librecmc/librecmc.git
4 years agotoolchain/gcc: correct the check expr for newer clang
Yorkie Liu [Tue, 19 Nov 2019 05:41:10 +0000 (13:41 +0800)]
toolchain/gcc: correct the check expr for newer clang

This fixes gcc build error within clang 11.0, it tweaks the version
string from LLVM to clang.

Signed-off-by: Yorkie Liu <yorkiefixer@gmail.com>
(cherry picked from commit 65a561fd0919eafff2363ae8324db64be2a57f77)

4 years agouhttpd: update to latest Git HEAD
Jo-Philipp Wich [Sun, 22 Dec 2019 21:50:00 +0000 (22:50 +0100)]
uhttpd: update to latest Git HEAD

5f9ae57 client: fix invalid data access through invalid content-length values

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit f34f9a414dd32311bda950776eb77e63c0c772cb)

4 years agoBump version to v1.5.0; add package feed
RISCi_ATOM [Mon, 23 Dec 2019 17:14:53 +0000 (12:14 -0500)]
Bump version to v1.5.0; add package feed

4 years agoar71xx: fix MAC address setup for TL-WDR4300 board
Sungbo Eo [Sun, 15 Dec 2019 09:10:18 +0000 (18:10 +0900)]
ar71xx: fix MAC address setup for TL-WDR4300 board

The current ethernet MAC address setup of TL-WDR4300 board is different
from the setup of stock firmware:

OpenWrt: lan = label_mac -2, wan = label_mac -2
  stock: lan = label_mac,    wan = label_mac +1

This patch applies to all devices using TL-WDR4300 board:
TL-WDR3600 v1
TL-WDR4300 v1
TL-WDR4300 v1 (IL)
TL-WDR4310 v1
Mercury MW4530R v1

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit 9b02d32e34df2bb8821ec6f08f525bee22d0d1ba)

4 years agoath79: fix MAC address setup for TP-Link TL-WDR3600/TL-WDR4300
Sungbo Eo [Sun, 15 Dec 2019 09:11:45 +0000 (18:11 +0900)]
ath79: fix MAC address setup for TP-Link TL-WDR3600/TL-WDR4300

The current ethernet MAC address setup of TL-WDR4300 board is different
from the setup of stock firmware:

OpenWrt: lan = label_mac -2, wan = label_mac -2
  stock: lan = label_mac,    wan = label_mac +1

The full address assignment is as follows:
LAN  label
WAN  label + 1
5G   label
2G   label - 1

This patch changes all devices using TL-WDR4300 board:
TL-WDR3600 v1 (checked on device)
TL-WDR4300 v1 (checked on device)
TL-WDR4300 v1 (IL)

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
[rephrase/extend commit title/message, backport]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit a4260eaab7744c8e3f1f7a62a61aab5e3b562342)

4 years agosunxi: remove CONFIG_LEGACY_PTY from kernel config
Daniel Golle [Mon, 9 Dec 2019 19:15:36 +0000 (20:15 +0100)]
sunxi: remove CONFIG_LEGACY_PTY from kernel config

Having legacy PTYs enabled causes problems with procd-hotplug.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 2105354968ed9698709d220ec446b6d9c27da3a5)

4 years agouml: remove CONFIG_LEGACY_PTY from kernel config
Daniel Golle [Mon, 9 Dec 2019 19:09:13 +0000 (20:09 +0100)]
uml: remove CONFIG_LEGACY_PTY from kernel config

Having legacy PTYs enabled causes problems with procd-hotplug.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit dcf48fda054c4bbc52f6106250a7e06ab8f5cbdd)

4 years agoodhcpd: optimize syslog priority values
Hans Dedecker [Mon, 16 Dec 2019 20:14:11 +0000 (21:14 +0100)]
odhcpd: optimize syslog priority values

e53fec8 treewide: optimize syslog priority values

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
4 years agoglibc: update to latest 2.27 commit (BZ #2503, BZ #2504)
Hans Dedecker [Wed, 11 Dec 2019 21:27:26 +0000 (22:27 +0100)]
glibc: update to latest 2.27 commit (BZ #2503, BZ #2504)

bef0b1cb31 libio: Disable vtable validation for pre-2.1 interposed handles [BZ #25203]
4d5cfeb510 rtld: Check __libc_enable_secure before honoring LD_PREFER_MAP_32BIT_EXEC (CVE-2019-19126) [BZ #25204]
92f04eedb5 mips: Force RWX stack for hard-float builds that can run on pre-4.8 kernels

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
4 years agoglibc: backport fix for regexec buffer read overrun
Alin Nastac [Thu, 21 Nov 2019 13:06:18 +0000 (14:06 +0100)]
glibc: backport fix for regexec buffer read overrun

Problem found by AddressSanitizer[1]:

 Latest `grep` (git commit 1019e6e) compiled with asan may cause a
 heap-buffer-overflow when `-i` is specified.

     ./grep -i '\(\(\)*.\)*\(\)\(\)\1' /bin/chvt

 =================================================================
 ==16206==ERROR: AddressSanitizer: heap-buffer-overflow on address

1. https://debbugs.gnu.org/34140

Ref: https://sourceware.org/bugzilla/show_bug.cgi?id=24114
Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
[commit title and description facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
4 years agoglibc: update to latest 2.27 commit (BZ#23637)
Hans Dedecker [Tue, 17 Sep 2019 20:11:26 +0000 (22:11 +0200)]
glibc: update to latest 2.27 commit (BZ#23637)

5b4f7382af Add undef to fix test failure.
9456483fb2 Improve performance of memmem
373f8b06a3 Improve performance of strstr
4ec1b9e913 Fix strstr bug with huge needles (bug 23637)
ecd6271ed8 Speedup first memmem match
bba6b9288f Simplify and speedup strstr/strcasestr first match
7a4da6ef7a Improve strstr performance

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
4 years agoglibc: update to latest 2.27 commit (BZ #24228, BZ #24744, BZ #24699)
Hans Dedecker [Sun, 8 Sep 2019 19:13:59 +0000 (21:13 +0200)]
glibc: update to latest 2.27 commit (BZ #24228, BZ #24744, BZ #24699)

