beenull/linux-surface
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Update additional Debian patches for v5.11

Browse source
This commit is contained in:
Maximilian Luz 2021-03-04 16:12:32 +01:00
parent f2505ee84a
commit b672e7faf2
No known key found for this signature in database
GPG key ID: 70EC0937F6C26F02
3 changed files with 162 additions and 223 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

129
pkg/debian/kernel/0001-Export-symbols-needed-by-Android-drivers.patch Normal file
View file

@ -0,0 +1,129 @@
From 50229d157d311b63268eaccbfec669da0dbb516c Mon Sep 17 00:00:00 2001
From: Ben Hutchings <ben@decadent.org.uk>
Date: Mon, 7 Sep 2020 02:51:53 +0100
Subject: [PATCH 1/2] Export symbols needed by Android drivers
We want to enable use of the Android ashmem and binder drivers to
support Anbox, but they should not be built-in as that would waste
resources and increase security attack surface on systems that don't
need them.
Export the currently un-exported symbols they depend on.
---
fs/file.c | 1 +
kernel/fork.c | 1 +
kernel/sched/core.c | 1 +
kernel/task_work.c | 1 +
mm/memory.c | 1 +
mm/shmem.c | 1 +
security/security.c | 4 ++++
7 files changed, 10 insertions(+)
diff --git a/fs/file.c b/fs/file.c
index dab120b71e44..ed2ec6ecc466 100644
--- a/fs/file.c
+++ b/fs/file.c
@@ -761,6 +761,7 @@ int close_fd_get_file(unsigned int fd, struct file **res)
*res = NULL;
return -ENOENT;
}
+EXPORT_SYMBOL(__close_fd_get_file);
void do_close_on_exec(struct files_struct *files)
{
diff --git a/kernel/fork.c b/kernel/fork.c
index d66cd1014211..ff215b3fdb15 100644
--- a/kernel/fork.c
+++ b/kernel/fork.c
@@ -1120,6 +1120,7 @@ void mmput_async(struct mm_struct *mm)
schedule_work(&mm->async_put_work);
}
}
+EXPORT_SYMBOL_GPL(mmput_async);
#endif
/**
diff --git a/kernel/sched/core.c b/kernel/sched/core.c
index ff74fca39ed2..943239122b29 100644
--- a/kernel/sched/core.c
+++ b/kernel/sched/core.c
@@ -5575,6 +5575,7 @@ int can_nice(const struct task_struct *p, const int nice)
return (nice_rlim <= task_rlimit(p, RLIMIT_NICE) ||
capable(CAP_SYS_NICE));
}
+EXPORT_SYMBOL_GPL(can_nice);
#ifdef __ARCH_WANT_SYS_NICE
diff --git a/kernel/task_work.c b/kernel/task_work.c
index 9cde961875c0..5c8dea45d4f8 100644
--- a/kernel/task_work.c
+++ b/kernel/task_work.c
@@ -57,6 +57,7 @@ int task_work_add(struct task_struct *task, struct callback_head *work,
return 0;
}
+EXPORT_SYMBOL(task_work_add);
/**
* task_work_cancel - cancel a pending work added by task_work_add()
diff --git a/mm/memory.c b/mm/memory.c
index feff48e1465a..9e9b0fd92e38 100644
--- a/mm/memory.c
+++ b/mm/memory.c
@@ -1542,6 +1542,7 @@ void zap_page_range(struct vm_area_struct *vma, unsigned long start,
mmu_notifier_invalidate_range_end(&range);
tlb_finish_mmu(&tlb, start, range.end);
}
+EXPORT_SYMBOL_GPL(zap_page_range);
/**
* zap_page_range_single - remove user pages in a given range
diff --git a/mm/shmem.c b/mm/shmem.c
index 7c6b6d8f6c39..83151e1345e6 100644
--- a/mm/shmem.c
+++ b/mm/shmem.c
@@ -4287,6 +4287,7 @@ int shmem_zero_setup(struct vm_area_struct *vma)
return 0;
}
+EXPORT_SYMBOL_GPL(shmem_zero_setup);
/**
* shmem_read_mapping_page_gfp - read into page cache, using specified page allocation flags.
