release 6.15.7

debian/patches/debian/android-enable-building-ashmem-and-binder-as-modules.patch

@@ -1,90 +0,0 @@
-From: Ben Hutchings <ben@decadent.org.uk>
-Date: Fri, 22 Jun 2018 17:27:00 +0100
-Subject: android: Enable building ashmem and binder as modules
-Bug-Debian: https://bugs.debian.org/901492
-
-We want to enable use of the Android ashmem and binder drivers to
-support Anbox, but they should not be built-in as that would waste
-resources and increase security attack surface on systems that don't
-need them.
-
-- Add a MODULE_LICENSE declaration to ashmem
-- Change the Makefiles to build each driver as an object with the
-  "_linux" suffix (which is what Anbox expects)
-- Change config symbol types to tristate
-
-Update:
-In upstream commit 721412ed3d titled "staging: remove ashmem" the ashmem
-driver was removed entirely. Secondary commit message:
-"The mainline replacement for ashmem is memfd, so remove the legacy
-code from drivers/staging/"
-Consequently, the ashmem part of this patch has been removed.
----
- drivers/android/Kconfig          | 2 +-
- drivers/android/Makefile         | 7 ++++---
- drivers/android/binder_alloc.c   | 2 +-
- 3 files changed, 6 insertions(+), 5 deletions(-)
-
---- a/drivers/android/Kconfig
-+++ b/drivers/android/Kconfig
-@@ -2,7 +2,7 @@
- menu "Android"
- 
- config ANDROID_BINDER_IPC
--	bool "Android Binder IPC Driver"
-+	tristate "Android Binder IPC Driver"
- 	depends on MMU
- 	default n
- 	help
---- a/drivers/android/Makefile
-+++ b/drivers/android/Makefile
-@@ -1,6 +1,7 @@
- # SPDX-License-Identifier: GPL-2.0-only
- ccflags-y += -I$(src)			# needed for trace events
- 
--obj-$(CONFIG_ANDROID_BINDERFS)		+= binderfs.o
--obj-$(CONFIG_ANDROID_BINDER_IPC)	+= binder.o binder_alloc.o
--obj-$(CONFIG_ANDROID_BINDER_IPC_SELFTEST) += binder_alloc_selftest.o
-+obj-$(CONFIG_ANDROID_BINDER_IPC)	+= binder_linux.o
-+binder_linux-y := binder.o binder_alloc.o
-+binder_linux-$(CONFIG_ANDROID_BINDERFS)	+= binderfs.o
-+binder_linux-$(CONFIG_ANDROID_BINDER_IPC_SELFTEST) += binder_alloc_selftest.o
---- a/drivers/android/binder_alloc.c
-+++ b/drivers/android/binder_alloc.c
-@@ -38,7 +38,7 @@ enum {
- };
- static uint32_t binder_alloc_debug_mask = BINDER_DEBUG_USER_ERROR;
- 
--module_param_named(debug_mask, binder_alloc_debug_mask,
-+module_param_named(alloc_debug_mask, binder_alloc_debug_mask,
- 		   uint, 0644);
- 
- #define binder_alloc_debug(mask, x...) \
---- a/mm/list_lru.c
-+++ b/mm/list_lru.c
-@@ -175,6 +175,7 @@ bool list_lru_add(struct list_lru *lru,
- 	unlock_list_lru(l, false);
- 	return false;
- }
-+EXPORT_SYMBOL_GPL(list_lru_add);
- 
- bool list_lru_add_obj(struct list_lru *lru, struct list_head *item)
- {
-@@ -212,6 +213,7 @@ bool list_lru_del(struct list_lru *lru,
- 	unlock_list_lru(l, false);
- 	return false;
- }
-+EXPORT_SYMBOL_GPL(list_lru_del);
- 
- bool list_lru_del_obj(struct list_lru *lru, struct list_head *item)
- {
---- a/mm/memory.c
-+++ b/mm/memory.c
-@@ -6569,6 +6569,7 @@ inval:
- 	count_vm_vma_lock_event(VMA_LOCK_ABORT);
- 	return NULL;
- }
-+EXPORT_SYMBOL_GPL(lock_vma_under_rcu);
- #endif /* CONFIG_PER_VMA_LOCK */
- 
- #ifndef __PAGETABLE_P4D_FOLDED

