| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
4cd7d4f Revert "firewall3: support table load on access on Linux 5.15+"
50979cc firewall3: remove unnecessary fw3_has_table
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
|
| |
|
|
|
|
| |
Tested on GL.iNet E750
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
| |
|
|
| |
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
| |
|
|
|
|
|
|
| |
Both legacy iptables and nftables require nf-log modules for rule logging,
so move them into a separate package both firewall implementations can
depend on.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
| |
|
|
|
|
| |
Fixes OFDM rates on 5 GHz
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes:
new features:
- qsort_r function (POSIX-future)
- pthread_getname_np extension function
- hard float on SPE FPU for powerpc-sf
- SEEK_DATA and SEEK_HOLE exposed in unistd.h (Linux extensions)
compatibility:
- free now preserves errno (POSIX-future requirement)
- setjmp is declared explicitly with returns_twice for non-GCC compilers
- macro version of isascii is no longer defined for C++
- dynamic linker now tolerates zero-length LOAD segments
- epoll_[p]wait is now a cancellation point
- pwd/grp functions no longer fail on systems without AF_UNIX support
- POSIX TZ parsing is stricter to allow more names to fallback to files
- NULL is now defined as nullptr when used in C++11 or later
- gettext now accepts null pointer as argument
bugs fixed:
- old regression in wcwidth of Hangul combining (vowel/final) letters
- duplocale used wrong malloc when malloc was replaced (1.2.2 regression)
- fmaf rounded wrong on archs without FE_TOWARDZERO (all softfloat archs)
- popen didn't honor requirement not to leak other popen pipe fds to child
- aligned_alloc and variants crashed on allocation failure
- dl_iterate_phdr reported incorrect module TLS pointers
- mishandling of some inputs in acoshf and expm1f and functions using them
- potentially wrong-sign zero in cproj functions at infinity
- multiple bugs in legacy function cuserid
- minor posix_spawn file actions API conformance issues
- pthread_setname_np fd leak
- out-of-bound read in zoneinfo handling with distant-past times
- out-of-tree builds lacked generated debug cfi for x86 asm
arch-specific bugs fixed:
- powerpc (32-bit) struct shmid_ds layout was wrong for some fields
- time64 struct layout was wrong in sound ioctl fallback (32-bit archs)
In addition it contains the following improvements:
* protect stack canary from leak via read-as-string by zeroing second byte
* fix excessively slow TLS performance on some mips models
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Rui Salvaterra <rsalvaterra@gmail.com>
Tested-by: Rui Salvaterra <rsalvaterra@gmail.com>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
| |
|
|
|
|
| |
Have nftables-json conflict with nftables-nojson.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes two high-severity vulnerabilities:
- CVE-2022-25640: A TLS v1.3 server who requires mutual authentication
can be bypassed. If a malicious client does not send the
certificate_verify message a client can connect without presenting a
certificate even if the server requires one.
- CVE-2022-25638: A TLS v1.3 client attempting to authenticate a TLS
v1.3 server can have its certificate heck bypassed. If the sig_algo in
the certificate_verify message is different than the certificate
message checking may be bypassed.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Use ARMv8 Crypto Extensions for AES, ghash and sha256.
This results in a 16 times speed gain in speed for aes-128-ctr, 17x in
aes-128-gcm, and 9 times in sha256.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
Generate FAT filesystem for EFI boot in a reproducible way:
* use '--invariant' option of mkfs.fat
* set timestamps of all files to SOURCE_DATE_EPOCH
* make sure files are ordered locale-independent
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This updates mac80211 to version 5.15.33-1 which is based on kernel
5.15.33.
The removed patches were applied upstream.
This new release contains many fixes which were merged into the upstream
Linux kernel.
This also contains the following new drivers which are needed for ath11k:
* net/qrtr/
* drivers/bus/mhi/
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
|
|
|
|
| |
Export SOURCE_DATE_EPOCH to environment so filesystem and image
creation tools will make use of it.
Fixes reproducibility of images generated with the ImageBuilder.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
| |
|
|
|
|
|
|
| |
As anyway only the default is called now we can as well also just remove
the override for Build/Configure.
Fixes: e2cffbb805 ("arm-trusted-firmware-mediatek: update to 2021-03-10")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
ARM Trusted Firmware builds do not depend on any target libraries as
they are bare-metal builds. However, the compiler aborts due to
-Werror=missing-include-dirs if the include dir doesn't exists and this
can happen when building with parallelisation as that makes it likely
for arm-trusted-firmware-* to be build very early before any of the
libraries which would implicitely create the directory.
