mirror
/
openwrt
mirror of https://git.openwrt.org/openwrt/openwrt.git
1
0
Fork 0
Code Releases Activity
42,541 Commits 8 Branches 69 Tags 229 MiB
Commit Graph

148 Commits

Author SHA1 Message Date
Hauke Mehrtens 9cdc02be88 kernel: Update kernel 4.14 to version 4.14.206 
Compile and runtime tested on x86/64.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
 2020-11-11 00:49:32 +01:00
Hauke Mehrtens 5d01d05608 kernel: Update kernel 4.14 to version 4.14.202 
Compile and runtime tested on x86/64.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
 2020-10-18 00:32:31 +02:00
Hauke Mehrtens 1da8cc1bbc kernel: Update kernel 4.14 to version 4.14.199 
Compile and runtime tested on x86/64

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
 2020-09-28 00:36:22 +02:00
Hauke Mehrtens b8336ebab9 kernel: Update kernel 4.14 to version 4.14.195 
Compile and runtime tested on x86/64.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
 2020-08-27 00:19:34 +02:00
Hauke Mehrtens 35e9edc3df kernel: Update kernel 4.14 to version 4.14.193 
Compile and runtime tested on x86/64.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
 2020-08-08 17:20:37 +02:00
Hauke Mehrtens 1f8d9f70c2 kernel: Update kernel 4.14 to version 4.14.187 
Fixes:
- CVE-2020-10757

Run tested: x86
Build tested: x86

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
 2020-07-05 15:02:47 +02:00
Koen Vandeputte 7b49c0b48a kernel: bump 4.14 to 4.14.180 
Refreshed all patches.

Fixed:
- CVE-2020-12114
- CVE-2020-11669

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2020-05-12 12:45:57 +02:00
Koen Vandeputte 1f0679f54d kernel: bump 4.14 to 4.14.176 
Refreshed all patches.

Remove upstreamed:
- 0001-net-thunderx-workaround-BGX-TX-Underflow-issue.patch
- 600-ipv6-addrconf-call-ipv6_mc_up-for-non-Ethernet-inter.patch

Fixes:
- CVE-2020-8647
- CVE-2020-8648 (potentially)
- CVE-2020-8649

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2020-04-16 13:24:54 +02:00
Koen Vandeputte e38f355569 kernel: bump 4.14 to 4.14.172 
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2020-03-09 20:45:11 +01:00
Koen Vandeputte 4eba86820f kernel: bump 4.14 to 4.14.169 
Refreshed all patches.

Fixes:
- CVE-2019-14896
- CVE-2019-14897

Remove upstreamed:
- 023-0007-crypto-crypto4xx-Fix-wrong-ppc4xx_trng_probe-ppc4xx_.patch

Altered patches:
- 102-MIPS-BCM63XX-move-code-touching-the-USB-private-regi.patch
- 105-MIPS-BCM63XX-add-support-for-the-on-chip-OHCI-contro.patch
- 106-MIPS-BCM63XX-register-OHCI-controller-if-board-enabl.patch
- 108-MIPS-BCM63XX-add-support-for-the-on-chip-EHCI-contro.patch
- 207-MIPS-BCM63XX-move-device-registration-code-into-its-.patch
- 350-MIPS-BCM63XX-support-settings-num-usbh-ports.patch
- 356-MIPS-BCM63XX-move-fallback-sprom-support-into-its-ow.patch
- 390-MIPS-BCM63XX-do-not-register-SPI-controllers.patch
- 391-MIPS-BCM63XX-do-not-register-uart.patch
- 392-MIPS-BCM63XX-remove-leds-and-buttons.patch
- 416-BCM63XX-add-a-fixup-for-ath9k-devices.patch
- 422-BCM63XX-add-a-fixup-for-rt2x00-devices.patch
-

Compile-tested on: brcm63xx, cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2020-02-04 18:12:19 +01:00
Hauke Mehrtens 6b128326df kernel: bump 4.14 to 4.14.161 
Refreshed all patches.

Compile-tested on: ipq40xx
Runtime-tested on: none

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
 2020-01-01 21:50:16 +01:00
Hauke Mehrtens c280710d7a kernel: bump 4.14 to 4.14.160 
Refreshed all patches.

Compile-tested on: ipq40xx
Runtime-tested on: none

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
 2019-12-26 14:02:24 +01:00
Koen Vandeputte 2777947a75 kernel: bump 4.14 to 4.14.156 
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2019-11-29 10:01:27 +01:00
Koen Vandeputte 6e2e5d1bf8 kernel: bump 4.14 to 4.14.155 
Refreshed all patches.

