| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
|
| |
5cd7215 system-linux: handle hotplug event socket ENOBUFS errors
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
| |
Host "gd.tuwien.ac.at" does not exists anymore, so we replace it by "ftp.pca.dfn.de" from the official list of mirrors.
Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
|
|
|
|
|
|
| |
Some SD cards take a while to get detected, fix booting of those.
Signed-off-by: Andre Heider <a.heider@gmail.com>
|
|
|
|
| |
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
|
|
|
|
|
|
|
| |
d4ba162 libopkg: only perform size check when information is available
Fixes: e079591b84 ("opkg: update to latest Git head")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
| |
cb66403 libopkg: check for file size mismatches
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
c3da1aa mt7603: trigger beacon stuck detection faster
7a53138 mt7603: trigger watchdog reset if flushing CAB queue fails
6eef33b mt7603: remove mt7603_txq_init
ae30c30 mt76: add driver callback for when a sta is associated
0db925f mt7603: update HT/VHT capabilities after assoc
b5ac8e4 mt7603: initialize LED callbacks only if CONFIG_MT76_LEDS is set
c989bac mt76x0: eeprom: fix chan_vs_power map in mt76x0_get_power_info
24bd2c0 mt76x0: phy: report target_power in debugfs
bc7ce2a mt76x0: init: introduce mt76x0_init_txpower routine
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
| |
When config_get is called as "config_get section option" the option
is unexpectedly globbed by the shell which differs from the way options
are read to a variable with "config_get variable section option".
Add another layer of double quotes to fix it.
Signed-off-by: Günther Kelleter <guenther.kelleter@devolo.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If a user finds that logd is too barebone for their needs and wishes
to have more control over syslog, the user presently has an option
to enable CONFIG_BUSYBOX_CONFIG_FEATURE_SYSLOG and configure syslog
with settings in /etc/syslog.conf.
Presently /etc/syslog.conf silently disappears on sysupgrade. This
patch prevents such unwanted behaviour if busybox syslog is enabled
via CONFIG_BUSYBOX_CONFIG_FEATURE_SYSLOG.
Signed-off-by: Val Kulkov <val.kulkov@gmail.com>
|
|
|
|
|
|
|
|
|
| |
This fixes the following security problems:
* CVE-2018-5407: Microarchitecture timing vulnerability in ECC scalar multiplication
* CVE-2018-0734: Timing vulnerability in DSA signature generation
* Resolve a compatibility issue in EC_GROUP handling with the FIPS Object Module
Signed-off-by: Sven Roederer <freifunk@it-solutions.geroedel.de>
|
|
|
|
|
|
|
|
| |
In order to avoid straining CPU and memory resources on lower end devices,
avoid running multiple CGI requests in parallel.
Ref: https://forum.openwrt.org/t/high-load-fix-on-openwrt-luci/29006
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
| |
As the usage of libbsd is no longer limited to glibc, prevent libbsd
being picked up by removing the dependency on libbsd.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
| |
Fixes handling CSA when using AP+STA or AP+Mesh
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
| |
Fixes kernel warnings and connectivity issues in encrypted mesh networks
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
| |
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
| |
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
| |
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This introduces a new Kconfig option to switch on/off mbedtls' support
for debug functions.
The idea behind is to inspect TLS traffic with Wireshark for debug
purposes. At the moment, there is no native or 'nice' support for
this, but at
https://github.com/Lekensteyn/mbedtls/commit/68aea15833e1ac9290b8f52a4223fb4585fb3986
an example implementation can be found which uses the debug functions
of the library. However, this requires to have this debug stuff enabled
in the library, but at the moment it is staticly patched out.
So this patch removes the static part from the configuration patch
and introduces a dynamic config file editing during build.
When enabled, this heavily increases the library size, so I added
a warning in the Kconfig help section.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
|
|
|
|
|
|
|
|
| |
Refresh patch
https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.0-2.7.9-and-2.1.18-released
Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
|
|
|
|
|
|
| |
This builds the "g_cdc" gadget module, providing ethernet+serial.
Signed-off-by: Karl Pálsson <karlp@etactica.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reduces the needed modifications to the mainline Linux kernel and
also makes the regmap package work with an out of tree kernel which
does not have these modifications.
The regmap-core is only added when it is really build as a module.
The regmap-core is normally bool so it cannot be built as a module in an
unmodified kernel. When it is selected by on other kernel module it will
always be selected as build in and it also does not show up in
$(LINUX_DIR)/modules.builtin as it is not supposed to be a kernel module.
When it is not in $(LINUX_DIR)/modules.builtin the build system expects
it to be built as a .ko file.
Just check if the module is really there and only add it in that case.
This splits the regmap package into multiple packages, one for each bus type.
This way only the bus maps which are really needed have to be added.
