Commit Graph

44964 Commits

Author SHA1 Message Date
Russell Senior
46e9a9b04e tools/patch: apply upstream patch for cve-2019-13638
GNU patch through 2.7.6 is vulnerable to OS shell command injection that
can be exploited by opening a crafted patch file that contains an ed style

diff payload with shell metacharacters. The ed editor does not need to be
present on the vulnerable system. This is different from CVE-2018-1000156.

https://nvd.nist.gov/vuln/detail/CVE-2019-13638

Signed-off-by: Russell Senior <russell@personaltelco.net>
(cherry picked from commit bcfd1d7685)
2019-08-14 07:29:32 +02:00
David Bauer
61e51473c2 lantiq: add led-upgrade alias for Fritz!Box 7412
This adds the led-upgrade alias for the AVM Fritz!Box 7412 to indicate a
running firmware upgrade.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 920abb9b58)
2019-08-11 12:54:57 +02:00
David Bauer
b72fa3e4a8 lantiq: enable second VPE on Fritz!Box 7412
The AVM Fritz!Box 7412 does not use the VMMC part of the Lantiq chip but
rather a proprietary solution based on the DECT chip for the FXS ports.

Therefore, the second VPE can be enabled for use with OpenWrt.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 891a700759)
2019-08-11 12:54:57 +02:00
David Bauer
5355665cc8 lantiq: correct Fritz!Box 7412 button logic level
The AVM FRITZ!Box 7412 buttons are both active low, which is currently
incorrectly defined in the device-tree.

This leads to the device booting directly into failsafe.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit c12947b39e)
2019-08-11 12:54:57 +02:00
Johann Neuhauser
af2ceb93d7 lantiq: use wpad-basic for boards with enough storage
This commit selects wpad-basic for the FRITZ!Box 7312 and 7412 as
wpad-mini is only selected on boards with small flash.

Signed-off-by: Johann Neuhauser <johann@it-neuhauser.de>
[add short description]
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit c3c3cd5e4a)
2019-08-11 12:54:57 +02:00
Hans Dedecker
30798132bf odhcpd: fix lingering uloop socket descriptor
e9e8240 router: fix lingering uloop socket descriptor

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-08-10 10:18:00 +02:00
Koen Vandeputte
62eae4805b ar71xx: ag71xx: init rings with GFP_KERNEL
ar71xx got lost during final rebase ..

Fixes: c8a6ce71e4 ("ar71xx/ath79: ag71xx: init rings with GFP_KERNEL")
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-08-09 18:52:21 +02:00
Koen Vandeputte
c8a6ce71e4 ar71xx/ath79: ag71xx: init rings with GFP_KERNEL
Upstream commit	246902bdf562d45ea3475fac64c93048a7a39f01

Which contains following explanation:

--
There is no need to use GFP_ATOMIC here, GFP_KERNEL should be enough.
The 'kcalloc()' just a few lines above, already uses GFP_KERNEL.
--

Looking at the code, all other descriptors also use plain GFP_KERNEL

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-08-09 18:32:38 +02:00
Koen Vandeputte
dda342abba ar71xx/ath79: ag71xx: fix sleep in atomic
When enabling atomic-sleep-debugging options in the kernel,
following splat is seen when disabling the interface (which happens on boot):

