openwrt/staging/hauke.git
4 years agoconfig: kernel: fix typo in HFSPLUG_FS_POSIX_ACL
Stijn Tintel [Thu, 28 Nov 2019 00:01:05 +0000 (02:01 +0200)]
config: kernel: fix typo in HFSPLUG_FS_POSIX_ACL

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 5f6833395293548f9fdf4897d9766417f2990bac)

4 years agouboot-envtools: ath79: add support for YunCore XD4200 and A782
Piotr Dymacz [Wed, 13 Nov 2019 13:51:31 +0000 (14:51 +0100)]
uboot-envtools: ath79: add support for YunCore XD4200 and A782

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
(cherry picked from commit 5d2a900163d0a161e6fa5e63436b57deea31287e)

4 years agoath79: add support for YunCore XD4200 and A782
Piotr Dymacz [Tue, 12 Nov 2019 21:36:28 +0000 (22:36 +0100)]
ath79: add support for YunCore XD4200 and A782

YunCore XD4200 ('XD4200_W6.0' marking on PCB) is Qualcomm/Atheros based
(QCA9563, QCA9886, QCA8334) dual-band, Wave-2 AC1200 ceiling AP with PoE
(802.3at) support. A782 model ('T750_V5.1' marking on PCB) is a smaller
version of the XD4200, with similar specification but lower TX power.

Specification:

- QCA9563 (775 MHz)
- 128 MB of RAM (DDR2)
- 16 MB of FLASH (SPI NOR)
- 2x 10/100/1000 Mbps Ethernet (QCA8334), with 802.3at PoE support (WAN)
- Wi-Fi 2.4 GHz:
  - XD4200: 2T2R (QCA9563), with ext. PA (SKY65174-21) and LNA
  - A782: 2T2R (QCA9563), with ext. FEM (SKY85329-11)
- Wi-Fi 5 GHz:
  - XD4200: 2T2R (QCA9886), with ext. FEM (SKY85728-11)
  - A782: 2T2R (QCA9886), with ext. FEM (SKY85735-11)
- LEDs:
  - XD4200: 5x (2x driven by SOC, 1x driven by AC radio, 2x Ethernet)
  - A782: 3x (1x RGB, driven by SOC and radio, 2x Ethernet)
- 1x button (reset)
- 1x UART (4-pin, 2.54 mm pitch) header on PCB
- 1x DC jack (12 V)

Flash instructions:

If your device comes with generic QSDK based firmware, you can login
over telnet (login: root, empty password, default IP: 192.168.188.253),
issue first (important!) 'fw_setenv' command and then perform regular
upgrade, using 'sysupgrade -n -F ...' (you can use 'wget' to download
image to the device, SSH server is not available):

  fw_setenv bootcmd "bootm 0x9f050000 || bootm 0x9fe80000"
  sysupgrade -n -F openwrt-...-yuncore_...-squashfs-sysupgrade.bin

In case your device runs firmware with YunCore custom GUI, you can use
U-Boot recovery mode:

1. Set a static IP 192.168.0.141/24 on PC and start TFTP server with
   'tftp' image renamed to 'upgrade.bin'
2. Power the device with reset button pressed and release it after 5-7
   seconds, recovery mode should start downloading image from server
   (unfortunately, there is no visible indication that recovery got
   enabled - in case of problems check TFTP server logs)

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
(backported from commit e5d4c0966736287c7ade29c5ccaf6f1ad841b7db)

4 years agoath79: add support for YunCore TFTP image generation
Vincent Wiemann [Mon, 12 Aug 2019 23:26:45 +0000 (01:26 +0200)]
ath79: add support for YunCore TFTP image generation

YunCore QCA9k based devices released in 2019 require a custom TFTP image
for U-Boot built-in recovery mode (triggered with reset button). Image
has to be prepended with 'YUNCORE' keyword followed by U-Boot CLI
commands which will be executed later. Images without the custom header
will be ignored by U-Boot.

To be able to support both the vendor firmware (QSDK) and OpenWrt flash
layouts, used here commands change the 'bootcmd' before flashing image.

This commit adds generic helper script for YunCore devices with 16 MB of
flash and enables TFTP image generation for A770 model.

Signed-off-by: Vincent Wiemann <vincent.wiemann@ironai.com>
[pepe2k@gmail.com: commit description reworded, recipe renamed]
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
(cherry picked from commit 8016f648640e8f73f0dc4fc307fb6bebd12afb88)

4 years agoath79: Add support for TP-Link Archer C60 v2
Adrian Schmutzler [Sun, 5 May 2019 16:46:09 +0000 (18:46 +0200)]
ath79: Add support for TP-Link Archer C60 v2

TP-Link Archer C60 v2 is a dual-band AC1350 router,
based on Qualcomm/Atheros QCA9561 + QCA9886.

Specification:

- 775/650/258 MHz (CPU/DDR/AHB)
- 64 MB of RAM (DDR2)
- 8 MB of FLASH (SPI NOR)
- 3T3R 2.4 GHz
- 2T2R 5 GHz
- 5x 10/100 Mbps Ethernet
- 7x LED, 2x button
- UART header on PCB

Flash instruction (WebUI):
Download *-factory.bin image and upload it via the firmwary upgrade
function of the stock firmware WebUI.

Flash instruction (TFTP):
1. Set PC to fixed IP address 192.168.0.66
2. Download *-factory.bin image and rename it to tp_recovery.bin
3. Start a tftp server with the file tp_recovery.bin in its root
   directory
4. Turn off the router
5. Press and hold reset button
6. Turn on router with the reset button pressed and wait ~15 seconds
7. Release the reset button and after a short time the firmware should
   be transferred from the tftp server
8. Wait ~30 second to complete recovery

Flash instruction (under U-Boot, using UART):
tftp 0x81000000 ...-sysupgrade.bin
erase 0x9f030000 +$filesize
cp.b $fileaddr 0x9f030000 $filesize
reset

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 974d6958a7c6332438ab4cda98e72156c8d944ed)

4 years agoath79: Add support for TP-Link Archer C60 v1
Adrian Schmutzler [Sun, 5 May 2019 16:36:43 +0000 (18:36 +0200)]
ath79: Add support for TP-Link Archer C60 v1

TP-Link Archer C60v1 is a dual-band AC1350 router,
based on Qualcomm/Atheros QCA9561+QCA9886.

Specification:

- 775/650/258 MHz (CPU/DDR/AHB)
- 64 MB of RAM (DDR2)
- 8 MB of FLASH (SPI NOR)
- 3T3R 2.4 GHz
- 2T2R 5 GHz
- 5x 10/100 Mbps Ethernet
- 7x LED, 2x button
- UART header on PCB

Flash instruction (WebUI):
Download *-factory.bin image and upload it via the firmwary upgrade
function of the stock firmware WebUI.

Flash instruction (TFTP):
1. Set PC to fixed ip address 192.168.0.66
2. Download *-factory.bin image and rename it to tp_recovery.bin
3. Start a tftp server with the file tp_recovery.bin in its root directory
4. Turn off the router
5. Press and hold Reset button
6. Turn on router with the reset button pressed and wait ~15 seconds
7. Release the reset button and after a short time
the firmware should be transferred from the tftp server
8. Wait ~30 second to complete recovery.

Flash instruction under U-Boot, using UART:
1. tftp 0x81000000 ...-sysupgrade.bin
2. erase 0x9f020000 +$filesize
3. cp.b $fileaddr 0x9f020000 $filesize
4. reset

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 6d313da6dc5f655d92aa86e2ec42ecfcf763df3d)

4 years agobase-files: config_generate: split macaddr with multiple ifaces
Sungbo Eo [Mon, 11 Nov 2019 16:20:45 +0000 (01:20 +0900)]
base-files: config_generate: split macaddr with multiple ifaces

netifd does not handle network.@device[x].name properly if it
contains multiple ifaces separated by spaces. Due to this, board.d
lan_mac setup does not work if multiple ifaces are set to LAN by
ucidef_set_interface_lan.

To fix this, create a device node for each member iface when
running config_generate instead. Those are named based on the
member ifname:

  ucidef_set_interface_lan "eth0 eth1.1"
  ucidef_set_interface_macaddr "lan" "yy:yy:yy:yy:yy:01"

will return

  config device 'lan_eth0_dev'
        option name 'eth0'
        option macaddr 'yy:yy:yy:yy:yy:01'

  config device 'lan_eth1_1_dev'
        option name 'eth1.1'
        option macaddr 'yy:yy:yy:yy:yy:01'

ref: https://github.com/openwrt/openwrt/pull/2542

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
[always use new scheme, extend description, change commit title]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 298814e6be7640d89328de9e7c90d4349e30683f)

4 years agoar71xx: ubnt-(xm,xw): add rssileds package
Lech Perczak [Sun, 17 Nov 2019 19:58:27 +0000 (20:58 +0100)]
ar71xx: ubnt-(xm,xw): add rssileds package

In order to make RSSI indicator on the device work out of box,
include "rssileds" package in per-device rootfs image by default
for Ubiquiti XM and XW devices, namely:
- Bullet M (XM/XW)
- Rocket M (XM/XW)
- Nanostation M (XM/XW)
- Nanostation Loco-M (XW)

This moves the package addition to the individual devices in order
to prevent accidental inclusions of the package when not looking
at the parent node carefully enough.

Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
[add bullet-m-xw, remove rocket-m-ti, extend commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 08d9c95417399ac8615df210f4381cca68a4b25c)

4 years agoath79: add PoE passthrough switch for Ubiquiti Nanostation (XM/XW)
Adrian Schmutzler [Mon, 18 Nov 2019 22:59:06 +0000 (23:59 +0100)]
ath79: add PoE passthrough switch for Ubiquiti Nanostation (XM/XW)

This adds the gpio switch to enable PoE passthrough on Ubiquiti
Nanostation (XM/XW).

Values are copied from the implementation in ar71xx.

GPIO values checked on:
- NanoStation M5 XW
- NanoStation M2 XM

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 317e98a5a2c6f1e2ac599ec530478669b965602c)

4 years agouboot-envtools: ramips: add support for ALFA Network Quad-E4G
Piotr Dymacz [Sun, 3 Nov 2019 11:17:52 +0000 (12:17 +0100)]
uboot-envtools: ramips: add support for ALFA Network Quad-E4G

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
(cherry picked from commit 10bcf1eb40b728b3583c1a7693111f27a9801dc5)

4 years agoramips: add support for ALFA Network Quad-E4G
Piotr Dymacz [Sun, 3 Nov 2019 11:12:44 +0000 (12:12 +0100)]
ramips: add support for ALFA Network Quad-E4G

ALFA Network Quad-E4G is a universal Wi-Fi/4G platform, which offers
three miniPCIe (PCIe, USB 2.0, SIM) and a single M.2 B-key (dual-SIM,
USB 3.0) slots, RTC and five Gigabit Ethernet ports with PoE support.

Specification:

- MT7621A (880 MHz)
- 256/512 MB of RAM (DDR3)
- 16/32+ MB of FLASH (SPI NOR)
- optional second SPI flash (8-pin WSON/SOIC)
- 1x microSD (SDXC) flash card reader
- 5x 10/100/1000 Mbps Ethernet, with passive PoE support (24 V) in LAN1
- optional 802.3at/af PoE module for WAN
- 3x miniPCIe slot (with PCIe and USB 2.0 buses, micro SIM and 5 V)
- 1x M.2/NGFF B-key 3042 (USB 3.0/2.0, mini + micro SIM)
- RTC (TI BQ32002, I2C bus) with backup battery (CR2032)
- external hardware watchdog (EM Microelectronic EM6324)
- 1x USB 2.0 Type-A
- 1x micro USB Type-B for system serial console (Holtek HT42B534)
- 11x LED (5 for Ethernet, 5 driven by GPIO, 1x power indicator)
- 3x button (reset, user1, user2)
- 1x I2C (4-pin, 2.54 mm pitch) header on PCB
- 4x SIM (6-pin, 2.00 mm pitch) headers on PCB
- 2x UART2/3 (4-pin, 2.54 mm pitch) headers on PCB
- 1x mechanical power switch
- 1x DC jack with lock (24 V)

Other:

- U-Boot selects default SIM slot, based on value of 'default_sim' env
  variable: '1' or unset -> SIM1 (mini), '2' -> SIM2 (micro). This board
  has additional logic circuit for M.2 SIM switching. The 'sim-select'
  will work only if both SIM slots are occupied. Otherwise, always slot
  with SIM inside is selected, no matter 'sim-select' value.
- U-Boot enables power in all three miniPCIe and M.2 slots before
  loading the kernel
- this board supports 'dual image' feature (controlled by 'dual_image'
  U-Boot environment variable)
- all three miniPCIe slots have additional 5 V supply on pins 47 and 49
- the board allows to install up to two oversized miniPCIe cards (vendor
  has dedicated MediaTek MT7615N/D cards for this board)
- this board has additional logic circuit controlling PERSTn pins inside
  miniPCIe slots. By default, PERSTn (GPIO19) is routed to all miniPCIe
  slots but setting GPIO22 to high allows PERSTn control per slot, using
  GPIO23-25 (value is inverted)

Flash instructions:

You can use the 'sysupgrade' image directly in vendor firmware which is
based on OpenWrt (make sure to not preserve settings - use 'sysupgrade
-n -F ...' command). Alternatively, use web recovery mode in U-Boot:

1. Power the device with reset button pressed, the modem LED will start
   blinking slowly and after ~3 seconds, when it starts blinking faster,
   you can release the button.
2. Setup static IP 192.168.1.2/24 on your PC.
3. Go to 192.168.1.1 in browser and upload 'sysupgrade' image.

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
(backported from commit e68539aca43a560077364de27eb220f1d85ca3ef)

4 years agouboot-envtools: ramips: add support for ALFA Network R36M-E4G
Piotr Dymacz [Wed, 30 Oct 2019 20:48:09 +0000 (21:48 +0100)]
uboot-envtools: ramips: add support for ALFA Network R36M-E4G

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
(cherry picked from commit 3cfea3a32125a2c59dfaa9103804ad51609ebe9d)

4 years agoramips: add support for ALFA Network R36M-E4G
Piotr Dymacz [Tue, 29 Oct 2019 23:10:40 +0000 (00:10 +0100)]
ramips: add support for ALFA Network R36M-E4G

ALFA Network R36M-E4G is a dual-SIM, N300 Wi-Fi, compact size platform
based on MediaTek MT7620A WiSoC. This product is designed for operation
with 4G modem (can be bought in bundle with Quectel EC25, EG25 or EP06)
but supports also Wi-Fi modules (miniPCIe slot has USB and PCIe buses).

Specification:

- MT7620A (580 MHz)
- 64/128/256 MB of RAM (DDR2)
- 16/32+ MB of FLASH (SPI NOR)
- 2x 10/100 Mbps Ethernet, with passive PoE support (24 V)
- 2T2R 2.4 GHz (MT7620A), with ext. LNA (RFFM4227)
- 1x miniPCIe slot (with PCIe and USB 2.0 buses and optional 5 V)
- 2x SIM slot (mini, micro) with detect and switch driven by GPIO
- 2x u.fl antenna connectors (for Wi-Fi)
- 8x LED (7 driven by GPIO)
- 2x button (reset, wifi)
- 2x UART (4-pin/2.54 mm pitch, 10-pin/1.27 mm pitch) headers on PCB
- 1x I2C (4-pin, 1.27 mm pitch) header on PCB
- 1x LED (8-pin, 1.27 mm pitch) header on PCB
- 1x DC jack with lock (12 V)

Other:

- there is a dedicated, 4-pin connector for optional RTC module (Holtek
  HT138x) with 'enable' input, not available at the time of preparing
  support for this board
- miniPCIe slot supports additional 5 V supply on pins 47 and 49 but a
  jumper resistor (R174) is not installed by default
- U-Boot selects default SIM slot, based on value of 'default_sim' env
  variable: '1' or unset -> SIM1 (mini), '2' -> SIM2 (micro). This will
  work only if both slots are occupied, otherwise U-Boot will always
  select slot with SIM card inside (user can override it later, in
  user-space)
- U-Boot resets the modem, using PERSTn signal, before starting kernel
- this board supports 'dual image' feature (controlled by 'dual_image'
  U-Boot environment variable)

Flash instruction:

You can use the 'sysupgrade' image directly in vendor firmware which is
based on OpenWrt (make sure to not preserve settings - use 'sysupgrade
-n -F ...' command). Alternatively, use web recovery mode in U-Boot:

1. Power the device with reset button pressed, the modem LED will start
   blinking slowly and after ~3 seconds, when it starts blinking faster,
   you can release the button.
2. Setup static IP 192.168.1.2/24 on your PC.
3. Go to 192.168.1.1 in browser and upload 'sysupgrade' image.

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
(backported from commit dfecf94c2059998411f95067de3866aa7cdf5ec9)

4 years agoramips: support dual image feature on ALFA Network boards
Piotr Dymacz [Tue, 29 Oct 2019 22:25:56 +0000 (23:25 +0100)]
ramips: support dual image feature on ALFA Network boards

New U-Boot version for MediaTek MT76x8/MT762x based ALFA Network boards
includes support for a 'dual image' feature. Users can enable it using
U-Boot environment variable 'dual_image' ('1' -> enabled).

When 'dual image' feature is enabled, U-Boot will modify DTB and divide
the original 'firmware' flash area into two, equal in size and aligned
to 64 KB partitions: 'firmware' and 'backup'. U-Boot will also adjust
size of 'firmware' area to match installed flash chip size.

U-Boot will load kernel from active partition which is marked with env
variable 'bootactive' ('1' -> first partition, '2' -> second partition)
and rename both partitions accordingly ('firmware' <-> 'backup').

