| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
In 4.14.57, a new symbol for Spectre v4 mitigation was introduced for
ARM64. Add this symbol to all ARM64 targets using kernel 4.14.
This mitigates CVE-2018-3639 on ARM64.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Drop patch that was superseded upstream:
ramips/0036-mtd-fix-cfi-cmdset-0002-erase-status-check.patch
Drop upstreamed patches:
- apm821xx/020-0001-crypto-crypto4xx-remove-bad-list_del.patch
- apm821xx/020-0011-crypto-crypto4xx-fix-crypto4xx_build_pdr-crypto4xx_b.patch
- ath79/0011-MIPS-ath79-fix-register-address-in-ath79_ddr_wb_flus.patch
- brcm63xx/001-4.15-08-bcm63xx_enet-correct-clock-usage.patch
- brcm63xx/001-4.15-09-bcm63xx_enet-do-not-write-to-random-DMA-channel-on-B.patch
- generic/backport/080-net-convert-sock.sk_wmem_alloc-from-atomic_t-to-refc.patch
- generic/pending/170-usb-dwc2-Fix-DMA-alignment-to-start-at-allocated-boun.patch
- generic/pending/900-gen_stats-fix-netlink-stats-padding.patch
In 4.14.55, a patch was introduced that breaks ext4 images in some
cases. The newly introduced patch
backport-4.14/500-ext4-fix-check-to-prevent-initializing-reserved-inod.patch
addresses this breakage.
Fixes the following CVEs:
- CVE-2018-10876
- CVE-2018-10877
- CVE-2018-10879
- CVE-2018-10880
- CVE-2018-10881
- CVE-2018-10882
- CVE-2018-10883
Compile-tested: ath79, octeon, x86/64
Runtime-tested: ath79, octeon, x86/64
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
|
|
|
|
|
|
|
|
|
| |
Drop the parallel-unsafe custom Build/dtb macro and use the .dtb artifacts
produced by the generic image build code.
Also remove unused .dtb references in the mt7623 subtarget.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a new config option to allow to select the default compile
optimization level for the kernel.
Select the optimization for size by default if the small_flash feature is
set. Otherwise "Optimize for performance" is set.
Add the small_flash feature flag to all (sub)targets which had the
optimization for size in their default kernel config.
Remove CC_OPTIMIZE_FOR_* symbols from all kernel configs to apply the new
setting.
Exceptions to the above are:
- lantiq, where the optimization for size is only required for the
xway_legacy subtarget but was set for the whole target
- mediatek, ramips/mt7620 & ramips/mt76x8 where boards should have
plenty of space and an optimization for size doesn't make much sense
- rb532, which has 128MByte flash
Signed-off-by: Mathias Kresin <dev@kresin.me>
|
|
|
|
|
|
|
|
|
|
| |
The changed applied to BananaPi R2 in upstream commit c0b0d540db1a,
which was backported to 4.14 in 4.14.53, is also required for the U7623.
Without updating the memory node, the board refuses to boot.
Fixes: d0839e020d0a ("kernel: bump 4.14 to 4.14.53")
Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
CONFIG_USB_MTU3 is not visible for the mediatek target by default, but
only when CONFIG_USB_GADGET is set. This will config option will be
remove with when running "make kernel_oldconfig", move this option to
the generic config to prevent this.
This fixes the build of the mt7623 subtarget of the mediatek target.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches
Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches
Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.
To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
Refresh patches.
Remove patch that can be reverse applied:
mvebu/patches-4.14/530-ATA-ahci_mvebu-enable-stop_engine-override.patch
mvebu/patches-4.14/531-ATA-ahci_mvebu-pmp-stop-errata-226.patch
Update patch that no longer applied:
ipq806x/patches-4.14/0035-clk-mux-Split-out-register-accessors-for-reuse.patch
Compiled-tested-for: lantiq, ramips
Run-tested-on: lantiq BT hh5a, ramips MIR3g
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Tested-by: Michael Yartys <michael.yartys@protonmail.com>
Tested-by: Rosen Penev <rosenp@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit adds support for the MT7623A-based UniElec U7623-02 router,
with eMMC storage and 512MB RAM. The router can be delivered with NAND
Flash and more memory, but I only have access to the one configuration.
The DTS is structured in such a way that adding support for
more/different storage/memory should be straight forward.
