bpfire

mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-10 02:55:55 +02:00

Author	SHA1	Message	Date
Arne Fitzenreiter	efafef1663	kernel: armv5tel remove "-multi" config we have only this kernel left so remove the extension Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:38 +02:00
Arne Fitzenreiter	09951f8b0f	kernel: aarch64: enable pcie-brcmstb and brcm2711-thermal for RPi4 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:38 +02:00
Arne Fitzenreiter	663ab267ba	kernel: update to 5.10.42 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:38 +02:00
Arne Fitzenreiter	e9692dd548	kernel: update to 5.10.41 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:38 +02:00
Arne Fitzenreiter	adea4dde18	kernel: update to 5.10.40 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:38 +02:00
Arne Fitzenreiter	b358af5bfe	kernel: update to 5.10.39 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:38 +02:00
Arne Fitzenreiter	5235ab4817	kernel: update to 5.10.38 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:38 +02:00
Arne Fitzenreiter	5a27051fc2	kernel: update to 5.10.37 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:38 +02:00
Arne Fitzenreiter	b75dd327fd	kernel: update to 5.10.32 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:38 +02:00
Arne Fitzenreiter	40c37f301c	kernel: update to 5.10.30 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:38 +02:00
Arne Fitzenreiter	dda381ce2d	kernel: update to 5.10.28 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:38 +02:00
Arne Fitzenreiter	acbf402821	kernel: update to 5.10.27 Signen-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:38 +02:00
Arne Fitzenreiter	170b4f5bf3	kernel: update to 5.10.26 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:37 +02:00
Arne Fitzenreiter	09ddf00f20	kernel: update to 5.10.25 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:37 +02:00
Arne Fitzenreiter	b9475fe009	kernel: update to 5.10.24 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:37 +02:00
Arne Fitzenreiter	9d1bffe083	kernel: arm* disable alg modules Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:37 +02:00
Arne Fitzenreiter	ca46fa4df4	kernel: arm* oldconfig Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:37 +02:00
Arne Fitzenreiter	ff5db7732c	kernel: arm* enable UAS for USB storage this is needed for newer USB enclosures to support trim and get better speed. (already enabled on x86*) Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:37 +02:00
Arne Fitzenreiter	82b0e0f13d	kernel: x86* disable alg modules the application layer gateway modules can used to bypass the nat via nat slipstreaming. I had disabled all of them. If one is really needed we can reenable it later. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:37 +02:00
Arne Fitzenreiter	0966058161	kernel: fix leds on geos and alix the platform driver cannot register the leds if GPIO_CS5535 is compiled as module Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:37 +02:00
Arne Fitzenreiter	7d9d6e7b03	kernel: update aarch64 config and rootfiles Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:37 +02:00
Arne Fitzenreiter	d4befb6fa1	kernel: update armv5tel config and rootfiles Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:36 +02:00
Arne Fitzenreiter	18a43dc673	kernel: enable PREEMPT_VOLUNTARY and set timer to 100HZ Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:36 +02:00
Michael Tremer	5c8b5c3923	kernel: Enable BBR as default TCP congestion algorithm This will increase throughput since BBR is more modern and adjusted to the nowadays version of the Internet whereas Cubic is more conservative and might not always fully saturate the downlink. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2021-07-05 07:42:36 +02:00
Michael Tremer	028aaf3864	kernel: Enable DMA engines on x86_64 Those are already enabled as modules in i586. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2021-07-05 07:42:36 +02:00
Michael Tremer	13eab1060d	kernel: Trust the randomness from the CPU This will allow the kernel to seed its CRNG using RDSEED or RDRAND. During the boot process, it is required that the CRNG is being initialised, but it may take some long time on systems that do not have a random number generator. This is the default for various other distributions like Debian. Signed-off-by: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2021-07-05 07:42:36 +02:00
Michael Tremer	904386624c	kernel: Compile RNG drivers into the kernel The kernel will try to gather entropy really early in the boot process where those device drivers might not have been loaded yet. They are small and can therefore be compiled into the kernel like we already do on ARM. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2021-07-05 07:42:36 +02:00
Arne Fitzenreiter	c062c7700f	kernel: update to 5.10.5 todo: add armv5tel and aarch64 config and rootfiles. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:36 +02:00
