Before this commit the make target would always include "modules",
resulting in a MODPOST and a complete Module.symvers file. Since this
commit a MODPOST of the kernel modules is not guaranteed for kernels <
5.10. This results in some broken SDKs in which external packages that
depend on exported symbols from kernel modules fail to compile.
Adding "modules" back to the calls to the CompileImage defines fixes the
regression. For kernels > 5.10 this is not needed, but it doesn't cause
any harm either.
Tested with kernels 5.4.x and 5.10.x.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
INAGAKI Hiroshi [Sun, 23 May 2021 11:30:58 +0000 (20:30 +0900)]
base-files: fix configuration generation of network if "bridge" exists
After the commit 43fc720657c6e3b30c6ed89d7227ee6e646c158b
("base-files: generate "device UCI type section for bridge"), the wrong
network configuration is generated for the devices that already have the
bridge device section for VLAN, such as the devices in realtek target.
As a result, the bridge device by additional "device" section is
specified to the "ports" option in the "bridge-vlan" section and netifd
shuts down the switch and the ethernet when the network service started.
Fixes: 43fc720657 ("base-files: generate "device" UCI type section for bridge") Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
[rmilecki: use $ports for generate_bridge_vlan argument] Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Hauke Mehrtens [Sun, 2 May 2021 22:35:38 +0000 (00:35 +0200)]
treewide: Mark packages nonshared if they depend on @TARGET_
This marks all packages which depend on a target with @TARGET nonshared.
If they are not marked nonshared they would be build by the SDK build
and if this happens with a different SDK, then the SDK from the target
the package depends on, the package would not be added to the index.
This should fix the image builder for some of these packages.
This should fix the image builder at least for bcm27xx/bcm2710 and
bcm4908/generic.
David Adair [Fri, 14 May 2021 23:04:27 +0000 (16:04 -0700)]
ccache: Build with ENABLE_DOCUMENTATION=OFF
This adjusts the Makefile to use the new option to turn off the
doc builds. It will not cause any problems except a warning
about unused options if combined with a ccache source missing
the upstream patch.
Since a config setting is required to re-enable the doc build this
is equivalent to unconditionally disabling the docs if the config
setting is not created.
Karl Palsson [Mon, 17 May 2021 00:38:03 +0000 (00:38 +0000)]
prereq-build: g++ formatting and consistency fixes
Remove \n that mangles output, and fix inconsistent version name check.
Example before:
Build dependency: Please install the GNU C++ Compiler (g++) 6 or later
Build dependency: \nPlease reinstall the GNU C++ Compiler (4.8 or later) - it appears to be broken
Build dependency: Please install ncurses. (Missing libncurses.so or ncurses.h)
kexec-tools: add patch to fix issue with appended DTB and zImage on ARM
This patch fixes a recently found problem when a zImage passed to
kexec-tools contains an appended DTB. In that case kexec boot fails because
the decompressor wrongly tries to use the non-existing appended DTB instaed
of the one passed in the register r2.
CONFIG_CRYPTO_PCOMP and CONFIG_CRYPTO_PCOMP2 have been removed in upstream commit[1].
This symbol doesn't exist since kernel 4.6 and this package is empty.
Ivan Pavlov [Wed, 5 May 2021 15:23:19 +0000 (18:23 +0300)]
wolfssl: add support for OpenVPN
Support for wolfSSL has been upstreamed to the master OpenVPN branch
in f6dca235ae560597a0763f0c98fcc9130b80ccf4, so we can use wolfSSL
directly in OpenVPN. So no more needed differnt SSL engine for OpenVPN
in systems based on wolfSSL library
Compiled && tested on ramips/mt7620, ramips/mt7621
Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
Ruslan Isaev [Mon, 10 May 2021 14:56:59 +0000 (14:56 +0000)]
fakeroot: Alpine linux libc.musl build error fix
Prevent build error on Alpine Linux host:
libfakeroot.c error: conflicting types for 'id_t'
Error relocating openwrt/staging_dir/host/lib/libfakeroot.so: SEND_GET_XATTR: symbol not found
Signed-off-by: Ruslan Isaev <legale.legale@gmail.com>
Ansuel Smith [Tue, 11 May 2021 22:13:04 +0000 (00:13 +0200)]
ipq806x: reduce pci IO space to 64k
With some talk with the ARM maintainer, it was notice that enlarging the limit
to the current value is VERY wrong and clash with other memory.
A better solution would be to reduce the IO space from 1MB to 64K as probably
it's a long lasting typo and even x86 arch doesn't have a IO space that big.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
Removed/code was included upstream and therefore redundant:
ramips/patches-5.4/999-fix-pci-init-mt7620.patch
All other patches automatically rebased.
