Refreshed all patches.
Altered patches:
- 306-v4.16-netfilter-remove-saveroute-indirection-in-struct-nf_.patch
Remove upstreamed:
- 505-arm64-dts-marvell-Fix-A37xx-UART0-register-size
Fixes:
- CVE-2019-13648
- CVE-2019-10207
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
LINUX_RELEASE?=1
LINUX_VERSION-4.9 = .187
-LINUX_VERSION-4.14 = .134
+LINUX_VERSION-4.14 = .136
LINUX_KERNEL_HASH-4.9.187 = 014bcd042cd25e073539c17bd34c616a936b19787a9c6a4c35d36a4f28afd1c7
-LINUX_KERNEL_HASH-4.14.134 = 0b21e7b5effd92303a551b5be2380c9703d6fb87cfe5189fe0d795cc73903d2d
+LINUX_KERNEL_HASH-4.14.136 = 268dff959216e59437a8f9db7c2cea3a1ada8a4c72232dc5b7f83ecca12bdf70
remove_uri_prefix=$(subst git://,,$(subst http://,,$(subst https://,,$(1))))
sanitize_uri=$(call qstrip,$(subst @,_,$(subst :,_,$(subst .,_,$(subst -,_,$(subst /,_,$(1)))))))
net->nf.proc_netfilter = proc_net_mkdir(net, "netfilter",
--- a/net/netfilter/nf_queue.c
+++ b/net/netfilter/nf_queue.c
-@@ -202,6 +202,23 @@ repeat:
+@@ -206,6 +206,23 @@ repeat:
return NF_ACCEPT;
}
/* Caller must hold rcu read-side lock */
void nf_reinject(struct nf_queue_entry *entry, unsigned int verdict)
{
-@@ -217,12 +234,12 @@ void nf_reinject(struct nf_queue_entry *
+@@ -221,12 +238,12 @@ void nf_reinject(struct nf_queue_entry *
net = entry->state.net;
pf = entry->state.pf;
#endif
--- a/net/netfilter/nf_queue.c
+++ b/net/netfilter/nf_queue.c
-@@ -205,8 +205,10 @@ repeat:
+@@ -209,8 +209,10 @@ repeat:
static struct nf_hook_entries *nf_hook_entries_head(const struct net *net, u8 pf, u8 hooknum)
{
switch (pf) {
static int __nf_queue(struct sk_buff *skb, const struct nf_hook_state *state,
const struct nf_hook_entries *entries,
unsigned int index, unsigned int queuenum)
-@@ -144,7 +175,16 @@ static int __nf_queue(struct sk_buff *sk
+@@ -148,7 +179,16 @@ static int __nf_queue(struct sk_buff *sk
+ };
nf_queue_entry_get_refs(entry);
- skb_dst_force(skb);
- afinfo->saveroute(skb, entry);
+
+ switch (entry->state.pf) {
--- a/net/netfilter/nf_queue.c
+++ b/net/netfilter/nf_queue.c
-@@ -267,7 +267,6 @@ void nf_reinject(struct nf_queue_entry *
+@@ -271,7 +271,6 @@ void nf_reinject(struct nf_queue_entry *
const struct nf_hook_entry *hook_entry;
const struct nf_hook_entries *hooks;
struct sk_buff *skb = entry->skb;
const struct net *net;
unsigned int i;
int err;
-@@ -294,8 +293,7 @@ void nf_reinject(struct nf_queue_entry *
+@@ -298,8 +297,7 @@ void nf_reinject(struct nf_queue_entry *
verdict = nf_hook_entry_hookfn(hook_entry, skb, &entry->state);
if (verdict == NF_ACCEPT) {
if (!entry) {
status = -ENOMEM;
goto err;
-@@ -170,7 +180,7 @@ static int __nf_queue(struct sk_buff *sk
+@@ -175,7 +185,7 @@ static int __nf_queue(struct sk_buff *sk
.skb = skb,
.state = *state,
.hook_index = index,
--- a/Makefile
+++ b/Makefile
-@@ -1239,7 +1239,6 @@ all: modules
+@@ -1240,7 +1240,6 @@ all: modules
PHONY += modules
modules: $(vmlinux-dirs) $(if $(KBUILD_BUILTIN),vmlinux) modules.builtin
@$(kecho) ' Building modules, stage 2.';
$(Q)$(MAKE) -f $(srctree)/scripts/Makefile.modpost
-@@ -1268,7 +1267,6 @@ _modinst_:
+@@ -1269,7 +1268,6 @@ _modinst_:
rm -f $(MODLIB)/build ; \
ln -s $(CURDIR) $(MODLIB)/build ; \
fi
