aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* ramips: ethernet: fix to interrupt handlingNeilBrown2020-09-061-6/+5
| | | | | | | | | | | | | The current code acknowledged interrupts *after* polling. This is the wrong way around, and could cause an interrupt to be missed. This is not likely to be fatal as another packet, and so another interrupt, should come along soon. But maybe it is causing problems, so let's fix it anyway. Signed-off-by: NeilBrown <neil@brown.name> (Note that this matches the upstream driver.) Signed-off-by: Rosen Penev <rosenp@gmail.com>
* hostapd: Fix compile errors after wolfssl updateHauke Mehrtens2020-09-041-0/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes the following compile errors after the wolfssl 4.5.0 update: LD wpa_cli ../src/crypto/tls_wolfssl.c: In function 'tls_match_alt_subject': ../src/crypto/tls_wolfssl.c:610:11: error: 'GEN_EMAIL' undeclared (first use in this function); did you mean 'ENAVAIL'? type = GEN_EMAIL; ^~~~~~~~~ ENAVAIL ../src/crypto/tls_wolfssl.c:610:11: note: each undeclared identifier is reported only once for each function it appears in ../src/crypto/tls_wolfssl.c:613:11: error: 'GEN_DNS' undeclared (first use in this function) type = GEN_DNS; ^~~~~~~ ../src/crypto/tls_wolfssl.c:616:11: error: 'GEN_URI' undeclared (first use in this function) type = GEN_URI; ^~~~~~~ ../src/crypto/tls_wolfssl.c: In function 'wolfssl_tls_cert_event': ../src/crypto/tls_wolfssl.c:902:20: error: 'GEN_EMAIL' undeclared (first use in this function); did you mean 'ENAVAIL'? if (gen->type != GEN_EMAIL && ^~~~~~~~~ ENAVAIL ../src/crypto/tls_wolfssl.c:903:20: error: 'GEN_DNS' undeclared (first use in this function) gen->type != GEN_DNS && ^~~~~~~ ../src/crypto/tls_wolfssl.c:904:20: error: 'GEN_URI' undeclared (first use in this function) gen->type != GEN_URI) ^~~~~~~ Makefile:2029: recipe for target '../src/crypto/tls_wolfssl.o' failed Fixes: 00722a720c77 ("wolfssl: Update to version 4.5.0") Reported-by: Andre Heider <a.heider@gmail.com> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit bc19481826e0da9119945eaae4f25736306f023b)
* wolfssl: Update to version 4.5.0Hauke Mehrtens2020-09-023-4/+31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This fixes the following security problems: * In earlier versions of wolfSSL there exists a potential man in the middle attack on TLS 1.3 clients. * Denial of service attack on TLS 1.3 servers from repetitively sending ChangeCipherSpecs messages. (CVE-2020-12457) * Potential cache timing attacks on public key operations in builds that are not using SP (single precision). (CVE-2020-15309) * When using SGX with EC scalar multiplication the possibility of side- channel attacks are present. * Leak of private key in the case that PEM format private keys are bundled in with PEM certificates into a single file. * During the handshake, clear application_data messages in epoch 0 are processed and returned to the application. Full changelog: https://www.wolfssl.com/docs/wolfssl-changelog/ Fix a build error on big endian systems by backporting a pull request: https://github.com/wolfSSL/wolfssl/pull/3255 The size of the ipk increases on mips BE by 1.4% old: libwolfssl24_4.4.0-stable-2_mips_24kc.ipk: 386246 new: libwolfssl24_4.5.0-stable-1_mips_24kc.ipk: 391528 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 00722a720c778e623d6f37af3a3b4e43b29c3fe8)
* wolfssl: use -fomit-frame-pointer to fix asm errorEneas U de Queiroz2020-09-021-2/+2
| | | | | | | | | | | | 32-bit x86 fail to compile fast-math feature when compiled with frame pointer, which uses a register used in a couple of inline asm functions. Previous versions of wolfssl had this by default. Keeping an extra register available may increase performance, so it's being restored for all architectures. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit 750d52f6c90e2a144c250779741607f0cb306a94)
* wolfssl: update to 4.4.0-stableEneas U de Queiroz2020-09-021-2/+2
