aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* kernel: bump 4.9 to 4.9.181Koen Vandeputte2019-06-129-16/+16
| | | | | | | | | Refreshed all patches. Compile-tested on: ar71xx Runtime-tested on: ar71xx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: re-add bridge allow reception on disabled portChen Minqiang2019-06-072-6/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The "bridge allow reception on disabled port" implementation was broken after these commits: b765f4be407c ("kernel: bump 4.14 to 4.14.114") 456f486b53a7 ("kernel: bump 4.9 to 4.9.171") This leads to issues when for example WDS is used, tied to a bridge: [ 96.503771] wlan1: send auth to d4:5f:25:eb:09:82 (try 1/3) [ 96.517956] wlan1: authenticated [ 96.526209] wlan1: associate with d4:5f:25:eb:09:82 (try 1/3) [ 97.086156] wlan1: associate with d4:5f:25:eb:09:82 (try 2/3) [ 97.200919] wlan1: RX AssocResp from d4:5f:25:eb:09:82 (capab=0x11 status=0 aid=1) [ 97.208706] wlan1: associated [ 101.312913] wlan1: deauthenticated from d4:5f:25:eb:09:82 (Reason: 2=PREV_AUTH_NOT_VALID) It seems upstream introduced a new patch, [1] so we have to reimplement these patches properly: target/linux/generic/pending-4.9/150-bridge_allow_receiption_on_disabled_port.patch target/linux/generic/pending-4.14/150-bridge_allow_receiption_on_disabled_port.patch [1] https://lkml.org/lkml/2019/4/24/1228 Fixes: b765f4be407c ("kernel: bump 4.14 to 4.14.114") Fixes: 456f486b53a7 ("kernel: bump 4.9 to 4.9.171") Signed-off-by: Chen Minqiang <ptpt52@gmail.com> [updated commit message and title] Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* rpcd: fix init script reload actionJo-Philipp Wich2019-06-062-6/+3
| | | | | | | | Drop the legacy start() and stop() procedures and define a proper reload signal action instead. Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit f664d560df8e59f8d368273990462bba85a09668)
* kernel: bump 4.14 to 4.14.123Koen Vandeputte2019-06-033-4/+4
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx, imx6 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.9 to 4.9.180Koen Vandeputte2019-06-031-2/+2
| | | | | | | | | Refreshed all patches. Compile-tested: ar71xx Runtime-tested: ar71xx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.122Koen Vandeputte2019-06-037-11/+11
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx, imx6 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.9 to 4.9.179Koen Vandeputte2019-06-034-8/+8
| | | | | | | | | Refreshed all patches. Compile-tested on: ar71xx Runtime-tested on: ar71xx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* apm821xx: backport accepted linux-crypto patchesChristian Lamparter2019-06-0110-0/+1149
| | | | | | | | | Rather than wait until the patches hit vanilla and get backported via the stable kernel, this patch patches the crypto4xx driver with the latest fixes from the upstream linux-crypto tree. Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* openssl: update to 1.0.2sEneas U de Queiroz2019-06-011-2/+2
| | | | | | | | | Highlights of this version: - Change default RSA, DSA and DH size to 2048 bit - Reject invalid EC point coordinates This avoids CVE-2019-9498 and CVE-2019-9499 in hostapd Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
* kernel: Fix arc kernel 4.14 buildHauke Mehrtens2019-05-301-10/+10
| | | | | | | | | This fixes a patch for the ARC architecture. This was found by the build bot. Fixes: 810ee3b84a2b ("kernel: bump 4.14 to 4.14.104") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* curl: Fix multiple security problemsHauke Mehrtens2019-05-308-1/+222
| | | | | | | | | | | | | This fixes the following security problems: * CVE-2018-14618: NTLM password overflow via integer overflow * CVE-2018-16839: SASL password overflow via integer overflow * CVE-2018-16840: use-after-free in handle close * CVE-2018-16842: warning message out-of-buffer read * CVE-2019-3823: SMTP end-of-response out-of-bounds read * CVE-2019-3822: NTLMv2 type-3 header stack buffer overflow * CVE-2018-16890: NTLM type-2 out-of-bounds buffer read Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mbedtls: update to version 2.16.1Hauke Mehrtens2019-05-304-37/+37
