Update additional Debian patches for v5.11
This commit is contained in:
Maximilian Luz
parent
f2505ee84a
commit
b672e7faf2
|
|
@ -0,0 +1,129 @@
|
|||
From 50229d157d311b63268eaccbfec669da0dbb516c Mon Sep 17 00:00:00 2001
|
||||
From: Ben Hutchings <ben@decadent.org.uk>
|
||||
Date: Mon, 7 Sep 2020 02:51:53 +0100
|
||||
Subject: [PATCH 1/2] Export symbols needed by Android drivers
|
||||
|
||||
We want to enable use of the Android ashmem and binder drivers to
|
||||
support Anbox, but they should not be built-in as that would waste
|
||||
resources and increase security attack surface on systems that don't
|
||||
need them.
|
||||
|
||||
Export the currently un-exported symbols they depend on.
|
||||
---
|
||||
fs/file.c | 1 +
|
||||
kernel/fork.c | 1 +
|
||||
kernel/sched/core.c | 1 +
|
||||
kernel/task_work.c | 1 +
|
||||
mm/memory.c | 1 +
|
||||
mm/shmem.c | 1 +
|
||||
security/security.c | 4 ++++
|
||||
7 files changed, 10 insertions(+)
|
||||
|
||||
diff --git a/fs/file.c b/fs/file.c
|
||||
index dab120b71e44..ed2ec6ecc466 100644
|
||||
--- a/fs/file.c
|
||||
+++ b/fs/file.c
|
||||
@@ -761,6 +761,7 @@ int close_fd_get_file(unsigned int fd, struct file **res)
|
||||
*res = NULL;
|
||||
return -ENOENT;
|
||||
}
|
||||
+EXPORT_SYMBOL(__close_fd_get_file);
|
||||
|
||||
void do_close_on_exec(struct files_struct *files)
|
||||
{
|
||||
diff --git a/kernel/fork.c b/kernel/fork.c
|
||||
index d66cd1014211..ff215b3fdb15 100644
|
||||
--- a/kernel/fork.c
|
||||
+++ b/kernel/fork.c
|
||||
@@ -1120,6 +1120,7 @@ void mmput_async(struct mm_struct *mm)
|
||||
schedule_work(&mm->async_put_work);
|
||||
}
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(mmput_async);
|
||||
#endif
|
||||
|
||||
/**
|
||||
diff --git a/kernel/sched/core.c b/kernel/sched/core.c
|
||||
index ff74fca39ed2..943239122b29 100644
|
||||
--- a/kernel/sched/core.c
|
||||
+++ b/kernel/sched/core.c
|
||||
@@ -5575,6 +5575,7 @@ int can_nice(const struct task_struct *p, const int nice)
|
||||
return (nice_rlim <= task_rlimit(p, RLIMIT_NICE) ||
|
||||
capable(CAP_SYS_NICE));
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(can_nice);
|
||||
|
||||
#ifdef __ARCH_WANT_SYS_NICE
|
||||
|
||||
diff --git a/kernel/task_work.c b/kernel/task_work.c
|
||||
index 9cde961875c0..5c8dea45d4f8 100644
|
||||
--- a/kernel/task_work.c
|
||||
+++ b/kernel/task_work.c
|
||||
@@ -57,6 +57,7 @@ int task_work_add(struct task_struct *task, struct callback_head *work,
|
||||
|
||||
return 0;
|
||||
}
|
||||
+EXPORT_SYMBOL(task_work_add);
|
||||
|
||||
/**
|
||||
* task_work_cancel - cancel a pending work added by task_work_add()
|
||||
diff --git a/mm/memory.c b/mm/memory.c
|
||||
index feff48e1465a..9e9b0fd92e38 100644
|
||||
--- a/mm/memory.c
|
||||
+++ b/mm/memory.c
|
||||
@@ -1542,6 +1542,7 @@ void zap_page_range(struct vm_area_struct *vma, unsigned long start,
|
||||
mmu_notifier_invalidate_range_end(&range);
|
||||
tlb_finish_mmu(&tlb, start, range.end);
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(zap_page_range);
|
||||
|
||||
/**
|
||||
* zap_page_range_single - remove user pages in a given range
|
||||
diff --git a/mm/shmem.c b/mm/shmem.c
|
||||
index 7c6b6d8f6c39..83151e1345e6 100644
|
||||
--- a/mm/shmem.c
|
||||
+++ b/mm/shmem.c
|
||||
@@ -4287,6 +4287,7 @@ int shmem_zero_setup(struct vm_area_struct *vma)
|
||||
|
||||
return 0;
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(shmem_zero_setup);
|
||||
|
||||
/**
|
||||
* shmem_read_mapping_page_gfp - read into page cache, using specified page allocation flags.
