Commit Graph

42409 Commits

Author SHA1 Message Date
Jo-Philipp Wich
9030a78a71 scripts: bundle-libraries: prevent loading host locales (FS#1803)
Binary patch the bundled glibc library to inhibit loading of host locale
archives in order to avoid triggering internal libc assertions when
invoking shipped, bundled executables.

The problem has been solved with upstream Glibc commit
0062ace229 ("Gracefully handle incompatible locale data") but we still
need to deal with older Glibc binaries for some time to come.

Fixes FS#1803
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-08-27 12:51:07 +02:00
Hans Dedecker
6caa8e09aa nghttp2: bump to 1.32.1
4c76aaee Update manual pages
2b51ad67 Bump up version number to 1.32.1, LT revision to 30:3:16
708379dc Tweak nghttp2_session_set_stream_user_data
73106b0d Compile with clang-6.0

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-08-27 10:11:10 +02:00
Stijn Tintel
2c01425d2d ath10k-firmware: update both QCA988X CT variants
This fixes slow performance with 802.11w enabled.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-08-26 18:24:02 +02:00
Stijn Tintel
616b972920 ath10k-ct: bump to git HEAD
e0d2ce0 ath10k:  Support setting tx_antenna in descriptor field.
29c644f Update to latest 4.13 and 4.16 ath10k-ct drivers.
20db9db ath10k:  Support vdev stats for 4.9, 4.16  kernel
fd92066 ath10k:  Support 'ct-sta-mode' for 9984 firmware that supports it.
34954f0 ath10k:  get_tsf, PMF

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-08-26 18:40:46 +03:00
Hauke Mehrtens
0f2787b9ff x86: geode: Add missing config options
This adds a configuration options which is needed now.
Without this patch the geode build will fail.

Fixes: 4eda2fddf2 ("x86/geode: enable X86_INTEL_LPSS to select PINCTRL")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-08-26 12:32:26 +02:00
Hans Dedecker
8fd8e79143 iproute2: update to 4.18.0
Update to the latest version of iproute2; see https://lwn.net/Articles/762515/
for a full overview of the changes in 4.18.
Remove upstream patch 001-rdma-sync-some-IP-headers-with-glibc

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-08-25 20:54:00 +02:00
Felix Fietkau
d9792152fd ath9k: fix setting up tx99 with a monitor mode interface
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-08-25 19:18:08 +02:00
Felix Fietkau
d45b5a061d ath79: fix mac address increment for embedded wireless Dorin
Use mtd-mac-address-increment-byte to match ar71xx behavior

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-08-25 19:18:08 +02:00
Felix Fietkau
a1f4ebcc87 kernel: make mtd mac address increment more flexible
Allow selecting the byte on which the increment should be added.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-08-25 19:18:08 +02:00
Hauke Mehrtens
e882e63f1e kernel: add missing dependency to regmap to kmod-gpio-mcp23s08
This fixes a build problem recently introduced.

Fixes: a904003b9b ("kernel: fix kmod-gpio-mcp23s08 for linux 4.14")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-08-25 18:18:35 +02:00
Tuomas Tynkkynen
5dd745588e brcm47xx: Enable USB power on WNDR3400v3
WNDR3400v3 needs GPIO 21 pulled high to enable power to USB ports. Add a
kernel patch to do that.

Signed-off-by: Tuomas Tynkkynen <tuomas.tynkkynen@iki.fi>
2018-08-25 16:27:17 +02:00
Keith Wong
79c233daa4 kernel: add kmod-tcp-bbr
This adds support for BBR (Bottleneck Bandwidth and RTT) TCP
congestion control. Applications (e.g. webservers, VPN client/server)
which initiate connections from router side can benefit from this.

This provide an easier way for users to use BBR by selecting /
installing kmod-tcp-bbr instead of altering kernel config and
compiling firmware by themselves.

