oweals/openwrt.git
4 years agokernel: bump 4.14 to 4.14.178
Petr Štetiar [Mon, 4 May 2020 12:53:34 +0000 (14:53 +0200)]
kernel: bump 4.14 to 4.14.178

Refreshed all patches and removed upstreamed:

 oxnas/001-irqchip-versatile-fpga-Handle-chained-IRQs-properly.patch
 oxnas/002-irqchip-versatile-fpga-Apply-clear-mask-earlier.patch

Fixes: CVE-2020-12114 and CVE-2020-11669

Runtime-tested on: qemu-x86-64
Compile-tested on: ath79/generic, x86/64, imx6

Signed-off-by: Petr Štetiar <ynezz@true.cz>
4 years agowpad-wolfssl: fix crypto_bignum_sub()
Antonio Quartulli [Tue, 28 Apr 2020 10:06:58 +0000 (12:06 +0200)]
wpad-wolfssl: fix crypto_bignum_sub()

Backport patch from hostapd.git master that fixes copy/paste error in
crypto_bignum_sub() in crypto_wolfssl.c.

This missing fix was discovered while testing SAE over a mesh interface.

With this fix applied and wolfssl >3.14.4 mesh+SAE works fine with
wpad-mesh-wolfssl.

Cc: Sean Parkinson <sean@wolfssl.com>
Signed-off-by: Antonio Quartulli <a@unstable.cc>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 4b3b8ec81cd1965d0bd548fa31db491295b83354)

4 years agomac80211: backport fix for an no-ack tx status issue
Felix Fietkau [Sat, 18 Jan 2020 17:41:08 +0000 (18:41 +0100)]
mac80211: backport fix for an no-ack tx status issue

Signed-off-by: Felix Fietkau <nbd@nbd.name>
Tested-by: Jérôme Benoit <jerome.benoit@piment-noir.org> [WRT1900AC v1]
[added missing package version bump]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit e0ab33ea496f371a0683b18d5555d651f8df1f5e)

4 years agohostapd: unconditionally enable ap/mesh for wpa-cli
Felix Fietkau [Tue, 28 Jan 2020 13:12:08 +0000 (14:12 +0100)]
hostapd: unconditionally enable ap/mesh for wpa-cli

Without this change, wpa-cli features depend on which wpad build variant was
used to build the wpa-cli package

Signed-off-by: Felix Fietkau <nbd@nbd.name>
Tested-by: Jérôme Benoit <jerome.benoit@piment-noir.org> [WRT1900AC v1]
[added missing package version bump]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 03e9e4ba9ea8f00ff7c6f076f2cdc322e18cd3a4)

4 years agowireless-regdb: backport three upstream fixes
Petr Štetiar [Sat, 25 Apr 2020 12:56:20 +0000 (14:56 +0200)]
wireless-regdb: backport three upstream fixes

Another release is overdue for quite some time, so I'm backporting three
fixes from upstream which I plan to backport into 19.07 as well.

Ref: FS#2880
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 76a0ddf1308782a4da2693978955aee9cf631862)

4 years agocurl: backport fix for CVE-2019-15601
Petr Štetiar [Fri, 1 May 2020 08:12:11 +0000 (10:12 +0200)]
curl: backport fix for CVE-2019-15601

On Windows, refuse paths that start with \\ ... as that might cause an
unexpected SMB connection to a given host name.

Ref: PR#2730
Ref: https://curl.haxx.se/docs/CVE-2019-15601.html
Suggested-by: Jerome Benoit <jerome.benoit@sap.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
4 years agouboot-kirkwood: fix ethernet and usb
Pawel Dembicki [Sat, 18 Apr 2020 19:47:44 +0000 (21:47 +0200)]
uboot-kirkwood: fix ethernet and usb

Before 2019.01 version was introduced patch, which changes cache
routines: 93b283d4 ("ARM: CPU: arm926ejs: Consolidate cache
routines to common file"). Unfortunately that patch make ethernet
and usb in kirkwood broken.

This patch backport commit 599f7aa5 ("ARM: kirkwood: disable dcache
for Kirkwood boards"), which are fix for that problem.

Fixes: dc08514e6d ("uboot-kirkwood: update to 2019.01")

Run tested: pogoplugv4

Tested-by: Cezary Jackiewicz <cezary@eko.one.pl> [nsa310]
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
4 years agoramips: remove memory node for ZBT MT7621 devices
Chuanhong Guo [Mon, 27 Apr 2020 12:20:08 +0000 (20:20 +0800)]
ramips: remove memory node for ZBT MT7621 devices

It's known that ZBT sells 256M variants of these routers. As a result,
our images won't be able to boot on these routers.
This commit removes memory node for them. With previously backported
memory detection patch, kernel is able to detect memory size itself.

Fixes: FS#3053
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
4 years agoramips: remove unnecessary DEVICE_PACKAGES for Belkin F7C027
Sungbo Eo [Sun, 26 Apr 2020 11:22:33 +0000 (20:22 +0900)]
ramips: remove unnecessary DEVICE_PACKAGES for Belkin F7C027

kmod-usb-dwc2 and kmod-usb-ledtrig-usbport are not target default packages, and
Belkin F7C027 does not have a USB port anyway. Just drop it.

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit 1dedad2a00d8519d4892b8529b5f2fffcb768220)

4 years agooxnas: move service file to correct place
Sungbo Eo [Sun, 22 Mar 2020 17:41:08 +0000 (02:41 +0900)]
oxnas: move service file to correct place

This service file has been misplaced from the very beginning.

Fixes: dcc34574efba ("oxnas: bring in new oxnas target")
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit 01961f163d927d6b44097f48a67bbc5b4c63eaf7)

4 years agorelayd: bump to version 2020-04-25
Kevin Darbyshire-Bryant [Sat, 25 Apr 2020 09:27:22 +0000 (10:27 +0100)]
relayd: bump to version 2020-04-25

f4d759b dhcp.c: further improve validation

Further improve input validation for CVE-2020-11752

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 9e7d11f3e275d6f5d6b3edd7f0fa0440da43c45a)

4 years agoumdns: update to version 2020-04-25
Kevin Darbyshire-Bryant [Sat, 25 Apr 2020 09:30:08 +0000 (10:30 +0100)]
umdns: update to version 2020-04-25

cdac046 dns.c: fix input validation fix

Due to a slight foobar typo, failing to de-reference a pointer, previous
fix not quite as complete as it should have been.

Improve CVE-2020-11750 fix

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 9f7c8ed0786be97eda879e5f6681994e4de53d74)

4 years agodnsmasq: fix dnssec+ntp chicken-and-egg workaround (FS#2574)
Henrique de Moraes Holschuh [Sun, 1 Mar 2020 03:08:43 +0000 (00:08 -0300)]
dnsmasq: fix dnssec+ntp chicken-and-egg workaround (FS#2574)

Fix the test for an enabled sysntp initscript in dnsmasq.init, and get
rid of "test -o" while at it.

Issue reproduced on openwrt-19.07 with the help of pool.ntp.br and an
RTC-less ath79 router.  dnssec-no-timecheck would be clearly missing
from /var/etc/dnsmasq.conf.* while the router was still a few days in
the past due to non-working DNSSEC + DNS-based NTP server config.

The fix was tested with the router in the "DNSSEC broken state": it
properly started dnsmasq in dnssec-no-timecheck mode, and eventually ntp
was able to resolve the server name to an IP address, and set the system
time.  DNSSEC was then enabled by SIGINT through the ntp hotplug hook,
as expected.

A missing system.ntp.enabled UCI node is required for the bug to show
up.  The reasons for why it would be missing in the first place were not
investigated.

Signed-off-by: Henrique de Moraes Holschuh <henrique@nic.br>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
(cherry picked from commit 556b8581a15c855b2de0efbea6b625ab16cc9daf)

4 years agolibpcap: fix build breakage with very high number of simultaneous jobs
Petr Štetiar [Sat, 25 Apr 2020 11:59:19 +0000 (13:59 +0200)]
libpcap: fix build breakage with very high number of simultaneous jobs

Building libpcap with high number (64) of simultaneous jobs fails:

 In file included from ./fmtutils.c:42:0:
 ./ftmacros.h:106:0: warning: "_BSD_SOURCE" redefined
   #define _BSD_SOURCE

 <command-line>:0:0: note: this is the location of the previous definition
 ./gencode.c:67:10: fatal error: grammar.h: No such file or directory
  #include "grammar.h"
           ^~~~~~~~~~~
 compilation terminated.
 Makefile:99: recipe for target 'gencode_pic.o' failed

So fix this by less intrusive way by disabling the parallel builds for
this package.

