openwrt/staging/jow.git
6 years agokernel: add kmod-usb-serial-mos7840
Thomas Fuzeau [Tue, 30 Oct 2018 11:06:22 +0000 (12:06 +0100)]
kernel: add kmod-usb-serial-mos7840

Enable build of kernel module for mos7840 usb-serial devices.

Signed-off-by: Thomas Fuzeau <tfuzeau@loocla.com>
6 years agocurl: bump to 7.62.0
Hans Dedecker [Wed, 31 Oct 2018 21:58:54 +0000 (22:58 +0100)]
curl: bump to 7.62.0

Refresh patches, for changes in version 7.62.0 see https://curl.haxx.se/changes.html#7_62_0

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agoopenssl: enable OPENSSL_WITH_DEPRECATED when OpenSSL is built as a build dep
Matthias Schiffer [Tue, 30 Oct 2018 19:38:34 +0000 (20:38 +0100)]
openssl: enable OPENSSL_WITH_DEPRECATED when OpenSSL is built as a build dep

Some package (e.g. libunbound) depend on OPENSSL_WITH_DEPRECATED. In some
situations it may happen that libunbound and openssl are only pulled in as
build dependencies, but are not enabled in .config.

In such cases, the defaults of symbols like OPENSSL_WITH_DEPRECATED are
ignored (as the whole symbol depends on PACKAGE_libopenssl), and config
symbol dependencies of libunbound aren't effective either (as libunbound
is not actually enabled).

This commit works around the issue by introducing a hidden negated symbol
OPENSSL_NO_DEPRECATED, which is always disabled when PACKAGE_libopenssl is
disabled, and ensures that OpenSSL is built with deprecated APIs in this
case. A user can still manage to break the build by explicitly enabling
libopenssl and disabling OPENSSL_WITH_DEPRECATED; the interaction between
build dependencies and config symbols will require further discussion.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
6 years agodnsmasq: tighten config file permissions
Kevin Darbyshire-Bryant [Thu, 11 Oct 2018 08:46:42 +0000 (09:46 +0100)]
dnsmasq: tighten config file permissions

Install following as config files (600) perms instead of as data (644)

/usr/share/dnsmasq/dhcpbogushostname.conf
/usr/share/dnsmasq/trust-anchors.conf
/usr/share/dnsmasq/rfc6761.conf
/etc/hotplug.d/ntp/25-dnsmasqsec
/etc/config/dhcp
/etc/dnsmasq.conf

dnsmasq reads relevant config files before dropping root privilege and
running as dnsmasq:dnsmasq

ntpd runs as root so the hotplug script is still accessible

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
6 years agoar71xx: expand kernel size for ubnt targets
Koen Vandeputte [Mon, 29 Oct 2018 14:48:10 +0000 (15:48 +0100)]
ar71xx: expand kernel size for ubnt targets

Kernel 4.14 is pretty large causing a build error as the partition is too small.
Expand the kernel partition a bit to make it fit.

* ubnt-uap-pro
* ubnt-unifi-outdoor-plus

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agoar71xx: disable ap91-5g due to kernel size
Koen Vandeputte [Mon, 29 Oct 2018 14:44:54 +0000 (15:44 +0100)]
ar71xx: disable ap91-5g due to kernel size

This target causes a build failure as the kernel image does not fit
into the kernel partition.

As the kernel is located behind the rootfs, it cannot be enlarged
as the boot entry location would get altered.

Disable this target for now.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agoar71xx: fix sysupgrade generation for some targets
Koen Vandeputte [Wed, 24 Oct 2018 12:44:30 +0000 (14:44 +0200)]
ar71xx: fix sysupgrade generation for some targets

These targets are already defined as having a dynamic partition
but the safeloader was not adapted for them.

This causes a build warning for the sysupgrade image being too big.

Targets:
- c58-v1
- c60-v1
- c60-v2
- TL-WR1043 v5
- TL-WR902AC v1
- TL-WR942N V1

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agoar71xx: switch more targets to dynamic partitioning
Koen Vandeputte [Wed, 24 Oct 2018 12:49:07 +0000 (14:49 +0200)]
ar71xx: switch more targets to dynamic partitioning

Targets:
- TP-LINK ER355
- TP-LINK C25 V1
- TP-LINK C59 V1
- TP-LINK C7 V4
- TP-LINK C7 V5

Fixes build issues seen due to the kernel being too big

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agoar71xx: switch TP-Link RE450 v1 to dynamic partitioning
Radek Dostál [Mon, 22 Oct 2018 20:34:17 +0000 (22:34 +0200)]
ar71xx: switch TP-Link RE450 v1 to dynamic partitioning

As mentioned in commit 5f24933 recent changes on ar71xx (switch to 4.14,
memory compaction, ...) cause an increase in kernel size, making it too
big for RE450.

RE450 images were not build due to the following error message:
os-image partition too big (more than 1572864 bytes): Success

Tested on RE450, device boots and was used to send this patch.

Reported-by: Enrico Mioso <mrkiko.rs@gmail.com>
Suggested-by: David Bauer <mail@david-bauer.net>
Signed-off-by: Radek Dostál <rd@radekdostal.com>
[rewrote commit msg keeping it tight + fixed SoB lines]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agoar71xx: move OCEDO Koala to generic and use dynamic partitioning
David Bauer [Thu, 18 Oct 2018 18:43:42 +0000 (20:43 +0200)]
ar71xx: move OCEDO Koala to generic and use dynamic partitioning

This changes the OCEDO Koala flash-layout to a unified firmware
partition, thus making the ar71xx-generic kernel fit in flash.

Compile and runtested on OCEDO Koala.

Signed-off-by: David Bauer <mail@david-bauer.net>
[small title reword]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agoath79: fix PQI Air Pen support
Mathias Kresin [Sun, 28 Oct 2018 10:03:49 +0000 (11:03 +0100)]
ath79: fix PQI Air Pen support

Use the correct dts filename. It has to be <soc>_<manufacturer>_<device>.

Signed-off-by: Mathias Kresin <dev@kresin.me>
6 years agoath79: add support for PQI Air Pen
YuheiOKAWA [Thu, 4 Oct 2018 16:08:51 +0000 (01:08 +0900)]
ath79: add support for PQI Air Pen

SoC: AR9330 (or AR9331 revision?)
Ethernet x1, Wireless 2.4G, uSD card slot x1.
USB Power, include Li-Po Battery.

