Yue Cao claims that current host rate limiting of challenge ACKS
(RFC 5961) could leak enough information to allow a patient attacker
to hijack TCP sessions. He will soon provide details in an academic
paper.
Backports upstream commit 75ff39ccc1bd5d3c455b6822ab09e533c551f758
to the used LEDE kernel versions.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Should fix parser data containing uninitialized values for of probed
physmap flashes, which could break e.g. the redboot parser.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
This generates proper images when using CONFIG_TARGET_MULTI_PROFILE and
CONFIG_TARGET_PER_DEVICE_ROOTFS.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Thanks to this images for SoftMAC devices don't get brcmfmac anymore and
b43 is added for devices with (quite poor) support only.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
9pfs is used by kvm to share files between host and guest,
add proper config option to enable it.
Signed-off-by: Matteo Croce <matteo.croce@canonical.com>
This allows building images for selected devices with brcmfmac only
(without b43 which is for SoftMAC devices).
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Reviewed-by: Jo-Philipp Wich <jo@mein.io>
Thunder Timecloud is a small NAS with MT7621A. It has 1 USB port and an
SD Card slot. There is no wireless cards.
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
Due to the missing carrier status set, the interface wasn't usable on a
BTHOMEHUB2B after ip link down and up as it is done in preinit.
Signed-off-by: Mathias Kresin <dev@kresin.me>
According to the author of the cpu temp driver, not all xrx200 boards
have a cpu temperature sensor. For that reason enable the sensor only
for tested boards.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Do not set the lan mac address for boards which having the lan mac
address already set in device tree source file.
Signed-off-by: Mathias Kresin <dev@kresin.me>
The device tree binding and the associated code duplicates functionality
already patched into the etop driver. The compatible string isn't used
any more. Therefore the whole code can be dropped.
The "mac-increment" property allowed to increment a mac address received
via kernel cmdline. This functionality isn't used by any device and
should be added as etop driver device tree property if required again.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Use the generic mtd-mac-address dts property to get a mac address from
flash instead of the lantiq specific one.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Use the same mac address increment in device tree source file and
userspace.
Don't add a mac address increment to either the only mtd mac-address or
to all mac-addresses.
Fix a typo in the TDW89X0.dtsi file to add an increment.
Signed-off-by: Mathias Kresin <dev@kresin.me>
All device tree nodes are using the named properties now and the code
path handling the reg property isn't required any more.
The code related to the ath,eep-flash property has been reformatted to
be better readable.
Signed-off-by: Mathias Kresin <dev@kresin.me>
The conversion to the new image building code accidentally caused the kernel
image to get compressed twice, leading to boot failures when kernel and rootfs
are flashed separately.
The sysupgrade images have been unaffected by this. Also restore the elf
kernel build artifact while we're at it.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Since the only difference between 24Kec and 24Kc is the addition of DSP
ASE support, and we don't use it anymore, there is no need to keep 24Kec
as a separate cpu type.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
CPU frequency scaling enables the operating system to scale the CPU
frequency up or down in order to save power. CPU frequencies can be
scaled automatically depending on the system load, in response to ACPI
events, or manually by userspace programs.
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
There does not seem to be any meaningful difference in generated code.
This will save some time and space on snapshot builds
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Add a new "checksum" make target which generates an sha256sums file over the
image files produced in bin/targets/ and automatically call it during make
world after the package index generation.
The advantage of this new target is that it is guaranteed to run after the
images, the SDK and the ImageBuilder archives have been generated to ensure
that they all end up in the checksum file. Fixes FS#51.
Uses sed to postprocess the OpenSSL digest output into an sha256sum command
compatible format.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Change the image build code to generate the DTB files as part of the kernel
build phase in order to fix the image build in the ImageBuilder environment.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Fixes instability/corruption on the ethernet interface connected to port0 on the switch on Netgear R7800 as well.
Signed-off-by: Josh Bendavid <joshbendavid@gmail.com>
Signed-off-by: Pavel Kubelun <be.dissent@gmail.com>
Fix support for the Comtrend CT-536+, CT-5361 and CT-5621T routers support.
Currently the firmware is broken for these routers, because there is a missing
bar in the code at the DTS file avoiding to match with DTS stuff at the kernel. This
causes the router boots without ethernet connectivity. The status led also has a typo.