Signed-off-by: Keith Wong <keithwky@gmail.com>
2018-08-25 15:40:24 +02:00
Daniel Engberg
e341f45913 libbsd: Update to 0.8.7
Update libbsd to 0.8.7
Remove glibc dependency
Clean up InstallDev and install entries
Use /usr path for consistency
Cherry pick patches from upstream to fix musl compilation

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2018-08-25 15:40:23 +02:00
Vladimir Vid
6cda4f6861 imx6: Initial support for SolidRun CuBox-i devices based on i.MX6 processors (i1, i2, i2eX, and i4Pro).
- Specifications -

CuBox i1:
- SoC: i.MX6 Solo
- Cores: 1
- Memory Size: 512MB
- GPU: GC880
- Wifi/Bluetooth: Optional
- USB 2.0 ports: 2
- Ethernet: 10/100/1000 Mbps

CuBox i2 | i2eX:
- SoC: i.MX6 Dual Lite
- Cores: 2
- Memory Size: 1GB
- GPU: GC2000
- Wifi/Bluetooth: Optional
- USB 2.0 ports: 2
- Ethernet: 10/100/1000 Mbps

CuBox i4Pro | i4x4:
- SoC: i.MX6 Quad
- Cores: 4
- Memory Size: 2/4 GB
- GPU: GC2000
- Wifi/Bluetooth: Build In
- USB 2.0 ports: 2
- Ethernet: 10/100/1000 Mbps

Built-in u-boot requires SPL (secondary program loader) to be present on the SD-card regardless of the image type which will be loaded.
SPL is generated by the u-boot-mx6cuboxi package which is preselected by the target device and can be found in bin/u-boot-mx6cuboxi directory.

Flashing the SPL:
dd if=/dev/zero of=/dev/mmcblk0 bs=1M count=4
dd if=bin/targets/imx6/generic/u-boot-mx6cuboxi/SPL of=/dev/mmcblk0 bs=1K seek=1

Preparing the firmware on the SD-card:
(echo o; echo n; echo p; echo 1; echo ''; echo ''; echo w) | fdisk /dev/mmcblk0
mkfs.ext4 /dev/mmcblk0p1
mount /dev/mmcblk0p1 /mnt
tar -xzf bin/targets/imx6/generic/openwrt-imx6-device-cubox-i-rootfs.tar.gz -C /mnt/
mkdir -p /mnt/boot
cp bin/targets/imx6/generic/{*-uImage,*.dtb,*.scr} /mnt/boot/

Generated u-boot.img needs to be placed on the first partition:
cp bin/targets/imx6/generic/u-boot-mx6cuboxi/u-boot.img /mnt/

To boot from the SD card:

Boot script which sets mmc/dtb parameters and boots the board is automatically sourced.
If this does not work for any reason:
mmc dev 0; load mmc 0:1 $scriptaddr boot/boot.scr; source $scriptaddr

Currently imx6dl-cubox-i.dtb (Dual Lite) and imx6q-cubox-i.dtb (Quad) device trees are available.

Tested on i4Pro, MMC, USB (+ HiD), HDMI and ethernet ports are working.
Wireless and bluetooth are broken ATM. According to SolidRun forums, BCM4329/BCM4330 firmware is used which works fine on older kernels.

Signed-off-by: Vladimir Vid <vladimir.vid@sartura.hr>
2018-08-25 15:40:23 +02:00
Antonio Silverio
672c430d6e mac80211: mwl8k: Expand non-DFS 5G channels
Add non-DFS 5G upper channels (149-165) besides existed 4 lower channels
(36, 40, 44, 48).

