aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* kernel: Update to version 4.4.194Hauke Mehrtens2019-09-2240-81/+82
| | | | | | Compile and runtime tested on lantiq. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* openssl: bump to 1.0.2t, Makefile updatesEneas U de Queiroz2019-09-202-8/+10
| | | | | | | | | | | | | | This version fixes 3 low-severity vulnerabilities: - CVE-2019-1547: ECDSA remote timing attack - CVE-2019-1549: Fork Protection - CVE-2019-1563: Padding Oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey Patches were refreshed, PKG_SOURCE_URL was updated to match openwrt-18.06, and Eneas U de Queiroz added as maintainer. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* mac80211: brcmfmac: backport more kernel 5.4 changesRafał Miłecki2019-09-098-10/+284
| | | | | | | | Patch getting RAM info got upstreamed. A debugging fs entry for testing reset feature was added. Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit 681acdcc54d2e59135bb706c38bed942f74ccf74)
* packages: apply usign padding workarounds to package indexes if neededJo-Philipp Wich2019-08-071-2/+6
| | | | | | | | | | | | | | | Since usign miscalculates SHA-512 digests for input sizes of exactly 64 + N * 128 + 110 or 64 + N * 128 + 111 bytes, we need to apply some white space padding to avoid triggering the hashing edge case. While usign itself has been fixed already, there is still many firmwares in the wild which use broken usign versions to verify current package indexes so we'll need to carry this workaround in the forseeable future. Ref: https://forum.openwrt.org/t/signature-check-failed/41945 Ref: https://git.openwrt.org/5a52b379902471cef495687547c7b568142f66d2 Signed-off-by: Jo-Philipp Wich <jo@mein.io> (backported from commit e1f588e446c7ceb696b644b37aeab9b3476e2a57)
* usign: update to latest Git HEADJo-Philipp Wich2019-08-061-4/+4
| | | | | | | | | | | | | | | This update fixes usign signature verification on files with certain file sizes triggering a bug in the shipped SHA-512 implementation. 5a52b37 sha512: fix bad hardcoded constant in sha512_final() 3e6648b README: replace unicode character 716c3f2 README: add reference to OpenBSD signify 86d3668 README: provide reference for ed25519 algorithm 939ec35 usign: main.c: describe necessary arguments for -G Ref: https://forum.openwrt.org/t/signature-check-failed/41945 Signed-off-by: Jo-Philipp Wich <jo@mein.io> (backported from commit 991dd5a89340367920315a3fd0390a7423e6b34a)
* mac80211: brcm: improve brcmfmac debugging of firmware crashesRafał Miłecki2019-07-282-1/+39
| | | | | | | This provides a complete console messages dump. Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit f51e2d031e8125632487d2a0f56b9fa31b71e54f)
* mac80211: brcm: update brcmfmac 5.4 patchesRafał Miłecki2019-07-2811-25/+33
| | | | | | | Use commits from wireless-drivers-next.git. Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit 95745e26b319c630a49d2b8284f8afeaa30506da)
* mac80211: brcmfmac: backport fixes from kernel 5.4Rafał Miłecki2019-07-2211-2/+511
| | | | | | | | | | This fixes: 1) Crash during USB disconnect 2) Crash in brcmf_txfinalize() on rmmod with packets queued 3) Some errors in exit path Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit 8231f67218e584be61d32b24bd17cc55e500638c)
* mac80211: brcmfmac: backport previously skipped USB fixesRafał Miłecki2019-07-223-1/+342
| | | | | | They were skipped due to missing BCDC patches that are backported now. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* mac80211: brcmfmac: backport BCDC layer changes from kernel 4.12Rafał Miłecki2019-07-2243-147/+1390
