Refresh patches, for changes in version 7.66.0 see https://curl.haxx.se/changes.html#7_66_0
Fixes CVEs:
CVE-2019-5481
CVE-2019-5482
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
This version fixes 3 low-severity vulnerabilities:
- CVE-2019-1547: ECDSA remote timing attack
- CVE-2019-1549: Fork Protection
- CVE-2019-1563: Padding Oracle in PKCS7_dataDecode and
CMS_decrypt_set1_pkey
Patches were refreshed.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
If an spi-gpio was specified with num-chipselects = <0> in dts, kernel
will crash:
Unable to handle kernel paging request at virtual address 32697073
pgd = (ptrval)
[32697073] *pgd=00000000
Internal error: Oops: 5 [# 1] SMP ARM
Modules linked in:
CPU: 2 PID: 1 Comm: swapper/0 Not tainted 4.19.72 #0
Hardware name: Generic DT based system
PC is at validate_desc+0x28/0x80
LR is at gpiod_direction_output+0x14/0x128
...
[<c0544db4>] (validate_desc) from [<c0545228>] (gpiod_direction_output+0x14/0x128)
[<c0545228>] (gpiod_direction_output) from [<c05fa714>] (spi_gpio_setup+0x58/0x64)
[<c05fa714>] (spi_gpio_setup) from [<c05f7258>] (spi_setup+0x12c/0x148)
[<c05f7258>] (spi_setup) from [<c05f7330>] (spi_add_device+0xbc/0x12c)
[<c05f7330>] (spi_add_device) from [<c05f7f74>] (spi_register_controller+0x838/0x924)
[<c05f7f74>] (spi_register_controller) from [<c05fa494>] (spi_bitbang_start+0x108/0x120)
[<c05fa494>] (spi_bitbang_start) from [<c05faa34>] (spi_gpio_probe+0x314/0x338)
[<c05faa34>] (spi_gpio_probe) from [<c05a844c>] (platform_drv_probe+0x34/0x70)
The cause is spi_gpio_setup() did not check if the spi-gpio has
chipselect pins before setting their direction and results in derefing
an invalid pointer.
The bug is spotted in kernel 4.19.72 and does not occur in 4.14.
There is a similar fix upstream in kernel 5.2 in commit 249e2632dcd0
("spi: gpio: Don't request CS GPIO in DT use-case").
Ref: https://patchwork.kernel.org/patch/11150619/
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
[use upstream patch, moved from hack to pending dir, commit facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Since service and instance names may contain characters which are not allowed
in JSON path labels, such as dashes or spaces, change the filter expression
to array square bracket notation to properly match these cases as well.
Fixes: 2c3dd70741 ("procd: add procd_running() helper for checking running state")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
5b4f7382af Add undef to fix test failure.
9456483fb2 Improve performance of memmem
373f8b06a3 Improve performance of strstr
4ec1b9e913 Fix strstr bug with huge needles (bug 23637)
ecd6271ed8 Speedup first memmem match
bba6b9288f Simplify and speedup strstr/strcasestr first match
7a4da6ef7a Improve strstr performance
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Add ath79 support for Archer C59v2, previously supported by ar71xx.
TP-Link Archer C59v2 is a dual-band AC1350 router based on
Qualcomm/Atheros QCA9561+QCA9886 chips.
Specification:
- 775/650/258 MHz (CPU/DDR/AHB)
- 128 MB of RAM (DDR2)
- 16 MB of FLASH (SPI NOR)
- 3T3R 2.4 GHz
- 2T2R 5 GHz
- 5x 10/100 Mbps Ethernet
- USB 2.0 port
- UART header on PCB
Flash instruction:
- via web UI:
1. Download openwrt-ath79-generic-tplink_archer-c59-v2-squashfs-factory.bin
2. Login to router and open the Advanced tab
3. Navigate to System Tools -> Firmware Upgrade
4. Upload firmware using the Manual Upgrade form
- via TFTP:
1. Set PC to fixed ip address 192.168.0.66
2. Download openwrt-ath79-generic-tplink_archer-c59-v2-squashfs-factory.bin
and rename it to tp_recovery.bin
3. Start a tftp server with the file tp_recovery.bin in its root directory
4. Turn off the router
5. Press and hold Reset button
6. Turn on router with the reset button pressed and wait ~15 seconds
7. Release the reset button and after a short time
the firmware should be transferred from the tftp server
8. Wait ~30 second to complete recovery.
Signed-off-by: Keith Maika <keithm@aoeex.com>
The Archer C58/C59 have redundant LED and MAC address definitions
in their DTS files. This moves them to the parent DTSI file.
The patch already accounts for the upcoming Archer C59 v2.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Allow flashing Luxul devices using vendor firmware format. The next step
will be building proper images once they are conirmed to work.