Flash 8MiB. (factory is dual image)
1. write image is use half 4MiB size from factory.
  write initramfs image to mtd6 and mtd7.
2. change next boot setting. next is mtd6 boot.
  echo -ne "\x01" | dd of=/dev/mtdblock8 conv=notrunc bs=1 count=1 seek=0

3. rewrite sysupgrade image.
  change next boot setting. next is mtd4.
  echo -ne "\x00" | dd of=/dev/mtdblock8 conv=notrunc bs=1 count=1 seek=0

OEM mtd.
dev:    size   erasesize  name
mtd0: 00040000 00010000 "u-boot"
mtd1: 00010000 00010000 "u-boot-env"
mtd2: 00010000 00010000 "ART"
mtd3: 00010000 00010000 "NVRAM"
mtd4: 00140000 00010000 "uImage"
mtd5: 00280000 00010000 "rootfs"
mtd6: 00140000 00010000 "uImage2"
mtd7: 00280000 00010000 "rootfs2"
mtd8: 00010000 00010000 "CONF"

Signed-off-by: YuheiOKAWA <tochiro.srchack@gmail.com>
6 years agoath79: Add support for Ubiquiti LiteAP ac (LAP-120)
Roger Pueyo Centelles [Wed, 19 Sep 2018 12:17:35 +0000 (14:17 +0200)]
ath79: Add support for Ubiquiti LiteAP ac (LAP-120)

This commit adds support for the Ubiquiti LiteAP ac (LAP-120), an outdoor
5 GHz AC access point with an integrated 120° 16 dBi antenna. The device
was previously known as LiteBeam AP ac but was later rebranded.

CPU:    Atheros AR9342 SoC
RAM:    64 MB DDR2
Flash:  16 MB NOR SPI
Ports:  1 GbE port (PoE in)
WLAN:   5 GHz QCA899X (PCI)

The integrated QCA899X is a Ubiquiti branded part with modified vendor
and product id (0777:11ac9). It is very similar to the NanoStation loco
AC, except for the 2.4 GHz management radio (missing here).

Installation procedure is the same as the NanoStation [loco] AC:

1. Connect to serial header on device
2. Power on device and enter uboot console
3. Set up tftp server serving an openwrt initramfs build
4. Load initramfs build using the command tftpboot in the uboot cli
5. Boot the loaded image using the command bootm
6. Copy squashfs openwrt sysupgrade build to the booted device
7. Use mtd to write sysupgrade to partition "firmware"
8. Reboot and enjoy

Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
6 years agomt76: update to the latest version
Felix Fietkau [Sat, 27 Oct 2018 15:54:36 +0000 (17:54 +0200)]
mt76: update to the latest version

fdc63f1 mt76: fix regression in tx status handling

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agomt76: Fix dependencies for PCI support
Daniel Engberg [Wed, 10 Oct 2018 11:04:31 +0000 (13:04 +0200)]
mt76: Fix dependencies for PCI support

USB support doesn't necessarily mean that there's
PCI support available so move that to the drivers
which requires PCI support. This applies to the
sunxi platform for instance.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [fix mt76x0e]
6 years agomt76: update to the latest version
Felix Fietkau [Thu, 25 Oct 2018 20:48:49 +0000 (22:48 +0200)]
mt76: update to the latest version

0b8b15f mt7603: use common mmio mcu struct
d612e2e mt76: mt76x02: skip station tx status for non-sta wcid entries
d89d84b mt76: mt76x02: only override control->sta on sw-encrypted tx
9d59d2a mt76: add support for reporting tx status with skb
ed17ba2 mt7603: use common tx status handling code
14b6c59 mt76x0: use band parameter for LC calibration

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agogrub2: fix regression caused by binutils-2.31.1
Philip Prindeville [Sun, 21 Oct 2018 02:23:12 +0000 (20:23 -0600)]
grub2: fix regression caused by binutils-2.31.1

grub-efi no longer works:

grub-mkimage: error: relocation 0x4 is not implemented yet.

See:

http://git.savannah.gnu.org/cgit/grub.git/commit/util?id=842c390469e2c2e10b5aa36700324cd3bde25875

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>i [PKG_RELEASE increase]
6 years agomwlwifi: driver version to 10.3.8.0-20181022
Jonathan Lancett [Mon, 22 Oct 2018 14:36:23 +0000 (14:36 +0000)]
mwlwifi: driver version to 10.3.8.0-20181022

Upgrade 88W8997 firmware to 8.4.0.52.
Removed unnecessary firmware settings.
Added vendor events.
Fixed crash problem when module is removed.
Modified the code to protect tx queues.

Signed-off-by: Jonathan Lancett <j.lancett@ntlworld.com>
[tidy commit message]
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
6 years agoglibc: update to latest 2.27 commit (BZ #23562, BZ #23275)
Hans Dedecker [Tue, 23 Oct 2018 13:55:09 +0000 (15:55 +0200)]
glibc: update to latest 2.27 commit (BZ #23562, BZ #23275)

77b4b8231e signal: Use correct type for si_band in siginfo_t [BZ #23562]
5bdb6897fc Fix race in pthread_mutex_lock while promoting to PTHREAD_MUTEX_ELISION_NP [BZ #23275]

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agomt76: update to the latest version
Felix Fietkau [Tue, 23 Oct 2018 09:17:35 +0000 (11:17 +0200)]
mt76: update to the latest version

d033272 mt76: mt76x0: handle chip specific initval differences
1a2b2dc mt76: usb: fix static tracepoints
11151f4 mt76x0: antenna select corrections
dade109 mt76x0: init: simplify mt76x0_init_mac_registers
3c54612 mt76x0: pci: add missing MODULE_FIRMWARE macro
97e0269 mt76x0: mac: remove mt76x0_mac_set_ampdu_factor
5d8c4bf mt76x0: align mt76x0u and mt76x0e fw version
d4391ae mt76: move mt76x02_mac_set_short_preamble in mt76x02_mac.c
aa6ebf9 mt76: move mt76x02_init_device in mt76x02-lib module
a4a08c3 mt76: move mac beacon routines in mt76x02-lib module
6b69650 mt76: move tx beacon routines in mt76x02-lib module
8486047 mt76x0: pci: add pre_tbtt_tasklet support
acd4c99 mt76: move mt76x02_sw_scan and mt76x02_sw_scan_complete in mt76x02-lib module
2d736cf mt76: move mt76x02_get_txpower in mt76x02_util.c
aa1d6bd mt76: move mt76x02_sta_ps in mt76x02-lib module
e684281 mt76: introduce mt76x02_init_beacon_config routine
c181d97 mt76x0: pci: enable AP support
3b86d99 mt76: move mt76x02_set_tx_ackto in mt76x02-lib module
41d7ef7 mt76x0: update init vals for MT_TX_PROT registers
fe5a149 mt76: move tx protection routines in mt76x02-lib module
5bca2de mt76: move mt76x02_bss_info_changed in mt76x02-lib module
d21a835 mt76: move dfs support in mt76x02-lib module
ba9d424 mt76x0: pci: add DFS support

