Commit graph

20 commits

Author SHA1 Message Date
Hauke Mehrtens
e4bad5f0ac kernel: bump kernel 4.14 to version 4.14.63
The following patches were integrated upstream:
 * target/linux/ipq40xx/patches-4.14/050-0006-mtd-nand-qcom-Add-a-NULL-check-for-devm_kasprintf.patch
 * target/linux/mediatek/patches-4.14/0177-phy-phy-mtk-tphy-use-auto-instead-of-force-to-bypass.patch

This fixes tries to work around the following security problems:
 * CVE-2018-3620 L1 Terminal Fault OS, SMM related aspects
 * CVE-2018-3646 L1 Terminal Fault Virtualization related aspects

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-08-15 22:31:56 +02:00
Koen Vandeputte
0ddb34b6b5 kernel: bump 4.14 to 4.14.62
Refreshed all patches.

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-08-10 18:43:23 +02:00
Kristian Evensen
ddf64edfe1 mediatek: Fix amount of memory on U7623
While finalizing support for the U7623 with 512MB, I made an embarresing
error and configured 1GB RAM for the board. I also forgot to move memory
from the dtsi and to the dts. This commit takes care of my mistakes.

While I am confessing my mistakes, I also note that I made a mistake in
the commit message of the initial U7623 commit. It is the .bin-file, and
not the .gz file that shall be sent to the device via tftp.

v1->v2:
* Remove redundant memory node (thanks Jonas Gorski)

Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
2018-08-08 08:38:45 +02:00
Koen Vandeputte
7a254aeeb8 kernel: bump 4.14 to 4.14.61
Refreshed all patches.

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-08-07 12:53:47 +02:00
Stijn Tintel
22b9f99b87 kernel: bump 4.14 to 4.14.59
Drop patch that was superseded upstream:
ramips/0036-mtd-fix-cfi-cmdset-0002-erase-status-check.patch

Drop upstreamed patches:
- apm821xx/020-0001-crypto-crypto4xx-remove-bad-list_del.patch
- apm821xx/020-0011-crypto-crypto4xx-fix-crypto4xx_build_pdr-crypto4xx_b.patch
- ath79/0011-MIPS-ath79-fix-register-address-in-ath79_ddr_wb_flus.patch
- brcm63xx/001-4.15-08-bcm63xx_enet-correct-clock-usage.patch
- brcm63xx/001-4.15-09-bcm63xx_enet-do-not-write-to-random-DMA-channel-on-B.patch
- generic/backport/080-net-convert-sock.sk_wmem_alloc-from-atomic_t-to-refc.patch
- generic/pending/170-usb-dwc2-Fix-DMA-alignment-to-start-at-allocated-boun.patch
- generic/pending/900-gen_stats-fix-netlink-stats-padding.patch

In 4.14.55, a patch was introduced that breaks ext4 images in some
cases. The newly introduced patch
backport-4.14/500-ext4-fix-check-to-prevent-initializing-reserved-inod.patch
addresses this breakage.

Fixes the following CVEs:
- CVE-2018-10876
- CVE-2018-10877
- CVE-2018-10879
- CVE-2018-10880
- CVE-2018-10881
- CVE-2018-10882
- CVE-2018-10883

Compile-tested: ath79, octeon, x86/64
Runtime-tested: ath79, octeon, x86/64

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-07-31 05:11:07 +03:00
Kristian Evensen
d238c7f995 mediatek: Fix memory node for U7623
The changed applied to BananaPi R2 in upstream commit c0b0d540db1a,
which was backported to 4.14 in 4.14.53, is also required for the U7623.
Without updating the memory node, the board refuses to boot.

Fixes: d0839e020d ("kernel: bump 4.14 to 4.14.53")

Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
2018-07-12 08:53:02 +02:00
Koen Vandeputte
d0839e020d kernel: bump 4.14 to 4.14.53
Refreshed all patches

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-07-04 14:16:37 +02:00
Koen Vandeputte
f4ac88b509 kernel: bump 4.14 to 4.14.52
Refreshed all patches

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-07-02 07:04:48 +02:00
Kevin Darbyshire-Bryant
094d49cddf kernel: bump 4.14 to 4.14.51
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.

To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
Refresh patches.

