Commit graph

42782 commits

Author SHA1 Message Date
Russell Senior
4797dddfde patch: apply upstream cve fixes
Apply two upstream patches to address two CVEs:

 * CVE-2018-1000156
 * CVE-2018-6952

Add PKG_CPE_ID to Makefile.

Build tested on apm821xx and ar71xx.

Signed-off-by: Russell Senior <russell@personaltelco.net>
2018-10-14 13:36:09 +01:00
Hauke Mehrtens
4c3fae4adc hostapd: Add WPA-EAP-SUITE-B-192 (WPA3-Enterprise)
This adds support for the WPA3-Enterprise mode authentication.

The settings for the WPA3-Enterpriese mode are defined in
WPA3_Specification_v1.0.pdf. This mode also requires ieee80211w and
guarantees at least 192 bit of security.

This does not increase the ipkg size by a significant size.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-10-14 13:57:15 +02:00
Hauke Mehrtens
18c6c93a3b hostapd: Activate Opportunistic Wireless Encryption (OWE)
OWE is defined in RFC 8110 and provides encryption and forward security
for open networks.

This is based on the requirements in the Wifi alliance document
Opportunistic_Wireless_Encryption_Specification_v1.0_0.pdf
The wifi alliance requires ieee80211w for the OWE mode.
This also makes it possible to configure the OWE transission mode which
allows it operate an open and an OWE BSSID in parallel and the client
should only show one network.

This increases the ipkg size by 5.800 Bytes.
Old: 402.541 Bytes
New: 408.341 Bytes

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-10-14 13:57:15 +02:00
Hauke Mehrtens
4a009a16d2 hostapd: Activate Simultaneous Authentication of Equals (SAE)
This build the full openssl and wolfssl versions with SAE support which
is the main part of WPA3 PSK.

This needs elliptic curve cryptography which is only provided by these
two external cryptographic libraries and not by the internal
implementation.

The WPA3_Specification_v1.0.pdf file says that in SAE only mode
Protected Management Frames (PMF) is required, in mixed mode with
WPA2-PSK PMF should be required for clients using SAE, and optional for
clients using WPA2-PSK. The defaults are set now accordingly.

This increases the ipkg size by 8.515 Bytes.
Old: 394.026 Bytes
New: 402.541 Bytes

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-10-14 13:57:15 +02:00
Hauke Mehrtens
a1ad1144b6 hostapd: SAE: Do not ignore option sae_require_mfp
This patch was send for integration into the hostapd project.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-10-14 13:57:14 +02:00
Hauke Mehrtens
779773a0de hostapd: backport build fix when OWE is activated
This backports a compile fix form the hostapd project.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-10-14 13:57:14 +02:00
Hauke Mehrtens
4b93b03577 hostapd: sync config with default configuration
This replaces the configuration files with the versions from the hostapd
project and the adaptions done by OpenWrt.

The resulting binaries should be the same.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-10-14 13:57:14 +02:00
Hauke Mehrtens
8f7a2bd084 netifd: update to latest git HEAD
22476ff wireless: Add Simultaneous Authentication of Equals (SAE)
c6c3a0d wireless: Add Opportunistic Wireless Encryption (OWE)
a117e41 wireless: Add WPA-EAP-SUITE-B-192 (WPA3-Enterprise)

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-10-14 13:57:08 +02:00
Florian Eckert
71865200c9 uqmi: fix variable initilization for timeout handling
Also add logging output for SIM initilization.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2018-10-12 09:36:05 +02:00
Felix Fietkau
e220ffb533 mac80211: fix A-MSDU packet handling with TCP retransmission
Improves local TCP throughput and fixes use-after-free bugs that could lead
to crashes.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-10-11 18:42:54 +02:00
Rafał Miłecki
f00cb94f7c bcm53xx: add pending pinctrl driver
It's required to support devices using adjustable SoC pins for some
specific purpose (e.g. I2C, PWM, UART1).

