This CVE is a culmination of multiple integer overflow issues that cause
multiple issues like Denial of Service and authentication bypass.
More info: https://nvd.nist.gov/vuln/detail/CVE-2015-8370
Taken from Fedora.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
While "rawnand.h" is available in kernel 4.14,
the default for this target is kernel 4.9 in which "nand.h" should be used.
Add an extra check to include the correct file depending on kernel version
Fixes these build errors:
drivers/mtd/nand/ar934x_nfc.c:16:10: fatal error: linux/mtd/rawnand.h: No such file or directory
#include <linux/mtd/rawnand.h>
^~~~~~~~~~~~~~~~~~~~~
compilation terminated.
Fixes: 318e19ba6755 ("ar71xx: add v4.14 support")
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Allows discovery without having to use NetBIOS. Useful for mobile devices.
Could eventually throw nbmd away. But that requires Windows 10...
Tested on Fedora 28 with avahi-discover.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Since kernel 4.14 there is no auto assignment of conntrack helpers anymore
so fw3 needs raw table support in order to stage ct helper assignment rules.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Remove creation of file /etc/ethers in dnsmasq init script as the
file is now created by default in the base-files package by
commit fa3301a28e
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
/etc/ethers is missing on /rom but always created when dnsmasq
runs. It is better to have it in place and avoid an extra change
in flash after firstboot.
It will generate an extra /etc/ethers-opkg when it has changed.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
This adds processing of all CSA arguments from ubus switch_chan request
in the same manner as in the control interface API.
Signed-off-by: Yury Shvedov <yshvedov@wimarksystems.com>
Added boolean symbol for GCC 8 and higher, when we add newer GCC, we don't have
to modify rules.mk to keep things consistant.
Fixes: da9d760 ("rules.mk: replace iremap when using GCC 8")
Signed-off-by: Syrone Wong <wong.syrone@gmail.com>
As of commit c6e02b49f65cb4eff624a0831d3db265b3fadd2a the octeon target
uses octeonplus instead of octeon
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Sysupgrading to ath79 from ar71xx currently fails because of mismatching
supported_devices. ar71xx is expecting "tl-mr3020" which is missing in
the ath79 image. Upgrading from ath79 is unaffected, as the image
contains the old string for ar71xx and the new one coming from the
device-tree.
Signed-off-by: David Bauer <mail@david-bauer.net>
PISEN WMM003N is never supported by ar71xx, this commit also removed
SUPPORTED_DEVICES for it because it's completely useless.
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
This commit adds support for the AVM Fritz!Box 4020 WiFi-router.
SoC: Qualcomm Atheros QCA9561 (Dragonfly) 750MHz
RAM: Winbond W971GG6KB-25
FLASH: Macronix MX25L12835F
WiFi: QCA9561 b/g/n 3x3 450Mbit/s
USB: 1x USB 2.0
IN: WPS button, WiFi button
OUT: Power LED green, Internet LED green, WLAN LED green,
LAN LED green, INFO LED green, INFO LED red
UART: Header Next to Black metal shield
Pinout is 3.3V - RX - TX - GND (Square Pad is 3.3V)
The Serial setting is 115200-8-N-1.
Tested and working:
- Ethernet (LAN + WAN)
- WiFi (correct MAC)
- Installation via EVA bootloader
- OpenWRT sysupgrade
- Buttons
- LEDs
The USB port doesn't work. Both Root Hubs are detected as having 0 Ports:
[ 3.670807] kmodloader: loading kernel modules from /etc/modules-boot.d/*
[ 3.723267] usbcore: registered new interface driver usbfs
[ 3.729058] usbcore: registered new interface driver hub
[ 3.734616] usbcore: registered new device driver usb
[ 3.744181] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
[ 3.758357] SCSI subsystem initialized
[ 3.766026] ehci-platform: EHCI generic platform driver
[ 3.771548] ehci-platform ehci-platform.0: EHCI Host Controller
[ 3.777708] ehci-platform ehci-platform.0: new USB bus registered, assigned bus number 1
[ 3.788169] ehci-platform ehci-platform.0: irq 48, io mem 0x1b000000
[ 3.816647] ehci-platform ehci-platform.0: USB 2.0 started, EHCI 0.00
[ 3.824001] hub 1-0:1.0: USB hub found
[ 3.828219] hub 1-0:1.0: config failed, hub doesn't have any ports! (err -19)
[ 3.835825] ehci-platform ehci-platform.1: EHCI Host Controller
[ 3.842009] ehci-platform ehci-platform.1: new USB bus registered, assigned bus number 2
[ 3.852481] ehci-platform ehci-platform.1: irq 49, io mem 0x1b400000
[ 3.886631] ehci-platform ehci-platform.1: USB 2.0 started, EHCI 0.00
[ 3.894011] hub 2-0:1.0: USB hub found
[ 3.898190] hub 2-0:1.0: config failed, hub doesn't have any ports! (err -19)
[ 3.908928] usbcore: registered new interface driver usb-storage
[ 3.915634] kmodloader: done loading kernel modules from /etc/modules-boot.d/*
A few words about the shift-register:
AVM used a trick to control the shift-register for the LEDs with only 2
pins, SERCLK and MOSI. Q7S, normally used for daisy-chaining multiple
shift-registers, pulls the latch, moving the shift register-state to
the storage register. It also pulls down MR (normally pulled up) to
clear the storage register, so the latch gets released and will not be
pulled by the remaining bits in the shift-register. Shift register is
all-zero after this.
