Commit Graph

18235 Commits

Author SHA1 Message Date
Hauke Mehrtens
8d995b3bd7 mac80211: Update to version 5.10.168-1
This update mac80211 to version 5.10.168-1. This includes multiple
bugfixes. Some of these bugfixes are fixing security relevant bugs.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-02-18 19:22:17 +01:00
John Audia
dbbf5c2a1d openssl: bump to 1.1.1t
Changes between 1.1.1s and 1.1.1t [7 Feb 2023]

  *) Fixed X.400 address type confusion in X.509 GeneralName.

     There is a type confusion vulnerability relating to X.400 address processing
     inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING
     but subsequently interpreted by GENERAL_NAME_cmp as an ASN1_TYPE. This
     vulnerability may allow an attacker who can provide a certificate chain and
     CRL (neither of which need have a valid signature) to pass arbitrary
     pointers to a memcmp call, creating a possible read primitive, subject to
     some constraints. Refer to the advisory for more information. Thanks to
     David Benjamin for discovering this issue. (CVE-2023-0286)

     This issue has been fixed by changing the public header file definition of
     GENERAL_NAME so that x400Address reflects the implementation. It was not
     possible for any existing application to successfully use the existing
     definition; however, if any application references the x400Address field
     (e.g. in dead code), note that the type of this field has changed. There is
     no ABI change.
     [Hugo Landau]

  *) Fixed Use-after-free following BIO_new_NDEF.

     The public API function BIO_new_NDEF is a helper function used for
     streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL
     to support the SMIME, CMS and PKCS7 streaming capabilities, but may also
     be called directly by end user applications.

     The function receives a BIO from the caller, prepends a new BIO_f_asn1
     filter BIO onto the front of it to form a BIO chain, and then returns
     the new head of the BIO chain to the caller. Under certain conditions,
     for example if a CMS recipient public key is invalid, the new filter BIO
     is freed and the function returns a NULL result indicating a failure.
     However, in this case, the BIO chain is not properly cleaned up and the
     BIO passed by the caller still retains internal pointers to the previously
     freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO
     then a use-after-free will occur. This will most likely result in a crash.
     (CVE-2023-0215)
     [Viktor Dukhovni, Matt Caswell]

  *) Fixed Double free after calling PEM_read_bio_ex.

     The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and
     decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload
     data. If the function succeeds then the "name_out", "header" and "data"
     arguments are populated with pointers to buffers containing the relevant
     decoded data. The caller is responsible for freeing those buffers. It is
     possible to construct a PEM file that results in 0 bytes of payload data.
     In this case PEM_read_bio_ex() will return a failure code but will populate
     the header argument with a pointer to a buffer that has already been freed.
     If the caller also frees this buffer then a double free will occur. This
     will most likely lead to a crash.

     The functions PEM_read_bio() and PEM_read() are simple wrappers around
     PEM_read_bio_ex() and therefore these functions are also directly affected.

     These functions are also called indirectly by a number of other OpenSSL
     functions including PEM_X509_INFO_read_bio_ex() and
     SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL
     internal uses of these functions are not vulnerable because the caller does
     not free the header argument if PEM_read_bio_ex() returns a failure code.
     (CVE-2022-4450)
     [Kurt Roeckx, Matt Caswell]

  *) Fixed Timing Oracle in RSA Decryption.

     A timing based side channel exists in the OpenSSL RSA Decryption
     implementation which could be sufficient to recover a plaintext across
     a network in a Bleichenbacher style attack. To achieve a successful
     decryption an attacker would have to be able to send a very large number
     of trial messages for decryption. The vulnerability affects all RSA padding
     modes: PKCS#1 v1.5, RSA-OEAP and RSASVE.
     (CVE-2022-4304)
     [Dmitry Belyavsky, Hubert Kario]

Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit 4ae86b3358)

The original commit removed the upstreamed patch 010-padlock.patch, but
it's not on OpenWrt 21.02, so it doesn't have to be removed.

Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
2023-02-18 16:16:44 +01:00
Josef Schlehofer
1b6e9b3f64 opkg: add patch to avoid remove package repeatly with force
This patch was taken from the OpenWrt-devel mailing list:
https://www.mail-archive.com/openwrt-devel@lists.openwrt.org/msg59794.html

It is included already in OpenWrt master branch and OpenWrt 22.03
release as it was included in opkg-lede repository:
https://git.openwrt.org/?p=project/opkg-lede.git;a=commit;h=9c44557a776da993c2ab80cfac4dbd8d59807d01

However, it is not included in OpenWrt 21.02, where the same issue is
happening.

Fixes: CI for https://github.com/openwrt/packages/pull/20074

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2023-01-06 17:34:46 +01:00
Daniel Golle
cdd9bee370 kernel: add kmod-nvme package
Add driver for NVM Express block devices, ie. PCIe connected SSDs.

Targets which allow booting from NVMe (x86, maybe some mvebu boards come
to mind) should have it built-in, so rootfs can be mounted from there.
For targets without NVMe support in bootloader or BIOS/firmware it's
sufficient to provide the kernel module package.

On targets having the NVMe driver built-in the resulting kmod package
is an empty dummy. In any case, depending on or installing kmod-nvme
results in driver support being available (either because it was already
built-in or because the relevant kernel modules are added and loaded).