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agokernel: add missing symbol for target bcm53xx
Koen Vandeputte [Tue, 23 Oct 2018 08:55:56 +0000 (10:55 +0200)]
kernel: add missing symbol for target bcm53xx

Fixes: ca88f4153f8f ("kernel: bump 4.14 to 4.14.77")
Reported-by: Rafał Miłecki <rafal@milecki.pl>
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agobcm53xx: use upstream SPI controller fix
Rafał Miłecki [Tue, 23 Oct 2018 07:42:00 +0000 (09:42 +0200)]
bcm53xx: use upstream SPI controller fix

This just moves patch to use 0xx prefix and includes maintainer's s-o-b.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
6 years agokernel: bump 4.14 to 4.14.78
Koen Vandeputte [Mon, 22 Oct 2018 12:11:59 +0000 (14:11 +0200)]
kernel: bump 4.14 to 4.14.78

Refreshed all patches.

Remove upstreamed:
- 050-net-emac-fix-fixed-link-setup-for-the-RTL8363SB-swit.patch

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agokernel: bump 4.9 to 4.9.135
Koen Vandeputte [Mon, 22 Oct 2018 09:46:59 +0000 (11:46 +0200)]
kernel: bump 4.9 to 4.9.135

Refreshed all patches.

Fixes:
- CVE-2018-10883

Compile-tested on: ar71xx, layerscape
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agofstools: update to git HEAD
Hans Dedecker [Sun, 21 Oct 2018 18:43:46 +0000 (20:43 +0200)]
fstools: update to git HEAD

29e53af fstools: add ntfs support

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agomac80211: hermes-pcmcia: add missing dependency to kmod-pcmcia-core
Hauke Mehrtens [Sun, 21 Oct 2018 14:35:49 +0000 (16:35 +0200)]
mac80211: hermes-pcmcia: add missing dependency to kmod-pcmcia-core

This fixes a build problem on x86.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agolinux-firmware: intel: Add iwl 9000 and 9260 firmware
Hauke Mehrtens [Thu, 18 Oct 2018 19:03:16 +0000 (21:03 +0200)]
linux-firmware: intel: Add iwl 9000 and 9260 firmware

Add the most recent supported firmware file for the Intel 9000 and
9260 wireless chips. The API version 41 is not yet supported by the driver.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agolinux-firmware: intel: update firmware files for 7265D, 8000C and 8265
Hauke Mehrtens [Thu, 18 Oct 2018 19:02:20 +0000 (21:02 +0200)]
linux-firmware: intel: update firmware files for 7265D, 8000C and 8265

Use more recent versions for the Intel wireless chips 7265D, 8000C and 8265.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agompc85xx: workaround 4.14 cross compile issue
Ryan Mounce [Fri, 12 Oct 2018 07:46:28 +0000 (18:16 +1030)]
mpc85xx: workaround 4.14 cross compile issue

Regression introduced with 4.10 by 43c9127d94d62a232ed33ed2eab8a08657ce5472

Build will fail if system 'ar' does not support deterministic builds.
e.g. macOS with Xcode toolchain

Appears to be fixed upstream in 4.18 by af3901cbbd3de182aafb8ee553c825c0074df6a2

Signed-off-by: Ryan Mounce <ryan@mounce.com.au>
6 years agotools/pkg-config: pass arguments at the end
Arthur Skowronek [Mon, 15 Oct 2018 12:55:57 +0000 (14:55 +0200)]
tools/pkg-config: pass arguments at the end

Go for openwrt passes pkg-config arguments in the format of

        pkg-config --cflags -- pkg-name

which in turn will be passed down to the real pkg-config as something
like

        pkg-config.real --cflags -- pkg-name --define...

and causes the real pkg-config implementation to missinterpret the given
argument list.

This also helps to fix https://github.com/golang/go/issues/27940

Signed-off-by: Arthur Skowronek <arthur.skowronek@tuta.io>
6 years agomwlwifi: driver version to 10.3.8.0-20181008
Yufei Miao [Wed, 10 Oct 2018 15:23:44 +0000 (23:23 +0800)]
mwlwifi: driver version to 10.3.8.0-20181008

Signed-off-by: Yufei Miao <myf@myf.cloud>
6 years agokernel/modules: Aosong AM2315/AM2320 IIO kernel module support enabled.
Roman Bazalevskiy [Fri, 12 Oct 2018 12:16:42 +0000 (15:16 +0300)]
kernel/modules: Aosong AM2315/AM2320 IIO kernel module support enabled.

Signed-off-by: Roman Bazalevskiy <rvb@rvb.name>
6 years agokernel/modules: add kmod-fou6 package
Deng Qingfang [Tue, 16 Oct 2018 15:01:05 +0000 (23:01 +0800)]
kernel/modules: add kmod-fou6 package

IPv6 support for Foo-over-UDP tunnel

Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
6 years agolinux-firmware: Update linux-firmware to 2018-10-18
Robert Marko [Fri, 19 Oct 2018 07:54:32 +0000 (09:54 +0200)]
linux-firmware: Update linux-firmware to 2018-10-18

Kalles ath10k PR was finally merged so update linux-firmware to
include those changes.

This is needed since disabling ath10k-firmware a lot of custom BDF-s
in board-2.bin-s are not available in previously outdated linux-firmware
board-2.bin-s.
This also includes support for boards currently using ipq-wifi and other
WIP ones.

Runtime tested on 8devices Jalapeno.

Signed-off-by: Robert Marko <robimarko@gmail.com>
6 years agoapm821xx: add disk-activity triggers via DT.
Christian Lamparter [Mon, 15 Oct 2018 18:00:09 +0000 (20:00 +0200)]
apm821xx: add disk-activity triggers via DT.

The WNDR4700 and the MBL have a dedicated HDD activity LED.
This patch adds the default led triggers to the DTS and
removes the entries in 01_leds.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
6 years agoapm821xx: apm82181.dtsi overhaul
Christian Lamparter [Mon, 15 Oct 2018 18:00:08 +0000 (20:00 +0200)]
apm821xx: apm82181.dtsi overhaul

- order entries by mmio address where possible

 - switch to lower-case address values

 - comment on BSP u-boot behaviour in regards to
   what it edits and look for

 - annotate irq lines with the help of interrupt-names

 - remove deprecated "device_type" properties
   The pci and network device_type had to stay since
   they are required by the drivers and u-boot.
   the cpu and memory device_types will remain as well
   as they are still part of the DT Spec.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
6 years agoapm821xx: force WNDR4700 console to 115200n8
Christian Lamparter [Mon, 15 Oct 2018 18:00:07 +0000 (20:00 +0200)]
apm821xx: force WNDR4700 console to 115200n8

With the upcoming 4.19 release, the serial console on the
Netgear WNDR4700 would no longer work as it is never really
set and always relied on the kernel's serial code not to
change the baud rate.