Ref: FS#3010
Signed-off-by: Petr Štetiar <ynezz@true.cz>
4 years agoopenssl: bump to 1.1.1g
Petr Štetiar [Tue, 21 Apr 2020 20:51:20 +0000 (22:51 +0200)]
openssl: bump to 1.1.1g

Fixes NULL dereference in SSL_check_chain() for TLS 1.3, marked with
high severity, assigned CVE-2020-1967.

Ref: https://www.openssl.org/news/secadv/20200421.txt
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 3773ae127ac83766028f767ac744e87a7ddcaf50)

4 years agorelayd: bump to version 2020-04-20
Kevin Darbyshire-Bryant [Mon, 20 Apr 2020 08:08:20 +0000 (09:08 +0100)]
relayd: bump to version 2020-04-20

796da66 dhcp.c: improve input validation & length checks

Addresses CVE-2020-11752

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit be172e663f318ec364c13f795df025bbcce9ac18)

4 years agoumdns: update to version 2020-04-20
Kevin Darbyshire-Bryant [Mon, 20 Apr 2020 08:03:52 +0000 (09:03 +0100)]
umdns: update to version 2020-04-20

e74a3f9 dns.c: improve input validation

Addresses CVE-2020-11750

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 533da61ac63079f218a9946cd8e347b880c33dc0)

4 years agoumdns: update to the version 2020-04-05
Kevin Darbyshire-Bryant [Sun, 5 Apr 2020 08:14:43 +0000 (09:14 +0100)]
umdns: update to the version 2020-04-05

ab7a39a umdns: fix unused error
45c4953 dns: explicitly endian-convert all fields in header and question

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 22ae8bd50ef6d056b25a96ce6c77de0b0d53c1a1)
(cherry picked from commit 17c4593e63f5847868f2c38185275199d37d379a)

4 years agoumdns: suppress address-of-packed-member warning
Kevin Darbyshire-Bryant [Sat, 4 Apr 2020 08:20:08 +0000 (09:20 +0100)]
umdns: suppress address-of-packed-member warning

gcc 8 & 9 appear to be more picky with regards access alignment to
packed structures, leading to this warning in dns.c:

dns.c:261:2: error: converting a packed ‘struct dns_question’ pointer
(alignment 1) to a ‘uint16_t’ {aka ‘short unsigned int’} pointer
(alignment 2) may result in an unaligned pointer value
[-Werror=address-of-packed-member]

261 |  uint16_t *swap = (uint16_t *) q;

Work around what I think is a false positive by turning the warning off.
Not ideal, but not quite as not ideal as build failure.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 02640f014719a994e2e538b2cb6376a189cd39de)
(cherry picked from commit a10b6ec1c8cd6d14a3b76a2ec3d81442b85f7321)

4 years agobinutils: add ALTERNATIVES for strings (FS#3001)
Hans Dedecker [Sat, 18 Apr 2020 08:34:10 +0000 (10:34 +0200)]
binutils: add ALTERNATIVES for strings (FS#3001)

Don't move strings anymore to /bin/strings to avoid clash with
busybox /usr/bin/strings but move it to /usr/bin/binutils-strings.
Use ALTERNATIVES support to install it as /usr/bin/strings

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 5f126c541a743e2ff5d8f406128d477ab5a509b4)

4 years agombedtls: update to 2.16.6
Magnus Kroken [Thu, 16 Apr 2020 15:47:47 +0000 (17:47 +0200)]
mbedtls: update to 2.16.6

Security fixes for:
* CVE-2020-10932
* a potentially remotely exploitable buffer overread in a DTLS client
* bug in DTLS handling of new associations with the same parameters

Full release announement:
https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.6-and-2.7.15-released

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
(cherry picked from commit 02fcbe2f3d4eaf65e90bb167aa7818eacc08c633)

4 years agomvebu: cortexa9: correct cpu subtype
Tomasz Maciej Nowak [Wed, 18 Mar 2020 18:04:12 +0000 (19:04 +0100)]
mvebu: cortexa9: correct cpu subtype

Armada 370  processors have only 16 double-precision registers. The
change introduced by 8dcc1087602e ("toolchain: ARM: Fix toolchain
compilation for gcc 8.x") switched accidentally the toolchain for mvebu
cortexa9 subtarget to cpu type with 32 double-precision registers. This
stems from gcc defaults which assume "vfpv3-d32" if only "vfpv3" as mfpu
is specified. That change resulted in unusable image, in which kernel
will kill userspace as soon as it causing "Illegal instruction".

Ref: https://forum.openwrt.org/t/gcc-was-broken-on-mvebu-armada-370-device-after-commit-on-2019-03-25/43272
Fixes: 8dcc1087602e ("toolchain: ARM: Fix toolchain compilation for
gcc 8.x")
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
(cherry picked from commit 2d61f8821c7cf99354e904139226c132554ba180)

4 years agotegra: correct cpu subtype
Tomasz Maciej Nowak [Wed, 18 Mar 2020 18:04:13 +0000 (19:04 +0100)]
tegra: correct cpu subtype

Tegra 2 processors have only 16 double-precision registers. The change
introduced by 8dcc1087602e ("toolchain: ARM: Fix toolchain compilation
for gcc 8.x") switched accidentally the toolchain for tegra target to cpu
type with 32 double-precision registers. This stems from gcc defaults
which assume "vfpv3-d32" if only "vfpv3" as mfpu is specified. That
change resulted in unusable image, in which kernel will kill userspace as
soon as it causing "Illegal instruction".

Ref: https://forum.openwrt.org/t/gcc-was-broken-on-mvebu-armada-370-device-after-commit-on-2019-03-25/43272
Fixes: 8dcc1087602e ("toolchain: ARM: Fix toolchain compilation for
gcc 8.x")
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
(cherry picked from commit 43d1d88510621801d66a0a7f46f4c4f44d89633a)

4 years agomvebu: backport ClearFog SPI enablement
Joel Johnson [Fri, 27 Mar 2020 17:31:37 +0000 (11:31 -0600)]
mvebu: backport ClearFog SPI enablement

Backport Device Tree change first added in kernel 4.19 to enable the SPI
device on ClearFog devices by default. This is tested and working in
snapshot builds with kernel 5.4+, include the change in future 19.07
patch releases.

Signed-off-by: Joel Johnson <mrjoel@lixil.net>
4 years agokernel: bump 4.14 to 4.14.176
Koen Vandeputte [Wed, 15 Apr 2020 12:55:36 +0000 (14:55 +0200)]
kernel: bump 4.14 to 4.14.176

Refreshed all patches.

Remove upstreamed:
- 0001-net-thunderx-workaround-BGX-TX-Underflow-issue.patch
- 600-ipv6-addrconf-call-ipv6_mc_up-for-non-Ethernet-inter.patch
- 003-ARM-dts-oxnas-Fix-clear-mask-property.patch

Fixes:
- CVE-2020-8647
- CVE-2020-8648 (potentially)
- CVE-2020-8649

Compile-tested on: cns3xxx, octeontx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
4 years agoath79: add SUPPORTED_DEVICES for TP-Link TL-WA901ND v2
Adrian Schmutzler [Wed, 15 Apr 2020 10:45:28 +0000 (12:45 +0200)]
ath79: add SUPPORTED_DEVICES for TP-Link TL-WA901ND v2

This adds the board name from ar71xx to support upgrade without
-F for the TP-Link TL-WA901ND v2.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 508462a399c8a68fdcdf599a1aa17441bdaad20b)

4 years agombedtls: update to version 2.16.5
Josef Schlehofer [Sat, 22 Feb 2020 22:03:36 +0000 (23:03 +0100)]
mbedtls: update to version 2.16.5

Changelog:
https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.5-and-2.7.14-released

Security advisory:
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-02

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 36af1967f5fcfc889594a8af0f92f873f445d249)

4 years agoRevert "ramips: disable ZyXel Keenetic by default"
Adrian Schmutzler [Wed, 8 Apr 2020 20:08:46 +0000 (22:08 +0200)]
Revert "ramips: disable ZyXel Keenetic by default"

This reverts commit c38074de929e6f7c089e2cb7f81746ba90ddf16b.

Since ZyXEL Keenetic has actually 8 MiB flash as fixed in the
previous patch, we can re-enable it.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agoramips: use full 8MB flash on ZyXEL Keenetic
Alexey Dobrovolsky [Wed, 8 Apr 2020 18:43:36 +0000 (21:43 +0300)]
ramips: use full 8MB flash on ZyXEL Keenetic

ZyXEL Keenetic has 8MB flash, but OpenWrt uses only 4MB.
This commit fixes the problem.