This also splits the I2C, SPI and MMIO regmap into separate packages to not
require all these subsystems to build them, on an unmodified upstream kernel
this also causes problems in some situations.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Added e4crypt tool for encrypting files and directories. To work properly
requires kernel and work on keyutils. That will be done in a future commit
Some top-level reorganization for consistency between packages.
Tested on GnuBee PC1 (mt7621).
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Build tested: apalis, mx6sabresd, nitrogen6dl, nitrogen6dl2g, nitrogen6q,
nitrogen6q2g, nitrogen6s, nitrogen6s1g, wandboard
Run tested: apalis (pending PR #1595)
Cc: Felix Fietkau <nbd@nbd.name>
Cc: Vladimir Vid <vladimir.vid@sartura.hr>
Cc: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
|
|
|
|
|
|
| |
Also update the U-Boot BSP patch for I2SE Duckbill devices.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
|
|
|
|
|
|
|
|
|
|
| |
Add support for passing additional parameters to mtd called during
sysupgrade. It will be required to toggle the "recovery moe" flag
supported by recent tp-link boards.
Signed-off-by: David Bauer <mail@david-bauer.net>
[split code from board support patch; add commit message]
Signed-off-by: Mathias Kresin <dev@kresin.me>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds an option to set the recovery flag of newer TP-Link MediaTek
boards and remove it after a successful write.
To make use of this feature, add the '-t' option to mtd-write.
The '-t' option takes the mtd partition containing the recovery flag
(usually 'romfile') as an argument. Make sure this partition is not
flagged as read-only!
Example:
> mtd -t romfile write owrt.bin firmware
This command writes the recovery-flag before it begins writing the image
to the firmware partition. After the image-write has been successful,
the recovery flag is removed.
This way, the TP-Link web-recovery is automatically enabled on an
unsucessful flash (e.g. power loss).
This option is only available if the mtd package is compiled for the
ramips target.
Signed-off-by: David Bauer <mail@david-bauer.net>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit adds the object 'linksys_bootcount_fix.o' to the ipq40xx
target.
This is needed for the Linksys EA6350v3 device. Without this patch, the
device will switch-back between the current and the last flashed firmware
every 3 (three) reboots. With this patch, the device works as expected.
Signed-off-by: Ryan Pannell <ryan@osukl.com>
Signed-off-by: Oever González <notengobattery@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit adds support for the Linksys EA6350v3 device in the ipq40xx
target.
This is needed for uboot-envtools to access the environment. Without this
patch, the Linksys EA6350v3 will not be able to access the uboot
environment. As a side effect, the feature auto_recovery will make the
device unstable by switching between the latest and the current firmware.
Signed-off-by: Ryan Pannell <ryan@osukl.com>
Signed-off-by: Oever González <notengobattery@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit adds support for the Linksys EA6350v3 device in the ipq-wifi
target.
Without this patch, the Linksys EA6350v3 won't be hable to have fully
functional wireless interfaces. This is not permanent: the board data has
already been sent to ath10k _at_ lists _dot_ infradead _dot_ org
Signed-off-by: Ryan Pannell <ryan@osukl.com>
Signed-off-by: Oever González <notengobattery@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds several country codes to the regd.h and regd_common.h
files in order to support devices whose country codes are not present in
the original list.
Without this patch, all devices whose manufacturer programmed any of these
code in their EEPROM will run without wireless interfaces.
Signed-off-by: Oever González <notengobattery@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [matched signed-off]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
David Bauer reported a u-boot crash (data abort) at a odd
place (byteswap) when he ran ping/tftp on his 7530.
|(FRITZ7530) # ping 192.168.1.70
|eth0 PHY0 up Speed :1000 Full duplex
|eth0 PHY1 Down Speed :10 Half duplex
|eth0 PHY2 Down Speed :10 Half duplex
|eth0 PHY3 Down Speed :10 Half duplex
|eth0 PHY4 Down Speed :10 Half duplex
|Using eth0 device
|data abort
|pc : [<84234774>] lr : [<842351a4>]
|sp : 8412fdb0 ip : 0000009b fp : 00000000
|r10: 00000000 r9 : 00000001 r8 : 8412ff68
|r7 : 00000000 r6 : 0000002a r5 : 84244e90 r4 : 8425e28e
|r3 : 84244e90 r2 : 14000045 r1 : 8412fdb0 r0 : 8425e28e
|Flags: nZCv IRQs off FIQs off Mode SVC_32
|Resetting CPU ...
|
|resetting ...
