ExternalVendorCode/openwrt
1
0
Fork 0
mirror of https://github.com/openwrt/openwrt.git synced 2024-12-23 15:32:33 +00:00
Code Issues Actions 7 Packages Projects Releases Wiki Activity
45,532 Commits 9 Branches 76 Tags 913 MiB
d1ce73677c
Commit Graph

15 Commits

Author SHA1 Message Date
Koen Vandeputte
0232f57e1a kernel: bump 4.14 to 4.14.176 
Refreshed all patches.

Remove upstreamed:
- 0001-net-thunderx-workaround-BGX-TX-Underflow-issue.patch
- 600-ipv6-addrconf-call-ipv6_mc_up-for-non-Ethernet-inter.patch
- 003-ARM-dts-oxnas-Fix-clear-mask-property.patch

Fixes:
- CVE-2020-8647
- CVE-2020-8648 (potentially)
- CVE-2020-8649

Compile-tested on: cns3xxx, octeontx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2020-04-16 13:23:52 +02:00
Hauke Mehrtens
d13c6d078e kernel: bump 4.14 to 4.14.160 
Refreshed all patches.

Compile-tested on: ipq40xx, ath79
Runtime-tested on: ipq40xx

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
 2019-12-25 15:51:43 +01:00
Koen Vandeputte
60ff8bf512 kernel: bump 4.14 to 4.14.148 
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2019-10-08 15:52:47 +02:00
Koen Vandeputte
63c0a08d49 kernel: bump 4.14 to 4.14.143 
Refreshed all patches.

Remove upstreamed:
- 390-v5.3-net-sched-fix-action-ipt-crash.patch

Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2019-09-13 16:39:44 +02:00
Koen Vandeputte
bc138c5b72 kernel: bump 4.14 to 4.14.138 
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2019-08-14 18:24:11 +02:00
Koen Vandeputte
7f4510a251 kernel: bump 4.14 to 4.14.132 
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2019-07-09 17:02:09 +02:00
Koen Vandeputte
17fc5375f0 kernel: bump 4.14 to 4.14.127 
Refreshed all patches.

Fixes:

- CVE-2019-11479
- CVE-2019-11478
- CVE-2019-11477

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2019-06-18 14:49:13 +02:00
Koen Vandeputte
3662157d8b kernel: bump 4.14 to 4.14.96 
Refreshed all patches.

Remove upstreamed patches:
- 142-jffs2-Fix-use-of-uninitialized-delayed_work-lockdep-.patch

Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2019-01-28 18:17:32 +01:00
Stijn Tintel
8c6f00ef4f kernel: bump 4.14 to 4.14.93 
Refresh patches.
Remove upstreamed patches:
- backport/096-mips-math-emu-Write-protect-delay-slot-emulation-pages.patch
- pending/510-f2fs-fix-sanity_check_raw_super-on-big-endian-machines.patch
- brcm2708/950-0415-qmi_wwan-apply-SET_DTR-quirk-to-the-SIMCOM-shared-de.patch

Compile-tested: ar71xx, ath79, brcm2708/bcm27{08,10}, octeon, x86/64
Runtime-tested: ar71xx, ath79, brcm2708/bcm27{08,10}, octeon, x86/64

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
 2019-01-14 02:20:40 +02:00
Koen Vandeputte
9f2739e924 kernel: bump 4.14 to 4.14.89 
Refreshed all patches.

Remove upstreamed patches:
- 096-v4.20-netfilter-ipv6-Preserve-link-scope-traffic-original-.patch

Compile-tested on: ar71xx, cns3xxx, imx6
Runtime-tested on: ar71xx, cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
 2018-12-18 14:24:57 +01:00
Stijn Tintel
22b9f99b87 kernel: bump 4.14 to 4.14.59 
Drop patch that was superseded upstream:
ramips/0036-mtd-fix-cfi-cmdset-0002-erase-status-check.patch

