From f0b8c1dadd9c727f7308687272fe6289d8108842 Mon Sep 17 00:00:00 2001
From: David Michael <david.michael@coreos.com>
Date: Sun, 26 Feb 2017 19:02:26 -0800
Subject: [PATCH] sys-kernel/coreos-sources: bump to 4.10.1

---
 ...eos-kernel-4.10.0.ebuild => coreos-kernel-4.10.1.ebuild} | 0
 ...s-modules-4.10.0.ebuild => coreos-modules-4.10.1.ebuild} | 0
 .../coreos-overlay/sys-kernel/coreos-sources/Manifest       | 1 +
 ...s-sources-4.10.0.ebuild => coreos-sources-4.10.1.ebuild} | 0
 .../files/4.10/z0001-Add-secure_modules-call.patch          | 4 ++--
 ...I-Lock-down-BAR-access-when-module-security-is-ena.patch | 4 ++--
 ...6-Lock-down-IO-port-access-when-module-security-is.patch | 4 ++--
 .../4.10/z0004-ACPI-Limit-access-to-custom_method.patch     | 4 ++--
 ...us-wmi-Restrict-debugfs-interface-when-module-load.patch | 4 ++--
 ...strict-dev-mem-and-dev-kmem-when-module-loading-is.patch | 4 ++--
 ...pi-Ignore-acpi_rsdp-kernel-parameter-when-module-l.patch | 4 ++--
 ...xec-Disable-at-runtime-if-the-kernel-enforces-modu.patch | 4 ++--
 ...6-Restrict-MSR-access-when-module-loading-is-restr.patch | 4 ++--
 ...d-option-to-automatically-enforce-module-signature.patch | 4 ++--
 ...efi-Make-EFI_SECURE_BOOT_SIG_ENFORCE-depend-on-EFI.patch | 4 ++--
 .../files/4.10/z0012-efi-Add-EFI_SECURE_BOOT-bit.patch      | 4 ++--
 ...-hibernate-Disable-in-a-signed-modules-environment.patch | 4 ++--
 ...uild-derive-relative-path-for-KBUILD_SRC-from-CURD.patch | 6 +++---
 .../files/4.10/z0015-Add-arm64-coreos-verity-hash.patch     | 4 ++--
 ...linux-allow-context-mounts-on-tmpfs-ramfs-devpts-w.patch | 4 ++--
 20 files changed, 34 insertions(+), 33 deletions(-)
 rename sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-kernel/{coreos-kernel-4.10.0.ebuild => coreos-kernel-4.10.1.ebuild} (100%)
 rename sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/{coreos-modules-4.10.0.ebuild => coreos-modules-4.10.1.ebuild} (100%)
 rename sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/{coreos-sources-4.10.0.ebuild => coreos-sources-4.10.1.ebuild} (100%)

diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-kernel/coreos-kernel-4.10.0.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-kernel/coreos-kernel-4.10.1.ebuild
similarity index 100%
rename from sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-kernel/coreos-kernel-4.10.0.ebuild
rename to sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-kernel/coreos-kernel-4.10.1.ebuild
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/coreos-modules-4.10.0.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/coreos-modules-4.10.1.ebuild
similarity index 100%
rename from sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/coreos-modules-4.10.0.ebuild
rename to sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/coreos-modules-4.10.1.ebuild
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/Manifest b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/Manifest
index 0178c0d1c7..e963594a34 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/Manifest
+++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/Manifest
@@ -1 +1,2 @@
 DIST linux-4.10.tar.xz 94231404 SHA256 3c95d9f049bd085e5c346d2c77f063b8425f191460fcd3ae9fe7e94e0477dc4b SHA512 c3690125a8402df638095bd98a613fcf1a257b81de7611c84711d315cd11e2634ab4636302b3742aedf1e3ba9ce0fea53fe8c7d48e37865d8ee5db3565220d90 WHIRLPOOL 86d021bae2dbfc4ef80c22d9e886bed4fbd9476473a2851d7beaf8ed0c7f7fbc1fa0da230eb9e763eb231b7c164c17b2a73fd336ab233543f57be280d6173738
+DIST patch-4.10.1.xz 7408 SHA256 da560125aa350f76f0e4a5b9373a0d0a1c27ccefe3b7bd9231724f3a3c4ebb9e SHA512 7d36d210eade03df91dd3bbaa9cb9bdad0a2c60e21a7b6c1be36f7610d4329b6b517517ba8d971458a2e1bc219e639dacccc8ffe6b12b8954c3ba19bf527f239 WHIRLPOOL 5cb630fd5200810a17def47983e237ce819fa2e456949a8812d859a6d7918a89cb5411c567a956d48f887da86587bcc96589a248fc3c2dda426ba46e79ff9a92
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/coreos-sources-4.10.0.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/coreos-sources-4.10.1.ebuild
similarity index 100%
rename from sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/coreos-sources-4.10.0.ebuild
rename to sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/coreos-sources-4.10.1.ebuild
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0001-Add-secure_modules-call.patch b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0001-Add-secure_modules-call.patch
index 77c32b38c1..e72e81787c 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0001-Add-secure_modules-call.patch
+++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0001-Add-secure_modules-call.patch
@@ -1,4 +1,4 @@
-From 73bb7b8238ec592b103a34d8cf0390afc63bd7e1 Mon Sep 17 00:00:00 2001
+From 9b1968abf672666c280f169ab647045126e9b0eb Mon Sep 17 00:00:00 2001
 From: Matthew Garrett <matthew.garrett@nebula.com>
 Date: Fri, 9 Aug 2013 17:58:15 -0400
 Subject: [PATCH 01/16] Add secure_modules() call
@@ -59,5 +59,5 @@ index 3d8f126..9a565d5 100644
 +}
 +EXPORT_SYMBOL(secure_modules);
 -- 
-2.9.3
+2.7.4
 
