Commit Graph

16217 Commits

Author SHA1 Message Date
Hauke Mehrtens
90a0daf4fe hostapd: use config option CONFIG_NO_LINUX_PACKET_SOCKET_WAR
Instead of patching the workaround away, just use the config option.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 9b4a27455c)
2019-11-14 20:59:58 +01:00
Hauke Mehrtens
5e8d1b52da hostapd: Update to version 2.9 (2019-08-08)
The size of the ipkgs increase a bit (between 0.7% and 1.1%):

old 2019-04-21 (2.8):
288264 wpad-basic_2019-04-21-63962824-1_mipsel_24kc.ipk
256188 wpad-mini_2019-04-21-63962824-1_mipsel_24kc.ipk
427475 wpad-openssl_2019-04-21-63962824-1_mipsel_24kc.ipk
423071 wpad-wolfssl_2019-04-21-63962824-1_mipsel_24kc.ipk

new 2019-08-08 (2.9):
290217 wpad-basic_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk
258745 wpad-mini_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk
431732 wpad-openssl_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk
427641 wpad-wolfssl_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 167028b750)
2019-11-14 20:59:58 +01:00
Hauke Mehrtens
80b58a9db6 hostapd: Update to version 2.8 (2019-04-21)
This also syncs the configuration files with the default configuration
files, but no extra options are activated or deactivated.

The mesh patches were partially merged into hostapd 2.8, the remaining
patches were extracted from patchwork and are now applied by OpenWrt.
The patches still have open questions which are not fixed by the author.
They were taken from this page:
https://patchwork.ozlabs.org/project/hostap/list/?series=62725&state=*

The changes in 007-mesh-apply-channel-attributes-before-running-Mesh.patch
where first applied to hostapd, but later reverted in hostapd commit
3e949655ccc5 because they caused memory leaks.

The size of the ipkgs increase a bit (between 1.3% and 2.3%):

old 2018-12-02 (2.7):
283337 wpad-basic_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk
252857 wpad-mini_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk
417473 wpad-openssl_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk
415105 wpad-wolfssl_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk

new 2019-04-21 (2.8):
288264 wpad-basic_2019-04-21-63962824-1_mipsel_24kc.ipk
256188 wpad-mini_2019-04-21-63962824-1_mipsel_24kc.ipk
427475 wpad-openssl_2019-04-21-63962824-1_mipsel_24kc.ipk
423071 wpad-wolfssl_2019-04-21-63962824-1_mipsel_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
(cherry picked from commit 8af79550e6)
2019-11-14 20:59:58 +01:00
Jo-Philipp Wich
e1854815aa hostapd: mirror ieee80211w ap mode defaults in station mode
For AP mode, OpenWrt automatically sets ieee80211w to either 1 or 2, depending
on whether the encryption is set to sae-mixed, or sae/owe/eap suite-b.

Mirror the same defaults for client mode connections, in order to allow an
OpenWrt station to associate to an OpenWrt ap with SAE, OWE or Suite-B encryption
without the need to manually specify "option ieee80211w" on the station.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit abb4f4075e)
2019-11-14 20:59:58 +01:00
Jo-Philipp Wich
3e9b3d0ba9 hostapd: fix OWE settings in client mode
This changes fixes the generation of the wpa_supplicant client configuration
in WPA3 OWE client mode. Instead of incorrectly emitting key_mgmt=NONE, use
the proper key_mgmt=OWE setting instead.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 4209b28d23)
2019-11-14 20:59:58 +01:00
Leon M. George
eba68342f9 hostapd: declare struct wpa_bss early
wps_supplicant.h assumes that 'struct wpa_bss' is forward declared if
CONFIG_WPS is not defined.  With the later inclusion of
600-ubus_support, the issue manifests in warnings like these:

wps_supplicant.h:113:15: warning: 'struct wpa_bss' declared inside parameter list will not be visible outside of this definition or declaration
        struct wpa_bss *bss)
               ^~~~~~~

This patch forward declares 'struct wpa_bss' regardless.

Signed-off-by: Leon M. George <leon@georgemail.eu>
[commit message facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit f974f8213b)
2019-11-14 20:59:58 +01:00
Leon M. George
0fcf02d0a5 hostapd: revert signature change in patch
The original wpa_hexdump uses a 'void *' for the payload.  With patch
410-limit_debug_messages, the signature changes and compiler warnings
occur at various places.  One such warning is:

 wpa_debug.h:106:20: note: expected 'const u8 * {aka const unsigned char *}' but argument is of type 'struct wpa_eapol_key *'

Signed-off-by: Leon M. George <leon@georgemail.eu>
[commit message facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit a123df2758)
2019-11-14 20:59:58 +01:00
Eneas U de Queiroz
047329273b hostapd: adjust removed wolfssl options
This edjusts the selection of recently removed wolfssl options which
have always been built into the library even in their abscence.
Also remove the selection of libwolfssl itself, allowing the library to
be built as a module.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 94d131332b)
2019-11-14 20:59:58 +01:00
Russell Senior
d5f509861e base-files: add /usr/share/libubox/jshn.sh to sysupgrade stage2
Discovered recent changes had broken sysupgrade for ar71xx mikrotik
rb-493g, traced the problem to missing /usr/share/libubox/jshn.sh after
switching to tmpfs.

Signed-off-by: Russell Senior <russell@personaltelco.net>
2019-11-14 14:09:07 +01:00
Michal Cieslakiewicz
d1fbaa3fbc ath79: update uboot-envtools for Netgear WNR routers
Boards added: WNR1000v2, WNR2000v3, WNR612v2, WNDR3700.

Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
(cherry picked from commit d47b687006)
[removed WNR1000v2/WNR2000v3 since not supported in 19.07]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-11-12 16:23:45 +01:00
Michal Cieslakiewicz
c9e5979dbe ar71xx: update uboot-envtools for Netgear WNR routers
Boards added: WNR1000v2, WNR2000v3, WNR2200, WNR612v2, WNDR4300.
Boards changed: WNDR3700 (u-boot env size is 2 sectors not 1).

Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
(cherry picked from commit 1105290049)
2019-11-12 16:15:52 +01:00
Zoltan HERPAI
5e1864da33 firmware: intel-microcode: bump to 20190918
* New upstream microcode datafile 20190918

      *Might* contain mitigations for INTEL-SA-00247 (RAMBleed), given
      the set of processors being updated.
  * Updated Microcodes:
      sig 0x000306d4, pf_mask 0xc0, 2019-06-13, rev 0x002e, size 19456
      sig 0x000306f4, pf_mask 0x80, 2019-06-17, rev 0x0016, size 18432
      sig 0x00040671, pf_mask 0x22, 2019-06-13, rev 0x0021, size 14336
      sig 0x000406f1, pf_mask 0xef, 2019-06-18, rev 0xb000038, size 30720
      sig 0x00050654, pf_mask 0xb7, 2019-07-31, rev 0x2000064, size 33792
      sig 0x00050657, pf_mask 0xbf, 2019-08-12, rev 0x500002b, size 51200
      sig 0x00050662, pf_mask 0x10, 2019-06-17, rev 0x001c, size 32768
      sig 0x00050663, pf_mask 0x10, 2019-06-17, rev 0x7000019, size 24576
      sig 0x00050664, pf_mask 0x10, 2019-06-17, rev 0xf000017, size 24576
      sig 0x00050665, pf_mask 0x10, 2019-06-17, rev 0xe00000f, size 19456

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2019-11-11 10:09:39 +01:00
Zoltan HERPAI
8cd24d3256 firmware: intel-microcode: bump to 20190618
* Implements MDS mitigation (RIDL, Fallout, Zombieload), INTEL-SA-00223
    CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
  * Updated Microcodes:
    sig 0x000206d6, pf_mask 0x6d, 2019-05-21, rev 0x061f, size 18432
    sig 0x000206d7, pf_mask 0x6d, 2019-05-21, rev 0x0718, size 19456

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2019-11-11 10:09:35 +01:00
Zoltan HERPAI
a6b30f962c firmware: intel-microcode: bump to 20190514
* New Microcodes:
    sig 0x00030678, pf_mask 0x02, 2019-04-22, rev 0x0838, size 52224
    sig 0x00030678, pf_mask 0x0c, 2019-04-22, rev 0x0838, size 52224
    sig 0x00030679, pf_mask 0x0f, 2019-04-23, rev 0x090c, size 52224
    sig 0x000406c3, pf_mask 0x01, 2019-04-23, rev 0x0368, size 69632
    sig 0x000406c4, pf_mask 0x01, 2019-04-23, rev 0x0411, size 68608
    sig 0x00050657, pf_mask 0xbf, 2019-02-27, rev 0x5000021, size 47104
    sig 0x000806e9, pf_mask 0x10, 2018-10-18, rev 0x009e, size 98304
    sig 0x000806eb, pf_mask 0xd0, 2018-10-25, rev 0x00a4, size 99328
    sig 0x000806ec, pf_mask 0x94, 2019-02-12, rev 0x00b2, size 98304
    sig 0x000906ec, pf_mask 0x22, 2018-09-29, rev 0x00a2, size 98304
    sig 0x000906ed, pf_mask 0x22, 2019-02-04, rev 0x00b0, size 97280

  * Updated Microcodes:
    sig 0x000206a7, pf_mask 0x12, 2019-02-17, rev 0x002f, size 12288
    sig 0x000306a9, pf_mask 0x12, 2019-02-13, rev 0x0021, size 14336
    sig 0x000306c3, pf_mask 0x32, 2019-02-26, rev 0x0027, size 23552
    sig 0x000306d4, pf_mask 0xc0, 2019-03-07, rev 0x002d, size 19456
    sig 0x000306e4, pf_mask 0xed, 2019-03-14, rev 0x042e, size 16384
    sig 0x000306e7, pf_mask 0xed, 2019-03-14, rev 0x0715, size 17408
    sig 0x000306f2, pf_mask 0x6f, 2019-03-01, rev 0x0043, size 34816
    sig 0x000306f4, pf_mask 0x80, 2019-03-01, rev 0x0014, size 18432
    sig 0x00040651, pf_mask 0x72, 2019-02-26, rev 0x0025, size 21504
    sig 0x00040661, pf_mask 0x32, 2019-02-26, rev 0x001b, size 25600
    sig 0x00040671, pf_mask 0x22, 2019-03-07, rev 0x0020, size 14336
    sig 0x000406e3, pf_mask 0xc0, 2019-04-01, rev 0x00cc, size 100352
    sig 0x000406f1, pf_mask 0xef, 2019-03-02, rev 0xb000036, size 30720
    sig 0x00050654, pf_mask 0xb7, 2019-04-02, rev 0x200005e, size 32768
    sig 0x00050662, pf_mask 0x10, 2019-03-23, rev 0x001a, size 32768
    sig 0x00050663, pf_mask 0x10, 2019-03-23, rev 0x7000017, size 24576
    sig 0x00050664, pf_mask 0x10, 2019-03-23, rev 0xf000015, size 23552
    sig 0x00050665, pf_mask 0x10, 2019-03-23, rev 0xe00000d, size 19456
    sig 0x000506c9, pf_mask 0x03, 2019-01-15, rev 0x0038, size 17408
    sig 0x000506ca, pf_mask 0x03, 2019-03-01, rev 0x0016, size 15360
    sig 0x000506e3, pf_mask 0x36, 2019-04-01, rev 0x00cc, size 100352
    sig 0x000506f1, pf_mask 0x01, 2019-03-21, rev 0x002e, size 11264
    sig 0x000706a1, pf_mask 0x01, 2019-01-02, rev 0x002e, size 73728
    sig 0x000806e9, pf_mask 0x10, 2019-04-01, rev 0x00b4, size 98304
    sig 0x000806e9, pf_mask 0xc0, 2019-04-01, rev 0x00b4, size 99328
    sig 0x000806ea, pf_mask 0xc0, 2019-04-01, rev 0x00b4, size 99328
    sig 0x000806eb, pf_mask 0xd0, 2019-03-30, rev 0x00b8, size 98304
    sig 0x000806ec, pf_mask 0x94, 2019-03-30, rev 0x00b8, size 97280
    sig 0x000906e9, pf_mask 0x2a, 2019-04-01, rev 0x00b4, size 99328
    sig 0x000906ea, pf_mask 0x22, 2019-04-01, rev 0x00b4, size 98304
    sig 0x000906eb, pf_mask 0x02, 2019-04-01, rev 0x00b4, size 99328
    sig 0x000906ec, pf_mask 0x22, 2019-02-14, rev 0x00ae, size 98304
    sig 0x000906ed, pf_mask 0x22, 2019-03-17, rev 0x00b8, size 97280
  * Implements MDS mitigation (RIDL, Fallout, Zombieload), INTEL-SA-00223
    CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
2019-11-11 10:09:28 +01:00
Jo-Philipp Wich
42aa51a898 rpcd: update to latest Git HEAD
77ad0de plugin: avoid truncating numeric values

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit aa89bdcd04)
2019-11-10 21:36:48 +01:00
Eneas U de Queiroz
6cabbe9646 wolfssl: update to v4.2.0-stable
Many bugs were fixed--2 patches removed here.

This release of wolfSSL includes fixes for 5 security vulnerabilities,
including two CVEs with high/critical base scores:

- potential invalid read with TLS 1.3 PSK, including session tickets
- potential hang with ocspstaping2 (always enabled in openwrt)
- CVE-2019-15651: 1-byte overread when decoding certificate extensions
- CVE-2019-16748: 1-byte overread when checking certificate signatures
- DSA attack to recover DSA private keys

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit f4853f7cca)
2019-11-10 16:23:08 +01:00
Eneas U de Queiroz
9be3501dc3 wolfssl: allow building with hw-crytpo and AES-CCM
Hardware acceleration was disabled when AES-CCM was selected as a
workaround for a build failure.  This applies a couple of upstream
patches fixing this.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit ab19627ecc)
2019-11-10 16:23:08 +01:00
Jo-Philipp Wich
58db9bee0f ustream-ssl: update to latest Git HEAD
c9b6668 ustream-ssl: skip writing pending data if .eof is true after connect

Fixes: CVE-2019-5101, CVE-2019-5102
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 6f9157e6bd)
2019-11-10 16:23:07 +01:00
Hauke Mehrtens
2a09f43ae6 ustream-ssl: Update to latest git HEAD
465f8dc wolfssl: adjust to new API in v4.2.0
3b06c65 Update example certificate & key, fix typo
1c38fd8 wolfssl: enable CN validation
33308ee ustream-io-cyassl.c: fix client-mode connections
79d91aa Remove CyaSSL, WolfSSL < 3.10.4 support

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 57ff06405e)
2019-11-10 16:23:03 +01:00
Hauke Mehrtens
d3e11e8ad8 mac80211: Fix dependencies of kmod-rsi91x-usb
Instead of depending on kmod-usb2 make it depend on the normal USB
dependencies. This should hopefully fix some problems seen in the build
bot builds for powerpc_8540.

In addition also activate DRIVER_11N_SUPPORT support.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 3ff3b044c0)
2019-11-09 20:42:11 +01:00
Hauke Mehrtens
69dcd89dcd strace: Fix build on PowerPC
This patch breaks building on PowerPC, like the mpc85xx_generic
target for me.

Fixes: FS#2585
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit b01305c8d2)
2019-11-09 20:42:04 +01:00
Hauke Mehrtens
0803b62fc6 uboot-envtools: Add TARGET_LDFLAGS to fix PIE and RELRO
Forward the OpenWrt TARGET_LDFLAGS to the linker of the fw_printenv tool.
In addition also use the more standard make invocation script.
With this change the fw_printenv tool is built with PIE and Full RELRO
support when activated globally in OpenWrt.

Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
(cherry picked from commit b7b2be0b26)
2019-11-09 20:42:04 +01:00
Rosen Penev
963cee15e8 xfsprogs: Fix compilation with newer musl
Backported upstream patch.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 39035df71c)
2019-11-09 20:42:04 +01:00
Hans Dedecker
569bec190c curl: bump to 7.66.0
Refresh patches, for changes in version 7.66.0 see https://curl.haxx.se/changes.html#7_66_0

Fixes CVEs:
    CVE-2019-5481
    CVE-2019-5482

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 71cf4a272c)
2019-11-07 19:42:42 +01:00
David Bauer
2b4d9b6850 mac80211 ath9k: force QCA953x clock to 25MHz
The QCA953x only supports 25 MHz refclk, however some OEMs set an
invalid bootstrap value for the REF_CLK option, which would break the
clock detection in ath9k.

