openwrt/staging/nbd.git
6 years agoar71xx: make loader-okli build step more generic
Matthias Schiffer [Tue, 5 Jun 2018 22:34:25 +0000 (00:34 +0200)]
ar71xx: make loader-okli build step more generic

Add support for different loader types.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
6 years agoar71xx: lzma-loader: constify kernel argv array
Matthias Schiffer [Tue, 5 Jun 2018 22:30:57 +0000 (00:30 +0200)]
ar71xx: lzma-loader: constify kernel argv array

By making the kernel argv array const, the .data section can always be
omitted from the laoder binary.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
6 years agoar71xx: lzma-loader: set page size to 4KB
Matthias Schiffer [Tue, 5 Jun 2018 22:27:42 +0000 (00:27 +0200)]
ar71xx: lzma-loader: set page size to 4KB

The text section in the ELF loader is aligned to the maximum page size,
which defaults to 64KB. Reduce it to the actual page size to avoid wasting
flash space for this alignment.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
6 years agoar71xx: lzma-loader: move padding workaround to gzip step
Matthias Schiffer [Wed, 6 Jun 2018 18:51:05 +0000 (20:51 +0200)]
ar71xx: lzma-loader: move padding workaround to gzip step

Some devices (TP-Link TL-WR1043ND v1) don't boot reliably when the
uncompressed loader is too small. This was workarounded in the loader by
adding 512KB of padding to the .data section of the loader binary.

This approach had two issues:

- The padding was only working when .data was non-empty (otherwise the
  section would become NOBITS, omitting it in the binary). .data was only
  empty when no CMDLINE was set, leading to further workarounds like
  fe594bf90d09 ("ath79: fix loader-okli, lzma-loader"), and this
  workaround was only effective because a missing "const" led to the kernel
  argv being stored in .data instead of .rodata
- The padding was not only added to the compressed .gz loader, but also
  uncompressed .bin and .elf loaders. The prevented embedding the kernel
  cmdline in the loader for non-gz loader types.

To fix both issues, move the creation of the padding from the linker script
to the gzip step.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
6 years agobase-files: fix UCI config parsing and callback handling
Tony Ambardar [Thu, 8 Mar 2018 05:00:45 +0000 (21:00 -0800)]
base-files: fix UCI config parsing and callback handling

There are several long-standing issues present in the UCI shell API as
documented in https://wiki.openwrt.org/doc/devel/config-scripting. They
relate both to high-level, user-defined callback functions used to
process UCI config files, and also to low-level functions used within
scripts generally.

The related problems have been encountered now and in the past, e.g.
https://forum.openwrt.org/viewtopic.php?id=54295, and include:

a) UCI parsing option() function and user-defined option_cb() callbacks
being erroneously called during processing of "list" config file entries;

b) normal usage of the low-level config_set() unexpectedy calling any
defined option_cb() if present; and

c) handling of the list_cb() not respecting the NO_CALLBACK variable.

Root causes include a function stack "inversion", where the low-level
config_set() function incorrectly calls the high-level option() function,
intended only for processing the "option" keyword of UCI config files.

This change addresses the inversion and other issues, making the option
handling code more consistent and smaller, and simplifying developers'
usage of UCI callbacks.

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
6 years agokernel: bump 4.14 to 4.14.48
Stijn Tintel [Mon, 4 Jun 2018 17:06:00 +0000 (20:06 +0300)]
kernel: bump 4.14 to 4.14.48

Remove upstreamed patches:
generic/pending/101-clocksource-mips-gic-timer-fix-clocksource-counter-w.patch
generic/pending/103-MIPS-c-r4k-fix-data-corruption-related-to-cache-coherence.patch
generic/pending/182-net-qmi_wwan-add-BroadMobi-BM806U-2020-2033.patch
lantiq/0025-MIPS-lantiq-gphy-Remove-reboot-remove-reset-asserts.patch
Update patches that no longer apply:
generic/pending/811-pci_disable_usb_common_quirks.patch
ath79/0009-MIPS-ath79-add-lots-of-missing-registers.patch

Fixes CVE-2018-6412.

Compile-tested: octeon, x86/64.
Runtime-tested: octeon, x86/64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
6 years agoscripts: Replace obsolete POSIX tmpnam in slugimage.pl with File::Temp function
Ted Hess [Tue, 5 Jun 2018 14:05:35 +0000 (10:05 -0400)]
scripts: Replace obsolete POSIX tmpnam in slugimage.pl with File::Temp function

Signed-off-by: Ted Hess <thess@kitschensync.net>
6 years agohostapd: properly build hostapd-only SSL variants
Daniel Golle [Thu, 31 May 2018 13:18:12 +0000 (15:18 +0200)]
hostapd: properly build hostapd-only SSL variants

Make sure hostapd-openssl is actually build against OpenSSL, same
for wolfSSL.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
6 years agokernel: modules: package module for Exar 8250 UARTs
Daniel Golle [Tue, 5 Jun 2018 03:35:47 +0000 (05:35 +0200)]
kernel: modules: package module for Exar 8250 UARTs

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
6 years agokernel: backport patch to fix dst handling for offloaded connections
Felix Fietkau [Tue, 5 Jun 2018 08:16:49 +0000 (10:16 +0200)]
kernel: backport patch to fix dst handling for offloaded connections

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agohostapd: expose device taxonomy signature via ubus
Felix Fietkau [Mon, 30 Apr 2018 11:48:54 +0000 (13:48 +0200)]
hostapd: expose device taxonomy signature via ubus

