Commit graph

39283 commits

Author SHA1 Message Date
Kristian Evensen
79440ea756 ramips: Add support for ZBT WE1026-5G
The ZBT WE1026-5G
(http://www.zbtlink.com/products/router/WE1026-5G.html) is the follow-up
to the ZBT WE1026 and is based on MT7620. For the previous WE1026, the
ZBT WE826 image could be used. However, as the name implies, the -5G
comes equipped with a 5GHz wifi radio. As the WE826 only has a 2.4GHz
radio, the addition of 5GHz means that a separate image is needed for
the WE1026-5G. I suspect that this image will also work on the previous
WE1026, but I don't have a device to test with.

The WE1026-5G has following specifications:
* CPU: MT7620A
* 1x 10/100Mbps Ethernet.
* 16 MB Flash.
* 64 MB RAM.
* 1x USB 2.0 port.
* 1x mini-PCIe slots.
* 1x SIM slots.
* 1x 2.4Ghz WIFI.
* 1x 5GHz wifi (MT7612)
* 1x button.
* 3x controllable LEDs.

Works:
* Wifi.
* Switch.
* mini-PCIe slot. Only tested with a USB device (a modem).
* SIM slot.
* Sysupgrade.
* Button (reset).

Not working:
* The 5GHz WIFI LED is completely dead. I suspect the issue is the same
as on other devices with Mediatek 5Ghz wifi-cards/chips. The LED is
controlled by the driver, and mt76 (currently) does not support this.

Not tested:
* SD card reader.

Notes:
* The modem (labeled 3G/4G) and power LEDs are controlled by the
hardware.
* There is a 32MB version of this device available, but I do not have
access to it. I have therefor only added support for the 16MB version,
but added all the required infrastructure to make adding support for the
32MB version easy.

Installation:
The router comes pre-installed with OpenWRT, including a variant of
Luci. The initial firmware install can be done through this UI,
following normal procedure. I.e., access the UI and update the firmware
using the sysupgrade-image. Remember to select that you do not want to
keep existing settings.

Recovery:
If you brick the device, the WE1026-5G supports recovery using HTTP. Keep the
reset button pressed for ~5sec when booting to start the web server. Set the
address of the network interface on your machine to 192.168.1.2/24, and
point your browser to 192.168.1.1 to access the recovery UI. From the
recovery UI you can upload a firmware image.

Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
2017-09-11 17:17:05 +02:00
Toke Høiland-Jørgensen
76c3a033f6 ath10k: Re-enable intermediate softqueues for all devices
The upstream ath10k driver disables the intermediate softqueues for some
devices. This patch reverts that behaviour and always enables the
softqueues (and associated bufferbloat fixes). We have had reports of people
running this with good results:
https://lists.bufferbloat.net/pipermail/make-wifi-fast/2017-September/001497.html

This also refreshes mac80211 patches.

Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
2017-09-11 17:16:17 +02:00
Baptiste Jonglez
b30ba14e2a scripts/download.pl: fail loudly if provided hash is unsupported
Currently, if the provided hash is unsupported (length different from 32
or 64 bytes), we happily download the requested file without any kind of
checksum verification.

This is quite dangerous and may provide a false sense of security, because
a single typo in the hash (e.g. one character deleted by mistake) may skip
checksum verification entirely.

Instead, fail immediately if we don't support the provided hash.
In particular, if an external package repository decides to change the
hash algorithm one day, we will now fail loudly instead of skipping
checksum verification without complaints.

Note: if some users of scripts/download.pl knowingly provide an empty hash
because they don't need checksum verification, this change will break
them.  This does not seem to be the case currently, but if this feature is
ever needed, an option should be added to download.pl instead of relying
on the hash being empty.

Fixes: eaa4eba10a ("scripts/download.pl: add SHA-256 support")

Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
2017-09-11 17:13:02 +02:00
Rosen Penev
13e5e47369 ar71xx: Add GRO support to ag71xx
On a TL-WN710N, this patch increases iperf performance from ~92.5 to ~93.5 mbps. Keep in mind the WN710N is a 100mbps device. I expect greater numbers from gigabit devices.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2017-09-11 17:12:42 +02:00
Rosen Penev
6aa46bf05e ramips: Change ethernet driver to use napi_complete_done.
Backport of mailine linux commit. Speeds up ethernet slightly and reduces latency.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2017-09-11 17:03:54 +02:00
Tim Harvey
79366b8194 cns3xxx: fix GPIO controller interrupt enable
The cns3xxx interrupt controller uses a single register and as such
the 'mask' reg/functions must be used as opposed to the 'enable'/'disable'
reg/functions.

