aboutsummaryrefslogtreecommitdiffstats
path: root/target
Commit message (Collapse)AuthorAgeFilesLines
* kernel: update kernel 4.4 to 4.4.71Jo-Philipp Wich2017-06-072-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes the following security vulnerabilities: CVE-2017-8890 The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call. CVE-2017-9074 The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls. CVE-2017-9075 The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. CVE-2017-9076 The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. CVE-2017-9077 The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890. CVE-2017-9242 The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls. Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8890 Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9074 Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9075 Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9076 Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9077 Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9242 Ref: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.71 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* Add missing APU1 reference to x86 board.dKristian Evensen2017-06-062-2/+2
| | | | | | | | | | | | x86 board.d only contains a case for the APU2, not the APU1. This causes, for example, network configuration not to be created correctly. Even though the APU1 seems to reaching EOL, there a still a lot of them out there. The APU1 and APU2 is configured in the same way and this patch should also be considered for stable, as the error also exists there. Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
* lantiq: fix broadcasts and vlans in two iface modeMathias Kresin2017-06-031-5/+6
| | | | | | | | | | | | | | | | | The two phy operation mode where one phy is assigned to an interface without lantiq,* device tree property and the other phy is assigned to an interface with the lantiq,wan device property was broken with the multicast package leaks between vlans fixes. Move the multicast packages relevant portmap settings to the condition which handles multicast packages for better readability. Replace the priv->port_map based port_map only for the interface which has the lantiq,switch device tree property set, to allow tagged multicast packages in two phy mode where the lantiq,switch device tree property isn't used. Signed-off-by: Mathias Kresin <dev@kresin.me>
* lantiq: select kmod-mt7603 instead of kmod-mt76 for WBMR-300HPDFelix Fietkau2017-06-031-1/+1
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* lantiq: use the P2812HNUF* wan port as wanMathias Kresin2017-06-031-1/+1
| | | | | | | The port is labeled as wan and was only used as lan port because of the "tx ring full" issues fixed with 8f02f7c. Signed-off-by: Mathias Kresin <dev@kresin.me>
* lantiq: xrx200: use vlan for ethernet wan portMathias Kresin2017-06-034-39/+9
| | | | | | | | | | | | | | | | | | | | | | | Using the lantiq,wan device tree property for one interface node and the lantiq,switch device tree property for another interface node at the same time was never intended/isn't supported at the moment. The property is meant to be used in two phy operation mode where one phy is assigned to an interface without lantiq,* device tree property and the other phy is assigned to an interface with the lantiq,wan device property to have two netdevs. If both properties are used at the same time, the lantiq,wan interface is shown as independent netdev but not able to operate independent. The port needs to be managed via swconfig. These dependency is not obvious and fooled already a lot of users. Add a default WAN vlan for xrx200 devices having an ethernet WAN port and remove the lantiq,wan device tree property. Leave it up to the user to set the ethernet WAN port as default WAN interface or to use this port as additional LAN port. Signed-off-by: Mathias Kresin <dev@kresin.me>
