1. 16 Apr, 2020 1 commit
    • Koen Vandeputte's avatar
      kernel: bump 4.14 to 4.14.176 · 1f0679f5
      Koen Vandeputte authored
      
      
      Refreshed all patches.
      
      Remove upstreamed:
      - 0001-net-thunderx-workaround-BGX-TX-Underflow-issue.patch
      - 600-ipv6-addrconf-call-ipv6_mc_up-for-non-Ethernet-inter.patch
      
      Fixes:
      - CVE-2020-8647
      - CVE-2020-8648 (potentially)
      - CVE-2020-8649
      
      Compile-tested on: cns3xxx
      Runtime-tested on: cns3xxx
      Signed-off-by: default avatarKoen Vandeputte <koen.vandeputte@ncentric.com>
      1f0679f5
  2. 09 Mar, 2020 1 commit
  3. 04 Jan, 2020 1 commit
  4. 25 Dec, 2019 1 commit
  5. 19 Nov, 2019 1 commit
    • Koen Vandeputte's avatar
      kernel: bump 4.14 to 4.14.154 · 0a9147be
      Koen Vandeputte authored
      
      
      Refreshed all patches.
      
      Altered patches:
      - 902-debloat_proc.patch
      - 040-dmaengine-qcom-bam-Process-multiple-pending-descript.patch
      
      Remove upstreamed:
      - 303-spi-nor-enable-4B-opcodes-for-mx66l51235l.patch
      
      New symbols:
      X86_INTEL_MPX
      X86_INTEL_MEMORY_PROTECTION_KEYS
      X86_INTEL_TSX_MODE_OFF
      X86_INTEL_TSX_MODE_ON
      X86_INTEL_TSX_MODE_AUTO
      SGL_ALLOC
      
      Compile-tested on: cns3xxx
      Runtime-tested on: cns3xxx
      Signed-off-by: default avatarKoen Vandeputte <koen.vandeputte@ncentric.com>
      0a9147be
  6. 08 Oct, 2019 1 commit
  7. 27 Aug, 2019 1 commit
  8. 06 Aug, 2019 1 commit
  9. 09 Jul, 2019 1 commit
  10. 18 Jun, 2019 1 commit
  11. 02 May, 2019 1 commit
  12. 08 Apr, 2019 1 commit
  13. 01 Feb, 2019 1 commit
  14. 31 Jan, 2019 1 commit
  15. 15 Jan, 2019 1 commit
  16. 08 Jan, 2019 1 commit
  17. 13 Dec, 2018 1 commit
  18. 19 Oct, 2018 1 commit
  19. 15 Oct, 2018 1 commit
  20. 04 Oct, 2018 1 commit
  21. 21 Sep, 2018 1 commit
  22. 06 Aug, 2018 1 commit
    • Stijn Segers's avatar
      kernel: bump 4.14 to 4.14.60 for 18.06 · 9ce7aa32
      Stijn Segers authored
      
      
      * Refreshed patches.
      * Patches made redundant by changes upstream:
        - target/linux/ramips/patches-4.14/0036-mtd-fix-cfi-cmdset-0002-erase-status-check.patch
      * Patches accepted upstream:
        - target/linux/apm821xx/patches-4.14/020-0001-crypto-crypto4xx-remove-bad-list_del.patch
        - target/linux/apm821xx/patches-4.14/020-0011-crypto-crypto4xx-fix-crypto4xx_build_pdr-crypto4xx_b.patch
        - target/linux/brcm63xx/patches-4.14/001-4.15-08-bcm63xx_enet-correct-clock-usage.patch
        - target/linux/brcm63xx/patches-4.14/001-4.15-09-bcm63xx_enet-do-not-write-to-random-DMA-channel-on-B.patch
        - target/linux/generic/backport-4.14/080-net-convert-sock.sk_wmem_alloc-from-atomic_t-to-refc.patch
        - target/linux/generic/pending-4.14/900-gen_stats-fix-netlink-stats-padding.patch
      
      The ext4 regression introduced in 4.14.55 has been fixed by 4.14.60 (commit f547aa20b4f61662ad3e1a2040bb3cc5778f19b0).
      
      Fixes the following CVEs:
      - CVE-2018-10876
      - CVE-2018-10877
      - CVE-2018-10879
      - CVE-2018-10880
      - CVE-2018-10881
      - CVE-2018-10882
      - CVE-2018-10883
      
      Thanks to Stijn Tintel for the CVE list :-).
      
