Commit Graph

45808 Commits

Author SHA1 Message Date
DENG Qingfang
394273c066 tcpdump: update to 4.9.3
Fixed CVEs:
	CVE-2017-16808
	CVE-2018-10103
	CVE-2018-10105
	CVE-2018-14461
	CVE-2018-14462
	CVE-2018-14463
	CVE-2018-14464
	CVE-2018-14465
	CVE-2018-14466
	CVE-2018-14467
	CVE-2018-14468
	CVE-2018-14469
	CVE-2018-14470
	CVE-2018-14879
	CVE-2018-14880
	CVE-2018-14881
	CVE-2018-14882
	CVE-2018-16227
	CVE-2018-16228
	CVE-2018-16229
	CVE-2018-16230
	CVE-2018-16300
	CVE-2018-16301
	CVE-2018-16451
	CVE-2018-16452
	CVE-2019-15166
	CVE-2019-15167

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2019-10-12 23:37:00 +02:00
DENG Qingfang
44f11353de libpcap: update to 1.9.1
Fixed CVEs:
	CVE-2018-16301
	CVE-2019-15161
	CVE-2019-15162
	CVE-2019-15163
	CVE-2019-15164
	CVE-2019-15165

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2019-10-12 23:37:00 +02:00
Hauke Mehrtens
ace1bfb554 mvebu: Refresh kernel 4.19 configuration
This refreshes the kernel 4.19 configuration, it looks like this was not
done initially.

When did a compile with the default settings I had to select some
kernel configuration options.

Fixes: 98684d99b2 ("mvebu: add kernel 4.19 support")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-10-12 23:37:00 +02:00
Hauke Mehrtens
e901ce6f0e kernel: Set GCC version to 80300 by default
The kernel 4.19 configuration contains the GCC version used, set it to
8.3.0 as this is now our default compiler.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-10-12 22:38:02 +02:00
Hauke Mehrtens
9caa86fba5 kernel: kmod-rtc-pcf2127: Fix dependencies
Add missing dependencies to i2c-core and regmap-spi. These get activated
when these modules are build in this driver, which is the case when we
build all modules. This fixes the build on some targets. This was found
by the buildbot.

Fixes: 34e2526f9f ("kernel: add kmod-rtc-pcf2127")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-10-12 22:36:23 +02:00
Moritz Warning
c3ffb0e7d5
brcm47xx: split up DEVICE_TITLE
DEVICE_TITLE is split up into DEVICE_VENDOR, DEVICE_MODEL and DEVICE_VARIANT

Signed-off-by: Moritz Warning <moritzwarning@web.de>
2019-10-12 01:43:07 +02:00
Moritz Warning
f3c21d1517
omap: split up DEVICE_TITLE
DEVICE_TITLE is split up into DEVICE_VENDOR, DEVICE_MODEL and DEVICE_VARIANT

Signed-off-by: Moritz Warning <moritzwarning@web.de>
2019-10-12 01:22:46 +02:00
Petr Štetiar
36c6f4a011 libnl-tiny: fix package mirror hash
Current hash doesn't match with the content of the source tarball.

Fixes: a92f74ba8d ("libnl-tiny: move source code into separate Git repository")
Reported-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-10-11 22:48:06 +02:00
Felix Fietkau
33dd522f24 build: fix menuconfig submenu sorting for gcc options
The hidden symbol GCC_USE_IREMAP was breaking it, move it to Config.version
instead

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-10-11 10:37:08 +02:00
Felix Fietkau
7a8bcf36c7 mt76: update to the latest version
71c2ef0420b5 mt76: fix aggregation stop issue
5b02a078d4a7 mt76: add missing locking around ampdu action
7d8764d320cf mt76: avoid enabling interrupt if NAPI poll is still pending
d94cc81d3980 mt76: drop rcu read lock in mt76_rx_aggr_stop
c11a4ad06d9d mt76: mt76x0: eeprom: add support for MAC address from OF
01642d8bed33 mt76: mt76x02: fix use-after-free in tx status code handling airtime
391e1488f885 mt76: add sanity check for a-mpdu rx wcid index
d3a589586d1b mt76: fix a-mpdu boundary detection issue for airtime reporting

