kernel-5.15

Djam/kernel-5.15

Fork 0

mirror of https://abf.rosa.ru/djam/kernel-5.15.git synced 2025-02-23 10:32:54 +00:00

Commit graph

784b256f80 Always generate a random GOST key for the kernel keyring (later add preinstalled trusted GOST keys) Mikhail Novosyolov 2020-03-18 23:36:11 +03:00
3148180250 Prepare to have the same kernel in Fresh/RED and certified distros: Mikhail Novosyolov 2020-03-18 22:20:03 +03:00
0313188174 delete incorrect patch Mikhail Novosyolov 2020-03-17 11:51:43 +03:00
2854a5a0a7 AltHa: add logging of allowed interpreters Mikhail Novosyolov 2020-03-17 00:31:54 +03:00
5f08ed1263 Add AltHa LSM Module Mikhail Novosyolov 2020-03-16 23:19:46 +03:00
88e63d63e7 Fix building UML on 32 bit (copy hack from non-UML) Mikhail Novosyolov 2020-03-16 19:38:59 +03:00
6b48b8dafb Disable GOST signing for now due to impossibility to make a correct signature untill libressl or openssl-gost-engine support GOST CMS Mikhail Novosyolov 2020-03-15 20:26:01 +03:00
c98134ffc6 Revert "Mix non-GOST RSA keys with GOST buildtime key in the kernel keyring" Mikhail Novosyolov 2020-03-15 17:08:18 +03:00
89974eea5f Mix non-GOST RSA keys with GOST buildtime key in the kernel keyring Mikhail Novosyolov 2020-03-15 14:55:26 +03:00
582758eb22 CRYPTO_ECRDSA must be built in to load kernel keyring and modules Mikhail Novosyolov 2020-03-15 13:15:38 +03:00
663de86aea decode future CONFIG_SYSTEM_TRUSTED_KEYS Mikhail Novosyolov 2020-03-14 22:02:48 +03:00
ad889a101f Do not package include/Kbuild Evgenii Shatokhin 2020-03-08 00:04:18 +03:00
caad8bc737 Fix objtool-related errors in 'make prepare' for devel packages Evgenii Shatokhin 2020-03-07 19:46:37 +03:00
974fbb224c More verbosity Mikhail Novosyolov 2020-03-14 13:49:15 +03:00
7dd0d4da5b upd: 5.4.6 -> 5.4.25 Mikhail Novosyolov 2020-03-13 23:26:47 +03:00
de78db5b2c Better regulation of CONFIG_DEBUGINFO*, make UML binary really not stripped Mikhail Novosyolov 2020-03-13 20:51:12 +03:00
b320b958ee Build UML (User Mode Linux) Mikhail Novosyolov 2020-03-13 20:35:12 +03:00
2e4f6dd1fc python-devel was renamed to python2-devel in rosa2019.1 Mikhail Novosyolov 2020-03-09 10:56:05 +03:00
2887e766e7 enable AutoProv Mikhail Novosyolov 2020-03-09 10:50:38 +03:00
227ff5c08b adapt for rpm4 Mikhail Novosyolov 2020-03-09 10:46:18 +03:00
64d2bf03ae Print debug messages to console/log Mikhail Novosyolov 2019-12-22 02:24:52 +03:00
833fec59c1 upd: 5.4.3 -> 5.4.6 Mikhail Novosyolov 2019-12-22 02:26:08 +03:00
6d5c9b98f5 aufs: do not export flush_delayed_fput() twice Evgenii Shatokhin 2019-12-15 22:37:36 +03:00
14ab754fe2 upd: 5.4.2 -> 5.4.3 Mikhail Novosyolov 2019-12-16 16:14:30 +03:00
06412a73ba Reenable AUFS Mikhail Novosyolov 2019-12-16 16:12:07 +03:00
34e76862b9 Updated configs and AUFS patch for kernel 5.4.3 Evgenii Shatokhin 2019-12-15 15:12:14 +03:00
f439835bb0 Upd to 5.4 series (v5.4.2), rediffed patches, disabled AUFS for now Mikhail Novosyolov 2019-12-11 21:21:05 +03:00
eb0db6c1dd allow unsigned modules Mikhail Novosyolov 2019-12-09 12:51:50 +03:00
12362ac8e3 Use GOST for signing kernel modules Mikhail Novosyolov 2019-12-07 21:57:55 +03:00
efe34d83a7 upd: 5.3.11 -> 5.3.15 Mikhail Novosyolov 2019-12-07 20:39:47 +03:00
cd6077c83d test libressl, step 1 Mikhail Novosyolov 2019-12-01 02:03:15 +03:00
