This makes it possible to add an iptables rule that offloads routing/NAT
packet processing to a software fast path. This fast path is much
quicker than running packets through the regular tables/chains.
Requires Linux 4.14
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This only works with nftables for now, iptables support will be added
later. Includes a number of related upstream nftables improvements to
simplify backporting follow-up changes
Signed-off-by: John Crispin <john@phrozen.org>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Add support to allow for per switch port VLAN priority (PCP) bits
for the ar8327/8337 chip using the swconfig utility.
Tested on Netgear R7800
Signed-off-by: Tan Hong Hui <hhtan72@yahoo.com>
This issue is also present in kernel 4.9 starting from 4.9.71
Adapted the patch, as the fixed function is in another location here.
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
- removed upstreamed patches
- 0901-spansion_nand_id_fix.patch is disabled, not clear if it's needed
Signed-off-by: Roman Yeryomin <roman@advem.lv>
Signed-off-by: John Crispin <john@phrozen.org>
sysfs attributes 'port_mask' & 'speed_mask' held locks whilst doing
mundane tasks such as sprintf. Refactor code to reduce length of time
locks are held unnecessarily.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Add sysfs 'mode' attribute to swconfig controlled LEDs.
swconfig 'link state' LEDs blink in the presence of port traffic. This
behaviour becomes more obvious as switches start to support
get_port_stats() e.g. commits 0369e35891,
3056d09b40,
4ddbc43cc1,
4d8a66d934.
This blinking can be confusing/distracting if the switch has other LEDs
used to indicate traffic. Provide a 'mode' sysfs attribute that
controls the blink on traffic behaviour.
mode - either "none" (LED is off) or a space separated list of one or more:
link: LED's normal state reflects whether the link is up (has carrier) or not
tx: LED blinks on transmitted data
rx: LED blinks on receive data
Note that 'link' considers any port speed mask that may be applicable.
e.g. if an LED is configured to indicate 1Gbit link speed and mode is
set to 'link rx tx' but the port is connected at 100Mbit then the LED
will not light or blink. A mode of 'tx rx' will blink in the presence of
traffic only if the port matches the rate (if configured)
This maintains compatibility with existing behaviour.
Attribute is 'link tx rx' by default for backwards compatible behaviour.
Many thanks to Thibaut Varene for providing a more sensible led_event
routine after I had mangled the original, and other coding style hints.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Acked-by: Thibaut VARENE <hacks@slashdirt.org>
Instead of creating an ubifs file system with format version 5 by
default on empty UBI volumes use the older format 4 by default. This
will make it possible to mount these file systems also on older kernel
versions.
When a user wants to do a sysupgrade from kernel 4.14 to kernel 4.9 the
old kernel has to read the file system created by the more recent kernel
which currently does not work for ubifs.
This fixes the problem by creating file systems which are compatible
with older kernel versions by default.
Kernel 4.14 will still be able to read and write UBI FS file system
version 5, it will just not be used when a ubifs partition is created
implicitly on an empty UBI volume.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The D-Link devices with JBOOT bootloader use their own kernel
image header (stag + sch2 headers).
This driver find jImage header and set rootfs start after kernel file.
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
This config option was renamed in upstream Linux commit 681bec0367
("tracing: Rename update the enum_map file")
Reported-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Locally generated packets weren't forwarded to the isolated interfaces in a
bridge. Isolation should only prevent the flooding of incomming packets to
other interfaces in the bridge.
Signed-off-by: Daniel Danzberger <daniel@dd-wrt.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
When CGROUPS is enabled the new option CONFIG_CGROUP_NET_CLASSID is
selectable and not handled.
Add this option to the 4.9 kernel configuration.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
This replaces the current patches used to make the kernel headers
compatible with musl with the version which was accepted upstream. This
is included in upstream kernel 4.15.
This was compile tested with iproute2 build on all supported kernel
versions with musl and one one with glibc.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
nftables 0.8.1 generates some new commands which will not work without
this on big endian systems. This patch is included in Linux 4.11 and
later.
