oweals/openwrt.git
5 years agobase-files: add /usr/share/libubox/jshn.sh to sysupgrade stage2
Russell Senior [Tue, 12 Nov 2019 23:33:48 +0000 (15:33 -0800)]
base-files: add /usr/share/libubox/jshn.sh to sysupgrade stage2

Discovered recent changes had broken sysupgrade for ar71xx mikrotik
rb-493g, traced the problem to missing /usr/share/libubox/jshn.sh after
switching to tmpfs.

Signed-off-by: Russell Senior <russell@personaltelco.net>
5 years agoath79: update uboot-envtools for Netgear WNR routers
Michal Cieslakiewicz [Wed, 6 Nov 2019 09:44:10 +0000 (10:44 +0100)]
ath79: update uboot-envtools for Netgear WNR routers

Boards added: WNR1000v2, WNR2000v3, WNR612v2, WNDR3700.

Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
(cherry picked from commit d47b68700644f37084b82845e9557b1e9954f533)
[removed WNR1000v2/WNR2000v3 since not supported in 19.07]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
5 years agoath79: fix SUPPORTED_DEVICES for TP-Link TL-WR1043ND v3
Adrian Schmutzler [Mon, 11 Nov 2019 18:03:20 +0000 (19:03 +0100)]
ath79: fix SUPPORTED_DEVICES for TP-Link TL-WR1043ND v3

In ar71xx, the board name for the TL-WR1043ND v3 is equal to v2:
tl-wr1043nd-v2

Fix SUPPORTED_DEVICES for v3 in ath79 accordingly.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit b5791118ccd3039cc9ef6fd3b1c4efcad6ab154f)

5 years agoar71xx: fix tl-wdr3320-v2 upgrade
南浦月 [Thu, 19 Sep 2019 09:41:01 +0000 (17:41 +0800)]
ar71xx: fix tl-wdr3320-v2 upgrade

Fix the error that tl-wdr3320-v2 can't upgrade firmware via web
interface by using magic_ver="0200" for this device.

Signed-off-by: 南浦月 <nanpuyue@gmail.com>
[commit message facelift]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 0ff2385a92c0a31769fce954b7bd571d6114dbc8)

5 years agoar71xx: update uboot-envtools for Netgear WNR routers
Michal Cieslakiewicz [Wed, 6 Nov 2019 09:43:14 +0000 (10:43 +0100)]
ar71xx: update uboot-envtools for Netgear WNR routers

Boards added: WNR1000v2, WNR2000v3, WNR2200, WNR612v2, WNDR4300.
Boards changed: WNDR3700 (u-boot env size is 2 sectors not 1).

Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
(cherry picked from commit 11052900494ec8216b9b39ba0b24d5e036f4d323)

5 years agokernel: bump 4.14 to 4.14.152
Koen Vandeputte [Wed, 6 Nov 2019 16:14:43 +0000 (17:14 +0100)]
kernel: bump 4.14 to 4.14.152

Refreshed all patches.

Altered patches:
- 301-arch-support-layerscape.patch

Remove upstreamed:
- 950-0311-sc16is7xx-Fix-for-Unexpected-interrupt-8.patch

Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
5 years agofirmware: intel-microcode: bump to 20190918
Zoltan HERPAI [Sat, 9 Nov 2019 12:01:50 +0000 (13:01 +0100)]
firmware: intel-microcode: bump to 20190918

  * New upstream microcode datafile 20190918

      *Might* contain mitigations for INTEL-SA-00247 (RAMBleed), given
      the set of processors being updated.
  * Updated Microcodes:
      sig 0x000306d4, pf_mask 0xc0, 2019-06-13, rev 0x002e, size 19456
      sig 0x000306f4, pf_mask 0x80, 2019-06-17, rev 0x0016, size 18432
      sig 0x00040671, pf_mask 0x22, 2019-06-13, rev 0x0021, size 14336
      sig 0x000406f1, pf_mask 0xef, 2019-06-18, rev 0xb000038, size 30720
      sig 0x00050654, pf_mask 0xb7, 2019-07-31, rev 0x2000064, size 33792
      sig 0x00050657, pf_mask 0xbf, 2019-08-12, rev 0x500002b, size 51200
      sig 0x00050662, pf_mask 0x10, 2019-06-17, rev 0x001c, size 32768
      sig 0x00050663, pf_mask 0x10, 2019-06-17, rev 0x7000019, size 24576
      sig 0x00050664, pf_mask 0x10, 2019-06-17, rev 0xf000017, size 24576
      sig 0x00050665, pf_mask 0x10, 2019-06-17, rev 0xe00000f, size 19456

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
5 years agofirmware: intel-microcode: bump to 20190618
Zoltan HERPAI [Sun, 25 Aug 2019 20:34:13 +0000 (22:34 +0200)]
firmware: intel-microcode: bump to 20190618

  * Implements MDS mitigation (RIDL, Fallout, Zombieload), INTEL-SA-00223
    CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
  * Updated Microcodes:
    sig 0x000206d6, pf_mask 0x6d, 2019-05-21, rev 0x061f, size 18432
    sig 0x000206d7, pf_mask 0x6d, 2019-05-21, rev 0x0718, size 19456

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
5 years agofirmware: intel-microcode: bump to 20190514
Zoltan HERPAI [Thu, 16 May 2019 10:32:14 +0000 (12:32 +0200)]
firmware: intel-microcode: bump to 20190514

  * New Microcodes:
    sig 0x00030678, pf_mask 0x02, 2019-04-22, rev 0x0838, size 52224
    sig 0x00030678, pf_mask 0x0c, 2019-04-22, rev 0x0838, size 52224
    sig 0x00030679, pf_mask 0x0f, 2019-04-23, rev 0x090c, size 52224
    sig 0x000406c3, pf_mask 0x01, 2019-04-23, rev 0x0368, size 69632
    sig 0x000406c4, pf_mask 0x01, 2019-04-23, rev 0x0411, size 68608
    sig 0x00050657, pf_mask 0xbf, 2019-02-27, rev 0x5000021, size 47104
    sig 0x000806e9, pf_mask 0x10, 2018-10-18, rev 0x009e, size 98304
    sig 0x000806eb, pf_mask 0xd0, 2018-10-25, rev 0x00a4, size 99328
    sig 0x000806ec, pf_mask 0x94, 2019-02-12, rev 0x00b2, size 98304
    sig 0x000906ec, pf_mask 0x22, 2018-09-29, rev 0x00a2, size 98304
    sig 0x000906ed, pf_mask 0x22, 2019-02-04, rev 0x00b0, size 97280

  * Updated Microcodes:
    sig 0x000206a7, pf_mask 0x12, 2019-02-17, rev 0x002f, size 12288
    sig 0x000306a9, pf_mask 0x12, 2019-02-13, rev 0x0021, size 14336
    sig 0x000306c3, pf_mask 0x32, 2019-02-26, rev 0x0027, size 23552
    sig 0x000306d4, pf_mask 0xc0, 2019-03-07, rev 0x002d, size 19456
    sig 0x000306e4, pf_mask 0xed, 2019-03-14, rev 0x042e, size 16384
    sig 0x000306e7, pf_mask 0xed, 2019-03-14, rev 0x0715, size 17408
    sig 0x000306f2, pf_mask 0x6f, 2019-03-01, rev 0x0043, size 34816
    sig 0x000306f4, pf_mask 0x80, 2019-03-01, rev 0x0014, size 18432
    sig 0x00040651, pf_mask 0x72, 2019-02-26, rev 0x0025, size 21504
    sig 0x00040661, pf_mask 0x32, 2019-02-26, rev 0x001b, size 25600
    sig 0x00040671, pf_mask 0x22, 2019-03-07, rev 0x0020, size 14336
    sig 0x000406e3, pf_mask 0xc0, 2019-04-01, rev 0x00cc, size 100352
    sig 0x000406f1, pf_mask 0xef, 2019-03-02, rev 0xb000036, size 30720
    sig 0x00050654, pf_mask 0xb7, 2019-04-02, rev 0x200005e, size 32768
    sig 0x00050662, pf_mask 0x10, 2019-03-23, rev 0x001a, size 32768
    sig 0x00050663, pf_mask 0x10, 2019-03-23, rev 0x7000017, size 24576
    sig 0x00050664, pf_mask 0x10, 2019-03-23, rev 0xf000015, size 23552
    sig 0x00050665, pf_mask 0x10, 2019-03-23, rev 0xe00000d, size 19456
    sig 0x000506c9, pf_mask 0x03, 2019-01-15, rev 0x0038, size 17408
    sig 0x000506ca, pf_mask 0x03, 2019-03-01, rev 0x0016, size 15360
    sig 0x000506e3, pf_mask 0x36, 2019-04-01, rev 0x00cc, size 100352
    sig 0x000506f1, pf_mask 0x01, 2019-03-21, rev 0x002e, size 11264
    sig 0x000706a1, pf_mask 0x01, 2019-01-02, rev 0x002e, size 73728
    sig 0x000806e9, pf_mask 0x10, 2019-04-01, rev 0x00b4, size 98304
    sig 0x000806e9, pf_mask 0xc0, 2019-04-01, rev 0x00b4, size 99328
    sig 0x000806ea, pf_mask 0xc0, 2019-04-01, rev 0x00b4, size 99328
    sig 0x000806eb, pf_mask 0xd0, 2019-03-30, rev 0x00b8, size 98304
    sig 0x000806ec, pf_mask 0x94, 2019-03-30, rev 0x00b8, size 97280
    sig 0x000906e9, pf_mask 0x2a, 2019-04-01, rev 0x00b4, size 99328
    sig 0x000906ea, pf_mask 0x22, 2019-04-01, rev 0x00b4, size 98304
    sig 0x000906eb, pf_mask 0x02, 2019-04-01, rev 0x00b4, size 99328
    sig 0x000906ec, pf_mask 0x22, 2019-02-14, rev 0x00ae, size 98304
    sig 0x000906ed, pf_mask 0x22, 2019-03-17, rev 0x00b8, size 97280
  * Implements MDS mitigation (RIDL, Fallout, Zombieload), INTEL-SA-00223
    CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
5 years agoath79: fix identifier for Nanostation M in ath9k caldata extraction
Adrian Schmutzler [Sun, 10 Nov 2019 23:15:36 +0000 (00:15 +0100)]
ath79: fix identifier for Nanostation M in ath9k caldata extraction

