aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* selinux-policy: update to version 1.1Dominick Grift2022-05-031-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | try to clean up some labeling inconsistencies iwinfo loose ends ucode loose ends Makefile: adjust mintesttgt (adds blockmount/blockd) nftables: reads inherited netifd pipe ucode: reads inherited netifd pipes mountroot: fowner sandbox: writes inherited dropbear pipes unbound related to /tmp/etc/ssl unbound loose ends adds a sslconftmpfile for /tmp/etc/ssl README: maintain a wish list in the README iwinfo: netifd forgot write gptfdisk loose ends iwinfo: netifd wpad reads/writes inherited netifd fifo files netifd (mac80211.sh) executes iwinfo luci: executes wireguard luci-cgi: audits xtables execute access rcuhttpd: lists ssl certfile dirs iwinfo, wifi,nftables usage of ttyd pty if available urandomseed: seedrng needs cap_sys_admin iwinfo iwinfo, nftables and some chronyd rules related to ntp nts server nftables, wifi and adds iwinfo skel nftables, rpcd, ucode nftables, ucode and seedrng ucode, fw3/nftables, luci adds ucode skel and some fw3/nftables related urandomseed: some seedrng rules fw3 adds some support for fw4 urandomseed: /etc/seedrng is for seed.credit hotplugcal: runs ucode which is interpreter like adds a nftables skeleton and makes xtables optional agent: allow all agents to write inherited dropbear pipes urandomseed: this seems to be replaced by seedrng kmodloader: label /etc/modules.conf kmodloader.conffile Revert "shelexecfile: remove auditallow rule" Makefile: sort the modules to process by secilc Moves back to git.defensec.nl unbound odhcpd (ip) reads net proc tcp dump shelexecfile: remove auditallow rule rrd.cil: fixes indent Target rddtool from cgi-io instead of runnit it without transition rrd.cil related rrd, rpcd, cgiio clean ups related to luci-app-statistics Rules for rrd files and luci-statistics unboundcontrol ordering Several missing permissions blockmount, dnsmasq, hotplugcall, rpcd, unbound adds mctp_socket (linux 5.15) ip: forgot tc-tiny type transition to go along with the fc spec ip: adds a fc spec for tc-tiny (called by sqm) adds ttyACM fc spec and various assorted loose ends .gitattributes: do not export the github workflows workflow use selinux 3.3 project moved back to https://git.defensec.nl/selinux-policy.git Signed-off-by: Dominick Grift <dominick.grift@defensec.nl> (cherry picked from commit 43794570986e33770d9039399d16a665f6c7c495)
* base-files: add missing $IPKG_INSTROOT to restorecon callDaniel Golle2022-05-031-1/+3
| | | | | | | | Update to overlooked v2 version of Dominick Grift's patch. Fixes: 5109bd164c ("base-files: address sed in-place without SELinux awareness") Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit 6d7272852e0b2634b2fa93a131ea8659ec87f079)
* base-files: address sed in-place without SELinux awarenessDominick Grift2022-05-031-0/+1
| | | | | | | | | | | | | sed(1) in busybox does not support this functionality: https://git.savannah.gnu.org/cgit/sed.git/tree/sed/execute.c#n598 This causes /etc/group to become mislabeled when a package requests that a uid/gid be added on OpenWrt with SELinux Signed-off-by: Daniel Golle <daniel@makrotopia.org> [move restorecon inside lock] Signed-off-by: Dominick Grift <dominick.grift@defensec.nl> (cherry picked from commit 5109bd164c8f2273329483f990188fb36cf3ad68)
* fstools: update to git HEADDaniel Golle2022-05-031-3/+3
| | | | | | | | | | | | | | f0fc66a libfstools: check for overlay mounting errors 128ecaf Update / fix extroot comments 8a0ba3b libfstools: get rid of "extroot_prefix" global variable 649cd3f libfstools: use variable for overlay mount-point 922f1b3 libfstools: avoid segfault in find_mount_point ce5eacb libfstools: mtd: improve error handling 898b328 blockd: restore device_move semantics 0917d22 block: don't probe mtdblock on NAND (with legacy exceptions) Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit 4e8d095013fb822eaa4fd6b4512a434fc17ac901)
* ipq40xx: fix BDF file for pcie wifi chip on the GL.Inet GL-B2200Enrico Mioso2022-05-021-0/+0
| | | | | | | | | | | | | | | | | | | | | | | After the switch to pre-calibration, ath10k would fail to initialize the PCIE Wi-Fi on the GL-B200 as follows: ath10k_pci 0000:01:00.0: enabling device (0140 -> 0142) ath10k_pci 0000:01:00.0: qca9888 hw2.0 target 0x01000000 chip_id 0x00000000 sub 0000:0000 [...] ath10k_pci 0000:01:00.0: failed to fetch board data for bus=pci,bmi-chip-id=0,bmi-board-id=16,variant=GL-B2200 from ath10k/QCA9888/hw2.0/board-2.bin ath10k_pci 0000:01:00.0: failed to fetch board-2.bin or board.bin from ath10k/QCA9888/hw2.0 ath10k_pci 0000:01:00.0: failed to fetch board file: -12 ath10k_pci 0000:01:00.0: could not probe fw (-12) Repackage the BDF file after renaming relevant fields and files to allow for the Wi-Fi interface to start again. Fixes: 80d34d9d593 ("ipq40xx: document pcie wifi chip on the GL.Inet GL-B2200") CC: Christian Lamparter <chunkeey@gmail.com> CC: Robert Marko <robimarko@gmail.com> Reviewed-by: Robert Marko <robert.marko@sartura.hr> Signed-off-by: Enrico Mioso <mrkiko.rs@gmail.com> (cherry picked from commit e3f9af4fb6e4ba8bf54cb4240f318ad32260a6fa)
* f2fs-tools: fix resize.f2fs (#9800)Kerma Gérald2022-05-012-1/+47
| | | | | | | | | | resolve issue - https://github.com/openwrt/openwrt/issues/9800 add the upstream patch: - f2fs-tools.git/patch/?id=f056fbeff08d30a6d9acdb9e06704461ceee3500 Signed-off-by: Kerma Gérald <gandalf@gk2.net> (cherry picked from commit 1aac1b36d3cf44c8bfa8d4a6d8df6e815fc06529)
* dnsmasq: add logfacility file to jail mountsDaniel Golle2022-05-011-2/+6
| | | | | | | | | If logfacility is a path to a file it needs to be r/w mounted in the sandbox as well for dnsmasq to work. Reported-by: @iointerrupt Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit 2b5fa44f60165d66d74131778df0b64b706887e2)
