Locally generated packets weren't forwarded to the isolated interfaces in a
bridge. Isolation should only prevent the flooding of incomming packets to
other interfaces in the bridge.
Signed-off-by: Daniel Danzberger <daniel@dd-wrt.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
When CGROUPS is enabled the new option CONFIG_CGROUP_NET_CLASSID is
selectable and not handled.
Add this option to the 4.9 kernel configuration.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
This replaces the current patches used to make the kernel headers
compatible with musl with the version which was accepted upstream. This
is included in upstream kernel 4.15.
This was compile tested with iproute2 build on all supported kernel
versions with musl and one one with glibc.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
nftables 0.8.1 generates some new commands which will not work without
this on big endian systems. This patch is included in Linux 4.11 and
later.
My rule matching a TCP port was not working:
nft add rule ip foo bar ct state new tcp dport 22 accept
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The KEXEC_FILE symbol exists for X86 since kernel 3.17, and since 4.10
for PPC64. Add it to x86/config-4.9 and to generic/config-4.14.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Several new DRM symbols that were introduced after 4.9 are missing in
the generic config for 4.14, so add them.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
While working on a new target (meson), the kernel build failed due to
missing DRM_DEBUG_MM_SELFTEST symbol. This can potentially happen on all
targets that enable DRM drivers in the kernel config or via kmod
packages, so add it to the generic config and remove it from x86
subtarget configs, together with DRM_DEBUG_MM.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Add a bunch of missing configuration symbols found while building
armvirt for 4.14 after re-synchronization of the configuration between
4.9 and 4.14.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
This backports upstream support for "compatible" DT property set for the
"partitions" subnode of flash node. It allows specifying how partitions
should be created/parsed. Right now only "fixed-partitions" is
supported.
It should eventually replace our downstream "linux,part-probe" solution.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Multicast routing support is not needed in most setups, and increases the
size of the kernel considerably (>10K after LZMA). Add a config switch to
allow disabling it.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
The underlying issue breaking Spansion flash has been fixed with "mtd: spi-nor:
wait until lock/unlock operations are ready" and "mtd: spi-nor: wait for SR_WIP
to clear on initial unlock", so we can support unlocking for Winbond flash
again.
This is necessary to have writable flash on certain UBNT devices with some
bootloader versions.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Rename unwinder config symbols to match upstream changes.
Refresh patches.
Update patch that no longer applies: 202-reduce_module_size.patch
Also enable CONFIG_PAGE_TABLE_ISOLATION. This feature was backported
from 4.15 to the 4.14 stable series. It is enabled by default, so enable
it in OpenWrt as well.
Compile-tested on x86/64.
Runtime-tested on x86/64.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
While bumping 4.14, the kernel build failed due to missing CONFIG_KASAN
symbol. Move it to generic config instead of defining it for all arm64
and x86/64 targets.
It was only added in 4.0, so not needed in config-3.18.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Remove a stray -Wp left in host_c_flags causing build failures for newer
4.14 versions.
Reported-by: Michael Marley <michael@michaelmarley.com>
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
A few UBI messages lacks the trailing newline character which
leads to ugly lines in the bootlog like this:
[ 6.649159] UBI error: no valid UBI magic found inside mtd6[ 6.667751] Freeing unused kernel memory: 2196K
Add a newline character to the end of the messages to fix it.
After the fix the line from above looks better in the log:
[ 6.609182] UBI error: no valid UBI magic found inside mtd6
[ 6.627599] Freeing unused kernel memory: 2132K
Signed-off-by: Gabor Juhos <juhosg@freemail.hu>
A few UBI messages lacks the trailing newline character which
leads to ugly lines in the bootlog like this:
[ 6.649159] UBI error: no valid UBI magic found inside mtd6[ 6.667751] Freeing unused kernel memory: 2196K
Add a newline character to the end of the messages to fix it.
After the fix the line from above looks better in the log:
[ 6.609182] UBI error: no valid UBI magic found inside mtd6
[ 6.627599] Freeing unused kernel memory: 2132K
Signed-off-by: Gabor Juhos <juhosg@freemail.hu>
A few UBI messages lacks the trailing newline character which
leads to ugly lines in the bootlog like this:
[ 6.649159] UBI error: no valid UBI magic found inside mtd6[ 6.667751] Freeing unused kernel memory: 2196K
Add a newline character to the end of the messages to fix it.
