Robert Marko [Fri, 19 Oct 2018 07:54:32 +0000 (09:54 +0200)]
linux-firmware: Update linux-firmware to 2018-10-18
Kalles ath10k PR was finally merged so update linux-firmware to
include those changes.
This is needed since disabling ath10k-firmware a lot of custom BDF-s
in board-2.bin-s are not available in previously outdated linux-firmware
board-2.bin-s.
This also includes support for boards currently using ipq-wifi and other
WIP ones.
- comment on BSP u-boot behaviour in regards to
what it edits and look for
- annotate irq lines with the help of interrupt-names
- remove deprecated "device_type" properties
The pci and network device_type had to stay since
they are required by the drivers and u-boot.
the cpu and memory device_types will remain as well
as they are still part of the DT Spec.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
With the upcoming 4.19 release, the serial console on the
Netgear WNDR4700 would no longer work as it is never really
set and always relied on the kernel's serial code not to
change the baud rate.
On the stock firmware, Netgear forced the console setting
through a custom CONFIG_CMDLINE in their kernel to 115200.
Normally, they should have done it in a different way and
just passed the baudrate through a "console=..." kernel
parameter via the bootargs in the "/chosen" dt node.
But in their default u-boot bootcmd setting, they somehow
forgot to add the "run addtty", so there's no easy way to
pass the baudrate from u-boot to the kernel. So it has
to be forced as otherwise it ends up as 9600 baud.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
The -rcX "testing" kernels are no longer hosted on
cdn.kernel.org file servers directly in a "testing"
directory. Therefore the logic that tested for "-rc"
can be removed.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Linus Walleij [Wed, 17 Oct 2018 18:46:19 +0000 (20:46 +0200)]
gemini: Fix up image generation
I noticed that the image generator for the Gemini generates
some 10+ MB files for the second (application) partition.
This is just wrong. The first 6144K partition named initramfs
easily fits OpenWRTs squashfs,jffs2 overlayed partitions
with nice headroom for storing configuration files.
Generate a blank partition for the hddapp.tgz file and delete
it after generating the firmware image - when performing
updates manually you just want the "rd.z" file around
anyways.
Linus Walleij [Thu, 18 Oct 2018 09:30:27 +0000 (11:30 +0200)]
gemini: Break out USB to packages
This creates a new kernel package for the fotg210 host
controller and uses that with the gemini to shrink the
kernel. The SQ201 needs the USB2 PCI package as well.
The build system required me to make kernel_oldconfig
beofore it would build without errors so some minor
unrelated Kconfig entries are changed.
Daniel Engberg [Thu, 22 Feb 2018 22:39:40 +0000 (23:39 +0100)]
toolchain/musl: Don't override optimization set by upstream
Don't override optimization set by upstream.
Provides a speed increase for internal (library), malloc and string
operations in musl.
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
[add : to PKG_RELEASE release variable for consistency] Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
ba2ab5d version: bump snapshot 5f59c76 tools: wg-quick: wait for interface to disappear on freebsd ac7e7a3 tools: don't fail if a netlink interface dump is inconsistent 8432585 main: get rid of unloaded debug message 139e57c tools: compile on gnu99 d65817c tools: use libc's endianness macro if no compiler macro f985de2 global: give if statements brackets and other cleanups b3a5d8a main: change module description 296d505 device: use textual error labels always 8bde328 allowedips: swap endianness early on a650d49 timers: avoid using control statements in macro db4dd93 allowedips: remove control statement from macro by rewriting 780a597 global: more nits 06b1236 global: rename struct wireguard_ to struct wg_ 205dd46 netlink: do not stuff index into nla type 2c6b57b qemu: kill after 20 minutes 6f2953d compat: look in Kbuild and Makefile since they differ based on arch a93d7e4 create-patch: blacklist instead of whitelist 8d53657 global: prefix functions used in callbacks with wg_ 123f85c compat: don't output for grep errors
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Fabio Bettoni [Wed, 17 Oct 2018 12:21:41 +0000 (14:21 +0200)]
ar71xx/ath79: fix mtd corruption
In commit fec8fe806963 ("kernel: bump 4.9 to 4.9.116") [1], the following patch for removed:
- 403-mtd_fix_cfi_cmdset_0002_status_check.patch
This patch contained fixes for both write and erase functions.