5f0d2e0491 [AArch64] Add ifunc support for Ares
e6b7252040 aarch64,falkor: Use vector registers for memcpy
c74b884f70 aarch64,falkor: Ignore prefetcher tagging for smaller copies
0fc5934ebd aarch64/strncmp: Use lsr instead of mov+lsr
e0a0bd3acc aarch64/strncmp: Unbreak builds with old binutils
638caf3000 aarch64: Improve strncmp for mutually misaligned inputs
d5f45a29ff aarch64/strcmp: fix misaligned loop jump target
7f690fafad aarch64: Improve strcmp unaligned performance
40df047b3b aarch64: Fix branch target to loop16
062139f233 aarch64: Optimized memcmp for medium to large sizes
f3e2add213 aarch64: Use the L() macro for labels in memcmp
22bd3ab40e posix: Fix large mmap64 offset for mips64n32 (BZ#24699)
bdd16894aa aarch64: handle STO_AARCH64_VARIANT_PCS
0b48caab9a aarch64: add STO_AARCH64_VARIANT_PCS and DT_AARCH64_VARIANT_PCS
949da7f2fd io: Remove copy_file_range emulation [BZ #24744]
f056ac8363 libio: do not attempt to free wide buffers of legacy streams [BZ #24228]
5f90e009b1 NEWS: add entries for bugs 22964, 24180, and 24531

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
4 years agoath79: add support for TP-Link TL-WDR4300 v1 (IL)
Adrian Schmutzler [Mon, 9 Dec 2019 12:53:21 +0000 (13:53 +0100)]
ath79: add support for TP-Link TL-WDR4300 v1 (IL)

The TL-WDR4300 v1 sold in Israel has a different TPLINK_HWID.

Thanks to Josh4300 for testing on device.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit c642a97aa6b51352a718449cd715b92f94af4a5d)

4 years agoFix wndr3800 wifi issues and add back kmod-owl-loader
RISCi_ATOM [Wed, 18 Dec 2019 23:10:44 +0000 (18:10 -0500)]
Fix wndr3800 wifi issues and add back kmod-owl-loader

4 years agoFix xfsprogs
RISCi_ATOM [Mon, 16 Dec 2019 22:00:30 +0000 (17:00 -0500)]
Fix xfsprogs

4 years agoBump unbound to 1.9.5
RISCi_ATOM [Wed, 11 Dec 2019 17:10:32 +0000 (12:10 -0500)]
Bump unbound to 1.9.5

4 years agoBump kernel to 4.14.158
RISCi_ATOM [Tue, 10 Dec 2019 20:00:14 +0000 (15:00 -0500)]
Bump kernel to 4.14.158

4 years agomac80211: unify setup of iw htmode for mesh and adhoc
Santiago Piccinini [Mon, 25 Nov 2019 19:53:59 +0000 (16:53 -0300)]
mac80211: unify setup of iw htmode for mesh and adhoc

This also fixes mac80211_prepare_vif iw set channel in monitor or
mesh mode.

Signed-off-by: Santiago Piccinini <spiccinini@altermundi.net>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[daniel@makrotopia.org: fixed commit message]
(cherry picked from commit c7fb12beb1d347f1cedc7890dbe2d441f70ccf62)

4 years agoucert: update to latest git HEAD
Daniel Golle [Thu, 28 Nov 2019 19:17:20 +0000 (11:17 -0800)]
ucert: update to latest git HEAD

e4bd927 cast ucert_argv to proper type when passing to execv

Fixes warnings:

warning: passing argument 2 of 'execv' from incompatible pointer type
[-Wincompatible-pointer-types]
  254 |       execv(usign_argv[0], usign_argv)

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 9c272dd3e42a51c1343ed4fad54ac38bb97349dd)

4 years agousign: Activate LTO compile option
Hauke Mehrtens [Sun, 27 Oct 2019 21:38:53 +0000 (22:38 +0100)]
usign: Activate LTO compile option

This decreases the size of the usign application by 16% on MIPS BE.

old:
24,597 /usr/bin/usign

new:
20,501 /usr/bin/usign

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 6ffd8a8f92ab5337ab967ab2922d7de7f0480bc9)

4 years agoswconfig: Activate LTO compile option
Hauke Mehrtens [Sun, 27 Oct 2019 21:35:30 +0000 (22:35 +0100)]
swconfig: Activate LTO compile option

This decreases the size of the swconfig application by 25% on MIPS BE.

old:
16,916 /sbin/swconfig

new:
12,565 /sbin/swconfig

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit e926681387891fe9af89d884ebc3dce4c8c7f450)

4 years agomtd: Activate LTO compile option
Hauke Mehrtens [Sun, 27 Oct 2019 21:32:59 +0000 (22:32 +0100)]
mtd: Activate LTO compile option

This decreases the size of the mtd application by 25% on MIPS BE.

old:
20,597 /sbin/mtd

new:
16,421 /sbin/mtd

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 1eb34b7287ed97ad1e2ae60a436babbb5c68076f)

4 years agoconfig: kernel: fix typo in HFSPLUG_FS_POSIX_ACL
Stijn Tintel [Thu, 28 Nov 2019 00:01:05 +0000 (02:01 +0200)]
config: kernel: fix typo in HFSPLUG_FS_POSIX_ACL

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 5f6833395293548f9fdf4897d9766417f2990bac)

4 years agobase-files: config_generate: split macaddr with multiple ifaces
Sungbo Eo [Mon, 11 Nov 2019 16:20:45 +0000 (01:20 +0900)]
base-files: config_generate: split macaddr with multiple ifaces

netifd does not handle network.@device[x].name properly if it
contains multiple ifaces separated by spaces. Due to this, board.d
lan_mac setup does not work if multiple ifaces are set to LAN by
ucidef_set_interface_lan.

To fix this, create a device node for each member iface when
running config_generate instead. Those are named based on the
member ifname:

  ucidef_set_interface_lan "eth0 eth1.1"
  ucidef_set_interface_macaddr "lan" "yy:yy:yy:yy:yy:01"

will return

  config device 'lan_eth0_dev'
        option name 'eth0'
        option macaddr 'yy:yy:yy:yy:yy:01'

  config device 'lan_eth1_1_dev'
        option name 'eth1.1'
        option macaddr 'yy:yy:yy:yy:yy:01'

ref: https://github.com/openwrt/openwrt/pull/2542

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
[always use new scheme, extend description, change commit title]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 298814e6be7640d89328de9e7c90d4349e30683f)

4 years agokernel: nf_conntrack_rtcache: fix WARNING on rmmod
Yousong Zhou [Sat, 23 Nov 2019 18:05:45 +0000 (18:05 +0000)]
kernel: nf_conntrack_rtcache: fix WARNING on rmmod

Fixes b7c58a1ee ("kernel: nf_conntrack_rtcache: fix cleanup on netns
delete and rmmod")

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit b3779e920ebaa168eaf18ac1140774c32b6ec6b6)

