~xdavidwu/linux-xdavidwu-xps

de39388c709cc32e444bef4399bc279326ef5dc0 — xdavidwu 1 year, 7 months ago 390367c
6.3
3 files changed, 36 insertions(+), 84 deletions(-)

D 0117-xattr-allow-setting-user.-attributes-on-symlinks-by-.patch
M APKBUILD
M config
D 0117-xattr-allow-setting-user.-attributes-on-symlinks-by-.patch => 0117-xattr-allow-setting-user.-attributes-on-symlinks-by-.patch +0 -56
@@ 1,56 0,0 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Alan Cox <alan@linux.intel.com>
Date: Thu, 10 Mar 2016 15:11:28 +0000
Subject: [PATCH] xattr: allow setting user.* attributes on symlinks by owner

Kvmtool and clear containers supports using user attributes to label host
files with the virtual uid/guid of the file in the container. This allows an
end user to manage their files and a complete uid space without all the ugly
namespace stuff.

The one gap in the support is symlinks because an end user can change the
ownership of a symbolic link. We support attributes on these files as you
can already (as root) set security attributes on them.

The current rules seem slightly over-paranoid and as we have a use case this
patch enables updating the attributes on a symbolic link IFF you are the
owner of the synlink (as permissions are not usually meaningful on the link
itself).

Signed-off-by: Alan Cox <alan@linux.intel.com>
---
 fs/xattr.c | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/fs/xattr.c b/fs/xattr.c
index 998045165916..62b6fb4dedee 100644
--- a/fs/xattr.c
+++ b/fs/xattr.c
@@ -120,16 +120,17 @@ xattr_permission(struct user_namespace *mnt_userns, struct inode *inode,
 	}
 
 	/*
-	 * In the user.* namespace, only regular files and directories can have
-	 * extended attributes. For sticky directories, only the owner and
-	 * privileged users can write attributes.
+	 * In the user.* namespace, only regular files, symbolic links, and
+	 * directories can have extended attributes. For symbolic links and
+	 * sticky directories, only the owner and privileged users can write
+	 * attributes.
 	 */
 	if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN)) {
-		if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode))
+		if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode) && !S_ISLNK(inode->i_mode))
 			return (mask & MAY_WRITE) ? -EPERM : -ENODATA;
-		if (S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX) &&
-		    (mask & MAY_WRITE) &&
-		    !inode_owner_or_capable(mnt_userns, inode))
+		if (((S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX))
+		        || S_ISLNK(inode->i_mode)) && (mask & MAY_WRITE)
+		    && !inode_owner_or_capable(mnt_userns, inode))
 			return -EPERM;
 	}
 
-- 
https://clearlinux.org


M APKBUILD => APKBUILD +3 -5
@@ 1,6 1,6 @@
# Maintainer: xdavidwu <xdavidwuph@gmail.com>
pkgname=linux-xdavidwu-xps
pkgver=6.2.12
pkgver=6.3
pkgrel=0
pkgdesc="Linux kernel customized for xps"
url="https://www.kernel.org/"


@@ 28,7 28,6 @@ source="https://cdn.kernel.org/pub/linux/kernel/v6.x/linux-${pkgver}.tar.xz
	0112-init-wait-for-partition-and-retry-scan.patch
	0115-enable-stateless-firmware-loading.patch
	0116-migrate-some-systemd-defaults-to-the-kernel-defaults.patch
	0117-xattr-allow-setting-user.-attributes-on-symlinks-by-.patch
	0118-add-scheduler-turbo3-patch.patch
	0119-use-lfence-instead-of-rep-and-nop.patch
	0120-do-accept-in-LIFO-order-for-cache-efficiency.patch