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agohostapd: add support for client taxonomy in the full config
Felix Fietkau [Mon, 30 Apr 2018 11:40:42 +0000 (13:40 +0200)]
hostapd: add support for client taxonomy in the full config

This can be used to fingerprint clients to try to identify the exact
model

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agogcc: remove support for version 6.3.0
Felix Fietkau [Sat, 12 May 2018 12:56:36 +0000 (14:56 +0200)]
gcc: remove support for version 6.3.0

It is obsoleted by gcc 7

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agomt76: update to the latest version
Felix Fietkau [Sat, 19 May 2018 12:45:54 +0000 (14:45 +0200)]
mt76: update to the latest version

20c0766 mt7603: adjust rx hang watchdog for MT7628
664e321 mt7603: add extra PSE hang check signature for MT7628
f24b56f update MT7628 firmware to the latest version
d87e4b0 mt7603: clear PSE reset bit if PSE reset fails
0ef26ef mt76: only stop tx queues on offchannel, not during the entire scan
f399da3 mt76: prevent tx scheduling during channel change
21c1e1e mt76: move ieee80211_hw allocation to common core
730c292 mt76: wait for pending tx to complete before switching channel
fcbb49e mt76x2: use udelay instead of usleep_range in mt76x2_mac_stop
792dbe0 mt7603: do not hold dev->mutex while flushing dev->mac_work

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agomap: make tunnel encapsulation limit support configurable (FS#1501)
Hans Dedecker [Mon, 4 Jun 2018 15:00:32 +0000 (17:00 +0200)]
map: make tunnel encapsulation limit support configurable (FS#1501)

Be compatible with ISPs which don't support the destination option header containing
the tunnel encapsulation limit as reported in FS#1501.
Setting the uci parameter encaplimit to ignore; allows to disable the insertion
of the destination option header in the map-e packets.
Otherwise the tunnel encapsulation limit value can be set to a value from 0 till 255
by setting the encaplimit uci parameter accordingly.
If no encaplimit value is specified the default value is 4 as before.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agonetifd: update to latest git HEAD (FS#1501)
Hans Dedecker [Wed, 30 May 2018 20:15:48 +0000 (22:15 +0200)]
netifd: update to latest git HEAD (FS#1501)

a580028 system-linux: make encaplimit configurable for ip6 tunnels (FS#1501)

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agoodhcp6c: make ds-lite/map tunnel encapsulation limit support configurable (FS#1501)
Hans Dedecker [Tue, 29 May 2018 13:31:21 +0000 (15:31 +0200)]
odhcp6c: make ds-lite/map tunnel encapsulation limit support configurable (FS#1501)

Be compatible with ISPs which don't support the destination option header containing
the tunnel encapsulation limit as reported in FS#1501 for dynamic created ds-lite/map
interfaces.
Setting the uci parameter encaplimit_dslite/map to ignore; allows to disable the insertion
of the destination option header for the dynamic created ds-lite/map interface.
Otherwise the tunnel encapsulation limit value can be set to a value from 0 till 255
by setting the encaplimit_dslite/map uci parameter accordingly.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agods-lite: make tunnel encapsulation limit support configurable (FS#1501)
Hans Dedecker [Tue, 29 May 2018 13:18:16 +0000 (15:18 +0200)]
ds-lite: make tunnel encapsulation limit support configurable (FS#1501)

Be compatible with ISPs which don't support the destination option header containing
the tunnel encapsulation limit as reported in FS#1501.
Setting the uci parameter encaplimit to ignore; allows to disable the insertion
of the destination option header in the ds-lite packets.
Otherwise the tunnel encapsulation limit value can be set to a value from 0 till 255
by setting the encaplimit uci parameter accordingly.
If no encaplimit value is specified the default value is 4 as before.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agomvebu: fix broken console on WRT32X (venom)
Michael Gray [Tue, 29 May 2018 09:43:48 +0000 (19:43 +1000)]
mvebu: fix broken console on WRT32X (venom)

The console bootarg is being corrupted on boot, causing various issues
including broken sysupgrade.
Utilising the bootargs mangle patch from other targets, hardcode the console
arguments and fetch the rootfs from the bootloader.

Kernel command line: console=ttyS0,115200 root=/dev/mtdblock8

Bootloader command line (ignored): console= root=/dev/mtdblock8

Please cherry pick to 18.06 too

Signed-off-by: Michael Gray <michael.gray@lantisproject.com>
6 years agooxnas: bring in new oxnas target
Daniel Golle [Thu, 31 May 2018 17:41:28 +0000 (19:41 +0200)]
oxnas: bring in new oxnas target

Reboot the oxnas target based on Linux 4.14 by rebasing our support on
top of the now-existing upstream kernel support.
This commit brings oxnas support to the level of v4.17 having upstream
drivers for Ethernet, Serial and NAND flash.
Botch up OpenWrt's local drivers for EHCI, SATA and PCIe based on the
new platform code and device-tree.
Re-introduce base-files from old oxnas target which works for now but
needs further clean-up towards generic board support.

Functional issues:
 * PCIe won't come up (hence no USB3 on Shuttle KD20)
 * I2C bus of Akitio myCloud device is likely not to work (missing
   debounce support in new pinctrl driver)

Code-style issues:
 * plla/pllb needs further cleanup -- currently their users or writing
   into the syscon regmap after acquireling the clk instead of using
   defined clk_*_*() functions to setup multipliers and dividors.
 * PCIe phy needs its own little driver.
 * SATA driver is a monster and should be split into an mfd having
   a raidctrl regmap, sata controller, sata ports and sata phy.

