Hauke Mehrtens [Tue, 26 Mar 2024 00:17:53 +0000 (01:17 +0100)]
kernel: bump 5.10 to 5.10.213
Removed because it is upstream:
generic/backport-5.10/081-net-next-regmap-allow-to-define-reg_update_bits-for-no-bus.patch
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.10.y&id=915848be2f1b24d8043aace414bc5f8174a13c0e
Hauke Mehrtens [Sat, 2 Mar 2024 20:01:35 +0000 (21:01 +0100)]
kernel: bump 5.10 to 5.10.211
Removed because it is upstream:
bcm53xx/patches-5.15/037-v6.6-0004-ARM-dts-BCM53573-Drop-nonexistent-default-off-LED-tr.patch
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=ef6128a1bafe90ceb14d71cd0e69f44f00ec8b0a
Manually adapted the following patch:
bcm53xx/patches-5.10/038-v6.2-0004-ARM-dts-broadcom-align-LED-node-names-with-dtschema.patch
Hauke Mehrtens [Sat, 17 Feb 2024 16:58:50 +0000 (17:58 +0100)]
wifi-scripts: Support HE Iftypes with multiple entries
With mac80211_hwsim I have seen such entries in OpenWrt 22.03:
HE Iftypes: managed, AP
The mac80211.sh script did not detect the entry and failed. Allow
arbitrary other entries before to fix this problem.
Hauke Mehrtens [Tue, 13 Feb 2024 21:50:12 +0000 (22:50 +0100)]
hostapd: backport fix for CVE-2023-52160
Fix a authentication bypass problem in WPA Enterprise client mode. See
here for details: https://www.top10vpn.com/research/wifi-vulnerabilities/
This problem was assigned CVE-2023-52160
This problem was fixed in upstream hostapd in June 2023. Hostapd used in
OpenWrt 23.05 and later already contains this fix..
Oto Šťáva [Fri, 16 Feb 2024 15:28:10 +0000 (16:28 +0100)]
build: add explicit --no-show-signature for git
When `log.showSignature` is set, it causes the `SOURCE_DATE_EPOCH` to
include a textual signature description on OpenPGP-signed commits,
because Git prints the description into stdout. This then causes some
scripts to fail because they cannot parse the date from the variable.
Adding an explicit `--no-show-signature` prevents the signatures from
being displayed even when one has Git configured to show them by
default, fixing the scripts.
Hauke Mehrtens [Sat, 27 Jan 2024 23:24:42 +0000 (00:24 +0100)]
mac80211: Update to version 5.15.148-1
This update mac80211 to version 5.15.148-1. This includes multiple
bugfixes. Some of these bugfixes are fixing security relevant bugs.
The following patch was integrated into upstream Linux:
package/kernel/mac80211/patches/subsys/352-wifi-mac80211-fix-invalid-drv_sta_pre_rcu_remove-cal.patch
Lech Perczak [Sun, 21 Jan 2024 23:34:34 +0000 (00:34 +0100)]
ath79: add Ubiquiti Rocket M XW as alternate name to Bullet M XW
Ubiquiti Rocket M XW is a single-band, 2x2:2 external Wi-Fi AP, with optional
GPS receiver, with two external RP-SMA antenna connections, based on
AR9342 SoC. Two band variants exists, for 2.4GHz and 5GHz band, usable
with the same image.
Specs:
- CPU: Atheros AR9342 MIPS SoC at 535MHz
- RAM: 64MB DDR400
- ROM: 8MB SPI-NOR in SO16W package, MX25L6408E
- Wi-Fi Atheros AR9342 built-in 2x2:2 radio
- Ethernet: Atheros AR8035 PHY, limited to 100Mbps speeds due to
magnetics
- Power: 24V passive PoE input.
Installation: please refer to Ubiquiti Bullet M2HP for documentation.
The device runs with exactly same image as the Bullet, and after fixes
in preceding commit, is fully functional again. Add the alternative name
to the build system.