Force the QCA953x refclk to 25MHz in ath9k, as this is (according to the
datasheet) the only valid frequency.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 4c6fe32468)
2019-11-06 16:13:57 +01:00
Jo-Philipp Wich
112df2ac56 OpenWrt v19.07.0-rc1: revert to branch defaults
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-11-06 09:08:44 +01:00
Jo-Philipp Wich
88bff692a5 OpenWrt v19.07.0-rc1: adjust config defaults
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-11-06 09:08:44 +01:00
Koen Vandeputte
d7ea380363 ath10k-firmware: update Candela Tech firmware images
The release notes since last time for wave-1:

  *  October 5,  2019:  Fix too-short msg caused by invalid use of PayloadLen in receive path.
                        This appears to resolve the issue of getting (and ignoring) too-short commands
                        when we detect loss of CE interrupts and go into polling mode.

  *  October 12, 2019:  Fix regression in IBSS mode that caused SWBA overrun issues.  Related to
                        regression added during the ct-station logic, specifically TSF allocation.
                        Thanks for Ahmed Zaki @ Mage-Networks for helping to diagnose and test.

  *  October 15, 2019:  Only send beacon tx completion events if we can detect CT driver is being
                        used (based on CT_STATS_OK flag being set).  This should help CT firmware work
                        better on stock driver.

The release notes since last time for wave-2:

  *  October 15, 2019:  Only send beacon tx completion events if we can detect CT driver is being
                        used (based on ATH10k_USE_TXCOMPL_TXRATE2 | ATH10k_USE_TXCOMPL_TXRATE1 flags being set).
                        This should help CT firmware work better on stock driver.

  *  October 31, 2019:  Compile out peer-ratecode-list-event.  ath10k driver ignores the event.

  *  November 1, 2019:  Fix rate-ctrl related crash when nss and other things were changed while
                        station stays associated.  See bug: https://github.com/greearb/ath10k-ct/issues/96

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit e716e93a2f7290086f49992c9980773c88100c3a)
2019-11-05 15:44:12 +01:00
Jo-Philipp Wich
c5d5cdb759 ustream-ssl: backport fix for CVE-2019-5101, CVE-2019-5102
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-11-05 15:09:47 +01:00
Daniel Golle
439ac8104b mac80211: rt2x00: backport upstream patches
Import patches from upstream to sync 19.07 with master:
 9f3e3323e996 rt2x00: allow to specify watchdog interval
 2034afe4db4a rt2800: add helpers for reading dma done index
 759c5b599cf4 rt2800: initial watchdog implementation
 09db3b000619 rt2800: add pre_reset_hw callback
 710e6cc1595e rt2800: do not nullify initialization vector data
 e403fa31ed71 rt2x00: add restart hw
 0f47aeeada2a rt2800: do not enable watchdog by default
 41a531ffa4c5 rt2x00usb: fix rx queue hang
 3b902fa811cf rt2x00usb: remove unnecessary rx flag checks
 1dc244064c47 rt2x00: no need to check return value of debugfs_create functions
 706f0182b1ad rt2800usb: Add new rt2800usb device PLANEX GW-USMicroN
 95844124385e rt2x00: clear IV's on start to fix AP mode regression
 567a9b766b47 rt2x00: do not set IEEE80211_TX_STAT_AMPDU_NO_BACK on tx status
 14d5e14c8a6c rt2x00: clear up IV's on key removal
 13fa451568ab Revert "rt2800: enable TX_PIN_CFG_LNA_PE_ bits per band"
 --pending--  rt2800: remove errornous duplicate condition

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-11-05 10:54:05 +01:00
David Bauer
bee28adf6e hostapd: enable PMKSA and OK caching for WPA3-Personal
This enables PMKSA and opportunistic key caching by default for
WPA2/WPA3-Personal, WPA3-Personal and OWE auth types.
Otherwise, Apple devices won't connect to the WPA3 network.

This should not degrade security, as there's no external authentication
provider.

Tested with OCEDO Koala and iPhone 7 (iOS 13.1).

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 3034f8c3b8)
Signed-off-by: David Bauer <mail@david-bauer.net>
2019-11-05 08:54:39 +01:00
Yousong Zhou
22c443c20c uboot-fritz4040: build with ipq40xx "generic" subtarget
Fixes: 853e4dd3 ("ipqx0xx: add Generic subtarget")
Ref: https://forum.openwrt.org/t/ipq40xx-snapshot-not-updated-since-22nd-august/44126
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit 40e3f660c1)
2019-11-03 22:26:07 +01:00
Daniel Engberg
f051a967b8 libevent2: Update to 2.1.11
Update libevent to 2.1.11
Use CMake instead GNU Autotools
Backport following commits:
f05ba67193
..and partially
7201062f3e
to fix compilation

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit f351beedfd)
(resolves FS#2435)
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-11-01 14:22:37 +00:00
Jo-Philipp Wich
466d499d03 rpcd: update to latest Git HEAD
d442d62 plugin: fix double free in finish callback
ee26d83 main: exec_self: make clang analyzer happy
90e40bd file: exec: properly free memory on error
9ecfada uci: free configs list memory on return
32fba36 exec: always call finish_cb to allow plugin to free up memory
ca3e2d5 plugin: do not free method name separately
02c6e1d exec: properly free memory on rpc_exec() error
cc50263 plugin: exec: properly free memory on parse error
bd0ed25 uci: reset uci_ptr flags when merging set operations
37aa919 plugin: fix leaking invoked method name for exec plugins

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit c2675bb0ce)
2019-11-01 13:27:50 +01:00
Yousong Zhou
2436e521b4 kernel: mark kmod-usb-serial-wwan as hidden
The kconfig symbol is an invisible one since its introduction.  It is
not supposed to be enabled on its own.

Resolves FS#1821

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit 4bf9bec361)
2019-10-30 12:46:44 +00:00
Felix Fietkau
c51a39d4a5 mac80211: add an improved moving average algorithm to minstrel
Improves rate control responsiveness and performance

Signed-off-by: Felix Fietkau <nbd@nbd.name>
[reworked to apply on 4.19.79 mac80211 + renumbered + refreshed]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-30 11:17:40 +01:00
David Bauer
0e7113e6ec ath10k-firmware: update wave 1 firmware to 10.2.4-1.0-00047
This fixes frequent crashes observed on a UniFi AC Mesh using OpenWrt
master and 19.07. 18.06 seems not affected from our testing.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 641a93f0f2)
Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-27 18:13:33 +01:00
David Bauer
98da3c8cdb ath10k-firmware: retrieve wave 1 firmware from kvalo
This commit changes the source of the Wave 1 ath10k-firmware
from linux-firmware to Kall Valos ath10k-firmware repository.

This is necessary as the firmware selected in linux-firmware produces
frequent crashes in some circumstances.

This patch can be removed as soon as linux-firmware carries
10.2.4-1.0-00047 firmware.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit a3914783a3)
Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-27 18:13:33 +01:00
Eneas U de Queiroz
cd1136e550 openssl: Add engine configuration to openssl.cnf
This adds engine configuration sections to openssl.cnf, with a commented
list of engines.  To enable an engine, all you have to do is uncomment
the engine line.

It also adds some useful comments to the devcrypto engine configuration
section.  Other engines currently don't have configuration commands.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit cebf024c4d)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-10-20 15:16:30 +02:00
DENG Qingfang
e5ab602c69 tcpdump: update to 4.9.3
Fixed CVEs:
	CVE-2017-16808
	CVE-2018-10103
	CVE-2018-10105
	CVE-2018-14461
	CVE-2018-14462
	CVE-2018-14463
	CVE-2018-14464
	CVE-2018-14465
	CVE-2018-14466
	CVE-2018-14467
	CVE-2018-14468
	CVE-2018-14469
	CVE-2018-14470
	CVE-2018-14879
	CVE-2018-14880
	CVE-2018-14881
	CVE-2018-14882
	CVE-2018-16227
	CVE-2018-16228
	CVE-2018-16229
	CVE-2018-16230
	CVE-2018-16300
	CVE-2018-16301
	CVE-2018-16451
	CVE-2018-16452
	CVE-2019-15166
	CVE-2019-15167

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
(cherry picked from commit 394273c066)
2019-10-19 14:30:05 +02:00
DENG Qingfang
8e78bbb7bb libpcap: update to 1.9.1
Fixed CVEs:
	CVE-2018-16301
	CVE-2019-15161
	CVE-2019-15162
	CVE-2019-15163
	CVE-2019-15164
	CVE-2019-15165

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
(cherry picked from commit 44f11353de)
2019-10-19 14:30:05 +02:00
Sungbo Eo
0f3c06b0a5 kernel: fix typos in video KernelPackage description
Fixes: 4b3d17b709 ("kernel: add kmod-fb-sys-ram")
Fixes: b774acb479 ("package/modules: add missing gspca video drivers for 2.6.32 (patch from #6595)")

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit 9f73fad359)
2019-10-19 14:30:05 +02:00
Rosen Penev
5ad47b1ed8 uClibc++: Fix three bugs
The first allows usage of several functions in the std namespace, which
broke compilation of gddrescue specifically with uClibc-ng and uClibc++.

The second allows usage of long long with normal C++11, which is part of
the standard. Before, std=gnu++11 needed to be passsed to work around it.

As a result of the second patch, the pedantic patch can safely be removed.

Both patches are upstream backports.

Added -std=c++11 to CFLAGS to guarentee proper inclusion of long long.

Added another patch that fixes a typo with the long long support. Sent to
upstream.

Fixed up license information according to SPDX.

Small cleanups for consistency.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 6ab386c9bc)
2019-10-19 14:30:00 +02:00
Eneas U de Queiroz
82a3beac9d hostapd: adjust to removal of WOLFSSL_HAS_AES_GCM
WolfSSL is always built with AES-GCM support now.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit ee5a3f6d60)
2019-10-19 14:29:44 +02:00
Ali MJ Al-Nasrawy
b17c95bbdc trelay: fix deadlock on remove
Upon writing to "remove" file, debugfs_remove_recursive() blocks while
holding rtnl_lock. This is because debugfs' file_ops callbacks are
executed in debugfs_use_file_*() context which prevents file removal.

Fix this by only flagging the device for removal and then do the cleanup
in file_ops.release callback which is executed out of that context.

Signed-off-by: Ali MJ Al-Nasrawy <alimjalnasrawy@gmail.com>
(cherry picked from commit c2635b871d)
2019-10-19 14:29:44 +02:00
Ali MJ Al-Nasrawy
9784a470bb trelay: handle netdevice events correctly
Since v3.11, netdevice notification data are of type
"struct netdev_notifier_info". Handle it as such!

This should fix a critical bug in which devices are unable get released
because trelay does not release resources in response to UNREGISTER
event spamming the log with something like:

unregister_netdevice: waiting for eth0.1 to become free. Usage count = 1

Signed-off-by: Ali MJ Al-Nasrawy <alimjalnasrawy@gmail.com>
(cherry picked from commit 77cfc0739d)
2019-10-19 14:29:44 +02:00
leo chung
3b1d71ffd8 bzip2: add linker option LDFLAGS
if gcc not linker whith this LDFLAGS, "file libbz2.so.1.0.8" will
recognize as pie executable ELF file ( which should be shared object).

this because the file command version before 5.36 not recognize
correctly.

Signed-off-by: leo chung <gewalalb@gmail.com>
(cherry picked from commit 56ab58fb6c)
2019-10-19 14:29:44 +02:00
Hauke Mehrtens
cabd12d2e3 mac80211: Update to version 4.19.79
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-10-19 14:18:31 +02:00
Christian Franke
3468a4435a lantiq: Fix fw_cutter LzmaWrapper
The destination buffer size `d_len` is passed to `lzma_inflate` as a
pointer. Therefore, it needs to be dereferenced to compare its content.

Signed-off-by: Christian Franke <nobody@nowhere.ws>
(cherry picked from commit d544bc84a0)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-10-18 13:45:23 +02:00
Jo-Philipp Wich
c987955f82 rpcd: update to latest Git HEAD
95f0973 file: increase minimum read buffer size to 4096 bytes

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 2a603cfcfc)
2019-10-18 12:19:34 +02:00
Jo-Philipp Wich
d04c07003d rpcd: update to latest Git HEAD
e2a7bc4 iwinfo: add WPA3 support

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit d6a405280f)
2019-10-18 12:19:23 +02:00
Jo-Philipp Wich
5bd83825ad rpcd: update to latest Git HEAD
69eeb1b file: refactor message parsing and permission checking
f65527a iwinfo: expose all rate info fields in assoclist reply
7fec636 sys: fix symbol redeclaration
27c24c7 rpcd: sys: actually move timespec declaration
345363b file: add remove operation
604db20 rpcd: Switch to nanosleep

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 2f9f8769e3)
2019-10-18 12:19:08 +02:00
Jo-Philipp Wich
07dcbfa6e8 fwtool: do not omit final 16 byte when image does not contain signature
The fwutil command will interpret the final 16 byte of a given firmware
image files as "struct fwimage_trailer".

In case these bytes do look like a valid trailer, we must ensure that we
print them out along with the remainder of the image to not accidentally
truncate non-trailer-images by 16 bytes when they're piped through fwtool,
e.g. as part of an image verification command sequence.

Some command sequences pipe images through fwtool in order to strip any
possible metadata, certificate or signature trailers and do not expect
bare images without any of that metadata to get truncated as other non-
fwtool specific metadata is expected at the end of the file, e.g. an
information block with an md5sum in case of the combined image format.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 889b841048)
2019-10-17 17:08:09 +02:00
Jo-Philipp Wich
180bd75973 iwinfo: update to latest Git HEAD
07315b6 nl80211: handle hidden SSIDs in wpa_supplicant scan results
3ac846e lua: fix string description of mixed WPA3 modes

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit bc61458b73)
2019-10-16 16:51:03 +02:00
Koen Vandeputte
e8308747a1 gdb: bump to 8.3.1
GDB 8.3.1 brings the following fixes and enhancements over GDB 8.3:

PR c++/20020 (GDB segfault on printing objects)
PR gdb/24454 (nat/x86-linux-dregs.c failed assertion)
PR breakpoints/24541 (Incorrect evaluation of systemtap probes due to register being signed and probe expression assuming unsigned)
PR symtab/24545 (Symbol loading performance regression with cc1)
PR gdb/24592 (amd64->i386 linux syscall restart problem)
PR gdb/25009 (terminate called after throwing an instance of 'srchilite::ParserException')
PR gdb/25010 (Calls to error () can cause SIGTTOU to send gdb to the background)
PR breakpoints/25011 (Breakpoints on file reloads broken for PIE binaries)

This corrective release also brings the following testsuite fixes and
enhancements:

PR testsuite/25005 (gdb-caching-proc.exp takes a lot of time on skip_opencl_tests)
PR testsuite/25016 (Test-case failures for -pie)

GDB 8.3 includes the following changes and enhancements:

* Support for new native configurations (also available as a target configuration):
     - RISC-V GNU/Linux (riscv*-*-linux*)
     - RISC-V FreeBSD (riscv*-*-freebsd*)

* Support for new target configurations:
     - CSKY ELF (csky*-*-elf)
     - CSKY GNU/Linux (csky*-*-linux)
     - NXP S12Z ELF (s12z-*-elf)
     - OpenRISC GNU/Linux (or1k*-*-linux*)

* Native Windows debugging is only supported on Windows XP or later.

* The Python API in GDB now requires Python 2.6 or later.

* GDB now supports terminal styling for the CLI and TUI.
  Source highlighting is also supported by building GDB with GNU
  Highlight.

* Experimental support for compilation and injection of C++ source
  code into the inferior (requires GCC 7.1 or higher, built with
  libcp1.so).

* GDB and GDBserver now support IPv6 connections.

* Target description support on RISC-V targets.

* Various enhancements to several commands:
     - "frame", "select-frame" and "info frame" commands
     - "info functions", "info types", "info variables"
     - "info thread"
     - "info proc"
     - System call alias catchpoint support on FreeBSD
     - "target remote" support for Unix Domain sockets.