# Read KERNELRELEASE from include/config/kernel.release (if it exists)
KERNELRELEASE = $(shell cat include/config/kernel.release 2> /dev/null)
KERNELVERSION = $(VERSION)$(if $(PATCHLEVEL),.$(PATCHLEVEL)$(if $(SUBLEVEL),.$(SUBLEVEL)))$(EXTRAVERSION)
-@@ -787,11 +792,6 @@ ifdef CONFIG_DEBUG_SECTION_MISMATCH
+@@ -788,11 +793,6 @@ ifdef CONFIG_DEBUG_SECTION_MISMATCH
KBUILD_CFLAGS += $(call cc-option, -fno-inline-functions-called-once)
endif
#include <linux/mutex.h>
#include <linux/err.h>
#include <linux/of.h>
-@@ -2926,3 +2927,5 @@ static int __init regmap_initcall(void)
+@@ -2928,3 +2929,5 @@ static int __init regmap_initcall(void)
return 0;
}
postcore_initcall(regmap_initcall);
--- a/drivers/net/phy/phy_device.c
+++ b/drivers/net/phy/phy_device.c
-@@ -1455,6 +1455,9 @@ int genphy_update_link(struct phy_device
+@@ -1461,6 +1461,9 @@ int genphy_update_link(struct phy_device
{
int status;
if (!root_irq_dir)
--- a/kernel/time/timer_list.c
+++ b/kernel/time/timer_list.c
-@@ -389,6 +389,9 @@ static int __init init_timer_list_procfs
+@@ -390,6 +390,9 @@ static int __init init_timer_list_procfs
{
struct proc_dir_entry *pe;
#include <uapi/linux/dma-buf.h>
-@@ -1205,4 +1206,5 @@ static void __exit dma_buf_deinit(void)
+@@ -1206,4 +1207,5 @@ static void __exit dma_buf_deinit(void)
{
dma_buf_uninit_debugfs();
}
--- a/Makefile
+++ b/Makefile
-@@ -654,12 +654,12 @@ KBUILD_CFLAGS += $(call cc-disable-warni
+@@ -655,12 +655,12 @@ KBUILD_CFLAGS += $(call cc-disable-warni
KBUILD_CFLAGS += $(call cc-disable-warning, attribute-alias)
ifdef CONFIG_CC_OPTIMIZE_FOR_SIZE
static int absolute_percpu = 0;
static char symbol_prefix_char = '\0';
static int base_relative = 0;
-@@ -458,6 +459,9 @@ static void write_src(void)
+@@ -461,6 +462,9 @@ static void write_src(void)
free(markers);
output_label("kallsyms_token_table");
off = 0;
for (i = 0; i < 256; i++) {
-@@ -516,6 +520,9 @@ static void *find_token(unsigned char *s
+@@ -519,6 +523,9 @@ static void *find_token(unsigned char *s
{
int i;
for (i = 0; i < len - 1; i++) {
if (str[i] == token[0] && str[i+1] == token[1])
return &str[i];
-@@ -588,6 +595,9 @@ static void optimize_result(void)
+@@ -591,6 +598,9 @@ static void optimize_result(void)
{
int i, best;
/* using the '\0' symbol last allows compress_symbols to use standard
* fast string functions */
for (i = 255; i >= 0; i--) {
-@@ -776,6 +786,8 @@ int main(int argc, char **argv)
+@@ -779,6 +789,8 @@ int main(int argc, char **argv)
symbol_prefix_char = *p;
} else if (strcmp(argv[i], "--base-relative") == 0)
base_relative = 1;
--- a/drivers/net/phy/phy_device.c
+++ b/drivers/net/phy/phy_device.c
-@@ -1099,6 +1099,9 @@ void phy_detach(struct phy_device *phyde
+@@ -1105,6 +1105,9 @@ void phy_detach(struct phy_device *phyde
struct module *ndev_owner = dev->dev.parent->driver->owner;
struct mii_bus *bus;
static struct amd_chipset_info {
struct pci_dev *nb_dev;
struct pci_dev *smbus_dev;
-@@ -620,6 +622,10 @@ bool usb_amd_pt_check_port(struct device
+@@ -627,6 +629,10 @@ bool usb_amd_pt_check_port(struct device
}
EXPORT_SYMBOL_GPL(usb_amd_pt_check_port);
/*
* Make sure the controller is completely inactive, unable to
* generate interrupts or do DMA.
