Hauke Mehrtens [Sat, 29 Jan 2022 10:56:27 +0000 (11:56 +0100)]
mbedtls: Update to version 2.16.12
This fixes the following security problems:
* Zeroize several intermediate variables used to calculate the expected
value when verifying a MAC or AEAD tag. This hardens the library in
case the value leaks through a memory disclosure vulnerability. For
example, a memory disclosure vulnerability could have allowed a
man-in-the-middle to inject fake ciphertext into a DTLS connection.
* Fix a double-free that happened after mbedtls_ssl_set_session() or
mbedtls_ssl_get_session() failed with MBEDTLS_ERR_SSL_ALLOC_FAILED
(out of memory). After that, calling mbedtls_ssl_session_free()
and mbedtls_ssl_free() would cause an internal session buffer to
be free()'d twice. CVE-2021-44732
The sizes of the ipk changed on MIPS 24Kc like this:
182454 libmbedtls12_2.16.11-2_mips_24kc.ipk
182742 libmbedtls12_2.16.12-1_mips_24kc.ipk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
57f38e2c827e3be71d8b1709073e366afe011985)
Rosen Penev [Tue, 13 Jul 2021 20:27:09 +0000 (13:27 -0700)]
mbedtls: update to 2.16.11
Switched to AUTORELEASE to avoid manual increments.
Release notes:
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.11
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
fcfd741eb83520e496eb09de5f8b2f2b62792a80)
Hauke Mehrtens [Sun, 26 Dec 2021 22:38:52 +0000 (23:38 +0100)]
tcpdump: libpcap: Remove www.us.tcpdump.org mirror
The http://www.us.tcpdump.org mirror will go offline soon, only use the
normal download URL.
Reported-by: Denis Ovsienko <denis@ovsienko.info>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
18bdfc803bef00fad03f90b73b6e65c3c79cb397)
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
[rebased for OpenWrt 21.02 branch]
(cherry picked from commit
4dddb7ca3669e93d4da2b1ca43b8bc22bd007e48)
Hauke Mehrtens [Sat, 12 Feb 2022 22:13:47 +0000 (23:13 +0100)]
tcpdump: Fix CVE-2018-16301
This fixes the following security problem:
The command-line argument parser in tcpdump before 4.99.0 has a buffer
overflow in tcpdump.c:read_infile(). To trigger this vulnerability the
attacker needs to create a 4GB file on the local filesystem and to
specify the file name as the value of the -F command-line argument of
tcpdump.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
8f5875c4e221453932f217a82f8c3092cacba3e5)
(cherry picked from commit
59e7ae8d65ab9a9315608a69565f6a4247d3b1ac)
Petr Štetiar [Thu, 10 Feb 2022 12:27:06 +0000 (13:27 +0100)]
kernel: bump 4.14 to 4.14.265
All patches refreshed automagically without conflicts.
Run tested on ipq40xx/glinet-b1300 and mvebu/turris-omnia.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Paul Spooren [Sun, 1 Nov 2020 21:53:39 +0000 (11:53 -1000)]
build: store SOURCE_DATE_EPOCH in JSON info files
The source date epoch is the only reproducible date close to the actual
build date. It can be used for tooling like the firmware wizard to show
the image age.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit
165f0b00cdd2f763c1d478c2f58c535fc19b13bd)
[store source_date_epoch as integer]
Signed-off-by: Paul Spooren <mail@aparcar.org>
Petr Štetiar [Mon, 31 Jan 2022 10:52:40 +0000 (11:52 +0100)]
kernel: bump 4.14 to 4.14.264
All patches refreshed automagically without conflicts.
Run tested on ipq40xx/glinet-b1300 and mvebu/turris-omnia.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Tue, 18 Jan 2022 13:50:02 +0000 (14:50 +0100)]
kernel: bump 4.14 to 4.14.262
All patches refreshed automagically without conflicts.
Run tested on ipq40xx/glinet-b1300 and mvebu/turris-omnia.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Eneas U de Queiroz [Mon, 10 Jan 2022 19:37:47 +0000 (16:37 -0300)]
openssl: bump to 1.1.1m
This is a bugfix release. Changelog:
*) Avoid loading of a dynamic engine twice.
*) Fixed building on Debian with kfreebsd kernels
*) Prioritise DANE TLSA issuer certs over peer certs
*) Fixed random API for MacOS prior to 10.12
Patches were refreshed.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit
5beaa75d94c4a981c580905b84c7ef33caf0c3e2)
Petr Štetiar [Thu, 6 Jan 2022 14:31:19 +0000 (15:31 +0100)]
kernel: bump 4.14 to 4.14.261
All patches refreshed automagically without conflicts.
Run tested on ipq40xx/glinet-b1300 and mvebu/turris-omnia.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Thu, 23 Dec 2021 10:37:55 +0000 (11:37 +0100)]
kernel: bump 4.14 to 4.14.259
All patches refreshed automagically without conflicts, but upstream in
commit
48c2461f28fe ("ARM: 8800/1: use choice for kernel unwinders")
added new config options UNWINDER_ARM and UNWINDER_FRAME_POINTER so we
need to adjust default configs as well.
Run tested on ipq40xx/glinet-b1300 and mvebu/turris-omnia.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
Petr Štetiar [Sun, 12 Dec 2021 07:19:37 +0000 (08:19 +0100)]
kernel: bump 4.14 to 4.14.258
Rebased patches:
* generic: 273-batman-adv-Convert-packet.h-to-uapi-header.patch
* ipq806x: 0065-arm-override-compiler-flags.patch
* mvebu: 513-arm64-dts-marvell-armada37xx-Add-emmc-sdio-pinctrl-d.patch
Removed patches:
Fixed upstream:
* ar71xx: 821-serial-core-add-support-for-boot-console-with-arbitr.patch
* ath79: 921-serial-core-add-support-for-boot-console-with-arbitr.patch
- in 4.14.256 via
9112e7ef87149b3d8093e7446d784117f6e18d69
* mvebu: 527-PCI-aardvark-allow-to-specify-link-capability.patch
- in 4.14.257 via
62a3dc9b65a2b24800fc4267b8cf590fad135034
* mvebu: 524-PCI-aardvark-set-host-and-device-to-the-same-MAX-payload-size.patch
- should be hopefully fixed by the bunch of changes in .256 and .257
Run tested on ipq40xx/glinet-b1300 and mvebu/turris-omnia.