My rule matching a TCP port was not working:
nft add rule ip foo bar ct state new tcp dport 22 accept
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The KEXEC_FILE symbol exists for X86 since kernel 3.17, and since 4.10
for PPC64. Add it to x86/config-4.9 and to generic/config-4.14.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Several new DRM symbols that were introduced after 4.9 are missing in
the generic config for 4.14, so add them.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
While working on a new target (meson), the kernel build failed due to
missing DRM_DEBUG_MM_SELFTEST symbol. This can potentially happen on all
targets that enable DRM drivers in the kernel config or via kmod
packages, so add it to the generic config and remove it from x86
subtarget configs, together with DRM_DEBUG_MM.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Add a bunch of missing configuration symbols found while building
armvirt for 4.14 after re-synchronization of the configuration between
4.9 and 4.14.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
This backports upstream support for "compatible" DT property set for the
"partitions" subnode of flash node. It allows specifying how partitions
should be created/parsed. Right now only "fixed-partitions" is
supported.
It should eventually replace our downstream "linux,part-probe" solution.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Multicast routing support is not needed in most setups, and increases the
size of the kernel considerably (>10K after LZMA). Add a config switch to
allow disabling it.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
The underlying issue breaking Spansion flash has been fixed with "mtd: spi-nor:
wait until lock/unlock operations are ready" and "mtd: spi-nor: wait for SR_WIP
to clear on initial unlock", so we can support unlocking for Winbond flash
again.
This is necessary to have writable flash on certain UBNT devices with some
bootloader versions.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Rename unwinder config symbols to match upstream changes.
Refresh patches.
Update patch that no longer applies: 202-reduce_module_size.patch
Also enable CONFIG_PAGE_TABLE_ISOLATION. This feature was backported
from 4.15 to the 4.14 stable series. It is enabled by default, so enable
it in OpenWrt as well.
Compile-tested on x86/64.
Runtime-tested on x86/64.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
While bumping 4.14, the kernel build failed due to missing CONFIG_KASAN
symbol. Move it to generic config instead of defining it for all arm64
and x86/64 targets.
It was only added in 4.0, so not needed in config-3.18.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Remove a stray -Wp left in host_c_flags causing build failures for newer
4.14 versions.
Reported-by: Michael Marley <michael@michaelmarley.com>
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
A few UBI messages lacks the trailing newline character which
leads to ugly lines in the bootlog like this:
[ 6.649159] UBI error: no valid UBI magic found inside mtd6[ 6.667751] Freeing unused kernel memory: 2196K
Add a newline character to the end of the messages to fix it.
After the fix the line from above looks better in the log:
[ 6.609182] UBI error: no valid UBI magic found inside mtd6
[ 6.627599] Freeing unused kernel memory: 2132K
Signed-off-by: Gabor Juhos <juhosg@freemail.hu>
A few UBI messages lacks the trailing newline character which
leads to ugly lines in the bootlog like this:
[ 6.649159] UBI error: no valid UBI magic found inside mtd6[ 6.667751] Freeing unused kernel memory: 2196K
Add a newline character to the end of the messages to fix it.
After the fix the line from above looks better in the log:
[ 6.609182] UBI error: no valid UBI magic found inside mtd6
[ 6.627599] Freeing unused kernel memory: 2132K
Signed-off-by: Gabor Juhos <juhosg@freemail.hu>
A few UBI messages lacks the trailing newline character which
leads to ugly lines in the bootlog like this:
[ 6.649159] UBI error: no valid UBI magic found inside mtd6[ 6.667751] Freeing unused kernel memory: 2196K
Add a newline character to the end of the messages to fix it.
After the fix the line from above looks better in the log:
[ 6.609182] UBI error: no valid UBI magic found inside mtd6
[ 6.627599] Freeing unused kernel memory: 2132K
Signed-off-by: Gabor Juhos <juhosg@freemail.hu>
In kernel 4.14 kmod-bluetooth depends on kmod-crypto-ecdh, add
kmod-crypto-ecdh to LEDE.
Both packages also depend on the kmod-crypto-kpp package. To build this
we have to fix the dependency of CRYPTO_ECDH which has a typo.
This patch is already accepted upstream.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This adds initial support for kernel 4.14 based on the patches for
kernel 4.9.
