Rafał Miłecki [Sun, 2 Jul 2017 20:28:24 +0000 (22:28 +0200)]
firmware-utils: mktplinkfw2: fix support for -w option
This fixes copy & paste typo when reading -w argument.
Fixes:
4b35e174caa5b ("firmware-utils: mktplinkfw2: support additional hardware version")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Jonas Gorski [Thu, 29 Jun 2017 09:01:59 +0000 (11:01 +0200)]
kernel: add missing symbol to generic
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Jonas Gorski [Thu, 29 Jun 2017 12:49:35 +0000 (14:49 +0200)]
brcm63xx: refresh smp config
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Jonas Gorski [Thu, 29 Jun 2017 12:15:15 +0000 (14:15 +0200)]
brcm63xx: enable KEXEC for SMP again
It seems it compiles again, so there is no reason to keep it disabled.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Jonas Gorski [Thu, 29 Jun 2017 11:43:45 +0000 (13:43 +0200)]
brcm63xx: disable commandline parts parser
We don't use it, so no need to have it enabled.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Anthony Sepa [Sun, 19 Feb 2017 18:27:36 +0000 (14:27 -0400)]
brcm63xx: add support for the Actiontec R1000H gateway
SOC: Broadcom BCM6368 (2 * Broadcom BMIPS4350 V3.1 / 400 MHz)
Flash size: 32MB (split 16/16 dual boot)
RAM size: 64MB
Wireless: BCM432x 802.11a/b/g/n(pci)
Ethernet: Broadcom BCM53115
USB: 1 x USB 2.0
Known issues:
- Unable to detect 53115 switch attached to MDIO. Not supported
- No support for the cable port
More info on the device and the research can be found at:
http://www.actiontec.com/212.html
Same FCC ID as:
https://wikidevi.com/wiki/Actiontec_V1000H_(Telus)
Signed-off-by: Anthony Sepa <anthonysepa@yahoo.ca>
[jonas.gorski: fix commit subject/message]
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Jonas Gorski [Wed, 28 Jun 2017 10:06:43 +0000 (12:06 +0200)]
brcm63xx: fix bcm6328 pinmux other register
The pinmux register is at relative offset 0x8, not 0xc. Fixes hang
when trying to modify pins >= 32.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Jo-Philipp Wich [Thu, 29 Jun 2017 16:01:11 +0000 (18:01 +0200)]
ar71xx: fix typo in network defaults
Commit
9fec39a (ar71xx: add support for TP-Link TL-WA855RE v1) introduced a
typo in 02_network, fix it by removing the stray paren.
Reported-by: Henryk Heisig <hyniu@o2.pl>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Piotr Dymacz [Tue, 27 Jun 2017 20:49:21 +0000 (22:49 +0200)]
ar71xx: image: specify TPLINK_HWID for TP-Link RE450
TPLINK_HWID hasn't been specified for TP-Link RE450 since the begin.
As we don't want to break sysupgrade (all existing LEDE release images
for this board have TPLINK_HWID set to 0x0), set it explicitly to 0x0.
Fixes FS#852
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
Piotr Dymacz [Wed, 21 Jun 2017 12:16:15 +0000 (14:16 +0200)]
ramips: add support for TP-Link TL-WR840N v4 and TL-WR841N v13
TP-Link TL-WR840N v4 and TL-WR841N v13 are simple N300 routers with
5-port FE switch and non-detachable antennas. Both are very similar
and are based on MediaTek MT7628NN (aka MT7628N) WiSoC.
The difference between these two models is in number of available
LEDs, buttons and power input switch.
This work is partially based on GitHub PR#974.
Specification:
- MT7628N/N (580 MHz)
- 64 MB of RAM (DDR2)
- 8 MB of FLASH
- 2T2R 2.4 GHz
- 5x 10/100 Mbps Ethernet
- 2x external, non-detachable antennas
- UART (J1) header on PCB (115200 8n1)
- TL-WR840N v4: 5x LED (GPIO-controlled), 1x button
- TL-WR841N v13: 8x LED (GPIO-controlled*), 2x button, power input
switch
* WAN LED in TL-WR841N v13 is a dual-color, dual-leads type which isn't
(fully) supported by gpio-leds driver. This type of LED requires both
GPIOs state change at the same time to select color or turn it off.
For now, we support/use only the green part of the LED.
Factory image notes:
These devices use version 3 of TP-Link header, fortunately without RSA
signature (at least in case of devices sold in Europe). The difference
lays in the requirement for a non-zero value in "Additional Hardware
Version" field. Ideally, it should match the value stored in vendor
firmware header on device ("0x4"/"0x13" for these devices) but it seems
that anything other than "0" is correct.
We are able to prepare factory firwmare file which is accepted and
(almost) correctly flashed from the vendor GUI. As it turned out, it
accepts files without U-Boot image with second header at the beginning
but due to some kind of bug in upgrade routine, flashed image gets
corrupted before it's written to flash.
Tests showed that the GUI upgrade routine copies value of "Additional
Hardware Version" from existing firmware into offset "0x2023c" in
provided file, _before_ storing it in flash. In case of vendor firmware
upgrade files (which all include U-Boot image and two headers), this
offset points to the matching field in kernel+rootfs firmware part
header. Unfortunately, in case of LEDE factory image file which contains
only one header, it points to the offset "0x2023c" in kernel image. This
leads to a corrupted kernel and ends up with a "soft-bricked" device.
