bef0b1cb31 libio: Disable vtable validation for pre-2.1 interposed handles [BZ #25203]
4d5cfeb510 rtld: Check __libc_enable_secure before honoring LD_PREFER_MAP_32BIT_EXEC (CVE-2019-19126) [BZ #25204]
92f04eedb5 mips: Force RWX stack for hard-float builds that can run on pre-4.8 kernels
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
The release notes since last time for wave-1:
* November 29, 2019: Fix IBSS merge issue, related to TSF id leakage bug in firmware code.
Thanks for Ahmed Zaki @ Mage-Networks for helping to diagnose and test.
The release notes since last time for wave-2:
* December 6, 2019: Fix 160Mhz problem caused by logic that did not take into account the fact that
160Mhz has only 1/2 of the NSS of lower bandwidths in the rate table.
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Enabling legacy PTYs causes problems with procd-hotplug.
And as this is a headless target, no need to have virtual terminals.
Remove corresponding kernel config options, they are disabled in
generic kernel config.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Enabling legacy PTYs causes problems with procd-hotplug.
And as this is a headless target, no need to have virtual terminals.
Remove corresponding kernel config options, they are disabled in
generic kernel config.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
If no AP is configured, hostapd-${phy}.conf is not being created,
hence md5sum fails and causes log pollution:
netifd: radio1 (3183): md5sum: can't open '/var/run/hostapd-phy1.conf': No such file or directoy
Hence make sure the file exists when calling md5sum.
Fixes: a5bc9787d4 ("mac80211: add support for dynamically reconfiguring wifi")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Before commit 60fb4c92b6 ("hostapd: add ubus reload") netifd was
tracking hostapd/wpa_supplicant and restarting wifi in case of a
process crash. Restore this behaviour by tracking the PIDs of
hostapd and wpa_supplicant.
Also make sure hostapd and/or wpa_supplicant have been started before
emmitting ubus calls to them using ubus wait_for.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
In addition to wpa_supplicant and hostapd managed interfaces, also
track unmanaged interfaces. This is used to make sure that running
'wifi' always returns into a clean state regardless of what the user
did before.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Allows graceful restart of crashing hostapd/wpa_supplicant instances
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[daniel@makrotopia.org: attempt to launch only present services]
The "/dts-v1/;" identifier is supposed to be put once at the beginning
of a device tree file. Thus, it makes no sense to provide it a second
time in to-be-included DTSI files.
This removes the identifier from all DTSI files in /target/linux.
Most of the DTS files in OpenWrt do contain the "/dts-v1/;". It is
missing for most of the following targets, though:
mvebu, ipq806x, mpc85xx, ipq40xx
This does not touch ipq806x for now, as the bump to 4.19 is close.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This enables the CTRL_IFACE_MIB symbol for wpad-full and hostapd-full.
If it is not enabled, statistic outputs such as "hostapd_cli all_sta"
are empty.
Signed-off-by: David Bauer <mail@david-bauer.net>
Netgear WNR3500L is an already supported device, but out of the
box, the device has no switch configuration and there is no wan.
The correct configuration for this specific model is similar to
some other models. This simple commit adds the correct switch
and the out-of-the-box experience is improved.
Experimentally determined:
Port 0 => WAN
Port 1..4 => LAN
Port 5..7 => unused
Port 8 => CPU
Signed-off-by: Olli Asikainen <olli.asikainen@gmail.com>
Tested-by: Fabian Zaremba <fabian@youremail.eu>
[added port mapping to commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
A small subset of devices uses decimal notation for mediatek,mtd-eeprom
in DTS files. Convert to hexadecimal notation to be consistent with
all the rest.
Also change "0" to "0x0" in the same files for consistency.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The Mikrotik RBM33G has only 2 LAN ports.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
[moved node in 02_network to maintain alphabetic sorting]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Physical port order watched from the backside of the C20i
(from left to right) is: Internet / 1 / 2 / 3 / 4
Physical Port Switch port
WAN 0
LAN 3 1
LAN 4 2
LAN 1 3
LAN 2 4
(not used) 5
CPU 6
Signed-off-by: Walter Sonius <walterav1984@gmail.com>
[commit message/title improvements]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
"[...] the size component shall be zero."
(See "PCI Bus Binding to: IEEE Std 1275-1994 Rev 2.1"
section "4.1.1 Open Firmware-defined Properties for Child Nodes")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Update iproute2 to latest stable version, see https://lwn.net/Articles/805654/
for the changes in 5.4.0
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* wg-quick: linux: suppress error when finding unused table
This fixes a spurious warning messages seen with recent versions of iproute2
and kernels.