* update_kernel.sh did not flag this yet it was included in 5.4.119[1], as a
result of the rebase, I removed my testing lines since I did not go back to
test built or to run test 5.4.119 with the removed patch present.
David Bauer [Wed, 5 May 2021 23:53:49 +0000 (01:53 +0200)]
hostapd: wolfssl: add RNG to EC key
Since upstream commit 6467de5a8840 ("Randomize z ordinates in
scalar mult when timing resistant") WolfSSL requires a RNG for
the EC key when built hardened which is the default.
Set the RNG for the EC key to fix connections for OWE clients.
David Bauer [Wed, 5 May 2021 23:48:04 +0000 (01:48 +0200)]
wolfssl: always export wc_ecc_set_rng
Since commit 6467de5a8840 ("Randomize z ordinates in scalar
mult when timing resistant") wolfssl requires a RNG for an EC
key when the hardened built option is selected.
wc_ecc_set_rng is only available when built hardened, so there
is no safe way to install the RNG to the key regardless whether
or not wolfssl is compiled hardened.
Always export wc_ecc_set_rng so tools such as hostapd can install
RNG regardless of the built settings for wolfssl.
Dirk Neukirchen [Thu, 20 May 2021 08:39:35 +0000 (10:39 +0200)]
grub2: disable liblzma dependency
Florian Ekert reported:
"I have build a fresh master branch recently, Since your last change [1]
on grub2, I have now a new dependency on liblzma for the install package
grub2-editenv.
This is a hotfix but I dont´t think this is the final solution, because lzma is provided by the package xz.
And This is maintained in the package feed [not the core]"
Dirk stated & offered his patch to disable liblzma and thus resolve the
'out of core dependency' problem:
"LZMA is used in mkimage.c
disabling it prints
Without liblzma (no support for XZ-compressed mips images) (explicitly disabled)
(see configure.ac)
liblzma is autodetected so this issue was present but hidden somehow
[unsure: grep/image generation does not use grub with that option]
OpenWrt does not use that feature currently
[!] some scripts and examples use --compression=xz or -C xz and those will break
grub has an internal xzlib for different "lzma" functionality
(ext. LIBLZMA from XZ (GRUB_COMPRESSION_XZ) vs. GRUB_COMPRESSION_LZMA)"
Signed-off-by: Dirk Neukirchen <plntyk.lede@plntyk.name>
[include Florian's description of how problem 1st encountered]
[bump package release] Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Piotr Dymacz [Thu, 1 Apr 2021 22:52:56 +0000 (00:52 +0200)]
uboot-envtools: support uci-default config also per subtargets
The current version of 'uboot-envtools' package generates dedicated
uci-default file only per target. This change makes it possible to
use subtarget-specific files, with name pattern: 'target_subtarget'
(example: 'ath79_nand'). The subtarget-specific files will take
precedence over target-specific one.
Piotr Dymacz [Fri, 8 Jan 2021 11:18:32 +0000 (12:18 +0100)]
imx6: image: cleanup image recipes
- drop unused 'UBOOT' variable from 'Device/apalis' recipe
- fix 'KERNEL_SUFFIX' for 'Device/cubox-i' (should be '-zImage')
- drop redundant 'DEVICE_{VENDOR,MODEL}' from 'Device/ventana-large'
- other, minor fixes
Rafał Miłecki [Thu, 20 May 2021 08:32:18 +0000 (10:32 +0200)]
base-files: generate bridge device sections with br- name prefix
Missing br- prefix could result in name conflict between DSA port
interface and bridge interface. Some devices with just one LAN port use
"lan" interface name for DSA port. Trying to create bridge with the same
"lan" name was failing.
Reported-by: David Bauer <mail@david-bauer.net> Fixes: 43fc720657c6 ("base-files: generate "device" UCI type section for bridge") Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
/etc/syslog.conf is used by sysklogd, and /etc/crontabs is used
by crond, both features of busybox. Given this, ownership for
these files should be bound to busybox, especially if one day
there's a way to do an in-place opkg update of busybox.
There's also the busybox provided syslogd which uses this file
if CONFIG_BUSYBOX_FEATURE_SYSLOGD_CFG is set.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Nick Hainke [Wed, 12 May 2021 18:36:58 +0000 (20:36 +0200)]
busybox: remove nslookup_lede/openwrt.patch
The nslookup_lede/openwrt applet was introduced in de5b8e5. It was
introduced because:
Add a new LEDE nslookup applet which is compatible with musl libc
and providing more features like ability to specify query type.