4 years agokernel: nf_conntrack_rtcache: fix WARNING on forward path
Yousong Zhou [Sat, 23 Nov 2019 17:10:09 +0000 (17:10 +0000)]
kernel: nf_conntrack_rtcache: fix WARNING on forward path

Fixes b7c58a1ee ("kernel: nf_conntrack_rtcache: fix cleanup on netns
delete and rmmod")

Resolves FS#2624

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit 1c5df850a07690451f2878a310c0ea67d0690836)

4 years agokernel: nf_conntrack_rtcache: fix cleanup on netns delete and rmmod
Yousong Zhou [Wed, 13 Nov 2019 17:03:12 +0000 (17:03 +0000)]
kernel: nf_conntrack_rtcache: fix cleanup on netns delete and rmmod

Fixes FS#1472, FS#2353, FS#2426

Fixes: b3f95490 ("kernel: generic: Add kernel 4.14 support")
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit b7c58a1eeba5be2e1f77ec05b417be9d87e26916)

4 years agomac80211: add default value for noscan
Sebastian Kemper [Sat, 23 Nov 2019 10:25:02 +0000 (11:25 +0100)]
mac80211: add default value for noscan

Commit b3d8b3a introduced a new test:

[ -n "$noscan" -a "$noscan" -gt 0 ] && hostapd_noscan=1

But if length of "$noscan" is zero (noscan is not set) this doesn't stop
the shell to evaluate the rest of the test.

root@hank2:~# [ -n "$noscan" -a "$noscan" -gt 0 ]
ash: out of range
root@hank2:~#

So when radios are brought up this shows in the log:

Sat Nov 23 10:51:38 2019 daemon.info procd: - init complete -
Sat Nov 23 10:52:24 2019 daemon.notice netifd: radio1 (1243): sh: out of range
Sat Nov 23 10:52:25 2019 user.notice firewall: Reloading firewall due to ifup of wan (eth0.2)
Sat Nov 23 10:52:25 2019 daemon.notice netifd: radio0 (1242): sh: out of range
Sat Nov 23 10:52:26 2019 authpriv.info dropbear[1536]: Not backgrounding

This commit sets noscan to 0 if unset and removes the gratuitous length
check, preventing the warning.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
(cherry picked from commit 28d84331f4bba5923059e701f5d4878b2df3fa79)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
4 years agoe2fsprogs: Fix CVE-2019-5094 in libsupport
Hauke Mehrtens [Fri, 22 Nov 2019 21:43:25 +0000 (22:43 +0100)]
e2fsprogs: Fix CVE-2019-5094 in libsupport

This adds the following patch from debian:
https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git/commit/?h=debian/stable&id=09fe1fd2a1f9efc3091b4fc61f1876d0785956a8
libsupport: add checks to prevent buffer overrun bugs in quota code

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 0062aad8ecc9bbe36c55895fd78fcaf9a406b006)

4 years agomac80211: update to version 4.19.85
Hauke Mehrtens [Thu, 21 Nov 2019 21:46:21 +0000 (22:46 +0100)]
mac80211: update to version 4.19.85

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
4 years agoBump wireguard to 0.0.20191127
RISCi_ATOM [Sat, 7 Dec 2019 15:35:58 +0000 (10:35 -0500)]
Bump wireguard to 0.0.20191127

4 years agoBump kernel to 4.14.155
RISCi_ATOM [Sat, 7 Dec 2019 15:35:22 +0000 (10:35 -0500)]
Bump kernel to 4.14.155

4 years agowireless-regdb: fix build when python2 from package feeds exists
Petr Štetiar [Wed, 31 Jul 2019 16:11:01 +0000 (18:11 +0200)]
wireless-regdb: fix build when python2 from package feeds exists

wireless-regdb fails to build if there is python2 installed from package
feeds, as staging_dir/hostpkg/bin/python is python2 and
staging_dir/hostpkg/bin takes precedence over staging_dir/host/bin
(proper place with python -> python3 symlink) which leads to the build
failure of wireless-regdb, so this patch makes it explicit which python
should be used.

Reported-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Tested-by: Russell Senior <russell@personaltelco.net>
Tested-by: Lucian Cristian <lucian.cristian@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit b6bae4a2c9f11f7e55319c2b4c709396ce649688)

4 years agowireless-regdb: fix patch fuzz
Kevin Darbyshire-Bryant [Tue, 30 Jul 2019 07:36:32 +0000 (08:36 +0100)]
wireless-regdb: fix patch fuzz

Refresh patches to tidy up some fuzz warnings

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 12840674d0550e6f5aa077cd2b578988f0c07074)

4 years agowireless-regdb: fix Makefile indentation
John Crispin [Mon, 29 Jul 2019 22:33:12 +0000 (00:33 +0200)]
wireless-regdb: fix Makefile indentation

Signed-off-by: John Crispin <john@phrozen.org>
(cherry picked from commit 8562e77953e76c1ec7ba01ce18dc468d5628f3dc)

4 years agowireless-regdb: set PKGARCH:=all
Petr Štetiar [Thu, 25 Jul 2019 07:21:42 +0000 (09:21 +0200)]
wireless-regdb: set PKGARCH:=all

As it's an architecture-independent binary file.

Ref: https://github.com/openwrt/openwrt/pull/1521#issuecomment-514687053
Suggested-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 57d1c05ec945b4853708d686c0782c4b1dcff0a9)

4 years agowireless-regdb: prefer python provided by make variable
Petr Štetiar [Mon, 18 Mar 2019 21:40:36 +0000 (21:40 +0000)]
wireless-regdb: prefer python provided by make variable

Usage of predefined make variables is preferred.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit d3853d17a37a67541736b8b13f412a49ab382b9a)

4 years agowireless-regdb: Make it build with python2
Hauke Mehrtens [Sun, 17 Nov 2019 22:59:37 +0000 (23:59 +0100)]
wireless-regdb: Make it build with python2

This backports a patch to build it work with python2 in addition to
python3.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit d3a8a62692b06b3e5fe7077a2ce641fbf09cdc19)

4 years agowireless-regdb: update to 2019.06.03
Zachary Riedlshah [Wed, 5 Jun 2019 10:58:19 +0000 (22:58 +1200)]
wireless-regdb: update to 2019.06.03

Fixes build issues on a python3 host (issues with the print statement
formatting in the current build).

Includes 100-regdb-write-firmware-file-format-version-code-20.patch and
other fixes.

Closes bugs.openwrt.org/index.php?do=details&task_id=1605.

Uses the tarball as requested.

