Commit Graph

106 Commits

Author SHA1 Message Date
Koen Vandeputte
5e771160b8 kernel: bump 4.14 to 4.14.130
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-06-25 16:50:37 +02:00
Koen Vandeputte
bd0c3988e7 kernel: bump 4.14 to 4.14.128
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-06-20 15:51:03 +02:00
Koen Vandeputte
e493230e84 kernel: bump 4.14 to 4.14.126
Refreshed all patches.

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-06-18 11:44:19 +02:00
Chen Minqiang
5dbac47426 kernel: re-add bridge allow reception on disabled port
The "bridge allow reception on disabled port" implementation
was broken after these commits:

b765f4be40 ("kernel: bump 4.14 to 4.14.114")
456f486b53 ("kernel: bump 4.9 to 4.9.171")

This leads to issues when for example WDS is used, tied to a bridge:

[ 96.503771] wlan1: send auth to d4:5f:25:eb:09:82 (try 1/3)
[ 96.517956] wlan1: authenticated
[ 96.526209] wlan1: associate with d4:5f:25:eb:09:82 (try 1/3)
[ 97.086156] wlan1: associate with d4:5f:25:eb:09:82 (try 2/3)
[ 97.200919] wlan1: RX AssocResp from d4:5f:25:eb:09:82 (capab=0x11 status=0 aid=1)
[ 97.208706] wlan1: associated
[ 101.312913] wlan1: deauthenticated from d4:5f:25:eb:09:82 (Reason: 2=PREV_AUTH_NOT_VALID)

It seems upstream introduced a new patch, [1]
so we have to reimplement these patches properly:

target/linux/generic/pending-4.9/150-bridge_allow_receiption_on_disabled_port.patch
target/linux/generic/pending-4.14/150-bridge_allow_receiption_on_disabled_port.patch

[1] https://lkml.org/lkml/2019/4/24/1228

Fixes: b765f4be40 ("kernel: bump 4.14 to 4.14.114")
Fixes: 456f486b53 ("kernel: bump 4.9 to 4.9.171")
Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
[updated commit message and title]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-06-07 18:24:08 +02:00
Koen Vandeputte
6563e494a0 kernel: bump 4.14 to 4.14.122
Refreshed all patches.

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-06-03 12:43:17 +02:00
Hauke Mehrtens
9591155737 kernel: Fix arc kernel 4.14 build
This fixes a patch for the ARC architecture.

This was found by the build bot.

Fixes: 810ee3b84a ("kernel: bump 4.14 to 4.14.104")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-05-30 12:16:10 +02:00
Koen Vandeputte
68a5e662c2 kernel: bump 4.14 to 4.14.120
Refreshed all patches.

Altered patches:
- 0067-generic-Mangle-bootloader-s-kernel-arguments.patch
- 006-mvebu-Mangle-bootloader-s-kernel-arguments.patch
- 996-generic-Mangle-bootloader-s-kernel-arguments.patch

Compile-tested on: cns3xxx, imx6, mvebu
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-05-21 09:48:48 +02:00
Koen Vandeputte
d3053b1bdc kernel: bump 4.14 to 4.14.118
Refreshed all patches.

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-05-15 11:28:40 +02:00
Koen Vandeputte
4685bf1d2f kernel: bump 4.14 to 4.14.114
Refreshed all patches.

Altered patches:
- 150-bridge_allow_receiption_on_disabled_port.patch
- 201-extra_optimization.patch

Remove upstreamed:
- 022-0006-crypto-crypto4xx-properly-set-IV-after-de-and-encryp.patch

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-05-02 13:00:26 +02:00
Koen Vandeputte
3103bd54c5 kernel: bump 4.14 to 4.14.113
Refreshed all patches.

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-04-23 13:23:22 +02:00
Koen Vandeputte
0a637c7f87 kernel: bump 4.14 to 4.14.106
Refreshed all targets.

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-03-19 16:30:29 +01:00
Koen Vandeputte
810ee3b84a kernel: bump 4.14 to 4.14.104
Refreshed all patches.

Altered patches:
- 332-arc-add-OWRTDTB-section.patch

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-03-06 12:51:52 +01:00
Koen Vandeputte
fbb2186fbd kernel: bump 4.14 to 4.14.98
Refreshed all patches.