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: bump 4.14 to 4.14.121Koen Vandeputte2019-05-281-2/+2
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx, imx6 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.9 to 4.9.178Koen Vandeputte2019-05-281-2/+2
| | | | | | | | | Refreshed all patches. Compile-tested on: ar71xx Runtime-tested on: ar71xx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* uci: fix heap use after free (FS#2288)Hans Dedecker2019-05-231-3/+3
| | | | | | f199b96 uci: fix options list of section after type change Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* brcm63xx: drop linux,part-probe usage where possibleJonas Gorski2019-05-2387-180/+5
| | | | | | | | | | | | | It was present as 4.4 compatibility, but since we now use 4.9 or later with the new upstream solution, we don't need it anymore. This also fixes a serious regression introduced by ac9bcefa3b04, which changed the precedence of linux,part-probe and the new-type partitions node compatible string, causing caldata partitions to be overwritten. Fixes: ac9bcefa3b04 ("kernel: use V10 of mtd patchset adding support for "compatible" string") Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com> (cherry picked from commit 7880a6f7fee89efe9e5e4c707b59ba45f02e21cf)
* brcm63xx: drop own implementation of DT partitions in favour of upstreamJonas Gorski2019-05-234-320/+0
| | | | | | | The binding works the same, so we can just drop the revert and the patch. Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com> (cherry picked from commit abb28bec251a0b243dff87f87d09763792128349)
* kernel: bump 4.14 to 4.14.120Koen Vandeputte2019-05-2133-249/+249
| | | | | | | | | | | | | | Refreshed all patches. Altered patches: - 0067-generic-Mangle-bootloader-s-kernel-arguments.patch - 006-mvebu-Mangle-bootloader-s-kernel-arguments.patch - 996-generic-Mangle-bootloader-s-kernel-arguments.patch Compile-tested on: cns3xxx, imx6, mvebu Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.9 to 4.9.177Koen Vandeputte2019-05-214-6/+6
| | | | | | | | | Refreshed all patches. Compile-tested on: ar71xx Runtime-tested on: ar71xx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.119Koen Vandeputte2019-05-211-2/+2
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx, imx6, x86_64 Runtime-tested on: cns3xxx, imx6, x86_64 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.9 to 4.9.176Koen Vandeputte2019-05-211-2/+2
| | | | | | | | | Refreshed all patches. Compile-tested on: ar71xx Runtime-tested on: ar71xx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* ar71xx: Fix network setup for TP-Link Archer C25 v1Adrian Schmutzler2019-05-191-9/+9
| | | | | | | | | Network for the Archer C25 v1 is set up without switch for no obvious reason. The LED setup is even done switch-based. This patch changes network setup so a switch is created. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* kernel: Fix arc kernel buildHauke Mehrtens2019-05-171-10/+10
| | | | | | | | | This fixes a patch for the ARC architecture. This was found by the build bot. Fixes: 5183df0dbf5f ("kernel: bump 4.9 to 4.9.161") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* uboot-fritz4040: Add host flags for host compilerHauke Mehrtens2019-05-171-2/+2
| | | | | | | | | | | This adds the host staging directory to the include path to make it use the zlib.h files from the staging include directory and also link against the zlib version from the staging directory. This fixes a compile problem when the zlib header were not installed on the build host. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ramips: rt305x: Reduce size of a5-v11 imageHauke Mehrtens2019-05-171-1/+0
| | | | | | | | | | The root file system of the a5-v11 image was too big and broke the build, remove the USB modules from the default image to make it smaller. This should fix the build again. This was found by the build bot. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: bump 4.14 to 4.14.118Koen Vandeputte2019-05-157-11/+11
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx, imx6 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.9 to 4.9.175Koen Vandeputte2019-05-158-15/+15
