openwrt/openwrt.git
2 years agoscript: ipkg-build: honour $SOURCE_DATE_EPOCH
Jo-Philipp Wich [Thu, 8 Nov 2018 10:52:33 +0000 (11:52 +0100)]
script: ipkg-build: honour $SOURCE_DATE_EPOCH

When the SOURCE_DATE_EPOCH environment variable is set, use it to
override the timestamps of .ipk archive contents.

This ensures that .ipk archives built in environments without SCM
metadata (mainly the SDK) are reproducible between different runs.

Ref: https://github.com/openwrt/packages/issues/6954
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit d157a76c67bcb821d3ec8dcd4312390ef129a95a)

2 years agomac80211: brcmutil: backport chanspec debugging patch
Rafał Miłecki [Wed, 7 Nov 2018 11:21:59 +0000 (12:21 +0100)]
mac80211: brcmutil: backport chanspec debugging patch

It helps debugging possible WARN-ings.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2 years agomac80211: brcmfmac: backport the latest 4.20 changes
Rafał Miłecki [Wed, 7 Nov 2018 08:01:32 +0000 (09:01 +0100)]
mac80211: brcmfmac: backport the latest 4.20 changes

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit b50f162b3cce3d95874e4394f4765413f58765f1)

2 years agomac80211: brcmfmac: rename 4.20 backport patches
Rafał Miłecki [Wed, 7 Nov 2018 11:02:43 +0000 (12:02 +0100)]
mac80211: brcmfmac: rename 4.20 backport patches

Include kernel version to help tracking changes.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit f7a3459ab9c4d8f5102c8ae0861ca481571703f7)

2 years agomac80211: add iw command wrapper with error logging
Rafał Miłecki [Tue, 4 Sep 2018 13:20:34 +0000 (15:20 +0200)]
mac80211: add iw command wrapper with error logging

Currently it's close to impossible to tell what part of mac80211 setup
went wrong. Errors logged into system log look like this:
radio0 (6155): command failed: No error information (-524)
radio0 (6155): command failed: Not supported (-95)
radio0 (6155): command failed: I/O error (-5)
radio0 (6155): command failed: Too many open files in system (-23)

With this commit change it's getting clear:
command failed: No error information (-524)
Failed command: iw dev wlan0 del
command failed: Not supported (-95)
Failed command: iw phy phy0 set antenna_gain 0
command failed: I/O error (-5)
Failed command: iw phy phy0 set distance 0
command failed: Too many open files in system (-23)
Failed command: iw phy phy0 interface add wlan0 type __ap

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit ffa80bf5a784a34b81e32144669f30560780bdb6)

2 years agokernel: Add support for Winbond w25q128jv SPI NOR flash
Baptiste Jonglez [Thu, 18 Oct 2018 09:08:20 +0000 (11:08 +0200)]
kernel: Add support for Winbond w25q128jv SPI NOR flash

Newer batches of several Mikrotik boards contain this yet-unsupported
flash chip, for instance:

- rb941-2nd (hAP lite)
- rb952ui-5ac2nd (hAP ac lite)
- RBM33G

and probably other Mikrotik boards need this patch as well.

The patch was submitted upstream by Robert Marko: https://patchwork.ozlabs.org/patch/934181/

Closes: FS#1715
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
Cc: Robert Marko <robimarko@gmail.com>
[Rebased + refreshed on current kernels]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2 years agoimx6: fix DMA transaction errors
Koen Vandeputte [Mon, 5 Nov 2018 16:41:00 +0000 (17:41 +0100)]
imx6: fix DMA transaction errors

Following errors were seen in the past on imx6 when using serial:

[ 22.617622] imx-uart 2020000.serial: DMA transaction error.
[ 22.623228] imx-uart 2020000.serial: DMA transaction error.
[ 22.628826] imx-uart 2020000.serial: DMA transaction error.
[ 22.648951] imx-uart 2020000.serial: DMA transaction error.
[ 22.654558] imx-uart 2020000.serial: DMA transaction error.
[ 22.660156] imx-uart 2020000.serial: DMA transaction error.

Which is the reason why DMA for the serial ports
got disabled in commits:

efb362cd93b0 ("imx6: disable dma on uart")
3b4241071dd4 ("imx6: disable UART dma")

As indicated on mailinglist discussion, the cause seems to be
the usage of very old SDMA firmware which is present in the soc:

[    0.624302] imx-sdma 20ec000.sdma: Direct firmware load for imx/sdma/sdma-imx6q.bin failed with error -2
[    0.624318] imx-sdma 20ec000.sdma: Falling back to user helper
[   64.531607] imx-sdma 20ec000.sdma: external firmware not found, using ROM firmware

This patch adds the new firmware binary. (2196 bytes)

It is required to embed the binary into the kernel image, as it
gets loaded very early in the boot process where the rootfs is not
available yet:

[    0.622966] imx-sdma 20ec000.sdma: loaded firmware 3.3

Extended testing shows that the DMA errors are not seen anymore
when using this newer firmware version.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2 years agoath9k: fix dynack in IBSS mode
Koen Vandeputte [Mon, 5 Nov 2018 10:31:12 +0000 (11:31 +0100)]
ath9k: fix dynack in IBSS mode

Currently, dynack was only tested upstream using AP/STA mode.
Testing it on IBSS, showed that late-ack detection was broken.

This is caused due to dynack using Association Request/Response
frames for late-ack detection, which IBSS does not use.
Also allowing Authentication frames here solves this.

A second issue also got fixed, which was also seen AP/STA mode:

When a station was added, the estimated value would be exponentially averaged
using 0 as a starting point.

This means that on larger distances, the ack timeout was still not high
enough before synchronizing would run out of late-ack's for estimation.

Fix this by using the initial estimated value as a baseline
and only start averaging in the following estimation rounds.

Test setup:
- 2x identical devices:  RB912UAG-5HPnD + 19dB sector
- IBSS
- 2x2 802.11an (ar9340), HT20, long GI
- RSSI's  -70 / -71
- Real distance: 23910 meter

Results (60s iperf runs):

Fixed coverage class 54 (up to 24300m):
* 21.5 Mbits/sec

Dynack:
* 28.9 Mbits/sec

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2 years agokernel: bump 4.14 to 4.14.79
Koen Vandeputte [Mon, 5 Nov 2018 10:23:17 +0000 (11:23 +0100)]
kernel: bump 4.14 to 4.14.79

Refreshed all patches.

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2 years agoRevert "mt76: update to the latest version"
Felix Fietkau [Thu, 1 Nov 2018 18:56:30 +0000 (19:56 +0100)]
Revert "mt76: update to the latest version"

This reverts the following commits:

24ca1cda38fbc3c5ae1302e44ea9dba20cf01ea0
79989634289b25a09a533fb97b26e34cc7e81ea1

The update was reported to cause stability issues.
Revert until those are resolved

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agokernel: tolerate using UBI/UBIFS on MLC flash (FS#1830)
Koen Vandeputte [Thu, 18 Oct 2018 12:23:36 +0000 (14:23 +0200)]
kernel: tolerate using UBI/UBIFS on MLC flash (FS#1830)

starting from upstream commit 577b4eb23811 ("ubi: Reject MLC NAND")
it is not allowed to use UBI and UBIFS on a MLC flavoured NAND flash chip. [1]

According to David Oberhollenzer [2]:

The real problem is that on MLC NAND, pages come in pairs.

Multiple voltage levels inside a single, physical memory cell are used to
encode more than one bit. Instead of just having pages that are twice as big,
the flash exposes them as two different pages. Those pages are usually not
ordered sequentially either, but according to a vendor/device specific
pairing scheme.

Within OpenWrt, devices utilizing this type of flash,
combined with UBI(fs) will be bricked when a user upgrades
from 17.01.4 to a newer version as the MLC will be refused.

