aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* base-files: rc.common: fix missing EXTRA_HELP textsPeter Stadler2019-11-142-2/+2
| | | | | | | | | | | | | | | Commit ed5b9129d7a4 ("base-files: implement generic service_running") has added EXTRA_HELP variable, thus overriding already available EXTRA_HELP text available in other init scripts, resulting in the missing help text from services like dropbear for example. So fix this regression by appending EXTRA_HELP text provided by the other init scripts into the one provided by the script itself. Fixes: ed5b9129d7a4 ("base-files: implement generic service_running") Signed-off-by: Peter Stadler <peter.stadler@student.uibk.ac.at> [commit title/description facelift, fixes tag, fixed From:, pkg bump] Signed-off-by: Petr Štetiar <ynezz@true.cz>
* kernel: fix typo in fb-sys-fops autoloadSungbo Eo2019-11-141-1/+1
| | | | | | | AutoLoad parameter must match the exact kernel module name. Fix it. Fixes: 125f1ce9ad0c ("kernel: video: add DRM core and IMX DRM support for HDMI/LVDS") Signed-off-by: Sungbo Eo <mans0n@gorani.run>
* mac80211: restore mac80211_interface_cleanup()Daniel Golle2019-11-141-0/+16
| | | | | | | | | | Changes introduced for dynamic wifi reconfiguration left behind unmanaged interface types. Restore parts of the old function to also clean (unencrypted, non-DFS) mesh and ad-hoc interfaces. Fixes: a5bc9787d4 ("mac80211: add support for dynamically reconfiguring wifi") Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* ath79: GL-AR750S: provide NAND support; increase kernel to 4 MBJeff Kletsky2019-11-141-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The GL.iNet GL-AR750S has been supported by the ar71xx and ath79 platforms with access to its 16 MB NOR flash, but not its 128 MB SPI NAND flash. This commit provides support for the NAND through the upstream SPI-NAND framework. At this time, the OEM U-Boot appears to only support loading the kernel from NOR. This configuration is preserved as this time, with the glinet,gl-ar750s-nand name reserved for a potential, future, NAND-only boot. The family of GL-AR750S devices on the ath79 platform now includes: * glinet,gl-ar750m-nor-nand "nand" target * glinet,gl-ar750m-nor "nand" target (NAND-aware) NB: This commit increases the kernel size from 2 MB to 4 MB "Force-less" sysupgrade is presently supported from the current versions of following NOR-based firmwre images to the version of glinet,gl-ar750s-nor firmware produced by this commit: * glinet,gl-ar750s -- OpenWrt 19.07 ar71xx * glinet,gl-ar750s -- OpenWrt 19.07 ath79 Users who have sucessfully upgraded to glinet,gl-ar750m-nor may then flash glinet,gl-ar750m-nor-nand with sysupgrade to transtion to the NAND-based variant. Other upgrades to these images, including directly to the NAND-based glinet,gl-ar750s-nor-nand firmware, can be accomplished through U-Boot. NB: See "ath79: restrict GL-AR750S kernel build-size to 2 MB" which enables flashing of NAND factory.img with the current GL-iNet U-Boot, "U-Boot 1.1.4-gcf378d80-dirty (Aug 16 2018 - 07:51:15)" The GL-AR750S OEM U-Boot allows upload and flashing of either NOR firmware (sysupgrade.bin) or NAND firmware (factory.img) through its HTTP-based GUI. Serial connectivity is not required. The glinet,gl-ar750s-nor and glinet,gl-ar750s-nor-nand images generated after this commit flash each other directly. This commit changes the control of the USB VBUS to gpio-hog from regulator-fixed introduced by commit 0f6b944c92. This reduces the compressed kernel size by ~14 kB, with no apparent loss of functionality. No other ath79-nand boards are using regulator-fixed at this time. Note: mtd_get_mac_binary art 0x5006 does not return the proper MAC and the GL.iNet source indicates that only the 0x0 offset is valid The ar71xx targets are unmodified. Cc: Alexander Wördekemper <alexwoerde@web.de> Signed-off-by: Jeff Kletsky <git-commits@allycomm.com>