Tested on MitraStar STG-212 aka. Medion Akoya MD86xxx and Shuttle KD20.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
6 years agouboot-oxnas: fix build with newer GCC
Daniel Golle [Fri, 1 Jun 2018 13:25:42 +0000 (15:25 +0200)]
uboot-oxnas: fix build with newer GCC

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
6 years agooxnas: kill old oxnas target
Daniel Golle [Thu, 31 May 2018 15:28:38 +0000 (17:28 +0200)]
oxnas: kill old oxnas target

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
6 years agonetifd: drop conflicting 'device' interface property
Ivan Shapovalov [Sun, 13 May 2018 21:05:43 +0000 (00:05 +0300)]
netifd: drop conflicting 'device' interface property

Do not set device runtime property on interfaces in the hotplug handler
and in fixup_interfaces(). This property conflicts with device option
in several proto handlers (mainly QMI and other WWAN/3G protos) and does
not seem to be used anywhere.

Signed-off-by: Ivan Shapovalov <intelfx@intelfx.name>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
6 years agokernel: re-add export ipv6_push_frag_opts for tunneling now patch
Hans Dedecker [Fri, 1 Jun 2018 11:37:09 +0000 (13:37 +0200)]
kernel: re-add export ipv6_push_frag_opts for tunneling now patch

The patch got removed by commit 7dca1bae82 (kernel: bump to 4.9.105)
but is still required as ipv6_push_frag_opts needs to be exported.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agoRevert "ramips: Move PCI driver to files directory"
John Crispin [Fri, 1 Jun 2018 09:41:13 +0000 (11:41 +0200)]
Revert "ramips: Move PCI driver to files directory"

This reverts commit a098a78a33a6b096d15c9982b5d6457988e09f03.

Signed-off-by: John Crispin <john@phrozen.org>
6 years agoRevert "ramips: Remove redundant owner assignment"
John Crispin [Fri, 1 Jun 2018 09:41:12 +0000 (11:41 +0200)]
Revert "ramips: Remove redundant owner assignment"

This reverts commit 2ad4daf5794b08878467c1dac5bef7487109e4da.

Signed-off-by: John Crispin <john@phrozen.org>
6 years agoRevert "ramips: improve interrupt mapping"
John Crispin [Fri, 1 Jun 2018 09:41:11 +0000 (11:41 +0200)]
Revert "ramips: improve interrupt mapping"

This reverts commit 5f7396ebef09b224edf08b0bda113613a42f0928.

Signed-off-by: John Crispin <john@phrozen.org>
6 years agoRevert "ramips: remove conditional compilation."
John Crispin [Fri, 1 Jun 2018 09:41:11 +0000 (11:41 +0200)]
Revert "ramips: remove conditional compilation."

This reverts commit 1f786257147f978ce4c5750fdc404851453fafcb.

Signed-off-by: John Crispin <john@phrozen.org>
6 years agoRevert "ramips: remove unnecessary resource details."
John Crispin [Fri, 1 Jun 2018 09:41:10 +0000 (11:41 +0200)]
Revert "ramips: remove unnecessary resource details."

This reverts commit edea934799911c54ffa7024ef9a650f9dfc8c695.

Signed-off-by: John Crispin <john@phrozen.org>
6 years agoRevert "ramips: pci: sync with staging driver"
John Crispin [Fri, 1 Jun 2018 09:41:08 +0000 (11:41 +0200)]
Revert "ramips: pci: sync with staging driver"

This reverts commit e07baec9faf487fd143976636025b5da55e13c20.

Signed-off-by: John Crispin <john@phrozen.org>
6 years agoRevert "ramips: Add back some non-mt7621 code that staging removed"
John Crispin [Fri, 1 Jun 2018 09:41:04 +0000 (11:41 +0200)]
Revert "ramips: Add back some non-mt7621 code that staging removed"

This reverts commit 048e41f6496697863cc7d73ab95fa89a6ddf2470.

Signed-off-by: John Crispin <john@phrozen.org>
6 years agoRevert "ramips: Fix WiFi after 5f7396ebef09b224edf08b0bda113613a42f0928"
John Crispin [Fri, 1 Jun 2018 09:41:00 +0000 (11:41 +0200)]
Revert "ramips: Fix WiFi after 5f7396ebef09b224edf08b0bda113613a42f0928"

This reverts commit 02f815d1907cdd7e042415a2b4a749c819087168.

Signed-off-by: John Crispin <john@phrozen.org>
6 years agonettle: bump to 3.4
Kevin Darbyshire-Bryant [Wed, 30 May 2018 08:46:34 +0000 (08:46 +0000)]
nettle: bump to 3.4

3.4 is mainly a bug fix/maintenance release.

3KB increase in ipk lib size on mips.

Compile tested for: ar71xx, ramips
Run tested on: ar71xx Archer C7 v2, ramips mir3g

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
6 years agomtd: mark as nonshared to fix FS#484
Mirko Parthey [Thu, 31 May 2018 13:24:31 +0000 (15:24 +0200)]
mtd: mark as nonshared to fix FS#484

The mtd tool is built with different configurations depending on the
target. For example, brcm47xx adds the fixtrx subcommand, without which
an image fails when booting the second time.

Mark the mtd package as nonshared to really fix FS#484.

Signed-off-by: Mirko Parthey <mirko.parthey@web.de>
6 years agokernel: bump to 4.9.105
Kevin Darbyshire-Bryant [Thu, 31 May 2018 19:49:08 +0000 (19:49 +0000)]
kernel: bump to 4.9.105

Refresh patches.

