diff options
| author | Stijn Tintel <stijn@linux-ipv6.be> | 2017-08-17 10:51:05 +0200 |
|---|---|---|
| committer | Stijn Tintel <stijn@linux-ipv6.be> | 2017-08-17 12:34:34 +0200 |
| commit | 2d02a4f5bda4a5ff392286360ec7d1129bd77d25 (patch) | |
| tree | c243a9231fd508b585c2711e8b691e8ca06d2988 /target/linux/generic/hack-4.9/641-bridge_port_isolate.patch | |
| parent | d9564d79b8e91eed23c45afd2eb4a71a97c922eb (diff) | |
| download | upstream-2d02a4f5bda4a5ff392286360ec7d1129bd77d25.tar.gz upstream-2d02a4f5bda4a5ff392286360ec7d1129bd77d25.tar.bz2 upstream-2d02a4f5bda4a5ff392286360ec7d1129bd77d25.zip | |
kernel: update 4.9 to 4.9.44
Refresh patches.
Adapt 704-phy-no-genphy-soft-reset.patch.
Remove brcm2708/950-0005-mm-Remove-the-PFN-busy-warning.patch.
Compile-tested on brcm2708/bcm2708 and x86/64.
Runtime-tested on brcm2708/bcm2708 and x86/64.
Fixes the following vulnerabilities:
- CVE-2017-7533
- CVE-2017-1000111
- CVE-2017-1000112
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Diffstat (limited to 'target/linux/generic/hack-4.9/641-bridge_port_isolate.patch')
| -rw-r--r-- | target/linux/generic/hack-4.9/641-bridge_port_isolate.patch | 24 |
1 files changed, 8 insertions, 16 deletions
diff --git a/target/linux/generic/hack-4.9/641-bridge_port_isolate.patch b/target/linux/generic/hack-4.9/641-bridge_port_isolate.patch index 637550fa28..56259329d2 100644 --- a/target/linux/generic/hack-4.9/641-bridge_port_isolate.patch +++ b/target/linux/generic/hack-4.9/641-bridge_port_isolate.patch @@ -13,10 +13,8 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name> net/bridge/br_sysfs_if.c | 2 ++ 4 files changed, 11 insertions(+) -Index: linux-4.9.34/include/linux/if_bridge.h -=================================================================== ---- linux-4.9.34.orig/include/linux/if_bridge.h -+++ linux-4.9.34/include/linux/if_bridge.h +--- a/include/linux/if_bridge.h ++++ b/include/linux/if_bridge.h @@ -47,6 +47,7 @@ struct br_ip_list { #define BR_PROXYARP_WIFI BIT(10) #define BR_MCAST_FLOOD BIT(11) @@ -25,10 +23,8 @@ Index: linux-4.9.34/include/linux/if_bridge.h #define BR_DEFAULT_AGEING_TIME (300 * HZ) -Index: linux-4.9.34/net/bridge/br_forward.c -=================================================================== ---- linux-4.9.34.orig/net/bridge/br_forward.c -+++ linux-4.9.34/net/bridge/br_forward.c +--- a/net/bridge/br_forward.c ++++ b/net/bridge/br_forward.c @@ -141,6 +141,9 @@ static int deliver_clone(const struct ne void br_forward(const struct net_bridge_port *to, struct sk_buff *skb, bool local_rcv, bool local_orig) @@ -48,10 +44,8 @@ Index: linux-4.9.34/net/bridge/br_forward.c /* Do not flood unicast traffic to ports that turn it off */ if (pkt_type == BR_PKT_UNICAST && !(p->flags & BR_FLOOD)) continue; -Index: linux-4.9.34/net/bridge/br_input.c -=================================================================== ---- linux-4.9.34.orig/net/bridge/br_input.c -+++ linux-4.9.34/net/bridge/br_input.c +--- a/net/bridge/br_input.c ++++ b/net/bridge/br_input.c @@ -175,6 +175,9 @@ int br_handle_frame_finish(struct net *n if (IS_ENABLED(CONFIG_INET) && skb->protocol == htons(ETH_P_ARP)) br_do_proxy_arp(skb, br, vid, p); @@ -62,10 +56,8 @@ Index: linux-4.9.34/net/bridge/br_input.c switch (pkt_type) { case BR_PKT_MULTICAST: mdst = br_mdb_get(br, skb, vid); -Index: linux-4.9.34/net/bridge/br_sysfs_if.c -=================================================================== ---- linux-4.9.34.orig/net/bridge/br_sysfs_if.c -+++ linux-4.9.34/net/bridge/br_sysfs_if.c +--- a/net/bridge/br_sysfs_if.c ++++ b/net/bridge/br_sysfs_if.c @@ -172,6 +172,7 @@ BRPORT_ATTR_FLAG(unicast_flood, BR_FLOOD BRPORT_ATTR_FLAG(proxyarp, BR_PROXYARP); BRPORT_ATTR_FLAG(proxyarp_wifi, BR_PROXYARP_WIFI); |