Commit Graph

10 Commits

Author SHA1 Message Date
Hauke Mehrtens
46af22de16 kernel: Remove CONFIG_COMPAT
This removes support for executing old 32 bit applications on 64 bit ARM
and MIPS kernels.
On OpenWrt we normally compile all the user space applications on our
own and do not support third party binary only modules especial not 32
bit applications on 64 bit CPUs.

This reduces the attack surface on such systems and should also save
some memory.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-05-11 17:15:41 +02:00
Hauke Mehrtens
32eb66881c kernel: Activate CONFIG_ARM64_SW_TTBR0_PAN
This activates "Emulate Privileged Access Never using TTBR0_EL1
switching" on ARM64.

This should prevent the kernel from reading code from user space in
kernel context.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-05-11 17:15:41 +02:00
Tomasz Maciej Nowak
2e5a0b81ec mvebu: sysupgrade: sdcard: keep user added partitons
Currently sysupgrade overwrites whole disk and destroys partitions added
by user. Sync the sysupgrade code with the one present in x86 target to
remedy this behaviour.

Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2019-04-06 16:31:10 +02:00
Tomasz Maciej Nowak
727c3df5bb mvebu: shrink amount of packages and reorganize them
Since most of devices using SD card image to boot, use ext4 as boot
files system we can drop fat fs related packages. Also move packages
which are added repeatedly across subtargets to their default packages,
with droping the ones that are enabled in target kernel configugation.

Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2019-04-06 16:31:10 +02:00
Hauke Mehrtens
3d945f5706 mvebu: Refresh kernel configuration
This refreshes the current kernel configuration to remove unneeded
options, add some automatically added ones and reorders them. The normal
build did this automatically, so the builds already used this
configuration.

CONFIG_HW_RANDOM_OMAP is explicitly activated for the cortexa72
subtarget because it has an inside-secure,safexcel-eip76 IP core.

This was done with this command on the cortexa9 subtarget:
	make kernel_oldconfig
and this one on the other subtargets:
	make kernel_oldconfig CONFIG_TARGET=subtarget

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-03-26 15:11:39 +01:00
Tomasz Maciej Nowak
9f6c4ba25c mvebu: move HARDEN_BRANCH_PREDICTOR to common config
This symbol is enabled in all subtargets, move it to common kernel
config.

Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
Acked-by: Rosen Penev <rosenp@gmail.com>
2019-01-27 00:16:14 +01:00
Stijn Tintel
77e3e706ce kernel: add missing ARM64_SSBD symbol
In 4.14.57, a new symbol for Spectre v4 mitigation was introduced for
ARM64. Add this symbol to all ARM64 targets using kernel 4.14.

This mitigates CVE-2018-3639 on ARM64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-07-31 12:22:11 +03:00
Mathias Kresin
3877550114 arm64: enable harden branch predictor
Enable the harden branch predictor for arm64 as it is recommend.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2018-04-27 21:34:18 +02:00
Damir Samardzic
6f4faf833d mvebu: cortexa72: enable Marvell 10G PHY by default
This one enables 10 GbE ports on MACCHIATObin.

Signed-off-by: Damir Samardzic <damir.samardzic@sartura.hr>
2018-04-25 20:37:22 +02:00
Damir Samardzic
2534141322 mvebu: add support for MACCHIATObin (cortex-a72)
Add initial support for Marvell MACCHIATObin, cortex-a72 based Marvell
ARMADA 8040 Community board. Comes in two forms: Single Shot and Double
Shot.

Specifications:
- Quad core Cortex-A72 (up to 2GHz)
- DDR4 DIMM slot with optional ECC and single/dual chip select support
- Dual 10GbE (1/2.5/10GbE) via copper or SFP
  2.5GbE (1/2.5GbE) via SFP
  1GbE via copper
- SPI Flash
- 3 X SATA 3.0 connectors
- MicroSD connector
- eMMC
- PCI x4 3.0 slot
- USB 2.0 Headers (Internal)
- USB 3.0 connector
- Console port (UART) over microUSB connector
- 20-pin Connector for CPU JTAG debugger
- 2 X UART Headers
- 12V input via DC Jack
- ATX type power connector
- Form Factor: Mini-ITX (170 mm x 170 mm)

More details at http://macchiatobin.net

Booting from micro SD card:
 1. reset U-Boot environment:
      env default -a
      saveenv

 2. prepare U-Boot with boot script:
      setenv bootcmd "load mmc 1:1 0x4d00000 boot.scr; source 0x4d00000"
      saveenv

   or manually:
      setenv fdt_name armada-8040-mcbin.dtb
      setenv image_name Image
      setenv bootcmd 'mmc dev 1; ext4load mmc 1:1 $kernel_addr $image_name;ext4load mmc 1:1 $fdt_addr $fdt_name;setenv   bootargs $console root=/dev/mmcblk1p2 rw rootwait; booti $kernel_addr - $fdt_addr'
      saveenv

Signed-off-by: Damir Samardzic <damir.samardzic@sartura.hr>
2018-03-31 16:13:19 +02:00