Commit Graph

19469 Commits

Author SHA1 Message Date
Hans Dedecker
a23d132cff odhcp6c: update to git HEAD
7d21e8d dhcpv6: add option to ignore stateless advertise

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2022-08-05 18:31:24 +02:00
Chen Minqiang
31cca8f8d3 umdns: add missing syscall to seccomp filter
There is some syscall missing:
'getdents64'
'getrandom'
'statx'
'newfstatat'

Found with:
'mkdir /etc/umdns; ln -s /tmp/1.json /etc/umdns/; utrace /usr/sbin/umdns'

Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
2022-08-05 14:10:42 +02:00
Wenli Looi
4cccea02a6 ramips: fix fw_setsys
This change was included in the original pull request but later omitted
for some reason:

https://github.com/openwrt/openwrt/pull/4936

Signed-off-by: Wenli Looi <wlooi@ucalgary.ca>
2022-08-05 14:10:42 +02:00
Wenli Looi
0bfe1cfbb1 ramips: support fw_printenv for Netgear WAX202
Config partition contains uboot env for the first 0x20000 bytes.
The rest of the partition contains other data including the device MAC
address and the password printed on the label.

Signed-off-by: Wenli Looi <wlooi@ucalgary.ca>
2022-08-05 14:10:42 +02:00
Leo Soares
2b03f207e0 kernel: add kmod-usb-hid-mcp2221
"The MCP2221 is a USB-to-UART/I2C serial converter which enables
USB connectivity in applications that have a UART and I2C interfaces."
<https://www.microchip.com/en-us/product/MCP2221>

Signed-off-by: Leo Soares <leo@hyper.ag>
(replaced GPIOLIB KConfig with @GPIO_SUPPORT)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2022-08-05 14:10:42 +02:00
Christian Lamparter
3678881773 kernel: usb-serial-cp210x: @GPIO_SUPPORT
all other drivers depend on @GPIO_SUPPORT rather than
forcing CONFIG_GPIOLIB=y.

(I wonder what would happen if someone decides to try
UML with USBIP?)

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2022-08-05 14:10:42 +02:00
Roland Barenbrug
456b9029d7 ltq-vdsl-app: Fix counter overflow resulting in negative values
The re-transmit counters can overflow the 32 bit representation resulting
in negative values being displayed. Background being that the numbers are
treated at some point as signed INT rather than unsigned INT.
Change the counters from 32 bit to 64 bit, should provide sufficient room
to avoid any overflow. Not the nicest solution but it works

Fixes: #10077
Signed-off-by: Roland Barenbrug <roland@treslong.com>
Acked-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
2022-08-05 13:49:30 +02:00
Mark Mentovai
beeb49740b libmnl: fix build when bash is not located at /bin/bash
This fixes the libmnl build on macOS, which ships with an outdated bash
at /bin/bash. During the OpenWrt build, a modern host bash is built and
made available at staging_dir/host/bin/bash, which is present before
/bin/bash in the build's PATH.

This is similar to 8f7ce3aa6d, presently appearing at
package/kernel/mac80211/patches/build/001-fix_build.patch.

Signed-off-by: Mark Mentovai <mark@mentovai.com>
2022-07-31 20:30:20 +02:00
Shiji Yang
1330816178 ramips: add support for H3C TX1800 Plus / TX1801 Plus / TX1806
H3C TX180x series WiFi6 routers are customized by different carrier.
While these three devices look different, they use the same motherboard
inside. Another minor difference comes from the model name definition
in the u-boot environment variable.

Specifications:
 SOC:      MT7621 + MT7915
 ROM:      128 MiB
 RAM:      256 MiB
 LED:      status *2
 Button:   reset *1 + wps/mesh *1
 Ethernet:        lan *3 + wan *1 (10/100/1000Mbps)
 TTL Baudrate:    115200
 TFTP server IP:  192.168.124.99

MAC Address:
 use        address(sample 1)   address(sample 2)    source
 label      88:xx:xx:98:xx:12   88:xx:xx:a2:xx:a5   u-boot-env@ethaddr
 lan        88:xx:xx:98:xx:13   88:xx:xx:a2:xx:a6   $label +1
 wan        88:xx:xx:98:xx:12   88:xx:xx:a2:xx:a5   $label
 WiFi4_2G   8a:xx:xx:58:xx:14   8a:xx:xx:52:xx:a7   (Compatibility mode)
 WiFi5_5G   8a:xx:xx:b8:xx:14   8a:xx:xx:b2:xx:a7   (Compatibility mode)
 WiFi6_2G   8a:xx:xx:18:xx:14   8a:xx:xx:12:xx:a7
 WiFi6_5G   8a:xx:xx:78:xx:14   8a:xx:xx:72:xx:a7

Compatibility mode is used to guarantee the connection of old devices
that only support WiFi4 or WiFi5.

TFTP + TTL Installation:
Although a TTL connection is required for installation, we do not need
to tear down it. We can find the TTL port from the cooling hole at the
bottom. It is located below LAN3 and the pins are defined as follows:
|LAN1|LAN2|LAN3|----|WAN|
--------------------
    |GND|TX|RX|VCC|

1. Set tftp server IP to 192.168.124.99 and put initramfs firmware in
   server's root directory, rename it to a simple name "initramfs.bin".
2. Plug in the power supply and wait for power on, connect the TTL cable
   and open a TTL session, enter "reboot", then enter "Y" to confirm.
   Finally push "0" to interruput boot while booting.
3. Execute command to install a initramfs system:
   # tftp 0x80010000 192.168.124.99:initramfs.bin
   # bootm 0x80010000
4. Backup nand flash by OpenWrt LuCI or dd instruction. We need those
   partitions if we want to back to stock firmwre due to official
   website does not provide download link.
   # dd if=/dev/mtd1 of=/tmp/u-boot-env.bin
   # dd if=/dev/mtd4 of=/tmp/firmware.bin
5. Edit u-boot env to ensure use default bootargs and first image slot:
   # fw_setenv bootargs
   # fw_setenv bootflag 0
6. Upgrade sysupgrade firmware.
7. About restore stock firmware: flash the "firmware" and "u-boot-env"
   partitions that we backed up in step 4.
   # mtd write /tmp/u-boot-env.bin u-boot-env
   # mtd write /tmp/firmware.bin firmware

Additional Info:
The H3C stock firmware has a 160-byte firmware header that appears to
use a non-standard CRC32 verification algorithm. For this part of the
data, the u-boot does not check it so we can just directly replace it
with a placeholder.

Signed-off-by: Shiji Yang <yangshiji66@qq.com>
2022-07-31 19:23:24 +02:00
Andre Heider
81bc733c33 arm-trusted-firmware-mvebu: update cm3 gcc to 11.2
https://developer.arm.com/tools-and-software/open-source-software/developer-tools/gnu-toolchain/downloads

Signed-off-by: Andre Heider <a.heider@gmail.com>
2022-07-31 18:53:24 +02:00
Andre Heider
794cefd3e3 arm-trusted-firmware-mvebu: update to v2.7
Remove the backported patches and add another to allow building with the
OpenWrt build system.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2022-07-31 18:53:24 +02:00
Andre Heider
0fbe36f945 arm-trusted-firmware-mvebu: bump mox-boot-builder to v2022.06.11
Remove the gold patch, since upstream doesn't hardcode it anymore.

406454d wtmi: Don't print another newline on standalone build
ec97868 Bump mox-imager commit
e4c4b9d wtmi: Call main from C code in startup
4c1d3ff wtmi: Move startup assmebly to C file as inline assmebly
ee570ea wtmi: Indent Makefiles
18a7c0b wtmi: Use -f{function,data}-sections and --gc-sections
47ad100 wtmi: Use bfd linker instead of gold
5e34aa1 wtmi: Keep .data* and .bss* sections in linker scripts
7a4e3d2 wtmi: compressed, reload_helper: Discard .ARM* section
d943726 wtmi: compressed: Keep main function in linker script
d4f0fc6 wtmi: Keep main function in linker script
092148c wtmi: Fix -Warray-bounds warning
469e1b6 wtmi: Add do_div() implementation from Linux
90f46a0 Bump mox-imager commit
8bc6254 wtmi: Always use gold and link with --rosegment and --gc-sections flags
0b68a33 wtmi: Implement Marvell's OTP write commands
53d2a1c Bump mox-imager commit
b4c34b4 Rename arm-trusted-firmware to trusted-firmware-a
5f79ace Sync mox-imager submodule URL
a1cdd32 Sync TF-A submodule URL
58ef1af Sync u-boot submodule URL
90d28e1 wtmi: Check argument validity in Marvell's CMD_OTP_READ_1B command more
3a48cf1 Bump mox-imager commit
807a3e1 wtmi: Implement Marvell's OTP read commands
77b1232 wtmi: Enable OTP read/write mailbox commands
9724d41 wtmi: Add is_secure_boot()
03de0c1 Bump mox-imager commit
2133601 wtmi: Fix efuse_write_row_with_ecc_lock() for masked ECC rows
545a89f wtmi: Don't allow masked rows in efuse_write_row_with_ecc_lock()
94ebc98 wtmi: Don't program already programmed bits in efuse_raw_write()
2369750 wtmi: Remove inline specifier from is_row_masked()
53e2636 wtmi: Use ARRAY_SIZE()
cc3e23b wtmi: Remove duplicate checks
89d24be Makefile: ignore clean target errors
9ee8b8d Bump mox-imager commit
489262b Bump mox-imager commit
79d2f32 deploy: Print board type in deploy output
78f15b0 deploy: Print board version without board type bits in deploy output
e69fdfa deploy: Always determine 512 MiB RAM when deploying RIPE Atlas Probe
d1f7d07 deploy: Write eMMC Boot Mode into OTP when deploying RIPE Atlas Probe
d43a089 Bump mox-imager commit
49ac21d deploy: Use get_ram_size() from ddr.c
1e7705d Print DDR type and size when initializing
6f85e72 Move get_ram_size() to ddr.c
edb1079 wtmi: Rename Atlas_RIPE to RIPE_Atlas
e6a3aee wtmi: Inform about board type in CMD_BOARD_INFO
50aeae5 wtmi: Read only bits 53:48 of row eFuse 42 as board version
b882398 wtmi: Add README.md (document OTP content)
c068431 wtmi: Add ARRAY_SIZE() macro
4af2317 wtmi: Use 50 MHz as SPI clock rate
226fc5c wtmi: Add fast spi_write() function
518c914 wtmi: clock: Check for zero loops, not argument, in ndelay() / udelay()
89a21c5 wtmi: Fix comment
7b3e11a wtmi: Add clk command to print xtal and TBG clock rates
5127638 wtmi: Use the signed keyword when defining signed types
fb31ed2 wtmi: Fix DDR training failure check
1b1b938 wtmi: clock: Check for zero in ndelay() / udelay()
c0ee09a wtmi: Print correct DDR version in debug message
edfb875 Bump mox-imager commit
85cb5e3 Bump mox-imager commit
c4e9334 wtmi: debug: interpret char 127 as backspace
a778fd9 Bump mox-imager commit

