Daniel Golle [Thu, 18 Feb 2021 19:17:22 +0000 (19:17 +0000)]
mediatek: move out-of-tree DTS files to dedicated dts folder
Use dedicated dts folder like on ramips to store device tree source
files for boards not already supported in vanilla Linux.
Doing so instead of having them in files-* has several advantages:
* we don't need to duplicate them for several kernel versions
* changes to a device tree don't trigger a complete kernel rebuild
* the files are more obvious to find
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Felix Fietkau [Thu, 18 Feb 2021 18:51:05 +0000 (19:51 +0100)]
build: fix ABI version for PROVIDES symbols
GetABISuffix does not work for intra-package ABI version of provided symbols,
since ABIV_$(provided) is not set.
Fix ABI version by using $(ABIV_$(1)) directly
Mathias Kresin [Sun, 27 Dec 2020 20:59:28 +0000 (21:59 +0100)]
kernel: lantiq: fix Module.symvers handling
If an external module uses exported symbols from another external
module, Kbuild needs to have full knowledge of all symbols to
avoid spitting out warnings about undefined symbols.
Use PKG_EXTMOD_SUBDIRS to point to the build directory which contains
the Module.symvers.
Pass KERNEL_MAKE_FLAGS to the external module build, to inject
KBUILD_EXTRA_SYMBOLS. KBUILD_EXTRA_SYMBOLS holds a space separated list
of Module.symvers, which list all exported symbols.
Opening the case is not a nice task, as itis glued together. Insert a
flat knife between the front and back casing below the ethernet port.
Open up a gap this way and insert a flat scredriver, remove the knife.
Work your way around the casing by applying force to seperate the front
and back casing. This losens the glue and opens the plastic clips. Be
gentle, as these clips are very cheap and break quickly.
Installation
------------
1. Connect to the booted device at 192.168.1.20 using username/password
"ubnt".
2. Transfer the OpenWrt sysupgrade image to the device using SCP.
3. Check the mtd partition number for bs / kernel0 / kernel1
$ cat /proc/mtd
4. Set the bootselect flag to boot from kernel0
$ dd if=/dev/zero bs=1 count=1 of=/dev/mtdblock6
5. Write the OpenWrt sysupgrade image to both kernel0 as well as kernel1
David Bauer [Sat, 13 Feb 2021 23:23:51 +0000 (00:23 +0100)]
mediatek: add Ubiquiti LED driver
Add a driver for controlling the RGB LED via Ubiquitis own "LEDBAR" LED
controller based on the Holtek HT32F52241 MCU.
This driver is initially used by the Ubiquiti UniFi 6 LR, however
judging from FCC pictures the MCU is also found on the U6-Mesh as well
as the U6-Extender.
- CVE-2021-2839 - SSLv2 vulnerability. Openssl 1.1.1 does not support
SSLv2, but the affected functions still exist. Considered just a bug.
- CVE-2021-2840 - calls EVP_CipherUpdate, EVP_EncryptUpdate and
EVP_DecryptUpdate may overflow the output length argument in some
cases where the input length is close to the maximum permissable
length for an integer on the platform. In such cases the return value
from the function call will be 1 (indicating success), but the output
length value will be negative.
- CVE-2021-2841 - The X509_issuer_and_serial_hash() function attempts to
create a unique hash value based on the issuer and serial number data
contained within an X509 certificate. However it was failing to
correctly handle any errors that may occur while parsing the issuer
field (which might occur if the issuer field is maliciously
constructed). This may subsequently result in a NULL pointer deref and
a crash leading to a potential denial of service attack.
- Fixed SRP_Calc_client_key so that it runs in constant time. This could
be exploited in a side channel attack to recover the password.
The 3 CVEs above are currently awaiting analysis.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
kernel: hack-5.10: make UDP tunneling user-selectable
This applies another patch from 5.4 to 5.10 as well: de09355f74c3 ("kernel/hack-5.4: make UDP tunneling user-selectable")
UDP tunneling support isn't user-selectable, but it's required by WireGuard
which is, for the time being, an out-of-tree module. We currently work around
this issue by selecting an unrelated module which depends on UDP tunnelling
(VXLAN). This is inconvenient, as it implies this unrelated module needs to be
built-in when doing a monolithic build.
