Commit Graph

16730 Commits

Author SHA1 Message Date
Daniel Golle
e4ce8f59f5 netifd: add basic support for jail network namespaces
Prepare netifd for handling procd service jails having their own
network namespace.
Intefaces having the jail attribute will only be brought up inside the
jail's network namespace by procd calling the newly introduced ubus
method 'netns_updown'.
Currently proto 'static' is supported and configuration changes are
not yet being handled (ie. you'll have to restart the jailed service
for changes to take effect).

Example /etc/config/network snippet:
config device 'veth0'
    option type 'veth'
    option name 'vhost0'
    option peer_name 'virt0'

config interface 'virt'
    option type 'bridge'
    list ifname 'vhost0'
    option proto 'static'
    option ipaddr '10.0.0.1'
    option netmask '255.255.255.0'

config interface 'virt0'
    option ifname 'virt0'
    option proto 'static'
    option ipaddr '10.0.0.2'
    option netmask '255.255.255.0'
    option gateway '10.0.0.1'
    option dns '10.0.0.1'
    option jail 'transmission'

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-01-21 10:25:27 +02:00
Petr Štetiar
5c73bb12c8 libubox: update to version 2020-01-20
43a103ff17ee blobmsg: blobmsg_parse and blobmsg_parse_array oob read fixes
 5c0faaf4f5e2 tests: prefer dynamically allocated buffers
 1ffa41535369 blobmsg_json: prefer snprintf usage
 132ecb563da7 blobmsg: blobmsg_vprintf: prefer vsnprintf
 a2aab30fc918 jshn: prefer snprintf usage
 b0886a37f39a cmake: add a possibility to set library version
 a36ee96618a9 blobmsg: blobmsg_add_json_element() 64-bit values
 f0da3a4283b7 blobmsg_json: fix int16 serialization
 20a070f08139 tests: blobmsg/json: add more test cases
 379cd33d1992 tests: include json script shunit2 based testing

Acked-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-01-20 20:57:21 +01:00
Petr Štetiar
63000bfaf7 fstools: update to version 2020-01-18
f5c7c1813f52 fstools: Add support to read-only MTD partitions (eg. recovery images)
 189b41b6b487 libblkid-tiny: fix f2fs labels by increasing label buffer

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-01-20 20:57:21 +01:00
Sungbo Eo
c26b687e31 kernel: remove further obsolete kernel version switches
Most of the kernel version switches below 4.14 were removed in commit
97940f8766 ("kernel: remove obsolete kernel version switches"),
but some of them still remained. Remove them now.

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2020-01-18 19:39:05 +01:00
Rosen Penev
8df14c229c base-files/functions.sh: use grep -q instead of []
It's cleaner and faster as it does not need to do extra work.

Also removed $() to avoid executing the output. The shell can handle it.

https://github.com/koalaman/shellcheck/wiki/SC2143

Signed-off-by: Rosen Penev <rosenp@gmail.com>
[correct || to && for one conversion]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-01-18 00:24:06 +01:00
Rosen Penev
d4009d7985 base-files/system.sh: remove $ in $(())
Not needed.

https://github.com/koalaman/shellcheck/wiki/Sc2004

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-01-17 12:17:36 +01:00
Rosen Penev
fb56573dc4 base-files/functions.sh: use && instead of -a
-a is not well defined.

https://github.com/koalaman/shellcheck/wiki/SC2166

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-01-17 12:17:36 +01:00
Rosen Penev
b8e17aefea base-files/functions.sh: remove useless cat
The cut command can take a file as an input.

https://github.com/koalaman/shellcheck/wiki/SC2002

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-01-17 12:17:36 +01:00
Rosen Penev
cba5fa0352 base-files/functions.sh: don't use $var in $(())
It's not needed. It can also lead to subtle bugs.

https://github.com/koalaman/shellcheck/wiki/Sc2004

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-01-17 12:17:35 +01:00
Stijn Tintel
1322190fd3 libcxx: fix build for x86/64
When building libcxx for x86/64, the library is installed in /usr/lib64.
As the install section tries to copy the library from /usr/lib, this
breaks build on x86/64. Override the lib dir suffix to fix this.

Fixes: 856ea2bad3 ("libcxx: Add package")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Rosen Penev <rosenp@gmail.com>
2020-01-17 00:42:49 +02:00
Hans Dedecker
f0c0f92ce4 odhcpd: update to version 2020-01-14
6db312a dhcpv6-ia: use dhcp leasetime to set preferred/valid statefull lifetimes
2520c48 dhcpv6-ia: introduce DHCPv6 pd and ia assignments flags
b413d8a dhcpv6-ia: cleanup prefix delegation routes
b0902af dhcpv6-ia: remove passing interface as parameter to apply_lease

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2020-01-16 21:53:17 +01:00
David Lam
a5f3648a1c hostapd: add support for system cert bundle validation
Currently, it is very cumbersome for a user to connect to a WPA-Enterprise
based network securely because the RADIUS server's CA certificate must first be
extracted from the EAPOL handshake using tcpdump or other methods before it can
be pinned using the ca_cert(2) fields. To make this process easier and more
secure (combined with changes in openwrt/openwrt#2654), this commit adds
support for validating against the built-in CA bundle when the ca-bundle
package is installed. Related LuCI changes in openwrt/luci#3513.

Signed-off-by: David Lam <david@thedavid.net>
[bump PKG_RELEASE]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2020-01-16 12:08:18 +01:00
Daniel Golle
702c70264b hostapd: cleanup IBSS-RSN
set noscan also for IBSS and remove redundant/obsolete variable.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-01-16 10:26:21 +02:00
Andrea Dalla Costa
5adca1cf2a uboot-oxnas: fix memory leak in tool mkox820crc
In function `main` add calls to `free` for the variable `executable`.
This is needed because the variable `executable` is allocated but
never freed. This cause a memory leak.

Signed-off-by: Andrea Dalla Costa <andrea@dallacosta.me>
2020-01-15 23:15:19 +01:00
John Crispin
a3dd95ef63 dropbear: fix compile error
Fixes: 0da193ee69 ("dropbear: move failsafe code out of base-files")
Signed-off-by: John Crispin <john@phrozen.org>
2020-01-15 21:31:12 +01:00
Florian Eckert
7151054abd wireguard: skip peer config if public key of the peer is not defined
If a config section of a peer does not have a public key defined, the
whole interface does not start. The following log is shown

daemon.notice netifd: test (21071): Line unrecognized: `PublicKey='
daemon.notice netifd: test (21071): Configuration parsing erro

The command 'wg show' does only show the interface name.

With this change we skip the peer for this interface and emit a log
message. So the other peers get configured.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2020-01-15 21:19:01 +01:00
John Crispin
d9cfa827ac busybox: fix build issues
Fixes: f704f97e4c ("busybox: Include hdparm by default on nas type device")
Signed-off-by: John Crispin <john@phrozen.org>
2020-01-15 21:17:47 +01:00
Michal Cieslakiewicz
a736f39432 ath79: add support for Netgear WNDR4500 v3
This patch introduces support for Netgear WNDR4500v3. Router
is very similar to WNDR4300v2 and is based on the same PCB.

Information gathered from various Internet sources (including
https://patchwork.ozlabs.org/patch/809227/) shows following
differences to WNDR4300v2:

 * two USB 2.0 ports with separate LEDs
 * USB LEDs soldered to secondary pads
 * WPS and RFKILL buttons soldered to secondary pads
 * described as N900 device with 3x3:3 MIMO for 2.4GHz radio
 * power supply requirement is DC 12V 2.5A
 * vendor HW ID suffix differs in one digit
 * bigger chassis

Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
2020-01-15 20:56:05 +01:00
Michal Cieslakiewicz
37a36a588a ath79: add support for Netgear WNDR4300 v2
This patch introduces support for Netgear WNDR4300v2.

Specification
=============
  * Description: Netgear WNDR4300 v2
  * Loader: U-boot
  * SOC: Qualcomm Atheros QCA9563 (775 MHz)
  * RAM: 128 MiB
  * Flash: 2 MiB SPI-NOR + 128 MiB SPI-NAND
	- NOR: U-boot binary: 256 KiB
	- NOR: U-boot environment: 64 KiB
	- NOR: ART Backup: 64 KiB
 	- NOR: Config: 64 KiB
	- NOR: Traffic Meter: 64 KiB
	- NOR: POT: 64 KiB
	- NOR: Reserved: 1408 KiB
	- NOR: ART: 64 KiB
	- NAND: Firmware: 25600 KiB (see notes for OpenWrt)
	- NAND: Language: 2048 KiB
	- NAND: mtdoops Crash Dump: 128 KiB
	- NAND: Reserved: 103296 KiB
  * Ethernet: 5 x 10/100/1000 (4 x LAN, 1 x WAN) (AR8337)
  * Wireless:
	- 2.4 GHz b/g/n (internal)
	- 5 GHz a/n (AR9580)
  * USB: yes, 1 x USB 2.0
  * Buttons:
	- Reset
	- WiFi (rfkill)
	- WPS
  * LEDs:
	- Power (amber/green)
	- WAN (amber/green)
	- WLAN 2G (green)
	- WLAN 5G (blue)
	- 4 x LAN (amber/green)
	- USB (green)
	- WPS (green)
  * UART: 4-pin connector JP1, 3.3V (Vcc, TX, RX, GND), 115200 8N1
  * Power supply: DC 12V 1.5A
  * MAC addresses: LAN=WLAN2G on case label, WAN +1, WLAN5G +2

Important Notes
===============
0. NOR Flash (2 MiB) is not touched by OpenWrt installation.
1. NAND Flash (128 MiB) layout under OpenWrt is changed as follows:
   all space is split between 4 MiB kernel and 124 MiB UBI areas;
   vendor partitions (language and mtdoops) are removed; kernel space
   size can be further expanded if needed; maximum image size is set
   to 25600k for compatibility reasons and can also be increased.
2. CPU clock is 775 MHz, not 750 MHz.
3. 5 GHz wireless radio chip is Atheros AR9580-AR1A with bogus PCI
   device ID 0xabcd. For ath9k driver to load successfully, this is
   overriden in DTS with correct value for this chip, 0x0033.
4. RFKILL button is wired to AR9580 pin 9 which is normally disabled
   by chip definition in ath9k code (0x0000F4FF gpio mask). Therefore
   'qca,gpio-mask=<0xf6ff>' hack must be used for button to work
   properly.
5. USB port is always on, no GPIO for 5V power control has been
   identified.

Installation
============
  * TFTP recovery
  * TFTP via U-boot prompt
  * sysupgrade
  * Web interface

Test build configuration
========================
CONFIG_TARGET_ath79=y
CONFIG_TARGET_ath79_nand=y
CONFIG_TARGET_ath79_nand_DEVICE_netgear_wndr4300-v2=y
CONFIG_ALL_KMODS=y
CONFIG_DEVEL=y
CONFIG_CCACHE=y
CONFIG_COLLECT_KERNEL_DEBUG=y
CONFIG_IMAGEOPT=y

Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
2020-01-15 20:55:56 +01:00
Michal Cieslakiewicz
4a0a1fc91c mac80211: ath9k: add GPIO mask dts property
This patch adds 'qca,gpio-mask=<u32>' device tree property to ath9k node.
This optional setting is a hack and should only be used in very special
(and rare) cases when a button or LED is wired to a GPIO pin normally
masked out (due to being one-way etc). Netgear WNDR4300 v2 is one such
example - it uses GPI9 for RFKILL.

See ath9k/reg.h *_GPIO_MASK constants.

Use with caution and expect to see stream of kernel warnings if wrong
mask value is provided.

Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
2020-01-15 20:55:31 +01:00
Maxim Storchak
5f07b6f367 zram-swap: support swap priority
If zram-backed swap is added after an existing swap, it gets a lower
priority. Assiming that usually all other swaps are slower, there should
be a way to assign a higher priority to zram swap.

Signed-off-by: Maxim Storchak <m.storchak@gmail.com>
2020-01-15 20:49:00 +01:00
Rosen Penev
475a504dbc perf: Add libunwind only if selected
The depends are totally wrong. libunwind does not work with powerpc and
i386 as it needs glibc.

Instead of duplicating the platforms, just change the dependency.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-01-15 20:34:16 +01:00
Florian Eckert
ee2014e680 uhttpd: add enable instance option
With this change it is now possible to switch off single instances of
the uhttpd config. Until now it was only possible to switch all
instances of uhttpd on or off.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2020-01-15 20:16:42 +01:00
Kyle Copperfield
0fcb4a3981 hostapd: add wpa_strict_rekey support
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.

To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
Rekey GTK on STA disassociate

Signed-off-by: Kyle Copperfield <kmcopper@danwin1210.me>
2020-01-15 20:13:49 +01:00
Kyle Copperfield
30c64825c7 hostapd: add dtim_period, local_pwr_constraint, spectrum_mgmt_required
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.

To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
Allows dtim_period to be configurable, the default is from hostapd.
Adds additional regulatory tunables for power constraint and spectrum
managment.

Signed-off-by: Kyle Copperfield <kmcopper@danwin1210.me>
2020-01-15 20:13:44 +01:00
Kyle Copperfield
0da193ee69 dropbear: move failsafe code out of base-files
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.

To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
Failsafe code of dropbear should be in the dropbear package not the
base-files package.

Signed-off-by: Kyle Copperfield <kmcopper@danwin1210.me>
2020-01-15 20:04:06 +01:00
Linus Walleij
f704f97e4c busybox: Include hdparm by default on nas type device
NAS devices certainly need to have hdparm to configure
things like spin-down time or their disks will be
constantly spinning. Just catenate CONFIG_HDPARM=y
on these configs.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
2020-01-15 19:57:27 +01:00
Eneas U de Queiroz
9b25f833eb cryptodev-linux: remove DEFAULT redefinition
The 'DEFAULT:=m if ALL' line prevents the phase1 buildbots from building
the package, and users from downloading it, since they use 'ALL_KMODS=y'
but 'ALL' is not set.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2020-01-15 19:31:08 +01:00
Felix Fietkau
866790fd82 mac80211: fix MAC address allocations if the local bit is set on the base addr
If it's set, don't subtract 1 from the interface index encoded into the first
byte of the address

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-01-15 15:36:26 +01:00
Jo-Philipp Wich
b070101c50 valgrind: do not strip internal preload libraries and executables
Implement the suggestions laid out in README_PACKAGERS, mainly by preventing
the stripping of the internal vgpreload*.so libraries.

Also retain the symbol information of valgrind's private helper executables
and enable LTO as suggested in the packagers readme.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2020-01-14 17:52:34 +01:00
Xu Wang
44304c1d67 base-files: fix build for /sbin/pkg_check
Setting CONFIG_IPK_FILES_CHECKSUMS=y causes sha256 checksum files to be
included with the packages to check for corruption. This commit fixes two
issues:
- /sbin/pkg_check was being removed incorrectly if IPK_FILES_CHECKSUMS=y
- checksums were being saved in the wrong file

Signed-off-by: Xu Wang <xwang1498@gmx.com>
2020-01-14 17:52:34 +01:00
David Lam
22b07ff73e hostapd: add support for subject validation
The wpa_supplicant supports certificate subject validation via the
subject match(2) and altsubject_match(2) fields. domain_match(2) and
domain_suffix_match(2) fields are also supported for advanced matches.
This validation is especially important when connecting to access
points that use PAP as the Phase 2 authentication type. Without proper
validation, the user's password can be transmitted to a rogue access
point in plaintext without the user's knowledge. Most organizations
already require these attributes to be included to ensure that the
connection from the STA and the AP is secure. Includes LuCI changes via
openwrt/luci#3444.

From the documentation:

subject_match - Constraint for server certificate subject. This substring
is matched against the subject of the authentication server certificate.
If this string is set, the server sertificate is only accepted if it
contains this string in the subject. The subject string is in following
format: /C=US/ST=CA/L=San Francisco/CN=Test AS/emailAddress=as
.example.com

subject_match2 - Constraint for server certificate subject. This field is
like subject_match, but used for phase 2 (inside EAP-TTLS/PEAP/FAST
tunnel) authentication.

altsubject_match - Constraint for server certificate alt. subject.
Semicolon separated string of entries to be matched against the
alternative subject name of the authentication server certificate. If
this string is set, the server sertificate is only accepted if it
contains one of the entries in an alternative subject name extension.
altSubjectName string is in following format: TYPE:VALUE Example:
EMAIL:server@example.com Example:
DNS:server.example.com;DNS:server2.example.com Following types are
supported: EMAIL, DNS, URI

altsubject_match2 - Constraint for server certificate alt. subject. This
field is like altsubject_match, but used for phase 2 (inside
EAP-TTLS/PEAP/FAST tunnel) authentication.

domain_match - Constraint for server domain name. If set, this FQDN is
used as a full match requirement for the
server certificate in SubjectAltName dNSName element(s). If a
matching dNSName is found, this constraint is met. If no dNSName
values are present, this constraint is matched against SubjectName CN
using same full match comparison. This behavior is similar to
domain_suffix_match, but has the requirement of a full match, i.e.,
no subdomains or wildcard matches are allowed. Case-insensitive
comparison is used, so "Example.com" matches "example.com", but would
not match "test.Example.com". More than one match string can be
provided by using semicolons to
separate the strings (e.g., example.org;example.com). When multiple
strings are specified, a match with any one of the values is considered
a sufficient match for the certificate, i.e., the conditions are ORed
together.

domain_match2 - Constraint for server domain name. This field is like
domain_match, but used for phase 2 (inside EAP-TTLS/PEAP/FAST tunnel)
authentication.

domain_suffix_match - Constraint for server domain name. If set, this
FQDN is used as a suffix match requirement for the AAA server
certificate in SubjectAltName dNSName element(s). If a matching dNSName
is found, this constraint is met. If no dNSName values are present,
this constraint is matched against SubjectName CN using same suffix
match comparison. Suffix match here means that the host/domain name is
compared one label at a time starting from the top-level domain and all
the labels in domain_suffix_match shall be included in the certificate.
The certificate may include additional sub-level labels in addition to
the required labels. More than one match string can be provided by using
semicolons to separate the strings (e.g., example.org;example.com).
When multiple strings are specified, a match with any one of the values
is considered a sufficient match for the certificate, i.e., the
conditions are ORed together. For example,
domain_suffix_match=example.com would match test.example.com but would
not match test-example.com. This field is like domain_match, but used
for phase 2 (inside EAP-TTLS/PEAP/FAST tunnel) authentication.

domain_suffix_match2 - Constraint for server domain name. This field is
like domain_suffix_match, but used for phase 2 (inside
EAP-TTLS/PEAP/FAST tunnel) authentication.

Signed-off-by: David Lam <david@thedavid.net>
2020-01-14 17:46:27 +01:00
Felix Fietkau
b1a1c222c9 mac80211: fix list_phy_interfaces for multiple wiphys on the same device
Network interfaces are looked up based on the device behind a phy, so the
phy needs to be checked separately

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-01-14 14:57:13 +01:00
Felix Fietkau
9501469e11 mac80211: fix a page refcounting issue leading to leaks/crashes in rx A-MSDU decap
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-01-14 14:56:59 +01:00
Felix Fietkau
d5b3024139 mac80211: fix sta TID stats leak on a few nl80211 calls
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-01-14 14:56:54 +01:00
Felix Fietkau
fe1818cdbc mac80211: renumber subsys patches accepted upstream
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2020-01-14 14:56:46 +01:00
Florian Eckert
0f33c6b74a base-files: use jshn lib for ubus sysupgrade argument generation
With this change the well known jshn library will be used, to build the
json arguments for the ubus sysupgrade method. This is also used in all
other shell program that uses JSON. This commit unifies that.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2020-01-14 00:06:03 +01:00
Petr Štetiar
3d62463755 rpcd: activate PIE ASLR by default
This activates PIE ASLR support by default when the regular option is
selected.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-01-14 00:06:44 +01:00
Petr Štetiar
2b28358a37 odhcpd: activate PIE ASLR by default
This activates PIE ASLR support by default when the regular option is
selected.

Size increase on x86/64:

 odhcpd-ipv6only Installed-Size: 36821 -> 38216

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-01-14 00:06:40 +01:00
Petr Štetiar
9c628cc76c procd: activate PIE ASLR by default
This activates PIE ASLR support by default when the regular option is
selected.

Size increase on x86/64:

 procd Installed-Size: 44931 -> 47362

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-01-14 00:06:35 +01:00
Petr Štetiar
d38dd6e1ef ubus: activate PIE ASLR by default
This activates PIE ASLR support by default when the regular option is
selected.

Size increase on x86/64:

 ubus  Installed-Size:  5602 ->  5950
 ubusd Installed-Size: 11643 -> 12119

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-01-14 00:06:03 +01:00
Hauke Mehrtens
a2571f3c81 uhttpd: Activate PIE by default
This activates PIE ASLR support by default when the regular option is
selected.

This increases the binary size by 39% uncompressed and 21% compressed
on MIPS BE.

old:
33,189 /usr/sbin/uhttpd
23,016 uhttpd_2019-08-17-6b03f960-4_mips_24kc.ipk

new:
46,212 /usr/sbin/uhttpd
27,979 uhttpd_2019-08-17-6b03f960-4_mips_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Petr Štetiar <ynezz@true.cz>
2020-01-13 15:34:36 +01:00
Hauke Mehrtens
6b2379d048 hostapd: Activate PIE by default
This activates PIE ASLR support by default when the regular option is
selected.

This increases the binary size by 26% uncompressed and 16% compressed
on MIPS BE.

old:
460,933 /usr/sbin/wpad
283,891 wpad-basic_2019-08-08-ca8c2bd2-1_mips_24kc.ipk

new:
584,508 /usr/sbin/wpad
330,281 wpad-basic_2019-08-08-ca8c2bd2-1_mips_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Petr Štetiar <ynezz@true.cz>
2020-01-13 15:34:36 +01:00
Hauke Mehrtens
7ab6613026 dropbear: Activate PIE by default
This activates PIE ASLR support by default when the regular option is
selected.

This increases the binary size by 18% uncompressed and 17% compressed
on MIPS BE.

old:
164,261 /usr/sbin/dropbear
 85,648 dropbear_2019.78-2_mips_24kc.ipk

new:
194,492 /usr/sbin/dropbear
100,309 dropbear_2019.78-2_mips_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Petr Štetiar <ynezz@true.cz>
2020-01-13 15:34:36 +01:00
Hauke Mehrtens
dae0ac7770 dnsmasq: Activate PIE by default
This activates PIE ASLR support by default when the regular option is
selected.

This increases the binary size by 37% uncompressed and 18% compressed
on MIPS BE.

old:
146,933 /usr/sbin/dnsmasq
101,837 dnsmasq_2.80-14_mips_24kc.ipk

new:
202,020 /usr/sbin/dnsmasq
120,577 dnsmasq_2.80-14_mips_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Petr Štetiar <ynezz@true.cz>
2020-01-13 15:34:36 +01:00
Hans Dedecker
3446702cdb ethtool: bump to 5.4
7dc0af7 Release version 5.4.
914912e ethtool: add 0x16 and 0x1c extended compliance codes
600b779 ethtool: mark 10G Base-ER as SFF-8472 revision 10.4 onwards
696565d ethtool: correctly interpret bitrate of 255
2941970 fix unused parameter warning in e1000_get_mac_type()
5e814f2 fix unused parameter warning in fjes_dump_regs()
b1a5279 fix unused parameter warning in ixgb_dump_regs()
6608751 fix unused parameter warning in ibm_emac_dump_regs()
1c30119 fix unused parameter warning in et131x_dump_regs()
a56aba4 fix unused parameter warning in amd8111e_dump_regs()
f40d32d fix unused parameter warning in fec_dump_regs()
8b84f1a fix unused parameter warning in at76c50x_usb_dump_regs()
f725f5a fix unused parameter warning in smsc911x_dump_regs()
a12cd66 fix unused parameter warning in e1000_dump_regs()
e058656 fix unused parameter warning in igb_dump_regs()
debac02 fix unused parameter warning in de2104[01]_dump_regs()
d434eea fix unused parameter warning in e100_dump_regs()
8df12f3 fix unused parameter warning in vioc_dump_regs()
92d716b fix unused parameter warning in tg3_dump_{eeprom, regs}()
211c99e fix unused parameter warning in fec_8xx_dump_regs()
362fb8b fix unused parameter warning in ixgbevf_dump_regs()
87903c2 fix unused parameter warning in st_{mac100, gmac}_dump_regs()
c1eaddf fix unused parameter warning in vmxnet3_dump_regs()
313c9f8 fix unused parameter warning in dsa_dump_regs()
183e8a2 fix unused parameter warning in {skge, sky2}_dump_regs()
7f84c13 fix unused parameter warning in lan78xx_dump_regs()
02d0aaa fix unused parameter warning in realtek_dump_regs()
726d607 fix unused parameter warning in ixgbe_dump_regs()
967177c fix unused parameter warning in netsemi_dump_eeprom()
710a414 fix unused parameter warning in natsemi_dump_regs()
283398a fix unused parameter warning in print_simple_table()
0404267 fix unused parameter warning in sfc_dump_regs()
57c7298 fix unused parameter warning in altera_tse_dump_regs()
302e91a fix unused parameter warning in dump_eeprom()
2054a8c fix unused parameter warning in find_option()
d5432a9 fix unused parameter warnings in do_version() and show_usage()
c430e75 fix arithmetic on pointer to void is a GNU extension warning
e568431 ethtool: implement support for Energy Detect Power Down
e391f4c ethtool: sync ethtool-copy.h: adds support for EDPD

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2020-01-12 22:19:37 +01:00
Adrian Schmutzler
97940f8766 kernel: remove obsolete kernel version switches
After kernel 4.9 has been removed, this removes all (now obsolete)
kernel version switches that deal with versions before 4.14.

Package kmod-crypto-iv is empty now and thus removed entirely.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-01-12 16:34:20 +01:00
Tom Brouwer
2090b8af0a ipq40xx: add support for EZVIZ CS-W3-WD1200G EUP
Hardware:
SOC:    Qualcomm IPQ4018
RAM:	128 MB Nanya NT5CC64M16GP-DI
FLASH:  16 MB Macronix MX25L12805D
ETH:    Qualcomm QCA8075 (4 Gigabit ports, 3xLAN, 1xWAN)
WLAN:   Qualcomm IPQ4018 (2.4 & 5 Ghz)
BUTTON: Shared WPS/Reset button
LED:    RGB Status/Power LED
SERIAL: Header J8 (UART, Left side of board). Numbered from
        top to bottom:
        (1) GND, (2) TX, (3) RX, (4) VCC (White triangle
        next to it).
        3.3v, 115200, 8N1

Tested/Working:
* Ethernet
* WiFi (2.4 and 5GHz)
* Status LED
* Reset Button (See note below)

Implementation notes:
* The shared WPS/Reset button is implemented as a Reset button
* I could not find a original firmware image to reverse engineer, meaning
currently it's not possible to flash OpenWrt through the Web GUI.

Installation (Through Serial console & TFTP):
1. Set your PC to fixed IP 192.168.1.12, Netmask 255.255.255.0, and connect to
one of the LAN ports
2. Rename the initramfs image to 'C0A8010B.img' and enable a TFTP server on
your pc, to serve the image
2. Connect to the router through serial (See connection properties above)
3. Hit a key during startup, to pause startup
4. type `setenv serverip 192.168.1.12`, to set the tftp server address
5. type `tftpboot`, to load the image from the laptop through tftp
6. type `bootm` to run the loaded image from memory
6. (If you want to return to stock firmware later, create an full MTD backup,
e.g. using instructions here https://openwrt.org/docs/guide-user/installation/generic.backup#create_full_mtd_backup)
7. Transfer the 'sysupgrade' OpenWrt firmware image from PC to router, e.g.:
`scp xxx-squashfs-sysupgrade.bin root@192.168.1.1:/tmp/upgrade.bin`
8. Run sysupgrade to permanently install OpenWrt to flash: `sysupgrade -n /tmp/upgrade.bin`

Revert to stock:
To revert to stock, you need the MTD backup from step 6 above:
1. Unpack the MTD backup archive
2. Transfer the 'firmware' partition image to the router (e.g. mtd8_firmware.backup)
3. On the router, do `mtd write mtd8_firmware.backup firmware`

Signed-off-by: Tom Brouwer <tombrouwer@outlook.com>
[removed BOARD_NAME, OpenWRT->OpenWrt, changed LED device name to board name]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2020-01-12 15:57:58 +01:00
Tobias Schramm
b16e5517b5 kernel: add kmod packages for Broadcom bcm53xxx switch support
Signed-off-by: Tobias Schramm <tobleminer@gmail.com>
2020-01-12 14:12:50 +01:00
Kevin Darbyshire-Bryant
35ba9304c6 kmod-sched-cake: bump to 20200110
Keep up with a small amount of churn in the upstream repository.
Upstream now represents the version of CAKE as found in the linux kernel
from 4.19 onwards but with some compatibility stubs to allow building on
<4.19.

After a diversion related to an experimental ECN implementation which
has now been reverted, the important and relevant changes for us are:

8a8946b sch_cake: avoid possible divide by zero in cake_enqueue()
183b320 RFC 8622 diffserv3, 4 & 8 LE PHB support
6ff4561 sch_cake: Make sure we can write the IP header before changing DSCP bits
9fba602 sch_cake: Use tc_skb_protocol for getting packet protocol

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2020-01-11 08:35:23 +00:00
Jason A. Donenfeld
7936cb94a9 wireguard-tools: bump to 1.0.20200102
* systemd: update documentation URL
* global: bump copyright

Usual house keeping.

* Makefile: DEBUG_TOOLS -> DEBUG and document
* Makefile: port static analysis check
* dns-hatchet: adjust path for new repo layout
* Makefile: rework automatic version.h mangling

These are some important-ish cleanups for downstream package maintainers that
should make packaging this a lot smoother.

* man: add documentation about removing explicit listen-port

Documentation improvement.

* wg-quick: linux: quote ifname for nft

This should fix issues with weirdly named ifnames and odd versions of nft(8).

* fuzz: find bugs in the config syntax parser
* fuzz: find bugs when parsing uapi input

These are two fuzzers that have been laying around without a repo for a while.
Perhaps somebody with enough compute power will find bugs with them.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-01-09 18:54:24 +01:00
Jason A. Donenfeld
62c2199bd8 wireguard: bump to 0.0.20200105
* socket: mark skbs as not on list when receiving via gro

Certain drivers will pass gro skbs to udp, at which point the udp driver
simply iterates through them and passes them off to encap_rcv, which is
where we pick up. At the moment, we're not attempting to coalesce these
into bundles, but we also don't want to wind up having cascaded lists of
skbs treated separately. The right behavior here, then, is to just mark
each incoming one as not on a list. This can be seen in practice, for
example, with Qualcomm's rmnet_perf driver. This lead to crashes on
OnePlus devices and possibly other Qualcomm 4.14 devices. But I fear
that it could lead to issues on other drivers on weird OpenWRT routers.

This commit is upstream in net-next as:
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=736775d06bac60d7a353e405398b48b2bd8b1e54

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2020-01-09 18:54:24 +01:00
Daniel Golle
6a28552120 dnsmasq: add uci-defaults script for config migration
When running sysupgrade from an existing configuration, UCI option
dhcp.@dnsmasq[0].resolvfile needs to be modified in case it has not
been changed from it's original value.
Accomplish that using a uci-defaults script.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-01-09 15:37:53 +02:00
David Bauer
ab16adf80b hostapd: disable ft_psk_generate_local for non-PSK networks
Without this commit, ft_psk_generate_local is enabled for non-PSK
networks by default. This breaks 802.11r for EAP networks.

Disable ft_psk_generate_local by default for non-PSK networks resolves
this misbehavior.

Reported-by: Martin Weinelt <martin@darmstadt.freifunk.net>
Signed-off-by: David Bauer <mail@david-bauer.net>
Tested-by: Martin Weinelt <martin@darmstadt.freifunk.net>
2020-01-09 01:01:20 +01:00
Adrian Schmutzler
28fd4ac512 ixp4xx: remove unmaintained target
This target is still on kernel 4.9, and it looks like there is no
active maintainer for this target anymore.
Remove the code and all the packages which are only used by this target.

To add this target to OpenWrt again port it to a recent and supported
kernel version.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-01-08 16:45:08 +01:00
Adrian Schmutzler
4bc92c1e75 ar7: remove unmaintained target
This target seems to have been unmaintained for quite a while, and not a
single tester for the (now outdated) kernel 4.14 patches has been found.
Remove the code and all the packages which are only used by this target.

To add this target to OpenWrt again port it to a recent and supported
kernel version.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-01-08 16:45:08 +01:00
Hauke Mehrtens
90740f52e9 ar7: update kernel to version 4.14
This adds support for kernel 4.14 to the target and directly make it the
default kernel version to use.

This patch is build-tested only, but has never been device-tested. It is
only added to preserve the changes in Git history prior to removing this
target. Use it with care.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
[rebased and extended commit message, refreshed patches for 4.14.162]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-01-08 16:45:08 +01:00
Matthias Schiffer
41c19dd542
ethtool: fix PKG_CONFIG_DEPENDS
Add missing CONFIG_ prefix.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2020-01-07 20:53:31 +01:00
Matthias Schiffer
9924db5b37
iperf: fix PKG_CONFIG_DEPENDS
Fix typo in PKG_CONFIG_DEPENDS and missing CONFIG_ prefix.

Fixes: e98e046f06 ("iperf: Allow enabling multicast support")
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2020-01-07 20:52:23 +01:00
Daniel Golle
2e3cf4500b dnsmasq: bump PKG_RELEASE
Previous commit should have bumped PKG_RELEASE, but git add was
forgotten... Add it now.

Fixes: cd48d8d342 ("dnsmasq: switch to /tmp/resolv.conf.d/resolv.conf.auto")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-01-07 15:44:16 +02:00
Daniel Golle
cd48d8d342 dnsmasq: switch to /tmp/resolv.conf.d/resolv.conf.auto
Mount-bind directory instead of resolv.conf.auto file in jail to
avoid problems when the file is deleted/replaced.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-01-07 15:37:22 +02:00
Daniel Golle
5e1604477a netifd: move /tmp/resolv.conf.auto to /tmp/resolv.conf.d/
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-01-07 15:36:59 +02:00
Daniel Golle
fedc5d30ae base-files: move /tmp/resolv.conf.auto to /tmp/resolv.conf.d/
Having it in a directory it more friendly for mount-bind.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-01-07 15:36:03 +02:00
Hauke Mehrtens
414d054138 dnsmasq: Fix potential dnsmasq crash with TCP
This is a backport from the dnsmasq master which should fix a bug which
could cause a crash in dnsmasq.

I saw the following crashes in my log:
[522413.117215] do_page_fault(): sending SIGSEGV to dnsmasq for invalid read access from 2a001450
[522413.124464] epc = 004197f1 in dnsmasq[400000+23000]
[522413.129459] ra  = 004197ef in dnsmasq[400000+23000]
This is happening in blockdata_write() when block->next is
dereferenced, but I am not sure if this is related to this problem or if
this is a different problem. I am unable to reproduce this problem.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-01-06 17:44:22 +01:00
Hauke Mehrtens
2d80f7e836 rpcd: Update to version 2020-01-05
efe51f4 iwinfo: add current hw and ht mode to info call

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-01-05 20:21:48 +01:00
Hauke Mehrtens
8fb6be73b5 iwinfo: Update to version 2020-01-05
bf2c106 nl80211: add htmode to iwinfo_ops

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-01-05 20:19:37 +01:00
Hauke Mehrtens
05145ffbef uclient: Update to version 2020-01-05
fef6d3d uclient: Add string error function

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-01-05 20:04:37 +01:00
Hauke Mehrtens
ccd7e2dfb2 ustream-ssl: Update to version 2020-01-05
30cebb4 ustream-ssl: mbedtls: fix ssl client verification
77de09f ustream-ssl: mbedtls: fix net_sockets.h include warning

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-01-05 20:04:37 +01:00
Hauke Mehrtens
5877280463 ubus: Update to version 2020-01-05
d35df8a ubus: make libubus ready for linking into C++

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-01-05 20:04:37 +01:00
Andrea Dalla Costa
52f0b0913d ead: fix resource leak in tinysrp
Add call to fclose for file pointer fp in function t_openpw.
The resource leak could happen during an error handling.

Signed-off-by: Andrea Dalla Costa <andrea@dallacosta.me>
2020-01-05 19:36:46 +01:00
DENG Qingfang
983605e61f pppd: update to 2.4.8
78cd384 Update README and patchlevel.h for 2.4.8 release
5d03403 pppd: Avoid use of strnlen (and strlen) in vslprintf
a1e950a pppd: Fix IPv6 default route code for Solaris
ca5e61b plugins/rp-pppoe: Make tag parsing loop condition more accurate
c10c3c7 pppd: Make sure word read from options file is null-terminated
b311e98 pppd: Limit memory accessed by string formats with max length specified
3ea9de9 pppd: Eliminate some more compiler warnings
57edb1a pppd: Include time.h header before using time_t
09f695f pppd: Don't free static string
03104ba pppd.h: Add missing headers
388597e pppd: Add defaultroute6 and related options
66ce4ba pppd: Avoid declarations within statements in main.c
5637180 pppd: Fix `ifname` option in case of multilink (#105)
d00f8a0 pppd: Fix variable reference syntax in Makefile.linux
b6b4d28 pppd: Check tdb pointer before closing

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2020-01-05 19:36:45 +01:00
Matt Merhar
3d7f76383f dropbear: add missing zlib dependency for dropbearconvert
If CONFIG_DROPBEAR_ZLIB is set, building fails at the packaging stage
due to an undeclared dependency on libz.so.1.

As is already done for the main dropbear package, conditionally add a
dependency on zlib.

Signed-off-by: Matt Merhar <mattmerhar@protonmail.com>
2020-01-05 19:36:45 +01:00
Rosen Penev
c2ef6c2148 nettle: Disable ARMEB assembly
It's broken for ARMv5, which is the only armeb target in OpenWrt.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-01-05 19:36:45 +01:00
Rosen Penev
d040851a6f trace-cmd: Fix compilation without fortify-headers
Upstream backport.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-01-05 19:36:45 +01:00
Rosen Penev
121ad10601 lldpd: Fix compilation without fortify-headers
Upstream backport.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-01-05 19:36:45 +01:00
Josef Schlehofer
43eb93441f e2fsprogs: update to version 1.45.4
Removed backported patch

Release notes: http://e2fsprogs.sourceforge.net/e2fsprogs-release.html#1.45.4

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2020-01-05 19:36:45 +01:00
Rosen Penev
c84a3458aa libcxx: Remove -flto from LDFLAGS
It seems the buildbots can't handle it.

Added a cmake option to find the cxxabi files as they are part of the
toolchain and not in the normal path. It doesn't seem to make a
difference, just gets rid of cmake warnings.

Added another small GCC warning fix. It's fairly minor.

This has no change in compiled size, and most likely no change in
behavior. Bumped the PKG_RELEASE anyway.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-01-05 19:36:45 +01:00
Josef Schlehofer
9a3b10b449 strace: update to version 5.4
Changelog: https://strace.io/files/5.4/

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2020-01-05 19:36:45 +01:00
Christian Lamparter
1e27befe63 mac80211: remove ath10k_pci memory hacks
These two hacks are no longer necessary as they've
been moved to a special variant of kmod-ath10k-ct.

So, if you have a device suffering from low-memory
situation and getting applications crashes due to
the OOM reaper or kernel panics with ath10k, please
use the "kmod-ath10k-ct-smallbuffers" package from
now on.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2020-01-05 19:02:55 +01:00
Jo-Philipp Wich
22a178e892 fstools: update to latest Git HEAD
823faa0 block: re-discover mtd devices on extroot mount retry

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2020-01-05 18:40:22 +01:00
Petr Štetiar
059505d614 procd: update to version 2020-01-04
a5af33ce9a16 instance: strdup string attributes
d2e8bf6ef7cf system: watchdog_set: fix misleading indentation
9814807bd71c system: sysupgrade: fix possibly misleading error
c7a2db3c1eb6 system: sysupgrade: rework firmware validation
ea45c4a0f07c system: fix failing image validation due to EINTR
4fde95506243 cmake: fix lookup of external libraries

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-01-05 14:13:01 +01:00
Petr Štetiar
cf3da66d2c base-files: sysupgrade: exit if the firmware download failed
Sysupgrade process shouldn't continue if the firmware image couldn't be
downloaded.

Ref: http://lists.infradead.org/pipermail/openwrt-devel/2019-December/020940.html
Reported-by: Petr Novák <petrn@me.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-01-05 14:13:01 +01:00
Florian Fainelli
e98e046f06 iperf: Allow enabling multicast support
iperf2 is useful for testing UDP over multicast, add an option to permit
the enabling/disabling of multicast support.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2020-01-03 20:30:09 -08:00
David Bauer
1de8fc93ca mt76: update to the latest version
38f4c57 mt76: mt76x0: fix default mac address overwrite

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-01-03 17:44:23 +01:00
Rosen Penev
9f7d36d1a9 libcxx: Add size optimizations
Changed standard to 2a. 2a (as well as 17) contain more constexpr
functions, which are evaluated at compile time. This saves space.

Added --gc-sections. With the CXXABI change, this now makes the package
smaller.

With these, size went down to 210845 on mipsel_24kc.

Also fixed two small compiler warnings. No real change in behavior.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-01-01 16:59:32 +01:00
Rosen Penev
1f8ab1c640 libcxx: Build with the libsupc++ ABI
Allows proper exception handling. This includes removing unimplemented
warnings.

File size increased as a result:

Before:

182874

After:

211006

On mipsel_24kc.

Note that this requires libsupc++ anyway. It's specified in g++-libcxx.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-01-01 16:59:13 +01:00
Hans Dedecker
051b9a144f ubox: update to version 2019-12-31
0e34af1 kmodloader: added -a arg to modprobe

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-12-31 14:35:35 +01:00
Jo-Philipp Wich
0590d74db2 Revert "iptables: update to 1.8.4"
This reverts commit 10cbc896c0.

The updated iptables package does not build due to the following error
encountered on the buildbots:

    cp: cannot stat '.../iptables-1.8.4/ipkg-install/usr/lib/libiptc.so.*': No such file or directory

The changelog mentions "build: remove -Wl,--no-as-needed and libiptc.so" so
it appears as if further packaging changes are needed beyond a simple
version bump.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-12-30 23:07:29 +01:00
DENG Qingfang
10cbc896c0 iptables: update to 1.8.4
Update iptables to 1.8.4

ChangeLog:
  https://netfilter.org/projects/iptables/files/changes-iptables-1.8.4.txt

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2019-12-30 21:14:31 +01:00
Daniel Golle
37929ddb70 procd: fix running jailed non-root process
Setting user and group for a jailed process caused the jail not to
come up. Fix this by passing user and group to ujail and change
user only once the jail has been setup.
This allows jailing services which refuse to run as root user.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-12-30 20:32:10 +02:00
David Bauer
3026cfe172 iwinfo: update to 2019-12-27
a6f6c05 nl80211: properly handle netdev names starting with "radio"
31dcef3 iwinfo: add several QC/A device ids

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-12-30 15:09:30 +01:00
David Bauer
985ec835ae rt2x00: add throughput LED trigger
This adds a (currently missing) throughput LED trigger for the rt2x00
driver. Previously, LED triggers had to be assigned to the netdev, which
was limited to a single VAP.

Signed-off-by: David Bauer <mail@david-bauer.net>
Tested-by: Christoph Krapp <achterin@googlemail.com>
2019-12-30 13:09:14 +02:00
Petr Štetiar
e3e939d8e6 libubox: update to version 2019-12-28
Fixes startup issues of some services in procd and bumps ABI_VERSION to 20191228.

Ref: http://lists.infradead.org/pipermail/openwrt-devel/2019-December/020840.html
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-12-28 21:28:09 +01:00
Hans Dedecker
3fe29ffa7b ubox: update to latest git HEAD
b30e0df kmodloader: print an error when no kernel module dir can be found
17689b6 logread: add option to filter for facilities
c9ffeac kmodloader: added -v arg to modeprobe

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-12-28 21:25:56 +01:00
Álvaro Fernández Rojas
f8424b1b26 brcm2708-userland: add new package with RPi utils
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2019-12-28 15:31:50 +01:00
Petr Štetiar
36bace78b7 ubus: update to version 2019-12-27
Fixes socket descriptor passing and bumps ABI_VERSION to 20191227.