In the configuration I deactivated some of the new possible security
features like:
CONFIG_REFCOUNT_FULL
CONFIG_SLAB_FREELIST_HARDENED
CONFIG_SOFTLOCKUP_DETECTOR
CONFIG_WARN_ALL_UNSEEDED_RANDOM
And these overlay FS options are also deactivated:
CONFIG_OVERLAY_FS_INDEX
CONFIG_OVERLAY_FS_REDIRECT_DIR
I activated this:
CONFIG_FORTIFY_SOURCE
CONFIG_POSIX_TIMERS
CONFIG_SLAB_MERGE_DEFAULT
CONFIG_WATCHDOG_HANDLE_BOOT_ENABLED
I am not sure if I did the porting correct for the following patches:
target/linux/generic/backport-4.14/020-backport_netfilter_rtcache.patch
target/linux/generic/hack-4.14/220-gc_sections.patch
target/linux/generic/hack-4.14/321-powerpc_crtsavres_prereq.patch
target/linux/generic/pending-4.14/305-mips_module_reloc.patch
target/linux/generic/pending-4.14/611-netfilter_match_bypass_default_table.patch
target/linux/generic/pending-4.14/680-NET-skip-GRO-for-foreign-MAC-addresses.patch
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
These are taken from the x86 target and should make support kernel 4.9
and 4.14 in the x86 target easier.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
When mtdsplit_minor.c is compiled under Linux 4.4, the compiler
drops the following warning:
CC drivers/mtd/mtdsplit/mtdsplit_minor.o
drivers/mtd/mtdsplit/mtdsplit_minor.c:106:14: warning: initialization from incompatible pointer type [-Wincompatible-pointer-types]
.parse_fn = mtdsplit_parse_minor,
^
drivers/mtd/mtdsplit/mtdsplit_minor.c:106:14: note: (near initialization for 'mtdsplit_minor_parser.parse_fn')
The second parameter of the parser function must not have a 'const'
qualifier in 4.4. The 001-mtdsplit_backport.patch removes the qualifier
from other partition parsers. Update it to handle mtdsplit_minor.c as
well.
Signed-off-by: Gabor Juhos <juhosg@freemail.hu>
Currently local TCP performance on wifi devices can be limited because
the TSQ (TCP Small Queues) code is tuned for wired ethernet latencies.
With this patch drivers can increase the amount of local buffering to
allow TCP to trigger larger aggregation sizes
This commit is modified from the upstream version to allow #ifdef based
backport feature detection
Signed-off-by: Felix Fietkau <nbd@nbd.name>
The splitter ignored the rootfs offset from the header, probably
because until c1e6e61 it was invalid.
This patch fixes the splitter to use the now correct header data.
Regarding target/linux/ar71xx/files/drivers/mtd/tplinkpart.c,
this particular splitter "falls back" to the correct rootfs offset
reading and as such it doesn't need to be updated, although it will
report a kernel partition length that can be larger than the actual
length as it assumes that partition fills the entire segment up to
the rootfs partition.
Tested-by: Mathias Kresin <dev@kresin.me>
Tested-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
Tested-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Tested-by: Henryk Heisig <hyniu@o2.pl>
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
Some targets need 4K sectors for small flash chips (e.g. some
routerboards, where the entire chip is just one "erase block"), whereas
on other devices 4K sectors lead to horrible flash erase/write
performance.
Set the default limit in the generic kernel configuration to 4 MiB to
ensure that all new platforms don't use 4K sectors for bigger flash
chips. On all existing targets use 16 MiB for now to avoid regressions.