debian/patches/debian/android-enable-building-binder-as-module.patch

@@ -0,0 +1,53 @@
+From: Ben Hutchings <ben@decadent.org.uk>
+Date: Tue, 08 Jul 2025 13:30:55 +0200
+Subject: android: Enable building binder as module
+Bug-Debian: https://bugs.debian.org/901492
+
+We want to enable use of the Android binder driver to support
+Waydroid, but it should not be built-in as that would waste resources
+and increase security attack surface on systems that don't need it.
+
+- Change the Makefiles to build the driver as an object with the
+  "_linux" suffix (which is what Waydroid expects)
+- Change config symbol types to tristate
+---
+ drivers/android/Kconfig        |    2 +-
+ drivers/android/Makefile       |    7 ++++---
+ drivers/android/binder_alloc.c |    2 +-
+ 3 files changed, 6 insertions(+), 5 deletions(-)
+
+--- a/drivers/android/Kconfig
++++ b/drivers/android/Kconfig
+@@ -2,7 +2,7 @@
+ menu "Android"
+ 
+ config ANDROID_BINDER_IPC
+-	bool "Android Binder IPC Driver"
++	tristate "Android Binder IPC Driver"
+ 	depends on MMU
+ 	default n
+ 	help
+--- a/drivers/android/Makefile
++++ b/drivers/android/Makefile
+@@ -1,6 +1,7 @@
+ # SPDX-License-Identifier: GPL-2.0-only
+ ccflags-y += -I$(src)			# needed for trace events
+ 
+-obj-$(CONFIG_ANDROID_BINDERFS)		+= binderfs.o
+-obj-$(CONFIG_ANDROID_BINDER_IPC)	+= binder.o binder_alloc.o
+-obj-$(CONFIG_ANDROID_BINDER_IPC_SELFTEST) += binder_alloc_selftest.o
++obj-$(CONFIG_ANDROID_BINDER_IPC)	+= binder_linux.o
++binder_linux-y := binder.o binder_alloc.o
++binder_linux-$(CONFIG_ANDROID_BINDERFS)	+= binderfs.o
++binder_linux-$(CONFIG_ANDROID_BINDER_IPC_SELFTEST) += binder_alloc_selftest.o
+--- a/drivers/android/binder_alloc.c
++++ b/drivers/android/binder_alloc.c
+@@ -38,7 +38,7 @@ enum {
+ };
+ static uint32_t binder_alloc_debug_mask = BINDER_DEBUG_USER_ERROR;
+ 
+-module_param_named(debug_mask, binder_alloc_debug_mask,
++module_param_named(alloc_debug_mask, binder_alloc_debug_mask,
+ 		   uint, 0644);
+ 
+ #define binder_alloc_debug(mask, x...) \

debian/patches/debian/dccp-disable-auto-loading-as-mitigation-against-local-exploits.patch