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit dbe53352e3)
2023-01-06 17:30:51 +01:00
Hauke Mehrtens
0f423804f6 kernel: kmod-isdn4linux: Remove package
The isdn4linux drivers and subsystem was removed in kernel 5.3, remove
the kernel package also from OpenWrt.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit db55dea5fc)
2023-01-06 17:26:45 +01:00
Hauke Mehrtens
66fa45ecef kernel: kmod-ipt-ulog: Remove package
The ulog iptables target was removed with kernel 3.17, remove the kernel
and also the iptables package in OpenWrt too.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 2a0284fb03)
2023-01-06 17:23:25 +01:00
Hauke Mehrtens
e6b1094b8d kernel: kmod-w1-slave-ds2760: Remove package
The w1_ds2760.ko driver was merged into the ds2760_battery.ko driver.
The driver was removed and this package was never build any more.
This happened with kernel 4.19.

Remove this unused package.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 5808973d14)
2023-01-06 17:23:25 +01:00
Hauke Mehrtens
ab9025769b kenrel: kmod-rtc-pt7c4338: Remove package
The rtc-pt7c4338.ko was never upstream under this name, the driver was
removed from OpenWrt some years ago, remove the kmod-rtc-pt7c4338
package too.

Fixes: 74d00a8c38 ("kernel: split patches folder up into backport, pending and hack folders")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 5ccf4dcf88)
2023-01-06 17:23:25 +01:00
Josef Schlehofer
3e0faf2866 kernel: build crypto md5/sha1/sha256 modules for powerpc
This builds and enables kernel optimized modules for mpc85xx target:
- CONFIG_CRYPTO_MD5_PPC [1]
- CONFIG_CRYPTO_SHA1_PPC_SPE [2]
- CONFIG_CRYPTO_SHA256_PPC_SPE [3]

Where it was possible, then use Signal Processing Engine, because
CONFIG_SPE is already enabled in mpc85xx config.

[1] https://cateee.net/lkddb/web-lkddb/CRYPTO_MD5_PPC.html
[2] https://cateee.net/lkddb/web-lkddb/CRYPTO_SHA1_PPC.html
[3] https://cateee.net/lkddb/web-lkddb/CRYPTO_SHA256_PPC_SPE.html

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 3a702f8733)
2023-01-06 17:17:07 +01:00
Josef Schlehofer
8e548ac9bd kernel: fix typo for tegra crypto-sha1 module
Fixes: e889489bed ("kernel: build
arm/neon-optimized sha1/512 modules")

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit f8f9d6901c)
2023-01-06 17:14:40 +01:00
Hauke Mehrtens
18f05da13d
dnsmasq: Backport DHCPv6 server fix (CVE-2022-0934)
This backports a commit from upstream dnsmasq to fix CVE-2022-0934.

CVE-2022-0934 description:
A single-byte, non-arbitrary write/use-after-free flaw was found in
dnsmasq. This flaw allows an attacker who sends a crafted packet
processed by dnsmasq, potentially causing a denial of service.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 002a99eccd)
2022-12-21 13:53:51 +01:00
Christian Marangi
1392bec7de
procd: add patch to fix compilation error
procd complain for an unused verbose variable causing compilation error.
Fix this by setting the variable static following upstream procd
changes.

This is a variant of 0ee73b2c86a853ae3274c7080e2dcd36b81aa1fa that
introduced major change and fixed the verbose variable to static.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-12-04 16:06:35 +01:00
Hauke Mehrtens
06bec84625 mac80211: Update to version 5.10.157
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-12-03 22:34:17 +01:00
Rafał Miłecki
7492906d13 kernel: improve description of NTFS kernel packages
This helps choosing the right NTFS driver from two available options.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit b066ad7d9a)
2022-12-01 16:23:13 +01:00
Rafał Miłecki
8a11563b06 base-files: support "metric" in board.json
It allows prepopulating /etc/config/network interface-s with predefined
metric. It may be useful for devices with multiple WAN ports.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 7f443d2d9a)
2022-12-01 16:09:27 +01:00
Nick Hainke
b33090a0fa wolfssl: update to v5.5.3
Remove "200-ecc-rng.patch" because it was upstramed by:
e2566bab21
Refreshed "100-disable-hardening-check.patch".

Fixes CVE 2022-42905.

Release Notes:
- https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.2-stable
- https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.3-stable

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 745f1ca976)
2022-11-27 16:36:53 +01:00
John Audia
04ca5a8678 openssl: bump to 1.1.1s
Changes between 1.1.1r and 1.1.1s [1 Nov 2022]

  *) Fixed a regression introduced in 1.1.1r version not refreshing the
     certificate data to be signed before signing the certificate.
     [Gibeom Gwon]

 Changes between 1.1.1q and 1.1.1r [11 Oct 2022]

  *) Fixed the linux-mips64 Configure target which was missing the
     SIXTY_FOUR_BIT bn_ops flag. This was causing heap corruption on that
     platform.
     [Adam Joseph]

  *) Fixed a strict aliasing problem in bn_nist. Clang-14 optimisation was
     causing incorrect results in some cases as a result.
     [Paul Dale]

  *) Fixed SSL_pending() and SSL_has_pending() with DTLS which were failing to
     report correct results in some cases
     [Matt Caswell]

  *) Fixed a regression introduced in 1.1.1o for re-signing certificates with
     different key sizes
     [Todd Short]

  *) Added the loongarch64 target
     [Shi Pujin]

  *) Fixed a DRBG seed propagation thread safety issue
     [Bernd Edlinger]