Signed-off-by: Andre Heider <a.heider@gmail.com>
2022-07-31 18:53:23 +02:00
Andre Heider
b0bbd273df arm-trusted-firmware-mvebu: bump mv-ddr-marvell to current version
6ff988f mv_ddr: a3700: Use the right size for memset to not overflow
0f3e893 mv_ddr: a38x: fix BYTE_HOMOGENEOUS_SPLIT_OUT decision
4bae770 mv_ddr: a38x: fix SPLIT_OUT_MIX state decision
cdefd8b mv_ddr: a38x: Fix Synchronous vs Asynchronous mode determination
8c42ad9 mv_ddr_4_training: cast uint64_t to unsigned long long

Signed-off-by: Andre Heider <a.heider@gmail.com>
2022-07-31 18:53:23 +02:00
Andre Heider
a547cb97c3 arm-trusted-firmware-mvebu: bump a3700-utils to current version
1d97715 wtmi: Discard ELF symbols from firmware binary
2d2a21c wtmi: Allow access to the 43th OTP row
e733e9f Fix boot from SATA build
4392eaf wtmi: Fix sending status code of cmd execution
14b3c61 Wtpdownloader: Remove out-of-dated x86-64 ELF binary WtpDownload_linux
e345b95 Wtpdownloader: Fix setting tty c_cflag options
0c502d5 Wtpdownloader: Call HandlePendingMessages() after Port->WtpCmd is freed
d91761a Wtpdownloader: Fix memory leaks
bc11d18 Wtpdownloader: Check for number of read bytes prior touching read buffer
58db335 Wtpdownloader: Add missing check in SendContinuousForceConsoleMode() if byte was really read
a4029c0 Wtpdownloader: Fix 32/64-bit host detection
3679034 Wtpdownloader: Print missing newline at the end of output

Signed-off-by: Andre Heider <a.heider@gmail.com>
2022-07-31 18:53:23 +02:00
Andre Heider
a2122b518e uboot-mvebu: update to v2022.07
Remove one merged patch.

Signed-off-by: Andre Heider <a.heider@gmail.com>
Tested-by: Josef Schlehofer <pepe.schlehofer@gmail.com> [Turris Omnia]
2022-07-31 18:53:23 +02:00
Hauke Mehrtens
3aa18f71f9 mac80211: Update to version 5.15.58-1
This updates mac80211 to version 5.15.58-1 which is based on kernel
5.15.58.
The removed patches were applied upstream.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-07-31 16:22:08 +02:00
Boris Krasnovskiy
d94c94d795 ustream-ssl: prevent unused crypto lib dependencies from being compiled
Prevented unused crypto lib dependencies from being compiled

Signed-off-by: Boris Krasnovskiy <borkra@gmail.com>
2022-07-31 00:11:21 +02:00
Boris Krasnovskiy
00718b9d7a hostapd: prevent unused crypto lib dependencies from being compiled
Prevented unused crypto lib dependencies from being compiled

Signed-off-by: Boris Krasnovskiy <borkra@gmail.com>
2022-07-31 00:11:21 +02:00
John Audia
c2aa816f28 wolfssl: fix math library build
Apply upstream patch[1] to fix breakage around math libraries.
This can likely be removed when 5.5.0-stable is tagged and released.

Build system: x86_64
Build-tested: bcm2711/RPi4B
Run-tested: bcm2711/RPi4B

1. https://github.com/wolfSSL/wolfssl/pull/5390

Signed-off-by: John Audia <therealgraysky@proton.me>
2022-07-31 00:11:21 +02:00
Nick Hainke
7455457893 libcap: update to 2.65
Changes:
a47d86d Up the release version to 2.65
fc99e56 Include more signatures in pgp.keys.asc.
52288cc Close out this comment in the go/Makefile
eb0f1df Prevent 'capsh --user=xxx --' from generating a bash error.
9a95791 Improve documentation for cap_get_pid and cap_reset_ambient.
21d08b0 Fix syntax error in DEBUG protected setcap.c code.
9425048 More useful captree usage string and man page.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-07-30 23:50:44 +02:00
Nick Hainke
97daddffd0 libcap: update to 2.64
Changes:
38cfa2e Up the release version to 2.64
7617af6 Avoid a deadlock in forked psx thread exit.
fc029cb Include LIBCAP_{MAJOR,MINOR} #define's in sys/capability.h
ceaa591 Clarify how the cap_get_pid() argument is interpreted.
15cacf2 Fix prctl return code/errno handling in libcap.
aae9374 Be explicit about CGO_ENABLED=1 for compare-cap build.
66a8a14 psx: free allocated memory at exit.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-07-30 23:50:44 +02:00
Dávid Benko
f920908626 odhcp6c: update to latest git HEAD
9212bfc odhcp6c: fix IA discard when T1 > 0 and T2 = 0

Signed-off-by: Dávid Benko <davidbenko@davidbenko.dev>
2022-07-30 23:50:44 +02:00
Daniel Golle
dbe53352e3 kernel: add kmod-nvme package
Add driver for NVM Express block devices, ie. PCIe connected SSDs.

Targets which allow booting from NVMe (x86, maybe some mvebu boards come
to mind) should have it built-in, so rootfs can be mounted from there.
For targets without NVMe support in bootloader or BIOS/firmware it's
sufficient to provide the kernel module package.

On targets having the NVMe driver built-in the resulting kmod package
is an empty dummy. In any case, depending on or installing kmod-nvme
results in driver support being available (either because it was already
built-in or because the relevant kernel modules are added and loaded).

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-07-30 19:04:36 +02:00
Daniel Golle
603aaceb42 uboot-mediatek: reorder patches
Rename/reorder patches to avoid duplicate usage of 300-* prefix.
No functional changes.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-07-30 19:03:54 +02:00
Jo-Philipp Wich
0063e3421d wolfssl: make shared again
Disable the usage of target specific CPU crypto instructions by default
to allow the package being shared again. Since WolfSSL does not offer
a stable ABI or a long term support version suitable for OpenWrt release
timeframes, we're forced to frequently update it which is greatly
complicated by the package being nonshared.

People who want or need CPU crypto instruction support can enable it in
menuconfig while building custom images for the few platforms that support
them.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2022-07-30 12:21:54 +02:00
Rafał Miłecki
a8e1e30543 uboot-bcm4908: include SoC in output files
This fixes problem of overwriting BCM4908 U-Boot and DTB files by
BCM4912 ones. That bug didn't allow booting BCM4908 devices.

Fixes: f4c2dab544 ("uboot-bcm4908: add BCM4912 build")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2022-07-25 18:13:12 +02:00
Christian Lamparter
d4391ef073 layerscape: update remaining PKG_HASH / PKG_MIRROR_HASH
The change of the PKG_VERSION caused the hash of the package to
change. This is because the PKG_VERSION is present in the
internal directory structure of the archive.

Fixes: e879cccaa2 ("uboot-layerscape: update PKG_HASH")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2022-07-22 22:03:27 +02:00
David Bauer
a0b7fef0ff ramips: add support for ZyXEL NWA50AX / NWA55AXE
Hardware
--------
CPU:    Mediatek MT7621
RAM:    256M DDR3
FLASH:  128M NAND
ETH:    1x Gigabit Ethernet
WiFi:   Mediatek MT7915 (2.4/5GHz 802.11ax 2x2 DBDC)
BTN:    1x Reset (NWA50AX only)
LED:    1x Multi-Color (NWA50AX only)

UART Console
------------
NWA50AX:
Available below the rubber cover next to the ethernet port.
NWA55AXE:
Available on the board when disassembling the device.

Settings: 115200 8N1

Layout:

<12V> <LAN> GND-RX-TX-VCC

Logic-Level is 3V3. Don't connect VCC to your UART adapter!

Installation Web-UI
-------------------
Upload the Factory image using the devices Web-Interface.

As the device uses a dual-image partition layout, OpenWrt can only
installed on Slot A. This requires the current active image prior
flashing the device to be on Slot B.

If the currently installed image is started from Slot A, the device will
flash OpenWrt to Slot B. OpenWrt will panic upon first boot in this case
and the device will return to the ZyXEL firmware upon next boot.

If this happens, first install a ZyXEL firmware upgrade of any version
and install OpenWrt after that.

Installation TFTP
-----------------
This installation routine is especially useful in case
 * unknown device password (NWA55AXE lacks reset button)
 * bricked device

Attach to the UART console header of the device. Interrupt the boot
procedure by pressing Enter.

The bootloader has a reduced command-set available from CLI, but more
commands can be executed by abusing the atns command.

Boot a OpenWrt initramfs image available on a TFTP server at
192.168.1.66. Rename the image to owrt.bin

 $ atnf owrt.bin
 $ atna 192.168.1.88
 $ atns "192.168.1.66; tftpboot; bootm"

Upon booting, set the booted image to the correct slot:

 $ zyxel-bootconfig /dev/mtd10 get-status
 $ zyxel-bootconfig /dev/mtd10 set-image-status 0 valid
 $ zyxel-bootconfig /dev/mtd10 set-active-image 0

Copy the OpenWrt ramboot-factory image to the device using scp.
Write the factory image to NAND and reboot the device.

 $ mtd write ramboot-factory.bin firmware
 $ reboot

Signed-off-by: David Bauer <mail@david-bauer.net>
2022-07-20 21:52:06 +02:00
Hauke Mehrtens
d1b5d17d03 wolfssl: Do not activate HW acceleration on armvirt by default
The armvirt target is also used to run OpenWrt in lxc on other targets
like a Raspberry Pi. If we set WOLFSSL_HAS_CPU_CRYPTO by default the
wolfssl binray is only working when the CPU supports the hardware crypto
extension.

