[PATCH 19.07] kernel: Update kernel 4.14 to version 4.14.206
Adrian Schmutzler
mail at adrianschmutzler.de
Fri Nov 13 07:35:33 EST 2020
> -----Original Message-----
> From: openwrt-devel [mailto:openwrt-devel-bounces at lists.openwrt.org]
> On Behalf Of Josef Schlehofer
> Sent: Freitag, 13. November 2020 09:33
> To: openwrt-devel at lists.openwrt.org
> Cc: Hauke Mehrtens <hauke at hauke-m.de>
> Subject: [PATCH 19.07] kernel: Update kernel 4.14 to version 4.14.206
>
> From: Hauke Mehrtens <hauke at hauke-m.de>
>
> This is a security update as currently in OpenWrt 19.07, there is version
> 4.14.202 it means that it is vulnerable against vulnerability known as Sad DNS
> (DNS cache poisoning). Since kernel 4.14.203, there is present mitigation to
> this attack by randomizing ICMP global rate limit.
>
> More details can be found here: https://www.saddns.net/
>
> Compile and runtime tested on x86/64.
> Also compile and run tested on all Turris devices (Turris 1.x - powerpc 8540,
> Turris Omnia - mvebu/cortex-a9_vfpv3-d16, Turris MOX -
> mvebu/aarch64_cortex-a53)
>
> Signed-off-by: Hauke Mehrtens <hauke at hauke-m.de> (cherry picked from
> commit 9cdc02be88d5c25791664b1baaf9a7c1a4382c95)
> Signed-off-by: Josef Schlehofer <pepe.schlehofer at gmail.com> [added
> commit message about run testing on Turris devices, added mention about
> Sad DNS]
Did you just pick the patch or properly refresh patches again?
Best
Adrian
> ---
> include/kernel-version.mk | 4 ++--
> target/linux/cns3xxx/patches-4.14/210-dwc2_defaults.patch | 2 +-
> ...030-USB-serial-option-fix-dwm-158-3g-modem-interface.patch | 2 +-
> target/linux/generic/hack-4.14/204-module_strip.patch | 2 +-
> target/linux/generic/hack-4.14/930-crashlog.patch | 2 +-
> .../generic/pending-4.14/203-kallsyms_uncompressed.patch | 2 +-
> target/linux/generic/pending-4.14/920-mangle_bootargs.patch | 2 +-
> .../0067-generic-Mangle-bootloader-s-kernel-arguments.patch | 2 +-
> target/linux/mediatek/patches-4.14/0064-dts.patch | 2 +-
> ...arm64-mediatek-cleanup-message-for-platform-selectio.patch | 2 +-
> .../006-mvebu-Mangle-bootloader-s-kernel-arguments.patch | 2 +-
> .../linux/mvebu/patches-4.14/411-sfp-add-sfp-compatible.patch | 2 +-
> ...arm64-dts-armada-3720-espressobin-set-max-link-to-ge.patch | 2 +-
> .../octeon/patches-4.14/110-er200-ethernet_probe_order.patch | 4 ++--
> .../996-generic-Mangle-bootloader-s-kernel-arguments.patch | 2 +-
> 15 files changed, 17 insertions(+), 17 deletions(-)
>
> diff --git a/include/kernel-version.mk b/include/kernel-version.mk index
> a58b17fbf4..e581897dc1 100644
> --- a/include/kernel-version.mk
> +++ b/include/kernel-version.mk
> @@ -6,9 +6,9 @@ ifdef CONFIG_TESTING_KERNEL
> KERNEL_PATCHVER:=$(KERNEL_TESTING_PATCHVER)
> endif
>
> -LINUX_VERSION-4.14 = .202
> +LINUX_VERSION-4.14 = .206
>
> -LINUX_KERNEL_HASH-4.14.202 =
> 95c717ab5b0bdd2333e829f0507385fbe3424ceee810727f3a8551a0c74be328
> +LINUX_KERNEL_HASH-4.14.206 =
> +1c233efaa5063983293a02d4692acc9ced9c03e18857364855d4f612347086ac
>
> remove_uri_prefix=$(subst git://,,$(subst http://,,$(subst https://,,$(1))))
> sanitize_uri=$(call qstrip,$(subst @,_,$(subst :,_,$(subst .,_,$(subst -
> ,_,$(subst /,_,$(1))))))) diff --git a/target/linux/cns3xxx/patches-4.14/210-
> dwc2_defaults.patch b/target/linux/cns3xxx/patches-4.14/210-
> dwc2_defaults.patch
> index 67f152f43d..0cc4dd1830 100644
> --- a/target/linux/cns3xxx/patches-4.14/210-dwc2_defaults.patch
> +++ b/target/linux/cns3xxx/patches-4.14/210-dwc2_defaults.patch