When Nanostation M was renamed from ubnt,nano-m to ubnt,nanostation-m
in commit f1396ac753cc ("ath79: align naming of Ubiquiti Nanostation M"),
the caldata extraction in 10-ath9k-eeprom was overlooked.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 5dc535419fe5f59839686570545fc4180e14d545)

5 years agorpcd: update to latest Git HEAD
Jo-Philipp Wich [Sun, 10 Nov 2019 20:33:47 +0000 (21:33 +0100)]
rpcd: update to latest Git HEAD

77ad0de plugin: avoid truncating numeric values

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit aa89bdcd04676b21cbe3e8a7b8df3545a86d947a)

5 years agowolfssl: update to v4.2.0-stable
Eneas U de Queiroz [Wed, 6 Nov 2019 21:22:52 +0000 (18:22 -0300)]
wolfssl: update to v4.2.0-stable

Many bugs were fixed--2 patches removed here.

This release of wolfSSL includes fixes for 5 security vulnerabilities,
including two CVEs with high/critical base scores:

- potential invalid read with TLS 1.3 PSK, including session tickets
- potential hang with ocspstaping2 (always enabled in openwrt)
- CVE-2019-15651: 1-byte overread when decoding certificate extensions
- CVE-2019-16748: 1-byte overread when checking certificate signatures
- DSA attack to recover DSA private keys

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit f4853f7cca816214cd6e64cffe2b73d0b8c16def)

5 years agowolfssl: allow building with hw-crytpo and AES-CCM
Eneas U de Queiroz [Thu, 12 Sep 2019 20:00:00 +0000 (17:00 -0300)]
wolfssl: allow building with hw-crytpo and AES-CCM

Hardware acceleration was disabled when AES-CCM was selected as a
workaround for a build failure.  This applies a couple of upstream
patches fixing this.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit ab19627ecc3923687fd339f4f23dc45572d00ce0)

5 years agoustream-ssl: update to latest Git HEAD
Jo-Philipp Wich [Tue, 5 Nov 2019 13:38:40 +0000 (14:38 +0100)]
ustream-ssl: update to latest Git HEAD

c9b6668 ustream-ssl: skip writing pending data if .eof is true after connect

Fixes: CVE-2019-5101, CVE-2019-5102
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 6f9157e6bdea91507af84acdf53da7c0e6879bc1)

5 years agoustream-ssl: Update to latest git HEAD
Hauke Mehrtens [Fri, 1 Nov 2019 20:16:18 +0000 (21:16 +0100)]
ustream-ssl: Update to latest git HEAD

465f8dc wolfssl: adjust to new API in v4.2.0
3b06c65 Update example certificate & key, fix typo
1c38fd8 wolfssl: enable CN validation
33308ee ustream-io-cyassl.c: fix client-mode connections
79d91aa Remove CyaSSL, WolfSSL < 3.10.4 support

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 57ff06405e09ebce705c01178143c3ce907993b2)

5 years agomac80211: Fix dependencies of kmod-rsi91x-usb
Hauke Mehrtens [Sat, 9 Nov 2019 19:10:58 +0000 (20:10 +0100)]
mac80211: Fix dependencies of kmod-rsi91x-usb

Instead of depending on kmod-usb2 make it depend on the normal USB
dependencies. This should hopefully fix some problems seen in the build
bot builds for powerpc_8540.

In addition also activate DRIVER_11N_SUPPORT support.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 3ff3b044c01949cd7280978b17d0348ee9e7f4ae)

5 years agostrace: Fix build on PowerPC
Hauke Mehrtens [Sat, 9 Nov 2019 19:07:18 +0000 (20:07 +0100)]
strace: Fix build on PowerPC

This patch breaks building on PowerPC, like the mpc85xx_generic
target for me.

Fixes: FS#2585
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit b01305c8d26d8eb3525cf79591075601b04736cc)

5 years agouboot-envtools: Add TARGET_LDFLAGS to fix PIE and RELRO
Hauke Mehrtens [Thu, 7 Nov 2019 20:01:40 +0000 (21:01 +0100)]
uboot-envtools: Add TARGET_LDFLAGS to fix PIE and RELRO

Forward the OpenWrt TARGET_LDFLAGS to the linker of the fw_printenv tool.
In addition also use the more standard make invocation script.
With this change the fw_printenv tool is built with PIE and Full RELRO
support when activated globally in OpenWrt.

Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
(cherry picked from commit b7b2be0b268ced260ca8df84be1b0d469aaf6e38)

5 years agoxfsprogs: Fix compilation with newer musl
Rosen Penev [Thu, 7 Nov 2019 22:55:10 +0000 (14:55 -0800)]
xfsprogs: Fix compilation with newer musl

Backported upstream patch.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 39035df71c37d474be2cb2a0fad8d70da095c68b)

5 years agoramips: correct R6220 button flag
David Bauer [Sat, 9 Nov 2019 18:10:51 +0000 (19:10 +0100)]
ramips: correct R6220 button flag

All buttons on the Netgear R6220 are active-low while they are flagged
as active-high.

The GPIO status reads the following for no buttons pressed:

root@64367-r6220:~# cat /sys/kernel/debug/gpio
gpio-7   (                    |wps                 ) in  hi
gpio-8   (                    |wifi                ) in  hi
gpio-14  (                    |reset               ) in  hi

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit f7f9fe5256ebb660d3160452c3c01a9eb080938f)

5 years agokernel: fix LED netdev trigger on interface rename
Martin Schiller [Fri, 25 Oct 2019 07:22:29 +0000 (09:22 +0200)]
kernel: fix LED netdev trigger on interface rename

This fixes the netdev LED trigger for interfaces, which are renamed
during initialization (e.g. ppp interfaces).

Fixes: FS#2193
Fixes: FS#2239
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit edbadec843a77286d4f690a3641b7bca97f4c998)

5 years agobuild: cleanup possibly dangling Python 3 host symlink
Etienne Champetier [Fri, 8 Nov 2019 14:58:01 +0000 (06:58 -0800)]
build: cleanup possibly dangling Python 3 host symlink

When switching from master branch to 19.07 or older, we need to ensure
that Python symlink in staging bin directory points to Python 2.

We can't rely completly just on SetupHostCommand as its executed only in
cases when the $(STAGING_DIR_HOST)/bin/python doesn't already exist, so
we need to remove it before running SetupHostCommand.

This is a cherry-pick of 3b68fb57c938af3948ae4c2da61501183fbef649
with python3 instead of python2

Signed-off-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
5 years agobuild: fixup python SetupHostCommand to use python2
Etienne Champetier [Thu, 31 Oct 2019 10:54:59 +0000 (03:54 -0700)]
build: fixup python SetupHostCommand to use python2

Here is a way to break your build env without this patch:
1) have python point to python3, and no python2
2) start the build, SetupHostCommand will create a symlink
./staging_dir/host/bin/python -> /usr/bin/python
3) build fails on scons because it can't find any python2
4) install python2 and restart the build
5) the build fails on wireless-regdb compile because python is python3 instead of python

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
5 years agoexpat: Update to version 2.2.9
Josef Schlehofer [Sun, 29 Sep 2019 09:21:29 +0000 (11:21 +0200)]
expat: Update to version 2.2.9

Fixes CVE-2019-15903

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit b4af2c689fc8736777940b7bbf009bb1672296ec)

5 years agotools/e2fsprogs: Update to version 1.45.4
Josef Schlehofer [Thu, 3 Oct 2019 19:23:00 +0000 (21:23 +0200)]
tools/e2fsprogs: Update to version 1.45.4

Fixes CVE-2019-5094

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 700e7a2eb9c515ffe4f3278857e538ea37cc5e56)

5 years agocurl: bump to 7.66.0
Hans Dedecker [Tue, 17 Sep 2019 20:45:41 +0000 (22:45 +0200)]
curl: bump to 7.66.0

Refresh patches, for changes in version 7.66.0 see https://curl.haxx.se/changes.html#7_66_0

Fixes CVEs:
    CVE-2019-5481
    CVE-2019-5482

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 71cf4a272c9cf7d6e604e6327d0c94aeceac26e7)

5 years agoath79: disable building future NAND images for GL-AR300M/GL-AR750S
Adrian Schmutzler [Thu, 7 Nov 2019 17:53:37 +0000 (18:53 +0100)]
ath79: disable building future NAND images for GL-AR300M/GL-AR750S

To simplify the upgrade process and ensure easier identification of
device partitioning, the following devices are disabled on ath79
target in openwrt-19.07 branch:

- glinet,gl-ar300m-nor
- glinet,gl-ar300m-nand
- glinet,gl-ar750s

Proper ath79 (NAND) support for the devices is expected to be
introduced based on kernel 4.19 (see GitHub PR #2184).

