Commit graph

328 commits

Author SHA1 Message Date
Kevin Darbyshire-Bryant
364befeccf kernel: update 4.4 to 4.4.83
Refresh patches.
Minor update 704-phy-no-genphy-soft-reset.patch which was partially
accepted upstream.
Compile-tested on ar71xx.
Runtime-tested on ar71xx.

Fixes the following vulnerabilities:
- CVE-2017-7533 (4.4.80)
- CVE-2017-1000111 (4.4.82)
- CVE-2017-1000112 (4.4.82)

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
[cleanup commit message, add compile/runtime tested]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-08-17 14:31:45 +02:00
Stijn Tintel
2d02a4f5bd kernel: update 4.9 to 4.9.44
Refresh patches.
Adapt 704-phy-no-genphy-soft-reset.patch.
Remove brcm2708/950-0005-mm-Remove-the-PFN-busy-warning.patch.
Compile-tested on brcm2708/bcm2708 and x86/64.
Runtime-tested on brcm2708/bcm2708 and x86/64.

Fixes the following vulnerabilities:
- CVE-2017-7533
- CVE-2017-1000111
- CVE-2017-1000112

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-08-17 12:34:34 +02:00
Hauke Mehrtens
39e8ab17d5 kernel: update kernel 4.4 to version 4.4.79
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-07-28 22:46:26 +02:00
Mathias Kresin
e0b9ec8e96 treewide: drop target board_name functions
They are not used any longer.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-07-15 23:13:34 +02:00
Mathias Kresin
f12a32630f treewide: use the generic board_name function
Use the generic function instead ot the target specific ones.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-07-15 23:13:34 +02:00
Mathias Kresin
78cf5eed6e treewide: do board detection during preinit
Do the board detection during preinit to unify it across all targets.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-07-15 23:13:34 +02:00
Koen Vandeputte
cd54b2d42b kernel: update kernel 4.9 to 4.9.37
- Refreshed all patches
- Removed upstreamed
- Adapted 4 patches:

473-fix-marvell-phy-initialization-issues.patch
-----------------------------------------------
Removed hunk 5 which got upstreamed

403-net-phy-avoid-setting-unsupported-EEE-advertisments.patch
404-net-phy-restart-phy-autonegotiation-after-EEE-advert.patch
--------------------------------------------------------------
Adapted these 2 RFC patches, merging the delta's from an upstream commit
(see below) which made it before these 2.

https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-
stable.git/commit/?h=v4.9.36&id=97ace183074d306942b903a148aebd5d061758f0

180-usb-xhci-add-support-for-performing-fake-doorbell.patch
-----------------------------------------------------------
- Moved fake_doorbell bitmask due to new item

Compile tested on: cns3xxx, imx6
Run tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2017-07-15 00:13:05 +02:00
Matthias Schiffer
438dcbfe74
base-files: automatically handle paths and symlinks for RAMFS_COPY_BIN
Depending on busybox applet selection, paths of basic utiilties may differ,
and may not work as symlinks to busybox. Simply using whatever binary is
found in PATH and detecting symlinks automatically is more robust and
easier to maintain.

The list of binaries is also slightly cleaned up and duplicates are
removed.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-07-11 17:26:32 +02:00
Stijn Tintel
880f73c327 kernel: cleanup CONFIG_SCHED_HRTICK
Remove CONFIG_SCHED_HRTICK from target configs, as it was added to the
generic config in b47fd76563.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-06-29 04:46:59 +02:00
Stijn Tintel
f80963d4d1 kernel: update kernel 4.4 to 4.4.74
Refresh patches.
Compile-tested on ar71xx.
Runtime-tested on ar71xx.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-06-27 07:42:50 +02:00
Koen Vandeputte
69649a1b45 kernel: update kernel 4.9 to 4.9.34
- Refreshed all patches
- Adapted 1 (0031-mtd-add-SMEM-parser-for-QCOM-platforms.patch)

Compile tested on: brcm2708, cns3xxx, imx6
Run tested on: brcm2708, cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
[Compile and run tested on brcm2708]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-06-27 07:21:03 +02:00
Jo-Philipp Wich
55623a9c83 kernel: update kernel 4.9 to 4.9.31
Fixes the following security vulnerabilities:

CVE-2017-8890
The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the
Linux kernel through 4.10.15 allows attackers to cause a denial of service
(double free) or possibly have unspecified other impact by leveraging use
of the accept system call.

CVE-2017-9074
The IPv6 fragmentation implementation in the Linux kernel through 4.11.1
does not consider that the nexthdr field may be associated with an invalid
option, which allows local users to cause a denial of service (out-of-bounds
read and BUG) or possibly have unspecified other impact via crafted socket
and send system calls.