| | | | | | | | | Refreshed all patches. Compile-tested on: ar71xx Runtime-tested on: ar71xx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.115Koen Vandeputte2019-05-061-2/+2
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx, imx6 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.9 to 4.9.172Koen Vandeputte2019-05-066-9/+9
| | | | | | | | | Refreshed all patches. Compile-tested on: ar71xx Runtime-tested on: ar71xx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.114Koen Vandeputte2019-05-0235-217/+148
| | | | | | | | | | | | | | | | Refreshed all patches. Altered patches: - 150-bridge_allow_receiption_on_disabled_port.patch - 201-extra_optimization.patch Remove upstreamed: - 022-0006-crypto-crypto4xx-properly-set-IV-after-de-and-encryp.patch Compile-tested on: cns3xxx, imx6 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.9 to 4.9.171Koen Vandeputte2019-05-028-177/+179
| | | | | | | | | | | | | Refreshed all patches. Altered patches: - 150-bridge_allow_receiption_on_disabled_port.patch - 201-extra_optimization.patch Compile-tested on: ar71xx Runtime-tested on: ar71xx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* Revert "uhttpd: disable concurrent requests by default"Jo-Philipp Wich2019-04-242-2/+2
| | | | | | | | | | | This reverts commit c6aa9ff38870a30dbe6da17e4edad6039fe10ddf. Further testing has revealed that we will need to allow concurrent requests after all, especially for situations where CGI processes initiate further HTTP requests to the local host. Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit f00a4ae6e0b1f7b3d84e11e8dc4dd562088584e0)
* tools/pkg-config: Handle variable substitution of 'bindir' to redirect to ↵Ted Hess2019-04-241-1/+1
| | | | | | | STAGING_DIR/bin Signed-off-by: Ted Hess <thess@kitschensync.net> (cherry picked from commit 042d68a19593ac796098845366a235f5465816da)
* tools/pkg-config: pass arguments at the endArthur Skowronek2019-04-241-1/+1
| | | | | | | | | | | | | | | | | | | Go for openwrt passes pkg-config arguments in the format of pkg-config --cflags -- pkg-name which in turn will be passed down to the real pkg-config as something like pkg-config.real --cflags -- pkg-name --define... and causes the real pkg-config implementation to missinterpret the given argument list. This also helps to fix https://github.com/golang/go/issues/27940 Signed-off-by: Arthur Skowronek <arthur.skowronek@tuta.io> (cherry picked from commit 5f2cb6d7dc9de24bec7b1139f8d785f0e7588eed)
* kernel: bump 4.14 to 4.14.113Koen Vandeputte2019-04-232-4/+4
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx, imx6 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.9 to 4.9.170Koen Vandeputte2019-04-233-8/+8
| | | | | | | | | Refreshed all patches. Compile-tested on: ar71xx Runtime-tested on: ar71xx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.112Koen Vandeputte2019-04-223-4/+5
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx, imx6 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.9 to 4.9.169Koen Vandeputte2019-04-225-5/+7
| | | | | | | | | | | | | Refreshed all patches. New symbols: - CONFIG_PPC_BARRIER_NOSPEC - CONFIG_LDISC_AUTOLOAD Compile-tested on: ar71xx Runtime-tested on: ar71xx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* ar71xx: GL.iNet AR300M family: correct LED definitionsAndreas Ziegler2019-04-222-8/+2
| | | | | | | | | remove USB as this is no LED but power control rename WiFi LED with correct color red (like in stock firmware) set middle LED to be used for LAN link/activity Signed-off-by: Andreas Ziegler <dev@andreas-ziegler.de> (cherry picked from commit 53c46b504c630e4c9c5a00bf644a69919bfc0c03)
* ca-certificates: update to version 20190110Josef Schlehofer2019-04-201-4/+3
| | | | | | | | | | | - Tested on Turris MOX, OpenWrt master - Removed PKG_BUILD_DIR In build_dir there were two folders ca-certificates and ca-certificates-20190110 and it failed as files were in ca-certificates-20190110 Signed-off-by: Josef Schlehofer <josef.schlehofer@nic.cz> (cherry picked from commit f22c33b40cc7b542b3b31fa0d873d28d3a3482b5)
* mac80211: brcmfmac: really add early fw crash recoveryRafał Miłecki2019-04-188-0/+605