While the chip-detects for erase got fixed upstream [2],
some modifications are still required, even with the fixes applied.
While at it, also apply the same fix for target ath79,
which suffers the same issue.
Not doing so results in following errors seen:
Collected errors:
* pkg_write_filelist: Failed to open //usr/lib/opkg/info/luci-lib-ip.list: I/O error.
* opkg_install_pkg: Failed to extract data files for luci-lib-ip. Package debris may remain!
* opkg_install_cmd: Cannot install package luci-ssl.
* opkg_conf_write_status_files: Can't open status file //usr/lib/opkg/status: I/O error.
[ 0.780920] jffs2: version 2.2 (NAND) (SUMMARY) (LZMA) (RTIME) (CMODE_PRIORITY) (c) 2001-2006 Red Hat, Inc.
[ 8.406396] jffs2: notice: (415) jffs2_build_xattr_subsystem: complete building xattr subsystem, 0 of xdatum (0 unchecked, 0 orphan) and 0 of xref (0 dead, 0 orphan) found.
[ 8.423476] mount_root: switching to jffs2 overlay
[ 270.902671] jffs2: Write of 1989 bytes at 0x005ce6f8 failed. returned -5, retlen 962
[ 270.931965] jffs2: Write of 1989 bytes at 0x005ceec0 failed. returned -5, retlen 0
[ 270.939631] jffs2: Not marking the space at 0x005ceec0 as dirty because the flash driver returned retlen zero
[ 270.950397] jffs2: Write of 68 bytes at 0x005ceec0 failed. returned -5, retlen 0
[ 270.957838] jffs2: Not marking the space at 0x005ceec0 as dirty because the flash driver returned retlen zero
[ 270.968584] jffs2: Write of 68 bytes at 0x005ceec0 failed. returned -5, retlen 0
[ 270.976027] jffs2: Not marking the space at 0x005ceec0 as dirty because the flash driver returned retlen zero
[ 270.986735] jffs2: Write of 68 bytes at 0x005ceec0 failed. returned -5, retlen 0
[ 270.994225] jffs2: Not marking the space at 0x005ceec0 as dirty because the flash driver returned retlen zero
Hans Dedecker [Wed, 17 Oct 2018 09:02:05 +0000 (11:02 +0200)]
gre: make encaplimit support configurable
Make inclusion of the destination option header containing the tunnel
encapsulation limit configurable for IPv6 GRE packets.
Setting the uci parameter encaplimit to ignore; allows to disable the
insertion of the destination option header in the IPv6 GRE packets.
Otherwise the tunnel encapsulation limit value can be set to a value
from 0 till 255 by setting the encaplimit uci parameter accordingly.
