bpfire

mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-14 13:02:58 +02:00

Author	SHA1	Message	Date
Arne Fitzenreiter	8c43d1481a	kernel: update to 6.6.15 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2024-02-02 07:52:09 +00:00
Peter Müller	bca096b453	linux: Forbid legacy TIOCSTI usage To quote from the kernel documentation: > Historically the kernel has allowed TIOCSTI, which will push > characters into a controlling TTY. This continues to be used > as a malicious privilege escalation mechanism, and provides no > meaningful real-world utility any more. Its use is considered > a dangerous legacy operation, and can be disabled on most > systems. > > Say Y here only if you have confirmed that your system's > userspace depends on this functionality to continue operating > normally. > > Processes which run with CAP_SYS_ADMIN, such as BRLTTY, can > use TIOCSTI even when this is set to N. > > This functionality can be changed at runtime with the > dev.tty.legacy_tiocsti sysctl. This configuration option sets > the default value of the sysctl. This patch therefore proposes to no longer allow legacy TIOCSTI usage in IPFire, given its security implications and the apparent lack of legitimate usage. Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2024-01-16 15:46:37 +00:00
Arne Fitzenreiter	a2af8c7186	kernel: aarch64: enable CONFIG_SHADOW_CALL_STACK Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2024-01-10 06:26:25 +00:00
Arne Fitzenreiter	941190cb3a	kernel: update to 6.6.3 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>	2023-12-05 17:17:35 +00:00
Arne Fitzenreiter	95f9d9350d	kernel: update to 6.6.2 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2023-12-05 17:15:48 +00:00
Arne Fitzenreiter	1d1694c7e5	kernel: update aarch64 rootfile Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2023-10-27 08:43:41 +00:00
Arne Fitzenreiter	554e339b9e	kernel: update to 6.1.57 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2023-10-13 08:13:12 +00:00
Arne Fitzenreiter	e275a07b67	kernel: update to 6.1.56 this also builds the dtb files on riscv64 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2023-10-09 08:13:02 +00:00
Arne Fitzenreiter	14bd32221e	kernel: update to 6.1.52 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2023-09-28 09:29:23 +00:00
Arne Fitzenreiter	162a068448	kernel: update to 6.1.45 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2023-08-11 23:25:37 +02:00
Arne Fitzenreiter	f6615f3025	kernel: fix rootfile Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2023-07-21 09:34:09 +00:00
Arne Fitzenreiter	1a44c7a638	kernel: update to 6.1.37 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>	2023-07-09 14:57:38 +00:00
Arne Fitzenreiter	25aa552258	kernel: update to 6.1.30 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2023-05-30 09:21:34 +00:00
Arne Fitzenreiter	6a005bd9aa	kernel: update to 6.1.28 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2023-05-16 18:53:01 +00:00
Peter Müller	ccd793b360	linux: Update rootfiles Signed-off-by: Peter Müller <peter.mueller@ipfire.org>	2023-05-12 18:29:27 +00:00
Arne Fitzenreiter	edb153e209	kernel: arm64 rootfile update Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2023-05-02 19:36:25 +00:00
Arne Fitzenreiter	2b1a701ec4	kernel: add OrangePi R1 Plus LTS Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2023-05-02 19:33:16 +00:00
Peter Müller	87e90e2164	Fix typo in aarch64 linux rootfile Signed-off-by: Peter Müller <peter.mueller@ipfire.org>	2023-04-24 19:01:24 +00:00
Arne Fitzenreiter	acb3aa6abd	kernel: add nanopi r2c patches https://git.ipfire.org/?p=people/arne_f/kernel.git;a=commit;h=4a06c119e0065bf8794a98bd21a71ff6236d32d1 https://git.ipfire.org/?p=people/arne_f/kernel.git;a=commit;h=716f69f11cf3bf328453cc3e284d5bce7feb9a0e Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2023-04-24 19:00:45 +00:00
Peter Müller	2223cafa37	linux: Update aarch64 rootfile Signed-off-by: Peter Müller <peter.mueller@ipfire.org>	2023-03-05 14:22:28 +00:00
Michael Tremer	ec83fe38a3	Rootfile update for ARM Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2023-02-07 11:30:08 +00:00
Arne Fitzenreiter	3e066f550b	kernel: update rootfiles and config Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2023-01-15 09:19:25 +00:00
Arne Fitzenreiter	6535255270	kernel: update to 6.1.3 the kernel-6.1.x series should be the next lts series...	2023-01-08 10:08:33 +00:00
Peter Müller	5f2d660967	linux: Align ARM rootfiles and configurations Signed-off-by: Peter Müller <peter.mueller@ipfire.org>	2023-01-05 10:11:01 +00:00
Peter Müller	abb185bf5a	linux: Align configurations and rootfiles for ARM Signed-off-by: Peter Müller <peter.mueller@ipfire.org>	2022-09-21 13:36:59 +00:00
