Commit Graph

16252 Commits

Author SHA1 Message Date
Eneas U de Queiroz
f4853f7cca wolfssl: update to v4.2.0-stable
Many bugs were fixed--2 patches removed here.

This release of wolfSSL includes fixes for 5 security vulnerabilities,
including two CVEs with high/critical base scores:

- potential invalid read with TLS 1.3 PSK, including session tickets
- potential hang with ocspstaping2 (always enabled in openwrt)
- CVE-2019-15651: 1-byte overread when decoding certificate extensions
- CVE-2019-16748: 1-byte overread when checking certificate signatures
- DSA attack to recover DSA private keys

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2019-11-06 23:23:53 +01:00
Petr Štetiar
80a799125b libnl-tiny: update to latest Git head
Includes following changes:

 0230d0698e59 add initial GitLab CI support
 5e13b797a988 iron out all extra compiler warnings
 802fbd4d6f39 cmake: enable extra compiler checks
 050bb5c4431b convert into CMake project
 5b350e42d1fd refactor into separate Git project

and converts the package build to utilize CMake.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-11-06 16:31:42 +01:00
David Bauer
4c6fe32468 mac80211 ath9k: force QCA953x clock to 25MHz
The QCA953x only supports 25 MHz refclk, however some OEMs set an
invalid bootstrap value for the REF_CLK option, which would break the
clock detection in ath9k.

Force the QCA953x refclk to 25MHz in ath9k, as this is (according to the
datasheet) the only valid frequency.

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-11-05 22:55:54 +01:00
Koen Vandeputte
f96af28272 ath10k-firmware: update Candela Tech firmware images
The release notes since last time for wave-1:

  *  October 5,  2019:  Fix too-short msg caused by invalid use of PayloadLen in receive path.
                        This appears to resolve the issue of getting (and ignoring) too-short commands
                        when we detect loss of CE interrupts and go into polling mode.

  *  October 12, 2019:  Fix regression in IBSS mode that caused SWBA overrun issues.  Related to
                        regression added during the ct-station logic, specifically TSF allocation.
                        Thanks for Ahmed Zaki @ Mage-Networks for helping to diagnose and test.

  *  October 15, 2019:  Only send beacon tx completion events if we can detect CT driver is being
                        used (based on CT_STATS_OK flag being set).  This should help CT firmware work
                        better on stock driver.

The release notes since last time for wave-2:

  *  October 15, 2019:  Only send beacon tx completion events if we can detect CT driver is being
                        used (based on ATH10k_USE_TXCOMPL_TXRATE2 | ATH10k_USE_TXCOMPL_TXRATE1 flags being set).
                        This should help CT firmware work better on stock driver.

  *  October 31, 2019:  Compile out peer-ratecode-list-event.  ath10k driver ignores the event.

  *  November 1, 2019:  Fix rate-ctrl related crash when nss and other things were changed while
                        station stays associated.  See bug: https://github.com/greearb/ath10k-ct/issues/96

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-11-05 15:43:22 +01:00
Jo-Philipp Wich
6f9157e6bd ustream-ssl: update to latest Git HEAD
c9b6668 ustream-ssl: skip writing pending data if .eof is true after connect

Fixes: CVE-2019-5101, CVE-2019-5102
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-11-05 14:43:20 +01:00
Felix Fietkau
fa37dbbc43 mac80211: fix build without CONFIG_PCI
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-11-05 14:22:01 +01:00
Felix Fietkau
8b15e7f661 mac80211: add support for multiple wiphys behind a single device
The device path will be the same for the first phy. For all subsequent
phys, the path gets an extra +1, +2, ...
Move the code for converting path to phy and vice versa to a separate
library script shared by config detection code and the netifd wireless
handler script

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-11-05 12:09:36 +01:00
Felix Fietkau
d64daf7026 mac80211: add pcie apsm backport changes
Required for newer versions of mt76

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-11-05 12:09:26 +01:00
David Bauer
3034f8c3b8 hostapd: enable PMKSA and OK caching for WPA3-Personal
This enables PMKSA and opportunistic key caching by default for
WPA2/WPA3-Personal, WPA3-Personal and OWE auth types.
Otherwise, Apple devices won't connect to the WPA3 network.

This should not degrade security, as there's no external authentication
provider.

Tested with OCEDO Koala and iPhone 7 (iOS 13.1).

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-11-04 18:46:54 +01:00
Hauke Mehrtens
6f3a293532 procd: Update to version 2019-11-02
f47622e instance: Warn about unexpected number of parameters
564ecdf instance: ujail: Fix allocated size for no_new_privs parameter
7fb2e1d procd: simplify code in procd_inittab_run
4a127c3 procd: replace exit(-1) with exit(EXIT_FAILURE)
bc0a73e procd: add upgraded binary to .gitignore
ba4c4db procd: add start-console support
3e39fe5 procd: shift arguments for askfirst only once
5d62829 procd: skip respawn in case device disappeared
d27949f procd: guard fork_worker calls

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-11-03 20:25:07 +01:00
Daniel Golle
43ae50978a mac80211: rt2x00: remove errornous duplicate condition
https://patchwork.kernel.org/patch/11224189/
--
On 2019-10-28 06:07, wbob wrote:
> Hello Roman,
>
> while reading around drivers/net/wireless/ralink/rt2x00/rt2800lib.c
> I stumbled on what I think is an edit of yours made in error in march
> 2017:
>
> https://github.com/torvalds/linux/commit/41977e86#diff-dae5dc10da180f3b055809a48118e18aR5281
>
> RT6352 in line 5281 should not have been introduced as the "else if"
> below line 5291 can then not take effect for a RT6352 device. Another
> possibility is for line 5291 to be not for RT6352, but this seems
> very unlikely. Are you able to clarify still after this substantial time?
>
> 5277: static int rt2800_init_registers(struct rt2x00_dev *rt2x00dev)
> ...
> 5279:  } else if (rt2x00_rt(rt2x00dev, RT5390) ||
> 5280:         rt2x00_rt(rt2x00dev, RT5392) ||
> 5281:         rt2x00_rt(rt2x00dev, RT6352)) {
> ...
> 5291:  } else if (rt2x00_rt(rt2x00dev, RT6352)) {
> ...

