Commit Graph

47448 Commits

Author SHA1 Message Date
Koen Vandeputte
e31d158c4d kernel: bump 4.14 to 4.14.176
Refreshed all patches.

Remove upstreamed:
- 0001-net-thunderx-workaround-BGX-TX-Underflow-issue.patch
- 600-ipv6-addrconf-call-ipv6_mc_up-for-non-Ethernet-inter.patch
- 184-USB-serial-option-add-Wistron-Neweb-D19Q1.patch

Fixes:
- CVE-2020-8648 (potentially)
- CVE-2020-8647
- CVE-2020-8649

Compile-tested on: cns3xxx, octeontx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-04-16 13:23:11 +02:00
Hannu Nyman
a7423fef32 ath79: improve status LED definitions for GL-AR750
Improve the status LED functionality in GL-AR750
by adding the definitions for different statuses
(boot, failsafe, running, flashing).

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2020-04-16 00:02:03 +02:00
Adrian Schmutzler
508462a399 ath79: add SUPPORTED_DEVICES for TP-Link TL-WA901ND v2
This adds the board name from ar71xx to support upgrade without
-F for the TP-Link TL-WA901ND v2.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-04-15 12:47:43 +02:00
Chuanhong Guo
ad19751edc ramips: mt7621: enable lzma-loader for some devices
ubnt er-x/xiaomi/netgear sercomm devices are known to have troble
extracting a big kernel from flash and has support for uncompressed
uimage
This commit uses uncompressed uimage with lzma-loader for these devices
to fix boot issue.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2020-04-15 10:14:19 +08:00
Paul Spooren
f814121600 x86: append metadata to combined images
Now that the x86 target uses the new image generation code we can also
attach metadata to the created images.

As currently the `SUPPORTED_DEVICES` list is empty, no JSON metadata is
attached, however the signing happens in the same step.

This results in signature verification for x86 images.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2020-04-14 23:38:08 +01:00
Paul Spooren
c737a9ee6a scripts/download: add sources CDN as first mirror
OpenWrt now has a CDN for sources at sources.cdn.openwrt.org which
mirrors sources.openwrt.org.

Downloading sources outside Europe or US (mainland) could
result in low throughput, extremely slowing down the first compilation of
the build system.

This patch adds sources.cdn.openwrt.org as the first mirror to offer
worldwide fast download speeds by default. If the CDN goes down for
whatever reason, the script jumps to the next available mirror and
downloads requested files as before (in regional varying speed).

Signed-off-by: Paul Spooren <mail@aparcar.org>
Acked-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2020-04-14 23:16:55 +01:00
Paul Spooren
14cbd8fb2d scripts: JSON merge don't crash if no JSON found
The JSON `WORK_DIR` ($(KDIR)/json_info_files) is only created if the new
image generation methods from `image.mk` are used. However some targets
like `armvirt` do not use it yet, so the folder is never created.

The `json_overview_image_info.py` script used to raise an error if the
given `WORK_DIR` isn't a folder, however it should just notify about
missing JSON files.

This patch removes the Python assert and exists with code 0 even if no
JSON files were found, as this is not necessarily an error but simply
not yet implemented. Using `glob` on an not existing `Path` results in
an empty list, therefore the for loop won't run.

Signed-off-by: Paul Spooren <mail@aparcar.org>
CC: Petr Štetiar <ynezz@true.cz>
2020-04-14 23:16:55 +01:00
Petr Štetiar
0bea89a1d0 kernel: bump 5.4 to 5.4.32
Refreshed patches, removed upstreamed patches:

 generic: 746-stable-net-dsa-mt7530-fix-null-pointer-dereferencing-in-por.patch

Run tested: qemu-x86-64, apalis
Build tested: x86/64, imx6, sunxi/a53

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-04-14 21:58:16 +02:00
Ansuel Smith
9abf01246e ipq806x: add patch to fix broken buttons
From kernel 4.20 msm-gpio driver is broken and cause the
malfunction of the buttons on every ipq806x target.
Add a patch to fix this.

Tested-by: Hannu Nyman <hannu.nyman@iki.fi>
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
2020-04-14 21:58:16 +02:00
Daniel Golle
7c2e0fa586 procd: jail fixes and improvements
32c717e jail: only mess with rootfs if CLONE_NEWNS was set
 b275a62 instance: harmonize instance API
 511fd97 jail: make /proc more secure
 4953b7c jail: mount /sys read-only
 a4d6442 jail: replace /etc/resolv.conf with symlink in extroot+overlay
 a4cc165 jail: always mount /dev as additional tmpfs

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-04-14 16:16:06 +01:00
Daniel Golle
e23de62845 netifd: clean up netns functionality
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-04-14 13:53:11 +01:00
Adrian Schmutzler
d0cb6e995b ath79: further fixes for ZyXEL NBG6716
This applies further fixes to the DTS of ZyXEL NBG6716 based on
what is found in ar71xx (mach-nbg6716.c):

