aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* uboot-layerscape: fix dtc compilation on host gcc 10Hauke Mehrtens2021-09-131-0/+46
| | | | | | | Backport a patch from upstream U-Boot to fix the compile with host GCC 10. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 8d143784cb8fafccdbcdc0bd5d1aa47d3d676f70)
* uboot-kirkwood: Fix build with GCC-10 as host compilerSven Eckelmann2021-09-131-0/+23
| | | | | | | | | | | | | | | | The package uses the host compiler to build the dtc binary. With gcc-10, the option -fno-common is now the default behavior. Thus multiple definitions of the same variable are now forbidden and results in following error during linking: HOSTLD scripts/dtc/dtc /usr/bin/ld: scripts/dtc/dtc-parser.tab.o:(.bss+0x10): multiple definition of `yylloc'; scripts/dtc/dtc-lexer.lex.o:(.bss+0x0): first defined here collect2: error: ld returned 1 exit status The easiest workaround is to add the upstream commit 018921ee79d3 ("Remove redundant YYLOC global declaration"). Signed-off-by: Sven Eckelmann <sven@narfation.org>
* uboot-sunxi: Fix build with GCC-10 as host compilerSven Eckelmann2021-09-131-0/+23
| | | | | | | | | | | | | | | | The package uses the host compiler to build the dtc binary. With gcc-10, the option -fno-common is now the default behavior. Thus multiple definitions of the same variable are now forbidden and results in following error during linking: HOSTLD scripts/dtc/dtc /usr/bin/ld: scripts/dtc/dtc-parser.tab.o:(.bss+0x10): multiple definition of `yylloc'; scripts/dtc/dtc-lexer.lex.o:(.bss+0x0): first defined here collect2: error: ld returned 1 exit status The easiest workaround is to add the upstream commit 018921ee79d3 ("Remove redundant YYLOC global declaration"). Signed-off-by: Sven Eckelmann <sven@narfation.org>
* kernel: bump 4.14 to 4.14.245David Bauer2021-09-0224-49/+49
| | | | | | | Compile-tested: ath79-generic Run-tested: ath79-generic Signed-off-by: David Bauer <mail@david-bauer.net>
* openssl: bump to 1.1.1lEneas U de Queiroz2021-08-302-6/+5
| | | | | | | | | | | This version fixes two vulnerabilities: - SM2 Decryption Buffer Overflow (CVE-2021-3711) Severity: High - Read buffer overruns processing ASN.1 strings (CVE-2021-3712) Severity: Medium Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* openssl: use --cross-compile-prefix in ConfigureEneas U de Queiroz2021-08-301-3/+2
| | | | | | | | | | | | | | This sets the --cross-compile-prefix option when running Configure, so that that it will not use the host gcc to figure out, among other things, compiler defines. It avoids errors, if the host 'gcc' is handled by clang: mips-openwrt-linux-musl-gcc: error: unrecognized command-line option '-Qunused-arguments' Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> Tested-by: Rosen Penev <rosenp@gmail.com> (cherry picked from commit 2f75348923e564f1b73fbc32f7cabc355cd6e2b9)
* kernel: bump to 4.14.244David Bauer2021-08-204-5/+5
| | | | | | | Compile-tested: ath79-generic ipq40xx-generic Run-tested: ipq40xx-generic Signed-off-by: David Bauer <mail@david-bauer.net>
* kernel: bump to 4.14.243David Bauer2021-08-146-21/+21
| | | | | | | Compile-tested: x86-64 Run-tested: x86-64 Signed-off-by: David Bauer <mail@david-bauer.net>
* OpenWrt v19.07.8: revert to branch defaultsHauke Mehrtens2021-08-015-12/+10
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* OpenWrt v19.07.8: adjust config defaultsv19.07.8Hauke Mehrtens2021-08-015-10/+12
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ubus: update to version 2021-07-01Petr Štetiar2021-07-291-3/+3
| | | | | | | | This update cherry picks following fix: * ubusd: fix tx_queue linked list usage Signed-off-by: Petr Štetiar <ynezz@true.cz>
* ubus: update to version 2021-06-03Petr Štetiar2021-07-291-4/+4
| | | | | | | | | | | | | This update cherry picks following changes: * cmake: add a possibility to set library version * ubusd: protect against too-short messages * ubusd: add per-client tx queue limit * ubusd: convert tx_queue to linked list * lua: avoid truncation of large numeric values Fixes: FS#1525 Signed-off-by: Petr Štetiar <ynezz@true.cz>
* ubus: backport SOVERSION supportPetr Štetiar2021-07-291-3/+5
