openwrt

mirror of https://github.com/openwrt/openwrt.git synced 2024-12-29 10:08:59 +00:00

Author	SHA1	Message	Date
Hauke Mehrtens	1f8d9f70c2	kernel: Update kernel 4.14 to version 4.14.187 Fixes: - CVE-2020-10757 Run tested: x86 Build tested: x86 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>	2020-07-05 15:02:47 +02:00
Koen Vandeputte	7b49c0b48a	kernel: bump 4.14 to 4.14.180 Refreshed all patches. Fixed: - CVE-2020-12114 - CVE-2020-11669 Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2020-05-12 12:45:57 +02:00
Koen Vandeputte	1f0679f54d	kernel: bump 4.14 to 4.14.176 Refreshed all patches. Remove upstreamed: - 0001-net-thunderx-workaround-BGX-TX-Underflow-issue.patch - 600-ipv6-addrconf-call-ipv6_mc_up-for-non-Ethernet-inter.patch Fixes: - CVE-2020-8647 - CVE-2020-8648 (potentially) - CVE-2020-8649 Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2020-04-16 13:24:54 +02:00
Koen Vandeputte	e38f355569	kernel: bump 4.14 to 4.14.172 Refreshed all patches. Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2020-03-09 20:45:11 +01:00
Koen Vandeputte	fafe99b62d	kernel: bump 4.14 to 4.14.171 Refreshed all patches. Fixes: - CVE-2013-1798 Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2020-02-24 14:21:08 +01:00
Koen Vandeputte	4eba86820f	kernel: bump 4.14 to 4.14.169 Refreshed all patches. Fixes: - CVE-2019-14896 - CVE-2019-14897 Remove upstreamed: - 023-0007-crypto-crypto4xx-Fix-wrong-ppc4xx_trng_probe-ppc4xx_.patch Altered patches: - 102-MIPS-BCM63XX-move-code-touching-the-USB-private-regi.patch - 105-MIPS-BCM63XX-add-support-for-the-on-chip-OHCI-contro.patch - 106-MIPS-BCM63XX-register-OHCI-controller-if-board-enabl.patch - 108-MIPS-BCM63XX-add-support-for-the-on-chip-EHCI-contro.patch - 207-MIPS-BCM63XX-move-device-registration-code-into-its-.patch - 350-MIPS-BCM63XX-support-settings-num-usbh-ports.patch - 356-MIPS-BCM63XX-move-fallback-sprom-support-into-its-ow.patch - 390-MIPS-BCM63XX-do-not-register-SPI-controllers.patch - 391-MIPS-BCM63XX-do-not-register-uart.patch - 392-MIPS-BCM63XX-remove-leds-and-buttons.patch - 416-BCM63XX-add-a-fixup-for-ath9k-devices.patch - 422-BCM63XX-add-a-fixup-for-rt2x00-devices.patch - Compile-tested on: brcm63xx, cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2020-02-04 18:12:19 +01:00
Hauke Mehrtens	455ae024d5	kernel: bump 4.14 to 4.14.162 Refreshed all patches. Compile-tested on: ramips Runtime-tested on: ramips Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>	2020-01-05 00:02:58 +01:00
Hauke Mehrtens	c280710d7a	kernel: bump 4.14 to 4.14.160 Refreshed all patches. Compile-tested on: ipq40xx Runtime-tested on: none Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>	2019-12-26 14:02:24 +01:00
Koen Vandeputte	27dddb67c0	kernel: bump 4.14 to 4.14.159 Refreshed all patches. Fixes: - CVE-2019-19332 Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2019-12-25 15:55:41 +01:00
Koen Vandeputte	5d92949019	kernel: bump 4.14 to 4.14.158 Refreshed all patches. Altered patches: - 400-mtd-add-rootfs-split-support.patch Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2019-12-10 09:54:20 +01:00
Koen Vandeputte	0a9147be6a	kernel: bump 4.14 to 4.14.154 Refreshed all patches. Altered patches: - 902-debloat_proc.patch - 040-dmaengine-qcom-bam-Process-multiple-pending-descript.patch Remove upstreamed: - 303-spi-nor-enable-4B-opcodes-for-mx66l51235l.patch New symbols: X86_INTEL_MPX X86_INTEL_MEMORY_PROTECTION_KEYS X86_INTEL_TSX_MODE_OFF X86_INTEL_TSX_MODE_ON X86_INTEL_TSX_MODE_AUTO SGL_ALLOC Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2019-11-19 15:03:17 +01:00
Koen Vandeputte	3d3a933315	kernel: bump 4.14 to 4.14.152 Refreshed all patches. Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2019-11-12 10:33:42 +01:00
Koen Vandeputte	9628612abe	kernel: bump 4.14 to 4.14.148 Refreshed all patches. Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2019-10-08 15:53:15 +02:00
Koen Vandeputte	778243b3b4	kernel: bump 4.14 to 4.14.147 Refreshed all patches. Compile-tested on: cns3xxx, imx6 Compile-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2019-10-08 12:46:02 +02:00