|
||||
diff --git a/security/security.c b/security/security.c
|
||||
index 7b09cfbae94f..5eaec62c51f2 100644
|
||||
--- a/security/security.c
|
||||
+++ b/security/security.c
|
||||
@@ -727,24 +727,28 @@ int security_binder_set_context_mgr(struct task_struct *mgr)
|
||||
{
|
||||
return call_int_hook(binder_set_context_mgr, 0, mgr);
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(security_binder_set_context_mgr);
|
||||
|
||||
int security_binder_transaction(struct task_struct *from,
|
||||
struct task_struct *to)
|
||||
{
|
||||
return call_int_hook(binder_transaction, 0, from, to);
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(security_binder_transaction);
|
||||
|
||||
int security_binder_transfer_binder(struct task_struct *from,
|
||||
struct task_struct *to)
|
||||
{
|
||||
return call_int_hook(binder_transfer_binder, 0, from, to);
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(security_binder_transfer_binder);
|
||||
|
||||
int security_binder_transfer_file(struct task_struct *from,
|
||||
struct task_struct *to, struct file *file)
|
||||
{
|
||||
return call_int_hook(binder_transfer_file, 0, from, to, file);
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(security_binder_transfer_file);
|
||||
|
||||
int security_ptrace_access_check(struct task_struct *child, unsigned int mode)
|
||||
{
|
||||
--
|
||||
2.30.1
|
||||
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
From e2a9a34af4fd99de652638bfc0365aba284b95f8 Mon Sep 17 00:00:00 2001
|
||||
From: Ben Hutchings <ben@decadent.org.uk>
|
||||
Date: Fri, 22 Jun 2018 17:27:00 +0100
|
||||
Subject: android: Enable building ashmem and binder as modules
|
||||
Bug-Debian: https://bugs.debian.org/901492
|
||||
Subject: [PATCH 2/2] android: Enable building ashmem and binder as modules
|
||||
|
||||
We want to enable use of the Android ashmem and binder drivers to
|
||||
support Anbox, but they should not be built-in as that would waste
|
||||
|
|
@ -21,10 +21,10 @@ need them.
|
|||
drivers/staging/android/ashmem.c | 3 +++
|
||||
6 files changed, 12 insertions(+), 7 deletions(-)
|
||||
|
||||
Index: debian-kernel/drivers/android/Kconfig
|
||||
===================================================================
|
||||
--- debian-kernel.orig/drivers/android/Kconfig
|
||||
+++ debian-kernel/drivers/android/Kconfig
|
||||
diff --git a/drivers/android/Kconfig b/drivers/android/Kconfig
|
||||
index 53b22e26266c..f3c50236e8d1 100644
|
||||
--- a/drivers/android/Kconfig
|
||||
+++ b/drivers/android/Kconfig
|
||||
@@ -9,7 +9,7 @@ config ANDROID
|
||||
if ANDROID
|
||||
|
||||
|
|
@ -34,10 +34,10 @@ Index: debian-kernel/drivers/android/Kconfig
|
|||
depends on MMU
|
||||
default n
|
||||
help
|
||||
Index: debian-kernel/drivers/android/Makefile
|
||||
===================================================================
|
||||
--- debian-kernel.orig/drivers/android/Makefile
|
||||
+++ debian-kernel/drivers/android/Makefile
|
||||
diff --git a/drivers/android/Makefile b/drivers/android/Makefile
|
||||
index c9d3d0c99c25..55411d9a9c2a 100644
|
||||
--- a/drivers/android/Makefile
|
||||
+++ b/drivers/android/Makefile
|
||||
@@ -1,6 +1,7 @@
|
||||
# SPDX-License-Identifier: GPL-2.0-only
|
||||
ccflags-y += -I$(src) # needed for trace events
|
||||
|
|
@ -49,10 +49,10 @@ Index: debian-kernel/drivers/android/Makefile
|
|||
+binder_linux-y := binder.o binder_alloc.o
|
||||
+binder_linux-$(CONFIG_ANDROID_BINDERFS) += binderfs.o
|
||||
+binder_linux-$(CONFIG_ANDROID_BINDER_IPC_SELFTEST) += binder_alloc_selftest.o
|
||||
Index: debian-kernel/drivers/android/binder_alloc.c
|
||||
===================================================================
