aboutsummaryrefslogtreecommitdiffstats
path: root/include
Commit message (Collapse)AuthorAgeFilesLines
* kernel: update kernel 4.9 to 4.9.31Jo-Philipp Wich2017-06-081-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes the following security vulnerabilities: CVE-2017-8890 The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call. CVE-2017-9074 The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls. CVE-2017-9075 The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. CVE-2017-9076 The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. CVE-2017-9077 The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. CVE-2017-9242 The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls. Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8890 Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9074 Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9075 Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9076 Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9077 Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9242 Ref: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.31 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* kernel: really select kernel 4.4.71Hauke Mehrtens2017-06-071-1/+1
| | | | | | | The previous commit f4a4f324cb76ad ("kernel: update kernel 4.4 to 4.4.71") missed the line which changes the kernel version, add it now. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: update kernel 4.4 to 4.4.71Jo-Philipp Wich2017-06-071-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes the following security vulnerabilities: CVE-2017-8890 The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call. CVE-2017-9074 The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls. CVE-2017-9075 The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. CVE-2017-9076 The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. CVE-2017-9077 The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. CVE-2017-9242 The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls. Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8890 Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9074 Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9075 Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9076 Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9077 Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9242 Ref: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.71 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* kernel: fix segmentation fault in mconf on linuxFelix Fietkau2017-06-071-1/+3
| | | | | | | | | | | Commit 86c966a8ae9c4e74b912a16a760aaed17c68eb32 caused HOST_LOADLIBES to include -lncurses. This was added for fixing build issues on macOS. This introduces issues on Linux when wide-character ncurses is being used for compiling, but the non-wide-character version is linked in. Fix this by adding the extra override for HOST_LOADLIBES only on macOS. Signed-off-by: Felix Fietkau <nbd@nbd.name>
* build: add KERNEL_MAKE and KERNEL_MAKE_FLAGS variables and move to kernel.mkFelix Fietkau2017-06-073-31/+35
| | | | | | | | This allows packages to use kernel make options without the forced -C $(LINUX_DIR). It also makes it more clear that it to be called from kernel module packages directly. Signed-off-by: Felix Fietkau <nbd@nbd.name>
* build: fix kernel refresh failure on first runJonas Gorski2017-06-041-5/+5
| | | | | | | | Override {HOST_}QUILT before making decisions based on it, else it will cause target/linux/refresh to fail on first run. Fixes: 36ba6237d6e3a23fbeadcc1812a892faa4b07cbe ("build: fix quilt for mixed package/host builds") Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
* build: fix kmod package build on non-GNU systemsFelix Fietkau2017-05-291-1/+1
| | | | | | | BSD paste requires a filename argument, and it accepts - to use stdin as intended. Signed-off-by: Felix Fietkau <nbd@nbd.name>
* build: fix possible issue with kmod package having multiple AutoLoad'sYousong Zhou2017-05-271-9/+12
| | | | | | | | | | | This commit contains the following changes - Use local shell var where appliable - The $(sort $$$$$$$$mods) call will have no expected effect - Avoid EEXIST when creating symlinks in /etc/modules-boot.d/ - Avoid duplicate arguments for insert_modules() in postinst-pkg Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* kernel: update kernel 4.4 to 4.4.70Hauke Mehrtens2017-05-271-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: update kernel 4.9 to 4.9.30Hauke Mehrtens2017-05-271-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* build: fix QUILT related overridesFelix Fietkau2017-05-251-10/+12
| | | | | | They need to be defined before including quilt.mk Signed-off-by: Felix Fietkau <nbd@nbd.name>
* build: fix quilt for mixed package/host buildsFelix Fietkau2017-05-251-23/+24
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* build: set QUILT=1 automatically when calling package host build refreshFelix Fietkau2017-05-251-1/+1
| | | | | | Makes behavor consistent with package builds and regular host builds Signed-off-by: Felix Fietkau <nbd@nbd.name>
* build: stop overriding STAGING_DIR_HOST for toolchain buildFelix Fietkau2017-05-252-3/+2
| | | | | | | | | This causes various issues in other places that assume that host binaries are staged in STAGING_DIR_HOST. Since all the right places use HOST_BUILD_PREFIX, override that instead. This fixes some issues with quilt on toolchain dirs Signed-off-by: Felix Fietkau <nbd@nbd.name>
* include: Determine MODULES_DIR correctly for external/git kernelsFlorian Fainelli2017-05-251-3/+5
