aboutsummaryrefslogtreecommitdiffstats
path: root/target/linux/generic
Commit message (Collapse)AuthorAgeFilesLines
* kernel: bump 4.14 to 4.14.99Koen Vandeputte2019-02-141-8/+8
| | | | | | | | | | | | Refreshed all patches. Remove upstreamed: - 950-0434-mmc-bcm2835-Recover-from-MMC_SEND_EXT_CSD.patch Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.9 to 4.9.156Koen Vandeputte2019-02-141-5/+5
| | | | | | | | | Refreshed all patches. Compile-tested on: ar7 Runtime-tested on: none Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: enable CONFIG_BPF_JIT by defaultTony Ambardar2019-02-113-3/+3
| | | | | | | | | | | | | | | | | | Enable the built-in BPF JIT compiler for all 4.9, 4.14 and 4.19 kernels, which should speed up cBPF and eBPF-based packet filtering (tc, iptables) and packet sniffing (libpcap, tcpdump, fwknopd, etc). This has minimal kernel size impact, increasing the size of uImage-lzma (normally ~2 MB on mips_24kc or mips64el_mips64) by 5 KB for the MIPS32 arch cBPF JIT and by 9 KB for the MIPS64 arch eBPF JIT, on kernel 4.14. With JIT enabled (cBPF only), the standard BPF test module (test_bpf.ko) running on a DIR-835 (mips_24kc) used 33 CPU seconds, but 68 without JIT. This change aligns with the notion of OpenWRT as the network go-to swiss army knife for packet handling, especially on CPU-constrained platforms. Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
* kernel: fold xt_FLOWOFFLOAD fixes into the main patchFelix Fietkau2019-02-093-144/+37
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* netfilter: fix checking method of conntrack helperHsiuWen Yen2019-02-091-0/+51
| | | | | | | | | | | | | | | | This patch uses nfct_help() to detect whether an established connection needs conntrack helper instead of using test_bit(IPS_HELPER_BIT, &ct->status). The reason for this modification is that IPS_HELPER_BIT is only set when the conntrack helper is attached by explicit CT target. However, in the case that a device enables conntrack helper via the other ways (e.g., command "echo 1 > /proc/sys/net/netfilter/nf_conntrack_helper") , the status of IPS_HELPER_BIT will not present any change. That means the IPS_HELPER_BIT might lose the checking ability in the context. Signed-off-by: HsiuWen Yen <y.hsiuwen@gmail.com>
* kernel: add missing symbols to 4.19Petr Štetiar2019-02-081-0/+10
| | | | | | | | | | | | While preparing 4.19 for imx6 and test building it with CONFIG_ALL_KMODS=y with verbose mode enabled, I was asked by kernel config about few missing symbols/modules Let's add them to the generic config. Signed-off-by: Petr Štetiar <ynezz@true.cz> [slight rewrite of commit log] Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.19 to 4.19.20Koen Vandeputte2019-02-083-82/+8
| | | | | | | | | | | | | | | Refreshed all patches. Remove upstreamed: - 100-arm-cns3xxx-fix-writing-to-wrong-PCI-registers-after.patch Altered patches: - 721-phy_packets.patch Compile-tested on: imx6 Runtime-tested on: imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.98Koen Vandeputte2019-02-084-83/+9
| | | | | | | | | | | | | | | Refreshed all patches. Remove upstreamed: - 100-arm-cns3xxx-fix-writing-to-wrong-PCI-registers-after.patch Altered patches: - 721-phy_packets.patch Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.9 to 4.9.155Koen Vandeputte2019-02-085-84/+10
| | | | | | | | | | | | | | | Refreshed all patches. Remove upstreamed: - 100-arm-cns3xxx-fix-writing-to-wrong-PCI-registers-after.patch Altered patches: - 721-phy_packets.patch Compile-tested on: ar7 Runtime-tested on: none Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: rename symbol in kernel 4.19 configKoen Vandeputte2019-02-071-1/+1
| | | | | | | | A symbol was renamed upstream starting from kernel 4.18 [1] Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com> [1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v5.0-rc5&id=34b13e5e4641c0e9e0aad471a6d8dfb7999276f1