Felix Fietkau [Tue, 16 Oct 2018 10:58:57 +0000 (12:58 +0200)]
mt76: update to the latest version, add mt76x0 firmware, enable mt76x0e
96fa353 mt76: do not store aggregation sequence number for null-data frames c50dca8 mt76x0: print BBP version only for debug ddc9e05 mt76x0: correct RF access via RF_CSR register. 02d2385 mt76: allow to identify bus c438e67 mt76x0: correct RF reg pairs write for PCIe c83abb8 mt76x0: use bus helper to identify rf access method 9c272ff mt76x0: phy: fix bank check in mt76x0_rf_csr_{wr,rr} 1945d57 mt76: use mt76x02_dev instead of mt76_dev in mt76x02_mcu.c 214eab7 mt76: use mt76x02_dev instead of mt76_dev in mt76x02_phy.c 29bc2ae mt76: use mt76x02_dev instead of mt76_dev in mt76x02_util.c 08ecb5f mt76: use mt76x02_dev instead of mt76_dev in mt76x02_usb_mcu.c fd9b2b0 mt76: use mt76x02_dev instead of mt76_dev in mt76x02_mac.c f37bd25 mt76: use mt76x02_dev instead of mt76_dev in mt76x02_txrx.c 48950cb mt76: use mt76x02_dev instead of mt76_dev in mt76x02_eeprom.c 06276cc mt76x0: pci: report firmware version using ethtool 72546ed mt76x0: pci: add missing mac80211 callbacks 4de98cd mt76: disable ldpc coding for mt76x0 devices f0951c2 mt76x0: pci: add mt76x0_register_device in mt76x0e_register_device 4f3685e mt76: reserve enough room for USB tx skbs 5e6907f mt76x0: remove dma.h acfc5a9 mt76x0: pci: fix set external PA I/O current 2b79bb7 mt76: mt76x0e: another fix for the external PA current setting 8a0acfd mt76x0: phy: fix restore phase in mt76x0_phy_recalibrate_after_assoc e9e949b mt76x0: phy: remove channel parameter from mt76x0_phy_set_chan_bbp_params 1775717 mt76: move mt76x02_phy_set_bw in mt76x02-lib module f82134f mt76: move mt76x02_phy_set_band in mt76x02-lib module 3eaa34f mt76x0: pci: rename mt76x0_phy_calibrate 7269fb4 mt76x0: pci: introduce mt76x0_phy_calirate routine a514b75 mt76x0: phy: update set_channel for mt76x0e devices 62a1bc5 mt76x0: eeprom: introduce mt76x0_tssi_enabled routine a48481d mt76x0: phy: add phy/vco temperature compensation cc34ce9 mt76: move rssi_gain_thresh routines in mt76x02-lib module eaf9751 mt76: move mt76x02_phy_adjust_vga_gain in mt76/mt76x02_phy.c 2715e7c mt76: introduce mt76x02_init_agc_gain routine 87fcb31 mt76x0: phy: align channel gain logic to mt76x2 one 98f8ef7 mt76x0: phy: do not run calibration during channel switch cf859ad mt76x2: align mt76x2 and mt76x2u firmware 1f3f767 mt76x2u: align channel gain logic to mt76x2 one d1c1454 treewide: Replace more open-coded allocation size multiplications bcbecd2 mt76x0: phy: use proper name convention b6694e6 mt76x0: phy: simplify rf configuration routines da129c9 mt76x0: phy: improve code readability in initvals_phy.h eab7ab1 mt76x0: pci: add get_survey support 9e493f7 mt76: move mt76x02_mac_work routine in mt76x02-lib module ecec6ba mt76: move mt76x02_debugfs in mt76x02-lib module 4f3b608 mt76x0: use shared debugfs implementation 6aae25b mt76x0: use mt76x02_mac_work as stats handler b228a45 mt76x2u: introduce mac workqueue support 4671af4 mt76x0: phy: unify calibration between mt76x0u and mt76x0e 5ed28f3 mt76x0: do not perform MCU calibration for MT7630 9b844da add mt7610e firmware
dnsmasq: fix dnsmasq failure to start when ujail'd
This patch fixes jailed dnsmasq running into the following issue:
|dnsmasq[1]: cannot read /usr/share/dnsmasq/dhcpbogushostname.conf: No such file or directory
|dnsmasq[1]: FAILED to start up
|procd: Instance dnsmasq::cfg01411c s in a crash loop 6 crashes, 0 seconds since last crash
Fixes: a45f4f50e16 ("dnsmasq: add dhcp-ignore-names support - CERT VU#598349") Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[bump package release] Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Hauke Mehrtens [Sun, 14 Oct 2018 14:42:45 +0000 (16:42 +0200)]
tools: patch: Fix build by not modifing Makefile.am
A new test case was adding in one of the patches fixing a problem, this
also included a change in the test/Makefile.am to add this test case.
