Commit graph

41718 commits

Author SHA1 Message Date
Tony Ambardar
73d8a6ab76 base-files: fix UCI config parsing and callback handling
There are several long-standing issues present in the UCI shell API as
documented in https://wiki.openwrt.org/doc/devel/config-scripting. They
relate both to high-level, user-defined callback functions used to
process UCI config files, and also to low-level functions used within
scripts generally.

The related problems have been encountered now and in the past, e.g.
https://forum.openwrt.org/viewtopic.php?id=54295, and include:

a) UCI parsing option() function and user-defined option_cb() callbacks
being erroneously called during processing of "list" config file entries;

b) normal usage of the low-level config_set() unexpectedy calling any
defined option_cb() if present; and

c) handling of the list_cb() not respecting the NO_CALLBACK variable.

Root causes include a function stack "inversion", where the low-level
config_set() function incorrectly calls the high-level option() function,
intended only for processing the "option" keyword of UCI config files.

This change addresses the inversion and other issues, making the option
handling code more consistent and smaller, and simplifying developers'
usage of UCI callbacks.

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
2018-06-06 15:00:08 +02:00
Stijn Tintel
e52f3e9b13 kernel: bump 4.14 to 4.14.48
Remove upstreamed patches:
generic/pending/101-clocksource-mips-gic-timer-fix-clocksource-counter-w.patch
generic/pending/103-MIPS-c-r4k-fix-data-corruption-related-to-cache-coherence.patch
generic/pending/182-net-qmi_wwan-add-BroadMobi-BM806U-2020-2033.patch
lantiq/0025-MIPS-lantiq-gphy-Remove-reboot-remove-reset-asserts.patch
Update patches that no longer apply:
generic/pending/811-pci_disable_usb_common_quirks.patch
ath79/0009-MIPS-ath79-add-lots-of-missing-registers.patch

Fixes CVE-2018-6412.

Compile-tested: octeon, x86/64.
Runtime-tested: octeon, x86/64.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-06-05 22:54:00 +03:00
Ted Hess
7590c3c58f scripts: Replace obsolete POSIX tmpnam in slugimage.pl with File::Temp function
Signed-off-by: Ted Hess <thess@kitschensync.net>
2018-06-05 10:07:42 -04:00
Daniel Golle
987900f2de hostapd: properly build hostapd-only SSL variants
Make sure hostapd-openssl is actually build against OpenSSL, same
for wolfSSL.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2018-06-05 15:33:35 +02:00
Daniel Golle
187da94808 kernel: modules: package module for Exar 8250 UARTs
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2018-06-05 15:27:36 +02:00
Felix Fietkau
2f3b1dddea kernel: backport patch to fix dst handling for offloaded connections
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-06-05 10:18:58 +02:00
Felix Fietkau
7d8681ccb9 hostapd: expose device taxonomy signature via ubus
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-06-05 09:28:04 +02:00
Felix Fietkau
23c1827e34 hostapd: add support for client taxonomy in the full config
This can be used to fingerprint clients to try to identify the exact
model

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-06-05 09:28:00 +02:00
Felix Fietkau
29e2f9ea5b gcc: remove support for version 6.3.0
It is obsoleted by gcc 7

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-06-05 09:27:33 +02:00
Felix Fietkau
09ef028e58 mt76: update to the latest version
20c0766 mt7603: adjust rx hang watchdog for MT7628
664e321 mt7603: add extra PSE hang check signature for MT7628
f24b56f update MT7628 firmware to the latest version
d87e4b0 mt7603: clear PSE reset bit if PSE reset fails
0ef26ef mt76: only stop tx queues on offchannel, not during the entire scan
f399da3 mt76: prevent tx scheduling during channel change
21c1e1e mt76: move ieee80211_hw allocation to common core
730c292 mt76: wait for pending tx to complete before switching channel
fcbb49e mt76x2: use udelay instead of usleep_range in mt76x2_mac_stop
792dbe0 mt7603: do not hold dev->mutex while flushing dev->mac_work

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-06-05 08:52:33 +02:00
Hans Dedecker
e4577d2e68 map: make tunnel encapsulation limit support configurable (FS#1501)
Be compatible with ISPs which don't support the destination option header containing
the tunnel encapsulation limit as reported in FS#1501.
Setting the uci parameter encaplimit to ignore; allows to disable the insertion
of the destination option header in the map-e packets.
Otherwise the tunnel encapsulation limit value can be set to a value from 0 till 255
by setting the encaplimit uci parameter accordingly.
If no encaplimit value is specified the default value is 4 as before.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-06-04 17:07:29 +02:00
Hans Dedecker
082cd951bb netifd: update to latest git HEAD (FS#1501)
a580028 system-linux: make encaplimit configurable for ip6 tunnels (FS#1501)

