kernel: purge unused patches

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
2026-04-18 23:12:59 +02:00 · 2023-11-24 15:45:01 +01:00
parent 95f9d9350d
commit 9c969555f1
4 changed files with 0 additions and 244 deletions
--- a/src/patches/linux/devtmpfs-mount-with-noexec-and-nosuid.patch
+++ b/src/patches/linux/devtmpfs-mount-with-noexec-and-nosuid.patch
@@ -1,93 +0,0 @@
-From 28f0c335dd4a1a4b44b3e6c6402825a93132e1a4 Mon Sep 17 00:00:00 2001
-From: Kees Cook <keescook@chromium.org>
-Date: Wed, 22 Dec 2021 17:50:20 +0500
-Subject: devtmpfs: mount with noexec and nosuid
-
-devtmpfs is writable. Add the noexec and nosuid as default mount flags
-to prevent code execution from /dev. The systems who don't use systemd
-and who rely on CONFIG_DEVTMPFS_MOUNT=y are the ones to be protected by
-this patch. Other systems are fine with the udev solution.
-
-No sane program should be relying on executing from /dev. So this patch
-reduces the attack surface. It doesn't prevent any specific attack, but
-it reduces the possibility that someone can use /dev as a place to put
-executable code. Chrome OS has been carrying this patch for several
-years. It seems trivial and simple solution to improve the protection of
-/dev when CONFIG_DEVTMPFS_MOUNT=y.
-
-Original patch:
-https://lore.kernel.org/lkml/20121120215059.GA1859@www.outflux.net/
-
-Cc: ellyjones@chromium.org
-Cc: Kay Sievers <kay@vrfy.org>
-Cc: Roland Eggner <edvx1@systemanalysen.net>
-Co-developed-by: Muhammad Usama Anjum <usama.anjum@collabora.com>
-Signed-off-by: Kees Cook <keescook@chromium.org>
-Signed-off-by: Muhammad Usama Anjum <usama.anjum@collabora.com>
-Link: https://lore.kernel.org/r/YcMfDOyrg647RCmd@debian-BULLSEYE-live-builder-AMD64
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
- drivers/base/Kconfig    | 11 +++++++++++
- drivers/base/devtmpfs.c | 10 ++++++++--
- 2 files changed, 19 insertions(+), 2 deletions(-)
-
-diff --git a/drivers/base/Kconfig b/drivers/base/Kconfig
-index ffcbe2bc460eb..6f04b831a5c04 100644
--- a/drivers/base/Kconfig
-+++ b/drivers/base/Kconfig
-@@ -62,6 +62,17 @@ config DEVTMPFS_MOUNT
- 	  rescue mode with init=/bin/sh, even when the /dev directory
- 	  on the rootfs is completely empty.
- 
-+config DEVTMPFS_SAFE
-+	bool "Use nosuid,noexec mount options on devtmpfs"
-+	depends on DEVTMPFS
-+	help
-+	  This instructs the kernel to include the MS_NOEXEC and MS_NOSUID mount
-+	  flags when mounting devtmpfs.
-+
-+	  Notice: If enabled, things like /dev/mem cannot be mmapped
-+	  with the PROT_EXEC flag. This can break, for example, non-KMS
-+	  video drivers.