Hence remove errornous line 5281 to make the driver actually
execute the correct initialization routine for MT7620 chips.

As it was requested by Stanislaw Gruszka remove setting values of
MIMO_PS_CFG and TX_PIN_CFG. MIMO_PS_CFG is responsible for MIMO
power-safe mode (which is disabled), hence we can drop setting it.
TX_PIN_CFG is set correctly in other functions, and as setting this
value breaks some devices, rather don't set it here during init, but
only modify it later on.

Fixes: 41977e86c984 ("rt2x00: add support for MT7620")
Reported-by: wbob <wbob@jify.de>
Reported-by: Roman Yeryomin <roman@advem.lv>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Acked-by: Stanislaw Gruszka <sgruszka@redhat.com>
--

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-11-03 18:31:02 +01:00
Yousong Zhou
e4af39d563 fstools: bump to version 2019-11-03
2f2a09a block: mount_device: err log only when mp deviates from spec
da4edc1 block: mount_device: skip extroot earlier
32c3126 block: mount_action: handle mount/umount deps
fb0700f block: support hierarchical mount/umount
1212b5b block: umount: skip / unless -a is given
eda8b3f block: use fsck.fat instead of dosfsck
d05276d libblkid-tiny: ntfs: fix use-after-free

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-11-03 04:25:37 +00:00
Yousong Zhou
51e7624776 libubox: bump to version 2019-10-29
It contains a single change to vlist.h header file: "vlist: add more
macros for loop iteration".  This is needed for newer version of fstools

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-11-03 04:24:54 +00:00
Kyle Copperfield
87f9292300 hostapd: add IEEE 802.11k support
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.

To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
Enables radio resource management to be reported by hostapd to clients.

Ref: https://github.com/lede-project/source/pull/1430
Co-developed-by: Lorenzo Santina <lorenzo.santina@edu.unito.it>
Signed-off-by: Lorenzo Santina <lorenzo.santina@edu.unito.it>
Signed-off-by: Kyle Copperfield <kmcopper@danwin1210.me>
2019-11-02 20:51:52 +01:00
Michal Cieslakiewicz
9b6f89c37f ath79: add support for Netgear WNDR4300
This patch adds ath79 support for Netgear WNDR4300.
Router was previously supported by ar71xx target only.
Note: device requires 'ar934x-nand' driver in kernel.

Specification
=============
  * Description: Netgear WNDR4300
  * Loader: U-boot
  * SOC: Atheros AR9344 (560 MHz)
  * RAM: 128 MiB
  * Flash: 128 MiB (NAND)
	- U-boot binary: 256 KiB
	- U-boot environment: 256 KiB
	- ART: 256 KiB
	- POT: 512 KiB
	- Language: 2 MiB
	- Config: 512 KiB
	- Traffic Meter: 3 MiB
	- Firmware: 25 MiB
	- ART Backup: 256 KiB
	- Reserved: 96 MiB
  * Ethernet: 5 x 10/100/1000 (4 x LAN, 1 x WAN) (AR8327)
  * Wireless:
	- 2.4 GHz b/g/n (internal)
	- 5 GHz a/n (AR9580)
  * USB: yes, 1 x USB 2.0
  * Buttons:
	- Reset
	- WiFi (rfkill)
	- WPS
  * LEDs:
	- Power (amber/green)
	- WAN (amber/green)
	- WLAN 2G (green)
	- WLAN 5G (blue)
	- 4 x LAN (amber/green)
	- USB (green)
	- WPS (amber/green)
  * UART: 4-pin connector JP1, 3.3V (Vcc, TX, RX, GND), 115200 8N1
  * Power supply: DC 12V 2.5A
  * MAC addresses: LAN=WLAN2G on case label, WAN +1, WLAN5G +2

Installation
============
  * TFTP recovery
  * TFTP via U-boot prompt
  * sysupgrade
  * Web interface

Note about partitioning: firmware partition offset (0x6c0000) is
hardcoded into vendor's u-boot, so this partition cannot be moved
and resized to include Netgear-specific flash areas (pot, language,
config, traffic_meter) not used by OpenWrt.

Test build configuration
========================
CONFIG_TARGET_ath79=y
CONFIG_TARGET_ath79_nand=y
CONFIG_TARGET_ath79_nand_DEVICE_netgear_wndr4300=y
CONFIG_ALL_KMODS=y
CONFIG_DEVEL=y
CONFIG_CCACHE=y
CONFIG_COLLECT_KERNEL_DEBUG=y
CONFIG_IMAGEOPT=y

Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
2019-11-02 19:29:30 +01:00
DENG Qingfang
2d00cf7515 libnl: update to 3.5.0
Update libnl to 3.5.0

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2019-11-01 21:19:40 +01:00
Vladimir Vid
b2fdfe0727 uboot-mvebu: add support for Macronix mx25u12835f flash
Some of A3700 boards use mx25u12835f, specifically uDPU and ESPRESSObin v7.

Signed-off-by: Vladimir Vid <vladimir.vid@sartura.hr>
2019-11-01 21:19:40 +01:00
Hauke Mehrtens
57ff06405e ustream-ssl: Update to latest git HEAD
465f8dc wolfssl: adjust to new API in v4.2.0
3b06c65 Update example certificate & key, fix typo
1c38fd8 wolfssl: enable CN validation
33308ee ustream-io-cyassl.c: fix client-mode connections
79d91aa Remove CyaSSL, WolfSSL < 3.10.4 support

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-11-01 21:19:40 +01:00
Hauke Mehrtens
ddab758997 lantiq: Allow PKG_ASLR_PIE for DSL and voice drivers
When ASLR_PIE was activated globally these drivers failed to build
because the user space LDFLAGS leaked into the kernel build process.
This was fixed in upstream Linux kernel commit ce99d0bf312d ("kbuild:
clear LDFLAGS in the top Makefile") which went into Linux 4.17. The
lantiq target is now on Linux 4.19 only and these exceptions are not
needed any more.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-11-01 21:19:40 +01:00
Michal Cieslakiewicz
f85d56bb03 ath79: add support for Netgear WNR2200
This patch adds ath79 support for Netgear WNR2200.
Router was previously supported by ar71xx target only (8 MiB variant).
Netgear WNR2200 has two flash versions - 8MiB sold in EU, US etc. and
16 MiB for Russia and China markets. Apart from flash size both variants
share the same hardware specification.

