From: bruce.ashfield@gmail.com
To: richard.purdie@linuxfoundation.org
Cc: openembedded-core@lists.openembedded.org
Subject: [PATCH 2/7] linux-yocto/6.5: drop removed IMA option
Date: Thu, 21 Dec 2023 09:25:04 -0500 [thread overview]
Message-ID: <c6b15714bfbaaa815dcc3b7e8e402fccb5635cf1.1703168370.git.bruce.ashfield@gmail.com> (raw)
In-Reply-To: <cover.1703168370.git.bruce.ashfield@gmail.com>
From: Bruce Ashfield <bruce.ashfield@gmail.com>
Integrating the following commit(s) to linux-yocto/.:
1/1 [
Author: Paul Gortmaker
Email: paul.gortmaker@windriver.com
Subject: features/ima: drop now retired IMA_TRUSTED_KEYRING option
Date: Wed, 6 Dec 2023 09:15:38 -0500
Unfortunately linux-stable backported this:
Subject: ima: Remove deprecated IMA_TRUSTED_KEYRING Kconfig
From: Nayna Jain <nayna@linux.ibm.com>
[ Upstream commit 5087fd9e80e539d2163accd045b73da64de7de95 ]
Time to remove "IMA_TRUSTED_KEYRING".
...to all releases still being maintained.
stable-queue$git grep -l 5087fd9e80e539
releases/5.10.195/ima-remove-deprecated-ima_trusted_keyring-kconfig.patch
releases/5.15.132/ima-remove-deprecated-ima_trusted_keyring-kconfig.patch
releases/5.4.257/ima-remove-deprecated-ima_trusted_keyring-kconfig.patch
releases/6.1.53/ima-remove-deprecated-ima_trusted_keyring-kconfig.patch
releases/6.4.16/ima-remove-deprecated-ima_trusted_keyring-kconfig.patch
releases/6.5.3/ima-remove-deprecated-ima_trusted_keyring-kconfig.patch
So now when someone uses the feature, it triggers a do_kernel_configcheck
warning when the audit runs.
We added this file way back in 2019 so this fix will be needed on all
active branches that are using an LTS linux-stable kernel listed above.
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
]
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
---
meta/recipes-kernel/linux/linux-yocto-rt_6.5.bb | 2 +-
meta/recipes-kernel/linux/linux-yocto-tiny_6.5.bb | 2 +-
meta/recipes-kernel/linux/linux-yocto_6.5.bb | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_6.5.bb b/meta/recipes-kernel/linux/linux-yocto-rt_6.5.bb
index 62020312f8..fccf0252d0 100644
--- a/meta/recipes-kernel/linux/linux-yocto-rt_6.5.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-rt_6.5.bb
@@ -15,7 +15,7 @@ python () {
}
SRCREV_machine ?= "1d89cd73350cad73ecf330ad3785e6d8bdec092d"
-SRCREV_meta ?= "867a6bdef9701f378f5a9ce66a713daa22598649"
+SRCREV_meta ?= "3b1f87ec237ec3ad9acffb3d75c55efe958085dc"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine;protocol=https \
git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-6.5;destsuffix=${KMETA};protocol=https"
diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_6.5.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_6.5.bb
index f57bc47b37..b63d5ad893 100644
--- a/meta/recipes-kernel/linux/linux-yocto-tiny_6.5.bb
+++ b/meta/recipes-kernel/linux/linux-yocto-tiny_6.5.bb
@@ -18,7 +18,7 @@ KMETA = "kernel-meta"
KCONF_BSP_AUDIT_LEVEL = "2"
SRCREV_machine ?= "95753fe2a7d507646224fe973e2a4fc48cb7694d"
-SRCREV_meta ?= "867a6bdef9701f378f5a9ce66a713daa22598649"
+SRCREV_meta ?= "3b1f87ec237ec3ad9acffb3d75c55efe958085dc"
PV = "${LINUX_VERSION}+git"
diff --git a/meta/recipes-kernel/linux/linux-yocto_6.5.bb b/meta/recipes-kernel/linux/linux-yocto_6.5.bb
index 1233140f8e..984940d24c 100644
--- a/meta/recipes-kernel/linux/linux-yocto_6.5.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_6.5.bb
@@ -29,7 +29,7 @@ SRCREV_machine:qemux86 ?= "7fe59b2e3f40a94ce4477854264e219aeb972990"
SRCREV_machine:qemux86-64 ?= "7fe59b2e3f40a94ce4477854264e219aeb972990"
SRCREV_machine:qemumips64 ?= "ff5efc72e961cf345f935ac14cdcaa9843ec5b23"
SRCREV_machine ?= "7fe59b2e3f40a94ce4477854264e219aeb972990"
-SRCREV_meta ?= "867a6bdef9701f378f5a9ce66a713daa22598649"
+SRCREV_meta ?= "3b1f87ec237ec3ad9acffb3d75c55efe958085dc"
# set your preferred provider of linux-yocto to 'linux-yocto-upstream', and you'll
# get the <version>/base branch, which is pure upstream -stable, and the same
--
2.39.2
next prev parent reply other threads:[~2023-12-21 14:25 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-12-21 14:25 [PATCH 0/7] linux-yocto: consolidated pull request bruce.ashfield
2023-12-21 14:25 ` [PATCH 1/7] linux-yocto/6.1: drop removed IMA option bruce.ashfield
2023-12-21 14:25 ` bruce.ashfield [this message]
2023-12-21 14:25 ` [PATCH 3/7] linux-yocto-rt/6.1: update to -rt18 bruce.ashfield
2023-12-21 14:25 ` [PATCH 4/7] linux-yocto/6.1: update to v6.1.66 bruce.ashfield
2023-12-21 14:25 ` [PATCH 5/7] linux-yocto/6.1: update to v6.1.67 bruce.ashfield
2023-12-21 14:25 ` [PATCH 6/7] linux-yocto/6.5: fix AB-INT: QEMU kernel panic: No irq handler for vector bruce.ashfield
2023-12-21 14:25 ` [PATCH 7/7] linux-yocto/6.1: update to v6.1.68 bruce.ashfield
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=c6b15714bfbaaa815dcc3b7e8e402fccb5635cf1.1703168370.git.bruce.ashfield@gmail.com \
--to=bruce.ashfield@gmail.com \
--cc=openembedded-core@lists.openembedded.org \
--cc=richard.purdie@linuxfoundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox