The following patch was integrated upstream:
* target/linux/generic/backport-4.9/500-ext4-fix-check-to-prevent-initializing-reserved-inod.patch
This fixes tries to work around the following security problems:
* CVE-2018-3620 L1 Terminal Fault OS, SMM related aspects
* CVE-2018-3646 L1 Terminal Fault Virtualization related aspects
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The following patches were integrated upstream:
* target/linux/ipq40xx/patches-4.14/050-0006-mtd-nand-qcom-Add-a-NULL-check-for-devm_kasprintf.patch
* target/linux/mediatek/patches-4.14/0177-phy-phy-mtk-tphy-use-auto-instead-of-force-to-bypass.patch
This fixes tries to work around the following security problems:
* CVE-2018-3620 L1 Terminal Fault OS, SMM related aspects
* CVE-2018-3646 L1 Terminal Fault Virtualization related aspects
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
In "brcm47xx: rework model detection" the file 01_detect was moved
to 01_network, therefore also update the warning message in case
everything fails.
Signed-off-by: Paul Wassi <p.wassi@gmx.at>
The flash size of the ubnt2 and ubnt5 is limited and the images with
LuCI are getting too big for these boards. Do not build images for these
boards to make the complete build of this target not fail anymore.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The kernel image of the at91-q5xr5 is getting too bing now and this is
breaking the build. Remove the image for the at91-q5xr5 from the build
to at least build images for the other devices.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
They're already in linux.git, so they shouldn't be in pending.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 14b6c72541)
The previous round of fixes for the 82574 chip cause an issue with
emulated e1000e devices in VMware ESXi 6.5. It also contains changes
that are not strictly necessary. These patches fix the issues introduced
in the previous series, revert the unnecessary changes to avoid
unforeseen fallout, and avoid a case where interrupts can be missed.
The final two patches of this series are already in the kernel, so no
need to include them here.
Patchwork: https://patchwork.ozlabs.org/cover/881776/
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit ef025e6417)
Backport an upstream fix for a remotely exploitable TCP denial of service
flaw in Linux 4.9+.
The fixes are included in Linux 4.14.59 and later but did not yet end up in
version 4.9.118.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit fefe1da440)
Refreshed all patches.
Compile-tested on: ar71xx
Runtime-tested on: ar71xx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(backported from commit f7036a34ac)
In boards with fdt is impossible to use kmod-w1-gpio-custom.
w1-gpio-custom create platform structure for w1-gpio module,
but if board use fdt, data is ignored in w1-gpio probe.
This workaround fix the problem.
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
(cherry picked from commit aa5838adb7)
Add two patches submitted for upstream review that significantly improve
the dwc2 driver on openwrt from kernel stability and performance
perspectives.
Fixes: FS#1367
Signed-off-by: Antti Seppälä <a.seppala@gmail.com>
(cherry picked from commit 9f451ec698)
This reverts commit b40316c21a.
That change causes ramips/mt7620 to fail with:
drivers/net/ethernet/mtk/gsw_mt7620.c: In function 'mt7620_hw_init':
drivers/net/ethernet/mtk/gsw_mt7620.c:171:14: error: 'mdio_mode' undeclared (first use in this function); did you mean 'd_move'?
} else if (!mdio_mode) {
^~~~~~~~~
d_move
Back it out for now to restore compilation.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
In 4.14.57, a new symbol for Spectre v4 mitigation was introduced for
ARM64. Add this symbol to all ARM64 targets using kernel 4.14.
This mitigates CVE-2018-3639 on ARM64.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 77e3e706ce)
To share mdio addr for IntPHY and ExtPHY,
as described in the documentation (MT7620_ProgrammingGuide.pdf).
(refer: http://download.villagetelco.org/hardware/MT7620/MT7620_ProgrammingGuide.pdf)
when port4 setup to work as gmac mode, dts like:
&gsw {
mediatek,port4 = "gmac";
};
we should set SYSCFG1.GE2_MODE==0x0 (RGMII).
but SYSCFG1.GE2_MODE may have been set to 3(RJ-45) by uboot/default
so we need to re-set it to 0x0
before this changes:
gsw: 4FE + 2GE may not work correctly and MDIO addr 4 cannot be used by ExtPHY
after this changes:
gsw: 4FE + 2GE works and MDIO addr 4 can be used by ExtPHY
Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
(cherry picked from commit f6d81e2fa1)
When PHY's are defined on the MDIO bus in the DTS, gigabit support was
being masked out for no apparent reason, pegging all such ports to 10/100.
If gigabit support must be disabled for some reason, there should be a
"max-speed" property in the DTS.
Reported-by: James McKenzie <openwrt@madingley.org>
Signed-off-by: Daniel Gimpelevich <daniel@gimpelevich.san-francisco.ca.us>
(cherry picked from commit 379fe50672)
* Refreshed patches.
