Commit Graph

130 Commits

Author SHA1 Message Date
Kevin Darbyshire-Bryant
1fdb4a7907 kernel: N_BADCLASS: fix macro to actually work - class e support
Backport upstream patch:

Commit 65cab850f0ee ("net: Allow class-e address assignment via ifconfig
ioctl") modified the IN_BADCLASS macro a bit, but unfortunatly one too
many '(' characters were added to the line, making any code that used
it, not build properly.

Also, the macro now compares an unsigned with a signed value, which
isn't ok, so fix that up by making both types match properly.

Reported-by: Christopher Ferris <cferris@google.com>
Fixes: 65cab850f0ee ("net: Allow class-e address assignment via ifconfig ioctl")
Cc: Dave Taht <dave.taht@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-01-19 20:45:49 +00:00
Stijn Tintel
8c6f00ef4f kernel: bump 4.14 to 4.14.93
Refresh patches.
Remove upstreamed patches:
- backport/096-mips-math-emu-Write-protect-delay-slot-emulation-pages.patch
- pending/510-f2fs-fix-sanity_check_raw_super-on-big-endian-machines.patch
- brcm2708/950-0415-qmi_wwan-apply-SET_DTR-quirk-to-the-SIMCOM-shared-de.patch

Compile-tested: ar71xx, ath79, brcm2708/bcm27{08,10}, octeon, x86/64
Runtime-tested: ar71xx, ath79, brcm2708/bcm27{08,10}, octeon, x86/64

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2019-01-14 02:20:40 +02:00
Rafał Miłecki
34696ce25e kernel: backport bcma patches that improve printing functions
Updated printing functions use dev_* helpers to provide more meaningful
messages.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-01-10 16:47:43 +01:00
Koen Vandeputte
630d8b87a5 cns3xxx: use actual size reads for PCIe
upstream commit 802b7c06adc7 ("ARM: cns3xxx: Convert PCI to use generic config accessors")
reimplemented cns3xxx_pci_read_config() using pci_generic_config_read32(),
which preserved the property of only doing 32-bit reads.

It also replaced cns3xxx_pci_write_config() with pci_generic_config_write(),
so it changed writes from always being 32 bits to being the actual size,
which works just fine.

Due to:
- The documentation does not mention that only 32 bit access is allowed.
- Writes are already executed using the actual size
- Extensive testing shows that 8b, 16b and 32b reads work as intended

It makes perfectly sense to also swap 32 bit reading in favor of actual size.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-01-07 17:09:06 +01:00
Koen Vandeputte
f56a4e809b kernel: bump 4.14 to 4.14.91
Refreshed all patches.

Removed upstreamed:
- 500-ubifs-Handle-re-linking-of-inodes-correctly-while-re.patch

Compile-tested on: ar71xx, cns3xxx, imx6
Runtime-tested on: ar71xx, cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-01-07 17:09:06 +01:00
Kevin Darbyshire-Bryant
8f4841462c kernel: MIPS: math-emu Write-protect delay slot emulation pages
Backport https://git.kernel.org/pub/scm/linux/kernel/git/mips/linux.git/commit/?id=adcc81f148d733b7e8e641300c5590a2cdc13bf3

"Mapping the delay slot emulation page as both writeable & executable
presents a security risk, in that if an exploit can write to & jump into
the page then it can be used as an easy way to execute arbitrary code.

Prevent this by mapping the page read-only for userland, and using
access_process_vm() with the FOLL_FORCE flag to write to it from
mips_dsemul().

This will likely be less efficient due to copy_to_user_page() performing
cache maintenance on a whole page, rather than a single line as in the
previous use of flush_cache_sigtramp(). However this delay slot
emulation code ought not to be running in any performance critical paths
anyway so this isn't really a problem, and we can probably do better in
copy_to_user_page() anyway in future.

A major advantage of this approach is that the fix is small & simple to
backport to stable kernels.

Reported-by: Andy Lutomirski <luto@kernel.org>
Signed-off-by: Paul Burton <paul.burton@mips.com>
Fixes: 432c6bacbd0c ("MIPS: Use per-mm page to execute branch delay slot instructions")"

Without patch:

cat /proc/self/maps
00400000-0047a000 r-xp 00000000 1f:03 1823       /bin/busybox
00489000-0048a000 r-xp 00079000 1f:03 1823       /bin/busybox
0048a000-0048b000 rwxp 0007a000 1f:03 1823       /bin/busybox
77ec8000-77eed000 r-xp 00000000 1f:03 2296       /lib/libgcc_s.so.1
77eed000-77eee000 rwxp 00015000 1f:03 2296       /lib/libgcc_s.so.1
77eee000-77f81000 r-xp 00000000 1f:03 2470       /lib/libc.so
77f90000-77f92000 rwxp 00092000 1f:03 2470       /lib/libc.so
77f92000-77f94000 rwxp 00000000 00:00 0
7f946000-7f967000 rw-p 00000000 00:00 0          [stack]
7fefb000-7fefc000 rwxp 00000000 00:00 0
7ffac000-7ffad000 r--p 00000000 00:00 0          [vvar]
7ffad000-7ffae000 r-xp 00000000 00:00 0          [vdso]

