| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The following patches are now included upstream:
* 0052-MIPS-lantiq-fix-usb-clocks.patch
* 0053-MIPS-lantiq-enable-AHB-Bus-for-USB.patch
* 0060-lantiq-ase-enable-MFD-SYSCON.patch
Closes: FS#1466
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Stijn Segers <foss@volatilesystems.org>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
| |
This Adds fixes for the following security problems based on debians patches:
CVE-2016-2125: Unconditional privilege delegation to Kerberos servers in trusted realms
CVE-2017-12163: Server memory information leak over SMB1
CVE-2017-12150: SMB1/2/3 connections may not require signing where they should
CVE-2018-1050: Denial of Service Attack on external print server.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
|
|
|
|
|
|
| |
This now makes sure that the beginning of the version number gets checked
and "4.4.5" will not match was a supported version.
GCC 8 and GCC 9 are now marked as supported, but we probably have to fix
some problems for them.
Closes: FS#1433
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
|
|
|
|
|
|
|
|
| |
These devices are produced by Wuhan Xinxin Semiconductor Manufacturing
Corp. (XMC) and found on some routers from Chinese manufactures.
The data sheets can be found here:
http://www.xmcwh.com/Uploads/2018-03-01/5a9799e4cb355.pdf
http://www.xmcwh.com/Uploads/2018-02-05/5a77e6dbe968b.pdf
Closes: FS#1460
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
|
|
|
|
| |
These functions are not declared in any header file and only used in
same compile unit, mark them as static to remove one gcc warning and
make it easier for the compiler to optimize them out.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add patches for 4.14, drop patch 030 since it's already included
upstream.
Tested on:
1) WRT54GL (with RAM upgraded to 32 MiB)
2) WL500gPv2 (with RAM upgraded to 64 MiB)
3) BCM47186B0 SoC board
4) BCM4706 SoC board
Signed-off-by: Paul Wassi <p.wassi@gmx.at>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
| |
3dc8c91 interface-ip: fix memory leak in interface_ip_add_target_route()
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
| |
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
|
|
|
| |
5cbd305 odhcp6c: improve code readibility
eb83b7e treewide: improve error handling
b7b11cb dhcpv6: initialize ifreq struct
f0469e2 ra: handle socket fail creation
d573461 odhcp6c: fix file pointer leakage
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
* Refreshed patches.
* Deleted 210-Revert-led-core-Fix-brightness-setting-when-setting-.patch (was accepted upstream)
* Deleted 812-pci-dwc-fix-enumeration.patch (was accepted upstream)
Compile and run tested on lantiq
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
|
|
| |
Add some basic binaries required for private key and CSR generation.
Signed-off-by: Paul Wassi <p.wassi@gmx.at>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes some minor security problems.
Old size:
162262 bin/packages/mips_24kc/base/libmbedtls_2.7.0-1_mips_24kc.ipk
New size:
163162 bin/packages/mips_24kc/base/libmbedtls_2.8.0-1_mips_24kc.ipk
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
| |
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
|
|
|
|
|
|
| |
Update e2fsprogs to upstream 1.44.1 (feature and bugfix release)
Signed-off-by: Paul Wassi <p.wassi@gmx.at>
|
|
|
|
|
|
| |
Update e2fsprogs to upstream 1.44.1 (feature and bugfix release)
Signed-off-by: Paul Wassi <p.wassi@gmx.at>
|
|
|
|
|
|
|
|
|
|
| |
- Update to upstream 2.32
- License file 'getopt/COPYING' not present (any more)
- Disable 'chown root:root'-commands during 'make install'
- Add new dependency to wipefs
- Refresh patch 003
Signed-off-by: Paul Wassi <p.wassi@gmx.at>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Compile tested on ar71xx.