As these devices are currently advertised as supported by OpenWrt,
we should at least maintain the original state during the lifecycle
of the current releases.

Support can be gracefully ended when a new release-branch is created.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Acked-by: Hauke Mehrtens <hauke@hauke-m.e>
[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v4.14.77&id=577b4eb23811dfc8e38924dc476dbc866be74253
[2] https://lore.kernel.org/patchwork/patch/920344/

2 years agomt76: update to the latest version
Felix Fietkau [Sat, 27 Oct 2018 15:56:28 +0000 (17:56 +0200)]
mt76: update to the latest version

71b7a4a mt76: fix regression in tx status handling

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agomt76: update to the latest version
Felix Fietkau [Fri, 26 Oct 2018 15:13:38 +0000 (17:13 +0200)]
mt76: update to the latest version

199d6bf mt76x2: skip station tx status for non-sta wcid entries
d83ac6e mt76: only override control->sta on sw-encrypted tx
23abe5d mt76: add support for reporting tx status with skb
f8ce59e mt7603: use common tx status handling code

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agobcm53xx: use upstream SPI controller fix
Rafał Miłecki [Tue, 23 Oct 2018 07:42:00 +0000 (09:42 +0200)]
bcm53xx: use upstream SPI controller fix

This just moves patch to use 0xx prefix and includes maintainer's s-o-b.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 9b385b24967a53e88c31aee04ba629d276c4e69d)

2 years agobcm53xx: replace SPI revert with a fix sent upstream
Rafał Miłecki [Thu, 11 Oct 2018 08:01:45 +0000 (10:01 +0200)]
bcm53xx: replace SPI revert with a fix sent upstream

Instead of reverting whole commit it's enough to just revert a single
line change. It seems the real problem with the regressing commit was a
bump of read chunk size. Switching back to 256 B chunks is enough to fix
the problem/regression.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 92de28b751a473655fd0cf3d3a8b81ca1d27d758)

2 years agokernel: add missing symbol for target bcm53xx
Koen Vandeputte [Tue, 23 Oct 2018 08:52:27 +0000 (10:52 +0200)]
kernel: add missing symbol for target bcm53xx

Fixes: 47f68ca58615 ("kernel: bump 4.14 to 4.14.77")

Reported-by: Rafał Miłecki <rafal@milecki.pl>
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2 years agodnsmasq: bump to v2.80
Kevin Darbyshire-Bryant [Sun, 19 Aug 2018 18:52:00 +0000 (20:52 +0200)]
dnsmasq: bump to v2.80

Cherry-picked & squashed from relevant commits from master:

dnsmasq v2.80 release

Change from rc1:

91421cb Fix compiler warning.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 6c4d3d705a0d6e508de94dc49736c250ecdae27c)

dnsmasq: remove creation of /etc/ethers

Remove creation of file /etc/ethers in dnsmasq init script as the
file is now created by default in the base-files package by
commit fa3301a28e

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 6c227e45cb6a97c61d9fa2ffa35cebee2a048739)

dnsmasq: bump to dnsmasq v2.80test5

Refresh patches
Remove 240-ubus patch as upstream accepted.
Add uci option ubus which allows to enable/disable ubus support (enabled
by default)

Upstream commits since last bump:

da8b651 Implement --address=/example.com/#
c5db8f9 Tidy 7f876b64c22b2b18412e2e3d8506ee33e42db7c
974a6d0 Add --caa-record
b758b67 Improve logging of RRs from --dns-rr.
9bafdc6 Tidy up file parsing code.
97f876b Properly deal with unaligned addresses in DHCPv6 packets.
cbfbd17 Fix broken DNSSEC records in previous.
b6f926f Don't return NXDOMAIN to empty non-terminals.
c822620 Add --dhcp-name-match
397c050 Handle case of --auth-zone but no --auth-server.
1682d15 Add missing EDNS0 section. EDNS0 section missing in replies to EDNS0-containing queries where answer generated from --local=/<domain>/
dd33e98 Fix crash parsing a --synth-domain with no prefix. Problem introduced in 2.79/6b2b564ac34cb3c862f168e6b1457f9f0b9ca69c
c16d966 Add copyright to src/metrics.h
1dfed16 Remove C99 only code.
6f835ed Format fixes - ubus.c
9d6fd17 dnsmasq.c fix OPT_UBUS option usage
8c1b6a5 New metrics and ubus files.
8dcdb33 Add --enable-ubus option.
aba8bbb Add collection of metrics
caf4d57 Add OpenWRT ubus patch

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 3d377f4375c6e4a66c6741bbd2549ad53ef671b3)

dnsmasq: bump to dnsmasq 2.80test6

Refresh patches

Changes since latest bump:

af3bd07 Man page typo.
d682099 Picky changes to 47b45b2967c931fed3c89a2e6a8df9f9183a5789
47b45b2 Fix lengths of interface names
2b38e38 Minor improvements in lease-tools
282eab7 Mark die function as never returning
c346f61 Handle ANY queries in context of da8b6517decdac593e7ce24bde2824dd841725c8
03212e5 Manpage typo.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 43d4b8e89e68fcab00698ee3b70a58c74813a6a7)

dnsmasq: Handle memory allocation failure in make_non_terminals()

Backport upstream commit:

ea6cc33 Handle memory allocation failure in make_non_terminals()

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 687168ccd9154b1fb7a470fa8f42ce64a135f51d)

dnsmasq: Change behavior when RD bit unset in queries.

Backport upstream commit

Change anti cache-snooping behaviour with queries with the
recursion-desired bit unset. Instead to returning SERVFAIL, we
now always forward, and never answer from the cache. This
allows "dig +trace" command to work.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 6c4cbe94bd940b5c061e27744eb78805764d6b34)

dnsmasq: bump to v2.80test7

Bump to latest test release:

3a610a0 Finesse allocation of memory for "struct crec" cache entries.
48b090c Fix b6f926fbefcd2471699599e44f32b8d25b87b471 to not SEGV on startup (rarely).
4139298 Change behavior when RD bit unset in queries.
51cc10f Add warning about 0.0.0.0 and :: addresses to man page.
ea6cc33 Handle memory allocation failure in make_non_terminals()
ad03967 Add debian/tmpfiles.conf
f4fd07d Debian bugfix.
e3c08a3 Debian packaging fix. (restorecon)
118011f Debian packaging fix. (tmpfiles.d)

Delete our own backports of ea6cc33 & 4139298, so the only real changes
here, since we don't care about the Debian stuff are 48b090c & 3a610a0

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit d9a37d8d1eb7d117d5aa44924064a4a3b5517ddd)

dnsmasq: bump to v2.80test8

e1791f3 Fix logging of DNSSEC queries in TCP mode. Destination server address was misleading.
0fdf3c1 Fix dhcp-match-name to match hostname, not complete FQDN.
ee1df06 Tweak strategy for confirming SLAAC addresses.
1e87eba Clarify manpage for --auth-sec-servers
0893347 Make interface spec optional in --auth-server.
7cbf497 Example config file fix for CERT Vulnerability VU#598349.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 30cc5b0bf4f3cdfe950ca7fc380a34c81dd9d7e4)

dnsmasq: add dhcp-ignore-names support - CERT VU#598349

dnsmasq v2.80test8 adds the ability to ignore dhcp client's requests for
specific hostnames.  Clients claiming certain hostnames and thus
claiming DNS namespace represent a potential security risk. e.g. a
malicious host could claim 'wpad' for itself and redirect other web
client requests to it for nefarious purpose. See CERT VU#598349 for more
details.

Some Samsung TVs are claiming the hostname 'localhost', it is believed
not (yet) for nefarious purposes.

