Update mbedtls to 2.12.0
Multiple security fixes
Add support for Chacha20 and Poly1305 cryptographic primitives and their
associated ciphersuites
Difference in size on mips_24kc (ipk):
164kbytes (167882 bytes)
170kbytes (173563 bytes)
https://tls.mbed.org/tech-updates/releases/mbedtls-2.12.0-2.7.5-and-2.1.14-released
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
81d446b045 introduced incomplete
support for this device.
This patch attempts to correct the situation based on OEM source
code.
LED1-3 are GSM mode on OFW (2G/3G/4G) hence unassigned here.
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
Tested-by: David Ehrmann <ehrmann@gmail.com>
The active_low flag was missing for the user LED. This LED is open drain
(confirmed in OEM source) and open drain only makes sense for active low
GPIOs.
The two wireless LEDs mentioned in the comments are also #defined for
future reference.
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
Tested-by: Ryan Mounce <ryan@mounce.com.au>
e15c63a375 introduced code that was trying
to register GPIO 1 as both an LED and a button. The OEM source makes it
clear that LED1 is not wired to the SoC GPIOs. GPIO 1 is the reset button.
Furthermore the (green) power led default state should also be defined,
(matching OEM source), and it should be used by diag.sh since it's
currently the only software-controllable LED.
This patch fixes these issues and renames the corresponding #defines for
clarity
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
The gpios that control power toggle for USB on the RouterBOARD devices
are active low _off_ switches.
When they are active (low), power is off. When they are inactive
(high), power is on.
Rename GPIO defines, set gpios to GPIOF_ACTIVE_LOW for consistency and
reflect their true action in the display name. This brings openwrt code
in line with OEM.
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
Tested-by: Ryan Mounce <ryan@mounce.com.au>
convert the usb and both sata port power related gpio-hogs to
what they really are: fixed-regulators.
The ethernet phy-reset gpio-hog is replaced by a proper
upstream (4.15+) reset-gpios property in the mdio-node.
So this will work eventually.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
@vahid-dan reported a issue with extracting the rpi images with
Gnome's Archive Manager:
"Ubuntu Archive Manager cannot extract the file and it just
throws a general error message: "An error occurred while
extracting files".
<https://forum.lede-project.org/t/corrupted-pre-built-v18-06-0-rc2-image-for-rpi>
The MBL's rootfs.img.gz image is generated in much the same way.
Hence this patch preemptively splits the rootfs.img.gz image into
a sysupgrade and a factory image.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
This patch adds support for squashfs as the root filesystem.
advantages:
- migrate from a existing -ext4 installation and back
with the sysupgrade utility
- existing partition layout will not be lost during switch
- slightly smaller image size as compared to the -ext4 image.
disadvantages:
- needs f2fs + tools. This is because fstools rootdisk.c decides based
on the partition size (currently root partitions > 100 MiB) f2fs is
used as the rootfs_data filesystem.
- rootfs_data is placed into the rootfs partition after the squashfs.
This makes it difficult for tools that expect a /dev/sda${X} device.
It also makes it difficult for data recovery tools as they might not
expect to find a embedded partition or will be slightly confused.
... or will not support f2fs.
For people with existing build configurations: make sure to include mkf2fs
and f2fsck packages into the image. Otherwise the new -squashfs image will
only boot from the ram-overlay.
Note:
All overlay data (configurations/all installed packages/...) will be
placed in inside the rootfs partition (i.e. /dev/sda2) just after the
squashfs image.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
@vahid-dan reported a issue with extracting the rpi images with
Gnome's Archive Manager:
"Ubuntu Archive Manager cannot extract the file and it just
throws a general error message: "An error occurred while
extracting files".
<https://forum.lede-project.org/t/corrupted-pre-built-v18-06-0-rc2-image-for-rpi>
@blogic told me to split the single sdcard.img.gz for the RPi
into a sysupgrade and a factory image for all brcm2708 targets.
The factory images will have no metadata attached, this way
these utilities that can't deal with the attached metadata will
not fail for no reason.
Cc: John Crispin <john@phrozen.org>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
It was present as 4.4 compatibility, but since we now use 4.9 or later
with the new upstream solution, we don't need it anymore.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
That upstream commit caused instability in flash reads. It was reported
but there isn't any proper fix as for now.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
This includes Linksys EA9500 support, BCM53573 timer fix and
upstream-ready partitions patch that replaces two downstream hacks.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
USB 3.0 PHY is attached to the MDIO bus and should be supported
(accessed) as a MDIO device. This wasn't known initially which resulted
in writing driver that was working with MDIO bus (using some magic
values) without knowing it.
