Rafał Miłecki [Mon, 9 Sep 2019 07:37:53 +0000 (09:37 +0200)]
mac80211: brcmfmac: backport more kernel 5.4 changes
Patch getting RAM info got upstreamed. A debugging fs entry for testing
reset feature was added.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
681acdcc54d2e59135bb706c38bed942f74ccf74)
Jo-Philipp Wich [Wed, 7 Aug 2019 05:15:07 +0000 (07:15 +0200)]
packages: apply usign padding workarounds to package indexes if needed
Since usign miscalculates SHA-512 digests for input sizes of exactly
64 + N * 128 + 110 or 64 + N * 128 + 111 bytes, we need to apply some
white space padding to avoid triggering the hashing edge case.
While usign itself has been fixed already, there is still many firmwares
in the wild which use broken usign versions to verify current package
indexes so we'll need to carry this workaround in the forseeable future.
Ref: https://forum.openwrt.org/t/signature-check-failed/41945
Ref: https://git.openwrt.org/
5a52b379902471cef495687547c7b568142f66d2
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from commit
e1f588e446c7ceb696b644b37aeab9b3476e2a57)
Jo-Philipp Wich [Tue, 6 Aug 2019 18:55:39 +0000 (20:55 +0200)]
usign: update to latest Git HEAD
This update fixes usign signature verification on files with certain
file sizes triggering a bug in the shipped SHA-512 implementation.
5a52b37 sha512: fix bad hardcoded constant in sha512_final()
3e6648b README: replace unicode character
716c3f2 README: add reference to OpenBSD signify
86d3668 README: provide reference for
ed25519 algorithm
939ec35 usign: main.c: describe necessary arguments for -G
Ref: https://forum.openwrt.org/t/signature-check-failed/41945
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from commit
991dd5a89340367920315a3fd0390a7423e6b34a)
Rafał Miłecki [Sun, 28 Jul 2019 14:21:04 +0000 (16:21 +0200)]
mac80211: brcm: improve brcmfmac debugging of firmware crashes
This provides a complete console messages dump.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
f51e2d031e8125632487d2a0f56b9fa31b71e54f)
Rafał Miłecki [Sun, 28 Jul 2019 14:13:47 +0000 (16:13 +0200)]
mac80211: brcm: update brcmfmac 5.4 patches
Use commits from wireless-drivers-next.git.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
95745e26b319c630a49d2b8284f8afeaa30506da)
Rafał Miłecki [Sun, 21 Jul 2019 21:09:53 +0000 (23:09 +0200)]
mac80211: brcmfmac: backport fixes from kernel 5.4
This fixes:
1) Crash during USB disconnect
2) Crash in brcmf_txfinalize() on rmmod with packets queued
3) Some errors in exit path
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
8231f67218e584be61d32b24bd17cc55e500638c)
Rafał Miłecki [Mon, 22 Jul 2019 11:16:33 +0000 (13:16 +0200)]
mac80211: brcmfmac: backport previously skipped USB fixes
They were skipped due to missing BCDC patches that are backported now.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Mon, 22 Jul 2019 09:37:10 +0000 (11:37 +0200)]
mac80211: brcmfmac: backport BCDC layer changes from kernel 4.12
Those changes are needed for backporting more recent crash fixes. There
are quite many BCDC patches but it's hopefully a very well tested code
by now.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Mon, 22 Jul 2019 08:45:38 +0000 (10:45 +0200)]
mac80211: brcmfmac: rename v4.12 patches to allow more backports
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Hauke Mehrtens [Fri, 28 Jun 2019 19:49:07 +0000 (21:49 +0200)]
kernel: Update to version 4.4.184
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Jo-Philipp Wich [Fri, 21 Jun 2019 12:24:11 +0000 (14:24 +0200)]
LEDE v17.01.7: revert to branch defaults
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Jo-Philipp Wich [Fri, 21 Jun 2019 12:24:11 +0000 (14:24 +0200)]
LEDE v17.01.7: adjust config defaults
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Hauke Mehrtens [Thu, 20 Jun 2019 09:02:20 +0000 (11:02 +0200)]
perf: Fix build on aarch64
Somehow perf depended on libunwind, and libunwind also builds on
aarch64.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Thu, 20 Jun 2019 08:52:14 +0000 (10:52 +0200)]
kernel: Reorder kernel configuration
The following command was run on the configuration:
./scripts/kconfig.pl target/linux/generic/config-4.4 > target/linux/generic/config-4.4-new
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Thu, 20 Jun 2019 10:33:42 +0000 (12:33 +0200)]
layerscape: Adapt patch to changes in upstream kernel
In kernel v4.4.179 the structure of the scripts/mod/file2alias.c file
changed, this adapts the patch to the changes done in the stable
kernel.
This fixes the following compile problem:
HOSTCC scripts/mod/file2alias.o
scripts/mod/file2alias.c:1199:17: error: expected declaration specifiers or '...' before string constant
ADD_TO_DEVTABLE("fslmc", fsl_mc_device_id, do_fsl_mc_entry);
^
scripts/mod/file2alias.c:1199:26: error: unknown type name 'fsl_mc_device_id'
ADD_TO_DEVTABLE("fslmc", fsl_mc_device_id, do_fsl_mc_entry);
^
scripts/mod/file2alias.c:1199:44: error: expected declaration specifiers or '...' before 'do_fsl_mc_entry'
ADD_TO_DEVTABLE("fslmc", fsl_mc_device_id, do_fsl_mc_entry);
^
scripts/mod/file2alias.c:1190:12: warning: 'do_fsl_mc_entry' defined but not used [-Wunused-function]
static int do_fsl_mc_entry(const char *filename, void *symval,
^
SHIPPED scripts/dtc/dtc-parser.tab.h
Fixes: 6c5c3a2edccf ("kernel: Update to version 4.4.182")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Thu, 20 Jun 2019 09:40:23 +0000 (11:40 +0200)]
apm821xx: Revert upstream fix which breaks compile
This reverts a commit added in kernel v4.4.179 which breaks compilation
on the apm821xx target.