The good news is that U-Boot in these devices contains well known tftp
recovery mode, which can be triggered with "reset" button. What's more,
in comparison to some of older MediaTek based TP-Link devices, this
recovery mode doesn't write whole file at offset "0x0" in flash, without
verifying provided file in advance. In case of recovery mode in these
devices, first "0x20000" bytes are always skipped and "0x7a0000" bytes
from rest of the file are stored in flash at offset "0x20000".
Flash instruction:
Until (if at all) TP-Link fixes described problem, the only way to flash
LEDE image in these devices is to use tftp recovery mode in U-Boot:
1. Configure PC with static IP 192.168.0.66/24 and tftp server.
2. Rename "lede-ramips-mt7628-tl-wr84...-squashfs-tftp-recovery.bin"
to "tp_recovery.bin" and place it in tftp server directory.
3. Connect PC with one of LAN ports, press the reset button, power up
the router and keep button pressed for around 6-7 seconds, until
device starts downloading the file.
4. Router will download file from server, write it to flash and reboot.
To access U-Boot CLI, keep pressed "4" key during boot.
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
Piotr Dymacz [Fri, 23 Jun 2017 21:20:53 +0000 (23:20 +0200)]
ramips: image: simplify TP-Link Archer devices definitions
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
Piotr Dymacz [Fri, 23 Jun 2017 21:07:10 +0000 (23:07 +0200)]
build: move mktplinkfw2 related commands to image-commands.mk
There are already two targets (lantiq, ramips) which use mktplinkfw2
tool for creating images. This de-duplicates code, introduces two new
build commands: tplink-v2-header, tplink-v2-image and makes use of
them in place of old, (sub)target specific ones.
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
Piotr Dymacz [Tue, 27 Jun 2017 12:48:00 +0000 (14:48 +0200)]
build: rename TPLINK_BOARD_NAME to TPLINK_BOARD_ID
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
Piotr Dymacz [Wed, 21 Jun 2017 12:15:55 +0000 (14:15 +0200)]
firmware-utils: mktplinkfw2: support additional hardware version
As it turned out, some of new MediaTek based TP-Link devices use value
from field at 0x3c offset in version 3 of TP-Link header to specify
"Additional Hardware Version".
Value from this field is validated during regular (GUI) firmware upgrade
on devices like TL-WR840N v4 or TL-WR841N v13. If it's zero (based on
some tests, it seems that firmware will accept anything != 0), errors
like below are printed on console and upgrade fails:
[ rsl_sys_updateFirmware ] 2137: Firmware Additional HardwareVersion
check failed
[ rdp_updateFirmware ] 345: perror:4506
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
Piotr Dymacz [Tue, 27 Jun 2017 11:13:36 +0000 (13:13 +0200)]
ar71xx: fix switch port mapping for TP-Link TL-WR74xN/D series
Fixes FS#843
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
Henryk Heisig [Fri, 16 Jun 2017 13:26:30 +0000 (15:26 +0200)]
ar71xx: add support for TP-Link Archer C58 v1
TP-Link Archer C58 v1 is a dual-band AC1350 router, based on Qualcomm
QCA9561 + QCA9886. It looks like Archer C59 v1 without USB port.
Specification:
- 775/650/258 MHz (CPU/DDR/AHB)
- 64 MB of RAM (DDR2)
- 8 MB of FLASH (SPI NOR)
- 3T3R 2.4 GHz
- 2T2R 5 GHz
- 5x 10/100 Mbps Ethernet
- 6x LED, 3x button
- UART header on PCB, RX, TX at TP4+5 (backside)
QCA9886 wlan needs pre_cal_data file and enable ieee80211 phy hotplug to
patch macaddress.
Flash instruction:
Use "factory" image directly in vendor GUI.
Recovery method:
1. Set PC to fixed ip address 192.168.0.66/24.
2. Download "lede-ar71xx-generic-archer-c58-v1-squashfs-factory.bin" and
rename it to "tp_recovery.bin".
3. Start a tftp server with the file "tp_recovery.bin" in its root
directory.
4. Turn off the router.
5. Press and hold Reset button.
6. Turn on router with the reset button pressed and wait ~15 seconds.
7. Release the reset button and after a short time the firmware should
be transferred from the tftp server.
8. Wait ~30 second to complete recovery.
Flash instruction under U-Boot, using UART:
tftp 0x81000000 lede-ar71xx-...-sysupgrade.bin
erase 0x9f020000 +$filesize
cp.b $fileaddr 0x9f020000 $filesize
reset
This commit is based on GitHub PR#1112
Signed-off-by: Henryk Heisig <hyniu@o2.pl>
Jean-Pierre St-Yves [Tue, 27 Jun 2017 08:20:19 +0000 (10:20 +0200)]
firmware-utils: tplink-safeloader: add support for Archer C5 v2 JP/US
Add support for Japan and US versions of TP-Link Archer C5 v2
Signed-off-by: Jean-Pierre St-Yves <jpstyves@gmail.com>
Henryk Heisig [Wed, 14 Jun 2017 14:38:30 +0000 (16:38 +0200)]
firmware-utils: tplink-safeloader: add support for Archer C59/C60 RU
Add support for Russian version of TP-Link Archer C59/C60 v1
Signed-off-by: Henryk Heisig <hyniu@o2.pl>
Federico Cappon [Fri, 9 Jun 2017 15:11:39 +0000 (15:11 +0000)]
ar71xx: add support for TP-Link TL-WA855RE v1
TP-Link TL-WA855RE v1 is a wall-plug N300 Wi-Fi range extender,
based on Qualcomm/Atheros QCA9533 v2.