Peter Müller	893427ad8b	linux: Update rootfiles Signed-off-by: Peter Müller <peter.mueller@ipfire.org>	2022-08-04 12:11:53 +00:00
Peter Müller	ef439b6871	linux: Update rootfiles to reflect dropped support of dprintk See: `883e29630c` Signed-off-by: Peter Müller <peter.mueller@ipfire.org>	2022-08-03 10:54:07 +00:00
Peter Müller	de7a483f6a	linux: Update aarch64 rootfile Signed-off-by: Peter Müller <peter.mueller@ipfire.org>	2022-08-02 15:22:15 +00:00
Peter Müller	7caecf45fb	linux: Give CONFIG_RANDOMIZE_BASE on aarch64 another try Quoted from https://capsule8.com/blog/kernel-configuration-glossary/: > Significance: Critical > > In support of Kernel Address Space Layout Randomization (KASLR) this randomizes > the physical address at which the kernel image is decompressed and the virtual > address where the kernel image is mapped as a security feature that deters > exploit attempts relying on knowledge of the location of kernel code internals. We tried to enable this back in 2020, and failed. Since then, things may have been improved, so let's give this low-hanging fruit another try. Fixes: #12363 Signed-off-by: Peter Müller <peter.mueller@ipfire.org>	2022-08-01 10:20:20 +00:00
Peter Müller	861080834d	linux: Update ARM rootfiles Signed-off-by: Peter Müller <peter.mueller@ipfire.org>	2022-07-29 17:09:56 +00:00
Peter Müller	5991f39282	linux: Update rootfiles to reflect /dev mount option change Signed-off-by: Peter Müller <peter.mueller@ipfire.org>	2022-06-27 17:30:47 +00:00
Peter Müller	d9aece2af9	linux: Update rootfile Signed-off-by: Peter Müller <peter.mueller@ipfire.org>	2022-06-23 06:44:09 +00:00
Peter Müller	d819a62b14	linux: Update rootfiles Signed-off-by: Peter Müller <peter.mueller@ipfire.org>	2022-06-13 20:45:51 +00:00
Peter Müller	db8639bbfa	linux: Update to 5.15.46 Please refer to https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.46 for the changelog of this version. Due to operational constraints, ARM rootfile changes are simulated. Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>	2022-06-13 15:38:42 +00:00
Arne Fitzenreiter	9fa01e4276	kernel: update to 5.15.35 in kernel 5.15.32 the driver for ATH9K wlan cards is unstable. This is one of the most used cards so we need this update before releasing core167 final. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2022-04-22 12:48:32 +00:00
Arne Fitzenreiter	f1b0673572	kernel: arm rootfile update Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2022-04-10 09:42:16 +02:00
Peter Müller	3f65e4996b	kernel: Align rootfile again due to forgotten hardening patch Signed-off-by: Peter Müller <peter.mueller@ipfire.org>	2022-04-06 20:18:22 +00:00
Peter Müller	4fb7569811	linux: Update rootfile to reflect kernel hardening changes Signed-off-by: Peter Müller <peter.mueller@ipfire.org>	2022-04-05 08:42:00 +00:00
Arne Fitzenreiter	a17f1fbbe2	kernel: update to 5.15.23 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2022-02-12 07:03:49 +00:00
Arne Fitzenreiter	f978b433e6	kernel: aarch64: enable armv8 optimized crypto Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2022-02-11 17:36:01 +00:00
Arne Fitzenreiter	70c57ed33e	kernel: update to 5.15.21 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2022-02-06 14:09:43 +00:00
Arne Fitzenreiter	d68f875d61	kernel: enable support for compressed firmwares Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2022-01-28 14:44:03 +00:00
Arne Fitzenreiter	e385c965fa	kernel: aarch64 enable KVM support Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2022-01-28 11:24:44 +00:00
Arne Fitzenreiter	521e8aa99d	kernel: aarch64 enable ath5k wlan driver Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-11-20 23:38:06 +00:00
Arne Fitzenreiter	c460b2652d	kernel: aarch64 rootfile update Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-11-11 18:18:49 +00:00
Arne Fitzenreiter	58f6264fa4	kernel: update to 5.10.71 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-10-10 06:46:25 +00:00
Arne Fitzenreiter	13e001f5c2	kernel: config for nanopi r2s some drivers does nozt work as module so they are now compiled into main kernel Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-10-08 19:54:29 +00:00
Arne Fitzenreiter	9d20b293b8	kernel: arm rootfile update Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-09-26 08:40:32 +00:00
Arne Fitzenreiter	f696f419ad	kernel: update to 5.10.46 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:40 +02:00
Arne Fitzenreiter	09951f8b0f	kernel: aarch64: enable pcie-brcmstb and brcm2711-thermal for RPi4 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:38 +02:00

1 2

78 Commits