After the fix the line from above looks better in the log:
[ 6.609182] UBI error: no valid UBI magic found inside mtd6
[ 6.627599] Freeing unused kernel memory: 2132K
Signed-off-by: Gabor Juhos <juhosg@freemail.hu>
In kernel 4.14 kmod-bluetooth depends on kmod-crypto-ecdh, add
kmod-crypto-ecdh to LEDE.
Both packages also depend on the kmod-crypto-kpp package. To build this
we have to fix the dependency of CRYPTO_ECDH which has a typo.
This patch is already accepted upstream.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This adds initial support for kernel 4.14 based on the patches for
kernel 4.9.
In the configuration I deactivated some of the new possible security
features like:
CONFIG_REFCOUNT_FULL
CONFIG_SLAB_FREELIST_HARDENED
CONFIG_SOFTLOCKUP_DETECTOR
CONFIG_WARN_ALL_UNSEEDED_RANDOM
And these overlay FS options are also deactivated:
CONFIG_OVERLAY_FS_INDEX
CONFIG_OVERLAY_FS_REDIRECT_DIR
I activated this:
CONFIG_FORTIFY_SOURCE
CONFIG_POSIX_TIMERS
CONFIG_SLAB_MERGE_DEFAULT
CONFIG_WATCHDOG_HANDLE_BOOT_ENABLED
I am not sure if I did the porting correct for the following patches:
target/linux/generic/backport-4.14/020-backport_netfilter_rtcache.patch
target/linux/generic/hack-4.14/220-gc_sections.patch
target/linux/generic/hack-4.14/321-powerpc_crtsavres_prereq.patch
target/linux/generic/pending-4.14/305-mips_module_reloc.patch
target/linux/generic/pending-4.14/611-netfilter_match_bypass_default_table.patch
target/linux/generic/pending-4.14/680-NET-skip-GRO-for-foreign-MAC-addresses.patch
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
These are taken from the x86 target and should make support kernel 4.9
and 4.14 in the x86 target easier.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
When mtdsplit_minor.c is compiled under Linux 4.4, the compiler
drops the following warning:
CC drivers/mtd/mtdsplit/mtdsplit_minor.o
drivers/mtd/mtdsplit/mtdsplit_minor.c:106:14: warning: initialization from incompatible pointer type [-Wincompatible-pointer-types]
.parse_fn = mtdsplit_parse_minor,
^
drivers/mtd/mtdsplit/mtdsplit_minor.c:106:14: note: (near initialization for 'mtdsplit_minor_parser.parse_fn')
The second parameter of the parser function must not have a 'const'
qualifier in 4.4. The 001-mtdsplit_backport.patch removes the qualifier
from other partition parsers. Update it to handle mtdsplit_minor.c as
well.
Signed-off-by: Gabor Juhos <juhosg@freemail.hu>
Currently local TCP performance on wifi devices can be limited because
the TSQ (TCP Small Queues) code is tuned for wired ethernet latencies.
With this patch drivers can increase the amount of local buffering to
allow TCP to trigger larger aggregation sizes
This commit is modified from the upstream version to allow #ifdef based
backport feature detection
Signed-off-by: Felix Fietkau <nbd@nbd.name>
The splitter ignored the rootfs offset from the header, probably
because until c1e6e61 it was invalid.
This patch fixes the splitter to use the now correct header data.
Regarding target/linux/ar71xx/files/drivers/mtd/tplinkpart.c,
this particular splitter "falls back" to the correct rootfs offset
reading and as such it doesn't need to be updated, although it will
report a kernel partition length that can be larger than the actual
length as it assumes that partition fills the entire segment up to
the rootfs partition.
Tested-by: Mathias Kresin <dev@kresin.me>
Tested-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
Tested-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Tested-by: Henryk Heisig <hyniu@o2.pl>
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
Some targets need 4K sectors for small flash chips (e.g. some
routerboards, where the entire chip is just one "erase block"), whereas
on other devices 4K sectors lead to horrible flash erase/write
performance.
Set the default limit in the generic kernel configuration to 4 MiB to
ensure that all new platforms don't use 4K sectors for bigger flash
chips. On all existing targets use 16 MiB for now to avoid regressions.