Lech Perczak [Sun, 21 Jan 2024 23:14:16 +0000 (00:14 +0100)]
ath79: ubnt-bullet-m-xw: fix Ethernet PHY traffic
Since commit 6f2e1b7485f0 ("ath79: disable delays on AT803X config init")
Ubiquiti XW boards equipped with AR8035 PHY suffered from lack of
outbound traffic on the Ethernet port. This was caused by the fact, the
U-boot has set this during boot and it wasn't reset by the PHY driver,
and the corresponding setting in device tree was wrong.
Set the 'phy-mode = "rgmii-txid"' at the ð0, and drop this property
from PHY node, as it is not parsed there. This causes the device to
connect using Ethernet once again.
Fixes: db4b6535f837 ("ath79: Add support for Ubiquity Bullet M (XW)") Fixes: 6f2e1b7485f0 ("ath79: disable delays on AT803X config init") Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit a9b2ba4d7ba06e1ac4ff7da3eb9b4038b94d9fbb)
orangepizza [Mon, 29 Jan 2024 02:37:43 +0000 (11:37 +0900)]
mbedtls: security bump to version 2.28.7
This release of Mbed TLS provides bug fixes and minor enhancements. This
release includes fixes for following security issues:
* Timing side channel in private key RSA operations (CVE-2024-23170)
Mbed TLS is vulnerable to a timing side channel in private key RSA
operations. This side channel could be sufficient for an attacker to
recover the plaintext. A local attacker or a remote attacker who is
close to the victim on the network might have precise enough timing
measurements to exploit this. It requires the attacker to send a large
number of messages for decryption.
* Buffer overflow in mbedtls_x509_set_extension() (CVE-2024-23775)
When writing x509 extensions we failed to validate inputs passed in to
mbedtls_x509_set_extension(), which could result in an integer overflow,
causing a zero-length buffer to be allocated to hold the extension. The
extension would then be copied into the buffer, causing a heap buffer
overflow.
Fixes: CVE-2024-23170, CVE-2024-23775
References: https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-01-1/
References: https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-01-2/ Signed-off-by: orangepizza <tjtncks@gmail.com> Signed-off-by: Petr Štetiar <ynezz@true.cz> [formal fixes]
(cherry picked from commit 920414ca8848fe1b430e436207b4f8c927819368)
(cherry picked from commit b5c728948c976f0614c85aa5418af3a44424b511)
David Bauer [Thu, 11 Jan 2024 12:05:39 +0000 (13:05 +0100)]
ath79: read back reset register
Read back the reset register in order to flush the cache. This fixes
spurious reboot hangs on TP-Link TL-WDR3600 and TL-WDR4300 with Zentel
DRAM chips.
This issue was fixed in the past, but switching to the reset-driver
specific implementation removed the cache barrier which was previously
implicitly added by reading back the register in question.
Lech Perczak [Fri, 15 Dec 2023 16:25:05 +0000 (17:25 +0100)]
raimps: mtk_eth_soc: drop rst_esw from ESW driver
The ESW core needs to be reset together with FE core, so after the
relevant reset controller lines are moved under FE, drop rst_esw and all
related code, which would not execute anyway, because rst_esw would be
NULL. While at that, ensure that if reset line for EPHY cannot be
claimed, a proper error message is reported.
Fixes: 60fadae62b64 ("ramips: ethernet: ralink: move reset of the esw into the esw instead of fe") Co-developed-by: Maxim Anisimov <maxim.anisimov.ua@gmail.com> Signed-off-by: Maxim Anisimov <maxim.anisimov.ua@gmail.com>
[Split out of the bigger commit, provide commit mesage, refactor error
handling] Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit f393ffcac163926bf9dbbda47c25cc7809952609) Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
Maxim Anisimov [Sun, 10 Dec 2023 15:40:39 +0000 (16:40 +0100)]
ramips: dts: mt7628an: reset FE and ESW cores together
Failing to do so will cause the DMA engine to not initialize properly
and fail to forward packets between them, and in some cases will cause
spurious transmission with size exceeding allowed packet size, causing a
kernel panic.