For that we need to make sure output 7 is set to high on driver probe.
We accomplish this by using gpio-hogging.
Installation via EVA:
In the first seconds after Power is connected, the bootloader will
listen for FTP connections on 169.254.157.1 (Might also be 192.168.178.1).
Firmware can be uploaded like following:
ftp> quote USER adam2
ftp> quote PASS adam2
ftp> binary
ftp> debug
ftp> passive
ftp> quote MEDIA FLSH
ftp> put openwrt-sysupgrade.bin mtd1
Note that this procedure might take up to two minutes. After transfer is
complete you need to powercycle the device to boot OpenWRT.
Signed-off-by: David Bauer <mail@david-bauer.net>
TP-Link Archer C7 v1 is a dual band router
based on Qualcomm/Atheros QCA9558 + QCA9880.
Specification:
- 720 MHz CPU
- 128 MB of RAM (Various chips)
- 8 MB of FLASH (Various chips)
- SoC QCA9558 integrated 3T3R 2.4 GHz Wi-Fi
- minipcie slot with 3T3R 5 GHz QCA9880-AR1A (unsupported by ath10k!)
- 5x 10/100/1000 Mbps Ethernet (AR8327N Switch)
- 10x LEDs, 2x software buttons
For further informwation on the device, visit the wiki:
<https://openwrt.org/toh/tp-link/archer-c7-1750>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Update util-linux to 2.32.1
For release notes see https://lwn.net/Articles/759922/
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
I-O DATA WN-AC1167DGR is a 2.4/5 GHz band 11ac router, based on
Qualcomm Atheros QCA9557.
Specification:
- Qualcomm Atheros QCA9557
- 128 MB of RAM (DDR2)
- 16 MB of Flash (SPI)
- 2T2R 2.4/5 GHz wifi
- 2.4 GHz: SoC internal
- 5 GHz: QCA988x
- 5x 10/100/1000 Mbps Ethernet
- 6x LEDs, 6x keys (4x buttons, 1x slide switch)
- UART header on PCB
- Vcc, GND, TX, RX from ethernet port side
- 115200n8
Flash instruction using factory image:
1. Connect the computer to the LAN port of WN-AC1167DGR
2. Connect power cable to WN-AC1167DGR and turn on it
3. Access to "http://192.168.0.1/" and open firmware update page
("ファームウェア")
4. Select the OpenWrt factory image and click update ("更新") button
5. Wait ~150 seconds to complete flashing
Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
Adding tl-wr841-v11 and the rename of tl-wr841n-v9 to tl-wr841-v9 in 01_leds
and 02_network script files are missing in commits cc35c91 and 8db6522.
Signed-off-by: Johann Neuhauser <johann@it-neuhauser.de>
[merged with identical case in 02_network]
Signed-off-by: Mathias Kresin <dev@kresin.me>
If it isn't a usb led, it shouldn't be used as one by default. It is up
to the user to add such a (mis)configuration for the board.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Buffalo WHR-G301N is a 2.4 GHz 11n router, based on Atheros AR7240.
Ported from ar71xx target.
Specification:
- Atheros AR7240
- 32 MB of RAM
- 4 MB of Flash
- 2.4 GHz 2T2R wifi
- 5x 10/100 Mbps Ethernet
- 9x LEDs, 4x keys
- LED: 8x gpio-leds, 1x ath9k-leds
- key: 2x buttons, 1x slide switch
- UART header on PCB
- Vcc, GND, TX, RX from LEDs side
- 115200n8
Flash instruction using factory image:
1. Connect the computer to the LAN port of WHR-G301N
2. Connect power cable to WHR-G301N and turn on it
3. Access to "http://192.168.11.1/" and open firmware update page
("ファーム更新")
4. Select the OpenWrt factory image and click execute ("実行") button
5. Wait ~150 seconds to complete flashing
Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
[fix the SUPPORTED_DEVICES to be compatible with the ar71xx image]
Signed-off-by: Mathias Kresin <dev@kresin.me>
Indicate a (sys)upgrade via leds as well. It brings the lantiq diag.sh
script en par with the other implementations using devicetree aliases
to define multiple leds for boot status indication.