In contrast to busybox' builtin nslookup applet, this variant does
not rely on libc resolver internals but uses explicit send logic
and the libresolv primitives to parse received DNS responses.
In busybox this applet is added in 0dd3be8. In particular, this commit
introduces the variable NSLOOKUP_BIG. We set the default to true and
so nothing changes.
Paul Spooren [Thu, 13 May 2021 21:57:45 +0000 (23:57 +0200)]
busybox: show reproducible timestamp
On login busybox shows a timestamp per default contianing the build
date. Since the build date isn't reproducible per default this behaviour
was disabled by default via 34df4d40 "busybox: disable timestamp in
version".
This commit modifies busybox so that the printed timestamp reproducible
using SOURCE_DATE_EPOCH and therefore shouldn't be disabled anymore.
Rafał Miłecki [Sat, 15 May 2021 19:06:27 +0000 (21:06 +0200)]
base-files: generate "device" UCI type section for bridge
This switches from the old way of defining bridges in an "interface" UCI
section type (that should be used for layer 3 only). From now a defualt
board switch will have its own "device" UCI section type. It's a new &
preferred way of defining L2 devices.
Paul Spooren [Tue, 18 May 2021 13:36:10 +0000 (15:36 +0200)]
busybox: use $(AUTORELEASE) and SPDX
use AUTORELEASE since BusyBox is often updaten and PKG_RELEASE is not
consistently bumped. Also use SPDX license headers to be machine
readable and bump the copyright year to 2021.
Felix Fietkau [Tue, 18 May 2021 10:52:31 +0000 (12:52 +0200)]
netifd: update to the latest version
02dd2f2df7cb fix unannotated fall-through warnings 3052f2f67686 extdev: remove unused function 2a97fd006c3b device: add support for configuring devices with external auth handler 87e469be0c08 wireless: fix memory corruption bug when using vlans/station entries in the config 7277764bf817 bridge: rename "ifname" attribute to "ports"
Giulio Lorenzo [Tue, 6 Oct 2020 12:14:31 +0000 (14:14 +0200)]
ath79: add support for ZiKing CPE46B
ZiKing CPE46B is a POE outdoor 2.4ghz device with an integrated directional
antenna. It is low cost and mostly available via Aliexpress, references can
be found at:
- https://forum.openwrt.org/t/anddear-ziking-cpe46b-ar9331-ap121/60383
- https://git.lsd.cat/g/openwrt-cpe46b
Specifications:
- Atheros AR9330
- 32MB of RAM
- 8MB of flash (SPI NOR)
- 1 * 2.4ghz integrated antenna
- 2 * 10/100/1000 ethernet ports (1 POE)
- 3 * Green LEDs controlled by the SoC
- 3 * Green LEDs controlled via GPIO
- 1 * Reset Button controlled via GPIO
- 1 * 4 pin serial header on the PCB
- Outdoor packaging
Flashing instruction:
You can use sysupgrade image directly in vendor firmware which is based
on OpenWrt/LEDE. In case of issues with the vendor GUI, the vendor
Telnet console is vulnerable to command injection and can be used to gain
a shell directly on the OEM OpenWrt distribution.
Signed-off-by: Giulio Lorenzo <salveenee@mortemale.org>
[fix whitespaces, drop redundant uart status and serial0, drop
num-chipselects, drop 0x1002 MAC address for wmac] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
COMFAST CF-E375AC is a ceiling mount AP with PoE support,
based on Qualcomm/Atheros QCA9563 + QCA9886 + QCA8337.
Short specification:
2x 10/100/1000 Mbps Ethernet, with PoE support
128MB of RAM (DDR2)
16 MB of FLASH
3T3R 2.4 GHz, 802.11b/g/n
2T2R 5 GHz, 802.11ac/n/a, wave 2
built-in 5x 3 dBi antennas
output power (max): 500 mW (27 dBm)
1x RGB LED, 1x button
built-in watchdog chipset
Flash instruction:
1) Original firmware is based on OpenWrt.
Use sysupgrade image directly in vendor GUI.
2) TFTP
2.1) Set a tftp server on your machine with a fixed IP address of
192.168.1.10. A place the sysupgrade as firmware_auto.bin.
2.2) boot the device with an ethernet connection on fixed ip route
2.3) wait a few seconds and try to login via ssh
3) TFTP trough Bootloader
3.1) open the device case and get a uart connection working
3.2) stop the autoboot process and test connection with serverip
3.3) name the sysupgrade image firmware.bin and run firmware_upg
MAC addresses:
Though the OEM firmware has four adresses in the usual locations,
it appears that the assigned addresses are just incremented in a
different way:
Dan Brown [Wed, 12 May 2021 12:48:01 +0000 (14:48 +0200)]
octeon: add new target and support for Ubiquiti EdgeRouter 6P
Ubiquiti EdgeRouter 6P is 6 port router with similar
specifications as the EdgeRouter 4, support for which was added
in commit dd651e54cc5eadba480a56a7d2c18471e560f491
There are five 10/100/1000 Mbps RJ/Copper ports and
one 1000 Mbps SFP port.