* ucode: reorder BuildPackage callsJo-Philipp Wich2022-04-281-1/+1
| | | | | | | | | | Ensure that the libucode recipe is processed before the ucode one in order to reliably encode the ABI version into ucode's libucode dependency. Fixes: #9788 Ref: https://forum.openwrt.org/t/fw4-wont-start-after-upgrade/126308 Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit 573ce80ca612b0f642b7cbd5d9d33d89b7e96670)
* iwinfo: update to latest HEADDavid Bauer2022-04-271-3/+3
| | | | | | | dc6847e iwinfo: nl80211: omit A-hwmode on non-5GHz hardware Signed-off-by: David Bauer <mail@david-bauer.net> (cherry picked from commit f757a8a09885e3c8bb76371e037b8c0731111980)
* uboot-envtools: add WS-AP3825i configDavid Bauer2022-04-261-0/+4
| | | | | | | | Add configuration to use uboot-envtools with the Extreme Networks WS-AP3825i. Signed-off-by: David Bauer <mail@david-bauer.net> (cherry picked from commit fb7ff6b027d1c69e97e6d39e688a969c164065c8)
* firewall4: update to latest Git HEADJo-Philipp Wich2022-04-251-4/+4
| | | | | | | | | | | | | | fc83d46 ruleset: set auto-merge directive for interval sets 9bce873 fw4: fix skipping invalid ipset entries 425ea8a fw4: fix applying zone flags for source bound rules a378883 fw4: fix emitting family specific redirect rules without any addrs 11feddf fw4: bracketize IPv6 addresses in dnat addr:port notation 9972f7d fw4: ensure to capitalize weekday names fde8070 treewide: forward compatibility changes Signed-off-by: Jo-Philipp Wich <jo@mein.io> (backported from commits 1a35ac99905adc35059489d6e19c7de42ef4cc01 and af02a12d7ccb64a3abbd9683dd22275b538f6d50)
* ucode: update to latest Git HEADJo-Philipp Wich2022-04-251-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | e14b099 syntax: implement support for ES6 template literals 111cf06 vm: stop executing bytecode on return of nested calls 33f1e0b treewide: move json-c compat shims into internal header file e0e9431 vm: move unhandled exception reporting out of `uc_vm_execute_chunk()` 2b59140 vm: fix callframe double free on unhanded exceptions 7d7e950 main: abort when failing to load a preload library 1032a67 lib: let `json()` accept input objects implementing `read()` method 5ee68d5 fs: implement `fs.readfile()` and `fs.writefile()` df6b861 ci: debian: change path before attempting to invoke Git operations dfaf05a ci: debian: automatically update changelog from Git tag 34f3c45 ci: fix YAML syntax of Debian workflow e956bcf fs: fix off-by-one in fs.dirname() function 6fc4b6c .gitignore: fix overmatching patterns, blacklist cram .venv 7c2e082 build: remove legacy json-c check 77942af build: add polyfills for older libjson-c versions 0b4aaa3 CI: build Debian package f404285 debian: Add package definition a37f654 types: fix escape sequence encoding of high byte values in JSON strings aae5312 Update README.md 8134e25 build: fix symlink install target 87c7296 treewide: replace some leftover "utpl" occurrences, update .gitignore 7d27ad5 build: only stage ucc symlink if compile support is enabled 171402f lib: add date and time related functions 8b5dc60 lib: provide API function to obtain stdlib function implementations eb0d2f1 main: turn ucode into multicall executable 28ee7e1 uloop: add support for tasks 753dea9 CI: build on macOS 668c5c0 lib: add argument position support (`%m$`) to `sprintf()` and `printf()` ab46fdf treewide: remove legacy json-c include directives b8f49b1 tests: 21_regex_literals: generalize syntax error test case fd2e5e7 tests: 16_sort: fix logic flaw exposed on OS X 2c71bf2 tests: run_tests.sh: pass dummy value to `-T` flag 55c4a90 lib: disallow zero padding for %s formats 0d05cb5 tests: run_tests.sh: use greadlink if available 271e520 resolv: make OS X compatible d13c320 fs: avoid Linux specific sys/sysmacros.h include on OS X 33397a3 uloop: use execvp() on OS X bafdc8f lib: add naive sigtimedwait() stub for OS X ada1585 build: consolidate CMakeLists.txt and cover OS X deviations befbb69 include: add OS X compatible endian.h header 49838a8 include: rename include guards to avoid clashes with system headers 91f65de nl80211: add missing attributes and correct some attribute flags b4a1fd5 lib: adjust require(), render() and include() raw mode semantics 4618807 main: rework CLI frontend 73dcd78 lib: fix potential integer underflow on empty render output c402551 vm: fix crash on object literals with non-string computed properties efe8a02 syntax: support add new operators 078d686 ubus: add event support 6c66c83 ubus: refactor error and argument handling 1cb04f9 ubus: add object publishing, notify and subscribe support 0e85974 uloop: clear errno before integer conversion attempts 05bd7ed types: treat resource type prototypes as GC roots a2a26ca lib: introduce uloop binding 6b6d01f vm: release this context on exception in managed method call 1af23a9 tests: fix proto() testcase 4ce69a8 fs: implement access(), mkstemp(), file.flush() and proc.flush() Signed-off-by: Jo-Philipp Wich <jo@mein.io> (backported from commits cef3e6a69c4751189e946cf2ff0e00304f9fff6e, 0400774a1001835b912ecf2097bba1306deba9f8 and c59704334c4a01bc18ab489f86d4ca7d2ea3cb8f)
* iwinfo: update to latest HEADDavid Bauer2022-04-241-3/+3
| | | | | | | a479b9b devices: remove whitespace 562d015 iwinfo: nl80211: fix hwmode parsing for multi-band NICs Signed-off-by: David Bauer <mail@david-bauer.net>
* uboot-mediatek: remove '0x' prefix from pstore nodeDaniel Golle2022-04-231-1/+1
| | | | | | | | | Remove '0x' prefix from pstore node in dts, just like it was done for the device tree used by Linux on MT7622. This change is done in preparation to update U-Boot to 2022.04. Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit 810b48e79389a54b9b332fa2834360602a9734f3)