Some targets like the Raspberry Pi do not support the ARM CPU crypto
extension, compile wolfssl without it by default. It is still possible
to activate it in custom builds.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-07-20 17:02:45 +02:00
Eneas U de Queiroz
bc43ad88ed
uencrypt: add package to decrypt WG4хх223 config
This adds a simple AES-128-CBC encryption/decryption program using
either wolfSSL or OpenSSL as backend to decrypt Arcadyan WG4xx223
configuration partitions.  The ipk size is 3,355 bytes.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2022-07-19 14:53:29 +02:00
Oleg S
6c7e337c80
ramips: Add support command fw_setsys for Xiaomi routers
The system parameters are contained in the Bdata partition.
To use the fw_setsys command, you need to create a file
fw_sys.config.
This file is created after calling the functions
ubootenv_add_uci_sys_config and ubootenv_add_app_config.

Signed-off-by: Oleg S <remittor@gmail.com>
[ wrapped commit description to 72 char ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-07-19 14:40:21 +02:00
Rosen Penev
5ad67cc513 libiconv-full: add host build
Now that libiconv-stub is gone, a replacement for its host build is
needed.

Fixes: c0ba4201f8 ("libiconv-stub: remove")
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2022-07-17 14:21:03 +02:00
Christian Lamparter
b479db9062 sdk: add spidev-test to the bundle of userspace sources
moves and extends the current facilities, which have been
added some time ago for the the usbip utility, to support
more utilites that are shipped with the Linux kernel tree
to the SDK.

this allows to drop all the hand-waving and code for
failed previous attempts to mitigate the SDK build failures.

Fixes: bdaaf66e28 ("utils/spidev_test: build package directly from Linux")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2022-07-17 14:19:21 +02:00
Catalin Toda
488b25f5ac kernel: netconsole: add network console logging support
Accessing the console on many devices is difficult.
netconsole eases debugging on devices that crash
after the network is up.

Reference to the netconsole documentation in upstream Linux:
<https://www.kernel.org/doc/html/latest/networking/netconsole.html>
|
|netconsole=[+][src-port]@[src-ip]/[<dev>],[tgt-port]@<tgt-ip>/[tgt-macaddr]
|
| where
|  +            if present, enable extended console support
|  src-port     source for UDP packets (defaults to 6665)
|  src-ip       source IP to use (interface address)
|  dev          network interface (eth0)
|  tgt-port     port for logging agent (6666)
|  tgt-ip       IP address for logging agent
|  tgt-macaddr  ethernet MAC address for logging agent (broadcast)

OpenWrt specific notes:

OpenWrt's device userspace scripts are attaching the network
interface (i.e. eth0) to a (virtual) bridge (br-lan) device.
This will cause netconsole to report:
|network logging stopped on interface eth0 as it is joining a master device
(and unfortunately the traffic/logs to stop at this point)

As a workaround, the netconsole module can be manually loaded
again after the bridge has been setup with:

 insmod netconsole netconsole=@/br-lan,@192.168.1.x/MA:C...

One way of catching errors before the handoff, try to
append the /etc/modules.conf file with the following extra line:
 options netconsole netconsole=@/eth0,@192.168.1.x/MA:C...

and install the kmod-netconsole (=y) into the base image.

Signed-off-by: Catalin Toda <catalinii@yahoo.com>
(Added commit message from PR, added links to documentation)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2022-07-17 14:18:42 +02:00
Christian Lamparter
e879cccaa2 uboot-layerscape: update PKG_HASH
The change of the PKG_VERSION caused the hash of the package to
change. This is because the PKG_VERSION is present in the
internal directory structure of the uboot-layerscape-21.08.tar.xz
archive.

i.e:
 # tar tf uboot-layerscape-21.08.tar.xz:

uboot-layerscape-21.08/
uboot-layerscape-21.08/.azure-pipelines.yml
uboot-layerscape-21.08/.checkpatch.conf
uboot-layerscape-21.08/.gitattributes
uboot-layerscape-21.08/.github/
[...]

vs.

 # tar tf uboot-layerscape-LSDK-21.08.tar.xz
uboot-layerscape-LSDK-21.08/
uboot-layerscape-LSDK-21.08/.azure-pipelines.yml
uboot-layerscape-LSDK-21.08/.checkpatch.conf
uboot-layerscape-LSDK-21.08/.gitattributes
uboot-layerscape-LSDK-21.08/.github/
[...]

the (file) content of both archives are otherwise the same.

The PKG_HASH was taken from the builder log:
| Hash of the local file uboot-layerscape-21.08.tar.xz does not match
|(file: 54909a98bdcc26c7f9b35b35fcae09b977ecbf044be7bffa6dad9306c47cccf6,
|requested: 874e871755ef84ebbf3[...]) - deleting download.

without this update, the uboot-layerscape-21.08 package would
always try to download (from git), repacked the archive and
reupload to sources.openwrt.org (~14 MiB saved).

Fixes: 038d5bdab1 ("layerscape: use semantic versions for LSDK")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2022-07-17 14:14:54 +02:00
Rosen Penev
5dca7d7015 mbedtls: build with PIC
Fixes compilation with GCC12 and dependent packages for some reason.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-07-17 13:43:48 +02:00
Christian Lamparter
e3a1d3ba15 ipq-wifi: remove dangling GL.iNet GL-B2200 boardfiles
those board files can/should be dropped now too.

Fixes: 50c232d6f4 ("ipq-wifi: drop upstreamed board-2.bin")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2022-07-17 13:43:48 +02:00
Christian Lamparter
e0e6444930 nu801: fix DEPENDS on bcm53xx
the tacked on @TARGET_bcm53xx causes warnings:
tmp/.config-package.in:14027:warning: ignoring unsupported character '@'
tmp/.config-package.in:26028:warning: ignoring unsupported character '@'

this was wrong.

Fixes: be1761fa14 ("nu801: add MR26 to the table")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2022-07-17 13:43:48 +02:00
Christian Marangi
e62d1edd6b
procd: update to git HEAD
ef5d3e3 jail: fix various ignoring return value compilation warning
8e4a956 jail: add WARNING macro to log non critical warning message

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-07-17 13:21:45 +02:00
Christian Marangi
d58ce80080
fstools: update to git HEAD
ebf7e90 libfstools: handle gzip return value in block_volume_format

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-07-17 13:21:45 +02:00
Christian Marangi
ef3d0a3029
ubox: update to latest git HEAD
46a33b8 kmodloader: fix compilation warning with not checking return of asprintf

Also switch PKG_RELEASE to AUTORELEASE.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-07-17 03:12:45 +02:00
Eneas U de Queiroz
9710fe70a6
wolfssl: bump to 5.4.0
This version fixes two vulnerabilities:
-CVE-2022-34293[high]: Potential for DTLS DoS attack
-[medium]: Ciphertext side channel attack on ECC and DH operations.

The patch fixing x86 aesni build has been merged upstream.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2022-07-16 22:22:40 +02:00
Christian Lamparter
be1761fa14 nu801: add MR26 to the table
The MR26 uses a NU801 for the RGB-Leds. Make the LEDs
available.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2022-07-15 15:21:44 +02:00
Christian Lamparter
cb3d0250db module/firmware: remove intersil PRISM54 support
the legacy driver was dropped in linux 5.14-rc3:
commit d249ff28b1d8 ("intersil: remove obsolete prism54 wireless driver")

Quoting Lukas Bulwahn:
"p54 replaces prism54 so users should be unaffected."

Reported-by: Marius Dinu <m95d+git@psihoexpert.ro>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2022-07-15 15:21:44 +02:00
Christian Lamparter
f0c1d26738 utils/spidev_test: side-step build-system woes
The spidev_test is build in phase2 even though it should be disabled.
My best guess is that we hit the same issue that I had with nu801.
The build-system thinks it's a tool that is necessary for
building the kernel.

In this case, the same fix (adding a dependency on the presence of
the module) could work in this case as well?

Fixes: bdaaf66e28 ("utils/spidev_test: build package directly from Linux")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2022-07-15 15:21:44 +02:00
Christian Lamparter
50c232d6f4 ipq-wifi: drop upstreamed board-2.bin
The BDFs for the:
	GL.iNet GL-B2200

were upstreamed to the ath10k-firmware repository
and landed in linux-firmware.git

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2022-07-15 15:21:44 +02:00
Christian Lamparter
fffb8cacf1 linux-firmware: Update to version 20220610
git log --pretty=oneline --abbrev-commit 20220509..20220610 (sorted)

amdgpu:
4458bb4 amdgpu: update yellow carp DMCUB firmware
9ed4d42 amdgpu: update Yellow Carp VCN firmware
251d290 amdgpu: update beige goby firmware for 22.10
d4346b3 amdgpu: update renoir firmware for 22.10
b3df9c4 amdgpu: update dimgrey cavefish firmware for 22.10
e1b0a1c amdgpu: update vega20 firmware for 22.10
4a0d163 amdgpu: update yellow carp firmware for 22.10
e8f2e54 amdgpu: update vega12 firmware for 22.10
7a7f84a amdgpu: update navy flounder firmware for 22.10
5a6a482 amdgpu: update vega10 firmware for 22.10
4ee52ee amdgpu: update raven2 firmware for 22.10
e2d460f amdgpu: update raven firmware for 22.10
5b52a90 amdgpu: update sienna cichlid firmware for 22.10
c8268e6 amdgpu: update green sardine firmware for 22.10
f29f5b5 amdgpu: update PCO firmware for 22.10
95b5b3f amdgpu: update vangogh firmware for 22.10
6dcbd01 amdgpu: update navi14 firmware for 22.10
f803fbd amdgpu: update navi12 firmware for 22.10
8923000 amdgpu: update navi10 firmware for 22.10
4b2af01 amdgpu: update aldebaran firmware for 22.10

ath10k:
2aa4da3 ath10k: QCA9984 hw1.0: update firmware-5.bin to 10.4-3.9.0.2-00157
f7cc4b4 ath10k: QCA9888 hw2.0: update board-2.bin
e9e987d ath10k: QCA9888 hw2.0: update firmware-5.bin to 10.4-3.9.0.2-00157
866b5b2 ath10k: QCA4019 hw1.0: update board-2.bin

intel:
ac640f0 linux-firmware: Update firmware file for Intel Bluetooth 9462
38dd3f2 linux-firmware: Update firmware file for Intel Bluetooth 9462
72e1216 linux-firmware: Update firmware file for Intel Bluetooth 9560
94c49b4 linux-firmware: Update firmware file for Intel Bluetooth 9560
e4971d1 linux-firmware: Update firmware file for Intel Bluetooth AX201
78c3731 linux-firmware: Update firmware file for Intel Bluetooth AX201
12564a2 linux-firmware: Update firmware file for Intel Bluetooth AX211
edc709e linux-firmware: Update firmware file for Intel Bluetooth AX211
9546d55 linux-firmware: Update firmware file for Intel Bluetooth AX210
111bd14 linux-firmware: Update firmware file for Intel Bluetooth AX200
ac67ec3 linux-firmware: Update firmware file for Intel Bluetooth AX201
99cb4b0 iwlwifi: add new FWs from core70-87 release
7073b8a iwlwifi: update 9000-family firmwares to core70-87
f9e0b9f iwlwifi: remove old unsupported 3160/7260/7265/8000/8265 firmware
7d118ce linux-firmware: Update firmware file for Intel Bluetooth 9462
30dcf82 linux-firmware: Update firmware file for Intel Bluetooth 9462
7d141a6 linux-firmware: Update firmware file for Intel Bluetooth 9560
741fee8 linux-firmware: Update firmware file for Intel Bluetooth 9560
e7214a2 linux-firmware: Update firmware file for Intel Bluetooth AX201
0e3e49a linux-firmware: Update firmware file for Intel Bluetooth AX201
46cfae6 linux-firmware: Update firmware file for Intel Bluetooth AX211
16c926e linux-firmware: Update firmware file for Intel Bluetooth AX211
f293900 linux-firmware: Update firmware file for Intel Bluetooth AX210
41386cc linux-firmware: Update firmware file for Intel Bluetooth AX200
62235c9 linux-firmware: Update firmware file for Intel Bluetooth AX201

realtek:
7eef50f rtw88: 8822c: Update normal firmware to v9.9.13
23b5428 rtw88: 8822c: Update normal firmware to v9.9.12