Koen Vandeputte	4acc0db480	kernel: bump 4.14 to 4.14.146 Refreshed all patches. Fixes: - CVE-2019-14814 - CVE-2019-14815 - CVE-2019-14816 - CVE-2019-14821 Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2019-09-24 12:53:40 +02:00
Koen Vandeputte	7e1db8f27c	kernel: bump 4.14 to 4.14.145 Refreshed all patches. Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2019-09-20 15:52:54 +02:00
Koen Vandeputte	d32cf52674	kernel: bump 4.14 to 4.14.144 Refreshed all patches. Fixes: - CVE-2019-15030 Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2019-09-20 13:17:20 +02:00
Koen Vandeputte	c948a74158	kernel: bump 4.14 to 4.14.139 Refreshed all patches. Also add a missing symbol for x86 which got used now in this bump. - ISCSI_IBFT Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2019-08-27 10:39:49 +02:00
Koen Vandeputte	89808e211c	kernel: bump 4.14 to 4.14.137 Refreshed all patches. Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2019-08-09 18:34:08 +02:00
Koen Vandeputte	958411aa61	kernel: bump 4.14 to 4.14.136 Refreshed all patches. Altered patches: - 306-v4.16-netfilter-remove-saveroute-indirection-in-struct-nf_.patch Remove upstreamed: - 505-arm64-dts-marvell-Fix-A37xx-UART0-register-size Fixes: - CVE-2019-13648 - CVE-2019-10207 Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2019-08-06 11:56:18 +02:00
Koen Vandeputte	687977bfc9	kernel: bump 4.14 to 4.14.132 Refreshed all patches. Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2019-07-09 17:00:59 +02:00
Koen Vandeputte	bd0c3988e7	kernel: bump 4.14 to 4.14.128 Refreshed all patches. Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2019-06-20 15:51:03 +02:00
Koen Vandeputte	2999c342aa	kernel: bump 4.14 to 4.14.127 Refreshed all patches. Fixes: - CVE-2019-11479 - CVE-2019-11478 - CVE-2019-11477 Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2019-06-18 15:49:37 +02:00
Mantas Pucka	85eda6f61e	kernel: mt29f_spinand: fix memory leak during page program Memory is allocated with devm_kzalloc() on every page program and leaks until device is closed (which never happens). Convert to kzalloc() and handle error paths manually. Signed-off-by: Mantas Pucka <mantas@8devices.com>	2019-06-15 19:05:30 +02:00
Koen Vandeputte	1867f10807	kernel: bump 4.14 to 4.14.123 Refreshed all patches. Compile-tested on: cns3xxx, imx6 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2019-06-03 17:01:20 +02:00
Koen Vandeputte	6563e494a0	kernel: bump 4.14 to 4.14.122 Refreshed all patches. Compile-tested on: cns3xxx, imx6 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2019-06-03 12:43:17 +02:00
Koen Vandeputte	4685bf1d2f	kernel: bump 4.14 to 4.14.114 Refreshed all patches. Altered patches: - 150-bridge_allow_receiption_on_disabled_port.patch - 201-extra_optimization.patch Remove upstreamed: - 022-0006-crypto-crypto4xx-properly-set-IV-after-de-and-encryp.patch Compile-tested on: cns3xxx, imx6 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2019-05-02 13:00:26 +02:00
Koen Vandeputte	6c81f5fac6	kernel: bump 4.14 to 4.14.111 Refreshed all patches. Compile-tested on: cns3xxx, imx6 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2019-04-08 14:54:48 +02:00
Koen Vandeputte	9ee8c8daf4	kernel: bump 4.14 to 4.14.103 Refreshed all patches. Compile-tested on: cns3xxx, imx6 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2019-02-25 17:34:25 +01:00
Koen Vandeputte	62feabecd8	kernel: bump 4.14 to 4.14.99 Refreshed all patches. Compile-tested on: cns3xxx, imx6 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2019-02-15 10:53:17 +01:00
Koen Vandeputte	fbb2186fbd	kernel: bump 4.14 to 4.14.98 Refreshed all patches. Remove upstreamed: - 100-arm-cns3xxx-fix-writing-to-wrong-PCI-registers-after.patch Altered patches: - 721-phy_packets.patch Compile-tested on: cns3xxx, imx6 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2019-02-13 10:30:04 +01:00
Koen Vandeputte	ef17edae3d	kernel: bump 4.14 to 4.14.97 Refreshed all patches. Compile-tested on: cns3xxx, imx6 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2019-02-01 11:41:39 +01:00
