From b3c856004490e7e6ab729235c768c86276898b87 Mon Sep 17 00:00:00 2001
From: "Justin M. Forbes" <jforbes@fedoraproject.org>
Date: Sat, 1 Feb 2025 11:31:11 -0700
Subject: [PATCH] kernel-6.12.12-200

* Sat Feb 01 2025 Justin M. Forbes <jforbes@fedoraproject.org> [6.12.12-0]
- Revert "init/main.c: Initialize early LSMs after arch code, static keys and calls." (Justin M. Forbes)
- Linux v6.12.12
Resolves:

Signed-off-by: Justin M. Forbes <jforbes@fedoraproject.org>
---
 Patchlist.changelog     |   3 ++
 kernel.changelog        |   5 ++
 kernel.spec             |  12 +++--
 patch-6.12-redhat.patch | 110 ++++++++++------------------------------
 sources                 |   6 +--
 5 files changed, 47 insertions(+), 89 deletions(-)

diff --git a/Patchlist.changelog b/Patchlist.changelog
index aca18cd4c..688c4d03e 100644
--- a/Patchlist.changelog
+++ b/Patchlist.changelog
@@ -1,3 +1,6 @@
+https://gitlab.com/cki-project/kernel-ark/-/commit/32bcbd3a01f3693778efa32201859259cbac0161
+ 32bcbd3a01f3693778efa32201859259cbac0161 Revert "init/main.c: Initialize early LSMs after arch code, static keys and calls."
+
 https://gitlab.com/cki-project/kernel-ark/-/commit/a6f946b225152d6db15b0d632730b07edb03d7d5
  a6f946b225152d6db15b0d632730b07edb03d7d5 x86/cpu: Add Lunar Lake to list of CPUs with a broken MONITOR  implementation
 
diff --git a/kernel.changelog b/kernel.changelog
index 923416e60..3ef8c1479 100644
--- a/kernel.changelog
+++ b/kernel.changelog
@@ -1,3 +1,8 @@
+* Sat Feb 01 2025 Justin M. Forbes <jforbes@fedoraproject.org> [6.12.12-0]
+- Revert "init/main.c: Initialize early LSMs after arch code, static keys and calls." (Justin M. Forbes)
+- Linux v6.12.12
+Resolves: 
+
 * Thu Jan 23 2025 Augusto Caringi <acaringi@redhat.com> [6.12.11-0]
 - Linux v6.12.11
 Resolves: 
diff --git a/kernel.spec b/kernel.spec
index 98b5c9371..dbbe32872 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -159,18 +159,18 @@ Summary: The Linux kernel
 #  the --with-release option overrides this setting.)
 %define debugbuildsenabled 1
 # define buildid .local
-%define specrpmversion 6.12.11
-%define specversion 6.12.11
+%define specrpmversion 6.12.12
+%define specversion 6.12.12
 %define patchversion 6.12
 %define pkgrelease 200
 %define kversion 6
-%define tarfile_release 6.12.11
+%define tarfile_release 6.12.12
 # This is needed to do merge window version magic
 %define patchlevel 12
 # This allows pkg_release to have configurable %%{?dist} tag
 %define specrelease 200%{?buildid}%{?dist}
 # This defines the kabi tarball version
-%define kabiversion 6.12.11
+%define kabiversion 6.12.12
 
 # If this variable is set to 1, a bpf selftests build failure will cause a
 # fatal kernel package build error
@@ -4164,6 +4164,10 @@ fi\
 #
 #
 %changelog
+* Sat Feb 01 2025 Justin M. Forbes <jforbes@fedoraproject.org> [6.12.12-0]
+- Revert "init/main.c: Initialize early LSMs after arch code, static keys and calls." (Justin M. Forbes)
+- Linux v6.12.12
+
 * Thu Jan 23 2025 Augusto Caringi <acaringi@redhat.com> [6.12.11-0]
 - Linux v6.12.11
 