| | | | | | | | | | | Add a support for setting of new `ABIVERSION` CMake define which allows to control the SOVERSION used for the built shared library. This is needed for downstream packaging to properly track breaking ABI changes when updating to newer versions of the library. Signed-off-by: Felix Fietkau <nbd@nbd.name> Signed-off-by: Petr Štetiar <ynezz@true.cz> (backported from commit 8edb1797d55d259c6eda18c89784f152328436fc)
* kernel: bump 4.14 to 4.14.241David Bauer2021-07-2842-115/+131
| | | | | | | | | Refreshed all patches Compile-tested: ath79-generic brcm2708-bcm2708 Run-tested: ath79-generic brcm2708-bcm2708 Signed-off-by: David Bauer <mail@david-bauer.net>
* ath10k-ct: add security fixesMichael Yartys2021-07-028-74/+35
| | | | | | | | | | | | This rebases -ct changes on top of upstream stable kernel's latest code. Including the wifi security fixes that recently went in. Removed upstreamed 203-ath10k-Limit-available-channels-via-DT-ieee80211-fre.patch and refreshed patches. Signed-off-by: Michael Yartys <michael.yartys@protonmail.com> Signed-off-by: Petr Štetiar <ynezz@true.cz> [backport] (backported from commit 2e10ed925e1e07c28570731a429efa5e7de3b826)
* base-files: fix /tmp/TZ when zoneinfo not installedPaul Spooren2021-06-251-7/+4
| | | | | | | | | | | | | The zoneinfo packages are not installed per default so neither /tmp/localtime nor /tmp/TZ is generated. This patch mostly reverts the previous fix and instead incooperates a solution suggested by Jo. Fixes "base-files: fix zoneinfo support " 8af62ed Signed-off-by: Paul Spooren <mail@aparcar.org> (cherry picked from commit 56bdb6bb9781f8a0bbec5fc3075b9d2b8d12f9a8)
* base-files: fix zoneinfo supportRosen Penev2021-06-231-7/+9
| | | | | | | | | | | | | | | | | The system init script currently sets /tmp/localinfo when zoneinfo is populated. However, zoneinfo has spaces in it whereas the actual files have _ instead of spaces. This made the if condition never return true. Example failure when removing the if condition: /tmp/localtime -> /usr/share/zoneinfo/America/Los Angeles This file does not exist. America/Los_Angeles does. Ran through shfmt -w -ci -bn -sr -s Signed-off-by: Rosen Penev <rosenp@gmail.com> (cherry picked from commit 8af62ede189aa504135db05474d34c9f8a1ed35d)
* mac80211: distance config: allow "auto" as a valueAli MJ Al-Nasrawy2021-06-231-1/+2
| | | | | | | | | | The user can now enable the ACK timeout estimation algorithm (dynack) for drivers that support it. It is also expected that the distance config accepts the same values as: $ iw phyX set distance XXX Signed-off-by: Ali MJ Al-Nasrawy <alimjalnasrawy@gmail.com> (cherry picked from commit a8a1ef856871dc8403ea9c0a3bb347c7120b0e65)
* gitignore: add .ccache folderKoen Vandeputte2021-06-141-0/+1
| | | | Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.236Koen Vandeputte2021-06-141-2/+2
| | | | | | | | | | | | Refreshed all patches. Fixes: - CVE-2021-3564 Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* mac80211: Update to backports version 4.19.193-test1Hauke Mehrtens2021-06-0616-58/+58
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: bump 4.14 to 4.14.235Hauke Mehrtens2021-06-0621-58/+40
| | | | | | | | | | | | Manually rebased ramips/patches-5.4/0048-asoc-add-mt7620-support.patch All others updated automatically. Compile-tested on: ath79/generic, ramips/mt7621 Runtime-tested on: ath79/generic Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ubox: fix init script validation of log_ip optionJo-Philipp Wich2021-05-282-2/+2
| | | | | | | | | The underlying logread process uses usock() to handle remote connections which is able to handle both hostnames and IP addresses. Ref: https://github.com/openwrt/luci/issues/5077 Signed-off-by: Jo-Philipp Wich <jo@mein.io> (backported from commit ec83fb9ced138b7945135adffb9ff0ba63b695ec)
* tools/mklibs: Fix compile with GCC 11Hauke Mehrtens2021-05-161-0/+1
| | | | | | | | | | | | | GCC 11 defaults to C++17, but mklibs does not compile when using the C++17 standard. This patch switches back to the gnu++98 version like done in master commit 9437012b9ee4 ("tools/mklibs: update to 0.1.44 and convert to Python 3") This fixes the following compile error message: elf.hpp:52:56: error: ISO C++17 does not allow dynamic exception specifications 52 | const section &get_section(unsigned int i) const throw (std::out_of_range) { return *sections.at(i); }; Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* openwrt-keyring: Only copy sign key for 19.07 and 21.02Hauke Mehrtens2021-05-161-2/+5