WikiDevi page [1] says that ZyXEL Keenetic has FLA1: 8 MiB, there is
an article with specs [2] (in Russian).

[1] https://wikidevi.wi-cat.ru/ZyXEL_Keenetic
[2] https://3dnews.ru/608774/page-2.html

Fixes: FS#2487
Fixes: a7cbf59e0e04 ("ramips: add new device ZyXEL Keenetic as kn")

Signed-off-by: Alexey Dobrovolsky <dobrovolskiy.alexey@gmail.com>
(cherry picked from commit fea232ae8feb6af780fd4fa78ebe9231778bf75a)

4 years agobcm53xx: add support for Luxul FullMAC WiFi devices
Dan Haab [Mon, 6 Apr 2020 23:14:39 +0000 (16:14 -0700)]
bcm53xx: add support for Luxul FullMAC WiFi devices

This prepares support for models XAP-1610 and XWR-3150. Flashing
requires using Luxul firmware version:
1) 8.1.0 or newer for XAP-1610
2) 6.4.0 or newer for XWR-3150
and uploading firmware using "Firmware Update" web UI page.

Signed-off-by: Dan Haab <dan.haab@legrand.com>
(cherry picked from commit c459a6bf482f5afc4746a4a108a143e9194cd59d)

4 years agobcm53xx: refactor board.d code in 02_network
Rafał Miłecki [Fri, 3 Apr 2020 13:55:01 +0000 (15:55 +0200)]
bcm53xx: refactor board.d code in 02_network

1. Use functions for cleaner code
2. Always execute WAN interface generic code

Before this change WAN interface code wasn't executed on all devices due
to an early "exit 0".

Acked-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit b51ea43f900191bc8ce7411dad39239fac6df4f8)

4 years agobcm53xx: sysupgrade: optimize building UBI image
Rafał Miłecki [Thu, 20 Feb 2020 12:40:55 +0000 (13:40 +0100)]
bcm53xx: sysupgrade: optimize building UBI image

Use "truncate" to adjust size of existing file instead of "dd" which
required creating a copy. This saves space on tmpfs. It may be as low
as 2.1 MiB when using OpenWrt default user space and way more (20+ MiB)
when flashing vendor firmware.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 8abefc8896e7138a101fbb3d228946c43321503e)

4 years agobusybox: enable truncate on bcm53xx target
Rafał Miłecki [Thu, 20 Feb 2020 12:40:54 +0000 (13:40 +0100)]
busybox: enable truncate on bcm53xx target

It's needed for optimized sysupgrade. On host machine this change
increased busybox size by 4096 B.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 547f1ec25af59f9e69ae3cb69d1312e63138d4bf)

4 years agobcm53xx: fix ASUS firmwares to use vendor format
Rafał Miłecki [Mon, 2 Mar 2020 21:03:09 +0000 (22:03 +0100)]
bcm53xx: fix ASUS firmwares to use vendor format

Image building process was missing "asus-trx" step which resulted in raw
TRX files (without ASUS footer with device id).

Fixes: 0b9de8daa70e ("bcm53xx: add profiles for all other (SoftMAC) devices")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 0493d57e04774d47921a7d2014b567455d5dc16b)

4 years agoopenssl: bump to 1.1.1f
Eneas U de Queiroz [Tue, 31 Mar 2020 20:51:45 +0000 (17:51 -0300)]
openssl: bump to 1.1.1f

There were two changes between 1.1.1e and 1.1.1f:
- a change in BN prime generation to avoid possible fingerprinting of
  newly generated RSA modules
- the patch reversing EOF detection we had already applied.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit af5ccfbac74b859801cf174460fb8dbf9ed9e181)

4 years agoath79: add support for TP-Link TL-WDR4310 v1
Adrian Schmutzler [Mon, 9 Dec 2019 12:44:03 +0000 (13:44 +0100)]
ath79: add support for TP-Link TL-WDR4310 v1

This device seems to be identical to the TL-WDR4300, just with
different release date/region and TPLINK_HWID.

Support is added based on the ar71xx implementation.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 676ca94c3ca5421c7176d67a211fa29b1bb2e219)

4 years agolibpcap: Update shared-lib patch from Debian to fix linking problems
Hauke Mehrtens [Fri, 20 Mar 2020 18:07:31 +0000 (19:07 +0100)]
libpcap: Update shared-lib patch from Debian to fix linking problems

This updates the shared-lib patch to the recent version from debian
found here:
https://salsa.debian.org/rfrancoise/libpcap/-/blob/debian/1.9.1-2/debian/patches/shared-lib.diff

This patch makes it include missing/strlcpy.o to the shared library
which is needed for OpenWrt glibc builds, otherwise there is an
undefined symbol and tcpdump and other builds are failing.

Fixes: 44f11353de04 ("libpcap: update to 1.9.1")
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
4 years agomkrasimage: fix segmentation fault
Michael T Farnworth [Sat, 22 Feb 2020 14:20:49 +0000 (14:20 +0000)]
mkrasimage: fix segmentation fault

Code was attempting to determine the size of the file
before it was actually known and allocating insufficient
memory space.  Images above a certain size caused a
segmentation fault.  Moving the calloc() ensured ensured
that large images didn't result in a buffer overflow on
memcpy().

Signed-off-by: Michael T Farnworth <michael@turf.org>
[fixed name in From to match one in SoB]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit b468353a373d181c4362ff690d7b22a08f5f6949)

4 years agorpcd: fix respawn settings
Petr Štetiar [Thu, 5 Mar 2020 08:33:52 +0000 (09:33 +0100)]
rpcd: fix respawn settings

Commit 432ec292ccc8 ("rpcd: add respawn param") has introduced infinite
restarting of the service which could be reached over network. This is
not recommended security practice as it might give potential adversary
infinite number of tries in case there might be some issue in the rpcd
or its surrounding stack.

So lets remove the currently bogus `respawn_retry` variable (it wasn't
possible to override it anyway), reverting to the previous default max.
of 5 service restarts which could be now overriden via system's UCI
settings if desired.

Cc: Jo-Philip Wich <jow@mein.io>
Cc: Florian Eckert <fe@dev.tdt.de>
Cc: Hauke Mehrtens <hauke@hauke-m.de>
Fixes: 432ec292ccc8 ("rpcd: add respawn param")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 52e6fb13692986c76fd32159fb9fc82d712a5c3f)

4 years agoreadline: needs host depend on ncurses to build
Jan Kardell [Fri, 20 Mar 2020 13:32:23 +0000 (14:32 +0100)]
readline: needs host depend on ncurses to build

We must ensure that host ncurses is build before host readline.

Signed-off-by: Jan Kardell <jan.kardell@telliq.com>
(cherry picked from commit ecef29b29463e7549779e90739e61f8729ccaf09)

4 years agotools: squashfskit4: fix build with GCC10
Robert Marko [Thu, 19 Mar 2020 11:22:07 +0000 (12:22 +0100)]
tools: squashfskit4: fix build with GCC10

In order to build squashfskit with GCC10, this backport from upstream is needed.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
[increase PKG_RELEASE]
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
(cherry picked from commit be4ed1db18e68cc57f03788b4529afbbf629411c)

4 years agosquashfskit4/Makefile: introduce PKG_RELEASE=1
Alexander Couzens [Sun, 22 Mar 2020 01:03:19 +0000 (02:03 +0100)]
squashfskit4/Makefile: introduce PKG_RELEASE=1

When adding patches, the PKG_RELEASE should be increased.

Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
(cherry picked from commit 1f4020a293476d5e34461a655cb9f6540cefeea2)

4 years agobuild: prereq: tidy gcc version checks
Kevin Darbyshire-Bryant [Tue, 24 Mar 2020 11:05:27 +0000 (11:05 +0000)]
build: prereq: tidy gcc version checks

There is a restriction in the number of parameters(10)  that may be passed to
the SetupHostCommand macro so continually adding explicit gcc'n' version
checks ends up breaking the compiler check for the later versions and
oddballs like Darwin as was done in 835d1c68a0 which added gcc10.

