Commit Graph

83 Commits

Author SHA1 Message Date
Hauke Mehrtens
32eb66881c kernel: Activate CONFIG_ARM64_SW_TTBR0_PAN
This activates "Emulate Privileged Access Never using TTBR0_EL1
switching" on ARM64.

This should prevent the kernel from reading code from user space in
kernel context.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-05-11 17:15:41 +02:00
Hauke Mehrtens
9b1239451d Kernel: Activate CONFIG_HARDENED_USERCOPY
This adds additional checks to the copy_from_user() and copy_to_user()
functions. The details are described in this article:
https://lwn.net/Articles/695991/

This should only have a very small performance impact on system calls
and should not affect routing performance.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-05-11 17:15:41 +02:00
Petr Štetiar
51216b4f83 kernel: Rename UPROBE_EVENT to UPROBE_EVENTS
Upstream has renamed UPROBE_EVENT to UPROBE_EVENTS in the following
commit:

 commit 6b0b7551428e4caae1e2c023a529465a9a9ae2d4
 Author: Anton Blanchard <anton@samba.org>
 Date:   Thu Feb 16 17:00:50 2017 +1100

     perf/core: Rename CONFIG_[UK]PROBE_EVENT to CONFIG_[UK]PROBE_EVENTS

     We have uses of CONFIG_UPROBE_EVENT and CONFIG_KPROBE_EVENT as
     well as CONFIG_UPROBE_EVENTS and CONFIG_KPROBE_EVENTS.

     Consistently use the plurals.

So I'm changing it to this plural option in order to make kconfig happy
and stop asking about it if kernel is compiled with verbose logging:

 Enable uprobes-based dynamic events (UPROBE_EVENTS) [Y/n/?] (NEW)

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-05-05 14:41:49 +02:00
Koen Vandeputte
fdf1aae77d kernel: add missing symbol in 4.19 config
Intel AtomISP2 dummy / power-management driver (INTEL_ATOMISP2_PM) [N/m/y/?] (NEW)

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-04-29 15:28:33 +02:00
Koen Vandeputte
022dfdc41c kernel: bump 4.19 to 4.19.35
Refreshed all patches.

Fixes:
- CVE-2019-3887

New symbol:
- CONFIG_LDISC_AUTOLOAD

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-04-22 21:15:17 +02:00
Lucian Cristian
16b381179f kernel: add missing drm symbol
dependency introduced with module drm-kms-helper

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
2019-04-18 12:06:47 +02:00
Koen Vandeputte
8df12d76c6 kernel: bump 4.19 to 4.19.34
Refreshed all patches.

Removed:
- 030-PCI-dwc-skip-MSI-init-if-MSIs-have-been-explicitly-d.patch

Altered:
- 366-netfilter-nf_flow_table-clean-up-and-fix-dst-handlin.patch
- 650-netfilter-add-xt_OFFLOAD-target.patch
- 662-remove_pfifo_fast.patch
- 332-arc-add-OWRTDTB-section.patch
- 100-clocksource-drivers-arch_timer-Workaround-for-Allwin.patch
- 702-phy_add_aneg_done_function.patch

New symbols:
- ARC_IRQ_NO_AUTOSAVE
- SUN50I_ERRATUM_UNKNOWN1

Compile-tested: cns3xxx, imx6, sunxi
Runtime-tested: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-04-08 14:53:39 +02:00
Tomasz Maciej Nowak
09fe18f042 tegra: add kernel 4.19 support
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2019-04-06 14:48:46 +02:00
Christian Lamparter
4c70ac7be4 x86: fix geode image builds redux
This patch adds more disabled DRM config symbols from the
x86' config to the generic target configs. The existing
symbols in the x86' configs are kept for now, until we
know whenever we want to remove such symbols or not
(see Github PR #1831, #1825, #1828).

THis patch also contains a squashed patch from
Daniel Engberg <daniel.engberg.lists@pyret.net> titled
"kernel: Fix config for 4.14" which fixes a duplicated line
added by: commit 8bdc241d01 ("x86: fix geode image builds")

Fixes: 8bdc241d01 ("x86: fix geode image builds")
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-03-02 12:59:47 +01:00
Christian Lamparter
ca769e081f kernel: disable touchscreen symbols
This patch removes the obsolete touchscreen config symbols
and all disables all remaining ones in the generic config.

Generated by running drivers/input/touchscreen/Kconfig

 sed -n 's/^config[[:space:]]\(.*\)/# CONFIG_\1 is not set/p' Kconfig |\
 sort -d
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-02-28 11:26:11 +01:00
Christian Lamparter
8bdc241d01 x86: fix geode image builds
This patch adds the disabled DRM_RADEON and DRM_AMDGPU
config symbols from the x86' config to the generic target
configs. The existing symbols in the x86' configs are kept
for now, until we know whenever we want to remove such
symbols or not (see Github PR #1831, #1825, #1828).