diff --git a/security/security.c b/security/security.c
index 7b09cfbae94f..5eaec62c51f2 100644
--- a/security/security.c
+++ b/security/security.c
@@ -727,24 +727,28 @@ int security_binder_set_context_mgr(struct task_struct *mgr)
{
return call_int_hook(binder_set_context_mgr, 0, mgr);
}
+EXPORT_SYMBOL_GPL(security_binder_set_context_mgr);
int security_binder_transaction(struct task_struct *from,
struct task_struct *to)
{
return call_int_hook(binder_transaction, 0, from, to);
}
+EXPORT_SYMBOL_GPL(security_binder_transaction);
int security_binder_transfer_binder(struct task_struct *from,
struct task_struct *to)
{
return call_int_hook(binder_transfer_binder, 0, from, to);
}
+EXPORT_SYMBOL_GPL(security_binder_transfer_binder);
int security_binder_transfer_file(struct task_struct *from,
struct task_struct *to, struct file *file)
{
return call_int_hook(binder_transfer_file, 0, from, to, file);
}
+EXPORT_SYMBOL_GPL(security_binder_transfer_file);
int security_ptrace_access_check(struct task_struct *child, unsigned int mode)
{
--
2.30.1

63
pkg/debian/kernel/android-enable-building-ashmem-and-binder-as-modules.patch → pkg/debian/kernel/0002-android-Enable-building-ashmem-and-binder-as-modules.patch
View file

@ -1,7 +1,7 @@
From e2a9a34af4fd99de652638bfc0365aba284b95f8 Mon Sep 17 00:00:00 2001
From: Ben Hutchings <ben@decadent.org.uk> From: Ben Hutchings <ben@decadent.org.uk>
Date: Fri, 22 Jun 2018 17:27:00 +0100 Date: Fri, 22 Jun 2018 17:27:00 +0100
Subject: android: Enable building ashmem and binder as modules Subject: [PATCH 2/2] android: Enable building ashmem and binder as modules
Bug-Debian: https://bugs.debian.org/901492
We want to enable use of the Android ashmem and binder drivers to We want to enable use of the Android ashmem and binder drivers to
support Anbox, but they should not be built-in as that would waste support Anbox, but they should not be built-in as that would waste
@ -21,10 +21,10 @@ need them.
drivers/staging/android/ashmem.c | 3 +++ drivers/staging/android/ashmem.c | 3 +++
6 files changed, 12 insertions(+), 7 deletions(-) 6 files changed, 12 insertions(+), 7 deletions(-)
Index: debian-kernel/drivers/android/Kconfig diff --git a/drivers/android/Kconfig b/drivers/android/Kconfig
=================================================================== index 53b22e26266c..f3c50236e8d1 100644
--- debian-kernel.orig/drivers/android/Kconfig --- a/drivers/android/Kconfig
+++ debian-kernel/drivers/android/Kconfig +++ b/drivers/android/Kconfig
@@ -9,7 +9,7 @@ config ANDROID @@ -9,7 +9,7 @@ config ANDROID
if ANDROID if ANDROID
@ -34,10 +34,10 @@ Index: debian-kernel/drivers/android/Kconfig
depends on MMU depends on MMU
default n default n
help help
Index: debian-kernel/drivers/android/Makefile diff --git a/drivers/android/Makefile b/drivers/android/Makefile
=================================================================== index c9d3d0c99c25..55411d9a9c2a 100644
--- debian-kernel.orig/drivers/android/Makefile --- a/drivers/android/Makefile
+++ debian-kernel/drivers/android/Makefile +++ b/drivers/android/Makefile
@@ -1,6 +1,7 @@ @@ -1,6 +1,7 @@