[   10.892878] eth0: link down
[   10.896788] BUG: sleeping function called from invalid context at net/core/dev.c:5563
[   10.904730] in_atomic(): 1, irqs_disabled(): 1, pid: 425, name: ip
[   10.911004] 2 locks held by ip/425:
[   10.914539]  #0:  (rtnl_mutex){....}, at: [<80377474>] rtnetlink_rcv_msg+0x2d8/0x380
[   10.922441]  #1:  (&(&ag->lock)->rlock){....}, at: [<80330158>] ag71xx_hw_disable+0x24/0x94
[   10.930976] CPU: 0 PID: 425 Comm: ip Not tainted 4.14.136 #0
[   10.936716] Stack : 805e0000 80589228 80557404 876998ec 80610000 80610000 87cdcafc 805b5327
[   10.945233]         80551534 000001a9 8061386c 87699ccc 87cfb180 00000001 876998a0 84f70903
[   10.953751]         00000000 00000000 80b00000 8769979c 6a7407fa 00000000 00000007 00000000
[   10.962270]         000000b7 16d0954a 000000b6 00000000 80000000 87cb658c 87cb65b0 00000001
[   10.970787]         8046f97c 87699ccc 87cfb180 87ff2810 00000003 802ce724 0806e098 80610000
[   10.979306]         ...
[   10.981797] Call Trace:
[   10.984287] [<8006cb0c>] show_stack+0x58/0x100
[   10.988814] [<800aab34>] ___might_sleep+0x100/0x120
[   10.993774] [<8035c434>] napi_disable+0x30/0xd8
[   10.998377] [<80330198>] ag71xx_hw_disable+0x64/0x94
[   11.003418] [<8033069c>] ag71xx_stop+0x24/0x38
[   11.007959] [<80359e30>] __dev_close_many+0xcc/0x104
[   11.013009] [<80362eac>] __dev_change_flags+0xc8/0x1ac
[   11.018227] [<80362fb8>] dev_change_flags+0x28/0x70
[   11.023182] [<80376890>] do_setlink+0x31c/0x91c
[   11.027786] [<80379360>] rtnl_newlink+0x3ec/0x7f8
[   11.032563] [<80377498>] rtnetlink_rcv_msg+0x2fc/0x380
[   11.037799] [<8039a734>] netlink_rcv_skb+0xd4/0x178
[   11.042754] [<80399d10>] netlink_unicast+0x168/0x250
[   11.047796] [<8039a2d4>] netlink_sendmsg+0x3d8/0x434
[   11.052841] [<8033f0e4>] ___sys_sendmsg+0x1dc/0x290
[   11.057794] [<80340140>] __sys_sendmsg+0x54/0x84
[   11.062495] [<8007212c>] syscall_common+0x34/0x58

This is caused by calling napi_disable() while holding the spinlock.

Fix it by omitting the spinlock, which is not required here
Extensively tested on GL-MiFi, RB-912 and RB-922 hardware

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-08-09 18:32:38 +02:00
Koen Vandeputte
33af038bec kernel: bump 4.14 to 4.14.137
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-08-09 18:32:38 +02:00
Jo-Philipp Wich
872cbcc628 config: introduce separate CONFIG_SIGNATURE_CHECK option
Introduce a new option CONFIG_SIGNATURE_CHECK which defaults to the value
of CONFIG_SIGNED_PACKAGES and thus is enabled by default.

This option is needed to support building target opkg with enabled
signature verification while having the signed package lists disabled.

Our buildbots currently disable package signing globally in the
buildroot and SDK to avoid the need to ship private signing keys to
the build workers and to prevent the triggering of random key generation
on the worker nodes since package signing happens off-line on the master
nodes.

As unintended side-effect, updated opkg packages will get built with
disabled signature verification, hence the need for a new override option.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit f565f276e2)
2019-08-07 07:53:48 +02:00
Petr Štetiar
ff550dae32 adb: fix build breakage on recent musl
Fix build breakage as upstream has removed implicit include of
sys/sysmacros.h from sys/types.h:

 remove implicit include of sys/sysmacros.h from sys/types.h

 this reverts commit f552c792c7ce5a560f214e1104d93ee5b0833967, which
 exposed the sysmacros.h macros (device major/minor calculations) for
 BSD and GNU profiles to mimic an unintentional glibc behavior some
 code depended on. glibc has deprecated and since removed them as the
 resolution to bug #19239, so it makes no sense for us to keep this
 behavior. affected code should all have been fixed by now, and if it's
 not yet fixed it needs to be for use with modern glibc anyway.