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-10-11 14:19:22 +02:00
Robert Marko
b1ab8fac5a ath10k-ct: Update to 29-09-2018
Update ath10k-ct to be able to drop 210-ath10k-fix-recent-bandwidth-conversion-bug.patch
as its upstream.

b9989fbd5d6e ath10k-ct: Add upstream patch to fix peer rate reporting.
ac9224344dbf ath10k-ct: Support sending custom frames with no-ack flag.
bc938bc2021e ath10k-ct: Support sending pkts with specific rate on 10.4 firmware.

Runtime tested on:
- GL-iNet GL-B1300
- Mikrotik RB912 + QCA9882

Signed-off-by: Robert Marko <robimarko@gmail.com>
[Added list of all changes from previous version + add own test device]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-10-11 12:52:27 +02:00
Florian Eckert
4cabda8b7d uqmi: update PKG_RELEASE version
update PKG_RELEASE

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2018-10-11 12:18:16 +02:00
Florian Eckert
0c9d06b5b2 uqmi: stop proto handler if verify pin count is not 3
Check pin count value from pin status and stop verification the pin if
the value is less then 3. This should prevent the proto-handler to
lock the SIM. If SIM is locked then the PUK is needed.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2018-10-11 12:18:16 +02:00
Florian Eckert
4b80bd878d uqmi: evaluate pin-status output in qmi_setup function
Load the json output from uqmi --get-pin-status command and evaluate the
"pin1_status" value.

The following uqmi "pin1_status" values are evaluated:

- disabled
  Do not verify PIN because SIM verification is disabled on this SIM

- blocked
  Stop qmi_setup because SIM is locked and a PUK is required

- not_verified
  SIM is not yet verified. Do a uqmi --verify-pin1 command if a SIM is
  specified

- verified:
  Do not verify the PIN because this was already done before

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2018-10-11 12:18:16 +02:00
Florian Eckert
f171a86d06 uqmi: do not block proto handler if SIM is uninitialized
QMI proto setup-handler will wait forever if SIM does not get initialized.
To fix this stop polling pin status and notify netifd. Netifd will generate
then a "ifup-failed" ACTION.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2018-10-11 12:18:16 +02:00
Florian Eckert
dec1bfa0f4 uqmi: do not block proto handler if modem is unable to registrate
QMI proto setup-handler will wait forever if it is unable to registrate to
the mobile network. To fix this stop polling network registration status
and notify netifd. Netifd will generate then a "ifup-failed" ACTION.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2018-10-11 12:18:16 +02:00
Florian Eckert
dee93def39 uqmi: add timeout option value
This value will be used for now during following situations:
* Ask the sim with the uqmi --get-pin-status command.
* Wait for network registration with the uqmi --get-serving-system command.

This two commands wait forever in a while loop. Add a timeout to stop
waiting and so inform netifd.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2018-10-11 12:18:16 +02:00
Florian Eckert
2d57aa9c4c uqmi: redirect uqmi commands output to /dev/null
Move uqmi std and error output on commands without using them to /dev/null.
This will remove useless outputs in the syslog.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2018-10-11 12:18:16 +02:00
Florian Eckert
692c6d9a5d uqmi: fix indenting
fix indenting

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2018-10-11 12:18:16 +02:00
Rafał Miłecki
92de28b751 bcm53xx: replace SPI revert with a fix sent upstream
Instead of reverting whole commit it's enough to just revert a single
line change. It seems the real problem with the regressing commit was a
bump of read chunk size. Switching back to 256 B chunks is enough to fix
the problem/regression.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-10-11 10:04:46 +02:00
John Crispin
d24bdaa794 procd: update to latest git HEAD
94944ab procd: Add cpu string to board detection