* OpenWrt v22.03.0-rc1: revert to branch defaultsHauke Mehrtens2022-04-211-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* OpenWrt v22.03.0-rc1: adjust config defaultsv22.03.0-rc1Hauke Mehrtens2022-04-211-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* wolfssl: fix compilation with /dev/cryptoEneas U de Queiroz2022-04-201-0/+19
| | | | | | This is trivial fix of a duplicate definition of 'int ret'. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* netfilter: move nf-log modules into separate packagesJo-Philipp Wich2022-04-191-3/+26
| | | | | | | | | Both legacy iptables and nftables require nf-log modules for rule logging, so move them into a separate package both firewall implementations can depend on. Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit bea01fa57f5c9c333138bbbc5c9f83b9d7553fb5)
* realtek: add ZyXEL GS1900-24HP v1 supportMartin Kennedy2022-04-191-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The ZyXEL GS1900-24HP v1 is a 24 port PoE switch with two SFP ports, similar to the other GS1900 switches. Specifications -------------- * Device: ZyXEL GS1900-24HP v1 * SoC: Realtek RTL8382M 500 MHz MIPS 4KEc * Flash: 16 MiB * RAM: Winbond W9751G8KB-25 64 MiB DDR2 SDRAM * Ethernet: 24x 10/100/1000 Mbps, 2x SFP 100/1000 Mbps * LEDs: * 1 PWR LED (green, not configurable) * 1 SYS LED (green, configurable) * 24 ethernet port link/activity LEDs (green, SoC controlled) * 24 ethernet port PoE status LEDs * 2 SFP status/activity LEDs (green, SoC controlled) * Buttons: * 1 "RESET" button on front panel (soft reset) * 1 button ('SW1') behind right hex grate (hardwired power-off) * PoE: * Management MCU: ST Micro ST32F100 Microcontroller * 6 BCM59111 PSE chips * 170W power budget * Power: 120-240V AC C13 * UART: Internal populated 10-pin header ('J5') providing RS232; connected to SoC UART through a TI or SIPEX 3232C for voltage level shifting. * 'J5' RS232 Pinout (dot as pin 1): 2) SoC RXD 3) GND 10) SoC TXD Serial connection parameters: 115200 8N1. Installation ------------ OEM upgrade method: * Log in to OEM management web interface * Navigate to Maintenance > Firmware > Management * If "Active Image" has the first option selected, OpenWrt will need to be flashed to the "Active" partition. If the second option is selected, OpenWrt will need to be flashed to the "Backup" partition. * Navigate to Maintenance > Firmware > Upload * Upload the openwrt-realtek-rtl838x-zyxel_gs1900-24hp-v1-initramfs-kernel.bin file by your preferred method to the previously determined partition. When prompted, select to boot from the newly flashed image, and reboot the switch. * Once OpenWrt has booted, scp the sysupgrade image to /tmp and flash it: > sysupgrade /tmp/openwrt-realtek-rtl838x-zyxel_gs1900-24hp-v1-squashfs-sysupgrade.bin U-Boot TFTP method: * Configure your client with a static 192.168.1.x IP (e.g. 192.168.1.10). * Set up a TFTP server on your client and make it serve the initramfs image. * Connect serial, power up the switch, interrupt U-boot by hitting the space bar, and enable the network: > rtk network on * Since the GS1900-24HP v1 is a dual-partition device, you want to keep the OEM firmware on the backup partition for the time being. OpenWrt can only be installed in the first partition anyway (hardcoded in the DTS). To ensure we are set to boot from the first partition, issue the following commands: > setsys bootpartition 0 > savesys * Download the image onto the device and boot from it: > tftpboot 0x81f00000 192.168.1.10:openwrt-realtek-rtl838x-zyxel_gs1900-24hp-v1-initramfs-kernel.bin > bootm * Once OpenWrt has booted, scp the sysupgrade image to /tmp and flash it: > sysupgrade /tmp/openwrt-realtek-rtl838x-zyxel_gs1900-24hp-v1-squashfs-sysupgrade.bin Signed-off-by: Martin Kennedy <hurricos@gmail.com> [Add info on PoE hardware to commit message] Signed-off-by: Sander Vanheule <sander@svanheule.net> (cherry picked from commit a5ac8ad0ba9df50bdd0dda1dc26cf36f83006893)
* ath79: add support for Sophos AP100/AP55 familyAndrew Powers-Holmes2022-04-191-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The Sophos AP100, AP100C, AP55, and AP55C are dual-band 802.11ac access points based on the Qualcomm QCA9558 SoC. They share PCB designs with several devices that already have partial or full support, most notably the Devolo DVL1750i/e. The AP100 and AP100C are hardware-identical to the AP55 and AP55C, however the 55 models' ART does not contain calibration data for their third chain despite it being present on the PCB. Specifications common to all models: - Qualcomm QCA9558 SoC @ 720 MHz (MIPS 74Kc Big-endian processor) - 128 MB RAM - 16 MB SPI flash - 1x 10/100/1000 Mbps Ethernet port, 802.3af PoE-in - Green and Red status LEDs sharing a single external light-pipe - Reset button on PCB[1] - Piezo beeper on PCB[2] - Serial UART header on PCB - Alternate power supply via 5.5x2.1mm DC jack @ 12 VDC Unique to AP100 and AP100C: - 3T3R 2.4GHz 802.11b/g/n via SoC WMAC - 3T3R 5.8GHz 802.11a/n/ac via QCA9880 (PCI Express) AP55 and AP55C: - 2T2R 2.4GHz 802.11b/g/n via SoC WMAC - 2T2R 5.8GHz 802.11a/n/ac via QCA9880 (PCI Express) AP100 and AP55: - External RJ45 serial console port[3] - USB 2.0 Type A port, power controlled via GPIO 11 Flashing instructions: This firmware can be flashed either via a compatible Sophos SG or XG firewall appliance, which does not require disassembling the device, or via the U-Boot console available on the internal UART header. To flash via XG appliance: - Register on Sophos' website for a no-cost Home Use XG firewall license - Download and install the XG software on a compatible PC or virtual machine, complete initial appliance setup, and enable SSH console access - Connect the target AP device to the XG appliance's LAN interface - Approve the AP from the XG Web UI and wait until it shows as Active (this can take 3-5 minutes) - Connect to the XG appliance over SSH and access the Advanced Console (Menu option 5, then menu option 3) - Run `sudo awetool` and select the