Commit graph

31 commits

Author SHA1 Message Date
Jo-Philipp Wich
f4a4f324cb kernel: update kernel 4.4 to 4.4.71
Fixes the following security vulnerabilities:

CVE-2017-8890
The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the
Linux kernel through 4.10.15 allows attackers to cause a denial of service
(double free) or possibly have unspecified other impact by leveraging use
of the accept system call.

CVE-2017-9074
The IPv6 fragmentation implementation in the Linux kernel through 4.11.1
does not consider that the nexthdr field may be associated with an invalid
option, which allows local users to cause a denial of service (out-of-bounds
read and BUG) or possibly have unspecified other impact via crafted socket
and send system calls.

CVE-2017-9075
The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.

CVE-2017-9076
The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux
kernel through 4.11.1 mishandles inheritance, which allows local users to
cause a denial of service or possibly have unspecified other impact via
crafted system calls, a related issue to CVE-2017-8890.

CVE-2017-9077
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.

CVE-2017-9242
The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel
through 4.11.3 is too late in checking whether an overwrite of an skb data
structure may occur, which allows local users to cause a denial of service
(system crash) via crafted system calls.

Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8890
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9074
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9075
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9076
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9077
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9242
Ref: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.71

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-06-07 21:40:42 +02:00
Felix Fietkau
047695a029 Revert "mvebu: remove linux 4.4 support"
This reverts commit 51397d7d95.
There are some unresolved random crashes on WRT1900AC v1 that still need
to be sorted out

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-04-17 08:44:37 +02:00
Felix Fietkau
51397d7d95 mvebu: remove linux 4.4 support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-04-12 09:51:34 +02:00
Felix Fietkau
2e1f6f1682 mvebu: work around an ethernet tx scheduling fairness issue
The hardware queue scheduling is apparently configured with fixed
priorities, which creates a nasty fairness issue where traffic from one
CPU can starve traffic from all other CPUs.

Work around this issue by forcing all tx packets to go through one CPU,
until this issue is fixed properly.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-11 14:56:57 +01:00
Toke Høiland-Jørgensen
8aa9f6bd71 mvebu: Add BQL patch for mvneta driver.
This adds the patch submitted to upstream that adds BQL to the mvneta
driver: https://patchwork.kernel.org/patch/9328413/. Helps latency under
load when the physical link is saturated.

Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
2016-11-21 11:24:12 +01:00
Mathias Kresin
5640986001 mvebu: revert remove of mvsw61xx device tree nodes
The marvell,88e6352 and marvell,88e6172 compatible strings are used in
target/linux/generic/files/drivers/net/phy/mvsw61xx.c. No idea why grep
missed them when I searched for them.

Thanks to Syrone Wong for noticing and reporting my mistake.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-11-13 09:03:52 +01:00
Mathias Kresin
de40d45363 treewide: dts: fix dtc compiler warnings
Fixes invalid device tree parameters.

Drop the mvsw61xx node used in mvebu device tree source files. It looks
like some kind of ethernet switch cargo cult. Neither the
marvell,88e6352 nor the marvell,88e6172 compatible strings can be found
in any LEDE file or in the kernel sources.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-11-12 21:04:15 +01:00
Stijn Segers
2f2ea7b44c kernel: update kernel 4.4 to version 4.4.30
This patch bumps the 4.4 kernel from .28 to .30 and refreshes the patches.
Compile-tested on ar71xx, x86/64, ramips/mt7621, brcm47xx and kirkwood.

Run-tested on ar71xx & ramips/mt7621, brcm47xx and kirkwood (last two confirmed
by P. Wassi).