      Compile-tested on: ramips/mt7621, x86/64
      Run-tested on: ramips/mt7621, x86/64
      Signed-off-by: default avatarStijn Segers <foss@volatilesystems.org>
      9ce7aa32
  23. 07 Jun, 2018 1 commit
    • Stijn Segers's avatar
      kernel: bump 4.14 to 4.14.48 for 18.06 · 1199a910
      Stijn Segers authored
      
      
      Refreshed patches. The following patches were upstreamed and have been deleted:
      
      * target/linux/lantiq/patches-4.14/0025-MIPS-lantiq-gphy-Remove-reboot-remove-reset-asserts.patch
      * target/linux/generic/pending-4.14/101-clocksource-mips-gic-timer-fix-clocksource-counter-w.patch
      * target/linux/generic/pending-4.14/103-MIPS-c-r4k-fix-data-corruption-related-to-cache-coherence.patch
      * target/linux/generic/pending-4.14/181-net-usb-add-lte-modem-wistron-neweb-d18q1.patch
      
      Compile-tested: ramips/mt7621, x86/64
      Run-tested: ramips/mt7621
      Signed-off-by: default avatarStijn Segers <foss@volatilesystems.org>
      1199a910
  24. 09 Mar, 2018 1 commit
  25. 02 Mar, 2018 1 commit
    • Stijn Segers's avatar
      kernel: bump 4.14 to 4.14.23 · b5469b38
      Stijn Segers authored
      
      
      This patch bumps the 4.14 kernel to .23.
      - Refreshed patches.
      - Deleted bcm53xx/patches-4.14/089-PCI-iproc-Fix-NULL-pointer-dereference-for-BCMA.patch. Has been accepted upstream.
      - Deleted generic/pending-4.14/821-usb-Remove-annoying-warning-about-bogus-URB.patch. The upstream URB code was changed,
        the patch no longer applies. I discussed this with the patch author and removed it for now, we'll see how it goes.
      
      Compile-tested on: ramips/mt7621, x86/64
      Run-tested on: ramips/mt7621, x86/64
      Signed-off-by: default avatarStijn Segers <foss@volatilesystems.org>
      b5469b38
  26. 18 Feb, 2018 1 commit
    • Stijn Tintel's avatar
      kernel: bump 4.14 to 4.14.20 · 88ba4145
      Stijn Tintel authored
      
      
      Refresh patches.
      Remove upstreamed patches:
      - backport/080-v4.15-0001-arch-define-weak-abort.patch
      - backport/081-v4.15-0002-kernel-exit.c-export-abort-to-modules.patch
      Update patch that no longer applies:
      pending/493-ubi-set-ROOT_DEV-to-ubiblock-rootfs-if-unset.patch
      
      Fixes CVE-2017-8824.
      
      Compile-tested: octeon, x86/64.
      Runtime-tested: octeon, x86/64.
      Signed-off-by: default avatarStijn Tintel <stijn@linux-ipv6.be>
      88ba4145
  27. 02 Jan, 2018 1 commit
    • Stijn Tintel's avatar
      kernel: bump 4.14 to 4.14.11 · c5ca1c9a
      Stijn Tintel authored
      
      
      Rename unwinder config symbols to match upstream changes.
      Refresh patches.
      Update patch that no longer applies: 202-reduce_module_size.patch
      
      Also enable CONFIG_PAGE_TABLE_ISOLATION. This feature was backported
      from 4.15 to the 4.14 stable series. It is enabled by default, so enable
      it in OpenWrt as well.
      
      Compile-tested on x86/64.
      Runtime-tested on x86/64.
      Signed-off-by: default avatarStijn Tintel <stijn@linux-ipv6.be>
      c5ca1c9a
  28. 16 Dec, 2017 1 commit
    • Hauke Mehrtens's avatar
      kernel: generic: Add kernel 4.14 support · b3f95490
      Hauke Mehrtens authored
      
      
      This adds initial support for kernel 4.14 based on the patches for
      kernel 4.9.
      
