librecmc/librecmc.git
8 months agobase-files: execute package's "postinst" after executing uci-defaults
Rafał Miłecki [Sun, 26 Nov 2023 20:24:28 +0000 (21:24 +0100)]
base-files: execute package's "postinst" after executing uci-defaults

Allow "postinst" scripts to perform extra actions after applying all
kind of fixups implemented using uci-defaults.

This is needed e.g. by uhttpd-mod-ubus which after installation in a
running systems needs to:
1. Update uhttpd config using its uci-defaults script
2. Reload uhttpd

While this approach makes sense there is a risk it'll blow up some
corner case postinst usages. There is only 1 way to find out.

Cc: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit b799dd3c705dfd95745cdd94b13d1cd2ad2367a6)

8 months agoath79: generic: disable SPI-NOR write protect unconditionally
Lech Perczak [Sun, 17 Dec 2023 17:25:55 +0000 (18:25 +0100)]
ath79: generic: disable SPI-NOR write protect unconditionally

Kernel 5.15 introduced a significant change to spi-nor subsystem [1],
which would the SPI-NOR core to no longer unprotect the Flash chips if
their protection bits are non-volatile, which is the case for MX25L6405D
and MX25L12805D, used in Ubiquiti XW and WA lines of devices [2].

However, their bootloader forcibly enables this protection before
continuing to boot, making the kernel not unprotect the flash upon boot,
causing JFFS2 to be unable write to the filesystem. Because sysupgrade
seems to unlock the flash explicitly, the upgrade will work, but the
system will be unable to save configrationm showing the following symptom
in the kernel log:

[   86.168016] jffs2_scan_eraseblock(): End of filesystem marker found at 0x0
[   86.192344] jffs2_build_filesystem(): unlocking the mtd device...
[   86.192443] done.
[   86.200669] jffs2_build_filesystem(): erasing all blocks after the end marker...
[   86.220646] jffs2: Newly-erased block contained word 0x19852003 at offset 0x001e0000
[   86.292388] jffs2: Newly-erased block contained word 0x19852003 at offset 0x001d0000
[   86.324867] jffs2: Newly-erased block contained word 0x19852003 at offset 0x001c0000
[   86.355316] jffs2: Newly-erased block contained word 0x19852003 at offset 0x001b0000
[   86.402855] jffs2: Newly-erased block contained word 0x19852003 at offset 0x001a0000

Disable the write protection unconditionally for ath79/generic subtarget,
so the XW and WA devices can function again. However, this is only a
stopgap solution - it probably should be investigated if there is a way
to selectively unlock the area used by rootfs_data - but given the lock
granularity, this seems unlikely.

With this patch in place, rootfs_data partition on my Nanostation Loco
M5 XW is writable again.

Fixes: #12882
Fixes: #13750
Fixes: 579703f38c14 ("ath79: switch to 5.15 as default kernel")
Link: http://www.infradead.org/pipermail/linux-mtd/2020-October/082805.html
Link: https://forum.openwrt.org/t/powerbeam-m5-xw-configuration-loss-after-reboot/141925
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit f024f4b1b0380b3b2e18115bd8e4f35393fccc70)
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
8 months agojsonfilter: update to Git HEAD (2024-01-23)
Jo-Philipp Wich [Tue, 23 Jan 2024 08:07:16 +0000 (09:07 +0100)]
jsonfilter: update to Git HEAD (2024-01-23)

013b75ab0598 jsonfilter: drop legacy json-c support
594cfa86469c main: fix spurious premature parse aborts in array mode

Fixes: https://bugs.openwrt.org/?task_id=3683
Fixes: https://github.com/openwrt/openwrt/issues/8703
Fixes: https://github.com/openwrt/openwrt/issues/11649
Fixes: https://github.com/openwrt/openwrt/issues/12344
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 33f15dd6d41873b02eb8895b8886763659f1390c)

8 months agohostapd: ACS: Fix typo in bw_40 frequency array
David Bauer [Thu, 18 Jan 2024 21:47:17 +0000 (22:47 +0100)]
hostapd: ACS: Fix typo in bw_40 frequency array

[Upstream Backport]

The range for the 5 GHz channel 118 was encoded with an incorrect
channel number.