| | | | | | | | Those changes are needed for backporting more recent crash fixes. There are quite many BCDC patches but it's hopefully a very well tested code by now. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* mac80211: brcmfmac: rename v4.12 patches to allow more backportsRafał Miłecki2019-07-228-0/+0
| | | | Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* kernel: Update to version 4.4.184Hauke Mehrtens2019-06-2811-64/+21
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* LEDE v17.01.7: revert to branch defaultsJo-Philipp Wich2019-06-215-11/+9
| | | | Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* LEDE v17.01.7: adjust config defaultsv17.01.7Jo-Philipp Wich2019-06-215-9/+11
| | | | Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* perf: Fix build on aarch64Hauke Mehrtens2019-06-202-2/+2
| | | | | | | Somehow perf depended on libunwind, and libunwind also builds on aarch64. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: Reorder kernel configurationHauke Mehrtens2019-06-201-11/+11
| | | | | | | The following command was run on the configuration: ./scripts/kconfig.pl target/linux/generic/config-4.4 > target/linux/generic/config-4.4-new Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* layerscape: Adapt patch to changes in upstream kernelHauke Mehrtens2019-06-201-2/+9
| | | | | | | | | | | | | | | | | | | | | | | | | In kernel v4.4.179 the structure of the scripts/mod/file2alias.c file changed, this adapts the patch to the changes done in the stable kernel. This fixes the following compile problem: HOSTCC scripts/mod/file2alias.o scripts/mod/file2alias.c:1199:17: error: expected declaration specifiers or '...' before string constant ADD_TO_DEVTABLE("fslmc", fsl_mc_device_id, do_fsl_mc_entry); ^ scripts/mod/file2alias.c:1199:26: error: unknown type name 'fsl_mc_device_id' ADD_TO_DEVTABLE("fslmc", fsl_mc_device_id, do_fsl_mc_entry); ^ scripts/mod/file2alias.c:1199:44: error: expected declaration specifiers or '...' before 'do_fsl_mc_entry' ADD_TO_DEVTABLE("fslmc", fsl_mc_device_id, do_fsl_mc_entry); ^ scripts/mod/file2alias.c:1190:12: warning: 'do_fsl_mc_entry' defined but not used [-Wunused-function] static int do_fsl_mc_entry(const char *filename, void *symval, ^ SHIPPED scripts/dtc/dtc-parser.tab.h Fixes: 6c5c3a2edccf ("kernel: Update to version 4.4.182") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* apm821xx: Revert upstream fix which breaks compileHauke Mehrtens2019-06-201-0/+43
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts a commit added in kernel v4.4.179 which breaks compilation on the apm821xx target. This fixes the following compile problem: drivers/crypto/amcc/crypto4xx_core.c: In function 'crypto4xx_ablkcipher_done': drivers/crypto/amcc/crypto4xx_core.c:650:21: warning: dereferencing 'void *' pointer if (pd_uinfo->sa_va->sa_command_0.bf.save_iv == SA_SAVE_IV) { ^ drivers/crypto/amcc/crypto4xx_core.c:650:21: error: request for member 'sa_command_0' in something not a structure or union drivers/crypto/amcc/crypto4xx_core.c:651:38: error: implicit declaration of function 'crypto_skcipher_reqtfm' [-Werror=implicit-function-declaration] struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req); ^ drivers/crypto/amcc/crypto4xx_core.c:651:61: error: 'req' undeclared (first use in this function) struct crypto_skcipher *skcipher = crypto_skcipher_reqtfm(req); ^ drivers/crypto/amcc/crypto4xx_core.c:651:61: note: each undeclared identifier is reported only once for each function it appears in drivers/crypto/amcc/crypto4xx_core.c:653:3: error: implicit declaration of function 'crypto4xx_memcpy_from_le32' [-Werror=implicit-function-declaration] crypto4xx_memcpy_from_le32((u32 *)req->iv, ^ drivers/crypto/amcc/crypto4xx_core.c:654:19: warning: dereferencing 