Fixes: CVE-2021-3640
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Hauke Mehrtens [Sun, 12 Dec 2021 20:43:21 +0000 (21:43 +0100)]
mac80211: Update to version 4.19.221
The following patch was backported from upstream before and is not
needed any more:
package/kernel/mac80211/patches/ath/980-ath10k-fix-max-antenna-gain-unit.patch
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Roman Yeryomin [Fri, 3 Sep 2021 14:31:11 +0000 (17:31 +0300)]
iproute2: m_xt.so depends on dynsyms.list
When doing parallel build on a fast machine with bottleneck in i/o,
m_xt.so may start linking faster than dynsyms.list gets populated,
resulting in error:
ld:dynsyms.list:0: syntax error in dynamic list
Fix this by adding dynsyms.list as make dependency to m_xt.so
Described also here:
https://bugs.openwrt.org/index.php?do=details&task_id=3353
Change from v1:
- add dynsysms.list dependancy only when shared libs are enabled
Signed-off-by: Roman Yeryomin <roman@advem.lv>
Fixes: FS#3353
(cherry-picked from commit
edd53df16843a0a6380920ed17b88bfe7d26d71b)
Mathias Kresin [Sat, 27 Nov 2021 20:43:40 +0000 (21:43 +0100)]
uboot-lantiq: danube: fix hanging lzma kernel uncompression #2
Follow up to commit
8fb714edd6e4340729e271139164a0163b027d68. Managed to
hit the very same issue again while playing with the NOR SPL builds.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Mathias Kresin [Fri, 5 Nov 2021 09:41:26 +0000 (10:41 +0100)]
uboot-lantiq: danube: fix hanging lzma kernel uncompression
At least since gcc 7.3.0 (OpenWrt 18.06) lwr/lwl are used in the
assembly of LzmaProps_Decode. While the decission made by the compiler
looks perfect fine, it triggers some obscure hang on lantiq danube-s
v1.5 with MX29LV640EB NOR flash chips.
Only if the offset 1 is used, the hang can be observed. Using any other
offset works fine:
lwl s0,0(a1) - s0 == 0x6d000080
lwl s0,1(a1) - hangs
lwl s0,2(a1) - s0 == 0x0080xxxx
lwl s0,3(a1) - s0 == 0x80xxxxxx
It isn't clear whether it is a limitation of the flash chip, the EBU or
something else.
Force 8bit reads to prevent gcc optimizing the read with lwr/lwl
instructions.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Christian Lamparter [Sat, 23 Oct 2021 16:08:51 +0000 (18:08 +0200)]
wireless-regdb: update to version 2021.08.28
e983a25 Update regulatory rules for Ecuador (EC)
a0bcb88 wireless-regdb: Update regulatory rules for Norway (NO) on 6 and 60 GHz
cdf854d wireless-regdb: Update regulatory rules for Germany (DE) on 6GHz
86cba52 wireless-regdb: reduce bandwidth for 5730-5850 and 5850-5895 MHz in US
6fa2384 wireless-regdb: remove PTMP-ONLY from 5850-5895 MHz for US
9839e1e wireless-regdb: recent FCC report and order allows 5850-5895 immediately
42dfaf4 wireless-regdb: update 5725-5850 MHz rule for GB
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit
dbb4c47798b17112cb1eed2a309cdefd33b5f193)
Felix Fietkau [Fri, 21 May 2021 12:29:31 +0000 (14:29 +0200)]
wireless-regdb: update to version 2021.04.21
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit
d76535c45e6e970b212744781431e152e90c1ce6)
Rosen Penev [Thu, 4 Mar 2021 02:00:26 +0000 (18:00 -0800)]
tools/m4: update to 1.4.19
Remove upstreamed patches.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
fc9682ed3961e098ace708ca1ca41c2239a4e2ee)
Hauke Mehrtens [Sat, 6 Nov 2021 18:43:08 +0000 (18:43 +0000)]
kernel: bump 4.14 to 4.14.254
All updated automatically.
Compile-tested on: malta/le, lantiq/xrx200
Runtime-tested on: malta/le, lantiq/xrx200
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Koen Vandeputte [Tue, 12 Oct 2021 09:02:30 +0000 (11:02 +0200)]
ar71xx: mikrotik: rb91x: fix 10M ethernet link speed
Extensive testing on the board showed that ethernet does
not work when forced to 10Mbps.
Trial-and-error revealed that the correct PLL value
should be altered to 0x00001313 (iso 0x00001616)
The change is done for this specific board only as I do not have
other boards using this specific SoC.
The board now works correctly in 1000, 100 and 10 Mode
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Alan Swanson [Fri, 1 Oct 2021 15:46:32 +0000 (16:46 +0100)]
uboot-lantiq: fix sha1.h header clash when system libmd installed
Backport of u-boot commit "includes: move openssl headers to include/u-boot"
https://github.com/u-boot/u-boot/commit/
2b9912e6a7df7b1f60beb7942bd0e6fa5f9d0167
Fixes: FS#3955
Signed-off-by: Alan Swanson <reiver@improbability.net>
(cherry picked from commit
8db641049292035604f0e1fb788608fdea879eca)
Hauke Mehrtens [Sat, 2 Oct 2021 11:38:04 +0000 (13:38 +0200)]
kernel: bump 4.14 to 4.14.248
All updated automatically.
Compile-tested on: lantiq/xrx200, armvirt/64
Runtime-tested on: lantiq/xrx200, armvirt/64
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Tue, 14 Sep 2021 21:44:19 +0000 (23:44 +0200)]
mac80211: Update to backports-4.19.207-1
Refresh all patches.
This contains fixes for CVE-2020-3702
1. These patches (ath, ath9k, mac80211) were included in kernel
versions since 4.14.245 and 4.19.205. They fix security vulnerability
CVE-2020-3702 [1] similar to KrØØk, which was found by ESET [2].
Thank you Josef Schlehofer for reporting this problem.
