update arch patchset

Author: BoukeHaarsma23

linux/0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch

@@ -1,7 +1,7 @@
-From 08fe90ab87115393074127f17be88ff9bfcf304a Mon Sep 17 00:00:00 2001
+From 63373079bd756247f2ea9e3b22baef0b67cfb7dd Mon Sep 17 00:00:00 2001
 From: "Jan Alexander Steffens (heftig)" <jan.steffens@gmail.com>
 Date: Mon, 16 Sep 2019 04:53:20 +0200
-Subject: [PATCH 1/4] ZEN: Add sysctl and CONFIG to disallow unprivileged
+Subject: [PATCH 1/7] ZEN: Add sysctl and CONFIG to disallow unprivileged
  CLONE_NEWUSER
 
 Our default behavior continues to match the vanilla kernel.
@@ -14,7 +14,7 @@ Our default behavior continues to match the vanilla kernel.
  5 files changed, 53 insertions(+)
 
 diff --git a/include/linux/user_namespace.h b/include/linux/user_namespace.h
-index 45f09bec02c4..87b20e2ee274 100644
+index 45f09bec02c48..87b20e2ee2744 100644
 --- a/include/linux/user_namespace.h
 +++ b/include/linux/user_namespace.h
 @@ -148,6 +148,8 @@ static inline void set_userns_rlimit_max(struct user_namespace *ns,
@@ -36,7 +36,7 @@ index 45f09bec02c4..87b20e2ee274 100644
  {
  	return &init_user_ns;
 diff --git a/init/Kconfig b/init/Kconfig
-index 32c24950c4ce..f17ef1360063 100644
+index 32c24950c4ced..f17ef13600635 100644
 --- a/init/Kconfig
 +++ b/init/Kconfig
 @@ -1225,6 +1225,22 @@ config USER_NS
@@ -63,7 +63,7 @@ index 32c24950c4ce..f17ef1360063 100644
  	bool "PID Namespaces"
  	default y
 diff --git a/kernel/fork.c b/kernel/fork.c
-index 41c964104b58..915ad6dae416 100644
+index 8103ffd217e97..f405763e06ae9 100644
 --- a/kernel/fork.c
 +++ b/kernel/fork.c
 @@ -100,6 +100,10 @@
@@ -77,7 +77,7 @@ index 41c964104b58..915ad6dae416 100644
  #include <asm/pgalloc.h>
  #include <linux/uaccess.h>
  #include <asm/mmu_context.h>
-@@ -2266,6 +2270,10 @@ __latent_entropy struct task_struct *copy_process(
+@@ -2267,6 +2271,10 @@ __latent_entropy struct task_struct *copy_process(
  	if ((clone_flags & (CLONE_NEWUSER|CLONE_FS)) == (CLONE_NEWUSER|CLONE_FS))
  		return ERR_PTR(-EINVAL);
 
@@ -88,7 +88,7 @@ index 41c964104b58..915ad6dae416 100644
  	/*
  	 * Thread groups must share signals as well, and detached threads
  	 * can only be started up within the thread group.
-@@ -3419,6 +3427,12 @@ int ksys_unshare(unsigned long unshare_flags)
+@@ -3420,6 +3428,12 @@ int ksys_unshare(unsigned long unshare_flags)
  	if (unshare_flags & CLONE_NEWNS)
  		unshare_flags |= CLONE_FS;
 
@@ -102,7 +102,7 @@ index 41c964104b58..915ad6dae416 100644
  	if (err)
  		goto bad_unshare_out;
 diff --git a/kernel/sysctl.c b/kernel/sysctl.c
-index bfe53e835524..c64fa2b70a78 100644
+index bfe53e8355245..c64fa2b70a78d 100644
 --- a/kernel/sysctl.c
 +++ b/kernel/sysctl.c
 @@ -80,6 +80,9 @@
@@ -132,7 +132,7 @@ index bfe53e835524..c64fa2b70a78 100644
  	{
  		.procname	= "tainted",
 diff --git a/kernel/user_namespace.c b/kernel/user_namespace.c
-index 1d8e47bed3f1..fec01d016a35 100644
+index 1d8e47bed3f11..fec01d016a351 100644
 --- a/kernel/user_namespace.c
 +++ b/kernel/user_namespace.c
 @@ -22,6 +22,13 @@