Altered patches:
- 707-dpaa-ethernet-support-layerscape.patch
- 421-rtc-initialize.patch

Remove upstreamed:
- 161-MIPS-BCM47XX-Enable-USB-power-on-Netgear-WNDR3400v3.patch

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2019-11-22 16:59:16 +01:00
Koen Vandeputte 7e1db8f27c kernel: bump 4.14 to 4.14.145 
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2019-09-20 15:52:54 +02:00
Koen Vandeputte 09bdc14419 kernel: bump 4.14 to 4.14.138 
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2019-08-14 18:24:41 +02:00
Koen Vandeputte 958411aa61 kernel: bump 4.14 to 4.14.136 
Refreshed all patches.

Altered patches:
- 306-v4.16-netfilter-remove-saveroute-indirection-in-struct-nf_.patch

Remove upstreamed:
- 505-arm64-dts-marvell-Fix-A37xx-UART0-register-size

Fixes:
- CVE-2019-13648
- CVE-2019-10207

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2019-08-06 11:56:18 +02:00
Koen Vandeputte 5e771160b8 kernel: bump 4.14 to 4.14.130 
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2019-06-25 16:50:37 +02:00
Koen Vandeputte f63a1caf22 kernel: bump 4.14 to 4.14.125 
Refreshed all patches.

Altered patches:
- 403-net-mvneta-convert-to-phylink.patch
- 410-sfp-hack-allow-marvell-10G-phy-support-to-use-SFP.patch

Compile-tested on: cns3xxx, imx6, mvebu
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2019-06-12 16:04:25 +02:00
Koen Vandeputte 68a5e662c2 kernel: bump 4.14 to 4.14.120 
Refreshed all patches.

Altered patches:
- 0067-generic-Mangle-bootloader-s-kernel-arguments.patch
- 006-mvebu-Mangle-bootloader-s-kernel-arguments.patch
- 996-generic-Mangle-bootloader-s-kernel-arguments.patch

Compile-tested on: cns3xxx, imx6, mvebu
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2019-05-21 09:48:48 +02:00
Koen Vandeputte 62feabecd8 kernel: bump 4.14 to 4.14.99 
Refreshed all patches.

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2019-02-15 10:53:17 +01:00
Koen Vandeputte fbb2186fbd kernel: bump 4.14 to 4.14.98 
Refreshed all patches.

Remove upstreamed:
- 100-arm-cns3xxx-fix-writing-to-wrong-PCI-registers-after.patch

Altered patches:
- 721-phy_packets.patch

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2019-02-13 10:30:04 +01:00
Koen Vandeputte ef17edae3d kernel: bump 4.14 to 4.14.97 
Refreshed all patches.

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2019-02-01 11:41:39 +01:00
Koen Vandeputte 939fa07b04 kernel: bump 4.14 to 4.14.93 
Refreshed all patches.

Remove upstreamed:
- 510-f2fs-fix-sanity_check_raw_super-on-big-endian-machines.patch

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2019-01-15 13:58:36 +01:00
Koen Vandeputte 7b0e1d28e8 kernel: bump 4.14 to 4.14.89 
Refreshed all patches.

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2018-12-18 15:12:06 +01:00
Koen Vandeputte 40e1450f59 kernel: bump 4.14 to 4.14.88 
Refreshed all patches.

Altered patches:
- 180-usb-xhci-add-support-for-performing-fake-doorbell.patch

Fixes CVE:
- CVE-2018-14625

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2018-12-14 13:04:54 +01:00
Koen Vandeputte 2213b20aee kernel: bump 4.14 to 4.14.86 
Refreshed all patches.

Altered patches:
- 180-usb-xhci-add-support-for-performing-fake-doorbell.patch

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2018-12-13 13:28:54 +01:00
Koen Vandeputte f9c79947b5 kernel: bump 4.14 to 4.14.79 
Refreshed all patches.

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2018-11-05 16:00:47 +01:00
Koen Vandeputte 47f68ca586 kernel: bump 4.14 to 4.14.77 
Refreshed all patches.

Altered patches:
- 666-Add-support-for-MAP-E-FMRs-mesh-mode.patch

New symbol for arm targets:
    - HARDEN_BRANCH_PREDICTOR

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Tested-by: Stijn Tintel <stijn@linux-ipv6.be>
 2018-10-19 10:00:48 +02:00
Koen Vandeputte 9ac7eb4a86 kernel: bump 4.14 to 4.14.76 
Refreshed all patches.