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-06-04 17:07:15 +02:00
Hans Dedecker
327c711da4 odhcp6c: make ds-lite/map tunnel encapsulation limit support configurable (FS#1501)
Be compatible with ISPs which don't support the destination option header containing
the tunnel encapsulation limit as reported in FS#1501 for dynamic created ds-lite/map
interfaces.
Setting the uci parameter encaplimit_dslite/map to ignore; allows to disable the insertion
of the destination option header for the dynamic created ds-lite/map interface.
Otherwise the tunnel encapsulation limit value can be set to a value from 0 till 255
by setting the encaplimit_dslite/map uci parameter accordingly.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-06-04 17:05:28 +02:00
Hans Dedecker
a3372953e9 ds-lite: make tunnel encapsulation limit support configurable (FS#1501)
Be compatible with ISPs which don't support the destination option header containing
the tunnel encapsulation limit as reported in FS#1501.
Setting the uci parameter encaplimit to ignore; allows to disable the insertion
of the destination option header in the ds-lite packets.
Otherwise the tunnel encapsulation limit value can be set to a value from 0 till 255
by setting the encaplimit uci parameter accordingly.
If no encaplimit value is specified the default value is 4 as before.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-06-04 17:04:45 +02:00
Michael Gray
4fdc6ca31b mvebu: fix broken console on WRT32X (venom)
The console bootarg is being corrupted on boot, causing various issues
including broken sysupgrade.
Utilising the bootargs mangle patch from other targets, hardcode the console
arguments and fetch the rootfs from the bootloader.

Kernel command line: console=ttyS0,115200 root=/dev/mtdblock8

Bootloader command line (ignored): console= root=/dev/mtdblock8

Please cherry pick to 18.06 too

Signed-off-by: Michael Gray <michael.gray@lantisproject.com>
2018-06-01 21:01:03 +02:00
Daniel Golle
dcc34574ef oxnas: bring in new oxnas target
Reboot the oxnas target based on Linux 4.14 by rebasing our support on
top of the now-existing upstream kernel support.
This commit brings oxnas support to the level of v4.17 having upstream
drivers for Ethernet, Serial and NAND flash.
Botch up OpenWrt's local drivers for EHCI, SATA and PCIe based on the
new platform code and device-tree.
Re-introduce base-files from old oxnas target which works for now but
needs further clean-up towards generic board support.

Functional issues:
 * PCIe won't come up (hence no USB3 on Shuttle KD20)
 * I2C bus of Akitio myCloud device is likely not to work (missing
   debounce support in new pinctrl driver)

Code-style issues:
 * plla/pllb needs further cleanup -- currently their users or writing
   into the syscon regmap after acquireling the clk instead of using
   defined clk_*_*() functions to setup multipliers and dividors.
 * PCIe phy needs its own little driver.
 * SATA driver is a monster and should be split into an mfd having
   a raidctrl regmap, sata controller, sata ports and sata phy.

Tested on MitraStar STG-212 aka. Medion Akoya MD86xxx and Shuttle KD20.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2018-06-01 15:45:06 +02:00
Daniel Golle
d44b7b7d31 uboot-oxnas: fix build with newer GCC
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2018-06-01 15:45:06 +02:00
Daniel Golle
17511a7ea8 oxnas: kill old oxnas target
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2018-06-01 15:45:06 +02:00
Ivan Shapovalov
91b5b2e20d netifd: drop conflicting 'device' interface property
Do not set device runtime property on interfaces in the hotplug handler
and in fixup_interfaces(). This property conflicts with device option
in several proto handlers (mainly QMI and other WWAN/3G protos) and does
not seem to be used anywhere.

Signed-off-by: Ivan Shapovalov <intelfx@intelfx.name>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
2018-06-01 15:02:41 +02:00
Hans Dedecker
0777a3e773 kernel: re-add export ipv6_push_frag_opts for tunneling now patch
The patch got removed by commit 7dca1bae82 (kernel: bump to 4.9.105)
but is still required as ipv6_push_frag_opts needs to be exported.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-06-01 14:08:42 +02:00
John Crispin
7197744cd6 Revert "ramips: Move PCI driver to files directory"
This reverts commit a098a78a33.

Signed-off-by: John Crispin <john@phrozen.org>
2018-06-01 11:42:20 +02:00
John Crispin
69929dac89 Revert "ramips: Remove redundant owner assignment"
This reverts commit 2ad4daf579.