Remove upstreamed:
- 100-arm-cns3xxx-fix-writing-to-wrong-PCI-registers-after.patch

Altered patches:
- 721-phy_packets.patch

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-02-13 10:30:04 +01:00
Koen Vandeputte
ef17edae3d kernel: bump 4.14 to 4.14.97
Refreshed all patches.

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-02-01 11:41:39 +01:00
Koen Vandeputte
026f08a610 kernel: bump 4.14 to 4.14.96
Refreshed all patches.

New symbol added:
- CONFIG_CIFS_ALLOW_INSECURE_LEGACY

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-01-31 15:35:22 +01:00
Koen Vandeputte
939fa07b04 kernel: bump 4.14 to 4.14.93
Refreshed all patches.

Remove upstreamed:
- 510-f2fs-fix-sanity_check_raw_super-on-big-endian-machines.patch

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-01-15 13:58:36 +01:00
Koen Vandeputte
367ccf7a2d kernel: bump 4.14 to 4.14.91
Refreshed all patches.

Altered patches:
- 902-debloat_proc.patch

Removed upstreamed:
- 500-ubifs-Handle-re-linking-of-inodes-correctly-while-re.patch

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-01-08 13:13:16 +01:00
Christian Lamparter
afcdf099b7 kernel: fix f2fs on big endian machines
The WD MyBook Live SquashFS images didn't work anymore due to
a upstream regression in f2fs commit: 0cfe75c5b01199
("f2fs: enhance sanity_check_raw_super() to avoid potential overflows")
that got backported to 4.14.86 and 4.9.144.

by Martin Blumenstingl:
|Treat "block_count" from struct f2fs_super_block as 64-bit little endian
|value in sanity_check_raw_super() because struct f2fs_super_block
|declares "block_count" as "__le64".
|
|This fixes a bug where the superblock validation fails on big endian
|devices with the following error:
|  F2FS-fs (sda1): Wrong segment_count / block_count (61439 > 0)
|  F2FS-fs (sda1): Can't find valid F2FS filesystem in 1th superblock
|  F2FS-fs (sda1): Wrong segment_count / block_count (61439 > 0)
|  F2FS-fs (sda1): Can't find valid F2FS filesystem in 2th superblock
|As result of this the partition cannot be mounted.
|
|With this patch applied the superblock validation works fine and the
|partition can be mounted again:
|  F2FS-fs (sda1): Mounted with checkpoint version = 7c84
|
|My little endian x86-64 hardware was able to mount the partition without
|this fix.
|To confirm that mounting f2fs filesystems works on big endian machines
|again I tested this on a 32-bit MIPS big endian (lantiq) device.

Hopefully, this will do until Martin's patch moved through upstream
to -stable.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-01-01 02:51:43 +01:00
Felix Fietkau
0439280c2f kernel: support gcc-optimized inlining on all architectures
Optimized inlining was disabled by default when gcc 4 was still
relatively new. By now, all gcc versions handle this well and there
seems to be no real reason to keep it x86-only.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(backported from 1e8882585c)
(rebased patches)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-12-18 17:22:04 +01:00
Koen Vandeputte
7b0e1d28e8 kernel: bump 4.14 to 4.14.89
Refreshed all patches.

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-12-18 15:12:06 +01:00
Kevin Darbyshire-Bryant
991e43c894 kernel: re-enable MIPS VDSO
kernel upstream commit 9efcaa7c4afba5628f2650a76f69c798f47eeb18 to 4.14
itself a backport of 0f02cfbc3d9e413d450d8d0fd660077c23f67eff has
resolved the cache line issues that led to us disabling VDSO by default
on MIPS.

Remove our force disable patch:

pending-4.14/206-mips-disable-vdso.patch

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
(backported from 8ee7a80d19)
2018-12-18 11:28:14 +01:00
Brett Mastbergen
69d6da1de6 kernel: generic: Fix nftables inet table breakage
Commit b7265c59ab ("kernel: backport a series of netfilter cleanup
patches to 4.14") added patch 302-netfilter-nf_tables_inet-don-t-use-
multihook-infrast.patch.  That patch switches the netfilter core in the
kernel to use the new native NFPROTO_INET support.  Unfortunately, the
new native NFPROTO_INET support does not exist in 4.14 and was not
backported along with this patchset.  As such, nftables inet tables never
see any traffic.