* Support for displaying all files opened by a process

* DWARF index cache: GDB can now automatically save indices of DWARF
  symbols on disk to speed up further loading of the same binaries.

* Various GDB/MI enhancements.

* GDBserver on PowerPC GNU/Linux now supports access to the PPR,
  DSCR, TAR, EBB/PMU, and HTM registers.

* Ada task switching support when debugging programs built with
  the Ravenscar profile added to aarch64-elf.

* GDB in batch mode now exits with status 1 if the last executed
  command failed.

* Support for building GDB with GCC's Undefined Behavior Sanitizer.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-15 16:13:06 +02:00
Jo-Philipp Wich
4c92859945 iwinfo: update to latest Git HEAD
a29b7d4 nl80211: align path to phy mapping logic with mac80211.sh

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 57b834281b)
2019-10-15 15:52:36 +02:00
Jo-Philipp Wich
e8dc69fcb0 iwinfo: update to latest Git HEAD
Contains following updates squashed from 3 bump commits in master:

02112f9 cli: fix reporting of mixed WPA2/WPA3 versions
7faeaea nl80211: properly detect WEP encryption in wpa_supp scan results
629b5ff nl80211: do not confuse open connections with WEP ones
3d47ddd nl80211: rework hostapd and wpa_supplicant wpa suite parsing
313e827 nl80211: keep awaiting wpa_supplicant scan results on busy response
a766751 nl80211: fix parsing of mixed wpa encryption in wpa_supp scan results
f096bfd utils: support parsing SAE and OWE key management suites from IEs
2a95086 nl80211: recognize SAE encrypted mesh

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-10-11 15:57:07 +02:00
Adrian Schmutzler
28d3afc8d6 base-files: use get_mac_binary() in mtd_get_mac_binary_ubi()
The actual retrieval of the MAC address in mtd_get_mac_binary_ubi()
is the same as in get_mac_binary(). Thus, use the latter function
in the former to reduce duplicate code.

This will also allow to benefit from the enhanced path check there
and bring mtd_get_mac_binary_ubi() more in line with the similar
mtd_get_mac_binary().

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 45600124fc)
2019-09-29 11:32:05 +02:00
David Bauer
c7cdbf29c0 uboot-fritz4040: update to 2019-09-07
572ff7f fritzcreator: actually add checksum spacer
6edce1a fritzcreator: replace obscure padding generation with something more portable
2ff189f add ASUS RT-AC58U "easy install" factory u-boot shim
b91f9c2 readd spi-nand support
486ae53 improve cmd_sysupgrade
b0933f1 replace sstrip with strip
882e48a do not include generated files into git
0c5aa5f fix bugs in ipq40xx_cdp.c

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit af63436d2d)
2019-09-25 22:50:52 +02:00
Koen Vandeputte
92953ae99f ath10k-ct: update to version 2019-09-09
5e8cd86f90da ath10k-ct: Backport ap-vlan code from 5.2 to 4.20 and 4.19 drivers.
0c518586bd7f ath10k-ct: Fix a few warning splats.

Adds AP VLAN.
Refreshed all patches.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-09-24 12:52:52 +02:00
Robert Marko
757fd85402 ath10k-firmware: update Candela Tech firmware images
This enables a feature flag in the wave-2 firmware wmi-services indicating it can send
software-encrypted raw frames.  This should in turn allow the AP-VLAN feature to work.

Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 7c930990af)
2019-09-24 12:52:52 +02:00
Eneas U de Queiroz
b610572a9b openssl: bump to 1.1.1d
This version fixes 3 low-severity vulnerabilities:

- CVE-2019-1547: ECDSA remote timing attack
- CVE-2019-1549: Fork Protection
- CVE-2019-1563: Padding Oracle in PKCS7_dataDecode and
		 CMS_decrypt_set1_pkey

Patches were refreshed.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit d868d0a5d7)
2019-09-23 07:42:30 +02:00
Hauke Mehrtens
26c0bec13b hostapd: Fix AP mode PMF disconnection protection bypass
This fixes
* CVE-2019-16275 AP mode PMF disconnection protection bypass
https://w1.fi/security/2019-7/ap-mode-pmf-disconnection-protection-bypass.txt

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit a6981604b3)
2019-09-21 18:08:54 +02:00
Rosen Penev
dc076160f9 uClibc++: Remove faulty patch
This patch was originally added to fix compilation with v4l2rtspserver.
Turns out it was v4l2rtspserver that was broken, not uClibc++. This now
causes issues with a different package where the arguments are being
split.

Note that with this patch, shellcheck throws an error:

SC2068: Double quote array expansions to avoid re-splitting elements.

More: https://github.com/openwrt/packages/pull/9972#discussion_r324878373

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 977a8fc5fc)
2019-09-21 18:08:54 +02:00
Magnus Kroken
e105d03ee9 mbedtls: update to 2.16.3
Remove 300-bn_mul.h-Use-optimized-MULADDC-code-only-on-ARM-6.patch,
the issue has been fixed upstream.

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
(cherry picked from commit 49d96ffc5c)
2019-09-21 18:08:54 +02:00
Daniel Golle
44f32cd5e0 ltq-vdsl-fw: update firmware filename and download URL
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 4fc0a61ed3)
2019-09-21 15:14:51 +02:00
Alberto Bursi
e9c16e4e1f kernel: add module for Emulex OneConnect 10Gbit
add module to support Emulex OneConnect
common in 10Gbit SFP+ cards by Dell/HP/IBM
supports OneConnect OCe10xxx OCe11xxx OCe14xxx,
LightPulse LPe12xxx

Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
(cherry picked from commit 827f47749b)
2019-09-21 08:41:49 +02:00
Jo-Philipp Wich
9cae5a8289 procd: fix invalid JSON filter expression in procd_running()
Since service and instance names may contain characters which are not allowed
in JSON path labels, such as dashes or spaces, change the filter expression
to array square bracket notation to properly match these cases as well.

Fixes: 2c3dd70741 ("procd: add procd_running() helper for checking running state")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit c933b6d224)
2019-09-19 07:21:47 +02:00
Jo-Philipp Wich
c7e3ca59ab firewall: update to latest Git HEAD
383eb58 ubus: do not overwrite ipset name attribute
c26f890 firewall3: fix typo that affects ICMPv6 rules with numeric icmp_type
487bd0d utils: Fix string format message
4d0c703 firewall3: Fix some format string problems
8c404ef iptables.c: lock the xtables.lock
c1d3a4d utils: implement fw3_lock_path() & fw3_unlock_path()

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
[cherry picked and squashed from commits
 7db6559914,
 359bff6052,
 2cf209ce91,
 5ef9e4f107]
Ref: https://forum.openwrt.org/t/fw3-ipset-procd-objects/44044
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-09-18 10:59:17 +02:00
Rafał Miłecki
ad8b11213a procd: update to the latest git HEAD
62dc8c0 system: sysupgrade: send reply on error
2710c65 system: refuse sysupgrade with backup if it's unsupported

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 04e912d217)
2019-09-18 07:35:04 +02:00
Rafał Miłecki
bece406c2f mac80211: brcmfmac: backport the last 5.4 changes
This makes brcmfmac use the same wiphy after PCIe reset to help user
space handle corner cases (e.g. firmware crash).

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit f39f4b2f6d)
2019-09-16 08:42:00 +02:00
Rafał Miłecki
c53a0ed5e3 treewide: sysupgrade: use $UPGRADE_BACKUP to check for backup
Now that $UPGRADE_BACKUP is set conditionally there is no need to check
the $UPGRADE_OPT_SAVE_CONFIG anymore. All conditions can be simplified.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit a858db3136)
2019-09-16 05:57:08 +02:00
Rafał Miłecki
f69b855a75 procd: update to the latest git HEAD
b8238df sysupgrade: support "backup" attribute

This update requires "sysupgrade" method callers to pass "backup"
attribute if $UPGRADE_BACKUP is used in the project.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 9785a9121d)
2019-09-16 05:56:25 +02:00
Rafał Miłecki
47a5f5c7e7 base-files: sysupgrade: pass "backup" ubus attribute
This explicitly tells procd what backup file should be used during
sysupgrade (if any). It's much more generic this way compared to the
magic /tmp/sysupgrade.tgz file that had to be created before a call.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit c5223b26a4)
2019-09-16 05:56:25 +02:00
Hans Dedecker
0da990b773 odhcpd: retry failed PD assignments on addrlist change
88d9ab6 dhcpv6: retry failed PD assignments on addrlist change

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-09-15 20:50:25 +02:00
David Bauer
e1cf17b3ba iwinfo: update to latest Git HEAD
a88fb42 iwinfo: add device id for Qualcomm Atheros QCA9886
1b69d86 iwinfo: add device id for Qualcomm Atheros QCA9887

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 7db2f1a71f)
2019-09-15 12:31:56 +02:00
Rafał Miłecki
78d0d13c86 base-files: validate firmware for compatibility with backup
This allows platform code to check if firmware image can be used with
preserving a backup. It may be used e.g. when installing vendor
firmwares that won't restore appended backup archive.

Suggested-by: Luis Araneda <luaraneda@gmail.com>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 1c510fe298)
2019-09-12 14:30:18 +02:00
Rafał Miłecki
a717428828 treewide: use new procd sysupgrade $UPGRADE_BACKUP variable
It's a variable set by procd that should replace hardcoded
/tmp/sysupgrade.tgz.

This change requires the most recent procd with the commit 0f3c136
("sysupgrade: set UPGRADE_BACKUP env variable").

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 641f6b6c26)
2019-09-12 13:27:29 +02:00
Rafał Miłecki
37caec2d5e treewide: don't hardcode "sysupgrade.tgz" file name
1) Add BACKUP_FILE and use it when copying an archive to be restored
   after sysupgrade (on the next preinit).
2) Use CONF_TAR for copying backup prepared by the /sbin/sysupgrade

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit bf39047872)
2019-09-12 13:25:27 +02:00
Hauke Mehrtens
e8c5e6177d hostapd: SAE/EAP-pwd side-channel attack update
Fixes this security problem:
* SAE/EAP-pwd side-channel attack update
https://w1.fi/security/2019-6/sae-eap-pwd-side-channel-attack-update.txt

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 7bed9bf10f)
2019-09-10 21:55:02 +02:00
Hauke Mehrtens
a0c8494704 hostapd: Fix security problem in EAP-pwd
This fixes:
CVE-2019-11555 "EAP-pwd message reassembly issue with unexpected fragment"
https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-with-unexpected-fragment.txt

This should not affect OpenWrt in the default settings as we do not use
EAP-pwd.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 9f34bf51d6)
2019-09-10 21:54:58 +02:00
Rafał Miłecki
c7f710e474 mac80211: brcmfmac: backport more kernel 5.4 changes
Patch getting RAM info got upstreamed. A debugging fs entry for testing
reset feature was added.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 681acdcc54)
2019-09-09 10:29:01 +02:00
Hans Dedecker
986c706cd1 odhcp6c: update to latest git HEAD
e199804 dhcpv6: sanitize oro options

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 1855c23794)
2019-09-07 13:13:40 +02:00
Rafał Miłecki
af7c186ead procd: update to the latest git HEAD
0f3c136 sysupgrade: set UPGRADE_BACKUP env variable
0bcbbbf system: fix uninitialized variables in firmware validation code

This update includes a fix for uninitialized variable usage.

Fixes: db5164d3d0 ("procd: update to the latest git HEAD")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit e8dcbbc865)
2019-09-06 08:11:13 +02:00
Rafał Miłecki
db5164d3d0 procd: update to the latest git HEAD
34ac88c system: reject sysupgrade of invalid firmware images by default
f55c235 system: reject sysupgrade of broken firmware images
e990e21 system: add "validate_firmware_image" ubus method

This update changes "sysupgrade" ubus method API. It's now required to
pass "force" attribute whenever invalid firmware is meant to be
installed.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 7290963d09)
2019-09-04 13:47:36 +02:00
Rafał Miłecki
d7af175321 base-files: pass "force" parameter to the "sysupgrade" call
This makes sysupgrade work with the most recent procd that validates
firmware before proceeding.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit b71962da16)
2019-09-04 13:47:17 +02:00
Hauke Mehrtens
0d4ab1559a uci: update to latest Git HEAD
415f9e4 uci/file: replace mktemp() with mkstemp()

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 6aa962a622)
2019-09-04 13:46:30 +02:00
Hauke Mehrtens
5bda748af4 iwinfo: update to latest Git HEAD
f599a8d iwinfo: Fix rate buffer size
71ec9be iwinfo: Fix buffer size
f8ef450 iwinfo: Add support for WPA3

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 6658447534)
2019-09-04 13:46:23 +02:00
Konstantin Demin
6b5e0eede8 nftables: bump to version 0.9.2
- exclude Python-related stuff from build
- drop patches:
  * 010-uclibc-ng.patch, applied upstream

ipkg size decrease by 2.8%:
old:
194.851 nftables_0.9.0-2_arm_cortex-a7_neon-vfpv4.ipk
new:
189.581 nftables_0.9.2-1_arm_cortex-a7_neon-vfpv4.ipk

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
(cherry picked from commit b74f1f335a)
2019-09-04 13:46:06 +02:00
Konstantin Demin
ab0088b239 libnftnl: bump to version 1.1.4
ABI version is same.

The ipkg size increase by about 2.2%:
old:
47.909 libnftnl11_1.1.3-1_arm_cortex-a7_neon-vfpv4.ipk
new:
48.985 libnftnl11_1.1.4-1_arm_cortex-a7_neon-vfpv4.ipk

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
(cherry picked from commit 699955a684)
2019-09-04 13:46:01 +02:00
Jo-Philipp Wich
fe34c2538b rpcd: update to latest Git HEAD
821045f file: add path based read/write/exec ACL checks
fb337e5 file: add stat() information to directory listings

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 02169bd3f8)
2019-09-04 13:45:49 +02:00
Eneas U de Queiroz
882052caae uhttpd: add support to generate EC keys
This adds the key_type and ec_curve options to enable the generation of
EC keys during initialization, using openssl or the new options added to
px5g.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 7f2b230b3b)
2019-09-04 13:45:44 +02:00
Eneas U de Queiroz
ad4af2b8df px5g: support EC keys
This adds an 'eckey' command to generate an EC key, with an optional
curve name argument, with P-256 as default.

For the 'selfsigned' command, it adds an 'ec' algorithm argument to the
'-newkey' option, and a '-pkeyopt ec_paramgen_curve:<curvename>' option,
mirroring the way openssl specifies the curve name.

Notice that curve names are not necessarily the same in mbedtls and
openssl.  In particular, secp256r1 works for mbedtls, but openssl uses
prime256v1 instead. px5g uses mbedtls, but short NIST curve names P-256
and P-384 are specifically supported.

Package size increased by about 900 bytes (arm).

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit a552ababd4)
2019-09-04 13:45:39 +02:00
Eneas U de Queiroz
da10d4a779 openssl: always build with EC support
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit f40262697f)
2019-09-04 13:45:34 +02:00
Rosen Penev
6151609d07 libnfnetlink: Avoid passing both -fPIC and -fpic
Instead, instruct the configure script to use $(FPIC) only.

Mixing -fPIC and -fpic can cause issues on some platforms like PPC.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 926157c2cc)
2019-09-04 13:45:26 +02:00
Rosen Penev
aa2980b859 ncurses: Do not pass both -fPIC and -fpic
The configure scripts matches Linux with -fPIC, which is not exactly what
is desired. Since we are already passing $(FPIC), added a CONFIGURE_VAR to
avoid passing -fPIC.

Removed PKG_BUILD_DIR as it is already the default value.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit e2ecf39e8e)
2019-09-04 13:45:21 +02:00
Rafał Miłecki
f65080793c base-files: use JSON for storing firmware validation info
So far firmware validation result was binary limited: it was either
successful or not. That meant various limitations, e.g.:
1) Lack of proper feedback on validation problems
2) No way of marking firmware as totally broken (impossible to install)

This change introduces JSON for storing detailed validation info. It
provides a list of performed validation tests and their results. It
allows marking firmware as non-forceable (broken image that can't be
even forced to install).
Example:
{
        "tests": {
                "fwtool_signature": true,
                "fwtool_device_match": true
        },
        "valid": true,
        "forceable": true
}

Implementation is based on *internal* check_image bash script that:
1) Uses existing validation functions
2) Provides helpers for setting extra validation info

This allows e.g. platform_check_image() to call notify_check_broken()
when needed & prevent user from bricking a device.