On the stock firmware, Netgear forced the console setting
through a custom CONFIG_CMDLINE in their kernel to 115200.
Normally, they should have done it in a different way and
just passed the baudrate through a "console=..." kernel
parameter via the bootargs in the "/chosen" dt node.
But in their default u-boot bootcmd setting, they somehow
forgot to add the "run addtty", so there's no easy way to
pass the baudrate from u-boot to the kernel. So it has
to be forced as otherwise it ends up as 9600 baud.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
6 years agoapm821xx: set uart compatible to ns16750
Christian Lamparter [Mon, 15 Oct 2018 18:00:06 +0000 (20:00 +0200)]
apm821xx: set uart compatible to ns16750

The APM821XX/PPC460EX datasheet mentions:
"Register compatibility with 16750 register set"

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
6 years agobuild: remove obsolete -rc kernel testing rewrites
Christian Lamparter [Mon, 15 Oct 2018 18:00:05 +0000 (20:00 +0200)]
build: remove obsolete -rc kernel testing rewrites

The -rcX "testing" kernels are no longer hosted on
cdn.kernel.org file servers directly in a "testing"
directory. Therefore the logic that tested for "-rc"
can be removed.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
6 years agogemini: Fix up image generation
Linus Walleij [Wed, 17 Oct 2018 18:46:19 +0000 (20:46 +0200)]
gemini: Fix up image generation

I noticed that the image generator for the Gemini generates
some 10+ MB files for the second (application) partition.
This is just wrong. The first 6144K partition named initramfs
easily fits OpenWRTs squashfs,jffs2 overlayed partitions
with nice headroom for storing configuration files.

Generate a blank partition for the hddapp.tgz file and delete
it after generating the firmware image - when performing
updates manually you just want the "rd.z" file around
anyways.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
6 years agogemini: Break out USB to packages
Linus Walleij [Thu, 18 Oct 2018 09:30:27 +0000 (11:30 +0200)]
gemini: Break out USB to packages

This creates a new kernel package for the fotg210 host
controller and uses that with the gemini to shrink the
kernel. The SQ201 needs the USB2 PCI package as well.

The build system required me to make kernel_oldconfig
beofore it would build without errors so some minor
unrelated Kconfig entries are changed.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
6 years agokernel: Add support for Winbond w25q128jv SPI NOR flash
Baptiste Jonglez [Thu, 18 Oct 2018 09:07:26 +0000 (11:07 +0200)]
kernel: Add support for Winbond w25q128jv SPI NOR flash

Newer batches of several Mikrotik boards contain this yet-unsupported
flash chip, for instance:

- rb941-2nd (hAP lite)
- rb952ui-5ac2nd (hAP ac lite)
- RBM33G

and probably other Mikrotik boards need this patch as well.

The patch was submitted upstream by Robert Marko: https://patchwork.ozlabs.org/patch/934181/

Closes: FS#1715
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
Cc: Robert Marko <robimarko@gmail.com>
6 years agotoolchain/musl: Don't override optimization set by upstream
Daniel Engberg [Thu, 22 Feb 2018 22:39:40 +0000 (23:39 +0100)]
toolchain/musl: Don't override optimization set by upstream

Don't override optimization set by upstream.
Provides a speed increase for internal (library), malloc and string
operations in musl.

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
[add : to PKG_RELEASE release variable for consistency]
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
6 years agodnsmasq: bump to v2.80
Kevin Darbyshire-Bryant [Fri, 19 Oct 2018 14:17:23 +0000 (15:17 +0100)]
dnsmasq: bump to v2.80

dnsmasq v2.80 release

Change from rc1:

91421cb Fix compiler warning.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
6 years agokernel: bump 4.14 to 4.14.77
Koen Vandeputte [Thu, 18 Oct 2018 10:09:22 +0000 (12:09 +0200)]
kernel: bump 4.14 to 4.14.77

Refreshed all patches.

Altered patches:
- 666-Add-support-for-MAP-E-FMRs-mesh-mode.patch

New symbol for arm targets:
- HARDEN_BRANCH_PREDICTOR

Compile-tested on: ar71xx, cns3xxx, imx6
Runtime-tested on: ar71xx, cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agokernel: bump 4.9 to 4.9.134
Koen Vandeputte [Thu, 18 Oct 2018 09:58:32 +0000 (11:58 +0200)]
kernel: bump 4.9 to 4.9.134

Refreshed all patches.

Compile-tested on: ar71xx, layerscape
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agoiproute2: install ip-tiny and ip-full in /usr/libexec
Hans Dedecker [Tue, 16 Oct 2018 12:16:48 +0000 (14:16 +0200)]
iproute2: install ip-tiny and ip-full in /usr/libexec

Install the ip-tiny and ip-full variants in /usr/libexec as the suffixed
ip variants are not meant to be called directly

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agomt76: update to the latest version
Felix Fietkau [Thu, 18 Oct 2018 14:27:46 +0000 (16:27 +0200)]
mt76: update to the latest version

b51337a mt76: clean up unused leftover EXPORT_SYMBOLs
383b228 mt76x0: reduce duplication in setting rf bandwidth parameters
a1a4528 mt76: mt76x0: handle chip specific initval differences
f473340 mt76: usb: fix static tracepoints
3a975b4 mt76x0: antenna select corrections
37c1150 mt76x0: init: simplify mt76x0_init_mac_registers

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agowireguard: bump to 0.0.20181018
Jason A. Donenfeld [Thu, 18 Oct 2018 01:48:34 +0000 (03:48 +0200)]
wireguard: bump to 0.0.20181018

ba2ab5d version: bump snapshot
5f59c76 tools: wg-quick: wait for interface to disappear on freebsd
ac7e7a3 tools: don't fail if a netlink interface dump is inconsistent
8432585 main: get rid of unloaded debug message
139e57c tools: compile on gnu99
d65817c tools: use libc's endianness macro if no compiler macro
f985de2 global: give if statements brackets and other cleanups
b3a5d8a main: change module description
296d505 device: use textual error labels always
8bde328 allowedips: swap endianness early on
a650d49 timers: avoid using control statements in macro
db4dd93 allowedips: remove control statement from macro by rewriting
780a597 global: more nits
06b1236 global: rename struct wireguard_ to struct wg_
205dd46 netlink: do not stuff index into nla type
2c6b57b qemu: kill after 20 minutes
6f2953d compat: look in Kbuild and Makefile since they differ based on arch
a93d7e4 create-patch: blacklist instead of whitelist
8d53657 global: prefix functions used in callbacks with wg_
123f85c compat: don't output for grep errors

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
6 years agoar71xx/ath79: fix mtd corruption
Fabio Bettoni [Wed, 17 Oct 2018 12:21:41 +0000 (14:21 +0200)]
ar71xx/ath79: fix mtd corruption

In commit fec8fe806963 ("kernel: bump 4.9 to 4.9.116") [1], the following patch for removed:
- 403-mtd_fix_cfi_cmdset_0002_status_check.patch

This patch contained fixes for both write and erase functions.

