mirror of
https://github.com/coolsnowwolf/lede.git
synced 2025-04-15 18:03:30 +00:00
Lean's LEDE source
3a1917b543
intel-microcode (3.20210608.2)
* Correct INTEL-SA-00442 CVE id to CVE-2020-24489 in changelog and
debian/changelog (3.20210608.1).
intel-microcode (3.20210608.1)
* New upstream microcode datafile 20210608 (closes: #989615)
* Implements mitigations for CVE-2020-24511 CVE-2020-24512
(INTEL-SA-00464), information leakage through shared resources,
and timing discrepancy sidechannels
* Implements mitigations for CVE-2020-24513 (INTEL-SA-00465),
Domain-bypass transient execution vulnerability in some Intel Atom
Processors, affects Intel SGX.
* Implements mitigations for CVE-2020-24489 (INTEL-SA-00442), Intel
VT-d privilege escalation
* Fixes critical errata on several processors
* New Microcodes:
sig 0x00050655, pf_mask 0xb7, 2018-11-16, rev 0x3000010, size 47104
sig 0x000606a5, pf_mask 0x87, 2021-03-08, rev 0xc0002f0, size 283648
sig 0x000606a6, pf_mask 0x87, 2021-04-25, rev 0xd0002a0, size 283648
sig 0x00080664, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048
sig 0x00080665, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048
sig 0x000806c1, pf_mask 0x80, 2021-03-31, rev 0x0088, size 109568
sig 0x000806c2, pf_mask 0xc2, 2021-04-07, rev 0x0016, size 94208
sig 0x000806d1, pf_mask 0xc2, 2021-04-23, rev 0x002c, size 99328
sig 0x00090661, pf_mask 0x01, 2021-02-04, rev 0x0011, size 19456
sig 0x000906c0, pf_mask 0x01, 2021-03-23, rev 0x001d, size 19456
sig 0x000a0671, pf_mask 0x02, 2021-04-11, rev 0x0040, size 100352
* Updated Microcodes:
sig 0x000306f2, pf_mask 0x6f, 2021-01-27, rev 0x0046, size 34816
sig 0x000306f4, pf_mask 0x80, 2021-02-05, rev 0x0019, size 19456
sig 0x000406e3, pf_mask 0xc0, 2021-01-25, rev 0x00ea, size 105472
sig 0x000406f1, pf_mask 0xef, 2021-02-06, rev 0xb00003e, size 31744
sig 0x00050653, pf_mask 0x97, 2021-03-08, rev 0x100015b, size 34816
sig 0x00050654, pf_mask 0xb7, 2021-03-08, rev 0x2006b06, size 36864
sig 0x00050656, pf_mask 0xbf, 2021-03-08, rev 0x4003102, size 30720
sig 0x00050657, pf_mask 0xbf, 2021-03-08, rev 0x5003102, size 30720
sig 0x0005065b, pf_mask 0xbf, 2021-04-23, rev 0x7002302, size 27648
sig 0x00050663, pf_mask 0x10, 2021-02-04, rev 0x700001b, size 24576
sig 0x00050664, pf_mask 0x10, 2021-02-04, rev 0xf000019, size 24576
sig 0x00050665, pf_mask 0x10, 2021-02-04, rev 0xe000012, size 19456
sig 0x000506c9, pf_mask 0x03, 2020-10-23, rev 0x0044, size 17408
sig 0x000506ca, pf_mask 0x03, 2020-10-23, rev 0x0020, size 15360
sig 0x000506e3, pf_mask 0x36, 2021-01-25, rev 0x00ea, size 105472
sig 0x000506f1, pf_mask 0x01, 2020-10-23, rev 0x0034, size 11264
sig 0x000706a1, pf_mask 0x01, 2020-10-23, rev 0x0036, size 74752
sig 0x000706a8, pf_mask 0x01, 2020-10-23, rev 0x001a, size 75776
sig 0x000706e5, pf_mask 0x80, 2020-11-01, rev 0x00a6, size 110592
sig 0x000806a1, pf_mask 0x10, 2020-11-06, rev 0x002a, size 32768
sig 0x000806e9, pf_mask 0x10, 2021-01-05, rev 0x00ea, size 104448
sig 0x000806e9, pf_mask 0xc0, 2021-01-05, rev 0x00ea, size 104448
sig 0x000806ea, pf_mask 0xc0, 2021-01-06, rev 0x00ea, size 103424
sig 0x000806eb, pf_mask 0xd0, 2021-01-05, rev 0x00ea, size 104448
sig 0x000806ec, pf_mask 0x94, 2021-01-05, rev 0x00ea, size 104448
sig 0x000906e9, pf_mask 0x2a, 2021-01-05, rev 0x00ea, size 104448
sig 0x000906ea, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 102400
sig 0x000906eb, pf_mask 0x02, 2021-01-05, rev 0x00ea, size 104448
sig 0x000906ec, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 103424
sig 0x000906ed, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 103424
sig 0x000a0652, pf_mask 0x20, 2021-02-07, rev 0x00ea, size 93184
sig 0x000a0653, pf_mask 0x22, 2021-03-08, rev 0x00ea, size 94208
sig 0x000a0655, pf_mask 0x22, 2021-03-08, rev 0x00ec, size 94208
sig 0x000a0660, pf_mask 0x80, 2020-12-08, rev 0x00e8, size 94208
sig 0x000a0661, pf_mask 0x80, 2021-02-07, rev 0x00ea, size 93184
* source: update symlinks to reflect id of the latest release, 20210608
intel-microcode (3.20210216.1)
* New upstream microcode datafile 20210216
* Mitigates an issue on Skylake Server (H0/M0/U0), Xeon-D 21xx,
and Cascade Lake Server (B0/B1) when using an active JTAG
agent like In Target Probe (ITP), Direct Connect Interface
(DCI) or a Baseboard Management Controller (BMC) to take the
CPU JTAG/TAP out of reset and then returning it to reset.
