mtk-20170518/target, branch v17.01.2 MTK 20170518 : Mediatek SDK based on OpenWRT Barrier Breaker kernel: update kernel 4.4 to 4.4.71 2017-06-07T19:24:41+00:00 Jo-Philipp Wich jo@mein.io 2017-06-07T19:24:41+00:00 4fbd0726240915d9d5e533563d500cf716902688 Fixes the following security vulnerabilities: CVE-2017-8890 The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call. CVE-2017-9074 The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls. CVE-2017-9075 The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. CVE-2017-9076 The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. CVE-2017-9077 The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. CVE-2017-9242 The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls. Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8890 Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9074 Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9075 Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9076 Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9077 Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9242 Ref: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.71 Signed-off-by: Jo-Philipp Wich <jo@mein.io> 
Fixes the following security vulnerabilities:

CVE-2017-8890
The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the
Linux kernel through 4.10.15 allows attackers to cause a denial of service
(double free) or possibly have unspecified other impact by leveraging use
of the accept system call.

CVE-2017-9074
The IPv6 fragmentation implementation in the Linux kernel through 4.11.1
does not consider that the nexthdr field may be associated with an invalid
option, which allows local users to cause a denial of service (out-of-bounds
read and BUG) or possibly have unspecified other impact via crafted socket
and send system calls.

CVE-2017-9075
The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.

CVE-2017-9076
The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux
kernel through 4.11.1 mishandles inheritance, which allows local users to
cause a denial of service or possibly have unspecified other impact via
crafted system calls, a related issue to CVE-2017-8890.

CVE-2017-9077
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.

CVE-2017-9242
The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel
through 4.11.3 is too late in checking whether an overwrite of an skb data
structure may occur, which allows local users to cause a denial of service
(system crash) via crafted system calls.

Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8890
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9074
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9075
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9076
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9077
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9242
Ref: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.71

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Add missing APU1 reference to x86 board.d 2017-06-06T21:02:20+00:00 Kristian Evensen kristian.evensen@gmail.com 2017-06-05T08:24:02+00:00 443d705e381ef214191a2a427f3c1b29f4c41456 x86 board.d only contains a case for the APU2, not the APU1. This causes, for example, network configuration not to be created correctly. Even though the APU1 seems to reaching EOL, there a still a lot of them out there. The APU1 and APU2 is configured in the same way and this patch should also be considered for stable, as the error also exists there. Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com> 
x86 board.d only contains a case for the APU2, not the APU1. This
causes, for example, network configuration not to be created correctly.
Even though the APU1 seems to reaching EOL, there a still a lot of them
out there.

The APU1 and APU2 is configured in the same way and this patch should
also be considered for stable, as the error also exists there.

Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
lantiq: fix broadcasts and vlans in two iface mode 2017-06-03T14:51:42+00:00 Mathias Kresin dev@kresin.me 2017-02-24T08:19:49+00:00 bf6216e5e3938cd306b0295161140ec281a094b9 The two phy operation mode where one phy is assigned to an interface without lantiq,* device tree property and the other phy is assigned to an interface with the lantiq,wan device property was broken with the multicast package leaks between vlans fixes. Move the multicast packages relevant portmap settings to the condition which handles multicast packages for better readability. Replace the priv->port_map based port_map only for the interface which has the lantiq,switch device tree property set, to allow tagged multicast packages in two phy mode where the lantiq,switch device tree property isn't used. Signed-off-by: Mathias Kresin <dev@kresin.me> 
The two phy operation mode where one phy is assigned to an interface
without lantiq,* device tree property and the other phy is assigned to
an interface with the lantiq,wan device property was broken with the
multicast package leaks between vlans fixes.

Move the multicast packages relevant portmap settings to the condition
which handles multicast packages for better readability.

Replace the priv->port_map based port_map only for the interface which
has the lantiq,switch device tree property set, to allow tagged
multicast packages in two phy mode where the lantiq,switch device tree
property isn't used.

Signed-off-by: Mathias Kresin <dev@kresin.me>
lantiq: select kmod-mt7603 instead of kmod-mt76 for WBMR-300HPD 2017-06-03T14:51:41+00:00 Felix Fietkau nbd@nbd.name 2017-02-26T14:00:54+00:00 36ccbbdab1e65346871ede11c00adc006a7dc8df Signed-off-by: Felix Fietkau <nbd@nbd.name> 
Signed-off-by: Felix Fietkau <nbd@nbd.name>
lantiq: use the P2812HNUF* wan port as wan 2017-06-03T14:51:41+00:00 Mathias Kresin dev@kresin.me 2017-03-11T12:23:01+00:00 4186d737f60a39659bd85ae0cacdc00da77cf476 The port is labeled as wan and was only used as lan port because of the "tx ring full" issues fixed with 8f02f7c. Signed-off-by: Mathias Kresin <dev@kresin.me> 
The port is labeled as wan and was only used as lan port because of the
"tx ring full" issues fixed with 8f02f7c.

