Some devices (especially QCA ones) are already using hardcoded partition
names with colons in it. The OpenMesh A62 for example provides following
mtd relevant information via cmdline:
root=31:11 mtdparts=spi0.0:256k(0:SBL1),128k(0:MIBIB),384k(0:QSEE),64k(0:CDT),64k(0:DDRPARAMS),64k(0:APPSBLENV),512k(0:APPSBL),64k(0:ART),64k(custom),64k(0:KEYS),0x002b0000(kernel),0x00c80000(rootfs),15552k(inactive) rootfsname=rootfs rootwait
The change to split only on the last colon between mtd-id and partitions
will cause newpart to see following string for the first partition:
KEYS),0x002b0000(kernel),0x00c80000(rootfs),15552k(inactive)
Such a partition list cannot be parsed and thus the device fails to boot.
Avoid this behavior by making sure that the start of the first part-name
("(") will also be the last byte the mtd-id split algorithm is using for
its colon search.
Fixes: 9c718b5478ac ("kernel: bump 4.14 to 4.14.200")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
(backported from commit 223eec7e81f8506592fc89cf79a2f14360f5c57b)
Commit c9c7b4b3945c ("kernel: add netfilter-actual-sk patch") has
touched net/ipv6/netfilter/ip6table_mangle.c which in turn has affected
910-unaligned_access_hacks.patch so the patch needs to be refreshed.
Fixes: c9c7b4b3945c ("kernel: add netfilter-actual-sk patch")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
The wcsnrtombs function in all musl libc versions up through 1.2.1 has
been found to have multiple bugs in handling of destination buffer
size when limiting the input character count, which can lead to
infinite loop with no forward progress (no overflow) or writing past
the end of the destination buffera.
This function is not used internally in musl and is not widely used,
but does appear in some applications. The non-input-limiting form
wcsrtombs is not affected.
All users of musl 1.2.1 and prior versions should apply the attached
patch, which replaces the overly complex and erroneous implementation.
The upcoming 1.2.2 release will adopt this new implementation.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 4d4ef1058c0f10aa2fa4070cd6b9db4d48b94148)
Backport of linux kernel commit 46d6c5a to 4.14 kernel.
netfilter: use actual socket sk rather than skb sk when routing harder
Signed-off-by: Aaron Goodman <aaronjg@stanford.edu>
With this commit, the download script will try downloading source files
using the filename instead of the url-filename in case the previous
download attempt using the url-filename failed.
This is required, as the OpenWrt sources mirrors serve files using the
filename files might be renamed to after downloading. If the original
mirror for a file where url-filename and filename do not match goes
down, the download failed prior to this patch.
Further improvement can be done by performing this only for the
OpenWrt sources mirrors.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit d36999389890fb952fc7cc8c0db8e1bbb671af12)
The fsl_destroy_mc_io() function was moved, add the new checks to the
moved copy and not just remove it.
Fixes: ac5297340e64 ("kernel: bump 4.14 to 4.14.206")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The MAC address for the wmac 2.4 GHz radio of the Ubiquiti UniFi AC
family of devices is actually embedded in the mtd-cal-data, so there
is no need for mtd-mac-address (which was incorrectly forcing wmac
to have the same MAC as eth0). This makes it coherent with the stock
firmware and the ar71xx target:
· XX:XX:XX:X0:XX:XX eth0
· XX:XX:XX:X1:XX:XX ath0/wlan1 (2.4 GHz)
· XX:XX:XX:X2:XX:XX ath1/wlan0 (5 GHz)
Checked on a UniFi AC Mesh, a UniFi AC LR and a UniFi Lite.
Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
(cherry picked from commit 20ace70db65c3f1cb6a842d3092ac2eb7be81b5a)
Read the freifunk packages, that have been moved from the LuCI feed
into its own feed in January 2019.
Use openwrt-19.07 branch of that repository for openwrt-19.07.
Signed-off-by: Sven Roederer <freifunk@it-solutions.geroedel.de>
(cherry picked from commit 221f97ff4737f012c90feb086bc1c2ed86c6001b)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The Ubiquiti UniFi AP does not have a AHB connected radio but a PCI one.
Also the EEPROM ist only 0x440 bytes of length.