| | | | | | | | | | | | | This version adds many bugfixes, including a couple of security vulnerabilities: - For fast math (enabled by wpa_supplicant option), use a constant time modular inverse when mapping to affine when operation involves a private key - keygen, calc shared secret, sign. - Change constant time and cache resistant ECC mulmod. Ensure points being operated on change to make constant time. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit 3481f6ffc79f46fc7ba86a4cc15ad958e99b5a82)
* mbedtls: update to 2.16.8Magnus Kroken2020-09-022-25/+25
| | | | | | | | | | | | | | | | | | This release of Mbed TLS provides bug fixes and minor enhancements. This release includes fixes for security issues and the most notable of them are described in more detail in the security advisories. * Local side channel attack on RSA and static Diffie-Hellman * Local side channel attack on classical CBC decryption in (D)TLS * When checking X.509 CRLs, a certificate was only considered as revoked if its revocationDate was in the past according to the local clock if available. Full release announcement: https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.8 Signed-off-by: Magnus Kroken <mkroken@gmail.com> (cherry picked from commit 66893063abf56b7d8c21eceed56e5d27859eaaea)
* mac80211: Fix potential endless loopHauke Mehrtens2020-08-301-0/+31
| | | | | | | Backport a fix from kernel 5.8.3. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit ca5ee6eba34593ec9f8b5b195c94cf6c3f6ff914)
* oxnas: reduce size of ATA DMA descriptor spaceDaniel Golle2020-08-291-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | After years of trying to find the reason for random kernel crashes while both CPU and SATA are under load it has been found. Some odd commented-out #defines in kref's single-port driver [1] which were copied from the vendor driver made me develop a theory: The IO-mapped memory area for DMA descriptors apparetly got some holes just before the alignment boundaries. This feels like an off-by-one bug in the hardware or maybe those fields are used internally by the SATA controller's firmware. Whatever the cause is: they cannot be used and trying to use them results in reading back unexpected stuff and ends up with oopsing Unable to handle kernel paging request at virtual address d085c004 Work around the issue by reducing the area used for bmdma descriptors. This reduces SATA performance (iops) quite a bit, but finally makes things work reliably. Possibly one could optimize this much more by really just skipping the holes in that memory area -- however, that seems to be non-trivial with the driver and libata in it's current form (suggestions are welcome). The 'proper' way to have good SATA performance would be to make use of the hardware RAID features (one can use the JBOD mode to access even just a single disc transparently through the RAID controller integrated in the SATA host instead of accessing the SATA ports 'raw' as we do now). [1]: https://github.com/kref/linux-oxnas/blob/master/drivers/ata/sata_oxnas.c#L25 Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit 5793112f751ee3d9f841af4846d68e6b1ff1bff4, including fixup commit d75e75306301852a848824cf268d8b58eda28a8a)
* mbedtls: update to 2.16.7Magnus Kroken2020-08-272-27/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Mbed TLS 2.16.7 is a maintenance release of the Mbed TLS 2.16 branch, and provides bug fixes and minor enhancements. This release includes fixes for security issues and the most severe one is described in more detail in a security advisory: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-07 * Fix a side channel vulnerability in modular exponentiation that could reveal an RSA private key used in a secure enclave. * Fix side channel in mbedtls_ecp_check_pub_priv() and mbedtls_pk_parse_key() / mbedtls_pk_parse_keyfile() (when loading a private key that didn't include the uncompressed public key), as well as mbedtls_ecp_mul() / mbedtls_ecp_mul_restartable() when called with a NULL f_rng argument. An attacker with access to precise enough timing and memory access information (typically an untrusted operating system attacking a secure enclave) could fully recover the ECC private key. * Fix issue in Lucky 13 counter-measure that could make it ineffective when hardware accelerators were used (using one of the MBEDTLS_SHAxxx_ALT macros). Due to Mbed TLS moving from ARMmbed to the Trusted Firmware project, some changes to the download URLs are required. For the time being, the ARMmbed/mbedtls Github repository is the canonical source for Mbed TLS. Signed-off-by: Magnus Kroken <mkroken@gmail.com> [Use https://codeload.github.com and new tar.gz file] Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 201d6776a0b5858b8ce43a2392c9fe48aa1c4dd7)
