Commit Graph

41778 Commits

Author SHA1 Message Date
Felix Fietkau
f506de2cda ath9k: fix unloading the module
Registering a GPIO chip with the ath9k device as parent prevents unload,
because the gpiochip core increases the module use count.
Unfortunately, the only way to avoid this at the moment seems to be to
register the GPIO chip without a parent device

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-09-20 10:09:10 +02:00
Daniel Golle
7347ea7453 uqmi: pass-through ipXtable to child interfaces
Allow setting specific routing tables via the ip4table and ip6table
options also when ${ifname}_4 and ${ifname}_6 child interfaces are
being created.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit e51aa699f7)
2018-09-17 18:32:28 +02:00
Stijn Segers
de76cefd86 kernel: bump 4.14 to 4.14.70 for 18.06
Refreshes patches and bumps 4.14 kernel to 4.14.70 for OpenWrt 18.06.

Compile-tested on ramips/mt7621, x86/64, imx6.
Run-tested on ramips/mt7621, x86/64, imx6.

Signed-off-by: Stijn Segers <foss@volatilesystems.org>

[added ubifs fix + tested on imx6]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-09-17 15:47:44 +02:00
Stijn Segers
b4f672c1f9 kernel: bump 4.9 to 4.9.127 for 18.06
Refreshes patches and bumps 4.9 kernel to 4.9.127 for OpenWrt 18.06.

Compile-tested on ar71xx.

Signed-off-by: Stijn Segers <foss@volatilesystems.org>
2018-09-17 15:47:44 +02:00
Kevin Darbyshire-Bryant
4f6ad3c13a iproute2: q_cake: Also print nonat, nowash and no-ack-filter keywords
Pull in latest upstream tweaks:
Similar to the previous patch for no-split-gso, the negative keywords for
'nat', 'wash' and 'ack-filter' were not printed either. Add those as well.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 033f02b9b5)
2018-09-15 08:49:36 +01:00
Hans Dedecker
e60be11330 toolchain/glibc: update to latest 2.26 commit
c5c90b480e Fix segfault in maybe_script_execute.
174709d879 pthread_cond_broadcast: Fix waiters-after-spinning case [BZ #23538]
c9570bd2f5 x86: Populate COMMON_CPUID_INDEX_80000001 for Intel CPUs [BZ #23459]
86e0996b1a x86: Correct index_cpu_LZCNT [BZ #23456]
cf6deb084b conform/conformtest.pl: Escape literal braces in regular expressions
b12bed3e06 stdio-common/tst-printf.c: Remove part under a non-free license [BZ #23363]
20dc7a909a libio: Add tst-vtables, tst-vtables-interposed
4b10e69b1f Synchronize support/ infrastructure with master
762e9d63d5 NEWS: Reorder out-of-order bugs
2781bd5a86 libio: Disable vtable validation in case of interposition [BZ #23313]
74d16a57a3 Check length of ifname before copying it into to ifreq structure.
3aaf8bda00 getifaddrs: Don't return ifa entries with NULL names [BZ #21812]
f958b45d52 Use _STRUCT_TIMESPEC as guard in <bits/types/struct_timespec.h> [BZ #23349]
81b994bd83 Fix parameter type in C++ version of iseqsig (bug 23171)
7b52c8ae05 libio: Avoid _allocate_buffer, _free_buffer function pointers [BZ #23236]
4df8479e6b Add NEWS entry for CVE-2018-11236
a5bc5ec967 Add references to CVE-2018-11236, CVE-2017-18269
58ad5f8a64 Add a test case for [BZ #23196]
6b4362f2cb Don't write beyond destination in __mempcpy_avx512_no_vzeroupper (bug 23196)

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-09-13 11:11:53 +02:00
Kevin Darbyshire-Bryant
a57062a908 iproute2: q_cake: Add printing of no-split-gso option
When the GSO splitting was turned into dual split-gso/no-split-gso options,
the printing of the latter was left out. Add that, so output is consistent
with the options passed

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 8cac857289)
2018-09-12 10:33:53 +01:00
Kevin Darbyshire-Bryant
1fdf3b4a44 iproute2: update cake man page
CAKE supports overriding of its internal classification of
packets through the tc filter mechanism.

