Commit Graph

45841 Commits

Author SHA1 Message Date
Adrian Schmutzler
48b5d08a48 treewide: use a single ath10k MAC patching function with checksum
While all ath10k eeproms have a checksum field, so far two
functions for patching ath10k MAC address have been present (and
been used).

This merges code to provide a single function ath10k_patch_mac
in caldata.sh, having its name in accordance with ath9k functions.
By doing so, correct MAC patching for current and future ath10k
devices should be ensured.

This patch adds checksum adjustments for several targets on
ath79 and lantiq.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-10-15 18:13:54 +02:00
Adrian Schmutzler
332b1f46e9 ipq40xx: add label MAC address for FritzBox 4040
The CWMP-Account on the device's label contains the eth0 MAC
address.

This only changes 4.19 files as label-mac-device is introduced
after 19.07 branch, so there won't be a 4.14 release anymore.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-10-15 18:13:54 +02:00
David Bauer
1a256470e7 ath79: correct ar71xx boardname for UniFi AC Lite
This corrects the additional boardname for the image metadata to the one
used in ar71xx. The previously present additional entry was never used
on a running system.

Reviewed-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-15 18:13:54 +02:00
David Bauer
07e555d873 mpc85xx: correct TP-LINK TL-WDR4900 MAC addresses
This commit fixes TP-Link TL-WDR4900 v1 MAC address assignment.
Previously, the MAC addrss was read for the ethernet from the "config"
partition. However, the content of this partition is dependent on the
firmware which was previously installed on the device.

Switch the MAC address source to the U-Boot partition, where the MAC
address is always present at a fixed partition. The partition was
previously already used for the WiFi MAC-addresses.

Reviewed-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-15 18:13:54 +02:00
Andreas Ziegler
07c1ddf522 ath79: add support for UniFi AC-LR
The Unifi AC-LR has identical hardware to the Unifi AC-Lite.
The antenna setup is different according to the vendor,
which explains the thicker enclosure.

Therefore, it is helpful to know the exact device variant,
instead of having "Ubiquiti UniFi-AC-LITE/LR".

Signed-off-by: Andreas Ziegler <dev@andreas-ziegler.de>
[fix legacy name in commit message; add old boardname to
SUPPORTED_DEVICES]
Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-15 18:13:54 +02:00
Koen Vandeputte
089b4f16aa gdb: bump to 8.3.1
GDB 8.3.1 brings the following fixes and enhancements over GDB 8.3:

PR c++/20020 (GDB segfault on printing objects)
PR gdb/24454 (nat/x86-linux-dregs.c failed assertion)
PR breakpoints/24541 (Incorrect evaluation of systemtap probes due to register being signed and probe expression assuming unsigned)
PR symtab/24545 (Symbol loading performance regression with cc1)
PR gdb/24592 (amd64->i386 linux syscall restart problem)
PR gdb/25009 (terminate called after throwing an instance of 'srchilite::ParserException')
PR gdb/25010 (Calls to error () can cause SIGTTOU to send gdb to the background)
PR breakpoints/25011 (Breakpoints on file reloads broken for PIE binaries)

This corrective release also brings the following testsuite fixes and
enhancements:

PR testsuite/25005 (gdb-caching-proc.exp takes a lot of time on skip_opencl_tests)
PR testsuite/25016 (Test-case failures for -pie)

GDB 8.3 includes the following changes and enhancements:

* Support for new native configurations (also available as a target configuration):
     - RISC-V GNU/Linux (riscv*-*-linux*)
     - RISC-V FreeBSD (riscv*-*-freebsd*)

* Support for new target configurations:
     - CSKY ELF (csky*-*-elf)
     - CSKY GNU/Linux (csky*-*-linux)
     - NXP S12Z ELF (s12z-*-elf)
     - OpenRISC GNU/Linux (or1k*-*-linux*)

* Native Windows debugging is only supported on Windows XP or later.

* The Python API in GDB now requires Python 2.6 or later.