There are 3 additional env variables used to control 'dual image' mode:
- bootlimit   - maximum number of unsuccessful boot tries (default: '3')
- bootcount   - current number of boot tries
- bootchanged - flag which informs that active partition was changed; if
                it is set and 'bootcount' reaches 'bootlimit' value,
                U-Boot will start web-based recovery which then updates
                both partitions with provided image

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
(backported from commit bc173ddd8381b03dde8cc2e6c66d0cd392c62bbd)

4 years agoramips: refresh all subtargets kernel configs
Piotr Dymacz [Fri, 22 Nov 2019 22:23:09 +0000 (23:23 +0100)]
ramips: refresh all subtargets kernel configs

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
4 years agoramips: use upstream RAW_APPENDED_DTB instead of our OWRTDTB
Chuanhong Guo [Thu, 27 Jun 2019 12:44:27 +0000 (20:44 +0800)]
ramips: use upstream RAW_APPENDED_DTB instead of our OWRTDTB

Upstream kernel added support for RAW_APPENDED_DTB on ralink arch
in the following commit:
02564fc89d3d ("ralink: Introduce fw_passed_dtb to arch/mips/ralink")

Use upstream solution and get rid of our OWRTDTB hack.
This commit set DEVICE_DTS to $$(DTS) instead of replacing DTS with
DEVICE_DTS in device profile because DTS variable will be dropped
in later commits.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
[Tested on mt7621/mt76x8]
Tested-by: Chuanhong Guo <gch981213@gmail.com>
[Tested on rt305x/mt7620]
Tested-by: INAGAKI Hiroshi <musashino.open@gmail.com>
(cherry picked from commit 7a8d3432c739c6ff038295176e8b6324e92fc116)
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
4 years agoath79: remove ath10k drivers from Archer C7 v1 profile
Stijn Segers [Fri, 22 Nov 2019 18:39:19 +0000 (19:39 +0100)]
ath79: remove ath10k drivers from Archer C7 v1 profile

Ath10k packages were removed from ar71xx in master in commit
34113999ef43 ("ar71xx: Remove ath10k packages from archer-c7-v1 (fixes
FS#1743)") but ath79 in master and the 19.07 branch still suffer from
the issue.

Signed-off-by: Stijn Segers <foss@volatilesystems.org>
[commit subject and description facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
4 years agokernel: nf_conntrack_rtcache: fix WARNING on rmmod
Yousong Zhou [Sat, 23 Nov 2019 18:05:45 +0000 (18:05 +0000)]
kernel: nf_conntrack_rtcache: fix WARNING on rmmod

Fixes b7c58a1ee ("kernel: nf_conntrack_rtcache: fix cleanup on netns
delete and rmmod")

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit b3779e920ebaa168eaf18ac1140774c32b6ec6b6)

4 years agokernel: nf_conntrack_rtcache: fix WARNING on forward path
Yousong Zhou [Sat, 23 Nov 2019 17:10:09 +0000 (17:10 +0000)]
kernel: nf_conntrack_rtcache: fix WARNING on forward path

Fixes b7c58a1ee ("kernel: nf_conntrack_rtcache: fix cleanup on netns
delete and rmmod")

Resolves FS#2624

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit 1c5df850a07690451f2878a310c0ea67d0690836)

4 years agobuild: add PKG_SOURCE_URL_FILE support
Kamil Wcislo [Thu, 5 Jul 2018 19:40:19 +0000 (21:40 +0200)]
build: add PKG_SOURCE_URL_FILE support

It seems that there is a missing PKG_SOURCE_URL_FILE support.
This little fix adds the support for packages to change the name of the
downloaded file.

Sometimes it is desirable to change the downloaded archive file name, like
for mitigating name conflicts for different packages (some files on the server
could be named like, e.g. 2018-01-01.tar.gz) or for the cases that there is
no name for the file in the URL (e.g. http://someserver.com/download).

Signed-off-by: Kamil Wcislo <kamil.wcislo@lpnplant.io>
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit 09c428ec6bca27bdb31e2f6fef85b07787cead30)

4 years agokernel: nf_conntrack_rtcache: fix cleanup on netns delete and rmmod
Yousong Zhou [Wed, 13 Nov 2019 17:03:12 +0000 (17:03 +0000)]
kernel: nf_conntrack_rtcache: fix cleanup on netns delete and rmmod

Fixes FS#1472, FS#2353, FS#2426

Fixes: b3f95490 ("kernel: generic: Add kernel 4.14 support")
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit b7c58a1eeba5be2e1f77ec05b417be9d87e26916)

4 years agomac80211: add default value for noscan
Sebastian Kemper [Sat, 23 Nov 2019 10:25:02 +0000 (11:25 +0100)]
mac80211: add default value for noscan

Commit b3d8b3a introduced a new test:

[ -n "$noscan" -a "$noscan" -gt 0 ] && hostapd_noscan=1

But if length of "$noscan" is zero (noscan is not set) this doesn't stop
the shell to evaluate the rest of the test.

root@hank2:~# [ -n "$noscan" -a "$noscan" -gt 0 ]
ash: out of range
root@hank2:~#

So when radios are brought up this shows in the log:

Sat Nov 23 10:51:38 2019 daemon.info procd: - init complete -
Sat Nov 23 10:52:24 2019 daemon.notice netifd: radio1 (1243): sh: out of range
Sat Nov 23 10:52:25 2019 user.notice firewall: Reloading firewall due to ifup of wan (eth0.2)
Sat Nov 23 10:52:25 2019 daemon.notice netifd: radio0 (1242): sh: out of range
Sat Nov 23 10:52:26 2019 authpriv.info dropbear[1536]: Not backgrounding

This commit sets noscan to 0 if unset and removes the gratuitous length
check, preventing the warning.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
(cherry picked from commit 28d84331f4bba5923059e701f5d4878b2df3fa79)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
4 years agoe2fsprogs: Fix CVE-2019-5094 in libsupport
Hauke Mehrtens [Fri, 22 Nov 2019 21:43:25 +0000 (22:43 +0100)]
e2fsprogs: Fix CVE-2019-5094 in libsupport

This adds the following patch from debian:
https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git/commit/?h=debian/stable&id=09fe1fd2a1f9efc3091b4fc61f1876d0785956a8
libsupport: add checks to prevent buffer overrun bugs in quota code

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 0062aad8ecc9bbe36c55895fd78fcaf9a406b006)

4 years agoipq40xx: add support for AVM FRITZ!Repeater 1200
David Bauer [Tue, 10 Sep 2019 19:07:23 +0000 (21:07 +0200)]
ipq40xx: add support for AVM FRITZ!Repeater 1200

Hardware
--------
SoC:   Qualcomm IPQ4019
RAM:   256M DDR3
FLASH: 128M NAND
WiFi:  2T2R IPQ4019 bgn
       2T2R IPQ4019 a/n/ac
ETH:   Atheros AR8033 RGMII PHY
BTN:   1x Connect (WPS)
LED:   Power (green/red/yellow)

Installation
------------

1. Grab the uboot for the Device from the 'u-boot-fritz1200'
   subdirectory. Place it in the same directory as the 'eva_ramboot.py'
   script. It is located in the 'scripts/flashing' subdirectory of the
   OpenWRT tree.

2. Assign yourself the IP address 192.168.178.10/24. Connect your
   Computer to one of the boxes LAN ports.

3. Connect Power to the Box. As soon as the LAN port of your computer
   shows link, load the U-Boot to the box using following command.

   > ./eva_ramboot.py --offset 0x85000000 192.168.178.1 uboot-fritz1200.bin

4. The U-Boot will now start. Now assign yourself the IP address
   192.168.1.70/24. Copy the OpenWRT initramfs (!) image to a TFTP
   server root directory and rename it to 'FRITZ1200.bin'.

5. The Box will now boot OpenWRT from RAM. This can take up to two
   minutes.

6. Copy the U-Boot and the OpenWRT sysupgrade (!) image to the Box using
   scp. SSH into the Box and first write the Bootloader to both previous
   kernel partitions.

   > mtd write /path/to/uboot-fritz1200.bin uboot0
   > mtd write /path/to/uboot-fritz1200.bin uboot1

7. Remove the AVM filesystem partitions to make room for our kernel +
   rootfs + overlayfs.

   > ubirmvol /dev/ubi0 --name=avm_filesys_0
   > ubirmvol /dev/ubi0 --name=avm_filesys_1

8. Flash OpenWRT peristently using sysupgrade.

   > sysupgrade -n /path/to/openwrt-sysupgrade.bin

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 7f187229a8e9b7966248b1e024217e07a9fc3e50)
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
4 years agoipq-wifi: add AVM FRITZ!Repeater 1200 bdf
David Bauer [Sat, 21 Sep 2019 16:59:28 +0000 (18:59 +0200)]
ipq-wifi: add AVM FRITZ!Repeater 1200 bdf

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit c0f40781645297ad68678e3de2557b611e9f785c)
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
4 years agouboot-fritz4040: update to latest HEAD
David Bauer [Tue, 15 Oct 2019 16:06:57 +0000 (18:06 +0200)]
uboot-fritz4040: update to latest HEAD

f92be9d add support for AVM FRITZ!Repeater 1200
d651302 enable support for Atheros AR8033 PHY
e4c857c add machtype override hack

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 36f43b61a74ff12d75989d0aabe052945aacc8cf)
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
4 years agomac80211: update to version 4.19.85
Hauke Mehrtens [Thu, 21 Nov 2019 21:46:21 +0000 (22:46 +0100)]
mac80211: update to version 4.19.85

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
4 years agolayerscape: Fix kernel patch
Hauke Mehrtens [Fri, 22 Nov 2019 19:20:22 +0000 (20:20 +0100)]
layerscape: Fix kernel patch

The kernel update added one "+" too much.