CVE-2017-9075
The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.

CVE-2017-9076
The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux
kernel through 4.11.1 mishandles inheritance, which allows local users to
cause a denial of service or possibly have unspecified other impact via
crafted system calls, a related issue to CVE-2017-8890.

CVE-2017-9077
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.

CVE-2017-9242
The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel
through 4.11.3 is too late in checking whether an overwrite of an skb data
structure may occur, which allows local users to cause a denial of service
(system crash) via crafted system calls.

Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8890
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9074
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9075
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9076
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9077
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9242
Ref: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.31

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-06-08 01:03:39 +02:00
Jo-Philipp Wich
f4a4f324cb kernel: update kernel 4.4 to 4.4.71
Fixes the following security vulnerabilities:

CVE-2017-8890
The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the
Linux kernel through 4.10.15 allows attackers to cause a denial of service
(double free) or possibly have unspecified other impact by leveraging use
of the accept system call.

CVE-2017-9074
The IPv6 fragmentation implementation in the Linux kernel through 4.11.1
does not consider that the nexthdr field may be associated with an invalid
option, which allows local users to cause a denial of service (out-of-bounds
read and BUG) or possibly have unspecified other impact via crafted socket
and send system calls.

CVE-2017-9075
The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.

CVE-2017-9076
The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux
kernel through 4.11.1 mishandles inheritance, which allows local users to
cause a denial of service or possibly have unspecified other impact via
crafted system calls, a related issue to CVE-2017-8890.

CVE-2017-9077
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.

CVE-2017-9242
The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel
through 4.11.3 is too late in checking whether an overwrite of an skb data
structure may occur, which allows local users to cause a denial of service
(system crash) via crafted system calls.

Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8890
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9074
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9075
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9076
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9077
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9242
Ref: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.71

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-06-07 21:40:42 +02:00
Sergey Ryazanov
68e7a2a0b7 kernel: disable CONFIG_SG_POOL by default
CONFIG_SG_POOL symbol is selected only by CONFIG_SCSI, since the last
one is disabled by default then disable CONFIG_SG_POOL by default too.
And explicitly enable it only for platforms that use CONFIG_SCSI.

Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
2017-06-07 18:31:10 +02:00
Daniel Engberg
22ac4bd555 mvebu: Add block device sd to default kernel config
Add block device sd to kernel config otherwise AHCI/eSATA devices won't get enumerated in /dev

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-06-02 12:02:21 +02:00
Matthias Schiffer
5654a03768
mvebu: fix sysupgrade
mvebu was modifying RAMFS_COPY_BIN and RAMFS_COPY_DATA from a
sysupgrade_pre_upgrade hook. As the ramfs is created from stage2, this
did not have an effect anymore after the staged sysupgrade changes.

As it doesn't really hurt to copy fw_printenv and fw_setenv
unconditionally, simply add them in /lib/upgrade/platform.sh, so stage2
will see them.

Config copying is moved to a function called by platform_copy_config, where
it belongs.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Fixes: FS#821
Fixes: 30f61a34b4 "base-files: always use staged sysupgrade"
2017-06-01 20:41:19 +02:00
Josua Mayer
d41a441bb6 mvebu: clearfog: assign SFP port to WAN zone
The single SFP port is meant for direct media access to WAN, such as
VDSL2, GPON). While it could also be used for in-home fiber, it is much
more likely that the LAN is standard ethernet, especially considering
that SFP is the onmly port that can go beyond 1Gbps.

Signed-off-by: Josua Mayer <josua.mayer97@gmail.com>
2017-05-30 14:00:31 +02:00
Josua Mayer
48cc065fe3 mvebu: clearfog: document interface configuration
Take explicit note of what physical ports eth{0,1,2} refer to.
Also repair port assignment:
At some point between 4.9.20 and 4.9.29 the numbering changed.
Keep previous port assignment that was:
LAN = SFP+Switch
WAN = standalone ethernet

Also use the same assignment for Clearfog-Base to avoid confusion.

Signed-off-by: Josua Mayer <josua.mayer97@gmail.com>
2017-05-30 14:00:30 +02:00
Josua Mayer
3f72f3a8b1 mvebu: clearfog: include DTB for all variants in image
Installing all armada-388-clearfog-* DTBs in the same sdcard image,
it now becomes much easier to swap sdcards between different device variants.

Signed-off-by: Josua Mayer <josua.mayer97@gmail.com>
2017-05-30 14:00:30 +02:00
Josua Mayer
88389bfe41 mvebu: update boot-script to use generic variables
U-Boot provides standard variables for load addresses, and
filesystem-agnostic load-commands. Furthermore thanks to distro-boot,
the device and partition from which the system boots is known.
The new boot-script makes use of all this information.