Fixes: 60fadae62b64 ("ramips: ethernet: ralink: move reset of the esw into the esw instead of fe") Signed-off-by: Maxim Anisimov <maxim.anisimov.ua@gmail.com>
[Provide commit description, split into logical changes] Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit f87b66507e9245e6e02dbc76e2e7b27c9e0bf364) Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
Lech Perczak [Mon, 11 Dec 2023 23:25:02 +0000 (00:25 +0100)]
ramips: dts: rt5350: reset FE and ESW cores together
Failing to do so will cause the DMA engine to not initialize properly
and fail to forward packets between them, and in some cases will cause
spurious transmission with size exceeding allowed packet size, causing a
kernel panic.
This is behaviour of downstream driver as well, however I
haven't observed bug reports about this SoC in the wild, so this
commit's purpose is to align this chip with all other SoC's - MT7620
were already using this arrangement.
Fixes: #9284 Fixes: 60fadae62b64 ("ramips: ethernet: ralink: move reset of the esw into the esw instead of fe") Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit fc92fecfc7ddf19bbfd7d1305a29c666f00543af) Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
Lech Perczak [Mon, 11 Dec 2023 23:22:04 +0000 (00:22 +0100)]
ramips: dts: rt3050: reset FE and ESW cores together
Failing to do so will cause the DMA engine to not initialize properly
and fail to forward packets between them, and in some cases will cause
spurious transmission with size exceeding allowed packet size, causing a
kernel panic.
This is behaviour of downstream driver as well, however I
haven't observed bug reports about this SoC in the wild, so this
commit's purpose is to align this chip with all other SoC's - MT7620
were already using this arrangement.
Fixes: 60fadae62b64 ("ramips: ethernet: ralink: move reset of the esw into the esw instead of fe") Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit c5a399f372535886582f89f3da624ae7465c8ff4) Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
Maxim Anisimov [Fri, 8 Dec 2023 05:34:30 +0000 (08:34 +0300)]
ramips: dts: rt3352: reset FE and ESW cores together
Failing to do so will cause the DMA engine to not initialize properly
and fail to forward packets between them, and in some cases will cause
spurious transmission with size exceeding allowed packet size, causing a
kernel panic.
Fixes: 60fadae62b64 ("ramips: ethernet: ralink: move reset of the esw into the esw instead of fe") Signed-off-by: Maxim Anisimov <maxim.anisimov.ua@gmail.com>
[Provide commit description, split into logical changes] Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit 8d75b1de0ff7b9e9e0138f822a5475bb8ad7fedf) Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
Lech Perczak [Fri, 15 Dec 2023 16:15:47 +0000 (17:15 +0100)]
ramips: mtk_eth_soc: allow multiple resets
Use devm_reset_control_array_get_exclusive to register multiple
reset lines in FE driver. This is required to reattach ESW reset to FE
driver again, based on device tree bindings.
While at that, remove unused fe_priv.rst_ppe field, and add error
message if getting the reset fails.
Fixes: 60fadae62b64 ("ramips: ethernet: ralink: move reset of the esw into the esw instead of fe") Co-developed-by: Maxim Anisimov <maxim.anisimov.ua@gmail.com> Signed-off-by: Maxim Anisimov <maxim.anisimov.ua@gmail.com>
[Split out of the bigger commit, provide commit mesage, refactor error
handling] Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit 3f1be8edee29fe79fc33c88cbd9d647a490410e5) Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
Flash by the native uploader in 2 stages:
1. Use the native uploader to flash an initramfs image. Choose
openwrt-ramips-mt7620-snr_cpe-w4n-mt-initramfs-kernel.bin file by
"Administration/Management/Firmware update/Choose File" in vendor's
web interface (ip: 192.168.1.10, login: Admin, password: Admin).
Wait ~160 seconds.
2. Flash a sysupgrade image via the initramfs image. Choose
openwrt-ramips-mt7620-snr_cpe-w4n-mt-squashfs-sysupgrade.bin
file by "System/Backup/Flash Firmware/Flash image..." in
LuCI web interface (ip: 192.168.1.1, login: root, no password).
Wait ~240 seconds.
Flash by U-Boot TFTP method:
1. Configure your PC with IP 192.168.1.131
2. Set up TFTP server and put the
openwrt-ramips-mt7620-snr_cpe-w4n-mt-squashfs-sysupgrade.bin
image on your PC
3. Connect serial port (57600 8N1) and turn on the router.
Then interrupt "U-Boot Boot Menu" by hitting 2 key (select "2:
Load system code then write to Flash via TFTP.").
