bpfire

mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-20 07:53:01 +02:00

Author	SHA1	Message	Date
Arne Fitzenreiter	663ab267ba	kernel: update to 5.10.42 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:38 +02:00
Arne Fitzenreiter	e9692dd548	kernel: update to 5.10.41 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:38 +02:00
Arne Fitzenreiter	adea4dde18	kernel: update to 5.10.40 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:38 +02:00
Arne Fitzenreiter	b358af5bfe	kernel: update to 5.10.39 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:38 +02:00
Arne Fitzenreiter	5235ab4817	kernel: update to 5.10.38 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:38 +02:00
Arne Fitzenreiter	5a27051fc2	kernel: update to 5.10.37 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:38 +02:00
Arne Fitzenreiter	b75dd327fd	kernel: update to 5.10.32 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:38 +02:00
Arne Fitzenreiter	dda381ce2d	kernel: update to 5.10.28 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:38 +02:00
Arne Fitzenreiter	b9475fe009	kernel: update to 5.10.24 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:37 +02:00
Arne Fitzenreiter	82b0e0f13d	kernel: x86* disable alg modules the application layer gateway modules can used to bypass the nat via nat slipstreaming. I had disabled all of them. If one is really needed we can reenable it later. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:37 +02:00
Arne Fitzenreiter	0966058161	kernel: fix leds on geos and alix the platform driver cannot register the leds if GPIO_CS5535 is compiled as module Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:37 +02:00
Arne Fitzenreiter	18a43dc673	kernel: enable PREEMPT_VOLUNTARY and set timer to 100HZ Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:36 +02:00
Michael Tremer	5c8b5c3923	kernel: Enable BBR as default TCP congestion algorithm This will increase throughput since BBR is more modern and adjusted to the nowadays version of the Internet whereas Cubic is more conservative and might not always fully saturate the downlink. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2021-07-05 07:42:36 +02:00
Michael Tremer	13eab1060d	kernel: Trust the randomness from the CPU This will allow the kernel to seed its CRNG using RDSEED or RDRAND. During the boot process, it is required that the CRNG is being initialised, but it may take some long time on systems that do not have a random number generator. This is the default for various other distributions like Debian. Signed-off-by: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2021-07-05 07:42:36 +02:00
Michael Tremer	904386624c	kernel: Compile RNG drivers into the kernel The kernel will try to gather entropy really early in the boot process where those device drivers might not have been loaded yet. They are small and can therefore be compiled into the kernel like we already do on ARM. Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2021-07-05 07:42:36 +02:00
Arne Fitzenreiter	c062c7700f	kernel: update to 5.10.5 todo: add armv5tel and aarch64 config and rootfiles. Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2021-07-05 07:42:36 +02:00
Arne Fitzenreiter	10ce44b0c6	kernel: update to 4.14.232 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2021-05-16 11:58:42 +00:00
Arne Fitzenreiter	7e27f7cdc1	kernel: update to 4.14.229 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org> Reviewed-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2021-04-10 13:40:01 +00:00
Arne Fitzenreiter	2e1bf458e2	kernel: update to 4.14.206 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-11-12 09:02:02 +01:00
Arne Fitzenreiter	ce9f979c01	kernel: update to 4.14.195 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-08-31 06:58:32 +02:00
Arne Fitzenreiter	f3a59d63e2	kernel: update to 4.14.184 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-06-12 16:04:48 +02:00
Peter Müller	92e828b3b0	kernel: disable CONFIG_UPROBES Quoted from #12433: > Uprobes is the user-space counterpart to kprobes: they enable instrumentation > applications (such as 'perf probe') to establish unintrusive probes in > user-space binaries and libraries, by executing handler functions when the > probes are hit by user-space applications. > > ( These probes come in the form of single-byte breakpoints, managed by the > kernel and kept transparent to the probed application. ) IMHO this can be safely disabled, as there is little if any need to debug userspace programs _that_ deeply on an IPFire machine. Fixes: #12433 Cc: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-06-10 15:18:36 +00:00
Arne Fitzenreiter	325a2680c8	kernel: fix diabling CONFIG_MODFIFY_LDT_SYSCALL Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-06-10 16:21:49 +02:00
Peter Müller	d7174d7c3a	kernel: disable CONFIG_ACPI_CUSTOM_METHOD on x86_64 and i586 This is dangerous as it allows replacing the running kernel without rebooting. Kernel Self Protection Project people recommend to keep it disabled. Fixes: #12372 Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-06-08 21:22:32 +00:00