Tested on the only board that uses this boot-script: Clearfog Pro

Signed-off-by: Josua Mayer <josua.mayer97@gmail.com>
2017-05-30 14:00:30 +02:00
Koen Vandeputte
e842e16f45 kernel: update kernel 4.9 to 4.9.29
- Refresh all patches
- Removed upstreamed
- Adapted 1

Compile tested on: bcm53xx, cns3xxx, imx6, lantiq
Run tested on: cns3xxx & imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
[update from 4.9.28 to 4.9.29]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-05-21 21:51:22 +02:00
Marko Ratkaj
1c7b86d57e mvebu: ClearFog Base fix phy init
Fix Marvell PHYs initialization issues and optimize
logic for page changing during init

Signed-off-by: Marko Ratkaj <marko.ratkaj@sartura.hr>
2017-05-14 00:34:03 +02:00
Marko Ratkaj
ee1cee2cac mvebu: add ClearFog Base support
Add support for SolidRun ClearFog Base board.

The base model is a smaller version of ClearFog Pro without
the DSA switch, replacing it with a second copper gigabit
port, and only one PCIe socket.

Signed-off-by: Marko Ratkaj <marko.ratkaj@sartura.hr>
2017-05-14 00:34:03 +02:00
Marko Ratkaj
f564fcc6bf mvebu: add ClearFog Base device tree files
Add device tree files for Solidrun ClearFog Base board.
We also need to backport some improvements for Armada
388 MicroSoM.

The base model is a smaller version of ClearFog Pro without
the DSA switch, replacing it with a second copper gigabit
port, and only one PCIe socket.

Signed-off-by: Marko Ratkaj <marko.ratkaj@sartura.hr>
2017-05-14 00:34:03 +02:00
Marko Ratkaj
ec4a8c6dee mvebu: ClearFog renamed upstream to ClearFog Pro
The conventional model is now known as the "Clearfog Pro"

Signed-off-by: Marko Ratkaj <marko.ratkaj@sartura.hr>
2017-05-14 00:34:03 +02:00
Marko Ratkaj
efb49af1f9 mvebu: ClearFog DT file renamed upstream
The conventional model is now known as the "Clearfog Pro".
We keep the old armada-388-clearfog.dts file for compatibility reasons.

Signed-off-by: Marko Ratkaj <marko.ratkaj@sartura.hr>
2017-05-14 00:34:03 +02:00
Felix Fietkau
047695a029 Revert "mvebu: remove linux 4.4 support"
This reverts commit 51397d7d95.
There are some unresolved random crashes on WRT1900AC v1 that still need
to be sorted out

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-04-17 08:44:37 +02:00
Felix Fietkau
51397d7d95 mvebu: remove linux 4.4 support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-04-12 09:51:34 +02:00
Hauke Mehrtens
fb7ea71c15 kernel: update kernel 4.9 to 4.9.17
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-03-26 12:23:19 +02:00
Hauke Mehrtens
9a065fcfec kernel: update kernel 4.9 to 4.9.14
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-03-12 15:45:50 +01:00
Henryk Heisig
6674aa9798 mvebu: wrt3200acm enable SDIO interface
add mwifiex-sdio package to wrt3200acm

Signed-off-by: Henryk Heisig <hyniu@o2.pl>
2017-03-11 14:16:28 +01:00
Ansuel Smith
2261c9cc77 mvebu: add default sata trigger
Change dts file to add default sata trigger to sata led.

Backport upstream accepted patch to add sata trigger to device tree
source files already upstreamed.

Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
[backport upstream accepted patch]
Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-03-08 19:06:04 +01:00
Ansuel Smith
3d0bd15056 mvebu: enable disk led trigger
As we have a disk led we enable the disk trigger that work with the easata port

Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
2017-03-08 19:06:04 +01:00
Felix Fietkau
2bf9ea6a31 mvebu: add linux 4.9 support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2017-02-16 17:17:15 +01:00
Jonas Gorski
c0841b3c4e mvebu: append metadata to clearfog sd card images
Fixes the following issue:

root@LEDE:/# sysupgrade /tmp/lede-mvebu-armada-388-clearfog-sdcard.img.gz
Saving metaconfig...
Image metadata not found
Use sysupgrade -F to override this check when downgrading or flashing to vendor firmware
Image check 'fwtool_check_image' failed.
root@LEDE:/#

Acked-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2017-02-13 17:50:41 +01:00
Jo-Philipp Wich
ea269c37b8 ar71xx/ipq806x/mediatek/mvebu: fix network defaults
After "73d923e base-files: emit tagged switch configuration by default"
some default network configurations are broken because the lan and wan
ifnames are forcibly set to untagged netdevs.

