Package: release.debian.org Severity: normal Tags: jessie User: release.debian....@packages.debian.org Usertags: pu
For meltdown/spectre mitigation, we need to update to a new upstream version of the proprietary nvidia driver. Packaging diff attached. This includes several improvements as well that are needed to keep the packaging between the different driver versions in sync. As usual the Debian revision is -1 instead of -0+deb8u1 to avoid version number explosion in nvidia-graphics-modules. This driver version is available in sid in the nvidia-graphics-drivers-legacy-340xx package (which will get a separate update request for stretch). A corresponding nvidia-graphics-drivers update for stretch is still being prepared, since it involves several packages to be updated because of a change of the major version: 375 -> 384. Andreas
Index: debian/README.source =================================================================== --- debian/README.source (.../tags/340.102-1) (revision 7819) +++ debian/README.source (.../branches/340) (revision 7819) @@ -1,3 +1,17 @@ +Building "bleeding edge" from SVN for users + + As new upstream versions of the proprietary driver are released, upload + might not happen immediately. This might be for various reasons, including + waiting for new binary packages to clear the NEW queue. + Users wishing to try to build new version locally can follow the + instructions on the Debian wiki: + + https://wiki.debian.org/NvidiaGraphicsDrivers#Building_newer_releases_from_SVN + + WARNING: these will most likely be work in progress, and the final upload + may be different and may not support clean upgrades from/to the versions + uploaded in the archive. + Importing a New Upstream Release The *.orig.tar.gz file for nvidia-graphics-drivers contains just a Index: debian/nvidia-kernel-source.README.Debian.in =================================================================== --- debian/nvidia-kernel-source.README.Debian.in (.../tags/340.102-1) (revision 7819) +++ debian/nvidia-kernel-source.README.Debian.in (.../branches/340) (revision 7819) @@ -178,7 +178,7 @@ For any news on this package check -http://bugs.debian.org/#NVIDIA#-kernel-source +https://bugs.debian.org/#NVIDIA#-kernel-source -- Russ Allbery <r...@debian.org>, Sat, 25 Sep 2010 23:30:28 -0700 Index: debian/build-module-packages.sh.in =================================================================== --- debian/build-module-packages.sh.in (.../tags/340.102-1) (revision 7819) +++ debian/build-module-packages.sh.in (.../branches/340) (revision 7819) @@ -4,16 +4,32 @@ cd /usr/src -kernels="$(ls -d1 /lib/modules/*/build 2>/dev/null | cut -d/ -f4)" +kernels= +slenrek= +failed= +for k in $(ls -dvr1 /lib/modules/*/build 2>/dev/null | cut -d/ -f4) ; do + case $k in + *) + kernels="$kernels $k" + slenrek="$k $slenrek" + ;; + esac +done modules=#NVIDIA#-kernel module-assistant clean $modules -module-assistant build --text-mode --force --kvers-list "$kernels" $modules +for k in $kernels ; do + module-assistant build --text-mode --force --kvers-list "$k" $modules || failed="$failed $k" +done -ls -l *.deb +ls -l *.deb || true for m in $modules ; do - for k in $kernels ; do + for k in $slenrek ; do echo "* ${m} ${k}:" - ls -l ${m}-${k}_*.deb + ls -l ${m}-${k}_*.deb || true done done + +for k in $failed ; do + echo "$modules MODULE BUILD FAILED FOR $k" +done Index: debian/libnvidia-ml1.lintian-overrides =================================================================== --- debian/libnvidia-ml1.lintian-overrides (.../tags/340.102-1) (revision 7819) +++ debian/libnvidia-ml1.lintian-overrides (.../branches/340) (revision 7819) @@ -1,6 +1,7 @@ # The NVIDIA license does not allow any form of modification. [i386 armhf]: binary-file-built-without-LFS-support [i386]: shlib-with-non-pic-code +[amd64 i386]: spelling-error-in-binary hardening-no-bindnow hardening-no-fortify-functions hardening-no-relro Index: debian/nvidia-libopencl1.lintian-overrides =================================================================== --- debian/nvidia-libopencl1.lintian-overrides (.../tags/340.102-1) (revision 7819) +++ debian/nvidia-libopencl1.lintian-overrides (.../branches/340) (revision 7819) @@ -11,7 +11,7 @@ # The free libOpenCL.so.1 library is preferred. symbols-declares-dependency-on-other-package ocl-icd-libopencl1 -symbols-declares-dependency-on-other-package ocl-icd-libopencl1 (>= 1.0) +symbols-declares-dependency-on-other-package ocl-icd-libopencl1 (>= *) # Package built with debhelper/jessie but checked with lintian/sid. maintscript-calls-ldconfig Index: debian/copyright =================================================================== --- debian/copyright (.../tags/340.102-1) (revision 7819) +++ debian/copyright (.../branches/340) (revision 7819) @@ -1,9 +1,10 @@ -Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ +Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ Upstream-Name: NVIDIA Linux Display Drivers Upstream-Contact: NVIDIA Corporation <linux-b...