Specification
=============
  * Description: Netgear WNR2200
  * Loader: U-boot
  * SOC: Atheros AR7241 (360 MHz)
  * RAM: 64 MiB
  * Flash: 8 MiB or 16 MiB (SPI NOR)
	- U-boot binary: 256 KiB
	- U-boot environment: 64 KiB
	- Firmware: 7808 KiB or 16000 KiB
	- ART: 64 KiB
  * Ethernet: 4 x 10/100 LAN + 1 x 10/100 WAN
  * Wireless: 2.4 GHz b/g/n (Atheros AR9287)
  * USB: yes, 1 x USB 2.0
  * Buttons:
	- Reset
	- WiFi (rfkill)
	- WPS
  * LEDs:
	- Power (amber/green)
	- WAN (amber/green)
	- WLAN (blue)
	- 4 x LAN (amber/green)
	- WPS (green)
  * UART: 4-pin connector JP1, 3.3V (Vcc, TX, RX, GND), 115200 8N1
  * Power supply: DC 12V 1.5A
  * MAC addresses: LAN on case label, WAN +1, WLAN +2

Installation
============
  * TFTP recovery
  * TFTP via U-boot prompt
  * sysupgrade
  * Web interface

Test build configuration
========================
CONFIG_TARGET_ath79=y
CONFIG_TARGET_ath79_generic=y
CONFIG_TARGET_ath79_generic_DEVICE_netgear_wnr2200-8m=y
CONFIG_ALL_KMODS=y
CONFIG_DEVEL=y
CONFIG_CCACHE=y
CONFIG_COLLECT_KERNEL_DEBUG=y
CONFIG_IMAGEOPT=y
CONFIG_KERNEL_DEBUG_INFO=y
CONFIG_KERNEL_DEBUG_KERNEL=y

Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
2019-11-01 21:14:55 +01:00
Jo-Philipp Wich
c2675bb0ce rpcd: update to latest Git HEAD
d442d62 plugin: fix double free in finish callback
ee26d83 main: exec_self: make clang analyzer happy
90e40bd file: exec: properly free memory on error
9ecfada uci: free configs list memory on return
32fba36 exec: always call finish_cb to allow plugin to free up memory
ca3e2d5 plugin: do not free method name separately
02c6e1d exec: properly free memory on rpc_exec() error
cc50263 plugin: exec: properly free memory on parse error
bd0ed25 uci: reset uci_ptr flags when merging set operations
37aa919 plugin: fix leaking invoked method name for exec plugins

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-11-01 13:26:59 +01:00
Yousong Zhou
289d532ddd dropbear: rebuild libs on config change
Required as dependency on dropbear config headers is not tracked in
dropbear build system

Fixes FS#2275

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-11-01 06:59:51 +00:00
Yousong Zhou
4bf9bec361 kernel: mark kmod-usb-serial-wwan as hidden
The kconfig symbol is an invisible one since its introduction.  It is
not supposed to be enabled on its own.

Resolves FS#1821

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-10-30 12:43:17 +00:00
Yousong Zhou
f526e85426 base-files: hotplug-call: exit success when dir is absent
"block mount" invokes "hotplug-call mount".  It emits the following
error when mount is not present

	hotplug-call call failed

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-10-29 13:28:49 +00:00
David Bauer
641a93f0f2 ath10k-firmware: update wave 1 firmware to 10.2.4-1.0-00047
This fixes frequent crashes observed on a UniFi AC Mesh using OpenWrt
master and 19.07. 18.06 seems not affected from our testing.

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-27 17:56:23 +01:00
David Bauer
a3914783a3 ath10k-firmware: retrieve wave 1 firmware from kvalo
This commit changes the source of the Wave 1 ath10k-firmware
from linux-firmware to Kall Valos ath10k-firmware repository.

This is necessary as the firmware selected in linux-firmware produces
frequent crashes in some circumstances.

This patch can be removed as soon as linux-firmware carries
10.2.4-1.0-00047 firmware.

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-27 14:51:24 +01:00
Rosen Penev
cf8f9af0e0 util-linux: Disable utils requiring libpam
When the build system finds libpam, it enables building of these tools,
causing linker failures. Explicitly disable them as they are unused.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2019-10-27 14:25:30 +01:00
Jeff Kletsky
29b4f08405 ath79: uboot-envtools: Add GL-AR300M-Lite
Add the GL.iNet GL-AR300M-Lite to the list of supported boards.

Signed-off-by: Jeff Kletsky <git-commits@allycomm.com>
2019-10-24 23:06:41 +02:00
Yousong Zhou
49db2026e5 kernel: netfilter: reuse kconfig and files info from include dir
Less chance of missing out kconfig symbols at least

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-10-24 12:11:02 +00:00
Yousong Zhou
69b9f0161e toolchain: gcc: enable sanitizers for glibc toolchain
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-10-24 11:40:00 +00:00
David Bauer
7f187229a8 ipq40xx: add support for AVM FRITZ!Repeater 1200
Hardware
--------
SoC:   Qualcomm IPQ4019
RAM:   256M DDR3
FLASH: 128M NAND
WiFi:  2T2R IPQ4019 bgn
       2T2R IPQ4019 a/n/ac
ETH:   Atheros AR8033 RGMII PHY
BTN:   1x Connect (WPS)
LED:   Power (green/red/yellow)

Installation
------------

1. Grab the uboot for the Device from the 'u-boot-fritz1200'
   subdirectory. Place it in the same directory as the 'eva_ramboot.py'
   script. It is located in the 'scripts/flashing' subdirectory of the
   OpenWRT tree.

2. Assign yourself the IP address 192.168.178.10/24. Connect your
   Computer to one of the boxes LAN ports.

3. Connect Power to the Box. As soon as the LAN port of your computer
   shows link, load the U-Boot to the box using following command.

