| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Remove upstreamed:
- 0001-net-thunderx-workaround-BGX-TX-Underflow-issue.patch
- 600-ipv6-addrconf-call-ipv6_mc_up-for-non-Ethernet-inter.patch
Fixes:
- CVE-2020-8647
- CVE-2020-8648 (potentially)
- CVE-2020-8649
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: ipq40xx
Runtime-tested on: none
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
|
|
|
|
|
|
|
| |
Compaction is the only memory management component to form high order (larger
physically contiguous) memory blocks reliably. The page allocator relies on
compaction heavily and the lack of the feature can lead to unexpected OOM
killer invocations for high order memory requests. You shouldn't disable this
option unless there really is a strong reason for it.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Michal Hrusecky <michal.hrusecky@nic.cz>
|
|
|
|
|
|
|
|
|
|
| |
In 4.14.57, a new symbol for Spectre v4 mitigation was introduced for
ARM64. Add this symbol to all ARM64 targets using kernel 4.14.
This mitigates CVE-2018-3639 on ARM64.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 77e3e706ce0dfe653a28e088bdcf0acddead0091)
|
|
|
|
|
|
|
|
|
| |
THIN_ARCHIVES option is enabled by default in the kernel configuration
and no one target config disables it. So enable it by default and remove
this symbol from target specific configs to keep them light.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
(cherry picked from commit 67a3cdcbb05559549985a189eabaf2df92559ed7)
|
|
|
|
|
|
|
|
|
|
| |
New FUTEX_PI configuration symbol enabled if FUTEX and RT_MUTEX symbols
are enabled. Both of these symbols are enabled by default in the
generic config, so enable FUTEX_PI by default too to keep platform
specific configs minimal.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
(cherry picked from commit bdc2b58c4bccb50242af853dc80b50f9324b841c)
|
|
|
|
|
|
|
|
|
| |
OVERLAY_FS config symbol selects EXPORTFS since 4.12 kernel, we have
OVERLAY_FS enabled by default, so enable EXPORTFS in the generic config
of 4.14 and remove this option from platform specific configs.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
(cherry picked from commit a08b0d0c3149060f1585ad3ea2ea3edfde71bce4)
|
|
|
|
|
|
|
|
| |
DRM_LIB_RANDOM config symbol selected only by DRM_DEBUG_MM_SELFTEST
which is disable by default, so disable DRM_LIB_RANDOM by default too.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
(cherry picked from commit 978543a246c6badb5e5e1c2430211e01f005af27)
|
|
|
|
|
|
|
|
| |
These options do not used by any supported arch, so disable them by
default to make arch configs a bit more clean.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
(cherry picked from commit ead26e9db649a508ba93e7e8193ada70322620b1)
|
|
|
|
|
|
|
|
|
| |
Only one arch (x86_64) enables this option. So disable
ARCH_WANTS_THP_SWAP by default and remove referencies to it from all
configs (except x86_64) to make them clean.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
(cherry picked from commit f928c338ad6c8215a5fe280473e37786157a2d05)
|
|
|
|
|
|
|
| |
Add the executable permission to the files to ensure they run on
firstboot.
Signed-off-by: Mathias Kresin <dev@kresin.me>
|
|
|
|
|
|
| |
Enable the harden branch predictor for arm64 as it is recommend.
Signed-off-by: Mathias Kresin <dev@kresin.me>
|
|
|
|
|
|
|
| |
Use the generic board detection based on the device tree compatible
string instead of a target specific one.
Signed-off-by: Mathias Kresin <dev@kresin.me>
|
|
|
|
|
|
| |
Some of them break when building with all modules enabled
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Tim Harvey <tharvey@gateworks.com>
|
|
|
|
|
| |
Cc: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Tim Harvey <tharvey@gateworks.com>
|
|
|
|
|
| |
Cc: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Tim Harvey <tharvey@gateworks.com>
|
|
|
|
|
|
|
|
| |
You should not define CFLAGS for the toolchain as this will also leak
into other targets if they share the same toolchain.
Cc: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Tim Harvey <tharvey@gateworks.com>
|
|
|
|
|
|
|
| |
The CN80XX Boot firmware uses an embedded FAT12 filesystem. For some reason
busybox can't mount this unless its enabled static in the kernel.
Signed-off-by: Tim Harvey <tharvey@gateworks.com>
|
|
|
|
|
|
| |
The CN80XX XHCI is supported through PCI
Signed-off-by: Tim Harvey <tharvey@gateworks.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refresh patches.
Remove upstreamed patches:
- backport/080-v4.15-0001-arch-define-weak-abort.patch
- backport/081-v4.15-0002-kernel-exit.c-export-abort-to-modules.patch
Update patch that no longer applies:
pending/493-ubi-set-ROOT_DEV-to-ubiblock-rootfs-if-unset.patch
Fixes CVE-2017-8824.
Compile-tested: octeon, x86/64.
Runtime-tested: octeon, x86/64.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
|
|
The Cavium OCTEON TX is an ARM 64-bit SoC leveraging CPU cores and
periperhals from the Cavium ThunderX SoC.
This initial support provides a 4.14 kernel and kernel+initramfs that is
bootable on the Gateworks Newport GW630x as well as the Cavium sff8104
reference board.
Signed-off-by: Tim Harvey <tharvey@gateworks.com>
|