Hauke Mehrtens [Sun, 17 Nov 2019 22:59:37 +0000 (23:59 +0100)]
wireless-regdb: Make it build with python2
This backports a patch to build it work with python2 in addition to
python3.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
d3a8a62692b06b3e5fe7077a2ce641fbf09cdc19)
Zachary Riedlshah [Wed, 5 Jun 2019 10:58:19 +0000 (22:58 +1200)]
wireless-regdb: update to 2019.06.03
Fixes build issues on a python3 host (issues with the print statement
formatting in the current build).
Includes 100-regdb-write-firmware-file-format-version-code-20.patch and
other fixes.
Closes bugs.openwrt.org/index.php?do=details&task_id=1605.
Uses the tarball as requested.
Signed-off-by: Zachary Riedlshah <git@zacharyrs.me>
(cherry picked from commit
ef3f868da0d78adf2490a762ff567cf5b636c213)
Adrian Schmutzler [Thu, 14 Nov 2019 12:01:39 +0000 (13:01 +0100)]
ar71xx: fix buttons for TP-Link TL-WDR4900 v2
TP-Link TL-WDR4900 v2 only has one combined WPS/Reset button, so
don't set up an RFKILL for this device.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit
25127f58b42d794bd47d56ea107f3dfc9cc4816c)
Adrian Schmutzler [Thu, 14 Nov 2019 11:45:15 +0000 (12:45 +0100)]
ar71xx: fix LED setup for TL-WDR4900 v2
In ar71xx there is only one combined mach file for Archer C5/C7 and
TL-WDR4900 v2. This one uses the same LED struct for all devices,
defining "green" LEDs for them. However, WDR4900 uses blue front
LEDs, while only C5/C7 uses green ones. Despite, in base-files
WDR4900 is actually set up with "blue" for the mentioned LEDs.
Thus, this patch creates a separate LED struct for WDR4900, so the
LEDs can be set up correctly. Despite, the wlan5g LED is removed as
it is controlled by ath9k chip for WDR4900 (in contrast to C5/C7).
Note: While front LEDs are blue, USB LEDs (on the back) are green,
so colors are mixed intentionally for the WDR4900 v2.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit
93f2bcc35e371ec0c4ceb76c06f90b898c726ba5)
Sungbo Eo [Mon, 7 Oct 2019 12:33:51 +0000 (21:33 +0900)]
ramips: set uImage name of WeVO 11AC NAS and W2914NS v2
The stock firmware and bootloader only accept uImage with names that
match certain patterns. This patch enables OpenWrt installation from
stock firmware without having to reflash the bootloader or access the
UART console.
Installation via web interface:
1. Flash **initramfs** image through the stock web interface.
2. Boot into OpenWrt and perform sysupgrade with sysupgrade image.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit
19800ac095f6ddbba03ccab08e5197b1eec4a49e)
[backported]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Adrian Schmutzler [Thu, 14 Nov 2019 11:26:05 +0000 (12:26 +0100)]
ar71xx: fix MAC address setup for TL-WDR4900 v2
The MAC address setup of the TL-WDR4900 v2 is different from the
C5/C7. This aligns ar71xx with the setup in ath79:
wlan0 (5GHz) : -2
wlan1 (2.4GHz) : -1
eth1 (LAN) : 0
eth0 (WAN) : 1
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit
a9d3084b83bb2d0fa2c0b43bf2a0831b5ae1df13)
Adrian Schmutzler [Wed, 13 Nov 2019 14:05:29 +0000 (15:05 +0100)]
ar71xx: fix MAC addresses for Archer C5 v1, C7 v1/v2, WDR4900 v2
As discussed in
1d18a14a90c7 ("ath79: really fix TP-Link Archer C7
v2 MAC address"), stock firmware MAC address assignment is
actually as follows:
wlan0 (5GHz) : -1
wlan1 (2.4GHz) : 0
eth1 (LAN) : 0
eth0 (WAN) : 1
This has never been fixed for ar71xx, so let's do it now.
Note that with WDR4900 v2 even both wlan0 and wlan1 where assigned
to basemac-1 before ...
Fixes: FS#408
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit
a021268032fb64afdce7bafa91c7c7bf44fa6ff2)
Koen Vandeputte [Wed, 20 Nov 2019 07:40:48 +0000 (08:40 +0100)]
ipq40xx: fix build error
Add missing brace which was accidentally omitted
Fixes:
3c5c49af8be7 ("kernel: bump 4.14 to 4.14.154")
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Wed, 6 Nov 2019 12:38:51 +0000 (13:38 +0100)]
mac80211: backport upstream fixes
This potentially fixes some issues seen on IBSS
when interfaces go out of range and then re-appear.
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Tue, 19 Nov 2019 10:08:45 +0000 (11:08 +0100)]
toolchain/gcc: bump to 7.5.0
This updates the GCC to the next minor release which fixes +213 bugs.
Tested on ARMv6, ARMv7, MIPS R2, x86
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Mon, 18 Nov 2019 09:19:58 +0000 (10:19 +0100)]
kernel: bump 4.14 to 4.14.154
Refreshed all patches.
Altered patches:
- 902-debloat_proc.patch
- 040-dmaengine-qcom-bam-Process-multiple-pending-descript.patch
- 807-usb-support-layerscape.patch
- 809-flexcan-support-layerscape.patch
- 816-pcie-support-layerscape.patch
Remove upstreamed:
- 303-spi-nor-enable-4B-opcodes-for-mx66l51235l.patch
New symbols:
X86_INTEL_MPX
X86_INTEL_MEMORY_PROTECTION_KEYS
CONFIG_X86_INTEL_TSX_MODE_OFF
X86_INTEL_TSX_MODE_ON
X86_INTEL_TSX_MODE_AUTO
SGL_ALLOC
Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Hauke Mehrtens [Mon, 18 Nov 2019 06:05:41 +0000 (07:05 +0100)]
mac80211: Adapt to changes to skb_get_hash_perturb()
The skb_get_hash_perturb() function now takes a siphash_key_t instead of
an u32. This was changed in commit
55667441c84f ("net/flow_dissector:
switch to siphash"). Use the correct type in the fq header file
depending on the kernel version.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
(cherry picked from commit
eaa047179ad30d156d0c3da7ec225acfae7a9f00)
Rafał Miłecki [Mon, 18 Nov 2019 13:45:59 +0000 (14:45 +0100)]
mac80211: brcmfmac: fix PCIe reset crash and WARNING
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
cde8c2f2fba019c4cd3b9f6ad463ff86cc783061)
Adrian Schmutzler [Thu, 14 Nov 2019 16:26:44 +0000 (17:26 +0100)]
ath79: fix sysupgrade from ar71xx for WNDR3700 V2 and WNDR3800(CH)
ar71xx has just one board name "wndr3700" for WNDR3700 V1/V2,
WNDR3800 and WNDR3800CH, whereas ath79 provides separate images for
the boards. So, update SUPPORTED_DEVICES to store the correct
ar71xx board names.
Fixes: FS#2510
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit
fc44a8481cbf317febaf27a550e0c9fa49be68d5)
Roger Pueyo Centelles [Wed, 13 Nov 2019 15:18:59 +0000 (09:18 -0600)]
ath79: include rssileds package for ubnt devices with LEDs
Some Ubiquiti devices had the RSSI LEDs configured in 01_leds but
were missing the rssileds package, while others that don't have
RSSI LEDS had the package included.
This commit includes the rssileds package only for those devices
that need it.