   > ./eva_ramboot.py --offset 0x85000000 192.168.178.1 uboot-fritz1200.bin

4. The U-Boot will now start. Now assign yourself the IP address
   192.168.1.70/24. Copy the OpenWRT initramfs (!) image to a TFTP
   server root directory and rename it to 'FRITZ1200.bin'.

5. The Box will now boot OpenWRT from RAM. This can take up to two
   minutes.

6. Copy the U-Boot and the OpenWRT sysupgrade (!) image to the Box using
   scp. SSH into the Box and first write the Bootloader to both previous
   kernel partitions.

   > mtd write /path/to/uboot-fritz1200.bin uboot0
   > mtd write /path/to/uboot-fritz1200.bin uboot1

7. Remove the AVM filesystem partitions to make room for our kernel +
   rootfs + overlayfs.

   > ubirmvol /dev/ubi0 --name=avm_filesys_0
   > ubirmvol /dev/ubi0 --name=avm_filesys_1

8. Flash OpenWRT peristently using sysupgrade.

   > sysupgrade -n /path/to/openwrt-sysupgrade.bin

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-23 01:17:28 +02:00
David Bauer
c0f4078164 ipq-wifi: add AVM FRITZ!Repeater 1200 bdf
Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-23 01:17:28 +02:00
David Bauer
36f43b61a7 uboot-fritz4040: update to latest HEAD
f92be9d add support for AVM FRITZ!Repeater 1200
d651302 enable support for Atheros AR8033 PHY
e4c857c add machtype override hack

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-23 01:17:28 +02:00
Hans Dedecker
bf4ffa3cbe procd: update to latest git HEAD
258aa04 procd: Add cached and available to memory table

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-10-22 21:47:34 +02:00
David Bauer
2dd1755fe4 mac80211: fix build of rtw88
This commit fixes failing builds because of an incorrect configuration
for the kmod-rtw88 package.

RTW88_8822BE as well as RTW88_8822CE have to bes selected as "y" even
when building the driver as a module.

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-22 15:16:41 +02:00
Roman Yeryomin
940844e077 base-files: uci-defaults: do config flush in one shot
Moving a file between tmpfs and other fs is neither
faster nor safer, thus no point in doing it in two steps.
Use new jshn option to write output directly to file.

Originally discussed here:
http://lists.openwrt.org/pipermail/openwrt-devel/2017-December/010127.html

Signed-off-by: Roman Yeryomin <roman@advem.lv>
2019-10-22 11:39:28 +02:00
Roman Yeryomin
c0e7ec91a0 libubox: update to latest git HEAD
eb30a03 libubox, jshn: add option to write output to a file

Signed-off-by: Roman Yeryomin <roman@advem.lv>
2019-10-22 11:38:40 +02:00
David Bauer
7a577e9a59 firmware: add Realtek RTL8822BE/RTL8822CE firmware
This commit adds packages for the Realtek RTl8822BE/RTL8822CE firmware
to be used with the rtw88 driver.

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-22 09:16:24 +02:00
David Bauer
bb84bbe8fc mac80211: add rtw88 driver
This commits adds packaging for the new RTW88 driver from Realtek.
It supports the Realtek 8822BE/8822CE PCIe wireless chips.

For operation, the complementary firmware has to be loaded.

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-22 09:16:24 +02:00
Petr Štetiar
ed67b137c7 urngd: update to latest Git head
* 40f939d57c67 Tag version 1.0.1
 * 9e758e6e6aec jitterentropy-rngd: update to version v1.1.0 + clang compile fix
 * 193586a25adc Fix wrong types in format strings used in debug build
 * d474977bb611 Add initial GitLab CI support

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-10-21 22:04:20 +02:00
John Crispin
f4aaee01fa Revert "build: separate signing logic"
This reverts commit 4a45e69d19.

This broke the buildbots

Signed-off-by: John Crispin <john@phrozen.org>
2019-10-21 16:26:24 +02:00
Paul Spooren
4a45e69d19 build: separate signing logic
This separates the options for signature creation and verification

* SIGNED_PACKAGES create Packages.sig
* SIGNED_IMAGES add ucert signature to created images
* CHECK_SIGNATURE add verification capabilities to images
* INSTALL_LOCAL_KEY add local key-build to /etc/opkg/keys

Right now the buildbot.git contains some hacks to create images that
have signature verification capabilities while not storing private keys
on buildbot slaves. This commit allows to disable these steps for the
buildbots and only perform signing on the master.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2019-10-21 14:06:42 +02:00
Tim Harvey
f4f483f3ff uboot-envtools: remove erasesize from MMC config
Erasesize doesn't belong in the u-boot env config for block devices as it is
known to be 512 byte aligned.

Signed-off-by: Tim Harvey <tharvey@gateworks.com>
2019-10-21 12:28:03 +02:00
Yousong Zhou
e8f79474c9 libpcap: build with cmake
The main motivation is to drop and stop maintaining
"100-debian_shared_lib.patch".  It lacks the logic to include custom
implementation of several functions like pcap_strlcpy() which can cause
build failures when glibc is used [2]

CAN and CAN-USB support related symbols are now handled by general linux
support, see [1]

"-ffunction-sections -fdata-sections" were removed as they should help
much for shared libraries

Size comparison before and after the change

  -rw-r--r-- 1 yunion yunion 238042 Oct 18 11:42 ipkg-x86_64/libpcap/usr/lib/libpcap.so.1

  lrwxrwxrwx 1 yunion yunion     16 Oct 18 13:03 ipkg-x86_64/libpcap/usr/lib/libpcap.so.1 -> libpcap.so.1.9.1
  -rwxr-xr-x 1 yunion yunion 229867 Oct 18 13:03 ipkg-x86_64/libpcap/usr/lib/libpcap.so.1.9.1

[1] On Linux, handle all CAN captures with pcap-linux.c, in cooked mode,
    93ca5ff703
[2] https://github.com/openwrt/packages/issues/10270

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2019-10-21 01:37:43 +00:00
Eneas U de Queiroz
cebf024c4d openssl: Add engine configuration to openssl.cnf
This adds engine configuration sections to openssl.cnf, with a commented
list of engines.  To enable an engine, all you have to do is uncomment
the engine line.