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0002-PCI-Lock-down-BAR-access-when-module-security-is-ena.patch b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0002-PCI-Lock-down-BAR-access-when-module-security-is-ena.patch
index 6774aa355a..1c6437ffb5 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0002-PCI-Lock-down-BAR-access-when-module-security-is-ena.patch
+++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0002-PCI-Lock-down-BAR-access-when-module-security-is-ena.patch
@@ -1,4 +1,4 @@
-From b3852ff8d63155d0323a66b81c9c7835dd367b1c Mon Sep 17 00:00:00 2001
+From 32e8475783408e51382fdf0fc553fc2a10142ad9 Mon Sep 17 00:00:00 2001
 From: Matthew Garrett <matthew.garrett@nebula.com>
 Date: Thu, 8 Mar 2012 10:10:38 -0500
 Subject: [PATCH 02/16] PCI: Lock down BAR access when module security is
@@ -114,5 +114,5 @@ index 9bf993e..922bdf6 100644
  
  	dev = pci_get_bus_and_slot(bus, dfn);
 -- 
-2.9.3
+2.7.4
 
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0003-x86-Lock-down-IO-port-access-when-module-security-is.patch b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0003-x86-Lock-down-IO-port-access-when-module-security-is.patch
index 0da1cdd274..206f87b7c4 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0003-x86-Lock-down-IO-port-access-when-module-security-is.patch
+++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0003-x86-Lock-down-IO-port-access-when-module-security-is.patch
@@ -1,4 +1,4 @@
-From 91f145f51fc8f22bc879da39bfe6d16e95b50202 Mon Sep 17 00:00:00 2001
+From 2685201a8e66bb2564eeeb4f36ea6f8ce7475332 Mon Sep 17 00:00:00 2001
 From: Matthew Garrett <matthew.garrett@nebula.com>
 Date: Thu, 8 Mar 2012 10:35:59 -0500
 Subject: [PATCH 03/16] x86: Lock down IO port access when module security is
@@ -68,5 +68,5 @@ index 6d9cc2d..a6eca51 100644
  		return -EFAULT;
  	while (count-- > 0 && i < 65536) {
 -- 
-2.9.3
+2.7.4
 
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0004-ACPI-Limit-access-to-custom_method.patch b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0004-ACPI-Limit-access-to-custom_method.patch
index 46ee82a05b..79e373ecee 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0004-ACPI-Limit-access-to-custom_method.patch
+++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0004-ACPI-Limit-access-to-custom_method.patch
@@ -1,4 +1,4 @@
-From 03d7d4e42715c4a314bdc669658065557c3b44c4 Mon Sep 17 00:00:00 2001
+From c559ff3e2459791d4eadb74f97b90f0c405878a2 Mon Sep 17 00:00:00 2001
 From: Matthew Garrett <matthew.garrett@nebula.com>
 Date: Fri, 9 Mar 2012 08:39:37 -0500
 Subject: [PATCH 04/16] ACPI: Limit access to custom_method
@@ -27,5 +27,5 @@ index c68e724..4277938 100644
  		/* parse the table header to get the table length */
  		if (count <= sizeof(struct acpi_table_header))
 -- 
-2.9.3
+2.7.4
 
