Commit Graph

54619 Commits

Author SHA1 Message Date
Petr Štetiar
7370479224 at91: sam9x,sama5: fix racy SD card image generation
We've few low spec (make -j3) build workers attached to the 22.03
buildbot instance which from time to time exhibit following build
failure during image generation (shortened for brewity):

 + dd bs=512 if=root.ext4 of=openwrt-22.03...sdcard.img.gz.img
 dd: failed to open 'root.ext4': No such file or directory

Thats happening likely due to the fact, that on buildbots we've
`TARGET_PER_DEVICE_ROOTFS=y` which produces differently named filesystem
image in the SD card image target dependency chain:

 make_ext4fs -L rootfs ... root.ext4+pkg=68b329da

and that hardcoded `root.ext4` image filename becomes available from
other Make targets in the later stages. So lets fix this issue by using
IMAGE_ROOTFS Make variable which should contain proper path to the root
filesystem image.

Fixing remaining subtargets ommited in commit 5c3679e39b ("at91:
sama7: fix racy SD card image generation").

Fixes: 5c3679e39b ("at91: sama7: fix racy SD card image generation")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 3b669bc3f3)
2023-02-08 09:16:43 +01:00
Petr Štetiar
52564e65d5 at91: sama7: fix racy SD card image generation
We've few low spec (make -j3) build workers attached to the 22.03
buildbot instance which from time to time exhibit following build
failure during image generation:

 + dd bs=512 if=root.ext4 of=openwrt-22.03-snapshot-r20028-43d71ad93e-at91-sama7-microchip_sama7g5-ek-ext4-sdcard.img.gz.img seek=135168 conv=notrunc
 dd: failed to open 'root.ext4': No such file or directory

Thats likely due to the fact, that on buildbots we've
`TARGET_PER_DEVICE_ROOTFS=y` which produces differently named filesystem
image in the SD card image target dependency chain:

 make_ext4fs -L rootfs ... root.ext4+pkg=68b329da

and that hardcoded root.ext4 becomes available from other target in the
later stages. So lets fix this issue by using IMAGE_ROOTFS Make variable
which should contain proper path to the root filesystem image.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 5c3679e39b)
2023-02-08 09:16:43 +01:00
Hauke Mehrtens
863288b49d mac80211: Update to version 5.15.92-1
This update mac80211 to version 5.15.92-1. This includes multiple
bugfixes. Some of these bugfixes are fixing security relevant bugs.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-02-08 00:17:27 +01:00
John Audia
71cbc95111 kernel: bump 5.10 to 5.10.166
All patches automatically rebased.

Build system: x86_64
Build-tested: ramips/tplink_archer-a6-v3
Run-tested: ramips/tplink_archer-a6-v3

Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit 50324b949b)
2023-02-05 20:43:19 +01:00
Arınç ÜNAL
3fd3d99e3a ramips: mt7621-dts: fix phy-mode of external phy on GB-PC2
The phy-mode property must be defined on the MAC instead of the PHY. Define
phy-mode under gmac1 which the external phy is connected to.

Tested-by: Petr Louda <petr.louda@outlook.cz>
Signed-off-by: Arınç ÜNAL <arinc.unal@arinc9.com>
(cherry picked from commit 5155200f97)
2023-02-03 14:20:33 +01:00
Tim Harvey
212c3ffdfc octeontx: add sqaushfs and ramdisk to features
Add squashfs and ramdisk to features as these are commonly used images
for the octeontx.

Signed-off-by: Tim Harvey <tharvey@gateworks.com>
(cherry picked from commit af5635e6ca)
2023-02-03 13:54:45 +01:00
Tom Herbers
2601873cc5 ath79: add LTE packages for GL-XE300
Add LTE packages required for operating the LTE modems shipped with
the GL-XE300.

Example configuration for an unauthenticated dual-stack APN:

network.wwan0=interface
network.wwan0.proto='qmi'
network.wwan0.device='/dev/cdc-wdm0'
network.wwan0.apn='internet'
network.wwan0.auth='none'
network.wwan0.delay='10'
network.wwan0.pdptype='IPV4V6'

Signed-off-by: Tom Herbers <mail@tomherbers.de>
(cherry picked from commit 67f283be44)
2023-02-03 11:49:18 +01:00
Tom Herbers
2702ef9427 ath79: add label-mac-device for GL-XE300
This adds an label-mac-device alias which refrences the mac which is
printed on the Label of the device.

