Commit Graph

272 Commits

Author SHA1 Message Date
Koen Vandeputte
5faccaf025 kernel: bump 4.9 to 4.9.223
Refreshed all patches.

Fixes:
- CVE-2020-12114

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-05-12 12:45:57 +02:00
Koen Vandeputte
82c8170cd0 kernel: bump 4.9 to 4.9.219
Refreshed all patches.

Altered patches:
- 0026-NET-multi-phy-support.patch

Fixes:
- CVE-2020-8647
- CVE-2020-8648 (Potentially)
- CVE-2020-8649

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-04-16 13:24:54 +02:00
Koen Vandeputte
4c14dbf5db kernel: bump 4.9 to 4.9.215
Refreshed all patches.

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-03-09 20:45:11 +01:00
Koen Vandeputte
bfee12cec6 kernel: bump 4.9 to 4.9.214
Refreshed all patches.

Fixes:
- CVE-2013-1798

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-02-24 14:21:08 +01:00
Koen Vandeputte
c15a039e62 kernel: bump 4.9 to 4.9.211
Refreshed all patches.

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-01-24 13:18:01 +01:00
Hauke Mehrtens
8c6668f088 kernel: bump 4.9 to 4.9.208
Refreshed all patches.

Compile-tested on: lantiq
Runtime-tested on: lantiq

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-01-05 00:03:22 +01:00
Hauke Mehrtens
83ce31d3d8 kernel: bump 4.9 to 4.9.207
Refreshed all patches.

Compile-tested on: lantiq
Runtime-tested on: none

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-12-26 14:02:32 +01:00
Koen Vandeputte
862a885103 kernel: bump 4.9 to 4.9.199
Refreshed all patches.

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-11-12 10:33:42 +01:00
Daniel F. Dickinson
0880275d5e brcm2708: Add feature flag rootfs-part
Even with squashfs brcm2708 requires ROOTFS_PART_SIZE because the overlay
exists as a loopback device on the space not used by squashfs in the root
partition. Also for ext4 (the other fs option) ROOTFS_PART_SIZE is required,
so use feature flag rootfs-part to enable it.

Fixes FS#2166

Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
(cherry picked from commit 3bb44f4299)
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-10-30 02:38:02 +00:00
Koen Vandeputte
d513f28351 kernel: bump 4.9 to 4.9.195
Refreshed all patches.

Altered patches:
- 403-mtd_fix_cfi_cmdset_0002_status_check.patch

Compile-tested on: ar71xx
Compile-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-08 12:46:02 +02:00
Koen Vandeputte
e058fb3658 kernel: bump 4.9 to 4.9.189
Refreshed all patches.

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-08-14 18:24:41 +02:00
Koen Vandeputte
2807f84b62 kernel: bump 4.9 to 4.9.187
Refreshed all patches.

Altered patches:
- 021-bridge-multicast-to-unicast.patch

Remove upstreamed:
- 001-um-Allow-building-and-running-on-older-hosts.patch
- 003-um-Fix-check-for-_xstate-for-older-hosts.patch

Fixes:
- CVE-2019-10207
- CVE-2019-13648

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-08-06 11:56:18 +02:00
Koen Vandeputte
6c1bef833d kernel: bump 4.9 to 4.9.183
Refreshed all patches.

Remove upstreamed:
- 010-revert-staging-vc04_services-prevent-integer-overflow-in-create_pagelist.patch

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-06-24 16:44:13 +02:00
Matthias Schiffer
fc1dae5be7
brcm2708: Revert "staging: vc04_services: prevent integer overflow in create_pagelist()"
The bump to 4.9.181 broke build for bcm2708 and bcm2709. Revert the
offending patch.

The same revert is also queued for the next upstream 4.9.y release.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2019-06-20 23:46:01 +02:00
Koen Vandeputte
40b1e899ba kernel: bump 4.9 to 4.9.181
Refreshed all patches.

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-06-12 16:04:25 +02:00
Koen Vandeputte
f053a8ce41 kernel: bump 4.9 to 4.9.175
Refreshed all patches.

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-05-15 11:28:40 +02:00
Koen Vandeputte
f105a9c35c kernel: bump 4.9 to 4.9.172
Refreshed all patches.

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-05-06 12:44:26 +02:00
Koen Vandeputte
aa0e6fc489 kernel: bump 4.9 to 4.9.168
Refreshed all patches.

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-04-08 14:54:48 +02:00
Koen Vandeputte
e9cb40caa4 kernel: bump 4.9 to 4.9.159
Refreshed all patches.