'void *' pointer pd_uinfo->sr_va->save_iv, ^ drivers/crypto/amcc/crypto4xx_core.c:654:19: error: request for member 'save_iv' in something not a structure or union drivers/crypto/amcc/crypto4xx_core.c:655:4: error: implicit declaration of function 'crypto_skcipher_ivsize' [-Werror=implicit-function-declaration] crypto_skcipher_ivsize(skcipher)); ^ cc1: some warnings being treated as errors Fixes: 6c5c3a2edccf ("kernel: Update to version 4.4.182") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* brcm2708: Adapt patches to kernel updateHauke Mehrtens2019-06-201-6/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | In kernel 4.4.182 get_user_pages() does not get the write and force parameter any more, but one flags parameter with WRITE and FORCE attributes. This adapts the patches to use the changed API and fixes the compile problems with the brcm2708 target. This fixes the following compile problem: drivers/misc/vc04_services/interface/vchiq_arm/vchiq_arm.c: In function 'dump_phys_mem': drivers/misc/vc04_services/interface/vchiq_arm/vchiq_arm.c:1501:3: warning: passing argument 7 of 'get_user_pages' from incompatible pointer type [-Wincompatible-pointer-types] pages, /* pages (array of page pointers) */ ^ In file included from drivers/misc/vc04_services/interface/vchiq_arm/vchiq_arm.c:42:0: include/linux/mm.h:1200:6: note: expected 'struct vm_area_struct **' but argument is of type 'struct page **' long get_user_pages(struct task_struct *tsk, struct mm_struct *mm, ^ drivers/misc/vc04_services/interface/vchiq_arm/vchiq_arm.c:1495:7: error: too many arguments to function 'get_user_pages' rc = get_user_pages(current, /* task */ ^ In file included from drivers/misc/vc04_services/interface/vchiq_arm/vchiq_arm.c:42:0: include/linux/mm.h:1200:6: note: declared here long get_user_pages(struct task_struct *tsk, struct mm_struct *mm, ^ scripts/Makefile.build:277: recipe for target 'drivers/misc/vc04_services/interface/vchiq_arm/vchiq_arm.o' failed Fixes: 6c5c3a2edccf ("kernel: Update to version 4.4.182") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: Add CONFIG_RTC to generic configHauke Mehrtens2019-06-203-4/+2
| | | | | | | | | | | | | | | | | | | | | RTC (the legacy driver) should not really be used, but seems to crop up after the kernel update. Fix this by disabling it in the generic config. Fixes the following build issue seen in arm64 or powerpc64: ARM JTAG DCC console (HVC_DCC) [N/y/?] n Virtio console (VIRTIO_CONSOLE) [N/m/y/?] n Enhanced Real Time Clock Support (legacy PC RTC driver) (RTC) [N/m/y/?] (NEW) aborted! Console input/output is redirected. Run 'make oldconfig' to update configuration. scripts/kconfig/Makefile:37: recipe for target 'silentoldconfig' failed This should fix the build on the arm64/generic and the layerscape/64b targets. Fixes: 6c5c3a2edccf ("kernel: Update to version 4.4.182") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mbedtls: update to version 2.7.10Hauke Mehrtens2019-06-183-30/+30
| | | | | | | This fixes multiple bugs and this security problem: * CVE-2018-19608 Local timing attack on RSA decryption Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: Update to version 4.4.182Hauke Mehrtens2019-06-1880-441/+264
| | | | | | | | | | | | | | | | | | | | | | | Fixes: - CVE-2019-11479 - CVE-2019-11478 - CVE-2019-11477 - CVE-2019-11833 - CVE-2019-11091 - CVE-2018-12126 - CVE-2018-12130 - CVE-2018-12127 - CVE-2019-3882 - CVE-2019-6974 - CVE-2019-3819 - CVE-2019-7221 - CVE-2019-7222 - CVE-2019-3701 - CVE-2018-19985 - CVE-2018-1120 And probably more Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mac80211: brcmfmac: backport important fixes from kernel 5.2Rafał Miłecki2019-06-169-2/+423
| | | | | | | | | | | 1) Crash/Oops fixes 2) One-line patch for BCM43456 support 3) Fix communication with some specific FullMAC firmwares 4) Potential fix for "Invalid packet id" errors 5) Important helper for reporting FullMAC firmware crashes Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit 2cd234d96bd772119363a77a35bffa6a4931613e)
* openssl: update to 1.0.2sEneas U de Queiroz2019-06-012-3/+3
| | | | | | | | This avoids CVE-2019-9498 and CVE-2019-9499 in hostapd Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com> Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [DMARC removal, refreshed patches]
* openssl: bump to 1.0.2rDaniel Bailey2019-04-202-6/+6
| | | | | | | | | | | This fixes the following security problems: 1.0.2r: * CVE-2019-1559: 0-byte record padding oracle Signed-off-by: Daniel Bailey <dbailey@datto.com> Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [fixed patch, refreshed patches]
* ca-certificates: update to version 20190110Josef Schlehofer2019-04-201-4/+3
| | | | | | | | | | | | - Tested on Turris MOX, OpenWrt master - Removed PKG_BUILD_DIR In build_dir there were two folders ca-certificates and ca-certificates-20190110 and it failed as files were in ca-certificates-20190110 Signed-off-by: Josef Schlehofer <josef.schlehofer@nic.cz> Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (cherry-picked from commit: f22c33b40cc7b542b3b31fa0d873d28d3a3482b5)
* ca-caertificates: remove myself as PKG_MAINTAINERChristian Schoenebeck2019-04-201-2/+2
| | | | | | | | remove myself as PKG_MAINTAINER Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com> Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (cherry-picked from commit: c89195eb25a4dfd093f9d0d3b3adac896bb471ad)
* ca-certificates: ca-bundle: add symlink for openssl default settingYousong Zhou2019-04-201-0/+2
| | | | | | | | | | | | OpenSSL defaults X509_CERT_FILE to /etc/ssl/cert.pem. This change is needed for wget-ssl and possibly others to work seamlessly with fresh ca-bundle installation Fixes openwrt/packages#6152 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com> Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (cherry-picked from commit: 191078e83d127f5ed9a38366d2edaac49f9333c5)
* ca-certificates: Update to Version 20180409Christian Schoenebeck2019-04-201-2/+2
| | | | | | | | ca-certificates: Update to Version 20180409 Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com> Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (cherry-picked from commit: 80cb5c5703d7778ee7390da1bcde4878a2349806)
* mac80211: brcmfmac: really add early fw crash recoveryRafał Miłecki2019-04-186-0/+271
| | | | | | | | | Previous commit backported USB fixes instead of firmware crash recovery patches. Fixes: eaef74279c8f ("mac80211: brcmfmac: early work on FullMAC firmware crash recovery") Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit 2d2e615dee0421e126af9d4ebd49a720e341e3af)
* mac80211: brcmfmac: early work on FullMAC firmware crash recoveryRafał Miłecki2019-04-186-0/+335
| | | | | Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit 02aed76968d60d254ab9d0d8768f0c54dbfc6d9d)
* kernel: fix refcnt leak in LED netdev trigger on interface renameRafał Miłecki2019-03-061-17/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | Renaming a netdev-trigger-tracked interface was resulting in an unbalanced dev_hold(). Example: > iw phy phy0 interface add foo type __ap > echo netdev > trigger > echo foo > device_name > ip link set foo name bar > iw dev bar del [ 237.355366] unregister_netdevice: waiting for bar to become free. Usage count = 1 [ 247.435362] unregister_netdevice: waiting for bar to become free. Usage count = 1 [ 257.545366] unregister_netdevice: waiting for bar to become free. Usage count = 1 Above problem was caused by trigger checking a dev->name which obviously changes after renaming an interface. It meant missing all further events including the NETDEV_UNREGISTER which is required for calling dev_put(). This change fixes that by: 1) Comparing device struct *address* for notification-filtering purposes 2) Dropping unneeded NETDEV_CHANGENAME code (no behavior change) Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit eea538204bb973d73d3bc3d38947d7f85214d486)