This fixes the following compile problem:
drivers/crypto/amcc/crypto4xx_core.c: In function 'crypto4xx_ablkcipher_done':
drivers/crypto/amcc/crypto4xx_core.c:650:21: warning: dereferencing 'void *' pointer
if (pd_uinfo->sa_va->sa_command_0.bf.save_iv == SA_SAVE_IV) {
^
drivers/crypto/amcc/crypto4xx_core.c:650:21: error: request for member 'sa_command_0' in something not a structure or union
drivers/crypto/amcc/crypto4xx_core.c:651:38: error: implicit declaration of function 'crypto_skcipher_reqtfm' [-Werror=implicit-function-declaration]
struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req);
^
drivers/crypto/amcc/crypto4xx_core.c:651:61: error: 'req' undeclared (first use in this function)
struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req);
^
drivers/crypto/amcc/crypto4xx_core.c:651:61: note: each undeclared identifier is reported only once for each function it appears in
drivers/crypto/amcc/crypto4xx_core.c:653:3: error: implicit declaration of function 'crypto4xx_memcpy_from_le32' [-Werror=implicit-function-declaration]
crypto4xx_memcpy_from_le32((u32 *)req->iv,
^
drivers/crypto/amcc/crypto4xx_core.c:654:19: warning: dereferencing 'void *' pointer
pd_uinfo->sr_va->save_iv,
^
drivers/crypto/amcc/crypto4xx_core.c:654:19: error: request for member 'save_iv' in something not a structure or union
drivers/crypto/amcc/crypto4xx_core.c:655:4: error: implicit declaration of function 'crypto_skcipher_ivsize' [-Werror=implicit-function-declaration]
crypto_skcipher_ivsize(skcipher));
^
cc1: some warnings being treated as errors
Fixes: 6c5c3a2edccf ("kernel: Update to version 4.4.182")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Thu, 20 Jun 2019 09:15:28 +0000 (11:15 +0200)]
brcm2708: Adapt patches to kernel update
In kernel 4.4.182 get_user_pages() does not get the write and force
parameter any more, but one flags parameter with WRITE and FORCE
attributes. This adapts the patches to use the changed API and fixes
the compile problems with the brcm2708 target.
This fixes the following compile problem:
drivers/misc/vc04_services/interface/vchiq_arm/vchiq_arm.c: In function 'dump_phys_mem':
drivers/misc/vc04_services/interface/vchiq_arm/vchiq_arm.c:1501:3: warning: passing argument 7 of 'get_user_pages' from incompatible pointer type [-Wincompatible-pointer-types]
pages, /* pages (array of page pointers) */
^
In file included from drivers/misc/vc04_services/interface/vchiq_arm/vchiq_arm.c:42:0:
include/linux/mm.h:1200:6: note: expected 'struct vm_area_struct **' but argument is of type 'struct page **'
long get_user_pages(struct task_struct *tsk, struct mm_struct *mm,
^
drivers/misc/vc04_services/interface/vchiq_arm/vchiq_arm.c:1495:7: error: too many arguments to function 'get_user_pages'
rc = get_user_pages(current, /* task */
^
In file included from drivers/misc/vc04_services/interface/vchiq_arm/vchiq_arm.c:42:0:
include/linux/mm.h:1200:6: note: declared here
long get_user_pages(struct task_struct *tsk, struct mm_struct *mm,
^
scripts/Makefile.build:277: recipe for target 'drivers/misc/vc04_services/interface/vchiq_arm/vchiq_arm.o' failed
Fixes: 6c5c3a2edccf ("kernel: Update to version 4.4.182")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Thu, 20 Jun 2019 08:49:20 +0000 (10:49 +0200)]
kernel: Add CONFIG_RTC to generic config
RTC (the legacy driver) should not really be used, but seems to crop up
after the kernel update. Fix this by disabling it in the generic config.
Fixes the following build issue seen in arm64 or powerpc64:
ARM JTAG DCC console (HVC_DCC) [N/y/?] n
Virtio console (VIRTIO_CONSOLE) [N/m/y/?] n
Enhanced Real Time Clock Support (legacy PC RTC driver) (RTC) [N/m/y/?] (NEW) aborted!
Console input/output is redirected. Run 'make oldconfig' to update configuration.
scripts/kconfig/Makefile:37: recipe for target 'silentoldconfig' failed
This should fix the build on the arm64/generic and the layerscape/64b
targets.
Fixes: 6c5c3a2edccf ("kernel: Update to version 4.4.182")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Sun, 2 Jun 2019 10:36:18 +0000 (12:36 +0200)]
mbedtls: update to version 2.7.10
This fixes multiple bugs and this security problem:
* CVE-2018-19608 Local timing attack on RSA decryption
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Thu, 30 May 2019 20:49:32 +0000 (22:49 +0200)]
kernel: Update to version 4.4.182
Fixes:
- CVE-2019-11479
- CVE-2019-11478
- CVE-2019-11477
- CVE-2019-11833
- CVE-2019-11091
- CVE-2018-12126
- CVE-2018-12130
- CVE-2018-12127
- CVE-2019-3882
- CVE-2019-6974
- CVE-2019-3819
- CVE-2019-7221
- CVE-2019-7222
- CVE-2019-3701
- CVE-2018-19985
- CVE-2018-1120
And probably more
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Rafał Miłecki [Sun, 16 Jun 2019 19:44:51 +0000 (21:44 +0200)]
mac80211: brcmfmac: backport important fixes from kernel 5.2
1) Crash/Oops fixes
2) One-line patch for BCM43456 support
3) Fix communication with some specific FullMAC firmwares
4) Potential fix for "Invalid packet id" errors
5) Important helper for reporting FullMAC firmware crashes
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
2cd234d96bd772119363a77a35bffa6a4931613e)
Eneas U de Queiroz [Fri, 31 May 2019 17:44:31 +0000 (17:44 +0000)]
openssl: update to 1.0.2s
This avoids CVE-2019-9498 and CVE-2019-9499 in hostapd
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[DMARC removal, refreshed patches]
Daniel Bailey [Thu, 18 Apr 2019 19:36:38 +0000 (12:36 -0700)]
openssl: bump to 1.0.2r
This fixes the following security problems:
1.0.2r:
* CVE-2019-1559: 0-byte record padding oracle
Signed-off-by: Daniel Bailey <dbailey@datto.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[fixed patch, refreshed patches]
Josef Schlehofer [Wed, 13 Mar 2019 23:53:41 +0000 (00:53 +0100)]
ca-certificates: update to version
20190110
- Tested on Turris MOX, OpenWrt master
- Removed PKG_BUILD_DIR
In build_dir there were two folders
ca-certificates and ca-certificates-
20190110 and it failed as files
were in ca-certificates-
20190110
Signed-off-by: Josef Schlehofer <josef.schlehofer@nic.cz>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry-picked from commit:
f22c33b40cc7b542b3b31fa0d873d28d3a3482b5)
Christian Schoenebeck [Mon, 30 Jul 2018 19:28:00 +0000 (21:28 +0200)]
ca-caertificates: remove myself as PKG_MAINTAINER
remove myself as PKG_MAINTAINER
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry-picked from commit:
c89195eb25a4dfd093f9d0d3b3adac896bb471ad)
Yousong Zhou [Thu, 5 Jul 2018 10:51:54 +0000 (18:51 +0800)]
ca-certificates: ca-bundle: add symlink for openssl default setting
OpenSSL defaults X509_CERT_FILE to /etc/ssl/cert.pem. This change is
needed for wget-ssl and possibly others to work seamlessly with fresh
ca-bundle installation
Fixes openwrt/packages#6152
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry-picked from commit:
191078e83d127f5ed9a38366d2edaac49f9333c5)
Christian Schoenebeck [Fri, 20 Apr 2018 17:53:09 +0000 (19:53 +0200)]
ca-certificates: Update to Version
20180409
ca-certificates: Update to Version
20180409
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry-picked from commit:
80cb5c5703d7778ee7390da1bcde4878a2349806)
Rafał Miłecki [Thu, 18 Apr 2019 10:37:10 +0000 (12:37 +0200)]
mac80211: brcmfmac: really add early fw crash recovery
Previous commit backported USB fixes instead of firmware crash recovery
patches.