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-02-28 11:26:11 +01:00
Stijn Tintel
9f4a7de48a kernel: add kmod-fb-tft
This module adds support for small TFT LCD display modules. While this
module also exists in the 4.9 kernel, we are not going to support this
kernel in the next major release, so don't make it available for 4.9.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2019-02-24 01:15:22 +02:00
Pawel Dembicki
02644e5612 generic: kernel: Add missing config option
DRM packages break modules compilation for sunxi target,
cortexa7 and cortexa8 subtargets.

This patch add missing symbol to generic config.

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
2019-02-19 22:11:29 +01:00
Yangbo Lu
5d11672d07 kernel: disable CONFIG_USB_IMX21_HCD in default for kernel 4.14
CONFIG_USB_IMX21_HCD should be handled in generic config and
module package. So moved it into generic config.
This also fixed build issue (kernel config question) of layerscape
armv8_32b since it also used ARCH_MXC.

Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
[Deactivate CONFIG_USB_IMX21_HCD also for kernel 4.19]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-02-17 19:22:39 +01:00
Rosen Penev
5e8f18fef6 kernel: Remove CONFIG_UDF_NLS for kernel 4.19
kernel 4.18 removed the symbol and made NLS implicit.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2019-02-17 17:33:18 +01:00
Daniel Engberg
b3c050c013 kernel: Add missing config option for kernel 4.19
Add CONFIG_USB_ROLE_SWITCH otherwise Octeon 4.19 fails compile

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2019-02-14 16:56:15 +01:00
Tony Ambardar
a7370b5179 kernel: enable CONFIG_BPF_JIT by default
Enable the built-in BPF JIT compiler for all 4.9, 4.14 and 4.19 kernels,
which should speed up cBPF and eBPF-based packet filtering (tc, iptables)
and packet sniffing (libpcap, tcpdump, fwknopd, etc).

This has minimal kernel size impact, increasing the size of uImage-lzma
(normally ~2 MB on mips_24kc or mips64el_mips64) by 5 KB for the MIPS32
arch cBPF JIT and by 9 KB for the MIPS64 arch eBPF JIT, on kernel 4.14.

With JIT enabled (cBPF only), the standard BPF test module (test_bpf.ko)
running on a DIR-835 (mips_24kc) used 33 CPU seconds, but 68 without JIT.

This change aligns with the notion of OpenWRT as the network go-to swiss
army knife for packet handling, especially on CPU-constrained platforms.

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2019-02-11 20:18:48 +00:00
Petr Štetiar
07e6ce4606 kernel: add missing symbols to 4.19
While preparing 4.19 for imx6 and test building it with
CONFIG_ALL_KMODS=y with verbose mode enabled, I was asked by kernel
config about few missing symbols/modules

Let's add them to the generic config.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
[slight rewrite of commit log]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-02-08 17:27:47 +01:00
Koen Vandeputte
ab18540d11 kernel: rename symbol in kernel 4.19 config
A symbol was renamed upstream starting from kernel 4.18 [1]

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>

[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.0-rc5&id=34b13e5e4641c0e9e0aad471a6d8dfb7999276f1
2019-02-07 13:06:23 +01:00
Stijn Tintel
f4ebd1ead0 kernel: drop old symbol from 4.19
CONFIG_LIRC_STAGING was removed in kernel 4.16.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2019-01-17 03:09:47 +02:00
Hauke Mehrtens
cfc9bde379 kernel/modules: Add missing config option
This configuration option was added in kernel 4.15 and is missing in the
kernel 4.19 configuration.

Fixes: ed2839ac41 ("kernel/modules: add kmod-pmbus-zl6100 module")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-01-13 17:20:07 +01:00
Pawel Dembicki
ed2839ac41 kernel/modules: add kmod-pmbus-zl6100 module
This patch adds the kmod packaging for the Intersil / Zilker Labs
ZL6100 and compatible digital DC-DC controllers as well as the
core kernel module for the Power Management Bus.

Add:
kmod-pmbus-core
kmod-pmbus-zl6100

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
2019-01-13 11:07:37 +01:00
Christian Lamparter
6734753ef4 kernel: Add missing symbols to 4.19
Tested with apm82181 and ipq40xx minimal image versions.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-01-01 15:40:13 +01:00
Hauke Mehrtens
e790227553 kernel: Fix KERNEL_STACKPROTECTOR on kernel 4.19
The configuration option was renamed with kernel 4.19 from
CONFIG_CC_STACKPROTECTOR to CONFIG_STACKPROTECTOR adapt the code to set
both options.