They will be changed individually in follow-up commits.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Without this, posix_[fm]advise does not work. This causes issues with
btrfs-progs, which uses fadvise to drop caches.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Patch 610-netfilter_match_bypass_default_check added an extra flag IPT_F_NO_DEF_MATCH
which is copied to user space in function copy_entries_to_user. The 32bit compat
layer function was missing the same logic to copy the flag IPT_F_NO_DEF_MATCH to
user space for a 64bit kernel and 32 bit user space.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Thierry Dutre <thierry.dutre@dtsystems.be>
Patch 610-netfilter_match_bypass_default_check added an extra flag IPT_F_NO_DEF_MATCH
which is copied to user space in function copy_entries_to_user. The 32bit compat
layer function was missing the same logic to copy the flag IPT_F_NO_DEF_MATCH to
user space for a 64bit kernel and 32 bit user space.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Thierry Dutre <thierry.dutre@dtsystems.be>
Patch 610-netfilter_match_bypass_default_check added an extra flag IPT_F_NO_DEF_MATCH
which is copied to user space in function copy_entries_to_user. The 32bit compat
layer function was missing the same logic to copy the flag IPT_F_NO_DEF_MATCH to
user space for a 64bit kernel and 32 bit user space.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Thierry Dutre <thierry.dutre@dtsystems.be>
When the kmod-at91-adc package is activated for the at91 target the new
option CONFIG_AT91_SAMA5D2_ADC is selectable and not handled. Add this
option to the kernel 4.9 configuration.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
When porting the kernel patches from 4.4 to 4.9, they were missing a
small chunk that ensures that ftrace sections are kept in the vmlinux
image, even when linked with --gc-sections
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This adds support for kernel 4.9 and replaces the kernel 4.4 support.
These are lynxis test results:
panda-board a3 - works, but no network, but master/4.4 doesn't have network either.
panda-board-a4 - u-boot SPL refuse to boot.
beaglebone-black - works
beagle-board - usb attached network doesn't come up and I doesn't have a serial around.
beagle-board-xm - ToDo: image code is missing.
Kernel 4.4 does not look better, so we merge this anyway.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Alexander Couzens <lynxis@fe80.eu>
This PHY requires some extra programming to work reliably with all
devices. Backport upstream fix for it.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Backport upstream commit that improves ethernet performance by a
small amount.
Compile and run tested on ipq8065.
Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
These options are deactivating some kernel modules for IP blocks not
uses on this SoC. I saw the same when working with the ARM64 Marvell
board so it is better to move them to generic.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Under heavy load it's possible to overrun the 82574L. When this
happens, Other Interrupt happens and that's erroneously interpreted
as a Link Status Change.
http://patchwork.ozlabs.org/patch/792260/
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
check if the config option CONFIG_LANTIQ is defined.
This fixes the following warning:
CC [M] drivers/misc/owl-loader.o
drivers/misc/owl-loader.c: In function 'ath9k_pci_fixup':
drivers/misc/owl-loader.c:92:5: warning: "CONFIG_LANTIQ" is not defined [-Wundef]
#if CONFIG_LANTIQ
^
Fixes: e9401a2335 ("kernel: owl-loader for delayed Atheros ath9k fixup")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
x86_64 platforms typically don't lack memory, so don't needlessly
economize memory if fq_codel on capable platforms.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
[Add a comment to the patch]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Refresh patches.
Compile-tested on octeon and x86/64.
Runtime-tested on octeon and x86/64.
Fixes the following CVEs:
- CVE-2017-14106
- CVE-2017-14497
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Delete a bunch of fixes that are already included.
Refresh patches.
Compile-tested on malta/mipsel
Runtime-tested on malta/mipsel
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
4.4.80+ contains 71a165f6397df07a06ce643de5c2dbae29bd3cfb, 4.9.41+ contains
6c78197e4a69c19e61dfe904fdc661b2aee8ec20 which are all backports of upstream
commit 0878fff1f42c18e448ab5b8b4f6a3eb32365b5b6 ("net: phy: Do not perform
software reset for Generic PHY").
Our local patch is no longer needed, all this patch was doing was utilizing
gen10g_soft_reset which does nothing either, so just keep the code unchanged.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
The implementation is not efficient on ar8xxx switches. It triggers high
CPU load and degrades device performance.
The high CPU load has been traced down to the ar8xxx_reg_wait() call in
ar8xxx_mib_op(), which has to usleep_range() till the MIB busy flag set
by the request to update the MIB counter is cleared.
This commit removes the get_port_stats() code introduced in 4d8a66d and
leaves a note for future hacker's beware.
Fixes: FS#1004
Signed-off-by: Thibaut VARENE <hacks@slashdirt.org>
Refresh patches.
Compile-tested on octeon and x86/64.
Runtime-tested on octeon and x86/64.
Fixes CVE-2017-11600.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
In case the link changes from down to up, the register is only updated
on read. If the link failed/was down, this bit will be 0 until after
reading this bit again.