Fixes: eaef74279c8f ("mac80211: brcmfmac: early work on FullMAC firmware crash recovery")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
2d2e615dee0421e126af9d4ebd49a720e341e3af)
Rafał Miłecki [Thu, 18 Apr 2019 09:47:43 +0000 (11:47 +0200)]
mac80211: brcmfmac: early work on FullMAC firmware crash recovery
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
02aed76968d60d254ab9d0d8768f0c54dbfc6d9d)
Rafał Miłecki [Wed, 6 Mar 2019 05:00:00 +0000 (06:00 +0100)]
kernel: fix refcnt leak in LED netdev trigger on interface rename
Renaming a netdev-trigger-tracked interface was resulting in an
unbalanced dev_hold().
Example:
> iw phy phy0 interface add foo type __ap
> echo netdev > trigger
> echo foo > device_name
> ip link set foo name bar
> iw dev bar del
[ 237.355366] unregister_netdevice: waiting for bar to become free. Usage count = 1
[ 247.435362] unregister_netdevice: waiting for bar to become free. Usage count = 1
[ 257.545366] unregister_netdevice: waiting for bar to become free. Usage count = 1
Above problem was caused by trigger checking a dev->name which obviously
changes after renaming an interface. It meant missing all further events
including the NETDEV_UNREGISTER which is required for calling dev_put().
This change fixes that by:
1) Comparing device struct *address* for notification-filtering purposes
2) Dropping unneeded NETDEV_CHANGENAME code (no behavior change)
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
eea538204bb973d73d3bc3d38947d7f85214d486)
Rafał Miłecki [Mon, 25 Feb 2019 21:39:04 +0000 (22:39 +0100)]
mac80211: brcmfmac: backport 5.0 & 5.1 important changes/fixes
This backports the most important brcmfmac commits that:
1) Fix some bugs
2) Help debugging bugs
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
d32bbd747733de5daeb63a8f2c1307f612422f87)
Rafał Miłecki [Mon, 25 Feb 2019 20:58:47 +0000 (21:58 +0100)]
mac80211: brcmfmac: pick few 4.17 cleanups required for further fixes
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Mon, 11 Feb 2019 10:25:54 +0000 (11:25 +0100)]
mac80211: brcmfmac: fix a possible NULL pointer dereference
This fixes a possible crash in the brcmf_fw_request_nvram_done():
[ 31.687293] Backtrace:
[ 31.689760] [<
c004fb4c>] (__wake_up_common) from [<
c004fc38>] (__wake_up_locked+0x1c/0x24)
[ 31.698043] r10:
c6794000 r9:
00000009 r8:
00000001 r7:
bf54dda0 r6:
a0000013 r5:
c78e7d38
[ 31.705928] r4:
c78e7d3c r3:
00000000
[ 31.709528] [<
c004fc1c>] (__wake_up_locked) from [<
c00502a8>] (complete+0x3c/0x4c)
[ 31.717148] [<
c005026c>] (complete) from [<
bf54590c>] (brcmf_fw_request_nvram_done+0x5c8/0x6a4 [brcmfmac])
[ 31.726818] r7:
bf54dda0 r6:
c6794000 r5:
00001990 r4:
c6782380
[ 31.732544] [<
bf545344>] (brcmf_fw_request_nvram_done [brcmfmac]) from [<
c0204e40>] (request_firmware_work_func+0x38/0x60)
[ 31.743607] r10:
00000008 r9:
c6bdd700 r8:
00000000 r7:
c72c3cd8 r6:
c67f4300 r5:
c6bda300
[ 31.751493] r4:
c67f4300
[ 31.754046] [<
c0204e08>] (request_firmware_work_func) from [<
c0034458>] (process_one_work+0x1e0/0x318)
[ 31.763365] r4:
c72c3cc0
[ 31.765913] [<
c0034278>] (process_one_work) from [<
c0035234>] (worker_thread+0x2f4/0x448)
[ 31.774107] r10:
00000008 r9:
00000000 r8:
c6bda314 r7:
c72c3cd8 r6:
c6bda300 r5:
c6bda300
[ 31.781993] r4:
c72c3cc0
[ 31.784545] [<
c0034f40>] (worker_thread) from [<
c003984c>] (kthread+0x100/0x114)
[ 31.791949] r10:
00000000 r9:
00000000 r8:
00000000 r7:
c0034f40 r6:
c72c3cc0 r5:
00000000
[ 31.799836] r4:
c735dc00 r3:
c79ed540
[ 31.803438] [<
c003974c>] (kthread) from [<
c00097d0>] (ret_from_fork+0x14/0x24)
[ 31.810672] r7:
00000000 r6:
00000000 r5:
c003974c r4:
c735dc00
[ 31.816378] Code:
e5b53004 e1a07001 e1a06002 e243000c (
e5934000)
[ 31.822487] ---[ end trace
a0ffbb07a810d503 ]---
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
83bcacb5215c21e1894fbe3d651d83948479ce91)
Sven Roederer [Mon, 28 Jan 2019 19:11:50 +0000 (20:11 +0100)]
openssl: bump to 1.0.2q
This fixes the following security problems:
* CVE-2018-5407: Microarchitecture timing vulnerability in ECC scalar multiplication
* CVE-2018-0734: Timing vulnerability in DSA signature generation
* Resolve a compatibility issue in EC_GROUP handling with the FIPS Object Module
Signed-off-by: Sven Roederer <freifunk@it-solutions.geroedel.de>
(backport of commit
989060478ae270885727d91c25b9b52b0f33743c)
Jo-Philipp Wich [Fri, 18 Jan 2019 17:43:18 +0000 (18:43 +0100)]
opkg: update to latest Git head
d217daf libopkg: fix replacelist parsing and writing
9dd9a07 libopkg: fix segmentation fault when traversing conflicts
34571ba libopkg: consider provided packages in pkg_vec_mark_if_matches()
18740e6 opkg_download: print error when fork() fails
e3d7330 libopkg: don't print unresolved dependencies twice
3b417b9 opkg_download: decode file:/ URLs
71c27cb file_util: implement urldecode_path()
d1fe095 file_util: consolidate hex/unhex routines
ebdfc12 add opkg option http_timeout
9f003e3 opkg: encode archive filenames while constructing download URLs
73e6c81 file_util: implement urlencode_path() helper
468158f libopkg: fix SHA256 calculation for big endian system
4bd8601 pkg_parse: fix segfault when parsing descriptions with leading newlines
52fc006 pkg_alternatives: pass if the desired symlink already exists
c668fce opkg: add --no-check-certificate argument
04e279e pkg_alternatives: use ERROR level for symlink failure
546bc72 pkg: alternatives support
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from commit
1bd18f2b5cbf1c9c384e9725eff7804decf88c90)
Jo-Philipp Wich [Thu, 4 Jan 2018 10:15:45 +0000 (11:15 +0100)]