While the chip-detects for erase got fixed upstream [2],
some modifications are still required, even with the fixes applied.

While at it, also apply the same fix for target ath79,
which suffers the same issue.

Not doing so results in following errors seen:

Collected errors:
 * pkg_write_filelist: Failed to open //usr/lib/opkg/info/luci-lib-ip.list: I/O error.
 * opkg_install_pkg: Failed to extract data files for luci-lib-ip. Package debris may remain!
 * opkg_install_cmd: Cannot install package luci-ssl.
 * opkg_conf_write_status_files: Can't open status file //usr/lib/opkg/status: I/O error.

[    0.780920] jffs2: version 2.2 (NAND) (SUMMARY) (LZMA) (RTIME) (CMODE_PRIORITY) (c) 2001-2006 Red Hat, Inc.
[    8.406396] jffs2: notice: (415) jffs2_build_xattr_subsystem: complete building xattr subsystem, 0 of xdatum (0 unchecked, 0 orphan) and 0 of xref (0 dead, 0 orphan) found.
[    8.423476] mount_root: switching to jffs2 overlay
[  270.902671] jffs2: Write of 1989 bytes at 0x005ce6f8 failed. returned -5, retlen 962
[  270.931965] jffs2: Write of 1989 bytes at 0x005ceec0 failed. returned -5, retlen 0
[  270.939631] jffs2: Not marking the space at 0x005ceec0 as dirty because the flash driver returned retlen zero
[  270.950397] jffs2: Write of 68 bytes at 0x005ceec0 failed. returned -5, retlen 0
[  270.957838] jffs2: Not marking the space at 0x005ceec0 as dirty because the flash driver returned retlen zero
[  270.968584] jffs2: Write of 68 bytes at 0x005ceec0 failed. returned -5, retlen 0
[  270.976027] jffs2: Not marking the space at 0x005ceec0 as dirty because the flash driver returned retlen zero
[  270.986735] jffs2: Write of 68 bytes at 0x005ceec0 failed. returned -5, retlen 0
[  270.994225] jffs2: Not marking the space at 0x005ceec0 as dirty because the flash driver returned retlen zero

[1] https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=fec8fe806963c96a6506c2aebc3572d3a11f285f
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v4.9.133&id=a0239d83e1cb60de5e78452d4708c083b9e3dcbe

Fixes: fec8fe806963 ("kernel: bump 4.9 to 4.9.116")
Signed-off-by: Fabio Bettoni <fbettoni@gmail.com>
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agoar71xx: Move some targets to tiny
Koen Vandeputte [Wed, 17 Oct 2018 15:16:51 +0000 (17:16 +0200)]
ar71xx: Move some targets to tiny

Recent changes on ar71xx (switch to 4.14, memory compaction, ...) cause
an increase in kernel size, making it too big for some devices.

Move these devices to the tiny target, where kernel symbols and
optimization for speed are disabled, reducing the kernel size.

Devices:
- EnGenius ENS202EXT
- OCEDO Koala

Compile-tested targets:

- ar71xx->generic->default
- ar71xx->smallFlash->Default

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agonetifd: update to latest git HEAD
Hans Dedecker [Wed, 17 Oct 2018 09:14:15 +0000 (11:14 +0200)]
netifd: update to latest git HEAD

841b5d1 system-linux: enable by default ignore encaplimit for grev6 tunnels
125cbee system-linux: fix a typo in gre tunnel data parsing logic

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agogre: make encaplimit support configurable
Hans Dedecker [Wed, 17 Oct 2018 09:02:05 +0000 (11:02 +0200)]
gre: make encaplimit support configurable

Make inclusion of the destination option header containing the tunnel
encapsulation limit configurable for IPv6 GRE packets.
Setting the uci parameter encaplimit to ignore; allows to disable the
insertion of the destination option header in the IPv6 GRE packets.
Otherwise the tunnel encapsulation limit value can be set to a value
from 0 till 255 by setting the encaplimit uci parameter accordingly.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agotools/xz: Add PKG_CPE_ID for proper CVE tracking
Rosen Penev [Mon, 15 Oct 2018 20:58:30 +0000 (13:58 -0700)]
tools/xz: Add PKG_CPE_ID for proper CVE tracking

Signed-off-by: Rosen Penev <rosenp@gmail.com>
6 years agotools/libressl: Add PKG_CPE_ID for proper CVE tracking
Rosen Penev [Mon, 15 Oct 2018 17:47:09 +0000 (10:47 -0700)]
tools/libressl: Add PKG_CPE_ID for proper CVE tracking

Signed-off-by: Rosen Penev <rosenp@gmail.com>
6 years agotreewide: use wpad-basic for not small flash targets
Mathias Kresin [Tue, 10 Jul 2018 17:22:41 +0000 (19:22 +0200)]
treewide: use wpad-basic for not small flash targets

Add out of the box support for 802.11r and 802.11w to all targets not
suffering from small flash.

Signed-off-by: Mathias Kresin <dev@kresin.me>
Mathias did all the heavy lifting on this, but I'm the one who should
get shouted at for committing.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
6 years agohostapd: add basic variant
Kevin Darbyshire-Bryant [Mon, 9 Jul 2018 12:16:42 +0000 (13:16 +0100)]
hostapd: add basic variant

Add a basic variant which provides WPA-PSK only, 802.11r and 802.11w and
is intended to support 11r & 11w (subject to driver support) out of the
box.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
6 years agoppp: don't start ppp with IPv6 support if ipv6 is not supported
Rosy Song [Thu, 4 Oct 2018 06:46:40 +0000 (14:46 +0800)]
ppp: don't start ppp with IPv6 support if ipv6 is not supported

Signed-off-by: Rosy Song <rosysong@rosinson.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agomt76: update to the latest version, add mt76x0 firmware, enable mt76x0e
Felix Fietkau [Tue, 16 Oct 2018 10:58:57 +0000 (12:58 +0200)]
mt76: update to the latest version, add mt76x0 firmware, enable mt76x0e