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2018-10-15 16:54:30 +02:00
Felix Fietkau ae2a3a1d80 kernel: enable memory compaction 
Compaction is the only memory management component to form high order (larger
physically contiguous) memory blocks reliably. The page allocator relies on
compaction heavily and the lack of the feature can lead to unexpected OOM
killer invocations for high order memory requests. You shouldn't disable this
option unless there really is a strong reason for it.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Michal Hrusecky <michal.hrusecky@nic.cz>
 2018-10-09 14:36:00 +02:00
Koen Vandeputte 149dcc26d1 kernel: bump 4.14 to 4.14.74 
Refreshed all patches.

Fixes CVE:

- CVE-2018-7755

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2018-10-04 16:14:44 +02:00
Koen Vandeputte 81b2bf8e3b kernel: bump 4.14 to 4.14.72 
Refreshed all patches.

Removed upstreamed:
- 180-earlycon-initialize-port-uartclk-based-on-clock-frequency-property.patch
- 181-earlycon-remove-hardcoded-port-uartclk-initialization-in-of_setup_earlycon. patch
- 700-1-6-e1000e-Remove-Other-from-EIAC.patch
- 700-2-6-Partial-revert-e1000e-Avoid-receiver-overrun-interrupt-bursts.patch
- 700-3-6-e1000e-Fix-queue-interrupt-re-raising-in-Other-interrupt.patch
- 700-4-6-e1000e-Avoid-missed-interrupts-following-ICR-read.patch

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2018-09-26 15:55:23 +02:00
Hauke Mehrtens bfc9a4401b kernel: bump kernel 4.14 to version 4.14.63 
The following patches were integrated upstream:
 * target/linux/ipq40xx/patches-4.14/050-0006-mtd-nand-qcom-Add-a-NULL-check-for-devm_kasprintf.patch
 * target/linux/mediatek/patches-4.14/0177-phy-phy-mtk-tphy-use-auto-instead-of-force-to-bypass.patch

This fixes tries to work around the following security problems:
 * CVE-2018-3620 L1 Terminal Fault OS, SMM related aspects
 * CVE-2018-3646 L1 Terminal Fault Virtualization related aspects

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
 2018-08-15 22:40:58 +02:00
Koen Vandeputte 16d89ef291 kernel: bump 4.14 to 4.14.61 
Refreshed all patches.

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(backported from commit 7a254aeeb8)
 2018-08-08 16:35:19 +02:00
Stijn Tintel 6c075777d5 kernel: add missing ARM64_SSBD symbol 
In 4.14.57, a new symbol for Spectre v4 mitigation was introduced for
ARM64. Add this symbol to all ARM64 targets using kernel 4.14.

This mitigates CVE-2018-3639 on ARM64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 77e3e706ce)
 2018-08-06 09:17:31 +02:00
Stijn Segers 9ce7aa325e kernel: bump 4.14 to 4.14.60 for 18.06 
* Refreshed patches.
* Patches made redundant by changes upstream:
  - target/linux/ramips/patches-4.14/0036-mtd-fix-cfi-cmdset-0002-erase-status-check.patch
* Patches accepted upstream:
  - target/linux/apm821xx/patches-4.14/020-0001-crypto-crypto4xx-remove-bad-list_del.patch
  - target/linux/apm821xx/patches-4.14/020-0011-crypto-crypto4xx-fix-crypto4xx_build_pdr-crypto4xx_b.patch
  - target/linux/brcm63xx/patches-4.14/001-4.15-08-bcm63xx_enet-correct-clock-usage.patch
  - target/linux/brcm63xx/patches-4.14/001-4.15-09-bcm63xx_enet-do-not-write-to-random-DMA-channel-on-B.patch
  - target/linux/generic/backport-4.14/080-net-convert-sock.sk_wmem_alloc-from-atomic_t-to-refc.patch
  - target/linux/generic/pending-4.14/900-gen_stats-fix-netlink-stats-padding.patch

The ext4 regression introduced in 4.14.55 has been fixed by 4.14.60 (commit f547aa20b4f61662ad3e1a2040bb3cc5778f19b0).

Fixes the following CVEs:
- CVE-2018-10876
- CVE-2018-10877
- CVE-2018-10879
- CVE-2018-10880
- CVE-2018-10881
- CVE-2018-10882
- CVE-2018-10883

Thanks to Stijn Tintel for the CVE list :-).

Compile-tested on: ramips/mt7621, x86/64
Run-tested on: ramips/mt7621, x86/64

Signed-off-by: Stijn Segers <foss@volatilesystems.org>
 2018-08-06 07:30:41 +02:00
Jo-Philipp Wich f8cc68670f mediatek: fix parallel build issues in image build code 
Drop the parallel-unsafe custom Build/dtb macro and use the .dtb artifacts
produced by the generic image build code.