* x86: disable X2APIC support for legacy subtargetsJo-Philipp Wich2017-06-022-0/+2
| | | | | | | | | Explicitely disable X2APIC support on legacy targets since the targeted processor types do not support it anyway there. Fixes FS#285. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ar71xx: fix Wallys DR344 GPIO-connected LEDs and buttonPiotr Dymacz2017-05-303-10/+33
| | | | | | | | | | | | | | | | | | | | This fixes wrong GPIO numbers for LEDs and button in Wallys DR344 board and sets color of all LEDs to green as the mass production boards have only green one. Actually, DR344 has 6 GPIO-connected LEDs and one button: - GPIO11: status - GPIO12: sig1 - GPIO13: sig2 - GPIO14: sig3 - GPIO15: sig4 - GPIO16: reset button - GPIO17: lan WAN LED is connected directly with AR8035 PHY. Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
* ar71xx: set GE interface as wan by default in Wallys DR344Piotr Dymacz2017-05-301-1/+1
| | | | | | | This aligns default network interfaces configuration with vendor firmware: GE (eth0) -> wan, FE (eth1) -> lan. Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
* ar71xx: fix GE interface support in Wallys DR344Piotr Dymacz2017-05-301-30/+8
| | | | | | | | GMAC0 interface of AR9344 SOC in Wallys DR344 board is connected with AR8035, not with AR8327. Without this fix, GE interface doesn't work at all or shows high packet loss ratio. Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
* ipq806x: fix Netgear X4 R7500 ath10k firmware selectionThomas Reifferscheid2017-05-271-1/+1
| | | | | | | Netgear X4 R7500 comes with a QCA988X. Select a firmware that matches the ath10k chipset Signed-off-by: Thomas Reifferscheid <thomas@reifferscheid.org>
* treewide: select ath10k firmware explicitMathias Kresin2017-05-271-1/+1
| | | | | | Do not rely on the default firmware selected by ath10k. Signed-off-by: Mathias Kresin <dev@kresin.me>
* kernel: update kernel 4.4 to 4.4.70Hauke Mehrtens2017-05-273-5/+5
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: update kernel 4.4 to 4.4.69Stijn Segers2017-05-2427-472/+141
| | | | | | | | | | | | | | | | | | | | | Bump the 17.01 tree kernel to 4.4.69. Trunk 4.4 and 17.01 4.4 have diverged, talked this through with jow, he was okay with a clean diff against 17.01 and not a backported trunk patch. The following patches were applied upstream: * 062-[1-6]-MIPS-* series * 042-0004-mtd-bcm47xxpart-fix-parsing-first-block Reintroduced lantiq/patches-4.4/0050-MIPS-Lantiq-Fix-cascaded-IRQ-setup, as it was incorrectly included upstream thus dropped from LEDE, but subsequently reverted upstream. Thanks to Kevin Darbyshire-Bryant for pointing me to it. Compile-tested on: ar71xx, ramips/mt7621, x86/64. Run-tested on: ar71xx, ramips/mt7621, x86/64. Signed-off-by: Stijn Segers <francesco.borromini@inventati.org>
* bcm53xx: add support for TP-LINK Archer C5 V2Rafał Miłecki2017-05-223-2/+36
| | | | | | | | This model also contains few partitions non-discoverable partitions we need to "protect". Othen than that it uses non-deprecated serial entry in DTS that doesn't work with LEDE so we need to workaround it as well. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* imagebuilder: fix bundling of DTS sourcesJo-Philipp Wich2017-05-161-2/+3
| | | | | | | | | | | | | | | Refer to LINUX_KARCH instead of ARCH when bundling DTS files in the image builder tarball. While we're at it, also dereference symbolic links when copying as some kernel architectures contain symbolic links in their DTS directories. This fixes aarch64 imagebuilders such as brcm2708/bcm2710 ones in particular as the kernel refers to "aarch64" as "arm64" internally. Ref: https://forum.lede-project.org/t/lede-image-builder-problem/3680 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ramips: add om-watchdog to rut5xx DEVICE_PACKAGESSteffen Weinreich2017-05-151-0/+1
| | | | | | Add om-watchdog as default package for rut5xx. Signed-off-by: Steffen Weinreich <steve@weinreich.org>