@nvidia.com> Source: - ftp://download.nvidia.com/XFree86/Linux-x86/ - ftp://download.nvidia.com/XFree86/Linux-x86_64/ + https://download.nvidia.com/XFree86/Linux-x86/ + https://download.nvidia.com/XFree86/Linux-x86_64/ + https://download.nvidia.com/XFree86/Linux-32bit-ARM/ Disclaimer: This package is not part of the GNU/Linux Debian distribution. It is provided in the non-free archive area as a convenience to Debian users. @@ -18,8 +19,9 @@ Files: debian/* Copyright: 2001-2010 Randall Donald <rdon...@debian.org> - 2009-2017 Andreas Beckmann <a...@debian.org> - 2010 Russ Allbery <r...@debian.org> + 2009-2018 Andreas Beckmann <a...@debian.org> + 2010 Russ Allbery <r...@debian.org> + 2015-2018 Luca Boccassi <bl...@debian.org> Based on packages by Christopher Cheney. License: GPL-2.0+ @@ -51,7 +53,7 @@ GNU General Public License for more details. . You should have received a copy of the GNU General Public License - along with this program. If not, see <http://www.gnu.org/licenses/> + along with this program. If not, see <https://www.gnu.org/licenses/> . On Debian systems, the complete text of the GNU General Public License version 2 can be found in "/usr/share/common-licenses/GPL-2". Index: debian/rules.defs =================================================================== --- debian/rules.defs (.../tags/340.102-1) (revision 7819) +++ debian/rules.defs (.../branches/340) (revision 7819) @@ -6,7 +6,7 @@ XORG_ABI_LIST = 23 20 19 18 15 14 13 12 11 10 8 6.0 XORG_BOUND = (<< 2:1.19.99) -LINUX_KMOD_TESTED = 4.10 +LINUX_KMOD_TESTED = 4.15 LINUX_KMOD_TESTED_amd64 = LINUX_KMOD_TESTED_i386 = LINUX_KMOD_TESTED_armhf = @@ -23,7 +23,7 @@ NVIDIA_FILENAME_amd64 = ${NVIDIA_DIRNAME_amd64}.run NVIDIA_FILENAME_armhf = ${NVIDIA_DIRNAME_armhf}.run -HTTPURL_PREFIX = http://http.download.nvidia.com/XFree86 +HTTPURL_PREFIX = https://http.download.nvidia.com/XFree86 HTTPURL_ARCHDIR_i386 = Linux-x86 HTTPURL_ARCHDIR_amd64 = Linux-x86_64 HTTPURL_ARCHDIR_armhf = Linux-32bit-ARM Index: debian/watch.in =================================================================== --- debian/watch.in (.../tags/340.102-1) (revision 7819) +++ debian/watch.in (.../branches/340) (revision 7819) @@ -2,6 +2,6 @@ # ftp://download.nvidia.com/XFree86/Linux-x86_64/256.29/NVIDIA-Linux-x86_64-256.29.run # ftp://download.nvidia.com/XFree86/Linux-32bit-ARM/319.32/NVIDIA-Linux-armv7l-gnueabihf-319.32.run version=3 -ftp://download.nvidia.com/XFree86/Linux-x86/(#WATCH_PATTERN#)/NVIDIA-Linux-x86-([\d\.\-]+)(?:-pkg0)?\.run -ftp://download.nvidia.com/XFree86/Linux-x86_64/(#WATCH_PATTERN#)/NVIDIA-Linux-x86_64-([\d\.\-]+)(?:-pkg2)?\.run -ftp://download.nvidia.com/XFree86/Linux-32bit-ARM/(#WATCH_PATTERN#)/NVIDIA-Linux-armv7l-gnueabihf-([\d\.\-]+).run +https://download.nvidia.com/XFree86/Linux-x86/(#WATCH_PATTERN#)/NVIDIA-Linux-x86-([\d\.\-]+)(?:-pkg0)?\.run +https://download.nvidia.com/XFree86/Linux-x86_64/(#WATCH_PATTERN#)/NVIDIA-Linux-x86_64-([\d\.\-]+)(?:-pkg2)?\.run +https://download.nvidia.com/XFree86/Linux-32bit-ARM/(#WATCH_PATTERN#)/NVIDIA-Linux-armv7l-gnueabihf-([\d\.\-]+).run Index: debian/po/es.po =================================================================== --- debian/po/es.po (.../tags/340.102-1) (revision 7819) +++ debian/po/es.po (.../branches/340) (revision 7819) @@ -19,13 +19,13 @@ # los siguientes documentos: # # - El proyecto de traducción de Debian al español -# http://www.debian.org/intl/spanish/ +# https://www.debian.org/intl/spanish/ # especialmente las notas y normas de traducción en -# http://www.debian.org/intl/spanish/notas +# https://www.debian.org/intl/spanish/notas # # - La guía de traducción de po's de debconf: # /usr/share/doc/po-debconf/README-trans -# o http://www.debian.org/intl/l10n/po-debconf/README-trans +# o https://www.debian.org/intl/l10n/po-debconf/README-trans # # Si tiene dudas o consultas sobre esta traducción consulte con el último # traductor (campo Last-Translator) y ponga en copia a la lista de Index: debian/control =================================================================== --- debian/control (.../tags/340.102-1) (revision 7819) +++ debian/control (.../branches/340) (revision 7819) @@ -4,10 +4,9 @@ Priority: optional Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-de...@lists.alioth.debian.org> Uploaders: - Russ Allbery <r...@debian.org>, Andreas Beckmann <a...@debian.org>, Vincent Cheng <vch...@debian.org>, - Luca Boccassi <luca.bocca...@gmail.com>, + Luca Boccassi <bl...