/usr/share/dnsmasq/dhcpbogushostname.conf contains a list of hostnames
in correct syntax to be excluded. e.g.

dhcp-name-match=set:dhcp_bogus_hostname,localhost

Inclusion of this file is controlled by uci option dhcpbogushostname
which is enabled by default.

To be absolutely clear, DHCP leases to these requesting hosts are still
permitted, but they do NOT get to claim ownership of the hostname
itself and hence put into DNS for other hosts to be confused/manipulate by.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit a45f4f50e16cd2d0370a4470c3ede0c6c7754ba9)

dnsmasq: fix compile issue

Fix compile issue in case HAVE_BROKEN_RTC is enabled

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit 39e5e17045aceb2bfbd6b5c6ecfd6cfbce2f3311)

dnsmasq: bump to v2.80rc1

53792c9 fix typo
df07182 Update German translation.

Remove local patch 001-fix-typo which is a backport of the above 53792c9

There is no practical difference between our test8 release and this rc
release, but this does at least say 'release candidate'

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit b8bc672f247a68bc6f72f08f9352cd7aaa5cb9c4)

dnsmasq: fix dnsmasq failure to start when ujail'd

This patch fixes jailed dnsmasq running into the following issue:

|dnsmasq[1]: cannot read /usr/share/dnsmasq/dhcpbogushostname.conf: No such file or directory
|dnsmasq[1]: FAILED to start up
|procd: Instance dnsmasq::cfg01411c s in a crash loop 6 crashes, 0 seconds since last crash

Fixes: a45f4f50e16 ("dnsmasq: add dhcp-ignore-names support - CERT VU#598349")

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[bump package release]
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 583466bb5b374b29b6b7cba6f065e97c4734f742)
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2 years agokernel: bump 4.14 to 4.14.78
Koen Vandeputte [Mon, 22 Oct 2018 12:13:40 +0000 (14:13 +0200)]
kernel: bump 4.14 to 4.14.78

Refreshed all patches.

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2 years agokernel: bump 4.9 to 4.9.135
Koen Vandeputte [Mon, 22 Oct 2018 09:51:07 +0000 (11:51 +0200)]
kernel: bump 4.9 to 4.9.135

Refreshed all patches.

Fixes:
- CVE-2018-10883

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2 years agokernel: bump 4.14 to 4.14.77
Koen Vandeputte [Thu, 18 Oct 2018 10:11:27 +0000 (12:11 +0200)]
kernel: bump 4.14 to 4.14.77

Refreshed all patches.

Altered patches:
- 666-Add-support-for-MAP-E-FMRs-mesh-mode.patch

New symbol for arm targets:
    - HARDEN_BRANCH_PREDICTOR

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Tested-by: Stijn Tintel <stijn@linux-ipv6.be>
2 years agokernel: bump 4.9 to 4.9.134
Koen Vandeputte [Thu, 18 Oct 2018 10:01:18 +0000 (12:01 +0200)]
kernel: bump 4.9 to 4.9.134

Refreshed all patches.

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2 years agoar71xx: fix mtd corruption
Fabio Bettoni [Wed, 17 Oct 2018 12:27:31 +0000 (14:27 +0200)]
ar71xx: fix mtd corruption

In commit 9e1530b2a35e ("kernel: bump 4.9 to 4.9.117 for 18.06") [1], the following patch for removed:
- 403-mtd_fix_cfi_cmdset_0002_status_check.patch

This patch contained fixes for both write and erase functions.

While the chip-detects for erase got fixed upstream [2],
some modifications are still required, even with the fixes applied.

Not doing so results in following errors seen:

Collected errors:
 * pkg_write_filelist: Failed to open //usr/lib/opkg/info/luci-lib-ip.list: I/O error.
 * opkg_install_pkg: Failed to extract data files for luci-lib-ip. Package debris may remain!
 * opkg_install_cmd: Cannot install package luci-ssl.
 * opkg_conf_write_status_files: Can't open status file //usr/lib/opkg/status: I/O error.

[    0.780920] jffs2: version 2.2 (NAND) (SUMMARY) (LZMA) (RTIME) (CMODE_PRIORITY) (c) 2001-2006 Red Hat, Inc.
[    8.406396] jffs2: notice: (415) jffs2_build_xattr_subsystem: complete building xattr subsystem, 0 of xdatum (0 unchecked, 0 orphan) and 0 of xref (0 dead, 0 orphan) found.
[    8.423476] mount_root: switching to jffs2 overlay
[  270.902671] jffs2: Write of 1989 bytes at 0x005ce6f8 failed. returned -5, retlen 962
[  270.931965] jffs2: Write of 1989 bytes at 0x005ceec0 failed. returned -5, retlen 0
[  270.939631] jffs2: Not marking the space at 0x005ceec0 as dirty because the flash driver returned retlen zero
[  270.950397] jffs2: Write of 68 bytes at 0x005ceec0 failed. returned -5, retlen 0
[  270.957838] jffs2: Not marking the space at 0x005ceec0 as dirty because the flash driver returned retlen zero
[  270.968584] jffs2: Write of 68 bytes at 0x005ceec0 failed. returned -5, retlen 0
[  270.976027] jffs2: Not marking the space at 0x005ceec0 as dirty because the flash driver returned retlen zero
[  270.986735] jffs2: Write of 68 bytes at 0x005ceec0 failed. returned -5, retlen 0
[  270.994225] jffs2: Not marking the space at 0x005ceec0 as dirty because the flash driver returned retlen zero

[1] https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=fec8fe806963c96a6506c2aebc3572d3a11f285f
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v4.9.133&id=a0239d83e1cb60de5e78452d4708c083b9e3dcbe

Fixes: 9e1530b2a35e ("kernel: bump 4.9 to 4.9.117 for 18.06")
Signed-off-by: Fabio Bettoni <fbettoni@gmail.com>
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2 years agokernel: bump 4.14 to 4.14.76
Koen Vandeputte [Mon, 15 Oct 2018 09:24:04 +0000 (11:24 +0200)]
kernel: bump 4.14 to 4.14.76

Refreshed all patches.

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2 years agokernel: bump 4.9 to 4.9.133
Koen Vandeputte [Mon, 15 Oct 2018 09:22:06 +0000 (11:22 +0200)]
kernel: bump 4.9 to 4.9.133

Refreshed all patches.

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2 years agomac80211: fix A-MSDU packet handling with TCP retransmission
Felix Fietkau [Thu, 11 Oct 2018 16:48:35 +0000 (18:48 +0200)]
mac80211: fix A-MSDU packet handling with TCP retransmission

Improves local TCP throughput and fixes use-after-free bugs that could lead
to crashes.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agonetfilter: add missing dependency for kernel 4.14
Koen Vandeputte [Wed, 10 Oct 2018 15:31:40 +0000 (17:31 +0200)]
netfilter: add missing dependency for kernel 4.14

Since kernel 4.14.75 commit ("netfilter: xt_cluster: add dependency on conntrack module")
a dependency is required on kmod-nf-conntrack.