menu option to connect to an AP via SSH. When prompted to enable SSH on the target AP, select Yes. - Wait 2-3 minutes, then select the AP from the awetool menu again. This will connect you to a root shell on the target AP. - Copy the firmware to /tmp/openwrt.bin on the target AP via SCP/TFTP/etc - Run `mtd -r write /tmp/openwrt.bin astaro_image` - When complete, the access point will reboot to OpenWRT. To flash via U-Boot serial console: - Configure a TFTP server on your PC, and set IP address 192.168.99.8 with netmask 255.255.255.0 - Copy the firmware .bin to the TFTP server and rename to 'uImage_AP100C' - Open the target AP's enclosure and locate the 4-pin 3.3V UART header [4] - Connect the AP ethernet to your PC's ethernet port - Connect a terminal to the UART at 115200 8/N/1 as usual - Power on the AP and press a key to cancel autoboot when prompted - Run the following commands at the U-Boot console: - `tftpboot` - `cp.b $fileaddr 0x9f070000 $filesize` - `boot` - The access point will boot to OpenWRT. MAC addresses as verified by OEM firmware: use address source LAN label config 0x201a (label) 2g label + 1 art 0x1002 (also found at config 0x2004) 5g label + 9 art 0x5006 Increments confirmed across three AP55C, two AP55, and one AP100C. These changes have been tested to function on both current master and 21.02.0 without any obvious issues. [1] Button is present but does not alter state of any GPIO on SoC [2] Buzzer and driver circuitry is present on PCB but is not connected to any GPIO. Shorting an unpopulated resistor next to the driver circuitry should connect the buzzer to GPIO 4, but this is unconfirmed. [3] This external RJ45 serial port is disabled in the OEM firmware, but works in OpenWRT without additional configuration, at least on my three test units. [4] On AP100/AP55 models the UART header is accessible after removing the device's top cover. On AP100C/AP55C models, the PCB must be removed for access; three screws secure it to the case. Pin 1 is marked on the silkscreen. Pins from 1-4 are 3.3V, GND, TX, RX Signed-off-by: Andrew Powers-Holmes <andrew@omnom.net> (cherry picked from commit 6f1efb28983758116a8ecaf9c93e1d875bb70af7)
* ramips: add support for BOLT! ArionAbdul Aziz Amar2022-04-191-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This device is from now-defunct BOLT! ISP in Indonesia. The original firmware is based on mediatek SDK running linux 2.6 or 3.x in later revision. Specifications: - SoC: MediaTek MT7621 - Flash: 32 MiB NOR SPI - RAM: 128 MiB DDR3 - Ethernet: 2x 10/100/1000 Mbps (switched, LAN + WAN) - WIFI0: MT7603E 2.4GHz 802.11b/g/n - WIFI1: MT7612E 5GHz 802.11ac - Antennas: 2x internal, non-detachable - LEDs: Programmable LEDs: 5 blue LEDs (wlan, tel, sig1-3) and 2 red LEDs (wlan and sig1) Non-programmable "Power" LED - Buttons: Reset and WPS Instalation: Install from TFTP Set your PC IP to 10.10.10.3 and gateway to 10.10.10.123 Press "1" when turning on the router, and type the initramfs file name You also need to solder pin header or cable to J4 or neighboring test points (T19-T21) Pinouts from top to bottom: GND, TX, RX, VCC (3.3v) Baudrate: 57600n8 There's also an additional gigabit transformer and RTL8211FD managed by the LTE module on the backside of the PCB. Signed-off-by: Abdul Aziz Amar <abdulaziz.amar@gmail.com> (cherry picked from commit 78c3534645958c123aa82cec9926a34eed5dd5dd)
* mac80211: fix QCA9561 PA biasThibaut VARÈNE2022-04-181-0/+47
| | | | | | | | | | | | | | | This patch fixes an invalid TX PA DC bias level on QCA9561, which results in a very low output power and very low throughput as devices are further away from the AP (compared to other 2.4GHz APs), following a suggestion from nbd[1]. This patch has been submitted upstream[2]. [1] https://lore.kernel.org/all/91c58969-c60e-2f41-00ac-737786d435ae@nbd.name [2] https://lore.kernel.org/linux-wireless/20220417145145.1847-1-hacks+kernel@slashdirt.org/ Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org> (cherry picked from commit 7dc52a78ae2c2f748a0c0c4adcb13979260b3498)
* readline: add host PICRosen Penev2022-04-171-0/+1
| | | | | | | | Python seems to fail to link to libreadline properly because of this. Not a fatal error but an error nontheless. Signed-off-by: Rosen Penev <rosenp@gmail.com> (cherry picked from commit b363f7488643882b9c53a1e2c6db2a110703cc1d)
* linux-firmware: Update to version 20220411Hauke Mehrtens2022-04-171-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The following files used in OpenWrt changed: amd64-microcode/lib/firmware/amd-ucode/microcode_amd_fam17h.bin amd64-microcode/lib/firmware/amd-ucode/microcode_amd_fam19h.bin amdgpu-firmware/lib/firmware/amdgpu/aldebaran_mec.bin amdgpu-firmware/lib/firmware/amdgpu/aldebaran_mec2.bin amdgpu-firmware/lib/firmware/amdgpu/aldebaran_rlc.bin amdgpu-firmware/lib/firmware/amdgpu/aldebaran_sdma.bin amdgpu-firmware/lib/firmware/amdgpu/aldebaran_smc.bin amdgpu-firmware/lib/firmware/amdgpu/aldebaran_sos.bin amdgpu-firmware/lib/firmware/amdgpu/aldebaran_ta.bin amdgpu-firmware/lib/firmware/amdgpu/aldebaran_vcn.bin amdgpu-firmware/lib/firmware/amdgpu/arcturus_sdma.bin amdgpu-firmware/lib/firmware/amdgpu/beige_goby_ce.bin amdgpu-firmware/lib/firmware/amdgpu/beige_goby_dmcub.bin amdgpu-firmware/lib/firmware/amdgpu/beige_goby_me.bin amdgpu-firmware/lib/firmware/amdgpu/beige_goby_mec.bin amdgpu-firmware/lib/firmware/amdgpu/beige_goby_mec2.bin amdgpu-firmware/lib/firmware/amdgpu/beige_goby_pfp.bin amdgpu-firmware/lib/firmware/amdgpu/beige_goby_rlc.bin amdgpu-firmware/lib/firmware/amdgpu/beige_goby_sdma.bin amdgpu-firmware/lib/firmware/amdgpu/beige_goby_smc.bin amdgpu-firmware/lib/firmware/amdgpu/beige_goby_sos.bin amdgpu-firmware/lib/firmware/amdgpu/beige_goby_ta.bin amdgpu-firmware/lib/firmware/amdgpu/beige_goby_vcn.bin amdgpu-firmware/lib/firmware/amdgpu/cyan_skillfish2_ce.bin