  *) Fixed a memory leak in tls13_generate_secret
     [Bernd Edlinger]

  *) Fixed reported performance degradation on aarch64. Restored the
     implementation prior to commit 2621751 ("aes/asm/aesv8-armx.pl: avoid
     32-bit lane assignment in CTR mode") for 64bit targets only, since it is
     reportedly 2-17% slower and the silicon errata only affects 32bit targets.
     The new algorithm is still used for 32 bit targets.
     [Bernd Edlinger]

  *) Added a missing header for memcmp that caused compilation failure on some
     platforms
     [Gregor Jasny]

Build system: x86_64
Build-tested: bcm2711/RPi4B
Run-tested: bcm2711/RPi4B

Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit a0814f04ed)
2022-11-27 14:04:37 +01:00
Hauke Mehrtens
dec6584b22 iwinfo: update to latest HEAD
0dad3e6 Add support for CCMP-256 and GCMP-256 ciphers

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit cc6a323e23)
2022-11-12 21:06:50 +01:00
Hauke Mehrtens
1eda1a7946 iwinfo: update to latest HEAD
705d3b5 iwinfo: Add missing auth_suites mappings for WPA3

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit cc2dfc5e4d)
2022-11-12 21:06:50 +01:00
Pawel Dembicki
8f459812b8 uboot-layerscape: adjust LS1012A-IOT config and env
In a254279a6c LS1012A-IOT kernel image was switched to FIT.

But u-boot config is lack of FIT and ext4 support.

This patch enables it.

It also fix envs, because for some reason this board need to use "loadaddr"
variable in brackets.

Fixes: #9894
Fixes: a254279a6c ("layerscape: Change to combined rootfs on sd images")
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
(cherry picked from commit d75ed3726d)
2022-11-12 21:05:43 +01:00
Hauke Mehrtens
b3142fff2a mac80211: Update to version 5.10.149-1
This updates mac80211 to version 5.10.149-1 which is based on kernel
5.10.149.
The removed patches were applied upstream.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-10-23 20:52:28 +02:00
Hauke Mehrtens
32f8c6fdf8 OpenWrt v21.02.5: revert to branch defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-10-15 15:02:49 +02:00
Hauke Mehrtens
ea34ce11c1 OpenWrt v21.02.5: adjust config defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-10-15 15:02:44 +02:00
Felix Fietkau
fa9a932fdb mac80211: backport security fix and disable MBSSID support
Fixes: CVE-2022-41674
Fixes: CVE-2022-42719
Fixes: CVE-2022-42720
Fixes: CVE-2022-42721
Fixes: CVE-2022-42722
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-10-13 21:16:38 +02:00
Hauke Mehrtens
e0bb4b7a78 OpenWrt v21.02.4: revert to branch defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-10-09 19:13:55 +02:00
Hauke Mehrtens
66ee6c2231 OpenWrt v21.02.4: adjust config defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-10-09 19:13:29 +02:00
Christian Lamparter
82ebc173b3 firmware: intel-microcode: update to 20220809
Debian's changelog by Henrique de Moraes Holschuh <hmh@debian.org>:

  * New upstream microcode datafile 20220809
    * Fixes INTEL-SA-00657, CVE-2022-21233
      Stale data from APIC leaks SGX memory (AEPIC leak)
    * Fixes unspecified errata (functional issues) on Xeon Scalable
    * Updated Microcodes:
      sig 0x00050653, pf_mask 0x97, 2022-03-14, rev 0x100015e, size 34816
      sig 0x00050654, pf_mask 0xb7, 2022-03-08, rev 0x2006e05, size 44032
      sig 0x000606a6, pf_mask 0x87, 2022-04-07, rev 0xd000375, size 293888
      sig 0x000706a1, pf_mask 0x01, 2022-03-23, rev 0x003c, size 75776
      sig 0x000706a8, pf_mask 0x01, 2022-03-23, rev 0x0020, size 75776
      sig 0x000706e5, pf_mask 0x80, 2022-03-17, rev 0x00b2, size 112640
      sig 0x000806c2, pf_mask 0xc2, 2022-03-19, rev 0x0028, size 97280
      sig 0x000806d1, pf_mask 0xc2, 2022-03-28, rev 0x0040, size 102400
      sig 0x00090672, pf_mask 0x03, 2022-06-07, rev 0x0022, size 216064
      sig 0x00090675, pf_mask 0x03, 2022-06-07, rev 0x0022, size 216064
      sig 0x000906a3, pf_mask 0x80, 2022-06-15, rev 0x0421, size 216064
      sig 0x000906a4, pf_mask 0x80, 2022-06-15, rev 0x0421, size 216064
      sig 0x000a0671, pf_mask 0x02, 2022-03-17, rev 0x0054, size 103424
      sig 0x000b06f2, pf_mask 0x03, 2022-06-07, rev 0x0022, size 216064
      sig 0x000b06f5, pf_mask 0x03, 2022-06-07, rev 0x0022, size 216064

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit bb73828b89)
2022-10-09 17:43:41 +02:00
Nick Hainke
2179d0670d wireless-regdb: update to 2022-08-12
Changes:
9dc9c89 wireless-regdb: update regulatory database based on preceding changes
442bc25 wireless-regdb: update 5 GHz rules for PK and add 60 GHz rule
daee7f3 wireless-regdb: add 5 GHz rules for GY