@debian.org>, Vcs-Svn: svn://anonscm.debian.org/pkg-nvidia/packages/nvidia-graphics-drivers/trunk Vcs-Browser: https://anonscm.debian.org/viewvc/pkg-nvidia/packages/nvidia-graphics-drivers/ Build-Depends: @@ -19,7 +18,7 @@ quilt, po-debconf, Standards-Version: 3.9.8 -Homepage: http://www.nvidia.com +Homepage: https://www.nvidia.com XS-Autobuild: yes #Package: ${nvidia}-driver @@ -510,7 +509,7 @@ libcuda-6.0-1-i386 [i386], libcuda-6.5-1, libcuda-6.5-1-i386 [i386], -Homepage: http://www.nvidia.com/CUDA +Homepage: https://www.nvidia.com/CUDA Description: NVIDIA CUDA Driver Library${nvidia:LegacyDesc} The Compute Unified Device Architecture (CUDA) enables NVIDIA graphics processing units (GPUs) to be used for massively parallel @@ -637,7 +636,7 @@ ${shlibs:Depends}, ${misc:Depends} Breaks: ${nvidia}-smi (<< ${nvidia:Version}), -Homepage: http://developer.nvidia.com/nvidia-management-library-NVML +Homepage: https://developer.nvidia.com/nvidia-management-library-NVML Description: NVIDIA Management Library (NVML) runtime library${nvidia:LegacyDesc} The NVIDIA Management Library (NVML) provides a monitoring and management API. It provides a direct access to the queries and commands exposed via nvidia-smi. @@ -687,7 +686,7 @@ CPUs, GPUs and other processors. . This package provides the NVIDIA installable client driver (ICD) for OpenCL - which supports NVIDIA GPUs. + which supports NVIDIA GPUs. This ICD supports OpenCL 1.x only. . The ${libcuda1} package may be required additionally to get a working OpenCL setup for NVIDIA GPUs. Index: debian/module/debian/patches/vmf-address.patch =================================================================== --- debian/module/debian/patches/vmf-address.patch (.../tags/340.102-1) (revision 7819) +++ debian/module/debian/patches/vmf-address.patch (.../branches/340) (revision 7819) @@ -1,19 +0,0 @@ -Author: Luca Boccassi <luca.bocca...@gmail.com> -Description: Fix kernel module build on 4.10 and greater - From kernel 4.10 and newer (commit 1a29d85eb0f19) virtual_address is no longer - available as a member of struct vm_fault. Use the address member as suggested - by the changelog. ---- a/uvm/nvidia_uvm_lite.c -+++ b/uvm/nvidia_uvm_lite.c -@@ -820,7 +820,11 @@ - #if defined(NV_VM_OPERATIONS_STRUCT_HAS_FAULT) - int _fault(struct vm_area_struct *vma, struct vm_fault *vmf) - { -+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 10, 0) - unsigned long vaddr = (unsigned long)vmf->virtual_address; -+#else -+ unsigned long vaddr = vmf->address; -+#endif - struct page *page = NULL; - int retval; - Index: debian/module/debian/patches/drm-driver-legacy.patch =================================================================== --- debian/module/debian/patches/drm-driver-legacy.patch (.../tags/340.102-1) (revision 7819) +++ debian/module/debian/patches/drm-driver-legacy.patch (.../branches/340) (revision 7819) @@ -1,20 +0,0 @@ -Author: Luca Boccassi <luca.bocca...@gmail.com> -Description: Fix kernel module load on 4.9 and greater - From kernel 4.9 and newer (commit fa5386459f06) non-modesetting drivers have - to use the DRM flag DRIVER_LEGACY. Without this flag the kernel module does - not load correctly. - ---- a/nv-drm.c -+++ b/nv-drm.c -@@ -115,7 +115,11 @@ - }; - - static struct drm_driver nv_drm_driver = { -+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 9, 0) - .driver_features = DRIVER_GEM | DRIVER_PRIME, -+#else -+ .driver_features = DRIVER_GEM | DRIVER_PRIME | DRIVER_LEGACY, -+#endif - .load = nv_drm_load, - .unload = nv_drm_unload, - .fops = &nv_drm_fops, Index: debian/module/debian/patches/deprecated-cpu-events.patch =================================================================== --- debian/module/debian/patches/deprecated-cpu-events.patch (.../tags/340.102-1) (revision 7819) +++ debian/module/debian/patches/deprecated-cpu-events.patch (.../branches/340) (revision 7819) @@ -1,49 +0,0 @@ -Author: Luca Boccassi <luca.bocca...@gmail.com> -Description: Fix kernel module build on 4.10 and greater - From kernel 4.10 and newer (commit 530e9b76ae8f8) CPU_DOWN_FAILED and - CPU_DOWN_PREPARE are no longer available as events, together with their - callback registers. ---- a/nv-pat.c -+++ b/nv-pat.c -@@ -210,19 +210,23 @@ - - switch (action) - { -+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 10, 0) - case CPU_DOWN_FAILED: -+#endif - case CPU_ONLINE: - if (cpu == (NvUPtr)hcpu) - nv_setup_pat_entries(NULL); - else - NV_SMP_CALL_FUNCTION(nv_setup_pat_entries, hcpu, 1); - break; -+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 10, 0) - case CPU_DOWN_PREPARE: - if (cpu == (NvUPtr)hcpu) - nv_restore_pat_entries(NULL); - else - NV_SMP_CALL_FUNCTION(nv_restore_pat_entries, hcpu, 1); - break; -+#endif - } - - put_cpu(); -@@ -252,7 +256,7 @@ - if (!disable_pat) - { - nv_enable_pat_support(); --#if defined(NV_ENABLE_PAT_SUPPORT) && defined(NV_ENABLE_HOTPLUG_CPU) -+#if defined(NV_ENABLE_PAT_SUPPORT) && defined(NV_ENABLE_HOTPLUG_CPU) && LINUX_VERSION_CODE < KERNEL_VERSION(4, 10, 0) - if (nv_pat_mode == NV_PAT_MODE_BUILTIN) - { - if (register_hotcpu_notifier(&nv_hotcpu_nfb) != 0) -@@ -279,7 +283,7 @@ - if (nv_pat_mode == NV_PAT_MODE_BUILTIN) - { - nv_disable_pat_support(); --#if defined(NV_ENABLE_PAT_SUPPORT) && defined(NV_ENABLE_HOTPLUG_CPU) -+#if defined(NV_ENABLE_PAT_SUPPORT) && defined(NV_ENABLE_HOTPLUG_CPU) && LINUX_VERSION_CODE < KERNEL_VERSION(4, 10, 0) - unregister_hotcpu_notifier(&nv_hotcpu_nfb); - #endif - } Index: debian/module/debian/patches/avoid-ld.gold.patch =================================================================== --- debian/module/debian/patches/avoid-ld.gold.patch (.../tags/340.102-1) (revision 7819) +++ debian/module/debian/patches/avoid-ld.gold.patch (.../branches/340) (revision 7819) @@ -4,7 +4,7 @@ problems with the nvidia kernel module. Therefore explicitly link with ld.bfd. This patch is not compatible with lenny which does neither have ld.bfd nor ld.gold, but we are not supporting lenny backports anyway. -Bug-Debian: http://bugs.debian.org/626279 +Bug-Debian: https://bugs.debian.org/626279 --- a/nvidia-modules-common.mk +++ b/nvidia-modules-common.mk Index: debian/module/debian/patches/vm-fault.patch =================================================================== --- debian/module/debian/patches/vm-fault.patch (.../tags/340.102-1) (revision 0) +++ debian/module/debian/patches/vm-fault.patch (.../branches/340) (revision 7819) @@ -0,0 +1,69 @@ +Author: Luca Boccassi <luca.bocca...@gmail.com> +Description: Fix kernel module load on 4.11 and greater + From kernel 4.11 and newer (11bac80004) the vm_area_struct member was removed + from the fault callback signature, as it is already contained in struct + vm_fault. +--- a/uvm/nvidia_uvm_lite.c ++++ b/uvm/nvidia_uvm_lite.c +@@ -30,6 +30,8 @@ + #include "nvidia_uvm_lite_counters.h" + #include "ctrl2080mc.h" + ++#include <linux/version.h> ++ + // + // nvidia_uvm_lite.c + // This file contains code that is specific to the UVM-Lite mode of operation. +@@ -689,9 +691,16 @@ + // return SIGBUS. + // 3. Otherwise, map in a page from the cache, and allow access. + // ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 11, 0) ++int _fault_common(struct vm_fault *vmf, unsigned long vaddr, ++#else + int _fault_common(struct vm_area_struct *vma, unsigned long vaddr, ++#endif + struct page **ppage, unsigned vmfFlags) + { ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 11, 0) ++ struct vm_area_struct *vma = vmf->vma; ++#endif + int retValue = VM_FAULT_SIGBUS; + UvmCommitRecord *pRecord; + DriverPrivate *pPriv; +@@ -818,7 +827,11 @@ + } + + #if defined(NV_VM_OPERATIONS_STRUCT_HAS_FAULT) ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 11, 0) ++int _fault(struct vm_fault *vmf) ++#else + int _fault(struct vm_area_struct *vma, struct vm_fault *vmf) ++#endif + { + #if defined(NV_VM_FAULT_HAS_ADDRESS) + unsigned long vaddr = vmf->address; +@@ -828,7 +841,11 @@ + struct page *page = NULL; + int retval; + ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 11, 0) ++ retval = _fault_common(vmf, vaddr, &page, vmf->flags); ++#else + retval = _fault_common(vma, vaddr, &page, vmf->flags); ++#endif + + vmf->page = page; + +@@ -866,7 +883,11 @@ + // it's dealing with anonymous mapping (see handle_pte_fault). + // + #if defined(NV_VM_OPERATIONS_STRUCT_HAS_FAULT) ++#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 11, 0) ++int _sigbus_fault(struct vm_fault *vmf) ++#else + int _sigbus_fault(struct vm_area_struct *vma, struct vm_fault *vmf) ++#endif + { + vmf->page = NULL; + return VM_FAULT_SIGBUS; Index: debian/module/debian/patches/series.in =================================================================== --- debian/module/debian/patches/series.in (.../tags/340.102-1) (revision 7819) +++ debian/module/debian/patches/series.in (.../branches/340) (revision 7819) @@ -1,8 +1,6 @@ # kernel support -drm-driver-legacy.patch unregister_procfs_on_failure.patch -deprecated-cpu-events.patch -vmf-address.patch +vm-fault.patch # build system updates separate-makefile-kbuild.patch Index: debian/module/debian/README.Debian =================================================================== --- debian/module/debian/README.Debian (.../tags/340.102-1) (revision 7819) +++ debian/module/debian/README.Debian (.../branches/340) (revision 7819) @@ -4,9 +4,9 @@ Please report any actual driver related bugs (not packaging related) to NVIDIA directly. -Please check http://www.nvidia.com/object/linux.html +Please check https://www.nvidia.com/object/linux.html and -http://www.nvnews.net/vbulletin/forumdisplay.php?s=&forumid=14 +https://devtalk.nvidia.com/default/board/98/linux/ for known bugs. -- Randall Donald <rdon...@debian.org>, Tue, 12 Jul 2005 23:30:00 -0700 Index: debian/module/debian/control.template.in =================================================================== --- debian/module/debian/control.template.in (.../tags/340.102-1) (revision 7819) +++ debian/module/debian/control.template.in (.../branches/340) (revision 7819) @@ -4,7 +4,7 @@ Maintainer: Debian NVIDIA Maintainers <pkg-nvidia-de...