SoC: Octeon Cavium 7130 (Cavium 3) at 1000MHz
Memory: 1GiB DDR3
Flash: 2x2M chips with uboots (chainloaded) + 512K eeprom
LEDs: 1x for power status (white/blue, controllable)
and 6x for ethernet and SFP ports (no control over them)
Buttons: 1x Reset
Serial: 1x RJ45 port on front panel. 115200 baud, 8N1
USB: 1x USB3.0 on front panel
MII: 1x QSGMII from SoC
PHY: 1x Vitesse VSC8504 of which 4 ports are used (phys 4-7)
1x Vitesse VSC8514 of which 2 ports are used (phys 8-9)
Network port mapping
- eth0 on device maps to lan0 and phy5
- eth1 on device maps to lan1 and phy6
- eth2 on device maps to lan2 and phy7
- eth3 on device maps to lan3 and phy8
- eth4 on device maps to lan4 and phy9
- eth5 (SFP) on device maps to lan5 and phy4
What is not working:
- There is no port status available before it goes up
- SFP have no additional status and presented as no different from eth
- Power-over-ethernet (passive) support has not been tested
How to flash the firmware:
- copy openwrt-octeon-ubnt_edgerouter-6p-initramfs-kernel.bin and
openwrt-octeon-ubnt_edgerouter-6p-squashfs-sysupgrade.tar to
USB flash drive that is formatted to vfat/fat32
- connect USB flash drive to EdgeRouter 6P front USB port
- connect serial cable using front RJ45 port (115200 baud, 8N1)
- connect power to cable to EdgeRouter 6P
- connect terminal to the console to see uboot boot process
- interrupt boot by pressing button(s) on your keyboard to log
in to the uboot
- detect usb connected flash drives by typing to the console:
usb start
- after drive is detected load initramfs+kernel to the memory by typing:
fatload usb 0:1 0x20000000 openwrt-octeon-ubnt_edgerouter-6p-initramfs-kernel.bin
- after initramfs+kernel is loaded to the memory load it by typing:
bootoctlinux 0 numcores=4 endbootargs mem=0
- boot process should finish and you will be greeted with console
after pressing enter
- create directory to mount usb flash drive to by typing:
mkdir /tmp/sda
- mount flash drive to that directory by typing:
mount /dev/sda1 /tmp/sda
- flash firmware to router internal storage by typing:
sysupgrade /tmp/sda/openwrt-octeon-ubnt_edgerouter-6p-squashfs-sysupgrade.tar
- device will reboot and after it gets up you will have
edgerouter 6p running openwrt
Signed-off-by: Dan Brown <danbrown@gmail.com>
[reorder/squash patches, move ethernet@0 to DTS, share image setup] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Dan Brown [Sat, 15 May 2021 21:40:50 +0000 (23:40 +0200)]
octeon: create shared DTSI for Ubiquiti E300 platform
EdgeRouter 4 and upcoming EdgeRouter 6P and 12 have similar setup,
so create a shared DTSI to prevent duplicate code.
Signed-off-by: Dan Brown <danbrown@gmail.com>
[reorder/squash commits, add description, move ethernet@0 to DTS] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Florian Eckert [Wed, 3 Feb 2021 09:24:02 +0000 (10:24 +0100)]
base-files: change logging for upgrade on fwtool
Remove vn call in favour of v call. This commit serves as preparation
for removing the v function call.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
[alter slightly to prevent double space after colon] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Piotr Dymacz [Sun, 16 May 2021 21:48:04 +0000 (23:48 +0200)]
ramips: fix SUPPORTED_DEVICES for ALFA Network devices
Vendor firmware expects model name without manufacturer name inside
'supported_devices' part of metadata. This allows direct upgrade to
OpenWrt from vendor's GUI.
Stijn Tintel [Fri, 14 May 2021 14:11:42 +0000 (17:11 +0300)]
grub2: bump to 2.06-rc1
When building GRUB with binutils 2.35.2 or later, an error occurs due to
a section .note.gnu.property that is placed at an offset such that
objcopy needs to pad the img file with zeros. This in turn causes the
following error: "error: Decompressor is too big.".
