1add2c0d95
intel-microcode (3.20210608.2) * Correct INTEL-SA-00442 CVE id to CVE-2020-24489 in changelog and debian/changelog (3.20210608.1). intel-microcode (3.20210608.1) * New upstream microcode datafile 20210608 (closes: #989615) * Implements mitigations for CVE-2020-24511 CVE-2020-24512 (INTEL-SA-00464), information leakage through shared resources, and timing discrepancy sidechannels * Implements mitigations for CVE-2020-24513 (INTEL-SA-00465), Domain-bypass transient execution vulnerability in some Intel Atom Processors, affects Intel SGX. * Implements mitigations for CVE-2020-24489 (INTEL-SA-00442), Intel VT-d privilege escalation * Fixes critical errata on several processors * New Microcodes: sig 0x00050655, pf_mask 0xb7, 2018-11-16, rev 0x3000010, size 47104 sig 0x000606a5, pf_mask 0x87, 2021-03-08, rev 0xc0002f0, size 283648 sig 0x000606a6, pf_mask 0x87, 2021-04-25, rev 0xd0002a0, size 283648 sig 0x00080664, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048 sig 0x00080665, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048 sig 0x000806c1, pf_mask 0x80, 2021-03-31, rev 0x0088, size 109568 sig 0x000806c2, pf_mask 0xc2, 2021-04-07, rev 0x0016, size 94208 sig 0x000806d1, pf_mask 0xc2, 2021-04-23, rev 0x002c, size 99328 sig 0x00090661, pf_mask 0x01, 2021-02-04, rev 0x0011, size 19456 sig 0x000906c0, pf_mask 0x01, 2021-03-23, rev 0x001d, size 19456 sig 0x000a0671, pf_mask 0x02, 2021-04-11, rev 0x0040, size 100352 * Updated Microcodes: sig 0x000306f2, pf_mask 0x6f, 2021-01-27, rev 0x0046, size 34816 sig 0x000306f4, pf_mask 0x80, 2021-02-05, rev 0x0019, size 19456 sig 0x000406e3, pf_mask 0xc0, 2021-01-25, rev 0x00ea, size 105472 sig 0x000406f1, pf_mask 0xef, 2021-02-06, rev 0xb00003e, size 31744 sig 0x00050653, pf_mask 0x97, 2021-03-08, rev 0x100015b, size 34816 sig 0x00050654, pf_mask 0xb7, 2021-03-08, rev 0x2006b06, size 36864 sig 0x00050656, pf_mask 0xbf, 2021-03-08, rev 0x4003102, size 30720 sig 0x00050657, pf_mask 0xbf, 2021-03-08, rev 0x5003102, size 30720 sig 0x0005065b, pf_mask 0xbf, 2021-04-23, rev 0x7002302, size 27648 sig 0x00050663, pf_mask 0x10, 2021-02-04, rev 0x700001b, size 24576 sig 0x00050664, pf_mask 0x10, 2021-02-04, rev 0xf000019, size 24576 sig 0x00050665, pf_mask 0x10, 2021-02-04, rev 0xe000012, size 19456 sig 0x000506c9, pf_mask 0x03, 2020-10-23, rev 0x0044, size 17408 sig 0x000506ca, pf_mask 0x03, 2020-10-23, rev 0x0020, size 15360 sig 0x000506e3, pf_mask 0x36, 2021-01-25, rev 0x00ea, size 105472 sig 0x000506f1, pf_mask 0x01, 2020-10-23, rev 0x0034, size 11264 sig 0x000706a1, pf_mask 0x01, 2020-10-23, rev 0x0036, size 74752 sig 0x000706a8, pf_mask 0x01, 2020-10-23, rev 0x001a, size 75776 sig 0x000706e5, pf_mask 0x80, 2020-11-01, rev 0x00a6, size 110592 sig 0x000806a1, pf_mask 0x10, 2020-11-06, rev 0x002a, size 32768 sig 0x000806e9, pf_mask 0x10, 2021-01-05, rev 0x00ea, size 104448 sig 0x000806e9, pf_mask 0xc0, 2021-01-05, rev 0x00ea, size 104448 sig 0x000806ea, pf_mask 0xc0, 2021-01-06, rev 0x00ea, size 103424 sig 0x000806eb, pf_mask 0xd0, 2021-01-05, rev 0x00ea, size 104448 sig 0x000806ec, pf_mask 0x94, 2021-01-05, rev 0x00ea, size 104448 sig 0x000906e9, pf_mask 0x2a, 2021-01-05, rev 0x00ea, size 104448 sig 0x000906ea, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 102400 sig 0x000906eb, pf_mask 0x02, 2021-01-05, rev 0x00ea, size 104448 sig 0x000906ec, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 103424 sig 0x000906ed, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 103424 sig 0x000a0652, pf_mask 0x20, 2021-02-07, rev 0x00ea, size 93184 sig 0x000a0653, pf_mask 0x22, 2021-03-08, rev 0x00ea, size 94208 sig 0x000a0655, pf_mask 0x22, 2021-03-08, rev 0x00ec, size 94208 sig 0x000a0660, pf_mask 0x80, 2020-12-08, rev 0x00e8, size 94208 sig 0x000a0661, pf_mask 0x80, 