In openwrt-19.07, ar71xx should be used for those devices.

With this, we ensure that the new ath79 image names (at least for
releases) refer to the updated partitioning.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
5 years agomac80211 ath9k: force QCA953x clock to 25MHz
David Bauer [Tue, 5 Nov 2019 21:28:39 +0000 (22:28 +0100)]
mac80211 ath9k: force QCA953x clock to 25MHz

The QCA953x only supports 25 MHz refclk, however some OEMs set an
invalid bootstrap value for the REF_CLK option, which would break the
clock detection in ath9k.

Force the QCA953x refclk to 25MHz in ath9k, as this is (according to the
datasheet) the only valid frequency.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 4c6fe32468bc60cc25a8c298498c0be3c73e7378)

5 years agoar71xx: improve support for TP-Link CPE510 v2
Adrian Schmutzler [Tue, 6 Aug 2019 10:20:05 +0000 (12:20 +0200)]
ar71xx: improve support for TP-Link CPE510 v2

This fixes commit bae927c551fd ("ar71xx: add support for TP-LINK CPE510
V2.0") where the support for this device wasn't optimal.

Device support for the CPE510v2 so far has been a hack to enable
flashing with CPE510v1 images. Those even have different hardware (e.g.
additional ethernet port).

With this patch, we provide proper support for this device in ar71xx.

Installation:
- Flash factory image through stock firmware WEB UI or through TFTP
- To get to TFTP recovery just hold reset button while powering on
  for around 4-5 seconds and release.
- Rename factory image to recovery.bin
- Stock TFTP server IP: 192.168.0.100
- Stock device TFTP address: 192.168.0.254

Fixes: bae927c551fd ("ar71xx: add support for TP-LINK CPE510 V2.0")
Signed-off-by: Andrew Cameron <apcameron@softhome.net>
[Rebased onto revert commit, changed comments in mach-cpe510.c,
changed commit title and description, fixed eth0 MAC address,
removed eth1 initialization]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
[squashed revert, added fixes tag]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit c79b796280fa5cd64bac663f9d5e5d9a737c30d6)
[added CPE510V2 entry to tplink-safeloader.c]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
5 years agogitignore: ignore patches in OpenWrt root directory
Adrian Schmutzler [Tue, 5 Nov 2019 12:05:29 +0000 (13:05 +0100)]
gitignore: ignore patches in OpenWrt root directory

This will have GIT ignore patches in root directory, as created
when using "git format-patch".

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 2c5413559880c54c5eec980121febfe6c7cd287a)

5 years agoOpenWrt v19.07.0-rc1: revert to branch defaults
Jo-Philipp Wich [Wed, 6 Nov 2019 08:08:44 +0000 (09:08 +0100)]
OpenWrt v19.07.0-rc1: revert to branch defaults

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agoOpenWrt v19.07.0-rc1: adjust config defaults v19.07.0-rc1
Jo-Philipp Wich [Wed, 6 Nov 2019 08:08:44 +0000 (09:08 +0100)]
OpenWrt v19.07.0-rc1: adjust config defaults

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agoRevert "ipq806x: fix EA8500 switch control"
Petr Štetiar [Tue, 5 Nov 2019 20:51:23 +0000 (21:51 +0100)]
Revert "ipq806x: fix EA8500 switch control"

There is a problem with the EA8500, the switch will not work after soft
reboot, the only way to get it working again is to power cycle it
manually.

There are probably several issues in the play, it's quite hard to fix it
without having access to the actual device, so I don't see any other
option now, then revert the offending commit.

Ref: PR#2047
Fixes: FS#2168 ("Switch no longer work after restart on Linksys EA8500")
Reported-by: Adam <424778940z@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 04d6753d03e3a6db07b7a2d3296774d0965bbbfa)

5 years agoath10k-firmware: update Candela Tech firmware images
Koen Vandeputte [Tue, 5 Nov 2019 11:16:58 +0000 (12:16 +0100)]
ath10k-firmware: update Candela Tech firmware images

The release notes since last time for wave-1:

  *  October 5,  2019:  Fix too-short msg caused by invalid use of PayloadLen in receive path.
                        This appears to resolve the issue of getting (and ignoring) too-short commands
                        when we detect loss of CE interrupts and go into polling mode.

  *  October 12, 2019:  Fix regression in IBSS mode that caused SWBA overrun issues.  Related to
                        regression added during the ct-station logic, specifically TSF allocation.
                        Thanks for Ahmed Zaki @ Mage-Networks for helping to diagnose and test.

  *  October 15, 2019:  Only send beacon tx completion events if we can detect CT driver is being
                        used (based on CT_STATS_OK flag being set).  This should help CT firmware work
                        better on stock driver.

The release notes since last time for wave-2:

  *  October 15, 2019:  Only send beacon tx completion events if we can detect CT driver is being
                        used (based on ATH10k_USE_TXCOMPL_TXRATE2 | ATH10k_USE_TXCOMPL_TXRATE1 flags being set).
                        This should help CT firmware work better on stock driver.

  *  October 31, 2019:  Compile out peer-ratecode-list-event.  ath10k driver ignores the event.

  *  November 1, 2019:  Fix rate-ctrl related crash when nss and other things were changed while
                        station stays associated.  See bug: https://github.com/greearb/ath10k-ct/issues/96

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit e716e93a2f7290086f49992c9980773c88100c3a)

5 years agoustream-ssl: backport fix for CVE-2019-5101, CVE-2019-5102
Jo-Philipp Wich [Tue, 5 Nov 2019 14:07:55 +0000 (15:07 +0100)]
ustream-ssl: backport fix for CVE-2019-5101, CVE-2019-5102

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5 years agomac80211: rt2x00: backport upstream patches
Daniel Golle [Tue, 5 Nov 2019 09:48:53 +0000 (10:48 +0100)]
mac80211: rt2x00: backport upstream patches

Import patches from upstream to sync 19.07 with master:
 9f3e3323e996 rt2x00: allow to specify watchdog interval
 2034afe4db4a rt2800: add helpers for reading dma done index
 759c5b599cf4 rt2800: initial watchdog implementation
 09db3b000619 rt2800: add pre_reset_hw callback
 710e6cc1595e rt2800: do not nullify initialization vector data
 e403fa31ed71 rt2x00: add restart hw
 0f47aeeada2a rt2800: do not enable watchdog by default
 41a531ffa4c5 rt2x00usb: fix rx queue hang
 3b902fa811cf rt2x00usb: remove unnecessary rx flag checks
 1dc244064c47 rt2x00: no need to check return value of debugfs_create functions
 706f0182b1ad rt2800usb: Add new rt2800usb device PLANEX GW-USMicroN
 95844124385e rt2x00: clear IV's on start to fix AP mode regression
 567a9b766b47 rt2x00: do not set IEEE80211_TX_STAT_AMPDU_NO_BACK on tx status
 14d5e14c8a6c rt2x00: clear up IV's on key removal
 13fa451568ab Revert "rt2800: enable TX_PIN_CFG_LNA_PE_ bits per band"
 --pending--  rt2800: remove errornous duplicate condition

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
5 years agoipq806x: use switch trigger for WAN LED on NETGEAR boards
David Bauer [Mon, 4 Nov 2019 17:48:20 +0000 (18:48 +0100)]
ipq806x: use switch trigger for WAN LED on NETGEAR boards

With this commit, the WAN LED is triggered by the switch port state
instead of the eth0 netdev.
Otherwise, the LED is always illuminated, regardless of the WAN port
link state.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 70d5989c9c99788a9b2a1a737987edcf7e1ae382)
Signed-off-by: David Bauer <mail@david-bauer.net>
5 years agohostapd: enable PMKSA and OK caching for WPA3-Personal
David Bauer [Mon, 28 Oct 2019 18:10:14 +0000 (19:10 +0100)]
hostapd: enable PMKSA and OK caching for WPA3-Personal

This enables PMKSA and opportunistic key caching by default for
WPA2/WPA3-Personal, WPA3-Personal and OWE auth types.
Otherwise, Apple devices won't connect to the WPA3 network.