Adjust the offending set_interfaces_lan_wan() calls to use the proper
tagged device names.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-02-07 09:32:28 +01:00
Mathias Kresin
726e45dfe9 mvebu: fix usb port leds
All mvebu boards have three USB LEDs. The first one is used for the
USB1 port.

There are two LEDs related to the second USB port. The top (bar) LED
gets bright in case any USB device is connected to the second USB port.

If the connected device is an USB 3 (SuperSpeed) device, the small dot
LED bellow the "bar" LED gets also bright.

While at it, use a name for the USB LEDs that matches the names printed
on the case.

Fixes: FS#423, FS#425

Signed-off-by: Kabuli Chana <newtownbuild@gmail.com>
Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-02-01 07:46:50 +01:00
Jo-Philipp Wich
237bd36135 mvebu: put u-boot images into image staging directory
Do not put the u-boot images into the kernel build directory as this directory
might get removed after kernel updates while the u-boot packages InstallDev
recipe is not getting re-executed because it is still considered current,
leading to image build failures later on due to missing u-boot images.

To ensure that built bootloader images persist over kernel version updates in
the buildroot, put them into the new STAGING_DIR_IMAGE directory.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-01-27 16:53:31 +01:00
Hans Geiblinger
a43c503ec4 mvebu: set fan_ctrl.sh only on mamba
Signed-off-by: Hans Geiblinger <cybrnook2002yahoo.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [cleanup]
2017-01-24 16:21:25 +01:00
Felix Fietkau
366c33962c uboot-mvebu: switch to u-boot.mk
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-24 16:21:24 +01:00
Paul Wassi
9641ceea0c mvebu: simplify etc/board.d/02_network
Unify switch configuration on Linksys WRTxx00AC series.
LAN = eth0, WAN = eth1

Signed-off-by: Paul Wassi <p.wassi@gmx.at>
[Álvaro]: also change WAN LEDs
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2017-01-13 17:12:40 +01:00
Álvaro Fernández Rojas
89ecfa7556 mvebu: several fixes for Linksys WRT3200ACM
- Fix WLAN LEDs definition.
- Fix USB pinctrl definition.
- Remove SDHCI definition.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2017-01-13 17:12:40 +01:00
Felix Fietkau
6f57e32f95 mvebu: remove the clearfog-bundle
It is obsoleted by proper SD card image support

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-13 16:59:28 +01:00
Felix Fietkau
2e1f6f1682 mvebu: work around an ethernet tx scheduling fairness issue
The hardware queue scheduling is apparently configured with fixed
priorities, which creates a nasty fairness issue where traffic from one
CPU can starve traffic from all other CPUs.

Work around this issue by forcing all tx packets to go through one CPU,
until this issue is fixed properly.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-11 14:56:57 +01:00
Kabuli Chana
fe876e9ac6 mvebu: Fix up some leds on this series
correct ports, fix power led on rango, tested mamba,shelby,rango

Signed-off-by: Kabuli Chana <newtownBuild@gmail.com>
2017-01-10 12:28:32 +01:00
Felix Fietkau
018d80007e kernel: remove ubifs xz decompression support
It has been unused, and less useful than squashfs for cases where flash
space usage matters.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-01-09 14:07:06 +01:00
Vignesh Balasubramaniam
62e4c915ee mvebu: fix sysupgrade for Linksys WRT3200ACM
sysupgrade command fails due to missing U-Boot environment-processing
binaries on sysupgrade ramdisk. The missing binaries result in the
following output:

Switching to ramdisk...
	Performing system upgrade...
	ash: /usr/sbin/fw_printenv: not found
	ash: fw_setenv: not found
	ash: touch: not found
	cannot find target partition

Signed-off-by: Vignesh Balasubramaniam <vigneshb.hp@gmail.com>
2016-12-04 07:03:17 +01:00
Mathias Kresin
c95e4e715d mvebu: fix image validation error
The name from the Device define will be used in the metadata. Due to
typo/different spelling, this name might not match the one exported in
/lib/mvebu.sh.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-12-04 07:03:17 +01:00
Mathias Kresin
7cc0d8b3bd mvebu: fix typo in image metadata support
Signed-off-by: Mathias Kresin <dev@kresin.me>
2016-11-27 15:34:22 +01:00
Felix Fietkau
95e7868e7e Revert "mvebu: simplify etc/board.d/02_network"
This reverts commit 539ae47103.
According to reports, this introduces a regression on WRT3200ACM

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2016-11-25 20:03:45 +01:00