aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Revert "build: remove harmful -nopad option from mksquashfs"Jonas Gorski2019-09-071-1/+1
| | | | | | | | | | | | | | This reverts commit 1c0290c5cc6258c48b8ba46b4f9c85a21de4f875. Dropping the nopad can make the padding overflow into the next erase block on devices using a non-aligned rootfs start. This breaks the jffs2 overlay partition with the following messages: [ 30.343877] jffs2_scan_eraseblock(): End of filesystem marker found at 0x10000 [ 30.376512] jffs2: Cowardly refusing to erase blocks on filesystem with no valid JFFS2 nodes [ 30.385253] jffs2: empty_blocks 196, bad_blocks 0, c->nr_blocks 197 Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
* odhcp6c: update to latest git HEADHans Dedecker2019-09-071-2/+2
| | | | | | e199804 dhcpv6: sanitize oro options Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* bcm53xx: extend firmware validationRafał Miłecki2019-09-061-1/+11
| | | | | | | This provides TRX validation result to the validation JSON. It also prevents users from installing broken firmware files. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* uboot-fritz4040: build with ipq40xx "generic" subtargetYousong Zhou2019-09-061-0/+1
| | | | | | Fixes: 853e4dd3 ("ipqx0xx: add Generic subtarget") Ref: https://forum.openwrt.org/t/ipq40xx-snapshot-not-updated-since-22nd-august/44126 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* treewide: use new procd sysupgrade $UPGRADE_BACKUP variableRafał Miłecki2019-09-0523-27/+26
| | | | | | | | | | It's a variable set by procd that should replace hardcoded /tmp/sysupgrade.tgz. This change requires the most recent procd with the commit 0f3c136 ("sysupgrade: set UPGRADE_BACKUP env variable"). Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* procd: update to the latest git HEADRafał Miłecki2019-09-051-3/+3
| | | | | | | | | | 0f3c136 sysupgrade: set UPGRADE_BACKUP env variable 0bcbbbf system: fix uninitialized variables in firmware validation code This update includes a fix for uninitialized variable usage. Fixes: 7290963d0992 ("procd: update to the latest git HEAD") Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: use get_mac_binary() in mtd_get_mac_binary_ubi()Adrian Schmutzler2019-09-051-6/+1
| | | | | | | | | | | | The actual retrieval of the MAC address in mtd_get_mac_binary_ubi() is the same as in get_mac_binary(). Thus, use the latter function in the former to reduce duplicate code. This will also allow to benefit from the enhanced path check there and bring mtd_get_mac_binary_ubi() more in line with the similar mtd_get_mac_binary(). Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files: fix mtd_get_mac_text not accepting hex offsetsDavid Bauer2019-09-051-1/+1
| | | | | | | | | | | The mtd_get_mac_text helper method did not support hexadecimal offset values, resulting them to break after 75bfc393ba6c ("treewide: convert MAC address location offsets to hexadecimal") This commit fixes this by evaluating the hexadecimal input, converting them to decimal. Signed-off-by: David Bauer <mail@david-bauer.net>
* treewide: when copying a backup file always specify dest nameRafał Miłecki2019-09-0513-13/+13
| | | | | | | $CONF_TAR shouldn't be assumed to always point to the sysupgrade.tgz. This change makes code more generic and allows refactoring $CONF_TAR. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* treewide: don't hardcode "sysupgrade.tgz" file nameRafał Miłecki2019-09-0517-28/+37
| | | | | | | | 1) Add BACKUP_FILE and use it when copying an archive to be restored after sysupgrade (on the next preinit). 2) Use CONF_TAR for copying backup prepared by the /sbin/sysupgrade Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* treewide: fix invalid UPGRADE_OPT_SAVE_CONFIG spellingsRafał Miłecki2019-09-055-7/+7
| | | | | | | That was a result of accidentally running "sed" twice on some files. Fixes: 5797fe84a3b5 ("treewide: replace remaining (not working now) $SAVE_CONFIG uses") Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* treewide: replace remaining (not working now) $SAVE_CONFIG usesRafał Miłecki2019-09-059-11/+11
