don't set no-ssl3-method when CONFIG_OPENSSL_WITH_SSL3 di disabled otherwise the compile breaks with this error:
../libssl.so: undefined reference to `SSLv3_client_method'
Fixes CVE: CVE-2017-3735, CVE-2017-3736
Signed-off-by: Peter Wagner <tripolar@gmx.at>
Check if the compiler defines __linux__, instead of assuming that the
host OS is the same as the target OS.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
There was a typo in module.mk for pfe module autoload.
This patch is to fix this and remove useless rc.local
which was for loading pfe module.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
The QorIQ FRDM-LS1012A Board is an ultra-low-cost
development platform for QorIQ LS1012A Series Network
Processors built on ARM Cortex-A53 processor.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
This patch is to add PPA (The Primary Protected Application)
package and also enable it for all layerscape devices.
LSDK github provides ppa source code git tree, but it
only could be compiled with 64-bit toolchain. For 32-bit
devices, there was no method to use it.
https://github.com/qoriq-open-source/ppa-generic
This patch is to directly use a private ppa binary tree for
both 32-bit and 64-bit devices.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
This patch is to use ppfe git tree on LSDK github
instead of private git tree, and support the latest
ppfe on ls1012ardb.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Some new options were introduced by kernel patches.
And some options should be removed/added.
The config-4.9 should be updated accordingly.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Updated kernel patches to align layerscape kernel
with latest LSDK linux (LSDK-17.09-update-103017-V4.9 tag).
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Default profile had to enable many packages for all devices
support. This made these packages still enabled when built
for single device. This patch is to remove default profile.
For multiple devices build, it's proper to build with multiple
devices profile.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
restool is a user space application providing the
ability to dynamically create and manage Layerscape
DPAA2 containers and objects from Linux.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
This patch is to add data path layout files for the
second generation Data Path Acceleration Architecture.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
This patch is to add package support for Management
Complex Firmware for the second generation Data Path
Acceleration Architecture.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
A previous patch disaggregated kernel patch 601 intending to
reverse the ndo_get_stats64 change, but it also dropped
many other changes without a reason. This caused build issue
for layerscape. This patch is to fix that with below steps.
1. Reversed patch "1c4415a layerscape: reverse changes to ndo_get_stats64",
but kept kernel patch 701 which was a proper fix.
2. Reversed the ndo_get_stats64 change in kernel patch 601.
3. Renamed patch 601 (net patch) to 202 (core-linux patch). Maybe it's
more proper.
Fixes: 1c4415a679 ("layerscape: reverse changes to ndo_get_stats64")
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
On the Asus RT-N16, the ports are not mapped the in the same way as
the RT-N12. It is, however, the same as the Linksys E3000v1.
Signed-off-by: Tim Thorpe <timfthorpe@gmail.com>
The memcpy of the init data relies on chip->registers to be initialized,
which only happens later in the code. Move this initialization further
down to make it work.
This was breaking PCIe/USB on some MikroTik RouterBoard devices.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Shell function return code only has range [0, 255]. Other values will
be truncated, e.g. return 65536 will have the same effect as return 0
While at it, drop other "return $rc" where rc will almost always take
value 0 and whose value current callers actually do not check
Fixes FS#988
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
The MAC addresses were not being set for LAN and WAN. This will now use the
same MAC mechanism as the rest of the target.
Signed-off-by: Daniel Gimpelevich <daniel@gimpelevich.san-francisco.ca.us>
TP-Link TL-WR840N v5 is simple N300 router with 5-port FE switch and
non-detachable antennas, based on MediaTek MT7628NN (aka MT7628N) WiSoC.
Specification:
- MT7628N/N (580 MHz)
- 64 MB of RAM (DDR2)
- 4 MB of FLASH
- 2T2R 2.4 GHz
- 5x 10/100 Mbps Ethernet
- 2x external, non-detachable antennas
- UART (J1) header on PCB (115200 8n1)
- 1x LED (GPIO-controlled), 1x button
* LED in TL-WR840N v5 is a dual-color, dual-leads type which isn't
(fully) supported by gpio-leds driver. This type of LED requires both
GPIOs state change at the same time to select color or turn it off.
For now, we support/use only the green part of the LED.
Orange LED is registered so you can later use it for your own purposes.
Flash instruction:
Unlike TL-WR840N v4 flashing through WEB UI works in v5.
1. Download lede-ramips-mt76x8-tl-wr840n-v5-squashfs-sysupgrade.bin image.
2. Go to 192.168.0.1
3. Flash the sysupgrade image through Firmware upgrade section of WEB UI.
4. Wait until green LED stops flashing and use the router.
Notes:
TFTP recovery is broken since TP-Link reused bootloader code for v4 and
that does not take into account only 4 MB of flash and bricks the device.
So do not use TFTP Recovery or you will have to rewrite SPI flash.
They fixed it in later GPL code,but it is unknown which version of
bootloader you have.