* kernel: Update kernel 4.14 to version 4.14.195Hauke Mehrtens2020-08-2743-104/+104
| | | | | | Compile and runtime tested on lantiq/xrx200 and x86/64. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ath79: add support for TP-Link TL-WR710N v2.1Adrian Schmutzler2020-08-245-118/+152
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds support for the TP-Link TL-WR710N v2.1. It is basically a re-issue of the v1.2. Specifications: SoC: Atheros AR9331 CPU: 400 MHz Flash: 8 MiB RAM: 32 MiB WiFi: 2.4 GHz b/g/n Ethernet: 2x 100M ports USB: 1x 2.0 The only difference from the v1 is the TP-Link hardware ID/revision. Attention: The TL-WR710N v2.0 (!) has only 4 MB flash and cannot be flashed with this image. It has a different TPLINK_HWREV, so accidental flashing of the factory image should be impossible without additional measures. Unfortunately, the v2.0 in ar71xx has the same board name, so sysupgrade from ar71xx v2.0 into ath79 v1/v2.1 will not be prevented, but will brick the device. Flashing instruction: Upload the factory image via the OEM firmware GUI upgrade mechanism. Further notes: To make implementation easier if somebody desires to port the 4M v2.0, this already creates two DTSI files. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> Tested-by: Fabian Eppig <fabian@eppig.de> (backported from eb531337a779a48a2d17bc66f0d222325d6c1563)
* tools/tplink-safeloader: use soft_ver 1.9.1 for archer c6 v2Alexander Couzens2020-08-241-1/+1
| | | | | | | | | | | | TP-LINK published a firmware update for the archer c6 v2. This updates also reached the factory devices. Newer software version rejects downgrading to 1.2.x. Use 1.9.x to allow installing the factory images and have a little bit time to change it again. Tested on archer c6 v2 with firmware 1.3.1 Signed-off-by: Alexander Couzens <lynxis@fe80.eu> (cherry picked from commit 6d5d815e3f6850a0dc754bf16053fa34490766f7)
* tplink-safeloader: update soft_ver for TP-Link Archer C6 v2 (EU)Georgi Vlaev2020-08-241-1/+1
| | | | | | | | | | | | | The last couple of TP-Link firmware releases for Archer C6 v2 (EU) have switched to version 1.2.x. Bump the soft_ver to "1.2.1" to allow firmware updates from the vendor web interface. TP-Link vendor firmware releases supported by this change: * Archer C6(EU)_V2_200110: soft_ver:1.2.1 Build 20200110 rel.60119 * Archer C6(EU)_V2_191014: soft_ver:1.2.0 Build 20191014 rel.33289 Signed-off-by: Georgi Vlaev <georgi.vlaev@gmail.com> (cherry picked from commit ff75bbc423eddc09f5349b63c34773b04822f171)
* Revert "scripts/download: add sources CDN as first mirror"Jo-Philipp Wich2020-08-241-1/+0
| | | | | | | | | | | This reverts commit c737a9ee6a9c47b6e553ac81bf293b1161e59799. The source CDN has been discontinued in its current form and will take a while to be reestablished. Even then it makes little sense to put a CDN before other CDNs such as kernel.org, apache.org, sourceforge etc. Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit bf96eb55c82191701030b68810e6f19adbb91eeb)
* generic: platform/mikrotik: fix incorrect testThibaut VARÈNE2020-08-181-1/+1
| | | | | | | The test is meant to check the result of the preceding kmalloc() Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org> (cherry picked from commit d0498872ff71a79f0676cfc6b6b547c499bff712)
* ath79: enable gpio on ar933x by defaultAdrian Schmutzler2020-08-1812-46/+0
