Refreshed all patches.
Also add a missing symbol for x86 which got used now in this bump.
- ISCSI_IBFT
Compile-tested on: cns3xxx, x86_64
Runtime-tested on: cns3xxx, x86_64
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
This should fix a problem with 1560 MTU, 160Mhz on DFS channels,
some other small issues on < 5.2 kernels, and for 5.2 driver,
it pulls in some upstream stable fixes.
wave-1 firmware changes since last update:
* June 24, 2019: Try allocating low-priority WMI msgs if high-prio are not available.
* June 24, 2019: Init rate-ctrl to start at lowest rate instead of in the middle. Hoping
this helps DHCP when station connects from a long distance.
wave-2:
* June 24, 2019 Start rate-ctrl at minimal values to help DHCP work better for far-away peers.
* July 24, 2019 Fix old regression that made /a (and probably /b/g) perform poorly, at least on
diet-compiled images.
* Aug 8, 2019 Improve a/b/g rate-ctrl by damping the PER swings caused by the all-or-nothing logic
of transmitting non-block-ack frames one at a time.
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit de5f0764883ad6a0767da58d7359f3e01aa91139)
the ath10k-ct package ships multiple versions of the ath10k-ct driver,
OpenWrt currently only uses the version 4.19, but we still ship some
patches for older versions. Remove all patches only touching older
versions and also remove the patch for older versions from patches which
do the same changes to multiple versions of ath10k-ct.
This removes some unneeded patches, the end binary should stay the same.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 10fe5ca362)
This patch updates the board-2.bin for the default
IPQ4019, QCA9984 and QCA9888 ath10k-firmware-xyz-ct
and -ct-htt firmwares.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 7f79882d44)
wave-1:
2019-05-09: Tweak rate-ctrl: Ramp PER up faster, down slower. This
helps throughput in rate-vs-range test, especially with
nss1.
2019-05-20: Disable adaptive-CCA. I am not sure it helps, and it may
make it slower to detect noise that should tell the system
to stop transmitting. If someone has means to test this
properly, I'd be happy to work with them.
wave-2:
2019-05-15: Fix problem where rate-ctrl sometimes used rix of 0x0.
2019-05-15: Allow raw-tx of encrypted frame. Requires a patch to the
driver to use raw mode when skb has WEP flag enabled AND
skb is flagged to not be encrypted. Lightly tested.
2019-05-16: Fix tx-hang that happened when rate-ctrl chose an OFDM rate
for 20Mhz and sent that as AMPDU. To fix, limit to (V)HT
rates if peer is (V)HT. It seems that MCS0 (V)HT20 should
have as good of a chance of being detected as CCK or OFDM.
2019-06-06: Disable TX-BFEE, TX-BFER for IBSS connections. I suspect
this is part of the tx-hang issue seen with IBSS between
two 9984 radios.
2019-06-12: Fix rx-rate reporting in 'fw_stats' logic. This was at
least partly due to regressions I had added earlier when
working on some multi-vdev enhancements.
2019-6-12: Fix case where extd peer-stats were not always populated.
The stats gathering code did not handle error conditions
well.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit ff2382e36c)
Changes:
ath10k: Improve PMF/MPF mgt frame check
And add a driver for 5.2 (beta, not even tested yet) kernel.
Refresh patches.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 49b3dcb2ab)
For x86/64 (maybe more) target the SUPPORTED_DEVICES variable is empty
which causes the `&&` junction to fail, producing a non zero exit code.
Tested-by: Paul Spooren <mail@aparcar.org>
Fixed-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 07926d7def)
This adds missing includes for sys/sysmacros.h which are needed with
musl libc 1.1.23.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit ba8aeb02ea)
musl libc through 1.1.23 has an x87 floating-point stack adjustment
imbalance, related to the math/i386/ directory. In some cases, use of
this library could introduce out-of-bounds writes that are not present
in an application's source code.
This problem only affects x86 and no other architectures.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit c262daf308)
The OpenWrt buildroot ABI version rebuild tracker does not handle
transient dependencies, therefor add all libraries linked by uhttpd
as direct dependencies to the corresponding binary package definition.
This ensures that uhttpd is automatically rebuilt and relinked if any
of these libraries has its ABI_VERSION updated in the future.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit a95ddaba02)
This happens only the second time a library is loaded by dlopen().
After lib1 is loaded, dlsym(lib1,"undef1") correctly resolves the undef
symbol from lib1 dependencies. After the second library is loaded,
dlsym(lib2,"undef1") was returning the address of "undef1" in lib2
instead of searching lib2 dependencies.