Fixes: db345220b485 ("kernel: bump 4.14 to 4.14.155")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
4 years agokernel: Add missing configuration option
Hauke Mehrtens [Fri, 22 Nov 2019 19:13:55 +0000 (20:13 +0100)]
kernel: Add missing configuration option

This was found by the build bot.

Fixes: db345220b485 ("kernel: bump 4.14 to 4.14.155")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 103e49f62e72664ee0d5285007907a75960e8645)

4 years agofirewall: update to latest Git HEAD
Jo-Philipp Wich [Fri, 22 Nov 2019 17:53:03 +0000 (18:53 +0100)]
firewall: update to latest Git HEAD

8174814 utils: persist effective extra_src and extra_dest options in state file
72a486f zones: fix emitting match rules for zones with only "extra" options

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 482114d3f78df2a19904cc8edf7d9adcfdbb8625)

4 years agofirewall: update to latest git HEAD
Hans Dedecker [Fri, 4 Oct 2019 18:38:46 +0000 (20:38 +0200)]
firewall: update to latest git HEAD

daed0cf utils: fix resource leak

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 27bf8abe69f3b048cbcbf9d2e796ecba5f0a42e7)

4 years agocns3xxx: use proper macros for defining partition regions
Koen Vandeputte [Fri, 22 Nov 2019 08:58:50 +0000 (09:58 +0100)]
cns3xxx: use proper macros for defining partition regions

While at it, also reorder the items for
improved readability.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit 6b2f953db346cfb4ddf05654efa3ad7eb84ed99f)

4 years agokernel: bump 4.14 to 4.14.155
Koen Vandeputte [Thu, 21 Nov 2019 13:06:30 +0000 (14:06 +0100)]
kernel: bump 4.14 to 4.14.155

Refreshed all patches.

Altered patches:
- 707-dpaa-ethernet-support-layerscape.patch

Remove upstreamed:
- 034-v4.20-MIPS-BCM47XX-Enable-USB-power-on-Netgear-WNDR3400v3.patch
- 001-4.21-01-BCM63XX-fix-switch-core-reset-on-BCM6368.patch
- 073-qcom-ipq4019-fix-cpu0-s-qcom-saw2-reg-value.patch

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
4 years agowireless-regdb: fix build when python2 from package feeds exists
Petr Štetiar [Wed, 31 Jul 2019 16:11:01 +0000 (18:11 +0200)]
wireless-regdb: fix build when python2 from package feeds exists

wireless-regdb fails to build if there is python2 installed from package
feeds, as staging_dir/hostpkg/bin/python is python2 and
staging_dir/hostpkg/bin takes precedence over staging_dir/host/bin
(proper place with python -> python3 symlink) which leads to the build
failure of wireless-regdb, so this patch makes it explicit which python
should be used.

Reported-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Tested-by: Russell Senior <russell@personaltelco.net>
Tested-by: Lucian Cristian <lucian.cristian@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit b6bae4a2c9f11f7e55319c2b4c709396ce649688)

4 years agowireless-regdb: fix patch fuzz
Kevin Darbyshire-Bryant [Tue, 30 Jul 2019 07:36:32 +0000 (08:36 +0100)]
wireless-regdb: fix patch fuzz

Refresh patches to tidy up some fuzz warnings

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 12840674d0550e6f5aa077cd2b578988f0c07074)

4 years agowireless-regdb: fix Makefile indentation
John Crispin [Mon, 29 Jul 2019 22:33:12 +0000 (00:33 +0200)]
wireless-regdb: fix Makefile indentation

Signed-off-by: John Crispin <john@phrozen.org>
(cherry picked from commit 8562e77953e76c1ec7ba01ce18dc468d5628f3dc)

4 years agowireless-regdb: set PKGARCH:=all
Petr Štetiar [Thu, 25 Jul 2019 07:21:42 +0000 (09:21 +0200)]
wireless-regdb: set PKGARCH:=all

As it's an architecture-independent binary file.

Ref: https://github.com/openwrt/openwrt/pull/1521#issuecomment-514687053
Suggested-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 57d1c05ec945b4853708d686c0782c4b1dcff0a9)

4 years agowireless-regdb: prefer python provided by make variable
Petr Štetiar [Mon, 18 Mar 2019 21:40:36 +0000 (21:40 +0000)]
wireless-regdb: prefer python provided by make variable

Usage of predefined make variables is preferred.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit d3853d17a37a67541736b8b13f412a49ab382b9a)

4 years agowireless-regdb: Make it build with python2
Hauke Mehrtens [Sun, 17 Nov 2019 22:59:37 +0000 (23:59 +0100)]
wireless-regdb: Make it build with python2

This backports a patch to build it work with python2 in addition to
python3.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit d3a8a62692b06b3e5fe7077a2ce641fbf09cdc19)

4 years agowireless-regdb: update to 2019.06.03
Zachary Riedlshah [Wed, 5 Jun 2019 10:58:19 +0000 (22:58 +1200)]
wireless-regdb: update to 2019.06.03

Fixes build issues on a python3 host (issues with the print statement
formatting in the current build).

Includes 100-regdb-write-firmware-file-format-version-code-20.patch and
other fixes.

Closes bugs.openwrt.org/index.php?do=details&task_id=1605.

Uses the tarball as requested.

Signed-off-by: Zachary Riedlshah <git@zacharyrs.me>
(cherry picked from commit ef3f868da0d78adf2490a762ff567cf5b636c213)

4 years agoar71xx: fix buttons for TP-Link TL-WDR4900 v2
Adrian Schmutzler [Thu, 14 Nov 2019 12:01:39 +0000 (13:01 +0100)]
ar71xx: fix buttons for TP-Link TL-WDR4900 v2

TP-Link TL-WDR4900 v2 only has one combined WPS/Reset button, so
don't set up an RFKILL for this device.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 25127f58b42d794bd47d56ea107f3dfc9cc4816c)

4 years agoar71xx: fix LED setup for TL-WDR4900 v2
Adrian Schmutzler [Thu, 14 Nov 2019 11:45:15 +0000 (12:45 +0100)]
ar71xx: fix LED setup for TL-WDR4900 v2

In ar71xx there is only one combined mach file for Archer C5/C7 and
TL-WDR4900 v2. This one uses the same LED struct for all devices,
defining "green" LEDs for them. However, WDR4900 uses blue front
LEDs, while only C5/C7 uses green ones. Despite, in base-files
WDR4900 is actually set up with "blue" for the mentioned LEDs.

Thus, this patch creates a separate LED struct for WDR4900, so the
LEDs can be set up correctly. Despite, the wlan5g LED is removed as
it is controlled by ath9k chip for WDR4900 (in contrast to C5/C7).

Note: While front LEDs are blue, USB LEDs (on the back) are green,
so colors are mixed intentionally for the WDR4900 v2.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 93f2bcc35e371ec0c4ceb76c06f90b898c726ba5)

4 years agoramips: set uImage name of WeVO 11AC NAS and W2914NS v2
Sungbo Eo [Mon, 7 Oct 2019 12:33:51 +0000 (21:33 +0900)]
ramips: set uImage name of WeVO 11AC NAS and W2914NS v2

The stock firmware and bootloader only accept uImage with names that
match certain patterns. This patch enables OpenWrt installation from
stock firmware without having to reflash the bootloader or access the
UART console.

Installation via web interface:
1.  Flash **initramfs** image through the stock web interface.
2.  Boot into OpenWrt and perform sysupgrade with sysupgrade image.

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit 19800ac095f6ddbba03ccab08e5197b1eec4a49e)
[backported]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agoar71xx: fix MAC address setup for TL-WDR4900 v2
Adrian Schmutzler [Thu, 14 Nov 2019 11:26:05 +0000 (12:26 +0100)]
ar71xx: fix MAC address setup for TL-WDR4900 v2

The MAC address setup of the TL-WDR4900 v2 is different from the
C5/C7. This aligns ar71xx with the setup in ath79:

wlan0 (5GHz) : -2
wlan1 (2.4GHz) : -1
eth1 (LAN) : 0
eth0 (WAN) : 1

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit a9d3084b83bb2d0fa2c0b43bf2a0831b5ae1df13)

4 years agoar71xx: fix MAC addresses for Archer C5 v1, C7 v1/v2, WDR4900 v2
Adrian Schmutzler [Wed, 13 Nov 2019 14:05:29 +0000 (15:05 +0100)]
ar71xx: fix MAC addresses for Archer C5 v1, C7 v1/v2, WDR4900 v2

As discussed in 1d18a14a90c7 ("ath79: really fix TP-Link Archer C7
v2 MAC address"), stock firmware MAC address assignment is
actually as follows:

wlan0 (5GHz) : -1
wlan1 (2.4GHz) : 0
eth1 (LAN) : 0
eth0 (WAN) : 1

This has never been fixed for ar71xx, so let's do it now.
Note that with WDR4900 v2 even both wlan0 and wlan1 where assigned
to basemac-1 before ...