* ar71xx: enable nand-utils in the mikrotik subtarget to ensure it makes it to ↵Felix Fietkau2017-05-122-2/+4
| | | | | | | | initramfs Without it, sysupgrade from initramfs to nand fails Signed-off-by: Felix Fietkau <nbd@nbd.name>
* ramips: fixup-mac-address: add missing includeJo-Philipp Wich2017-05-111-0/+1
| | | | | | | | | Add missing include of ramips.sh in order to import the missing ramips_board_name() procedure. Fixes FS#774. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* bcm53xx: backport DT patches for serial, thermal and MDIORafał Miłecki2017-05-095-1/+288
| | | | Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* ramips: add factory firmware for Tp-Link C20i/C50Henryk Heisig2017-05-051-0/+4
| | | | | | TP-Link firmware doesn't accept sysupgrade.bin with metadata. Signed-off-by: Henryk Heisig <hyniu@o2.pl>
* brcm63xx: fix invalid Asmax AR 1004g DTS referenceMarcin Jurkowski2017-05-051-1/+1
| | | | | | | Build profile for Asmax AR 1004g refers to an invalid DTS "rg100a". The correct DTS for this device is "ar1004g". Signed-off-by: Marcin Jurkowski <marcin1j@gmail.com>
* lantiq: fix avm fritz box mac addressesMathias Kresin2017-05-055-9/+17
| | | | | | | | | It has been shown that the Fritz boxes have the correct mac address set in the wireless calibration data/eeeprom. Use this mac address as base for the ethernet and xdsl interface increment/decrement the address to match the values stored in the tffs. Signed-off-by: Mathias Kresin <dev@kresin.me>
* ramips: enable ramdisk for mt7621Paul Spooren2017-05-041-1/+1
| | | | | | Fixes #758 Signed-off-by: Paul Spooren <paul@spooren.de>
* ipq806x: fix EA8500 switch configurationJo-Philipp Wich2017-05-031-1/+1
| | | | | | | | | Do not assign the CPU port twice, this confuses LuCI and possible other programs relying on topology information in board.json. Ref: https://github.com/openwrt/luci/issues/1086 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ramips: WN3000RPv3: do not setup switchThibaut VARENE2017-04-281-1/+0
| | | | | | | | | The WN3000RPv3 is a repeater with a single ethernet port. Setting up the switch, even to disable it, is unnecessary and possibly confusing. Configure LAN as eth0 instead. Signed-off-by: Thibaut VARENE <hacks@slashdirt.org>
* brcm63xx: Add Observa VH4032N supportDaniel Gonzalez Cabanelas2017-04-287-0/+193
| | | | | | | | | | | | | Add support for the Observa Telecom VH4032N router. This is another BCM6368 router, 128 MB RAM, 32MB flash and 3 USB host ports. The wifi chip is an onboard Broadcom BCM43222. Signed-off-by: Daniel Gonzalez Cabanelas <dgcbueu@gmail.com> [jonas.gorski: use gpio-hog instead of abusing ephy-reset] Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
* cns3xxx: use proper macro's for ID handlingKoen Vandeputte2017-04-281-3/+3
| | | | | | Compiled & tested on cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* ramips: add support for Sanlinking D240Kristian Evensen2017-04-287-0/+175
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The Sanlinking Technologies D240 (http://www.sanlinking.com/en/29-dual-4g-wifi-router.html) is basically the same device as the ZBT WE826, so adding support for it in LEDE is straight forward. The differences is that the D240 has two mini-PCIe slots (instead of one), blue LEDs and supports PoE. Specification: * CPU: MT7620A * 1x 10/100Mbps POE (802.3af/802.3at) Ethernet, 4x 10/100Mbps. * 16 MB Flash. * 128 MB RAM. * 1x USB 2.0 port. * 2x mini-PCIe slots. * 2x SIM slots. * 1x 2.4Ghz WIFI. * 1x button. Wifi, USB, switch and both mini-PCIe slots are working. I have not been able to test the SD card reader. The device comes pre-installed with an older version of OpenWRT, including Luci. In order to install LEDE, you need to follow the existing procedure for updating OpenWRT/LEDE using Luci. I.e., you need to access the UI and update the firmware using the sysupgrade-image. Remember to select that you do not want to keep existing settings. The default router address is 192.168.10.1 and username/password admin/root (at least on my devices). If you brick the device, the procedure for recovery is the same as for the WE826. Please see the wiki page for that device for instructions. Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
