-pie-executable\;*) # Relocatable binaries
|
||||
strip -v $STRIP_SHARED "$file" ;;
|
||||
esac
|
||||
done < <(find "$builddir" -type f -perm -u+x ! -name vmlinux -print0)
|
||||
|
||||
echo "Adding symlink..."
|
||||
mkdir -p "$pkgdir/usr/src"
|
||||
ln -sr "$builddir" "$pkgdir/usr/src/$pkgbase"
|
||||
}
|
||||
|
||||
_package-docs() {
|
||||
pkgdesc="Documentation for the $pkgdesc kernel"
|
||||
|
||||
cd $_srcname
|
||||
local builddir="$pkgdir/usr/lib/modules/$(<version)/build"
|
||||
|
||||
echo "Installing documentation..."
|
||||
local src dst
|
||||
while read -rd '' src; do
|
||||
dst="${src#Documentation/}"
|
||||
dst="$builddir/Documentation/${dst#output/}"
|
||||
install -Dm644 "$src" "$dst"
|
||||
done < <(find Documentation -name '.*' -prune -o ! -type d -print0)
|
||||
|
||||
echo "Adding symlink..."
|
||||
mkdir -p "$pkgdir/usr/share/doc"
|
||||
ln -sr "$builddir/Documentation" "$pkgdir/usr/share/doc/$pkgbase"
|
||||
}
|
||||
|
||||
pkgname=("$pkgbase" "$pkgbase-headers" "$pkgbase-docs")
|
||||
for _p in "${pkgname[@]}"; do
|
||||
eval "package_$_p() {
|
||||
$(declare -f "_package${_p#$pkgbase}")
|
||||
_package${_p#$pkgbase}
|
||||
}"
|
||||
done
|
||||
|
||||
# vim:set ts=8 sts=2 sw=2 et:
|
|
@ -0,0 +1 @@
|
|||
rm -rf {src,pkg,linux-5.4*.tar.*}
|
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,11 @@
|
|||
bc
|
||||
pahole
|
||||
cpio
|
||||
xmlto
|
||||
python-sphinx
|
||||
python-sphinx_rtd_theme
|
||||
graphviz
|
||||
imagemagick
|
||||
bison
|
||||
python-six
|
||||
|
|
@ -0,0 +1 @@
|
|||
gpg -v --recv-key 38DBBDC86092693E
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,15 @@
|
|||
diff --git i/Documentation/conf.py w/Documentation/conf.py
|
||||
index a8fe845832bc..2dae2e830c26 100644
|
||||
--- i/Documentation/conf.py
|
||||
+++ w/Documentation/conf.py
|
||||
@@ -36,8 +36,8 @@ needs_sphinx = '1.3'
|
||||
# Add any Sphinx extension module names here, as strings. They can be
|
||||
# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom
|
||||
# ones.
|
||||
-extensions = ['kerneldoc', 'rstFlatTable', 'kernel_include', 'cdomain',
|
||||
- 'kfigure', 'sphinx.ext.ifconfig', 'automarkup']
|
||||
+extensions = ['kerneldoc', 'rstFlatTable', 'kernel_include',
|
||||
+ 'kfigure', 'sphinx.ext.ifconfig']
|
||||
|
||||
# The name of the math extension changed on Sphinx 1.4
|
||||
if (major == 1 and minor > 3) or (major > 1):
|
|
@ -0,0 +1,7 @@
|
|||
linux-5.4.200.tar.xz
|
||||
linux-5.4.200.tar.sign
|
||||
config
|
||||
sha256sums
|
||||
0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch
|
||||
0002-virt-vbox-Add-support-for-the-new-VBG_IOCTL_ACQUIRE_.patch
|
||||
sphinx-workaround.patch
|
|
@ -0,0 +1,4 @@
|
|||
|
||||
real 81m58.624s
|
||||
user 277m0.813s
|
||||
sys 18m54.045s
|
|
@ -7,7 +7,7 @@
|
|||
|
||||
pkgbase=nss
|
||||
pkgname=(nss ca-certificates-mozilla)
|
||||
pkgver=3.79
|
||||
pkgver=3.80
|
||||
pkgrel=01
|
||||
pkgdesc="Network Security Services - zstd mandatory here!"
|
||||
# experiment without zstd
|
||||
|
@ -16,8 +16,7 @@ arch=(x86_64)
|
|||
depends=('nspr>=4.34' sqlite zlib sh 'p11-kit>=0.23.19')
|
||||
makedepends=(perl python gyp mercurial)
|
||||
#options=(debug) # uncomment this if you need to build the nss debug pkg
|
||||
_revision=3463596523bee515266f572dc73e6724e68f6afd
|
||||
|
||||
_revision=9fb4de4bec24f23c7b5580d7c53607e432a4520d
|
||||
source=("hg+https://hg.mozilla.org/projects/nss#revision=$_revision"
|
||||
certdata2pem.py
|
||||
bundle.sh)
|
||||
|
@ -109,4 +108,3 @@ sha256sums=(SKIP # nss
|
|||
d2a1579dae05fd16175fac27ef08b54731ecefdf414085c610179afcf62b096c # certdata2pem.py
|
||||
3bfadf722da6773bdabdd25bdf78158648043d1b7e57615574f189a88ca865dd) # bundle.sh
|
||||
|
||||
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
|
||||
pkgbase=nss
|
||||
pkgname=(nss ca-certificates-mozilla)
|
||||
pkgver=3.79
|
||||
pkgver=3.80
|
||||
pkgrel=1
|
||||
pkgdesc="Network Security Services"
|
||||
url="https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS"
|
||||
|
@ -12,7 +12,7 @@ license=(MPL GPL)
|
|||
depends=('nspr>=4.34' sqlite zlib sh 'p11-kit>=0.23.19')
|
||||
makedepends=(perl python gyp mercurial)
|
||||
options=(debug)
|
||||
_revision=3463596523bee515266f572dc73e6724e68f6afd
|
||||
_revision=9fb4de4bec24f23c7b5580d7c53607e432a4520d
|
||||
source=("hg+https://hg.mozilla.org/projects/nss#revision=$_revision"
|
||||
certdata2pem.py bundle.sh)
|
||||
sha256sums=('SKIP'
|
||||
|
|
Loading…
Reference in New Issue