Drop patches that have been upstreamed:
target/linux/ar71xx/patches-4.9/106-01-MIPS-ath79-fix-AR724X_PLL_REG_PCIE_CONFIG-offset.patch
target/linux/generic/backport-4.9/095-v4.12-ipv6-Need-to-export-ipv6_push_frag_opts-for-tunnelin.patch
target/linux/generic/pending-4.9/180-net-phy-at803x-add-support-for-AT8032.patch
target/linux/generic/pending-4.9/181-net-usb-add-lte-modem-wistron-neweb-d18q1.patch
target/linux/generic/pending-4.9/182-net-qmi_wwan-add-BroadMobi-BM806U-2020-2033.patch

Compile & run tested: ar71xx Archer C7 v2

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
6 years agoath79: correct wmac names in dts
Alex Maclean [Wed, 30 May 2018 13:21:09 +0000 (14:21 +0100)]
ath79: correct wmac names in dts

Signed-off-by: Alex Maclean <monkeh@monkeh.net>
6 years agoath79: add TP-Link TL-WR703N port
Alex Maclean [Wed, 30 May 2018 13:18:54 +0000 (14:18 +0100)]
ath79: add TP-Link TL-WR703N port

Signed-off-by: Alex Maclean <monkeh@monkeh.net>
6 years agoath79: add TP-Link TL-WR740N/ND v2 port
Alex Maclean [Wed, 30 May 2018 13:18:53 +0000 (14:18 +0100)]
ath79: add TP-Link TL-WR740N/ND v2 port

Signed-off-by: Alex Maclean <monkeh@monkeh.net>
6 years agoath79: add pinmux node to ar724x.dtsi
Alex Maclean [Wed, 30 May 2018 13:18:52 +0000 (14:18 +0100)]
ath79: add pinmux node to ar724x.dtsi

Signed-off-by: Alex Maclean <monkeh@monkeh.net>
6 years agoath79: add AR7240 dtsi
Alex Maclean [Wed, 30 May 2018 13:18:51 +0000 (14:18 +0100)]
ath79: add AR7240 dtsi

Signed-off-by: Alex Maclean <monkeh@monkeh.net>
6 years agoath79: add tiny subtarget
Alex Maclean [Wed, 30 May 2018 13:18:50 +0000 (14:18 +0100)]
ath79: add tiny subtarget

Signed-off-by: Alex Maclean <monkeh@monkeh.net>
6 years agoath10k-ct: Update driver to latest
Koen Vandeputte [Thu, 31 May 2018 08:21:06 +0000 (10:21 +0200)]
ath10k-ct: Update driver to latest

127f98189ee5 ath10k:  Fix bad return w/out unlock, compile w/out debugfs
b8f48f3c138f Fix survey-dump for 4.7, 4.9 and 4.13 kernels.
fa8259ad5d6d ath10k-ct:  Support survey dump in 10.1 firmware.
2853e1337ecf ath10k-ct:  Add 4.16 ath10k-ct driver to package.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
CC: Ben Greear <greearb@candelatech.com>
6 years agoath79: fix glinet ar150 lan/wan ordering
John Crispin [Wed, 30 May 2018 13:18:55 +0000 (15:18 +0200)]
ath79: fix glinet ar150 lan/wan ordering

LAN and WAN were swapped

Signed-off-by: John Crispin <john@phrozen.org>
6 years agoRevert "kernel: backport export ipv6_push_frag_opts for tunneling now"
Daniel Golle [Thu, 31 May 2018 23:37:51 +0000 (01:37 +0200)]
Revert "kernel: backport export ipv6_push_frag_opts for tunneling now"

This reverts commit daa73b63d5dc5eb264341336c0d7cd64d750664d.
The fix has already been imported by
commit b7735d8113 ("kernel: import follow-up fix for previous backport").
The patch won't apply twice.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
6 years agokernel: backport export ipv6_push_frag_opts for tunneling now
Hans Dedecker [Thu, 31 May 2018 16:08:19 +0000 (18:08 +0200)]
kernel: backport export ipv6_push_frag_opts for tunneling now

Patch is required on top of commit 6c81c27efa as ipv6_push_frag_opts needs to
be exported for usage in ip6_tunnel.c

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agowireguard: bump to 0.0.20180531 to fix flow offloading
Jason A. Donenfeld [Thu, 31 May 2018 01:05:51 +0000 (03:05 +0200)]
wireguard: bump to 0.0.20180531 to fix flow offloading

This version bump was made upstream mostly for OpenWRT, and should fix
an issue with a null dst when on the flow offloading path.

While we're at it, Kevin and I are the only people actually taking care
of this package, so trim the maintainer list a bit.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
6 years agokernel: import follow-up fix for previous backport
Daniel Golle [Thu, 31 May 2018 00:25:59 +0000 (02:25 +0200)]
kernel: import follow-up fix for previous backport

Buildbots complaining made me wonder what's going on...
ERROR: "ipv6_push_frag_opts" [net/ipv6/ip6_tunnel.ko] undefined!

