bpfire

mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-28 11:43:25 +02:00

Author	SHA1	Message	Date
Peter Müller	c2749c1bed	kernel: disable CONFIG_USELIB on x86_64 and i586(-pae) > This option enables the uselib syscall a system call used in the dynamic > linker from libc5 and earlier. glibc does not use this system call. If you > intend to run programs built on libc5 or earlier you may need to enable this > syscall. Current systems running glibc can safely disable this. In my point of view, the last sentence matches our situation. Fixes: #12379 Cc: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Acked-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-06-02 11:15:13 +00:00
Peter Müller	442a7f5ea2	Kernel: drop Memstick support These are not needed anymore since Sony announced EOL in 2010 and there is no legitimate use case for such hardware on a firewall system. Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-06-02 11:13:14 +00:00
Peter Müller	90ecad4f66	Kernel: drop bluetooth support The bluetooth addon was recently removed by commit `592be1d206`, which is why we do not need to carry the corresponding kernel modules around anymore. The second version of this patch correctly updates kernel configuration files via "make oldconfig" as requested by Arne. Cc: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org> Cc: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-06-02 11:12:58 +00:00
Arne Fitzenreiter	831ff05d89	kernel: enable and enforce signed kernel modules Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-02-06 15:09:52 +01:00
Arne Fitzenreiter	bf671bb2ae	kernel: update to 4.14.154 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-11-14 21:23:08 +00:00
Michael Tremer	951a9f9ba0	linux+iptables: Drop support for IMQ This is no longer needed since we are using IFB now Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Daniel Weismüller <daniel.weismueller@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-10-21 18:58:08 +00:00
Arne Fitzenreiter	c27fdd8697	Revert "linux+iptables: Drop support for IMQ" This reverts commit `59b9a6bd22`.	2019-10-20 20:20:26 +00:00
Arne Fitzenreiter	596c71d07f	kernel: update to 4.14.150 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-10-18 23:07:44 +02:00
Michael Tremer	59b9a6bd22	linux+iptables: Drop support for IMQ This is no longer needed since we are using IFB now Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-10-14 18:02:55 +00:00
Arne Fitzenreiter	69cf4f3065	kernel: update to 4.14.146 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-09-21 20:44:52 +02:00
Arne Fitzenreiter	3b415347bb	kernel: update to 4.14.137 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-08-07 20:38:25 +00:00
Arne Fitzenreiter	70590cef48	Kernel: update to 4.14.128 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-06-19 21:01:29 +02:00
Arne Fitzenreiter	716f00b116	kernel: update to 4.14.121 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-21 20:42:51 +02:00
Arne Fitzenreiter	16cb73d901	kernel: update to 4.14.120 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-17 07:10:52 +02:00
Arne Fitzenreiter	d099196501	kernel: update to 4.14.119 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-16 14:26:04 +02:00
Arne Fitzenreiter	5fa063f859	kernel: update to 4.14.112 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-04-17 22:30:19 +02:00
Arne Fitzenreiter	f2afd5e70d	kernel: update to 4.14.111 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-04-08 21:47:23 +02:00
Arne Fitzenreiter	aa20f1b277	kernel: update to 4.14.110 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-04-05 07:46:34 +02:00
Michael Tremer	48d3cde9ce	kernel: Disable some debugging in expactation to increase performance Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-04-01 21:58:23 +01:00
Michael Tremer	474a6a5978	kernel: Enable strict checks for /dev/mem Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-04-01 21:55:03 +01:00
Michael Tremer	30c33cb318	kernel: Enable debugging for Atheros drivers Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-03-16 12:36:03 +00:00
Michael Tremer	62bf7bd2b2	kernel: Enable DFS support for ath*k drivers Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-03-16 12:36:03 +00:00
Matthias Fischer	256070e92f	Added 'CONFIG_X86_MSR=y for 'powertop' to i586 and x86_64 builds for fixing #11997 Triggered by: https://forum.ipfire.org/viewtopic.php?f=69&t=22274 This - probably - fixes Bug #11997. Needs testing on 64bit installations! Best, Matthias Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-17 13:03:56 +00:00