@lists.alioth.debian.org> Build-Depends: debhelper (>= 9), quilt Standards-Version: 3.9.8 -Homepage: http://www.nvidia.com/ +Homepage: https://www.nvidia.com/ Package: #NVIDIA#-kernel-#KVERS# Architecture: #ARCH_LIST# Index: debian/libegl1-nvidia.lintian-overrides.in =================================================================== --- debian/libegl1-nvidia.lintian-overrides.in (.../tags/340.102-1) (revision 7819) +++ debian/libegl1-nvidia.lintian-overrides.in (.../branches/340) (revision 7819) @@ -1,5 +1,6 @@ # The NVIDIA license does not allow any form of modification. [!amd64]: binary-file-built-without-LFS-support +[armhf]: spelling-error-in-binary hardening-no-bindnow hardening-no-fortify-functions hardening-no-relro Index: debian/watch =================================================================== --- debian/watch (.../tags/340.102-1) (revision 7819) +++ debian/watch (.../branches/340) (revision 7819) @@ -2,6 +2,6 @@ # ftp://download.nvidia.com/XFree86/Linux-x86_64/256.29/NVIDIA-Linux-x86_64-256.29.run # ftp://download.nvidia.com/XFree86/Linux-32bit-ARM/319.32/NVIDIA-Linux-armv7l-gnueabihf-319.32.run version=3 -ftp://download.nvidia.com/XFree86/Linux-x86/(340(?:\.[\d\.\-]+)?)/NVIDIA-Linux-x86-([\d\.\-]+)(?:-pkg0)?\.run -ftp://download.nvidia.com/XFree86/Linux-x86_64/(340(?:\.[\d\.\-]+)?)/NVIDIA-Linux-x86_64-([\d\.\-]+)(?:-pkg2)?\.run -ftp://download.nvidia.com/XFree86/Linux-32bit-ARM/(340(?:\.[\d\.\-]+)?)/NVIDIA-Linux-armv7l-gnueabihf-([\d\.\-]+).run +https://download.nvidia.com/XFree86/Linux-x86/(340(?:\.[\d\.\-]+)?)/NVIDIA-Linux-x86-([\d\.\-]+)(?:-pkg0)?\.run +https://download.nvidia.com/XFree86/Linux-x86_64/(340(?:\.[\d\.\-]+)?)/NVIDIA-Linux-x86_64-([\d\.\-]+)(?:-pkg2)?\.run +https://download.nvidia.com/XFree86/Linux-32bit-ARM/(340(?:\.[\d\.\-]+)?)/NVIDIA-Linux-armv7l-gnueabihf-([\d\.\-]+).run Index: debian/nvidia-driver-bin.lintian-overrides.in =================================================================== --- debian/nvidia-driver-bin.lintian-overrides.in (.../tags/340.102-1) (revision 7819) +++ debian/nvidia-driver-bin.lintian-overrides.in (.../branches/340) (revision 7819) @@ -1,6 +1,7 @@ # The NVIDIA license does not allow any form of modification. [!amd64]: binary-file-built-without-LFS-support embedded-library usr/lib/#PRIVATE#/nvidia-debugdump: zlib +[armhf]: spelling-error-in-binary hardening-no-bindnow hardening-no-fortify-functions hardening-no-pie Index: debian/nvidia-driver.README.Debian.in =================================================================== --- debian/nvidia-driver.README.Debian.in (.../tags/340.102-1) (revision 7819) +++ debian/nvidia-driver.README.Debian.in (.../branches/340) (revision 7819) @@ -9,7 +9,7 @@ X Server and GL libraries of the NVIDIA driver offering. For any news on this package check -http://bugs.debian.org/#NVIDIA#-driver +https://bugs.debian.org/#NVIDIA#-driver NOTES ABOUT GLX DRIVER AND OPENGL: @@ -57,7 +57,7 @@ If you see this error in /var/log/Xorg.0.log, please ensure that the versions of linux-image-* and the corresponding linux-headers-* are identical up to the last digit. Rebuild the module for this exactly matching kernel+header -pair and reboot. See http://bugs.debian.org/642497 for details. +pair and reboot. See https://bugs.debian.org/642497 for details. NOTES ABOUT XEN: @@ -67,7 +67,7 @@ linux-image-*-xen-*) running under the Xen hypervisor (xen-hypervisor-*). It does work however if this kernel is running standalone. Xen is currently not supported by NVIDIA. For more information, please -see http://bugs.debian.org/570365 +see https://bugs.debian.org/570365 If you manage to get the NVIDIA driver to function properly when running under the Xen hypervisor (e.g. by using a custom kernel configuration or Index: debian/changelog =================================================================== --- debian/changelog (.../tags/340.102-1) (revision 7819) +++ debian/changelog (.../branches/340) (revision 7819) @@ -1,3 +1,38 @@ +nvidia-graphics-drivers (340.106-1) jessie; urgency=medium + + * New upstream legacy 340xx branch release 340.106 (2018-01-16). + * Fixed CVE-2017-5753, CVE-2017-5715 (spectre), CVE-2017-5754 (meltdown). + https://nvidia.custhelp.com/app/answers/detail/a_id/4611 + (Closes: #886852) + * Improved compatibility with recent Linux kernels. + + [ Andreas Beckmann ] + * build-module-packages.sh: Order kernels by descending version (375.82-2). + * Switch watch URL from ftp:// to https:// (375.82-1). + * bug-control: Add arch qualification to M-A:same packages in report-with + list otherwise reportbug will ignore them if more than one is installed + (375.82-5). + * Use https:// URLs where possible (375.82-8). + * Upload to jessie. + + [ Luca Boccassi ] + * Switch to my debian.org email address in Uploaders. + * Drop drm-driver-legacy.patch, deprecated-cpu-events.patch and + vmf-address.patch, fixed upstream. + * Add vm-fault.patch to fix kernel module build on Linux 4.11 and newer. + + [ Russ Allbery ] + * Remove myself from Uploaders. + + -- Luca Boccassi <bl...