Patch applied:

cat /proc/self/maps
00400000-0047a000 r-xp 00000000 1f:03 1825       /bin/busybox
00489000-0048a000 r-xp 00079000 1f:03 1825       /bin/busybox
0048a000-0048b000 rwxp 0007a000 1f:03 1825       /bin/busybox
77ed0000-77ef5000 r-xp 00000000 1f:03 2298       /lib/libgcc_s.so.1
77ef5000-77ef6000 rwxp 00015000 1f:03 2298       /lib/libgcc_s.so.1
77ef6000-77f89000 r-xp 00000000 1f:03 2474       /lib/libc.so
77f98000-77f9a000 rwxp 00092000 1f:03 2474       /lib/libc.so
77f9a000-77f9c000 rwxp 00000000 00:00 0
7fbed000-7fc0e000 rw-p 00000000 00:00 0          [stack]
7fefb000-7fefc000 r-xp 00000000 00:00 0
7fff6000-7fff7000 r--p 00000000 00:00 0          [vvar]
7fff7000-7fff8000 r-xp 00000000 00:00 0          [vdso]

Note lack of write permission to 7fefb000-7fefc000

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-12-24 21:52:08 +00:00
Kevin Darbyshire-Bryant
5b3afca757 kernel: bump 4.14 to 4.14.90
Refresh all patches

Remove upstream patch:
backport-4.14/424-v4.20-net-dsa-fix-88e6060-roaming.patch

Minor tweak to generic/hack-4.14/902-debloat_proc.patch to cleanly apply
after upstream changes.

Tested-on: ath79

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-12-24 15:06:33 +00:00
Koen Vandeputte
6835c13e5a cns3xxx: fix writing to wrong PCI registers
Originally, cns3xxx used it's own functions for mapping, reading and writing registers.

Upstream commit 802b7c06adc7 ("ARM: cns3xxx: Convert PCI to use generic config accessors")
removed the internal PCI config write function in favor of the generic one:

cns3xxx_pci_write_config() --> pci_generic_config_write()

cns3xxx_pci_write_config() expected aligned addresses, being produced by cns3xxx_pci_map_bus()
while the generic one pci_generic_config_write() actually expects the real address
as both the function and hardware are capable of byte-aligned writes.

This currently leads to pci_generic_config_write() writing
to the wrong registers on some ocasions.

First issue seen due to this:

- driver ath9k gets loaded
- The driver wants to write value 0xA8 to register PCI_LATENCY_TIMER, located at 0x0D
- cns3xxx_pci_map_bus() aligns the address to 0x0C
- pci_generic_config_write() effectively writes 0xA8 into register 0x0C (CACHE_LINE_SIZE)

This seems to cause some slight instability when certain PCI devices are used.

Another issue example caused by this this is the PCI bus numbering,
where the primary bus is higher than the secondary, which is impossible.

Before:

00:00.0 PCI bridge: Cavium, Inc. Device 3400 (rev 01) (prog-if 00 [Normal decode])
    Flags: bus master, fast devsel, latency 0, IRQ 255
    Bus: primary=02, secondary=01, subordinate=ff, sec-latency=0

After fix:

00:00.0 PCI bridge: Cavium, Inc. Device 3400 (rev 01) (prog-if 00 [Normal decode])
    Flags: bus master, fast devsel, latency 0, IRQ 255
    Bus: primary=00, secondary=01, subordinate=02, sec-latency=0

And very likely some more ..

Fix all by omitting the alignment being done in the mapping function.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-12-18 14:24:57 +01:00
Koen Vandeputte
9f2739e924 kernel: bump 4.14 to 4.14.89
Refreshed all patches.

Remove upstreamed patches:
- 096-v4.20-netfilter-ipv6-Preserve-link-scope-traffic-original-.patch

Compile-tested on: ar71xx, cns3xxx, imx6
Runtime-tested on: ar71xx, cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-12-18 14:24:57 +01:00
Hans Dedecker
b0414d7188 kernel: preserve oif of IPv6 link scope packets
Backort upstream patch which preserves oif of IPv6 link scoped packets.
The outgoing interface of IPv6 link scope packets can be changed by the
function ip6_route_me_harder. This is unwanted behavior for link local
packets and multicast packets as the outgoing interface is fixed and must
not be altered as it can break neighbor discovery and multicast listener
discovery.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-12-17 21:42:23 +01:00
Kevin Darbyshire-Bryant
2574c86ce6 kernel: backport ifconfig ioctl support for class e addresses
Backport net: Allow class-e address assignment via ifconfig ioctl
While most distributions long ago switched to the iproute2 suite
of utilities, which allow class-e (240.0.0.0/4) address assignment,
distributions relying on busybox, toybox and other forms of
ifconfig cannot assign class-e addresses without this kernel patch.