Arne Fitzenreiter	329788dee5	kernel: update to 4.14.97 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-02-03 12:45:52 +01:00
Arne Fitzenreiter	503a6f155b	kernel: update to 4.14.94 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-01-22 07:41:18 +01:00
Arne Fitzenreiter	5ed864857a	kernel: disable FW_LOADER_USER_HELPER_FALLBACK newer (e)udev has dropped the support for this. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2018-11-18 14:33:45 +01:00
Arne Fitzenreiter	16c18024bb	kernel: compress kernel modules with xz Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2018-11-18 14:30:14 +01:00
Arne Fitzenreiter	bdf9df742c	kernel: update to 4.14.71 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2018-09-20 19:51:43 +02:00
Arne Fitzenreiter	924b48c789	kernel: update to 4.14.69 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2018-09-12 21:04:07 +02:00
Arne Fitzenreiter	6c9651f620	kernel: update to 4.14.43 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2018-05-24 07:40:22 +02:00
Arne Fitzenreiter	b69338e0e8	kernel: update to 4.14.38 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2018-04-30 12:26:30 +02:00
Arne Fitzenreiter	8718a67ec5	kernel: disable crng unseeded use message spamming there was a bug until 4.14.36 that this message are not printed at all now it work and spam the log at boot. For security it is is a nightmare to use unseeded random but we and the user cannot do anything. This is work for platform maintainers to get the crng working earlier. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2018-04-29 09:50:06 +02:00
Arne Fitzenreiter	a9203b4f5b	kernel: i586 enable cs5535 gpio module this modul is needed for alix led support Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2018-04-18 06:11:15 +02:00
Arne Fitzenreiter	96a2ff029e	kernel: update config disable isdn disable audit disable profiling on arm disable scsi driver on arm Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2018-04-11 18:36:57 +02:00
Arne Fitzenreiter	e5ef944d6e	kernel: update to 4.14.21 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2018-02-23 19:33:15 +01:00
Arne Fitzenreiter	c7a00111e0	kernel: update to 4.14.16 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2018-02-02 07:17:10 +01:00
Arne Fitzenreiter	b715af20c9	kernel: update to 4.14.13 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2018-01-10 22:20:33 +01:00
Arne Fitzenreiter	6d295033e1	kernel: update to 4.14.12 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2018-01-05 23:31:54 +01:00
Arne Fitzenreiter	f952832418	kernel: updated i586 config and rootfiles Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2017-11-26 09:32:47 +01:00
Arne Fitzenreiter	8b6380784c	kernel: enable Mellanox ConnectX-4 ethernet driver on i586 cfg and disable debug for older Mellanox cards. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2017-07-27 20:11:14 +02:00
Arne Fitzenreiter	ddc7b38cc0	kernel: fix and enable layer7 filter Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2017-03-06 13:36:53 +01:00
Arne Fitzenreiter	60661dddae	kernel: update to 4.9.12 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2017-02-25 15:08:29 +01:00
Arne Fitzenreiter	3089fc4723	kernel: updated i586 config and rootfiles Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2017-02-18 18:21:49 +01:00
Arne Fitzenreiter	7959134a55	kernel: disable amd ccp support ccp based trng of the apu2 produce none random data. Aes accleration is also not used because IPFire prefere AES-NI if this is supported. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2016-07-11 11:00:55 +02:00
Arne Fitzenreiter	484e62046e	kernel: update to 3.14.74 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2016-06-29 17:04:28 +02:00
Arne Fitzenreiter	545c15b0a1	kernel: add PC Engines(TM) APU2 LED driver	2016-03-26 10:15:45 +01:00
Arne Fitzenreiter	6fa34327dd	kernel: enable NFS_DEBUG fixes #11053	2016-03-14 18:04:38 +01:00
Arne Fitzenreiter	ee552b7e1a	kernel: update to 3.14.61 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2016-02-19 07:18:29 +01:00
Michael Tremer	857b2c795e	Improve hardening by using -fstack-protector-strong This functionality is now available for us since we updated to GCC 4.9 and just improves the stack smashing protector in GCC. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2016-01-18 22:26:23 +00:00
Arne Fitzenreiter	905d1afd4e	kernel: disable RANDSTRUCT RANDSRUCT is incompatible with ccache build. fixes #10905 fixes #11012 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2016-01-13 07:24:34 +01:00

1 2 3 4

191 Commits