Update OpenWrt base

43ceba8c · Matthias Schiffer · d45b2def · 43ceba8c · d45b2def · d45b2def
Commit 43ceba8c authored 9 years ago by Matthias Schiffer
--- a/patches/openwrt/0050-x86-generic-enable-pata_atiixp-driver.patch
+++ b/patches/openwrt/0050-x86-generic-enable-pata_atiixp-driver.patch
--- a/patches/openwrt/0044-Revert-bzip2-extend-fix-the-Host-Install-rule-to-install-libbz2.so-files.patch
+++ b/patches/openwrt/0044-Revert-bzip2-extend-fix-the-Host-Install-rule-to-install-libbz2.so-files.patch
-From: Matthias Schiffer <mschiffer@universe-factory.net>
-Date: Tue, 8 Dec 2015 19:51:05 +0100
-Subject: Revert "bzip2: extend/fix the Host/Install rule to install libbz2.so files"
-This reverts commit f5ebfb02fc5f539e89393b8186f7ecd768402f12.
-diff --git a/package/utils/bzip2/Makefile b/package/utils/bzip2/Makefile
-index ba47cfb..e1c7b97 100644
--- a/package/utils/bzip2/Makefile
-+++ b/package/utils/bzip2/Makefile
-@@ -97,10 +97,9 @@ HOST_CONFIGURE_ARGS+= \
- 	--prefix=$(STAGING_DIR_HOST)
- define Host/Install
-	$(INSTALL_DIR) $(STAGING_DIR_HOST)/bin/ $(STAGING_DIR_HOST)/usr/lib
-+	$(INSTALL_DIR) $(STAGING_DIR_HOST)/bin/
- 	$(MAKE) -C $(HOST_BUILD_DIR) PREFIX=$(STAGING_DIR_HOST)/usr/ install
-	$(CP) $(HOST_BUILD_DIR)/libbz2.so* $(STAGING_DIR_HOST)/usr/lib/
-	$(CP) $(HOST_BUILD_DIR)/libbz2.so.1.0 $(STAGING_DIR_HOST)/usr/lib/libbz2.so
-+#	$(INSTALL_BIN) $(HOST_BUILD_DIR)/Parser/pgen $(STAGING_DIR_HOST)/bin/pgen2
- endef
- $(eval $(call HostBuild))
--- a/patches/openwrt/0045-ar71xx-another-fix-to-wndr3700_board_detect.patch
+++ b/patches/openwrt/0045-ar71xx-another-fix-to-wndr3700_board_detect.patch
-From: Matthias Schiffer <mschiffer@universe-factory.net>
-Date: Sat, 2 Jan 2016 23:36:25 +0100
-Subject: ar71xx: another fix to wndr3700_board_detect
-My last bugfix (r47538) introduced a new bug in wndr3700_board_detect
-(again...).
-Assigning the result of ar71xx_get_mtd_offset_size_format to the model
-variable before stripping of garbage using awk will cause all NUL bytes to
-be removed before awk is applied, leading to model strings like
-"NETGEAR WNDRMACv2NETGEAR", where a NUL byte after the v2 is supposed to
-terminate the string.
-Fix by calling ar71xx_get_mtd_offset_size_format twice, once piping to awk
-directly.