@@ -1,41 +0,0 @@
-From: Ben Hutchings <ben@decadent.org.uk>
-Date: Thu, 16 Feb 2017 19:09:17 +0000
-Subject: dccp: Disable auto-loading as mitigation against local exploits
-Forwarded: not-needed
-
-We can mitigate the effect of vulnerabilities in obscure protocols by
-preventing unprivileged users from loading the modules, so that they
-are only exploitable on systems where the administrator has chosen to
-load the protocol.
-
-The 'dccp' protocol is not actively maintained or widely used.
-Therefore disable auto-loading.
-
-Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
----
---- a/net/dccp/ipv4.c
-+++ b/net/dccp/ipv4.c
-@@ -1094,8 +1094,8 @@ module_exit(dccp_v4_exit);
-  * values directly, Also cover the case where the protocol is not specified,
-  * i.e. net-pf-PF_INET-proto-0-type-SOCK_DCCP
-  */
--MODULE_ALIAS_NET_PF_PROTO_TYPE(PF_INET, 33, 6);
--MODULE_ALIAS_NET_PF_PROTO_TYPE(PF_INET, 0, 6);
-+/* MODULE_ALIAS_NET_PF_PROTO_TYPE(PF_INET, 33, 6); */
-+/* MODULE_ALIAS_NET_PF_PROTO_TYPE(PF_INET, 0, 6); */
- MODULE_LICENSE("GPL");
- MODULE_AUTHOR("Arnaldo Carvalho de Melo <acme@mandriva.com>");
- MODULE_DESCRIPTION("DCCP - Datagram Congestion Controlled Protocol");
---- a/net/dccp/ipv6.c
-+++ b/net/dccp/ipv6.c
-@@ -1167,8 +1167,8 @@ module_exit(dccp_v6_exit);
-  * values directly, Also cover the case where the protocol is not specified,
-  * i.e. net-pf-PF_INET6-proto-0-type-SOCK_DCCP
-  */
--MODULE_ALIAS_NET_PF_PROTO_TYPE(PF_INET6, 33, 6);
--MODULE_ALIAS_NET_PF_PROTO_TYPE(PF_INET6, 0, 6);
-+/* MODULE_ALIAS_NET_PF_PROTO_TYPE(PF_INET6, 33, 6); */
-+/* MODULE_ALIAS_NET_PF_PROTO_TYPE(PF_INET6, 0, 6); */
- MODULE_LICENSE("GPL");
- MODULE_AUTHOR("Arnaldo Carvalho de Melo <acme@mandriva.com>");
- MODULE_DESCRIPTION("DCCPv6 - Datagram Congestion Controlled Protocol");

debian/patches/debian/export-symbols-needed-by-binder.patch

@@ -1,5 +1,5 @@
 From: Ben Hutchings <ben@decadent.org.uk>
-Date: Mon, 05 Aug 2024 03:26:48 +0200
+Date: Tue, 08 Jul 2025 13:32:21 +0200
 Subject: Export symbols needed by binder
 Bug-Debian: https://bugs.debian.org/901492
 
@@ -10,15 +10,16 @@ and increase security attack surface on systems that don't need it.
 Export the currently un-exported symbols it depends on.
 
 ---
- fs/file.c               | 1 +
- ipc/msgutil.c           | 1 +
- ipc/namespace.c         | 1 +
- kernel/sched/syscalls.c | 1 +
- kernel/sched/wait.c     | 1 +
- kernel/task_work.c      | 1 +
- mm/memory.c             | 1 +
- security/security.c     | 4 ++++
- 8 files changed, 11 insertions(+)
+ fs/file.c               |    1 +
+ ipc/msgutil.c           |    1 +
+ ipc/namespace.c         |    1 +
+ kernel/sched/syscalls.c |    1 +
+ kernel/sched/wait.c     |    1 +
+ kernel/task_work.c      |    1 +
+ mm/list_lru.c           |    2 ++
+ mm/memory.c             |    2 ++
+ security/security.c     |    4 ++++
+ 9 files changed, 14 insertions(+)
 
 --- a/fs/file.c
 +++ b/fs/file.c
@@ -80,6 +81,24 @@ Export the currently un-exported symbols it depends on.
  
  /**
   * task_work_cancel_match - cancel a pending work added by task_work_add()
+--- a/mm/list_lru.c
++++ b/mm/list_lru.c
+@@ -175,6 +175,7 @@ bool list_lru_add(struct list_lru *lru,
+ 	unlock_list_lru(l, false);
+ 	return false;
+ }
++EXPORT_SYMBOL_GPL(list_lru_add);
+ 
+ bool list_lru_add_obj(struct list_lru *lru, struct list_head *item)
+ {
+@@ -212,6 +213,7 @@ bool list_lru_del(struct list_lru *lru,
+ 	unlock_list_lru(l, false);
+ 	return false;
+ }
++EXPORT_SYMBOL_GPL(list_lru_del);
+ 
+ bool list_lru_del_obj(struct list_lru *lru, struct list_head *item)
+ {
 --- a/mm/memory.c
 +++ b/mm/memory.c
 @@ -2020,6 +2020,7 @@ void zap_page_range_single(struct vm_are
@@ -90,6 +109,14 @@ Export the currently un-exported symbols it depends on.
  
