This adds the MHI SBL callback that ath11k will utilize in order to
support multiple PCI cards or AHB+PCI combo which currently does not
work due to QRTR ID-s conflicting.
This is a prerequisite for the mac80211 patch targeting ath11k as it
uses MHI from kernel.
Signed-off-by: Robert Marko <robimarko@gmail.com>
Fix the trivial abscence of $() when assigning engine config files to
the main libopenssl-config package even if the corresponding engines
were not built into the main library.
This is mostly cosmetic, since scripts/ipkg-build tests the file's
presence before it is actually included in the package's conffiles.
Fixes: 30b0351039 "openssl: configure engine packages during install"
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Apply two patches fixing low-severity vulnerabilities related to
certificate policies validation:
- Excessive Resource Usage Verifying X.509 Policy Constraints
(CVE-2023-0464)
Severity: Low
A security vulnerability has been identified in all supported versions
of OpenSSL related to the verification of X.509 certificate chains
that include policy constraints. Attackers may be able to exploit
this vulnerability by creating a malicious certificate chain that
triggers exponential use of computational resources, leading to a
denial-of-service (DoS) attack on affected systems.
Policy processing is disabled by default but can be enabled by passing
the `-policy' argument to the command line utilities or by calling the
`X509_VERIFY_PARAM_set1_policies()' function.
- Invalid certificate policies in leaf certificates are silently ignored
(CVE-2023-0465)
Severity: Low
Applications that use a non-default option when verifying certificates
may be vulnerable to an attack from a malicious CA to circumvent
certain checks.
Invalid certificate policies in leaf certificates are silently ignored
by OpenSSL and other certificate policy checks are skipped for that
certificate. A malicious CA could use this to deliberately assert
invalid certificate policies in order to circumvent policy checking on
the certificate altogether.
Policy processing is disabled by default but can be enabled by passing
the `-policy' argument to the command line utilities or by calling the
`X509_VERIFY_PARAM_set1_policies()' function.
Note: OpenSSL also released a fix for low-severity security advisory
CVE-2023-466. It is not included here because the fix only changes the
documentation, which is not built nor included in any OpenWrt package.
Due to the low-severity of these issues, there will be not be an
immediate new release of OpenSSL.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
This can improve load balancing by pushing backlog (and RPS) processing
to separate threads, allowing the scheduler to distribute the load.
It can be enabled with: echo 1 > /proc/sys/net/core/backlog_threaded
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Move it to pending, since it wasn't actually accepted upstream yet.
Fixes potential issues when doing offload between multiple MACs.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This fixes issues with legacy boot loaders that don't process reserved memory
regions outside of system RAM
Signed-off-by: Lorenzo Bianconi <lorenzo@kernel.org>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
The padding intended to avoid corrupted non-zero padding payload was
accidentally adding too many padding bytes, tripping up some setups.
Fix this by using eth_skb_pad instead.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
* rockchip:add support for dilusense dlfr100
* rockchip:add support for dilusense dlfr100
* rockchip:add support for dilusense dlfr100
* rockchip:add support for dilusense dlfr100
* rockchip:add support for dilusense dlfr100
* rockchip:add support for dilusense dlfr100
* rockchip:add support for dilusense dlfr100
* rockchip:add support for dilusense dlfr100
* rockchip:add support for dilusense dlfr100
* rockchip:add support for dilusense dlfr100
* rockchip:add support for dilusense dlfr100
* rockchip: add support for dilusense dlfr100
* rockchip: add support for dilusense dlfr100
* rockchip:add support for dilusense dlfr100
* rockchip:add support for dilusense dlfr100
* Add files via upload
* Add files via upload
* Add files via upload
* Add files via upload
* Update rk3399-dlfr100.dts
* Add files via upload
This only fixes minor problems.
Changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.3
The 100-fix-compile.patch patch was merged upstream.
The code style of all files in mbedtls 2.28.3 was changed.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Pahole version is being autodetected during runtime since kernel 5.15.96
via in-kernel scripts/pahole-version.sh so add CONFIG_PAHOLE_VERSION to
kernel filter in order to prevent it from being added to target configs.
Signed-off-by: Robert Marko <robimarko@gmail.com>
The XMC XM25QH64C is a 8MB SPI NOR chip. The patch is verified on TL-WPA8631P v3.
Datasheet available at https://www.xmcwh.com/uploads/442/XM25QH64C.pdf
Signed-off-by: Joe Mullally <jwmullally@gmail.com>