* kernel: bump 4.19 to 4.19.19Koen Vandeputte2019-02-015-93/+5
| | | | | | | | | | | | Refreshed all patches. Remove upstreamed patch: - 800-v5.0-usb-leds-fix-regression-in-usbport-led-trigger.patch Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.97Koen Vandeputte2019-02-015-13/+15
| | | | | | | | | | | | Refreshed all patches. Adapted patches: - 012-kbuild-add-macro-for-controlling-warnings-to-linux-c.patch Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.9 to 4.9.154Koen Vandeputte2019-02-016-12/+14
| | | | | | | | | | | | Refreshed all patches. Adapted patches: - 012-kbuild-add-macro-for-controlling-warnings-to-linux-c.patch Compile-tested on: ar7 Runtime-tested on: none Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: Add missing config option for kernel 4.14Hauke Mehrtens2019-01-281-0/+1
| | | | | | | | | | | | | Kernel 4.14.96 got the new configuration option CIFS_ALLOW_INSECURE_LEGACY which allows to deactivate support for old and insecure SMB versions like 1.0 and 2.0. Still allow these old SMB version and fix build problems which occurred because this option was not defined. This was found by build bot. Fixes: 3662157d8bed ("kernel: bump 4.14 to 4.14.96") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: bump 4.19 to 4.19.18Koen Vandeputte2019-01-2812-95/+20
| | | | | | | | | | | | | | | | Refreshed all patches. Removed upstreamed: - 031-v5.0-MIPS-BCM47XX-Setup-struct-device-for-the-SoC.patch - 142-jffs2-Fix-use-of-uninitialized-delayed_work-lockdep-.patch Removed upstreamed hunk in: - 800-bcma-get-SoC-device-struct-copy-its-DMA-params-to-th.patch Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* cns3xxx: use actual size reads for PCIe (4.19)Koen Vandeputte2019-01-281-0/+46
| | | | | | | | | | | | | | | | | | | | | upstream commit 802b7c06adc7 ("ARM: cns3xxx: Convert PCI to use generic config accessors") reimplemented cns3xxx_pci_read_config() using pci_generic_config_read32(), which preserved the property of only doing 32-bit reads. It also replaced cns3xxx_pci_write_config() with pci_generic_config_write(), so it changed writes from always being 32 bits to being the actual size, which works just fine. Due to: - The documentation does not mention that only 32 bit access is allowed. - Writes are already executed using the actual size - Extensive testing shows that 8b, 16b and 32b reads work as intended It makes perfectly sense to also swap 32 bit reading in favor of actual size. also backport this patch to kernel 4.19 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.96Koen Vandeputte2019-01-2810-75/+13
| | | | | | | | | | | | Refreshed all patches. Remove upstreamed patches: - 142-jffs2-Fix-use-of-uninitialized-delayed_work-lockdep-.patch Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.9 to 4.9.153Koen Vandeputte2019-01-289-13/+13
| | | | | | | | | Refreshed all patches. Compile-tested on: ar7 Runtime-tested on: none Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 3.18 to 3.18.133Koen Vandeputte2019-01-286-8/+8
| | | | | | | | | Refreshed all patches. Compile-tested on: adm5120 Runtime-tested on: none Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: Build: Split kmod-regmapHauke Mehrtens2019-01-274-38/+21
| | | | | | | | | | | | | | | | | | | | | | | This reduces the needed modifications to the mainline Linux kernel and also makes the regmap package work with an out of tree kernel which does not have these modifications. The regmap-core is only added when it is really build as a module. The regmap-core is normally bool so it cannot be built as a module in an unmodified kernel. When it is selected by on other kernel module it will always be selected as build in and it also does not show up in $(LINUX_DIR)/modules.builtin as it is not supposed to be a kernel module. When it is not in $(LINUX_DIR)/modules.builtin the build system expects it to be built as a .ko file. Just check if the module is really there and only add it in that case. This splits the regmap package into multiple packages, one for each bus type. This way only the bus maps which are really needed have to be added. This also splits the I2C, SPI and MMIO regmap into separate packages to not require all these subsystems to build them, on an unmodified upstream kernel this also causes problems in some situations. Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