| | | | | | | | Previous commit backported USB fixes instead of firmware crash recovery patches. Fixes: 02aed76968d6 ("mac80211: brcmfmac: early work on FullMAC firmware crash recovery") Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* mac80211: brcmfmac: early work on FullMAC firmware crash recoveryRafał Miłecki2019-04-186-0/+335
| | | | Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* lantiq: tdw89x0: Fix WLAN LED on TP-Link W8970 v1.2 (FS#2232)Petr Štetiar2019-04-171-0/+1
| | | | | | | | | | This patch fixes disfunctional WLAN LED on TP-Link W8970. The LED was reported working in the CC release[1], but doesn't work anymore in 18.06.2. 1. https://github.com/openwrt/chaos_calmer/commit/420cb24d41fcd650795f09d2b26e0e1d2cf21165 Tested-by: Damian Janarek <dzanar18@o2.pl> Signed-off-by: Petr Štetiar <ynezz@true.cz>
* ar71xx: Fix IMAGE_SIZE for TP-Link Archer C7 v5Adrian Schmutzler2019-04-111-1/+1
| | | | | | | | | | | | | | IMAGE_SIZE for C7v5 is wrong in openwrt-18.06, looks like it was just copied from C7v4. In master, this got fixed with the introduction of dynamic partitioning in https://github.com/openwrt/openwrt/commit/7c78be1b747eb0c8d64da67deb3a8aec75bd7b9c However, this is not connected to the changes introduced there, but also applies to the static partitioning in openwrt-18.06. It appears to be simply wrong at the moment ... Tested-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* ar71xx: Correct MAC address for WAN interface of Archer C7 v5Adrian Schmutzler2019-04-111-0/+4
| | | | | | | | | | | This device shares the network config with v4, thus the WAN MAC also needs to be fixed the same way. However, the partition where the MAC address resides has been changed. Backport of commit 93d23aced24c2e620461e1b0448d35be21f7e501 Tested-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* ar71xx: Add "info" partition for TP-Link Archer C7 v5Adrian Schmutzler2019-04-111-1/+1
| | | | | | | | | | | | | | | | This adds the "info" MTD partition, as it is specified in the ath79 DTS: https://github.com/openwrt/openwrt/blob/master/target/linux/ath79/dts/qca9563_tplink_archer-c7-v5.dts#L35 This is required to set the WAN MAC address, as it is build based on the LAN MAC address, which in turn has to be read from the "info" partition: https://github.com/openwrt/openwrt/blob/master/target/linux/ath79/dts/qca9563_tplink_archer-x7-v5.dtsi#L184 Backport of commit 9aa8f87d277bf2f666fa5bf90c5efd59dd044d54 Tested-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* ar71xx: Remove ath10k packages from archer-c7-v1 (fixes FS#1743)Aubrey McIntosh, PhD2019-04-111-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ath10k_pci driver crashes once loaded and causes boot loops on this device as 5GHz radio QCA9880-AR1A shipped with this router is broken. It's not possible to fix this problem in software, miniPCIe radio has to be replaced. We could've probably fixed crashing of the ath10k driver by reverting following upstream commit: commit 1a7fecb766c83dace747f42b25bbb544b00a0163 Author: Michal Kazior <michal.kazior@tieto.com> Date: Sat Jan 24 12:14:48 2015 +0200 ath10k: reset chip before reading chip_id in probe but it's not worth the effort as it wouldn't make that 5GHz radio usable anyway. So it seems more convenient to just remove the crashing driver and provide bootable images, as I believe, that a router that is working but degraded is better than a router that will not work. For details please see discussions in PR[1] and in FS#1743[2]. 1. https://github.com/openwrt/openwrt/pull/1349 2. https://bugs.openwrt.org/index.php?do=details&task_id=1743 Reviewed-by: Stefan Lippers-Hollmann <s.l-h@gmx.de> Signed-off-by: Aubrey McIntosh, PhD <aubrey.mcintosh@utexas.edu> [subject and commit message tweaks] Signed-off-by: Petr Štetiar <ynezz@true.cz>
* kernel: bump 4.14 to 4.14.111Koen Vandeputte2019-04-086-10/+10
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx, imx6 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.9 to 4.9.168Koen Vandeputte2019-04-084-8/+8
| | | | | | | | | Refreshed all patches. Compile-tested on: ar71xx Runtime-tested on: ar71xx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.110Koen Vandeputte2019-04-082-3/+3
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx, imx6, x86_64 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>