Commit Graph

42449 Commits

Author SHA1 Message Date
Petr Štetiar
4c1779ac2c ppp: backport security fixes
8d45443bb5c9 pppd: Ignore received EAP messages when not doing EAP
8d7970b8f3db pppd: Fix bounds check in EAP code
858976b1fc31 radius: Prevent buffer overflow in rc_mksid()

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 215598fd03)
Fixes: CVE-2020-8597
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2020-02-26 16:42:06 +01:00
Jo-Philipp Wich
cd262f59cb Revert "ppp: backport security fixes"
This reverts commit cc78f934a9 since it
didn't contain a reference to the CVE it addresses. The next commit
will re-add the commit including a CVE reference in its commit message.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2020-02-26 16:41:48 +01:00
Jo-Philipp Wich
ed3c3048b8 uhttpd: update to latest Git HEAD
2ee323c file: poke ustream after starting deferred program

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 04069fde19)
2020-02-26 16:23:05 +01:00
Koen Vandeputte
fafe99b62d kernel: bump 4.14 to 4.14.171
Refreshed all patches.

Fixes:
- CVE-2013-1798

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-02-24 14:21:08 +01:00
Koen Vandeputte
bfee12cec6 kernel: bump 4.9 to 4.9.214
Refreshed all patches.

Fixes:
- CVE-2013-1798

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-02-24 14:21:08 +01:00
Petr Štetiar
cc78f934a9 ppp: backport security fixes
8d45443bb5c9 pppd: Ignore received EAP messages when not doing EAP
8d7970b8f3db pppd: Fix bounds check in EAP code
858976b1fc31 radius: Prevent buffer overflow in rc_mksid()

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 215598fd03)
2020-02-20 09:39:31 +01:00
Jo-Philipp Wich
05062462f1 hostapd: remove erroneous $(space) redefinition
The $(space) definition in the hostapd Makefile ceased to work with
GNU Make 4.3 and later, leading to syntax errors in the generated
Kconfig files.

Drop the superfluous redefinition and reuse the working $(space)
declaration from rules.mk to fix this issue.

Fixes: GH#2713
Ref: https://github.com/openwrt/openwrt/pull/2713#issuecomment-583722469
Reported-by: Karel Kočí <cynerd@email.cz>
Suggested-by: Jonas Gorski <jonas.gorski@gmail.com>
Tested-by: Shaleen Jain <shaleen@jain.sh>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from commit 766e778226)
2020-02-08 11:54:23 +01:00
Koen Vandeputte
6b10354b3c kernel: add support for GD25D05 SPI NOR
This chip is used on newer RB912UAG-5HPnD r2 boards:

Before:

[    0.642553] m25p80 spi0.0: unrecognized JEDEC id bytes: c8, 40, 10
[    0.649381] NAND flash driver for the RouterBOARD 91x series

After:

[    0.641714] m25p80 spi0.0: found gd25d05, expected m25p80
[    0.649916] m25p80 spi0.0: gd25d05 (64 Kbytes)
[    0.655122] Creating 4 MTD partitions on "spi0.0":
[    0.660164] 0x000000000000-0x00000000c000 : "routerboot"
[    0.667782] 0x00000000c000-0x00000000d000 : "hard_config"
[    0.675073] 0x00000000d000-0x00000000e000 : "bios"
[    0.682613] 0x00000000e000-0x00000000f000 : "soft_config"
[    0.690304] NAND flash driver for the RouterBOARD 91x series

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-02-04 18:12:19 +01:00
Koen Vandeputte
4eba86820f kernel: bump 4.14 to 4.14.169
Refreshed all patches.

Fixes:
- CVE-2019-14896
- CVE-2019-14897

Remove upstreamed:
- 023-0007-crypto-crypto4xx-Fix-wrong-ppc4xx_trng_probe-ppc4xx_.patch

Altered patches:
- 102-MIPS-BCM63XX-move-code-touching-the-USB-private-regi.patch
- 105-MIPS-BCM63XX-add-support-for-the-on-chip-OHCI-contro.patch
- 106-MIPS-BCM63XX-register-OHCI-controller-if-board-enabl.patch
- 108-MIPS-BCM63XX-add-support-for-the-on-chip-EHCI-contro.patch
- 207-MIPS-BCM63XX-move-device-registration-code-into-its-.patch
- 350-MIPS-BCM63XX-support-settings-num-usbh-ports.patch
- 356-MIPS-BCM63XX-move-fallback-sprom-support-into-its-ow.patch
- 390-MIPS-BCM63XX-do-not-register-SPI-controllers.patch
- 391-MIPS-BCM63XX-do-not-register-uart.patch
- 392-MIPS-BCM63XX-remove-leds-and-buttons.patch
- 416-BCM63XX-add-a-fixup-for-ath9k-devices.patch
- 422-BCM63XX-add-a-fixup-for-rt2x00-devices.patch
-

Compile-tested on: brcm63xx, cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-02-04 18:12:19 +01:00
Koen Vandeputte
c236071859 kernel: bump 4.9 to 4.9.212
Refreshed all patches.