Fixes: 6c81c27efa ("kernel: backport fix for missing tunnel encapsulation limit option")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
6 years agohostapd: update packaging and patches
Daniel Golle [Wed, 30 May 2018 22:10:49 +0000 (00:10 +0200)]
hostapd: update packaging and patches

Clean up conflicts/provides/depends hell and add PROVIDES for
eapol-test variants while at it.
Update mesh-DFS patchset from Peter Oh to v5 (with local fixes) which
allows to drop two revert-patches for upstream commits which previously
were necessary to un-break mesh-DFS support.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
6 years agowolfssl: change defaults to cover wpa_supplicant needs
Daniel Golle [Wed, 30 May 2018 22:34:15 +0000 (00:34 +0200)]
wolfssl: change defaults to cover wpa_supplicant needs

Implicetely selecting the required options via Kconfig snippet from
hostapd worked fine in local builds when using menuconfig but confused
the buildbots which (in phase1) may build wpad-mini and hence already
come with CONFIG_WPA_WOLFSSL being defined as unset which then won't
trigger changing the defaults of wolfssl.

Work around by explicitely reflecting wpa_supplicant's needs in
wolfssl's default settings to make buildbots happy.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
6 years agotoolchain/glibc: update to latest 2.26 commit
Hans Dedecker [Wed, 30 May 2018 12:38:37 +0000 (14:38 +0200)]
toolchain/glibc: update to latest 2.26 commit

4df8479e6b Add NEWS entry for CVE-2018-11236
a5bc5ec967 Add references to CVE-2018-11236, CVE-2017-18269
58ad5f8a64 Add a test case for [BZ #23196]
6b4362f2cb Don't write beyond destination in __mempcpy_avx512_no_vzeroupper (bug 23196)

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agokernel: backport fix for missing tunnel encapsulation limit option
Hans Dedecker [Wed, 30 May 2018 09:41:14 +0000 (11:41 +0200)]
kernel: backport fix for missing tunnel encapsulation limit option

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agocurl: Add ca-bundle dependency
Rosen Penev [Sun, 27 May 2018 22:13:48 +0000 (15:13 -0700)]
curl: Add ca-bundle dependency

While building, curl complains that the path specified is missing.
Also, without ca-bundle, something like 'curl https://www.google.com'
does not work due to a certificate verify error.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
6 years agocurl: Use ca-bundle for all TLS libraries.
Rosen Penev [Sun, 27 May 2018 22:13:47 +0000 (15:13 -0700)]
curl: Use ca-bundle for all TLS libraries.

It simplifies the Makefile a bit. In addition, using ca-bundle
saves some space as well.

It also fixes an issue with at least transmission, which has a dependency
on ca-bundle, but currently libcurl with OpenSSL or GnuTLS cause it not
to work.

This has been tested on mt7621 with OpenSSL and GnuTLS just by running
'curl https://www.google.com' and seeing if there's a verify error.
The rest are already using ca-bundle and therefore work fine.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Tested-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
6 years agoramips: Use generic board detect for GnuBee devices
Rosen Penev [Sun, 27 May 2018 00:26:14 +0000 (17:26 -0700)]
ramips: Use generic board detect for GnuBee devices

This is a port of an old commit from mkresin's tree:

09260cdf3e9332978c2a474a58e93a6f2b55f4a8

This has the potential to break sysupgrade but it should be fine as
there is no stable release of LEDE or OpenWrt that support these devices.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
6 years agoramips: Fix a few other GnuBee DTS differences
Rosen Penev [Sun, 27 May 2018 22:50:50 +0000 (15:50 -0700)]
ramips: Fix a few other GnuBee DTS differences

I was carrying a local commit that added the sdhci stuff and missed it
as a result.

Also fix the rgmii3 thing in the PC2 DTS file as that's bogus and causes
a dmesg warning that it's bogus.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
6 years agoramips: Fix WiFi after 5f7396ebef09b224edf08b0bda113613a42f0928
Rosen Penev [Tue, 29 May 2018 18:03:03 +0000 (11:03 -0700)]
ramips: Fix WiFi after 5f7396ebef09b224edf08b0bda113613a42f0928

That commit exposed a bug in the DTS files used by mt7621 where the wrong
reg value for pcie1 (and potentially pcie2) was being used. This was
causing WiFi failures for interfaces in pcie1.

eg. 2.4GHz working but not 5GHz.

As all of these dts entries are already specified in mt7621.dtsi, remove
them.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
6 years agoath10k-firmware: Fix two more typos
Rosen Penev [Tue, 29 May 2018 18:03:02 +0000 (11:03 -0700)]
ath10k-firmware: Fix two more typos

Actually tested with a local build instead of with scp'ing the firmware.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
6 years agokernel: bump 4.14 to 4.14.44
Stijn Tintel [Mon, 28 May 2018 21:10:44 +0000 (00:10 +0300)]
kernel: bump 4.14 to 4.14.44

Refresh patches.

Remove upstreamed patch:
generic/pending/181-net-usb-add-lte-modem-wistron-neweb-d18q1.patch
Update patches that no longer applies:
generic/hack/901-debloat_sock_diag.patch

Compile-tested on: x86/64.
Runtime-tested on: x86/64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
6 years agomac80211: rt2x00: no longer use TXOP_BACKOFF for probe frames
Daniel Golle [Mon, 28 May 2018 13:45:43 +0000 (15:45 +0200)]
mac80211: rt2x00: no longer use TXOP_BACKOFF for probe frames

Import a revert-commit from Stanislaw Gruszka which significantly
improves WiFi performance on rt2x00 based hardware.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
6 years agomediatek: add missing symbols for mt7622
John Crispin [Mon, 28 May 2018 06:12:28 +0000 (08:12 +0200)]
mediatek: add missing symbols for mt7622

Signed-off-by: John Crispin <john@phrozen.org>
6 years agoath10k-firmware: Fix typo in last commit
Rosen Penev [Sun, 27 May 2018 16:21:40 +0000 (09:21 -0700)]
ath10k-firmware: Fix typo in last commit

Signed-off-by: Rosen Penev <rosenp@gmail.com>
6 years agokernel: add missing softdog symbol
John Crispin [Sun, 27 May 2018 07:22:40 +0000 (09:22 +0200)]
kernel: add missing softdog symbol

Signed-off-by: John Crispin <john@phrozen.org>
6 years agomediatek: add missing symbols
John Crispin [Sun, 27 May 2018 07:22:21 +0000 (09:22 +0200)]
mediatek: add missing symbols

Signed-off-by: John Crispin <john@phrozen.org>
6 years agoar71xx: add support for GL.iNet GL-AR750S
Luo chongjun [Fri, 25 May 2018 10:06:37 +0000 (18:06 +0800)]
ar71xx: add support for GL.iNet GL-AR750S

This patch adds supports for GL-AR750S.