This fixes an issue that occurs if more than one GPIO on a specific controller
(there is GPIOA and GPIOB each having 32 GPIO's) uses interrupts. When one
would get enabled all others would be disabled prior to this patch.

Signed-off-by: Tim Harvey <tharvey@gateworks.com>
Acked-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2017-09-11 17:03:21 +02:00
Stijn Tintel
d5b7215e31 kernel: update 4.9 to 4.9.49
Refresh patches.
Compile-tested on octeon and x86/64.
Runtime-tested on octeon and x86/64.

Fixes CVE-2017-11600.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-09-11 01:56:14 +02:00
Stijn Tintel
c11762e435 strace: bump to 4.19
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-09-11 01:56:14 +02:00
Kevin Darbyshire-Bryant
69ac637fbb mbedtls: update to 2.6.0 CVE-2017-14032
Fixed an authentication bypass issue in SSL/TLS. When the TLS
authentication mode was set to 'optional',
mbedtls_ssl_get_verify_result() would incorrectly return 0 when the
peer's X.509 certificate chain had more than
MBEDTLS_X509_MAX_INTERMEDIATE_CA intermediates (default: 8), even when
it was not trusted. This could be triggered remotely on both the client
and server side. (Note, with the authentication mode set by
mbedtls_ssl_conf_authmode()to be 'required' (the default), the handshake
was correctly aborted).

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Tested-by: Magnus Kroken <mkroken@gmail.com>
2017-09-11 01:56:14 +02:00
Stijn Tintel
21014d9708 tcpdump: bump to 4.9.2
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-09-11 01:56:14 +02:00
Stijn Tintel
910e3bed12 lldpd: bump to 0.9.8
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-09-11 01:56:14 +02:00
Enrique Giraldo
b8b410fba3 ar71xx: add metadata to wpj344 and wpj558 images
This adds metadata to wpj344 and wpj558 images to prevent loading
firmware of wpj344 into wpj558 and vice versa. This until now was
possible and break the units and had to be recovered from the uboot.

Signed-off-by: Enrique Giraldo <enrique.giraldo@galgus.net>
2017-09-10 22:15:04 +02:00
Enrique Giraldo
71067e3b79 ar71xx: wpj558: remove unused eth1 device and fix MAC address
Signed-off-by: Enrique Giraldo <enrique.giraldo@galgus.net>
2017-09-10 22:15:04 +02:00
Enrique Giraldo
fefdb1e0b9 ar71xx: add support for COMFAST CF-E355AC
COMFAST CF-E355AC is a ceiling mount AP with PoE support, based on
Qualcomm/Atheros QCA9531 + QCA9882.

Short specification:

- 2x 10/100 Mbps Ethernet, with PoE support
- 64MB of RAM (DDR2)
- 16 MB of FLASH
- 2T2R 2.4 GHz, 802.11b/g/n
- 2T2R 5 GHz, 802.11ac/n/a
- built-in 4x 3 dBi antennas
- output power (max): 500 mW (27 dBm)
- 1x RGB LED, 1x button
- built-in watchdog chipset

Flash instruction:

Original firmware is based on OpenWrt.
Use sysupgrade image directly in vendor GUI.

Signed-off-by: Enrique Giraldo <enrique.giraldo@galgus.net>
[whitespace fixes, ac radio caldata offset fix]
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-09-10 22:15:03 +02:00
Piotr Dymacz
90d8c0f0a2 ar71xx: add support for GL.iNet GL-USB150
GL.iNet GL-USB150 is an USB dongle WiFi router, based on Atheros AR9331.

Specification:

- 400/400/200 MHz (CPU/DDR/AHB)
- 64 MB of RAM (DDR2)
- 16 MB of FLASH (SPI NOR)
- Realtek RTL8152B USB to Ethernet bridge (connected with AR9331 PHY4)
- 1T1R 2.4 GHz
- 2x LED, 1x button
- UART header on PCB

Flash instruction:

Vendor firmware is based on OpenWrt CC. GUI or sysupgrade can be used
to flash LEDE firmware.

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
2017-09-10 22:14:43 +02:00
Lorenzo Santina
bd24d53ea2 hostapd: fix iapp_interface option
ifname variable were not assigned due to syntax error
causing the hostapd config file to have an empty iapp_interface= option

Signed-off-by: Lorenzo Santina <lorenzo.santina.dev@gmail.com>
2017-09-10 08:30:32 +02:00
Jorge Amorós
e2218ea148 lantiq: ARV7519RW22: enable PCIe
Enable PCIe to make the (still unsupported) WAVE300 wireless visible to
the system.