amdgpu-firmware/lib/firmware/amdgpu/cyan_skillfish2_me.bin amdgpu-firmware/lib/firmware/amdgpu/cyan_skillfish2_mec.bin amdgpu-firmware/lib/firmware/amdgpu/cyan_skillfish2_mec2.bin amdgpu-firmware/lib/firmware/amdgpu/cyan_skillfish2_pfp.bin amdgpu-firmware/lib/firmware/amdgpu/dcn_3_1_6_dmcub.bin amdgpu-firmware/lib/firmware/amdgpu/dimgrey_cavefish_ce.bin amdgpu-firmware/lib/firmware/amdgpu/dimgrey_cavefish_dmcub.bin amdgpu-firmware/lib/firmware/amdgpu/dimgrey_cavefish_me.bin amdgpu-firmware/lib/firmware/amdgpu/dimgrey_cavefish_mec.bin amdgpu-firmware/lib/firmware/amdgpu/dimgrey_cavefish_mec2.bin amdgpu-firmware/lib/firmware/amdgpu/dimgrey_cavefish_pfp.bin amdgpu-firmware/lib/firmware/amdgpu/dimgrey_cavefish_rlc.bin amdgpu-firmware/lib/firmware/amdgpu/dimgrey_cavefish_sdma.bin amdgpu-firmware/lib/firmware/amdgpu/dimgrey_cavefish_smc.bin amdgpu-firmware/lib/firmware/amdgpu/dimgrey_cavefish_sos.bin amdgpu-firmware/lib/firmware/amdgpu/dimgrey_cavefish_ta.bin amdgpu-firmware/lib/firmware/amdgpu/dimgrey_cavefish_vcn.bin amdgpu-firmware/lib/firmware/amdgpu/gc_10_3_7_ce.bin amdgpu-firmware/lib/firmware/amdgpu/gc_10_3_7_me.bin amdgpu-firmware/lib/firmware/amdgpu/gc_10_3_7_mec.bin amdgpu-firmware/lib/firmware/amdgpu/gc_10_3_7_mec2.bin amdgpu-firmware/lib/firmware/amdgpu/gc_10_3_7_pfp.bin amdgpu-firmware/lib/firmware/amdgpu/gc_10_3_7_rlc.bin amdgpu-firmware/lib/firmware/amdgpu/green_sardine_asd.bin amdgpu-firmware/lib/firmware/amdgpu/green_sardine_ce.bin amdgpu-firmware/lib/firmware/amdgpu/green_sardine_dmcub.bin amdgpu-firmware/lib/firmware/amdgpu/green_sardine_me.bin amdgpu-firmware/lib/firmware/amdgpu/green_sardine_mec.bin amdgpu-firmware/lib/firmware/amdgpu/green_sardine_mec2.bin amdgpu-firmware/lib/firmware/amdgpu/green_sardine_pfp.bin amdgpu-firmware/lib/firmware/amdgpu/green_sardine_rlc.bin amdgpu-firmware/lib/firmware/amdgpu/green_sardine_ta.bin amdgpu-firmware/lib/firmware/amdgpu/green_sardine_vcn.bin amdgpu-firmware/lib/firmware/amdgpu/navi10_asd.bin amdgpu-firmware/lib/firmware/amdgpu/navi10_ce.bin amdgpu-firmware/lib/firmware/amdgpu/navi10_me.bin amdgpu-firmware/lib/firmware/amdgpu/navi10_mec.bin amdgpu-firmware/lib/firmware/amdgpu/navi10_mec2.bin amdgpu-firmware/lib/firmware/amdgpu/navi10_pfp.bin amdgpu-firmware/lib/firmware/amdgpu/navi10_sos.bin amdgpu-firmware/lib/firmware/amdgpu/navi10_ta.bin amdgpu-firmware/lib/firmware/amdgpu/navi10_vcn.bin amdgpu-firmware/lib/firmware/amdgpu/navi12_asd.bin amdgpu-firmware/lib/firmware/amdgpu/navi12_sdma.bin amdgpu-firmware/lib/firmware/amdgpu/navi12_sdma1.bin amdgpu-firmware/lib/firmware/amdgpu/navi12_sos.bin amdgpu-firmware/lib/firmware/amdgpu/navi12_ta.bin amdgpu-firmware/lib/firmware/amdgpu/navi12_vcn.bin amdgpu-firmware/lib/firmware/amdgpu/navi14_asd.bin amdgpu-firmware/lib/firmware/amdgpu/navi14_smc.bin amdgpu-firmware/lib/firmware/amdgpu/navi14_sos.bin amdgpu-firmware/lib/firmware/amdgpu/navi14_ta.bin amdgpu-firmware/lib/firmware/amdgpu/navi14_vcn.bin amdgpu-firmware/lib/firmware/amdgpu/navy_flounder_ce.bin amdgpu-firmware/lib/firmware/amdgpu/navy_flounder_dmcub.bin amdgpu-firmware/lib/firmware/amdgpu/navy_flounder_me.bin amdgpu-firmware/lib/firmware/amdgpu/navy_flounder_mec.bin amdgpu-firmware/lib/firmware/amdgpu/navy_flounder_mec2.bin amdgpu-firmware/lib/firmware/amdgpu/navy_flounder_pfp.bin amdgpu-firmware/lib/firmware/amdgpu/navy_flounder_rlc.bin amdgpu-firmware/lib/firmware/amdgpu/navy_flounder_sdma.bin amdgpu-firmware/lib/firmware/amdgpu/navy_flounder_smc.bin amdgpu-firmware/lib/firmware/amdgpu/navy_flounder_sos.bin amdgpu-firmware/lib/firmware/amdgpu/navy_flounder_ta.bin amdgpu-firmware/lib/firmware/amdgpu/navy_flounder_vcn.bin amdgpu-firmware/lib/firmware/amdgpu/picasso_asd.bin amdgpu-firmware/lib/firmware/amdgpu/picasso_ce.bin amdgpu-firmware/lib/firmware/amdgpu/picasso_me.bin amdgpu-firmware/lib/firmware/amdgpu/picasso_mec.bin amdgpu-firmware/lib/firmware/amdgpu/picasso_mec2.bin amdgpu-firmware/lib/firmware/amdgpu/picasso_pfp.bin amdgpu-firmware/lib/firmware/amdgpu/picasso_ta.bin amdgpu-firmware/lib/firmware/amdgpu/picasso_vcn.bin amdgpu-firmware/lib/firmware/amdgpu/psp_13_0_8_asd.bin amdgpu-firmware/lib/firmware/amdgpu/psp_13_0_8_ta.bin amdgpu-firmware/lib/firmware/amdgpu/psp_13_0_8_toc.bin amdgpu-firmware/lib/firmware/amdgpu/raven2_asd.bin amdgpu-firmware/lib/firmware/amdgpu/raven2_ce.bin amdgpu-firmware/lib/firmware/amdgpu/raven2_me.bin amdgpu-firmware/lib/firmware/amdgpu/raven2_mec.bin amdgpu-firmware/lib/firmware/amdgpu/raven2_mec2.bin amdgpu-firmware/lib/firmware/amdgpu/raven2_pfp.bin amdgpu-firmware/lib/firmware/amdgpu/raven2_ta.bin amdgpu-firmware/lib/firmware/amdgpu/raven2_vcn.bin amdgpu-firmware/lib/firmware/amdgpu/raven_asd.bin amdgpu-firmware/lib/firmware/amdgpu/raven_ce.bin amdgpu-firmware/lib/firmware/amdgpu/raven_me.bin amdgpu-firmware/lib/firmware/amdgpu/raven_mec.bin amdgpu-firmware/lib/firmware/amdgpu/raven_mec2.bin amdgpu-firmware/lib/firmware/amdgpu/raven_pfp.bin amdgpu-firmware/lib/firmware/amdgpu/raven_ta.bin amdgpu-firmware/lib/firmware/amdgpu/raven_vcn.bin amdgpu-firmware/lib/firmware/amdgpu/renoir_asd.bin amdgpu-firmware/lib/firmware/amdgpu/renoir_ce.bin amdgpu-firmware/lib/firmware/amdgpu/renoir_dmcub.bin amdgpu-firmware/lib/firmware/amdgpu/renoir_me.bin amdgpu-firmware/lib/firmware/amdgpu/renoir_mec.bin amdgpu-firmware/lib/firmware/amdgpu/renoir_mec2.bin amdgpu-firmware/lib/firmware/amdgpu/renoir_pfp.bin amdgpu-firmware/lib/firmware/amdgpu/renoir_rlc.bin amdgpu-firmware/lib/firmware/amdgpu/renoir_ta.bin amdgpu-firmware/lib/firmware/amdgpu/renoir_vcn.bin amdgpu-firmware/lib/firmware/amdgpu/sdma_5_2_7.bin amdgpu-firmware/lib/firmware/amdgpu/sienna_cichlid_ce.bin amdgpu-firmware/lib/firmware/amdgpu/sienna_cichlid_dmcub.bin amdgpu-firmware/lib/firmware/amdgpu/sienna_cichlid_me.bin amdgpu-firmware/lib/firmware/amdgpu/sienna_cichlid_mec.bin amdgpu-firmware/lib/firmware/amdgpu/sienna_cichlid_mec2.bin