Specification:
- SOC: QCA9563 (775MHz)
- Flash: 16 MiB (W25Q128FVSG)
- RAM: 128 MiB DDR2
- Ethernet: 2x 1Gbps LAN + 1x 1Gbps WAN
- Wireless: 2.4GHz (bgn) and 5GHz (ac)
- USB: 1x USB 2.0 port
- Button: 1x switch button, 1x reset button
- LED: 3x LEDS (green)

Flash instruction:
Apply factory image via web-gui.

Signed-off-by: Luo chongjun <luochongjun@gl-inet.com>
6 years agoath10k-firmware: Fix QCA6174 support
Rosen Penev [Fri, 25 May 2018 03:47:46 +0000 (20:47 -0700)]
ath10k-firmware: Fix QCA6174 support

Currently when installing the firmware, a bunch of files and directories
that the ath10k driver does not look for are created.

The package now installs firmware for both hw 2.1 and 3.0 devices.
2.1 is abandonware but may be useful to keep.

3.0 firmware was tested on a Killer 1535 to be relatively stable with
802.11w disabled. 802.11w causes multiple firmware crashes but that's true
of other ath10k firmwares as well.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
6 years agowolfssl: add PKG_CONFIG_DEPENDS symbols
Daniel Golle [Fri, 25 May 2018 18:35:46 +0000 (20:35 +0200)]
wolfssl: add PKG_CONFIG_DEPENDS symbols

This change will trigger rebuild on buildbots in case of changed config
symbols, like in the case of hostapd selecting some wolfssl symbols
lately.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
6 years agohostapd: convert ssl provider build options to variants
Daniel Golle [Fri, 25 May 2018 13:59:41 +0000 (15:59 +0200)]
hostapd: convert ssl provider build options to variants

Instead of selecting the SSL provider at compile time, build package
variants for each option so users can select the binary package without
having to build it themselves.
Most likely not all variants have actually ever been user by anyone.
We should reduce the selection to the reasonable and most used
combinations at some point in future. For now, build them all.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
6 years agofirewall: update to latest git HEAD
Hans Dedecker [Fri, 25 May 2018 12:29:58 +0000 (14:29 +0200)]
firewall: update to latest git HEAD

30463d0 zones: add interface/subnet bound LOG rules
0e77bf2 options: treat time strings as UTC times

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agofstools: update to latest git HEAD
Hans Dedecker [Fri, 25 May 2018 07:45:04 +0000 (09:45 +0200)]
fstools: update to latest git HEAD

dd02dad fstools: allow the mounting with full access time accounting
242248c fstools: allow to compress the filesystem

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agoar71xx: fix bad "proto" references in default network configuration
Jo-Philipp Wich [Fri, 25 May 2018 07:44:28 +0000 (09:44 +0200)]
ar71xx: fix bad "proto" references in default network configuration

This change was originally meant to go along with the ucidef_set_interface()
fixup.

Fixes: 7e664b7c2d ("base-files: fix ucidef_set_interface() protocol selection")
Fixes: 85048a9c1f ("base-files: rework _ucidef_set_interface to be more generic")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agobase-files: fix ucidef_set_interface() protocol selection
Jo-Philipp Wich [Fri, 25 May 2018 05:28:28 +0000 (07:28 +0200)]
base-files: fix ucidef_set_interface() protocol selection

The previous refactoring of ucidef_set_interface() removed the protocol
selection heuristic which breaks the networking defaults for the majority
of boards.

Re-add the protocol selection and rename two bad "proto" references to
the expected "protocol" value.

Fixes: 85048a9c1f ("base-files: rework _ucidef_set_interface to be more generic")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agohostapd: update to git HEAD of 2018-05-21, allow build against wolfssl
Daniel Golle [Sat, 28 Apr 2018 19:12:19 +0000 (21:12 +0200)]
hostapd: update to git HEAD of 2018-05-21, allow build against wolfssl

Support for building wpa_supplicant/hostapd against wolfssl has been
added upstream recently, add build option to allow users using it.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
6 years agomediatek: add mt7622 subtarget
John Crispin [Thu, 24 May 2018 20:10:49 +0000 (22:10 +0200)]
mediatek: add mt7622 subtarget

Signed-off-by: John Crispin <john@phrozen.org>
6 years agomediatek: backport upstream mediatek patches
John Crispin [Mon, 7 May 2018 10:07:32 +0000 (12:07 +0200)]
mediatek: backport upstream mediatek patches

Signed-off-by: John Crispin <john@phrozen.org>
6 years agowolfssl: update to version 3.14.4
Daniel Golle [Wed, 23 May 2018 21:26:41 +0000 (23:26 +0200)]
wolfssl: update to version 3.14.4

Use download from github archive corresponding to v3.14.4 tag because
the project's website apparently only offers 3.14.0-stable release
downloads.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
6 years agoustream-ssl: fix build against wolfSSL
Daniel Golle [Thu, 24 May 2018 16:51:44 +0000 (18:51 +0200)]
ustream-ssl: fix build against wolfSSL

commit 39a6ce205d (ustream-ssl: Enable ECDHE with OpenSSL.) broke
build against wolfSSL because wolfSSL doesn't (yet) support
SSL_CTX_set_ecdh_auto() of the OpenSSL API.