Koen Vandeputte	026f08a610	kernel: bump 4.14 to 4.14.96 Refreshed all patches. New symbol added: - CONFIG_CIFS_ALLOW_INSECURE_LEGACY Compile-tested on: cns3xxx, imx6 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2019-01-31 15:35:22 +01:00
Koen Vandeputte	939fa07b04	kernel: bump 4.14 to 4.14.93 Refreshed all patches. Remove upstreamed: - 510-f2fs-fix-sanity_check_raw_super-on-big-endian-machines.patch Compile-tested on: cns3xxx, imx6 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2019-01-15 13:58:36 +01:00
Koen Vandeputte	367ccf7a2d	kernel: bump 4.14 to 4.14.91 Refreshed all patches. Altered patches: - 902-debloat_proc.patch Removed upstreamed: - 500-ubifs-Handle-re-linking-of-inodes-correctly-while-re.patch Compile-tested on: cns3xxx, imx6 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2019-01-08 13:13:16 +01:00
Brett Mastbergen	69d6da1de6	kernel: generic: Fix nftables inet table breakage Commit `b7265c59ab` ("kernel: backport a series of netfilter cleanup patches to 4.14") added patch 302-netfilter-nf_tables_inet-don-t-use- multihook-infrast.patch. That patch switches the netfilter core in the kernel to use the new native NFPROTO_INET support. Unfortunately, the new native NFPROTO_INET support does not exist in 4.14 and was not backported along with this patchset. As such, nftables inet tables never see any traffic. As an example the following nft counter rule should increment for every packet coming into the box, but never will: nft add table inet foo nft add chain inet foo bar { type filter hook input priority 0\; } nft add rule inet foo bar counter This commit pulls in the required backport patches to add the new native NFPROTO_INET support, and thus restore nftables inet table functionality. Tested on Turris Omnia (mvebu) Fixes: `b7265c59ab` ("kernel: backport a series of netfilter cleanup ...") Signed-off-by: Brett Mastbergen <bmastbergen@untangle.com> (backported from `f57806b56e`) (rebased patches) Signed-off-by: Jo-Philipp Wich <jo@mein.io>	2018-12-18 11:28:13 +01:00
Felix Fietkau	e68e498ff3	kernel: replace bridge port isolate hack with upstream patch backport on 4.14 Signed-off-by: Felix Fietkau <nbd@nbd.name> (backported from `21ee8ce9b5`) (rebased patches) Signed-off-by: Jo-Philipp Wich <jo@mein.io>	2018-12-18 09:45:59 +01:00
Felix Fietkau	b06665b205	kernel: adjust bridge port isolate patch to match upstream attribute naming Newer kernels have a patch that implements compatible functionality directly. Adjust the attribute of our own patch in preparation for dropping it later Signed-off-by: Felix Fietkau <nbd@nbd.name> (backported from `41a1c1af4b`)	2018-12-18 09:45:59 +01:00
Felix Fietkau	3a507b2f9b	kernel: avoid flow offload for connections with xfrm on the dst entry (should fix IPSec) Signed-off-by: Felix Fietkau <nbd@nbd.name> (backported from `b560c1748a`) (rebased patches) Signed-off-by: Jo-Philipp Wich <jo@mein.io>	2018-12-18 09:43:59 +01:00
Koen Vandeputte	6f74e269c8	kernel: bump 4.14 to 4.14.87 Refreshed all patches. Compile-tested on: cns3xxx, imx6 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2018-12-13 13:29:03 +01:00
Koen Vandeputte	2213b20aee	kernel: bump 4.14 to 4.14.86 Refreshed all patches. Altered patches: - 180-usb-xhci-add-support-for-performing-fake-doorbell.patch Compile-tested on: cns3xxx, imx6 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2018-12-13 13:28:54 +01:00
Koen Vandeputte	4db74fbd69	kernel: bump 4.14 to 4.14.81 Refreshed all patches. Removed upstreamed patches: - 081-spi-bcm-qspi-switch-back-to-reading-flash-using-smal.patch Altered patches: - 0054-cpufreq-dt-Handle-OPP-voltage-adjust-events Compile-tested on: cns3xxx, imx6, ipq806x, x86_64 Runtime-tested on: cns3xxx, imx6, x86_64 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2018-11-14 16:27:43 +01:00
Koen Vandeputte	f9c79947b5	kernel: bump 4.14 to 4.14.79 Refreshed all patches. Compile-tested on: cns3xxx, imx6, x86_64 Runtime-tested on: cns3xxx, imx6, x86_64 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2018-11-05 16:00:47 +01:00