The fix accepted by upstream patches a python script that isn't executed
at all when building GRUB with OpenWrt buildroot. There's another patch
that patches the files generated by that python script directly, but by
including it we would deviate further from upstream. Instead of doing
that, simply bump to the latest release candidate.
As one of the fixes for the CVEs causes grub to crash on some x86
hardware using legacy BIOS when compiled with -O2, filter -O2 and
-O3 out of TARGET_CFLAGS.
Fixes the following CVEs:
- CVE-2020-14372
- CVE-2020-25632
- CVE-2020-25647
- CVE-2020-27749
- CVE-2020-27779
- CVE-2021-3418
- CVE-2021-20225
- CVE-2021-20233
Daniel Golle [Sat, 15 May 2021 23:33:26 +0000 (00:33 +0100)]
fstools: update to git HEAD
c44b40b overlay: fix syncronizing typo b5397a1 fstools: block: fix segfault on mount with no target bd7cc8d block: use dynamically allocated target string 6d8450e blockd: use allocated strings instead of fixed buffers d47909e libblkid-tiny: fix buffer overflow 67d2297 block: match device path instead of assuming /dev/%s 2aeba88 block: allow autofs and umount commands also on MTD/UBI
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Baptiste Jonglez [Fri, 14 May 2021 21:40:40 +0000 (23:40 +0200)]
uclient: update to Git version 2021-05-14
6a6011d uclient-http: set eof mark when content-length is 0 19571e4 tests: fix help usage test for uclient built with sanitizer c5fc04b tests: fix help usage test
Baptiste Jonglez [Thu, 13 May 2021 17:50:22 +0000 (19:50 +0200)]
busybox: disable PREFER_IPV4_ADDRESS
PREFER_IPV4_ADDRESS is broken on IPv6-only hosts, as it causes busybox
utilities (ping, traceroute, ntpd) to forcibly use the A record instead of
the AAAA record when resolving a DNS name. This obviously fails when
there is no IPv4 connectivity. Since IPv6-only hosts or routers will only
become more common over time, disable PREFER_IPV4_ADDRESS to support this
use-case.
As a side-effect, disabling PREFER_IPV4_ADDRESS changes the default
resolution behaviour of busybox utilities on dual-stack hosts. Busybox
utilities now simply use the order given by getaddrinfo(), so they will
now prefer IPv6 addresses when resolving a name with both A and AAAA
records if there is IPv6 connectivity. This is in line with RFC 6724.
PREFER_IPV4_ADDRESS was likely intended to work around naive
implementations of getaddrinfo() that could return AAAA records first,
even on an IPv4-only host. But both musl (since 1.1.3) and glibc
correctly implement RFC 6724 for getaddrinfo() and check connectivity to
determine the correct order in which to return records. On IPv4-only
hosts, getaddrinfo() will return A records first, so there is no need for
the PREFER_IPV4_ADDRESS hack.
See also: https://bugs.busybox.net/show_bug.cgi?id=12381
Before this commit, it was assumed that mkhash is in the PATH. While
this was fine for the normal build workflow, this led to some issues if
make TOPDIR="$(pwd)" -C "$pkgdir" compile
was called manually. In most of the cases, I just saw warnings like this:
make: Entering directory '/home/.../package/gluon-status-page'
bash: line 1: mkhash: command not found
bash: line 1: mkhash: command not found
bash: line 1: mkhash: command not found
bash: line 1: mkhash: command not found
bash: line 1: mkhash: command not found
bash: line 1: mkhash: command not found
bash: line 1: mkhash: command not found
bash: line 1: mkhash: command not found
[...]
While these were only warnings and the package still compiled sucessfully,
I also observed that some package even fail to build because of this.
After applying this commit, the variable $(MKHASH) is introduced. This
variable points to $(STAGING_DIR_HOST)/bin/mkhash, which is always the
correct path.
