From 22b9f99b87fa1ff991180cabf02dd04d1bddce2b Mon Sep 17 00:00:00 2001
From: Stijn Tintel <stijn@linux-ipv6.be>
Date: Tue, 31 Jul 2018 05:11:07 +0300
Subject: kernel: bump 4.14 to 4.14.59

Drop patch that was superseded upstream:
ramips/0036-mtd-fix-cfi-cmdset-0002-erase-status-check.patch

Drop upstreamed patches:
- apm821xx/020-0001-crypto-crypto4xx-remove-bad-list_del.patch
- apm821xx/020-0011-crypto-crypto4xx-fix-crypto4xx_build_pdr-crypto4xx_b.patch
- ath79/0011-MIPS-ath79-fix-register-address-in-ath79_ddr_wb_flus.patch
- brcm63xx/001-4.15-08-bcm63xx_enet-correct-clock-usage.patch
- brcm63xx/001-4.15-09-bcm63xx_enet-do-not-write-to-random-DMA-channel-on-B.patch
- generic/backport/080-net-convert-sock.sk_wmem_alloc-from-atomic_t-to-refc.patch
- generic/pending/170-usb-dwc2-Fix-DMA-alignment-to-start-at-allocated-boun.patch
- generic/pending/900-gen_stats-fix-netlink-stats-padding.patch

In 4.14.55, a patch was introduced that breaks ext4 images in some
cases. The newly introduced patch
backport-4.14/500-ext4-fix-check-to-prevent-initializing-reserved-inod.patch
addresses this breakage.

Fixes the following CVEs:
- CVE-2018-10876
- CVE-2018-10877
- CVE-2018-10879
- CVE-2018-10880
- CVE-2018-10881
- CVE-2018-10882
- CVE-2018-10883

Compile-tested: ath79, octeon, x86/64
Runtime-tested: ath79, octeon, x86/64

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
---
 ...to4xx-fix-crypto4xx_build_pdr-crypto4xx_b.patch | 84 ----------------------
 1 file changed, 84 deletions(-)
 delete mode 100644 target/linux/apm821xx/patches-4.14/020-0011-crypto-crypto4xx-fix-crypto4xx_build_pdr-crypto4xx_b.patch

(limited to 'target/linux/apm821xx/patches-4.14/020-0011-crypto-crypto4xx-fix-crypto4xx_build_pdr-crypto4xx_b.patch')

diff --git a/target/linux/apm821xx/patches-4.14/020-0011-crypto-crypto4xx-fix-crypto4xx_build_pdr-crypto4xx_b.patch b/target/linux/apm821xx/patches-4.14/020-0011-crypto-crypto4xx-fix-crypto4xx_build_pdr-crypto4xx_b.patch
deleted file mode 100644
index 837fbdc547..0000000000
--- a/target/linux/apm821xx/patches-4.14/020-0011-crypto-crypto4xx-fix-crypto4xx_build_pdr-crypto4xx_b.patch
+++ /dev/null
@@ -1,84 +0,0 @@
-From 5d59ad6eea82ef8df92b4109615a0dde9d8093e9 Mon Sep 17 00:00:00 2001
-From: Christian Lamparter <chunkeey@googlemail.com>
-Date: Fri, 25 Aug 2017 15:47:24 +0200
-Subject: [PATCH 11/25] crypto: crypto4xx - fix crypto4xx_build_pdr,
- crypto4xx_build_sdr leak
-
-If one of the later memory allocations in rypto4xx_build_pdr()
-fails: dev->pdr (and/or) dev->pdr_uinfo wouldn't be freed.
-
-crypto4xx_build_sdr() has the same issue with dev->sdr.
-
-Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
-Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
----
- drivers/crypto/amcc/crypto4xx_core.c | 17 +++++++++--------
- 1 file changed, 9 insertions(+), 8 deletions(-)
-
---- a/drivers/crypto/amcc/crypto4xx_core.c
-+++ b/drivers/crypto/amcc/crypto4xx_core.c
-@@ -209,7 +209,7 @@ static u32 crypto4xx_build_pdr(struct cr
- 				  dev->pdr_pa);
- 		return -ENOMEM;
- 	}
--	memset(dev->pdr, 0,  sizeof(struct ce_pd) * PPC4XX_NUM_PD);
-+	memset(dev->pdr, 0, sizeof(struct ce_pd) * PPC4XX_NUM_PD);
- 	dev->shadow_sa_pool = dma_alloc_coherent(dev->core_dev->device,
- 				   256 * PPC4XX_NUM_PD,
- 				   &dev->shadow_sa_pool_pa,
-@@ -242,13 +242,15 @@ static u32 crypto4xx_build_pdr(struct cr
- 
- static void crypto4xx_destroy_pdr(struct crypto4xx_device *dev)
- {
--	if (dev->pdr != NULL)
-+	if (dev->pdr)
- 		dma_free_coherent(dev->core_dev->device,
- 				  sizeof(struct ce_pd) * PPC4XX_NUM_PD,
- 				  dev->pdr, dev->pdr_pa);
-+
- 	if (dev->shadow_sa_pool)
- 		dma_free_coherent(dev->core_dev->device, 256 * PPC4XX_NUM_PD,
- 				  dev->shadow_sa_pool, dev->shadow_sa_pool_pa);
-+
- 	if (dev->shadow_sr_pool)
- 		dma_free_coherent(dev->core_dev->device,
- 			sizeof(struct sa_state_record) * PPC4XX_NUM_PD,
-@@ -417,12 +419,12 @@ static u32 crypto4xx_build_sdr(struct cr
- 
- static void crypto4xx_destroy_sdr(struct crypto4xx_device *dev)
- {
--	if (dev->sdr != NULL)
-+	if (dev->sdr)
- 		dma_free_coherent(dev->core_dev->device,
- 				  sizeof(struct ce_sd) * PPC4XX_NUM_SD,
- 				  dev->sdr, dev->sdr_pa);
- 
--	if (dev->scatter_buffer_va != NULL)
-+	if (dev->scatter_buffer_va)
- 		dma_free_coherent(dev->core_dev->device,
- 				  PPC4XX_SD_BUFFER_SIZE * PPC4XX_NUM_SD,
- 				  dev->scatter_buffer_va,
-@@ -1223,7 +1225,7 @@ static int crypto4xx_probe(struct platfo
- 
- 	rc = crypto4xx_build_gdr(core_dev->dev);
- 	if (rc)
--		goto err_build_gdr;
-+		goto err_build_pdr;
- 
- 	rc = crypto4xx_build_sdr(core_dev->dev);
- 	if (rc)
-@@ -1266,12 +1268,11 @@ err_iomap:
- err_request_irq:
- 	irq_dispose_mapping(core_dev->irq);
- 	tasklet_kill(&core_dev->tasklet);
--	crypto4xx_destroy_sdr(core_dev->dev);
- err_build_sdr:
-+	crypto4xx_destroy_sdr(core_dev->dev);
- 	crypto4xx_destroy_gdr(core_dev->dev);
--err_build_gdr:
--	crypto4xx_destroy_pdr(core_dev->dev);
- err_build_pdr:
-+	crypto4xx_destroy_pdr(core_dev->dev);
- 	kfree(core_dev->dev);
- err_alloc_dev:
- 	kfree(core_dev);
-- 
cgit v1.2.3