The device has the following specifications:
* MT7623A (quad-core, 1.3 GHz)
* 512MB RAM (DDR3)
* 8GB storage (eMMC 4.5)
* 2x normal miniPCIe slots
* 1x miniPCIe slot that is connected via an internal USB OTG port
* 5x 1Gbps Ethernet (MT7530 switch)
* 1x UART header
* 1x USB 3.0 port
* 1x SATA 3.0
* 1x 40P*0.5mm FPC for MIPI LCD
* 1x SIM slot
* 12x LEDs (2 GPIO controlled)
* 1x reset button
* 1x DC jack for main power (12V)
The following has been tested and is working:
* Ethernet switch
* miniPCIe slots (tested with Wi-Fi cards)
* USB 3.0 port
* sysupgrade
* reset button
Not working:
* The miniPCIe connected via USB OTG. For the port to work, some MUSB
glue must be added. I am currently in the process of porting the glue
from the vendor SDK.
Not tested:
* SATA 3.0
* MIPI LCD
Installation:
The board ships with u-boot, and the first installation needs to be done
via the bootloader using tftp. Step number one is to update the MBR of
the eMMC, as the one that ships with the device is broken. Since the
device can ship with different storage sizes, I will not provide the
exact steps for creating a valid MBR. However, I have made some
assumptions about the disk layout - there must be one 8MB recovery
partition (FAT32) and a partition for the rootfs (Linux).
The board loads the kernel from block 0xA00 (2560) and I have reserved
32MB for the kernel (65536 blocks). I have aligned the partitions on the
erase block size (4096 byte), so the recovery partition must start on
block 69632 and end on 86016 (16385 sectors). The rootfs is assumed to
start on sector 90112.
In order to install the mbr, you run the following commands from the
u-boot command line:
* tftpboot ${loadaddr} <name of mbr file>
* mmc device 0
* mmc write ${loadaddr} 0x00 1
Run the following commands to install + boot OpenWRT:
* tftpboot ${loadaddr} openwrt-mediatek-mt7623-7623a-unielec-u7623-02-emmc-512m-squashfs-sysupgrade-emmc.bin.gz
* run boot_wr_img
* run boot_rd_img
* bootm
Recovery:
In order to recover the router, you need to follow the installation
steps above (no need to replace MBR).
Notes:
* F2FS is used as the overlay filesystem.
* The device does not ship with any valid MAC address, so a random
address has to be generated. As a work-around, I write the initial
random MAC to a file on the recovery partition. The MAC of the WAN
interface is set to the MAC-address contained in this file on each boot,
and the address of the LAN-interfaces are WAN + 1. The MAC file is kept
across sysupgrade/firstboot.
My approach is slightly different than what the stock image does. The
first fives bytes of the MAC addresses in the stock image are static,
and then the last byte is random. I believe it is better to create fully
random MAC addresses.
* In order to support the miniPCIe-slots, I needed to add missing
pcie-nodes to mt7623.dtsi. The nodes are just c&p from the upstream
dtsi.
* One of the USB3.0 phys (u3phy2) on the board can be used as either USB
or PCI, and one of the wifi-cards is connected to this phy. In order to
support switching the phy from USB to PCI, I needed to patch the
phy-driver. The patch is based on a rejected (at least last time I
checked) PCI-driver submitted to the linux-mediatek mailing list.
* The eMMC is configured to boot from the user area, and according to
the data sheet of the eMMC this value can't be changed.
* I tried to structure the MBR more nicely and use for example a
FAT32-parition for the kernel, so that we don't need to write/read from
some offset. The bootloader does not support reading from
FAT32-paritions. While the command (fatload) is there, it just throws an
error when I try to use it.
* I will submit and hope to get the DTS for the device accepted
upstream. If and when that happens, I will update the patches
accordingly.
Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
zram.ko needs CONFIG_BLK_DEV activated and it is by default for all
other targets in OpenWrt.
This makes zram.ko compile again.
Compile tested only.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Neon and vfpv4 are mandatory extensions in the ARM64 instruction set
now, do not activate them explicitly. GCC will make use of these
extension now by default.
This makes it possible to share the toolchain with other Cortex A53
SoCs.
