Merge branch 'next' of ssh://git.ipfire.org/pub/git/ipfire-2.x into next

src/patches/linux-3.14.32-r8169_disable_L23.patch

@@ -0,0 +1,100 @@
+From 77e3b7f055f824e4d6587faa73bd4aacd0c307e8 Mon Sep 17 00:00:00 2001
+From: hayeswang <hayeswang@realtek.com>
+Date: Wed, 9 Jul 2014 14:52:51 +0800
+Subject: [PATCH] r8169: disable L23
+
+For RTL8411, RTL8111G, RTL8402, RTL8105, and RTL8106, disable the feature
+of entering the L2/L3 link state of the PCIe. When the nic starts the process
+of entering the L2/L3 link state and the PCI reset occurs before the work
+is finished, the work would be queued and continue after the next the PCI
+reset occurs. This causes the device stays in L2/L3 link state, and the system
+couldn't find the device.
+
+Signed-off-by: Hayes Wang <hayeswang@realtek.com>
+Acked-by: Francois Romieu <romieu@fr.zoreil.com>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+---
+ drivers/net/ethernet/realtek/r8169.c | 25 +++++++++++++++++++++++++
+ 1 file changed, 25 insertions(+)
+
+diff --git a/drivers/net/ethernet/realtek/r8169.c b/drivers/net/ethernet/realtek/r8169.c
+index 3ff7bc3..b94f658 100644
+--- a/drivers/net/ethernet/realtek/r8169.c
++++ b/drivers/net/ethernet/realtek/r8169.c
+@@ -538,6 +538,7 @@ enum rtl_register_content {
+ 	MagicPacket	= (1 << 5),	/* Wake up when receives a Magic Packet */
+ 	LinkUp		= (1 << 4),	/* Wake up when the cable connection is re-established */
+ 	Jumbo_En0	= (1 << 2),	/* 8168 only. Reserved in the 8168b */
++	Rdy_to_L23	= (1 << 1),	/* L23 Enable */
+ 	Beacon_en	= (1 << 0),	/* 8168 only. Reserved in the 8168b */
+ 
+ 	/* Config4 register */
+@@ -4897,6 +4898,21 @@ static void rtl_enable_clock_request(struct pci_dev *pdev)
+ 				 PCI_EXP_LNKCTL_CLKREQ_EN);
+ }
+ 
++static void rtl_pcie_state_l2l3_enable(struct rtl8169_private *tp, bool enable)
++{
++	void __iomem *ioaddr = tp->mmio_addr;
++	u8 data;
++
++	data = RTL_R8(Config3);
++
++	if (enable)
++		data |= Rdy_to_L23;
++	else
++		data &= ~Rdy_to_L23;
++
++	RTL_W8(Config3, data);
++}
++
+ #define R8168_CPCMD_QUIRK_MASK (\
+ 	EnableBist | \
+ 	Mac_dbgo_oe | \
+@@ -5246,6 +5262,7 @@ static void rtl_hw_start_8411(struct rtl8169_private *tp)
+ 	};
+ 
+ 	rtl_hw_start_8168f(tp);
++	rtl_pcie_state_l2l3_enable(tp, false);
+ 
+ 	rtl_ephy_init(tp, e_info_8168f_1, ARRAY_SIZE(e_info_8168f_1));
+ 
+@@ -5284,6 +5301,8 @@ static void rtl_hw_start_8168g_1(struct rtl8169_private *tp)
+ 
+ 	rtl_w1w0_eri(tp, 0x2fc, ERIAR_MASK_0001, 0x01, 0x06, ERIAR_EXGMAC);
+ 	rtl_w1w0_eri(tp, 0x1b0, ERIAR_MASK_0011, 0x0000, 0x1000, ERIAR_EXGMAC);
++
++	rtl_pcie_state_l2l3_enable(tp, false);
+ }
+ 
+ static void rtl_hw_start_8168g_2(struct rtl8169_private *tp)
+@@ -5536,6 +5555,8 @@ static void rtl_hw_start_8105e_1(struct rtl8169_private *tp)