diff --git a/patch-6.12-redhat.patch b/patch-6.12-redhat.patch
index 9c2313912..ffe8cfde5 100644
--- a/patch-6.12-redhat.patch
+++ b/patch-6.12-redhat.patch
@@ -39,7 +39,6 @@
  drivers/hwtracing/coresight/coresight-etm4x-core.c |  19 +
  drivers/input/rmi4/rmi_driver.c                    | 124 +--
  drivers/iommu/iommu.c                              |  22 +
- drivers/net/wireless/realtek/rtl8xxxu/core.c       |  20 +
  drivers/pci/quirks.c                               |  24 +
  drivers/scsi/sd.c                                  |  10 +
  drivers/usb/core/hub.c                             |   7 +
@@ -48,6 +47,7 @@
  include/linux/lsm_hook_defs.h                      |   2 +
  include/linux/rmi.h                                |   1 +
  include/linux/security.h                           |   5 +
+ init/main.c                                        |   6 +-
  kernel/module/signing.c                            |   9 +-
  scripts/tags.sh                                    |   2 +
  security/integrity/platform_certs/load_uefi.c      |   6 +-
@@ -55,10 +55,10 @@
  security/lockdown/lockdown.c                       |   1 +
  security/security.c                                |  12 +
  tools/tracing/rtla/src/utils.c                     |  32 +-
- 57 files changed, 3004 insertions(+), 262 deletions(-)
+ 57 files changed, 2986 insertions(+), 266 deletions(-)
 