Right now the new JSON info is used by /sbin/sysupgrade only. It still
doesn't make use of "forceable" as that is planned for later
development.

Further plans for this feature are:
1) Expose firmware validation using some new ubus method
2) Move validation step from /sbin/sysupgrade into "sysupgrade" ubus
   method so:
   a) It's possible to safely sysupgrade using ubus only
   b) /sbin/sysupgrade can be more like just a CLI

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit f522047958)
2019-09-04 13:44:05 +02:00
Hans Dedecker
5f472afa2b procd: fix compile issue with glibc (FS#2469)
0430252 sysupgrade: add missing _GNU_SOURCE define (FS#2469)

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 6e45ba4699)
2019-09-04 13:43:44 +02:00
Christian Lamparter
406434affa openssl: refresh patches
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 5ef3fe614c)
2019-09-04 13:43:34 +02:00
Rafał Miłecki
2c77562af8 treewide: sysupgrade: pass "save_partitions" option to the "sysupgrade" method
This explicitly lets stage2 know if partitions should be preserved. No
more "touch /tmp/sysupgrade.always.overwrite.bootdisk.partmap" hack.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit b6f4cd57e1)
2019-09-04 13:43:05 +02:00
Rafał Miłecki
f25d164aca base-files: pass "save_config" option to the "sysupgrade" method
This explicitly lets stage2 know if config should be preserved.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit b534ba9611)
2019-09-04 13:42:40 +02:00
Rafał Miłecki
4e85dc95b0 procd: update to latest git HEAD
9558031 system: support passing "options" to the "sysupgrade" ubus method

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 2b1a6d263c)
2019-09-04 13:42:22 +02:00
Kevin Darbyshire-Bryant
01345bd1f9 firewall: update to latest git HEAD
bf29c1e firewall3: ipset: Handle reload_set properly

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit bd01346bb4)
2019-09-04 13:42:08 +02:00
Luiz Angelo Daros de Luca
bc7a755fe6 elfutils: bump to 0.177
200-uclibc-ng-compat.patch is upstream now.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
(cherry picked from commit 0851ce4ff9)
2019-09-04 13:42:02 +02:00
Christian Lamparter
dff561c7c8 iftop: update to HEAD of 2018-10-03 - 77901c
Update iftop to commit 77901c8c53e01359d83b8090aacfe62214658183

git log --pretty=oneline --abbrev-commit 949ed0f7..77901c8c

77901c8 Support scales beyond 1Gbps

Created with the help of the make-package-update-commit.sh script.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit cfd0748497)
2019-09-04 13:41:44 +02:00
Hans Dedecker
54db6061ee nghttp2: bump to 1.39.2
957abacf Bump up version number to 1.39.2, LT revision to 32:0:18
83d362c6 Don't read too greedily
a76d0723 Add nghttp2_option_set_max_outbound_ack
db2f612a nghttpx: Fix request stall

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 58f929077f)
2019-09-04 13:41:40 +02:00
Yousong Zhou
e7465da11e ltq-ifxos: refer to https://bugs.openwrt.org
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit f0f5cb26cb)
2019-09-04 13:41:34 +02:00
Yousong Zhou
e62a6b661f ct-bugcheck: report to https://openwrt.org by default
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit 26615ededc)
2019-09-04 13:41:30 +02:00
Hauke Mehrtens
730befb9e6 ustream-ssl: update to latest git HEAD
e8f9c22 Revise supported ciphersuites
7e9e269 wolfssl, openssl: use TLS 1.3, set ciphersuites

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit ced2b7bb98)
2019-09-04 13:41:10 +02:00
Hauke Mehrtens
8b436c777c hostapd: Allow CONFIG_IEEE80211W for all but mini variant
This commit will activate CONFIG_IEEE80211W for all, but the mini
variant when at least one driver supports it. This will add ieee80211w
support for the mesh variant for example.

Fixes: FS#2397
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 1d4df52c21)
2019-09-04 13:40:13 +02:00
Hauke Mehrtens
f40f8fe1e7 hostapd: Remove ROBO switch support
The driver was removed from OpenWrt a long time ago.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit f34e825834)
2019-09-04 13:40:08 +02:00
Kevin Darbyshire-Bryant
fcab45af13 firewall: improve ipset support
Bump to latest git HEAD

509e673 firewall3: Improve ipset support

The enabled option did not work properly for ipsets, as it was not
checked on create/destroy of a set. After this commit, sets are only
created/destroyed if enabled is set to true.

Add support for reloading, or recreating, ipsets on firewall reload.  By
setting "reload_set" to true, the set will be destroyed and then
re-created when the firewall is reloaded.

Add support for the counters and comment extensions. By setting
"counters" or "comment" to true, then counters or comments are added to
the set.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 51ffce0694)
2019-09-04 13:39:57 +02:00
Paul Spooren
378b51908c build: add buildinfo files for reproducibility
generate feeds.buildinfo and version.buildinfo in build dir after
containing the feed revisions (via ./scripts/feeds list -sf) as well as
the current revision of buildroot (via ./scripts/getver.sh).

With this information it should be possible to reproduce any build,
especially the release builds.

Usage would be to move feeds.buildinfo to feeds.conf and git checkout the
revision hash of version.buildinfo.

Content of feeds.buildinfo would look similar to this:

    src-git routing https://git.openwrt.org/feed/routing.git^bf475d6
    src-git telephony https://git.openwrt.org/feed/telephony.git^470eb8e
    ...

Content of version.buildinfo would look similar to this:

    r10203+1-c12bd3a21b

Without the exact feed revision it is not possible to determine
installed package versions.

Also rename config.seed to config.buildinfo to follow the recommended
style of https://reproducible-builds.org/docs/recording/

Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 454021581f)
2019-09-04 13:39:13 +02:00
Hans Dedecker
6e5e4366fb dnsmasq: use nettle ecc_curve access functions
Fixes compile issues with nettle 3.5.1

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 63ced14048)
2019-09-04 13:37:43 +02:00
Daniel Engberg
40c279b3d9 nettle: Update to 3.5.1
Update (lib)nettle to 3.5.1
Bump ABI_VERSION

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit 9e489b41b5)
2019-09-04 13:37:38 +02:00
Vincent Wiemann
afa96d4f61 comgt-ncm: add driver dependencies again
In the commit 623716dd43 ("comgt-ncm: Fix NCM protocol")
the dependencies to vendor NCM drivers were removed, because:

> comgt-ncm should not depend on the USB-serial-related kernel modules,
> as the cdc-wdm control device works without them. There is also no need
> to depend on kmod-huawei-cdc-ncm, since other manufacturers (like
> Ericsson and Samsung) which use other kernel modules should also be
> supported.

From a user-perspective this does not make sense, as installing comgt-ncm
(or luci-proto-ncm) should install all needed dependencies for using such
a device.

Furthermore depending on kmod-huawei-cdc-ncm does not mean that Ericsson
and Samsung devices can't be supported. By the way it seems that Ericsson
and Samsung devices never used NCM, but act as serial modems.

Thus this commit adds the dependencies again.

Signed-off-by: Vincent Wiemann <vincent.wiemann@ironai.com>
[fixed title capitalization, formatted commit message,
renamed Sony-Ericsson to Ericsson]
Signed-off-by: David Bauer <mail@david-bauer.net>

(cherry picked from commit ccb4b96b8a)
2019-09-04 13:36:59 +02:00
Chuanhong Guo
e2db2df644 gpio-button-hotplug: add volume button handling
This is used by PISEN WMB001N.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
(cherry picked from commit 11182349e1)
2019-09-04 13:36:43 +02:00
Hans Dedecker
f7b53dfb2a procd: update to latest git HEAD (FS#2425)
8323690 state: fix shutdown when running in a container (FS#2425)

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit d9364c1cbc)
2019-09-04 13:36:24 +02:00
Hans Dedecker
d2103d3599 netifd: update to latest git HEAD
5e02f94 system-linux: fix resource leak

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit d70a35c365)
2019-09-04 13:36:19 +02:00
Rosen Penev
ad64532334 linux-atm: Add missing headers
This fixes compilation with -Werror=implicit-function-declaration.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 1b1c47577b)
2019-09-04 13:36:04 +02:00
Jeffery To
cc7560eb22 build: include BUILD_VARIANT in PKG_BUILD_DIR
This changes the default PKG_BUILD_DIR to take BUILD_VARIANT into
account (if set), so that packages do not need to manually override
PKG_BUILD_DIR just to handle variants.

This also updates most base packages with variants to use the updated
default PKG_BUILD_DIR.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit e545fac8d9)
2019-09-04 13:35:17 +02:00
Hans Dedecker
3f974a954d ethtool: bump to 5.2
379c096 Release version 5.2.
2bce6d9 ethtool: Add 100BaseT1 and 1000BaseT1 link modes
67ffbf5 ethtool: sync ethtool-copy.h with linux-next from 30/05/2019
687152b ethtool.spec: Use standard file location macros

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 018395392c)
2019-09-04 13:35:05 +02:00
Hans Dedecker
5638375880 firewall: update to latest git HEAD
de94097 utils: coverity resource leak warning

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit efb7b7a12a)
2019-09-04 13:34:55 +02:00
DENG Qingfang
51198ae3cb ipset: update to 7.3
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
(cherry picked from commit edd9b39fab)
2019-09-04 13:34:44 +02:00
Hans Dedecker
f362ddc3b9 netifd: update to latest git HEAD
899f168 system-linux: Coverity fixes

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 11617bcb3b)
2019-09-04 13:31:31 +02:00
Hans Dedecker
9634ae8632 curl: update to 7.65.3
For changes in 7.65.3; see https://curl.haxx.se/changes.html#7_65_3

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit fc2df4f705)
2019-09-04 13:31:00 +02:00
Martin Schiller
f9a7a40ac4 openvpn: add new list option tls_ciphersuites
To configure the list of allowable TLS 1.3 ciphersuites, the option
tls_ciphersuites is used instead of tls_ciphers.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
(cherry picked from commit 261df949fa)
2019-09-04 13:29:57 +02:00
Rafał Miłecki
6ac62c4b6c base-files: don't set ARGV and ARGC
Those are not used by any image check function anymore.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 3f4c785a6b)
2019-09-04 13:29:37 +02:00
Eneas U de Queiroz
7569e8ef86 libs/toolchain: remove eglibc remnant file
This removes package/libs/toolchain/eglibc-files/etc/nsswitch.conf.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit c47eff0df3)
2019-09-04 13:28:04 +02:00
Rafał Miłecki
67b3e44465 ubox: implement service_running() in log init.d script
It allows checking if service is running.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 1b937cb141)
2019-09-04 13:27:52 +02:00
Rafał Miłecki
ff9255f7a1 rpcd: implement service_running() in init.d script
It allows checking if service is running.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 285c83a004)
2019-09-04 13:27:48 +02:00
Hans Dedecker
5eeda5350b procd: update to latest git HEAD
31f0765 procd: check strchr() result before using it

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 9a72e7f601)
2019-09-04 13:27:32 +02:00
Rafał Miłecki
d6840e7b44 base-files: move stage2 upgrade to separated file
do_upgrade_stage2() isn't really any common code. It isn't used anywhere
except for /sbin/sysupgrade that passes it to the stage2.

Moving its code to separated file also simplifies COMMAND variable.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit f7edd94a65)
2019-09-04 13:27:19 +02:00
Rosen Penev
c00c06b877 usbreset: Add missing header
Fixes undefined reference to strtoul

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 653e05d27f)
2019-09-04 13:26:39 +02:00
Daniel Engberg
7b06f3ba0a util-linux: Update to 2.34
Update util-linux to 2.34
Refresh patch

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit d51f53b5ba)
2019-09-04 13:26:35 +02:00
DENG Qingfang
89828932c5 iperf3: update to 3.7
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
(cherry picked from commit 42b3a3a89b)
2019-09-04 13:26:13 +02:00
Rafał Miłecki
a074ed2933 base-files: drop support for NAND upgrade in platform_pre_upgrade()
With bcm53xx switched to the new procedure there is no more need for
keeping that backward compatibility code.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit ea4e1dac71)
2019-09-04 13:25:46 +02:00
Rafał Miłecki
ebef2c27eb base-files: drop unused jffs2_copy_config()
Its last usage was dropped back in 2013 in the commit b95bdc8ab5
("kernel/base-files: clean up old code related to refreshing mtd
partitions, it is no longer used anywhere").

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit f58ca6ee57)
2019-09-04 13:24:56 +02:00
Emil Muratov
1d68badbb3 zram-swap: Add extra commands for status/compaction
This patch adds two new commands:
  zram status - shows memory stats for all zram swaps
  zram compaction - trigger compaction for all zram swaps

Signed-off-by: Emil Muratov <gpm@hotplug.ru>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit a9deed62af)
2019-09-04 13:24:43 +02:00
Emil Muratov
dc97db2e39 busybox: enable swapon/off by default to make it consistent with mkswap
No size increase on busybox binary.
  Since busybox mkswap is already enabled by default it seems reasonable
  to enable swapon/off too. For ex. this obsoletes installing block-mount
  dependency for zram-swap.

Signed-off-by: Emil Muratov <gpm@hotplug.ru>
(cherry picked from commit afa5ce2493)
2019-09-04 13:24:37 +02:00
Emil Muratov
86735992c8 zram-swap: Add zram compaction and statistics info output
Executing '/etc/init.d/zram start' during runtime (with a swap being already
mounted) triggers zram device compaction and prints out nice stats info about
zram memory usage

Signed-off-by: Emil Muratov <gpm@hotplug.ru>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [use IEC's MiB unit]
(cherry picked from commit b062c90f47)
2019-09-04 13:24:36 +02:00
Emil Muratov
7580357dc0 zram-swap: Fix busybox dependency check
- fix dependency on BUSYBOX_CONFIG_SWAPONOFF (removed in 84da2a6)
   - add busybox defaults checking (fix zram-swap always installs swap-utils
     and libblkid as dependency, even if busybox includes mkswap by default)

Signed-off-by: Emil Muratov <gpm@hotplug.ru>
(cherry picked from commit c0d93432f2)
2019-09-04 13:24:36 +02:00
Konstantin Demin
c6698c7b34 libnftnl: bump to version 1.1.3
bump ABI version accordingly (thanks to Jo-Philipp Wich).

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
(cherry picked from commit ce8027ed29)
2019-09-04 13:24:04 +02:00
Florian Eckert
937a17de19 comgt: add delay option for 3g proto
All protos for wwan (ncm,qmi,mbim) do have a delay option.
To standardize that add also the missing delay option to the 3g proto.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit 313444a79e)
2019-09-04 13:23:25 +02:00
Karel Kočí
ec49bb64e7 base-files: supress service restart of umount
Restart is in default implemented so it calls stop and start. This is
pretty unsafe to call on umount service. This service should not do
anything on restart the same way as on start. Only use of this service
is on stop.

Signed-off-by: Karel Kočí <cynerd@email.cz>
(cherry picked from commit 537b801c54)
2019-09-04 13:23:16 +02:00
Florian Eckert
3cb0eed8a1 uqmi: fix indentation style and boundary
Fix indentation style and boundary.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit c06f2a2dcb)
2019-09-04 13:23:09 +02:00
Florian Eckert
bd8e0746c8 uqmi: add mtu config option possibility
There are mobile carrier who have different MTU size in their network.
With this change it is now possible to configure this with the qmi
proto handler.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit 8eb63cb7df)
2019-09-04 13:23:09 +02:00
Jason A. Donenfeld
a7be52284c wireguard: bump to 0.0.20190702
* curve25519: not all linkers support bmi2 and adx

This should allow WireGuard to build on older toolchains.

* global: switch to coarse ktime

Our prior use of fast ktime before meant that sometimes, depending on how
broken the motherboard was, we'd wind up calling into the HPET slow path. Here
we move to coarse ktime which is always super speedy. In the process we had to
fix the resolution of the clock, as well as introduce a new interface for it,
landing in 5.3. Older kernels fall back to a fast-enough mechanism based on
jiffies.

https://lore.kernel.org/lkml/tip-e3ff9c3678b4d80e22d2557b68726174578eaf52@git.kernel.org/
https://lore.kernel.org/lkml/20190621203249.3909-3-Jason@zx2c4.com/

* netlink: cast struct over cb->args for type safety

This follow recent upstream changes such as:

https://lore.kernel.org/lkml/20190628144022.31376-1-Jason@zx2c4.com/

* peer: use LIST_HEAD macro

Style nit.

