Fixes: CVE-2020-1971, defined as high severity, summarized as:
NULL pointer deref in GENERAL_NAME_cmp function can lead to a DOS
attack.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
This add support for USB-to-Ethernet Aquantia AQtion
5/2.5GbE adapters based on the AQC111U controllers.
Run-tested: x86
Adapter-tested: Sabrent NT-SS5G
Signed-off-by: Marty Jones <mj8263788@gmail.com>
This adds DTB to kernel and that way makes it possible to easily boot
initramfs image and also kernel.
The sequence to boot initramfs on Omnia is then just:
env set bootargs earlyprintk console=ttyS0,115200
dhcp 0x1000000 192.168.1.1:openwrt-mvebu-cortexa9-cznic_turris-omnia-initramfs-kernel.bin
bootz 0x1000000
Without this change kernel boot won't proceed and is stuck on "Starting
kernel".
Signed-off-by: Karel Kočí <karel.koci@nic.cz>
[fixed From: to match with SoB:]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Bump package version after previous changes.
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
[added missing commit description]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
binary size cost is much less than 1k.
tested on ath79/generic:
bin: 215128 -> 215132 (+4b)
ipk: 111183 -> 111494 (+311b)
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
this commit removes manual recipes for options and introduces mapping lists:
- DB_OPT_COMMON holds option mappings which are common for all builds;
- DB_OPT_CONFIG holds option mappings which are depend on config settings.
DB_OPT_COMMON is space-separated list of 'words', each of them is in format:
'header_option|value'
'header_option' is added with value 'value' to 'localoptions.h'.
if 'header_option' is preceded by two exclamation marks ('!!')
then option is not added to 'localoptions.h' but replaced in 'sysoptions.h'.
in short:
option|value - add option to localoptions.h
!!option|value - replace option in sysoptions.h
DB_OPT_CONFIG is space-separated list of 'words', each of them is in format:
'header_option|config_variable|value_enabled|value_disabled'
'header_option' is handled likewise in DB_OPT_COMMON.
if 'config_variable' is enabled (technically: not disabled)
then 'header_option' is set to 'value_enabled' and 'value_disabled' otherwise.
in short:
option|config|enabled|disabled = add option to localoptions.h
!!option|config|enabled|disabled = replace option in sysoptions.h
option := (config) ? enabled : disabled
If you're not sure that option's value doesn't have '|' within - add your recipe
manually right after '$(Build/Configure/dropbear_headers)' and write some words
about your decision.
PS about two exclamation marks:
early idea was to use one exclamation mark to denote such header options
but then i thought single exclamation mark may be overlooked by mistake.
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
- add two helper functions to avoid mistakes with
choice of correct header file to work with
- update rules accordingly
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
put static options at first place, then place configurable options.
also put DROPBEAR_ECC right before DROPBEAR_ECC_FULL to ease maintainance.
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
this option was disabled in 2011 and these long nine years showed us that change was definitely wrong.
binary size cost is much less than 1k.
tested on ath79/generic:
bin: 215128 -> 215128 (no change)
ipk: 111108 -> 111183 (+75b)
Fixes: 3c801b3dc0359 ("tune some more options by default to decrease size")
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Cppcheck shows here duplicated break.
Code `state->speed = SPEED_1000;` will be never executed because above
it there is break statement.
Almost identical statement is placed in another realtek driver
18a53d43d6/target/linux/realtek/files-5.4/drivers/net/dsa/rtl83xx/dsa.c (L286-L294)
Signed-off-by: Rafał Mikrut <mikrutrafal@protonmail.com>
Cppcheck shows self initialization error, which is an obvious bug.
Basing on logic of similar fragment below I assigned to this variable,
value `RTL838X_LED_GLB_CTRL` which I think is proper.
Signed-off-by: Rafał Mikrut <mikrutrafal@protonmail.com>
This dd flag ensures that the requested size
is retrieved from pipes or special filesystems (if available).
Without this flag, on multi-core systems,
Piped or special filesystem data can be truncated
when a size greater than PIPE_BUF is requested.
Fixes: FS#3494
Fixes: 7557e7f ("package/base-files: caldata: work around dd's
limitation")
Cc: Thibaut VARÈNE <hacks@slashdirt.org>
Signed-off-by: John Thomson <git@johnthomson.fastmail.com.au>
This enables all OpenSSL API available. It is required to avoid some
silent failures, such as when performing client certificate validation.