[1] https://nvd.nist.gov/vuln/detail/CVE-2020-3702
[2] https://www.welivesecurity.com/2020/08/06/beyond-kr00k-even-more-wifi-chips-vulnerable-eavesdropping/
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Petr Štetiar [Sun, 1 Nov 2020 16:31:40 +0000 (17:31 +0100)]
sdk: fix missing include directories
It's not possible to compile some applications which are using
`-Werror=missing-include-dirs` compiler flags with the SDK as some
target directories are missing in the SDK tarball:
cc1: error: staging_dir/target/usr/include: No such file or directory [-Werror=missing-include-dirs]
cc1: error: staging_dir/target/include: No such file or directory [-Werror=missing-include-dirs]
Fix this by adding the missing directories in the SDK.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
ec0ec0428e12b6a7cdad40fbe98d375ea15b45c5)
Luis Araneda [Sun, 2 Aug 2020 23:34:42 +0000 (19:34 -0400)]
uboot-zynq: fix dtc compilation on host gcc 10
gcc 10 defaults to -fno-common, which causes an error
when linking.
Back-port the following Linux kernel commit to fix it:
e33a814e772c (scripts/dtc: Remove redundant YYLOC global declaration)
Tested on an Arch Linux host with gcc 10.1.0
Signed-off-by: Luis Araneda <luaraneda@gmail.com>
(cherry picked from commit
8b870418f18d86761247633e57560ffa1c2485d0)
Sven Eckelmann [Sat, 11 Sep 2021 19:03:34 +0000 (21:03 +0200)]
uboot-tegra: Fix build with GCC-10 as host compiler
The package uses the host compiler to build the dtc binary. With gcc-10,
the option -fno-common is now the default behavior. Thus multiple
definitions of the same variable are now forbidden and results in following
error during linking:
HOSTLD scripts/dtc/dtc
/usr/bin/ld: scripts/dtc/dtc-parser.tab.o:(.bss+0x10): multiple definition of `yylloc'; scripts/dtc/dtc-lexer.lex.o:(.bss+0x0): first defined here
collect2: error: ld returned 1 exit status
The easiest workaround is to add the upstream commit
018921ee79d3 ("Remove
redundant YYLOC global declaration").
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Sat, 11 Sep 2021 19:03:34 +0000 (21:03 +0200)]
uboot-mvebu: Fix build with GCC-10 as host compiler
The package uses the host compiler to build the dtc binary. With gcc-10,
the option -fno-common is now the default behavior. Thus multiple
definitions of the same variable are now forbidden and results in following
error during linking:
HOSTLD scripts/dtc/dtc
/usr/bin/ld: scripts/dtc/dtc-parser.tab.o:(.bss+0x10): multiple definition of `yylloc'; scripts/dtc/dtc-lexer.lex.o:(.bss+0x0): first defined here
collect2: error: ld returned 1 exit status
The easiest workaround is to add the upstream commit
018921ee79d3 ("Remove
redundant YYLOC global declaration").
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Hauke Mehrtens [Sun, 8 Aug 2021 22:03:43 +0000 (00:03 +0200)]
uboot-layerscape: fix dtc compilation on host gcc 10
Backport a patch from upstream U-Boot to fix the compile with host GCC 10.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
8d143784cb8fafccdbcdc0bd5d1aa47d3d676f70)
Sven Eckelmann [Sat, 11 Sep 2021 19:03:34 +0000 (21:03 +0200)]
uboot-kirkwood: Fix build with GCC-10 as host compiler
The package uses the host compiler to build the dtc binary. With gcc-10,
the option -fno-common is now the default behavior. Thus multiple
definitions of the same variable are now forbidden and results in following
error during linking:
HOSTLD scripts/dtc/dtc
/usr/bin/ld: scripts/dtc/dtc-parser.tab.o:(.bss+0x10): multiple definition of `yylloc'; scripts/dtc/dtc-lexer.lex.o:(.bss+0x0): first defined here
collect2: error: ld returned 1 exit status
The easiest workaround is to add the upstream commit
018921ee79d3 ("Remove
redundant YYLOC global declaration").
Signed-off-by: Sven Eckelmann <sven@narfation.org>
Sven Eckelmann [Sat, 11 Sep 2021 19:03:34 +0000 (21:03 +0200)]
uboot-sunxi: Fix build with GCC-10 as host compiler
The package uses the host compiler to build the dtc binary. With gcc-10,
the option -fno-common is now the default behavior. Thus multiple
definitions of the same variable are now forbidden and results in following
error during linking:
HOSTLD scripts/dtc/dtc
/usr/bin/ld: scripts/dtc/dtc-parser.tab.o:(.bss+0x10): multiple definition of `yylloc'; scripts/dtc/dtc-lexer.lex.o:(.bss+0x0): first defined here
collect2: error: ld returned 1 exit status
The easiest workaround is to add the upstream commit
018921ee79d3 ("Remove
redundant YYLOC global declaration").