Drop all the explicitly specified gcc version checks.  If a suitable gcc
compiler is not found, it may be specified at the dependency checking
stage after which that version will be symlinked into the build staging
host directory.

eg. 'CC=gccfoo CXX=g++foo make prereq'

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Acked-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 1fb3c003d68d3feaf797e8b64edccc9fa622d250)

4 years agobuild: add GCC 10 version detection
Robert Marko [Wed, 18 Mar 2020 18:39:43 +0000 (19:39 +0100)]
build: add GCC 10 version detection

Lets add GCC 10 detection to the build system as distributions like Fedora 32 have started shipping with it.
Some tools like mtd-utils need work to compile under GCC10, but that will be next step.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
(cherry picked from commit 835d1c68a0f036c8b0d837a48b5a05fdfb2e8218)

4 years agoopenssl: revert EOF detection change in 1.1.1
Eneas U de Queiroz [Fri, 27 Mar 2020 02:20:08 +0000 (23:20 -0300)]
openssl: revert EOF detection change in 1.1.1

This adds patches to avoid possible application breakage caused by a
change in behavior introduced in 1.1.1e.  It affects at least nginx,
which logs error messages such as:
nginx[16652]: [crit] 16675#0: *358 SSL_read() failed (SSL: error:
4095126:SSL routines:ssl3_read_n:unexpected eof while reading) while
keepalive, client: xxxx, server: [::]:443

Openssl commits db943f4 (Detect EOF while reading in libssl), and
22623e0 (Teach more BIOs how to handle BIO_CTRL_EOF) changed the
behavior when encountering an EOF in SSL_read().  Previous behavior was
to return SSL_ERROR_SYSCALL, but errno would still be 0.  The commits
being reverted changed it to SSL_ERRO_SSL, and add an error to the
stack, which is correct.  Unfortunately this affects a number of
applications that counted on the old behavior, including nginx.

The reversion was discussed in openssl/openssl#11378, and implemented as
PR openssl/openssl#11400.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 2e8a4db9b6b942e3180afda0dc0fd8ac506527f1)

4 years agomac80211: Update to version 4.19.112
Hauke Mehrtens [Sat, 21 Mar 2020 19:24:00 +0000 (20:24 +0100)]
mac80211: Update to version 4.19.112

The removed patches are all integrated in the upstream version now.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
4 years agoprocd: turn error into debug message for missing ujail binary
Petr Štetiar [Sat, 28 Mar 2020 12:42:05 +0000 (13:42 +0100)]
procd: turn error into debug message for missing ujail binary

Since commit 557f11b3a20f ("instance: provide error feedback if ujail
binary is missing") worrying log spam of the form "unable to find
/sbin/jail ..." may be encountered.

This corresponds with the changes done in the upstream commit
bcb86554f1b4 ("instance: add 'requirejail' attribute").

Ref: https://forum.openwrt.org/t/openwrt-19-07-2-service-release/57066
Signed-off-by: Petr Štetiar <ynezz@true.cz>
4 years agoar71xx: Fix gigabit switch support for Mikrotik RB951G-2HnD
Baptiste Jonglez [Thu, 26 Mar 2020 18:03:42 +0000 (19:03 +0100)]
ar71xx: Fix gigabit switch support for Mikrotik RB951G-2HnD

Without this patch, when using rev 3 of the Atheros AR9344 SoC, the
gigabit switch (AR8327) does not work or works very erratically.

This is a re-spin of http://patchwork.ozlabs.org/patch/419857/ with a
different PLL value, according to the feedback from several users
(including myself) as shown here:

  https://openwrt.org/toh/mikrotik/rb2011uias#tracking_reported_experience_with_suggested_patch_for_the_5_gige_ports

Performance is acceptable: testing L3 forwarding without NAT yields a
performance of 370 Mbit/s (iperf3 TCP) and 41 Kpps (iperf3 UDP with 64
bytes payload). Both tests show that 100% of CPU time is spent on softirq.

A similar fix for a different device (RB2011) was added in e457d22261
("Make GBit switch work on RB2011").

Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
(cherry picked from commit 247043c968d22c193055a97a9cdf5baef4aaf96d)

4 years agoath79: add support for TP-Link TL-WA860RE v1
Adrian Schmutzler [Mon, 9 Dec 2019 14:00:55 +0000 (15:00 +0100)]
ath79: add support for TP-Link TL-WA860RE v1

This ports support for the TL-WA860RE v1 range extender from ar71xx
to ath79.

Specifications:
  Board: AP123 / AR9341 rev. 3
  Flash/RAM: 4/32 MiB
  CPU: 535 MHz
  WiFi: 2.4 GHz b/g/n
  Ethernet: 1 port (100M)
  Two external antennas

Flashing instructions:
  Upload the factory image via the vendor firmware upgrade option.

Recovery:
  Note that this device does not provide TFTP via ethernet like many
  other TP-Link devices do. You will have to open the case if you
  require recovery beyond failsafe.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Tested-by: Sebastian Knapp <sebastian4842@outlook.com>
(cherry picked from commit 385f4868bc58b04e465db2fbcfce848a75009a74)

4 years agoath79: add support for TP-Link TL-WA850RE v1
Adrian Schmutzler [Mon, 9 Dec 2019 13:51:07 +0000 (14:51 +0100)]
ath79: add support for TP-Link TL-WA850RE v1

This ports support for the TL-WA850RE v1 range extender from ar71xx
to ath79.

Specifications:
  Board: AP123 / AR9341 rev. 3
  Flash/RAM: 4/32 MiB
  CPU: 535 MHz
  WiFi: 2.4 GHz b/g/n
  Ethernet: 1 port (100M)

Flashing instructions:
Upload the factory image via the vendor firmware upgrade option.

Recovery:
Note that this device does not provide TFTP via ethernet like many
other TP-Link devices do. You will have to open the case if you
require recovery beyond failsafe.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 6eaea3a8ba6154674058396c728494aa911ed7f1)

4 years agomac80211: fix brcmfmac monitor interface crash
Rafał Miłecki [Fri, 27 Mar 2020 13:55:58 +0000 (14:55 +0100)]
mac80211: fix brcmfmac monitor interface crash

This fixes bug in brcmfmac *exposed* by ipv6/addrconf fix.

Fixes: 6e4453aecc22 ("kernel: backport out-of-memory fix for non-Ethernet devices")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 038318f766a7bd123c4fb413e9a2947445f441d4)

4 years agoar71xx: use status led for GL.iNet GL-AR750S
Jan Alexander [Tue, 24 Mar 2020 12:36:57 +0000 (13:36 +0100)]
ar71xx: use status led for GL.iNet GL-AR750S

Use power led for device status.

The status led behavior has already been fixed in af28d8a539fe
("ath79: add support for GL.iNet GL-AR750S") when porting the
device to ath79. This fixes it for ar71xx as well.

Signed-off-by: Jan Alexander <jan@nalx.net>
[minor commit title/message adjustments]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit d394c354ee0e8660f876889f6293803c581cbf85)

4 years agobrcm2708: fix build failure
David Bauer [Thu, 26 Mar 2020 00:10:02 +0000 (01:10 +0100)]
brcm2708: fix build failure

Build of the brcm2708 subtarget currently fails with the following error
message:

 arch/arm/lib/memset_rpi.S: Assembler messages:
 arch/arm/lib/memset_rpi.S:65: Error: garbage following instruction
  -- `orr DAT0,DAT0,lsl#8'
 arch/arm/lib/memset_rpi.S:67: Error: garbage following instruction
  -- `orr DAT0,DAT0,lsl#16'
 scripts/Makefile.build:427: recipe for target 'arch/arm/lib/memset_rpi.o'
 failed

Using the assembly notation from master fixes this error.

Signed-off-by: David Bauer <mail@david-bauer.net>
4 years agodnsmasq: add 'scriptarp' option
Jordan Sokolic [Thu, 19 Mar 2020 12:23:22 +0000 (14:23 +0200)]
dnsmasq: add 'scriptarp' option

Add option 'scriptarp' to uci dnsmasq config to enable --script-arp functions.
The default setting is false, meaning any scripts in `/etc/hotplug.d/neigh` intended
to be triggered by `/usr/lib/dnsmasq/dhcp-script.sh` will fail to execute.

Also enable --script-arp if has_handlers returns true.