Remove upstreamed:
- 023-1-smsc95xx-Use-skb_cow_head-to-deal-with-cloned-skbs.patch
- 023-6-ch9200-use-skb_cow_head-to-deal-with-cloned-skbs.patch
- 023-7-kaweth-use-skb_cow_head-to-deal-with-cloned-skbs.patch
- 050-usb-dwc2-Remove-unnecessary-kfree.patch
- 092-netfilter-nf_tables-fix-mismatch-in-big-endian-syste.patch
- 272-uapi-if_ether.h-prevent-redefinition-of-struct-ethhd.patch

Fixes:
- CVE-2018-1000026

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-02-25 10:23:44 +01:00
Koen Vandeputte
9fb3710a8b kernel: bump 4.9 to 4.9.156
Refreshed all patches.

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-02-15 10:53:16 +01:00
Koen Vandeputte
cae263227f kernel: bump 4.9 to 4.9.150
Refreshed all patches.

Remove upstreamed:
- 510-f2fs-fix-sanity_check_raw_super-on-big-endian-machines.patch

Altered patches:
- 024-7-net-reorganize-struct-sock-for-better-data-locality.patch

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-01-15 13:58:36 +01:00
Koen Vandeputte
85f42a74d3 kernel: bump 4.9 to 4.9.145
Refreshed all patches.

Fixes CVE:
- CVE-2018-14625

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-12-14 13:04:54 +01:00
Koen Vandeputte
bcd7644007 kernel: bump 4.9 to 4.9.143
Refreshed all patches.

Altered patches:
- 950-0063-Improve-__copy_to_user-and-__copy_from_user-performa.patch
- 950-0149-Update-vfpmodule.c.patch
- 201-extra_optimization.patch

New symbol:
- CONFIG_HARDEN_BRANCH_PREDICTOR

Compile-tested on: ar71xx, ar7, arc770, at91, brcm2708, brcm63xx, ixp4xx, lantiq, layerscape, mpc85xx, orion, rb532, uml
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-12-13 13:28:41 +01:00
Koen Vandeputte
6f388adef8 kernel: bump 4.9 to 4.9.137
Refreshed all patches.

Removed upstreamed hunks:
- 703-phy-support-layerscape.patch

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-11-14 16:27:43 +01:00
Koen Vandeputte
235148b077 kernel: bump 4.9 to 4.9.133
Refreshed all patches.

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-10-15 16:54:30 +02:00
Koen Vandeputte
2e946ca366 kernel: bump 4.9 to 4.9.129
Refreshed all patches.

Removed upstreamed:
- 203-MIPS-ath79-fix-restart.patch

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-09-26 15:55:23 +02:00
Koen Vandeputte
e4a5750931 kernel: bump 4.9 to 4.9.119
Refreshed all patches.

Delete upstreamed patch:
- 100-tcp-add-tcp_ooo_try_coalesce-helper.patch

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-08-10 18:43:59 +02:00
John Crispin
be4ab7e178 brcm2708: fix w1 patch
this is now part of generic

Signed-off-by: John Crispin <john@phrozen.org>
(cherry picked from commit 5f5d812881)
2018-08-08 15:42:22 +02:00
Stijn Segers
9e1530b2a3 kernel: bump 4.9 to 4.9.117 for 18.06
* Refreshed patches.
* Removed patches:
  - target/linux/ar71xx/patches-4.9/103-MIPS-ath79-fix-register-address-in-ath79_ddr_wb_flus.patch superseded by upstream
  - target/linux/ar71xx/patches-4.9/403-mtd_fix_cfi_cmdset_0002_status_check.patch superseded by upstream
  - target/linux/brcm63xx/patches-4.9/001-4.11-01-mtd-m25p80-consider-max-message-size-in-m25p80_read.patch accepted upstream
  - target/linux/brcm63xx/patches-4.9/001-4.15-08-bcm63xx_enet-correct-clock-usage.patch accepted upstream
  - target/linux/brcm63xx/patches-4.9/001-4.15-09-bcm63xx_enet-do-not-write-to-random-DMA-channel-on-B.patch accepted upstream
  - target/linux/generic/pending-4.9/900-gen_stats-fix-netlink-stats-padding.patch

* New backported patch to address ext4 breakage, introduced in 4.9.112:
  - backport-4.9/500-ext4-fix-check-to-prevent-initializing-reserved-inod.patch

Also add ARM64_SSBD symbol to ARM64 targets still running kernel 4.9

Thanks to Koen Vandeputte for pointing out the need to add the ARM64_SSBD symbol, and the ext4 patch.

