This backports a commit which fixes a use after free bug in awk.
CVE-2022-30065 description:
A use-after-free in Busybox 1.35-x's awk applet leads to denial of
service and possibly code execution when processing a crafted awk
pattern in the copyvar function.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This backports a commit from upstream dnsmasq to fix CVE-2022-0934.
CVE-2022-0934 description:
A single-byte, non-arbitrary write/use-after-free flaw was found in
dnsmasq. This flaw allows an attacker who sends a crafted packet
processed by dnsmasq, potentially causing a denial of service.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Add UIMAGE_NAME and UIMAGE_MAGIC to allow users to directly install
initramfs-kernel.bin from the stock firmware Web UI. At the same time,
this change makes it possible to boot OpenWrt with the official u-boot.
Notice:
Since the stock firmware is based on OpenWrt and the configuration
will be retained by default during the upgrade process, so we must use
initramfs-kernel.bin to do a initial installation. After the system
restarts, install sysupgrade.bin and do not retain any configuration.
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
Changes between 1.1.1r and 1.1.1s [1 Nov 2022]
*) Fixed a regression introduced in 1.1.1r version not refreshing the
certificate data to be signed before signing the certificate.
[Gibeom Gwon]
Changes between 1.1.1q and 1.1.1r [11 Oct 2022]
*) Fixed the linux-mips64 Configure target which was missing the
SIXTY_FOUR_BIT bn_ops flag. This was causing heap corruption on that
platform.
[Adam Joseph]
*) Fixed a strict aliasing problem in bn_nist. Clang-14 optimisation was
causing incorrect results in some cases as a result.
[Paul Dale]
*) Fixed SSL_pending() and SSL_has_pending() with DTLS which were failing to
report correct results in some cases
[Matt Caswell]
*) Fixed a regression introduced in 1.1.1o for re-signing certificates with
different key sizes
[Todd Short]
*) Added the loongarch64 target
[Shi Pujin]
*) Fixed a DRBG seed propagation thread safety issue
[Bernd Edlinger]
*) Fixed a memory leak in tls13_generate_secret
[Bernd Edlinger]
*) Fixed reported performance degradation on aarch64. Restored the
implementation prior to commit 2621751 ("aes/asm/aesv8-armx.pl: avoid
32-bit lane assignment in CTR mode") for 64bit targets only, since it is
reportedly 2-17% slower and the silicon errata only affects 32bit targets.
The new algorithm is still used for 32 bit targets.
[Bernd Edlinger]
*) Added a missing header for memcmp that caused compilation failure on some
platforms
[Gregor Jasny]
Build system: x86_64
Build-tested: bcm2711/RPi4B
Run-tested: bcm2711/RPi4B
Signed-off-by: John Audia <therealgraysky@proton.me>
Manually rebased:
bcm53xx/patches-5.10/180-usb-xhci-add-support-for-performing-fake-doorbell.patch
lantiq/patches-5.10/0028-NET-lantiq-various-etop-fixes.patch
All other patches automatically rebased.
Signed-off-by: John Audia <therealgraysky@proton.me>
Signed-off-by: John Audia <therealgraysky@proton.me>
Co-authored-by: John Audia <therealgraysky@proton.me>
Add DUAL_READ flag to EON EN25Q128 as from documentation it's supported.
While at it also rework the patch and add a commit description.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Co-authored-by: Christian Marangi <ansuelsmth@gmail.com>
Manually rebased:
bcm27xx/patches-5.15/950-0600-xhci-quirks-add-link-TRB-quirk-for-VL805.patch
bcm27xx/patches-5.15/950-0606-usb-xhci-add-VLI_TRB_CACHE_BUG-quirk.patch
bcm27xx/patches-5.15/950-0717-usb-xhci-add-a-quirk-for-Superspeed-bulk-OUT-transfe.patch
bcm53xx/patches-5.15/180-usb-xhci-add-support-for-performing-fake-doorbell.patch
lantiq/patches-5.15/0028-NET-lantiq-various-etop-fixes.patch
All other patches automatically rebased
Co-authored-by: John Audia <therealgraysky@proton.me>
Signed-off-by: John Audia <therealgraysky@proton.me>
Manually rebased:
bcm53xx/patches-5.10/180-usb-xhci-add-support-for-performing-fake-doorbell.patch
All patches automatically rebased.
Signed-off-by: John Audia <therealgraysky@proton.me>
[Move gro_skip in 680-NET-skip-GRO-for-foreign-MAC-addresses.patch to old position]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* remove orphaned Kconfig symbol now that CONFIG_IIO is no longer
selected after commit ef8b935c95 ("mediatek: clean up mt7622 kernel config")
* select UBI fast-map feature to decrease boot time and keep the
number of spare blocks required in sync with U-Boot's expectations
(we got fast-map enabled in U-Boot)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Add dependency to '32k' ADC clock so it is always enabled for thermal
and raw access to ADC values. This allows to remove the patch for the
ADC driver and reduce the patch adding thermal support for MT7986 to
only add the new efuse layout and temperature decoding for V3.
Suggested-by: AngeloGioacchino Del Regno <angelogioacchino.delregno@collabora.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Remove kmod-sdhci-mtk as the mtk-sd driver is built-in anyway for the
relevant subtargets in order to support mounting rootfs from eMMC or
SD card.
Add kmod-iio-mt6577-auxadc to support reading the raw values from the
auxadc unit used as in-SoC thermal sensor. This driver was previously
built-in, but as thermal itself works well without it there is no use
for it in every day use of a device. Build the module to still allow
access to the raw values for those who need it.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Similar to the implementation for the BPi-R3 use the same logic also
for determining the device to look for the U-Boot environment of the
BPi-R64.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Don't reply on mapped rootfs partition but rather just take what ever
has been set to the kernel cmdline root= parameter as a hint to decide
which media to install sysupgrade to on the BananaPi BPi-R64.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Add patch headers and description for pending patch.
Add version tag to patch already merged upstream.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