* This issue is related to the INTEL-SA-00381 mitigation.
* Updated Microcodes:
sig 0x00050654, pf_mask 0xb7, 2020-12-31, rev 0x2006a0a, size 36864
sig 0x00050656, pf_mask 0xbf, 2020-12-31, rev 0x4003006, size 53248
sig 0x00050657, pf_mask 0xbf, 2020-12-31, rev 0x5003006, size 53248
* source: update symlinks to reflect id of the latest release, 20210216
intel-microcode (3.20201118.1)
* New upstream microcode datafile 20201118
* Removes a faulty microcode update from release 2020-11-10 for Tiger Lake
processors. Note that Debian already had removed this specific falty
microcode update on the 3.20201110.1 release
* Add a microcode update for the Pentium Silver N/J5xxx and Celeron
N/J4xxx which didn't make it to release 20201110, fixing security issues
(INTEL-SA-00381, INTEL-SA-00389)
* Updated Microcodes:
sig 0x000706a1, pf_mask 0x01, 2020-06-09, rev 0x0034, size 74752
* Removed Microcodes:
sig 0x000806c1, pf_mask 0x80, 2020-10-02, rev 0x0068, size 107520
intel-microcode (3.20201110.1)
* New upstream microcode datafile 20201110 (closes: #974533)
* Implements mitigation for CVE-2020-8696 and CVE-2020-8698,
aka INTEL-SA-00381: AVX register information leakage;
Fast-Forward store predictor information leakage
* Implements mitigation for CVE-2020-8695, Intel SGX information
disclosure via RAPL, aka INTEL-SA-00389
* Fixes critical errata on several processor models
* Reintroduces SRBDS mitigations(CVE-2020-0543, INTEL-SA-00320)
for Skylake-U/Y, Skylake Xeon E3
* New Microcodes
sig 0x0005065b, pf_mask 0xbf, 2020-08-20, rev 0x700001e, size 27648
sig 0x000806a1, pf_mask 0x10, 2020-06-26, rev 0x0028, size 32768
sig 0x000806c1, pf_mask 0x80, 2020-10-02, rev 0x0068, size 107520
sig 0x000a0652, pf_mask 0x20, 2020-07-08, rev 0x00e0, size 93184
sig 0x000a0653, pf_mask 0x22, 2020-07-08, rev 0x00e0, size 94208
sig 0x000a0655, pf_mask 0x22, 2020-07-08, rev 0x00e0, size 93184
sig 0x000a0661, pf_mask 0x80, 2020-07-02, rev 0x00e0, size 93184
* Updated Microcodes
sig 0x000306f2, pf_mask 0x6f, 2020-05-27, rev 0x0044, size 34816
sig 0x000406e3, pf_mask 0xc0, 2020-07-14, rev 0x00e2, size 105472
sig 0x00050653, pf_mask 0x97, 2020-06-18, rev 0x1000159, size 33792
sig 0x00050654, pf_mask 0xb7, 2020-06-16, rev 0x2006a08, size 35840
sig 0x00050656, pf_mask 0xbf, 2020-06-18, rev 0x4003003, size 52224
sig 0x00050657, pf_mask 0xbf, 2020-06-18, rev 0x5003003, size 52224
sig 0x000506c9, pf_mask 0x03, 2020-02-27, rev 0x0040, size 17408
sig 0x000506ca, pf_mask 0x03, 2020-02-27, rev 0x001e, size 15360
sig 0x000506e3, pf_mask 0x36, 2020-07-14, rev 0x00e2, size 105472
sig 0x000706a8, pf_mask 0x01, 2020-06-09, rev 0x0018, size 75776
sig 0x000706e5, pf_mask 0x80, 2020-07-30, rev 0x00a0, size 109568
sig 0x000806e9, pf_mask 0x10, 2020-05-27, rev 0x00de, size 104448
sig 0x000806e9, pf_mask 0xc0, 2020-05-27, rev 0x00de, size 104448
sig 0x000806ea, pf_mask 0xc0, 2020-06-17, rev 0x00e0, size 104448
sig 0x000806eb, pf_mask 0xd0, 2020-06-03, rev 0x00de, size 104448
sig 0x000806ec, pf_mask 0x94, 2020-05-18, rev 0x00de, size 104448
sig 0x000906e9, pf_mask 0x2a, 2020-05-26, rev 0x00de, size 104448
sig 0x000906ea, pf_mask 0x22, 2020-05-25, rev 0x00de, size 103424
sig 0x000906eb, pf_mask 0x02, 2020-05-25, rev 0x00de, size 104448
sig 0x000906ec, pf_mask 0x22, 2020-06-03, rev 0x00de, size 103424
sig 0x000906ed, pf_mask 0x22, 2020-05-24, rev 0x00de, size 103424
sig 0x000a0660, pf_mask 0x80, 2020-07-08, rev 0x00e0, size 94208
* 0x806c1: remove the new Tiger Lake update: causes hang on cold/warm boot
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/44