linux/0001-netfilter-nf_tables-unbind-non-anonymous-set-if-rule.patch

@@ -0,0 +1,32 @@
+From 069e524939a815a637e923d4063e4b0e0f52ea13 Mon Sep 17 00:00:00 2001
+From: Peter Ujfalusi <peter.ujfalusi@linux.intel.com>
+Date: Wed, 17 May 2023 15:29:31 +0300
+Subject: [PATCH 2/7] tpm: tpm_tis: Disable interrupts *only* for AEON UPX-i11
+
+Further restrict with DMI_PRODUCT_VERSION.
+
+Cc: stable@vger.kernel.org # v6.4+
+Link: https://lore.kernel.org/linux-integrity/20230517122931.22385-1-peter.ujfalusi@linux.intel.com/
+Fixes: 95a9359ee22f ("tpm: tpm_tis: Disable interrupts for AEON UPX-i11")
+Signed-off-by: Peter Ujfalusi <peter.ujfalusi@linux.intel.com>
+Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
+Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
+---
+ drivers/char/tpm/tpm_tis.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/drivers/char/tpm/tpm_tis.c b/drivers/char/tpm/tpm_tis.c
+index 7db3593941eaa..9cb4e81fc5486 100644
+--- a/drivers/char/tpm/tpm_tis.c
++++ b/drivers/char/tpm/tpm_tis.c
+@@ -143,6 +143,7 @@ static const struct dmi_system_id tpm_tis_dmi_table[] = {
+ 		.ident = "UPX-TGL",
+ 		.matches = {
+ 			DMI_MATCH(DMI_SYS_VENDOR, "AAEON"),
++			DMI_MATCH(DMI_PRODUCT_VERSION, "UPX-TGL"),
+ 		},
+ 	},
+ 	{}
+-- 
+2.41.0
+

linux/0002-netfilter-nf_tables-unbind-non-anonymous-set-if-rule.patch

@@ -0,0 +1,42 @@
+From 530ad4f3240a3b6e448bd301cc632e7c44cac9b2 Mon Sep 17 00:00:00 2001
+From: Christian Hesse <mail@eworm.de>
+Date: Mon, 10 Jul 2023 23:16:09 +0200
+Subject: [PATCH 3/7] tpm/tpm_tis: Disable interrupts for Framework Laptop
+ Intel 12th gen
+
+This device suffer an irq storm, so add it in tpm_tis_dmi_table to
+force polling.
+
+Cc: stable@vger.kernel.org # v6.4+
+Link: https://community.frame.work/t/boot-and-shutdown-hangs-with-arch-linux-kernel-6-4-1-mainline-and-arch/33118
+Fixes: e644b2f498d2 ("tpm, tpm_tis: Enable interrupt test")
+Reported-by: <roubro1991@gmail.com>
+Closes: https://bugzilla.kernel.org/show_bug.cgi?id=217631
+Signed-off-by: Christian Hesse <mail@eworm.de>
+Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
+---
+ drivers/char/tpm/tpm_tis.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/drivers/char/tpm/tpm_tis.c b/drivers/char/tpm/tpm_tis.c
+index 9cb4e81fc5486..5dd391ed3320e 100644
+--- a/drivers/char/tpm/tpm_tis.c
++++ b/drivers/char/tpm/tpm_tis.c
+@@ -114,6 +114,14 @@ static int tpm_tis_disable_irq(const struct dmi_system_id *d)
+ }
+ 
+ static const struct dmi_system_id tpm_tis_dmi_table[] = {
++	{
++		.callback = tpm_tis_disable_irq,
++		.ident = "Framework Laptop (12th Gen Intel Core)",
++		.matches = {
++			DMI_MATCH(DMI_SYS_VENDOR, "Framework"),
++			DMI_MATCH(DMI_PRODUCT_NAME, "Laptop (12th Gen Intel Core)"),
++		},
++	},
+ 	{
+ 		.callback = tpm_tis_disable_irq,
+ 		.ident = "ThinkPad T490s",
+-- 
+2.41.0
+

linux/0002-tpm-tpm_tis-Disable-interrupts-only-for-AEON-UPX-i11.patch

@@ -0,0 +1,42 @@
+From 07c0bd0d251db0ac13064f46534a22e070a9379f Mon Sep 17 00:00:00 2001
+From: Christian Hesse <mail@eworm.de>
+Date: Mon, 10 Jul 2023 23:16:10 +0200
+Subject: [PATCH 4/7] tpm/tpm_tis: Disable interrupts for Framework Laptop
+ Intel 13th gen
+
+This device suffer an irq storm, so add it in tpm_tis_dmi_table to
+force polling.
+
+Cc: stable@vger.kernel.org # v6.4+
+Link: https://community.frame.work/t/boot-and-shutdown-hangs-with-arch-linux-kernel-6-4-1-mainline-and-arch/33118
+Fixes: e644b2f498d2 ("tpm, tpm_tis: Enable interrupt test")
+Reported-by: <roubro1991@gmail.com>
+Closes: https://bugzilla.kernel.org/show_bug.cgi?id=217631
+Signed-off-by: Christian Hesse <mail@eworm.de>
+Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
+---
+ drivers/char/tpm/tpm_tis.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/drivers/char/tpm/tpm_tis.c b/drivers/char/tpm/tpm_tis.c
+index 5dd391ed3320e..4e4426965cd03 100644
+--- a/drivers/char/tpm/tpm_tis.c
++++ b/drivers/char/tpm/tpm_tis.c
+@@ -122,6 +122,14 @@ static const struct dmi_system_id tpm_tis_dmi_table[] = {
+ 			DMI_MATCH(DMI_PRODUCT_NAME, "Laptop (12th Gen Intel Core)"),
+ 		},
+ 	},
++	{
++		.callback = tpm_tis_disable_irq,
++		.ident = "Framework Laptop (13th Gen Intel Core)",
++		.matches = {
++			DMI_MATCH(DMI_SYS_VENDOR, "Framework"),
++			DMI_MATCH(DMI_PRODUCT_NAME, "Laptop (13th Gen Intel Core)"),
++		},
++	},
+ 	{
+ 		.callback = tpm_tis_disable_irq,
+ 		.ident = "ThinkPad T490s",
+-- 
+2.41.0
+