* mac80211: brcmfmac: backport 5.0 & 5.1 important changes/fixesRafał Miłecki2019-02-2619-8/+6625
| | | | | | | | | This backports the most important brcmfmac commits that: 1) Fix some bugs 2) Help debugging bugs Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit d32bbd747733de5daeb63a8f2c1307f612422f87)
* mac80211: brcmfmac: pick few 4.17 cleanups required for further fixesRafał Miłecki2019-02-259-7/+633
| | | | Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* mac80211: brcmfmac: fix a possible NULL pointer dereferenceRafał Miłecki2019-02-111-5/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes a possible crash in the brcmf_fw_request_nvram_done(): [ 31.687293] Backtrace: [ 31.689760] [<c004fb4c>] (__wake_up_common) from [<c004fc38>] (__wake_up_locked+0x1c/0x24) [ 31.698043] r10:c6794000 r9:00000009 r8:00000001 r7:bf54dda0 r6:a0000013 r5:c78e7d38 [ 31.705928] r4:c78e7d3c r3:00000000 [ 31.709528] [<c004fc1c>] (__wake_up_locked) from [<c00502a8>] (complete+0x3c/0x4c) [ 31.717148] [<c005026c>] (complete) from [<bf54590c>] (brcmf_fw_request_nvram_done+0x5c8/0x6a4 [brcmfmac]) [ 31.726818] r7:bf54dda0 r6:c6794000 r5:00001990 r4:c6782380 [ 31.732544] [<bf545344>] (brcmf_fw_request_nvram_done [brcmfmac]) from [<c0204e40>] (request_firmware_work_func+0x38/0x60) [ 31.743607] r10:00000008 r9:c6bdd700 r8:00000000 r7:c72c3cd8 r6:c67f4300 r5:c6bda300 [ 31.751493] r4:c67f4300 [ 31.754046] [<c0204e08>] (request_firmware_work_func) from [<c0034458>] (process_one_work+0x1e0/0x318) [ 31.763365] r4:c72c3cc0 [ 31.765913] [<c0034278>] (process_one_work) from [<c0035234>] (worker_thread+0x2f4/0x448) [ 31.774107] r10:00000008 r9:00000000 r8:c6bda314 r7:c72c3cd8 r6:c6bda300 r5:c6bda300 [ 31.781993] r4:c72c3cc0 [ 31.784545] [<c0034f40>] (worker_thread) from [<c003984c>] (kthread+0x100/0x114) [ 31.791949] r10:00000000 r9:00000000 r8:00000000 r7:c0034f40 r6:c72c3cc0 r5:00000000 [ 31.799836] r4:c735dc00 r3:c79ed540 [ 31.803438] [<c003974c>] (kthread) from [<c00097d0>] (ret_from_fork+0x14/0x24) [ 31.810672] r7:00000000 r6:00000000 r5:c003974c r4:c735dc00 [ 31.816378] Code: e5b53004 e1a07001 e1a06002 e243000c (e5934000) [ 31.822487] ---[ end trace a0ffbb07a810d503 ]--- Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit 83bcacb5215c21e1894fbe3d651d83948479ce91)
* openssl: bump to 1.0.2qSven Roederer2019-01-301-2/+2
| | | | | | | | | | This fixes the following security problems: * CVE-2018-5407: Microarchitecture timing vulnerability in ECC scalar multiplication * CVE-2018-0734: Timing vulnerability in DSA signature generation * Resolve a compatibility issue in EC_GROUP handling with the FIPS Object Module Signed-off-by: Sven Roederer <freifunk@it-solutions.geroedel.de> (backport of commit 989060478ae270885727d91c25b9b52b0f33743c)
* opkg: update to latest Git headJo-Philipp Wich2019-01-221-4/+4
