| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: ar71xx
Runtime-tested on: ar71xx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The "bridge allow reception on disabled port" implementation
was broken after these commits:
b765f4be407c ("kernel: bump 4.14 to 4.14.114")
456f486b53a7 ("kernel: bump 4.9 to 4.9.171")
This leads to issues when for example WDS is used, tied to a bridge:
[ 96.503771] wlan1: send auth to d4:5f:25:eb:09:82 (try 1/3)
[ 96.517956] wlan1: authenticated
[ 96.526209] wlan1: associate with d4:5f:25:eb:09:82 (try 1/3)
[ 97.086156] wlan1: associate with d4:5f:25:eb:09:82 (try 2/3)
[ 97.200919] wlan1: RX AssocResp from d4:5f:25:eb:09:82 (capab=0x11 status=0 aid=1)
[ 97.208706] wlan1: associated
[ 101.312913] wlan1: deauthenticated from d4:5f:25:eb:09:82 (Reason: 2=PREV_AUTH_NOT_VALID)
It seems upstream introduced a new patch, [1]
so we have to reimplement these patches properly:
target/linux/generic/pending-4.9/150-bridge_allow_receiption_on_disabled_port.patch
target/linux/generic/pending-4.14/150-bridge_allow_receiption_on_disabled_port.patch
[1] https://lkml.org/lkml/2019/4/24/1228
Fixes: b765f4be407c ("kernel: bump 4.14 to 4.14.114")
Fixes: 456f486b53a7 ("kernel: bump 4.9 to 4.9.171")
Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
[updated commit message and title]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
| |
Drop the legacy start() and stop() procedures and define a proper
reload signal action instead.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit f664d560df8e59f8d368273990462bba85a09668)
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested: ar71xx
Runtime-tested: ar71xx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: ar71xx
Runtime-tested on: ar71xx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
| |
Rather than wait until the patches hit vanilla and
get backported via the stable kernel, this patch
patches the crypto4xx driver with the latest fixes
from the upstream linux-crypto tree.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
|
|
|
|
|
|
|
|
|
| |
Highlights of this version:
- Change default RSA, DSA and DH size to 2048 bit
- Reject invalid EC point coordinates
This avoids CVE-2019-9498 and CVE-2019-9499 in hostapd
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
|
|
|
|
|
|
|
|
|
| |
This fixes a patch for the ARC architecture.
This was found by the build bot.
Fixes: 810ee3b84a2b ("kernel: bump 4.14 to 4.14.104")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes the following security problems:
* CVE-2018-14618: NTLM password overflow via integer overflow
* CVE-2018-16839: SASL password overflow via integer overflow
* CVE-2018-16840: use-after-free in handle close
* CVE-2018-16842: warning message out-of-buffer read
* CVE-2019-3823: SMTP end-of-response out-of-bounds read
* CVE-2019-3822: NTLMv2 type-3 header stack buffer overflow
* CVE-2018-16890: NTLM type-2 out-of-bounds buffer read
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
| |
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: ar71xx
Runtime-tested on: ar71xx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
| |
f199b96 uci: fix options list of section after type change
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It was present as 4.4 compatibility, but since we now use 4.9 or later
with the new upstream solution, we don't need it anymore.
This also fixes a serious regression introduced by ac9bcefa3b04, which
changed the precedence of linux,part-probe and the new-type partitions
node compatible string, causing caldata partitions to be overwritten.
Fixes: ac9bcefa3b04 ("kernel: use V10 of mtd patchset adding support for "compatible" string")
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
(cherry picked from commit 7880a6f7fee89efe9e5e4c707b59ba45f02e21cf)
|
|
|
|
|
|
|
| |
The binding works the same, so we can just drop the revert and the patch.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
(cherry picked from commit abb28bec251a0b243dff87f87d09763792128349)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Altered patches:
- 0067-generic-Mangle-bootloader-s-kernel-arguments.patch
- 006-mvebu-Mangle-bootloader-s-kernel-arguments.patch
- 996-generic-Mangle-bootloader-s-kernel-arguments.patch
Compile-tested on: cns3xxx, imx6, mvebu
Runtime-tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: ar71xx
Runtime-tested on: ar71xx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: ar71xx
Runtime-tested on: ar71xx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
| |
Network for the Archer C25 v1 is set up without switch for no
obvious reason. The LED setup is even done switch-based.
This patch changes network setup so a switch is created.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
|
|
|
|
|
|
|
|
|
| |
This fixes a patch for the ARC architecture.
This was found by the build bot.
Fixes: 5183df0dbf5f ("kernel: bump 4.9 to 4.9.161")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
|
|
|
|
|
|
|
| |
This adds the host staging directory to the include path to make it use
the zlib.h files from the staging include directory and also link
against the zlib version from the staging directory.
This fixes a compile problem when the zlib header were not installed on
the build host.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
|
|
|
|
|
|
| |
The root file system of the a5-v11 image was too big and broke the
build, remove the USB modules from the default image to make it smaller.
This should fix the build again.
This was found by the build bot.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: ar71xx
Runtime-tested on: ar71xx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: ar71xx
Runtime-tested on: ar71xx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Altered patches:
- 150-bridge_allow_receiption_on_disabled_port.patch
- 201-extra_optimization.patch
Remove upstreamed:
- 022-0006-crypto-crypto4xx-properly-set-IV-after-de-and-encryp.patch
Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Altered patches:
- 150-bridge_allow_receiption_on_disabled_port.patch
- 201-extra_optimization.patch
Compile-tested on: ar71xx
Runtime-tested on: ar71xx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit c6aa9ff38870a30dbe6da17e4edad6039fe10ddf.