Ref: https://git.musl-libc.org/cgit/musl/commit/include/sys/types.h?id=a31a30a0076c284133c0f4dfa32b8b37883ac930
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 79596f782e)
2019-08-07 07:43:30 +02:00
Jo-Philipp Wich
4fd7a30c70 packages: apply usign padding workarounds to package indexes if needed
Since usign miscalculates SHA-512 digests for input sizes of exactly
64 + N * 128 + 110 or 64 + N * 128 + 111 bytes, we need to apply some
white space padding to avoid triggering the hashing edge case.

While usign itself has been fixed already, there is still many firmwares
in the wild which use broken usign versions to verify current package
indexes so we'll need to carry this workaround in the forseeable future.

Ref: https://forum.openwrt.org/t/signature-check-failed/41945
Ref: https://git.openwrt.org/5a52b379902471cef495687547c7b568142f66d2
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit e1f588e446)
2019-08-07 07:22:37 +02:00
Jo-Philipp Wich
7a10c7b882 usign: update to latest Git HEAD
This update fixes usign signature verification on files with certain
file sizes triggering a bug in the shipped SHA-512 implementation.

5a52b37 sha512: fix bad hardcoded constant in sha512_final()
3e6648b README: replace unicode character
716c3f2 README: add reference to OpenBSD signify
86d3668 README: provide reference for ed25519 algorithm
939ec35 usign: main.c: describe necessary arguments for -G

Ref: https://forum.openwrt.org/t/signature-check-failed/41945
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 991dd5a893)
2019-08-06 20:58:35 +02:00
Koen Vandeputte
bcbc7ba768 kernel: bump 4.14 to 4.14.136
Refreshed all patches.

Altered patches:
- 306-v4.16-netfilter-remove-saveroute-indirection-in-struct-nf_.patch

Remove upstreamed:
- 100-powerpc-4xx-uic-clear-pending-interrupt-after-irq-ty.patch
- 088-0002-i2c-qup-fixed-releasing-dma-without-flush-operation.patch
- 500-arm64-dts-marvell-Fix-A37xx-UART0-register-size.patch

Fixes:
- CVE-2019-13648
- CVE-2019-10207

Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-08-06 11:54:50 +02:00
David Bauer
0f3d54f5b7 mpc85xx: correct OCEDO Panda LED definition
WLAN0 and the unused LED are currently swapped. Fix this, so the LED
behavior matches the other OCEDo devices.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit a3a2b4857e)
2019-08-05 22:40:35 +02:00
Russell Senior
a941d39460 tools/patch: apply upstream patch for CVE-2019-13636
In GNU patch through 2.7.6, the following of symlinks is mishandled in
certain cases other than input files. This affects inp.c and util.c.

https://nvd.nist.gov/vuln/detail/CVE-2019-13636

Signed-off-by: Russell Senior <russell@personaltelco.net>
(cherry picked from commit 995bcc5329)
2019-08-01 21:54:43 +02:00
Petr Štetiar
53b61baac6 scripts/ubinize-image.sh: fix buildbot breakage
New Docker based buildslaves install just bare minimum of packages, thus
not having bsdmainutils package installed which provides `hexdump`
utility, leading to the following build breakage on buildbots:

 ubinize-image.sh: 12: /builder/scripts/ubinize-image.sh: hexdump: not found

So this patch simply replaces `hexdump` with `od` utility provided by
coreutils package, which should be likely available.

Co-authored-by: Yousong Zhou <yszhou4tech@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit c6d41c320c)
2019-08-01 21:54:40 +02:00
David Bauer
862352cdbd ar71xx: fix HiveAP 121 PLL for 1000M
The Aerohive HiveAP 121 has the wrong PLL value set for Gigabit speeds,
leading to packet-loss. 10M and 100M work fine.

This commit sets the Gigabit Ethernet PLL value to the correct value,
fixing packet loss.