Signed-off-by: John Crispin <john@phrozen.org>
2018-10-11 08:42:52 +02:00
John Crispin
3e8ef61c01 package/: fix $(PROJECT_GIT) usage
Signed-off-by: John Crispin <john@phrozen.org>
2018-10-11 08:42:52 +02:00
Rosen Penev
82d272efed procd: Install hotplug files as 600
procd runs as root, so it only makes sense that its files are restricted.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-10-11 08:06:43 +02:00
Rosen Penev
4572d996a4 linux-atm: Install hotplug file as 600
The hotplug files is only used by procd, which runs as root.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-10-11 08:06:35 +02:00
Rosen Penev
c7144ec688 comgt: Install hotplug and netifd files as 600
procd and netifd both run as root. These files are not used elsewhere.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-10-11 08:06:28 +02:00
Rosen Penev
f5ddbd695b samba36: Install several config files as 600
Hotplug is managed by procd, which runs as root. The other files are used
by root as well.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-10-11 08:06:18 +02:00
Rosen Penev
745c3acd64 soloscli: Install hotplug file as 600
Hotplug is managed by procd, which runs as root.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-10-11 08:06:09 +02:00
Rosen Penev
49065d227a firewall: Install config files as 600
None of the files in firewall are used by non-root.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-10-11 08:05:41 +02:00
Magnus Kroken
ba826ce4e7 mpc85xx: remove kernel 4.9 support
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2018-10-11 08:04:10 +02:00
Magnus Kroken
650806d83a mpc85xx: switch to kernel 4.14
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2018-10-11 08:04:02 +02:00
Magnus Kroken
c83c180489 mpc85xx: add kernel 4.14 support
Based on patches previously submitted by Achim Gottinger:
http://lists.infradead.org/pipermail/openwrt-devel/2018-June/012719.html

Tested on TP-Link TL-WDR4900 v1.

Signed-off-by: Magnus Kroken <mkroken@gmail.com>
2018-10-11 08:03:56 +02:00
Koen Vandeputte
f4b7dfcc4b netfilter: add missing dependency for kernel 4.14
Since kernel 4.14.75 commit ("netfilter: xt_cluster: add dependency on conntrack module")
a dependency is required on kmod-nf-conntrack.

It seems this was already present for kmod-ipt-clusterip
but not yet for kmod-ipt-cluster

Add it fixing a build error when including kmod-ipt-cluster:

Package kmod-ipt-cluster is missing dependencies for the following libraries:
nf_conntrack.ko
modules/netfilter.mk:665: recipe for target '/mnt/ramdisk/koen/firmware/builds/openwrt/bin/targets/cns3xxx/generic/packages/kmod-ipt-cluster_4.14.75-1_arm_mpcore_vfp.ipk' failed
make[3]: *** [/mnt/ramdisk/koen/firmware/builds/openwrt/bin/targets/cns3xxx/generic/packages/kmod-ipt-cluster_4.14.75-1_arm_mpcore_vfp.ipk] Error 1
make[3]: Leaving directory '/mnt/ramdisk/koen/firmware/builds/openwrt/package/kernel/linux'
Command exited with non-zero status 2
time: package/kernel/linux/compile#1.80#0.05#2.07
package/Makefile:107: recipe for target 'package/kernel/linux/compile' failed
make[2]: *** [package/kernel/linux/compile] Error 2
make[2]: Leaving directory '/mnt/ramdisk/koen/firmware/builds/openwrt'
package/Makefile:103: recipe for target '/mnt/ramdisk/koen/firmware/builds/openwrt/staging_dir/target-arm_mpcore+vfp_musl_eabi/stamp/.package_compile' failed
make[1]: *** [/mnt/ramdisk/koen/firmware/builds/openwrt/staging_dir/target-arm_mpcore+vfp_musl_eabi/stamp/.package_compile] Error 2
make[1]: Leaving directory '/mnt/ramdisk/koen/firmware/builds/openwrt'
/mnt/ramdisk/koen/firmware/builds/openwrt/include/toplevel.mk:216: recipe for target 'world' failed
make: *** [world] Error 2

Fixes: f983956a8b ("kernel: bump 4.14 to 4.14.75")
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>

[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v4.14.75&id=b969656b46626a674232c0eadf92a394b89df07c
2018-10-10 17:33:04 +02:00
Koen Vandeputte
13f283198e ar71xx: remove linux 4.9 support
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-10-10 15:12:01 +02:00
Koen Vandeputte
77d004de6d ar71xx: switch to kernel 4.14
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-10-10 14:45:11 +02:00
Koen Vandeputte
f983956a8b kernel: bump 4.14 to 4.14.75
Refreshed all patches.