* kernel: fix sdhci-msm build errorJo-Philipp Wich2019-01-251-0/+23
| | | | | | | | | | | | | | | | | | | | | | A missing upstream stable backport leads to the following build error: CC drivers/mmc/host/sdhci-msm.o drivers/mmc/host/sdhci-msm.c:1158:3: error: 'const struct sdhci_ops' has no member named 'write_w' .write_w = sdhci_msm_write_w, ^~~~~~~ drivers/mmc/host/sdhci-msm.c:1158:13: warning: excess elements in struct initializer .write_w = sdhci_msm_write_w, ^~~~~~~~~~~~~~~~~ drivers/mmc/host/sdhci-msm.c:1158:13: note: (near initialization for 'sdhci_msm_ops') scripts/Makefile.build:326: recipe for target 'drivers/mmc/host/sdhci-msm.o' failed Solve the issue by backporting commit 99d570da30 ("mmc: Kconfig: Enable CONFIG_MMC_SDHCI_IO_ACCESSORS") from linux-stable. Ref: https://github.com/openwrt/openwrt/commit/528508ae8b33c76deaf18f313973144a7e920678#commitcomment-32049231 Fixes: 528508ae8b ("kernel: bump 4.14 to 4.14.95") Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* kernel: 4.19: use upstream usbport led trigger fixChristian Lamparter2019-01-242-79/+91
| | | | | | | This patch replaces the current hack with a better version of the RFC patch has been accepted upstream. Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* kernel: N_BADCLASS: fix macro to actually work - class e supportKevin Darbyshire-Bryant2019-01-193-3/+3
| | | | | | | | | | | | | | | | | | | Backport upstream patch: Commit 65cab850f0ee ("net: Allow class-e address assignment via ifconfig ioctl") modified the IN_BADCLASS macro a bit, but unfortunatly one too many '(' characters were added to the line, making any code that used it, not build properly. Also, the macro now compares an unsigned with a signed value, which isn't ok, so fix that up by making both types match properly. Reported-by: Christopher Ferris <cferris@google.com> Fixes: 65cab850f0ee ("net: Allow class-e address assignment via ifconfig ioctl") Cc: Dave Taht <dave.taht@gmail.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* kernel: add DT binding support to the Edimax uImage parserMathias Kresin2019-01-191-0/+10
| | | | | | It allows specifying those parsers directly in the DT. Signed-off-by: Mathias Kresin <dev@kresin.me>
* kernel: remove upstreamed patch from 4.19Stijn Tintel2019-01-171-89/+0
| | | | | | | | | | This patch applies cleanly, so it doesn't cause errors while rebasing patches. It results in redifinition of inode_still_linked, causing build to fail when ubifs is enabled. Drop the patch. Fixes: a37098a2d013 ("kernel: bump 4.19 to 4.19.16") Reported-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn> Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: drop old symbol from 4.19Stijn Tintel2019-01-171-1/+0
| | | | | | CONFIG_LIRC_STAGING was removed in kernel 4.16. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: bump 4.19 to 4.19.16Stijn Tintel2019-01-1729-409/+75
| | | | | | | | | | | | | | | | | Refresh patches. Remove upstreamed patches: - backport/096-mips-math-emu-Write-protect-delay-slot-emulation-pages.patch - backport/096-v4.20-netfilter-ipv6-Preserve-link-scope-traffic-original-.patch - backport/424-v4.20-net-dsa-fix-88e6060-roaming.patch - hack/100-mtd-rawnand-qcom-fix-memory-corruption-that-causes-p.patch - pending/510-f2fs-fix-sanity_check_raw_super-on-big-endian-machines.patch Update patch that no longer applies: - backport/343-netfilter-nft_flow_offload-handle-netdevice-events-f.patch Compile-tested: mesongx Runtime-tested: mesongx Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: bump 4.9 to 4.9.150Koen Vandeputte2019-01-1613-158/+35
