Jo-Philipp Wich [Mon, 5 Dec 2016 15:44:13 +0000 (16:44 +0100)]
build: support adding version code to file names (FS#323)
Now that the VERSION_NUMBER variable holds the human friendly name and not
the commit ID anymore, we need to support adding the revision ID as well.
Introduce a new config variable CONFIG_VERSION_CODE_FILENAMES which, if set,
causes the resulting file names to contain a commit ID designation as printed
by scripts/getver.sh.
Also sanitize the input variables to ensure that the resulting strings are
lowercased and no not contain spaces.
Mathias Kresin [Mon, 5 Dec 2016 08:21:29 +0000 (09:21 +0100)]
lantiq: simplify ath9k eeprom extraction script
Add an extra function to patch the mac and fixup the checksum
afterwards. Calculate the checksum position automatically. The offset
to the mac address is the same for all checksum protected EEPROMs.
No EEPROM requires a byte swapped mac address. The mac byte swap code
was required due to an bug in the script that is now fixed.
lantiq: fix ath9k EEPROM data swapping for some devices
The EEPROM data in the flash of the ARV7518PW, ARV8539PW22,
BTHOMEHUBV2B and BTHOMEHUBV3A is stored byte-swapped (swab16), meaning
that for example the ath9k base_eep_header fields "version" (high and
low byte), "opCapFlags" and "eepMisc" are swapped (the latter ones are
just 1 byte wide, thus their position is swapped).
The old "ath,eep-endian" property enabled the corresponding swapping
logic in the ath9k driver (swab16 in ath9k_hw_nvram_swap_data, which is
based on the magic bytes in the EEPROM data which have nothing to do
with the calibration data - thus this logic should not be used
anymore).
Since we have switched to the upstream ath9k devicetree bindings there
is no binding anymore which enables swab16 in ath9k (as this logic is
not recommended anymore as explained above), leading to ath9k
initialization errors:
ath: phy0: Bad EEPROM VER 0x0001 or REV 0x00e0
(this shows that the version field is swapped, expected values are VER
0x000E and REV 0x0001)
Swapping the ath9k calibration data when extracting it from the flash
fixes the devices listed above (all other devices do not require
additional swapping, since the position of the fields is already as
expected by ath9k). This allows ath9k to read the version correctly
again, as well as the more important "eepmisc" field (which is used for
determining whether the data inside the EEPROM is Big or Little Endian
which is required to parse the EEPROM contents correctly).
Fixes: a20616863d3 ("lantiq: use ath9k device tree bindings
binding/owl-loader")
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Arjen de Korte [Mon, 5 Dec 2016 11:53:16 +0000 (12:53 +0100)]
dnsmasq: Fix splitting hostid for DHCPv6 static leases
Correct splitting the 32-bit 'hostid' value to two 16-bit hexadecimal
values. Previously, the lower 16-bit value was truncated to an 8-bit
value, which would result in hostid values 100 and 200 both to be set
to [::0:0] instead of [::0:100] and [::0:200] respectively.
Signed-off-by: Arjen de Korte <build+lede@de-korte.org>
Utilize the existing git download logic from include/download.mk and migrate
the kernel download over to it. This avoids repeatedly cloning kernel sources
after a make target/linux/clean for instance.
include/download.mk: Allow specify DownloadMethod specific options
This is going to be used to migrate the hand rolled git clone for the kernel
into using the git download method. The kernel uses custom options that we may
have to pass down.
Felix Fietkau [Tue, 29 Nov 2016 10:59:48 +0000 (11:59 +0100)]
ramips: prevent packet forwarding on mt7620 between switch ports during init (FS#103)
By default, forwarding between all ports is allowed on init. This is
problematic in cases where some ports are supposed to be isolated from
each other, most commonly LAN/WAN separation.
REG_ESW_PORT_PCR(port) has a destination mask for a particular port,
controlling what other ports it is allowed to send packets to.
Instead of initializing all to 0xff (all ports), allow each physical
port to send to the CPU port, and the CPU port to send to all other
ports.
This fixes the partition name for the firmware splitter, the cfi
address and adds the mtd-eeprom address for wmac. It adds additional
LEDs and make use of them in diag.sh and 01_leds.
Please note that the ":blue:wired" LED is used because the
":blue:router" behaviour is unpredictable for failsafe indication. The
issue with the router LED is that you have two states only.
"off" is steady on and "on" blinks. Therefore the wired LED is more
suitable.
Furthermore it reuses the correct switch configuration definition to
reflect the device ports and numbering. Additionally fixes the issue
that the default configuration is not applied as no port 6 exists on
this device.