| | | | | | | | | | | | | | | | All other SoC DTSI files have gpio enabled by default, only ar9330/ar9331 disable it by default, only to have it enabled again afterwards for each individual device. So, do not disable it in the first place, and drop all device-specific status statements afterwards. Though this is a cosmetic commit, it might be a pitfall for device-support backporters if missing. Since backporting it is trivial, let's just do it. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> (cherry picked from commit dc1280ef652c6522269c7a864810c19362d33dc4)
* ath79: fix syntax error in ar7240_tplink_tl-wa.dtsiAdrian Schmutzler2020-08-171-1/+1
| | | | | | | | | | The node needs to be terminated by a semicolon. Fixes: 8484a764df20 ("ath79: ar724x: make sure builtin-switch is enabled in DT") Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> (cherry picked from commit e329e71c6915ffdf7fe99efc323a6de7867d0cbe)
* ath79: ar724x: make sure builtin-switch is enabled in DTAdrian Schmutzler2020-08-179-12/+8
| | | | | | | | | | | | | | | | | | | | On ar7240/ar7241 the mdioX node with the builtin-switch is enabled in the DTSI files, but the parent ethX node is left disabled. It only gets enabled per device or device family, and has not been enabled at all yet for the TP-Link WA devices with ar7240, making the switch unavailable there. This patch makes sure &eth0/&eth1 nodes are enabled together with the &mdio0/&mdio1 nodes containing the builtin-switch. For ar7240_tplink_tl-wa.dtsi, &eth0 is properly hidden again via compatible = "syscon", "simple-mfd"; This partially fixes FS#2887, however it seems dmesg still does not show cable (dis)connect in dmesg for ar7240 TP-Link WA devices. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> (cherry picked from commit 8484a764df20cdd673c74b583bfbf71e10c02726)
* ath79: WNR612v2: improve device supportMichal Cieslakiewicz2020-08-174-10/+18
| | | | | | | | | | | | | | | | | | This patch improves ath79 support for Netgear WNR612v2. Router functionality becomes identical to ar71xx version. Changes include: * software control over LAN LEDs via sysfs * correct MAC addresses for network interfaces * correct image size in device definition * dts: 'keys' renamed to 'ath9k-keys' * dts: 'label-mac-device' set to eth1 (LAN) * dts: formatting adjustments Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl> (cherry picked from commit d74324e407de7fb641310070762923f7e4cd2d6c) [remove label-mac-device] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* ath79: add LAN LEDs control bits for AR724x GPIO function pinmuxMichal Cieslakiewicz2020-08-171-1/+9
| | | | | | | | | | | | | | | | Currently AR724x pinmux for register 0x18040028 controls only JTAG disable bit. This patch adds new DTS settings to control LAN LEDs and CLKs that allow full software control over these diodes - exactly the same is done by ar71xx target in device setup phase for many routers (WNR2000v3 for example). 'switch_led_disable_pins' clears AR724X_GPIO_FUNC_ETH_SWITCH_LED[0-4]_EN bits. 'clks_disable_pins' clears AR724X_GPIO_FUNC_CLK_OBS[1-5]_EN and AR724X_GPIO_FUNC_GE0_MII_CLK_EN bits. These all should be used together, along with 'jtag_disable_pins', to allow OS to control all GPIO-connected LEDs and buttons on device. Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl> (cherry picked from commit 69df7eb73d9922e5e717b004aae06f93fe692dba)
* ramips: fix Xiaomi MiWiFi Mini switch definitionChih-Wei Chen2020-08-131-6/+6
| | | | | | | | | | | | | | | | | | | | | | Based on OpenWRT Table of Hardware > Xiaomi > Xiaomi Mi WiFi Mini Switch Ports Defaults: 0, 1: LAN 4: WAN 6: CPU Port in Web GUI (word printed on bottom of case) WAN(Internet) map to switch port 4 LAN1(.) map to switch port 1 LAN2(..) map to switch port 0 CPU map to switch port 6 current setting is 1 WAN/ 4 LAN port, fix it. Signed-off-by: Chih-Wei Chen <changeway@gmail.com> [rebased after base-files split, fixed commit title] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> (backported from commit 3e88ab79b03917bc4b03b34db12edf622bde1de1)
* busybox: delete redundant patchMagnus Kroken2020-08-122-14/+1
| | | | | | | | | | | This problem has been fixed in upstream commit 6b6a3d9339f1c08efaa18a7fb7357e20b48bdc95. This patch now (harmlessly) adds the same definition a second time. Signed-off-by: Magnus Kroken <mkroken@gmail.com> [bump PKG_RELEASE] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> (cherry picked from commit 4165232c45df224f32a94f43b9938d13d643b2a8)