Compile tested only.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove upstreamed patches:
generic/pending/101-clocksource-mips-gic-timer-fix-clocksource-counter-w.patch
generic/pending/103-MIPS-c-r4k-fix-data-corruption-related-to-cache-coherence.patch
generic/pending/182-net-qmi_wwan-add-BroadMobi-BM806U-2020-2033.patch
lantiq/0025-MIPS-lantiq-gphy-Remove-reboot-remove-reset-asserts.patch
Update patches that no longer apply:
generic/pending/811-pci_disable_usb_common_quirks.patch
ath79/0009-MIPS-ath79-add-lots-of-missing-registers.patch
Fixes CVE-2018-6412.
Compile-tested: octeon, x86/64.
Runtime-tested: octeon, x86/64.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refresh patches.
Remove upstreamed patch:
generic/pending/181-net-usb-add-lte-modem-wistron-neweb-d18q1.patch
Update patches that no longer applies:
generic/hack/901-debloat_sock_diag.patch
Compile-tested on: x86/64.
Runtime-tested on: x86/64.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
|
|
|
|
| |
Signed-off-by: John Crispin <john@phrozen.org>
|
|
|
|
| |
Signed-off-by: John Crispin <john@phrozen.org>
|
|
|
|
| |
Signed-off-by: John Crispin <john@phrozen.org>
|
|
|
|
| |
Signed-off-by: John Crispin <john@phrozen.org>
|
|
|
|
|
|
|
|
| |
THIN_ARCHIVES option is enabled by default in the kernel configuration
and no one target config disables it. So enable it by default and remove
this symbol from target specific configs to keep them light.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
|
|
|
|
|
|
|
|
|
| |
New FUTEX_PI configuration symbol enabled if FUTEX and RT_MUTEX symbols
are enabled. Both of these symbols are enabled by default in the
generic config, so enable FUTEX_PI by default too to keep platform
specific configs minimal.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
|
|
|
|
|
|
|
|
| |
OVERLAY_FS config symbol selects EXPORTFS since 4.12 kernel, we have
OVERLAY_FS enabled by default, so enable EXPORTFS in the generic config
of 4.14 and remove this option from platform specific configs.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
|
|
|
|
|
|
|
| |
DRM_LIB_RANDOM config symbol selected only by DRM_DEBUG_MM_SELFTEST
which is disable by default, so disable DRM_LIB_RANDOM by default too.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
|
|
|
|
|
|
|
| |
These options do not used by any supported arch, so disable them by
default to make arch configs a bit more clean.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
|
|
|
|
|
|
|
|
| |
Only one arch (x86_64) enables this option. So disable
ARCH_WANTS_THP_SWAP by default and remove referencies to it from all
configs (except x86_64) to make them clean.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6
Fixes for CVEs:
CVE-2018-1108
CVE-2018-1092
CVE-2018-1094
CVE-2018-1095
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Tested-by: Stijn Segers <foss@volatilesystems.org>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 5555545494c876adedf4f0038db49c1d85527e78.
The target supports both NEON and VFPv4, but for this to work properly,
a few more changes are needed:
- enable NEON support in the kernel config
- add the fpu feature flag to the makefile
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The following patches are now included upstream:
* 0052-MIPS-lantiq-fix-usb-clocks.patch
* 0053-MIPS-lantiq-enable-AHB-Bus-for-USB.patch
* 0060-lantiq-ase-enable-MFD-SYSCON.patch
Closes: FS#1466
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Stijn Segers <foss@volatilesystems.org>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Right patch version this time, sorry!
* Patch 180-usb-xhci-add-support-for-performing-fake-doorbell.patch had to be adjusted slightly because of upstream adapted code.
* Refreshed patches.
Compile-tested: ramips/mt7621, x86/64
Run-tested: ramips/mt7621, x86/64
Signed-off-by: Stijn Segers <foss@volatilesystems.org>
Tested-by: Rosen Penev <rosenp@gmail.com>
|
|
|
|
|
|
| |
compile/test target mvebu/rango
Signed-off-by: Kabuli Chana <newtownBuild@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch bumps the 4.14 kernel to .23.
- Refreshed patches.
- Deleted bcm53xx/patches-4.14/089-PCI-iproc-Fix-NULL-pointer-dereference-for-BCMA.patch. Has been accepted upstream.
- Deleted generic/pending-4.14/821-usb-Remove-annoying-warning-about-bogus-URB.patch. The upstream URB code was changed,
the patch no longer applies. I discussed this with the patch author and removed it for now, we'll see how it goes.