Reported-by: Martin Weinelt <martin@darmstadt.freifunk.net>
Tested-by: Martin Weinelt <martin@darmstadt.freifunk.net>
Signed-off-by: David Bauer <mail@david-bauer.net>
(backported from commit 4c5eb1040f94871626f6a533242c3a9c068d5bb6)
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The D-Link DIR-645 currently uses an incorrect logic level for its
buttons.
Correct them in order to prevent unintentional activation of failsafe
mode.
Reported-by: Perry Melange <isprotejesvalkata@gmail.com>
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 929e8f0f553637076f2612fb1c2225c5cee1f7ab)
The order of function and color in the labels in inverted for the
LAN LEDs. Fix it.
Fixes: 915966d86121 ("ath79: Port PowerCloud Systems CAP324 support")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 96023cd4ba66c33e77d9df562dda44b0a1ba1ac9)
This packports two security fixes from master.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit f9005d4f80dee3dcc257d4613cbc46668faad094)
Mainline u-boot dynamically passes the mtd partitions via devicetree:
$ cat /proc/mtd
dev: size erasesize name
mtd0: 003f0000 00001000 "firmware"
mtd1: 00010000 00001000 "u-boot-env"
Add support for this setup.
Signed-off-by: Andre Heider <a.heider@gmail.com>
(cherry picked from commit 60c9a27cbcc6ba00d75b4b592f507237dbfb460f)
The generic bootscript is tailored around a downstream firmware and
doesn't work on a firmware built from mainline components.
Add a bootscript which:
* sets $console since mainline u-boot doesn't do that
* uses distro boot variables, so OpenWRT can be booted off any supported
device when using a mainline firmware
* sets missing distro boot variables for the downstream firmware
Booting with a downstream firmware is unchanged.
Booting with a mainline firmware now works.
Signed-off-by: Andre Heider <a.heider@gmail.com>
(cherry picked from commit c43b45863e38fb18a486601c1601f1485d649c0b)
amd64-microcode (3.20191218.1)
* New microcode update packages from AMD upstream:
+ Removed Microcode updates (known to cause issues):
sig 0x00830f10, patch id 0x08301025, 2019-07-11
* README: update for new release
amd64-microcode (3.20191021.1)
* New microcode update packages from AMD upstream:
+ New Microcodes:
sig 0x00830f10, patch id 0x08301025, 2019-07-11
+ Updated Microcodes:
sig 0x00800f12, patch id 0x08001250, 2019-04-16
sig 0x00800f82, patch id 0x0800820d, 2019-04-16
amd64-microcode (3.20181128.1)
* New microcode update packages from AMD upstream:
+ New Microcodes:
sig 0x00800f82, patch id 0x0800820b, 2018-06-20
Signed-off-by: Tan Zien <nabsdh9@gmail.com>
(cherry picked from commit 182c7d955f872cb712f6d16d4b5cc0824bf4cc67)
Boolean attributes were parsed the same way as string attributes,
so a value of { "bool_attr": "true" } would be parsed correctly, but
{ "bool_attr": true } (without quotes) was parsed as false.
Fixes FS#3284
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 7f676b5ed6a2bcd6786a0fcb6a6db3ddfeedf795)
This fixes a regression after a kernel change in 4.14.200 [1] that
led to build failure on oxnas/ox820:
drivers/ata/sata_oxnas.c:2238:13: error: initialization of
'enum ata_completion_errors (*)(struct ata_queued_cmd *)'
from incompatible pointer type
'void (*)(struct ata_queued_cmd *)' [-Werror=incompatible-pointer-types]
.qc_prep = sata_oxnas_qc_prep,
^~~~~~~~~~~~~~~~~~
drivers/ata/sata_oxnas.c:2238:13: note:
(near initialization for 'sata_oxnas_ops.qc_prep')
Our local driver is changed the same way as prototyped in the
kernel patch, i.e. return type is changed and AC_ERR_OK return
value is added.
[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=306a1c5b5683c1d37565e575386139a64bdbec6f
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit f6ca57e4f40528a8a0103c9f0e9647a2e11d10c3)
reg accesses on integrated ar8229 sometimes fails. As a result, phy read
got incorrect port status and wan link goes down and up mysteriously.
After comparing ar8216 with the old driver, these local_irq_save/restore
calls are the only meaningful differences I could find and it does fix
the issue.