Signed-off-by: Zachary Riedlshah <git@zacharyrs.me>
(cherry picked from commit ef3f868da0d78adf2490a762ff567cf5b636c213)

4 years agomac80211: backport upstream fixes
Koen Vandeputte [Wed, 6 Nov 2019 12:38:51 +0000 (13:38 +0100)]
mac80211: backport upstream fixes

This potentially fixes some issues seen on IBSS
when interfaces go out of range and then re-appear.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
4 years agotoolchain/gcc: bump to 7.5.0
Koen Vandeputte [Tue, 19 Nov 2019 10:08:45 +0000 (11:08 +0100)]
toolchain/gcc: bump to 7.5.0

This updates the GCC to the next minor release which fixes +213 bugs.
Tested on ARMv6, ARMv7, MIPS R2, x86

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
4 years agoBump kernel to 4.14.154
RISCi_ATOM [Mon, 2 Dec 2019 20:41:58 +0000 (15:41 -0500)]
Bump kernel to 4.14.154

4 years agomac80211: Adapt to changes to skb_get_hash_perturb()
Hauke Mehrtens [Mon, 18 Nov 2019 06:05:41 +0000 (07:05 +0100)]
mac80211: Adapt to changes to skb_get_hash_perturb()

The skb_get_hash_perturb() function now takes a siphash_key_t instead of
an u32. This was changed in commit 55667441c84f ("net/flow_dissector:
switch to siphash"). Use the correct type in the fq header file
depending on the kernel version.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
(cherry picked from commit eaa047179ad30d156d0c3da7ec225acfae7a9f00)

4 years agoMove net-snmp to its proper location
RISCi_ATOM [Thu, 28 Nov 2019 17:22:49 +0000 (12:22 -0500)]
Move net-snmp to its proper location

5 years agoBump kernel to 4.14.152
RISCi_ATOM [Mon, 18 Nov 2019 17:10:11 +0000 (12:10 -0500)]
Bump kernel to 4.14.152

5 years agoath79: fix sysupgrade from ar71xx for WNDR3700 V2 and WNDR3800(CH)
Adrian Schmutzler [Thu, 14 Nov 2019 16:26:44 +0000 (17:26 +0100)]
ath79: fix sysupgrade from ar71xx for WNDR3700 V2 and WNDR3800(CH)

ar71xx has just one board name "wndr3700" for WNDR3700 V1/V2,
WNDR3800 and WNDR3800CH, whereas ath79 provides separate images for
the boards. So, update SUPPORTED_DEVICES to store the correct
ar71xx board names.

Fixes: FS#2510

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit fc44a8481cbf317febaf27a550e0c9fa49be68d5)

5 years agokernel: fix typo in fb-sys-fops autoload
Sungbo Eo [Mon, 11 Nov 2019 16:16:28 +0000 (01:16 +0900)]
kernel: fix typo in fb-sys-fops autoload

AutoLoad parameter must match the exact kernel module name. Fix it.

Fixes: 125f1ce9ad0c ("kernel: video: add DRM core and IMX DRM support for HDMI/LVDS")
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit 6990510aca41074351f92a5abc6f4afb4b606506)

5 years agohostapd: add IEEE 802.11k support
Kyle Copperfield [Thu, 31 Oct 2019 20:03:39 +0000 (20:03 +0000)]
hostapd: add IEEE 802.11k support

Enables radio resource management to be reported by hostapd to clients.

Ref: https://github.com/lede-project/source/pull/1430
Co-developed-by: Lorenzo Santina <lorenzo.santina@edu.unito.it>
Signed-off-by: Lorenzo Santina <lorenzo.santina@edu.unito.it>
Signed-off-by: Kyle Copperfield <kmcopper@danwin1210.me>
[removed the DMARC crap]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 87f9292300cf56ad17f44363ced213c59a95ef44)

5 years agohostapd: Add mesh support for wpad full
Hauke Mehrtens [Sat, 7 Sep 2019 14:17:14 +0000 (16:17 +0200)]
hostapd: Add mesh support for wpad full

This increases the size of the binary slightly:

old:
427722 wpad-wolfssl_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk
431696 wpad-openssl_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk

new:
442109 wpad-wolfssl_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk
445997 wpad-openssl_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 49cc712b44c76e99bfb716c06700817692975e05)

5 years agohostapd: use getrandom syscall
Hauke Mehrtens [Sat, 4 May 2019 12:02:07 +0000 (14:02 +0200)]
hostapd: use getrandom syscall

hostapd will not use the getrandom() syscall and as a fallback use
/dev/random, the syscall is supported since Linux 3.17 and in the musl,
glibc and uclibc version used by OpenWrt.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 998686364da7d002ba9f6dbb43cc5f32294dd4ab)

5 years agohostapd: Remove unneeded patch
Hauke Mehrtens [Sat, 4 May 2019 00:01:15 +0000 (02:01 +0200)]
hostapd: Remove unneeded patch

All the content of this function is proceeded by IEEE8021X_EAPOL no code
accesses the ssid variable outside of this ifdef.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 0d86bf518aaefa57bef577d09a18aff03eccb70c)

5 years agohostapd: use config option CONFIG_NO_LINUX_PACKET_SOCKET_WAR
Hauke Mehrtens [Fri, 3 May 2019 23:58:53 +0000 (01:58 +0200)]
hostapd: use config option CONFIG_NO_LINUX_PACKET_SOCKET_WAR

Instead of patching the workaround away, just use the config option.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 9b4a27455c17c00698ce7ce24e0bcad419c6319e)

5 years agohostapd: Update to version 2.9 (2019-08-08)
Hauke Mehrtens [Sat, 10 Aug 2019 14:49:34 +0000 (16:49 +0200)]
hostapd: Update to version 2.9 (2019-08-08)

The size of the ipkgs increase a bit (between 0.7% and 1.1%):

old 2019-04-21 (2.8):
288264 wpad-basic_2019-04-21-63962824-1_mipsel_24kc.ipk
256188 wpad-mini_2019-04-21-63962824-1_mipsel_24kc.ipk
427475 wpad-openssl_2019-04-21-63962824-1_mipsel_24kc.ipk
423071 wpad-wolfssl_2019-04-21-63962824-1_mipsel_24kc.ipk

new 2019-08-08 (2.9):
290217 wpad-basic_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk
258745 wpad-mini_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk
431732 wpad-openssl_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk
427641 wpad-wolfssl_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 167028b750028ae3dac24f5ff96bbb1ba04e8bd7)

5 years agohostapd: Update to version 2.8 (2019-04-21)
Hauke Mehrtens [Fri, 3 May 2019 23:52:25 +0000 (01:52 +0200)]
hostapd: Update to version 2.8 (2019-04-21)

This also syncs the configuration files with the default configuration
files, but no extra options are activated or deactivated.