* ar71xx: select ATH79_NVRAM only by boards actually use itPiotr Dymacz2017-04-281-4/+5
| | | | Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
* ramips: fix Sercomm NA930 compatible stringMathias Kresin2017-04-281-1/+1
| | | | | | | The Sercomm NA930 is not a mt7620a evaluation board and shouldn't use the eval board compatible string. Signed-off-by: Mathias Kresin <dev@kresin.me>
* ramips: remove Planex CS-QR10 sound device tree nodeMathias Kresin2017-04-281-11/+0
| | | | | | | | The comptible string is neither added by any LEDE patch nor exists in in the kernel. Drop the sound node which was obviously added accidentally with 9195d8da ("ramips: DTS rework"). Signed-off-by: Mathias Kresin <dev@kresin.me>
* ramips: cleanup SPI flash device tree properties usageMathias Kresin2017-04-28110-116/+6
| | | | | | | | | Use only the jedec,spi-nor compatible string. Everything else either never worked or is only support to keep compatibility. Remove the linux,modalias property. It is obsolete since kernel 4.4. Signed-off-by: Mathias Kresin <dev@kresin.me>
* ramips: remove DT pcie nodes for GL-MT300A/NFelix Fietkau2017-04-282-26/+0
| | | | | | These devices don't have a secondary wifi chip Signed-off-by: Felix Fietkau <nbd@nbd.name>
* ramips: ZyXEL Keenetic Omni/Omni2: export gpio usb powerVitaly Chekryzhev2017-04-282-0/+22
| | | | | | Export gpio usb to allow power management of USB port. Signed-off-by: Vitaly Chekryzhev <13hakta@gmail.com>
* ramips: ZyXEL Keenetic Viva: align factory imagesVitaly Chekryzhev2017-04-281-1/+1
| | | | | | ZyXEL web-flasher requires squashfs to be aligned to 64kb. Signed-off-by: Vitaly Chekryzhev <13hakta@gmail.com>
* ramips: ZyXEL Keenetic Viva: export gpio usb powerVitaly Chekryzhev2017-04-281-0/+11
| | | | | | Export gpio usb to allow power management of USB port. Signed-off-by: Vitaly Chekryzhev <13hakta@gmail.com>
* ramips: add ip17xx support to WLI-TX4-AG300NYo Abe2017-04-281-0/+1
| | | | | | | | | ramips/rt288x WLI-TX4-AG300N was missing support for its 100Mbit switch which should be included by default. Signed-off-by: Yo Abe <abe.geel@gmail.com> [Jo-Philipp Wich: picked from OpenWrt PR#359, rewrap commit msg, fix Sob] Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ramips: fix EX2700 wireless macJoseph C. Lehner2017-04-281-13/+11
| | | | | | | | On some EX2700 devices, the MAC address from the eeprom data differs from the actual MAC address. Fix that, and cleanup the DTS file while we're at it. Signed-off-by: Joseph C. Lehner <joseph.c.lehner@gmail.com>
* ramips: ZyXEL Keenetic series update wan macVitaly Chekryzhev2017-04-281-1/+3
| | | | Signed-off-by: Vitaly Chekryzhev <13hakta@gmail.com>
* ramips: ZyXEL Keenetic Omni align factory imagesVitaly Chekryzhev2017-04-281-2/+2
| | | | | | ZyXEL web-flasher requires squashfs to be aligned to 64kb. Signed-off-by: Vitaly Chekryzhev <13hakta@gmail.com>
* ramips: correct keenetic-series switch indexVitaly Chekryzhev2017-04-281-1/+1
| | | | | | Fix switch name typo Signed-off-by: Vitaly Chekryzhev <13hakta@gmail.com>
* ramips: add support for Netgear WN3000RPv3Thibaut VARENE2017-04-287-2/+163
| | | | | | | | | | | | | | | | | | | | This patch adds support for the Netgear WN3000RPv3 http://www.netgear.com/support/product/wn3000rpv3.aspx Specifications: - SoC: MediaTek MT7620A (580MHz, ramips) - RAM: 32MB DDR - Storage: 8MB NOR SPI flash - Wireless: builtin MT7620A, 2x2:2 with u.FL connectors - Ethernet: 1x100M - Serial: JP1 header, 57600-8N1 - Stock firmware based on OpenWRT Kamikaze Like the EX2700, the bootloader expects a secondary image signature, see https://forum.openwrt.org/viewtopic.php?pid=312577#p312577 This is why the same fakeroot image is used for the WN3000 Signed-off-by: Thibaut VARENE <hacks@slashdirt.org>