Fixes a reported link down by swconfig alebit the link is up (query for
the link again will show the correct link status)
Signed-off-by: Mathias Kresin <dev@kresin.me>
Refresh patches.
Compile-tested on ramips/mt7621 and x86/64.
Runtime-tested on ramips/mt7621 and x86/64.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
This generic structure defines tx_bytes and rx_bytes as unsigned long (u32),
while several devices would typically report unsigned long long (u64).
The code can work as is, but there's a chance that with a sufficiently fast
interface the overflow might happen too fast to be correctly noticed by the
consumers of this data.
This patch makes both field unsigned long long and updates the only known
consumer of this data: swconfig_leds.c
Signed-off-by: Thibaut VARENE <hacks@slashdirt.org>
This patch provides a generic switch_dev_ops 'get_port_stats()' callback by
taping into the relevant port MIB counters.
This callback is used by swconfig_leds led trigger to blink LEDs with port
network traffic.
Signed-off-by: Thibaut VARENE <hacks@slashdirt.org>
This patch provides a generic switch_dev_ops 'get_port_stats()' callback by
taping into the relevant port MIB counters.
This callback is used by swconfig_leds led trigger to blink LEDs with port
network traffic.
Signed-off-by: Thibaut VARENE <hacks@slashdirt.org>
This patch provides a generic switch_dev_ops 'get_port_stats()' callback by
taping into the relevant port MIB counters.
This callback is used by swconfig_leds led trigger to blink LEDs with port
network traffic.
Signed-off-by: Thibaut VARENE <hacks@slashdirt.org>
This patch provides a generic switch_dev_ops 'get_port_stats()' callback by
taping into the relevant port MIB counters.
The implementation uses a generic callback that select the correct MIB counter
index based on chip version.
This callback is used by swconfig_leds led trigger to blink LEDs with port
network traffic.
Signed-off-by: Thibaut VARENE <hacks@slashdirt.org>
Refresh patches.
Adapt 704-phy-no-genphy-soft-reset.patch.
Remove brcm2708/950-0005-mm-Remove-the-PFN-busy-warning.patch.
Compile-tested on brcm2708/bcm2708 and x86/64.
Runtime-tested on brcm2708/bcm2708 and x86/64.
Fixes the following vulnerabilities:
- CVE-2017-7533
- CVE-2017-1000111
- CVE-2017-1000112
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
- Refreshed all patches
- Removed upstreamed
- Adapted 4 patches:
473-fix-marvell-phy-initialization-issues.patch
-----------------------------------------------
Removed hunk 5 which got upstreamed
403-net-phy-avoid-setting-unsupported-EEE-advertisments.patch
404-net-phy-restart-phy-autonegotiation-after-EEE-advert.patch
--------------------------------------------------------------
Adapted these 2 RFC patches, merging the delta's from an upstream commit
(see below) which made it before these 2.
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-
stable.git/commit/?h=v4.9.36&id=97ace183074d306942b903a148aebd5d061758f0
180-usb-xhci-add-support-for-performing-fake-doorbell.patch
-----------------------------------------------------------
- Moved fake_doorbell bitmask due to new item
Compile tested on: cns3xxx, imx6
Run tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Add patches-4.9, some of them (heavily) rewritten:
- ea4500 is upstream available, keep only LEDE changes in dts
- ea3500 is changed to match the structure of the upstream ea4500 dts
- nsa310s rewritten to include the common dtsi
- nsa325 is dropped, since already upstream
Signed-off-by: Paul Wassi <p.wassi@gmx.at>
Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
[refresh kernel config, add on100, use the switchdev based mv88e6171
driver for the linksys boards, keep lede specific rootfs/kernel
partition names for linksys boards, reorder patches]
Signed-off-by: Mathias Kresin <dev@kresin.me>
On the Linksys WRT54GSv1, the adm6996 switch driver and the
gpio_button_hotplug module both claim GPIO 6, which is connected to the
Reset button. When the switch driver's request wins, the Reset button
cannot work. This makes it impossible to enter failsafe mode without a
serial console.
Stop requesting the "adm_rc" GPIO in the switch driver, since it is not
used anywhere.
Fixes FS#792.
Signed-off-by: Mirko Parthey <mirko.parthey@web.de>
In preparation for bumping mxs target to 4.9, disable a bunch of configuration
symbols that provoked config prompts.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
- Refreshed all patches
- Adapted 1 (0031-mtd-add-SMEM-parser-for-QCOM-platforms.patch)
Compile tested on: brcm2708, cns3xxx, imx6
Run tested on: brcm2708, cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
[Compile and run tested on brcm2708]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
The driver is used for boards outside the lantiq target as well. Move
it to generic to make it available for more targets.