Update the man page in our package, even though we don't
build them.  Someone may find the documentation useful.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 30598a05385b0ac2380dd4f30037a9f9d0318cf2)
(cherry picked from commit dc9388ac55)
2018-09-12 10:32:13 +01:00
Kevin Darbyshire-Bryant
ae12852864 kmod-sched-cake: fix 6in4/gso performance issue
Bump to latest upstream cake:

Add workaround for wrong skb->mac_len values after splitting GSO

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 66fd41ba79)
2018-09-12 10:29:06 +01:00
Kevin Darbyshire-Bryant
f6bd1b306b kmod-sched-cake: bump to 20180827
Expand filter flow mapping to include hosts as well

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit d14ffdc307d36bd9abe908b46ff7baece54c9551)
(cherry picked from commit 721dfd4eb8)
2018-09-12 10:29:06 +01:00
Kevin Darbyshire-Bryant
b2a042b5fe iproute2: cake: make gso/gro splitting configurable
This patch makes sch_cake's gso/gro splitting configurable
from userspace.

To disable breaking apart superpackets in sch_cake:

tc qdisc replace dev whatever root cake no-split-gso

to enable:

tc qdisc replace dev whatever root cake split-gso

Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
Signed-off-by: Dave Taht <dave.taht@gmail.com>
[pulled from netdev list - no API/ABI change]
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 3e8a9389961cd866b867740a2f71c2a0af97ab56)
2018-09-12 10:25:12 +01:00
Kevin Darbyshire-Bryant
f14c321a0d kmod-sched-cake: bump to 20180728 optional gso split
Follow upstream kernel patch that restores always splitting gso packets
by default whilst making the option configurable from (tc) userspace.

No ABI/API change

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit fe077d20e3b484e55ad49d5711673d05d7a301de)
2018-09-12 10:25:12 +01:00
Rafał Miłecki
6f0ede5438 mac80211: brcmfmac: backport CYW89342 support & fixes from 4.20
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit b3d441c5f7)
2018-09-12 08:42:28 +02:00
Rafał Miłecki
d3e9c8862f mac80211: brcmfmac: backport patch for per-firmware features
This allows driver to support features that can't be dynamically
discovered.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit fecbd91c7c)
2018-09-12 08:42:27 +02:00
Rafał Miłecki
1a7471a303 mac80211: brcmfmac: backport 4.19 patches preparing monitor mode support
Monitor mode isn't supported yet with brcmfmac, it's just an early work.
This also prepares brcmfmac to work stable with new firmwares which use
updated struct for passing STA info.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit c0608c6a27)
2018-09-12 08:42:27 +02:00
pacien
9e319b7ae2 odhcp6c: add client fqdn and reconfigure options
Allowing DHCPV6_CLIENT_FQDN and DHCPV6_ACCEPT_RECONFIGURE to be turned off.
Defaulting to false, former behavior remains unchanged.

Signed-off-by: pacien <pacien.trangirard@pacien.net>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
(cherry picked from commit ef01c1d308)
2018-09-08 21:46:07 +02:00
Koen Vandeputte
55bbd8293c kernel: bump 4.14 to 4.14.68
Refreshed all patches.

Remove upstream accepted:
- 330-Revert-MIPS-BCM47XX-Enable-74K-Core-ExternalSync-for.patch

Altered:
- 303-v4.16-netfilter-nf_tables-remove-multihook-chains-and-fami.patch
- 308-mips32r2_tune.patch

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-09-07 17:22:23 +02:00
Koen Vandeputte
81d73ae747 kernel: bump 4.9 to 4.9.125
Refreshed all patches.

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-09-07 17:22:23 +02:00
Henrique de Moraes Holschuh
5c8d61d7e3 dnsmasq: allow dnsmasq variants to be included in image
The dnsmasq variants should provide dnsmasq, otherwise it is impossible
to include them in the image.