Compile-tested on: ar71xx, cns3xxx, imx6
Runtime-tested on: ar71xx, cns3xxx, imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-10-10 14:45:11 +02:00
Koen Vandeputte
571fe28464 kernel: bump 4.9 to 4.9.132
Refreshed all patches.

Compile-tested on: ar71xx
Runtime-tested on: ar71xx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-10-10 14:45:11 +02:00
Felix Fietkau
212aa33226 kernel: enable memory compaction
Compaction is the only memory management component to form high order (larger
physically contiguous) memory blocks reliably. The page allocator relies on
compaction heavily and the lack of the feature can lead to unexpected OOM
killer invocations for high order memory requests. You shouldn't disable this
option unless there really is a strong reason for it.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Michal Hrusecky <michal.hrusecky@nic.cz>
2018-10-09 14:29:55 +02:00
Felix Fietkau
567fe53230 mt76: fix typo in kmod-mt76x0u package description
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-10-09 14:16:03 +02:00
Felix Fietkau
1e8882585c kernel: support gcc-optimized inlining on all architectures
Optimized inlining was disabled by default when gcc 4 was still
relatively new. By now, all gcc versions handle this well and there
seems to be no real reason to keep it x86-only.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-10-09 14:15:53 +02:00
Kevin Darbyshire-Bryant
a45f4f50e1 dnsmasq: add dhcp-ignore-names support - CERT VU#598349
dnsmasq v2.80test8 adds the ability to ignore dhcp client's requests for
specific hostnames.  Clients claiming certain hostnames and thus
claiming DNS namespace represent a potential security risk. e.g. a
malicious host could claim 'wpad' for itself and redirect other web
client requests to it for nefarious purpose. See CERT VU#598349 for more
details.

Some Samsung TVs are claiming the hostname 'localhost', it is believed
not (yet) for nefarious purposes.

/usr/share/dnsmasq/dhcpbogushostname.conf contains a list of hostnames
in correct syntax to be excluded. e.g.

dhcp-name-match=set:dhcp_bogus_hostname,localhost

Inclusion of this file is controlled by uci option dhcpbogushostname
which is enabled by default.

To be absolutely clear, DHCP leases to these requesting hosts are still
permitted, but they do NOT get to claim ownership of the hostname
itself and hence put into DNS for other hosts to be confused/manipulate by.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-10-09 09:45:16 +01:00
Kevin Darbyshire-Bryant
3925298f3c wireguard: bump to 0.0.20181007
64750c1 version: bump snapshot
f11a2b8 global: style nits
4b34b6a crypto: clean up remaining .h->.c
06d9fc8 allowedips: document additional nobs
c32b5f9 makefile: do more generic wildcard so as to avoid rename issues
20f48d8 crypto: use BIT(i) & bitmap instead of (bitmap >> i) & 1
b6e09f6 crypto: disable broken implementations in selftests
fd50f77 compat: clang cannot handle __builtin_constant_p
bddaca7 compat: make asm/simd.h conditional on its existence
b4ba33e compat: account for ancient ARM assembler

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-10-09 09:11:58 +01:00
Hans Dedecker
16c712501c e2fsprogs: fix glibc compile issue (FS#1749,FS#1796)
Fixes the following build error:

.../toolchain-i386_pentium4_gcc-7.3.0_glibc/lib/gcc/i486-openwrt-linux-gnu/7.3.0/../../../../i486-openwrt-linux-gnu/bin/ld: ../lib/libcom_err.so: undefined reference to `sem_post’
.../toolchain-i386_pentium4_gcc-7.3.0_glibc/lib/gcc/i486-openwrt-linux-gnu/7.3.0/../../../../i486-openwrt-linux-gnu/bin/ld: ../lib/libcom_err.so: undefined reference to `sem_wait'
.../toolchain-i386_pentium4_gcc-7.3.0_glibc/lib/gcc/i486-openwrt-linux-gnu/7.3.0/../../../../i486-openwrt-linux-gnu/bin/ld: ../lib/libcom_err.so: undefined reference to `sem_init’
.../toolchain-i386_pentium4_gcc-7.3.0_glibc/lib/gcc/i486-openwrt-linux-gnu/7.3.0/../../../../i486-openwrt-linux-gnu/bin/ld: ../lib/libcom_err.so: undefined reference to `sem_destroy’

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-10-08 17:24:23 +02:00
Stijn Tintel
b134b3299c Revert "kernel: add a RPS balancer"
This reverts commit 7af1fb9faa.