| | | | | | | | | | | | | | | Refreshed all patches. Remove upstreamed: - 096-mips-math-emu-Write-protect-delay-slot-emulation-pages.patch Altered patches: - 024-7-net-reorganize-struct-sock-for-better-data-locality.patch Compile-tested on: ar7 Runtime-tested on: none Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 3.18 to 3.18.132Koen Vandeputte2019-01-162-4/+4
| | | | | | | | | Refreshed all patches. Compile-tested: adm5120 Runtime-tested: none Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.93Stijn Tintel2019-01-1414-206/+31
| | | | | | | | | | | | | Refresh patches. Remove upstreamed patches: - backport/096-mips-math-emu-Write-protect-delay-slot-emulation-pages.patch - pending/510-f2fs-fix-sanity_check_raw_super-on-big-endian-machines.patch - brcm2708/950-0415-qmi_wwan-apply-SET_DTR-quirk-to-the-SIMCOM-shared-de.patch Compile-tested: ar71xx, ath79, brcm2708/bcm27{08,10}, octeon, x86/64 Runtime-tested: ar71xx, ath79, brcm2708/bcm27{08,10}, octeon, x86/64 Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel/modules: Add missing config optionHauke Mehrtens2019-01-131-0/+1
| | | | | | | | This configuration option was added in kernel 4.15 and is missing in the kernel 4.19 configuration. Fixes: ed2839ac419 ("kernel/modules: add kmod-pmbus-zl6100 module") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: MIPS: Add CPU option reporting to /proc/cpuinfoHauke Mehrtens2019-01-133-0/+416
| | | | | | | | | | | Many MIPS CPUs have optional CPU features which are not activates for all CPU cores. Print the CPU options which are implemented in the core in /proc/cpuinfo. This makes it possible to see what features are supported and which are not supported. This should cover all standard MIPS extensions, before it only printed information about the main MIPS ASEs. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel/modules: Fix build of kmod-pmbusHauke Mehrtens2019-01-131-1/+1
| | | | | | | | This fixes two build problems introduced with the recently added new kernel module package. Fixes: ed2839ac4190 ("kernel/modules: add kmod-pmbus-zl6100 module") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* generic: ar8216: ar8327: kill warningsChuanhong Guo2019-01-131-3/+3
| | | | | | This fixed warnings caused by returning value in a void function Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
* kernel/modules: add kmod-pmbus-zl6100 modulePawel Dembicki2019-01-134-0/+56
| | | | | | | | | | | | This patch adds the kmod packaging for the Intersil / Zilker Labs ZL6100 and compatible digital DC-DC controllers as well as the core kernel module for the Power Management Bus. Add: kmod-pmbus-core kmod-pmbus-zl6100 Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
* x86: Refresh kernel 4.14 configurationHauke Mehrtens2019-01-121-0/+1
| | | | | | | | | | | | This refreshes the kernel configuration for kernel 4.14. First this was run for the legacy target: make kernel_oldconfig Then for all targets including the legacy target this was run: make kernel_oldconfig CONFIG_TARGET=subtarget The option CONFIG_104_QUAD_8 was added to the generic configuration because it would have been automatically removed. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: add bcma fix for subdevices DMA parametersRafał Miłecki2019-01-111-0/+80
| | | | | | This fixes bgmac DMA allocations with kernel 4.19. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* kernel: backport bcma patches that improve printing functionsRafał Miłecki2019-01-104-0/+470
| | | | | | | Updated printing functions use dev_* helpers to provide more meaningful messages. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* cns3xxx: use actual size reads for PCIeKoen Vandeputte2019-01-072-0/+102