Koen Vandeputte	f1a2b5bbbc	kernel: tolerate using UBI/UBIFS on MLC flash (FS#1830) starting from upstream commit 577b4eb23811 ("ubi: Reject MLC NAND") it is not allowed to use UBI and UBIFS on a MLC flavoured NAND flash chip. [1] According to David Oberhollenzer [2]: The real problem is that on MLC NAND, pages come in pairs. Multiple voltage levels inside a single, physical memory cell are used to encode more than one bit. Instead of just having pages that are twice as big, the flash exposes them as two different pages. Those pages are usually not ordered sequentially either, but according to a vendor/device specific pairing scheme. Within OpenWrt, devices utilizing this type of flash, combined with UBI(fs) will be bricked when a user upgrades from 17.01.4 to a newer version as the MLC will be refused. As these devices are currently advertised as supported by OpenWrt, we should at least maintain the original state during the lifecycle of the current releases. Support can be gracefully ended when a new release-branch is created. Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com> Acked-by: Hauke Mehrtens <hauke@hauke-m.e> [1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v4.14.77&id=577b4eb23811dfc8e38924dc476dbc866be74253 [2] https://lore.kernel.org/patchwork/patch/920344/	2018-10-29 10:56:59 +01:00
Koen Vandeputte	47f68ca586	kernel: bump 4.14 to 4.14.77 Refreshed all patches. Altered patches: - 666-Add-support-for-MAP-E-FMRs-mesh-mode.patch New symbol for arm targets: - HARDEN_BRANCH_PREDICTOR Compile-tested on: cns3xxx, imx6, x86_64 Runtime-tested on: cns3xxx, imx6, x86_64 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com> Tested-by: Stijn Tintel <stijn@linux-ipv6.be>	2018-10-19 10:00:48 +02:00
Koen Vandeputte	9ac7eb4a86	kernel: bump 4.14 to 4.14.76 Refreshed all patches. Compile-tested on: cns3xxx, imx6 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2018-10-15 16:54:30 +02:00
Koen Vandeputte	149dcc26d1	kernel: bump 4.14 to 4.14.74 Refreshed all patches. Fixes CVE: - CVE-2018-7755 Compile-tested on: cns3xxx, imx6 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2018-10-04 16:14:44 +02:00
Koen Vandeputte	492bd8ddc9	kernel: bump 4.14 to 4.14.71 Refreshed all patches. Compile-tested on: cns3xxx, imx6 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2018-09-21 13:23:59 +02:00
Koen Vandeputte	55bbd8293c	kernel: bump 4.14 to 4.14.68 Refreshed all patches. Remove upstream accepted: - 330-Revert-MIPS-BCM47XX-Enable-74K-Core-ExternalSync-for.patch Altered: - 303-v4.16-netfilter-nf_tables-remove-multihook-chains-and-fami.patch - 308-mips32r2_tune.patch Compile-tested on: cns3xxx, imx6 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>	2018-09-07 17:22:23 +02:00
Stijn Segers	9ce7aa325e	kernel: bump 4.14 to 4.14.60 for 18.06 * Refreshed patches. * Patches made redundant by changes upstream: - target/linux/ramips/patches-4.14/0036-mtd-fix-cfi-cmdset-0002-erase-status-check.patch * Patches accepted upstream: - target/linux/apm821xx/patches-4.14/020-0001-crypto-crypto4xx-remove-bad-list_del.patch - target/linux/apm821xx/patches-4.14/020-0011-crypto-crypto4xx-fix-crypto4xx_build_pdr-crypto4xx_b.patch - target/linux/brcm63xx/patches-4.14/001-4.15-08-bcm63xx_enet-correct-clock-usage.patch - target/linux/brcm63xx/patches-4.14/001-4.15-09-bcm63xx_enet-do-not-write-to-random-DMA-channel-on-B.patch - target/linux/generic/backport-4.14/080-net-convert-sock.sk_wmem_alloc-from-atomic_t-to-refc.patch - target/linux/generic/pending-4.14/900-gen_stats-fix-netlink-stats-padding.patch The ext4 regression introduced in 4.14.55 has been fixed by 4.14.60 (commit f547aa20b4f61662ad3e1a2040bb3cc5778f19b0). Fixes the following CVEs: - CVE-2018-10876 - CVE-2018-10877 - CVE-2018-10879 - CVE-2018-10880 - CVE-2018-10881 - CVE-2018-10882 - CVE-2018-10883 Thanks to Stijn Tintel for the CVE list :-). Compile-tested on: ramips/mt7621, x86/64 Run-tested on: ramips/mt7621, x86/64 Signed-off-by: Stijn Segers <foss@volatilesystems.org>	2018-08-06 07:30:41 +02:00

1 2

80 Commits