| | | | | | | | | | | | | | | | | | | | | | | d217daf libopkg: fix replacelist parsing and writing 9dd9a07 libopkg: fix segmentation fault when traversing conflicts 34571ba libopkg: consider provided packages in pkg_vec_mark_if_matches() 18740e6 opkg_download: print error when fork() fails e3d7330 libopkg: don't print unresolved dependencies twice 3b417b9 opkg_download: decode file:/ URLs 71c27cb file_util: implement urldecode_path() d1fe095 file_util: consolidate hex/unhex routines ebdfc12 add opkg option http_timeout 9f003e3 opkg: encode archive filenames while constructing download URLs 73e6c81 file_util: implement urlencode_path() helper 468158f libopkg: fix SHA256 calculation for big endian system 4bd8601 pkg_parse: fix segfault when parsing descriptions with leading newlines 52fc006 pkg_alternatives: pass if the desired symlink already exists c668fce opkg: add --no-check-certificate argument 04e279e pkg_alternatives: use ERROR level for symlink failure 546bc72 pkg: alternatives support Signed-off-by: Jo-Philipp Wich <jo@mein.io> (backported from commit 1bd18f2b5cbf1c9c384e9725eff7804decf88c90)
* opkg: switch source url to git.openwrt.orgJo-Philipp Wich2019-01-221-2/+2
| | | | | | | | As LEDE is rebranding to OpenWrt now, adjust the Git source references accordingly. Signed-off-by: Jo-Philipp Wich <jo@mein.io> (backported from commit da95c9aa17814d691a7fed6e8297fb29c5600c27)
* opkg: drop argument from check_signature in opkg.confJonas Gorski2019-01-221-2/+2
| | | | | | | | | | | check_signature is a bool option and doesn't take any arguments. The presence of the 1 falsely suggests setting it to 0 disables the check, while the option actually needs to be removed or commented out to be disabled. So remove the argument to make it more clear. Fixes: beca028bd6bb ("build: add integration for managing opkg package feed keys") Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com> (backported from commit d3bf5ff9bc7b55b2a3dab93853b33a0cd2c4ca47)
* base-files: install missing /etc/iproute2/ematch_mapTony Ambardar2019-01-221-0/+8
| | | | | | | | | This file is needed to properly use the tc ematch modules present in kmod-sched-core and kmod-sched. It is a read-only index file of ematch methods used only by tc. Signed-off-by: Tony Ambardar <itugrok@yahoo.com> [cherry picked from commit 10a2ccb7fceef3a6dea4ece14e6141a807292d5f]
* base-files: fix postinstall uci-defaults removalTony Ambardar2019-01-221-4/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Commit 7f694582 introduced a bug where default_postinst() often fails to remove a uci-defaults script after application, leaving it to run again after a reboot. (Note: commit 7f694582 also introduced FS#1021, now fixed by 73c745f6) The subtle problem arises from the shell logical chain: [ -f "$i" ] && . "$i" && rm -f "$i" Most uci-defaults scripts contain a terminal 'exit 0' statement which, when sourced, results in the logic chain exiting before executing 'rm -f'. This was observed while testing upgrades of 'luci-app-sqm'. The solution is to wrap the shell sourcing in a subshell relative to the command 'rm -f': ( [ -f "$i" ] && . "$i" ) && rm -f "$i" Revert to using 'grep' to prefilter the list of entries from the control file, which yields the full path of uci-defaults scripts. This allows keeping the existence check, directory change and script sourcing inside the subshell, with the script removal correctly outside. This approach avoids adding a second subshell only around the "." (source) command. The change also preserves the fix FS#1021, since the full path is used to source the script, which is POSIX-portable irrespective of PATH variable or reference to the CWD. Run Tested on: LEDE 17.01.4 running ar71xx, while tracing installation of package luci-app-sqm with its associated /etc/uci-defaults/luci-sqm file. Signed-off-by: Tony Ambardar <itugrok@yahoo.com> (backported from 4097ab6a975902b170dd7f7ac6c8025e5f32ef8d)
* cns3xxx: use actual size reads for PCIeKoen Vandeputte2019-01-151-0/+51