As an example the following nft counter rule should increment for every
packet coming into the box, but never will:

nft add table inet foo
nft add chain inet foo bar { type filter hook input priority 0\; }
nft add rule inet foo bar counter

This commit pulls in the required backport patches to add the new
native NFPROTO_INET support, and thus restore nftables inet table
functionality.

Tested on Turris Omnia (mvebu)

Fixes: b7265c59ab ("kernel: backport a series of netfilter cleanup ...")
Signed-off-by: Brett Mastbergen <bmastbergen@untangle.com>
(backported from f57806b56e)
(rebased patches)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-12-18 11:28:13 +01:00
Mathias Kresin
031d5cf248 kernel: don't auto attach ubi on read error
With a10a204aab ("kernel: make ubi auto-attach check for a tar file
magic") the check for the magic was added without considering a failing
mtd_read(). If the read fails, no check is done and the mount code is
called straight away.

Failing with an error message for such cases seems to me the cleaner way,
as it would allow to spot hidden/workaround issues.

Signed-off-by: Mathias Kresin <dev@kresin.me>
(backported from 3716b5e4e6)
(rebased patches)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-12-18 09:50:54 +01:00
Mathias Kresin
e694526264 kernel: handle bad blocks in ubi auto attach code
The first block(s) of the ubi mtd device might be bad. We need to take
care on our own to skip the bad block(s) and read the next one(s).

Don't treat recoverable read errors as fatal and check for the UBI magic
if the data of a block could be recovered using ECC or similar.

Signed-off-by: Mathias Kresin <dev@kresin.me>
(backported from 0ac91d82ed)
(rebased patches)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-12-18 09:50:51 +01:00
Mathias Kresin
edc2af2be9 kernel: improve ubi auto attach code readability
Move the put_mtd_device() called on multiple error conditions to a goto
label to use it later for more error conditions.

The early return on failed open of the mtd device and mismatching mtd
type allows to get rid of one level of indentation. By jumping to the
cleanup code, a refcount bug is fixed for the wrong flash type condition.

While at it, make clear that we only check for the UBI magic if the read
from flash was successful.

Signed-off-by: Mathias Kresin <dev@kresin.me>
(backported from fdf6760cda)
(rebased patches)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-12-18 09:50:47 +01:00
Felix Fietkau
e68e498ff3 kernel: replace bridge port isolate hack with upstream patch backport on 4.14
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(backported from 21ee8ce9b5)
(rebased patches)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-12-18 09:45:59 +01:00
Koen Vandeputte
40e1450f59 kernel: bump 4.14 to 4.14.88
Refreshed all patches.

Altered patches:
- 180-usb-xhci-add-support-for-performing-fake-doorbell.patch

Fixes CVE:
- CVE-2018-14625

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-12-14 13:04:54 +01:00
Koen Vandeputte
2213b20aee kernel: bump 4.14 to 4.14.86
Refreshed all patches.

Altered patches:
- 180-usb-xhci-add-support-for-performing-fake-doorbell.patch

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-12-13 13:28:54 +01:00
Koen Vandeputte
216c04ff20 kernel: bump 4.14 to 4.14.82
Refreshed all patches.

Compile-tested: cns3xxx, imx6, x86_64
Runtime-tested: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-11-22 10:51:27 +01:00
Koen Vandeputte
4db74fbd69 kernel: bump 4.14 to 4.14.81
Refreshed all patches.

Removed upstreamed patches:
- 081-spi-bcm-qspi-switch-back-to-reading-flash-using-smal.patch

Altered patches:
- 0054-cpufreq-dt-Handle-OPP-voltage-adjust-events

Compile-tested on: cns3xxx, imx6, ipq806x, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-11-14 16:27:43 +01:00
Baptiste Jonglez
aa0aa47aa1 kernel: Add support for Winbond w25q128jv SPI NOR flash
Newer batches of several Mikrotik boards contain this yet-unsupported
flash chip, for instance:

- rb941-2nd (hAP lite)
- rb952ui-5ac2nd (hAP ac lite)
- RBM33G

and probably other Mikrotik boards need this patch as well.

The patch was submitted upstream by Robert Marko: https://patchwork.ozlabs.org/patch/934181/

Closes: FS#1715
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
Cc: Robert Marko <robimarko@gmail.com>
[Rebased + refreshed on current kernels]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-11-07 11:41:59 +01:00
Koen Vandeputte
f9c79947b5 kernel: bump 4.14 to 4.14.79
Refreshed all patches.