opkg: switch source url to git.openwrt.org
As LEDE is rebranding to OpenWrt now, adjust the Git source references
accordingly.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from commit
da95c9aa17814d691a7fed6e8297fb29c5600c27)
Jonas Gorski [Mon, 10 Sep 2018 09:42:53 +0000 (11:42 +0200)]
opkg: drop argument from check_signature in opkg.conf
check_signature is a bool option and doesn't take any arguments. The
presence of the 1 falsely suggests setting it to 0 disables the check,
while the option actually needs to be removed or commented out to be
disabled. So remove the argument to make it more clear.
Fixes: beca028bd6bb ("build: add integration for managing opkg package feed keys")
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
(backported from commit
d3bf5ff9bc7b55b2a3dab93853b33a0cd2c4ca47)
Tony Ambardar [Wed, 21 Nov 2018 13:03:12 +0000 (05:03 -0800)]
base-files: install missing /etc/iproute2/ematch_map
This file is needed to properly use the tc ematch modules present in
kmod-sched-core and kmod-sched. It is a read-only index file of ematch
methods used only by tc.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
[cherry picked from commit
10a2ccb7fceef3a6dea4ece14e6141a807292d5f]
Tony Ambardar [Sat, 3 Mar 2018 03:32:24 +0000 (19:32 -0800)]
base-files: fix postinstall uci-defaults removal
Commit
7f694582 introduced a bug where default_postinst() often fails to
remove a uci-defaults script after application, leaving it to run again
after a reboot.
(Note: commit
7f694582 also introduced FS#1021, now fixed by
73c745f6)
The subtle problem arises from the shell logical chain:
[ -f "$i" ] && . "$i" && rm -f "$i"
Most uci-defaults scripts contain a terminal 'exit 0' statement which,
when sourced, results in the logic chain exiting before executing 'rm -f'.
This was observed while testing upgrades of 'luci-app-sqm'.
The solution is to wrap the shell sourcing in a subshell relative to the
command 'rm -f':
( [ -f "$i" ] && . "$i" ) && rm -f "$i"
Revert to using 'grep' to prefilter the list of entries from the control
file, which yields the full path of uci-defaults scripts. This allows
keeping the existence check, directory change and script sourcing inside
the subshell, with the script removal correctly outside.
This approach avoids adding a second subshell only around the "." (source)
command. The change also preserves the fix FS#1021, since the full path is
used to source the script, which is POSIX-portable irrespective of PATH
variable or reference to the CWD.
Run Tested on: LEDE 17.01.4 running ar71xx, while tracing installation of
package luci-app-sqm with its associated /etc/uci-defaults/luci-sqm file.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(backported from
4097ab6a975902b170dd7f7ac6c8025e5f32ef8d)
Koen Vandeputte [Tue, 8 Jan 2019 12:21:02 +0000 (13:21 +0100)]
cns3xxx: use actual size reads for PCIe
upstream commit
802b7c06adc7 ("ARM: cns3xxx: Convert PCI to use generic config accessors")
reimplemented cns3xxx_pci_read_config() using pci_generic_config_read32(),
which preserved the property of only doing 32-bit reads.
It also replaced cns3xxx_pci_write_config() with pci_generic_config_write(),
so it changed writes from always being 32 bits to being the actual size,
which works just fine.
Due to:
- The documentation does not mention that only 32 bit access is allowed.
- Writes are already executed using the actual size
- Extensive testing shows that 8b, 16b and 32b reads work as intended
It makes perfectly sense to also swap 32 bit reading in favor of actual size.
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Rafał Miłecki [Mon, 7 Jan 2019 16:11:23 +0000 (17:11 +0100)]
mac80211: brcmfmac: fix use-after-free & possible NULL pointer dereference
1) Using fwctx variable after brcmf_fw_request_done() was executed meant
accessing freed memory.
2) Using fwctx->completion for the wait_for_completion_timeout() call
could reuslt in NULL pointer dereference on fw loading error or if
brcmf_fw_request_done() was executed quickly enough.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
529c95cc15dc9fcc7709400cc921f2a3c03cd263)
Christian Lamparter [Sun, 30 Dec 2018 19:38:15 +0000 (20:38 +0100)]
apm821xx: switch MX60(W)'s recovery images to multi-image method
In the past, the MX60(W)'s recovery images always had problems
with the size restriction and never really worked without manual
intervention. This patch reworks the initramfs, which allows the
device to ease up on the impossible tight kernel size requirements
for the initramfs image.
This new initramfs can be loaded through the MX60(W) U-boot
in the following way:
=> setenv bootargs console=ttyS0,$baudrate
=> tftpboot $meraki_loadaddr meraki_mx60-initramfs-kernel.bin
[...]
Load address: 0x800000
Loading: ################################################ [...]
done
[...]
=> bootm $fileaddr
\## Booting kernel from Legacy Image at
00800000 ...
...
For more information and the latest flashing guide:
please visit the OpenWrt Wiki Page for the MX60(W):
<https://openwrt.org/toh/meraki/mx60#flashing>
Signed-off-by: Chris Blake <chrisrblake93@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit
36c19c9f0be23ad327085aa762e95de638e19b4a)
Freddy Leitner [Mon, 26 Nov 2018 18:14:19 +0000 (19:14 +0100)]
apm821xx: MBL: load kernel/dtb from SATA 0:1 first
This remedies an issue with the MBL Duo if both disks are inserted
and contain OpenWrt. kernel and dtb would be loaded from SATA 1:1
while rootfs (/dev/sda2) would be mounted on SATA 0:1.