Signed-off-by: Sven Eckelmann <sven@narfation.org>
David Bauer [Sun, 29 Aug 2021 22:46:33 +0000 (00:46 +0200)]
kernel: bump 4.14 to 4.14.245
Compile-tested: ath79-generic
Run-tested: ath79-generic
Signed-off-by: David Bauer <mail@david-bauer.net>
Eneas U de Queiroz [Thu, 26 Aug 2021 17:38:07 +0000 (14:38 -0300)]
openssl: bump to 1.1.1l
This version fixes two vulnerabilities:
- SM2 Decryption Buffer Overflow (CVE-2021-3711)
Severity: High
- Read buffer overruns processing ASN.1 strings (CVE-2021-3712)
Severity: Medium
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Eneas U de Queiroz [Thu, 26 Aug 2021 17:38:06 +0000 (14:38 -0300)]
openssl: use --cross-compile-prefix in Configure
This sets the --cross-compile-prefix option when running Configure, so
that that it will not use the host gcc to figure out, among other
things, compiler defines. It avoids errors, if the host 'gcc' is
handled by clang:
mips-openwrt-linux-musl-gcc: error: unrecognized command-line option
'-Qunused-arguments'
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Tested-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
2f75348923e564f1b73fbc32f7cabc355cd6e2b9)
David Bauer [Thu, 19 Aug 2021 19:30:01 +0000 (21:30 +0200)]
kernel: bump to 4.14.244
Compile-tested: ath79-generic ipq40xx-generic
Run-tested: ipq40xx-generic
Signed-off-by: David Bauer <mail@david-bauer.net>
David Bauer [Thu, 12 Aug 2021 21:33:05 +0000 (23:33 +0200)]
kernel: bump to 4.14.243
Compile-tested: x86-64
Run-tested: x86-64
Signed-off-by: David Bauer <mail@david-bauer.net>
Hauke Mehrtens [Sun, 1 Aug 2021 16:46:20 +0000 (18:46 +0200)]
OpenWrt v19.07.8: revert to branch defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Sun, 1 Aug 2021 16:45:59 +0000 (18:45 +0200)]
OpenWrt v19.07.8: adjust config defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Petr Štetiar [Thu, 1 Jul 2021 12:05:18 +0000 (14:05 +0200)]
ubus: update to version 2021-07-01
This update cherry picks following fix:
* ubusd: fix tx_queue linked list usage
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Thu, 3 Jun 2021 07:49:58 +0000 (09:49 +0200)]
ubus: update to version 2021-06-03
This update cherry picks following changes:
* cmake: add a possibility to set library version
* ubusd: protect against too-short messages
* ubusd: add per-client tx queue limit
* ubusd: convert tx_queue to linked list
* lua: avoid truncation of large numeric values
Fixes: FS#1525
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Thu, 29 Jul 2021 19:49:18 +0000 (21:49 +0200)]
ubus: backport SOVERSION support
Add a support for setting of new `ABIVERSION` CMake define which allows
to control the SOVERSION used for the built shared library. This is
needed for downstream packaging to properly track breaking ABI changes
when updating to newer versions of the library.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(backported from commit
8edb1797d55d259c6eda18c89784f152328436fc)
David Bauer [Wed, 28 Jul 2021 14:09:27 +0000 (16:09 +0200)]
kernel: bump 4.14 to 4.14.241
Refreshed all patches
Compile-tested: ath79-generic brcm2708-bcm2708
Run-tested: ath79-generic brcm2708-bcm2708
Signed-off-by: David Bauer <mail@david-bauer.net>
Michael Yartys [Thu, 3 Jun 2021 21:50:12 +0000 (23:50 +0200)]
ath10k-ct: add security fixes
This rebases -ct changes on top of upstream stable kernel's latest code.
Including the wifi security fixes that recently went in.
Removed upstreamed 203-ath10k-Limit-available-channels-via-DT-ieee80211-fre.patch
and refreshed patches.
Signed-off-by: Michael Yartys <michael.yartys@protonmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz> [backport]
(backported from commit
2e10ed925e1e07c28570731a429efa5e7de3b826)
Paul Spooren [Thu, 24 Jun 2021 17:42:53 +0000 (07:42 -1000)]
base-files: fix /tmp/TZ when zoneinfo not installed
The zoneinfo packages are not installed per default so neither
/tmp/localtime nor /tmp/TZ is generated.
This patch mostly reverts the previous fix and instead incooperates a
solution suggested by Jo.
Fixes "base-files: fix zoneinfo support "
8af62ed
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit
56bdb6bb9781f8a0bbec5fc3075b9d2b8d12f9a8)
Rosen Penev [Sat, 10 Apr 2021 00:22:48 +0000 (17:22 -0700)]
base-files: fix zoneinfo support
The system init script currently sets /tmp/localinfo when zoneinfo is
populated. However, zoneinfo has spaces in it whereas the actual files
have _ instead of spaces. This made the if condition never return true.
Example failure when removing the if condition:
/tmp/localtime -> /usr/share/zoneinfo/America/Los Angeles
This file does not exist. America/Los_Angeles does.
Ran through shfmt -w -ci -bn -sr -s
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
8af62ede189aa504135db05474d34c9f8a1ed35d)
Ali MJ Al-Nasrawy [Wed, 18 Sep 2019 17:14:42 +0000 (20:14 +0300)]
mac80211: distance config: allow "auto" as a value
The user can now enable the ACK timeout estimation algorithm (dynack)
for drivers that support it.
It is also expected that the distance config accepts the same values as:
$ iw phyX set distance XXX
Signed-off-by: Ali MJ Al-Nasrawy <alimjalnasrawy@gmail.com>
(cherry picked from commit
a8a1ef856871dc8403ea9c0a3bb347c7120b0e65)
Koen Vandeputte [Mon, 7 Jun 2021 09:20:35 +0000 (11:20 +0200)]
gitignore: add .ccache folder
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Mon, 14 Jun 2021 09:43:36 +0000 (11:43 +0200)]
kernel: bump 4.14 to 4.14.236
Refreshed all patches.
Fixes:
- CVE-2021-3564
Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Hauke Mehrtens [Sat, 5 Jun 2021 22:36:57 +0000 (00:36 +0200)]
mac80211: Update to backports version 4.19.193-test1
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Fri, 4 Jun 2021 23:06:28 +0000 (01:06 +0200)]
kernel: bump 4.14 to 4.14.235
Manually rebased
ramips/patches-5.4/0048-asoc-add-mt7620-support.patch
All others updated automatically.
Compile-tested on: ath79/generic, ramips/mt7621
Runtime-tested on: ath79/generic
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Jo-Philipp Wich [Fri, 28 May 2021 13:23:14 +0000 (15:23 +0200)]
ubox: fix init script validation of log_ip option
The underlying logread process uses usock() to handle remote connections
which is able to handle both hostnames and IP addresses.
Ref: https://github.com/openwrt/luci/issues/5077
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from commit
ec83fb9ced138b7945135adffb9ff0ba63b695ec)
Hauke Mehrtens [Sun, 16 May 2021 21:49:48 +0000 (23:49 +0200)]
tools/mklibs: Fix compile with GCC 11
GCC 11 defaults to C++17, but mklibs does not compile when using the
C++17 standard. This patch switches back to the gnu++98 version like
done in master commit
9437012b9ee4 ("tools/mklibs: update to 0.1.44 and
convert to Python 3")
This fixes the following compile error message:
elf.hpp:52:56: error: ISO C++17 does not allow dynamic exception specifications
52 | const section &get_section(unsigned int i) const throw (std::out_of_range) { return *sections.at(i); };
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Sun, 16 May 2021 13:31:49 +0000 (15:31 +0200)]
openwrt-keyring: Only copy sign key for 19.07 and 21.02
Instead of adding all public signature keys from the openwrt-keyring
repository only add the key which is used to sign the OpenWrt 19.07
feeds and the 21.02 feeds to allow checking the next release.