Felix Fietkau [Thu, 13 May 2021 08:24:44 +0000 (10:24 +0200)]
mt76: update to the latest version
Includes fix for CVE-2020-24588
c7dd54a22e30 mt76: connac: skip wtbl reset on sta disconnect 3511fd430356 mt76: validate rx A-MSDU subframes aedc3145de6e mt76: fix possible NULL pointer dereference in mt76_tx 5c2baab92cd0 mt76: mt7615: fix NULL pointer dereference in tx_prepare_skb() af21659ee834 mt76: mt76x0: use dev_debug instead of dev_err for hw_rf_ctrl e423c16f16f7 mt76: mt7615: free irq if mt7615_mmio_probe fails f2d0da8da9b7 mt76: mt7663: enable hw rx header translation d2713a5d9de9 mt76: mt7921: fix mt7921_wfsys_reset sequence ce5f32d84f33 mt76: mt7921: Don't alter Rx path classifier 8ab8c7747197 mt76: connac: fw_own rely on all packet memory all being free a747b0bb4956 mt76: mt7921: enable deep sleep at runtime 2e6e999509b1 mt76: mt7921: add deep sleep control to runtime-pm knob 30bcb2338ce2 mt76: connac: fix WoW with disconnetion and bitmap pattern 56518f4a126e mt76: mt7921: consider the invalid value for to_rssi e969ab10a034 mt76: mt7921: add back connection monitor support
Felix Fietkau [Wed, 12 May 2021 12:28:37 +0000 (14:28 +0200)]
mac80211: backport upstream fixes for FragAttacks
From the patch series description:
Several security issues in the 802.11 implementations were found by
Mathy Vanhoef (New York University Abu Dhabi), who has published all
the details at
https://papers.mathyvanhoef.com/usenix2021.pdf
Specifically, the following CVEs were assigned:
* CVE-2020-24586 - Fragmentation cache not cleared on reconnection
* CVE-2020-24587 - Reassembling fragments encrypted under different
keys
* CVE-2020-24588 - Accepting non-SPP A-MSDU frames, which leads to
payload being parsed as an L2 frame under an
A-MSDU bit toggling attack
* CVE-2020-26139 - Forwarding EAPOL from unauthenticated sender
* CVE-2020-26140 - Accepting plaintext data frames in protected
networks
* CVE-2020-26141 - Not verifying TKIP MIC of fragmented frames
* CVE-2020-26142 - Processing fragmented frames as full frames
* CVE-2020-26143 - Accepting fragmented plaintext frames in
protected networks
* CVE-2020-26144 - Always accepting unencrypted A-MSDU frames that
start with RFC1042 header with EAPOL ethertype
* CVE-2020-26145 - Accepting plaintext broadcast fragments as full
frames
* CVE-2020-26146 - Reassembling encrypted fragments with non-consecutive
packet numbers
* CVE-2020-26147 - Reassembling mixed encrypted/plaintext fragments
In general, the scope of these attacks is that they may allow an
attacker to
* inject L2 frames that they can more or less control (depending on the
vulnerability and attack method) into an otherwise protected network;
* exfiltrate (some) network data under certain conditions, this is
specific to the fragmentation issues.
A subset of these issues is known to apply to the Linux IEEE 802.11
implementation (mac80211). Where it is affected, the attached patches
fix the issues, even if not all of them reference the exact CVE IDs.
In addition, driver and/or firmware updates may be necessary, as well
as potentially more fixes to mac80211, depending on how drivers are
using it.
Specifically, for Intel devices, firmware needs to be updated to the
most recently released versions (which was done without any reference
to the security issues) to address some of the vulnerabilities.
To have a single set of patches, I'm also including patches for the
ath10k and ath11k drivers here.
We currently don't have information about how other drivers are, if
at all, affected.
build: kernel2minor: work around path length limit
When building for MikroTik devices the kernel2minor tool will sometimes
fail with:
Can't get lstat from kernel file!: No such file or directory.
This is because kernel2minor expects paths no longer than 250 chars.
To work around this the include/image-commands.mk has been modified
to copy the kernel to a temporary file (/tmp/tmp.XXXXXXXXXX) before
calling kernel2minor.
Signed-off-by: François Chavant <francois@chavant.info>
build: fix opkg install step for large package selection
When the list of packages to be installed in a built image exceeds a certain
number, then 'opkg install' executed for target '$(curdir)/install' in
package/Makefile fails with: /usr/bin/env: Argument list too long.
On Linux, the length of a command-line parameter is limited by
MAX_ARG_STRLEN to max 128 kB.
To solve the problem, store the package list being passed to 'opkg install'
in a temporary file and use the shell command substitution to pass the
content of the file to 'opkg install'. This guarantees that the length of
the command-line parameters passed to the bash shell is short.