It also adds some useful comments to the devcrypto engine configuration
section.  Other engines currently don't have configuration commands.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2019-10-20 13:01:43 +02:00
Josef Schlehofer
9ba5cd86b8 strace: update to version 5.3
Makefile changes:
- moves PKG_MAINTAINER above PKG_LICENSE
- Change PKG_LICENSE to LGPL-2.1-or-later and correct PKG_LICENSE_FILES
- changes URL to a more appropriate one, which uses HTTPS
- adds 2 spaces as an indentation in description

Compile and run tested on Turris Omnia, mvebu

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2019-10-20 12:33:40 +02:00
leo chung
56ab58fb6c bzip2: add linker option LDFLAGS
if gcc not linker whith this LDFLAGS, "file libbz2.so.1.0.8" will
recognize as pie executable ELF file ( which should be shared object).

this because the file command version before 5.36 not recognize
correctly.

Signed-off-by: leo chung <gewalalb@gmail.com>
2019-10-19 12:49:11 +02:00
Mathew McBride
97bcbc690c kernel: add package for Epson RX-8025 and compatible I2C RTC
RX-8025 is an I2C RTC from Epson, some newer products such as the
RX-8035 are also compatible.

Signed-off-by: Mathew McBride <matt@traverse.com.au>
2019-10-19 12:49:11 +02:00
Hauke Mehrtens
e6cadb215c mac80211: Update to version 5.4-rc2
This updates mac80211 to backports based on kernel 5.4-rc2

ath10k-ct was updated to match the API changes and iw now uses the new
nl80211.h header file.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-10-19 12:35:55 +02:00
Hauke Mehrtens
67dc023f87 mac80211: Update to version 5.3.6
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-10-19 12:35:55 +02:00
Florian Eckert
c7c14aaad3 wwan: Double quote to prevent globbing and word splitting
Fix some shellcheck warnings.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
[bump PKG_RELEASE]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-10-18 19:48:41 +02:00
Florian Eckert
a78a539afd wwan: add ec25 to database
Add ec25 to database.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
[bump PKG_RELEASE]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-10-18 19:48:21 +02:00
Florian Eckert
68b1b0bb39 wwan: add mc7304 to database
Add mc7304 to database.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
[bump PKG_RELEASE]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-10-18 19:47:58 +02:00
Florian Eckert
c45c7606cc wwan: check new uci bus option on proto setup event
If system has more then one and different wwan interface (modem). Then the
wwan protohandler will always take the modem which is discovered first.
The protohandler will always setup the same interface. To fix this add a
new usb "bus" option which is associated with wwan device and so will set
the specified interface up. With this change more then one interface
could be mananged by the wwan protohandler.

If the "bus" option is not set in the uci network config then the protohandler
behaves as before the change. The protohanldler will take the first
interface which he founds.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2019-10-18 19:46:21 +02:00
Alin Nastac
ddf6ec29b4 procd: allow usage of * as procd_running() instance parameter
service_running() implementation in /etc/rc.common use it.
It is preferable to use wildcard than assuming the instance
name is the default one.

jsonfilter returns all matches when wildcards are used, hence
the -l 1 argument used to limit output to only one value.

Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
2019-10-18 19:28:11 +02:00
Lucian Cristian
91aabae895 util-linux: add more command
at least vtysh needs it for proper listing, busybox is not modular so add it here

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
2019-10-18 19:28:11 +02:00
Sean Kenny
9105057cc0 6in4: add rfc1918 check function
This is a precursor to adding proper support for multiple
6in4 tunnels with the already programmed tunlink parameter.
This is an essential sanity check so as to not break existing
and working behind NAT setups.

Signed-off-by: Sean Kenny <skenny@wfap.ca>

6in4: add myip he.net api parameter logic

This is to add proper support for multiple 6in4 tunnels
with the already programmed tunlink parameter.
As it stands before this commit, if there is a multi wan setup that
consists of dynamic ips, there is no way to use the
dynamic update feature as the he.net api is implicitly using
the ip address of the caller. This will explicitly use the
ipaddr specified in the interface config OR the ip of the
tunlink interface specified in the dynamic update api call instead
ONLY if the final resolved ipaddr variable is not an rfc1918 address.

Signed-off-by: Sean Kenny <skenny@wfap.ca>
2019-10-18 19:23:07 +02:00
Alin Nastac
d3b0459c93 lua: install luac symlink on host
Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
2019-10-18 19:23:07 +02:00
Christian Franke
d544bc84a0 lantiq: Fix fw_cutter LzmaWrapper
The destination buffer size `d_len` is passed to `lzma_inflate` as a
pointer. Therefore, it needs to be dereferenced to compare its content.

Signed-off-by: Christian Franke <nobody@nowhere.ws>
2019-10-18 13:39:34 +02:00
Bjørn Mork
07b5c59232 kernel: fix MBIM description
Signed-off-by: Bjørn Mork <bjorn@mork.no>
2019-10-17 21:40:22 +02:00
Jo-Philipp Wich
889b841048 fwtool: do not omit final 16 byte when image does not contain signature
The fwutil command will interpret the final 16 byte of a given firmware
image files as "struct fwimage_trailer".

In case these bytes do look like a valid trailer, we must ensure that we
print them out along with the remainder of the image to not accidentally
truncate non-trailer-images by 16 bytes when they're piped through fwtool,
e.g. as part of an image verification command sequence.