Fixes:
- CVE-2019-14896
- CVE-2019-14897

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-02-04 18:12:19 +01:00
Jo-Philipp Wich
6bfde67581 OpenWrt v18.06.7: revert to branch defaults
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2020-01-29 17:13:25 +01:00
Jo-Philipp Wich
1b5c116233 OpenWrt v18.06.7: adjust config defaults
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2020-01-29 17:13:21 +01:00
Jo-Philipp Wich
ca47026b7d opkg: update to latest Git HEAD
80d161e opkg: Fix -Wformat-overflow warning
c09fe20 libopkg: fix skipping of leading whitespace when parsing checksums

Fixes: CVE-2020-7982
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit c69c20c667)
2020-01-29 17:06:05 +01:00
Hauke Mehrtens
cc0a54e332 libubox: backport security patches
This backports some security relevant patches from libubox master. These
patches should not change the existing API and ABI so that old
applications still work like before without any recompilation.
Application can now also use more secure APIs.

The new more secure interfaces are also available, but not used.

OpenWrt master and 19.07 already have these patches by using a more
recent libubox version.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-01-27 21:44:28 +01:00
Martin Schiller
ebafb746f0 lantiq: ltq-ptm: vr9: fix skb handling in ptm_hard_start_xmit()
Call skb_orphan(skb) to call the owner's destructor function and make
the skb unowned.

This is necessary to prevent sk_wmem_alloc of a socket from overflowing,
which leads to ENOBUFS errors on application level.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
(cherry picked from commit 996f02e5ba)
2020-01-26 22:12:54 +01:00
Josef Schlehofer
0591348b3d tools/expat: Update to version 2.2.9
Fixes two CVEs:
- CVE-2019-15903 (Fix heap overflow triggered by XML_GetCurrentLineNumber)
- CVE-2018-20843 (Fix extraction of namespace prefixes from XML names)

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit b4af2c689f)
2020-01-26 22:12:50 +01:00
Magnus Kroken
f51d1c3b7c mbedtls: update to 2.16.4
Fixes side channel vulnerabilities in mbed TLS' implementation of ECDSA.

Release announcement:
https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.4-and-2.7.13-released

Security advisory:
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2019-12

Fixes:
 * CVE-2019-18222: Side channel attack on ECDSA

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
(cherry picked from commit 6e96fd9047)
2020-01-26 20:25:47 +01:00
Koen Vandeputte
153a044c95 kernel: bump 4.14 to 4.14.167
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-01-24 13:18:01 +01:00
Koen Vandeputte
c15a039e62 kernel: bump 4.9 to 4.9.211
Refreshed all patches.

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-01-24 13:18:01 +01:00
Stephan Knauss
02f9582e89 kirkwood: fix HDD LED labels for Zyxel NSA325 in 01_leds
Change the LED labels for hdd1/hdd2 in 01_leds to match their
counterpart in DTS.

Signed-off-by: Stephan Knauss <openwrt@stephans-server.de>
[improve commit title and message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit fbf297be38)
2020-01-21 14:06:24 +01:00
Walter Sonius
04474c7d22 brcm47xx: fix switch port order for Netgear WN2500RP V1
The Netgear WN2500RP V1 switch0 already works for LAN
however the port order for the LAN ports is inverted. Correct
physical port order watched from the back of the device is:
4 / 3 / 2 / 1
WAN port is absent on this device and therefore removed
from switch config.

Signed-off-by: Walter Sonius <walterav1984@gmail.com>
[move block to maintain alphabetic sorting]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 098cbc68ee)
2020-01-21 14:04:55 +01:00
Walter Sonius
99ab40c842 brcm47xx: fix switch port order for Netgear WNR3500 V2
The Netgear WNR3500 V2 switch0 already works for WAN/LAN
however the port order for the LAN ports is inverted. Correct
physical port order watched from the back of the device is:
Internet / 4 / 3 / 2 / 1 this resembles the Linksys E3000 V1.