It seems this was already present for kmod-ipt-clusterip
but not yet for kmod-ipt-cluster

Add it fixing a build error when including kmod-ipt-cluster:

Package kmod-ipt-cluster is missing dependencies for the following libraries:
nf_conntrack.ko
modules/netfilter.mk:665: recipe for target '/mnt/ramdisk/koen/firmware/builds/openwrt/bin/targets/cns3xxx/generic/packages/kmod-ipt-cluster_4.14.75-1_arm_mpcore_vfp.ipk' failed
make[3]: *** [/mnt/ramdisk/koen/firmware/builds/openwrt/bin/targets/cns3xxx/generic/packages/kmod-ipt-cluster_4.14.75-1_arm_mpcore_vfp.ipk] Error 1
make[3]: Leaving directory '/mnt/ramdisk/koen/firmware/builds/openwrt/package/kernel/linux'
Command exited with non-zero status 2
time: package/kernel/linux/compile#1.80#0.05#2.07
package/Makefile:107: recipe for target 'package/kernel/linux/compile' failed
make[2]: *** [package/kernel/linux/compile] Error 2
make[2]: Leaving directory '/mnt/ramdisk/koen/firmware/builds/openwrt'
package/Makefile:103: recipe for target '/mnt/ramdisk/koen/firmware/builds/openwrt/staging_dir/target-arm_mpcore+vfp_musl_eabi/stamp/.package_compile' failed
make[1]: *** [/mnt/ramdisk/koen/firmware/builds/openwrt/staging_dir/target-arm_mpcore+vfp_musl_eabi/stamp/.package_compile] Error 2
make[1]: Leaving directory '/mnt/ramdisk/koen/firmware/builds/openwrt'
/mnt/ramdisk/koen/firmware/builds/openwrt/include/toplevel.mk:216: recipe for target 'world' failed
make: *** [world] Error 2

Fixes: bba743458eb4 ("kernel: bump 4.14 to 4.14.75")
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v4.14.75&id=b969656b46626a674232c0eadf92a394b89df07c

2 years agokernel: bump 4.14 to 4.14.75
Koen Vandeputte [Wed, 10 Oct 2018 10:37:20 +0000 (12:37 +0200)]
kernel: bump 4.14 to 4.14.75

Refreshed all patches.

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2 years agokernel: bump 4.9 to 4.9.132
Koen Vandeputte [Wed, 10 Oct 2018 09:37:42 +0000 (11:37 +0200)]
kernel: bump 4.9 to 4.9.132

Refreshed all patches.

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2 years agokernel: enable memory compaction
Felix Fietkau [Tue, 9 Oct 2018 11:22:46 +0000 (13:22 +0200)]
kernel: enable memory compaction

Compaction is the only memory management component to form high order (larger
physically contiguous) memory blocks reliably. The page allocator relies on
compaction heavily and the lack of the feature can lead to unexpected OOM
killer invocations for high order memory requests. You shouldn't disable this
option unless there really is a strong reason for it.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Michal Hrusecky <michal.hrusecky@nic.cz>
2 years agoe2fsprogs: fix glibc compile issue (FS#1749,FS#1796)
Hans Dedecker [Mon, 8 Oct 2018 14:57:01 +0000 (16:57 +0200)]
e2fsprogs: fix glibc compile issue (FS#1749,FS#1796)

Fixes the following build error:

.../toolchain-i386_pentium4_gcc-7.3.0_glibc/lib/gcc/i486-openwrt-linux-gnu/7.3.0/../../../../i486-openwrt-linux-gnu/bin/ld: ../lib/libcom_err.so: undefined reference to `sem_post’
.../toolchain-i386_pentium4_gcc-7.3.0_glibc/lib/gcc/i486-openwrt-linux-gnu/7.3.0/../../../../i486-openwrt-linux-gnu/bin/ld: ../lib/libcom_err.so: undefined reference to `sem_wait'
.../toolchain-i386_pentium4_gcc-7.3.0_glibc/lib/gcc/i486-openwrt-linux-gnu/7.3.0/../../../../i486-openwrt-linux-gnu/bin/ld: ../lib/libcom_err.so: undefined reference to `sem_init’
.../toolchain-i386_pentium4_gcc-7.3.0_glibc/lib/gcc/i486-openwrt-linux-gnu/7.3.0/../../../../i486-openwrt-linux-gnu/bin/ld: ../lib/libcom_err.so: undefined reference to `sem_destroy’

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2 years agoiperf: fix --daemon option
Rafał Miłecki [Sun, 7 Oct 2018 12:17:50 +0000 (14:17 +0200)]
iperf: fix --daemon option

Support for -D got broken in the 2.0.11 release by the upstream commit
218d8c667944 ("first pass L2 mode w/UDP checks, v4 only"). After that
commit clients were still able to connect but no traffic was passed.
It was reported and is fixed now in the upstream git repository.

Backport two patches to fix this. The first one is just a requirement
for the later to apply. The second one is the real fix and it needed
only a small adjustment to apply without backporing the commit
10887b59c7e7 ("fix --txstart-time report messages").

Fixes: 7d15f96eaf76 ("iperf: bump to 2.0.12")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 87cd118794cc9375260ea213838e80ad5295e83c)

2 years agoar71xx: Fix installation of fw_setenv in sysupgrade ramdisk
Sven Eckelmann [Mon, 1 Oct 2018 10:27:25 +0000 (12:27 +0200)]
ar71xx: Fix installation of fw_setenv in sysupgrade ramdisk

The install_bin from /lib/upgrade/common.sh is no longer creating the
symlinks when a secondary parameter is added. But the fw_setenv program was
always copied this way to the ramdisk for the upgrade.

Instead, just install fw_setenv and let install_bin handle the detection of
the required dependencies.

Fixes: 438dcbfe74a6 ("base-files: automatically handle paths and symlinks for RAMFS_COPY_BIN")
Signed-off-by: Sven Eckelmann <sven.eckelmann@openmesh.com>
2 years agobase-files: Reintroduce sysupgrade_pre_upgrade hook
Sven Eckelmann [Mon, 1 Oct 2018 09:48:04 +0000 (11:48 +0200)]
base-files: Reintroduce sysupgrade_pre_upgrade hook

The sysupgrade_pre_upgrade hook was removed with 6a27c2f4b1a4 ("base-files:
drop fwtool_pre_upgrade") while there were still scripts using it:

* target/linux/ar71xx/base-files/lib/upgrade/allnet.sh
* target/linux/ar71xx/base-files/lib/upgrade/openmesh.sh
* target/linux/ipq40xx/base-files/lib/upgrade/openmesh.sh

Not running the hooks can either prevent a successful upgrade or brick the
device because the fw_setenv program cannot be started correctly.

Fixes: 6a27c2f4b1a4 ("base-files: drop fwtool_pre_upgrade")
Signed-off-by: Sven Eckelmann <sven.eckelmann@openmesh.com>
2 years agonetifd: fix segfault (FS#1875)
Hans Dedecker [Sun, 7 Oct 2018 13:33:29 +0000 (15:33 +0200)]
netifd: fix segfault (FS#1875)

d0fa124 iprule: fix segfault (FS#1875)

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2 years agobuild: use CMAKE_SOURCE_SUBDIR variable to cmake.mk
Amol Bhave [Tue, 2 Oct 2018 15:48:27 +0000 (08:48 -0700)]
build: use CMAKE_SOURCE_SUBDIR variable to cmake.mk

Sometimes, the CMakeLists.txt file is not in the root directory of a
repo. In those cases, the CMAKE_SOURCE_SUBDIR variable can be specified
to use CMakeLists.txt from a subdirectory instead.

Signed-off-by: Amol Bhave <ambhave@fb.com>
2 years agokernel: bump 4.14 to 4.14.74
Koen Vandeputte [Thu, 4 Oct 2018 09:28:09 +0000 (11:28 +0200)]
kernel: bump 4.14 to 4.14.74

Refreshed all patches.

Fixes CVE:

- CVE-2018-7755

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2 years agokernel: bump 4.9 to 4.9.131
Koen Vandeputte [Thu, 4 Oct 2018 09:27:39 +0000 (11:27 +0200)]
kernel: bump 4.9 to 4.9.131

Refreshed all patches.

Fixes CVE:

- CVE-2018-10880
- CVE-2018-7755

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2 years agoar71xx: flag FritzBox 4020 buttons as active low
David Bauer [Tue, 11 Sep 2018 15:04:16 +0000 (17:04 +0200)]
ar71xx: flag FritzBox 4020 buttons as active low

Buttons of AVM FritzBox 4020 are incorrectly flagged as active high.

