Daniel Golle [Mon, 19 Aug 2019 11:40:51 +0000 (13:40 +0200)]
mac80211: rt2x00: clear IV's on start to fix AP mode regression
To do not brake HW restart we should keep initialization vectors data.
I assumed that on start the data is already initialized to zeros, but
that not true on some scenarios and we should clear it. So add
additional flag to check if we are under HW restart and clear IV's
data if we are not.
Patch fixes AP mode regression.
Patch pending on linux-wireless and imported from patchwork.
Fixes: 0b2c42ced21a ("mac80211: Update to version 5.2-rc7") Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Hauke Mehrtens [Sun, 18 Aug 2019 21:24:43 +0000 (23:24 +0200)]
musl: Fix CVE-2019-14697
musl libc through 1.1.23 has an x87 floating-point stack adjustment
imbalance, related to the math/i386/ directory. In some cases, use of
this library could introduce out-of-bounds writes that are not present
in an application's source code.
This problem only affects x86 and no other architectures.
Hauke Mehrtens [Sun, 18 Aug 2019 19:12:52 +0000 (21:12 +0200)]
mac80211: ath10k: Fix crashes of QCA9984 when station connects
This fixes a bug introduced in backports from kernel 5.1 which makes
ath10k crash on QCA9984 when a station connects. The FW sends a airtime
report, but this station is not yet fully registered and a NULL pointer
is used.
Fixes: 0b2c42ced21a ("mac80211: Update to version 5.2-rc7") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hans Dedecker [Sun, 18 Aug 2019 16:54:47 +0000 (18:54 +0200)]
nghttp2: bump to 1.39.2
957abacf Bump up version number to 1.39.2, LT revision to 32:0:18 83d362c6 Don't read too greedily a76d0723 Add nghttp2_option_set_max_outbound_ack db2f612a nghttpx: Fix request stall
Flash instruction:
Upload generated factory firmware on vendor's web interface.
This changes the key assignment compared to ar71xx support of this
device, since of the two keys on the device one is used as combined
Reset/WPS and the second one as WiFi on/off button.
Despite, the reset button required GPIO_ACTIVE_HIGH to work correctly.
Installation via web interface:
1. Flash **initramfs** image through the stock web interface.
2. Boot into OpenWrt and perform sysupgrade with sysupgrade image.
Revert to stock firmware:
1. Perform sysupgrade with stock image.
Chuanhong Guo [Sat, 10 Aug 2019 12:00:24 +0000 (20:00 +0800)]
ath79: adtran,bsap1840/bsap1800-v2: move bootcount out of 02_network
These device supports were introduced before /etc/init.d/bootcount and they
had a bootcount reset done in /etc/board.d/02_network.
Move it into /etc/init.d/bootcount instead.
Suggested-by: Daniel Gimpelevich <daniel@gimpelevich.san-francisco.ca.us> Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
Daniel Engberg [Sat, 15 Jun 2019 09:47:21 +0000 (09:47 +0000)]
tools/e2fsprogs: Update to 1.45.3
Update e2fsprogs to 1.45.3
Remove OpenBSD patch
Remove Darwin patch, neither macports or brew patches these files
Add patch to avoid crond detection on host OS
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Florian Eckert [Mon, 12 Aug 2019 10:04:04 +0000 (12:04 +0200)]
target/x86/image: use qemu-img from STAGING_DIR_HOST
The host tool package qemu is build for the target x86. The installed tool
qemu-img is needed to build vdi or vmdk images. In the image Makefile we
use however the host installed qemu-img command and not the tool from the
buildsystem. This commit force to use the already build qemu-img command
from the openwrt toolchain.
This happens only the second time a library is loaded by dlopen().
After lib1 is loaded, dlsym(lib1,"undef1") correctly resolves the undef
symbol from lib1 dependencies. After the second library is loaded,
dlsym(lib2,"undef1") was returning the address of "undef1" in lib2
instead of searching lib2 dependencies.
Using upstream fix which now uses the same logic for relocation time
and dlsym.
Fixes openwrt/packages#9297
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
gemini: Enable flash boot on reference design type
The flash layout on the Storlink reference design for Gemini
is using 2 MB flash for the kernel, and it also insists on
overwriting the partition table with default values on every
boot. The same is true for the SQ201. This poses a problem
on recent OpenWrt firmware as the base zImage is bigger
than 2 MB.