This should not degrade security, as there's no external authentication
provider.

Tested with OCEDO Koala and iPhone 7 (iOS 13.1).

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 3034f8c3b85e70b1dd9b4cd5cd33e9d2cd8be3b8)
Signed-off-by: David Bauer <mail@david-bauer.net>
5 years agoscripts/dl_github_archive.py: fix python3 str, bytes confusion
Yousong Zhou [Mon, 4 Nov 2019 11:09:38 +0000 (11:09 +0000)]
scripts/dl_github_archive.py: fix python3 str, bytes confusion

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit d26738bc767f48d2dee7097cbfc6d07ffeee58fb)

5 years agouboot-fritz4040: build with ipq40xx "generic" subtarget
Yousong Zhou [Fri, 6 Sep 2019 08:29:50 +0000 (08:29 +0000)]
uboot-fritz4040: build with ipq40xx "generic" subtarget

Fixes: 853e4dd3 ("ipqx0xx: add Generic subtarget")
Ref: https://forum.openwrt.org/t/ipq40xx-snapshot-not-updated-since-22nd-august/44126
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit 40e3f660c1c0f400092cce09feb8c13bec97caeb)

5 years agoipqx0xx: add Generic subtarget
Paul Spooren [Thu, 22 Aug 2019 00:59:24 +0000 (14:59 -1000)]
ipqx0xx: add Generic subtarget

Both targets miss a subtarget causing an image naming style which is
different from other all othe targets, even tho it already uses
`x/generic/` as subfolder as if the subtarget would exist.

This commit adds the Generic subtarget resulting in consistent naming.

    ~/src/openwrt/openwrt/bin/targets/ipq806x/generic$ ls
    openwrt-ipq806x-generic-netgear_d7800-initramfs-uImage
    openwrt-ipq806x-generic-netgear-d7800.manifest
    openwrt-ipq806x-generic-netgear_d7800-squashfs-factory.img
    openwrt-ipq806x-generic-netgear_d7800-squashfs-sysupgrade.bin

CC: John Crispin <john@phrozen.org>
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 853e4dd3062df7cb5704b15d6af6730e3194b571)

5 years agoramips: enable external amplifier for D-Link DIR-810L
Roger Pueyo Centelles [Wed, 4 Sep 2019 09:29:12 +0000 (11:29 +0200)]
ramips: enable external amplifier for D-Link DIR-810L

The 2.4 GHz radio had very poor signal reception (-89 dBm for an AP
sitting 5 m away). By enabling the external amplifier, received signal
has improved to -50 dBm for the same AP.

Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
(cherry picked from commit e667d6f46b5fa9ade5da1d76c8cc1aab1df1dcb6)

5 years agoath79: Clean up GL-AR300M DTS/DTSI inclusions
Jeff Kletsky [Wed, 2 Oct 2019 19:06:18 +0000 (12:06 -0700)]
ath79: Clean up GL-AR300M DTS/DTSI inclusions

Modify GL-AR300M-Lite and GL-AR300M (NOR):

* Include qca9531_glinet_gl-ar300m.dtsi directly
  rather than qca9531_glinet_gl-ar300m-nor.dts

* Remove redundant inclusion of gpio.h and input.h

Signed-off-by: Jeff Kletsky <git-commits@allycomm.com>
Reviewed-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit f5c7fe2ff0deb20f76b4d65195434e35cbb4e08a)

5 years agoramips: fix WiFi MAC addresses for D-Link DIR-810L
Adrian Schmutzler [Mon, 7 Oct 2019 15:08:52 +0000 (17:08 +0200)]
ramips: fix WiFi MAC addresses for D-Link DIR-810L

So far, WiFi MAC addresses for this device have been set up from
caldata. However, this returns values which do not look like MAC
addresses. They also do not match stock firmware:

wlan0 (5.0): 00:11:22:00:17:D0 from 0x8004
wlan1 (2.4): 00:11:22:00:17:CD from 0x4 (and 0x2e)

It looks like the only valid MAC address on this device is at 0x28.

So, this patch changes setup to calculate addresses based on the
value at 0x28:

lan: *:0A (flash, label)
wan: *:0B (flash + 1)
wifi2: *:0A (flash)
wifi5: *:0C (flash + 2)

Thanks to Roger Pueyo Centelles <roger.pueyo@guifi.net> for
investigating this on his devices.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit d1072096f49823eb39357f9555d7854a9c91bcfb)

5 years agolibevent2: Update to 2.1.11
Daniel Engberg [Sat, 23 Feb 2019 22:38:04 +0000 (22:38 +0000)]
libevent2: Update to 2.1.11

Update libevent to 2.1.11
Use CMake instead GNU Autotools
Backport following commits:
https://github.com/libevent/libevent/commit/f05ba671931e2b4e38459899f6f63f79f99869fe
..and partially
https://github.com/libevent/libevent/commit/7201062f3ef505a77baa6ccaf1cf73812462308a
to fix compilation

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit f351beedfd47766e5e44a04af50e3724bec54dbc)
(resolves FS#2435)
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
5 years agorpcd: update to latest Git HEAD
Jo-Philipp Wich [Fri, 1 Nov 2019 07:32:52 +0000 (08:32 +0100)]
rpcd: update to latest Git HEAD

d442d62 plugin: fix double free in finish callback
ee26d83 main: exec_self: make clang analyzer happy
90e40bd file: exec: properly free memory on error
9ecfada uci: free configs list memory on return
32fba36 exec: always call finish_cb to allow plugin to free up memory
ca3e2d5 plugin: do not free method name separately
02c6e1d exec: properly free memory on rpc_exec() error
cc50263 plugin: exec: properly free memory on parse error
bd0ed25 uci: reset uci_ptr flags when merging set operations
37aa919 plugin: fix leaking invoked method name for exec plugins

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit c2675bb0cef373ff59fcc2dbd77471d244bbc774)

5 years agokernel: bump 4.14 to 4.14.151
Koen Vandeputte [Wed, 30 Oct 2019 11:54:43 +0000 (12:54 +0100)]
kernel: bump 4.14 to 4.14.151

Refreshed all patches.

Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
5 years agokernel: mark kmod-usb-serial-wwan as hidden
Yousong Zhou [Wed, 30 Oct 2019 12:41:34 +0000 (12:41 +0000)]
kernel: mark kmod-usb-serial-wwan as hidden

The kconfig symbol is an invisible one since its introduction.  It is
not supposed to be enabled on its own.

Resolves FS#1821

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit 4bf9bec361699e1c033460964158531adf15d7ee)

5 years agokernel: bump 4.14 to 4.14.150
Koen Vandeputte [Mon, 28 Oct 2019 13:23:13 +0000 (14:23 +0100)]
kernel: bump 4.14 to 4.14.150

Refreshed all patches.

Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
5 years agomac80211: add an improved moving average algorithm to minstrel
Felix Fietkau [Sat, 28 Sep 2019 13:57:58 +0000 (15:57 +0200)]
mac80211: add an improved moving average algorithm to minstrel

Improves rate control responsiveness and performance

Signed-off-by: Felix Fietkau <nbd@nbd.name>
[reworked to apply on 4.19.79 mac80211 + renumbered + refreshed]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
5 years agoath79: add support for UniFi AC-LR
Andreas Ziegler [Sun, 6 Oct 2019 17:48:34 +0000 (19:48 +0200)]
ath79: add support for UniFi AC-LR

The Unifi AC-LR has identical hardware to the Unifi AC-Lite.
The antenna setup is different according to the vendor,
which explains the thicker enclosure.

Therefore, it is helpful to know the exact device variant,
instead of having "Ubiquiti UniFi-AC-LITE/LR".

Signed-off-by: Andreas Ziegler <dev@andreas-ziegler.de>
[fix legacy name in commit message; add old boardname to
SUPPORTED_DEVICES]
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 07c1ddf522dbe6085af664cf03a41f636a70b99c)
Signed-off-by: David Bauer <mail@david-bauer.net>
5 years agoar71xx: add model detection for UniFi AC-LR
Andreas Ziegler [Tue, 22 Oct 2019 20:44:29 +0000 (22:44 +0200)]
ar71xx: add model detection for UniFi AC-LR

This commit adds correct model detection for UniFi
AC-LR. Previously, said device was incorrectly detected
as UniFi-AC-LITE/MESH.

The Information about the device is stored at 0xC in the EEPROM
partition. It corresponds to the sysid in /etc/board.info of the
Ubiquiti stock firmware.