Ref: http://lists.infradead.org/pipermail/openwrt-devel/2019-December/020840.html
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-12-28 08:09:50 +01:00
Jason A. Donenfeld
ea980fb9c6 wireguard: bump to 20191226
As announced on the mailing list, WireGuard will be in Linux 5.6. As a
result, the wg(8) tool, used by OpenWRT in the same manner as ip(8), is
moving to its own wireguard-tools repo. Meanwhile, the out-of-tree
kernel module for kernels 3.10 - 5.5 moved to its own wireguard-linux-
compat repo. Yesterday, releases were cut out of these repos, so this
commit bumps packages to match. Since wg(8) and the compat kernel module
are versioned and released separately, we create a wireguard-tools
Makefile to contain the source for the new tools repo. Later, when
OpenWRT moves permanently to Linux 5.6, we'll drop the original module
package, leaving only the tools. So this commit shuffles the build
definition around a bit but is basically the same idea as before.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-12-27 16:34:27 +01:00
Felix Fietkau
ba164533e2 mt76: update to the latest version
2a0a19168dce mt7603: remove vif sta from poll list on interface remove
dc14ac64e7f3 mt7615: remove vif sta from poll list on interface remove
d868638fdd96 mt76: remove obsolete .add_buf() from struct mt76_queue_ops
50b1e9bd25cd mt76: refactor cc_lock locking scheme
1987b741dac2 mt76: mt76x0: remove 350ms delay in mt76x0_phy_calibrate
c93a2d1c1304 mt76: mt76x02u: update ewma pkt len in mt76x02u_tx_prepare_skb
58e1e969f03e mt76: mt7615: remove unneeded semicolon
c14d6563c492 mt76: mt76x2e: disable pcie_aspm by default
f2be00b1011a mt76: dma: fix buffer unmap with non-linear skbs
20f05897873a mt76: mt76u: rely on usb_interface instead of usb_dev
3cbaf81a185e mt76: mt76u: rely on a dedicated stats workqueue
ea19cd7ac6c6 mt76: Remove set but not used variable 'idx'
a85c06cec844 mt76: use mt76_dev in mt76_is_{mmio,usb}
e0731a82a14f mt76: move SUPPORTS_REORDERING_BUFFER hw property in mt76_register_device
cfdb75124e7c mt76: mt7615: add ibss support
e2f90adcc3b1 mt76: move interface_modes definition in mt76_core module
5dfb0ec9c6d1 mt76: mt7615: disable radar pattern detector during scanning
7121e163c068 mt76: fix possible out-of-bound access in mt7615_fill_txs/mt7603_fill_txs
db78ee08d95e mt76: move mt76_get_antenna in mt76_core module
faf5e6fedd7e mt76: mt7615: read {tx,rx} mask from eeprom
44825e88a42d mt76: use rcu_read_lock_bh in mt76_dma_rx_poll
af83ee8de928 mt76: move initialization of some struct members to mt76_alloc_device
6493e234b40d mt76: introduce struct mt76_phy
ea46624355ec mt76: add support for an extra wiphy in the rx path
c5f1e83e30d4 mt76: add support for an extra wiphy in the main tx path
1d8011871458 mt76: add support for an extra wiphy in the tx status path
e5e755a7a6b0 mt76: add support for an extra wiphy in mt76_sta_state()
ee36c8e2170f mt76: move channel state to struct mt76_phy
d246beb23350 mt76: keep a set of software tx queues per phy
a3e88bcf17e8 mt76: move state from struct mt76_dev to mt76_phy
9cda51d195db mt76: move chainmask back to driver specific structs
df74d6993383 mt76: move txpower_conf back to driver specific structs
9e95fa6208a2 mt76: move txpower and antenna mask to struct mt76_phy
502d09a6e806 mt76: add multiple wiphy support to mt76_get_min_avg_rssi
842cae558b82 mt76: add priv pointer to struct mt76_phy
8ca04846857b mt76: add function for allocating an external wiphy
04cd17a64520 mt76: add ext_phy field to struct mt76_wcid
1c8d69e7d666 mt76: move ampdu_ref from mt76_dev to driver struct
e6659d12d01e mt76: mt7615: add dual-phy support for mac80211 ops
e5ea72ac7158 mt76: mt7615: add multiple wiphy support for smart carrier sense
bdcd45dd04e0 mt76: mt7615: add missing register init for dual-wiphy support
0954c37d015f mt76: mt7615: remove useless MT_HW_RDD0/1 enum
705a0fcdc3a5 mt76: mt7615: add multiple wiphy support to the dfs support code
849fefacc48a mt76: mt7615: rework chainmask handling
caa47af1d6f2 mt76: mt7615: add multiple wiphy support to the rx path
c5585a735864 mt76: mt7615: initialize dbdc settings on interface add
6265fd1954d7 mt76: mt7615: move radio/mac initialization to .start/stop callbacks
5725d1f919ff mt76: mt7615: select the correct tx queue for frames sent to the second phy
993683d62fb7 mt76: mt7615: add support for registering a second wiphy via debugfs
1456a53ddeb3 mt76: mt7615: update beacon contents on BSS_CHANGED_BEACON
ea41ad8bdb36 mt76: mt7615: defer mcu initialization via workqueue
59de6c9447a7 mt7615: replace sta_state callback with sta_add/sta_remove
88db676f8517 mt76: fix rx dma ring descriptor state on reset
fff2c07193bb Revert "mt76: use rcu_read_lock_bh in mt76_dma_rx_poll"
b3bf83d6da1c mt76: disable bh in mt76_dma_rx_poll
efcbee1d8bfc mt76: mt76x0u: do not reset radio on resume
5dc6f6fcc027 treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 174
84554a1fbb9a kernel: fix typos and some coding style in comments
a116b0a6afe9 mt76: fix possible undetected invalid MAC address
becdec318fce mt76: Off by one in mt76_calc_rx_airtime()
683eb244fa55 mt76: mt7603: reset STA_CCA counter setting the channel
812692db171c mt76: eeprom: add support for big endian eeprom partition
8b362382b10c mt76: mt7615: Fix build with older compilers
fc24815a2cb4 mt76: mt7615: report firmware version using ethtool
5cec93d57e6d mt76: mt76x02: fix coverage_class type
9354f0f41d1c mt76: mt7603: set 0 as min coverage_class value
a589d095eeb6 mt76: mt7615: add set_coverage class support
257c19f5b56f mt76: clear skb pointers from rx aggregation reorder buffer during cleanup
05c87a33831f mt76: do not overwrite max_tx_fragments if it has been set
05fa07c667f3 mt76: use AC specific reorder timeout
3ef5f3444a94 mt76: mt7615: measure channel noise and report it via survey
726fd501651a mt76: mt7615: increase MCU command timeout
99d8cd03edfa mt76: mt7603: fix input validation issues for powersave-filtered frames
32129af2604d net/wireless: Delete unnecessary checks before the macro call “dev_kfree_skb”
85a8abf80385 mt76: mt76x02: omit beacon slot clearing
8b5d3615e1c8 mt76: mt76x02: split beaconing
dc364547d91a mt76: mt76x02: add check for invalid vif idx
462a16e185e4 mt76: mt76x02: remove a copy call for usb speedup
fa24aba4c280 mt76: speed up usb bulk copy
6a84ad21306e mt76: mt76x02: add channel switch support for usb interfaces
09fcbc214b10 mt76: usb: use max packet length for m76u_copy
584c0784e019 mt76: mt76x02u: do not set NULL beacons
ca17e5657e8a mt76: mt76x02: minor mt76x02_mac_set_beacon optimization
d5fdd2e7ced8 mt76: mt7615: fix MT7615_CFEND_RATE_DEFAULT value
ae25a4bf99a9 mt76: mt7615: introduce LED support
cd759b00cc06 mt76: mt76x02: simplify led reg definitions
cf00467c5de4 mt76: mt7603: simplify led reg definitions
1c8e76f4de3e mt76: fix compilation warning in mt76_eeprom_override()
960f5cc2390b mt76: mt76u: fix endpoint definition order
15e1c29ed8e3 mt76: mt7615: add missing settings for simultaneous dual-band support
e09b9f61eeb3 mt76: mt7615: rework set_channel function
4cb1195a1530 mt76: mt7615: add set_antenna callback

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-12-27 16:08:13 +01:00
Eneas U de Queiroz
d5ede68f8b wolfssl: bump to 4.3.0-stable
This update fixes many bugs, and six security vulnerabilities, including
CVE-2019-18840.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2019-12-26 23:30:57 +01:00
Eneas U de Queiroz
3018c4c02f curl: rename cyassl->wolfssl
The old name was dropped and no longer works.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2019-12-26 23:30:33 +01:00
Petr Štetiar
7cb018c591 ubus: update to version 2019-12-19
Contains following changes:

 a1523d76b016 fix blob parsing vulnerability by using blob_parse_untrusted
 c60583743ccf ubus_monitor: workaround possibly false positive uses of memory after it is freed
 dac6c7c575ac ubusd_monitor: fix possible null pointer dereference
 060dfbb26da3 ubus_common: remove duplicate ARRAY_SIZE and add missing include
 c5f2053dfcfd workaround possibly false positive uses of memory after it is freed
 72be8e93f07d lua: ubus_lua_do_subscribe: fix copy&paste error
 a995b1e68129 lua: workaround false positive dereference of null pointer
 08f17c87a000 add fuzzer and cram based unit tests
 c413be9b376c refactor ubusd.c into reusable ubusd_library
 afd47189e864 examples: remove dead increments
 b2e544238672 add initial GitLab CI support
 058f4e9526ed libubus: fix incompatible pointer types assigment
 d2e026a33df8 iron out all extra compiler warnings
 5d7ca8309d0a ubusd/libubus-io: fix variable sized struct position warning
 d61282db5640 ubusd: fix comparison of integers of different signs
 90fb16234c22 cmake: enable extra compiler checks

and bumps ABI_VERSION to 20191219.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-12-26 08:54:42 +01:00
Petr Štetiar
2544cb1ba3 ucert: update to version 2019-12-19
14a279411cff fix certificate blob parsing vulnerability by using blob_parse_untrusted
19a7225ac018 fix leaking memory in cert_dump_blob
9dba44ddd4f5 fix possibly garbage value returned in cert_process_revoker
4462ff9dedfa add cram based unit tests
5fe64b5606aa cmake: split usign bits into static library
5d7626a2b6d8 cmake: reindent the file
e284ed941972 cmake: enable hardening compiler flags and fix the reported issues
7e5390666347 add initial GitLab CI support
fa0bf4ef45b1 cmake: add proper include and library dependencies

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-12-26 08:47:18 +01:00
Petr Štetiar
b9f3af7c89 libubox: update to version 2019-12-26
Contains following changes:

 eb7eb6393d47 blobmsg: fix array out of bounds GCC 10 warning
 86f6a5b8d1f1 blobmsg: reuse blobmsg_namelen in blobmsg_data
 586ce031eaa0 tests: fuzz: fuzz _len variants of checking methods
 b0e21553ae8c blobmsg: add _len variants for all attribute checking methods
 cd3059796a57 Replace use of blobmsg_check_attr by blobmsg_check_attr_len
 143303149c8b Ensure blob_attr length check does not perform out of bounds reads
 f2b2ee441adb blobmsg: fix heap buffer overflow in blobmsg_parse
 4dfd24ed88c4 blobmsg: make blobmsg_len and blobmsg_data_len return unsigned value
 2df6d35e3299 tests: add test cases for blobmsg parsing
 8a34788b46c4 test: fuzz: add blobmsg_check_attr crashes
 478597b9f9ae blob: fix OOB access in blob_check_type
 325418a7a3c0 tests: use blob_parse_untrusted variant
 0b24e24b93e1 blob: introduce blob_parse_untrusted
 6d27336e4a8b blob: refactor attr parsing into separate function
 833d25797b16 test: fuzz: add blob_parse crashes
 09ee90f8d6ed tests: add test cases for blob parsing
 436d6363a10b tests: add libFuzzer based tests
 bf680707acfd tests: add unit tests covered with Clang sanitizers
 f804578847de cmake: add more hardening compiler flags
 46f8268b4b5b blobmsg/ulog: fix format string compiler warnings
 eb216a952407 cmake: use extra compiler warnings only on gcc6+

and bumps ABI_VERSION to 20191226.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-12-26 08:41:37 +01:00
Kevin Darbyshire-Bryant
9cf9f903a3 wireguard: bump to 20191219
edad0d6 version: bump snapshot
0e38a3c compat: ipv6_dst_lookup_flow was backported to 5.3 and 5.4
2e52c41 wg-quick: linux: use already configured addresses instead of in-memory
3721521 tools: adjust wg.8 syntax for consistency in COMMANDS section
21a1498 wg-quick: linux: try both iptables(8) and nft(8) on teardown

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-12-24 20:53:32 +00:00
Hauke Mehrtens
80f06cb601 ath10k-firmware: Add kmod-ath10k-ct-smallbuffers to depends
Only select ath10k-ct-regular when smallbuffers version was not
selected.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-12-24 00:57:56 +01:00
Paul Fertser
1ac627024d kernel: ath10k-ct: provide a build variant for small RAM devices
According to many bugreports [0][1][2] the default ath10k-ct kernel
module is unusable on devices with just 64 MiB RAM or with 128 MiB and
dual ath10k cards. The target boards boot but eventually oom-killer
starts to interfere with normal operation, so the current state is
effectively broken.

Since the two patches in question have a performance impact (and
possibly some other unexpected side-effects) a dedicated build variant
is added so that users of the low RAM devices can still benefit from all
the ath10k-ct advantages.

According to testing [3] results, the issue can be experienced even with
"a 256MB device with three radios". Measured performance impact of
implementing small buffers was lowering "the maximum 5 GHz throughput on
an IPQ40xx device without RPS/XPS optimizations from 494/432 Mbit/s for
TCP transfers (download/upload) to 438/343 Mbit/s"

The patches were apparently inspired by QSDK tweaks used by ODMs for the
affected devices.

[0] http://lists.infradead.org/pipermail/openwrt-devel/2019-December/020573.html
[1] https://github.com/openwrt/openwrt/pull/1077
[2] https://bugs.openwrt.org/index.php?do=details&task_id=2664
[3] https://github.com/freifunk-gluon/gluon/pull/1440#issue-195607701

Signed-off-by: Paul Fertser <fercerpav@gmail.com>
[Remove double CONFIG_ATH10K-CT_LEDS entry]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-12-24 00:56:51 +01:00
Florian Fainelli
c715f71bce treewide: Remove self from MAINTAINER entries
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2019-12-23 13:18:04 -08:00
Álvaro Fernández Rojas
46c5880b0f brcm2708-gpu-fw: update to latest firmware
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2019-12-23 17:50:32 +01:00
Rosen Penev
fb19fb868c libcxx: Depenency fixes
Don't build with uClibc-ng. It's totally unsupported as several functions
are missing.

Make the musl libc support conditional.

Fix hash with make check FIXUP=1. Apparently I based the Makefile off of
libedit and forgot to fix the hash.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Fixes: 856ea2bad3 ("libcxx: Add package")
2019-12-23 12:08:23 +01:00
Sungbo Eo
a22b7a60d9 kernel: fix *-gpio-custom module unloading
Unloading and reloading the modules fails, as platform_device_put() does not
release resources fully.

root@OpenWrt:/# insmod i2c-gpio-custom bus0=0,18,0,5
[  196.860620] Custom GPIO-based I2C driver version 0.1.1
[  196.871162] ------------[ cut here ]------------
[  196.880517] WARNING: CPU: 0 PID: 1365 at fs/sysfs/dir.c:31 0x80112158
[  196.893431] sysfs: cannot create duplicate filename '/devices/platform/i2c-gpio.0'
...
[  197.513200] kobject_add_internal failed for i2c-gpio.0 with -EEXIST, don't try to register things with the same name in the same directory.

This patch fixes it by replacing platform_device_put() to
platform_device_unregister().

Fixes: da77408537 ("i2c-gpio-custom: minor bugfix")
Fixes: 3bc81edc70 ("package: fix w1-gpio-custom package (closes #6770)")

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2019-12-23 00:22:07 +01:00
Florian Eckert
432ec292cc rpcd: add respawn param
The rpcd service is an important service, but if the service stops
working for any reason, no one will ever respawn that service. With this
commit, the procd service will monitor if the rpcd service
is running. If the rpcd service has crashed, then
procd respawns the rpcd service.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2019-12-23 00:22:07 +01:00
Bjørn Mork
d034a1f457 adb: fix for SuperSpeed devices
The USB descriptor parsing in adb fails to detect SuperSpeed devices
because of the SuperSpeed Endpoint Companion Descriptor.  This
cherry-picks the upstream fix for the problem.

Unfortunately there never were a release with this fix before the
conversion to C++, so upgrading to a newer version isn't an option.

This makes adb work with SuperSpeed devices like the Sierra Wireless
EM7565.  Tested and verified.

Signed-off-by: Bjørn Mork <bjorn@mork.no>
2019-12-23 00:22:07 +01:00
Maxim Storchak
dd299805ad ca-certificates: provide ca-certs by both ca-certificates and ca-bundle
- both packages provide ca-certs
- make ca-bundle the default provider

This should allow easy transition between these two forms of CA certificates storage

Signed-off-by: Maxim Storchak <m.storchak@gmail.com>
2019-12-23 00:22:07 +01:00
Rosen Penev
856ea2bad3 libcxx: Add package
Currently in OpenWrt, there are two libc++: libstdcpp and uClibc++. The
former is huge and the latter supports only C++98 with some basic support
for C++11. Those C++ versions seem to be specific to the compiler version

libcxx supports C++11 and above while being much smaller than libstdcpp.
On mt7621, these are the sizes of the ipks that I get:

libstdcpp: 460786
libcxx: 182881
uClibc++:67720

libcxx is faster than uClibc++ and is under active development as part of
the LLVM project while uClibc++ is effectively dead.

This PR modifies uclibc++.mk to expose the make menuconfig option. Further
cleanup is beyond the scope of this PR. What that means is, this is not
used by default.

A g++-libcxx wrapper based on the uClibc++ one was added. Works the same
way.

Compile tested with all packages that use uclibc++.mk in their Makefiles
under mipsel_24kc. kismet fails compilation but that package needs to be
cleaned up and updated.

Runtime tested with gddrescue, gdisk, dcwapd, bonnie++, and aircrack-ng
on a TP-Link Archer C7v2.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2019-12-23 00:22:07 +01:00
Rosen Penev
fd211e1677 iperf: Fix compilation with libcxx
Avoids redefining bool.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2019-12-23 00:22:07 +01:00
Stefan Lippers-Hollmann
6598264266 ath10k-firmware: update Candela Tech firmware images
The release notes since last time for wave-1:

 * No changes to wave-1, but I make a version .014 copy anyway to keep
   the makefile in sync.

The release notes since last time for wave-2:

 * December 16, 2019: Wave-2 has a fix to make setting txpower work
                      better. Before setting the power was ignored at
                      least some of the time (it also appeared to work
                      mostly, so I guess it was being correctly set in
                      other ways).

Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
2019-12-23 00:21:46 +01:00
DENG Qingfang
36baba65ec linux-firmware: update to 20191215
Update linux-firmware to 20191215

git log --pretty=oneline --abbrev-commit 20190815..20191215

eefb5f7 inside-secure: add new "mini" firmware for the EIP197 driver
dd1a12e Merge branch 'RB3-adsp-cdsp-mss-v4' of https://github.com/andersson/linux-firmware
c523dcd WHENCE: Add raspberry-pi4 SDIO file
99a15a4 Merge branch 'rpi4-fw' of https://git.kernel.org/pub/scm/linux/kernel/git/matthias.bgg/linux-firmware
2260cbd Merge branch 'master' of https://github.com/dikshitaagarwal/video_firmware_5.4
4c688be Merge branch 'for-upstream' of git://git.chelsio.net/pub/git/linux-firmware
e10ed21 qcom: update venus firmware files for v5.4
af4c4be cxgb4: Update firmware to revision 1.24.11.0
f93c7a1 brcm: Add BCM43455 NVRAM for Raspberry Pi 4 B
212e441 qcom: Add SDM845 Compute DSP firmware
ec84cf9 qcom: Add SDM845 Audio DSP firmware
62d0a1a qcom: Add SDM845 modem firmware
e8a0f4c rtl_nic: add firmware rtl8168fp-3
9581f15 Merge branch 'nxp_mc' of https://github.com/NXP/linux-firmware
978c04e linux-firmware: Update NXP Management Complex firmware to version 10.18.0
c62c3c2 linux-firmware: Update firmware file for Intel Bluetooth AX201
6272383 linux-firmware: Update firmware file for Intel Bluetooth AX200
84a7ca5 linux-firmware: Update firmware file for Intel Bluetooth 9560
96c3994 linux-firmware: Update firmware file for Intel Bluetooth 9260
7319341 amdgpu: update navi14 vcn firmware
b363d9d amdgpu: update navi10 vcn firmware
f1100dd Merge branch 'ehl_tgl_guc_huc' of git://anongit.freedesktop.org/drm/drm-firmware
4debf21 i915: Add HuC firmware v7.0.3 for TGL
1eb2ac4 i915: Add GuC firmware v35.2.0 for TGL
4b0a210 i915: Add HuC firmware v9.0.0 for EHL
610fe75 i915: Add GuC firmware v33.0.4 for EHL
11bdc57 rtw88: RTL8723D: add firmware file v48
9e194c7 qed: Add firmware 8.40.33.0
4065643 amdgpu: add new navi14 wks gfx firmware for 19.30
d4f88ea amdgpu: update navi14 firmware for 19.30
ea755b6 amdgpu: update raven firmware for 19.30
340e06e linux-firmware: Add firmware file for Intel Bluetooth AX201
ad7a8b2 Mellanox: Add new mlxsw_spectrum2 firmware 29.2000.2308
e756bf3 Mellanox: Add new mlxsw_spectrum firmware 13.2000.2308
b27d123 rtl_nic: add firmware files for RTL8153
180e2b4 rtl_bt: Update configuration file for BT part of RTL8822CU
0acd93e bnx2x: Add FW 7.13.15.0.
2b016af linux-firmware: Update AMD cpu microcode
4c3e853 linux-firmware: Update firmware file for Intel Bluetooth AX200
7a79d22 linux-firmware: Update firmware file for Intel Bluetooth AX201
fdab23a linux-firmware: Update firmware file for Intel Bluetooth 9560
b68efd7 linux-firmware: Update firmware file for Intel Bluetooth 9260
aa95e90 amdgpu: add initial navi14 firmware form 19.30
c1ce20e rtlwifi: rtl8821ae: Add firmware for the RTL8812AE variant.
7d187ac ice: Fix up WHENCE entry and symlink
4c55b97 Merge branch 'dev-queue' of git://git.kernel.org/pub/scm/linux/kernel/git/jkirsher/firmware
7c4db73 nvidia: Update Tegra210 XUSB firmware to v50.24
c054c53 nvidia: Add XUSB firmware for Tegra194
9cfefbd Remove duplicate symlinks
2de7abd copy-firmware: Create symlinks from WHENCE file
2116bcd Make symlinks consistent
c0590d8 amdgpu: update vega20 ucode for 19.30
43cc648 amdgpu: update vega12 ucode for 19.30
ffa0ed7 amdgpu: update vega10 ucode for 19.30
83e1b41 amdgpu: update picasso ucode for 19.30
7008617 amdgpu: update raven2 ucode for 19.30
9200baa amdgpu: update raven ucode for 19.30
f25a39c amdgpu: add new raven rlc firmware
9ae61e7 ice: Add package file for Intel E800 series driver
417a9c6 amdgpu: add initial navi10 firmware
702cc63 Merge branch 'cml_tgl-icl-dmc_huc_updates' of git://anongit.freedesktop.org/drm/drm-firmware
3182b4b Merge branch 'gpu-845' of https://github.com/ndechesne/linux-firmware
3ea84e5 drm/i915/firmware: Add v9.0.0 of HuC for Icelake
60ddd0e drm/i915/firmware: Add v4.0.0 of HuC for Cometlake
c47d8f8 drm/i915/firmware: Add v4.0.0 of HuC for Geminilake
2cdb78c drm/i915/firmware: Add v2.0.0 of HuC for Broxton
38965af drm/i915/firmware: Add v4.0.0 of HuC for Kabylake
8d127af drm/i915/firmware: Add v2.0.0 of HuC for Skylake
e7b6fa7 drm/i915/firmware: Add v33 of GuC for CML
e4ea25f drm/i915/firmware: Add v2.04 of DMC for TGL
51deca6 drm/i915/firmware: Add v1.09 of DMC for ICL
88ea23e qcom: add firmware files for Adreno a630
6c6918a linux-firmware: Update firmware file for Intel Bluetooth AX201
6ddb9d9 Merge branch 'for-upstream' of git://git.chelsio.net/pub/git/linux-firmware
d45c950 nvidia: Add XUSB firmware for Tegra186
65c6595 Add symlinks for Tegra VIC firmware binaries
0b22bfc rtl_bt: Update RTL8723D BT FW to 0x828A_96F1
f667c00 rtl_nic: add firmware rtl8125a-3
fe1ae0d linux-firmware: Add firmware file for Intel Bluetooth AX201
2f885ba Chelsio driver loads firmware configuration file to allow firmware to distribute resources before chip bring up. Chelsio NIC driver, cxgb4 searches for firmware config file at /lib/firmware/cxgb4/ directory.
7307a29 brcm: Add 43455 based AP6255 NVRAM for the Minix Neo Z83-4 Mini PC
65d02cd brcm: Add 43340 based AP6234 NVRAM for the PoV TAB-P1006W-232 tablet
f38fb4f Merge tag 'iwlwifi-fw-2019-08-23' of git://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/linux-firmware
40e4162 iwlwifi: update FWs to core45-152 release
c0fb3d9 check_whence: Add copy-firmware.sh to the list of ignored files
aa703aa rtl_bt: Update RTL8822C BT FW to V0x098A_94A4
665001a linux-firmware: Update firmware file for Intel Bluetooth AX200
c0ca980 linux-firmware: Update firmware file for Intel Bluetooth AX201
b6427bf linux-firmware: Update firmware file for Intel Bluetooth 9560
fe48882 linux-firmware: Update firmware file for Intel Bluetooth 9260
ebd40c6 Mellanox: Add new mlxsw_spectrum firmware 13.2000.1886

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
[Added missing symbolic links to Makefile]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-12-23 00:20:55 +01:00
Jo-Philipp Wich
97af1fc979 uhttpd: reset PKG_RELEASE
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-12-22 23:03:59 +01:00
Jo-Philipp Wich
f34f9a414d uhttpd: update to latest Git HEAD
5f9ae57 client: fix invalid data access through invalid content-length values

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-12-22 22:50:00 +01:00
Jo-Philipp Wich
5f4244150f fstools: update to latest git HEAD
b4e25d5 libblkid-tiny: fix symbol collision with full libblkid

Fixes: FS#2691, FS#2692
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-12-22 21:30:02 +01:00
Magnus Kroken
bf43e5bbf9 openvpn: update to 2.4.8
Backport two upstream commits that allow building
openvpn-openssl without OpenSSLs deprecated APIs.