Signed-off-by: Jordan Sokolic <oofnik@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
4 years agoopenssl: update to 1.1.1e
Eneas U de Queiroz [Thu, 19 Mar 2020 19:12:15 +0000 (16:12 -0300)]
openssl: update to 1.1.1e

This version includes bug and security fixes, including medium-severity
CVE-2019-1551, affecting RSA1024, RSA1536, DSA1024 & DH512 on x86_64.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit dcef8d6093cd54aa990a5ae0099a16e88a18dfbd)

4 years agoopenssl: add configuration example for afalg-sync
Eneas U de Queiroz [Thu, 19 Mar 2020 19:12:14 +0000 (16:12 -0300)]
openssl: add configuration example for afalg-sync

This adds commented configuration help for the alternate, afalg-sync
engine to /etc/ssl/openssl.cnf.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit d9d689589b96bd80e57e5c603d84d6ee95049800)

4 years agooxnas: yet another irqchip related patch
Daniel Golle [Sun, 22 Mar 2020 13:30:22 +0000 (13:30 +0000)]
oxnas: yet another irqchip related patch

This time DTS fix, again from Sungbo Eo <mans0n@gorani.run>
  ARM: dts: oxnas: Fix clear-mask property

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 9e5a25846f501acfd4aedccae8cef31ad8f2c456)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
4 years agooxnas: backport another fix for irqchip
Daniel Golle [Sat, 21 Mar 2020 14:25:09 +0000 (14:25 +0000)]
oxnas: backport another fix for irqchip

Sungbo Eo <mans0n@gorani.run> submitted another patch fixing an error
on reboot:
  irqchip/versatile-fpga: Apply clear-mask earlier

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 19af00850f63e0b53c081f6a57b134275fb6cafb)

4 years agoath79: add support for TP-Link WDR3500 v1
Adrian Schmutzler [Sun, 28 Jul 2019 10:20:26 +0000 (12:20 +0200)]
ath79: add support for TP-Link WDR3500 v1

Hardware:
SoC:      AR9344
CPU:      560 MHz
Flash:    8 MiB
RAM:      128 MiB
WiFi:     Atheros AR9340 2.4GHz 802.11bgn
          Atheros AR9300 5GHz 802.11an
Ethernet: AR934X built-in switch, WAN on separate physical interface
USB:      1x 2.0

Flash instruction (WebUI):
Download *-factory.bin image and upload it via the firmwary upgrade
function of the stock firmware WebUI.

Flash instruction (TFTP):
1. Set PC to fixed ip address 192.168.0.66
2. Download *-factory.bin image and rename it to
   wdr3500v1_tp_recovery.bin
3. Start a tftp server with the image file in its root directory
4. Turn off the router
5. Press and hold Reset button
6. Turn on router with the reset button pressed and wait ~15 seconds
7. Release the reset button and after a short time
the firmware should be transferred from the tftp server
8. Wait ~30 second to complete recovery.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
[removed stray newline]
Signed-off-by: David Bauer <mail@david-bauer.net>
(backported from commit fbbb4eb8b41d59b38f41fe382c6e4108a36aa909)
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agoath79: add support for TP-Link Archer C60 v3
Adrian Schmutzler [Wed, 12 Feb 2020 13:43:15 +0000 (14:43 +0100)]
ath79: add support for TP-Link Archer C60 v3

TP-Link Archer C60 v3 is a dual-band AC1350 router,
based on Qualcomm/Atheros QCA9561 + QCA9886.

It seems to be identical to the v2 revision, except that
it lacks a WPS LED and has different GPIO for amber WAN LED.

Specification:

- 775/650/258 MHz (CPU/DDR/AHB)
- 64 MB of RAM (DDR2)
- 8 MB of FLASH (SPI NOR)
- 3T3R 2.4 GHz
- 2T2R 5 GHz
- 5x 10/100 Mbps Ethernet
- 6x LED, 2x button
- UART header on PCB

Flash instruction (WebUI):
Download *-factory.bin image and upload it via the firmwary upgrade
function of the stock firmware WebUI.

Flash instruction (TFTP):
1. Set PC to fixed IP address 192.168.0.66
2. Download *-factory.bin image and rename it to tp_recovery.bin
3. Start a tftp server with the file tp_recovery.bin in its root
   directory
4. Turn off the router
5. Press and hold reset button
6. Turn on router with the reset button pressed and wait ~15 seconds
7. Release the reset button and after a short time the firmware should
   be transferred from the tftp server
8. Wait ~30 second to complete recovery

While TFTP works for OpenWrt images, my device didn't accept the
only available official firmware "Archer C60(EU)_V3.0_190115.bin".

In contrast to earlier revisions (v2), the v3 contains the (same)
MAC address twice, once in 0x1fa08 and again in 0x1fb08.
While the partition-table on the device refers to the latter, the
firmware image contains a different partition-table for that region:

name           device            firmware
factory-boot   0x00000-0x1fb00   0x00000-0x1fa00
default-mac    0x1fb00-0x1fd00   0x1fa00-0x1fc00
pin            0x1fd00-0x1fe00   0x1fc00-0x1fd00
product-info   0x1fe00-0x1ff00   0x1fd00-0x1ff00
device-id      0x1ff00-0x20000   0x1ff00-0x20000

While the MAC address is present twice, other data like the PIN isn't,
so with the partitioning from the firmware image the PIN on the device
would actually be outside of its partition.
Consequently, the patch uses the MAC location from the device (which
is the same as for the v2).

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 646d95c374072598fab9e949ef4425177c5c7960)

4 years agooxnas: backport patch fixing hang after reboot
Daniel Golle [Thu, 19 Mar 2020 22:37:17 +0000 (22:37 +0000)]
oxnas: backport patch fixing hang after reboot

Sungbo Eo <mans0n@gorani.run> posted a patch fixing the long-standing
reboot problem on the OXNAS OX820 platform:
  irqchip/versatile-fpga: Handle chained IRQs properly

It got queued for 5.7. Import it to oxnas target patches for now.

Fixes: b4917fa907 ("oxnas: fix oxnas-rps-timer dt-match")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 67b04e767a0dcd01d39fe71eed9bdff7d5be72f0)

4 years agolayerscape: add kmod-i2c-mux to DEVICE_PACKAGES for traverse-ls1043
Sungbo Eo [Wed, 11 Mar 2020 02:27:59 +0000 (11:27 +0900)]
layerscape: add kmod-i2c-mux to DEVICE_PACKAGES for traverse-ls1043

kmod-i2c-mux-pca954x will not get into images unless kmod-i2c-mux is added to
DEVICE_PACKAGES as well.

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit dffbe668ab321c76c041aa15ca8b753deab2c4c5)

4 years agoath79: add support for TP-Link TL-WR740N v5
Jun Su [Tue, 3 Mar 2020 09:33:40 +0000 (17:33 +0800)]
ath79: add support for TP-Link TL-WR740N v5

This adds support for the TP-Link TL-WR740N v5, a clone of the
v4 only with a different TPLINK_HWID. It was already supported
in ar71xx as well.

Specifications:

SOC: Atheros AR9331
CPU: 400MHz
Flash: 4 MiB
RAM: 32 MiB
WLAN: Atheros AR9330 bgn
Ethernet: 5 ports (100M)

Flashing instructions:

- Flash factory image from OEM WebUI:
  openwrt-ath79-tiny-tplink_tl-wr740n-v5-squashfs-factory.bin
- Sysupgrade from ar71xx image:
  openwrt-ath79-tiny-tplink_tl-wr740n-v5-squashfs-sysupgrade.bin

Signed-off-by: Jun Su <howard0su@gmail.com>
[commit title/message facelift, backport for 19.07]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit b9f4f1f97aeeec65a872c4c5b1a0528a69d16d7b)

4 years agoar71xx: fix port order on TP-Link Archer C60 v1/v2
Adrian Schmutzler [Wed, 11 Mar 2020 15:05:40 +0000 (16:05 +0100)]
ar71xx: fix port order on TP-Link Archer C60 v1/v2

The labels on the LAN ports of the TP-Link Archer C60 v1/v2 are
actually inverted compared to the ports of the internal switch.

Add this information to 02_network.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 14a07fa1f000f962d55bf53cfe9b128448b1f11f)

4 years agoath79: fix port order on TP-Link Archer C60 v1/v2
Adrian Schmutzler [Wed, 11 Mar 2020 15:00:56 +0000 (16:00 +0100)]
ath79: fix port order on TP-Link Archer C60 v1/v2

The labels on the LAN ports of the TP-Link Archer C60 v1/v2 are
actually inverted compared to the ports of the internal switch.

Add this information to 02_network.

This is the same for to-be-supported v3 of this device.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit b054729899560aa9faea594dd7df573883f0cf3f)

4 years agoar71xx: remove wrong MAC address adjustment for Archer C60 v2
Adrian Schmutzler [Wed, 11 Mar 2020 14:52:41 +0000 (15:52 +0100)]
ar71xx: remove wrong MAC address adjustment for Archer C60 v2

The adjustment of the MAC address for Archer C60 v2 in 10_fix_wifi_mac
is broken since a "mac" partition is not set up for this device on
ar71xx. Instead, the MAC address is already patched correctly in
11-ath10k-caldata.

