Commit Graph

45455 Commits

Author SHA1 Message Date
Yousong Zhou
4f94a331e1 config: kernel: remove KERNEL_LXC_MISC
Kernel features are neutral.  The two cascaded features can also be
useful for other container related tools

It's also less error-prone if only kconfig symbols from the kernel are
prefixed KERNEL_

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-09-12 02:30:26 +00:00
Yousong Zhou
083bb9b6a4 config: kernel: add KERNEL_X86_VSYSCALL_EMULATION
Binaries in container images may need this.  E.g. nginx:1.7.9 used in
k8s default deployment manifest file for demostration [1]

 [1] https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#creating-a-deployment

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-09-12 02:30:26 +00:00
Koen Vandeputte
7489ea85a2 Revert "ar71xx: use platform code for qca955x usb0 init"
This reverts commit 5b98061bb1.

As Piotr Dymacz pointed out:

In QCA MIPS based WiSOCs, for first USB interface,
device/host mode can be selected _only_ in hardware
see description of 57c641ba6e

QCA955x and QCA9563, second USB can be switched to device
mode in software (tested and confirmed on real hardware).

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-09-12 00:15:59 +02:00
Moritz Warning
c546855188
imx6: split up DEVICE_TITLE
DEVICE_TITLE is split up into DEVICE_VENDOR, DEVICE_MODEL and DEVICE_VARIANT

Signed-off-by: Moritz Warning <moritzwarning@web.de>
2019-09-11 15:19:54 +02:00
Moritz Warning
bdf0ca7fec samsung: split up DEVICE_TITLE
DEVICE_TITLE is split up into DEVICE_VENDOR, DEVICE_MODEL and DEVICE_VARIANT

Signed-off-by: Moritz Warning <moritzwarning@web.de>
2019-09-11 15:17:09 +02:00
Tomislav Požega
191c3e49b9 ar71xx: qca955x pci init/reset fixes
Current ar724x code does the reset only on single pci bus, and
in case of qca9558 writes the wrong register (0x10 vs 0x0c).
This change allows the reset of second pci bus, commonly used in
Archer C7 devices, in case host controller is stuck in reset.
If the resetting controller on boot can solve any other issue it
can be enabled unconditionally by removing reset check before
ar724x_pci_hw_init is called.

Signed-off-by: Tomislav Požega <pozega.tomislav@gmail.com>
[refreshed to apply cleanly]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-09-11 09:47:49 +02:00
Tomislav Požega
e8350c998b ar71xx: enable ddr wb flush on qca955x
Enable flushing of write buffers on qca955x. GPL code has 0x88 reg
defined for PCI flush which is likely an error since the device
freezes on boot. So use DS default value 0xA8 for PCI flush.

Signed-off-by: Tomislav Požega <pozega.tomislav@gmail.com>
2019-09-11 09:47:49 +02:00
Tomislav Požega
5b98061bb1 ar71xx: use platform code for qca955x usb0 init
Switch from ci_usb_setup to generic platform initialization of
usb0 port.

Signed-off-by: Tomislav Požega <pozega.tomislav@gmail.com>
2019-09-11 09:47:49 +02:00
Koen Vandeputte
1d51160f85 kernel: bump 4.19 to 4.19.71
Refreshed all patches.

Remove upstreamed:
- 950-0774-watchdog-bcm2835_wdt-Fix-module-autoload.patch
- 0017-usb-host-fotg2-restart-hcd-after-port-reset.patch

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-09-11 09:47:49 +02:00
Koen Vandeputte
6999c7e28e kernel: bump 4.14 to 4.14.142
Refreshed all patches.

Remove upstreamed:
- 0032-usb-host-fotg2-restart-hcd-after-port-reset.patch

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-09-11 09:47:49 +02:00
Koen Vandeputte
3b6b66529f kernel: bump 4.9 to 4.9.191
Refreshed all patches.

