unetd always includes $(INCLUDE_DIR)/bpf.mk. This file always checks if
the LLVM version is supported in CLANG_VER_VALID. unetd only needs bpf
when UNETD_VXLAN_SUPPORT is set. It fails when UNETD_VXLAN_SUPPORT is
not set and llvm is not installed.
Fix it by only checking the LLVM version when a LLVM toolchain is
available.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit c58177b5dcb3461efef0adefe570dd8a8d966ec4)
We've few low spec (make -j3) build workers attached to the 22.03
buildbot instance which from time to time exhibit following build
failure during image generation (shortened for brewity):
+ dd bs=512 if=root.ext4 of=openwrt-22.03...sdcard.img.gz.img
dd: failed to open 'root.ext4': No such file or directory
Thats happening likely due to the fact, that on buildbots we've
`TARGET_PER_DEVICE_ROOTFS=y` which produces differently named filesystem
image in the SD card image target dependency chain:
make_ext4fs -L rootfs ... root.ext4+pkg=68b329da
and that hardcoded `root.ext4` image filename becomes available from
other Make targets in the later stages. So lets fix this issue by using
IMAGE_ROOTFS Make variable which should contain proper path to the root
filesystem image.
Fixing remaining subtargets ommited in commit 5c3679e39b61 ("at91:
sama7: fix racy SD card image generation").
Fixes: 5c3679e39b61 ("at91: sama7: fix racy SD card image generation")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 3b669bc3f32f7594f38187a284a65ca2c35a0121)
We've few low spec (make -j3) build workers attached to the 22.03
buildbot instance which from time to time exhibit following build
failure during image generation:
+ dd bs=512 if=root.ext4 of=openwrt-22.03-snapshot-r20028-43d71ad93e-at91-sama7-microchip_sama7g5-ek-ext4-sdcard.img.gz.img seek=135168 conv=notrunc
dd: failed to open 'root.ext4': No such file or directory
Thats likely due to the fact, that on buildbots we've
`TARGET_PER_DEVICE_ROOTFS=y` which produces differently named filesystem
image in the SD card image target dependency chain:
make_ext4fs -L rootfs ... root.ext4+pkg=68b329da
and that hardcoded root.ext4 becomes available from other target in the
later stages. So lets fix this issue by using IMAGE_ROOTFS Make variable
which should contain proper path to the root filesystem image.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 5c3679e39b615ff29c9315f810e8e15775cc2d01)
This update mac80211 to version 5.15.92-1. This includes multiple
bugfixes. Some of these bugfixes are fixing security relevant bugs.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The phy-mode property must be defined on the MAC instead of the PHY. Define
phy-mode under gmac1 which the external phy is connected to.
Tested-by: Petr Louda <petr.louda@outlook.cz>
Signed-off-by: Arınç ÜNAL <arinc.unal@arinc9.com>
(cherry picked from commit 5155200f97adaeaaac7b752b5a6a5e41cba3db6a)
Add squashfs and ramdisk to features as these are commonly used images
for the octeontx.
Signed-off-by: Tim Harvey <tharvey@gateworks.com>
(cherry picked from commit af5635e6ca12d3be275560a58ac6e2793e218fcd)
Add LTE packages required for operating the LTE modems shipped with
the GL-XE300.
Example configuration for an unauthenticated dual-stack APN:
network.wwan0=interface
network.wwan0.proto='qmi'
network.wwan0.device='/dev/cdc-wdm0'
network.wwan0.apn='internet'
network.wwan0.auth='none'
network.wwan0.delay='10'
network.wwan0.pdptype='IPV4V6'
Signed-off-by: Tom Herbers <mail@tomherbers.de>
(cherry picked from commit 67f283be4430ebfb46be6c00fcc7c12a6adabce3)
This adds an label-mac-device alias which refrences the mac which is
printed on the Label of the device.
Signed-off-by: Tom Herbers <mail@tomherbers.de>
(cherry picked from commit f83f5f8452edd3115aacf333b0038da89639a218)
This commit adds the LTE led for GL.iNet GL-XE300
to the default leds config.
Signed-off-by: Leo Soares <leo@hyper.ag>
(cherry picked from commit 35a0f2b00c44a43ad087327f0cbdb1c9c5e60c49)
Signed-off-by: Tom Herbers <mail@tomherbers.de>
This adds missing HE modes to mac80211_prepare_ht_modes.