* Removed patches:
- target/linux/ar71xx/patches-4.9/103-MIPS-ath79-fix-register-address-in-ath79_ddr_wb_flus.patch superseded by upstream
- target/linux/ar71xx/patches-4.9/403-mtd_fix_cfi_cmdset_0002_status_check.patch superseded by upstream
- target/linux/brcm63xx/patches-4.9/001-4.11-01-mtd-m25p80-consider-max-message-size-in-m25p80_read.patch accepted upstream
- target/linux/brcm63xx/patches-4.9/001-4.15-08-bcm63xx_enet-correct-clock-usage.patch accepted upstream
- target/linux/brcm63xx/patches-4.9/001-4.15-09-bcm63xx_enet-do-not-write-to-random-DMA-channel-on-B.patch accepted upstream
- target/linux/generic/pending-4.9/900-gen_stats-fix-netlink-stats-padding.patch
* New backported patch to address ext4 breakage, introduced in 4.9.112:
- backport-4.9/500-ext4-fix-check-to-prevent-initializing-reserved-inod.patch
Also add ARM64_SSBD symbol to ARM64 targets still running kernel 4.9
Thanks to Koen Vandeputte for pointing out the need to add the ARM64_SSBD symbol, and the ext4 patch.
Compile-tested on: ar71xx
Run-tested on: ar71xx
Signed-off-by: Stijn Segers <foss@volatilesystems.org>
The Linux headers on arm64 architectures contain references to common
arch/arm/ headers which were not bundled by the SDK so far.
Check if we're packing the SDK for an arm64 target and if we do, also
include arch/arm headers as well.
Fixes FS#1725.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 4bb8a678e0)
Bundle the usbip utility sources shipped with the Linux kernel tree in
order to allow the usbip packages from the package feed to build within
the OpenWrt SDK.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit d0e0b7049f)
This includes Linksys EA9500 support, BCM53573 timer fix and
upstream-ready partitions patch that replaces two downstream hacks.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit a07730472c)
USB 3.0 PHY is attached to the MDIO bus and should be supported
(accessed) as a MDIO device. This wasn't known initially which resulted
in writing driver that was working with MDIO bus (using some magic
values) without knowing it.
This commit updates DT to properly describe MDIO & USB 3.0 PHY and
enables required kernel drivers.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 8a175ea219)
This is a new & warm feature that allows nesting partiitons in DT and
mixing their types (e.g. static vs. dynamic). It's very useful for
boards that have most partitions static but some of them require extra
parsing (e.g. a "firmware" partition).
It's required to successfully backport support for new devices using
that new syntax in their DT files.
Since brcm63xx has a custom alternative patch the upstream one is being
reverted for it. The plan is to make brcm63xx use the upstream
implementation.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 2a598bbaa3)
Two tiny & trivial patches with no regression risk. One simplifies
bcm53xx downstream patch.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 6bcafea2c0)
The 666-Add-support-for-MAP-E-FMRs-mesh-mode.patch kernel patches
break the possibility for using an ip4ip6 tunnel interface as a fall
back interface accepting ip4-in-ip6 tunneled packets from any remote
address. This works out of the box with any normal (non-666-patched)
kernel and can be configured by setting up an 'ip -6 tunnel' with type
'any' or 'ip4ip6' and a remote address of '::'.
The misbehavior comes with line 290 the patch which discards all packets
that do not show the expected saddr, even if no single fmr rule was
defined and despite the validity of the saddr was already approved earlier.
Signed-off-by: Axel Neumann <neumann@cgws.de>
Acked-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from 65c05301c2)
AT803X_REG_CHIP_CONFIG and AT803X_BT_BX_REG_SEL have been defined
upstream by commit f62265b53ef3 ("at803x: double check SGMII side autoneg")
An existing local patch then added those exact same defines again which
isn't necessary, so remove them.
Fixes: f791fb4af4 ("kernel: add linux 4.9 support")
Fixes: b3f95490b9 ("kernel: generic: Add kernel 4.14 support")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 67fcff6aaf)
The patch was wrongly removed by a kernel version bump to 4.9.106 in
the believe that it was merged upstream thow it wasn't. This lead to
unrecoverable link losses on devices which use those PHYs such as
many ubnt single-port CPEs.
Fixes: 6f8eb1b50f ("kernel: bump 4.9 to 4.9.106 for 18.06")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit a497e47762)
This reverts commit 3442ec5d57.
The device behaviour is reportedly erratic so let's not take chances and
leave this out for now.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Tested with 18.06.0-rc2/ar71xx/generic/tl-wdr4300-v1, image & list
This PR is based on the work of @fewckert[1] with slight improvements.
Add function `manifest` to show the manifest of the produced image,
before actually building it. The manifest contains an orderd list of
package name and version.