While CIDR has been obsolete for 2 decades, and a survey of all the
open source code in the world shows the IN_whatever macros are also
obsolete... rather than obsolete CIDR from this ioctl entirely, this
patch merely enables class-e assignment, sanely.

https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=65cab850f0eeaa9180bd2e10a231964f33743edf

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-12-17 10:40:20 +00:00
Anderson Luiz Alves
0c3c944d1e kernel: mv88e6060: disable hardware level MAC learning
Disable Marvell's hardware level MAC learning because it breaks station roaming.

When enabled it drops all frames that arrive from a MAC address
that is on a different port at learning table.

Problem description:
Multiple APs with inter-AP roaming connected to different ports,
when station moves from one AP on one port to another AP on another port,
traffic flow breaks down because the learning table is not updated.

Signed-off-by: Anderson Luiz Alves <alacn1@gmail.com>
[Replaced with upstream version, move to generic]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-12-16 00:57:20 +01:00
Hauke Mehrtens
aa3b6a08c5 kernel: Replace ledtrig-netdev with upstream backport
The ledtrig-netdev was added to upstream Linux kernel 4.16, replace our
own version with the patch based on the upstream version.
This will remove the ledtrig-netdev support from kernel 3.18, because I
not want to spend time on backporting it to 3.18. This will make it
easier to use the upstream version with kernel 4.19, by just not
applying this patch.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-12-15 12:50:06 +01:00
Rafał Miłecki
e24983e710 kernel: backport 2 mtd partitioning fixes
This improves handling of subpartitions.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-12-03 10:34:12 +01:00
Koen Vandeputte
02e16e9e82 kernel: bump 4.14 to 4.14.82
Refreshed all patches.

Compile-tested: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested: ar71xx, cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Tested-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Tested-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-11-22 10:49:01 +01:00
Rafał Miłecki
c6a1bcac16 kernel: fix ubifs loosing O_TMPFILE data after power cut
There was a bug in ubifs related to the O_TMPFILE. When reapplying
changes after power cut data could be lost. This problem was exposed by
overlayfs and the upstream commit 3a1e819b4e80 ("ovl: store file handle
of lower inode on copy up").

This fixes a regression introduced when switching from 4.9 to 4.14.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-11-15 12:32:20 +01:00
Stijn Tintel
e95e9fcbb2 kernel: bump 4.14 to 4.14.80
Refresh patches.

Compile-tested: ar71xx, ath79, x86/64
Runtime-tested: ar71xx, ath79, x86/64

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-11-13 00:44:01 +02:00
Koen Vandeputte
c764b2b531 kernel: bump 4.14 to 4.14.79
Refreshed all patches.

Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-11-05 16:00:00 +01:00
Koen Vandeputte
f983956a8b kernel: bump 4.14 to 4.14.75
Refreshed all patches.

Compile-tested on: ar71xx, cns3xxx, imx6
Runtime-tested on: ar71xx, cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-10-10 14:45:11 +02:00
Koen Vandeputte
7bfe757bc4 kernel: bump 4.14 to 4.14.73
Refreshed all patches.

Removed upstreamed:
- 192-Revert-ubifs-xattr-Don-t-operate-on-deleted-inodes.patch

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-10-02 13:44:36 +02:00
Koen Vandeputte
e9d92bf1e1 kernel: bump 4.14 to 4.14.72
Refreshed all patches.

Removed upstreamed:
- 203-MIPS-ath79-fix-restart.patch
- 0013-MIPS-ath79-fix-system-restart.patch
- 180-earlycon-initialize-port-uartclk-based-on-clock-frequency-property.patch
- 181-earlycon-remove-hardcoded-port-uartclk-initialization-in-of_setup_earlycon. patch
- 700-1-6-e1000e-Remove-Other-from-EIAC.patch
- 700-2-6-Partial-revert-e1000e-Avoid-receiver-overrun-interrupt-bursts.patch
- 700-3-6-e1000e-Fix-queue-interrupt-re-raising-in-Other-interrupt.patch
- 700-4-6-e1000e-Avoid-missed-interrupts-following-ICR-read.patch

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-09-26 15:54:18 +02:00
Rafał Miłecki
43d36606d6 kernel: pick earlycon regression fixes from the stable-queue.git
This fixes regression introduced in kernel 4.14 and makes bcm53xx revert
obsolete.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-09-24 13:47:06 +02:00
Hauke Mehrtens
efffba3409 kernel: fix build of nftables
Backport an additional patch from 4.16 for nftables.
This fixes a build problem recently introduced.