Full changelog:
https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24#OpenVPN2.4.8

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2019-12-22 10:45:09 +01:00
David Bauer
4113d8a255 ipq-wifi: add BDF for Aruba AP-303
The BDF originates from the vendor-firmware.

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-12-20 17:48:52 +01:00
Rafał Miłecki
4ebc9dc9c4 fstools: update to latest git HEAD
111a43f libblkid-tiny: vfat: Change parsing label in special cases
f43a1aa libblkid-tiny: vfat: Fix reading labels which starts with byte 0x05
157924d libblkid-tiny: add blkid_probe_set_id_label() stub
0c5761f libblkid-tiny: use separated buffer for each block device read
b82c5c1 libblkid-tiny: add functions for allocating & freeing probe struct
12851d6 blockd: don't flush devices list on "hotplug" call
5ea47fe blockd: fix vlist memory corruption

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-12-20 08:20:16 +01:00
Petr Štetiar
b70052c6e6 uci: update to latest Git HEAD
165b44413145 uci: Fix extra semicolons warnings
66264ed9ec9e cmake: add more hardening compiler flags
cca6f105fae2 libuci: refactor uci_get_errorstr
750b046eb77f tests: cram: Lua: add test case for uci_get_errorstr
654d7c33da28 lua: add missing forward declaration
03dfbbe6fef7 cli: fix format string clang-10 warning

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-12-19 22:41:57 +01:00
Karl Palsson
34466afb28 uboot-envtools: ath79: fix missing etactica eg200 support
Was inadvertantly missed from the inital forward port from ar71xx to
ath79.

Fixes: 1588114cf2 ("ath79: add etactica-eg200 support")
Signed-off-by: Karl Palsson <karlp@etactica.com>
[commit description/subject facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-12-19 22:41:57 +01:00
Paul Fertser
174ff7d754 base-files: send informational UDP message each second waiting
The preinit network initialisation and failsafe informational message
are inherently racy as the interface takes some time to become
functional after "ip link set $pi_ifname up" command.

Consider this timing:

[   12.002713] IPv6: ADDRCONF(NETDEV_UP): eth1: link is not ready
[   12.008819] IPv6: ADDRCONF(NETDEV_UP): eth1.1: link is not ready
[   12.118877] random: procd: uninitialized urandom read (4 bytes read)
[   13.068614] eth1: link up (1000Mbps/Full duplex)
[   13.073309] IPv6: ADDRCONF(NETDEV_CHANGE): eth1: link becomes ready
[   13.080445] IPv6: ADDRCONF(NETDEV_CHANGE): eth1.1: link becomes ready

Since the UDP message was sent prior to link becoming ready, it was
never seen on the wire.

The default failsafe timeout is set to 2 seconds, so with this patch
there are two attempts to send the message, one spent in vain, and the
other visible in tcpdump on an attached host. Of course, in cases when
the interface is brought up faster it leads to two messages, however it
should be harmless. This patch (almost) doesn't affect normal boot time
while still allowing to enter failsafe reliably with a single button
press, matching the official "generic failsafe" documentation.

Signed-off-by: Paul Fertser <fercerpav@gmail.com>
2019-12-19 22:41:57 +01:00
Petr Štetiar
98b3526bf2 iputils: move iputils tools to packages feed
iputils has moved from the master tree to the packages feed, and is
switching from the abandoned skbuff.net upstream to
github.com/iputils/iputils.

Ref: https://git.openwrt.org/556698cedf9e86a0ffe9f148d4e8e733676c26f6
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-12-19 22:41:57 +01:00
Ansuel Smith
1698b36bb4 kernel: make dwc3 usb driver depends on kernel 4.14
- usb-dwc3-of-simple is not used anymore as we have qcom dedicated driver
- usb-phy-qcom-dwc3 is not dependent of dwc3-of-simple

Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
2019-12-19 22:41:57 +01:00
Rafał Miłecki
17e2246eca mac80211: brcm: add support for BCM4359 SDIO chipset
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-12-19 09:17:22 +01:00
Rafał Miłecki
c3aa33bf70 mac80211: brcm: backport 5.5 and 5.6 kernel patches
This update doesn't include:
3b1e0a7bdfee brcmfmac: add support for SAE authentication offload
be898fed355e brcmfmac: send port authorized event for FT-802.1X
due to nl80211 dependencies.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-12-19 08:41:34 +01:00
Álvaro Fernández Rojas
859fac2b93 cypress-nvram: add new package
This package contains nvram files for brcmfmac, a mac80211 driver for FullMAC
Cypress devices.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2019-12-18 08:44:48 +01:00
Kevin Darbyshire-Bryant
ca7ed1712e wireguard: bump to 0.0.20191212
1ec6ece version: bump snapshot
e13de91 main: remove unused include <linux/version.h>
72eb17c wg-quick: linux: support older nft(8)
1d8e978 global: fix up spelling
e02713e wg-quick: linux: add support for nft and prefer it
b4e3a83 compat: support building for RHEL-8.1 instead of RHEL-8.0
f29e3ac socket: convert to ipv6_dst_lookup_flow for 5.5

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-12-17 19:46:41 +00:00
Álvaro Fernández Rojas
1115c9aad3 brcmfmac-board-rpi: remove uneeded package
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2019-12-17 19:20:02 +01:00
Álvaro Fernández Rojas
e332453857 cypress-firmware: add new package
This package contains firmwares provided by Cypress
See https://community.cypress.com/community/linux

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2019-12-17 19:20:02 +01:00
Imran Khan
27d69d2561 uboot-envtools: check for config prior to append
In the rare event a pre-populated fw_env.config exists in the rootfs prior
to firstboot, calling fw_setenv after the system has initialised will
annihilate the devices environment due to two identical lines in
fw_env.config.

Check for existence prior to blind appendage.

Signed-off-by: Imran Khan <gururug@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[daniel@makrotopia.org: fixed patch format, improved grep, cosmetics]
2019-12-17 19:35:16 +02:00
Jo-Philipp Wich
762aac50c0 rpcd: update to latest Git HEAD
aaa0836 file: extend exec acl checks to commands with arguments

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-12-17 08:33:33 +01:00
David Bauer
6ec288a178 mac80211: fix txpower when using DFS channels
With this patch, txpower for the PHY is applied when configuring the PHY
instead of the VIF. Otherwise, the configured txpower is not applied for
the first initialized VIF when using DFS channels, as it is currently
applied too early when the CAC hasn't finished.

Reported-by: Martin Weinelt <martin@darmstadt.freifunk.net
Signed-off-by: David Bauer <mail@david-bauer.net>
Tested-by: Martin Weinelt <martin@darmstadt.freifunk.net>
2019-12-16 00:50:10 +01:00
Hans Dedecker
a15f658ed0 odhcpd: update to latest git HEAD
d60f0a6 treewide: optimize syslog priority values

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-12-15 20:54:25 +01:00
Roman Bazalevsky
69fff339e9 sunxi: add support for FriendlyARM Nano PI NEO Air dev board
Hardware:

  Allwinner H3 upto 1.2GHz
  512MB DDR3 RAM
  8GB on-board eMMC - mountable, can be used as boot with custom boot.scr
  microSD-card slot
  WiFi 802.11n (AP6212A) - working
  Bluetooth (AP6212A) - not working for now
  Micro-USB OTG + 2*USB headers
  UART 3.3V - working
  GPIO/I2C/SPI 2.54mm headers

Standard sunxi SD-card installation procedure - copy image to SD card,
insert in into slot and boot. First time you will need UART adapter to
enable on-board wireless (or just build custom image with enabled WiFi).

To boot from eMMC:

  - boot from SD
  - copy SD image to emmc (dd bs=... if=.... of=/dev/mmcblk2)
  - mount eMMC boot partition and replace boot script on it
  - unmount, reboot

To use i2c, spi and more uarts - replace dtb on boot partition with
fixed one (use dtc or fdt-tools).

Signed-off-by: Roman Bazalevsky <rvb@rvb.name>
[rebase onto device name consolidation patches]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-12-13 12:20:09 +01:00
Adrian Schmutzler
a4cdb537b1 sunxi: use vendor_device scheme for device definitions
This changes device definition to resemble the vendor_device scheme
already present for the majority of device compatible strings.

By doing this, we achieve several advantages at once:
- Image names and node names are more consistent with other targets.
- SUPPORTED_DEVICES can be set automatically for all but two cases.
- Image names and node names are in line with DEVICE_TITLEs.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-12-13 12:19:44 +01:00
Koen Vandeputte
487e0631d0 ath10k-firmware: update Candela Tech firmware images
The release notes since last time for wave-1:

  *  November 29, 2019:  Fix IBSS merge issue, related to TSF id leakage bug in firmware code.
                         Thanks for Ahmed Zaki @ Mage-Networks for helping to diagnose and test.

The release notes since last time for wave-2:

  *  December 6, 2019:  Fix 160Mhz problem caused by logic that did not take into account the fact that
                        160Mhz has only 1/2 of the NSS of lower bandwidths in the rate table.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-12-10 09:50:42 +01:00
Daniel Golle
3ee767086d mac80211: don't call md5sum on non-existing file
If no AP is configured, hostapd-${phy}.conf is not being created,
hence md5sum fails and causes log pollution:

netifd: radio1 (3183): md5sum: can't open '/var/run/hostapd-phy1.conf': No such file or directoy

Hence make sure the file exists when calling md5sum.

Fixes: a5bc9787d4 ("mac80211: add support for dynamically reconfiguring wifi")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-12-08 19:53:11 +01:00
Daniel Golle
24b97579d2 hostapd: re-introduce process tracking
Before commit 60fb4c92b6 ("hostapd: add ubus reload") netifd was
tracking hostapd/wpa_supplicant and restarting wifi in case of a
process crash. Restore this behaviour by tracking the PIDs of
hostapd and wpa_supplicant.
Also make sure hostapd and/or wpa_supplicant have been started before
emmitting ubus calls to them using ubus wait_for.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-12-08 19:52:39 +01:00
Daniel Golle
2568db3fff mac80211: track unmanaged interfaces
In addition to wpa_supplicant and hostapd managed interfaces, also
track unmanaged interfaces. This is used to make sure that running
'wifi' always returns into a clean state regardless of what the user
did before.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-12-08 19:52:39 +01:00
Felix Fietkau
c888e17e06 hostapd: manage instances via procd instead of pidfile
Allows graceful restart of crashing hostapd/wpa_supplicant instances

Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[daniel@makrotopia.org: attempt to launch only present services]
2019-12-08 19:52:38 +01:00
Felix Fietkau
4225b83a76 hostapd: fix crash regression triggered by mesh mode
Fixes: 60fb4c92b6 ("hostapd: add ubus reload")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[daniel@makrotopia.org: polish commit message]
2019-12-08 19:51:53 +01:00
David Bauer
1ccf4bb93b hostapd: enable CTRL_IFACE_MIB for hostapd-full
This enables the CTRL_IFACE_MIB symbol for wpad-full and hostapd-full.
If it is not enabled, statistic outputs such as "hostapd_cli all_sta"
are empty.

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-12-08 12:49:09 +01:00
Hans Dedecker
39d9010c20 iproute2: update to 5.4.0
Update iproute2 to latest stable version, see https://lwn.net/Articles/805654/
for the changes in 5.4.0

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-12-06 18:35:55 +01:00
Jason A. Donenfeld
82a8f91c89 wireguard: bump to 0.0.20191205
* wg-quick: linux: suppress error when finding unused table

This fixes a spurious warning messages seen with recent versions of iproute2
and kernels.

* wg-quick: linux: ensure postdown hooks execute
* wg-quick: linux: have remove_iptables return true
* wg-quick: linux: iptables-* -w is not widely supported

Adding in iptables had some hiccups. For the record, I'm very unhappy about
having to put any firewalling code into wg-quick(8). We'll of course need to
support nftables too at some point if this continues. I'm investigating with
upstream the possibility of adding a sysctl to patch the issue that iptables
is handling now, so hopefully at somepoint down the line we'll be able to shed
this dependency once again.

* send: use kfree_skb_list
* device: prepare skb_list_walk_safe for upstreaming
* send: avoid touching skb->{next,prev} directly

Suggestions from LKML.

* ipc: make sure userspace communication frees wgdevice

Free things properly on error paths.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-12-05 12:11:40 +01:00
Alin Nastac
416d2cc71e gre: add ipv6 parameter to gre interfaces
IPv6 protocol is enabled on all gre interfaces, but gre(v6)tap
interfaces are usually added to a bridge interface, in which case
IPv6 should be enabled only on the bridge interface.

Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
2019-12-02 21:52:33 +01:00
Hans Dedecker
806339a4cc curl: bump to 7.67.0
For changes in 7.67.0; see https://curl.haxx.se/changes.html#7_67_0

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-12-02 20:50:57 +01:00
Christian Lamparter
82a741c774 mac80211: switch to upstream owl-loader driver
The Owl Loader (named after the codename that Atheros gave
these devices back in the day) has been accepted upstream.

This patch removes the "misc" driver OpenWrt had and adds
the remaining differences against the version that ships
with 5.4-rc1 into a separate "120-owl-loader-compat.patch"
file that can be cut down once AR71XX is being dealt with.

Note: I decided to keep the existing (kmod-)owl-loader
package name around for now. The kernel module file in
the kmod package will be called ath9k_pci_owl_loader.ko
though.

Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-11-30 13:21:20 +01:00
Satadru Pramanik
f1410902e6 busybox: add glibc dependency for vi regex option
Build with musl libc fails with BUSYBOX_DEFAULT_FEATURE_VI_REGEX_SEARCH
enabled. Enabling BusyBox's vi regex search option depends upon GNU
regex.  Musl libc does not support GNU regex[1].

So this patch adds explicit dependency on GNU libc and while at it
remove the FIXME comment.

1. https://wiki.musl-libc.org/functional-differences-from-glibc.html

Ref: https://dev.archive.openwrt.org/ticket/21741.html
Ref: https://forum.openwrt.org/t/busybox-not-compiling/
Ref: https://github.com/openwrt/packages/issues/4453
Signed-off-by: Satadru Pramanik <satadru@umich.edu>
[commit subject/description tweaks, From: fix, USE_GLIBC fix, removed comments]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-11-30 00:53:36 +01:00
DENG Qingfang
ca7f1ef575 Revert "mt76: probe load mt7615 driver asynchronously"
This reverts commit 8176431963 ("mt76: probe load mt7615 driver
asynchronously").  After said commit, users report that MT7615 no longer
works on boot and they have to manually enable WiFi (via command "wifi") to
make it working again.

Fixes: FS#2546
Ref: https://forum.openwrt.org/t/xiaomi-r3p-no-wifi-on-boot/45509
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
[commit description facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-11-30 00:53:36 +01:00
Hans Dedecker
f573e5756a netifd: update to latest git HEAD
e45b140 interface: warn if ip6hint is truncated

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-11-29 21:56:42 +01:00
Santiago Piccinini
c7fb12beb1 mac80211: unify setup of iw htmode for mesh and adhoc
This also fixes mac80211_prepare_vif iw set channel in monitor or
mesh mode.

Signed-off-by: Santiago Piccinini <spiccinini@altermundi.net>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[daniel@makrotopia.org: fixed commit message]
2019-11-29 18:26:20 +01:00
Daniel Golle
9c272dd3e4 ucert: update to latest git HEAD
e4bd927 cast ucert_argv to proper type when passing to execv

Fixes warnings:

warning: passing argument 2 of 'execv' from incompatible pointer type
[-Wincompatible-pointer-types]
  254 |       execv(usign_argv[0], usign_argv)

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-11-29 00:09:48 +01:00
Jason A. Donenfeld
2fedf023e4 wireguard: bump to 0.0.20191127
* messages: recalculate rekey max based on a one minute flood
* allowedips: safely dereference rcu roots
* socket: remove redundant check of new4
* allowedips: avoid double lock in selftest error case
* tools: add syncconf command

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2019-11-27 20:20:31 +01:00
Hans Dedecker
9057708b3d procd: update to latest git HEAD
3aa051b system: sysupgrade: close input side of pipe before reading

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-11-26 22:16:43 +01:00
Piotr Dymacz
5d2a900163 uboot-envtools: ath79: add support for YunCore XD4200 and A782
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2019-11-25 17:32:46 +01:00
Petr Štetiar
441c7944e6 libubox: update to latest Git HEAD
07413cce72e1 tests: jshn: add more test cases
26586dae43a8 jshn: fix missing usage for -p and -o arguments
8e832a771d3a jshn: fix off by one in jshn_parse_file
cb698e35409b jshn: jshn_parse: fix leaks of memory pointed to by 'obj'
c42f11cc7c0f jshn: main: fix leak of memory pointed to by 'vars'
93848ec96dc5 jshn: refactor main into smaller pieces
9b6ede0e5312 avl: guard against theoretical null pointer dereference
c008294a8323 blobmsg_json: fix possible uninitialized struct member
0003ea9c45cc base64: fix possible null pointer dereference
8baeeea1f52d add assert.h component
b0a5cd8a28bf add cram based unit tests
1fefb7c4d7f9 add initial GitLab CI support
c955464d7a9b enable extra compiler checks
6228df9de91d iron out all extra compiler warnings

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-11-24 14:19:43 +01:00
Hans Dedecker
68fb38548b nghttp2: bump to 1.40.0
41060943 Bump up version number to 1.40.0, LT revision to 33:0:19
5ae9bb89 Fail fast if huffman decoding context is in failure state
bb519154 Merge pull request #1413 from nghttp2/check-authority
77f5487a Add nghttp2_check_authority as public API
db9a8f6e Merge pull request #1409 from nghttp2/fix-wrong-stream-close-error-code
6f28a69b Merge pull request #1411 from richard78917/fix_warning
6ce4835e Fix the bug that stream is closed with wrong error code
29042f1c priority_spec::valid(): remove const qualifier from return value
d08c4395 Merge pull request #1405 from nghttp2/huffman
5d6964cf Faster huffman decoding
0d855bfc Faster huffman encoding
6f967c6e Fix errors reported by coverity scan
b8a43db8 Merge pull request #1394 from wrowe/fix-static-libname
70b62c1a Merge pull request #1393 from wrowe/fix-static-msvcrt
28b1f0b9 Avoid filename collision of static and dynamic lib
1dd966f1 Merge branch 'fix-nghttpx-mruby'
fe8946dd nghttpx: Fix bug that mruby is incorrectly shared between backends
72b71a6b Add new flag ENABLE_STATIC_CRT for Windows
f8933fe5 nghttpx: Reconnect h1 backend if it lost connection before sending headers
89c33d69 Update neverbleed
7079dc5e Update neverbleed to fix memory leak
5080db84 Revert "nghttpx: Reconnect h1 backend if it lost connection before sending headers"
053c7ac5 nghttpx: Returns 408 if backend timed out before sending headers
8a59ce6d nghttpx: Reconnect h1 backend if it lost connection before sending headers
f2fde180 Remove redundant null check before delete
95efb3e1 Don't read too greedily
0a6ce87c Add nghttp2_option_set_max_outbound_ack
2aa79fa9 Bump up LT revision to 32:0:18
3980678d Merge branch 'nghttpx-fix-request-stall'
319d5ab1 nghttpx: Fix request stall
448bbbc3 integration-tests: gofmt
e575a2aa Merge pull request #1377 from Aldrog/cmake_systemd
4f7aedc9 cmake: Support building nghttpx with systemd
7a590893 Fix clang-8 warning
ee443134 Fix FPE with default backend
abef9b90 Fix log-level is not set with cmd-line or configuration file
12a999f0 Bump up version number to 1.40.0-DEV
acfb3607 Update manual pages

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-11-23 21:32:04 +01:00
Sungbo Eo
298814e6be base-files: config_generate: split macaddr with multiple ifaces
netifd does not handle network.@device[x].name properly if it
contains multiple ifaces separated by spaces. Due to this, board.d
lan_mac setup does not work if multiple ifaces are set to LAN by
ucidef_set_interface_lan.

To fix this, create a device node for each member iface when
running config_generate instead. Those are named based on the
member ifname:

  ucidef_set_interface_lan "eth0 eth1.1"
  ucidef_set_interface_macaddr "lan" "yy:yy:yy:yy:yy:01"

will return

  config device 'lan_eth0_dev'
        option name 'eth0'
        option macaddr 'yy:yy:yy:yy:yy:01'

  config device 'lan_eth1_1_dev'
        option name 'eth1.1'
        option macaddr 'yy:yy:yy:yy:yy:01'

ref: https://github.com/openwrt/openwrt/pull/2542

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
[always use new scheme, extend description, change commit title]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-11-23 11:58:27 +01:00
Sebastian Kemper
28d84331f4 mac80211: add default value for noscan
Commit b3d8b3a introduced a new test:

[ -n "$noscan" -a "$noscan" -gt 0 ] && hostapd_noscan=1

But if length of "$noscan" is zero (noscan is not set) this doesn't stop
the shell to evaluate the rest of the test.

root@hank2:~# [ -n "$noscan" -a "$noscan" -gt 0 ]
ash: out of range
root@hank2:~#

So when radios are brought up this shows in the log:

Sat Nov 23 10:51:38 2019 daemon.info procd: - init complete -
Sat Nov 23 10:52:24 2019 daemon.notice netifd: radio1 (1243): sh: out of range
Sat Nov 23 10:52:25 2019 user.notice firewall: Reloading firewall due to ifup of wan (eth0.2)
Sat Nov 23 10:52:25 2019 daemon.notice netifd: radio0 (1242): sh: out of range
Sat Nov 23 10:52:26 2019 authpriv.info dropbear[1536]: Not backgrounding

This commit sets noscan to 0 if unset and removes the gratuitous length
check, preventing the warning.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
2019-11-23 11:28:27 +01:00
Kevin Darbyshire-Bryant
f1ca277405 dnsmasq: correct sense & usage of dnsseccheckunsigned
dnsmasq v2.80 made 'dnssec-check-unsigned' the default, thus the uci
option was rendered ineffectual: we checked unsigned zones no matter the
setting.

