aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* kernel: bump 4.9 to 4.9.124Koen Vandeputte2018-08-2812-19/+19
| | | | | | | | | Refreshed all patches. Compile-tested on: ar71xx Runtime-tested on: ar71xx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* ar71xx: WNR612v2: fix kernel panic due to wrong Wifi LED initMichal Cieslakiewicz2018-08-281-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Netgear WNR612v2 flashed with recent OpenWrt builds suffers from kernel panic at boot during wireless chip initialization, making device unusable: ath: phy0: Ignoring endianness difference in EEPROM magic bytes. ath: phy0: Enable LNA combining CPU 0 Unable to handle kernel paging request at virtual address 1000fee1, epc == 801d08f0, ra == 801d0d90 Oops[#1]: CPU: 0 PID: 469 Comm: kmodloader Not tainted 4.9.120 #0 [ ... register dump etc ... ] Kernel panic - not syncing: Fatal exception Rebooting in 1 seconds.. This simple patch fixes above error. It keeps LED table in memory after kernel init phase for ath9k driver to operate correctly (__initdata removed). Also, another bug is fixed - correct array size is provided to function that adds platform LEDs (this device has only 1 connected to Wifi chip) preventing code from going outside array bounds. Fixes: 1f5ea4eae46e ("ar71xx: add correct named default wireless led by using platform leds") Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl> [trimmed commit message] Signed-off-by: Mathias Kresin <dev@kresin.me>
* ar71xx/generic: enable Zyxel NBG6616 in kernel config againMatthias Schiffer2018-08-271-0/+1
| | | | | | | | | The NBG6616 shares a config symbol with the NBG6716. It was accidentally removed from the config when the ar71xx-tiny target was split off. Fixes: 0cd5e85e7ad6 ("ar71xx: create new ar71xx/tiny subtarget for 4MB flash devices") Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net> (cherry picked from commit a4f4ddba61e61d3f15d19c4e57733a9e44ec8d09)
* mac80211: mwl8k: Expand non-DFS 5G channelsAntonio Silverio2018-08-271-0/+37
| | | | | | | Add non-DFS 5G upper channels (149-165) besides existed 4 lower channels (36, 40, 44, 48). Signed-off-by: Antonio Silverio <menion@gmail.com>
* mt76: update to the latest versionFelix Fietkau2018-08-251-3/+3
| | | | | | | | 7daf962 mt7603: add survey support 980c606 mt7603: add fix for CCA signal configuration 30b8371 mt7603: fix BAR rate Signed-off-by: Felix Fietkau <nbd@nbd.name>
* dropbear: backport upstream fix for CVE-2018-15599Hans Dedecker2018-08-243-3/+224
| | | | | | | | | | CVE description : The recv_msg_userauth_request function in svr-auth.c in Dropbear through 2018.76 is prone to a user enumeration vulnerability because username validity affects how fields in SSH_MSG_USERAUTH messages are handled, a similar issue to CVE-2018-15473 in an unrelated codebase. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* ramips: mt7620: add dir-810l network configRoger Pueyo Centelles2018-08-231-0/+1
| | | | | | | The device was not included in the /etc/board.d/02_network file, so the network wouldn't be properly set up on boot. Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
* ramips: fix compatibles in SoC dtsiMathias Kresin2018-08-233-3/+3
| | | | | | | The former used compatibles aren't defined anywhere and aren't used by the devicetree source files including them. Signed-off-by: Mathias Kresin <dev@kresin.me>
* ramips: fix GL-MT300N-V2 SoC compatibleMathias Kresin2018-08-231-1/+1
| | | | | | | | According to abbfcc85259a ("ramips: add support for GL-inet GL-MT300N-V2") the board has a MediaTek MT7628AN. Change the SoC compatible to match the used hardware. Signed-off-by: Mathias Kresin <dev@kresin.me>
* ramips: drop not existing groups from pinmuxMathias Kresin2018-08-2310-10/+10
| | | | | | | | | | | | | | RT5350 neither have rgmii nor a mdio pinmux group. MT7628an doesn't have a jtag group. Having these groups defined might cause a boot panic. The pin controller fails to initialise for kernels > 4.9 if invalid groups are used. If a subsystem references a pin controller configuration node, it can not find this node and errors out. In worst case it's the SPI driver which errors out and we have no root filesystem to mount. Signed-off-by: Mathias Kresin <dev@kresin.me>