Remove the useless adjustment.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit cbdc91902466dd113b9680566abb2eb2f8022dd4)

4 years agoar71xx: fix swapped LAN/WAN MAC address for Archer C60 v1/v2
Adrian Schmutzler [Wed, 11 Mar 2020 14:46:00 +0000 (15:46 +0100)]
ar71xx: fix swapped LAN/WAN MAC address for Archer C60 v1/v2

The MAC addresses for lan/wan are swapped compared to the vendor
firmware. This adjusts to vendor configuration, which is:

lan   *:7b   label
wan   *:7c   label+1
2.4g  *:7b   label
5g    *:7a   label-1

Only one address is stored in <&mac 0x8>, corresponding to the label.

This has been checked on revisions v1, v2 and v3.

Since ar71xx calculates the ath10k MAC address based on the ethernet
addresses, the number there is adjusted, too.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 14eb54938b525d4c2d2847a6fad7670ed944650c)

4 years agoath79: fix swapped LAN/WAN MAC address for Archer C60 v1/v2
Adrian Schmutzler [Wed, 11 Mar 2020 14:37:34 +0000 (15:37 +0100)]
ath79: fix swapped LAN/WAN MAC address for Archer C60 v1/v2

The MAC addresses for lan/wan are swapped compared to the vendor
firmware. This adjusts to vendor configuration, which is:

lan   *:7b   label
wan   *:7c   label+1
2.4g  *:7b   label
5g    *:7a   label-1

Only one address is stored in <&mac 0x8>, corresponding to the label.

This has been checked on revisions v1, v2 and v3.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 88aead0a665dd349af4fb8afcfe1a16cf90515ae)

4 years agorssileds: add dependencies based on LDFLAGS
Adrian Schmutzler [Thu, 20 Feb 2020 17:38:04 +0000 (18:38 +0100)]
rssileds: add dependencies based on LDFLAGS

This adds the direct dependencies introduced by TARGET_LDFLAGS
to the package's DEPENDS variable.

This was found by accidentally building rssileds on octeon, which
resulted in:

"Package rssileds is missing dependencies for the following libraries:
libnl-tiny.so"

Though the dependencies are provided when building for the
relevant targets ar71xx, ath79 and ramips, it seems more tidy to
specify them explicitly.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit a5b2c6f5edef1958d8789ff9bd89b408893b4358)

4 years agomt76: update to the latest version
Felix Fietkau [Thu, 20 Feb 2020 14:54:57 +0000 (15:54 +0100)]
mt76: update to the latest version

8682e0d0b49c mt76: speed up usb bulk copy
884c25e7caca mt76: usb: use max packet length for m76u_copy
1ad98b95cf4a mt76: mt76u: rely only on data buffer for usb control messagges
3d491603caff mt76: fix array overflow on receiving too many fragments for a packet
9792a62e7f30 mt76: set dma-done flag for flushed descriptors
53233cdf9486 mt76: fix handling full tx queues in mt76_dma_tx_queue_skb_raw
a4ae9219e6c7 mt76: dma: do not write cpu_idx on rx queue reset until after refill
1198fa57d185 mt76: mt7603: increase dma mcu rx ring size
91cd5be6ee37 mt76: avoid extra RCU synchronization on station removal
7d7fb26bb78a mt76: mt76x2: avoid starting the MAC too early
aac609809de1 mt76: fix LED link time failure
18627db2e633 mt76: mt76x0u: add support to TP-Link T2UHP
5ecfdb1a6e0a mt76: mt76x02: fix handling MCU timeouts during hw restart
f7e9be89db59 mt76: mt7603: add upper limit for dynamic sensitivity minimum receive power
23b834485070 mt76: mt7603: enable dynamic sensitivity adjustment by default
08054d5ab135 mt76: mt76x02: reset MCU timeout counter earlier in watchdog reset

Signed-off-by: Felix Fietkau <nbd@nbd.name>
4 years agoar71xx/ath79: ew-dorin, fix the trigger level for WPS button
Catrinel Catrinescu [Wed, 11 Mar 2020 09:10:00 +0000 (10:10 +0100)]
ar71xx/ath79: ew-dorin, fix the trigger level for WPS button

Because the WPS button had the wrong trigger level,
the failsafe mode was triggered quite often,
after this commit:
https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=27f3f493de

Signed-off-by: Catrinel Catrinescu <cc@80211.de>
(cherry picked from commit 3e03b7ac4ada4966d058871d0a1f67f1f0f408d4)

4 years agokernel: backport out-of-memory fix for non-Ethernet devices
Rafał Miłecki [Wed, 11 Mar 2020 07:39:29 +0000 (08:39 +0100)]
kernel: backport out-of-memory fix for non-Ethernet devices

Doing up & down on non-Ethernet devices (e.g. monitor mode interface)
was consuming memory.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit ec8e8e2ef0826d82b4dfbd567a073b31dc27b764)

4 years agokernel: bump 4.14 to 4.14.172
Koen Vandeputte [Mon, 9 Mar 2020 10:49:17 +0000 (11:49 +0100)]
kernel: bump 4.14 to 4.14.172

Refreshed all patches.

Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
4 years agorpcd: add respawn param
Florian Eckert [Thu, 7 Nov 2019 13:31:29 +0000 (14:31 +0100)]
rpcd: add respawn param

The rpcd service is an important service, but if the service stops
working for any reason, no one will ever respawn that service. With this
commit, the procd service will monitor if the rpcd service
is running. If the rpcd service has crashed, then
procd respawns the rpcd service.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit 432ec292ccc8b634facacbd018d08947d204225a)

4 years agorpcd: update to latest Git HEAD
Jo-Philipp Wich [Tue, 17 Dec 2019 07:33:33 +0000 (08:33 +0100)]
rpcd: update to latest Git HEAD

aaa0836 file: extend exec acl checks to commands with arguments

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 762aac50c09cca494bbc8cfbe8aff967f39ce8cd)

4 years agoar71xx: add missing LED migration for Archer C7
David Bauer [Sun, 1 Mar 2020 20:31:29 +0000 (21:31 +0100)]
ar71xx: add missing LED migration for Archer C7

When changing the LED names for the Archer C7 to represent the correct
color, a migration for existing UCI entries was not created.

Add a migration to keep existing LED configurations working.

Fixes commit c79c001b593b ("ar71xx: Archer C7 v1 LED names and RFKILL
fixes")

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 4349d4c6823bfe09caabbdd3c9a65198addc76d6)

4 years agoar71xx: correct AVM FRITZ Repeater 450E WPS button flag
David Bauer [Sun, 1 Mar 2020 17:36:17 +0000 (18:36 +0100)]
ar71xx: correct AVM FRITZ Repeater 450E WPS button flag

The AVM FRITZ!WLAN Repeater 450E's WPS button is not active low.

Correct the active low flag to avoid unintenional activation of
failsafe mode on boot.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 1d4f2ca6105698fde3b997c32e7e41f080c79a15)

4 years agoOpenWrt v19.07.2: revert to branch defaults
Jo-Philipp Wich [Thu, 27 Feb 2020 21:34:09 +0000 (22:34 +0100)]
OpenWrt v19.07.2: revert to branch defaults

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
4 years agoOpenWrt v19.07.2: adjust config defaults v19.07.2
Jo-Philipp Wich [Thu, 27 Feb 2020 21:34:09 +0000 (22:34 +0100)]
OpenWrt v19.07.2: adjust config defaults

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
4 years agolibubox: update to latest Git HEAD
Jo-Philipp Wich [Thu, 27 Feb 2020 21:03:18 +0000 (22:03 +0100)]
libubox: update to latest Git HEAD

7da6643 tests: blobmsg: add test case
75e300a blobmsg: fix wrong payload len passed from blobmsg_check_array

Fixes: FS#2833
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 955634b473284847e3c8281a6ac85655329d8b06)

4 years agoath79: add missing reset-gpios for NanoStation Loco M (XW)
Roger Pueyo Centelles [Mon, 24 Feb 2020 17:21:49 +0000 (18:21 +0100)]
ath79: add missing reset-gpios for NanoStation Loco M (XW)

When porting support from ar71xx to ath79, the reset-gpios option was
missed. Due to a hardware bug, this would eventually leave the devices
with RX-deaf Ethernet PHY.

Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
(cherry picked from commit 6613a7f5cc8e1527671128d9479b3de78f7b4cdd)

4 years agoath79: add support for Ubiquiti NanoStation Loco M (XW)
Roger Pueyo Centelles [Wed, 18 Sep 2019 13:17:56 +0000 (15:17 +0200)]
ath79: add support for Ubiquiti NanoStation Loco M (XW)

This commit adds support for the NanoStation Loco M2/M5 XW devices
on the ath79 target (support was long ago available on ar71xx).

