From 7dd822983b8728772e433c7718739b741c3d6de0 Mon Sep 17 00:00:00 2001 From: Koen Vandeputte Date: Wed, 14 Oct 2020 13:14:57 +0200 Subject: [PATCH] kernel: bump 4.14 to 4.14.201 Refreshed all patches. Fixes: - CVE-2020-14386 Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte --- include/kernel-version.mk | 4 ++-- .../950-0034-mm-Remove-the-PFN-busy-warning.patch | 2 +- ...ilter-nf_conntrack-add-IPS_OFFLOAD-status-bit.patch | 6 +++--- .../hack-4.14/700-swconfig_switch_drivers.patch | 2 +- ...alloc_node_mem_map-with-ARCH_PFN_OFFSET-calcu.patch | 2 +- .../generic/pending-4.14/630-packet_socket_type.patch | 8 ++++---- .../700-net-add-qualcomm-mdio-and-phy.patch | 2 +- .../202-core-linux-support-layerscape.patch | 2 +- .../patches-4.14/709-mdio-phy-support-layerscape.patch | 4 ++-- target/linux/uml/patches-4.14/101-mconsole-exec.patch | 10 +++++----- 10 files changed, 21 insertions(+), 21 deletions(-) diff --git a/include/kernel-version.mk b/include/kernel-version.mk index d894d865a8..67dec3c20e 100644 --- a/include/kernel-version.mk +++ b/include/kernel-version.mk @@ -6,9 +6,9 @@ ifdef CONFIG_TESTING_KERNEL KERNEL_PATCHVER:=$(KERNEL_TESTING_PATCHVER) endif -LINUX_VERSION-4.14 = .200 +LINUX_VERSION-4.14 = .201 -LINUX_KERNEL_HASH-4.14.200 = 5d404a0224a34b5379f1871cc46825487d557c2660459d2b5c3cd4871d699a38 +LINUX_KERNEL_HASH-4.14.201 = e228dc406c433df4d78c8e877230cc3899c1088c295de8f0d948fc766ae1235b remove_uri_prefix=$(subst git://,,$(subst http://,,$(subst https://,,$(1)))) sanitize_uri=$(call qstrip,$(subst @,_,$(subst :,_,$(subst .,_,$(subst -,_,$(subst /,_,$(1))))))) diff --git a/target/linux/brcm2708/patches-4.14/950-0034-mm-Remove-the-PFN-busy-warning.patch b/target/linux/brcm2708/patches-4.14/950-0034-mm-Remove-the-PFN-busy-warning.patch index 21a3d50dfa..d91a7301d2 100644 --- a/target/linux/brcm2708/patches-4.14/950-0034-mm-Remove-the-PFN-busy-warning.patch +++ b/target/linux/brcm2708/patches-4.14/950-0034-mm-Remove-the-PFN-busy-warning.patch @@ -14,7 +14,7 @@ Signed-off-by: Eric Anholt --- a/mm/page_alloc.c +++ b/mm/page_alloc.c -@@ -7626,8 +7626,6 @@ int alloc_contig_range(unsigned long sta +@@ -7629,8 +7629,6 @@ int alloc_contig_range(unsigned long sta /* Make sure the range is really isolated. */ if (test_pages_isolated(outer_start, end, false)) { diff --git a/target/linux/generic/backport-4.14/320-v4.16-netfilter-nf_conntrack-add-IPS_OFFLOAD-status-bit.patch b/target/linux/generic/backport-4.14/320-v4.16-netfilter-nf_conntrack-add-IPS_OFFLOAD-status-bit.patch index 885d632d22..6390cc4f2b 100644 --- a/target/linux/generic/backport-4.14/320-v4.16-netfilter-nf_conntrack-add-IPS_OFFLOAD-status-bit.patch +++ b/target/linux/generic/backport-4.14/320-v4.16-netfilter-nf_conntrack-add-IPS_OFFLOAD-status-bit.patch @@ -90,7 +90,7 @@ Signed-off-by: Pablo Neira Ayuso expired_count++; --- a/net/netfilter/nf_conntrack_netlink.c +++ b/net/netfilter/nf_conntrack_netlink.c -@@ -1123,6 +1123,14 @@ static const struct nla_policy ct_nla_po +@@ -1125,6 +1125,14 @@ static const struct nla_policy ct_nla_po .len = NF_CT_LABELS_MAX_SIZE }, }; @@ -105,7 +105,7 @@ Signed-off-by: Pablo Neira Ayuso static int ctnetlink_flush_conntrack(struct net *net, const struct nlattr * const cda[], u32 portid, int report) -@@ -1135,7 +1143,7 @@ static int ctnetlink_flush_conntrack(str +@@ -1137,7 +1145,7 @@ static int ctnetlink_flush_conntrack(str return PTR_ERR(filter); } @@ -114,7 +114,7 @@ Signed-off-by: Pablo Neira Ayuso portid, report); kfree(filter); -@@ -1181,6 +1189,11 @@ static int ctnetlink_del_conntrack(struc +@@ -1183,6 +1191,11 @@ static int ctnetlink_del_conntrack(struc ct = nf_ct_tuplehash_to_ctrack(h); diff --git a/target/linux/generic/hack-4.14/700-swconfig_switch_drivers.patch b/target/linux/generic/hack-4.14/700-swconfig_switch_drivers.patch index f9df475500..c49383e8a7 100644 --- a/target/linux/generic/hack-4.14/700-swconfig_switch_drivers.patch +++ b/target/linux/generic/hack-4.14/700-swconfig_switch_drivers.patch @@ -12,7 +12,7 @@ Signed-off-by: Felix Fietkau --- a/drivers/net/phy/Kconfig +++ b/drivers/net/phy/Kconfig -@@ -198,6 +198,89 @@ config LED_TRIGGER_PHY +@@ -199,6 +199,89 @@ config LED_TRIGGER_PHY Mbps or Gbps diff --git a/target/linux/generic/pending-4.14/120-Fix-alloc_node_mem_map-with-ARCH_PFN_OFFSET-calcu.patch b/target/linux/generic/pending-4.14/120-Fix-alloc_node_mem_map-with-ARCH_PFN_OFFSET-calcu.patch index 53b1a9a13c..c6f82991e1 100644 --- a/target/linux/generic/pending-4.14/120-Fix-alloc_node_mem_map-with-ARCH_PFN_OFFSET-calcu.patch +++ b/target/linux/generic/pending-4.14/120-Fix-alloc_node_mem_map-with-ARCH_PFN_OFFSET-calcu.patch @@ -71,7 +71,7 @@ Signed-off-by: Tobias Wolf --- a/mm/page_alloc.c +++ b/mm/page_alloc.c -@@ -6151,7 +6151,7 @@ static void __ref alloc_node_mem_map(str +@@ -6152,7 +6152,7 @@ static void __ref alloc_node_mem_map(str mem_map = NODE_DATA(0)->node_mem_map; #if defined(CONFIG_HAVE_MEMBLOCK_NODE_MAP) || defined(CONFIG_FLATMEM) if (page_to_pfn(mem_map) != pgdat->node_start_pfn) diff --git a/target/linux/generic/pending-4.14/630-packet_socket_type.patch b/target/linux/generic/pending-4.14/630-packet_socket_type.patch index 3640569213..e9b40b18c6 100644 --- a/target/linux/generic/pending-4.14/630-packet_socket_type.patch +++ b/target/linux/generic/pending-4.14/630-packet_socket_type.patch @@ -71,7 +71,7 @@ Signed-off-by: Felix Fietkau if (!net_eq(dev_net(dev), sock_net(sk))) goto drop; -@@ -2216,12 +2218,12 @@ static int tpacket_rcv(struct sk_buff *s +@@ -2217,12 +2219,12 @@ static int tpacket_rcv(struct sk_buff *s BUILD_BUG_ON(TPACKET_ALIGN(sizeof(*h.h2)) != 32); BUILD_BUG_ON(TPACKET_ALIGN(sizeof(*h.h3)) != 48); @@ -87,7 +87,7 @@ Signed-off-by: Felix Fietkau if (!net_eq(dev_net(dev), sock_net(sk))) goto drop; -@@ -3318,6 +3320,7 @@ static int packet_create(struct net *net +@@ -3325,6 +3327,7 @@ static int packet_create(struct net *net mutex_init(&po->pg_vec_lock); po->rollover = NULL; po->prot_hook.func = packet_rcv; @@ -95,7 +95,7 @@ Signed-off-by: Felix Fietkau if (sock->type == SOCK_PACKET) po->prot_hook.func = packet_rcv_spkt; -@@ -3940,6 +3943,16 @@ packet_setsockopt(struct socket *sock, i +@@ -3947,6 +3950,16 @@ packet_setsockopt(struct socket *sock, i po->xmit = val ? packet_direct_xmit : dev_queue_xmit; return 0; } @@ -112,7 +112,7 @@ Signed-off-by: Felix Fietkau default: return -ENOPROTOOPT; } -@@ -3992,6 +4005,13 @@ static int packet_getsockopt(struct sock +@@ -3999,6 +4012,13 @@ static int packet_getsockopt(struct sock case PACKET_VNET_HDR: val = po->has_vnet_hdr; break; diff --git a/target/linux/ipq40xx/patches-4.14/700-net-add-qualcomm-mdio-and-phy.patch