This was an oversight as RFKill button was working as expected even
with incorrectly flagged GPIO.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit cd02d4faf981bd4de0427cd23812b41192635d82)

2 years agokmod-sched-cake: bump to 20181002
Kevin Darbyshire-Bryant [Tue, 2 Oct 2018 18:54:30 +0000 (19:54 +0100)]
kmod-sched-cake: bump to 20181002

Revert "Add workaround for wrong skb->mac_len values after splitting GSO"

Remove our local patch which did the same thing.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 885052fbfb0ea5ee49e6abc6878ae99ee011688b)

2 years agokmod-sched-cake: don't gso fixup on fixed kernels
Kevin Darbyshire-Bryant [Fri, 28 Sep 2018 08:42:33 +0000 (09:42 +0100)]
kmod-sched-cake: don't gso fixup on fixed kernels

Kernels 4.14.73 & 4.9.140 include the gso fixup fix, so cake
doesn't need to do it.  Let's not waste cpu cycles by doing it in
cake which could be really important on cpu constrained devices.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit b47614f9f18c7d1c24104ef1d53c8d1ac8920ba4)

2 years agokerneL: bump 4.14 to 4.14.73
Koen Vandeputte [Tue, 2 Oct 2018 09:14:20 +0000 (11:14 +0200)]
kerneL: bump 4.14 to 4.14.73

Refreshed all patches.

Removed upstreamed:
- 192-Revert-ubifs-xattr-Don-t-operate-on-deleted-inodes.patch

Compile-tested on: cns3xxx, imx6, x86_64
Runtime-tested on: cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2 years agokernel: bump 4.9 to 4.9.130
Koen Vandeputte [Tue, 2 Oct 2018 09:13:48 +0000 (11:13 +0200)]
kernel: bump 4.9 to 4.9.130

Refreshed all patches.

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2 years agomt76: update to the latest version, fixes mt76x2 beacon issue
Felix Fietkau [Mon, 1 Oct 2018 11:39:48 +0000 (13:39 +0200)]
mt76: update to the latest version, fixes mt76x2 beacon issue

53e1110 mt76: mt76x2: fix multi-interface beacon configuration

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agomac80211: fix management frame protection issue with mt76 (and possibly other drivers)
Felix Fietkau [Sat, 29 Sep 2018 14:09:17 +0000 (16:09 +0200)]
mac80211: fix management frame protection issue with mt76 (and possibly other drivers)

Software crypto wasn't working for management frames because the flag
indicating management frame crypto was missing

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agomt76: update to the latest version from the 18.06 branch
Felix Fietkau [Sat, 29 Sep 2018 11:32:13 +0000 (13:32 +0200)]
mt76: update to the latest version from the 18.06 branch

497c304 mt7603: fix wcid for frames sent via drv_tx
27af7a5 mt76: fix handling ps-poll frames
c3dba28 mt76: check aggregation sequence number for frames sent via drv_tx

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agouboot-lantiq: fix compatibility with gcc7
Martin Schiller [Mon, 24 Sep 2018 12:09:05 +0000 (14:09 +0200)]
uboot-lantiq: fix compatibility with gcc7

Backport u-boot commit 704f3acfcf55343043bbed01c5fb0a0094a68e8a to fix
compatibility with gcc7.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
2 years agoramips: fix Archer C20 sysupgrade
Steffen Förster [Mon, 24 Sep 2018 20:37:22 +0000 (22:37 +0200)]
ramips: fix Archer C20 sysupgrade

The sysupgrade image failed the check due to the wrong string in the
supported devices. This patch provides the correct name by dropping the
SUPPORTED_DEVICES to use the default generated name.

Signed-off-by: Steffen Förster <steffen@chemnitz.freifunk.net>
[drop the SUPPORTED_DEVICES, the old name was never used in a release]
Signed-off-by: Mathias Kresin <dev@kresin.me>
2 years agoramips: ex2700: actually remove kmod-mt76*
Joseph C. Lehner [Fri, 7 Sep 2018 14:22:09 +0000 (16:22 +0200)]
ramips: ex2700: actually remove kmod-mt76*

When building using the multiple devices option with per-device root
filesystem, only the meta package mt76 is omitted but not the
dependencies selected by the package.

Explicitly exclude all 3 mt76 packages, plus the metapackage.
Otherwise, these modules will be included in the build, wasting
a few hundred kilobytes.

Signed-off-by: Joseph C. Lehner <joseph.c.lehner@gmail.com>
[mention the root cause of the issue in the commit message]
Signed-off-by: Mathias Kresin <dev@kresin.me>
2 years agokernel: bump 4.14 to 4.14.72
Koen Vandeputte [Wed, 26 Sep 2018 10:57:03 +0000 (12:57 +0200)]
kernel: bump 4.14 to 4.14.72

Refreshed all patches.

Removed upstreamed:
- 180-earlycon-initialize-port-uartclk-based-on-clock-frequency-property.patch
- 181-earlycon-remove-hardcoded-port-uartclk-initialization-in-of_setup_earlycon. patch
- 700-1-6-e1000e-Remove-Other-from-EIAC.patch
- 700-2-6-Partial-revert-e1000e-Avoid-receiver-overrun-interrupt-bursts.patch
- 700-3-6-e1000e-Fix-queue-interrupt-re-raising-in-Other-interrupt.patch
- 700-4-6-e1000e-Avoid-missed-interrupts-following-ICR-read.patch

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2 years agokernel: bump 4.9 to 4.9.129
Koen Vandeputte [Wed, 26 Sep 2018 10:55:25 +0000 (12:55 +0200)]
kernel: bump 4.9 to 4.9.129

Refreshed all patches.

Removed upstreamed:
- 203-MIPS-ath79-fix-restart.patch

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2 years agokernel: pick earlycon regression fixes from the stable-queue.git
Rafał Miłecki [Mon, 24 Sep 2018 11:46:08 +0000 (13:46 +0200)]
kernel: pick earlycon regression fixes from the stable-queue.git

This fixes regression introduced in kernel 4.14 and makes bcm53xx revert
obsolete.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 43d36606d668edf155da9d879110de2894df825a)

2 years agobuild: drop buildbot toolchain rebuild check when not using git
Felix Fietkau [Mon, 24 Sep 2018 09:02:30 +0000 (11:02 +0200)]
build: drop buildbot toolchain rebuild check when not using git

The check cleans and rebuilds the toolchain if it changed on update.
When building from a source tarball, it is reasonable to expect that
there will be no updates, so no rebuild check is necessary

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agomac80211: fix tx queue allocation for active monitor interfaces
Felix Fietkau [Sat, 22 Sep 2018 13:18:46 +0000 (15:18 +0200)]
mac80211: fix tx queue allocation for active monitor interfaces

Fixes a crash with drivers like ath9k

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agomt76: fix tx power issue for mt76x2
Felix Fietkau [Sat, 22 Sep 2018 10:56:10 +0000 (12:56 +0200)]
mt76: fix tx power issue for mt76x2

6e1898d mt76x2: fix tx power configuration for VHT mcs 9

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agomac80211: backport upstream fixes
Koen Vandeputte [Fri, 21 Sep 2018 11:48:53 +0000 (13:48 +0200)]
mac80211: backport upstream fixes

Backport most significant upstream fixes (excl. hwsim fixes)
Refreshed all patches.

Contains important fixes for CSA (Channel Switch Announcement)
and A-MSDU frames.

[slightly altered to apply cleanly]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2 years agokernel: bump 4.14 to 4.14.71
Koen Vandeputte [Thu, 20 Sep 2018 12:35:52 +0000 (14:35 +0200)]
kernel: bump 4.14 to 4.14.71

Refreshed all patches.

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2 years agokernel: bump 4.9 to 4.9.128
Koen Vandeputte [Thu, 20 Sep 2018 12:35:27 +0000 (14:35 +0200)]
kernel: bump 4.9 to 4.9.128

Refreshed all patches.