| | | | | | | | | | | | | | | | | | | upstream commit 802b7c06adc7 ("ARM: cns3xxx: Convert PCI to use generic config accessors") reimplemented cns3xxx_pci_read_config() using pci_generic_config_read32(), which preserved the property of only doing 32-bit reads. It also replaced cns3xxx_pci_write_config() with pci_generic_config_write(), so it changed writes from always being 32 bits to being the actual size, which works just fine. Due to: - The documentation does not mention that only 32 bit access is allowed. - Writes are already executed using the actual size - Extensive testing shows that 8b, 16b and 32b reads work as intended It makes perfectly sense to also swap 32 bit reading in favor of actual size. Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.91Koen Vandeputte2019-01-072-90/+1
| | | | | | | | | | | | Refreshed all patches. Removed upstreamed: - 500-ubifs-Handle-re-linking-of-inodes-correctly-while-re.patch Compile-tested on: ar71xx, cns3xxx, imx6 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.9 to 4.9.148Koen Vandeputte2019-01-074-56/+8
| | | | | | | | | | | | | | | Refreshed all patches. Altered patches: - 902-debloat_proc.patch Removed upstreamed: - 424-v4.20-net-dsa-fix-88e6060-roaming.patch Compile-tested on: ar7 Runtime-tested on: none Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 3.18 to 3.18.131Koen Vandeputte2019-01-072-6/+7
| | | | | | | | | | | | Refreshed all patches. Altered patches: - 902-debloat_proc.patch Compile-tested on: adm5120 Runtime-tested on: none Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: mtd: add support for EN25QH64 in spi-nor.cRoger Pueyo Centelles2019-01-022-0/+20
| | | | | | | | | | The Eon EN25QH64 is a 64 Mbit SPI NOR flash memory chip. Its 32, 128 and 256 Mbits siblings are supported upstream but this particular size wasn't. This commit includes patches for kernels 4.14 and 4.19. Tested on a COMFAST CF-E120A v3 (ath79). Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
* kernel: Add missing symbols to 4.19Christian Lamparter2019-01-011-0/+1
| | | | | | Tested with apm82181 and ipq40xx minimal image versions. Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* kernel: fix f2fs on big endian machinesChristian Lamparter2018-12-292-0/+100
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The WD MyBook Live SquashFS images didn't work anymore due to a upstream regression in f2fs commit: 0cfe75c5b01199 ("f2fs: enhance sanity_check_raw_super() to avoid potential overflows") that got backported to 4.14.86 and landed in 4.18. by Martin Blumenstingl: |Treat "block_count" from struct f2fs_super_block as 64-bit little endian |value in sanity_check_raw_super() because struct f2fs_super_block |declares "block_count" as "__le64". | |This fixes a bug where the superblock validation fails on big endian |devices with the following error: | F2FS-fs (sda1): Wrong segment_count / block_count (61439 > 0) | F2FS-fs (sda1): Can't find valid F2FS filesystem in 1th superblock | F2FS-fs (sda1): Wrong segment_count / block_count (61439 > 0) | F2FS-fs (sda1): Can't find valid F2FS filesystem in 2th superblock |As result of this the partition cannot be mounted. | |With this patch applied the superblock validation works fine and the |partition can be mounted again: | F2FS-fs (sda1): Mounted with checkpoint version = 7c84 | |My little endian x86-64 hardware was able to mount the partition without |this fix. |To confirm that mounting f2fs filesystems works on big endian machines |again I tested this on a 32-bit MIPS big endian (lantiq) device. Hopefully, this will do until Martin's patch moved through upstream to -stable. Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* kernel: 4.19: fix usbport led trigger regressionChristian Lamparter2018-12-271-0/+84
| | | | | | | | | | | | | |In the patch "usb: simplify usbport trigger" together with |"leds: triggers: add device attribute support" caused an |regression for the usbport trigger. it will no longer |enumerate any "ports" (i.e the sysfs directory stays empty) |if the usb host drivers are fully initialized before the |usbport trigger was loaded. <https://marc.info/?l=linux-usb&m=154577101631079> Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* ipq40xx/ipq806x: 4.19: fix qcom-nandc panic on bootChristian Lamparter2018-12-271-0/+83