-diff --git a/target/linux/ar71xx/base-files/lib/ar71xx.sh b/target/linux/ar71xx/base-files/lib/ar71xx.sh
-index daebaa4..d0abf42 100755
--- a/target/linux/ar71xx/base-files/lib/ar71xx.sh
-+++ b/target/linux/ar71xx/base-files/lib/ar71xx.sh
-@@ -39,7 +39,7 @@ wndr3700_board_detect() {
- 	"33373031")
- 		model="$(ar71xx_get_mtd_offset_size_format art 41 32 %c)"
- 		# Use awk to remove everything unprintable
-		model_stripped="$(echo -n "$model" | LC_CTYPE=C awk -v 'FS=[^[:print:]]' '{print $1; exit}')"
-+		model_stripped="$(ar71xx_get_mtd_offset_size_format art 41 32 %c | LC_CTYPE=C awk -v 'FS=[^[:print:]]' '{print $1; exit}')"
- 		case $model in
- 		$'\xff'*)
- 			if [ "${model:24:1}" = 'N' ]; then
--- a/patches/openwrt/0048-kernel-fix-keyring-reference-leak-CVE-2016-0728.patch
+++ b/patches/openwrt/0048-kernel-fix-keyring-reference-leak-CVE-2016-0728.patch
-From: Matthias Schiffer <mschiffer@universe-factory.net>
-Date: Sat, 6 Feb 2016 07:35:33 +0100
-Subject: kernel: fix keyring reference leak (CVE-2016-0728)
-Signed-off-by: Felix Fietkau <nbd@openwrt.org>
-diff --git a/target/linux/generic/patches-3.18/010-KEYS-Fix-keyring-ref-leak-in-join_session_keyring.patch b/target/linux/generic/patches-3.18/010-KEYS-Fix-keyring-ref-leak-in-join_session_keyring.patch
-new file mode 100644
-index 0000000..9c6a969
--- /dev/null
-+++ b/target/linux/generic/patches-3.18/010-KEYS-Fix-keyring-ref-leak-in-join_session_keyring.patch
-@@ -0,0 +1,75 @@
-+From 7ca88764d45c209791e8813131c1457c2e9e51e7 Mon Sep 17 00:00:00 2001
-+From: Yevgeny Pats <yevgeny@perception-point.io>
-+Date: Mon, 11 Jan 2016 12:05:28 +0000
-+Subject: KEYS: Fix keyring ref leak in join_session_keyring()
-+
-+If a thread is asked to join as a session keyring the keyring that's already
-+set as its session, we leak a keyring reference.
-+
-+This can be tested with the following program:
-+
-+	#include <stddef.h>
-+	#include <stdio.h>
-+	#include <sys/types.h>
-+	#include <keyutils.h>
-+
-+	int main(int argc, const char *argv[])
-+	{
-+		int i = 0;
-+		key_serial_t serial;
-+
-+		serial = keyctl(KEYCTL_JOIN_SESSION_KEYRING,
-+				"leaked-keyring");
-+		if (serial < 0) {
-+			perror("keyctl");
-+			return -1;
-+		}
-+
-+		if (keyctl(KEYCTL_SETPERM, serial,
-+			   KEY_POS_ALL | KEY_USR_ALL) < 0) {
-+			perror("keyctl");
-+			return -1;
-+		}
-+
-+		for (i = 0; i < 100; i++) {
-+			serial = keyctl(KEYCTL_JOIN_SESSION_KEYRING,
-+					"leaked-keyring");
-+			if (serial < 0) {
-+				perror("keyctl");
-+				return -1;
-+			}
-+		}
-+
-+		return 0;
-+	}
-+
-+If, after the program has run, there something like the following line in
-+/proc/keys:
-+
-+3f3d898f I--Q---   100 perm 3f3f0000     0     0 keyring   leaked-keyring: empty
-+
-+with a usage count of 100 * the number of times the program has been run,
-+then the kernel is malfunctioning.  If leaked-keyring has zero usages or
-+has been garbage collected, then the problem is fixed.
-+
-+Reported-by: Yevgeny Pats <yevgeny@perception-point.io>
-+Signed-off-by: David Howells <dhowells@redhat.com>
-+---
-+ security/keys/process_keys.c | 1 +
-+ 1 file changed, 1 insertion(+)
-+
-+diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c
-+index a3f85d2..e6d50172 100644
-+--- a/security/keys/process_keys.c
-++++ b/security/keys/process_keys.c
-+@@ -794,6 +794,7 @@ long join_session_keyring(const char *name)
-+ 		ret = PTR_ERR(keyring);
-+ 		goto error2;
-+ 	} else if (keyring == new->session_keyring) {
-++		key_put(keyring);
-+ 		ret = 0;
-+ 		goto error2;
-+ 	}
-+-- 
-+2.7.0.rc3
-+