* ath79: add GL.iNet GL-AR300M16 as NOR-only boardJeff Kletsky2019-11-141-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The GL.iNet GL-AR300M series of devices includes variants without NAND and only the 16 MB NOR flash. These include the GL-AR300M16 and the GL-AR300M-Lite (already with its own board name). This board-name addition provides disambiguation from the NAND-bearing GL-AR300M devices, both for OpenWrt code and for end users. Kernel and firmware support for NAND and UBI will add ~320 kB to the overall firmware size at this time. This NOR-only option continues to provide more compact firmware for both the GL-AR300M16 as well as those who wish to use it as an alternate or primary, NOR-resident firmware on the GL-AR300M. The ar71xx targets are unmodified. Installation ------------ Install through OEM U-Boot (HTTP-based) or `sysupgrade --force` when booted from NOR and running OEM or OpenWrt, NOR-based firmware. As one of the intentions is disambiguation from NAND-bearing units, users who have flashed this firmware onto a device with NAND would need to use U-Boot or `sysupgrade --force` to flash firmware that again supports NAND. There are no additional SUPPORTED_DEVICES as it is not possible to determine if a device does or does not have NAND based on either the OEM's or OpenWrt's board names prior to this patch. Signed-off-by: Jeff Kletsky <git-commits@allycomm.com>
* uboot-envtools: ramips: add support for ALFA Network Quad-E4GPiotr Dymacz2019-11-141-0/+1
| | | | Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
* uboot-envtools: ramips: add support for ALFA Network R36M-E4GPiotr Dymacz2019-11-131-0/+1
| | | | Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
* base-files: add /usr/share/libubox/jshn.sh to sysupgrade stage2Russell Senior2019-11-131-1/+1
| | | | | | | | Discovered recent changes had broken sysupgrade for ar71xx mikrotik rb-493g, traced the problem to missing /usr/share/libubox/jshn.sh after switching to tmpfs. Signed-off-by: Russell Senior <russell@personaltelco.net>
* base-files: remove shebang from uci-defaults filesAdrian Schmutzler2019-11-134-7/+1
| | | | | | | | | uci-defaults are sourced and non-executable, so they do not require a shebang. While at it, apply consistent naming scheme. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files: add 'wifi reconf'John Crispin2019-11-122-1/+6
| | | | | | | | Now that netifd and hostapd allow dynamic reconfiguration, add a command to trigger it. Signed-off-by: John Crispin <john@phrozen.org> Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* mac80211: add support for dynamically reconfiguring wifiJohn Crispin2019-11-122-37/+135
| | | | | | | | | Change scripts to use ubus interface of hostapd/wpa_supplicant to add/remove/modify wireless interfaces instead of (re-)starting the services. Signed-off-by: John Crispin <john@phrozen.org> Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* hostapd: add ubus reloadJohn Crispin2019-11-129-20/+601
| | | | | | | | | | | | | | | Add ubus interface to hostapd and wpa_supplicant to allow dynamically reloading wiface configuration without having to restart the hostapd process. As a consequence, both hostapd and wpa_supplicant are now started persistently on boot for each wifi device in the system and then receive ubus calls adding, modifying or removing interface configuration. At a later stage it would be desirable to reduce the services to one single instance managing all radios. Signed-off-by: John Crispin <john@phrozen.org> Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* netifd: add dynamic wireless reconfigurationDaniel Golle2019-11-121-3/+3