Package size increases from 356.6K to 374.7K for
arm_cortex-a9_vfpv3-d16.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Tnis adds the --enable-lighty option to configure, enabling the minimum
API needed to run lighttpd, in the packages feed. Size increase is
about 120 bytes for arm_cortex-a9_vfpv3-d16.
While at it, speed up build by disabling crypt bench/test.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
The Netgear DGND3700v1/DGND3800B shows kernel redundant info at the board
message, already provided by the machine info message.
Use the real board name which is silkscreened on the PCB and used in the
stock firmware header.
Signed-off-by: Daniel González Cabanelas <dgcbueu@gmail.com>
As discussed in the today's (2020-12-10) meeting, add a new option to
menuconfig to group the selection of all experimental features to be
selected by default.
Developers are recommended to make use of this new symbol to guard
new features.
Other developers and community members should feel encouraged to
build with this flag enabled to help testing and provide feedback.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The previous behavior prefered same feed for dependent packages as
initial package. This caused inconsitency in installation of packages.
The difference was if two feeds provide same package (different version)
there was different result if you executed install for that specific
version compared to install for package depending on it from different
feed.
This ensures that preferred feed is propagated without change and
selected feed is used only really for package it was selected for.
Signed-off-by: Karel Kočí <karel.koci@nic.cz>
efb26a3 libopkg: remove "extra_data" option
1d67ab7 libopkg: remove support for "dist" config
Reduces opkg size by about 400 Bytes.
Signed-off-by: Paul Spooren <mail@aparcar.org>
The package has no reason to be in openwrt.git. Move it to packages.git.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Acked-by: Jo-Philipp Wich <jo@mein.io>
Otherwise, a n00b like myself can get quite confused when moving a
package from core to feeds, for example.
(Hint: one *really* needs to clear out the tmp/info/.packageinfo...
entries for the stale package, but '-f' works as well.)
Signed-off-by: Brian Norris <computersforpeace@gmail.com>
Removed since included upstream and could be reverse-applied by quilt:
backport-5.4/315-v5.10-usbnet-ipeth-fix-connectivity-with-ios-14.patch
Remaining modifications made by update_kernel.sh
Build system: x86_64
Build-tested: ipq806x/R7800, ath79/generic, bcm27xx/bcm2711
Run-tested: ipq806x/R7800
No dmesg regressions, everything functional
Signed-off-by: John Audia <graysky@archlinux.us>
Tested-by: Curtis Deptuck <curtdept@me.com> [build/run x86_64]
The lldpd sources ship a modified local AX_LIB_READLINE M4 macro which
conflicts with the official macro shipped by autoconf-archive.
Due to the official macro having the same name and a higher serial
number, autoconf will prefer including that one instead of the local
copy, preventing the substitution of @READLINE_LIBS@ in Makefile.in
templates, ultimately leading to the following build failure when
linking lldpcli:
...-gcc: error: READLINE_LIBS@: No such file or directory
Avoid this problem by renaming the locally shipped macro to not clash
with the official implementation anymore.
Ref: https://github.com/lldpd/lldpd/pull/423
Acked-by: Stijn Tintel <stijn@linux-ipv6.be>
Tested-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Innacomm W3400V6 is an xDSL B/G wireless router based on Broadcom BCM6328 SoC.
Hardware:
SoC: Broadcom BCM6328
CPU: BMIPS4350 V8.0, 320 MHz, 1 core
Flash: SPI-NOR 8MB, MX25L6406E
RAM: 64 MB
Ethernet: 4x 10/100 Mbps
Switch: Integrated
Wireless: 802.11b/g, BCM4312
LEDs/Buttons: 9x / 2x
Flash instruction, web UI:
1) Set a static IP on your computer compatible
with 192.168.1.1, i.e 192.168.1.100
2) Connect the ethernet cable from your computer to the router.
3) Make sure the router is powered off.
4) Press the reset button, don't release it yet!
5) While pressing reset, power on the router.
6) Wait 10 seconds or more.
Note: The power LED is red at first then turns to solid
green when ready.
8) Release the reset button.
9) Browse to 192.168.1.1
10) Select .bin file.
10) Upgrade the image.
11) Wait for it to reboot.
Signed-off-by: Sieng Piaw Liew <liew.s.piaw@gmail.com>
[Ammend commit description, merge patches, DT improvements]
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
This updates uboot-envtools with the updated names from ramips
target.