| | | | | | | | | | | | | | When using external or git cloned kernels, any kind of modifications will alter KERNELRELEASE. LEDE still tries to stage modules in lib/modules/$(LINUX_UNAME_VERSION) and LINUX_UNAME_VERSION is based on KERNEL_PATCHVER (indirectly) so this does not work, and we lose all kinds of automatic modules loading. To remedy that, just cat $(LINUX_DIR)/include/config/kernel.release which is late enough the kernel has prepared this file, and is correctly tracking changes done throughout the kernel. Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* include: Do not alter KERNELRELEASE for external/git kernelsFlorian Fainelli2017-05-251-1/+6
| | | | | | | | | In case we use external and/or git cloned kernels, let the kernel determine the appropriate KERNELRELEASE. We cannot used LINUX_UNAME_VERSION because that one gets determined at a later time, when the kernel is already built proper. Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* Revert "kernel: prevent addition of scm marker to localversion"Florian Fainelli2017-05-251-4/+0
| | | | | | | | | | This reverts commit 0df2c6563a3537ed21b28a9fb6874bf2718afd05 since it gets in the way of identifying properly which kernel we are running. This is particularly important if LEDE is using external kernels/git cloned kernels. We want to make sure we only load modules from that specific kernel. Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* kernel: update kernel 4.9 to 4.9.29Koen Vandeputte2017-05-211-2/+2
| | | | | | | | | | | | | - Refresh all patches - Removed upstreamed - Adapted 1 Compile tested on: bcm53xx, cns3xxx, imx6, lantiq Run tested on: cns3xxx & imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com> [update from 4.9.28 to 4.9.29] Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: update kernel 4.4 to version 4.4.69Kevin Darbyshire-Bryant2017-05-211-2/+2
| | | | | | | | | | | | | | | | | | | Refresh patches. A number of patches have landed upstream & hence are no longer required locally: 062-[1-6]-MIPS-* series 042-0004-mtd-bcm47xxpart-fix-parsing-first-block Reintroduced lantiq/patches-4.4/0050-MIPS-Lantiq-Fix-cascaded-IRQ-setup as it was incorrectly included upstream thus dropped from LEDE. As it has now been reverted upstream it needs to be included again for LEDE. Run tested ar71xx Archer C7 v2 and lantiq. Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk> [update from 4.4.68 to 4.4.69] Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* image.mk: Generate cpiogz with root-owned filesMichal Sojka2017-05-141-1/+1
| | | | | | | | | Some files (e.g. /etc/dropbear) need to be owned by root. Add cpio option to ensure that. Other image types (at least targz and squashfs) already have this. Signed-off-by: Michal Sojka <sojkam1@fel.cvut.cz>
* build: new fixes for symlinked .config handlingSergey Ryazanov2017-05-111-4/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | When running "make {config|defconfig|oldconfig}" with symlinked .config (e.g. to env/.config) it renames symlink to .config.old, creates new .config file, and writes the updated configuration into it. This breaks the desired workflow when changes in the configuration can be checked using "scripts/env diff" and commited using "scripts/env save". Since the env/.config file is not updated. The things become even worse when working with feeds, since feeds script quite often silently invokes "make {oldconfig|defconfig}" and breaks the symlink. Fix this issue by exporting KCONFIG_OVERWRITECONFIG=1, which forces mconf to overwrite the .config content, instead of renaming it and creating a new file. This variable is set only if .config is a symlink, otherwise the variable is not exported and the old behaviour is preserved. This change uses the same behaviour as "make menucofig", which has already been fixed in commit 5bf98b1acc3b6b178f8954c5075a58e1e6a99d6a. Also make a tiny cosmetic update to the "make menuconfig" target code layout to make it look like other config handling targets. Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
* build: allow val.% targets to bypass the prepare stepsFelix Fietkau2017-05-051-0/+3
| | | | | | | Significantly reduces time spent processing those targets and should also silence some log clutter which could confuse buildbot Signed-off-by: Felix Fietkau <nbd@nbd.name>
* build: reset ALTERNATIVES field in Package/DefaultYousong Zhou2017-05-031-0/+1
| | | | | | | | | Otherwise ipkg packages may wrongly take on alternatives specs of another package sharing the same package Makefile Fixes FS#753 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* build: ipkg: new field AlternativesYousong Zhou2017-05-021-0/+1
| | | | | | | | | | | It's a list of specs of the following form seprated by commas to describe alternatives provided by this package <prio>:<path>:<altpath> <path> will be a symbolic link to <altpath> of the highest <prio> Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* build: cleanup tmp/ dir of target rootfsYousong Zhou2017-05-021-0/+1
| | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* include/packages-defaults.mk: Remove LARGEFILE optionDaniel Engberg2017-04-261-1/+0
| | | | | Remove LARGEFILE option, support was removed back in 2011 (OpenWrt rev 25208). Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* build: fix symlinked .config handlingSergey Ryazanov2017-04-261-1/+1