|
||||
--- debian-kernel.orig/drivers/android/binder_alloc.c
|
||||
+++ debian-kernel/drivers/android/binder_alloc.c
|
||||
diff --git a/drivers/android/binder_alloc.c b/drivers/android/binder_alloc.c
|
||||
index 7caf74ad2405..9202a44bd55d 100644
|
||||
--- a/drivers/android/binder_alloc.c
|
||||
+++ b/drivers/android/binder_alloc.c
|
||||
@@ -38,7 +38,7 @@ enum {
|
||||
};
|
||||
static uint32_t binder_alloc_debug_mask = BINDER_DEBUG_USER_ERROR;
|
||||
|
|
@ -62,10 +62,10 @@ Index: debian-kernel/drivers/android/binder_alloc.c
|
|||
uint, 0644);
|
||||
|
||||
#define binder_alloc_debug(mask, x...) \
|
||||
Index: debian-kernel/drivers/staging/android/Kconfig
|
||||
===================================================================
|
||||
--- debian-kernel.orig/drivers/staging/android/Kconfig
|
||||
+++ debian-kernel/drivers/staging/android/Kconfig
|
||||
diff --git a/drivers/staging/android/Kconfig b/drivers/staging/android/Kconfig
|
||||
index 70498adb1575..5c35653ed36d 100644
|
||||
--- a/drivers/staging/android/Kconfig
|
||||
+++ b/drivers/staging/android/Kconfig
|
||||
@@ -4,7 +4,7 @@ menu "Android"
|
||||
if ANDROID
|
||||
|
||||
|
|
@ -75,21 +75,21 @@ Index: debian-kernel/drivers/staging/android/Kconfig
|
|||
depends on SHMEM
|
||||
help
|
||||
The ashmem subsystem is a new shared memory allocator, similar to
|
||||
Index: debian-kernel/drivers/staging/android/Makefile
|
||||
===================================================================
|
||||
--- debian-kernel.orig/drivers/staging/android/Makefile
|
||||
+++ debian-kernel/drivers/staging/android/Makefile
|
||||
@@ -3,4 +3,5 @@ ccflags-y += -I$(src) # needed for tra
|
||||
|
||||
obj-y += ion/
|
||||
diff --git a/drivers/staging/android/Makefile b/drivers/staging/android/Makefile
|
||||
index e9a55a5e6529..60cb8eacc793 100644
|
||||
--- a/drivers/staging/android/Makefile
|
||||
+++ b/drivers/staging/android/Makefile
|
||||
@@ -1,4 +1,5 @@
|
||||
# SPDX-License-Identifier: GPL-2.0
|
||||
ccflags-y += -I$(src) # needed for trace events
|
||||
|
||||
-obj-$(CONFIG_ASHMEM) += ashmem.o
|
||||
+obj-$(CONFIG_ASHMEM) += ashmem_linux.o
|
||||
+ashmem_linux-y += ashmem.o
|
||||
Index: debian-kernel/drivers/staging/android/ashmem.c
|
||||
===================================================================
|
||||
--- debian-kernel.orig/drivers/staging/android/ashmem.c
|
||||
+++ debian-kernel/drivers/staging/android/ashmem.c
|
||||
diff --git a/drivers/staging/android/ashmem.c b/drivers/staging/android/ashmem.c
|
||||
index 4789d36ddfd3..f86efd3da373 100644
|
||||
--- a/drivers/staging/android/ashmem.c
|
||||
+++ b/drivers/staging/android/ashmem.c
|
||||
@@ -24,6 +24,7 @@
|
||||
#include <linux/bitops.h>
|
||||
#include <linux/mutex.h>
|
||||
|
|
@ -98,9 +98,12 @@ Index: debian-kernel/drivers/staging/android/ashmem.c
|
|||
#include "ashmem.h"
|
||||
|
||||
#define ASHMEM_NAME_PREFIX "dev/ashmem/"
|
||||
@@ -953,3 +954,5 @@ out:
|
||||
@@ -965,3 +966,5 @@ static int __init ashmem_init(void)
|
||||
return ret;
|
||||
}
|
||||
device_initcall(ashmem_init);
|
||||
+
|
||||
+MODULE_LICENSE("GPL v2");
|
||||
--
|
||||
2.30.1
|
||||
|
||||
|
|
@ -1,193 +0,0 @@
|
|||
From: Ben Hutchings <ben@decadent.org.uk>
|
||||
Date: Tue, 26 Jun 2018 16:59:01 +0100
|
||||
Subject: Export symbols needed by Android drivers
|
||||
Bug-Debian: https://bugs.debian.org/901492
|
||||
|
||||
We want to enable use of the Android ashmem and binder drivers to
|
||||
support Anbox, but they should not be built-in as that would waste
|
||||
resources and increase security attack surface on systems that don't
|
||||
need them.