Signed-off-by: Andreas Ziegler <dev@andreas-ziegler.de>
[adjust naming style of target to existing ones]
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 2bc7c519dcc0e7ca09feed24a3b9a105bc49f423)
Signed-off-by: David Bauer <mail@david-bauer.net>
5 years agoath10k-firmware: update wave 1 firmware to 10.2.4-1.0-00047
David Bauer [Sat, 5 Oct 2019 10:27:44 +0000 (12:27 +0200)]
ath10k-firmware: update wave 1 firmware to 10.2.4-1.0-00047

This fixes frequent crashes observed on a UniFi AC Mesh using OpenWrt
master and 19.07. 18.06 seems not affected from our testing.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 641a93f0f226aa1b4e27bc6f1fc36f9fe63a11a0)
Signed-off-by: David Bauer <mail@david-bauer.net>
5 years agoath10k-firmware: retrieve wave 1 firmware from kvalo
David Bauer [Sat, 5 Oct 2019 00:12:56 +0000 (02:12 +0200)]
ath10k-firmware: retrieve wave 1 firmware from kvalo

This commit changes the source of the Wave 1 ath10k-firmware
from linux-firmware to Kall Valos ath10k-firmware repository.

This is necessary as the firmware selected in linux-firmware produces
frequent crashes in some circumstances.

This patch can be removed as soon as linux-firmware carries
10.2.4-1.0-00047 firmware.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit a3914783a32d4fe3612383391cd72638931f1cea)
Signed-off-by: David Bauer <mail@david-bauer.net>
5 years agoath79: add LED migration for several Archer Cxx devices
Adrian Schmutzler [Mon, 21 Oct 2019 14:29:36 +0000 (16:29 +0200)]
ath79: add LED migration for several Archer Cxx devices

Several Archer Cxx devices were using board-specific LED names in
ar71xx, which were changed to "tp-link:*" in ath79.

This patch adds migration for them.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 53e6cc7a81175728f64f978c2363a18c1fa66d64)

5 years agoath79: use board name in LED migrations
Adrian Schmutzler [Mon, 21 Oct 2019 14:29:35 +0000 (16:29 +0200)]
ath79: use board name in LED migrations

Several devices added to LED migration script will just have their
(old) board name converted to tp-link.

By using a variable for this, the amount of code in the migration
script can be reduced and the chance for typos is reduced.

This patch also introduces the marker for beginning of a pattern
"^" to the regex, so the match is more specific.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 6b0eb84336edc995f4723f0a005507f158d3e895)

5 years agoath79: fix patching ath9k MAC address for MyNet WiFi Range Extender
Adrian Schmutzler [Mon, 21 Oct 2019 14:19:47 +0000 (16:19 +0200)]
ath79: fix patching ath9k MAC address for MyNet WiFi Range Extender

The code line patching ath9k MAC address for this device contains
a wrong number of arguments including an unset "$mac", which
looks like a typo or copy/paste mistake.

This has been introduced already in the device support commit
745dee11ac78 ("ath79: add support for WD My Net Wi-Fi Range
Extender").

This patch just removes the "$mac" argument, leaving a formally
valid line. (No on-device test has been performed.)

Cc: Christian Lamparter <chunkeey@gmail.com>
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 6b5303378315084bf080a6408c2ca5b2a911aa5d)

5 years agoath79: fix SUPPORTED_DEVICES for ubnt_nanostation-m
Adrian Schmutzler [Mon, 21 Oct 2019 14:17:01 +0000 (16:17 +0200)]
ath79: fix SUPPORTED_DEVICES for ubnt_nanostation-m

The ar71xx images for the Ubiquiti NanoStation M (XM) devices use
"nanostation-m" as board name, but the ath79 images are only
compatible with the "nano-m" board name, so sysupgrade complains.

By changing this additional supported device, sysupgrade smoothly
upgrades from ar71xx to ath79.

Ref: openwrt#2418

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit f473ce6f231bb9f8913be50e850c771b3463fa14)

5 years agoath79: add SUPPORTED_DEVICES to ubnt_nanostation-m-xw
Roger Pueyo Centelles [Fri, 4 Oct 2019 12:43:05 +0000 (14:43 +0200)]
ath79: add SUPPORTED_DEVICES to ubnt_nanostation-m-xw

The ar71xx images for the Ubiquiti NanoStation M (XW) devices use
"nanostation-m-xw" as the board name, but the ath79 images are only
compatible with the "nano-m-xw" board name, so sysupgrade complains.

By adding this additional supported device, sysuspgrade smoothly
upgrades from ar71xx to ath79.

Tested on a NanoStation M (XW) running OpenWrt ar71xx r10250-016d1eb.

Ref: https://github.com/openwrt/openwrt/pull/2418
Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
[removed duplicate DEVICE_VARIANT, removed uneeded nano-m-xw support]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 6dda2ea6ad133705d243d3cc626779ee24bdc88d)
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
5 years agoath79: fix gigabit link pll-data for EX7300
Daniel Gimpelevich [Thu, 17 Oct 2019 10:42:52 +0000 (03:42 -0700)]
ath79: fix gigabit link pll-data for EX7300

The device did not appear to be reachable unless the connection were
forced to 100Mb or lower. Revert to previously working pll-data.

Also fix the phy-mode to represent the actual state needed for ethernet
to function.

Reported-by: Moritz Schreiber <moritz@mosos.de>
Signed-off-by: Daniel Gimpelevich <daniel@gimpelevich.san-francisco.ca.us>
[add remark about phy-mode property]
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit ee41b602a2a2ced06c26e6edc160b2a5e9619f0d)

5 years agoipq40xx: essedma: Fix dead lock
Masafumi UTSUGI [Tue, 1 Oct 2019 09:59:18 +0000 (18:59 +0900)]
ipq40xx: essedma: Fix dead lock

edma_read_append_stats() gets called from two places in the driver.
The first place is the kernel timer that periodically updates
the statistics, so nothing gets lost due to overflows.
The second one it's part of the userspace ethtool ioctl handler
to provide up-to-date values.

For this configuration, the use of spin_lock() is not sufficient
and as per:
<https://mirrors.edge.kernel.org/pub/linux/kernel/people/rusty/kernel-locking/c214.html>
the locking has to be upgraded to spin_lock_bh().

Signed-off-by: Masafumi UTSUGI <mutsugi@allied-telesis.co.jp>
[folded patch into 710-, rewrote message]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit f1d761f95e9664a9c11ce1b98f9e121b43c79d35)

5 years agoopenssl: Add engine configuration to openssl.cnf
Eneas U de Queiroz [Tue, 1 Oct 2019 13:50:34 +0000 (10:50 -0300)]
openssl: Add engine configuration to openssl.cnf

This adds engine configuration sections to openssl.cnf, with a commented
list of engines.  To enable an engine, all you have to do is uncomment
the engine line.

It also adds some useful comments to the devcrypto engine configuration
section.  Other engines currently don't have configuration commands.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit cebf024c4d9fd761e55383a582f7e29ac7cc921c)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
5 years agoath79: correct ar71xx boardname for UniFi AC Lite
David Bauer [Mon, 14 Oct 2019 09:16:54 +0000 (11:16 +0200)]
ath79: correct ar71xx boardname for UniFi AC Lite

This corrects the additional boardname for the image metadata to the one
used in ar71xx. The previously present additional entry was never used
on a running system.

Reviewed-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 1a256470e78a90ac97f41e3335b3fc6ee827e4bc)
Signed-off-by: David Bauer <mail@david-bauer.net>
5 years agompc85xx: correct TP-LINK TL-WDR4900 MAC addresses
David Bauer [Sun, 13 Oct 2019 21:37:59 +0000 (23:37 +0200)]
mpc85xx: correct TP-LINK TL-WDR4900 MAC addresses

This commit fixes TP-Link TL-WDR4900 v1 MAC address assignment.
Previously, the MAC addrss was read for the ethernet from the "config"
partition. However, the content of this partition is dependent on the
firmware which was previously installed on the device.

Switch the MAC address source to the U-Boot partition, where the MAC
address is always present at a fixed partition. The partition was
previously already used for the WiFi MAC-addresses.