Some command sequences pipe images through fwtool in order to strip any
possible metadata, certificate or signature trailers and do not expect
bare images without any of that metadata to get truncated as other non-
fwtool specific metadata is expected at the end of the file, e.g. an
information block with an md5sum in case of the combined image format.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-10-17 17:07:12 +02:00
Kevin Darbyshire-Bryant
9d5e266cb1 wireguard: bump to latest snapshot 20191012
8eb8443 version: bump snapshot
be09cf5 wg-quick: android: use Binder for setting DNS on Android 10
4716f85 noise: recompare stamps after taking write lock
54db197 netlink: allow preventing creation of new peers when updating
f1b87d1 netns: add test for failing 5.3 FIB changes
a3539c4 qemu: bump default version

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-10-16 16:13:39 +01:00
Jo-Philipp Wich
bc61458b73 iwinfo: update to latest Git HEAD
07315b6 nl80211: handle hidden SSIDs in wpa_supplicant scan results
3ac846e lua: fix string description of mixed WPA3 modes

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-10-16 16:48:40 +02:00
Florian Eckert
a5ec41b0e5 mac80211: add new acs_exclude_dfs option
The channel can be selected automatically at run time by setting
channel=acs_survey or channel=0, both of which will enable the ACS survey
based algorithm in hostapd. If the option acs_exclude_dfs is set in the
hostpad config DFS channels from ACS are excluded on channel selection.

This commit will add the possibilty to exclude the dfs channel on ACS
survey.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2019-10-15 23:27:47 +02:00
Martin Schiller
71e04091a9 lantiq: fix dsl_control status handling.
Commit 7519a36774 ("base-files,procd: add generic service status")
introduced the generic 'status' command which broke the previous
dsl_control status output. To fix this, let's rename the "old" command
to "dslstat".

Fixes: 7519a36774 ("base-files,procd: add generic service status")
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2019-10-15 23:23:08 +02:00
Daniel Engberg
f351beedfd libevent2: Update to 2.1.11
Update libevent to 2.1.11
Use CMake instead GNU Autotools
Backport following commits:
f05ba67193
..and partially
7201062f3e
to fix compilation

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2019-10-15 22:35:14 +02:00
Rosen Penev
4533ba6810 lua: fix linking under glibc
Compilation of liblua itself works, but when other packages link against
it, the linker starts throwing undefined references to a bunch of math
functions in libm.

First discovered in a failed attempt to transition a package to uClibc++.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
[fix commit title capitalization]
Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-15 18:13:54 +02:00
Adrian Schmutzler
48b5d08a48 treewide: use a single ath10k MAC patching function with checksum
While all ath10k eeproms have a checksum field, so far two
functions for patching ath10k MAC address have been present (and
been used).

This merges code to provide a single function ath10k_patch_mac
in caldata.sh, having its name in accordance with ath9k functions.
By doing so, correct MAC patching for current and future ath10k
devices should be ensured.

This patch adds checksum adjustments for several targets on
ath79 and lantiq.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-10-15 18:13:54 +02:00
Koen Vandeputte
089b4f16aa gdb: bump to 8.3.1
GDB 8.3.1 brings the following fixes and enhancements over GDB 8.3:

PR c++/20020 (GDB segfault on printing objects)
PR gdb/24454 (nat/x86-linux-dregs.c failed assertion)
PR breakpoints/24541 (Incorrect evaluation of systemtap probes due to register being signed and probe expression assuming unsigned)
PR symtab/24545 (Symbol loading performance regression with cc1)
PR gdb/24592 (amd64->i386 linux syscall restart problem)
PR gdb/25009 (terminate called after throwing an instance of 'srchilite::ParserException')
PR gdb/25010 (Calls to error () can cause SIGTTOU to send gdb to the background)
PR breakpoints/25011 (Breakpoints on file reloads broken for PIE binaries)

This corrective release also brings the following testsuite fixes and
enhancements:

PR testsuite/25005 (gdb-caching-proc.exp takes a lot of time on skip_opencl_tests)
PR testsuite/25016 (Test-case failures for -pie)

GDB 8.3 includes the following changes and enhancements:

* Support for new native configurations (also available as a target configuration):
     - RISC-V GNU/Linux (riscv*-*-linux*)
     - RISC-V FreeBSD (riscv*-*-freebsd*)

* Support for new target configurations:
     - CSKY ELF (csky*-*-elf)
     - CSKY GNU/Linux (csky*-*-linux)
     - NXP S12Z ELF (s12z-*-elf)
     - OpenRISC GNU/Linux (or1k*-*-linux*)

* Native Windows debugging is only supported on Windows XP or later.

* The Python API in GDB now requires Python 2.6 or later.

* GDB now supports terminal styling for the CLI and TUI.
  Source highlighting is also supported by building GDB with GNU
  Highlight.

* Experimental support for compilation and injection of C++ source
  code into the inferior (requires GCC 7.1 or higher, built with
  libcp1.so).

* GDB and GDBserver now support IPv6 connections.

* Target description support on RISC-V targets.

* Various enhancements to several commands:
     - "frame", "select-frame" and "info frame" commands
     - "info functions", "info types", "info variables"
     - "info thread"
     - "info proc"
     - System call alias catchpoint support on FreeBSD
     - "target remote" support for Unix Domain sockets.

* Support for displaying all files opened by a process

* DWARF index cache: GDB can now automatically save indices of DWARF
  symbols on disk to speed up further loading of the same binaries.

* Various GDB/MI enhancements.

* GDBserver on PowerPC GNU/Linux now supports access to the PPR,
  DSCR, TAR, EBB/PMU, and HTM registers.

* Ada task switching support when debugging programs built with
  the Ravenscar profile added to aarch64-elf.

* GDB in batch mode now exits with status 1 if the last executed
  command failed.

* Support for building GDB with GCC's Undefined Behavior Sanitizer.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-15 16:11:28 +02:00
Jo-Philipp Wich
57b834281b iwinfo: update to latest Git HEAD
a29b7d4 nl80211: align path to phy mapping logic with mac80211.sh

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-10-15 15:52:01 +02:00
Hans Dedecker
34c4741da0 odhcpd: update to latest git HEAD
9a4531a ndp: fix endian issue

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-10-14 21:35:09 +02:00
Adrian Schmutzler
2c60de0e3f treewide: move MAC address patch functions to common library
This unifies MAC address patch functions and moves them to a
common script. While those were implemented differently for
different targets, they all seem to do the same. The number of
different variants is significantly reduced by this patch.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-10-14 12:36:02 +02:00
Adrian Schmutzler
5b6a809092 treewide: move calibration data extraction function to library
This moves the almost identical calibration data extraction
functions present multiple times in several targets to a single
library file /lib/functions/caldata.sh.