Signed-off-by: Stijn Segers <francesco.borromini@inventati.org>
2016-11-02 10:25:44 +01:00
Imre Kaloz
3764caa934 mvebu: add support for the Linksys WRT3200ACM (Rango)
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2016-10-24 08:45:06 +02:00
Álvaro Fernández Rojas
7d559169c5 kernel: update to v4.4.23
Refresh patches for all targets that support kernel 4.4.
compile/run-tested on brcm2708/bcm2710 only.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2016-09-30 20:08:21 +02:00
Jonas Gorski
4aa5d3e60d mvebu: add support for SFP
Add patches for SFP support and package it for ClearFog. Tested with a
Juniper SFP module.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Acked-by: Felix Fietkau <nbd@nbd.name>
2016-09-29 13:47:18 +02:00
Jonas Gorski
c359d7e81b mvebu: add switch node to clearfog
Add a switch node to clearfog to probe and initialize it on Clearfog
Pro. This make the switch work and allows using all six switch ports.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Acked-by: Felix Fietkau <nbd@nbd.name>
2016-09-26 13:04:47 +02:00
Jonas Gorski
f2102b484b mvebu: replace ClearFog dts files with patches from upstream
Make the dts file match with what is upstream, to ensure it has the
latest changes and switching to newer kernels is easier.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Acked-by: Felix Fietkau <nbd@nbd.name>
2016-09-26 13:03:51 +02:00
Álvaro Fernández Rojas
d14c28fc80 kernel: update kernel 4.4 to version 4.4.20
Refresh patches for all targets that support kernel 4.4.
Compile-tested on brcm2708 only.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2016-09-15 08:10:55 +02:00
Stijn Tintel
8072264b96 kernel: update kernel 4.4 to version 4.4.19
Refresh patches for all targets that support kernel 4.4.
Compile-tested on all targets that use kernel 4.4 and aren't marked broken.
Runtime-tested on ar71xx, octeon and x86/64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2016-08-23 10:51:17 +03:00
Felix Fietkau
ba1aa4e33b mvebu: fix NAND flash issues (FS#67)
Remove the previous PIO delay patch and add a revert patch for a faulty
upstream commit, which seems to have introduced this issue in the first
place

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-07-31 20:31:45 +02:00
Álvaro Fernández Rojas
0aa6c7df60 kernel: update kernel 4.4 to version 4.4.13
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2016-06-12 15:51:54 +02:00
Felix Fietkau
13ea815b6c mvebu: add a patch to deal with excessive latencies/delays during flash PIO command processing
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-06-10 10:47:40 +02:00
Felix Fietkau
df98acc6a1 mvebu: backport upstream ethernet driver improvements and enable buffer manager support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-22 16:04:37 +02:00
Felix Fietkau
848cacb21d mvebu: fix device I/O coherency issues
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-22 12:34:06 +02:00
Felix Fietkau
a080b10331 mvebu: correct patch name of the crypto sram fix
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-21 22:32:30 +02:00
Felix Fietkau
629636dd25 mvebu: fix bus ranges for the crypto processor sram
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-21 22:06:46 +02:00
Felix Fietkau
a5a3b59bf5 mvebu: add some more flash driver fixes
Disable marvell,nand-keep-config property on WRT1900AC to allow the
flash driver to properly probe the chip

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-21 18:08:29 +02:00
Felix Fietkau
008579f2ff mvebu: rename recently added flash driver fix
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-21 18:08:29 +02:00
Felix Fietkau
f0dd81043c mvebu: prevent crash in the flash driver in case of a spurious interrupt
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-21 15:16:38 +02:00
Felix Fietkau
566343246f mvebu: backport an upstream NAND flash driver fix
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-05-21 15:16:38 +02:00
Luka Perkov
4d966e4dde mvebu: add SolidRun ClearFog A1 support
Signed-off-by: Andrej Vlasic <andrej.vlasic@sartura.hr>

SVN-Revision: 48736
2016-02-17 17:49:26 +00:00
Hauke Mehrtens
ba3a749f9b kernel: refresh patches for kernel 4.4
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

SVN-Revision: 48222
2016-01-12 20:50:41 +00:00
Imre Kaloz
5705d058eb generic/4.4: bump to -rc5
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>

SVN-Revision: 47894
2015-12-15 11:20:38 +00:00
Imre Kaloz
73f774c960 mvebu: update and fixup 4.4 patches
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>

SVN-Revision: 47832
2015-12-10 20:53:02 +00:00
Imre Kaloz
5ebd542e37 mvebu: add support for 4.4-rc
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>

SVN-Revision: 47819
2015-12-10 12:11:39 +00:00