* GDB now supports terminal styling for the CLI and TUI.
  Source highlighting is also supported by building GDB with GNU
  Highlight.

* Experimental support for compilation and injection of C++ source
  code into the inferior (requires GCC 7.1 or higher, built with
  libcp1.so).

* GDB and GDBserver now support IPv6 connections.

* Target description support on RISC-V targets.

* Various enhancements to several commands:
     - "frame", "select-frame" and "info frame" commands
     - "info functions", "info types", "info variables"
     - "info thread"
     - "info proc"
     - System call alias catchpoint support on FreeBSD
     - "target remote" support for Unix Domain sockets.

* Support for displaying all files opened by a process

* DWARF index cache: GDB can now automatically save indices of DWARF
  symbols on disk to speed up further loading of the same binaries.

* Various GDB/MI enhancements.

* GDBserver on PowerPC GNU/Linux now supports access to the PPR,
  DSCR, TAR, EBB/PMU, and HTM registers.

* Ada task switching support when debugging programs built with
  the Ravenscar profile added to aarch64-elf.

* GDB in batch mode now exits with status 1 if the last executed
  command failed.

* Support for building GDB with GCC's Undefined Behavior Sanitizer.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-15 16:11:28 +02:00
Koen Vandeputte
68c50e1ca2 toolchain/gdb: bump to 8.3.1
GDB 8.3.1 brings the following fixes and enhancements over GDB 8.3:

PR c++/20020 (GDB segfault on printing objects)
PR gdb/24454 (nat/x86-linux-dregs.c failed assertion)
PR breakpoints/24541 (Incorrect evaluation of systemtap probes due to register being signed and probe expression assuming unsigned)
PR symtab/24545 (Symbol loading performance regression with cc1)
PR gdb/24592 (amd64->i386 linux syscall restart problem)
PR gdb/25009 (terminate called after throwing an instance of 'srchilite::ParserException')
PR gdb/25010 (Calls to error () can cause SIGTTOU to send gdb to the background)
PR breakpoints/25011 (Breakpoints on file reloads broken for PIE binaries)

This corrective release also brings the following testsuite fixes and
enhancements:

PR testsuite/25005 (gdb-caching-proc.exp takes a lot of time on skip_opencl_tests)
PR testsuite/25016 (Test-case failures for -pie)

GDB 8.3 includes the following changes and enhancements:

* Support for new native configurations (also available as a target configuration):
     - RISC-V GNU/Linux (riscv*-*-linux*)
     - RISC-V FreeBSD (riscv*-*-freebsd*)

* Support for new target configurations:
     - CSKY ELF (csky*-*-elf)
     - CSKY GNU/Linux (csky*-*-linux)
     - NXP S12Z ELF (s12z-*-elf)
     - OpenRISC GNU/Linux (or1k*-*-linux*)

* Native Windows debugging is only supported on Windows XP or later.

* The Python API in GDB now requires Python 2.6 or later.

* GDB now supports terminal styling for the CLI and TUI.
  Source highlighting is also supported by building GDB with GNU
  Highlight.

* Experimental support for compilation and injection of C++ source
  code into the inferior (requires GCC 7.1 or higher, built with
  libcp1.so).

* GDB and GDBserver now support IPv6 connections.

* Target description support on RISC-V targets.

* Various enhancements to several commands:
     - "frame", "select-frame" and "info frame" commands
     - "info functions", "info types", "info variables"
     - "info thread"
     - "info proc"
     - System call alias catchpoint support on FreeBSD
     - "target remote" support for Unix Domain sockets.

* Support for displaying all files opened by a process

* DWARF index cache: GDB can now automatically save indices of DWARF
  symbols on disk to speed up further loading of the same binaries.

* Various GDB/MI enhancements.

* GDBserver on PowerPC GNU/Linux now supports access to the PPR,
  DSCR, TAR, EBB/PMU, and HTM registers.

* Ada task switching support when debugging programs built with
  the Ravenscar profile added to aarch64-elf.