At the same time there is a ramdisk partition of 6 MB that we
don't really need. The partition table looks like this:
On boot the "Kern" partition is copied to RAM @0x01600000
and the "Ramdisk" partition is copied to RAM @0x00800000.
Then the kernel is executed.
The idea with this patch is to extend the "Kern" partition
with the "Ramdisk" partition to get a full 8 MB to use
for the kernel. Then we put the OpenWrt JFFS2 rootfs
inside the "Application" partition.
We create a small assembly loop that we prepend to the
"Kern" image that will copy the "Kern" from 0x0160000
and the "Ramdisk" from 0x00800000 and put them in
consecutive space at 0x00400000 and execute it from
there, using "Application" as rootfs.
We generate 3 main files:
- zImage - contains the assembly bootstrap loop and
the first part of the generated kernel image
- rd.gz - contains the second part of the generated
kernel image
- hddapp.tgz - contains the root filesystem
On the SQ201 I flash these manually using the native boot
loader PLATO, "Y" alternative for the zImage, "R" for
the rd.gz image and "A" for hddapp.tgz.
This works fine and I can now boot to prompt on the SQ201
with nothing but flash.
This package just contains a small Gemini-only assembler
bootstrap loop to copy the kernel from the two fragments
(previously zImage at 0x01600000 and initramdisk at 0x00800000)
into one big zImage of up to 8 MB at 0x00400000.
It will be built on demand from the Gemini image Makefile.
The SL93512r and the NAS4220B have Redboot partition
tables (rely on these) and need to boot from mtdblock3.
Add two patches from upstream to fix this.
Always build AES-GCM support.
Unnecessary patches were removed.
This includes two vulnerability fixes:
CVE-2019-11873: a potential buffer overflow case with the TLSv1.3 PSK
extension parsing.
CVE-2019-13628 (currently assigned-only): potential leak of nonce sizes
when performing ECDSA signing operations. The leak is considered to be
difficult to exploit but it could potentially be used maliciously to
perform a lattice based timing attack.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Hauke Mehrtens [Sat, 3 Aug 2019 10:30:38 +0000 (12:30 +0200)]
mac80211: Update to version 5.3-rc4-1
The removed patches were applied upstream.
The type of the RT2X00_LIB_EEPROM config option was changed to bool,
because boolean is an invalid value and the new kconfig system
complained about this.
Hauke Mehrtens [Wed, 7 Aug 2019 19:37:25 +0000 (21:37 +0200)]
hostapd: Allow CONFIG_IEEE80211W for all but mini variant
This commit will activate CONFIG_IEEE80211W for all, but the mini
variant when at least one driver supports it. This will add ieee80211w
support for the mesh variant for example.
Unconditionally execute the final case statement, even if the disk layout
changed. This is necessary, to keep the original Turris Omnia flash
instructions working: The disk layout WILL change, when switching from
TurrisOS to OpenWRT. Without updating the uboot environment at the same
time, the user would end up with an unbootable system.
Fixes commit 2e5a0b81ec ("mvebu: sysupgrade: sdcard: keep user added ...")
Signed-off-by: Klaus Kudielka <klaus.kudielka@gmail.com>
Jonas Gorski [Fri, 16 Aug 2019 10:24:13 +0000 (12:24 +0200)]
brcm63xx: do not build images for 16 MiB RAM devices by default
OpenWrt will run out of RAM while booting with the default package set,
so let's not provide images that will likely fail. They can still be
built manually through source or IB if needed.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
The enabled option did not work properly for ipsets, as it was not
checked on create/destroy of a set. After this commit, sets are only
created/destroyed if enabled is set to true.
Add support for reloading, or recreating, ipsets on firewall reload. By
setting "reload_set" to true, the set will be destroyed and then
re-created when the firewall is reloaded.
Add support for the counters and comment extensions. By setting
"counters" or "comment" to true, then counters or comments are added to
the set.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
David Bauer [Sun, 11 Aug 2019 21:37:24 +0000 (23:37 +0200)]
lantiq: unify Fritz!Box LED mappings
This commit unifies the LED mapping of the AVM Fritz!Box routers, which
have a combined Power/DSL LED.