* receive: queue dead packets to napi queue instead of empty rx_queue

This mitigates a WARN_ON being triggered by the workqueue code. It was quite
hard to trigger, except sporadically, or reliably with a PC Engines ALIX, an
extremely slow board with an AMD LX800 that Ryan Whelan of Axatrax was kind
enough to mail me.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
(cherry picked from commit 7c23f741e9)
2019-09-04 13:22:54 +02:00
Florian Eckert
5a41c027e1 base-files: add network_get_uptime() to /lib/functions/network.sh
Add missing ubus api call for uptime value.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit 9e780ed5f7)
2019-09-04 13:22:00 +02:00
Petr Štetiar
f011347ad2 upgs: update to latest git HEAD
cd7eabcd8c9d ugps: Fix compilation under 64-bit
198c06051dd0 Fix build error caused by enabled extra compiler warnings
fc2ab8756b3b Enable extra compiler warnings

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit f924fab3dc)
2019-09-04 13:21:41 +02:00
Eneas U de Queiroz
c71f70fcdd ustream-ssl: update to 2019-06-24
This adds chacha20-poly1305 support to the mbedtls variant.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 82a8ddd603)
2019-09-04 13:20:56 +02:00
Joseph Tingiris
12e66c71d9 rssileds: change rssileds.init STOP index
This patch is in a series to allow additional STOP indexes after
umount, so that other block devices may stop cleanly.

rssileds.init is now STOP=89

Signed-off-by: Joseph Tingiris <joseph.tingiris@gmail.com>
(cherry picked from commit 8a5a01a677)
2019-09-04 13:20:47 +02:00
Joseph Tingiris
c10b097198 kexec-tools: change kdump.init STOP index
This patch is in a series to allow additional STOP indexes after umount,
so that other block devices may stop cleanly.

kdumpinit is now STOP=90

Signed-off-by: Joseph Tingiris <joseph.tingiris@gmail.com>
(cherry picked from commit 5883b5a1f8)
2019-09-04 13:20:43 +02:00
Joseph Tingiris
7c9213b8b3 base-files: change boot & umount STOP indexes
This patch is in a series to allow additional STOP indexes after umount,
so that other block devices may stop cleanly.

boot is now STOP=90
umount is now STOP=90

After this patch series, the resulting STOP indexes in the 80s & 90s
will be:

STOP=85 odhcpd.init
STOP=89 conntrackd.init
STOP=89 log.init
STOP=89 rssileds.init
STOP=90 boot
STOP=90 kdump.init
STOP=90 network
STOP=90 sysfixtime
STOP=90 umount
STOP=98 mdadm.init (note: will be addressed in a separate patch)

Signed-off-by: Joseph Tingiris <joseph.tingiris@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[PKG_RELEASE is now 200]

(cherry picked from commit 04811007e5)
2019-09-04 13:20:18 +02:00
Josef Schlehofer
dc10fd35f1 mbedtls: Update to version 2.16.2
Signed-off-by: Josef Schlehofer <josef.schlehofer@nic.cz>
(cherry picked from commit a2f54f6d5d)
2019-09-04 13:20:09 +02:00
Deng Qingfang
c0c7377603 package/network: add PKGARCH:=all to non-binary packages
Packages such as xfrm contain only script files, add PKGARCH:=all

Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
(cherry picked from commit 6762e72524)
2019-09-04 13:19:14 +02:00
Eneas U de Queiroz
15a5b79132 nghttp2: deduplicate files in staging_dir
'38b22b1e: deduplicate files in libnghttp2' missed duplicates in
staging_dir by Build/InstallDev.

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
(cherry picked from commit ee1a783314)
2019-09-04 13:18:46 +02:00
Jo-Philipp Wich
a3a9e1d0fe rpcd: add direct dependency on libjson-c
The OpenWrt buildroot ABI version rebuild tracker does not handle
transient dependencies, therefor add all libraries linked by rpcd
as direct dependencies to the corresponding binary package definition.

This ensures that rpcd is automatically rebuilt and relinked if any
of these libraries has its ABI_VERSION updated in the future.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit eaad2211db)
2019-09-04 13:18:31 +02:00
Yousong Zhou
6e0bd49014 base-files: apply new sysctl.conf at postinst
This is mainly for kmod-br-netfilter.  To turn off
bridge-netfilter-call-xxx immediately after installation

While at it

 - Define filelist="/usr/lib/opkg/info/${pkgname}.list"
 - Reuse "[ -z "$root" ]"
 - Grep with "-m1"

Fixes FS#2300

Reported-by: Marco Sartorius <tidbits@ormoorgmen.info>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit 3dc4f59eab)
2019-09-04 13:18:19 +02:00
Christian Lamparter
bf5dd92cea hostapd: remove stale WPA_SUPPLICANT_NO_TIMESTAMP_CHECK option
Support to disable the timestamp check for certificates in
wpa_supplicant (Useful for devices without RTC that cannot
reliably get the real date/time) has been accepted in the
upstream hostapd. It's implemented in wpa_supplicant as a
per-AP flag tls_disable_time_checks=[0|1].

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 99bf9a1ac2)
2019-09-04 13:17:05 +02:00
Jo-Philipp Wich
1754dc2ddb treewide: fix syntax errors exposed after kconfig update
After commit e82a4d9cfb ("config: regenerate *_shipped sources") the mconf
parser became more strict as a side effect and started to spew a series of
warnings when evaluating our generated kconfig sources:

  tmp/.config-package.in:705:warning: ignoring unsupported character '@'

The root cause of these warnings is a wrong use of the @SYMBOL dependency
syntax in various Makefile. Fix the corresponding Makefiles by turning
`@SYM||@SYM2` expressions into the proper `@(SYM||SYM2)` form.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 74739c4228)
2019-09-04 13:15:40 +02:00
Jo-Philipp Wich
02c1e99d1b procd: add direct dependencies on libblobmsg-json and libjson-c
The OpenWrt buildroot ABI version rebuild tracker does not handle
transient dependencies, therefor add all libraries linked by procd
as direct dependencies to the corresponding binary package definition.

This ensures that procd is automatically rebuilt and relinked
if any of these libraries has its ABI_VERSION updated in the
future.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 66838cd851)
2019-09-04 13:15:16 +02:00
Petr Štetiar
8cd426de44 urngd: move project to git.openwrt.org
Let's move project to a proper place.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit bec8fb1ee7)
2019-09-04 13:13:33 +02:00
Hans Dedecker
5667768236 nghttp2: bump to 1.39.1
7ffc239b Bump up version number to 1.39.1
bc886a0e Fix FPE with default backend
a3a14a9c Fix log-level is not set with cmd-line or configuration file
acfb3607 Update manual pages
bdfd14c2 Bump up version number to 1.39.0, LT revision to 31:4:17
cddc09fe Update AUTHORS
3c3b6ae8 Add missing colon
2f83aa9e Fix multi-line text travis issue
fc591d0c Run nghttpx integration test with cmake build
9a17c3ef travis: use multi-line text
b7220f07 cmake: Remove SPDY related files
a1556fd1 Merge pull request #1356 from nghttp2/fix-log-level-on-reload
77f1c872 nghttpx: Fix unchanged log level on configuration reload
49ce44e1 Merge pull request #1352 from nghttp2/travis-osx
f54b3ffc Fix libxml2 CFLAGS output
b0f5e5cc Implement daemon() using fork() for OSX
8d6ecd66 Enable osx build on travis
f82fb521 Update doc
2e1975dd clang-format-8
97ce392b Merge pull request #1347 from nghttp2/nghttpx-ignore-cl-te-on-upgrade
afefbda5 Ignore content-length in 200 response to CONNECT request
4fca2502 nghttpx: Ignore Content-Length and Transfer-Encoding in 1xx or 200 to CONNECT
6975c336 Update llhttp to 1.1.3
0288093c Fix llhttp_get_error_pos usage
a3a03481 Merge pull request #1340 from nghttp2/nghttpx-llhttp
c64d2573 Replace http-parser with llhttp
f028cc43 clang-format
302e3746 Merge pull request #1337 from nghttp2/upgrade-mruby
3cdbc5f5 Merge pull request #1335 from adamgolebiowski/boost-1.70
a6925186 Fix mruby build error
45d63d20 Upgrade mruby to 2.0.1
cbba1ebf asio: support boost-1.70
e86d1378 Bump up version number to 1.39.0-DEV
4a9d2005 Update manual pages

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 865e25e049)
2019-09-04 13:13:21 +02:00
Hauke Mehrtens
670fd46b3f urngd: Fix more wrong type in format string
Also the other type is worng and causes compile problems on ARM64
platforms.

Fixes: 9b53201d9c ("urngd: Fix wrong type in format string")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 1ae1276eab)
2019-09-04 13:13:16 +02:00
Hauke Mehrtens
9697f4cf73 libubox: update to latest git HEAD
9dd2dcf libubox: add format string checking to ulog()
ecf5617 ustream: Add format string checks to ustream_(v)printf()

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit fc454ca153)
2019-09-04 13:12:35 +02:00
Hauke Mehrtens
8a78e4dbb9 urngd: Fix wrong type in format string
GCC 9.1 complains about this wrong type used in the format string, fix
this to make the compiler happy.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 9b53201d9c)
2019-09-04 13:12:19 +02:00
Hauke Mehrtens
18e3ab9e34 ubox: bump to git HEAD
4df34a4 kmodloader: Increase path array size to make it always fit

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 22d3d91c77)
2019-09-04 13:12:09 +02:00
Hans Dedecker
512244e49a netifd: xfrm fixes
9932ed0 netifd: fix xfrm interface deletion and standardize netlink call

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 1fd900ddc2)
2019-09-04 13:12:05 +02:00
André Valentin
09d37d67ec network/config/xfrm: add host-dependency for xfrm interface parent
Add proto_add_host_dependency to add a dependency to the tunlink interface

Signed-off-by: André Valentin <avalentin@marcant.net>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
(cherry picked from commit f6dab98044)
2019-09-04 13:09:02 +02:00
Hans Dedecker
37530be1ef netifd: update to latest git HEAD
42a3878 interface-ip: fix possible null pointer dereference
c1964d8 system-linux: remove superfluous dev check

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 55fcc77072)
2019-09-04 13:08:47 +02:00
Paul Spooren
bbcd7d05e0 f2fs-tools: fixup SPDX license
The f2fs-tools have a wrong PKG_LICENSE with is not SPDX compatible.

Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 35a70d6262)
2019-09-04 13:08:42 +02:00
Konstantin Demin
141bc476f5 nghttp2: deduplicate files in libnghttp2
libnghttp2 accidentally ships library twice:

$ tar -Oxzf libnghttp2-14_1.38.0-1_mips_24kc.ipk ./data.tar.gz | tar -tzvf -
drwxr-xr-x root/root         0 2019-06-07 23:14 ./
drwxr-xr-x root/root         0 2019-06-07 23:14 ./usr/
drwxr-xr-x root/root         0 2019-06-07 23:14 ./usr/lib/
-rw-r--r-- root/root    144412 2019-06-07 23:14 ./usr/lib/libnghttp2.so.14
-rw-r--r-- root/root    144412 2019-06-07 23:14 ./usr/lib/libnghttp2.so.14.17.3

after fix, there's library and symlink (as designed):

$ tar -Oxzf libnghttp2-14_1.38.0-2_mips_24kc.ipk ./data.tar.gz | tar -tzvf -
drwxr-xr-x root/root         0 2019-06-07 23:14 ./
drwxr-xr-x root/root         0 2019-06-07 23:14 ./usr/
drwxr-xr-x root/root         0 2019-06-07 23:14 ./usr/lib/
lrwxrwxrwx root/root         0 2019-06-07 23:14 ./usr/lib/libnghttp2.so.14 -> libnghttp2.so.14.17.3
-rw-r--r-- root/root    144412 2019-06-07 23:14 ./usr/lib/libnghttp2.so.14.17.3

Binary package size reduced accordingly: 134621 -> 66593.

Compile/run-tested: ar71xx/generic.

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
(cherry picked from commit 38b22b1e70)
2019-09-04 13:08:29 +02:00
Hans Dedecker
49d35646ea odhcpd: various fixes
8f1347b odhcpd: router: Fix out of scope memory access
d37736e dhcpv6-ia: free assignment when validity timer expires

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-09-03 21:53:43 +02:00
Alin Nastac
22378beb58 iproute2: add libcap support, enabled in ip-full
Preserve optionality of libcap by having configuration script follow the
HAVE_CAP environment variable, used similarly to the HAVE_ELF variable.

Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase/refresh patches]
(backported from commit a6da3f9ef7)
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-08-30 12:39:27 +02:00
Felix Fietkau
73d45c7378 mac80211: add config tweak for tx bursting when using VHT
By default, set BE tx queue TXOP limit to 2.0 in the hostapd config
Many vendor drivers are doing similar things to boost throughput.
On MT7612 under ideal conditions, it improves tx throughput from 470 Mbit/s
to about 570 Mbit/s.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 8650201f10)
2019-08-28 21:05:52 +02:00
Koen Vandeputte
dd4b8a24a1 ath9k: backport dynack improvements
Close cooperation with Lorenzo Bianconi resulted
in these patches which fix all remaining seen issues
when using dynack.

Fix link losses when:
- Late Ack's are not seen or not present
- switching from too low static coverage class to dynack on a live link

These are fixed by setting the Ack Timeout/Slottime to
the max possible value for the currently used channel width when
a new station has been discovered.

When traffic flows, dynack is able to adjust to optimal values
within a few packets received (typically < 1 second)

These changes have been thoroughly tested on ~60 offshore devices
all interconnected using mesh over IBSS and dynack enabled on all.

Distances between devices varied from <100m up to ~35km

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Lorenzo Bianconi <lorenzo@kernel.org>
(cherry picked from commit f6e8ba0238fe349b7529357793e2fb18635819ed)
2019-08-28 13:09:41 +02:00
Jo-Philipp Wich
ee164007b0 fstools: update to latest Git HEAD
6a61b9a probe: fallback to libblkid.so.1 when libblkid.so does not exist

Also remove deprecation notices from init script while we're at it.

Fixes: FS#2274
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 517cb0b70b)
2019-08-28 12:48:45 +02:00
Christian Lamparter
f2c6fa3dbb fstools: update to HEAD of 2019-07-01 - 1539b5
Update fstools to commit 1539b535ac327a3bc599d1ca871e14fd0dc3bba1

git log --pretty=oneline --abbrev-commit ff1ded63..1539b535

1539b53 libblkid-tiny: increment label size to 256
d563f3c libblkid-tiny: fix wrong btrfs label length
3957dd3 block: prevent mount point confusion
9b36dc2 libfstools: avoid false positives when matching devices and volumes

Created with the help of the make-package-update-commit.sh script.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 8036345225)
2019-08-28 12:48:38 +02:00
Jo-Philipp Wich
6710bb25b6 iwinfo: update to latest Git HEAD
a9f9557 nl80211: support reading hardware id from phy directly
c586cd3 iwinfo: add device id for MediaTek MT7612E
d4382dd iwinfo: add device id for Atheros AR9390

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit b13f3300d5)
2019-08-28 12:47:08 +02:00
DENG Qingfang
c03765e87a mtd-utils: update to 2.1.1
Removed upstream patch
Compile and run tested on mvebu

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
(cherry picked from commit fb57c617ba5269a6c2050e42b9d68813e262bf0d)
2019-08-27 10:31:06 +02:00
Koen Vandeputte
9952c8cf40 ath10k-ct: update to version 2019-08-14
Changes:

9e5ab25027e0 ath10k-ct:  Update to latest 5.2 upstream, support bigger mtu, 160Mhz

Removed upstreamed patches:
- 204-ath10k-fix-max-antenna-gain-unit.patch
- 205-ath10k-adjust-tx-power-reduction-for-US-regulatory-d.patch

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-08-27 10:31:06 +02:00
Koen Vandeputte
c46219021f ath10k-firmware: update Candela Tech firmware images
This should fix a problem with 1560 MTU, 160Mhz on DFS channels,
some other small issues on < 5.2 kernels, and for 5.2 driver,
it pulls in some upstream stable fixes.

wave-1 firmware changes since last update:

  *  June 24, 2019: Try allocating low-priority WMI msgs if high-prio are not available.