* wg-quick: linux: ensure postdown hooks execute
* wg-quick: linux: have remove_iptables return true
* wg-quick: linux: iptables-* -w is not widely supported
Adding in iptables had some hiccups. For the record, I'm very unhappy about
having to put any firewalling code into wg-quick(8). We'll of course need to
support nftables too at some point if this continues. I'm investigating with
upstream the possibility of adding a sysctl to patch the issue that iptables
is handling now, so hopefully at somepoint down the line we'll be able to shed
this dependency once again.
* send: use kfree_skb_list
* device: prepare skb_list_walk_safe for upstreaming
* send: avoid touching skb->{next,prev} directly
Suggestions from LKML.
* ipc: make sure userspace communication frees wgdevice
Free things properly on error paths.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Hardware:
* SoC: Atheros AR9342-BL1A
* RAM: 64MB DDR2 (Winbond W9751G6KB-25)
* Flash: 16MB SPI NOR (Macronix MX25L12835FZ2I-10G)
* Ethernet: 1x 10/100/1000 Mbps (Atheros AR8035-A) with 24V PoE support
* Wifi 2.4GHz: Atheros AR9340 v2
* WiFi 5GHz: Ubiquiti U-AME-G1-BR4A (rebranded QCA988X v2)
* LEDs: 1x Power, 1x Ethernet
* Buttons: 1x Reset
* UART: 1x TTL 115200n8, 3.3V RX TX GND, 3.3V pin closest to RJ45 port
The LEDs do not seem to be connected to any GPIO, so there is currently
no way to control them.
Installation via U-Boot, TFTP and serial console:
* Configure your TFTP server with IP 192.168.1.254
* Connect serial console and power up the device
* Hit any key to stop autoboot
* tftpboot 0x81000000 openwrt-ath79-generic-ubnt_litebeam-ac-gen2-initramfs-kernel.bin
* bootm 0x81000000
* copy openwrt-ath79-generic-ubnt_litebeam-ac-gen2-squashfs-sysupgrade.bin
to /tmp
* sysupgrade /tmp/openwrt-ath79-generic-ubnt_litebeam-ac-gen2-squashfs-sysupgrade.bin
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Petr Štetiar <ynezz@true.cz>
Acked-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The sysupgrade image contains OpenWrt specific metadata. Having this
metadata in the factory images makes no sense. Drop IMAGE/factory.bin
from Device/ubnt-wa and use the default from Device/ubnt instead.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Petr Štetiar <ynezz@true.cz>
Acked-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
It turns out my 4.14 testing had a rather large flaw in it and the
'extack' mechanism isn't quite ready. Remove the extack stuff from this
backport.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Since the original backports from kernel 5.3 a few things have been
tweaked by kernel bumps & other upstream changes. Update the backport
to reflect upstream as closely as possible and remove the bitrot.
Functions remain the same, error reporting improved.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
In d421a8b94489 ("ath79: read label MAC address from flash instead
of using phy0/phy1") the source of the label MAC address was changed
for devices just reading it from phy0. To get rid of the dependency
from phy startup, addresses were read directly from the flash
locations that are used to initialize the phy MAC addresses.
Unfortunately, it turned out that Ubiquiti XM devices seem to have
different flash locations than expected, and also seem to have
specific locations for different devices (all in art/EEPROM):
0xe012 AR9280 Nanostation M2 - 0x120c
0xe035 AR9280 Nanostation M3 - 0x120c
0xe1b2 AR9280 Rocket M2 - 0x120c
0xe1c3 AR9280 Rocket M3 - 0x120c
0xe1b5 AR9280 Rocket M5 - 0x120c
0xe2d5 AR9280 Bullet M2 Titanium - 0x120c
0xe2b5 AR9280 Nanobridge M5 - 0x120c
0xe202 AR9280 Bullet M2 - 0x120c
0xe232 AR9287 Nanobridge M2 - 0x110c
0xe4a2 AR9285 AirRouter - 0xa0bf
Picostation M2 - 0x120c and 0xa0bf
Nanostation Loco M2 - not in 0x120c, other locations not checked
An additional problem of the Ubiquiti device support in OpenWrt is
that we provide images that match several subvariants of the devices,
which might have different MAC address locations.
Given that reading the address from phy0 in 02_network _is_ working
for the ath79 target in general, it does not seem reasonable to
rebuild a complex MAC address retrieval mechanism which is already
present in the ath9k driver.
So, this patch reverts the label MAC address source for Ubiquiti XM
devices (and the Unifi AP) to /sys/class/ieee80211/phy0/macaddress.