Fixes: ed8e13decc71 (ACS: Extract bw40/80/160 freqs out of acs_usable_bwXXX_chan())
Signed-off-by: Michael Lee <michael-cy.lee@mediatek.com>
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 56d7887917102877ed2f03414f7ed812a29d6b39)

8 months agoath79: read back reset register
David Bauer [Tue, 9 Jan 2024 19:52:56 +0000 (20:52 +0100)]
ath79: read back reset register

Read back the reset register in order to flush the cache. This fixes
spurious reboot hangs on TP-Link TL-WDR3600 and TL-WDR4300 with Zentel
DRAM chips.

This issue was fixed in the past, but switching to the reset-driver
specific implementation removed the cache barrier which was previously
implicitly added by reading back the register in question.

Link: https://github.com/freifunk-gluon/gluon/issues/2904
Link: https://github.com/openwrt/openwrt/issues/13043
Link: https://dev.archive.openwrt.org/ticket/17839
Link: f8a7bfe1cb2c ("MIPS: ath79: fix system restart")

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 2fe8ecd880396b5ae25fe9583aaa1d71be0b8468)

8 months agomac80211: do not emit VHT160 capabilities if channel width is less than 160 MHz
Felix Fietkau [Tue, 9 Jan 2024 13:36:42 +0000 (14:36 +0100)]
mac80211: do not emit VHT160 capabilities if channel width is less than 160 MHz

Fixes compatibility issues with VHT160 capable clients

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 80e4e2285fdf4a7b19c84532deafe2d1e690ed30)

8 months agohostapd: add missing NULL pointer check on radar notification
Felix Fietkau [Tue, 9 Jan 2024 10:05:45 +0000 (11:05 +0100)]
hostapd: add missing NULL pointer check on radar notification

Fixes a race condition that can lead to a hostapd crash

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit d864f68232e910f2c8ab06a66347fc08c257dfcc)

8 months agomac80211: avoid crashing on invalid band info
David Bauer [Thu, 30 Nov 2023 06:32:52 +0000 (07:32 +0100)]
mac80211: avoid crashing on invalid band info

Frequent crashes have been observed on MT7916 based platforms. While the
root of these crashes are currently unknown, they happen when decoding
rate information of connected STAs in AP mode. The rate-information is
associated with a band which is not available on the PHY.

Check for this condition in order to avoid crashing the whole system.
This patch should be removed once the roout cause has been found and
fixed.

Link: https://github.com/freifunk-gluon/gluon/issues/2980
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 1278d47beaabaa963b2956e81936269b7fea4003)

8 months agorockchip: configure eth pad driver strength for orangepi r1 plus lts
Tianling Shen [Mon, 25 Dec 2023 03:23:58 +0000 (11:23 +0800)]
rockchip: configure eth pad driver strength for orangepi r1 plus lts

The default strength is not enough to provide stable connection
under 3.3v LDO voltage.

Fixes: 3f3586a06d27 ("rockchip: add Orange Pi R1 Plus LTS support")
Fixes: #13117
Fixes: #13759

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 3645ac8a10d9abb1451343beaf7d65b53eeecffd)
[rebased onto openwrt-23.05 branch]
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
8 months agomac80211: add missing newline for "min_tx_power"
Rany Hany [Wed, 3 Jan 2024 16:43:33 +0000 (18:43 +0200)]
mac80211: add missing newline for "min_tx_power"

This prevents min_tx_power from functioning properly in some circumstances.
Add the missing newline.

Signed-off-by: Rany Hany <rany_hany@riseup.net>
(cherry picked from commit 6ca8752a9cadac810f8541ec1be67d02265175aa)

8 months agoath79: make boot-leds service executable
Eric J. Anderson [Mon, 4 Dec 2023 21:41:47 +0000 (22:41 +0100)]
ath79: make boot-leds service executable

This service was unfunctional due to not having its executable bit
set.

Fixes #13500.