- use WiFi label names as in ar71xx
- fix WPS gpio number
- fix GPIO_ACTIVE_HIGH and mode for WiFi switch
- add codes for USB eject buttons
- fix node name for "internet" LED

This device has separate LEDs for WAN and "Internet". As the WAN-LED
(and the four LAN-LEDs) are driven independent of the setup in
DT/01_leds, the "internet" LED is left unassigned (in contrast to
ar71xx, where it was set up effectively as a second WAN LED)

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-04-14 12:03:57 +02:00
Kevin Darbyshire-Bryant
9fd36f54f5 Revert "kmod-sched: add act_police"
This reverts commit 1b973b54ea.

It turns out act_police is included in the kmod-sched package so this
package turns out to be superfluous and causes file provision conflicts.

Ooooops!  Best revert it then.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2020-04-14 08:48:33 +01:00
Chuanhong Guo
75f19deb3a ramips: define image recipe for uncompressed uimage with loader
Some devices have bootloaders with broken lzma code resulting in failed
decompression or corrupted kernel code.
This image recipe allows to sacrifice 5KB for OpenWrt LZMA loader and
take over the task of decompress kernel.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2020-04-14 12:01:50 +08:00
Chuanhong Guo
d9e9a0e6b1 ramips: define lzma loader platform in target
Loader platform is a per-soc variable instead of a per-device one.
Determine corresponding loader platform at the beginning of image
Makefile.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2020-04-14 11:17:47 +08:00
Chuanhong Guo
111029bea7 ramips: add missing DEVICE_VARS for lzma-loader
LOADER_TYPE is a per-device variable which should be included in
DEVICE_VARS.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2020-04-14 11:14:15 +08:00
Luiz Angelo Daros de Luca
1b2c4af039 ath79: enable m25p,fast-read for tplink,tl-wr1043-v1
Enables spi-mem interface for 3x faster flash read.

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2020-04-14 10:47:23 +08:00
Luiz Angelo Daros de Luca
e430dfdd69 ath79: enable m25p,fast-read for tplink,tl-wr2543-v1
Enables spi-mem interface usage. It speeds up flash read
in about 3x while it also workaround a possible hardware
bug when normal spi read is used.

Fixes: FS#2742

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2020-04-14 10:47:23 +08:00
Luiz Angelo Daros de Luca
b3f9842330 ath79: add read support using spi-mem
Reimplements read optimization on top of spi-mem. Similar to
what 461-spi-ath79-add-fast-flash-read.patch used to do with
the dropped flash read interface.

It accelerate only fast-read op reading flash directly from
memory mapped region. 'm25p,fast-read' must be set in order
to use the new spi-mem.

It improved read speed up to 3x on old devices (tplink,tl-wr2543-v1)
while no speed improvement was noticed on newer devices like
(tplink,archer-c7-v2).

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
2020-04-14 10:47:23 +08:00
Daniel Golle
a5a90a94ce netifd: fix jail ifdown and jails without jail_ifname
The previous commit introduced a regression for netns jails without
jail_ifname set. Fix that.

Fixes: 4e4f7c6d2d ("netifd: network namespace jail improvements")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-04-14 00:55:02 +01:00
Daniel Golle
4e4f7c6d2d netifd: network namespace jail improvements
aaaca2e interface: allocate and free memory for jail name
 d93126d interface: allow renaming interface when moving to jail netns

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-04-14 00:22:21 +01:00
Daniel Golle
a66efbf916 mac80211: adapt for single-instance wpad
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-04-14 00:22:21 +01:00
Daniel Golle
f37d634236 hostapd: reduce to a single instance per service
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-04-14 00:22:21 +01:00
Alberto Bursi
35f208da3c x86: add nforce eth to default packages
forcedeth is necessary to use the integrated
ethernet controller of Nvidia nForce chipset.

There are PC motherboards with this chipset
from 2001 that run 32bit Athlon XP CPUs and
more modern ones up to 2009 that can run Intel
and AMD 64bit processors, so add this to
all non-geode x86 targets.

Signed-off-by: Alberto Bursi <bobafetthotmail@gmail.com>
2020-04-13 22:41:37 +02:00
Tomasz Maciej Nowak
779a1c84ea mvebu: drop armada-37xx PCI aardvark patches
These patches were necessarry for Atheros and some Intel WiFi cards.
After short testing, the current upstream driver state is enough for
these WiFi cards to work. If there are still some issues with other
devices, the patches could be easily restored.

Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2020-04-13 22:41:37 +02:00
DENG Qingfang
f72a13b537 mvebu: refresh config
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2020-04-13 22:41:37 +02:00
DENG Qingfang
d13fe4127c mvebu: refresh patches
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2020-04-13 22:41:37 +02:00
DENG Qingfang
ae183c128f mvebu: set kernel testing version to 5.4
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2020-04-13 22:41:37 +02:00
DENG Qingfang
70193703a9 mvebu: copy files and patches to 5.4
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
2020-04-13 22:41:37 +02:00
Daniel González Cabanelas
85ef69b202 mvebu: add support for Buffalo LinkStation LS421DE
Buffalo LinkStation LS421DE is a dual bay NAS, based on Marvell Armada 370

Hardware:
   SoC:         Marvell Armada 88F6707-A1
   CPU:         Cortex-A9 1200 MHz, 1 core
   Flash:       SPI-NOR 1 MiB, NAND 512 MiB
   RAM:         DDR3 512 MiB
   Ethernet:    1x 10/100/1000 Mbps
   USB:         1x 2.0, 1x 3.0
   SATA:        2x 3.0 Gbps
   LEDs/Input : 5x / 2x (1x button, 1x slide-switch)
   RTC:         Ricoh RS5C372A, I2C, no battery

Flash instruction (UART+TFTP):
  1. Downgrade the OEM firmware to 1.34 version (BUFFALO_BOOTVER=0.13)
  2. Remove any hard drive from inside the bays.
  3. Boot the Openwrt initramfs image using the U-Boot serial console:
         tftpboot 0x1200000 buffalo_ls421de-initramfs-kernel.bin
         bootm 0x1200000
  4. Flash the sysupgrade image using the Openwrt console:
         sysupgrade -n buffalo_ls421de-squashfs-sysupgrade.bin
  5. Wait until it finish, the device will reboot with Openwrt installed
     on the NAND flash.

Note:
  - Device shuting down doesn't work, even if the power slide switch is
    used. We must first, via MDIO, set the unused LED2 at the ethernet
    phy0 to off state. Reboot works ok.

Signed-off-by: Daniel González Cabanelas <dgcbueu@gmail.com>
Reviewed-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2020-04-13 22:41:14 +02:00
Rosen Penev
1647790ae6 toolchain/gcc: remove uclibc hack
This was introduced with 014d3b98b9 , which
is almost 10 years old. uClibc-ng does not suffer from this problem.

Note that this hack prevents libstdc++ from using C++11 math functions.

Tested by removing all of the mpd patches designed to fix this and
compiling.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-04-13 22:40:19 +02:00
Rosen Penev
d27623b542 elfutils: update to 0.179
Removed sys/cdefs usage. The header is deprecated.

Removed canonicalize_file_name define. It's already fixed upstream.

Added --disable-debuginfod. Seems to be needed.

Modified patch 005 to build more stuff. It was failing before. It still
only builds libraries.

Modified patch 100 to use strerror under non-glibc. It is used under
glibc as strerror is not thread safe. It is under musl and uClibc-ng.
strerror_l is not available under uClibc-ng.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-04-13 22:40:19 +02:00
Rosen Penev
76d22fc24b hostapd: backport usleep patch
Optionally fixes compilation with uClibc-ng.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-04-13 22:40:19 +02:00
Aleksander Jan Bajkowski
b43023b7ba kernel: remove non-existant symbols
These symbols exist only in older kernels and can be removed.

Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
2020-04-13 22:40:19 +02:00
Kirill Lukonin
dce97df740 wpa_supplicant: disable CONFIG_WRITE functionality
CONFIG_WRITE functionality is not used and could be removed.
Looks helpful for devices with small flash because wpad is also affected.

Little testing shows that about 6 KB could be saved.

Signed-off-by: Kirill Lukonin <klukonin@gmail.com>
2020-04-13 22:40:06 +02:00
Jose Olivera
93a8cdf5d8 mwlwifi: Update the 88W8964's firmware to 9.3.2.12 and fix backports version detection
Updates the 88W8964 firmware used in the Linksys WRT3200ACM and WRT32X
[v9.3.2.6 -> v9.3.2.12]

Removes 0c43219 ("mwlwifi: Fix loading with backports v5.3")
as it has been merged upstream.

Unfortunately, there is a bug wherein Kaloz's repo, the version
detection mechanism for fixing vendor commands doesn't work.

It pulls in the Linux kernel version, which as of this time is
"4.14.y" or "4.19.y"

However, the proper behaviour is that it should pull in the mac80211
backports version which as of now is "5.4.27"

The included patch works around this using a backports define found
only on versions >5.3, "VENDOR_CMD_RAW_DATA".