Signed-off-by: Tobias Wolf <github-NTEO@vplace.de>
sysupgrade command fails due to missing U-Boot environment-processing
binaries on sysupgrade ramdisk. The missing binaries result in the
following output:
Switching to ramdisk...
Performing system upgrade...
ash: /usr/sbin/fw_printenv: not found
ash: fw_setenv: not found
ash: touch: not found
cannot find target partition
Mathias Kresin [Thu, 1 Dec 2016 07:57:25 +0000 (08:57 +0100)]
mvebu: fix image validation error
The name from the Device define will be used in the metadata. Due to
typo/different spelling, this name might not match the one exported in
/lib/mvebu.sh.
Hauke Mehrtens [Sat, 3 Dec 2016 20:33:48 +0000 (21:33 +0100)]
cyassl: update to wolfssl version 3.9.10
This fixes the following security problems:
CVE-2016-7440: Software AES table lookups do not properly consider cache-bank access times
CVE-2016-7439: Software RSA does not properly consider cache-bank monitoring
CVE-2016-7438: Software ECC does not properly consider cache-bank monitoring
SWEET32 Attack
Hauke Mehrtens [Sat, 3 Dec 2016 15:07:47 +0000 (16:07 +0100)]
curl: update to version 7.51.0
This fixes the following security problems:
CVE-2016-8615: cookie injection for other servers
CVE-2016-8616: case insensitive password comparison
CVE-2016-8617: OOB write via unchecked multiplication
CVE-2016-8618: double-free in curl_maprintf
CVE-2016-8619: double-free in krb5 code
CVE-2016-8620: glob parser write/read out of bounds
CVE-2016-8621: curl_getdate read out of bounds
CVE-2016-8622: URL unescape heap overflow via integer truncation
CVE-2016-8623: Use-after-free via shared cookies
CVE-2016-8624: invalid URL parsing with '#'
CVE-2016-8625: IDNA 2003 makes curl use wrong host
Jo-Philipp Wich [Fri, 2 Dec 2016 11:07:19 +0000 (12:07 +0100)]
scripts: getver.sh: append Git short hash to revision
Change getver.sh to append a short Git commit hash to the end of the artifical
revision number. This way we still have order- and comparable commit numbers
but also a direct relation to the Git commit.
The new output format will look like "r2400+2-882472e" for dirty trees or like
"r2402-882472e" for clean ones.
Jo-Philipp Wich [Thu, 1 Dec 2016 16:40:43 +0000 (17:40 +0100)]
build: adjust version number handling
Move the revision info to the VERSION_CODE variable and default VERSION_NUMBER
to CURRENT for master branch builds.
Also introduce a new menuconfig option CONFIG_VERSION_CODE which allows users
to override the revision value put into VERSION_CODE and adjust the template
files used by the base-files package to accomodate for the changed semantics.
While we're at it, also adjust the various URLs to match the current web site.
After this commit, the relevent files will look like the examples given below:
Jo-Philipp Wich [Thu, 1 Dec 2016 15:32:39 +0000 (16:32 +0100)]
tools: cmake: fix compatibility with LibreSSL as well
Sadly, LibreSSL claims to be OpenSSL v2.0.0 while not providing the new
interfaces introduced with OpenSSL v1.1.x, so extend the pre-OpenSSL 1.1.x
compat checks to consider LibreSSL as well.
Andrew Yong [Sat, 26 Nov 2016 14:15:21 +0000 (22:15 +0800)]
ramips: RB750Gr3: Add pwr LED and buzzer to DTS
use pwr LED in diag.sh
Expose unused pinmux pins as GPIOs
export power LED and buzzer pins
Use rb750gr3:blue:pwr LED in diag.sh for boot status instead of rb750gr3:green:usr
Pavel Kubelun [Thu, 12 Feb 2015 01:49:08 +0000 (09:49 +0800)]
net: ar8327: modify some configuration of switch
Imported from https://source.codeaurora.org/quic/qsdk/system/openwrt/commit/?h=korg/linux-3.4.y/release/arugula_bb_cs&id=2be4f8a8b205ae1a37db44839864451ebe893e6e Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
Enable flow control of LAN and WAN ports to
get better performance.
Setup pvid as 0 for all ports during initialisation
to avoid confusion during system or switch INIT.
Disable PORT MAC before config MAC to avoid it work abnormal.
This change is for IR-054144, IR-057315.