Signed-off-by: Eric J. Anderson <eric.j.ason256@gmail.com>
(cherry picked from commit 807acbce66c34596ac80cad8ea2a3f170f58429c)

10 months agolibrecmc : Add requested packages from package feed to base v6.0-20240103
RISCi_ATOM [Wed, 3 Jan 2024 16:14:17 +0000 (11:14 -0500)]
librecmc : Add requested packages from package feed to base

These packages provide essential functionality and are now
part of the libreCMC base.

avahi
gdbm
getdns
ldns
libcbor
libdaemon
libevdev
libfido2
libsodium
libudev-zero
protobuf-c
protobuf
tcp_wrappers
yaml
luci-app-dnscrypt-proxy
luci-app-unbound
dnscrypt-proxy
mesh11sd
openssh
sshtunnel
stubby
unbound
usbip
htop
nano
zile

10 months agolua5.3: fix typo calling lua53 instead of lua5.3 for Package Default
Christian Marangi [Sun, 10 Dec 2023 10:43:45 +0000 (11:43 +0100)]
lua5.3: fix typo calling lua53 instead of lua5.3 for Package Default

Fix typo calling lua53 instead of lua5.3 for Package Default definition.

This cause only missing description of the package and doesn't cause
any build regression.

Fixes: c52ca08d4008 ("lua5.3: build shared library")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 25e215c14ee6c9f3d54cd1da46a48d9ffe6b254e)

10 months agodropbear: increase default receive window size
David Bauer [Thu, 28 Dec 2023 22:16:02 +0000 (23:16 +0100)]
dropbear: increase default receive window size

Increasing the receive window size improves throughout on higher-latency
links such as WAN connections. The current default of 24KB caps out at
around 500 KB/s.

Increasing the receive buffer to 256KB increases the throughput to at
least 11 MB/s.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit f95eecfb21ff08662e022accd30e8254028ff63b)

10 months agoluci : Make luci-app-opkg the default
RISCi_ATOM [Mon, 1 Jan 2024 06:26:46 +0000 (01:26 -0500)]
luci : Make luci-app-opkg the default

10 months agowolfssl : Bump to 5.6.6
RISCi_ATOM [Sat, 30 Dec 2023 22:54:24 +0000 (17:54 -0500)]
wolfssl : Bump to 5.6.6

10 months agolibrecmc: Refresh libreCMC 6.x branch
RISCi_ATOM [Thu, 28 Dec 2023 18:16:39 +0000 (13:16 -0500)]
librecmc: Refresh libreCMC 6.x branch

libreCMC v6.0 is now based upon upstream's 23.05 branch, with an epoch
@ : 6264d12ed8e4beef6e3707837cb95f0e0d9e4e92

18 months agobuild: generate index.json
Paul Spooren [Tue, 9 May 2023 19:39:58 +0000 (21:39 +0200)]
build: generate index.json

The index.json file lies next to Packages index files and contains a
json dict with the package architecture and a dict of package names and
versions.

This can be used for downstream project to know what packages in which
versions are available.

Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 218ce40cd738f3373438aab82467807a8707fb9c)

18 months agowireless-regdb: update to 2023.05.03
Yuu Toriyama [Thu, 4 May 2023 10:26:13 +0000 (19:26 +0900)]
wireless-regdb: update to 2023.05.03

Changes:
  43f81b4 wireless-regdb: update regulatory database based on preceding changes
  66f245d wireless-regdb: Update regulatory rules for Hong Kong (HK)
  e78c450 wireless-regdb: update regulatory rules for India (IN)
  1647bb6 wireless-regdb: Update regulatory rules for Russia (RU). Remove DFS requirement.
  c076f21 Update regulatory info for Russia (RU) on 6GHz

Signed-off-by: Yuu Toriyama <PascalCoffeeLake@gmail.com>
(cherry picked from commit 97d20525b24e96558f974858f4d8ad6d9148e61f)

18 months agoccache: update to 4.6.3
Nick Hainke [Sun, 28 Aug 2022 13:00:54 +0000 (15:00 +0200)]
ccache: update to 4.6.3

Release Notes:
https://ccache.dev/releasenotes.html#_ccache_4_6_3

Refresh patch:
- 100-honour-copts.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 83ea2e11b4b7872642bc7ac587361ccd783308f2)

18 months agotools/ccache: update to 4.6.2
Nick Hainke [Wed, 24 Aug 2022 08:57:35 +0000 (10:57 +0200)]
tools/ccache: update to 4.6.2

Release notes:
https://ccache.dev/releasenotes.html#_ccache_4_6_2

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit ac61cf596cc4cdfb93981361b093c1d97e4a1b96)

18 months agotools/ccache: update to 4.6.1
Nick Hainke [Thu, 18 Aug 2022 05:53:00 +0000 (07:53 +0200)]
tools/ccache: update to 4.6.1