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2 years agoath9k: fix unloading the module
Felix Fietkau [Thu, 20 Sep 2018 08:06:49 +0000 (10:06 +0200)]
ath9k: fix unloading the module

Registering a GPIO chip with the ath9k device as parent prevents unload,
because the gpiochip core increases the module use count.
Unfortunately, the only way to avoid this at the moment seems to be to
register the GPIO chip without a parent device

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2 years agouqmi: pass-through ipXtable to child interfaces
Daniel Golle [Sat, 15 Sep 2018 17:16:52 +0000 (19:16 +0200)]
uqmi: pass-through ipXtable to child interfaces

Allow setting specific routing tables via the ip4table and ip6table
options also when ${ifname}_4 and ${ifname}_6 child interfaces are
being created.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit e51aa699f7ca3ce83a0add622c0fd17d0caafc46)

2 years agokernel: bump 4.14 to 4.14.70 for 18.06
Stijn Segers [Sun, 16 Sep 2018 15:28:54 +0000 (17:28 +0200)]
kernel: bump 4.14 to 4.14.70 for 18.06

Refreshes patches and bumps 4.14 kernel to 4.14.70 for OpenWrt 18.06.

Compile-tested on ramips/mt7621, x86/64, imx6.
Run-tested on ramips/mt7621, x86/64, imx6.

Signed-off-by: Stijn Segers <foss@volatilesystems.org>
[added ubifs fix + tested on imx6]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2 years agokernel: bump 4.9 to 4.9.127 for 18.06
Stijn Segers [Sun, 16 Sep 2018 15:28:53 +0000 (17:28 +0200)]
kernel: bump 4.9 to 4.9.127 for 18.06

Refreshes patches and bumps 4.9 kernel to 4.9.127 for OpenWrt 18.06.

Compile-tested on ar71xx.

Signed-off-by: Stijn Segers <foss@volatilesystems.org>
2 years agoiproute2: q_cake: Also print nonat, nowash and no-ack-filter keywords
Kevin Darbyshire-Bryant [Fri, 14 Sep 2018 20:52:39 +0000 (21:52 +0100)]
iproute2: q_cake: Also print nonat, nowash and no-ack-filter keywords

Pull in latest upstream tweaks:
Similar to the previous patch for no-split-gso, the negative keywords for
'nat', 'wash' and 'ack-filter' were not printed either. Add those as well.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 033f02b9b5580e67e2f1b623f62da60d645e7ba2)

2 years agotoolchain/glibc: update to latest 2.26 commit
Hans Dedecker [Thu, 13 Sep 2018 07:26:44 +0000 (09:26 +0200)]
toolchain/glibc: update to latest 2.26 commit

c5c90b480e Fix segfault in maybe_script_execute.
174709d879 pthread_cond_broadcast: Fix waiters-after-spinning case [BZ #23538]
c9570bd2f5 x86: Populate COMMON_CPUID_INDEX_80000001 for Intel CPUs [BZ #23459]
86e0996b1a x86: Correct index_cpu_LZCNT [BZ #23456]
cf6deb084b conform/conformtest.pl: Escape literal braces in regular expressions
b12bed3e06 stdio-common/tst-printf.c: Remove part under a non-free license [BZ #23363]
20dc7a909a libio: Add tst-vtables, tst-vtables-interposed
4b10e69b1f Synchronize support/ infrastructure with master
762e9d63d5 NEWS: Reorder out-of-order bugs
2781bd5a86 libio: Disable vtable validation in case of interposition [BZ #23313]
74d16a57a3 Check length of ifname before copying it into to ifreq structure.
3aaf8bda00 getifaddrs: Don't return ifa entries with NULL names [BZ #21812]
f958b45d52 Use _STRUCT_TIMESPEC as guard in <bits/types/struct_timespec.h> [BZ #23349]
81b994bd83 Fix parameter type in C++ version of iseqsig (bug 23171)
7b52c8ae05 libio: Avoid _allocate_buffer, _free_buffer function pointers [BZ #23236]
4df8479e6b Add NEWS entry for CVE-2018-11236
a5bc5ec967 Add references to CVE-2018-11236, CVE-2017-18269
58ad5f8a64 Add a test case for [BZ #23196]
6b4362f2cb Don't write beyond destination in __mempcpy_avx512_no_vzeroupper (bug 23196)

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2 years agoiproute2: q_cake: Add printing of no-split-gso option
Kevin Darbyshire-Bryant [Wed, 12 Sep 2018 07:24:37 +0000 (08:24 +0100)]
iproute2: q_cake: Add printing of no-split-gso option

When the GSO splitting was turned into dual split-gso/no-split-gso options,
the printing of the latter was left out. Add that, so output is consistent
with the options passed

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 8cac8572897c28e902218b445aa9bed82c40989f)

2 years agoiproute2: update cake man page
Kevin Darbyshire-Bryant [Mon, 27 Aug 2018 08:52:55 +0000 (15:52 +0700)]
iproute2: update cake man page

CAKE supports overriding of its internal classification of
packets through the tc filter mechanism.

Update the man page in our package, even though we don't
build them.  Someone may find the documentation useful.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 30598a05385b0ac2380dd4f30037a9f9d0318cf2)
(cherry picked from commit dc9388ac5506f2d0ea0fee6967c003b9129c8ca5)

2 years agokmod-sched-cake: fix 6in4/gso performance issue
Kevin Darbyshire-Bryant [Wed, 12 Sep 2018 04:10:55 +0000 (05:10 +0100)]
kmod-sched-cake: fix 6in4/gso performance issue

Bump to latest upstream cake:

Add workaround for wrong skb->mac_len values after splitting GSO

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 66fd41ba79356b1b776ba29dd8191039abc23061)

2 years agokmod-sched-cake: bump to 20180827
Kevin Darbyshire-Bryant [Mon, 13 Aug 2018 12:49:19 +0000 (13:49 +0100)]
kmod-sched-cake: bump to 20180827

Expand filter flow mapping to include hosts as well

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit d14ffdc307d36bd9abe908b46ff7baece54c9551)
(cherry picked from commit 721dfd4eb8a4a568c7c4320436a843d30413605e)

2 years agoiproute2: cake: make gso/gro splitting configurable
Kevin Darbyshire-Bryant [Sun, 29 Jul 2018 13:56:03 +0000 (14:56 +0100)]
iproute2: cake: make gso/gro splitting configurable

This patch makes sch_cake's gso/gro splitting configurable
from userspace.

To disable breaking apart superpackets in sch_cake:

tc qdisc replace dev whatever root cake no-split-gso

to enable:

tc qdisc replace dev whatever root cake split-gso

Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
Signed-off-by: Dave Taht <dave.taht@gmail.com>
[pulled from netdev list - no API/ABI change]
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit 3e8a9389961cd866b867740a2f71c2a0af97ab56)

2 years agokmod-sched-cake: bump to 20180728 optional gso split
Kevin Darbyshire-Bryant [Sat, 28 Jul 2018 20:11:14 +0000 (21:11 +0100)]
kmod-sched-cake: bump to 20180728 optional gso split

Follow upstream kernel patch that restores always splitting gso packets
by default whilst making the option configurable from (tc) userspace.