Fixes: f57806b56e ("kernel: generic: Fix nftables inet table breakage")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-09-22 23:59:10 +02:00
Brett Mastbergen
f57806b56e kernel: generic: Fix nftables inet table breakage
Commit b7265c59ab ("kernel: backport a series of netfilter cleanup
patches to 4.14") added patch 302-netfilter-nf_tables_inet-don-t-use-
multihook-infrast.patch.  That patch switches the netfilter core in the
kernel to use the new native NFPROTO_INET support.  Unfortunately, the
new native NFPROTO_INET support does not exist in 4.14 and was not
backported along with this patchset.  As such, nftables inet tables never
see any traffic.

As an example the following nft counter rule should increment for every
packet coming into the box, but never will:

nft add table inet foo
nft add chain inet foo bar { type filter hook input priority 0\; }
nft add rule inet foo bar counter

This commit pulls in the required backport patches to add the new
native NFPROTO_INET support, and thus restore nftables inet table
functionality.

Tested on Turris Omnia (mvebu)

Fixes: b7265c59ab ("kernel: backport a series of netfilter cleanup ...")
Signed-off-by: Brett Mastbergen <bmastbergen@untangle.com>
2018-09-22 21:20:55 +02:00
Koen Vandeputte
0dbdb476f3 kernel: bump 4.14 to 4.14.71
Refreshed all patches.

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-09-21 13:23:16 +02:00
Koen Vandeputte
0cda4af005 kernel: bump 4.14 to 4.14.70
Refreshed all patches.

Added new patch:
- 192-Revert-ubifs-xattr-Don-t-operate-on-deleted-inodes.patch

This fixes a bug introduced in upstream 4.14.68 which caused targets using
ubifs to produce file-system errors on boot, rendering them useless.

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-09-17 15:47:44 +02:00
Martin Schiller
628eb271dc kernel: backport i2c-gpio working over slow can_sleep GPIOs
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2018-09-10 09:28:55 +02:00
Koen Vandeputte
079871983c kernel: bump 4.14 to 4.14.68
Refreshed all patches.

Remove upstream accepted:
- 330-Revert-MIPS-BCM47XX-Enable-74K-Core-ExternalSync-for.patch

Altered:
- 303-v4.16-netfilter-nf_tables-remove-multihook-chains-and-fami.patch
- 308-mips32r2_tune.patch

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-09-07 17:21:24 +02:00
Koen Vandeputte
01793e8752 kernel: bump 4.14 to 4.14.67
Refreshed all patches.

Removed upstreamed patches:
- 037-v4.18-0008-ARM-dts-BCM5301x-Fix-i2c-controller-interrupt-type.patch

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-08-28 23:05:39 +02:00
Koen Vandeputte
6b4ba118ac kernel: bump 4.14 to 4.14.66
Refreshed all patches

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-08-22 13:47:13 +02:00
Stijn Tintel
14b6c72541 kernel: move e1000e patches to backports
They're already in linux.git, so they shouldn't be in pending.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-08-09 11:46:29 +02:00
Koen Vandeputte
f960490fc8 kernel: bump 4.14 to 4.14.60
Refreshed all patches

Removed upstreamed patches:
- 500-ext4-fix-check-to-prevent-initializing-reserved-inod.patch

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-08-03 16:10:38 +02:00
Stijn Tintel
22b9f99b87 kernel: bump 4.14 to 4.14.59
Drop patch that was superseded upstream:
ramips/0036-mtd-fix-cfi-cmdset-0002-erase-status-check.patch

Drop upstreamed patches:
- apm821xx/020-0001-crypto-crypto4xx-remove-bad-list_del.patch
- apm821xx/020-0011-crypto-crypto4xx-fix-crypto4xx_build_pdr-crypto4xx_b.patch
- ath79/0011-MIPS-ath79-fix-register-address-in-ath79_ddr_wb_flus.patch
- brcm63xx/001-4.15-08-bcm63xx_enet-correct-clock-usage.patch
- brcm63xx/001-4.15-09-bcm63xx_enet-do-not-write-to-random-DMA-channel-on-B.patch
- generic/backport/080-net-convert-sock.sk_wmem_alloc-from-atomic_t-to-refc.patch
- generic/pending/170-usb-dwc2-Fix-DMA-alignment-to-start-at-allocated-boun.patch
- generic/pending/900-gen_stats-fix-netlink-stats-padding.patch

In 4.14.55, a patch was introduced that breaks ext4 images in some
cases. The newly introduced patch
backport-4.14/500-ext4-fix-check-to-prevent-initializing-reserved-inod.patch
addresses this breakage.