# SPDX-License-Identifier: GPL-2.0-only # SPDX-License-Identifier: GPL-2.0-only
ccflags-y += -I$(src) # needed for trace events ccflags-y += -I$(src) # needed for trace events
@ -49,10 +49,10 @@ Index: debian-kernel/drivers/android/Makefile
+binder_linux-y := binder.o binder_alloc.o +binder_linux-y := binder.o binder_alloc.o
+binder_linux-$(CONFIG_ANDROID_BINDERFS) += binderfs.o +binder_linux-$(CONFIG_ANDROID_BINDERFS) += binderfs.o
+binder_linux-$(CONFIG_ANDROID_BINDER_IPC_SELFTEST) += binder_alloc_selftest.o +binder_linux-$(CONFIG_ANDROID_BINDER_IPC_SELFTEST) += binder_alloc_selftest.o
Index: debian-kernel/drivers/android/binder_alloc.c diff --git a/drivers/android/binder_alloc.c b/drivers/android/binder_alloc.c
=================================================================== index 7caf74ad2405..9202a44bd55d 100644
--- debian-kernel.orig/drivers/android/binder_alloc.c --- a/drivers/android/binder_alloc.c
+++ debian-kernel/drivers/android/binder_alloc.c +++ b/drivers/android/binder_alloc.c
@@ -38,7 +38,7 @@ enum { @@ -38,7 +38,7 @@ enum {
}; };
static uint32_t binder_alloc_debug_mask = BINDER_DEBUG_USER_ERROR; static uint32_t binder_alloc_debug_mask = BINDER_DEBUG_USER_ERROR;
@ -62,10 +62,10 @@ Index: debian-kernel/drivers/android/binder_alloc.c
uint, 0644); uint, 0644);
#define binder_alloc_debug(mask, x...) \ #define binder_alloc_debug(mask, x...) \
Index: debian-kernel/drivers/staging/android/Kconfig diff --git a/drivers/staging/android/Kconfig b/drivers/staging/android/Kconfig
=================================================================== index 70498adb1575..5c35653ed36d 100644
--- debian-kernel.orig/drivers/staging/android/Kconfig --- a/drivers/staging/android/Kconfig
+++ debian-kernel/drivers/staging/android/Kconfig +++ b/drivers/staging/android/Kconfig
@@ -4,7 +4,7 @@ menu "Android" @@ -4,7 +4,7 @@ menu "Android"
if ANDROID if ANDROID
@ -75,21 +75,21 @@ Index: debian-kernel/drivers/staging/android/Kconfig
depends on SHMEM depends on SHMEM
help help
The ashmem subsystem is a new shared memory allocator, similar to The ashmem subsystem is a new shared memory allocator, similar to
Index: debian-kernel/drivers/staging/android/Makefile diff --git a/drivers/staging/android/Makefile b/drivers/staging/android/Makefile
=================================================================== index e9a55a5e6529..60cb8eacc793 100644
--- debian-kernel.orig/drivers/staging/android/Makefile --- a/drivers/staging/android/Makefile
+++ debian-kernel/drivers/staging/android/Makefile +++ b/drivers/staging/android/Makefile
@@ -3,4 +3,5 @@ ccflags-y += -I$(src) # needed for tra @@ -1,4 +1,5 @@
# SPDX-License-Identifier: GPL-2.0
obj-y += ion/ ccflags-y += -I$(src) # needed for trace events
-obj-$(CONFIG_ASHMEM) += ashmem.o -obj-$(CONFIG_ASHMEM) += ashmem.o
+obj-$(CONFIG_ASHMEM) += ashmem_linux.o +obj-$(CONFIG_ASHMEM) += ashmem_linux.o
+ashmem_linux-y += ashmem.o +ashmem_linux-y += ashmem.o
Index: debian-kernel/drivers/staging/android/ashmem.c diff --git a/drivers/staging/android/ashmem.c b/drivers/staging/android/ashmem.c
=================================================================== index 4789d36ddfd3..f86efd3da373 100644
--- debian-kernel.orig/drivers/staging/android/ashmem.c --- a/drivers/staging/android/ashmem.c
