aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* ramips: rt3833: fix build breakagePetr Štetiar2019-11-151-1/+1
| | | | | | | | | | | | | Commit 60f41c6c9ef6 ("ramips: add usb-ledtrig-usbport to DEVICE_PACKAGES of CY-SWR1100") added stray | during backport which caused build breakage on the buildbots: bash: -c: line 0: syntax error near unexpected token `|' bash: -c: line 0: `echo kmod-usb-core kmod-usb-ledtrig-usbport kmod-usb-ohci kmod-usb2 swconfig | | mkhash md5 | head -c 8' Fixes: 60f41c6c9ef6 ("ramips: add usb-ledtrig-usbport to DEVICE_PACKAGES of CY-SWR1100") Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit a1ff175dbf807925a0bae537935455bd1aa44a98)
* ramips: add usb-ledtrig-usbport to DEVICE_PACKAGES of CY-SWR1100Sungbo Eo2019-11-141-1/+2
| | | | | | | | | | CY-SWR1100 has a USB LED but kmod-usb-ledtrig-usbport is missing in default images. This commit adds it. Signed-off-by: Sungbo Eo <mans0n@gorani.run> [changed commit title, backported to 19.07] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> (cherry picked from commit 261c746631d2bf311a6b62a6d3bacce6fde90976)
* ramips: fix MAC address setup for Samsung CY-SWR1100Sungbo Eo2019-11-141-3/+3
| | | | | | | | | | | | Ethernet MAC address setup has been broken since c3e420f28cf1. Restore original setting. Fixes: c3e420f28cf1 ("ramips: Add support for D-Link DCH-M225") Signed-off-by: Sungbo Eo <mans0n@gorani.run> (cherry picked from commit 7231c1edd99217c6baa8d7d5d841d75ad9de26f1) [backported due to base-files split] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* gitignore: ignore patches in OpenWrt root directoryAdrian Schmutzler2019-11-141-0/+1
| | | | | | | | This will have GIT ignore patches in root directory, as created when using "git format-patch". Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> (cherry picked from commit 2c5413559880c54c5eec980121febfe6c7cd287a)
* ar71xx: fix tl-wdr3320-v2 upgrade南浦月2019-11-121-1/+1
| | | | | | | | | | Fix the error that tl-wdr3320-v2 can't upgrade firmware via web interface by using magic_ver="0200" for this device. Signed-off-by: 南浦月 <nanpuyue@gmail.com> [commit message facelift] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> (cherry picked from commit 0ff2385a92c0a31769fce954b7bd571d6114dbc8)
* ar71xx: update uboot-envtools for Netgear WNR routersMichal Cieslakiewicz2019-11-121-1/+10
| | | | | | | | Boards added: WNR1000v2, WNR2000v3, WNR2200, WNR612v2, WNDR4300. Boards changed: WNDR3700 (u-boot env size is 2 sectors not 1). Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl> (cherry picked from commit 11052900494ec8216b9b39ba0b24d5e036f4d323)
* kernel: bump 4.14 to 4.14.152Koen Vandeputte2019-11-122-4/+4
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.9 to 4.9.199Koen Vandeputte2019-11-124-5/+5
| | | | | | | | | Refreshed all patches. Compile-tested on: ar71xx Runtime-tested on: ar71xx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* sdk: fix GCC and Python dangling symlinksPetr Štetiar2019-11-091-1/+2
| | | | | | | | | | | | | | Force prereq again in SDK in order to fix GCC and Python dangling symlinks: staging_dir/host/bin/g++ -> /builder/ath79_generic/ccache_cxx.sh staging_dir/host/bin/gcc -> /builder/ath79_generic/ccache_cc.sh staging_dir/host/bin/python -> /usr/bin/python3.5 staging_dir/host/bin/python3 -> /usr/bin/python3.5 Ref: FS#2424 Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit 200f2666fb1c8d9d128824dc5586e0e66386971f)
* build: cleanup possibly dangling Python 3 host symlinkEtienne Champetier2019-11-092-0/+14
| | | | | | | | | | | | | | | | When switching from master branch to 19.07 or older, we need to ensure that Python symlink in staging bin directory points to Python 2. We can't rely completly just on SetupHostCommand as its executed only in cases when the $(STAGING_DIR_HOST)/bin/python doesn't already exist, so we need to remove it before running SetupHostCommand. This is a cherry-pick of 3b68fb57c938af3948ae4c2da61501183fbef649 with python3 instead of python2 Signed-off-by: Petr Štetiar <ynezz@true.cz> Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com> (cherry picked from commit 799de7c641ffa98323929a20a8d92c7cc4ebb251)
* build: fixup python SetupHostCommand to use python2Etienne Champetier2019-11-091-3/+3