2021-02-07, rev 0x00ea, size 93184 * source: update symlinks to reflect id of the latest release, 20210608 intel-microcode (3.20210216.1) * New upstream microcode datafile 20210216 * Mitigates an issue on Skylake Server (H0/M0/U0), Xeon-D 21xx, and Cascade Lake Server (B0/B1) when using an active JTAG agent like In Target Probe (ITP), Direct Connect Interface (DCI) or a Baseboard Management Controller (BMC) to take the CPU JTAG/TAP out of reset and then returning it to reset. * This issue is related to the INTEL-SA-00381 mitigation. * Updated Microcodes: sig 0x00050654, pf_mask 0xb7, 2020-12-31, rev 0x2006a0a, size 36864 sig 0x00050656, pf_mask 0xbf, 2020-12-31, rev 0x4003006, size 53248 sig 0x00050657, pf_mask 0xbf, 2020-12-31, rev 0x5003006, size 53248 * source: update symlinks to reflect id of the latest release, 20210216 intel-microcode (3.20201118.1) * New upstream microcode datafile 20201118 * Removes a faulty microcode update from release 2020-11-10 for Tiger Lake processors. Note that Debian already had removed this specific falty microcode update on the 3.20201110.1 release * Add a microcode update for the Pentium Silver N/J5xxx and Celeron N/J4xxx which didn't make it to release 20201110, fixing security issues (INTEL-SA-00381, INTEL-SA-00389) * Updated Microcodes: sig 0x000706a1, pf_mask 0x01, 2020-06-09, rev 0x0034, size 74752 * Removed Microcodes: sig 0x000806c1, pf_mask 0x80, 2020-10-02, rev 0x0068, size 107520 intel-microcode (3.20201110.1) * New upstream microcode datafile 20201110 (closes: #974533) * Implements mitigation for CVE-2020-8696 and CVE-2020-8698, aka INTEL-SA-00381: AVX register information leakage; Fast-Forward store predictor information leakage * Implements mitigation for CVE-2020-8695, Intel SGX information disclosure via RAPL, aka INTEL-SA-00389 * Fixes critical errata on several processor models * Reintroduces SRBDS mitigations(CVE-2020-0543, INTEL-SA-00320) for Skylake-U/Y, Skylake Xeon E3 * New Microcodes sig 0x0005065b, pf_mask 0xbf, 2020-08-20, rev 0x700001e, size 27648 sig 0x000806a1, pf_mask 0x10, 2020-06-26, rev 0x0028, size 32768 sig 0x000806c1, pf_mask 0x80, 2020-10-02, rev 0x0068, size 107520 sig 0x000a0652, pf_mask 0x20, 2020-07-08, rev 0x00e0, size 93184 sig 0x000a0653, pf_mask 0x22, 2020-07-08, rev 0x00e0, size 94208 sig 0x000a0655, pf_mask 0x22, 2020-07-08, rev 0x00e0, size 93184 sig 0x000a0661, pf_mask 0x80, 2020-07-02, rev 0x00e0, size 93184 * Updated Microcodes sig 0x000306f2, pf_mask 0x6f, 2020-05-27, rev 0x0044, size 34816 sig 0x000406e3, pf_mask 0xc0, 2020-07-14, rev 0x00e2, size 105472 sig 0x00050653, pf_mask 0x97, 2020-06-18, rev 0x1000159, size 33792 sig 0x00050654, pf_mask 0xb7, 2020-06-16, rev 0x2006a08, size 35840 sig 0x00050656, pf_mask 0xbf, 2020-06-18, rev 0x4003003, size 52224 sig 0x00050657, pf_mask 0xbf, 2020-06-18, rev 0x5003003, size 52224 sig 0x000506c9, pf_mask 0x03, 2020-02-27, rev 0x0040, size 17408 sig 0x000506ca, pf_mask 0x03, 2020-02-27, rev 0x001e, size 15360 sig 0x000506e3, pf_mask 0x36, 2020-07-14, rev 0x00e2, size 105472 sig 0x000706a8, pf_mask 0x01, 2020-06-09, rev 0x0018, size 75776 sig 0x000706e5, pf_mask 0x80, 2020-07-30, rev 0x00a0, size 109568 sig 0x000806e9, pf_mask 0x10, 2020-05-27, rev 0x00de, size 104448 sig 0x000806e9, pf_mask 0xc0, 2020-05-27, rev 0x00de, size 104448 sig 0x000806ea, pf_mask 0xc0, 2020-06-17, rev 0x00e0, size 104448 sig 0x000806eb, pf_mask 0xd0, 2020-06-03, rev 0x00de, size 104448 sig 0x000806ec, pf_mask 0x94, 2020-05-18, rev 0x00de, size 104448 sig 0x000906e9, pf_mask 0x2a, 2020-05-26, rev 0x00de, size 104448 sig 0x000906ea, pf_mask 0x22, 2020-05-25, rev 0x00de, size 103424 sig 0x000906eb, pf_mask 0x02, 2020-05-25, rev 0x00de, size 104448 sig 0x000906ec, pf_mask 0x22, 2020-06-03, rev 0x00de, size 103424 sig 0x000906ed, pf_mask 