Reviewed-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 07e555d8735e8fa272e3f6abd35acc9f1ab44367)
Signed-off-by: David Bauer <mail@david-bauer.net>
5 years agotcpdump: update to 4.9.3
DENG Qingfang [Sat, 12 Oct 2019 16:29:13 +0000 (00:29 +0800)]
tcpdump: update to 4.9.3

Fixed CVEs:
CVE-2017-16808
CVE-2018-10103
CVE-2018-10105
CVE-2018-14461
CVE-2018-14462
CVE-2018-14463
CVE-2018-14464
CVE-2018-14465
CVE-2018-14466
CVE-2018-14467
CVE-2018-14468
CVE-2018-14469
CVE-2018-14470
CVE-2018-14879
CVE-2018-14880
CVE-2018-14881
CVE-2018-14882
CVE-2018-16227
CVE-2018-16228
CVE-2018-16229
CVE-2018-16230
CVE-2018-16300
CVE-2018-16301
CVE-2018-16451
CVE-2018-16452
CVE-2019-15166
CVE-2019-15167

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
(cherry picked from commit 394273c066b8f4317b77f3ede216cfcdd45250c1)

5 years agolibpcap: update to 1.9.1
DENG Qingfang [Sat, 12 Oct 2019 16:28:32 +0000 (00:28 +0800)]
libpcap: update to 1.9.1

Fixed CVEs:
CVE-2018-16301
CVE-2019-15161
CVE-2019-15162
CVE-2019-15163
CVE-2019-15164
CVE-2019-15165

Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
(cherry picked from commit 44f11353de044834a442d3192b66579b99305720)

5 years agokernel: fix typos in video KernelPackage description
Sungbo Eo [Tue, 8 Oct 2019 14:25:03 +0000 (23:25 +0900)]
kernel: fix typos in video KernelPackage description

Fixes: 4b3d17b709a5 ("kernel: add kmod-fb-sys-ram")
Fixes: b774acb47912 ("package/modules: add missing gspca video drivers for 2.6.32 (patch from #6595)")

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit 9f73fad359663fef4decc7440796ec7d3b2b70f7)

5 years agokirkwood: Fix FS#505 - Can't install LEDE on Linksys EA3500
Eubert Bao [Sat, 21 Sep 2019 04:44:16 +0000 (21:44 -0700)]
kirkwood: Fix FS#505 - Can't install LEDE on Linksys EA3500

The default sizes render Device/linksys_audi mage un-flashable.
Restore the pagesize, subpagesize, and blocksize for linksys_audi
from https://github.com/openwrt/archive.

Signed-off-by: Eubert Bao <bunnier@gmail.com>
(cherry picked from commit e11fc8439c9f7230441408c4d257efc46f372312)

5 years agouClibc++: Fix three bugs
Rosen Penev [Mon, 7 Oct 2019 22:59:52 +0000 (15:59 -0700)]
uClibc++: Fix three bugs

The first allows usage of several functions in the std namespace, which
broke compilation of gddrescue specifically with uClibc-ng and uClibc++.

The second allows usage of long long with normal C++11, which is part of
the standard. Before, std=gnu++11 needed to be passsed to work around it.

As a result of the second patch, the pedantic patch can safely be removed.

Both patches are upstream backports.

Added -std=c++11 to CFLAGS to guarentee proper inclusion of long long.

Added another patch that fixes a typo with the long long support. Sent to
upstream.

Fixed up license information according to SPDX.

Small cleanups for consistency.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 6ab386c9bc23420816fbcefc84b62cf5438b2c66)

5 years agohostapd: adjust to removal of WOLFSSL_HAS_AES_GCM
Eneas U de Queiroz [Mon, 7 Oct 2019 21:02:38 +0000 (18:02 -0300)]
hostapd: adjust to removal of WOLFSSL_HAS_AES_GCM

WolfSSL is always built with AES-GCM support now.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit ee5a3f6d605602bbff57cde337235088cf9c3ffa)

5 years agotrelay: fix deadlock on remove
Ali MJ Al-Nasrawy [Wed, 25 Sep 2019 14:47:12 +0000 (17:47 +0300)]
trelay: fix deadlock on remove

Upon writing to "remove" file, debugfs_remove_recursive() blocks while
holding rtnl_lock. This is because debugfs' file_ops callbacks are
executed in debugfs_use_file_*() context which prevents file removal.

Fix this by only flagging the device for removal and then do the cleanup
in file_ops.release callback which is executed out of that context.

Signed-off-by: Ali MJ Al-Nasrawy <alimjalnasrawy@gmail.com>
(cherry picked from commit c2635b871d1dd03a6608a9255222672decd49e09)

5 years agotrelay: handle netdevice events correctly
Ali MJ Al-Nasrawy [Wed, 25 Sep 2019 14:47:11 +0000 (17:47 +0300)]
trelay: handle netdevice events correctly

Since v3.11, netdevice notification data are of type
"struct netdev_notifier_info". Handle it as such!

This should fix a critical bug in which devices are unable get released
because trelay does not release resources in response to UNREGISTER
event spamming the log with something like:

unregister_netdevice: waiting for eth0.1 to become free. Usage count = 1

Signed-off-by: Ali MJ Al-Nasrawy <alimjalnasrawy@gmail.com>
(cherry picked from commit 77cfc0739d30c1282f7de24d2ec086d244e34bb7)

5 years agobzip2: add linker option LDFLAGS
leo chung [Wed, 16 Oct 2019 04:22:55 +0000 (12:22 +0800)]
bzip2: add linker option LDFLAGS

if gcc not linker whith this LDFLAGS, "file libbz2.so.1.0.8" will
recognize as pie executable ELF file ( which should be shared object).

this because the file command version before 5.36 not recognize
correctly.

Signed-off-by: leo chung <gewalalb@gmail.com>
(cherry picked from commit 56ab58fb6ce29329963619d5a4fffa9d5828176e)

5 years agokernel: layerscape: fix compilation error
Biwen Li [Mon, 14 Oct 2019 04:42:32 +0000 (12:42 +0800)]
kernel: layerscape: fix compilation error

This fixes a compilation error as follows:
drivers/staging/fsl_qbman/qman_config.c:815:29: error: bitwise comparison
always evaluates to false [-Werror=tautological-compare]
  if ((qman_ip_rev & 0xFF00) == QMAN_REV31) {

Signed-off-by: Biwen Li <biwen.li@nxp.com>
(cherry picked from commit 53b73131e9b38bcae556555de53203d52321794c)

5 years agotplink-safeloader: fix compilation warnings
Ilya Gordeev [Sat, 12 Oct 2019 18:10:09 +0000 (23:10 +0500)]
tplink-safeloader: fix compilation warnings

Signed-off-by: Ilya Gordeev <Mirraz@users.noreply.github.com>
(cherry picked from commit 5daf09435311922cad32b66b75d13b9367db62f7)

5 years agomac80211: Update to version 4.19.79
Hauke Mehrtens [Sat, 12 Oct 2019 08:57:51 +0000 (10:57 +0200)]
mac80211: Update to version 4.19.79

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
5 years agobuild: add buildinfo as single Makefile target
Paul Spooren [Sun, 13 Oct 2019 19:53:40 +0000 (09:53 -1000)]
build: add buildinfo as single Makefile target

The prepare target was added some 11 years ago to build tools and
toolchain and was recently extended to  create buildinfo files for
reproducibility, meaning {feeds,version,config}.buildinfo.

As the buildbot workflow is more complex than the single prepare (kmod
feed insertion), prepare is only used to create those buildinfo files.
Running prepare however runs `target/compile` as well, taking time even
everything is already compiled.

Splitting this allows the buildbot to run only the `buildinfo` target
while others can still use the convenience feature `prepare`.

Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 6caf437652d858e5795ee16bdaf9f0436d2488f9)

5 years agolantiq: Fix fw_cutter LzmaWrapper
Christian Franke [Thu, 17 Oct 2019 13:12:05 +0000 (15:12 +0200)]
lantiq: Fix fw_cutter LzmaWrapper

The destination buffer size `d_len` is passed to `lzma_inflate` as a
pointer. Therefore, it needs to be dereferenced to compare its content.

Signed-off-by: Christian Franke <nobody@nowhere.ws>
(cherry picked from commit d544bc84a07f299ac1e513715301cae5fbd30923)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
5 years agorpcd: update to latest Git HEAD
Jo-Philipp Wich [Sat, 21 Sep 2019 13:03:48 +0000 (15:03 +0200)]
rpcd: update to latest Git HEAD

95f0973 file: increase minimum read buffer size to 4096 bytes

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 2a603cfcfccc4b20b10b7992bc07be0945345ed9)

5 years agorpcd: update to latest Git HEAD
Jo-Philipp Wich [Tue, 10 Sep 2019 13:25:12 +0000 (15:25 +0200)]
rpcd: update to latest Git HEAD

e2a7bc4 iwinfo: add WPA3 support

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit d6a405280f0156a2dad7d9cfa96695d53ed87dab)

5 years agorpcd: update to latest Git HEAD
Jo-Philipp Wich [Sun, 8 Sep 2019 16:48:15 +0000 (18:48 +0200)]
rpcd: update to latest Git HEAD

69eeb1b file: refactor message parsing and permission checking
f65527a iwinfo: expose all rate info fields in assoclist reply
7fec636 sys: fix symbol redeclaration
27c24c7 rpcd: sys: actually move timespec declaration
345363b file: add remove operation
604db20 rpcd: Switch to nanosleep

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 2f9f8769e334d2e8d0bac4edadbcf6bcdd229519)

5 years agofwtool: do not omit final 16 byte when image does not contain signature
Jo-Philipp Wich [Thu, 17 Oct 2019 14:59:11 +0000 (16:59 +0200)]
fwtool: do not omit final 16 byte when image does not contain signature

The fwutil command will interpret the final 16 byte of a given firmware
image files as "struct fwimage_trailer".

In case these bytes do look like a valid trailer, we must ensure that we
print them out along with the remainder of the image to not accidentally
truncate non-trailer-images by 16 bytes when they're piped through fwtool,
e.g. as part of an image verification command sequence.