Short specification:
- 550/397/198 MHz (CPU/DDR/AHB)
- 1x 10/100 Mbps Ethernet
- 32 MB of RAM (DDR1)
- 4 MB of FLASH
- 2T2R 2.4 GHz
- 2x external antennas
- 2x LED (green and orange in the same package), 2x button
- UART: TP5(TX) and TP4(RX) test points on PCB
Flash instruction: use "factory" image directly in vendor GUI.
Warning: this device does not include any kind of recovery mechanism
in the bootloader and disassembling process is not trivial.
You can access vendor firmware over serial line using:
- login: root
- password: sohoadmin
Image was tested only in EU version of the device, but should work
also with the same device version sold in other countries.
Signed-off-by: Federico Cappon <dududede371@gmail.com>
Piotr Dymacz [Wed, 14 Jun 2017 13:23:35 +0000 (15:23 +0200)]
ar71xx: fix EnGenius ENS202EXT mtd definition
Use statically defined sizes for kernel and rootfs mtd partitions.
Vendor upgrade script writes both firmware parts independently which
ends up in a gap between kernel and rootfs images. This results in
incorrectly calculated rootfs_data start offset.
Also, fix IMAGE_SIZE, DEVICE_PACKAGES and drop redundant KERNEL
definition.
Fixes FS#835
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
Camille Bilodeau [Tue, 13 Jun 2017 08:33:34 +0000 (10:33 +0200)]
uboot-envtools: add Arduino Yun support
Signed-off-by: Camille Bilodeau <camille.bilodeau@protonmail.com>
Camille Bilodeau [Tue, 13 Jun 2017 08:05:13 +0000 (10:05 +0200)]
ar71xx: move Arduino Yun to generic building code
Migrate Arduino Yun from legacy to generic building code.
Note: the mtd partitioning is changed to adopt the LEDE default
partitioning. It allows to have a kernel bigger than 1280k. It is
necessary as kernel > 4.4 with default LEDE configuration grows
bigger.
To use the new partitioning, you need to update your U-Boot env in
advance:
setenv mtdparts "spi0.0:256k(u-boot)ro,64k(u-boot-env),15936k(firmware),64k(nvram),64k(art)ro"
setenv bootcmd "run addboard; run addtty; run addparts; run addrootfs; bootm 0x9f050000 || bootm 0x9fea0000"
saveenv
Signed-off-by: Camille Bilodeau <camille.bilodeau@protonmail.com>
Camille Bilodeau [Mon, 12 Jun 2017 12:11:23 +0000 (14:11 +0200)]
ar71xx: remove Arduino Yun 8 MiB prototype
The Arduino Yun has 16 MiB flash. Early prototype boards with 8 MiB were
not available for sell:
https://blog.arduino.cc/2013/08/21/updating-about-arduino-yun-and-arduino-robot/
Signed-off-by: Camille Bilodeau <camille.bilodeau@protonmail.com>
Leon M. George [Fri, 9 Jun 2017 16:30:47 +0000 (18:30 +0200)]
ar71xx: wpj344: set MAC on wan
Signed-off-by: Leon M. George <leon@georgemail.eu>
Leon M. George [Fri, 9 Jun 2017 11:57:56 +0000 (13:57 +0200)]
ar71xx: wpj344: remove unused eth1 device
Signed-off-by: Leon M. George <leon@georgemail.eu>
Leon M. George [Thu, 8 Jun 2017 14:01:19 +0000 (16:01 +0200)]
ar71xx: wpj344: read MAC addresses from u-boot mtd
This way, the assigned addresses match those on the barcode labels.
Otherwise, the addresses appear to vary on boot.
Signed-off-by: Leon M. George <leon@georgemail.eu>
Hans Dedecker [Thu, 29 Jun 2017 07:41:59 +0000 (09:41 +0200)]
dhcpv6: add missing dollar sign in dhcpv6 script (FS#874)
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Stijn Tintel [Thu, 29 Jun 2017 02:46:59 +0000 (04:46 +0200)]
kernel: cleanup CONFIG_SCHED_HRTICK
Remove CONFIG_SCHED_HRTICK from target configs, as it was added to the
generic config in
b47fd7656336162360ebf66147326763ddae3f8d.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Stijn Tintel [Thu, 29 Jun 2017 01:36:19 +0000 (03:36 +0200)]
armvirt: rename config-default to config-4.9
The kernel configs for all targets should have the version in the
filename, for clearness and consistency across all targets.
It is also expected by the update_kernel.sh script.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Hans Dedecker [Wed, 28 Jun 2017 08:15:38 +0000 (10:15 +0200)]
dnsmasq: backport patch fixing DNS failover (FS#841)
Backport upstream dnsmasq patch fixing DNS failover when first servers
returns REFUSED in strict mode; fixes issue FS#841.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Rafał Miłecki [Wed, 28 Jun 2017 09:31:14 +0000 (11:31 +0200)]
kernel: backport usbport LED trigger driver support for DT
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Stijn Tintel [Tue, 27 Jun 2017 20:30:01 +0000 (22:30 +0200)]
dropbear: add option to set max auth tries
Add a uci option to set the new max auth tries paramater in dropbear.
Set the default to 3, as 10 seems excessive.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Kevin Darbyshire-Bryant [Sun, 25 Jun 2017 20:40:43 +0000 (21:40 +0100)]
dropbear: server support option '-T' max auth tries
Add support for '-T n' for a run-time specification for maximum number
of authentication attempts where 'n' is between 1 and compile time
option MAX_AUTH_TRIES.