Verfied with imagebuilder edit FILES=/etc/board.d/01_network

Signed-off-by: Walter Sonius <walterav1984@gmail.com>
(cherry picked from commit cf2f1fc687)
2020-01-21 14:03:56 +01:00
DENG Qingfang
3a3ca3230f ramips: fix HiWiFi HC5962 switch configuration
HC5962 has only 3 LAN ports, switch port 0 is unused

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
(backported from commit 68f49df315)
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-01-21 13:59:44 +01:00
Koen Vandeputte
5c7225c26b kernel: bump 4.14 to 4.14.166
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-01-20 13:44:38 +01:00
Koen Vandeputte
8441794f9a kernel: bump 4.14 to 4.14.165
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-01-20 13:44:38 +01:00
Koen Vandeputte
a634830004 kernel: bump 4.9 to 4.9.210
Refreshed all patches.

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-01-20 13:44:38 +01:00
Koen Vandeputte
7c42a9b6b1 kernel: bump 4.14 to 4.14.164
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-01-20 13:44:38 +01:00
Koen Vandeputte
891bba8f77 kernel: bump 4.9 to 4.9.209
Refreshed all patches.

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-01-20 13:44:38 +01:00
Matthias Schiffer
ab9d1bf608
ethtool: fix PKG_CONFIG_DEPENDS
Add missing CONFIG_ prefix.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit 41c19dd542)
2020-01-07 21:42:48 +01:00
Hauke Mehrtens
46c2674225 OpenWrt v18.06.6: revert to branch defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-01-06 21:50:26 +01:00
Hauke Mehrtens
8004e3f2c6 OpenWrt v18.06.6: adjust config defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-01-06 21:50:22 +01:00
Jack Chen
d81a8a3e29 ramips: remove duplicate dts nodes of MediaTek LinkIt Smart 7688
There are two identical wmac nodes in the dts file of MediaTek
LinkIt Smart 7688, so delete one of them.

Signed-off-by: Jack Chen <redchenjs@live.com>
(cherry picked from commit 4be271a486)
2020-01-05 20:06:07 +01:00
Florian Fainelli
e1b62c85f5 sunxi: Turn on CONFIG_PINCTRL_SUN4I_A10 for A20
CONFIG_PINCTRL_SUN4I_A10 controls both the A10 and the A20 enablong of
the pinctrl driver, this is necessary since upstream commit
5d8d349618a9464714c07414c5888bfd9416638f ("pinctrl: sunxi: add A20
support to A10 driver") which has been included in v4.13 and onwards.

Fixes: ad2b3bf310 ("sunxi: Add support for kernel 4.14")
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
(cherry picked from commit 32e4eaef1b)
2020-01-05 13:09:25 +01:00
Hauke Mehrtens
8c6668f088 kernel: bump 4.9 to 4.9.208
Refreshed all patches.

Compile-tested on: lantiq
Runtime-tested on: lantiq

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-01-05 00:03:22 +01:00
Hauke Mehrtens
455ae024d5 kernel: bump 4.14 to 4.14.162
Refreshed all patches.

Compile-tested on: ramips
Runtime-tested on: ramips

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-01-05 00:02:58 +01:00
Moritz Warning
b1eeb5dd2a ramips: fix inverted reset button for Ravpower WD03
The button events "pressed" and "released" were switched. Tested with v18.06.4.

Signed-off-by: Moritz Warning <moritzwarning@web.de>
(cherry picked from commit 3e1325b219)
2020-01-03 15:12:01 +01:00
Koen Vandeputte
b72b37d6ff ar71xx: really fix Mikrotik board detection
commit e09da0169a ("ar71xx: fix Mikrotik board detection")
was generated based on testing a rb-912 board, on which detection failed.

Testing on more hardware shows something fun:

machine	: MikroTik RouterBOARD 922UAGS-5HPacD
machine	: Mikrotik RouterBOARD 912UAG-5HPnD

Both lowercase and uppercase are used.
So ensure we support both now ..

Fixes: e09da0169a ("ar71xx: fix Mikrotik board detection")

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit 845b2a1cfe)
2020-01-02 02:06:01 +01:00
Koen Vandeputte
471baf3f74 ar71xx: fix Mikrotik board detection
Fix a typo in the machine type being extracted from /proc/cpuinfo
which causes all Mikrotik board to be undetected properly.

This lead to sysupgrade issues and probably some others too.

Fixes: acf2b6c888 ("ar71xx: base-files: fix board detect on new MikroTik devices")

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit e09da0169a)
2020-01-02 02:05:42 +01:00
Henryk Heisig
336aaedc9c ar71xx: base-files: fix board detect on new MikroTik devices
Move all MikroTik devices to new function to increase script execution
speed.

