| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
e8f9c22 Revise supported ciphersuites
7e9e269 wolfssl, openssl: use TLS 1.3, set ciphersuites
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
|
|
|
|
|
| |
Update e2fsprogs to 1.45.3
Remove OpenBSD patch
Remove Darwin patch, neither macports or brew patches these files
Add patch to avoid crond detection on host OS
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
|
| |
|
|
|
|
|
|
|
|
| |
The host tool package qemu is build for the target x86. The installed tool
qemu-img is needed to build vdi or vmdk images. In the image Makefile we
use however the host installed qemu-img command and not the tool from the
buildsystem. This commit force to use the already build qemu-img command
from the openwrt toolchain.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This happens only the second time a library is loaded by dlopen().
After lib1 is loaded, dlsym(lib1,"undef1") correctly resolves the undef
symbol from lib1 dependencies. After the second library is loaded,
dlsym(lib2,"undef1") was returning the address of "undef1" in lib2
instead of searching lib2 dependencies.
Using upstream fix which now uses the same logic for relocation time
and dlsym.
Fixes openwrt/packages#9297
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The flash layout on the Storlink reference design for Gemini
is using 2 MB flash for the kernel, and it also insists on
overwriting the partition table with default values on every
boot. The same is true for the SQ201. This poses a problem
on recent OpenWrt firmware as the base zImage is bigger
than 2 MB.
At the same time there is a ramdisk partition of 6 MB that we
don't really need. The partition table looks like this:
Creating 7 MTD partitions on "30000000.flash":
0x000000000000-0x000000016000 : "BOOT"
0x000000120000-0x000000320000 : "Kern"
0x000000320000-0x000000920000 : "Ramdisk"
0x000000920000-0x000000f20000 : "Application"
0x000000f20000-0x000000f40000 : "VCTL"
0x000000f40000-0x000000fe0000 : "CurConf"
0x000000fe0000-0x000001000000 : "FIS directory"
On boot the "Kern" partition is copied to RAM @0x01600000
and the "Ramdisk" partition is copied to RAM @0x00800000.
Then the kernel is executed.
The idea with this patch is to extend the "Kern" partition
with the "Ramdisk" partition to get a full 8 MB to use
for the kernel. Then we put the OpenWrt JFFS2 rootfs
inside the "Application" partition.
We create a small assembly loop that we prepend to the
"Kern" image that will copy the "Kern" from 0x0160000
and the "Ramdisk" from 0x00800000 and put them in
consecutive space at 0x00400000 and execute it from
there, using "Application" as rootfs.
We generate 3 main files:
- zImage - contains the assembly bootstrap loop and
the first part of the generated kernel image
- rd.gz - contains the second part of the generated
kernel image
- hddapp.tgz - contains the root filesystem
On the SQ201 I flash these manually using the native boot
loader PLATO, "Y" alternative for the zImage, "R" for
the rd.gz image and "A" for hddapp.tgz.
This works fine and I can now boot to prompt on the SQ201
with nothing but flash.
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
This package just contains a small Gemini-only assembler
bootstrap loop to copy the kernel from the two fragments
(previously zImage at 0x01600000 and initramdisk at 0x00800000)
into one big zImage of up to 8 MB at 0x00400000.
It will be built on demand from the Gemini image Makefile.
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
|
| |
|
|
|
|
|
|
| |
The SL93512r and the NAS4220B have Redboot partition
tables (rely on these) and need to boot from mtdblock3.
Add two patches from upstream to fix this.
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
|
| |
|
|
|
|
| |
Upstream patch fixing the errors in the device tree.
Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
|
| |
|
|
| |
Signed-off-by: Luis Araneda <luaraneda@gmail.com>
|
| |
|
|
|
|
| |
Use kernel 4.19 by default
Signed-off-by: Luis Araneda <luaraneda@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
This fixes a kernel panic when validating the
arguments of memcpy at runtime, which is enabled
by generic's CONFIG_FORTIFY_SOURCE for k4.19
This wasn't triggered on 4.14, as ARCH_HAS_FORTIFY_SOURCE
was added on k4.17 for the ARM architecture
Signed-off-by: Luis Araneda <luaraneda@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
- Select CONFIG_PREEMPT_NONE (server) instead
of CONFIG_PREEMPT (low-latency desktop)
- Remove CONFIG_USELIB
- Remove CONFIG_SYSCTL_SYSCALL
Signed-off-by: Luis Araneda <luaraneda@gmail.com>
|
| |
|
|
|
|
|
| |
Copied from kernel 4.14 and refreshed
with make kernel_oldconfig
Signed-off-by: Luis Araneda <luaraneda@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Always build AES-GCM support.
Unnecessary patches were removed.
This includes two vulnerability fixes:
CVE-2019-11873: a potential buffer overflow case with the TLSv1.3 PSK
extension parsing.
CVE-2019-13628 (currently assigned-only): potential leak of nonce sizes
when performing ECDSA signing operations. The leak is considered to be
difficult to exploit but it could potentially be used maliciously to
perform a lattice based timing attack.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It seems bzip2 was abandoned by the author and adopted by the sourceware
people. The last release of bzip2 was from 2010.