linux/0003-tpm-tpm_tis-Disable-interrupts-for-Framework-Laptop-.patch

@@ -0,0 +1,42 @@
+From 4abd126fb6e7ed77ee5a286132a5afc133dd24bc Mon Sep 17 00:00:00 2001
+From: Florian Bezdeka <florian@bezdeka.de>
+Date: Tue, 20 Jun 2023 13:11:01 +0200
+Subject: [PATCH 5/7] tpm/tpm_tis: Disable interrupts for Lenovo L590 devices
+
+The Lenovo L590 suffers from an irq storm issue like the T490, T490s
+and P360 Tiny, so add an entry for it to tpm_tis_dmi_table and force
+polling.
+
+Cc: stable@vger.kernel.org # v6.4+
+Link: https://bugzilla.redhat.com/show_bug.cgi?id=2214069#c0
+Fixes: e644b2f498d2 ("tpm, tpm_tis: Enable interrupt test")
+Signed-off-by: Florian Bezdeka <florian@bezdeka.de>
+Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com>
+Reviewed-by: Hans de Goede <hdegoede@redhat.com>
+Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
+---
+ drivers/char/tpm/tpm_tis.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/drivers/char/tpm/tpm_tis.c b/drivers/char/tpm/tpm_tis.c
+index 4e4426965cd03..cc42cf3de960f 100644
+--- a/drivers/char/tpm/tpm_tis.c
++++ b/drivers/char/tpm/tpm_tis.c
+@@ -154,6 +154,14 @@ static const struct dmi_system_id tpm_tis_dmi_table[] = {
+ 			DMI_MATCH(DMI_PRODUCT_VERSION, "ThinkPad L490"),
+ 		},
+ 	},
++	{
++		.callback = tpm_tis_disable_irq,
++		.ident = "ThinkPad L590",
++		.matches = {
++			DMI_MATCH(DMI_SYS_VENDOR, "LENOVO"),
++			DMI_MATCH(DMI_PRODUCT_VERSION, "ThinkPad L590"),
++		},
++	},
+ 	{
+ 		.callback = tpm_tis_disable_irq,
+ 		.ident = "UPX-TGL",
+-- 
+2.41.0
+

linux/0004-tpm-tpm_tis-Disable-interrupts-for-Framework-Laptop-.patch

@@ -0,0 +1,43 @@
+From 5718acc67b7101c5c5d834b4699b58710f619171 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Tomasz=20Mo=C5=84?= <tomasz.mon@nordicsemi.no>
+Date: Thu, 13 Jul 2023 12:25:14 +0200
+Subject: [PATCH 6/7] Bluetooth: btusb: Fix bluetooth on Intel Macbook 2014
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Commit c13380a55522 ("Bluetooth: btusb: Do not require hardcoded
+interface numbers") inadvertedly broke bluetooth on Intel Macbook 2014.
+The intention was to keep behavior intact when BTUSB_IFNUM_2 is set and
+otherwise allow any interface numbers. The problem is that the new logic
+condition omits the case where bInterfaceNumber is 0.
+
+Fix BTUSB_IFNUM_2 handling by allowing both interface number 0 and 2
+when the flag is set.
+
+Fixes: c13380a55522 ("Bluetooth: btusb: Do not require hardcoded interface numbers")
+Reported-by: John Holland <johnbholland@icloud.com>
+Closes: https://bugzilla.kernel.org/show_bug.cgi?id=217651
+Signed-off-by: Tomasz Moń <tomasz.mon@nordicsemi.no>
+Tested-by: John Holland<johnbholland@icloud.com>
+Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
+Cherry-picked-for: https://bugs.archlinux.org/task/78980
+---
+ drivers/bluetooth/btusb.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/drivers/bluetooth/btusb.c b/drivers/bluetooth/btusb.c
+index 2a8e2bb038f58..50e23762ec5e9 100644
+--- a/drivers/bluetooth/btusb.c
++++ b/drivers/bluetooth/btusb.c
+@@ -4099,6 +4099,7 @@ static int btusb_probe(struct usb_interface *intf,
+ 	BT_DBG("intf %p id %p", intf, id);
+ 
+ 	if ((id->driver_info & BTUSB_IFNUM_2) &&
++	    (intf->cur_altsetting->desc.bInterfaceNumber != 0) &&
+ 	    (intf->cur_altsetting->desc.bInterfaceNumber != 2))
+ 		return -ENODEV;
+ 
+-- 
+2.41.0
+