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 1d2d69c810)
2022-10-09 16:31:48 +02:00
Stijn Tintel
c028078e0b wireless-regdb: bump to 2022.06.06
902b321 wireless-regdb: Update regulatory rules for Israel (IL)
  20f6f34 wireless-regdb: add missing spaces for US S1G rules
  25652b6 wireless-regdb: Update regulatory rules for Australia (AU)
  081873f wireless-regdb: update regulatory database based on preceding changes
  166fbdd wireless-regdb: add db files missing from previous commit
  e3f03f9 Regulatory update for 6 GHz operation in Canada (CA)
  888da5f Regulatory update for 6 GHz operation in United States (US)
  647bcaa Regulatory update for 6 GHz operation in FI
  c6b079d wireless-regdb: update regulatory rules for Bulgaria (BG) on 6GHz
  2ed39be wireless-regdb: Remove AUTO-BW from 6 GHz rules
  7a6ad1a wireless-regdb: Unify 6 GHz rules for EU contries
  68a8f2f wireless-regdb: update regulatory database based on preceding changes

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit e3e9eb31a2)
2022-10-09 16:31:41 +02:00
Sungbo Eo
93f60510b4 wireless-regdb: update to version 2022.02.18
e061299 wireless-regdb: Raise DFS TX power limit to 250 mW (24 dBm) for the US
2ce78ed wireless-regdb: Update regulatory rules for Croatia (HR) on 6GHz
0d39f4c wireless-regdb: Update regulatory rules for South Korea (KR)
acad231 wireless-regdb: Update regulatory rules for France (FR) on 6 and 60 GHz
ea83a82 wireless-regdb: add support for US S1G channels
4408149 wireless-regdb: add 802.11ah bands to world regulatory domain
5f3cadc wireless-regdb: Update regulatory rules for Spain (ES) on 6GHz
e0ac69b Revert "wireless-regdb: Update regulatory rules for South Korea (KR)"
40e5e80 wireless-regdb: Update regulatory rules for South Korea (KR)
e427ff2 wireless-regdb: Update regulatory rules for China (CN)
0970116 wireless-regdb: Update regulatory rules for the Netherlands (NL) on 6GHz
4dac44b wireless-regdb: update regulatory database based on preceding changes

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit 19a90262df)
2022-10-09 16:31:30 +02:00
Petr Štetiar
8444302a92 treewide: fix security issues by bumping all packages using libwolfssl
As wolfSSL is having hard time maintaining ABI compatibility between
releases, we need to manually force rebuild of packages depending on
libwolfssl and thus force their upgrade. Otherwise due to the ABI
handling we would endup with possibly two libwolfssl libraries in the
system, including the patched libwolfssl-5.5.1, but still have
vulnerable services running using the vulnerable libwolfssl-5.4.0.

So in order to propagate update of libwolfssl to latest stable release
done in commit ec8fb542ec ("wolfssl: fix TLSv1.3 RCE in uhttpd by
using 5.5.1-stable (CVE-2022-39173)") which fixes several remotely
exploitable vulnerabilities, we need to bump PKG_RELEASE of all
packages using wolfSSL library.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit f1b7e1434f)
(cherry picked from commit 562894b39d)
2022-10-05 21:09:50 +02:00
Petr Štetiar
914d912741 wolfssl: fix TLSv1.3 RCE in uhttpd by using 5.5.1-stable (CVE-2022-39173)
Fixes denial of service attack and buffer overflow against TLS 1.3
servers using session ticket resumption. When built with
--enable-session-ticket and making use of TLS 1.3 server code in
wolfSSL, there is the possibility of a malicious client to craft a
malformed second ClientHello packet that causes the server to crash.

This issue is limited to when using both --enable-session-ticket and TLS
1.3 on the server side. Users with TLS 1.3 servers, and having
--enable-session-ticket, should update to the latest version of wolfSSL.

Thanks to Max at Trail of Bits for the report and "LORIA, INRIA, France"
for research on tlspuffin.

Complete release notes https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.1-stable

Fixes: CVE-2022-39173
Fixes: https://github.com/openwrt/luci/issues/5962
References: https://github.com/wolfSSL/wolfssl/issues/5629
Tested-by: Kien Truong <duckientruong@gmail.com>
Reported-by: Kien Truong <duckientruong@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit ec8fb542ec)
(cherry picked from commit ce59843662)
2022-10-05 21:09:48 +02:00
Ivan Pavlov
4be7eb7735 wolfssl: bump to 5.5.0
Remove upstreamed: 101-update-sp_rand_prime-s-preprocessor-gating-to-match.patch

Some low severity vulnerabilities fixed
OpenVPN compatibility fixed (broken in 5.4.0)
Other fixes && improvements

Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
(cherry picked from commit 3d88f26d74)
(cherry picked from commit 0c8425bf11)
2022-10-05 21:09:47 +02:00
Eneas U de Queiroz
a13dacbfe0 wolfssl: bump to 5.4.0
This version fixes two vulnerabilities:
-CVE-2022-34293[high]: Potential for DTLS DoS attack
-[medium]: Ciphertext side channel attack on ECC and DH operations.

The patch fixing x86 aesni build has been merged upstream.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 9710fe70a6)
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit ade7c6db1e)
2022-10-05 21:09:46 +02:00
Eneas U de Queiroz
049e8f6c13 wolfssl: bump to v5.3.0-stable
This is mostly a bug fix release, including two that were already
patched here:
- 300-fix-SSL_get_verify_result-regression.patch
- 400-wolfcrypt-src-port-devcrypto-devcrypto_aes.c-remove-.patch

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 73c1fe2890)
(cherry picked from commit 6f8db8fee3)
2022-10-05 21:07:49 +02:00
Alexey Smirnov
1ea34b9621 base-files: add support for heartbeat led trigger
This patch adds support for creation heartbeat led trigger with,
for example, this command:

	ucidef_set_led_heartbeat "..." "..." "..."

from /etc/board.d/01_leds.