@@ 58,8 57,8 @@ package() {
}

sha512sums="
9d6de9301c8277df63aa3e4b6790917908ac333d05b2ef436726653f68e7acdf9e5a1bd72226c85a251380156757da13abd4d0c4a28a9520a875c479ca8aaa32  linux-6.2.12.tar.xz
4a53553938da2f0cc73d2c59677c8b98b8994b1c545c004775af5c745ae3cdc9c6d3bc9d933231e84b673ad5d3c69974a32e776ed1aef56bb885e61c95ca5ce4  config
768979440f4907ba64d4481b383d6101faf208f27a0b897156123aa278c5743fe3c4f61945b2541429c532d45382aaee8899ea9d44a1d2895bfbb79bfd937f65  linux-6.3.tar.xz
0d011048289b107b68f2d9d21da380ac325dc35a43fc706f10ea33e4ba4b9c886a01b9d06cdc5c9b5b027d14a9828038a0004e53ff591fe2c75b4171971a9a5f  config
0691f5970ccdb2e297541f2436821738d3b215d5dfc3f388f903694e4f912139f41df69ccc3bf8a867241c7c8f8080870729c5d51cc30831f3eca1b6f5266dba  fast_skylake.patch
c0c5d023cac625dfe3086b37b5abb4be8981db301a468e93d495c08b7650debbf47b7a24c39293731951315658164e36783e5a46fb26fc51ed6fc72e3716307c  openwrt-402-ath_regd_optional.patch
b2de23b9f86fc670537f432cd0b141e28d6da1b879a3a6457b8597699ed8e55df5f44df014df3d6cef4efbc7f14685bf4720033ba94276e18c2aef825107ccc3  0101-i8042-decrease-debug-message-level-to-info.patch


@@ 74,7 73,6 @@ e5eed79203bdb7fe709919a093d382250d353368011cd6bd144bdff01d6d97110356bc05b0ac03f9
24bbbe7f2ac4d24efd4eda13d72931380ed7d02ffc4fef5b6fd5bb7f6870e22b434f840bd5e6129eaa7cae78b949a231c9e2f9f131263fdafc7e0c65b2393aab  0112-init-wait-for-partition-and-retry-scan.patch
6e202984fefa1969a0bf6063b33e6fdd6d7e31917369edbf45b42e0a985721fd465252b235812780722f7163466314cd71810ae884f66c67567e4e26adee28aa  0115-enable-stateless-firmware-loading.patch
ead629b352126972268e96e6f0b34b558b96fbc9d0efbb7b6c560671fe61c97272492509f190b682c2b7db0da485886a941f58a502d72095c208e492f2f4ccd0  0116-migrate-some-systemd-defaults-to-the-kernel-defaults.patch
621a3d53d6c7de0fc6cbeb36d456e843cac010c48fc0eb705f08100663c466a23e3be3829f1fca1ad78a966f9065f20b3cdb6e485b8caede76f64c20d6f2c488  0117-xattr-allow-setting-user.-attributes-on-symlinks-by-.patch
95e56d6a221ba6e5392ae53a136c9411fbc46e97f00ed87166527cf5bd54b13652a615dbcd318edc5c2242338088468400a3a47ec107952d03d78a4eb624bba0  0118-add-scheduler-turbo3-patch.patch
027832a5a2e671095460bf069d9a9c02dbf015956938f21bfa3c400aa53be81c75ce367fcc77a82e01bd10ce2f89f2df54bb8ca321ff9cca6d31d69c89dd4353  0119-use-lfence-instead-of-rep-and-nop.patch
66cea1c904f3642bc23b0a609564b1bfb6b36dda2f927145354659b59ffaf412ccdf5ffaf37197edaf07a6be1ea5a5ace21007a883df41d6877264d734dd30f7  0120-do-accept-in-LIFO-order-for-cache-efficiency.patch

M config => config +33 -23
@@ 1,8 1,8 @@
#
# Automatically generated file; DO NOT EDIT.
# Linux/x86 6.2.0 Kernel Configuration
# Linux/x86 6.3.0 Kernel Configuration
#
CONFIG_CC_VERSION_TEXT="gcc (Alpine 12.2.1_git20220924-r9) 12.2.1 20220924"
CONFIG_CC_VERSION_TEXT="gcc (Alpine 12.2.1_git20220924-r10) 12.2.1 20220924"
CONFIG_CC_IS_GCC=y
CONFIG_GCC_VERSION=120201
CONFIG_CLANG_VERSION=0


@@ 176,7 176,6 @@ CONFIG_ARCH_WANT_BATCHED_UNMAP_TLB_FLUSH=y
CONFIG_CC_HAS_INT128=y
CONFIG_CC_IMPLICIT_FALLTHROUGH="-Wimplicit-fallthrough=5"
CONFIG_GCC11_NO_ARRAY_BOUNDS=y
CONFIG_GCC12_NO_ARRAY_BOUNDS=y
CONFIG_CC_NO_ARRAY_BOUNDS=y
CONFIG_ARCH_SUPPORTS_INT128=y
CONFIG_CGROUPS=y