@debian.org> Tue, 16 Jan 2018 21:08:01 +0000 + +nvidia-graphics-drivers (340.104-1) UNRELEASED; urgency=medium + + * New upstream legacy 340xx branch release 340.104 (2017-09-19). + * Improved compatibility with recent Linux kernels. + + -- Andreas Beckmann <a...@debian.org> Wed, 11 Oct 2017 03:02:32 +0200 + nvidia-graphics-drivers (340.102-1) jessie; urgency=medium * New upstream legacy 340xx branch release 340.102 (2017-02-14). @@ -3,4 +38,5 @@ * Fixed CVE-2017-0309, CVE-2017-0310, CVE-2017-0311, CVE-2017-0318, CVE-2017-0321. (Closes: #855277) + https://nvidia.custhelp.com/app/answers/detail/a_id/4398 [ Andreas Beckmann ] @@ -19,9 +55,11 @@ * New upstream legacy 340xx branch release 340.101 (2016-12-14). * Fixed CVE-2016-8826. (Closes: #848195) + https://nvidia.custhelp.com/app/answers/detail/a_id/4278 * Improved compatibility with recent Linux kernels. * New upstream legacy 340xx branch release 340.98 (2016-09-26). * Fixed CVE-2016-7382, CVE-2016-7389. (Closes: #846331) + https://nvidia.custhelp.com/app/answers/detail/a_id/4246 - Added support for the screen_info.ext_lfb_base field, on kernels that have it, in order to properly handle UEFI framebuffer consoles with physical addresses above 4GB. @@ -100,6 +138,7 @@ * New upstream legacy 340xx branch release 340.96 (2015-11-16). * Fixed CVE-2015-7869: Unsanitized User Mode Input. (Closes: #805917) + https://nvidia.custhelp.com/app/answers/detail/a_id/3808 * Improved compatibility with recent Linux kernels. [ Andreas Beckmann ] @@ -124,6 +163,7 @@ * New upstream legacy 340xx branch release 340.93 (2015-09-02). * Fixed CVE-2015-5950: Memory corruption due to an unsanitized pointer. + https://nvidia.custhelp.com/app/answers/detail/a_id/3763 (Closes: #800566) - Fixed a bug that caused the X server to crash if an OpenGL application tried to allocate a drawable when GPU-accessible memory is exhausted. @@ -250,6 +290,7 @@ * New upstream legacy 340xx branch release 340.65 (2014-12-08). * Fixes CVE-2014-8298. (Closes: #772971) + https://nvidia.custhelp.com/app/answers/detail/a_id/3610 - Fixed a bug that prevented internal 4K panels on some laptops from being driven at a sufficient bandwidth to support their native resolutions. - Fixed a regression that prevented the NVIDIA kernel module from loading @@ -483,7 +524,7 @@ system configurations that disallow writing to executable memory. - Added initial support for G-SYNC monitors. Additional details and system requirements can be found at: - http://www.geforce.com/hardware/technology/g-sync + https://www.geforce.com/hardware/technology/g-sync - Improved support for running the NVIDIA driver in configurations where writing to executable memory is disallowed. Driver optimizations that require writing to executable memory can be forcefully disabled using the @@ -549,7 +590,7 @@ GeForce 845M, GeForce GTX 850M. - Renamed the RandR output property _GUID to GUID now that it is an official property documented in randrproto.txt: - http://cgit.freedesktop.org/xorg/proto/randrproto/commit/?id=19fc4c5a72eb9919d720ad66734029d9f8e313b1 + https://cgit.freedesktop.org/xorg/proto/randrproto/commit/?id=19fc4c5a72eb9919d720ad66734029d9f8e313b1 - Reduced CPU utilization and GPU memory utilization of the NVIDIA EGL driver. - Added support for the following EGL extensions: @@ -583,7 +624,7 @@ - Fixed a regression in the NVIDIA kernel module which caused it to improperly dereference a userspace pointer. This potential security issue was initially reported to the public at: - http://forums.grsecurity.net/viewtopic.php?f=3&t=3922 + https://forums.grsecurity.net/viewtopic.php?f=3&t=3922 The regression did not affect NVIDIA GPU drivers before release 334. - Fixed a bug that could cause OpenGL programs to hang after calling fork(2). @@ -654,6 +695,7 @@ * New upstream long lived branch release 331.113 (2014-12-05). * Fixes CVE-2014-8298. + https://nvidia.custhelp.com/app/answers/detail/a_id/3610 -- Andreas Beckmann <a...@debian.org> Fri, 12 Dec 2014 08:27:26 +0100 @@ -881,7 +923,7 @@ - Changed the clipping behavior of the NVIDIA X driver on Trapezoids and Triangles for some RENDER operations to match the behavior in newer versions of Pixman: - http://lists.freedesktop.org/archives/pixman/2013-April/002755.html + https://lists.freedesktop.org/archives/pixman/2013-April/002755.html - Fixed a bug in MetaMode tracking that could cause spurious error messages to be printed when attempting to add or delete Metamodes via NV-CONTROL. @@ -1349,7 +1391,7 @@ an X server segmentation fault), or could be exploited to achieve arbitrary code execution. (Closes: #704547) For more details, see: - http://nvidia.custhelp.com/app/answers/detail/a_id/3290 + https://nvidia.custhelp.com/app/answers/detail/a_id/3290 * Merge changes from 304.88-1 and 310.44 (UNRELEASED). -- Andreas Beckmann <a...