Signed-off-by: Alexey Smirnov <s.alexey@gmail.com>
(cherry picked from commit 66071729a2)
2022-09-24 18:00:12 +02:00
Rafał Miłecki
5a31942f20 uboot-bcm4908: include SoC in output files
This fixes problem of overwriting BCM4908 U-Boot and DTB files by
BCM4912 ones. That bug didn't allow booting BCM4908 devices.

Fixes: f4c2dab544 ("uboot-bcm4908: add BCM4912 build")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit a8e1e30543)
2022-09-01 17:39:51 +02:00
Rafał Miłecki
ee34451c48 uboot-bcm4908: add BCM4912 build
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit f4c2dab544)
2022-09-01 17:38:28 +02:00
Rafał Miłecki
4dca82b69c uboot-bcm4908: update to the latest generic
0625aad74d arm: dts: add ASUS GT-AX6000
6fb1cb624d arm: dts: add Netgear RAXE450 / RAXE550

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 3592aa8566)
2022-09-01 17:38:28 +02:00
Felix Fietkau
cb6501435c mac80211: disable ft-over-ds by default
Testing has shown it to be very unreliable in variety of configurations.
It is not mandatory, so let's disable it by default until we have a better
solution.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 2984a04206)
2022-08-30 11:01:27 +02:00
Thibaut VARÈNE
4cb9d08e71 mt76: backport fix encap offload ethernet type check
The driver needs to check if the format is 802.2 vs 802.3 in order to
set a tx descriptor flag. skb->protocol can't be used, since it may not
be properly initialized for packets coming in from a packet socket.  Fix
misdetection by checking the ethertype from the skb data instead.

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
Signed-off-by: Petr Štetiar <ynezz@true.cz> [commit description]
2022-08-28 08:33:46 +02:00
David Bauer
69ea8afaea hostapd: ubus: fix uninitialized pointer
This fixes passing a bogus non-null pointer to the ubus handler in case
the transition request is rejected.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 9b880f09f3)
Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-08-28 08:17:29 +02:00
Clemens Hopfer
32101669db ramips: add support for YunCore AX820/HWAP-AX820
There are two versions which are identical apart from the enclosure:
  YunCore AX820: indoor ceiling mount AP with integrated antennas
  YunCore HWAP-AX820: outdoor enclosure with external (N) connectors

Hardware specs:
  SoC: MediaTek MT7621DAT
  Flash: 16 MiB SPI NOR
  RAM: 128MiB (DDR3, integrated)
  WiFi: MT7905DAN+MT7975DN 2.4/5GHz 2T2R 802.11ax
  Ethernet: 10/100/1000 Mbps x2 (WAN/PoE+LAN)
  LED: Status (green)
  Button: Reset
  Power: 802.11af/at PoE; DC 12V,1A
  Antennas: AX820(indoor): 4dBi internal; HWAP-AX820(outdoor): external

Flash instructions:
  The "OpenWRT support" version of the AX820 comes with a LEDE-based
  firmware with proprietary MTK drivers and a luci webinterface and
  ssh accessible under 192.168.1.1 on LAN; user root, no password.
  The sysupgrade.bin can be flashed using luci or sysupgrade via ssh,
  you will have to force the upgrade due to a different factory name.
  Remember: Do *not* preserve factory configuration!

MAC addresses as used by OEM firmware:
  use   address            source
  2g    44:D1:FA:*:0b      Factory 0x0004 (label)
  5g    46:D1:FA:*:0b      LAA of 2g
  lan   44:D1:FA:*:0c      Factory 0xe000
  wan   44:D1:FA:*:0d      Factory 0xe000 + 1
The wan MAC can also be found in 0xe006 but is not used by OEM dtb.

Due to different MAC handling in mt76 the LAA derived from lan is used
for 2g to prevent duplicate MACs when creating multiple interfaces.

Signed-off-by: Clemens Hopfer <openwrt@wireloss.net>
(cherry picked from commit 4891b86538)
[switch to mtd-mac-address instead of nvmem-cells]
2022-08-28 08:14:45 +02:00
Zoltan HERPAI
052ff08aa7 sunxi: add support for Banana Pi M2 Berry
CPU: Allwinner V40 quad-core Cortex A7 @ 1.2GHz
Memory: 1GB DDR3
Storage: SDcard, native SATA
Network: 10/100/1000M ethernet, Ampak AP6212 wifi + BT
USB: 4x USB 2.0

Installation:
Use the standard sunxi installation to an SD-card.

While the board is very similar to the M2 Ultra board
(the V40 is the automotive version of the R40), as both
the u-boot and kernel supports them separately, and some
pins are different, let's add a separate device spec.