Press Y key when show "Warning!! Erase Linux in Flash then burn
new one. Are you sure? (Y/N)"
Input device IP (192.168.1.1) ==:192.168.1.1
Input server IP (192.168.1.131) ==:192.168.1.131
Input Linux Kernel filename () ==:
openwrt-ramips-mt7620-snr_cpe-w4n-mt-squashfs-sysupgrade.bin
3. Wait ~120 seconds to complete flashing
Hauke Mehrtens [Sat, 7 Oct 2023 19:07:20 +0000 (21:07 +0200)]
bsdiff: Add patches for CVEs
Add two patches from Debian fixing CVEs in the bsdiff application.
CVE-2014-9862: Heap vulnerability in bspatch
CVE-2020-14315: Memory Corruption Vulnerability in bspatch
Copied the patches from this location:
https://salsa.debian.org/debian/bsdiff/-/blob/debian/latest/debian/patches/20-CVE-2014-9862.patch
https://salsa.debian.org/debian/bsdiff/-/blob/debian/latest/debian/patches/33-CVE-2020-14315.patch
Changes: 9dc0800 wireless-regdb: Update regulatory rules for Philippines (PH) 111ba89 wireless-regdb: Update regulatory rules for Egypt (EG) from March 2022 guidelines ae1421f wireless-regdb: Update regulatory info for Türkiye (TR) 20e5b73 wireless-regdb: Update regulatory rules for Australia (AU) for June 2023 991b1ef wireless-regdb: update regulatory database based on preceding changes
ath79: image: allow changing kernel option in mkubntimage
Backport didn't include changes to mkubntimage invocation, which allowed
to pass arguments. This in result produces broken routerstation factory
images, which have kernel embedded as kernel partition instead of LZMA
loader.
Fixes: #13260 Fixes: 8e09f9ffc3cc ("ath79: switch some RedBoot based devices to OKLI loader") Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
scripts/getver.sh: prevent asking for negative rev-parse
With the case of asking an invalid version that is too big, getver.sh
might return an invalid output in the form of HEAD~-2260475641.
This is caused by BASE_REV - GET_REV using a negative number.
Prevent this by checking if BASE_REV - GET_REV actually return 0 or a
positive number and set REV variable accordingly. With the following
change, invalid revision number will result in unknown printed instead
of the invalid HEAD~-NUMBERS output.
Jeffery To [Wed, 31 May 2023 13:58:34 +0000 (21:58 +0800)]
build: export GIT_CEILING_DIRECTORIES for package builds
A package may run git as part of its build process, and if the package
source code is not from a git checkout, then git may traverse up the
directory tree to find buildroot's repository directory (.git).
For instance, Poetry Core, a Python build backend, will read the
contents of .gitignore for paths to exclude when creating a Python
package. If it finds buildroot's .gitignore file, then Poetry Core will
exclude all of the package's files[1].
This exports GIT_CEILING_DIRECTORIES for both package and host builds so
that git will not traverse beyond $(BUILD_DIR)/$(BUILD_DIR_HOST).
If the vla parameter has a const specifier, the compiler will warn about
mismatched bounds:
$ cat mwe.c
extern void mwe(const int len, char buf[len]);
void mwe(const int len, char buf[len]) {}
$ make CFLAGS=-Wvla-parameter mwe.o
cc -Wvla-parameter -c -o mwe.o mwe.c
mwe.c:2:30: warning: argument 2 of type ‘char[len]’ declared with mismatched bound ‘len’ [-Wvla-parameter]
2 | void mwe(const int len, char buf[len]) {}
| ~~~~~^~~~~~~~
mwe.c:1:37: note: previously declared as ‘char[len]’ with bound ‘len’
1 | extern void mwe(const int len, char buf[len]);
| ~~~~~^~~~~~~~
On some code bases it might result in a lot of false positive warnings,
which can indeed be easily disabled, but on the other this workaround
might hide some real issues, so lets rather fix the compiler and make it
more reliable.