-+
- config STANDALONE
- 	bool "Select only drivers that don't need compile-time external firmware"
- 	default y
-diff --git a/drivers/base/devtmpfs.c b/drivers/base/devtmpfs.c
-index 8be352ab4ddbf..1e2c2d3882e2c 100644
--- a/drivers/base/devtmpfs.c
-+++ b/drivers/base/devtmpfs.c
-@@ -29,6 +29,12 @@
- #include <uapi/linux/mount.h>
- #include "base.h"
- 
-+#ifdef CONFIG_DEVTMPFS_SAFE
-+#define DEVTMPFS_MFLAGS       (MS_SILENT | MS_NOEXEC | MS_NOSUID)
-+#else
-+#define DEVTMPFS_MFLAGS       (MS_SILENT)
-+#endif
-+
- static struct task_struct *thread;
- 
- static int __initdata mount_dev = IS_ENABLED(CONFIG_DEVTMPFS_MOUNT);
-@@ -363,7 +369,7 @@ int __init devtmpfs_mount(void)
- 	if (!thread)
- 		return 0;
- 
-	err = init_mount("devtmpfs", "dev", "devtmpfs", MS_SILENT, NULL);
-+	err = init_mount("devtmpfs", "dev", "devtmpfs", DEVTMPFS_MFLAGS, NULL);
- 	if (err)
- 		printk(KERN_INFO "devtmpfs: error mounting %i\n", err);
- 	else
-@@ -412,7 +418,7 @@ static noinline int __init devtmpfs_setup(void *p)
- 	err = ksys_unshare(CLONE_NEWNS);
- 	if (err)
- 		goto out;
-	err = init_mount("devtmpfs", "/", "devtmpfs", MS_SILENT, NULL);
-+	err = init_mount("devtmpfs", "/", "devtmpfs", DEVTMPFS_MFLAGS, NULL);
- 	if (err)
- 		goto out;
- 	init_chdir("/.."); /* will traverse into overmounted root */
-- 
-cgit 
-
--- a/src/patches/linux/linux-4.9.8_cs5535audio_fix_logspam_on_geos.patch
+++ b/src/patches/linux/linux-4.9.8_cs5535audio_fix_logspam_on_geos.patch
@@ -1,31 +0,0 @@
-diff -Naur linux-4.9.8.org/sound/pci/cs5535audio/cs5535audio.c linux-4.9.8/sound/pci/cs5535audio/cs5535audio.c
--- linux-4.9.8.org/sound/pci/cs5535audio/cs5535audio.c	2017-02-04 09:47:29.000000000 +0100
-+++ linux-4.9.8/sound/pci/cs5535audio/cs5535audio.c	2017-02-09 19:24:55.658297050 +0100
-@@ -83,9 +83,9 @@
- 			break;
- 		udelay(1);
- 	} while (--timeout);
-	if (!timeout)
-		dev_err(cs5535au->card->dev,
-			"Failure writing to cs5535 codec\n");
-+//	if (!timeout)
-+//		dev_err(cs5535au->card->dev,
-+//			"Failure writing to cs5535 codec\n");
- }
- 
- static unsigned short snd_cs5535audio_codec_read(struct cs5535audio *cs5535au,
-@@ -109,10 +109,10 @@
- 			break;
- 		udelay(1);
- 	} while (--timeout);
-	if (!timeout)
-		dev_err(cs5535au->card->dev,
-			"Failure reading codec reg 0x%x, Last value=0x%x\n",
-			reg, val);
-+//	if (!timeout)
-+//		dev_err(cs5535au->card->dev,
-+//			"Failure reading codec reg 0x%x, Last value=0x%x\n",
-+//			reg, val);
- 
- 	return (unsigned short) val;
- }
--- a/src/patches/linux/linux-5-15-arm64-dpaa2-add-support-for-10g-modes.patch
+++ b/src/patches/linux/linux-5-15-arm64-dpaa2-add-support-for-10g-modes.patch
@@ -1,39 +0,0 @@
-From c314138bd045e050432158ab021160de3ba51c5e Mon Sep 17 00:00:00 2001
-From: Russell King <rmk+kernel@armlinux.org.uk>
-Date: Thu, 30 Jan 2020 22:42:38 +0000
-Subject: [PATCH 2/4] net: dpaa2-mac: add support for more 10G modes
-
-Phylink documentation says:
- * Note that the PHY may be able to transform from one connection
- * technology to another, so, eg, don't clear 1000BaseX just
- * because the MAC is unable to BaseX mode. This is more about
- * clearing unsupported speeds and duplex settings. The port modes
- * should not be cleared; phylink_set_port_modes() will help with this.
-
-So add the missing 10G modes.