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-10-10 23:10:01 +02:00
Hans Dedecker
f8b58757d0 ppp: update to version 2.4.7.git-2019-10-04
0d004db Revert "pppd: Include time.h before using time_t"
e400854 pppdump: Eliminate printf format warning by using %zd
7f2f0de pppd: Refactor setjmp/longjmp with pipe pair in event wait loop
4e71317 make: Avoid using host include for cross-compiling
3202f89 pppoe: Remove the use of cdefs
d8e8d7a pppd: Remove unused rcsid variables
486f854 pppd: Fix GLIBC version test for non-glibc toolchains
b6cd558 pppd: Include time.h before using time_t
ef8ec11 radius: Fix compiler warning
f6330ec magic: Remove K&R style of arguments
347904e Add Submitting-patches.md

Remove patches 130-no_cdefs_h.patch, 131-missing_prototype_macro.patch,
132-fix_linux_includes.patch as fixed upstream
Refresh patches

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-10-10 22:37:10 +02:00
Felix Fietkau
46a129194d build: adjust gcc/g++ version checks for newer apple compilers
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-10-10 13:43:04 +02:00
Stefan Lippers-Hollmann
f690b6f472 mac80211: fix scan when operating on DFS channels in ETSI domains
In non-ETSI regulatory domains scan is blocked when operating channel
is a DFS channel. For ETSI, however, once DFS channel is marked as
available after the CAC, this channel will remain available (for some
time) even after leaving this channel.

Therefore a scan can be done without any impact on the availability
of the DFS channel as no new CAC is required after the scan.

Enable scan in mac80211 in these cases.

Signed-off-by: Aaron Komisar <aaron.komisar@tandemg.com>
Link: https://lore.kernel.org/r/1570024728-17284-1-git-send-email-aaron.komisar@tandemg.com
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
2019-10-09 21:00:02 +02:00
Klaus Kudielka
3a4f587c46 base-files: upgrade: add case to export_bootdevice
The factory uboot of the Turris Omnia boots with "root=b301", and we
instruct new users to sysupgrade from there (e.g. method 1, step 7).
Currently, this will fail with "Unable to determine upgrade device".
Add a new case to export_bootdevice, which parses the hex argument.

Fixes commit 2e5a0b81 ("mvebu: sysupgrade: sdcard: keep user added ...")

Signed-off-by: Klaus Kudielka <klaus.kudielka@gmail.com>
2019-10-09 21:00:02 +02:00
Oldřich Jedlička
e0ce80d42a kernel: Fix off-by-one error in FIT mtd partition search.
This fixes off-by-one error introduced in commit dc76900021
("kernel: Correctly search for the FIT image in mtd partition.")

Function `mtd_read` starts reading at `offset` and
needs `hdr_len` number of bytes to be available. Suppose
the easiest case when `offset` is `0` and `hdr_len` equals
to `mtd->size` - the `for` loop will not be entered even
when enough bytes are available to be read.

Same happens for any non-zero `offset`, when `hdr_len` is
just enough bytes to be read until `mtd->size` is reached.
Imagine that for example `mtd->size=5`, `offset=4` and
`hdr_len=1`. Then `offset+hdr_len=5` and the check has to
be `offset+hdr_len <= mtd->size`, i.e. `5 <= 5`. The
check for `offset + hdr_len` value needs to be inclusive,
therefore use `<=`.