Using upstream fix which now uses the same logic for relocation time
and dlsym.
Fixesopenwrt/packages#9297
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
(cherry picked from commit 0d0617ff14)
It seems bzip2 was abandoned by the author and adopted by the sourceware
people. The last release of bzip2 was from 2010.
Several security bugs were fixed as well as others.
Fixed up PKG_LICENSE to be compatible with SPDX.
Changed URLs to point to the new home.
Added patch that gets rid of deprecated utime function and switches it to
utimensat.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Always build AES-GCM support.
Unnecessary patches were removed.
This includes two vulnerability fixes:
CVE-2019-11873: a potential buffer overflow case with the TLSv1.3 PSK
extension parsing.
CVE-2019-13628 (currently assigned-only): potential leak of nonce sizes
when performing ECDSA signing operations. The leak is considered to be
difficult to exploit but it could potentially be used maliciously to
perform a lattice based timing attack.
This brings the package up-to-date with master, so it incorporates
changes from 4.0.0 in master:
* Removed options that can't be turned off because we're building with
--enable-stunnel, some of which affect hostapd's Config.in.
* Adjusted the title of OCSP option, as OCSP itself can't be turned off,
only the stapling part is selectable.
* Mark options turned on when wpad support is selected.
* Add building options for TLS 1.0, and TLS 1.3.
* Add hardware crypto support, which due to a bug, only works when CCM
support is turned off.
* Reorganized option conditionals in Makefile.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
This updates to backports-4.19.57-1 which contains the wireless
subsystem and driver from kernel 4.19.57.
The removed patches are applied upstream.
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This will reduce the size of the kernel if CONFIG_CC_OPTIMIZE_FOR_SIZE is
set like for all targets with small_flash feature flag.
I haven't seen any changes for an ARM64 target which optimizes the
kernel for speed instead.
On the ath79/tiny target the uncompressed kernel size was reduced by
3.2% and the compressed kernel size by 2.1%
kernel size with CONFIG_OPTIMIZE_INLINING=n
4346412 build_dir/target-mips_24kc_musl/linux-ath79_tiny/vmlinux
1391169 build_dir/target-mips_24kc_musl/linux-ath79_tiny/tplink_tl-wr941-v4-kernel.bin
Kernel size with CONFIG_OPTIMIZE_INLINING=y
4212396 build_dir/target-mips_24kc_musl/linux-ath79_tiny/vmlinux
1362051 build_dir/target-mips_24kc_musl/linux-ath79_tiny/tplink_tl-wr941-v4-kernel.bin
This change is currently pending for kernel 5.2 and already in
linux-next, this updates our patch to match the upstream version.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 6dac1c0a9b)
Unconditionally execute the final case statement, even if the disk layout
changed. This is necessary, to keep the original Turris Omnia flash
instructions working: The disk layout WILL change, when switching from
TurrisOS to OpenWRT. Without updating the uboot environment at the same
time, the user would end up with an unbootable system.
Fixes commit 2e5a0b81ec ("mvebu: sysupgrade: sdcard: keep user added ...")
Signed-off-by: Klaus Kudielka <klaus.kudielka@gmail.com>
This commit fixes regression on Linksys WRT1900 (Mamba) where this device
doesn't have USB 3.0 controller integrated in SoC, instead it has Etron
EJ168 connected to PCIe lane. Previously enabled in kernel 4.4 and 4.9,
was lost in transition to 4.14.
Fixes: 4ccad92 ("mvebu: Add support for kernel 4.14")
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
This commit unifies the LED mapping of the AVM Fritz!Box routers, which
have a combined Power/DSL LED.
With the stock firmware, the Power LED has the following
characteristics:
- Blink when DSL sync is being established
- Solid when DSL sync is present
We can't completely resemble this behavior in OpenWrt. Currently, the
Power LED is completely off, when DSL sync is missing. This is not
really helpful, as a user might have the impression, that he bricked his
device.
Instead, map the Info-LED to the state of the DSL connection.
There is no consistent behavior for the Info-LED in the stock
firmware, as the user can set it's function by himself. The DSL
connection state is one possible option for the Info LED there.
Also use the red Power LED to indicate a running upgrade, in case the
board has a two-color Power LED.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 3032bf7f89)
This reverts commit 2b074654b0.
Due to popular demand, I've decided to revert this commit after
deliberating with Petr. This means that 19.07 will ship ath79 binary
images after all.
