This fixes the following security problems:
* CVE-2018-5407: Microarchitecture timing vulnerability in ECC scalar multiplication
* CVE-2018-0734: Timing vulnerability in DSA signature generation
* Resolve a compatibility issue in EC_GROUP handling with the FIPS Object Module
Signed-off-by: Sven Roederer <freifunk@it-solutions.geroedel.de>
As the usage of libbsd is no longer limited to glibc, prevent libbsd
being picked up by removing the dependency on libbsd.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Kernel 4.14.96 got the new configuration option
CIFS_ALLOW_INSECURE_LEGACY which allows to deactivate support for old
and insecure SMB versions like 1.0 and 2.0. Still allow these old SMB
version and fix build problems which occurred because this option was
not defined.
This was found by build bot.
Fixes: 3662157d8b ("kernel: bump 4.14 to 4.14.96")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
upstream commit 802b7c06adc7 ("ARM: cns3xxx: Convert PCI to use generic config accessors")
reimplemented cns3xxx_pci_read_config() using pci_generic_config_read32(),
which preserved the property of only doing 32-bit reads.
It also replaced cns3xxx_pci_write_config() with pci_generic_config_write(),
so it changed writes from always being 32 bits to being the actual size,
which works just fine.
Due to:
- The documentation does not mention that only 32 bit access is allowed.
- Writes are already executed using the actual size
- Extensive testing shows that 8b, 16b and 32b reads work as intended
It makes perfectly sense to also swap 32 bit reading in favor of actual size.
also backport this patch to kernel 4.19
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
There are more regmap dependencies missing in the brcm2708 target.
Fixes: fd5c168701 ("kernel: Build: Split kmod-regmap")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Fix for factory image generation, so that stock firmware will accept the
openwrt image.
Ref: https://forum.openwrt.org/t/support-for-tp-link-archer-c2-v3/15617/17
Signed-off-by: Skirmantas Lauzikas <skirmantas.lauzikas@blackraven.lt>
[reword commit message, use correct order for conditions,
trim trailing whitespace]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Add missing pin controls for the Observa VH4032N router.
This fixes the wifi radio and ethernet LAN LEDs.
Signed-off-by: Daniel Gonzalez Cabanelas <dgcbueu@gmail.com>
- use the blue LED for power, since the red LED is already used by
CFE in emergency mode.
- use the correct code for the wlan button
Signed-off-by: Daniel Gonzalez Cabanelas <dgcbueu@gmail.com>
kmod-sound-soc-3dlab-nano-player was in the global kernel menu before,
add the dependency to sound to move it to the correct category.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Two regmap dependencies were wrong, this patch fixes them.
This was detected by the build bots.
Fixes: fd5c168701 ("kernel: Build: Split kmod-regmap")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This introduces a new Kconfig option to switch on/off mbedtls' support
for debug functions.
The idea behind is to inspect TLS traffic with Wireshark for debug
purposes. At the moment, there is no native or 'nice' support for
this, but at
68aea15833
an example implementation can be found which uses the debug functions
of the library. However, this requires to have this debug stuff enabled
in the library, but at the moment it is staticly patched out.
So this patch removes the static part from the configuration patch
and introduces a dynamic config file editing during build.
When enabled, this heavily increases the library size, so I added
a warning in the Kconfig help section.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
In the upstream netdev led trigger the one mode file was replaced by 3
files named rx, tx and link. Fix the netdev trigger configuration code
to use the modified API.
This fix is based on 201058b35c ("base-files: Fix netdev led trigger")
Fixes: aa3b6a08c5 ("kernel: Replace ledtrig-netdev with upstream backport")
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Add support for Silergy SY8106A voltage regulator which is
needed for cpufreq support on boards such as Orange Pi PC
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
[Remove CONFIG_REGULATOR_SY8106A from cortexa7]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
While helping with review and build testing of a few 4.19 pull requests,
I've noticed, that dtc compiler in OpenWrt uses different options then
upstream kernel, which is leading to a very noisy output[1]. It wouldn't
be that bad per se, but a lot of such warnings aren't easily fixable so
I think, that we should follow what upstream does and simply ignore^W
silence those noisy warnings.