Shiji Yang [Fri, 14 Jul 2023 15:09:55 +0000 (23:09 +0800)]
ath79: increase the rfkill debounce interval for TP-Link Archer C7 v2
Due to circuit issue or silicon defect, sometimes the WiFi switch button
of the Archer C7 v2 can be accidentally triggered multiple times in one
second. This will cause WiFi to be unexpectedly shut down and trigger
'irq 23: nobody cared'[1] warning. Increasing the key debounce interval
to 1000 ms can fix this issue. This patch also add the missing rfkill
key label.
So far every build of a single bcm53xx Target Profile (it means: when
NOT using CONFIG_TARGET_MULTI_PROFILE) resulted in all target devices
images being built. Now it only builds the one matching selected
profile.
Fixes: #13572 Suggested-by: Jonas Gorski <jonas.gorski@gmail.com> Signed-off-by: Rani Hod <rani.hod@gmail.com>
[rmilecki: update commit subject + body & move PROFILES line] Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 802a5f5cb4a7b42d25e82b787d7ab1323a20183f)
Arınç ÜNAL [Thu, 10 Aug 2023 12:23:09 +0000 (15:23 +0300)]
bcm53xx: add support for ASUS RT-AC3100
ASUS RT-AC3100 is ASUS RT-AC88U without the external switch.
OpenWrt forum users effortless and ktmakwana have confirmed that there are
revisions with either 4366b1 or 4366c0 wireless chips.
Therefore, include firmware for 4366b1 along with 4366c0. This way, all
hardware revisions of the router will be supported by having brcmfmac use
the firmware file for the wireless chip it detects.
ipq40xx: switch to performance governor by default
Doing a simple ping to my device shows this:
64 bytes from 10.0.253.101: icmp_seq=1 ttl=64 time=2.00 ms
64 bytes from 10.0.253.101: icmp_seq=2 ttl=64 time=2.02 ms
64 bytes from 10.0.253.101: icmp_seq=3 ttl=64 time=1.68 ms
64 bytes from 10.0.253.101: icmp_seq=4 ttl=64 time=1.91 ms
64 bytes from 10.0.253.101: icmp_seq=5 ttl=64 time=1.92 ms
64 bytes from 10.0.253.101: icmp_seq=6 ttl=64 time=2.04 ms
Some users even report higher values on older kernels:
64 bytes from 192.168.1.10: seq=0 ttl=64 time=0.612 ms
64 bytes from 192.168.1.10: seq=1 ttl=64 time=2.852 ms
64 bytes from 192.168.1.10: seq=2 ttl=64 time=2.719 ms
64 bytes from 192.168.1.10: seq=3 ttl=64 time=2.741 ms
64 bytes from 192.168.1.10: seq=4 ttl=64 time=2.808 ms
The problem is that the governor is set to Ondemand, which causes
the CPU to clock all the way down to 48MHz in some cases.
Switching to performance governor:
64 bytes from 10.0.253.101: icmp_seq=1 ttl=64 time=0.528 ms
64 bytes from 10.0.253.101: icmp_seq=2 ttl=64 time=0.561 ms
64 bytes from 10.0.253.101: icmp_seq=3 ttl=64 time=0.633 ms
64 bytes from 10.0.253.101: icmp_seq=4 ttl=64 time=0.526 ms
In theory, using the Performance governor should increase power draw,
but it looks like it really does not matter for this soc.