Specifications:

 - AR9342 SoC @ 535 MHz
 - 64 MB RAM
 - 8 MB SPI flash
 - 1x 10/100 Mbps Ethernet, 24 Vdc PoE-in
 - AR8032 switch
 - 2T2R 5 GHz radio, 22 dBm
 - 13 dBi built-in antenna
 - POWER/LAN green LEDs
 - 4x RSSI LEDs (red, orange, green, green)
 - UART (115200 8N1) on PCB

Flashing via TFTP:

 - Use a pointy tool (e.g., pen cap, paper clip) and keep the reset
   button on the device or on the PoE supply pressed
 - Power on the device via PoE (keep reset button pressed)
 - Keep pressing until LEDs flash alternatively LED1+LED3 =>
   LED2+LED4 => LED1+LED3, etc.
 - Release reset button
 - The device starts a TFTP server at 192.168.1.20
 - Set a static IP on the computer (e.g., 192.168.1.21/24)
 - Upload via tftp the factory image:
   $ tftp 192.168.1.20
   tftp> bin
   tftp> trace
   tftp> put openwrt-ath79-generic-xxxxx-ubnt_nanostation-loco-m-xw-squashfs-factory.bin

Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
(backported from commit 633c4304ad42d18d180ba65a264ba668de445d91)
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agoppp: backport security fixes
Petr Štetiar [Thu, 20 Feb 2020 08:03:54 +0000 (09:03 +0100)]
ppp: backport security fixes

8d45443bb5c9 pppd: Ignore received EAP messages when not doing EAP
8d7970b8f3db pppd: Fix bounds check in EAP code
858976b1fc31 radius: Prevent buffer overflow in rc_mksid()

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 215598fd03899c19a9cd26266221269dd5ec8cee)
Fixes: CVE-2020-8597
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
4 years agoRevert "ppp: backport security fixes"
Jo-Philipp Wich [Wed, 26 Feb 2020 15:40:21 +0000 (16:40 +0100)]
Revert "ppp: backport security fixes"

This reverts commit 6b7eeb74dbf8b491b6426820bfa230fca60047dc since it
didn't contain a reference to the CVE it addresses. The next commit
will re-add the commit including a CVE reference in its commit message.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
4 years agouhttpd: update to latest Git HEAD
Jo-Philipp Wich [Wed, 12 Feb 2020 17:00:42 +0000 (18:00 +0100)]
uhttpd: update to latest Git HEAD

2ee323c file: poke ustream after starting deferred program

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 04069fde19e86af7728111814afadf780bf08018)

4 years agokernel: bump 4.14 to 4.14.171
Koen Vandeputte [Fri, 21 Feb 2020 14:05:48 +0000 (15:05 +0100)]
kernel: bump 4.14 to 4.14.171

Refreshed all patches.

Fixes:
- CVE-2013-1798

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
4 years agoipq806x: fix bug in L2 cache scaling
Ansuel Smith [Sun, 15 Dec 2019 01:25:04 +0000 (02:25 +0100)]
ipq806x: fix bug in L2 cache scaling

It has been notice a buf in L2 cache scaling where the scaling is not
done proprely if the frequency is set to the initial state before
the new frequency.

From: https://patchwork.kernel.org/patch/10565443/

* The clocks are set to aux clock rate first to make sure the
* secondary mux is not sourcing off of QSB. The rate is then set to
* two different rates to force a HFPLL reinit under all
* circumstances.

In the initial stage of boot to force a new frequency to apply, is
needed to first set the frequency back to the lowest one (aux_rate)
and then to the target one. This force and make sure the controller
actually switch the frequency to the right one. Apply the same
mechanism to L2 frequency scaling. Before scaling to the target
frequency, first set the frequency to the aux_rate to force the
transition, then scale it to the target frequency. Doing the wrong way
can produce unexpected results and could lock the scaling mechanism
until a full reboot is done (Causing a full reset by the krait-cc driver)

From: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=77612720a2362230af726baa4149c40ec7a7fb05

When the Hfplls are reprogrammed during the rate change,
the primary muxes which are sourced from the same hfpll
for higher frequencies, needs to be switched to the 'safe
secondary mux' as the parent for that small window. This
is done by registering a clk notifier for the muxes and
switching to the safe parent in the PRE_RATE_CHANGE notifier
and back to the original parent in the POST_RATE_CHANGE notifier.

This should apply also to L2 scaling... as we can't relly use
the notifier, we manually do this on L2 scaling.

Tested-By: Marc Benoit <marcb62185@gmail.com> [19.07: R7800]
Tested-by: Stefan Lippers-Hollmann <s.l-h@gmx.de> [nbg6817/ipq8065]
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
(cherry picked from commit 5ab9c0b388e9cf2537ef23d6e9baaf5730a14a1c)

4 years agoipq806x: add missing core1 voltage tolerance
Pavel Kubelun [Mon, 2 Dec 2019 23:45:47 +0000 (00:45 +0100)]
ipq806x: add missing core1 voltage tolerance

Voltage tolerance is accounted per core, not per cpu, so add
missing DT entry.

Tested-By: Marc Benoit <marcb62185@gmail.com> [19.07: R7800]
Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
(cherry picked from commit 77e7d6c20dc6d5e50600fb4d013f4b71341e4168)

4 years agoath79: ar934x: use reset for usb-phy-analog
Johann Neuhauser [Thu, 19 Dec 2019 12:11:26 +0000 (13:11 +0100)]
ath79: ar934x: use reset for usb-phy-analog

This was already available on ar71xx, but is missing on ath79.
This solves the slow usb speed on TP-Link WDR3600/WDR4300 and similar,
as reported in Flyspray [0], OpenWRT Forum [1] and GitHub PR [2].

[0] https://bugs.openwrt.org/index.php?do=details&task_id=2567
[1] https://forum.openwrt.org/t/usb-wdr4300-low-speed-on-external-storage/46794
[2] https://github.com/openwrt/openwrt/pull/964

Tested-By: Lech Perczak <lech.perczak@gmail.com> [TL-WDR4300]
Signed-off-by: Johann Neuhauser <johann@it-neuhauser.de>
(cherry picked from commit bda6b6144dbe3e12d128b500821799ef472de4cb)

4 years agoath79: phy-ar7200-usb: adapt old behavior of arch/mips/ath79/dev-usb.c
Johann Neuhauser [Thu, 19 Dec 2019 12:07:17 +0000 (13:07 +0100)]
ath79: phy-ar7200-usb: adapt old behavior of arch/mips/ath79/dev-usb.c

[ Upstream commit 6cca6fffa06b1996f9bcc280f766e8ba4fa97d45 ]

Do not put usb-phy into reset if clearing the usb-phy reset or
setting the suspend_override has failed.

Reorder (de)asserts like in arch/mips/ath79/dev-usb.c.

Add an optional reset_control "usb-phy-analog", which is needed for
ar934x SoCs like in the old mach-driver arch/mips/ath79/dev-usb.c.

Tested-By: Lech Perczak <lech.perczak@gmail.com> [TL-WDR4300]
Signed-off-by: Johann Neuhauser <johann@it-neuhauser.de>
[added reference to upstream commit, Tested-by]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
4 years agoRevert "ath79: add support for Ubiquiti NanoStation Loco M (XW)"
Adrian Schmutzler [Sat, 22 Feb 2020 20:25:07 +0000 (21:25 +0100)]
Revert "ath79: add support for Ubiquiti NanoStation Loco M (XW)"

This reverts commit 21bf718b8c3b0fe1f13807aa5db16a2fb4f48120.

Until the mdio-reset is solved, this is not ready for stable release.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agoath79: add support for Ubiquiti NanoStation Loco M (XW)
Roger Pueyo Centelles [Wed, 18 Sep 2019 13:17:56 +0000 (15:17 +0200)]
ath79: add support for Ubiquiti NanoStation Loco M (XW)

This commit adds support for the NanoStation Loco M2/M5 XW devices
on the ath79 target (support was long ago available on ar71xx).