Tested on a NanoStation M XW.
Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
(cherry picked from commit
1c6066a867400eca9e335235ff4dc43acacc1183)
[backported to 19.07]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Christian Lamparter [Sat, 16 Nov 2019 21:37:51 +0000 (22:37 +0100)]
ramips: assign correct key-code to wps buttons
The two ASUS WL-330N and WL-330N3G had the
reset keycode assigned to the WPS button. This patch
changes all three devices to use KEY_WPS_BUTTON in
the hopes that this fixes unwanted restarts/
unexpected behavior from the users point of view.
[dropped RG21S]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit
ad65d9d7b264d6d17293c59469e770905d2f785a)
Christian Lamparter [Sat, 16 Nov 2019 21:42:07 +0000 (22:42 +0100)]
ath79: remap D-Link DIR-859 A1 WPS button to WPS
The WPS button was mapped to the restart/reset. This patch
changes it to emit the KEY_WPS_BUTTON keycode so pressing
the WPS button does initiate WPS.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit
7a7610c21bb0979f2ae14f3c31012ac9e148b439)
Jo-Philipp Wich [Sat, 16 Nov 2019 18:54:42 +0000 (19:54 +0100)]
ramips: disable D-Link DIR-300 B1 by default
Disable the DIR-300 B1 image by default as the device has insufficient
flash space for release build images.
Fixes: FS#2606
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Petr Štetiar [Fri, 15 Nov 2019 06:47:51 +0000 (07:47 +0100)]
ramips: rt3833: fix build breakage
Commit
60f41c6c9ef6 ("ramips: add usb-ledtrig-usbport to DEVICE_PACKAGES
of CY-SWR1100") added stray | during backport which caused build
breakage on the buildbots:
bash: -c: line 0: syntax error near unexpected token `|'
bash: -c: line 0: `echo kmod-usb-core kmod-usb-ledtrig-usbport kmod-usb-ohci kmod-usb2 swconfig | | mkhash md5 | head -c 8'
Fixes:
60f41c6c9ef6 ("ramips: add usb-ledtrig-usbport to DEVICE_PACKAGES of CY-SWR1100")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Sungbo Eo [Wed, 13 Nov 2019 14:23:17 +0000 (23:23 +0900)]
ramips: add usb-ledtrig-usbport to DEVICE_PACKAGES of CY-SWR1100
CY-SWR1100 has a USB LED but kmod-usb-ledtrig-usbport is missing
in default images. This commit adds it.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
[changed commit title, backported to 19.07]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit
261c746631d2bf311a6b62a6d3bacce6fde90976)
Sungbo Eo [Wed, 13 Nov 2019 14:22:54 +0000 (23:22 +0900)]
ramips: fix MAC address setup for Samsung CY-SWR1100
Ethernet MAC address setup has been broken since
c3e420f28cf1. Restore
original setting.
Fixes:
c3e420f28cf1 ("ramips: Add support for D-Link DCH-M225")
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit
7231c1edd99217c6baa8d7d5d841d75ad9de26f1)
[backported due to base-files split]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Sungbo Eo [Mon, 11 Nov 2019 16:16:28 +0000 (01:16 +0900)]
kernel: fix typo in fb-sys-fops autoload
AutoLoad parameter must match the exact kernel module name. Fix it.
Fixes:
125f1ce9ad0c ("kernel: video: add DRM core and IMX DRM support for HDMI/LVDS")
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit
6990510aca41074351f92a5abc6f4afb4b606506)
Kyle Copperfield [Thu, 31 Oct 2019 20:03:39 +0000 (20:03 +0000)]
hostapd: add IEEE 802.11k support
Enables radio resource management to be reported by hostapd to clients.
Ref: https://github.com/lede-project/source/pull/1430
Co-developed-by: Lorenzo Santina <lorenzo.santina@edu.unito.it>
Signed-off-by: Lorenzo Santina <lorenzo.santina@edu.unito.it>
Signed-off-by: Kyle Copperfield <kmcopper@danwin1210.me>
[removed the DMARC crap]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
87f9292300cf56ad17f44363ced213c59a95ef44)
Hauke Mehrtens [Sat, 7 Sep 2019 14:17:14 +0000 (16:17 +0200)]
hostapd: Add mesh support for wpad full
This increases the size of the binary slightly:
old:
427722 wpad-wolfssl_2019-08-08-
ca8c2bd2-1_mipsel_24kc.ipk
431696 wpad-openssl_2019-08-08-
ca8c2bd2-1_mipsel_24kc.ipk
new:
442109 wpad-wolfssl_2019-08-08-
ca8c2bd2-1_mipsel_24kc.ipk
445997 wpad-openssl_2019-08-08-
ca8c2bd2-1_mipsel_24kc.ipk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
49cc712b44c76e99bfb716c06700817692975e05)
Hauke Mehrtens [Sat, 4 May 2019 12:02:07 +0000 (14:02 +0200)]
hostapd: use getrandom syscall
hostapd will not use the getrandom() syscall and as a fallback use
/dev/random, the syscall is supported since Linux 3.17 and in the musl,
glibc and uclibc version used by OpenWrt.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
998686364da7d002ba9f6dbb43cc5f32294dd4ab)
Hauke Mehrtens [Sat, 4 May 2019 00:01:15 +0000 (02:01 +0200)]
hostapd: Remove unneeded patch
All the content of this function is proceeded by IEEE8021X_EAPOL no code
accesses the ssid variable outside of this ifdef.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
0d86bf518aaefa57bef577d09a18aff03eccb70c)
Hauke Mehrtens [Fri, 3 May 2019 23:58:53 +0000 (01:58 +0200)]
hostapd: use config option CONFIG_NO_LINUX_PACKET_SOCKET_WAR
Instead of patching the workaround away, just use the config option.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
9b4a27455c17c00698ce7ce24e0bcad419c6319e)
Hauke Mehrtens [Sat, 10 Aug 2019 14:49:34 +0000 (16:49 +0200)]
hostapd: Update to version 2.9 (2019-08-08)
The size of the ipkgs increase a bit (between 0.7% and 1.1%):
old 2019-04-21 (2.8):
288264 wpad-basic_2019-04-21-
63962824-1_mipsel_24kc.ipk
256188 wpad-mini_2019-04-21-
63962824-1_mipsel_24kc.ipk
427475 wpad-openssl_2019-04-21-
63962824-1_mipsel_24kc.ipk
423071 wpad-wolfssl_2019-04-21-
63962824-1_mipsel_24kc.ipk
new 2019-08-08 (2.9):
290217 wpad-basic_2019-08-08-
ca8c2bd2-1_mipsel_24kc.ipk
258745 wpad-mini_2019-08-08-
ca8c2bd2-1_mipsel_24kc.ipk
431732 wpad-openssl_2019-08-08-
ca8c2bd2-1_mipsel_24kc.ipk
427641 wpad-wolfssl_2019-08-08-
ca8c2bd2-1_mipsel_24kc.ipk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
167028b750028ae3dac24f5ff96bbb1ba04e8bd7)
Hauke Mehrtens [Fri, 3 May 2019 23:52:25 +0000 (01:52 +0200)]
hostapd: Update to version 2.8 (2019-04-21)
This also syncs the configuration files with the default configuration
files, but no extra options are activated or deactivated.
The mesh patches were partially merged into hostapd 2.8, the remaining
patches were extracted from patchwork and are now applied by OpenWrt.
The patches still have open questions which are not fixed by the author.