Using a calibrated precision DC power supply (cpu idle):
Hauke Mehrtens [Sat, 7 Oct 2023 10:34:24 +0000 (12:34 +0200)]
toolchain: Update glibc 2.34 to recent HEAD
This adds the following changes: 42eb735a5d Use LFS and 64 bit time for installed programs (BZ #15333) d910ba48f4 nis: Build libnsl with 64 bit time_t 01c0a0405c nscd: Use 64 bit time_t on libc nscd routines (BZ# 29402) e14a91e59d time: Use 64 bit time on tzfile d0e2ac0c59 elf/tst-tlsopt-powerpc fails when compiled with -mcpu=power10 (BZ# 29776) 71d4fe94a1 time: Set daylight to 1 for matching DST/offset change (bug 29951) bbe4bbb6e8 elf: Drop elf/tls-macros.h in favor of __thread and tls_model attributes [BZ #28152] [BZ #28205] d36f457870 intl: Avoid -Wuse-after-free [BZ #26779] 92d5c52aaa resolv: Avoid GCC 12 false positive warning [BZ #28439]. 26c7c6bac9 Fix stdlib/tst-setcontext.c for GCC 12 -Warray-compare 6ff61a5145 Fix stdio-common tests for GCC 12 -Waddress 803c959745 Fix build of nptl/tst-thread_local1.cc with GCC 12 88b3228d9f Avoid -Wuse-after-free in tests [BZ #26779]. dd0c72fb46 Regenerate ulps on x86_64 with GCC 12 80b24b8654 math: Properly cast X_TLOSS to float [BZ #28713] c5c666f349 s_sincosf.h: Change pio4 type to float [BZ #28713] 6484ae5b8c malloc: Fix -Wuse-after-free warning in tst-mallocalign1 [BZ #26779] c5c792092b cdefs: Limit definition of fortification macros 0b962177ee Use 64-bit time_t interfaces in strftime and strptime (bug 30053) 48059f2b21 Fix NEWS bug entry for 0b962177ee3b45cf775176eb454fcf6aa1b0f6e3 11ad405fd4 elf: Fix 64 time_t support for installed statically binaries 2d7550e6cf elf: Smoke-test ldconfig -p against system /etc/ld.so.cache 16c6a89c17 stdlib: Undo post review change to 16adc58e73f3 [BZ #27749] 89c017de2f x86: Check minimum/maximum of non_temporal_threshold [BZ #29953] 6a0d56b009 gshadow: Matching sgetsgent, sgetsgent_r ERANGE handling (bug 30151) 71eb9cc1ff x86_64: Fix asm constraints in feraiseexcept (bug 30305) 567f7413fb posix: Fix system blocks SIGCHLD erroneously [BZ #30163] 8e1a8e04b1 gmon: Fix allocated buffer overflow (bug 29444) 4dd89b2a8f gmon: improve mcount overflow handling [BZ# 27576] f1b15d2005 gmon: fix memory corruption issues [BZ# 30101] 0ea8174d62 gmon: Revert addition of tunables to preserve GLIBC_PRIVATE ABI 1cd6626a89 __check_pf: Add a cancellation cleanup handler [BZ #20975] cad3adf4dd Document BZ #20975 fix 23ee92deea debug: Mark libSegFault.so as NODELETE c8c0aac68f x86: Increase `non_temporal_threshold` to roughly `sizeof_L3 / 4` 521afc9637 x86: Fix slight bug in `shared_per_thread` cache size calculation. a07ab67a88 x86: Use `3/4*sizeof(per-thread-L3)` as low bound for NT threshold. 7a6b1f06e7 x86: Fix incorrect scope of setting `shared_per_thread` [BZ# 30745] 228cdb00a0 Simplify allocations and fix merge and continue actions [BZ #28931] 51948fdf0f nss: Sort tests and tests-container and put one test per line 01671608a3 gethosts: Remove unused argument _type b195fd86c6 gaih_inet: Simplify canon name resolution f7efb43738 getaddrinfo: Fix leak with AI_ALL [BZ #28852] e05e5889b8 gaih_inet: Simplify service resolution 922f2614d6 gaih_inet: make numeric lookup a separate routine 3b5a3e5009 gaih_inet: Split simple gethostbyname into its own function 5914a1d55b gaih_inet: Split nscd lookup code into its own function. ec71cb9611 gaih_inet: separate nss lookup loop into its own function 4d59769087 gaih_inet: make gethosts into a function 6e3fed9d20 gaih_inet: split loopback lookup into its own function 92478a808f gaih_inet: Split result generation into its own function cc4544ef80 gethosts: Return EAI_MEMORY on allocation failure e09ee267c0 getaddrinfo: Fix use after free in getcanonname (CVE-2023-4806) 8006457ab7 Fix leak in getaddrinfo introduced by the fix for CVE-2023-4806 [BZ #30843] c3b99f8328 Document CVE-2023-4806 and CVE-2023-5156 in NEWS dcc367f148 tunables: Terminate if end of input is reached (CVE-2023-4911)
On some WLR-7100 routers, significant packet loss was observed. This is
fixed by configuring a delay on the GMAC0 RXD and RXDV lines.