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-11-05 16:00:47 +01:00
Koen Vandeputte
47f68ca586 kernel: bump 4.14 to 4.14.77
Refreshed all patches.

Altered patches:
- 666-Add-support-for-MAP-E-FMRs-mesh-mode.patch

New symbol for arm targets:
    - HARDEN_BRANCH_PREDICTOR

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Tested-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-10-19 10:00:48 +02:00
Koen Vandeputte
bba743458e kernel: bump 4.14 to 4.14.75
Refreshed all patches.

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-10-10 14:46:25 +02:00
Koen Vandeputte
670f14ce67 kerneL: bump 4.14 to 4.14.73
Refreshed all patches.

Removed upstreamed:
- 192-Revert-ubifs-xattr-Don-t-operate-on-deleted-inodes.patch

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-10-02 13:44:45 +02:00
Koen Vandeputte
81b2bf8e3b kernel: bump 4.14 to 4.14.72
Refreshed all patches.

Removed upstreamed:
- 180-earlycon-initialize-port-uartclk-based-on-clock-frequency-property.patch
- 181-earlycon-remove-hardcoded-port-uartclk-initialization-in-of_setup_earlycon. patch
- 700-1-6-e1000e-Remove-Other-from-EIAC.patch
- 700-2-6-Partial-revert-e1000e-Avoid-receiver-overrun-interrupt-bursts.patch
- 700-3-6-e1000e-Fix-queue-interrupt-re-raising-in-Other-interrupt.patch
- 700-4-6-e1000e-Avoid-missed-interrupts-following-ICR-read.patch

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-09-26 15:55:23 +02:00
Koen Vandeputte
492bd8ddc9 kernel: bump 4.14 to 4.14.71
Refreshed all patches.

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-09-21 13:23:59 +02:00
Stijn Segers
de76cefd86 kernel: bump 4.14 to 4.14.70 for 18.06
Refreshes patches and bumps 4.14 kernel to 4.14.70 for OpenWrt 18.06.

Compile-tested on ramips/mt7621, x86/64, imx6.
Run-tested on ramips/mt7621, x86/64, imx6.

Signed-off-by: Stijn Segers <foss@volatilesystems.org>

[added ubifs fix + tested on imx6]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-09-17 15:47:44 +02:00
Koen Vandeputte
55bbd8293c kernel: bump 4.14 to 4.14.68
Refreshed all patches.

Remove upstream accepted:
- 330-Revert-MIPS-BCM47XX-Enable-74K-Core-ExternalSync-for.patch

Altered:
- 303-v4.16-netfilter-nf_tables-remove-multihook-chains-and-fami.patch
- 308-mips32r2_tune.patch

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-09-07 17:22:23 +02:00
Koen Vandeputte
def9d215ac kernel: bump 4.14 to 4.14.67
Refreshed all patches.

Removed upstreamed patches:
- 037-v4.18-0008-ARM-dts-BCM5301x-Fix-i2c-controller-interrupt-type.patch

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-08-28 23:06:48 +02:00
Koen Vandeputte
82f9ef60ab kernel: bump 4.14 to 4.14.66
Refreshed all patches

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-08-22 13:48:04 +02:00
Koen Vandeputte
67f91dfa51 kernel: bump 4.14 to 4.14.62
Refreshed all patches.

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-08-10 18:43:59 +02:00
Stijn Tintel
9fe68b4369 kernel: move e1000e patches to backports
They're already in linux.git, so they shouldn't be in pending.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 14b6c72541)
2018-08-09 11:49:56 +02:00
Stijn Tintel
bd451d46a6 kernel: add pending e1000e fixes
The previous round of fixes for the 82574 chip cause an issue with
emulated e1000e devices in VMware ESXi 6.5. It also contains changes
that are not strictly necessary. These patches fix the issues introduced
in the previous series, revert the unnecessary changes to avoid
unforeseen fallout, and avoid a case where interrupts can be missed.

The final two patches of this series are already in the kernel, so no
need to include them here.