Compile-tested on: none
Runtime-tested on: none

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-09-11 09:47:49 +02:00
Rafał Miłecki
a858db3136 treewide: sysupgrade: use $UPGRADE_BACKUP to check for backup
Now that $UPGRADE_BACKUP is set conditionally there is no need to check
the $UPGRADE_OPT_SAVE_CONFIG anymore. All conditions can be simplified.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-11 09:05:35 +02:00
Rafał Miłecki
9785a9121d procd: update to the latest git HEAD
b8238df sysupgrade: support "backup" attribute

This update requires "sysupgrade" method callers to pass "backup"
attribute if $UPGRADE_BACKUP is used in the project.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-11 09:03:36 +02:00
Rafał Miłecki
c5223b26a4 base-files: sysupgrade: pass "backup" ubus attribute
This explicitly tells procd what backup file should be used during
sysupgrade (if any). It's much more generic this way compared to the
magic /tmp/sysupgrade.tgz file that had to be created before a call.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-11 08:57:24 +02:00
Yousong Zhou
6d819fae53 gemini: image: fix race condition when building copy-kernel.bin
Make treat copy-kernel.o as intermediate and delete it when it's no
longer needed.  This can fail when the same submake was triggered
multiple times for different devices.

	arm-openwrt-linux-muslgnueabi-as  -k -o copy-kernel.o copy-kernel.S
	export MAKEFLAGS= ;make -w -C copy-kernel CROSS_COMPILE=arm-openwrt-linux-muslgnueabi-
	arm-openwrt-linux-muslgnueabi-objcopy -O binary -S copy-kernel.o copy-kernel.bin
	make[5]: Entering directory '/builder/shared-workdir/build/target/linux/gemini/image/copy-kernel'
	arm-openwrt-linux-muslgnueabi-objcopy -O binary -S copy-kernel.o copy-kernel.bin
	rm copy-kernel.o
	make[5]: Leaving directory '/builder/shared-workdir/build/target/linux/gemini/image/copy-kernel'
	# "App" partition is the rootfs
	arm-openwrt-linux-muslgnueabi-objcopy: 'copy-kernel.o': No such file
	Makefile:27: recipe for target 'copy-kernel.bin' failed
	make[5]: Leaving directory '/builder/shared-workdir/build/target/linux/gemini/image/copy-kernel'
	make[5]: *** [copy-kernel.bin] Error 1
	Makefile:244: recipe for target '/builder/shared-workdir/build/build_dir/target-arm_fa526_musl_eabi/linux-gemini/tmp/openwrt-gemini-storlink_sl93512r-ext4-factory.bin' failed
	make[4]: *** [/builder/shared-workdir/build/build_dir/target-arm_fa526_musl_eabi/linux-gemini/tmp/openwrt-gemini-storlink_sl93512r-ext4-factory.bin] Error 2

With this change, output files are directed to $(KDIR)

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Reviewed-by: Linus Walleij <linus.walleij@linaro.org>
2019-09-11 01:31:53 +00:00
Hauke Mehrtens
7bed9bf10f hostapd: SAE/EAP-pwd side-channel attack update
Fixes this security problem:
* SAE/EAP-pwd side-channel attack update
https://w1.fi/security/2019-6/sae-eap-pwd-side-channel-attack-update.txt

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-09-10 21:51:41 +02:00
Hauke Mehrtens
9f34bf51d6 hostapd: Fix security problem
This fixes:
CVE-2019-11555 "EAP-pwd message reassembly issue with unexpected fragment"
https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-with-unexpected-fragment.txt

This shouöld not affect OpenWrt in the default settings as we do not use
EAP-pwd.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-09-10 21:51:26 +02:00
Roger Pueyo Centelles
e667d6f46b ramips: enable external amplifier for D-Link DIR-810L
The 2.4 GHz radio had very poor signal reception (-89 dBm for an AP
sitting 5 m away). By enabling the external amplifier, received signal
has improved to -50 dBm for the same AP.

Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
2019-09-10 22:43:37 +08:00
Jo-Philipp Wich
d6a405280f rpcd: update to latest Git HEAD
e2a7bc4 iwinfo: add WPA3 support