96fa353 mt76: do not store aggregation sequence number for null-data frames
c50dca8 mt76x0: print BBP version only for debug
ddc9e05 mt76x0: correct RF access via RF_CSR register.
02d2385 mt76: allow to identify bus
c438e67 mt76x0: correct RF reg pairs write for PCIe
c83abb8 mt76x0: use bus helper to identify rf access method
9c272ff mt76x0: phy: fix bank check in mt76x0_rf_csr_{wr,rr}
1945d57 mt76: use mt76x02_dev instead of mt76_dev in mt76x02_mcu.c
214eab7 mt76: use mt76x02_dev instead of mt76_dev in mt76x02_phy.c
29bc2ae mt76: use mt76x02_dev instead of mt76_dev in mt76x02_util.c
08ecb5f mt76: use mt76x02_dev instead of mt76_dev in mt76x02_usb_mcu.c
fd9b2b0 mt76: use mt76x02_dev instead of mt76_dev in mt76x02_mac.c
f37bd25 mt76: use mt76x02_dev instead of mt76_dev in mt76x02_txrx.c
48950cb mt76: use mt76x02_dev instead of mt76_dev in mt76x02_eeprom.c
06276cc mt76x0: pci: report firmware version using ethtool
72546ed mt76x0: pci: add missing mac80211 callbacks
4de98cd mt76: disable ldpc coding for mt76x0 devices
f0951c2 mt76x0: pci: add mt76x0_register_device in mt76x0e_register_device
4f3685e mt76: reserve enough room for USB tx skbs
5e6907f mt76x0: remove dma.h
acfc5a9 mt76x0: pci: fix set external PA I/O current
2b79bb7 mt76: mt76x0e: another fix for the external PA current setting
8a0acfd mt76x0: phy: fix restore phase in mt76x0_phy_recalibrate_after_assoc
e9e949b mt76x0: phy: remove channel parameter from mt76x0_phy_set_chan_bbp_params
1775717 mt76: move mt76x02_phy_set_bw in mt76x02-lib module
f82134f mt76: move mt76x02_phy_set_band in mt76x02-lib module
3eaa34f mt76x0: pci: rename mt76x0_phy_calibrate
7269fb4 mt76x0: pci: introduce mt76x0_phy_calirate routine
a514b75 mt76x0: phy: update set_channel for mt76x0e devices
62a1bc5 mt76x0: eeprom: introduce mt76x0_tssi_enabled routine
a48481d mt76x0: phy: add phy/vco temperature compensation
cc34ce9 mt76: move rssi_gain_thresh routines in mt76x02-lib module
eaf9751 mt76: move mt76x02_phy_adjust_vga_gain in mt76/mt76x02_phy.c
2715e7c mt76: introduce mt76x02_init_agc_gain routine
87fcb31 mt76x0: phy: align channel gain logic to mt76x2 one
98f8ef7 mt76x0: phy: do not run calibration during channel switch
cf859ad mt76x2: align mt76x2 and mt76x2u firmware
1f3f767 mt76x2u: align channel gain logic to mt76x2 one
d1c1454 treewide: Replace more open-coded allocation size multiplications
bcbecd2 mt76x0: phy: use proper name convention
b6694e6 mt76x0: phy: simplify rf configuration routines
da129c9 mt76x0: phy: improve code readability in initvals_phy.h
eab7ab1 mt76x0: pci: add get_survey support
9e493f7 mt76: move mt76x02_mac_work routine in mt76x02-lib module
ecec6ba mt76: move mt76x02_debugfs in mt76x02-lib module
4f3b608 mt76x0: use shared debugfs implementation
6aae25b mt76x0: use mt76x02_mac_work as stats handler
b228a45 mt76x2u: introduce mac workqueue support
4671af4 mt76x0: phy: unify calibration between mt76x0u and mt76x0e
5ed28f3 mt76x0: do not perform MCU calibration for MT7630
9b844da add mt7610e firmware

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agotools: patch: Add missing CVE-2018-6951 fix
Rosen Penev [Mon, 15 Oct 2018 17:17:29 +0000 (10:17 -0700)]
tools: patch: Add missing CVE-2018-6951 fix

uscan reports a new CVE now that PKG_CPE_ID was added.

Reordered patches by date.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
[re-title commit & refresh patches]
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
6 years agohostapd: fix MAC filter related log spam
Jo-Philipp Wich [Tue, 16 Oct 2018 10:11:20 +0000 (12:11 +0200)]
hostapd: fix MAC filter related log spam

Backport two upstream fixes to address overly verbose logging of MAC ACL
rejection messages.

Fixes: FS#1468
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
6 years agodnsmasq: fix dnsmasq failure to start when ujail'd
Christian Lamparter [Tue, 16 Oct 2018 09:11:10 +0000 (11:11 +0200)]
dnsmasq: fix dnsmasq failure to start when ujail'd

This patch fixes jailed dnsmasq running into the following issue:

|dnsmasq[1]: cannot read /usr/share/dnsmasq/dhcpbogushostname.conf: No such file or directory
|dnsmasq[1]: FAILED to start up
|procd: Instance dnsmasq::cfg01411c s in a crash loop 6 crashes, 0 seconds since last crash

Fixes: a45f4f50e16 ("dnsmasq: add dhcp-ignore-names support - CERT VU#598349")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[bump package release]
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
6 years agotoolchain/glibc: update to 2.27+
Hans Dedecker [Mon, 15 Oct 2018 09:55:48 +0000 (11:55 +0200)]
toolchain/glibc: update to 2.27+

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agokernel: bump 4.14 to 4.14.76
Koen Vandeputte [Mon, 15 Oct 2018 09:19:43 +0000 (11:19 +0200)]
kernel: bump 4.14 to 4.14.76

Refreshed all patches.

Compile-tested on: ar71xx, cns3xxx, imx6
Runtime-tested on: ar71xx, cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agokernel: bump 4.9 to 4.9.133
Koen Vandeputte [Mon, 15 Oct 2018 09:18:54 +0000 (11:18 +0200)]
kernel: bump 4.9 to 4.9.133

Refreshed all patches.

Compile-tested on: ar71xx, layerscape
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agokernel: bump 3.18 to 3.18.124
Koen Vandeputte [Mon, 15 Oct 2018 09:09:53 +0000 (11:09 +0200)]
kernel: bump 3.18 to 3.18.124

Refreshed all patches.

Compile-tested: adm5120
Runtime-tested: none

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agodnsmasq: bump to v2.80rc1
Kevin Darbyshire-Bryant [Tue, 16 Oct 2018 07:32:54 +0000 (08:32 +0100)]
dnsmasq: bump to v2.80rc1

53792c9 fix typo
df07182 Update German translation.