Fixes the following CVEs:
- CVE-2018-10876
- CVE-2018-10877
- CVE-2018-10879
- CVE-2018-10880
- CVE-2018-10881
- CVE-2018-10882
- CVE-2018-10883

Compile-tested: ath79, octeon, x86/64
Runtime-tested: ath79, octeon, x86/64

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-07-31 05:11:07 +03:00
Rafał Miłecki
2a598bbaa3 kernel: backport mtd support for subpartitions in DT
This is a new & warm feature that allows nesting partiitons in DT and
mixing their types (e.g. static vs. dynamic). It's very useful for
boards that have most partitions static but some of them require extra
parsing (e.g. a "firmware" partition).

It's required to successfully backport support for new devices using
that new syntax in their DT files.

Since brcm63xx has a custom alternative patch the upstream one is being
reverted for it. The plan is to make brcm63xx use the upstream
implementation.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-07-27 22:16:24 +02:00
Rafał Miłecki
6bcafea2c0 kernel: backport mtd patches with Broadcom of_match_table-s
Two tiny & trivial patches with no regression risk. One simplifies
bcm53xx downstream patch.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-07-27 15:55:01 +02:00
Felix Fietkau
c527d0ec18 kernel: backport fixes for GCC 8 errors in syscall definitions
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-07-22 17:16:30 +02:00
Felix Fietkau
21ee8ce9b5 kernel: replace bridge port isolate hack with upstream patch backport on 4.14
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-07-11 20:59:05 +02:00
Koen Vandeputte
ba2b0f0ac6 kernel: bump 4.14 to 4.14.54
Rereshed all patches

Reworked patches to match upstream:
335-v4.16-netfilter-nf_tables-add-single-table-list-for-all-fa.patch

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-07-11 16:02:24 +02:00
Kevin Darbyshire-Bryant
094d49cddf kernel: bump 4.14 to 4.14.51
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.

To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
Refresh patches.

Remove patch that can be reverse applied:
mvebu/patches-4.14/530-ATA-ahci_mvebu-enable-stop_engine-override.patch
mvebu/patches-4.14/531-ATA-ahci_mvebu-pmp-stop-errata-226.patch

Update patch that no longer applied:
ipq806x/patches-4.14/0035-clk-mux-Split-out-register-accessors-for-reuse.patch

Compiled-tested-for: lantiq, ramips
Run-tested-on: lantiq BT hh5a, ramips MIR3g

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Tested-by: Michael Yartys <michael.yartys@protonmail.com>
Tested-by: Rosen Penev <rosenp@gmail.com>
2018-06-26 08:57:21 +02:00
Kevin Darbyshire-Bryant
d600de3ddd kernel: atm: pppoatm fix vc-mux connection failures
Backport a hot off the press upstream kernel ATM fix:

Preserve value of skb->truesize when accounting to vcc

"There's a hack in pskb_expand_head() to avoid adjusting skb->truesize
for certain skbs. Ideally it would cover ATM too. It doesn't. Just
stashing the accounted value and using it in atm_raw_pop() is probably
the easiest way to cope."

The issue was exposed by upstream with:

commit 14afee4b6092fde451ee17604e5f5c89da33e71e
Author: Reshetova, Elena <elena.reshetova@intel.com>
Date:   Fri Jun 30 13:08:00 2017 +0300

    net: convert sock.sk_wmem_alloc from atomic_t to refcount_t

But an earlier commit left the ticking timebomb:

158f323b9868 ("net: adjust skb->truesize in pskb_expand_head()

Sincerest thanks to Mathias Kresin <dev@kresin.me> for debugging
assistance and to David Woodhouse <dwmw2@infradead.org> for further
guidance, cajoling & patience in interpreting the debug I was giving him
and producing a fix!

Fixes FS#1567

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-06-18 15:27:15 +02:00
Koen Vandeputte
2b9885571b kernel: bump 4.14 to 4.14.49
Refreshed all patches

Compile-tested on: cns3xxx, imx6, x86-64
Runtime-tested on: cns3xxx, imx6, x86-64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-06-18 07:10:19 +02:00
Felix Fietkau
5101515375 kernel: fix conntrack fixup of offloaded flows on timeout
Fixes excessively long conntrack timeout of short lived connections

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-06-14 11:25:24 +02:00
Felix Fietkau
68ab89854f kernel: fix conntrack leak for flow_offload connections
This was caused by a race condition between offload teardown and
conntrack gc bumping the timeout of offloaded connections

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-06-13 12:54:45 +02:00
Stijn Tintel
e52f3e9b13 kernel: bump 4.14 to 4.14.48
Remove upstreamed patches:
generic/pending/101-clocksource-mips-gic-timer-fix-clocksource-counter-w.patch
generic/pending/103-MIPS-c-r4k-fix-data-corruption-related-to-cache-coherence.patch
generic/pending/182-net-qmi_wwan-add-BroadMobi-BM806U-2020-2033.patch
lantiq/0025-MIPS-lantiq-gphy-Remove-reboot-remove-reset-asserts.patch
Update patches that no longer apply:
generic/pending/811-pci_disable_usb_common_quirks.patch
ath79/0009-MIPS-ath79-add-lots-of-missing-registers.patch

Fixes CVE-2018-6412.