The mesh patches were partially merged into hostapd 2.8, the remaining
patches were extracted from patchwork and are now applied by OpenWrt.
The patches still have open questions which are not fixed by the author.
They were taken from this page:
https://patchwork.ozlabs.org/project/hostap/list/?series=62725&state=*

The changes in 007-mesh-apply-channel-attributes-before-running-Mesh.patch
where first applied to hostapd, but later reverted in hostapd commit
3e949655ccc5 because they caused memory leaks.

The size of the ipkgs increase a bit (between 1.3% and 2.3%):

old 2018-12-02 (2.7):
283337 wpad-basic_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk
252857 wpad-mini_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk
417473 wpad-openssl_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk
415105 wpad-wolfssl_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk

new 2019-04-21 (2.8):
288264 wpad-basic_2019-04-21-63962824-1_mipsel_24kc.ipk
256188 wpad-mini_2019-04-21-63962824-1_mipsel_24kc.ipk
427475 wpad-openssl_2019-04-21-63962824-1_mipsel_24kc.ipk
423071 wpad-wolfssl_2019-04-21-63962824-1_mipsel_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
(cherry picked from commit 8af79550e6c280717660f66032d89d21007b15d2)

5 years agohostapd: mirror ieee80211w ap mode defaults in station mode
Jo-Philipp Wich [Fri, 20 Sep 2019 11:20:21 +0000 (13:20 +0200)]
hostapd: mirror ieee80211w ap mode defaults in station mode

For AP mode, OpenWrt automatically sets ieee80211w to either 1 or 2, depending
on whether the encryption is set to sae-mixed, or sae/owe/eap suite-b.

Mirror the same defaults for client mode connections, in order to allow an
OpenWrt station to associate to an OpenWrt ap with SAE, OWE or Suite-B encryption
without the need to manually specify "option ieee80211w" on the station.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit abb4f4075e791789fdb00731035e08a8cf51555f)

5 years agohostapd: fix OWE settings in client mode
Jo-Philipp Wich [Fri, 20 Sep 2019 09:40:52 +0000 (11:40 +0200)]
hostapd: fix OWE settings in client mode

This changes fixes the generation of the wpa_supplicant client configuration
in WPA3 OWE client mode. Instead of incorrectly emitting key_mgmt=NONE, use
the proper key_mgmt=OWE setting instead.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 4209b28d23b8bf28575af5e8904194f49b81532e)

5 years agohostapd: declare struct wpa_bss early
Leon M. George [Wed, 11 Sep 2019 13:22:55 +0000 (15:22 +0200)]
hostapd: declare struct wpa_bss early

wps_supplicant.h assumes that 'struct wpa_bss' is forward declared if
CONFIG_WPS is not defined.  With the later inclusion of
600-ubus_support, the issue manifests in warnings like these:

wps_supplicant.h:113:15: warning: 'struct wpa_bss' declared inside parameter list will not be visible outside of this definition or declaration
        struct wpa_bss *bss)
               ^~~~~~~

This patch forward declares 'struct wpa_bss' regardless.

Signed-off-by: Leon M. George <leon@georgemail.eu>
[commit message facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit f974f8213b94578581b35e6b3f8fb1fd5a35f753)

5 years agohostapd: revert signature change in patch
Leon M. George [Wed, 11 Sep 2019 12:10:18 +0000 (14:10 +0200)]
hostapd: revert signature change in patch

The original wpa_hexdump uses a 'void *' for the payload.  With patch
410-limit_debug_messages, the signature changes and compiler warnings
occur at various places.  One such warning is:

 wpa_debug.h:106:20: note: expected 'const u8 * {aka const unsigned char *}' but argument is of type 'struct wpa_eapol_key *'

Signed-off-by: Leon M. George <leon@georgemail.eu>
[commit message facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit a123df275846b1b83aaf3d7488a1544f7c0e09aa)

5 years agohostapd: adjust removed wolfssl options
Eneas U de Queiroz [Mon, 1 Jul 2019 16:40:01 +0000 (13:40 -0300)]
hostapd: adjust removed wolfssl options

This edjusts the selection of recently removed wolfssl options which
have always been built into the library even in their abscence.
Also remove the selection of libwolfssl itself, allowing the library to
be built as a module.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 94d131332b5adbcf885a92608c40a22b79b3c708)

5 years agobase-files: add /usr/share/libubox/jshn.sh to sysupgrade stage2
Russell Senior [Tue, 12 Nov 2019 23:33:48 +0000 (15:33 -0800)]
base-files: add /usr/share/libubox/jshn.sh to sysupgrade stage2

Discovered recent changes had broken sysupgrade for ar71xx mikrotik
rb-493g, traced the problem to missing /usr/share/libubox/jshn.sh after
switching to tmpfs.

Signed-off-by: Russell Senior <russell@personaltelco.net>
5 years agoath79: update uboot-envtools for Netgear WNR routers
Michal Cieslakiewicz [Wed, 6 Nov 2019 09:44:10 +0000 (10:44 +0100)]
ath79: update uboot-envtools for Netgear WNR routers

Boards added: WNR1000v2, WNR2000v3, WNR612v2, WNDR3700.

Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
(cherry picked from commit d47b68700644f37084b82845e9557b1e9954f533)
[removed WNR1000v2/WNR2000v3 since not supported in 19.07]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
5 years agoath79: fix SUPPORTED_DEVICES for TP-Link TL-WR1043ND v3
Adrian Schmutzler [Mon, 11 Nov 2019 18:03:20 +0000 (19:03 +0100)]
ath79: fix SUPPORTED_DEVICES for TP-Link TL-WR1043ND v3

In ar71xx, the board name for the TL-WR1043ND v3 is equal to v2:
tl-wr1043nd-v2

Fix SUPPORTED_DEVICES for v3 in ath79 accordingly.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit b5791118ccd3039cc9ef6fd3b1c4efcad6ab154f)

5 years agoar71xx: fix tl-wdr3320-v2 upgrade
南浦月 [Thu, 19 Sep 2019 09:41:01 +0000 (17:41 +0800)]
ar71xx: fix tl-wdr3320-v2 upgrade

Fix the error that tl-wdr3320-v2 can't upgrade firmware via web
interface by using magic_ver="0200" for this device.