If one of the other keys would be compromised this would not affect
users of 19.07 release builds.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Petr Štetiar [Sat, 20 Feb 2021 14:56:19 +0000 (15:56 +0100)]
openwrt-keyring: add OpenWrt 21.02 GPG/usign keys
49283916005d usign: add 21.02 release build pubkey
bc4d80f064f2 gpg: add OpenWrt 21.02 signing key
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
1bf6d70e60fdb45d81a8f10b90904cef38c73f70)
Koen Vandeputte [Wed, 12 May 2021 09:41:26 +0000 (11:41 +0200)]
generic: platform/mikrotik: release mtd device after use
The code uses get_mtd_device_nm() which must be followed by a call to
put_mtd_device() once the handle is no longer used.
This fixes spurious shutdown console messages such as:
[ 83.099037] Removing MTD device #1 (hard_config) with use count 1
Reported-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
[Backported from master]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Mon, 10 May 2021 12:25:40 +0000 (14:25 +0200)]
kernel: bump 4.14 to 4.14.232
Refreshed all patches.
Fixes:
- CVE-2021-23133
Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Bas Mevissen [Mon, 19 Apr 2021 23:08:19 +0000 (01:08 +0200)]
Extend checks on build prerequisites for building OpenWRT core
OpenWRT requires a number of Perl modules to be installed. It wasn't checking on all of them.
This patch adds checks for Perl FindBin, File::Copy, File::Compare and Thread::Queue modules.
Failing to install these, will have the build break at some point. By adding these to the
prereq-build.mk script, they are checked on forehand.
Tested on a Fedora 33 and 34 (beta) that was freshly installed. Fedora appears to
break up Perl modules into small packages that need to be installed for the build to succeed.
Signed-off-by: Bas Mevissen <abuse@basmevissen.nl>
(cherry picked from commit
f68c9474acf9a65b5a9538db8e45c173462487e3)
Rosen Penev [Mon, 30 Mar 2020 01:13:56 +0000 (18:13 -0700)]
prereq-build: test for perl's Data::Dumper
Required for installation of autoconf:
make[5]: Entering directory `/openwrt/build_dir/host/autoconf-2.69'
Making all in bin
make[6]: Entering directory `/openwrt/build_dir/host/autoconf-2.69/bin'
autom4te_perllibdir='..'/lib AUTOM4TE_CFG='../lib/autom4te.cfg'
../bin/autom4te -B '..'/lib -B '..'/lib --language M4sh --cache
'' --melt ./autoconf.as -o autoconf.in
Can't locate Data/Dumper.pm in @INC (@INC contains: ../lib
/usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl
/usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at
../lib/Autom4te/C4che.pm line 33.
BEGIN failed--compilation aborted at ../lib/Autom4te/C4che.pm line 33.
Compilation failed in require at ../bin/autom4te line 40.
BEGIN failed--compilation aborted at ../bin/autom4te line 40.
make[6]: *** [autoconf.in] Error 2
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
dc467eac38f2447b652b6680cf4af75b05fd6cd2)
Petr Štetiar [Fri, 9 Apr 2021 12:52:05 +0000 (14:52 +0200)]
tplink-safeloader: fix C7v5 factory flashing from vendor fw > v1.1.x
Currently it's not possible to flash factory images on devices shipped
with vendor firmware versions 1.1.0 Build
20201120 rel. 50406 (published
2020-12-22):
(curFw_ver, newFw_ver) == (1.1, 1.0) [NM_Error](nm_checkSoftVer) 00848: Firmwave not supports, check failed.
[NM_Error](nm_checkUpdateContent) 01084: software version dismatched
[NM_Error](nm_buildUpgradeStruct) 01188: checkUpdateContent failed.
They've even following note in release notes:
Note: You will be unable to downgrade to the previous firmware version
after updating this firmware.
This version check in vendor firmware is implemented in
/usr/bin/nvrammanager binary likely as following C code[1]:
sscanf(buf, "%d.%d.%*s",&upd_fw_major, &upd_fw_minor);
...
if (((int)upd_fw_major < (int)cur_fw_major) ||
((ret = 1, cur_fw_major == upd_fw_major && (upd_fw_minor < (int)cur_fw_minor)))) {
ret = 0;
printf("[NM_Error](%s) %05d: Firmwave not supports, check failed.\r\n\r\n","nm_checkSoftVer" ,0x350);
}
...
return ret;
So in order to fix this and make it future proof it should be enough to
ship our factory firmware images with major version 7 (lucky number).
Tested on latest firmware version 1.1.2 Build
20210125 rel.37999:
Firmwave supports, check OK.
(curFw_ver, newFw_ver) == (1.1, 7.0) check firmware ok!
Flashing back to vendor firmware
c7v5_us-up-ver1-1-2-P1[
20210125-rel37999]_2021-01-25_10.33.55.bin works
as well:
U-Boot
1.1.4-gbec22107-dirty (Nov 18 2020 - 18:19:12)
...
Firmware downloaded... filesize = 0xeeae77 fileaddr = 0x80060000.
Firmware Recovery file length :
15642231
Firmware process id 2.
handle_fw_cloud 146
Image verify OK!
Firmware file Verify ok!
product-info:product_name:Archer C7
product_ver:5.0.0
special_id:
55530000
[Error]sysmgr_cfg_checkSupportList(): 1023 @ specialId
45550000 NOT Match.
Firmware supports, check OK.
Firmware Recovery check ok!
1. https://gist.github.com/ynezz/
2e0583647d863386a66c3d231541b6d1
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
e6d66375cbbb54e0e82a67030e385a5486273766)
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Hauke Mehrtens [Sun, 2 May 2021 21:20:40 +0000 (23:20 +0200)]
mac80211: Update to backports version 4.19.189-1
The removed patches were applied upstream.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Sun, 2 May 2021 15:35:16 +0000 (17:35 +0200)]
dropbear: Fix CVE-2020-36254
This backports a fix from dropbear 2020.81.
CVE-2020-36254 description:
scp.c in Dropbear before 2020.79 mishandles the filename of . or an empty filename, a related issue to CVE-2018-20685.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
David Bauer [Sun, 2 May 2021 22:08:38 +0000 (00:08 +0200)]
ramips: backport unlocked mdiobus accessors
Commit
718e97c5c843 ("ramips: mt7530 swconfig: fix race condition in
register access") backports a fix which depends on unlocked MMD
accessors, however these were not yet included in Kernel 4.14 and they
were not backported yet.