@debian.org> Fri, 05 Apr 2013 03:57:30 +0200 @@ -1429,7 +1471,7 @@ an X server segmentation fault), or could be exploited to achieve arbitrary code execution. For more details, see: - http://nvidia.custhelp.com/app/answers/detail/a_id/3290 + https://nvidia.custhelp.com/app/answers/detail/a_id/3290 -- Andreas Beckmann <a...@debian.org> Fri, 05 Apr 2013 02:41:13 +0200 @@ -1531,10 +1573,40 @@ -- Andreas Beckmann <deb...@abeckmann.de> Wed, 17 Oct 2012 19:54:34 +0200 +nvidia-graphics-drivers (304.137-1) UNRELEASED; urgency=medium + + * New upstream legacy 304xx branch release 304.137 (2017-09-19). + - Improved compatibility with recent Linux kernels. + + -- Andreas Beckmann <a...@debian.org> Sun, 08 Oct 2017 21:52:50 +0200 + +nvidia-graphics-drivers (304.135-1) UNRELEASED; urgency=medium + + * New upstream legacy 304xx branch release 304.135 (2017-02-14). + * Fixed CVE-2017-0309, CVE-2017-0310, CVE-2017-0311, CVE-2017-0318, + CVE-2017-0321. (Closes: #855277) + https://nvidia.custhelp.com/app/answers/detail/a_id/4398 + * New upstream legacy 304xx branch release 304.134 (2016-12-14). + * Fixed CVE-2016-8826. (Closes: #848195) + https://nvidia.custhelp.com/app/answers/detail/a_id/4278 + - Added support for X.Org xserver ABI 23 (xorg-server 1.19) + * Improved compatibility with recent Linux kernels. + * New upstream legacy 304xx branch release 304.132 (2016-09-26). + * Fixed CVE-2016-7382, CVE-2016-7389. (Closes: #846331) + https://nvidia.custhelp.com/app/answers/detail/a_id/4246 + - Added /var/log/dmesg to the list of paths which are searched by + nvidia-bug-report.sh for kernel messages. + - Fixed a bug that caused kernel panics when using the NVIDIA driver on + v4.5 and newer Linux kernels built with CONFIG_DEBUG_VM_PGFLAGS. + * Improved compatibility with recent Linux kernels. + + -- Andreas Beckmann <a...@debian.org> Wed, 14 Jun 2017 17:10:53 +0200 + nvidia-graphics-drivers (304.131-1) wheezy; urgency=medium * New upstream legacy 304xx branch release 304.131 (2015-11-16). * Fixed CVE-2015-7869: Unsanitized User Mode Input. (Closes: #805917) + https://nvidia.custhelp.com/app/answers/detail/a_id/3808 - Fixed a bug that could cause texture corruption in some OpenGL applications when video memory is exhausted by a combination of simultaneously running graphical and compute workloads. @@ -1558,6 +1630,7 @@ * New upstream legacy 304xx branch release 304.128 (2015-08-31). * Fixed CVE-2015-5950: Memory corruption due to an unsanitized pointer. + https://nvidia.custhelp.com/app/answers/detail/a_id/3763 (Closes: #800566) * Improved compatibility with recent Linux kernels. @@ -1588,6 +1661,7 @@ * New upstream legacy 304xx branch release 304.125 (2014-12-05). * Fixes CVE-2014-8298. (Closes: #772971) + https://nvidia.custhelp.com/app/answers/detail/a_id/3610 - Added support for X.Org xserver ABI 19 (xorg-server 1.17). - Improved compatibility with recent Linux kernels. - Implemented support for disabling indirect GLX context creation using @@ -1665,7 +1739,7 @@ - Fixed a security vulnerability in the microcode for microcontrollers that are part of NVIDIA GPUs. This vulnerability could be exploited to take control of a system, and it is described in greater detail at: - http://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-5987 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=2013-5987 (Closes: #735271) - Improved compatibility with recent Linux kernels. - Updated the NVIDIA OpenGL driver to write temporary files to $TMPDIR @@ -1889,7 +1963,7 @@ an X server segmentation fault), or could be exploited to achieve arbitrary code execution. (Closes: #704547) For more details, see: - http://nvidia.custhelp.com/app/answers/detail/a_id/3290 + https://nvidia.custhelp.com/app/answers/detail/a_id/3290 * Fixes display turned off on VT text consoles. (Closes: #703313) -- Andreas Beckmann <a...@debian.org> Tue, 02 Apr 2013 22:43:31 +0200 @@ -2153,7 +2227,7 @@ * CVE-2012-4225 (Closes: 684781) - Implemented hotfix for a privilege escalation vulnerability reported on August 1, 2012. For more details, see: - http://nvidia.custhelp.com/app/answers/detail/a_id/3140 + https://nvidia.custhelp.com/app/answers/detail/a_id/3140 [ Andreas Beckmann ] * nvidia-kernel-source: Add Built-Using attribute to the generated module @@ -2576,7 +2650,7 @@ * New upstream long-lived branch release 295.40 (2012-04-11). - Closed a security vulnerability which made it possible for attackers to reconfigure GPUs to gain access to arbitrary system memory. For further - details, see: http://nvidia.custhelp.com/app/answers/detail/a_id/3109 + details, see: https://nvidia.custhelp.com/app/answers/detail/a_id/3109 CVE-2012-0946 - Fixed a bug that caused DisplayPort devices to occasionally fail to turn back on after the system is resumed from suspend. @@ -2926,7 +3000,7 @@ packages. (Closes: #640539) * Add a nvidia-detect package with a script 'nvidia-detect' to detect NVIDIA GPUs and recommend a driver meta package to install. (Closes: #614825) - Based on the script from http://wiki.debian.org/NvidiaGraphicsDrivers + Based on the script from https://wiki.debian.org/NvidiaGraphicsDrivers -- Andreas Beckmann <deb...