They will be changed individually in follow-up commits.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Without this, posix_[fm]advise does not work. This causes issues with
btrfs-progs, which uses fadvise to drop caches.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Patch 610-netfilter_match_bypass_default_check added an extra flag IPT_F_NO_DEF_MATCH
which is copied to user space in function copy_entries_to_user. The 32bit compat
layer function was missing the same logic to copy the flag IPT_F_NO_DEF_MATCH to
user space for a 64bit kernel and 32 bit user space.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Thierry Dutre <thierry.dutre@dtsystems.be>
Patch 610-netfilter_match_bypass_default_check added an extra flag IPT_F_NO_DEF_MATCH
which is copied to user space in function copy_entries_to_user. The 32bit compat
layer function was missing the same logic to copy the flag IPT_F_NO_DEF_MATCH to
user space for a 64bit kernel and 32 bit user space.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Thierry Dutre <thierry.dutre@dtsystems.be>
Patch 610-netfilter_match_bypass_default_check added an extra flag IPT_F_NO_DEF_MATCH
which is copied to user space in function copy_entries_to_user. The 32bit compat
layer function was missing the same logic to copy the flag IPT_F_NO_DEF_MATCH to
user space for a 64bit kernel and 32 bit user space.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Thierry Dutre <thierry.dutre@dtsystems.be>
When the kmod-at91-adc package is activated for the at91 target the new
option CONFIG_AT91_SAMA5D2_ADC is selectable and not handled. Add this
option to the kernel 4.9 configuration.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
When porting the kernel patches from 4.4 to 4.9, they were missing a
small chunk that ensures that ftrace sections are kept in the vmlinux
image, even when linked with --gc-sections
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This adds support for kernel 4.9 and replaces the kernel 4.4 support.
These are lynxis test results:
panda-board a3 - works, but no network, but master/4.4 doesn't have network either.
panda-board-a4 - u-boot SPL refuse to boot.
beaglebone-black - works
beagle-board - usb attached network doesn't come up and I doesn't have a serial around.
beagle-board-xm - ToDo: image code is missing.
Kernel 4.4 does not look better, so we merge this anyway.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Alexander Couzens <lynxis@fe80.eu>
This PHY requires some extra programming to work reliably with all
devices. Backport upstream fix for it.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Backport upstream commit that improves ethernet performance by a
small amount.
Compile and run tested on ipq8065.
Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
These options are deactivating some kernel modules for IP blocks not
uses on this SoC. I saw the same when working with the ARM64 Marvell
board so it is better to move them to generic.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Under heavy load it's possible to overrun the 82574L. When this
happens, Other Interrupt happens and that's erroneously interpreted
as a Link Status Change.
http://patchwork.ozlabs.org/patch/792260/
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
check if the config option CONFIG_LANTIQ is defined.
This fixes the following warning:
CC [M] drivers/misc/owl-loader.o
drivers/misc/owl-loader.c: In function 'ath9k_pci_fixup':
drivers/misc/owl-loader.c:92:5: warning: "CONFIG_LANTIQ" is not defined [-Wundef]
#if CONFIG_LANTIQ
^
Fixes: e9401a2335 ("kernel: owl-loader for delayed Atheros ath9k fixup")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
x86_64 platforms typically don't lack memory, so don't needlessly
economize memory if fq_codel on capable platforms.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
[Add a comment to the patch]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Refresh patches.
Compile-tested on octeon and x86/64.
Runtime-tested on octeon and x86/64.
Fixes the following CVEs:
- CVE-2017-14106
- CVE-2017-14497
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Delete a bunch of fixes that are already included.
Refresh patches.
Compile-tested on malta/mipsel
Runtime-tested on malta/mipsel
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
4.4.80+ contains 71a165f6397df07a06ce643de5c2dbae29bd3cfb, 4.9.41+ contains
6c78197e4a69c19e61dfe904fdc661b2aee8ec20 which are all backports of upstream
commit 0878fff1f42c18e448ab5b8b4f6a3eb32365b5b6 ("net: phy: Do not perform
software reset for Generic PHY").
Our local patch is no longer needed, all this patch was doing was utilizing
gen10g_soft_reset which does nothing either, so just keep the code unchanged.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
The implementation is not efficient on ar8xxx switches. It triggers high
CPU load and degrades device performance.
The high CPU load has been traced down to the ar8xxx_reg_wait() call in
ar8xxx_mib_op(), which has to usleep_range() till the MIB busy flag set
by the request to update the MIB counter is cleared.
This commit removes the get_port_stats() code introduced in 4d8a66d and
leaves a note for future hacker's beware.
Fixes: FS#1004
Signed-off-by: Thibaut VARENE <hacks@slashdirt.org>
Refresh patches.
Compile-tested on octeon and x86/64.
Runtime-tested on octeon and x86/64.
Fixes CVE-2017-11600.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
In case the link changes from down to up, the register is only updated
on read. If the link failed/was down, this bit will be 0 until after
reading this bit again.
Fixes a reported link down by swconfig alebit the link is up (query for
the link again will show the correct link status)
Signed-off-by: Mathias Kresin <dev@kresin.me>
Refresh patches.