* mac80211: Fix build on mpc85xx targetHauke Mehrtens2020-08-112-1/+34
| | | | | | | | | | | | | | | | | | | | | | | | | | This fixes the following compile error seen on the mpc85xx target: CC [M] /linux-mpc85xx_p2020/backports-5.7-rc3-1/drivers/net/wireless/intersil/orinoco/main.o In file included from /builder/shared-workdir/build/staging_dir/toolchain-powerpc_8540_gcc-8.4.0_musl/include/stddef.h:17, from /linux-mpc85xx_p2020/backports-5.7-rc3-1/include/uapi/linux/wireless.h:77, from /linux-mpc85xx_p2020/backports-5.7-rc3-1/include/linux/wireless.h:13, from /linux-mpc85xx_p2020/backports-5.7-rc3-1/drivers/net/wireless/intersil/orinoco/main.c:89: /builder/shared-workdir/build/staging_dir/toolchain-powerpc_8540_gcc-8.4.0_musl/include/bits/alltypes.h:106:15: error: conflicting types for 'ptrdiff_t' typedef _Addr ptrdiff_t; ^~~~~~~~~ In file included from /linux-mpc85xx_p2020/backports-5.7-rc3-1/backport-include/linux/types.h:4, from ./include/linux/list.h:5, from /linux-mpc85xx_p2020/backports-5.7-rc3-1/backport-include/linux/list.h:3, from ./include/linux/module.h:9, from /linux-mpc85xx_p2020/backports-5.7-rc3-1/backport-include/linux/module.h:3, from /linux-mpc85xx_p2020/backports-5.7-rc3-1/drivers/net/wireless/intersil/orinoco/main.c:79: ./include/linux/types.h:65:28: note: previous declaration of 'ptrdiff_t' was here typedef __kernel_ptrdiff_t ptrdiff_t; ^~~~~~~~~ scripts/Makefile.build:265: recipe for target '/linux-mpc85xx_p2020/backports-5.7-rc3-1/drivers/net/wireless/intersil/orinoco/main.o' failed Fixes: d6b158b86981 ("mac80211: Update to 4.19.137-1") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 04b1a11f5ca72a741493addca1b1ae093f37934f)
* x86: Add CONFIG_EFI_CUSTOM_SSDT_OVERLAYSHauke Mehrtens2020-08-111-0/+1
| | | | | | | | | | The CONFIG_EFI_CUSTOM_SSDT_OVERLAYS option was added in kernel 4.14.188, set it for the x86/generic target. This fixes a build problem in the x86/generic target. Fixes: 148d59c67edd ("kernel: update kernel 4.14 to version 4.14.193") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ar71xx: fix ZyXEL NBG6616 wifi switchChristoph Krapp2020-08-111-2/+2
| | | | | | | | The device uses a rf-kill switch instead of a button. Furthermore the GPIO is active high. Signed-off-by: Christoph Krapp <achterin@googlemail.com> (cherry picked from commit 0af656e978f1adac4061516d9d2e661e101ba64c)
* tools/cmake: fix typo in parallel make patchPiotr Stefaniak2020-08-112-1/+2
| | | | | | | | | | | | | | The variable in the case argument was mistyped, so the case always checked against an empty string and never matched. Fix the variable name. Add a PKG_RELEASE to Makefile so we can bump it. Fixes: d6de31310cc1 ("cmake: restore parallel build support for bootstrap") Signed-off-by: Piotr Stefaniak <pstef@freebsd.org> [add commit message, add PKG_RELEASE, fix commit title, add Fixes:] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> (cherry picked from commit e27fbae63c3436ce5588ca06b78ea88c7a316fee)
* mac80211: Update to 4.19.137-1Hauke Mehrtens2020-08-1127-64/+64
| | | | | | | b43 and b43legacy now support ieee80211w, hardware crypto will be deactivated in such cases. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: update kernel 4.14 to version 4.14.193Hauke Mehrtens2020-08-1122-139/+61
| | | | | | Compile and runtime tested on lantiq/xrx200 and ipq40xx. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* scripts: Add Buildbot dump-target-info.pl scriptPaul Spooren2020-08-101-0/+91