| | | | | | | This var has been replaced by the $UPGRADE_OPT_UPGRADE_OPT_SAVE_CONFIG Fixes: b534ba961100 ("base-files: pass "save_config" option to the "sysupgrade" method") Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* uboot-envtools: Update to U-Boot version 2019.07Hauke Mehrtens2019-09-042-7/+7
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* tools/mkimage: Update U-Boot to version 2019.07Hauke Mehrtens2019-09-0410-159/+212
| | | | | | | | | | | | | This updates the U-Boot which provides the host tools like mkimage to version 2019.07. The patches were cleaned up and it was checked if this still compiles on Linux and FreeBSD. CONFIG_FIT_SIGNATURE_MAX_SIZE is set to the default value. The patch for libressl was merged upstream. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* brcm2708: update to latest patches from RPi foundationÁlvaro Fernández Rojas2019-09-041250-64804/+66461
| | | | Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* brcm2708: bcm2711: remove custom config fileÁlvaro Fernández Rojas2019-09-042-20/+1
| | | | | | Forcing arm_64bit is no longer required with latest firmware. Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* brcm2708-gpu-fw: update to latest firmwareÁlvaro Fernández Rojas2019-09-041-15/+15
| | | | Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* ramips: improve support for Xiaomi Miwifi NanoChuanhong Guo2019-09-043-4/+14
| | | | | | | | | | | | | | | This patch does the following things: 1. mark u-boot-env writable 2. add bootcount support Currently, u-boot has a flag_boot_success env variable to reset. Also reset it in our firmware to follow the behavior in vendor's firmware. 3. disable usb support This router doesn't have usb port at all. 4. increase spi clock to 40MHz 5. fix pinmux groups Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
* procd: update to the latest git HEADRafał Miłecki2019-09-041-3/+3
| | | | | | | | | | | | 34ac88c system: reject sysupgrade of invalid firmware images by default f55c235 system: reject sysupgrade of broken firmware images e990e21 system: add "validate_firmware_image" ubus method This update changes "sysupgrade" ubus method API. It's now required to pass "force" attribute whenever invalid firmware is meant to be installed. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* base-files: pass "force" parameter to the "sysupgrade" callRafał Miłecki2019-09-041-0/+3
| | | | | | | This makes sysupgrade work with the most recent procd that validates firmware before proceeding. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* brcm47xx: extend firmware validationRafał Miłecki2019-09-041-1/+11
| | | | | | | | | | | | | | | | | | | | | | | | This provides TRX validation result, so final JSON may look like: { "tests": { "fwtool_signature": true, "fwtool_device_match": true, "trx_valid": true }, "valid": true, "forceable": true } It also prevents users from installing broken firmware files, e.g.: root@OpenWrt:/# sysupgrade -F -n /tmp/TZ Image metadata not found Invalid image type. Please use firmware specific for this device. Image check failed but --force given - will update anyway! Commencing upgrade. Closing all shell sessions. Firmware image is broken and cannot be installed Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* brcm2708: restore UART on RPi 0W, 3B, 3B+ and 4BÁlvaro Fernández Rojas2019-09-034-0/+27
| | | | | | Disable Bluetooth and restore UART to GPIOs 14 & 15. Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* ath79: add support for TP-Link WDR3500 v1Adrian Schmutzler2019-09-036-131/+238
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Hardware: SoC: AR9344 CPU: 560 MHz Flash: 8 MiB RAM: 128 MiB WiFi: Atheros AR9340 2.4GHz 802.11bgn Atheros AR9300 5GHz 802.11an Ethernet: AR934X built-in switch, WAN on separate physical interface USB: 1x 2.0 Flash instruction (WebUI): Download *-factory.bin image and upload it via the firmwary upgrade function of the stock firmware WebUI. Flash instruction (TFTP): 1. Set PC to fixed ip address 192.168.0.66 2. Download *-factory.bin image and rename it to wdr3500v1_tp_recovery.bin 3. Start a tftp server with the image file in its root directory 4. Turn off the router 5. Press and hold Reset button 6. Turn on router with the reset button pressed and wait ~15 seconds 7. Release the reset button and after a short time the firmware should be transferred from the tftp server 8. Wait ~30 second to complete recovery. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> [removed stray newline] Signed-off-by: David Bauer <mail@david-bauer.net>