Compile-tested: octeon, x86/64.
Runtime-tested: octeon, x86/64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-06-05 22:54:00 +03:00
Felix Fietkau
2f3b1dddea kernel: backport patch to fix dst handling for offloaded connections
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-06-05 10:18:58 +02:00
Stijn Tintel
64b53247c4 kernel: bump 4.14 to 4.14.44
Refresh patches.

Remove upstreamed patch:
generic/pending/181-net-usb-add-lte-modem-wistron-neweb-d18q1.patch
Update patches that no longer applies:
generic/hack/901-debloat_sock_diag.patch

Compile-tested on: x86/64.
Runtime-tested on: x86/64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-05-29 00:53:15 +03:00
Koen Vandeputte
467b07e00c kernel: bump 4.14 to 4.14.43
Refreshed all patches

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Tested-by: Michael Yartys <michael.yartys@protonmail.com>
2018-05-24 08:58:17 +02:00
Koen Vandeputte
e2aa0c3f8b kernel: bump 4.14 to 4.14.41
Refreshed all patches

Dropped upstreamed patches:
522-PCI-aardvark-fix-logic-in-PCI-configuration-read-write-functions.patch
523-PCI-aardvark-set-PIO_ADDR_LS-correctly-in-advk_pcie_rd_conf.patch
525-PCI-aardvark-use-isr1-instead-of-isr0-interrupt-in-legacy-irq-mode.patch
527-PCI-aardvark-fix-PCIe-max-read-request-size-setting.patch

updated patches:
524-PCI-aardvark-set-host-and-device-to-the-same-MAX-payload-size.patch
030-USB-serial-option-fix-dwm-158-3g-modem-interface.patch

Added new ARM64 symbol: CONFIG_ARM64_ERRATUM_1024718

Compile-tested on: cns3xxx, imx6, mvebu (arm64), x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-05-18 09:10:46 +02:00
Mathias Kresin
0e9e8d8323 kernel: dwc2: add support for host mode external vbus supply
Backport patch adding support for the vbus-supply devicetree property,
which allows to specific GPIOs (via fixed regulators) to enable
vbus/usb power.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2018-05-17 07:40:19 +02:00
Rafał Miłecki
404508001e kernel: use accepted version of bcm47xxpart fix commit
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-05-12 23:53:44 +02:00
Rafał Miłecki
070693477a kernel: backport mtd patch for minor partitioning cleanup
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-05-12 23:14:07 +02:00
Rafał Miłecki
f9dcdc7fef kernel: mark source kernel for netfilter backports
This helps keeping track on patches & adding new kernels in the future.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-05-08 09:42:07 +02:00
Koen Vandeputte
3435dbdc1c kernel: bump 4.14 to 4.14.37
Refreshed all patches

Compile-tested on: cns3xxx, imx6, octeon, ramips/mt7621, x86/64
Runtime-tested on: cns3xxx, imx6, octeon, ramips/mt7621, x86/64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Tested-by: Stijn Segers <foss@volatilesystems.org>
[add extra tested targets to commit msg]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-04-30 09:07:53 +03:00
Giuseppe Lippolis
78666c7ba0 kernel: fix usb interface on 3G dwm-158 modem
The current option driver binds to the usb interface 2,3,4,5.
But the interface 4 and 5 doesn't answer to the AT commands.
On the new openwrt configuration the wwan script select the 5th
interface as control interface, failing to establish the
3G connection.

Backport the fix for the problem.

Signed-off-by: Giuseppe Lippolis <giu.lippolis@gmail.com>
2018-04-23 22:07:22 +02:00
Stijn Tintel
ec1d7b9461 kernel: bump 4.14 to 4.14.34
Refresh patches.
Update patches that no longer apply:
- backport/313-netfilter-remove-defensive-check-on-malformed-packet.patch
- pending/642-net-8021q-support-hardware-flow-table-offload.patch

Compile-tested: x86/64.
Runtime-tested: x86/64.

Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-04-16 00:22:57 +03:00
Rafał Miłecki
cdcd5c93d7 kernel: use accepted mtd patchset adding support for "compatible" string
These patches were finally accepted and are already present in the
Linus's tree. This should be good enough to make is "backport" material.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-04-09 07:16:48 +02:00
Stijn Segers
41a881a8d9 Kernel: bump 4.14 to 4.14.29
Right patch version this time, sorry!

* Patch 180-usb-xhci-add-support-for-performing-fake-doorbell.patch had to be adjusted slightly because of upstream adapted code.
* Refreshed patches.