* generic: revert workarounds for AR8337 switchMathias Kresin2018-08-232-62/+1
| | | | | | | | | | | | | The intention of 967b6be118e3 ("ar8327: Add workarounds for AR8337 switch") was to remove the register fixups for AR8337. But instead they were removed for AR8327. The RGMII RX delay is forced even if the port is used as phy instead of mac, which results in no package flow at least for one board. Fixes: FS#1664 Signed-off-by: Mathias Kresin <dev@kresin.me>
* kernel: bump 4.14 to 4.14.66Koen Vandeputte2018-08-223-14/+14
| | | | | | | | | Refreshed all patches Compile-tested on: cns3xxx, imx6 Runtime-tested on: cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.9 to 4.9.123Koen Vandeputte2018-08-224-19/+19
| | | | | | | | | Refreshed all patches Compile-tested on: ar71xx Runtime-tested on: ar71xx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* tools/bison: Update to 3.0.5Daniel Engberg2018-08-213-32/+10
| | | | | | | | | Update bison to 3.0.5 Bugfix release Remove 001-fix-macos-vasnprintf.patch as it is fixed upstream Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net> (cherry picked from commit df02e7a3c790552c9620242544ec0137dae6a32b)
* cns3xxx: fix mtu setting with kernel 4.14Mathias Kresin2018-08-201-10/+1
| | | | | | | | | | | Since kernel 4.10 commit 61e84623ace3 ("net: centralize net_device min/max MTU checking"), the range of mtu is [min_mtu, max_mtu], which is [68, 1500] by default. It's necessary to set a max_mtu if a mtu > 1500 is supported. Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com> Signed-off-by: Mathias Kresin <dev@kresin.me>
* kernel: bump 4.14 to 4.14.65Koen Vandeputte2018-08-201-2/+2
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx, imx6, x86_64 Runtime-tested on: cns3xxx, imx6, x86_64 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.9 to 4.9.122Koen Vandeputte2018-08-204-6/+6
| | | | | | | | | Refreshed all patches. Compile-tested on: ar71xx Runtime-tested on: ar71xx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* OpenWrt v18.06.1: revert to branch defaultsJo-Philipp Wich2018-08-165-11/+9
| | | | Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* OpenWrt v18.06.1: adjust config defaultsv18.06.1Jo-Philipp Wich2018-08-165-9/+11
| | | | Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* rpcd: update to latest git HEADJo-Philipp Wich2018-08-161-3/+3
| | | | | | | | | | | 41333ab uci: tighten uci reorder operation error handling f91751b uci: tighten uci delete operation error handling c2c612b uci: tighten uci set operation error handling 948bb51 uci: tighten uci add operation error handling 51980c6 uci: reject invalid section and option names Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit 8c91807214c42b481a0893e118d46f488419468a)
* openssl: update to version 1.0.2pHauke Mehrtens2018-08-153-4/+4
| | | | | | | | This fixes the following security problems: * CVE-2018-0732: Client DoS due to large DH parameter * CVE-2018-0737: Cache timing vulnerability in RSA Key Generation Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: bump kernel 4.9 to version 4.9.120Hauke Mehrtens2018-08-152-67/+2
| | | | | | | | | | | The following patch was integrated upstream: * target/linux/generic/backport-4.9/500-ext4-fix-check-to-prevent-initializing-reserved-inod.patch This fixes tries to work around the following security problems: * CVE-2018-3620 L1 Terminal Fault OS, SMM related aspects * CVE-2018-3646 L1 Terminal Fault Virtualization related aspects Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: bump kernel 4.14 to version 4.14.63Hauke Mehrtens2018-08-155-107/+6
| | | | | | | | | | | | | | The following patches were integrated upstream: * target/linux/ipq40xx/patches-4.14/050-0006-mtd-nand-qcom-Add-a-NULL-check-for-devm_kasprintf.patch * target/linux/mediatek/patches-4.14/0177-phy-phy-mtk-tphy-use-auto-instead-of-force-to-bypass.patch This fixes tries to work around the following security problems: * CVE-2018-3620 L1 Terminal Fault OS, SMM related aspects * CVE-2018-3646 L1 Terminal Fault Virtualization related aspects Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ramips: add missing USB packages into ASL26555-16MZoltan HERPAI2018-08-131-1/+1