Such a mix&match would obviously only work if both OpenWrt versions/
builds are identical, and especially fail after sysupgrade upgraded
the system disk on SATA 0:1.
The fallback to SATA 1:1 needs to be kept for MBL Single (only has
SATA 1:1) and MBL Duo with one disk inserted on SATA 1:1. To speed
up booting in those cases, the unneccesarily doubled "sata init"
will only be called once. (In theory it could be omitted completely
since the on-flash boot script already initializes SATA to load the
on-disk boot script.)
Tested on MBL Duo (all possible combination of disks) and MBL Single
Signed-off-by: Freddy Leitner <hello@square.wf>
Koen Vandeputte [Tue, 18 Dec 2018 11:42:45 +0000 (12:42 +0100)]
cns3xxx: fix writing to wrong PCI registers
Originally, cns3xxx used it's own functions for mapping, reading and writing registers.
Upstream commit
802b7c06adc7 ("ARM: cns3xxx: Convert PCI to use generic config accessors")
removed the internal PCI config write function in favor of the generic one:
cns3xxx_pci_write_config() --> pci_generic_config_write()
cns3xxx_pci_write_config() expected aligned addresses, being produced by cns3xxx_pci_map_bus()
while the generic one pci_generic_config_write() actually expects the real address
as both the function and hardware are capable of byte-aligned writes.
This currently leads to pci_generic_config_write() writing
to the wrong registers on some ocasions.
First issue seen due to this:
- driver ath9k gets loaded
- The driver wants to write value 0xA8 to register PCI_LATENCY_TIMER, located at 0x0D
- cns3xxx_pci_map_bus() aligns the address to 0x0C
- pci_generic_config_write() effectively writes 0xA8 into register 0x0C (CACHE_LINE_SIZE)
This seems to cause some slight instability when certain PCI devices are used.
Another issue example caused by this this is the PCI bus numbering,
where the primary bus is higher than the secondary, which is impossible.
Before:
00:00.0 PCI bridge: Cavium, Inc. Device 3400 (rev 01) (prog-if 00 [Normal decode])
Flags: bus master, fast devsel, latency 0, IRQ 255
Bus: primary=02, secondary=01, subordinate=ff, sec-latency=0
After fix:
00:00.0 PCI bridge: Cavium, Inc. Device 3400 (rev 01) (prog-if 00 [Normal decode])
Flags: bus master, fast devsel, latency 0, IRQ 255
Bus: primary=00, secondary=01, subordinate=02, sec-latency=0
And very likely some more ..
Fix all by omitting the alignment being done in the mapping function.
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Koen Vandeputte [Mon, 17 Dec 2018 13:30:40 +0000 (14:30 +0100)]
kernel: bump 4.4 to 4.4.167
Refreshed all patches.
Removed upstreamed:
- 203-MIPS-ath79-fix-restart.patch
- 330-Revert-MIPS-BCM47XX-Enable-74K-Core-ExternalSync-for.patch
- 051-0001-ovl-rename-is_merge-to-is_lowest.patch
- 051-0002-ovl-override-creds-with-the-ones-from-the-superblock.patch
- 051-0005-ovl-proper-cleanup-of-workdir.patch
Altered patches:
- 201-extra_optimization.patch
- 304-mips_disable_fpu.patch
Compile-tested on: ar71xx, cns3xxx, imx6, mpc85xx
Runtime-tested on: ar71xx, cns3xxx, imx6, mpc85xx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Jo-Philipp Wich [Wed, 12 Dec 2018 15:53:18 +0000 (16:53 +0100)]
rpcd: update to latest Git head
3aa81d0 file: access exec timeout via daemon ops structure
7235f34 plugin: store pointer to exec timeout value in the ops structure
ccd7c0a treewide: rename exec_timeout to rpc_exec_timeout
c79ef22 main: fix logic bug when not specifying a timeout option
2cc4b99 file: use global exec timeout instead of own hardcoded limit
ecd1660 exec: increase maximum execution time to 120s
41333ab uci: tighten uci reorder operation error handling
f91751b uci: tighten uci delete operation error handling
c2c612b uci: tighten uci set operation error handling
948bb51 uci: tighten uci add operation error handling
51980c6 uci: reject invalid section and option names
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Kevin Darbyshire-Bryant [Tue, 2 Jan 2018 14:34:51 +0000 (14:34 +0000)]
procd: procd_send_signal use signal names
Usage documentation for 'procd_send_signal' states "The signal is SIGHUP
by default, and must be specified by NAME." Make actual behaviour match
the stated documented behaviour.
https://wiki.openwrt.org/inbox/procd-init-scripts
Suggested-by: Jo-Philip Wich <jow@mein.io>
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit
37bb463daa21e2c97365c6543b2bfdfe673c5baa)
Jo-Philipp Wich [Thu, 29 Nov 2018 11:32:34 +0000 (12:32 +0100)]
rules.mk: fix syntax error
Fix broken assignment operator added in a previous commit.
Fixes
db73ec9f51 ("rules.mk: add INSTALL_SUID macro")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
1416b63dcbadbb5c11c2591b4513f5276b6dc744)
Jo-Philipp Wich [Thu, 29 Nov 2018 10:59:20 +0000 (11:59 +0100)]
rules.mk: add INSTALL_SUID macro
This is useful for packages that want to stage SUID executables.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
b0261ee5e9bcbc743960727b5aad1829250d1add)
Tony Ambardar [Sat, 3 Mar 2018 04:04:36 +0000 (20:04 -0800)]
base-files: fix prerm return value, align with postinst code
The return value of a package prerm script is discarded and not returned
correctly by default_prerm(). This allows other operations like service
shutdown to "leak" their return value, prompting workarounds like commit
48cfc826 which do not address the root cause.
Preserve a package prerm script return value for use by default_prerm(),
sharing the corresponding code from default_postinst() for consistency.
Also use consistent code for handling of /etc/init.d/ scripts.
Run Tested on: LEDE 17.01.4 running ar71xx.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit
8806da86f5da3b1b1e4d24259d168e2219c01a26)
Karl Vogel [Thu, 29 Nov 2018 08:07:21 +0000 (09:07 +0100)]
sdk: find kernel modules when KDIR is a symlink
The find statement would not return any results if the KDIR_BASE pointed to a
symlink. Ran into this issue due to a custom Kernel/Prepare that was installing
a symlink to the kernel directory.