| | | | | | | | | | | | | 7a723d0 wireless: add ubus method for reloading configuration e15147c wireless: make reconf opt-in and allow serializing configuration Set new option 'reconf' in 'wifi-device' section to enable dynamic re-configuration on that radio. If necessary, also set option 'serialize' which forced netifd to configure interfaces of wireless devices one-by-one. Both options are disabled by default. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* fwtool: update to latest Git headPetr Štetiar2019-11-115-681/+11
| | | | | | | | | | | | | | | | | | Includes following changes: 9d9d4c284786 fix possible garbage in unitialized char* struct members dbc1b1b71b24 fix possible copy of null buffer and validation of unitialized header 76d53deef8bb crc32: add missing stdint.h dependency e5666ed3b47c add cram based unit tests abe0cf7de053 add initial GitLab CI support e43042507b4f iron out extra compiler warnings 5df0cd6e1523 convert into CMake project a7dc0526f819 refactor into separate Git project adds missing PKG_LICENSE field and converts the package build to utilize CMake. Signed-off-by: Petr Štetiar <ynezz@true.cz>
* firmware: intel-microcode: bump to 20190918Zoltan HERPAI2019-11-101-2/+2
| | | | | | | | | | | | | | | | | | | | * New upstream microcode datafile 20190918 *Might* contain mitigations for INTEL-SA-00247 (RAMBleed), given the set of processors being updated. * Updated Microcodes: sig 0x000306d4, pf_mask 0xc0, 2019-06-13, rev 0x002e, size 19456 sig 0x000306f4, pf_mask 0x80, 2019-06-17, rev 0x0016, size 18432 sig 0x00040671, pf_mask 0x22, 2019-06-13, rev 0x0021, size 14336 sig 0x000406f1, pf_mask 0xef, 2019-06-18, rev 0xb000038, size 30720 sig 0x00050654, pf_mask 0xb7, 2019-07-31, rev 0x2000064, size 33792 sig 0x00050657, pf_mask 0xbf, 2019-08-12, rev 0x500002b, size 51200 sig 0x00050662, pf_mask 0x10, 2019-06-17, rev 0x001c, size 32768 sig 0x00050663, pf_mask 0x10, 2019-06-17, rev 0x7000019, size 24576 sig 0x00050664, pf_mask 0x10, 2019-06-17, rev 0xf000017, size 24576 sig 0x00050665, pf_mask 0x10, 2019-06-17, rev 0xe00000f, size 19456 Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
* rpcd: update to latest Git HEADJo-Philipp Wich2019-11-101-3/+3
| | | | | | 77ad0de plugin: avoid truncating numeric values Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* firmware: intel-microcode: bump to 20190618Zoltan HERPAI2019-11-101-2/+2
| | | | | | | | | | * Implements MDS mitigation (RIDL, Fallout, Zombieload), INTEL-SA-00223 CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 * Updated Microcodes: sig 0x000206d6, pf_mask 0x6d, 2019-05-21, rev 0x061f, size 18432 sig 0x000206d7, pf_mask 0x6d, 2019-05-21, rev 0x0718, size 19456 Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
* firmware: intel-microcode: bump to 20190514Zoltan HERPAI2019-11-101-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * New Microcodes: sig 0x00030678, pf_mask 0x02, 2019-04-22, rev 0x0838, size 52224 sig 0x00030678, pf_mask 0x0c, 2019-04-22, rev 0x0838, size 52224 sig 0x00030679, pf_mask 0x0f, 2019-04-23, rev 0x090c, size 52224 sig 0x000406c3, pf_mask 0x01, 2019-04-23, rev 0x0368, size 69632 sig 0x000406c4, pf_mask 0x01, 2019-04-23, rev 0x0411, size 68608 sig 0x00050657, pf_mask 0xbf, 2019-02-27, rev 0x5000021, size 47104 sig 0x000806e9, pf_mask 0x10, 2018-10-18, rev 0x009e, size 98304 sig 0x000806eb, pf_mask 0xd0, 2018-10-25, rev 0x00a4, size 99328 sig 0x000806ec, pf_mask 0x94, 2019-02-12, rev 0x00b2, size 98304 sig 0x000906ec, pf_mask 0x22, 2018-09-29, rev 0x00a2, size 98304 sig 0x000906ed, pf_mask 0x22, 2019-02-04, rev 0x00b0, size 97280 * Updated Microcodes: sig 0x000206a7, pf_mask 0x12, 2019-02-17, rev 0x002f, size 12288 sig 0x000306a9, pf_mask 0x12, 2019-02-13, rev 0x0021, size 14336 sig 0x000306c3, pf_mask 0x32, 2019-02-26, rev 0x0027, size 23552 sig 0x000306d4, pf_mask 0xc0, 2019-03-07, rev 0x002d, size 19456 sig 0x000306e4, pf_mask 0xed, 2019-03-14, rev 0x042e, size 16384 sig 0x000306e7, pf_mask 0xed, 2019-03-14, rev 0x0715, size 17408 sig 0x000306f2, pf_mask 0x6f, 2019-03-01, rev 