> @@ -43,7 +43,7 @@
> {
> + /*
> const struct of_device_id *match;
> - void (*set_params)(void *data);
> + void (*set_params)(struct dwc2_hsotg *data);
> + */
>
> dwc2_set_default_params(hsotg);
> diff --git a/target/linux/generic/backport-4.14/030-USB-serial-option-fix-
> dwm-158-3g-modem-interface.patch b/target/linux/generic/backport-
> 4.14/030-USB-serial-option-fix-dwm-158-3g-modem-interface.patch
> index ebd90a8ef2..4ad22b3de1 100644
> --- a/target/linux/generic/backport-4.14/030-USB-serial-option-fix-dwm-158-
> 3g-modem-interface.patch
> +++ b/target/linux/generic/backport-4.14/030-USB-serial-option-fix-dwm-1
> +++ 58-3g-modem-interface.patch
> @@ -30,7 +30,7 @@ Signed-off-by: Johan Hovold <johan at kernel.org>
>
> --- a/drivers/usb/serial/option.c
> +++ b/drivers/usb/serial/option.c
> -@@ -2001,7 +2001,8 @@ static const struct usb_device_id option
> +@@ -2011,7 +2011,8 @@ static const struct usb_device_id option
> { USB_DEVICE_INTERFACE_CLASS(0x2001, 0x7d01, 0xff) },
> /* D-Link DWM-156 (variant) */
> { USB_DEVICE_INTERFACE_CLASS(0x2001, 0x7d02, 0xff) },
> { USB_DEVICE_INTERFACE_CLASS(0x2001, 0x7d03, 0xff) }, diff --git
> a/target/linux/generic/hack-4.14/204-module_strip.patch
> b/target/linux/generic/hack-4.14/204-module_strip.patch
> index c53963c530..d93b545b7c 100644
> --- a/target/linux/generic/hack-4.14/204-module_strip.patch
> +++ b/target/linux/generic/hack-4.14/204-module_strip.patch
> @@ -98,7 +98,7 @@ Signed-off-by: Felix Fietkau <nbd at nbd.name>
>
> --- a/init/Kconfig
> +++ b/init/Kconfig
> -@@ -1903,6 +1903,13 @@ config TRIM_UNUSED_KSYMS
> +@@ -1904,6 +1904,13 @@ config TRIM_UNUSED_KSYMS
>
> If unsure, or if you need to build out-of-tree modules, say N.
>
> diff --git a/target/linux/generic/hack-4.14/930-crashlog.patch
> b/target/linux/generic/hack-4.14/930-crashlog.patch
> index 9d09dbd760..2da51fb406 100644
> --- a/target/linux/generic/hack-4.14/930-crashlog.patch
> +++ b/target/linux/generic/hack-4.14/930-crashlog.patch
> @@ -41,7 +41,7 @@ Signed-off-by: Felix Fietkau <nbd at nbd.name> +#endif
> --- a/init/Kconfig
> +++ b/init/Kconfig
> -@@ -1009,6 +1009,10 @@ config RELAY
> +@@ -1010,6 +1010,10 @@ config RELAY
>
> If unsure, say N.
>
> diff --git a/target/linux/generic/pending-4.14/203-
> kallsyms_uncompressed.patch b/target/linux/generic/pending-4.14/203-
> kallsyms_uncompressed.patch
> index 1f5c83e94f..159a79988f 100644
> --- a/target/linux/generic/pending-4.14/203-kallsyms_uncompressed.patch
> +++ b/target/linux/generic/pending-4.14/203-kallsyms_uncompressed.patch
> @@ -13,7 +13,7 @@ Signed-off-by: Felix Fietkau <nbd at nbd.name>
>
> --- a/init/Kconfig
> +++ b/init/Kconfig
> -@@ -1081,6 +1081,17 @@ config SYSCTL_ARCH_UNALIGN_ALLOW
> +@@ -1082,6 +1082,17 @@ config SYSCTL_ARCH_UNALIGN_ALLOW
> the unaligned access emulation.
> see arch/parisc/kernel/unaligned.c for reference
>
> diff --git a/target/linux/generic/pending-4.14/920-mangle_bootargs.patch
> b/target/linux/generic/pending-4.14/920-mangle_bootargs.patch
> index 2f6a52c23d..4d7dd3364d 100644
> --- a/target/linux/generic/pending-4.14/920-mangle_bootargs.patch
> +++ b/target/linux/generic/pending-4.14/920-mangle_bootargs.patch
> @@ -13,7 +13,7 @@ Signed-off-by: Imre Kaloz <kaloz at openwrt.org>
>
> --- a/init/Kconfig
> +++ b/init/Kconfig
> -@@ -1427,6 +1427,15 @@ config EMBEDDED
> +@@ -1428,6 +1428,15 @@ config EMBEDDED
> an embedded system so certain expert options are available
> for configuration.