Fix this in ustream-ssl:

 189cd38b41 don't use SSL_CTX_set_ecdh_auto with wolfSSL

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
6 years agotools: zlib: do not hardcode the install prefix in zlib.pc
Jo-Philipp Wich [Thu, 24 May 2018 15:01:54 +0000 (17:01 +0200)]
tools: zlib: do not hardcode the install prefix in zlib.pc

Our pkg-config wrapper relies on the ability to redefine the $prefix and
$exec_prefix variables in order to construct proper search paths relative
to the build environment.

Patch the .pc file template to construct libdir, sharedlibdir and includedir
relative to the ${prefix} variable so that it can be overridden as needed.

This also fixes the libxml2/host build issue raised at
https://github.com/openwrt/packages/issues/6073 - it was caused by libxml2's
configure picking up a wrong host search path through zlib.pc, letting it
include the wrong endian.h, causing spurious member redeclaration errors in
system headers.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agofstools: Add the new options available in the menuconfig
Pierre Lebleu [Thu, 24 May 2018 12:20:33 +0000 (14:20 +0200)]
fstools: Add the new options available in the menuconfig

Mounting using the zlib compression and mounting with
full access accounting are now available in the
menuconfig.

Signed-off-by: Pierre Lebleu <pme.lebleu@gmail.com>
6 years agoath79: initial tl-wr1043nd v1 support
Lucian Cristian [Sat, 19 May 2018 17:12:58 +0000 (20:12 +0300)]
ath79: initial tl-wr1043nd v1 support

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
Signed-off-by: John Crispin <john@phrozen.org>
6 years agokernel: add reset control support to rtl8366 driver
John Crispin [Wed, 23 May 2018 22:23:16 +0000 (00:23 +0200)]
kernel: add reset control support to rtl8366 driver

Signed-off-by: John Crispin <john@phrozen.org>
6 years agoath79: fix adjust_link callback for ar9130
John Crispin [Wed, 23 May 2018 21:46:33 +0000 (23:46 +0200)]
ath79: fix adjust_link callback for ar9130

Signed-off-by: John Crispin <john@phrozen.org>
6 years agoath79: make ahb wifi work
John Crispin [Mon, 14 May 2018 05:11:56 +0000 (07:11 +0200)]
ath79: make ahb wifi work

Signed-off-by: John Crispin <john@phrozen.org>
6 years agoRevert "dnsmasq: use "hostsdir" instead of "addn-hosts""
Hans Dedecker [Thu, 24 May 2018 08:11:20 +0000 (10:11 +0200)]
Revert "dnsmasq: use "hostsdir" instead of "addn-hosts""

This reverts commit a03035dad198cd4b51645ceb43c1170f9cf95f16
as it has several issues:
-Host file is located in a directory which is not unique per dnsmasq instance
-odhcpd writes host info into the same directory but still sends a SIGHUP to dnsmasq

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agobase-files: rework _ucidef_set_interface to be more generic
Roman Yeryomin [Fri, 4 May 2018 15:42:36 +0000 (18:42 +0300)]
base-files: rework _ucidef_set_interface to be more generic

This is a rework of previously submitted patch reworking
ucidef_set_interface_raw [1]. Here, keep the idea but instead
make _ucidef_set_interface more generic and use it instead of
ucidef_set_interface_raw.
Also change the users like ucidef_set_interface_lan and others.

[1] https://patchwork.ozlabs.org/patch/844961/

Signed-off-by: Roman Yeryomin <roman@advem.lv>
6 years agokernel: bump 4.14 to 4.14.43
Koen Vandeputte [Wed, 23 May 2018 14:44:09 +0000 (16:44 +0200)]
kernel: bump 4.14 to 4.14.43

Refreshed all patches

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Tested-by: Michael Yartys <michael.yartys@protonmail.com>
6 years agokernel: bump 4.9 to 4.9.102
Koen Vandeputte [Wed, 23 May 2018 14:44:08 +0000 (16:44 +0200)]
kernel: bump 4.9 to 4.9.102

Refreshed all patches

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agoramips: Fix up GnuBee PC1 DTS file a little
Rosen Penev [Thu, 24 May 2018 02:24:43 +0000 (19:24 -0700)]
ramips: Fix up GnuBee PC1 DTS file a little

There's nothing connected to i2c on this board, so remove it.

Also edited the gpio group to match the PC2 as they're the same.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
6 years agoramips: Add back some non-mt7621 code that staging removed
Rosen Penev [Thu, 24 May 2018 02:24:42 +0000 (19:24 -0700)]
ramips: Add back some non-mt7621 code that staging removed

Staging is meant only for mt7621 but for OpenWrt more is needed.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
6 years agobrcm47xx: add switch port mapping to Asus WL-500W
Mirko Parthey [Tue, 22 May 2018 19:23:36 +0000 (21:23 +0200)]
brcm47xx: add switch port mapping to Asus WL-500W

Switch ports 0..3 are connected to external ports LAN{1..4} in sequence,
switch port 4 is not used, and switch port 5 is connected to the CPU.
The WAN port is attached to the CPU's second network interface; it has no
connection to the internal switch.