Several security bugs were fixed as well as others.
Fixed up PKG_LICENSE to be compatible with SPDX.
Changed URLs to point to the new home.
Added patch that gets rid of deprecated utime function and switches it to
utimensat.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
| |
Convert leading spaces to tab to match rest of the file.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
|
| |
|
|
|
|
|
|
|
| |
The removed patches were applied upstream.
The type of the RT2X00_LIB_EEPROM config option was changed to bool,
because boolean is an invalid value and the new kconfig system
complained about this.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
|
|
|
| |
This contains multiple fixes from the upstream kernel.
The removed patch was merged upstream.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
|
| |
Fixes: ba8aeb02eae2 ("mdadm: Fix compile with musl 1.1.23")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
|
|
|
|
|
| |
This commit will activate CONFIG_IEEE80211W for all, but the mini
variant when at least one driver supports it. This will add ieee80211w
support for the mesh variant for example.
Fixes: FS#2397
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
|
|
| |
The driver was removed from OpenWrt a long time ago.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
| |
|
|
|
|
| |
The install was missing the hpp header. Adding that in.
Signed-off-by: Colby Whitney <colby.whitney@luxul.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Unconditionally execute the final case statement, even if the disk layout
changed. This is necessary, to keep the original Turris Omnia flash
instructions working: The disk layout WILL change, when switching from
TurrisOS to OpenWRT. Without updating the uboot environment at the same
time, the user would end up with an unbootable system.
Fixes commit 2e5a0b81ec ("mvebu: sysupgrade: sdcard: keep user added ...")
Signed-off-by: Klaus Kudielka <klaus.kudielka@gmail.com>
|
| |
|
|
|
|
|
|
| |
OpenWrt will run out of RAM while booting with the default package set,
so let's not provide images that will likely fail. They can still be
built manually through source or IB if needed.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bump to latest git HEAD
509e673 firewall3: Improve ipset support
The enabled option did not work properly for ipsets, as it was not
checked on create/destroy of a set. After this commit, sets are only
created/destroyed if enabled is set to true.
Add support for reloading, or recreating, ipsets on firewall reload. By
setting "reload_set" to true, the set will be destroyed and then
re-created when the firewall is reloaded.
Add support for the counters and comment extensions. By setting
"counters" or "comment" to true, then counters or comments are added to
the set.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit unifies the LED mapping of the AVM Fritz!Box routers, which
have a combined Power/DSL LED.
With the stock firmware, the Power LED has the following
characteristics:
- Blink when DSL sync is being established
- Solid when DSL sync is present
We can't completely resemble this behavior in OpenWrt. Currently, the
Power LED is completely off, when DSL sync is missing. This is not
really helpful, as a user might have the impression, that he bricked his
device.
Instead, map the Info-LED to the state of the DSL connection.
There is no consistent behavior for the Info-LED in the stock
firmware, as the user can set it's function by himself. The DSL
connection state is one possible option for the Info LED there.
Also use the red Power LED to indicate a running upgrade, in case the
board has a two-color Power LED.
Signed-off-by: David Bauer <mail@david-bauer.net>
|
| |
|
|
|
|
|
| |
This device has not been supported in ar71xx, so there is no need
for an explicit SUPPORTED_DEVICES entry.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
|
| |
|
|
|
|
|
|
|
|
|
| |
The TP-Link TL-WR842N v3 has a software-controllable Power LED. The WPS
LED is normally only used as a System LED, when the Power LED can't be
controlled by software.
Additionally, the Power LED is also the System LED for this board in
ar71xx.
Signed-off-by: David Bauer <mail@david-bauer.net>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The AVM Fritz!Box 7530 (and probably other AVM IPQ4019 NAND devices)
has it's caldata not stored consistently, but instead at currently
3 known possible offsets.
As we get a non-zero exit code from fritz_cal_extract, simply try all
three possible offsets on both bootloader partitions, until a matching
caldata for each radio is found.
Reported-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: David Bauer <mail@david-bauer.net>
|
| |
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
| |
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
| |
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: none
Runtime-tested on: none
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This changes size and offset set for WiFi caldata extraction and
MAC address adjustment to hexadecimal notation.
This will be much clearer for the reader when numbers are big, and
will also match the style used for mtd-cal-data in DTS files.
Since dd cannot deal with hexadecimal notation, one has to convert
back to decimal by simple $(($hexnum)).
Acked-by: Alexander Couzens <lynxis@fe80.eu>
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This changes the offsets for the MAC address location in
mtd_get_mac_binary* and mtd_get_mac_text to hexadecimal notation.
This will be much clearer for the reader when numbers are big, and
will also match the style used for mtd-mac-address in DTS files.