Signed-off-by: Mathias Kresin <dev@kresin.me>
lantiq: xrx200: use vlan for ethernet wan port 2017-06-03T14:09:33+00:00 Mathias Kresin dev@kresin.me 2016-09-10T09:05:56+00:00 254bf7961e57f65bad849dbab4b135d2a73b1f9b Using the lantiq,wan device tree property for one interface node and the lantiq,switch device tree property for another interface node at the same time was never intended/isn't supported at the moment. The property is meant to be used in two phy operation mode where one phy is assigned to an interface without lantiq,* device tree property and the other phy is assigned to an interface with the lantiq,wan device property to have two netdevs. If both properties are used at the same time, the lantiq,wan interface is shown as independent netdev but not able to operate independent. The port needs to be managed via swconfig. These dependency is not obvious and fooled already a lot of users. Add a default WAN vlan for xrx200 devices having an ethernet WAN port and remove the lantiq,wan device tree property. Leave it up to the user to set the ethernet WAN port as default WAN interface or to use this port as additional LAN port. Signed-off-by: Mathias Kresin <dev@kresin.me> 
Using the lantiq,wan device tree property for one interface node and
the lantiq,switch device tree property for another interface node at
the same time was never intended/isn't supported at the moment.

The property is meant to be used in two phy operation mode where one
phy is assigned to an interface without lantiq,* device tree property
and the other phy is assigned to an interface with the lantiq,wan
device property to have two netdevs.

If both properties are used at the same time, the lantiq,wan interface
is shown as independent netdev but not able to operate independent. The
port needs to be managed via swconfig. These dependency is not obvious
and fooled already a lot of users.

Add a default WAN vlan for xrx200 devices having an ethernet WAN port
and remove the lantiq,wan device tree property. Leave it up to the user
to set the ethernet WAN port as default WAN interface or to use this
port as additional LAN port.

Signed-off-by: Mathias Kresin <dev@kresin.me>
x86: disable X2APIC support for legacy subtargets 2017-06-01T23:52:14+00:00 Jo-Philipp Wich jo@mein.io 2017-06-01T23:47:47+00:00 b78bcdf6195c6ead5095489e8bb5e85eece44622 Explicitely disable X2APIC support on legacy targets since the targeted processor types do not support it anyway there. Fixes FS#285. Signed-off-by: Jo-Philipp Wich <jo@mein.io> 
Explicitely disable X2APIC support on legacy targets since the targeted
processor types do not support it anyway there.

Fixes FS#285.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
ar71xx: fix Wallys DR344 GPIO-connected LEDs and button 2017-05-30T12:57:09+00:00 Piotr Dymacz pepe2k@gmail.com 2017-05-29T19:32:11+00:00 b1257d8d73690b0e4aac1eed654f5b1b0679bacd This fixes wrong GPIO numbers for LEDs and button in Wallys DR344 board and sets color of all LEDs to green as the mass production boards have only green one. Actually, DR344 has 6 GPIO-connected LEDs and one button: - GPIO11: status - GPIO12: sig1 - GPIO13: sig2 - GPIO14: sig3 - GPIO15: sig4 - GPIO16: reset button - GPIO17: lan WAN LED is connected directly with AR8035 PHY. Signed-off-by: Piotr Dymacz <pepe2k@gmail.com> 
This fixes wrong GPIO numbers for LEDs and button in Wallys DR344 board
and sets color of all LEDs to green as the mass production boards have
only green one.

Actually, DR344 has 6 GPIO-connected LEDs and one button:

- GPIO11: status
- GPIO12: sig1
- GPIO13: sig2
- GPIO14: sig3
- GPIO15: sig4
- GPIO16: reset button
- GPIO17: lan

WAN LED is connected directly with AR8035 PHY.

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
ar71xx: set GE interface as wan by default in Wallys DR344 2017-05-30T12:57:00+00:00 Piotr Dymacz pepe2k@gmail.com 2017-05-29T19:25:03+00:00 21a7e409412e07887b1f7291b0a6eec0ae205bac This aligns default network interfaces configuration with vendor firmware: GE (eth0) -> wan, FE (eth1) -> lan. Signed-off-by: Piotr Dymacz <pepe2k@gmail.com> 
This aligns default network interfaces configuration with vendor
firmware: GE (eth0) -> wan, FE (eth1) -> lan.

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
ar71xx: fix GE interface support in Wallys DR344 2017-05-30T12:56:53+00:00 Piotr Dymacz pepe2k@gmail.com 2017-05-29T17:18:52+00:00 a412350684887dcf9e1b0d79ac135b64ce65cd45 GMAC0 interface of AR9344 SOC in Wallys DR344 board is connected with AR8035, not with AR8327. Without this fix, GE interface doesn't work at all or shows high packet loss ratio. Signed-off-by: Piotr Dymacz <pepe2k@gmail.com> 
GMAC0 interface of AR9344 SOC in Wallys DR344 board is connected with
AR8035, not with AR8327. Without this fix, GE interface doesn't work at
all or shows high packet loss ratio.

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>