They were taken from this page:
https://patchwork.ozlabs.org/project/hostap/list/?series=62725&state=*
The changes in 007-mesh-apply-channel-attributes-before-running-Mesh.patch
where first applied to hostapd, but later reverted in hostapd commit
3e949655ccc5 because they caused memory leaks.
The size of the ipkgs increase a bit (between 1.3% and 2.3%):
old 2018-12-02 (2.7):
283337 wpad-basic_2018-12-02-
c2c6c01b-11_mipsel_24kc.ipk
252857 wpad-mini_2018-12-02-
c2c6c01b-11_mipsel_24kc.ipk
417473 wpad-openssl_2018-12-02-
c2c6c01b-11_mipsel_24kc.ipk
415105 wpad-wolfssl_2018-12-02-
c2c6c01b-11_mipsel_24kc.ipk
new 2019-04-21 (2.8):
288264 wpad-basic_2019-04-21-
63962824-1_mipsel_24kc.ipk
256188 wpad-mini_2019-04-21-
63962824-1_mipsel_24kc.ipk
427475 wpad-openssl_2019-04-21-
63962824-1_mipsel_24kc.ipk
423071 wpad-wolfssl_2019-04-21-
63962824-1_mipsel_24kc.ipk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
(cherry picked from commit
8af79550e6c280717660f66032d89d21007b15d2)
Jo-Philipp Wich [Fri, 20 Sep 2019 11:20:21 +0000 (13:20 +0200)]
hostapd: mirror ieee80211w ap mode defaults in station mode
For AP mode, OpenWrt automatically sets ieee80211w to either 1 or 2, depending
on whether the encryption is set to sae-mixed, or sae/owe/eap suite-b.
Mirror the same defaults for client mode connections, in order to allow an
OpenWrt station to associate to an OpenWrt ap with SAE, OWE or Suite-B encryption
without the need to manually specify "option ieee80211w" on the station.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
abb4f4075e791789fdb00731035e08a8cf51555f)
Jo-Philipp Wich [Fri, 20 Sep 2019 09:40:52 +0000 (11:40 +0200)]
hostapd: fix OWE settings in client mode
This changes fixes the generation of the wpa_supplicant client configuration
in WPA3 OWE client mode. Instead of incorrectly emitting key_mgmt=NONE, use
the proper key_mgmt=OWE setting instead.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
4209b28d23b8bf28575af5e8904194f49b81532e)
Leon M. George [Wed, 11 Sep 2019 13:22:55 +0000 (15:22 +0200)]
hostapd: declare struct wpa_bss early
wps_supplicant.h assumes that 'struct wpa_bss' is forward declared if
CONFIG_WPS is not defined. With the later inclusion of
600-ubus_support, the issue manifests in warnings like these:
wps_supplicant.h:113:15: warning: 'struct wpa_bss' declared inside parameter list will not be visible outside of this definition or declaration
struct wpa_bss *bss)
^~~~~~~
This patch forward declares 'struct wpa_bss' regardless.
Signed-off-by: Leon M. George <leon@georgemail.eu>
[commit message facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
f974f8213b94578581b35e6b3f8fb1fd5a35f753)
Leon M. George [Wed, 11 Sep 2019 12:10:18 +0000 (14:10 +0200)]
hostapd: revert signature change in patch
The original wpa_hexdump uses a 'void *' for the payload. With patch
410-limit_debug_messages, the signature changes and compiler warnings
occur at various places. One such warning is:
wpa_debug.h:106:20: note: expected 'const u8 * {aka const unsigned char *}' but argument is of type 'struct wpa_eapol_key *'
Signed-off-by: Leon M. George <leon@georgemail.eu>
[commit message facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
a123df275846b1b83aaf3d7488a1544f7c0e09aa)
Eneas U de Queiroz [Mon, 1 Jul 2019 16:40:01 +0000 (13:40 -0300)]
hostapd: adjust removed wolfssl options
This edjusts the selection of recently removed wolfssl options which
have always been built into the library even in their abscence.
Also remove the selection of libwolfssl itself, allowing the library to
be built as a module.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit
94d131332b5adbcf885a92608c40a22b79b3c708)
Russell Senior [Tue, 12 Nov 2019 23:33:48 +0000 (15:33 -0800)]
base-files: add /usr/share/libubox/jshn.sh to sysupgrade stage2
Discovered recent changes had broken sysupgrade for ar71xx mikrotik
rb-493g, traced the problem to missing /usr/share/libubox/jshn.sh after
switching to tmpfs.
Signed-off-by: Russell Senior <russell@personaltelco.net>
Michal Cieslakiewicz [Wed, 6 Nov 2019 09:44:10 +0000 (10:44 +0100)]
ath79: update uboot-envtools for Netgear WNR routers
Boards added: WNR1000v2, WNR2000v3, WNR612v2, WNDR3700.
Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
(cherry picked from commit
d47b68700644f37084b82845e9557b1e9954f533)
[removed WNR1000v2/WNR2000v3 since not supported in 19.07]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Adrian Schmutzler [Mon, 11 Nov 2019 18:03:20 +0000 (19:03 +0100)]
ath79: fix SUPPORTED_DEVICES for TP-Link TL-WR1043ND v3
In ar71xx, the board name for the TL-WR1043ND v3 is equal to v2:
tl-wr1043nd-v2
Fix SUPPORTED_DEVICES for v3 in ath79 accordingly.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit
b5791118ccd3039cc9ef6fd3b1c4efcad6ab154f)
南浦月 [Thu, 19 Sep 2019 09:41:01 +0000 (17:41 +0800)]
ar71xx: fix tl-wdr3320-v2 upgrade
Fix the error that tl-wdr3320-v2 can't upgrade firmware via web
interface by using magic_ver="0200" for this device.
Signed-off-by: 南浦月 <nanpuyue@gmail.com>
[commit message facelift]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit
0ff2385a92c0a31769fce954b7bd571d6114dbc8)
Michal Cieslakiewicz [Wed, 6 Nov 2019 09:43:14 +0000 (10:43 +0100)]
ar71xx: update uboot-envtools for Netgear WNR routers
Boards added: WNR1000v2, WNR2000v3, WNR2200, WNR612v2, WNDR4300.
Boards changed: WNDR3700 (u-boot env size is 2 sectors not 1).
Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
(cherry picked from commit
11052900494ec8216b9b39ba0b24d5e036f4d323)
Koen Vandeputte [Wed, 6 Nov 2019 16:14:43 +0000 (17:14 +0100)]
kernel: bump 4.14 to 4.14.152
Refreshed all patches.
Altered patches:
- 301-arch-support-layerscape.patch
Remove upstreamed:
- 950-0311-sc16is7xx-Fix-for-Unexpected-interrupt-8.patch
Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Zoltan HERPAI [Sat, 9 Nov 2019 12:01:50 +0000 (13:01 +0100)]
firmware: intel-microcode: bump to
20190918
* New upstream microcode datafile
20190918
*Might* contain mitigations for INTEL-SA-00247 (RAMBleed), given
the set of processors being updated.