Fix this inconvenience by making UDP tunneling user-selectable in the kernel
configuration.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
kernel: 5.10: fix busy wait loop in mediatek PPE code
Reapply changes added to 5.4 but not copied to 5.10: 3da4acaa7bba ("kernel: fix busy wait loop in mediatek PPE code")
The intention is for the loop to timeout if the body does not succeed.
The current logic calls time_is_before_jiffies(timeout) which is false
until after the timeout, so the loop body never executes.
time_is_after_jiffies(timeout) will return true until timeout is less
than jiffies, which is the intended behavior here.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Felix Fietkau [Mon, 15 Feb 2021 23:03:28 +0000 (00:03 +0100)]
build: reorder more BuildPackages lines to deal with ABI_VERSION
After the ABI version rework, packages need to be declared in the order of
their dependencies, so that dependent packages will use the right ABI version
R. Diez [Wed, 10 Jun 2020 09:33:26 +0000 (11:33 +0200)]
build: IS_TTY is now set according to GNU Make's MAKE_TERMOUT
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.
To mitigate this problem, the original message has been wrapped
automatically by the mailing list software. Fixes: FS#2086
The logic for IS_TTY was broken, because it was testing stdin
instead of stdout.
MAKE_TERMOUT was introduced in GNU Make version 4.1 (05 Oct 2014),
so it should be available everywhere nowadays.
Signed-off-by: R. Diez <rdiezmail-openwrt@yahoo.com>
Paul Spooren [Sun, 13 Dec 2020 06:57:21 +0000 (20:57 -1000)]
build/prereq: require make 4.1 or later
FS#2086 "IS_TTY in the makefile is broken" reports flawed detection of
stdout piping to a file. The issue describes how e.g. terminal color
codes and up in log files if running make like `make > log.txt`.
The proposed solution uses the make variable "MAKE_TERMOUT", which was
introduced in make 4.1. All major distributions seem to updated to 4.1
or later, so this ideally dosen't break anything.
Felix Fietkau [Mon, 15 Feb 2021 22:59:18 +0000 (23:59 +0100)]
util-linux: move libuuid BuildPackage line further up to fix ABI versioning
After the ABI version rework, packages need to be declared in the order of
their dependencies, so that dependent packages will use the right ABI version
Felix Fietkau [Mon, 15 Feb 2021 16:49:46 +0000 (17:49 +0100)]
Mostly revert "build: add support for fixing up library soname"
This reverts commit b12288fa69b171f7c9405518c9bed3581a06f7ce.
The patchelf approach is too fragile, and the only users of this have been
converted to make patching unnecessary
Leave the abi_version_str variable in place in rules.mk
Ilya Lipnitskiy [Mon, 8 Feb 2021 04:17:12 +0000 (20:17 -0800)]
kernel: fix busy wait loop in mediatek PPE code
The intention is for the loop to timeout if the body does not succeed.
The current logic calls time_is_before_jiffies(timeout) which is false
until after the timeout, so the loop body never executes.
time_is_after_jiffies(timeout) will return true until timeout is less
than jiffies, which is the intended behavior here.
That subsequently broke fakeroot:
https://bugs.archlinux.org/task/69572
https://bugzilla.redhat.com/show_bug.cgi?id=1889862#c13
https://forum.openwrt.org/t/unable-to-build-toolchain-fakeroot-fails-perhaps-others-after-it/87966
Make the patch based on Jan Pazdziora's suggestion from here:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/SMQ3RYXEYTVZH6PLQMKNB3NM4XLPMNZO/
Add wrappers for newly exported symbols in glibc.
Apply patch from Debian to fix warnings in fts_read and fts_children:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=676428
https://sources.debian.org/patches/fakeroot/1.25.3-1.1/eglibc-fts-without-LFS/
Fix __xmknod{,at} dev pointer argument. Switch default to assume * and
not the absence of *. On glibc 2.33+, there is no definition for these
functions in header files, so the compile test doesn't work. But, we
can default to using the pointer (as is the case with newer glibc), and
use the header file on older platforms to fail the test and use no pointer.