Old size:
6527 bin/packages/mips_24kc/base/terminfo_6.0-1_mips_24kc.ipk
141465 bin/packages/mips_24kc/base/libncurses_6.0-1_mips_24kc.ipk
New size:
6873 bin/packages/mips_24kc/base/terminfo_6.1-1_mips_24kc.ipk
146950 bin/packages/mips_24kc/base/libncurses_6.1-1_mips_24kc.ipk
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Compile tested on mvebu.
old size:
12947 bin/packages/mips_24kc/base/libltdl_2.4-2_mips_24kc.ipk
new size:
13002 bin/packages/mips_24kc/base/libltdl_2.4.6-1_mips_24kc.ipk
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
|
|
|
| |
Signed-off-by: Matti Laakso <matti.laakso@outlook.com>
|
|
|
|
| |
Signed-off-by: Matti Laakso <matti.laakso@outlook.com>
|
|
|
|
|
|
| |
Add patches and config for 4.14, refreshed from 4.9.
Signed-off-by: Matti Laakso <matti.laakso@outlook.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add initial support for Marvell MACCHIATObin, cortex-a72 based Marvell
ARMADA 8040 Community board. Comes in two forms: Single Shot and Double
Shot.
Specifications:
- Quad core Cortex-A72 (up to 2GHz)
- DDR4 DIMM slot with optional ECC and single/dual chip select support
- Dual 10GbE (1/2.5/10GbE) via copper or SFP
2.5GbE (1/2.5GbE) via SFP
1GbE via copper
- SPI Flash
- 3 X SATA 3.0 connectors
- MicroSD connector
- eMMC
- PCI x4 3.0 slot
- USB 2.0 Headers (Internal)
- USB 3.0 connector
- Console port (UART) over microUSB connector
- 20-pin Connector for CPU JTAG debugger
- 2 X UART Headers
- 12V input via DC Jack
- ATX type power connector
- Form Factor: Mini-ITX (170 mm x 170 mm)
More details at http://macchiatobin.net
Booting from micro SD card:
1. reset U-Boot environment:
env default -a
saveenv
2. prepare U-Boot with boot script:
setenv bootcmd "load mmc 1:1 0x4d00000 boot.scr; source 0x4d00000"
saveenv
or manually:
setenv fdt_name armada-8040-mcbin.dtb
setenv image_name Image
setenv bootcmd 'mmc dev 1; ext4load mmc 1:1 $kernel_addr $image_name;ext4load mmc 1:1 $fdt_addr $fdt_name;setenv bootargs $console root=/dev/mmcblk1p2 rw rootwait; booti $kernel_addr - $fdt_addr'
saveenv
Signed-off-by: Damir Samardzic <damir.samardzic@sartura.hr>
|
|
|
|
|
|
|
|
|
| |
This release brings various improvements to clearfog support, such as distro-boot.
Obsoletes:
0002-clearfog-reset-usom-onboard-1512-phy.patch
0003-clearfog-enable-distro-boot-code.patch
Signed-off-by: Josua Mayer <josua.mayer97@gmail.com>
|
|
|
|
|
|
|
| |
The DTB for Clearfog Pro has been renamed in mainline. However U-Boot
hasn't picked up that change yet :(, so we need to hardcode it for now.
Signed-off-by: Josua Mayer <josua.mayer97@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
CONFIG_* variables can easily be set by overriding Build/Configure.
so set NET_RANDOM_ETHADDR=y and CMD_SETEXPR=y here.
This replaces the following patches:
0001-clearfog-generate-random-MAC-address.patch
0004-clearfog-enable-setexpr-command-by-default.patch
Signed-off-by: Josua Mayer <josua.mayer97@gmail.com>
|
|
|
|
|
|
|
|
| |
Newer Linksys boards might come with a Winbond W29N02GV which can be
configured in different ways. Make sure we configure it the same way as
the older chips so everything keeps working.
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>
|
|
|
|
|
|
| |
As Solidrun's RTC patch got merged, this hack is no longer needed.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Wave-1 firmware has a fix for 'addba' not finding the peer. Thanks to Hauke
for finding and reporting this.