This commit updates DT to properly describe MDIO & USB 3.0 PHY and
enables required kernel drivers.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
[0-3](none, minimal[default], more, maximum)
It is not 100% backward compatible, because now 0 disables logging
Signed-off-by: Dmitry Tunin <hanipouspilot@gmail.com>
Refresh patches
Upstream commits since last bump:
3b6eb19 Log DNSSEC trust anchors at startup.
f3e5787 Trivial comment change.
c851c69 Log failure to confirm an address in DHCPv6.
a3bd7e7 Fix missing fatal errors when parsing some command-line/config options.
ab5ceaf Document the --help option in the french manual
1f2f69d Fix recurrent minor spelling mistake in french manual
f361b39 Fix some mistakes in french translation of the manual
eb1fe15 When replacing cache entries, preserve CNAMES which target them.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
This is a new & warm feature that allows nesting partiitons in DT and
mixing their types (e.g. static vs. dynamic). It's very useful for
boards that have most partitions static but some of them require extra
parsing (e.g. a "firmware" partition).
It's required to successfully backport support for new devices using
that new syntax in their DT files.
Since brcm63xx has a custom alternative patch the upstream one is being
reverted for it. The plan is to make brcm63xx use the upstream
implementation.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
The sierra_net driver is using proto_directip_setup for setup. So use
proto_directip_teardown for teardown.
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
001-Fix-compiler_state_t.ai-usage-when-INET6-is-not-defi.patch dropped due to upstream
002-Add-missing-compiler_state_t-parameter.patch dropped due to upstream
202-protocol_api.patch dropped due to implemented upstream by another way
upstream commit: 55c690f6f8
and renamed via: 697b1f7e9b
ead is the only user who use the protocol api, we have to use the new api since libpcap 1.9.0
Signed-off-by: Syrone Wong <wong.syrone@gmail.com>
Monitor mode isn't supported yet with brcmfmac, it's just an early work.
This also prepares brcmfmac to work stable with new firmwares which use
updated struct for passing STA info.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
The most important is probably regression fix in handling platform
NVRAM. That bug stopped hardware from being properly calibrated breaking
e.g. 5 GHz for Netgear R8000.
Other than that it triggers memory dumps when experiencing firmware
problems which is important for debugging purposes.
Fixes: 7e8eb7f309 ("mac80211: backport brcmfmac firmware & clm_blob loading rework")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
The OCEDO Raccoon only has one ethernet port, but currently uci sections
for WAN and LAN are created.
Additionally, newer versions of the devices U-Boot (units with SteelWRT)
set the kernel-cmdline and therefore overwrite the partition-layout.
We fix this by overwriting the cmdline supplied by the bootloader.
Signed-off-by: David Bauer <mail@david-bauer.net>
The get_status_led() function was removed due to the convertion to dts
alias based status led.
Since we don't need the boardname any longer, the functions.sh include
isn't required any more.
Fixes: c9c4b2116c ("ramips: Use dts alias based status led")
Signed-off-by: Mathias Kresin <dev@kresin.me>
With a10a204aab ("kernel: make ubi auto-attach check for a tar file
magic") the check for the magic was added without considering a failing
mtd_read(). If the read fails, no check is done and the mount code is
called straight away.
Failing with an error message for such cases seems to me the cleaner way,
as it would allow to spot hidden/workaround issues.
Signed-off-by: Mathias Kresin <dev@kresin.me>
The first block(s) of the ubi mtd device might be bad. We need to take
care on our own to skip the bad block(s) and read the next one(s).
Don't treat recoverable read errors as fatal and check for the UBI magic
if the data of a block could be recovered using ECC or similar.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Move the put_mtd_device() called on multiple error conditions to a goto
label to use it later for more error conditions.
The early return on failed open of the mtd device and mismatching mtd
type allows to get rid of one level of indentation. By jumping to the
cleanup code, a refcount bug is fixed for the wrong flash type condition.
While at it, make clear that we only check for the UBI magic if the read
from flash was successful.
Signed-off-by: Mathias Kresin <dev@kresin.me>