@@ 189,6 188,7 @@ CONFIG_CGROUP_SCHED=y
CONFIG_FAIR_GROUP_SCHED=y
# CONFIG_CFS_BANDWIDTH is not set
# CONFIG_RT_GROUP_SCHED is not set
CONFIG_SCHED_MM_CID=y
CONFIG_CGROUP_PIDS=y
# CONFIG_CGROUP_RDMA is not set
CONFIG_CGROUP_FREEZER=y


@@ 576,6 576,7 @@ CONFIG_AS_AVX512=y
CONFIG_AS_SHA1_NI=y
CONFIG_AS_SHA256_NI=y
CONFIG_AS_TPAUSE=y
CONFIG_AS_GFNI=y

#
# General architecture-dependent options


@@ 774,7 775,6 @@ CONFIG_EFI_PARTITION=y
# CONFIG_CMDLINE_PARTITION is not set
# end of Partition Types

CONFIG_BLOCK_COMPAT=y
CONFIG_BLK_MQ_PCI=y
CONFIG_BLK_PM=y



@@ 821,6 821,7 @@ CONFIG_SWAP=y
# CONFIG_ZSWAP is not set
CONFIG_ZSMALLOC=m
# CONFIG_ZSMALLOC_STAT is not set
CONFIG_ZSMALLOC_CHAIN_SIZE=8

#
# SLAB allocator options


@@ 1536,7 1537,6 @@ CONFIG_MISC_RTSX=m
# CONFIG_MISC_ALCOR_PCI is not set
CONFIG_MISC_RTSX_PCI=m
# CONFIG_MISC_RTSX_USB is not set
# CONFIG_HABANA_AI is not set
# CONFIG_PVPANIC is not set
# end of Misc devices



@@ 1680,6 1680,7 @@ CONFIG_TIGON3=m
# CONFIG_NET_VENDOR_MICROSEMI is not set
# CONFIG_NET_VENDOR_MICROSOFT is not set
# CONFIG_NET_VENDOR_MYRI is not set
# CONFIG_FEALNX is not set
# CONFIG_NET_VENDOR_NI is not set
# CONFIG_NET_VENDOR_NATSEMI is not set
# CONFIG_NET_VENDOR_NETERION is not set


@@ 1753,6 1754,7 @@ CONFIG_FIXED_PHY=m
# CONFIG_NATIONAL_PHY is not set
# CONFIG_NXP_C45_TJA11XX_PHY is not set
# CONFIG_NXP_TJA11XX_PHY is not set
# CONFIG_NCN26000_PHY is not set
# CONFIG_QSEMI_PHY is not set
# CONFIG_REALTEK_PHY is not set
# CONFIG_RENESAS_PHY is not set


@@ 2226,7 2228,6 @@ CONFIG_PTP_1588_CLOCK_OPTIONAL=y
CONFIG_POWER_SUPPLY=y
# CONFIG_POWER_SUPPLY_DEBUG is not set
CONFIG_POWER_SUPPLY_HWMON=y
# CONFIG_PDA_POWER is not set
# CONFIG_IP5XXX_POWER is not set
# CONFIG_TEST_POWER is not set
# CONFIG_CHARGER_ADP5061 is not set


@@ 2327,6 2328,7 @@ CONFIG_SENSORS_CORETEMP=m
# CONFIG_SENSORS_MAX6650 is not set
# CONFIG_SENSORS_MAX6697 is not set
# CONFIG_SENSORS_MAX31790 is not set
# CONFIG_SENSORS_MC34VR500 is not set
# CONFIG_SENSORS_MCP3021 is not set
# CONFIG_SENSORS_TC654 is not set
# CONFIG_SENSORS_TPS23861 is not set


@@ 2434,6 2436,7 @@ CONFIG_THERMAL_GOV_USER_SPACE=y
#
CONFIG_INTEL_POWERCLAMP=m
CONFIG_X86_THERMAL_VECTOR=y
CONFIG_INTEL_TCC=y
CONFIG_X86_PKG_TEMP_THERMAL=m
# CONFIG_INTEL_SOC_DTS_THERMAL is not set



@@ 2470,7 2473,6 @@ CONFIG_MFD_CORE=m
# CONFIG_MFD_DLN2 is not set
# CONFIG_MFD_MC13XXX_I2C is not set
# CONFIG_MFD_MP2629 is not set
# CONFIG_HTC_PASIC3 is not set
# CONFIG_MFD_INTEL_QUARK_I2C_GPIO is not set
# CONFIG_LPC_ICH is not set
# CONFIG_LPC_SCH is not set