amdgpu-firmware/lib/firmware/amdgpu/sienna_cichlid_pfp.bin amdgpu-firmware/lib/firmware/amdgpu/sienna_cichlid_rlc.bin amdgpu-firmware/lib/firmware/amdgpu/sienna_cichlid_sdma.bin amdgpu-firmware/lib/firmware/amdgpu/sienna_cichlid_smc.bin amdgpu-firmware/lib/firmware/amdgpu/sienna_cichlid_sos.bin amdgpu-firmware/lib/firmware/amdgpu/sienna_cichlid_ta.bin amdgpu-firmware/lib/firmware/amdgpu/sienna_cichlid_vcn.bin amdgpu-firmware/lib/firmware/amdgpu/vangogh_asd.bin amdgpu-firmware/lib/firmware/amdgpu/vangogh_ce.bin amdgpu-firmware/lib/firmware/amdgpu/vangogh_me.bin amdgpu-firmware/lib/firmware/amdgpu/vangogh_mec.bin amdgpu-firmware/lib/firmware/amdgpu/vangogh_mec2.bin amdgpu-firmware/lib/firmware/amdgpu/vangogh_pfp.bin amdgpu-firmware/lib/firmware/amdgpu/vega10_asd.bin amdgpu-firmware/lib/firmware/amdgpu/vega10_ce.bin amdgpu-firmware/lib/firmware/amdgpu/vega10_me.bin amdgpu-firmware/lib/firmware/amdgpu/vega10_mec.bin amdgpu-firmware/lib/firmware/amdgpu/vega10_mec2.bin amdgpu-firmware/lib/firmware/amdgpu/vega10_pfp.bin amdgpu-firmware/lib/firmware/amdgpu/vega12_asd.bin amdgpu-firmware/lib/firmware/amdgpu/vega12_ce.bin amdgpu-firmware/lib/firmware/amdgpu/vega12_me.bin amdgpu-firmware/lib/firmware/amdgpu/vega12_mec.bin amdgpu-firmware/lib/firmware/amdgpu/vega12_mec2.bin amdgpu-firmware/lib/firmware/amdgpu/vega12_pfp.bin amdgpu-firmware/lib/firmware/amdgpu/vega20_asd.bin amdgpu-firmware/lib/firmware/amdgpu/vega20_ce.bin amdgpu-firmware/lib/firmware/amdgpu/vega20_me.bin amdgpu-firmware/lib/firmware/amdgpu/vega20_mec.bin amdgpu-firmware/lib/firmware/amdgpu/vega20_mec2.bin amdgpu-firmware/lib/firmware/amdgpu/vega20_pfp.bin amdgpu-firmware/lib/firmware/amdgpu/yellow_carp_asd.bin amdgpu-firmware/lib/firmware/amdgpu/yellow_carp_ce.bin amdgpu-firmware/lib/firmware/amdgpu/yellow_carp_me.bin amdgpu-firmware/lib/firmware/amdgpu/yellow_carp_mec.bin amdgpu-firmware/lib/firmware/amdgpu/yellow_carp_mec2.bin amdgpu-firmware/lib/firmware/amdgpu/yellow_carp_pfp.bin amdgpu-firmware/lib/firmware/amdgpu/yellow_carp_rlc.bin amdgpu-firmware/lib/firmware/amdgpu/yellow_carp_ta.bin ibt-firmware/lib/firmware/intel/ibt-hw-37.8.10-fw-22.50.19.14.f.bseq iwlwifi-firmware-ax210/lib/firmware/iwlwifi-ty-a0-gf-a0.pnvm iwlwifi-firmware-iwl9260/lib/firmware/iwlwifi-9260-th-b0-jf-b0-46.ucode iwlwifi-firmware-iwl9000/lib/firmware/iwlwifi-9000-pu-b0-jf-b0-46.ucode Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 54d9051c5596814293edd9e6a534c8d1e56e6fcf)
* comgt: support ZTE MF286R modemCezary Jackiewicz2022-04-172-1/+23
| | | | | | | | | | | | | The modem is based on Marvell PXA1826 and uses ACM+RNDIS interface to establish connection with custom commands specific to ZTE modems. Two variants of modems were discovered, some identifying themselves as "ZTE", and others as plain "Marvell", the chipset manufacturer. The modem itself runs a fork of OpenWrt inside, which root shell can be accessed via ADB interface. Signed-off-by: Cezary Jackiewicz <cezary@eko.one.pl> Signed-off-by: Lech Perczak <lech.perczak@gmail.com> (cherry picked from commit e02fb42c53bad5dd36726c6ef5a46bfe31d2e400)
* comgt: ncm: try to detect interface for ttyACM portsLech Perczak2022-04-171-0/+4
| | | | | | | | | | | | Some modems expose ttyACM as their control ports, which have the "device" symlink pointing one level down in sysfs tree. Try to find network interfaces for them as well, this is commonly used for modems exposing ACM + RNDIS or ACM + ECM interface combinations. Co-developed-by: Cezary Jackiewicz <cezary@eko.one.pl> Signed-off-by: Cezary Jackiewicz <cezary@eko.one.pl> Signed-off-by: Lech Perczak <lech.perczak@gmail.com> (cherry picked from commit ed7957810c0aee04943559be9b0ed23431ee0654)
* comgt: ncm: select first available network interface for deviceLech Perczak2022-04-171-3/+4
| | | | | | | | | | | | | | Some modems expose multiple network interfaces on the same USB device, causing the connection setup script to fail, because glob matching in the detection phase causes 'ls' to output more than one interface name plus their base directories in sysfs. Avoid that by listing the directories explicitly and then selecting first available interface. This is the case for some variants of ZTE MF286R built-in modem, which exposes both RNDIS and CDC-ECM network interfaces, causing the connection setup to fail. Signed-off-by: Lech Perczak <lech.perczak@gmail.com> (cherry picked from commit b2940bb8b2878ce193f2edaee3e7d4c44f4a2065)
* comgt: ncm: allow specification of interface nameLech Perczak2022-04-171-14/+18
| | | | | | | | | | | | | Add ifname property to UCI, which can be used to override the autodetected interface name in case the detection fails due to having none or more than one interface exposed by the modem, which is not explicitly linked to TTY port. This is needed on certain variants of ZTE MF286R built-in modem, which exposes both RNDIS and CDC-ECM interfaces on the modem, on which the automatic detection may select the wrong network interface. Signed-off-by: Lech Perczak <lech.perczak@gmail.com> (cherry picked from commit a67629bbe25ef3d0e159db1e0c6ca81affd06898)
* hostapd: add ubus link-measurements notificationsDavid Bauer2022-04-173-0/+43
| | | | | | | Notify external ubus subscribers of received link-measurement reports. Signed-off-by: David Bauer <mail@david-bauer.net> (cherry picked from commit f6445cfa1acb32676723c49da3e3158b64a4b3d2)
* hostapd: add ubus method for requesting link measurementsDavid Bauer2022-04-171-0/+65
| | | | | | | | | | | Add a ubus method to request link-measurements from connected STAs. In addition to the STAs address, the used and maximum transmit power can be provided by the external process for the link-measurement. If they are not provided, 0 is used as the default value. Signed-off-by: David Bauer <mail@david-bauer.net> (cherry picked from commit 965aa33a18c76bb2d5a1eeb0cfa01501b08e784a)