0x0043, size 34816 sig 0x000306f4, pf_mask 0x80, 2019-03-01, rev 0x0014, size 18432 sig 0x00040651, pf_mask 0x72, 2019-02-26, rev 0x0025, size 21504 sig 0x00040661, pf_mask 0x32, 2019-02-26, rev 0x001b, size 25600 sig 0x00040671, pf_mask 0x22, 2019-03-07, rev 0x0020, size 14336 sig 0x000406e3, pf_mask 0xc0, 2019-04-01, rev 0x00cc, size 100352 sig 0x000406f1, pf_mask 0xef, 2019-03-02, rev 0xb000036, size 30720 sig 0x00050654, pf_mask 0xb7, 2019-04-02, rev 0x200005e, size 32768 sig 0x00050662, pf_mask 0x10, 2019-03-23, rev 0x001a, size 32768 sig 0x00050663, pf_mask 0x10, 2019-03-23, rev 0x7000017, size 24576 sig 0x00050664, pf_mask 0x10, 2019-03-23, rev 0xf000015, size 23552 sig 0x00050665, pf_mask 0x10, 2019-03-23, rev 0xe00000d, size 19456 sig 0x000506c9, pf_mask 0x03, 2019-01-15, rev 0x0038, size 17408 sig 0x000506ca, pf_mask 0x03, 2019-03-01, rev 0x0016, size 15360 sig 0x000506e3, pf_mask 0x36, 2019-04-01, rev 0x00cc, size 100352 sig 0x000506f1, pf_mask 0x01, 2019-03-21, rev 0x002e, size 11264 sig 0x000706a1, pf_mask 0x01, 2019-01-02, rev 0x002e, size 73728 sig 0x000806e9, pf_mask 0x10, 2019-04-01, rev 0x00b4, size 98304 sig 0x000806e9, pf_mask 0xc0, 2019-04-01, rev 0x00b4, size 99328 sig 0x000806ea, pf_mask 0xc0, 2019-04-01, rev 0x00b4, size 99328 sig 0x000806eb, pf_mask 0xd0, 2019-03-30, rev 0x00b8, size 98304 sig 0x000806ec, pf_mask 0x94, 2019-03-30, rev 0x00b8, size 97280 sig 0x000906e9, pf_mask 0x2a, 2019-04-01, rev 0x00b4, size 99328 sig 0x000906ea, pf_mask 0x22, 2019-04-01, rev 0x00b4, size 98304 sig 0x000906eb, pf_mask 0x02, 2019-04-01, rev 0x00b4, size 99328 sig 0x000906ec, pf_mask 0x22, 2019-02-14, rev 0x00ae, size 98304 sig 0x000906ed, pf_mask 0x22, 2019-03-17, rev 0x00b8, size 97280 * Implements MDS mitigation (RIDL, Fallout, Zombieload), INTEL-SA-00223 CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, CVE-2019-11091 Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
* mac80211: Fix dependencies of kmod-rsi91x-usbHauke Mehrtens2019-11-091-2/+2
| | | | | | | | | | Instead of depending on kmod-usb2 make it depend on the normal USB dependencies. This should hopefully fix some problems seen in the build bot builds for powerpc_8540. In addition also activate DRIVER_11N_SUPPORT support. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* strace: Fix build on PowerPCHauke Mehrtens2019-11-091-17/+0
| | | | | | | | This patch breaks building on PowerPC, like the mpc85xx_generic target for me. Fixes: FS#2585 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* nghttp2: Fix pkgconfig fileRosen Penev2019-11-091-7/+5
| | | | | | | | | | lib and includedir point to the host, not staging_dir. Note that prefix and exec_prefix is overriden to point to staging_dir. As CMAKE_INSTTALL is passed, switched InstallDev to use cmake.mk's rule. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* libevent2: Fix pkgconfig directoriesRosen Penev2019-11-091-8/+5
| | | | | | | | | | | includedir and libdir are set to /usr/include and /usr/lib . This breaks compilation with packages such as tmux that use pkgconfig to find libevent Also added PKG_LICENSE_FILES. Simplified the InstallDev section by using cmake.mk's default rule. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* ipset: update to 7.4DENG Qingfang2019-11-091-2/+2
| | | | Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
* uboot-envtools: Add TARGET_LDFLAGS to fix PIE and RELROHauke Mehrtens2019-11-092-11/+9
| | | | | | | | | Forward the OpenWrt TARGET_LDFLAGS to the linker of the fw_printenv tool. In addition also use the more standard make invocation script. With this change the fw_printenv tool is built with PIE and Full RELRO support when activated globally in OpenWrt. Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
* xfsprogs: Fix compilation with newer muslRosen Penev2019-11-093-6/+49