Some command sequences pipe images through fwtool in order to strip any
possible metadata, certificate or signature trailers and do not expect
bare images without any of that metadata to get truncated as other non-
fwtool specific metadata is expected at the end of the file, e.g. an
information block with an md5sum in case of the combined image format.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 889b841048c5eb7f975135cab363f1fdd9b6cfa1)

5 years agoiwinfo: update to latest Git HEAD
Jo-Philipp Wich [Wed, 16 Oct 2019 14:48:40 +0000 (16:48 +0200)]
iwinfo: update to latest Git HEAD

07315b6 nl80211: handle hidden SSIDs in wpa_supplicant scan results
3ac846e lua: fix string description of mixed WPA3 modes

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit bc61458b73c04f900c358be8b7ed37c84298472a)

5 years agobcm53xx: sysupgrade: support Luxul NAND devices
Dan Haab [Tue, 15 Oct 2019 15:35:08 +0000 (09:35 -0600)]
bcm53xx: sysupgrade: support Luxul NAND devices

This adds support for UBI-aware sysupgrade using Luxul formats.

Signed-off-by: Dan Haab <dan.haab@legrand.com>
(cherry picked from commit 63c43e5674f346b8ed13377d551e5699afbeb673)

5 years agobrcm47xx: fix switch port labels for Asus WL500GP V2
Michael Heimpold [Fri, 20 Sep 2019 22:15:24 +0000 (00:15 +0200)]
brcm47xx: fix switch port labels for Asus WL500GP V2

The switch port naming in LuCI does not fit the physical numbers
on the front of this device. Since this is confusing, fix it.

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit e56e5a454e729f1067ba1fc8acfc18b99ccb88b4)

5 years agogdb: bump to 8.3.1
Koen Vandeputte [Mon, 14 Oct 2019 15:37:28 +0000 (17:37 +0200)]
gdb: bump to 8.3.1

GDB 8.3.1 brings the following fixes and enhancements over GDB 8.3:

PR c++/20020 (GDB segfault on printing objects)
PR gdb/24454 (nat/x86-linux-dregs.c failed assertion)
PR breakpoints/24541 (Incorrect evaluation of systemtap probes due to register being signed and probe expression assuming unsigned)
PR symtab/24545 (Symbol loading performance regression with cc1)
PR gdb/24592 (amd64->i386 linux syscall restart problem)
PR gdb/25009 (terminate called after throwing an instance of 'srchilite::ParserException')
PR gdb/25010 (Calls to error () can cause SIGTTOU to send gdb to the background)
PR breakpoints/25011 (Breakpoints on file reloads broken for PIE binaries)

This corrective release also brings the following testsuite fixes and
enhancements:

PR testsuite/25005 (gdb-caching-proc.exp takes a lot of time on skip_opencl_tests)
PR testsuite/25016 (Test-case failures for -pie)

GDB 8.3 includes the following changes and enhancements:

* Support for new native configurations (also available as a target configuration):
     - RISC-V GNU/Linux (riscv*-*-linux*)
     - RISC-V FreeBSD (riscv*-*-freebsd*)

* Support for new target configurations:
     - CSKY ELF (csky*-*-elf)
     - CSKY GNU/Linux (csky*-*-linux)
     - NXP S12Z ELF (s12z-*-elf)
     - OpenRISC GNU/Linux (or1k*-*-linux*)

* Native Windows debugging is only supported on Windows XP or later.

* The Python API in GDB now requires Python 2.6 or later.

* GDB now supports terminal styling for the CLI and TUI.
  Source highlighting is also supported by building GDB with GNU
  Highlight.

* Experimental support for compilation and injection of C++ source
  code into the inferior (requires GCC 7.1 or higher, built with
  libcp1.so).

* GDB and GDBserver now support IPv6 connections.

* Target description support on RISC-V targets.

* Various enhancements to several commands:
     - "frame", "select-frame" and "info frame" commands
     - "info functions", "info types", "info variables"
     - "info thread"
     - "info proc"
     - System call alias catchpoint support on FreeBSD
     - "target remote" support for Unix Domain sockets.

* Support for displaying all files opened by a process

* DWARF index cache: GDB can now automatically save indices of DWARF
  symbols on disk to speed up further loading of the same binaries.

* Various GDB/MI enhancements.

* GDBserver on PowerPC GNU/Linux now supports access to the PPR,
  DSCR, TAR, EBB/PMU, and HTM registers.

* Ada task switching support when debugging programs built with
  the Ravenscar profile added to aarch64-elf.

* GDB in batch mode now exits with status 1 if the last executed
  command failed.

* Support for building GDB with GCC's Undefined Behavior Sanitizer.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
5 years agotoolchain/gdb: bump to 8.3.1
Koen Vandeputte [Mon, 14 Oct 2019 14:09:08 +0000 (16:09 +0200)]
toolchain/gdb: bump to 8.3.1

GDB 8.3.1 brings the following fixes and enhancements over GDB 8.3:

PR c++/20020 (GDB segfault on printing objects)
PR gdb/24454 (nat/x86-linux-dregs.c failed assertion)
PR breakpoints/24541 (Incorrect evaluation of systemtap probes due to register being signed and probe expression assuming unsigned)
PR symtab/24545 (Symbol loading performance regression with cc1)
PR gdb/24592 (amd64->i386 linux syscall restart problem)
PR gdb/25009 (terminate called after throwing an instance of 'srchilite::ParserException')
PR gdb/25010 (Calls to error () can cause SIGTTOU to send gdb to the background)
PR breakpoints/25011 (Breakpoints on file reloads broken for PIE binaries)

This corrective release also brings the following testsuite fixes and
enhancements:

PR testsuite/25005 (gdb-caching-proc.exp takes a lot of time on skip_opencl_tests)
PR testsuite/25016 (Test-case failures for -pie)

GDB 8.3 includes the following changes and enhancements:

* Support for new native configurations (also available as a target configuration):
     - RISC-V GNU/Linux (riscv*-*-linux*)
     - RISC-V FreeBSD (riscv*-*-freebsd*)

* Support for new target configurations:
     - CSKY ELF (csky*-*-elf)
     - CSKY GNU/Linux (csky*-*-linux)
     - NXP S12Z ELF (s12z-*-elf)
     - OpenRISC GNU/Linux (or1k*-*-linux*)

* Native Windows debugging is only supported on Windows XP or later.

* The Python API in GDB now requires Python 2.6 or later.

* GDB now supports terminal styling for the CLI and TUI.
  Source highlighting is also supported by building GDB with GNU
  Highlight.

* Experimental support for compilation and injection of C++ source
  code into the inferior (requires GCC 7.1 or higher, built with
  libcp1.so).

* GDB and GDBserver now support IPv6 connections.

* Target description support on RISC-V targets.

* Various enhancements to several commands:
     - "frame", "select-frame" and "info frame" commands
     - "info functions", "info types", "info variables"
     - "info thread"
     - "info proc"
     - System call alias catchpoint support on FreeBSD
     - "target remote" support for Unix Domain sockets.

* Support for displaying all files opened by a process

* DWARF index cache: GDB can now automatically save indices of DWARF
  symbols on disk to speed up further loading of the same binaries.

* Various GDB/MI enhancements.

* GDBserver on PowerPC GNU/Linux now supports access to the PPR,
  DSCR, TAR, EBB/PMU, and HTM registers.

* Ada task switching support when debugging programs built with
  the Ravenscar profile added to aarch64-elf.

* GDB in batch mode now exits with status 1 if the last executed
  command failed.

* Support for building GDB with GCC's Undefined Behavior Sanitizer.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit 942f020bf4d0f49e4c5586a59ddf21c00e9d8bbe)

5 years agokernel: bump 4.14 to 4.14.149
Koen Vandeputte [Mon, 14 Oct 2019 12:33:42 +0000 (14:33 +0200)]
kernel: bump 4.14 to 4.14.149

Refreshed all patches.