>
> diff --git a/target/linux/ipq806x/patches-4.14/0067-generic-Mangle-
> bootloader-s-kernel-arguments.patch b/target/linux/ipq806x/patches-
> 4.14/0067-generic-Mangle-bootloader-s-kernel-arguments.patch
> index f0cc3ed509..c977dd1001 100644
> --- a/target/linux/ipq806x/patches-4.14/0067-generic-Mangle-bootloader-s-
> kernel-arguments.patch
> +++ b/target/linux/ipq806x/patches-4.14/0067-generic-Mangle-bootloader-s
> +++ -kernel-arguments.patch
> @@ -22,7 +22,7 @@ Signed-off-by: Adrian Panella <ianchi74 at outlook.com>
>
> --- a/arch/arm/Kconfig
> +++ b/arch/arm/Kconfig
> -@@ -1934,6 +1934,17 @@ config
> ARM_ATAG_DTB_COMPAT_CMDLINE_EXTEN
> +@@ -1936,6 +1936,17 @@ config
> ARM_ATAG_DTB_COMPAT_CMDLINE_EXTEN
> The command-line arguments provided by the boot loader will be
> appended to the the device tree bootargs property.
>
> diff --git a/target/linux/mediatek/patches-4.14/0064-dts.patch
> b/target/linux/mediatek/patches-4.14/0064-dts.patch
> index a2f5000d4d..8cfda50035 100644
> --- a/target/linux/mediatek/patches-4.14/0064-dts.patch
> +++ b/target/linux/mediatek/patches-4.14/0064-dts.patch
> @@ -106,7 +106,7 @@
> reg = <6>;
> label = "cpu";
> ethernet = <&gmac0>;
> -@@ -187,8 +227,6 @@
> +@@ -188,8 +228,6 @@
> };
> };
> };
> diff --git a/target/linux/mediatek/patches-4.14/0124-arm64-mediatek-
> cleanup-message-for-platform-selectio.patch
> b/target/linux/mediatek/patches-4.14/0124-arm64-mediatek-cleanup-
> message-for-platform-selectio.patch
> index 6af0ae8316..1f8a549aac 100644
> --- a/target/linux/mediatek/patches-4.14/0124-arm64-mediatek-cleanup-
> message-for-platform-selectio.patch
> +++ b/target/linux/mediatek/patches-4.14/0124-arm64-mediatek-cleanup-
> mes
> +++ sage-for-platform-selectio.patch
> @@ -16,7 +16,7 @@ Signed-off-by: Matthias Brugger
> <matthias.bgg at gmail.com>
>
> --- a/arch/arm64/Kconfig.platforms
> +++ b/arch/arm64/Kconfig.platforms
> -@@ -91,12 +91,13 @@ config ARCH_HISI
> +@@ -92,12 +92,13 @@ config ARCH_HISI
> This enables support for Hisilicon ARMv8 SoC family
>
> config ARCH_MEDIATEK
> diff --git a/target/linux/mvebu/patches-4.14/006-mvebu-Mangle-
> bootloader-s-kernel-arguments.patch b/target/linux/mvebu/patches-
> 4.14/006-mvebu-Mangle-bootloader-s-kernel-arguments.patch
> index 4ef86edb6a..f9d902b4d9 100644
> --- a/target/linux/mvebu/patches-4.14/006-mvebu-Mangle-bootloader-s-
> kernel-arguments.patch
> +++ b/target/linux/mvebu/patches-4.14/006-mvebu-Mangle-bootloader-s-
> kern
> +++ el-arguments.patch
> @@ -28,7 +28,7 @@ Signed-off-by: Michael Gray
> <michael.gray at lantisproject.com>
>
> --- a/arch/arm/Kconfig
> +++ b/arch/arm/Kconfig
> -@@ -1934,6 +1934,17 @@ config
> ARM_ATAG_DTB_COMPAT_CMDLINE_EXTEN
> +@@ -1936,6 +1936,17 @@ config
> ARM_ATAG_DTB_COMPAT_CMDLINE_EXTEN
> The command-line arguments provided by the boot loader will be
> appended to the the device tree bootargs property.