Signed-off-by: Antonio Silverio <menion@gmail.com>
2018-08-25 15:40:23 +02:00
Martin Schiller
a904003b9b kernel: fix kmod-gpio-mcp23s08 for linux 4.14
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2018-08-25 15:33:52 +02:00
Martin Schiller
17f30bfcf7 x86/64: enable X86_INTEL_LPSS to select PINCTRL
This makes it possible to use the MCP23S08 i/o expander
on x86_64 platforms with linux 4.14.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2018-08-25 15:33:51 +02:00
Martin Schiller
4eda2fddf2 x86/geode: enable X86_INTEL_LPSS to select PINCTRL
This makes it possible to use the MCP23S08 i/o expander
on geode platforms with linux 4.14.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2018-08-25 15:33:51 +02:00
Luis Araneda
64f4c3ef35 zynq: add support for the Zybo Z7 board
The board is manufactured by Digilent
Main features:
- Soc: XC7Z010 (Z7-10) or XC7Z020 (Z7-20)
- RAM: 1 GB DDR3L
- FLASH: 16 MB QSPI
- 1 Gbps Ethernet
- USB 2.0
- microSD slot
- Pcam camera connector
- HDMI Tx and Rx
- Audio codec: stereo out, stereo in, mic
- 5 (Z7-10) or 6 (Z7-20) Pmod ports
- 6 push-buttons, 4 switches, 5 LEDs
- 1 (Z7-10) or 2 (Z7-20) RGB LEDs

Signed-off-by: Luis Araneda <luaraneda@gmail.com>
2018-08-25 15:33:51 +02:00
Luis Araneda
43dedd0661 uboot-zynq: add support for the zybo z7 board
Backport board support from the upcoming v2018.09 release,
and add an additional patch to read the MAC address
from flash memory

Signed-off-by: Luis Araneda <luaraneda@gmail.com>
2018-08-25 15:33:50 +02:00
Alex Maclean
894a95fa2d x86: add UHCI and XHCI USB host drivers to 4.14
Without UHCI a non-trivial number of machines will have no keyboard
without BIOS assistance.

Add XHCI as well in case there are chipsets which don't support legacy
interfaces, and support PCI OHCI controllers also.

Signed-off-by: Alex Maclean <monkeh@monkeh.net>
2018-08-25 13:18:35 +02:00
Rosen Penev
3ccc2ebe01 libevent2: Switch to using release tarball
Starting with version 2.1.8, a release tarball is available.

Simplifies the Makefile slightly.

Updated the project URL. HTTPS is broken. Issue has been reported upstream

Adjusted patches. CMake support is not present in the tarball. It's made
for Windows anyway.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-08-25 13:18:35 +02:00
Thomas Langer
41faf52b0f build: Unset CDPATH to avoid problems
In some places the output of commands, which include "cd" are used.
In case of CDPATH the new path is printed, which might not be expected.
Disable the variable to avoid these problem.

When CDPATH was set by the user to some value like "export CDPATH=."
the git checkout done by the build system did not work anymore, the
git cloning aborted with such an error message for example:
....
Packing checkout...
tar: /disk/fs1/tmp2/mehrtens/pon-ugw/ugw-haps/openwrt/tmp/dl/ppa-drv-1.0\n@1534240258: Cannot stat: No such file or directory
tar: Date sample file not found
Try 'tar --help' or 'tar --usage' for more information.
.....

To avoid this, this patch makes the build system unset CDPATH inside
the build system, so the build system will still work even when the
user set this variable in his local environment.

Signed-off-by: Thomas Langer <thomas.langer@intel.com>
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
Acked-by: Hans Dedecker <dedeckeh@gmail.com>
2018-08-25 11:10:28 +02:00
Felix Fietkau
b6adfde0c6 mt76: update to the latest version
7daf962 mt7603: add survey support
980c606 mt7603: add fix for CCA signal configuration
30b8371 mt7603: fix BAR rate

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-08-24 21:33:54 +02:00
Hans Dedecker
2211ee0037 dropbear: backport upstream fix for CVE-2018-15599
CVE description :
The recv_msg_userauth_request function in svr-auth.c in Dropbear through
2018.76 is prone to a user enumeration vulnerability because username
validity affects how fields in SSH_MSG_USERAUTH messages are handled,
a similar issue to CVE-2018-15473 in an unrelated codebase.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-08-24 15:25:26 +02:00
Thibaut VARÈNE
bbe2cf657c ramips: fix RBM11G partitioning
This patch improves faf64056dd by correcting
the partition scheme for the "RouterBoot" section of the flash.