Machine name in new version of MikroTik RouterBOARD devices add "RB"
before model name:

 Old machine name: MikroTik RouterBOARD 951Ui-2nD
 New:              MikroTik RouterBOARD RB951Ui-2nD

So this patch should fix it for all currently supported MikroTik boards.

Signed-off-by: Henryk Heisig <hyniu@o2.pl>
[rebased,commit message facelift,script fixes]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
[spotted missing 922UAGS-5HPacD]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit acf2b6c888)
[backport: do not add boards not supported in 18.06]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-01-02 02:03:20 +01:00
Julien Rabier
e838957ad9 ar71xx: fix RB941-2nD detection
Some hAP lite routers aren't detected because
/proc/cpuinfo shows "RouterBOARD RB941-2nD"
instead of "RouterBOARD 941-2nD".

Fix that.

Signed-off-by: Julien Rabier <taziden@flexiden.org>
[Alter string to include all flavours + slight rewrite of commit msg]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit 6570f3c93a)
2020-01-02 01:57:49 +01:00
Hauke Mehrtens
6b128326df kernel: bump 4.14 to 4.14.161
Refreshed all patches.

Compile-tested on: ipq40xx
Runtime-tested on: none

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-01-01 21:50:16 +01:00
Hauke Mehrtens
97e9be4e3a e2fsprogs: Fix CVE-2019-5094 in libsupport
This adds the following patch from debian:
https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git/commit/?h=debian/stable&id=09fe1fd2a1f9efc3091b4fc61f1876d0785956a8
libsupport: add checks to prevent buffer overrun bugs in quota code

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 0062aad8ec)
2020-01-01 20:55:17 +01:00
Josef Schlehofer
85c4d374c2 openssl: update to version 1.0.2u
Fixes CVE-2019-1551 (rsaz_512_sqr overflow bug) on x86_x64

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2020-01-01 16:57:32 +01:00
Hauke Mehrtens
83ce31d3d8 kernel: bump 4.9 to 4.9.207
Refreshed all patches.

Compile-tested on: lantiq
Runtime-tested on: none

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-12-26 14:02:32 +01:00
Hauke Mehrtens
c280710d7a kernel: bump 4.14 to 4.14.160
Refreshed all patches.

Compile-tested on: ipq40xx
Runtime-tested on: none

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-12-26 14:02:24 +01:00
Koen Vandeputte
27dddb67c0 kernel: bump 4.14 to 4.14.159
Refreshed all patches.

Fixes:
- CVE-2019-19332

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-12-25 15:55:41 +01:00
Jiri Kastner
8623b58c1d scripts/dowload.pl: add archive.apache.org to apache mirror list
apache mirrors holds only latest releases, to download
older releases, one must use archive.apache.org to get
them.

Signed-off-by: Jiri Kastner <cz172638@gmail.com>
(cherry picked from commit dc34c695c4)
2019-12-23 01:07:33 +01:00
Sungbo Eo
e242125d71 kernel: fix *-gpio-custom module unloading
Unloading and reloading the modules fails, as platform_device_put() does not
release resources fully.

root@OpenWrt:/# insmod i2c-gpio-custom bus0=0,18,0,5
[  196.860620] Custom GPIO-based I2C driver version 0.1.1
[  196.871162] ------------[ cut here ]------------
[  196.880517] WARNING: CPU: 0 PID: 1365 at fs/sysfs/dir.c:31 0x80112158
[  196.893431] sysfs: cannot create duplicate filename '/devices/platform/i2c-gpio.0'
...
[  197.513200] kobject_add_internal failed for i2c-gpio.0 with -EEXIST, don't try to register things with the same name in the same directory.

This patch fixes it by replacing platform_device_put() to
platform_device_unregister().

Fixes: da77408537 ("i2c-gpio-custom: minor bugfix")
Fixes: 3bc81edc70 ("package: fix w1-gpio-custom package (closes #6770)")

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit a22b7a60d9)
2019-12-23 01:07:23 +01:00
Yorkie Liu
84b74bcb0d toolchain/gcc: correct the check expr for newer clang
This fixes gcc build error within clang 11.0, it tweaks the version
string from LLVM to clang.

Signed-off-by: Yorkie Liu <yorkiefixer@gmail.com>
(cherry picked from commit 65a561fd09)
2019-12-23 01:06:59 +01:00
Aleksander Jan Bajkowski
66ba44c9ec lantiq: fix phys led
led2l and led2h value is incorrectly set by led3l and led3h.
Bug was introduced in commit: 863e79f8d5

Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
Fixes: 863e79f8d5 ("lantiq: add support for kernel 4.9")
(cherry picked from commit 692390225d)
2019-12-23 01:06:28 +01:00