  *  June 24, 2019: Init rate-ctrl to start at lowest rate instead of in the middle.  Hoping
                    this helps DHCP when station connects from a long distance.

wave-2:

  *  June 24, 2019  Start rate-ctrl at minimal values to help DHCP work better for far-away peers.

  *  July 24, 2019  Fix old regression that made /a (and probably /b/g) perform poorly, at least on
                    diet-compiled images.

  *  Aug 8, 2019  Improve a/b/g rate-ctrl by damping the PER swings caused by the all-or-nothing logic
                  of transmitting non-block-ack frames one at a time.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit de5f0764883ad6a0767da58d7359f3e01aa91139)
2019-08-27 10:31:06 +02:00
Hauke Mehrtens
5c47bfb735 ath10k-ct: remove patches for old versions
the ath10k-ct package ships multiple versions of the ath10k-ct driver,
OpenWrt currently only uses the version 4.19, but we still ship some
patches for older versions. Remove all patches only touching older
versions and also remove the patch for older versions from patches which
do the same changes to multiple versions of ath10k-ct.

This removes some unneeded patches, the end binary should stay the same.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 10fe5ca362)
2019-08-27 10:31:06 +02:00
Hauke Mehrtens
218cc22a43 ath10k-ct: update to version 2019-06-13
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 8f61b4cac4)
2019-08-27 10:31:06 +02:00
Hauke Mehrtens
3a2bdf91bf ath10k-firmware: Fix mirror hash
Fixes: 7f79882d44 ("ath10k-firmware: update board-2.bin for community firmwares")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 7c640c2960)
2019-08-27 10:31:06 +02:00
Christian Lamparter
e57a756487 ath10k-firmware: update board-2.bin for community firmwares
This patch updates the board-2.bin for the default
IPQ4019, QCA9984 and QCA9888 ath10k-firmware-xyz-ct
and -ct-htt firmwares.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 7f79882d44)
2019-08-27 10:31:06 +02:00
Kevin Darbyshire-Bryant
3898d98061 ath10k-firmware: update Candela Tech firmware images
wave-1:

2019-05-09: Tweak rate-ctrl:  Ramp PER up faster, down slower.  This
	    helps throughput in rate-vs-range test, especially with
	    nss1.

2019-05-20: Disable adaptive-CCA.  I am not sure it helps, and it may
	    make it slower to detect noise that should tell the system
	    to stop transmitting.  If someone has means to test this
	    properly, I'd be happy to work with them.

wave-2:

2019-05-15: Fix problem where rate-ctrl sometimes used rix of 0x0.

2019-05-15: Allow raw-tx of encrypted frame.  Requires a patch to the
	    driver to use raw mode when skb has WEP flag enabled AND
	    skb is flagged to not be encrypted.  Lightly tested.

2019-05-16: Fix tx-hang that happened when rate-ctrl chose an OFDM rate
	    for 20Mhz and sent that as AMPDU.  To fix, limit to (V)HT
	    rates if peer is (V)HT.  It seems that MCS0 (V)HT20 should
	    have as good of a chance of being detected as CCK or OFDM.

2019-06-06: Disable TX-BFEE, TX-BFER for IBSS connections.  I suspect
	    this is part of the tx-hang issue seen with IBSS between
	    two 9984 radios.

2019-06-12: Fix rx-rate reporting in 'fw_stats' logic.  This was at
	    least partly due to regressions I had added earlier when
	    working on some multi-vdev enhancements.

2019-6-12: Fix case where extd peer-stats were not always populated.
	   The stats gathering code did not handle error conditions
	   well.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit ff2382e36c)
2019-08-27 10:31:06 +02:00
Kevin Darbyshire-Bryant
f830903c37 ath10k-ct: Update to 2019-06-13
Changes:

ath10k:  Improve PMF/MPF mgt frame check

And add a driver for 5.2 (beta, not even tested yet) kernel.

Refresh patches.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 49b3dcb2ab)
2019-08-27 10:31:06 +02:00
Felix Fietkau
c3327f48dc mt76: update to the latest version
b3a29655ae0b mt76x02: fix crash on device reset
ffddb685a679 mt76x02u: check chip version on probe
7fc5f925ec35 mt76x2u: remove duplicated entry in mt76x2u_device_table
61311d9b307a mt76: introduce mt76_free_device routine
a7dfcf2e2498 mt76: move mac_work in mt76_dev
334b4cedf2b0 mt76: add mac80211 driver for MT7615 PCIe-based chipsets
edb2a001b695 mt76: add unlikely() for dma_mapping_error() check
355c07904da7 mt76: use macro for sn and seq_ctrl conversion
133bffba8bb2 add firmware for MT7615E
49d9c1b29f1d mt76: usb: reduce locking in mt76u_tx_tasklet
3e371ca35c7f mt76: set txwi_size according to the driver value
50073265559a mt76: add skb pointer to mt76_tx_info
c47a5685d00b mt76: dma: introduce skb field in mt76_txwi_cache
9029560fad1f mt76: dma: add skb check for dummy pointer
e9eea3923774 mt76: mt7615: use sizeof instead of sizeof_field
98c5359e9649 Revert "mt76: fix potential deadlock on cancelling workqueues"
bc9baa7b12b9 mt76x02u: remove bogus stop on suspend
6c1cab9abafc mt76usb: fix tx/rx stop
0e674c50a5a3 mt76x02: remove bogus mutex usage
59f7bb6fbfc5 Revert "mt76: mt76x02: send no-skb tx status without holding the status lock"
b0f2a30452f0 mt76x02: avoid status_list.lock and sta->rate_ctrl_lock dependency
62054defd78a mt76: mt7603: remove query from mt7603_mcu_msg_send signature
e79d96acf597 mt76: mt7603: use standard signature for mt7603_mcu_msg_send
be8f0394e335 mt76: mt7603: initialize mt76_mcu_ops data structure
9a9c6569e987 mt76: introduce mt76_mcu_restart macro
980b91e04006 mt76: mt7603: init mcu_restart function pointer
a97db3f3ceee mt76: mt7603: run __mt76_mcu_send_msg in mt7603_mcu_send_firmware
151115f8160b mt76: mt76x02: mt76x02_poll_tx() can be static
7391f98f8b4b mt76: fix endianness sparse warnings
6c06f7381129 mt76: mt7603: report firmware version using ethtool
f06647efbd1c mt76: usb: use EP max packet aligned buffer sizes for rx
f43fccf0990e mt76: move beacon_int in mt76_dev
74ab2cf6171e mt76: move beacon_mask in mt76_dev
23c2f94deeeb mt76: add TX/RX antenna pattern capabilities
6e790e106a84 mt76: move pre_tbtt_tasklet in mt76_dev
7606c08414e5 mt76: mt7603: enable/disable pre_tbtt_tasklet in mt7603_set_channel
ff22eee58520 mt76: do not enable/disable pre_tbtt_tasklet in scan_start/scan_complete
3157385e2277 mt76: mt7603: dynamically alloc mcu req in mt7603_mcu_set_eeprom
cc674e2d1f10 mt76: mt76x02: remove useless return in mt76x02_resync_beacon_timer
6b184272ba15 mt76: move tx_napi in mt76_dev
bce63c453c85 mt76: mt7603: use napi polling for tx cleanup
4afd89e8ab20 mt76: mt7615: use napi polling for tx cleanup
2cb46830faf7 mt76: move netif_napi_del in mt76_dma_cleanup
b4ceb9f7c791 mt76: Fix a signedness bug in mt7615_add_interface()
d00dc9524068 mt76: mt7615: Use after free in mt7615_mcu_set_bcn()
4e0ccc6a2da6 mt76: mt7615: Make mt7615_irq_handler static
0fd552a55847 mt7615: mcu: simplify __mt7615_mcu_set_wtbl
50f70948ffcc mt7615: mcu: simplify __mt7615_mcu_set_sta_rec
4434d04d3c50 mt7615: mcu: remove bss_info_convert_vif_type routine
083fbb97223c mt7615: mcu: use proper msg size in mt7615_mcu_add_wtbl_bmc
f61ca8019129 mt7615: mcu: use proper msg size in mt7615_mcu_add_wtbl
35bd12d609ac mt7615: mcu: unify mt7615_mcu_add_wtbl_bmc and mt7615_mcu_del_wtbl_bmc
f8f990b9092e mt7615: mcu: remove unused parameter in mt7615_mcu_del_wtbl
965bca14795e mt7615: remove query from mt7615_mcu_msg_send signature
9b9ca18d9602 mt7615: remove dest from mt7615_mcu_msg_send signature
935b7e5edaba mt7615: mcu: remove skb_ret from mt7615_mcu_msg_send
2442db44c2ab mt7615: mcu: unify __mt7615_mcu_set_dev_info and mt7615_mcu_set_dev_info
645bc458e1ab mt7615: mcu: do not use function pointers whenever possible
40c4201c28bf mt7615: mcu: remove unused structure in mcu.h
a8834a233fa7 mt7615: mcu: use standard signature for mt7615_mcu_msg_send
824d25c44124 mt7615: initialize mt76_mcu_ops data structure
d9434275a872 mt7615: mcu: init mcu_restart function pointer
c2211e478c6e mt7615: mcu: run __mt76_mcu_send_msg in mt7615_mcu_send_firmware
cb63a06c403a mt76: mt7603: stop mac80211 queues before setting the channel
c6aaa3a2a9ea mt76: mt7615: rearrange cleanup operations in mt7615_unregister_device
97609f3708c7 mt76: mt7615: add static qualifier to mt7615_rx_poll_complete
f9dadd2d9377 mt76: mt7603: add debugfs knob to enable/disable edcca
89cda5d85498 mt7603: fix reading target tx power from eeprom
77d0e3378bd1 mt76: fix setting chan->max_power
f575da2f01a4 mt76: mt76x02: fix tx status reporting issues
a5d18dca9d3e mt76: mt76x02: fix tx reordering on rate control probing without a-mpdu
bd32a93e4996 mt76: mt76x02: remove enable from mt76x02_edcca_init signature
18386eef1d22 mt76: mt76x2u: remove mt76x02_edcca_init in mt76x2u_set_channel
da3514f6de4f mt76: mt76x2: move mutex_lock inside mt76x2_set_channel
0d4719c327ca mt76: mt76x02: run mt76x02_edcca_init atomically in mt76_edcca_set
fd5af7397257 mt76: mt76x02: fix edcca file permission
a0f51f276104 mt76: mt7615: do not process rx packets if the device is not initialized
753cdee4f6f6 mt76: mt7615: stop mcu first in mt7615_unregister_device
899efe755bae mt76: move mt76_insert_ccmp_hdr in mt76-module
6960b6e2d163 mt76: mt7615: add support for mtd eeprom parsing
4bcb0577daa5 mt76: mt7615: select wifi band according to eeprom
866f2c6cd0a2 mt76: generalize mt76_get_txpower for 4x4:4 devices
514fb04492a6 mt76: mt7615: add the capability to configure tx power
ced9d43a8a85 mt76: mt7615: init get_txpower mac80211 callback
8abd502a5f86 mt76: mt7615: rearrange locking in mt7615_config
5b9b62e0b00c mt76: move mt76_get_rate in mt76-module
661c7c8e1acc mt76: Remove set but not used variables 'pid' and 'final_mpdu'
f072c7ba2150 mt76: mt7615: enable support for mesh
28d9496205a6 mt76: mt7615: fix slow performance when enable encryption
827b9ade1672 mt76: mt7615: remove unused variable in mt7615_mcu_set_bcn
34eea1414b8b mt76: mt7615: remove key check in mt7615_mcu_set_wtbl_key
2bfae5a25251 mt76: usb: fix rx A-MSDU support
b0335320fc2c mt76: usb: do not always copy the first part of received frames
3e7fc1573c6f mt76x02: fix reporting of non-probing frames with tx status requested
0d5caead9765 Revert "mt76: usb: do not always copy the first part of received frames"
335e8c6baf77 Revert "mt76: usb: fix rx A-MSDU support"
47ddf4b722a1 mt76: revert support for TX_NEEDS_ALIGNED4_SKBS
0b6520bd1c98 mt7603: rework and fix tx status reporting
539b6796605c mt7603: improve hardware rate switching configuration
d86d6efa7214 mt76x0: fix RF frontend initialization for external PA
f476a14761ec mt76x02: fix endian issue in tx status reporting patch
f8d051785221 mt76: mt7615: simplify mt7615_mcu_set_sta_rec routine
73ff45f618fd mt76: mt7615: add support for per-chain signal strength reporting
9b67ae62d9ea mt76: mt7615: init per-channel target power
160fdc05e260 mt76: mt7615: take into account extPA when configuring tx power
2211d9370976 mt76: mt76x02u: fix sparse warnings: should it be static?
3750533a37a4 mt76: mt7615: fix incorrect settings in mesh mode
c37c1ca3fa01 mt76: mt7615: update peer's bssid when state transition occurs
9dd1089a29af mt76: mt76u: reduce rx memory footprint
0789f45e52c5 mt76: mt7615: remove cfg80211_chan_def from mt7615_set_channel signature
2dca431cd7fc mt76: move nl80211_dfs_regions in mt76_dev data structure
3386ccf7842b mt76: mt76u: get rid of {out,in}_max_packet
d680ab01cddd mt76: usb: fix rx A-MSDU support
6cafaca7225d mt7603: use READ_ONCE instead of ACCESS_ONCE
9e2e0b857710 mt76: round up length on mt76_wr_copy
e378ef1bc1e5 mt76: mt7615: fix sparse warnings: warning: restricted __le16 degrades to integer
7991dd7e25c8 mt76: mt7615: introduce mt7615_regd_notifier
901a4c7b7f8c mt76: mt7615: add hw dfs pattern detector support
57c600e5b945 mt76: mt7615: do not perform txcalibration before cac is complited
6afc9521962f mt76: mt7615: add csa support
8919516006e4 mt76: mt7615: add radar pattern test knob to debugfs
3be723cad7a9 mt76: mt7615: clean up FWDL TXQ during/after firmware upload
47fe37e22fdf mt76: mt7615: fall back to sw encryption for unsupported ciphers
bc5e0417939f mt76: mt7603: enable hardware rate up/down selection
ae760db52abc mt76: mt7615: move mt7615_mcu_set_rates to mac.c
2ae01f7e7715 mt76: mt7615: reset rate index/counters on rate table update
6f9837833baf mt76: mt7615: sync with mt7603 rate control changes
edbe88ec7c1f mt76: usb: fix endian in mt76u_copy
f43b6228facf mt76: usb: remove unneeded {put,get}_unaligned
5e1e5b75d6e8 mt76: usb: use full intermediate buffer in mt76u_copy
017d0ff097f7 mt76: mt76u: fix typo in mt76u_fill_rx_sg
2c0ccf1561c1 mt76: mt7615: always release sem in mt7615_load_patch
0c6f1a2b3c33 mt76: mt7615: introduce mt7615_mcu_send_ram_firmware routine
3dfc1eeffedf mt76: mt7615: fix sparse warnings: incorrect type in assignment (different base types)
947532099c3e mt76: mt7603: fix sparse warnings: warning: incorrect type in assignment (different base types)
e07451d27941 mt76: mt7615: fix sparse warnings: warning: cast from restricted __le16
b973bef0f87f mt7603: do not use tssi-off power value for mt7628
8fc3e6e02e96 mt76: mt7615: fix using VHT STBC rates
b21b99187a54 mt76: mt7615: fix PS buffering of action frames
3d43dd886951 mt76: mt7615: fix invalid fallback rates
0ce46825b8df mt76: mt7603: fix invalid fallback rates
3b08966d99ae Revert "mt76: usb: use full intermediate buffer in mt76u_copy"
48800e7b6088 Revert "mt76: usb: remove unneeded {put,get}_unaligned"
439354d54085 Revert "mt76: usb: fix endian in mt76u_copy"
8c1da9367beb mt76: usb: fix endian in mt76u_copy
307be50cc5f4 mt76: usb: remove unneeded {put,get}_unaligned
5d298297c00c mt76: mt76x02: use params->ssn value directly
f74d117ed41c mt76: mt7603: use params->ssn value directly
649f2e83742e mt76: mt7615: use params->ssn value directly
b647180c86be mt76: mt7615: unlock dfs bands
410923fa24de Revert accidental debugging change
3d7f7384bef0 mt76: mt7615: add missing register initialization
75656a4590a3 net: wireless: support of_get_mac_address new ERR_PTR error
fb0f432834c0 mt76: stop rx aggregation on station removal
76aada563b66 mt76: dma: reset q->rx_buf on rx reset
3245ca8b8aeb mt76: check of_get_mac_address for NULL as well to restore old kernel compat
8e495245ab3d mt76: mt7615: move mt7615_mac_get_key_info in mac.c
e4f48a8df6aa mt76: mt7615: add mt7615_mac_wtbl_addr routine
e8c95e5a41f0 mt76: mt7615: introduce mt7615_mac_wtbl_set_key routine
d998b90c4bed mt76: mt7615: remove wtbl_sec_key definition
60d279ec2762 mt76: mt7615: add set_key_cmd and mt76_wcid to mt7615_mac_wtbl_set_key signature
4947ad4eab6a mt76: introduce mt76_mmio_read_copy routine
4d9001b8ab1d mt76: mt7615: fix MT7615_WATCHDOG_TIME definition
3d6796b867b6 mt76: mt7603: fix watchdog rescheduling in mt7603_set_channel
8d7a48030005 mt76: mt7615: add 4 WMM sets support
ae0f11149248 mt76: mt7615: update cw_min/max related settings
8b7bbd017654 mt76: mt7603: fix some checkpatch warnings
e6045467848d mt76: mt7615: fix some checkpatch warnings
c415c676e255 mt76: mt76x02: fix some checkpatch warnings
f625afcedc9b mt76: switch to SPDX tag instead of verbose boilerplate text
4d57f1cee4aa mt76: mt7615: rework locking scheme for mt7615_set_channel
2becd13be766 mt76: mt7615: add Smart Carrier Sense support
20f0c196722a mt76: mt76x02: introduce mt76x02_pre_tbtt_enable and mt76x02_beacon_enable macros
ae83a05b1050 mt76: mt76x02: do not copy beacon skb in mt76x02_mac_set_beacon_enable
92fa62ace198 mt76: mt76x02u: enable multi-vif support
c6dabfe953af mt76: mt76x02u: enable survey support
1f44159b41ff mt76: mt7603: move survey_time in mt76_dev
9657e6304322 mt76: mt7615: enable survey support
af860c0decb1 mt76: move mt76_tx_tasklet in mt76 module
a9d2a28b39fc mt76: mt7603: remove unnecessary mcu queue initialization
281b10fc1fe6 mt76: mt7615: add BIP_CMAC_128 cipher support
37673a4181e4 mt76: fix some checkpatch warnings
a7fa32603981 mt76: add default implementation for mt76_sw_scan/mt76_sw_scan_complete
5c35bdf057af mt7615: apply calibration-free data from OTP
0e3baf0213c9 mt76: fix a leaked reference by adding a missing of_node_put
2d5928fef23d net: Remove dev_err() usage after platform_get_irq()
a0824197ab00 mt76: mt76x0e: disable 5GHz band for MT7630E
4d8a9f20610f mt76: do not send BAR frame on tx aggregation flush stop
2a0edbb4473b mt76: remove offchannel check in tx scheduling