Signed-off-by: Jorge Amorós <joramar76@yahoo.es>
2017-09-10 08:30:23 +02:00
Vittorio Alfieri
31b5069a50 lantiq: VR200v: enable PCI
Enable PCI to make the (still unsupported) WAVE300 wireless visible to
the system.

Signed-off-by: Vittorio Alfieri <vittorio88@gmail.com>
2017-09-09 10:05:05 +02:00
Thibaut VARENE
991681cf49 ramips: Archer C50v1: support US and EU versions
For the Archer C50v1, the EU and US versions are differentiated by their
respective HW additional version (0x0 for US, 0x2 for EU).

The stock web interface checks this field before flashing, making it
impossible to flash the current (US) factory image on EU hardware.

However the bootloader does not check this field, making it possible to use
a single sysupgrade image for both hardware.

This patch adds the necessary build bits to generate both EU and US factory
images, and renames the target as "Archer C50v1" since there are as of now
3 different versions of Archer C50 (all with different CPUs).

Signed-off-by: Thibaut VARENE <hacks@slashdirt.org>
2017-09-09 09:55:26 +02:00
Thibaut VARENE
66a8c8f04c tools/firmware-utils: mktplinkfw2: allow parameter override
This patch enables commandline override of board hw_ver and hw_ver_add

Signed-off-by: Thibaut VARENE <hacks@slashdirt.org>
2017-09-09 09:55:26 +02:00
Kevin Darbyshire-Bryant
09735db18b kernel: update 4.4 to 4.4.87
Fixes CVE-2017-11600

No patch refresh required

Compile & run tested: ar71xx - Archer C7 v2

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2017-09-09 09:55:25 +02:00
Kristian Evensen
80829022b0 ramips: add support for the HNET C108
The HNET C108
(http://www.szhwtech88.com/Product-product-cid-100-id-4374.html) is a
mifi based on MT7602A, which has the following specifications:

* CPU: MT7620A
* 1x 10/100Mbps Ethernet.
* 16 MB Flash.
* 64 MB RAM.
* 1x USB 2.0 port. Only power is connected, this port is meant for
charging other devices.
* 1x mini-PCIe slots.
* 1x SIM slots.
* 1x 2.4Ghz WIFI.
* 1x button.
* 6000 mAh battery.
* 5x controllable LEDs.

Works:
* Wifi.
* Switch.
* mini-PCIe slot. Only tested with a USB device (a modem).
* SIM slot.
* Sysupgrade.
* Button (reset).

Not working (also applies to the factory firmware):
* Wifi LED. It is always switched on, there is no relation to the
up/down state or activity of the wireless interface.

Not tested:
* SD card reader.

Notes:
* The C108 has no dedicated status LED. I therefore set the LAN LED as
status LED.

Installation:
The router comes pre-installed with OpenWRT, including a variant of
Luci. The initial firmware install can be done through this UI,
following normal procedure. I.e., access the UI and update the firmware
using the sysupgrade-image. Remember to select that you do not want to
keep existing settings.

Recovery:
If you brick the device, the C108 supports recovery using TFTP. Keep the
reset button pressed for ~5sec when booting to trigger TFTP. Set the
address of the network interface on your machine to 10.10.10.3/24, and
rename your image file to Kernal.bin.

Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
2017-09-09 09:55:13 +02:00
Mathias Kresin
096dff8fcd kernel: rtl8306: fix port link status
In case the link changes from down to up, the register is only updated
on read. If the link failed/was down, this bit will be 0 until after
reading this bit again.

Fixes a reported link down by swconfig alebit the link is up (query for
the link again will show the correct link status)

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-09-08 21:52:38 +02:00
Mathias Kresin
47be42c347 lantiq: fix xrx200 switch carrier state
In conditions where none of the switch ports is connected during boot,
the priv->port[i].link != priv->port[i].phydev->link condition is false
since both link values are equal (false). The carrier of the switch
netdev is never set to off and the link state reported by ip is UNKNOWN.

Turn the carrier off if none of the switch ports has a link, regardless
whether something has been changed. Add a check for a carrier to
prevent unnecessary calls to netif_carrier_off() if the carrier is
already off.

Based on a patch send by Martin Schiller.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-09-08 21:48:48 +02:00
Kevin Darbyshire-Bryant
5629904ea8 dnsmasq: backport arcount edns0 fix
Don't return arcount=1 if EDNS0 RR won't fit in the packet.