| | | | | | | | | | | Instead of adding all public signature keys from the openwrt-keyring repository only add the key which is used to sign the OpenWrt 19.07 feeds and the 21.02 feeds to allow checking the next release. If one of the other keys would be compromised this would not affect users of 19.07 release builds. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* openwrt-keyring: add OpenWrt 21.02 GPG/usign keysPetr Štetiar2021-05-161-3/+3
| | | | | | | | 49283916005d usign: add 21.02 release build pubkey bc4d80f064f2 gpg: add OpenWrt 21.02 signing key Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit 1bf6d70e60fdb45d81a8f10b90904cef38c73f70)
* generic: platform/mikrotik: release mtd device after useKoen Vandeputte2021-05-121-1/+4
| | | | | | | | | | | | | | The code uses get_mtd_device_nm() which must be followed by a call to put_mtd_device() once the handle is no longer used. This fixes spurious shutdown console messages such as: [ 83.099037] Removing MTD device #1 (hard_config) with use count 1 Reported-by: Koen Vandeputte <koen.vandeputte@ncentric.com> Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com> Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org> [Backported from master] Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.232Koen Vandeputte2021-05-104-7/+7
| | | | | | | | | | | | Refreshed all patches. Fixes: - CVE-2021-23133 Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* Extend checks on build prerequisites for building OpenWRT coreBas Mevissen2021-05-081-1/+12
| | | | | | | | | | | | | | OpenWRT requires a number of Perl modules to be installed. It wasn't checking on all of them. This patch adds checks for Perl FindBin, File::Copy, File::Compare and Thread::Queue modules. Failing to install these, will have the build break at some point. By adding these to the prereq-build.mk script, they are checked on forehand. Tested on a Fedora 33 and 34 (beta) that was freshly installed. Fedora appears to break up Perl modules into small packages that need to be installed for the build to succeed. Signed-off-by: Bas Mevissen <abuse@basmevissen.nl> (cherry picked from commit f68c9474acf9a65b5a9538db8e45c173462487e3)
* prereq-build: test for perl's Data::DumperRosen Penev2021-05-081-0/+4
| | | | | | | | | | | | | | | | | | | | | | | Required for installation of autoconf: make[5]: Entering directory `/openwrt/build_dir/host/autoconf-2.69' Making all in bin make[6]: Entering directory `/openwrt/build_dir/host/autoconf-2.69/bin' autom4te_perllibdir='..'/lib AUTOM4TE_CFG='../lib/autom4te.cfg' ../bin/autom4te -B '..'/lib -B '..'/lib --language M4sh --cache '' --melt ./autoconf.as -o autoconf.in Can't locate Data/Dumper.pm in @INC (@INC contains: ../lib /usr/local/lib64/perl5 /usr/local/share/perl5 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5 .) at ../lib/Autom4te/C4che.pm line 33. BEGIN failed--compilation aborted at ../lib/Autom4te/C4che.pm line 33. Compilation failed in require at ../bin/autom4te line 40. BEGIN failed--compilation aborted at ../bin/autom4te line 40. make[6]: *** [autoconf.in] Error 2 Signed-off-by: Rosen Penev <rosenp@gmail.com> (cherry picked from commit dc467eac38f2447b652b6680cf4af75b05fd6cd2)
* tplink-safeloader: fix C7v5 factory flashing from vendor fw > v1.1.xPetr Štetiar2021-05-061-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently it's not possible to flash factory images on devices shipped with vendor firmware versions 1.1.0 Build 20201120 rel. 50406 (published 2020-12-22): (curFw_ver, newFw_ver) == (1.1, 1.0) [NM_Error](nm_checkSoftVer) 00848: Firmwave not supports, check failed. [NM_Error](nm_checkUpdateContent) 01084: software version dismatched [NM_Error](nm_buildUpgradeStruct) 01188: checkUpdateContent failed. They've even following note in release notes: Note: You will be unable to downgrade to the previous firmware version after updating this firmware. This version check in vendor firmware is implemented in /usr/bin/nvrammanager binary likely as following C code[1]: sscanf(buf, "%d.