Arne Fitzenreiter	10ce44b0c6	kernel: update to 4.14.232 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2021-05-16 11:58:42 +00:00
Arne Fitzenreiter	7885b1509c	kernel: update to 4.14.230 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2021-04-12 09:37:17 +00:00
Arne Fitzenreiter	7e27f7cdc1	kernel: update to 4.14.229 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2021-04-10 13:40:01 +00:00
Arne Fitzenreiter	2e1bf458e2	kernel: update to 4.14.206 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-11-12 09:02:02 +01:00
Arne Fitzenreiter	0163c62dee	kernel: aarch64: enable ahci this is needed to boot on ESXi on arm. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2020-11-11 11:50:12 +00:00
Arne Fitzenreiter	73f4e7b4c6	kernel: aarch64: disable SSDT_OVERLAYS this option was visible by enabling ACPI and is enabled by default but adds an attacking vector. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-09-18 05:23:18 +00:00
Mathew McBride	e29125d52f	kernel: enable ACPI support on ARM64 ACPI (with EFI) is used on ARM systems conforming to the Server Base Boot Requirements (SBBR) and is an optional on embedded systems (EBBR). Up to now the ARM64 boards supported by IPFire use U-Boot and device tree so ACPI was not turned on. The immediate use case here is to run under virtualization, using my muvirt project[1] I can run IPFire on our Traverse Ten64 system. For reasons I'll explain separately it is not currently possible to run stock IPFire on this system. This change also enables the EFI RTC driver which is presented by the qemu arm64 virt machine. Signed-off-by: Mathew McBride <matt@traverse.com.au> [1] - https://gitlab.com/traversetech/muvirt Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-09-17 18:50:35 +00:00
Arne Fitzenreiter	ce9f979c01	kernel: update to 4.14.195 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-08-31 06:58:32 +02:00
Arne Fitzenreiter	f3a59d63e2	kernel: update to 4.14.184 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-06-12 16:04:48 +02:00
Peter Müller	92e828b3b0	kernel: disable CONFIG_UPROBES Quoted from #12433: > Uprobes is the user-space counterpart to kprobes: they enable instrumentation > applications (such as 'perf probe') to establish unintrusive probes in > user-space binaries and libraries, by executing handler functions when the > probes are hit by user-space applications. > > ( These probes come in the form of single-byte breakpoints, managed by the > kernel and kept transparent to the probed application. ) IMHO this can be safely disabled, as there is little if any need to debug userspace programs _that_ deeply on an IPFire machine. Fixes: #12433 Cc: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-06-10 15:18:36 +00:00
Peter Müller	a5e577d083	kernel: enable CONFIG_FORTIFY_SOURCE on armv5tel Partially fixes: #12369 Cc: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-06-10 15:17:40 +00:00
Peter Müller	3eb393ff2e	kernel: enable CONFIG_FORTIFY_SOUCRE on aarch64 Partially fixes: #12369 Cc: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-06-10 15:17:24 +00:00
Peter Müller	4ee87ee248	kernel: enable CONFIG_SLUB_DEBUG on aarch64 and armv5tel Fixes: #12377 Cc: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-06-10 15:16:57 +00:00
Arne Fitzenreiter	325a2680c8	kernel: fix diabling CONFIG_MODFIFY_LDT_SYSCALL Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-06-10 16:21:49 +02:00
Arne Fitzenreiter	2b51e4aeab	Revert "kernel: enable CONFIG_RANDOMIZE_BASE on aarch64" with enabled CONFIG_RAMDOIZE_BASE the linking of xtables and maybee other external kernel modules fail on aarch64 This reverts commit `8379ab44b8`.	2020-06-10 16:20:34 +02:00
Peter Müller	e694bbd17f	kernel: enable CONFIG_RANDOMIZE_BASE on armv5tel Partially fixes: #12363 Cc: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-06-09 22:20:26 +00:00
Peter Müller	8379ab44b8	kernel: enable CONFIG_RANDOMIZE_BASE on aarch64 Partially fixes: #12363 Cc: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-06-09 22:19:50 +00:00
Peter Müller	e4d1f96869	kernel: enable CONFIG_HARDENED_USERCOPY on aarch64 and armv5tel Fixes: #12365 Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-06-09 15:37:33 +00:00
Peter Müller	7617da3bba	kernel: enable CONFIG_SECCOMP on aarch64 and armv5tel Fixes: #12366 Cc: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-06-08 21:22:44 +00:00
Peter Müller	d7174d7c3a	kernel: disable CONFIG_ACPI_CUSTOM_METHOD on x86_64 and i586 This is dangerous as it allows replacing the running kernel without rebooting. Kernel Self Protection Project people recommend to keep it disabled. Fixes: #12372 Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-06-08 21:22:32 +00:00
Peter Müller	b1f24c4353	kernel: disable CONFIG_MODIFY_LDT_SYSCALL on i586 and x86_64 Fixes: #12382 Cc: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-06-08 21:22:05 +00:00
Arne Fitzenreiter	a43b370411	kernel: update to 4.14.183 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-06-04 08:37:00 +02:00

1 2 3 4 5 ...

422 Commits