domenico/openwrt_NSS_ACW
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

kernel: bump 4.14 to 4.14.134

Browse Source 
Refreshed all patches.

Remove upstreamed:
- 049-v4.20-mips-remove-superfluous-check-for-linux.patch
- 303-MIPS-Fix-bounds-check-virt_addr_valid.patch

Fixes:
- CVE-2019-3846
- CVE-2019-3900

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
This commit is contained in:
Koen Vandeputte
2019-07-29 16:05:04 +02:00
parent 7228904092
commit 1d45ed1477
8 changed files with 12 additions and 99 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
target/linux/generic/backport-4.14/030-USB-serial-option-fix-dwm-158-3g-modem-interface.patch
View File

@@ -30,7 +30,7 @@ Signed-off-by: Johan Hovold <johan@kernel.org>
--- a/drivers/usb/serial/option.c
+++ b/drivers/usb/serial/option.c
@@ -1947,7 +1947,8 @@ static const struct usb_device_id option
@@ -1948,7 +1948,8 @@ static const struct usb_device_id option
{ USB_DEVICE_INTERFACE_CLASS(0x2001, 0x7d01, 0xff) }, /* D-Link DWM-156 (variant) */
{ USB_DEVICE_INTERFACE_CLASS(0x2001, 0x7d02, 0xff) },
{ USB_DEVICE_INTERFACE_CLASS(0x2001, 0x7d03, 0xff) },

47
target/linux/generic/backport-4.14/049-v4.20-mips-remove-superfluous-check-for-linux.patch
View File

@@ -1,47 +0,0 @@
From 1287533d3d95d5ad8b02773733044500b1be06bc Mon Sep 17 00:00:00 2001
From: Sean Young <sean@mess.org>
Date: Fri, 16 Nov 2018 16:09:39 +0000
Subject: MIPS: Remove superfluous check for __linux__
When building BPF code using "clang -target bpf -c", clang does not
define __linux__.
To build BPF IR decoders the include linux/lirc.h is needed which
includes linux/types.h. Currently this workaround is needed:
https://git.linuxtv.org/v4l-utils.git/commit/?id=dd3ff81f58c4e1e6f33765dc61ad33c48ae6bb07
This check might otherwise be useful to stop users from using a non-linux
compiler, but if you're doing that you are going to have a lot more
trouble anyway.
Signed-off-by: Sean Young <sean@mess.org>
Signed-off-by: Paul Burton <paul.burton@mips.com>
Patchwork: https://patchwork.linux-mips.org/patch/21149/
Cc: Ralf Baechle <ralf@linux-mips.org>
Cc: James Hogan <jhogan@kernel.org>
Cc: linux-mips@linux-mips.org
Cc: linux-kernel@vger.kernel.org
---
arch/mips/include/uapi/asm/sgidefs.h | 8 --------
1 file changed, 8 deletions(-)
(limited to 'arch/mips/include/uapi/asm/sgidefs.h')
--- a/arch/mips/include/uapi/asm/sgidefs.h
+++ b/arch/mips/include/uapi/asm/sgidefs.h
@@ -12,14 +12,6 @@
#define __ASM_SGIDEFS_H
/*
- * Using a Linux compiler for building Linux seems logic but not to
- * everybody.
- */
-#ifndef __linux__
-#error Use a Linux compiler or give up.
-#endif
-
-/*
* Definitions for the ISA levels
*
* With the introduction of MIPS32 / MIPS64 instruction sets definitions

11
target/linux/generic/hack-4.14/645-netfilter-connmark-introduce-savedscp.patch
View File

@@ -49,8 +49,6 @@ Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
net/netfilter/xt_connmark.c | 21 ++++++++++++++++++++-
2 files changed, 22 insertions(+), 2 deletions(-)
diff --git a/include/uapi/linux/netfilter/xt_connmark.h b/include/uapi/linux/netfilter/xt_connmark.h
index 408a9654f05c..e63ad3c89b92 100644
--- a/include/uapi/linux/netfilter/xt_connmark.h
+++ b/include/uapi/linux/netfilter/xt_connmark.h
@@ -16,7 +16,8 @@
@@ -63,11 +61,9 @@ index 408a9654f05c..e63ad3c89b92 100644
};
struct xt_connmark_tginfo1 {
diff --git a/net/netfilter/xt_connmark.c b/net/netfilter/xt_connmark.c
index ec377cc6a369..aa5bcea8f9ba 100644
--- a/net/netfilter/xt_connmark.c
+++ b/net/netfilter/xt_connmark.c
@@ -42,6 +42,7 @@ connmark_tg(struct sk_buff *skb, const struct xt_action_param *par)
@@ -42,6 +42,7 @@ connmark_tg(struct sk_buff *skb, const s
enum ip_conntrack_info ctinfo;
struct nf_conn *ct;
u_int32_t newmark;
@@ -75,7 +71,7 @@ index ec377cc6a369..aa5bcea8f9ba 100644
ct = nf_ct_get(skb, &ctinfo);
if (ct == NULL)
@@ -57,7 +58,25 @@ connmark_tg(struct sk_buff *skb, const struct xt_action_param *par)
@@ -57,7 +58,25 @@ connmark_tg(struct sk_buff *skb, const s
break;
case XT_CONNMARK_SAVE:
newmark = (ct->mark & ~info->ctmask) ^
@@ -102,6 +98,3 @@ index ec377cc6a369..aa5bcea8f9ba 100644
if (ct->mark != newmark) {
ct->mark = newmark;
nf_conntrack_event_cache(IPCT_MARK, ct);
--
2.20.1 (Apple Git-117)

33
target/linux/generic/pending-4.14/303-MIPS-Fix-bounds-check-virt_addr_valid.patch
View File

@@ -1,33 +0,0 @@
From 415e0feec4f927af0059f72a6831f6c5a104f0fc Mon Sep 17 00:00:00 2001
From: Hauke Mehrtens <hauke@hauke-m.de>
Date: Mon, 17 Jun 2019 00:13:08 +0200
Subject: [PATCH] MIPS: Fix bounds check virt_addr_valid
The bounds check used the uninitialized variable vaddr, it should use
the given parameter kaddr instead. When using the uninitialized value
the compiler assumed it to be 0 and optimized this function to just
return 0 in all cases.
This should make the function check the range of the given address and
only do the page map check in case it is in the expected range of
virtual addresses.
Fixes: 074a1e1167af ("MIPS: Bounds check virt_addr_valid")
Cc: stable@vger.kernel.org # v4.12+
Cc: Paul Burton <paul.burton@mips.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
---
arch/mips/mm/mmap.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/arch/mips/mm/mmap.c
+++ b/arch/mips/mm/mmap.c
@@ -203,7 +203,7 @@ unsigned long arch_randomize_brk(struct
int __virt_addr_valid(const volatile void *kaddr)
{
- unsigned long vaddr = (unsigned long)vaddr;
+ unsigned long vaddr = (unsigned long)kaddr;
if ((vaddr < PAGE_OFFSET) || (vaddr >= MAP_BASE))
return 0;