Signed-off-by: Jose Olivera <oliverajeo@gmail.com>
2020-04-13 22:11:26 +02:00
Lucian Cristian
8f342a39de kernel: hwmon: add dme1737 driver
SMSC DME1737, SCH3112, SCH3114, SCH3116, SCH5027 monitoring support

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
2020-04-13 22:11:22 +02:00
Adrian Schmutzler
97af28d23e ath79: fix USB port LED assignment for ZyXEL NBG6716
The USB LED assignment to internal ports was swapped.

Fix it.

We also explicitly checked that the LED label numbers match those
on the device.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-04-13 19:22:16 +02:00
Guillaume Lefebvre
f5a9181d6e ath79: fix wmac initialization for Zyxel NBG6716
2.4 GHz Wifi on ath79 is set up in 10-ath9k-eeprom, but in ar71xx
it was done with ath79_register_wmac.

Thus, the following errors are observed on the device:
ath: phy1: Unable to initialize hardware; initialization status: -5
ath9k 18100000.wmac: failed to initialize device
ath9k: probe of 18100000.wmac failed with error -5

This patch changes the ath79 support to properly use wmac as well.
This will also require fixing the MAC address in a different way.

Signed-off-by: Guillaume Lefebvre <guillaume@zelig.ch>
[several adjustments to 10-fix-wifi-mac, use correct MAC address,
rewrite commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-04-13 19:21:56 +02:00
Álvaro Fernández Rojas
97c5fb4709 cypress-firmware: update to v5.4.18-2020_0402
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2020-04-13 10:14:48 +02:00
Chuanhong Guo
77b99ea3c6 ramips: fix whitespace in 990_NET-no-auto-carrier-support.patch
Fixes: 6fcba5eec3 ("ramips: port 0034-NET-multi-phy-support.patch to 5.4")
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2020-04-13 11:49:16 +08:00
Chuanhong Guo
4d06229242 ramips: ralink-eth: fix leftover dma dev argument
Fixes: 05dee5833a ("ramips: ralink-eth: fix device struct passed to dma functions")
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2020-04-13 11:32:50 +08:00
Daniel Golle
0aa2ecf5b2 base-files: don't ship local build key when on buildbot
Including the local build key in /etc/opkg/keys isn't feasible when
building on the buildbot: The included key collides with its copy
already in openwrt-keyring which breaks the ImageBuilder.
Not including a locally generated key also makes the base-files package
more reproducible.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2020-04-12 20:35:00 +01:00
Jonas Gorski
4e535d81ee bcm63xx: disable all devices with <= 4MiB flash and <= 32 MiB RAM
Device with 4 MiB flash and 32 MiB RAM won't be able to run OpenWrt in
a sufficient manner without tweaks, so don't build images for them by
default.

This includes all BCM6338, BCM6345 and BCM6348 "generic" devices,
as there are no supported devices of these with more than that.

Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2020-04-12 20:45:21 +02:00
Chuanhong Guo
b756ea2a90 ramips: replace pinctrl property names
Upstream pinctrl driver in drivers/staging uses
groups/function/ralink,num-gpios instead of
ralink,group/ralink,function/ralink,nr-gpio
Replace these properties in dts as well as the pinctrl driver in
patches-4.14.
This commit is created using:
sed -i 's/ralink,group/groups/g'
sed -i 's/ralink,function/function/g'
sed -i 's/ralink,nr-gpio/ralink,num-gpios/g'

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2020-04-12 22:29:17 +08:00
Chuanhong Guo
8f6334eb94 ramips: explicitly disable built-in switch when needed
previously we rely on the failsafe setup in preinit scripts to disable
built-in switch implicitly for single-port devices. This doesn't work
anymore due to preinit script removal.
this patch explicitly disable built-in switch for needed devices.

Fixes: a8d62a4eb1 ("ramips: remove set_preinit_iface script")
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2020-04-12 22:29:17 +08:00
Chuanhong Guo
f017f617ae base-files: preinit: also config switch when no port roles defined
current preinit code in base-files doesn't config switch when there are
no port roles defined. But this kind of configuration exists on single
port devices where switch vlan is simply disabled.
configure reset and enable_vlan property when a switch node exist.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2020-04-12 22:29:02 +08:00
Chuanhong Guo
605a7ffff2 ramips: add 5.4 as testing kernel
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2020-04-12 22:27:18 +08:00
Chuanhong Guo
abadee5d60 ramips: mt76x8: switch to kernel 5.4
4.14 doesn't work anymore due to gpio dt binding changes. Switch mt76x8
to 5.4 directly.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2020-04-12 22:27:18 +08:00
Chuanhong Guo
d7d46da938 ramips: disable images for 4M devices
default initramfs for 5.4 kernel is larger than 4M, causing build error
for oversized initramfs image.
disable these images because we have no mechanism for ignoring initramfs
errors and the squashfs image will be larger than initramfs anyway.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2020-04-12 22:27:18 +08:00