The values used in this commit are copied from the values used by the
stock firmare (based on register dumping).
Out of four test routers, the problem was consistently observed on two.
It is unclear what the relevant difference is exactly (the two working
routers were v1 001 with AR1022 and v1 002 with AR9342, the two broken
routers were both v1 002 with AR1022). All PCB routing also seems
identical, so maybe there is some stray capacitance on some of these
that adds just enough delay or so...
With this change, the packet loss disappears on the broken routers,
without introducing new packet loss on the previously working routers.
Note that the PHY *also* has delays enabled (through
`qca,ar8327-initvals`) on both RX and TX lines, but apparently that is
not enough, or it is not effective (registers have been verified to be
written).
For detailed discussion of this issue and debug history, see
https://forum.openwrt.org/t/sitecom-wlr-7100-development-progress/79641
Jonas Gorski [Sat, 9 Sep 2023 10:44:42 +0000 (12:44 +0200)]
x86: geode: fix hwrng register accesses
When the membase and pci_dev pointer were moved to a new struct in priv,
the actual membase users were left untouched, and they started reading
out arbitrary memory behind the struct instead of registers. This
unfortunately turned the RNG into a constant number generator, depending
on the content of what was at that offset.
To fix this, update geode_rng_data_{read,present}() to also get the
membase via amd_geode_priv, and properly read from the right addresses
again.
Closes #13417.
Reported-by: Timur I. Davletshin <timur.davletshin@gmail.com> Tested-by: Timur I. Davletshin <timur.davletshin@gmail.com> Suggested-by: Jo-Philipp Wich <jo@mein.io> Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
(cherry picked from commit 09d13cd8d87cc50fde67bbe81c6cca4b799b2724)
What's interesting about jitterentropy-rngd v1.2.0 release is that it
bumps its copy of jitterentropy-library from v2.2.0 to the v3.0.0. That
bump includes a relevant commit 3130cd9 ("replace LSFR with SHA-3 256").
When initializing entropy jent calculates time delta. Time values are
obtained using clock_gettime() + CLOCK_REALTIME. There is no guarantee
from CLOCK_REALTIME of unique values and slow devices often return
duplicated ones.
A switch from jent_lfsr_time() to jent_hash_time() resulted in many less
cases of zero delta and avoids ECOARSETIME.
Long story short: on some system this fixes:
[ 6.722725] urngd: jent-rng init failed, err: 2
This is important change for BCM53573 which doesn't include hwrng and
seems to have arch_timer running at 36,8 Hz.
This only fixes minor problems.
Changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.3
The 100-fix-compile.patch patch was merged upstream, see:
https://github.com/Mbed-TLS/mbedtls/issues/6243
https://github.com/Mbed-TLS/mbedtls/pull/7013
The code style of all files in mbedtls 2.28.3 was changed. I took a new
version of the 100-x509-crt-verify-SAN-iPAddress.patch patch from this
pull request: https://github.com/Mbed-TLS/mbedtls/pull/6475
Adam Bailey [Tue, 4 Jul 2023 01:16:14 +0000 (20:16 -0500)]
lua: fix integer overflow in LNUM patch
Safely detect integer overflow in try_addint() and try_subint().
Old code relied on undefined behavior, and recent versions of GCC on x86
optimized away the if-statements.
This caused integer overflow in Lua code instead of falling back to
floating-point numbers.
At least Fedora and RHEL 9 set RSAMinSize=2048, so when trying to use
failsafe, we get 'Bad server host key: Invalid key length'
To workaround the issue, we can use: ssh -o RSAMinSize=1024 ...
Generating 2048 bits RSA is extremely slow, so add ed25519.
We keep RSA 1024 to be as compatible as possible.
projects / thirdparty / openwrt.git / log