@abeckmann.de> Tue, 06 Sep 2011 06:26:50 +0200 @@ -3189,7 +3263,7 @@ generate the appropriate jack unplug events to applications. - Added support for the GL_EXT_x11_sync_object extension. See the extension specification in the OpenGL registry here: - http://www.opengl.org/registry/specs/EXT/x11_sync_object.txt + https://www.khronos.org/registry/OpenGL/extensions/EXT/EXT_x11_sync_object.txt for more details. - Improved performance of window resize operations in KDE 4 on systems with slow CPUs. @@ -3839,6 +3913,7 @@ Add upstream patch nvidia-blacklist-vga-pmu-registers-195.diff: Fix exploitable local privilege escalation through VGA window manipulation via the device nodes that allows access to arbitrary physical memory. + https://nvidia.custhelp.com/app/answers/detail/a_id/3140 -- Andreas Beckmann <deb...@abeckmann.de> Fri, 17 Aug 2012 00:43:36 +0200 @@ -3852,7 +3927,7 @@ Add upstream patch nvidia-blacklist-register-mapping-195.diff: Closed a security vulnerability which made it possible for attackers to reconfigure GPUs to gain access to arbitrary system memory. For further - details, see: http://nvidia.custhelp.com/app/answers/detail/a_id/3109 + details, see: https://nvidia.custhelp.com/app/answers/detail/a_id/3109 * Let the bug-script collect detailed information about OpenGL and NVIDIA libraries and their symlinks, diversions and alternatives currently found on the system. Also list files remaining from using the nvidia-installer. Index: debian/bug-control.mk =================================================================== --- debian/bug-control.mk (.../tags/340.102-1) (revision 7819) +++ debian/bug-control.mk (.../branches/340) (revision 7819) @@ -1,6 +1,8 @@ +multiarchify = $(if $(filter %:any,$1),$(foreach a,$(ARCH_LIST),$(1:any=$a)),$1) + debian/bug-control: debian/bug-control.mk debian/rules debian/rules.defs $(RM) $@ - echo "report-with: $(foreach x,$(REPORT_WITH),$(strip $x))" > $@ + echo "report-with: $(foreach x,$(REPORT_WITH),$(call multiarchify,$(strip $x)))" > $@ echo "" >> $@ echo "package-status: $(foreach x,$(PACKAGE_STATUS),$(strip $x))" >> $@ @@ -8,7 +10,7 @@ define REPORT_WITH $(nvidia)-driver nvidia-glx$(legacy) - libgl1-$(nvidia)-glx + libgl1-$(nvidia)-glx:any xserver-xorg-video-$(nvidia) $(nvidia)-alternative $(nvidia)-kernel-dkms @@ -52,5 +54,9 @@ make libopencl1 opencl-icd + libgl1 + libegl1 + libgles1 + libgles2 endef Index: debian/detect/nvidia-detect.in =================================================================== --- debian/detect/nvidia-detect.in (.../tags/340.102-1) (revision 7819) +++ debian/detect/nvidia-detect.in (.../branches/340) (revision 7819) @@ -1,5 +1,5 @@ #!/bin/bash -# Based on http://wiki.debian.org/NvidiaGraphicsDrivers?action=AttachFile&do=view&target=nvidia-versions.sh +# Based on https://wiki.debian.org/NvidiaGraphicsDrivers?action=AttachFile&do=view&target=nvidia-versions.sh # # Copyright © 2008-2011 Filipus Klutiero <chea...@gmail.com> # Copyright © 2011-2014 Andreas Beckmann <a...@debian.org> @@ -15,7 +15,7 @@ # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program. If not, see <http://www.gnu.org/licenses/> +# along with this program. If not, see <https://www.gnu.org/licenses/> # if [ "$1" = "-h" -o "$1" = "--help" ]; then @@ -134,7 +134,7 @@ PACKAGE="nvidia-glx" elif [[ -n ${VERSIONS[999]} ]]; then echo "Your card is only supported by the updated drivers from wheezy-backports." - echo "See http://backports.debian.org for instructions how to use backports." + echo "See https://backports.debian.org for instructions how to use backports." PACKAGE="nvidia-driver/wheezy-backports" elif [[ -n ${VERSIONS[173]} ]]; then echo "Your card is only supported up to the 173.14 legacy drivers series."; @@ -161,7 +161,7 @@ PACKAGE="nvidia-legacy-304xx-driver" elif [[ -n ${VERSIONS[375]} ]]; then echo "Your card is only supported by a newer driver that is available in jessie-backports." - echo "See http://backports.debian.org for instructions how to use backports." + echo "See https://backports.debian.org for instructions how to use backports." echo "You may also find newer driver packages in experimental." PACKAGE="nvidia-driver/jessie-backports" elif [[ -n ${VERSIONS[173]} ]]; then Property changes on: . ___________________________________________________________________ Modified: svn:mergeinfo Merged /packages/nvidia-graphics-drivers/branches/304:r7216-7792 Merged /packages/nvidia-graphics-drivers/branches/304-jessie:r7217-7793