Fixes commit
718e97c5c843 ("ramips: mt7530 swconfig: fix race condition in register access")
Signed-off-by: David Bauer <mail@david-bauer.net>
Magnus Kroken [Wed, 21 Apr 2021 20:10:58 +0000 (22:10 +0200)]
openvpn: update to 2.4.11
Fixes two related security vulnerabilities (CVE-2020-15078) which under
very specific circumstances allow tricking a server using delayed
authentication (plugin or management) into returning a PUSH_REPLY before
the AUTH_FAILED message, which can possibly be used to gather
information about a VPN setup.
This release also includes other bug fixes and improvements.
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
Magnus Kroken [Wed, 21 Apr 2021 20:10:57 +0000 (22:10 +0200)]
openvpn: update to 2.4.9
This is primarily a maintenance release with bugfixes and improvements.
This release also fixes a security issue (CVE-2020-11810) which allows
disrupting service of a freshly connected client that has not yet
negotiated session keys. The vulnerability cannot be used to
inject or steal VPN traffic.
Release announcement:
https://openvpn.net/community-downloads/#heading-13812
Full list of changes:
https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24#OpenVPN2.4.9
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
(cherry-picked from commit
d7e98bd7c5316f95cc11635371a39c6c0e18b9a7)
Magnus Kroken [Wed, 21 Apr 2021 20:10:56 +0000 (22:10 +0200)]
openvpn: update to 2.4.8
Backport two upstream commits that allow building
openvpn-openssl without OpenSSLs deprecated APIs.
Full changelog:
https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24#OpenVPN2.4.8
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
(cherry-picked from commit
bf43e5bbf91ca1a90df8dae3e2cce6bbb61d5cd9)
DENG Qingfang [Mon, 26 Apr 2021 04:20:24 +0000 (12:20 +0800)]
ramips: mt7530 swconfig: fix race condition in register access
[ Upstream commit
f99c9cd9c4d4c49a676d678327546fd41690fe2a ]
The mt7530_{r,w}32 operation over MDIO uses 3 mdiobus operations and
does not hold a lock, which causes a race condition when multiple
threads try to access a register, they may get unexpected results.
To avoid this, handle the MDIO lock manually, and use the unlocked
__mdiobus_{read,write} in the critical section.
This fixes the "Ghost VLAN" artifact[1] in MT7530/7621 when the VLAN
operation and the swconfig LED link status poll race between each other.
[1] https://forum.openwrt.org/t/mysterious-vlan-ids-on-mt7621-device/64495
Signed-off-by: DENG Qingfang <dqfext@gmail.com>
(cherry picked from commit
f99c9cd9c4d4c49a676d678327546fd41690fe2a)
Martin Schiller [Wed, 14 Apr 2021 12:34:56 +0000 (14:34 +0200)]
ppp/pppoe-discovery: fix -W option
This patch is already included in ppp-2.4.9 which is used in openwrt
master.
Backport this patch to openwrt-19.07.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Koen Vandeputte [Thu, 22 Apr 2021 16:48:08 +0000 (18:48 +0200)]
kernel: bump 4.14 to 4.14.231
Refreshed all patches.
Fixes:
- CVE-2020-25672
- CVE-2020-25671
- CVE-2020-25670
Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Mon, 12 Apr 2021 09:38:51 +0000 (11:38 +0200)]
kernel: bump 4.14 to 4.14.230
Refreshed all patches.
Remove upstreamed:
- 840-can-flexcan-flexcan_chip_freeze-fix-chip-freeze-for-.patch
Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
Koen Vandeputte [Fri, 2 Apr 2021 10:21:24 +0000 (12:21 +0200)]
mac80211: backport upstream fixes
Refreshed all patches.
Includes all fixes up to 4.19.184
Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
Koen Vandeputte [Fri, 9 Apr 2021 13:14:37 +0000 (15:14 +0200)]
kernel: backport fix for flexcan bug
This patch fixes a DIV/0 error which was introduced in 4.14.225
This patch was forgotten in upstream <= 4.14 and is now queued for
future release.
Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
Koen Vandeputte [Fri, 9 Apr 2021 08:09:24 +0000 (10:09 +0200)]
kernel: bump 4.14 to 4.14.229
Refreshed all patches.
Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
Koen Vandeputte [Fri, 2 Apr 2021 09:46:03 +0000 (11:46 +0200)]
kernel: bump 4.14 to 4.14.228
Refreshed all patches.
Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
Koen Vandeputte [Mon, 29 Mar 2021 09:43:31 +0000 (11:43 +0200)]
kernel: bump 4.14 to 4.14.227
Refreshed all patches.
Altered patches:
- 809-flexcan-support-layerscape.patch
Compile-tested on: ar71xx, cns3xxx, imx6, layerscape, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
Eneas U de Queiroz [Fri, 26 Mar 2021 17:46:29 +0000 (14:46 -0300)]
openssl: bump to 1.1.1k
This version fixes 2 security vulnerabilities, among other changes:
- CVE-2021-3450: problem with verifying a certificate chain when using
the X509_V_FLAG_X509_STRICT flag.
- CVE-2021-3449: OpenSSL TLS server may crash if sent a maliciously
crafted renegotiation ClientHello message from a client.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit
0bd0de7d43b3846ad0d7006294e1daaadfa7b532)
Petr Štetiar [Sat, 27 Mar 2021 06:42:14 +0000 (07:42 +0100)]
openssl: sync package download URLs with master
Apparently it fixes some broken URLs and as a bonus it makes
cherry-picking of fixes easier.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Magnus Kroken [Sun, 14 Mar 2021 18:42:33 +0000 (19:42 +0100)]
mbedtls: update to 2.16.10
This release of Mbed TLS provides bug fixes and minor enhancements. This
release includes fixes for security issues.