This doesn't affect XW and Unifi AC devices, where the label MAC
address source is defined via device tree.
For alfa-network,ap121f the location 0x1002 is kept, as this has
been verified during device support preparation in PR #2199.
Fixes: d421a8b94489 ("ath79: read label MAC address from flash
instead of using phy0/phy1")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
IPv6 protocol is enabled on all gre interfaces, but gre(v6)tap
interfaces are usually added to a bridge interface, in which case
IPv6 should be enabled only on the bridge interface.
Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
Sysupgrade was failing due to incorrect replacement of backticks:
/sbin/sysupgrade: /lib/upgrade/platform.sh: line 101: syntax error: missing '))'
Fixes: 0bbfc3dff719 ("octeon: replace backticks by $(...)")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
The Atheros AR8327 and AR8337 have (according to their datasheet) a
VLAN table with a maximum of 4096 entries.
Currently, there's a hard limit of 128 VLANs, which is the same as
for most other Atheros switches. Increase this limit only for the
AR83x7 series and modify some shared functions to allow them to work
with a variable max VLAN count.
Signed-off-by: David Bauer <mail@david-bauer.net>
The Owl Loader (named after the codename that Atheros gave
these devices back in the day) has been accepted upstream.
This patch removes the "misc" driver OpenWrt had and adds
the remaining differences against the version that ships
with 5.4-rc1 into a separate "120-owl-loader-compat.patch"
file that can be cut down once AR71XX is being dealt with.
Note: I decided to keep the existing (kmod-)owl-loader
package name around for now. The kernel module file in
the kmod package will be called ath9k_pci_owl_loader.ko
though.
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Problem found by AddressSanitizer[1]:
Latest `grep` (git commit 1019e6e) compiled with asan may cause a
heap-buffer-overflow when `-i` is specified.
./grep -i '\(\(\)*.\)*\(\)\(\)\1' /bin/chvt
=================================================================
==16206==ERROR: AddressSanitizer: heap-buffer-overflow on address
1. https://debbugs.gnu.org/34140
Ref: https://sourceware.org/bugzilla/show_bug.cgi?id=24114
Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
[commit title and description facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This reverts commit 81764319637f ("mt76: probe load mt7615 driver
asynchronously"). After said commit, users report that MT7615 no longer
works on boot and they have to manually enable WiFi (via command "wifi") to
make it working again.
Fixes: FS#2546
Ref: https://forum.openwrt.org/t/xiaomi-r3p-no-wifi-on-boot/45509
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
[commit description facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
MeshPoint.One is Wi-Fi hotspot and smart IoT gateway (based upon
Jalapeno module from 8Devices).
MeshPoint.One (https://meshpointone.com) is a unique Wi-Fi hotspot and
smart city gateway that can be installed and powered from street
lighting (even solar power in the future). MeshPoint provides up to 27
hours of interrupted Wi-Fi and IoT services from internal battery even
when external power is not available. MeshPoint.One can be used for
disaster relief efforts in order to provide instant Wi-Fi coverage that
can be easily expanded by just adding more devices that create wide area
mesh network. MeshPoint.One devices have standard Luci UI for
management.
Features:
- 1x 1Gpbs WAN
- 1x 1Gbps LAN
- POE input (eth0)
- POE output (eth1)
- Sensor for temperature, humidity and pressure (Bosch BME280)
- current, voltage and power measurement via TI INA230
- Hardware real time clock
- optional power via Li-Ion battery
- micro USB port with USB to serial chip for easy OpenWrt terminal
access
- I2C header for connecting additional sensors
Installation:
-------------
Simply flash the sysupgrade image from stock firmware.
Or use the built in Web recovery into bootloader:
Hold Reset button for 5 to 20 seconds or use UART and httpd command.
Web UI will appear on 192.168.2.100 by default.
For web recovery use the factory.ubi image.
Signed-off-by: Damir Samardzic <damir.samardzic@sartura.hr>
Signed-off-by: Damir Franusic <damir.franusic@sartura.hr>
Signed-off-by: Valent Turkovic <valent@meshpoint.me>
Signed-off-by: Robert Marko <robert@meshpoint.me>
[commit description long line wrap, usb->USB]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Lets move common code for Jalapeno into DTSI, this way Jalapeno based
boards don't introduce duplicate code.
While at it, lets also fix some style issues and update to current DTS
style.
Signed-off-by: Robert Marko <robert@meshpoint.me>
[commit description long line wrap]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This also fixes mac80211_prepare_vif iw set channel in monitor or
mesh mode.
Signed-off-by: Santiago Piccinini <spiccinini@altermundi.net>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[daniel@makrotopia.org: fixed commit message]