After manually compiling and flashing bootloader from GPL sources TFTP
recovery works properly.
Signed-off-by: Robert Marko <robimarko@gmail.com>
When we run "opkg install" on a package that installs an uci-defaults
script, functions.sh will fail to evaluate that script in its
default_postinst function.
This happens because there is no "./" present and it searches for the
file in paths specified by the PATH variable. This would work on bash,
but it will not work on ash and some other shells like sh, zsh. This
applys to the ". filename" directive used in this case.
This patch will make the path relative to the /etc/uci-defaults
directory.
Fixes: FS#1021
Signed-off-by: Marko Ratkaj <marko.ratkaj@sartura.hr>
The splitter ignored the rootfs offset from the header, probably
because until c1e6e61 it was invalid.
This patch fixes the splitter to use the now correct header data.
Regarding target/linux/ar71xx/files/drivers/mtd/tplinkpart.c,
this particular splitter "falls back" to the correct rootfs offset
reading and as such it doesn't need to be updated, although it will
report a kernel partition length that can be larger than the actual
length as it assumes that partition fills the entire segment up to
the rootfs partition.
Tested-by: Mathias Kresin <dev@kresin.me>
Tested-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
Tested-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Tested-by: Henryk Heisig <hyniu@o2.pl>
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
With '-a' specified on the command line, the current code:
- computes an aligned _kernel length_ instead of an aligned _rootfs
offset_.
- does not update the rootfs offset after computing the new kernel
length, and instead retains the layout default.
When the kernel length exceeds the available space left with this
fixed offset, the resulting image header contains invalid data, with
the recorded rootfs offset overlapping the kernel area.
This patch ensures that rootfs offset is correctly computed and
reflected in the final image.
Furthermore, the build_fw() function special cases the rootfs_align
option because of the above invalid logic. This is also fixed and
the computed (or command-line provided, or layout-provided) rootfs_ofs
value is used in all cases.
There seems to be no valid reason to extend the kernel length beyond
the actual length of the kernel itself (OFW images don't do it) so this
part of the existing behavior is dropped.
Example image before the patch:
Kernel data offset : 0x00000200 / 512 bytes
Kernel data length : 0x00158438 / 1410104 bytes
Kernel load address : 0x00000080
Kernel entry point : 0x00000080
Rootfs data offset : 0x00140000 / 1310720 bytes
Rootfs data length : 0x001e4f7e / 1986430 bytes
Example image after the patch:
Kernel data offset : 0x00000200 / 512 bytes
Kernel data length : 0x001583fe / 1410046 bytes
Kernel load address : 0x00000080
Kernel entry point : 0x00000080
Rootfs data offset : 0x00158600 / 1410560 bytes
Rootfs data length : 0x001e4e22 / 1986082 bytes
Tested-by: Mathias Kresin <dev@kresin.me>
Tested-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
Tested-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Tested-by: Henryk Heisig <hyniu@o2.pl>
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
Due to limitations in the symvers treatment and the mei drivers
exporting the same funtions, modpost might use the wrong mei driver
to link against.
Work around this by renaming them all to the same name, making it
always the "right" module name even if the wrong file was used.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Apearently we need to ensure mwlwifi loads before mwifiex on
the WRT3200ACM, else mwifiex will claim the wifi.
Fix this by reverting to AutoLoad, but keep the removal of
mac80211 line.
This partially reverts commit 471d5dc6e3.
Fixes: 471d5dc6e3 ("mwlwifi: switch to AutoProbe")
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
If PKG_BUILD_DIR contains symlinks, the generated Module.symvers will
contain the resolved paths, not the virtual path with the symlink name.
This breaks the filter for the module's own symbols, so to fix this
ensure we also grep for the resolved path.
Reported-by: Roman Yeryomin <roman@advem.lv>
Tested-by: Roman Yeryomin <roman@advem.lv>
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Let the generic postinstall script invoke "kmodloader" when the just
installed package contains any /etc/module.d/ entries.
This allows us to skip the explicit "insert_module()" calls in the
package postinstall.
Due to the removed insert_module calls we do not need to assemble a
complete list of modules per package anymore, which allows for vast
simplification of the package generation code.
While we're at it, also support specifying default parameters for
modules using either the MODPARAM or MODPARAM.modulename variables
in KernelPackage.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Update to latest Git in order to fix potential memory corruption and invalid
memory access when handling query strings in conjunction with active basic
authentication.
a235636 2017-11-04 file: fix query string handling
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
commit fbde9ac718 set an incorrect sha256sum which doesn't match the
file http://sources.lede-project.org/netifd-2017-10-31-0f96606b.tar.xz
or a locally packaged checkout (which resulted in a file identical with
the one referenced by the URL above).
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
By default, hostapd assumes r1_key_holder equal to bssid. If LEDE
configures the same static r1 key holder ID on two different APs (BSSes) the
RRB exchanges fails behind them.
Signed-off-by: Yury Shvedov <yshvedov@wimarksystems.com>