Compile-tested on: ar71xx
Run-tested on: ar71xx

Signed-off-by: Stijn Segers <foss@volatilesystems.org>
2018-08-06 07:30:32 +02:00
Christian Lamparter
4dc0ff8183 brcm2708: split sdcard.img.gz into a sysupgrade and factory image
@vahid-dan reported a issue with extracting the rpi images with
Gnome's Archive Manager:
"Ubuntu Archive Manager cannot extract the file and it just
throws a general error message: "An error occurred while
extracting files".
<https://forum.lede-project.org/t/corrupted-pre-built-v18-06-0-rc2-image-for-rpi>

@blogic told me to split the single sdcard.img.gz for the RPi
into a sysupgrade and a factory image for all brcm2708 targets.
The factory images will have no metadata attached, this way
these utilities that can't deal with the attached metadata will
not fail for no reason.

Cc: John Crispin <john@phrozen.org>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 7516a96011)
2018-07-30 14:00:59 +02:00
Koen Vandeputte
3a5498c5e5 kernel: bump 4.9 to 4.9.111 for 18.06
Refreshed all patches

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-07-12 13:54:24 +02:00
Koen Vandeputte
4f765922f0 kernel: bump 4.9 to 4.9.109 for 18.06
Refreshed all patches

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-06-18 15:28:48 +02:00
Koen Vandeputte
4121018b3f kernel: bump 4.9 to 4.9.108 for 18.06
Refreshed all patches

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-06-18 06:42:18 +02:00
Stijn Segers
6f8eb1b50f kernel: bump 4.9 to 4.9.106 for 18.06
Refreshed patches. The following patches were upstreamed and have been deleted:

* target/linux/ar71xx/patches-4.9/106-01-MIPS-ath79-fix-AR724X_PLL_REG_PCIE_CONFIG-offset.patch
* target/linux/generic/pending-4.9/180-net-phy-at803x-add-support-for-AT8032.patch
* target/linux/generic/pending-4.9/181-net-usb-add-lte-modem-wistron-neweb-d18q1.patch
* target/linux/generic/pending-4.9/182-net-qmi_wwan-add-BroadMobi-BM806U-2020-2033.patch

Signed-off-by: Stijn Segers <foss@volatilesystems.org>
2018-06-07 09:03:05 +02:00
Christian Lamparter
fff02093e6 brcm2708: add squashfs rootfs image
This patch adds a image with squashfs as the root filesystem.
A rootfs_data partition will be generated on the first boot
and placed inside the rootfs partition (just after the squashfs
image).

advantages:
 - it is possible to migrate from an existing -ext4
   installation and back via sysupgrade.
 - existing partition layout will not be lost.
 - slightly smaller image size.
 - support for attendedsysupgrade

disadvantages:
 - needs f2fs + tools as well. This is because fs-tools decides on the
   blocksize of the sdcard. So either f2fs or ext4 can get choosen as
   the rootfs_data filesystem (depends on the size of the root partition).
 - rootfs_data is placed into the rootfs partition. This makes
   it difficult for tools that expect a /dev/mmc0pX device.
   It also makes it difficult for data recovery tools since they
   might not expect to find a embedded partition or will be
   confused.

For people with existing build configurations: make sure to include mkf2fs
and f2fsck package into the image... Otherwise the new -squashfs image will
boot of a ram-overlay and won't keep the configurations after a reboot.

Cc: Álvaro Fernández Rojas <noltari@gmail.com>
Cc: Paul Spooren <spooren@informatik.uni-leipzig.de>
Cc: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Acked-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 707b6c815b)
2018-05-24 17:24:30 +02:00
Koen Vandeputte
2b7289cd3b kernel: bump 4.9 to 4.9.102 for 18.06
Refreshed all patches

Added new ARM64 symbol: ARM64_ERRATUM_1024718

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-05-24 16:03:58 +02:00
Mathias Kresin
25f47c7bf9 kernel: add missing config symbols
The harden branch predictor was backported for arm64 with 4.9.92-96.

Fixes: 9aa196e0f2 ("kernel: bump 4.9 to bump 4.9.96")

Signed-off-by: Mathias Kresin <dev@kresin.me>
2018-04-27 21:34:00 +02:00
Christo Nedev
50b0919628 brcm2708: Add support for raspberry pi 3 b+.
Signed-off-by: Christo Nedev <christo.nedev@me.com>
2018-04-27 09:59:33 +02:00
Kevin Darbyshire-Bryant
9aa196e0f2 kernel: bump 4.9 to 4.9.96
Refresh patches, following required reworking:

ar71xx/patches-4.9/930-chipidea-pullup.patch
layerscape/patches-4.9/302-dts-support-layercape.patch
sunxi/patches-4.9/0052-stmmac-form-4-12.patch