Remove patch that can be reverse applied:
mvebu/patches-4.14/530-ATA-ahci_mvebu-enable-stop_engine-override.patch
mvebu/patches-4.14/531-ATA-ahci_mvebu-pmp-stop-errata-226.patch

Update patch that no longer applied:
ipq806x/patches-4.14/0035-clk-mux-Split-out-register-accessors-for-reuse.patch

Compiled-tested-for: lantiq, ramips
Run-tested-on: lantiq BT hh5a, ramips MIR3g

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Tested-by: Michael Yartys <michael.yartys@protonmail.com>
Tested-by: Rosen Penev <rosenp@gmail.com>
2018-06-26 08:57:21 +02:00
Kristian Evensen
4def81f30f mediatek: Add support for the UniElec U7623-02
This commit adds support for the MT7623A-based UniElec U7623-02 router,
with eMMC storage and 512MB RAM. The router can be delivered with NAND
Flash and more memory, but I only have access to the one configuration.
The DTS is structured in such a way that adding support for
more/different storage/memory should be straight forward.

The device has the following specifications:

* MT7623A (quad-core, 1.3 GHz)
* 512MB RAM (DDR3)
* 8GB storage (eMMC 4.5)
* 2x normal miniPCIe slots
* 1x miniPCIe slot that is connected via an internal USB OTG port
* 5x 1Gbps Ethernet (MT7530 switch)
* 1x UART header
* 1x USB 3.0 port
* 1x SATA 3.0
* 1x 40P*0.5mm FPC for MIPI LCD
* 1x SIM slot
* 12x LEDs (2 GPIO controlled)
* 1x reset button
* 1x DC jack for main power (12V)

The following has been tested and is working:
* Ethernet switch
* miniPCIe slots (tested with Wi-Fi cards)
* USB 3.0 port
* sysupgrade
* reset button

Not working:
* The miniPCIe connected via USB OTG. For the port to work, some MUSB
glue must be added. I am currently in the process of porting the glue
from the vendor SDK.

Not tested:
* SATA 3.0
* MIPI LCD

Installation:

The board ships with u-boot, and the first installation needs to be done
via the bootloader using tftp. Step number one is to update the MBR of
the eMMC, as the one that ships with the device is broken. Since the
device can ship with different storage sizes, I will not provide the
exact steps for creating a valid MBR. However, I have made some
assumptions about the disk layout - there must be one 8MB recovery
partition (FAT32) and a partition for the rootfs (Linux).

The board loads the kernel from block 0xA00 (2560) and I have reserved
32MB for the kernel (65536 blocks). I have aligned the partitions on the
erase block size (4096 byte), so the recovery partition must start on
block 69632 and end on 86016 (16385 sectors). The rootfs is assumed to
start on sector 90112.

In order to install the mbr, you run the following commands from the
u-boot command line:

* tftpboot ${loadaddr} <name of mbr file>
* mmc device 0
* mmc write ${loadaddr} 0x00 1

Run the following commands to install + boot OpenWRT:

* tftpboot ${loadaddr} openwrt-mediatek-mt7623-7623a-unielec-u7623-02-emmc-512m-squashfs-sysupgrade-emmc.bin.gz
* run boot_wr_img
* run boot_rd_img
* bootm

Recovery:

In order to recover the router, you need to follow the installation
steps above (no need to replace MBR).

Notes:

* F2FS is used as the overlay filesystem.

* The device does not ship with any valid MAC address, so a random
address has to be generated. As a work-around, I write the initial
random MAC to a file on the recovery partition. The MAC of the WAN
interface is set to the MAC-address contained in this file on each boot,
and the address of the LAN-interfaces are WAN + 1. The MAC file is kept
across sysupgrade/firstboot.

My approach is slightly different than what the stock image does. The
first fives bytes of the MAC addresses in the stock image are static,
and then the last byte is random. I believe it is better to create fully
random MAC addresses.

* In order to support the miniPCIe-slots, I needed to add missing
pcie-nodes to mt7623.dtsi. The nodes are just c&p from the upstream
dtsi.

* One of the USB3.0 phys (u3phy2) on the board can be used as either USB
or PCI, and one of the wifi-cards is connected to this phy. In order to
support switching the phy from USB to PCI, I needed to patch the
phy-driver. The patch is based on a rejected (at least last time I
checked) PCI-driver submitted to the linux-mediatek mailing list.

* The eMMC is configured to boot from the user area, and according to
the data sheet of the eMMC this value can't be changed.

* I tried to structure the MBR more nicely and use for example a
FAT32-parition for the kernel, so that we don't need to write/read from
some offset. The bootloader does not support reading from
FAT32-paritions. While the command (fatload) is there, it just throws an
error when I try to use it.

* I will submit and hope to get the DTS for the device accepted
upstream. If and when that happens, I will update the patches
accordingly.

Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
2018-06-22 11:25:52 +02:00
Stijn Tintel
e52f3e9b13 kernel: bump 4.14 to 4.14.48
Remove upstreamed patches:
generic/pending/101-clocksource-mips-gic-timer-fix-clocksource-counter-w.patch
generic/pending/103-MIPS-c-r4k-fix-data-corruption-related-to-cache-coherence.patch
generic/pending/182-net-qmi_wwan-add-BroadMobi-BM806U-2020-2033.patch
lantiq/0025-MIPS-lantiq-gphy-Remove-reboot-remove-reset-asserts.patch
Update patches that no longer apply:
generic/pending/811-pci_disable_usb_common_quirks.patch
ath79/0009-MIPS-ath79-add-lots-of-missing-registers.patch

Fixes CVE-2018-6412.

Compile-tested: octeon, x86/64.
Runtime-tested: octeon, x86/64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-06-05 22:54:00 +03:00
Stijn Tintel
64b53247c4 kernel: bump 4.14 to 4.14.44
Refresh patches.

Remove upstreamed patch:
generic/pending/181-net-usb-add-lte-modem-wistron-neweb-d18q1.patch
Update patches that no longer applies:
generic/hack/901-debloat_sock_diag.patch

Compile-tested on: x86/64.
Runtime-tested on: x86/64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-05-29 00:53:15 +03:00
John Crispin
050da2107a mediatek: backport upstream mediatek patches
Signed-off-by: John Crispin <john@phrozen.org>
2018-05-24 22:11:55 +02:00
Koen Vandeputte
6cd41b419c kernel: bump 4.14 to 4.14.36
Refreshed all patches.

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Fixes for CVEs:
CVE-2018-1108
CVE-2018-1092
CVE-2018-1094
CVE-2018-1095

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Tested-by: Stijn Segers <foss@volatilesystems.org>
2018-04-26 08:54:01 +02:00
Hauke Mehrtens
a74fd570a2 kernel: update kernel 4.14 to 4.14.32
The following patches are now included upstream:
* 0052-MIPS-lantiq-fix-usb-clocks.patch
* 0053-MIPS-lantiq-enable-AHB-Bus-for-USB.patch
* 0060-lantiq-ase-enable-MFD-SYSCON.patch

Closes: FS#1466

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Stijn Segers <foss@volatilesystems.org>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-04-03 23:26:45 +02:00
Stijn Segers
41a881a8d9 Kernel: bump 4.14 to 4.14.29
Right patch version this time, sorry!

* Patch 180-usb-xhci-add-support-for-performing-fake-doorbell.patch had to be adjusted slightly because of upstream adapted code.
* Refreshed patches.

Compile-tested: ramips/mt7621, x86/64
Run-tested: ramips/mt7621, x86/64
Signed-off-by: Stijn Segers <foss@volatilesystems.org>
Tested-by: Rosen Penev <rosenp@gmail.com>
2018-03-23 23:49:55 +01:00
Kabuli Chana
7c1dae6e26 kernel: bump to version 4.14.25
compile/test target mvebu/rango

Signed-off-by: Kabuli Chana <newtownBuild@gmail.com>
2018-03-09 22:12:48 +01:00
Stijn Segers
b5469b38cd kernel: bump 4.14 to 4.14.23
This patch bumps the 4.14 kernel to .23.
- Refreshed patches.
- Deleted bcm53xx/patches-4.14/089-PCI-iproc-Fix-NULL-pointer-dereference-for-BCMA.patch. Has been accepted upstream.
- Deleted generic/pending-4.14/821-usb-Remove-annoying-warning-about-bogus-URB.patch. The upstream URB code was changed,
  the patch no longer applies. I discussed this with the patch author and removed it for now, we'll see how it goes.

Compile-tested on: ramips/mt7621, x86/64
Run-tested on: ramips/mt7621, x86/64

Signed-off-by: Stijn Segers <foss@volatilesystems.org>
2018-03-02 21:33:08 +01:00
Stijn Tintel
88ba41453d kernel: bump 4.14 to 4.14.20
Refresh patches.
Remove upstreamed patches:
- backport/080-v4.15-0001-arch-define-weak-abort.patch
- backport/081-v4.15-0002-kernel-exit.c-export-abort-to-modules.patch
Update patch that no longer applies:
pending/493-ubi-set-ROOT_DEV-to-ubiblock-rootfs-if-unset.patch

Fixes CVE-2017-8824.

Compile-tested: octeon, x86/64.
Runtime-tested: octeon, x86/64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-02-18 02:59:48 +01:00
John Crispin
7762c07c88 mediatek: bump to v4.14
This drops support for all the !emmc EVB and adds banannaPi-R2
Also drop mtkhnat until the nftables offoad driver is ready

Signed-off-by: John Crispin <john@phrozen.org>
2018-02-14 11:27:50 +01:00