Functions are renamed with more generic names to merge different
variants that only differ in their names.

Most of the targets used find_mtd_chardev, while some used
find_mtd_part inside the extraction code. To merge them, the more
abundant version with find_mtd_chardev is used in the common code.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
[rebase on latest master; add mpc85xx]
Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-13 21:48:58 +02:00
Adrian Schmutzler
c1388a2deb base-files: move xor() from caldata extraction to functions.sh
The xor() function is defined in each of the caldata extraction
scripts for several targets. Move it to functions.sh to reduce
duplicate code.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-10-13 19:03:57 +02:00
Stijn Tintel
4b9a07336a kernel: add kmod-iio-bme680
This driver supports the Bosch Sensortec BME680 gas, humidity, pressure
and temperature sensor.

Tested I2C and SPI modes on a Raspberry Pi Zero W.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2019-10-13 13:08:04 +03:00
Ali MJ Al-Nasrawy
10f5eb0398 trelay: log "started" and "stopped"
It is informative especially when using multiple device pairs.

Signed-off-by: Ali MJ Al-Nasrawy <alimjalnasrawy@gmail.com>
2019-10-12 23:51:29 +02:00
Ali MJ Al-Nasrawy
c2635b871d trelay: fix deadlock on remove
Upon writing to "remove" file, debugfs_remove_recursive() blocks while
holding rtnl_lock. This is because debugfs' file_ops callbacks are
executed in debugfs_use_file_*() context which prevents file removal.

Fix this by only flagging the device for removal and then do the cleanup
in file_ops.release callback which is executed out of that context.

Signed-off-by: Ali MJ Al-Nasrawy <alimjalnasrawy@gmail.com>
2019-10-12 23:51:29 +02:00
Ali MJ Al-Nasrawy
77cfc0739d trelay: handle netdevice events correctly
Since v3.11, netdevice notification data are of type
"struct netdev_notifier_info". Handle it as such!

This should fix a critical bug in which devices are unable get released
because trelay does not release resources in response to UNREGISTER
event spamming the log with something like:

unregister_netdevice: waiting for eth0.1 to become free. Usage count = 1

Signed-off-by: Ali MJ Al-Nasrawy <alimjalnasrawy@gmail.com>
2019-10-12 23:51:29 +02:00
Ruixi Zhou
b30e481b6c kernel: NFSD: add dependency kmod-crypto-arc4 for kmod-fs-nfs-common-rpcsec
crypto-arc4 move into a module with commit c3a78955f3,
fs-nfs-common-rpcsec compile error without arc4 support.

Ref: https://github.com/openwrt/packages/issues/9912

Fixes: c3a78955f3 ("kernel: move crypto-arc4 into a module")
Signed-off-by: Ruixi Zhou <zhouruixi@gmail.com>
2019-10-12 23:51:08 +02:00
Val Kulkov
b10a453367 base-files: coreutil-date breaks setting kernel timezone
"coreutil-date" package from the packages feed replaces the Busybox date
applet by symlinking /usr/bin/gnu-date to /bin/date. This prevents the system
init script from setting kernel timezone because the GNU date utility does not
provide such functionality:

   root@OpenWrt:~# date -k
   date: invalid option -- 'k'
   Try 'date --help' for more information.

A specific reference to the Busybox date applet prevents alternative date
utilities from breaking the system init script.

Signed-off-by: Val Kulkov <val.kulkov@gmail.com>
2019-10-12 23:43:08 +02:00
Eneas U de Queiroz
ee5a3f6d60 hostapd: adjust to removal of WOLFSSL_HAS_AES_GCM
WolfSSL is always built with AES-GCM support now.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2019-10-12 23:43:08 +02:00
Rosen Penev
6ab386c9bc uClibc++: Fix three bugs
The first allows usage of several functions in the std namespace, which
broke compilation of gddrescue specifically with uClibc-ng and uClibc++.

The second allows usage of long long with normal C++11, which is part of
the standard. Before, std=gnu++11 needed to be passsed to work around it.

As a result of the second patch, the pedantic patch can safely be removed.

Both patches are upstream backports.

Added -std=c++11 to CFLAGS to guarentee proper inclusion of long long.

Added another patch that fixes a typo with the long long support. Sent to
upstream.

Fixed up license information according to SPDX.

Small cleanups for consistency.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2019-10-12 23:43:08 +02:00
Sungbo Eo
9f73fad359 kernel: fix typos in video KernelPackage description
Fixes: 4b3d17b709 ("kernel: add kmod-fb-sys-ram")
Fixes: b774acb479 ("package/modules: add missing gspca video drivers for 2.6.32 (patch from #6595)")

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2019-10-12 23:37:00 +02:00
Sungbo Eo
60acddc960 uboot-oxnas: remove unnecessary execute permission bit
.c files do not need to be executable. 644 is enough.

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2019-10-12 23:37:00 +02:00
DENG Qingfang
394273c066 tcpdump: update to 4.9.3
Fixed CVEs:
	CVE-2017-16808
	CVE-2018-10103
	CVE-2018-10105
	CVE-2018-14461
	CVE-2018-14462
	CVE-2018-14463
	CVE-2018-14464
	CVE-2018-14465
	CVE-2018-14466
	CVE-2018-14467
	CVE-2018-14468
	CVE-2018-14469
	CVE-2018-14470
	CVE-2018-14879
	CVE-2018-14880
	CVE-2018-14881
	CVE-2018-14882
	CVE-2018-16227
	CVE-2018-16228
	CVE-2018-16229
	CVE-2018-16230
	CVE-2018-16300
	CVE-2018-16301
	CVE-2018-16451
	CVE-2018-16452
	CVE-2019-15166
	CVE-2019-15167

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2019-10-12 23:37:00 +02:00
DENG Qingfang
44f11353de libpcap: update to 1.9.1
Fixed CVEs:
	CVE-2018-16301
	CVE-2019-15161
	CVE-2019-15162
	CVE-2019-15163
	CVE-2019-15164
	CVE-2019-15165

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2019-10-12 23:37:00 +02:00
Hauke Mehrtens
9caa86fba5 kernel: kmod-rtc-pcf2127: Fix dependencies
Add missing dependencies to i2c-core and regmap-spi. These get activated
when these modules are build in this driver, which is the case when we
build all modules. This fixes the build on some targets. This was found
by the buildbot.