Fixes for CVEs:
CVE-2018-1108
CVE-2018-1092

Tested on: ar71xx Archer C7 v2

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Tested-by: Arjen de Korte <build+openwrt@de-korte.org>
2018-04-26 08:53:54 +02:00
Hauke Mehrtens
aed03d5d0f kernel: update kernel 4.9 to version 4.9.91
* Refreshed patches.
 * Deleted 210-Revert-led-core-Fix-brightness-setting-when-setting-.patch (was accepted upstream)
 * Deleted 812-pci-dwc-fix-enumeration.patch (was accepted upstream)

Compile and run tested on lantiq

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-03-31 16:31:26 +02:00
Koen Vandeputte
cfc5867bce kernel: bump 4.9 to 4.9.86
- Refreshed all patches
- Removed 1 patch which got upstreamed

Compile tested on: ar71xx (Rocket M5, Mikrotik RB2011)
Runtime tested on: ar71xx (Rocket M5, Mikrotik RB2011)

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-03-09 22:13:19 +01:00
Magnus Kroken
5af85dab22 kernel: bump 4.9 to 4.9.85
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2018-03-03 12:58:55 +01:00
Stijn Tintel
858ff4f3e1 Revert "brcm2708: fix sdcard image"
This reverts commit 6c2e1ff80f.

GNU gzip does not fail when the image filename already contains the .gz
extension, this is a problem specific to pigz. Revert the commit, as we
now gzip the image twice.

Reported-by: Martin Schleier <drahemmaps@gmx.net>
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-02-19 23:52:45 +01:00
Hauke Mehrtens
47c5415023 brcm2708: Fix compile after adding kernel 4.9.82
Fixes: f621b53951 ("kernel: bump 4.9 to 4.9.82")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-02-18 19:52:06 +01:00
Stijn Tintel
f621b53951 kernel: bump 4.9 to 4.9.82
Refresh patches.
Remove upstreamed patches:
- ar7/002-MIPS-AR7-ensure-the-port-type-s-FCR-value-is-used.patch
- backport/040-crypto-fix-typo-in-KPP-dependency-of-CRYPTO_ECDH.patch
Remove layerscape/819-Revert-dmaengine-dmatest-move-callback-wait-queue-to.patch,
it is superseded by upstream commit 297c7cc4b5651b174a62925b6c961085f04979fd.
Remove pending/650-pppoe_header_pad.patch, it is superseded by
upstream commit 1bd21b158e07e0b8c5a2ce832305a0ebfe42c480.
Update patches that no longer apply:
- ar71xx/004-register_gpio_driver_earlier.patch
- hack/204-module_strip.patch
- pending/493-ubi-set-ROOT_DEV-to-ubiblock-rootfs-if-unset.patch

Fixes CVE-2017-8824.

Compile-tested: ar71xx.
Runtime-tested: ar71xx.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-02-18 02:59:57 +01:00
Stijn Tintel
6c2e1ff80f brcm2708: fix sdcard image
The gzip step in the sdcard image build fails because the image filename
already has the gzip extension. This results in an empty image file, to
which the metadata is finally appended.

Remove the .gz extension from the image filename to fix this.

Fixes: e79b096ee1 ("brcm2708: convert to metadata")

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-02-17 21:00:49 +01:00
Jo-Philipp Wich
7e99a6ba69 target: disable CONFIG_PROC_PAGE_MONITOR on most targets
Disable CONFIG_PROC_PAGE_MONITOR in most places and only keep it enabled
for virtual targets such as malta or potent ones like x86.

This saves up to 4KB of uncompressed kernel size and significantly
decreases CPU load under certain workloads.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-01-13 15:04:15 +01:00
Stijn Tintel
8b35da1552 kernel: move CONFIG_KASAN to generic config
While bumping 4.14, the kernel build failed due to missing CONFIG_KASAN
symbol. Move it to generic config instead of defining it for all arm64
and x86/64 targets.

It was only added in 4.0, so not needed in config-3.18.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-01-02 21:55:46 +02:00
Kevin Darbyshire-Bryant
7b6e01d389 kernel: bump 4.9 to 4.9.72
Refresh patches.

Runtime tested: ar71xx - Archer C7 v2

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2017-12-26 23:31:00 +01:00
Christian Lamparter
246916ddf4 brcm2708: use x86's upgrade scripts for all rpi targets
Advantages:
 - preserves existing partition layout on the sd-card.
   Only the boot and rootfs partition will be overwritten.

Please note that sysupgrade will refuse to upgrade, if the existing
installation  has an incompatible partition layout. Future changes
to the bootfs and/or rootfs partition size will likely cause breakage
to the sysupgrade procedure. In these cases, the ext4-sdcard.img.gz
will have to be written to the sdcard manually.
Please don't forget to backup your configuration in this case.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2017-12-25 12:19:43 +01:00