The partition scheme initially submitted is incorrect and does not reflect
the actual flash structure.

The "RouterBoot" section (name matching OEM) is subdivided in several
static segments, as they are on ar71xx RB devices albeit with different
offsets and sizes.
The naming convention from ar71xx has been preserved, except for the
bootloaders which are named "bootloader1" and "bootloader2" to avoid
confusion with the master "RouterBoot" partition.
The preferred 'fixed-partitions' DTS node syntax is used, with nesting
support as introduced in 2a598bbaa3.
"partition" is used for node names, with associated "label" to match
policy set by 6dd94c2781.

Leave a note in DTS to explain how the original author selected the SPI speed.

Tested-by: Tobias Schramm <tobleminer@gmail.com>
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
Reviewed-by: Rafał Miłecki <rafal@milecki.pl>
2018-08-24 11:53:51 +02:00
Thibaut VARÈNE
b90cad2c2e ramips: fix RBM33G partitioning
This patch improves 5684d08741 by correcting
the partition scheme for the "RouterBoot" section of the flash.

The partition scheme initially submitted is incorrect and does not reflect
the actual flash structure.

The "RouterBoot" section (name matching OEM) is subdivided in several
static segments, as they are on ar71xx RB devices albeit with different
offsets and sizes.
The naming convention from ar71xx has been preserved, except for the
bootloaders which are named "bootloader1" and "bootloader2" to avoid
confusion with the master "RouterBoot" partition.
The preferred 'fixed-partitions' DTS node syntax is used, with nesting
support as introduced in 2a598bbaa3.
"partition" is used for node names, with associated "label" to match
policy set by 6dd94c2781.

The OEM source code also define a "RouterBootFake" partition at the
beginning of the secondary flash chip: to avoid trouble if OEM ever makes
use of that space, it is also defined here.

The resulting partition scheme looks like this:
[   10.114241] m25p80 spi0.0: w25x40 (512 Kbytes)
[   10.118708] 1 fixed-partitions partitions found on MTD device spi0.0
[   10.125049] Creating 1 MTD partitions on "spi0.0":
[   10.129824] 0x000000000000-0x000000040000 : "RouterBoot"
[   10.136215] 5 fixed-partitions partitions found on MTD device RouterBoot
[   10.142894] Creating 5 MTD partitions on "RouterBoot":
[   10.148032] 0x000000000000-0x00000000f000 : "bootloader1"
[   10.154336] 0x00000000f000-0x000000010000 : "hard_config"
[   10.160665] 0x000000010000-0x00000001f000 : "bootloader2"
[   10.167046] 0x000000020000-0x000000021000 : "soft_config"
[   10.173461] 0x000000030000-0x000000031000 : "bios"
[   10.190191] m25p80 spi0.1: w25q128 (16384 Kbytes)
[   10.194950] 2 fixed-partitions partitions found on MTD device spi0.1
[   10.201271] Creating 2 MTD partitions on "spi0.1":
[   10.206071] 0x000000000000-0x000000040000 : "RouterBootFake"
[   10.212746] 0x000000040000-0x000001000000 : "firmware"
[   10.307216] 2 minor-fw partitions found on MTD device firmware
[   10.313044] 0x000000040000-0x000000220000 : "kernel"
[   10.319002] 0x000000220000-0x000001000000 : "rootfs"
[   10.324906] mtd: device 9 (rootfs) set to be root filesystem
[   10.330678] 1 squashfs-split partitions found on MTD device rootfs
[   10.336886] 0x000000b40000-0x000001000000 : "rootfs_data"

Leave a note in DTS to explain how the original author selected the SPI speed.