Peter Müller	b1f24c4353	kernel: disable CONFIG_MODIFY_LDT_SYSCALL on i586 and x86_64 Fixes: #12382 Cc: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-06-08 21:22:05 +00:00
Arne Fitzenreiter	a43b370411	kernel: update to 4.14.183 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-06-04 08:37:00 +02:00
Peter Müller	e6514b3af8	kernel: disable CONFIG_DEBUG_LIST on i586(-pae) Fixes: #12378 Cc: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Acked-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-06-02 11:15:51 +00:00
Peter Müller	c2749c1bed	kernel: disable CONFIG_USELIB on x86_64 and i586(-pae) > This option enables the uselib syscall a system call used in the dynamic > linker from libc5 and earlier. glibc does not use this system call. If you > intend to run programs built on libc5 or earlier you may need to enable this > syscall. Current systems running glibc can safely disable this. In my point of view, the last sentence matches our situation. Fixes: #12379 Cc: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Acked-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-06-02 11:15:13 +00:00
Peter Müller	442a7f5ea2	Kernel: drop Memstick support These are not needed anymore since Sony announced EOL in 2010 and there is no legitimate use case for such hardware on a firewall system. Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-06-02 11:13:14 +00:00
Peter Müller	90ecad4f66	Kernel: drop bluetooth support The bluetooth addon was recently removed by commit `592be1d206`, which is why we do not need to carry the corresponding kernel modules around anymore. The second version of this patch correctly updates kernel configuration files via "make oldconfig" as requested by Arne. Cc: Arne Fitzenreiter <arne.fitzenreiter@ipfire.org> Cc: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Peter Müller <peter.mueller@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-06-02 11:12:58 +00:00
Arne Fitzenreiter	831ff05d89	kernel: enable and enforce signed kernel modules Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2020-02-06 15:09:52 +01:00
Arne Fitzenreiter	bf671bb2ae	kernel: update to 4.14.154 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-11-14 21:23:08 +00:00
Michael Tremer	951a9f9ba0	linux+iptables: Drop support for IMQ This is no longer needed since we are using IFB now Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Daniel Weismüller <daniel.weismueller@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-10-21 18:58:08 +00:00
Arne Fitzenreiter	c27fdd8697	Revert "linux+iptables: Drop support for IMQ" This reverts commit `59b9a6bd22`.	2019-10-20 20:20:26 +00:00
Arne Fitzenreiter	596c71d07f	kernel: update to 4.14.150 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-10-18 23:07:44 +02:00
Michael Tremer	59b9a6bd22	linux+iptables: Drop support for IMQ This is no longer needed since we are using IFB now Signed-off-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-10-14 18:02:55 +00:00
Arne Fitzenreiter	69cf4f3065	kernel: update to 4.14.146 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-09-21 20:44:52 +02:00
Arne Fitzenreiter	3b415347bb	kernel: update to 4.14.137 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-08-07 20:38:25 +00:00
Arne Fitzenreiter	70590cef48	Kernel: update to 4.14.128 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-06-19 21:01:29 +02:00
Arne Fitzenreiter	716f00b116	kernel: update to 4.14.121 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-21 20:42:51 +02:00
Arne Fitzenreiter	16cb73d901	kernel: update to 4.14.120 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-17 07:10:52 +02:00
Arne Fitzenreiter	d099196501	kernel: update to 4.14.119 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-05-16 14:26:04 +02:00
Arne Fitzenreiter	5fa063f859	kernel: update to 4.14.112 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-04-17 22:30:19 +02:00
Arne Fitzenreiter	f2afd5e70d	kernel: update to 4.14.111 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-04-08 21:47:23 +02:00
Arne Fitzenreiter	aa20f1b277	kernel: update to 4.14.110 Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>	2019-04-05 07:46:34 +02:00
Michael Tremer	48d3cde9ce	kernel: Disable some debugging in expactation to increase performance Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-04-01 21:58:23 +01:00
Michael Tremer	474a6a5978	kernel: Enable strict checks for /dev/mem Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-04-01 21:55:03 +01:00
Michael Tremer	30c33cb318	kernel: Enable debugging for Atheros drivers Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-03-16 12:36:03 +00:00
Michael Tremer	62bf7bd2b2	kernel: Enable DFS support for ath*k drivers Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-03-16 12:36:03 +00:00
Matthias Fischer	256070e92f	Added 'CONFIG_X86_MSR=y for 'powertop' to i586 and x86_64 builds for fixing #11997 Triggered by: https://forum.ipfire.org/viewtopic.php?f=69&t=22274 This - probably - fixes Bug #11997. Needs testing on 64bit installations! Best, Matthias Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org> Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>	2019-02-17 13:03:56 +00:00

1 2 3 4

168 Commits