CONFIG_STACKPROTECTOR now sets the regular stack protector and
CONFIG_STACKPROTECTOR_STRONG activates the additional protection of more
functions.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-12-26 17:32:48 +01:00
Hauke Mehrtens
b1daead066 kernel: Add compiler options to generic configuration
With kernel 4.19 new configuration options for the compiler were added.
These are automatically selected and set, instead of having them in each
target configuration, put them into the generic configuration.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-12-26 17:32:48 +01:00
Christian Lamparter
212f2a63eb kernel: Add missing symbols to 4.19
Tested with apm82181 and ipq40xx minimal image versions.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2018-12-24 19:14:21 +01:00
Petr Štetiar
7bd6969acc kernel: Add missing symbols to 4.19
While building 4.19 for ath79 with CONFIG_ALL_KMODS=y with verbose mode
enabled I was asked by kernel config about few symbols/modules so I'm
adding those missing symbols to the generic config.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2018-12-18 20:17:22 +01:00
Brett Mastbergen
2b6eab507a netfilter: Add fib support for nftables
Signed-off-by: Brett Mastbergen <bmastbergen@untangle.com>
2018-12-16 00:57:20 +01:00
Hauke Mehrtens
fbaf48387e kernel: netfilter: chain filters merged into nf_tables.ko
In mainline kernel commit 02c7b25e5f5 ("netfilter: nf_tables: build-in
filter chain type") all chain filters were merged into one file and into
one kernel module to save some memory. The code protected by these
configuration options CONFIG_NF_TABLES_BRIDGE, CONFIG_NF_TABLES_IPV4,
CONFIG_NF_TABLES_ARP, CONFIG_NF_TABLES_IPV6, CONFIG_NF_TABLES_NETDEV and
CONFIG_NF_TABLES_INET was merged into the nft_chain_filter.c file which
is now always compiled into the nf_tables.ko file.

This only happened in kernel 4.19 and OpenWrt has to select these as
modules in older kennel versions. Mark them as build-in in the kernel
4.19 specific kernel configuration file which will then not be
overwritten by the package specific settings which try to make them
modular again.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-12-15 14:28:50 +01:00
Hauke Mehrtens
f891670704 kernel: netfilter: Adapt merge ipv4/ipv6 masquerade code
In kernel commit 0168e8b361 ("netfilter: nat: merge ipv4/ipv6 masquerade
code into main nat module") the CONFIG_NF_NAT_MASQUERADE_IPV4 and
CONFIG_NF_NAT_MASQUERADE_IPV6 kernel configuration option were changed
to bool and the code will not be compiled as a own module any more, but
it will be integrated into nf_nat_ipv4.ko or nf_nat_ipv6.ko to save some
memory.

Activate these options as bool in the generic kernel 4.19 configuration
only, to always build them into the nf_nat_ipv*.ko modules. The kmod
file will still try to select them as module, but the generic
configuration will not be overwritten.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-12-15 14:28:50 +01:00
Hauke Mehrtens
edc4da5da1 kernel: Always activate CONFIG_HW_RANDOM_TPM
CONFIG_HW_RANDOM_TPM does not activate a separate kernel module any
more, but it only activates the random code in the tpm.ko.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-12-15 14:28:49 +01:00
Hauke Mehrtens
9261e7447e kernel: Make the patches apply on top of 4.19
This makes the patches which were just copied in the previous commit
apply on top of kernel 4.19.

The patches in the backports-4.19 folder were checked if they are really
in kernel 4.19 based on the title and only removed if they were found in
the upstream kernel.

The following additional patches form the pending folder went into
upstream Linux 4.19:
pending-4.19/171-usb-dwc2-Fix-inefficient-copy-of-unaligned-buffers.patch
pending-4.19/190-2-5-e1000e-Fix-wrong-comment-related-to-link-detection.patch
pending-4.19/478-mtd-spi-nor-Add-support-for-XM25QH64A-and-XM25QH128A.patch
pending-4.19/479-mtd-spi-nor-add-eon-en25qh32.patch
pending-4.19/950-tty-serial-exar-generalize-rs485-setup.patch
pending-4.19/340-MIPS-mm-remove-mips_dma_mapping_error.patch

Bigger changes were introduced to the m25p80 spi nor driver, as far as I
saw it in the new code, it now has the functionality provided in this
patch:
pending-4.19/450-mtd-m25p80-allow-fallback-from-spi_flash_read-to-reg.patch

Part of this patch went upstream independent of OpenWrt:
hack-4.19/220-gc_sections.patch
This patch was reworked to match the changes done upstream.

The MIPS DMA API changed a lot, this patch was rewritten to match the
new DMA handling:
pending-4.19/341-MIPS-mm-remove-no-op-dma_map_ops-where-possible.patch

I did bigger manual changes to the following patches and I am not 100% sure if they are all correct:
pending-4.19/0931-w1-gpio-fix-problem-with-platfom-data-in-w1-gpio.patch
pending-4.19/411-mtd-partial_eraseblock_write.patch
pending-4.19/600-netfilter_conntrack_flush.patch
pending-4.19/611-netfilter_match_bypass_default_table.patch
pending-4.19/670-ipv6-allow-rejecting-with-source-address-failed-policy.patch
hack-4.19/211-host_tools_portability.patch
hack-4.19/221-module_exports.patch
hack-4.19/321-powerpc_crtsavres_prereq.patch
hack-4.19/902-debloat_proc.patch

This is based on patchset from Marko Ratkaj <marko.ratkaj@sartura.hr>

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-12-15 14:28:48 +01:00
Hauke Mehrtens
52a82ce3dd kernel: Copy patches from kernel 4.14 to 4.19
This just copies the files from the kernel 4.14 specific folders into
the kernel 4.19 specific folder, no changes are done to the files in
this commit.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-12-15 12:50:06 +01:00