Tested on my x86_64 Arch Linux machine, fakeroot unit tests pass.
Also tested by building various .ipks and examining the tar contents, to
ensure that the owner uid/gid was 0/0.
Ilya Lipnitskiy [Mon, 15 Feb 2021 00:46:23 +0000 (16:46 -0800)]
tools/patchelf: bump to use latest master
Recent ABI_VERSION commits make use of patchelf. It was discovered that
with patchelf 0.10(and even 0.12) various big endian targets fail to
link against libubox SO that was processed through patchelf. Using
latest master patchelf fixes those link errors.
Daniel Golle [Sun, 14 Feb 2021 22:39:24 +0000 (22:39 +0000)]
odhcpd: setup dhcpv4 server automagically
Automatically setup dhcpv4 server just like it's done for dhcpv6.
To select whether odhcpd or dnsmasq are serving DHCPv4 requests there
still is the 'maindhcp' option. To make things less confusing, make
sure things really work out-of-the-box in case dnsmasq is not even
installed at the time the uci-defaults script is being run.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Hauke Mehrtens [Sun, 14 Feb 2021 23:28:35 +0000 (00:28 +0100)]
Revert "wolfssl: use dynamic ABI_VERSION depending on the configuration and package version"
This fixes the build on MIPS BE like ath25 and ath79 target.
We get this error message when linking libwolfssl:
mips-openwrt-linux-musl/bin/ld: /home/hauke/openwrt/openwrt/staging_dir/target-mips_mips32_musl/usr/lib/libwolfssl.so: unknown type [0x7000002a] section `.MIPS.abiflags'
mips-openwrt-linux-musl/bin/ld: /home/hauke/openwrt/openwrt/staging_dir/target-mips_mips32_musl/usr/lib/libwolfssl.so: unknown type [0x7000002a] section `.MIPS.abiflags'
mips-openwrt-linux-musl/bin/ld: skipping incompatible /home/hauke/openwrt/openwrt/staging_dir/target-mips_mips32_musl/usr/lib/libwolfssl.so when searching for -lwolfssl
mips-openwrt-linux-musl/bin/ld: cannot find -lwolfssl
collect2: error: ld returned 1 exit status
Hauke Mehrtens [Sun, 14 Feb 2021 23:13:07 +0000 (00:13 +0100)]
Revert "libubox: use PKG_ABI_VERSION"
This fixes the build on MIPS BE like ath25 and ath79 target.
We get this error message when linking libubox:
mips-openwrt-linux-musl/bin/ld: /home/hauke/openwrt/openwrt/staging_dir/target-mips_mips32_musl/usr/lib/libubox.so: unknown type [0x7000002a] section `.MIPS.abiflags'
mips-openwrt-linux-musl/bin/ld: /home/hauke/openwrt/openwrt/staging_dir/target-mips_mips32_musl/usr/lib/libubox.so: unknown type [0x7000002a] section `.MIPS.abiflags'
mips-openwrt-linux-musl/bin/ld: skipping incompatible /home/hauke/openwrt/openwrt/staging_dir/target-mips_mips32_musl/usr/lib/libubox.so when searching for -lubox
Kurt Roeckx [Sun, 14 Feb 2021 13:28:20 +0000 (14:28 +0100)]
ramips: mark toggle input on EX6150 as a switch
The Netgear EX6150 has an Access Point/Extender switch. Set it as
an EV_SW. Otherwise when it's set to Access Point, it will trigger
failsafe mode during boot.
Fixes: FS#3590 Signed-off-by: Kurt Roeckx <kurt@roeckx.be>
Petr Štetiar [Sun, 14 Feb 2021 22:22:57 +0000 (23:22 +0100)]
Revert "imx6: bootscript-apalis: make it working on v2021.01 release"
This reverts commit 4968fc8fb110612018af3ba2836be1b4744346e2 as the bump
to v2021.01 needs swig on the host for pylibfdt which is needed by dtoc
tool to generate .h/.c files from DTBs in SPL for mx6cuboxi_config.