| | | | | | | This patch fixes the crash that occures on rawnand device. <https://patchwork.ozlabs.org/patch/1017933/> Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* kernel: Fix KERNEL_STACKPROTECTOR on kernel 4.19Hauke Mehrtens2018-12-261-4/+2
| | | | | | | | | | | | The configuration option was renamed with kernel 4.19 from CONFIG_CC_STACKPROTECTOR to CONFIG_STACKPROTECTOR adapt the code to set both options. CONFIG_STACKPROTECTOR now sets the regular stack protector and CONFIG_STACKPROTECTOR_STRONG activates the additional protection of more functions. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: Add compiler options to generic configurationHauke Mehrtens2018-12-261-0/+6
| | | | | | | | With kernel 4.19 new configuration options for the compiler were added. These are automatically selected and set, instead of having them in each target configuration, put them into the generic configuration. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: MIPS: math-emu Write-protect delay slot emulation pagesKevin Darbyshire-Bryant2018-12-243-0/+357
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Backport https://git.kernel.org/pub/scm/linux/kernel/git/mips/linux.git/commit/?id=adcc81f148d733b7e8e641300c5590a2cdc13bf3 "Mapping the delay slot emulation page as both writeable & executable presents a security risk, in that if an exploit can write to & jump into the page then it can be used as an easy way to execute arbitrary code. Prevent this by mapping the page read-only for userland, and using access_process_vm() with the FOLL_FORCE flag to write to it from mips_dsemul(). This will likely be less efficient due to copy_to_user_page() performing cache maintenance on a whole page, rather than a single line as in the previous use of flush_cache_sigtramp(). However this delay slot emulation code ought not to be running in any performance critical paths anyway so this isn't really a problem, and we can probably do better in copy_to_user_page() anyway in future. A major advantage of this approach is that the fix is small & simple to backport to stable kernels. Reported-by: Andy Lutomirski <luto@kernel.org> Signed-off-by: Paul Burton <paul.burton@mips.com> Fixes: 432c6bacbd0c ("MIPS: Use per-mm page to execute branch delay slot instructions")" Without patch: cat /proc/self/maps 00400000-0047a000 r-xp 00000000 1f:03 1823 /bin/busybox 00489000-0048a000 r-xp 00079000 1f:03 1823 /bin/busybox 0048a000-0048b000 rwxp 0007a000 1f:03 1823 /bin/busybox 77ec8000-77eed000 r-xp 00000000 1f:03 2296 /lib/libgcc_s.so.1 77eed000-77eee000 rwxp 00015000 1f:03 2296 /lib/libgcc_s.so.1 77eee000-77f81000 r-xp 00000000 1f:03 2470 /lib/libc.so 77f90000-77f92000 rwxp 00092000 1f:03 2470 /lib/libc.so 77f92000-77f94000 rwxp 00000000 00:00 0 7f946000-7f967000 rw-p 00000000 00:00 0 [stack] 7fefb000-7fefc000 rwxp 00000000 00:00 0 7ffac000-7ffad000 r--p 00000000 00:00 0 [vvar] 7ffad000-7ffae000 r-xp 00000000 00:00 0 [vdso] Patch applied: cat /proc/self/maps 00400000-0047a000 r-xp 00000000 1f:03 1825 /bin/busybox 00489000-0048a000 r-xp 00079000 1f:03 1825 /bin/busybox 0048a000-0048b000 rwxp 0007a000 1f:03 1825 /bin/busybox 77ed0000-77ef5000 r-xp 00000000 1f:03 2298 /lib/libgcc_s.so.1 77ef5000-77ef6000 rwxp 00015000 1f:03 2298 /lib/libgcc_s.so.1 77ef6000-77f89000 r-xp 00000000 1f:03 2474 /lib/libc.so 77f98000-77f9a000 rwxp 00092000 1f:03 2474 /lib/libc.so 77f9a000-77f9c000 rwxp 00000000 00:00 0 7fbed000-7fc0e000 rw-p 00000000 00:00 0 [stack] 7fefb000-7fefc000 r-xp 00000000 00:00 0 7fff6000-7fff7000 r--p 00000000 00:00 0 [vvar] 7fff7000-7fff8000 r-xp 00000000 00:00 0 [vdso] Note lack of write permission to 7fefb000-7fefc000 Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>