Signed-off-by: 南浦月 <nanpuyue@gmail.com>
[commit message facelift]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 0ff2385a92c0a31769fce954b7bd571d6114dbc8)

5 years agoar71xx: update uboot-envtools for Netgear WNR routers
Michal Cieslakiewicz [Wed, 6 Nov 2019 09:43:14 +0000 (10:43 +0100)]
ar71xx: update uboot-envtools for Netgear WNR routers

Boards added: WNR1000v2, WNR2000v3, WNR2200, WNR612v2, WNDR4300.
Boards changed: WNDR3700 (u-boot env size is 2 sectors not 1).

Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
(cherry picked from commit 11052900494ec8216b9b39ba0b24d5e036f4d323)

5 years agoath79: fix identifier for Nanostation M in ath9k caldata extraction
Adrian Schmutzler [Sun, 10 Nov 2019 23:15:36 +0000 (00:15 +0100)]
ath79: fix identifier for Nanostation M in ath9k caldata extraction

When Nanostation M was renamed from ubnt,nano-m to ubnt,nanostation-m
in commit f1396ac753cc ("ath79: align naming of Ubiquiti Nanostation M"),
the caldata extraction in 10-ath9k-eeprom was overlooked.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 5dc535419fe5f59839686570545fc4180e14d545)

5 years agorpcd: update to latest Git HEAD
Jo-Philipp Wich [Sun, 10 Nov 2019 20:33:47 +0000 (21:33 +0100)]
rpcd: update to latest Git HEAD

77ad0de plugin: avoid truncating numeric values

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit aa89bdcd04676b21cbe3e8a7b8df3545a86d947a)

5 years agowolfssl: update to v4.2.0-stable
Eneas U de Queiroz [Wed, 6 Nov 2019 21:22:52 +0000 (18:22 -0300)]
wolfssl: update to v4.2.0-stable

Many bugs were fixed--2 patches removed here.

This release of wolfSSL includes fixes for 5 security vulnerabilities,
including two CVEs with high/critical base scores:

- potential invalid read with TLS 1.3 PSK, including session tickets
- potential hang with ocspstaping2 (always enabled in openwrt)
- CVE-2019-15651: 1-byte overread when decoding certificate extensions
- CVE-2019-16748: 1-byte overread when checking certificate signatures
- DSA attack to recover DSA private keys

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit f4853f7cca816214cd6e64cffe2b73d0b8c16def)

5 years agowolfssl: allow building with hw-crytpo and AES-CCM
Eneas U de Queiroz [Thu, 12 Sep 2019 20:00:00 +0000 (17:00 -0300)]
wolfssl: allow building with hw-crytpo and AES-CCM

Hardware acceleration was disabled when AES-CCM was selected as a
workaround for a build failure.  This applies a couple of upstream
patches fixing this.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit ab19627ecc3923687fd339f4f23dc45572d00ce0)

5 years agoustream-ssl: update to latest Git HEAD
Jo-Philipp Wich [Tue, 5 Nov 2019 13:38:40 +0000 (14:38 +0100)]
ustream-ssl: update to latest Git HEAD

c9b6668 ustream-ssl: skip writing pending data if .eof is true after connect

Fixes: CVE-2019-5101, CVE-2019-5102
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 6f9157e6bdea91507af84acdf53da7c0e6879bc1)

5 years agoustream-ssl: Update to latest git HEAD
Hauke Mehrtens [Fri, 1 Nov 2019 20:16:18 +0000 (21:16 +0100)]
ustream-ssl: Update to latest git HEAD

465f8dc wolfssl: adjust to new API in v4.2.0
3b06c65 Update example certificate & key, fix typo
1c38fd8 wolfssl: enable CN validation
33308ee ustream-io-cyassl.c: fix client-mode connections
79d91aa Remove CyaSSL, WolfSSL < 3.10.4 support

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 57ff06405e09ebce705c01178143c3ce907993b2)

5 years agoWIP: Change wording of README and add FAQ
RISCi_ATOM [Mon, 11 Nov 2019 20:33:50 +0000 (15:33 -0500)]
WIP: Change wording of README and add FAQ

The goal is to clarify what the project is, how to
get started using it and how to contribute to the project.
Future changes will include the addition of a Getting Started
page and some cleanup work on each supported device page.

5 years agokernel: fix LED netdev trigger on interface rename
Martin Schiller [Fri, 25 Oct 2019 07:22:29 +0000 (09:22 +0200)]
kernel: fix LED netdev trigger on interface rename

This fixes the netdev LED trigger for interfaces, which are renamed
during initialization (e.g. ppp interfaces).

Fixes: FS#2193
Fixes: FS#2239
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit edbadec843a77286d4f690a3641b7bca97f4c998)

5 years agobuild: cleanup possibly dangling Python 3 host symlink
Etienne Champetier [Fri, 8 Nov 2019 14:58:01 +0000 (06:58 -0800)]
build: cleanup possibly dangling Python 3 host symlink

When switching from master branch to 19.07 or older, we need to ensure
that Python symlink in staging bin directory points to Python 2.

We can't rely completly just on SetupHostCommand as its executed only in
cases when the $(STAGING_DIR_HOST)/bin/python doesn't already exist, so
we need to remove it before running SetupHostCommand.

This is a cherry-pick of 3b68fb57c938af3948ae4c2da61501183fbef649
with python3 instead of python2

Signed-off-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
5 years agobuild: fixup python SetupHostCommand to use python2
Etienne Champetier [Thu, 31 Oct 2019 10:54:59 +0000 (03:54 -0700)]
build: fixup python SetupHostCommand to use python2

Here is a way to break your build env without this patch:
1) have python point to python3, and no python2
2) start the build, SetupHostCommand will create a symlink
./staging_dir/host/bin/python -> /usr/bin/python
3) build fails on scons because it can't find any python2
4) install python2 and restart the build
5) the build fails on wireless-regdb compile because python is python3 instead of python

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
5 years agoexpat: Update to version 2.2.9
Josef Schlehofer [Sun, 29 Sep 2019 09:21:29 +0000 (11:21 +0200)]
expat: Update to version 2.2.9

Fixes CVE-2019-15903

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit b4af2c689fc8736777940b7bbf009bb1672296ec)

5 years agotools/e2fsprogs: Update to version 1.45.4
Josef Schlehofer [Thu, 3 Oct 2019 19:23:00 +0000 (21:23 +0200)]
tools/e2fsprogs: Update to version 1.45.4

Fixes CVE-2019-5094

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 700e7a2eb9c515ffe4f3278857e538ea37cc5e56)

5 years agocurl: bump to 7.66.0
Hans Dedecker [Tue, 17 Sep 2019 20:45:41 +0000 (22:45 +0200)]
curl: bump to 7.66.0

Refresh patches, for changes in version 7.66.0 see https://curl.haxx.se/changes.html#7_66_0

Fixes CVEs:
    CVE-2019-5481
    CVE-2019-5482

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 71cf4a272c9cf7d6e604e6327d0c94aeceac26e7)

5 years agomac80211 ath9k: force QCA953x clock to 25MHz
David Bauer [Tue, 5 Nov 2019 21:28:39 +0000 (22:28 +0100)]
mac80211 ath9k: force QCA953x clock to 25MHz

The QCA953x only supports 25 MHz refclk, however some OEMs set an
invalid bootstrap value for the REF_CLK option, which would break the
clock detection in ath9k.