Disabling the checking of unsigned zones is now achieve with the
"--dnssec-check-unsigned=no" dnsmasq option.

Update init script to pass required option in the disabled case.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-11-23 08:29:15 +00:00
Hauke Mehrtens
0062aad8ec e2fsprogs: Fix CVE-2019-5094 in libsupport
This adds the following patch from debian:
https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git/commit/?h=debian/stable&id=09fe1fd2a1f9efc3091b4fc61f1876d0785956a8
libsupport: add checks to prevent buffer overrun bugs in quota code

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-11-22 22:48:01 +01:00
Hauke Mehrtens
a36c464efe mac80211: update to version 5.4-rc8
This updates mac80211 to backports based on kernel 5.4-rc8.

The deleted patches were applied upstream.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-11-22 20:35:54 +01:00
Jo-Philipp Wich
482114d3f7 firewall: update to latest Git HEAD
8174814 utils: persist effective extra_src and extra_dest options in state file
72a486f zones: fix emitting match rules for zones with only "extra" options

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-11-22 18:53:57 +01:00
Hauke Mehrtens
d3a8a62692 wireless-regdb: Make it build with python2
This backports a patch to build it work with python2 in addition to
python3.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Petr Štetiar <ynezz@true.cz>
2019-11-21 23:47:35 +01:00
Vladimir Vid
e7a96acf1b uboot-mvebu: add uDPU board
* add u-boot support for uDPU
* add line to copy u-boot binary to STAGING_DIR_IMAGE, this can later be used
as BL33 variable required for ATF build
* add patch to increase max gunzip size in mvebu_armada-37xx.h which is
required for booting the itb recovery images

Signed-off-by: Vladimir Vid <vladimir.vid@sartura.hr>
2019-11-21 07:32:41 +01:00
Vladimir Vid
52459ebf77 packages/boot: add arm-trusted-firmware-mvebu and initial uDPU support
ATF mvebu is required for building a functional bootloader for A7K/A8K and
A37xx platforms. uDPU device is added as the first target.

A3700 platform has a wide range of settings which can be used per device, so
options are defined under the Device sections.

Platform also required WTP (recovery) tools and mv-ddr package for the DDR
topology configuration. 32-bit cross compiler is used for building the WTMI
image.

After the build, flash-image.bin can be used with the bubt command from the
u-boot shell to flash the new version of u-boot.

Signed-off-by: Vladimir Vid <vladimir.vid@sartura.hr>
2019-11-21 07:32:09 +01:00
Kevin Darbyshire-Bryant
3cee6f3f24 netifd: dhcp proto convert release to norelease
Change dhcp no/release on shutdown to 'norelease' uci option to match
existing proto dhcpv6 usage.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Acked-by: Hans Dedecker <dedeckeh@gmail.com>
2019-11-20 10:52:57 +00:00
Andre Heider
1bf1490eeb
am33x-cm3: remove
This is currently unused and not working anyway, since the used upstream
kernel loads am335x-pm-firmware.elf and not am335x-pm-firmware.bin [0].

The last downstream patches using the latter were removed with e4eef7e6.

Remove it instead of fixing it since the rtc-only sleep state can even
damage the hardware [1].

[0] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ccbbb9faac946ce61c241ce9f08b3486fabf031d
[1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7a6cb0abe1aa63334f3ded6d2b6c8eca80e72302

Signed-off-by: Andre Heider <a.heider@gmail.com>
2019-11-20 10:49:01 +01:00
Andre Heider
c5d121654e omap: support booting off different mmc devices
Tested with installing to/sysupgrading from sd and emmc on boneblack.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2019-11-20 10:46:19 +01:00
Andre Heider
1f37b2226e omap: switch from uEnv.txt to generic distro booting
Which makes supporting different boot devices easy.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2019-11-20 10:46:19 +01:00
Andre Heider
b69df1eee0 omap: update uboot to 2019.10
All patches have been dropped, they're either redundant (e.g. due to the
new and unset CONFIG_SPL_FAT_WRITE), break compilation (thumb hacks) or
have been applied upstream.

The defconfig for am335x_boneblack has been removed upstream [0], so use
am335x_evm for boneblack too.

Size changes (before, after, file):

ti_am335x-evm and ti_am335x-bone-black:
  79804 110832 MLO
 623836 756148 u-boot.img

ti_omap3-beagle:
  54148  57708 MLO
 496272 665728 u-boot.img

ti_omap4-panda:
  39356  40204 MLO
 284648 366672 u-boot.img

Tested on boneblack, which has the biggest spl size increase. The beagle and
panda spl sizes seem reasonable to not break booting.

[0] 8fa7f65dd0

Signed-off-by: Andre Heider <a.heider@gmail.com>
2019-11-20 10:46:19 +01:00
Koen Vandeputte
a74095c68c mac80211: refresh patches
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-11-19 14:59:03 +01:00
Koen Vandeputte
2d6a062b22 mac80211: backport upstream fixes
This potentially fixes some issues seen on IBSS
when interfaces go out of range and then re-appear.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-11-19 14:59:03 +01:00
Hauke Mehrtens
eaa047179a mac80211: Adapt to changes to skb_get_hash_perturb()
The skb_get_hash_perturb() function now takes a siphash_key_t instead of
an u32. This was changed in commit 55667441c84f ("net/flow_dissector:
switch to siphash"). Use the correct type in the fq header file
depending on the kernel version.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
2019-11-18 20:12:12 +01:00
Rafał Miłecki
cde8c2f2fb mac80211: brcmfmac: fix PCIe reset crash and WARNING
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-11-18 14:48:41 +01:00
Daniel Golle
d89427662d base-files: include 'reconf' in help output of 'wifi' command
Reported-by: Dirk Brenken <dev@brenken.org>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-11-18 12:58:31 +01:00
Daniel Golle
ccf2aa9d4b mac80211: detect existing interface before adding
Keep existing wdev when creating new nl80211 interfaces if phy and
type match, delete it otherwise.
To make this work, also remove left-over debugging function which
prevented the return-value of the 'iw' command to be taken into
account in mac80211_iw_interface_add().
As 4addr-mode (WDS) was setup during interface creation for station
interfaces, also set it after interface creation to make sure an
existing sta interface ends up with the right mode.

Fixes: a5bc9787d4 ("mac80211: add support for dynamically
                    reconfiguring wifi")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-11-16 17:16:25 +01:00
Daniel Golle
50d6e92619 Revert "mac80211: restore mac80211_interface_cleanup()"
This reverts commit 000b7687bc.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-11-16 15:49:54 +01:00
Paul Blazejowski
7e623c3128 ath79: add support for Netgear WNDR3700v4
This patch adds ath79 support for Netgear WNDR3700v4.
Router was previously supported by ar71xx target only.
Note: device requires 'ar934x-nand' driver in kernel.

Specification
=============
  * Description: Netgear WNDR3700v4
  * Loader: U-boot
  * SOC: Atheros AR9344 (560 MHz)
  * RAM: 128 MiB
  * Flash: 128 MiB (NAND)
    - U-boot binary: 256 KiB
    - U-boot environment: 256 KiB
    - ART: 256 KiB
    - POT: 512 KiB
    - Language: 2 MiB
    - Config: 512 KiB
    - Traffic Meter: 3 MiB
    - Firmware: 25 MiB
    - ART Backup: 256 KiB
    - Reserved: 96 MiB
  * Ethernet: 5 x 10/100/1000 (4 x LAN, 1 x WAN) (AR8327)
  * Wireless:
    - 2.4 GHz b/g/n (internal)
    - 5 GHz a/n (AR9580)
  * USB: yes, 1 x USB 2.0
  * Buttons:
    - Reset
    - WiFi (rfkill)
    - WPS
  * LEDs:
    - Power (amber/green)
    - WAN (amber/green)
    - WLAN 2G (green)
    - WLAN 5G (blue)
    - 4 x LAN (amber/green)
    - USB (green)
    - WPS (amber/green)
  * UART: 4-pin connector JP1, 3.3V (Vcc, TX, RX, GND), 115200 8N1
  * Power supply: DC 12V 2.5A
  * MAC addresses: LAN=WLAN2G on case label, WAN +1, WLAN5G +2

Installation
============
  * TFTP recovery
  * TFTP via U-boot prompt
  * sysupgrade
  * Web interface

Note about partitioning: firmware partition offset (0x6c0000) is
hardcoded into vendor's u-boot, so this partition cannot be moved
and resized to include Netgear-specific flash areas (pot, language,
config, traffic_meter) not used by OpenWrt.

Test build configuration
========================
CONFIG_TARGET_ath79=y
CONFIG_TARGET_ath79_nand=y
CONFIG_TARGET_ath79_nand_DEVICE_netgear_wndr3700-v4=y
CONFIG_ALL_KMODS=y
CONFIG_DEVEL=y
CONFIG_CCACHE=y
CONFIG_COLLECT_KERNEL_DEBUG=y
CONFIG_IMAGEOPT=y

Signed-off-by: Paul Blazejowski <paulb@blazebox.homeip.net>
2019-11-14 23:14:15 +01:00
Petr Štetiar
8f0a540648 fwtool: update to latest Git head
8f7fe925ca20 cmake: use extra compiler warnings only on gcc6+

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-11-14 22:53:31 +01:00
Petr Štetiar
240d590ca4 uci: update to latest Git head
8dd50da20de0 lua: fix error handling
 a2cab3b088a2 ucimap: fix possible use of memory after it is freed
 9cf978bc7964 delta: prevent possible null pointer use
 7736f497d2d9 cli: remove unused variable assigment
 39093f3b040d lua: fix memory leak in set method
 19ceff323f1e lua: fix memory leak in changes method
 18049a84fe40 tests: add cram based unit tests
 2b549cc050de lua: fix copy&paste in error string
 f5dd5217d627 cli: fix realloc issue spotted by cppcheck
 af59f86a0db9 iron out all extra compiler warnings
 1637d2918692 tests: shunit2: run all tests under Valgrind by default
 c1af73bfb023 cmake: enable extra compiler checks
 be69504e3666 cmake: build Lua module only if enabled
 38a2f12ec5ab tests: shunit2: fix issues reported by shellcheck
 266fc9e94c1e add initial GitLab CI support
 17d6144a49c6 tests: shunit2: make it working under CMake
 a6e8bbefd860 cmake: add unit testing option and shunit2 tests
 0ca93fec701a test: move shunit2 tests under standalone subdirectory

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-11-14 22:53:31 +01:00
Petr Štetiar
5d7fcd07a2 libnl-tiny: update to latest Git head
0219008cc876 remove never used err variable assignment disliked by scan-build
 7ce813fcd667 silence use after the free clang analyzer warning
 1f73b6a8e678 use offsetof macro to make scan-build happy

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-11-14 22:53:31 +01:00
Peter Stadler
953c27df31 base-files: rc.common: fix missing EXTRA_HELP texts
Commit ed5b9129d7 ("base-files: implement generic service_running")
has added EXTRA_HELP variable, thus overriding already available
EXTRA_HELP text available in other init scripts, resulting in the
missing help text from services like dropbear for example.

So fix this regression by appending EXTRA_HELP text provided by the
other init scripts into the one provided by the script itself.

Fixes: ed5b9129d7 ("base-files: implement generic service_running")
Signed-off-by: Peter Stadler <peter.stadler@student.uibk.ac.at>
[commit title/description facelift, fixes tag, fixed From:, pkg bump]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-11-14 22:53:31 +01:00
Sungbo Eo
6990510aca kernel: fix typo in fb-sys-fops autoload
AutoLoad parameter must match the exact kernel module name. Fix it.

Fixes: 125f1ce9ad ("kernel: video: add DRM core and IMX DRM support for HDMI/LVDS")
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2019-11-14 22:53:31 +01:00
Daniel Golle
000b7687bc mac80211: restore mac80211_interface_cleanup()
Changes introduced for dynamic wifi reconfiguration left behind
unmanaged interface types. Restore parts of the old function to
also clean (unencrypted, non-DFS) mesh and ad-hoc interfaces.

Fixes: a5bc9787d4 ("mac80211: add support for dynamically
                    reconfiguring wifi")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-11-14 14:10:58 +01:00
Jeff Kletsky
b496a2294c ath79: GL-AR750S: provide NAND support; increase kernel to 4 MB
The GL.iNet GL-AR750S has been supported by the ar71xx and ath79
platforms with access to its 16 MB NOR flash, but not its 128 MB
SPI NAND flash.

This commit provides support for the NAND through the upstream
SPI-NAND framework.

At this time, the OEM U-Boot appears to only support loading the
kernel from NOR. This configuration is preserved as this time,
with the glinet,gl-ar750s-nand name reserved for a potential,
future, NAND-only boot.

The family of GL-AR750S devices on the ath79 platform now includes:

  * glinet,gl-ar750m-nor-nand   "nand" target
  * glinet,gl-ar750m-nor        "nand" target (NAND-aware)

NB: This commit increases the kernel size from 2 MB to 4 MB

"Force-less" sysupgrade is presently supported from the current
versions of following NOR-based firmwre images to the version of
glinet,gl-ar750s-nor firmware produced by this commit:

  * glinet,gl-ar750s     -- OpenWrt 19.07 ar71xx
  * glinet,gl-ar750s     -- OpenWrt 19.07 ath79

Users who have sucessfully upgraded to glinet,gl-ar750m-nor may then
flash glinet,gl-ar750m-nor-nand with sysupgrade to transtion to the
NAND-based variant.

Other upgrades to these images, including directly to the NAND-based
glinet,gl-ar750s-nor-nand firmware, can be accomplished through U-Boot.

NB: See "ath79: restrict GL-AR750S kernel build-size to 2 MB" which
enables flashing of NAND factory.img with the current GL-iNet U-Boot,
"U-Boot 1.1.4-gcf378d80-dirty (Aug 16 2018 - 07:51:15)"

The GL-AR750S OEM U-Boot allows upload and flashing of either NOR
firmware (sysupgrade.bin) or NAND firmware (factory.img) through its
HTTP-based GUI. Serial connectivity is not required.

The glinet,gl-ar750s-nor and glinet,gl-ar750s-nor-nand images
generated after this commit flash each other directly.

This commit changes the control of the USB VBUS to gpio-hog from
regulator-fixed introduced by commit 0f6b944c92. This reduces the
compressed kernel size by ~14 kB, with no apparent loss of
functionality. No other ath79-nand boards are using regulator-fixed
at this time.

Note: mtd_get_mac_binary art 0x5006 does not return the proper MAC
and the GL.iNet source indicates that only the 0x0 offset is valid

The ar71xx targets are unmodified.

Cc: Alexander Wördekemper <alexwoerde@web.de>

Signed-off-by: Jeff Kletsky <git-commits@allycomm.com>
2019-11-14 14:38:58 +08:00
Jeff Kletsky
b591cabd39 ath79: add GL.iNet GL-AR300M16 as NOR-only board
The GL.iNet GL-AR300M series of devices includes variants without NAND
and only the 16 MB NOR flash. These include the GL-AR300M16 and the
GL-AR300M-Lite (already with its own board name).

This board-name addition provides disambiguation from the NAND-bearing
GL-AR300M devices, both for OpenWrt code and for end users.

Kernel and firmware support for NAND and UBI will add ~320 kB to the
overall firmware size at this time. This NOR-only option continues to
provide more compact firmware for both the GL-AR300M16 as well as
those who wish to use it as an alternate or primary, NOR-resident
firmware on the GL-AR300M.

The ar71xx targets are unmodified.

Installation
------------

Install through OEM U-Boot (HTTP-based) or `sysupgrade --force` when
booted from NOR and running OEM or OpenWrt, NOR-based firmware.

As one of the intentions is disambiguation from NAND-bearing units,
users who have flashed this firmware onto a device with NAND would
need to use U-Boot or `sysupgrade --force` to flash firmware that
again supports NAND.

There are no additional SUPPORTED_DEVICES as it is not possible to
determine if a device does or does not have NAND based on
either the OEM's or OpenWrt's board names prior to this patch.

Signed-off-by: Jeff Kletsky <git-commits@allycomm.com>
2019-11-14 14:38:58 +08:00
Piotr Dymacz
10bcf1eb40 uboot-envtools: ramips: add support for ALFA Network Quad-E4G
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2019-11-14 01:38:01 +01:00
Piotr Dymacz
3cfea3a321 uboot-envtools: ramips: add support for ALFA Network R36M-E4G
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2019-11-13 21:45:31 +01:00
Russell Senior
b20b997c68 base-files: add /usr/share/libubox/jshn.sh to sysupgrade stage2
Discovered recent changes had broken sysupgrade for ar71xx mikrotik
rb-493g, traced the problem to missing /usr/share/libubox/jshn.sh after
switching to tmpfs.

Signed-off-by: Russell Senior <russell@personaltelco.net>
2019-11-13 18:55:00 +01:00
Adrian Schmutzler
4b81c1fd57 base-files: remove shebang from uci-defaults files
uci-defaults are sourced and non-executable, so they do not require
a shebang.

While at it, apply consistent naming scheme.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-11-13 12:50:57 +01:00
John Crispin
6becc37f33 base-files: add 'wifi reconf'
Now that netifd and hostapd allow dynamic reconfiguration, add a
command to trigger it.

Signed-off-by: John Crispin <john@phrozen.org>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-11-12 11:52:38 +01:00
John Crispin
a5bc9787d4 mac80211: add support for dynamically reconfiguring wifi
Change scripts to use ubus interface of hostapd/wpa_supplicant to
add/remove/modify wireless interfaces instead of (re-)starting the
services.

Signed-off-by: John Crispin <john@phrozen.org>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-11-12 11:52:33 +01:00
John Crispin
60fb4c92b6 hostapd: add ubus reload
Add ubus interface to hostapd and wpa_supplicant to allow dynamically
reloading wiface configuration without having to restart the hostapd
process.
As a consequence, both hostapd and wpa_supplicant are now started
persistently on boot for each wifi device in the system and then
receive ubus calls adding, modifying or removing interface
configuration.
At a later stage it would be desirable to reduce the services to one
single instance managing all radios.

Signed-off-by: John Crispin <john@phrozen.org>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-11-12 11:52:26 +01:00
Daniel Golle
155ede4f1f netifd: add dynamic wireless reconfiguration
7a723d0 wireless: add ubus method for reloading configuration
 e15147c wireless: make reconf opt-in and allow serializing configuration

Set new option 'reconf' in 'wifi-device' section to enable dynamic
re-configuration on that radio.
If necessary, also set option 'serialize' which forced netifd to
configure interfaces of wireless devices one-by-one.
Both options are disabled by default.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-11-12 11:51:36 +01:00
Petr Štetiar
4ba8f7b1ef fwtool: update to latest Git head
Includes following changes:

 9d9d4c284786 fix possible garbage in unitialized char* struct members
 dbc1b1b71b24 fix possible copy of null buffer and validation of unitialized header
 76d53deef8bb crc32: add missing stdint.h dependency
 e5666ed3b47c add cram based unit tests
 abe0cf7de053 add initial GitLab CI support
 e43042507b4f iron out extra compiler warnings
 5df0cd6e1523 convert into CMake project
 a7dc0526f819 refactor into separate Git project

adds missing PKG_LICENSE field and converts the package build to utilize
CMake.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-11-11 16:37:13 +01:00
Zoltan HERPAI
32287b3913 firmware: intel-microcode: bump to 20190918
* New upstream microcode datafile 20190918

      *Might* contain mitigations for INTEL-SA-00247 (RAMBleed), given
      the set of processors being updated.
  * Updated Microcodes:
      sig 0x000306d4, pf_mask 0xc0, 2019-06-13, rev 0x002e, size 19456
      sig 0x000306f4, pf_mask 0x80, 2019-06-17, rev 0x0016, size 18432
      sig 0x00040671, pf_mask 0x22, 2019-06-13, rev 0x0021, size 14336
      sig 0x000406f1, pf_mask 0xef, 2019-06-18, rev 0xb000038, size 30720
      sig 0x00050654, pf_mask 0xb7, 2019-07-31, rev 0x2000064, size 33792
      sig 0x00050657, pf_mask 0xbf, 2019-08-12, rev 0x500002b, size 51200
      sig 0x00050662, pf_mask 0x10, 2019-06-17, rev 0x001c, size 32768
      sig 0x00050663, pf_mask 0x10, 2019-06-17, rev 0x7000019, size 24576
      sig 0x00050664, pf_mask 0x10, 2019-06-17, rev 0xf000017, size 24576
      sig 0x00050665, pf_mask 0x10, 2019-06-17, rev 0xe00000f, size 19456

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2019-11-10 23:39:29 +01:00
Jo-Philipp Wich
aa89bdcd04 rpcd: update to latest Git HEAD
77ad0de plugin: avoid truncating numeric values

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-11-10 21:35:00 +01:00
Zoltan HERPAI
db09335848 firmware: intel-microcode: bump to 20190618
* Implements MDS mitigation (RIDL, Fallout, Zombieload), INTEL-SA-00223
    CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
  * Updated Microcodes:
    sig 0x000206d6, pf_mask 0x6d, 2019-05-21, rev 0x061f, size 18432
    sig 0x000206d7, pf_mask 0x6d, 2019-05-21, rev 0x0718, size 19456

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2019-11-10 12:20:03 +01:00
Zoltan HERPAI
9a16bcfd79 firmware: intel-microcode: bump to 20190514
* New Microcodes:
    sig 0x00030678, pf_mask 0x02, 2019-04-22, rev 0x0838, size 52224
    sig 0x00030678, pf_mask 0x0c, 2019-04-22, rev 0x0838, size 52224
    sig 0x00030679, pf_mask 0x0f, 2019-04-23, rev 0x090c, size 52224
    sig 0x000406c3, pf_mask 0x01, 2019-04-23, rev 0x0368, size 69632
    sig 0x000406c4, pf_mask 0x01, 2019-04-23, rev 0x0411, size 68608
    sig 0x00050657, pf_mask 0xbf, 2019-02-27, rev 0x5000021, size 47104
    sig 0x000806e9, pf_mask 0x10, 2018-10-18, rev 0x009e, size 98304
    sig 0x000806eb, pf_mask 0xd0, 2018-10-25, rev 0x00a4, size 99328
    sig 0x000806ec, pf_mask 0x94, 2019-02-12, rev 0x00b2, size 98304
    sig 0x000906ec, pf_mask 0x22, 2018-09-29, rev 0x00a2, size 98304
    sig 0x000906ed, pf_mask 0x22, 2019-02-04, rev 0x00b0, size 97280

  * Updated Microcodes:
    sig 0x000206a7, pf_mask 0x12, 2019-02-17, rev 0x002f, size 12288
    sig 0x000306a9, pf_mask 0x12, 2019-02-13, rev 0x0021, size 14336
    sig 0x000306c3, pf_mask 0x32, 2019-02-26, rev 0x0027, size 23552
    sig 0x000306d4, pf_mask 0xc0, 2019-03-07, rev 0x002d, size 19456
    sig 0x000306e4, pf_mask 0xed, 2019-03-14, rev 0x042e, size 16384
    sig 0x000306e7, pf_mask 0xed, 2019-03-14, rev 0x0715, size 17408
    sig 0x000306f2, pf_mask 0x6f, 2019-03-01, rev 0x0043, size 34816
    sig 0x000306f4, pf_mask 0x80, 2019-03-01, rev 0x0014, size 18432
    sig 0x00040651, pf_mask 0x72, 2019-02-26, rev 0x0025, size 21504
    sig 0x00040661, pf_mask 0x32, 2019-02-26, rev 0x001b, size 25600
    sig 0x00040671, pf_mask 0x22, 2019-03-07, rev 0x0020, size 14336
    sig 0x000406e3, pf_mask 0xc0, 2019-04-01, rev 0x00cc, size 100352
    sig 0x000406f1, pf_mask 0xef, 2019-03-02, rev 0xb000036, size 30720
    sig 0x00050654, pf_mask 0xb7, 2019-04-02, rev 0x200005e, size 32768
    sig 0x00050662, pf_mask 0x10, 2019-03-23, rev 0x001a, size 32768
    sig 0x00050663, pf_mask 0x10, 2019-03-23, rev 0x7000017, size 24576
    sig 0x00050664, pf_mask 0x10, 2019-03-23, rev 0xf000015, size 23552
    sig 0x00050665, pf_mask 0x10, 2019-03-23, rev 0xe00000d, size 19456
    sig 0x000506c9, pf_mask 0x03, 2019-01-15, rev 0x0038, size 17408
    sig 0x000506ca, pf_mask 0x03, 2019-03-01, rev 0x0016, size 15360
    sig 0x000506e3, pf_mask 0x36, 2019-04-01, rev 0x00cc, size 100352
    sig 0x000506f1, pf_mask 0x01, 2019-03-21, rev 0x002e, size 11264
    sig 0x000706a1, pf_mask 0x01, 2019-01-02, rev 0x002e, size 73728
    sig 0x000806e9, pf_mask 0x10, 2019-04-01, rev 0x00b4, size 98304
    sig 0x000806e9, pf_mask 0xc0, 2019-04-01, rev 0x00b4, size 99328
    sig 0x000806ea, pf_mask 0xc0, 2019-04-01, rev 0x00b4, size 99328
    sig 0x000806eb, pf_mask 0xd0, 2019-03-30, rev 0x00b8, size 98304
    sig 0x000806ec, pf_mask 0x94, 2019-03-30, rev 0x00b8, size 97280
    sig 0x000906e9, pf_mask 0x2a, 2019-04-01, rev 0x00b4, size 99328
    sig 0x000906ea, pf_mask 0x22, 2019-04-01, rev 0x00b4, size 98304
    sig 0x000906eb, pf_mask 0x02, 2019-04-01, rev 0x00b4, size 99328
    sig 0x000906ec, pf_mask 0x22, 2019-02-14, rev 0x00ae, size 98304
    sig 0x000906ed, pf_mask 0x22, 2019-03-17, rev 0x00b8, size 97280
  * Implements MDS mitigation (RIDL, Fallout, Zombieload), INTEL-SA-00223
    CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2019-11-10 12:19:59 +01:00
Hauke Mehrtens
3ff3b044c0 mac80211: Fix dependencies of kmod-rsi91x-usb
Instead of depending on kmod-usb2 make it depend on the normal USB
dependencies. This should hopefully fix some problems seen in the build
bot builds for powerpc_8540.