We do however consider the ath79 target on Kernel 4.14 in the 19.07
branch to be beta quality at best.
Acked-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
GNU patch through 2.7.6 is vulnerable to OS shell command injection that
can be exploited by opening a crafted patch file that contains an ed style
diff payload with shell metacharacters. The ed editor does not need to be
present on the vulnerable system. This is different from CVE-2018-1000156.
https://nvd.nist.gov/vuln/detail/CVE-2019-13638
Signed-off-by: Russell Senior <russell@personaltelco.net>
(cherry picked from commit bcfd1d7685)
This adds the led-upgrade alias for the AVM Fritz!Box 7412 to indicate a
running firmware upgrade.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 920abb9b58)
The AVM Fritz!Box 7412 does not use the VMMC part of the Lantiq chip but
rather a proprietary solution based on the DECT chip for the FXS ports.
Therefore, the second VPE can be enabled for use with OpenWrt.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 891a700759)
The AVM FRITZ!Box 7412 buttons are both active low, which is currently
incorrectly defined in the device-tree.
This leads to the device booting directly into failsafe.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit c12947b39e)
This commit selects wpad-basic for the FRITZ!Box 7312 and 7412 as
wpad-mini is only selected on boards with small flash.
Signed-off-by: Johann Neuhauser <johann@it-neuhauser.de>
[add short description]
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit c3c3cd5e4a)
ar71xx got lost during final rebase ..
Fixes: c8a6ce71e4 ("ar71xx/ath79: ag71xx: init rings with GFP_KERNEL")
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Upstream commit 246902bdf562d45ea3475fac64c93048a7a39f01
Which contains following explanation:
--
There is no need to use GFP_ATOMIC here, GFP_KERNEL should be enough.
The 'kcalloc()' just a few lines above, already uses GFP_KERNEL.
--
Looking at the code, all other descriptors also use plain GFP_KERNEL
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Introduce a new option CONFIG_SIGNATURE_CHECK which defaults to the value
of CONFIG_SIGNED_PACKAGES and thus is enabled by default.
This option is needed to support building target opkg with enabled
signature verification while having the signed package lists disabled.
Our buildbots currently disable package signing globally in the
buildroot and SDK to avoid the need to ship private signing keys to
the build workers and to prevent the triggering of random key generation
on the worker nodes since package signing happens off-line on the master
nodes.
As unintended side-effect, updated opkg packages will get built with
disabled signature verification, hence the need for a new override option.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit f565f276e2)
Fix build breakage as upstream has removed implicit include of
sys/sysmacros.h from sys/types.h:
remove implicit include of sys/sysmacros.h from sys/types.h
this reverts commit f552c792c7ce5a560f214e1104d93ee5b0833967, which
exposed the sysmacros.h macros (device major/minor calculations) for
BSD and GNU profiles to mimic an unintentional glibc behavior some
code depended on. glibc has deprecated and since removed them as the
resolution to bug #19239, so it makes no sense for us to keep this
behavior. affected code should all have been fixed by now, and if it's
not yet fixed it needs to be for use with modern glibc anyway.
Ref: https://git.musl-libc.org/cgit/musl/commit/include/sys/types.h?id=a31a30a0076c284133c0f4dfa32b8b37883ac930
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 79596f782e)
Since usign miscalculates SHA-512 digests for input sizes of exactly
64 + N * 128 + 110 or 64 + N * 128 + 111 bytes, we need to apply some
white space padding to avoid triggering the hashing edge case.
While usign itself has been fixed already, there is still many firmwares
in the wild which use broken usign versions to verify current package
indexes so we'll need to carry this workaround in the forseeable future.
Ref: https://forum.openwrt.org/t/signature-check-failed/41945
Ref: https://git.openwrt.org/5a52b379902471cef495687547c7b568142f66d2
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit e1f588e446)
This update fixes usign signature verification on files with certain
file sizes triggering a bug in the shipped SHA-512 implementation.
5a52b37 sha512: fix bad hardcoded constant in sha512_final()
3e6648b README: replace unicode character
716c3f2 README: add reference to OpenBSD signify
86d3668 README: provide reference for ed25519 algorithm
939ec35 usign: main.c: describe necessary arguments for -G
Ref: https://forum.openwrt.org/t/signature-check-failed/41945
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 991dd5a893)
WLAN0 and the unused LED are currently swapped. Fix this, so the LED
behavior matches the other OCEDo devices.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit a3a2b4857e)