| | | | | | | Mirror the package list from the 8M device profile to the 16M device profile. Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
* brcm47xx: cosmetic fix in model detectionPaul Wassi2018-08-131-1/+1
| | | | | | | | In "brcm47xx: rework model detection" the file 01_detect was moved to 01_network, therefore also update the warning message in case everything fails. Signed-off-by: Paul Wassi <p.wassi@gmx.at>
* ath25: Do not build images for ubnt2 and ubnt5Hauke Mehrtens2018-08-121-2/+2
| | | | | | | | The flash size of the ubnt2 and ubnt5 is limited and the images with LuCI are getting too big for these boards. Do not build images for these boards to make the complete build of this target not fail anymore. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* at91: do not build image for at91-q5xr5Hauke Mehrtens2018-08-121-1/+1
| | | | | | | | The kernel image of the at91-q5xr5 is getting too bing now and this is breaking the build. Remove the image for the at91-q5xr5 from the build to at least build images for the other devices. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* uci: bump to source date 2018-08-11Yousong Zhou2018-08-111-3/+3
| | | | | | | Fixes segfault when parsing malformed delta lines Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com> (cherry picked from commit 3493c1cf41ecaa2f87394059a26578f723109a15)
* mwlwifi: update to version 10.3.8.0-20180615Kabuli Chana2018-08-111-4/+13
| | | | | | | | fix mcs rate for HT support 88W8997 protect rxringdone Signed-off-by: Kabuli Chana <newtownBuild@gmail.com>
* tools: findutils: fix compilation with glibc 2.28Luis Araneda2018-08-101-0/+104
| | | | | | | Add a temporary workaround to compile with glibc 2.28 as some constants were removed and others made private Signed-off-by: Luis Araneda <luaraneda@gmail.com>
* tools: m4: fix compilation with glibc 2.28Luis Araneda2018-08-101-0/+118
| | | | | | | Add a temporary workaround to compile with glibc 2.28 as some constants were removed and others made private Signed-off-by: Luis Araneda <luaraneda@gmail.com>
* kernel: bump 4.14 to 4.14.62Koen Vandeputte2018-08-103-10/+5
| | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx, imx6, x86_64 Runtime-tested on: cns3xxx, imx6, x86_64 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.9 to 4.9.119Koen Vandeputte2018-08-105-109/+18
| | | | | | | | | | | | Refreshed all patches. Delete upstreamed patch: - 100-tcp-add-tcp_ooo_try_coalesce-helper.patch Compile-tested on: ar71xx Runtime-tested on: ar71xx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* wpa_supplicant: fix CVE-2018-14526John Crispin2018-08-101-0/+48
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Unauthenticated EAPOL-Key decryption in wpa_supplicant Published: August 8, 2018 Identifiers: - CVE-2018-14526 Latest version available from: https://w1.fi/security/2018-1/ Vulnerability A vulnerability was found in how wpa_supplicant processes EAPOL-Key frames. It is possible for an attacker to modify the frame in a way that makes wpa_supplicant decrypt the Key Data field without requiring a valid MIC value in the frame, i.e., without the frame being authenticated. This has a potential issue in the case where WPA2/RSN style of EAPOL-Key construction is used with TKIP negotiated as the pairwise cipher. It should be noted that WPA2 is not supposed to be used with TKIP as the pairwise cipher. Instead, CCMP is expected to be used and with that pairwise cipher, this vulnerability is not applicable in practice. When TKIP is negotiated as the pairwise cipher, the EAPOL-Key Key Data field is encrypted using RC4. This vulnerability allows unauthenticated EAPOL-Key frames to be processed and due to the RC4 design, this makes it possible for an attacker to modify the plaintext version of the Key Data field with bitwise XOR operations without knowing the contents. This can be used to cause a denial of service attack by modifying GTK/IGTK on the station (without the attacker learning any of