* Updated Microcodes:
sig 0x000306d4, pf_mask 0xc0, 2019-06-13, rev 0x002e, size 19456
sig 0x000306f4, pf_mask 0x80, 2019-06-17, rev 0x0016, size 18432
sig 0x00040671, pf_mask 0x22, 2019-06-13, rev 0x0021, size 14336
sig 0x000406f1, pf_mask 0xef, 2019-06-18, rev 0xb000038, size 30720
sig 0x00050654, pf_mask 0xb7, 2019-07-31, rev 0x2000064, size 33792
sig 0x00050657, pf_mask 0xbf, 2019-08-12, rev 0x500002b, size 51200
sig 0x00050662, pf_mask 0x10, 2019-06-17, rev 0x001c, size 32768
sig 0x00050663, pf_mask 0x10, 2019-06-17, rev 0x7000019, size 24576
sig 0x00050664, pf_mask 0x10, 2019-06-17, rev 0xf000017, size 24576
sig 0x00050665, pf_mask 0x10, 2019-06-17, rev 0xe00000f, size 19456
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
Zoltan HERPAI [Sun, 25 Aug 2019 20:34:13 +0000 (22:34 +0200)]
firmware: intel-microcode: bump to
20190618
* Implements MDS mitigation (RIDL, Fallout, Zombieload), INTEL-SA-00223
CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
* Updated Microcodes:
sig 0x000206d6, pf_mask 0x6d, 2019-05-21, rev 0x061f, size 18432
sig 0x000206d7, pf_mask 0x6d, 2019-05-21, rev 0x0718, size 19456
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
Zoltan HERPAI [Thu, 16 May 2019 10:32:14 +0000 (12:32 +0200)]
firmware: intel-microcode: bump to
20190514
* New Microcodes:
sig 0x00030678, pf_mask 0x02, 2019-04-22, rev 0x0838, size 52224
sig 0x00030678, pf_mask 0x0c, 2019-04-22, rev 0x0838, size 52224
sig 0x00030679, pf_mask 0x0f, 2019-04-23, rev 0x090c, size 52224
sig 0x000406c3, pf_mask 0x01, 2019-04-23, rev 0x0368, size 69632
sig 0x000406c4, pf_mask 0x01, 2019-04-23, rev 0x0411, size 68608
sig 0x00050657, pf_mask 0xbf, 2019-02-27, rev 0x5000021, size 47104
sig 0x000806e9, pf_mask 0x10, 2018-10-18, rev 0x009e, size 98304
sig 0x000806eb, pf_mask 0xd0, 2018-10-25, rev 0x00a4, size 99328
sig 0x000806ec, pf_mask 0x94, 2019-02-12, rev 0x00b2, size 98304
sig 0x000906ec, pf_mask 0x22, 2018-09-29, rev 0x00a2, size 98304
sig 0x000906ed, pf_mask 0x22, 2019-02-04, rev 0x00b0, size 97280
* Updated Microcodes:
sig 0x000206a7, pf_mask 0x12, 2019-02-17, rev 0x002f, size 12288
sig 0x000306a9, pf_mask 0x12, 2019-02-13, rev 0x0021, size 14336
sig 0x000306c3, pf_mask 0x32, 2019-02-26, rev 0x0027, size 23552
sig 0x000306d4, pf_mask 0xc0, 2019-03-07, rev 0x002d, size 19456
sig 0x000306e4, pf_mask 0xed, 2019-03-14, rev 0x042e, size 16384
sig 0x000306e7, pf_mask 0xed, 2019-03-14, rev 0x0715, size 17408
sig 0x000306f2, pf_mask 0x6f, 2019-03-01, rev 0x0043, size 34816
sig 0x000306f4, pf_mask 0x80, 2019-03-01, rev 0x0014, size 18432
sig 0x00040651, pf_mask 0x72, 2019-02-26, rev 0x0025, size 21504
sig 0x00040661, pf_mask 0x32, 2019-02-26, rev 0x001b, size 25600
sig 0x00040671, pf_mask 0x22, 2019-03-07, rev 0x0020, size 14336
sig 0x000406e3, pf_mask 0xc0, 2019-04-01, rev 0x00cc, size 100352
sig 0x000406f1, pf_mask 0xef, 2019-03-02, rev 0xb000036, size 30720
sig 0x00050654, pf_mask 0xb7, 2019-04-02, rev 0x200005e, size 32768
sig 0x00050662, pf_mask 0x10, 2019-03-23, rev 0x001a, size 32768
sig 0x00050663, pf_mask 0x10, 2019-03-23, rev 0x7000017, size 24576
sig 0x00050664, pf_mask 0x10, 2019-03-23, rev 0xf000015, size 23552
sig 0x00050665, pf_mask 0x10, 2019-03-23, rev 0xe00000d, size 19456
sig 0x000506c9, pf_mask 0x03, 2019-01-15, rev 0x0038, size 17408
sig 0x000506ca, pf_mask 0x03, 2019-03-01, rev 0x0016, size 15360
sig 0x000506e3, pf_mask 0x36, 2019-04-01, rev 0x00cc, size 100352
sig 0x000506f1, pf_mask 0x01, 2019-03-21, rev 0x002e, size 11264
sig 0x000706a1, pf_mask 0x01, 2019-01-02, rev 0x002e, size 73728
sig 0x000806e9, pf_mask 0x10, 2019-04-01, rev 0x00b4, size 98304
sig 0x000806e9, pf_mask 0xc0, 2019-04-01, rev 0x00b4, size 99328
sig 0x000806ea, pf_mask 0xc0, 2019-04-01, rev 0x00b4, size 99328
sig 0x000806eb, pf_mask 0xd0, 2019-03-30, rev 0x00b8, size 98304
sig 0x000806ec, pf_mask 0x94, 2019-03-30, rev 0x00b8, size 97280
sig 0x000906e9, pf_mask 0x2a, 2019-04-01, rev 0x00b4, size 99328
sig 0x000906ea, pf_mask 0x22, 2019-04-01, rev 0x00b4, size 98304
sig 0x000906eb, pf_mask 0x02, 2019-04-01, rev 0x00b4, size 99328
sig 0x000906ec, pf_mask 0x22, 2019-02-14, rev 0x00ae, size 98304
sig 0x000906ed, pf_mask 0x22, 2019-03-17, rev 0x00b8, size 97280
* Implements MDS mitigation (RIDL, Fallout, Zombieload), INTEL-SA-00223
CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
Adrian Schmutzler [Sun, 10 Nov 2019 23:15:36 +0000 (00:15 +0100)]
ath79: fix identifier for Nanostation M in ath9k caldata extraction
When Nanostation M was renamed from ubnt,nano-m to ubnt,nanostation-m
in commit
f1396ac753cc ("ath79: align naming of Ubiquiti Nanostation M"),
the caldata extraction in 10-ath9k-eeprom was overlooked.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit
5dc535419fe5f59839686570545fc4180e14d545)
Jo-Philipp Wich [Sun, 10 Nov 2019 20:33:47 +0000 (21:33 +0100)]
rpcd: update to latest Git HEAD
77ad0de plugin: avoid truncating numeric values
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
aa89bdcd04676b21cbe3e8a7b8df3545a86d947a)
Eneas U de Queiroz [Wed, 6 Nov 2019 21:22:52 +0000 (18:22 -0300)]
wolfssl: update to v4.2.0-stable
Many bugs were fixed--2 patches removed here.