  /**
   * zap_vma_ptes - remove ptes mapping the vma
+@@ -6568,6 +6569,7 @@ inval:
+ 	count_vm_vma_lock_event(VMA_LOCK_ABORT);
+ 	return NULL;
+ }
++EXPORT_SYMBOL_GPL(lock_vma_under_rcu);
+ #endif /* CONFIG_PER_VMA_LOCK */
+ 
+ #ifndef __PAGETABLE_P4D_FOLDED
 --- a/security/security.c
 +++ b/security/security.c
 @@ -996,6 +996,7 @@ int security_binder_set_context_mgr(cons

debian/patches/patchset-pf/kbuild/0002-wifi-mac80211-mark-copy_mesh_setup-as-noinline.patch

@@ -24,7 +24,7 @@ Signed-off-by: Oleksandr Natalenko <oleksandr@natalenko.name>
 
 --- a/net/mac80211/cfg.c
 +++ b/net/mac80211/cfg.c
-@@ -2501,7 +2501,7 @@ static inline bool _chg_mesh_attr(enum n
+@@ -2515,7 +2515,7 @@ static inline bool _chg_mesh_attr(enum n
  	return (mask >> (parm-1)) & 0x1;
  }
  

debian/patches/patchset-xanmod/binder/0001-binder-turn-into-module.patch

@@ -185,7 +185,7 @@ Signed-off-by: Alexandre Frade <kernel@xanmod.org>
  	return container_of(ns, struct ipc_namespace, ns);
 --- a/mm/vmalloc.c
 +++ b/mm/vmalloc.c
-@@ -3182,6 +3182,7 @@ struct vm_struct *get_vm_area(unsigned l
+@@ -3190,6 +3190,7 @@ struct vm_struct *get_vm_area(unsigned l
  				  NUMA_NO_NODE, GFP_KERNEL,
  				  __builtin_return_address(0));
  }

debian/patches/patchset-xanmod/xanmod/0007-XANMOD-block-Set-rq_affinity-to-force-complete-I-O-r.patch

@@ -11,7 +11,7 @@ Signed-off-by: Alexandre Frade <kernel@xanmod.org>
 
 --- a/include/linux/blkdev.h
 +++ b/include/linux/blkdev.h
-@@ -647,7 +647,8 @@ enum {
+@@ -652,7 +652,8 @@ enum {
  	QUEUE_FLAG_MAX
  };
  

debian/patches/series

@@ -14,8 +14,8 @@ debian/arch-sh4-fix-uimage-build.patch
 debian/tools-perf-perf-read-vdso-in-libexec.patch
 debian/tools-perf-install-python-bindings.patch
 debian/wireless-add-debian-wireless-regdb-certificates.patch
-debian/export-symbols-needed-by-android-drivers.patch
-debian/android-enable-building-ashmem-and-binder-as-modules.patch
+debian/export-symbols-needed-by-binder.patch
+debian/android-enable-building-binder-as-module.patch
 debian/documentation-drop-sphinx-version-check.patch
 debian/perf-traceevent-support-asciidoctor-for-documentatio.patch
 debian/kbuild-look-for-module.lds-under-arch-directory-too.patch
@@ -34,7 +34,6 @@ bugfix/all/radeon-amdgpu-firmware-is-required-for-drm-and-kms-on-r600-onward.pat
 # Change some defaults for security reasons
 debian/af_802154-Disable-auto-loading-as-mitigation-against.patch
 debian/rds-Disable-auto-loading-as-mitigation-against-local.patch
-debian/dccp-disable-auto-loading-as-mitigation-against-local-exploits.patch
 debian/hamradio-disable-auto-loading-as-mitigation-against-local-exploits.patch
 debian/fs-enable-link-security-restrictions-by-default.patch