Fixes: FS#408
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit a021268032fb64afdce7bafa91c7c7bf44fa6ff2)

4 years agoipq40xx: fix build error
Koen Vandeputte [Wed, 20 Nov 2019 07:40:48 +0000 (08:40 +0100)]
ipq40xx: fix build error

Add missing brace which was accidentally omitted

Fixes: 3c5c49af8be7 ("kernel: bump 4.14 to 4.14.154")
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
4 years agomac80211: backport upstream fixes
Koen Vandeputte [Wed, 6 Nov 2019 12:38:51 +0000 (13:38 +0100)]
mac80211: backport upstream fixes

This potentially fixes some issues seen on IBSS
when interfaces go out of range and then re-appear.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
4 years agotoolchain/gcc: bump to 7.5.0
Koen Vandeputte [Tue, 19 Nov 2019 10:08:45 +0000 (11:08 +0100)]
toolchain/gcc: bump to 7.5.0

This updates the GCC to the next minor release which fixes +213 bugs.
Tested on ARMv6, ARMv7, MIPS R2, x86

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
4 years agokernel: bump 4.14 to 4.14.154
Koen Vandeputte [Mon, 18 Nov 2019 09:19:58 +0000 (10:19 +0100)]
kernel: bump 4.14 to 4.14.154

Refreshed all patches.

Altered patches:
- 902-debloat_proc.patch
- 040-dmaengine-qcom-bam-Process-multiple-pending-descript.patch
- 807-usb-support-layerscape.patch
- 809-flexcan-support-layerscape.patch
- 816-pcie-support-layerscape.patch

Remove upstreamed:
- 303-spi-nor-enable-4B-opcodes-for-mx66l51235l.patch

New symbols:
X86_INTEL_MPX
X86_INTEL_MEMORY_PROTECTION_KEYS
CONFIG_X86_INTEL_TSX_MODE_OFF
X86_INTEL_TSX_MODE_ON
X86_INTEL_TSX_MODE_AUTO
SGL_ALLOC

Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
4 years agomac80211: Adapt to changes to skb_get_hash_perturb()
Hauke Mehrtens [Mon, 18 Nov 2019 06:05:41 +0000 (07:05 +0100)]
mac80211: Adapt to changes to skb_get_hash_perturb()

The skb_get_hash_perturb() function now takes a siphash_key_t instead of
an u32. This was changed in commit 55667441c84f ("net/flow_dissector:
switch to siphash"). Use the correct type in the fq header file
depending on the kernel version.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
(cherry picked from commit eaa047179ad30d156d0c3da7ec225acfae7a9f00)

4 years agomac80211: brcmfmac: fix PCIe reset crash and WARNING
Rafał Miłecki [Mon, 18 Nov 2019 13:45:59 +0000 (14:45 +0100)]
mac80211: brcmfmac: fix PCIe reset crash and WARNING

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit cde8c2f2fba019c4cd3b9f6ad463ff86cc783061)

4 years agoath79: fix sysupgrade from ar71xx for WNDR3700 V2 and WNDR3800(CH)
Adrian Schmutzler [Thu, 14 Nov 2019 16:26:44 +0000 (17:26 +0100)]
ath79: fix sysupgrade from ar71xx for WNDR3700 V2 and WNDR3800(CH)

ar71xx has just one board name "wndr3700" for WNDR3700 V1/V2,
WNDR3800 and WNDR3800CH, whereas ath79 provides separate images for
the boards. So, update SUPPORTED_DEVICES to store the correct
ar71xx board names.

Fixes: FS#2510
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit fc44a8481cbf317febaf27a550e0c9fa49be68d5)

4 years agoath79: include rssileds package for ubnt devices with LEDs
Roger Pueyo Centelles [Wed, 13 Nov 2019 15:18:59 +0000 (09:18 -0600)]
ath79: include rssileds package for ubnt devices with LEDs

Some Ubiquiti devices had the RSSI LEDs configured in 01_leds but
were missing the rssileds package, while others that don't have
RSSI LEDS had the package included.

This commit includes the rssileds package only for those devices
that need it.

Tested on a NanoStation M XW.

Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
(cherry picked from commit 1c6066a867400eca9e335235ff4dc43acacc1183)
[backported to 19.07]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agoramips: assign correct key-code to wps buttons
Christian Lamparter [Sat, 16 Nov 2019 21:37:51 +0000 (22:37 +0100)]
ramips: assign correct key-code to wps buttons

The two ASUS WL-330N and WL-330N3G had the
reset keycode assigned to the WPS button. This patch
changes all three devices to use KEY_WPS_BUTTON in
the hopes that this fixes unwanted restarts/
unexpected behavior from the users point of view.

[dropped RG21S]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit ad65d9d7b264d6d17293c59469e770905d2f785a)

4 years agoath79: remap D-Link DIR-859 A1 WPS button to WPS
Christian Lamparter [Sat, 16 Nov 2019 21:42:07 +0000 (22:42 +0100)]
ath79: remap D-Link DIR-859 A1 WPS button to WPS

The WPS button was mapped to the restart/reset. This patch
changes it to emit the KEY_WPS_BUTTON keycode so pressing
the WPS button does initiate WPS.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit 7a7610c21bb0979f2ae14f3c31012ac9e148b439)

4 years agoramips: disable D-Link DIR-300 B1 by default
Jo-Philipp Wich [Sat, 16 Nov 2019 18:54:42 +0000 (19:54 +0100)]
ramips: disable D-Link DIR-300 B1 by default

Disable the DIR-300 B1 image by default as the device has insufficient
flash space for release build images.

Fixes: FS#2606
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
4 years agoramips: rt3833: fix build breakage
Petr Štetiar [Fri, 15 Nov 2019 06:47:51 +0000 (07:47 +0100)]
ramips: rt3833: fix build breakage

Commit 60f41c6c9ef6 ("ramips: add usb-ledtrig-usbport to DEVICE_PACKAGES
of CY-SWR1100") added stray | during backport which caused build
breakage on the buildbots:

 bash: -c: line 0: syntax error near unexpected token `|'
 bash: -c: line 0: `echo kmod-usb-core kmod-usb-ledtrig-usbport kmod-usb-ohci kmod-usb2 swconfig | | mkhash md5 | head -c 8'

Fixes: 60f41c6c9ef6 ("ramips: add usb-ledtrig-usbport to DEVICE_PACKAGES of CY-SWR1100")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
4 years agoramips: add usb-ledtrig-usbport to DEVICE_PACKAGES of CY-SWR1100
Sungbo Eo [Wed, 13 Nov 2019 14:23:17 +0000 (23:23 +0900)]
ramips: add usb-ledtrig-usbport to DEVICE_PACKAGES of CY-SWR1100

CY-SWR1100 has a USB LED but kmod-usb-ledtrig-usbport is missing
in default images. This commit adds it.

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
[changed commit title, backported to 19.07]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 261c746631d2bf311a6b62a6d3bacce6fde90976)

4 years agoramips: fix MAC address setup for Samsung CY-SWR1100
Sungbo Eo [Wed, 13 Nov 2019 14:22:54 +0000 (23:22 +0900)]
ramips: fix MAC address setup for Samsung CY-SWR1100

Ethernet MAC address setup has been broken since c3e420f28cf1. Restore
original setting.

Fixes: c3e420f28cf1 ("ramips: Add support for D-Link DCH-M225")
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit 7231c1edd99217c6baa8d7d5d841d75ad9de26f1)
[backported due to base-files split]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agokernel: fix typo in fb-sys-fops autoload
Sungbo Eo [Mon, 11 Nov 2019 16:16:28 +0000 (01:16 +0900)]
kernel: fix typo in fb-sys-fops autoload

AutoLoad parameter must match the exact kernel module name. Fix it.

Fixes: 125f1ce9ad0c ("kernel: video: add DRM core and IMX DRM support for HDMI/LVDS")
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit 6990510aca41074351f92a5abc6f4afb4b606506)

4 years agohostapd: add IEEE 802.11k support
Kyle Copperfield [Thu, 31 Oct 2019 20:03:39 +0000 (20:03 +0000)]
hostapd: add IEEE 802.11k support

Enables radio resource management to be reported by hostapd to clients.