b/target/linux/ipq40xx/patches-4.14/700-net-add-qualcomm-mdio-and-phy.patch index 00cfa3ab9b..a185653747 100644 --- a/target/linux/ipq40xx/patches-4.14/700-net-add-qualcomm-mdio-and-phy.patch +++ b/target/linux/ipq40xx/patches-4.14/700-net-add-qualcomm-mdio-and-phy.patch @@ -10,7 +10,7 @@ Subject: [PATCH 30/38] NET: add qualcomm mdio and PHY --- a/drivers/net/phy/Kconfig +++ b/drivers/net/phy/Kconfig -@@ -481,6 +481,20 @@ config XILINX_GMII2RGMII +@@ -482,6 +482,20 @@ config XILINX_GMII2RGMII the Reduced Gigabit Media Independent Interface(RGMII) between Ethernet physical media devices and the Gigabit Ethernet controller. diff --git a/target/linux/layerscape/patches-4.14/202-core-linux-support-layerscape.patch b/target/linux/layerscape/patches-4.14/202-core-linux-support-layerscape.patch index 2dd5b17603..90352580fd 100644 --- a/target/linux/layerscape/patches-4.14/202-core-linux-support-layerscape.patch +++ b/target/linux/layerscape/patches-4.14/202-core-linux-support-layerscape.patch @@ -623,7 +623,7 @@ Signed-off-by: Yangbo Lu EXPORT_SYMBOL(dma_noop_ops); --- a/mm/page_alloc.c +++ b/mm/page_alloc.c -@@ -4372,8 +4372,14 @@ void page_frag_free(void *addr) +@@ -4373,8 +4373,14 @@ void page_frag_free(void *addr) { struct page *page = virt_to_head_page(addr); diff --git a/target/linux/layerscape/patches-4.14/709-mdio-phy-support-layerscape.patch b/target/linux/layerscape/patches-4.14/709-mdio-phy-support-layerscape.patch index 17fe50cdd5..9eadf2bfda 100644 --- a/target/linux/layerscape/patches-4.14/709-mdio-phy-support-layerscape.patch +++ b/target/linux/layerscape/patches-4.14/709-mdio-phy-support-layerscape.patch @@ -70,7 +70,7 @@ Signed-off-by: Vladimir Oltean config MDIO_GPIO tristate "GPIO lib-based bitbanged MDIO buses" depends on MDIO_BITBANG && GPIOLIB -@@ -303,6 +321,16 @@ config AT803X_PHY +@@ -304,6 +322,16 @@ config AT803X_PHY ---help--- Currently supports the AT8030 and AT8035 model @@ -87,7 +87,7 @@ Signed-off-by: Vladimir Oltean config BCM63XX_PHY tristate "Broadcom 63xx SOCs internal PHY" depends on BCM63XX -@@ -385,6 +413,11 @@ config ICPLUS_PHY +@@ -386,6 +414,11 @@ config ICPLUS_PHY ---help--- Currently supports the IP175C and IP1001 PHYs. diff --git a/target/linux/uml/patches-4.14/101-mconsole-exec.patch b/target/linux/uml/patches-4.14/101-mconsole-exec.patch index 2acb519323..c775ccc691 100644 --- a/target/linux/uml/patches-4.14/101-mconsole-exec.patch +++ b/target/linux/uml/patches-4.14/101-mconsole-exec.patch @@ -153,7 +153,7 @@ int (*init)(struct subprocess_info *info, struct cred *new); --- a/kernel/umh.c +++ b/kernel/umh.c -@@ -25,6 +25,7 @@ +@@ -26,6 +26,7 @@ #include #include #include @@ -161,7 +161,7 @@ #include -@@ -70,6 +71,28 @@ static int call_usermodehelper_exec_asyn +@@ -71,6 +72,28 @@ static int call_usermodehelper_exec_asyn flush_signal_handlers(current, 1); spin_unlock_irq(¤t->sighand->siglock); @@ -188,9 +188,9 @@ + } + /* - * Our parent (unbound workqueue) runs with elevated scheduling - * priority. Avoid propagating that into the userspace child. -@@ -393,6 +416,20 @@ struct subprocess_info *call_usermodehel + * Initial kernel threads share ther FS with init, in order to + * get the init root directory. But we've now created a new +@@ -402,6 +425,20 @@ struct subprocess_info *call_usermodehel } EXPORT_SYMBOL(call_usermodehelper_setup); -- 2.30.2