The SDK and target/toolchain copy the license file into their
directories. During the rename/move from LICENSE to a LICENSES
folder, this has not been updated.
Update it now, and include the new COPYING file.
While at it, improve formatting/indent.
Fixes: 882e3014610b ("LICENSES: include all used licenses in
LICENSES directory")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Felix Fietkau [Sun, 14 Feb 2021 18:55:09 +0000 (19:55 +0100)]
ath9k: fix transmitting to stations in dynamic SMPS mode
When transmitting to a receiver in dynamic SMPS mode, all transmissions that
use multiple spatial streams need to be sent using CTS-to-self or RTS/CTS to
give the receiver's extra chains some time to wake up.
This fixes the tx rate getting stuck at <= MCS7 for some clients, especially
Intel ones, which make aggressive use of SMPS.
Felix Fietkau [Fri, 12 Feb 2021 08:56:56 +0000 (09:56 +0100)]
build: add support for fixing up library soname
This makes it possible to declare a package ABI_VERSION independent from the
upstream soname by setting PKG_ABI_VERSION in the package makefile.
The library filename is fixed up for files installed to packages and to the
staging dir. References to the original from executables within the same
package are also fixed up
Paul Fertser [Sun, 14 Feb 2021 09:16:33 +0000 (12:16 +0300)]
ath79: fix factory image generation for Netgear and Zyxel boards
The factory images need to embed specific IDs to pass verification with
the OEM firmware (including TFTP recovery), so they need to be
per-device variables.
Fixes: ab1584a797ad ("ath79: netgear: trim down uImage customisations") Fixes: 459c8c9ef816 ("ath79: add support for ZyXEL NBG6616") Reported-by: Marcin Juszkiewicz <marcin-openwrt@juszkiewicz.com.pl> Signed-off-by: Paul Fertser <fercerpav@gmail.com>
[minor commit message adjustments, sort DEVICE_VARS] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Rosen Penev [Mon, 1 Feb 2021 00:15:53 +0000 (16:15 -0800)]
busybox: update to 1.33
Remove stime backport.
Remove static libgcc patch as upstream fixed it with
BUSYBOX_DEFAULT_STATIC_LIBGCC which defauls to off.
Remove date -k patch as it no longer applies. It's also pointless as
busybox' hwclock utility can do the same thing.
Remove ntpd patch as that seems to have been applied upstream.
Add smalll patch fixing compilation with SELinux. Upstream commit 2496616b0a8d1c80cd1416b73a4847b59b9f969a renamed the variable without
renaming it in the SELinux path.
Refresh config and patches.
Config refresh:
Refresh commands, run after busybox is first built once:
cd package/utils/busybox/config/
../convert_menuconfig.pl ../../../../build_dir/target-mips_24kc_musl/busybox-default/busybox-1.33.0
cd ..
./convert_defaults.pl < ../../../build_dir/target-mips_24kc_musl/busybox-default/busybox-1.33.0/.config > Config-defaults.in
Manual edits needed afterward:
* Config-defaults.in: OpenWrt config symbol IPV6 logic applied to
BUSYBOX_DEFAULT_FEATURE_IPV6
* Config-defaults.in: OpenWrt configTARGET_bcm53xx logic applied to
BUSYBOX_DEFAULT_TRUNCATE (commit 547f1ec)
* editors/Config.in: Add USE_GLIBC dependency to
BUSYBOX_CONFIG_FEATURE_VI_REGEX_SEARCH (commit f141090)
* shell/Config.in : change at "Options common to all shells" the symbol
SHELL_ASH --> BUSYBOX_CONFIG_SHELL_ASH
(discussion in http://lists.openwrt.org/pipermail/openwrt-devel/2021-January/033140.html
Apparently our script does not see the hidden option while
prepending config options with "BUSYBOX_CONFIG_" which leads to a
missed dependency when the options are later evaluated.)