Confirmed with iperf and floodping.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit cb49e46a8a)
2019-08-01 21:29:43 +02:00
Koen Vandeputte
a654ac0d6e ar71xx: really fix Mikrotik board detection
commit e09da0169a ("ar71xx: fix Mikrotik board detection")
was generated based on testing a rb-912 board, on which detection failed.

Testing on more hardware shows something fun:

machine	: MikroTik RouterBOARD 922UAGS-5HPacD
machine	: Mikrotik RouterBOARD 912UAG-5HPnD

Both lowercase and uppercase are used.
So ensure we support both now ..

Fixes: e09da0169a ("ar71xx: fix Mikrotik board detection")

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit 845b2a1cfe)
2019-08-01 12:11:59 +02:00
Koen Vandeputte
19f768f691 toolchain/musl: bump to version 1.1.23
new features:
- riscv64 port
- configure now allows customizing AR and RANLIB vars
- header-level support for new linux features in 5.1

major internal changes:
- removed extern __syscall; syscall header code is now fully self-contained

performance:
- new math library implementation for log/exp/pow
- aarch64 dynamic tlsdesc function is streamlined

compatibility & conformance:
- O_TTY_INIT is now defined
- sys/types.h no longer pollutes namespace with sys/sysmacros.h in any profile
- powerpc asm is now compatible with clang internal assembler

changes for new POSIX interpretations:
- fgetwc now sets stream error indicator on encoding errors
- fmemopen no longer rejects 0 size

bugs fixed:
- static TLS for shared libraries was allocated wrong on "Variant I" archs
- crash in dladdr reading through uninitialized pointer on non-match
- sigaltstack wrongly errored out on invalid ss_size when doing SS_DISABLE
- getdents function misbehaved with buffer length larger than INT_MAX
- set*id could deadlock after fork from multithreaded process

arch-specfic bugs fixed:
- s390x SO_PEERSEC definition was wrong
- passing of 64-bit syscall arguments was broken on microblaze
- posix_fadvise was broken on mips due to missing 7-arg syscall support
- vrregset_t layout and member naming was wrong on powerpc64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-07-31 16:56:19 +02:00
Koen Vandeputte
4fd61b6220 kernel: bump 4.14 to 4.14.134
Refreshed all patches.

Remove upstreamed:
- 049-v4.20-mips-remove-superfluous-check-for-linux.patch

Fixes:
- CVE-2019-3846
- CVE-2019-3900

Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-07-31 16:56:19 +02:00
Koen Vandeputte
8c57d88fcc imx6: bump SDMA firmware to 3.5
- add uart rom script address in header of sdma firmware to support
  the uart driver of latest kernel working well while old firmware
  assume ram script used for uart driver as NXP internal legacy
  kernel.
- add multi-fifo SAI/PDM scripts.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit 819b6345a206ad182dd3c2d786a3d7f04e33f751)
2019-07-31 16:56:19 +02:00
Petr Štetiar
2b074654b0 ath79: make target source-only
In order to prevent build of images for this release as ath79 is going
to deprecate ar71xx in the next release.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-07-29 17:47:29 +02:00
Koen Vandeputte
1172d809f2 ar71xx: fix Mikrotik board detection
Fix a typo in the machine type being extracted from /proc/cpuinfo
which causes all Mikrotik board to be undetected properly.

This lead to sysupgrade issues and probably some others too.

Fixes: 76c963bb01 ("ar71xx: base-files: fix board detect on new MikroTik devices")

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-07-29 10:15:46 +02:00
Tomislav Požega
5ec609815e ar71xx: fix WLAN LED names for Archer C7
Update WLAN LED colour identifier for both interfaces on Archer C7

Signed-off-by: Tomislav Požega <pozega.tomislav@gmail.com>
(cherry picked from commit 65762cdd22)
2019-07-28 23:27:39 +02:00
Tomislav Požega
be14b1feae ar71xx: fix system LED names on Archer C5/C7
Move system LED board definitions of Archer C5/C7 to reflect
actual system LED colour used

Signed-off-by: Tomislav Požega <pozega.tomislav@gmail.com>
(cherry picked from commit a73934fc9a)
2019-07-28 23:25:24 +02:00
Tomislav Požega
c59e24ca30 ar71xx: Archer C7 v1 LED names and RFKILL fixes
All leds on these boards are green. v1 has RFKILL GPIO 23 for production
units (it had GPIO 13 only for test phase units, and these are rather
very rare to find). As for the previous attempt to fix this and revert
due to WDR boards have blue leds, it was wrong: WDR board does not use
common setup (false).