A default number of tries can be specified at compile time using
'DEFAULT_AUTH_TRIES' which itself defaults to MAX_AUTH_TRIES for
backwards compatibility.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Yury Shvedov [Tue, 27 Jun 2017 08:43:54 +0000 (11:43 +0300)]
hostapd: configure NAS ID regardless of encryption
RADIUS protocol could be used not only for authentication but for
accounting too. Accounting could be configured for any type of networks.
However there is no way to configure NAS Identifier for non-WPA
networks without this patch.
Signed-off-by: Yury Shvedov <yshvedov@wimarksystems.com>
[cleanup commit message]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Yury Shvedov [Tue, 27 Jun 2017 07:34:49 +0000 (10:34 +0300)]
hostapd: add acct_interval option
Make an ability to configure Accounting-Interim-Interval via UCI
Signed-off-by: Yury Shvedov <yshvedov@wimarksystems.com>
[add hostapd prefix, cleanup commit message]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Michael Heimpold [Wed, 7 Jun 2017 18:29:29 +0000 (20:29 +0200)]
mxs: drop 4.4 support
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Michael Heimpold [Thu, 11 May 2017 21:07:06 +0000 (23:07 +0200)]
mxs: add support for 4.9 and switch over
I did not port the regulator and power patches from Stefan Wahren
because I talked to him and he told me that work on this is currently
stalled. And since AFAIK nothing depends on these patches, leaving them
out seems reasonable.
I build minimum default configurations and run-tested them on both
I2SE Duckbill devices and Olimex Olinuxino Maxi boards successfully [1].
[1] Tested:
- debug uart is working
- boot without any obvious kernel problem
- network is coming up and data transfer is possible
- Olinuxino: USB detects a plugged-in pen drive
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
[refreshed config and patches]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Michael Heimpold [Thu, 11 May 2017 21:01:30 +0000 (23:01 +0200)]
kernel: disable various symbols for v4.9
In preparation for bumping mxs target to 4.9, disable a bunch of configuration
symbols that provoked config prompts.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
John Crispin [Mon, 8 May 2017 06:51:46 +0000 (08:51 +0200)]
ath10k-firmware: add qca9888 firmware
ath10k-firmware: add qca9888 firmware
the firmware files for qca9888 were previously not packaged. add the meta
information for doing so.
Signed-off-by: John Crispin <john@phrozen.org>
Stijn Tintel [Tue, 27 Jun 2017 05:41:10 +0000 (07:41 +0200)]
kernel: update kernel 4.4 to 4.4.74
Refresh patches.
Compile-tested on ar71xx.
Runtime-tested on ar71xx.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Koen Vandeputte [Mon, 26 Jun 2017 09:22:11 +0000 (11:22 +0200)]
kernel: update kernel 4.9 to 4.9.34
- Refreshed all patches
- Adapted 1 (0031-mtd-add-SMEM-parser-for-QCOM-platforms.patch)
Compile tested on: brcm2708, cns3xxx, imx6
Run tested on: brcm2708, cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
[Compile and run tested on brcm2708]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Stijn Tintel [Tue, 27 Jun 2017 04:37:46 +0000 (06:37 +0200)]
kernel: use .patch extension for all patches
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Mathias Kresin [Mon, 26 Jun 2017 17:22:52 +0000 (19:22 +0200)]
firmware-utils: fix dgn3500sum compiler warnings
The sum variable need to be initialised, otherwise it will points to
random stack memory and a bogus image checksum might be calculated.
While at it, fix the segfault in case the product region code isn't
specified and enable compiler warnings which had revealed all the code
issues.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Hans Dedecker [Mon, 26 Jun 2017 08:23:08 +0000 (10:23 +0200)]
dnsmasq: backport tweak ICMP ping logic for DHCPv4
Don't start ping-check of address in DHCP discover if there already
exists a lease for the address. It has been reported under some
circumstances android and netbooted windows devices can reply to
ICMP pings if they have a lease and thus block the allocation of
the IP address the device already has during boot.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Jo-Philipp Wich [Tue, 20 Jun 2017 11:44:10 +0000 (13:44 +0200)]
procd: support term_timeout parameter
Expose "term_timeout" parameter in procd.sh to allow init scripts to
request a longer termination timeout.
This is required to fix FS#859 in a later commit.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Jo-Philipp Wich [Sat, 10 Jun 2017 18:51:33 +0000 (20:51 +0200)]
procd: assign /dev/tty* nodes to "tty" group
Adjust default permissions and ownership of /dev/tty* nodes from
0600/root:root to 0660/root:tty in order to support granting
unprivileged user access when needed.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Jo-Philipp Wich [Sat, 10 Jun 2017 18:49:10 +0000 (20:49 +0200)]
base-files: add "tty" user group
This is needed for an upcoming change to the hotplug default rules which
will cause /dev/tty* nodes to get assigned to the "tty" group in order
to support unprivileged user access when needed.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Magnus Kroken [Thu, 22 Jun 2017 21:01:01 +0000 (23:01 +0200)]
openvpn: update to 2.4.3
Fixes for security and other issues. See security announcement for more details:
https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243
* Remotely-triggerable ASSERT() on malformed IPv6 packet (CVE-2017-7508)
* Pre-authentication remote crash/information disclosure for clients (CVE-2017-7520)
* Potential double-free in --x509-alt-username (CVE-2017-7521)
* Remote-triggerable memory leaks (CVE-2017-7512)
* Post-authentication remote DoS when using the --x509-track option (CVE-2017-7522)
* Null-pointer dereference in establish_http_proxy_passthru()
* Restrict --x509-alt-username extension types
* Fix potential 1-byte overread in TCP option parsing
* Fix mbedtls fingerprint calculation
* openssl: fix overflow check for long --tls-cipher option
* Ensure option array p[] is always NULL-terminated
* Pass correct buffer size to GetModuleFileNameW() (Quarkslabs finding 5.6)
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
Magnus Kroken [Wed, 21 Jun 2017 19:05:09 +0000 (21:05 +0200)]
mbedtls: update to 2.5.1
Fixes some security issues (no remote exploits), and introduces
some changes. See release notes for details:
https://tls.mbed.org/tech-updates/releases/mbedtls-2.5.1-2.1.8-and-1.3.20-released
* Fixes an unlimited overread of heap-based buffers in mbedtls_ssl_read()
* Adds exponent blinding to RSA private operations
* Wipes stack buffers in RSA private key operations (rsa_rsaes_pkcs1_v15_decrypt(), rsa_rsaes_oaep_decrypt())
* Removes SHA-1 and RIPEMD-160 from the default hash algorithms for certificate verification.