Release notes:
https://ccache.dev/releasenotes.html#_ccache_4_6_1

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 2e87e24e43c49565e23643eb6eceef8455434647)

18 months agotools/ccache: fix build with musl and gcc 12
Michal Vasilek [Thu, 8 Dec 2022 12:56:45 +0000 (13:56 +0100)]
tools/ccache: fix build with musl and gcc 12

* refresh patches

Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
18 months agoopenssl: fix CVE-2023-464 and CVE-2023-465
Eneas U de Queiroz [Tue, 4 Apr 2023 18:39:56 +0000 (15:39 -0300)]
openssl: fix CVE-2023-464 and CVE-2023-465

Apply two patches fixing low-severity vulnerabilities related to
certificate policies validation:

- Excessive Resource Usage Verifying X.509 Policy Constraints
  (CVE-2023-0464)
  Severity: Low
  A security vulnerability has been identified in all supported versions
  of OpenSSL related to the verification of X.509 certificate chains
  that include policy constraints.  Attackers may be able to exploit
  this vulnerability by creating a malicious certificate chain that
  triggers exponential use of computational resources, leading to a
  denial-of-service (DoS) attack on affected systems.
  Policy processing is disabled by default but can be enabled by passing
  the `-policy' argument to the command line utilities or by calling the
  `X509_VERIFY_PARAM_set1_policies()' function.

- Invalid certificate policies in leaf certificates are silently ignored
  (CVE-2023-0465)
  Severity: Low
  Applications that use a non-default option when verifying certificates
  may be vulnerable to an attack from a malicious CA to circumvent
  certain checks.
  Invalid certificate policies in leaf certificates are silently ignored
  by OpenSSL and other certificate policy checks are skipped for that
  certificate.  A malicious CA could use this to deliberately assert
  invalid certificate policies in order to circumvent policy checking on
  the certificate altogether.
  Policy processing is disabled by default but can be enabled by passing
  the `-policy' argument to the command line utilities or by calling the
  `X509_VERIFY_PARAM_set1_policies()' function.

Note: OpenSSL also released a fix for low-severity security advisory
CVE-2023-466.  It is not included here because the fix only changes the
documentation, which is not built nor included in any OpenWrt package.

Due to the low-severity of these issues, there will be not be an
immediate new release of OpenSSL.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
18 months agouclient: update to Git version 2023-04-13
Matthias Schiffer [Thu, 13 Apr 2023 18:51:05 +0000 (20:51 +0200)]
uclient: update to Git version 2023-04-13

007d94546749 uclient: cancel state change timeout in uclient_disconnect()
644d3c7e13c6 ci: improve wolfSSL test coverage
dc54d2b544a1 tests: add certificate check against letsencrypt.org

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit 4f1c2e8deef10e9ca34ceff5a096e62aaa668e90)

18 months agoimagebuilder: allow to specific ROOTFS_PARTSIZE
Paul Spooren [Sun, 12 Mar 2023 15:56:41 +0000 (16:56 +0100)]
imagebuilder: allow to specific ROOTFS_PARTSIZE

Setting this options modifies the rootfs size of created images. When
installing a large number of packages it may become necessary to
increase the size to have enough storage.

This option is only useful for supported devices, i.e. with an attached
SD Card or installed on a hard drive.

Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 7b7edd25a571568438c886529d3443054e02f55f)

18 months agoiproute2: add missing libbpf dependency
Kien Truong [Sat, 10 Sep 2022 08:25:35 +0000 (15:25 +0700)]
iproute2: add missing libbpf dependency

This patch adds libbpf to the dependencies of tc-mod-iptables.

The package tc-mod-iptables is missing libbpf as a dependency,
which leads to the build failure described in bug #9491

    LIBBPF_FORCE=on set, but couldn't find a usable libbpf

The build dependency is already automatically added because some other
packages from iproute2 depend on libbpf, but bpftools has multiple build
variants. With multiple build variants none gets build by default and
the build system will not build bpftools before iproute2.

Fixes: #9491
Signed-off-by: Kien Truong <duckientruong@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit fa468d4bcdc7e6eb84ea51d9b05368ed87c43aae)

18 months agoopenssl: fix variable reference in conffiles
Eneas U de Queiroz [Mon, 6 Mar 2023 14:58:56 +0000 (11:58 -0300)]
openssl: fix variable reference in conffiles

Fix the trivial abscence of $() when assigning engine config files to
the main libopenssl-config package even if the corresponding engines
were not built into the main library.