The same changes were added in svn r26856 by Gabor Juhos:
ar71xx: ag71xx: make switch register access atomic
As I can't find the underlying problem either, this hack is broght
back to fix the unstable link issue.
This hack is only suitable for ath79 mdio and may easily break the
driver on other platform. Limit it to ath79-only as a target patch.
Fixes: FS#2216
Fixes: FS#3226
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
(cherry picked from commit 86fdc8abed5992a74078b000b5ff9da723b6f46b)
When building from a local branch based off the "openwrt-19.07" branch,
version computation is wrong, for instance:
r10194+1004-c53f62b111
The number of local commits (1004 in this case) is wrong because it is
computed against master. As a result, it wrongly counts *all* commits
since the beginning of the openwrt-19.07 branch as local commits.
The fix is to compare to the openwrt-19.07 branch instead, which gives the
expected result such as:
r11192+6-8b0278a17e
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
[shorten commit title]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This is a bug-fix release. Patches were refreshed.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 475838de1a33d49d1a0b81aad374a8db6dd2b3c8)
The LED color was missing in 01_leds.
Fixes: 745dee11ac78 ("ath79: add support for WD My Net Wi-Fi Range
Extender")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit d232a8ac7d1679f7ff97cbc66b4c49c940bd009f)
Not a large change from last time, but should fix at least one rare wave-2
crash.
Tested on Netgear R7800.
Signed-off-by: Michael Yartys <michael.yartys@gmail.com>
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit 91aab77bf1ce91b0e60e720eb147c94a02c1f2fd)
[adapt variables and package names]
[remove changes to non-full htt-mgt variants because we did not backport
a882bfce052e ("ath10k-ct-firmware: add htt-mgt variants")]
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
Tested-by: Baptiste Jonglez <git@bitsofnetworks.org> [QCA9886, QCA9887]
No release notes this time.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit 06f510df6e2aa0b1e40124bbd758672458d01482)
[adapt variables and package names because we did not backport
2e5e9b459ed5 ("ath10k-ct-firmware: rename ct-htt packages")]
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
Release notes for 017:
Wave-1:
* March 19, 2020: Fix problem where power-save was not enabled when going off-channel to scan.
The problem was a boolean logic inversion in the chmgr code, a regression I introduced
a long time ago.
* March 19, 2020: When scanning only on current working channel, do not bother with disable/enable
powersave. This should make an on-channel scan less obtrusive than it was previously.
* March 23, 2020: Fix channel-mgr use-after-free problem that caused crashes in some cases. The crash
was exacerbated by recent power-save changes.
* March 23, 2020: Fix station-mode power-save related crash: backported the fix from 10.2 QCA firmware.
* March 23, 2020: Attempt to better clean up power-save objects and state, especially in station mode.
Release notes for 016:
Wave-1 changes, some debugging code for a crash someone reported, plus:
* February 28, 2020: Fix custom-tx path when sending in 0x0 for rate-code. Have tries == 0 mean
one try but NO-ACK (similar to how wave-2 does it).
wave-2:
* Fixed some long-ago regressions related to powersave and/or multicast. Maybe fix some
additional multicast and/or tx-scheduling bugs.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Acked-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 84f4a783c6987fd9d67c089a76e2f90b7491f446)
This supports better per-chain noise floor reporting, which in turn allows for
better RSSI reporting in the driver.
Wave-2 fixes a long-standing rate-ctrl problem when connected to xbox (and probably other devices).
Wave-2 has fix for crash likely related to rekeying.
Wave-1 has some debugging code added where a user reported a crash.
Tested-by: Stefan Lippers-Hollmann <s.l-h@gmx.de> [ipq806x+qca9984,ipq4019+qca9986]
Signed-off-by: Michael Yartys <michael.yartys@protonmail.com>
(cherry picked from commit 18622638831707038556b9b8bd5a0b4d4a53ce53)
The release notes since last time for wave-1:
* No changes to wave-1, but I make a version .014 copy anyway to keep
the makefile in sync.
The release notes since last time for wave-2:
* December 16, 2019: Wave-2 has a fix to make setting txpower work
better. Before setting the power was ignored at
least some of the time (it also appeared to work
mostly, so I guess it was being correctly set in
other ways).
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
(cherry picked from commit 65982642668e859540b21c2bd3bf907493df830a)
The current code acknowledged interrupts *after* polling.