Patchwork: https://patchwork.ozlabs.org/cover/881776/

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit ef025e6417)
2018-08-09 11:49:48 +02:00
John Crispin
0990dfc9ce Revert "kernel: usb: dwc2 DMA alignment fixes"
This reverts commit 1e5bd42d63.

this has already treacled down with the latest kernel bump

Signed-off-by: John Crispin <john@phrozen.org>
2018-08-08 16:31:14 +02:00
Pawel Dembicki
eb06fa6cf7 kernel: generic: fix problem with w1-gpio-custom
In boards with fdt is impossible to use kmod-w1-gpio-custom.
w1-gpio-custom create platform structure for w1-gpio module,
but if board use fdt, data is ignored in w1-gpio probe.

This workaround fix the problem.

Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
(cherry picked from commit aa5838adb7)
2018-08-08 15:41:22 +02:00
Antti Seppälä
1e5bd42d63 kernel: usb: dwc2 DMA alignment fixes
Add two patches submitted for upstream review that significantly improve
the dwc2 driver on openwrt from kernel stability and performance
perspectives.

Fixes: FS#1367

Signed-off-by: Antti Seppälä <a.seppala@gmail.com>
(cherry picked from commit 9f451ec698)
2018-08-08 15:30:20 +02:00
Stijn Segers
9ce7aa325e kernel: bump 4.14 to 4.14.60 for 18.06
* Refreshed patches.
* Patches made redundant by changes upstream:
  - target/linux/ramips/patches-4.14/0036-mtd-fix-cfi-cmdset-0002-erase-status-check.patch
* Patches accepted upstream:
  - target/linux/apm821xx/patches-4.14/020-0001-crypto-crypto4xx-remove-bad-list_del.patch
  - target/linux/apm821xx/patches-4.14/020-0011-crypto-crypto4xx-fix-crypto4xx_build_pdr-crypto4xx_b.patch
  - target/linux/brcm63xx/patches-4.14/001-4.15-08-bcm63xx_enet-correct-clock-usage.patch
  - target/linux/brcm63xx/patches-4.14/001-4.15-09-bcm63xx_enet-do-not-write-to-random-DMA-channel-on-B.patch
  - target/linux/generic/backport-4.14/080-net-convert-sock.sk_wmem_alloc-from-atomic_t-to-refc.patch
  - target/linux/generic/pending-4.14/900-gen_stats-fix-netlink-stats-padding.patch

The ext4 regression introduced in 4.14.55 has been fixed by 4.14.60 (commit f547aa20b4f61662ad3e1a2040bb3cc5778f19b0).

Fixes the following CVEs:
- CVE-2018-10876
- CVE-2018-10877
- CVE-2018-10879
- CVE-2018-10880
- CVE-2018-10881
- CVE-2018-10882
- CVE-2018-10883

Thanks to Stijn Tintel for the CVE list :-).

Compile-tested on: ramips/mt7621, x86/64
Run-tested on: ramips/mt7621, x86/64

Signed-off-by: Stijn Segers <foss@volatilesystems.org>
2018-08-06 07:30:41 +02:00
Rafał Miłecki
b5b5f5dfa6 kernel: backport mtd support for subpartitions in DT
This is a new & warm feature that allows nesting partiitons in DT and
mixing their types (e.g. static vs. dynamic). It's very useful for
boards that have most partitions static but some of them require extra
parsing (e.g. a "firmware" partition).

It's required to successfully backport support for new devices using
that new syntax in their DT files.

Since brcm63xx has a custom alternative patch the upstream one is being
reverted for it. The plan is to make brcm63xx use the upstream
implementation.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 2a598bbaa3)
2018-07-31 10:14:47 +02:00
Axel Neumann
f7668334a8 Re-enable arbitrary IPv6 addresses as outer ip4-in-ip6 tunnel source address
The 666-Add-support-for-MAP-E-FMRs-mesh-mode.patch kernel patches
break the possibility for using an ip4ip6 tunnel interface as a fall
back interface accepting ip4-in-ip6 tunneled packets from any remote
address. This works out of the box with any normal (non-666-patched)
kernel and can be configured by setting up an 'ip -6 tunnel' with type
'any' or 'ip4ip6' and a remote address of '::'.

The misbehavior comes with line 290 the patch which discards all packets
that do not show the expected saddr, even if no single fmr rule was
defined and despite the validity of the saddr was already approved earlier.

Signed-off-by: Axel Neumann <neumann@cgws.de>
Acked-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from 65c05301c2)
2018-07-31 06:32:15 +02:00