Security fixes:
* Fix a buffer overflow in mbedtls_mpi_sub_abs()
* Fix an errorneous estimation for an internal buffer in
mbedtls_pk_write_key_pem()
* Fix a stack buffer overflow with mbedtls_net_poll() and
mbedtls_net_recv_timeout()
* Guard against strong local side channel attack against base64 tables
by making access aceess to them use constant flow code
Full release announcement:
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.10
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
(cherry picked from commit
dbde2bcf60b5d5f54501a4b440f25fe7d02fbe5d)
Daniel Golle [Wed, 24 Mar 2021 09:47:12 +0000 (09:47 +0000)]
mwlwifi: add PKG_FLAGS:=nonshared
This should fix the problem of mwlwifi-firmware-* not being found
when using the ImageBuilder.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
9b3aaf1cdb873cc2a7b2f2ef4e72ddb716afba38)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Petr Štetiar [Sun, 1 Nov 2020 13:40:02 +0000 (14:40 +0100)]
scripts: bundle-libraries.sh: fix broken SDK compiler
Recent versions (> 5.33) of `file` report liblto_plugin.so as
executable:
$ file liblto_plugin.so
liblto_plugin.so.0.0.0: ELF 64-bit LSB pie executable ...
Which then leads to improper packaging of the plugin, resulting in the
broken compiler:
configure: checking whether the C compiler works
mips-openwrt-linux-musl/bin/ld: liblto_plugin.so: error loading plugin: liblto_plugin.so: invalid ELF header
As the LTO compiler plugin library is incorrectly packaged as SDK
executable:
$ head -1 ~/staging_dir/toolchain...libexec/gcc/.../liblto_plugin.so
#!/usr/bin/env bash
Fix this by filtering out shared libraries from the patching.
Ref: https://bugzilla.redhat.com/show_bug.cgi?id=
1296868
Acked-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
4b7165722cb0e2ba62ab68e8b90d4d4b0909744c)
Eneas U de Queiroz [Thu, 20 Feb 2020 21:29:04 +0000 (18:29 -0300)]
build: reduce number of files passed to ipk-remove
Instead of using xargs to pass a huge number of files to
script/ipkg-remove, which will usually pick only one, use a more
restrictive wildcard so that, currently, at the most 325 files are
examined, instead of up to over 2,300. The 325-file package is python,
which is picking up python3* ipks. It is about to be removed.
Runner-up is ddns-scripts with 7 files.
This makes a second run of make package/luci/compile go from
real 16.40s; user 17.42s; sys 2.73s
to
real 10.71s; user 9.51s; sys 1.27s
There is a caveat though: if one were to remove the ABI_VERSION of a
package that ends in a digit [0-9], then the old package ipk will not be
removed from the bin directory by make package/abc2/clean.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit
11192484fa320cd233849441bd00ddf58964de42)
Eneas U de Queiroz [Thu, 20 Feb 2020 21:29:03 +0000 (18:29 -0300)]
build: call ipkg-remove using xargs if #args>=512
The wildcard call to clean up luci package (luci*) can pick up over
2,300 files when the full tree is built. Running make package/luci/clean
or a second run of make package/luci/compile would fail with an
'Argument list too long' error.
To avoid that, a maybe_use_xargs function was created that runs the
command straight as usual if the number of arguments is < 512, or saves
the list in a temporary file and feeds it to xargs otherwise.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit
78d1f3ac61b1740f2a45c40bcde0e83246308a18)
Eneas U de Queiroz [Thu, 20 Feb 2020 21:29:02 +0000 (18:29 -0300)]
build: package-ipkg: avoid calling wildcard twice
Instead of calling $(wildcard) to check if the removal list is empty,
then calling it again to actually remove the files, define a function so
that the arguments are expanded only once when it gets called.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit
40acc13ca72ca7d2815dc5d94549d5dc48e16e98)
Koen Vandeputte [Mon, 8 Mar 2021 08:59:46 +0000 (09:59 +0100)]
kernel: bump 4.14 to 4.14.224
Refreshed all patches.
Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Compile-tested on: ar71xx, cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Fri, 5 Mar 2021 08:22:20 +0000 (09:22 +0100)]
kernel: bump 4.14 to 4.14.223
Refreshed all patches.
Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Eneas U de Queiroz [Sun, 21 Feb 2021 21:33:30 +0000 (18:33 -0300)]
wolfssl: bump to v4.7.0-stable
Biggest fix for this version is CVE-2021-3336, which has already been
applied here. There are a couple of low severity security bug fixes as
well.
Three patches are no longer needed, and were removed; the one remaining
was refreshed.
This tool shows no ABI changes:
https://abi-laboratory.pro/index.php?view=objects_report&l=wolfssl&v1=4.6.0&v2=4.7.0
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit
d1dfb577f1c0d5b1f1fa35000c9ad7abdb7d10ed)
Stefan Lippers-Hollmann [Sat, 27 Feb 2021 22:55:08 +0000 (23:55 +0100)]
hostapd: P2P: Fix a corner case in peer addition based on PD Request
p2p_add_device() may remove the oldest entry if there is no room in the
peer table for a new peer. This would result in any pointer to that
removed entry becoming stale. A corner case with an invalid PD Request
frame could result in such a case ending up using (read+write) freed
memory. This could only by triggered when the peer table has reached its
maximum size and the PD Request frame is received from the P2P Device
Address of the oldest remaining entry and the frame has incorrect P2P
Device Address in the payload.
Fix this by fetching the dev pointer again after having called
p2p_add_device() so that the stale pointer cannot be used.
This fixes the following security vulnerabilities/bugs:
- CVE-2021-27803 - A vulnerability was discovered in how p2p/p2p_pd.c
in wpa_supplicant before 2.10 processes P2P (Wi-Fi Direct) provision
discovery requests. It could result in denial of service or other
impact (potentially execution of arbitrary code), for an attacker
within radio range.
Fixes: 17bef1e97a50 ("P2P: Add peer entry based on Provision Discovery Request")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
(cherry picked from commit
1ca5de13a153061feae260864d73d96f7c463785)
Petr Štetiar [Mon, 1 Mar 2021 12:29:19 +0000 (13:29 +0100)]
build: fix checks for GCC11
Fedora 34 already uses GCC11.
Reported-by: Marcin Juszkiewicz <marcin-openwrt@juszkiewicz.com.pl>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
cae69d558135456976b8fc6cb08530d1358cf6d5)
Adrian Schmutzler [Mon, 1 Mar 2021 21:28:13 +0000 (22:28 +0100)]
Revert "base-files: source functions.sh in /lib/functions/system.sh"
This reverts commit
86aeac4fc98f42ac0ce7e0dcf1cb240e16b28f8f.
The reverted commit introduced a cyclic dependency between
/lib/functions.sh and /lib/functions/system.sh. Further details
are found in
282e8173509a ("base-files: do not source system.sh
in functions.sh"), which was applied to master some time ago and
is included in 21.02.