0x22, 2020-05-24, rev 0x00de, size 103424 sig 0x000a0660, pf_mask 0x80, 2020-07-08, rev 0x00e0, size 94208 * 0x806c1: remove the new Tiger Lake update: causes hang on cold/warm boot https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/44 INTEL-SA-00381 AND INTEL-SA-00389 MITIGATIONS ARE THEREFORE NOT INSTALLED FOR 0x806c1 TIGER LAKE PROCESSORS by this package update. Contact your system vendor for a firmware update, or wait fo a possible fix in a future Intel microcode release. * source: update symlinks to reflect id of the latest release, 20201110 * source: ship new upstream documentation (security.md, releasenote.md) Signed-off-by: Tan Zien <nabsdh9@gmail.com> [used different .tar.xz source, but with the same content] Signed-off-by: Christian Lamparter <chunkeey@gmail.com> |
||
---|---|---|
.github | ||
config | ||
include | ||
LICENSES | ||
package | ||
scripts | ||
target | ||
toolchain | ||
tools | ||
.gitattributes | ||
.gitignore | ||
BSDmakefile | ||
Config.in | ||
COPYING | ||
feeds.conf.default | ||
Makefile | ||
README.md | ||
rules.mk |
OpenWrt Project is a Linux operating system targeting embedded devices. Instead of trying to create a single, static firmware, OpenWrt provides a fully writable filesystem with package management. This frees you from the application selection and configuration provided by the vendor and allows you to customize the device through the use of packages to suit any application. For developers, OpenWrt is the framework to build an application without having to build a complete firmware around it; for users this means the ability for full customization, to use the device in ways never envisioned.
Sunshine!
Development
To build your own firmware you need a GNU/Linux, BSD or MacOSX system (case sensitive filesystem required). Cygwin is unsupported because of the lack of a case sensitive file system.
Requirements
You need the following tools to compile OpenWrt, the package names vary between distributions. A complete list with distribution specific packages is found in the Build System Setup documentation.
binutils bzip2 diff find flex gawk gcc-6+ getopt grep install libc-dev libz-dev
make4.1+ perl python3.6+ rsync subversion unzip which
Quickstart
-
Run
./scripts/feeds update -a
to obtain all the latest package definitions defined in feeds.conf / feeds.conf.default -
Run
./scripts/feeds install -a
to install symlinks for all obtained packages into package/feeds/ -
Run
make menuconfig
to select your preferred configuration for the toolchain, target system & firmware packages. -
Run
make
to build your firmware. This will download all sources, build the cross-compile toolchain and then cross-compile the GNU/Linux kernel & all chosen applications for your target system.
Related Repositories
The main repository uses multiple sub-repositories to manage packages of
different categories. All packages are installed via the OpenWrt package
manager called opkg
. If you're looking to develop the web interface or port
packages to OpenWrt, please find the fitting repository below.
-
LuCI Web Interface: Modern and modular interface to control the device via a web browser.
-
OpenWrt Packages: Community repository of ported packages.
-
OpenWrt Routing: Packages specifically focused on (mesh) routing.
-
OpenWrt Video: Packages specifically focused on display servers and clients (Xorg and Wayland).
Support Information
For a list of supported devices see the OpenWrt Hardware Database
Documentation
Support Community
- Forum: For usage, projects, discussions and hardware advise.
- Support Chat: Channel
#openwrt
on oftc.net.
Developer Community
- Bug Reports: Report bugs in OpenWrt
- Dev Mailing List: Send patches
- Dev Chat: Channel
#openwrt-devel
on oftc.net.
License
OpenWrt is licensed under GPL-2.0