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-08-26 19:10:10 +02:00
Felix Fietkau
7c32f8eff0 mac80211: backport support for the IEEE80211_KEY_FLAG_GENERATE_MMIE flag
Required for an upcoming mt76 update

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 0441edfb7f)
2019-08-26 18:43:24 +02:00
Felix Fietkau
1a1a504a54 mac80211: add new minstrel_ht patches to improve probing on mt76x2
Also include follow-up regression fix from master

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commits 9861050b85 and f0992d7a30)
2019-08-26 16:27:30 +02:00
Hauke Mehrtens
7d300326ee mdadm: Use upstream fix for musl 1.1.23 compile
Fixes: d720f83f87 ("mdadm: Fix compile with musl 1.1.23")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit ebbec2fdc6)
2019-08-21 10:28:27 +02:00
Hauke Mehrtens
d720f83f87 mdadm: Fix compile with musl 1.1.23
This adds missing includes for sys/sysmacros.h which are needed with
musl libc 1.1.23.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit ba8aeb02ea)
2019-08-21 10:27:09 +02:00
Hans Dedecker
c85f9a245a odhcpd: remove socket from uloop upon NETEV_IFINDEX_CHANGE
949476e router: close socket upon NETEV_IFINDEX_CHANGE fixed

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-08-19 21:31:15 +02:00
Jo-Philipp Wich
5d906a656e uhttpd: update to latest Git HEAD
6b03f96 ubus: increase maximum ubus request size to 64KB

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit d1f207ecc9)
2019-08-18 20:01:59 +02:00
Jo-Philipp Wich
190c5626ff uhttpd: add direct dependency on libjson-c
The OpenWrt buildroot ABI version rebuild tracker does not handle
transient dependencies, therefor add all libraries linked by uhttpd
as direct dependencies to the corresponding binary package definition.

This ensures that uhttpd is automatically rebuilt and relinked if any
of these libraries has its ABI_VERSION updated in the future.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit a95ddaba02)
2019-08-18 20:01:58 +02:00
Hauke Mehrtens
a2a311fc2b uhttpd: Fix format string build problems
91fcac34ac uhttpd: Fix multiple format string problems

Fixes: fc454ca153 libubox: update to latest git HEAD
Reported-by: Hannu Nyman <hannu.nyman@iki.fi>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 3c401f45c9)
2019-08-18 20:01:58 +02:00
Luiz Angelo Daros de Luca
3b34fcaf94 musl: ldso/dlsym: fix mips returning undef dlsym
This happens only the second time a library is loaded by dlopen().
After lib1 is loaded, dlsym(lib1,"undef1") correctly resolves the undef
symbol from lib1 dependencies. After the second library is loaded,
dlsym(lib2,"undef1") was returning the address of "undef1" in lib2
instead of searching lib2 dependencies.

Using upstream fix which now uses the same logic for relocation time
and dlsym.

Fixes openwrt/packages#9297

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
(cherry picked from commit 0d0617ff14)
2019-08-17 17:13:51 +02:00
Rosen Penev
6868188101 bzip2: Update to 1.0.8
It seems bzip2 was abandoned by the author and adopted by the sourceware
people. The last release of bzip2 was from 2010.

Several security bugs were fixed as well as others.

Fixed up PKG_LICENSE to be compatible with SPDX.

Changed URLs to point to the new home.

Added patch that gets rid of deprecated utime function and switches it to
utimensat.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2019-08-17 17:00:11 +02:00
Eneas U de Queiroz
b35e1360cd wolfssl: bump to 4.1.0-stable
Always build AES-GCM support.
Unnecessary patches were removed.

This includes two vulnerability fixes:

CVE-2019-11873: a potential buffer overflow case with the TLSv1.3 PSK
extension parsing.

CVE-2019-13628 (currently assigned-only): potential leak of nonce sizes
when performing ECDSA signing operations. The leak is considered to be
difficult to exploit but it could potentially be used maliciously to
perform a lattice based timing attack.

This brings the package up-to-date with master, so it incorporates
changes from 4.0.0 in master:
* Removed options that can't be turned off because we're building with
  --enable-stunnel, some of which affect hostapd's Config.in.
* Adjusted the title of OCSP option, as OCSP itself can't be turned off,
  only the stapling part is selectable.
* Mark options turned on when wpad support is selected.
* Add building options for TLS 1.0, and TLS 1.3.
* Add hardware crypto support, which due to a bug, only works when CCM
  support is turned off.
* Reorganized option conditionals in Makefile.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2019-08-17 17:00:10 +02:00
Hauke Mehrtens
3809b6662d mac80211: Update to version 4.19.66-1
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-08-17 13:36:06 +02:00
Hauke Mehrtens
ac7ccf739a mac80211: Update to version 4.19.57
This updates to backports-4.19.57-1 which contains the wireless
subsystem and driver from kernel 4.19.57.
The removed patches are applied upstream.

Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-08-17 13:36:06 +02:00
Hans Dedecker
0f0ed2451e odhcpd: fix closing of router socket
c2d6032 router: fix previous commit

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-08-17 09:45:10 +02:00
Hans Dedecker
45a26cb211 odhcpd: fix sending RA when link state brings bridge down
13928b3 router: close socket upon NETEV_IFINDEX_CHANGE

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-08-16 09:54:43 +02:00
Hans Dedecker
30798132bf odhcpd: fix lingering uloop socket descriptor
e9e8240 router: fix lingering uloop socket descriptor

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-08-10 10:18:00 +02:00
Jo-Philipp Wich
872cbcc628 config: introduce separate CONFIG_SIGNATURE_CHECK option
Introduce a new option CONFIG_SIGNATURE_CHECK which defaults to the value
of CONFIG_SIGNED_PACKAGES and thus is enabled by default.

This option is needed to support building target opkg with enabled
signature verification while having the signed package lists disabled.

Our buildbots currently disable package signing globally in the
buildroot and SDK to avoid the need to ship private signing keys to
the build workers and to prevent the triggering of random key generation
on the worker nodes since package signing happens off-line on the master
nodes.

As unintended side-effect, updated opkg packages will get built with
disabled signature verification, hence the need for a new override option.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit f565f276e2)
2019-08-07 07:53:48 +02:00
Petr Štetiar
ff550dae32 adb: fix build breakage on recent musl
Fix build breakage as upstream has removed implicit include of
sys/sysmacros.h from sys/types.h:

 remove implicit include of sys/sysmacros.h from sys/types.h

 this reverts commit f552c792c7ce5a560f214e1104d93ee5b0833967, which
 exposed the sysmacros.h macros (device major/minor calculations) for
 BSD and GNU profiles to mimic an unintentional glibc behavior some
 code depended on. glibc has deprecated and since removed them as the
 resolution to bug #19239, so it makes no sense for us to keep this
 behavior. affected code should all have been fixed by now, and if it's
 not yet fixed it needs to be for use with modern glibc anyway.

Ref: https://git.musl-libc.org/cgit/musl/commit/include/sys/types.h?id=a31a30a0076c284133c0f4dfa32b8b37883ac930
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 79596f782e)
2019-08-07 07:43:30 +02:00
Jo-Philipp Wich
4fd7a30c70 packages: apply usign padding workarounds to package indexes if needed
Since usign miscalculates SHA-512 digests for input sizes of exactly
64 + N * 128 + 110 or 64 + N * 128 + 111 bytes, we need to apply some
white space padding to avoid triggering the hashing edge case.

While usign itself has been fixed already, there is still many firmwares
in the wild which use broken usign versions to verify current package
indexes so we'll need to carry this workaround in the forseeable future.

Ref: https://forum.openwrt.org/t/signature-check-failed/41945
Ref: https://git.openwrt.org/5a52b379902471cef495687547c7b568142f66d2
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit e1f588e446)
2019-08-07 07:22:37 +02:00
Jo-Philipp Wich
7a10c7b882 usign: update to latest Git HEAD
This update fixes usign signature verification on files with certain
file sizes triggering a bug in the shipped SHA-512 implementation.

5a52b37 sha512: fix bad hardcoded constant in sha512_final()
3e6648b README: replace unicode character
716c3f2 README: add reference to OpenBSD signify
86d3668 README: provide reference for ed25519 algorithm
939ec35 usign: main.c: describe necessary arguments for -G

Ref: https://forum.openwrt.org/t/signature-check-failed/41945
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 991dd5a893)
2019-08-06 20:58:35 +02:00
Rafał Miłecki
8efccf76f8 mac80211: brcm: improve brcmfmac debugging of firmware crashes
This provides a complete console messages dump.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 6a7b201b6c)
2019-07-28 14:21:50 +02:00
Rafał Miłecki
d8c59fa699 mac80211: brcm: update brcmfmac 5.4 patches
Use commits from wireless-drivers-next.git.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 8e466fb7e3)
2019-07-28 14:17:48 +02:00
Biwen Li
e0f468864b tfa-layerscape: fix create_pbl and byte_swap host build
- make create_pbl and byte_swap as host tools

- fix a bug that maybe use the cross compiler
to compile create_pbl and byte_swap:

	# -a option appends the image for Chassis 3 devices in case of non secure boot
	aarch64-openwrt-linux-musl-gcc -Wall -Werror -pedantic -std=c99 -O2
	 -DVERSION=v1.5(release):reboot-10604-ge9216b3336 -D_GNU_SOURCE -D_XOPEN_SOURCE=700
	 -c -o create_pbl.o create_pbl.c
	cc1: note: someone does not honour COPTS correctly, passed 0 times
	  LD      create_pbl
	/usr/bin/ld: create_pbl.o: Relocations in generic ELF (EM: 183)
	/usr/bin/ld: create_pbl.o: Relocations in generic ELF (EM: 183)
	/usr/bin/ld: create_pbl.o: Relocations in generic ELF (EM: 183)
	create_pbl.o: error adding symbols: File in wrong format
	collect2: error: ld returned 1 exit status
	Makefile:43: recipe for target create_pbl failed
	make[4]: *** [create_pbl] Error 1
	plat/nxp/tools/pbl_ch2.mk:45: recipe for target pbl failed
	make[3]: *** [pbl] Error 2

- add tfa- prefix to all tools in order to avoid future clashes with
  other toolnames

Signed-off-by: Biwen Li <biwen.li@nxp.com>
[added missing HOST_CFLAGS, added tfa- prefix to the tools]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 83d5ca2186)
2019-07-27 07:14:09 +02:00
Petr Štetiar
94e9084e1e tfa-layerscape: fix fiptool host build
fiptool is a host tool, used in a firmware generation pipeline, but it's
not treated as such, leading to the build breakage on the hosts which
don't have {Open,Libre}SSL dev package installed:

 In file included from fiptool.h:16:0,
                 from fiptool.c:19:
		 fiptool_platform.h:18:27: fatal error: openssl/sha.h:
		 No such file or directory
		  #  include <openssl/sha.h>

So this patch promotes fiptool into the host tool with proper host
include and library paths under STAGING_DIR.

Ref: https://github.com/openwrt/openwrt/pull/2267
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit b8249cef9f)
2019-07-27 07:13:59 +02:00
Jo-Philipp Wich
0a64b70e4e openwrt-keyring: update to Git HEAD
8080ef3 usign: add 19.07 release build pubkey
e24fe0d usign: use distro agnostic comments
251ded7 usign: fix filename of Stijn's usign key
14f0efc gpg: update snapshots public signing key
14f845b gpg: replace my public GPG key
4f735b8 gpg: add OpenWrt 19.07 signing key
228f8da gpg: add OpenWrt 18.06 v2 signing key
36057d9 gpg: update LEDE 17.01 public signing key
f2989ab Add my public GPG and usign key

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit e9216b3336)
2019-07-25 19:40:57 +02:00
Petr Štetiar
5100629e32 urngd: move project to git.openwrt.org
Let's move project to a proper place.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit bec8fb1ee7)
2019-07-22 09:53:01 +02:00
Petr Štetiar
f573d3de11 base-files: move urandom seed bits into separate package
So it's possible to install or remove it as needed.

Tested-by: Lucian Cristian <lucian.cristian@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 27bfde9c9f)
2019-07-22 09:53:01 +02:00
Petr Štetiar
81c5a5c4b3 ubox: move getrandom into separate getrandom package
So it's possible to install or remove it as needed.

Tested-by: Lucian Cristian <lucian.cristian@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 9b4de712ca)
2019-07-22 09:53:01 +02:00
Petr Štetiar
5082c1b204 urngd: add micro non-physical true RNG based on timing jitter
μrngd is OpenWrt's micro non-physical true random number generator based
on timing jitter.

Using the Jitter RNG core, the rngd provides an entropy source that
feeds into the Linux /dev/random device if its entropy runs low. It
updates the /dev/random entropy estimator such that the newly provided
entropy unblocks /dev/random.

The seeding of /dev/random also ensures that /dev/urandom benefits from
entropy. Especially during boot time, when the entropy of Linux is low,
the Jitter RNGd provides a source of sufficient entropy.

