diff options
Diffstat (limited to 'target/linux/generic/pending-6.6')
6 files changed, 37 insertions, 6 deletions
diff --git a/target/linux/generic/pending-6.6/610-netfilter_match_bypass_default_checks.patch b/target/linux/generic/pending-6.6/610-netfilter_match_bypass_default_checks.patch index 67dcf25a0d..0717c4dc1f 100644 --- a/target/linux/generic/pending-6.6/610-netfilter_match_bypass_default_checks.patch +++ b/target/linux/generic/pending-6.6/610-netfilter_match_bypass_default_checks.patch @@ -91,7 +91,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name> for (i = sizeof(struct ipt_entry); i < e->target_offset; i += m->u.match_size) { -@@ -1221,12 +1258,15 @@ compat_copy_entry_to_user(struct ipt_ent +@@ -1223,12 +1260,15 @@ compat_copy_entry_to_user(struct ipt_ent compat_uint_t origsize; const struct xt_entry_match *ematch; int ret = 0; diff --git a/target/linux/generic/pending-6.6/655-increase_skb_pad.patch b/target/linux/generic/pending-6.6/655-increase_skb_pad.patch index 3e13511e8b..1cdf81afa4 100644 --- a/target/linux/generic/pending-6.6/655-increase_skb_pad.patch +++ b/target/linux/generic/pending-6.6/655-increase_skb_pad.patch @@ -9,7 +9,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name> --- a/include/linux/skbuff.h +++ b/include/linux/skbuff.h -@@ -3041,7 +3041,7 @@ static inline int pskb_network_may_pull( +@@ -3036,7 +3036,7 @@ static inline int pskb_network_may_pull( * NET_IP_ALIGN(2) + ethernet_header(14) + IP_header(20/40) + ports(8) */ #ifndef NET_SKB_PAD diff --git a/target/linux/generic/pending-6.6/680-NET-skip-GRO-for-foreign-MAC-addresses.patch b/target/linux/generic/pending-6.6/680-NET-skip-GRO-for-foreign-MAC-addresses.patch index b1f517d17a..0859e217cd 100644 --- a/target/linux/generic/pending-6.6/680-NET-skip-GRO-for-foreign-MAC-addresses.patch +++ b/target/linux/generic/pending-6.6/680-NET-skip-GRO-for-foreign-MAC-addresses.patch @@ -22,7 +22,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name> #endif --- a/include/linux/skbuff.h +++ b/include/linux/skbuff.h -@@ -964,6 +964,7 @@ struct sk_buff { +@@ -959,6 +959,7 @@ struct sk_buff { #ifdef CONFIG_IPV6_NDISC_NODETYPE __u8 ndisc_nodetype:2; #endif @@ -32,7 +32,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name> __u8 ipvs_property:1; --- a/net/core/gro.c +++ b/net/core/gro.c -@@ -445,6 +445,9 @@ static enum gro_result dev_gro_receive(s +@@ -446,6 +446,9 @@ static enum gro_result dev_gro_receive(s enum gro_result ret; int same_flow; diff --git a/target/linux/generic/pending-6.6/701-netfilter-nf_tables-ignore-EOPNOTSUPP-on-flowtable-d.patch b/target/linux/generic/pending-6.6/701-netfilter-nf_tables-ignore-EOPNOTSUPP-on-flowtable-d.patch index c3d92da5f9..e54dcdadbb 100644 --- a/target/linux/generic/pending-6.6/701-netfilter-nf_tables-ignore-EOPNOTSUPP-on-flowtable-d.patch +++ b/target/linux/generic/pending-6.6/701-netfilter-nf_tables-ignore-EOPNOTSUPP-on-flowtable-d.patch @@ -18,7 +18,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name> --- a/net/netfilter/nf_tables_api.c +++ b/net/netfilter/nf_tables_api.c -@@ -8221,7 +8221,7 @@ static int nft_register_flowtable_net_ho +@@ -8260,7 +8260,7 @@ static int nft_register_flowtable_net_ho err = flowtable->data.type->setup(&flowtable->data, hook->ops.dev, FLOW_BLOCK_BIND); diff --git a/target/linux/generic/pending-6.6/768-net-dsa-mv88e6xxx-Request-assisted-learning-on-CPU-port.patch b/target/linux/generic/pending-6.6/768-net-dsa-mv88e6xxx-Request-assisted-learning-on-CPU-port.patch index 332d7e721a..d11e0eda66 100644 --- a/target/linux/generic/pending-6.6/768-net-dsa-mv88e6xxx-Request-assisted-learning-on-CPU-port.patch +++ b/target/linux/generic/pending-6.6/768-net-dsa-mv88e6xxx-Request-assisted-learning-on-CPU-port.patch @@ -17,7 +17,7 @@ Signed-off-by: Tobias Waldekranz <tobias@waldekranz.com> --- a/drivers/net/dsa/mv88e6xxx/chip.c +++ b/drivers/net/dsa/mv88e6xxx/chip.c -@@ -6883,6 +6883,7 @@ static int mv88e6xxx_register_switch(str +@@ -6887,6 +6887,7 @@ static int mv88e6xxx_register_switch(str ds->ops = &mv88e6xxx_switch_ops; ds->ageing_time_min = chip->info->age_time_coeff; ds->ageing_time_max = chip->info->age_time_coeff * U8_MAX; diff --git a/target/linux/generic/pending-6.6/981-gcc-plugins-stackleak-Avoid-.head.txt.section.patch b/target/linux/generic/pending-6.6/981-gcc-plugins-stackleak-Avoid-.head.txt.section.patch new file mode 100644 index 0000000000..74b2fb5b8e --- /dev/null +++ b/target/linux/generic/pending-6.6/981-gcc-plugins-stackleak-Avoid-.head.txt.section.patch @@ -0,0 +1,31 @@ +From e7d24c0aa8e678f41457d1304e2091cac6fd1a2e Mon Sep 17 00:00:00 2001 +From: Ard Biesheuvel <ardb@kernel.org> +Date: Thu, 28 Mar 2024 07:42:57 +0100 +Subject: gcc-plugins/stackleak: Avoid .head.text section + +The .head.text section carries the startup code that runs with the MMU +off or with a translation of memory that deviates from the ordinary one. +So avoid instrumentation with the stackleak plugin, which already avoids +.init.text and .noinstr.text entirely. + +Fixes: 48204aba801f1b51 ("x86/sme: Move early SME kernel encryption handling into .head.text") +Reported-by: kernel test robot <oliver.sang@intel.com> +Closes: https://lore.kernel.org/oe-lkp/202403221630.2692c998-oliver.sang@intel.com +Signed-off-by: Ard Biesheuvel <ardb@kernel.org> +Link: https://lore.kernel.org/r/20240328064256.2358634-2-ardb+git@google.com +Signed-off-by: Kees Cook <keescook@chromium.org> +--- + scripts/gcc-plugins/stackleak_plugin.c | 2 ++ + 1 file changed, 2 insertions(+) + +--- a/scripts/gcc-plugins/stackleak_plugin.c ++++ b/scripts/gcc-plugins/stackleak_plugin.c +@@ -467,6 +467,8 @@ static bool stackleak_gate(void) + return false; + if (STRING_EQUAL(section, ".entry.text")) + return false; ++ if (STRING_EQUAL(section, ".head.text")) ++ return false; + } + + return track_frame_size >= 0; |