In addition also activate DRIVER_11N_SUPPORT support.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-11-09 20:20:22 +01:00
Hauke Mehrtens
b01305c8d2 strace: Fix build on PowerPC
This patch breaks building on PowerPC, like the mpc85xx_generic
target for me.

Fixes: FS#2585
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-11-09 20:13:41 +01:00
Rosen Penev
cabaaf06fe nghttp2: Fix pkgconfig file
lib and includedir point to the host, not staging_dir.

Note that prefix and exec_prefix is overriden to point to staging_dir.

As CMAKE_INSTTALL is passed, switched InstallDev to use cmake.mk's rule.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2019-11-09 14:33:42 +01:00
Rosen Penev
7f4cef67c2 libevent2: Fix pkgconfig directories
includedir and libdir are set to /usr/include and /usr/lib . This breaks
compilation with packages such as tmux that use pkgconfig to find libevent

Also added PKG_LICENSE_FILES.

Simplified the InstallDev section by using cmake.mk's default rule.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2019-11-09 14:33:42 +01:00
DENG Qingfang
2ea8cd73fe ipset: update to 7.4
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2019-11-09 14:33:42 +01:00
Hauke Mehrtens
b7b2be0b26 uboot-envtools: Add TARGET_LDFLAGS to fix PIE and RELRO
Forward the OpenWrt TARGET_LDFLAGS to the linker of the fw_printenv tool.
In addition also use the more standard make invocation script.
With this change the fw_printenv tool is built with PIE and Full RELRO
support when activated globally in OpenWrt.

Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
2019-11-09 14:33:42 +01:00
Rosen Penev
39035df71c xfsprogs: Fix compilation with newer musl
Backported upstream patch.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2019-11-09 14:33:42 +01:00
Hannu Nyman
5b3f0e70a1 busybox: update to 1.31.1
Update busybox to 1.31.1

Small bug fix release. Fixes for dc, ash (PS1 expansion fix),
hush, dpkg-deb, telnet and wget.

No need to refresh patches or config.

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2019-11-09 13:24:09 +01:00
Michael Heimpold
2249780fb7 procd: start additional consoles during hotplugging
Now that 'start-console' procd command has reached the main repo,
we can add a rule to start consoles on serial devices which are
created when USB gadget driver reports creation with hotplugging.

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
2019-11-09 12:56:30 +01:00
Michael Heimpold
593d02a9be uboot-mxs: bump to v2019.10
Also update the U-Boot BSP patch for I2SE Duckbill devices.

Run tested on I2SE Duckbill and Olimex OLinuXino Maxi boards.

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
2019-11-09 12:56:25 +01:00
Hauke Mehrtens
6ffd8a8f92 usign: Activate LTO compile option
This decreases the size of the usign application by 16% on MIPS BE.

old:
24,597 /usr/bin/usign

new:
20,501 /usr/bin/usign

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-11-08 23:57:54 +01:00
Hauke Mehrtens
e926681387 swconfig: Activate LTO compile option
This decreases the size of the swconfig application by 25% on MIPS BE.

old:
16,916 /sbin/swconfig

new:
12,565 /sbin/swconfig

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-11-08 23:57:53 +01:00
Hauke Mehrtens
1eb34b7287 mtd: Activate LTO compile option
This decreases the size of the mtd application by 25% on MIPS BE.

old:
20,597 /sbin/mtd

new:
16,421 /sbin/mtd

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-11-08 23:57:52 +01:00
Hauke Mehrtens
6596c95eca dnsmasq: Activate LTO
This decreases the binary size when PIE ASLR is activated by 8% on MIPS BE.

old:
202,020 /usr/sbin/dnsmasq

new:
185,676 /usr/sbin/dnsmasq

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-11-08 23:57:51 +01:00
Hauke Mehrtens
a43a40c49e uci: update to latest to version 2019-11-08
fc417e8 build: Add -Wclobbered to detect problems with longjmp
2c8e4a3 util: Fix error path

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-11-08 23:56:43 +01:00
Michal Cieslakiewicz
1105290049 ar71xx: update uboot-envtools for Netgear WNR routers
Boards added: WNR1000v2, WNR2000v3, WNR2200, WNR612v2, WNDR4300.
Boards changed: WNDR3700 (u-boot env size is 2 sectors not 1).

Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
2019-11-08 14:48:52 +01:00
Michal Cieslakiewicz
d47b687006 ath79: update uboot-envtools for Netgear WNR routers
Boards added: WNR1000v2, WNR2000v3, WNR612v2, WNDR3700.

Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
2019-11-08 14:48:48 +01:00
Henrique de Moraes Holschuh
8eab0a0036 busybox: disable default config option FEATURE_SUID=y
Commit ad7c6102f2 ("busybox: fix missing install with suid bit set if
FEATURE_SUID=y") actually fixes BUSYBOX_CONFIG_FEATURE_SUID option and
thus would install busybox setuid root by default which would result in
possibly unwanted change of current behaviour, so let's disable this
option by default in order to preserve the current status-quo.

For the record: disabling FEATURE_SUID to preserve the status-quo does
*not* imply the current status-quo is "safer", or for that matter, in
any way desireable.  That is a discussion to be had on the mailing
lists.

Switching the FEATURE_SUID default to "n" is simply a compromise to
facilitate the merge of the changes that unbreak FEATURE_SUID.

Ref: PR#2502
Signed-off-by: Henrique de Moraes Holschuh <henrique@nic.br>
[commit title/description facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-11-07 22:51:37 +01:00
Henrique de Moraes Holschuh
ad7c6102f2 busybox: fix missing install with suid bit set if FEATURE_SUID=y
With FEATURE_SUID=y one can install busybox binary belonging to root
with the suid bit set, enabling some applets to perform root-level
operations even when run by ordinary users. Busybox then drops
privileges for applets that don't need root access, before entering
their main() function.

Currently we don't install busybox binary with suid bit set, rendering
this feature unusable.

Note that we can't just "chmod u+s /bin/busybox" at runtime as a
"cheaper" solution: it would waste approximately 200KiB of FLASH (the
whole /bin/busybox binary gets copied into the overlay).

Ref: PR#2502
Signed-off-by: Henrique de Moraes Holschuh <henrique@nic.br>
[commit title/description facelift, use INSTALL_SUID variable]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-11-07 22:50:16 +01:00
Adrian Schmutzler
22b8a6263d Revert "base-files: rename hostname with EUI of mac address"
This reverts commit 6170c46b47.

There has been demand for further evaluation of the impact of a
changed hostname, so this is reverted for now. The default hostname
will be "OpenWrt" again after this commit.

The macaddr_geteui() function is not removed by this revert.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-11-07 18:19:55 +01:00
Rosy Song
6170c46b47 base-files: rename hostname with EUI of mac address
If a label MAC address is provided for device, system
will rename the hostname with OpenWrt_{eui mac address}.
This helps to distinguish between different devices.

Since it's no good idea to nest json_* functions, this code does
not use get_mac_label directly, but only get_mac_label_dt as
external resource.

Signed-off-by: Rosy Song <rosysong@rosinson.com>
[merged with commit introducing macaddr_geteui, rebased on updated
label MAC address storage, extended commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-11-07 17:13:18 +01:00
Adrian Schmutzler
a6fbdd3a78 base-files: don't store label MAC address in uci system config
If set, label MAC address is available from one of two sources,
device tree or board.json. So far, the function get_mac_label
was meant for retrieving the address, while an option in uci
system config was specified only for case 2 (board.json).

The uci config option has several drawbacks:
- it is only used for a fraction of devices (those not in DT)
- label MAC address is a device property, while config implies
  user interaction
- label_macaddr option will only be set if /etc/config/system
  does not exist (i.e. only for new installations)

Thus, this patch changes the behavior of get_mac_label:
Instead of writing the value in board.json to uci system config
and reading from this location afterwards, get_mac_label now
extracts data from board.json directly. The uci config option
won't be used anymore.
In addition, two utility functions for extraction only from DT
or from board.json are introduced.

Since this is only changing the access to the label MAC address, it
won't interfere with the addresses stored in the code base so far.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-11-07 17:13:18 +01:00
Eneas U de Queiroz
3540a37a97 kernel: add crypto_user mod to crypto-user pkg
This is needed to export crypto information to netfilter, allowing
the alt. afalg openssl engine to obtain information about the drivers
being used.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2019-11-06 23:27:20 +01:00
Eneas U de Queiroz
f4853f7cca wolfssl: update to v4.2.0-stable
Many bugs were fixed--2 patches removed here.

This release of wolfSSL includes fixes for 5 security vulnerabilities,
including two CVEs with high/critical base scores:

- potential invalid read with TLS 1.3 PSK, including session tickets
- potential hang with ocspstaping2 (always enabled in openwrt)
- CVE-2019-15651: 1-byte overread when decoding certificate extensions
- CVE-2019-16748: 1-byte overread when checking certificate signatures
- DSA attack to recover DSA private keys

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2019-11-06 23:23:53 +01:00
Petr Štetiar
80a799125b libnl-tiny: update to latest Git head
Includes following changes:

 0230d0698e59 add initial GitLab CI support
 5e13b797a988 iron out all extra compiler warnings
 802fbd4d6f39 cmake: enable extra compiler checks
 050bb5c4431b convert into CMake project
 5b350e42d1fd refactor into separate Git project

and converts the package build to utilize CMake.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-11-06 16:31:42 +01:00
David Bauer
4c6fe32468 mac80211 ath9k: force QCA953x clock to 25MHz
The QCA953x only supports 25 MHz refclk, however some OEMs set an
invalid bootstrap value for the REF_CLK option, which would break the
clock detection in ath9k.

Force the QCA953x refclk to 25MHz in ath9k, as this is (according to the
datasheet) the only valid frequency.

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-11-05 22:55:54 +01:00
Koen Vandeputte
f96af28272 ath10k-firmware: update Candela Tech firmware images
The release notes since last time for wave-1:

  *  October 5,  2019:  Fix too-short msg caused by invalid use of PayloadLen in receive path.
                        This appears to resolve the issue of getting (and ignoring) too-short commands
                        when we detect loss of CE interrupts and go into polling mode.

  *  October 12, 2019:  Fix regression in IBSS mode that caused SWBA overrun issues.  Related to
                        regression added during the ct-station logic, specifically TSF allocation.
                        Thanks for Ahmed Zaki @ Mage-Networks for helping to diagnose and test.

  *  October 15, 2019:  Only send beacon tx completion events if we can detect CT driver is being
                        used (based on CT_STATS_OK flag being set).  This should help CT firmware work
                        better on stock driver.

The release notes since last time for wave-2:

  *  October 15, 2019:  Only send beacon tx completion events if we can detect CT driver is being
                        used (based on ATH10k_USE_TXCOMPL_TXRATE2 | ATH10k_USE_TXCOMPL_TXRATE1 flags being set).
                        This should help CT firmware work better on stock driver.

  *  October 31, 2019:  Compile out peer-ratecode-list-event.  ath10k driver ignores the event.

  *  November 1, 2019:  Fix rate-ctrl related crash when nss and other things were changed while
                        station stays associated.  See bug: https://github.com/greearb/ath10k-ct/issues/96

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-11-05 15:43:22 +01:00
Jo-Philipp Wich
6f9157e6bd ustream-ssl: update to latest Git HEAD
c9b6668 ustream-ssl: skip writing pending data if .eof is true after connect

Fixes: CVE-2019-5101, CVE-2019-5102
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-11-05 14:43:20 +01:00
Felix Fietkau
fa37dbbc43 mac80211: fix build without CONFIG_PCI
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-11-05 14:22:01 +01:00
Felix Fietkau
8b15e7f661 mac80211: add support for multiple wiphys behind a single device
The device path will be the same for the first phy. For all subsequent
phys, the path gets an extra +1, +2, ...
Move the code for converting path to phy and vice versa to a separate
library script shared by config detection code and the netifd wireless
handler script

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-11-05 12:09:36 +01:00
Felix Fietkau
d64daf7026 mac80211: add pcie apsm backport changes
Required for newer versions of mt76

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-11-05 12:09:26 +01:00
David Bauer
3034f8c3b8 hostapd: enable PMKSA and OK caching for WPA3-Personal
This enables PMKSA and opportunistic key caching by default for
WPA2/WPA3-Personal, WPA3-Personal and OWE auth types.
Otherwise, Apple devices won't connect to the WPA3 network.

This should not degrade security, as there's no external authentication
provider.

Tested with OCEDO Koala and iPhone 7 (iOS 13.1).

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-11-04 18:46:54 +01:00
Hauke Mehrtens
6f3a293532 procd: Update to version 2019-11-02
f47622e instance: Warn about unexpected number of parameters
564ecdf instance: ujail: Fix allocated size for no_new_privs parameter
7fb2e1d procd: simplify code in procd_inittab_run
4a127c3 procd: replace exit(-1) with exit(EXIT_FAILURE)
bc0a73e procd: add upgraded binary to .gitignore
ba4c4db procd: add start-console support
3e39fe5 procd: shift arguments for askfirst only once
5d62829 procd: skip respawn in case device disappeared
d27949f procd: guard fork_worker calls

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-11-03 20:25:07 +01:00
Daniel Golle
43ae50978a mac80211: rt2x00: remove errornous duplicate condition
https://patchwork.kernel.org/patch/11224189/
--
On 2019-10-28 06:07, wbob wrote:
> Hello Roman,
>
> while reading around drivers/net/wireless/ralink/rt2x00/rt2800lib.c
> I stumbled on what I think is an edit of yours made in error in march
> 2017:
>
> https://github.com/torvalds/linux/commit/41977e86#diff-dae5dc10da180f3b055809a48118e18aR5281
>
> RT6352 in line 5281 should not have been introduced as the "else if"
> below line 5291 can then not take effect for a RT6352 device. Another
> possibility is for line 5291 to be not for RT6352, but this seems
> very unlikely. Are you able to clarify still after this substantial time?
>
> 5277: static int rt2800_init_registers(struct rt2x00_dev *rt2x00dev)
> ...
> 5279:  } else if (rt2x00_rt(rt2x00dev, RT5390) ||
> 5280:         rt2x00_rt(rt2x00dev, RT5392) ||
> 5281:         rt2x00_rt(rt2x00dev, RT6352)) {
> ...
> 5291:  } else if (rt2x00_rt(rt2x00dev, RT6352)) {
> ...

Hence remove errornous line 5281 to make the driver actually
execute the correct initialization routine for MT7620 chips.

As it was requested by Stanislaw Gruszka remove setting values of
MIMO_PS_CFG and TX_PIN_CFG. MIMO_PS_CFG is responsible for MIMO
power-safe mode (which is disabled), hence we can drop setting it.
TX_PIN_CFG is set correctly in other functions, and as setting this
value breaks some devices, rather don't set it here during init, but
only modify it later on.

Fixes: 41977e86c984 ("rt2x00: add support for MT7620")
Reported-by: wbob <wbob@jify.de>
Reported-by: Roman Yeryomin <roman@advem.lv>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Acked-by: Stanislaw Gruszka <sgruszka@redhat.com>
--

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-11-03 18:31:02 +01:00
Yousong Zhou
e4af39d563 fstools: bump to version 2019-11-03
2f2a09a block: mount_device: err log only when mp deviates from spec
da4edc1 block: mount_device: skip extroot earlier
32c3126 block: mount_action: handle mount/umount deps
fb0700f block: support hierarchical mount/umount
1212b5b block: umount: skip / unless -a is given
eda8b3f block: use fsck.fat instead of dosfsck
d05276d libblkid-tiny: ntfs: fix use-after-free

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-11-03 04:25:37 +00:00
Yousong Zhou
51e7624776 libubox: bump to version 2019-10-29
It contains a single change to vlist.h header file: "vlist: add more
macros for loop iteration".  This is needed for newer version of fstools

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-11-03 04:24:54 +00:00
Kyle Copperfield
87f9292300 hostapd: add IEEE 802.11k support
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.

To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
Enables radio resource management to be reported by hostapd to clients.

Ref: https://github.com/lede-project/source/pull/1430
Co-developed-by: Lorenzo Santina <lorenzo.santina@edu.unito.it>
Signed-off-by: Lorenzo Santina <lorenzo.santina@edu.unito.it>
Signed-off-by: Kyle Copperfield <kmcopper@danwin1210.me>
2019-11-02 20:51:52 +01:00
Michal Cieslakiewicz
9b6f89c37f ath79: add support for Netgear WNDR4300
This patch adds ath79 support for Netgear WNDR4300.
Router was previously supported by ar71xx target only.
Note: device requires 'ar934x-nand' driver in kernel.

Specification
=============
  * Description: Netgear WNDR4300
  * Loader: U-boot
  * SOC: Atheros AR9344 (560 MHz)
  * RAM: 128 MiB
  * Flash: 128 MiB (NAND)
	- U-boot binary: 256 KiB
	- U-boot environment: 256 KiB
	- ART: 256 KiB
	- POT: 512 KiB
	- Language: 2 MiB
	- Config: 512 KiB
	- Traffic Meter: 3 MiB
	- Firmware: 25 MiB
	- ART Backup: 256 KiB
	- Reserved: 96 MiB
  * Ethernet: 5 x 10/100/1000 (4 x LAN, 1 x WAN) (AR8327)
  * Wireless:
	- 2.4 GHz b/g/n (internal)
	- 5 GHz a/n (AR9580)
  * USB: yes, 1 x USB 2.0
  * Buttons:
	- Reset
	- WiFi (rfkill)
	- WPS
  * LEDs:
	- Power (amber/green)
	- WAN (amber/green)
	- WLAN 2G (green)
	- WLAN 5G (blue)
	- 4 x LAN (amber/green)
	- USB (green)
	- WPS (amber/green)
  * UART: 4-pin connector JP1, 3.3V (Vcc, TX, RX, GND), 115200 8N1
  * Power supply: DC 12V 2.5A
  * MAC addresses: LAN=WLAN2G on case label, WAN +1, WLAN5G +2

Installation
============
  * TFTP recovery
  * TFTP via U-boot prompt
  * sysupgrade
  * Web interface

Note about partitioning: firmware partition offset (0x6c0000) is
hardcoded into vendor's u-boot, so this partition cannot be moved
and resized to include Netgear-specific flash areas (pot, language,
config, traffic_meter) not used by OpenWrt.

Test build configuration
========================
CONFIG_TARGET_ath79=y
CONFIG_TARGET_ath79_nand=y
CONFIG_TARGET_ath79_nand_DEVICE_netgear_wndr4300=y
CONFIG_ALL_KMODS=y
CONFIG_DEVEL=y
CONFIG_CCACHE=y
CONFIG_COLLECT_KERNEL_DEBUG=y
CONFIG_IMAGEOPT=y

Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
2019-11-02 19:29:30 +01:00
DENG Qingfang
2d00cf7515 libnl: update to 3.5.0
Update libnl to 3.5.0

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2019-11-01 21:19:40 +01:00
Vladimir Vid
b2fdfe0727 uboot-mvebu: add support for Macronix mx25u12835f flash
Some of A3700 boards use mx25u12835f, specifically uDPU and ESPRESSObin v7.

Signed-off-by: Vladimir Vid <vladimir.vid@sartura.hr>
2019-11-01 21:19:40 +01:00
Hauke Mehrtens
57ff06405e ustream-ssl: Update to latest git HEAD
465f8dc wolfssl: adjust to new API in v4.2.0
3b06c65 Update example certificate & key, fix typo
1c38fd8 wolfssl: enable CN validation
33308ee ustream-io-cyassl.c: fix client-mode connections
79d91aa Remove CyaSSL, WolfSSL < 3.10.4 support

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-11-01 21:19:40 +01:00
Hauke Mehrtens
ddab758997 lantiq: Allow PKG_ASLR_PIE for DSL and voice drivers
When ASLR_PIE was activated globally these drivers failed to build
because the user space LDFLAGS leaked into the kernel build process.
This was fixed in upstream Linux kernel commit ce99d0bf312d ("kbuild:
clear LDFLAGS in the top Makefile") which went into Linux 4.17. The
lantiq target is now on Linux 4.19 only and these exceptions are not
needed any more.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-11-01 21:19:40 +01:00
Michal Cieslakiewicz
f85d56bb03 ath79: add support for Netgear WNR2200
This patch adds ath79 support for Netgear WNR2200.
Router was previously supported by ar71xx target only (8 MiB variant).
Netgear WNR2200 has two flash versions - 8MiB sold in EU, US etc. and
16 MiB for Russia and China markets. Apart from flash size both variants
share the same hardware specification.