* GDB in batch mode now exits with status 1 if the last executed
  command failed.

* Support for building GDB with GCC's Undefined Behavior Sanitizer.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-15 16:11:28 +02:00
Koen Vandeputte
e5445333f6 kernel: bump 4.19 to 4.19.79
Refreshed all patches.

Remove upstreamed (superseded):
- 950-0726-can-mcp251x-Allow-more-time-after-a-reset.patch

Compile-tested on: brcm2708, cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-15 16:11:28 +02:00
Koen Vandeputte
1cfe412dd2 kernel: bump 4.14 to 4.14.149
Refreshed all patches.

Altered patches:
- 820-sec-support-layerscape.patch

Compile-tested on: cns3xxx, layerscape
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-15 16:11:28 +02:00
Koen Vandeputte
4d5b62263c toolchain/musl: bump to version 1.1.24
1.1.24 release notes

new features:
- GLOB_TILDE extension to glob
- non-stub catgets localization API, using netbsd binary catalog format
- posix_spawn file actions for [f]chdir (extension, pending future standard)
- secure_getenv function (extension)
- copy_file_range syscall wrapper (Linux extension)
- header-level support for new linux features in 5.2

performance:
- new fast path for lrint (generic C version) on 32-bit archs

major internal changes:
- functions involving time are overhauled to be time64-ready in 32-bit archs
- x32 uses the new time64 code paths to replace nasty hacks in syscall glue

compatibility & conformance:
- support for powerpc[64] unaligned relocation types
- powerpc[64] and sh sys/user.h no longer clash with kernel asm/ptrace.h
- select no longer modifies timeout on failure (or at all)
- mips64 stat results are no longer limited to 32-bit time range
- optreset (BSD extension) now has a public declaration
- support for clang inconsistencies in wchar_t type vs some 32-bit archs
- mips r6 syscall asm no longer has invalid lo/hi register clobbers
- vestigial asm declarations of __tls_get_new are removed (broke some tooling)
- riscv64 mcontext_t mismatch glibc's member naming is corrected

bugs fixed:
- glob failed to match broken symlinks consistently
- invalid use of interposed calloc to allocate initial TLS
- various dlsym symbol resolution logic errors
- semctl with SEM_STAT_ANY didn't work
- pthread_create with explicit scheduling was subject to priority inversion
- pthread_create failure path had data race for thread count
- timer_create with SIGEV_THREAD notification had data race getting timer id
- wide printf family failed to support l modifier for float formats

arch-specific bugs fixed:
- x87 floating point stack imbalance in math asm (i386-only CVE-2019-14697)
- x32 clock_adjtime, getrusage, wait3, wait4 produced junk (struct mismatches)
- lseek broken on x32 and mipsn32 with large file offsets
- riscv64 atomics weren't compiler barriers
- riscv64 atomics had broken asm constraints (missing earlyclobber flag)
- arm clone() was broken when compiled as thumb if start function returned
- mipsr6 setjmp/longjmp did not preserve fpu register state correctly

Refreshed all patches.
Removed upstreamed.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-15 16:11:28 +02:00
Jo-Philipp Wich
57b834281b iwinfo: update to latest Git HEAD
a29b7d4 nl80211: align path to phy mapping logic with mac80211.sh

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-10-15 15:52:01 +02:00
Hans Dedecker
34c4741da0 odhcpd: update to latest git HEAD
9a4531a ndp: fix endian issue

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-10-14 21:35:09 +02:00
Adrian Schmutzler
2c60de0e3f treewide: move MAC address patch functions to common library
This unifies MAC address patch functions and moves them to a
common script. While those were implemented differently for
different targets, they all seem to do the same. The number of
different variants is significantly reduced by this patch.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-10-14 12:36:02 +02:00
Adrian Schmutzler
5b6a809092 treewide: move calibration data extraction function to library
This moves the almost identical calibration data extraction
functions present multiple times in several targets to a single
library file /lib/functions/caldata.sh.

Functions are renamed with more generic names to merge different
variants that only differ in their names.