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
(cherry picked from commit 9aa66b8ce7)
2022-08-28 08:12:39 +02:00
Andrea Poletti
caeb618eea ramips: add support for Sitecom WLR-4100 v1 002
Sitecom WLR-4100 v1 002 (marked as X4 N300) is a wireless router
Specification:
SoC: MT7620A
RAM: 64 MB DDR2
Flash: MX25L6405D SPI NOR 8 MB
WIFI: 2.4 GHz integrated
Ethernet: 5x 10/100/1000 Mbps QCA8337
USB: 1x 2.0
LEDS: 2x GPIO controlled, 5x switch
Buttons: 1x GPIO controlled
UART: row of 4 unpopulated holes near USB port, starting count from
      white triangle on PCB:

    VCC 3.3V
    GND
    TX
    RX

    baud: 115200, parity: none, flow control: none

Installation

    Connect to one of LAN (yellow) ethernet ports,
    Open router configuration interface,
    Go to Toolbox > Firmware,
    Browse for OpenWrt factory image with dlf extension and hit Apply,
    Wait few minutes, after the Power LED will stop blinking, the router is
    ready for configuration.

Known issues
Some USB 2.0 devices work at full speed mode 1.1 only

MAC addresses

factory partition only contains one (binary) MAC address in 0x4.
u-boot-env contains four (ascii) MAC addresses, of which two appear
to be valid.

  factory     0x4       **:**:**:**:b9:84  binary
  u-boot-env  ethaddr   **:**:**:**:b9:84  ascii
  u-boot-env  wanaddr   **:**:**:**:b9:85  ascii
  u-boot-env  wlanaddr  00:AA:BB:CC:DD:12  ascii
  u-boot-env  iNICaddr  00:AA:BB:CC:DD:22  ascii

The factory firmware only assigns ethaddr. Thus, we take the
binary value which we can use directly in DTS.

Additional information
OEM firmware shell password is: SitecomSenao
useful for creating backup of original firmware.
There is also another revision of this device (v1 001), based on RT3352 SoC

The nvmem feature (commit 06bb4a5) was introduced in master after the
splitting of the 21.02 branch. It need to be reverted in 21.02..

Signed-off-by: Andrea Poletti <polex73@yahoo.it>
[remove config DT label, convert to nvmem, remove MAC address
 setup from u-boot-env, add MAC address info to commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit de0c380a5f)

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2022-08-28 08:09:15 +02:00
Alois Klink
f5db80a3ab uclibc++: fix compilation with long file paths
Currently, uClic++ 0.2.5 fails to compile when using a long filepath.

For example, if the openwrt directory is in the path:
/tmp/this_directory_name_is_very_long/more_long_paths/.../openwrt,
then uclibc++ will cause a very obtuse error.

Although the uclibc++ makefiles do print a "File name too long" error,
it's not the final error that's printed, so it's a bit confusing:

> /bin/sh: 1:
> cannot create src/abi/libsupc/<SNIP>_libsupc++.a.dep: File name too long
> <SNIP: some other makefile output here>
> array_type_info.o: No such file or directory

Although OpenWRT 22.03 and current master branch have removed uClib++,
I thought I'd make a PR for OpenWRT 21.02, since I encountered it
and there seems to be quite a few other people experiencing the same issue.
It especially happens when using the SDK, (or when using an encrypted fs)
since the pre-packaged SDKs have very long filenames.

This patch is already in upstream [1], but has not yet been released.

[1]: https://git.busybox.net/uClibc++/commit/?id=6687fc9276fa52defaf8592f2001c19b826aec93

Signed-off-by: Alois Klink <alois@aloisklink.com>
2022-08-28 07:53:56 +02:00
Petr Štetiar
b93327c469 zlib: backport null dereference fix
The curl developers found test case that crashed in their testing when
using zlib patched against CVE-2022-37434, same patch we've backported
in commit 7df6795d4c ("zlib: backport fix for heap-based buffer
over-read (CVE-2022-37434)"). So we need to backport following patch in
order to fix issue introduced in that previous CVE-2022-37434 fix.

References: https://github.com/curl/curl/issues/9271
Fixes: 7df6795d4c ("zlib: backport fix for heap-based buffer over-read (CVE-2022-37434)")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit f443e9de70)
(cherry picked from commit 707ec48ab3)
2022-08-09 08:15:26 +02:00
Petr Štetiar
5f189f2f33 zlib: backport fix for heap-based buffer over-read (CVE-2022-37434)
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow
in inflate in inflate.c via a large gzip header extra field. NOTE: only
applications that call inflateGetHeader are affected. Some common
applications bundle the affected zlib source code but may be unable to
call inflateGetHeader.

Fixes: CVE-2022-37434
References: https://github.com/ivd38/zlib_overflow
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 7df6795d4c)
2022-08-08 10:00:39 +02:00
Christian Lamparter
4c8bf081f1 firmware: intel-microcode: update to 20220510
Debian's changelog by Henrique de Moraes Holschuh <hmh@debian.org>:

 * New upstream microcode datafile 20220419
  * Fixes errata APLI-11 in Atom E3900 series processors
  * Updated Microcodes:
    sig 0x000506ca, pf_mask 0x03, 2021-11-16, rev 0x0028, size 16384