+++ debian-kernel/drivers/staging/android/ashmem.c +++ b/drivers/staging/android/ashmem.c
@@ -24,6 +24,7 @@ @@ -24,6 +24,7 @@
#include <linux/bitops.h> #include <linux/bitops.h>
#include <linux/mutex.h> #include <linux/mutex.h>
@ -98,9 +98,12 @@ Index: debian-kernel/drivers/staging/android/ashmem.c
#include "ashmem.h" #include "ashmem.h"
#define ASHMEM_NAME_PREFIX "dev/ashmem/" #define ASHMEM_NAME_PREFIX "dev/ashmem/"
@@ -953,3 +954,5 @@ out: @@ -965,3 +966,5 @@ static int __init ashmem_init(void)
return ret; return ret;
} }
device_initcall(ashmem_init); device_initcall(ashmem_init);
+ +
+MODULE_LICENSE("GPL v2"); +MODULE_LICENSE("GPL v2");
--
2.30.1

193
pkg/debian/kernel/export-symbols-needed-by-android-drivers.patch
View file

@ -1,193 +0,0 @@
From: Ben Hutchings <ben@decadent.org.uk>
Date: Tue, 26 Jun 2018 16:59:01 +0100
Subject: Export symbols needed by Android drivers
Bug-Debian: https://bugs.debian.org/901492
We want to enable use of the Android ashmem and binder drivers to
support Anbox, but they should not be built-in as that would waste
resources and increase security attack surface on systems that don't
need them.
Export the currently un-exported symbols they depend on.
---
fs/file.c | 5 +++++
kernel/fork.c | 1 +
kernel/sched/core.c | 1 +
kernel/signal.c | 1 +
kernel/task_work.c | 1 +
mm/memory.c | 1 +
mm/shmem.c | 1 +
mm/vmalloc.c | 2 ++
security/security.c | 4 ++++
9 files changed, 17 insertions(+)
Index: debian-kernel/fs/file.c
===================================================================
--- debian-kernel.orig/fs/file.c
+++ debian-kernel/fs/file.c
@@ -409,6 +409,7 @@ struct files_struct *get_files_struct(st
return files;
}
+EXPORT_SYMBOL_GPL(get_files_struct);
void put_files_struct(struct files_struct *files)
{
@@ -421,6 +422,7 @@ void put_files_struct(struct files_struc
kmem_cache_free(files_cachep, files);
}
}
+EXPORT_SYMBOL_GPL(put_files_struct);
void reset_files_struct(struct files_struct *files)
{
@@ -534,6 +536,7 @@ out:
spin_unlock(&files->file_lock);
return error;
}
+EXPORT_SYMBOL_GPL(__alloc_fd);
static int alloc_fd(unsigned start, unsigned flags)
{
@@ -612,6 +615,7 @@ void __fd_install(struct files_struct *f
rcu_assign_pointer(fdt->fd[fd], file);
rcu_read_unlock_sched();
}
+EXPORT_SYMBOL_GPL(__fd_install);
void fd_install(unsigned int fd, struct file *file)
{
@@ -676,6 +680,7 @@ out_unlock:
*res = NULL;
return -ENOENT;
}
+EXPORT_SYMBOL(__close_fd_get_file);
void do_close_on_exec(struct files_struct *files)
{
Index: debian-kernel/kernel/fork.c
===================================================================
--- debian-kernel.orig/kernel/fork.c
+++ debian-kernel/kernel/fork.c
@@ -1131,6 +1131,7 @@ void mmput_async(struct mm_struct *mm)
schedule_work(&mm->async_put_work);
}
}
+EXPORT_SYMBOL_GPL(mmput_async);
#endif
/**
Index: debian-kernel/kernel/sched/core.c
===================================================================
--- debian-kernel.orig/kernel/sched/core.c
+++ debian-kernel/kernel/sched/core.c
@@ -4667,6 +4667,7 @@ int can_nice(const struct task_struct *p
return (nice_rlim <= task_rlimit(p, RLIMIT_NICE) ||
capable(CAP_SYS_NICE));
}
+EXPORT_SYMBOL_GPL(can_nice);
#ifdef __ARCH_WANT_SYS_NICE