Specification
=============
  * Description: Netgear WNR2200
  * Loader: U-boot
  * SOC: Atheros AR7241 (360 MHz)
  * RAM: 64 MiB
  * Flash: 8 MiB or 16 MiB (SPI NOR)
	- U-boot binary: 256 KiB
	- U-boot environment: 64 KiB
	- Firmware: 7808 KiB or 16000 KiB
	- ART: 64 KiB
  * Ethernet: 4 x 10/100 LAN + 1 x 10/100 WAN
  * Wireless: 2.4 GHz b/g/n (Atheros AR9287)
  * USB: yes, 1 x USB 2.0
  * Buttons:
	- Reset
	- WiFi (rfkill)
	- WPS
  * LEDs:
	- Power (amber/green)
	- WAN (amber/green)
	- WLAN (blue)
	- 4 x LAN (amber/green)
	- WPS (green)
  * UART: 4-pin connector JP1, 3.3V (Vcc, TX, RX, GND), 115200 8N1
  * Power supply: DC 12V 1.5A
  * MAC addresses: LAN on case label, WAN +1, WLAN +2

Installation
============
  * TFTP recovery
  * TFTP via U-boot prompt
  * sysupgrade
  * Web interface

Test build configuration
========================
CONFIG_TARGET_ath79=y
CONFIG_TARGET_ath79_generic=y
CONFIG_TARGET_ath79_generic_DEVICE_netgear_wnr2200-8m=y
CONFIG_ALL_KMODS=y
CONFIG_DEVEL=y
CONFIG_CCACHE=y
CONFIG_COLLECT_KERNEL_DEBUG=y
CONFIG_IMAGEOPT=y
CONFIG_KERNEL_DEBUG_INFO=y
CONFIG_KERNEL_DEBUG_KERNEL=y

Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
2019-11-01 21:14:55 +01:00
Jo-Philipp Wich
c2675bb0ce rpcd: update to latest Git HEAD
d442d62 plugin: fix double free in finish callback
ee26d83 main: exec_self: make clang analyzer happy
90e40bd file: exec: properly free memory on error
9ecfada uci: free configs list memory on return
32fba36 exec: always call finish_cb to allow plugin to free up memory
ca3e2d5 plugin: do not free method name separately
02c6e1d exec: properly free memory on rpc_exec() error
cc50263 plugin: exec: properly free memory on parse error
bd0ed25 uci: reset uci_ptr flags when merging set operations
37aa919 plugin: fix leaking invoked method name for exec plugins

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-11-01 13:26:59 +01:00
Yousong Zhou
289d532ddd dropbear: rebuild libs on config change
Required as dependency on dropbear config headers is not tracked in
dropbear build system

Fixes FS#2275

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-11-01 06:59:51 +00:00
Yousong Zhou
4bf9bec361 kernel: mark kmod-usb-serial-wwan as hidden
The kconfig symbol is an invisible one since its introduction.  It is
not supposed to be enabled on its own.

Resolves FS#1821

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-10-30 12:43:17 +00:00
Yousong Zhou
f526e85426 base-files: hotplug-call: exit success when dir is absent
"block mount" invokes "hotplug-call mount".  It emits the following
error when mount is not present

	hotplug-call call failed

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-10-29 13:28:49 +00:00
David Bauer
641a93f0f2 ath10k-firmware: update wave 1 firmware to 10.2.4-1.0-00047
This fixes frequent crashes observed on a UniFi AC Mesh using OpenWrt
master and 19.07. 18.06 seems not affected from our testing.

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-27 17:56:23 +01:00
David Bauer
a3914783a3 ath10k-firmware: retrieve wave 1 firmware from kvalo
This commit changes the source of the Wave 1 ath10k-firmware
from linux-firmware to Kall Valos ath10k-firmware repository.

This is necessary as the firmware selected in linux-firmware produces
frequent crashes in some circumstances.

This patch can be removed as soon as linux-firmware carries
10.2.4-1.0-00047 firmware.

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-27 14:51:24 +01:00
Rosen Penev
cf8f9af0e0 util-linux: Disable utils requiring libpam
When the build system finds libpam, it enables building of these tools,
causing linker failures. Explicitly disable them as they are unused.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2019-10-27 14:25:30 +01:00
Jeff Kletsky
29b4f08405 ath79: uboot-envtools: Add GL-AR300M-Lite
Add the GL.iNet GL-AR300M-Lite to the list of supported boards.

Signed-off-by: Jeff Kletsky <git-commits@allycomm.com>
2019-10-24 23:06:41 +02:00
Yousong Zhou
49db2026e5 kernel: netfilter: reuse kconfig and files info from include dir
Less chance of missing out kconfig symbols at least

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-10-24 12:11:02 +00:00
Yousong Zhou
69b9f0161e toolchain: gcc: enable sanitizers for glibc toolchain
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-10-24 11:40:00 +00:00
David Bauer
7f187229a8 ipq40xx: add support for AVM FRITZ!Repeater 1200
Hardware
--------
SoC:   Qualcomm IPQ4019
RAM:   256M DDR3
FLASH: 128M NAND
WiFi:  2T2R IPQ4019 bgn
       2T2R IPQ4019 a/n/ac
ETH:   Atheros AR8033 RGMII PHY
BTN:   1x Connect (WPS)
LED:   Power (green/red/yellow)

Installation
------------

1. Grab the uboot for the Device from the 'u-boot-fritz1200'
   subdirectory. Place it in the same directory as the 'eva_ramboot.py'
   script. It is located in the 'scripts/flashing' subdirectory of the
   OpenWRT tree.

2. Assign yourself the IP address 192.168.178.10/24. Connect your
   Computer to one of the boxes LAN ports.

3. Connect Power to the Box. As soon as the LAN port of your computer
   shows link, load the U-Boot to the box using following command.

   > ./eva_ramboot.py --offset 0x85000000 192.168.178.1 uboot-fritz1200.bin

4. The U-Boot will now start. Now assign yourself the IP address
   192.168.1.70/24. Copy the OpenWRT initramfs (!) image to a TFTP
   server root directory and rename it to 'FRITZ1200.bin'.

5. The Box will now boot OpenWRT from RAM. This can take up to two
   minutes.

6. Copy the U-Boot and the OpenWRT sysupgrade (!) image to the Box using
   scp. SSH into the Box and first write the Bootloader to both previous
   kernel partitions.

   > mtd write /path/to/uboot-fritz1200.bin uboot0
   > mtd write /path/to/uboot-fritz1200.bin uboot1

7. Remove the AVM filesystem partitions to make room for our kernel +
   rootfs + overlayfs.

   > ubirmvol /dev/ubi0 --name=avm_filesys_0
   > ubirmvol /dev/ubi0 --name=avm_filesys_1

8. Flash OpenWRT peristently using sysupgrade.

   > sysupgrade -n /path/to/openwrt-sysupgrade.bin

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-23 01:17:28 +02:00
David Bauer
c0f4078164 ipq-wifi: add AVM FRITZ!Repeater 1200 bdf
Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-23 01:17:28 +02:00
David Bauer
36f43b61a7 uboot-fritz4040: update to latest HEAD
f92be9d add support for AVM FRITZ!Repeater 1200
d651302 enable support for Atheros AR8033 PHY
e4c857c add machtype override hack

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-23 01:17:28 +02:00
Hans Dedecker
bf4ffa3cbe procd: update to latest git HEAD
258aa04 procd: Add cached and available to memory table

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-10-22 21:47:34 +02:00
David Bauer
2dd1755fe4 mac80211: fix build of rtw88
This commit fixes failing builds because of an incorrect configuration
for the kmod-rtw88 package.

RTW88_8822BE as well as RTW88_8822CE have to bes selected as "y" even
when building the driver as a module.

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-22 15:16:41 +02:00
Roman Yeryomin
940844e077 base-files: uci-defaults: do config flush in one shot
Moving a file between tmpfs and other fs is neither
faster nor safer, thus no point in doing it in two steps.
Use new jshn option to write output directly to file.

Originally discussed here:
http://lists.openwrt.org/pipermail/openwrt-devel/2017-December/010127.html

Signed-off-by: Roman Yeryomin <roman@advem.lv>
2019-10-22 11:39:28 +02:00
Roman Yeryomin
c0e7ec91a0 libubox: update to latest git HEAD
eb30a03 libubox, jshn: add option to write output to a file

Signed-off-by: Roman Yeryomin <roman@advem.lv>
2019-10-22 11:38:40 +02:00
David Bauer
7a577e9a59 firmware: add Realtek RTL8822BE/RTL8822CE firmware
This commit adds packages for the Realtek RTl8822BE/RTL8822CE firmware
to be used with the rtw88 driver.

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-22 09:16:24 +02:00
David Bauer
bb84bbe8fc mac80211: add rtw88 driver
This commits adds packaging for the new RTW88 driver from Realtek.
It supports the Realtek 8822BE/8822CE PCIe wireless chips.

For operation, the complementary firmware has to be loaded.

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-22 09:16:24 +02:00
Petr Štetiar
ed67b137c7 urngd: update to latest Git head
* 40f939d57c67 Tag version 1.0.1
 * 9e758e6e6aec jitterentropy-rngd: update to version v1.1.0 + clang compile fix
 * 193586a25adc Fix wrong types in format strings used in debug build
 * d474977bb611 Add initial GitLab CI support

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-10-21 22:04:20 +02:00
John Crispin
f4aaee01fa Revert "build: separate signing logic"
This reverts commit 4a45e69d19.

This broke the buildbots

Signed-off-by: John Crispin <john@phrozen.org>
2019-10-21 16:26:24 +02:00
Paul Spooren
4a45e69d19 build: separate signing logic
This separates the options for signature creation and verification

* SIGNED_PACKAGES create Packages.sig
* SIGNED_IMAGES add ucert signature to created images
* CHECK_SIGNATURE add verification capabilities to images
* INSTALL_LOCAL_KEY add local key-build to /etc/opkg/keys

Right now the buildbot.git contains some hacks to create images that
have signature verification capabilities while not storing private keys
on buildbot slaves. This commit allows to disable these steps for the
buildbots and only perform signing on the master.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2019-10-21 14:06:42 +02:00
Tim Harvey
f4f483f3ff uboot-envtools: remove erasesize from MMC config
Erasesize doesn't belong in the u-boot env config for block devices as it is
known to be 512 byte aligned.

Signed-off-by: Tim Harvey <tharvey@gateworks.com>
2019-10-21 12:28:03 +02:00
Yousong Zhou
e8f79474c9 libpcap: build with cmake
The main motivation is to drop and stop maintaining
"100-debian_shared_lib.patch".  It lacks the logic to include custom
implementation of several functions like pcap_strlcpy() which can cause
build failures when glibc is used [2]

CAN and CAN-USB support related symbols are now handled by general linux
support, see [1]

"-ffunction-sections -fdata-sections" were removed as they should help
much for shared libraries

Size comparison before and after the change

  -rw-r--r-- 1 yunion yunion 238042 Oct 18 11:42 ipkg-x86_64/libpcap/usr/lib/libpcap.so.1

  lrwxrwxrwx 1 yunion yunion     16 Oct 18 13:03 ipkg-x86_64/libpcap/usr/lib/libpcap.so.1 -> libpcap.so.1.9.1
  -rwxr-xr-x 1 yunion yunion 229867 Oct 18 13:03 ipkg-x86_64/libpcap/usr/lib/libpcap.so.1.9.1

[1] On Linux, handle all CAN captures with pcap-linux.c, in cooked mode,
    93ca5ff703
[2] https://github.com/openwrt/packages/issues/10270

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-10-21 01:37:43 +00:00
Eneas U de Queiroz
cebf024c4d openssl: Add engine configuration to openssl.cnf
This adds engine configuration sections to openssl.cnf, with a commented
list of engines.  To enable an engine, all you have to do is uncomment
the engine line.

It also adds some useful comments to the devcrypto engine configuration
section.  Other engines currently don't have configuration commands.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2019-10-20 13:01:43 +02:00
Josef Schlehofer
9ba5cd86b8 strace: update to version 5.3
Makefile changes:
- moves PKG_MAINTAINER above PKG_LICENSE
- Change PKG_LICENSE to LGPL-2.1-or-later and correct PKG_LICENSE_FILES
- changes URL to a more appropriate one, which uses HTTPS
- adds 2 spaces as an indentation in description

Compile and run tested on Turris Omnia, mvebu

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2019-10-20 12:33:40 +02:00
leo chung
56ab58fb6c bzip2: add linker option LDFLAGS
if gcc not linker whith this LDFLAGS, "file libbz2.so.1.0.8" will
recognize as pie executable ELF file ( which should be shared object).

this because the file command version before 5.36 not recognize
correctly.

Signed-off-by: leo chung <gewalalb@gmail.com>
2019-10-19 12:49:11 +02:00
Mathew McBride
97bcbc690c kernel: add package for Epson RX-8025 and compatible I2C RTC
RX-8025 is an I2C RTC from Epson, some newer products such as the
RX-8035 are also compatible.

Signed-off-by: Mathew McBride <matt@traverse.com.au>
2019-10-19 12:49:11 +02:00
Hauke Mehrtens
e6cadb215c mac80211: Update to version 5.4-rc2
This updates mac80211 to backports based on kernel 5.4-rc2

ath10k-ct was updated to match the API changes and iw now uses the new
nl80211.h header file.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-10-19 12:35:55 +02:00
Hauke Mehrtens
67dc023f87 mac80211: Update to version 5.3.6
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-10-19 12:35:55 +02:00
Florian Eckert
c7c14aaad3 wwan: Double quote to prevent globbing and word splitting
Fix some shellcheck warnings.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
[bump PKG_RELEASE]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-10-18 19:48:41 +02:00
Florian Eckert
a78a539afd wwan: add ec25 to database
Add ec25 to database.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
[bump PKG_RELEASE]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-10-18 19:48:21 +02:00
Florian Eckert
68b1b0bb39 wwan: add mc7304 to database
Add mc7304 to database.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
[bump PKG_RELEASE]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-10-18 19:47:58 +02:00
Florian Eckert
c45c7606cc wwan: check new uci bus option on proto setup event
If system has more then one and different wwan interface (modem). Then the
wwan protohandler will always take the modem which is discovered first.
The protohandler will always setup the same interface. To fix this add a
new usb "bus" option which is associated with wwan device and so will set
the specified interface up. With this change more then one interface
could be mananged by the wwan protohandler.

If the "bus" option is not set in the uci network config then the protohandler
behaves as before the change. The protohanldler will take the first
interface which he founds.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2019-10-18 19:46:21 +02:00
Alin Nastac
ddf6ec29b4 procd: allow usage of * as procd_running() instance parameter
service_running() implementation in /etc/rc.common use it.
It is preferable to use wildcard than assuming the instance
name is the default one.

jsonfilter returns all matches when wildcards are used, hence
the -l 1 argument used to limit output to only one value.

Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
2019-10-18 19:28:11 +02:00
Lucian Cristian
91aabae895 util-linux: add more command
at least vtysh needs it for proper listing, busybox is not modular so add it here

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
2019-10-18 19:28:11 +02:00
Sean Kenny
9105057cc0 6in4: add rfc1918 check function
This is a precursor to adding proper support for multiple
6in4 tunnels with the already programmed tunlink parameter.
This is an essential sanity check so as to not break existing
and working behind NAT setups.

Signed-off-by: Sean Kenny <skenny@wfap.ca>

6in4: add myip he.net api parameter logic

This is to add proper support for multiple 6in4 tunnels
with the already programmed tunlink parameter.
As it stands before this commit, if there is a multi wan setup that
consists of dynamic ips, there is no way to use the
dynamic update feature as the he.net api is implicitly using
the ip address of the caller. This will explicitly use the
ipaddr specified in the interface config OR the ip of the
tunlink interface specified in the dynamic update api call instead
ONLY if the final resolved ipaddr variable is not an rfc1918 address.

Signed-off-by: Sean Kenny <skenny@wfap.ca>
2019-10-18 19:23:07 +02:00
Alin Nastac
d3b0459c93 lua: install luac symlink on host
Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
2019-10-18 19:23:07 +02:00
Christian Franke
d544bc84a0 lantiq: Fix fw_cutter LzmaWrapper
The destination buffer size `d_len` is passed to `lzma_inflate` as a
pointer. Therefore, it needs to be dereferenced to compare its content.

Signed-off-by: Christian Franke <nobody@nowhere.ws>
2019-10-18 13:39:34 +02:00
Bjørn Mork
07b5c59232 kernel: fix MBIM description
Signed-off-by: Bjørn Mork <bjorn@mork.no>
2019-10-17 21:40:22 +02:00
Jo-Philipp Wich
889b841048 fwtool: do not omit final 16 byte when image does not contain signature
The fwutil command will interpret the final 16 byte of a given firmware
image files as "struct fwimage_trailer".

In case these bytes do look like a valid trailer, we must ensure that we
print them out along with the remainder of the image to not accidentally
truncate non-trailer-images by 16 bytes when they're piped through fwtool,
e.g. as part of an image verification command sequence.

Some command sequences pipe images through fwtool in order to strip any
possible metadata, certificate or signature trailers and do not expect
bare images without any of that metadata to get truncated as other non-
fwtool specific metadata is expected at the end of the file, e.g. an
information block with an md5sum in case of the combined image format.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-10-17 17:07:12 +02:00
Kevin Darbyshire-Bryant
9d5e266cb1 wireguard: bump to latest snapshot 20191012
8eb8443 version: bump snapshot
be09cf5 wg-quick: android: use Binder for setting DNS on Android 10
4716f85 noise: recompare stamps after taking write lock
54db197 netlink: allow preventing creation of new peers when updating
f1b87d1 netns: add test for failing 5.3 FIB changes
a3539c4 qemu: bump default version

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-10-16 16:13:39 +01:00
Jo-Philipp Wich
bc61458b73 iwinfo: update to latest Git HEAD
07315b6 nl80211: handle hidden SSIDs in wpa_supplicant scan results
3ac846e lua: fix string description of mixed WPA3 modes

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-10-16 16:48:40 +02:00
Florian Eckert
a5ec41b0e5 mac80211: add new acs_exclude_dfs option
The channel can be selected automatically at run time by setting
channel=acs_survey or channel=0, both of which will enable the ACS survey
based algorithm in hostapd. If the option acs_exclude_dfs is set in the
hostpad config DFS channels from ACS are excluded on channel selection.

This commit will add the possibilty to exclude the dfs channel on ACS
survey.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2019-10-15 23:27:47 +02:00
Martin Schiller
71e04091a9 lantiq: fix dsl_control status handling.
Commit 7519a36774 ("base-files,procd: add generic service status")
introduced the generic 'status' command which broke the previous
dsl_control status output. To fix this, let's rename the "old" command
to "dslstat".

Fixes: 7519a36774 ("base-files,procd: add generic service status")
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2019-10-15 23:23:08 +02:00
Daniel Engberg
f351beedfd libevent2: Update to 2.1.11
Update libevent to 2.1.11
Use CMake instead GNU Autotools
Backport following commits:
f05ba67193
..and partially
7201062f3e
to fix compilation

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2019-10-15 22:35:14 +02:00
Rosen Penev
4533ba6810 lua: fix linking under glibc
Compilation of liblua itself works, but when other packages link against
it, the linker starts throwing undefined references to a bunch of math
functions in libm.

First discovered in a failed attempt to transition a package to uClibc++.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
[fix commit title capitalization]
Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-15 18:13:54 +02:00
Adrian Schmutzler
48b5d08a48 treewide: use a single ath10k MAC patching function with checksum
While all ath10k eeproms have a checksum field, so far two
functions for patching ath10k MAC address have been present (and
been used).

This merges code to provide a single function ath10k_patch_mac
in caldata.sh, having its name in accordance with ath9k functions.
By doing so, correct MAC patching for current and future ath10k
devices should be ensured.

This patch adds checksum adjustments for several targets on
ath79 and lantiq.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-10-15 18:13:54 +02:00
Koen Vandeputte
089b4f16aa gdb: bump to 8.3.1
GDB 8.3.1 brings the following fixes and enhancements over GDB 8.3:

PR c++/20020 (GDB segfault on printing objects)
PR gdb/24454 (nat/x86-linux-dregs.c failed assertion)
PR breakpoints/24541 (Incorrect evaluation of systemtap probes due to register being signed and probe expression assuming unsigned)
PR symtab/24545 (Symbol loading performance regression with cc1)
PR gdb/24592 (amd64->i386 linux syscall restart problem)
PR gdb/25009 (terminate called after throwing an instance of 'srchilite::ParserException')
PR gdb/25010 (Calls to error () can cause SIGTTOU to send gdb to the background)
PR breakpoints/25011 (Breakpoints on file reloads broken for PIE binaries)

This corrective release also brings the following testsuite fixes and
enhancements:

PR testsuite/25005 (gdb-caching-proc.exp takes a lot of time on skip_opencl_tests)
PR testsuite/25016 (Test-case failures for -pie)

GDB 8.3 includes the following changes and enhancements:

* Support for new native configurations (also available as a target configuration):
     - RISC-V GNU/Linux (riscv*-*-linux*)
     - RISC-V FreeBSD (riscv*-*-freebsd*)

* Support for new target configurations:
     - CSKY ELF (csky*-*-elf)
     - CSKY GNU/Linux (csky*-*-linux)
     - NXP S12Z ELF (s12z-*-elf)
     - OpenRISC GNU/Linux (or1k*-*-linux*)

* Native Windows debugging is only supported on Windows XP or later.

* The Python API in GDB now requires Python 2.6 or later.

* GDB now supports terminal styling for the CLI and TUI.
  Source highlighting is also supported by building GDB with GNU
  Highlight.

* Experimental support for compilation and injection of C++ source
  code into the inferior (requires GCC 7.1 or higher, built with
  libcp1.so).

* GDB and GDBserver now support IPv6 connections.

* Target description support on RISC-V targets.

* Various enhancements to several commands:
     - "frame", "select-frame" and "info frame" commands
     - "info functions", "info types", "info variables"
     - "info thread"
     - "info proc"
     - System call alias catchpoint support on FreeBSD
     - "target remote" support for Unix Domain sockets.

* Support for displaying all files opened by a process

* DWARF index cache: GDB can now automatically save indices of DWARF
  symbols on disk to speed up further loading of the same binaries.

* Various GDB/MI enhancements.

* GDBserver on PowerPC GNU/Linux now supports access to the PPR,
  DSCR, TAR, EBB/PMU, and HTM registers.

* Ada task switching support when debugging programs built with
  the Ravenscar profile added to aarch64-elf.

* GDB in batch mode now exits with status 1 if the last executed
  command failed.