Wave-2 firmware has a fix for leaking a peer multicast key when a monitor device
is created.
And I re-ordered the '4019' firmware images in the Makefile to match the order
of the others. No functional change for that reorder.
Signed-off-by: Ben Greear <greearb@candelatech.com>
Tested-by: Rosen Penev <rosenp@gmail.com>
|
|
|
|
|
|
| |
Fixes CVE-2018-0739
Signed-off-by: Paul Wassi <p.wassi@gmx.at>
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 745d0e7f4b6e8659cc967291acd33889035127f0.
It looks like upstream don't want the patch so let's revert it here too.
I hope a fix from upstream is forthcoming.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
|
|
|
|
|
|
| |
that do not support it
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
| |
CONFIG_NVMEM_BCM_OCOTP was added in kernel 4.10 and it is possible to
activate it on the bcm53xx target. Deactivate it by default to fix the
build of the bcm53xx target.
This was found by build bot.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch cleans and reworks the WNDR4700 dts to increase the
now combined dtb+kernel partition to 3.5 MiB. This has become
necessary due to the switch to GCC 7.3 and the ever increasing
kernel binary size.
The dtb+kernel partition was combined in order to finally
fix the problem with out-of-sync device-trees. From now
on, the kernel and device-tree will always be updated together.
Upgrade Note:
Existing installations will have to use the TFTP firmware
recovery option in order to install the update. Affected users
are advised to make a backup of their existing configuration
prior to running sysupgrade:
<https://openwrt.org/docs/guide-user/installation/generic.backup#backup_openwrt_configuration>
Due to the repartitioning of the NAND, the generated backup
should be placed on either the internal HDD, an attached
USB-Stick or on another PC (externally).
To manually trigger the firmware recovery, the reset button has
to be pressed (and hold) during boot. U-boot will enter the "Upgrade
Mode" and starts a tftpserver listening on 192.168.1.1 for a
tftp client from one of the four LAN/Ethernet ports to connect and
upload the new system: (enable tftp binary mode!).
openwrt-apm821xx-nand-netgear_wndr4700-squashfs-factory.img
Cc: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The recent change to switch to gcc 7.3 broke the image
generation code, as the kernel would no longer fit into
KERNEL_SIZE.
This patch fixes the issue by reworking the initramfs
creation and packaging, which will get rid of the
KERNEL_SIZE check in the process.
This new initramfs can be loaded through the MR24 U-boot
in the following way:
=> setenv ipaddr 192.168.1.1
=> setenv bootargs console=ttyS0,$baudrate
=> tftpboot c00000 192.168.1.2:meraki_mr24-initramfs-kernel.bin
[...]
Load address: 0xc00000
Loading: ################################################ [...]
done
Bytes transferred = 5952544 (5ad420 hex)
=> bootm $fileaddr
\## Booting kernel from Legacy Image at 00c00000 ...
...
For more information and the latest flashing guide:
please visit the OpenWrt Wiki Page for the MR24:
<https://openwrt.org/toh/meraki/mr24#flashing>
Cc: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Signed-off-by: Chris Blake <chrisrblake93@gmail.com>
|
|
|
|
|
|
|
|
|
| |
Fix psidlen becomes negative in case embedded address bit lenght is smaller than
IPv4 suffix length.
While at it improve parameter checking making the code more logical and
easier to read.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
| |
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
|
|
|
|
| |
There are few symbol changes but only 3 symbols were possible to set:
THERMAL_EMERGENCY_POWEROFF_DELAY_MS
CLK_BCM_SR
PHY_NS2_USB_DRD
Both new drivers don't seem to apply to Northstar so they are disabled.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
| |
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
|
|
|
| |
opkg currently has some issues with Provides and this change makes the
image builder fail because of that. Revert the change for now until opkg
is fixed
This reverts commit 092d75aa3e86db8331fffdbd0a99987df9dc438b.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
| |
Use the right size for the EHCI block
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes since last version
dfb68f8 service: initialize supplementary group ids
3db4e6d service: add func for string config change check
c3faabe procd: get rid of putenv usage.