The phy driver is included in kernel 4.8 as INTEL_XWAY_PHY.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Except for renames and line changes the only conflict was in
allocate_partition in handling MTD_WRITEABLE. Hopefully it was handled
correctly.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
This mtd_roundup_to_eb helper was introduced years ago in the commit
daec7ad768 ("kernel/3.10: add separate rootfs partition parser") and
it was probably supposed to simplify code a bit.
With the recent upstream commit 1eeef2d7483a7 ("mtd: handle partitioning
on devices with 0 erasesize") the logic in allocate_partition got
slightly more complex and we can't use this simple helper anymore as it
doesn't support MTD_NO_ERASE properly.
There also isn't any real gain from this helper, so it's probably easier
to just don't use it *or* work on upstreaming it to avoid maintenance
cost.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Fixes the following security vulnerabilities:
CVE-2017-8890
The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the
Linux kernel through 4.10.15 allows attackers to cause a denial of service
(double free) or possibly have unspecified other impact by leveraging use
of the accept system call.
CVE-2017-9074
The IPv6 fragmentation implementation in the Linux kernel through 4.11.1
does not consider that the nexthdr field may be associated with an invalid
option, which allows local users to cause a denial of service (out-of-bounds
read and BUG) or possibly have unspecified other impact via crafted socket
and send system calls.
CVE-2017-9075
The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.
CVE-2017-9076
The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux
kernel through 4.11.1 mishandles inheritance, which allows local users to
cause a denial of service or possibly have unspecified other impact via
crafted system calls, a related issue to CVE-2017-8890.
CVE-2017-9077
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.
CVE-2017-9242
The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel
through 4.11.3 is too late in checking whether an overwrite of an skb data
structure may occur, which allows local users to cause a denial of service
(system crash) via crafted system calls.
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8890
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9074
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9075
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9076
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9077
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9242
Ref: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.31
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Fixes the following security vulnerabilities:
CVE-2017-8890
The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the
Linux kernel through 4.10.15 allows attackers to cause a denial of service
(double free) or possibly have unspecified other impact by leveraging use
of the accept system call.
CVE-2017-9074
The IPv6 fragmentation implementation in the Linux kernel through 4.11.1
does not consider that the nexthdr field may be associated with an invalid
option, which allows local users to cause a denial of service (out-of-bounds
read and BUG) or possibly have unspecified other impact via crafted socket
and send system calls.
CVE-2017-9075
The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.
CVE-2017-9076
The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux
kernel through 4.11.1 mishandles inheritance, which allows local users to
cause a denial of service or possibly have unspecified other impact via
crafted system calls, a related issue to CVE-2017-8890.
CVE-2017-9077
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.
CVE-2017-9242
The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel
through 4.11.3 is too late in checking whether an overwrite of an skb data
structure may occur, which allows local users to cause a denial of service
(system crash) via crafted system calls.
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8890
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9074
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9075
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9076
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9077
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9242
Ref: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.71
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
CONFIG_SG_POOL symbol is selected only by CONFIG_SCSI, since the last
one is disabled by default then disable CONFIG_SG_POOL by default too.
And explicitly enable it only for platforms that use CONFIG_SCSI.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
PHY core treats any positive return value as the auto-negotiation done
indication. Since we do not actually check any device register in this
callback then update it to return positive value with a neutral meaning
instead of the register flag to avoid confusing for future readers.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
The Marvel 88E6060 switch has an MDIO interface, but does not emulate
regular PHY behavior for the host. The network core can not detect using
the generic code, whether the connection via the attached PHY can be
used or not. The PHY's state machine is stuck in a state of
auto-negotiation and does not go any further so the Ethernet interface
of the router stay forever in the not-runing state.
Fix this issue by implementing the aneg_done callback to be able to
inform the network core that the Ethernet interface link to which the
switch is connected can be marked as RUNNING.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
Refresh patches. A number of patches have landed upstream & hence are no
longer required locally:
062-[1-6]-MIPS-* series
042-0004-mtd-bcm47xxpart-fix-parsing-first-block
Reintroduced lantiq/patches-4.4/0050-MIPS-Lantiq-Fix-cascaded-IRQ-setup
as it was incorrectly included upstream thus dropped from LEDE.
As it has now been reverted upstream it needs to be included again for
LEDE.