The following bash script demonstrates the problem:
----------------------------------------------------------------------------
count=${1:-1000}
Test run:
----------------------------------------------------------------------------
$ ./test.sh 916
130989
$ ./test.sh 917
./test.sh: line 14: /bin/env: Argument list too long
131132
----------------------------------------------------------------------------
Signed-off-by: Alexander Egorenkov <egorenar-dev@posteo.net>
[reword commit subject] Signed-off-by: Paul Spooren <mail@aparcar.org>
Shiji Yang [Wed, 5 May 2021 11:48:01 +0000 (19:48 +0800)]
ramips: fix mac addresses of Youku YK1
MAC addresses read from official firmware
value location
Wlan xx 71 de factory@0x04
Lan xx 71 dd factory@0x28
Wan xx 71 df factory@0x2e
Label xx 71 dd factory@0x28
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
[fix sorting in 02_network, redact commit message] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Felix Fietkau [Mon, 10 May 2021 10:36:42 +0000 (12:36 +0200)]
mt76: update to the latest version
186af01047b2 mt76: mt7921: introduce MCU_EVENT_LP_INFO event parsing 93b5c28c97d5 mt76: mt7921: add rcu section in mt7921_mcu_tx_rate_report a8e89c5a1d1f mt76: testmode: add support to send larger packet a0cc9a9e3877 mt76: mt7915: rework mt7915_tm_set_tx_len() c8b96630324e mt76: mt7915: fix rate setting of tx descriptor in testmode 22fd2958c42a mt76: mt7615: fix memleak when mt7615_unregister_device() 7401e0db3143 mt76: mt7915: fix memleak when mt7915_unregister_device() c3656268b3f6 mt76: mt7915: only free skbs after mt7915_dma_reset() when reset happens 0ce955b04ba8 mt76: mt7615: only free skbs after mt7615_dma_reset() when reset happens b03d1e62acf7 mt76: mt7615: use ieee80211_free_txskb() in mt7615_tx_token_put() 5ac02e22fb03 mt76: flush tx status queue on DMA reset c71f609b398a mt76: sync with upstream changes 23ecadd4af77 mt76: mt7615: fix hardware error recovery for mt7663 57a899ee3c3c mt76: mt7615: fix entering driver-own state on mt7663 42a2dddb706b mt76: mt7615: load ROM patch before checking patch semaphore status cf0e406af84a mt76: mt7915: add support for applying pre-calibration data 459940ccbc58 mt76: mt7921: move hw configuration in mt7921_register_device 0a094b11f3c0 mt76: improve mcu error logging bf536832e37d mt76: mt7921: run mt7921_mcu_fw_log_2_host holding mt76 mutex 7616f4f78163 mt76: mt7921: add wifisys reset support in debugfs e620bd881ef5 mt76: mt7921: abort uncompleted scan by wifi reset e8dacf59ab1c mt76: mt7915: rework the flow of txpower setting c8c78e577236 mt76: mt7915: directly read per-rate tx power from registers 1622bf4f8705 mt76: mt7921: add mt7921_dma_cleanup in mt7921_unregister_device ef96fafad8a9 mt76: Convert to DEFINE_SHOW_ATTRIBUTE 90e4bfea2948 mt76: mt7921: do not use 0 as NULL pointer 0a139d7f5966 mt76: connac: move mcu_update_arp_filter in mt76_connac module de26c73ce3c2 mt76: mt7921: remove leftover function declaration 1c0b6cb4f942 mt76: mt7921: fix a race between mt7921_mcu_drv_pmctrl and mt7921_mcu_fw_pmctrl 2923e3e2b8e4 mt76: mt7663: fix a race between mt7615_mcu_drv_pmctrl and mt7615_mcu_fw_pmctrl 74d0fdaa7a99 mt76: connac: introduce wake counter for fw_pmctrl synchronization 28c87e09a5ea mt76: mt7921: rely on mt76_connac_pm_ref/mt76_connac_pm_unref in tx path 36f664edc7db mt76: mt7663: rely on mt76_connac_pm_ref/mt76_connac_pm_unref in tx path 51b3d1a9a2b7 mt76: dma: add the capability to define a custom rx napi poll routine 4f1339c9fb72 mt76: mt7921: rely on mt76_connac_pm_ref/mt76_connac_pm_unref in tx/rx napi 1bc5e67a60be mt76: mt7663: rely on mt76_connac_pm_ref/mt76_connac_pm_unref in tx/rx napi 325f7b451c03 mt76: connac: unschedule ps_work in mt76_connac_pm_wake 12115052a02f mt76: connac: check wake refcount in mcu_fw_pmctrl e5d28e3cef66 mt76: connac: remove MT76_STATE_PM in mac_tx_free 475112a3cdcc mt76: mt7921: get