Most of the targets used find_mtd_chardev, while some used
find_mtd_part inside the extraction code. To merge them, the more
abundant version with find_mtd_chardev is used in the common code.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
[rebase on latest master; add mpc85xx]
Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-13 21:48:58 +02:00
Adrian Schmutzler
c1388a2deb base-files: move xor() from caldata extraction to functions.sh
The xor() function is defined in each of the caldata extraction
scripts for several targets. Move it to functions.sh to reduce
duplicate code.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-10-13 19:03:57 +02:00
Roger Pueyo Centelles
bba6646b5c ath79: add support for COMFAST CF-E313AC
This patch adds support for the COMFAST CF-E313AC, an  outdoor wireless
CPE with two Ethernet ports and a 802.11ac radio.

Specifications:

 - QCA9531 SoC
 - 650/400/216 MHz (CPU/DDR/AHB)
 - 1x 10/100 Mbps WAN Ethernet, 48V PoE-in
 - 1x 10/100 Mbps LAN Ethernet, pass-through 48V PoE-out
 - 1x manual pass-through PoE switch
 - 64 MB RAM (DDR2)
 - 16 MB FLASH
 - QCA9886 2T2R 5 GHz 802.11ac, 23 dBm
 - 12 dBi built-in antenna
 - POWER/LAN/WAN/WLAN green LEDs
 - 4x RSSI LEDs (2x red, 2x green)
 - UART (115200 8N1)

Flashing instructions:

 The original firmware is based on OpenWrt so a sysupgrade image can be
 installed via the stock web GUI. Settings from the original firmware
 will be saved and restored on the new one, so a factory reset will be
 needed. To do so, once the new firmware is flashed, enter into failsafe
 mode by pressing the reset button several times during the boot
 process, while the WAN LED flashes, until it starts flashing faster.
 Once in failsafe mode, perform a factory reset as usual.

 Alternatively, the U-boot bootloader contains a recovery HTTP server
 to upload the  firmware. Push the reset button while powering the
 device on and keep it pressed for >10 seconds. The device's LEDs will
 blink several times and the recovery page will be at
 http://192.168.1.1; use it to upload the sysupgrade image.

Note:

 Four MAC addresses are stored in the "art" partition (read-only):
  - 0x0000: 40:A5:EF:AA:AA:A0
  - 0x0006: 40:A5:EF:AA:AA:A2
  - 0x1002: 40:A5:EF:AA:AA:A1
  - 0x5006: 40:A5:EF:AA.AA:A3 (inside the 5 GHz calibration data)

 The stock firmware assigns MAC addresses to physical and virtual
 interfaces in a very particular way:
  - eth0 corresponds to the physical Ethernet port labeled as WAN
  - eth1 corresponds to the physical Ethernet port labeled as LAN

  - eth0 belongs to the bridge interface br-wan
  - eth1 belongs to the bridge interface br-lan

  - eth0 is assigned the MAC from 0x0 (*:A0)
  - eth1 is assigned the MAC from 0x1002 (*:A1)

  - br-wan is forced to use the MAC from 0x1002 (*:A1)
  - br-lan is forced to use the MAC from 0x0 (*:A0)

  - radio0 uses the calibration data from 0x5000 (which contains
    a valid MAC address, *:A3). However, it is overwritten by the
    one at 0x6 (*:A2)

 This commit preserves the LAN/WAN roles of the physical Ethernet
 ports (as labeled on the router) and the MAC addresses they expose
 by default (i.e., *:A0 on LAN, *:A1 on WAN), but swaps the position
 of the eth0/eth1 compared to the stock firmware:
  - eth0 corresponds to the physical Ethernet port labeled as LAN
  - eth1 corresponds to the physical Ethernet port labeled as WAN

  - eth0 belongs to the bridge interface br-lan
  - eth1 is the interface at @wan

  - eth0 is assigned the MAC from 0x0 (*:A0)
  - eth1 is assigned the MAC from 0x1002 (*:A1)

  - br-lan inherits the MAC from eth0 (*:A0)
  - @wan inherits the MAC from eth1 (*:A1)

  - radio0's MAC is overwritten to the one at 0x6

This way, eth0/eth1's positions differ from the stock firmware, but
the weird MAC ressignations in br-lan/br-wan are avoided while the
external behaviour of the router is maintained. Additionally, WAN
port is connected to the PHY gmac, allowing to monitor the link
status (e.g., to restart DHCP negotiation when plugging a cable).

Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
2019-10-13 20:34:57 +08:00
Roger Pueyo Centelles
ac36cca012 ramips: mt7621: Alternative name KE 2P for Phicomm K2P
The Phicomm KE 2P is identical to the already supported Phicomm K2P,
renamed for the European market. Use the ALT0 buildroot tags to show
both devices.

Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
2019-10-13 20:34:57 +08:00
Stijn Tintel
4b9a07336a kernel: add kmod-iio-bme680
This driver supports the Bosch Sensortec BME680 gas, humidity, pressure
and temperature sensor.

Tested I2C and SPI modes on a Raspberry Pi Zero W.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2019-10-13 13:08:04 +03:00
Ali MJ Al-Nasrawy
10f5eb0398 trelay: log "started" and "stopped"
It is informative especially when using multiple device pairs.

Signed-off-by: Ali MJ Al-Nasrawy <alimjalnasrawy@gmail.com>
2019-10-12 23:51:29 +02:00
Ali MJ Al-Nasrawy
c2635b871d trelay: fix deadlock on remove
Upon writing to "remove" file, debugfs_remove_recursive() blocks while
holding rtnl_lock. This is because debugfs' file_ops callbacks are
executed in debugfs_use_file_*() context which prevents file removal.

Fix this by only flagging the device for removal and then do the cleanup
in file_ops.release callback which is executed out of that context.

Signed-off-by: Ali MJ Al-Nasrawy <alimjalnasrawy@gmail.com>
2019-10-12 23:51:29 +02:00
Ali MJ Al-Nasrawy
77cfc0739d trelay: handle netdevice events correctly
Since v3.11, netdevice notification data are of type
"struct netdev_notifier_info". Handle it as such!

This should fix a critical bug in which devices are unable get released
because trelay does not release resources in response to UNREGISTER
event spamming the log with something like:

unregister_netdevice: waiting for eth0.1 to become free. Usage count = 1

Signed-off-by: Ali MJ Al-Nasrawy <alimjalnasrawy@gmail.com>
2019-10-12 23:51:29 +02:00
Ruixi Zhou
b30e481b6c kernel: NFSD: add dependency kmod-crypto-arc4 for kmod-fs-nfs-common-rpcsec
crypto-arc4 move into a module with commit c3a78955f3,
fs-nfs-common-rpcsec compile error without arc4 support.

Ref: https://github.com/openwrt/packages/issues/9912

Fixes: c3a78955f3 ("kernel: move crypto-arc4 into a module")
Signed-off-by: Ruixi Zhou <zhouruixi@gmail.com>
2019-10-12 23:51:08 +02:00
Val Kulkov
b10a453367 base-files: coreutil-date breaks setting kernel timezone
"coreutil-date" package from the packages feed replaces the Busybox date
applet by symlinking /usr/bin/gnu-date to /bin/date. This prevents the system
init script from setting kernel timezone because the GNU date utility does not
provide such functionality:

   root@OpenWrt:~# date -k
   date: invalid option -- 'k'
   Try 'date --help' for more information.

A specific reference to the Busybox date applet prevents alternative date
utilities from breaking the system init script.

Signed-off-by: Val Kulkov <val.kulkov@gmail.com>
2019-10-12 23:43:08 +02:00
Eneas U de Queiroz
ee5a3f6d60 hostapd: adjust to removal of WOLFSSL_HAS_AES_GCM
WolfSSL is always built with AES-GCM support now.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2019-10-12 23:43:08 +02:00
Rosen Penev
6ab386c9bc uClibc++: Fix three bugs
The first allows usage of several functions in the std namespace, which
broke compilation of gddrescue specifically with uClibc-ng and uClibc++.

