Changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2
This release of Mbed TLS provides bug fixes and minor enhancements. This
release includes fixes for security issues.
Fixes the following CVEs:
* CVE-2022-46393: Fix potential heap buffer overread and overwrite in
DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and
MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.
* CVE-2022-46392: An adversary with access to precise enough information
about memory accesses (typically, an untrusted operating system
attacking a secure enclave) could recover an RSA private key after
observing the victim performing a single private-key operation if the
window size used for the exponentiation was 3 or smaller.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2cffe0c44e62 treewide: correctly apply IFNAMSIZ limit
96bcbb2e4eb6 wireless: allow set_retry ubus notify command to trigger a wdev restart
a2e8cd75dbf6 wireless: add support for disabling multicast-to-unicast per virtual interface
e9f44189ade7 system: move netdev types to system-linux.c where they are used
a3fab0119ef1 utils: include utils.h last
7ce73fc16765 vlandev: propagate topology changes
81c1fbcba2f2 device: fix vlan device issues with disappearing lower devices
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This adds the target label also to changes in packages which are target
specific like the boot loader of a target or some drivers which are only
use on one target.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This variant uses xiaomi factory u-boot and modified u-boot-env &
bootcmd.
By modifying uboot-env, the xiaomi firmware recovery provided in
the vendor u-boot doesn't work anymore. It's possible to put
u-boot into a state where it refuese to take any serial input.
If the u-boot is in this state, users can't restore their
firmware without taking the flash off the board.
We now have a -stock variant where the vendor u-boot is used in
a way that xiaomi firmware recovery still works, and a -ubootmod
variant where we get rid of all xiaomi components, have more
usable space and no uart console lock. These two should cover all
use cases and we don't need this variant anymore.
Drop this redmi-ax6000 variant. Existing users of this variant
should perform a u-boot mod or restore to the -stock layout.
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
The libraries libpthread, libdl, libutil, libanl have been integrated
into the libc library in version 2.34. it is not needed to explicitly
link them any more.
Most of the functions have been moved from the librt.so into libc.so
some time ago already.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The target was disabled since noone did the DSA conversion. Add the
conversion and enable it again.
Tested-by: John Walshaw <jjw@myself.com>
Signed-off-by: Bjoern Dobe <bjoern@dobecom.de>
Signed-off-by: Nick Hainke <vincent@systemli.org>
It has been brought to my attention that recently added WCN6855 firmware
is broken as it is getting stripped during building due to being 2 ELF
binaries.
I am sure WCN6750 and any other ELF binaries are having the same issue,
so since stripping firmware binaries is clearly unwanted disable it.
Fixes: b4d3694f81 ("linux-firmware: package ath11k consumer cards firmware")
Signed-off-by: Robert Marko <robimarko@gmail.com>
U-Boot flash instructions:
0. OpenWrt U-Boot does not support stock layout, it comes with recovery
boot support, automatic tftp recovery and never blocks UART.
A new flash layout is introduced, we call it OpenWrt U-Boot layout,
stock flash layout and the old OpenWrt layout are not supported.
During the whole flash procedure, please do not reboot or power off
unless requested explicitly, or you will break your device.
1. Your device should already running OpenWrt.
If not, follow the instructions to flash OpenWrt:
https://github.com/openwrt/openwrt/pull/11115
2. Backup BL2 Nvram Bdata Factory and FIP in case you break something or
in case you want to go back to stock firmware one day.
cat /dev/mtdblock0 > /tmp/BL2.bin
cat /dev/mtdblock1 > /tmp/Nvram.bin
cat /dev/mtdblock2 > /tmp/Bdata.bin
cat /dev/mtdblock3 > /tmp/Factory.bin
cat /dev/mtdblock4 > /tmp/FIP.bin
And save all whose bin files to somewhere safe.
Then backup your configurations, since ubiformat for entire mtd device is
required to create new ubootenv volume for OpenWrt U-Boot.
3. Run the following cmd to boot into an initramfs with the new OpenWrt
U-Boot layout that expand ubi partion to the end of flash:
ubiformat /dev/mtd7 -y -f /tmp/ax6000-ubootmod-initramfs-factory.ubi
4. After boot into initramfs, check mtd partion info.
The ubi partion should be mtd5
root@OpenWrt:~# cat /proc/mtd
dev: size erasesize name
mtd0: 00100000 00020000 BL2
mtd1: 00040000 00020000 Nvram
mtd2: 00040000 00020000 Bdata
mtd3: 00200000 00020000 Factory
mtd4: 00200000 00020000 FIP
mtd5: 07a80000 00020000 ubi
5. Load kmod-mtd-rw to temporarily make the bootloader partions writable.
The kmod-mtd-rw is from the feeds, it is not packed in initramfs-factory
by default.