No ABI/API change

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit fe077d20e3b484e55ad49d5711673d05d7a301de)

2 years agomac80211: brcmfmac: backport CYW89342 support & fixes from 4.20
Rafał Miłecki [Wed, 12 Sep 2018 06:40:03 +0000 (08:40 +0200)]
mac80211: brcmfmac: backport CYW89342 support & fixes from 4.20

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit b3d441c5f7c5247c1b0c3b6e9827d49a27093d50)

2 years agomac80211: brcmfmac: backport patch for per-firmware features
Rafał Miłecki [Tue, 31 Jul 2018 07:44:19 +0000 (09:44 +0200)]
mac80211: brcmfmac: backport patch for per-firmware features

This allows driver to support features that can't be dynamically
discovered.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit fecbd91c7c12b5b1cfe894c2901083cc42863aae)

2 years agomac80211: brcmfmac: backport 4.19 patches preparing monitor mode support
Rafał Miłecki [Thu, 26 Jul 2018 21:20:30 +0000 (23:20 +0200)]
mac80211: brcmfmac: backport 4.19 patches preparing monitor mode support

Monitor mode isn't supported yet with brcmfmac, it's just an early work.
This also prepares brcmfmac to work stable with new firmwares which use
updated struct for passing STA info.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit c0608c6a27e74923dc94772072d4a279d652b3fc)

2 years agoodhcp6c: add client fqdn and reconfigure options
pacien [Thu, 6 Sep 2018 13:56:17 +0000 (15:56 +0200)]
odhcp6c: add client fqdn and reconfigure options

Allowing DHCPV6_CLIENT_FQDN and DHCPV6_ACCEPT_RECONFIGURE to be turned off.
Defaulting to false, former behavior remains unchanged.

Signed-off-by: pacien <pacien.trangirard@pacien.net>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
(cherry picked from commit ef01c1d308d1cb200fc14ab49f0d3d0a07e1a9fe)

2 years agokernel: bump 4.14 to 4.14.68
Koen Vandeputte [Thu, 6 Sep 2018 12:18:24 +0000 (14:18 +0200)]
kernel: bump 4.14 to 4.14.68

Refreshed all patches.

Remove upstream accepted:
- 330-Revert-MIPS-BCM47XX-Enable-74K-Core-ExternalSync-for.patch

Altered:
- 303-v4.16-netfilter-nf_tables-remove-multihook-chains-and-fami.patch
- 308-mips32r2_tune.patch

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2 years agokernel: bump 4.9 to 4.9.125
Koen Vandeputte [Thu, 6 Sep 2018 12:17:17 +0000 (14:17 +0200)]
kernel: bump 4.9 to 4.9.125

Refreshed all patches.

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2 years agodnsmasq: allow dnsmasq variants to be included in image
Henrique de Moraes Holschuh [Mon, 27 Aug 2018 11:31:29 +0000 (08:31 -0300)]
dnsmasq: allow dnsmasq variants to be included in image

The dnsmasq variants should provide dnsmasq, otherwise it is impossible
to include them in the image.

This change allows one to have CONFIG_PACKAGE_dnsmasq=m and
CONFIG_PACKAGE_dnsmasq-full=y, e.g. because you want DNSSEC support, or
IPSETs suport on your 3000-devices fleet ;-)

Signed-off-by: Henrique de Moraes Holschuh <henrique@nic.br>
2 years agompc85xx: add migration script for TP-Link TL-WDR4900 v1 WLAN PCI paths
Matthias Schiffer [Tue, 4 Sep 2018 19:27:27 +0000 (21:27 +0200)]
mpc85xx: add migration script for TP-Link TL-WDR4900 v1 WLAN PCI paths

PCI paths of the WLAN devices have changed between kernel 4.4 and 4.9;
migrate config so existing wifi-iface definitions don't break.

This is implemented as a hotplug handler rather than a uci-defaults script
as the migration script must run before the 10-wifi-detect hotplug handler.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit b452af23a8602ebf7bfb0eb084383ecd595face5)

2 years agolibubox: set RPATH for host build
Jo-Philipp Wich [Tue, 14 Aug 2018 21:54:59 +0000 (23:54 +0200)]
libubox: set RPATH for host build

This is required for programs that indirectly link libjson-c through the
libubox blobmsg_json library.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 5762efd8b29d68e219fc9d00b681269727cbf5d5)

2 years agolibubox: set HOST_BUILD_PREFIX
Daniel Golle [Mon, 6 Aug 2018 16:00:15 +0000 (18:00 +0200)]
libubox: set HOST_BUILD_PREFIX

Install into STAGING_DIR_HOST rather than STAGING_DIR_HOSTPKG to make
bundle-libraries.sh happy.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 73100024d335caaa7477e5b3be27fad1d228a234)

2 years agolibubox: make sure blobmsg-json is included in host-build
Daniel Golle [Thu, 14 Jun 2018 18:10:04 +0000 (20:10 +0200)]
libubox: make sure blobmsg-json is included in host-build

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 56e3a19ad6b09b421db84e7266f3df3d459d23b4)
[While nothing in 18.06 needs the blobmsg-json host build, this prevents
builds failing due to incompatible json-c versions installed on the host
system]
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2 years agolibjson-c: set HOST_BUILD_PREFIX
Daniel Golle [Mon, 6 Aug 2018 15:58:32 +0000 (17:58 +0200)]
libjson-c: set HOST_BUILD_PREFIX

Install into STAGING_DIR_HOST rather than STAGING_DIR_HOSTPKG to make
bundle-libraries.sh happy.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit a5368dc30c18947d260c8b68f2f83ca57bdb95b0)

2 years agolibjson-c: Update package URL
Rosen Penev [Sun, 29 Jul 2018 07:26:29 +0000 (00:26 -0700)]
libjson-c: Update package URL

Found through UScan.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 31f87ebcb25b4d266faaf347073f1913740a5891)

2 years agolibjson-c: fix host-build
Daniel Golle [Thu, 14 Jun 2018 20:53:58 +0000 (22:53 +0200)]
libjson-c: fix host-build

Add -Wno-implicit-fallthrough to HOST_CFLAGS.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 5e9470a93b6e79ec63d2eda16f1849d7e3868562)

2 years agolibjson-c: add host build (for libblobmsg-json)
Daniel Golle [Thu, 14 Jun 2018 18:09:29 +0000 (20:09 +0200)]
libjson-c: add host build (for libblobmsg-json)

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 6fc8e06078d30e8d36a00d0ecc97ac9cc148fe60)

2 years agoar71xx: allow to override at803x sgmii aneg status
David Bauer [Mon, 6 Aug 2018 14:15:05 +0000 (16:15 +0200)]
ar71xx: allow to override at803x sgmii aneg status

When checking the outcome of the PHY autonegotiation status, at803x
currently returns false in case the SGMII side is not established.

Due to a hardware-bug, ag71xx needs to fixup the SoCs SGMII side, which
it can't as it is not aware of the link-establishment.

This commit allows to ignore the SGMII side autonegotiation status to
allow ag71xx to do the fixup work.

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 4e39e213af7e3e0cd747403e8c227e145cfef988)

2 years agoar71xx: fix QCA955X SGMII link loss
David Bauer [Mon, 6 Aug 2018 14:15:04 +0000 (16:15 +0200)]
ar71xx: fix QCA955X SGMII link loss

The QCA955X is affected by a hardware bug which causes link-loss of the
SGMII link between SoC and PHY. This happens on change of link-state or
speed.

It is not really known what causes this bug. It definitely occurs when
using a AR8033 Gigabit Ethernet PHY.

Qualcomm solves this Bug in a similar fashion. We need to apply the fix
on a per-device base via platform-data as performing the fixup work will
break connectivity in case the SGMII interface is connected to a Switch.

This bug was first proposed to be fixed by Sven Eckelmann in 2016.
 https://patchwork.ozlabs.org/patch/604782/

Based-on-patch-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit f4f99ec9737c653815268f2efad0210caaa32e2d)

2 years agogrub2: rebase patches
Jo-Philipp Wich [Thu, 23 Aug 2018 17:08:58 +0000 (19:08 +0200)]
grub2: rebase patches

Patch 300-CVE-2015-8370.patch was added without proper rebasing on the
version used by OpenWrt, make it apply and refresh the patch to fix
compilation.