-
-Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
---
- drivers/net/ethernet/freescale/dpaa2/dpaa2-mac.c | 6 ++++++
- 1 file changed, 6 insertions(+)
-
-diff --git a/drivers/net/ethernet/freescale/dpaa2/dpaa2-mac.c b/drivers/net/ethernet/freescale/dpaa2/dpaa2-mac.c
-index 8fe32ed4f6dc..3be849cee47b 100644
--- a/drivers/net/ethernet/freescale/dpaa2/dpaa2-mac.c
-+++ b/drivers/net/ethernet/freescale/dpaa2/dpaa2-mac.c
-@@ -140,6 +140,12 @@ static void dpaa2_mac_validate(struct phylink_config *config,
- 	case PHY_INTERFACE_MODE_10GBASER:
- 	case PHY_INTERFACE_MODE_USXGMII:
- 		phylink_set(mask, 10000baseT_Full);
-+		phylink_set(mask, 10000baseKR_Full);
-+		phylink_set(mask, 10000baseCR_Full);
-+		phylink_set(mask, 10000baseSR_Full);
-+		phylink_set(mask, 10000baseLR_Full);
-+		phylink_set(mask, 10000baseLRM_Full);
-+		phylink_set(mask, 10000baseER_Full);
- 		if (state->interface == PHY_INTERFACE_MODE_10GBASER)
- 			break;
- 		phylink_set(mask, 5000baseT_Full);
-- 
-2.30.1
-
--- a/src/patches/linux/linux-5.15-arm64-dpaa2-fix-lock-issue.patch
+++ b/src/patches/linux/linux-5.15-arm64-dpaa2-fix-lock-issue.patch
@@ -1,81 +0,0 @@
-From 3a39dbe0c0c41f8dba5246ce6e2c5c4bcd6ba661 Mon Sep 17 00:00:00 2001
-From: Ioana Ciornei <ioana.ciornei@nxp.com>
-Date: Thu, 21 Nov 2019 21:15:25 +0200
-Subject: [PATCH 1/4] dpaa2-eth: do not hold rtnl_lock on phylink_create() or
- _destroy()
-
-The rtnl_lock should not be held when calling phylink_create() or
-phylink_destroy() since it leads to the deadlock listed below:
-
-[   18.656576]  rtnl_lock+0x18/0x20
-[   18.659798]  sfp_bus_add_upstream+0x28/0x90
-[   18.663974]  phylink_create+0x2cc/0x828
-[   18.667803]  dpaa2_mac_connect+0x14c/0x2a8
-[   18.671890]  dpaa2_eth_connect_mac+0x94/0xd8
-
-Fix this by moving the _lock() and _unlock() calls just outside of
-phylink_of_phy_connect() and phylink_disconnect_phy().
-
-Fixes: 719479230893 ("dpaa2-eth: add MAC/PHY support through phylink")
-Reported-by: Russell King <linux@armlinux.org.uk>
-Signed-off-by: Ioana Ciornei <ioana.ciornei@nxp.com>
-Signed-off-by: Russell King <rmk+kernel@armlinux.org.uk>
---
- drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.c | 4 ----
- drivers/net/ethernet/freescale/dpaa2/dpaa2-mac.c | 4 ++++
- 2 files changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.c b/drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.c
-index 8b7a29e1e221..20e65053f036 100644
--- a/drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.c
-+++ b/drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.c
-@@ -4214,12 +4214,10 @@ static irqreturn_t dpni_irq0_handler_thread(int irq_num, void *arg)
- 		dpaa2_eth_set_mac_addr(netdev_priv(net_dev));
- 		dpaa2_eth_update_tx_fqids(priv);
- 
-		rtnl_lock();
- 		if (dpaa2_eth_has_mac(priv))
- 			dpaa2_eth_disconnect_mac(priv);
- 		else
- 			dpaa2_eth_connect_mac(priv);
-		rtnl_unlock();
- 	}
- 
- 	return IRQ_HANDLED;
-@@ -4513,9 +4511,7 @@ static int dpaa2_eth_remove(struct fsl_mc_device *ls_dev)
- #endif
- 
- 	unregister_netdev(net_dev);
-	rtnl_lock();
- 	dpaa2_eth_disconnect_mac(priv);
-	rtnl_unlock();
- 
- 	dpaa2_eth_dl_port_del(priv);
- 	dpaa2_eth_dl_traps_unregister(priv);
-diff --git a/drivers/net/ethernet/freescale/dpaa2/dpaa2-mac.c b/drivers/net/ethernet/freescale/dpaa2/dpaa2-mac.c
-index ae6d382d8735..8fe32ed4f6dc 100644
--- a/drivers/net/ethernet/freescale/dpaa2/dpaa2-mac.c
-+++ b/drivers/net/ethernet/freescale/dpaa2/dpaa2-mac.c
-@@ -351,7 +351,9 @@ int dpaa2_mac_connect(struct dpaa2_mac *mac)
- 	if (mac->pcs)
- 		phylink_set_pcs(mac->phylink, &mac->pcs->pcs);
- 
-+	rtnl_lock();
- 	err = phylink_fwnode_phy_connect(mac->phylink, dpmac_node, 0);
-+	rtnl_unlock();
- 	if (err) {
- 		netdev_err(net_dev, "phylink_fwnode_phy_connect() = %d\n", err);
- 		goto err_phylink_destroy;
-@@ -372,7 +374,9 @@ void dpaa2_mac_disconnect(struct dpaa2_mac *mac)
- 	if (!mac->phylink)
- 		return;
- 
-+	rtnl_lock();
- 	phylink_disconnect_phy(mac->phylink);
-+	rtnl_unlock();
- 	phylink_destroy(mac->phylink);
- 	dpaa2_pcs_destroy(mac);
- }
-- 
-2.30.1
-