* upslug2: Update to git repositoryRosen Penev2019-09-032-297/+7
| | | | | | | | | | | | | | This has two improvements over the current version. An autotools fix and application of the wrt350v2 patch. Cleaned up Makefile as a result of makefiles being fixed. Note that this package is not really used as it depends on orion, which is classified as broken. This is the last package that uses svn in the tree. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* sdk: use bundle-libraries.sh to ship kernel objtool toolsJo-Philipp Wich2019-09-031-8/+2
| | | | | | | | | | Ensure that the kernel objtool utilities are processed by the library bundler in order to ensure that they're usable on foreign systems with different libc versions. Fixes: a9f6fceb42 ("sdk: fix building external modules when CONFIG_STACK_VALIDATION=y") Acked-by: Yousong Zhou <yszhou4tech@gmail.com> Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* include: kernel-build: pass pkg-config overrides to kernel buildJo-Philipp Wich2019-09-031-0/+6
| | | | | | | | | | | | | Pass suitable pkg-config overrides to the kernel build process in order to let our pkg-config wrapper discover libraries provided by tools/. This mainly affects the use of libelf which is required for the CONFIG_STACK_VALIDATION features. So far, the build system either silently used host system libraries or kbuild simply disabled the feature due to the lack of a suitable libelf. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* tools: libelf: fix headers to trigger -Wundef warningsJo-Philipp Wich2019-09-031-0/+198
| | | | | | | | | | | | When libelf from tools/ is used for building the kernel, compilation aborts due to access to undefined defines since Kbuild adds -Wundef to the compiler flags. Patch the header files to use `#if defined(...)` instead of `#if ...` to prevent such issues. Ref: https://github.com/NixOS/nixpkgs/issues/59929 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* tools: libelf: install pkg-config fileJo-Philipp Wich2019-09-031-1/+3
| | | | | | | Install the pkg-config definition for libelf in order to allow the kernel build process discover it later on. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* bcm53xx: add generic subtargetPaul Spooren2019-09-022-0/+2
| | | | | | | | | | Same game as for 853e4dd3062df7cb5704b15d6af6730e3194b571. Add generic to the filenames. CC: Hauke Mehrtens <hauke@hauke-m.de> Signed-off-by: Paul Spooren <mail@aparcar.org> Acked-by: Rafał Miłecki <rafal@milecki.pl>
* scripts/feeds: fix 'src-include' directiveBjørn Mork2019-09-021-1/+1
| | | | | | | | | | | | Commit 775b70f8d5df renamed parse_file() parameters without updating the recursive call. This broke parsing of any feeds.conf using 'src-include'. $ scripts/feeds update -a Can't use string ("defaults") as a HASH ref while "strict refs" in use at scripts/feeds line 63, <$fh> line 1. Fixes: 775b70f8d5df ("scripts/feeds: allow adding parameters to feeds") Signed-off-by: Bjørn Mork <bjorn@mork.no>
* uci: update to latest Git HEADHauke Mehrtens2019-09-011-3/+3
| | | | | | 415f9e4 uci/file: replace mktemp() with mkstemp() Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* iwinfo: update to latest Git HEADHauke Mehrtens2019-09-011-3/+3
| | | | | | | | f599a8d iwinfo: Fix rate buffer size 71ec9be iwinfo: Fix buffer size f8ef450 iwinfo: Add support for WPA3 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* grub2: bump to 2.04Tomasz Maciej Nowak2019-09-017-187/+11