This release of wolfSSL includes fixes for 5 security vulnerabilities,
including two CVEs with high/critical base scores:
- potential invalid read with TLS 1.3 PSK, including session tickets
- potential hang with ocspstaping2 (always enabled in openwrt)
- CVE-2019-15651: 1-byte overread when decoding certificate extensions
- CVE-2019-16748: 1-byte overread when checking certificate signatures
- DSA attack to recover DSA private keys
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit
f4853f7cca816214cd6e64cffe2b73d0b8c16def)
Eneas U de Queiroz [Thu, 12 Sep 2019 20:00:00 +0000 (17:00 -0300)]
wolfssl: allow building with hw-crytpo and AES-CCM
Hardware acceleration was disabled when AES-CCM was selected as a
workaround for a build failure. This applies a couple of upstream
patches fixing this.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit
ab19627ecc3923687fd339f4f23dc45572d00ce0)
Jo-Philipp Wich [Tue, 5 Nov 2019 13:38:40 +0000 (14:38 +0100)]
ustream-ssl: update to latest Git HEAD
c9b6668 ustream-ssl: skip writing pending data if .eof is true after connect
Fixes: CVE-2019-5101, CVE-2019-5102
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
6f9157e6bdea91507af84acdf53da7c0e6879bc1)
Hauke Mehrtens [Fri, 1 Nov 2019 20:16:18 +0000 (21:16 +0100)]
ustream-ssl: Update to latest git HEAD
465f8dc wolfssl: adjust to new API in v4.2.0
3b06c65 Update example certificate & key, fix typo
1c38fd8 wolfssl: enable CN validation
33308ee ustream-io-cyassl.c: fix client-mode connections
79d91aa Remove CyaSSL, WolfSSL < 3.10.4 support
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
57ff06405e09ebce705c01178143c3ce907993b2)
Hauke Mehrtens [Sat, 9 Nov 2019 19:10:58 +0000 (20:10 +0100)]
mac80211: Fix dependencies of kmod-rsi91x-usb
Instead of depending on kmod-usb2 make it depend on the normal USB
dependencies. This should hopefully fix some problems seen in the build
bot builds for powerpc_8540.
In addition also activate DRIVER_11N_SUPPORT support.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
3ff3b044c01949cd7280978b17d0348ee9e7f4ae)
Hauke Mehrtens [Sat, 9 Nov 2019 19:07:18 +0000 (20:07 +0100)]
strace: Fix build on PowerPC
This patch breaks building on PowerPC, like the mpc85xx_generic
target for me.
Fixes: FS#2585
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
b01305c8d26d8eb3525cf79591075601b04736cc)
Hauke Mehrtens [Thu, 7 Nov 2019 20:01:40 +0000 (21:01 +0100)]
uboot-envtools: Add TARGET_LDFLAGS to fix PIE and RELRO
Forward the OpenWrt TARGET_LDFLAGS to the linker of the fw_printenv tool.
In addition also use the more standard make invocation script.
With this change the fw_printenv tool is built with PIE and Full RELRO
support when activated globally in OpenWrt.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
(cherry picked from commit
b7b2be0b268ced260ca8df84be1b0d469aaf6e38)
Rosen Penev [Thu, 7 Nov 2019 22:55:10 +0000 (14:55 -0800)]
xfsprogs: Fix compilation with newer musl
Backported upstream patch.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
39035df71c37d474be2cb2a0fad8d70da095c68b)
David Bauer [Sat, 9 Nov 2019 18:10:51 +0000 (19:10 +0100)]
ramips: correct R6220 button flag
All buttons on the Netgear R6220 are active-low while they are flagged
as active-high.
The GPIO status reads the following for no buttons pressed:
root@64367-r6220:~# cat /sys/kernel/debug/gpio
gpio-7 ( |wps ) in hi
gpio-8 ( |wifi ) in hi
gpio-14 ( |reset ) in hi
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
f7f9fe5256ebb660d3160452c3c01a9eb080938f)
Martin Schiller [Fri, 25 Oct 2019 07:22:29 +0000 (09:22 +0200)]
kernel: fix LED netdev trigger on interface rename
This fixes the netdev LED trigger for interfaces, which are renamed
during initialization (e.g. ppp interfaces).
Fixes: FS#2193
Fixes: FS#2239
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
edbadec843a77286d4f690a3641b7bca97f4c998)
Etienne Champetier [Fri, 8 Nov 2019 14:58:01 +0000 (06:58 -0800)]
build: cleanup possibly dangling Python 3 host symlink
When switching from master branch to 19.07 or older, we need to ensure
that Python symlink in staging bin directory points to Python 2.
We can't rely completly just on SetupHostCommand as its executed only in
cases when the $(STAGING_DIR_HOST)/bin/python doesn't already exist, so
we need to remove it before running SetupHostCommand.
This is a cherry-pick of
3b68fb57c938af3948ae4c2da61501183fbef649
with python3 instead of python2
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
Etienne Champetier [Thu, 31 Oct 2019 10:54:59 +0000 (03:54 -0700)]
build: fixup python SetupHostCommand to use python2
Here is a way to break your build env without this patch:
1) have python point to python3, and no python2
2) start the build, SetupHostCommand will create a symlink
./staging_dir/host/bin/python -> /usr/bin/python
3) build fails on scons because it can't find any python2
4) install python2 and restart the build
5) the build fails on wireless-regdb compile because python is python3 instead of python
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
Josef Schlehofer [Sun, 29 Sep 2019 09:21:29 +0000 (11:21 +0200)]
expat: Update to version 2.2.9
Fixes CVE-2019-15903
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
b4af2c689fc8736777940b7bbf009bb1672296ec)
Josef Schlehofer [Thu, 3 Oct 2019 19:23:00 +0000 (21:23 +0200)]
tools/e2fsprogs: Update to version 1.45.4
Fixes CVE-2019-5094
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
700e7a2eb9c515ffe4f3278857e538ea37cc5e56)
Hans Dedecker [Tue, 17 Sep 2019 20:45:41 +0000 (22:45 +0200)]
curl: bump to 7.66.0
Refresh patches, for changes in version 7.66.0 see https://curl.haxx.se/changes.html#7_66_0
Fixes CVEs:
CVE-2019-5481
CVE-2019-5482
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit
71cf4a272c9cf7d6e604e6327d0c94aeceac26e7)
Adrian Schmutzler [Thu, 7 Nov 2019 17:53:37 +0000 (18:53 +0100)]
ath79: disable building future NAND images for GL-AR300M/GL-AR750S
To simplify the upgrade process and ensure easier identification of
device partitioning, the following devices are disabled on ath79
target in openwrt-19.07 branch:
- glinet,gl-ar300m-nor
- glinet,gl-ar300m-nand
- glinet,gl-ar750s
Proper ath79 (NAND) support for the devices is expected to be
introduced based on kernel 4.19 (see GitHub PR #2184).
In openwrt-19.07, ar71xx should be used for those devices.
With this, we ensure that the new ath79 image names (at least for
releases) refer to the updated partitioning.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
David Bauer [Tue, 5 Nov 2019 21:28:39 +0000 (22:28 +0100)]
mac80211 ath9k: force QCA953x clock to 25MHz
The QCA953x only supports 25 MHz refclk, however some OEMs set an
invalid bootstrap value for the REF_CLK option, which would break the
clock detection in ath9k.
Force the QCA953x refclk to 25MHz in ath9k, as this is (according to the
datasheet) the only valid frequency.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
4c6fe32468bc60cc25a8c298498c0be3c73e7378)
Adrian Schmutzler [Tue, 6 Aug 2019 10:20:05 +0000 (12:20 +0200)]
ar71xx: improve support for TP-Link CPE510 v2
This fixes commit
bae927c551fd ("ar71xx: add support for TP-LINK CPE510
V2.0") where the support for this device wasn't optimal.
Device support for the CPE510v2 so far has been a hack to enable
flashing with CPE510v1 images. Those even have different hardware (e.g.
additional ethernet port).