Signed-off-by: Tom Herbers <mail@tomherbers.de>
(cherry picked from commit f83f5f8452)
2023-02-03 11:49:18 +01:00
Leo Soares
0657576ce1 ath79: add LTE led for GL.iNet GL-XE300
This commit adds the LTE led for GL.iNet GL-XE300
to the default leds config.

Signed-off-by: Leo Soares <leo@hyper.ag>
(cherry picked from commit 35a0f2b00c)
Signed-off-by: Tom Herbers <mail@tomherbers.de>
2023-02-03 11:49:18 +01:00
Etienne Champetier
428d720c7f kernel: backport some mv88e6xxx devlink patches
This should help debug mv88e6xxx issues

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
2023-01-31 02:15:39 +02:00
John Audia
83a13b74f5 kernel: bump 5.10 to 5.10.165
All patches automatically rebased.

Build system: x86_64
Build-tested: ramips/tplink_archer-a6-v3
Run-tested: ramips/tplink_archer-a6-v3

Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit 257e9fc57c)
2023-01-28 20:08:14 +01:00
John Audia
10c79414db kernel: bump 5.10 to 5.10.164
All patches automatically rebased

Build system: x86_64
Build-tested: ramips/tplink_archer-a6-v3
Run-tested: ramips/tplink_archer-a6-v3

Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit 9c3954bc46)
2023-01-28 20:08:14 +01:00
John Audia
15b9c02d6c kernel: bump 5.10 to 5.10.163
Removed upstreamed:
  generic/101-Use-stddefs.h-instead-of-compiler.h.patch[1]
  bcm27xx/patches-5.10/950-0194-drm-fourcc-Add-packed-10bit-YUV-4-2-0-format.patch

All patches automatically rebased.

1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.163&id=ddd2bb08bd99b7ee4442fbbe0f9b80236fdd71d2

Build system: x86_64
Build-tested: ramips/tplink_archer-a6-v3
Run-tested: ramips/tplink_archer-a6-v3

Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit 2835df54ab)
2023-01-28 20:07:11 +01:00
John Audia
a8025bc2c2 kernel: bump 5.10 to 5.10.162
All patches automatically rebased.

Build system: x86_64
Build-tested: ramips/tplink_archer-a6-v3
Run-tested: ramips/tplink_archer-a6-v3

Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit 2621ddb0be)
2023-01-28 16:54:32 +01:00
David Bauer
ddeeb35007 mac80211: use 802.11ax iw modes
This adds missing HE modes to mac80211_prepare_ht_modes.

Previously mesh without wpa_supplicant would be initialized with 802.11g
/NO-HT only, as this method did not parse channel bandwidth for HE
operation.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit a63430eac3)
2023-01-28 15:11:52 +01:00
Chuanhong Guo
1f32774ded
kernel: mtk-bmt: fix usage of _oob_read
_oob_read returns number of bitflips on success while
bbt_nand_read should return 0.

Fixes: 2d49e49b18 ("mediatek: bmt: use generic mtd api")
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
(cherry picked from commit f183ce35b8)
2023-01-25 23:45:14 +08:00
Christian Marangi
28e1770a3b
tools/mkimage: build uboot with NO_SDL=1
From uboot Documentation for uboot-2022.01 for tools-only we can build
with NO_SDL=1 to skip installing the sdl2 package.

Follow this to fix compilation error on macos

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-01-22 01:35:16 +01:00
Florian Maurer
1bead4c521
lantiq: xrx200: Fix wifi LED on o2 box 6431
Wifi LED did not work using phy0radio, which somehow slipped through in
the previous testing

Signed-off-by: Florian Maurer <f.maurer@outlook.de>
(cherry picked from commit 2e3d1edf59)
2023-01-20 16:14:22 +01:00
David Bauer
9a12afc5e7 mbedtls: move source modification to patch
Patch the mbedtls source instead of modifying the compile-targets
in the prepare buildstep within OpenWrt.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 00f1463df7)
2023-01-18 23:39:11 +01:00
Petr Štetiar
c1a26341ab Revert "toolchaini/gcc: fix libstdc++ dual abi model"
This reverts commit c0b4303d2e as it was
reported, that it breaks all packages depending on libstdcpp due to
changed ABI.