%d.%*s",&upd_fw_major, &upd_fw_minor); ... if (((int)upd_fw_major < (int)cur_fw_major) || ((ret = 1, cur_fw_major == upd_fw_major && (upd_fw_minor < (int)cur_fw_minor)))) { ret = 0; printf("[NM_Error](%s) %05d: Firmwave not supports, check failed.\r\n\r\n","nm_checkSoftVer" ,0x350); } ... return ret; So in order to fix this and make it future proof it should be enough to ship our factory firmware images with major version 7 (lucky number). Tested on latest firmware version 1.1.2 Build 20210125 rel.37999: Firmwave supports, check OK. (curFw_ver, newFw_ver) == (1.1, 7.0) check firmware ok! Flashing back to vendor firmware c7v5_us-up-ver1-1-2-P1[20210125-rel37999]_2021-01-25_10.33.55.bin works as well: U-Boot 1.1.4-gbec22107-dirty (Nov 18 2020 - 18:19:12) ... Firmware downloaded... filesize = 0xeeae77 fileaddr = 0x80060000. Firmware Recovery file length : 15642231 Firmware process id 2. handle_fw_cloud 146 Image verify OK! Firmware file Verify ok! product-info:product_name:Archer C7 product_ver:5.0.0 special_id:55530000 [Error]sysmgr_cfg_checkSupportList(): 1023 @ specialId 45550000 NOT Match. Firmware supports, check OK. Firmware Recovery check ok! 1. https://gist.github.com/ynezz/2e0583647d863386a66c3d231541b6d1 Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit e6d66375cbbb54e0e82a67030e385a5486273766) Signed-off-by: Petr Štetiar <ynezz@true.cz>
* mac80211: Update to backports version 4.19.189-1Hauke Mehrtens2021-05-0444-499/+146
| | | | | | The removed patches were applied upstream. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* dropbear: Fix CVE-2020-36254Hauke Mehrtens2021-05-031-0/+21
| | | | | | | | This backports a fix from dropbear 2020.81. CVE-2020-36254 description: scp.c in Dropbear before 2020.79 mishandles the filename of . or an empty filename, a related issue to CVE-2018-20685. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ramips: backport unlocked mdiobus accessorsDavid Bauer2021-05-031-0/+141
| | | | | | | | | | | Commit 718e97c5c843 ("ramips: mt7530 swconfig: fix race condition in register access") backports a fix which depends on unlocked MMD accessors, however these were not yet included in Kernel 4.14 and they were not backported yet. Fixes commit 718e97c5c843 ("ramips: mt7530 swconfig: fix race condition in register access") Signed-off-by: David Bauer <mail@david-bauer.net>
* openvpn: update to 2.4.11Magnus Kroken2021-05-022-3/+3
| | | | | | | | | | | | Fixes two related security vulnerabilities (CVE-2020-15078) which under very specific circumstances allow tricking a server using delayed authentication (plugin or management) into returning a PUSH_REPLY before the AUTH_FAILED message, which can possibly be used to gather information about a VPN setup. This release also includes other bug fixes and improvements. Signed-off-by: Magnus Kroken <mkroken@gmail.com>
* openvpn: update to 2.4.9Magnus Kroken2021-05-023-4/+4
| | | | | | | | | | | | | | | | This is primarily a maintenance release with bugfixes and improvements. This release also fixes a security issue (CVE-2020-11810) which allows disrupting service of a freshly connected client that has not yet negotiated session keys. The vulnerability cannot be used to inject or steal VPN traffic. Release announcement: https://openvpn.net/community-downloads/#heading-13812 Full list of changes: https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24#OpenVPN2.4.9 Signed-off-by: Magnus Kroken <mkroken@gmail.com> (cherry-picked from commit d7e98bd7c5316f95cc11635371a39c6c0e18b9a7)
* openvpn: update to 2.4.8Magnus Kroken2021-05-025-6/+129
| | | | | | | | | | | Backport two upstream commits that allow building openvpn-openssl without OpenSSLs deprecated APIs. Full changelog: https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24#OpenVPN2.4.8 Signed-off-by: Magnus Kroken <mkroken@gmail.com> (cherry-picked from commit bf43e5bbf91ca1a90df8dae3e2cce6bbb61d5cd9)
* ramips: mt7530 swconfig: fix race condition in register accessDENG Qingfang2021-05-021-6/+10