| | | | | | Backported upstream patch. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* busybox: update to 1.31.1Hannu Nyman2019-11-091-2/+2
| | | | | | | | | | | Update busybox to 1.31.1 Small bug fix release. Fixes for dc, ash (PS1 expansion fix), hush, dpkg-deb, telnet and wget. No need to refresh patches or config. Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
* procd: start additional consoles during hotpluggingMichael Heimpold2019-11-092-1/+5
| | | | | | | | Now that 'start-console' procd command has reached the main repo, we can add a rule to start consoles on serial devices which are created when USB gadget driver reports creation with hotplugging. Signed-off-by: Michael Heimpold <mhei@heimpold.de>
* uboot-mxs: bump to v2019.10Michael Heimpold2019-11-092-9/+11
| | | | | | | | Also update the U-Boot BSP patch for I2SE Duckbill devices. Run tested on I2SE Duckbill and Olimex OLinuXino Maxi boards. Signed-off-by: Michael Heimpold <mhei@heimpold.de>
* usign: Activate LTO compile optionHauke Mehrtens2019-11-081-0/+3
| | | | | | | | | | | | This decreases the size of the usign application by 16% on MIPS BE. old: 24,597 /usr/bin/usign new: 20,501 /usr/bin/usign Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* swconfig: Activate LTO compile optionHauke Mehrtens2019-11-081-0/+3
| | | | | | | | | | | | This decreases the size of the swconfig application by 25% on MIPS BE. old: 16,916 /sbin/swconfig new: 12,565 /sbin/swconfig Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mtd: Activate LTO compile optionHauke Mehrtens2019-11-081-1/+2
| | | | | | | | | | | | This decreases the size of the mtd application by 25% on MIPS BE. old: 20,597 /sbin/mtd new: 16,421 /sbin/mtd Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* dnsmasq: Activate LTOHauke Mehrtens2019-11-081-2/+2
| | | | | | | | | | | | This decreases the binary size when PIE ASLR is activated by 8% on MIPS BE. old: 202,020 /usr/sbin/dnsmasq new: 185,676 /usr/sbin/dnsmasq Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* uci: update to latest to version 2019-11-08Hauke Mehrtens2019-11-081-3/+3
| | | | | | | fc417e8 build: Add -Wclobbered to detect problems with longjmp 2c8e4a3 util: Fix error path Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ar71xx: update uboot-envtools for Netgear WNR routersMichal Cieslakiewicz2019-11-081-1/+10
| | | | | | | Boards added: WNR1000v2, WNR2000v3, WNR2200, WNR612v2, WNDR4300. Boards changed: WNDR3700 (u-boot env size is 2 sectors not 1). Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
* ath79: update uboot-envtools for Netgear WNR routersMichal Cieslakiewicz2019-11-081-0/+6
| | | | | | Boards added: WNR1000v2, WNR2000v3, WNR612v2, WNDR3700. Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
* busybox: disable default config option FEATURE_SUID=yHenrique de Moraes Holschuh2019-11-071-1/+1
| | | | | | | | | | | | | | | | | | | | | Commit ad7c6102f209 ("busybox: fix missing install with suid bit set if FEATURE_SUID=y") actually fixes BUSYBOX_CONFIG_FEATURE_SUID option and thus would install busybox setuid root by default which would result in possibly unwanted change of current behaviour, so let's disable this option by default in order to preserve the current status-quo. For the record: disabling FEATURE_SUID to preserve the status-quo does *not* imply the current status-quo is "safer", or for that matter, in any way desireable. That is a discussion to be had on the mailing lists. Switching the FEATURE_SUID default to "n" is simply a compromise to facilitate the merge of the changes that unbreak FEATURE_SUID. Ref: PR#2502 Signed-off-by: Henrique de Moraes Holschuh <henrique@nic.br> [commit title/description facelift] Signed-off-by: Petr Štetiar <ynezz@true.cz>
* busybox: fix missing install with suid bit set if FEATURE_SUID=yHenrique de Moraes Holschuh2019-11-071-0/+3