c9df52aa4c Allow to rebuild allowing unsigned modules (needed for testing custom modules from rosa-test-suite e.g.) Mikhail Novosyolov 2019-11-21 21:17:42 +03:00
a71dd0a80d Use relative path to certs directory, use "" Mikhail Novosyolov 2019-11-19 16:37:20 +03:00
32ae7451b8 debug: print public certificates to log Mikhail Novosyolov 2019-11-19 00:24:49 +03:00
a7f7bf8598 Explicitly enable CONFIG_SYSTEM_EXTRA_CERTIFICATE (is enabled in Kconfig by default) Mikhail Novosyolov 2019-11-18 21:25:13 +03:00
aa3a5337f4 Use CONFIG_SYSTEM_TRUSTED_KEYS for propper configuration of trusted keys (currently no keys were trusted) Mikhail Novosyolov 2019-11-18 18:48:33 +03:00
81f0f6a4db Updated to version 5.3.11 Evgenii Shatokhin 2019-11-17 14:11:50 +03:00
722ec1fea5 Reenable CONFIG_MODULE_SIG_ALL=y Mikhail Novosyolov 2019-11-18 00:12:28 +03:00
e185c46feb Fix key valid till date, it was valid only for 30 days Mikhail Novosyolov 2019-11-17 19:12:14 +03:00
1d8979272b Add additional public keys to the list of trusted keys for kernel modules Mikhail Novosyolov 2019-11-17 16:56:39 +03:00
3d57d87ee7 Improve x509 config based on kernel's certs/Makefile Mikhail Novosyolov 2019-11-17 16:09:47 +03:00
179d4d367c Provide kernel-hardended if with enhanced_security Mikhail Novosyolov 2019-11-17 15:18:28 +03:00
eea783a594 Fix more copy-paste junk from desktop flavour Mikhail Novosyolov 2019-11-17 15:12:03 +03:00
236b8ce3a6 Avoid tricky shell construction Mikhail Novosyolov 2019-11-14 01:26:18 +03:00
3eca49b16a Enable wiping objects in RAM with enhanced_security Mikhail Novosyolov 2019-11-14 01:08:33 +03:00
95c7ee5355 Fix copy-paste typo (fix filelist of debuginfo package) Mikhail Novosyolov 2019-11-14 00:20:41 +03:00
b46067ee17 Manually sign modules after stripping Mikhail Novosyolov 2019-11-13 17:35:59 +03:00
2076e438cd Added more filters to kernel.rpmlintrc Evgenii Shatokhin 2019-07-29 18:47:55 +03:00
6e1e792676 enhanced_security logically conflicts with dkms Mikhail Novosyolov 2019-11-12 16:16:27 +03:00
9674247130 Enable debug what will also strip kernel modules Mikhail Novosyolov 2019-11-12 16:07:05 +03:00
26660b3500 strip kernel modules Alexander Stefanov 2019-11-12 15:41:56 +03:00
300bd5e2db Improve regexp for email Mikhail Novosyolov 2019-11-12 02:06:06 +03:00
cc3afd8669 Fix parsing hexdump output Mikhail Novosyolov 2019-11-12 01:32:36 +03:00
4dc2157aaa upd: 5.3.7 -> 5.3.10 Mikhail Novosyolov 2019-11-12 01:07:30 +03:00
f76f4d007e Off unneeded logging to decrease build log size Mikhail Novosyolov 2019-11-11 23:48:27 +03:00
9a76adb348 Better removal of private keys Mikhail Novosyolov 2019-11-11 22:27:50 +03:00
f8e79286b3 Rename from nrj-desktop to nickel if built with hardening Mikhail Novosyolov 2019-11-11 21:28:45 +03:00
f05348d4fa Verify that modules are signed (multithreaded) Mikhail Novosyolov 2019-11-11 21:16:01 +03:00
3a8564ce81 Implement signing kernel modules Mikhail Novosyolov 2019-11-11 17:47:53 +03:00
95836da65c Merge branch 'master' of abf.io:kernels_stable/kernel-5.3 Mikhail Novosyolov 2019-11-11 15:27:16 +03:00
5b69a49e46 Updated to version 5.3.7 Evgenii Shatokhin 2019-10-18 13:57:15 +03:00
d43e01981e Fix kernel opts for booting in enforcing selinux mode Mikhail Novosyolov 2019-10-07 01:35:53 +03:00
1f5dcdbf22 Fix kernel opts for booting in enforcing selinux mode Mikhail Novosyolov 2019-10-07 01:35:53 +03:00