Signed-off-by: Daniel Gonzalez <dgcbueu@gmail.com>
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
The ATB DTB mangle code will enter an infinite loop if it encounters a
word in the command line that contains an r in the middle of the word.
Fix this by increasing ptr everytime before invoking strchr, ot avoid
finding the same r again.
This fixes booting at least on Netgear R7500v1, which contains
"ubi.mtd=rootfs" in its commandline, triggering the misbehaviour.
Fixes: 0ddcbee261 ("ipq806x: activate ATAG DTB mangle and EA8500 rootblock in dts")
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Remove the previous PIO delay patch and add a revert patch for a faulty
upstream commit, which seems to have introduced this issue in the first
place
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Fix ubifs mkfs options
Use standard Build/* commands instead of doing everything in the hackish
ubi-boot-overlay template
Fix bootfs.tar.gz build error
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Check memblock regions for sufficient size before attempting to use
them. Allow checks for multiple memblock regions until a suitable one is
found.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Now that the "sysupgrade-nand" step is used by non-NAND targets as well,
rename it to "sysupgrade-tar" to make it more generic.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Use the generic "sysupgrade-nand" build step to pack the sysupgrade file,
it performs the same steps as the inline "tar-file" macro.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
The device tree description misses some Ethernet ports and there was no
model specified for this board. In addition there was no switch
specific default configuration created.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
After b47f438 "build: remove image prefix from kernel files in KDIR", the
kernel image in $(KDIR) has a different name and could not be found by the
tar-file build step anymore, leading to the following error on the build
servers:
cp: cannot stat `.../linux-octeon/lede-octeon-generic-kernel.bin': No such file or directory
make[4]: *** [.../linux-octeon/tmp/lede-octeon-generic-ext4-sysupgrade.tar] Error 1
Adjust the path to the source kernel image in order to fix the problem.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
The stock firmware uses the single LED as status indicator only. Using the
same LED both for status and as ethernet indicator is uncommon, and has
been confusing users who were using the device as a WLAN mesh node (so the
LED was just off, as no ethernet was connected).
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Our code was assuming CPU port uses the highest number. My BCM53573
device has eth0 connected to port 8 and eth1 connected to port 5. While
working on support for it I tried to:
1) Enable all ports (including port 8)
2) Set CPU port to 5
I noticed port 8 is not accessible anymore. It was just a development
process but it seems like something worth fixing anyway.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Acked-by: Jonas Gorski <jonas.gorski@gmail.com>
Introduce an optional parameter at the local set_usb_led and
set_wifi_led function such that they can take a triggering
device. If no parameter is passed, behaviour is unchanged.
Signed-off-by: P.Wassi <p.wassi@gmx.at>
Several legacy images were not buildable because of missing profile
definitions in legacy-devices.mk since MultiProfile was removed. Update
legacy-devices.mk to provide all necessary profiles, and change ordering
to match legacy.mk.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
They are not used to produce regular firmware images anyway. Instead,
call their build templates directly if enabled in the config
Signed-off-by: Felix Fietkau <nbd@nbd.name>
The consolidation of the MR24 and WNDR4700 subtargets
into the nand subtarget broke MR24's atheros wlan.
This was because the wndr4700's board code used a
pci_fixup routines to supply the ath9k module with
the calibration data.
This is not necessary on the MR24 as it has standard
mini-pcie ports. Hence the two AR9380 mini-pcie cards
do not need any calibration data overrides.
Cc: chrisrblake93@gmail.com
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
The MR24's u-boot takes it sweet time decompressing the
LZMA-packed initramfs image. A user reported that
compared to the old gzip method in v2: it "takes a ton
longer to decompress like 4\x the old boot time for
decompression".
This patch also fixes a issue with the WNDR4700's initramfs
image getting to big and causing the following u-boot crash
during the decompression:
"Uncompressing Multi-File Image ... Error: inflate() returned -5
out-of-mem or overwrite error - must RESET board to recover"
This patch fixes both issues by reverting the MR24's initramfs
compression method back to gzip. And choosing to compress the
initramfs within the initramfs image as LZMA by default.
Cc: chrisrblake93@gmail.com
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>