Ref: https://github.com/lede-project/source/pull/1430
Co-developed-by: Lorenzo Santina <lorenzo.santina@edu.unito.it>
Signed-off-by: Lorenzo Santina <lorenzo.santina@edu.unito.it>
Signed-off-by: Kyle Copperfield <kmcopper@danwin1210.me>
[removed the DMARC crap]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 87f9292300cf56ad17f44363ced213c59a95ef44)

4 years agohostapd: Add mesh support for wpad full
Hauke Mehrtens [Sat, 7 Sep 2019 14:17:14 +0000 (16:17 +0200)]
hostapd: Add mesh support for wpad full

This increases the size of the binary slightly:

old:
427722 wpad-wolfssl_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk
431696 wpad-openssl_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk

new:
442109 wpad-wolfssl_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk
445997 wpad-openssl_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 49cc712b44c76e99bfb716c06700817692975e05)

4 years agohostapd: use getrandom syscall
Hauke Mehrtens [Sat, 4 May 2019 12:02:07 +0000 (14:02 +0200)]
hostapd: use getrandom syscall

hostapd will not use the getrandom() syscall and as a fallback use
/dev/random, the syscall is supported since Linux 3.17 and in the musl,
glibc and uclibc version used by OpenWrt.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 998686364da7d002ba9f6dbb43cc5f32294dd4ab)

4 years agohostapd: Remove unneeded patch
Hauke Mehrtens [Sat, 4 May 2019 00:01:15 +0000 (02:01 +0200)]
hostapd: Remove unneeded patch

All the content of this function is proceeded by IEEE8021X_EAPOL no code
accesses the ssid variable outside of this ifdef.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 0d86bf518aaefa57bef577d09a18aff03eccb70c)

4 years agohostapd: use config option CONFIG_NO_LINUX_PACKET_SOCKET_WAR
Hauke Mehrtens [Fri, 3 May 2019 23:58:53 +0000 (01:58 +0200)]
hostapd: use config option CONFIG_NO_LINUX_PACKET_SOCKET_WAR

Instead of patching the workaround away, just use the config option.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 9b4a27455c17c00698ce7ce24e0bcad419c6319e)

4 years agohostapd: Update to version 2.9 (2019-08-08)
Hauke Mehrtens [Sat, 10 Aug 2019 14:49:34 +0000 (16:49 +0200)]
hostapd: Update to version 2.9 (2019-08-08)

The size of the ipkgs increase a bit (between 0.7% and 1.1%):

old 2019-04-21 (2.8):
288264 wpad-basic_2019-04-21-63962824-1_mipsel_24kc.ipk
256188 wpad-mini_2019-04-21-63962824-1_mipsel_24kc.ipk
427475 wpad-openssl_2019-04-21-63962824-1_mipsel_24kc.ipk
423071 wpad-wolfssl_2019-04-21-63962824-1_mipsel_24kc.ipk

new 2019-08-08 (2.9):
290217 wpad-basic_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk
258745 wpad-mini_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk
431732 wpad-openssl_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk
427641 wpad-wolfssl_2019-08-08-ca8c2bd2-1_mipsel_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 167028b750028ae3dac24f5ff96bbb1ba04e8bd7)

4 years agohostapd: Update to version 2.8 (2019-04-21)
Hauke Mehrtens [Fri, 3 May 2019 23:52:25 +0000 (01:52 +0200)]
hostapd: Update to version 2.8 (2019-04-21)

This also syncs the configuration files with the default configuration
files, but no extra options are activated or deactivated.

The mesh patches were partially merged into hostapd 2.8, the remaining
patches were extracted from patchwork and are now applied by OpenWrt.
The patches still have open questions which are not fixed by the author.
They were taken from this page:
https://patchwork.ozlabs.org/project/hostap/list/?series=62725&state=*

The changes in 007-mesh-apply-channel-attributes-before-running-Mesh.patch
where first applied to hostapd, but later reverted in hostapd commit
3e949655ccc5 because they caused memory leaks.

The size of the ipkgs increase a bit (between 1.3% and 2.3%):

old 2018-12-02 (2.7):
283337 wpad-basic_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk
252857 wpad-mini_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk
417473 wpad-openssl_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk
415105 wpad-wolfssl_2018-12-02-c2c6c01b-11_mipsel_24kc.ipk

new 2019-04-21 (2.8):
288264 wpad-basic_2019-04-21-63962824-1_mipsel_24kc.ipk
256188 wpad-mini_2019-04-21-63962824-1_mipsel_24kc.ipk
427475 wpad-openssl_2019-04-21-63962824-1_mipsel_24kc.ipk
423071 wpad-wolfssl_2019-04-21-63962824-1_mipsel_24kc.ipk

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
(cherry picked from commit 8af79550e6c280717660f66032d89d21007b15d2)

4 years agohostapd: mirror ieee80211w ap mode defaults in station mode
Jo-Philipp Wich [Fri, 20 Sep 2019 11:20:21 +0000 (13:20 +0200)]
hostapd: mirror ieee80211w ap mode defaults in station mode

For AP mode, OpenWrt automatically sets ieee80211w to either 1 or 2, depending
on whether the encryption is set to sae-mixed, or sae/owe/eap suite-b.

Mirror the same defaults for client mode connections, in order to allow an
OpenWrt station to associate to an OpenWrt ap with SAE, OWE or Suite-B encryption
without the need to manually specify "option ieee80211w" on the station.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit abb4f4075e791789fdb00731035e08a8cf51555f)

4 years agohostapd: fix OWE settings in client mode
Jo-Philipp Wich [Fri, 20 Sep 2019 09:40:52 +0000 (11:40 +0200)]
hostapd: fix OWE settings in client mode

This changes fixes the generation of the wpa_supplicant client configuration
in WPA3 OWE client mode. Instead of incorrectly emitting key_mgmt=NONE, use
the proper key_mgmt=OWE setting instead.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 4209b28d23b8bf28575af5e8904194f49b81532e)

4 years agohostapd: declare struct wpa_bss early
Leon M. George [Wed, 11 Sep 2019 13:22:55 +0000 (15:22 +0200)]
hostapd: declare struct wpa_bss early

wps_supplicant.h assumes that 'struct wpa_bss' is forward declared if
CONFIG_WPS is not defined.  With the later inclusion of
600-ubus_support, the issue manifests in warnings like these:

wps_supplicant.h:113:15: warning: 'struct wpa_bss' declared inside parameter list will not be visible outside of this definition or declaration
        struct wpa_bss *bss)
               ^~~~~~~

This patch forward declares 'struct wpa_bss' regardless.

Signed-off-by: Leon M. George <leon@georgemail.eu>
[commit message facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit f974f8213b94578581b35e6b3f8fb1fd5a35f753)

4 years agohostapd: revert signature change in patch
Leon M. George [Wed, 11 Sep 2019 12:10:18 +0000 (14:10 +0200)]
hostapd: revert signature change in patch

The original wpa_hexdump uses a 'void *' for the payload.  With patch
410-limit_debug_messages, the signature changes and compiler warnings
occur at various places.  One such warning is:

 wpa_debug.h:106:20: note: expected 'const u8 * {aka const unsigned char *}' but argument is of type 'struct wpa_eapol_key *'

Signed-off-by: Leon M. George <leon@georgemail.eu>
[commit message facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit a123df275846b1b83aaf3d7488a1544f7c0e09aa)

4 years agohostapd: adjust removed wolfssl options
Eneas U de Queiroz [Mon, 1 Jul 2019 16:40:01 +0000 (13:40 -0300)]
hostapd: adjust removed wolfssl options

This edjusts the selection of recently removed wolfssl options which
have always been built into the library even in their abscence.
Also remove the selection of libwolfssl itself, allowing the library to
be built as a module.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 94d131332b5adbcf885a92608c40a22b79b3c708)

4 years agobase-files: add /usr/share/libubox/jshn.sh to sysupgrade stage2
Russell Senior [Tue, 12 Nov 2019 23:33:48 +0000 (15:33 -0800)]
base-files: add /usr/share/libubox/jshn.sh to sysupgrade stage2

Discovered recent changes had broken sysupgrade for ar71xx mikrotik
rb-493g, traced the problem to missing /usr/share/libubox/jshn.sh after
switching to tmpfs.

Signed-off-by: Russell Senior <russell@personaltelco.net>
4 years agoath79: update uboot-envtools for Netgear WNR routers
Michal Cieslakiewicz [Wed, 6 Nov 2019 09:44:10 +0000 (10:44 +0100)]
ath79: update uboot-envtools for Netgear WNR routers

Boards added: WNR1000v2, WNR2000v3, WNR612v2, WNDR3700.

Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
(cherry picked from commit d47b68700644f37084b82845e9557b1e9954f533)
[removed WNR1000v2/WNR2000v3 since not supported in 19.07]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agoath79: fix SUPPORTED_DEVICES for TP-Link TL-WR1043ND v3
Adrian Schmutzler [Mon, 11 Nov 2019 18:03:20 +0000 (19:03 +0100)]
ath79: fix SUPPORTED_DEVICES for TP-Link TL-WR1043ND v3

In ar71xx, the board name for the TL-WR1043ND v3 is equal to v2:
tl-wr1043nd-v2

Fix SUPPORTED_DEVICES for v3 in ath79 accordingly.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit b5791118ccd3039cc9ef6fd3b1c4efcad6ab154f)

4 years agoar71xx: fix tl-wdr3320-v2 upgrade
南浦月 [Thu, 19 Sep 2019 09:41:01 +0000 (17:41 +0800)]
ar71xx: fix tl-wdr3320-v2 upgrade

Fix the error that tl-wdr3320-v2 can't upgrade firmware via web
interface by using magic_ver="0200" for this device.