 * New upstream microcode datafile 20220510
  * Fixes INTEL-SA-000617, CVE-2022-21151:
    Processor optimization removal or modification of security-critical
    code may allow an authenticated user to potentially enable information
    disclosure via local access (closes: #1010947)
  * Fixes several errata (functional issues) on Xeon Scalable, Atom C3000,
    Atom E3900
  * New Microcodes:
    sig 0x00090672, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992
    sig 0x00090675, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992
    sig 0x000906a3, pf_mask 0x80, 2022-03-24, rev 0x041c, size 212992
    sig 0x000906a4, pf_mask 0x80, 2022-03-24, rev 0x041c, size 212992
    sig 0x000b06f2, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992
    sig 0x000b06f5, pf_mask 0x03, 2022-03-03, rev 0x001f, size 212992
  * Updated Microcodes:
    sig 0x00030679, pf_mask 0x0f, 2019-07-10, rev 0x090d, size 52224
    sig 0x000406e3, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 106496
    sig 0x00050653, pf_mask 0x97, 2021-11-13, rev 0x100015d, size 34816
    sig 0x00050654, pf_mask 0xb7, 2021-11-13, rev 0x2006d05, size 43008
    sig 0x00050656, pf_mask 0xbf, 2021-12-10, rev 0x4003302, size 37888
    sig 0x00050657, pf_mask 0xbf, 2021-12-10, rev 0x5003302, size 37888
    sig 0x0005065b, pf_mask 0xbf, 2021-11-19, rev 0x7002501, size 29696
    sig 0x000506c9, pf_mask 0x03, 2021-11-16, rev 0x0048, size 17408
    sig 0x000506e3, pf_mask 0x36, 2021-11-12, rev 0x00f0, size 109568
    sig 0x000506f1, pf_mask 0x01, 2021-12-02, rev 0x0038, size 11264
    sig 0x000606a6, pf_mask 0x87, 2022-03-30, rev 0xd000363, size 294912
    sig 0x000706a1, pf_mask 0x01, 2021-11-22, rev 0x003a, size 75776
    sig 0x000706a8, pf_mask 0x01, 2021-11-22, rev 0x001e, size 75776
    sig 0x000706e5, pf_mask 0x80, 2022-03-09, rev 0x00b0, size 112640
    sig 0x000806a1, pf_mask 0x10, 2022-03-26, rev 0x0031, size 34816
    sig 0x000806c1, pf_mask 0x80, 2022-02-01, rev 0x00a4, size 109568
    sig 0x000806c2, pf_mask 0xc2, 2021-12-07, rev 0x0026, size 97280
    sig 0x000806d1, pf_mask 0xc2, 2021-12-07, rev 0x003e, size 102400
    sig 0x000806e9, pf_mask 0x10, 2021-11-12, rev 0x00f0, size 105472
    sig 0x000806e9, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 105472
    sig 0x000806ea, pf_mask 0xc0, 2021-11-12, rev 0x00f0, size 105472
    sig 0x000806eb, pf_mask 0xd0, 2021-11-15, rev 0x00f0, size 105472
    sig 0x000806ec, pf_mask 0x94, 2021-11-17, rev 0x00f0, size 105472
    sig 0x00090661, pf_mask 0x01, 2022-02-03, rev 0x0016, size 20480
    sig 0x000906c0, pf_mask 0x01, 2022-02-19, rev 0x24000023, size 20480
    sig 0x000906e9, pf_mask 0x2a, 2021-11-12, rev 0x00f0, size 108544
    sig 0x000906ea, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 104448
    sig 0x000906eb, pf_mask 0x02, 2021-11-12, rev 0x00f0, size 105472
    sig 0x000906ec, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 104448
    sig 0x000906ed, pf_mask 0x22, 2021-11-16, rev 0x00f0, size 104448
    sig 0x000a0652, pf_mask 0x20, 2021-11-16, rev 0x00f0, size 96256
    sig 0x000a0653, pf_mask 0x22, 2021-11-15, rev 0x00f0, size 97280
    sig 0x000a0655, pf_mask 0x22, 2021-11-16, rev 0x00f0, size 96256
    sig 0x000a0660, pf_mask 0x80, 2021-11-15, rev 0x00f0, size 96256
    sig 0x000a0661, pf_mask 0x80, 2021-11-16, rev 0x00f0, size 96256
    sig 0x000a0671, pf_mask 0x02, 2022-03-09, rev 0x0053, size 103424

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 2747a94f09)
2022-07-23 00:25:50 +02:00
Christian Lamparter
c6633681f5 firmware: intel-microcode: update to 20220207
Debian's changelog by Henrique de Moraes Holschuh <hmh@debian.org>:

* upstream changelog: new upstream datafile 20220207
    * Mitigates (*only* when loaded from UEFI firmware through the FIT)
      CVE-2021-0146, INTEL-SA-00528: VT-d privilege escalation through
      debug port, on Pentium, Celeron and Atom processors with signatures
      0x506c9, 0x506ca, 0x506f1, 0x706a1, 0x706a8
      https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/57#issuecomment-1036363145
    * Mitigates CVE-2021-0127, INTEL-SA-00532: an unexpected code breakpoint
      may cause a system hang, on many processors.
    * Mitigates CVE-2021-0145, INTEL-SA-00561: information disclosure due
      to improper sanitization of shared resources (fast-store forward
      predictor), on many processors.
    * Mitigates CVE-2021-33120, INTEL-SA-00589: out-of-bounds read on some
      Atom Processors may allow information disclosure or denial of service
      via network access.
    * Fixes critical errata (functional issues) on many processors
    * Adds a MSR switch to enable RAPL filtering (default off, once enabled
      it can only be disabled by poweroff or reboot).  Useful to protect
      SGX and other threads from side-channel info leak.  Improves the
      mitigation for CVE-2020-8694, CVE-2020-8695, INTEL-SA-00389 on many
      processors.
    * Disables TSX in more processor models.
    * Fixes issue with WBINDV on multi-socket (server) systems which could
      cause resets and unpredictable system behavior.
    * Adds a MSR switch to 10th and 11th-gen (Ice Lake, Tiger Lake, Rocket
      Lake) processors, to control a fix for (hopefully rare) unpredictable
      processor behavior when HyperThreading is enabled.  This MSR switch
      is enabled by default on *server* processors.  On other processors,
      it needs to be explicitly enabled by an updated UEFI/BIOS (with added
      configuration logic).  An updated operating system kernel might also
      be able to enable it.  When enabled, this fix can impact performance.
    * Updated Microcodes:
      sig 0x000306f2, pf_mask 0x6f, 2021-08-11, rev 0x0049, size 38912
      sig 0x000306f4, pf_mask 0x80, 2021-05-24, rev 0x001a, size 23552
      sig 0x000406e3, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 105472
      sig 0x00050653, pf_mask 0x97, 2021-05-26, rev 0x100015c, size 34816
      sig 0x00050654, pf_mask 0xb7, 2021-06-16, rev 0x2006c0a, size 43008
      sig 0x00050656, pf_mask 0xbf, 2021-08-13, rev 0x400320a, size 35840
      sig 0x00050657, pf_mask 0xbf, 2021-08-13, rev 0x500320a, size 36864
      sig 0x0005065b, pf_mask 0xbf, 2021-06-04, rev 0x7002402, size 28672
      sig 0x00050663, pf_mask 0x10, 2021-06-12, rev 0x700001c, size 28672
      sig 0x00050664, pf_mask 0x10, 2021-06-12, rev 0xf00001a, size 27648
      sig 0x00050665, pf_mask 0x10, 2021-09-18, rev 0xe000014, size 23552
      sig 0x000506c9, pf_mask 0x03, 2021-05-10, rev 0x0046, size 17408
      sig 0x000506ca, pf_mask 0x03, 2021-05-10, rev 0x0024, size 16384
      sig 0x000506e3, pf_mask 0x36, 2021-04-29, rev 0x00ec, size 108544
      sig 0x000506f1, pf_mask 0x01, 2021-05-10, rev 0x0036, size 11264
      sig 0x000606a6, pf_mask 0x87, 2021-12-03, rev 0xd000331, size 291840
      sig 0x000706a1, pf_mask 0x01, 2021-05-10, rev 0x0038, size 74752
      sig 0x000706a8, pf_mask 0x01, 2021-05-10, rev 0x001c, size 75776
      sig 0x000706e5, pf_mask 0x80, 2021-05-26, rev 0x00a8, size 110592
      sig 0x000806a1, pf_mask 0x10, 2021-09-02, rev 0x002d, size 34816
      sig 0x000806c1, pf_mask 0x80, 2021-08-06, rev 0x009a, size 109568
      sig 0x000806c2, pf_mask 0xc2, 2021-07-16, rev 0x0022, size 96256
      sig 0x000806d1, pf_mask 0xc2, 2021-07-16, rev 0x003c, size 101376
      sig 0x000806e9, pf_mask 0x10, 2021-04-28, rev 0x00ec, size 104448
      sig 0x000806e9, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 104448
      sig 0x000806ea, pf_mask 0xc0, 2021-04-28, rev 0x00ec, size 103424
      sig 0x000806eb, pf_mask 0xd0, 2021-04-28, rev 0x00ec, size 104448
      sig 0x000806ec, pf_mask 0x94, 2021-04-28, rev 0x00ec, size 104448
      sig 0x00090661, pf_mask 0x01, 2021-09-21, rev 0x0015, size 20480
      sig 0x000906c0, pf_mask 0x01, 2021-08-09, rev 0x2400001f, size 20480
      sig 0x000906e9, pf_mask 0x2a, 2021-04-29, rev 0x00ec, size 106496
      sig 0x000906ea, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 102400
      sig 0x000906eb, pf_mask 0x02, 2021-04-28, rev 0x00ec, size 104448
      sig 0x000906ec, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 103424
      sig 0x000906ed, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 103424
      sig 0x000a0652, pf_mask 0x20, 2021-04-28, rev 0x00ec, size 93184
      sig 0x000a0653, pf_mask 0x22, 2021-04-28, rev 0x00ec, size 94208
      sig 0x000a0655, pf_mask 0x22, 2021-04-28, rev 0x00ee, size 94208
      sig 0x000a0660, pf_mask 0x80, 2021-04-28, rev 0x00ea, size 94208
      sig 0x000a0661, pf_mask 0x80, 2021-04-29, rev 0x00ec, size 93184
      sig 0x000a0671, pf_mask 0x02, 2021-08-29, rev 0x0050, size 102400
    * Removed Microcodes:
      sig 0x00080664, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048
      sig 0x00080665, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048
  * update .gitignore and debian/.gitignore.
    Add some missing items from .gitignore and debian/.gitignore.
  * ucode-blacklist: do not late-load 0x406e3 and 0x506e3.
    When the BIOS microcode is older than revision 0x7f (and perhaps in some
    other cases as well), the latest microcode updates for 0x406e3 and
    0x506e3 must be applied using the early update method.  Otherwise, the
    system might hang.  Also: there must not be any other intermediate
    microcode update attempts [other than the one done by the BIOS itself],
    either.  It must go from the BIOS microcode update directly to the
    latest microcode update.
  * source: update symlinks to reflect id of the latest release, 20220207

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 1753f8c14b)
2022-07-23 00:25:45 +02:00