| | | | | | | | | | | | | Here is a way to break your build env without this patch: 1) have python point to python3, and no python2 2) start the build, SetupHostCommand will create a symlink ./staging_dir/host/bin/python -> /usr/bin/python 3) build fails on scons because it can't find any python2 4) install python2 and restart the build 5) the build fails on wireless-regdb compile because python is python3 instead of python Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com> (cherry picked from commit 785d4f3efded4a5094ee8e1ce4535dd0933b956d)
* OpenWrt v18.06.5: revert to branch defaultsJo-Philipp Wich2019-11-085-11/+9
| | | | Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* OpenWrt v18.06.5: adjust config defaultsv18.06.5Jo-Philipp Wich2019-11-085-9/+11
| | | | Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ustream-ssl: backport fix for CVE-2019-5101, CVE-2019-5102Jo-Philipp Wich2019-11-052-1/+57
| | | | | Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit c5d5cdb759adc890ce6699117b7119acf280ce77)
* kernel: bump 4.14 to 4.14.151Koen Vandeputte2019-10-312-7/+7
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.9 to 4.9.198Koen Vandeputte2019-10-312-7/+7
| | | | | | | | | Refreshed all patches. Compile-tested on: ar71xx Runtime-tested on: ar71xx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* scripts/ubinize-image.sh: fix buildbot breakagePetr Štetiar2019-10-311-1/+1
| | | | | | | | | | | | | | | New Docker based buildslaves install just bare minimum of packages, thus not having bsdmainutils package installed which provides `hexdump` utility, leading to the following build breakage on buildbots: ubinize-image.sh: 12: /builder/scripts/ubinize-image.sh: hexdump: not found So this patch simply replaces `hexdump` with `od` utility provided by coreutils package, which should be likely available. Co-authored-by: Yousong Zhou <yszhou4tech@gmail.com> Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit c6d41c320c795b0bb9a9350c7d4b1ce55f25769a)
* kernel: mark kmod-usb-serial-wwan as hiddenYousong Zhou2019-10-301-2/+2
| | | | | | | | | | The kconfig symbol is an invisible one since its introduction. It is not supposed to be enabled on its own. Resolves FS#1821 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com> (cherry picked from commit 4bf9bec361699e1c033460964158531adf15d7ee)
* kernel: add missing symbolKoen Vandeputte2019-10-301-0/+1
| | | | | | Discovered during layerscape compile-testing Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.150Koen Vandeputte2019-10-302-3/+3
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.9 to 4.9.197Koen Vandeputte2019-10-303-145/+154
| | | | | | | | | | | | | | | | | | | Refreshed all patches. Altered patches: - 804-crypto-support-layerscape.patch Compile-tested on: ar71xx Runtime-tested on: ar71xx Compiling target layerscape before this patch shows that it's broken. Fixing it is out-of-scope for bumping the kernel and will be done in a later patch. The altered patch is a sample change which leaves the target exactly as it was before this bump. Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* brcm2708: Add feature flag rootfs-partDaniel F. Dickinson2019-10-301-1/+1
| | | | | | | | | | | | | Even with squashfs brcm2708 requires ROOTFS_PART_SIZE because the overlay exists as a loopback device on the space not used by squashfs in the root partition. Also for ext4 (the other fs option) ROOTFS_PART_SIZE is required, so use feature flag rootfs-part to enable it. Fixes FS#2166 Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com> (cherry picked from commit 3bb44f42990a75e66972016cde75bed6a3f09ef9) Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* iptables: bump PKG_RELEASEYousong Zhou2019-10-241-1/+1
| | | | | | | | | Package content changed with the previous two cherry-picks dff0b2104d kernel: netfilter: Add nf_tproxy_ipv{4,6} and nf_socket_ipv{4,6} a2fe698a40 kernel: Added required dependencies for socket match. Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* kernel: Added required dependencies for socket match.Oldřich Jedlička2019-10-241-0/+2