>
> diff --git a/target/linux/mvebu/patches-4.14/411-sfp-add-sfp-
> compatible.patch b/target/linux/mvebu/patches-4.14/411-sfp-add-sfp-
> compatible.patch
> index 9174765e6a..6fce278305 100644
> --- a/target/linux/mvebu/patches-4.14/411-sfp-add-sfp-compatible.patch
> +++ b/target/linux/mvebu/patches-4.14/411-sfp-add-sfp-compatible.patch
> @@ -14,7 +14,7 @@ Signed-off-by: Russell King
> <rmk+kernel at armlinux.org.uk>
>
> --- a/drivers/net/phy/sfp.c
> +++ b/drivers/net/phy/sfp.c
> -@@ -1168,6 +1168,7 @@ static int sfp_remove(struct platform_de
> +@@ -1169,6 +1169,7 @@ static int sfp_remove(struct platform_de
>
> static const struct of_device_id sfp_of_match[] = {
> { .compatible = "sff,sfp", },
> diff --git a/target/linux/mvebu/patches-4.14/528-arm64-dts-armada-3720-
> espressobin-set-max-link-to-ge.patch b/target/linux/mvebu/patches-
> 4.14/528-arm64-dts-armada-3720-espressobin-set-max-link-to-ge.patch
> index 5ff9b47268..6ce49f71f0 100644
> --- a/target/linux/mvebu/patches-4.14/528-arm64-dts-armada-3720-
> espressobin-set-max-link-to-ge.patch
> +++ b/target/linux/mvebu/patches-4.14/528-arm64-dts-armada-3720-
> espresso
> +++ bin-set-max-link-to-ge.patch
> @@ -62,7 +62,7 @@ Signed-off-by: Tomasz Maciej Nowak
> <tmn505 at gmail.com>
>
> --- a/arch/arm64/boot/dts/marvell/armada-3720-espressobin.dts
> +++ b/arch/arm64/boot/dts/marvell/armada-3720-espressobin.dts
> -@@ -79,6 +79,8 @@
> +@@ -83,6 +83,8 @@
> /* J9 */
> &pcie0 {
> status = "okay";
> diff --git a/target/linux/octeon/patches-4.14/110-er200-
> ethernet_probe_order.patch b/target/linux/octeon/patches-4.14/110-
> er200-ethernet_probe_order.patch
> index 6b1eaf92a2..e5330ffbd6 100644
> --- a/target/linux/octeon/patches-4.14/110-er200-
> ethernet_probe_order.patch
> +++ b/target/linux/octeon/patches-4.14/110-er200-
> ethernet_probe_order.pa
> +++ tch
> @@ -1,6 +1,6 @@
> --- a/drivers/staging/octeon/ethernet.c
> +++ b/drivers/staging/octeon/ethernet.c
> -@@ -673,6 +673,7 @@ static int cvm_oct_probe(struct platform
> +@@ -674,6 +674,7 @@ static int cvm_oct_probe(struct platform
> int interface;
> int fau = FAU_NUM_PACKET_BUFFERS_TO_FREE;
> int qos;
> @@ -8,7 +8,7 @@
> struct device_node *pip;
> int mtu_overhead = ETH_HLEN + ETH_FCS_LEN;
>
> -@@ -796,13 +797,19 @@ static int cvm_oct_probe(struct platform
> +@@ -797,13 +798,19 @@ static int cvm_oct_probe(struct platform
> }
>
> num_interfaces = cvmx_helper_get_number_of_interfaces();
> diff --git a/target/linux/oxnas/patches-4.14/996-generic-Mangle-bootloader-
> s-kernel-arguments.patch b/target/linux/oxnas/patches-4.14/996-generic-
> Mangle-bootloader-s-kernel-arguments.patch
> index a06825f7c8..313b9b5640 100644
> --- a/target/linux/oxnas/patches-4.14/996-generic-Mangle-bootloader-s-
> kernel-arguments.patch
> +++ b/target/linux/oxnas/patches-4.14/996-generic-Mangle-bootloader-s-
> ke
> +++ rnel-arguments.patch
> @@ -22,7 +22,7 @@ Signed-off-by: Adrian Panella <ianchi74 at outlook.com>
>
> --- a/arch/arm/Kconfig
> +++ b/arch/arm/Kconfig
> -@@ -1934,6 +1934,17 @@ config
> ARM_ATAG_DTB_COMPAT_CMDLINE_EXTEN
> +@@ -1936,6 +1936,17 @@ config
> ARM_ATAG_DTB_COMPAT_CMDLINE_EXTEN
> The command-line arguments provided by the boot loader will be
> appended to the the device tree bootargs property.
>
> --
> 2.25.1
>
>
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
> https://lists.openwrt.org/mailman/listinfo/openwrt-devel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openpgp-digital-signature.asc
Type: application/pgp-signature
Size: 834 bytes
Desc: not available
URL: <http://lists.openwrt.org/pipermail/openwrt-devel/attachments/20201113/75b074fb/attachment-0001.sig>
More information about the openwrt-devel
mailing list