Fixes: dc76900021 ("kernel: Correctly search for the FIT image in mtd partition.")
Signed-off-by: Oldřich Jedlička <oldium.pro@gmail.com>
[adjusted commit ref, fixes tag]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-10-09 14:45:25 +02:00
Paul Spooren
4ed356fa71 kernel.mk: add KCFLAGS to make kmods reproducible
Some kmods (gpio-hotplug, wireguard) store the build path in the
compiled files and therefore make it harder to rebuild the official
binaries. As the same "iremap" function is used as for other binaries,
the change is compatible with gcc7 and 8.

Tested with both gcc7 and gcc8 resulting in build path independent
reproducible builds.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2019-10-09 09:13:44 +02:00
Paul Spooren
d509463816 toolchain/gcc: switch to version 8 by default
Main motivation for this commit is the introduction of
`-ffile-prefix-map=` which alows reproducible build path.

Compile tested on Linux and macOS without errors on the following
targets:

 * ath79
 * imx6
 * brcm2708
 * brcm63xx
 * ixp4xx
 * ramips
 * sunxi
 * x86

Thanks to Andre for the iremap fixup.

Ref: https://reproducible-builds.org/docs/build-path/
Tested-by: Andre Heider <a.heider@gmail.com>
Tested-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Signed-off-by: Paul Spooren <mail@aparcar.org>
[refactored into separate commit]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-10-09 09:13:44 +02:00
Paul Spooren
419eff50f9 config: remove unused GCC_VERSION_4_8 config symbols
Lets remove unused GCC_VERSION_4_8 symbol after the series of patches
which has switched to target gcc-8 by default.

Signed-off-by: Paul Spooren <mail@aparcar.org>
[refactored into separate commit]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-10-09 09:13:44 +02:00
Paul Spooren
bd4d3cd101 toolchain,build: prefer -ffile-prefix-map for gcc-8+
-ffile-prefix-map=OLD=NEW is an alias for both -fdebug-prefix-map and
-fmacro-prefix-map and is available since GCC 8.

Co-Developed-by: Andre Heider <a.heider@gmail.com>
Signed-off-by: Andre Heider <a.heider@gmail.com>
Signed-off-by: Paul Spooren <mail@aparcar.org>
[refactored into separate commit]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-10-09 09:13:44 +02:00
Paul Spooren
a9e4e595e1 openssl: add gcc-8 -ffile-prefix-map filter
gcc-8 switch -ffile-prefix-map helps a lot with reproducible build paths
in the resulting binaries.

Ref: https://reproducible-builds.org/docs/build-path/
Signed-off-by: Paul Spooren <mail@aparcar.org>
[refactored into separate commit]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-10-09 09:13:44 +02:00
Martin Schiller
b204fcdb07 target/imagebuilder: use multi-thread support for xz compression
This speeds up the packing of the imagebuilder a lot:

 imagebuilder-T0.tar.xz real 0m25.199s user 2m45.967s sys 0m1.218s
 imagebuilder-T1.tar.xz real 2m02.543s user 2m02.418s sys 0m1.653s
 imagebuilder-T2.tar.xz real 1m03.684s user 1m59.931s sys 0m0.587s
 imagebuilder-T3.tar.xz real 0m48.033s user 2m02.904s sys 0m0.637s
 imagebuilder-T4.tar.xz real 0m38.963s user 2m15.521s sys 0m0.783s
 imagebuilder-T5.tar.xz real 0m37.994s user 2m21.461s sys 0m0.919s
 imagebuilder-T6.tar.xz real 0m39.524s user 2m48.115s sys 0m1.279s
 imagebuilder-T7.tar.xz real 0m34.061s user 2m45.097s sys 0m1.174s
 imagebuilder-T8.tar.xz real 0m27.286s user 2m55.449s sys 0m1.329s
 imagebuilder-T9.tar.xz real 0m25.205s user 2m44.894s sys 0m1.208s

To keep the output reproducible in any case, we enforce a minimum amount
of 2 threads.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
[refactored into reusable NPROC var, more verbose commit message]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-10-09 09:13:44 +02:00
Petr Štetiar
a92f74ba8d libnl-tiny: move source code into separate Git repository
In order to make the source code usable and testable separately out of
buildroot.

Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Jo-Philipp Wich <jo@mein.io>
Acked-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-10-09 09:13:44 +02:00
Josef Schlehofer
700e7a2eb9 tools/e2fsprogs: Update to version 1.45.4
Fixes CVE-2019-5094

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2019-10-08 21:51:08 +02:00
Felix Fietkau
9c033242b1 mac80211: add an improved moving average algorithm to minstrel
Improves rate control responsiveness and performance

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-10-08 19:34:45 +02:00
Koen Vandeputte
8184429b7b kernel: bump 4.19 to 4.19.78
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-08 15:51:06 +02:00
Koen Vandeputte
4648533ca4 kernel: bump 4.14 to 4.14.148
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-08 15:51:06 +02:00
Koen Vandeputte
f516ce3b10 kernel: bump 4.9 to 4.9.196
Refreshed all patches.

Compile-tested on: none
Runtime-tested on: none

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-08 15:51:06 +02:00
Koen Vandeputte
8e197c7af2 kernel: bump 4.19 to 4.19.77
Refreshed all patches.

Remove upstreamed:
- 110-ARM-zynq-Use-memcpy_toio-instead-of-memcpy.patch

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-08 12:44:35 +02:00
Koen Vandeputte
9b04a7576b kernel: bump 4.14 to 4.14.147
Refreshed all patches.

Altered patches:
- 403-mtd_fix_cfi_cmdset_0002_status_check.patch (ar71xx)
- 403-mtd_fix_cfi_cmdset_0002_status_check.patch (ath79)

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-08 12:44:35 +02:00
Koen Vandeputte
65fad9fec5 kernel: bump 4.9 to 4.9.195
Refreshed all patches.

Compile-tested on: none
Runtime-tested on: none

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-08 12:44:35 +02:00
Adrian Schmutzler
273a6cb562 ath79: improve DTS for TP-Link Archer D50 v1
This addresses several issues in the DTS file:
- add diag LED support
- remove unused node names
- fix whitespace issues

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-10-06 22:42:30 +02:00
Davide Fioravanti
67d019ac94 ramips: enable LED VCC for Asus RT-AC51U
Previously only the power LED was working.
With this patch all leds except 5GHz are working.

Signed-off-by: Davide Fioravanti <pantanastyle@gmail.com>
[rephrased commit title, drop status property]
Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-06 21:28:49 +02:00
Adrian Schmutzler
929becbc2d ath79: fix whitespace issues in DTS files
This is the result of grepping/searching for several common
whitespace issues like double empty lines, leading spaces, etc.

This patch fixes them for the ath79 target.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-10-06 21:28:49 +02:00
Adrian Schmutzler
794d4b6652 treewide: remove kmod-usb-core from DEVICE_PACKAGES
This removes _all_ occurrences of kmod-usb-core from
DEVICE_PACKAGES and similar variables.

This package is pulled as dependency by one of the following
packages in any case:
- kmod-usb-chipidea
- kmod-usb-dwc2
- kmod-usb-ledtrig-usbport
- kmod-usb-ohci
- kmod-usb2
- kmod-usb2-pci
- kmod-usb3

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
[remove kmod-usb-core from EnGenius ESR600]
Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-06 21:28:49 +02:00
Andre Heider
3b874c2c81 sunxi: update kernel config
This is just a `make kernel_oldconfig` run without further changes.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2019-10-06 21:28:49 +02:00
Josef Schlehofer
b4af2c689f expat: Update to version 2.2.9
Fixes CVE-2019-15903

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2019-10-06 21:28:49 +02:00
David Bauer
97c37f8dd0 mac80211: ath10k: fix latency issue for QCA988x
This backport fixes high latency (>100ms) on the WiFi link when using a
QCA988x Wave 1 radio. The ath10k-ct driver is not affected by this bug
from my testing, hence why it hasn't been discovered earlier.