| | | | | | | | | | | | | | | | | | | | | * GCC 8 and 9 support. * Gnulib integration overhaul. * RISC-V support. * Xen PVH support. * Native UEFI secure boot support. * UEFI TPM driver. * New IEEE 1275 obdisk driver. * Btrfs RAID 5 and RIAD 6 support. * bootin from F2FS support. * PARTUUID support. * VLAN support. * Native DHCP support. * Many ARM and ARM64 fixes. * Many SPARC fixes. * Many IEEE 1275 fixes. * ...and tons of other fixes and cleanups... Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
* uboot-zynq: update to 2019.07Luis Araneda2019-09-015-569/+28
| | | | Signed-off-by: Luis Araneda <luaraneda@gmail.com>
* Fix handling of BUILD_SUFFIX in remote-gdb scriptThomas Langer2019-09-011-4/+4
| | | | | | | | | When CONFIG_BUILD_SUFFIX is enabled, the target-* folders in build_dir and staging_dir have this suffix in the name, but not the toolchain directories. When detecting the names for "arch" and "libc", also accept the suffix and do not use it for the toolchain path. Signed-off-by: Thomas Langer <thomas.langer@intel.com>
* tools/cmake: Update to 3.15.1Daniel Engberg2019-09-015-33/+22
| | | | | | | | | | | | Update CMake to 3.15.1 Refresh patches Remove inofficial fossies.org and replace with GitHub (link on official site) Remove 150-C-feature-checks-Match-warnings-more-strictly.patch as it's a no longer needed backport from upstream. Disable ccache if GCC is 4.8, 4.9 or 5.X to avoid build failures. Reference: https://github.com/openwrt/openwrt/pull/1929 Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* nftables: bump to version 0.9.2Konstantin Demin2019-09-012-31/+4
| | | | | | | | | | | | | | - exclude Python-related stuff from build - drop patches: * 010-uclibc-ng.patch, applied upstream ipkg size decrease by 2.8%: old: 194.851 nftables_0.9.0-2_arm_cortex-a7_neon-vfpv4.ipk new: 189.581 nftables_0.9.2-1_arm_cortex-a7_neon-vfpv4.ipk Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* libnftnl: bump to version 1.1.4Konstantin Demin2019-09-011-2/+2
| | | | | | | | | | | | ABI version is same. The ipkg size increase by about 2.2%: old: 47.909 libnftnl11_1.1.3-1_arm_cortex-a7_neon-vfpv4.ipk new: 48.985 libnftnl11_1.1.4-1_arm_cortex-a7_neon-vfpv4.ipk Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* mvebu: fix Linksys WRT LAN/WAN MAC addressesDENG Qingfang2019-09-011-2/+2
| | | | | | | | | According to 02_network, eth0.1 is LAN and eth1.2 is WAN, but $mac_wan was assigned incorrectly to eth0 in preinit. Swap eth0 and eth1 to fix this. Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
* kernel: net_sched: fix a NULL pointer deref in ipt actionCong Wang2019-09-014-2/+582
| | | | | | | | | | | | | | | | | | | | The net pointer in struct xt_tgdtor_param is not explicitly initialized therefore is still NULL when dereferencing it. So we have to find a way to pass the correct net pointer to ipt_destroy_target(). The best way I find is just saving the net pointer inside the per netns struct tcf_idrinfo, which could make this patch smaller. Fixes: 0c66dc1ea3f0 ("netfilter: conntrack: register hooks in netns when needed by ruleset") Reported-and-tested-by: Tony Ambardar <itugrok@xxxxxxxxx> Cc: Jamal Hadi Salim <jhs@xxxxxxxxxxxx> Cc: Jiri Pirko <jiri@xxxxxxxxxxx> Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com> [Backport for kernel v4.19 and v4.14] [Bug Link: https://bugzilla.kernel.org/show_bug.cgi?id=204681] Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
* rpcd: update to latest Git HEADJo-Philipp Wich2019-09-011-3/+3
| | | | | | | 821045f file: add path based read/write/exec ACL checks fb337e5 file: add stat() information to directory listings Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* uhttpd: add support to generate EC keysEneas U de Queiroz2019-09-013-2/+14
| | | | | | | | This adds the key_type and ec_curve options to enable the generation of EC keys during initialization, using openssl or the new options added to px5g. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* px5g: support EC keysEneas U de Queiroz2019-09-012-19/+71