+ 	RTL_W8(DLLPR, RTL_R8(DLLPR) | PFM_EN);
+ 
+ 	rtl_ephy_init(tp, e_info_8105e_1, ARRAY_SIZE(e_info_8105e_1));
++
++	rtl_pcie_state_l2l3_enable(tp, false);
+ }
+ 
+ static void rtl_hw_start_8105e_2(struct rtl8169_private *tp)
+@@ -5571,6 +5592,8 @@ static void rtl_hw_start_8402(struct rtl8169_private *tp)
+ 	rtl_eri_write(tp, 0xc0, ERIAR_MASK_0011, 0x0000, ERIAR_EXGMAC);
+ 	rtl_eri_write(tp, 0xb8, ERIAR_MASK_0011, 0x0000, ERIAR_EXGMAC);
+ 	rtl_w1w0_eri(tp, 0x0d4, ERIAR_MASK_0011, 0x0e00, 0xff00, ERIAR_EXGMAC);
++
++	rtl_pcie_state_l2l3_enable(tp, false);
+ }
+ 
+ static void rtl_hw_start_8106(struct rtl8169_private *tp)
+@@ -5583,6 +5606,8 @@ static void rtl_hw_start_8106(struct rtl8169_private *tp)
+ 	RTL_W32(MISC, (RTL_R32(MISC) | DISABLE_LAN_EN) & ~EARLY_TALLY_EN);
+ 	RTL_W8(MCU, RTL_R8(MCU) | EN_NDP | EN_OOB_RESET);
+ 	RTL_W8(DLLPR, RTL_R8(DLLPR) & ~PFM_EN);
++
++	rtl_pcie_state_l2l3_enable(tp, false);
+ }
+ 
+ static void rtl_hw_start_8101(struct net_device *dev)
+-- 
+1.8.5.2
+

src/patches/strongswan-5.1.2-5.2.1_modp_custom.patch

@@ -1,164 +0,0 @@
-From a78ecdd47509626711a13481f53696e01d4b8c62 Mon Sep 17 00:00:00 2001
-From: Tobias Brunner <tobias@strongswan.org>
-Date: Mon, 1 Dec 2014 17:21:59 +0100
-Subject: [PATCH] crypto: Define MODP_CUSTOM outside of IKE DH range
-
-Before this fix it was possible to crash charon with an IKE_SA_INIT
-message containing a KE payload with DH group MODP_CUSTOM(1025).
-Defining MODP_CUSTOM outside of the two byte IKE DH identifier range
-prevents it from getting negotiated.
-
-Fixes CVE-2014-9221 in version 5.1.2 and newer.
----
- src/charon-tkm/src/tkm/tkm_diffie_hellman.c                   |  2 +-
- src/libstrongswan/crypto/diffie_hellman.c                     | 11 ++++++-----
- src/libstrongswan/crypto/diffie_hellman.h                     |  6 ++++--
- src/libstrongswan/plugins/gcrypt/gcrypt_dh.c                  |  2 +-
- src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c            |  2 +-
- src/libstrongswan/plugins/ntru/ntru_ke.c                      |  2 +-
- src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c    |  2 +-
- src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c |  2 +-
- src/libstrongswan/plugins/pkcs11/pkcs11_dh.c                  |  2 +-
- 9 files changed, 17 insertions(+), 14 deletions(-)
-
-diff --git a/src/charon-tkm/src/tkm/tkm_diffie_hellman.c b/src/charon-tkm/src/tkm/tkm_diffie_hellman.c
-index 67db5e6d87d6..836e0b7f088d 100644
---- a/src/charon-tkm/src/tkm/tkm_diffie_hellman.c
-+++ b/src/charon-tkm/src/tkm/tkm_diffie_hellman.c
-@@ -41,7 +41,7 @@ struct private_tkm_diffie_hellman_t {
- 	/**
- 	 * Diffie Hellman group number.
- 	 */
--	u_int16_t group;
-+	diffie_hellman_group_t group;
- 
- 	/**
- 	 * Diffie Hellman public value.