References: https://github.com/openwrt/packages/issues/20340
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2023-01-18 07:51:56 +01:00
David Bauer
807483d336 dosfstools: switch to AC_CHECK_LIB
This fixes spurious build-errors on OpenWrt, where the AM_ICONV macro
is undefined while invoking autoconfig. Later in the build, the ICONV
LDOPTIONS are set to @LIBICONV@, failing the build.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 9300a20dcc)
2023-01-16 23:58:16 +01:00
Stijn Tintel
3bc6d2af76 tools/dosfstools: fix PKG_SOURCE
Both mirrors provided in the Makefile only serve gzipped tarballs.

Fixes: #10871
Fixes: 9edfe7dd13 ("source: Switch to xz for packages and tools where possible")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit bd911b4538)
2023-01-16 23:58:16 +01:00
Ivan Maslov
c0b4303d2e toolchaini/gcc: fix libstdc++ dual abi model
libstdcxx-dual-abi needs to be enabled to actually support C++11 ABI.
Enable the config flag to also permit support of .NET 6 development on
OpenWrt.

Signed-off-by: Ivan Maslov <avenger_msoft@mail.ru>
[ reword commit description and title ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 3c06a344e9)
2023-01-16 08:45:38 +01:00
Christian Marangi
aa5023b9cd
scripts/dl_github_archieve.py: fix generating unreproducible tar
Allign dl_github_archieve.py to 8252511dc0
change. On supported system the sigid bit is applied to files and tar
archieve that on tar creation. This cause unreproducible tar for these
system and these bit should be dropped to produce reproducible tar.

Add the missing option following the command options used in other
scripts.

Fixes: 75ab064d2b ("build: download code from github using archive API")
Suggested-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Tested-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 5f1758ef14)
2023-01-12 15:00:24 +01:00
Hauke Mehrtens
e88e0ace7a ksmbd: Fix ZDI-CAN-18259
This fixes a security problem in ksmbd. It currently has the
ZDI-CAN-18259 ID assigned, but no CVE yet.

Backported from:
8824b7af40
cc4f3b5a6a

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 76c67fcc66)
2023-01-11 22:10:25 +01:00
Nick Hainke
aca915e847 ksmbd: update to 3.4.6
Release Announcement:
https://github.com/cifsd-team/ksmbd/releases/tag/3.4.6

Remove upstreamed:
- 10-fix-build-on-kernel-5.15.52-or-higher.patch

This fixes the following security bugs:
* CVE-2022-47938, ZDI-22-1689
* CVE-2022-47939, ZDI-22-1690 (patch was already backported before)
* CVE-2022-47940, ZDI-22-1691
* CVE-2022-47941, ZDI-22-1687
* CVE-2022-47942, ZDI-22-1688
* CVE-2022-47943, ZDI-CAN-17817

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 78cbcc77cc)
2023-01-07 16:22:15 +01:00
Florian Maurer
4b7f9e42e2 lantiq-xrx200: fix wan LED on o2 box 6431
The WIFI LED already worked for me with the latest openwrt 22.03 version.
Wifi LED did not with an older 22.x version (in gluon - there phy0radio did nothing but phy0tpt did show activity

the WAN interface has the name "wan" and not "pppoe-wan" on this device

fixes #7757 (and FS#2987)

Signed-off-by: Florian Maurer <f.maurer@outlook.de>
(cherry picked from commit 0820d62012)
Signed-off-by: Jan-Niklas Burfeind <git@aiyionpri.me>
2023-01-06 19:38:22 +01:00
Christian Marangi
7c10b7b6f0
CI: build: fix external toolchain use with release tag tests
When a new tag for a release is created, the just checkout repo from
github actions will already have such tag locally created.

This will result in git fetch --tags failing with error rejecting the
remote tag with (would clobber existing tag).

Add -f option to overwrite any local tags and always fetch them from
remote.