Omitting the EDNS0 RR but setting arcount gives a malformed packet.
Also, don't accept UDP packet size less than 512 in received EDNS0.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2017-09-08 10:07:04 +02:00
John Crispin
23317f18bd mediatek: fix mdio schedule while atomic error
Signed-off-by: John Crispin <john@phrozen.org>
2017-09-07 10:11:45 +02:00
Kevin Darbyshire-Bryant
9a753c49ea dnsmasq: backport official fix for CVE-2017-13704
Remove LEDE partial fix for CVE-2017-13704.

Backport official fix from upstream.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> (PKG_RELEASE increase)
2017-09-07 08:09:54 +02:00
Matthias Schiffer
f12a5b8f6d
uclient: update to 2017-09-06
24d6eded73de uclient-http: fix Host: header for literal IPv6 addresses
83ce236dab86 uclient-fetch: read_data_cb: fix a potential buffer overflow

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
2017-09-06 15:46:03 +02:00
Kristian Evensen
f3b4e50cee ramips: fix default LED configuration
Commit 77645ffcd9 ("ramips: add support for the GnuBee Personal Cloud
One") dropped the execution permission from 01_leds with the result
that the file isn't started during first boot and no default LED
configuration is added.

Revert the introduced file permission change.

Fixes: FS#979

Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
[cherry picked the fix from a board support patch]
Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-09-06 08:14:23 +02:00
Hans Dedecker
995193ccdb odhcp6c: add workaround for broken extendprefix scenario
Extendprefix is typically used to extend an IPv6 RA prefix from a mobile
wan link to the LAN; such scenario requires correct RA prefix settings
like the on link flag not being set.
However some mobile manufacter set the RA prefix on link flag which breaks
basic IPv6 routing.
Work around this issue by filtering out the route being equal to the
extended prefix.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-09-05 14:46:18 +02:00
Mathias Kresin
6b06c2fb8e lantiq: drop kernel 4.4 support
Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-09-05 08:43:39 +02:00
Edward O'Callaghan
e0d6f541f7 lantiq: switch to kernel 4.9
Signed-off-by: Edward O'Callaghan <funfunctor@folklore1984.net>
2017-09-05 08:43:39 +02:00
Kevin Darbyshire-Bryant
9c82861cb8 kernel: update 4.4 to 4.4.86
Refresh patches

Compile & run tested: ar71xx - Archer C7 v2

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2017-09-05 08:43:39 +02:00
Daniel Gonzalez Cabanelas
3c97bad0c2 ar71xx: WNDR4300: use the switch LED trigger on the WAN port
The WAN port on the Netgear WNDR4300 router has two LEDs,
amber and green. Use the switch LED trigger to behave as the
rest of the LAN HW controlled LEDs
- Green: 1 Gbps
- Amber: 100/10 Mbps

Signed-off-by: Daniel Gonzalez Cabanelas <dgcbueu@gmail.com>
2017-09-05 08:43:39 +02:00
John Crispin
5117911d91 ramips: fix mt76x8 dependencies
The commit merging mt7628 and mt7688 failed to update some
dependencies.

Signed-off-by: John Crispin <john@phrozen.org>
2017-09-05 08:08:36 +02:00
Kuang Rufan
69323a0c07 ar71xx: add support for TL-WR1041N(v2) LAN/WAN LEDs.
1. Add support to LAN/WAN LEDs attached to ar8327.
2. Fix the problem that LAN/WAN LEDs does not blink in hardware (auto)
   mode when connected to 10M/100M ethernet.

Signed-off-by: Kuang Rufan <master@a1983.com.cn>
2017-09-04 12:48:23 +02:00
Hans Dedecker
05c3647d35 odhcp6c: add ra_holdoff config option and update to git HEAD version (FS#964)
51733a6 ra: align RA update interval with RFC4861 (FS#964)

Add ra_holdoff config option which allows to configure the RA minimum
update interval which is by default 3 seconds as stated in RFC4861.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-09-03 21:34:48 +02:00
Stijn Tintel
046618f5da kernel: update 4.9 to 4.9.47
Refresh patches.
Compile-tested on ramips/mt7621 and x86/64.
Runtime-tested on ramips/mt7621 and x86/64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-09-03 22:06:28 +03:00
Stijn Tintel
ef255fc57e base-files: add /etc/profile.d to conffiles
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-09-03 01:27:46 +03:00
Stijn Tintel
8446d3de05 base-files: order conffiles alphabetically
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2017-09-03 01:27:46 +03:00
Hans Dedecker
80e2ee3e64 ubox: update to git HEAD version
b1bc8d5 kmodloader: log error message in case of out of memory
f346111 kmodloader: lift restriction on module alias info
f1ef2c3 kmodloader: fix possible segfaults
9cb63df kmodloader: fix endianess check
2cff779 kmodloader: Check module endian before loading
d54f38a kmodloader/get_module_info: initialized aliases to make it more clean
a0b6fef kmodloader: insmod: fix a memoryleak in error case
278c4c4 kmodloader/get_module_name: null-terminate the string
16f7e16 syslog: remove unnecessary sizeof struct between messages

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2017-09-01 16:05:59 +02:00
John Crispin
b957e455eb rukes.mk: this patch broken grub2 builds
Revert "rules.mk: add missing CPP definition"

This reverts commit 569f74ef49.