Signed-off-by: Dan Haab <dan.haab@legrand.com>
This makes brcmfmac use the same wiphy after PCIe reset to help user
space handle corner cases (e.g. firmware crash).
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Enable by default mtk_efuse driver since it needed by mtk_thermal driver
to read sensor calibration data
Signed-off-by: Lorenzo Bianconi <lorenzo@kernel.org>
This enables using the "eTactica" LED during boot, to indicate failsafe,
and during upgrade, while still leaving the LED alone for normal
operation. This brings the device more in line with how other devices
work, and makes the failsafe functionality easier to use and understand.
Signed-off-by: Karl Palsson <karlp@etactica.com>
Update the ath10k-ct driver version to 5e8cd86f90dac966d12df6ece84ac41458d0e95f
to enable dynamic VLANs to work. Patches refreshed during the bump.
Signed-off-by: Robert Marko <robimarko@gmail.com>
[commit description facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This enables a feature flag in the wave-2 firmware wmi-services indicating it can send
software-encrypted raw frames. This should in turn allow the AP-VLAN feature to work.
Signed-off-by: Robert Marko <robimarko@gmail.com>
This patch removes scons host build tool, as commit 7087efd72a8d
("scons: move host build tool to a proper place") in the packages feed
has moved scons into the new home.
There are currently no packages in the master tree which would need
scons, yet scons is build always as part of host tools, just in order to
satisfy host build dependency of few packages in the packages feeds.
Ref: https://github.com/openwrt/packages/pull/9584
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
commit eb204d14f75c ("base-files: implement generic service_running")
introduced generic service_running so it's not needed to copy&paste same
3 lines over and over again.
I've removed service_running from netifd/network init script as well,
because it was not working properly, looked quite strange and I didn't
understand the intention:
$ /etc/init.d/network stop
$ service network running && echo "yes" || echo "nope"
( have to wait for 30s )
Command failed: Request timed out
yes
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Adds a default status action for init.d scripts.
procd "service status" will return:
0) for loaded services (even if disabled by conf or dead)
3) for inactive services
4) when filtering a non-existing instance
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
[rebased, cleaned up]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
The Linkit Smart 7688 has a SD-Card reader that does not work with the official build of openwrt. Adding kmod-sdhci-mt7620 makes it working.
Signed-off-by: Ivan Hörler <i.hoerler@me.com>
Only the 2R version got the STM32 uC connected as 2nd SPI device.
Hence move the spidev node from mt7628an_wrtnode_wrtnode2.dtsi to
mt7628an_wrtnode_wrtnode2r.dts.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Currently for at91 target, Build/install-dtb can be triggered concurrently for
multiple different TARGET_FILESYSTEMS, cp command can fail when the
target file is already open exclusively by other cp process
[ -f /builder/shared-workdir/build/build_dir/target-arm_arm926ej-s_musl_eabi/linux-at91_sam9x/at91sam9263ek-uImage -a -f /builder/shared-workdir/build/build_dir/target-arm_arm926ej-s_musl_eabi/linux-at91_sam9x/root.ubifs+fs=-m_2048_-e_126KiB_-c_2048+pkg=68b329da ]
[ -f /builder/shared-workdir/build/build_dir/target-arm_arm926ej-s_musl_eabi/linux-at91_sam9x/at91sam9263ek-uImage -a -f /builder/shared-workdir/build/build_dir/target-arm_arm926ej-s_musl_eabi/linux-at91_sam9x/root.ext4+pkg=68b329da ]
cp -fpR /builder/shared-workdir/build/build_dir/target-arm_arm926ej-s_musl_eabi/linux-at91_sam9x/linux-4.14.141/arch/arm/boot/dts/at91sam9263ek.dtb /builder/shared-workdir/build/bin/targets/at91/sam9x/openwrt-at91-sam9x-at91sam9263ek.dtb;
cp -fpR /builder/shared-workdir/build/build_dir/target-arm_arm926ej-s_musl_eabi/linux-at91_sam9x/linux-4.14.141/arch/arm/boot/dts/at91sam9263ek.dtb /builder/shared-workdir/build/bin/targets/at91/sam9x/openwrt-at91-sam9x-at91sam9263ek.dtb;
cp: cannot create regular file '/builder/shared-workdir/build/bin/targets/at91/sam9x/openwrt-at91-sam9x-at91sam9263ek.dtb': File exists
Makefile:87: recipe for target '/builder/shared-workdir/build/build_dir/target-arm_arm926ej-s_musl_eabi/linux-at91_sam9x/tmp/openwrt-at91-sam9x-at91sam9263ek-ubifs-dtb' failed
make[4]: *** [/builder/shared-workdir/build/build_dir/target-arm_arm926ej-s_musl_eabi/linux-at91_sam9x/tmp/openwrt-at91-sam9x-at91sam9263ek-ubifs-dtb] Error 1
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Move the IRQ fix from generic to ar71xx specific.