* ramips: fix mac address of miwifi-miniBangLang Huang2017-04-282-1/+5
| | | | | | | For the miwifi-mini, the offset of ethernet mac should be 0x28 which you can easyily dump from 'Factory' partition. Signed-off-by: BangLang Huang <banglang.huang@foxmail.com>
* ramips: Clean duplicated status property for Omega2 WMAC in dtsiFurong Xu2017-04-281-4/+0
| | | | | | At the tail of dtsi, wmac is enabled twice, clean the first one Signed-off-by: Furong Xu <xfr@outlook.com>
* ramips: fixed sms led polarity into dwr-512 DTGiuseppe Lippolis2017-04-281-1/+1
| | | | Signed-off-by: Giuseppe Lippolis <giu.lippolis@gmail.com>
* ramips: WN3000RPv3: do not setup switchThibaut VARENE2017-04-281-0/+1
| | | | | | | | | The WN3000RPv3 is a repeater with a single ethernet port. Setting up the switch, even to disable it, is unnecessary and possibly confusing. Configure LAN as eth0 instead. Signed-off-by: Thibaut VARENE <hacks@slashdirt.org>
* x86: enable 4G high memory support for generic (32bit) subtargetJo-Philipp Wich2017-04-272-3/+8
| | | | | | | | | This is required to fully support a number of 32bit x86 systems equipped with more than one GB ram, e.g. certain Atom CPU machines. Ref: https://forum.lede-project.org/t/17-01-1-x86-doesnt-detect-all-of-the-ram/3295 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* generic: keep module aliases inside .modinfoYousong Zhou2017-04-272-12/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It seems module aliases are actually essential info. E.g. other modules may call xt_request_find_match(NFPROTO_IPV{4,6}, "hashlimit", 1) and the kernel will request user mode modprobe helper for ipt_hashlimit and ip6t_hashlimit respectively which are aliases of xt_hashlimit.ko Compile-tested for armvirt, there is nearly no size impact. Before -rw-r--r-- 1 yousong yousong 304 Jan 10 17:37 config.seed -rw-r--r-- 1 yousong yousong 1634 Jan 11 11:07 lede-armvirt-default.manifest -rw-r--r-- 1 yousong yousong 1533647 Jan 11 11:07 lede-armvirt-default-rootfs.tar.gz -rw-r--r-- 1 yousong yousong 1802711 Jan 11 11:07 lede-armvirt-root.ext4.gz -rw-r--r-- 1 yousong yousong 1544597 Jan 11 11:07 lede-armvirt-rootfs.cpio.gz -rw-r--r-- 1 yousong yousong 1174984 Jan 11 11:07 lede-armvirt-root.squashfs.gz -rwxr-xr-x 1 yousong yousong 1654712 Jan 11 11:07 lede-armvirt-zImage -rwxr-xr-x 1 yousong yousong 2738296 Jan 11 11:07 lede-armvirt-zImage-initramfs drwxr-xr-x 2 yousong yousong 4096 Jan 10 17:35 packages -rw-r--r-- 1 yousong yousong 739 Jan 10 17:37 sha256sums After -rw-r--r-- 1 yousong yousong 304 Jan 10 17:37 config.seed -rw-r--r-- 1 yousong yousong 1634 Jan 11 11:10 lede-armvirt-default.manifest -rw-r--r-- 1 yousong yousong 1533646 Jan 11 11:10 lede-armvirt-default-rootfs.tar.gz -rw-r--r-- 1 yousong yousong 1802711 Jan 11 11:10 lede-armvirt-root.ext4.gz -rw-r--r-- 1 yousong yousong 1544593 Jan 11 11:10 lede-armvirt-rootfs.cpio.gz -rw-r--r-- 1 yousong yousong 1174984 Jan 11 11:10 lede-armvirt-root.squashfs.gz -rwxr-xr-x 1 yousong yousong 1654736 Jan 11 11:10 lede-armvirt-zImage -rwxr-xr-x 1 yousong yousong 2738144 Jan 11 11:10 lede-armvirt-zImage-initramfs drwxr-xr-x 2 yousong yousong 4096 Jan 10 17:35 packages -rw-r--r-- 1 yousong yousong 739 Jan 10 17:37 sha256sums Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* kernel: use skb_cow_head() to deal with cloned skbsÁlvaro Fernández Rojas2017-04-237-0/+267
| | | | | | | | | | | We need to ensure there is enough headroom to push extra header, but we also need to check if we are allowed to change headers. skb_cow_head() is the proper helper to deal with this. Fixes Ethernet<->WiFi bridge for Raspberry Pi and probably other devices. Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>