Compile-tested on ramips/mt7621 and x86/64.
Runtime-tested on ramips/mt7621 and x86/64.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
This generic structure defines tx_bytes and rx_bytes as unsigned long (u32),
while several devices would typically report unsigned long long (u64).
The code can work as is, but there's a chance that with a sufficiently fast
interface the overflow might happen too fast to be correctly noticed by the
consumers of this data.
This patch makes both field unsigned long long and updates the only known
consumer of this data: swconfig_leds.c
Signed-off-by: Thibaut VARENE <hacks@slashdirt.org>
This patch provides a generic switch_dev_ops 'get_port_stats()' callback by
taping into the relevant port MIB counters.
This callback is used by swconfig_leds led trigger to blink LEDs with port
network traffic.
Signed-off-by: Thibaut VARENE <hacks@slashdirt.org>
This patch provides a generic switch_dev_ops 'get_port_stats()' callback by
taping into the relevant port MIB counters.
This callback is used by swconfig_leds led trigger to blink LEDs with port
network traffic.
Signed-off-by: Thibaut VARENE <hacks@slashdirt.org>
This patch provides a generic switch_dev_ops 'get_port_stats()' callback by
taping into the relevant port MIB counters.
This callback is used by swconfig_leds led trigger to blink LEDs with port
network traffic.
Signed-off-by: Thibaut VARENE <hacks@slashdirt.org>
This patch provides a generic switch_dev_ops 'get_port_stats()' callback by
taping into the relevant port MIB counters.
The implementation uses a generic callback that select the correct MIB counter
index based on chip version.
This callback is used by swconfig_leds led trigger to blink LEDs with port
network traffic.
Signed-off-by: Thibaut VARENE <hacks@slashdirt.org>
Refresh patches.
Adapt 704-phy-no-genphy-soft-reset.patch.
Remove brcm2708/950-0005-mm-Remove-the-PFN-busy-warning.patch.
Compile-tested on brcm2708/bcm2708 and x86/64.
Runtime-tested on brcm2708/bcm2708 and x86/64.
Fixes the following vulnerabilities:
- CVE-2017-7533
- CVE-2017-1000111
- CVE-2017-1000112
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
- Refreshed all patches
- Removed upstreamed
- Adapted 4 patches:
473-fix-marvell-phy-initialization-issues.patch
-----------------------------------------------
Removed hunk 5 which got upstreamed
403-net-phy-avoid-setting-unsupported-EEE-advertisments.patch
404-net-phy-restart-phy-autonegotiation-after-EEE-advert.patch
--------------------------------------------------------------
Adapted these 2 RFC patches, merging the delta's from an upstream commit
(see below) which made it before these 2.
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-
stable.git/commit/?h=v4.9.36&id=97ace183074d306942b903a148aebd5d061758f0
180-usb-xhci-add-support-for-performing-fake-doorbell.patch
-----------------------------------------------------------
- Moved fake_doorbell bitmask due to new item
Compile tested on: cns3xxx, imx6
Run tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Add patches-4.9, some of them (heavily) rewritten:
- ea4500 is upstream available, keep only LEDE changes in dts
- ea3500 is changed to match the structure of the upstream ea4500 dts
- nsa310s rewritten to include the common dtsi
- nsa325 is dropped, since already upstream
Signed-off-by: Paul Wassi <p.wassi@gmx.at>
Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
[refresh kernel config, add on100, use the switchdev based mv88e6171
driver for the linksys boards, keep lede specific rootfs/kernel
partition names for linksys boards, reorder patches]
Signed-off-by: Mathias Kresin <dev@kresin.me>
On the Linksys WRT54GSv1, the adm6996 switch driver and the
gpio_button_hotplug module both claim GPIO 6, which is connected to the
Reset button. When the switch driver's request wins, the Reset button
cannot work. This makes it impossible to enter failsafe mode without a
serial console.
Stop requesting the "adm_rc" GPIO in the switch driver, since it is not
used anywhere.
Fixes FS#792.