Force the QCA953x refclk to 25MHz in ath9k, as this is (according to the
datasheet) the only valid frequency.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 4c6fe32468bc60cc25a8c298498c0be3c73e7378)

5 years agoar71xx: improve support for TP-Link CPE510 v2
Adrian Schmutzler [Tue, 6 Aug 2019 10:20:05 +0000 (12:20 +0200)]
ar71xx: improve support for TP-Link CPE510 v2

This fixes commit bae927c551fd ("ar71xx: add support for TP-LINK CPE510
V2.0") where the support for this device wasn't optimal.

Device support for the CPE510v2 so far has been a hack to enable
flashing with CPE510v1 images. Those even have different hardware (e.g.
additional ethernet port).

With this patch, we provide proper support for this device in ar71xx.

Installation:
- Flash factory image through stock firmware WEB UI or through TFTP
- To get to TFTP recovery just hold reset button while powering on
  for around 4-5 seconds and release.
- Rename factory image to recovery.bin
- Stock TFTP server IP: 192.168.0.100
- Stock device TFTP address: 192.168.0.254

Fixes: bae927c551fd ("ar71xx: add support for TP-LINK CPE510 V2.0")
Signed-off-by: Andrew Cameron <apcameron@softhome.net>
[Rebased onto revert commit, changed comments in mach-cpe510.c,
changed commit title and description, fixed eth0 MAC address,
removed eth1 initialization]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
[squashed revert, added fixes tag]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit c79b796280fa5cd64bac663f9d5e5d9a737c30d6)
[added CPE510V2 entry to tplink-safeloader.c]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
5 years agogitignore: ignore patches in OpenWrt root directory
Adrian Schmutzler [Tue, 5 Nov 2019 12:05:29 +0000 (13:05 +0100)]
gitignore: ignore patches in OpenWrt root directory

This will have GIT ignore patches in root directory, as created
when using "git format-patch".

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 2c5413559880c54c5eec980121febfe6c7cd287a)

5 years agoustream-ssl: backport fix for CVE-2019-5101, CVE-2019-5102
Jo-Philipp Wich [Tue, 5 Nov 2019 14:07:55 +0000 (15:07 +0100)]
ustream-ssl: backport fix for CVE-2019-5101, CVE-2019-5102

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agohostapd: enable PMKSA and OK caching for WPA3-Personal
David Bauer [Mon, 28 Oct 2019 18:10:14 +0000 (19:10 +0100)]
hostapd: enable PMKSA and OK caching for WPA3-Personal

This enables PMKSA and opportunistic key caching by default for
WPA2/WPA3-Personal, WPA3-Personal and OWE auth types.
Otherwise, Apple devices won't connect to the WPA3 network.

This should not degrade security, as there's no external authentication
provider.

Tested with OCEDO Koala and iPhone 7 (iOS 13.1).

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 3034f8c3b85e70b1dd9b4cd5cd33e9d2cd8be3b8)
Signed-off-by: David Bauer <mail@david-bauer.net>
5 years agoscripts/dl_github_archive.py: fix python3 str, bytes confusion v1.5.0-rc3
Yousong Zhou [Mon, 4 Nov 2019 11:09:38 +0000 (11:09 +0000)]
scripts/dl_github_archive.py: fix python3 str, bytes confusion

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit d26738bc767f48d2dee7097cbfc6d07ffeee58fb)

5 years agoath79: Clean up GL-AR300M DTS/DTSI inclusions
Jeff Kletsky [Wed, 2 Oct 2019 19:06:18 +0000 (12:06 -0700)]
ath79: Clean up GL-AR300M DTS/DTSI inclusions

Modify GL-AR300M-Lite and GL-AR300M (NOR):

* Include qca9531_glinet_gl-ar300m.dtsi directly
  rather than qca9531_glinet_gl-ar300m-nor.dts

* Remove redundant inclusion of gpio.h and input.h

Signed-off-by: Jeff Kletsky <git-commits@allycomm.com>
Reviewed-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit f5c7fe2ff0deb20f76b4d65195434e35cbb4e08a)

5 years agoAdd initial ath79 TPE-R1200 support
RISCi_ATOM [Sat, 2 Nov 2019 18:08:08 +0000 (14:08 -0400)]
Add initial ath79 TPE-R1200 support

5 years agolibevent2: Update to 2.1.11
Daniel Engberg [Sat, 23 Feb 2019 22:38:04 +0000 (22:38 +0000)]
libevent2: Update to 2.1.11

Update libevent to 2.1.11
Use CMake instead GNU Autotools
Backport following commits:
https://github.com/libevent/libevent/commit/f05ba671931e2b4e38459899f6f63f79f99869fe
..and partially
https://github.com/libevent/libevent/commit/7201062f3ef505a77baa6ccaf1cf73812462308a
to fix compilation

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit f351beedfd47766e5e44a04af50e3724bec54dbc)
(resolves FS#2435)
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
5 years agorpcd: update to latest Git HEAD
Jo-Philipp Wich [Fri, 1 Nov 2019 07:32:52 +0000 (08:32 +0100)]
rpcd: update to latest Git HEAD

d442d62 plugin: fix double free in finish callback
ee26d83 main: exec_self: make clang analyzer happy
90e40bd file: exec: properly free memory on error
9ecfada uci: free configs list memory on return
32fba36 exec: always call finish_cb to allow plugin to free up memory
ca3e2d5 plugin: do not free method name separately
02c6e1d exec: properly free memory on rpc_exec() error
cc50263 plugin: exec: properly free memory on parse error
bd0ed25 uci: reset uci_ptr flags when merging set operations
37aa919 plugin: fix leaking invoked method name for exec plugins

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit c2675bb0cef373ff59fcc2dbd77471d244bbc774)

5 years agoBump kernel to 4.14.151
RISCi_ATOM [Thu, 31 Oct 2019 19:57:15 +0000 (15:57 -0400)]
Bump kernel to 4.14.151

5 years agokernel: mark kmod-usb-serial-wwan as hidden
Yousong Zhou [Wed, 30 Oct 2019 12:41:34 +0000 (12:41 +0000)]
kernel: mark kmod-usb-serial-wwan as hidden

The kconfig symbol is an invisible one since its introduction.  It is
not supposed to be enabled on its own.