* Fixes offset in FALLBACK_SCSV parsing that caused TLS server to fail to detect it sometimes.
* Tighten parsing of RSA PKCS#1 v1.5 signatures, to avoid a potential Bleichenbacher/BERserk-style attack.
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
Alexander Couzens [Sat, 24 Jun 2017 16:33:52 +0000 (18:33 +0200)]
ar71xx/images/senao: fix reproducible issue using tar
Use deterministic sorting
Use numeric owner/group
Set uid/gid to 0
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Alexander Couzens [Sun, 18 Jun 2017 19:30:30 +0000 (21:30 +0200)]
ar71xx/image: make tar calls reproducible
Use --mtime when SOURCE_DATE_EPOCH is set.
Use gzip -n9z instead of tar z to remove
timestamp in gzip header.
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Christian Lamparter [Wed, 7 Jun 2017 23:32:26 +0000 (23:32 +0000)]
apm821xx: MR24: fix ethernet phy detection on the MR24
To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
This patch fixes a problem where the AR8035 PHY can't be
detected on the Cisco Meraki MR24, when the ethernet cable
is not connected during boot.
Russell Senior reported:
|This appears to be a problem during probing of the AR8035
|phy chip. When ethernet has no link, the phy detection fails,
|and eth0 is not created. Plugging ethernet later has no effect,
|because there is no interface as far as the kernel is
|concerned. The relevant part of the boot log looks like this:
|
|[ 0.876611] /plb/opb/emac-rgmii@
ef601500: input 0 in RGMII mode
|[ 0.882532] /plb/opb/ethernet@
ef600c00: reset timeout
|[ 0.888546] /plb/opb/ethernet@
ef600c00: can't find PHY!
(<https://bugs.lede-project.org/index.php?do=details&task_id=687>)
Fixes FS#687
Cc: Chris Blake <chrisrblake93@gmail.com>
Reported-by: Russell Senior <russell@personaltelco.net>
Fixes:
23fbb5a87c56e98 ("emac: Fix EMAC soft reset on 460EX/GT")
Signed-off-by: Christian Lamparter <chunkeey@googlemail.com>
Florian Eckert [Wed, 7 Jun 2017 09:01:06 +0000 (11:01 +0200)]
treewide: add license tags
Add licence tags where missing.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Mathias Kresin [Fri, 23 Jun 2017 05:57:32 +0000 (07:57 +0200)]
ramips: add MT7603E driver to AFoundry EW1200
Add the MT7603E driver for the 2.4GHz wireless.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Mathias Kresin [Fri, 30 Dec 2016 10:53:21 +0000 (11:53 +0100)]
ar71xx: add AVM FRITZ!WLAN Repeater 300E support
Specifications:
* SoC: AR7242 (Virian 400MHz)
* RAM: 64 MB DDR (W9751G6JB-25)
* Flash: 16MB SPI flash (S25FL129PIF)
* WiFi: AR9382 (2.4/5GHz) + 2x SE2595L
* LAN: 1x1000M (PEF7071V)
To install LEDE via EVA bootloader, a FTP connection need to be
established to 192.168.178.1 within the first seconds after power on:
ftp> quote USER adam2
ftp> quote PASS adam2
ftp> binary
ftp> debug
ftp> passive
ftp> quote MEDIA FLSH
ftp> put lede-ar71xx-generic-fritz300e-squashfs-sysupgrade.bin mtd1
Signed-off-by: Mathias Kresin <dev@kresin.me>
Mathias Kresin [Thu, 30 Mar 2017 20:01:09 +0000 (22:01 +0200)]
ar71xx: add AR724x PCIe init fixes
Add upstream send AR724x PCIe patches to get the PCIe controller out of
reset during driver init.
The AVM Fritz 300E bootloader doesn't take care of releasing the
different PCIe controller related resets which causes an endless hang
as soon as either the PCIE Reset register (0x180f0018) or the PCI
Application Control register (0x180f0000) is read from.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Mathias Kresin [Sat, 25 Mar 2017 18:18:37 +0000 (19:18 +0100)]
build: move lzma2eva build step to image-commands.mk
Move it to image-commands.mk so that it can used by other targets with
eva based boards as well.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Mathias Kresin [Fri, 30 Dec 2016 07:35:21 +0000 (08:35 +0100)]
kernel: move Lantiq PEF7061/7071/7072 phy driver to generic
The driver is used for boards outside the lantiq target as well. Move
it to generic to make it available for more targets.