By default, use the boot finished led to indicate an upgrade for now.
Signed-off-by: Mathias Kresin <dev@kresin.me>
The upgrade led is only used if a running led is defined. If no running
led is defined, the upgrade led is ignored and upgrade isn't indicated
at all.
Instead, turn off the running led prior to turning the upgrade led on.
In most cases there isn't any visual change, but it allows to use an
independent led for upgrade indication.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Set the (sys)upgrade state when sourcing the stage2 script instead of
setting the state for each target individual.
This change fixes the, due to a missing state set, not working upgrade
led on ath79 and apm821xx.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Since kernel 4.10 commit 61e84623ace3 ("net: centralize net_device
min/max MTU checking"), the range of mtu is [min_mtu, max_mtu], which
is [68, 1500] by default.
It's necessary to set a max_mtu if a mtu > 1500 is supported.
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Mathias Kresin <dev@kresin.me>
This fixes the following security problems:
* CVE-2018-0732: Client DoS due to large DH parameter
* CVE-2018-0737: Cache timing vulnerability in RSA Key Generation
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The following patch was integrated upstream:
* target/linux/generic/backport-4.9/500-ext4-fix-check-to-prevent-initializing-reserved-inod.patch
This fixes tries to work around the following security problems:
* CVE-2018-3620 L1 Terminal Fault OS, SMM related aspects
* CVE-2018-3646 L1 Terminal Fault Virtualization related aspects
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The following patches were integrated upstream:
* target/linux/ipq40xx/patches-4.14/050-0006-mtd-nand-qcom-Add-a-NULL-check-for-devm_kasprintf.patch
* target/linux/mediatek/patches-4.14/0177-phy-phy-mtk-tphy-use-auto-instead-of-force-to-bypass.patch
This fixes tries to work around the following security problems:
* CVE-2018-3620 L1 Terminal Fault OS, SMM related aspects
* CVE-2018-3646 L1 Terminal Fault Virtualization related aspects
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Use the orange led by default to match the bootloader/stock firmware
behaviour. Turn on the green power led after boot to indicate a
finished boot and the orange one off.
Signed-off-by: Dmitry Tunin <hanipouspilot@gmail.com>
[reword commit message, keep orange power led enabled during early
kernel boot]
Signed-off-by: Mathias Kresin <dev@kresin.me>
Use the orange led by default to match the bootloader/stock firmware
behaviour. Turn on the blue power led after boot to indicate a finished
boot and the orange one off.
Signed-off-by: Dmitry Tunin <hanipouspilot@gmail.com>
[reword commit message, keep orange power led enabled during early
kernel boot]
Signed-off-by: Mathias Kresin <dev@kresin.me>
Use diag.sh version used for apm821xx, ipq40xx and ipq806x, which
supports different leds for the different boot states.
The existing led sequences should be the same as before.
Signed-off-by: Dmitry Tunin <hanipouspilot@gmail.com>
[reword commit message]
Signed-off-by: Mathias Kresin <dev@kresin.me>
The DWR-118-A2 Wireless Router is based on the MT7620A SoC.
Specification:
- MediaTek MT7620A (580 Mhz)
- 128 MB of RAM
- 16 MB of FLASH
- 1x 802.11bgn radio
- 1x 802.11ac radio (MT7612EN)
- 4x 10/100 Mbps Ethernet (1 WAN and 3 LAN)
- 1x 10/100/1000 Mbps Marvell Ethernet PHY (1 LAN)
- 2x external, non-detachable antennas
- 1x USB 2.0
- UART (J1) header on PCB (57600 8n1)
- 7x LED (5x GPIO-controlled), 2x button
- JBOOT bootloader
Known issues:
- GELAN not working
- flash is very slow
The status led has been assigned to the dwr-118-a2:green:internet led.
At the end of the boot it is switched off and is available for other
operation. Work correctly also during sysupgrade operation.
Installation:
Apply factory image via http web-gui or JBOOT recovery page
How to revert to OEM firmware:
- push the reset button and turn on the power. Wait until LED start
blinking (~10sec.)
- upload original factory image via JBOOT http (IP: 192.168.123.254)
Signed-off-by: Cezary Jackiewicz <cezary@eko.one.pl>
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>