@@ 2588,6 2590,7 @@ CONFIG_USB_VIDEO_CLASS=m
#
# CONFIG_VIDEO_EM28XX is not set
# CONFIG_MEDIA_PCI_SUPPORT is not set
CONFIG_UVC_COMMON=m
CONFIG_VIDEOBUF2_CORE=m
CONFIG_VIDEOBUF2_V4L2=m
CONFIG_VIDEOBUF2_MEMOPS=m


@@ 2610,6 2613,7 @@ CONFIG_VIDEOBUF2_VMALLOC=m
# CONFIG_VIDEO_IMX258 is not set
# CONFIG_VIDEO_IMX274 is not set
# CONFIG_VIDEO_IMX290 is not set
# CONFIG_VIDEO_IMX296 is not set
# CONFIG_VIDEO_IMX319 is not set
# CONFIG_VIDEO_IMX355 is not set
# CONFIG_VIDEO_MT9M001 is not set


@@ 2645,6 2649,7 @@ CONFIG_VIDEOBUF2_VMALLOC=m
# CONFIG_VIDEO_OV772X is not set
# CONFIG_VIDEO_OV7740 is not set
# CONFIG_VIDEO_OV8856 is not set
# CONFIG_VIDEO_OV8858 is not set
# CONFIG_VIDEO_OV8865 is not set
# CONFIG_VIDEO_OV9640 is not set
# CONFIG_VIDEO_OV9650 is not set


@@ 2961,6 2966,7 @@ CONFIG_FB_EFI=y
#
# CONFIG_LCD_CLASS_DEVICE is not set
CONFIG_BACKLIGHT_CLASS_DEVICE=m
# CONFIG_BACKLIGHT_KTZ8866 is not set
# CONFIG_BACKLIGHT_APPLE is not set
# CONFIG_BACKLIGHT_QCOM_WLED is not set
# CONFIG_BACKLIGHT_SAHARA is not set


@@ 3101,6 3107,7 @@ CONFIG_SND_HDA_CODEC_HDMI=m
CONFIG_SND_HDA_GENERIC=m
CONFIG_SND_HDA_POWER_SAVE_DEFAULT=10
# CONFIG_SND_HDA_INTEL_HDMI_SILENT_STREAM is not set
# CONFIG_SND_HDA_CTL_DEV_ID is not set
# end of HD-Audio

CONFIG_SND_HDA_CORE=m


@@ 3126,10 3133,7 @@ CONFIG_SND_USB_AUDIO_USE_MEDIA_CONTROLLER=y
# CONFIG_SND_USB_VARIAX is not set
# CONFIG_SND_SOC is not set
# CONFIG_SND_X86 is not set

#
# HID support
#
CONFIG_HID_SUPPORT=y
CONFIG_HID=m
# CONFIG_HID_BATTERY_STRENGTH is not set
# CONFIG_HIDRAW is not set


@@ 3163,6 3167,7 @@ CONFIG_HID_GENERIC=m
# CONFIG_HID_ELAN is not set
# CONFIG_HID_ELECOM is not set
# CONFIG_HID_ELO is not set
# CONFIG_HID_EVISION is not set
# CONFIG_HID_EZKEY is not set
# CONFIG_HID_GEMBIRD is not set
# CONFIG_HID_GFRM is not set


@@ 3240,6 3245,11 @@ CONFIG_HID_WIIMOTE=m
# end of Special HID drivers

#
# HID-BPF support
#
# end of HID-BPF support

#
# USB HID support
#
CONFIG_USB_HID=m


@@ 3254,13 3264,7 @@ CONFIG_USB_HID=m
# end of USB HID Boot Protocol drivers
# end of USB HID support

#
# I2C HID support
#
CONFIG_I2C_HID_ACPI=m
# end of I2C HID support

CONFIG_I2C_HID_CORE=m
# CONFIG_I2C_HID is not set

#
# Intel ISH HID support


@@ 3273,7 3277,6 @@ CONFIG_I2C_HID_CORE=m
#
# CONFIG_AMD_SFH_HID is not set
# end of AMD SFH HID Support
# end of HID support