* Support for building GDB with GCC's Undefined Behavior Sanitizer.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-15 16:11:28 +02:00
Jo-Philipp Wich
57b834281b iwinfo: update to latest Git HEAD
a29b7d4 nl80211: align path to phy mapping logic with mac80211.sh

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-10-15 15:52:01 +02:00
Hans Dedecker
34c4741da0 odhcpd: update to latest git HEAD
9a4531a ndp: fix endian issue

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-10-14 21:35:09 +02:00
Adrian Schmutzler
2c60de0e3f treewide: move MAC address patch functions to common library
This unifies MAC address patch functions and moves them to a
common script. While those were implemented differently for
different targets, they all seem to do the same. The number of
different variants is significantly reduced by this patch.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-10-14 12:36:02 +02:00
Adrian Schmutzler
5b6a809092 treewide: move calibration data extraction function to library
This moves the almost identical calibration data extraction
functions present multiple times in several targets to a single
library file /lib/functions/caldata.sh.

Functions are renamed with more generic names to merge different
variants that only differ in their names.

Most of the targets used find_mtd_chardev, while some used
find_mtd_part inside the extraction code. To merge them, the more
abundant version with find_mtd_chardev is used in the common code.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
[rebase on latest master; add mpc85xx]
Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-13 21:48:58 +02:00
Adrian Schmutzler
c1388a2deb base-files: move xor() from caldata extraction to functions.sh
The xor() function is defined in each of the caldata extraction
scripts for several targets. Move it to functions.sh to reduce
duplicate code.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-10-13 19:03:57 +02:00
Stijn Tintel
4b9a07336a kernel: add kmod-iio-bme680
This driver supports the Bosch Sensortec BME680 gas, humidity, pressure
and temperature sensor.

Tested I2C and SPI modes on a Raspberry Pi Zero W.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2019-10-13 13:08:04 +03:00
Ali MJ Al-Nasrawy
10f5eb0398 trelay: log "started" and "stopped"
It is informative especially when using multiple device pairs.

Signed-off-by: Ali MJ Al-Nasrawy <alimjalnasrawy@gmail.com>
2019-10-12 23:51:29 +02:00
Ali MJ Al-Nasrawy
c2635b871d trelay: fix deadlock on remove
Upon writing to "remove" file, debugfs_remove_recursive() blocks while
holding rtnl_lock. This is because debugfs' file_ops callbacks are
executed in debugfs_use_file_*() context which prevents file removal.

Fix this by only flagging the device for removal and then do the cleanup
in file_ops.release callback which is executed out of that context.

Signed-off-by: Ali MJ Al-Nasrawy <alimjalnasrawy@gmail.com>
2019-10-12 23:51:29 +02:00
Ali MJ Al-Nasrawy
77cfc0739d trelay: handle netdevice events correctly
Since v3.11, netdevice notification data are of type
"struct netdev_notifier_info". Handle it as such!

This should fix a critical bug in which devices are unable get released
because trelay does not release resources in response to UNREGISTER
event spamming the log with something like:

unregister_netdevice: waiting for eth0.1 to become free. Usage count = 1

Signed-off-by: Ali MJ Al-Nasrawy <alimjalnasrawy@gmail.com>
2019-10-12 23:51:29 +02:00
Ruixi Zhou
b30e481b6c kernel: NFSD: add dependency kmod-crypto-arc4 for kmod-fs-nfs-common-rpcsec
crypto-arc4 move into a module with commit c3a78955f3,
fs-nfs-common-rpcsec compile error without arc4 support.

Ref: https://github.com/openwrt/packages/issues/9912

Fixes: c3a78955f3 ("kernel: move crypto-arc4 into a module")
Signed-off-by: Ruixi Zhou <zhouruixi@gmail.com>
2019-10-12 23:51:08 +02:00
Val Kulkov
b10a453367 base-files: coreutil-date breaks setting kernel timezone
"coreutil-date" package from the packages feed replaces the Busybox date
applet by symlinking /usr/bin/gnu-date to /bin/date. This prevents the system
init script from setting kernel timezone because the GNU date utility does not
provide such functionality:

   root@OpenWrt:~# date -k
   date: invalid option -- 'k'
   Try 'date --help' for more information.

A specific reference to the Busybox date applet prevents alternative date
utilities from breaking the system init script.

Signed-off-by: Val Kulkov <val.kulkov@gmail.com>
2019-10-12 23:43:08 +02:00
Eneas U de Queiroz
ee5a3f6d60 hostapd: adjust to removal of WOLFSSL_HAS_AES_GCM
WolfSSL is always built with AES-GCM support now.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2019-10-12 23:43:08 +02:00
Rosen Penev
6ab386c9bc uClibc++: Fix three bugs
The first allows usage of several functions in the std namespace, which
broke compilation of gddrescue specifically with uClibc-ng and uClibc++.

The second allows usage of long long with normal C++11, which is part of
the standard. Before, std=gnu++11 needed to be passsed to work around it.

As a result of the second patch, the pedantic patch can safely be removed.

Both patches are upstream backports.

Added -std=c++11 to CFLAGS to guarentee proper inclusion of long long.

Added another patch that fixes a typo with the long long support. Sent to
upstream.

Fixed up license information according to SPDX.

Small cleanups for consistency.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2019-10-12 23:43:08 +02:00
Sungbo Eo
9f73fad359 kernel: fix typos in video KernelPackage description
Fixes: 4b3d17b709 ("kernel: add kmod-fb-sys-ram")
Fixes: b774acb479 ("package/modules: add missing gspca video drivers for 2.6.32 (patch from #6595)")

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2019-10-12 23:37:00 +02:00
Sungbo Eo
60acddc960 uboot-oxnas: remove unnecessary execute permission bit
.c files do not need to be executable. 644 is enough.

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2019-10-12 23:37:00 +02:00
DENG Qingfang
394273c066 tcpdump: update to 4.9.3
Fixed CVEs:
	CVE-2017-16808
	CVE-2018-10103
	CVE-2018-10105
	CVE-2018-14461
	CVE-2018-14462
	CVE-2018-14463
	CVE-2018-14464
	CVE-2018-14465
	CVE-2018-14466
	CVE-2018-14467
	CVE-2018-14468
	CVE-2018-14469
	CVE-2018-14470
	CVE-2018-14879
	CVE-2018-14880
	CVE-2018-14881
	CVE-2018-14882
	CVE-2018-16227
	CVE-2018-16228
	CVE-2018-16229
	CVE-2018-16230
	CVE-2018-16300
	CVE-2018-16301
	CVE-2018-16451
	CVE-2018-16452
	CVE-2019-15166
	CVE-2019-15167

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2019-10-12 23:37:00 +02:00
DENG Qingfang
44f11353de libpcap: update to 1.9.1
Fixed CVEs:
	CVE-2018-16301
	CVE-2019-15161
	CVE-2019-15162
	CVE-2019-15163
	CVE-2019-15164
	CVE-2019-15165

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2019-10-12 23:37:00 +02:00
Hauke Mehrtens
9caa86fba5 kernel: kmod-rtc-pcf2127: Fix dependencies
Add missing dependencies to i2c-core and regmap-spi. These get activated
when these modules are build in this driver, which is the case when we
build all modules. This fixes the build on some targets. This was found
by the buildbot.

Fixes: 34e2526f9f ("kernel: add kmod-rtc-pcf2127")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-10-12 22:36:23 +02:00
Petr Štetiar
36c6f4a011 libnl-tiny: fix package mirror hash
Current hash doesn't match with the content of the source tarball.

Fixes: a92f74ba8d ("libnl-tiny: move source code into separate Git repository")
Reported-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-10-11 22:48:06 +02:00
Felix Fietkau
7a8bcf36c7 mt76: update to the latest version
71c2ef0420b5 mt76: fix aggregation stop issue
5b02a078d4a7 mt76: add missing locking around ampdu action
7d8764d320cf mt76: avoid enabling interrupt if NAPI poll is still pending
d94cc81d3980 mt76: drop rcu read lock in mt76_rx_aggr_stop
c11a4ad06d9d mt76: mt76x0: eeprom: add support for MAC address from OF
01642d8bed33 mt76: mt76x02: fix use-after-free in tx status code handling airtime
391e1488f885 mt76: add sanity check for a-mpdu rx wcid index
d3a589586d1b mt76: fix a-mpdu boundary detection issue for airtime reporting

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-10-10 23:10:01 +02:00
Hans Dedecker
f8b58757d0 ppp: update to version 2.4.7.git-2019-10-04
0d004db Revert "pppd: Include time.h before using time_t"
e400854 pppdump: Eliminate printf format warning by using %zd
7f2f0de pppd: Refactor setjmp/longjmp with pipe pair in event wait loop
4e71317 make: Avoid using host include for cross-compiling
3202f89 pppoe: Remove the use of cdefs
d8e8d7a pppd: Remove unused rcsid variables
486f854 pppd: Fix GLIBC version test for non-glibc toolchains
b6cd558 pppd: Include time.h before using time_t
ef8ec11 radius: Fix compiler warning
f6330ec magic: Remove K&R style of arguments
347904e Add Submitting-patches.md

Remove patches 130-no_cdefs_h.patch, 131-missing_prototype_macro.patch,
132-fix_linux_includes.patch as fixed upstream
Refresh patches

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-10-10 22:37:10 +02:00
Stefan Lippers-Hollmann
f690b6f472 mac80211: fix scan when operating on DFS channels in ETSI domains
In non-ETSI regulatory domains scan is blocked when operating channel
is a DFS channel. For ETSI, however, once DFS channel is marked as
available after the CAC, this channel will remain available (for some
time) even after leaving this channel.

Therefore a scan can be done without any impact on the availability
of the DFS channel as no new CAC is required after the scan.

Enable scan in mac80211 in these cases.

Signed-off-by: Aaron Komisar <aaron.komisar@tandemg.com>
Link: https://lore.kernel.org/r/1570024728-17284-1-git-send-email-aaron.komisar@tandemg.com
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
2019-10-09 21:00:02 +02:00
Klaus Kudielka
3a4f587c46 base-files: upgrade: add case to export_bootdevice
The factory uboot of the Turris Omnia boots with "root=b301", and we
instruct new users to sysupgrade from there (e.g. method 1, step 7).
Currently, this will fail with "Unable to determine upgrade device".
Add a new case to export_bootdevice, which parses the hex argument.

Fixes commit 2e5a0b81 ("mvebu: sysupgrade: sdcard: keep user added ...")

Signed-off-by: Klaus Kudielka <klaus.kudielka@gmail.com>
2019-10-09 21:00:02 +02:00
Paul Spooren
a9e4e595e1 openssl: add gcc-8 -ffile-prefix-map filter
gcc-8 switch -ffile-prefix-map helps a lot with reproducible build paths
in the resulting binaries.

Ref: https://reproducible-builds.org/docs/build-path/
Signed-off-by: Paul Spooren <mail@aparcar.org>
[refactored into separate commit]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-10-09 09:13:44 +02:00
Petr Štetiar
a92f74ba8d libnl-tiny: move source code into separate Git repository
In order to make the source code usable and testable separately out of
buildroot.

Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Jo-Philipp Wich <jo@mein.io>
Acked-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-10-09 09:13:44 +02:00
Felix Fietkau
9c033242b1 mac80211: add an improved moving average algorithm to minstrel
Improves rate control responsiveness and performance

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-10-08 19:34:45 +02:00
David Bauer
97c37f8dd0 mac80211: ath10k: fix latency issue for QCA988x
This backport fixes high latency (>100ms) on the WiFi link when using a
QCA988x Wave 1 radio. The ath10k-ct driver is not affected by this bug
from my testing, hence why it hasn't been discovered earlier.

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-06 21:28:49 +02:00
Robert Marko
34e2526f9f kernel: add kmod-rtc-pcf2127
Add kernel module to support NXP PCF2127 and PCF2129 RTC clocks.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2019-10-06 21:26:11 +02:00
Hans Dedecker
27bf8abe69 firewall: update to latest git HEAD
daed0cf utils: fix resource leak

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-10-04 20:42:26 +02:00
Hans Dedecker
1ed5c1b146 odhcpd: update to latest git HEAD
e76ad06 netlink: fix potential infinite loops

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-10-04 20:42:17 +02:00
Hauke Mehrtens
9a4fb78e7c iw: Update to version 5.3
Wifi HE (ieee80211ax) parsing is currently only activated in the full
version because it increases the compressed size by 2.5KBytes.

This also activates link time optimization (LTO) again, the problem was
fixed upstream

This increases the uncompressed binary size of iw-tiny by about 1.7%

old:
34446 iw_5.0.1-1_mipsel_24kc.ipk
new:
35064 iw_5.3-1_mipsel_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-10-03 17:59:19 +02:00
Felix Fietkau
9f07d1519c grub2: fix a build regression on non-linux systems
Merge an upstream commit to correct a missing rename in generic code

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-10-02 13:16:21 +02:00
Daniel Golle
0714a11bee mac80211: rt2x00: backport 'rt2x00: initialize last_reset'
https://patchwork.kernel.org/patch/11161981/
--
From: Stanislaw Gruszka <sgruszka@redhat.com>
Subject: [PATCH] rt2x00: initialize last_reset

Initialize last_reset variable to INITIAL_JIFFIES, otherwise it is not
possible to test H/W reset for first 5 minutes of system run.

Fixes: e403fa31ed71 ("rt2x00: add restart hw")
Reported-and-tested-by: Jonathan Liu <net147@gmail.com>
Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
--

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-10-01 15:54:53 +02:00
Hans Dedecker
6077cde98a ethtool: bump to 5.3
76c4682 Release version 5.3.
3870efc ethtool: dump nested registers
7c06fa8 gitignore: ignore vim swapfiles and patches
49d1401 ethtool: igb: dump RR2DCDELAY register

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-09-30 21:53:35 +02:00
Jo-Philipp Wich
f2b9181bb1 iwinfo: update to latest Git HEAD
2a95086 nl80211: recognize SAE encrypted mesh

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-09-30 12:44:13 +02:00
Felix Fietkau
fca9b5e4fb mt76: update to the latest version
0167bfa7b277 mt76: make mt76_rx_convert static
1d2acd5639d7 mt76: mt76x0: remove redundant chandef copy
496c78e4f0d3 mt76: mt76x0: remove unneeded return value on set channel
67973788f47f mt76: mt7615: introduce mt7615_txwi_to_txp utility routine
c7f82146ef96 mt76: mt7615: add support to read temperature from mcu
e07407ac1279 mt7603: fix build with CONFIG_KERNEL_DYNAMIC_DEBUG=y
8739f87e9aeb mt76: mt7615: fix control frame rx in monitor mode
9c5df3cb6a6d mt76: remove aggr_work field from struct mt76_wcid
0efbc5d1c271 mt76: use cancel_delayed_work_sync in mt76_rx_aggr_shutdown
0308d75f28e4 mt76: remove empty flag in mt76_txq_schedule_list
a20c20bbe88d mt76: usb: add lockdep_assert_held in __mt76u_vendor_request
b140512e73bf mt76: mt76x0e: make array mt76x0_chan_map static const, makes object smaller
63e815254075 mt76: mt7615: enable SCS by default
f3792b550fdb mt76: mt76x02: move mac_reset_counter in mt76x02_lib module
0355b7ae2b05 mt76: mt76x2: move mt76x02_mac_reset_counters in mt76x02_mac_start
c39488772d6b mt76: mt76x0u: reset counter starting the device
0b01aceeeff8 mt76: mt76x02u: move mt76x02u_mac_start in mt76x02-usb module
fbc59e64396e mt76: move queue debugfs entry to driver specific code
1118b5ea76be mt76: mt7615: add queue entry in debugfs
23e8aed3ac99 mt76: move aggr_stats array in mt76_dev
696c0fc5516a mt76: mt7615: collect aggregation stats
081926aa7b27 mt76: mt7603: collect aggregation stats
ea3ab68c7589 mt76: mt7615: fix mt7615 firmware path definitions
1ddcadb72e96 mt76: mt7603: remove q_rx field from struct mt7603_dev
202776352b0a mt76: report rx a-mpdu subframe status
b0429879eab2 mt76: rename mt76_driver_ops txwi_flags to drv_flags and include tx aligned4
a1d6891501a1 mt76: store current channel survey_state in struct mt76_dev
f34b1ae42cd0 mt76: track rx airtime for airtime fairness and survey
ee310307ad42 mt76: mt7603: track tx airtime for airtime fairness and survey
fdf0163fd101 mt76: mt7603: switch to a different counter for survey busy time
de118bb403d1 mt76: unify channel survey update code
3429cc7d36da mt76: mt76x02: move MT_CH_TIME_CFG init to mt76x02_mac_cc_reset
0e5050ee799c mt76: mt76x02: track approximate tx airtime for airtime fairness and survey
028071d9594c mt76: mt7615: report tx_time, bss_rx and busy time to mac80211
d91f7c1bcdf7 mt76: mt7615: fix survey channel busy time
2579122ba209 mt76: mt7615: introduce mt7615_mac_wtbl_update routine
81f2be0c459f mt76: mt7615: track tx/rx airtime for airtime fairness
e7199f944793 mt76: enable airtime fairness
8f22de061129 mt76: do not use devm API for led classdev
6f7d0f503d10 mt76: fix use-after-free bug in airtime fairness code

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-09-29 22:16:27 +02:00
Felix Fietkau
d25cc3207d iw: add patch to include local BSS rx time in survey information
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-09-29 22:16:27 +02:00
Felix Fietkau
6a3739dc42 mac80211: add patch to include local BSS rx time in survey information
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-09-29 22:16:27 +02:00
DENG Qingfang
eddbd68b6d iproute2: update to 5.3.0
Update iproute2 to 5.3.0

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2019-09-28 21:26:53 +02:00
Brandy Krueger
1fe1a200d9 wireguard: bump to 0.0.20190913
Changes since 0.0.20190702:

define conversion constants for ancient kernels
android: refactor and add incoming allow rules
enforce that unused bits of flags are zero
immediately rekey all peers after changing device private key
support running in OpenVZ environments
do not run bc on clean target
skip peers with invalid keys
account for upstream configuration maze changes
openbsd: fix alternate routing table syntax
account for android-4.9 backport of addr_gen_mode
don't fail down when using systemd-resolved
allow specifying kernel release
enforce named pipe ownership and use protected prefix
work around ubuntu breakage
support newer PaX
don't rewrite siphash when it's from compat
squelch warnings for stack limit on broken kernel configs
support rhel/centos 7.7

Signed-off-by: Brandy Krueger <krueger.brandy24@gmail.com>
2019-09-28 21:01:53 +02:00
David Bauer
af63436d2d uboot-fritz4040: update to 2019-09-07
572ff7f fritzcreator: actually add checksum spacer
6edce1a fritzcreator: replace obscure padding generation with something more portable
2ff189f add ASUS RT-AC58U "easy install" factory u-boot shim
b91f9c2 readd spi-nand support
486ae53 improve cmd_sysupgrade
b0933f1 replace sstrip with strip
882e48a do not include generated files into git
0c5aa5f fix bugs in ipq40xx_cdp.c

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-09-25 22:42:03 +02:00
Jo-Philipp Wich
ced4c0e635 iwinfo: update to latest Git HEAD
313e827 nl80211: keep awaiting wpa_supplicant scan results on busy response
a766751 nl80211: fix parsing of mixed wpa encryption in wpa_supp scan results
f096bfd utils: support parsing SAE and OWE key management suites from IEs

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-09-22 18:58:50 +02:00
Hauke Mehrtens
49cc712b44 hostapd: Add mesh support for wpad full
This increases the size of the binary slightly:

old:
427722 wpad-wolfssl_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk
431696 wpad-openssl_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk

new:
442109 wpad-wolfssl_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk
445997 wpad-openssl_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-09-22 17:39:51 +02:00
Hauke Mehrtens
998686364d hostapd: use getrandom syscall
hostapd will not use the getrandom() syscall and as a fallback use
/dev/random, the syscall is supported since Linux 3.17 and in the musl,
glibc and uclibc version used by OpenWrt.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-09-22 17:39:51 +02:00
Hauke Mehrtens
0d86bf518a hostapd: Remove unneeded patch
All the content of this function is proceeded by IEEE8021X_EAPOL no code
accesses the ssid variable outside of this ifdef.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-09-22 17:39:51 +02:00
Hauke Mehrtens
9b4a27455c hostapd: use config option CONFIG_NO_LINUX_PACKET_SOCKET_WAR
Instead of patching the workaround away, just use the config option.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-09-22 17:39:51 +02:00
Hauke Mehrtens
167028b750 hostapd: Update to version 2.9 (2019-08-08)
The size of the ipkgs increase a bit (between 0.7% and 1.1%):

old 2019-04-21 (2.8):
288264 wpad-basic_2019-04-21-63962824-1_mipsel_24kc.ipk
256188 wpad-mini_2019-04-21-63962824-1_mipsel_24kc.ipk
427475 wpad-openssl_2019-04-21-63962824-1_mipsel_24kc.ipk
423071 wpad-wolfssl_2019-04-21-63962824-1_mipsel_24kc.ipk

new 2019-08-08 (2.9):
290217 wpad-basic_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk
258745 wpad-mini_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk
431732 wpad-openssl_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk
427641 wpad-wolfssl_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-09-22 17:39:38 +02:00
Hauke Mehrtens
8af79550e6 hostapd: Update to version 2.8 (2019-04-21)
This also syncs the configuration files with the default configuration
files, but no extra options are activated or deactivated.

The mesh patches were partially merged into hostapd 2.8, the remaining
patches were extracted from patchwork and are now applied by OpenWrt.
The patches still have open questions which are not fixed by the author.
They were taken from this page:
https://patchwork.ozlabs.org/project/hostap/list/?series=62725&state=*

The changes in 007-mesh-apply-channel-attributes-before-running-Mesh.patch
where first applied to hostapd, but later reverted in hostapd commit
3e949655ccc5 because they caused memory leaks.

The size of the ipkgs increase a bit (between 1.3% and 2.3%):

old 2018-12-02 (2.7):
283337 wpad-basic_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk
252857 wpad-mini_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk
417473 wpad-openssl_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk
415105 wpad-wolfssl_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk

new 2019-04-21 (2.8):
288264 wpad-basic_2019-04-21-63962824-1_mipsel_24kc.ipk
256188 wpad-mini_2019-04-21-63962824-1_mipsel_24kc.ipk
427475 wpad-openssl_2019-04-21-63962824-1_mipsel_24kc.ipk
423071 wpad-wolfssl_2019-04-21-63962824-1_mipsel_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
2019-09-22 17:39:26 +02:00
Daniel Golle
4fc0a61ed3 ltq-vdsl-fw: update firmware filename and download URL
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-09-21 15:12:45 +02:00
Jo-Philipp Wich
2a603cfcfc rpcd: update to latest Git HEAD
95f0973 file: increase minimum read buffer size to 4096 bytes

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-09-21 15:04:18 +02:00
Hauke Mehrtens
81e93fff7d usign: update to latest Git HEAD
f34a383 main: fix some resource leaks

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-09-21 01:12:35 +02:00
Hauke Mehrtens
541a321070 fstools: update to latest Git HEAD
4327ed4 mkdev: Avoid out of bounds read
9b3eb63 libblkid-tiny: use blkid_probe_set_utf8label for label set
c9d0462 libblkid-tiny: adds blkid_probe_set_utf8label support

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-09-21 01:12:35 +02:00
Hauke Mehrtens
a700b5353a procd: update to the latest git HEAD
8e9fb51 procd: Switch to nanosleep
c844ace system: Fix possible integer overflows

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-09-21 01:12:35 +02:00