Fix this by making sure the include dir exists before building.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Removed upstreamed:
generic/backport-5.10/350-v5.18-MIPS-pgalloc-fix-memory-leak-caused-by-pgd_free.patch
generic/pending-5.10/850-0014-PCI-aardvark-Fix-reading-PCI_EXP_RTSTA_PME-bit-on-em.patch
ipq40xx/patches-5.10/105-ipq40xx-fix-sleep-clock.patch
All patches automatically rebased.
Build system: x86_64
Build-tested: bcm2711/RPi4B, mt7622/RT3200
Run-tested: bcm2711/RPi4B, mt7622/RT3200
Compile-/run-tested: ath79/generic (Archer C7 v2).
Signed-off-by: John Audia <graysky@archlinux.us>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Deleted (upstreamed):
generic/backport-5.15/350-v5.18-MIPS-pgalloc-fix-memory-leak-caused-by-pgd_free.patch [1]
generic/backport-5.15/730-v5.16-hv-utils-add-PTP_1588_CLOCK-to-Kconfig-to-fix-build.patch [2]
generic/pending-5.15/850-0014-PCI-aardvark-Fix-reading-PCI_EXP_RTSTA_PME-bit-on-em.patch [3]
generic/pending-5.15/850-0002-PCI-aardvark-Fix-reading-MSI-interrupt-number.patch [4]
Manually rebased:
generic/pending-5.15/850-0002-PCI-aardvark-Fix-reading-MSI-interrupt-number.patch
ramips/patches-5.15/710-at803x.patch
[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.33&id=d29cda15cab086d82d692de016f7249545d4b6b4
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.33&id=d5aad7d63b1b5c1f3c4b69e12c05e7c7d196fae8
[3] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.33&id=ed750e22e44366e264bcdf7b1cf0713f08f7980a
[4] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.33&id=0fe94b84c43cfea867e1721606185e8686d7d32f
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
[Refresh patches again]
[Remove generic/pending-5.15/850-0002-PCI-aardvark-Fix-reading-MSI-interrupt-number.patch]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
|
|
| |
Patches automatically rebased.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit add some enabled symbols to generic config.
LTO is only supported by clang compiler and therefore should
be disabled in the generic config instead of duplicating this
symbol in each target. CONFIG_LTO_NONE do this job.
The second group of symbols is enabled by the options available
in the generic config and is therefore added here:
* CONFIG_AF_UNIX_OOB is selected by CONFIG_NET && CONFIG_UNIX,
* CONFIG_BINARY_PRINTF is selected by CONFIG_BPF_SYSCALL,
* CONFIG_NET_SOCK_MSG is selected by CONFIG_BPF_SYSCALL && CONFIG_NET.
The other symbols are disabled and should be in the generic config.
This commit also removes these symbols from subtargets.
Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
|
| |
|
|
|
|
|
|
| |
Fix aardvak pci controller pending patch. Use generic_handle_domain_irq
and fix rebase error.
Fixes: 483503603cb2 ("generic: 5.15: rework pending patch")
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
|
| |
|
|
|
|
| |
Add 5.15 as testing kernel.
Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
|
| |
|
|
|
|
|
| |
These new symbols are common for all subtargets and
can be moved into target config.
Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
|
| |
|
|
|
|
|
|
| |
This was done by executing these commands:
$ make kernel_oldconfig CONFIG_TARGET=subtarget
$ make kernel_oldconfig CONFIG_TARGET=subtarget_platform
Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
|
| |
|
|
|
|
| |
Copy config files from 5.10.
Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
|
| |
|
|
|
|
|
|
| |
This was done by executing these commands:
$ make kernel_oldconfig CONFIG_TARGET=subtarget
$ make kernel_oldconfig CONFIG_TARGET=subtarget_platform
Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
|
| |
|
|
|
|
| |
RT-AC2200 is the same device with a different name. The OEM firmwares have the same MD5.
Signed-off-by: Ray Wang <raywang777@foxmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These devices only have 6MiB available for firmware, which is not
enough for recent release images, so move these to the tiny target.
Note for users sysupgrading from the previous ath79-generic snapshot
images:
The tiny target kernel has a 4Kb flash erase block size instead
of the generic target's 64kb. This means the JFFS2 overlay partition
containing settings must be reformatted with the new block size or else
there will be data corruption.
To do this, backup your settings before upgrading, then during the
sysupgrade, de-select "Keep Settings". On the CLI, use "sysupgrade -n".
If you forget to do this and your system becomes unstable after
upgrading, you can do this to format the partition and recover:
* Reboot
* Press RESET when Power LED blinks during boot to enter Failsafe mode
* SSH to 192.168.1.1
* Run "firstboot" and reboot
Signed-off-by: Joe Mullally <jwmullally@gmail.com>
Tested-by: Robert Högberg <robert.hogberg@gmail.com>
|
| |
|
|
|
|
|
|
| |
Fix compilation and usage under kernel 5.15 for the mwlwifi driver.