The second allows usage of long long with normal C++11, which is part of
the standard. Before, std=gnu++11 needed to be passsed to work around it.

As a result of the second patch, the pedantic patch can safely be removed.

Both patches are upstream backports.

Added -std=c++11 to CFLAGS to guarentee proper inclusion of long long.

Added another patch that fixes a typo with the long long support. Sent to
upstream.

Fixed up license information according to SPDX.

Small cleanups for consistency.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2019-10-12 23:43:08 +02:00
Martin Schiller
c5829788c9 lantiq: add set_port_link feature to xrx200-net driver
This makes it possible to configure the link attributes (aneg, duplex,
speed) of each switch ports.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2019-10-12 23:43:08 +02:00
Scott Roberts
d2a1075973 mvebu: backport mvneta and comphy from linux 5.x
These patches backport support for the ARMADA 3700 COMPHY driver.
Also backported is the mvneta driver.  This will allow switching
the SGMII speed using SMC calls.  To support this you must update
the firmware using Marvells 18.12 version (this has now been
upstreamed).  The mvneta driver allows 2500basex and 2500baset.

Signed-off-by: Scott Roberts <ttocsr@gmail.com>
2019-10-12 23:43:08 +02:00
Eubert Bao
e11fc8439c kirkwood: Fix FS#505 - Can't install LEDE on Linksys EA3500
The default sizes render Device/linksys_audi mage un-flashable.
Restore the pagesize, subpagesize, and blocksize for linksys_audi
from https://github.com/openwrt/archive.

Signed-off-by: Eubert Bao <bunnier@gmail.com>
2019-10-12 23:42:59 +02:00
Moritz Warning
66fbaae83e pistachio: split up DEVICE_TITLE
DEVICE_TITLE is split up into DEVICE_VENDOR, DEVICE_MODEL and DEVICE_VARIANT

Signed-off-by: Moritz Warning <moritzwarning@web.de>
2019-10-12 23:37:00 +02:00
Sungbo Eo
9f73fad359 kernel: fix typos in video KernelPackage description
Fixes: 4b3d17b709 ("kernel: add kmod-fb-sys-ram")
Fixes: b774acb479 ("package/modules: add missing gspca video drivers for 2.6.32 (patch from #6595)")

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2019-10-12 23:37:00 +02:00
Sungbo Eo
60acddc960 uboot-oxnas: remove unnecessary execute permission bit
.c files do not need to be executable. 644 is enough.

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2019-10-12 23:37:00 +02:00
Sungbo Eo
b83b2d76ca ar71xx: remove unnecessary execute permission bit
.c files do not need to be executable. 644 is enough.

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2019-10-12 23:37:00 +02:00
Sungbo Eo
68014f6d6e mediatek: remove unnecessary execute permission bit
kernel config and dts files do not need to be executable. 644 is enough.

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2019-10-12 23:37:00 +02:00
DENG Qingfang
394273c066 tcpdump: update to 4.9.3
Fixed CVEs:
	CVE-2017-16808
	CVE-2018-10103
	CVE-2018-10105
	CVE-2018-14461
	CVE-2018-14462
	CVE-2018-14463
	CVE-2018-14464
	CVE-2018-14465
	CVE-2018-14466
	CVE-2018-14467
	CVE-2018-14468
	CVE-2018-14469
	CVE-2018-14470
	CVE-2018-14879
	CVE-2018-14880
	CVE-2018-14881
	CVE-2018-14882
	CVE-2018-16227
	CVE-2018-16228
	CVE-2018-16229
	CVE-2018-16230
	CVE-2018-16300
	CVE-2018-16301
	CVE-2018-16451
	CVE-2018-16452
	CVE-2019-15166
	CVE-2019-15167

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2019-10-12 23:37:00 +02:00
DENG Qingfang
44f11353de libpcap: update to 1.9.1
Fixed CVEs:
	CVE-2018-16301
	CVE-2019-15161
	CVE-2019-15162
	CVE-2019-15163
	CVE-2019-15164
	CVE-2019-15165

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2019-10-12 23:37:00 +02:00
Hauke Mehrtens
ace1bfb554 mvebu: Refresh kernel 4.19 configuration
This refreshes the kernel 4.19 configuration, it looks like this was not
done initially.