Signed-off-by: 南浦月 <nanpuyue@gmail.com>
[commit message facelift]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 0ff2385a92c0a31769fce954b7bd571d6114dbc8)

4 years agoar71xx: update uboot-envtools for Netgear WNR routers
Michal Cieslakiewicz [Wed, 6 Nov 2019 09:43:14 +0000 (10:43 +0100)]
ar71xx: update uboot-envtools for Netgear WNR routers

Boards added: WNR1000v2, WNR2000v3, WNR2200, WNR612v2, WNDR4300.
Boards changed: WNDR3700 (u-boot env size is 2 sectors not 1).

Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
(cherry picked from commit 11052900494ec8216b9b39ba0b24d5e036f4d323)

4 years agokernel: bump 4.14 to 4.14.152
Koen Vandeputte [Wed, 6 Nov 2019 16:14:43 +0000 (17:14 +0100)]
kernel: bump 4.14 to 4.14.152

Refreshed all patches.

Altered patches:
- 301-arch-support-layerscape.patch

Remove upstreamed:
- 950-0311-sc16is7xx-Fix-for-Unexpected-interrupt-8.patch

Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
4 years agofirmware: intel-microcode: bump to 20190918
Zoltan HERPAI [Sat, 9 Nov 2019 12:01:50 +0000 (13:01 +0100)]
firmware: intel-microcode: bump to 20190918

  * New upstream microcode datafile 20190918

      *Might* contain mitigations for INTEL-SA-00247 (RAMBleed), given
      the set of processors being updated.
  * Updated Microcodes:
      sig 0x000306d4, pf_mask 0xc0, 2019-06-13, rev 0x002e, size 19456
      sig 0x000306f4, pf_mask 0x80, 2019-06-17, rev 0x0016, size 18432
      sig 0x00040671, pf_mask 0x22, 2019-06-13, rev 0x0021, size 14336
      sig 0x000406f1, pf_mask 0xef, 2019-06-18, rev 0xb000038, size 30720
      sig 0x00050654, pf_mask 0xb7, 2019-07-31, rev 0x2000064, size 33792
      sig 0x00050657, pf_mask 0xbf, 2019-08-12, rev 0x500002b, size 51200
      sig 0x00050662, pf_mask 0x10, 2019-06-17, rev 0x001c, size 32768
      sig 0x00050663, pf_mask 0x10, 2019-06-17, rev 0x7000019, size 24576
      sig 0x00050664, pf_mask 0x10, 2019-06-17, rev 0xf000017, size 24576
      sig 0x00050665, pf_mask 0x10, 2019-06-17, rev 0xe00000f, size 19456

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
4 years agofirmware: intel-microcode: bump to 20190618
Zoltan HERPAI [Sun, 25 Aug 2019 20:34:13 +0000 (22:34 +0200)]
firmware: intel-microcode: bump to 20190618

  * Implements MDS mitigation (RIDL, Fallout, Zombieload), INTEL-SA-00223
    CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091
  * Updated Microcodes:
    sig 0x000206d6, pf_mask 0x6d, 2019-05-21, rev 0x061f, size 18432
    sig 0x000206d7, pf_mask 0x6d, 2019-05-21, rev 0x0718, size 19456

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
4 years agofirmware: intel-microcode: bump to 20190514
Zoltan HERPAI [Thu, 16 May 2019 10:32:14 +0000 (12:32 +0200)]
firmware: intel-microcode: bump to 20190514

  * New Microcodes:
    sig 0x00030678, pf_mask 0x02, 2019-04-22, rev 0x0838, size 52224
    sig 0x00030678, pf_mask 0x0c, 2019-04-22, rev 0x0838, size 52224
    sig 0x00030679, pf_mask 0x0f, 2019-04-23, rev 0x090c, size 52224
    sig 0x000406c3, pf_mask 0x01, 2019-04-23, rev 0x0368, size 69632
    sig 0x000406c4, pf_mask 0x01, 2019-04-23, rev 0x0411, size 68608
    sig 0x00050657, pf_mask 0xbf, 2019-02-27, rev 0x5000021, size 47104
    sig 0x000806e9, pf_mask 0x10, 2018-10-18, rev 0x009e, size 98304
    sig 0x000806eb, pf_mask 0xd0, 2018-10-25, rev 0x00a4, size 99328
    sig 0x000806ec, pf_mask 0x94, 2019-02-12, rev 0x00b2, size 98304
    sig 0x000906ec, pf_mask 0x22, 2018-09-29, rev 0x00a2, size 98304
    sig 0x000906ed, pf_mask 0x22, 2019-02-04, rev 0x00b0, size 97280

  * Updated Microcodes:
    sig 0x000206a7, pf_mask 0x12, 2019-02-17, rev 0x002f, size 12288
    sig 0x000306a9, pf_mask 0x12, 2019-02-13, rev 0x0021, size 14336
    sig 0x000306c3, pf_mask 0x32, 2019-02-26, rev 0x0027, size 23552
    sig 0x000306d4, pf_mask 0xc0, 2019-03-07, rev 0x002d, size 19456
    sig 0x000306e4, pf_mask 0xed, 2019-03-14, rev 0x042e, size 16384
    sig 0x000306e7, pf_mask 0xed, 2019-03-14, rev 0x0715, size 17408
    sig 0x000306f2, pf_mask 0x6f, 2019-03-01, rev 0x0043, size 34816
    sig 0x000306f4, pf_mask 0x80, 2019-03-01, rev 0x0014, size 18432
    sig 0x00040651, pf_mask 0x72, 2019-02-26, rev 0x0025, size 21504
    sig 0x00040661, pf_mask 0x32, 2019-02-26, rev 0x001b, size 25600
    sig 0x00040671, pf_mask 0x22, 2019-03-07, rev 0x0020, size 14336
    sig 0x000406e3, pf_mask 0xc0, 2019-04-01, rev 0x00cc, size 100352
    sig 0x000406f1, pf_mask 0xef, 2019-03-02, rev 0xb000036, size 30720
    sig 0x00050654, pf_mask 0xb7, 2019-04-02, rev 0x200005e, size 32768
    sig 0x00050662, pf_mask 0x10, 2019-03-23, rev 0x001a, size 32768
    sig 0x00050663, pf_mask 0x10, 2019-03-23, rev 0x7000017, size 24576
    sig 0x00050664, pf_mask 0x10, 2019-03-23, rev 0xf000015, size 23552
    sig 0x00050665, pf_mask 0x10, 2019-03-23, rev 0xe00000d, size 19456
    sig 0x000506c9, pf_mask 0x03, 2019-01-15, rev 0x0038, size 17408
    sig 0x000506ca, pf_mask 0x03, 2019-03-01, rev 0x0016, size 15360
    sig 0x000506e3, pf_mask 0x36, 2019-04-01, rev 0x00cc, size 100352
    sig 0x000506f1, pf_mask 0x01, 2019-03-21, rev 0x002e, size 11264
    sig 0x000706a1, pf_mask 0x01, 2019-01-02, rev 0x002e, size 73728
    sig 0x000806e9, pf_mask 0x10, 2019-04-01, rev 0x00b4, size 98304
    sig 0x000806e9, pf_mask 0xc0, 2019-04-01, rev 0x00b4, size 99328
    sig 0x000806ea, pf_mask 0xc0, 2019-04-01, rev 0x00b4, size 99328
    sig 0x000806eb, pf_mask 0xd0, 2019-03-30, rev 0x00b8, size 98304
    sig 0x000806ec, pf_mask 0x94, 2019-03-30, rev 0x00b8, size 97280
    sig 0x000906e9, pf_mask 0x2a, 2019-04-01, rev 0x00b4, size 99328
    sig 0x000906ea, pf_mask 0x22, 2019-04-01, rev 0x00b4, size 98304
    sig 0x000906eb, pf_mask 0x02, 2019-04-01, rev 0x00b4, size 99328
    sig 0x000906ec, pf_mask 0x22, 2019-02-14, rev 0x00ae, size 98304
    sig 0x000906ed, pf_mask 0x22, 2019-03-17, rev 0x00b8, size 97280
  * Implements MDS mitigation (RIDL, Fallout, Zombieload), INTEL-SA-00223
    CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091

Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
4 years agoath79: fix identifier for Nanostation M in ath9k caldata extraction
Adrian Schmutzler [Sun, 10 Nov 2019 23:15:36 +0000 (00:15 +0100)]
ath79: fix identifier for Nanostation M in ath9k caldata extraction

When Nanostation M was renamed from ubnt,nano-m to ubnt,nanostation-m
in commit f1396ac753cc ("ath79: align naming of Ubiquiti Nanostation M"),
the caldata extraction in 10-ath9k-eeprom was overlooked.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 5dc535419fe5f59839686570545fc4180e14d545)

4 years agorpcd: update to latest Git HEAD
Jo-Philipp Wich [Sun, 10 Nov 2019 20:33:47 +0000 (21:33 +0100)]
rpcd: update to latest Git HEAD

77ad0de plugin: avoid truncating numeric values

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit aa89bdcd04676b21cbe3e8a7b8df3545a86d947a)

4 years agowolfssl: update to v4.2.0-stable
Eneas U de Queiroz [Wed, 6 Nov 2019 21:22:52 +0000 (18:22 -0300)]
wolfssl: update to v4.2.0-stable

Many bugs were fixed--2 patches removed here.