Drop upstreamed patches:
- apm821xx/020-0001-crypto-crypto4xx-remove-bad-list_del.patch
- apm821xx/020-0011-crypto-crypto4xx-fix-crypto4xx_build_pdr-crypto4xx_b.patch
- ath79/0011-MIPS-ath79-fix-register-address-in-ath79_ddr_wb_flus.patch
- brcm63xx/001-4.15-08-bcm63xx_enet-correct-clock-usage.patch
- brcm63xx/001-4.15-09-bcm63xx_enet-do-not-write-to-random-DMA-channel-on-B.patch
- generic/backport/080-net-convert-sock.sk_wmem_alloc-from-atomic_t-to-refc.patch
- generic/pending/170-usb-dwc2-Fix-DMA-alignment-to-start-at-allocated-boun.patch
- generic/pending/900-gen_stats-fix-netlink-stats-padding.patch

In 4.14.55, a patch was introduced that breaks ext4 images in some
cases. The newly introduced patch
backport-4.14/500-ext4-fix-check-to-prevent-initializing-reserved-inod.patch
addresses this breakage.

Fixes the following CVEs:
- CVE-2018-10876
- CVE-2018-10877
- CVE-2018-10879
- CVE-2018-10880
- CVE-2018-10881
- CVE-2018-10882
- CVE-2018-10883

Compile-tested: ath79, octeon, x86/64
Runtime-tested: ath79, octeon, x86/64

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
 2018-07-31 05:11:07 +03:00
Kabuli Chana
7c1dae6e26 kernel: bump to version 4.14.25 
compile/test target mvebu/rango

Signed-off-by: Kabuli Chana <newtownBuild@gmail.com>
 2018-03-09 22:12:48 +01:00
Stijn Segers
b5469b38cd kernel: bump 4.14 to 4.14.23 
This patch bumps the 4.14 kernel to .23.
- Refreshed patches.
- Deleted bcm53xx/patches-4.14/089-PCI-iproc-Fix-NULL-pointer-dereference-for-BCMA.patch. Has been accepted upstream.
- Deleted generic/pending-4.14/821-usb-Remove-annoying-warning-about-bogus-URB.patch. The upstream URB code was changed,
  the patch no longer applies. I discussed this with the patch author and removed it for now, we'll see how it goes.

Compile-tested on: ramips/mt7621, x86/64
Run-tested on: ramips/mt7621, x86/64

Signed-off-by: Stijn Segers <foss@volatilesystems.org>
 2018-03-02 21:33:08 +01:00
Stijn Tintel
88ba41453d kernel: bump 4.14 to 4.14.20 
Refresh patches.
Remove upstreamed patches:
- backport/080-v4.15-0001-arch-define-weak-abort.patch
- backport/081-v4.15-0002-kernel-exit.c-export-abort-to-modules.patch
Update patch that no longer applies:
pending/493-ubi-set-ROOT_DEV-to-ubiblock-rootfs-if-unset.patch

Fixes CVE-2017-8824.

Compile-tested: octeon, x86/64.
Runtime-tested: octeon, x86/64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
 2018-02-18 02:59:48 +01:00
Hauke Mehrtens
b3f95490b9 kernel: generic: Add kernel 4.14 support 
This adds initial support for kernel 4.14 based on the patches for
kernel 4.9.

In the configuration I deactivated some of the new possible security
features like:
CONFIG_REFCOUNT_FULL
CONFIG_SLAB_FREELIST_HARDENED
CONFIG_SOFTLOCKUP_DETECTOR
CONFIG_WARN_ALL_UNSEEDED_RANDOM

And these overlay FS options are also deactivated:
CONFIG_OVERLAY_FS_INDEX
CONFIG_OVERLAY_FS_REDIRECT_DIR

I activated this:
CONFIG_FORTIFY_SOURCE
CONFIG_POSIX_TIMERS
CONFIG_SLAB_MERGE_DEFAULT
CONFIG_WATCHDOG_HANDLE_BOOT_ENABLED

I am not sure if I did the porting correct for the following patches:
target/linux/generic/backport-4.14/020-backport_netfilter_rtcache.patch
target/linux/generic/hack-4.14/220-gc_sections.patch
target/linux/generic/hack-4.14/321-powerpc_crtsavres_prereq.patch
target/linux/generic/pending-4.14/305-mips_module_reloc.patch
target/linux/generic/pending-4.14/611-netfilter_match_bypass_default_table.patch
target/linux/generic/pending-4.14/680-NET-skip-GRO-for-foreign-MAC-addresses.patch

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
 2017-12-16 22:11:19 +01:00