When did a compile with the default settings I had to select some
kernel configuration options.

Fixes: 98684d99b2 ("mvebu: add kernel 4.19 support")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-10-12 23:37:00 +02:00
Hauke Mehrtens
e901ce6f0e kernel: Set GCC version to 80300 by default
The kernel 4.19 configuration contains the GCC version used, set it to
8.3.0 as this is now our default compiler.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-10-12 22:38:02 +02:00
Hauke Mehrtens
9caa86fba5 kernel: kmod-rtc-pcf2127: Fix dependencies
Add missing dependencies to i2c-core and regmap-spi. These get activated
when these modules are build in this driver, which is the case when we
build all modules. This fixes the build on some targets. This was found
by the buildbot.

Fixes: 34e2526f9f ("kernel: add kmod-rtc-pcf2127")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-10-12 22:36:23 +02:00
Moritz Warning
c3ffb0e7d5
brcm47xx: split up DEVICE_TITLE
DEVICE_TITLE is split up into DEVICE_VENDOR, DEVICE_MODEL and DEVICE_VARIANT

Signed-off-by: Moritz Warning <moritzwarning@web.de>
2019-10-12 01:43:07 +02:00
Moritz Warning
f3c21d1517
omap: split up DEVICE_TITLE
DEVICE_TITLE is split up into DEVICE_VENDOR, DEVICE_MODEL and DEVICE_VARIANT

Signed-off-by: Moritz Warning <moritzwarning@web.de>
2019-10-12 01:22:46 +02:00
Petr Štetiar
36c6f4a011 libnl-tiny: fix package mirror hash
Current hash doesn't match with the content of the source tarball.

Fixes: a92f74ba8d ("libnl-tiny: move source code into separate Git repository")
Reported-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-10-11 22:48:06 +02:00
Felix Fietkau
33dd522f24 build: fix menuconfig submenu sorting for gcc options
The hidden symbol GCC_USE_IREMAP was breaking it, move it to Config.version
instead

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-10-11 10:37:08 +02:00
Felix Fietkau
7a8bcf36c7 mt76: update to the latest version
71c2ef0420b5 mt76: fix aggregation stop issue
5b02a078d4a7 mt76: add missing locking around ampdu action
7d8764d320cf mt76: avoid enabling interrupt if NAPI poll is still pending
d94cc81d3980 mt76: drop rcu read lock in mt76_rx_aggr_stop
c11a4ad06d9d mt76: mt76x0: eeprom: add support for MAC address from OF
01642d8bed33 mt76: mt76x02: fix use-after-free in tx status code handling airtime
391e1488f885 mt76: add sanity check for a-mpdu rx wcid index
d3a589586d1b mt76: fix a-mpdu boundary detection issue for airtime reporting

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-10-10 23:10:01 +02:00
Hans Dedecker
f8b58757d0 ppp: update to version 2.4.7.git-2019-10-04
0d004db Revert "pppd: Include time.h before using time_t"
e400854 pppdump: Eliminate printf format warning by using %zd
7f2f0de pppd: Refactor setjmp/longjmp with pipe pair in event wait loop
4e71317 make: Avoid using host include for cross-compiling
3202f89 pppoe: Remove the use of cdefs
d8e8d7a pppd: Remove unused rcsid variables
486f854 pppd: Fix GLIBC version test for non-glibc toolchains
b6cd558 pppd: Include time.h before using time_t
ef8ec11 radius: Fix compiler warning
f6330ec magic: Remove K&R style of arguments
347904e Add Submitting-patches.md