 diff --git a/Makefile b/Makefile
-index 7cf8f11975f8..e0828ec6bee7 100644
+index 9e6246e733eb..d9fe5187333c 100644
 --- a/Makefile
 +++ b/Makefile
 @@ -22,6 +22,18 @@ $(if $(filter __%, $(MAKECMDGOALS)), \
@@ -3959,85 +3959,6 @@ index 83c8e617a2c5..27f9b4517095 100644
  /**
   * iommu_setup_default_domain - Set the default_domain for the group
   * @group: Group to change
-diff --git a/drivers/net/wireless/realtek/rtl8xxxu/core.c b/drivers/net/wireless/realtek/rtl8xxxu/core.c
-index f95898f68d68..4ce0c05c5129 100644
---- a/drivers/net/wireless/realtek/rtl8xxxu/core.c
-+++ b/drivers/net/wireless/realtek/rtl8xxxu/core.c
-@@ -8147,6 +8147,8 @@ static const struct usb_device_id dev_table[] = {
- 	.driver_info = (unsigned long)&rtl8192cu_fops},
- {USB_DEVICE_AND_INTERFACE_INFO(USB_VENDOR_ID_REALTEK, 0x817e, 0xff, 0xff, 0xff),
- 	.driver_info = (unsigned long)&rtl8192cu_fops},
-+{USB_DEVICE_AND_INTERFACE_INFO(USB_VENDOR_ID_REALTEK, 0x8186, 0xff, 0xff, 0xff),
-+	.driver_info = (unsigned long)&rtl8192cu_fops},
- {USB_DEVICE_AND_INTERFACE_INFO(USB_VENDOR_ID_REALTEK, 0x818a, 0xff, 0xff, 0xff),
- 	.driver_info = (unsigned long)&rtl8192cu_fops},
- {USB_DEVICE_AND_INTERFACE_INFO(USB_VENDOR_ID_REALTEK, 0x317f, 0xff, 0xff, 0xff),
-@@ -8157,12 +8159,18 @@ static const struct usb_device_id dev_table[] = {
- 	.driver_info = (unsigned long)&rtl8192cu_fops},
- {USB_DEVICE_AND_INTERFACE_INFO(0x050d, 0x1102, 0xff, 0xff, 0xff),
- 	.driver_info = (unsigned long)&rtl8192cu_fops},
-+{USB_DEVICE_AND_INTERFACE_INFO(0x050d, 0x11f2, 0xff, 0xff, 0xff),
-+	.driver_info = (unsigned long)&rtl8192cu_fops},
- {USB_DEVICE_AND_INTERFACE_INFO(0x06f8, 0xe033, 0xff, 0xff, 0xff),
- 	.driver_info = (unsigned long)&rtl8192cu_fops},
-+{USB_DEVICE_AND_INTERFACE_INFO(0x07b8, 0x8188, 0xff, 0xff, 0xff),
-+	.driver_info = (unsigned long)&rtl8192cu_fops},
- {USB_DEVICE_AND_INTERFACE_INFO(0x07b8, 0x8189, 0xff, 0xff, 0xff),
- 	.driver_info = (unsigned long)&rtl8192cu_fops},
- {USB_DEVICE_AND_INTERFACE_INFO(0x0846, 0x9041, 0xff, 0xff, 0xff),
- 	.driver_info = (unsigned long)&rtl8192cu_fops},
-+{USB_DEVICE_AND_INTERFACE_INFO(0x0846, 0x9043, 0xff, 0xff, 0xff),
-+	.driver_info = (unsigned long)&rtl8192cu_fops},
- {USB_DEVICE_AND_INTERFACE_INFO(0x0b05, 0x17ba, 0xff, 0xff, 0xff),
- 	.driver_info = (unsigned long)&rtl8192cu_fops},
- {USB_DEVICE_AND_INTERFACE_INFO(USB_VENDOR_ID_REALTEK, 0x1e1e, 0xff, 0xff, 0xff),
-@@ -8179,6 +8187,10 @@ static const struct usb_device_id dev_table[] = {
- 	.driver_info = (unsigned long)&rtl8192cu_fops},
- {USB_DEVICE_AND_INTERFACE_INFO(0x13d3, 0x3357, 0xff, 0xff, 0xff),
- 	.driver_info = (unsigned long)&rtl8192cu_fops},
-+{USB_DEVICE_AND_INTERFACE_INFO(0x13d3, 0x3358, 0xff, 0xff, 0xff),
-+	.driver_info = (unsigned long)&rtl8192cu_fops},
-+{USB_DEVICE_AND_INTERFACE_INFO(0x13d3, 0x3359, 0xff, 0xff, 0xff),
-+	.driver_info = (unsigned long)&rtl8192cu_fops},
- {USB_DEVICE_AND_INTERFACE_INFO(0x2001, 0x330b, 0xff, 0xff, 0xff),
- 	.driver_info = (unsigned long)&rtl8192cu_fops},
- {USB_DEVICE_AND_INTERFACE_INFO(0x2019, 0x4902, 0xff, 0xff, 0xff),
-@@ -8193,6 +8205,8 @@ static const struct usb_device_id dev_table[] = {
- 	.driver_info = (unsigned long)&rtl8192cu_fops},
- {USB_DEVICE_AND_INTERFACE_INFO(0x4856, 0x0091, 0xff, 0xff, 0xff),
- 	.driver_info = (unsigned long)&rtl8192cu_fops},
-+{USB_DEVICE_AND_INTERFACE_INFO(0x9846, 0x9041, 0xff, 0xff, 0xff),
-+	.driver_info = (unsigned long)&rtl8192cu_fops},
- {USB_DEVICE_AND_INTERFACE_INFO(0xcdab, 0x8010, 0xff, 0xff, 0xff),
- 	.driver_info = (unsigned long)&rtl8192cu_fops},
- {USB_DEVICE_AND_INTERFACE_INFO(0x04f2, 0xaff7, 0xff, 0xff, 0xff),
-@@ -8218,6 +8232,8 @@ static const struct usb_device_id dev_table[] = {
- 	.driver_info = (unsigned long)&rtl8192cu_fops},
- {USB_DEVICE_AND_INTERFACE_INFO(0x0586, 0x341f, 0xff, 0xff, 0xff),
- 	.driver_info = (unsigned long)&rtl8192cu_fops},