Tested-by: Tobias Schramm <tobleminer@gmail.com>
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
Reviewed-by: Rafał Miłecki <rafal@milecki.pl>
[rmilecki: dropped "RouterBootFake" partition]
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-08-24 11:46:48 +02:00
Koen Vandeputte
6100655c8c ar71xx: fix typo in rb91x nand source
Fixes: 3b1ea0996f ("ar71xx: fix build error due to bad include")

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-08-24 09:18:13 +02:00
Lech Perczak
4f3d700138 ath79: ubnt-xm: create mapping for RSSI LEDs
Ubiquiti XM series boards contain a set of RSSI LEDs. Create an UCI
mapping for them, so visual feedback on RSSI is available, when using
userspace RSSI monitor daemon.

Runtime tested using rssileds.

Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
2018-08-23 22:42:15 +02:00
Lech Perczak
d40956a74c ath79: ubnt-xm: hijack LED4 as booting/failsafe
Create aliases for led-booting and led-failsafe pointing at
ubnt:green:link4 LED, forUbiquiti XM series, so visual feedback
on device status becomes available, in order to enter failsafe mode
via button. led-running and led-upgrade aliases are omitted to avoid
conflicting with RSSI LEDs when in normal operation.

Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
2018-08-23 22:42:15 +02:00
Lech Perczak
7782715373 ath79: ubnt-xm: disable WAN on (rocket|bullet)-m
ubnt,bullet-m and ubnt,rocket-m targets support only single Ethernet
port, therefore disable creation of WAN zone and interfaces for them,
as their intended purpose is a wireless bridge. This aligns the
configuration with one found in ar71xx target.

ubnt,nano-m target is kept as is, being a two-port device.

Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
2018-08-23 22:42:15 +02:00
Lech Perczak
614199c81d ath79: ubnt-xm: support ath9k firmware loading
Enable ath9k EEPROM extraction on boot for Ubiquiti XM-series boards.
This is required for wireless interface to function.
Runtime tested on Nanobridge M5.

Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
2018-08-23 22:42:15 +02:00
INAGAKI Hiroshi
30b4f78193 ath79: add support for I-O DATA ETG3-R
I-O DATA ETG3-R is a wired router, based on Atheros AR9342.

Specification:

- Atheros AR9342
- 64 MB of RAM
- 8 MB of Flash
- 5x 10/100/1000 Ethernet
  - AR8327N
- 2x LEDs, 1x key
- UART header on PCB
  - Vcc, GND, TX, RX from ethernet port side
  - 115200n8

Flash instruction using initramfs image:

1. Connect serial cable to UART header on ETG3-R
2. Rename OpenWrt initramfs image to "1500A8C0.img" and place it in
the TFTP directory
3. Set IP address of the computer to 192.168.0.10, connect to the
LAN port of ETG3-R, and start the TFTP server on the computer
4. Connect power cable to ETG3-R and turn on the router
5. Press "Enter" key when the "Hit any key to stop autoboot:" message
is displayed on the console and enter the u-boot cli
6. execute following commands to change kernel address for u-boot
  setenv bootsf 1
  setenv mtd_kernel1 "bootm 0x9f050000"
  saveenv
7. execute "tftpboot; bootm" command to download the initramfs image from
TFTP server and boot with it
8. On the initramfs image, execute "mtd erase firmware" to erase stock
firmware and execute sysupgrade with sysupgrade image for ETG3-R
9. Wait ~150 seconds to complete flashing

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
2018-08-23 22:42:15 +02:00
Roger Pueyo Centelles
524c17d865 ramips: mt7620: add dir-810l network config
The device was not included in the /etc/board.d/02_network file, so
the network wouldn't be properly set up on boot.

Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
2018-08-23 22:42:15 +02:00
NOGUCHI Hiroshi
ad10e71bec ramips: add support for ELECOM WRC-1900GST
ELECOM WRC-1900GST is a wireless router, based on Mediatek MT7621A.
This is almost same as WRC-2533GST except wireless specs.

Specifications:

  - SoC : MT7621A (four logical CPU cores)
  - RAM : 128MiB
  - ROM : 16MiB of SPI NOR-FLASH
  - wireless :
          5GHz : 3T3R up to 1300Mbps/11ac with MT7615
          2.4GHz : 3T3R up to 600Mbps/11n with MT7615
  - Ethernet : 5 ports, all ports is capable of 1000base-T
  - Ether switch : MT7530 (MT7621A built-in)
  - LEDs : 4 LEDs
  - buttons : 2 buttons and 1 slide-switch
  - UART : header is on PCB, 57600bps

Flash instruction using factory image:

 1. Connect the computer to the LAN port of WRC-1900GST
 2. Connect power cable to WRC-1900GST and turn on it
 3. Access to "https://192.168.2.1/" and open firmware update
    page ("ファームウェア更新")
 4. Select the OpenWrt factory image and click apply ("適用")
    button
 5. Wait ~150 seconds to complete flashing

Signed-off-by: NOGUCHI Hiroshi <drvlabo@gmail.com>
2018-08-23 22:42:09 +02:00
Mathias Kresin
b8996ea08a ramips: fix compatibles in SoC dtsi
The former used compatibles aren't defined anywhere and aren't used by
the devicetree source files including them.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2018-08-23 22:40:59 +02:00
Mathias Kresin
b88e03e2d4 ramips: fix GL-MT300N-V2 SoC compatible
According to abbfcc8525 ("ramips: add support for GL-inet
GL-MT300N-V2") the board has a MediaTek MT7628AN. Change the SoC
compatible to match the used hardware.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2018-08-23 22:40:59 +02:00
Mathias Kresin
28de86e816 ramips: drop not existing groups from pinmux
RT5350 neither have rgmii nor a mdio pinmux group. MT7628an doesn't
have a jtag group. Having these groups defined might cause a boot
panic.

The pin controller fails to initialise for kernels > 4.9 if invalid
groups are used. If a subsystem references a pin controller
configuration node, it can not find this node and errors out. In worst
case it's the SPI driver which errors out and we have no root
filesystem to mount.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2018-08-23 22:40:59 +02:00
Mathias Kresin
6b13238a13 generic: revert workarounds for AR8337 switch
The intention of 967b6be118 ("ar8327: Add workarounds for AR8337
switch") was to remove the register fixups for AR8337. But instead they
were removed for AR8327.

The RGMII RX delay is forced even if the port is used as phy instead of
mac, which results in no package flow at least for one board.

Fixes: FS#1664

Signed-off-by: Mathias Kresin <dev@kresin.me>
2018-08-23 22:40:59 +02:00
Jo-Philipp Wich
a27de701b0 wolfssl: disable broken shipped Job server macro
The AX_AM_JOBSERVER macro shipped with m4/ax_am_jobserver.m4 is broken on
plain POSIX shells due to the use of `let`.

Shells lacking `let` will fail to run the generated m4sh code and end up
invoking "make" with "-jyes" as argument, fialing the build.

Since there is no reason in the first place for some random package to
muck with the make job server settings and since we do not want it to
randomly override "-j" either, simply remove references to this defunct
macro to let the build succeed on platforms which not happen to use bash
as default shell.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-08-23 20:14:00 +02:00
Jo-Philipp Wich
9ffbe84ea4 grub2: rebase patches
Patch 300-CVE-2015-8370.patch was added without proper rebasing on the
version used by OpenWrt, make it apply and refresh the patch to fix
compilation.

