1. 16 Apr, 2020 1 commit
    • Koen Vandeputte's avatar
      kernel: bump 4.14 to 4.14.176 · 1f0679f5
      Koen Vandeputte authored
      
      
      Refreshed all patches.
      
      Remove upstreamed:
      - 0001-net-thunderx-workaround-BGX-TX-Underflow-issue.patch
      - 600-ipv6-addrconf-call-ipv6_mc_up-for-non-Ethernet-inter.patch
      
      Fixes:
      - CVE-2020-8647
      - CVE-2020-8648 (potentially)
      - CVE-2020-8649
      
      Compile-tested on: cns3xxx
      Runtime-tested on: cns3xxx
      Signed-off-by: default avatarKoen Vandeputte <koen.vandeputte@ncentric.com>
      1f0679f5
  2. 26 Dec, 2019 1 commit
  3. 08 Oct, 2019 1 commit
  4. 13 Sep, 2019 1 commit
  5. 14 Aug, 2019 1 commit
  6. 09 Jul, 2019 1 commit
  7. 18 Jun, 2019 1 commit
  8. 31 Jan, 2019 1 commit
  9. 15 Jan, 2019 1 commit
  10. 18 Dec, 2018 1 commit
  11. 06 Aug, 2018 1 commit
    • Stijn Segers's avatar
      kernel: bump 4.14 to 4.14.60 for 18.06 · 9ce7aa32
      Stijn Segers authored
      
      
      * Refreshed patches.
      * Patches made redundant by changes upstream:
        - target/linux/ramips/patches-4.14/0036-mtd-fix-cfi-cmdset-0002-erase-status-check.patch
      * Patches accepted upstream:
        - target/linux/apm821xx/patches-4.14/020-0001-crypto-crypto4xx-remove-bad-list_del.patch
        - target/linux/apm821xx/patches-4.14/020-0011-crypto-crypto4xx-fix-crypto4xx_build_pdr-crypto4xx_b.patch
        - target/linux/brcm63xx/patches-4.14/001-4.15-08-bcm63xx_enet-correct-clock-usage.patch
        - target/linux/brcm63xx/patches-4.14/001-4.15-09-bcm63xx_enet-do-not-write-to-random-DMA-channel-on-B.patch
        - target/linux/generic/backport-4.14/080-net-convert-sock.sk_wmem_alloc-from-atomic_t-to-refc.patch
        - target/linux/generic/pending-4.14/900-gen_stats-fix-netlink-stats-padding.patch
      
      The ext4 regression introduced in 4.14.55 has been fixed by 4.14.60 (commit f547aa20b4f61662ad3e1a2040bb3cc5778f19b0).
      
      Fixes the following CVEs:
      - CVE-2018-10876
      - CVE-2018-10877
      - CVE-2018-10879
      - CVE-2018-10880
      - CVE-2018-10881
      - CVE-2018-10882
      - CVE-2018-10883
      
      Thanks to Stijn Tintel for the CVE list :-).
      
      Compile-tested on: ramips/mt7621, x86/64
      Run-tested on: ramips/mt7621, x86/64
      Signed-off-by: default avatarStijn Segers <foss@volatilesystems.org>
      9ce7aa32
  12. 09 Mar, 2018 1 commit
  13. 02 Mar, 2018 1 commit
    • Stijn Segers's avatar
      kernel: bump 4.14 to 4.14.23 · b5469b38
      Stijn Segers authored
      
      
      This patch bumps the 4.14 kernel to .23.
      - Refreshed patches.
      - Deleted bcm53xx/patches-4.14/089-PCI-iproc-Fix-NULL-pointer-dereference-for-BCMA.patch. Has been accepted upstream.
      - Deleted generic/pending-4.14/821-usb-Remove-annoying-warning-about-bogus-URB.patch. The upstream URB code was changed,
        the patch no longer applies. I discussed this with the patch author and removed it for now, we'll see how it goes.
      
      Compile-tested on: ramips/mt7621, x86/64
      Run-tested on: ramips/mt7621, x86/64
      Signed-off-by: default avatarStijn Segers <foss@volatilesystems.org>
      b5469b38
  14. 18 Feb, 2018 1 commit
    • Stijn Tintel's avatar
      kernel: bump 4.14 to 4.14.20 · 88ba4145
      Stijn Tintel authored
      
      
      Refresh patches.
      Remove upstreamed patches:
      - backport/080-v4.15-0001-arch-define-weak-abort.patch
      - backport/081-v4.15-0002-kernel-exit.c-export-abort-to-modules.patch
      Update patch that no longer applies:
      pending/493-ubi-set-ROOT_DEV-to-ubiblock-rootfs-if-unset.patch
      
      Fixes CVE-2017-8824.
      
      Compile-tested: octeon, x86/64.
      Runtime-tested: octeon, x86/64.
      Signed-off-by: default avatarStijn Tintel <stijn@linux-ipv6.be>
      88ba4145
  15. 16 Dec, 2017 1 commit
    • Hauke Mehrtens's avatar
      kernel: generic: Add kernel 4.14 support · b3f95490
      Hauke Mehrtens authored
      
      
      This adds initial support for kernel 4.14 based on the patches for
      kernel 4.9.
      
      In the configuration I deactivated some of the new possible security
      features like:
      CONFIG_REFCOUNT_FULL
      CONFIG_SLAB_FREELIST_HARDENED
      CONFIG_SOFTLOCKUP_DETECTOR
      CONFIG_WARN_ALL_UNSEEDED_RANDOM
      
      And these overlay FS options are also deactivated:
      CONFIG_OVERLAY_FS_INDEX
      CONFIG_OVERLAY_FS_REDIRECT_DIR
      
      I activated this:
      CONFIG_FORTIFY_SOURCE
      CONFIG_POSIX_TIMERS
      CONFIG_SLAB_MERGE_DEFAULT
      CONFIG_WATCHDOG_HANDLE_BOOT_ENABLED
      
      I am not sure if I did the porting correct for the following patches:
      target/linux/generic/backport-4.14/020-backport_netfilter_rtcache.patch
      target/linux/generic/hack-4.14/220-gc_sections.patch
      target/linux/generic/hack-4.14/321-powerpc_crtsavres_prereq.patch
      target/linux/generic/pending-4.14/305-mips_module_reloc.patch
      target/linux/generic/pending-4.14/611-netfilter_match_bypass_default_table.patch
      target/linux/generic/pending-4.14/680-NET-skip-GRO-for-foreign-MAC-addresses.patch
      Signed-off-by: default avatarHauke Mehrtens <hauke@hauke-m.de>
      b3f95490
  16. 22 Nov, 2017 1 commit
  17. 16 Nov, 2017 1 commit
    • Felix Fietkau's avatar
      kernel: backport a patch that allows drivers to tweak the TSQ logic · 00a8f349
      Felix Fietkau authored
      
      
      Currently local TCP performance on wifi devices can be limited because
      the TSQ (TCP Small Queues) code is tuned for wired ethernet latencies.
      
      With this patch drivers can increase the amount of local buffering to
      allow TCP to trigger larger aggregation sizes
      
      This commit is modified from the upstream version to allow #ifdef based
      backport feature detection
      Signed-off-by: default avatarFelix Fietkau <nbd@nbd.name>
      00a8f349