-+{USB_DEVICE_AND_INTERFACE_INFO(0x06f8, 0xe033, 0xff, 0xff, 0xff),
-+	.driver_info = (unsigned long)&rtl8192cu_fops},
- {USB_DEVICE_AND_INTERFACE_INFO(0x06f8, 0xe035, 0xff, 0xff, 0xff),
- 	.driver_info = (unsigned long)&rtl8192cu_fops},
- {USB_DEVICE_AND_INTERFACE_INFO(0x0b05, 0x17ab, 0xff, 0xff, 0xff),
-@@ -8226,6 +8242,8 @@ static const struct usb_device_id dev_table[] = {
- 	.driver_info = (unsigned long)&rtl8192cu_fops},
- {USB_DEVICE_AND_INTERFACE_INFO(0x0df6, 0x0070, 0xff, 0xff, 0xff),
- 	.driver_info = (unsigned long)&rtl8192cu_fops},
-+{USB_DEVICE_AND_INTERFACE_INFO(0x0df6, 0x0077, 0xff, 0xff, 0xff),
-+	.driver_info = (unsigned long)&rtl8192cu_fops},
- {USB_DEVICE_AND_INTERFACE_INFO(0x0789, 0x016d, 0xff, 0xff, 0xff),
- 	.driver_info = (unsigned long)&rtl8192cu_fops},
- {USB_DEVICE_AND_INTERFACE_INFO(0x07aa, 0x0056, 0xff, 0xff, 0xff),
-@@ -8248,6 +8266,8 @@ static const struct usb_device_id dev_table[] = {
- 	.driver_info = (unsigned long)&rtl8192cu_fops},
- {USB_DEVICE_AND_INTERFACE_INFO(0x2001, 0x330a, 0xff, 0xff, 0xff),
- 	.driver_info = (unsigned long)&rtl8192cu_fops},
-+{USB_DEVICE_AND_INTERFACE_INFO(0x2001, 0x330d, 0xff, 0xff, 0xff),
-+	.driver_info = (unsigned long)&rtl8192cu_fops},
- {USB_DEVICE_AND_INTERFACE_INFO(0x2019, 0xab2b, 0xff, 0xff, 0xff),
- 	.driver_info = (unsigned long)&rtl8192cu_fops},
- {USB_DEVICE_AND_INTERFACE_INFO(0x20f4, 0x624d, 0xff, 0xff, 0xff),
 diff --git a/drivers/pci/quirks.c b/drivers/pci/quirks.c
 index 8103bc24a54e..ea629c78fa7c 100644
 --- a/drivers/pci/quirks.c
@@ -4273,6 +4194,31 @@ index 2ec8f3014757..7273b2b8b23b 100644
  static inline int lsm_fill_user_ctx(struct lsm_ctx __user *uctx,
  				    u32 *uctx_len, void *val, size_t val_len,
  				    u64 id, u64 flags)
+diff --git a/init/main.c b/init/main.c
+index c4778edae797..206acdde51f5 100644
+--- a/init/main.c
++++ b/init/main.c
+@@ -922,11 +922,8 @@ void start_kernel(void)
+ 	boot_cpu_init();
+ 	page_address_init();
+ 	pr_notice("%s", linux_banner);
+-	setup_arch(&command_line);
+-	/* Static keys and static calls are needed by LSMs */
+-	jump_label_init();
+-	static_call_init();
+ 	early_security_init();
++	setup_arch(&command_line);
+ 	setup_boot_config();
+ 	setup_command_line(command_line);
+ 	setup_nr_cpu_ids();
+@@ -937,6 +934,7 @@ void start_kernel(void)
+ 
+ 	pr_notice("Kernel command line: %s\n", saved_command_line);
+ 	/* parameters may set static keys */
++	jump_label_init();
+ 	parse_early_param();
+ 	after_dashes = parse_args("Booting kernel",
+ 				  static_command_line, __start___param,
 diff --git a/kernel/module/signing.c b/kernel/module/signing.c
 index a2ff4242e623..f0d2be1ee4f1 100644
 --- a/kernel/module/signing.c
diff --git a/sources b/sources
index dc818b012..de1f7bb34 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
-SHA512 (linux-6.12.11.tar.xz) = 3a70b8e2858a000e18763cd5ffd08d3a0f69a4b0164927a16f7974645030fbf3f57c878373e51693c8630a84e3c5f1feba0690dc92c035ed4f170d7bfbe2cacd
-SHA512 (kernel-abi-stablelists-6.12.11.tar.xz) = 277fb0a1d6771e1d61a08c4c4cafdb354e3f41fbe157b45b598d72c01b4dbea6418de260eb4a800e576c33ace66332104b5a7d81a45700ec26f16359f54b5600
-SHA512 (kernel-kabi-dw-6.12.11.tar.xz) = 86c946d73703456cd2dfee99a64383a90f597b053b8d809a5377b4c9282ef8b3a2da527ba1a57c080b12cbe9d92e003b17b549040b922f515d6922dd70d8f4b6
+SHA512 (linux-6.12.12.tar.xz) = 13d5b85fb724b81b123f88264057968fe7ea7ba9cd5c2c3483a971e14ace26b9c4cac4fa2e3e50500afe08a5fa8e35135be9ea6fc2f12fa9f53ac6f78e3a1559
+SHA512 (kernel-abi-stablelists-6.12.12.tar.xz) = 9d48237e3b7d012a363ce502487b3d3a0a69aaccc9b8b4db71d5dd43cdaa5d4d1669362aeae34bc1a8e4286b76ba17608fe17a1e551f3fc95e9b356f77f8f8a5
+SHA512 (kernel-kabi-dw-6.12.12.tar.xz) = 6f003628c855228059764f13057424097284b90133e87d68249ceb2d100c9e5f9ae15f9ded98df36f80d461dfe3b41ff7db60c97aed221e3b5613b5999fde731