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-09-10 15:25:12 +02:00
Rafał Miłecki
681acdcc54 mac80211: brcmfmac: backport more kernel 5.4 changes
Patch getting RAM info got upstreamed. A debugging fs entry for testing
reset feature was added.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-09 09:38:55 +02:00
Hans Dedecker
ba305d12de glibc: update to latest 2.27 commit (BZ #24228, BZ #24744, BZ #24699)
5f0d2e0491 [AArch64] Add ifunc support for Ares
e6b7252040 aarch64,falkor: Use vector registers for memcpy
c74b884f70 aarch64,falkor: Ignore prefetcher tagging for smaller copies
0fc5934ebd aarch64/strncmp: Use lsr instead of mov+lsr
e0a0bd3acc aarch64/strncmp: Unbreak builds with old binutils
638caf3000 aarch64: Improve strncmp for mutually misaligned inputs
d5f45a29ff aarch64/strcmp: fix misaligned loop jump target
7f690fafad aarch64: Improve strcmp unaligned performance
40df047b3b aarch64: Fix branch target to loop16
062139f233 aarch64: Optimized memcmp for medium to large sizes
f3e2add213 aarch64: Use the L() macro for labels in memcmp
22bd3ab40e posix: Fix large mmap64 offset for mips64n32 (BZ#24699)
bdd16894aa aarch64: handle STO_AARCH64_VARIANT_PCS
0b48caab9a aarch64: add STO_AARCH64_VARIANT_PCS and DT_AARCH64_VARIANT_PCS
949da7f2fd io: Remove copy_file_range emulation [BZ #24744]
f056ac8363 libio: do not attempt to free wide buffers of legacy streams [BZ #24228]
5f90e009b1 NEWS: add entries for bugs 22964, 24180, and 24531

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-09-08 22:18:17 +02:00
Jo-Philipp Wich
2f9f8769e3 rpcd: update to latest Git HEAD
69eeb1b file: refactor message parsing and permission checking
f65527a iwinfo: expose all rate info fields in assoclist reply
7fec636 sys: fix symbol redeclaration
27c24c7 rpcd: sys: actually move timespec declaration
345363b file: add remove operation
604db20 rpcd: Switch to nanosleep

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-09-08 18:48:15 +02:00
Hauke Mehrtens
359bff6052 firewall: update to latest git HEAD
487bd0d utils: Fix string format message

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-09-08 18:39:13 +02:00
Rafał Miłecki
1c510fe298 base-files: validate firmware for compatibility with backup
This allows platform code to check if firmware image can be used with
preserving a backup. It may be used e.g. when installing vendor
firmwares that won't restore appended backup archive.

Suggested-by: Luis Araneda <luaraneda@gmail.com>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-08 09:10:30 +02:00
Hans Dedecker
7db6559914 firewal: update to latest git HEAD
4d0c703 firewall3: Fix some format string problems
8c404ef iptables.c: lock the xtables.lock
c1d3a4d utils: implement fw3_lock_path() & fw3_unlock_path()

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-09-07 21:23:43 +02:00
Adrian Schmutzler
869a0183b9 ramips: fix MAC address setup for Newifi Y1 and Y1S
So far, MAC address setup for those devices has been using local
addresses although additional MAC addresses are available on flash.

On device, we found the following situation:
position   Y1     Y1S
0x4        *:d4   *:e4
0x8004     *:d6   *:e8
0x28       *:d4   *:e4
0x2e       *:d7   *:eb

Since 0x4 and 0x28 yield the same address, the former was set for
&ethernet in DTS. However, the typical location on this
architecture is 0x28, so this patch changes that.

For further setup in 02_network, the local bit for lan_mac is
removed, so the address from &ethernet is used at all. For wan_mac,
instead of calculating an address with local bit set, this patch
exploits the previously unused address in 0x2e.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-09-07 21:41:44 +08:00
Adrian Schmutzler
aaf90d8808 ramips: initialize MAC addresses from flash where possible
This patch changes wan MAC address setup from retrieving it by
calculation to reading it from flash.

Changes are limited to cases where on-device check was possible.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
[fix mac for newifi-d1; drop adslr,g7 because it's unlikely for
vendor to specifically use 2.4g mac as wan_mac]
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2019-09-07 21:41:44 +08:00
Adrian Schmutzler
e35e4a996e ramips: fix duplicate network setup for dlink,dir-615-h1
In 555ca422d1 ("ramips: fix D-Link DIR-615 H1 switch port
mapping"), port setup for dir-615-h1 was changed without removing
the old one. This was working as the new one was triggered earlier
than the old one.

(In the meantine, changed sorting during ramips rename patches
actually inversed that order.)

Anyway, just remove the wrong case now.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-09-07 21:41:44 +08:00
Adrian Schmutzler
ad4eb2241b ramips: remove duplicate case for MAC setup of freestation5
ARC FreeStation5 is present twice in MAC address setup.