This is mostly cosmetic, since scripts/ipkg-build tests the file's
presence before it is actually included in the package's conffiles.

Fixes: 30b0351039 "openssl: configure engine packages during install"
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit c75cd5f6028da6ceb1fb3438da93e2305cd720b1)

18 months agoath79: use lzma-loader for Senao initramfs images
Michael Pratt [Fri, 9 Dec 2022 20:45:04 +0000 (15:45 -0500)]
ath79: use lzma-loader for Senao initramfs images

Some vendors of Senao boards have put a bootloader
that cannot handle both large gzip or large lzma files.

There is no disadvantage by doing this for all of them.

Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit 8342c092a03caedbf160d4ac3982c6a9be91261f)

18 months agoath79: Fix glinet ar300m usb not working
Luo Chongjun [Thu, 15 Dec 2022 09:25:15 +0000 (17:25 +0800)]
ath79: Fix glinet ar300m usb not working

glinet forum users reported the problem at
https://forum.gl-inet.com/t/gl-ar300m16-openwrt-22-03-0-rc5-usb-port-power-off-by-default/23199

The current code uses the regulator framework to control the USB power
supply. Although usb0 described in DTS refers to the regulator by
vbus-supply, but there is no code related to regulator implemented
in the USB driver of QCA953X, so the USB of the device cannot work.

Under the regulator framework, adding the regulator-always-on attribute
fixes this problem, but it means that USB power will not be able to be
turned off. Since we need to control the USB power supply in user space,
I didn't find any other better way under the regulator framework of Linux,
so I directly export gpio.

Signed-off-by: Luo Chongjun <luochongjun@gl-inet.com>
(cherry picked from commit b352124cd2115fec648a00956a848660df9477d3)

18 months agotoolchain: musl: Fix symbol loading in gdb
Hauke Mehrtens [Tue, 10 Jan 2023 18:50:12 +0000 (19:50 +0100)]
toolchain: musl: Fix symbol loading in gdb

Fix DT_DEBUG handling on MIPS in musl libc.
With this change gdb will load the symbol files for shared libraries on MIPS too.

This patch was taken from this thread: https://www.openwall.com/lists/musl/2022/01/09/4

Signed-off-by: Hauke Mehrtens <hmehrtens@maxlinear.com>
(cherry picked from commit fcdd407e8e16b90e1995789ba217be5591a88d2f)

18 months agowireless-regdb: update to 2023.02.13
Yuu Toriyama [Tue, 14 Feb 2023 05:44:11 +0000 (14:44 +0900)]
wireless-regdb: update to 2023.02.13

Changes:
  7f7a9f7 wireless-regdb: update regulatory database based on preceding changes
  660a1ae wireless-regdb: Update regulatory info for Russia (RU) on 5GHz
  fe05cc9 wireless-regdb: Update regulatory rules for Japan (JP) on 6GHz
  d8584dc wireless-regdb: Update regulatory rules for Japan (JP) on 5GHz
  c04fd9b wireless-regdb: update regulatory rules for Switzerland (CH)
  f29772a wireless-regdb: Update regulatory rules for Brazil (BR)

Signed-off-by: Yuu Toriyama <PascalCoffeeLake@gmail.com>
(cherry picked from commit 1173edf23b3440137d60162d1ef9f48ffa13e3e2)

18 months agobuild: fix for sourcing targets image config installed via feeds
Prasun Maiti [Wed, 16 Nov 2022 11:03:33 +0000 (16:33 +0530)]
build: fix for sourcing targets image config installed via feeds

Sourcing of image/Config.in will not happen
When a target is installed from target/linux/feeds/

Signed-off-by: Prasun Maiti <prasunmaiti87@gmail.com>
Acked-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 522a60cd31686a3d1b6d7ed1229eb68568aa89ac)

18 months agobpf-headers: fix package category
Chukun Pan [Sun, 12 Feb 2023 15:19:16 +0000 (23:19 +0800)]
bpf-headers: fix package category

This removes the non-selectable 'Kernel' item
when make menuconfig.

Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from commit 3e4c014008659c760b2e4638f606da90df1e3c93)

18 months agoksmbd: update to 3.4.7
Rosen Penev [Wed, 1 Feb 2023 22:50:22 +0000 (14:50 -0800)]
ksmbd: update to 3.4.7

Remove upstreamed patches.