| | | | | | | | | | | | | | | | | | When running "make menuconfig" with symlinked .config (e.g. to env/.config) it renames symlink to .config.old, creates new .config file and writes updated configuration here. This breaks the desired workflow when changes in the configuration could be checked using "scripts/env diff" and commited with "scripts/env save". Since the env/.config file is not updated. Fix this issue by exporting KCONFIG_OVERWRITECONFIG=1, which forces mconf to overwrite the .config content, instead of renaming it and creating a new file. This variable is set only if .config is a symlink, otherwise the variable is not exported and the old behaviour is preserved. Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
* include/image.mk: allow passing a compat string to the NAND image templateJohn Crispin2017-04-241-5/+6
| | | | Signed-off-by: John Crispin <john@phrozen.org>
* build: fix aarch64 default cpu selectionYousong Zhou2017-04-231-2/+2
| | | | | | | | | | | | | | | | Not sure since when the issue emerged, but according to the current doc of gcc and as, armv8-a is intended as argument of -march The change will affect at the moment arm64 and layerscape/64b Below is the relevant error messages when building toolchain Assembler messages: Error: unknown cpu `armv8-a' Error: unrecognized option -mcpu=armv8-a /home/yousong/git-repo/lede-project/lede/build_dir/toolchain-aarch64_armv8-a_gcc-5.4.0_musl/gcc-5.4.0/libgcc/libgcc2.c:1:0: error: unknown value 'armv8-a' for -mcpu Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* kernel: update kernel 4.4 to 4.4.61Jo-Philipp Wich2017-04-151-2/+2
| | | | Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* build: remove package makefile overlay functionalityFelix Fietkau2017-04-122-8/+1
| | | | | | | | Recent attempts to use it have shown that it does not work properly except for a few undocumented cases. It's better to remove this now to avoid having more people fall into the same trap Signed-off-by: Felix Fietkau <nbd@nbd.name>
* kernel: move initramfs's init script out of base-filesRafał Miłecki2017-04-041-1/+1
| | | | | | | | Keeping it in base-files was resulting in adding it to the base-files package. This file is meant to be included manually for initramfs images only. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* u-boot.mk: pass HOSTCC and HOST_CFLAGS into the buildFelix Fietkau2017-04-041-0/+5
| | | | | | | Cuts build time on Mac OS X in half by avoiding repeated $(shell) calls from the build system Signed-off-by: Felix Fietkau <nbd@nbd.name>
* target.mk: check that CPU_TYPE has known CPU_CFLAGS mappingPhilip Prindeville2017-04-041-0/+5
| | | | | | | | If someone creates a target and indicates a CPU_TYPE, but there's no corresponding support for that CPU_TYPE's flags in include/target.mk then that should probably be indicated rather than silently ignored. Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* build: move PKG_CONFIG_DEPENDS from feeds.mk to opkgFelix Fietkau2017-04-031-6/+0
| | | | | | | Normal packages don't rely on the feed configuration variables for the build step Signed-off-by: Felix Fietkau <nbd@nbd.name>
* kernel: update kernel 4.4 to 4.4.59Hauke Mehrtens2017-04-021-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: update kernel 4.9 to 4.9.20Hauke Mehrtens2017-04-021-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: update kernel 4.9 to 4.9.17Hauke Mehrtens2017-03-261-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: update kernel 4.4 to 4.4.56Hauke Mehrtens2017-03-261-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* build: fix STAMP_PREPARED with quiltFelix Fietkau2017-03-222-2/+2
| | | | | | | quilt.mk needs to be included first, to ensure that STAMP_PREPARED does not include the hash if quilt is used. Signed-off-by: Felix Fietkau <nbd@nbd.name>
* kernel: do not try to copy vmlinux out of arch/$(ARCH)/bootFelix Fietkau2017-03-221-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* include: add KERNEL_LOAD_ADDR to TARGET_VARSJohn Crispin2017-03-221-1/+1
| | | | | | This will allow us to override the variable from within a Device template. Signed-off-by: John Crispin <john@phrozen.org>
* include: Add nomips16 CPU_SUBTYPEHauke Mehrtens2017-03-201-1/+3
| | | | | | | | | | This can be used to indicate that a target does not support the optional mips16 extension even when it is a mips32r2 or later CPU. This will generate a separate toolchain and a separate package folder, e.g. mips_24kc_nomips16 Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
* build: fix high cpu usage / hang in prereq-build.mkFelix Fietkau2017-03-181-1/+0
| | | | | | host-build.mk should not be included for prereq Signed-off-by: Felix Fietkau <nbd@nbd.name>
* kernel: speed up build system by getting rid of redundant workFelix Fietkau2017-03-161-1/+3
| | | | | | | | | KERNELRELEASE contains a $(shell) call which is evaluated over and over again. The call to checksyscalls.sh is unnecessary for LEDE and also takes a few seconds to complete. Signed-off-by: Felix Fietkau <nbd@nbd.name>
* build: improve performance by avoiding lazy-eval for make shell callsFelix Fietkau2017-03-162-3/+3
| | | | | | | Avoids lots of redundant calls to mkhash on things like package/kernel/linux Signed-off-by: Felix Fietkau <nbd@nbd.name>
* image.mk: force kernel rebuild on every runFelix Fietkau2017-03-131-2/+2
| | | | | | | DTS dependencies are not processed correctly so makes it safer against poentially stale builds Signed-off-by: Felix Fietkau <nbd@nbd.name>
* kernel: update kernel 4.4 to 4.4.53Hauke Mehrtens2017-03-121-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: update kernel 4.9 to 4.9.14Hauke Mehrtens2017-03-121-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* build: make NETGEAR_REGION optional in netgear-chkJoseph C. Lehner2017-03-121-1/+1
| | | | | | | This patch makes specifying NETGEAR_REGION optional, in which case mkchkimage will default to region 1 (WW). Signed-off-by: Joseph C. Lehner <joseph.c.lehner@gmail.com>