This is the wrong way around, and could cause an interrupt to
be missed.
This is not likely to be fatal as another packet, and so another
interrupt, should come along soon. But maybe it is causing
problems, so let's fix it anyway.
Signed-off-by: NeilBrown <neil@brown.name>
(Note that this matches the upstream driver.)
Signed-off-by: Rosen Penev <rosenp@gmail.com>
This fixes the following compile errors after the wolfssl 4.5.0 update:
LD wpa_cli
../src/crypto/tls_wolfssl.c: In function 'tls_match_alt_subject':
../src/crypto/tls_wolfssl.c:610:11: error: 'GEN_EMAIL' undeclared (first use in this function); did you mean 'ENAVAIL'?
type = GEN_EMAIL;
^~~~~~~~~
ENAVAIL
../src/crypto/tls_wolfssl.c:610:11: note: each undeclared identifier is reported only once for each function it appears in
../src/crypto/tls_wolfssl.c:613:11: error: 'GEN_DNS' undeclared (first use in this function)
type = GEN_DNS;
^~~~~~~
../src/crypto/tls_wolfssl.c:616:11: error: 'GEN_URI' undeclared (first use in this function)
type = GEN_URI;
^~~~~~~
../src/crypto/tls_wolfssl.c: In function 'wolfssl_tls_cert_event':
../src/crypto/tls_wolfssl.c:902:20: error: 'GEN_EMAIL' undeclared (first use in this function); did you mean 'ENAVAIL'?
if (gen->type != GEN_EMAIL &&
^~~~~~~~~
ENAVAIL
../src/crypto/tls_wolfssl.c:903:20: error: 'GEN_DNS' undeclared (first use in this function)
gen->type != GEN_DNS &&
^~~~~~~
../src/crypto/tls_wolfssl.c:904:20: error: 'GEN_URI' undeclared (first use in this function)
gen->type != GEN_URI)
^~~~~~~
Makefile:2029: recipe for target '../src/crypto/tls_wolfssl.o' failed
Fixes: 00722a720c77 ("wolfssl: Update to version 4.5.0")
Reported-by: Andre Heider <a.heider@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit bc19481826e0da9119945eaae4f25736306f023b)
This fixes the following security problems:
* In earlier versions of wolfSSL there exists a potential man in the
middle attack on TLS 1.3 clients.
* Denial of service attack on TLS 1.3 servers from repetitively sending
ChangeCipherSpecs messages. (CVE-2020-12457)
* Potential cache timing attacks on public key operations in builds that
are not using SP (single precision). (CVE-2020-15309)
* When using SGX with EC scalar multiplication the possibility of side-
channel attacks are present.
* Leak of private key in the case that PEM format private keys are
bundled in with PEM certificates into a single file.
* During the handshake, clear application_data messages in epoch 0 are
processed and returned to the application.
Full changelog:
https://www.wolfssl.com/docs/wolfssl-changelog/
Fix a build error on big endian systems by backporting a pull request:
https://github.com/wolfSSL/wolfssl/pull/3255
The size of the ipk increases on mips BE by 1.4%
old:
libwolfssl24_4.4.0-stable-2_mips_24kc.ipk: 386246
new:
libwolfssl24_4.5.0-stable-1_mips_24kc.ipk: 391528
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 00722a720c778e623d6f37af3a3b4e43b29c3fe8)
32-bit x86 fail to compile fast-math feature when compiled with frame
pointer, which uses a register used in a couple of inline asm functions.
Previous versions of wolfssl had this by default. Keeping an extra
register available may increase performance, so it's being restored for
all architectures.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 750d52f6c90e2a144c250779741607f0cb306a94)
This version adds many bugfixes, including a couple of security
vulnerabilities:
- For fast math (enabled by wpa_supplicant option), use a constant time
modular inverse when mapping to affine when operation involves a
private key - keygen, calc shared secret, sign.
- Change constant time and cache resistant ECC mulmod. Ensure points
being operated on change to make constant time.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 3481f6ffc79f46fc7ba86a4cc15ad958e99b5a82)
This release of Mbed TLS provides bug fixes and minor enhancements. This
release includes fixes for security issues and the most notable of them
are described in more detail in the security advisories.