Signed-off-by: Tomislav Požega <pozega.tomislav@gmail.com>
(cherry picked from commit c79c001b59)
2019-07-28 23:25:11 +02:00
Tomislav Požega
3c65433186 ar71xx: update qca-usb-quirks patch
Base address for USB0 has changed from 0x18116c94 on AR934X
to 0x18116d94 on QCA9558. CP Typo remained for years here...

Signed-off-by: Tomislav Požega <pozega.tomislav@gmail.com>
(cherry picked from commit fd5aa19480)
2019-07-28 23:25:03 +02:00
Rafał Miłecki
8efccf76f8 mac80211: brcm: improve brcmfmac debugging of firmware crashes
This provides a complete console messages dump.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 6a7b201b6c)
2019-07-28 14:21:50 +02:00
Rafał Miłecki
d8c59fa699 mac80211: brcm: update brcmfmac 5.4 patches
Use commits from wireless-drivers-next.git.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 8e466fb7e3)
2019-07-28 14:17:48 +02:00
Biwen Li
e0f468864b tfa-layerscape: fix create_pbl and byte_swap host build
- make create_pbl and byte_swap as host tools

- fix a bug that maybe use the cross compiler
to compile create_pbl and byte_swap:

	# -a option appends the image for Chassis 3 devices in case of non secure boot
	aarch64-openwrt-linux-musl-gcc -Wall -Werror -pedantic -std=c99 -O2
	 -DVERSION=v1.5(release):reboot-10604-ge9216b3336 -D_GNU_SOURCE -D_XOPEN_SOURCE=700
	 -c -o create_pbl.o create_pbl.c
	cc1: note: someone does not honour COPTS correctly, passed 0 times
	  LD      create_pbl
	/usr/bin/ld: create_pbl.o: Relocations in generic ELF (EM: 183)
	/usr/bin/ld: create_pbl.o: Relocations in generic ELF (EM: 183)
	/usr/bin/ld: create_pbl.o: Relocations in generic ELF (EM: 183)
	create_pbl.o: error adding symbols: File in wrong format
	collect2: error: ld returned 1 exit status
	Makefile:43: recipe for target create_pbl failed
	make[4]: *** [create_pbl] Error 1
	plat/nxp/tools/pbl_ch2.mk:45: recipe for target pbl failed
	make[3]: *** [pbl] Error 2

- add tfa- prefix to all tools in order to avoid future clashes with
  other toolnames

Signed-off-by: Biwen Li <biwen.li@nxp.com>
[added missing HOST_CFLAGS, added tfa- prefix to the tools]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 83d5ca2186)
2019-07-27 07:14:09 +02:00
Petr Štetiar
94e9084e1e tfa-layerscape: fix fiptool host build
fiptool is a host tool, used in a firmware generation pipeline, but it's
not treated as such, leading to the build breakage on the hosts which
don't have {Open,Libre}SSL dev package installed:

 In file included from fiptool.h:16:0,
                 from fiptool.c:19:
		 fiptool_platform.h:18:27: fatal error: openssl/sha.h:
		 No such file or directory
		  #  include <openssl/sha.h>

So this patch promotes fiptool into the host tool with proper host
include and library paths under STAGING_DIR.

