- drop non apparmor patches; ups

diff --git a/0001-Enable-SCSI_CONSTANTS-The-error-messages-regarding-y.patch b/0001-Enable-SCSI_CONSTANTS-The-error-messages-regarding-y.patch
deleted file mode 100644 (file)
index 7b35483..0000000
--- a/0001-Enable-SCSI_CONSTANTS-The-error-messages-regarding-y.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From 3cf99fb519595e3934882ac9ea32409badc6b57a Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Arkadiusz=20Mi=C5=9Bkiewicz?= <arekm@maven.pl>
-Date: Fri, 27 Jun 2014 13:50:25 +0200
-Subject: [PATCH] Enable SCSI_CONSTANTS; The error messages regarding your SCSI
- hardware will be easier to understand if you say Y here.
-
----
- kernel-multiarch.config | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/kernel-multiarch.config b/kernel-multiarch.config
-index ea15c17..8aee3c6 100644
---- a/kernel-multiarch.config
-+++ b/kernel-multiarch.config
-@@ -4513,7 +4513,7 @@ CHR_DEV_SG all=m
- CHR_DEV_SCH all=m
- SCSI_ENCLOSURE all=m
- SCSI_MULTI_LUN all=y
--SCSI_CONSTANTS all=n
-+SCSI_CONSTANTS all=y
- SCSI_LOGGING all=y
- SCSI_SCAN_ASYNC all=y
- SCSI_WAIT_SCAN all=m
--- 
-2.0.0
-

diff --git a/0001-UBUNTU-SAUCE-efi-lockdown-MODSIGN-Fix-module-signatu.patch b/0001-UBUNTU-SAUCE-efi-lockdown-MODSIGN-Fix-module-signatu.patch
deleted file mode 100644 (file)
index 6401a55..0000000
--- a/0001-UBUNTU-SAUCE-efi-lockdown-MODSIGN-Fix-module-signatu.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-From 00c72bc198aa85e5da02de2c0c4cc423c82a54f1 Mon Sep 17 00:00:00 2001
-From: Fedora Kernel Team <kernel-team@fedoraproject.org>
-Date: Thu, 3 Aug 2017 13:46:51 -0500
-Subject: [PATCH 01/17] UBUNTU: SAUCE: (efi-lockdown) MODSIGN: Fix module
- signature verification
-
-BugLink: http://bugs.launchpad.net/bugs/1712168
-
-Currently mod_verify_sig() calls verify_pkcs_7_signature() with
-trusted_keys=NULL, which causes only the builtin keys to be used
-to verify the signature. This breaks self-signing of modules with
-a MOK, as the MOK is loaded into the secondary trusted keyring.
-Fix this by passing the spacial value trusted_keys=(void *)1UL,
-which tells verify_pkcs_7_signature() to use the secondary
-keyring instead.
-
-(cherry picked from commit cff4523d65b848f9c41c9e998a735ae2a820da2d
- git://git.kernel.org/pub/scm/linux/kernel/git/jwboyer/fedora.git)
-[ saf: Taken from fedora commit without authorship information or much
-  of a commit message; modified so that commit will describe the
-  problem being fixed. ]
-Signed-off-by: Seth Forshee <seth.forshee@canonical.com>
----
- kernel/module_signing.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/kernel/module_signing.c b/kernel/module_signing.c
-index 937c844bee4a..d3d6f95a96b4 100644
---- a/kernel/module_signing.c
-+++ b/kernel/module_signing.c
-@@ -81,6 +81,6 @@ int mod_verify_sig(const void *mod, unsigned long *_modlen)
-       }
- 
-       return verify_pkcs7_signature(mod, modlen, mod + modlen, sig_len,
--                                    NULL, VERIFYING_MODULE_SIGNATURE,
-+                                    (void *)1UL, VERIFYING_MODULE_SIGNATURE,
-                                     NULL, NULL);
- }
--- 
-2.11.0
-

diff --git a/kernel.spec b/kernel.spec
index 8da51bfea387ec03aae782045e0545183559bc08..21ff0d186595ab17a10365cda14e0b7e3a4b1c70 100644 (file)
--- a/kernel.spec
+++ b/kernel.spec
@@ -219,7 +219,6 @@ Patch2001:  kernel-pwc-uncompress.patch
 Patch2003:     kernel-regressions.patch
 
 # http://bazaar.launchpad.net/~apparmor-dev/apparmor/master/files/head:/kernel-patches/v4.13/
-Patch5000:     0001-UBUNTU-SAUCE-efi-lockdown-MODSIGN-Fix-module-signatu.patch
 Patch5001:     0002-apparmor-Fix-shadowed-local-variable-in-unpack_trans.patch
 Patch5002:     0003-apparmor-Fix-logical-error-in-verify_header.patch
 Patch5003:     0004-apparmor-Fix-an-error-code-in-aafs_create.patch
@@ -706,7 +705,6 @@ rm -f localversion-rt
 
 # apparmor
 %if %{with apparmor}
-%patch5000 -p1
 %patch5001 -p1
 %patch5002 -p1
 %patch5003 -p1