The extra slash at the end fixes this scenario and does no harm for targets that
have a proper KDIR.
Signed-off-by: Karl Vogel <karl.vogel@gmail.com>
(cherry picked from commit
ae980458abf8299d614f4b34add32e18d054378d)
Jo-Philipp Wich [Wed, 28 Nov 2018 12:07:36 +0000 (13:07 +0100)]
uhttpd: update to latest Git head
cdfc902 cgi: escape url in 403 error output
0bba1ce uhttpd: fix building without TLS and Lua support
2ed3341 help: document -A option
fa5fd45 file: fix CPP syntax error
77b774b build: avoid redefining _DEFAULT_SOURCE
b741dec lua: support multiple Lua prefixes
952bf9d build: use _DEFAULT_SOURCE
30a18cb uhttpd: recognize PATCH, PUT and DELETE HTTP methods
796d42b client: flush buffered SSL output when tearing down client ustream
393b59e proc: expose HTTP Origin header in process environment
8109b95 file: escape strings in HTML output
d3b9560 utils: add uh_htmlescape() helper
db86175 lua: honour size argument in recv()
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Jo-Philipp Wich [Sat, 24 Nov 2018 19:10:26 +0000 (20:10 +0100)]
uclient: update to latest Git head
3ba74eb uclient-http: properly handle HTTP redirects via proxy connections
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
0bd99db5118665bbe17f84427238c322af3deaae)
Linus Kardell [Thu, 22 Nov 2018 10:35:08 +0000 (11:35 +0100)]
base-files: fix unkillable processes after restart
When restart is run on an init script, the script traps SIGTERM. This is
done as a workaround for scripts named the same name as the program they
start. In that case, the init script process will have the same name as
the program process, and so when the init script runs killall, it will
kill itself. So SIGTERM is trapped to make the init script unkillable.
However, the trap is retained when the init script runs start, and thus
processes started by restart will not respond to SIGTERM, and will thus
be unkillable unless you use SIGKILL. This fixes that by removing the
trap before running start.
Signed-off-by: Linus Kardell <linus@telliq.com>
(cherry picked from commit
2ac1a57677ce4e21513dca2a8efab1eb6e0a9c58)
Rafał Miłecki [Fri, 16 Nov 2018 16:21:49 +0000 (17:21 +0100)]
libubox: update to latest git HEAD
4382c76 switch from typeof to the more portable __typeof__
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Fri, 9 Nov 2018 22:24:11 +0000 (23:24 +0100)]
mac80211: brcmfmac: add 2 more recent changes
First one is a fix for reporting channels to the user space. Important
for users as they could try setting invalid channel and fail to start an
interface.
Later is a support for newer FullMAC chipset firmwares.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Wed, 7 Nov 2018 12:10:20 +0000 (13:10 +0100)]
mac80211: brcmutil: backport chanspec debugging patch
It helps debugging possible WARN-ings.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Wed, 7 Nov 2018 12:06:52 +0000 (13:06 +0100)]
mac80211: brcmfmac: backport the latest 4.20 changes
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
b50f162b3cce3d95874e4394f4765413f58765f1)
Rafał Miłecki [Wed, 7 Nov 2018 12:06:48 +0000 (13:06 +0100)]
mac80211: brcmfmac: rename 4.20 backport patches
Include kernel version to help tracking changes.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Tue, 4 Sep 2018 13:20:34 +0000 (15:20 +0200)]
mac80211: add iw command wrapper with error logging
Currently it's close to impossible to tell what part of mac80211 setup
went wrong. Errors logged into system log look like this:
radio0 (6155): command failed: No error information (-524)
radio0 (6155): command failed: Not supported (-95)
radio0 (6155): command failed: I/O error (-5)
radio0 (6155): command failed: Too many open files in system (-23)
With this commit change it's getting clear:
command failed: No error information (-524)
Failed command: iw dev wlan0 del
command failed: Not supported (-95)
Failed command: iw phy phy0 set antenna_gain 0
command failed: I/O error (-5)
Failed command: iw phy phy0 set distance 0
command failed: Too many open files in system (-23)
Failed command: iw phy phy0 interface add wlan0 type __ap
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
ffa80bf5a784a34b81e32144669f30560780bdb6)
Rafał Miłecki [Wed, 12 Sep 2018 07:33:34 +0000 (09:33 +0200)]
mac80211: brcmfmac: backport first important changes from the 4.20
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Hauke Mehrtens [Sun, 2 Sep 2018 13:16:13 +0000 (15:16 +0200)]
LEDE v17.01.6: revert to branch defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Sun, 2 Sep 2018 13:16:09 +0000 (15:16 +0200)]
LEDE v17.01.6: adjust config defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Jo-Philipp Wich [Thu, 23 Aug 2018 17:08:58 +0000 (19:08 +0200)]
grub2: rebase patches
Patch 300-CVE-2015-8370.patch was added without proper rebasing on the
version used by OpenWrt, make it apply and refresh the patch to fix
compilation.
Fixes: 7e73e9128f ("grub2: Fix CVE-2015-8370")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
9ffbe84ea49fc643f41bfdf687de99aee17c9154)
Rosen Penev [Thu, 23 Aug 2018 02:07:56 +0000 (19:07 -0700)]
bzip2: Fix CVE-2016-3189
Issue causes a crash with specially crafted bzip2 files.
More info: https://nvd.nist.gov/vuln/detail/CVE-2016-3189
Taken from Fedora.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
f9469efbfa7ce892651f9a6da713eacbef66f177)
Rosen Penev [Thu, 23 Aug 2018 02:07:57 +0000 (19:07 -0700)]
grub2: Fix CVE-2015-8370
This CVE is a culmination of multiple integer overflow issues that cause
multiple issues like Denial of Service and authentication bypass.
More info: https://nvd.nist.gov/vuln/detail/CVE-2015-8370
Taken from Fedora.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
7e73e9128f6a63b9198c88eea97c267810447be4)
Jo-Philipp Wich [Wed, 29 Aug 2018 11:16:34 +0000 (13:16 +0200)]
scripts: bundle-libraries: fix logic flaw
Previous refactoring of the script moved the LDSO detection into a
file-not-exists condition, causing onyl the very first executable to
get bundled.
Solve the problem by unconditionally checking for LDSO again.