The build system detected a change in the Makefile.am and wants to
regenerate the Makefile.in, but this fails because automake-1.15 is not
installed yet. As automake depends on patch being build first, make sure
we do not modify the Makefile.am.
Hauke Mehrtens [Sun, 14 Oct 2018 13:25:37 +0000 (15:25 +0200)]
tools: patch: make patch build depend on automake
The Makefile.am changed and now patch wants to use automake to
regenerate the Makefile.in. Make sure automake was build before we build
patch.
This fixes build problem seen by the build bots. Fixes: 4797dddfde6 ("patch: apply upstream cve fixes") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This adds support for the WPA3-Enterprise mode authentication.
The settings for the WPA3-Enterpriese mode are defined in
WPA3_Specification_v1.0.pdf. This mode also requires ieee80211w and
guarantees at least 192 bit of security.
This does not increase the ipkg size by a significant size.
OWE is defined in RFC 8110 and provides encryption and forward security
for open networks.
This is based on the requirements in the Wifi alliance document
Opportunistic_Wireless_Encryption_Specification_v1.0_0.pdf
The wifi alliance requires ieee80211w for the OWE mode.
This also makes it possible to configure the OWE transission mode which
allows it operate an open and an OWE BSSID in parallel and the client
should only show one network.
This increases the ipkg size by 5.800 Bytes.
Old: 402.541 Bytes
New: 408.341 Bytes
Hauke Mehrtens [Wed, 3 Oct 2018 21:33:51 +0000 (23:33 +0200)]
hostapd: Activate Simultaneous Authentication of Equals (SAE)
This build the full openssl and wolfssl versions with SAE support which
is the main part of WPA3 PSK.
This needs elliptic curve cryptography which is only provided by these
two external cryptographic libraries and not by the internal
implementation.
The WPA3_Specification_v1.0.pdf file says that in SAE only mode
Protected Management Frames (PMF) is required, in mixed mode with
WPA2-PSK PMF should be required for clients using SAE, and optional for
clients using WPA2-PSK. The defaults are set now accordingly.
This increases the ipkg size by 8.515 Bytes.
Old: 394.026 Bytes
New: 402.541 Bytes
Robert Marko [Tue, 9 Oct 2018 13:05:56 +0000 (15:05 +0200)]
ath10k-ct: Update to 29-09-2018
Update ath10k-ct to be able to drop 210-ath10k-fix-recent-bandwidth-conversion-bug.patch
as its upstream.
b9989fbd5d6e ath10k-ct: Add upstream patch to fix peer rate reporting. ac9224344dbf ath10k-ct: Support sending custom frames with no-ack flag. bc938bc2021e ath10k-ct: Support sending pkts with specific rate on 10.4 firmware.
Signed-off-by: Robert Marko <robimarko@gmail.com>
[Added list of all changes from previous version + add own test device] Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
uqmi: stop proto handler if verify pin count is not 3
Check pin count value from pin status and stop verification the pin if
the value is less then 3. This should prevent the proto-handler to
lock the SIM. If SIM is locked then the PUK is needed.
uqmi: do not block proto handler if SIM is uninitialized
QMI proto setup-handler will wait forever if SIM does not get initialized.
To fix this stop polling pin status and notify netifd. Netifd will generate
then a "ifup-failed" ACTION.
uqmi: do not block proto handler if modem is unable to registrate
QMI proto setup-handler will wait forever if it is unable to registrate to
the mobile network. To fix this stop polling network registration status
and notify netifd. Netifd will generate then a "ifup-failed" ACTION.
This value will be used for now during following situations:
* Ask the sim with the uqmi --get-pin-status command.
* Wait for network registration with the uqmi --get-serving-system command.
