Commit Graph

6 Commits

Author SHA1 Message Date
Hauke Mehrtens
9ab4d74b5f kernel: Move some DSA config options to generic config
This moves some new configuration options to the generic kernel
configuration instead of configuring them for each target on our own.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-05-14 21:11:58 +02:00
Hauke Mehrtens
87ac3e801d gemini: Make kernel text and rodata read-only
This is activate for all other targets except gemini, also activate it
there.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-05-11 17:15:41 +02:00
Hauke Mehrtens
75eb8a146d kernel: Deactivate CONFIG_BINFMT_MISC
CONFIG_BINFMT_MISC allows it to add support for new executable formats
to the kernel from user space, the kernel will then detect for example a
java binary and call the java execution program automatically. I am not
aware that this feature is used in OpenWrt and this could be used to
exploit something. Deactivate it for all targets for now.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-05-11 17:15:41 +02:00
Hauke Mehrtens
57ec21ef3d kernel: Activate CONFIG_SYN_COOKIES for all targets
Some targets deactivated CONFIG_SYN_COOKIES, for unknown reasons, use
the default setting from the generic configuration which activates
CONFIG_SYN_COOKIES.

This should prevent SYN flooding.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-05-11 17:15:41 +02:00
Linus Walleij
ac5f431ad1 gemini: Generate padded kernel+rootfs images for DIR-685
We currently generate a kernel that boots from the harddrive
in the DIR-685. That's not how we usually do things, so
let's augment it to boot from flash and mount the rootfs
using squashfs and JFFS2 like everyone else.

Partition splitting only work when the partitions are
inside of a "partitions" node which is why we have a patch
like this (submitted upstream).

Another patch drops the rootfs arguments and renames the
firmware partition while adding the compatible "wrg"
to it so the WRGG parser will kick in.

Factory image was tested by bravely reflashing the DIR-685
from stock firmware using the web UI and the serial console
boot loader.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
2019-03-13 16:25:36 +01:00
Linus Walleij
11e9577511 gemini: Add a config for kernel v4.19
This adds a config for kernel v4.19 to the Gemini
target.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
2019-01-26 21:46:33 +01:00