-@@ -699,8 +705,17 @@ reset_needed:
+@@ -706,8 +712,17 @@ reset_needed:
uhci_reset_hc(pdev, base);
return 1;
}
static inline int io_type_enabled(struct pci_dev *pdev, unsigned int mask)
{
u16 cmd;
-@@ -1287,3 +1302,4 @@ bool usb_xhci_needs_pci_reset(struct pci
+@@ -1294,3 +1309,4 @@ bool usb_xhci_needs_pci_reset(struct pci
return false;
}
EXPORT_SYMBOL_GPL(usb_xhci_needs_pci_reset);
--- a/drivers/net/phy/phy_device.c
+++ b/drivers/net/phy/phy_device.c
-@@ -1937,7 +1937,7 @@ static struct phy_driver genphy_driver =
+@@ -1943,7 +1943,7 @@ static struct phy_driver genphy_driver =
.config_init = genphy_config_init,
.features = PHY_GBIT_FEATURES | SUPPORTED_MII |
SUPPORTED_AUI | SUPPORTED_FIBRE |
--- a/drivers/net/phy/sfp.c
+++ b/drivers/net/phy/sfp.c
-@@ -264,6 +264,184 @@ static unsigned int sfp_check(void *buf,
+@@ -265,6 +265,184 @@ static unsigned int sfp_check(void *buf,
return check;
}
/* Helpers */
static void sfp_module_tx_disable(struct sfp *sfp)
{
-@@ -432,6 +610,7 @@ static int sfp_sm_mod_probe(struct sfp *
+@@ -433,6 +611,7 @@ static int sfp_sm_mod_probe(struct sfp *
char sn[17];
char date[9];
char rev[5];
u8 check;
int err;
-@@ -475,10 +654,83 @@ static int sfp_sm_mod_probe(struct sfp *
+@@ -476,10 +655,83 @@ static int sfp_sm_mod_probe(struct sfp *
rev[4] = '\0';
memcpy(sn, sfp->id.ext.vendor_sn, 16);
sn[16] = '\0';
--- a/drivers/net/phy/sfp.c
+++ b/drivers/net/phy/sfp.c
-@@ -1164,6 +1164,7 @@ static int sfp_remove(struct platform_de
+@@ -1168,6 +1168,7 @@ static int sfp_remove(struct platform_de
static const struct of_device_id sfp_of_match[] = {
{ .compatible = "sff,sfp", },
--- a/drivers/net/phy/sfp.c
+++ b/drivers/net/phy/sfp.c
-@@ -505,7 +505,7 @@ static void sfp_sm_phy_detach(struct sfp
+@@ -506,7 +506,7 @@ static void sfp_sm_phy_detach(struct sfp
sfp->mod_phy = NULL;
}
{
struct phy_device *phy;
int err;
-@@ -515,11 +515,11 @@ static void sfp_sm_probe_phy(struct sfp
+@@ -516,11 +516,11 @@ static void sfp_sm_probe_phy(struct sfp
phy = mdiobus_scan(sfp->i2c_mii, SFP_PHY_ADDR);
if (phy == ERR_PTR(-ENODEV)) {
dev_info(sfp->dev, "no PHY detected\n");
}
err = sfp_add_phy(sfp->sfp_bus, phy);
-@@ -527,11 +527,13 @@ static void sfp_sm_probe_phy(struct sfp
+@@ -528,11 +528,13 @@ static void sfp_sm_probe_phy(struct sfp
phy_device_remove(phy);
phy_device_free(phy);
dev_err(sfp->dev, "sfp_add_phy failed: %d\n", err);
}
static void sfp_sm_link_up(struct sfp *sfp)
-@@ -577,14 +579,9 @@ static void sfp_sm_fault(struct sfp *sfp
+@@ -578,14 +580,9 @@ static void sfp_sm_fault(struct sfp *sfp
static void sfp_sm_mod_init(struct sfp *sfp)
{
/* Setting the serdes link mode is guesswork: there's no
* field in the EEPROM which indicates what mode should
-@@ -598,7 +595,22 @@ static void sfp_sm_mod_init(struct sfp *
+@@ -599,7 +596,22 @@ static void sfp_sm_mod_init(struct sfp *
if (sfp->id.base.e1000_base_t ||
sfp->id.base.e100_base_lx ||
sfp->id.base.e100_base_fx)
+++ /dev/null
-From c737abc193d16e62e23e2fb585b8b7398ab380d8 Mon Sep 17 00:00:00 2001
-From: allen yan <yanwei@marvell.com>
-Date: Thu, 7 Sep 2017 15:04:53 +0200
-Subject: arm64: dts: marvell: Fix A37xx UART0 register size
-
-Armada-37xx UART0 registers are 0x200 bytes wide. Right next to them are
-the UART1 registers that should not be declared in this node.
-
-Update the example in DT bindings document accordingly.
-
-Signed-off-by: allen yan <yanwei@marvell.com>
-Signed-off-by: Miquel Raynal <miquel.raynal@free-electrons.com>
-Signed-off-by: Gregory CLEMENT <gregory.clement@free-electrons.com>
----
- Documentation/devicetree/bindings/serial/mvebu-uart.txt | 2 +-
- arch/arm64/boot/dts/marvell/armada-37xx.dtsi | 2 +-
- 2 files changed, 2 insertions(+), 2 deletions(-)
-
---- a/Documentation/devicetree/bindings/serial/mvebu-uart.txt
-+++ b/Documentation/devicetree/bindings/serial/mvebu-uart.txt
-@@ -8,6 +8,6 @@ Required properties:
- Example:
- serial@12000 {
- compatible = "marvell,armada-3700-uart";
-- reg = <0x12000 0x400>;
-+ reg = <0x12000 0x200>;
- interrupts = <43>;
- };
---- a/arch/arm64/boot/dts/marvell/armada-37xx.dtsi
-+++ b/arch/arm64/boot/dts/marvell/armada-37xx.dtsi
-@@ -134,7 +134,7 @@
-
- uart0: serial@12000 {
- compatible = "marvell,armada-3700-uart";
-- reg = <0x12000 0x400>;
-+ reg = <0x12000 0x200>;
- interrupts = <GIC_SPI 11 IRQ_TYPE_LEVEL_HIGH>;
- status = "disabled";
- };
projects / openwrt / staging / hauke.git / commitdiff