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2022-07-15 15:21:44 +02:00
Rosen Penev
c0ba4201f8 libiconv-stub: remove
No longer used.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-07-15 15:21:44 +02:00
Christian Lamparter
2747a94f09 firmware: intel-microcode: update to 20220510
Debians' changelog by Henrique de Moraes Holschuh <hmh@debian.org>:

 * New upstream microcode datafile 20220419
  * Fixes errata APLI-11 in Atom E3900 series processors
  * Updated Microcodes:
    sig 0x000506ca, pf_mask 0x03, 2021-11-16, rev 0x0028, size 16384

 * New upstream microcode datafile 20220510
  * Fixes INTEL-SA-000617, CVE-2022-21151:
    Processor optimization removal or modification of security-critical
    code may allow an authenticated user to potentially enable information
    disclosure via local access (closes: #1010947)
  * Fixes several errata (functional issues) on Xeon Scalable, Atom C3000,
    Atom E3900
  * New Microcodes:
    sig 0x00090672, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992
    sig 0x00090675, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992
    sig 0x000906a3, pf_mask 0x80, 2022-03-24, rev 0x041c, size 212992
    sig 0x000906a4, pf_mask 0x80, 2022-03-24, rev 0x041c, size 212992
    sig 0x000b06f2, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992
    sig 0x000b06f5, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992
  * Updated Microcodes:
    sig 0x00030679, pf_mask 0x0f, 2019-07-10, rev 0x090d, size 52224
    sig 0x000406e3, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 106496
    sig 0x00050653, pf_mask 0x97, 2021-11-13, rev 0x100015d, size 34816
    sig 0x00050654, pf_mask 0xb7, 2021-11-13, rev 0x2006d05, size 43008
    sig 0x00050656, pf_mask 0xbf, 2021-12-10, rev 0x4003302, size 37888
    sig 0x00050657, pf_mask 0xbf, 2021-12-10, rev 0x5003302, size 37888
    sig 0x0005065b, pf_mask 0xbf, 2021-11-19, rev 0x7002501, size 29696
    sig 0x000506c9, pf_mask 0x03, 2021-11-16, rev 0x0048, size 17408
    sig 0x000506e3, pf_mask 0x36, 2021-11-12, rev 0x00f0, size 109568
    sig 0x000506f1, pf_mask 0x01, 2021-12-02, rev 0x0038, size 11264
    sig 0x000606a6, pf_mask 0x87, 2022-03-30, rev 0xd000363, size 294912
    sig 0x000706a1, pf_mask 0x01, 2021-11-22, rev 0x003a, size 75776
    sig 0x000706a8, pf_mask 0x01, 2021-11-22, rev 0x001e, size 75776
    sig 0x000706e5, pf_mask 0x80, 2022-03-09, rev 0x00b0, size 112640
    sig 0x000806a1, pf_mask 0x10, 2022-03-26, rev 0x0031, size 34816
    sig 0x000806c1, pf_mask 0x80, 2022-02-01, rev 0x00a4, size 109568
    sig 0x000806c2, pf_mask 0xc2, 2021-12-07, rev 0x0026, size 97280
    sig 0x000806d1, pf_mask 0xc2, 2021-12-07, rev 0x003e, size 102400
    sig 0x000806e9, pf_mask 0x10, 2021-11-12, rev 0x00f0, size 105472
    sig 0x000806e9, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 105472
    sig 0x000806ea, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 105472
    sig 0x000806eb, pf_mask 0xd0, 2021-11-15, rev 0x00f0, size 105472
    sig 0x000806ec, pf_mask 0x94, 2021-11-17, rev 0x00f0, size 105472
    sig 0x00090661, pf_mask 0x01, 2022-02-03, rev 0x0016, size 20480
    sig 0x000906c0, pf_mask 0x01, 2022-02-19, rev 0x24000023, size 20480
    sig 0x000906e9, pf_mask 0x2a, 2021-11-12, rev 0x00f0, size 108544
    sig 0x000906ea, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 104448
    sig 0x000906eb, pf_mask 0x02, 2021-11-12, rev 0x00f0, size 105472
    sig 0x000906ec, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 104448
    sig 0x000906ed, pf_mask 0x22, 2021-11-16, rev 0x00f0, size 104448
    sig 0x000a0652, pf_mask 0x20, 2021-11-16, rev 0x00f0, size 96256
    sig 0x000a0653, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 97280
    sig 0x000a0655, pf_mask 0x22, 2021-11-16, rev 0x00f0, size 96256
    sig 0x000a0660, pf_mask 0x80, 2021-11-15, rev 0x00f0, size 96256
    sig 0x000a0661, pf_mask 0x80, 2021-11-16, rev 0x00f0, size 96256
    sig 0x000a0671, pf_mask 0x02, 2022-03-09, rev 0x0053, size 103424

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2022-07-15 15:21:44 +02:00
Christian Lamparter
3b3eaf31cb ipq40xx: R619AC: replace space with - separator in variant string
Kalle:
"I see that variant has a space in it, does that work it correctly? My
original idea was that spaces would not be allowed, but didn't realise
to add a check for that."

Is this an easy change? Because the original author (Tim Davis) noted:
"You may substitute the & and space with something else saner if they
prove to be problematic."

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2022-07-15 15:21:44 +02:00
Manuel Giganto
d12eb103e8
hostapd: add ppsk option (private psk)
This PR allows a user to enable a private psk, where each station
may have it's own psk or use a common psk if it is not defined.
The private psk is defined using the sta's mac and a radius server
is required.

ppsk option should be enabled in the wireless configuration along with
radius server details. When using PPSK, the key is ignored, it will be
retrieved from radius server. SAE is not yet supported (private sae) in
hostapd.

Wireless example configuration:
	option encryption 'psk2+ccmp'
	option ppsk '1'
	option auth_server '127.0.0.1'
	option auth_secret 'radiusServerPassword'

If you want to use dynamic VLAN on PPSK also include:
	option dynamic_vlan '2'
	option vlan_tagged_interface 'eth0'
	option vlan_bridge 'br-vlan'
	option vlan_naming '0'

It works enabling mac address verification on radius server and
requiring the tunnel-password (the private psk) from radius server.

In the radius server we need to configure the users. In case of
freeradius: /etc/freeradius3/mods-config/files/authorize
The user and Cleartext-Password should be the mac lower case using the
format "aabbccddeeff"

<sta mac> Cleartext-Password := "<sta mac>"
	Tunnel-Password = <Private Password>

Example of a user configured in radius and using dynamic VLAN5:

8cb84a000000 Cleartext-Password := "8cb84a000000"
	Tunnel-Type = VLAN,
	Tunnel-Medium-Type = IEEE-802,
	Tunnel-Private-Group-ID = 5,
	Tunnel-Password = MyPrivPw

If we want to have a default or shared psk, used when the mac is not
found in the list, we need to add the following at the end of the radius
authorize file:

DEFAULT Auth-Type := Accept
	Tunnel-Password = SharedPw

And if using VLANs, for example VLAN6 for default users:
DEFAULT Auth-Type := Accept
	Tunnel-Type = VLAN,
	Tunnel-Medium-Type = IEEE-802,
	Tunnel-Private-Group-ID = 6,
	Tunnel-Password = SharedPw

Signed-off-by: Manuel Giganto <mgigantoregistros@gmail.com>
2022-07-15 08:20:36 +02:00
Rosen Penev
4dc198a74e
strace: add nls.mk
Needed when building with libdw and CONFIG_BUILD_NLS, mostly for the
rpath-link.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-07-15 07:07:59 +02:00
Michael Pratt
ba7da73680 firewall3: update file hash
the hash and timestamp of the remote copy of the archive
has changed since last bump
meaning the remote archive copy was recreated

Signed-off-by: Michael Pratt <mcpratt@pm.me>
2022-07-14 17:09:06 +01:00
Daniel Golle
e0e74d8a2c uboot-mediatek: unbreak build with binman
swig has been installed on the buildbots a while a ago and
Petr Štetiar got a fix for the pylibfdt error. Use that and re-enable
the builds for mt7620 and mt7621.
Refresh patches while at it.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-07-13 11:38:57 +01:00
Daniel Golle
7659ee1e27 uboot-mediatek: add support for UBI EOF marker
Let U-Boot handle free space in UBI partitions by recognizing the EOF
marker OpenWrt is using as well for that purpose.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-07-13 11:38:57 +01:00
Felix Fietkau
9f1d622328 mac80211: fix AQL issue with multicast traffic
Exclude multicast from pending AQL budget

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-07-13 10:35:39 +02:00
Claudiu Beznea
95a24b5479 uboot-at91: fix build on buildbots
Buidbots are throwing the following compile error:

In file included from tools/aisimage.c:9:
include/image.h:1133:12: fatal error: openssl/evp.h: No such file or directory
            ^~~~~~~~~~~~~~~
compilation terminated.

Fix it by passing `UBOOT_MAKE_FLAGS` variable to make.