This change allows one to have CONFIG_PACKAGE_dnsmasq=m and
CONFIG_PACKAGE_dnsmasq-full=y, e.g. because you want DNSSEC support, or
IPSETs suport on your 3000-devices fleet ;-)

Signed-off-by: Henrique de Moraes Holschuh <henrique@nic.br>
2018-09-06 21:34:34 +02:00
Matthias Schiffer
f7413579c0
mpc85xx: add migration script for TP-Link TL-WDR4900 v1 WLAN PCI paths
PCI paths of the WLAN devices have changed between kernel 4.4 and 4.9;
migrate config so existing wifi-iface definitions don't break.

This is implemented as a hotplug handler rather than a uci-defaults script
as the migration script must run before the 10-wifi-detect hotplug handler.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit b452af23a8)
2018-09-04 21:28:52 +02:00
Jo-Philipp Wich
13dccfc8e4
libubox: set RPATH for host build
This is required for programs that indirectly link libjson-c through the
libubox blobmsg_json library.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 5762efd8b2)
2018-09-04 00:09:03 +02:00
Daniel Golle
456f88376a
libubox: set HOST_BUILD_PREFIX
Install into STAGING_DIR_HOST rather than STAGING_DIR_HOSTPKG to make
bundle-libraries.sh happy.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 73100024d3)
2018-09-04 00:09:03 +02:00
Daniel Golle
0a337dae9c
libubox: make sure blobmsg-json is included in host-build
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 56e3a19ad6)
[While nothing in 18.06 needs the blobmsg-json host build, this prevents
builds failing due to incompatible json-c versions installed on the host
system]
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2018-09-04 00:07:03 +02:00
Daniel Golle
549eb9b383
libjson-c: set HOST_BUILD_PREFIX
Install into STAGING_DIR_HOST rather than STAGING_DIR_HOSTPKG to make
bundle-libraries.sh happy.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit a5368dc30c)
2018-09-04 00:00:39 +02:00
Rosen Penev
c571627a25
libjson-c: Update package URL
Found through UScan.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 31f87ebcb2)
2018-09-04 00:00:38 +02:00
Daniel Golle
0320fea968
libjson-c: fix host-build
Add -Wno-implicit-fallthrough to HOST_CFLAGS.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 5e9470a93b)
2018-09-04 00:00:38 +02:00
Daniel Golle
da9fe5af19
libjson-c: add host build (for libblobmsg-json)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 6fc8e06078)
2018-09-04 00:00:38 +02:00
David Bauer
6a4f059ec8
ar71xx: allow to override at803x sgmii aneg status
When checking the outcome of the PHY autonegotiation status, at803x
currently returns false in case the SGMII side is not established.

Due to a hardware-bug, ag71xx needs to fixup the SoCs SGMII side, which
it can't as it is not aware of the link-establishment.

This commit allows to ignore the SGMII side autonegotiation status to
allow ag71xx to do the fixup work.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 4e39e213af)
2018-09-03 23:13:12 +02:00
David Bauer
3444638a05
ar71xx: fix QCA955X SGMII link loss
The QCA955X is affected by a hardware bug which causes link-loss of the
SGMII link between SoC and PHY. This happens on change of link-state or
speed.

It is not really known what causes this bug. It definitely occurs when
using a AR8033 Gigabit Ethernet PHY.

Qualcomm solves this Bug in a similar fashion. We need to apply the fix
on a per-device base via platform-data as performing the fixup work will
break connectivity in case the SGMII interface is connected to a Switch.

This bug was first proposed to be fixed by Sven Eckelmann in 2016.
 https://patchwork.ozlabs.org/patch/604782/

Based-on-patch-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit f4f99ec973)
2018-09-03 23:04:46 +02:00
Jo-Philipp Wich
a662d6f6bc grub2: rebase patches
Patch 300-CVE-2015-8370.patch was added without proper rebasing on the
version used by OpenWrt, make it apply and refresh the patch to fix
compilation.

Fixes: 7e73e9128f ("grub2: Fix CVE-2015-8370")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 9ffbe84ea4)
2018-08-30 14:11:36 +02:00
Rosen Penev
a0569f5e81 grub2: Fix CVE-2015-8370
This CVE is a culmination of multiple integer overflow issues that cause
multiple issues like Denial of Service and authentication bypass.