Previously mesh without wpa_supplicant would be initialized with 802.11g
/NO-HT only, as this method did not parse channel bandwidth for HE
operation.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit a63430eac33ceb1dbf96d3667e2a0f2e04ba391f)
_oob_read returns number of bitflips on success while
bbt_nand_read should return 0.
Fixes: 2d49e49b18 ("mediatek: bmt: use generic mtd api")
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
(cherry picked from commit f183ce35b8ea2fd991ac489fb223b09a1ecb4db0)
From uboot Documentation for uboot-2022.01 for tools-only we can build
with NO_SDL=1 to skip installing the sdl2 package.
Follow this to fix compilation error on macos
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Wifi LED did not work using phy0radio, which somehow slipped through in
the previous testing
Signed-off-by: Florian Maurer <f.maurer@outlook.de>
(cherry picked from commit 2e3d1edf59109d6329a00d90b1e953261d602af5)
Patch the mbedtls source instead of modifying the compile-targets
in the prepare buildstep within OpenWrt.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 00f1463df7e690862403208082f71fb4741baf02)
This reverts commit c0b4303d2e2f4a9e1d4684fd584e6b6548666f0f as it was
reported, that it breaks all packages depending on libstdcpp due to
changed ABI.
References: https://github.com/openwrt/packages/issues/20340
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This fixes spurious build-errors on OpenWrt, where the AM_ICONV macro
is undefined while invoking autoconfig. Later in the build, the ICONV
LDOPTIONS are set to @LIBICONV@, failing the build.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 9300a20dcce2217b121bd2020cc1a4ea41fa4475)
Both mirrors provided in the Makefile only serve gzipped tarballs.
Fixes: #10871
Fixes: 9edfe7dd13d9 ("source: Switch to xz for packages and tools where possible")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit bd911b45389b3da299948b457a1fc645febd2248)
libstdcxx-dual-abi needs to be enabled to actually support C++11 ABI.
Enable the config flag to also permit support of .NET 6 development on
OpenWrt.
Signed-off-by: Ivan Maslov <avenger_msoft@mail.ru>
[ reword commit description and title ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 3c06a344e9c7c03c49c9153342e68a5390651323)
Allign dl_github_archieve.py to 8252511dc0b5a71e9e64b96f233a27ad73e28b7f
change. On supported system the sigid bit is applied to files and tar
archieve that on tar creation. This cause unreproducible tar for these
system and these bit should be dropped to produce reproducible tar.
Add the missing option following the command options used in other
scripts.
Fixes: 75ab064d2b38 ("build: download code from github using archive API")
Suggested-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Tested-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 5f1758ef14575df4e86896526b1c2035c231899e)
This fixes a security problem in ksmbd. It currently has the
ZDI-CAN-18259 ID assigned, but no CVE yet.
Backported from:
8824b7af40cc4f3b5a6a
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 76c67fcc66116381c69439f20159b636573080ba)
The WIFI LED already worked for me with the latest openwrt 22.03 version.
Wifi LED did not with an older 22.x version (in gluon - there phy0radio did nothing but phy0tpt did show activity
the WAN interface has the name "wan" and not "pppoe-wan" on this device
fixes#7757 (and FS#2987)
Signed-off-by: Florian Maurer <f.maurer@outlook.de>
(cherry picked from commit 0820d620123a03b6db6642acb6e950d22ffb030f)
Signed-off-by: Jan-Niklas Burfeind <git@aiyionpri.me>
When a new tag for a release is created, the just checkout repo from
github actions will already have such tag locally created.
This will result in git fetch --tags failing with error rejecting the
remote tag with (would clobber existing tag).
Add -f option to overwrite any local tags and always fetch them from
remote.
Fixes: e24a1e6f6d7f ("CI: build: add support for external toolchains from stable branch")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit f655923b362e9f2d70672eee9c1fa82550a145a6)
brcmsmac needs bcma. bcma is build into the kernel for the other bcm47xx
subtargets, but not for the legacy target because it only uses ssb. We
could build bcma as a module for bcm47xx_legacy, but none of these old
devices uses a wifi card supported by brcsmac.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit cb7d662dac897dd7df6ba6ba60417db822bd68f2)
the 5.10 uml build currently breaks with:
/usr/bin/ld: arch/um/os-Linux/signal.o: in function `sigusr1_handler':
arch/um/os-Linux/signal.c:141: undefined reference to `uml_pm_wake'
But there's an upstream fix for this. Backport the fix
for now but also let upstream know so it finds its way
through the -stable releases.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 8bea5edf89e57c32b98620540a457441f5f8ddeb)
This fixes compile of the bmips target.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit f620eb70f1a10385c33a9833e1c97d8c7fef0093)
libxxhash is now available in the OpenWrt package feed and gdb will link
against it if gdb finds this library. Explicitly deactivate the usage
of xxhash.