Fixes: 7e73e9128f ("grub2: Fix CVE-2015-8370")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 9ffbe84ea49fc643f41bfdf687de99aee17c9154)

2 years agogrub2: Fix CVE-2015-8370
Rosen Penev [Thu, 23 Aug 2018 02:07:57 +0000 (19:07 -0700)]
grub2: Fix CVE-2015-8370

This CVE is a culmination of multiple integer overflow issues that cause
multiple issues like Denial of Service and authentication bypass.

More info: https://nvd.nist.gov/vuln/detail/CVE-2015-8370

Taken from Fedora.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 7e73e9128f6a63b9198c88eea97c267810447be4)

2 years agobzip2: Fix CVE-2016-3189
Rosen Penev [Thu, 23 Aug 2018 02:07:56 +0000 (19:07 -0700)]
bzip2: Fix CVE-2016-3189

Issue causes a crash with specially crafted bzip2 files.

More info: https://nvd.nist.gov/vuln/detail/CVE-2016-3189

Taken from Fedora.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit f9469efbfa7ce892651f9a6da713eacbef66f177)

2 years agoscripts: bundle-libraries: fix logic flaw
Jo-Philipp Wich [Wed, 29 Aug 2018 11:16:34 +0000 (13:16 +0200)]
scripts: bundle-libraries: fix logic flaw

Previous refactoring of the script moved the LDSO detection into a
file-not-exists condition, causing onyl the very first executable to
get bundled.

Solve the problem by unconditionally checking for LDSO again.

Fixes: 9030a78a71 ("scripts: bundle-libraries: prevent loading host locales")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 5ebcd32997b6d10abcd29c8795a598fdcaf4521d)

2 years agoscripts: bundle-libraries: prevent loading host locales (FS#1803)
Jo-Philipp Wich [Sat, 25 Aug 2018 12:46:57 +0000 (14:46 +0200)]
scripts: bundle-libraries: prevent loading host locales (FS#1803)

Binary patch the bundled glibc library to inhibit loading of host locale
archives in order to avoid triggering internal libc assertions when
invoking shipped, bundled executables.

The problem has been solved with upstream Glibc commit
0062ace229 ("Gracefully handle incompatible locale data") but we still
need to deal with older Glibc binaries for some time to come.

Fixes FS#1803
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 9030a78a716b0a2eeed4510d4a314393262255c2)

2 years agoramips: only limit lzma dictionary size on mt7621
Jo-Philipp Wich [Thu, 30 Aug 2018 08:51:09 +0000 (10:51 +0200)]
ramips: only limit lzma dictionary size on mt7621

The changed dictionary size leads to a different LZMA header which breaks
sysupgrade image magic checkibng on at least some RT288x boards.

Since the commit message only mentions testing on MT7621 and since the
change appears to break at least one other ramips subtarget, do not take
any chances and restrict the size limitation to only MT7621.

Fixes FS#1797
Fixes 09b6755946 ("ramips: limit dictionary size for lzma compression")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 77e2bccde8f7f98603f60473023dadec4f473cf6)

2 years agouqmi: wait for the control device too
Thomas Equeter [Thu, 16 Aug 2018 19:39:05 +0000 (21:39 +0200)]
uqmi: wait for the control device too

The control device /dev/cdc-wdm0 is not available immediately on the
D-Link DWR-921 Rev.C3, therefore the wwan interface fails to start at
boot with a "The specified control device does not exist" error.

This patch alters /lib/netifd/proto/qmi.sh to wait for
network.wwan.delay earlier, before checking for the control device,
instead of just before interacting with the modem.

One still has to use network.wwan.proto='qmi', as the "wwan" proto
performs that sort of check before any delay is possible, failing with a
"No valid device was found" error.

Signed-off-by: Thomas Equeter <tequeter@users.noreply.github.com>
2 years agocomgt: increase timeout on runcommands
Giuseppe Lippolis [Sun, 26 Aug 2018 08:52:27 +0000 (10:52 +0200)]
comgt: increase timeout on runcommands

Some combination of modem/wireless operator requires more time to
execute the commands.
Tested on DWR-512 embedded wwan modem and italian operator iliad (new
virtual operator).

Signed-off-by: Giuseppe Lippolis <giu.lippolis@gmail.com>
(cherry picked from commit 774d7fc9f2897d7b33ef15ddaa3522531eb85970)

2 years agougps: Update to fix position calculation
Bruno Randolf [Fri, 24 Aug 2018 15:59:08 +0000 (16:59 +0100)]
ugps: Update to fix position calculation

This is necessary to get my position right.
Without this my longitude is incorrecty -15.85xxxx instead of -16.52yyyy

Signed-off-by: Bruno Randolf <br1@einfach.org>
(cherry picked from commit fe960cead7005811deb03c220f6bb5660f65e1d5)

2 years agougps: Add option disabled
Bruno Randolf [Thu, 23 Aug 2018 20:59:58 +0000 (21:59 +0100)]
ugps: Add option disabled

Like many other packages, an option to disable can be practical.

Signed-off-by: Bruno Randolf <br1@einfach.org>
(cherry picked from commit 6b14a73f4f619b7bbdeac1cbcd0d34b0957ca0cb)

2 years agokernel: bump 4.14 to 4.14.67
Koen Vandeputte [Fri, 24 Aug 2018 16:00:10 +0000 (18:00 +0200)]
kernel: bump 4.14 to 4.14.67

Refreshed all patches.

Removed upstreamed patches:
- 037-v4.18-0008-ARM-dts-BCM5301x-Fix-i2c-controller-interrupt-type.patch

Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2 years agokernel: bump 4.9 to 4.9.124
Koen Vandeputte [Fri, 24 Aug 2018 15:58:52 +0000 (17:58 +0200)]
kernel: bump 4.9 to 4.9.124

Refreshed all patches.

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2 years agoar71xx: WNR612v2: fix kernel panic due to wrong Wifi LED init
Michal Cieslakiewicz [Mon, 27 Aug 2018 18:24:04 +0000 (20:24 +0200)]
ar71xx: WNR612v2: fix kernel panic due to wrong Wifi LED init

Netgear WNR612v2 flashed with recent OpenWrt builds suffers from kernel
panic at boot during wireless chip initialization, making device
unusable:

 ath: phy0: Ignoring endianness difference in EEPROM magic bytes.
 ath: phy0: Enable LNA combining
 CPU 0 Unable to handle kernel paging request at virtual address 1000fee1, epc == 801d08f0, ra == 801d0d90
 Oops[#1]:
 CPU: 0 PID: 469 Comm: kmodloader Not tainted 4.9.120 #0
 [ ... register dump etc ... ]
 Kernel panic - not syncing: Fatal exception
 Rebooting in 1 seconds..

This simple patch fixes above error. It keeps LED table in memory after
kernel init phase for ath9k driver to operate correctly (__initdata
removed).

Also, another bug is fixed - correct array size is provided to function
that adds platform LEDs (this device has only 1 connected to Wifi chip)
preventing code from going outside array bounds.

Fixes: 1f5ea4eae46e ("ar71xx: add correct named default wireless led by using platform leds")

Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
[trimmed commit message]
Signed-off-by: Mathias Kresin <dev@kresin.me>
2 years agoar71xx/generic: enable Zyxel NBG6616 in kernel config again
Matthias Schiffer [Mon, 27 Aug 2018 18:25:01 +0000 (20:25 +0200)]
ar71xx/generic: enable Zyxel NBG6616 in kernel config again

The NBG6616 shares a config symbol with the NBG6716. It was accidentally
removed from the config when the ar71xx-tiny target was split off.

Fixes: 0cd5e85e7ad6 ("ar71xx: create new ar71xx/tiny subtarget for 4MB flash devices")
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit a4f4ddba61e61d3f15d19c4e57733a9e44ec8d09)