This is usefull to check package dependencies but also determine a
unique and reproducible image name before building the package. The
sysupgrade server[2] builds images on request with individual package
selection. To distignish between created images which contain differnt
packages, the EXTRA_IMAGE_NAME is set to a shortend hash of the
manifest's content. So far the image was renamed afterwards as the
manifests content was unknown, however this corrupts the signed
sha256sums. This patch allows a clean solution as to dtermine the
manifest in advance and set the EXTRA_IMAGE_NAME accordingly.
[1]: https://github.com/lede-project/source/pull/1591
[2]: https://github.com/aparcar/attendedsysupgrade-server
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry-picked from commit 869b0d11db)
Qxwlan E750G v8 is based on Qualcomm QCA9344.
Specification:
- 560/450/225 MHz (CPU/DDR/AHB)
- 128 MB of RAM (DDR2)
- 8/16 MB of FLASH (SPI NOR)
- 2T2R 2.4G GHz (AR9344)
- 2x 10/100 Mbps Ethernet (PoE support)
- 2x 10/100/1000 Mbps Ethernet
- 7x LED (6 driven by GPIO)
- 1x button (reset)
- 1x DC jack for main power input (9-48 V)
- UART (J23) and LEDs (J2) headers on PCB
Flash instruction (using U-Boot CLI and tftp server):
- Configure PC with static IP 192.168.1.10 and tftp server.
- Rename "sysupgrade" filename to "firmware.bin" and place it in tftp
server directory.
- Connect PC with one of RJ45 ports, power up the board and press
"enter" key to access U-Boot CLI.
- Use the following command to update the device to OpenWrt: "run lfw".
Flash instruction (using U-Boot web-based recovery):
- Configure PC with static IP 192.168.1.xxx(2-254)/24.
- Connect PC with one of RJ45 ports, press the reset button, power up
the board and keep button pressed for around 6-7 seconds, until LEDs
start flashing.
- Open your browser and enter 192.168.1.1, select "sysupgrade" image
and click the upgrade button.
Signed-off-by: 张鹏 <sd20@qxwlan.com>
(cherry picked from commit 53a4502013)
Qxwlan E750A v4 is based on Qualcomm QCA9344.
Specification:
- 560/450/225 MHz (CPU/DDR/AHB)
- 128 MB of RAM (DDR2)
- 8/16 MB of FLASH (SPI NOR)
- 2T2R 5G GHz (AR9344)
- 2x 10/100 Mbps Ethernet (one port with PoE support)
- 1x miniPCIe slot (USB 2.0 bus only)
- 7x LED (6 driven by GPIO)
- 1x button (reset)
- 1x DC jack for main power input (9-48 V)
- UART (J23) and LEDs (J2) headers on PCB
Flash instruction (using U-Boot CLI and tftp server):
- Configure PC with static IP 192.168.1.10 and tftp server.
- Rename "sysupgrade" filename to "firmware.bin" and place it in tftp
server directory.
- Connect PC with one of RJ45 ports, power up the board and press
"enter" key to access U-Boot CLI.
- Use the following command to update the device to OpenWrt: "run lfw".
Flash instruction (using U-Boot web-based recovery):
- Configure PC with static IP 192.168.1.xxx(2-254)/24.
- Connect PC with one of RJ45 ports, press the reset button, power up
the board and keep button pressed for around 6-7 seconds, until LEDs
start flashing.
- Open your browser and enter 192.168.1.1, select "sysupgrade" image
and click the upgrade button.
Signed-off-by: 张鹏 <sd20@qxwlan.com>
(cherry picked from commit ac03d51a3f)
Qxwlan E558 v2 is based on Qualcomm QCA9558 + AR8327.
Specification:
- 720/600/200 MHz (CPU/DDR/AHB)
- 128 MB of RAM (DDR2)
- 8/16 MB of FLASH (SPI NOR)
- 2T2R 2.4 GHz (QCA9558)
- 3x 10/100/1000 Mbps Ethernet (one port with PoE support)
- 4x miniPCIe slot (USB 2.0 bus only)
- 1x microSIM slot
- 5x LED (4 driven by GPIO)
- 1x button (reset)
- 1x 3-pos switch
- 1x DC jack for main power input (9-48 V)
- UART (JP5) and LEDs (J8) headers on PCB
Flash instruction (using U-Boot CLI and tftp server):
- Configure PC with static IP 192.168.1.10 and tftp server.
- Rename "sysupgrade" filename to "firmware.bin" and place it in tftp
server directory.
- Connect PC with one of RJ45 ports, power up the board and press
"enter" key to access U-Boot CLI.
- Use the following command to update the device to OpenWrt: "run lfw".
Flash instruction (using U-Boot web-based recovery):
- Configure PC with static IP 192.168.1.xxx(2-254)/24.
- Connect PC with one of RJ45 ports, press the reset button, power up
the board and keep button pressed for around 6-7 seconds, until LEDs
start flashing.