| | | | | | | | | | | | | | | | | | | upstream commit 802b7c06adc7 ("ARM: cns3xxx: Convert PCI to use generic config accessors") reimplemented cns3xxx_pci_read_config() using pci_generic_config_read32(), which preserved the property of only doing 32-bit reads. It also replaced cns3xxx_pci_write_config() with pci_generic_config_write(), so it changed writes from always being 32 bits to being the actual size, which works just fine. Due to: - The documentation does not mention that only 32 bit access is allowed. - Writes are already executed using the actual size - Extensive testing shows that 8b, 16b and 32b reads work as intended It makes perfectly sense to also swap 32 bit reading in favor of actual size. Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* mac80211: brcmfmac: fix use-after-free & possible NULL pointer dereferenceRafał Miłecki2019-01-081-2/+2
| | | | | | | | | | | 1) Using fwctx variable after brcmf_fw_request_done() was executed meant accessing freed memory. 2) Using fwctx->completion for the wait_for_completion_timeout() call could reuslt in NULL pointer dereference on fw loading error or if brcmf_fw_request_done() was executed quickly enough. Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit 529c95cc15dc9fcc7709400cc921f2a3c03cd263)
* apm821xx: switch MX60(W)'s recovery images to multi-image methodChristian Lamparter2019-01-011-5/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In the past, the MX60(W)'s recovery images always had problems with the size restriction and never really worked without manual intervention. This patch reworks the initramfs, which allows the device to ease up on the impossible tight kernel size requirements for the initramfs image. This new initramfs can be loaded through the MX60(W) U-boot in the following way: => setenv bootargs console=ttyS0,$baudrate => tftpboot $meraki_loadaddr meraki_mx60-initramfs-kernel.bin [...] Load address: 0x800000 Loading: ################################################ [...] done [...] => bootm $fileaddr \## Booting kernel from Legacy Image at 00800000 ... ... For more information and the latest flashing guide: please visit the OpenWrt Wiki Page for the MX60(W): <https://openwrt.org/toh/meraki/mx60#flashing> Signed-off-by: Chris Blake <chrisrblake93@gmail.com> Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (cherry picked from commit 36c19c9f0be23ad327085aa762e95de638e19b4a)
* apm821xx: MBL: load kernel/dtb from SATA 0:1 firstFreddy Leitner2018-12-271-3/+3
| | | | | | | | | | | | | | | | | | | | | This remedies an issue with the MBL Duo if both disks are inserted and contain OpenWrt. kernel and dtb would be loaded from SATA 1:1 while rootfs (/dev/sda2) would be mounted on SATA 0:1. Such a mix&match would obviously only work if both OpenWrt versions/ builds are identical, and especially fail after sysupgrade upgraded the system disk on SATA 0:1. The fallback to SATA 1:1 needs to be kept for MBL Single (only has SATA 1:1) and MBL Duo with one disk inserted on SATA 1:1. To speed up booting in those cases, the unneccesarily doubled "sata init" will only be called once. (In theory it could be omitted completely since the on-flash boot script already initializes SATA to load the on-disk boot script.) Tested on MBL Duo (all possible combination of disks) and MBL Single Signed-off-by: Freddy Leitner <hello@square.wf>
* cns3xxx: fix writing to wrong PCI registersKoen Vandeputte2018-12-181-0/+79