From older commits/changes, it is not possible to reconstruct
the correct choice only by reading the annotations.

Thus, remove the second case and keep the first one, so behavior
stays the same (as nobody seems to have complained about it).

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-09-07 21:41:44 +08:00
Adrian Schmutzler
6640e1c368 ramips: clean and improve MAC address setup in 02_network
This patch removes unnecessary MAC address setup statements in
ramips' 02_network by doing several optimizations:

1. For the following devices, lan_mac was set up with
   mtd_get_mac_binary although the same address was set in DTS.
   The lan_mac statement is removed in 02_network, but
   wan_mac is kept:
   - mercury,mac1200r-v2
   - phicomm,k2g
   - skylab,skw92a
   - wiznet,wizfi630a

2. For the following devices, wan_mac was set up with
   mtd_get_mac_binary although the same address was set in DTS.
   The wan_mac statement is removed in 02_network, no
   lan_mac is present:
   - buffalo,whr-g300n
   - glinet,gl-mt300n-v2
   - zyxel,keenetic-start

3. For the following device, lan_mac and wan_mac were set up
   with mtd_get_mac_binary to the same address as set in DTS.
   Both statements are removed in 02_network:
   - buffalo,whr-600d

4. For some devices, it was possible to move setup from 02_network
   to DTS by introducing previously missing mtd_mac_address:
   - buffalo,whr-1166d
   - buffalo,whr-300hp2
   - buffalo,wsr-600dhp
   - ohyeah,oy-0001
   - planex,vr500

5. For one device, mtd_mac_address was just wrong and overwritten
   by 02_network. Put the correct value in DTS and remove redundant
   statement in 02_network:
   - asus,rt-ac57u

6. For one device, MAC address defined in DTS is exchanged together
   with lan_mac/wan_mac setup in 02_network, so that cases in
   02_network can be merged:
   - phicomm,k2p

For some devices, an empty case has to be used to prevent them
from falling into the default case and have
WAN address = eth0 address + 1 set to them.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-09-07 21:41:44 +08:00
Jonas Gorski
f11d90a76b Revert "build: remove harmful -nopad option from mksquashfs"
This reverts commit 1c0290c5cc.

Dropping the nopad can make the padding overflow into the next erase
block on devices using a non-aligned rootfs start. This breaks the jffs2
overlay partition with the following messages:

[   30.343877] jffs2_scan_eraseblock(): End of filesystem marker found at 0x10000
[   30.376512] jffs2: Cowardly refusing to erase blocks on filesystem with no valid JFFS2 nodes
[   30.385253] jffs2: empty_blocks 196, bad_blocks 0, c->nr_blocks 197

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2019-09-07 14:45:32 +02:00
Hans Dedecker
1855c23794 odhcp6c: update to latest git HEAD
e199804 dhcpv6: sanitize oro options

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-09-07 13:11:53 +02:00
Rafał Miłecki
c19b9f9a26 bcm53xx: extend firmware validation
This provides TRX validation result to the validation JSON. It also
prevents users from installing broken firmware files.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-06 12:52:59 +02:00
Yousong Zhou
40e3f660c1 uboot-fritz4040: build with ipq40xx "generic" subtarget
Fixes: 853e4dd3 ("ipqx0xx: add Generic subtarget")
Ref: https://forum.openwrt.org/t/ipq40xx-snapshot-not-updated-since-22nd-august/44126
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-09-06 08:33:30 +00:00
Rafał Miłecki
641f6b6c26 treewide: use new procd sysupgrade $UPGRADE_BACKUP variable
It's a variable set by procd that should replace hardcoded
/tmp/sysupgrade.tgz.

This change requires the most recent procd with the commit 0f3c136
("sysupgrade: set UPGRADE_BACKUP env variable").

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-05 23:33:19 +02:00
Rafał Miłecki
e8dcbbc865 procd: update to the latest git HEAD
0f3c136 sysupgrade: set UPGRADE_BACKUP env variable
0bcbbbf system: fix uninitialized variables in firmware validation code

This update includes a fix for uninitialized variable usage.