Signed-off-by: Mirko Parthey <mirko.parthey@web.de>
In preparation for bumping mxs target to 4.9, disable a bunch of configuration
symbols that provoked config prompts.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
- Refreshed all patches
- Adapted 1 (0031-mtd-add-SMEM-parser-for-QCOM-platforms.patch)
Compile tested on: brcm2708, cns3xxx, imx6
Run tested on: brcm2708, cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
[Compile and run tested on brcm2708]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
The driver is used for boards outside the lantiq target as well. Move
it to generic to make it available for more targets.
The phy driver is included in kernel 4.8 as INTEL_XWAY_PHY.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Except for renames and line changes the only conflict was in
allocate_partition in handling MTD_WRITEABLE. Hopefully it was handled
correctly.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
This mtd_roundup_to_eb helper was introduced years ago in the commit
daec7ad768 ("kernel/3.10: add separate rootfs partition parser") and
it was probably supposed to simplify code a bit.
With the recent upstream commit 1eeef2d7483a7 ("mtd: handle partitioning
on devices with 0 erasesize") the logic in allocate_partition got
slightly more complex and we can't use this simple helper anymore as it
doesn't support MTD_NO_ERASE properly.
There also isn't any real gain from this helper, so it's probably easier
to just don't use it *or* work on upstreaming it to avoid maintenance
cost.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Fixes the following security vulnerabilities:
CVE-2017-8890
The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the
Linux kernel through 4.10.15 allows attackers to cause a denial of service
(double free) or possibly have unspecified other impact by leveraging use
of the accept system call.
CVE-2017-9074
The IPv6 fragmentation implementation in the Linux kernel through 4.11.1
does not consider that the nexthdr field may be associated with an invalid
option, which allows local users to cause a denial of service (out-of-bounds
read and BUG) or possibly have unspecified other impact via crafted socket
and send system calls.
CVE-2017-9075
The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.
CVE-2017-9076
The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux
kernel through 4.11.1 mishandles inheritance, which allows local users to
cause a denial of service or possibly have unspecified other impact via
crafted system calls, a related issue to CVE-2017-8890.
CVE-2017-9077
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.
CVE-2017-9242
The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel
through 4.11.3 is too late in checking whether an overwrite of an skb data
structure may occur, which allows local users to cause a denial of service
(system crash) via crafted system calls.
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8890
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9074
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9075
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9076
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9077
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9242
Ref: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.31
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Fixes the following security vulnerabilities:
CVE-2017-8890
The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the
Linux kernel through 4.10.15 allows attackers to cause a denial of service
(double free) or possibly have unspecified other impact by leveraging use
of the accept system call.
CVE-2017-9074
The IPv6 fragmentation implementation in the Linux kernel through 4.11.1
does not consider that the nexthdr field may be associated with an invalid
option, which allows local users to cause a denial of service (out-of-bounds
read and BUG) or possibly have unspecified other impact via crafted socket
and send system calls.
CVE-2017-9075
The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.
CVE-2017-9076
The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux
kernel through 4.11.1 mishandles inheritance, which allows local users to
cause a denial of service or possibly have unspecified other impact via
crafted system calls, a related issue to CVE-2017-8890.
CVE-2017-9077
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.
CVE-2017-9242
The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel
through 4.11.3 is too late in checking whether an overwrite of an skb data
structure may occur, which allows local users to cause a denial of service
(system crash) via crafted system calls.
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8890
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9074
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9075
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9076
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9077
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9242
Ref: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.71
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
CONFIG_SG_POOL symbol is selected only by CONFIG_SCSI, since the last
one is disabled by default then disable CONFIG_SG_POOL by default too.
And explicitly enable it only for platforms that use CONFIG_SCSI.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
PHY core treats any positive return value as the auto-negotiation done
indication. Since we do not actually check any device register in this
callback then update it to return positive value with a neutral meaning
instead of the register flag to avoid confusing for future readers.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
The Marvel 88E6060 switch has an MDIO interface, but does not emulate
regular PHY behavior for the host. The network core can not detect using
the generic code, whether the connection via the attached PHY can be
used or not. The PHY's state machine is stuck in a state of
auto-negotiation and does not go any further so the Ethernet interface
of the router stay forever in the not-runing state.
Fix this issue by implementing the aneg_done callback to be able to
inform the network core that the Ethernet interface link to which the
switch is connected can be marked as RUNNING.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>