Also remove unused .dtb references in the mt7623 subtarget.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from commit 8194f9ef4a)
 2018-07-17 14:45:33 +02:00
Koen Vandeputte ca903c73c7 kernel: bump 4.14 to 4.14.54 for 18.06 
Refreshed all patches

Reworked patches to match upstream:
335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2018-07-12 13:54:24 +02:00
Stijn Segers ab7cabd09d kernel: bump 4.14 to 4.14.52 for 18.06 
Compile-tested on: ramips/mt7621, x86/64.
Run-tested on: ramips/mt7621.

Signed-off-by: Stijn Segers <foss@volatilesystems.org>
 2018-07-02 07:06:23 +02:00
Hauke Mehrtens 56f66be113 mediatek: mt7622: Do not deactivate CONFIG_BLK_DEV 
zram.ko needs CONFIG_BLK_DEV activated and it is by default for all
other targets in OpenWrt.

This makes zram.ko compile again.
Compile tested only.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 6745af9a0d)
 2018-06-18 21:21:55 +02:00
Hauke Mehrtens db969b2f30 mediatek: mt7622: Do not set CPU_SUBTYPE for Cortex A53 
Neon and vfpv4 are mandatory extensions in the ARM64 instruction set
now, do not activate them explicitly. GCC will make use of these
extension now by default.

This makes it possible to share the toolchain with other Cortex A53
SoCs.
Compile tested only.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 10ce015c65)
 2018-06-18 21:21:55 +02:00
John Crispin 29ba45bb35 mediatek: add missing symbols for mt7622 
Signed-off-by: John Crispin <john@phrozen.org>
(cherry picked from commit 55f3731002)
 2018-06-18 21:21:54 +02:00
John Crispin 0506039845 mediatek: add missing symbols 
Signed-off-by: John Crispin <john@phrozen.org>
(cherry picked from commit de6162e832)
 2018-06-18 21:21:54 +02:00
John Crispin 8e662b9654 mediatek: add mt7622 subtarget 
Signed-off-by: John Crispin <john@phrozen.org>
(cherry picked from commit 51740777fb)
 2018-06-18 21:21:53 +02:00
John Crispin da8fc1511f mediatek: backport upstream mediatek patches 
Signed-off-by: John Crispin <john@phrozen.org>
(cherry picked from commit 050da2107a)
 2018-06-18 21:21:53 +02:00
Stijn Segers 1199a91095 kernel: bump 4.14 to 4.14.48 for 18.06 
Refreshed patches. The following patches were upstreamed and have been deleted:

* target/linux/lantiq/patches-4.14/0025-MIPS-lantiq-gphy-Remove-reboot-remove-reset-asserts.patch
* target/linux/generic/pending-4.14/101-clocksource-mips-gic-timer-fix-clocksource-counter-w.patch
* target/linux/generic/pending-4.14/103-MIPS-c-r4k-fix-data-corruption-related-to-cache-coherence.patch
* target/linux/generic/pending-4.14/181-net-usb-add-lte-modem-wistron-neweb-d18q1.patch

Compile-tested: ramips/mt7621, x86/64
Run-tested: ramips/mt7621

Signed-off-by: Stijn Segers <foss@volatilesystems.org>
 2018-06-07 09:03:24 +02:00
Sergey Ryazanov 23cdf9f246 kernel: enable THIN_ARCHIVES by default 
THIN_ARCHIVES option is enabled by default in the kernel configuration
and no one target config disables it. So enable it by default and remove
this symbol from target specific configs to keep them light.

Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
(cherry picked from commit 67a3cdcbb0)
 2018-05-24 17:24:31 +02:00
Sergey Ryazanov 16e0866a74 kernel: enable FUTEX_PI by default 
New FUTEX_PI configuration symbol enabled if FUTEX and RT_MUTEX symbols
are enabled. Both of these symbols are enabled by default in the
generic config, so enable FUTEX_PI by default too to keep platform
specific configs minimal.

Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
(cherry picked from commit bdc2b58c4b)
 2018-05-24 17:24:31 +02:00
Sergey Ryazanov 1f26cfc92b kernel: enable EXPORTFS by default 
OVERLAY_FS config symbol selects EXPORTFS since 4.12 kernel, we have
OVERLAY_FS enabled by default, so enable EXPORTFS in the generic config
of 4.14 and remove this option from platform specific configs.

Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
(cherry picked from commit a08b0d0c31)
 2018-05-24 17:24:31 +02:00