Fixes: 9030a78a71 ("scripts: bundle-libraries: prevent loading host locales")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
5ebcd32997b6d10abcd29c8795a598fdcaf4521d)
Jo-Philipp Wich [Sat, 25 Aug 2018 12:46:57 +0000 (14:46 +0200)]
scripts: bundle-libraries: prevent loading host locales (FS#1803)
Binary patch the bundled glibc library to inhibit loading of host locale
archives in order to avoid triggering internal libc assertions when
invoking shipped, bundled executables.
The problem has been solved with upstream Glibc commit
0062ace229 ("Gracefully handle incompatible locale data") but we still
need to deal with older Glibc binaries for some time to come.
Fixes FS#1803
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
9030a78a716b0a2eeed4510d4a314393262255c2)
Hauke Mehrtens [Thu, 30 Aug 2018 10:47:44 +0000 (12:47 +0200)]
kernel: bump kernel 4.4 to version 4.4.153
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Thu, 30 Aug 2018 09:55:30 +0000 (11:55 +0200)]
mt76: Fix mirror hash
The mirror hash added in this commit was wrong.
The file on the mirror server and the newly generated file from git have
a different hash value, use that one.
Fixes: 4b5861c47 ("mt76: update to the latest version")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hans Dedecker [Fri, 24 Aug 2018 13:02:24 +0000 (15:02 +0200)]
dropbear: backport upstream fix for CVE-2018-15599
CVE description :
The recv_msg_userauth_request function in svr-auth.c in Dropbear through
2018.76 is prone to a user enumeration vulnerability because username
validity affects how fields in SSH_MSG_USERAUTH messages are handled,
a similar issue to CVE-2018-15473 in an unrelated codebase.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Hauke Mehrtens [Wed, 22 Aug 2018 18:40:53 +0000 (20:40 +0200)]
kernel: bump kernel 4.4 to version 4.4.151
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Tue, 21 Aug 2018 21:22:01 +0000 (23:22 +0200)]
kernel: bump kernel 4.4 to version 4.4.150
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Paul Wassi [Mon, 26 Mar 2018 11:51:01 +0000 (13:51 +0200)]
tools/e2fsprogs: update to 1.44.1
Update e2fsprogs to upstream 1.44.1 (feature and bugfix release)
Signed-off-by: Paul Wassi <p.wassi@gmx.at>
(cherry picked from commit
8262179f4a007035a531bb913261f5f91115fad8)
Ansuel Smith [Fri, 9 Mar 2018 01:29:58 +0000 (02:29 +0100)]
e2fsprogs: bump to 1.44.0
Fix compilation error
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
(cherry picked from commit
a9c00578b5c55357117db9dbbbd4e5652b9b4648)
Rosen Penev [Wed, 22 Nov 2017 05:57:53 +0000 (21:57 -0800)]
tools/e2fsprogs: Update to 1.43.7
Compile tested on Fedora 27.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
08cc9a2ca8536e9808b60145cd0e10bdcfc98aca)
Daniel Engberg [Fri, 8 Sep 2017 07:42:23 +0000 (09:42 +0200)]
tools/e2fsprogs: Update to 1.43.6
Update e2fsprogs to 1.43.6
* Remove FreeBSD patch as it's not needed, FreeBSD 9.1 is EoL and this
is compiling on FreeBSD 11.1.
* Remove libmagic patch, RHEL 5 is EoL (End of Production Phase) since
March 31, 2017.
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit
ed617fd8f2f39e18ad435883db5b4100e6f7f977)
Daniel Engberg [Mon, 7 Aug 2017 02:42:21 +0000 (04:42 +0200)]
tools/e2fsprogs: Update to 1.43.5
Update e2fsprogs to 1.43.5
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit
8477d5454531a35306d57c123c89602fee71a07f)
Daniel Engberg [Mon, 6 Feb 2017 19:05:36 +0000 (20:05 +0100)]
tools/e2fsprogs: Update to 1.43.4
* Update to 1.43.4
* Refresh patches
* xz tarball which saves about 2M in size
Changelog: http://e2fsprogs.sourceforge.net/e2fsprogs-release.html#1.43.4
Tested by Etienne Haarsma (ar71xx), Daniel Engberg (kirkwood)
Signed-off-by: Etienne Haarsma <bladeoner112@gmail.com>
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [use @KERNEL instead of harcoded URL]
(cherry picked from commit
34ba64fe708e45b7c042e2d273e66d4ce03df4e3)
Matthias Schiffer [Tue, 21 Aug 2018 18:29:12 +0000 (20:29 +0200)]
Revert "tools/e2fsprogs: fix building on a glibc 2.27 host"
This reverts commit
58a95f0f8ff768b43d68eed2b6a786e0f40f723b.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Daniel Engberg [Thu, 7 Jun 2018 17:21:12 +0000 (19:21 +0200)]
tools/bison: Update to 3.0.5
Update bison to 3.0.5
Bugfix release
Remove 001-fix-macos-vasnprintf.patch as it is fixed upstream
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Rafał Miłecki [Fri, 17 Aug 2018 10:26:53 +0000 (12:26 +0200)]
mac80211: brcmfmac: fix compilation with SDIO support
This fixes following error when compiling with CONFIG_BRCMFMAC_SDIO=y:
drivers/net/wireless/broadcom/brcm80211/brcmfmac/sdio.c:1100:23: error: 'sdiod' undeclared (first use in this function)
brcmf_dev_coredump(&sdiod->func1->dev);
Fixes: 9d8940c5b92f ("mac80211: brcmfmac: backport important changes from the 4.18")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Thu, 16 Aug 2018 14:34:21 +0000 (16:34 +0200)]
mac80211: brcmfmac: backport patch setting WIPHY_FLAG_HAVE_AP_SME
It's an important hint for authenticator (e.g. hostapd) about hardware
capabilities.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Thu, 16 Aug 2018 09:38:30 +0000 (11:38 +0200)]
mac80211: brcmfmac: backport important changes from the 4.19
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Thu, 16 Aug 2018 09:26:10 +0000 (11:26 +0200)]
mac80211: brcmfmac: backport important changes from the 4.18
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Thu, 16 Aug 2018 08:58:27 +0000 (10:58 +0200)]
mac80211: brcmfmac: backport important changes from the 4.16
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Thu, 16 Aug 2018 08:48:54 +0000 (10:48 +0200)]
mac80211: brcmfmac: backport important changes from the 4.15
Two more patches that may be worth backporting in the future:
fdd0bd88ceae brcmfmac: add CLM download support
cc124d5cc8d8 brcmfmac: fix CLM load error for legacy chips when user helper is enabled
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Thu, 16 Aug 2018 08:29:56 +0000 (10:29 +0200)]
mac80211: brcmfmac: backport important changes from the 4.14
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Thu, 16 Aug 2018 08:19:01 +0000 (10:19 +0200)]
mac80211: brcmfmac: backport important changes from the 4.13
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Thu, 16 Aug 2018 08:02:41 +0000 (10:02 +0200)]