Fixes: 7e73e9128f ("grub2: Fix CVE-2015-8370")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-08-23 19:08:58 +02:00
Jo-Philipp Wich
214146c6f2 uhttpd: support multiple Lua prefixes
Update to latest git HEAD in order to support configuring multiple
concurrent Lua prefixes in a single uhttpd instance:

  b741dec lua: support multiple Lua prefixes

Additionally rework the init script and update the default configuration
example to treat the lua_prefix option as key=value uci list, similar to
the interpreter extension mapping. Support for the old "option lua_prefix"
plus "option lua_handler" notation is still present.

Finally drop the sed postinstall hack in uhttpd-mod-lua to avoid mangling
files belonging to other packages. Since Lua prefixes have precedence
over CGI prefixes, simply register `/cgi-bin/luci` as Lua handler which
will only become active if both luci-base and uhttpd-mod-lua is installed.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-08-23 09:18:04 +02:00
Rosen Penev
7e73e9128f grub2: Fix CVE-2015-8370
This CVE is a culmination of multiple integer overflow issues that cause
multiple issues like Denial of Service and authentication bypass.

More info: https://nvd.nist.gov/vuln/detail/CVE-2015-8370

Taken from Fedora.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-08-23 07:15:53 +02:00
Rosen Penev
f9469efbfa bzip2: Fix CVE-2016-3189
Issue causes a crash with specially crafted bzip2 files.

More info: https://nvd.nist.gov/vuln/detail/CVE-2016-3189

Taken from Fedora.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-08-23 07:15:35 +02:00
Koen Vandeputte
6b4ba118ac kernel: bump 4.14 to 4.14.66
Refreshed all patches

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-08-22 13:47:13 +02:00
Koen Vandeputte
7a9afb8783 kernel: bump 4.9 to 4.9.123
Refreshed all patches

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-08-22 13:47:13 +02:00
Koen Vandeputte
3b1ea0996f ar71xx: fix build error due to bad include
While "rawnand.h" is available in kernel 4.14,
the default for this target is kernel 4.9 in which "nand.h" should be used.

Add an extra check to include the correct file depending on kernel version

Fixes these build errors:

drivers/mtd/nand/ar934x_nfc.c:16:10: fatal error: linux/mtd/rawnand.h: No such file or directory
 #include <linux/mtd/rawnand.h>
          ^~~~~~~~~~~~~~~~~~~~~
compilation terminated.

Fixes: 318e19ba67 ("ar71xx: add v4.14 support")

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-08-22 13:11:59 +02:00
Koen Vandeputte
743654f30d ar71xx: add missing include for checking kernel version
Fixes these build errors:

arch/mips/ath79/mach-rb2011.c:20:5: error: "LINUX_VERSION_CODE" is not defined, evaluates to 0 [-Werror=undef]
 #if LINUX_VERSION_CODE < KERNEL_VERSION(4,14,0)
     ^~~~~~~~~~~~~~~~~~
arch/mips/ath79/mach-rb2011.c:20:26: error: "KERNEL_VERSION" is not defined, evaluates to 0 [-Werror=undef]
 #if LINUX_VERSION_CODE < KERNEL_VERSION(4,14,0)
                          ^~~~~~~~~~~~~~
arch/mips/ath79/mach-rb2011.c:20:40: error: missing binary operator before token "("
 #if LINUX_VERSION_CODE < KERNEL_VERSION(4,14,0)
                                        ^

Fixes: 318e19ba67 ("ar71xx: add v4.14 support")

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-08-22 13:11:52 +02:00
Rosen Penev
499773f8ef samba36: Enable umdnsd support
Allows discovery without having to use NetBIOS. Useful for mobile devices.

Could eventually throw nbmd away. But that requires Windows 10...

Tested on Fedora 28 with avahi-discover.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-08-22 11:23:02 +02:00
Rosen Penev
7961009346 yamonenv: Remove dead URLs
uscan errors on the URL as it is no longer available.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-08-22 11:22:17 +02:00