| | | | | | | | | | | | | | | | | | | | With FEATURE_SUID=y one can install busybox binary belonging to root with the suid bit set, enabling some applets to perform root-level operations even when run by ordinary users. Busybox then drops privileges for applets that don't need root access, before entering their main() function. Currently we don't install busybox binary with suid bit set, rendering this feature unusable. Note that we can't just "chmod u+s /bin/busybox" at runtime as a "cheaper" solution: it would waste approximately 200KiB of FLASH (the whole /bin/busybox binary gets copied into the overlay). Ref: PR#2502 Signed-off-by: Henrique de Moraes Holschuh <henrique@nic.br> [commit title/description facelift, use INSTALL_SUID variable] Signed-off-by: Petr Štetiar <ynezz@true.cz>
* Revert "base-files: rename hostname with EUI of mac address"Adrian Schmutzler2019-11-071-15/+1
| | | | | | | | | | | | This reverts commit 6170c46b477d4953f91b99e805a276de444913cf. There has been demand for further evaluation of the impact of a changed hostname, so this is reverted for now. The default hostname will be "OpenWrt" again after this commit. The macaddr_geteui() function is not removed by this revert. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files: rename hostname with EUI of mac addressRosy Song2019-11-072-1/+22
| | | | | | | | | | | | | | | If a label MAC address is provided for device, system will rename the hostname with OpenWrt_{eui mac address}. This helps to distinguish between different devices. Since it's no good idea to nest json_* functions, this code does not use get_mac_label directly, but only get_mac_label_dt as external resource. Signed-off-by: Rosy Song <rosysong@rosinson.com> [merged with commit introducing macaddr_geteui, rebased on updated label MAC address storage, extended commit message] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* base-files: don't store label MAC address in uci system configAdrian Schmutzler2019-11-072-8/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | If set, label MAC address is available from one of two sources, device tree or board.json. So far, the function get_mac_label was meant for retrieving the address, while an option in uci system config was specified only for case 2 (board.json). The uci config option has several drawbacks: - it is only used for a fraction of devices (those not in DT) - label MAC address is a device property, while config implies user interaction - label_macaddr option will only be set if /etc/config/system does not exist (i.e. only for new installations) Thus, this patch changes the behavior of get_mac_label: Instead of writing the value in board.json to uci system config and reading from this location afterwards, get_mac_label now extracts data from board.json directly. The uci config option won't be used anymore. In addition, two utility functions for extraction only from DT or from board.json are introduced. Since this is only changing the access to the label MAC address, it won't interfere with the addresses stored in the code base so far. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* kernel: add crypto_user mod to crypto-user pkgEneas U de Queiroz2019-11-061-2/+4
| | | | | | | | This is needed to export crypto information to netfilter, allowing the alt. afalg openssl engine to obtain information about the drivers being used. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* wolfssl: update to v4.2.0-stableEneas U de Queiroz2019-11-063-142/+4
| | | | | | | | | | | | | | | Many bugs were fixed--2 patches removed here. This release of wolfSSL includes fixes for 5 security vulnerabilities, including two CVEs with high/critical base scores: - potential invalid read with TLS 1.3 PSK, including session tickets - potential hang with ocspstaping2 (always enabled in openwrt) - CVE-2019-15651: 1-byte overread when decoding certificate extensions - CVE-2019-16748: 1-byte overread when checking certificate signatures - DSA attack to recover DSA private keys Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* libnl-tiny: update to latest Git headPetr Štetiar2019-11-061-16/+9