Compile-tested: ramips/mt7621, x86/64
Run-tested: ramips/mt7621, x86/64
Signed-off-by: Stijn Segers <foss@volatilesystems.org>
Tested-by: Rosen Penev <rosenp@gmail.com>
2018-03-23 23:49:55 +01:00
Felix Fietkau
c89e338fe6 kernel: netfilter: fix dst entries in flowtable offload
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-03-23 20:56:34 +01:00
Felix Fietkau
99d511dcd3 kernel: fix offloading connections with SNAT + DNAT
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-03-23 19:16:23 +01:00
Felix Fietkau
48d17551b6 kernel: fix flow offload UDP handling issue
Only run the TCP state check for TCP connections

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-03-23 19:16:12 +01:00
Stijn Segers
9899ffcfd3 kernel: bump 4.14 to 4.14.27
* Refreshed patches.
* Deleted 812-pci-dwc-fix-enumeration.patch (was accepted upstream)

Compile-tested: ramips/mt7621, x86/64
Run-tested: ramips/mt7621, x86/64

Signed-off-by: Stijn Segers <foss@volatilesystems.org>
2018-03-17 22:15:38 +01:00
Rafał Miłecki
ac9bcefa3b kernel: use V10 of mtd patchset adding support for "compatible" string
In the commit bde5e7a632 ("kernel: backport mtd implementation for
"compatible" in "partitions" subnode") patches that got accepted into
l2-mtd.git were backported to the kernels 4.9 and 4.14. Unfortunately
there was a regression report, patches were dropped and never reached
4.16.

This commit replaces these pseudo-backports with the latest version
that includes regression fix and futher changes that were requested.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-03-14 15:13:39 +01:00
Kabuli Chana
7c1dae6e26 kernel: bump to version 4.14.25
compile/test target mvebu/rango

Signed-off-by: Kabuli Chana <newtownBuild@gmail.com>
2018-03-09 22:12:48 +01:00
Stijn Segers
b5469b38cd kernel: bump 4.14 to 4.14.23
This patch bumps the 4.14 kernel to .23.
- Refreshed patches.
- Deleted bcm53xx/patches-4.14/089-PCI-iproc-Fix-NULL-pointer-dereference-for-BCMA.patch. Has been accepted upstream.
- Deleted generic/pending-4.14/821-usb-Remove-annoying-warning-about-bogus-URB.patch. The upstream URB code was changed,
  the patch no longer applies. I discussed this with the patch author and removed it for now, we'll see how it goes.

Compile-tested on: ramips/mt7621, x86/64
Run-tested on: ramips/mt7621, x86/64

Signed-off-by: Stijn Segers <foss@volatilesystems.org>
2018-03-02 21:33:08 +01:00
Felix Fietkau
a5aee46fb7 kernel: more fixes for flow offload
- fix TCP connection state
- fix checksum error on DNAT

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-02-25 18:32:02 +01:00
Felix Fietkau
28a74f3076 kernel: remove nf_flow_table hardware offload patch (it is not ready yet)
It also does not have any users yet. It will be addde back when the core
API issues have been sorted out

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-02-25 16:24:02 +01:00
Felix Fietkau
a86e6b5a9f kernel: add minimal TCP state tracking to flow offload support
Fixes issues with connections hanging after >30 seconds idle time

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-02-25 16:14:23 +01:00
Koen Vandeputte
aad1f11efe kernel: refresh patches
Some fuzz was introduced due to the netfilter-offload series

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-02-22 12:46:25 +01:00
Felix Fietkau
1033356442 kernel: backport netfilter NAT offload support to 4.14
This only works with nftables for now, iptables support will be added
later. Includes a number of related upstream nftables improvements to
simplify backporting follow-up changes

Signed-off-by: John Crispin <john@phrozen.org>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-02-21 20:12:42 +01:00
Felix Fietkau
b7265c59ab kernel: backport a series of netfilter cleanup patches to 4.14
Preparation for backporting upstream NAT offload support

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-02-21 20:12:42 +01:00
Rafał Miłecki
8651f1149d kernel: backport patches simplifying mtd_device_parse_register code
These 2 patches were recently queued for 4.17.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-02-19 16:01:44 +01:00
Stijn Tintel
88ba41453d kernel: bump 4.14 to 4.14.20
Refresh patches.
Remove upstreamed patches:
- backport/080-v4.15-0001-arch-define-weak-abort.patch
- backport/081-v4.15-0002-kernel-exit.c-export-abort-to-modules.patch
Update patch that no longer applies:
pending/493-ubi-set-ROOT_DEV-to-ubiblock-rootfs-if-unset.patch

Fixes CVE-2017-8824.