This release of wolfSSL includes fixes for 5 security vulnerabilities,
including two CVEs with high/critical base scores:

- potential invalid read with TLS 1.3 PSK, including session tickets
- potential hang with ocspstaping2 (always enabled in openwrt)
- CVE-2019-15651: 1-byte overread when decoding certificate extensions
- CVE-2019-16748: 1-byte overread when checking certificate signatures
- DSA attack to recover DSA private keys

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit f4853f7cca816214cd6e64cffe2b73d0b8c16def)

4 years agowolfssl: allow building with hw-crytpo and AES-CCM
Eneas U de Queiroz [Thu, 12 Sep 2019 20:00:00 +0000 (17:00 -0300)]
wolfssl: allow building with hw-crytpo and AES-CCM

Hardware acceleration was disabled when AES-CCM was selected as a
workaround for a build failure.  This applies a couple of upstream
patches fixing this.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit ab19627ecc3923687fd339f4f23dc45572d00ce0)

4 years agoustream-ssl: update to latest Git HEAD
Jo-Philipp Wich [Tue, 5 Nov 2019 13:38:40 +0000 (14:38 +0100)]
ustream-ssl: update to latest Git HEAD

c9b6668 ustream-ssl: skip writing pending data if .eof is true after connect

Fixes: CVE-2019-5101, CVE-2019-5102
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 6f9157e6bdea91507af84acdf53da7c0e6879bc1)

4 years agoustream-ssl: Update to latest git HEAD
Hauke Mehrtens [Fri, 1 Nov 2019 20:16:18 +0000 (21:16 +0100)]
ustream-ssl: Update to latest git HEAD

465f8dc wolfssl: adjust to new API in v4.2.0
3b06c65 Update example certificate & key, fix typo
1c38fd8 wolfssl: enable CN validation
33308ee ustream-io-cyassl.c: fix client-mode connections
79d91aa Remove CyaSSL, WolfSSL < 3.10.4 support

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 57ff06405e09ebce705c01178143c3ce907993b2)

4 years agomac80211: Fix dependencies of kmod-rsi91x-usb
Hauke Mehrtens [Sat, 9 Nov 2019 19:10:58 +0000 (20:10 +0100)]
mac80211: Fix dependencies of kmod-rsi91x-usb

Instead of depending on kmod-usb2 make it depend on the normal USB
dependencies. This should hopefully fix some problems seen in the build
bot builds for powerpc_8540.

In addition also activate DRIVER_11N_SUPPORT support.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 3ff3b044c01949cd7280978b17d0348ee9e7f4ae)

4 years agostrace: Fix build on PowerPC
Hauke Mehrtens [Sat, 9 Nov 2019 19:07:18 +0000 (20:07 +0100)]
strace: Fix build on PowerPC

This patch breaks building on PowerPC, like the mpc85xx_generic
target for me.

Fixes: FS#2585
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit b01305c8d26d8eb3525cf79591075601b04736cc)

4 years agouboot-envtools: Add TARGET_LDFLAGS to fix PIE and RELRO
Hauke Mehrtens [Thu, 7 Nov 2019 20:01:40 +0000 (21:01 +0100)]
uboot-envtools: Add TARGET_LDFLAGS to fix PIE and RELRO

Forward the OpenWrt TARGET_LDFLAGS to the linker of the fw_printenv tool.
In addition also use the more standard make invocation script.
With this change the fw_printenv tool is built with PIE and Full RELRO
support when activated globally in OpenWrt.

Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
(cherry picked from commit b7b2be0b268ced260ca8df84be1b0d469aaf6e38)

4 years agoxfsprogs: Fix compilation with newer musl
Rosen Penev [Thu, 7 Nov 2019 22:55:10 +0000 (14:55 -0800)]
xfsprogs: Fix compilation with newer musl

Backported upstream patch.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 39035df71c37d474be2cb2a0fad8d70da095c68b)

4 years agoramips: correct R6220 button flag
David Bauer [Sat, 9 Nov 2019 18:10:51 +0000 (19:10 +0100)]
ramips: correct R6220 button flag

All buttons on the Netgear R6220 are active-low while they are flagged
as active-high.

The GPIO status reads the following for no buttons pressed:

root@64367-r6220:~# cat /sys/kernel/debug/gpio
gpio-7   (                    |wps                 ) in  hi
gpio-8   (                    |wifi                ) in  hi
gpio-14  (                    |reset               ) in  hi

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit f7f9fe5256ebb660d3160452c3c01a9eb080938f)

4 years agokernel: fix LED netdev trigger on interface rename
Martin Schiller [Fri, 25 Oct 2019 07:22:29 +0000 (09:22 +0200)]
kernel: fix LED netdev trigger on interface rename

This fixes the netdev LED trigger for interfaces, which are renamed
during initialization (e.g. ppp interfaces).

Fixes: FS#2193
Fixes: FS#2239
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit edbadec843a77286d4f690a3641b7bca97f4c998)

4 years agobuild: cleanup possibly dangling Python 3 host symlink
Etienne Champetier [Fri, 8 Nov 2019 14:58:01 +0000 (06:58 -0800)]
build: cleanup possibly dangling Python 3 host symlink

When switching from master branch to 19.07 or older, we need to ensure
that Python symlink in staging bin directory points to Python 2.

We can't rely completly just on SetupHostCommand as its executed only in
cases when the $(STAGING_DIR_HOST)/bin/python doesn't already exist, so
we need to remove it before running SetupHostCommand.

This is a cherry-pick of 3b68fb57c938af3948ae4c2da61501183fbef649
with python3 instead of python2

Signed-off-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
4 years agobuild: fixup python SetupHostCommand to use python2
Etienne Champetier [Thu, 31 Oct 2019 10:54:59 +0000 (03:54 -0700)]
build: fixup python SetupHostCommand to use python2

Here is a way to break your build env without this patch:
1) have python point to python3, and no python2
2) start the build, SetupHostCommand will create a symlink
./staging_dir/host/bin/python -> /usr/bin/python
3) build fails on scons because it can't find any python2
4) install python2 and restart the build
5) the build fails on wireless-regdb compile because python is python3 instead of python

Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
5 years agoexpat: Update to version 2.2.9
Josef Schlehofer [Sun, 29 Sep 2019 09:21:29 +0000 (11:21 +0200)]
expat: Update to version 2.2.9

Fixes CVE-2019-15903

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit b4af2c689fc8736777940b7bbf009bb1672296ec)

5 years agotools/e2fsprogs: Update to version 1.45.4
Josef Schlehofer [Thu, 3 Oct 2019 19:23:00 +0000 (21:23 +0200)]
tools/e2fsprogs: Update to version 1.45.4

Fixes CVE-2019-5094

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 700e7a2eb9c515ffe4f3278857e538ea37cc5e56)

5 years agocurl: bump to 7.66.0
Hans Dedecker [Tue, 17 Sep 2019 20:45:41 +0000 (22:45 +0200)]
curl: bump to 7.66.0

Refresh patches, for changes in version 7.66.0 see https://curl.haxx.se/changes.html#7_66_0

Fixes CVEs:
    CVE-2019-5481
    CVE-2019-5482

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 71cf4a272c9cf7d6e604e6327d0c94aeceac26e7)

5 years agoath79: disable building future NAND images for GL-AR300M/GL-AR750S
Adrian Schmutzler [Thu, 7 Nov 2019 17:53:37 +0000 (18:53 +0100)]
ath79: disable building future NAND images for GL-AR300M/GL-AR750S

To simplify the upgrade process and ensure easier identification of
device partitioning, the following devices are disabled on ath79
target in openwrt-19.07 branch:

- glinet,gl-ar300m-nor
- glinet,gl-ar300m-nand
- glinet,gl-ar750s

Proper ath79 (NAND) support for the devices is expected to be
introduced based on kernel 4.19 (see GitHub PR #2184).

In openwrt-19.07, ar71xx should be used for those devices.

With this, we ensure that the new ath79 image names (at least for
releases) refer to the updated partitioning.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
5 years agomac80211 ath9k: force QCA953x clock to 25MHz
David Bauer [Tue, 5 Nov 2019 21:28:39 +0000 (22:28 +0100)]
mac80211 ath9k: force QCA953x clock to 25MHz

The QCA953x only supports 25 MHz refclk, however some OEMs set an
invalid bootstrap value for the REF_CLK option, which would break the
clock detection in ath9k.

Force the QCA953x refclk to 25MHz in ath9k, as this is (according to the
datasheet) the only valid frequency.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 4c6fe32468bc60cc25a8c298498c0be3c73e7378)