This should fix the build of gdb in build bots.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit a442974cfa89c7182c37b3b422b2d49319e2b339)
Allow forced flashing of a factory firmware image, after checking for the
correct FIT magic header and Linksys board-specific footer. Details of the
footer are already described in scripts/linksys-image.sh.
This is convenient as it avoids using a TFTP server or OEM GUI, and allows
restoring OEM firmware or installing a "breaking" OpenWrt update (e.g DSA
migration and kernel repartition) directly from the command line.
Devices supported at this time include EA6350v3, EA8300, MR8300 and WHW01.
Reviewed-by: Robert Marko <robimarko@gmail.com>
Tested-by: Wyatt Martin <wawowl@gmail.com> # WHW01
Tested-by: Tony Ambardar <itugrok@yahoo.com> # EA6350v3
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit 6fc334cbdc2b1716786768c545b761b338962b43)
This is used to access footer data in firmare files, and is simpler and
less error-prone than using 'dd' with calculated offsets.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit 9cbc825b30a60c4c4b466301b87e15e59b107f24)
The ABI of the wolfssl library changed a bit between version 5.5.3 and
5.5.4. This release update will trigger a rebuild of all packages which
are using wolfssl to make sure they are adapted to the new ABI.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit ee47a28cec01c7943238bae45f65a98e4fc9abbe)
Changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2
This release of Mbed TLS provides bug fixes and minor enhancements. This
release includes fixes for security issues.
Fixes the following CVEs:
* CVE-2022-46393: Fix potential heap buffer overread and overwrite in
DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and
MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.
* CVE-2022-46392: An adversary with access to precise enough information
about memory accesses (typically, an untrusted operating system
attacking a secure enclave) could recover an RSA private key after
observing the victim performing a single private-key operation if the
window size used for the exponentiation was 3 or smaller.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit af3c9b74e177019b18055c263099a42c1c6c3453)
Applications with libmbedtls, e.g. curl, fail on mpc85xx with:
curl[7227]: illegal instruction (4) at b7c94288 nip b7c94288 lr b7c6b528 code 1 in libmbedcrypto.so.2.28.1[b7c3e000+7e000]
curl[7227]: code: 3d7e0000 809e8004 91490000 816b814c 7d6903a6 4e800421 80010024 83c10018
curl[7227]: code: 38210020 7c0803a6 4e800020 9421fff0 <7d4d42e6> 7c6c42e6 7d2d42e6 7c0a4840
This is due to a bug in gcc-11.2.0. It is fixed with gcc-11.3.0.
Import the patch that is fixing the issue.
Signed-off-by: Nick Hainke <vincent@systemli.org>
Tweaking the KCONFIG line of kmod-ata-marvell-sata makes the hack patch
unnecessary
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 2e375e9b3148cfdb9b19494a25eebc2fa7b256a3)
This reverts commit fcff234fd89e8b24aa3ad2f352ddbb5304c38dc1.
$(STAGING_DIR_HOST)/bin/gzip is not available in openwrt-22.03. The
change broke the build because the build process could not find this
file. For example ath79/generic netgear_wndap360 was affected.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The frequency appears as unlisted initial frequency.
Removed it as Hauke suggested.
Signed-off-by: Jan-Niklas Burfeind <git@aiyionpri.me>
(cherry picked from commit 5b82eeb320d9f8e543232bb5dd004e644b35983e)
The CPE ID is already set in trusted-firmware-a.mk.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 9ed1830bdc1e58efb3e5b17c0e484e1a2655b550)
There are 2 different CPE IDs on the NVD website:
cpe:/a:arm:trusted_firmware-a
cpe:/o:arm:arm_trusted_firmware
The ID as currently used in trusted-firmware-a.mk does not exist. The
CPE ID using the arm_trusted_firmware product name only lists a few
records for versions 2.2 and 2.3 on the NVD site. The CPE ID using the
trusted_firmware-a product name lists many more records, and actually
has a CVE linked to it. Therefore, use the CPE ID using the
trusted_firmware-a product name.
Fixes: 104d60fe94ce ("trusted-firmware-a.mk: add PKG_CPE_ID")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit c8c6508c22c59a09b7acce63bed28947788a46d4)