Fixes: e24a1e6f6d ("CI: build: add support for external toolchains from stable branch")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit f655923b36)
2023-01-04 19:34:44 +01:00
Hauke Mehrtens
b08e1e978c OpenWrt v22.03.3: revert to branch defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-01-03 22:03:42 +01:00
Hauke Mehrtens
221fbfa2d8 OpenWrt v22.03.3: adjust config defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-01-03 22:03:37 +01:00
Hauke Mehrtens
43d71ad93e mac80211: Do not build brcmsmac on bcm47xx_legacy
brcmsmac needs bcma. bcma is build into the kernel for the other bcm47xx
subtargets, but not for the legacy target because it only uses ssb. We
could build bcma as a module for bcm47xx_legacy, but none of these old
devices uses a wifi card supported by brcsmac.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit cb7d662dac)
2023-01-03 01:24:21 +01:00
Christian Lamparter
181390f57d uml: fix 5.10 build
the 5.10 uml build currently breaks with:

/usr/bin/ld: arch/um/os-Linux/signal.o: in function `sigusr1_handler':
arch/um/os-Linux/signal.c:141: undefined reference to `uml_pm_wake'

But there's an upstream fix for this. Backport the fix
for now but also let upstream know so it finds its way
through the -stable releases.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 8bea5edf89)
2023-01-03 01:24:21 +01:00
Hauke Mehrtens
1fd2f9f7be kernel: Add missing kernel configuration options
This fixes compile of the bmips target.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit f620eb70f1)
2023-01-03 00:54:22 +01:00
Hauke Mehrtens
8446d22aaa gdb: Do not link against xxhash
libxxhash is now available in the OpenWrt package feed and gdb will link
against it if gdb finds this library. Explicitly deactivate the usage
of xxhash.

This should fix the build of gdb in build bots.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit a442974cfa)
2023-01-02 18:51:17 +01:00
Hans Dedecker
558aa1f482 odhcpd: fix null pointer dereference for INFORM messages
4a673e1 fix null pointer dereference for INFORM messages

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2023-01-02 13:51:59 +01:00
Tony Ambardar
af4f635eed ipq40xx: sysupgrade: allow flashing Linksys factory firmware
Allow forced flashing of a factory firmware image, after checking for the
correct FIT magic header and Linksys board-specific footer. Details of the
footer are already described in scripts/linksys-image.sh.

This is convenient as it avoids using a TFTP server or OEM GUI, and allows
restoring OEM firmware or installing a "breaking" OpenWrt update (e.g DSA
migration and kernel repartition) directly from the command line.

Devices supported at this time include EA6350v3, EA8300, MR8300 and WHW01.

Reviewed-by: Robert Marko <robimarko@gmail.com>
Tested-by:  Wyatt Martin <wawowl@gmail.com> # WHW01
Tested-by:  Tony Ambardar <itugrok@yahoo.com> # EA6350v3
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit 6fc334cbdc)
2023-01-01 21:45:44 +01:00
Tony Ambardar
4bda308657 base-files: stage2: add 'tail' to sysupgrade environment
This is used to access footer data in firmare files, and is simpler and
less error-prone than using 'dd' with calculated offsets.

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit 9cbc825b30)
2023-01-01 21:45:34 +01:00
Hauke Mehrtens
2f1b73b70d treewide: Trigger reinstall of all wolfssl dependencies
The ABI of the wolfssl library changed a bit between version 5.5.3 and
5.5.4. This release update will trigger a rebuild of all packages which
are using wolfssl to make sure they are adapted to the new ABI.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit ee47a28cec)
2023-01-01 21:42:41 +01:00
Nick Hainke
77e2a24e62 wolfssl: update to 5.5.4-stable
Remove upstreamed:
- 001-Fix-enable-devcrypto-build-error.patch

Refresh patch:
- 100-disable-hardening-check.patch

Release notes:
https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.4-stable

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 04634b2d82)
2023-01-01 21:42:39 +01:00
Hauke Mehrtens
158a33591d mbedtls: update to version 2.28.2
Changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2
This release of Mbed TLS provides bug fixes and minor enhancements. This
release includes fixes for security issues.

Fixes the following CVEs:
* CVE-2022-46393: Fix potential heap buffer overread and overwrite in
DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and
MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.