* hostapd: add support for enabling link measurementsDavid Bauer2022-04-171-0/+10
| | | | | | | | Allow external processes to enable advertisement of link-measurement RRM capability. Signed-off-by: David Bauer <mail@david-bauer.net> (cherry picked from commit 2ca5c3da04c3f05a7477ae484768e03d4ca30711)
* netifd: relax check in dhcp proto handlerDaniel Golle2022-04-151-1/+1
| | | | | | | | | | Checking whether /sbin/udhcpc is a symbolic link breaks using the DHCP proto handler inside procd-ujail where bind-mounts are used for the resolved link. Check whether /sbin/udhcpc is executable instead to allow using the proto handler for DHCP-provisioned containers. Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit c5f113c43f43c20555298c8500bf91bffbe1f58b)
* procd: update to git HEADDaniel Golle2022-04-151-3/+3
| | | | | | | | | 6343c3a procd: completely remove tmp-on-zram support 5c5e63f uxc: fix potential NULL-pointer dereference eb03f03 jail: include necessary files for per-netns netifd instance Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit 2c8873033e3c0b5a5e8f6080ea3a73fde6a55f39)
* base-files: more robust sysupgrade on NANDDaniel Golle2022-04-151-4/+10
| | | | | | | | | | Make sure sysupgrade on NAND also works in case of UBI volumes having index >9. While at it, also make sure UBI device is detected and abort in case it isn't. Use Shell built-in shorthand ':' instead of 'true'. Fixes #9708 Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit 0dbca1b2baf9c26514b517a1e5860f6a5b04d5ae)
* ath79: add support for Yuncore A930Thibaut VARÈNE2022-04-151-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Specification: - QCA9533 (650 MHz), 64 or 128MB RAM, 16MB SPI NOR - 2x 10/100 Mbps Ethernet, with 802.3at PoE support (WAN) - 2T2R 802.11b/g/n 2.4GHz Flash instructions: If your device comes with generic QSDK based firmware, you can login over telnet (login: root, empty password, default IP: 192.168.188.253), issue first (important!) 'fw_setenv' command and then perform regular upgrade, using 'sysupgrade -n -F ...' (you can use 'wget' to download image to the device, SSH server is not available): fw_setenv bootcmd "bootm 0x9f050000 || bootm 0x9fe80000" sysupgrade -n -F openwrt-...-yuncore_...-squashfs-sysupgrade.bin In case your device runs firmware with YunCore custom GUI, you can use U-Boot recovery mode: 1. Set a static IP 192.168.0.141/24 on PC and start TFTP server with 'tftp' image renamed to 'upgrade.bin' 2. Power the device with reset button pressed and release it after 5-7 seconds, recovery mode should start downloading image from server (unfortunately, there is no visible indication that recovery got enabled - in case of problems check TFTP server logs) Signed-off-by: Clemens Hopfer <openwrt@wireloss.net> Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org> (cherry picked from commit a05dcb07241aa83a4416b56201e31b4af8518981)
* ath79: add support for Yuncore XD3200Thibaut VARÈNE2022-04-151-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Specification: - QCA9563 (775MHz), 128MB RAM, 16MB SPI NOR - 2T2R 802.11b/g/n 2.4GHz - 2T2R 802.11n/ac 5GHz - 2x 10/100/1000 Mbps Ethernet, with 802.3at PoE support (WAN port) LED for 5 GHz WLAN is currently not supported as it is connected directly to the QCA9882 radio chip. Flash instructions: If your device comes with generic QSDK based firmware, you can login over telnet (login: root, empty password, default IP: 192.168.188.253), issue first (important!) 'fw_setenv' command and then perform regular upgrade, using 'sysupgrade -n -F ...' (you can use 'wget' to download image to the device, SSH server is not available): fw_setenv bootcmd "bootm 0x9f050000 || bootm 0x9fe80000" sysupgrade -n -F openwrt-...-yuncore_...-squashfs-sysupgrade.bin In case your device runs firmware with YunCore custom GUI, you can use U-Boot recovery mode: 1. Set a static IP 192.168.0.141/24 on PC and start TFTP server with 'tftp' image renamed to 'upgrade.bin' 2. Power the device with reset button pressed and release it after 5-7 seconds, recovery mode should start downloading image from server (unfortunately, there is no visible indication that recovery got enabled - in case of problems check TFTP server logs) Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org> (cherry picked from commit c91df224f54fdd44c9c0487a8c91876f5d273164)
* mac80211: backport minstrel_ht fix for legacy ratesFelix Fietkau2022-04-121-0/+61
| | | | | | | Fixes OFDM rates on 5 GHz Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit 5d5afd51772c9a992cb6bb9e0a9dce6feaa3fdef)
* musl-fts: add host buildRosen Penev2022-04-111-0/+2
| | | | | | | This will be used for libselinux. Signed-off-by: Rosen Penev <rosenp@gmail.com> (cherry picked from commit 1fb099341e5879a8c5247020e5056676ba2f0745)
* nftables: add CONFLICT between versionsEneas U de Queiroz2022-04-111-1/+2
| | | | | | | Have nftables-json conflict with nftables-nojson. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit 1135b75d1fd26049a0644b304b7199e4a73c6a08)
* mac80211: Update to version 5.15.33-1Hauke Mehrtens2022-04-1133-439/+85
| | | | | | | | | | | | | | | This updates mac80211 to version 5.15.33-1 which is based on kernel 5.15.33. The removed patches were applied upstream. This new release contains many fixes which were merged into the upstream Linux kernel. This also contains the following new drivers which are needed for ath11k: * net/qrtr/ * drivers/bus/mhi/ Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 3aa96efa24c13c6e0aafa5ad826f3f95a3bd74f9)
* wolfssl: bump to 5.2.0Eneas U de Queiroz2022-04-114-9/+7