Fixes: 6d4382711a65 ("ramips: use full names for Xiaomi Mi Router devices")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This aligns the device/image names of the older Xiaomi Mi Router
devices with their "friendly" model and DEVICE_MODEL properties.
This also reintroduces consistency with the newer devices already
following that scheme.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The Xiaomi Mi Router 4A (100M) and 4C are relatively similar in
their specs. Create a shared DTSI for them.
Partitions are split in preparation for Mi Router 4AC.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
It was observed that the MD5 would not change after source files had been
modified, looking deeper into the build process it was discovered that
find_md5 build function makes a list of the files being built and then
passes the list to a summing utility on stdin. The resultant MD5 is of
the file list, not the contents of the files.
The MD5 would change if the ordering of the list changed, or items were
removed or deleted.
The proposed fix is to add the modification time after the filename and
then sort the list to prevent find returning files in a different order
falsely re-triggering a rebuild. The MD5 will now change when a file is
modified or files are added/removed from the list.
Using 'T@' to show time in epoch for timezone independent behaviour.
Signed-off-by: John Beckett <john.beckett@net2edge.com>
This is a neat project, but offers no benefit to OpenWrt. The initial
reason for it was to be a replacement for libstdcpp as it is smaller
and lacks compatibility for C++98. Unfortunately, compiling several
packages with it results in larger ipk sizes.
While not a member of the packages feed, this will be moved to
packages-abandoned to keep it somewhere.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Some packages fail to build on arm64 when PKG_ASLR_PIE_ALL=y, due to
machine-specific size restrictions on the global offset table.
While the manual instructs to recompile with -fPIC if it fails with
-fpic, by doing this per package, there is still a risk of random
breakage due to version bumps or other changes, so let's use -fPIC on
arm64 by default.
While comparing the sizes of 141 packages built with -fpic vs -fPIC,
most packages are either equal or smaller in size. Only 9 of the
compared packages turned out slightly larger.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
mt7621, mt7628an and rt5350 have USB controllers (ehci/ohci or xhci)
enabled by default. Thus, this patch drops redundant status=okay
statements in derived device DTS files.
While at it, also drop an explicit status=okay in mt7621.dtsi, as
this is default.
Note:
For rt5350, about 50 % of the devices enabled ehci/ohci in the DTS
files, and there is actually no device actively disabling it.
It looks like only a few people are aware that the controllers are
enabled by default here.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
At the moment, ehci/ohci is enabled in mt7628an SoC DTSI, then
disabled in the TP-Link-specific DTSI files, and finally enabled
again in the DTS files of the devices needing it.
This on-off-on scheme is hard to grasp on a quick look. Thus, this
patch drops the status in the TP-Link-specific DTSI files, having
the TP-Link devices treated like the rest of mt7628an DTSes, i.e.
ehci/ohci is enabled by default and needs to be disabled explicitly
where needed.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This device is the non-US build of the F9K1115 v2, with a different
firmware magic.
Specifications:
SoC: QCA9558
CPU: 720 MHz
Flash: 16 MiB NOR
RAM: 128 MiB
WiFi 2.4 GHz: QCA9558-AT4A 3x3 MIMO 802.11b/g/n
WiFi 5 GHz: QCA9880-2R4E 3x3 MIMO 802.11a/n/ac
Ethernet: 4x LAN and 1x WAN (all 1gbps)
USB: 1 x USB 2.0 (lower), 1 x USB 3.0 (upper)
MAC addresses based on OEM firmware:
Interface Address Location
--------- ------- --------
lan *:5A sometimes in 0x6
wan *:5B 0x0
2.4Ghz *:5A 0x1002
5Ghz As per mini PCIe EEPROM
Flashing instructions:
The factory.bin can be flashed via the Belkin web UI or via the uboot
http upgrade page.
Once the factory.bin has been written, sysupgrade.bin will work as usual.
Signed-off-by: Damien Mascord <tusker@tusker.org>
Acked-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
[wrap commit message/code, adjust label-mac-device, whitespace fixes,
merge block in 02_network]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Because some padding values in the TP-Link safeloader image generation
were hardcoded, different values were sometimes used throughout a
factory image. TP-Link's upgrade images use the same value everywhere,
so let's do the same here.
Although a lot of TP-Link's safeloader images have padded partition
payloads, images for the EAP-series of AC devices don't. This padding is
therefore also made optional.