With the RPS balancer patch, both my APU2s are crashing, sometimes just
after a few minutes of uptime.

[ 6241.170132] BUG: unable to handle kernel paging request at ffffffffa20a75a8
[ 6241.177248] IP: get_rps_cpu+0x41c/0x440
[ 6241.181140] PGD 2012067 P4D 2012067 PUD 2013063 PMD 0
[ 6241.186370] Oops: 0000 [#1] SMP NOPTI
[ 6241.190080] Modules linked in: pppoe ppp_async pptp pppox ppp_mppe ppp_generic nf_nat_pptp nf_flow_table_ipv6 nf_flow_table_ipv4 nf_flow_table_inet nf_conntrack_pptp lzo iptable_nat ipt_REJECT ipt_MASQUERADE ftdi_sio xt_time xt_tcpudp xt_tcpmss xt_string xt_statistic xt_state xt_recent xt_quota xt_policy xt_pkttype xt_owner xt_nat xt_multiport xt_mark xt_mac xt_limit xt_length xt_hl xt_helper xt_esp xt_ecn xt_dscp xt_conntrack xt_connmark xt_connlimit xt_connbytes xt_comment xt_bpf xt_addrtype xt_TCPMSS xt_REDIRECT xt_NFQUEUE xt_LOG xt_HL xt_FLOWOFFLOAD xt_DSCP xt_CT xt_CLASSIFY wireguard usbserial ts_fsm ts_bm spidev slhc rfcomm nft_set_rbtree nft_set_hash nft_reject_ipv6 nft_reject_ipv4 nft_reject_inet nft_reject nft_redir_ipv4 nft_redir nft_quota nft_numgen nft_nat nft_meta nft_masq_ipv4 nft_masq
[ 6241.261735]  nft_log nft_limit nft_flow_offload nft_exthdr nft_ct nft_counter nft_chain_route_ipv6 nft_chain_route_ipv4 nft_chain_nat_ipv4 nfnetlink_queue nf_tables_ipv6 nf_tables_ipv4 nf_tables_inet nf_tables nf_reject_ipv4 nf_nat_tftp nf_nat_snmp_basic nf_nat_sip nf_nat_redirect nf_nat_proto_gre nf_nat_masquerade_ipv6 nf_nat_masquerade_ipv4 nf_nat_irc nf_conntrack_ipv6 nf_nat_ipv6 nf_conntrack_ipv4 nf_nat_ipv4 nf_nat_h323 nf_nat_ftp nf_nat_amanda nf_nat nf_log_ipv4 nf_flow_table_hw nf_flow_table nf_defrag_ipv6 nf_defrag_ipv4 nf_conntrack_tftp nf_conntrack_snmp nf_conntrack_sip nf_conntrack_rtcache nf_conntrack_proto_gre nf_conntrack_netlink nf_conntrack_irc nf_conntrack_h323 nf_conntrack_ftp nf_conntrack_broadcast ts_kmp nf_conntrack_amanda macvlan lzo_decompress lzo_compress libcrc32c kvm irqbypass