the keys) which would prevent the station from accepting received group-addressed frames. Furthermore, this might be abused by making wpa_supplicant act as a decryption oracle to try to recover some of the Key Data payload (GTK/IGTK) to get knowledge of the group encryption keys. Full recovery of the group encryption keys requires multiple attempts (128 connection attempts per octet) and each attempt results in disconnection due to a failure to complete the 4-way handshake. These failures can result in the AP/network getting disabled temporarily or even permanently (requiring user action to re-enable) which may make it impractical to perform the attack to recover the keys before the AP has already changes the group keys. By default, wpa_supplicant is enforcing at minimum a ten second wait time between each failed connection attempt, i.e., over 20 minutes waiting to recover each octet while hostapd AP implementation uses 10 minute default for GTK rekeying when using TKIP. With such timing behavior, practical attack would need large number of impacted stations to be trying to connect to the same AP to be able to recover sufficient information from the GTK to be able to determine the key before it gets changed. Vulnerable versions/configurations All wpa_supplicant versions. Acknowledgments Thanks to Mathy Vanhoef of the imec-DistriNet research group of KU Leuven for discovering and reporting this issue. Possible mitigation steps - Remove TKIP as an allowed pairwise cipher in RSN/WPA2 networks. This can be done also on the AP side. - Merge the following commits to wpa_supplicant and rebuild: WPA: Ignore unauthenticated encrypted EAPOL-Key data This patch is available from https://w1.fi/security/2018-1/ - Update to wpa_supplicant v2.7 or newer, once available Signed-off-by: John Crispin <john@phrozen.org> (cherry picked from commit 1961948585e008ad0095d7074784893229b00d06)
* Revert "libevent2: Don't build tests and samples"Jo-Philipp Wich2018-08-091-13/+0
| | | | | | | | This reverts commit fe90d14880ad80e5cbc0eba036f8f9f83fa77396. The cherry pick does not apply cleanly to 18.06. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* kernel: move e1000e patches to backportsStijn Tintel2018-08-094-0/+0
| | | | | | | They're already in linux.git, so they shouldn't be in pending. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> (cherry picked from commit 14b6c725411dfb3e44242bea3b000a1f58b52235)
* kernel: add pending e1000e fixesStijn Tintel2018-08-094-0/+331
| | | | | | | | | | | | | | | | The previous round of fixes for the 82574 chip cause an issue with emulated e1000e devices in VMware ESXi 6.5. It also contains changes that are not strictly necessary. These patches fix the issues introduced in the previous series, revert the unnecessary changes to avoid unforeseen fallout, and avoid a case where interrupts can be missed. The final two patches of this series are already in the kernel, so no need to include them here. Patchwork: https://patchwork.ozlabs.org/cover/881776/ Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> (cherry picked from commit ef025e6417abd608ee398039623ac8a306bb92c5)
* firmware: intel-microcode: bump to 20180703Zoltan HERPAI2018-08-091-6/+6
| | | | | | | | | | | | | | | | | | | | | | | * New upstream microcode data file 20180703 + Updated Microcodes: sig 0x000206d6, pf_mask 0x6d, 2018-05-08, rev 0x061d, size 18432 sig 0x000206d7, pf_mask 0x6d, 2018-05-08, rev 0x0714, size 19456 sig 0x000306e4, pf_mask 0xed, 2018-04-25, rev 0x042d, size 15360 sig 0x000306e7, pf_mask 0xed, 2018-04-25, rev 0x0714, size 17408 sig 0x000306f2, pf_mask 0x6f, 2018-04-20, rev 0x003d, size 33792 sig 0x000306f4, pf_mask 0x80, 2018-04-20, rev 0x0012, size 17408 sig 0x000406f1, pf_mask 0xef, 2018-04-19, rev 0xb00002e, size 28672 sig 0x00050654, pf_mask 0xb7, 2018-05-15, rev 0x200004d, size 31744 sig 0x00050665, pf_mask 0x10, 2018-04-20, rev 0xe00000a, size 18432 sig 0x000706a1, pf_mask 0x01, 2017-12-26, rev 0x0022, size 73728 + First batch of fixes for: Intel SA-00115, CVE-2018-3639, CVE-2018-3640 + Implements IBRS/IBPB/STIPB support, Spectre-v2 mitigation + SSBD support (Spectre-v4 mitigation) and fix Spectre-v3a for: Sandybridge server, Ivy Bridge server, Haswell server, Skylake server, Broadwell server, a few HEDT Core i7/i9 models that are actually gimped server dies. Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