With this patch, we provide proper support for this device in ar71xx.
Installation:
- Flash factory image through stock firmware WEB UI or through TFTP
- To get to TFTP recovery just hold reset button while powering on
for around 4-5 seconds and release.
- Rename factory image to recovery.bin
- Stock TFTP server IP: 192.168.0.100
- Stock device TFTP address: 192.168.0.254
Fixes:
bae927c551fd ("ar71xx: add support for TP-LINK CPE510 V2.0")
Signed-off-by: Andrew Cameron <apcameron@softhome.net>
[Rebased onto revert commit, changed comments in mach-cpe510.c,
changed commit title and description, fixed eth0 MAC address,
removed eth1 initialization]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
[squashed revert, added fixes tag]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
c79b796280fa5cd64bac663f9d5e5d9a737c30d6)
[added CPE510V2 entry to tplink-safeloader.c]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Adrian Schmutzler [Tue, 5 Nov 2019 12:05:29 +0000 (13:05 +0100)]
gitignore: ignore patches in OpenWrt root directory
This will have GIT ignore patches in root directory, as created
when using "git format-patch".
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit
2c5413559880c54c5eec980121febfe6c7cd287a)
Jo-Philipp Wich [Wed, 6 Nov 2019 08:08:44 +0000 (09:08 +0100)]
OpenWrt v19.07.0-rc1: revert to branch defaults
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Jo-Philipp Wich [Wed, 6 Nov 2019 08:08:44 +0000 (09:08 +0100)]
OpenWrt v19.07.0-rc1: adjust config defaults
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Petr Štetiar [Tue, 5 Nov 2019 20:51:23 +0000 (21:51 +0100)]
Revert "ipq806x: fix EA8500 switch control"
There is a problem with the EA8500, the switch will not work after soft
reboot, the only way to get it working again is to power cycle it
manually.
There are probably several issues in the play, it's quite hard to fix it
without having access to the actual device, so I don't see any other
option now, then revert the offending commit.
Ref: PR#2047
Fixes: FS#2168 ("Switch no longer work after restart on Linksys EA8500")
Reported-by: Adam <424778940z@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
04d6753d03e3a6db07b7a2d3296774d0965bbbfa)
Koen Vandeputte [Tue, 5 Nov 2019 11:16:58 +0000 (12:16 +0100)]
ath10k-firmware: update Candela Tech firmware images
The release notes since last time for wave-1:
* October 5, 2019: Fix too-short msg caused by invalid use of PayloadLen in receive path.
This appears to resolve the issue of getting (and ignoring) too-short commands
when we detect loss of CE interrupts and go into polling mode.
* October 12, 2019: Fix regression in IBSS mode that caused SWBA overrun issues. Related to
regression added during the ct-station logic, specifically TSF allocation.
Thanks for Ahmed Zaki @ Mage-Networks for helping to diagnose and test.
* October 15, 2019: Only send beacon tx completion events if we can detect CT driver is being
used (based on CT_STATS_OK flag being set). This should help CT firmware work
better on stock driver.
The release notes since last time for wave-2:
* October 15, 2019: Only send beacon tx completion events if we can detect CT driver is being
used (based on ATH10k_USE_TXCOMPL_TXRATE2 | ATH10k_USE_TXCOMPL_TXRATE1 flags being set).
This should help CT firmware work better on stock driver.
* October 31, 2019: Compile out peer-ratecode-list-event. ath10k driver ignores the event.
* November 1, 2019: Fix rate-ctrl related crash when nss and other things were changed while
station stays associated. See bug: https://github.com/greearb/ath10k-ct/issues/96
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit
e716e93a2f7290086f49992c9980773c88100c3a)
Jo-Philipp Wich [Tue, 5 Nov 2019 14:07:55 +0000 (15:07 +0100)]
ustream-ssl: backport fix for CVE-2019-5101, CVE-2019-5102
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Daniel Golle [Tue, 5 Nov 2019 09:48:53 +0000 (10:48 +0100)]
mac80211: rt2x00: backport upstream patches
Import patches from upstream to sync 19.07 with master:
9f3e3323e996 rt2x00: allow to specify watchdog interval
2034afe4db4a rt2800: add helpers for reading dma done index
759c5b599cf4 rt2800: initial watchdog implementation
09db3b000619 rt2800: add pre_reset_hw callback
710e6cc1595e rt2800: do not nullify initialization vector data
e403fa31ed71 rt2x00: add restart hw
0f47aeeada2a rt2800: do not enable watchdog by default
41a531ffa4c5 rt2x00usb: fix rx queue hang
3b902fa811cf rt2x00usb: remove unnecessary rx flag checks
1dc244064c47 rt2x00: no need to check return value of debugfs_create functions
706f0182b1ad rt2800usb: Add new rt2800usb device PLANEX GW-USMicroN
95844124385e rt2x00: clear IV's on start to fix AP mode regression
567a9b766b47 rt2x00: do not set IEEE80211_TX_STAT_AMPDU_NO_BACK on tx status
14d5e14c8a6c rt2x00: clear up IV's on key removal
13fa451568ab Revert "rt2800: enable TX_PIN_CFG_LNA_PE_ bits per band"
--pending-- rt2800: remove errornous duplicate condition
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
David Bauer [Mon, 4 Nov 2019 17:48:20 +0000 (18:48 +0100)]
ipq806x: use switch trigger for WAN LED on NETGEAR boards
With this commit, the WAN LED is triggered by the switch port state
instead of the eth0 netdev.
Otherwise, the LED is always illuminated, regardless of the WAN port
link state.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
70d5989c9c99788a9b2a1a737987edcf7e1ae382)
Signed-off-by: David Bauer <mail@david-bauer.net>
David Bauer [Mon, 28 Oct 2019 18:10:14 +0000 (19:10 +0100)]
hostapd: enable PMKSA and OK caching for WPA3-Personal
This enables PMKSA and opportunistic key caching by default for
WPA2/WPA3-Personal, WPA3-Personal and OWE auth types.
Otherwise, Apple devices won't connect to the WPA3 network.
This should not degrade security, as there's no external authentication
provider.
Tested with OCEDO Koala and iPhone 7 (iOS 13.1).
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
3034f8c3b85e70b1dd9b4cd5cd33e9d2cd8be3b8)
Signed-off-by: David Bauer <mail@david-bauer.net>
Yousong Zhou [Mon, 4 Nov 2019 11:09:38 +0000 (11:09 +0000)]
scripts/dl_github_archive.py: fix python3 str, bytes confusion
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit
d26738bc767f48d2dee7097cbfc6d07ffeee58fb)
Yousong Zhou [Fri, 6 Sep 2019 08:29:50 +0000 (08:29 +0000)]
uboot-fritz4040: build with ipq40xx "generic" subtarget
Fixes:
853e4dd3 ("ipqx0xx: add Generic subtarget")
Ref: https://forum.openwrt.org/t/ipq40xx-snapshot-not-updated-since-22nd-august/44126
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit
40e3f660c1c0f400092cce09feb8c13bec97caeb)
Paul Spooren [Thu, 22 Aug 2019 00:59:24 +0000 (14:59 -1000)]
ipqx0xx: add Generic subtarget
Both targets miss a subtarget causing an image naming style which is
different from other all othe targets, even tho it already uses
`x/generic/` as subfolder as if the subtarget would exist.
This commit adds the Generic subtarget resulting in consistent naming.