INTEL-SA-00381 AND INTEL-SA-00389 MITIGATIONS ARE THEREFORE NOT INSTALLED
FOR 0x806c1 TIGER LAKE PROCESSORS by this package update. Contact your
system vendor for a firmware update, or wait fo a possible fix in a future
Intel microcode release.
* source: update symlinks to reflect id of the latest release, 20201110
* source: ship new upstream documentation (security.md, releasenote.md)
Signed-off-by: Tan Zien <nabsdh9@gmail.com>
[used different .tar.xz source, but with the same content]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
|
||
|---|---|---|
| .github | ||
| config | ||
| doc | ||
| include | ||
| LICENSES | ||
| package | ||
| scripts | ||
| target | ||
| toolchain | ||
| tools | ||
| .gitattributes | ||
| .gitignore | ||
| BSDmakefile | ||
| Config.in | ||
| COPYING | ||
| feeds.conf.default | ||
| Makefile | ||
| README | ||
| README_EN.md | ||
| README.md | ||
| rules.mk | ||
Welcome to Lean's git source of OpenWrt and packages
How to build your Openwrt firmware.
Note:
-
DO NOT USE root USER FOR COMPILING!!!
-
Users within China should prepare proxy before building.
-
Web admin panel default IP is 192.168.1.1 and default password is "password".
Let's start!
-
First, install Ubuntu 64bit (Ubuntu 20.04 LTS x86 is recommended).
-
Run
sudo apt-get updatein the terminal, and then runsudo apt-get -y install build-essential asciidoc binutils bzip2 gawk gettext git libncurses5-dev libz-dev patch python3 python2.7 unzip zlib1g-dev lib32gcc1 libc6-dev-i386 subversion flex uglifyjs git-core gcc-multilib p7zip p7zip-full msmtp libssl-dev texinfo libglib2.0-dev xmlto qemu-utils upx libelf-dev autoconf automake libtool autopoint device-tree-compiler g++-multilib antlr3 gperf wget curl swig rsync -
Run
git clone https://github.com/coolsnowwolf/ledeto clone the source code, and thencd ledeto enter the directory -
./scripts/feeds update -a ./scripts/feeds install -a make menuconfig -
Run
make -j8 download V=sto download libraries and dependencies (user in China should use global proxy when possible) -
Run
make -j1 V=s(integer following -j is the thread count, single-thread is recommended for the first build) to start building your firmware.
This source code is promised to be compiled successfully.
You can use this source code freely, but please link this GitHub repository when redistributing. Thank you for your cooperation!
Rebuild:
cd lede
git pull
./scripts/feeds update -a && ./scripts/feeds install -a
make defconfig
make -j8 download
make -j$(($(nproc) + 1)) V=s
If reconfiguration is need:
rm -rf ./tmp && rm -rf .config
make menuconfig
make -j$(($(nproc) + 1)) V=s
Build result will be produced to bin/targets directory.
Special tips:
-
This source code doesn't contain any backdoors or close source applications that can monitor/capture your HTTPS traffic, SSL is the final castle of cyber security. Safety is what a firmware should achieve.
-
If you have any technical problem, you may join the QQ discussion group: 297253733, link: click here
-
Want to learn OpenWrt development but don't know how? Can't motivate yourself for self-learning? Not enough fundamental knowledge? Learn OpenWrt development with Mr. Zuo through his Beginner OpenWrt Training Course. Click here to register.
Router Recommendation
Not Sponsored: If you are finding a low power consumption, small and performance promising x86/x64 router, I personally recommend the EZPROv1 Alumium Edition (N3710 4000M): Details
Donation
If this project does help you, please consider donating to support the development of this project.
Alipay