Fixes: 7290963d09 ("procd: update to the latest git HEAD")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-05 23:16:54 +02:00
Adrian Schmutzler
45600124fc base-files: use get_mac_binary() in mtd_get_mac_binary_ubi()
The actual retrieval of the MAC address in mtd_get_mac_binary_ubi()
is the same as in get_mac_binary(). Thus, use the latter function
in the former to reduce duplicate code.

This will also allow to benefit from the enhanced path check there
and bring mtd_get_mac_binary_ubi() more in line with the similar
mtd_get_mac_binary().

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-09-05 20:42:08 +02:00
David Bauer
4c060228cb base-files: fix mtd_get_mac_text not accepting hex offsets
The mtd_get_mac_text helper method did not support hexadecimal offset
values, resulting them to break after 75bfc393ba ("treewide:
convert MAC address location offsets to hexadecimal")

This commit fixes this by evaluating the hexadecimal input,
converting them to decimal.

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-09-05 20:31:56 +02:00
Rafał Miłecki
62dbe361a1 treewide: when copying a backup file always specify dest name
$CONF_TAR shouldn't be assumed to always point to the sysupgrade.tgz.
This change makes code more generic and allows refactoring $CONF_TAR.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-05 14:33:20 +02:00
Rafał Miłecki
bf39047872 treewide: don't hardcode "sysupgrade.tgz" file name
1) Add BACKUP_FILE and use it when copying an archive to be restored
   after sysupgrade (on the next preinit).
2) Use CONF_TAR for copying backup prepared by the /sbin/sysupgrade

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-05 14:33:19 +02:00
Rafał Miłecki
1078de96e3 treewide: fix invalid UPGRADE_OPT_SAVE_CONFIG spellings
That was a result of accidentally running "sed" twice on some files.

Fixes: 5797fe84a3 ("treewide: replace remaining (not working now) $SAVE_CONFIG uses")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-05 08:55:15 +02:00
Rafał Miłecki
5797fe84a3 treewide: replace remaining (not working now) $SAVE_CONFIG uses
This var has been replaced by the $UPGRADE_OPT_UPGRADE_OPT_SAVE_CONFIG

Fixes: b534ba9611 ("base-files: pass "save_config" option to the "sysupgrade" method")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-05 08:43:24 +02:00
Hauke Mehrtens
1184e1f2b6 uboot-envtools: Update to U-Boot version 2019.07
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-09-04 22:35:22 +02:00
Hauke Mehrtens
169152c8d1 tools/mkimage: Update U-Boot to version 2019.07
This updates the U-Boot which provides the host tools like mkimage to
version 2019.07.
The patches were cleaned up and it was checked if this still compiles
on Linux and FreeBSD.

CONFIG_FIT_SIGNATURE_MAX_SIZE is set to the default value.

The patch for libressl was merged upstream.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-09-04 22:35:22 +02:00
Álvaro Fernández Rojas
662394fb30 brcm2708: update to latest patches from RPi foundation
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2019-09-04 19:02:48 +02:00
Álvaro Fernández Rojas
99a5e28588 brcm2708: bcm2711: remove custom config file
Forcing arm_64bit is no longer required with latest firmware.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2019-09-04 18:11:25 +02:00
Álvaro Fernández Rojas
da3f5b2196 brcm2708-gpu-fw: update to latest firmware
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2019-09-04 18:09:34 +02:00
Chuanhong Guo
7a21c85f70 ramips: improve support for Xiaomi Miwifi Nano
This patch does the following things:
1. mark u-boot-env writable
2. add bootcount support
   Currently, u-boot has a flag_boot_success env variable to reset.
   Also reset it in our firmware to follow the behavior in vendor's
   firmware.
3. disable usb support
   This router doesn't have usb port at all.
4. increase spi clock to 40MHz
5. fix pinmux groups

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2019-09-04 19:26:01 +08:00
Rafał Miłecki
7290963d09 procd: update to the latest git HEAD
34ac88c system: reject sysupgrade of invalid firmware images by default
f55c235 system: reject sysupgrade of broken firmware images
e990e21 system: add "validate_firmware_image" ubus method

This update changes "sysupgrade" ubus method API. It's now required to
pass "force" attribute whenever invalid firmware is meant to be
installed.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-04 11:17:06 +02:00
Rafał Miłecki
b71962da16 base-files: pass "force" parameter to the "sysupgrade" call
This makes sysupgrade work with the most recent procd that validates
firmware before proceeding.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-04 11:07:41 +02:00