7a64052e96 Updated to version 5.3.4 Evgenii Shatokhin 2019-10-06 17:17:55 +03:00
6e76e58193 Revisited the list of files for the devel package Evgenii Shatokhin 2019-09-24 18:37:26 +03:00
a89c2e9bda Removed sanitize-memory.patch Evgenii Shatokhin 2019-09-24 18:36:02 +03:00
4ca3b2aeb5 Updated to version 5.3.1 Evgenii Shatokhin 2019-09-24 11:56:44 +03:00
17e88f1815 Updated to version 5.2.14 Evgenii Shatokhin 2019-09-11 15:49:01 +03:00
ea6f6b95f9 Updated to version 5.2.7 Evgenii Shatokhin 2019-08-07 15:59:12 +03:00
55fa1145d5 Re-diffed fs-aufs.patch for the kernel 5.2.5+ Evgenii Shatokhin 2019-08-05 11:48:36 +03:00
bbfcc7091f Updated to version 5.2.6 Evgenii Shatokhin 2019-08-05 11:35:18 +03:00
9d21195523 Updated to version 5.2.5 Evgenii Shatokhin 2019-07-31 16:56:44 +03:00
d0260ef581 Updated to version 5.2.2 Evgenii Shatokhin 2019-07-22 13:30:14 +03:00
7b533a4517 Stable-based kernels have no Ubuntu-specific files Evgenii Shatokhin 2019-07-22 10:55:21 +03:00
668c472445 Fixed the name of the list file Evgenii Shatokhin 2019-07-21 23:50:25 +03:00
326a5ab596 Updated to version 5.1.19 Evgenii Shatokhin 2019-07-21 21:46:26 +03:00
2dee2c0e88 Revisited configs to support kernel 5.1.x Evgenii Shatokhin 2019-07-21 21:44:03 +03:00
3fe250e5a9 kernel.spec: Fixed the name of the source archive Evgenii Shatokhin 2019-07-21 21:43:25 +03:00
2242fbf2b9 Updated AUFS to version 5.1-20190610 Evgenii Shatokhin 2019-07-16 19:03:29 +03:00
06fd3cb1e3 Removed an unneeded patch for Perf Evgenii Shatokhin 2019-07-16 18:52:15 +03:00
41549c8479 Removed 3 patches which are likely obsolete now Evgenii Shatokhin 2019-07-16 18:43:01 +03:00
4b4eb0976c Added a patch to help fix the build with GCC 8+ Evgenii Shatokhin 2019-07-16 18:36:37 +03:00
a2f6633407 Revisited the spec file Evgenii Shatokhin 2019-07-16 18:30:53 +03:00
be1c28ceaf Do not build kernel-doc by default Evgenii Shatokhin 2019-07-16 17:21:32 +03:00
d89a767934 Updated to version 5.1.18 Evgenii Shatokhin 2019-07-16 17:16:42 +03:00
28a85b7184 Use more specific filters in .rpmlintrc Evgenii Shatokhin 2019-06-12 17:47:39 +03:00
c54c60353e Updated to version 5.1.12 Evgenii Shatokhin 2019-06-19 17:13:07 +03:00
54c6ec6402 Updated to version 5.1.7 Evgenii Shatokhin 2019-06-04 15:21:16 +03:00
c65c436818 Updated to version 5.0.19 Evgenii Shatokhin 2019-05-27 11:52:36 +03:00
d8a9643bc5 Updated to version 5.0.16 Evgenii Shatokhin 2019-05-15 22:32:22 +03:00
70c21251c5 Updated to version 5.0.13 Evgenii Shatokhin 2019-05-06 10:54:30 +03:00
9fbfe1cbcd Package bash completion file for cpupower Evgenii Shatokhin 2019-03-07 19:18:42 +03:00
8b63e5513b Fix invocations of access_ok() in fs-aufs4.patch Evgenii Shatokhin 2019-04-09 19:24:05 +03:00
27010ed411 Updated to version 5.0.7 Evgenii Shatokhin 2019-04-09 17:26:40 +03:00
4dc86f69fc Do not install files for 'csky' arch yet Evgenii Shatokhin 2019-02-23 19:47:53 +03:00
6f36e14874 Updated to version 4.20.12 Evgenii Shatokhin 2019-02-23 16:54:33 +03:00
847ae8701e Updated to 4.20.10 - the first take; sorted the configs Evgenii Shatokhin 2019-02-20 10:53:33 +03:00
c5e1469ee5 Removed nrj-laptop flavour Evgenii Shatokhin 2019-02-20 09:46:06 +03:00
635df6ce01 Updated to version 4.19.23 Evgenii Shatokhin 2019-02-16 18:57:50 +03:00
ed012ca1b8 Updated to version 4.19.14 Evgenii Shatokhin 2019-01-11 12:26:49 +03:00