| | | | | | | | | | | | | | Includes following changes: 0230d0698e59 add initial GitLab CI support 5e13b797a988 iron out all extra compiler warnings 802fbd4d6f39 cmake: enable extra compiler checks 050bb5c4431b convert into CMake project 5b350e42d1fd refactor into separate Git project and converts the package build to utilize CMake. Signed-off-by: Petr Štetiar <ynezz@true.cz>
* mac80211 ath9k: force QCA953x clock to 25MHzDavid Bauer2019-11-051-6/+13
| | | | | | | | | | | The QCA953x only supports 25 MHz refclk, however some OEMs set an invalid bootstrap value for the REF_CLK option, which would break the clock detection in ath9k. Force the QCA953x refclk to 25MHz in ath9k, as this is (according to the datasheet) the only valid frequency. Signed-off-by: David Bauer <mail@david-bauer.net>
* ath10k-firmware: update Candela Tech firmware imagesKoen Vandeputte2019-11-051-24/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | The release notes since last time for wave-1: * October 5, 2019: Fix too-short msg caused by invalid use of PayloadLen in receive path. This appears to resolve the issue of getting (and ignoring) too-short commands when we detect loss of CE interrupts and go into polling mode. * October 12, 2019: Fix regression in IBSS mode that caused SWBA overrun issues. Related to regression added during the ct-station logic, specifically TSF allocation. Thanks for Ahmed Zaki @ Mage-Networks for helping to diagnose and test. * October 15, 2019: Only send beacon tx completion events if we can detect CT driver is being used (based on CT_STATS_OK flag being set). This should help CT firmware work better on stock driver. The release notes since last time for wave-2: * October 15, 2019: Only send beacon tx completion events if we can detect CT driver is being used (based on ATH10k_USE_TXCOMPL_TXRATE2 | ATH10k_USE_TXCOMPL_TXRATE1 flags being set). This should help CT firmware work better on stock driver. * October 31, 2019: Compile out peer-ratecode-list-event. ath10k driver ignores the event. * November 1, 2019: Fix rate-ctrl related crash when nss and other things were changed while station stays associated. See bug: https://github.com/greearb/ath10k-ct/issues/96 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* ustream-ssl: update to latest Git HEADJo-Philipp Wich2019-11-051-3/+3
| | | | | | | c9b6668 ustream-ssl: skip writing pending data if .eof is true after connect Fixes: CVE-2019-5101, CVE-2019-5102 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* mac80211: fix build without CONFIG_PCIFelix Fietkau2019-11-051-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: add support for multiple wiphys behind a single deviceFelix Fietkau2019-11-054-19/+48
| | | | | | | | | | The device path will be the same for the first phy. For all subsequent phys, the path gets an extra +1, +2, ... Move the code for converting path to phy and vice versa to a separate library script shared by config detection code and the netifd wireless handler script Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: add pcie apsm backport changesFelix Fietkau2019-11-052-0/+67
| | | | | | Required for newer versions of mt76 Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: enable PMKSA and OK caching for WPA3-PersonalDavid Bauer2019-11-041-1/+8
| | | | | | | | | | | | | This enables PMKSA and opportunistic key caching by default for WPA2/WPA3-Personal, WPA3-Personal and OWE auth types. Otherwise, Apple devices won't connect to the WPA3 network. This should not degrade security, as there's no external authentication provider. Tested with OCEDO Koala and iPhone 7 (iOS 13.1). Signed-off-by: David Bauer <mail@david-bauer.net>