To install kmod-mtd-rw via opkg:
opkg update && opkg install kmod-mtd-rw
Or, download kmod-mtd-rw.ipk from OpenWrt server and install it manually
e.g:
https://downloads.openwrt.org/snapshots/targets/mediatek/filogic/kmods/
Select your OpenWrt release version and kernel version accordingly.
Load kmod-mtd-rw:
insmod /lib/modules/$(uname -r)/mtd-rw.ko i_want_a_brick=1
6. Run the following cmd to clean all pending crash dumps in pstore,
or OpenWrt U-Boot may boot into NAND recovery or tftp recovery.
rm -f /sys/fs/pstore/*
7. Format ubi and create new ubootenv volume:
ubidetach -p /dev/mtd5; ubiformat /dev/mtd5 -y; ubiattach -p /dev/mtd5
ubimkvol /dev/ubi0 -n 0 -N ubootenv -s 128KiB
ubimkvol /dev/ubi0 -n 1 -N ubootenv2 -s 128KiB
8. This is optional. Skip this if you do not want to have NAND recovery
boot feature offered by OpenWrt U-Boot. Don't worry, you always have
automatic tftp recovery feature enabled.
ubimkvol /dev/ubi0 -n 2 -N recovery -s 10MiB
ubiupdatevol /dev/ubi0_2 /tmp/ax6000-ubootmod-initramfs-recovery.itb
9. Now, flash new U-Boot. Bye-bye ugly stock U-Boot.
mtd write /tmp/ax6000-ubootmod-preloader.bin BL2
mtd write /tmp/ax6000-ubootmod-bl31-uboot.fip FIP
10. Flash the squashfs-sysupgrade.bin as usual:
sysupgrade -n /tmp/ax6000-ubootmod-squashfs-sysupgrade.itb
Enjoy!
Signed-off-by: Furong Xu <xfr@outlook.com>
This new layout is only bootable with OpenWrt U-Boot. It reuses the
two crash partions and expands the ubi partion to the end of whole flash.
Do not use this layout with stock U-Boot!
Signed-off-by: Furong Xu <xfr@outlook.com>
ZyXEL GS1900 devices with SoCs from both the RTL838x and RTL839x
families share the same image structure and size of the firmware
partition. Additionally, the GS1900-48 recipe provided a parameter for
the zyxel-vers command, but this parameter is not used. Deduplicate the
recipes by moving it to target/linux/realtek/image/common.mk.
Signed-off-by: Sander Vanheule <sander@svanheule.net>
The listed partition size doesn't match the original partition size, and
actually overlaps with the following partition. The partition node name
for the "firmware" partition also has an extra 'b' compared to the
partition offset.
Fixes: 47f5a0a3ee ("realtek: Add support for ZyXEL GS1900-48 Switch")
Signed-off-by: Sander Vanheule <sander@svanheule.net>
The GS1900-48 firmware image is identified by the 'AAHN' ID, while the
GS1900-48HP is identified by 'AAHO' [1]. The latter was used, resulting
in the following error message when upgrading via the stock web UI:
Device only can support firmware from V1.00(AAHN.0) and later version
Fix image generation by using the correct ID.
[1] https://download.zyxel.com/GS1900-48/firmware/GS1900-48_2.70(AAHN.3)C0_2.pdf
Link: https://forum.openwrt.org/t/146533
Fixes: 47f5a0a3ee ("realtek: Add support for ZyXEL GS1900-48 Switch")
Suggested-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
Signed-off-by: Sander Vanheule <sander@svanheule.net>
While cleaning up the makefiles for the realtek target, the order of the
default image generating commands was accidentally changed. This caused
the image signature to end up somewhere in the middle, misaligning the
rootfs. As a result, sysupgrade couldn't verify upgrade images anymore,
and devices end up in a boot loop due to the unaligned (and not found)
rootfs.
Fixes: 94d8b4852b ("realtek: Cleanup Makefiles")
Signed-off-by: Sander Vanheule <sander@svanheule.net>
"0x1000" looks suspicious. By looking at data provided
by @DragonBluep I was able to identify the correct size for
AR9380, AR9287 WiFis. Furthermore, PowerCloud Systems CAP324
has a AR9344 WiFi.
Signed-off-by: Nick Hainke <vincent@systemli.org>
WCN6855 exists in 2 HW revisions, but both use the same FW so upstream
just has a symlink for hw2.1 to hw2.0 that I forgot to make.
Fixes: b4d3694f81 ("linux-firmware: package ath11k consumer cards firmware")
Signed-off-by: Robert Marko <robimarko@gmail.com>
Adds uboot-envtools support for ramips Asus RX-AX53U now that partition
can be correctly read.
Signed-off-by: Felix Baumann <felix.bau@gmx.de>
[ improve commit title and description ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Add support for read/writing uboot env by renaming the second partition
to its stock label "nvram" and remove the deemed unnecessary
"read-only". Split the first partition "u-boot" in two, in order
to allow `fw_setenv` safe write-access to the uboot environment
variables.