Fixes: 34e2526f9f ("kernel: add kmod-rtc-pcf2127")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-10-12 22:36:23 +02:00
Petr Štetiar
36c6f4a011 libnl-tiny: fix package mirror hash
Current hash doesn't match with the content of the source tarball.

Fixes: a92f74ba8d ("libnl-tiny: move source code into separate Git repository")
Reported-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-10-11 22:48:06 +02:00
Felix Fietkau
7a8bcf36c7 mt76: update to the latest version
71c2ef0420b5 mt76: fix aggregation stop issue
5b02a078d4a7 mt76: add missing locking around ampdu action
7d8764d320cf mt76: avoid enabling interrupt if NAPI poll is still pending
d94cc81d3980 mt76: drop rcu read lock in mt76_rx_aggr_stop
c11a4ad06d9d mt76: mt76x0: eeprom: add support for MAC address from OF
01642d8bed33 mt76: mt76x02: fix use-after-free in tx status code handling airtime
391e1488f885 mt76: add sanity check for a-mpdu rx wcid index
d3a589586d1b mt76: fix a-mpdu boundary detection issue for airtime reporting

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-10-10 23:10:01 +02:00
Hans Dedecker
f8b58757d0 ppp: update to version 2.4.7.git-2019-10-04
0d004db Revert "pppd: Include time.h before using time_t"
e400854 pppdump: Eliminate printf format warning by using %zd
7f2f0de pppd: Refactor setjmp/longjmp with pipe pair in event wait loop
4e71317 make: Avoid using host include for cross-compiling
3202f89 pppoe: Remove the use of cdefs
d8e8d7a pppd: Remove unused rcsid variables
486f854 pppd: Fix GLIBC version test for non-glibc toolchains
b6cd558 pppd: Include time.h before using time_t
ef8ec11 radius: Fix compiler warning
f6330ec magic: Remove K&R style of arguments
347904e Add Submitting-patches.md

Remove patches 130-no_cdefs_h.patch, 131-missing_prototype_macro.patch,
132-fix_linux_includes.patch as fixed upstream
Refresh patches

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-10-10 22:37:10 +02:00
Stefan Lippers-Hollmann
f690b6f472 mac80211: fix scan when operating on DFS channels in ETSI domains
In non-ETSI regulatory domains scan is blocked when operating channel
is a DFS channel. For ETSI, however, once DFS channel is marked as
available after the CAC, this channel will remain available (for some
time) even after leaving this channel.

Therefore a scan can be done without any impact on the availability
of the DFS channel as no new CAC is required after the scan.

Enable scan in mac80211 in these cases.

Signed-off-by: Aaron Komisar <aaron.komisar@tandemg.com>
Link: https://lore.kernel.org/r/1570024728-17284-1-git-send-email-aaron.komisar@tandemg.com
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
2019-10-09 21:00:02 +02:00
Klaus Kudielka
3a4f587c46 base-files: upgrade: add case to export_bootdevice
The factory uboot of the Turris Omnia boots with "root=b301", and we
instruct new users to sysupgrade from there (e.g. method 1, step 7).
Currently, this will fail with "Unable to determine upgrade device".
Add a new case to export_bootdevice, which parses the hex argument.

Fixes commit 2e5a0b81 ("mvebu: sysupgrade: sdcard: keep user added ...")

Signed-off-by: Klaus Kudielka <klaus.kudielka@gmail.com>
2019-10-09 21:00:02 +02:00
Paul Spooren
a9e4e595e1 openssl: add gcc-8 -ffile-prefix-map filter
gcc-8 switch -ffile-prefix-map helps a lot with reproducible build paths
in the resulting binaries.

Ref: https://reproducible-builds.org/docs/build-path/
Signed-off-by: Paul Spooren <mail@aparcar.org>
[refactored into separate commit]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-10-09 09:13:44 +02:00
Petr Štetiar
a92f74ba8d libnl-tiny: move source code into separate Git repository
In order to make the source code usable and testable separately out of
buildroot.

Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Jo-Philipp Wich <jo@mein.io>
Acked-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-10-09 09:13:44 +02:00
Felix Fietkau
9c033242b1 mac80211: add an improved moving average algorithm to minstrel
Improves rate control responsiveness and performance

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-10-08 19:34:45 +02:00
David Bauer
97c37f8dd0 mac80211: ath10k: fix latency issue for QCA988x
This backport fixes high latency (>100ms) on the WiFi link when using a
QCA988x Wave 1 radio. The ath10k-ct driver is not affected by this bug
from my testing, hence why it hasn't been discovered earlier.

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-10-06 21:28:49 +02:00
Robert Marko
34e2526f9f kernel: add kmod-rtc-pcf2127
Add kernel module to support NXP PCF2127 and PCF2129 RTC clocks.

Signed-off-by: Robert Marko <robimarko@gmail.com>
2019-10-06 21:26:11 +02:00
Hans Dedecker
27bf8abe69 firewall: update to latest git HEAD
daed0cf utils: fix resource leak

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-10-04 20:42:26 +02:00
Hans Dedecker
1ed5c1b146 odhcpd: update to latest git HEAD
e76ad06 netlink: fix potential infinite loops

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-10-04 20:42:17 +02:00
Hauke Mehrtens
9a4fb78e7c iw: Update to version 5.3
Wifi HE (ieee80211ax) parsing is currently only activated in the full
version because it increases the compressed size by 2.5KBytes.

This also activates link time optimization (LTO) again, the problem was
fixed upstream

This increases the uncompressed binary size of iw-tiny by about 1.7%

old:
34446 iw_5.0.1-1_mipsel_24kc.ipk
new:
35064 iw_5.3-1_mipsel_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-10-03 17:59:19 +02:00