[ 6241.333427]  iptable_raw iptable_mangle iptable_filter ipt_ah ipt_ECN ip_tables hidp hci_uart crc_ccitt cdc_acm btusb btintel br_netfilter bnep bluetooth sch_cake tcp_bbr sch_teql em_nbyte sch_codel sch_prio sch_pie act_ipt em_meta sch_gred sch_dsmark cls_basic em_cmp em_text act_police sch_sfq sch_fq sch_multiq sch_red act_connmark nf_conntrack act_skbedit act_mirred em_u32 cls_u32 cls_tcindex cls_flow cls_route cls_fw sch_tbf sch_htb sch_hfsc sch_ingress configs evdev i2c_piix4 kfifo_buf industrialio i2c_dev xt_set ip_set_list_set ip_set_hash_netiface ip_set_hash_netport ip_set_hash_netnet ip_set_hash_net ip_set_hash_netportnet ip_set_hash_mac ip_set_hash_ipportnet ip_set_hash_ipportip ip_set_hash_ipport ip_set_hash_ipmark ip_set_hash_ip ip_set_bitmap_port ip_set_bitmap_ipmac ip_set_bitmap_ip ip_set
[ 6241.405252]  nfnetlink ip6t_REJECT nf_reject_ipv6 nf_log_ipv6 nf_log_common ip6table_mangle ip6table_filter ip6_tables x_tables ip_gre gre igb i2c_algo_bit ifb ip6_vti ip_vti sit l2tp_netlink l2tp_core ipcomp6 xfrm6_tunnel xfrm6_mode_tunnel xfrm6_mode_transport xfrm6_mode_beet esp6 ah6 ipcomp xfrm4_tunnel xfrm4_mode_tunnel xfrm4_mode_transport xfrm4_mode_beet esp4 ah4 ip6_tunnel tunnel6 tunnel4 ip_tunnel veth snd_compress snd_pcm_oss snd_mixer_oss snd_pcm snd_timer snd_rawmidi snd_seq_device snd_hwdep snd soundcore mpls_gso mpls_iptunnel mpls_router af_key xfrm_user xfrm_ipcomp xfrm_algo br2684 atm regmap_mmio vxlan udp_tunnel ip6_udp_tunnel ecdh_generic sha512_ssse3 sha512_generic sha256_ssse3 sha1_ssse3 seqiv jitterentropy_rng drbg md5 kpp ccp_crypto rsa_generic mpi asn1_decoder akcipher ccp sha256_generic
[ 6241.477726]  sha1_generic hmac ghash_generic gcm echainiv des_generic deflate zlib_deflate ctr cmac ccm cbc authenc crypto_acompress sdhci_pltfm pf_ring sp5100_tco leds_apu2 gpio_nct5104d button_hotplug ptp pps_core
[ 6241.497122] CPU: 3 PID: 0 Comm: swapper/3 Not tainted 4.14.73 #0
[ 6241.503198] Hardware name: PC Engines apu2/apu2, BIOS v4.8.0.2 20180705
[ 6241.509858] task: ffff88012a0d8000 task.stack: ffffc90000070000
[ 6241.515841] RIP: 0010:get_rps_cpu+0x41c/0x440
[ 6241.520246] RSP: 0018:ffff88012ed83db0 EFLAGS: 00010286
[ 6241.525511] RAX: 00000000ffffffff RBX: 0000000000011ae8 RCX: 0000000000000001
[ 6241.532737] RDX: 00000000ffffffff RSI: ffff88012a0d8788 RDI: 0000000000000282
[ 6241.539956] RBP: ffff88012ed83e00 R08: 0000000000000001 R09: 0000000000000000
[ 6241.547183] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff82dae2e0