* Edit Config.in files by adding quotes to sourced items in
config/Config.in, networking/Config.in and util-linux/Config.in (commit 1da014f)
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
[Added comments from Hannu Nyman to commit message] Signed-off-by: Rosen Penev <rosenp@gmail.com>
Hauke Mehrtens [Sat, 7 Nov 2020 16:50:20 +0000 (17:50 +0100)]
mac80211: Update to version 5.9.12-1
The removed patches were applied upstream.
Remove the 300-mac80211-optimize-skb-resizing.patch.
This patch was not applied upstream, but it conflicts with upstream
changes and needs bigger changes. It was applied with Felix to remove
this patch for now. It should be reworked and then send upstream later.
There are proper workarounds merged to 5.4 stable tree for ESPRESSObin
boards with older bootloader: 4e1a23779bde ("ata: ahci: mvebu: Make SATA PHY optional for Armada 3720") 40af962eb1d4 ("usb: host: xhci: mvebu: make USB 3.0 PHY optional for
Armada 3720")
Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
Sander Vanheule [Thu, 4 Feb 2021 14:49:14 +0000 (15:49 +0100)]
ramips: manage low reset lines
The bootloader of a number of recent TP-Link devices does not properly
initialise the MT7621's internal switch when booting from flash. To
enable the mt7530 driver to clear the reset on the switch, the ramips
reset controller must be allowed to toggle these.
Backport upstream commit 3f9ef7785a9c from mips-next to allow control of
the "mcm" reset line.
Petr Štetiar [Mon, 8 Feb 2021 14:40:07 +0000 (15:40 +0100)]
imx6: bootscript-apalis: make it working on v2021.01 release
Upstream in commit 8b9c0cb46471 ("apalis_imx6: boot env configuration
updates") removed emmc legacy wrappers, but so far didn't included any
replacements. Fix it by simply defining the missing variables and UUID
gathering directly into the boot script.
Petr Štetiar [Tue, 14 Apr 2020 21:21:19 +0000 (23:21 +0200)]
uboot-imx6: bump to 2021.01 release
Refreshed all patches, removed 110-mx6cuboxi-mmc-fallback.patch as it
seems, that upstream has probably added similar funcionality in commit 6c3fbf3e456c ("mx6cuboxi: customize board_boot_order to access eMMC")
and it needs to be re-verified by device owner.
Run tested on apalis.
Cc: Felix Fietkau <nbd@nbd.name> Cc: Vladimir Vid <vladimir.vid@sartura.hr> Cc: Tim Harvey <tharvey@gateworks.com> Cc: Koen Vandeputte <koen.vandeputte@ncentric.com> Signed-off-by: Petr Štetiar <ynezz@true.cz>
Martin Kennedy [Sat, 13 Feb 2021 05:38:52 +0000 (05:38 +0000)]
ath79: fix chip used for Meraki MR12 caldata_extract
The original setup fails to trigger ART calibration data
extraction for the AR9287. Instead, it would only have extracted
calibration data for an internal WMAC chip which is not present on
this board.
Fixes: 55d2db0e8ceb ("ath79: add support for Meraki MR12") Signed-off-by: Martin Kennedy <hurricos@gmail.com>
[commit title/message facelift] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Stijn Segers [Sat, 13 Feb 2021 09:39:42 +0000 (10:39 +0100)]
ramips: remove factory image for TP-Link Archer C2 v1
Initial commit 8375623a0640 ("ramips: add support for TP-Link Archer
C2") contains detailed installation instructions, which do not mention
a factory image. From what I can see, no support to install OpenWrt
through the vendor web interface has been added since. The factory
image is also conspicuously absent from the device page in the wiki.
Yet, it is available for download.
I bricked my Archer C2 loading the factory image through the web UI.
Serial showed this error during bootloop:
Uncompressing Kernel Image ... LZMA ERROR 1 - must RESET board to recover
This patch disables the undocumented factory image so users won't get
tricked into thinking easy web UI flashing actually works.
projects / thirdparty / openwrt.git / log