Suggested-by: Petr Štetiar <ynezz@true.cz>
Fixes: 6d5611af28 ("uboot-at91: update to linux4sam-2022.04")
Signed-off-by: Claudiu Beznea <claudiu.beznea@microchip.com>
2022-07-13 09:00:59 +02:00
Daniel Golle
a7a3a04a2c
uboot-mediatek: mark mt7620 build as @BROKEN
Turns out also mt7620 build has a more hidden dependency on binman.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-07-12 21:31:38 +01:00
Daniel Golle
e760f065c6
uboot-mediatek: mark MT7621 variants as @BROKEN
Building U-Boot for the MT7621 SoC requires binman, a Python-based
host tool to generate images. For now, binman cannot work inside the
OpenWrt build system because it requires swig, so mark the MT7621
boards as borken to fix the ramips/mt7621 build until someone with
knowledge about Python and swig fixes the underlaying issue.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-07-12 19:58:13 +01:00
Petr Štetiar
64fb5ae67a uboot-imx: pico-pi-imx7d: fix wrong make flags overriding
Buidbots are currently choking on the following compile error:

 In file included from tools/aisimage.c:9:
 include/image.h:1133:12: fatal error: openssl/evp.h: No such file or directory
  #  include <openssl/evp.h>
             ^~~~~~~~~~~~~~~
 compilation terminated.

This is caused by a complete overriding of make flags which are provided
correctly in `UBOOT_MAKE_FLAGS` variable, but currently overriden
instead of extended. This then leads to the usage of build host include
dirs, which are not available.

Fix it by extending `UBOOT_MAKE_FLAGS` variable like it was done in
commit 481339a042 ("uboot-imx: fix wrong make flags overriding").

Fixes: 7094e65503 ("uboot-imx: add support for TechNexion PICO-PI-IMX7D")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2022-07-12 09:25:43 +02:00
Daniel Golle
2f7fb57c12
uboot-ramips: add support for MT7621, merge into uboot-mediatek
* Merge uboot-ramips into uboot-mediatek.
* Port support for the RAVPower RP WD009 to U-Boot 2022.07.
* Add support for MT7621 and add builds for the reference boards.
* Add builds for MT7620 and MT7628 reference boards.

This should help to make development of U-Boot-level board support for
all MediaTek targets much easier.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-07-11 21:27:24 +01:00
Daniel Golle
fa75a3a935
uboot-mediatek: update to 2022.07 release
Add patch to fix host-build of the mkimage tool without
CONFIG_TOOLS_LIBCRYPTO.
Update and refresh all patches.

Tested on BananaPi R64 (MT7622) successfully booting from SD card,
eMMC and SPI-NAND.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-07-11 17:13:22 +01:00
Lech Perczak
e62f1388c3 uboot-envtools: imx: cortexa7: add TechNexion PICO-PI-IMX7D
Add configuration for upstream U-Boot environment for booting from eMMC.

Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
2022-07-11 14:28:03 +02:00
Lech Perczak
7094e65503 uboot-imx: add support for TechNexion PICO-PI-IMX7D
Add mainline U-Boot flavour for TechNexion PICO-PI-IMX7D board, using
DM and upstream default configuration, storing payload in sector 138
of eMMC.

Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
[pepe2k@gmail.com: fixed BUILD_DEVICES value]
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2022-07-11 14:18:40 +02:00
Lech Perczak
2e297377bf cypress-nvram: support BCM4339 on TechNexion PICO-PI-IMX7D
This board features an AP6335 system-in-package combination of Wi-Fi and
Bluetooth module based on BCM4339.

Support is borrowed directly from the following Buildroot commit:
095420e05ae5: ("configs/imx7dpico: Add Wifi support").

Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
2022-07-11 14:18:40 +02:00
Lech Perczak
6f6c2fb321 linux-firmware: use upstream firmware for cypress-firmware-4339-sdio
Old firmware provided by 'cypress-firmware' suite is not sufficient for
AP6335 module used in PICO-PI-IMX7D board to probe successfully. Use the
upstream version from linux-firmware instead.

At the same time, drop the old firmware from 'cypress-firmware' package.

Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
2022-07-11 14:18:40 +02:00
Lech Perczak
489d792c85 mac80211: enable CONFIG_BRCMFMAC_SDIO for imx/cortexa7
TechNexion PICO-PI-IMX7D uses BCM4339 Wi-Fi interface in SDIO mode.
Enable SDIO support for imx/cortexa7 to fully support it in images.

Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
2022-07-11 14:18:40 +02:00
Lech Perczak
fb75476845 kernel: add kmod-btsdio package
Add package supporting Bluetooth HCI interfaces connected over SDIO.

Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
[pepe2k@gmail.com: dropped rfkill dependency, other minor text fixes]
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2022-07-11 14:18:16 +02:00
Lech Perczak
3750acb28a kernel: add kmod-touchscreen-edt-ft5x06 package
This module contains driver for touchscreen used in TechNexion
PICO-PI-IMX7D board.

Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
2022-07-11 14:14:01 +02:00
Rafał Miłecki
cb27179e62 uboot-envtools: support NVMEM based access
This will allow using fw_printenv without /etc/fw_env.config. Once there
is Linux NVMEM driver available for U-Boot env data.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2022-07-11 11:14:41 +02:00
Paul Blazejowski
4a1dcaf848 hostapd: apply patch to fix building openssl variant
Add patch from:
https://patchwork.ozlabs.org/project/hostap/patch/20220622121355.1337612-1-a.heider@gmail.com/

Fixes: dab9103 ("hostapd: update to 2022-06-02")
Signed-off-by: Paul Blazejowski <paulb@blazebox.homeip.net>
2022-07-11 00:50:54 +02:00
Claudiu Beznea
6d5611af28 uboot-at91: update to linux4sam-2022.04
Update uboot-at91 to linux4sam-2022.04. As linux4sam-2022.04 is based on
U-Boot v2022.01 which contains commit
93b196532254 ("Makefile: Only build dtc if needed") removed also the DTC
variable passed to MAKE to force the compilation of DTC.

Signed-off-by: Claudiu Beznea <claudiu.beznea@microchip.com>
2022-07-11 00:50:18 +02:00
Claudiu Beznea
859f5f9aec at91bootstrap: update at91bootstrap v4 targets to v4.0.3
Update AT91Bootstrap v4 capable targets to v4.0.3.

Signed-off-by: Claudiu Beznea <claudiu.beznea@microchip.com>
2022-07-11 00:50:18 +02:00
Nick Hainke
436fad7a3e iptables: update to 1.8.8
Remove upstreamed patches:
- 001-xtables-Call-init_extensions6-for-static-builds.patch
- 002-xtables-Call-init_extensions_a_b.patch

Fix patches:
- 102-iptables-disable-modprobe.patch
  Fix warnings in the form of:
  xtables.c:475:14: warning: 'get_modprobe' defined but not used [-Wunused-function]
  475 | static char *get_modprobe(void)
      |              ^~~~~~~~~~~~

Backport patches:
- 020-treewide-use-uint-instead-of-u_int.patch
- 030-revert-fix-build-for-missing-ETH_ALEN-definition.patch
- 040-xshared-Fix-build-for-Werror-format-security.patch
- 050-build-fix-error-during-out-of-tree-build.patch
- 060-libxtables-unexport-init_extensions-declarations.patch

Refresh patches:
- 101-remove-check-already.patch
- 102-iptables-disable-modprobe.patch
- 200-configurable_builtin.patch
- 600-shared-libext.patch
- 700-disable-legacy-revisions.patch

Remove from Makefile:
 $(CP) $(PKG_BUILD_DIR)/include/libipulog $(1)/usr/include/