More info: https://nvd.nist.gov/vuln/detail/CVE-2015-8370

Taken from Fedora.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 7e73e9128f)
2018-08-30 13:16:20 +02:00
Rosen Penev
30758ee10e bzip2: Fix CVE-2016-3189
Issue causes a crash with specially crafted bzip2 files.

More info: https://nvd.nist.gov/vuln/detail/CVE-2016-3189

Taken from Fedora.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit f9469efbfa)
2018-08-30 13:16:16 +02:00
Jo-Philipp Wich
3315558870 scripts: bundle-libraries: fix logic flaw
Previous refactoring of the script moved the LDSO detection into a
file-not-exists condition, causing onyl the very first executable to
get bundled.

Solve the problem by unconditionally checking for LDSO again.

Fixes: 9030a78a71 ("scripts: bundle-libraries: prevent loading host locales")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 5ebcd32997)
2018-08-30 11:32:16 +02:00
Jo-Philipp Wich
686c6c5ca7 scripts: bundle-libraries: prevent loading host locales (FS#1803)
Binary patch the bundled glibc library to inhibit loading of host locale
archives in order to avoid triggering internal libc assertions when
invoking shipped, bundled executables.

The problem has been solved with upstream Glibc commit
0062ace229 ("Gracefully handle incompatible locale data") but we still
need to deal with older Glibc binaries for some time to come.

Fixes FS#1803
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 9030a78a71)
2018-08-30 11:32:16 +02:00
Jo-Philipp Wich
0f3ec67a83 ramips: only limit lzma dictionary size on mt7621
The changed dictionary size leads to a different LZMA header which breaks
sysupgrade image magic checkibng on at least some RT288x boards.

Since the commit message only mentions testing on MT7621 and since the
change appears to break at least one other ramips subtarget, do not take
any chances and restrict the size limitation to only MT7621.

Fixes FS#1797
Fixes 09b6755946 ("ramips: limit dictionary size for lzma compression")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 77e2bccde8)
2018-08-30 10:58:38 +02:00
Thomas Equeter
cd49f57ff7 uqmi: wait for the control device too
The control device /dev/cdc-wdm0 is not available immediately on the
D-Link DWR-921 Rev.C3, therefore the wwan interface fails to start at
boot with a "The specified control device does not exist" error.

This patch alters /lib/netifd/proto/qmi.sh to wait for
network.wwan.delay earlier, before checking for the control device,
instead of just before interacting with the modem.

One still has to use network.wwan.proto='qmi', as the "wwan" proto
performs that sort of check before any delay is possible, failing with a
"No valid device was found" error.

Signed-off-by: Thomas Equeter <tequeter@users.noreply.github.com>
2018-08-30 09:30:37 +02:00
Giuseppe Lippolis
159a52e1c2 comgt: increase timeout on runcommands
Some combination of modem/wireless operator requires more time to
execute the commands.
Tested on DWR-512 embedded wwan modem and italian operator iliad (new
virtual operator).

Signed-off-by: Giuseppe Lippolis <giu.lippolis@gmail.com>
(cherry picked from commit 774d7fc9f2)
2018-08-29 08:35:24 +02:00
Bruno Randolf
27e6d719e9 ugps: Update to fix position calculation
This is necessary to get my position right.
Without this my longitude is incorrecty -15.85xxxx instead of -16.52yyyy

Signed-off-by: Bruno Randolf <br1@einfach.org>
(cherry picked from commit fe960cead7)
2018-08-29 08:32:38 +02:00
Bruno Randolf
011e7cb5fe ugps: Add option disabled
Like many other packages, an option to disable can be practical.

Signed-off-by: Bruno Randolf <br1@einfach.org>
(cherry picked from commit 6b14a73f4f)
2018-08-29 08:32:33 +02:00
Koen Vandeputte
def9d215ac kernel: bump 4.14 to 4.14.67
Refreshed all patches.

Removed upstreamed patches:
- 037-v4.18-0008-ARM-dts-BCM5301x-Fix-i2c-controller-interrupt-type.patch

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-08-28 23:06:48 +02:00
Koen Vandeputte
5fde931d60 kernel: bump 4.9 to 4.9.124
Refreshed all patches.