| | | | | | | | | | | | | | | | | | This adds an 'eckey' command to generate an EC key, with an optional curve name argument, with P-256 as default. For the 'selfsigned' command, it adds an 'ec' algorithm argument to the '-newkey' option, and a '-pkeyopt ec_paramgen_curve:<curvename>' option, mirroring the way openssl specifies the curve name. Notice that curve names are not necessarily the same in mbedtls and openssl. In particular, secp256r1 works for mbedtls, but openssl uses prime256v1 instead. px5g uses mbedtls, but short NIST curve names P-256 and P-384 are specifically supported. Package size increased by about 900 bytes (arm). Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* openssl: always build with EC supportEneas U de Queiroz2019-09-012-19/+2
| | | | Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* ath79: image: disable sysupgrade images for routerstations and ja76pf2Tomasz Maciej Nowak2019-09-012-5/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Because a bug in handling partial erase blocks in 4.19 kernel, using sysupgrade images will hard brick devices that use RedBoot bootloader and have "FIS directory" with "RedBoot config" on the same erase block. Since flashing the devices from bootloader is safe, and to not cause a situation where external chip programmer or JTAG is needed, disable sysupgrade images for affected boards while creating kernel.bin and rootfs.bin for jjPlus JA76PF2 board, which doesn't have factory image. To set up the JA76PF2 board follow "Installation" instructions in b3a0c97 ("ath79: add support for jjPlus JA76PF2") except the part of loading initramfs image and using sysupgrade image for flashing (point 6 and 7). Enter following commands to flash the board from bootloader: fis init load -r -b 0x80060000 <openwrt_kernel_image_name> fis create linux load -r -b %{FREEMEMLO} <openwrt_rootfs_image_name> fis create rootfs fis load -l linux exec -c "" For RouterStations use TFTP recovery procedure. Ref: FS#2428 Cc: Matt Merhar <mattmerhar@protonmail.com> Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
* ath79: fix FIS partition detection for 4.19 kernelTomasz Maciej Nowak2019-09-011-0/+44
| | | | | | | | | When bumping to 4.19 the patch responsible for scaning flash for FIS partition got left out. Without it devices with RedBoot bootloader using automatic partitions detection in dts won't boot with the new kernel. Fixes: 3771176 ("ath79: add support for linux 4.19") Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
* ath79: image: add supported string for routerstations and ja76pf2Tomasz Maciej Nowak2019-09-012-0/+3
| | | | | | | | | Now that the md5 check is fixed and metadata present, sysupgrade on ar71xx will complain about device not being supported by the image. Since the cause is not matching strings for supported devices add them accordingly. Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
* ath79: image: append metadata to routerstations and ja76pf2 imagesTomasz Maciej Nowak2019-09-012-2/+2
| | | | | | | | This target enforces metadata check so add the necessary information. It was previously removed because md5 sum check. When using these sysupgrade images on ar71xx target the check would complain about them not matching. Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
* ar71xx: sysupgrade: accept ath79 combined-imageTomasz Maciej Nowak2019-09-011-1/+1
| | | | | | | | | | There is md5 sum of whole image embedded in combined-image header which is checked on sysupgrade. The check will fail for ath79 images which may have embedded metadata. This is because metadata are appended after the combined image is created. To allow smooth transition from ar71xx to ath79, strip metadata before calculating md5 sum for whole image. Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
* ath79: image: retire combined-image for Adtran/Bluesocket devicesTomasz Maciej Nowak2019-09-011-1/+1
| | | | | | | | | | | | During review it slipped by that these devices use combined-image which should never be used for newly added ones. Therefore switch to sysupgrade-tar generated images introduced in 8f6f260 ("ath79: routerstation: prepare to use sysupgrade-tar format image"). The sysupgrade accepts both images for now so no reression should occur. Cc: Brian Gonyer <bgonyer@gmail.com> Cc: Daniel Gimpelevich <daniel@gimpelevich.san-francisco.ca.us> Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>