Acked-by: Jo-Philip Wich <jow@mein.io>
Tested-by: Lucian Cristian <lucian.cristian@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 714bd89fce)
2019-07-22 09:53:01 +02:00
Rafał Miłecki
bc0c0a5564 mac80211: brcm: backport first set of 5.4 brcmfmac changes
This doesn't include 9ff8614a3dbe ("brcmfmac: use separate Kconfig file
for brcmfmac") due to a few conflicts with backports changes.

An important change is:
[PATCH 2/7] brcmfmac: change the order of things in brcmf_detach()
which fixes a rmmod crash in the brcmf_txfinalize().

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit db8e08a5a4)
2019-07-21 16:24:41 +02:00
David Bauer
6d59f4eeb4 gpio-button-hotplug: unify polled and interrupt code
This patch unifies the polled and interrupt-driven gpio_keys code
paths as well implements consistent handling of the debounce
interval set for the GPIO buttons and switches.

Hotplug events will only be fired if

1. The input changes its state and remains stable for the duration
   of the debounce interval (default is 5 ms).

2. In the initial stable (no state-change for duration of the
   debounce interval) state once the driver module gets loaded.

   Switch type inputs will always report their stable state.
   Unpressed buttons will not trigger an event for the initial
   stable state. Whereas pressed buttons will trigger an event.
   This is consistent with upstream's gpio-key driver that uses
   the input subsystem (and dont use autorepeat).

Prior to this patch, this was handled inconsistently for interrupt-based
an polled gpio-keys. Hence this patch unifies the shared logic into the
gpio_keys_handle_button() function and modify both implementations to
handle the initial state properly.

The changes described in 2. ) . can have an impact on the
failsafe trigger. Up until now, the script checked for button
state changes. On the down side, this allowed to trigger the
failsafe by releasing a held button at the right time. On the
plus side, the button's polarity setting didn't matter.

Now, the failsafe will only engage when a button was pressed
at the right moment (same as before), but now it can
theoretically also trigger when the button was pressed the
whole time the kernel booted and well into the fast-blinking
preinit phase. However, the chances that this can happen are
really small. This is because the gpio-button module is usually
up and ready even before the preinit state is entered. So, the
initial pressed button event gets lost and most devices behave
as before.

Bisectors: If this patch causes a device to permanently go into
failsafe or experience weird behavior due to inputs, please
check the following:
 - the GPIO polarity setting for the button
 - the software-debounce value

Run-tested for 'gpio-keys' and 'gpio-keys-polled' on

 - devolo WiFi pro 1200e
 - devolo WiFi pro 1750c
 - devolo WiFi pro 1750x
 - Netgear WNDR4700
 - Meraki MR24
 - RT-AC58U

Signed-off-by: David Bauer <mail@david-bauer.net>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [further
cleanups, simplification and unification]
(cherry picked from commit 27f3f493de)
2019-07-19 17:04:30 +02:00
Petr Štetiar
074c8e296c gpio-button-hotplug: fix 4.19 build breakage on malta/be64
While testing 4.19 build on malta/be64, I've encountered following
error:

 gpio-button-hotplug/gpio-button-hotplug.c:529:18: error: implicit
 declaration of function 'gpio_to_desc'

which is caused by the missing include fixed by this patch.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit dd6d82112a)
2019-07-19 17:00:30 +02:00
Matt Merhar
c0a715f75e openvpn: fix handling of list options
This addresses an issue where the list option specified in
/etc/config/openvpn i.e. 'tls_cipher' would instead show up in the
generated openvpn-<name>.conf as 'ncp-ciphers'. For context,
'ncp_ciphers' appears after 'tls_cipher' in OPENVPN_LIST from
openvpn.options.

Also, the ordering of the options in the UCI config file is now
preserved when generating the OpenVPN config. The two currently
supported list options deal with cipher preferences.

Signed-off-by: Matt Merhar <mattmerhar@protonmail.com>
(cherry picked from commit 1d4c4cbd20)
2019-07-17 20:11:41 +02:00
Deng Qingfang
7a4acfce6d iptables: update to 1.8.3
Update iptables to 1.8.3

ChangeLog:
  https://netfilter.org/projects/iptables/files/changes-iptables-1.8.3.txt

Removed upstream patches:
- 001-extensions_format-security_fixes_in_libip.patch
- 002-include_fix_build_with_kernel_headers_before_4_2.patch
- 003-ebtables-vlan-fix_userspace_kernel_headers_collision.patch

Altered patches:
- 200-configurable_builtin.patch
- 600-shared-libext.patch

No notable size changes

Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [lipibtc ABI_VERSION fix]
(cherry picked from commit 299f6cb2da)
2019-07-17 13:13:11 +02:00
Rafał Miłecki
74b0b42fc6 libroxml: bump to the 3.0.2 version
* Fix for memory leak regression
* Support for (un)escaping

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 430d65c544)
2019-07-16 14:13:07 +02:00
Petr Štetiar
48662712b2 fstools: add direct dependencies on libblobmsg-json and libjson-c
The OpenWrt buildroot ABI version rebuild tracker does not handle
transient dependencies, therefore add all libraries linked by
block-mount and blockd as direct dependencies to the corresponding
binary package definition.

This ensures that block-mount and blockd is automatically rebuilt and
relinked if any of these libraries has its ABI_VERSION updated in the
future.

Fixes: FS#2373
[jow: similar fix for procd and 98.42% of commit message]
Signed-off-by: Jo-Philip Wich <jow@mein.io>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit cbae306815)
2019-07-15 00:48:13 +02:00
Yousong Zhou
1c3587cad9 busybox: strip off ALTERNATIVES spec
Now that busybox is a known alternatives provider by opkg, we remove the
ALTERNATIVES spec and add a note to make the implicit situation clear

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry-picked from commit 62be427067)
2019-07-12 09:17:34 +00:00
Yousong Zhou
8936bdb269 opkg: bump to version 2019-06-14
Opkg starting from this version special-cases busybox as alternatives
provider.  There should be no need to add entries to ALTERNATIVES of
busybox package

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry-picked from commit e51b513f75)
2019-07-12 09:17:16 +00:00
Hauke Mehrtens
87457ad81b mac80211: Do not build b43legacy on BRCM47xx mips74 subtarget
b43legacy needs ssb support and we do not compile the mips74 subtarget
of the brcm47xx target with SSB support. This causes a build failure in
the mac80211 package and only some of the kernel modules are being
created.

I am not aware of any device with a BRCM47xx mips74 CPU which uses a
b43legacy compatible device.

Fixes: FS#2334
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit e05310b9b8)
2019-07-12 01:27:16 +02:00
Adrian Schmutzler
65034359ee base-files: Fix path check in get_mac_binary
Logic was inverted when changing from string check to file check.
Fix it.

Fixes: 8592602d0a ("base-files: Really check path in get_mac_binary")
Reported-by: Matthias Schiffer <mschiffer@universe-factory.net>
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 6ed3349308)
2019-07-09 23:08:10 +02:00
Hauke Mehrtens
411e42cdc6 wolfssl: Fix package hash
Fixes: 3167a57f72 ("wolfssl: update to 3.15.7, fix Makefile")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-07-08 16:56:38 +02:00
Konstantin Demin
5ef6c20183 netsupport: move out mqprio from kmod-sched
Currently, there's unable to install "kmod-sched-mqprio" after
"kmod-sched" (or vice versa), because "sch_mqprio.ko" is
shipped in both packages.

Fixes: f83522fa63 ("linux: Add kmod-sched-mqprio")
Fixes: 6af639e0bf ("linux: Add kmod-sched-act-vlan")
Fixes: 72c7e2dc46 ("linux: Add kmod-sched-flower")
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
[Add cls_flower and act_vlan]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-07-08 16:28:27 +02:00
Eneas U de Queiroz
3167a57f72 wolfssl: update to 3.15.7, fix Makefile
This includes a fix for a medium-level potential cache attack with a
variant of Bleichenbacher’s attack.  Patches were refreshed.
Increased FP_MAX_BITS to allow 4096-bit RSA keys.
Fixed poly1305 build option, and some Makefile updates.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 2792daab5a)
2019-07-08 12:41:20 +01:00
Adrian Schmutzler
cd4fcd46f1 base-files: Really check path in get_mac_binary
Currently, path argument is only checked for being not empty.

This changes behavior to actually check whether path exists.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-07-05 22:30:22 +02:00
Karel Kočí
4a7a8d93fa fstools: block-mount: fix restart of fstab service
Restarting service causes file-systems to be unmounted without being
mounted back. When this service was obsoleted it should have been
implemented in a way that all actions are ignored. Up to this commit
default handler was called when restart was requested. This default
handler just simply calls stop and start. That means that stop called
unmount but start just printed that this service is obsoleted.

This instead implements restart that just prints same message like start
does. It just calls start in reality. This makes restart unavailable for
call.

Signed-off-by: Karel Kočí <karel.koci@nic.cz>
(cherry picked from commit 3ead9e7b74)
2019-06-28 22:03:44 +02:00
Vladimir Vid
6c9a744588 mvebu: fix regression for non-generic ESPRESSObin versions
When targets for multiple ESPRESSObin devices were added, not all
files were updated which means any ESPRESSObin version beside generic
won't have proper networking, sysupgrade and uboot-env. This patch
fixes the issue.

* fixup network detection
* fixup uboot-env
* fixup platform.sh for sysupgrade

Signed-off-by: Vladimir Vid <vladimir.vid@sartura.hr>
(cherry picked from commit bc47285cb3)
2019-06-28 21:52:57 +02:00
Bjørn Mork
9deef062a4 base-files: use OPENWRT prefix for os-release variables
Just stumbled across this LEDE legacy, without finding any real reason
to keep it.  There is a single LEDE_DEVICE_MANUFACTURER_URL dependency
in the luci feed repo which needs to be syncronized.

Signed-off-by: Bjørn Mork <bjorn@mork.no>
[re-added missing commit message]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 8a34a54b6a)
2019-06-27 17:17:24 +02:00
Koen Vandeputte
096a67796a uqmi: bump to latest git HEAD
1965c7139374 uqmi: add explicit check for message type when expecting a response
01944dd7089b uqmi_add_command: fixed command argument assignment

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit 47986dc6ea1d643cd348501da09cd2e3ee2f9ee1)
2019-06-27 14:17:48 +02:00
Stefan Lippers-Hollmann
69b988c994 mac80211: update WDS/4addr fix to the version accepted upstream
This updates "{nl,mac}80211: allow 4addr AP operation on crypto
controlled devices" to the version (v3), which was accepted into
upstream mac80211.git and which is tagged for -stable backporting
(v4.18+).

https://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211.git/commit/?id=33d915d9e8ce811d8958915ccd18d71a66c7c495

Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[format-patch]
2019-06-22 13:19:38 +02:00
Kevin Darbyshire-Bryant
2cb8ae2079 iproute2: update ctinfo support
Follow upstream changes - header file changes only
no functional or executable changes, hence no package bump
required

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit a8f0c02f80)
2019-06-20 21:18:46 +01:00
Robinson Wu
4e925d0b82 base-files: fix uci led oneshot/timer trigger
This patch adds a missing type property which prevented
the creation of oneshot and timer led triggers when they
are specified in the /etc/board.d/01_leds files.

i.e.:

ucidef_set_led_timer "system" "system" "zhuotk:green:system" "1000" "1000"

Fixes: b06a286a48 ("base-files: cleanup led functions in uci-defaults.sh")
Signed-off-by: Robinson Wu <wurobinson@qq.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-06-20 20:09:21 +02:00
Rafał Miłecki
c52054e568 mac80211: brcm: backport remaining brcmfmac 5.2 patches
This improves FullMAC firmware compatibility, adds logging in case of
firmware crash and *may* fix "Invalid packet id" errors.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 8888cb725d)
2019-06-16 22:05:54 +02:00
Christian Lamparter
158a716215 mac80211: refresh patches
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-06-15 19:52:03 +02:00
Christian Lamparter
78049d448c iwinfo: update PKG_MIRROR_HASH
This patch updates the PKG_MIRROR_HASH to match the one
of the current version.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-06-15 19:10:28 +02:00
Sven Eckelmann
5913543190 ath10k-ct: adjust tx power reduction for US regulatory domain
FCC allows maximum antenna gain of 6 dBi. 15.247(b)(4):

> (4) The conducted output power limit
> specified in paragraph (b) of this section
> is based on the use of antennas
> with directional gains that do not exceed
> 6 dBi. Except as shown in paragraph
> (c) of this section, if transmitting
> antennas of directional gain greater
> than 6 dBi are used, the conducted
> output power from the intentional radiator
> shall be reduced below the stated
> values in paragraphs (b)(1), (b)(2),
> and (b)(3) of this section, as appropriate,
> by the amount in dB that the
> directional gain of the antenna exceeds
> 6 dBi.

https://www.gpo.gov/fdsys/pkg/CFR-2013-title47-vol1/pdf/CFR-2013-title47-vol1-sec15-247.pdf

Signed-off-by: Sven Eckelmann <sven@narfation.org>
2019-06-15 00:40:25 +02:00
Sven Eckelmann
f1d4da3029 ath10k-ct: fix max antenna gain unit
Most of the txpower for the ath10k firmware is stored as twicepower (0.5 dB
steps). This isn't the case for max_antenna_gain - which is still expected
by the firmware as dB.

The firmware is converting it from dB to the internal (twicepower)
representation when it calculates the limits of a channel. This can be seen
in tpc_stats when configuring "12" as max_antenna_gain. Instead of the
expected 12 (6 dB), the tpc_stats shows 24 (12 dB).

Tested on QCA9888 and IPQ4019 with firmware 10.4-3.5.3-00057.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
2019-06-15 00:40:25 +02:00
Sven Eckelmann
06222ce73e mac80211: ath10k: adjust tx power reduction for US regulatory domain
FCC allows maximum antenna gain of 6 dBi. 15.247(b)(4):

> (4) The conducted output power limit
> specified in paragraph (b) of this section
> is based on the use of antennas
> with directional gains that do not exceed
> 6 dBi. Except as shown in paragraph
> (c) of this section, if transmitting
> antennas of directional gain greater
> than 6 dBi are used, the conducted
> output power from the intentional radiator
> shall be reduced below the stated
> values in paragraphs (b)(1), (b)(2),
> and (b)(3) of this section, as appropriate,
> by the amount in dB that the
> directional gain of the antenna exceeds
> 6 dBi.

https://www.gpo.gov/fdsys/pkg/CFR-2013-title47-vol1/pdf/CFR-2013-title47-vol1-sec15-247.pdf

Signed-off-by: Sven Eckelmann <sven@narfation.org>
2019-06-15 00:40:25 +02:00
Sven Eckelmann
af76c19d53 mac80211: ath10k: fix max antenna gain unit
Most of the txpower for the ath10k firmware is stored as twicepower (0.5 dB
steps). This isn't the case for max_antenna_gain - which is still expected
by the firmware as dB.

The firmware is converting it from dB to the internal (twicepower)
representation when it calculates the limits of a channel. This can be seen
in tpc_stats when configuring "12" as max_antenna_gain. Instead of the
expected 12 (6 dB), the tpc_stats shows 24 (12 dB).

Tested on QCA9888 and IPQ4019 with firmware 10.4-3.5.3-00057.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
2019-06-15 00:40:25 +02:00
Sven Eckelmann
918f4c8887 mac80211: ath9k: Increase allowed antenna gain to 6 dBi
FCC allows maximum antenna gain of 6 dBi. 15.247(b)(4):

> (4) The conducted output power limit
> specified in paragraph (b) of this section
> is based on the use of antennas
> with directional gains that do not exceed
> 6 dBi. Except as shown in paragraph
> (c) of this section, if transmitting
> antennas of directional gain greater
> than 6 dBi are used, the conducted
> output power from the intentional radiator
> shall be reduced below the stated
> values in paragraphs (b)(1), (b)(2),
> and (b)(3) of this section, as appropriate,
> by the amount in dB that the
> directional gain of the antenna exceeds
> 6 dBi.

Signed-off-by: Sven Eckelmann <sven@narfation.org>
2019-06-15 00:40:25 +02:00
Koen Vandeputte
f96fbf0328 iwinfo: update to latest git HEAD
1372f47eff34 iwinfo: Add Mikrotik R11e-5HnDr2

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-06-12 16:05:42 +02:00