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-06 21:28:49 +02:00
Robert Marko
34e2526f9f kernel: add kmod-rtc-pcf2127
Add kernel module to support NXP PCF2127 and PCF2129 RTC clocks.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2019-10-06 21:26:11 +02:00
Hans Dedecker
27bf8abe69 firewall: update to latest git HEAD
daed0cf utils: fix resource leak

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-10-04 20:42:26 +02:00
Hans Dedecker
1ed5c1b146 odhcpd: update to latest git HEAD
e76ad06 netlink: fix potential infinite loops

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-10-04 20:42:17 +02:00
Koen Vandeputte
7449a39c0e kernel: bump 4.19 to 4.19.76
Refreshed all patches.

Altered patches:
- 403-mtd_fix_cfi_cmdset_0002_status_check.patch

Compile-tested on: ath79, cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-04 15:48:28 +02:00
Rafał Miłecki
fedc5b65dc bcm53xx: fix serial console on Luxul XWC-2000
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-10-04 15:46:23 +02:00
Rafał Miłecki
64b7dbb300 bcm53xx: fix sysupgrade for Luxul XWC-2000
Use a correct "compatible" value as in the upstream DTS file.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-10-04 11:41:32 +02:00
Rafał Miłecki
06091afada bcm53xx: add pending patch adding Luxul XWC-2000 DTS file
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-10-04 10:07:00 +02:00
Hauke Mehrtens
9a4fb78e7c iw: Update to version 5.3
Wifi HE (ieee80211ax) parsing is currently only activated in the full
version because it increases the compressed size by 2.5KBytes.

This also activates link time optimization (LTO) again, the problem was
fixed upstream

This increases the uncompressed binary size of iw-tiny by about 1.7%

old:
34446 iw_5.0.1-1_mipsel_24kc.ipk
new:
35064 iw_5.3-1_mipsel_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-10-03 17:59:19 +02:00
Paul Spooren
4791afa734 kernel-defaults: ensure SOURCE_DATE_EPOCH on /init
This is a follow up of 8cb13f4e6d which sets the right timestamp for the
/init file in initramfs. The previous patch doesn't cover it as the
files appear to come from a later step during compilation.

CC: Alexander Couzens <lynxis@fe80.eu>

Signed-off-by: Paul Spooren <mail@aparcar.org>
2019-10-02 17:11:44 +02:00
Felix Fietkau
9f07d1519c grub2: fix a build regression on non-linux systems
Merge an upstream commit to correct a missing rename in generic code

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-10-02 13:16:21 +02:00
Felix Fietkau
5f8e587240 build: force disable stack validation during kernel build on non-linux systems
The check for libelf in the kernel build is not enough, because the code that
uses libelf for stack validation is completely non-portable, as it tries to
include asm/types.h and relies on kernel types in user space.

Until this is fixed properly, the only solution is to disable this on any non
Linux build host

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-10-02 12:55:40 +02:00
Daniel Golle
0714a11bee mac80211: rt2x00: backport 'rt2x00: initialize last_reset'
https://patchwork.kernel.org/patch/11161981/
--
From: Stanislaw Gruszka <sgruszka@redhat.com>
Subject: [PATCH] rt2x00: initialize last_reset

Initialize last_reset variable to INITIAL_JIFFIES, otherwise it is not
possible to test H/W reset for first 5 minutes of system run.

Fixes: e403fa31ed71 ("rt2x00: add restart hw")
Reported-and-tested-by: Jonathan Liu <net147@gmail.com>
Signed-off-by: Stanislaw Gruszka <sgruszka@redhat.com>
--

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-10-01 15:54:53 +02:00
Hans Dedecker
6077cde98a ethtool: bump to 5.3
76c4682 Release version 5.3.
3870efc ethtool: dump nested registers
7c06fa8 gitignore: ignore vim swapfiles and patches
49d1401 ethtool: igb: dump RR2DCDELAY register

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-09-30 21:53:35 +02:00