[ 6241.554403] R13: ffff880124de4480 R14: 0000000000000000 R15: ffff880128120000
[ 6241.561625] FS:  0000000000000000(0000) GS:ffff88012ed80000(0000) knlGS:0000000000000000
[ 6241.569820] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 6241.575651] CR2: ffffffffa20a75a8 CR3: 00000001251da000 CR4: 00000000000406e0
[ 6241.582830] Call Trace:
[ 6241.585322]  <IRQ>
[ 6241.587372]  ? lock_acquire+0x59/0x80
[ 6241.591102]  netif_receive_skb_internal+0x1e4/0x2d0
[ 6241.596037]  napi_gro_receive+0x48/0x90
[ 6241.599948]  igb_alloc_rx_buffers+0xc97/0x1b60 [igb]
[ 6241.604981]  ? note_gp_changes+0x76/0xc0
[ 6241.608963]  net_rx_action+0x10c/0x280
[ 6241.612752]  __do_softirq+0xf0/0x22d
[ 6241.616375]  irq_exit+0x5e/0xa0
[ 6241.619573]  do_IRQ+0xee/0x110
[ 6241.622682]  common_interrupt+0x8b/0x8b
[ 6241.626556]  </IRQ>
[ 6241.628699] RIP: 0010:native_safe_halt+0x6/0x10
[ 6241.633260] RSP: 0018:ffffc90000073e10 EFLAGS: 00000202 ORIG_RAX: ffffffffffffff3d
[ 6241.640910] RAX: ffff88012a0d8000 RBX: ffff88012a190c00 RCX: 0000000000000000
[ 6241.648110] RDX: ffff88012a0d8000 RSI: 0000000000000001 RDI: ffff88012a0d8000
[ 6241.655354] RBP: ffffc90000073e10 R08: 0000000000000006 R09: 0000000000000000
[ 6241.662554] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88012a190c64
[ 6241.669791] R13: 0000000000000001 R14: 0000000000000001 R15: 0000000000000001
[ 6241.676986]  acpi_safe_halt.part.9+0xe/0x20
[ 6241.681226]  acpi_idle_do_entry+0x2c/0x40
[ 6241.685325]  acpi_idle_enter+0x1ee/0x2b0
[ 6241.689298]  ? sched_clock+0x9/0x10
[ 6241.692839]  cpuidle_enter_state+0x1f2/0x230
[ 6241.697162]  cpuidle_enter+0x12/0x20
[ 6241.700803]  call_cpuidle+0x38/0x40
[ 6241.704335]  do_idle+0xed/0x160
[ 6241.707557]  cpu_startup_entry+0x6e/0x70
[ 6241.711557]  start_secondary+0x1b4/0x1d0
[ 6241.715536]  secondary_startup_64+0xa5/0xb0
[ 6241.719777] Code: d4 48 8d 04 9b 48 8b 35 53 a7 ac 00 48 8d 1c 43 48 83 c6 64 48 c1 e3 03 48 8d bb e8 e2 da 82 e8 cb a9 ba ff 41 8b 14 1c 48 89 d0 <48> 0f a3 15 dc dc b6 00 0f 83 46 fc ff ff 48 83 c4 28 5b 41 5c
[ 6241.739100] RIP: get_rps_cpu+0x41c/0x440 RSP: ffff88012ed83db0
[ 6241.744993] CR2: ffffffffa20a75a8
[ 6241.748373] ---[ end trace 77367d9f9830d5bc ]---