So this patch tries to syncs dtc compiler flags with upstream kernel
till version 4.19.13, disabling those warnings as they were added in
upstream kernel:
v4.6-rc1-2-gbc55398 dtc: turn off dtc unit address warnings by default
The newly added dtc warning to check DT unit-address without reg
property and vice-versa generates lots of warnings. Turn off the check
unless building with W=1 or W=2.
v4.11-rc2-11-g8654cb8 dtc: update warning settings for new bus and node/property
dtc gained new warnings checking PCI and simple buses, unit address
formatting, and stricter node and property name checking. Disable the
new dtc warnings by default as there are 1000s. As before, warnings are
enabled with W=1 or W=2. The strict node and property name checks are a
bit subjective, so they are only enabled for W=2.
v4.16-rc3-9-g4fd98e3 scripts: turn off some new dtc warnings by default
The latest dtc update adds some new noisy warnings, so turn them off by
default. Disable 'avoid_unnecessary_addr_size' and 'alias_paths'. They
can be re-enabled by building with 'W=1'.
v4.17-rc1-27-g74656b6 kbuild: disable new dtc graph and unit-address warnings
dtc gained some new warnings for OF graphs and unique unit addresses,
but they are currently much too noisy. So turn off
'graph_child_address', 'graph_port', and 'unique_unit_address' warnings
by default. They can be enabled by building dtbs with W=1.
Build tested on imx6 and ath79 with 4.14 and 4.19.
1. https://github.com/openwrt/openwrt/pull/1694#issuecomment-450864335
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Drop customizations in:
508-arm64-dts-armada-3720-espressobin-wire-up-spi-flash.patch
and move them to separate patch, with broader explanation.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
This symbol is enabled in all subtargets, move it to common kernel
config.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
Acked-by: Rosen Penev <rosenp@gmail.com>
This reduces the needed modifications to the mainline Linux kernel and
also makes the regmap package work with an out of tree kernel which
does not have these modifications.
The regmap-core is only added when it is really build as a module.
The regmap-core is normally bool so it cannot be built as a module in an
unmodified kernel. When it is selected by on other kernel module it will
always be selected as build in and it also does not show up in
$(LINUX_DIR)/modules.builtin as it is not supposed to be a kernel module.
When it is not in $(LINUX_DIR)/modules.builtin the build system expects
it to be built as a .ko file.
Just check if the module is really there and only add it in that case.
This splits the regmap package into multiple packages, one for each bus type.
This way only the bus maps which are really needed have to be added.
This also splits the I2C, SPI and MMIO regmap into separate packages to not
require all these subsystems to build them, on an unmodified upstream kernel
this also causes problems in some situations.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
Some of sunxi devices have onboard SPI flash.
Enable SPI NOR support and MTD fit split in kernel config.
Signed-off-by: Oskari Lemmela <oskari@lemmela.net>
Added e4crypt tool for encrypting files and directories. To work properly
requires kernel and work on keyutils. That will be done in a future commit
Some top-level reorganization for consistency between packages.
Tested on GnuBee PC1 (mt7621).
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Hardware
--------
CPU: Qualcomm Atheros QCA9558
RAM: 128M DDR2
FLASH: 16MiB
ETH: 1x Atheros AR8035 (PoE in)
1x Atheros AR8033
WiFi2: QCA9558 3T3R (SiGE SE2565T 2.4 GHz power amp x3)
WiFi5: QCA9880 3T3R (Skyworks 5003L1 5 GHz power amp x3)
BTN: 1x Reset
1x WPS
1x USB eject
LED: 1x LED blue
1x LED red
BEEP: 1x GPIO attached piezo beeper
UART: 3.3V GND TX RX (115200-N-8) (3.3V is pin closest to rear ports)
Dupont 4 pin header
Rear RJ45 serial port non-functional
USB: 1x v2.0
Installation
------------
Make sure you set a password for the root user as prompted on first
setup!
1. Upload OpenWRT sysupgrade image via SSH to the device.
Use /tmp as the destination folder on the device.
User is root, password previously set in the web interface.
2. Install OpenWRT with
> sysupgrade -n -F /tmp/<openwrt-image-name>
Signed-off-by: Django Armstrong <iamdjango@hotmail.com>
It's no longer needed as all mt7621 devices use DT binding (supported by
upstream mtd code) for specifying "firmware" part format explicitly.
Signed-off-by: Mathias Kresin <dev@kresin.me>
It results in calling the right MTD parser directly instead of trying
them one by one.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
[use the lzma splitter for the AR670W]
Signed-off-by: Mathias Kresin <dev@kresin.me>
This is the remainder of kernel patches for the v4.19
kernel. A whole slew of the previous patch stack is now
upstream, so this mainly contains the stuff that was
added upstream between v4.19 and v5.0-rc1, and then
the USB FOTG201 patches from Hans.
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>