With the current age of 19.07 branch, it seems safer to revert this
mostly cosmetic feature than investing further time into disentangling
the dependencies.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Koen Vandeputte [Thu, 25 Feb 2021 08:18:53 +0000 (09:18 +0100)]
kernel: bump 4.14 to 4.14.222
Refreshed all patches.
Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Adrian Schmutzler [Fri, 13 Mar 2020 15:56:53 +0000 (16:56 +0100)]
base-files: source functions.sh in /lib/functions/system.sh
The file /lib/functions/system.sh depends on find_mtd_index() and
find_mtd_part() located in /lib/function.sh, so let's source that
file.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(backported from commit
ae636effd24a7637cefca58a143063f395c82d05)
Raphaël Mélotte [Wed, 17 Feb 2021 14:58:16 +0000 (15:58 +0100)]
hostapd: backport ignoring 4addr mode enabling error
This is a backport of the upstream commit
58bbbb598144 ("nl80211: Ignore
4addr mode enabling error if it was already enabled").
nl80211_set_4addr_mode() could fail when trying to enable 4addr mode on
an interface that is in a bridge and has 4addr mode already enabled.
This operation would not have been necessary in the first place and this
failure results in disconnecting, e.g., when roaming from one backhaul
BSS to another BSS with Multi AP.
Avoid this issue by ignoring the nl80211 command failure in the case
where 4addr mode is being enabled while it has already been enabled.
Signed-off-by: Raphaël Mélotte <raphael.melotte@mind.be>
[bump PKG_RELEASE, more verbose commit description]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
fb860b4e418c28a0f388f215e5acce103dcee1bf)
Stijn Segers [Thu, 18 Feb 2021 23:53:26 +0000 (00:53 +0100)]
ramips: remove factory image for TP-Link Archer C20 v1
Similarly to the Archer C2 v1, the Archer C20 v1 will brick when one
tries to flash an OpenWrt factory image through the TP-Link web UI.
The wiki page contains an explicit warning about this [1].
Disable the factory image altogether since it serves no purpose.
[1] https://openwrt.org/toh/tp-link/tp-link_archer_c20_v1#installation
Signed-off-by: Stijn Segers <foss@volatilesystems.org>
(backported from commit
0265cba40ad4f2b8ff4473ada123c35b53ffd97a)
Mathias Kresin [Wed, 17 Feb 2021 22:37:54 +0000 (23:37 +0100)]
lantiq: fritz7320: enable USB power supply
The USB ports if a FRIZZ!Box 7320 do not supply power to connected
devices.
Add the GPIOs enabling USB power as regulator, to enable USB power
supply as soon as the USB driver is loaded.
Fixes FS#3624
Signed-off-by: Mathias Kresin <dev@kresin.me>
(cherry picked from commit
6e4e97b2256327bb380ee2a83da9a1ddf657e395)
Eneas U de Queiroz [Wed, 17 Feb 2021 02:21:36 +0000 (23:21 -0300)]
openssl: bump to 1.1.1j
This fixes 4 security vulnerabilities/bugs:
- CVE-2021-2839 - SSLv2 vulnerability. Openssl 1.1.1 does not support
SSLv2, but the affected functions still exist. Considered just a bug.
- CVE-2021-2840 - calls EVP_CipherUpdate, EVP_EncryptUpdate and
EVP_DecryptUpdate may overflow the output length argument in some
cases where the input length is close to the maximum permissable
length for an integer on the platform. In such cases the return value
from the function call will be 1 (indicating success), but the output
length value will be negative.
- CVE-2021-2841 - The X509_issuer_and_serial_hash() function attempts to
create a unique hash value based on the issuer and serial number data
contained within an X509 certificate. However it was failing to
correctly handle any errors that may occur while parsing the issuer
field (which might occur if the issuer field is maliciously
constructed). This may subsequently result in a NULL pointer deref and
a crash leading to a potential denial of service attack.
- Fixed SRP_Calc_client_key so that it runs in constant time. This could
be exploited in a side channel attack to recover the password.
The 3 CVEs above are currently awaiting analysis.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit
482c9ff289c65480c8e7340e1740db24c62f91df)
Hauke Mehrtens [Tue, 16 Feb 2021 22:30:33 +0000 (23:30 +0100)]
OpenWrt v19.07.7: revert to branch defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Tue, 16 Feb 2021 22:30:28 +0000 (23:30 +0100)]
OpenWrt v19.07.7: adjust config defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Koen Vandeputte [Mon, 15 Feb 2021 14:01:33 +0000 (15:01 +0100)]
kernel: bump 4.14 to 4.14.221
Refreshed all patches.
Remove upstreamed hunk in:
- 302-dts-support-layerscape.patch
Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Baptiste Jonglez [Mon, 15 Feb 2021 09:12:59 +0000 (10:12 +0100)]
ramips: ethernet: Disable TSO support to improve stability
Stability of this Ethernet driver has been a long-standing issue, with
many people reporting frequent "transmit queue timeouts" and even
occasional crashes.
Disabling TSO in the driver helps with stability, although it is likely a
workaround and might not fix the issue completely.
There is a slight slowdown in forwarding performance for TCP packets
(75 kpps vs. 80 kpps with comparable CPU utilization), but this is still
enough to forward close to 1 Gbit/s of full-sized packets across multiple
flows.
Master is using a different ethernet driver, so this is not a backport.
Because of this different driver, the upcoming 21.02 release does not seem
to be affected by these stability issues.
Thanks to mrakotiq for the initial patch.
Fixes: FS#2628
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
David Bauer [Mon, 15 Feb 2021 00:21:18 +0000 (01:21 +0100)]
mt76: update to the latest version
5c768de mt76: mt76x0: disable GTK offloading
Signed-off-by: David Bauer <mail@david-bauer.net>
Kurt Roeckx [Sun, 14 Feb 2021 13:28:20 +0000 (14:28 +0100)]
ramips: mark toggle input on EX6150 as a switch
The Netgear EX6150 has an Access Point/Extender switch. Set it as
an EV_SW. Otherwise when it's set to Access Point, it will trigger
failsafe mode during boot.
Fixes: FS#3590
Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
(cherry picked from commit
539966554d6d0686dc8ce62e39ff9e8f4e2d4e74)