For detailed description of changes, check individual patches.
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- update dropbear to latest stable 2022.82;
for the changes see https://matt.ucc.asn.au/dropbear/CHANGES
- use $(AUTORELEASE) in PKG_RELEASE
- use https for all uris
- refresh all patches
- rewrite patches:
- 100-pubkey_path.patch
- 130-ssh_ignore_x_args.patch
binary/pkg size changes:
- ath79/generic, mips:
- binary: 215112 -> 219228 (+4116)
- pkg: 111914 -> 113404 (+1490)
- ath79/tiny, mips:
- binary: 172501 -> 172485 (-16)
- pkg: 89871 -> 90904 (+1033)
Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes:
Duncan Roe (5):
nlmsg: Fix a missing doxygen section trailer
build: doc: "make" builds & installs a full set of man pages
build: doc: get rid of the need for manual updating of Makefile
build: If doxygen is not available, be sure to report "doxygen: no" to ./configure
src: doc: Fix messed-up Netlink message batch diagram
Fernando Fernandez Mancera (1):
src: fix doxygen function documentation
Florian Westphal (1):
libmnl: zero attribute padding
Guillaume Nault (1):
callback: mark cb_ctl_array 'const' in mnl_cb_run2()
Kylie McClain (1):
examples: nfct-daemon: Fix test building on musl libc
Laura Garcia Liebana (4):
examples: add arp cache dump example
examples: fix neigh max attributes
examples: fix print line format
examples: reduce LOCs during neigh attributes validation
Pablo Neira Ayuso (3):
doxygen: remove EXPORT_SYMBOL from the output
include: add MNL_SOCKET_DUMP_SIZE definition
build: libmnl 1.0.5 release
Petr Vorel (1):
examples: Add rtnl-addr-add.c
Stephen Hemminger (1):
examples: rtnl-addr-dump: fix typo
igo95862 (1):
doxygen: Fixed link to the git source tree on the website.
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes:
c63f193 bump version to 1.0.2
3cffa84 libnfnetlink: Check getsockname() return code
90ba679 include: Silence gcc warning in linux_list.h
bb4f6c8 Make it clear that this library is deprecated
e46569c Minimally resurrect doxygen documentation
5087de4 libnfnetlink: hide private symbols
62ca426 autogen: don't convert __u16 to u_int16_t
efa1d8e src: Use stdint types everywhere
7a1a07c include: Sync with kernel headers
7633f0c libnfnetlink: initialize attribute padding to resolve valgrind warnings
94b68f3 configure: uclinux is also linux
617fe82 src: get source code license header in sync with current licensing terms
97a3960 build: resolve automake-1.12 warnings
Removed the patch 100-missing_include.patch, libnfnetlink compiles fine
with musl without this patch.
Signed-off-by: Nick Hainke <vincent@systemli.org>
|
| |
|
|
|
|
|
| |
bh_event_add_var can be called by multiple threads concurrently,
so it shall not use a static char buffer
Signed-off-by: Andrey Erokhin <a.erokhin@inango-systems.com>
|
| |
|
|
|
|
|
| |
Override python to use the one in host instead of hostpkg. There's no
need to use the latter.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
| |
fix the cmake.org download url
Signed-off-by: leo chung <gewalalb@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The correct oob layout is:
ECC:
region->offset = 48;
region->length = 16;
Free:
/* Reserve 1 byte for the BBM. */
region->offset = 1;
region->length = 47;
Signed-off-by: Felix Matouschek <felix@matouschek.org>
|
| |
|
|
|
|
| |
The correct readid method is SPINAND_READID_METHOD_OPCODE_ADDR.
Signed-off-by: Felix Matouschek <felix@matouschek.org>
|
| |
|
|
|
|
| |
kernel spi-nand driver leaves this field empty and let mtd set it later.