This issue is caused by switch from gcc 5.5 to 7.1+ as explained
in the upstream patch:
|From a768e513b07b5999a8e7d7740ac8d9da04ee7e51 Mon Sep 17 00:00:00 2001
|From: Denis Pynkin <denis.pynkin@collabora.com>
|Date: Fri, 21 Jul 2017 19:28:42 +0300
|Subject: [PATCH] net: Use packed structures for networking
|
|PXE boot is broken with GCC 7.1 due option '-fstore-merging' enabled
|by default for '-O2':
|
|BOOTP broadcast 1
|data abort
|pc : [<8ff8bb30>] lr : [<00004f1f>]
|reloc pc : [<17832b30>] lr : [<878abf1f>]
|sp : 8f558bc0 ip : 00000000 fp : 8ffef5a4
|r10: 8ffed248 r9 : 8f558ee0 r8 : 8ffef594
|r7 : 0000000e r6 : 8ffed700 r5 : 00000000 r4 : 8ffed74e
|r3 : 00060101 r2 : 8ffed230 r1 : 8ffed706 r0 : 00000ddd
|Flags: nzcv IRQs off FIQs off Mode S
|
|Core reason is usage of structures for network headers without packed
|attribute.
Reported-by: David Bauer <mail@david-bauer.net>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CPU: FSL P1020 (2x 800MHz E500 PPC)
RAM: 1GB DDR3
FLASH: 256MiB NAND
WiFi: 2x Atheros AR9382 2x2:2 abgn
ETH: 2x BCM54616S - 1x BCM53128 8-port switch
LED: 5x LEDs (Power, WiFi1, WiFi2, N/D, SYS)
BTN: 1x RESET
Installation
------------
1. Download initrams kernel image, dtb binary and sysupgrade image.
2. Place initramfs kernel into tftp root directory. Rename to
"panda-uimage-factory".
3. Place dtb binary into tftp root directory. Rename to "panda.fdt".
4. Start tftp server on 192.168.100.8/24.
5. Power up the device with the reset button pressed. It will download
the initrams and dtb via tftp and boot into OpenWRT in RAM.
6. SSH into the device and remove the factory partitions.
> ubirmvol /dev/ubi0 --name=kernel1
> ubirmvol /dev/ubi0 --name=rootfs1
> ubirmvol /dev/ubi0 --name=devicetree1
You will have around 60 MiB of free space with that.
You can also delete "kernel2", "devicetree2", "rootfs2" and "storage"
respectively in case you do not want to go back to the vendor firmware.
7. Modify the U-Boot bootcmd to allow for booting OpenWRT
> fw_setenv bootcmd_owrt "ubi part ubi && ubi read 0x1000000 kernel
&& bootm 0x1000000"
> fw_setenv bootargs_owrt "setenv bootargs console=ttyS0,115200
ubi.mtd=3,2048"
> fw_setenv bootcmd "run bootargs_owrt; run bootcmd_owrt"
8. Transfer the sysupgrade image via scp into the /tmp directory.
9. Upgrade the device
> sysupgrade -n /tmp/<imagename>
Signed-off-by: David Bauer <mail@david-bauer.net>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
3e9a7d5 Revert "mt7603: fix txd q_idx field value"
815fd03 mt7603: fix CCA timing values
b35cc8e mt7603: set timing on channel change before starting MAC
79b337c mt7603: move CF-End rate update to mt7603_mac_set_timing
3df341d mt7603: avoid redundant MAC timing updates
1c751f3 mt76: avoid scheduling tx queues for powersave stations
2efa389 mt7603: limit station power save queue length to 64
63a79ff mt76: do not report out-of-range rx nss
fe30bd3 mt7603: issue PSE reset on tx hang
ce8cc5d mt7603: issue PSE client reset on init
e342cc5 mt7603: fix buffered multicast count register
aa470d8 mt7603: fix buffered multicast queue flush
b4ee01f mt76: fix tx status timeout processing
7d00d58 mt76x02: fix per-chain signal strength reporting
64abb35 mt76: fix corrupted software generated tx CCMP PN
0b939dc mt76: fix resetting software IV flag on key delete
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
| |
The library has an usual shared object file name, which caused the
install glob pattern to miss the actual so.
Fixes: #2082
Fixes; 0e70f69a35 ("treewide: revise library packaging")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
|
|
|
|
| |
This bumps ppp to latest git version.
There is one upstream commit, which changes DES encryption calls from
libcrypt / glibc to openssl.
As long as we don't use glibc-2.28, revert this commit.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
|
|
|
|
|
|
| |
e2b055e hotplug.c: Make sure hotplug buffer is NULL terminated
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Initially this patch was introduced as a quick fix following
the removal of 936-ath10k_skip_otp_check.patch which caused
multiple ath10k pcie devices in various ipq806x and ar71xx/ath79
targets to malfunction.