Change-Id: I345f3dffa59ad3f97150e09692723da12a7b1067 Signed-off-by: Zou Shunxiang <shunxian@codeaurora.org> Signed-off-by: xiaofeis <xiaofeis@codeaurora.org>
Pavel Kubelun [Mon, 28 Nov 2016 15:10:05 +0000 (18:10 +0300)]
net: ar8216: address security vulnerabilities in swconfig & ar8216
Imported from https://chromium.googlesource.com/chromiumos/third_party/kernel/+/e1aaf7ec008a97311867f0a7d0418e4693fecfd4%5E%21/#F0 Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
CHROMIUM: net: ar8216: address security vulnerabilities in swconfig & ar8216
This patch does the following changes:
*address the security vulnerabilities in both swconfig framework and in
ar8216 driver (many bound check additions, and turned swconfig structure
signed element into unsigned when applicable)
*address a couple of whitespaces and indendation issues
Pavel Kubelun [Mon, 28 Nov 2016 12:31:38 +0000 (15:31 +0300)]
net: ar8216: prevent device duplication in ar8xxx_dev_list
Import from https://chromium.googlesource.com/chromiumos/third_party/kernel/+/fd7b89dd464a4afffa04ff2e17c771dfe95668cf%5E%21/#F0 Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
CHROMIUM: drivers: ar8216: prevent device duplication in ar8xxx_dev_list
If probe is called twice, once for PHY0 and a second time for PHY4,
the same switch device will be added twice to ar8xxx_dev_list, while
supposedly this list should have one element per hardware switch present
in the system.
While no negative impact have been observed, it does happen if a
platform instanciates these two PHYs from device-tree, as an example.
Pavel Kubelun [Mon, 28 Nov 2016 12:21:42 +0000 (15:21 +0300)]
net: ar8216: hold ar8xxx_dev_list_lock during use_count--
Import from https://chromium.googlesource.com/chromiumos/third_party/kernel/+/c3fd96a7b87da23979d8569ce45447f8419ca303%5E%21/#F0 Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
CHROMIUM: drivers: ar8216: hold ar8xxx_dev_list_lock during use_count--
It is possible for the remove() callback to run twice in parallel, which
could result into --use_count returning only 1 in both cases and the
rest of the unregistration path to never be reached.
This case has never been observed in practice, but we will fix
preventively to make the code more robust.
Pavel Kubelun [Mon, 28 Nov 2016 12:14:50 +0000 (15:14 +0300)]
net: ar8327: replace sprintf() by scnprintf()
Import from https://chromium.googlesource.com/chromiumos/third_party/kernel/+/fd0c41c7b9327ce003f44df38ce42556fb177b17%5E%21/#F0 Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
CHROMIUM: drivers: ar8216: replace sprintf() by scnprintf()
Jo-Philipp Wich [Wed, 30 Nov 2016 22:25:17 +0000 (23:25 +0100)]
e2fsprogs: avoid picking up incompatible libcom_err.so
Commit 2728512 ("e2fsprogs: List all libraries explicitly") forced the
e2fsprogs build system to link libcom_err.so in various places.
Unfortunately, the krb5 package also ships a libcom_err.so with a totally
different ABI and puts it into the global staging directory which causes
e2fsprogs to pick up this wrong library, leading to the following failure:
LD blkid
../lib/libext2fs.so: undefined reference to `_et_list'
collect2: error: ld returned 1 exit status
Makefile:504: recipe for target 'blkid' failed
Change the SYSLIBS specification to explicitely link libcom_err.so.0.0
which in order to work around the problem.
In the long run, the libcom_err clash between e2fsprogs and krb5 needs to
be solved properly.
Jo-Philipp Wich [Wed, 30 Nov 2016 17:09:05 +0000 (18:09 +0100)]
tools: mkimage: fix build with OpenSSL 1.1.x (FS#182)
The OpenSSL 1.1.x version series undergone some major API changes which made
the RSA structure opaque and deprecated a number of methods, so add some
conditional compat code to make the u-boot source build again.
Alberto Bursi [Mon, 28 Nov 2016 19:28:12 +0000 (20:28 +0100)]
docs: deleting docs because they are obsolete
the docs in /docs folder are pretty much obsolete and in a not very friendly format (latex, that requires to be
compiled), leaving them there only causes confusion.
LEDE documentation's place is the wiki, or the site.
Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
Mathias Kresin [Fri, 20 May 2016 21:45:59 +0000 (23:45 +0200)]
uboot-lantiq: Add BT Home Hub 5A support
Based on the submission to the uboot-lantiq repo by Martin Blumenstingl.
Use the ddr_settings.h from the GPL tarball. The NAND boot optimized
one (with memory tuning enabled) doesn't work for the UART boot image.
Use the same mtd layout as the stock u-boot. Add add UBI support.