Signed-off-by: John Crispin <john@phrozen.org>
2018-06-01 11:42:14 +02:00
John Crispin
64878a5616 Revert "ramips: improve interrupt mapping"
This reverts commit 5f7396ebef.

Signed-off-by: John Crispin <john@phrozen.org>
2018-06-01 11:42:11 +02:00
John Crispin
7577f32c8a Revert "ramips: remove conditional compilation."
This reverts commit 1f78625714.

Signed-off-by: John Crispin <john@phrozen.org>
2018-06-01 11:42:09 +02:00
John Crispin
b8569427eb Revert "ramips: remove unnecessary resource details."
This reverts commit edea934799.

Signed-off-by: John Crispin <john@phrozen.org>
2018-06-01 11:42:07 +02:00
John Crispin
784943e3f2 Revert "ramips: pci: sync with staging driver"
This reverts commit e07baec9fa.

Signed-off-by: John Crispin <john@phrozen.org>
2018-06-01 11:42:05 +02:00
John Crispin
8a570921b5 Revert "ramips: Add back some non-mt7621 code that staging removed"
This reverts commit 048e41f649.

Signed-off-by: John Crispin <john@phrozen.org>
2018-06-01 11:42:03 +02:00
John Crispin
1d3c286381 Revert "ramips: Fix WiFi after 5f7396ebef09b224edf08b0bda113613a42f0928"
This reverts commit 02f815d190.

Signed-off-by: John Crispin <john@phrozen.org>
2018-06-01 11:41:51 +02:00
Kevin Darbyshire-Bryant
1ee5051f20 nettle: bump to 3.4
3.4 is mainly a bug fix/maintenance release.

3KB increase in ipk lib size on mips.

Compile tested for: ar71xx, ramips
Run tested on: ar71xx Archer C7 v2, ramips mir3g

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-06-01 08:39:59 +02:00
Mirko Parthey
46d7ced9d1 mtd: mark as nonshared to fix FS#484
The mtd tool is built with different configurations depending on the
target. For example, brcm47xx adds the fixtrx subcommand, without which
an image fails when booting the second time.

Mark the mtd package as nonshared to really fix FS#484.

Signed-off-by: Mirko Parthey <mirko.parthey@web.de>
2018-06-01 08:29:11 +02:00
Kevin Darbyshire-Bryant
7dca1bae82 kernel: bump to 4.9.105
Refresh patches.

Drop patches that have been upstreamed:
target/linux/ar71xx/patches-4.9/106-01-MIPS-ath79-fix-AR724X_PLL_REG_PCIE_CONFIG-offset.patch
target/linux/generic/backport-4.9/095-v4.12-ipv6-Need-to-export-ipv6_push_frag_opts-for-tunnelin.patch
target/linux/generic/pending-4.9/180-net-phy-at803x-add-support-for-AT8032.patch
target/linux/generic/pending-4.9/181-net-usb-add-lte-modem-wistron-neweb-d18q1.patch
target/linux/generic/pending-4.9/182-net-qmi_wwan-add-BroadMobi-BM806U-2020-2033.patch

Compile & run tested: ar71xx Archer C7 v2

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-06-01 08:25:14 +02:00
Alex Maclean
5b0c899bfd ath79: correct wmac names in dts
Signed-off-by: Alex Maclean <monkeh@monkeh.net>
2018-06-01 08:23:47 +02:00
Alex Maclean
ba5b6c619b ath79: add TP-Link TL-WR703N port
Signed-off-by: Alex Maclean <monkeh@monkeh.net>
2018-06-01 08:23:28 +02:00
Alex Maclean
d215d0f9ae ath79: add TP-Link TL-WR740N/ND v2 port
Signed-off-by: Alex Maclean <monkeh@monkeh.net>
2018-06-01 08:23:14 +02:00
Alex Maclean
fab3254b32 ath79: add pinmux node to ar724x.dtsi
Signed-off-by: Alex Maclean <monkeh@monkeh.net>
2018-06-01 08:23:02 +02:00
Alex Maclean
34f874b872 ath79: add AR7240 dtsi
Signed-off-by: Alex Maclean <monkeh@monkeh.net>
2018-06-01 08:22:50 +02:00
Alex Maclean
fc8360aa16 ath79: add tiny subtarget
Signed-off-by: Alex Maclean <monkeh@monkeh.net>
2018-06-01 08:22:38 +02:00
Koen Vandeputte
e5ff84d1f0 ath10k-ct: Update driver to latest
127f98189ee5 ath10k:  Fix bad return w/out unlock, compile w/out debugfs
b8f48f3c138f Fix survey-dump for 4.7, 4.9 and 4.13 kernels.
fa8259ad5d6d ath10k-ct:  Support survey dump in 10.1 firmware.
2853e1337ecf ath10k-ct:  Add 4.16 ath10k-ct driver to package.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
CC: Ben Greear <greearb@candelatech.com>
2018-06-01 08:22:26 +02:00
John Crispin
c57c3f2c22 ath79: fix glinet ar150 lan/wan ordering
LAN and WAN were swapped

