nano: Update to 2.7.2

[people/pmueller/ipfire-2.x.git] / lfs / linux

diff --git a/lfs/linux b/lfs/linux
index e365be6afd5d5aa832999cfbcbbc307c729ab7f4..19d27293437c215c6a133e7707ddb7a90145dd1a 100644 (file)
--- a/lfs/linux
+++ b/lfs/linux
@@ -24,10 +24,10 @@
 
 include Config
 
-VER         = 3.14.77
-RPI_PATCHES = 3.14.77-grsec-ipfire1
-A7M_PATCHES = 3.14.77-grsec-ipfire1
-GRS_PATCHES = grsecurity-3.1ipfire-3.14.77-v1.patch.xz
+VER         = 3.14.79
+RPI_PATCHES = 3.14.79-grsec-ipfire1
+A7M_PATCHES = 3.14.79-grsec-ipfire1
+GRS_PATCHES = grsecurity-3.1ipfire-3.14.79-v1.patch.xz
 
 
 THISAPP    = linux-$(VER)
@@ -37,7 +37,7 @@ DIR_APP    = $(DIR_SRC)/$(THISAPP)
 CFLAGS     =
 CXXFLAGS   =
 
-PAK_VER    = 71
+PAK_VER    = 73
 DEPS      = ""
 
 KERNEL_ARCH = $(MACHINE)
@@ -83,10 +83,10 @@ rpi-patches-$(RPI_PATCHES).patch.xz         = $(URL_IPFIRE)/rpi-patches-$(RPI_PATCHES).
 arm7-multi-patches-$(A7M_PATCHES).patch.xz     = $(URL_IPFIRE)/arm7-multi-patches-$(A7M_PATCHES).patch.xz
 $(GRS_PATCHES)                                 = $(URL_IPFIRE)/$(GRS_PATCHES)
 
-$(DL_FILE)_MD5                                 = 7ecb8518498d0666a7b88f359e566f4c
-rpi-patches-$(RPI_PATCHES).patch.xz_MD5                = 3213020a9627ea73cc9668e2db4ff8a4
-arm7-multi-patches-$(A7M_PATCHES).patch.xz_MD5 = 56949a37637656d5ea23658cc9222f64
-$(GRS_PATCHES)_MD5                             = 5ed67f97c3b0de1b290f9155eb166c56
+$(DL_FILE)_MD5                                 = ec5b09d8ad2ebf92e6f51a727a338559
+rpi-patches-$(RPI_PATCHES).patch.xz_MD5                = a02a7fd54c642c1e3578a00ed22f54f8
+arm7-multi-patches-$(A7M_PATCHES).patch.xz_MD5 = 6c3b11e51caa278dbeacd1e23c2b171b
+$(GRS_PATCHES)_MD5                             = 7fe448b53558082395f68c5db94af1a7
 
 install : $(TARGET)
 
@@ -132,7 +132,6 @@ ifneq "$(KCFG)" "-headers"
        cd $(DIR_APP) && xz -c -d $(DIR_DL)/$(GRS_PATCHES) | patch -Np1
        cd $(DIR_APP) && rm localversion-grsec
        cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.7-disable-compat_vdso.patch
-       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-3.14.77-gsrec_tcp_input_access_once_rw.patch
 endif
 
        # DVB Patches
@@ -202,6 +201,14 @@ endif
        cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/0025-Drivers-hv-vmbus-Support-per-channel-driver-state.patch
        cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-hyperv_Mark_the_Hyoer-V_TSC_as_unstable.patch
 
+ifneq "$(KCFG)" "-headers"
+       # fix AES-NI 192 and 256 bits / grsec is needed for this patch version
+       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/0100-crypto-aesni-Add-support-for-192-256-bit-keys-to-AES.patch
+endif
+
+       # fix CVE-2016-5195 (Dirty COW)
+       cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/0110-mm-remove-gup_flags-FOLL_WRITE-games-from-__get_user.patch
+
        # fix empty symbol crc's
        cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-genksyms_fix_typeof_handling.patch