Signed-off-by: John Crispin <john@phrozen.org>
2017-09-01 10:17:22 +02:00
Thibaut VARENE
c30a70fc9f generic: make switch_port_stats tx/rx_bytes long long
This generic structure defines tx_bytes and rx_bytes as unsigned long (u32),
while several devices would typically report unsigned long long (u64).

The code can work as is, but there's a chance that with a sufficiently fast
interface the overflow might happen too fast to be correctly noticed by the
consumers of this data.

This patch makes both field unsigned long long and updates the only known
consumer of this data: swconfig_leds.c

Signed-off-by: Thibaut VARENE <hacks@slashdirt.org>
2017-09-01 09:30:35 +02:00
Thibaut VARENE
0369e35891 generic: provide get_port_stats() on rtl836x switches
This patch provides a generic switch_dev_ops 'get_port_stats()' callback by
taping into the relevant port MIB counters.

This callback is used by swconfig_leds led trigger to blink LEDs with port
network traffic.

Signed-off-by: Thibaut VARENE <hacks@slashdirt.org>
2017-09-01 09:30:35 +02:00
Thibaut VARENE
3056d09b40 generic: provide get_port_stats() on b53 switches
This patch provides a generic switch_dev_ops 'get_port_stats()' callback by
taping into the relevant port MIB counters.

This callback is used by swconfig_leds led trigger to blink LEDs with port
network traffic.

Signed-off-by: Thibaut VARENE <hacks@slashdirt.org>
2017-09-01 09:30:35 +02:00
Thibaut VARENE
4ddbc43cc1 generic: provide get_port_stats() on adm6996 switches
This patch provides a generic switch_dev_ops 'get_port_stats()' callback by
taping into the relevant port MIB counters.

This callback is used by swconfig_leds led trigger to blink LEDs with port
network traffic.

Signed-off-by: Thibaut VARENE <hacks@slashdirt.org>
2017-09-01 09:30:35 +02:00
Thibaut VARENE
4d8a66d934 generic: provide get_port_stats() on ar8xxx switches
This patch provides a generic switch_dev_ops 'get_port_stats()' callback by
taping into the relevant port MIB counters.

The implementation uses a generic callback that select the correct MIB counter
index based on chip version.

This callback is used by swconfig_leds led trigger to blink LEDs with port
network traffic.

Signed-off-by: Thibaut VARENE <hacks@slashdirt.org>
2017-09-01 09:30:35 +02:00
Thibaut VARENE
2b3ab0208e ramips: provide get_port_stats() on mt7530/762x switches
This patch provides a generic switch_dev_ops 'get_port_stats()' callback by
taping into the relevant port MIB counters.

This callback is used by swconfig_leds led trigger to blink LEDs with port
network traffic.

Signed-off-by: Thibaut VARENE <hacks@slashdirt.org>
2017-09-01 09:30:35 +02:00
Karl Palsson
7a423c389a procd: mdns: Support txt values with spaces
Properly quote the arguments so that you can register a service with TXT
entries that contains spaces.

Example:
   procd_add_mdns myservice tcp 9999 "key=descriptive text field 1" \
         "another=something equally verbose"

Output before:
$ avahi-browse -r -v _myservice._tcp
_myservice._tcp      local
   hostname = [blah.local]
   address = [192.168.255.74]
   port = [9999]
   txt = ["verbose" "equally" "another=something" "1" "field" "text" "key=descriptive"]

Output now:
$ avahi-browse -r -v _myservice._tcp
_myservice._tcp      local
   hostname = [blah.local]
   address = [192.168.255.74]
   port = [9999]
   txt = ["another=something equally verbose" "key=descriptive text field 1"]

Signed-off-by: Karl Palsson <karlp@etactica.com>
2017-09-01 08:58:09 +02:00
John Crispin
12930fc045 Revert "dropbear: Link ssh and scp command to /bin instead of /usr/bin"
This reverts commit f7528ed0a8.

Signed-off-by: John Crispin <john@phrozen.org>
2017-08-31 21:09:13 +02:00