Resolves FS#1821

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit 4bf9bec361699e1c033460964158531adf15d7ee)

5 years agomac80211: add an improved moving average algorithm to minstrel
Felix Fietkau [Sat, 28 Sep 2019 13:57:58 +0000 (15:57 +0200)]
mac80211: add an improved moving average algorithm to minstrel

Improves rate control responsiveness and performance

Signed-off-by: Felix Fietkau <nbd@nbd.name>
[reworked to apply on 4.19.79 mac80211 + renumbered + refreshed]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
5 years agoBump Wireguard to 0.0.20191012
RISCi_ATOM [Fri, 25 Oct 2019 16:57:57 +0000 (12:57 -0400)]
Bump Wireguard to 0.0.20191012

5 years agoBump kernel to 4.14.150
RISCi_ATOM [Wed, 23 Oct 2019 16:50:08 +0000 (12:50 -0400)]
Bump kernel to 4.14.150

5 years agoopenssl: Add engine configuration to openssl.cnf
Eneas U de Queiroz [Tue, 1 Oct 2019 13:50:34 +0000 (10:50 -0300)]
openssl: Add engine configuration to openssl.cnf

This adds engine configuration sections to openssl.cnf, with a commented
list of engines.  To enable an engine, all you have to do is uncomment
the engine line.

It also adds some useful comments to the devcrypto engine configuration
section.  Other engines currently don't have configuration commands.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit cebf024c4d9fd761e55383a582f7e29ac7cc921c)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
5 years agotcpdump: update to 4.9.3
DENG Qingfang [Sat, 12 Oct 2019 16:29:13 +0000 (00:29 +0800)]
tcpdump: update to 4.9.3

Fixed CVEs:
CVE-2017-16808
CVE-2018-10103
CVE-2018-10105
CVE-2018-14461
CVE-2018-14462
CVE-2018-14463
CVE-2018-14464
CVE-2018-14465
CVE-2018-14466
CVE-2018-14467
CVE-2018-14468
CVE-2018-14469
CVE-2018-14470
CVE-2018-14879
CVE-2018-14880
CVE-2018-14881
CVE-2018-14882
CVE-2018-16227
CVE-2018-16228
CVE-2018-16229
CVE-2018-16230
CVE-2018-16300
CVE-2018-16301
CVE-2018-16451
CVE-2018-16452
CVE-2019-15166
CVE-2019-15167

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
(cherry picked from commit 394273c066b8f4317b77f3ede216cfcdd45250c1)

5 years agolibpcap: update to 1.9.1
DENG Qingfang [Sat, 12 Oct 2019 16:28:32 +0000 (00:28 +0800)]
libpcap: update to 1.9.1

Fixed CVEs:
CVE-2018-16301
CVE-2019-15161
CVE-2019-15162
CVE-2019-15163
CVE-2019-15164
CVE-2019-15165

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
(cherry picked from commit 44f11353de044834a442d3192b66579b99305720)

5 years agokernel: fix typos in video KernelPackage description
Sungbo Eo [Tue, 8 Oct 2019 14:25:03 +0000 (23:25 +0900)]
kernel: fix typos in video KernelPackage description

Fixes: 4b3d17b709a5 ("kernel: add kmod-fb-sys-ram")
Fixes: b774acb47912 ("package/modules: add missing gspca video drivers for 2.6.32 (patch from #6595)")

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit 9f73fad359663fef4decc7440796ec7d3b2b70f7)

5 years agouClibc++: Fix three bugs
Rosen Penev [Mon, 7 Oct 2019 22:59:52 +0000 (15:59 -0700)]
uClibc++: Fix three bugs

The first allows usage of several functions in the std namespace, which
broke compilation of gddrescue specifically with uClibc-ng and uClibc++.

The second allows usage of long long with normal C++11, which is part of
the standard. Before, std=gnu++11 needed to be passsed to work around it.

As a result of the second patch, the pedantic patch can safely be removed.

Both patches are upstream backports.

Added -std=c++11 to CFLAGS to guarentee proper inclusion of long long.

Added another patch that fixes a typo with the long long support. Sent to
upstream.

Fixed up license information according to SPDX.

Small cleanups for consistency.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 6ab386c9bc23420816fbcefc84b62cf5438b2c66)

5 years agohostapd: adjust to removal of WOLFSSL_HAS_AES_GCM
Eneas U de Queiroz [Mon, 7 Oct 2019 21:02:38 +0000 (18:02 -0300)]
hostapd: adjust to removal of WOLFSSL_HAS_AES_GCM

WolfSSL is always built with AES-GCM support now.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit ee5a3f6d605602bbff57cde337235088cf9c3ffa)

5 years agotrelay: fix deadlock on remove
Ali MJ Al-Nasrawy [Wed, 25 Sep 2019 14:47:12 +0000 (17:47 +0300)]
trelay: fix deadlock on remove

Upon writing to "remove" file, debugfs_remove_recursive() blocks while
holding rtnl_lock. This is because debugfs' file_ops callbacks are
executed in debugfs_use_file_*() context which prevents file removal.

Fix this by only flagging the device for removal and then do the cleanup
in file_ops.release callback which is executed out of that context.

Signed-off-by: Ali MJ Al-Nasrawy <alimjalnasrawy@gmail.com>
(cherry picked from commit c2635b871d1dd03a6608a9255222672decd49e09)

5 years agotrelay: handle netdevice events correctly
Ali MJ Al-Nasrawy [Wed, 25 Sep 2019 14:47:11 +0000 (17:47 +0300)]
trelay: handle netdevice events correctly

Since v3.11, netdevice notification data are of type
"struct netdev_notifier_info". Handle it as such!

This should fix a critical bug in which devices are unable get released
because trelay does not release resources in response to UNREGISTER
event spamming the log with something like:

unregister_netdevice: waiting for eth0.1 to become free. Usage count = 1

Signed-off-by: Ali MJ Al-Nasrawy <alimjalnasrawy@gmail.com>
(cherry picked from commit 77cfc0739d30c1282f7de24d2ec086d244e34bb7)