The phy driver is included in kernel 4.8 as INTEL_XWAY_PHY.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Mathias Kresin [Sun, 18 Jun 2017 08:28:18 +0000 (10:28 +0200)]
fritz_tffs_read: get tffs size from input file
Use the size of the input file as maximum tffs size instead of a fixed
value. The tffs on a AVM Fritz 300E can be up to 512KByte for example.
Fixes a read error for the AVM Fritz 3370 where the tffs partition size
is 64Kbyte and smaller than the former default value of 256KByte.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Daniel Golle [Sat, 24 Jun 2017 11:58:56 +0000 (13:58 +0200)]
libreadline: add host-build
Also make sure that the PKG_NAME and folder name are equal.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Luiz Angelo Daros de Luca [Sat, 17 Jun 2017 03:54:45 +0000 (00:54 -0300)]
valgrind: bump to 3.13.0
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Christian Schoenebeck [Mon, 19 Jun 2017 18:56:17 +0000 (20:56 +0200)]
ca-certificates: Update to version
20161130+nmu1
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Bastian Bittorf [Wed, 31 May 2017 10:50:08 +0000 (12:50 +0200)]
busybox: ash/hush fix for read-builtin command
this is a cherrypick from busybox-git HEAD:
f5470419404d643070db99d058405b714695b817
and can be removed when upgrading to
next busybox release. discussion here:
http://lists.busybox.net/pipermail/busybox/2017-May/085439.html
Signed-off-by: Bastian Bittorf <bb@npl.de>
Kevin Darbyshire-Bryant [Fri, 9 Jun 2017 12:29:48 +0000 (13:29 +0100)]
gcc: gcc 6.3.0 fix comparison between pointer and integer
Fix FS#832
/source/build_dir/toolchain-mips_74kc_gcc-6.3.0_musl/gcc-6.3.0/gcc/ubsan.c:
In function 'bool ubsan_use_new_style_p(location_t)':
/source/build_dir/toolchain-mips_74kc_gcc-6.3.0_musl/gcc-6.3.0/gcc/ubsan.c:1474:23:
error: ISO C++ forbids comparison between pointer and integer
[-fpermissive]
|| xloc.file == '\0' || xloc.file[0] == '\xff'
^~~~
make[5]: *** [Makefile:1085: ubsan.o] Error 1
https://www.viva64.com/en/b/0425/#ID0EMGCI
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Kevin Darbyshire-Bryant [Thu, 15 Jun 2017 11:48:56 +0000 (12:48 +0100)]
hostapd: add support for acs_chan_bias option
During auto channel selection we may wish to prefer certain channels
over others.
e.g. we can just squeeze 4 channels into europe so '1:0.8 5:0.8 9:0.8
13:0.8' does that.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Stefan Tomanek [Mon, 19 Jun 2017 10:41:11 +0000 (12:41 +0200)]
busybox: backport 'ip rule suppress_{prefixlength, ifgroup}'
This is a backport from the busybox repository
(
192dce4b84fb32346ebc5194de7daa5da3b8d1b4); it enables the use of the
suppress_{prefixlength,ifgroup} flags for policy routing rules.
Signed-off-by: Stefan Tomanek <stefan.tomanek@wertarbyte.de>
Hans Dedecker [Fri, 23 Jun 2017 20:30:06 +0000 (22:30 +0200)]
procd: update to latest version
e5e99c4 watchdog: add support for starting/stopping kernel watchdog
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Rafał Miłecki [Fri, 23 Jun 2017 08:58:16 +0000 (10:58 +0200)]
kernel: backport MTD patch extracing TRX code to separated parser
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Fri, 23 Jun 2017 08:47:18 +0000 (10:47 +0200)]
kernel: backport upstream mtd support for partition parsers
In a log term it should replace our implementation. For now both can
coexist.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Fri, 23 Jun 2017 08:27:20 +0000 (10:27 +0200)]
kernel: backport upstream mtdpart.c cleanups
Except for renames and line changes the only conflict was in
allocate_partition in handling MTD_WRITEABLE. Hopefully it was handled
correctly.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Fri, 23 Jun 2017 06:59:46 +0000 (08:59 +0200)]
kernel: don't switch allocate_partition to use mtd_roundup_to_eb
This mtd_roundup_to_eb helper was introduced years ago in the commit
daec7ad768841 ("kernel/3.10: add separate rootfs partition parser") and
it was probably supposed to simplify code a bit.
With the recent upstream commit
1eeef2d7483a7 ("mtd: handle partitioning
on devices with 0 erasesize") the logic in allocate_partition got
slightly more complex and we can't use this simple helper anymore as it
doesn't support MTD_NO_ERASE properly.