Further testing has revealed that we will need to allow concurrent
requests after all, especially for situations where CGI processes
initiate further HTTP requests to the local host.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit f00a4ae6e0b1f7b3d84e11e8dc4dd562088584e0)
|
|
|
|
|
|
|
| |
STAGING_DIR/bin
Signed-off-by: Ted Hess <thess@kitschensync.net>
(cherry picked from commit 042d68a19593ac796098845366a235f5465816da)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Go for openwrt passes pkg-config arguments in the format of
pkg-config --cflags -- pkg-name
which in turn will be passed down to the real pkg-config as something
like
pkg-config.real --cflags -- pkg-name --define...
and causes the real pkg-config implementation to missinterpret the given
argument list.
This also helps to fix https://github.com/golang/go/issues/27940
Signed-off-by: Arthur Skowronek <arthur.skowronek@tuta.io>
(cherry picked from commit 5f2cb6d7dc9de24bec7b1139f8d785f0e7588eed)
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: ar71xx
Runtime-tested on: ar71xx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
New symbols:
- CONFIG_PPC_BARRIER_NOSPEC
- CONFIG_LDISC_AUTOLOAD
Compile-tested on: ar71xx
Runtime-tested on: ar71xx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
| |
remove USB as this is no LED but power control
rename WiFi LED with correct color red (like in stock firmware)
set middle LED to be used for LAN link/activity
Signed-off-by: Andreas Ziegler <dev@andreas-ziegler.de>
(cherry picked from commit 53c46b504c630e4c9c5a00bf644a69919bfc0c03)
|
|
|
|
|
|
|
|
|
|
|
| |
- Tested on Turris MOX, OpenWrt master
- Removed PKG_BUILD_DIR
In build_dir there were two folders
ca-certificates and ca-certificates-20190110 and it failed as files
were in ca-certificates-20190110
Signed-off-by: Josef Schlehofer <josef.schlehofer@nic.cz>
(cherry picked from commit f22c33b40cc7b542b3b31fa0d873d28d3a3482b5)
|
|
|
|
|
|
|
|
| |
Previous commit backported USB fixes instead of firmware crash recovery
patches.
Fixes: 02aed76968d6 ("mac80211: brcmfmac: early work on FullMAC firmware crash recovery")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
| |
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
|
|
|
| |
This patch fixes disfunctional WLAN LED on TP-Link W8970. The LED was
reported working in the CC release[1], but doesn't work anymore in 18.06.2.
1. https://github.com/openwrt/chaos_calmer/commit/420cb24d41fcd650795f09d2b26e0e1d2cf21165
Tested-by: Damian Janarek <dzanar18@o2.pl>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
IMAGE_SIZE for C7v5 is wrong in openwrt-18.06, looks like it
was just copied from C7v4. In master, this got fixed with the
introduction of dynamic partitioning in
https://github.com/openwrt/openwrt/commit/7c78be1b747eb0c8d64da67deb3a8aec75bd7b9c
However, this is not connected to the changes introduced there,
but also applies to the static partitioning in openwrt-18.06.
It appears to be simply wrong at the moment ...
Tested-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
|
|
|
|
|
|
|
|
|
|
|
| |
This device shares the network config with v4, thus the WAN MAC
also needs to be fixed the same way. However, the partition
where the MAC address resides has been changed.
Backport of commit 93d23aced24c2e620461e1b0448d35be21f7e501
Tested-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds the "info" MTD partition, as it is specified in the
ath79 DTS:
https://github.com/openwrt/openwrt/blob/master/target/linux/ath79/dts/qca9563_tplink_archer-c7-v5.dts#L35
This is required to set the WAN MAC address, as it is build based
on the LAN MAC address, which in turn has to be read from the
"info" partition:
https://github.com/openwrt/openwrt/blob/master/target/linux/ath79/dts/qca9563_tplink_archer-x7-v5.dtsi#L184
Backport of commit 9aa8f87d277bf2f666fa5bf90c5efd59dd044d54
Tested-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ath10k_pci driver crashes once loaded and causes boot loops on this
device as 5GHz radio QCA9880-AR1A shipped with this router is broken.
It's not possible to fix this problem in software, miniPCIe radio has to
be replaced.
We could've probably fixed crashing of the ath10k driver by reverting
following upstream commit:
commit 1a7fecb766c83dace747f42b25bbb544b00a0163
Author: Michal Kazior <michal.kazior@tieto.com>
Date: Sat Jan 24 12:14:48 2015 +0200
ath10k: reset chip before reading chip_id in probe
but it's not worth the effort as it wouldn't make that 5GHz radio usable
anyway. So it seems more convenient to just remove the crashing driver
and provide bootable images, as I believe, that a router that is working
but degraded is better than a router that will not work.
For details please see discussions in PR[1] and in FS#1743[2].
1. https://github.com/openwrt/openwrt/pull/1349
2. https://bugs.openwrt.org/index.php?do=details&task_id=1743
Reviewed-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
Signed-off-by: Aubrey McIntosh, PhD <aubrey.mcintosh@utexas.edu>
[subject and commit message tweaks]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: ar71xx
Runtime-tested on: ar71xx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|