The supplementary group id change fixes FS#988
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The following patches were merged upstream:
000-hostapd-Avoid-key-reinstallation-in-FT-handshake.patch
replaced by commit 0e3bd7ac6
001-Prevent-reinstallation-of-an-already-in-use-group-ke.patch
replaced by commit cb5132bb3
002-Extend-protection-of-GTK-IGTK-reinstallation-of-WNM-.patch
replaced by commit 87e2db16b
003-Prevent-installation-of-an-all-zero-TK.patch
replaced by commit 53bb18cc8
004-Fix-PTK-rekeying-to-generate-a-new-ANonce.patch
replaced by commit 0adc9b28b
005-TDLS-Reject-TPK-TK-reconfiguration.patch
replaced by commit ff89af96e
006-WNM-Ignore-WNM-Sleep-Mode-Response-without-pending-r.patch
replaced by commit adae51f8b
007-FT-Do-not-allow-multiple-Reassociation-Response-fram.patch
replaced by commit 2a9c5217b
008-WPA-Extra-defense-against-PTK-reinstalls-in-4-way-ha.patch
replaced by commit a00e946c1
009-Clear-PMK-length-and-check-for-this-when-deriving-PT.patch
replaced by commit b488a1294
010-Optional-AP-side-workaround-for-key-reinstallation-a.patch
replaced by commit 6f234c1e2
011-Additional-consistentcy-checks-for-PTK-component-len.patch
replaced by commit a6ea66530
012-Clear-BSSID-information-in-supplicant-state-machine-.patch
replaced by commit c0fe5f125
013-WNM-Ignore-WNM-Sleep-Mode-Request-in-wnm_sleep_mode-.patch
replaced by commit 114f2830d
Some patches had to be modified to work with changed upstream source:
380-disable_ctrl_iface_mib.patch (adding more ifdef'ery)
plus some minor knits needed for other patches to apply which are not
worth being explicitely listed here.
For SAE key management in mesh mode, use the newly introduce
sae_password parameter instead of the psk parameter to also support
SAE keys which would fail the checks applied on the psk field (ie.
length and such). This fixes compatibility issues for users migrating
from authsae.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|
|
|
|
|
|
|
|
| |
5d2bf09 uci: fix a potential use-after-free in uci_set()
3b3d63e list: only record ordering deltas if element position changed
4c4d343 cmake: Fix cli shared linking against ubox
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
| |
9c8d781 netifd: return the interface for locally addressable host dependencies
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
| |
Netfilter flow offload has now started to become useful and suitable for
a wider testing audience. Configuring it via UCI is also integrated in
firewall3 by adding 'option flow_offloading 1' to the 'defaults'
section in /etc/config/firewall
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
| |
This audio chip is provided as a virtual audio device by VMware
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Improve portability of init script by declaring resolvfile as local
in dnsmasq_stop function.
Fixes resolvfile being set for older busybox versions in dnsmasq_start
in a multi dnsmasq instance config when doing restart; this happens when
the last instance has a resolvfile configured while the first instance
being started has noresolv set to 1.
Base on a patch by "Phil"
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
| |
This will generate image for Pine64 Sopine board.
Signed-off-by: Fan Fan <fkpwolf@gmail.com>
|
|
|
|
|
|
| |
Contains kernel 4.14 updates. Compile tested on mvebu.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Right patch version this time, sorry!
* Patch 180-usb-xhci-add-support-for-performing-fake-doorbell.patch had to be adjusted slightly because of upstream adapted code.
* Refreshed patches.
Compile-tested: ramips/mt7621, x86/64
Run-tested: ramips/mt7621, x86/64
Signed-off-by: Stijn Segers <foss@volatilesystems.org>
Tested-by: Rosen Penev <rosenp@gmail.com>
|