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The script comes from buildbot.git[0] and is used to print available targets and architectures, which are then build. As the buildbot clones openwrt.git anyway, the script might as well live here to be used for other cases as well, e.g. determining what architectures are available when building Docker containers or show developers an overview which architectures are used by which target. It's called with either the parameter `architectures` or `targets`, showing architectures followed by supported targets or targets, followed by the supported architectures: $ ./scripts/dump-target-info.pl architectures aarch64_cortex-a53 bcm27xx/bcm2710 mediatek/mt7622 mvebu/cortexa53 sunxi/cortexa53 aarch64_cortex-a72 bcm27xx/bcm2711 mvebu/cortexa72 ... $ ./scripts/dump-target-info.pl targets apm821xx/nand powerpc_464fp apm821xx/sata powerpc_464fp ... In the future the the script could be removed from the buildbot repository and maintained only here. Rename `dumpinfo.pl` to `dump-target-info.pl` to improve verbosity of filename. [0]: https://git.openwrt.org/?p=buildbot.git;a=blob;f=scripts/dumpinfo.pl;h=aa97f8d60379076a41b968402e9337cea824ece5;hb=HEAD Signed-off-by: Paul Spooren <mail@aparcar.org> (cherry picked from commit 656b562aff36d92b0e8586833b59896a55b8a993)
* uboot-envtools: ar71xx: add ZyXEL NBG6616 uboot env supportChristoph Krapp2020-08-101-0/+1
| | | | | | | | | This adds support for ZyXEL NBG6616 uboot-env access Signed-off-by: Christoph Krapp <achterin@googlemail.com> [add "ar71xx" to commit title] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> (cherry picked from commit eb95ca3b5c8b33e3212896f906922eba5f72abb3)
* ar71xx: change u-boot-env to read-write for ZyXEL NBG6616Christoph Krapp2020-08-101-1/+1
| | | | | | | | | | As the ath79 port of this device uses a combined kernel + root partition the uboot bootcmd variable needs to be changed. As using cli/luci is more convenient than opening up the case and using a uart connection, lets unlock the uboot-env partition for write access. Signed-off-by: Christoph Krapp <achterin@googlemail.com> (cherry picked from commit 982c1f6e42c5b3e0f23eedd825a317a2872aa37b)
* hostapd: add wpad-basic-wolfssl variantPetr Štetiar2020-08-103-1/+17
| | | | | | | | | | Add package which provides size optimized wpad with support for just WPA-PSK, SAE (WPA3-Personal), 802.11r and 802.11w. Signed-off-by: Petr Štetiar <ynezz@true.cz> [adapt to recent changes, add dependency for WPA_WOLFSSL config] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> (cherry picked from commit c487cf8e94cbdf582dfc3c2bdaab913a146a2100)
* hostapd: reorganize config selection hierarchy for WPA3Adrian Schmutzler2020-08-101-16/+18
| | | | | | | | | | | | | | | | | | | | | The current selection of DRIVER_MAKEOPTS and TARGET_LDFLAGS is exceptionally hard to read. This tries to make things a little easier by inverting the hierarchy of the conditions, so SSL_VARIANT is checked first and LOCAL_VARIANT is checked second. This exploits the fact that some of the previous conditions were unnecessary, e.g. there is no hostapd-mesh*, so we don't need to exclude this combination. It also should make it a little easier to see which options are actually switched by SSL_VARIANT and which by LOCAL_VARIANT. The patch is supposed to be cosmetic. However, the improvement for readers and the maintained consistency with master qualify this for backporting. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> (cherry picked from commit c4dd7fc23bfcf3b3f1a838668bb070edc9db5d4b)
* ramips: correct WizFi630S pin mappingsTobias Welz2020-08-081-27/+8
| | | | | | | | | | | | WizFi630S had some pins changed in the release version of the board. The run led, wps button and a slide switch where affected. This patch is correcting this. i2c is removed as it is sharing a pin with the run (system) led. uart2 is enabled as it is also enabled in the OEM firmware. Signed-off-by: Tobias Welz <tw@wiznet.eu> (backported from commit d0b229f553a814b22c16976e40a197f892c0c0df) Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* ramips: enable flashing WizFi630S via OEM firmwareTobias Welz2020-08-081-0/+1
| | | | | | | | | | | | WIZnet WizFi630s board name is written slightly different it its OEM OpenWrt firmware. This causes an incompatibility warning during flashing with sysupgrade. This patch is adding the vendor board name to the supported devices list to avoid this warning. For initial flashing you can use sysupgrade via command line or luci beside of TFTP. Do not keep the OEM configuration during sysupgrade. Signed-off-by: Tobias Welz <tw@wiznet.eu> (cherry picked from commit 816973f42aa47d910d3e35c2f8f8eb9d67416396)