Remove patches 130-no_cdefs_h.patch, 131-missing_prototype_macro.patch,
132-fix_linux_includes.patch as fixed upstream
Refresh patches

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-10-10 22:37:10 +02:00
Felix Fietkau
46a129194d build: adjust gcc/g++ version checks for newer apple compilers
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-10-10 13:43:04 +02:00
Stefan Lippers-Hollmann
f690b6f472 mac80211: fix scan when operating on DFS channels in ETSI domains
In non-ETSI regulatory domains scan is blocked when operating channel
is a DFS channel. For ETSI, however, once DFS channel is marked as
available after the CAC, this channel will remain available (for some
time) even after leaving this channel.

Therefore a scan can be done without any impact on the availability
of the DFS channel as no new CAC is required after the scan.

Enable scan in mac80211 in these cases.

Signed-off-by: Aaron Komisar <aaron.komisar@tandemg.com>
Link: https://lore.kernel.org/r/1570024728-17284-1-git-send-email-aaron.komisar@tandemg.com
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
2019-10-09 21:00:02 +02:00
Klaus Kudielka
3a4f587c46 base-files: upgrade: add case to export_bootdevice
The factory uboot of the Turris Omnia boots with "root=b301", and we
instruct new users to sysupgrade from there (e.g. method 1, step 7).
Currently, this will fail with "Unable to determine upgrade device".
Add a new case to export_bootdevice, which parses the hex argument.

Fixes commit 2e5a0b81 ("mvebu: sysupgrade: sdcard: keep user added ...")

Signed-off-by: Klaus Kudielka <klaus.kudielka@gmail.com>
2019-10-09 21:00:02 +02:00
Oldřich Jedlička
e0ce80d42a kernel: Fix off-by-one error in FIT mtd partition search.
This fixes off-by-one error introduced in commit dc76900021
("kernel: Correctly search for the FIT image in mtd partition.")

Function `mtd_read` starts reading at `offset` and
needs `hdr_len` number of bytes to be available. Suppose
the easiest case when `offset` is `0` and `hdr_len` equals
to `mtd->size` - the `for` loop will not be entered even
when enough bytes are available to be read.

Same happens for any non-zero `offset`, when `hdr_len` is
just enough bytes to be read until `mtd->size` is reached.
Imagine that for example `mtd->size=5`, `offset=4` and
`hdr_len=1`. Then `offset+hdr_len=5` and the check has to
be `offset+hdr_len <= mtd->size`, i.e. `5 <= 5`. The
check for `offset + hdr_len` value needs to be inclusive,
therefore use `<=`.

Fixes: dc76900021 ("kernel: Correctly search for the FIT image in mtd partition.")
Signed-off-by: Oldřich Jedlička <oldium.pro@gmail.com>
[adjusted commit ref, fixes tag]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-10-09 14:45:25 +02:00
Paul Spooren
4ed356fa71 kernel.mk: add KCFLAGS to make kmods reproducible
Some kmods (gpio-hotplug, wireguard) store the build path in the
compiled files and therefore make it harder to rebuild the official
binaries. As the same "iremap" function is used as for other binaries,
the change is compatible with gcc7 and 8.

Tested with both gcc7 and gcc8 resulting in build path independent
reproducible builds.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2019-10-09 09:13:44 +02:00
Paul Spooren
d509463816 toolchain/gcc: switch to version 8 by default
Main motivation for this commit is the introduction of
`-ffile-prefix-map=` which alows reproducible build path.

Compile tested on Linux and macOS without errors on the following
targets:

 * ath79
 * imx6
 * brcm2708
 * brcm63xx
 * ixp4xx
 * ramips
 * sunxi
 * x86

Thanks to Andre for the iremap fixup.

Ref: https://reproducible-builds.org/docs/build-path/
Tested-by: Andre Heider <a.heider@gmail.com>
Tested-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Signed-off-by: Paul Spooren <mail@aparcar.org>
[refactored into separate commit]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-10-09 09:13:44 +02:00