* curl: Fix CVE-2018-0500Hauke Mehrtens2018-08-082-1/+33
| | | | | | | | This backports a fix for: * CVE-2018-0500 SMTP send heap buffer overflow See here for details: https://curl.haxx.se/docs/adv_2018-70a2.html Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ustream-ssl: update to version 2018-05-22Hauke Mehrtens2018-08-081-4/+4
| | | | | | | 5322f9d mbedtls: Fix setting allowed cipher suites e8a1469 mbedtls: Add support for a session cache Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mbedtls: Update to 2.12.0Hauke Mehrtens2018-08-087-33/+123
| | | | | | | | | | | | | | | | | | | Multiple security fixes * CVE-2018-0497 Remote plaintext recovery on use of CBC based ciphersuites through a timing side-channel * CVE-2018-0498 Plaintext recovery on use of CBC based ciphersuites through a cache based side-channel Disable OFB block mode and XTS block cipher mode, added in 2.11.0. Disable Chacha20 and Poly1305 cryptographic primitives, added in 2.12.0 Patch the so version back to the original one, the API changes are looking no so invasive. The size of mbedtls increased a little bit: ipkg for mips_24kc before: 163.967 Bytes ipkg for mips_24kc after: 164.753 Bytes Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mbedtls: Activate the session cacheHauke Mehrtens2018-08-081-9/+0
| | | | | | | | | | | | | | This make sit possible to store informations about a session and reuse it later. When used by a server it increases the time to create a new TLS session from about 1 second to less than 0.1 seconds. The size of the ipkg file increased by about 800 Bytes. ipkg for mips_24kc before: 163.140 Bytes ipkg for mips_24kc after: 163.967 Bytes Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mbedtls: cleanup config patchDaniel Engberg2018-08-081-40/+32
| | | | | | | Clean up patch, use "//" consistently. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mbedtls: Deactivate platform abstractionHauke Mehrtens2018-08-081-0/+9
| | | | | | | | This makes mbedtls use the POSIX API directly and not use the own abstraction layer. The size of the ipkg decreased by about 100 bytes. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: remove stray 4.4 referencesJo-Philipp Wich2018-08-081-2/+0
| | | | | | | | The 4.4 version hash was accidentally reintroduced while rebasing the master commit, remove it again. Fixes ca3174e4e9 ("kernel: bump 4.9 to 4.9.118") Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* kernel: backport upstream fix for CVE-2018-5390Jo-Philipp Wich2018-08-081-0/+76
| | | | | | | | | | | Backport an upstream fix for a remotely exploitable TCP denial of service flaw in Linux 4.9+. The fixes are included in Linux 4.14.59 and later but did not yet end up in version 4.9.118. Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit fefe1da440eede8dfaa23975c30ae2f6fcac744d)
* kernel: bump 4.14 to 4.14.61Koen Vandeputte2018-08-082-4/+4
| | | | | | | | | | Refreshed all patches. Compile-tested on: cns3xxx, imx6, x86_64 Runtime-tested on: cns3xxx, imx6, x86_64 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com> (backported from commit 7a254aeeb8a9ca7e2846af6ed508f5ec21db350d)
* kernel: bump 4.9 to 4.9.118Koen Vandeputte2018-08-084-18/+19
| | | | | | | | | | Refreshed all patches. Compile-tested on: ar71xx Runtime-tested on: ar71xx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com> (backported from commit f7036a34ace38b701243e9357d7f509f8a66f0b1)
* Revert "kernel: usb: dwc2 DMA alignment fixes"John Crispin2018-08-082-176/+0
| | | | | | | | This reverts commit 1e5bd42d63e508358c703be550590d3ff72dc6e0. this has already treacled down with the latest kernel bump Signed-off-by: John Crispin <john@phrozen.org>
* brcm2708: fix w1 patchJohn Crispin2018-08-081-34/+23
| | | | | | | this is now part of generic Signed-off-by: John Crispin <john@phrozen.org> (cherry picked from commit 5f5d8128815c0624a01e48de25bd5cf1b6ab23ef)