Other targets like ath79 have specific pathes to delete this code.
This resulted in a build failure on ath79
While at it, wipe the 4.19 version, as ar71xx will never reach this.
Fixes: 530f76708cef ("ar71xx: Fix potentially missed IRQ handling during
dispatch")
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
For devices inheriting from bcm63xx_netgear, the IMAGES variable
is overwritten with the same values as defined in the parent
definition. So, remove the unnecessary overwrite.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
SquashFS has a minimum block size of at least 1k, so we need to make
sure the last data block is also at least that big.
This is not an issue on NOR or SD CARD devices, since their rootfs
partitions go all the way to the end of the usable space.
But on NAND with ubiblock, the rootfs partition will be the exact space,
rounded up to LEB size. Unfortunately, some NAND chips with small sub
pages have a LEB size of x.5 kiB. This can cause the the last data block
to be less than 1k, which will cause the last block to be inaccessible,
causing boot failures as seen on MR24:
[ 1.532960] block ubiblock0_3: created from ubi0:3(rootfs)
[ 1.538457] ubiblock: device ubiblock0_3 (rootfs) set to be root filesystem
[ 1.552847] SQUASHFS error: squashfs_read_data failed to read block 0x621472
[ 1.559896] squashfs: SQUASHFS error: unable to read id index table
[ 1.566474] VFS: Cannot open root device "(null)" or unknown-block(254,0): error -5
Since on most NOR devices, the start of the squashfs partition is not
aligned. Since the start of the rootfs_data partition there is dependend
on the SquashFS size, we cannot just always pad it, as the padding could
creep into the rootfs_data partition, breaking jffs2.
So fix this by ensuring a squashfs rootfs is always a multiple of 1k
only for UBI and NAND sysupgrade images.
Fixes#2460 without affecting NOR devices.
Tested-by: Russell Senior <russell@personaltelco.net>
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
If both interrupts are set in the current implementation
only the 1st will be handled and the 2nd will be skipped
due to the "if else" condition.
Fix this by using the same approach as done for QCA955x
just below it.
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
If both interrupts are set in the current implementation
only the 1st will be handled and the 2nd will be skipped
due to the "if else" condition.
Fix this by using the same approach as done for QCA955x
just below it.
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
e73bf11 config: ra_management compatibility support
d818380 odhcpd: router: Fix out of scope memory access
94a1c94 dhcpv6-ia: free assignment when validity timer expires
752fc2c router: speed up initial router advertisements
09aa022 router: close socket upon NETEV_IFINDEX_CHANGE fixed
79eb160 router: fix previous commit
6034b5c router: close socket upon NETEV_IFINDEX_CHANGE
000182f router: fix lingering uloop socket descriptor
f6c2242 router: support ra_lifetime being 0
d111809 router: make RA flags configurable (FS#2019)
Update odhcpd defaults according to the new RA flags implementation
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
The UniFi AC LED mapping is currently off. The blue/white LED are used
as WiFi indicators, while the vendor firmware does not feature WiFI
LEDs.
Instead, the LEDs are used to indicate the devices status. Align the LED
mapping to match the vendor firmware as good as possible.
Signed-off-by: David Bauer <mail@david-bauer.net>
a88fb42 iwinfo: add device id for Qualcomm Atheros QCA9886
1b69d86 iwinfo: add device id for Qualcomm Atheros QCA9887
Signed-off-by: David Bauer <mail@david-bauer.net>
KERNEL_DEVPTS_MULTIPLE_INSTANCES and KERNEL_POSIX_MQUEUE were
previously enabled by default only if KERNEL_LXC_MISC was selected.
KERNEL_LXC_MISC was enabled only if the SMALL_FLASH (anti-)feature
was not selected.
Now that KERNEL_LXC_MISC no longer exists, make sure that those
options are also only enabled by default for !SMALL_FLASH targets.
Fixes: 4f94a331 ("config: kernel: remove KERNEL_LXC_MISC")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Kernel features are neutral. The two cascaded features can also be
useful for other container related tools
It's also less error-prone if only kconfig symbols from the kernel are
prefixed KERNEL_
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Hans Dedecker
Eneas U de Queiroz
Álvaro Fernández Rojas
DENG Qingfang
Jo-Philipp Wich
Rafał Miłecki
Keith Maika
Adrian Schmutzler
Dan Haab
Yousong Zhou
Lorenzo Bianconi
Karl Palsson
Petr Štetiar
Robert Marko
Luiz Angelo Daros de Luca
Ivan Hörler
Daniel Golle
Felix Fietkau
Koen Vandeputte
Jonas Gorski
Ingo Feinerer
David Bauer