CONFIG_USB_OHCI_LITTLE_ENDIAN=y
CONFIG_USB_SUPPORT=y


@@ 3427,6 3430,7 @@ CONFIG_UCSI_ACPI=m
# USB Type-C Multiplexer/DeMultiplexer Switch support
#
# CONFIG_TYPEC_MUX_FSA4480 is not set
# CONFIG_TYPEC_MUX_GPIO_SBU is not set
# CONFIG_TYPEC_MUX_PI3USB30532 is not set
# end of USB Type-C Multiplexer/DeMultiplexer Switch support



@@ 3615,7 3619,6 @@ CONFIG_RTC_DRV_CMOS=y
# CONFIG_RTC_DRV_MSM6242 is not set
# CONFIG_RTC_DRV_BQ4802 is not set
# CONFIG_RTC_DRV_RP5C01 is not set
# CONFIG_RTC_DRV_V3020 is not set

#
# on-CPU RTC drivers


@@ 3826,6 3829,8 @@ CONFIG_CLKBLD_I8253=y
#
# end of Enable LiteX SoC Builder specific drivers

# CONFIG_WPCM450_SOC is not set

#
# Qualcomm SoC drivers
#


@@ 3875,7 3880,7 @@ CONFIG_CLKBLD_I8253=y
CONFIG_POWERCAP=y
CONFIG_INTEL_RAPL_CORE=m
CONFIG_INTEL_RAPL=m
# CONFIG_IDLE_INJECT is not set
CONFIG_IDLE_INJECT=y
# CONFIG_MCB is not set

#


@@ 3922,6 3927,7 @@ CONFIG_NVMEM=y
CONFIG_DCACHE_WORD_ACCESS=y
# CONFIG_VALIDATE_FS_PARSER is not set
CONFIG_FS_IOMAP=y
CONFIG_LEGACY_DIRECT_IO=y
# CONFIG_EXT2_FS is not set
# CONFIG_EXT3_FS is not set
CONFIG_EXT4_FS=y


@@ 4320,6 4326,8 @@ CONFIG_CRYPTO_DES3_EDE_X86_64=m
# CONFIG_CRYPTO_TWOFISH_X86_64_3WAY is not set
# CONFIG_CRYPTO_TWOFISH_AVX_X86_64 is not set
# CONFIG_CRYPTO_ARIA_AESNI_AVX_X86_64 is not set
# CONFIG_CRYPTO_ARIA_AESNI_AVX2_X86_64 is not set
# CONFIG_CRYPTO_ARIA_GFNI_AVX512_X86_64 is not set
CONFIG_CRYPTO_CHACHA20_X86_64=m
# CONFIG_CRYPTO_AEGIS128_AESNI_SSE2 is not set
# CONFIG_CRYPTO_NHPOLY1305_SSE2 is not set


@@ 4560,10 4568,10 @@ CONFIG_ARCH_HAS_DEBUG_WX=y
# CONFIG_DEBUG_WX is not set
CONFIG_GENERIC_PTDUMP=y
# CONFIG_PTDUMP_DEBUGFS is not set
# CONFIG_DEBUG_OBJECTS is not set
# CONFIG_SHRINKER_DEBUG is not set
CONFIG_HAVE_DEBUG_KMEMLEAK=y
# CONFIG_DEBUG_KMEMLEAK is not set
# CONFIG_DEBUG_OBJECTS is not set
# CONFIG_SHRINKER_DEBUG is not set
# CONFIG_DEBUG_STACK_USAGE is not set
# CONFIG_SCHED_STACK_END_CHECK is not set
CONFIG_ARCH_HAS_DEBUG_VM_PGTABLE=y


@@ 4631,6 4639,7 @@ CONFIG_LOCK_DEBUGGING_SUPPORT=y
# CONFIG_CSD_LOCK_WAIT_DEBUG is not set
# end of Lock Debugging (spinlocks, mutexes, etc...)

# CONFIG_NMI_CHECK_CPU is not set
# CONFIG_DEBUG_IRQFLAGS is not set
CONFIG_STACKTRACE=y
# CONFIG_WARN_ALL_UNSEEDED_RANDOM is not set


@@ 4657,6 4666,7 @@ CONFIG_STACKTRACE=y
# CONFIG_RCU_REF_SCALE_TEST is not set
CONFIG_RCU_CPU_STALL_TIMEOUT=60
CONFIG_RCU_EXP_CPU_STALL_TIMEOUT=0
# CONFIG_RCU_CPU_STALL_CPUTIME is not set
# CONFIG_RCU_TRACE is not set
# CONFIG_RCU_EQS_DEBUG is not set
# end of RCU Debugging