This implements hauke's request from [1].
Based on the patch provided by Shiji Yang.
[1] https://github.com/openwrt/openwrt/pull/10400#discussion_r945153224
Co-Authored-By: Shiji Yang <yangshiji66@qq.com>
Signed-off-by: Felix Baumann <felix.bau@gmx.de>
[ improve commit title and description, fix some whitespace problem ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
The reset register on RTL93xx not merely have bits to execute
a reset of a hardware component, but also configuration bits for
reset procedures. Keep them during executing a reset.
Signed-off-by: Birger Koblitz <git@birger-koblitz.de>
Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
[backport to 5.10 kernel]
Signed-off-by: Sander Vanheule <sander@svanheule.net>
Revert backported upstream commits 421f8663b3a7 and 8d820bc9d12b, which have
introduced a regression in BCMGENET kconfig that disabled the network driver
for the Raspberry Pi.
Fixes: 0c405bceba ("kernel: bump 5.15 to 5.15.85")
Fixes: e900822326 ("kernel: bump 5.15 to 5.15.84")
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Linus prefers to have loop initializers nice and tightly scoped. In
OpenWRT this has been possible since 41a1a652fb ("kernel: backport
gnu11 upgrade").
This patch cleans up variable scope while trying to do the above for
'simple for loops'.
This cleans up and simplifies some functions and code, and pulls in
variables to a smaller scope.
Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
Our current Makefiles a little bit messy and can be improved somewhat,
both in whitespace and in style.
Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
The only exception to C++ style comments are SPDX license identifier
markers at the start of C files (even headers have C style markers).
Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
Fix some ugly whitepsaces and codestyle issues around the realtek sources.
While this is by no means perfect, it catches what it caught.
Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
A full loop accessing all FDB entries can take several milliseconds
(on RTL839x about 20 ms), so give other kernel tasks a chance to run.
This is especially important for rtl83xx_port_fdb_dump which is itself
called in a loop for all ports by the kernel.
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
These two functions are identical apart from writing different values to
the read/write bit. Create a new function rtl_table_exec to reduce code
duplication.
Also replace the unbounded busy-waiting loop. The new implementation may
sleep, but as the hardware typically responds before the first poll, any
callers doing many table accesses still need to make sure not to block
other kernel tasks themselves.
So far, polling timeout errors are only handled by logging an error, but
a return value is added to allow proper handling in the future.
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
This function currently prints three messages for every switch port at
KERN_INFO level. This takes a considerable amount of time during bootup
and can even trigger an external watchdog.
Replace these log messages by a single one at KERN_DEBUG level.
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
As learning for the CPU port is now disabled globally, the bit in the
TX header doesn't have any effect anymore. Remove it to make the header
consistent with the global configuration.
Originally, this change was intended to be applied before commit
eb456aedfe ("realtek: use assisted learning on CPU port"), which is
why the commit message incorrectly mentions that the TX header already
disables learning.
The reason for disabling learning on the CPU port in the first place is
that it doesn't work correctly when packets are trapped to the CPU and
then forwarded by the CPU to other ports. In that case, the switch would
incorrectly learn the CPU port as source. An example that triggered this
issue are Multicast Listener Reports and IGMP membership reports.
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
We currently enable -Wno-error=unused-but-set-variable and
-Wno-error=unused-result by default on every compile package.
While this is (relatively) unharmful, we should follow other project
direction and starts enforcing good code quality. For example the linux
kernel recently started to enforce Wall by default and clean code is
mandatory for inclusion.
Drop for good these flags and and make it mandatory to correctly handle
return values at least with a warning log if they are not strictly error
condition.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
libpath.so uses host path in ld script causing other packages fail to
cross compile, e.g. perl:
"ld: cannot find /usr/lib/libbsd.so.0.11.6: No such file or directory"
Fixes: openwrt/packages#19390
Signed-off-by: Xuefer H <xuefer@gmail.com>
Most relevant feature for openwrt in this release, supports dynamically
removing hosts from 'hostsdir' supplied host files.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Ensure the MAC address for all NanoPi R1 boards is assigned uniquely for
each board.
The vendor ships the device in two variants; one with and one without
eMMC; but both without static mac-addresses.
In order to assign both board types unique MAC addresses, fall back on
the same method used for the NanoPi R2S and R4S in case the EEPROM
chip is not present by generating the board MAC from the SD card CID.
[0] https://wiki.friendlyelec.com/wiki/index.php/NanoPi_R1#Hardware_Spec
Similar too and based on:
commit b5675f500d ("rockchip: ensure NanoPi R4S has unique MAC address")
Co-authored-by: David Bauer <mail@david-bauer.net>
Signed-off-by: Jan-Niklas Burfeind <git@aiyionpri.me>