Remove local patch 001-fix-typo which is a backport of the above 53792c9

There is no practical difference between our test8 release and this rc
release, but this does at least say 'release candidate'

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
6 years agodnsmasq: fix compile issue
Hans Dedecker [Mon, 15 Oct 2018 11:36:25 +0000 (13:36 +0200)]
dnsmasq: fix compile issue

Fix compile issue in case HAVE_BROKEN_RTC is enabled

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
6 years agoramips: refresh mt7621 kernel config
Felix Fietkau [Mon, 15 Oct 2018 08:49:55 +0000 (10:49 +0200)]
ramips: refresh mt7621 kernel config

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agokernel: add CONFIG_CC_OPTIMIZE_FOR_* to the default config
Felix Fietkau [Mon, 15 Oct 2018 08:48:58 +0000 (10:48 +0200)]
kernel: add CONFIG_CC_OPTIMIZE_FOR_* to the default config

Avoid repeating them in the target config, they are overwritten by
top-level menuconfig anyway

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agowolfssl: update to version 3.15.3-stable
Daniel Golle [Mon, 1 Oct 2018 03:07:46 +0000 (05:07 +0200)]
wolfssl: update to version 3.15.3-stable

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
6 years agomt76: move mt76x2e firmware to kmod-mt76x2-common and use it for mt76x2u
Felix Fietkau [Sun, 14 Oct 2018 16:46:32 +0000 (18:46 +0200)]
mt76: move mt76x2e firmware to kmod-mt76x2-common and use it for mt76x2u

USB and PCIe devices can run the same firmware

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agotools: patch: Fix build by not modifing Makefile.am
Hauke Mehrtens [Sun, 14 Oct 2018 14:42:45 +0000 (16:42 +0200)]
tools: patch: Fix build by not modifing Makefile.am

A new test case was adding in one of the patches fixing a problem, this
also included a change in the test/Makefile.am to add this test case.
The build system detected a change in the Makefile.am and wants to
regenerate the Makefile.in, but this fails because automake-1.15 is not
installed yet. As automake depends on patch being build first, make sure
we do not modify the Makefile.am.

This fixes build problem seen by the build bots.

Fixes: 4797dddfde6 ("patch: apply upstream cve fixes")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agotools: patch: make patch build depend on automake
Hauke Mehrtens [Sun, 14 Oct 2018 13:25:37 +0000 (15:25 +0200)]
tools: patch: make patch build depend on automake

The Makefile.am changed and now patch wants to use automake to
regenerate the Makefile.in. Make sure automake was build before we build
patch.

This fixes build problem seen by the build bots.
Fixes: 4797dddfde6 ("patch: apply upstream cve fixes")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agopatch: apply upstream cve fixes
Russell Senior [Sun, 14 Oct 2018 09:34:32 +0000 (02:34 -0700)]
patch: apply upstream cve fixes

Apply two upstream patches to address two CVEs:

 * CVE-2018-1000156
 * CVE-2018-6952

Add PKG_CPE_ID to Makefile.

Build tested on apm821xx and ar71xx.

Signed-off-by: Russell Senior <russell@personaltelco.net>
6 years agohostapd: Add WPA-EAP-SUITE-B-192 (WPA3-Enterprise)
Hauke Mehrtens [Tue, 9 Oct 2018 20:50:50 +0000 (22:50 +0200)]
hostapd: Add WPA-EAP-SUITE-B-192 (WPA3-Enterprise)

This adds support for the WPA3-Enterprise mode authentication.

The settings for the WPA3-Enterpriese mode are defined in
WPA3_Specification_v1.0.pdf. This mode also requires ieee80211w and
guarantees at least 192 bit of security.

This does not increase the ipkg size by a significant size.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agohostapd: Activate Opportunistic Wireless Encryption (OWE)
Hauke Mehrtens [Thu, 4 Oct 2018 20:45:06 +0000 (22:45 +0200)]
hostapd: Activate Opportunistic Wireless Encryption (OWE)

OWE is defined in RFC 8110 and provides encryption and forward security
for open networks.

This is based on the requirements in the Wifi alliance document
Opportunistic_Wireless_Encryption_Specification_v1.0_0.pdf
The wifi alliance requires ieee80211w for the OWE mode.
This also makes it possible to configure the OWE transission mode which
allows it operate an open and an OWE BSSID in parallel and the client
should only show one network.

This increases the ipkg size by 5.800 Bytes.
Old: 402.541 Bytes
New: 408.341 Bytes

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agohostapd: Activate Simultaneous Authentication of Equals (SAE)
Hauke Mehrtens [Wed, 3 Oct 2018 21:33:51 +0000 (23:33 +0200)]
hostapd: Activate Simultaneous Authentication of Equals (SAE)

This build the full openssl and wolfssl versions with SAE support which
is the main part of WPA3 PSK.

This needs elliptic curve cryptography which is only provided by these
two external cryptographic libraries and not by the internal
implementation.

The WPA3_Specification_v1.0.pdf file says that in SAE only mode
Protected Management Frames (PMF) is required, in mixed mode with
WPA2-PSK PMF should be required for clients using SAE, and optional for
clients using WPA2-PSK. The defaults are set now accordingly.

This increases the ipkg size by 8.515 Bytes.
Old: 394.026 Bytes
New: 402.541 Bytes

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agohostapd: SAE: Do not ignore option sae_require_mfp
Hauke Mehrtens [Wed, 10 Oct 2018 21:36:15 +0000 (23:36 +0200)]
hostapd: SAE: Do not ignore option sae_require_mfp

This patch was send for integration into the hostapd project.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agohostapd: backport build fix when OWE is activated
Hauke Mehrtens [Wed, 3 Oct 2018 18:56:41 +0000 (20:56 +0200)]
hostapd: backport build fix when OWE is activated

This backports a compile fix form the hostapd project.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agohostapd: sync config with default configuration
Hauke Mehrtens [Tue, 2 Oct 2018 22:05:11 +0000 (00:05 +0200)]
hostapd: sync config with default configuration

This replaces the configuration files with the versions from the hostapd
project and the adaptions done by OpenWrt.