(e.g. 0x1006 and 0x5006 are much more useful than 4102 and 20486)
Acked-by: Alexander Couzens <lynxis@fe80.eu>
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
|
| |
|
|
|
|
|
|
|
| |
For x86/64 (maybe more) target the SUPPORTED_DEVICES variable is empty
which causes the `&&` junction to fail, producing a non zero exit code.
Tested-by: Paul Spooren <mail@aparcar.org>
Fixed-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Paul Spooren <mail@aparcar.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Allow overriding the default selection state for Devices, similar to
setting a default for packages.
E.g. by setting DEFAULT to n, they won't be selected by default anymore
when enabling all device in the multi device profile.
This allows preventing images being built by the default config for
known broken devices, devices without enough RAM/flash, or devices not
working with a certain kernel versions.
This does not prevent the devices from being manually selected or images
being built by the ImageBuilder. These devices often still have worth
with a reduced package-set, or as a device for regression testing, when
no better device is available.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The manifest file is based on IMG_PREFIX and PROFILE_SANITIZED, whereas
the latter takes a string like DEVICE_8dev_carambola2 and sanitizes it.
This behaviour results in a useless "device_" profile-prefix in the
device manifest filename. Now uses *subst* to remove that.
Therefore this patch results more consistent device file names:
openwrt-ath79-generic-8dev_carambola2-initramfs-kernel.bin
openwrt-ath79-generic-8dev-carambola2.manifest
openwrt-ath79-generic-8dev_carambola2-squashfs-sysupgrade.bin
instead of a single file being called
openwrt-ath79-generic-device_8dev-carambola2.manifest
Signed-off-by: Paul Spooren <mail@aparcar.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
generate feeds.buildinfo and version.buildinfo in build dir after
containing the feed revisions (via ./scripts/feeds list -sf) as well as
the current revision of buildroot (via ./scripts/getver.sh).
With this information it should be possible to reproduce any build,
especially the release builds.
Usage would be to move feeds.buildinfo to feeds.conf and git checkout the
revision hash of version.buildinfo.
Content of feeds.buildinfo would look similar to this:
src-git routing https://git.openwrt.org/feed/routing.git^bf475d6
src-git telephony https://git.openwrt.org/feed/telephony.git^470eb8e
...
Content of version.buildinfo would look similar to this:
r10203+1-c12bd3a21b
Without the exact feed revision it is not possible to determine
installed package versions.
Also rename config.seed to config.buildinfo to follow the recommended
style of https://reproducible-builds.org/docs/recording/
Signed-off-by: Paul Spooren <mail@aparcar.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
GNU patch through 2.7.6 is vulnerable to OS shell command injection that
can be exploited by opening a crafted patch file that contains an ed style
diff payload with shell metacharacters. The ed editor does not need to be
present on the vulnerable system. This is different from CVE-2018-1000156.
https://nvd.nist.gov/vuln/detail/CVE-2019-13638
Signed-off-by: Russell Senior <russell@personaltelco.net>
|
| |
|
|
|
|
|
|
|
|
| |
This version bump includes a bunch of fixes and improvements, which
should fix gpsd build breakage in the package feeds.
Ref: https://github.com/SCons/scons/blob/master/src/CHANGES.txt
Signed-off-by: Russell Senior <russell@personaltelco.net>
[added missing commit description]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
|
| |
|
|
|
|
|
| |
This replaces gpio-export by gpio-hogs and switches buttons
to interrupt-driven gpio-keys.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Revert "mac80211: add new minstrel_ht patches to improve probing on mt76x2" (9861050b85e5381c93d73ffdbc24c130400e0fb8)
Revert "kernel: use bulk free in kfree_skb_list to improve performance" (98b654de2e7502507b31f0fb82befbb48f9c8542)
Revert "ramips: add preliminary support for WIO ONE" (085141dc5ba5e763e1bf4c1a2fd6957160810ccc)
Revert "ramips: add preliminary support for SGE AP-MTKH7-0006 developer board" (b1db6d0539511f60bf65fbde28b16afa31180e34)
Revert "build: use config.site generated by autoconf-lean, drop hardcoded sitefiles" (363ce4329d4f6c00b4a7cb83dd1821fafc0d40ad)
Revert "toolchain: add autoconf-lean" (fdb30eed03ae56cd87078b64d9b2fac00799e783)
Revert "build: allow overriding the filename on the remote server when downloading" (6fa0e07758524eddf20c9b66dfcb55c490e1961e)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
| |
Use it to generate a more comprehensive configure sitefile
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
|
|
| |
Github releases usually don't contain the project name in the release
filename, which makes them very inconvenient to use from the build
system. Add support for naming the local file differently.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Force prereq again in SDK in order to fix GCC and Python dangling
symlinks:
staging_dir/host/bin/g++ -> /builder/ath79_generic/ccache_cxx.sh
staging_dir/host/bin/gcc -> /builder/ath79_generic/ccache_cc.sh
staging_dir/host/bin/python -> /usr/bin/python3.5
staging_dir/host/bin/python3 -> /usr/bin/python3.5
Ref: FS#2424
Signed-off-by: Petr Štetiar <ynezz@true.cz>
|