| | | | | | | | | | | | | | | | | | | [ Upstream commit f99c9cd9c4d4c49a676d678327546fd41690fe2a ] The mt7530_{r,w}32 operation over MDIO uses 3 mdiobus operations and does not hold a lock, which causes a race condition when multiple threads try to access a register, they may get unexpected results. To avoid this, handle the MDIO lock manually, and use the unlocked __mdiobus_{read,write} in the critical section. This fixes the "Ghost VLAN" artifact[1] in MT7530/7621 when the VLAN operation and the swconfig LED link status poll race between each other. [1] https://forum.openwrt.org/t/mysterious-vlan-ids-on-mt7621-device/64495 Signed-off-by: DENG Qingfang <dqfext@gmail.com> (cherry picked from commit f99c9cd9c4d4c49a676d678327546fd41690fe2a)
* ppp/pppoe-discovery: fix -W optionMartin Schiller2021-05-021-0/+60
| | | | | | | | | This patch is already included in ppp-2.4.9 which is used in openwrt master. Backport this patch to openwrt-19.07. Signed-off-by: Martin Schiller <ms@dev.tdt.de>
* kernel: bump 4.14 to 4.14.231Koen Vandeputte2021-04-303-10/+10
| | | | | | | | | | | | | | Refreshed all patches. Fixes: - CVE-2020-25672 - CVE-2020-25671 - CVE-2020-25670 Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* kernel: bump 4.14 to 4.14.230Koen Vandeputte2021-04-307-83/+33
| | | | | | | | | | | | Refreshed all patches. Remove upstreamed: - 840-can-flexcan-flexcan_chip_freeze-fix-chip-freeze-for-.patch Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
* mac80211: backport upstream fixesKoen Vandeputte2021-04-098-1/+354
| | | | | | | Refreshed all patches. Includes all fixes up to 4.19.184 Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
* kernel: backport fix for flexcan bugKoen Vandeputte2021-04-091-0/+50
| | | | | | | | This patch fixes a DIV/0 error which was introduced in 4.14.225 This patch was forgotten in upstream <= 4.14 and is now queued for future release. Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
* kernel: bump 4.14 to 4.14.229Koen Vandeputte2021-04-097-11/+11
| | | | | | | | | Refreshed all patches. Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
* kernel: bump 4.14 to 4.14.228Koen Vandeputte2021-04-094-32/+32
| | | | | | | | | Refreshed all patches. Compile-tested on: ar71xx, cns3xxx, imx6, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
* kernel: bump 4.14 to 4.14.227Koen Vandeputte2021-04-0927-75/+75
| | | | | | | | | | | | Refreshed all patches. Altered patches: - 809-flexcan-support-layerscape.patch Compile-tested on: ar71xx, cns3xxx, imx6, layerscape, x86_64 Runtime-tested on: ar71xx, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
* openssl: bump to 1.1.1kEneas U de Queiroz2021-03-272-24/+23
| | | | | | | | | | | | | This version fixes 2 security vulnerabilities, among other changes: - CVE-2021-3450: problem with verifying a certificate chain when using the X509_V_FLAG_X509_STRICT flag. - CVE-2021-3449: OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit 0bd0de7d43b3846ad0d7006294e1daaadfa7b532)
* openssl: sync package download URLs with masterPetr Štetiar2021-03-271-3/+5
| | | | | | | Apparently it fixes some broken URLs and as a bonus it makes cherry-picking of fixes easier. Signed-off-by: Petr Štetiar <ynezz@true.cz>
* mbedtls: update to 2.16.10Magnus Kroken2021-03-272-13/+13
| | | | | | | | | | | | | | | | | | | | This release of Mbed TLS provides bug fixes and minor enhancements. This release includes fixes for security issues. Security fixes: * Fix a buffer overflow in mbedtls_mpi_sub_abs() * Fix an errorneous estimation for an internal buffer in mbedtls_pk_write_key_pem() * Fix a stack buffer overflow with mbedtls_net_poll() and mbedtls_net_recv_timeout() * Guard against strong local side channel attack against base64 tables by making access aceess to them use constant flow code Full release announcement: https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.10 Signed-off-by: Magnus Kroken <mkroken@gmail.com> (cherry picked from commit dbde2bcf60b5d5f54501a4b440f25fe7d02fbe5d)
* mwlwifi: add PKG_FLAGS:=nonsharedDaniel Golle2021-03-241-0/+1
| | | | | | | | | This should fix the problem of mwlwifi-firmware-* not being found when using the ImageBuilder. Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit 9b3aaf1cdb873cc2a7b2f2ef4e72ddb716afba38) Signed-off-by: Daniel Golle <daniel@makrotopia.org>