rid of useless MT76_STATE_PM in mt7921_mac_work 112998f32d85 mt76: connac: alaways wake the device before scanning 4334f3e2fc43 mt76: mt7615: rely on pm refcounting in mt7615_led_set_config 0562380659ad mt76: connac: do not run mt76_txq_schedule_all directly acfa78df5708 mt76: connac: use waitqueue for runtime-pm ca74a4cd0722 mt76: remove MT76_STATE_PM in tx path 0c2d3e74852e mt76: mt7921: add awake and doze time accounting 45e0eefffe9f mt76: mt7921: enable sw interrupts fd2ff641166f mt76: mt7615: Fix a dereference of pointer sta before it is null checked 7e2521468767 mt76: mt7921: move mt7921_dma_reset in dma.c c9dd6b1fa171 mt76: mt7921: introduce mt7921_wpdma_reset utility routine 2ac7c7e9c568 mt76: mt7921: introduce mt7921_dma_{enable,disable} utilities 662a89f2b9d1 mt76: mt7921: introduce mt7921_wpdma_reinit_cond utility routine 614efe9e9180 mt76: connac: introduce mt76_connac_mcu_set_deep_sleep utility 0dbb16ef39d8 mt76: mt7921: enable deep sleep when the device suspends 3c19f569cc70 mt76: mt7921: fix possible invalid register access ade1f5aad4c6 mt76: move token_lock, token and token_count in mt76_dev 8d5c456be1ff mt76: move token utilities in mt76 common module fb04d9df5e52 mt76: mt7915: do not read rf value from efuse in flash mode 2126b2176336 mt76: mt7921: get rid of mcu_reset function pointer d325b7eff1b1 mt76: mt7921: improve doze opportunity 2ae25c7e547e mt76: mt7663: add awake and doze time accounting 349bbb9d6f13 mt76: connac: unschedule mac_work before going to sleep 98a235004dea mt76: mt7921: mt7921_stop should put device in fw_own state 63d80b9ab251 mt76: mt7921: introduce mt7921_mcu_sta_add routine 3c5bf837fdbd mt76: mt7615: fix a precision vs width bug in printk ded14da5eacc mt76: mt7915: fix a precision vs width bug in printk aaf0d254f9ea mt76: mt7921: fix a precision vs width bug in printk 757af5c67d32 mt76: move mt76_token_init in mt76_alloc_device ed41ed73a495 mt76: mt7921: reinit wpdma during drv_own if necessary 92fb81e085c6 mt76: mt7921: fix possible AOOB issue in mt7921_mcu_tx_rate_report 53d915a23bc9 mt76: connac: do not schedule wake_work if the runtime-pm is disabled 23fe1bdcf15a mt76: connac: do not schedule mac_work if the device is not running e5b19336c58e mt76: mt7615: do not set MT76_STATE_PM at bootstrap 0fc2136a61dd mt76_connac_mcu: move mt76_connac_mcu_update_arp_filter outside of CONFIG_PM e693f3e23e06 mt76: mt7915: add MSI support 5231e7300fa4 mt7915: disable ASPM 554b50dabf54 mt76: connac: fix uninitialized HT A-MPDU setting field in STA_REC_PHY 43b9c0a838bb mt76: mt7921: fix max aggregation subframes setting 5a387a0a3004 mt76: mt7921: enable rx hw de-amsdu c8cbcb87be07 mt76: connac: add missing configuration in mt76_connac_mcu_wtbl_hdr_trans_tlv 55921e57b380 mt76: mt7921: enable rx header traslation offload 01441f67d8b2 mt76: mt7921: enable rx csum offload c9ab76dd93a0 mt76: mt7915: move mt7915_queue_rx_skb to mac.c caedb4c4ee41 mt76: mt7615: fix fixed-rate tx status reporting c6ae95d43e6d mt76: improve tx status codepath 27d468d094e6 mt76: mt7915: rework tx rate reporting 3b4ca5b09e2c mt76: mt7615: avoid use of ieee80211_tx_info_clear_status e1f07d7f1cb9 mt76: mt7603: avoid use of ieee80211_tx_info_clear_status 18513ba5fbc2 mt76: mt7915: add support for tx status reporting 35f189cf81b2 mt76: mt7915: fix uninitialized variable in MSI error handling 9e928ac1ea9b mt76: dma: use ieee80211_tx_status_ext to free packets when tx fails 628eee9c386c mt76: fill queue entry wcid for all skbs with a station a9bc4d94b7a1 mt76: intialize tx queue entry wcid to 0xffff by default 998ca8af7d17 mt76: mt7915: fix tssi indication field of DBDC NICs 7dd24b3cfacf mt76: mt7915: fix a signedness bug in mt7915_mcu_apply_tx_dpd() 535025d65d8d mt76: mt7915: cleanup mt7915_mcu_sta_rate_ctrl_tlv() ff8bbe22dd87 mt76: mt7915: add .set_bitrate_mask() callback
projects / thirdparty / openwrt.git / log