Run tested ar71xx Archer C7 v2 and lantiq.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
[update from 4.4.68 to 4.4.69]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
DWC3 driver uses of_usb_get_phy_mode() which is
implemented in drivers/usb/phy/of.c and in bare minimal
configuration it might not be pulled in kernel binary.
In case of ARC or ARM this could be easily reproduced with
"allnodefconfig" +CONFIG_USB=m +CONFIG_USB_DWC3=m.
On building all ends-up with:
---------------------->8------------------
Kernel: arch/arm/boot/Image is ready
Kernel: arch/arm/boot/zImage is ready
Building modules, stage 2.
MODPOST 5 modules
ERROR: "of_usb_get_phy_mode" [drivers/usb/dwc3/dwc3.ko] undefined!
make[1]: *** [__modpost] Error 1
make: *** [modules] Error 2
---------------------->8------------------
This was affecting Lede in case of CONFIG_ALL_KMODS=y.
The patch is already scheduled for v4.12 and once it is backported to
4.9.y it must be removed from here.
Note this patch makes sense not only for ARC instead it fixes
a generic issue which may affect more arches and platforms thus
putting it in "generic/" folder.
Signed-off-by: Alexey Brodkin <Alexey.Brodkin@synopsys.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [patch rename]
Allow per-device initvals in the DTS file for rlt8366rb
switches.
Shamelessly copies 30494598f8
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
We need to ensure there is enough headroom to push extra header,
but we also need to check if we are allowed to change headers.
skb_cow_head() is the proper helper to deal with this.
Fixes Ethernet<->WiFi bridge for Raspberry Pi and probably other devices.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Use the stateless 4-byte op codes for this flash chip to fix reboot
hangs on SoCs expecting the flash chip in 3-byte mode.
Fixes: FS#179
Signed-off-by: Mathias Kresin <dev@kresin.me>
In preparation for bumping arm64 to 4.9, add a bunch of configuration
symbols that are available under arm64.
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Fix the list order instead of adjusting the controller scan order.
Revert the former required changes to the lantiq PCIe driver.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Keeping it in base-files was resulting in adding it to the base-files
package. This file is meant to be included manually for initramfs
images only.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
RGMII RX delay setting needs to be always specified for AR8337 to
avoid port 5 RX hang on high traffic / flood conditions.
Also, the HOL registers that set per-port and per-packet-priority
buffer sizes are updated with the reduced values suggested by the
QCA switch team.
Finally, AR8327 reserved register fixups are disabled for the AR8337.
This patch is adapted from the Code Aurora QSDK, but with magic
values mapped to proper defines.
Signed-off-by: Vittorio Gambaletta <openwrt@vittgam.net>
Deactivate all the ARM64 erratums by default. The target code should
activate them if needed. This fixes a problem with a new erratum added
in kernel 4.9.17 breaking brcm2708.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Upstream commit 23dac14d058f ("MIPS: PCI: Use struct list_head lists")
changed the controller list from reverse to straight order without
taking care of the changed order for the scan of the recorded PCI
controllers.
Traverse the list in reverse order to restore the former behaviour.
This patches fixes the following PCI error on lantiq:
pci 0000:01:00.0: BAR 0: error updating (0x1c000004 != 0x000000)
Signed-off-by: Mathias Kresin <dev@kresin.me>
This adds support for describing GPIO chips placed on PCIe cards. Thanks
to this we get working 2.4 GHz LED on Tenda AC9.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
This is the standard way we handle this. Please note (it seems) I could
drop few symbols as they are hidden under (disabled) DRM_LEGACY now.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
It is not needed for anything on the system and skipping this saves some
build time, especially in cases where there is nothing to do.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
The problem is caused by the incorrect handling of the parent inode's
i_nlink count for the dentry to be RENAME_EXCHANGED. There are 3 cases
to consider. Assume we want to RENAME_EXCHANGE struct dentry *a and
struct dentry *b, and inode_a is pointed to by dentry_a, inode_b is
pointed to by dentry_b:
1. If inode_a is a directory, but inode_b isn't, then we must decrease
the i_nlink count of old_dir_i, and increase the i_nlink of new_dir_i.
2. If inode_a isn't a directory, but inode_b is a directory, then we
must increase the i_nlink of old_dir_i, and decrease the i_nlink count
of new_dir_i.
3. If the types of inode_a and inode_b are the same, we don't change the
i_nlink for either old_dir_i or new_dir_i.
Signed-off-by: Jing Qiu <aqiu0720@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>