There also isn't any real gain from this helper, so it's probably easier
to just don't use it *or* work on upstreaming it to avoid maintenance
cost.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Fri, 16 Jun 2017 11:23:22 +0000 (13:23 +0200)]
base-files: fix PKG_CONFIG_DEPENDS to include version.mk entries
Including version.mk sets PKG_CONFIG_DEPENDS to config entries used for
VERSION_SED command. We should keep these configs to make sure package
gets refreshed when needed.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Grégoire Delattre [Tue, 20 Jun 2017 09:45:49 +0000 (11:45 +0200)]
dnsmasq: add dhcp-range tags configuration
dnsmasq can match tags in its dhcp-range configuration, this commit adds
the option to configure it in the dhcp section
uci configuration:
config dhcp 'lan'
option interface 'lan'
list tag 'blue'
list tag '!red'
option start '10'
option limit '150'
option leasetime '12h'
generated dnsmasq configuration:
dhcp-range=tag:blue,tag:!red,set:lan,192.168.1.10,192.168.1.159,255.255.255.0,12h
Signed-off-by: Grégoire Delattre <gregoire.delattre@gmail.com>
Daniel Golle [Mon, 19 Jun 2017 14:14:42 +0000 (16:14 +0200)]
procd: update to latest git HEAD
453116e system: introduce new attribute board_name
e5b963a preinit: define _GNU_SOURCE
e5ff8ca upgraded: cmake: Find and include uloop.h
f367ec6 hotplug: fix a memory leak in handle_button_complete()
796ba3b service/service_stopped(): fix a use-after-free
79bbe6d system: return legacy board name
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Hauke Mehrtens [Sun, 18 Jun 2017 21:27:51 +0000 (23:27 +0200)]
build: Fix not altering KERNELRELEASE for external kernel
When an external kernel tree is used the version should not get
modified by the LEDE build scripts. This was added by Florian some time
ago.
The commit
0aed054becb21439 ("build: add KERNEL_MAKE and
KERNEL_MAKE_FLAGS variables and move to kernel.mk") breaks this feature
introduced in
b6746a6ffb73 ("include: Do not alter KERNELRELEASE for
external/git kernels").
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Alexander Couzens [Sun, 18 Jun 2017 19:28:59 +0000 (21:28 +0200)]
mtd-utils/mkfs.jffs2: honor env SOURCE_DATE_EPOCH
Use the timestamp from the enviroment SOURCE_DATE_EPOCH
if set instead of the build time.
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Alexander Couzens [Sun, 18 Jun 2017 00:21:21 +0000 (02:21 +0200)]
firmware-utils: honor env SOURCE_DATE_EPOCH
Use the timestamp from the enviroment SOURCE_DATE_EPOCH
if set instead of the build time.
Fixes reproducible builds for certain firmware images.
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Yousong Zhou [Mon, 19 Jun 2017 06:41:47 +0000 (14:41 +0800)]
libunwind: update to version 1.2.1
Changes since 1.2
a77b0cd Bump version to v1.2.1
5f354cb mips/tilegx: Add missing unwind_i.h header file
620d1c3 Add aarch64 getcontext functionality.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Hans Dedecker [Sun, 18 Jun 2017 20:11:54 +0000 (22:11 +0200)]
netifd: update to the latest version
ef5f7a0 ubus: remove superfluous error check in netifd_add_dynamic
5a68693 iprule: coding style line up
90e2e2c iprule: Add option to suppress unspecific routing lookups
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Yousong Zhou [Tue, 13 Jun 2017 09:03:38 +0000 (17:03 +0800)]
scripts/package-metadata.pl: parse and validate field Require-User
The script will now detect uid/gid collision and can generate a table of
current allocation
./scripts/package-metadata.pl usergroup tmp/.packageinfo \
| sort -k 1,1r -k 3,3n \
| column -t
This should ensure that no collision will happen for each single build
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Yousong Zhou [Thu, 15 Jun 2017 10:07:32 +0000 (18:07 +0800)]
base-files: allocate uid/gid starting from 65536
There already exist static assignment of uid/gid 65533 in packages feed
and we have nobody/nogroup taking 65534 as their ids. Let's change the
pid of dynamic assignment to start from 65536 so that the two assignment
scheme will not collide with each other
While at it, fix the scan command checking existence of uid/gid
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Mathias Kresin [Fri, 16 Jun 2017 22:39:25 +0000 (00:39 +0200)]
ramips: remove optional ucidef_set_led_rssi parameters
The same values are set if the parameters are not specified.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Mathias Kresin [Fri, 16 Jun 2017 22:17:18 +0000 (00:17 +0200)]
base-files: make ucidef_set_led_rssi offset and factor optional
The offset and factor are only related for LEDs which can have
different brightness values. But binary LEDs are more common and don't
require any further configuation than setting the factor to 1.
Use offset = 0 and factor = 1 in case nothing else is specified.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Pavlo Samko [Fri, 9 Jun 2017 11:02:56 +0000 (14:02 +0300)]
ramips: add support for TRENDnet TEW-638APB V2
This patch add support for the TRENDnet TEW-638APB V2.
Specification:
- SoC: Ralink SoC RT3052F
- Flash: 4MB
- RAM: 32MB
- Ethernet: 1x LAN (100 Mbps)
- Wireless: 2.4GHz b/g/n, 2x external antenna
- Buttons: 1x Reset, 1x WPS
- LEDs: Power (green), Ethernet (green), WPS (green and orange),
Wireless (green)
- UART: 1x UART on PCB (3.3V, GND, RX, TX) - 57600 8N1
Installation
via vendor firmware:
- upload sysupgrade.bin image
via TFTP:
- stop uboot into tftp-load into option "2"
- upload sysupgrade.bin image
Signed-off-by: Pavlo Samko <bulldozerbsg@gmail.com>
Mathias Kresin [Wed, 14 Jun 2017 18:17:16 +0000 (20:17 +0200)]
lantiq: show xdsl line init status on shared dsl/internet led
On boards which don't have a distinct internet and dsl led, use the
shared LED to indicate the xdsl line state and any traffic that is
send/received via the netdev. This traffic doesn't necessarily need to
be internet traffic.