linux/0005-tpm-tpm_tis-Disable-interrupts-for-Lenovo-L590-devic.patch

@@ -35,7 +35,11 @@ source=(
 
   # Arch Linux patches
   0001-ZEN-Add-sysctl-and-CONFIG-to-disallow-unprivileged-C.patch
-  0002-netfilter-nf_tables-unbind-non-anonymous-set-if-rule.patch
+  0002-tpm-tpm_tis-Disable-interrupts-only-for-AEON-UPX-i11.patch
+  0003-tpm-tpm_tis-Disable-interrupts-for-Framework-Laptop-.patch
+  0004-tpm-tpm_tis-Disable-interrupts-for-Framework-Laptop-.patch
+  0005-tpm-tpm_tis-Disable-interrupts-for-Lenovo-L590-devic.patch
+  0006-Bluetooth-btusb-Fix-bluetooth-on-Intel-Macbook-2014.patch
 
   # ChimeraOS specific patches
   # Some patches from TKG Team
@@ -65,8 +69,12 @@ validpgpkeys=(
 )
 b2sums=('1ab6c93da986dac6a07a5e3bc764f9d2a5bb9b8989321244455d894690634ac04364e6a3f960e8674f47ae22fc4ed09b18aa60cbf279636083e61aa6524f8a59'
         '2a44934a12b21f28cbb12dca410d3cca118c906cd94f14865a6243b4497ce4ba4bd07045d37b92b5654909a1d4d1d676f630c96630b2d0b78eb74c0be3a7fcc9'
-        '2ac7ee27dd8171f53b913211a2db5f0106a90c151d33561380bfba1dd24c8b5abdd2f917f1a0b185a2ef6654c61ec6f1e4f7bdb5cdc94c9c936b7847ef60cca8'
-        'dca0be9f3adc515f63721549aa359b40810fe2164157784adb7313ac032f8954ba725e6f6781b44606d0c8377e7fd900da5298a142a09cd8754ac60cf526ed0b'
+        'ad5d71652af8dc9dfa262fd60edb209535f4a1dc4abe64939f1924912b9630251311c84c4868ba4633c02062c3678f1deaebe72b1e227d2187f68ea97bdb4432'
+        '0308340dc1d10e7a00fb4111b3c12d5122552e70e6b029f826352bc5995fa8b925a06f5897bf81ada735fae587e675275e2fe129068d866bc7f69ff3835ebac6'
+        'e57a5bdac4b3b87e780964c90d575178ae4f462a73f5f412b23aecc9dc05ffc9d7acaee288b4cab19a6adbad9b14a37b1212a274ce98a979d6038a010fc11879'
+        '1b70b2c7c2010f898bf3cfdd0db0d5c0942f1754b56f32cadcdda9776b338fc444f6ceaa9a5da130a85df17d446dcb62fd567011ddbc1a47e12979417e4a2b9f'
+        '5027c4f9084393a78f8dbef7d93b48c0d2cf484e04bced4e7359a15dbb40a5b0bc61ca9d424eb320fd2f00d52495c30b0886d891338a744c62cfec0d6c0f9db1'
+        '85ca3c2d0b05ae13b3b526eb23523fa8702a728294af65033e4d1be46d38663800f39bdd7ec7b4fc837836b9150a0c76bfc84d1be59e410ec23570613aad697e'
         'e2e364387efe34a1a392cdf9801b6f164d84de428edd8e43ccb1f12690019078db297b9dcf61a5dd4a83ca40dca8f25d9117e240c1ffd8b969d81e4dc6e972fd'
         '0aabd614b3318880fe940d4f3eb93f8b7f0e91892864f95d5b12eabfce1650ef036bf4e2ccee8b391c8a3cef4ff1ff7661b118a4f72d82214dbf713743809f78'
         '5a578620cc03574218a22c1eebbba91047815f0c7b0b3f2f3d1eb5534aa17254f0ea5f061cadfe7bbe3b32f0a20b2008e28a494cfd7be84600c4b6a89afd6940'