* ramips: remove doublet entry in WizFi630S dts fileTobias Welz2020-08-081-4/+0
| | | | | | | | &wmac entry in WIZnet WizFi630S dts file was existing two times. This is removing one of them. Signed-off-by: Tobias Welz <tw@wiznet.eu> (cherry picked from commit b735bbcb1876196f33f044ed07325f8959a8967f)
* ramips: disable unused phy ports of WizFi630STobias Welz2020-08-081-0/+1
| | | | | | | | WIZnet WizFi630S is using only 3 of the phy ports. The unused phy ports draw unnecessarily power. This is disabling the unused phy ports. Signed-off-by: Tobias Welz <tw@wiznet.eu> (cherry picked from commit 36d4c2272ec65490232e70d45b945b9f467b78f0)
* mvebu: fix LAN/WAN port assignment on ClearFog Base/ProJosua Mayer2020-08-071-6/+6
| | | | | | | | | | | | | | | | | The comments in code already describe the intended lan / wan assignment: lan: switch wan: standalone ethernet and sfp Update the interface handles to match the comments, as observed with OpenWRT-19.07-rc2 on a Clearfog Pro Rev 2.0. This also matches the effective assignment on master, while the actual interface names (ethX) are different due to the reassignment in 06_set_iface_mac, which is included in 19.07 but was dropped for master. Signed-off-by: Josua Mayer <josua.mayer@jm0.eu> [extend commit message] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* ar71xx: restore support for boot console with arbitrary baud ratesSungbo Eo2020-08-021-0/+54
| | | | | | | | | | | | Commit 1bfbf2de6df9 ("ar71xx: serial: core: add support for boot console with arbitrary baud rates") added support for arbitrary baud rates which enabled 250000 baud rate for Yun. But the patch was not ported to kernel 4.9, and since then the kernel set its baud rate to 9600. This commit ports the patch to kernel 4.14, thereby restoring the serial console of Yun. Cc: Hauke Mehrtens <hauke@hauke-m.de> Signed-off-by: Sungbo Eo <mans0n@gorani.run> (cherry picked from commit c90db26e051e4f0e7cd32333b3bd8c94a13d599a)
* ath79: restore support for boot console with arbitrary baud ratesAdrian Schmutzler2020-08-021-0/+54
| | | | | | | | | | | | | | | The Arduino Yun uses a baud rate of 250000 by default. The serial is going over the Atmel ATmega and is used to connect to this chip. Without this patch Linux wants to switch the console to 9600 Baud. With this patch Linux will use the configured baud rate and not a default one specified in uart_register_driver(). This has been added for ath79 4.19 and 5.4 in master as part of fc59b2f79b50 ("ath79: add support for Arduino Yun"), this backports it separately to 4.14. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* ar71xx: enable ethernet LED of Arduino YunSungbo Eo2020-08-021-2/+1
| | | | | | | | | Commit 05d73a2a7379 enabled GPIO on ethernet LED, but proper LED setup was not added then. This commit fixes it by reverting the change on the LED. Fixes: 05d73a2a7379 ("ar71xx: Arduino Yun board 'WLAN RST' button support") Signed-off-by: Sungbo Eo <mans0n@gorani.run> (cherry picked from commit a5e404d1923d135d335e4ece83f87e6e891396e2)
* ar71xx: fix sysupgrade for Arduino YunSungbo Eo2020-08-021-1/+1
| | | | | | | | | | Commit bb46b635df48 changed its partition scheme, but sysupgrade image validation still uses the old format. This commit fixes it so that force flag is not needed for sysupgrade. Fixes: bb46b635df48 ("ar71xx: move Arduino Yun to generic building code") Signed-off-by: Sungbo Eo <mans0n@gorani.run> (cherry picked from commit 58dc1d0637425cfe023192466e6212009332b677)
* Revert "ar71xx: fix Arduino Yun enabling of level shifters outputs"Sungbo Eo2020-08-021-2/+2
| | | | | | | | | | This reverts commit 077253dd666a30ae5231c3748222d4b5b138593d. The output enable pins should be disabled by default, and only enabled when used. Otherwise unwanted conflicts might occur between MCU and SoC pins. Signed-off-by: Sungbo Eo <mans0n@gorani.run> (cherry picked from commit 43896dc0b005adfb512c027a27781c971440d415)
* ramips: add kmod-usb-dwc2 to ZyXEL Keenetic imageAlexey Dobrovolsky2020-08-021-1/+2
