kernel: update to 6.1.4

[people/pmueller/ipfire-2.x.git] / lfs / linux

diff --git a/lfs/linux b/lfs/linux
index 018892f7f2b056f6b08de97c9cce734491e9fe6d..414958d6f8f1c48ebeb89004d8bddf06ddb7c60f 100644 (file)
--- a/lfs/linux
+++ b/lfs/linux
@@ -1,7 +1,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2007-2022  IPFire Team  <info@ipfire.org>                     #
+# Copyright (C) 2007-2023  IPFire Team  <info@ipfire.org>                     #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -24,8 +24,8 @@
 
 include Config
 
-VER         = 5.15.23
-ARM_PATCHES = 5.15-ipfire5
+VER         = 6.1.4
+ARM_PATCHES = 6.1.y-ipfire0
 
 THISAPP    = linux-$(VER)
 DL_FILE    = linux-$(VER).tar.xz
@@ -78,8 +78,8 @@ objects =$(DL_FILE) \
 $(DL_FILE)                                     = $(URL_IPFIRE)/$(DL_FILE)
 arm-multi-patches-$(ARM_PATCHES).patch.xz      = $(URL_IPFIRE)/arm-multi-patches-$(ARM_PATCHES).patch.xz
 
-$(DL_FILE)_BLAKE2 = 36be53585e67350496a84438712d35e488b745e85b6981f51448d9b19fe30cce9968ef486defd8a68f556e2518d010bf6f63dbf2bf7a504e25568e71c3aecacc
-arm-multi-patches-$(ARM_PATCHES).patch.xz_BLAKE2 = 58a70e757a9121a0aac83604a37aa787ec7ac0ee4970c5a3ac3bcb2dbaca32b00089cae6c0da5cf2fe0a2e156427b5165c6a86e0371a3e896f4c7cdd699c34a0
+$(DL_FILE)_BLAKE2 = 4222225ad841f96df6fdda38e64934012dc6712f7c751c8de735163831bd3605ee107ecf82b1046590f5dd0c66459923aff7c23d5181a45ae7556ac419255740
+arm-multi-patches-$(ARM_PATCHES).patch.xz_BLAKE2 = 3ef9a778c5c41ee8bf2942a48f63b21228a632a2910d2123f01155bbf571592898cffffa61c387a5a6c817b62e458947b4c406c6591b23b5401faa47b020337f
 
 install : $(TARGET)
 
@@ -116,7 +116,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
        ln -svf linux-$(VER) $(DIR_SRC)/linux
 
        # Layer7-patch
-       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-5.15.17-layer7.patch
+       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-6.1-layer7.patch
 
        # DVB Patches
        cd $(DIR_APP) && patch -Np2 < $(DIR_SRC)/src/patches/v4l-dvb_fix_tua6034_pll.patch
@@ -140,6 +140,15 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
        # Patch performance monitoring restrictions to allow further hardening
        cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-5.15.17-security-perf-allow-further-restriction-of-perf_event_open.patch
 
+       # https://bugzilla.ipfire.org/show_bug.cgi?id=12760
+       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-5.15-NFQUEUE-Hold-RCU-read-lock-while-calling-nf_reinject.patch
+
+       # Fix external module compile
+       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-6.0-fix_external_module_build.patch
+
+       # Fix pmc compile dependency errors
+       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-6.0.7-platform-x86-amd-Fix-pmc-compile-dependency-errors.patch
+
 ifeq "$(BUILD_ARCH)" "armv6l"
        # Apply Arm-multiarch kernel patches.
        cd $(DIR_APP) && xzcat $(DIR_DL)/arm-multi-patches-$(ARM_PATCHES).patch.xz | patch -Np1
@@ -150,9 +159,6 @@ ifeq "$(BUILD_ARCH)" "aarch64"
 endif
        cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-3.14.79-amba-fix.patch
 
-       # Fix for CVE-2022-0847 aka Dirty Pipe
-       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/kernel-5.15-CVE-2022-0847.patch
-
 ifeq "$(KCFG)" "-headers"
        # Install the header files
        cd $(DIR_APP) && make ARCH=$(HEADERS_ARCH) $(EXTRAMAKE) headers