This two commands wait forever in a while loop. Add a timeout to stop
waiting and so inform netifd.
Rafał Miłecki [Thu, 11 Oct 2018 08:01:45 +0000 (10:01 +0200)]
bcm53xx: replace SPI revert with a fix sent upstream
Instead of reverting whole commit it's enough to just revert a single
line change. It seems the real problem with the regressing commit was a
bump of read chunk size. Switching back to 256 B chunks is enough to fix
the problem/regression.
Felix Fietkau [Tue, 9 Oct 2018 11:22:46 +0000 (13:22 +0200)]
kernel: enable memory compaction
Compaction is the only memory management component to form high order (larger
physically contiguous) memory blocks reliably. The page allocator relies on
compaction heavily and the lack of the feature can lead to unexpected OOM
killer invocations for high order memory requests. You shouldn't disable this
option unless there really is a strong reason for it.
Signed-off-by: Felix Fietkau <nbd@nbd.name> Signed-off-by: Michal Hrusecky <michal.hrusecky@nic.cz>
Felix Fietkau [Thu, 25 Jan 2018 13:01:34 +0000 (14:01 +0100)]
kernel: support gcc-optimized inlining on all architectures
Optimized inlining was disabled by default when gcc 4 was still
relatively new. By now, all gcc versions handle this well and there
seems to be no real reason to keep it x86-only.
dnsmasq: add dhcp-ignore-names support - CERT VU#598349
dnsmasq v2.80test8 adds the ability to ignore dhcp client's requests for
specific hostnames. Clients claiming certain hostnames and thus
claiming DNS namespace represent a potential security risk. e.g. a
malicious host could claim 'wpad' for itself and redirect other web
client requests to it for nefarious purpose. See CERT VU#598349 for more
details.
Some Samsung TVs are claiming the hostname 'localhost', it is believed
not (yet) for nefarious purposes.
/usr/share/dnsmasq/dhcpbogushostname.conf contains a list of hostnames
in correct syntax to be excluded. e.g.
dhcp-name-match=set:dhcp_bogus_hostname,localhost
Inclusion of this file is controlled by uci option dhcpbogushostname
which is enabled by default.
To be absolutely clear, DHCP leases to these requesting hosts are still
permitted, but they do NOT get to claim ownership of the hostname
itself and hence put into DNS for other hosts to be confused/manipulate by.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
64750c1 version: bump snapshot f11a2b8 global: style nits 4b34b6a crypto: clean up remaining .h->.c 06d9fc8 allowedips: document additional nobs c32b5f9 makefile: do more generic wildcard so as to avoid rename issues 20f48d8 crypto: use BIT(i) & bitmap instead of (bitmap >> i) & 1 b6e09f6 crypto: disable broken implementations in selftests fd50f77 compat: clang cannot handle __builtin_constant_p bddaca7 compat: make asm/simd.h conditional on its existence b4ba33e compat: account for ancient ARM assembler
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Hauke Mehrtens [Tue, 2 Oct 2018 20:43:58 +0000 (22:43 +0200)]
image: ignore usign build errors
The tl-wa850re-v2 images from the ar71xx/tiny target are getting too big
with the default packages. The size check is done before the meta data
is added so there is no file to add meta data to or to sign. Originally
errors in Build/append-metadata were getting ignored, but if the signing
fails the error is not ignored.
This adds a check if the file to be signed is there and only does the
signing if it is there. This way it does not fail if the package
creation was already aborted earlier.