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0005-asus-wmi-Restrict-debugfs-interface-when-module-load.patch b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0005-asus-wmi-Restrict-debugfs-interface-when-module-load.patch
index 3f66dacc15..00ed63a011 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0005-asus-wmi-Restrict-debugfs-interface-when-module-load.patch
+++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0005-asus-wmi-Restrict-debugfs-interface-when-module-load.patch
@@ -1,4 +1,4 @@
-From 914723fe6b4fccc9fb080d52cfc54de04d526e3d Mon Sep 17 00:00:00 2001
+From 7b20c90ea8edb8dc28509e8764d17ca0bd32e580 Mon Sep 17 00:00:00 2001
 From: Matthew Garrett <matthew.garrett@nebula.com>
 Date: Fri, 9 Mar 2012 08:46:50 -0500
 Subject: [PATCH 05/16] asus-wmi: Restrict debugfs interface when module
@@ -50,5 +50,5 @@ index 43cb680..b5d77af 100644
  				     1, asus->debug.method_id,
  				     &input, &output);
 -- 
-2.9.3
+2.7.4
 
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0006-Restrict-dev-mem-and-dev-kmem-when-module-loading-is.patch b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0006-Restrict-dev-mem-and-dev-kmem-when-module-loading-is.patch
index e88094d4ea..a03fb2172c 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0006-Restrict-dev-mem-and-dev-kmem-when-module-loading-is.patch
+++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0006-Restrict-dev-mem-and-dev-kmem-when-module-loading-is.patch
@@ -1,4 +1,4 @@
-From be3c5948ec57189c877afc2af2da91c45569db79 Mon Sep 17 00:00:00 2001
+From 5e92bc30d58f30a81381f7a2ec3ce1c40219458c Mon Sep 17 00:00:00 2001
 From: Matthew Garrett <matthew.garrett@nebula.com>
 Date: Fri, 9 Mar 2012 09:28:15 -0500
 Subject: [PATCH 06/16] Restrict /dev/mem and /dev/kmem when module loading is
@@ -38,5 +38,5 @@ index a6eca51..191b2b0 100644
  		unsigned long to_write = min_t(unsigned long, count,
  					       (unsigned long)high_memory - p);
 -- 
-2.9.3
+2.7.4
 
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0007-acpi-Ignore-acpi_rsdp-kernel-parameter-when-module-l.patch b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0007-acpi-Ignore-acpi_rsdp-kernel-parameter-when-module-l.patch
index 34c9b18e43..f9aec4c188 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0007-acpi-Ignore-acpi_rsdp-kernel-parameter-when-module-l.patch
+++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0007-acpi-Ignore-acpi_rsdp-kernel-parameter-when-module-l.patch
@@ -1,4 +1,4 @@
-From 8802118d5ab3c81409bb2571f6c45d58fb60cb07 Mon Sep 17 00:00:00 2001
+From d252fd62fdc0f220272a34c10fed77fac91c2ac3 Mon Sep 17 00:00:00 2001
 From: Josh Boyer <jwboyer@redhat.com>
 Date: Mon, 25 Jun 2012 19:57:30 -0400
 Subject: [PATCH 07/16] acpi: Ignore acpi_rsdp kernel parameter when module
@@ -35,5 +35,5 @@ index 57fb5f4..9174461 100644
  #endif
  
 -- 
-2.9.3
+2.7.4
 
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0008-kexec-Disable-at-runtime-if-the-kernel-enforces-modu.patch b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0008-kexec-Disable-at-runtime-if-the-kernel-enforces-modu.patch
index 85f8ce1fc8..b23444ee3a 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0008-kexec-Disable-at-runtime-if-the-kernel-enforces-modu.patch
+++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0008-kexec-Disable-at-runtime-if-the-kernel-enforces-modu.patch
@@ -1,4 +1,4 @@
-From f1fcf911f8b2fc3e77685122e191a5faa2d90530 Mon Sep 17 00:00:00 2001
+From 3ce57e1da8ea751fb9894d5eff1f0fc78085d2c2 Mon Sep 17 00:00:00 2001
 From: Matthew Garrett <mjg59@coreos.com>
 Date: Thu, 19 Nov 2015 18:55:53 -0800
 Subject: [PATCH 08/16] kexec: Disable at runtime if the kernel enforces module
@@ -35,5 +35,5 @@ index 980936a..a0e4cb3 100644
  