Thankfully, the affected devices have been updated to utilize
the pre-caldata method. And finally with the switch to ath10k-ct,
which never had the patch or any reports of similar issues, I
think it's time to remove this patch since it is no longer needed.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
|
|
|
|
| |
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
| |
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
|
|
|
| |
The ABI_VERSION:=1 tag will take care of transforming the binary
library package basename.
Add a virtual PROVIDES:=libelf1 for packages still having libelf1
in their DEPENDS:=... lists.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
|
|
|
|
| |
- Annotate versionless libraries (such as libubox, libuci etc.) with a fixed
ABI_VERSION resembling the source date of the last incompatible change
- Annotate packages shipping versioned library objects with ABI_VERSION
- Stop shipping unversioned library symlinks for packages with ABI_VERSION
Ref: https://openwrt.org/docs/guide-developer/package-policies#shared_libraries
Ref: https://github.com/KanjiMonster/maintainer-tools/blob/master/check-abi-versions.pl
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
|
| |
Last incompatible change appeared to be 4924411
("http: add proper error handling to uclient_http_redirect()") which
changed the return value of uclient_http_redirect() from bool to int.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* tools: curve25519: handle unaligned loads/stores safely
This should fix sporadic crashes with `wg pubkey` on certain architectures.
* netlink: auth socket changes against namespace of socket
In WireGuard, the underlying UDP socket lives in the namespace where the
interface was created and doesn't move if the interface is moved. This
allows one to create the interface in some privileged place that has
Internet access, and then move it into a container namespace that only
has the WireGuard interface for egress. Consider the following
situation:
1. Interface created in namespace A. Socket therefore lives in namespace A.
2. Interface moved to namespace B. Socket remains in namespace A.
3. Namespace B now has access to the interface and changes the listen
port and/or fwmark of socket. Change is reflected in namespace A.
This behavior is arguably _fine_ and perhaps even expected or
acceptable. But there's also an argument to be made that B should have
A's cred to do so. So, this patch adds a simple ns_capable check.
* ratelimiter: build tests with !IPV6
Should reenable building in debug mode for systems without IPv6.
* noise: replace getnstimeofday64 with ktime_get_real_ts64
* ratelimiter: totalram_pages is now a function
* qemu: enable FP on MIPS
Linux 5.0 support.
* keygen-html: bring back pure javascript implementation
Benoît Viguier has proofs that values will stay well within 2^53. We
also have an improved carry function that's much simpler. Probably more
constant time than emscripten's 64-bit integers.
* contrib: introduce simple highlighter library
This is the highlighter library being used in:
- https://twitter.com/EdgeSecurity/status/1085294681003454465
- https://twitter.com/EdgeSecurity/status/1081953278248796165
It's included here as a contrib example, so that others can paste it into
their own GUI clients for having the same strictly validating highlighting.
* netlink: use __kernel_timespec for handshake time
This readies us for Y2038. See https://lwn.net/Articles/776435/ for more info.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
|
|
|
|
|
|
|
|
|
| |
Update to the latest version of iproute2; see https://lwn.net/Articles/776174/
for a full overview of the changes in 4.20.
Remove upstream patch 001-fix-print_0xhex-on-32-bit.patch and 002-tc-fix-xtables-incorrect-usage-of-LDFLAGS.patch
Introduce a patch to include <linux/limits.h> for XATTR_SIZE_MAX in tc
Signed-off-by: Deng Qingfang <dengqf6@mail2.sysu.edu.cn>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On musl based distributions, u-boot 2010.03 fails to build with:
u-boot-2010.03/include/u-boot/crc.h:29:50: error: unknown type name 'uint'
uint32_t crc32 (uint32_t, const unsigned char *, uint);
The issue was fixed in the newer u-boot-2018.03 version, this commit
backports the change to the older version used by ar71xx/ath79.
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
[add commit message from PR description]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
|
|
| |
* replaced with packages/libtirpc
* remove busybox options rarely used/deprecated
BUSYBOX_CONFIG_FEATURE_MOUNT_NFS
BUSYBOX_CONFIG_FEATURE_INETD_RPC
Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The crypt(3) function is allowed to fail with either EINVAL or ENOSYS when
the given salt is either invalid or when the requested algorithm is not
implemented.
In such a case, libbb's pw_encrypt() function will silently convert the
crypt() NULL return value into an empty string which is then processed
without further errors by utilities such as chpasswd or passwd, causing
them to set an empty password when an unsupported cipher is requested.
Patch the relevant users of pw_encrypt() to abort in case an empty hash
is returned by pw_encrypt() in order to mitigate the problem.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
| |
Since readline/host links ncurses/host now, we need to ensure that the
libncursesw.so host library is built with -fPIC.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
| |
This may be useful if you don't entirely trust your flash and want to be able
to check for corruptions.
Signed-off-by: Michal Hrusecky <Michal@Hrusecky.net>
|