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Originally, cns3xxx used it's own functions for mapping, reading and writing registers. Upstream commit 802b7c06adc7 ("ARM: cns3xxx: Convert PCI to use generic config accessors") removed the internal PCI config write function in favor of the generic one: cns3xxx_pci_write_config() --> pci_generic_config_write() cns3xxx_pci_write_config() expected aligned addresses, being produced by cns3xxx_pci_map_bus() while the generic one pci_generic_config_write() actually expects the real address as both the function and hardware are capable of byte-aligned writes. This currently leads to pci_generic_config_write() writing to the wrong registers on some ocasions. First issue seen due to this: - driver ath9k gets loaded - The driver wants to write value 0xA8 to register PCI_LATENCY_TIMER, located at 0x0D - cns3xxx_pci_map_bus() aligns the address to 0x0C - pci_generic_config_write() effectively writes 0xA8 into register 0x0C (CACHE_LINE_SIZE) This seems to cause some slight instability when certain PCI devices are used. Another issue example caused by this this is the PCI bus numbering, where the primary bus is higher than the secondary, which is impossible. Before: 00:00.0 PCI bridge: Cavium, Inc. Device 3400 (rev 01) (prog-if 00 [Normal decode]) Flags: bus master, fast devsel, latency 0, IRQ 255 Bus: primary=02, secondary=01, subordinate=ff, sec-latency=0 After fix: 00:00.0 PCI bridge: Cavium, Inc. Device 3400 (rev 01) (prog-if 00 [Normal decode]) Flags: bus master, fast devsel, latency 0, IRQ 255 Bus: primary=00, secondary=01, subordinate=02, sec-latency=0 And very likely some more .. Fix all by omitting the alignment being done in the mapping function. Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.4 to 4.4.167Koen Vandeputte2018-12-18100-938/+303
| | | | | | | | | | | | | | | | | | | | Refreshed all patches. Removed upstreamed: - 203-MIPS-ath79-fix-restart.patch - 330-Revert-MIPS-BCM47XX-Enable-74K-Core-ExternalSync-for.patch - 051-0001-ovl-rename-is_merge-to-is_lowest.patch - 051-0002-ovl-override-creds-with-the-ones-from-the-superblock.patch - 051-0005-ovl-proper-cleanup-of-workdir.patch Altered patches: - 201-extra_optimization.patch - 304-mips_disable_fpu.patch Compile-tested on: ar71xx, cns3xxx, imx6, mpc85xx Runtime-tested on: ar71xx, cns3xxx, imx6, mpc85xx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* rpcd: update to latest Git headJo-Philipp Wich2018-12-121-3/+3
| | | | | | | | | | | | | | | | 3aa81d0 file: access exec timeout via daemon ops structure 7235f34 plugin: store pointer to exec timeout value in the ops structure ccd7c0a treewide: rename exec_timeout to rpc_exec_timeout c79ef22 main: fix logic bug when not specifying a timeout option 2cc4b99 file: use global exec timeout instead of own hardcoded limit ecd1660 exec: increase maximum execution time to 120s 41333ab uci: tighten uci reorder operation error handling f91751b uci: tighten uci delete operation error handling c2c612b uci: tighten uci set operation error handling 948bb51 uci: tighten uci add operation error handling 51980c6 uci: reject invalid section and option names Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* procd: procd_send_signal use signal namesKevin Darbyshire-Bryant2018-12-112-1/+5
| | | | | | | | | | | | Usage documentation for 'procd_send_signal' states "The signal is SIGHUP by default, and must be specified by NAME." Make actual behaviour match the stated documented behaviour. https://wiki.openwrt.org/inbox/procd-init-scripts Suggested-by: Jo-Philip Wich <jow@mein.io> Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> (cherry picked from commit 37bb463daa21e2c97365c6543b2bfdfe673c5baa)
* rules.mk: fix syntax errorJo-Philipp Wich2018-11-291-1/+1
| | | | | | | | Fix broken assignment operator added in a previous commit. Fixes db73ec9f51 ("rules.mk: add INSTALL_SUID macro") Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit 1416b63dcbadbb5c11c2591b4513f5276b6dc744)