From e39d1cf34f97667b8fc1cdb60beec7a12e70839d Mon Sep 17 00:00:00 2001
From: Koen Vandeputte <koen.vandeputte@ncentric.com>
Date: Tue, 24 Sep 2019 11:05:57 +0200
Subject: [PATCH] kernel: bump 4.19 to 4.19.75

Refreshed all patches.

Fixes:
- CVE-2019-14814
- CVE-2019-14815
- CVE-2019-14816
- CVE-2019-14821

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
---
 include/kernel-version.mk                                     | 4 ++--
 .../linux/ath79/patches-4.19/910-unaligned_access_hacks.patch | 4 ++--
 ...netfilter-nft_flow_offload-handle-netdevice-events-f.patch | 2 +-
 ...netfilter-nf_flow_table-fix-offloaded-connection-tim.patch | 2 +-
 .../linux/generic/hack-4.19/661-use_fq_codel_by_default.patch | 2 +-
 5 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/include/kernel-version.mk b/include/kernel-version.mk
index c87feab49b8..5848590e829 100644
--- a/include/kernel-version.mk
+++ b/include/kernel-version.mk
@@ -8,11 +8,11 @@ endif
 
 LINUX_VERSION-4.9 = .194
 LINUX_VERSION-4.14 = .146
-LINUX_VERSION-4.19 = .74
+LINUX_VERSION-4.19 = .75
 
 LINUX_KERNEL_HASH-4.9.194 = d5f4bb7584e461f1faa9a3f94c2ad292246fe692b0e992e072dac255f806c2e3
 LINUX_KERNEL_HASH-4.14.146 = a3c54b887ea3e679382bd4c0536e6a281b071dab2258bd3ee8af75baef2023f5
-LINUX_KERNEL_HASH-4.19.74 = 495c2fead329c2c6b17950faa07ad7406e5aa93560e5e58de93a71197579ee82
+LINUX_KERNEL_HASH-4.19.75 = dd5e7147e1e4501560fba5beb86dae6bf6ba843518ab3d4cad283de77b651b78
 
 remove_uri_prefix=$(subst git://,,$(subst http://,,$(subst https://,,$(1))))
 sanitize_uri=$(call qstrip,$(subst @,_,$(subst :,_,$(subst .,_,$(subst -,_,$(subst /,_,$(1)))))))
diff --git a/target/linux/ath79/patches-4.19/910-unaligned_access_hacks.patch b/target/linux/ath79/patches-4.19/910-unaligned_access_hacks.patch
index bb7f847e1b1..43c4932f1f3 100644
--- a/target/linux/ath79/patches-4.19/910-unaligned_access_hacks.patch
+++ b/target/linux/ath79/patches-4.19/910-unaligned_access_hacks.patch
@@ -241,7 +241,7 @@
   */
 --- a/net/ipv6/datagram.c
 +++ b/net/ipv6/datagram.c
-@@ -478,7 +478,7 @@ int ipv6_recv_error(struct sock *sk, str
+@@ -480,7 +480,7 @@ int ipv6_recv_error(struct sock *sk, str
  				ipv6_iface_scope_id(&sin->sin6_addr,
  						    IP6CB(skb)->iif);
  		} else {
@@ -250,7 +250,7 @@
  					       &sin->sin6_addr);
  			sin->sin6_scope_id = 0;
  		}
-@@ -828,12 +828,12 @@ int ip6_datagram_send_ctl(struct net *ne
+@@ -830,12 +830,12 @@ int ip6_datagram_send_ctl(struct net *ne
  			}
  
  			if (fl6->flowlabel&IPV6_FLOWINFO_MASK) {
diff --git a/target/linux/generic/backport-4.19/343-netfilter-nft_flow_offload-handle-netdevice-events-f.patch b/target/linux/generic/backport-4.19/343-netfilter-nft_flow_offload-handle-netdevice-events-f.patch
index fc668dca10e..3a9e21f5804 100644
--- a/target/linux/generic/backport-4.19/343-netfilter-nft_flow_offload-handle-netdevice-events-f.patch
+++ b/target/linux/generic/backport-4.19/343-netfilter-nft_flow_offload-handle-netdevice-events-f.patch
@@ -48,7 +48,7 @@ Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
  MODULE_AUTHOR("Pablo Neira Ayuso <pablo@netfilter.org>");
 --- a/net/netfilter/nft_flow_offload.c
 +++ b/net/netfilter/nft_flow_offload.c
-@@ -211,47 +211,14 @@ static struct nft_expr_type nft_flow_off
+@@ -217,47 +217,14 @@ static struct nft_expr_type nft_flow_off
  	.owner		= THIS_MODULE,
  };
  
diff --git a/target/linux/generic/backport-4.19/370-netfilter-nf_flow_table-fix-offloaded-connection-tim.patch b/target/linux/generic/backport-4.19/370-netfilter-nf_flow_table-fix-offloaded-connection-tim.patch
index 07ef724094d..64eda532957 100644
--- a/target/linux/generic/backport-4.19/370-netfilter-nf_flow_table-fix-offloaded-connection-tim.patch
+++ b/target/linux/generic/backport-4.19/370-netfilter-nf_flow_table-fix-offloaded-connection-tim.patch
@@ -84,7 +84,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  	}
  
 +	nf_ct_offload_timeout(flow);
- 	flow->timeout = (u32)jiffies;
+ 	flow->timeout = (u32)jiffies + NF_FLOW_TIMEOUT;
  	return 0;
  }
 @@ -316,6 +335,8 @@ static int nf_flow_offload_gc_step(struc
diff --git a/target/linux/generic/hack-4.19/661-use_fq_codel_by_default.patch b/target/linux/generic/hack-4.19/661-use_fq_codel_by_default.patch
index fc0761c3c0e..d147c0d7430 100644
--- a/target/linux/generic/hack-4.19/661-use_fq_codel_by_default.patch
+++ b/target/linux/generic/hack-4.19/661-use_fq_codel_by_default.patch
@@ -83,7 +83,7 @@ Signed-off-by: Felix Fietkau <nbd@nbd.name>
  EXPORT_SYMBOL(default_qdisc_ops);
  
  /* Main transmission queue. */
-@@ -1009,7 +1009,7 @@ static void attach_one_default_qdisc(str
+@@ -1013,7 +1013,7 @@ static void attach_one_default_qdisc(str
  				     void *_unused)
  {
  	struct Qdisc *qdisc;
-- 
2.30.2