Changelog:
fa0ccdbd configure: bump version for 1.8.8 release
8468fd4f nft: Fix EPERM handling for extensions without rev 0
ce9195c6 extensions: LOG: Document --log-macdecode in man page
404f304d man: *NAT: Review --random* option descriptions
0a538259 extensions: DNAT: Merge core printing functions
a7c2b728 libxtables: Revert change to struct xtables_pprot
fd64a587 libxtables: Drop xtables_globals 'optstring' field
3b8a6a6f xshared: Extend xtables_printhelp() for arptables
8ff84eaf xshared: Move arp_opcodes into shared space
adbfec0b extensions: MARK: Drop extra newline at end of help
1dcfb81e nft: split gen_payload() to allocate register and initialize expression
7e38890c nft: prepare for dynamic register allocation
165cafec nft: pass handle to helper functions to build netlink payload
94309632 nft: native mark matching support
aa92ec96 nft: pass struct nft_xt_ctx to parse_meta()
4c70c42f nft-shared: update context register for bitwise expression
18c96821 extensions: man: Document service name support in DNAT and REDIRECT
72d542b6 extensions: Merge REDIRECT into DNAT
14d77c8a extensions: Merge IPv4 and IPv6 DNAT targets
9621318b extensions: DNAT: Rename from libipt to libxt
2e0c9a40 extensions: ipt_DNAT: Combine xlate functions also
7adef314 extensions: ipt_DNAT: Merge v1/v2 print/save code
3f4f1cf0 extensions: ipt_DNAT: Merge v1 and v2 parsers
070a8626 Revert "libipt_[SD]NAT: avoid false error about multiple destinations specified"
08c14fa6 man: DNAT: Describe shifted port range feature
24fff5d7 xlate-test: Fix for empty source line on failure
ac4c84cc libxtables: Boost rule target checks by announcing chain names
f58b0d74 libxtables: Implement notargets hash table
b1aee6b2 nft: Reject standard targets as chain names when restoring
b555bfed tests: shell: Fix 0004-return-codes_0 for static builds
c293e116 nft: Review static extension loading
0836524f xtables: Call init_extensions{,a,b}() for static builds
6c689b63 Simplify static build extension loading
0c8e2535 libxtables: Fix for warning in xtables_ipmask_to_numeric
0c0cd434 nft: Don't pass command state opaque to family ops callbacks
b6196c75 xshared: Prefer xtables_chain_protos lookup over getprotoent
07ee529f nft: Speed up immediate parsing
b5f2faea nft: Simplify immediate parsing
17534cb1 Improve error messages for unsupported extensions
2dbb49d1 libxtables: Register only the highest revision extension
07e2107e xshared: Implement xtables lock timeout using signals
a3980769 tests: NFLOG: enable `--nflog-range` tests
b8e8ac27 tests: support explicit variant test result
adb03c3f tests: add `NOMATCH` test result
7a006c7d tests: iptables-test: rename variable
b7f15b42 iptables.8: Describe the effect of multiple -v flags
1407a9c4 tests: iptables-test: Support variant deviation
fc8f7289 nft: cache: Dump rules if debugging
73b91292 nft: Add debug output to table creation
51d9d9e0 ebtables: Support verbose mode
ad1ed75f nft: Set NFTNL_CHAIN_FAMILY in new chains
17ed253f iptables-restore: Support for extra debug output
a761a026 nft: Use verbose flag to toggle debug output
98e69b7e nft: add support for native tcp flag matching
92808bd5 nft-shared: add tcp flag dissection
6aba94ef nft: prefer native expressions instead of tcp match
c034cf31 nft: prefer native expressions instead of udp match
5489493e nft-shared: support native udp port delinearize
5795a1b5 nft-shared: support native tcp port range delinearize
250dce87 nft-shared: support native tcp port delinearize
ea5d45dc extensions: libxt_NFLOG: fix typo
26ecdf53 xshared: Fix response to unprivileged users
b32ae771 build: replace `AM_PROG_LIBTOOL` and `AC_DISABLE_STATIC` with `LT_INIT`
05286bab extensions: libxt_NFLOG: remove extra space when saving targets with prefixes
f0d02998 extensions: libxt_NFLOG: fix `--nflog-prefix` Python test-cases
f9df828a extensions: libxt_NFLOG: disable `--nflog-range` Python test-cases
62ad29e9 extensions: libxt_NFLOG: don't truncate log prefix on print/save
db99f601 extensions: libxt_NFLOG: use nft built-in logging instead of xt_NFLOG
30b178b9 extensions: *NAT: Kill multiple IPv4 range support
7ee5b970 tests: iptables-test: correct misspelt variable
223f02ca nft: fix indentation error.
5c2c2eea ip6tables: Use the shared do_parse, too
9baf3bf0 iptables: Use xtables' do_parse() function
e4f5185d nft: Move proto_parse and post_parse callbacks to xshared
ded7b579 xshared: Store parsed wait and wait_interval in xtables_args
62c3c93d xshared: Move do_parse to shared space
3039a52c xtables: Do not pass nft_handle to do_parse()
ece001c2 xtables: Pass xtables_args to check_inverse()
17abaeb1 xtables: Pass xtables_args to check_empty_interface()
dc8d8fce xtables: Move struct nft_xt_cmd_parse to xshared.h
98a4462f xtables: Pull table validity check out of do_parse()
d83371c7 xtables: Drop xtables' family on demand feature
49aa44ba nft-shared: set correct register value
b129b1cf iptables-*-restore: Drop pointless line reference
316d8efb libxtables: Extend basic_exit_err()
4bff5aef xtables_globals: Embed variant name in .program_version
51e5d293 xshared: Share exit_tryhelp()
56ac0452 xshared: Share a common printhelp function
4149b5d8 xshared: Share print_match_save() between legacy ip*tables
273d88a7 extensions: tcpmss: add iptables-translate support
7213561d xshared: Make load_proto() static
cf14b92b nft-shared: Drop unused function print_proto()
24f30842 xshared: Share print_header() with legacy iptables
a323c283 xshared: Share print_fragment() with legacy
1d73cec0 xshared: Share print_rule_details() with legacy
e5fb9f8e xshared: Share save_ipv{4,6}_addr() with legacy
22f2e1fc xshared: Share save_rule_details() with legacy
766e4872 xshared: Share print_iface() function
b5881e7f nft: Change whitespace printing in save_rule callback
1189d830 xshared: Merge and share parse_chain()
1eab8e83 extensions: hashlimit: Fix tests with HZ=1000
afa525ee xlate-test: Print full path if testing all files
b8d5271d Unbreak xtables-translate
0af80a91 nft: Merge xtables-arp-standalone.c into xtables-standalone.c
142cf724 xtables: arptables accepts empty interface names
ab0a785a xtables: Derive xtables_globals from family
6cf3976e nft-shared: Make nft_check_xt_legacy() family agnostic
832a0e2b nft-arp: Introduce post_parse callback
0aea399d arptables: Use standard data structures when parsing
fe83b12f libxtables: Introduce xtables_globals print_help callback
0687852d xtables-standalone: Drop version number from init errors
dded8ff3 nft: Add family ops callbacks wrapping different nft_cmd_* functions
38e1fe58 xtables: Simplify addr_mask freeing
cfdda180 nft-shared: Introduce init_cs family ops callback
65b150ae xshared: Store optstring in xtables_globals
2e6014c7 nft: Introduce builtin_tables_lookup()
db90ff64 tests: shell: fix bashism
45d8f769 nft: Delete builtin chains compatibly
e865a853 nft-chain: Introduce base_slot field
f9b33967 nft: Check base-chain compatibility when adding to cache
43189612 nft: cache: Avoid double free of unrecognized base-chains
040a15f2 xtables-translate: add missing argument and option to usage
2ed6dc75 tests: iptables-test: Fix conditional colors on stderr
63ab4fe3 ebtables: Avoid dropping policy when flushing
b714d45d iptables-test.py: print with color escapes only when stdout isatty
481626bb tests: shell: Return non-zero on error
7559af83 tests: iptables-test: Exit non-zero on error
c057939d tests: xlate-test: Exit non-zero on error
a8da7186 tests: iptables-test: Print errors to stderr
5166c445 tests: xlate-test: Print errors to stderr
fa78ff15 tests: xlate-test: Don't skip any input after the first empty line
fcbe454b tests: iptables-test: Fix missing chain case
61e85e31 iptables-nft: allow removal of empty builtin chains
544e7dc1 Fix a few doc typos
e438b976 nft: Use xtables_{m,c}alloc() everywhere
ca11c7b7 nft: Use xtables_malloc() in mnl_err_list_node_add()
cf410aa6 extensions: libxt_mac: Fix for missing space in listing
7ae14dc1 iptables-test: Make netns spawning more robust
bef9dc57 extensions: hashlimit: Fix tests with HZ=100
943fbf3e ip6tables: masquerade: use fully-random so that nft can understand the rule
ef7781eb libxtables: exit if called by setuid executeable
8629c53f tests/shell: Assert non-verbose mode is silent
57d1422d nft: Fix for non-verbose check command
26318637 ebtables: Dump atomic waste
765bf04e doc: ebtables-nft.8: Adjust for missing atomic-options
e727ccad xtables: Call init_extensions6() for static builds
9e1fffdf extensions: libxt_multiport: add translation for -m multiport --ports
c8145139 extensions: libxt_conntrack: simplify translation using negation
1c934617 extensions: libxt_tcp: rework translation to use flags match representation
bb01e33d extensions: libxt_connlimit: add translation
62828a6a tests: xlate-test: support multiline expectation
ba863c4b libxtables: extend xlate infrastructure
68ed965b extensions: libxt_string: Avoid buffer size warning for strncpy()
9b85e1ab libxtables: Introduce xtables_strdup() and use it everywhere
ca840c20 extensions: libebt_ip6: Use xtables_ip6parse_any()
084671d5 iptables-apply: Drop unused variable
0729ab37 nft: Avoid buffer size warnings copying iface names
eab75ed3 nft: Avoid memleak in error path of nft_cmd_new()
ffe88f8f libxtables: Fix memleak in xtopt_parse_hostmask()
8bb5bcae extensions: libebt_ip6: Drop unused variables
97fabae7 libxtables: Drop leftover variable in xtables_numeric_to_ip6addr()
5818be17 extensions: sctp: Translate --chunk-types option
a61282ec extensions: sctp: Fix nftables translation
556f7044 Use proto_to_name() from xshared in more places
eea68ca8 ebtables-translate: Use shared ebt_get_current_chain() function
9dc50b5b xshared: Merge invflags handling code
3664249f xshared: Eliminate iptables_command_state->invert
f647f61f xtables: Make invflags 16bit wide
616800af extensions: SECMARK: Implement revision 1
1e984079 nft-arp: Make use of ipv4_addr_to_string()
acac2dbe Eliminate inet_aton() and inet_ntoa()
9084ef29 extensions: sctp: Explain match types in man page
a3e81c62 nft: Increase BATCH_PAGE_SIZE to support huge rulesets
fdf64dcd nft: cache: Sort chains on demand only
c5d9a723 fix build for missing ETH_ALEN definition
18d7535d extensions: libxt_conntrack: use bitops for status negation
18e334da extensions: libxt_conntrack: use bitops for state negation
831f57c7 libxtables: Simplify xtables_ipmask_to_cidr() a bit
46f9d3a9 xtables-translate: Fix translation of odd netmasks
330f5df0 nft: Fix bitwise expression avoidance detection
5f1fcace iptables-nft: fix -Z option
c9441657 include: Drop libipulog.h
30c1d443 ebtables: Exit gracefully on invalid table names