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-08-28 23:06:47 +02:00
Michal Cieslakiewicz
4bff3f392b ar71xx: WNR612v2: fix kernel panic due to wrong Wifi LED init
Netgear WNR612v2 flashed with recent OpenWrt builds suffers from kernel
panic at boot during wireless chip initialization, making device
unusable:

 ath: phy0: Ignoring endianness difference in EEPROM magic bytes.
 ath: phy0: Enable LNA combining
 CPU 0 Unable to handle kernel paging request at virtual address 1000fee1, epc == 801d08f0, ra == 801d0d90
 Oops[#1]:
 CPU: 0 PID: 469 Comm: kmodloader Not tainted 4.9.120 #0
 [ ... register dump etc ... ]
 Kernel panic - not syncing: Fatal exception
 Rebooting in 1 seconds..

This simple patch fixes above error. It keeps LED table in memory after
kernel init phase for ath9k driver to operate correctly (__initdata
removed).

Also, another bug is fixed - correct array size is provided to function
that adds platform LEDs (this device has only 1 connected to Wifi chip)
preventing code from going outside array bounds.

Fixes: 1f5ea4eae4 ("ar71xx: add correct named default wireless led by using platform leds")

Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
[trimmed commit message]
Signed-off-by: Mathias Kresin <dev@kresin.me>
2018-08-28 07:21:13 +02:00
Matthias Schiffer
e302272765
ar71xx/generic: enable Zyxel NBG6616 in kernel config again
The NBG6616 shares a config symbol with the NBG6716. It was accidentally
removed from the config when the ar71xx-tiny target was split off.

Fixes: 0cd5e85e7a ("ar71xx: create new ar71xx/tiny subtarget for 4MB flash devices")
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit a4f4ddba61)
2018-08-27 21:39:40 +02:00
Antonio Silverio
5a07b4e7f5 mac80211: mwl8k: Expand non-DFS 5G channels
Add non-DFS 5G upper channels (149-165) besides existed 4 lower channels
(36, 40, 44, 48).

Signed-off-by: Antonio Silverio <menion@gmail.com>
2018-08-27 13:28:52 +02:00
Felix Fietkau
14580aaf81 mt76: update to the latest version
7daf962 mt7603: add survey support
980c606 mt7603: add fix for CCA signal configuration
30b8371 mt7603: fix BAR rate

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-08-25 11:10:44 +02:00
Hans Dedecker
8bb9d053eb dropbear: backport upstream fix for CVE-2018-15599
CVE description :
The recv_msg_userauth_request function in svr-auth.c in Dropbear through
2018.76 is prone to a user enumeration vulnerability because username
validity affects how fields in SSH_MSG_USERAUTH messages are handled,
a similar issue to CVE-2018-15473 in an unrelated codebase.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-08-24 19:17:50 +02:00
Roger Pueyo Centelles
79518b7a4b ramips: mt7620: add dir-810l network config
The device was not included in the /etc/board.d/02_network file, so
the network wouldn't be properly set up on boot.

Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
2018-08-23 22:44:47 +02:00
Mathias Kresin
f1c3b5454e ramips: fix compatibles in SoC dtsi
The former used compatibles aren't defined anywhere and aren't used by
the devicetree source files including them.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2018-08-23 22:44:47 +02:00
Mathias Kresin
446dccc000 ramips: fix GL-MT300N-V2 SoC compatible
According to abbfcc8525 ("ramips: add support for GL-inet
GL-MT300N-V2") the board has a MediaTek MT7628AN. Change the SoC
compatible to match the used hardware.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2018-08-23 22:44:47 +02:00
Mathias Kresin
4ffed014a3 ramips: drop not existing groups from pinmux
RT5350 neither have rgmii nor a mdio pinmux group. MT7628an doesn't
have a jtag group. Having these groups defined might cause a boot
panic.

The pin controller fails to initialise for kernels > 4.9 if invalid
groups are used. If a subsystem references a pin controller
configuration node, it can not find this node and errors out. In worst
case it's the SPI driver which errors out and we have no root
filesystem to mount.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2018-08-23 22:44:47 +02:00