Ref: https://github.com/openwrt/openwrt/pull/2267
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit b8249cef9f)
2019-07-27 07:13:59 +02:00
Jo-Philipp Wich
0a64b70e4e openwrt-keyring: update to Git HEAD
8080ef3 usign: add 19.07 release build pubkey
e24fe0d usign: use distro agnostic comments
251ded7 usign: fix filename of Stijn's usign key
14f0efc gpg: update snapshots public signing key
14f845b gpg: replace my public GPG key
4f735b8 gpg: add OpenWrt 19.07 signing key
228f8da gpg: add OpenWrt 18.06 v2 signing key
36057d9 gpg: update LEDE 17.01 public signing key
f2989ab Add my public GPG and usign key

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit e9216b3336)
2019-07-25 19:40:57 +02:00
Petr Štetiar
5100629e32 urngd: move project to git.openwrt.org
Let's move project to a proper place.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit bec8fb1ee7)
2019-07-22 09:53:01 +02:00
Petr Štetiar
a624821474 build: add urandom-seed and urngd to default packages set
urandom-seed content was split from base-files into separate package so
in order to preserve the current functionality and to provide some
fallback mechanism in case jent-rng initialization fails in urngd we
need to add it back.

urngd is OpenWrt's micro non-physical true random number generator based
on timing jitter.

Tested-by: Lucian Cristian <lucian.cristian@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit f5387b754f)
2019-07-22 09:53:01 +02:00
Petr Štetiar
f573d3de11 base-files: move urandom seed bits into separate package
So it's possible to install or remove it as needed.

Tested-by: Lucian Cristian <lucian.cristian@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 27bfde9c9f)
2019-07-22 09:53:01 +02:00
Petr Štetiar
81c5a5c4b3 ubox: move getrandom into separate getrandom package
So it's possible to install or remove it as needed.

Tested-by: Lucian Cristian <lucian.cristian@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 9b4de712ca)
2019-07-22 09:53:01 +02:00
Petr Štetiar
5082c1b204 urngd: add micro non-physical true RNG based on timing jitter
μrngd is OpenWrt's micro non-physical true random number generator based
on timing jitter.

Using the Jitter RNG core, the rngd provides an entropy source that
feeds into the Linux /dev/random device if its entropy runs low. It
updates the /dev/random entropy estimator such that the newly provided
entropy unblocks /dev/random.

The seeding of /dev/random also ensures that /dev/urandom benefits from
entropy. Especially during boot time, when the entropy of Linux is low,
the Jitter RNGd provides a source of sufficient entropy.

Acked-by: Jo-Philip Wich <jow@mein.io>
Tested-by: Lucian Cristian <lucian.cristian@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 714bd89fce)
2019-07-22 09:53:01 +02:00
Rafał Miłecki
bc0c0a5564 mac80211: brcm: backport first set of 5.4 brcmfmac changes
This doesn't include 9ff8614a3dbe ("brcmfmac: use separate Kconfig file
for brcmfmac") due to a few conflicts with backports changes.

An important change is:
[PATCH 2/7] brcmfmac: change the order of things in brcmf_detach()
which fixes a rmmod crash in the brcmf_txfinalize().

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit db8e08a5a4)
2019-07-21 16:24:41 +02:00
David Bauer
abe137ff5e ramips: add support for ASUS RT-AC57U
SoC:   MediaTek MT7621AT
RAM:   128M (Winbond W631GG6KB-15)
FLASH: 16MB (Spansion S25FL128SA)
WiFi:  MediaTek MT7603EN bgn 2SS
WiFi:  MediaTek MT7612EN nac 2SS
BTN:   Reset - WPS
LED:    - Power
        - LAN {1-4}
        - WAN
        - WiFi 2.4 GHz
        - WiFi 5 GHz
        - USB
UART:  UART is present next to the Power LED.
       TX - RX - GND - 3V3 / 57600-8N1
       3V3 is the nearest one to the Power LED.