|
||||
|
||||
Export the currently un-exported symbols they depend on.
|
||||
|
||||
---
|
||||
fs/file.c | 5 +++++
|
||||
kernel/fork.c | 1 +
|
||||
kernel/sched/core.c | 1 +
|
||||
kernel/signal.c | 1 +
|
||||
kernel/task_work.c | 1 +
|
||||
mm/memory.c | 1 +
|
||||
mm/shmem.c | 1 +
|
||||
mm/vmalloc.c | 2 ++
|
||||
security/security.c | 4 ++++
|
||||
9 files changed, 17 insertions(+)
|
||||
|
||||
Index: debian-kernel/fs/file.c
|
||||
===================================================================
|
||||
--- debian-kernel.orig/fs/file.c
|
||||
+++ debian-kernel/fs/file.c
|
||||
@@ -409,6 +409,7 @@ struct files_struct *get_files_struct(st
|
||||
|
||||
return files;
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(get_files_struct);
|
||||
|
||||
void put_files_struct(struct files_struct *files)
|
||||
{
|
||||
@@ -421,6 +422,7 @@ void put_files_struct(struct files_struc
|
||||
kmem_cache_free(files_cachep, files);
|
||||
}
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(put_files_struct);
|
||||
|
||||
void reset_files_struct(struct files_struct *files)
|
||||
{
|
||||
@@ -534,6 +536,7 @@ out:
|
||||
spin_unlock(&files->file_lock);
|
||||
return error;
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(__alloc_fd);
|
||||
|
||||
static int alloc_fd(unsigned start, unsigned flags)
|
||||
{
|
||||
@@ -612,6 +615,7 @@ void __fd_install(struct files_struct *f
|
||||
rcu_assign_pointer(fdt->fd[fd], file);
|
||||
rcu_read_unlock_sched();
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(__fd_install);
|
||||
|
||||
void fd_install(unsigned int fd, struct file *file)
|
||||
{
|
||||
@@ -676,6 +680,7 @@ out_unlock:
|
||||
*res = NULL;
|
||||
return -ENOENT;
|
||||
}
|
||||
+EXPORT_SYMBOL(__close_fd_get_file);
|
||||
|
||||
void do_close_on_exec(struct files_struct *files)
|
||||
{
|
||||
Index: debian-kernel/kernel/fork.c
|
||||
===================================================================
|
||||
--- debian-kernel.orig/kernel/fork.c
|
||||
+++ debian-kernel/kernel/fork.c
|
||||
@@ -1131,6 +1131,7 @@ void mmput_async(struct mm_struct *mm)
|
||||
schedule_work(&mm->async_put_work);
|
||||
}
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(mmput_async);
|
||||
#endif
|
||||
|
||||
/**
|
||||
Index: debian-kernel/kernel/sched/core.c
|
||||
===================================================================
|
||||
--- debian-kernel.orig/kernel/sched/core.c
|
||||
+++ debian-kernel/kernel/sched/core.c
|
||||
@@ -4667,6 +4667,7 @@ int can_nice(const struct task_struct *p
|
||||
return (nice_rlim <= task_rlimit(p, RLIMIT_NICE) ||
|
||||
capable(CAP_SYS_NICE));
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(can_nice);
|
||||
|
||||
#ifdef __ARCH_WANT_SYS_NICE
|
||||
|
||||
Index: debian-kernel/kernel/signal.c
|
||||
===================================================================
|
||||
--- debian-kernel.orig/kernel/signal.c
|
||||
+++ debian-kernel/kernel/signal.c
|
||||
@@ -1396,6 +1396,7 @@ struct sighand_struct *__lock_task_sigha
|
||||
|
||||
return sighand;
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(__lock_task_sighand);
|
||||
|
||||
/*
|
||||
* send signal info to all the members of a group
|
||||
Index: debian-kernel/kernel/task_work.c
|
||||
===================================================================
|
||||
--- debian-kernel.orig/kernel/task_work.c
|
||||
+++ debian-kernel/kernel/task_work.c