  	/*
 -- 
-2.9.3
+2.7.4
 
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0009-x86-Restrict-MSR-access-when-module-loading-is-restr.patch b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0009-x86-Restrict-MSR-access-when-module-loading-is-restr.patch
index 51d3bc98f9..0928af6566 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0009-x86-Restrict-MSR-access-when-module-loading-is-restr.patch
+++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0009-x86-Restrict-MSR-access-when-module-loading-is-restr.patch
@@ -1,4 +1,4 @@
-From 6cdc502e447e28b9aeba39cacad87a1a58573494 Mon Sep 17 00:00:00 2001
+From fad5a47afe39f99f98627c57caf5caf6d798b0e0 Mon Sep 17 00:00:00 2001
 From: Matthew Garrett <matthew.garrett@nebula.com>
 Date: Fri, 8 Feb 2013 11:12:13 -0800
 Subject: [PATCH 09/16] x86: Restrict MSR access when module loading is
@@ -40,5 +40,5 @@ index ef68880..74937d9 100644
  			err = -EFAULT;
  			break;
 -- 
-2.9.3
+2.7.4
 
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0010-Add-option-to-automatically-enforce-module-signature.patch b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0010-Add-option-to-automatically-enforce-module-signature.patch
index 6af64ccea5..5be3be4a4a 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0010-Add-option-to-automatically-enforce-module-signature.patch
+++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0010-Add-option-to-automatically-enforce-module-signature.patch
@@ -1,4 +1,4 @@
-From 8513cddf6e021327feb0297ae9f3c113dd327620 Mon Sep 17 00:00:00 2001
+From ed8ec0c970a5286f458976a736248c5401c8e7c2 Mon Sep 17 00:00:00 2001
 From: Matthew Garrett <matthew.garrett@nebula.com>
 Date: Fri, 9 Aug 2013 18:36:30 -0400
 Subject: [PATCH 10/16] Add option to automatically enforce module signatures
@@ -181,5 +181,5 @@ index 9a565d5..421ee82 100644
  {
  #ifdef CONFIG_MODULE_SIG
 -- 
-2.9.3
+2.7.4
 
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0011-efi-Make-EFI_SECURE_BOOT_SIG_ENFORCE-depend-on-EFI.patch b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0011-efi-Make-EFI_SECURE_BOOT_SIG_ENFORCE-depend-on-EFI.patch
index 54e4f6c424..05acb430ce 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0011-efi-Make-EFI_SECURE_BOOT_SIG_ENFORCE-depend-on-EFI.patch
+++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0011-efi-Make-EFI_SECURE_BOOT_SIG_ENFORCE-depend-on-EFI.patch
@@ -1,4 +1,4 @@
-From 4c58cd43848c62e13421c4f4fa98df540e674fba Mon Sep 17 00:00:00 2001
+From 4d76d7bdd971932c8eeb5450cc05780117418ccb Mon Sep 17 00:00:00 2001
 From: Josh Boyer <jwboyer@fedoraproject.org>
 Date: Tue, 27 Aug 2013 13:28:43 -0400
 Subject: [PATCH 11/16] efi: Make EFI_SECURE_BOOT_SIG_ENFORCE depend on EFI
@@ -26,5 +26,5 @@ index 5be38b4..efe6b42 100644
  	---help---
  	  UEFI Secure Boot provides a mechanism for ensuring that the
 -- 
-2.9.3
+2.7.4
 
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0012-efi-Add-EFI_SECURE_BOOT-bit.patch b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0012-efi-Add-EFI_SECURE_BOOT-bit.patch
index bc3c7a1daa..f6af1b4b87 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0012-efi-Add-EFI_SECURE_BOOT-bit.patch
+++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0012-efi-Add-EFI_SECURE_BOOT-bit.patch
@@ -1,4 +1,4 @@
-From d70536a7ba4cf46392317622faa74d97c3215b5c Mon Sep 17 00:00:00 2001
+From 8c7098b081b4c8e315f7da037ce387950c645896 Mon Sep 17 00:00:00 2001
 From: Josh Boyer <jwboyer@fedoraproject.org>
 Date: Tue, 27 Aug 2013 13:33:03 -0400
 Subject: [PATCH 12/16] efi: Add EFI_SECURE_BOOT bit
@@ -39,5 +39,5 @@ index 5b1af30..1b12c29 100644
  #ifdef CONFIG_EFI
  /*
 -- 
-2.9.3
+2.7.4
 