| | | | | | | | | | | | | | | | | This applies to kernel 4.10 and newer. See https://github.com/torvalds/linux/commit/8db4c5be88f62ffd7a552f70687a10c614dc697b The above commit added to kernel 4.10 added new dependency for building the NETFILTER_XT_MATCH_SOCKET (xt_socket.ko) module. The NF_SOCKET_IPVx options (both of them) need to be enabled in order to build the NETFILTER_XT_MATCH_SOCKET module. Without the change the module is not built. Signed-off-by: Oldřich Jedlička <oldium.pro@gmail.com> (cherry picked from commit 66e875a07033cdcfd8c4a16940d4acfe63c60202) (required for fixing FS#2531) Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* kernel: netfilter: Add nf_tproxy_ipv{4,6} and nf_socket_ipv{4,6}Hauke Mehrtens2019-10-241-0/+4
| | | | | | | | | | | | | The nf_socket.ko module was split in commit 8db4c5be88f ("netfilter: move socket lookup infrastructure to nf_socket_ipv{4,6}.c") into a common, n IPv4 and an IPv6 part. The nf_tproxy.ko module was split in commit 45ca4e0cf27 ("netfilter: Libify xt_TPROXY") into a common, an IPv4 and an IPv6 part. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 89806545cc1711f4e33c1c2ac5265aec4afe8078) (required for fixing FS#2531) Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* tcpdump: update to 4.9.3DENG Qingfang2019-10-194-19/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixed CVEs: CVE-2017-16808 CVE-2018-10103 CVE-2018-10105 CVE-2018-14461 CVE-2018-14462 CVE-2018-14463 CVE-2018-14464 CVE-2018-14465 CVE-2018-14466 CVE-2018-14467 CVE-2018-14468 CVE-2018-14469 CVE-2018-14470 CVE-2018-14879 CVE-2018-14880 CVE-2018-14881 CVE-2018-14882 CVE-2018-16227 CVE-2018-16228 CVE-2018-16229 CVE-2018-16230 CVE-2018-16300 CVE-2018-16301 CVE-2018-16451 CVE-2018-16452 CVE-2019-15166 CVE-2019-15167 Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn> (cherry picked from commit 394273c066b8f4317b77f3ede216cfcdd45250c1)
* libpcap: update to 1.9.1DENG Qingfang2019-10-195-15/+18
| | | | | | | | | | | | | Fixed CVEs: CVE-2018-16301 CVE-2019-15161 CVE-2019-15162 CVE-2019-15163 CVE-2019-15164 CVE-2019-15165 Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn> (cherry picked from commit 44f11353de044834a442d3192b66579b99305720)
* libpcap: update to 1.9.0Syrone Wong2019-10-199-306/+50
| | | | | | | | | | | | | 001-Fix-compiler_state_t.ai-usage-when-INET6-is-not-defi.patch dropped due to upstream 002-Add-missing-compiler_state_t-parameter.patch dropped due to upstream 202-protocol_api.patch dropped due to implemented upstream by another way upstream commit: https://github.com/the-tcpdump-group/libpcap/commit/55c690f6f834b4762697d7a134de439c9096c921 and renamed via: https://github.com/the-tcpdump-group/libpcap/commit/697b1f7e9b1d6f5a5be04f821d7c5dc62458bb3b ead is the only user who use the protocol api, we have to use the new api since libpcap 1.9.0 Signed-off-by: Syrone Wong <wong.syrone@gmail.com>
* kernel: bump 4.14 to 4.14.149Koen Vandeputte2019-10-1518-107/+107
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.148Koen Vandeputte2019-10-085-6/+6
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.9 to 4.9.196Koen Vandeputte2019-10-085-6/+6
| | | | | | | | | Refreshed all patches. Compile-tested on: ar71xx Runtime-tested on: ar71xx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.147Koen Vandeputte2019-10-085-9/+9
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx, imx6 Compile-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.9 to 4.9.195Koen Vandeputte2019-10-089-33/+31
| | | | | | | | | | | | Refreshed all patches. Altered patches: - 403-mtd_fix_cfi_cmdset_0002_status_check.patch Compile-tested on: ar71xx Compile-tested on: ar71xx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* apm821xx: fix fan control on highest stepChristian Lamparter2019-09-281-1/+1
| | | | | | | | | | This patch removes a typo (extra "0") so that the 'cpu-alert6' step is triggered once the system reaches 85°C. Note: Unless the WNDR4700 is placed in an hot oven, the hardware-monitor will never reach this value. Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* brcm47xx: sysupgrade: fix device model detectionRafał Miłecki2019-09-261-2/+2