      In the configuration I deactivated some of the new possible security
      features like:
      CONFIG_REFCOUNT_FULL
      CONFIG_SLAB_FREELIST_HARDENED
      CONFIG_SOFTLOCKUP_DETECTOR
      CONFIG_WARN_ALL_UNSEEDED_RANDOM
      
      And these overlay FS options are also deactivated:
      CONFIG_OVERLAY_FS_INDEX
      CONFIG_OVERLAY_FS_REDIRECT_DIR
      
      I activated this:
      CONFIG_FORTIFY_SOURCE
      CONFIG_POSIX_TIMERS
      CONFIG_SLAB_MERGE_DEFAULT
      CONFIG_WATCHDOG_HANDLE_BOOT_ENABLED
      
      I am not sure if I did the porting correct for the following patches:
      target/linux/generic/backport-4.14/020-backport_netfilter_rtcache.patch
      target/linux/generic/hack-4.14/220-gc_sections.patch
      target/linux/generic/hack-4.14/321-powerpc_crtsavres_prereq.patch
      target/linux/generic/pending-4.14/305-mips_module_reloc.patch
      target/linux/generic/pending-4.14/611-netfilter_match_bypass_default_table.patch
      target/linux/generic/pending-4.14/680-NET-skip-GRO-for-foreign-MAC-addresses.patch
      Signed-off-by: default avatarHauke Mehrtens <hauke@hauke-m.de>
      b3f95490
  29. 18 Oct, 2017 1 commit
  30. 17 Aug, 2017 1 commit
    • Stijn Tintel's avatar
      kernel: update 4.9 to 4.9.44 · 2d02a4f5
      Stijn Tintel authored
      
      
      Refresh patches.
      Adapt 704-phy-no-genphy-soft-reset.patch.
      Remove brcm2708/950-0005-mm-Remove-the-PFN-busy-warning.patch.
      Compile-tested on brcm2708/bcm2708 and x86/64.
      Runtime-tested on brcm2708/bcm2708 and x86/64.
      
      Fixes the following vulnerabilities:
      - CVE-2017-7533
      - CVE-2017-1000111
      - CVE-2017-1000112
      Signed-off-by: default avatarStijn Tintel <stijn@linux-ipv6.be>
      2d02a4f5
  31. 05 Aug, 2017 1 commit
    • John Crispin's avatar
      kernel: split patches folder up into backport, pending and hack folders · 74d00a8c
      John Crispin authored
      
      
      * properly format/comment all patches
      * merge debloat patches
      * merge Kconfig patches
      * merge swconfig patches
      * merge hotplug patches
      * drop 200-fix_localversion.patch - upstream
      * drop 222-arm_zimage_none.patch - unused
      * drop 252-mv_cesa_depends.patch - no longer required
      * drop 410-mtd-move-forward-declaration-of-struct-mtd_info.patch - unused
      * drop 661-fq_codel_keep_dropped_stats.patch - outdated
      * drop 702-phy_add_aneg_done_function.patch - upstream
      * drop 840-rtc7301.patch - unused
      * drop 841-rtc_pt7c4338.patch - upstream
      * drop 921-use_preinit_as_init.patch - unused
      * drop spio-gpio-old and gpio-mmc - unused
      Signed-off-by: default avatarJohn Crispin <john@phrozen.org>
      74d00a8c
  32. 14 Jul, 2017 1 commit
    • Koen Vandeputte's avatar
      kernel: update kernel 4.9 to 4.9.37 · cd54b2d4
      Koen Vandeputte authored
      - Refreshed all patches
      - Removed upstreamed
      - Adapted 4 patches:
      
      473-fix-marvell-phy-initialization-issues.patch
      -----------------------------------------------
      Removed hunk 5 which got upstreamed
      
      403-net-phy-avoid-setting-unsupported-EEE-advertisments.patch
      404-net-phy-restart-phy-autonegotiation-after-EEE-advert.patch
      --------------------------------------------------------------
      Adapted these 2 RFC patches, merging the delta's from an upstream commit
      (see below) which made it before these 2.
      
      https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-
      
      
      stable.git/commit/?h=v4.9.36&id=97ace183074d306942b903a148aebd5d061758f0
      
      180-usb-xhci-add-support-for-performing-fake-doorbell.patch
      -----------------------------------------------------------
      - Moved fake_doorbell bitmask due to new item
      
      Compile tested on: cns3xxx, imx6
      Run tested on: cns3xxx, imx6
      Signed-off-by: default avatarKoen Vandeputte <koen.vandeputte@ncentric.com>
      cd54b2d4
  33. 07 Jun, 2017 1 commit
  34. 02 Apr, 2017 1 commit
  35. 04 Feb, 2017 1 commit
  36. 29 Nov, 2016 1 commit
  37. 31 Oct, 2016 1 commit
  38. 30 Sep, 2016 1 commit
  39. 05 Mar, 2016 1 commit
  40. 15 Jan, 2016 1 commit