Specifications:

 - AR9342 SoC @ 535 MHz
 - 64 MB RAM
 - 8 MB SPI flash
 - 1x 10/100 Mbps Ethernet, 24 Vdc PoE-in
 - AR8032 switch
 - 2T2R 5 GHz radio, 22 dBm
 - 13 dBi built-in antenna
 - POWER/LAN green LEDs
 - 4x RSSI LEDs (red, orange, green, green)
 - UART (115200 8N1) on PCB

Flashing via TFTP:

 - Use a pointy tool (e.g., pen cap, paper clip) and keep the reset
   button on the device or on the PoE supply pressed
 - Power on the device via PoE (keep reset button pressed)
 - Keep pressing until LEDs flash alternatively LED1+LED3 =>
   LED2+LED4 => LED1+LED3, etc.
 - Release reset button
 - The device starts a TFTP server at 192.168.1.20
 - Set a static IP on the computer (e.g., 192.168.1.21/24)
 - Upload via tftp the factory image:
   $ tftp 192.168.1.20
   tftp> bin
   tftp> trace
   tftp> put openwrt-ath79-generic-xxxxx-ubnt_nanostation-loco-m-xw-squashfs-factory.bin

Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
(backported from commit 633c4304ad42d18d180ba65a264ba668de445d91)
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agoramips: append tail to WF2881 initramfs image
Sungbo Eo [Fri, 7 Feb 2020 11:26:05 +0000 (20:26 +0900)]
ramips: append tail to WF2881 initramfs image

Stock firmware has a vendor-defined tail at the end of uImage for image
validation. This patch enables OpenWrt installation from stock firmware
without having to access the UART console.

Installation via web interface:
1.  Flash **initramfs** image through the stock web interface.
2.  Boot into OpenWrt and perform sysupgrade with sysupgrade image.

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit be3e98ce26da5e737744427e1d59dd1c0508edef)

4 years agoath79: add support for Ubiquiti Picostation M (XM)
Adrian Schmutzler [Mon, 17 Feb 2020 23:08:18 +0000 (00:08 +0100)]
ath79: add support for Ubiquiti Picostation M (XM)

This adds support for the Ubiquiti Picostation M (XM), which has the
same board/LEDs as the Bullet M XM, but different case and antennas.

Specifications:
- AR7241 SoC @ 400 MHz
- 32 MB RAM
- 8 MB SPI flash
- 1x 10/100 Mbps Ethernet, 24 Vdc PoE-in
- External antenna: 5 dBi (USA), 2 dBi (EU)
- POWER/LAN green LEDs
- 4x RSSI LEDs (red, orange, green, green)
- UART (115200 8N1) on PCB

Flashing via WebUI:
  Upload the factory image via the stock firmware web UI.

  Attention: airOS firmware versions >= 5.6 have a new bootloader with
  an incompatible partition table!

  Please downgrade to <= 5.5 _before_ flashing OpenWrt!
  Refer to the device's Wiki page for further information.

Flashing via TFTP:
  Same procedure as other NanoStation M boards.

- Use a pointy tool (e.g., pen cap, paper clip) and keep the reset
  button on the device or on the PoE supply pressed
- Power on the device via PoE (keep reset button pressed)
- Keep pressing until LEDs flash alternatively LED1+LED3 =>
  LED2+LED4 => LED1+LED3, etc.
- Release reset button
- The device starts a TFTP server at 192.168.1.20
- Set a static IP on the computer (e.g., 192.168.1.21/24)
- Upload via tftp the factory image:
  $ tftp 192.168.1.20
  tftp> bin
  tftp> trace
  tftp> put openwrt-ath79-generic-xxxxx-ubnt_picostation-m-squashfs-factory.bin

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 6fdaf16dd0623db1a324d33fdf0bc1654365ee62)

4 years agoath79: add support for Ubiquiti Nanostation Loco M (XM)
Sven Roederer [Mon, 17 Feb 2020 11:22:53 +0000 (12:22 +0100)]
ath79: add support for Ubiquiti Nanostation Loco M (XM)

This adds support for the Ubiquiti Nanostation Loco M (XM), which
has the same board/LEDs as the Bullet M XM, but different case and
antennas.

Specifications:
- AR7241 SoC @ 400 MHz
- 32 MB RAM
- 8 MB SPI flash
- 1x 10/100 Mbps Ethernet, 24 Vdc PoE-in
- NS Loco M2: built-in antenna: 8 dBi; AR9287
- NS Loco M5: built-in antenna: 13 dBi; 2T2R 5 GHz radio
- POWER/LAN green LEDs
- 4x RSSI LEDs (red, orange, green, green)
- UART (115200 8N1) on PCB

Flashing via WebUI:
  Upload the factory image via the stock firmware web UI.
  Note that only certain firmware versions accept unsigned
  images. Refer to the device's Wiki page for further information.

Flashing via TFTP:
  Same procedure as other NanoStation M boards.

- Use a pointy tool (e.g., pen cap, paper clip) and keep the reset
  button on the device or on the PoE supply pressed
- Power on the device via PoE (keep reset button pressed)
- Keep pressing until LEDs flash alternatively LED1+LED3 =>
  LED2+LED4 => LED1+LED3, etc.
- Release reset button
- The device starts a TFTP server at 192.168.1.20
- Set a static IP on the computer (e.g., 192.168.1.21/24)
- Upload via tftp the factory image:
  $ tftp 192.168.1.20
  tftp> bin
  tftp> trace
  tftp> put openwrt-ath79-generic-xxxxx-ubnt_nanostation-loco-m-squashfs-factory.bin

Tested on NanoStation Loco M2.

Signed-off-by: Sven Roederer <freifunk@it-solutions.geroedel.de>
Co-developed-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit b56bcfe3be40493daecf13a4080920de2994ff54)

4 years agoath79: add gpio4 pinmux on TL-WR841N/ND v8, WR842N v2, MR3420 v2
Adrian Schmutzler [Thu, 30 Jan 2020 13:59:25 +0000 (14:59 +0100)]
ath79: add gpio4 pinmux on TL-WR841N/ND v8, WR842N v2, MR3420 v2

This adds a pinmux to the shared DTSI for TP-Link TL-WR841N/ND v8,
TL-WR842N v2 and TL-MR3420 v2. It is supposed to be the equivalent
of:

/* config gpio4 as normal gpio function */
ath79_gpio_output_select(TL_MR3420V2_GPIO_USB_POWER,AR934X_GPIO_OUT_GPIO);

This allows to enable USB power on these devices.

While at it, move the jtag_disable_pins to &gpio node and remove the
redundant status=okay there.

Tested on TP-Link TL-WR842N v2.

Fixes: FS#2753

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Tested-by: Armin Fuerst <armin@fuerst.priv.at>
[backport: change individual DTS files, no mr3420-v2 present]
(backported from commit 18c95c9d6ebea5cef1254ee917bff8aba993666d)

4 years agoath79: enable forceless sysupgrade from ar71xx on fritz300e
Adrian Schmutzler [Thu, 13 Feb 2020 13:46:52 +0000 (14:46 +0100)]
ath79: enable forceless sysupgrade from ar71xx on fritz300e

This adds the ar71xx board name to the SUPPORTED_DEVICES on ath79,
so forceless sysupgrade on this device becomes possible.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 49ff00db340ea017c266ba37546c71209cfe3e26)

4 years agoppp: backport security fixes
Petr Štetiar [Thu, 20 Feb 2020 08:03:54 +0000 (09:03 +0100)]
ppp: backport security fixes

8d45443bb5c9 pppd: Ignore received EAP messages when not doing EAP
8d7970b8f3db pppd: Fix bounds check in EAP code
858976b1fc31 radius: Prevent buffer overflow in rc_mksid()

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 215598fd03899c19a9cd26266221269dd5ec8cee)

4 years agoath79: add wmac migration for all ar93xx/qca95xx SoCs
Chuanhong Guo [Fri, 21 Jun 2019 10:33:53 +0000 (18:33 +0800)]
ath79: add wmac migration for all ar93xx/qca95xx SoCs

Add migration for all ar71xx device path as well as previously
incorrect ath79 path.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
(cherry picked from commit d08b5bb344792bb82ccbcf3a0a8d25c79e72f4fe)
Tested-by: Lech Perczak <lech.perczak@gmail.com> [TP-Link TL-WDR4300 v1]
4 years agoath79: ar93xx/qca95xx: move gmac/wmac/pcie node out of apb bus
Chuanhong Guo [Fri, 21 Jun 2019 10:25:12 +0000 (18:25 +0800)]
ath79: ar93xx/qca95xx: move gmac/wmac/pcie node out of apb bus

according to functional block diagram in datasheet, these devices
don't belong to apb bus.
Move these nodes out to match datasheet description.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
(cherry picked from commit f65501e1c2fee17d61f047cee404ddf5f0caf31a)
Tested-by: Lech Perczak <lech.perczak@gmail.com> [TP-Link TL-WDR4300 v1]