Altered patches:
- 820-sec-support-layerscape.patch

Compile-tested on: ar71xx, brcm2708, cns3xxx, imx6, layerscape, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
5 years agotoolchain/musl: bump to version 1.1.24
Koen Vandeputte [Mon, 14 Oct 2019 12:51:23 +0000 (14:51 +0200)]
toolchain/musl: bump to version 1.1.24

1.1.24 release notes

new features:
- GLOB_TILDE extension to glob
- non-stub catgets localization API, using netbsd binary catalog format
- posix_spawn file actions for [f]chdir (extension, pending future standard)
- secure_getenv function (extension)
- copy_file_range syscall wrapper (Linux extension)
- header-level support for new linux features in 5.2

performance:
- new fast path for lrint (generic C version) on 32-bit archs

major internal changes:
- functions involving time are overhauled to be time64-ready in 32-bit archs
- x32 uses the new time64 code paths to replace nasty hacks in syscall glue

compatibility & conformance:
- support for powerpc[64] unaligned relocation types
- powerpc[64] and sh sys/user.h no longer clash with kernel asm/ptrace.h
- select no longer modifies timeout on failure (or at all)
- mips64 stat results are no longer limited to 32-bit time range
- optreset (BSD extension) now has a public declaration
- support for clang inconsistencies in wchar_t type vs some 32-bit archs
- mips r6 syscall asm no longer has invalid lo/hi register clobbers
- vestigial asm declarations of __tls_get_new are removed (broke some tooling)
- riscv64 mcontext_t mismatch glibc's member naming is corrected

bugs fixed:
- glob failed to match broken symlinks consistently
- invalid use of interposed calloc to allocate initial TLS
- various dlsym symbol resolution logic errors
- semctl with SEM_STAT_ANY didn't work
- pthread_create with explicit scheduling was subject to priority inversion
- pthread_create failure path had data race for thread count
- timer_create with SIGEV_THREAD notification had data race getting timer id
- wide printf family failed to support l modifier for float formats

arch-specific bugs fixed:
- x87 floating point stack imbalance in math asm (i386-only CVE-2019-14697)
- x32 clock_adjtime, getrusage, wait3, wait4 produced junk (struct mismatches)
- lseek broken on x32 and mipsn32 with large file offsets
- riscv64 atomics weren't compiler barriers
- riscv64 atomics had broken asm constraints (missing earlyclobber flag)
- arm clone() was broken when compiled as thumb if start function returned
- mipsr6 setjmp/longjmp did not preserve fpu register state correctly

Refreshed all patches.
Removed upstreamed.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
5 years agoiwinfo: update to latest Git HEAD
Jo-Philipp Wich [Tue, 15 Oct 2019 13:51:11 +0000 (15:51 +0200)]
iwinfo: update to latest Git HEAD

a29b7d4 nl80211: align path to phy mapping logic with mac80211.sh

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 57b834281b586839b5e2cb00d7907de50c68ebcc)

5 years agoramips: remove memory node for ZBT-WE1326
Adrian Schmutzler [Mon, 7 Oct 2019 16:25:28 +0000 (18:25 +0200)]
ramips: remove memory node for ZBT-WE1326

Memory auto-detection for mt7621 has just been added to 19.07
stable branch.

This removes the memory node for the ZBT-WE1326, which will support
revision 5 that has 256MiB RAM (Nanya NT5CC128M16IP-DI) instead of
512MiB (up to revision 4).

ref: #1930

This is taken from master commit a2c19f1d2f65 ("ramips: dts: drop
memory nodes"), where _all_ memory nodes were removed.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
5 years agoramips: mt7621: add support for memory detection
Chuanhong Guo [Wed, 10 Jul 2019 03:05:41 +0000 (11:05 +0800)]
ramips: mt7621: add support for memory detection

mt7621 has the following memory map:
0x0-0x1c000000: lower 448m memory
0x1c000000-0x2000000: peripheral registers
0x20000000-0x2400000: higher 64m memory

detect_memory_region in arch/mips/kernel/setup.c only add the first
memory region and isn't suitable for 512m memory detection because
it may accidentally read the memory area for peripheral registers.

This commit adds memory detection capability for mt7621:
1. add the highmem area when 512m is detected.
2. guard memcmp from accessing peripheral registers:
     This only happens when some weird user decided to change
     kernel load address to 256m or higher address. Since this
     is a quite unusual case, we just skip 512m testing and return
     256m as memory size.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
(cherry picked from commit 6d91ddf5175d2eac3c4bc4a404cc0f5dd44cf25b)
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
5 years agoiwinfo: update to latest Git HEAD
Jo-Philipp Wich [Fri, 20 Sep 2019 11:32:49 +0000 (13:32 +0200)]
iwinfo: update to latest Git HEAD

Contains following updates squashed from 3 bump commits in master:

02112f9 cli: fix reporting of mixed WPA2/WPA3 versions
7faeaea nl80211: properly detect WEP encryption in wpa_supp scan results
629b5ff nl80211: do not confuse open connections with WEP ones
3d47ddd nl80211: rework hostapd and wpa_supplicant wpa suite parsing
313e827 nl80211: keep awaiting wpa_supplicant scan results on busy response
a766751 nl80211: fix parsing of mixed wpa encryption in wpa_supp scan results
f096bfd utils: support parsing SAE and OWE key management suites from IEs
2a95086 nl80211: recognize SAE encrypted mesh

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
5 years agobuild: adjust gcc/g++ version checks for newer apple compilers
Felix Fietkau [Thu, 10 Oct 2019 11:42:56 +0000 (13:42 +0200)]
build: adjust gcc/g++ version checks for newer apple compilers

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 46a129194de0f9e2f71b6526634569e1ec802504)

5 years agobuild: fix xconfig target
leo chung [Fri, 20 Sep 2019 05:33:58 +0000 (13:33 +0800)]
build: fix xconfig target

`make xconfig` fails with following linking error of qconf binary:

 g++ -lQt5Widgets -lQt5Gui -lQt5Core -o qconf qconf.o zconf.tab.o
 /usr/bin/ld: qconf.o: in function ConfigList::metaObject() const': qconf.cc:(.text+0x3eb): undefined reference to QObjectData::dynamicMetaObject() const'
 /usr/bin/ld: qconf.o: in function `ConfigList::qt_metacast(char const*)': link error.

which is caused by the wrong order of the linked objects/libraries so
this patch reorders the linker's arguments which makes the qconf compile
again.

Signed-off-by: leo chung <gewalalb@gmail.com>
[commit subject and message tweaks, whitespace fix]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit b2c55d50f8aeb21ef4cd3948034a158f7dd743c2)

5 years agobuild: fix host menu config targets using ncurses
Petr Štetiar [Fri, 20 Sep 2019 12:54:56 +0000 (14:54 +0200)]
build: fix host menu config targets using ncurses

On a recent Gentoo Linux installation, invoking `make menuconfig`, `make
kernel_menuconfig` or `make kernel_nconfig` in the build system fails,
whereas for example `make menuconfig` in the kernel tree alone works as
expected.

This is happening because STAGING_PREFIX is not defined when kernel's
{menu,n}config target calls pkg-config from the toolchain/host and thus
pkg-config returns an empty value, and the fallback values in the kernel
config script are applied but those are off and the linking fails.

Solution is to use system's pkg-config for all ncurses based menu config
targets in order to provide proper compiler/linker flags.

Ref: FS#2423
Cc: Thomas Albers <thomas.gameiro@gmail.com>
Tested-by: Stijn Tintel <stijn@linux-ipv6.be>
Tested-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 965f341aa9fdb6e07d509d02a6ca188af050292a)

5 years agokernel: Fix off-by-one error in FIT mtd partition search.
Oldřich Jedlička [Wed, 25 Sep 2019 19:45:42 +0000 (21:45 +0200)]
kernel: Fix off-by-one error in FIT mtd partition search.

This fixes off-by-one error introduced in commit dc76900021b8
("kernel: Correctly search for the FIT image in mtd partition.")

Function `mtd_read` starts reading at `offset` and
needs `hdr_len` number of bytes to be available. Suppose
the easiest case when `offset` is `0` and `hdr_len` equals
to `mtd->size` - the `for` loop will not be entered even
when enough bytes are available to be read.

Same happens for any non-zero `offset`, when `hdr_len` is
just enough bytes to be read until `mtd->size` is reached.
Imagine that for example `mtd->size=5`, `offset=4` and
`hdr_len=1`. Then `offset+hdr_len=5` and the check has to
be `offset+hdr_len <= mtd->size`, i.e. `5 <= 5`. The
check for `offset + hdr_len` value needs to be inclusive,
therefore use `<=`.

Fixes: dc76900021b8 ("kernel: Correctly search for the FIT image in mtd partition.")
Signed-off-by: Oldřich Jedlička <oldium.pro@gmail.com>
[adjusted commit ref, fixes tag]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit e0ce80d42ace6feba509da16795ab0eb81cf5bf4)

5 years agokernel: Correctly search for the FIT image in mtd partition.
Fredrik Olofsson [Wed, 4 Sep 2019 08:41:22 +0000 (10:41 +0200)]
kernel: Correctly search for the FIT image in mtd partition.

Previously all iterations of the loop checked offset=0 in the partition.

Signed-off-by: Fredrik Olofsson <fredrik.olofsson@anyfinetworks.com>
(cherry picked from commit dc76900021b880820adf981bb7b1cf5ff3ffe1fd)

5 years agobuild: make device tree arg really optional in mkits.sh
Johann Neuhauser [Mon, 16 Sep 2019 09:42:49 +0000 (11:42 +0200)]
build: make device tree arg really optional in mkits.sh

If no device tree is given there is no node generated, but
the configuration does still include the name of the missing node.
This will result in a successful build fit image, but bootm does
throw a error message if we want to boot the bad configuration.

Signed-off-by: Johann Neuhauser <jneuhauser@dh-electronics.com>
(cherry picked from commit 205e0939f0a141a1524d94eaf84407ddcb6a1a09)

5 years agokernel: bump 4.14 to 4.14.148
Koen Vandeputte [Tue, 8 Oct 2019 13:00:32 +0000 (15:00 +0200)]
kernel: bump 4.14 to 4.14.148

Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>