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
|
| |
|
|
|
|
| |
This backports GD SPI NAND support from nand/next to v5.10
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
|
| |
|
|
| |
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
|
| |
|
|
|
|
|
| |
92f5e18675bf interface: fix ifname present check in interface status
ef82defaae26 ubus: add active devices to bridger blacklist
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
| |
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
| |
|
|
|
|
|
|
|
| |
a378883 fw4: fix emitting family specific redirect rules without any addrs
11feddf fw4: bracketize IPv6 addresses in dnat addr:port notation
9972f7d fw4: ensure to capitalize weekday names
fde8070 treewide: forward compatibility changes
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
33f1e0b treewide: move json-c compat shims into internal header file
e0e9431 vm: move unhandled exception reporting out of `uc_vm_execute_chunk()`
2b59140 vm: fix callframe double free on unhanded exceptions
7d7e950 main: abort when failing to load a preload library
1032a67 lib: let `json()` accept input objects implementing `read()` method
5ee68d5 fs: implement `fs.readfile()` and `fs.writefile()`
df6b861 ci: debian: change path before attempting to invoke Git operations
dfaf05a ci: debian: automatically update changelog from Git tag
34f3c45 ci: fix YAML syntax of Debian workflow
e956bcf fs: fix off-by-one in fs.dirname() function
6fc4b6c .gitignore: fix overmatching patterns, blacklist cram .venv
7c2e082 build: remove legacy json-c check
77942af build: add polyfills for older libjson-c versions
0b4aaa3 CI: build Debian package
f404285 debian: Add package definition
a37f654 types: fix escape sequence encoding of high byte values in JSON strings
aae5312 Update README.md
8134e25 build: fix symlink install target
87c7296 treewide: replace some leftover "utpl" occurrences, update .gitignore
7d27ad5 build: only stage ucc symlink if compile support is enabled
171402f lib: add date and time related functions
8b5dc60 lib: provide API function to obtain stdlib function implementations
eb0d2f1 main: turn ucode into multicall executable
28ee7e1 uloop: add support for tasks
753dea9 CI: build on macOS
668c5c0 lib: add argument position support (`%m$`) to `sprintf()` and `printf()`
ab46fdf treewide: remove legacy json-c include directives
b8f49b1 tests: 21_regex_literals: generalize syntax error test case
fd2e5e7 tests: 16_sort: fix logic flaw exposed on OS X
2c71bf2 tests: run_tests.sh: pass dummy value to `-T` flag
55c4a90 lib: disallow zero padding for %s formats
0d05cb5 tests: run_tests.sh: use greadlink if available
271e520 resolv: make OS X compatible
d13c320 fs: avoid Linux specific sys/sysmacros.h include on OS X
33397a3 uloop: use execvp() on OS X
bafdc8f lib: add naive sigtimedwait() stub for OS X
ada1585 build: consolidate CMakeLists.txt and cover OS X deviations
befbb69 include: add OS X compatible endian.h header
49838a8 include: rename include guards to avoid clashes with system headers
91f65de nl80211: add missing attributes and correct some attribute flags
b4a1fd5 lib: adjust require(), render() and include() raw mode semantics
4618807 main: rework CLI frontend
73dcd78 lib: fix potential integer underflow on empty render output
c402551 vm: fix crash on object literals with non-string computed properties
efe8a02 syntax: support add new operators
078d686 ubus: add event support
6c66c83 ubus: refactor error and argument handling
1cb04f9 ubus: add object publishing, notify and subscribe support
0e85974 uloop: clear errno before integer conversion attempts
05bd7ed types: treat resource type prototypes as GC roots
a2a26ca lib: introduce uloop binding
6b6d01f vm: release this context on exception in managed method call
1af23a9 tests: fix proto() testcase
4ce69a8 fs: implement access(), mkstemp(), file.flush() and proc.flush()
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
| |
|
|
|
|
| |
Notify external ubus subscribers of received link-measurement reports.
Signed-off-by: David Bauer <mail@david-bauer.net>
|
| |
|
|
|
|
|
|
|
|
| |
Add a ubus method to request link-measurements from connected STAs.
In addition to the STAs address, the used and maximum transmit power can
be provided by the external process for the link-measurement. If they
are not provided, 0 is used as the default value.
Signed-off-by: David Bauer <mail@david-bauer.net>
|
| |
|
|
|
|
|
| |
Allow external processes to enable advertisement of link-measurement RRM
capability.
Signed-off-by: David Bauer <mail@david-bauer.net>
|
| |
|
|
|
|
|
|
|
|
| |
The sama7 sub target does not have USB support, the feature should not
be activated there. OpenWrt can automatically detect if the target
supports USB by using the scripts/target-metadata.pl script. With the
automatic detection USB support will only get activated on subtargest
which actually support USB like sam9x and sama5.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
|
|
|
|
|
| |
Bluetooth should be activated as an optional kmod package instead of
compiling it into the kernel.
Tested-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Reviewed-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
|
|
|
|
|
| |
Use the ext4 driver for ext2 and ext3 too. This feature is activated in
the OpenWrt generic configuration.
Tested-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Reviewed-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
|
|
|
|
|
| |
This was probably activated by mac80211 which was activated before.
mac80211 is build from backports in OpenWrt.
Tested-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Reviewed-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
|
|
|
|
|
| |
cgroups and namespaces should be configured by the generic OpenWrt
configuration and not for a specific target.
Tested-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Reviewed-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