Compile-tested: octeon, x86/64.
Runtime-tested: octeon, x86/64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-02-18 02:59:48 +01:00
Roman Yeryomin
f4e5880d0f ramips: preliminary support for 4.14
- removed upstreamed patches
- 0901-spansion_nand_id_fix.patch is disabled, not clear if it's needed

Signed-off-by: Roman Yeryomin <roman@advem.lv>
Signed-off-by: John Crispin <john@phrozen.org>
2018-02-15 10:46:39 +01:00
Evgeniy Didin
b38758d4d4 kernel: backport fix undefined abort
While building mpi.ko module with stable Linux v4.14.14 an error occured:
>ERROR: "abort" [lib/mpi/mpi.ko] undefined!
In upstream Linux 4.15 this issue is fixed:
Commit 7c2c11b208be ("arch: define weak abort()")
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7c2c11b208be09c156573fc0076b7b3646e05219

Commit dc8635b78cd8 ("kernel/exit.c: export abort() to modules")
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dc8635b78cd8669c37e230058d18c33af7451ab1

So lets add backport patches until these fixes
are not applied in stable version.

Signed-off-by: Evgeniy Didin <Evgeniy.Didin@synopsys.com>
Cc: Alexey Brodkin <abrodkin@synopsys.com>
CC: John Crispin <john@phrozen.org>
CC: Hauke Mehrtens <hauke@hauke-m.de>
2018-02-10 20:58:39 +01:00
Stijn Tintel
3072908d0d kernel: bump 4.14 to 4.14.18
Refresh patches.

Remove upstreamed patches:
- apm821xx/010-crypto-gcm-add-GCM-IV-size-constant.patch
- backport/040-crypto-fix-typo-in-KPP-dependency-of-CRYPTO_ECDH.patch
Remove pending-4.14/650-pppoe_header_pad.patch, it is superseded by
upstream commit d32e5740001972c1bb193dd60af02721d047a17e.
Update patch that no longer applies: hack/204-module_strip.patch

Compile-tested: octeon, x86/64.
Runtime-tested: octeon, x86/64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-02-08 18:43:13 +01:00
Hauke Mehrtens
4336efe14b kernel: use upstream patches for musl
This replaces the current patches used to make the kernel headers
compatible with musl with the version which was accepted upstream. This
is included in upstream kernel 4.15.
This was compile tested with iproute2 build on all supported kernel
versions with musl and one one with glibc.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-01-20 22:11:33 +01:00
Rafał Miłecki
bde5e7a632 kernel: backport mtd implementation for "compatible" in "partitions" subnode
This backports upstream support for "compatible" DT property set for the
"partitions" subnode of flash node. It allows specifying how partitions
should be created/parsed. Right now only "fixed-partitions" is
supported.

It should eventually replace our downstream "linux,part-probe" solution.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-01-11 12:07:49 +01:00
Stijn Tintel
c5ca1c9ab6 kernel: bump 4.14 to 4.14.11
Rename unwinder config symbols to match upstream changes.
Refresh patches.
Update patch that no longer applies: 202-reduce_module_size.patch

Also enable CONFIG_PAGE_TABLE_ISOLATION. This feature was backported
from 4.15 to the 4.14 stable series. It is enabled by default, so enable
it in OpenWrt as well.

Compile-tested on x86/64.
Runtime-tested on x86/64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-01-03 00:07:10 +02:00
Hauke Mehrtens
199273324e kernel: add kmod-crypto-ecdh
In kernel 4.14 kmod-bluetooth depends on kmod-crypto-ecdh, add
kmod-crypto-ecdh to LEDE.
Both packages also depend on the kmod-crypto-kpp package. To build this
we have to fix the dependency of CRYPTO_ECDH which has a typo.
This patch is already accepted upstream.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-16 22:13:04 +01:00
Hauke Mehrtens
b3f95490b9 kernel: generic: Add kernel 4.14 support
This adds initial support for kernel 4.14 based on the patches for
kernel 4.9.

In the configuration I deactivated some of the new possible security
features like:
CONFIG_REFCOUNT_FULL
CONFIG_SLAB_FREELIST_HARDENED
CONFIG_SOFTLOCKUP_DETECTOR
CONFIG_WARN_ALL_UNSEEDED_RANDOM

And these overlay FS options are also deactivated:
CONFIG_OVERLAY_FS_INDEX
CONFIG_OVERLAY_FS_REDIRECT_DIR

I activated this:
CONFIG_FORTIFY_SOURCE
CONFIG_POSIX_TIMERS
CONFIG_SLAB_MERGE_DEFAULT
CONFIG_WATCHDOG_HANDLE_BOOT_ENABLED

I am not sure if I did the porting correct for the following patches:
target/linux/generic/backport-4.14/020-backport_netfilter_rtcache.patch
target/linux/generic/hack-4.14/220-gc_sections.patch
target/linux/generic/hack-4.14/321-powerpc_crtsavres_prereq.patch
target/linux/generic/pending-4.14/305-mips_module_reloc.patch
target/linux/generic/pending-4.14/611-netfilter_match_bypass_default_table.patch
target/linux/generic/pending-4.14/680-NET-skip-GRO-for-foreign-MAC-addresses.patch

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-12-16 22:11:19 +01:00