Signed-off-by: John Crispin <john@phrozen.org>
2018-06-01 08:21:47 +02:00
Daniel Golle
2087df1c6d Revert "kernel: backport export ipv6_push_frag_opts for tunneling now"
This reverts commit daa73b63d5.
The fix has already been imported by
commit b7735d8113 ("kernel: import follow-up fix for previous backport").
The patch won't apply twice.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2018-06-01 01:37:51 +02:00
Hans Dedecker
daa73b63d5 kernel: backport export ipv6_push_frag_opts for tunneling now
Patch is required on top of commit 6c81c27efa as ipv6_push_frag_opts needs to
be exported for usage in ip6_tunnel.c

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-05-31 18:29:42 +02:00
Jason A. Donenfeld
060e1ecefa wireguard: bump to 0.0.20180531 to fix flow offloading
This version bump was made upstream mostly for OpenWRT, and should fix
an issue with a null dst when on the flow offloading path.

While we're at it, Kevin and I are the only people actually taking care
of this package, so trim the maintainer list a bit.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2018-05-31 07:40:15 +02:00
Daniel Golle
b7735d8113 kernel: import follow-up fix for previous backport
Buildbots complaining made me wonder what's going on...
ERROR: "ipv6_push_frag_opts" [net/ipv6/ip6_tunnel.ko] undefined!

Fixes: 6c81c27efa ("kernel: backport fix for missing tunnel encapsulation limit option")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2018-05-31 02:25:59 +02:00
Daniel Golle
78f1974bc5 hostapd: update packaging and patches
Clean up conflicts/provides/depends hell and add PROVIDES for
eapol-test variants while at it.
Update mesh-DFS patchset from Peter Oh to v5 (with local fixes) which
allows to drop two revert-patches for upstream commits which previously
were necessary to un-break mesh-DFS support.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2018-05-31 00:38:16 +02:00
Daniel Golle
dad39249fb wolfssl: change defaults to cover wpa_supplicant needs
Implicetely selecting the required options via Kconfig snippet from
hostapd worked fine in local builds when using menuconfig but confused
the buildbots which (in phase1) may build wpad-mini and hence already
come with CONFIG_WPA_WOLFSSL being defined as unset which then won't
trigger changing the defaults of wolfssl.

Work around by explicitely reflecting wpa_supplicant's needs in
wolfssl's default settings to make buildbots happy.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2018-05-31 00:38:16 +02:00
Hans Dedecker
a70a0a529f toolchain/glibc: update to latest 2.26 commit
4df8479e6b Add NEWS entry for CVE-2018-11236
a5bc5ec967 Add references to CVE-2018-11236, CVE-2017-18269
58ad5f8a64 Add a test case for [BZ #23196]
6b4362f2cb Don't write beyond destination in __mempcpy_avx512_no_vzeroupper (bug 23196)

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-05-30 20:39:29 +02:00
Hans Dedecker
6c81c27efa kernel: backport fix for missing tunnel encapsulation limit option
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-05-30 12:16:24 +02:00
Rosen Penev
7a20c7a05d curl: Add ca-bundle dependency
While building, curl complains that the path specified is missing.
Also, without ca-bundle, something like 'curl https://www.google.com'
does not work due to a certificate verify error.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-05-30 06:38:19 +02:00
Rosen Penev
f97946c496 curl: Use ca-bundle for all TLS libraries.
It simplifies the Makefile a bit. In addition, using ca-bundle
saves some space as well.

It also fixes an issue with at least transmission, which has a dependency
on ca-bundle, but currently libcurl with OpenSSL or GnuTLS cause it not
to work.

This has been tested on mt7621 with OpenSSL and GnuTLS just by running
'curl https://www.google.com' and seeing if there's a verify error.
The rest are already using ca-bundle and therefore work fine.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Tested-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-05-30 06:38:06 +02:00
Rosen Penev
9685f39787 ramips: Use generic board detect for GnuBee devices
This is a port of an old commit from mkresin's tree:

09260cdf3e9332978c2a474a58e93a6f2b55f4a8

This has the potential to break sysupgrade but it should be fine as
there is no stable release of LEDE or OpenWrt that support these devices.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-05-30 06:36:02 +02:00