| | | | | | | | | | | | ZyXEL Keenetic has a USB port. Thus, DWC2 USB controller driver should be in the default image for this device. Fixes: a7cbf59e0e04 ("ramips: add new device ZyXEL Keenetic as kn") Signed-off-by: Alexey Dobrovolsky <dobrovolskiy.alexey@gmail.com> [fixed whitespace issue] Signed-off-by: Petr Štetiar <ynezz@true.cz> (backported from commit 0a182fcba6d9cb2cf74cae9114ea4770ef928f75) Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* ramips: remove patches for USB-dwc2Alexey Dobrovolsky2020-08-021-29/+0
| | | | | | | | | | | | | | | In FS#2738 we can see that patch first introduced in e8ebcff ("ramips: add a explicit reset to dwc2") breaks USB functionality since 18.06. Thus, this patch should be removed. Removed: - 0032-USB-dwc2-add-device_reset.patch Fixes: FS#2738 Fixes: FS#2964 Signed-off-by: Alexey Dobrovolsky <dobrovolskiy.alexey@gmail.com> (cherry picked from commit ab841b4393a4077a5819da1da040ab9a89e3b69d)
* hostapd: improve TITLE for packagesAdrian Schmutzler2020-07-301-25/+33
| | | | | | | | | | | | | | | For a few packages, the current TITLE is too long, so it is not displayed at all when running make menuconfig. Despite, there is no indication of OpenSSL vs. wolfSSL in the titles. Thus, this patch adjusts titles to be generally shorter, and adds the SSL variant to it. While at it, make things easier by creating a shared definition for eapol-test like it's done already for all the other flavors. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> (cherry picked from commit 917980fd8a6589d6911797211f1871016f527f8c)
* mediatek: mt7623: fix sysupgrade from vendor OpenWrt on UniElec U7623David Woodhouse2020-07-303-6/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This board ships with an ancient 14.07-based OpenWrt using block2mtd, and the MBR partition table contains nonsense. It is possible to sysupgrade to an upstream OpenWrt image, but the legacy layout of the OpenWrt images start at 0xA00 in the eMMC, with a raw uImage. The legacy OpenWrt image doesn't "own" the beginning of the device, including the MBR and U-Boot. This means that when a user upgrades to upstream OpenWrt, it doesn't boot because it can't find the right partitions. So hard-code them on the kernel's command line using CONFIG_CMDLINE_PARTITION (for block). Additionally, the vendor firmware doesn't cope with images larger than about 36MiB, because it only overwrites the contents of its "firmware" MTD partition. The current layout of the legacy image wastes a lot of space, allowing over 32MiB for the kernel and another 10MiB for the FAT recovery file system which is only created as 3MiB. So pull those in to allow 4¾ MiB for the kernel, 3MiB for recovery, and then we have over 20MiB for the root file system. This doesn't affect the new images which ship with a full eMMC image including a different MBR layout and a partition for U-Boot, because our modern U-Boot can actually pass the command line to the kernel, and the built-in one doesn't get used anyway. Tested by upgrading from vendor OpenWrt to the current legacy image, from legacy to itself, to the previous legacy layout, and then to finally the full-system image. Signed-off-by: David Woodhouse <dwmw2@infradead.org> (cherry picked from commit 6eb63019afef89404899f2cb65fb4c16e00aa0ed)
* mediatek: mt7623: add explicit console= to U7623 kernelDavid Woodhouse2020-07-301-1/+1
| | | | | | | | The bootloader for legacy builds can't set it, so we end up unable to log in on the serial port. Signed-off-by: David Woodhouse <dwmw2@infradead.org> (cherry picked from commit ea9ef8c9451a08aa4dbb6efcbe5f20d9b788ebd2)
* curl: patch CVE-2020-8169Jan Pavlinec2020-07-292-1/+39
| | | | | | | | | | | Affected versions: curl 7.62.0 to and including 7.70.0 https://curl.haxx.se/docs/CVE-2020-8169.html Run tested on Omnia with OpenWrt 19.07 Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz> [added missing commit description] Signed-off-by: Petr Štetiar <ynezz@true.cz>
* make_ext4fs: Update to version 2020-01-05Hauke Mehrtens2020-07-292-14/+3
| | | | | | | | 5c201be Add LDFLAGS when building libsparse.a ec17045 make_ext4fs: fix build on musl systems Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 271d0c825ba5821160e4a516497796fa342c2eff)