* Local side channel attack on RSA and static Diffie-Hellman
* Local side channel attack on classical CBC decryption in (D)TLS
* When checking X.509 CRLs, a certificate was only considered as revoked
if its revocationDate was in the past according to the local clock if
available.
Full release announcement:
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.8
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
(cherry picked from commit 66893063abf56b7d8c21eceed56e5d27859eaaea)
Backport a fix from kernel 5.8.3.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit ca5ee6eba34593ec9f8b5b195c94cf6c3f6ff914)
After years of trying to find the reason for random kernel crashes
while both CPU and SATA are under load it has been found.
Some odd commented-out #defines in kref's single-port driver [1] which
were copied from the vendor driver made me develop a theory:
The IO-mapped memory area for DMA descriptors apparetly got some holes
just before the alignment boundaries.
This feels like an off-by-one bug in the hardware or maybe those fields
are used internally by the SATA controller's firmware.
Whatever the cause is: they cannot be used and trying to use them
results in reading back unexpected stuff and ends up with oopsing
Unable to handle kernel paging request at virtual address d085c004
Work around the issue by reducing the area used for bmdma descriptors.
This reduces SATA performance (iops) quite a bit, but finally makes
things work reliably. Possibly one could optimize this much more by
really just skipping the holes in that memory area -- however, that
seems to be non-trivial with the driver and libata in it's current form
(suggestions are welcome).
The 'proper' way to have good SATA performance would be to make use of
the hardware RAID features (one can use the JBOD mode to access even
just a single disc transparently through the RAID controller integrated
in the SATA host instead of accessing the SATA ports 'raw' as we do
now).
[1]: https://github.com/kref/linux-oxnas/blob/master/drivers/ata/sata_oxnas.c#L25
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 5793112f751ee3d9f841af4846d68e6b1ff1bff4,
including fixup commit d75e75306301852a848824cf268d8b58eda28a8a)
Mbed TLS 2.16.7 is a maintenance release of the Mbed TLS 2.16 branch,
and provides bug fixes and minor enhancements. This release includes
fixes for security issues and the most severe one is described in more
detail in a security advisory:
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-07
* Fix a side channel vulnerability in modular exponentiation that could
reveal an RSA private key used in a secure enclave.
* Fix side channel in mbedtls_ecp_check_pub_priv() and
mbedtls_pk_parse_key() / mbedtls_pk_parse_keyfile() (when loading a private
key that didn't include the uncompressed public key), as well as
mbedtls_ecp_mul() / mbedtls_ecp_mul_restartable() when called with a NULL
f_rng argument. An attacker with access to precise enough timing and
memory access information (typically an untrusted operating system
attacking a secure enclave) could fully recover the ECC private key.
* Fix issue in Lucky 13 counter-measure that could make it ineffective when
hardware accelerators were used (using one of the MBEDTLS_SHAxxx_ALT
macros).
Due to Mbed TLS moving from ARMmbed to the Trusted Firmware project, some
changes to the download URLs are required. For the time being, the
ARMmbed/mbedtls Github repository is the canonical source for Mbed TLS.
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
[Use https://codeload.github.com and new tar.gz file]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 201d6776a0b5858b8ce43a2392c9fe48aa1c4dd7)
This adds support for the TP-Link TL-WR710N v2.1. It is basically a
re-issue of the v1.2.
Specifications:
SoC: Atheros AR9331
CPU: 400 MHz
Flash: 8 MiB
RAM: 32 MiB
WiFi: 2.4 GHz b/g/n
Ethernet: 2x 100M ports
USB: 1x 2.0
The only difference from the v1 is the TP-Link hardware ID/revision.
Attention:
The TL-WR710N v2.0 (!) has only 4 MB flash and cannot be flashed with
this image. It has a different TPLINK_HWREV, so accidental flashing
of the factory image should be impossible without additional measures.
Unfortunately, the v2.0 in ar71xx has the same board name, so sysupgrade
from ar71xx v2.0 into ath79 v1/v2.1 will not be prevented, but will brick
the device.
Flashing instruction:
Upload the factory image via the OEM firmware GUI upgrade mechanism.
Further notes:
To make implementation easier if somebody desires to port the 4M v2.0,
this already creates two DTSI files.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Tested-by: Fabian Eppig <fabian@eppig.de>
(backported from eb531337a779a48a2d17bc66f0d222325d6c1563)