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-07-10 19:07:47 +02:00
Nick Hainke
ad0733a7f0 libtool: update to 2.4.7
Changes:
6d7ce133 version 2.4.7
b4a37606 NEWS: roll-back manually filled NEWS versioning
33615a45 NEWS: fill entries for past commits
f5eb6f11 libltdl: bump libltdl.la version-info.
28fbcb6a libtool: correct linter syntax complaints in M4
7e69e441 gnulib: update submodule to new repository.
2dc7dad7 maint: update copyrights across project.
b55b1cc8 libtool: Do not pass '-pthread' to Solaris linker.
960a33e4 docs: manually recording dependencies in Automake
78652682 tests: remove deprecated old-ltdl-iface.at test.
f51eddf0 * libtool: Bump M4 serial versions and add missing AC_PROG_SED to ltdl.m4
ccc878dd libtool: replace raw invocations of sed with $SED
5df7dd49 libtool: add support for MidnightBSD
8f4bdbda libtool: powerpc 10.5 detection without a deployment target
9e8c8825 libtool: support macOS 11
0904164d libtool: correct m4 quoting in sed expression
da2e3527 libtool: replace some references to /usr/bin/file and /bin/sh
1b74d784 libtool: Add -Wa,* link-mode flag for assembler pass-thru
86d71e86 libtool: Pass -Xassembler flag and arguments to compiler
fc7779d7 maint: update Bootstrap git module
0c1bc69d maint: update copyrights across project.
28fb394f maint: update AUTHORS, copyright date.
b9b44533 bootstrap: use $gnulib_clone_since
544fc0e2 maint: update bootstrap, gnulib, copyright dates
b88cebd5 maint: update bootstrap, gnulib, copyright dates
99bd0948 libtool: add icl.exe support
6ca5e224 docs: typo in 'win32-dll' description
1bfb11a4 libtool: quote 'cd' command in shipped relink_command
722b6af0 doc: fix typos in --mode=install invocations
350082b6 libtool: exit verbosely for fatal configure problems
792b6807 maint: update copyright years
f003a1f9 libltdl: handle ENOMEM in lt_dlloader_remove()
08c5524f bootstrap: use the upstream repo as git module
a938703c libtool: set file_list_spec to '@' on OS/2
f10e22c2 tests: fix $objdir hardcoding check with CFLAGS=-g3
f9970d99 libtool: pass through -fuse-ld flags
d7c8d3b4 m4/libtool.m4: FreeBSD elftoolchain strip support
807cbd63 libtoolize: exec automake and autoconf only with --help
40bc0628 edit-readme-alpha: generate the "stable" README properly
b89a47ea maint: fix for 'make sc_immutable_NEWS' hints
bb8e7b4a maint: update copyright years
b5d44b84 libltdl: handle ENOMEM sooner
5944fdcc gl: minor typo fixes
49856679 gl-tests: dash && option-parser test fix
a5c64665 libtool: fix GCC/clang linking with -fsanitize=*
ae816ace gl-tests: make the failure more readable
d15b3214 m4/libtool.m4: export AIX TLS symbols
aabc46ac gl/tests: new tests for options-parser
dc8bd92d gl/funclib.sh: func_quotefast_eval & tilde fix
a3c6e99c syntax-check: fix sed syntax errors
f323f10d gl/tests: new tests for func_quote* family
ed4f739f check: enable gnulib's testsuite
9187e9a2 funclib: refactor quoting methods a bit
16dbc070 libtool: optimizing options-parser hooks
32f0df98 libtool: mitigate the $sed_quote_subst slowdown
b7b6ec33 gnulib: sync with upstream
5859cc50 maint: relax 'sc_prohibit_test_dollar' check
418129bc ARFLAGS: use 'cr' instead of 'cru' by default
4335de1d libool.m4: add ARFLAGS variable
0f842177 maint: put newline after 'Subject' in ChangeLog
03ec5f49 gnulib: sync with upstream
351a88fe libtoolize: fix infinite recursion in m4
de7b2cb2 bootstrap: fix race in temporary Makefile
702a97fb libtool: fix GCC linking with -specs=*
4ff16210 maint: demote myself from maintainer to former maintainer.
c12d38e4 maint: post-release administrivia

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-07-10 19:07:47 +02:00
Nick Hainke
ce6e034c52 lldpd: update to 1.0.14
Changes
- Add configure commands to alter inventory TLVs

Fixes
- Update seccomp rules for newer kernel/libc
- Correctly handle an interface whose index has changed
- Don't send VLANs when there are too many

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-07-10 19:07:47 +02:00
Nick Hainke
2c7101360f lldpd: switch to codeload.github.com
The mirror does not seem to work well anymore. Switch to
codeload.github.com.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-07-10 19:07:47 +02:00
Nick Hainke
820093d5a6 binutils: update to 2.38
Changelog:

 Assembler:
    General:
      * Add support for the LoongArch architecture.

      * Add an option to control how multibyte characters are handled in
        the assembler.  Using the option warnings can be generated when
        such characters are encountered in symbol names, or anywhere in
        the input source file(s).

    AArch64 and ARM:
      * Add support for more system registers.
      * Add support for Scalable Matrix Extension.
      * Add support for Cortex-R52+, Cortex-A510, Cortex-A710,
        Cortex-X2, Cortex-A710 cores.
      * Add support for 'v8.7-a', 'v8.8-a', 'v9-a', 'v9.1-a',
        'armv9.2-a' and 'armv9.3-a' architecture extensions.

    X86:
      * Add a command-line option to encode aligned vector move as
        unaligned vector move.
      * Add support for Intel AVX512_FP16 instructions.
      * The outputs of .ds.x directive and .tfloat directive with hex
        input have been reduced from 12 bytes to 10 bytes to match the
        output of .tfloat directive.

Linker:
    * Add support for the LoongArch architecture.

    * Add -z pack-relative-relocs/-z no pack-relative-relocs to x86 ELF
     linker to pack relative relocations in the DT_RELR section.

    * Add -z indirect-extern-access/-z noindirect-extern-access to x86
      ELF linker to control canonical function pointers and copy
      relocation.

Other Binary Tools:

    * elfedit: Add --output-abiversion option to update ABIVERSION.

    * Tools which display symbols or strings (readelf, strings, nm,
      objdump) have a new command line option which controls how unicode
      characters are handled.  By default they are treated as normal for
      the tool.  Using --unicode=locale will display them according to
      the current locale.  Using --unicode=hex will display them as hex
      byte values, whilst --unicode=escape will display them as escape
      sequences.  In addition using --unicode=highlight will display
      them as unicode escape sequences highlighted in red (if supported
      by the output device).

    * readelf -r dumps RELR relative relocations now.

    * Support for efi-app-aarch64, efi-rtdrv-aarch64 and
      efi-bsdrv-aarch64 has been added to objcopy in order to enable
      UEFI development using binutils.

    * ar: Add --thin for creating thin archives. -T is a deprecated
      alias without diagnostics. In many ar implementations -T has a
      different meaning, as specified by X/Open System Interface.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-07-10 19:07:47 +02:00
Nick Hainke
ccfb736c23 libusb: update to 1.0.26
Add libatomic as dependency.

Changelog:
2022-04-10: v1.0.26
* Fix regression with transfer free's after closing device
* Fix regression with destroyed context if API is misused
* Workaround for applications using missing default context
* Fix hotplog enumeration regression
* Fix Windows isochronous transfer regression since 1.0.24
* Fix macOS exit crash in some multi-context cases
* Build fixes for various platforms and configurations
* Fix Windows HID multi-interface product string retrieval
* Update isochronous OUT packet actual lengths on Windows
* Add interface bound checking for broken devices
* Add umockdev tests on Linux

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-07-10 19:07:47 +02:00
Nick Hainke
d858511723 libusb: update to 1.0.25
Remove upstreamed patche:
- 001-Correct-a-typo-in-the-Changelog-and-clean-up-a-stray.patch
- 002-linux_usbfs-Fix-parsing-of-descriptors-for-multi-con.patch

Changelog:
2022-01-31: v1.0.25
* Linux: Fix regression with some particular devices
* Linux: Fix regression with libusb_handle_events_timeout_completed()
* Linux: Fix regression with cpu usage in libusb_bulk_transfer
* Darwin (macOS): Add support for detaching kernel drivers with authorization.
* Darwin (macOS): Do not drop partial data on timeout.
* Darwin (macOS): Silence pipe error in set_interface_alt_setting().
* Windows: Fix HID backend missing byte
* Windows: Fix segfault with libusbk driver
* Windows: Fix regression when using libusb0 driver
* Windows: Support LIBUSB_TRANSFER_ADD_ZERO_PACKET on winusb
* New NO_DEVICE_DISCOVERY option replaces WEAK_AUTHORITY option
* Various other bug fixes and improvements

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-07-10 19:07:47 +02:00
Nick Hainke
5ab22c8b99 jansson: update to 2.14
Changes (2021-09-09):
* New Features:
  - Add `json_object_getn`, `json_object_setn`, `json_object_deln`, and the
    corresponding `nocheck` functions.
* Fixes:
  - Handle `sprintf` corner cases
* Build:
  - Symbol versioning for all exported symbols
  - Fix compiler warnings
* Documentation:
  - Small fixes
  - Sphinx 3 compatibility

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-07-10 19:07:47 +02:00
Nick Hainke
59610c214b jansson: cleanup and switch to codeload.github.com
- Rearrange Makefile.
- Switch to codeload.github.com because it looks like new version are
  not longer deployed at www.digip.org

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-07-10 19:07:47 +02:00
Nick Hainke
202ecc9f4b wpan-tools: update to 0.9
Changes:
- wpan-ping: fix ifname setting
- wpan-hwsim: hardware simulator configuration utility
- wpan-hwsim: fix long option argument option for dot
- Don't install examples
- hwsim: make sure lqi is always initialized
- iwpan: fix clang compiler warning on absolute-value
- examples: fix wrongly used unsigned attribute
- build: hwsim: fix list of files needed for dist build

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-07-10 18:16:34 +02:00
Nick Hainke
9194cee553 wpan-tools: update to 0.8
Remove upstreamed patches:
- 001-src-nl_extras.h-fix-compatibility-with-libnl-3.3.0.patch

Changes:
- examples: add README with details to the various examples
- examples: af_ieee802154_tx example
- examples: af_ieee802154_rx example
- examples: add af_packet_rx example
- examples: af_inet6_rx example
- examples: af_packet_tx example
- examples: af_inet6_tx example
- examples: add .gitignore file for examples directory
- src/nl_extras.h: fix compatibility with libnl 3.3.0
- wpan-ping: add the support to set wpan-ping interval
- wpan-ping: Add the filtering function for frame receiving

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-07-10 18:16:34 +02:00
Nick Hainke
3707e5cbe3 wpan-tools: cleanup Makefile
- Use SPDX
- Add PKG_RELEASE
- Change wpan.cakelab.org to linux-wpan.org/wpan-tools.html
- Switch to github.com as PKG_SOURCE_URL

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-07-10 18:16:34 +02:00
Jianhui Zhao
6902af4f30 libpcap: fix PKG_CONFIG_DEPENDS for rpcapd
This fix allows trigger a rerun of Build/Configure when
rpcapd was selected.

Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
2022-07-10 18:11:36 +02:00
Nick Hainke
0af4a26918 libnl: update to 3.7.0
Changes:
1bb4162 libnl-3.7.0 release
897ec9c route: act: Allow full set of actions on gact,skbedit,mirred
00e46f1 Use print() function in both Python 2 and Python 3
083c1b6 sriov: fix setting ce_mask when parsing VF stat counter
2e9a4f7 Fix typos and errors
cc87ad2 changelog: update URL to git history
bde0b4c changelog: fix typos in ChangeLog
44988e6 route: format recently added code with clang-format
df6e38b route/act: add NAT action
7304c42 route: format recently added code with clang-format
f8eb218 cls: flower: extend flower API
e5dc111 flower: use correct attribute when filling out flags
df6058c tests: merge branch 'th/test-link'
9772c1d tests: add unit tests for creating links
4713b76 github: run unit tests several times and directly
8025547 github: export NLTST_SEED_RAND= to randomize unit tests
7efeca2 tests: add test utils
f6f4d36 tests: reformat unit test files with clang-format
135a706 utils: add _NL_AUTO_DEFINE_FCN_STRUCT() macro
0ea11be utils: add _nl_thread_local macro
9b04936 route: fix crash caused by parse_multipath() by wrong free()
2effffe route/link: Set the cache ops when cloning a link
5ecd56c route/link: add lock around rtnl_link_af_ops_put()
e1a077a route/link: avoid accessing af_ops after af_free() in rtnl_link_set_family()
3f4f1dd xfrm/sa: fix reference counters of sa selector addresses
d3c783f all: merge branch 'th/coverity-fixes'
23a75c5 xfrm: fix uninitalized variables in build_xfrm_ae_message()
d52dbcb route: fix check for NULL in nh_encap_dump()
1f61096 route/qdisc/mqprio: fix bufferoverflow and argument checking in rtnl_qdisc_mqprio_set_*()
f918c3a route/sriov: fix buffer overflow in rtnl_link_sriov_parse_vflist()
d4c7972 all: fix "-Wformat" warnings for nl_dump*()
6b2f238 netlink/utils.h: mark nl_dump() with __attribute__((format(printf,a,b)))
d3bd278 netlink/utils.h: add internal _nl_attribute_printf macro for public headers
a30b26d socket: workaround undefined behavior coverity warning in generate_local_port()
8acf6d5 nl-pktloc-lookup: fix buffer overflow when printing alignment
bf3585f route/link/sriov: fix initializing vlans in rtnl_link_sriov_clone()
dd06d22 route/qdisc/netem: fix bogus "%" in format string netem_dump_details()
f50a802 route/u32: fix u32_dump_details() to print data
fa79ee3 link/vrf: avoid coverity warning in rtnl_link_vrf_set_tableid() about CONSTANT_EXPRESSION_RESULT
31380f8 utils: suppress coverity warning in nl_cli_load_module() about leaked handle
aa398b5 route/ip6vti,ip6gre: fix printing invalid data in ip6{vti,gre}_dump_details()
40683cc netlink/private: add internal helper utils
6615dc0 route/link: workaround coverity warning about leak in rtnl_link_set_type()
ff5ef61 all: avoid coverity warnings about assigning variable but not using it
f58a3c0 route/mdb: check parser error in mdb_msg_parser() for nested MDBA_MDB attribute
46506d3 route/mdb: add and use rtnl_mdb_entry_free() internal helper method
46e85d2 route/mdb: fix leak in mdb_msg_parser()
b0641dd route/mdb: add _nl_auto_rtnl_mdb cleanup macro
d544105 route/mdb: fix buffer overflow in mdb_msg_parser()
4d12b63 tests: silently ignore EACCES for setting uid_map for test namespace
ec712a4 tests: cleanup unshare_user() and use _nltst_fclose()
85e3c5d tests: add _assert_nltst_netns() helper
39e4d8d github: test out-of-tree build and "--disable-static"
d63e473 github: build documentation in CI test
fa7f97f build: avoid building check-direct with --disable-static
8c741a7 tools: fix aborting on failure in "tools/build_release.sh" script
e2aa409 doc: fix markup error in "doc/route.txt"
4f3b4f9 doc: fix python2-ism in "doc/resolve-asciidoc-refs.py"

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-07-10 17:55:50 +02:00
Kevin Darbyshire-Bryant
c29b13cfa0 ksmbd: fix compile on kernel 5.15.52+
Backport upstream fix to build on kernel 5.15.52 or later since kernel
devs backported newer functionality to older kernels.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2022-07-09 06:25:23 +01:00
Eneas U de Queiroz
639419ec4f
wolfssl: re-enable AES-NI by default for x86_64
Apply an upstream patch that removes unnecessary CFLAGs, avoiding
generation of incompatible code.

Commit 0bd5367233 is reverted so the
accelerated version builds by default on x86_64.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2022-07-08 01:39:34 +02:00
Dustin Lundquist
3899f68b54 openssl: bump to 1.1.1q
Changes between 1.1.1p and 1.1.1q [5 Jul 2022]

  *) AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised
     implementation would not encrypt the entirety of the data under some
     circumstances.  This could reveal sixteen bytes of data that was
     preexisting in the memory that wasn't written.  In the special case of
     "in place" encryption, sixteen bytes of the plaintext would be revealed.

     Since OpenSSL does not support OCB based cipher suites for TLS and DTLS,
     they are both unaffected.
     (CVE-2022-2097)
     [Alex Chernyakhovsky, David Benjamin, Alejandro Sedeño]

Signed-off-by: Dustin Lundquist <dustin@null-ptr.net>
2022-07-07 21:22:36 +02:00
Daniel Golle
d29722e6ff
xdp-tools: fix build with NLS enabled
Make sure the 'configure' shell script finds the libintl when linking
the test programs for discovering libpcap and libbpf.

Reported-by: @trippleflux
Fixes: 6ad1bea2a6 ("xdp-tools: add package")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-07-06 22:38:20 +01:00
Nick Hainke
8288a4bbb3
xdp-tools: mark as nonshared
The SDK does not have the LLVM toolchain yet.

Hopefully fixes errors in the form:
  xsk_def_xdp_prog.c:4:10: fatal error: 'bpf/bpf_helpers.h' file not found
  #include <bpf/bpf_helpers.h>

Fixes: 6ad1bea2a6 ("xdp-tools: add package")
Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-07-06 22:38:02 +01:00
Pascal Ernster
21825af2da
wolfssl: WOLFSSL_HAS_WPAS requires WOLFSSL_HAS_DH
Without this, WOLFSSL_HAS_DH can be disabled even if WOLFSSL_HAS_WPAS is
enabled, resulting in an "Anonymous suite requires DH" error when trying
to compile wolfssl.

Signed-off-by: Pascal Ernster <git@hardfalcon.net>
Reviewed-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2022-07-06 15:04:26 +02:00
Andre Heider
eb7d2abbf0 openssl: bump to 1.1.1p
Changes between 1.1.1o and 1.1.1p [21 Jun 2022]

  *) In addition to the c_rehash shell command injection identified in
     CVE-2022-1292, further bugs where the c_rehash script does not
     properly sanitise shell metacharacters to prevent command injection have been
     fixed.

     When the CVE-2022-1292 was fixed it was not discovered that there
     are other places in the script where the file names of certificates
     being hashed were possibly passed to a command executed through the shell.

     This script is distributed by some operating systems in a manner where
     it is automatically executed.  On such operating systems, an attacker
     could execute arbitrary commands with the privileges of the script.

     Use of the c_rehash script is considered obsolete and should be replaced
     by the OpenSSL rehash command line tool.
     (CVE-2022-2068)
     [Daniel Fiala, Tomáš Mráz]

  *) When OpenSSL TLS client is connecting without any supported elliptic
     curves and TLS-1.3 protocol is disabled the connection will no longer fail
     if a ciphersuite that does not use a key exchange based on elliptic
     curves can be negotiated.
     [Tomáš Mráz]

Signed-off-by: Andre Heider <a.heider@gmail.com>
2022-07-04 23:03:09 +02:00
Rosen Penev
341121edd4 libjson-c: disable libbsd
libjson-c is happy to pick up libbsd both on the host and target.
Reproducible with

make package/libbsd/compile;make package/libjson-c/compile

Also fixes host compilation on Arch Linux for a similar reason.
Undefined reference to arc4random.

Fixes: f3a198697f ("libjson-c: update to 0.16")
Acked-by: Thomas Huehn thomas.huehn@hs-nordhausen.de
Acked-by: Nick Hainke vincent@systemli.org
Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-07-04 20:37:41 +02:00
Nick Hainke
a0c5b03e02 f2fs-tools: import patch to fix compilation
Disable lz4 and lzo2 manually.

Fixes errors in the form of:
 Package f2fsck is missing dependencies for the following libraries:
 liblz4.so.1
 liblzo2.so.2

Fixes: 8b9e806160 ("f2fs-tools: update to 1.15.0")

Acked-by: Thomas Huehn <thomas.huehn@hs-nordhausen.de>
Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-07-04 20:24:06 +02:00
Daniel Golle
6ad1bea2a6
xdp-tools: add package
xdp-tools - Library and utilities for use with the eXpress Data Path:
Fast Programmable Packet Processing in the Operating System Kernel

 * libxdp: library for attaching XDP programs and using AF_XDP sockets
 * xdp-filter: a simple XDP-powered packet filter
 * xdp-loader: an XDP program loader
 * xdpdump: tool for capturing packets at the XDP layer

Thanks to Nick @PolynomialDivision Hainke for testing and fixing!

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-07-04 18:36:03 +01:00
Nick Hainke
6d423ffbd1 strace: update to 5.18
Improvements
- Added an interface of raising des Strausses awareness.
- Added --tips option to print strace tips, tricks, and tweaks at the end of the tracing session.
- Enhanced decoding of bpf and io_uring_register syscalls.
- Implemented decoding of COUNTER_*, RTC_PARAM_GET, and RTC_PARAM_SET ioctl commands.
- Updated lists of BPF_*, BR_*, BTRFS_*, IFA_*, IFLA_*, IORING_*, KEY_*, KVM_*, MADV_*, and UFFD_* constants.
- Updated lists of ioctl commands from Linux 5.18.

Bug fixes
- Fixed printing of the updated value of union bpf_attr.next_id on the exiting of bpf(BPF_*_GET_NEXT_ID) calls.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-07-03 22:16:43 +02:00
Nick Hainke
36f3238dcb strace: update to 5.17
Improvements
- Added 64-bit LoongArch architecture support.
- Extended personality designation syntax of syscall specification expressions to support all@pers and %class@pers.
- Enhanced rejection of invalid syscall numbers in syscall specification expressions.
- Implemented decoding of set_mempolicy_home_node syscall, introduced in Linux 5.17.
- Implemented decoding of IFLA_GRO_MAX_SIZE and TCA_ACT_IN_HW_COUNT netlink attributes.
- Implemented decoding of PR_SET_VMA operation of prctl syscall.
- Implemented decoding of siginfo_t.si_pkey field.
- Implemented decoding of LIRC ioctl commands.
- Updated lists of FAN_*, IORING_*, IOSQE_*, KEY_*, KVM_*, MODULE_INIT_*, TCA_ACT_*, and *_MAGIC constants.
- Updated lists of ioctl commands from Linux 5.17.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-07-03 22:16:43 +02:00
Hauke Mehrtens
576b62712f mac80211: Add DRIVER_11AX_SUPPORT dependency to mac80211-hwsim and iwlwifi
The mac80211-hwsim and the Intel iwlwifi driver support ieee80211ax, add
the missing DRIVER_11AX_SUPPORT dependency too.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-07-03 20:48:44 +02:00