| | | | | | | | | $(board_name) was providing content on "boardtype" (and optionally "boardnum") NVRAM values. That function requires & expects more specific and detailed model name extracted from the /proc/cpuinfo. Fixes: f12a32630ff5 ("treewide: use the generic board_name function") Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* kernel: bump 4.14 to 4.14.146Koen Vandeputte2019-09-242-3/+3
| | | | | | | | | | | | | | | Refreshed all patches. Fixes: - CVE-2019-14814 - CVE-2019-14815 - CVE-2019-14816 - CVE-2019-14821 Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.9 to 4.9.194Koen Vandeputte2019-09-2411-21/+21
| | | | | | | | | | | | | | | Refreshed all patches. Fixes: - CVE-2019-14814 - CVE-2019-14815 - CVE-2019-14816 - CVE-2019-14821 Compile-tested on: ar71xx Runtime-tested on: ar71xx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* hostapd: Fix AP mode PMF disconnection protection bypassHauke Mehrtens2019-09-214-6/+72
| | | | | | | | | This fixes * CVE-2019-16275 AP mode PMF disconnection protection bypass https://w1.fi/security/2019-7/ap-mode-pmf-disconnection-protection-bypass.txt Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit a6981604b30bc1ddc1713b368fe853d89c2ba40d)
* hostapd: SAE/EAP-pwd side-channel attack updateHauke Mehrtens2019-09-219-1/+397
| | | | | | | | | Fixes this security problem: * SAE/EAP-pwd side-channel attack update https://w1.fi/security/2019-6/sae-eap-pwd-side-channel-attack-update.txt Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 7bed9bf10fc8d05df34c7efc66e8b4ade37a1a0c)
* mbedtls: update to 2.16.3Magnus Kroken2019-09-214-62/+35
| | | | | | | | Remove 300-bn_mul.h-Use-optimized-MULADDC-code-only-on-ARM-6.patch, the issue has been fixed upstream. Signed-off-by: Magnus Kroken <mkroken@gmail.com> (cherry picked from commit 49d96ffc5c47e40b7f3d99a91a42ea8a54a38bd9)
* mbedtls: Update to version 2.16.2Josef Schlehofer2019-09-212-4/+4
| | | | | Signed-off-by: Josef Schlehofer <josef.schlehofer@nic.cz> (cherry picked from commit a2f54f6d5d98211e9c58420eed8c67f4fca83665)
* openssl: bump to 1.0.2t, add maintainerEneas U de Queiroz2019-09-202-3/+4
| | | | | | | | | | | | | This version fixes 3 low-severity vulnerabilities: - CVE-2019-1547: ECDSA remote timing attack - CVE-2019-1549: Fork Protection - CVE-2019-1563: Padding Oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey Patches were refreshed, and Eneas U de Queiroz added as maintainer. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* kernel: bump 4.14 to 4.14.145Koen Vandeputte2019-09-2010-22/+22
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.144Koen Vandeputte2019-09-202-4/+4
| | | | | | | | | | | | Refreshed all patches. Fixes: - CVE-2019-15030 Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.9 to 4.9.193Koen Vandeputte2019-09-205-20/+15
| | | | | | | | | | | | Refreshed all patches. Fixes: - CVE-2019-15030 Compile-tested on: ar71xx Runtime-tested on: ar71xx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* mac80211: brcmfmac: backport the last 5.4 changesRafał Miłecki2019-09-164-1/+402
| | | | | | | | This makes brcmfmac use the same wiphy after PCIe reset to help user space handle corner cases (e.g. firmware crash). Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit f39f4b2f6d4300995270f635261b07197e8cf61e)
* ar71xx: fix potential IRQ misses during dispatch for qca953xKoen Vandeputte2019-09-131-0/+27
| | | | | | | | | | | If both interrupts are set in the current implementation only the 1st will be handled and the 2nd will be skipped due to the "if else" condition. Fix this by using the same approach as done for QCA955x just below it. Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* ar71xx: Fix potentially missed IRQ handling during dispatchKoen Vandeputte2019-09-131-0/+57
| | | | | | | | | | | If both interrupts are set in the current implementation only the 1st will be handled and the 2nd will be skipped due to the "if else" condition. Fix this by using the same approach as done for QCA955x just below it. Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.143Koen Vandeputte2019-09-132-3/+3
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.9 to 4.9.192Koen Vandeputte2019-09-136-9/+9
| | | | | | | | | Refreshed all patches. Compile-tested on: ar71xx Runtime-tested on: ar71xx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-29 12:07:32 +0000