-diff --git a/src/libstrongswan/crypto/diffie_hellman.c b/src/libstrongswan/crypto/diffie_hellman.c
-index bada1c529951..ac106e9c4d45 100644
---- a/src/libstrongswan/crypto/diffie_hellman.c
-+++ b/src/libstrongswan/crypto/diffie_hellman.c
-@@ -42,15 +42,16 @@ ENUM_NEXT(diffie_hellman_group_names, MODP_1024_160, ECP_512_BP, ECP_521_BIT,
- 	"ECP_256_BP",
- 	"ECP_384_BP",
- 	"ECP_512_BP");
--ENUM_NEXT(diffie_hellman_group_names, MODP_NULL, MODP_CUSTOM, ECP_512_BP,
--	"MODP_NULL",
--	"MODP_CUSTOM");
--ENUM_NEXT(diffie_hellman_group_names, NTRU_112_BIT, NTRU_256_BIT, MODP_CUSTOM,
-+ENUM_NEXT(diffie_hellman_group_names, MODP_NULL, MODP_NULL, ECP_512_BP,
-+	"MODP_NULL");
-+ENUM_NEXT(diffie_hellman_group_names, NTRU_112_BIT, NTRU_256_BIT, MODP_NULL,
- 	"NTRU_112",
- 	"NTRU_128",
- 	"NTRU_192",
- 	"NTRU_256");
--ENUM_END(diffie_hellman_group_names, NTRU_256_BIT);
-+ENUM_NEXT(diffie_hellman_group_names, MODP_CUSTOM, MODP_CUSTOM, NTRU_256_BIT,
-+	"MODP_CUSTOM");
-+ENUM_END(diffie_hellman_group_names, MODP_CUSTOM);
- 
- 
- /**
-diff --git a/src/libstrongswan/crypto/diffie_hellman.h b/src/libstrongswan/crypto/diffie_hellman.h
-index 105db22f14d4..d5161d077bb2 100644
---- a/src/libstrongswan/crypto/diffie_hellman.h
-+++ b/src/libstrongswan/crypto/diffie_hellman.h
-@@ -63,12 +63,14 @@ enum diffie_hellman_group_t {
- 	/** insecure NULL diffie hellman group for testing, in PRIVATE USE */
- 	MODP_NULL = 1024,
- 	/** MODP group with custom generator/prime */
--	MODP_CUSTOM = 1025,
- 	/** Parameters defined by IEEE 1363.1, in PRIVATE USE */
- 	NTRU_112_BIT = 1030,
- 	NTRU_128_BIT = 1031,
- 	NTRU_192_BIT = 1032,
--	NTRU_256_BIT = 1033
-+	NTRU_256_BIT = 1033,
-+	/** internally used DH group with additional parameters g and p, outside
-+	 * of PRIVATE USE (i.e. IKEv2 DH group range) so it can't be negotiated */
-+	MODP_CUSTOM = 65536,
- };
- 
- /**
-diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c b/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c
-index f418b941db86..299865da2e09 100644
---- a/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c
-+++ b/src/libstrongswan/plugins/gcrypt/gcrypt_dh.c
-@@ -35,7 +35,7 @@ struct private_gcrypt_dh_t {
- 	/**
- 	 * Diffie Hellman group number
- 	 */
--	u_int16_t group;
-+	diffie_hellman_group_t group;
- 
- 	/*
- 	 * Generator value
-diff --git a/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c b/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c
-index b74d35169f44..9936f7e4518f 100644
---- a/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c
-+++ b/src/libstrongswan/plugins/gmp/gmp_diffie_hellman.c
-@@ -42,7 +42,7 @@ struct private_gmp_diffie_hellman_t {
- 	/**
- 	 * Diffie Hellman group number.
- 	 */
--	u_int16_t group;
-+	diffie_hellman_group_t group;
- 
- 	/*
- 	 * Generator value.
-diff --git a/src/libstrongswan/plugins/ntru/ntru_ke.c b/src/libstrongswan/plugins/ntru/ntru_ke.c
-index abaa22336221..e64f32b91d0e 100644
---- a/src/libstrongswan/plugins/ntru/ntru_ke.c
-+++ b/src/libstrongswan/plugins/ntru/ntru_ke.c
-@@ -56,7 +56,7 @@ struct private_ntru_ke_t {
- 	/**
- 	 * Diffie Hellman group number.
- 	 */
--	u_int16_t group;
-+	diffie_hellman_group_t group;
- 
- 	/**
- 	 * NTRU Parameter Set
-diff --git a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c
-index ff3382473666..1e68ac59b838 100644
---- a/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c
-+++ b/src/libstrongswan/plugins/openssl/openssl_diffie_hellman.c
-@@ -38,7 +38,7 @@ struct private_openssl_diffie_hellman_t {
- 	/**
- 	 * Diffie Hellman group number.
- 	 */
--	u_int16_t group;
-+	diffie_hellman_group_t group;
- 
- 	/**
- 	 * Diffie Hellman object
-diff --git a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
-index b487d59a59a3..50853d6f0bde 100644
---- a/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
-+++ b/src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.c
-@@ -40,7 +40,7 @@ struct private_openssl_ec_diffie_hellman_t {
- 	/**
- 	 * Diffie Hellman group number.
- 	 */
--	u_int16_t group;
-+	diffie_hellman_group_t group;
- 
- 	/**
- 	 * EC private (public) key
-diff --git a/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c b/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c
-index 36cc284bf2b5..23b63d2386af 100644
---- a/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c
-+++ b/src/libstrongswan/plugins/pkcs11/pkcs11_dh.c
-@@ -47,7 +47,7 @@ struct private_pkcs11_dh_t {
- 	/**
- 	 * Diffie Hellman group number.
- 	 */
--	u_int16_t group;
-+	diffie_hellman_group_t group;
- 
- 	/**
- 	 * Handle for own private value
--- 
-1.9.1
-