Fixes: 848b455d2e94 ("image: use ucert to append signature") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hans Dedecker [Sun, 7 Oct 2018 18:37:47 +0000 (20:37 +0200)]
busybox: fix IPv6 dependency
Commit 9f0cb135dd made BUSYBOX_CONFIG_FEATURE_IPV6 dependant on IPV6 but
did not make its default value BUSYBOX_DEFAULT_FEATURE_IPV6 dependant
on IPV6. BUSYBOX_DEFAULT_FEATURE_IPV6 will have as default value y if
IPV6 is enabled otherwise n.
e1791f3 Fix logging of DNSSEC queries in TCP mode. Destination server address was misleading. 0fdf3c1 Fix dhcp-match-name to match hostname, not complete FQDN. ee1df06 Tweak strategy for confirming SLAAC addresses. 1e87eba Clarify manpage for --auth-sec-servers 0893347 Make interface spec optional in --auth-server. 7cbf497 Example config file fix for CERT Vulnerability VU#598349.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Hans Dedecker [Sun, 7 Oct 2018 15:35:06 +0000 (17:35 +0200)]
nghttp2: bump to 1.34.0
2b085815 (tag: v1.34.0) Update manual pages 986fa302 Bump up version number to 1.34.0, LT revision to 31:1:17 7c8cb3a0 nghttpx: Improve CONNECT response status handling 334c439c Fix bug that regular CONNECT does not work 6700626c Rule out content-length in the successful response to CONNECT 15162add Update manual pages 93270777 Merge pull request #1235 from nghttp2/backend-conn-timeout aeb92bbb nghttpx: Add read/write-timeout parameters to backend option fc7489e0 nghttpx: Fix mruby parameter validation 87ac872f nghttpx: Update doc c278adde nghttpx: Log error when mruby file cannot be opened f94d7209 Merge pull request #1234 from nghttp2/nghttpx-rfc8441 9b9baa6b Update doc 02566ee3 nghttpx: Update doc 3002f31b src: Add debug output for SETTINGS_ENABLE_CONNECT_PROTOCOL d2a594a7 nghttpx: Implement RFC 8441 Bootstrapping WebSocket with HTTP/2 651e1477 Allow client sending :protocol optimistically a42faf1c nghttpx: Write TLS alert during handshake 4aac05e1 Merge pull request #1231 from nghttp2/ws-lib-only b80dfaa8 Adjustment for RFC 8441 a19d8f5d Deal with :protocol pseudo header 33f6e90a Add NGHTTP2_TOKEN__PROTOCOL ed7fabcb Add SETTINGS_ENABLE_CONNECT_PROTOCOL 8753b6da Update doc f2de733b Update neverbleed to fix OpenSSL 1.1.1 issues 88ff8c69 Update mruby 1.4.1 a63558a1 nghttpx: Call OCSP_response_get1_basic only when OCSP status is successful 3575a132 nghttpx: Fix crash with plain text HTTP e2de2fee Update bash_completion 9f415979 Update manual pages 4bfc0cd1 Merge pull request #1230 from nghttp2/nghttpx-faster-logging 9c824b87 nghttpx: Get rid of std::stringstream from Log a1ea1696 Make VALID_HD_NAME_CHARS and VALID_HD_VALUE_CHARS const qualified dfc0f248 Make static_table const qualified ed7c9db2 nghttpx: Add mruby env.tls_handshake_finished 5b42815a nghttpx: Strip incoming Early-Data header field by default cfe7fa9a nghttpx: Add --tls13-ciphers and --tls-client-ciphers options cb8a9d58 src: Remove TLSv1.3 ciphers from DEFAULT_CIPHER_LIST 023b9448 Merge branch 'tls13-early-data' 9b03c64f nghttpx: Should postpone early data by default b8eccec6 nghttpx: Disable OpenSSL anti-replay 9f212587 Specify SSL_CTX_set_max_early_data and add an option to change max value 47f60124 nghttpx: Add an option to postpone early data processing 770e44de Implement draft-ietf-httpbis-replay-02 2ab319c1 Don't hide error code from openssl 39923024 Remove SSL_ERROR_WANT_WRITE handling b30f312a Honor SSL_read semantics c5cdb78a nghttpx: Add TLSv1.3 0-RTT early data support f79a5812 Bump up version number to 1.34.0
projects / thirdparty / openwrt.git / log