~/src/openwrt/openwrt/bin/targets/ipq806x/generic$ ls
openwrt-ipq806x-generic-netgear_d7800-initramfs-uImage
openwrt-ipq806x-generic-netgear-d7800.manifest
openwrt-ipq806x-generic-netgear_d7800-squashfs-factory.img
openwrt-ipq806x-generic-netgear_d7800-squashfs-sysupgrade.bin
CC: John Crispin <john@phrozen.org>
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit
853e4dd3062df7cb5704b15d6af6730e3194b571)
Roger Pueyo Centelles [Wed, 4 Sep 2019 09:29:12 +0000 (11:29 +0200)]
ramips: enable external amplifier for D-Link DIR-810L
The 2.4 GHz radio had very poor signal reception (-89 dBm for an AP
sitting 5 m away). By enabling the external amplifier, received signal
has improved to -50 dBm for the same AP.
Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
(cherry picked from commit
e667d6f46b5fa9ade5da1d76c8cc1aab1df1dcb6)
Jeff Kletsky [Wed, 2 Oct 2019 19:06:18 +0000 (12:06 -0700)]
ath79: Clean up GL-AR300M DTS/DTSI inclusions
Modify GL-AR300M-Lite and GL-AR300M (NOR):
* Include qca9531_glinet_gl-ar300m.dtsi directly
rather than qca9531_glinet_gl-ar300m-nor.dts
* Remove redundant inclusion of gpio.h and input.h
Signed-off-by: Jeff Kletsky <git-commits@allycomm.com>
Reviewed-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit
f5c7fe2ff0deb20f76b4d65195434e35cbb4e08a)
Adrian Schmutzler [Mon, 7 Oct 2019 15:08:52 +0000 (17:08 +0200)]
ramips: fix WiFi MAC addresses for D-Link DIR-810L
So far, WiFi MAC addresses for this device have been set up from
caldata. However, this returns values which do not look like MAC
addresses. They also do not match stock firmware:
wlan0 (5.0): 00:11:22:00:17:D0 from 0x8004
wlan1 (2.4): 00:11:22:00:17:CD from 0x4 (and 0x2e)
It looks like the only valid MAC address on this device is at 0x28.
So, this patch changes setup to calculate addresses based on the
value at 0x28:
lan: *:0A (flash, label)
wan: *:0B (flash + 1)
wifi2: *:0A (flash)
wifi5: *:0C (flash + 2)
Thanks to Roger Pueyo Centelles <roger.pueyo@guifi.net> for
investigating this on his devices.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit
d1072096f49823eb39357f9555d7854a9c91bcfb)
Daniel Engberg [Sat, 23 Feb 2019 22:38:04 +0000 (22:38 +0000)]
libevent2: Update to 2.1.11
Update libevent to 2.1.11
Use CMake instead GNU Autotools
Backport following commits:
https://github.com/libevent/libevent/commit/
f05ba671931e2b4e38459899f6f63f79f99869fe
..and partially
https://github.com/libevent/libevent/commit/
7201062f3ef505a77baa6ccaf1cf73812462308a
to fix compilation
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit
f351beedfd47766e5e44a04af50e3724bec54dbc)
(resolves FS#2435)
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Jo-Philipp Wich [Fri, 1 Nov 2019 07:32:52 +0000 (08:32 +0100)]
rpcd: update to latest Git HEAD
d442d62 plugin: fix double free in finish callback
ee26d83 main: exec_self: make clang analyzer happy
90e40bd file: exec: properly free memory on error
9ecfada uci: free configs list memory on return
32fba36 exec: always call finish_cb to allow plugin to free up memory
ca3e2d5 plugin: do not free method name separately
02c6e1d exec: properly free memory on rpc_exec() error
cc50263 plugin: exec: properly free memory on parse error
bd0ed25 uci: reset uci_ptr flags when merging set operations
37aa919 plugin: fix leaking invoked method name for exec plugins
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
c2675bb0cef373ff59fcc2dbd77471d244bbc774)
Koen Vandeputte [Wed, 30 Oct 2019 11:54:43 +0000 (12:54 +0100)]
kernel: bump 4.14 to 4.14.151
Refreshed all patches.
Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Yousong Zhou [Wed, 30 Oct 2019 12:41:34 +0000 (12:41 +0000)]
kernel: mark kmod-usb-serial-wwan as hidden
The kconfig symbol is an invisible one since its introduction. It is
not supposed to be enabled on its own.
Resolves FS#1821
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit
4bf9bec361699e1c033460964158531adf15d7ee)
Koen Vandeputte [Mon, 28 Oct 2019 13:23:13 +0000 (14:23 +0100)]
kernel: bump 4.14 to 4.14.150
Refreshed all patches.
Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Felix Fietkau [Sat, 28 Sep 2019 13:57:58 +0000 (15:57 +0200)]
mac80211: add an improved moving average algorithm to minstrel
Improves rate control responsiveness and performance
Signed-off-by: Felix Fietkau <nbd@nbd.name>
[reworked to apply on 4.19.79 mac80211 + renumbered + refreshed]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Andreas Ziegler [Sun, 6 Oct 2019 17:48:34 +0000 (19:48 +0200)]
ath79: add support for UniFi AC-LR
The Unifi AC-LR has identical hardware to the Unifi AC-Lite.
The antenna setup is different according to the vendor,
which explains the thicker enclosure.
Therefore, it is helpful to know the exact device variant,
instead of having "Ubiquiti UniFi-AC-LITE/LR".
Signed-off-by: Andreas Ziegler <dev@andreas-ziegler.de>
[fix legacy name in commit message; add old boardname to
SUPPORTED_DEVICES]
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
07c1ddf522dbe6085af664cf03a41f636a70b99c)
Signed-off-by: David Bauer <mail@david-bauer.net>
Andreas Ziegler [Tue, 22 Oct 2019 20:44:29 +0000 (22:44 +0200)]
ar71xx: add model detection for UniFi AC-LR
This commit adds correct model detection for UniFi
AC-LR. Previously, said device was incorrectly detected
as UniFi-AC-LITE/MESH.
The Information about the device is stored at 0xC in the EEPROM
partition. It corresponds to the sysid in /etc/board.info of the
Ubiquiti stock firmware.
Signed-off-by: Andreas Ziegler <dev@andreas-ziegler.de>
[adjust naming style of target to existing ones]
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
2bc7c519dcc0e7ca09feed24a3b9a105bc49f423)
Signed-off-by: David Bauer <mail@david-bauer.net>
David Bauer [Sat, 5 Oct 2019 10:27:44 +0000 (12:27 +0200)]
ath10k-firmware: update wave 1 firmware to 10.2.4-1.0-00047
This fixes frequent crashes observed on a UniFi AC Mesh using OpenWrt
master and 19.07. 18.06 seems not affected from our testing.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
641a93f0f226aa1b4e27bc6f1fc36f9fe63a11a0)
Signed-off-by: David Bauer <mail@david-bauer.net>
David Bauer [Sat, 5 Oct 2019 00:12:56 +0000 (02:12 +0200)]
ath10k-firmware: retrieve wave 1 firmware from kvalo
This commit changes the source of the Wave 1 ath10k-firmware
from linux-firmware to Kall Valos ath10k-firmware repository.
This is necessary as the firmware selected in linux-firmware produces
frequent crashes in some circumstances.