Rename the shared LED of existing configs to "dsl", to match the new
defaults. The configuration of the to be renamed LED is identical with
the new defaults.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Martin Schiller [Wed, 7 Jun 2017 07:03:54 +0000 (09:03 +0200)]
lantiq: restore netdev trigger of dsl led on line up
Allows to use a single LED for line init status indication and to show
any rx/tx activity on a synchronized dsl line.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Signed-off-by: Mathias Kresin <dev@kresin.me>
Alexander Couzens [Tue, 13 Jun 2017 11:04:35 +0000 (13:04 +0200)]
build: move definition of KBUILD_BUILD_TIMESTAMP to include/kernel.mk
Fixes:
0aed054bec (build: add KERNEL_MAKE and KERNEL_MAKE_FLAGS
variables and move to kernel.mk)
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Felix Fietkau [Sat, 17 Jun 2017 10:17:27 +0000 (12:17 +0200)]
mt76: update to the latest version, fixes rate control issues
Should improve performance considerably in many cases
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Wed, 14 Jun 2017 10:14:50 +0000 (12:14 +0200)]
libubox: update to the latest version, fixes a runqueue use-after-free bug
7237302 md5: add "const" qualifier to the "file" argument
fa9937c json_script: enable custom expr handler callback
368fd26 uloop: allow specifying a timeout for uloop_run()
6a7fb7d runqueue: fix use-after-free bug
4bc3dec uloop: fix a regression in timeout handling
fd57eea uloop: allow passing 0 as timeout to uloop_run
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Sat, 10 Jun 2017 13:30:31 +0000 (15:30 +0200)]
mac80211: refresh patches
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Pavel Kubelun [Thu, 8 Jun 2017 06:06:27 +0000 (09:06 +0300)]
ipq806x: qca99xx: fix wifi calibration
As of now OTP is being correctly parsed and the driver requires to parse pre-caldata to follow corresponding routine.
Rename cal file into pre-calfile so the board initialized correctly with API 2 board data (board-2.bin).
Also remove the now unneeded for qca9984 board.bin symlink to 5GHz calfile.
Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
Pavel Kubelun [Thu, 1 Jun 2017 14:13:04 +0000 (17:13 +0300)]
ath10k: increase bmi timeout to fix OTP on qca99xx boards and add bmi identification through pre-cal file
Backporting upstream patches.
Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [refresh, rename patches]
Daniel Golle [Fri, 16 Jun 2017 23:24:43 +0000 (01:24 +0200)]
imagebuilder: don't rewrite package list output
No longer rewrite opkg list output in package_list function, remove
the awk call in the pipe (which was intended for a single specific
use-case).
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Fri, 16 Jun 2017 22:54:46 +0000 (00:54 +0200)]
imagebuilder: clean package_list
commit
19ac879954 (imagebuilder: add package_list function) introduced
a new function 'package_list' to the imagebuilder Makefile.
Unfortunately the package list was poluted by stdout noise of the
Makefile itself as well as opkg. Redirect those outputs to stderr to
make sure that the package_list returned doesn't contain progress
info output but really only packages.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Felix Fietkau [Fri, 16 Jun 2017 13:15:37 +0000 (15:15 +0200)]
build: remove old kernel-headers build directories
Saves space after updating kernel versions
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Kevin Darbyshire-Bryant [Thu, 15 Jun 2017 11:58:25 +0000 (12:58 +0100)]
dropbear: fix service trigger syntax error
The classic single '&' when double '&&' conditional was meant.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Paul Spooren [Tue, 13 Jun 2017 19:59:14 +0000 (21:59 +0200)]
imagebuilder: add package_list function
The imagebuilder can now list all available packages by using make
package_list. This is usefull for scripts to retrieve a list of all
packages with versions (and size)
Signed-off-by: Paul Spooren <paul@spooren.de>
[daniel@makrotopia.org: fixed commit message]
Hans Dedecker [Wed, 14 Jun 2017 20:50:48 +0000 (22:50 +0200)]
Revert "dnsmasq: manage resolv.conf if when listening on 127.0.0.1#53"
This reverts commit
a53f8ba6771de64c9c82a2e6867791226f3003cb.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
小桥 [Sun, 5 Mar 2017 07:53:40 +0000 (15:53 +0800)]
ramips: fix Phicomm K1S(PSG1208) pinmux
Use gpio function for pins with LEDs.
Signed-off-by: 小桥 <29551030@qq.com>
Makoto Takeuchi [Wed, 24 May 2017 15:37:24 +0000 (16:37 +0100)]
kirkwood: add support for Cisco ON100
The Cisco ON100 device is a Kirkwood based router:
SoC: Marvell
88F6282 1600Mhz
SDRAM memory: 512MB DDR3 1333Mhz
Gigabit ethernet: 2x Marvell
88E1310 (over RGMII)
Flash memory: 512MB
2 bi-colour status LEDs (green/red)
1 Reset button
1 USB 2.0 port (on back)
1 SDIO slot (on back)
This commit adds a target profile of "Cisco Systems ON100" under the target
system "Marvell Kirkwood".
Flashing can be performed over tftp, once "dhcp" has been issued:
tftpboot ${loadaddr} lede-kirkwood-on100-squashfs-factory.bin
nand erase 0x0c0000 ${filesize}
nand write ${loadaddr} 0x0c0000 ${filesize}
Once flashed, set environment variables to boot:
setenv bootcmd nand read \${loadaddr} 0x0c0000 0x540000\; setenv bootargs
\; bootm
saveenv
Signed-off-by: Makoto Takeuchi <mak0@lxsys.co.uk>