The resulting binaries should be the same.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agonetifd: update to latest git HEAD
Hauke Mehrtens [Sun, 14 Oct 2018 11:51:58 +0000 (13:51 +0200)]
netifd: update to latest git HEAD

22476ff wireless: Add Simultaneous Authentication of Equals (SAE)
c6c3a0d wireless: Add Opportunistic Wireless Encryption (OWE)
a117e41 wireless: Add WPA-EAP-SUITE-B-192 (WPA3-Enterprise)

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
6 years agouqmi: fix variable initilization for timeout handling
Florian Eckert [Thu, 11 Oct 2018 14:30:55 +0000 (16:30 +0200)]
uqmi: fix variable initilization for timeout handling

Also add logging output for SIM initilization.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
6 years agomac80211: fix A-MSDU packet handling with TCP retransmission
Felix Fietkau [Thu, 11 Oct 2018 13:16:28 +0000 (15:16 +0200)]
mac80211: fix A-MSDU packet handling with TCP retransmission

Improves local TCP throughput and fixes use-after-free bugs that could lead
to crashes.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
6 years agobcm53xx: add pending pinctrl driver
Rafał Miłecki [Thu, 11 Oct 2018 11:55:57 +0000 (13:55 +0200)]
bcm53xx: add pending pinctrl driver

It's required to support devices using adjustable SoC pins for some
specific purpose (e.g. I2C, PWM, UART1).

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
6 years agoath10k-ct: Update to 29-09-2018
Robert Marko [Tue, 9 Oct 2018 13:05:56 +0000 (15:05 +0200)]
ath10k-ct: Update to 29-09-2018

Update ath10k-ct to be able to drop 210-ath10k-fix-recent-bandwidth-conversion-bug.patch
as its upstream.

b9989fbd5d6e ath10k-ct: Add upstream patch to fix peer rate reporting.
ac9224344dbf ath10k-ct: Support sending custom frames with no-ack flag.
bc938bc2021e ath10k-ct: Support sending pkts with specific rate on 10.4 firmware.

Runtime tested on:
- GL-iNet GL-B1300
- Mikrotik RB912 + QCA9882

Signed-off-by: Robert Marko <robimarko@gmail.com>
[Added list of all changes from previous version + add own test device]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
6 years agouqmi: update PKG_RELEASE version
Florian Eckert [Tue, 9 Oct 2018 09:32:36 +0000 (11:32 +0200)]
uqmi: update PKG_RELEASE version

update PKG_RELEASE

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
6 years agouqmi: stop proto handler if verify pin count is not 3
Florian Eckert [Thu, 12 Apr 2018 08:31:29 +0000 (10:31 +0200)]
uqmi: stop proto handler if verify pin count is not 3

Check pin count value from pin status and stop verification the pin if
the value is less then 3. This should prevent the proto-handler to
lock the SIM. If SIM is locked then the PUK is needed.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
6 years agouqmi: evaluate pin-status output in qmi_setup function
Florian Eckert [Tue, 10 Apr 2018 10:55:11 +0000 (12:55 +0200)]
uqmi: evaluate pin-status output in qmi_setup function

Load the json output from uqmi --get-pin-status command and evaluate the
"pin1_status" value.

The following uqmi "pin1_status" values are evaluated:

- disabled
  Do not verify PIN because SIM verification is disabled on this SIM

- blocked
  Stop qmi_setup because SIM is locked and a PUK is required

- not_verified
  SIM is not yet verified. Do a uqmi --verify-pin1 command if a SIM is
  specified

- verified:
  Do not verify the PIN because this was already done before

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
6 years agouqmi: do not block proto handler if SIM is uninitialized
Florian Eckert [Tue, 10 Apr 2018 13:56:24 +0000 (15:56 +0200)]
uqmi: do not block proto handler if SIM is uninitialized

QMI proto setup-handler will wait forever if SIM does not get initialized.
To fix this stop polling pin status and notify netifd. Netifd will generate
then a "ifup-failed" ACTION.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
6 years agouqmi: do not block proto handler if modem is unable to registrate
Florian Eckert [Thu, 12 Apr 2018 11:20:49 +0000 (13:20 +0200)]
uqmi: do not block proto handler if modem is unable to registrate

QMI proto setup-handler will wait forever if it is unable to registrate to
the mobile network. To fix this stop polling network registration status
and notify netifd. Netifd will generate then a "ifup-failed" ACTION.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
6 years agouqmi: add timeout option value
Florian Eckert [Thu, 12 Apr 2018 11:29:34 +0000 (13:29 +0200)]
uqmi: add timeout option value

This value will be used for now during following situations:
* Ask the sim with the uqmi --get-pin-status command.
* Wait for network registration with the uqmi --get-serving-system command.

This two commands wait forever in a while loop. Add a timeout to stop
waiting and so inform netifd.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
6 years agouqmi: redirect uqmi commands output to /dev/null
Florian Eckert [Thu, 12 Apr 2018 11:10:33 +0000 (13:10 +0200)]
uqmi: redirect uqmi commands output to /dev/null

Move uqmi std and error output on commands without using them to /dev/null.
This will remove useless outputs in the syslog.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
6 years agouqmi: fix indenting
Florian Eckert [Tue, 10 Apr 2018 14:29:05 +0000 (16:29 +0200)]
uqmi: fix indenting

fix indenting

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
6 years agobcm53xx: replace SPI revert with a fix sent upstream
Rafał Miłecki [Thu, 11 Oct 2018 08:01:45 +0000 (10:01 +0200)]
bcm53xx: replace SPI revert with a fix sent upstream

Instead of reverting whole commit it's enough to just revert a single
line change. It seems the real problem with the regressing commit was a
bump of read chunk size. Switching back to 256 B chunks is enough to fix
the problem/regression.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
6 years agoprocd: update to latest git HEAD
John Crispin [Thu, 11 Oct 2018 06:42:24 +0000 (08:42 +0200)]
procd: update to latest git HEAD

94944ab procd: Add cpu string to board detection

Signed-off-by: John Crispin <john@phrozen.org>
6 years agopackage/: fix $(PROJECT_GIT) usage
John Crispin [Thu, 11 Oct 2018 06:37:59 +0000 (08:37 +0200)]
package/: fix $(PROJECT_GIT) usage

Signed-off-by: John Crispin <john@phrozen.org>
6 years agoprocd: Install hotplug files as 600
Rosen Penev [Wed, 19 Sep 2018 19:03:32 +0000 (12:03 -0700)]
procd: Install hotplug files as 600

procd runs as root, so it only makes sense that its files are restricted.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
6 years agolinux-atm: Install hotplug file as 600
Rosen Penev [Wed, 19 Sep 2018 19:03:31 +0000 (12:03 -0700)]
linux-atm: Install hotplug file as 600

The hotplug files is only used by procd, which runs as root.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
6 years agocomgt: Install hotplug and netifd files as 600
Rosen Penev [Wed, 19 Sep 2018 19:03:30 +0000 (12:03 -0700)]
comgt: Install hotplug and netifd files as 600

procd and netifd both run as root. These files are not used elsewhere.

Signed-off-by: Rosen Penev <rosenp@gmail.com>