By replacing the type of the padding value byte with a wider datatype,
new values outside of the previously valid range become available. Use
these new values to denote that padding should not be performed.
Because char might be signed, also replace the char literals by a
numeric literal. Otherwise '\xff' might be sign extended to 0xffff.
This results in factory images differing by 1 byte for:
* C2600
* ARCHER-C5-V2
* ARCHERC9
* TLWA850REV2
* TLWA855REV1
* TL-WPA8630P-V2-EU
* TL-WPA8630P-V2-INT
* TL-WPA8630P-V2.1-EU
* TLWR1043NDV4
* TL-WR902AC-V1
* TLWR942NV1
* RE200-V2
* RE200-V3
* RE220-V2
* RE305-V1
* RE350-V1
* RE350K-V1
* RE355
* RE450
* RE450-V2
* RE450-V3
* RE500-V1
* RE650-V1
The following factory images no longer have padding, shrinking the
factory images by a few bytes for:
* EAP225-OUTDOOR-V1
* EAP225-V3
* EAP225-WALL-V2
* EAP245-V1
* EAP245-V3
Signed-off-by: Sander Vanheule <sander@svanheule.net>
TP-Link safeloader firmware images contain a number of (small)
partitions with information about the device. These consist of:
* The data length as a 32-bit integer
* A 32-bit zero padding
* The partition data, with its length set in the first field
The OpenWrt factory image partitions that follow this structure are
soft-version, support-list, and extra-para. Refactor the code to put all
common logic into one allocation call, and let the rest of the data be
filled in by the original functions.
Due to the extra-para changes, this patch results in factory images that
change by 2 bytes (not counting the checksum) for three devices:
* ARCHER-A7-V5
* ARCHER-C7-V4
* ARCHER-C7-V5
These were the devices where the extra-para blob didn't match the common
format. The hardcoded data also didn't correspond to TP-Link's (recent)
upgrade images, which actually matches the meta-partition format.
A padding byte is also added to the extra-para partition for EAP245-V3.
Signed-off-by: Sander Vanheule <sander@svanheule.net>
The build option `--withouth-lzo` is added in the Makefile which makes
the existence of lzo obsolete. To remove the lzo package from
openwrt.git entirely, remove the legacy dependency.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
[improved commit message]
Signed-off-by: Paul Spooren <mail@aparcar.org>
Zstd is supported by the crypto API since Linux 4.18. Enable this feature and
reveal the package in the configuration section, so the user can select it.
This allows zstd to be used as a compression algorithm in zram, for example.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Set legacy_rates to 0 by default to disable 802.11b data rates by default.
The time has long come where 802.11b DSSS/CCK data rates should be disabled
by default in OpenWRT. Users in need of 802.11b client support can reasonably
enable these where they are needed.
The balance of equities has significantly, and for a long time, tipped
such that dropping backwards compatibility by default with 802.11b
devices is appropriate, proportionate and justified. By doing so,
management and control traffic is moved by default to a 20
MHz wide 6 Mb/s OFDM data rate instead of a 22 MHz wide 1 Mb/s DSSS data
rate. This is significantly more airtime efficient.
Signed-off-by: Nick Lowe <nick.lowe@gmail.com>
There's no eth0.2 since all ethernet ports as configured as LAN.
LAN LED is unneeded since all ethernet ports have their own LED.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Technicolor TG582n Telecom Italia branded a.k.a.
Telecom Italia ADSL2+ Wi-Fi N (AGTWI)
has the same PCB as the unbranded Technicolor TG582n with LEDs
connected to different GPIO PINs in active low configuration and
different LED names. It has a PCB similar to the OpenWrt's ADB P.DG A4001N1 one.