Switch to normal tarballs. Codeload recently had a reproducibility issue.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 44c24b3ac5d4523c0f9f55691d28387508e93de5)

18 months agoksmbd: Fix ZDI-CAN-18259
Hauke Mehrtens [Sat, 7 Jan 2023 13:41:04 +0000 (14:41 +0100)]
ksmbd: Fix ZDI-CAN-18259

This fixes a security problem in ksmbd. It currently has the
ZDI-CAN-18259 ID assigned, but no CVE yet.

Backported from:
https://github.com/cifsd-team/ksmbd/commit/8824b7af409f51f1316e92e9887c2fd48c0b26d6
https://github.com/cifsd-team/ksmbd/commit/cc4f3b5a6ab4693aba94a45cc073188df4d67175

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 76c67fcc66116381c69439f20159b636573080ba)

18 months agoksmbd: update to 3.4.6
Nick Hainke [Fri, 21 Oct 2022 12:23:47 +0000 (14:23 +0200)]
ksmbd: update to 3.4.6

Release Announcement:
https://github.com/cifsd-team/ksmbd/releases/tag/3.4.6

Remove upstreamed:
- 10-fix-build-on-kernel-5.15.52-or-higher.patch

This fixes the following security bugs:
* CVE-2022-47938, ZDI-22-1689
* CVE-2022-47939, ZDI-22-1690 (patch was already backported before)
* CVE-2022-47940, ZDI-22-1691
* CVE-2022-47941, ZDI-22-1687
* CVE-2022-47942, ZDI-22-1688
* CVE-2022-47943, ZDI-CAN-17817

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 78cbcc77cc33638b185f85c0e40daee1906a2c3c)

18 months agohostapd: add missing return code for the bss_mgmt_enable ubus method
Felix Fietkau [Tue, 7 Mar 2023 09:23:17 +0000 (10:23 +0100)]
hostapd: add missing return code for the bss_mgmt_enable ubus method

Fixes bogus errors on ubus calls

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit cf992ca862f271936f61367236378378f0d91b6d)

18 months agokernel: filter out pahole version
Robert Marko [Tue, 7 Mar 2023 14:00:28 +0000 (15:00 +0100)]
kernel: filter out pahole version

Pahole version is being autodetected during runtime since kernel 5.15.96
via in-kernel scripts/pahole-version.sh so add CONFIG_PAHOLE_VERSION to
kernel filter in order to prevent it from being added to target configs.

Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 5d8f14bfefc6f12e93425ee522bdce75a7c979d6)

18 months agodnsmasq: add dhcphostsfile to ujail sandbox
Ruben Jenster [Thu, 23 Mar 2023 10:15:52 +0000 (11:15 +0100)]
dnsmasq: add dhcphostsfile to ujail sandbox

The dhcphostsfile must be mounted into the (ujail) sandbox.
The file can not be accessed without this mount.

Signed-off-by: Ruben Jenster <rjenster@gmail.com>
(cherry picked from commit 936df715de3d33947ce38ca232b05c2bd3ef58f1)

18 months agonetifd: strip mask from IP address in DHCP client params
Andrey Erokhin [Tue, 7 Mar 2023 11:52:58 +0000 (16:52 +0500)]
netifd: strip mask from IP address in DHCP client params

ipaddr option can be in CIDR notation,
but udhcp wants just an IP address

Signed-off-by: Andrey Erokhin <a.erokhin@inango-systems.com>
(cherry picked from commit 506bb436c678779e8ee54e83a7fb3e4e880037ec)

18 months agokernel: Bump to 5.10.179
RISCi_ATOM [Mon, 8 May 2023 17:33:18 +0000 (13:33 -0400)]
kernel: Bump to 5.10.179

19 months agoopenssl: bump to 1.1.1t
John Audia [Tue, 7 Feb 2023 19:56:52 +0000 (14:56 -0500)]
openssl: bump to 1.1.1t

Changes between 1.1.1s and 1.1.1t [7 Feb 2023]

  *) Fixed X.400 address type confusion in X.509 GeneralName.