Use the leds to indicate boot status like it is done with the stock
u-boot. Switch on the red power led if kernel image can't be loaded.
Otherwise switch the green led on.
Make only the ramboot u-boot available. Only this image is required for
the first installation of LEDE.
Mathias Kresin [Sat, 3 Oct 2015 11:57:54 +0000 (13:57 +0200)]
lantiq: use BT HomeHub 5 Type A OEM partition layout
This way the on nand bad block table is preserved and used. Add support
for nand OOB ECC checksums as well. It should fix all reported ubi
errors, which were all related to bad nand blocks and a purged on nand
bad block table.
The existing ubi partition will be reused, which eliminates the need
to touch the caldata during initial install. The BT u-boot has support
for loading a kernel from an ubi volume. It isn't necessary any longer
to replace the BT u-boot with a custom compiled one to use LEDE.
It is required to restore the BT Firmware and install LEDE from scratch
to switch to the new partition layout.
An image for restoring the BT firmware and installing LEDE is provided
at https://github.com/mkresin/lede/releases.
lantiq: use ath9k device tree bindings binding/owl-loader
This moves the extraction of the eeprom/calibration data to a hotplug
firmware script. Additionally it modifies all .dts to configure ath9k
directly from within the .dts.
The owl-loader approach enables support on devices with exotic eeprom
data locations (such as unaligned positions on the flash or data
inside an UBI volume).
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
[add ath9k caldata mac address patcher]
[fixes DGN3500 wifi mac]
[fixes BTHOMEHUBV3A wifi mac]
[set invalid mac for BTHOMEHUB2B, FRITZ3370, FRITZ7320 & FRITZ7360SL to restore previous random mac behavior] Signed-off-by: Mathias Kresin <dev@kresin.me>
kernel: mac80211: disable ath9k bands via device tree
These properties allow overriding the settings from the EEPROM
which indicate whether a band is enabled or not.
Setting this property is only needed when the RF circuit does not
support the 2.4GHz or 5GHz band while it is enabled nevertheless in the
EEPROM.
These patches will be replaced with a future upstream version which
will introduces an ieee80211 device tree property to disable bands.
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
There are two types of swapping the EEPROM data in the ath9k driver.
Before this series one type of swapping could not be used without the
other.
The first type of swapping looks at the "magic bytes" at the start of
the EEPROM data and performs swab16 on the EEPROM contents if needed.
The second type of swapping is EEPROM format specific and swaps
specific fields within the EEPROM itself (swab16, swab32 - depends on
the EEPROM format).
With this series the second part now looks at the EEPMISC register
inside the EEPROM, which uses a bit to indicate if the EEPROM data
is Big Endian (this is also done by the FreeBSD kernel).
This has a nice advantage: currently there are some out-of-tree hacks
(in OpenWrt and LEDE) where the EEPROM has a Big Endian header on a
Big Endian system (= no swab16 is performed) but the EEPROM itself
indicates that it's data is Little Endian. Until now the out-of-tree
code simply did a swab16 before passing the data to ath9k, so ath9k
first did the swab16 - this also enabled the format specific swapping.
These out-of-tree hacks are still working with the new logic, but it
is recommended to remove them. This implementation is based on a
discussion with Arnd Bergmann who raised concerns about the
robustness and portability of the swapping logic in the original OF
support patch review, see [0].
After a second round of patches (= v1 of this series) neither Arnd
Bergmann nor I were really happy with the complexity of the EEPROM
swapping logic. Based on a discussion (see [1] and [2]) we decided
that ath9k should use a defined format (specifying the endianness
of the data - I went with __le16 and __le32) when accessing the
EEPROM fields. A benefit of this is that we enable the EEPMISC based
swapping logic by default, just like the FreeBSD driver, see [3]. On
the devices which I have tested (see below) ath9k now works without
having to specify the "endian_check" field in ath9k_platform_data (or
a similar logic which could provide this via devicetree) as ath9k now
detects the endianness automatically. Only EEPROMs which are mangled
by some out-of-tree code still need the endian_check flag (or one can
simply remove that mangling from the out-of-tree code).
kernel: mac80211: backport ath9k device tree support patches
These patches add support for configuring ath9k based devices via
devicetree. This was tested on PCI(e) based devices. This should work
for AHB based devices as well (adding more AHB specific properties may
still be needed) as soon as the ath79 platform is ready to populate the
ath9k wmac via devicetree.
This patchset was accepted upstream, more information can be found on
the linux-wireless list:
https://www.spinics.net/lists/linux-wireless/msg155474.html
Signed-off-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
projects / thirdparty / openwrt.git / log
