From 22b9f99b87fa1ff991180cabf02dd04d1bddce2b Mon Sep 17 00:00:00 2001 From: Stijn Tintel Date: Tue, 31 Jul 2018 05:11:07 +0300 Subject: kernel: bump 4.14 to 4.14.59 Drop patch that was superseded upstream: ramips/0036-mtd-fix-cfi-cmdset-0002-erase-status-check.patch Drop upstreamed patches: - apm821xx/020-0001-crypto-crypto4xx-remove-bad-list_del.patch - apm821xx/020-0011-crypto-crypto4xx-fix-crypto4xx_build_pdr-crypto4xx_b.patch - ath79/0011-MIPS-ath79-fix-register-address-in-ath79_ddr_wb_flus.patch - brcm63xx/001-4.15-08-bcm63xx_enet-correct-clock-usage.patch - brcm63xx/001-4.15-09-bcm63xx_enet-do-not-write-to-random-DMA-channel-on-B.patch - generic/backport/080-net-convert-sock.sk_wmem_alloc-from-atomic_t-to-refc.patch - generic/pending/170-usb-dwc2-Fix-DMA-alignment-to-start-at-allocated-boun.patch - generic/pending/900-gen_stats-fix-netlink-stats-padding.patch In 4.14.55, a patch was introduced that breaks ext4 images in some cases. The newly introduced patch backport-4.14/500-ext4-fix-check-to-prevent-initializing-reserved-inod.patch addresses this breakage. Fixes the following CVEs: - CVE-2018-10876 - CVE-2018-10877 - CVE-2018-10879 - CVE-2018-10880 - CVE-2018-10881 - CVE-2018-10882 - CVE-2018-10883 Compile-tested: ath79, octeon, x86/64 Runtime-tested: ath79, octeon, x86/64 Signed-off-by: Stijn Tintel --- .../pending-4.14/610-netfilter_match_bypass_default_checks.patch | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'target/linux/generic/pending-4.14/610-netfilter_match_bypass_default_checks.patch') diff --git a/target/linux/generic/pending-4.14/610-netfilter_match_bypass_default_checks.patch b/target/linux/generic/pending-4.14/610-netfilter_match_bypass_default_checks.patch index 3611879609..2541230ff5 100644 --- a/target/linux/generic/pending-4.14/610-netfilter_match_bypass_default_checks.patch +++ b/target/linux/generic/pending-4.14/610-netfilter_match_bypass_default_checks.patch @@ -68,7 +68,7 @@ Signed-off-by: Felix Fietkau if (!xt_percpu_counter_alloc(alloc_state, &e->counters)) return -ENOMEM; -@@ -817,6 +845,7 @@ copy_entries_to_user(unsigned int total_ +@@ -818,6 +846,7 @@ copy_entries_to_user(unsigned int total_ const struct xt_table_info *private = table->private; int ret = 0; const void *loc_cpu_entry; @@ -76,7 +76,7 @@ Signed-off-by: Felix Fietkau counters = alloc_counters(table); if (IS_ERR(counters)) -@@ -844,6 +873,14 @@ copy_entries_to_user(unsigned int total_ +@@ -845,6 +874,14 @@ copy_entries_to_user(unsigned int total_ goto free_counters; } @@ -91,7 +91,7 @@ Signed-off-by: Felix Fietkau for (i = sizeof(struct ipt_entry); i < e->target_offset; i += m->u.match_size) { -@@ -1226,12 +1263,15 @@ compat_copy_entry_to_user(struct ipt_ent +@@ -1227,12 +1264,15 @@ compat_copy_entry_to_user(struct ipt_ent compat_uint_t origsize; const struct xt_entry_match *ematch; int ret = 0; -- cgit v1.2.3