|
||||
@@ -52,6 +52,7 @@ task_work_add(struct task_struct *task,
|
||||
|
||||
return 0;
|
||||
}
|
||||
+EXPORT_SYMBOL(task_work_add);
|
||||
|
||||
/**
|
||||
* task_work_cancel - cancel a pending work added by task_work_add()
|
||||
Index: debian-kernel/mm/memory.c
|
||||
===================================================================
|
||||
--- debian-kernel.orig/mm/memory.c
|
||||
+++ debian-kernel/mm/memory.c
|
||||
@@ -1367,6 +1367,7 @@ void zap_page_range(struct vm_area_struc
|
||||
mmu_notifier_invalidate_range_end(&range);
|
||||
tlb_finish_mmu(&tlb, start, range.end);
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(zap_page_range);
|
||||
|
||||
/**
|
||||
* zap_page_range_single - remove user pages in a given range
|
||||
Index: debian-kernel/mm/shmem.c
|
||||
===================================================================
|
||||
--- debian-kernel.orig/mm/shmem.c
|
||||
+++ debian-kernel/mm/shmem.c
|
||||
@@ -4158,6 +4158,7 @@ int shmem_zero_setup(struct vm_area_stru
|
||||
|
||||
return 0;
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(shmem_zero_setup);
|
||||
|
||||
/**
|
||||
* shmem_read_mapping_page_gfp - read into page cache, using specified page allocation flags.
|
||||
Index: debian-kernel/mm/vmalloc.c
|
||||
===================================================================
|
||||
--- debian-kernel.orig/mm/vmalloc.c
|
||||
+++ debian-kernel/mm/vmalloc.c
|
||||
@@ -1278,6 +1278,7 @@ overflow:
|
||||
kmem_cache_free(vmap_area_cachep, va);
|
||||
return ERR_PTR(-EBUSY);
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(map_kernel_range_noflush);
|
||||
|
||||
int register_vmap_purge_notifier(struct notifier_block *nb)
|
||||
{
|
||||
@@ -2147,6 +2148,7 @@ struct vm_struct *get_vm_area(unsigned l
|
||||
NUMA_NO_NODE, GFP_KERNEL,
|
||||
__builtin_return_address(0));
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(get_vm_area);
|
||||
|
||||
struct vm_struct *get_vm_area_caller(unsigned long size, unsigned long flags,
|
||||
const void *caller)
|
||||
Index: debian-kernel/security/security.c
|
||||
===================================================================
|
||||
--- debian-kernel.orig/security/security.c
|
||||
+++ debian-kernel/security/security.c
|
||||
@@ -725,24 +725,28 @@ int security_binder_set_context_mgr(stru
|
||||
{
|
||||
return call_int_hook(binder_set_context_mgr, 0, mgr);
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(security_binder_set_context_mgr);
|
||||
|
||||
int security_binder_transaction(struct task_struct *from,
|
||||
struct task_struct *to)
|
||||
{
|
||||
return call_int_hook(binder_transaction, 0, from, to);
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(security_binder_transaction);
|
||||
|
||||
int security_binder_transfer_binder(struct task_struct *from,
|
||||
struct task_struct *to)
|
||||
{
|
||||
return call_int_hook(binder_transfer_binder, 0, from, to);
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(security_binder_transfer_binder);
|
||||
|
||||
int security_binder_transfer_file(struct task_struct *from,
|
||||
struct task_struct *to, struct file *file)
|
||||
{
|
||||
return call_int_hook(binder_transfer_file, 0, from, to, file);
|
||||
}
|
||||
+EXPORT_SYMBOL_GPL(security_binder_transfer_file);
|
||||
|
||||
int security_ptrace_access_check(struct task_struct *child, unsigned int mode)
|
||||
{
|
||||
Loading…
Reference in a new issue