With the stock firmware, the Power LED has the following
characteristics:
- Blink when DSL sync is being established
- Solid when DSL sync is present
We can't completely resemble this behavior in OpenWrt. Currently, the
Power LED is completely off, when DSL sync is missing. This is not
really helpful, as a user might have the impression, that he bricked his
device.
Instead, map the Info-LED to the state of the DSL connection.
There is no consistent behavior for the Info-LED in the stock
firmware, as the user can set it's function by himself. The DSL
connection state is one possible option for the Info LED there.
Also use the red Power LED to indicate a running upgrade, in case the
board has a two-color Power LED.
David Bauer [Wed, 14 Aug 2019 22:29:45 +0000 (00:29 +0200)]
ath79: use Power LED as System LED for TL-WR842Nv3
The TP-Link TL-WR842N v3 has a software-controllable Power LED. The WPS
LED is normally only used as a System LED, when the Power LED can't be
controlled by software.
Additionally, the Power LED is also the System LED for this board in
ar71xx.
David Bauer [Mon, 12 Aug 2019 23:44:03 +0000 (01:44 +0200)]
ipq40xx: fix AVM NAND caldata extraction
The AVM Fritz!Box 7530 (and probably other AVM IPQ4019 NAND devices)
has it's caldata not stored consistently, but instead at currently
3 known possible offsets.
As we get a non-zero exit code from fritz_cal_extract, simply try all
three possible offsets on both bootloader partitions, until a matching
caldata for each radio is found.
Reported-by: Hauke Mehrtens <hauke@hauke-m.de> Signed-off-by: David Bauer <mail@david-bauer.net>
Jonas Gorski [Tue, 13 Aug 2019 10:33:47 +0000 (12:33 +0200)]
build: allow overriding default selection state for devices
Allow overriding the default selection state for Devices, similar to
setting a default for packages.
E.g. by setting DEFAULT to n, they won't be selected by default anymore
when enabling all device in the multi device profile.
This allows preventing images being built by the default config for
known broken devices, devices without enough RAM/flash, or devices not
working with a certain kernel versions.
This does not prevent the devices from being manually selected or images
being built by the ImageBuilder. These devices often still have worth
with a reduced package-set, or as a device for regression testing, when
no better device is available.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Paul Spooren [Mon, 12 Aug 2019 09:08:33 +0000 (23:08 -1000)]
image.mk: remove device_ from manifest filename
The manifest file is based on IMG_PREFIX and PROFILE_SANITIZED, whereas
the latter takes a string like DEVICE_8dev_carambola2 and sanitizes it.
This behaviour results in a useless "device_" profile-prefix in the
device manifest filename. Now uses *subst* to remove that.
Therefore this patch results more consistent device file names:
Paul Spooren [Thu, 13 Jun 2019 00:24:04 +0000 (02:24 +0200)]
build: add buildinfo files for reproducibility
generate feeds.buildinfo and version.buildinfo in build dir after
containing the feed revisions (via ./scripts/feeds list -sf) as well as
the current revision of buildroot (via ./scripts/getver.sh).
With this information it should be possible to reproduce any build,
especially the release builds.
Usage would be to move feeds.buildinfo to feeds.conf and git checkout the
revision hash of version.buildinfo.
Content of feeds.buildinfo would look similar to this:
Felix Fietkau [Thu, 22 Feb 2018 16:26:41 +0000 (17:26 +0100)]
build: allow overriding the filename on the remote server when downloading
Github releases usually don't contain the project name in the release
filename, which makes them very inconvenient to use from the build
system. Add support for naming the local file differently.
ramips: fix LED labels not updated during device name changes
In commit d93969a13a5b ("ramips: Improve compatible for TP-Link
Archer devices") and subsequent ones, names of several devices
in ramips have been changed.
Since LED names are frequently invoked by $boardname, this has
broken LED setup in 01_leds, as $boardname and prefix in DTS
do not match anymore.
This patch updates device name prefixes for LEDs in DTS files,
and provides a migration script.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
projects / thirdparty / openwrt.git / log