* CVE-2022-46392: An adversary with access to precise enough information
about memory accesses (typically, an untrusted operating system
attacking a secure enclave) could recover an RSA private key after
observing the victim performing a single private-key operation if the
window size used for the exponentiation was 3 or smaller.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit af3c9b74e1)
2022-12-31 14:45:23 +01:00
Nick Hainke
b23cab2fcf toolchain: gcc: import patch fixing asm machine directive for powerpc
Applications with libmbedtls, e.g. curl, fail on mpc85xx with:
  curl[7227]: illegal instruction (4) at b7c94288 nip b7c94288 lr b7c6b528 code 1 in libmbedcrypto.so.2.28.1[b7c3e000+7e000]
  curl[7227]: code: 3d7e0000 809e8004 91490000 816b814c 7d6903a6 4e800421 80010024 83c10018
  curl[7227]: code: 38210020 7c0803a6 4e800020 9421fff0 <7d4d42e6> 7c6c42e6 7d2d42e6 7c0a4840

This is due to a bug in gcc-11.2.0. It is fixed with gcc-11.3.0.
Import the patch that is fixing the issue.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-12-28 20:54:54 +01:00
Felix Fietkau
6be9e3e636
kernel: remove hack patch, move kirkwood specific kmods to target modules.mk
Tweaking the KCONFIG line of kmod-ata-marvell-sata makes the hack patch
unnecessary

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 2e375e9b31)
2022-12-27 08:05:23 +01:00
John Audia
b1722a048a kernel: bump 5.10 to 5.10.161
All patches automatically rebased.

Build system: x86_64
Build-tested: ramips/tplink_archer-a6-v3
Run-tested: ramips/tplink_archer-a6-v3

Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit 5925401007)
2022-12-26 17:25:09 +01:00
Hauke Mehrtens
cdce4a0bfa uhttpd: update to latest Git HEAD
2397755 client: fix incorrectly emitting HTTP 413 for certain content lengths

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 73dca49f35)
2022-12-26 17:20:47 +01:00
Daniel Graña
6c3e16055a kernel: backport ksmbd security fix ZDI-22-1690
Fix zero day vulnerability reported as ZDI-22-1690, no CVE assigned yet.
Picked from https://github.com/cifsd-team/ksmbd/commit/1f9d85a340

Signed-off-by: Daniel Graña <dangra@gmail.com>
2022-12-23 15:37:46 -03:00
Hauke Mehrtens
275c51bf40 Revert "image-commands.mk: Be consistent in command invocation"
This reverts commit fcff234fd8.

$(STAGING_DIR_HOST)/bin/gzip is not available in openwrt-22.03. The
change broke the build because the build process could not find this
file. For example ath79/generic netgear_wndap360 was affected.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-12-22 13:20:39 +01:00
Jan-Niklas Burfeind
fec4fb3a56 sunxi: remove frequency for NanoPi R1
The frequency appears as unlisted initial frequency.
Removed it as Hauke suggested.

Signed-off-by: Jan-Niklas Burfeind <git@aiyionpri.me>
(cherry picked from commit 5b82eeb320)
2022-12-22 00:45:24 +01:00
Stijn Tintel
51a763ab0f arm-trusted-firmware-sunxi: drop CPE ID
The CPE ID is already set in trusted-firmware-a.mk.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 9ed1830bdc)
2022-12-22 00:14:30 +01:00
Stijn Tintel
377d805887 trusted-firmware-a.mk: use correct CPE ID
There are 2 different CPE IDs on the NVD website:
cpe:/a:arm:trusted_firmware-a
cpe:/o:arm:arm_trusted_firmware

The ID as currently used in trusted-firmware-a.mk does not exist. The
CPE ID using the arm_trusted_firmware product name only lists a few
records for versions 2.2 and 2.3 on the NVD site. The CPE ID using the
trusted_firmware-a product name lists many more records, and actually
has a CVE linked to it. Therefore, use the CPE ID using the
trusted_firmware-a product name.

Fixes: 104d60fe94 ("trusted-firmware-a.mk: add PKG_CPE_ID")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit c8c6508c22)
2022-12-22 00:14:30 +01:00
John Audia
f30414c56d kernel: bump 5.10 to 5.10.160
No patches affected by this update.

Build system: x86_64
Build-tested: ramips/tplink_archer-a6-v3
Run-tested: ramips/tplink_archer-a6-v3

Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit 1e375c8fbd)
2022-12-22 00:14:30 +01:00