Installation
------------
Via TFTP:
1. Set your computers IP-Address to 192.168.1.75.
2. Power up the Router with the Reset button pressed.
3. Release the Reset button after 5 seconds.
4. Upload OpenWRT sysupgrade image via TFTP:
 > tftp -4 -v -m binary 192.168.1.1 -c put <IMAGE>

Via SSH:
Note: User/password for SSH is identical with the one used in the
Web-interface.
1. Complete the initial setup wizard.
2. Activate SSH under "Administration" -> "System".
3. Transfer the OpenWrt sysupgrade image via scp:
 > scp owrt.bin admin@192.168.1.1:/tmp
4. Connect via SSH to the router.
 > ssh admin@192.168.1.1
5. Write the OpenWrt image to flash.
 > mtd-write -i /tmp/owrt.bin -d linux
6. Reboot the router
 > reboot

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 14e0e4f138)
2019-07-21 13:10:12 +02:00
David Bauer
5cd9b50d69 ath79: add support for devolo WiFi pro 1750x
Hardware
--------
CPU:   Qualcomm Atheros QCA9558
RAM:   128M DDR2
FLASH: 16MiB
ETH:   1x Atheros AR8035 (PoE in)
WiFi2: QCA9558 3T3R
WiFi5: QCA9880 3T3R
BTN:   1x Reset
LED:   1x LED Power (non-controllable)
       1x LED Status (internal)
       1x LED LAN (controlled by PHY)
       1x LED WLAN
BEEP:  1x GPIO attached piezo beeper
UART:  3.3V GND TX RX (115200-N-8) (3.3V is square pad)
       Header is located next to external-LED header.

Installation
------------
Make sure you set a password for the root user as prompted on first
setup!

1. Upload OpenWRT sysupgrade image via SSH to the device.
Use /tmp as the destination folder on the device.
User is root, password the one set in the web interface.

2. Install OpenWRT with

> sysupgrade -n -F /tmp/<openwrt-image-name>

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit cb3cd52694)
2019-07-21 13:09:45 +02:00
Etienne Champetier
76a4c93f9d ar71xx: enable SGMII fixup on Mikrotik wAP AC
fixes intermittent loss of connectivity on 1Gbit port, with log message:
> 803x_aneg_done: SGMII link is not ok

Thanks to David Bauer for pointing me in the right direction.
I just had to figure out the right bus_id, which you find in this log:
> ag71xx ag71xx.1: connected to PHY at gpio-1:00 [uid=004dd074,
  driver=Atheros 8031 ethernet]

Fixes FS#2236

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
[Wrapped commit message - Fixed whitespace erors]
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 2a7519e29d)
2019-07-21 13:09:31 +02:00
Petr Štetiar
4022035aaf mt7620: disable image generation for Netgear EX2700
Image generation is currently failing on builbots due to the following
error:

 WARNING: Image file [...] mt7620-ex2700-squashfs-factory.bin is too big

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-07-20 23:40:20 +02:00
Alberto Bursi
299faa7ab7 x86: add modern network modules to Generic target
Many Atom-based embedded/industrial x86 boards can't run 64bit operating
systems due to either processor or board firmware limitations, but they
have modern interfaces (PCIe) or have modern Intel gigabit controllers
onboard.  With the current default package selection for x86 Generic
target their network won't work.

Add the modern gigabit network modules needed or most likely going to be
used as add-in cards, similar to what is the list on x86_64 target.

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
[fixed whitespace issue]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit bb27cde257)
2019-07-20 22:58:08 +02:00
Petr Štetiar
2938d6530a ath25: disable image generation for ubnt2 and ubnt5 devices
Image generations is currently failing on builbots due to the following
errors:

 mkfwimage -B XS2 -v XS2 [...] ath25-ubnt2-squashfs-sysupgrade.bin
 ERROR: Failed creating firmware layout description - error code: -2

 mkfwimage -B XS5 -v XS5 [...] ath25-ubnt5-squashfs-sysupgrade.bin
 ERROR: Failed creating firmware layout description - error code: -2

That cryptic -2 error simply means, that kernel+rootfs doesn't fit into
the firmware partition.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-07-20 08:57:23 +02:00
David Bauer
6d59f4eeb4 gpio-button-hotplug: unify polled and interrupt code
This patch unifies the polled and interrupt-driven gpio_keys code
paths as well implements consistent handling of the debounce
interval set for the GPIO buttons and switches.