| | | | | | | | | | | | | | | | | Fixes two high-severity vulnerabilities: - CVE-2022-25640: A TLS v1.3 server who requires mutual authentication can be bypassed. If a malicious client does not send the certificate_verify message a client can connect without presenting a certificate even if the server requires one. - CVE-2022-25638: A TLS v1.3 client attempting to authenticate a TLS v1.3 server can have its certificate heck bypassed. If the sig_algo in the certificate_verify message is different than the certificate message checking may be bypassed. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit e89f3e85eb1c1d81294e5d430a91b0ba625e2ec0)
* arm-trusted-firmware-mediatek: remove no longer needed Configure stepDaniel Golle2022-04-101-4/+0
| | | | | | | | | As anyway only the default is called now we can as well also just remove the override for Build/Configure. Fixes: e2cffbb805 ("arm-trusted-firmware-mediatek: update to 2021-03-10") Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit dffad93d3e34275b87d97724e64447d8bde537ff)
* dropbear: bump to 2022.82Konstantin Demin2022-04-109-66/+90
| | | | | | | | | | | | | | | | | | | | | | | - update dropbear to latest stable 2022.82; for the changes see https://matt.ucc.asn.au/dropbear/CHANGES - use $(AUTORELEASE) in PKG_RELEASE - use https for all uris - refresh all patches - rewrite patches: - 100-pubkey_path.patch - 130-ssh_ignore_x_args.patch binary/pkg size changes: - ath79/generic, mips: - binary: 215112 -> 219228 (+4116) - pkg: 111914 -> 113404 (+1490) - ath79/tiny, mips: - binary: 172501 -> 172485 (-16) - pkg: 89871 -> 90904 (+1033) Tested-by: Stijn Segers <foss@volatilesystems.org> Signed-off-by: Konstantin Demin <rockdrilla@gmail.com> (cherry picked from commit 65256aee23a5104eb0c78411fdc73640c0b757ea)
* libmnl: update to 1.0.5Nick Hainke2022-04-101-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changes: Duncan Roe (5): nlmsg: Fix a missing doxygen section trailer build: doc: "make" builds & installs a full set of man pages build: doc: get rid of the need for manual updating of Makefile build: If doxygen is not available, be sure to report "doxygen: no" to ./configure src: doc: Fix messed-up Netlink message batch diagram Fernando Fernandez Mancera (1): src: fix doxygen function documentation Florian Westphal (1): libmnl: zero attribute padding Guillaume Nault (1): callback: mark cb_ctl_array 'const' in mnl_cb_run2() Kylie McClain (1): examples: nfct-daemon: Fix test building on musl libc Laura Garcia Liebana (4): examples: add arp cache dump example examples: fix neigh max attributes examples: fix print line format examples: reduce LOCs during neigh attributes validation Pablo Neira Ayuso (3): doxygen: remove EXPORT_SYMBOL from the output include: add MNL_SOCKET_DUMP_SIZE definition build: libmnl 1.0.5 release Petr Vorel (1): examples: Add rtnl-addr-add.c Stephen Hemminger (1): examples: rtnl-addr-dump: fix typo igo95862 (1): doxygen: Fixed link to the git source tree on the website. Signed-off-by: Nick Hainke <vincent@systemli.org> (cherry picked from commit c3b738933981de601389794152534628b04555dc)
* libnfnetlink: update to 1.0.2Nick Hainke2022-04-102-23/+3
| | | | | | | | | | | | | | | | | | | | | | | | Changes: c63f193 bump version to 1.0.2 3cffa84 libnfnetlink: Check getsockname() return code 90ba679 include: Silence gcc warning in linux_list.h bb4f6c8 Make it clear that this library is deprecated e46569c Minimally resurrect doxygen documentation 5087de4 libnfnetlink: hide private symbols 62ca426 autogen: don't convert __u16 to u_int16_t efa1d8e src: Use stdint types everywhere 7a1a07c include: Sync with kernel headers 7633f0c libnfnetlink: initialize attribute padding to resolve valgrind warnings 94b68f3 configure: uclinux is also linux 617fe82 src: get source code license header in sync with current licensing terms 97a3960 build: resolve automake-1.12 warnings Removed the patch 100-missing_include.patch, libnfnetlink compiles fine with musl without this patch. Signed-off-by: Nick Hainke <vincent@systemli.org> (cherry picked from commit aecf088b3792d556c717510304729fa542ceb770)
* gpio-button-hotplug: fix data raceAndrey Erokhin2022-04-101-1/+1
| | | | | | | | bh_event_add_var can be called by multiple threads concurrently, so it shall not use a static char buffer Signed-off-by: Andrey Erokhin <a.erokhin@inango-systems.com> (cherry picked from commit 1e991e09b73c309321d21b9cb706bd5139d952d2)
* libselinux: add missing host-build dependency on libsepol/hostDaniel Golle2022-04-101-1/+1
| | | | | | | | | The host-build of libselinux requires libsepol/host. Add the libsepol/host to HOST_BUILD_DEPENDS to allow build on hosts which don't have libsepol installed. Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit 0d3850dc5af4896ab3679dc4d8ef9a664e5e705f)
* dnsmasq: add procd interface index trackingValentyn Datsko2022-04-101-0/+5
| | | | | | | | | | | | | | Problem exist when dnsmasq is exclusively bind to particular interface. After reconfiguring or restarting this interface, its index changes, but dnsmasq uses the old one. When this problem occurs, dnsmasq does not listen on the correct interface so DHCP does not work, and clients do not get an IP address. Procd netdev param can be added to restart dnsmasq when the interface index is changed. Signed-off-by: Valentyn Datsko <valikk.d@gmail.com> [combined into a single &&-connected statement] Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit 76f55e3c3f32dea63a385e9b3c8eaed1322089c7)
* libselinux: use musl-fts for host buildsRosen Penev2022-04-101-2/+5
| | | | | | | | | Fixes compilation under musl based distros like Alpine Linux. Also add pcre/host as a build dependency as it's needed. Signed-off-by: Rosen Penev <rosenp@gmail.com> (cherry picked from commit abb2683de36ffe7b29a1b6ea5a8d7edf73719152)
* toolchain: reproducible libstdcppPaul Spooren2022-04-061-1/+2
| | | | | | | | A Python script containing an unreproducible path is copied by default. Remove it before generating the package. Signed-off-by: Paul Spooren <mail@aparcar.org> (cherry picked from commit 950bd40a275d1a834c95d8f9830e1bfed4737a82)