Index: debian-kernel/kernel/signal.c
===================================================================
--- debian-kernel.orig/kernel/signal.c
+++ debian-kernel/kernel/signal.c
@@ -1396,6 +1396,7 @@ struct sighand_struct *__lock_task_sigha
return sighand;
}
+EXPORT_SYMBOL_GPL(__lock_task_sighand);
/*
* send signal info to all the members of a group
Index: debian-kernel/kernel/task_work.c
===================================================================
--- debian-kernel.orig/kernel/task_work.c
+++ debian-kernel/kernel/task_work.c
@@ -52,6 +52,7 @@ task_work_add(struct task_struct *task,
return 0;
}
+EXPORT_SYMBOL(task_work_add);
/**
* task_work_cancel - cancel a pending work added by task_work_add()
Index: debian-kernel/mm/memory.c
===================================================================
--- debian-kernel.orig/mm/memory.c
+++ debian-kernel/mm/memory.c
@@ -1367,6 +1367,7 @@ void zap_page_range(struct vm_area_struc
mmu_notifier_invalidate_range_end(&range);
tlb_finish_mmu(&tlb, start, range.end);
}
+EXPORT_SYMBOL_GPL(zap_page_range);
/**
* zap_page_range_single - remove user pages in a given range
Index: debian-kernel/mm/shmem.c
===================================================================
--- debian-kernel.orig/mm/shmem.c
+++ debian-kernel/mm/shmem.c
@@ -4158,6 +4158,7 @@ int shmem_zero_setup(struct vm_area_stru
return 0;
}
+EXPORT_SYMBOL_GPL(shmem_zero_setup);
/**
* shmem_read_mapping_page_gfp - read into page cache, using specified page allocation flags.
Index: debian-kernel/mm/vmalloc.c
===================================================================
--- debian-kernel.orig/mm/vmalloc.c
+++ debian-kernel/mm/vmalloc.c
@@ -1278,6 +1278,7 @@ overflow:
kmem_cache_free(vmap_area_cachep, va);
return ERR_PTR(-EBUSY);
}
+EXPORT_SYMBOL_GPL(map_kernel_range_noflush);
int register_vmap_purge_notifier(struct notifier_block *nb)
{
@@ -2147,6 +2148,7 @@ struct vm_struct *get_vm_area(unsigned l
NUMA_NO_NODE, GFP_KERNEL,
__builtin_return_address(0));
}
+EXPORT_SYMBOL_GPL(get_vm_area);
struct vm_struct *get_vm_area_caller(unsigned long size, unsigned long flags,
const void *caller)
Index: debian-kernel/security/security.c
===================================================================
--- debian-kernel.orig/security/security.c
+++ debian-kernel/security/security.c
@@ -725,24 +725,28 @@ int security_binder_set_context_mgr(stru
{
return call_int_hook(binder_set_context_mgr, 0, mgr);
}
+EXPORT_SYMBOL_GPL(security_binder_set_context_mgr);
int security_binder_transaction(struct task_struct *from,
struct task_struct *to)
{
return call_int_hook(binder_transaction, 0, from, to);
}
+EXPORT_SYMBOL_GPL(security_binder_transaction);
int security_binder_transfer_binder(struct task_struct *from,
struct task_struct *to)
{
return call_int_hook(binder_transfer_binder, 0, from, to);
}
+EXPORT_SYMBOL_GPL(security_binder_transfer_binder);
int security_binder_transfer_file(struct task_struct *from,
struct task_struct *to, struct file *file)
{
return call_int_hook(binder_transfer_file, 0, from, to, file);
}
+EXPORT_SYMBOL_GPL(security_binder_transfer_file);
int security_ptrace_access_check(struct task_struct *child, unsigned int mode)
{