Hotplug events will only be fired if

1. The input changes its state and remains stable for the duration
   of the debounce interval (default is 5 ms).

2. In the initial stable (no state-change for duration of the
   debounce interval) state once the driver module gets loaded.

   Switch type inputs will always report their stable state.
   Unpressed buttons will not trigger an event for the initial
   stable state. Whereas pressed buttons will trigger an event.
   This is consistent with upstream's gpio-key driver that uses
   the input subsystem (and dont use autorepeat).

Prior to this patch, this was handled inconsistently for interrupt-based
an polled gpio-keys. Hence this patch unifies the shared logic into the
gpio_keys_handle_button() function and modify both implementations to
handle the initial state properly.

The changes described in 2. ) . can have an impact on the
failsafe trigger. Up until now, the script checked for button
state changes. On the down side, this allowed to trigger the
failsafe by releasing a held button at the right time. On the
plus side, the button's polarity setting didn't matter.

Now, the failsafe will only engage when a button was pressed
at the right moment (same as before), but now it can
theoretically also trigger when the button was pressed the
whole time the kernel booted and well into the fast-blinking
preinit phase. However, the chances that this can happen are
really small. This is because the gpio-button module is usually
up and ready even before the preinit state is entered. So, the
initial pressed button event gets lost and most devices behave
as before.

Bisectors: If this patch causes a device to permanently go into
failsafe or experience weird behavior due to inputs, please
check the following:
 - the GPIO polarity setting for the button
 - the software-debounce value

Run-tested for 'gpio-keys' and 'gpio-keys-polled' on

 - devolo WiFi pro 1200e
 - devolo WiFi pro 1750c
 - devolo WiFi pro 1750x
 - Netgear WNDR4700
 - Meraki MR24
 - RT-AC58U

Signed-off-by: David Bauer <mail@david-bauer.net>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [further
cleanups, simplification and unification]
(cherry picked from commit 27f3f493de)
2019-07-19 17:04:30 +02:00
Petr Štetiar
074c8e296c gpio-button-hotplug: fix 4.19 build breakage on malta/be64
While testing 4.19 build on malta/be64, I've encountered following
error:

 gpio-button-hotplug/gpio-button-hotplug.c:529:18: error: implicit
 declaration of function 'gpio_to_desc'

which is caused by the missing include fixed by this patch.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit dd6d82112a)
2019-07-19 17:00:30 +02:00
Adrian Schmutzler
96cc390d88 ath79: Use -v1 suffix for TP-Link WDR3600/4300
In ath79, identifiers tplink_tl-wdr3600 and tplink_tl-wdr4300 have
been used while most other TP-Link devices include the revision.

Although there actually is only one major revision of these
devices, they bear the revision on their bottom (v1.x). TP-Link
also refers to the devices as V1 on its web page.

This patch thus adds -v1 to both so it is more consistent
with other devices and with what you would expect from reading
the on-device sticker and the support pages.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-07-17 22:47:28 +02:00
Matt Merhar
c0a715f75e openvpn: fix handling of list options
This addresses an issue where the list option specified in
/etc/config/openvpn i.e. 'tls_cipher' would instead show up in the
generated openvpn-<name>.conf as 'ncp-ciphers'. For context,
'ncp_ciphers' appears after 'tls_cipher' in OPENVPN_LIST from
openvpn.options.

Also, the ordering of the options in the UCI config file is now
preserved when generating the OpenVPN config. The two currently
supported list options deal with cipher preferences.

Signed-off-by: Matt Merhar <mattmerhar@protonmail.com>
(cherry picked from commit 1d4c4cbd20)
2019-07-17 20:11:41 +02:00