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-10-08 11:03:23 +03:00
Julian Haupt
0308385d1d sunxi: add support for Orange Pi Zero
Signed-off-by: Julian Haupt <julian.haupt@hauptmedia.de>
2018-10-07 22:16:10 +02:00
Hauke Mehrtens
5933958168 image: ignore usign build errors
The tl-wa850re-v2 images from the ar71xx/tiny target are getting too big
with the default packages. The size check is done before the meta data
is added so there is no file to add meta data to or to sign. Originally
errors in Build/append-metadata were getting ignored, but if the signing
fails the error is not ignored.
This adds a check if the file to be signed is there and only does the
signing if it is there. This way it does not fail if the package
creation was already aborted earlier.

Fixes: 848b455d2e ("image: use ucert to append signature")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-10-07 22:14:35 +02:00
Rosy Song
0fa1dd71cc fstools: filter unknown action in mount.hotplug script
Signed-off-by: Rosy Song <rosysong@rosinson.com>
2018-10-07 21:34:13 +02:00
Hans Dedecker
ec9576607d busybox: fix IPv6 dependency
Commit 9f0cb135dd made BUSYBOX_CONFIG_FEATURE_IPV6 dependant on IPV6 but
did not make its default value BUSYBOX_DEFAULT_FEATURE_IPV6 dependant
on IPV6. BUSYBOX_DEFAULT_FEATURE_IPV6 will have as default value y if
IPV6 is enabled otherwise n.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-10-07 20:46:51 +02:00
Kevin Darbyshire-Bryant
30cc5b0bf4 dnsmasq: bump to v2.80test8
e1791f3 Fix logging of DNSSEC queries in TCP mode. Destination server address was misleading.
0fdf3c1 Fix dhcp-match-name to match hostname, not complete FQDN.
ee1df06 Tweak strategy for confirming SLAAC addresses.
1e87eba Clarify manpage for --auth-sec-servers
0893347 Make interface spec optional in --auth-server.
7cbf497 Example config file fix for CERT Vulnerability VU#598349.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-10-07 16:42:12 +01:00
Hans Dedecker
329f2d5457 nghttp2: bump to 1.34.0
2b085815 (tag: v1.34.0) Update manual pages
986fa302 Bump up version number to 1.34.0, LT revision to 31:1:17
7c8cb3a0 nghttpx: Improve CONNECT response status handling
334c439c Fix bug that regular CONNECT does not work
6700626c Rule out content-length in the successful response to CONNECT
15162add Update manual pages
93270777 Merge pull request #1235 from nghttp2/backend-conn-timeout
aeb92bbb nghttpx: Add read/write-timeout parameters to backend option
fc7489e0 nghttpx: Fix mruby parameter validation
87ac872f nghttpx: Update doc
c278adde nghttpx: Log error when mruby file cannot be opened
f94d7209 Merge pull request #1234 from nghttp2/nghttpx-rfc8441
9b9baa6b Update doc
02566ee3 nghttpx: Update doc
3002f31b src: Add debug output for SETTINGS_ENABLE_CONNECT_PROTOCOL
d2a594a7 nghttpx: Implement RFC 8441 Bootstrapping WebSocket with HTTP/2
651e1477 Allow client sending :protocol optimistically
a42faf1c nghttpx: Write TLS alert during handshake
4aac05e1 Merge pull request #1231 from nghttp2/ws-lib-only
b80dfaa8 Adjustment for RFC 8441
a19d8f5d Deal with :protocol pseudo header
33f6e90a Add NGHTTP2_TOKEN__PROTOCOL
ed7fabcb Add SETTINGS_ENABLE_CONNECT_PROTOCOL
8753b6da Update doc
f2de733b Update neverbleed to fix OpenSSL 1.1.1 issues
88ff8c69 Update mruby 1.4.1
a63558a1 nghttpx: Call OCSP_response_get1_basic only when OCSP status is successful
3575a132 nghttpx: Fix crash with plain text HTTP
e2de2fee Update bash_completion
9f415979 Update manual pages
4bfc0cd1 Merge pull request #1230 from nghttp2/nghttpx-faster-logging
9c824b87 nghttpx: Get rid of std::stringstream from Log
a1ea1696 Make VALID_HD_NAME_CHARS and VALID_HD_VALUE_CHARS const qualified
dfc0f248 Make static_table const qualified
ed7c9db2 nghttpx: Add mruby env.tls_handshake_finished
5b42815a nghttpx: Strip incoming Early-Data header field by default
cfe7fa9a nghttpx: Add --tls13-ciphers and --tls-client-ciphers options
cb8a9d58 src: Remove TLSv1.3 ciphers from DEFAULT_CIPHER_LIST
023b9448 Merge branch 'tls13-early-data'
9b03c64f nghttpx: Should postpone early data by default
b8eccec6 nghttpx: Disable OpenSSL anti-replay
9f212587 Specify SSL_CTX_set_max_early_data and add an option to change max value
47f60124 nghttpx: Add an option to postpone early data processing
770e44de Implement draft-ietf-httpbis-replay-02
2ab319c1 Don't hide error code from openssl
39923024 Remove SSL_ERROR_WANT_WRITE handling
b30f312a Honor SSL_read semantics
c5cdb78a nghttpx: Add TLSv1.3 0-RTT early data support
f79a5812 Bump up version number to 1.34.0

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-10-07 17:39:05 +02:00