     There is a type confusion vulnerability relating to X.400 address processing
     inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING
     but subsequently interpreted by GENERAL_NAME_cmp as an ASN1_TYPE. This
     vulnerability may allow an attacker who can provide a certificate chain and
     CRL (neither of which need have a valid signature) to pass arbitrary
     pointers to a memcmp call, creating a possible read primitive, subject to
     some constraints. Refer to the advisory for more information. Thanks to
     David Benjamin for discovering this issue. (CVE-2023-0286)

     This issue has been fixed by changing the public header file definition of
     GENERAL_NAME so that x400Address reflects the implementation. It was not
     possible for any existing application to successfully use the existing
     definition; however, if any application references the x400Address field
     (e.g. in dead code), note that the type of this field has changed. There is
     no ABI change.
     [Hugo Landau]

  *) Fixed Use-after-free following BIO_new_NDEF.

     The public API function BIO_new_NDEF is a helper function used for
     streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL
     to support the SMIME, CMS and PKCS7 streaming capabilities, but may also
     be called directly by end user applications.

     The function receives a BIO from the caller, prepends a new BIO_f_asn1
     filter BIO onto the front of it to form a BIO chain, and then returns
     the new head of the BIO chain to the caller. Under certain conditions,
     for example if a CMS recipient public key is invalid, the new filter BIO
     is freed and the function returns a NULL result indicating a failure.
     However, in this case, the BIO chain is not properly cleaned up and the
     BIO passed by the caller still retains internal pointers to the previously
     freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO
     then a use-after-free will occur. This will most likely result in a crash.
     (CVE-2023-0215)
     [Viktor Dukhovni, Matt Caswell]

  *) Fixed Double free after calling PEM_read_bio_ex.

     The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and
     decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload
     data. If the function succeeds then the "name_out", "header" and "data"
     arguments are populated with pointers to buffers containing the relevant
     decoded data. The caller is responsible for freeing those buffers. It is
     possible to construct a PEM file that results in 0 bytes of payload data.
     In this case PEM_read_bio_ex() will return a failure code but will populate
     the header argument with a pointer to a buffer that has already been freed.
     If the caller also frees this buffer then a double free will occur. This
     will most likely lead to a crash.

     The functions PEM_read_bio() and PEM_read() are simple wrappers around
     PEM_read_bio_ex() and therefore these functions are also directly affected.

     These functions are also called indirectly by a number of other OpenSSL
     functions including PEM_X509_INFO_read_bio_ex() and
     SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL
     internal uses of these functions are not vulnerable because the caller does
     not free the header argument if PEM_read_bio_ex() returns a failure code.
     (CVE-2022-4450)
     [Kurt Roeckx, Matt Caswell]

  *) Fixed Timing Oracle in RSA Decryption.

     A timing based side channel exists in the OpenSSL RSA Decryption
     implementation which could be sufficient to recover a plaintext across
     a network in a Bleichenbacher style attack. To achieve a successful
     decryption an attacker would have to be able to send a very large number
     of trial messages for decryption. The vulnerability affects all RSA padding
     modes: PKCS#1 v1.5, RSA-OEAP and RSASVE.
     (CVE-2022-4304)
     [Dmitry Belyavsky, Hubert Kario]

Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit 4ae86b3358a149a17411657b12103ccebfbdb11b)

The original commit removed the upstreamed patch 010-padlock.patch, but
it's not on OpenWrt 22.03, so it doesn't have to be removed.

Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
19 months agorockchip: Fix arm-trusted-firmware, use deblobed version
RISCi_ATOM [Sat, 1 Apr 2023 19:44:42 +0000 (15:44 -0400)]
rockchip: Fix arm-trusted-firmware, use deblobed version

19 months agokernel: Bump to 5.10.176
RISCi_ATOM [Fri, 31 Mar 2023 21:51:18 +0000 (17:51 -0400)]
kernel: Bump to 5.10.176

19 months agokernel: add symbol in generic config for 5.10.157
John Audia [Wed, 7 Dec 2022 09:02:49 +0000 (04:02 -0500)]
kernel: add symbol in generic config for 5.10.157

Add CONFIG_INET_TABLE_PERTURB_ORDER=16 to generic config

Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit f83a8329a33ee19060c9e28771434309ef55915d)

19 months agolibrecmc: libreCMC v6.0 Epoch
RISCi_ATOM [Thu, 30 Mar 2023 18:54:46 +0000 (14:54 -0400)]
librecmc: libreCMC v6.0 Epoch
----

Based upon upstream 22.03 @ commit b1204ce28cf259e86c442df759c92127f5e6e678