mac80211: brcmfmac: backport important changes from the 4.12
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Thu, 16 Aug 2018 07:48:51 +0000 (09:48 +0200)]
mac80211: brcmfmac: backport use-after-free fix from 4.11
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Rafał Miłecki [Thu, 16 Aug 2018 07:15:12 +0000 (09:15 +0200)]
mac80211: brcmfmac: group 4.11 backport patches
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Hauke Mehrtens [Wed, 15 Aug 2018 20:17:11 +0000 (22:17 +0200)]
openssl: update to version 1.0.2p
This fixes the following security problems:
* CVE-2018-0732: Client DoS due to large DH parameter
* CVE-2018-0737: Cache timing vulnerability in RSA Key Generation
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Wed, 15 Aug 2018 16:53:23 +0000 (18:53 +0200)]
kernel: bump kernel 4.4 to version 4.4.148
The following patch was integrated upstream:
* target/linux/generic/patches-4.4/005-ext4-fix-check-to-prevent-initializing-reserved-inod.patch
This fixes tries to work around the following security problems:
* CVE-2018-3620 L1 Terminal Fault OS, SMM related aspects
* CVE-2018-3646 L1 Terminal Fault Virtualization related aspects
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Fri, 10 Aug 2018 19:54:02 +0000 (21:54 +0200)]
mbedtls: update to version 2.7.5
This fixes the following security problems:
* CVE-2018-0497: Remote plaintext recovery on use of CBC based ciphersuites through a timing side-channel
* CVE-2018-0498: Plaintext recovery on use of CBC based ciphersuites through a cache based side-channel
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Fri, 10 Aug 2018 19:39:06 +0000 (21:39 +0200)]
curl: fix some security problems
This fixes the following security problems:
* CVE-2017-
1000254: FTP PWD response parser out of bounds read
* CVE-2017-
1000257: IMAP FETCH response out of bounds read
* CVE-2018-
1000005: HTTP/2 trailer out-of-bounds read
* CVE-2018-
1000007: HTTP authentication leak in redirects
* CVE-2018-
1000120: FTP path trickery leads to NIL byte out of bounds write
* CVE-2018-
1000121: LDAP NULL pointer dereference
* CVE-2018-
1000122: RTSP RTP buffer over-read
* CVE-2018-
1000301: RTSP bad headers buffer over-read
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
John Crispin [Fri, 10 Aug 2018 13:48:21 +0000 (15:48 +0200)]
wpa_supplicant: fix CVE-2018-14526
Unauthenticated EAPOL-Key decryption in wpa_supplicant
Published: August 8, 2018
Identifiers:
- CVE-2018-14526
Latest version available from: https://w1.fi/security/2018-1/
Vulnerability
A vulnerability was found in how wpa_supplicant processes EAPOL-Key
frames. It is possible for an attacker to modify the frame in a way that
makes wpa_supplicant decrypt the Key Data field without requiring a
valid MIC value in the frame, i.e., without the frame being
authenticated. This has a potential issue in the case where WPA2/RSN
style of EAPOL-Key construction is used with TKIP negotiated as the
pairwise cipher. It should be noted that WPA2 is not supposed to be used
with TKIP as the pairwise cipher. Instead, CCMP is expected to be used
and with that pairwise cipher, this vulnerability is not applicable in
practice.
When TKIP is negotiated as the pairwise cipher, the EAPOL-Key Key Data
field is encrypted using RC4. This vulnerability allows unauthenticated
EAPOL-Key frames to be processed and due to the RC4 design, this makes
it possible for an attacker to modify the plaintext version of the Key
Data field with bitwise XOR operations without knowing the contents.
This can be used to cause a denial of service attack by modifying
GTK/IGTK on the station (without the attacker learning any of the keys)
which would prevent the station from accepting received group-addressed
frames. Furthermore, this might be abused by making wpa_supplicant act
as a decryption oracle to try to recover some of the Key Data payload
(GTK/IGTK) to get knowledge of the group encryption keys.
Full recovery of the group encryption keys requires multiple attempts
(128 connection attempts per octet) and each attempt results in
disconnection due to a failure to complete the 4-way handshake. These
failures can result in the AP/network getting disabled temporarily or
even permanently (requiring user action to re-enable) which may make it
impractical to perform the attack to recover the keys before the AP has
already changes the group keys. By default, wpa_supplicant is enforcing
at minimum a ten second wait time between each failed connection
attempt, i.e., over 20 minutes waiting to recover each octet while
hostapd AP implementation uses 10 minute default for GTK rekeying when
using TKIP. With such timing behavior, practical attack would need large
number of impacted stations to be trying to connect to the same AP to be
able to recover sufficient information from the GTK to be able to
determine the key before it gets changed.
Vulnerable versions/configurations
All wpa_supplicant versions.
Acknowledgments
Thanks to Mathy Vanhoef of the imec-DistriNet research group of KU
Leuven for discovering and reporting this issue.
Possible mitigation steps
- Remove TKIP as an allowed pairwise cipher in RSN/WPA2 networks. This
can be done also on the AP side.
- Merge the following commits to wpa_supplicant and rebuild:
WPA: Ignore unauthenticated encrypted EAPOL-Key data
This patch is available from https://w1.fi/security/2018-1/
- Update to wpa_supplicant v2.7 or newer, once available
Signed-off-by: John Crispin <john@phrozen.org>
Luis Araneda [Thu, 9 Aug 2018 02:32:46 +0000 (22:32 -0400)]
tools: findutils: fix compilation with glibc 2.28
Add a temporary workaround to compile with glibc 2.28
as some constants were removed and others made private
Signed-off-by: Luis Araneda <luaraneda@gmail.com>
Luis Araneda [Thu, 9 Aug 2018 02:32:45 +0000 (22:32 -0400)]
tools: m4: fix compilation with glibc 2.28
Add a temporary workaround to compile with glibc 2.28
as some constants were removed and others made private
Signed-off-by: Luis Araneda <luaraneda@gmail.com>
Rafał Miłecki [Fri, 27 Jul 2018 13:57:13 +0000 (15:57 +0200)]
brcm47xx: revert upstream commit breaking BCM4718A1
This fixes kernel hang when booting on BCM4718A1 (& probably BCM4717A1).
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
4c1aa64b4d804e77dfaa8d53e5ef699fcced4b18)
Fixes: aaecfecdcde5 ("kernel: bump kernel 4.4 to version 4.4.139")