- Open your browser and enter 192.168.1.1, select "sysupgrade" image
and click the upgrade button.
Signed-off-by: 张鹏 <sd20@qxwlan.com>
(cherry picked from commit b74f63f81d)
@vahid-dan reported a issue with extracting the rpi images with
Gnome's Archive Manager:
"Ubuntu Archive Manager cannot extract the file and it just
throws a general error message: "An error occurred while
extracting files".
<https://forum.lede-project.org/t/corrupted-pre-built-v18-06-0-rc2-image-for-rpi>
@blogic told me to split the single sdcard.img.gz for the RPi
into a sysupgrade and a factory image for all brcm2708 targets.
The factory images will have no metadata attached, this way
these utilities that can't deal with the attached metadata will
not fail for no reason.
Cc: John Crispin <john@phrozen.org>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 7516a96011)
e15c63a375 introduced code that was trying
to register GPIO 1 as both an LED and a button. The OEM source makes it
clear that LED1 is not wired to the SoC GPIOs. GPIO 1 is the reset button.
Furthermore the (green) power led default state should also be defined,
(matching OEM source), and it should be used by diag.sh since it's
currently the only software-controllable LED.
This patch fixes these issues and renames the corresponding #defines for
clarity
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
(cherry picked from commit e99f760235)
On brcm47xx boards, the model ID is the combination of the "boardtype" nvram
variable and an optional supplemental "boardnum" variable while the human
readable model name is usually exposed in the "machine" field of the
/proc/cpuinfo file.
Move the extraction of the board nvram variables and model name string into
the 01_sysinfo file and rework the 01_detect board configuration script to
solely use the prepared sysinfo values without performing own detection
logic.
As a consequence, we can drop the ucidef_set_board_id() and
ucidef_set_model_name() invocations in favor to the generic behaviour
which copies the /tmp/sysinfo/{board_name,model} values into the board.json
"id" and "name" fields respectively.
Since "01_detect" only contains network configuration logic after this
change, move it to "01_network" and rename the contained "detect_by_xxx"
functions to "configure_by_xxx" instead, to avoid potential confusion.
Fixes FS#1576
Acked-by: Rafał Miłecki <rafal@milecki.pl>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit d7d10f2c1e)
That upstream commit caused instability in flash reads. It was reported
but there isn't any proper fix as for now.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 0417b08b06)
This fixes kernel hang when booting on BCM4718A1 (& probably BCM4717A1).
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 4c1aa64b4d)
The WDR4900v1 uses the P1040 SoC, so the device tree pulls in the
definition for the related P1010 SoC. However, the P1040 lacks the
CAAM/SEC4 hardware crypto accelerator which the P1010 device tree
defines. If left defined, this causes the CAAM drivers (if present) to
attempt to use the non-existent device, making various crypto-related
operations (e.g. macsec and ipsec) fail.
This commit overrides the incorrect dt node definition in the included
file.
See also:
- https://bugs.openwrt.org/index.php?do=details&task_id=1262
- https://community.nxp.com/thread/338432#comment-474107
Signed-off-by: Tim Small <tim@seoss.co.uk>
(cherry picked from commit e97aaf483c)
The original vendor's driver programmed the dma controller's
AHB HPROT values to enable bufferable, privileged mode. This
along with the "same priorty for both channels" fixes the
freezes according to @takimata, @And.short, that have been
reported on the forum by @ticerex.
Furtheremore, @takimata reported that the patch also improved
the performance of the HDDs considerably:
|<https://forum.lede-project.org/t/wd-mybook-live-duo-two-disks/16195/55>
|It seems your patch unleashed the full power of the SATA port.
|Where I was previously hitting a really hard limit at around
|82 MB/s for reading and 27 MB/s for writing, I am now getting this:
|
|root@OpenWrt:/mnt# time dd if=/dev/zero of=tempfile bs=1M count=1024
|1024+0 records in
|1024+0 records out
|real 0m 13.65s
|user 0m 0.01s
|sys 0m 11.89s
|
|root@OpenWrt:/mnt# time dd if=tempfile of=/dev/null bs=1M count=1024
|1024+0 records in
|1024+0 records out
|real 0m 8.41s
|user 0m 0.01s
|sys 0m 4.70s
|
|This means: 121 MB/s reading and 75 MB/s writing!
|
|[...]
|
|The drive is a WD Green WD10EARX taken from an older MBL Single.
|I repeated the test a few times with even larger files to rule out
|any caching, I'm still seeing the same great performance. OpenWrt is
|now completely on par with the original MBL firmware's performance.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Drop the parallel-unsafe custom Build/dtb macro and use the .dtb artifacts
produced by the generic image build code.
Also remove unused .dtb references in the mt7623 subtarget.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from commit 8194f9ef4a)