Hardware:
* Board ID: DANT-V
* SoC: Broadcom BCM6328 (rev b0) @ 320MHz, CPU BMIPS4350
* RAM DDR2: 64 Mbyte - EtronTech EM68B16CWQD-25H
* Serial flash: 16 Mbyte - Spansion FL 128SAIF00
* Ethernet: 4x Ethernet 10/100 baseT
* Wifi 2.4GHz: Broadcom Corporation BCM43227 Wireless Network Adapter (rev 30)
* LEDs: 2x Power, 1x ADSL, 2x Internet, 2x Wi-Fi, 2x Service, 4x ethernet
* Buttons: 1x Reset, 1x WPS (named WiFi/LED)
* UART: 1x TTL 115200n8, VCC GND TX RX, on J3 connector (short R62 and R63)
Installation via CFE:
* Stock CFE has to be overwritten with a generic 6328 one that can upload
.bin images with no signature check (cfe6328_configured.bin)
* Connect a serial port to the board
* Stop the CFE boot process after power on by pressing enter
* Set static IP 192.168.2.10 and subnet mask 255.255.255.0
* Navigate to http://192.168.2.50/
* Upload the OpenWrt image file
PCB: |GPIO: |TG582n: |AGTWI:
LED2R |488(08) |red Power |red Power
LED2G |484(04) |green Power |green Power
LED10R |486(06) | |missing R85 end LED
LED13G |485(05) |green Ethernet |green ADSL
LED11R |494(14) | |red Internet
LED14G |491(11) |green Broadband |green Internet
LED5R |487(07) |red Internet |red Wi-Fi
LED5G |481(01) |green Internet |green Wi-Fi
LED12R |498(18) | |red Service
LED12G |499(19) | |green Service
LED6R |482(02) |red Wi-Fi |missing R108 end LED
LED6G |483(03) |green Wi-Fi |missing R107 end LED
LED7R |490(10) |red WPS |missing R91 end LED
LED7G |489(09) |green WPS |missing R92 end LED
LED4 |508(28) |ethernet port 4 |ethernet port 4
LED3 |507(27) |ethernet port 3 |ethernet port 3
LED9 |506(26) |ethernet port 2 |ethernet port 2
LED8 |505(25) |ethernet port 1 |ethernet port 1
SW3 |503(23) |key Reset |key Reset
SW5 |504(24) |key WPS |key Wi-Fi/LED
SW4 |495(15) |key Wi-Fi |missing R127 end key
SW6 |493(13) | |missing R171 end key
SW1 |492(12) | |missing R1 end key
Signed-off-by: Daniele Castro <danielecastro@hotmail.it>
[DT fixes, base-files fixes and device variant]
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
This sets the --cross-compile-prefix option when running Configure, so
that that it will not use the host gcc to figure out, among other
things, compiler defines. It avoids errors, if the host 'gcc' is
handled by clang:
mips-openwrt-linux-musl-gcc: error: unrecognized command-line option
'-Qunused-arguments'
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Tested-by: Rosen Penev <rosenp@gmail.com>
ADB P.DG A4101N A-000-1A1-AE has a similar PCB as the OpenWrt's ADB P.DG A4001N1
with LEDs connected to different GPIO PINs in active low configuration.
Hardware:
* Board ID: 96328avngv
* SoC: Broadcom BCM6328 (rev b0) @ 320MHz, CPU BMIPS4350
* RAM DDR2: 64 Mbyte - Winbond W9751G6KB-25
* Serial flash: 16 Mbyte - Winbond 25Q128BVFG
* Ethernet: 4x Ethernet 10/100 baseT
* Wifi 2.4GHz: Broadcom Corporation BCM43225 Wireless Network Adapter (rev 23)
* LEDs: 1x Power, 1x DSL, 1x Internet, 4x ETH, 1x USB, 1x WLAN, 1x WPS, 1x TEL
* Buttons: 1x Reset, 1x WPS, 1x unnamed
* UART: 1x TTL 115200n8, VCC RX TX GND, on J502 connector
Installation via CFE:
* Stock CFE has to be overwritten with a generic 6328 one that can upload
.bin images with no signature check (cfe6328_configured.bin)
* Connect a serial port to the board
* Stop the cfe boot process after power on by pressing enter
* Set static IP 192.168.2.10 and subnet mask 255.255.255.0
* Navigate to http://192.168.2.50/
* Upload the OpenWrt image file
A4101N GPIO LAYOUT:
Power always on
DSL GPIO483(03)
Internet GPIO491(11)
ETH1 GPIO505(25)
ETH2 GPIO506(26)
ETH3 GPIO507(27)
ETH4 GPIO508(28)
USB GPIO490(10)
WLAN controlled by BCM43225
WPS GPIO489(09)
TEL GPIO511(31)
Key RESET GPIO503(23)
Key WPS GPIO504(24)
Key unnamed GPIO492(12)
Signed-off-by: Daniele Castro <danielecastro@hotmail.it>
[Amend commit description, DTS improvements, refresh patches]
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>