The point where sid and master diverged was 5.3.7-1 plus some
unreleased changes. We now have those changes listed for both
the released 5.3.9-1 and unreleased 5.4~rc8-1~exp1. Delete
them from the latter entry.
Exported symbols can now be defined to belong to a specific namespace,
and Module.symvers includes this as an additional field between name
and module.
The namespace can be an empty string, so when reading we need to split
fields on '\t' and not the default of one-or-more-whitespace. We then
also need to separate fields with '\t' when writing an ABI reference.
Namespaces are intended for grouping symbols exported for use by
groups of in-tree modules, and we ought to add support for ignoring
ABI changes on this basis. For now, just add it as an attribute of
Symbol which is compared when checking for ABI changes.
The major differences from the previous version we had to the upstream
version are:
* It is now implemented as an LSM
* Lockdown mode is split into "integrity" and "confidentiality" levels
* It is not triggered by EFI Secure Boot, so we need to keep adding the
patches that do that (and update them to work on top of the LSM)
* There is no option to disable it through SysRq, so we need to keep
adding the patch that does that
* Two redundant checks were dropped - in uswsusp, redundant with
hibernation_available(); and in APEI error injection, redundant with
debugfs_is_locked_down()
Also update the other patches that were never part of the main
lockdown patch set.
Fixes FTBFS on these architectures. Unfortunately KVM is non-modular
on arm and arm64, and only partly modular on powerpc, so we need to
use symbol name matching.
This patch had no space at the beginning of the context lines.
quilt/patch accepts "\t" at the beginning as equivalent to " \t", but
dpkg-source does not.
For some reason this debug option uses V4L to expose informaton. We
don't want to include V4L in the installer, so disable it. Use the
top-level config for this driver instead.
Discussed in merge request kernel-team/linux!176
This is used in multiple chromebooks for both touchpad and
touchscreen. It's also available on both amd64 and arm64 ones. On my
machine it doesn't work without i2c-rk3x, but works somewhat good with
it. Touchscreen works, touchpad buttons can click but it can not move
the mouse.
See merge request kernel-team/linux!176
* Drop "KVM: vmx, svm: always run with EFER.NXE=1 when shadow paging is
active" which is included in 5.3.9
* Resolve textual conflicts in debian/changelog and debian/patches/series
These are selected by SYSTEM_DATA_VERIFICATION, which is in turn
selected by MODULE_SIG and CFG80211_REQUIRE_SIGNED_REGDB. So far as I
can see, one or both of MODULE_SIG and CFG80211_REQUIRE_SIGNED_REGDB
are enabled in all configs except m68k.
It would be nice if we could avoid this on armel/marvell, but I don't
think that's going to be practical.
The root cause of this bug seems to be a problem with the Yubikey
or its supporting software, but since we've only seen it once so far
it seems likely that it will affect the next package version.