Reuse the "Dell TrueMobile 2300" entry, which describes the same mapping.

Signed-off-by: Mirko Parthey <mirko.parthey@web.de>
6 years agokernel: mark all v3.18 and v4.4 kernels are source-only
John Crispin [Thu, 24 May 2018 06:55:17 +0000 (08:55 +0200)]
kernel: mark all v3.18 and v4.4 kernels are source-only

These will be removed if not updated to v4.4

Signed-off-by: John Crispin <john@phrozen.org>
6 years agodnsmasq: use "hostsdir" instead of "addn-hosts"
Christian Schoenebeck [Tue, 22 May 2018 18:36:18 +0000 (20:36 +0200)]
dnsmasq: use "hostsdir" instead of "addn-hosts"

1.) "addn-hosts" per default point to a file (but it supports directory)
2.) "hostsdir" only support directory with the additional benefit: New or changed files are read automatically.

Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
6 years agotoolchain/glibc: update to latest 2.26 commit
Hans Dedecker [Wed, 23 May 2018 13:14:43 +0000 (15:14 +0200)]
toolchain/glibc: update to latest 2.26 commit

af7519f7b3 Fix path length overflow in realpath [BZ #22786]
365722ace6 Fix stack overflow with huge PT_NOTE segment [BZ #20419]
be056fae3b Fix blocking pthread_join. [BZ #23137]
02f0dd83a4 Fix signed integer overflow in random_r (bug 17343).
3241353ab2 i386: Fix i386 sigaction sa_restorer initialization (BZ#21269)
677e6d13e0 [BZ #22342] Fix netgroup cache keys.
71d339cb86 Fix i386 memmove issue (bug 22644).
31e2d15b80 Fix crash in resolver on memory allocation failure (bug 23005)
1f7c4748d6 getlogin_r: return early when linux sentinel value is set
7e7a5f0bcd resolv: Fully initialize struct mmsghdr in send_dg [BZ #23037]

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agouboot-zynq: fix build on hosts lacking pkg-config
Jo-Philipp Wich [Wed, 23 May 2018 07:32:25 +0000 (09:32 +0200)]
uboot-zynq: fix build on hosts lacking pkg-config

The uboot-mvebu package incorrectly used the host pkg-config for the tool
build parts, which broke the build on systems lacking pkg-config and only
worked by accident on those that have it installed.

Export the host-build specific environment variables for the uboot build
to redirect pkg-config invocations to our staged host build pkg-config in
buildroot.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agouboot-mxs: fix build on hosts lacking pkg-config
Jo-Philipp Wich [Wed, 23 May 2018 07:15:52 +0000 (09:15 +0200)]
uboot-mxs: fix build on hosts lacking pkg-config

The uboot-mvebu package incorrectly used the host pkg-config for the tool
build parts, which broke the build on systems lacking pkg-config and only
worked by accident on those that have it installed.

Export the host-build specific environment variables for the uboot build
to redirect pkg-config invocations to our staged host build pkg-config in
buildroot.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agouboot-mvebu: fix build on hosts lacking pkg-config
Jo-Philipp Wich [Wed, 23 May 2018 07:02:59 +0000 (09:02 +0200)]
uboot-mvebu: fix build on hosts lacking pkg-config

The uboot-mvebu package incorrectly used the host pkg-config for the tool
build parts, which broke the build on systems lacking pkg-config and only
worked by accident on those that have it installed.

Export the host-build specific environment variables for the uboot build
to redirect pkg-config invocations to our staged host build pkg-config in
buildroot.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agoramips: fix to mt7620a and add support for i2c on WD03
Matthias Badaire [Tue, 22 May 2018 10:06:55 +0000 (12:06 +0200)]
ramips: fix to mt7620a and add support for i2c on WD03

There was an error on initial commit, the proper soc is mt7620n (which is
more limited than mt7620a). Moreover, there is a battery management
controller connected to the i2c port of the mt7620n. I have a small piece
of i2c code to get battery level coming.

Signed-off-by: Matthias Badaire <mbadaire@gmail.com>
6 years agoath79: preliminary support for TP-Link WDR3600 / WDR4300 (AR9344)
Johann Neuhauser [Fri, 18 May 2018 16:06:03 +0000 (18:06 +0200)]
ath79: preliminary support for TP-Link WDR3600 / WDR4300 (AR9344)

working:
 - leds
 - buttons
 - lan / wan
 - usb (hub port 1 + 2)
 - wifi 5g
 - sysupgrade
 - ...

not working:
 - wifi 2g

Signed-off-by: Johann Neuhauser <johann@it-neuhauser.de>
6 years agokernel: bump 4.14 to 4.14.42
Koen Vandeputte [Tue, 22 May 2018 12:16:12 +0000 (14:16 +0200)]
kernel: bump 4.14 to 4.14.42

Refreshed all patches

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agokernel: bump 4.9 to 4.9.101
Koen Vandeputte [Tue, 22 May 2018 12:16:11 +0000 (14:16 +0200)]
kernel: bump 4.9 to 4.9.101

Refreshed all patches

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agoustream-ssl: update to latest git HEAD
John Crispin [Tue, 22 May 2018 18:44:34 +0000 (20:44 +0200)]
ustream-ssl: update to latest git HEAD

5322f9d mbedtls: Fix setting allowed cipher suites
e8a1469 mbedtls: Add support for a session cache

Signed-off-by: John Crispin <john@phrozen.org>