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0013-hibernate-Disable-in-a-signed-modules-environment.patch b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0013-hibernate-Disable-in-a-signed-modules-environment.patch
index 45d62d6663..4a7579e587 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0013-hibernate-Disable-in-a-signed-modules-environment.patch
+++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0013-hibernate-Disable-in-a-signed-modules-environment.patch
@@ -1,4 +1,4 @@
-From e9e2b41c3642aa993063c9cac6551590e4c30c35 Mon Sep 17 00:00:00 2001
+From 3537c77a73bc43b30f917c2bdfff450d38b3b868 Mon Sep 17 00:00:00 2001
 From: Josh Boyer <jwboyer@fedoraproject.org>
 Date: Fri, 20 Jun 2014 08:53:24 -0400
 Subject: [PATCH 13/16] hibernate: Disable in a signed modules environment
@@ -35,5 +35,5 @@ index b26dbc4..ab187ad 100644
  
  /**
 -- 
-2.9.3
+2.7.4
 
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0014-kbuild-derive-relative-path-for-KBUILD_SRC-from-CURD.patch b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0014-kbuild-derive-relative-path-for-KBUILD_SRC-from-CURD.patch
index 9756d196b3..5d63345942 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0014-kbuild-derive-relative-path-for-KBUILD_SRC-from-CURD.patch
+++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0014-kbuild-derive-relative-path-for-KBUILD_SRC-from-CURD.patch
@@ -1,4 +1,4 @@
-From 0e124e61a4387e81e9d80c2df48683d6fa209d4a Mon Sep 17 00:00:00 2001
+From bb7b57706aabc44ddaa880d97c6e582e2bf95a50 Mon Sep 17 00:00:00 2001
 From: Vito Caputo <vito.caputo@coreos.com>
 Date: Wed, 25 Nov 2015 02:59:45 -0800
 Subject: [PATCH 14/16] kbuild: derive relative path for KBUILD_SRC from CURDIR
@@ -12,7 +12,7 @@ by some undesirable path component.
  1 file changed, 2 insertions(+), 1 deletion(-)
 
 diff --git a/Makefile b/Makefile
-index f1e6a02..18e3450 100644
+index 09eccff..e09b6d2 100644
 --- a/Makefile
 +++ b/Makefile
 @@ -147,7 +147,8 @@ $(filter-out _all sub-make $(CURDIR)/Makefile, $(MAKECMDGOALS)) _all: sub-make
@@ -26,5 +26,5 @@ index f1e6a02..18e3450 100644
  
  # Leave processing to above invocation of make
 -- 
-2.9.3
+2.7.4
 
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0015-Add-arm64-coreos-verity-hash.patch b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0015-Add-arm64-coreos-verity-hash.patch
index 907414a8c5..b06b8fec7e 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0015-Add-arm64-coreos-verity-hash.patch
+++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0015-Add-arm64-coreos-verity-hash.patch
@@ -1,4 +1,4 @@
-From 27499a2ffb18d13cb0b4ffe67cbccec23ba7b551 Mon Sep 17 00:00:00 2001
+From 300f9b0f53ace2681ab9c36642a7df8c5c9d9837 Mon Sep 17 00:00:00 2001
 From: Geoff Levand <geoff@infradead.org>
 Date: Fri, 11 Nov 2016 17:28:52 -0800
 Subject: [PATCH 15/16] Add arm64 coreos verity hash
@@ -25,5 +25,5 @@ index 4b1abac..a53fa57 100644
  	 * EFI will load .text onwards at the 4k section alignment
  	 * described in the PE/COFF header. To ensure that instruction
 -- 
-2.9.3
+2.7.4
 
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0016-selinux-allow-context-mounts-on-tmpfs-ramfs-devpts-w.patch b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0016-selinux-allow-context-mounts-on-tmpfs-ramfs-devpts-w.patch
index e9aa8ab27b..76879e9cc9 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0016-selinux-allow-context-mounts-on-tmpfs-ramfs-devpts-w.patch
+++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/4.10/z0016-selinux-allow-context-mounts-on-tmpfs-ramfs-devpts-w.patch
@@ -1,4 +1,4 @@
-From c67b19ff423d5d94e7b69dc82e09f12446bf5888 Mon Sep 17 00:00:00 2001
+From 857d181d29b80708661978d16a492ee64f9fe2ca Mon Sep 17 00:00:00 2001
 From: Stephen Smalley <sds@tycho.nsa.gov>
 Date: Mon, 9 Jan 2017 10:07:31 -0500
 Subject: [PATCH 16/16] selinux: allow context mounts on tmpfs, ramfs, devpts
@@ -53,5 +53,5 @@ index d98550a..fbf2d6d 100644
  		    defcontext_sid) {
  			rc = -EACCES;
 -- 
-2.9.3
+2.7.4