Compile-tested on: ramips/mt7621, x86/64
Run-tested on: ramips/mt7621, x86/64
Signed-off-by: Stijn Segers <foss@volatilesystems.org>
|
|
|
|
|
|
|
| |
This is deactivated in all targets using the DSA switch driver with
kernel 4.14.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
|
|
|
| |
This caused v4.14.20 based builds so fail on mediatek.
Fixes: 6112abf186bf ("kernel: enable CONFIG_USB_PCI for PCI usb modules").
Signed-off-by: Mathias Kresin <dev@kresin.me>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refresh patches.
Remove upstreamed patches:
- backport/080-v4.15-0001-arch-define-weak-abort.patch
- backport/081-v4.15-0002-kernel-exit.c-export-abort-to-modules.patch
Update patch that no longer applies:
pending/493-ubi-set-ROOT_DEV-to-ubiblock-rootfs-if-unset.patch
Fixes CVE-2017-8824.
Compile-tested: octeon, x86/64.
Runtime-tested: octeon, x86/64.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
|
|
|
|
|
|
|
|
|
|
| |
Calling nand_do_upgrade() from platform_pre_upgrade() was deprecated
with 30f61a34b4cf ("base-files: always use staged sysupgrade").
Update the platform upgrade code to use platform_do_upgrade() for NAND
images as well.
Signed-off-by: Mathias Kresin <dev@kresin.me>
|
|
|
|
|
|
| |
These cause mediatek arm to fail full builds
Signed-off-by: John Crispin <john@phrozen.org>
|
|
|
|
|
|
|
| |
This drops support for all the !emmc EVB and adds banannaPi-R2
Also drop mtkhnat until the nftables offoad driver is ready
Signed-off-by: John Crispin <john@phrozen.org>
|
|
|
|
| |
Signed-off-by: John Crispin <john@phrozen.org>
|
|
|
|
|
|
|
|
| |
This reverts commit 3594447a7d0398c55ea78f658b52b7d8084ae9f9.
This causes the userland to not come up properly
Signed-off-by: John Crispin <john@phrozen.org>
|
|
|
|
|
|
|
|
|
|
|
| |
The arm CPUs uses in the supported Mediatket SoCs have a FPU accordingly
to the datasheet, activate it also. The CPU subtype "neon-vfpv4" is
selected, but the toolcahin generated for this SoC will still be
compiled with soft float and not with the hard float ABI as we haven't
the fpu feature flag set. If this toolchain is reused by other targets
this will even affect other targets.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
|
|
|
|
| |
Refresh patches.
Runtime tested: ar71xx - Archer C7 v2
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Removed upstreamed parts.
Compile-tested: cns3xxx, imx6, mvebu, layerscape
Run-tested: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refresh patches.
Compile-tested for ar71xx - Archer C7 v2
Runtime-tested on ar71xx - Archer C7 v2
Fixes the following CVEs:
- CVE-2017-7518
- CVE-2017-0786
- CVE-2017-1000255
- CVE-2017-12188
- CVE-2017-15265
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
|
|
|
|
|
|
| |
this sometimes happens when we have hw nat enabled.
Signed-off-by: John Crispin <john@phrozen.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refresh patches.
Remove upstreamed patches:
- ramips/0067-enable-mt7621-xhci.patch
- ramips/0085-pinmux-util.patch
- ramips/301-fix-rt3883.patch
Compile-tested on brcm2708/bcm2708, octeon, ramips/mt7621, x86/64.
Runtime-tested on brcm2708/bcm2708, octeon, ramips/mt7621, x86/64.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refresh patches.
Compile-tested on octeon and x86/64.
Runtime-tested on octeon and x86/64.
Fixes the following CVEs:
- CVE-2017-14106
- CVE-2017-14497
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refresh patches.
Compile-tested on ipq8065/nbg6817 and x86/64.
Runtime-tested on ipq8065/nbg6817 and x86/64.
Fixes CVE-2017-1000251.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
[adapt qcom_nandc.c patches to match upstream changes, test ipq8065/nbg6817]
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
|
|
|
|
|
|
|
|
|
|
| |
Refresh patches.
Compile-tested on octeon and x86/64.
Runtime-tested on octeon and x86/64.
Fixes CVE-2017-11600.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
|