This patch can be removed as soon as linux-firmware carries
10.2.4-1.0-00047 firmware.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
a3914783a32d4fe3612383391cd72638931f1cea)
Signed-off-by: David Bauer <mail@david-bauer.net>
Adrian Schmutzler [Mon, 21 Oct 2019 14:29:36 +0000 (16:29 +0200)]
ath79: add LED migration for several Archer Cxx devices
Several Archer Cxx devices were using board-specific LED names in
ar71xx, which were changed to "tp-link:*" in ath79.
This patch adds migration for them.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit
53e6cc7a81175728f64f978c2363a18c1fa66d64)
Adrian Schmutzler [Mon, 21 Oct 2019 14:29:35 +0000 (16:29 +0200)]
ath79: use board name in LED migrations
Several devices added to LED migration script will just have their
(old) board name converted to tp-link.
By using a variable for this, the amount of code in the migration
script can be reduced and the chance for typos is reduced.
This patch also introduces the marker for beginning of a pattern
"^" to the regex, so the match is more specific.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit
6b0eb84336edc995f4723f0a005507f158d3e895)
Adrian Schmutzler [Mon, 21 Oct 2019 14:19:47 +0000 (16:19 +0200)]
ath79: fix patching ath9k MAC address for MyNet WiFi Range Extender
The code line patching ath9k MAC address for this device contains
a wrong number of arguments including an unset "$mac", which
looks like a typo or copy/paste mistake.
This has been introduced already in the device support commit
745dee11ac78 ("ath79: add support for WD My Net Wi-Fi Range
Extender").
This patch just removes the "$mac" argument, leaving a formally
valid line. (No on-device test has been performed.)
Cc: Christian Lamparter <chunkeey@gmail.com>
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit
6b5303378315084bf080a6408c2ca5b2a911aa5d)
Adrian Schmutzler [Mon, 21 Oct 2019 14:17:01 +0000 (16:17 +0200)]
ath79: fix SUPPORTED_DEVICES for ubnt_nanostation-m
The ar71xx images for the Ubiquiti NanoStation M (XM) devices use
"nanostation-m" as board name, but the ath79 images are only
compatible with the "nano-m" board name, so sysupgrade complains.
By changing this additional supported device, sysupgrade smoothly
upgrades from ar71xx to ath79.
Ref: openwrt#2418
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit
f473ce6f231bb9f8913be50e850c771b3463fa14)
Roger Pueyo Centelles [Fri, 4 Oct 2019 12:43:05 +0000 (14:43 +0200)]
ath79: add SUPPORTED_DEVICES to ubnt_nanostation-m-xw
The ar71xx images for the Ubiquiti NanoStation M (XW) devices use
"nanostation-m-xw" as the board name, but the ath79 images are only
compatible with the "nano-m-xw" board name, so sysupgrade complains.
By adding this additional supported device, sysuspgrade smoothly
upgrades from ar71xx to ath79.
Tested on a NanoStation M (XW) running OpenWrt ar71xx r10250-
016d1eb.
Ref: https://github.com/openwrt/openwrt/pull/2418
Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
[removed duplicate DEVICE_VARIANT, removed uneeded nano-m-xw support]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
6dda2ea6ad133705d243d3cc626779ee24bdc88d)
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Daniel Gimpelevich [Thu, 17 Oct 2019 10:42:52 +0000 (03:42 -0700)]
ath79: fix gigabit link pll-data for EX7300
The device did not appear to be reachable unless the connection were
forced to 100Mb or lower. Revert to previously working pll-data.
Also fix the phy-mode to represent the actual state needed for ethernet
to function.
Reported-by: Moritz Schreiber <moritz@mosos.de>
Signed-off-by: Daniel Gimpelevich <daniel@gimpelevich.san-francisco.ca.us>
[add remark about phy-mode property]
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
ee41b602a2a2ced06c26e6edc160b2a5e9619f0d)
Masafumi UTSUGI [Tue, 1 Oct 2019 09:59:18 +0000 (18:59 +0900)]
ipq40xx: essedma: Fix dead lock
edma_read_append_stats() gets called from two places in the driver.
The first place is the kernel timer that periodically updates
the statistics, so nothing gets lost due to overflows.
The second one it's part of the userspace ethtool ioctl handler
to provide up-to-date values.
For this configuration, the use of spin_lock() is not sufficient
and as per:
<https://mirrors.edge.kernel.org/pub/linux/kernel/people/rusty/kernel-locking/c214.html>
the locking has to be upgraded to spin_lock_bh().
Signed-off-by: Masafumi UTSUGI <mutsugi@allied-telesis.co.jp>
[folded patch into 710-, rewrote message]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit
f1d761f95e9664a9c11ce1b98f9e121b43c79d35)
Eneas U de Queiroz [Tue, 1 Oct 2019 13:50:34 +0000 (10:50 -0300)]
openssl: Add engine configuration to openssl.cnf
This adds engine configuration sections to openssl.cnf, with a commented
list of engines. To enable an engine, all you have to do is uncomment
the engine line.
It also adds some useful comments to the devcrypto engine configuration
section. Other engines currently don't have configuration commands.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit
cebf024c4d9fd761e55383a582f7e29ac7cc921c)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
David Bauer [Mon, 14 Oct 2019 09:16:54 +0000 (11:16 +0200)]
ath79: correct ar71xx boardname for UniFi AC Lite
This corrects the additional boardname for the image metadata to the one
used in ar71xx. The previously present additional entry was never used
on a running system.
Reviewed-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
1a256470e78a90ac97f41e3335b3fc6ee827e4bc)
Signed-off-by: David Bauer <mail@david-bauer.net>
David Bauer [Sun, 13 Oct 2019 21:37:59 +0000 (23:37 +0200)]
mpc85xx: correct TP-LINK TL-WDR4900 MAC addresses
This commit fixes TP-Link TL-WDR4900 v1 MAC address assignment.
Previously, the MAC addrss was read for the ethernet from the "config"
partition. However, the content of this partition is dependent on the
firmware which was previously installed on the device.
Switch the MAC address source to the U-Boot partition, where the MAC
address is always present at a fixed partition. The partition was
previously already used for the WiFi MAC-addresses.
Reviewed-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
07e555d8735e8fa272e3f6abd35acc9f1ab44367)
Signed-off-by: David Bauer <mail@david-bauer.net>
DENG Qingfang [Sat, 12 Oct 2019 16:29:13 +0000 (00:29 +0800)]
tcpdump: update to 4.9.3
Fixed CVEs:
CVE-2017-16808
CVE-2018-10103
CVE-2018-10105
CVE-2018-14461
CVE-2018-14462
CVE-2018-14463
CVE-2018-14464
CVE-2018-14465
CVE-2018-14466
CVE-2018-14467
CVE-2018-14468
CVE-2018-14469
CVE-2018-14470
CVE-2018-14879
CVE-2018-14880
CVE-2018-14881
CVE-2018-14882
CVE-2018-16227
CVE-2018-16228
CVE-2018-16229
CVE-2018-16230
CVE-2018-16300
CVE-2018-16301
CVE-2018-16451
CVE-2018-16452
CVE-2019-15166
CVE-2019-15167
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
(cherry picked from commit
394273c066b8f4317b77f3ede216cfcdd45250c1)
DENG Qingfang [Sat, 12 Oct 2019 16:28:32 +0000 (00:28 +0800)]
libpcap: update to 1.9.1
Fixed CVEs:
CVE-2018-16301
CVE-2019-15161
CVE-2019-15162
CVE-2019-15163
CVE-2019-15164
CVE-2019-15165
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
(cherry picked from commit
44f11353de044834a442d3192b66579b99305720)